| services.lldap.settings.jwt_secret_file | Path to a file containing the JWT secret.
|
| services.tuned.settings.update_interval | Update interval for dynamic tuning (in seconds).
|
| services.jupyter.kernels.<name>.extraPaths | Extra paths to link in kernel directory
|
| services.ytdl-sub.instances.<name>.enable | Whether to enable ytdl-sub instance.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.hostapd.radios.<name>.wifi6.enable | Enables support for IEEE 802.11ax (WiFi 6, HE)
|
| services.httpd.virtualHosts.<name>.servedDirs | This option provides a simple way to serve static directories.
|
| services.ddclient.username | User name.
|
| services.kimai.sites.<name>.database.charset | Database charset.
|
| services.fedimintd.<name>.api_ws.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| users.users.<name>.subUidRanges.*.startUid | Start of the range of subordinate user ids that user is
allowed to use.
|
| users.users.<name>.subGidRanges.*.startGid | Start of the range of subordinate group ids that user is
allowed to use.
|
| services.fedimintd.<name>.nginx.config.root | The path of the web root directory.
|
| services.tor.settings.V3AuthoritativeDirectory | See torrc manual.
|
| services.caddy.virtualHosts.<name>.logFormat | Configuration for HTTP request logging (also known as access logs)
|
| services.httpd.virtualHosts.<name>.logFormat | Log format for Apache's log files
|
| security.acme.certs.<name>.keyType | Key type to use for private keys
|
| services.crowdsec.settings.console.configuration | Attributes inside the console.yaml file.
|
| services.warpgate.settings.http.cookie_max_age | How long until logged in cookie expires.
|
| services.netbird.tunnels.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| services.netbird.clients.<name>.login.enable | Whether to enable automated login for NetBird client.
|
| services.drupal.sites.<name>.virtualHost.listen.*.ip | IP to listen on. 0.0.0.0 for IPv4 only, * for all.
|
| services.grafana.provision.alerting.muteTimings.settings.deleteMuteTimes.*.orgId | Organization ID, default = 1.
|
| services.veilid.settings.core.network.dht.min_peer_count | Minimum number of nodes to keep in the peer table.
|
| systemd.user.services.<name>.startLimitBurst | Configure unit start rate limiting
|
| services.kanidm.provision.persons.<name>.displayName | Display name
|
| services.rke2.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| services.openssh.settings.AuthorizedPrincipalsFile | Specifies a file that lists principal names that are accepted for certificate authentication
|
| services.grafana.provision.alerting.templates.settings.apiVersion | Config file version.
|
| services.pgbouncer.settings.pgbouncer.listen_port | Which port to listen on
|
| virtualisation.cri-o.settings | Configuration for cri-o, see
https://github.com/cri-o/cri-o/blob/master/docs/crio.conf.5.md.
|
| services.quickwit.settings.listen_address | Listen address of Quickwit.
|
| services.firewalld.zones.<name>.target | Action for packets that doesn't match any rules.
|
| services.fedimintd.<name>.nginx.enable | Whether to configure nginx for fedimintd
|
| services.httpd.virtualHosts.<name>.sslServerCert | Path to server SSL certificate.
|
| services.grafana.settings.database.max_open_conn | The maximum number of open connections to the database.
|
| services.wstunnel.servers.<name>.listen.host | The hostname.
|
| services.wstunnel.servers.<name>.listen.port | The port.
|
| services.ytdl-sub.instances.<name>.config | Configuration for ytdl-sub
|
| services.slskd.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.movim.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.davis.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.restic.backups.<name>.pruneOpts | A list of options (--keep-* et al.) for 'restic forget
--prune', to automatically prune old snapshots
|
| services.tarsnap.archives.<name>.maxbw | Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
|
| services.hostapd.radios.<name>.wifi5.enable | Enables support for IEEE 802.11ac (WiFi 5, VHT)
|
| services.vdirsyncer.jobs.<name>.user | User account to run vdirsyncer as, otherwise as a systemd
dynamic user
|
| services.prometheus.exporters.script.settings.scripts.*.timeout | Optional timeout for the script in seconds.
|
| services.fedimintd.<name>.api_ws.port | TCP Port to bind on for API connections relayed by the reverse proxy/tls terminator.
