| services.logrotate.settings | logrotate freeform settings: each attribute here will define its own section,
ordered by services.logrotate.settings.<name>.priority,
which can either define files to rotate with their settings
or settings common to all further files settings
|
| services.tabby.model | Specify the model that tabby will use to generate completions
|
| services.jirafeau.nginxConfig.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.prometheus.exporters.process.settings.process_names | All settings expressed as an Nix attrset
|
| services.prometheus.exporters.nvidia-gpu.user | User name under which the nvidia-gpu exporter shall be run.
|
| containers.<name>.privateUsers | Whether to give the container its own private UIDs/GIDs space (user namespacing)
|
| services.bookstack.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.unpoller.unifi.controllers.*.user | Unifi service user name.
|
| virtualisation.oci-containers.containers.<name>.imageStream | Path to a script that streams the desired image on standard output
|
| services.prometheus.exporters.ecoflow.ecoflowDevicesPrettyNamesFile | File must contain one line, example: {"R3300000":"Delta 2","R3400000":"Delta Pro",...}
The key/value map of custom names for your devices
|
| users.mysql.pam.statusColumn | The name of the column or an SQL expression that indicates the status of
the user
|
| virtualisation.oci-containers.containers.<name>.environmentFiles | Environment files for this container.
|
| networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| image.repart.verityStore.partitionIds.store | Specify the attribute name of the store partition.
|
| services.prometheus.exporters.bitcoin.rpcUser | RPC user name.
|
| services.prometheus.exporters.unbound.user | User name under which the unbound exporter shall be run.
|
| services.prometheus.exporters.klipper.user | User name under which the klipper exporter shall be run.
|
| services.prometheus.exporters.dnsmasq.user | User name under which the dnsmasq exporter shall be run.
|
| services.prometheus.exporters.systemd.user | User name under which the systemd exporter shall be run.
|
| services.prometheus.exporters.libvirt.user | User name under which the libvirt exporter shall be run.
|
| services.prometheus.exporters.varnish.user | User name under which the varnish exporter shall be run.
|
| services.prometheus.exporters.apcupsd.user | User name under which the apcupsd exporter shall be run.
|
| services.prometheus.exporters.process.user | User name under which the process exporter shall be run.
|
| services.prometheus.exporters.dovecot.user | User name under which the dovecot exporter shall be run.
|
| services.prometheus.exporters.sabnzbd.user | User name under which the sabnzbd exporter shall be run.
|
| services.prometheus.exporters.postfix.user | User name under which the postfix exporter shall be run.
|
| services.prometheus.exporters.bitcoin.user | User name under which the bitcoin exporter shall be run.
|
| services.prometheus.exporters.mongodb.user | User name under which the mongodb exporter shall be run.
|
| services.prometheus.exporters.ecoflow.user | User name under which the ecoflow exporter shall be run.
|
| services.mediawiki.httpd.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.prometheus.scrapeConfigs.*.azure_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| specialisation.<name>.inheritParentConfig | Include the entire system's configuration
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshRestartSeconds | When the dynamic endpoint refresh that is configured via
dynamicEndpointRefreshSeconds exits (likely due to a failure),
restart that service after this many seconds
|
| services.libeufin.nexus.settings.nexus-ebics.BANK_DIALECT | Name of the following combination: EBICS version and ISO20022
recommendations that Nexus would honor in the communication with the
bank
|
| services.healthchecks.settings.DB_NAME | Database name.
|
| nixpkgs.flake.source | The path to the nixpkgs sources used to build the system
|
| services.metricbeat.modules | Metricbeat modules are responsible for reading metrics from the various sources
|
| services.limesurvey.nginx.virtualHost.http3 | Whether to enable the HTTP/3 protocol
|
| services.anubis.defaultOptions.settings.POLICY_FNAME | The policy file to use
|
| services._3proxy.resolution.nscache6 | Set name cache size for IPv6.
|
| containers | A set of NixOS system configurations to be run as lightweight
containers
|
| services.jirafeau.nginxConfig.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.journald.upload.settings.Upload.ServerKeyFile | SSL key in PEM format
|
| services.pufferpanel.environment | Environment variables to set for the service
|
| services.athens.storage.azureblob.containerName | Container name for the Azure Blob storage backend.
|
| users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| programs.regreet.cursorTheme.package | The package that provides the cursor theme given in the name option.
