| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.sourcehut.hg.webhooks.extraArgs | Extra arguments passed to the Celery responsible for webhooks.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_port | Local UDP port for IKE communication
|
| services.pgpkeyserver-lite.hostname | Which hostname to set the vHost to that is proxying to sks.
|
| security.ipa.shells | List of shells which binaries should be installed to /bin/
|
| services.moosefs.masterHost | IP or DNS name of the MooseFS master server.
|
| services.dsnet.settings.ExternalHostname | The hostname that clients should use to connect to this server
|
| services.postgresql.ensureUsers.*.ensureClauses.login | Grants the user, created by the ensureUser attr, login permissions
|
| services.strongswan-swanctl.swanctl.connections.<name>.dpd_timeout | Charon by default uses the normal retransmission mechanism and timeouts to
check the liveness of a peer, as all messages are used for liveness
checking
|
| services.strongswan-swanctl.swanctl.pools | Section defining named pools
|
| services.postfix.settings.main.myhostname | The internet hostname of this mail system
|
| services.mjpg-streamer.group | mjpg-streamer group name.
|
| services.dependency-track.oidc.teams.claim | Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint
|
| services.agorakit.mail.fromName | Mail "from" name.
|
| virtualisation.credentials.<name>.mechanism | The mechanism used to pass the credential to the VM.
|
| services.openafsClient.cellName | Cell name.
|
| services.mongodb.replSetName | If this instance is part of a replica set, set its name here
|
| services.freshrss.pool | Name of the php-fpm pool to use and setup
|
| services.sourcehut.git.webhooks.extraArgs | Extra arguments passed to the Celery responsible for webhooks.
|
| services.reposilite.settings.hostname | The hostname to bind to
|
| services.nginx.resolver | Configures name servers used to resolve names of upstream servers into addresses
|
| services.shellhub-agent.preferredHostname | Set the device preferred hostname
|
| services.strongswan-swanctl.swanctl.connections.<name>.rekey_time | IKE rekeying refreshes key material using a Diffie-Hellman exchange, but
does not re-check associated credentials
|
| services.suricata.settings.unix-command.filename | Filename for unix-command socket.
|
| services.varnish.listen.*.user | User name who owns the socket file.
|
| services.rshim.backend | Specify the backend to attach
|
| services.jupyter.group | Name of the group used to run the jupyter service
|
| virtualisation.oci-containers.containers.<name>.cmd | Commandline arguments to pass to the image's entrypoint.
|
| networking.wireguard.interfaces.<name>.socketNamespace | The pre-existing network namespace in which the
WireGuard interface is created, and which retains the socket even if the
interface is moved via interfaceNamespace
|
| services.misskey.reverseProxy.webserver.nginx.serverName | Name of this virtual host
|
| services.ceph.global.clusterName | Name of cluster
|
| services.strongswan-swanctl.swanctl.connections.<name>.keyingtries | Number of retransmission sequences to perform during initial
connect
|
| users.extraUsers.<name>.initialHashedPassword | Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.resources | List of HTTP resources to serve on this listener.
|
| users.users.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.hadoop.hdfs.namenode.restartIfChanged | Automatically restart the service on config change
|
| services.znc.confOptions.userName | The user name used to log in to the ZNC web admin interface.
|
| boot.zfs.forceImportAll | Forcibly import all ZFS pool(s)
|
| services.sourcehut.meta.webhooks.extraArgs | Extra arguments passed to the Celery responsible for webhooks.
|
| services.sourcehut.todo.webhooks.extraArgs | Extra arguments passed to the Celery responsible for webhooks.
|
| services.matrix-hookshot.settings.passFile | A passkey used to encrypt tokens stored inside the bridge
|
| services.baikal.virtualHost | Name of the nginx virtualhost to use and setup
|
| networking.bonds.<name>.xmit_hash_policy | DEPRECATED, use driverOptions
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.connections | A list of connection strings of the SQL servers to scrape metrics from
|
| services.powerdns.enable | Whether to enable PowerDNS domain name server.
|
| services.davfs2.davGroup | The group of the running mount.davfs daemon
|
| services.strongswan-swanctl.swanctl.connections.<name>.unique | Connection uniqueness policy to enforce
|
| services.cachix-agent.profile | Profile name, defaults to 'system' (NixOS).
