| services.prometheus.exporters.postgres.user | User name under which the postgres exporter shall be run.
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.triton_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.certspotter.watchlist | Domain names to watch
|
| services.prometheus.exporters.chrony.user | User name under which the chrony exporter shall be run
|
| services.miniupnpd.externalInterface | Name of the external interface.
|
| services.limesurvey.httpd.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.matrix-synapse.settings.database.args.database | Name of the database when using the psycopg2 backend,
path to the database location when using sqlite3.
|
| services.limesurvey.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.prometheus.exporters.rtl_433.user | User name under which the rtl_433 exporter shall be run.
|
| services.pipewire.wireplumber.extraScripts | Additional scripts for WirePlumber to be used by configuration files
|
| virtualisation.oci-containers.containers.<name>.imageStream | Path to a script that streams the desired image on standard output
|
| services.sourcehut.todo.postgresql.database | PostgreSQL database name for the todo.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.meta.postgresql.database | PostgreSQL database name for the meta.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.hockeypuck.settings | Configuration file for hockeypuck, here you can override
certain settings (loglevel and
openpgp.db.dsn) by just setting those values
|
| networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| services.prometheus.exporters.postfix.systemd.unit | Name of the postfix systemd unit.
|
| services.pds.environmentFiles | File to load environment variables from
|
| virtualisation.oci-containers.containers.<name>.environmentFiles | Environment files for this container.
|
| services.sanoid.datasets.<name>.no_inconsistent_snapshot | Whether to take a snapshot if the pre script fails
|
| services.journaldriver.logName | Configures the name of the target log in Stackdriver Logging
|
| services.nextcloud-spreed-signaling.hostName | The host name to bind the nginx virtual host to, if
config.services.nextcloud-spreed-signaling.configureNginx is set to true.
|
| services.gmediarender.friendlyName | A "friendly name" for identifying the endpoint.
|
| containers.<name>.ephemeral | Runs container in ephemeral mode with the empty root filesystem at boot
|
| services.archisteamfarm.bots | Bots name and configuration.
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshRestartSeconds | When the dynamic endpoint refresh that is configured via
dynamicEndpointRefreshSeconds exits (likely due to a failure),
restart that service after this many seconds
|
| services.cassandra.listenAddress | Address or interface to bind to and tell other Cassandra nodes
to connect to
|
| services.suricata.settings.outputs | Configure the type of alert (and other) logging you would like
|
| services.prometheus.exporters.imap-mailstat.user | User name under which the imap-mailstat exporter shall be run.
|
| services.nextcloud.config.objectstore.s3.bucket | The name of the S3 bucket.
|
| users.mysql.pam.statusColumn | The name of the column or an SQL expression that indicates the status of
the user
|
| services.sourcehut.lists.postgresql.database | PostgreSQL database name for the lists.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.paste.postgresql.database | PostgreSQL database name for the paste.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.pages.postgresql.database | PostgreSQL database name for the pages.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.influxdb2.provision.initialSetup.bucket | Primary bucket name
|
| services.sanoid.templates.<name>.no_inconsistent_snapshot | Whether to take a snapshot if the pre script fails
|
| virtualisation.oci-containers.containers.<name>.ports | Network ports to publish from the container to the outer host
|
| services.home-assistant.extraComponents | List of components that have their dependencies included in the package
|
| image.repart.verityStore.partitionIds.store | Specify the attribute name of the store partition.
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.exporters.borgmatic.user | User name under which the borgmatic exporter shall be run.
|
| services.prometheus.exporters.nextcloud.user | User name under which the nextcloud exporter shall be run.
|
| services.prometheus.exporters.smokeping.user | User name under which the smokeping exporter shall be run.
|
| services.prometheus.exporters.pgbouncer.user | User name under which the pgbouncer exporter shall be run.
|
| services.prometheus.exporters.surfboard.user | User name under which the surfboard exporter shall be run.
|
| services.prometheus.exporters.wireguard.user | User name under which the wireguard exporter shall be run.
|
| services.prometheus.exporters.rasdaemon.user | User name under which the rasdaemon exporter shall be run.
|
| services.prometheus.exporters.tailscale.user | User name under which the tailscale exporter shall be run.
