| services.nix-serve.bindAddress | IP address where nix-serve will bind its listening socket.
|
| services.prometheus.exporters.dmarc.debug | Whether to declare enable --debug.
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.access_key | Access key to use. https://console.scaleway.com/project/credentials
|
| services.sftpgo.settings.sftpd.bindings.*.port | The port for serving SFTP requests
|
| services.nginx.gitweb.location | Location to serve gitweb on.
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.startupSql | A list of SQL statements to execute once after making a connection.
|
| services.tayga.ipv6.router.address | The IPv6 address of the router.
|
| services.teamviewer.package | The teamviewer package to use.
|
| services.listmonk.settings | Static settings set in the config.toml, see https://github.com/knadh/listmonk/blob/master/config.toml.sample for details
|
| services.peering-manager.plugins | List of plugin packages to install.
|
| services.prometheus.exporters.mailman3.port | Port to listen on.
|
| services.tigerbeetle.cacheGridSize | The grid cache size
|
| services.mediamtx.env | Extra environment variables for MediaMTX
|
| services.miniflux.adminCredentialsFile | File containing the ADMIN_USERNAME and
ADMIN_PASSWORD (length >= 6) in the format of
an EnvironmentFile=, as described by systemd.exec(5).
|
| services.mullvad-vpn.enable | This option enables Mullvad VPN daemon.
|
| services.nitter.cache.redisPort | Redis port.
|
| services.nextcloud.settings.default_phone_region | An ISO 3166-1
country code which replaces automatic phone-number detection
without a country code
|
| services.prometheus.exporters.keylight.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.keylight.openFirewall
is true
|
| services.prometheus.exporters.mail.telemetryPath | Path under which to expose metrics.
|
| services.minetest-server.world | Name of the world to use
|
| services.prosody.modules.vcard | Allow users to set vCards
|
| services.prometheus.scrapeConfigs.*.gce_sd_configs.*.filter | Filter can be used optionally to filter the instance list by other
criteria Syntax of this filter string is described here in the filter
query parameter section: https://cloud.google.com/compute/docs/reference/latest/instances/list.
|
| services.snapper.configs.<name>.ALLOW_USERS | List of users allowed to operate with the config. "root" is always
implicitly included
|
| services.syncthing.key | Path to the key.pem file, which will be copied into Syncthing's
configDir.
|
| services.misskey.settings.id | The ID generation method to use
|
| services.snapserver.settings.tcp-control.port | Port to listen on for snapclient connections.
|
| services.mastodon.webThreads | Threads per process used by the mastodon-web service.
|
| services.microsocks.group | Group microsocks runs as.
|
| services.prometheus.remoteWrite.*.proxy_url | Optional Proxy URL.
|
| services.nntp-proxy.users | NNTP-Proxy user configuration
|
| services.rauc.slots.<name>.*.type | The type of the device.
|
| services.toxBootstrapd.port | Listening port (UDP).
|
| services.misskey.settings.meilisearch | Meilisearch connection options.
|
| services.prosody.modules.server_contact_info | Publish contact information for this service
|
| services.spice-autorandr.package | The spice-autorandr package to use.
|
| services.tor.relay.onionServices.<name>.version | See torrc manual.
|
| services.maddy.tls.certificates | A list of attribute sets containing paths to TLS certificates and
keys
|
| services.metabase.openFirewall | Open ports in the firewall for Metabase.
|
| services.opencloud.stateDir | OpenCloud data directory.
|
| services.pretix.settings.celery.broker | URI to the celery broker used for the asynchronous job queue.
|
| services.qui.settings.port | The port qui listens on.
|
| services.tang.listenStream | Addresses and/or ports on which tang should listen
|
| services.privoxy.settings.enable-edit-actions | Whether the web-based actions file editor may be used.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_MONTHLY | Limits for timeline cleanup.
|
| services.sogo.ealarmsCredFile | Optional path to a credentials file for email alarms
|
| services.tlsrpt.collectd.extraFlags | List of extra flags to pass to the tlsrpt-reportd executable
|
| services.netdata.configText | Verbatim netdata.conf, cannot be combined with config.
|
| services.nipap.nipap-www.enable | Whether to enable nipap-www server.
|
| services.ntpd-rs.metrics.enable | Whether to enable ntpd-rs Prometheus Metrics Exporter.
|
| services.prometheus.exporters.ecoflow.debug | Enable debug log messages
|
| services.system76-scheduler.settings.processScheduler.foregroundBoost.foreground.nice | Niceness.
