| services.prometheus.exporters.systemd.enable | Whether to enable the prometheus systemd exporter.
|
| services.sharkey.openFirewall | Whether to open ports in the NixOS firewall for Sharkey.
|
| services.mattermost.enable | Whether to enable Mattermost chat server.
|
| services.redis.servers.<name>.settings | Redis configuration
|
| services.tor.settings.ExtORPortCookieAuthFile | See torrc manual.
|
| services.tts.servers.<name>.useCuda | Whether to offload computation onto a CUDA compatible GPU.
|
| services.mediatomb.transcoding | Whether to enable transcoding.
|
| services.prosody.ssl.cert | Path to the certificate file.
|
| services.pufferpanel.package | The pufferpanel package to use.
|
| services.sanoid.datasets.<name>.useTemplate | Names of the templates to use for this dataset.
|
| services.slskd.nginx.locations.<name>.proxyPass | Adds proxy_pass directive and sets recommended proxy headers if
recommendedProxySettings is enabled.
|
| services.tor.settings.ControlSocketsGroupWritable | See torrc manual.
|
| services.oauth2-proxy.redirectURL | The OAuth2 redirect URL.
|
| services.prometheus.scrapeConfigs.*.digitalocean_sd_configs.*.oauth2.scopes | Scopes for the token request.
|
| services.prometheus.scrapeConfigs.*.triton_sd_configs.*.version | The Triton discovery API version
|
| services.scanservjs.settings.port | The port to listen on.
|
| services.smokeping.enable | Whether to enable smokeping service.
|
| services.unifi.enable | Whether or not to enable the unifi controller service.
|
| services.limesurvey.httpd.virtualHost.http2 | Whether to enable HTTP 2
|
| services.nsd.zones.<name>.rrlWhitelist | Whitelists the given rrl-types.
|
| services.prometheus.exporters.mongodb.collStats | List of comma separared databases.collections to get $collStats
|
| services.prometheus.exporters.scaphandre.extraFlags | Extra commandline options to pass to the scaphandre exporter.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.basic_auth.password_file | HTTP password file
|
| services.squid.validateConfig | Validate config syntax.
|
| services.lk-jwt-service.package | The lk-jwt-service package to use.
|
| services.mailman.webHosts | The list of hostnames and/or IP addresses from which the Mailman Web
UI will accept requests
|
| services.mainsail.nginx.locations.<name>.tryFiles | Adds try_files directive.
|
| services.mastodon.package | The mastodon package to use.
|
| services.monica.nginx.http2 | Whether to enable the HTTP/2 protocol
|
| services.nginx.preStart | Shell commands executed before the service's nginx is started.
|
| services.scion.scion-dispatcher.settings | scion-dispatcher configuration
|
| services.tlsrpt.reportd.settings.contact_info | Contact information embedded into the reports.
|
| services.pdfding.port | Port on which PdfDing listens
|
| services.sabnzbd.settings.servers.<name>.enable | Enable this server by default
|
| services.mpd.dataDir | The directory where MPD stores its state, tag cache, playlists etc
|
| services.nipap.nipapd.database.createLocally | Create a nipap database automatically.
|
| services.peertube.database.createLocally | Configure local PostgreSQL database server for PeerTube.
|
| services.pipewire.pulse.enable | Whether to enable PulseAudio server emulation.
|
| services.prometheus.pushgateway.enable | Whether to enable Prometheus Pushgateway.
|
| services.tuliprox.enable | Whether to enable Tuliprox IPTV playlist processor & proxy.
|
| services.misskey.reverseProxy.ssl | Whether to enable SSL for the reverse proxy
|
| services.mysql.galeraCluster.clusterAddress | Full Galera cluster connection string
|
| services.pantheon.apps.enable | Whether to enable Pantheon default applications.
|
| services.sanoid.settings | Free-form settings written directly to the config file
|
| services.mqtt2influxdb.influxdb.password | Password for InfluxDB login
|
| services.nebula.networks.<name>.lighthouse.dns.host | IP address on which nebula lighthouse should serve DNS.