|
| services.firezone.server.provision.accounts | All accounts to provision
|
| services.prometheus.exporters.postfix.systemd.slice | Name of the postfix systemd slice
|
| services.prometheus.exporters.mongodb.collectAll | Enable all collectors
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.name_filter | Specify a name filter (works as a LIKE) to apply on the server listing request.
|
| services.prometheus.exporters.junos-czerwonk.user | User name under which the junos-czerwonk exporter shall be run.
|
| services.prometheus.exporters.mailman3.user | User name under which the mailman3 exporter shall be run.
|
| services.limesurvey.nginx.virtualHost.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| containers.<name>.privateUsers | Whether to give the container its own private UIDs/GIDs space (user namespacing)
|
| virtualisation.sharedDirectories.<name>.securityModel | The security model to use for this share:
passthrough: files are stored using the same credentials as they are created on the guest (this requires QEMU to run as root)mapped-xattr: some of the file attributes like uid, gid, mode bits and link target are stored as file attributesmapped-file: the attributes are stored in the hidden .virtfs_metadata directory
|
| nixpkgs.flake.source | The path to the nixpkgs sources used to build the system
|
| services.sourcehut.builds.postgresql.database | PostgreSQL database name for the builds.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.pgmanage.connections | pgmanage requires at least one PostgreSQL server be defined
|
| services.umami.createPostgresqlDatabase | Whether to automatically create the database for Umami using PostgreSQL
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| virtualisation.oci-containers.containers.<name>.capabilities | Capabilities to configure for the container
|
| programs.regreet.cursorTheme.package | The package that provides the cursor theme given in the name option.
|
| services.nullmailer.config.adminaddr | If set, all recipients to users at either "localhost" (the literal string)
or the canonical host name (from the me control attribute) are remapped to this address
|
| services.journaldriver.logStream | Configures the name of the Stackdriver Logging log stream into
which to write journald entries
|
| services.foundationdb.tls.allowedPeers | "Peer verification string"
|
| services.misskey.reverseProxy.webserver.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| specialisation.<name>.inheritParentConfig | Include the entire system's configuration
|
| services.zfs.autoReplication.localFilesystem | Local ZFS filesystem from which snapshots should be sent
|
| services.limesurvey.nginx.virtualHost.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| swapDevices.*.encrypted.label | Label of the unlocked encrypted device
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.headscale.settings.tls_letsencrypt_hostname | Domain name to request a TLS certificate for.
|
| services.grafana.provision.alerting.rules.settings.groups.*.folder | Name of the folder the rule group will be stored in
|
| services.prometheus.exporters.buildkite-agent.user | User name under which the buildkite-agent exporter shall be run.
|
| services.icingaweb2.modulePackages | Name-package attrset of Icingaweb 2 modules packages to enable
|
| services.prometheus.exporters.storagebox.user | User name under which the storagebox exporter shall be run.
|
| services.prometheus.exporters.scaphandre.user | User name under which the scaphandre exporter shall be run.
|
| services.glance.environmentFile | Path to an environment file as defined in systemd.exec(5)
|
| services.crowdsec-firewall-bouncer.secrets.apiKeyPath | Path to the API key to authenticate with a local CrowdSec API
|
| networking.ucarp.upscript | Command to run after become master, the interface name, virtual address
and optional extra parameters are passed as arguments.
|
| security.doas.extraRules.*.setEnv | Keep or set the specified variables
|
| services.misskey.reverseProxy.webserver.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| containers | A set of NixOS system configurations to be run as lightweight
containers
|
| services.rutorrent.nginx.exposeInsecureRPC2mount | If you do not enable one of the rpc or httprpc plugins you need to expose an RPC mount through scgi using this option
|
| containers.<name>.networkNamespace | Takes the path to a file representing a kernel network namespace that the container
shall run in
|
| services.pufferpanel.enable | Whether to enable PufferPanel game management server
|
| services.grafana.settings.smtp.ehlo_identity | Name to be used as client identity for EHLO in SMTP dialog.
|
| services.desktopManager.gnome.flashback.customSessions.*.wmLabel | The name of the window manager to show in the session chooser.
|
| services.prometheus.exporters.exportarr-radarr.user | User name under which the exportarr-radarr exporter shall be run.
|
| services.prometheus.exporters.exportarr-lidarr.user | User name under which the exportarr-lidarr exporter shall be run.
|
| services.prometheus.exporters.exportarr-bazarr.user | User name under which the exportarr-bazarr exporter shall be run.
|