| services.strongswan-swanctl.swanctl.connections.<name>.remote | Section for a remote authentication round
|
| virtualisation.oci-containers.containers.<name>.labels | Labels to attach to the container at runtime.
|
| services.cloudflared.tunnels.<name>.originRequest.keepAliveConnections | Maximum number of idle keepalive connections between Tunnel and your origin
|
| services.jupyter.user | Name of the user used to run the jupyter service
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.interval | How often to run this job, specified in
Go duration format.
|
| users.extraUsers.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.matrix-continuwuity.settings.global.server_name | The server_name is the name of this server
|
| services.dawarich.user | User under which dawarich runs
|
| services.baikal.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.vsmartcard-vpcd.hostname | Hostname of a waiting vpicc server vpcd will be connecting to
|
| services.misskey.settings.db.db | The database name.
|
| services.powerdns.enable | Whether to enable PowerDNS domain name server.
|
| services.nextjs-ollama-llm-ui.hostname | The hostname under which the Ollama UI interface should be accessible
|
| services.bitlbee.hostName | Normally, BitlBee gets a hostname using getsockname()
|
| services.btrbk.instances.<name>.settings.stream_compress | Compress the btrfs send stream before transferring it from/to remote locations using a
compression command.
|
| services.authelia.instances.<name>.environmentVariables | Additional environment variables to provide to authelia
|
| services.cachix-agent.profile | Profile name, defaults to 'system' (NixOS).
|
| services.weblate.localDomain | The domain name serving your Weblate instance.
|
| services.wakapi.database.user | The name of the user to use for Wakapi.
|
| hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| services.avahi.publish.domain | Whether to announce the locally used domain name for browsing by other hosts.
|
| services.strongswan-swanctl.swanctl.connections.<name>.mediation | Whether this connection is a mediation connection, that is, whether this
connection is used to mediate other connections using the IKEv2 Mediation
Extension
|
| services.kubernetes.kubelet.hostname | Kubernetes kubelet hostname override.
|
| services.echoip.virtualHost | Name of the nginx virtual host to use and setup
|
| services.ncps.cache.storage.s3.bucket | The name of the S3 bucket.
|
| services.zfs.autoReplication.username | Username used by SSH to login to remote host.
|
| virtualisation.oci-containers.containers.<name>.podman | Podman-specific settings in OCI containers
|
| programs.regreet.font.package | The package that provides the font given in the name option.
|
| services.easytier.instances.<name>.settings.network_secret | EasyTier network credential used for verification and
encryption
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| hardware.nvidia-container-toolkit.disable-hooks | List of hooks to disable when generating the CDI specification
|
| services.strongswan-swanctl.swanctl.connections.<name>.mobike | Enables MOBIKE on IKEv2 connections
|
| services.gitlab.registry.host | GitLab container registry host name.
|
| services.kerberos_server.settings.realms.<name>.acl.*.principal | Which principal the rule applies to
|
| virtualisation.oci-containers.containers.<name>.devices | List of devices to attach to this container.
|
| services.bird-lg.frontend.domain | Server name domain suffixes.
|
| services.rke2.autoDeployCharts | Auto deploying Helm charts that are installed by the rke2 Helm controller
|
| services.openafsServer.cellName | Cell name, this server will serve.
|
| services.kerberos_server.settings.realms.<name>.acl.*.access | The changes the principal is allowed to make.
The "all" permission does not imply the "get-keys" permission
|
| virtualisation.oci-containers.containers.<name>.workdir | Override the default working directory for the container.
|
| services.smokeping.owner | Real name of the owner of the instance
|
| services.cachix-watch-store.cacheName | Cachix binary cache name
|
| services.weechat.sessionName | Name of the screen session for weechat.
|
| services.gitlab.databaseName | GitLab database name.
|
| services.ghostunnel.servers.<name>.disableAuthentication | Disable client authentication, no client certificate will be required.
|
| services.xserver.displayManager.lightdm.greeter.package | The LightDM greeter to login via
|
| services.matrix-synapse.workers.<name>.worker_listeners | List of ports that this worker should listen on, their purpose and their configuration.
|
| virtualisation.oci-containers.containers.<name>.autoStart | When enabled, the container is automatically started on boot
|
| services.dovecot2.imapsieve.mailbox.*.from | Only execute the administrator Sieve scripts for the mailbox configured with services.dovecot2.imapsieve.mailbox..name when the message originates from the indicated mailbox
|
| services.tsmBackup.servername | Create a systemd system service
tsm-backup.service that starts
a backup based on the given servername's stanza
|
| services.varnish.listen.*.group | Group name who owns the socket file.
