| services.prometheus.exporters.py-air-control.user | User name under which the py-air-control exporter shall be run.
|
| services.postfixadmin.enable | Whether to enable postfixadmin
|
| services.anubis.defaultOptions.settings.SERVE_ROBOTS_TXT | Whether to serve a default robots.txt that denies access to common AI bots by name and all other
bots by wildcard.
|
| services.firefox-syncserver.database.host | Database host name. localhost is treated specially and inserts
systemd dependencies, other hostnames or IP addresses of the local machine do not.
|
| services.sourcehut.hg.postgresql.database | PostgreSQL database name for the hg.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.misskey.reverseProxy.webserver.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.nullmailer.config.remotes | A list of remote servers to which to send each message
|
| services.pufferpanel.environment | Environment variables to set for the service
|
| virtualisation.oci-containers.containers.<name>.environment | Environment variables to set for this container.
|
| systemd.network.config.routeTables | Defines route table names as an attrset of name to number
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshSeconds | Periodically re-execute the wg utility every
this many seconds in order to let WireGuard notice DNS / hostname
changes
|
| programs.regreet.iconTheme.package | The package that provides the icon theme given in the name option.
|
| services.movim.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| services.sourcehut.man.postgresql.database | PostgreSQL database name for the man.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.git.postgresql.database | PostgreSQL database name for the git.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.hub.postgresql.database | PostgreSQL database name for the hub.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.prometheus.exporters.smartctl.user | User name under which the smartctl exporter shall be run.
|
| services.prometheus.exporters.nginxlog.user | User name under which the nginxlog exporter shall be run.
|
| services.prometheus.exporters.graphite.user | User name under which the graphite exporter shall be run.
|
| services.prometheus.exporters.blackbox.user | User name under which the blackbox exporter shall be run.
|
| services.prometheus.exporters.mikrotik.user | User name under which the mikrotik exporter shall be run.
|
| services.prometheus.exporters.opnsense.user | User name under which the opensense exporter shall be run.
|
| services.prometheus.exporters.keylight.user | User name under which the keylight exporter shall be run.
|
| services.prometheus.exporters.unpoller.user | User name under which the unpoller exporter shall be run.
|
| services.prometheus.exporters.fritzbox.user | User name under which the fritzbox exporter shall be run.
|
| services.prometheus.exporters.influxdb.user | User name under which the influxdb exporter shall be run.
|
| services.prometheus.exporters.collectd.user | User name under which the collectd exporter shall be run.
|
| services.prometheus.exporters.postgres.user | User name under which the postgres exporter shall be run.
|
| services.prometheus.scrapeConfigs.*.linode_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.consul_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.docker_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.triton_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.certspotter.watchlist | Domain names to watch
|
| services.miniupnpd.externalInterface | Name of the external interface.
|
| services.limesurvey.httpd.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.matrix-synapse.settings.database.args.database | Name of the database when using the psycopg2 backend,
path to the database location when using sqlite3.
|
| services.limesurvey.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.prometheus.exporters.rtl_433.user | User name under which the rtl_433 exporter shall be run.
|
| services.pipewire.wireplumber.extraScripts | Additional scripts for WirePlumber to be used by configuration files
|
| virtualisation.oci-containers.containers.<name>.imageStream | Path to a script that streams the desired image on standard output
|
| services.sourcehut.todo.postgresql.database | PostgreSQL database name for the todo.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.meta.postgresql.database | PostgreSQL database name for the meta.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.hockeypuck.settings | Configuration file for hockeypuck, here you can override
certain settings (loglevel and
openpgp.db.dsn) by just setting those values
|
| networking.wireguard.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| services.prometheus.exporters.postfix.systemd.unit | Name of the postfix systemd unit.
|
| services.pds.environmentFiles | File to load environment variables from
|
| virtualisation.oci-containers.containers.<name>.environmentFiles | Environment files for this container.
|
| services.sanoid.datasets.<name>.no_inconsistent_snapshot | Whether to take a snapshot if the pre script fails
|
| services.journaldriver.logName | Configures the name of the target log in Stackdriver Logging
|
| services.nextcloud-spreed-signaling.hostName | The host name to bind the nginx virtual host to, if
config.services.nextcloud-spreed-signaling.configureNginx is set to true.
|
| services.gmediarender.friendlyName | A "friendly name" for identifying the endpoint.
|
| containers.<name>.ephemeral | Runs container in ephemeral mode with the empty root filesystem at boot
|
| services.archisteamfarm.bots | Bots name and configuration.
