| services.weblate.localDomain | The domain name serving your Weblate instance.
|
| services.postgresqlWalReceiver.receivers.<name>.postgresqlPackage | The postgresql package to use.
|
| virtualisation.oci-containers.containers.<name>.pull | Image pull policy for the container
|
| services.prometheus.exporters.imap-mailstat.accounts.<name>.starttls | set to true for using STARTTLS to start a TLS connection
|
| services.pantalaimon-headless.instances.<name>.homeserver | The URI of the homeserver that the pantalaimon proxy should
forward requests to, without the matrix API path but including
the http(s) schema.
|
| services.kanidm.provision.systems.oauth2.<name>.allowInsecureClientDisablePkce | Disable PKCE on this oauth2 resource server to work around insecure clients
that may not support it
|
| services.influxdb2.provision.organizations.<name>.present | Whether to ensure that this organization is present or absent.
|
| services.peertube-runner.instancesToRegister.<name>.runnerDescription | Runner description declared to the PeerTube instance.
|
| services.postgresqlWalReceiver.receivers.<name>.environment | Environment variables passed to the service
|
| services.authelia.instances.<name>.settings.telemetry.metrics.address | The address to listen on for metrics
|
| services.limesurvey.nginx.virtualHost.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.onlyoffice.hostname | FQDN for the OnlyOffice instance.
|
| services.paperless.passwordFile | A file containing the superuser password
|
| virtualisation.oci-containers.containers.<name>.labels | Labels to attach to the container at runtime.
|
| services.strongswan-swanctl.swanctl.authorities.<name>.crl_uris | List of CRL distribution points (ldap, http, or file URI)
|
| services.pgadmin.emailServer.username | SMTP server username for email delivery
|
| services.openafsServer.cellName | Cell name, this server will serve.
|
| services.smokeping.owner | Real name of the owner of the instance
|
| services.gitlab.databaseName | GitLab database name.
|
| services.echoip.virtualHost | Name of the nginx virtual host to use and setup
|
| services.dawarich.user | User under which dawarich runs
|
| services.cachix-watch-store.cacheName | Cachix binary cache name
|
| services.weechat.sessionName | Name of the screen session for weechat.
|
| services.znc.confOptions.userName | The user name used to log in to the ZNC web admin interface.
|
| users.extraUsers.<name>.initialHashedPassword | Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist
|
| services.discourse.admin.username | The admin user username.
|
| services.postgresqlWalReceiver.receivers.<name>.statusInterval | Specifies the number of seconds between status packets sent back to the server
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.vikunja.frontendHostname | The Hostname under which the frontend is running.
|
| services.mautrix-meta.instances.<name>.registrationServiceUnit | The registration service that generates the registration file
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.filters.*.name | Name of the filter
|
| services.strongswan-swanctl.swanctl.pools.<name>.split_exclude | Address or CIDR subnets
StrongSwan default: []
|
| services.strongswan-swanctl.swanctl.pools.<name>.split_include | Address or CIDR subnets
StrongSwan default: []
|
| services.jirafeau.nginxConfig.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.jirafeau.nginxConfig.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| virtualisation.fileSystems.<name>.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| services.strongswan-swanctl.swanctl.authorities.<name>.ocsp_uris | List of OCSP URIs
|
| services.cassandra.jmxRoles.*.username | Username for JMX
|
| services.nullmailer.config.defaulthost | The content of this attribute is appended to any address that
is missing a host name
|
| services.opendkim.keyPath | The path that opendkim should put its generated private keys into
|
| services.pretalx.nginx.domain | The domain name under which to set up the virtual host.
|
| services.bitlbee.hostName | Normally, BitlBee gets a hostname using getsockname()
|
| services.jupyter.user | Name of the user used to run the jupyter service
|
| services.alerta.databaseName | Name of the database instance to connect to
|
| services.varnish.listen.*.group | Group name who owns the socket file.
|
| services.tor.client.onionServices.<name>.clientAuthorizations | Clients' authorizations for a v3 onion service,
as a list of files containing each one private key, in the format:
descriptor:x25519:<base32-private-key>
See torrc manual.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.recommendedUwsgiSettings | Enable recommended uwsgi settings.
|
| services.zabbixWeb.nginx.virtualHost.locations.<name>.recommendedProxySettings | Enable recommended proxy settings.
|
| services.skydns.nameservers | Skydns list of nameservers to forward DNS requests to when not authoritative for a domain.
