| services.matomo.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.gancio.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.akkoma.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.fluidd.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.cloudflare-ddns.wafLists | List of WAF IP Lists to manage, in the format account-id/list-name.
(Experimental feature as of cloudflare-ddns 1.14.0).
|
| services.icecream.scheduler.netName | Network name for the icecream scheduler
|
| networking.hostName | The name of the machine
|
| services.portunus.dex.oidcClients | List of OIDC clients
|
| services.slskd.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.movim.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.davis.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.libreswan.policies | A set of policies to apply to the IPsec connections.
The policy name must match the one of connection it needs to apply to.
|
| services.victoriatraces.basicAuthUsername | Basic Auth username used to protect VictoriaTraces instance by authorization
|
| networking.wireguard.interfaces.<name>.interfaceNamespace | The pre-existing network namespace the WireGuard
interface is moved to
|
| services.avahi.nssmdns6 | Whether to enable the mDNS NSS (Name Service Switch) plug-in for IPv6
|
| virtualisation.oci-containers.containers.<name>.autoStart | When enabled, the container is automatically started on boot
|
| networking.nameservers | The list of nameservers
|
| services.sanoid.datasets.<name>.process_children_only | Whether to only snapshot child datasets if recursing.
|
| services.canaille.settings.SERVER_NAME | The domain name on which canaille will be served.
|
| services.prometheus.exporters.nextcloud.username | Username for connecting to Nextcloud
|
| services.stargazer.routes | Routes that Stargazer should server
|
| boot.initrd.secrets | Secrets to append to the initrd
|
| services.filebeat.inputs | Inputs specify how Filebeat locates and processes input data
|
| services.nextcloud.settings.mail_smtpname | This depends on mail_smtpauth
|
| services.athens.index.postgres.database | Database name for the Postgres database.
|
| services.snipe-it.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| services.mautrix-meta.instances | Configuration of multiple mautrix-meta instances.
services.mautrix-meta.instances.facebook and services.mautrix-meta.instances.instagram
come preconfigured with network.mode, appservice.id, bot username, display name and avatar.
|
| services.prometheus.remoteWrite.*.url | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.rke2.charts | Packaged Helm charts that are linked to /var/lib/rancher/rke2/server/static/charts before rke2 starts
|
| virtualisation.oci-containers.containers.<name>.autoRemoveOnStop | Automatically remove the container when it is stopped or killed
|
| services.rutorrent.nginx.enable | Whether to enable nginx virtual host management
|
| programs.regreet.font.package | The package that provides the font given in the name option.
|
| virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| services.firezone.server.provision.accounts.<name>.features.self_hosted_relays | Whether to enable the self_hosted_relays feature for this account.
|
| services.pomerium.useACMEHost | If set, use a NixOS-generated ACME certificate with the specified name
|
| services.lldap.environment | Environment variables passed to the service
|
| containers.<name>.additionalCapabilities | Grant additional capabilities to the container
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.bind_addresses | IP addresses to bind the listener to.
|
| services.dependency-track.nginx.domain | The domain name under which to set up the virtual host.
|
| services.prometheus.scrapeConfigs.*.basic_auth.username | HTTP username
|
| services.anuko-time-tracker.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| users.extraUsers.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| virtualisation.oci-containers.containers.<name>.extraOptions | Extra options for podman run.
|
| services.libvirtd.autoSnapshot.vms | If specified only the list of VMs will be snapshotted else all existing one
|
| services.znc.useLegacyConfig | Whether to propagate the legacy options under
services.znc.confOptions.* to the znc config
|
| virtualisation.oci-containers.containers.<name>.login.registry | Registry where to login to.
|
| users.users.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|
| services.limesurvey.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.<name>
|
| services.onlyoffice.postgresName | The name of database OnlyOffice should use.
|
| services.monica.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.matomo.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.fluidd.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.gancio.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.akkoma.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_email_domains | List of email domains to allow access to this vhost, or null to allow all.
