| networking.wireguard.interfaces.<name>.ips | The IP addresses of the interface.
|
| systemd.sockets.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| systemd.targets.<name>.overrideStrategy | Defines how unit configuration is provided for systemd:
asDropinIfExists creates a unit file when no unit file is provided by the package
otherwise it creates a drop-in file named overrides.conf.
asDropin creates a drop-in file named overrides.conf
|
| networking.bridges.<name>.interfaces | The physical network interfaces connected by the bridge.
|
| services.sanoid.datasets.<name>.pre_snapshot_script | Script to run before taking snapshot.
|
| services.resilio.deviceName | Name of the Resilio Sync device.
|
| services.lasuite-meet.domain | Domain name of the meet instance.
|
| services.lasuite-docs.domain | Domain name of the docs instance.
|
| networking.wg-quick.interfaces.<name>.privateKeyFile | Private key file as generated by wg genkey.
|
| services.davfs2.davUser | When invoked by root the mount.davfs daemon will run as this user
|
| systemd.paths.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| users.users.<name>.openssh.authorizedPrincipals | A list of verbatim principal names that should be added to the user's
authorized principals.
|
| services.saunafs.masterHost | IP or hostname name of master host.
|
| networking.interfaces.<name>.ipv6.routes | List of extra IPv6 static routes that will be assigned to the interface.
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.authelia.instances.<name>.settings.default_2fa_method | Default 2FA method for new users and fallback for preferred but disabled methods.
|
| services.athens.storage.s3.bucket | Bucket name for the S3 storage backend.
|
| networking.wg-quick.interfaces.<name>.privateKey | Base64 private key generated by wg genkey
|
| networking.wg-quick.interfaces.<name>.configFile | wg-quick .conf file, describing the interface
|
| services.athens.index.mysql.database | Database name for the MySQL database.
|
| systemd.network.networks.<name>.networkEmulatorConfig | Each attribute in this set specifies an option in the
[NetworkEmulator] section of the unit
|
| services.moosefs.masterHost | IP or DNS name of the MooseFS master server.
|
| services.dependency-track.oidc.teams.claim | Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint
|
| services.oidentd.enable | Whether to enable ‘oidentd’, an implementation of the Ident
protocol (RFC 1413)
|
| services.bookstack.mail.fromName | Mail "from" name.
|
| boot.loader.grub.extraFiles | A set of files to be copied to /boot
|
| networking.vswitches.<name>.openFlowVersion | Version of OpenFlow protocol to use when communicating with the switch internally (e.g. with openFlowRules).
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.mode | The file access mode to use when creating this file or directory.
|
| networking.interfaces.<name>.ipv6.routes.*.via | IPv6 address of the next hop.
|
| networking.interfaces.<name>.ipv4.routes.*.via | IPv4 address of the next hop.
|
| services.jitsi-videobridge.xmppConfigs.<name>.disableCertificateVerification | Whether to skip validation of the server's certificate.
|
| services.soju.acceptProxyIP | Allow the specified IPs to act as a proxy
|
| services.varnish.listen.*.user | User name who owns the socket file.
|
| services.netbird.enable | Enables backward-compatible NetBird client service
|
| services.bacula-sd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-fd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| networking.wireguard.interfaces.<name>.type | The type of the interface
|
| boot.binfmt.registrations.<name>.interpreter | The interpreter to invoke to run the program
|
| networking.wg-quick.interfaces.<name>.extraOptions | Extra options to append to the interface section
|
| containers.<name>.bindMounts.<name>.hostPath | Location of the host path to be mounted.
|
| services.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| security.wrappers.<name>.permissions | The permissions of the wrapper program
|
| services.dolibarr.domain | Domain name of your server.
|
| networking.jool.siit | Definitions of SIIT instances of Jool
|
| networking.interfaces.<name>.macAddress | MAC address of the interface
|
| systemd.network.networks.<name>.quickFairQueueingConfigClass | Each attribute in this set specifies an option in the
[QuickFairQueueingClass] section of the unit
|
| services.dnsdist.dnscrypt.providerName | The name that will be given to this DNSCrypt resolver.
