| services.monica.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.akkoma.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.gancio.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.fluidd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.vault-agent.instances | Attribute set of vault-agent instances
|
| services.restic.server.privateRepos | Enable private repos
|
| programs.regreet.theme.package | The package that provides the theme given in the name option.
|
| virtualisation.oci-containers.containers.<name>.labels | Labels to attach to the container at runtime.
|
| services.nominatim.enable | Whether to enable nominatim
|
| services.tailscale.derper.domain | Domain name under which the derper server is reachable.
|
| services.openvscode-server.host | The host name or IP address the server should listen to.
|
| services.gitea.settings.server.DOMAIN | Domain name of your server.
|
| services.prometheus.exporters.mqtt.mqttUsername | Username which should be used to authenticate against the MQTT broker.
|
| services.strongswan-swanctl.swanctl.connections.<name>.childless | Use childless IKE_SA initiation (allow, prefer, force or never)
|
| services.sanoid.templates.<name>.post_snapshot_script | Script to run after taking snapshot.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.resources.*.compress | Whether synapse should compress HTTP responses to clients that support it
|
| services.ncps.cache.lru.scheduleTimeZone | The name of the timezone to use for the cron schedule
|
| networking.wireguard.interfaces.<name>.peers.*.presharedKeyFile | File pointing to preshared key as generated by wg genpsk
|
| services.radicle.privateKeyFile | Absolute file path to an SSH private key,
usually generated by rad auth
|
| services.roundcube.enable | Whether to enable roundcube
|
| services._3proxy.resolution | Use this option to configure name resolution and DNS caching.
|
| swapDevices.*.encrypted.label | Label of the unlocked encrypted device
|
| services.trilium-server.instanceName | Instance name used to distinguish between different instances
|
| services.buildbot-worker.adminMessage | Name of the administrator of this worker
|
| services.postfix.networksStyle | Name of standard way of trusted network specification to use,
leave blank if you specify it explicitly or if you want to use
default (localhost-only).
|
| services.portunus.ldap.searchUserName | The login name of the search user
|
| services.authelia.instances.<name>.settings.default_2fa_method | Default 2FA method for new users and fallback for preferred but disabled methods.
|
| services.suwayomi-server.settings.server.basicAuthUsername | The username value that you have to provide when authenticating.
|
| services.httpd.customLogFormat | Defines a custom Apache HTTPD access log format string
|
| services.gotify.stateDirectoryName | The name of the directory below /var/lib where
gotify stores its runtime data.
|
| services.gammu-smsd.backend.sql.database | Database name to store sms data
|
| services.nvme-rs.settings.email.smtp_username | SMTP username
|
| services.gitlab.registry.serviceName | GitLab container registry service name.
|
| virtualisation.fileSystems.<name>.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| users.users.<name>.initialHashedPassword | Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist
|
| virtualisation.oci-containers.containers.<name>.devices | List of devices to attach to this container.
|
| virtualisation.oci-containers.containers.<name>.podman.user | The user under which the container should run.
|
| services.dependency-track.database.username | Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned
|
| services.strongswan-swanctl.swanctl.connections.<name>.proposals | A proposal is a set of algorithms
|
| virtualisation.oci-containers.containers.<name>.podman | Podman-specific settings in OCI containers
|
| services.influxdb2.provision.initialSetup.username | Primary username
|
| virtualisation.oci-containers.containers.<name>.workdir | Override the default working directory for the container.
|
| services.prometheus.exporters.dmarc.imap.username | Login username for the IMAP connection.
|
| services.strongswan-swanctl.swanctl.connections.<name>.mediation_peer | Identity under which the peer is registered at the mediation server, that
is, the IKE identity the other end of this connection uses as its local
identity on its connection to the mediation server
|
| services.lavalink.plugins.*.configName | The name of the plugin to use as the key for the plugin configuration.
|
| services.slurm.dbdserver.storageUser | Database user name.
|
| services.rustus.storage.s3_region | S3 region name.
|
| networking.wireguard.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| services.samba.winbindd.enable | Whether to enable Samba's winbindd, which provides a number of services
to the Name Service Switch capability found in most modern C libraries,
to arbitrary applications via PAM and ntlm_auth and to Samba itself.
