| services.xserver.displayManager.lightdm.greeters.gtk.indicators | List of allowed indicator modules to use for the lightdm gtk
greeter panel
|
| services.prometheus.exporters.php-fpm.user | User name under which the php-fpm exporter shall be run.
|
| hardware.fw-fanctrl.config.strategies.<name>.fanSpeedUpdateFrequency | How often the fan speed should be updated in seconds
|
| networking.wireless.networks.<name>.priority | By default, all networks will get same priority group (0)
|
| services.thanos.query.web.prefix-header | Name of HTTP request header used for dynamic prefixing of UI links and
redirects
|
| services.anuko-time-tracker.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.athens.singleFlight.redisSentinel.masterName | Name of the sentinel master server.
|
| hardware.nvidia-container-toolkit.enable-hooks | List of hooks to enable when generating the CDI specification
|
| services.sanoid.datasets.<name>.force_post_snapshot_script | Whether to run the post script if the pre script fails
|
| networking.openconnect.interfaces.<name>.protocol | Protocol to use.
|
| services.athens.storage.azureblob.accountName | Account name for the Azure Blob storage backend.
|
| virtualisation.fileSystems.<name>.overlay.workdir | The path to the workdir
|
| virtualisation.credentials.<name>.text | Text content of the credential
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type | The type of operation to perform on the file
|
| networking.sits.<name>.encapsulation.type | Select the encapsulation type:
-
6in4: the IPv6 packets are encapsulated using the
6in4 protocol (formerly known as SIT, RFC 4213);
-
gue: the IPv6 packets are encapsulated in UDP packets
using the Generic UDP Encapsulation (GUE) scheme;
-
foo: the IPv6 packets are encapsulated in UDP packets
using the Foo over UDP (FOU) scheme.
|
| console.font | The font used for the virtual consoles
|
| boot.iscsi-initiator.target | Name of the iSCSI target to boot from.
|
| services.jirafeau.nginxConfig.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.homebridge.uiSettings.log.service | Name of the systemd service to log to
|
| hardware.fw-fanctrl.config.strategies.<name>.movingAverageInterval | Interval (seconds) of the last temperatures to use to calculate the average temperature
|
| virtualisation.fileSystems.<name>.device | The device as passed to mount
|
| services.tarsnap.keyfile | The keyfile which associates this machine with your tarsnap
account
|
| services.prometheus.exporters.dmarc.user | User name under which the dmarc exporter shall be run.
|
| services.prometheus.exporters.jitsi.user | User name under which the jitsi exporter shall be run.
|
| services.prometheus.exporters.fritz.user | User name under which the fritz exporter shall be run.
|
| services.prometheus.exporters.kafka.user | User name under which the kafka exporter shall be run.
|
| services.prometheus.exporters.idrac.user | User name under which the idrac exporter shall be run.
|
| services.prometheus.exporters.nginx.user | User name under which the nginx exporter shall be run.
|
| services.prometheus.exporters.v2ray.user | User name under which the v2ray exporter shall be run.
|
| services.prometheus.exporters.redis.user | User name under which the redis exporter shall be run.
|
| systemd.network.networks.<name>.fairQueueingControlledDelayConfig | Each attribute in this set specifies an option in the
[FairQueueingControlledDelay] section of the unit
|
| services.prometheus.exporters.zfs.pools | Name of the pool(s) to collect, repeat for multiple pools (default: all pools).
|
| services.nextcloud-spreed-signaling.hostName | The host name to bind the nginx virtual host to, if
config.services.nextcloud-spreed-signaling.configureNginx is set to true.
|
| services.gmediarender.friendlyName | A "friendly name" for identifying the endpoint.
|
| services.unpoller.unifi.controllers.*.user | Unifi service user name.
|
| services.journaldriver.logName | Configures the name of the target log in Stackdriver Logging
|
| services.bookstack.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.archisteamfarm.bots | Bots name and configuration.
|
| services.resolved.settings.Resolve.Domains | List of search domains used to complete unqualified name lookups.
|
| networking.supplicant.<name>.userControlled.enable | Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli
|
| services.hockeypuck.settings | Configuration file for hockeypuck, here you can override
certain settings (loglevel and
openpgp.db.dsn) by just setting those values
|
| services.prometheus.exporters.frr.user | User name under which the frr exporter shall be run
|
| services.sanoid.templates.<name>.force_post_snapshot_script | Whether to run the post script if the pre script fails
|
| networking.networkmanager.ensureProfiles.profiles.<name>.connection.id | This is the name that will be displayed by NetworkManager and GUIs.
|
| networking.ipips.<name>.encapsulation.type | Select the encapsulation type:
-
ipip to create an IPv4 within IPv4 tunnel (RFC 2003).
