| services.spacecookie.address | Address to listen on
|
| services.stunnel.clients | Define the client configurations
|
| services.matrix-hookshot.settings.passFile | A passkey used to encrypt tokens stored inside the bridge
|
| services.outline.storage.accelerateUrl | URL for AWS S3 transfer acceleration.
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.public-inbox.inboxes.<name>.address | The email addresses of the public-inbox.
|
| services.monica.nginx.reuseport | Create an individual listening socket
|
| services.mongodb.extraConfig | MongoDB extra configuration in YAML format
|
| services.prometheus.exporters.influxdb.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.influxdb.openFirewall
is true
|
| services.redmine.components.mercurial | Whether to enable Mercurial integration..
|
| services.synapse-auto-compressor.settings.levels | Sizes of each new level in the compression algorithm, as a comma-separated list
|
| services.prometheus.exporters.kea.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.kea.openFirewall
is true
|
| services.thanos.compact.objstore.config | Object store configuration
|
| services.pixelfed.nginx.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.hw_offload | Enable hardware offload for this CHILD_SA, if supported by the IPsec
implementation
|
| services.tlsrpt.reportd.settings.http_script | Call to an HTTPS client, that accepts the URL on the commandline and the request body from stdin.
|
| services.parsedmarc.settings.general.save_aggregate | Save aggregate report data to Elasticsearch and/or Splunk.
|
| services.prometheus.exporters.exportarr-readarr.apiKeyFile | File containing the api-key.
|
| services.monit.config | monitrc content
|
| services.n8n.environment.N8N_DIAGNOSTICS_ENABLED | Whether to share selected, anonymous telemetry with n8n
|
| services.prometheus.exporters.exportarr-readarr.extraFlags | Extra commandline options to pass to the exportarr-readarr exporter.
|
| services.thanos.compact.stateDir | Data directory relative to /var/lib
in which to cache blocks and process compactions.
|
| services.mattermost.environment | Extra environment variables to export to the Mattermost process
from the systemd unit configuration.
|
| services.nipap.nipap-www.package | The nipap-www package to use.
|
| services.node-red.safe | Whether to launch Node-RED in --safe mode.
|
| services.pihole-ftl.logDirectory | Path for Pi-hole log files
|
| services.prometheus.exporters.chrony.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.exporters.tibber.group | Group under which the tibber exporter shall be run.
|
| services.rabbitmq.enable | Whether to enable the RabbitMQ server, an Advanced Message
Queuing Protocol (AMQP) broker.
|
| services.redmine.components.ghostscript | Whether to enable exporting Gant diagrams as PDF..
|
| services.moosefs.runAsUser | Run daemons as moosefs user instead of root for better security.
|
| services.nextcloud.settings.mail_from_address | FROM address that overrides the built-in sharing-noreply and lostpassword-noreply FROM addresses
|
| services.prometheus.exporters.ipmi.user | User name under which the ipmi exporter shall be run.
|
| services.sanoid.package | The sanoid package to use.
|
| services.tailscaleAuth.user | User which runs tailscale-nginx-auth
|
| services.tempo.enable | Whether to enable Grafana Tempo.
|
| services.matrix-continuwuity.settings.global.trusted_servers | Servers listed here will be used to gather public keys of other servers
(notary trusted key servers)
|
| services.misskey.reverseProxy.webserver.nginx.useACMEHost | A host of an existing Let's Encrypt certificate to use
|
| services.prefect.baseUrl | external url when served by a reverse proxy, e.g. https://example.com/prefect
|
| services.rkvm.package | The rkvm package to use.
|
| services.rsync.jobs.<name>.inhibit | Run the rsync process with an inhibition lock taken;
see systemd-inhibit(1) for a list of possible operations.
|
| services.strongswan-swanctl.swanctl.secrets.xauth | EAP secret section for a specific secret
|
| services.suricata.settings.logging.outputs.file.level | Loglevel for logs written to the logfile.
|
| services.livekit.redis.createLocally | Whether to set up a local redis instance.
|
| services.matrix-continuwuity.settings.global.allow_federation | Whether this server federates with other servers.
|
| services.mchprs.package | The mchprs package to use.
|
| services.molly-brown.enable | Whether to enable Molly-Brown Gemini server.
|
| services.opensearch.settings."transport.port" | The port to listen on for transport traffic.
|
| services.playerctld.package | The playerctl package to use.
|
| services.public-inbox.settings.coderepo.<name>.cgitUrl | URL of a cgit instance
|
| services.softether.dataDir | Data directory for SoftEther VPN.
|
| services.ncps.package | The ncps package to use.
|
| services.printing.clientConf | The contents of the client configuration.
