| services.mattermost.siteName | Name of this Mattermost site.
|
| services.strongswan-swanctl.swanctl.connections.<name>.mediation_peer | Identity under which the peer is registered at the mediation server, that
is, the IKE identity the other end of this connection uses as its local
identity on its connection to the mediation server
|
| services.shairport-sync.group | Group account name under which to run shairport-sync
|
| services.rspamd.overrides | Overridden configuration files, written into /etc/rspamd/override.d/{name}.
|
| services.matrix-synapse.log | Default configuration for the loggers used by matrix-synapse and its workers
|
| services.discourse.admin.fullName | The admin user's full name.
|
| services.consul.interface.bind | The name of the interface to pull the bind_addr from.
|
| services.autossh.sessions.*.user | Name of the user the AutoSSH session should run as
|
| services.sourcehut.settings."lists.sr.ht".webhooks | The Redis connection used for the webhooks worker.
|
| virtualisation.oci-containers.containers.<name>.login.passwordFile | Path to file containing password.
|
| services.synergy.client.screenName | Use the given name instead of the hostname to identify
ourselves to the server.
|
| services.unpoller.influxdb.db | Database name
|
| services.cloudlog.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.airsonic.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.guacamole-server.host | The host name or IP address the server should listen to.
|
| virtualisation.fileSystems.<name>.overlay.useStage1BaseDirectories | If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot
|
| services.wiki-js.stateDirectoryName | Name of the directory in /var/lib.
|
| networking.wireguard.interfaces.<name>.dynamicEndpointRefreshSeconds | Periodically refresh the endpoint hostname or address for all peers
|
| networking.hostName | The name of the machine
|
| specialisation.<name>.configuration | Arbitrary NixOS configuration
|
| services.synergy.server.screenName | Use the given name instead of the hostname to identify
this screen in the configuration.
|
| networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| services.nix-serve.secretKeyFile | The path to the file used for signing derivation data
|
| services.youtrack.virtualHost | Name of the nginx virtual host to use and setup
|
| networking.dhcpcd.runHook | Shell code that will be run after all other hooks
|
| services.slskd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.movim.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.davis.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.soju.acceptProxyIP | Allow the specified IPs to act as a proxy
|
| services.nextcloud.config.objectstore.s3.hostname | Required for some non-Amazon implementations.
|
| services.lasuite-docs.settings.DB_NAME | Name of the database
|
| services.lasuite-meet.settings.DB_NAME | Name of the database
|
| services.firezone.server.provision.accounts.<name>.features.internet_resource | Whether to enable the internet_resource feature for this account.
|
| services.firezone.server.provision.accounts.<name>.features.policy_conditions | Whether to enable the policy_conditions feature for this account.
|
| services.headscale.settings.dns.nameservers.global | List of nameservers to pass to Tailscale clients.
|
| services.zabbixWeb.nginx.virtualHost | Nginx configuration can be done by adapting services.nginx.virtualHosts.<name>
|
| services.zabbixWeb.httpd.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.<name>
|
| virtualisation.oci-containers.containers.<name>.privileged | Give extended privileges to the container
|
| virtualisation.oci-containers.containers.<name>.entrypoint | Override the default entrypoint of the image.
|
| virtualisation.oci-containers.containers.<name>.volumes | List of volumes to attach to this container
|
| virtualisation.oci-containers.containers.<name>.log-driver | Logging driver for the container
|
| services.slurm.dbdserver.dbdHost | Hostname of the machine where slurmdbd
is running (i.e. name returned by hostname -s).
|
| services.syncplay.useACMEHost | If set, use NixOS-generated ACME certificate with the specified name for TLS
|
| services.supybot.plugins | Attribute set of additional plugins that will be symlinked to the
plugin subdirectory
|
| services.athens.storage.minio.bucket | Bucket name for the minio storage backend.
|
| services.cloudlog.database.user | MySQL user name.
|
| services.prometheus.exporters.pihole.piholeHostname | Hostname or address where to find the Pi-Hole webinterface
|
| services.snipe-it.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.mqtt2influxdb.influxdb.username | Username for InfluxDB login.
