| systemd.user.targets.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.sockets.<name>.wants | Start the specified units when this unit is started.
|
| systemd.slices.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.timers.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| services.vault-agent.instances.<name>.group | Group under which this instance runs.
|
| services.restic.backups.<name>.extraBackupArgs | Extra arguments passed to restic backup.
|
| services.redis.servers.<name>.openFirewall | Whether to open ports in the firewall for the server.
|
| services.udp-over-tcp.tcp2udp.<name>.recvBufferSize | If given, sets the SO_RCVBUF option on the TCP socket to the given number of bytes
|
| services.udp-over-tcp.udp2tcp.<name>.recvBufferSize | If given, sets the SO_RCVBUF option on the TCP socket to the given number of bytes
|
| services.redis.servers.<name>.requirePass | Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.udp-over-tcp.tcp2udp.<name>.sendBufferSize | If given, sets the SO_SNDBUF option on the TCP socket to the given number of bytes
|
| services.udp-over-tcp.udp2tcp.<name>.sendBufferSize | If given, sets the SO_SNDBUF option on the TCP socket to the given number of bytes
|
| services.wstunnel.clients.<name>.soMark | Mark network packets with the SO_MARK sockoption with the specified value
|
| services.borgbackup.jobs.<name>.paths | Path(s) to back up
|
| security.pam.services.<name>.enableAppArmor | Enable support for attaching AppArmor profiles at the
user/group level, e.g., as part of a role based access
control scheme.
|
| services.anubis.instances.<name>.user | The user under which Anubis is run
|
| services.k3s.autoDeployCharts.<name>.version | The version of the Helm chart
|
| services.slskd.settings.retention.transfers.download.cancelled | Lifespan of cancelled download tasks.
|
| services.slskd.settings.retention.transfers.download.succeeded | Lifespan of succeeded download tasks.
|
| services.nginx.virtualHosts.<name>.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.httpd.virtualHosts.<name>.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| image.repart.partitions.<name>.contents.<name>.source | Path of the source file.
|
| services.kerberos_server.settings.realms | The realm(s) to serve keys for.
|
| services.kerberos_server.settings.module | Modules to obtain Kerberos configuration from.
|
| services.tor.relay.onionServices.<name>.version | See torrc manual.
|
| services.netbird.clients.<name>.login.setupKeyFile | A Setup Key file path used for automated login of the machine.
|
| services.netbird.tunnels.<name>.login.setupKeyFile | A Setup Key file path used for automated login of the machine.
|
| services.nbd.server.exports.<name>.extraOptions | Extra options for this export
|
| services.veilid.settings.core.network.routing_table.node_id | Base64-encoded public key for the node, used as the node's ID.
|
| services.system76-scheduler.settings.processScheduler.enable | Tweak scheduling of individual processes in real time.
|
| services.nextcloud-spreed-signaling.settings.backend.allowall | Allow any hostname as backend endpoint
|
| services.jupyterhub.kernels.<name>.displayName | Name that will be shown to the user.
|
| services.nextcloud.config.dbname | Database name.
|
| services.github-runners.<name>.url | Repository to add the runner to
|
| services.nvme-rs.settings.thresholds.wear_critical | Wear critical threshold (%)
|
| services.opkssh.providers.<name>.issuer | Issuer URI
|
| services.kmonad.keyboards.<name>.config | Keyboard configuration.
|
| services.minidlna.settings.root_container | Use a different container as the root of the directory tree presented to clients.
|
| services.firezone.server.settingsSecret.TOKENS_SALT | A file containing a unique base64 encoded secret for the
TOKENS_SALT
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| services.udp-over-tcp.tcp2udp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.udp-over-tcp.udp2tcp.<name>.openFirewall | Open the appropriate ports in the firewall.
|
| services.tinc.networks.<name>.rsaPrivateKeyFile | Path of the private RSA keyfile.
|
| security.pam.services.<name>.sssdStrictAccess | enforce sssd access control
|
| services.parsedmarc.settings.elasticsearch.user | Username to use when connecting to Elasticsearch, if
required.
|
| users.users.<name>.useDefaultShell | If true, the user's shell will be set to
users.defaultUserShell.
|
| services.geth.<name>.websocket.address | Listen address of Go Ethereum WebSocket API.
|
| services.borgbackup.jobs.<name>.postInit | Shell commands to run after borg init.