(client.conf)
|
| services.prometheus.exporters.graphite.openFirewall | Open port in firewall for incoming connections.
|
| services.prometheus.scrapeConfigs.*.eureka_sd_configs.*.oauth2.client_secret_file | Read the client secret from a file
|
| services.radarr.dataDir | The directory where Radarr stores its data files.
|
| services.memos.openFirewall | Whether to enable opening the ports in the firewall.
|
| services.plantuml-server.listenHost | Host to listen on.
|
| services.pretix.settings.redis.location | URI to the redis server, used to speed up locking, caching and session storage.
|
| services.slurm.mpi.PmixCliTmpDirBase | Base path for PMIx temporary files.
|
| services.tcsd.enable | Whether to enable tcsd, a Trusted Computing management service
that provides TCG Software Stack (TSS)
|
| services.miniflux.config.CREATE_ADMIN | Create an admin user from environment variables.
|
| services.murmur.clientCertRequired | Whether to enable requiring clients to authenticate via certificates.
|
| services.nextcloud.notify_push.dbhost | Database host (+port) or socket path
|
| services.nipap.settings.nipapd.foreground | Remain in foreground rather than forking to background.
|
| services.prometheus.scrapeConfigs.*.triton_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.ntfy-sh.group | Primary group of ntfy-sh user.
|
| services.photoprism.port | Web interface port.
|
| services.quickwit.settings.listen_address | Listen address of Quickwit.
|
| services.strongswan-swanctl.swanctl.connections.<name>.rand_time | Time range from which to choose a random value to subtract from
rekey/reauth times
|
| services.syncthing.relay.port | Port to listen on for relay traffic
|
| services.mbpfan.verbose | If true, sets the log level to verbose.
|
| services.moosefs.chunkserver.hdds | Mount points used by chunkserver for data storage (see mfshdd.cfg).
|
| services.nullmailer.config.pausetime | The minimum time to pause between successive queue runs when there
are messages in the queue, in seconds
|
| services.printing.allowFrom | From which hosts to allow unconditional access.
|
| services.prometheus.exporters.snmp.firewallFilter | Specify a filter for iptables to use when
services.prometheus.exporters.snmp.openFirewall
is true
|
| services.radicle.httpd.listenAddress | The IP address on which radicle-httpd listens.
|
| services.pixiecore.listen | IPv4 address to listen on
|
| services.prometheus.exporters.surfboard.extraFlags | Extra commandline options to pass to the surfboard exporter.
|
| services.szurubooru.server.settings.debug | Whether to generate server logs.
|
| services.transmission.openPeerPorts | Whether to enable opening of the peer port(s) in the firewall.
|
| services.tsidp.settings.debugAllRequests | For development
|
| services.mastodon.automaticMigrations | Do automatic database migrations.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.password | HTTP password
|
| services.prometheus.remoteWrite.*.queue_config | Configures the queue used to write to remote storage.
|
| services.radicle.httpd.nginx.sslCertificateKey | Path to server SSL certificate key.
|
| services.movim.nginx.locations | Declarative location config
|
| services.nbd.server.enable | Whether to enable the Network Block Device (nbd) server.
|
| services.prometheus.exporters.klipper.listenAddress | Address to listen on.
|
| services.prometheus.exporters.systemd.group | Group under which the systemd exporter shall be run.
|
| services.logcheck.ignoreCron.<name>.cmdline | Command line for the cron job
|
| services.mainsail.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.prometheus.globalConfig.scrape_interval | How frequently to scrape targets by default
|
| services.public-inbox.http.enable | Whether to enable the public-inbox HTTP server.
|
| services.sabnzbd.settings.misc.port | Port for the Web UI to listen on for incoming connections.
|
| services.taler.merchant.debug | Whether to enable debug logging.
|
| services.tor.settings.PerConnBWRate | See torrc manual.
|
| services.onlyoffice.loglevel | Default loglevel to use for documentserver and converter
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_groups | List of groups to allow access to this vhost, or null to allow all.
|
| services.prometheus.exporters.keylight.group | Group under which the keylight exporter shall be run.
|