| services.bacula-sd.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-sd.device.<name>.archiveDevice | The specified name-string gives the system file name of the storage
device managed by this storage daemon
|
| networking.wlanInterfaces | Creating multiple WLAN interfaces on top of one physical WLAN device (NIC)
|
| services.anuko-time-tracker.database.name | Database name.
|
| users.users.<name>.extraGroups | The user's auxiliary groups.
|
| networking.vswitches.<name>.extraOvsctlCmds | Commands to manipulate the Open vSwitch database
|
| services.h2o.hosts.<name>.tls | TLS options for virtual host
|
| services.geth.<name>.http.apis | APIs to enable over WebSocket
|
| services.bacula-dir.tls.allowedCN | Common name attribute of allowed peer certificates
|
| users.users.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| services.firewalld.zones.<name>.ports.*.protocol | |
| services.bcg.rename | Rename nodes to different name.
|
| services.firewalld.zones.<name>.protocols | Protocols to allow in the zone.
|
| services.bookstack.database.name | Database name.
|
| services.mediawiki.database.name | Database name.
|
| ec2.zfs.datasets.<name>.mount | Where to mount this dataset.
|
| security.acme.certs.<name>.s3Bucket | S3 bucket name to use for HTTP-01 based challenges
|
| virtualisation.interfaces.<name>.vlan | VLAN to which the network interface is connected.
|
| networking.wireless.networks.<name>.extraConfig | Extra configuration lines appended to the network block
|
| services.discourse.database.name | Discourse database name.
|
| services.nsd.zones.<name>.requestXFR | Format: [AXFR|UDP] <ip-address> <key-name | NOKEY>
|
| services.firewalld.services.<name>.version | Version of the service.
|
| services.firewalld.services.<name>.helpers | Helpers for the service.
|
| services.nginx.virtualHosts.<name>.serverName | Name of this virtual host
|
| services.geth.<name>.port | Port number Go Ethereum will be listening on, both TCP and UDP.
|
| systemd.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| nix.registry.<name>.from | The flake reference to be rewritten
|
| systemd.user.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.paths.<name>.wants | Start the specified units when this unit is started.
|
| services.cgit.<name>.group | Group to run the cgit service as.
|
| users.users.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| hardware.alsa.controls.<name>.card | Name of the PCM card to control (slave).
|
| services.h2o.hosts.<name>.acme | ACME options for virtual host.
|
| services.h2o.hosts.<name>.http | HTTP options for virtual host
|
| programs.tsmClient.servers.<name>.nodename | Target node name on the IBM TSM server.
|
| services.i2pd.inTunnels.<name>.enable | Whether to enable ‹name›.
|
| power.ups.users.<name>.actions | Allow the user to do certain things with upsd
|
| services.geth.<name>.http.port | Port number of Go Ethereum HTTP API.
|
| services.buildkite-agents.<name>.hooksPath | Path to the directory storing the hooks
|
| services.k3s.manifests.<name>.target | Name of the symlink (relative to /var/lib/rancher/k3s/server/manifests)
|
| services.tahoe.nodes.<name>.nickname | The nickname of this Tahoe node.
|
| services.pretix.settings.database.name | Database name.
|
| services.cgit.<name>.scanPath | A path which will be scanned for repositories.
|
| services.writefreely.admin.name | The name of the first admin user.
|
| services.i2pd.outTunnels.<name>.enable | Whether to enable ‹name›.
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.containerPort | Target port of container
|
| networking.fqdnOrHostName | Either the fully qualified domain name (FQDN), or just the host name if
it does not exist
|
| services.cgit.<name>.nginx.virtualHost | VirtualHost to serve cgit on, defaults to the attribute name.
|
| services.nylon.<name>.port | What port to listen for client requests, default is 1080.
|
| services.rauc.slots.<name>.*.type | The type of the device.
|
| services.openafsClient.cellServDB.<name>.*.dnsname | DNS full-qualified domain name of a database server
|
| services.openafsServer.cellServDB.<name>.*.dnsname | DNS full-qualified domain name of a database server
|
| services.prometheus.remoteRead.*.name | Name of the remote read config, which if specified must be unique among remote read configs
|
| systemd.timers.<name>.wants | Start the specified units when this unit is started.
|
| systemd.slices.<name>.wants | Start the specified units when this unit is started.
|
| services.firewalld.zones.<name>.egressPriority | Priority for outbound traffic
|
| systemd.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.mysql.initialDatabases.*.name | The name of the database to create.
|
| services.github-runners.<name>.replace | Replace any existing runner with the same name
|
| services.cgit.<name>.repos | cgit repository settings, see cgitrc(5)
|
| services.firezone.headless-client.name | The name of this client as shown in firezone
|
| services.hostapd.radios.<name>.networks.<name>.ssid | SSID to be used in IEEE 802.11 management frames.
|
| security.acme.certs.<name>.csr | Path to a certificate signing request to apply when fetching the certificate.
|
| services.nntp-proxy.users.<name>.username | Username
|
| services.h2o.hosts.<name>.tls.port | Override the default TLS port for this virtual host.
|
| services.cntlm.username | Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).
|
| networking.bridges | This option allows you to define Ethernet bridge devices
that connect physical networks together
|
| services.tts.servers.<name>.model | Name of the model to download and use for speech synthesis
|
| services.firewalld.services.<name>.includes | Services to include for the service.
|
| users.users.<name>.subGidRanges | Subordinate group ids that user is allowed to use
|
| users.users.<name>.subUidRanges | Subordinate user ids that user is allowed to use
|
| systemd.paths.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| services.firewalld.zones.<name>.masquerade | Whether to enable masquerading in the zone.
|
| virtualisation.interfaces.<name>.assignIP | Automatically assign an IP address to the network interface using the same scheme as
virtualisation.vlans.
|
| services.prometheus.remoteWrite.*.name | Name of the remote write config, which if specified must be unique among remote write configs
|
| boot.initrd.systemd.users.<name>.uid | ID of the user in initrd.
|
| services.pretalx.settings.database.name | Database name.
|
| services.cgit.<name>.enable | Whether to enable cgit.
|
| networking.supplicant.<name>.configFile.writable | Whether the configuration file at configFile.path should be written to by
wpa_supplicant.
|
| services.nsd.zones.<name>.allowNotify | Listed primary servers are allowed to notify this secondary server
|
| systemd.user.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.user.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.nix-store-gcs-proxy.<name>.bucketName | Name of Google storage bucket
|
| services.filesender.database.name | Database name.
|
| services.limesurvey.database.name | Database name.
|
| services.zoneminder.database.name | Name of database.
|
| systemd.paths.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| networking.sits.<name>.encapsulation.port | Destination port when using UDP encapsulation.
|
| services.postgresql.ensureUsers.*.name | Name of the user to ensure.
|
| hardware.alsa.cardAliases.<name>.driver | Name of the kernel module that provides the card.
|
| services.grafana.settings.database.name | The name of the Grafana database.
|
| systemd.user.timers.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.user.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| networking.sits.<name>.encapsulation | Configures the type of encapsulation.
|
| services.szurubooru.database.name | Name of the PostgreSQL database.
|