| networking.wg-quick.interfaces.<name>.type | The type of the interface
|
| boot.binfmt.registrations.<name>.mask | A mask to be ANDed with the byte sequence of the file before matching
|
| systemd.sockets.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| systemd.targets.<name>.startLimitIntervalSec | Configure unit start rate limiting
|
| image.repart.partitions.<name>.stripNixStorePrefix | Whether to strip /nix/store/ from the store paths
|
| services.prometheus.remoteRead.*.basic_auth.username | HTTP username
|
| users.extraUsers.<name>.openssh.authorizedKeys.keyFiles | A list of files each containing one OpenSSH public key that should be
added to the user's authorized keys
|
| networking.wg-quick.interfaces.<name>.postUp | Commands called after the interface setup.
|
| programs.proxychains.proxies.<name>.port | Proxy port
|
| programs.proxychains.proxies.<name>.type | Proxy type.
|
| services.evremap.settings.phys | The physical device name to listen on
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.type | The type of the listener, usually http.
|
| services.murmur.registerName | Public server registration name, and also the name of the
Root channel
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.port | The port to listen for HTTP(S) requests on.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.mode | File permissions on the UNIX domain socket.
|
| services.tarsnap.archives | Tarsnap archive configurations
|
| systemd.network.networks.<name>.ipv6PREF64Prefixes | A list of IPv6PREF64Prefix sections to be added to the unit
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.tls | Whether to enable TLS on the listener socket.
This option will be ignored for UNIX domain sockets.
|
| services.strongswan-swanctl.swanctl.connections.<name>.ppk_required | Whether a Postquantum Preshared Key (PPK) is required for this connection
|
| services.slurm.partitionName | Name by which the partition may be referenced
|
| services.peertube-runner.instancesToRegister.<name>.registrationTokenFile | Path to a file containing a registration token for the PeerTube instance
|
| services.patroni.scope | Cluster name.
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.group | The group of the file
|
| systemd.user.timers.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.user.slices.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| programs.xfs_quota.projects.<name>.sizeSoftLimit | Soft limit of the project size
|
| networking.wg-quick.interfaces.<name>.preDown | Command called before the interface is taken down.
|
| programs.proxychains.proxies.<name>.host | Proxy host or IP address.
|
| programs.xfs_quota.projects.<name>.sizeHardLimit | Hard limit of the project size.
|
| services.samba-wsdd.domain | Set domain name (disables workgroup).
|
| programs.xfs_quota.projects.<name>.fileSystem | XFS filesystem hosting the xfs_quota project.
|
| networking.wg-quick.interfaces.<name>.peers | Peers linked to the interface.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_addrs | Local address(es) to use for IKE communication
|
| services.nullmailer.config.me | The fully-qualifiled host name of the computer running nullmailer
|
| services.prometheus.scrapeConfigs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.mastodon.smtp.user | SMTP login name.
|
| services.dawarich.smtp.user | SMTP login name.
|
| services.prometheus.remoteWrite.*.basic_auth.username | HTTP username
|
| services.taskserver.fqdn | The fully qualified domain name of this server, which is also used
as the common name in the certificates.
|
| services.sslh.settings.protocols | List of protocols sslh will probe for and redirect
|
| services.strongswan-swanctl.swanctl.connections.<name>.reauth_time | Time to schedule IKE reauthentication
|
| services.vault.address | The name of the ip interface to listen to
|
| services.bitwarden-directory-connector-cli.ldap.username | The user to authenticate as.
|
| security.acme.certs.<name>.environmentFile | Path to an EnvironmentFile for the cert's service containing any required and
optional environment variables for your selected dnsProvider
|
| services.tailscale.serve.services | Services to configure for Tailscale Serve
|
| systemd.network.networks.<name>.ipv6RoutePrefixes | A list of ipv6RoutePrefix sections to be added to the unit
|
| openstack.zfs.datasets.<name>.properties | Properties to set on this dataset.
|
| services.bitwarden-directory-connector-cli.ldap.hostname | The host the LDAP is accessible on.
|
| services.gdomap.enable | Whether to enable GNUstep Distributed Objects name server.
|
| services.matrix-synapse.settings.listeners.*.resources.*.names | List of resources to host on this listener.
|
| programs.schroot.profiles.<name>.copyfiles | A list of files to copy into the chroot from the host system.
