| services.matrix-synapse.workers.<name>.worker_listeners | List of ports that this worker should listen on, their purpose and their configuration.
|
| networking.wireguard.interfaces.<name>.preSetup | Commands called at the start of the interface setup.
|
| networking.sits.<name>.encapsulation.port | Destination port when using UDP encapsulation.
|
| services.kresd.enable | Whether to enable knot-resolver (version 5) domain name server
|
| services.wordpress.webserver | Whether to use apache2 or nginx for virtual host management
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.gitlab.registry.host | GitLab container registry host name.
|
| services.baikal.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.snipe-it.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.strongswan-swanctl.swanctl.connections.<name>.if_id_out | XFRM interface ID set on outbound policies/SA, can be overridden by child
config, see there for details
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.pgpkeyserver-lite.hostname | Which hostname to set the vHost to that is proxying to sks.
|
| services.openafsClient.cellName | Cell name.
|
| services.postgresqlWalReceiver.receivers.<name>.synchronous | Flush the WAL data to disk immediately after it has been received
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| services.bird-lg.frontend.domain | Server name domain suffixes.
|
| containers.<name>.hostAddress | The IPv4 address assigned to the host interface.
(Not used when hostBridge is set.)
|
| users.extraUsers.<name>.openssh.authorizedPrincipals | A list of verbatim principal names that should be added to the user's
authorized principals.
|
| services.shellhub-agent.preferredHostname | Set the device preferred hostname
|
| systemd.user.generators | Definition of systemd generators; see systemd.generator(5)
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.esp_proposals | ESP proposals to offer for the CHILD_SA
|
| systemd.generators | Definition of systemd generators; see systemd.generator(5)
|
| services.suwayomi-server.settings.server.basicAuthUsername | The username value that you have to provide when authenticating.
|
| services.echoip.virtualHost | Name of the nginx virtual host to use and setup
|
| systemd.network.networks.<name>.controlledDelayConfig | Each attribute in this set specifies an option in the
[ControlledDelay] section of the unit
|
| services.powerdns.enable | Whether to enable PowerDNS domain name server.
|
| services.samba.nsswins | Whether to enable WINS NSS (Name Service Switch) plug-in
|
| networking.wireguard.interfaces.<name>.postSetup | Commands called at the end of the interface setup.
|
| networking.interfaces.<name>.ipv4.routes.*.address | IPv4 address of the network.
|
| networking.interfaces.<name>.ipv6.routes.*.address | IPv6 address of the network.
|
| services.prometheus.scrapeConfigs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.dovecot2.group | Dovecot group name.
|
| services.misskey.reverseProxy.webserver.nginx.serverName | Name of this virtual host
|
| networking.fqdn | The fully qualified domain name (FQDN) of this host
|
| services.cachix-agent.profile | Profile name, defaults to 'system' (NixOS).
|
| services.weblate.localDomain | The domain name serving your Weblate instance.
|
| services.nvme-rs.settings.email.smtp_username | SMTP username
|
| boot.loader.systemd-boot.windows.<name>.efiDeviceHandle | The device handle of the EFI System Partition (ESP) where the Windows bootloader is
located
|
| programs.zsh.ohMyZsh.theme | Name of the theme to be used by oh-my-zsh.
|
| systemd.network.networks.<name>.stochasticFairBlueConfig | Each attribute in this set specifies an option in the
[StochasticFairBlue] section of the unit
|
| networking.wireguard.interfaces.<name>.metric | Set the metric of routes related to this Wireguard interface.
|
| containers.<name>.hostAddress6 | The IPv6 address assigned to the host interface.
(Not used when hostBridge is set.)
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.type | The type of the listener, usually http.
|
| virtualisation.fileSystems.<name>.noCheck | Disable running fsck on this filesystem.
|
| networking.wg-quick.interfaces.<name>.peers.*.endpoint | Endpoint IP or hostname of the peer, followed by a colon,
and then a port number of the peer.
|
| containers.<name>.tmpfs | Mounts a set of tmpfs file systems into the container
|
| networking.sits.<name>.encapsulation | Configures the type of encapsulation.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.port | The port to listen for HTTP(S) requests on.
|
| programs.tsmClient.servers.<name>.tcpserveraddress | Host/domain name or IP address of the IBM TSM server.
|
| services.oidentd.enable | Whether to enable ‘oidentd’, an implementation of the Ident
protocol (RFC 1413)
|
| services.mqtt2influxdb.mqtt.username | Username used to connect to the MQTT server.