|
| systemd.targets.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.sockets.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.quicktun.<name>.timeWindow | Allowed time window for first received packet in seconds (positive number allows packets from history)
|
| services.tlsrpt.reportd.settings.sender_address | Sender address used for reports.
|
| services.znapzend.zetup.<name>.mbuffer.size | The size for mbuffer
|
| systemd.user.paths.<name>.upholds | Keeps the specified running while this unit is running
|
| systemd.user.sockets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.user.targets.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.factorio.mods-dat | Mods settings can be changed by specifying a dat file, in the mod
settings file
format.
|
| services.grafana.settings.security.cookie_secure | Set to true if you host Grafana behind HTTPS.
|
| services.grafana.settings.database.max_idle_conn | The maximum number of connections in the idle connection pool.
|
| services.biboumi.settings.xmpp_server_ip | The IP address to connect to the XMPP server on
|
| users.extraUsers.<name>.subGidRanges | Subordinate group ids that user is allowed to use
|
| users.extraUsers.<name>.subUidRanges | Subordinate user ids that user is allowed to use
|
| services.vdirsyncer.jobs.<name>.group | group to run vdirsyncer as
|
| services.nylon.<name>.bindInterface | Tell nylon which interface to use as an uplink, default is "enp3s0f0".
|
| services.sympa.domains.<name>.webLocation | URL path part of the web interface.
|
| services.fedimintd.<name>.nginx.config | Overrides to the nginx vhost section for api
|
| security.acme.certs.<name>.postRun | Commands to run after new certificates go live
|
| services.openafsServer.roles.backup.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.grafana.provision.dashboards.settings.providers | List of dashboards to insert/update.
|
| services.kanidm.server.settings.online_backup.schedule | The schedule for backups in cron format.
|
| systemd.user.slices.<name>.aliases | Aliases of that unit.
|
| systemd.user.timers.<name>.aliases | Aliases of that unit.
|
| services.i2pd.ifname6 | IPv6 interface to bind to.
|
| services.i2pd.ifname4 | IPv4 interface to bind to.
|
| security.pam.services.<name>.limits.*.domain | Username, groupname, or wildcard this limit applies to
|
| services.k3s.autoDeployCharts.<name>.extraDeploy | List of extra Kubernetes manifests to deploy with this Helm chart.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.type | The resource type
|
| services.xserver.xkb.extraLayouts.<name>.geometryFile | The path to the xkb geometry file
|
| services.headscale.settings.dns.extra_records.*.value | DNS record value (IP address).
|
| services.rspamd.workers.<name>.extraConfig | Additional entries to put verbatim into worker section of rspamd config file.
|
| services.drupal.sites.<name>.database.socket | Path to the unix socket file to use for authentication.
|
| systemd.network.networks.<name>.enhancedTransmissionSelectionConfig | Each attribute in this set specifies an option in the
[EnhancedTransmissionSelection] section of the unit
|
| services.nginx.virtualHosts.<name>.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.nntp-proxy.users.<name>.passwordHash | SHA-512 password hash (can be generated by
mkpasswd -m sha-512 <password>)
|
| services.dokuwiki.sites.<name>.poolConfig | Options for the DokuWiki PHP pool
|
| systemd.services.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.automysqlbackup.settings | automysqlbackup configuration
|
| systemd.paths.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.paths.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| services.parsedmarc.settings.elasticsearch.ssl | Whether to use an encrypted SSL/TLS connection.
|
| services.pgbackrest.repos.<name>.host | Repository host when operating remotely
|
| services.snipe-it.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.wyoming.piper.servers.<name>.noiseScale | Generator noise value.
|
| services.rspamd.workers.<name>.bindSockets | List of sockets to listen, in format acceptable by rspamd
|
| services.httpd.virtualHosts.<name>.enableUserDir | Whether to enable serving ~/public_html as
/~«username».
|
| services.dokuwiki.sites.<name>.phpOptions | Options for PHP's php.ini file for this dokuwiki site.
|
| services.slskd.settings.retention.transfers.download.cancelled | Lifespan of cancelled download tasks.
|
| services.slskd.settings.retention.transfers.download.succeeded | Lifespan of succeeded download tasks.
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| security.acme.certs.<name>.email | Email address for account creation and correspondence from the CA
|