| services.davfs2.davUser | When invoked by root the mount.davfs daemon will run as this user
|
| services.pgpkeyserver-lite.hostname | Which hostname to set the vHost to that is proxying to sks.
|
| networking.wg-quick.interfaces.<name>.privateKeyFile | Private key file as generated by wg genkey.
|
| services.wiki-js.settings.db.db | Name of the database to use.
|
| boot.loader.systemd-boot.extraFiles | A set of files to be copied to $BOOT
|
| services.nscd.enable | Whether to enable the Name Service Cache Daemon
|
| networking.interfaces.<name>.virtualOwner | In case of a virtual device, the user who owns it.
null will not set owner, allowing access to any user.
|
| services.mail.sendmailSetuidWrapper.program | The name of the wrapper program
|
| services.shellhub-agent.preferredHostname | Set the device preferred hostname
|
| networking.wg-quick.interfaces.<name>.table | The kernel routing table to add this interface's
associated routes to
|
| users.users.<name>.openssh.authorizedPrincipals | A list of verbatim principal names that should be added to the user's
authorized principals.
|
| hardware.fw-fanctrl.config.strategies.<name>.speedCurve.*.speed | Percent how fast the fan should run at
|
| services.dnsdist.dnscrypt.providerName | The name that will be given to this DNSCrypt resolver.
The provider name must start with 2.dnscrypt-cert..
|
| systemd.shutdownRamfs.contents.<name>.dlopen.usePriority | Priority of dlopen ELF notes to include. "required" is
minimal, "recommended" includes "required", and
"suggested" includes "recommended"
|
| networking.vswitches.<name>.interfaces | The physical network interfaces connected by the vSwitch.
|
| system.nixos.codeName | The NixOS release code name (e.g. Emu).
|
| services.grav.virtualHost | Name of the nginx virtualhost to use and setup
|
| networking.bonds | This option allows you to define bond devices that aggregate multiple,
underlying networking interfaces together
|
| services.tlsrpt.collectd.settings.socketname | Path at which the UNIX socket will be created.
|
| containers.<name>.restartIfChanged | Whether the container should be restarted during a NixOS
configuration switch if its definition has changed.
|
| services.sympa.web.server | The webserver used for the Sympa web interface
|
| networking.wireguard.interfaces.<name>.type | The type of the interface
|
| containers.<name>.forwardPorts | List of forwarded ports from host to container
|
| services.strongswan-swanctl.swanctl.connections.<name>.over_time | Hard IKE_SA lifetime if rekey/reauth does not complete, as time
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.mode | The file access mode to use when creating this file or directory.
|
| services.freshrss.webserver | Whether to use nginx or caddy for virtual host management
|
| services.dokuwiki.webserver | Whether to use nginx or caddy for virtual host management
|
| containers.<name>.allowedDevices.*.node | Path to device node
|
| systemd.network.networks.<name>.networkEmulatorConfig | Each attribute in this set specifies an option in the
[NetworkEmulator] section of the unit
|
| services.kapacitor.defaultDatabase.username | The username to connect to the remote InfluxDB server
|
| containers.<name>.interfaces | The list of interfaces to be moved into the container.
|
| programs.ssh.knownHosts | The set of system-wide known SSH hosts
|
| services.icingaweb2.libraryPaths | Libraries to add to the Icingaweb2 library path
|
| services.strongswan-swanctl.swanctl.connections.<name>.aggressive | Enables Aggressive Mode instead of Main Mode with Identity
Protection
|
| services.selfoss.pool | Name of existing phpfpm pool that is used to run web-application
|
| networking.wireguard.interfaces.<name>.peers | Peers linked to the interface.
|
| containers.<name>.localAddress | The IPv4 address assigned to the interface in the container
|
| services.prometheus.scrapeConfigs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.mastodon.smtp.user | SMTP login name.
|
| services.dawarich.smtp.user | SMTP login name.
|
| networking.wg-quick.interfaces.<name>.extraOptions | Extra options to append to the interface section
|
| services.dovecot2.user | Dovecot user name.
|
| networking.interfaces.<name>.ipv4.routes.*.address | IPv4 address of the network.
|
| networking.interfaces.<name>.ipv6.routes.*.address | IPv6 address of the network.
|
| services.strongswan-swanctl.swanctl.connections.<name>.unique | Connection uniqueness policy to enforce
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.path | Unix domain socket path to bind this listener to.
|
| services.librenms.group | Name of the LibreNMS group.
|
| services.suricata.settings.logging.outputs.file.filename | Filename of the logfile.
|
| networking.interfaces.<name>.wakeOnLan.policy | The Wake-on-LAN policy
to set for the device
|
| networking.wg-quick.interfaces.<name>.privateKey | Base64 private key generated by wg genkey
|
| programs.uwsm.waylandCompositors.<name>.binPath | The wayland-compositor binary path that will be called by UWSM
|
| services.pretix.nginx.domain | The domain name under which to set up the virtual host.
