| services.prometheus.exporters.imap-mailstat.user | User name under which the imap-mailstat exporter shall be run.
|
| services.nullmailer.config.adminaddr | If set, all recipients to users at either "localhost" (the literal string)
or the canonical host name (from the me control attribute) are remapped to this address
|
| services.sourcehut.lists.postgresql.database | PostgreSQL database name for the lists.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.paste.postgresql.database | PostgreSQL database name for the paste.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.pages.postgresql.database | PostgreSQL database name for the pages.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.journald.upload.settings.Upload.ServerKeyFile | SSL key in PEM format
|
| services.postgresql.ensureUsers.*.ensureDBOwnership | Grants the user ownership to a database with the same name
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.basic_auth.username | HTTP username
|
| virtualisation.oci-containers.containers.<name>.devices | List of devices to attach to this container.
|
| virtualisation.oci-containers.containers.<name>.podman.user | The user under which the container should run.
|
| users.extraUsers.<name>.initialHashedPassword | Specifies the initial hashed password for the user, i.e. the
hashed password assigned if the user does not already
exist
|
| virtualisation.oci-containers.containers.<name>.podman | Podman-specific settings in OCI containers
|
| virtualisation.oci-containers.containers.<name>.workdir | Override the default working directory for the container.
|
| services.centrifugo.environmentFiles | Files to load environment variables from
|
| services.datadog-agent.extraIntegrations | Extra integrations from the Datadog core-integrations
repository that should be built and included
|
| networking.wireguard.interfaces.<name>.peers.*.presharedKey | Base64 preshared key generated by wg genpsk
|
| services.prometheus.scrapeConfigs.*.dockerswarm_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.exporters.borgmatic.user | User name under which the borgmatic exporter shall be run.
|
| services.prometheus.exporters.nextcloud.user | User name under which the nextcloud exporter shall be run.
|
| services.prometheus.exporters.smokeping.user | User name under which the smokeping exporter shall be run.
|
| services.prometheus.exporters.pgbouncer.user | User name under which the pgbouncer exporter shall be run.
|
| services.prometheus.exporters.surfboard.user | User name under which the surfboard exporter shall be run.
|
| services.prometheus.exporters.wireguard.user | User name under which the wireguard exporter shall be run.
|
| services.prometheus.exporters.rasdaemon.user | User name under which the rasdaemon exporter shall be run.
|
| services.prometheus.exporters.tailscale.user | User name under which the tailscale exporter shall be run.
|
| services.prometheus.exporters.mongodb.collectAll | Enable all collectors
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.prometheus.exporters.junos-czerwonk.user | User name under which the junos-czerwonk exporter shall be run.
|
| virtualisation.oci-containers.containers.<name>.autoStart | When enabled, the container is automatically started on boot
|
| networking.wireguard.interfaces.<name>.interfaceNamespace | The pre-existing network namespace the WireGuard
interface is moved to
|
| services.crowdsec-firewall-bouncer.secrets.apiKeyPath | Path to the API key to authenticate with a local CrowdSec API
|
| networking.nameservers | The list of nameservers
|
| services.chatgpt-retrieval-plugin.qdrantCollection | name of the qdrant collection used to store documents.
|
| services.sourcehut.builds.postgresql.database | PostgreSQL database name for the builds.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| virtualisation.oci-containers.containers.<name>.autoRemoveOnStop | Automatically remove the container when it is stopped or killed
|
| virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| services.matrix-synapse.settings.database.args.database | Name of the database when using the psycopg2 backend,
path to the database location when using sqlite3.
|
| programs.regreet.theme.package | The package that provides the theme given in the name option.
|
| services.firezone.server.provision.accounts | All accounts to provision
|
| services.rutorrent.nginx.exposeInsecureRPC2mount | If you do not enable one of the rpc or httprpc plugins you need to expose an RPC mount through scgi using this option
|
| services.misskey.reverseProxy.webserver.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.prometheus.exporters.postfix.systemd.unit | Name of the postfix systemd unit.
|
| services.limesurvey.nginx.virtualHost.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.dependency-track.database.databaseName | Database name to use when connecting to an external or
manually provisioned database; has no effect when a local
database is automatically provisioned
|
| virtualisation.oci-containers.containers.<name>.extraOptions | Extra options for podman run.
|
| swapDevices.*.encrypted.label | Label of the unlocked encrypted device
|
| systemd.network.networks.<name>.enhancedTransmissionSelectionConfig | Each attribute in this set specifies an option in the
[EnhancedTransmissionSelection] section of the unit
|
| services.matrix-appservice-discord.settings | config.yaml configuration as a Nix attribute set
|
| users.users.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| services.mosquitto.listeners.*.authPlugins.*.denySpecialChars | Automatically disallow all clients using #
or + in their name/id.
|
| services.journaldriver.googleCloudProject | Configures the name of the Google Cloud project to which to
forward journald logs
|
| services.matrix-synapse.settings.log_config | The file that holds the logging configuration.
|
| services.taskserver.organisations | An attribute set where the keys name the organisation and the values
are a set of lists of users and
groups.