|
| services.public-inbox.settings.publicinbox.css | The local path name of a CSS file for the PSGI web interface.
|
| swapDevices.*.encrypted.label | Label of the unlocked encrypted device
|
| services._3proxy.resolution.nserver | List of nameservers to use
|
| virtualisation.oci-containers.containers.<name>.ports | Network ports to publish from the container to the outer host
|
| virtualisation.sharedDirectories.<name>.securityModel | The security model to use for this share:
passthrough: files are stored using the same credentials as they are created on the guest (this requires QEMU to run as root)mapped-xattr: some of the file attributes like uid, gid, mode bits and link target are stored as file attributesmapped-file: the attributes are stored in the hidden .virtfs_metadata directory
|
| services.postgresql.ensureUsers | Ensures that the specified users exist
|
| services.prometheus.exporters.py-air-control.user | User name under which the py-air-control exporter shall be run.
|
| services.postfixadmin.enable | Whether to enable postfixadmin
|
| services.biboumi.settings.realname_from_jid | Whether the realname and username of each biboumi
user will be extracted from their JID
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.anubis.defaultOptions.settings.SERVE_ROBOTS_TXT | Whether to serve a default robots.txt that denies access to common AI bots by name and all other
bots by wildcard.
|
| services.sourcehut.hg.postgresql.database | PostgreSQL database name for the hg.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.suricata.settings.unix-command | Unix command socket that can be used to pass commands to Suricata
|
| containers.<name>.networkNamespace | Takes the path to a file representing a kernel network namespace that the container
shall run in
|
| services.miniupnpd.externalInterface | Name of the external interface.
|
| services.certspotter.watchlist | Domain names to watch
|
| services.prometheus.scrapeConfigs.*.dns_sd_configs.*.names | A list of DNS SRV record names to be queried.
|
| services.sourcehut.man.postgresql.database | PostgreSQL database name for the man.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.git.postgresql.database | PostgreSQL database name for the git.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.hub.postgresql.database | PostgreSQL database name for the hub.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.prometheus.exporters.smartctl.user | User name under which the smartctl exporter shall be run.
|
| services.prometheus.exporters.nginxlog.user | User name under which the nginxlog exporter shall be run.
|
| services.prometheus.exporters.graphite.user | User name under which the graphite exporter shall be run.
|
| services.prometheus.exporters.blackbox.user | User name under which the blackbox exporter shall be run.
|
| services.prometheus.exporters.mikrotik.user | User name under which the mikrotik exporter shall be run.
|
| services.prometheus.exporters.opnsense.user | User name under which the opensense exporter shall be run.
|
| services.prometheus.exporters.keylight.user | User name under which the keylight exporter shall be run.
|
| services.prometheus.exporters.unpoller.user | User name under which the unpoller exporter shall be run.
|
| services.prometheus.exporters.fritzbox.user | User name under which the fritzbox exporter shall be run.
|
| services.prometheus.exporters.influxdb.user | User name under which the influxdb exporter shall be run.
|
| services.prometheus.exporters.collectd.user | User name under which the collectd exporter shall be run.
|
| services.prometheus.exporters.postgres.user | User name under which the postgres exporter shall be run.
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.triton_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.nullmailer.config.remotes | A list of remote servers to which to send each message
|
| services.misskey.reverseProxy.webserver.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.pipewire.wireplumber.extraScripts | Additional scripts for WirePlumber to be used by configuration files
|
| virtualisation.oci-containers.containers.<name>.capabilities | Capabilities to configure for the container
|
| networking.ucarp.upscript | Command to run after become master, the interface name, virtual address
and optional extra parameters are passed as arguments.
|
| services.prometheus.exporters.rtl_433.user | User name under which the rtl_433 exporter shall be run.
|
| services.prometheus.exporters.chrony.user | User name under which the chrony exporter shall be run
|
| services.matrix-synapse.settings.database.args.database | Name of the database when using the psycopg2 backend,
path to the database location when using sqlite3.
|
| services.sourcehut.todo.postgresql.database | PostgreSQL database name for the todo.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.meta.postgresql.database | PostgreSQL database name for the meta.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.limesurvey.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.limesurvey.httpd.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| security.doas.extraRules.*.setEnv | Keep or set the specified variables
|
| services.gmediarender.friendlyName | A "friendly name" for identifying the endpoint.
|
| services.prometheus.exporters.postfix.systemd.unit | Name of the postfix systemd unit.
|