|
| systemd.network.networks.<name>.quickFairQueueingConfigClass | Each attribute in this set specifies an option in the
[QuickFairQueueingClass] section of the unit
|
| virtualisation.fileSystems.<name>.noCheck | Disable running fsck on this filesystem.
|
| services.slurm.controlAddr | Name that ControlMachine should be referred to in establishing a
communications path.
|
| services.unbound.enable | Whether to enable Unbound domain name server.
|
| services.dnsdist.enable | Whether to enable dnsdist domain name server.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote_port | Remote UDP port for IKE communication
|
| networking.sits.<name>.encapsulation | Configures the type of encapsulation.
|
| containers.<name>.localAddress6 | The IPv6 address assigned to the interface in the container
|
| services.flannel.iface | Interface to use (IP or name) for inter-host communication
|
| services.prometheus.exporters.dmarc.imap.username | Login username for the IMAP connection.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_port | Local UDP port for IKE communication
|
| networking.wg-quick.interfaces.<name>.autostart | Whether to bring up this interface automatically during boot.
|
| services.spiped.config | Configuration for a secure pipe daemon
|
| services.prometheus.exporters.mqtt.mqttUsername | Username which should be used to authenticate against the MQTT broker.
|
| services.k3s.autoDeployCharts | Auto deploying Helm charts that are installed by the k3s Helm controller
|
| networking.supplicant.<name>.configFile.writable | Whether the configuration file at configFile.path should be written to by
wpa_supplicant.
|
| services.ircdHybrid.serverName | IRCD server name.
|
| services.strongswan-swanctl.swanctl.connections.<name>.rekey_time | IKE rekeying refreshes key material using a Diffie-Hellman exchange, but
does not re-check associated credentials
|
| networking.wireguard.interfaces.<name>.preSetup | Commands called at the start of the interface setup.
|
| networking.sits.<name>.encapsulation.port | Destination port when using UDP encapsulation.
|
| fileSystems.<name>.overlay.useStage1BaseDirectories | If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot
|
| services.strongswan-swanctl.swanctl.connections.<name>.ppk_required | Whether a Postquantum Preshared Key (PPK) is required for this connection
|
| services.strongswan-swanctl.swanctl.connections.<name>.dpd_timeout | Charon by default uses the normal retransmission mechanism and timeouts to
check the liveness of a peer, as all messages are used for liveness
checking
|
| services.mqtt2influxdb.mqtt.username | Username used to connect to the MQTT server.
|
| services.borgmatic.configurations.<name>.repositories.*.path | Path to the repository
|
| networking.wg-quick.interfaces.<name>.configFile | wg-quick .conf file, describing the interface
|
| programs.tsmClient.defaultServername | If multiple server stanzas are declared with
programs.tsmClient.servers,
this option may be used to name a default
server stanza that IBM TSM uses in the absence of
a user-defined dsm.opt file
|
| services.nixops-dns.domain | Fake domain name to resolve to NixOps virtual machines
|
| services.calibre-web.dataDir | Where Calibre-Web stores its data
|
| services.prosody.muc.*.domain | Domain name of the MUC
|
| programs.tsmClient.servers.<name>.tcpserveraddress | Host/domain name or IP address of the IBM TSM server.
|
| systemd.generators | Definition of systemd generators; see systemd.generator(5)
|
| services.asusd.auraConfigs | The content of /etc/asusd/aura_.ron
|
| networking.interfaces.<name>.ipv6.addresses | List of IPv6 addresses that will be statically assigned to the interface.
|
| networking.interfaces.<name>.ipv4.addresses | List of IPv4 addresses that will be statically assigned to the interface.
|
| services.spacecookie.settings.hostname | The hostname the service is reachable via
|
| virtualisation.fileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| users.extraUsers.<name>.openssh.authorizedPrincipals | A list of verbatim principal names that should be added to the user's
authorized principals.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.connections | A list of connection strings of the SQL servers to scrape metrics from
|
| services.mjpg-streamer.user | mjpg-streamer user name.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| services.suwayomi-server.settings.server.basicAuthUsername | The username value that you have to provide when authenticating.
|
| services.jicofo.xmppDomain | Domain name of the XMMP server to which to connect as a component
|
| services.nixops-dns.enable | Whether to enable the nixops-dns resolution
of NixOps virtual machines via dnsmasq and fake domain name.
|
| systemd.network.networks.<name>.controlledDelayConfig | Each attribute in this set specifies an option in the
[ControlledDelay] section of the unit
|
| networking.wireguard.interfaces.<name>.postSetup | Commands called at the end of the interface setup.
|