-
4in6 to create a 4in6 tunnel (RFC 2473);
-
ip6ip6 to create an IPv6 within IPv6 tunnel (RFC 2473);
For encapsulating IPv6 within IPv4 packets, see
the ad-hoc networking.sits option.
|
| services.zabbixWeb.nginx.virtualHost.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.pds.environmentFiles | File to load environment variables from
|
| virtualisation.fileSystems.<name>.encrypted.enable | The block device is backed by an encrypted one, adds this device as a initrd luks entry.
|
| users.extraUsers.<name>.hashedPassword | Specifies the hashed password for the user
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.username | Credentials are used to authenticate the requests to Uyuni API.
|
| virtualisation.fileSystems.<name>.options | Options used to mount the file system
|
| virtualisation.fileSystems.<name>.depends | List of paths that should be mounted before this one
|
| boot.binfmt.registrations.<name>.wrapInterpreterInShell | Whether to wrap the interpreter in a shell script
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.healthchecks.settings.DB_NAME | Database name.
|
| networking.wg-quick.interfaces.<name>.peers.*.presharedKeyFile | File pointing to preshared key as generated by wg genpsk
|
| services.headscale.settings.tls_letsencrypt_hostname | Domain name to request a TLS certificate for.
|
| virtualisation.fileSystems.<name>.neededForBoot | If set, this file system will be mounted in the initial ramdisk
|
| services.home-assistant.extraComponents | List of components that have their dependencies included in the package
|
| services.cassandra.listenAddress | Address or interface to bind to and tell other Cassandra nodes
to connect to
|
| boot.initrd.luks.devices | The encrypted disk that should be opened before the root
filesystem is mounted
|
| users.mysql.pam.logging.msgColumn | The name of the column in the log table to which the description
of the performed operation is stored.
|
| users.mysql.pam.passwordColumn | The name of the column that contains a (encrypted) password string.
|
| hardware.nvidia-container-toolkit.disable-hooks | List of hooks to disable when generating the CDI specification
|
| security.wrappers.<name>.capabilities | A comma-separated list of capability clauses to be given to the
wrapper program
|
| virtualisation.sharedDirectories.<name>.target | The mount point of the directory inside the virtual machine
|
| virtualisation.sharedDirectories.<name>.source | The path of the directory to share, can be a shell variable
|
| services.prometheus.exporters.tibber.user | User name under which the tibber exporter shall be run.
|
| services.prometheus.exporters.pihole.user | User name under which the pihole exporter shall be run.
|
| services.prometheus.exporters.domain.user | User name under which the domain exporter shall be run.
|
| services.prometheus.exporters.statsd.user | User name under which the statsd exporter shall be run.
|
| services.prometheus.exporters.script.user | User name under which the script exporter shall be run.
|
| services.prometheus.exporters.shelly.user | User name under which the shelly exporter shall be run.
|
| services.prometheus.exporters.restic.user | User name under which the restic exporter shall be run.
|
| services.prometheus.exporters.deluge.user | User name under which the deluge exporter shall be run.
|
| services.prometheus.exporters.rspamd.user | User name under which the rspamd exporter shall be run.
|
| services.prometheus.exporters.dnssec.user | User name under which the dnssec exporter shall be run.
|
| services.prometheus.exporters.fastly.user | User name under which the fastly exporter shall be run.
|
| services.prometheus.exporters.mysqld.user | User name under which the mysqld exporter shall be run.
|
| boot.kernelPatches | A list of additional patches to apply to the kernel
|
| services.jirafeau.nginxConfig.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| boot.loader.systemd-boot.windows.<name>.efiDeviceHandle | The device handle of the EFI System Partition (ESP) where the Windows bootloader is
located
|
| systemd.automounts.*.wantedBy | Units that want (i.e. depend on) this unit
|
| security.tpm2.fapi.profileName | Name of the default cryptographic profile chosen from the profile_dir directory.
|
| xdg.portal.config | Sets which portal backend should be used to provide the implementation
for the requested interface
|
| programs.nix-required-mounts.allowedPatterns.<name>.unsafeFollowSymlinks | Whether to enable Instructs the hook to mount the symlink targets as well, when any of
the paths contain symlinks
|
| services.prometheus.exporters.ecoflow.ecoflowDevicesPrettyNamesFile | File must contain one line, example: {"R3300000":"Delta 2","R3400000":"Delta Pro",...}
The key/value map of custom names for your devices
|
| boot.binfmt.registrations.<name>.matchCredentials | Whether to launch with the credentials and security
token of the binary, not the interpreter (e.g. setuid
bit)
|
| services.umami.createPostgresqlDatabase | Whether to automatically create the database for Umami using PostgreSQL
|
| services.firefox-syncserver.database.host | Database host name. localhost is treated specially and inserts
systemd dependencies, other hostnames or IP addresses of the local machine do not.
|
| services.pgmanage.connections | pgmanage requires at least one PostgreSQL server be defined
|
| services.zabbixWeb.nginx.virtualHost.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| networking.wg-quick.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| networking.openconnect.interfaces.<name>.passwordFile | File containing the password to authenticate with
|
| programs.zsh.enable | Whether to configure zsh as an interactive shell
|
| users.mysql.pam.logging.timeColumn | The name of the column in the log table to which the timestamp of the
log entry is stored.
|
| services.prometheus.exporters.nvidia-gpu.user | User name under which the nvidia-gpu exporter shall be run.
|
| networking.wireguard.interfaces.<name>.generatePrivateKeyFile | Automatically generate a private key with
wg genkey, at the privateKeyFile location.
|