| services.matrix-synapse.settings.database.args.database | Name of the database when using the psycopg2 backend,
path to the database location when using sqlite3.
|
| services.prometheus.exporters.rtl_433.user | User name under which the rtl_433 exporter shall be run.
|
| services.pufferpanel.environment | Environment variables to set for the service
|
| virtualisation.allInterfaces.<name>.vlan | VLAN to which the network interface is connected.
|
| networking.firewall.interfaces.<name>.allowedTCPPortRanges | A range of TCP ports on which incoming connections are
accepted.
|
| hardware.fw-fanctrl.config.strategies.<name>.fanSpeedUpdateFrequency | How often the fan speed should be updated in seconds
|
| services.journaldriver.logName | Configures the name of the target log in Stackdriver Logging
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| containers.<name>.localAddress6 | The IPv6 address assigned to the interface in the container
|
| services.sourcehut.todo.postgresql.database | PostgreSQL database name for the todo.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.meta.postgresql.database | PostgreSQL database name for the meta.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| networking.wireless.networks.<name>.priority | By default, all networks will get same priority group (0)
|
| networking.wireguard.interfaces.<name>.extraOptions | Extra options to append to the interface section
|
| virtualisation.fileSystems.<name>.autoFormat | If the device does not currently contain a filesystem (as
determined by blkid), then automatically
format it with the filesystem type specified in
fsType
|
| networking.interfaces.<name>.ipv6.routes.*.options | Other route options
|
| networking.interfaces.<name>.ipv4.routes.*.options | Other route options
|
| services.pipewire.wireplumber.extraScripts | Additional scripts for WirePlumber to be used by configuration files
|
| networking.wireguard.interfaces.<name>.privateKey | Base64 private key generated by wg genkey
|
| services.nextcloud-spreed-signaling.hostName | The host name to bind the nginx virtual host to, if
config.services.nextcloud-spreed-signaling.configureNginx is set to true.
|
| networking.openconnect.interfaces.<name>.autoStart | Whether this VPN connection should be started automatically.
|
| virtualisation.fileSystems.<name>.encrypted.blkDev | Location of the backing encrypted device.
|
| networking.vswitches | This option allows you to define Open vSwitches that connect
physical networks together
|
| services.prometheus.exporters.postfix.systemd.unit | Name of the postfix systemd unit.
|
| hardware.fw-fanctrl.config.strategies.<name>.movingAverageInterval | Interval (seconds) of the last temperatures to use to calculate the average temperature
|
| services.gmediarender.friendlyName | A "friendly name" for identifying the endpoint.
|
| boot.binfmt.registrations.<name>.recognitionType | Whether to recognize executables by magic number or extension.
|
| virtualisation.fileSystems.<name>.autoResize | If set, the filesystem is grown to its maximum size before
being mounted. (This is typically the size of the containing
partition.) This is currently only supported for ext2/3/4
filesystems that are mounted during early boot.
|
| systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.argument | An argument whose meaning depends on the type of operation
|
| services.archisteamfarm.bots | Bots name and configuration.
|
| networking.vswitches.<name>.supportedOpenFlowVersions | Supported versions to enable on this switch.
|
| services.prometheus.exporters.imap-mailstat.user | User name under which the imap-mailstat exporter shall be run.
|
| services.sourcehut.lists.postgresql.database | PostgreSQL database name for the lists.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.paste.postgresql.database | PostgreSQL database name for the paste.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.pages.postgresql.database | PostgreSQL database name for the pages.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.firezone.server.provision.accounts | All accounts to provision
|
| services.home-assistant.extraComponents | List of components that have their dependencies included in the package
|
| services.pgmanage.connections | pgmanage requires at least one PostgreSQL server be defined
|
| networking.wireguard.interfaces.<name>.allowedIPsAsRoutes | Determines whether to add allowed IPs as routes or not.
|
| services.nextcloud.config.objectstore.s3.bucket | The name of the S3 bucket.
|
| networking.sits.<name>.encapsulation.type | Select the encapsulation type:
-
6in4: the IPv6 packets are encapsulated using the
6in4 protocol (formerly known as SIT, RFC 4213);
-
gue: the IPv6 packets are encapsulated in UDP packets
using the Generic UDP Encapsulation (GUE) scheme;
-
foo: the IPv6 packets are encapsulated in UDP packets
using the Foo over UDP (FOU) scheme.
|
| networking.openconnect.interfaces.<name>.gateway | Gateway server to connect to.
|
| services.limesurvey.nginx.virtualHost.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.influxdb2.provision.initialSetup.bucket | Primary bucket name
|
| boot.initrd.systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.argument | An argument whose meaning depends on the type of operation
|
| boot.zfs.forceImportAll | Forcibly import all ZFS pool(s)
|
| networking.interfaces.<name>.tempAddress | When IPv6 is enabled with SLAAC, this option controls the use of
temporary address (aka privacy extensions) on this
interface
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| users.extraUsers.<name>.password | Specifies the (clear text) password for the user
|
| services.prometheus.exporters.borgmatic.user | User name under which the borgmatic exporter shall be run.
|
| services.prometheus.exporters.nextcloud.user | User name under which the nextcloud exporter shall be run.
|
| services.prometheus.exporters.smokeping.user | User name under which the smokeping exporter shall be run.
