| services.athens.index.mysql.database | Database name for the MySQL database.
|
| image.repart.verityStore.partitionIds.esp | Specify the attribute name of the ESP.
|
| swapDevices.*.encrypted.label | Label of the unlocked encrypted device
|
| services.dependency-track.settings."alpine.oidc.teams.claim" | Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint
|
| services.cloudlog.database.user | MySQL user name.
|
| services.youtrack.virtualHost | Name of the nginx virtual host to use and setup
|
| services.nextcloud.config.objectstore.s3.hostname | Required for some non-Amazon implementations.
|
| services.nix-serve.secretKeyFile | The path to the file used for signing derivation data
|
| services.snipe-it.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.syncplay.useACMEHost | If set, use NixOS-generated ACME certificate with the specified name for TLS
|
| services.supybot.plugins | Attribute set of additional plugins that will be symlinked to the
plugin subdirectory
|
| services.prometheus.exporters.pihole.piholeHostname | Hostname or address where to find the Pi-Hole webinterface
|
| services.cjdns.ETHInterface.bind | Bind to this device for native ethernet operation.
all is a pseudo-name which will try to connect to all devices.
|
| services.stargazer.routes.*.route | Route section name
|
| services.netbird.server.signal.domain | The domain name for the signal service.
|
| services.hatsu.settings.HATSU_DOMAIN | The domain name of your instance (eg 'hatsu.local').
|
| services.nextcloud-spreed-signaling.backends | A list of backends from which clients are allowed to connect from
|
| services.coder.database.database | Name of database.
|
| services.misskey.reverseProxy.host | The fully qualified domain name to bind to
|
| services.mqtt2influxdb.influxdb.username | Username for InfluxDB login.
|
| services.ncps.cache.lru.scheduleTimeZone | The name of the timezone to use for the cron schedule
|
| services.gitea.settings.server.DOMAIN | Domain name of your server.
|
| services.pds.settings.PDS_HOSTNAME | Instance hostname (base domain name)
|
| services.prometheus.remoteRead.*.basic_auth.username | HTTP username
|
| services.strongswan-swanctl.swanctl.connections.<name>.fragmentation | Use IKE fragmentation (proprietary IKEv1 extension or RFC 7383 IKEv2
fragmentation)
|
| services.matomo.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.monica.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.akkoma.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.gancio.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.fluidd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.resolved.llmnr | Controls Link-Local Multicast Name Resolution support
(RFC 4795) on the local host
|
| services.writefreely.host | The public host name to serve.
|
| services.sanoid.datasets.<name>.process_children_only | Whether to only snapshot child datasets if recursing.
|
| services.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| services.firezone.server.provision.accounts.<name>.features.self_hosted_relays | Whether to enable the self_hosted_relays feature for this account.
|
| services.restic.server.privateRepos | Enable private repos
|
| services.nullmailer.config.defaultdomain | The content of this attribute is appended to any host name that
does not contain a period (except localhost), including defaulthost
and idhost
|
| services.multipath.devices.*.prio | The name of the path priority routine
|
| services.gammu-smsd.backend.sql.database | Database name to store sms data
|
| services.cadvisor.storageDriverDb | Cadvisord storage driver database name.
|
| services.minetest-server.world | Name of the world to use
|
| services.bitwarden-directory-connector-cli.ldap.username | The user to authenticate as.
|
| services.mastodon.user | User under which mastodon runs
|
| services.tailscale.derper.domain | Domain name under which the derper server is reachable.
|
| services.prometheus.remoteWrite.*.basic_auth.username | HTTP username
|
| services.bitwarden-directory-connector-cli.ldap.hostname | The host the LDAP is accessible on.
|
| services.slurm.controlMachine | The short hostname of the machine where SLURM control functions are
executed (i.e. the name returned by the command "hostname -s", use "tux001"
rather than "tux001.my.com").
|
| image.repart.verityStore.partitionIds.store | Specify the attribute name of the store partition.
|
| services.multipath.pathGroups.*.alias | The name of the multipath device
|
| programs.regreet.cursorTheme.package | The package that provides the cursor theme given in the name option.
|
| services.prometheus.exporters.py-air-control.deviceHostname | The hostname of the air purification device from which to scrape the metrics.