|
| services.icingaweb2.virtualHost | Name of the nginx virtualhost to use and setup
|
| services.multipath.devices.*.product | Regular expression to match the product name
|
| services.zfs.autoSnapshot.flags | Flags to pass to the zfs-auto-snapshot command
|
| services.bookstack.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.moodle.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.nagios.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.subsonic.listenAddress | The host name or IP address on which to bind Subsonic
|
| services.printing.cups-pdf.instances | Permits to raise one or more cups-pdf instances
|
| services.bluesky-pds.settings.PDS_HOSTNAME | Instance hostname (base domain name)
|
| services.pgbackrest.repos | An attribute set of repositories as described in:
https://pgbackrest.org/configuration.html#section-repository
Each repository defaults to set repo-host to the attribute's name
|
| programs.regreet.theme.package | The package that provides the theme given in the name option.
|
| services.umami.settings.TRACKER_SCRIPT_NAME | Allows you to assign a custom name to the tracker script different from the default script.js.
|
| virtualisation.oci-containers.containers.<name>.preRunExtraOptions | Extra options for podman that go before the run argument.
|
| services.prometheus.exporters.fritz.settings.devices.*.hostname | Hostname under which the target device is reachable.
|
| services.prometheus.exporters.fritz.settings.devices.*.username | Username to authenticate with the target device.
|
| services.lasuite-meet.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| virtualisation.oci-containers.containers.<name>.login.passwordFile | Path to file containing password.
|
| services.librenms.database.database | Name of the database on the MySQL/MariaDB server.
|
| services.mobilizon.settings.":mobilizon".":instance".hostname | Your instance's hostname
|
| services.xserver.displayManager.lightdm.greeters.gtk.indicators | List of allowed indicator modules to use for the lightdm gtk
greeter panel
|
| services.oncall.settings.db.conn.kwargs.database | Database name.
|
| services.prometheus.scrapeConfigs.*.label_name_length_limit | Per-scrape limit on length of labels name that will be accepted for a sample
|
| services.zabbixWeb.nginx.virtualHost.http3 | Whether to enable the HTTP/3 protocol
|
| services.transmission.settings.script-torrent-done-filename | Executable to be run at torrent completion.
|
| services.tailscale.interfaceName | The interface name for tunnel traffic
|
| services.thinkfan.sensors.*.query | The query string used to match one or more sensors: can be
a fullpath to the temperature file (single sensor) or a fullpath
to a driver directory (multiple sensors).
When multiple sensors match, the query can be restricted using the
name or indices options.
|
| services.libeufin.nexus.settings.nexus-ebics.HOST_ID | Name of the EBICS host.
|
| virtualisation.fileSystems.<name>.overlay.useStage1BaseDirectories | If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot
|
| services.victoriametrics.basicAuthUsername | Basic Auth username used to protect VictoriaMetrics instance by authorization
|
| networking.wireguard.interfaces.<name>.dynamicEndpointRefreshSeconds | Periodically refresh the endpoint hostname or address for all peers
|
| users.extraUsers.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|
| services.consul.interface.advertise | The name of the interface to pull the advertise_addr from.
|
| services.rsnapshot.extraConfig | rsnapshot configuration option in addition to the defaults from
rsnapshot and this module
|
| services.outline.oidcAuthentication.usernameClaim | Specify which claims to derive user information from
|
| services.documize.stateDirectoryName | The name of the directory below /var/lib/private
where documize runs in and stores, for example, backups.
|
| services.jirafeau.nginxConfig.http3 | Whether to enable the HTTP/3 protocol
|
| networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| services.limesurvey.httpd.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.<name>
|
| services.limesurvey.nginx.virtualHost | Nginx configuration can be done by adapting services.nginx.virtualHosts.<name>
|
| virtualisation.oci-containers.containers.<name>.privileged | Give extended privileges to the container
|
| virtualisation.oci-containers.containers.<name>.entrypoint | Override the default entrypoint of the image.
|
| services.mjolnir.pantalaimon | pantalaimon options (enables E2E Encryption support)
|
| services.borgmatic.configurations.<name>.source_directories | List of source directories and files to backup
|
| virtualisation.oci-containers.containers.<name>.volumes | List of volumes to attach to this container
|