|
| services.strongswan-swanctl.swanctl.connections.<name>.pull | If the default of yes is used, Mode Config works in pull mode, where the
initiator actively requests a virtual IP
|
| services.syncthing.settings.folders.<name>.ignorePatterns | Syncthing can be configured to ignore certain files in a folder using ignore patterns
|
| services.cloudflared.tunnels.<name>.originRequest.disableChunkedEncoding | Disables chunked transfer encoding
|
| services.prometheus.remoteRead.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| virtualisation.oci-containers.containers.<name>.devices | List of devices to attach to this container.
|
| virtualisation.oci-containers.containers.<name>.podman.user | The user under which the container should run.
|
| virtualisation.oci-containers.containers.<name>.podman | Podman-specific settings in OCI containers
|
| services.postgresqlWalReceiver.receivers.<name>.slot | Require pg_receivewal to use an existing replication slot (see
Section 26.2.6 of the PostgreSQL manual)
|
| virtualisation.oci-containers.containers.<name>.workdir | Override the default working directory for the container.
|
| services.rss-bridge.virtualHost | Name of the nginx or caddy virtualhost to use and setup
|
| services.smokeping.hostName | DNS name for the urls generated in the cgi.
|
| services.netatalk.extmap | File name extension mappings
|
| services.sympa.database.user | Database user
|
| services.ddclient.domains | Domain name(s) to synchronize.
|
| services.gammu-smsd.backend.sql.user | User name used for connection to the database
|
| services.ghostunnel.servers.<name>.disableAuthentication | Disable client authentication, no client certificate will be required.
|
| services.authelia.instances.<name>.environmentVariables | Additional environment variables to provide to authelia
|
| services.matrix-synapse.workers.<name>.worker_listeners | List of ports that this worker should listen on, their purpose and their configuration.
|
| services.icingaweb2.modules.monitoring.transports.<name>.password | Password for the api transport
|
| services.xserver.displayManager.lightdm.greeter.package | The LightDM greeter to login via
|
| services.tor.torsocks.socks5Username | SOCKS5 username
|
| users.users.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.icingaweb2.modules.monitoring.transports.<name>.instance | Assign a icinga instance to this transport
|
| virtualisation.oci-containers.containers.<name>.autoStart | When enabled, the container is automatically started on boot
|
| services.prometheus.remoteWrite.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| networking.networkmanager.unmanaged | List of interfaces that will not be managed by NetworkManager
|
| services.firezone.server.smtp.username | Username to authenticate against the SMTP relay
|
| services.smokeping.user | User that runs smokeping and (optionally) thttpd
|
| services.samba.nmbd.enable | Whether to enable Samba's nmbd, which replies to NetBIOS over IP name
service requests
|
| services.wakapi.database.user | The name of the user to use for Wakapi.
|
| services.vault.storageBackend | The name of the type of storage backend
|
| services.strongswan-swanctl.swanctl.connections.<name>.encap | To enforce UDP encapsulation of ESP packets, the IKE daemon can fake the
NAT detection payloads
|
| services.icingaweb2.modules.monitoring.transports.<name>.resource | SSH identity resource for the remote transport
|
| services.icecream.daemon.hostname | Hostname of the daemon in the icecream infrastructure
|
| services.tlsrpt.reportd.settings.dbname | Path to the sqlite database.
|
| services.microsocks.authUsername | Optional username to use for authentication.
|
| services.strongswan-swanctl.swanctl.connections.<name>.version | IKE major version to use for connection.
- 1 uses IKEv1 aka ISAKMP,
- 2 uses IKEv2.
- A connection using the default of 0 accepts both IKEv1 and IKEv2 as
responder, and initiates the connection actively with IKEv2
|
| hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| virtualisation.oci-containers.containers.<name>.autoRemoveOnStop | Automatically remove the container when it is stopped or killed
|
| virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| services.strongswan-swanctl.swanctl.connections.<name>.local | Section for a local authentication round
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.type | The type of the listener, usually http.
|
| services.cloudflared.tunnels.<name>.originRequest.keepAliveConnections | Maximum number of idle keepalive connections between Tunnel and your origin
|
| services.oidentd.enable | Whether to enable ‘oidentd’, an implementation of the Ident
protocol (RFC 1413)
|
| services.pangolin.baseDomain | Your base fully qualified domain name (without any subdomains).
|
| boot.initrd.secrets | Secrets to append to the initrd
|
| services.gitlab.registry.host | GitLab container registry host name.
|
| services.bird-lg.frontend.domain | Server name domain suffixes.
|
| services.avahi.publish.domain | Whether to announce the locally used domain name for browsing by other hosts.
|
| programs.regreet.font.package | The package that provides the font given in the name option.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.port | The port to listen for HTTP(S) requests on.
|