|
| services.prometheus.exporters.pgbouncer.user | User name under which the pgbouncer exporter shall be run.
|
| services.prometheus.exporters.surfboard.user | User name under which the surfboard exporter shall be run.
|
| services.prometheus.exporters.wireguard.user | User name under which the wireguard exporter shall be run.
|
| services.prometheus.exporters.rasdaemon.user | User name under which the rasdaemon exporter shall be run.
|
| services.prometheus.exporters.tailscale.user | User name under which the tailscale exporter shall be run.
|
| services.umami.createPostgresqlDatabase | Whether to automatically create the database for Umami using PostgreSQL
|
| services.prometheus.exporters.postfix.systemd.slice | Name of the postfix systemd slice
|
| networking.openconnect.interfaces.<name>.privateKey | Private key to authenticate with.
|
| networking.ipips.<name>.encapsulation.type | Select the encapsulation type:
-
ipip to create an IPv4 within IPv4 tunnel (RFC 2003).
-
4in6 to create a 4in6 tunnel (RFC 2473);
-
ip6ip6 to create an IPv6 within IPv6 tunnel (RFC 2473);
For encapsulating IPv6 within IPv4 packets, see
the ad-hoc networking.sits option.
|
| services.prometheus.exporters.mongodb.collectAll | Enable all collectors
|
| programs.tsmClient.servers | Server definitions ("stanzas")
for the client system-options file
|
| services.prometheus.exporters.junos-czerwonk.user | User name under which the junos-czerwonk exporter shall be run.
|
| services.prometheus.exporters.mailman3.user | User name under which the mailman3 exporter shall be run.
|
| networking.interfaces.<name>.ipv6.addresses.*.address | IPv6 address of the interface
|
| networking.interfaces.<name>.ipv4.addresses.*.address | IPv4 address of the interface
|
| services.nullmailer.config.adminaddr | If set, all recipients to users at either "localhost" (the literal string)
or the canonical host name (from the me control attribute) are remapped to this address
|
| _module.args | Additional arguments passed to each module in addition to ones
like lib, config,
and pkgs, modulesPath
|
| services.sourcehut.builds.postgresql.database | PostgreSQL database name for the builds.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| virtualisation.fileSystems.<name>.overlay.workdir | The path to the workdir
|
| services.foundationdb.tls.allowedPeers | "Peer verification string"
|
| services.pufferpanel.enable | Whether to enable PufferPanel game management server
|
| security.ipa.shells | List of shells which binaries should be installed to /bin/
|
| networking.supplicant.<name>.userControlled.enable | Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli
|
| containers.<name>.nixpkgs | A path to the nixpkgs that provide the modules, pkgs and lib for evaluating the container
|
| services.discourse.siteSettings | Discourse site settings
|
| services.journaldriver.logStream | Configures the name of the Stackdriver Logging log stream into
which to write journald entries
|
| networking.networkmanager.ensureProfiles.profiles.<name>.connection.id | This is the name that will be displayed by NetworkManager and GUIs.
|
| users.mysql.pam.logging.msgColumn | The name of the column in the log table to which the description
of the performed operation is stored.
|
| systemd.mounts.*.wantedBy | Units that want (i.e. depend on) this unit
|
| services.misskey.reverseProxy.webserver.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| networking.openconnect.interfaces.<name>.protocol | Protocol to use.
|
| virtualisation.interfaces.<name>.assignIP | Automatically assign an IP address to the network interface using the same scheme as
virtualisation.vlans.
|
| networking.supplicant | Interfaces for which to start wpa_supplicant
|
| boot.initrd.luks.devices | The encrypted disk that should be opened before the root
filesystem is mounted
|
| services.limesurvey.nginx.virtualHost.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.icingaweb2.modulePackages | Name-package attrset of Icingaweb 2 modules packages to enable
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| virtualisation.allInterfaces.<name>.assignIP | Automatically assign an IP address to the network interface using the same scheme as
virtualisation.vlans.
|
| services.crowdsec-firewall-bouncer.secrets.apiKeyPath | Path to the API key to authenticate with a local CrowdSec API
|
| virtualisation.fileSystems.<name>.encrypted.enable | The block device is backed by an encrypted one, adds this device as a initrd luks entry.
|
| networking.interfaces.<name>.ipv6.addresses.*.prefixLength | Subnet mask of the interface, specified as the number of
bits in the prefix (64).
|
| networking.interfaces.<name>.ipv4.addresses.*.prefixLength | Subnet mask of the interface, specified as the number of
bits in the prefix (24).
|
| services.rutorrent.nginx.exposeInsecureRPC2mount | If you do not enable one of the rpc or httprpc plugins you need to expose an RPC mount through scgi using this option
|
| xdg.portal.config | Sets which portal backend should be used to provide the implementation
for the requested interface
|
| boot.binfmt.registrations.<name>.wrapInterpreterInShell | Whether to wrap the interpreter in a shell script
|
| networking.wg-quick.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| users.mysql.pam.logging.timeColumn | The name of the column in the log table to which the timestamp of the
log entry is stored.
|
| containers.<name>.forwardPorts.*.protocol | The protocol specifier for port forwarding between host and container
|
| services.prometheus.exporters.buildkite-agent.user | User name under which the buildkite-agent exporter shall be run.
|