| services.kmonad.keyboards.<name>.device | Path to the keyboard's device file.
|
| services.errbot.instances.<name>.admins | List of identifiers of errbot admins.
|
| services.anubis.instances.<name>.enable | Whether to enable this instance of Anubis.
|
| services.firewalld.zones.<name>.icmpBlocks | ICMP types to block in the zone.
|
| services.davis.nginx.locations.<name>.index | Adds index directive.
|
| services.dokuwiki.sites.<name>.mergedConfig | Read only representation of the final configuration.
|
| services.tlsrpt.reportd.settings.sendmail_script | Path to a sendmail-compatible executable for delivery reports.
|
| security.wrappers.<name>.group | The group of the wrapper program.
|
| security.wrappers.<name>.owner | The owner of the wrapper program.
|
| services.veilid.settings.core.network.routing_table.node_id | Base64-encoded public key for the node, used as the node's ID.
|
| services.slskd.settings.flags.force_share_scan | Force a rescan of shares on every startup.
|
| services.mobilizon.settings.":mobilizon"."Mobilizon.Web.Endpoint".http.port | The port to run the server
|
| users.extraUsers.<name>.subUidRanges.*.startUid | Start of the range of subordinate user ids that user is
allowed to use.
|
| users.extraUsers.<name>.subGidRanges.*.startGid | Start of the range of subordinate group ids that user is
allowed to use.
|
| environment.etc.<name>.text | Text of the file.
|
| services.tahoe.nodes.<name>.client.shares.needed | The number of shares required to reconstitute a file.
|
| systemd.user.services.<name>.conflicts | If the specified units are started, then this unit is stopped
and vice versa.
|
| services.journald.remote.settings.Remote.ServerCertificateFile | A path to a SSL certificate file in PEM format
|
| services.firewalld.settings.IPv6_rpfilter | Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704
|
| services.opkssh.providers.<name>.clientId | OAuth client ID
|
| services.redis.servers.<name>.databases | Set the number of databases.
|
| services.pgbackrest.repos.<name>.sftp-host | SFTP repository host
|
| services.awstats.configs.<name>.hostAliases | List of aliases the site has.
|
| services.bluemap.storage.<name>.storage-type | Type of storage config
|
| services.wordpress.sites.<name>.package | The wordpress package to use.
|
| security.acme.certs.<name>.postRun | Commands to run after new certificates go live
|
| services.nsd.zones.<name>.children | Children zones inherit all options of their parents
|
| services.borgbackup.jobs.<name>.preHook | Shell commands to run before the backup
|
| services.netbird.clients.<name>.config | Additional configuration that exists before the first start and
later overrides the existing values in config.json
|
| services.netbird.tunnels.<name>.config | Additional configuration that exists before the first start and
later overrides the existing values in config.json
|
| services.drupal.sites.<name>.virtualHost.adminAddr | E-mail address of the server administrator.
|
| services.pingvin-share.hostname | The domain name of your instance
|
| services.nginx.virtualHosts.<name>.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.httpd.virtualHosts.<name>.enableACME | Whether to ask Let's Encrypt to sign a certificate for this vhost
|
| services.parsedmarc.settings.general.save_forensic | Save forensic report data to Elasticsearch and/or Splunk.
|
| security.acme.certs.<name>.email | Email address for account creation and correspondence from the CA
|
| services.hercules-ci-agent.settings.concurrentTasks | Number of tasks to perform simultaneously
|
| virtualisation.docker.daemon.settings | Configuration for docker daemon
|
| systemd.user.services.<name>.requiredBy | Units that require (i.e. depend on and need to go down with) this unit
|
| services.mobilizon.settings.":mobilizon"."Mobilizon.Web.Endpoint".http.ip | The IP address to listen on
|
| services.caddy.virtualHosts.<name>.extraConfig | Additional lines of configuration appended to this virtual host in the
automatically generated Caddyfile.
|
| services.neo4j.ssl.policies.<name>.trustAll | Makes this policy trust all remote parties
|
| services.httpd.virtualHosts.<name>.listen | Listen addresses and ports for this virtual host.
This option overrides addSSL, forceSSL and onlySSL
|
| services.jitsi-videobridge.xmppConfigs.<name>.hostName | Hostname of the XMPP server to connect to
|
| boot.initrd.luks.devices.<name>.device | Path of the underlying encrypted block device.
|
| networking.sits.<name>.local | The address of the local endpoint which the remote
side should send packets to.
|
| systemd.services.<name>.enableDefaultPath | Whether to append a minimal default PATH environment variable to the service, containing common system utilities.
|
| services.wstunnel.clients.<name>.addNetBind | Whether to enable Whether add CAP_NET_BIND_SERVICE to the tunnel service, this should be enabled if you want to bind port < 1024.
|
| security.pam.services.<name>.enableAppArmor | Enable support for attaching AppArmor profiles at the
user/group level, e.g., as part of a role based access
control scheme.
