| systemd.sockets.<name>.wants | Start the specified units when this unit is started.
|
| systemd.targets.<name>.wants | Start the specified units when this unit is started.
|
| services.gitwatch.<name>.message | Optional text to use in as commit message; all occurrences of %d will be replaced by formatted date/time
|
| services.pgbackrest.repos.<name>.host | Repository host when operating remotely
|
| services.fedimintd.<name>.dataDir | Path to the data dir fedimintd will use to store its data
|
| services.rspamd.workers.<name>.bindSockets | List of sockets to listen, in format acceptable by rspamd
|
| services.tinc.networks.<name>.bindToAddress | The ip address to bind to (both listen on and send packets from).
|
| services.httpd.virtualHosts.<name>.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.dokuwiki.sites.<name>.phpOptions | Options for PHP's php.ini file for this dokuwiki site.
|
| services.tor.settings.V3AuthoritativeDirectory | See torrc manual.
|
| services.redis.servers.<name>.slowLogLogSlowerThan | Log queries whose execution take longer than X in milliseconds.
|
| services.openssh.settings.AuthorizedPrincipalsFile | Specifies a file that lists principal names that are accepted for certificate authentication
|
| services.crowdsec.settings.console.configuration | Attributes inside the console.yaml file.
|
| services.warpgate.settings.http.cookie_max_age | How long until logged in cookie expires.
|
| services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| services.ax25.axports.<name>.callsign | The callsign of the physical interface to bind to.
|
| services.grafana.provision.alerting.muteTimings.settings.deleteMuteTimes.*.orgId | Organization ID, default = 1.
|
| services.veilid.settings.core.network.dht.min_peer_count | Minimum number of nodes to keep in the peer table.
|
| services.pgbouncer.settings.pgbouncer.listen_port | Which port to listen on
|
| services.snipe-it.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.wyoming.piper.servers.<name>.noiseScale | Generator noise value.
|
| services.quickwit.settings.listen_address | Listen address of Quickwit.
|
| users.extraUsers.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| services.drupal.sites.<name>.virtualHost.listen.*.ssl | Whether to enable SSL (https) support.
|
| services.k3s.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.grafana.provision.alerting.templates.settings.apiVersion | Config file version.
|
| boot.initrd.systemd.users.<name>.shell | The path to the user's shell in initrd.
|
| boot.initrd.systemd.users.<name>.group | Group the user belongs to in initrd.
|
| services.dokuwiki.sites.<name>.usersFile | Location of the dokuwiki users file
|
| services.gitlab-runner.services.<name>.limit | Limit how many jobs can be handled concurrently by this service.
0 (default) simply means don't limit.
|
| services.grafana.settings.database.max_open_conn | The maximum number of open connections to the database.
|
| services.sanoid.datasets.<name>.monthly | Number of monthly snapshots.
|
| services.nebula.networks.<name>.package | The nebula package to use.
|
| services.errbot.instances.<name>.logLevel | Errbot log level
|
| services.httpd.virtualHosts.<name>.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.nginx.virtualHosts.<name>.extraConfig | These lines go to the end of the vhost verbatim.
|
| services.quicktun.<name>.protocol | Which protocol to use.
|
| services.buildkite-agents.<name>.tags | Tags for the agent.
|
| services.nylon.<name>.allowedIPRanges | Allowed client IP ranges are evaluated first, defaults to ARIN IPv4 private ranges:
[ "192.168.0.0/16" "127.0.0.0/8" "172.16.0.0/12" "10.0.0.0/8" ]
|
| systemd.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| security.pam.services.<name>.requireWheel | Whether to permit root access only to members of group wheel.
|
| services.restic.backups.<name>.command | Command to pass to --stdin-from-command
|
| services.wordpress.sites.<name>.fontsDir | This directory is used to download fonts from a remote location, e.g.
to host google fonts locally.
|
| services.prometheus.exporters.script.settings.scripts.*.timeout | Optional timeout for the script in seconds.
|
| services.biboumi.settings.xmpp_server_ip | The IP address to connect to the XMPP server on
|
| services.tlsrpt.reportd.settings.sender_address | Sender address used for reports.