|
| services.weblate.localDomain | The domain name serving your Weblate instance.
|
| services.dawarich.user | User under which dawarich runs
|
| services.dovecot2.imapsieve.mailbox.*.from | Only execute the administrator Sieve scripts for the mailbox configured with services.dovecot2.imapsieve.mailbox..name when the message originates from the indicated mailbox
|
| services.jupyter.user | Name of the user used to run the jupyter service
|
| virtualisation.oci-containers.containers.<name>.image | OCI image to run.
|
| networking.openconnect.interfaces.<name>.extraOptions | Extra config to be appended to the interface config
|
| services.dovecot2.imapsieve.mailbox.*.causes | Only execute the administrator Sieve scripts for the mailbox configured with services.dovecot2.imapsieve.mailbox..name when one of the listed IMAPSIEVE causes apply
|
| virtualisation.oci-containers.containers.<name>.user | Override the username or UID (and optionally groupname or GID) used
in the container.
|
| services.echoip.virtualHost | Name of the nginx virtual host to use and setup
|
| services.gammu-smsd.backend.sql.user | User name used for connection to the database
|
| services.bitlbee.hostName | Normally, BitlBee gets a hostname using getsockname()
|
| services.pretalx.nginx.domain | The domain name under which to set up the virtual host.
|
| services.tlsrpt.reportd.settings.organization_name | Name of the organization sending out the reports.
|
| services.jibri.xmppEnvironments.<name>.disableCertificateVerification | Whether to skip validation of the server's certificate.
|
| services.openafsServer.cellName | Cell name, this server will serve.
|
| services.samba.nmbd.enable | Whether to enable Samba's nmbd, which replies to NetBIOS over IP name
service requests
|
| services.smokeping.owner | Real name of the owner of the instance
|
| services.cachix-watch-store.cacheName | Cachix binary cache name
|
| services.weechat.sessionName | Name of the screen session for weechat.
|
| virtualisation.oci-containers.containers.<name>.pull | Image pull policy for the container
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.gitlab.databaseName | GitLab database name.
|
| services.kapacitor.defaultDatabase.username | The username to connect to the remote InfluxDB server
|
| services.sanoid.datasets.<name>.pre_snapshot_script | Script to run before taking snapshot.
|
| networking.openconnect.interfaces.<name>.certificate | Certificate to authenticate with.
|
| networking.wireguard.interfaces.<name>.peers.*.presharedKeyFile | File pointing to preshared key as generated by wg genpsk
|
| services.sympa.database.user | Database user
|
| services.sourcehut.lists.webhooks.extraArgs | Extra arguments passed to the Celery responsible for webhooks.
|
| services.grafana.settings.database.server_cert_name | The common name field of the certificate used by the mysql or postgres server
|
| virtualisation.fileSystems.<name>.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| services.varnish.listen.*.group | Group name who owns the socket file.
|
| containers.<name>.additionalCapabilities | Grant additional capabilities to the container
|
| virtualisation.oci-containers.containers.<name>.labels | Labels to attach to the container at runtime.
|
| services.paperless.passwordFile | A file containing the superuser password
|
| services.alerta.databaseName | Name of the database instance to connect to
|
| services.tlsrpt.collectd.settings.socketname | Path at which the UNIX socket will be created.
|
| console.font | The font used for the virtual consoles
|
| services.rss-bridge.virtualHost | Name of the nginx or caddy virtualhost to use and setup
|
| services.netatalk.extmap | File name extension mappings
|
| boot.iscsi-initiator.target | Name of the iSCSI target to boot from.
|
| services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification | Whether to skip validation of the server's certificate.
|
| services.wakapi.database.user | The name of the user to use for Wakapi.
|
| virtualisation.oci-containers.containers.<name>.podman.user | The user under which the container should run.
|
| services.smokeping.hostName | DNS name for the urls generated in the cgi.
|
| networking.wireguard.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| services.victorialogs.basicAuthUsername | Basic Auth username used to protect VictoriaLogs instance by authorization
|
| services.ddclient.domains | Domain name(s) to synchronize.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_addrs | Local address(es) to use for IKE communication
|
| users.extraUsers.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| containers | A set of NixOS system configurations to be run as lightweight
containers
|
| services.firezone.server.provision.accounts.<name>.features.flow_activities | Whether to enable the flow_activities feature for this account.
|