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.basic_auth.username | HTTP username
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.basic_auth.username | HTTP username
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.basic_auth.username | HTTP username
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.basic_auth.username | HTTP username
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| networking.dhcpcd.setHostname | Whether to set the machine hostname based on the information
received from the DHCP server.
The hostname will be changed only if the current one is
the empty string, localhost or nixos
|
| services.prometheus.exporters.buildkite-agent.user | User name under which the buildkite-agent exporter shall be run.
|
| services.nextcloud.settings."profile.enabled" | Makes user-profiles globally available under nextcloud.tld/u/user.name
|
| services.prometheus.exporters.storagebox.user | User name under which the storagebox exporter shall be run.
|
| services.prometheus.exporters.scaphandre.user | User name under which the scaphandre exporter shall be run.
|
| virtualisation.oci-containers.containers.<name>.login.registry | Registry where to login to.
|
| services.mqtt2influxdb.influxdb.database | Name of the InfluxDB database.
|
| services.limesurvey.nginx.virtualHost.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.prometheus.exporters.postfix.systemd.slice | Name of the postfix systemd slice
|
| virtualisation.oci-containers.containers.<name>.preRunExtraOptions | Extra options for podman that go before the run argument.
|
| services.matrix-synapse.settings.trusted_key_servers.*.server_name | Hostname of the trusted server.
|
| services.biboumi.settings.realname_customization | Whether the users will be able to use
the ad-hoc commands that lets them configure
their realname and username.
|
| services.grafana.settings.smtp.ehlo_identity | Name to be used as client identity for EHLO in SMTP dialog.
|
| services.desktopManager.gnome.flashback.customSessions.*.wmLabel | The name of the window manager to show in the session chooser.
|
| programs.regreet.iconTheme.package | The package that provides the icon theme given in the name option.
|
| services.prometheus.exporters.exportarr-radarr.user | User name under which the exportarr-radarr exporter shall be run.
|
| services.prometheus.exporters.exportarr-lidarr.user | User name under which the exportarr-lidarr exporter shall be run.
|
| services.prometheus.exporters.exportarr-bazarr.user | User name under which the exportarr-bazarr exporter shall be run.
|
| services.prometheus.exporters.exportarr-sonarr.user | User name under which the exportarr-sonarr exporter shall be run.
|
| users.extraUsers.<name>.hashedPasswordFile | The full path to a file that contains the hash of the user's
password
|
| virtualisation.oci-containers.containers.<name>.login.passwordFile | Path to file containing password.
|
| virtualisation.fileSystems.<name>.overlay.useStage1BaseDirectories | If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot
|
| services.warpgate.settings.external_host | Configure the domain name of this Warpgate instance
|
| networking.wireguard.interfaces.<name>.dynamicEndpointRefreshSeconds | Periodically refresh the endpoint hostname or address for all peers
|
| systemd.network.config.routeTables | Defines route table names as an attrset of name to number
|
| virtualisation.oci-containers.containers.<name>.privileged | Give extended privileges to the container
|
| virtualisation.oci-containers.containers.<name>.entrypoint | Override the default entrypoint of the image.
|
| users.users.<name>.initialPassword | Specifies the initial password for the user, i.e. the
password assigned if the user does not already exist
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.basic_auth.username | HTTP username
|
| virtualisation.oci-containers.containers.<name>.volumes | List of volumes to attach to this container
|
| networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| services.pgbouncer.settings.pgbouncer.max_client_conn | Maximum number of client connections allowed
|
| virtualisation.oci-containers.containers.<name>.log-driver | Logging driver for the container
|
| services.misskey.reverseProxy.webserver.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.crowdsec-firewall-bouncer.registerBouncer.bouncerName | Name to register the bouncer as to the CrowdSec API
|
| services.prometheus.exporters.exportarr-readarr.user | User name under which the exportarr-readarr exporter shall be run.
|
| services.outline.oidcAuthentication.displayName | Display name for OIDC authentication.
|
| image.repart.verityStore.partitionIds.esp | Specify the attribute name of the ESP.
|
| services.prometheus.exporters.artifactory.user | User name under which the artifactory exporter shall be run.
|
| services.strongswan-swanctl.swanctl.connections | Section defining IKE connection configurations, each in its own subsection
with an arbitrary yet unique name
|
| services.crowdsec-firewall-bouncer.settings.api_key | API key to authenticate with a local crowdsec API
|
| services.prometheus.exporters.mqtt.prometheusPrefix | Prefix added to the metric name.
|