'localhost' is a good default to ensure the service does not listen on public interfaces;
use a Nebula address like 10.0.0.5 to make DNS resolution available to nebula hosts only.
|
| services.nginx.defaultListen.*.extraParameters | Extra parameters of this listen directive.
|
| services.omnom.settings.smtp.tls | Whether to enable Whether TLS encryption should be used..
|
| services.openafsServer.roles.fileserver.fileserverArgs | Arguments to the dafileserver process
|
| services.mainsail.nginx.acmeRoot | Directory for the ACME challenge, which is public
|
| services.misskey.settings.meilisearch.host | The Meilisearch host.
|
| services.oncall.settings.oncall_host | FQDN for the Oncall instance.
|
| services.open-web-calendar.enable | Whether to enable OpenWebCalendar service.
|
| services.prometheus.exporters.unbound.unbound.ca | Path to the Unbound server certificate authority
|
| services.quassel.dataDir | The directory holding configuration files, the SQlite database and the SSL Cert.
|
| services.synergy.server.tls.cert | The TLS certificate to use for encryption.
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.port | The port to scrape metrics from
|
| services.radicle.httpd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.start_action | Action to perform after loading the configuration.
- The default of
none loads the connection only, which
then can be manually initiated or used as a responder configuration.
- The value
trap installs a trap policy, which triggers
the tunnel as soon as matching traffic has been detected.
- The value
start initiates the connection actively.
- Since version 5.9.6 two modes above can be combined with
trap|start,
to immediately initiate a connection for which trap policies have been installed
|
| services.teamspeak3.enable | Whether to run the Teamspeak3 voice communication server daemon.
|
| services.thanos.rule.grpc-server-tls-cert | TLS Certificate for gRPC server, leave blank to disable TLS
|
| services.matomo.nginx.rejectSSL | Whether to listen for and reject all HTTPS connections to this vhost
|
| services.mqtt2influxdb.influxdb.port | InfluxDB server port
|
| services.odoo.enable | Whether to enable odoo, an open source ERP and CRM system.
|
| services.prometheus.exporters.dnssec.group | Group under which the dnssec exporter shall be run.
|
| services.prometheus.exporters.dnssec.listenAddress | Listen address as host IP and port definition.
|
| services.prometheus.exporters.postfix.systemd.journalPath | Path to the systemd journal.
|
| services.rsyslogd.extraParams | Additional parameters passed to rsyslogd.
|
| services.teeworlds.game.playerSlots | The amount of slots to reserve for players (as opposed to spectators).
|
| services.paisa.openFirewall | Open ports in the firewall for the Paisa web server.
|
| services.postfix.localRecipients | List of accepted local users
|
| services.prometheus.exporters.kea.group | Group under which the kea exporter shall be run.
|
| services.thanos.query.query.timeout | Maximum time to process query by query node
|
| services.thermald.enable | Whether to enable thermald, the temperature management daemon.
|
| services.tor.settings.MaxCircuitDirtiness | See torrc manual.
|
| services.mosquitto.settings | Global configuration options for the mosquitto broker.
|
| services.netbox.dataDir | Storage path of netbox.
|
| services.pinchflat.enable | Whether to enable pinchflat.
|
| services.prometheus.scrapeConfigs.*.openstack_sd_configs.*.project_id | The project_id and project_name fields are optional for the Identity V2 API
|
| services.radicle.httpd.nginx.locations | Declarative location config
|
| services.rkvm.server.settings.password | Shared secret token to authenticate the client
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.exporters.fritz.settings | Configuration settings for fritz-exporter.
|
| services.prometheus.exporters.imap-mailstat.enable | Whether to enable the prometheus imap-mailstat exporter.
|
| services.prometheus.exporters.mail.port | Port to listen on.
|
| services.prometheus.exporters.mailman3.mailman.user | Mailman3 Core REST API username.
|
| services.prosody.modules.announce | Send announcement to all online users
|
| services.molly-brown.keyPath | Path to TLS key
|
| services.pgadmin.emailServer.passwordFile | Password for SMTP email account
|
| services.postgresql.identMap | Defines the mapping from system users to database users
|
| services.psd.enable | Whether to enable the Profile Sync daemon.
|
| services.smokeping.cgiUrl | URL to the smokeping cgi.
|
| services.strongswan-swanctl.swanctl.secrets.xauth.<name>.secret | Value of the EAP/XAuth secret
|
| services.nginx.gitweb.user | Existing user that the CGI process will belong to. (Default almost surely will do.)
|
| services.oauth2-proxy.github.team | Restrict logins to members of this team.
|
| services.prometheus.exporters.scaphandre.telemetryPath | Path under which to expose metrics.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.basic_auth | Optional HTTP basic authentication information.
|
| services.pretalx.settings.database.name | Database name.
|
| services.reposilite.database.type | Database engine to use.
|
| services.sympa.database.createLocally | Whether to create a local database automatically.
|