|
| services.anubis.instances.<name>.user | The user under which Anubis is run
|
| services.k3s.autoDeployCharts.<name>.version | The version of the Helm chart
|
| services.grafana.provision.alerting.policies.settings.resetPolicies | List of orgIds that should be reset to the default policy.
|
| services.tarsnap.archives.<name>.period | Create archive at this interval
|
| systemd.user.paths.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| systemd.user.paths.<name>.pathConfig | Each attribute in this set specifies an option in the
[Path] section of the unit
|
| services.firewalld.services.<name>.ports | Ports of the service.
|
| services.monica.nginx.locations.<name>.root | Root directory for requests.
|
| services.matomo.nginx.locations.<name>.root | Root directory for requests.
|
| services.snipe-it.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.snipe-it.nginx.locations.<name>.index | Adds index directive.
|
| services.akkoma.nginx.locations.<name>.root | Root directory for requests.
|
| services.gancio.nginx.locations.<name>.root | Root directory for requests.
|
| services.fedimintd.<name>.bitcoin.rpc.kind | Kind of a bitcoin node.
|
| services.fluidd.nginx.locations.<name>.root | Root directory for requests.
|
| services.vdirsyncer.jobs.<name>.enable | Whether to enable this vdirsyncer job.
|
| services.github-runners.<name>.nodeRuntimes | List of Node.js runtimes the runner should support.
|
| services.dokuwiki.sites.<name>.usersFile | Location of the dokuwiki users file
|
| services.livekit.settings.rtc.use_external_ip | When set to true, attempts to discover the host's public IP via STUN
|
| programs.dms-shell.plugins.<name>.src | Source of the plugin package or path
|
| services.gitlab-runner.services.<name>.limit | Limit how many jobs can be handled concurrently by this service.
0 (default) simply means don't limit.
|
| services.nginx.proxyCachePath.<name>.inactive | Cached data that has not been accessed for the time specified by
the inactive parameter is removed from the cache, regardless of
its freshness.
|
| services.searx.limiterSettings | Limiter settings for SearXNG.
|
| systemd.user.timers.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| systemd.user.slices.<name>.upheldBy | Keep this unit running as long as the listed units are running
|
| services.restic.backups.<name>.extraOptions | Extra extended options to be passed to the restic --option flag.
|
| services.awstats.configs.<name>.logFormat | The log format being used
|
| services.znapzend.zetup.<name>.presnap | Command to run before snapshots are taken on the source dataset,
e.g. for database locking/flushing
|
| boot.specialFileSystems.<name>.enable | Whether to enable the filesystem mount.
|
| containers.<name>.bindMounts | An extra list of directories that is bound to the container.
|
| services.kimai.sites.<name>.database.charset | Database charset.
|
| services.udp-over-tcp.tcp2udp.<name>.recvBufferSize | If given, sets the SO_RCVBUF option on the TCP socket to the given number of bytes
|
| services.udp-over-tcp.udp2tcp.<name>.recvBufferSize | If given, sets the SO_RCVBUF option on the TCP socket to the given number of bytes
|
| services.redis.servers.<name>.requirePass | Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
|
| services.udp-over-tcp.tcp2udp.<name>.sendBufferSize | If given, sets the SO_SNDBUF option on the TCP socket to the given number of bytes
|
| services.udp-over-tcp.udp2tcp.<name>.sendBufferSize | If given, sets the SO_SNDBUF option on the TCP socket to the given number of bytes
|
| services.wstunnel.clients.<name>.soMark | Mark network packets with the SO_MARK sockoption with the specified value
|
| services.nextcloud.settings.trusted_domains | Trusted domains, from which the nextcloud installation will be
accessible
|
| services.nextcloud.settings.trusted_proxies | Trusted proxies, to provide if the nextcloud installation is being
proxied to secure against e.g. spoofing.
|
| systemd.paths.<name>.requires | Start the specified units when this unit is started, and stop
this unit when the specified units are stopped or fail.
|
| services.k3s.autoDeployCharts.<name>.values | Override default chart values via Nix expressions
|
| services.neo4j.ssl.policies.<name>.ciphers | Restrict the allowed ciphers of this policy to those defined
here
|
| services.quicktun.<name>.remoteAddress | IP address or hostname of the remote end (use 0.0.0.0 for a floating/dynamic remote endpoint).
|
| services.system76-scheduler.settings.cfsProfiles.default.bandwidth-size | sched_cfs_bandwidth_slice_us.
|
| services.netbird.clients.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.netbird.tunnels.<name>.dir.runtime | A runtime directory used by NetBird client.
|
| services.kanata.keyboards.<name>.extraArgs | Extra command line arguments passed to kanata.
|
| services.wyoming.piper.servers.<name>.enable | Whether to enable Wyoming Piper server.
|
| services.wyoming.piper.servers.<name>.extraArgs | Extra arguments to pass to the server commandline.
|
| services.xserver.displayManager.lightdm.greeters.enso.cursorTheme.name | Name of the cursor theme to use for the lightdm-enso-os-greeter
|
| services.wstunnel.servers.<name>.listen.host | The hostname.
|