|
| services.gnome.at-spi2-core.enable | Whether to enable at-spi2-core, a service for the Assistive Technologies
available on the GNOME platform
|
| services.prometheus.scrapeConfigs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.strongswan-swanctl.swanctl.connections.<name>.dpd_delay | Interval to check the liveness of a peer actively using IKEv2
INFORMATIONAL exchanges or IKEv1 R_U_THERE messages
|
| services.namecoind.rpc.certificate | Certificate file for securing RPC connections.
|
| services.thanos.rule.alert.label-drop | Labels by name to drop before sending to alertmanager
|
| services.dovecot2.imapsieve.mailbox.*.causes | Only execute the administrator Sieve scripts for the mailbox configured with services.dovecot2.imapsieve.mailbox..name when one of the listed IMAPSIEVE causes apply
|
| services.alerta.databaseName | Name of the database instance to connect to
|
| virtualisation.oci-containers.containers.<name>.login.registry | Registry where to login to.
|
| services.strongswan-swanctl.swanctl.connections.<name>.rand_time | Time range from which to choose a random value to subtract from
rekey/reauth times
|
| services.bookstack.mail.fromName | Mail "from" name.
|
| services.keycloak.database.username | Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned
|
| services.strongswan-swanctl.swanctl.connections.<name>.if_id_in | XFRM interface ID set on inbound policies/SA, can be overridden by child
config, see there for details
|
| services.rss-bridge.virtualHost | Name of the nginx or caddy virtualhost to use and setup
|
| services.netatalk.extmap | File name extension mappings
|
| boot.zfs.extraPools | Name or GUID of extra ZFS pools that you wish to import during boot
|
| services.limesurvey.nginx.virtualHost.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.limesurvey.nginx.virtualHost.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| virtualisation.oci-containers.containers.<name>.autoRemoveOnStop | Automatically remove the container when it is stopped or killed
|
| networking.networkmanager.insertNameservers | A list of name servers that should be inserted before
the ones configured in NetworkManager or received by DHCP.
|
| networking.networkmanager.appendNameservers | A list of name servers that should be appended
to the ones configured in NetworkManager or received by DHCP.
|
| users.extraUsers.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|
| virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| services.tor.settings.ServerDNSAllowNonRFC953Hostnames | See torrc manual.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.type | The type of the listener, usually http.
|
| services.paperless.passwordFile | A file containing the superuser password
|
| services.smokeping.hostName | DNS name for the urls generated in the cgi.
|
| services.oidentd.enable | Whether to enable ‘oidentd’, an implementation of the Ident
protocol (RFC 1413)
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.port | The port to listen for HTTP(S) requests on.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.mode | File permissions on the UNIX domain socket.
|
| services.ddclient.domains | Domain name(s) to synchronize.
|
| services.smokeping.user | User that runs smokeping and (optionally) thttpd
|
| services.filesender.database.hostname | Database hostname.
|
| services.davfs2.davGroup | The group of the running mount.davfs daemon
|
| systemd.automounts.*.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.network.networks.<name>.enhancedTransmissionSelectionConfig | Each attribute in this set specifies an option in the
[EnhancedTransmissionSelection] section of the unit
|
| services.postgresqlWalReceiver.receivers.<name>.synchronous | Flush the WAL data to disk immediately after it has been received
|
| services.postfix.settings.main.myhostname | The internet hostname of this mail system
|
| programs.regreet.theme.package | The package that provides the theme given in the name option.
|
| services.athens.storage.s3.bucket | Bucket name for the S3 storage backend.
|
| services.strongswan-swanctl.swanctl.connections.<name>.send_cert | Send certificate payloads when using certificate authentication.
- With the default of
ifasked the daemon sends
certificate payloads only if certificate requests have been received.
never disables sending of certificate payloads
altogether,always causes certificate payloads to be sent
unconditionally whenever certificate authentication is used
|
| services.zoneminder.database.username | Username for accessing the database.
|
| virtualisation.oci-containers.containers.<name>.extraOptions | Extra options for podman run.
|
| services.samba.nsswins | Whether to enable WINS NSS (Name Service Switch) plug-in
|
| services.netbird.enable | Enables backward-compatible NetBird client service
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.esp_proposals | ESP proposals to offer for the CHILD_SA
|
| virtualisation.oci-containers.containers.<name>.login.passwordFile | Path to file containing password.
|
| services.peertube-runner.instancesToRegister.<name>.registrationTokenFile | Path to a file containing a registration token for the PeerTube instance
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|