|
| services.tor.settings.FascistFirewall | See torrc manual.
|
| services.minecraft-server.jvmOpts | JVM options for the Minecraft server.
|
| services.ntpd-rs.package | The ntpd-rs package to use.
|
| services.tor.settings.PublishHidServDescriptors | See torrc manual.
|
| services.minio.rootCredentialsFile | File containing the MINIO_ROOT_USER, default is "minioadmin", and
MINIO_ROOT_PASSWORD (length >= 8), default is "minioadmin"; in the format of
an EnvironmentFile=, as described by systemd.exec(5).
|
| services.moodle.virtualHost.servedDirs | This option provides a simple way to serve static directories.
|
| services.netbird.tunnels.<name>.service.name | A systemd service name to use (without .service suffix).
|
| services.opengfw.rules.*.log | Whether to enable logging for the rule.
|
| services.prometheus.exporters.bitcoin.group | Group under which the bitcoin exporter shall be run.
|
| services.prometheus.exporters.knot.listenAddress | Address to listen on.
|
| services.prosody.modules.proxy65 | Enables a file transfer proxy service which clients behind NAT can use
|
| services.tailscale.authKeyParameters.baseURL | Base URL for the Tailscale API.
|
| services.throttled.extraConfig | Alternative configuration
|
| services.teamspeak3.queryIP | IP on which the server instance will listen for incoming ServerQuery connections
|
| services.opkssh.providers | OpenID Connect providers configuration
|
| services.scanservjs.runAfterScan | Extra code to add to config.local.js's afterScan.
|
| services.monica.nginx.default | Makes this vhost the default.
|
| services.mosquitto.listeners.*.users.<name>.hashedPasswordFile | Specifies the path to a file containing the
hashed password for the MQTT user
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.interface | Optional interface name to restrict outbound IPsec policies.
|
| services.movim.podConfig.disableregistration | Remove the XMPP registration flow and buttons from the interface
|
| services.neo4j.ssl.policies.<name>.baseDirectory | The mandatory base directory for cryptographic objects of this
policy
|
| services.pairdrop.rtcConfig | Configuration for STUN/TURN servers
|
| services.slskd.nginx.onlySSL | Whether to enable HTTPS and reject plain HTTP connections
|
| services.quassel.certificateFile | Path to the certificate used for SSL connections with clients.
|
| services.samba.usershares.enable | Whether to enable user-configurable Samba shares.
|
| services.mautrix-meta.instances.<name>.registerToSynapse | Whether to add registration file to services.matrix-synapse.settings.app_service_config_files and
make Synapse wait for registration service.
|
| services.opengfw.settings.replay.realtime | Whether the packets in the PCAP file should be replayed in "real time" (instead of as fast as possible).
|
| services.mediagoblin.package | The mediagoblin package to use.
|
| services.lighthouse.beacon.execution.address | Listen address for the execution layer.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.basic_auth.username | HTTP username
|
| services.minecraft-server.dataDir | Directory to store Minecraft database and other state/data files.
|
| services.monica.nginx.serverName | Name of this virtual host
|
| services.ncps.cache.secretKeyPath | The path to load the secretKey for signing narinfos
|
| services.prometheus.exporters.scaphandre.enable | Whether to enable the prometheus scaphandre exporter.
|
| services.prometheus.scrapeConfigs.*.metric_relabel_configs.*.separator | Separator placed between concatenated source label values
|
| services.toxvpn.enable | Whether to enable toxvpn running on startup.
|
| services.nebula.networks.<name>.settings | Nebula configuration
|
| services.nextcloud.settings.mail_template_class | Replaces the default mail template layout
|
| services.pixelfed.nginx.locations.<name>.alias | Alias directory for requests.
|
| services.qbittorrent.profileDir | the path passed to qbittorrent via --profile.
|
| services.parsedmarc.settings.elasticsearch.hosts | A list of Elasticsearch hosts to push parsed reports
to.
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.authorization.credentials | Sets the credentials
|
| services.reposilite.settings.idleTimeout | Default idle timeout used by Jetty.
|
| services.salt.minion.configuration | Salt minion configuration as Nix attribute set
|
| services.suricata.settings.vars | Variables to be used within the suricata rules.
|
| services.tinyproxy.settings | Configuration for tinyproxy.
|
| services.limesurvey.nginx.virtualHost.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.ncdns.dnssec.enable | Whether to enable DNSSEC support in ncdns
|
| services.nipap.settings.nipapd.listen | IP address to bind nipapd to.
|