|
| services.geth.<name>.authrpc.jwtsecret | Path to a JWT secret for authenticated RPC endpoint.
|
| services.wstunnel.clients.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.wstunnel.servers.<name>.autoStart | Whether to enable starting this wstunnel instance automatically.
|
| services.borgbackup.repos.<name>.path | Where to store the backups
|
| security.pam.services.<name>.logFailures | Whether to log authentication failures in /var/log/faillog.
|
| services.borgbackup.jobs.<name>.preHook | Shell commands to run before the backup
|
| services.znc.confOptions.networks.<name>.server | IRC server address.
|
| services.awstats.configs.<name>.logFormat | The log format being used
|
| services.znapzend.zetup.<name>.presnap | Command to run before snapshots are taken on the source dataset,
e.g. for database locking/flushing
|
| services.wstunnel.clients.<name>.addNetBind | Whether to enable Whether add CAP_NET_BIND_SERVICE to the tunnel service, this should be enabled if you want to bind port < 1024.
|
| programs.openvpn3.log-service.settings.journald | Use systemd-journald
|
| services.drupal.sites.<name>.virtualHost.logFormat | Log format for Apache's log files
|
| services.movim.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.slskd.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.davis.nginx.locations.<name>.return | Adds a return directive, for e.g. redirections.
|
| services.drupal.sites.<name>.virtualHost.servedDirs | This option provides a simple way to serve static directories.
|
| services.nvme-rs.settings.thresholds.spare_warning | Available spare warning threshold (%)
|
| services.nvme-rs.settings.thresholds.temp_critical | Temperature critical threshold (°C)
|
| services.firewalld.services.<name>.ports | Ports of the service.
|
| services.nginx.virtualHosts.<name>.http2 | Whether to enable the HTTP/2 protocol
|
| services.fedimintd.<name>.package | The fedimint package to use.
|
| services.gitlab-runner.services.<name>.cloneUrl | Overwrite the URL for the GitLab instance
|
| services.grafana.settings.database.query_retries | This setting applies to sqlite3 only and controls the number of times the system retries a query when the database is locked.
|
| services.rke2.manifests.<name>.source | Path of the source .yaml file.
|
| services.rke2.manifests.<name>.enable | Whether this manifest file should be generated.
|
| services.chhoto-url.settings.redirect_method | The redirect method to use.
|
| services.rspamd.overrides.<name>.source | Path of the source file.
|
| services.sanoid.templates.<name>.hourly | Number of hourly snapshots.
|
| services.sanoid.templates.<name>.yearly | Number of yearly snapshots.
|
| systemd.user.sockets.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.targets.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.tarsnap.archives.<name>.maxbwRateUp | Upload bandwidth rate limit in bytes.
|
| services.httpd.virtualHosts.<name>.sslServerChain | Path to server SSL chain file.
|
| services.netbird.tunnels.<name>.autoStart | Start the service with the system
|
| services.netbird.clients.<name>.autoStart | Start the service with the system
|
| services.openvpn.servers.<name>.config | Configuration of this OpenVPN instance
|
| services.k3s.autoDeployCharts.<name>.enable | Whether to enable the installation of this Helm chart
|
| systemd.user.services.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.nebula.networks.<name>.tun.disable | When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root).
|
| services.drupal.sites.<name>.virtualHost.sslServerCert | Path to server SSL certificate.
|
| services.caddy.virtualHosts.<name>.extraConfig | Additional lines of configuration appended to this virtual host in the
automatically generated Caddyfile.
|
| services.restic.backups.<name>.timerConfig | When to run the backup
|
| services.nginx.proxyCachePath.<name>.inactive | Cached data that has not been accessed for the time specified by
the inactive parameter is removed from the cache, regardless of
its freshness.
|
| boot.initrd.luks.devices.<name>.device | Path of the underlying encrypted block device.
|
| systemd.user.slices.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.user.timers.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| services.firewalld.services.<name>.short | Short description for the service.
|
| services.firewalld.zones.<name>.services | Services to allow in the zone.
|
| services.buildkite-agents.<name>.dataDir | The workdir for the agent
|
| services.suricata.settings.classification-file | Suricata classification configuration file.
|
| services.kanidm.server.settings.online_backup.versions | Number of backups to keep
|
| services.grafana.settings.server.enforce_domain | Redirect to correct domain if the host header does not match the domain
|