|
| services.github-runners.<name>.package | The github-runner package to use.
|
| services.kea.dhcp-ddns.configFile | Kea DHCP-DDNS configuration as a path, see https://kea.readthedocs.io/en/kea-3.0.2/arm/ddns.html
|
| services.blockbook-frontend.<name>.certFile | To enable SSL, specify path to the name of certificate files without extension
|
| services.drupal.sites.<name>.virtualHost.listen.*.port | Port to listen on
|
| services.wyoming.piper.servers.<name>.noiseWidth | Phoneme width noise value.
|
| services.grafana.settings.security.cookie_secure | Set to true if you host Grafana behind HTTPS.
|
| services.grafana.settings.database.max_idle_conn | The maximum number of connections in the idle connection pool.
|
| services.nginx.virtualHosts.<name>.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.nginx.virtualHosts.<name>.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.netbird.clients.<name>.config | Additional configuration that exists before the first start and
later overrides the existing values in config.json
|
| services.netbird.tunnels.<name>.config | Additional configuration that exists before the first start and
later overrides the existing values in config.json
|
| systemd.user.timers.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| systemd.user.slices.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| systemd.user.units.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.user.paths.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.spiped.config.<name>.source | Address on which spiped should listen for incoming
connections
|
| services.automysqlbackup.settings | automysqlbackup configuration
|
| services.mailpit.instances.<name>.smtp | SMTP bind interface and port.
|
| services.rspamd.workers.<name>.includes | List of files to include in configuration
|
| services.tarsnap.archives.<name>.nodump | Exclude files with the nodump flag.
|
| services.syncoid.commands.<name>.extraArgs | Extra syncoid arguments for this command.
|
| services.wstunnel.servers.<name>.enable | Whether to enable this wstunnel instance.
|
| services.wstunnel.clients.<name>.enable | Whether to enable this wstunnel instance.
|
| services.quicktun.<name>.remoteFloat | Whether to allow the remote address and port to change when properly encrypted packets are received.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.type | The resource type
|
| services.grafana.provision.dashboards.settings.providers | List of dashboards to insert/update.
|
| services.kanidm.server.settings.online_backup.schedule | The schedule for backups in cron format.
|
| services.headscale.settings.dns.extra_records.*.value | DNS record value (IP address).
|
| systemd.user.services.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| services.redis.servers.<name>.masterAuth | If the master is password protected (using the requirePass configuration)
it is possible to tell the slave to authenticate before starting the replication synchronization
process, otherwise the master will refuse the slave request.
(STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.hostapd.radios.<name>.driver | The driver hostapd will use.
nl80211 is used with all Linux mac80211 drivers.
none is used if building a standalone RADIUS server that does
not control any wireless/wired driver
|
| services.nginx.virtualHosts.<name>.listen.*.port | Port number to listen on
|
| services.borgbackup.jobs.<name>.user | The user borg is run as
|
| security.pam.services.<name>.forwardXAuth | Whether X authentication keys should be passed from the
calling user to the target user (e.g. for
su)
|
| services.monica.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.matomo.nginx.locations.<name>.index | Adds index directive.
|
| services.monica.nginx.locations.<name>.index | Adds index directive.
|
| services.matomo.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.akkoma.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.gancio.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.fluidd.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.akkoma.nginx.locations.<name>.index | Adds index directive.
|
| services.gancio.nginx.locations.<name>.index | Adds index directive.
|
| services.fluidd.nginx.locations.<name>.index | Adds index directive.
|
| systemd.user.sockets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.targets.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.drupal.sites.<name>.virtualHost.sslServerKey | Path to server SSL certificate key.
|
| services.gitea.settings.service.DISABLE_REGISTRATION | By default any user can create an account on this gitea instance
|
| hardware.printers.ensurePrinters.*.name | Name of the printer / printer queue
|
| services.parsedmarc.settings.elasticsearch.ssl | Whether to use an encrypted SSL/TLS connection.
|
| services.firefox-syncserver.database.name | Database to use for storage
|
| users.users.<name>.packages | The set of packages that should be made available to the user
|
| services.drupal.sites.<name>.virtualHost.http2 | Whether to enable HTTP 2
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|