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.age | Delete a file when it reaches a certain age
|
| services.strongswan-swanctl.swanctl.connections.<name>.over_time | Hard IKE_SA lifetime if rekey/reauth does not complete, as time
|
| programs.foot.theme | Theme name
|
| services.spacecookie.settings.hostname | The hostname the service is reachable via
|
| services.bookstack.mail.fromName | Mail "from" name.
|
| services.strongswan-swanctl.swanctl.connections.<name>.aggressive | Enables Aggressive Mode instead of Main Mode with Identity
Protection
|
| fileSystems.<name>.overlay.useStage1BaseDirectories | If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot
|
| services.peertube-runner.instancesToRegister.<name>.registrationTokenFile | Path to a file containing a registration token for the PeerTube instance
|
| services.netbird.enable | Enables backward-compatible NetBird client service
|
| services.openafsServer.cellName | Cell name, this server will serve.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.connections | A list of connection strings of the SQL servers to scrape metrics from
|
| users.users.<name>.hashedPassword | Specifies the hashed password for the user
|
| services.gitlab-runner.services.<name>.authenticationTokenConfigFile | Absolute path to a file containing environment variables used for
gitlab-runner registrations with runner authentication tokens
|
| systemd.network.networks.<name>.hierarchyTokenBucketConfig | Each attribute in this set specifies an option in the
[HierarchyTokenBucket] section of the unit
|
| networking.wireless.networks.<name>.authProtocols | The list of authentication protocols accepted by this network
|
| services.strongswan-swanctl.swanctl.connections.<name>.unique | Connection uniqueness policy to enforce
|
| services.athens.storage.s3.bucket | Bucket name for the S3 storage backend.
|
| services.smokeping.owner | Real name of the owner of the instance
|
| services.cachix-watch-store.cacheName | Cachix binary cache name
|
| services.weechat.sessionName | Name of the screen session for weechat.
|
| boot.binfmt.registrations.<name>.preserveArgvZero | Whether to pass the original argv[0] to the interpreter
|
| programs.nix-required-mounts.allowedPatterns.<name>.onFeatures | Which requiredSystemFeatures should trigger relaxation of the sandbox
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| virtualisation.oci-containers.containers.<name>.login.username | Username for login.
|
| users.users.<name>.password | Specifies the (clear text) password for the user
|
| services.rss-bridge.virtualHost | Name of the nginx or caddy virtualhost to use and setup
|
| services.netatalk.extmap | File name extension mappings
|
| services.gitlab.databaseName | GitLab database name.
|
| networking.interfaces.<name>.ipv6.addresses | List of IPv6 addresses that will be statically assigned to the interface.
|
| networking.interfaces.<name>.ipv4.addresses | List of IPv4 addresses that will be statically assigned to the interface.
|
| virtualisation.fileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| virtualisation.oci-containers.containers.<name>.hostname | The hostname of the container.
|
| services.headscale.settings.dns.nameservers.global | List of nameservers to pass to Tailscale clients.
|
| services.matomo.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.monica.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.akkoma.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.gancio.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.fluidd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| hardware.nvidia-container-toolkit.device-name-strategy | Specify the strategy for generating device names,
passed to nvidia-ctk cdi generate
|
| boot.binfmt.registrations.<name>.magicOrExtension | The magic number or extension to match on.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote_port | Remote UDP port for IKE communication
|
| services.dependency-track.database.username | Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned
|
| systemd.network.networks.<name>.trivialLinkEqualizerConfig | Each attribute in this set specifies an option in the
[TrivialLinkEqualizer] section of the unit
|
| services.smokeping.user | User that runs smokeping and (optionally) thttpd
|
| services.davfs2.davGroup | The group of the running mount.davfs daemon
|
| services.alerta.databaseName | Name of the database instance to connect to
|
| networking.interfaces.<name>.ipv6.routes.*.type | Type of the route
|
| networking.interfaces.<name>.ipv4.routes.*.type | Type of the route
|