The provider name must start with 2.dnscrypt-cert..
|
| services.prometheus.exporters.process.settings.process_names | All settings expressed as an Nix attrset
|
| networking.supplicant.<name>.extraConf | Configuration options for wpa_supplicant.conf
|
| services.sanoid.templates.<name>.pre_snapshot_script | Script to run before taking snapshot.
|
| services.mjpg-streamer.group | mjpg-streamer group name.
|
| users.users.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.bacula-dir.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.netbird.server.signal.domain | The domain name for the signal service.
|
| services.mobilizon.settings.":mobilizon".":instance".hostname | Your instance's hostname
|
| networking.wireguard.interfaces.<name>.peers | Peers linked to the interface.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| networking.vswitches.<name>.extraOvsctlCmds | Commands to manipulate the Open vSwitch database
|
| services.prosody.httpFileShare.domain | Domain name for a http_file_share service.
|
| systemd.timers.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| systemd.slices.<name>.documentation | A list of URIs referencing documentation for this unit or its configuration.
|
| services.powerdns.enable | Whether to enable PowerDNS domain name server.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.x_forwarded | Use the X-Forwarded-For (XFF) header as the client IP and not the
actual client IP.
|
| services.prosody.uploadHttp.domain | Domain name for the http-upload service
|
| services.mail.sendmailSetuidWrapper.program | The name of the wrapper program
|
| services.victoriametrics.basicAuthUsername | Basic Auth username used to protect VictoriaMetrics instance by authorization
|
| services.bird-lg.frontend.servers | Server name prefixes.
|
| services.nix-serve.secretKeyFile | The path to the file used for signing derivation data
|
| services.openafsClient.cellName | Cell name.
|
| networking.wg-quick.interfaces.<name>.autostart | Whether to bring up this interface automatically during boot.
|
| services.outline.storage.region | AWS S3 region name.
|
| services.cachix-agent.profile | Profile name, defaults to 'system' (NixOS).
|
| services.weblate.localDomain | The domain name serving your Weblate instance.
|
| users.mysql.pam.table | The name of table that maps unique login names to the passwords.
|
| services.gitea.settings.server.DOMAIN | Domain name of your server.
|
| fileSystems.<name>.noCheck | Disable running fsck on this filesystem.
|
| networking.supplicant.<name>.configFile.writable | Whether the configuration file at configFile.path should be written to by
wpa_supplicant.
|
| services.synergy.client.screenName | Use the given name instead of the hostname to identify
ourselves to the server.
|
| virtualisation.rosetta.mountTag | The VirtioFS mount tag for the Rosetta runtime, exposed by the host's virtualisation software
|
| services.buildkite-agents | Attribute set of buildkite agents
|
| virtualisation.xen.store.settings.perms.enableWatch | Whether to enable the watch permission system
|
| networking.jool.nat64 | Definitions of NAT64 instances of Jool
|
| systemd.network.networks.<name>.controlledDelayConfig | Each attribute in this set specifies an option in the
[ControlledDelay] section of the unit
|
| networking.wireguard.interfaces.<name>.preSetup | Commands called at the start of the interface setup.
|
| networking.sits.<name>.encapsulation.port | Destination port when using UDP encapsulation.
|
| services.synergy.server.screenName | Use the given name instead of the hostname to identify
this screen in the configuration.
|
| users.extraUsers.<name>.openssh.authorizedPrincipals | A list of verbatim principal names that should be added to the user's
authorized principals.
|
| services.avahi.nssmdns4 | Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv4
|
| services.gammu-smsd.backend.sql.database | Database name to store sms data
|
| services.netatalk.extmap | File name extension mappings
|
| virtualisation.libvirtd.nss.enableGuest | This option enables the newer libvirt_guest NSS module
|
| services.slurm.dbdserver.dbdHost | Hostname of the machine where slurmdbd
is running (i.e. name returned by hostname -s).
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| services.varnish.listen.*.group | Group name who owns the socket file.
|
| services.discourse.admin.fullName | The admin user's full name.
|
| services.consul.interface.bind | The name of the interface to pull the bind_addr from.
|
| systemd.network.networks.<name>.stochasticFairBlueConfig | Each attribute in this set specifies an option in the
[StochasticFairBlue] section of the unit
|
| services.factorio.saveName | The name of the savegame that will be used by the server
|
| users.users.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|