|
| networking.bonds.<name>.lacp_rate | DEPRECATED, use driverOptions
|
| networking.wg-quick.interfaces.<name>.postDown | Command called after the interface is taken down.
|
| services.thanos.rule.alert.label-drop | Labels by name to drop before sending to alertmanager
|
| networking.wireless.networks.<name>.bssid | If set, this network block is used only when associating with
the AP using the configured BSSID.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.user | The user of the file
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.path | Unix domain socket path to bind this listener to.
|
| systemd.network.netdevs.<name>.wireguardPeers | Each item in this array specifies an option in the
[WireGuardPeer] section of the unit
|
| services.tmate-ssh-server.host | External host name
|
| boot.loader.systemd-boot.windows.<name>.efiDeviceHandle | The device handle of the EFI System Partition (ESP) where the Windows bootloader is
located
|
| networking.interfaces.<name>.mtu | MTU size for packets leaving the interface
|
| services.keycloak.themes | Additional theme packages for Keycloak
|
| hardware.fw-fanctrl.config.strategies.<name>.speedCurve | How should the speed curve look like
|
| services.rspamd.locals | Local configuration files, written into /etc/rspamd/local.d/{name}.
|
| systemd.network.networks.<name>.routingPolicyRules | A list of routing policy rules sections to be added to the unit
|
| services.selfoss.pool | Name of existing phpfpm pool that is used to run web-application
|
| networking.wg-quick.interfaces.<name>.mtu | If not specified, the MTU is automatically determined
from the endpoint addresses or the system default route, which is usually
a sane choice
|
| services.grafana.settings.database.server_cert_name | The common name field of the certificate used by the mysql or postgres server
|
| services.openssh.settings.UseDns | Specifies whether sshd(8) should look up the remote host name, and to check that the resolved host name for
the remote IP address maps back to the very same IP address
|
| networking.interfaces.<name>.wakeOnLan.enable | Whether to enable wol on this interface.
|
| services.strongswan-swanctl.swanctl.connections.<name>.send_certreq | Send certificate request payloads to offer trusted root CA certificates to
the peer
|
| services.znc.confOptions.userName | The user name used to log in to the ZNC web admin interface.
|
| systemd.targets.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| systemd.sockets.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| services.tlsrpt.reportd.settings.organization_name | Name of the organization sending out the reports.
|
| networking.wireless.networks.<name>.psk | The network's pre-shared key in plaintext defaulting
to being a network without any authentication.
Be aware that this will be written to the Nix store
in plaintext! Use pskRaw with an external
reference to keep it safe.
Mutually exclusive with pskRaw.
|
| networking.wireless.networks.<name>.hidden | Set this to true if the SSID of the network is hidden.
|
| services.nextcloud.settings.mail_smtpname | This depends on mail_smtpauth
|
| security.acme.certs.<name>.dnsPropagationCheck | Toggles lego DNS propagation check, which is used alongside DNS-01
challenge to ensure the DNS entries required are available.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.group | The group of the file
|
| users.users.<name>.hashedPassword | Specifies the hashed password for the user
|
| systemd.user.targets.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.user.sockets.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.gnome.at-spi2-core.enable | Whether to enable at-spi2-core, a service for the Assistive Technologies
available on the GNOME platform
|
| networking.bonds.<name>.interfaces | The interfaces to bond together
|
| systemd.network.networks.<name>.dhcpServerStaticLeases | A list of DHCPServerStaticLease sections to be added to the unit
|
| services.kismet.serverName | The name of the server.
|
| systemd.shutdownRamfs.contents.<name>.dlopen.features | Features to enable via dlopen ELF notes
|
| networking.wireless.networks.<name>.ssid | You could use this field to override the network's ssid
|
| boot.binfmt.registrations.<name>.offset | The byte offset of the magic number used for recognition.
|
| systemd.units.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.paths.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| services.ncps.cache.storage.s3.bucket | The name of the S3 bucket.
|
| systemd.network.networks.<name>.fairQueueingConfig | Each attribute in this set specifies an option in the
[FairQueueing] section of the unit
|
| services.librenms.user | Name of the LibreNMS user.
|
| systemd.network.netdevs.<name>.wireguardConfig | Each attribute in this set specifies an option in the
[WireGuard] section of the unit
|
| programs.proxychains.proxies.<name>.enable | Whether to enable this proxy.
|
| services.misskey.settings.db.db | The database name.
|
| services.spiped.config | Configuration for a secure pipe daemon
|
| systemd.user.paths.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|