|
| services.hickory-dns.settings.zones.*.zone | Zone name, like "example.com", "localhost", or "0.0.127.in-addr.arpa".
|
| virtualisation.oci-containers.containers.<name>.autoStart | When enabled, the container is automatically started on boot
|
| users.extraUsers.<name>.password | Specifies the (clear text) password for the user
|
| services.prometheus.remoteRead.*.url | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| networking.wireguard.interfaces.<name>.interfaceNamespace | The pre-existing network namespace the WireGuard
interface is moved to
|
| services.rosenpass.defaultDevice | Name of the network interface to use for all peers by default.
|
| networking.nameservers | The list of nameservers
|
| services.athens.storage.mongo.defaultDBName | Name of the mongo database.
|
| services.cassandra.clusterName | The name of the cluster
|
| virtualisation.oci-containers.containers.<name>.autoRemoveOnStop | Automatically remove the container when it is stopped or killed
|
| services.thinkfan.fans.*.query | The query string used to match one or more fans: can be
a fullpath to the temperature file (single fan) or a fullpath
to a driver directory (multiple fans).
When multiple fans match, the query can be restricted using the
name or indices options.
|
| virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| services.sanoid.datasets.<name>.process_children_only | Whether to only snapshot child datasets if recursing.
|
| services.suricata.settings.logging.outputs.file.filename | Filename of the logfile.
|
| services.multipath.devices.*.vendor | Regular expression to match the vendor name
|
| services.acme-dns.settings.general.domain | Domain name to serve the requests off of.
|
| services.unpoller.unifi.defaults.user | Unifi service user name.
|
| services.caddy.adapter | Name of the config adapter to use
|
| users.extraUsers.<name>.initialHashedPassword | Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist
|
| services.gancio.settings.db.database | Name of the PostgreSQL database
|
| programs.regreet.iconTheme.package | The package that provides the icon theme given in the name option.
|
| services.samba.usershares.group | Name of the group members of which will be allowed to create usershares
|
| services.icingaweb2.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.btrbk.extraPackages | Extra packages for btrbk, like compression utilities for stream_compress.
Note: This option will get deprecated in future releases
|
| services.linux-enable-ir-emitter.device | IR camera device to depend on
|
| virtualisation.oci-containers.containers.<name>.extraOptions | Extra options for podman run.
|
| services.outline.storage.uploadBucketName | Name of the bucket where uploads should be stored.
|
| services.mysql.ensureUsers | Ensures that the specified users exist and have at least the ensured permissions
|
| services.vikunja.database.database | Database name.
|
| services.bacula-sd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-fd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.cloudflare-ddns.wafLists | List of WAF IP Lists to manage, in the format account-id/list-name.
(Experimental feature as of cloudflare-ddns 1.14.0).
|
| services.libreswan.policies | A set of policies to apply to the IPsec connections.
The policy name must match the one of connection it needs to apply to.
|
| services.borgbackup.jobs | Deduplicating backups using BorgBackup
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.bind_addresses | IP addresses to bind the listener to.
|
| services.prometheus.remoteWrite.*.url | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.bacula-dir.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.windmill.database.urlPath | Path to the file containing the database url windmill should connect to
|
| services.cntlm.netbios_hostname | The hostname of your machine.
|
| services.firezone.server.provision.accounts.<name>.features.internet_resource | Whether to enable the internet_resource feature for this account.
|
| services.firezone.server.provision.accounts.<name>.features.policy_conditions | Whether to enable the policy_conditions feature for this account.
|
| services.pcscd.ignoreReaderNames | List of reader name patterns for the PCSC daemon to ignore
|
| services.slskd.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.movim.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.davis.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.mqtt2influxdb.influxdb.username | Username for InfluxDB login.
|
| services.mautrix-meta.instances | Configuration of multiple mautrix-meta instances.
services.mautrix-meta.instances.facebook and services.mautrix-meta.instances.instagram
come preconfigured with network.mode, appservice.id, bot username, display name and avatar.
|
| services.prometheus.scrapeConfigs.*.label_name_length_limit | Per-scrape limit on length of labels name that will be accepted for a sample
|
| services.ntopng.redis.createInstance | Local Redis instance name
|
| services.lldap.environment | Environment variables passed to the service
|
| services.prometheus.remoteRead.*.basic_auth.username | HTTP username
|