|
| networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshRestartSeconds | When the dynamic endpoint refresh that is configured via
dynamicEndpointRefreshSeconds exits (likely due to a failure),
restart that service after this many seconds
|
| services.cassandra.listenAddress | Address or interface to bind to and tell other Cassandra nodes
to connect to
|
| services.suricata.settings.outputs | Configure the type of alert (and other) logging you would like
|
| services.prometheus.exporters.imap-mailstat.user | User name under which the imap-mailstat exporter shall be run.
|
| services.nextcloud.config.objectstore.s3.bucket | The name of the S3 bucket.
|
| users.mysql.pam.statusColumn | The name of the column or an SQL expression that indicates the status of
the user
|
| services.sourcehut.lists.postgresql.database | PostgreSQL database name for the lists.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.paste.postgresql.database | PostgreSQL database name for the paste.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.sourcehut.pages.postgresql.database | PostgreSQL database name for the pages.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.influxdb2.provision.initialSetup.bucket | Primary bucket name
|
| services.sanoid.templates.<name>.no_inconsistent_snapshot | Whether to take a snapshot if the pre script fails
|
| virtualisation.oci-containers.containers.<name>.ports | Network ports to publish from the container to the outer host
|
| services.home-assistant.extraComponents | List of components that have their dependencies included in the package
|
| image.repart.verityStore.partitionIds.store | Specify the attribute name of the store partition.
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.exporters.borgmatic.user | User name under which the borgmatic exporter shall be run.
|
| services.prometheus.exporters.nextcloud.user | User name under which the nextcloud exporter shall be run.
|
| services.prometheus.exporters.smokeping.user | User name under which the smokeping exporter shall be run.
|
| services.prometheus.exporters.pgbouncer.user | User name under which the pgbouncer exporter shall be run.
|
| services.prometheus.exporters.surfboard.user | User name under which the surfboard exporter shall be run.
|
| services.prometheus.exporters.wireguard.user | User name under which the wireguard exporter shall be run.
|
| services.prometheus.exporters.rasdaemon.user | User name under which the rasdaemon exporter shall be run.
|
| services.prometheus.exporters.tailscale.user | User name under which the tailscale exporter shall be run.
|
| services.firezone.server.provision.accounts | All accounts to provision
|
| services.prometheus.exporters.postfix.systemd.slice | Name of the postfix systemd slice
|
| services.prometheus.exporters.mongodb.collectAll | Enable all collectors
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.name_filter | Specify a name filter (works as a LIKE) to apply on the server listing request.
|
| services.prometheus.exporters.junos-czerwonk.user | User name under which the junos-czerwonk exporter shall be run.
|
| services.prometheus.exporters.mailman3.user | User name under which the mailman3 exporter shall be run.
|
| services.limesurvey.nginx.virtualHost.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| containers.<name>.privateUsers | Whether to give the container its own private UIDs/GIDs space (user namespacing)
|
| virtualisation.sharedDirectories.<name>.securityModel | The security model to use for this share:
passthrough: files are stored using the same credentials as they are created on the guest (this requires QEMU to run as root)mapped-xattr: some of the file attributes like uid, gid, mode bits and link target are stored as file attributesmapped-file: the attributes are stored in the hidden .virtfs_metadata directory
|
| nixpkgs.flake.source | The path to the nixpkgs sources used to build the system
|
| services.sourcehut.builds.postgresql.database | PostgreSQL database name for the builds.sr.ht service,
used if services.sourcehut.postgresql.enable is true.
|
| services.pgmanage.connections | pgmanage requires at least one PostgreSQL server be defined
|
| services.umami.createPostgresqlDatabase | Whether to automatically create the database for Umami using PostgreSQL
|
| services.dolibarr.h2o.tls.recommendations | By default, H2O, without prejudice, will use as many TLS versions &
cipher suites as it & the TLS library (OpenSSL) can support
|
| users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| virtualisation.oci-containers.containers.<name>.capabilities | Capabilities to configure for the container
|
| programs.regreet.cursorTheme.package | The package that provides the cursor theme given in the name option.
|
| services.nullmailer.config.adminaddr | If set, all recipients to users at either "localhost" (the literal string)
or the canonical host name (from the me control attribute) are remapped to this address
|
| services.journaldriver.logStream | Configures the name of the Stackdriver Logging log stream into
which to write journald entries
|
| services.foundationdb.tls.allowedPeers | "Peer verification string"
|
| services.misskey.reverseProxy.webserver.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.yggdrasil.openMulticastPort | Whether to open the UDP port used for multicast peer discovery
|
| specialisation.<name>.inheritParentConfig | Include the entire system's configuration
|