|
| services.xserver.xrandrHeads.*.output | The output name of the monitor, as shown by
xrandr(1) invoked without arguments.
|
| services.portunus.ldap.searchUserName | The login name of the search user
|
| services.knot-resolver.enable | Whether to enable knot-resolver (version 6) domain name server
|
| users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| services.cntlm.netbios_hostname | The hostname of your machine.
|
| services.multipath.pathGroups.*.array | The DNS name of the storage array
|
| services.matrix-synapse.settings.listeners.*.resources.*.names | List of resources to host on this listener.
|
| hardware.firmware | List of packages containing firmware files
|
| services.dependency-track.settings."alpine.database.username" | Specifies the username to use when authenticating to the database.
|
| services.athens.storage.mongo.defaultDBName | Name of the mongo database.
|
| services.vault-agent.instances | Attribute set of vault-agent instances
|
| services.traefik.environmentFiles | Files to load as an environment file just before Traefik starts
|
| services.gitlab.registry.serviceName | GitLab container registry service name.
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_email_domains | List of email domains to allow access to this vhost, or null to allow all.
|
| services.tailscale.authKeyFile | A file containing the auth key
|
| services.nominatim.enable | Whether to enable nominatim
|
| services.icingaweb2.pool | Name of existing PHP-FPM pool that is used to run Icingaweb2
|
| nixpkgs.flake.source | The path to the nixpkgs sources used to build the system
|
| services.openvscode-server.host | The host name or IP address the server should listen to.
|
| services.acme-dns.settings.general.domain | Domain name to serve the requests off of.
|
| services.unpoller.unifi.defaults.user | Unifi service user name.
|
| services.gancio.settings.db.database | Name of the PostgreSQL database
|
| services.prometheus.exporters.nextcloud.username | Username for connecting to Nextcloud
|
| services.slurm.dbdserver.storageUser | Database user name.
|
| services.rustus.storage.s3_region | S3 region name.
|
| services.radicle.privateKeyFile | Absolute file path to an SSH private key,
usually generated by rad auth
|
| services.samba.winbindd.enable | Whether to enable Samba's winbindd, which provides a number of services
to the Name Service Switch capability found in most modern C libraries,
to arbitrary applications via PAM and ntlm_auth and to Samba itself.
|
| services.roundcube.enable | Whether to enable roundcube
|
| services.victoriatraces.basicAuthUsername | Basic Auth username used to protect VictoriaTraces instance by authorization
|
| services.hickory-dns.settings.zones.*.zone | Zone name, like "example.com", "localhost", or "0.0.127.in-addr.arpa".
|
| services.nextcloud.settings.mail_smtpname | This depends on mail_smtpauth
|
| services.trilium-server.instanceName | Instance name used to distinguish between different instances
|
| services.buildbot-worker.adminMessage | Name of the administrator of this worker
|
| services.postfix.networksStyle | Name of standard way of trusted network specification to use,
leave blank if you specify it explicitly or if you want to use
default (localhost-only).
|
| users.mysql.pam.statusColumn | The name of the column or an SQL expression that indicates the status of
the user
|
| services.httpd.customLogFormat | Defines a custom Apache HTTPD access log format string
|
| services.gotify.stateDirectoryName | The name of the directory below /var/lib where
gotify stores its runtime data.
|
| programs.kubeswitch.commandName | The name of the command to use
|
| services.prometheus.scrapeConfigs.*.basic_auth.username | HTTP username
|
| services.prometheus.scrapeConfigs.*.label_name_length_limit | Per-scrape limit on length of labels name that will be accepted for a sample
|
| services.samba.usershares.group | Name of the group members of which will be allowed to create usershares
|
| services.bacula-sd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-fd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| security.doas.extraRules.*.setEnv | Keep or set the specified variables
|
| services.lavalink.plugins.*.configName | The name of the plugin to use as the key for the plugin configuration.
|
| services.nextcloud.autoUpdateApps.startAt | When to run the update
|
| services.outline.storage.uploadBucketName | Name of the bucket where uploads should be stored.
|
| services.vikunja.database.database | Database name.
|
| services.bacula-dir.tls.allowedCN | Common name attribute of allowed peer certificates
|