|
| services.stargazer.routes.*.route | Route section name
|
| services.sanoid.datasets.<name>.process_children_only | Whether to only snapshot child datasets if recursing.
|
| services.prometheus.remoteRead.*.basic_auth.username | HTTP username
|
| services.athens.index.mysql.database | Database name for the MySQL database.
|
| services.strongswan-swanctl.swanctl.connections.<name>.fragmentation | Use IKE fragmentation (proprietary IKEv1 extension or RFC 7383 IKEv2
fragmentation)
|
| hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| services.nextcloud-spreed-signaling.backends | A list of backends from which clients are allowed to connect from
|
| services.cjdns.ETHInterface.bind | Bind to this device for native ethernet operation.
all is a pseudo-name which will try to connect to all devices.
|
| boot.initrd.secrets | Secrets to append to the initrd
|
| programs.regreet.font.package | The package that provides the font given in the name option.
|
| services.dependency-track.settings."alpine.oidc.teams.claim" | Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint
|
| services.resolved.llmnr | Controls Link-Local Multicast Name Resolution support
(RFC 4795) on the local host
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.bind_addresses | IP addresses to bind the listener to.
|
| services.hatsu.settings.HATSU_DOMAIN | The domain name of your instance (eg 'hatsu.local').
|
| services.cntlm.netbios_hostname | The hostname of your machine.
|
| services.bitwarden-directory-connector-cli.ldap.username | The user to authenticate as.
|
| services.coder.database.database | Name of database.
|
| services.misskey.reverseProxy.host | The fully qualified domain name to bind to
|
| services.prometheus.remoteWrite.*.basic_auth.username | HTTP username
|
| services.writefreely.host | The public host name to serve.
|
| services.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| services.bitwarden-directory-connector-cli.ldap.hostname | The host the LDAP is accessible on.
|
| services.netbird.server.signal.domain | The domain name for the signal service.
|
| virtualisation.oci-containers.containers.<name>.environment | Environment variables to set for this container.
|
| services.pds.settings.PDS_HOSTNAME | Instance hostname (base domain name)
|
| services.mastodon.user | User under which mastodon runs
|
| services.matomo.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.monica.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.akkoma.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.gancio.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.fluidd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.minetest-server.world | Name of the world to use
|
| services.multipath.devices.*.prio | The name of the path priority routine
|
| services.cadvisor.storageDriverDb | Cadvisord storage driver database name.
|
| services.victoriatraces.basicAuthUsername | Basic Auth username used to protect VictoriaTraces instance by authorization
|
| services.ncps.cache.lru.scheduleTimeZone | The name of the timezone to use for the cron schedule
|
| services.gitea.settings.server.DOMAIN | Domain name of your server.
|
| services.matrix-synapse.settings.listeners.*.resources.*.names | List of resources to host on this listener.
|
| services.slurm.controlMachine | The short hostname of the machine where SLURM control functions are
executed (i.e. the name returned by the command "hostname -s", use "tux001"
rather than "tux001.my.com").
|
| services.firezone.server.provision.accounts.<name>.features.self_hosted_relays | Whether to enable the self_hosted_relays feature for this account.
|
| services.restic.server.privateRepos | Enable private repos
|
| services.icingaweb2.pool | Name of existing PHP-FPM pool that is used to run Icingaweb2
|
| services.multipath.pathGroups.*.alias | The name of the multipath device
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshSeconds | Periodically re-execute the wg utility every
this many seconds in order to let WireGuard notice DNS / hostname
changes
|
| services.prometheus.exporters.py-air-control.deviceHostname | The hostname of the air purification device from which to scrape the metrics.
|
| services.nullmailer.config.defaultdomain | The content of this attribute is appended to any host name that
does not contain a period (except localhost), including defaulthost
and idhost
|
| services.knot-resolver.enable | Whether to enable knot-resolver (version 6) domain name server
|
| services.xserver.xrandrHeads.*.output | The output name of the monitor, as shown by
xrandr(1) invoked without arguments.
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_email_domains | List of email domains to allow access to this vhost, or null to allow all.
|
| services.tailscale.derper.domain | Domain name under which the derper server is reachable.
|
| programs.regreet.theme.package | The package that provides the theme given in the name option.
|