| services.slurm.dbdserver.dbdHost | Hostname of the machine where slurmdbd
is running (i.e. name returned by hostname -s).
|
| services.supybot.plugins | Attribute set of additional plugins that will be symlinked to the
plugin subdirectory
|
| services.cloudlog.database.user | MySQL user name.
|
| services.zabbixWeb.nginx.virtualHost | Nginx configuration can be done by adapting services.nginx.virtualHosts.<name>
|
| systemd.network.config.routeTables | Defines route table names as an attrset of name to number
|
| services.zabbixWeb.httpd.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.<name>
|
| services.dependency-track.settings."alpine.oidc.teams.claim" | Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint
|
| services.prometheus.exporters.sql.configuration.jobs.<name>.connections | A list of connection strings of the SQL servers to scrape metrics from
|
| services.keycloak.database.username | Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned
|
| networking.networkmanager.dispatcherScripts.*.source | Path to the hook script.
|
| services.sanoid.templates.<name>.pre_snapshot_script | Script to run before taking snapshot.
|
| services.nullmailer.config.defaultdomain | The content of this attribute is appended to any host name that
does not contain a period (except localhost), including defaulthost
and idhost
|
| services.mjolnir.pantalaimon.username | The username to login with.
|
| services.soju.acceptProxyIP | Allow the specified IPs to act as a proxy
|
| services.athens.storage.minio.bucket | Bucket name for the minio storage backend.
|
| services.writefreely.host | The public host name to serve.
|
| services.nextcloud-spreed-signaling.settings.sessions.blockkeyFile | The path to the file containing the value for sessions.blockkey
|
| services.warpgate.settings.http.sni_certificates.*.key | Path to private key.
|
| services.shellhub-agent.preferredHostname | Set the device preferred hostname
|
| services.prometheus.scrapeConfigs.*.kubernetes_sd_configs.*.namespaces.names | Namespace name.
|
| services.coder.database.database | Name of database.
|
| services.athens.index.mysql.database | Database name for the MySQL database.
|
| services.cadvisor.storageDriverDb | Cadvisord storage driver database name.
|
| services.hatsu.settings.HATSU_DOMAIN | The domain name of your instance (eg 'hatsu.local').
|
| image.repart.verityStore.partitionIds.esp | Specify the attribute name of the ESP.
|
| services.cjdns.ETHInterface.bind | Bind to this device for native ethernet operation.
all is a pseudo-name which will try to connect to all devices.
|
| services.icingaweb2.pool | Name of existing PHP-FPM pool that is used to run Icingaweb2
|
| networking.networkmanager.ensureProfiles.profiles.<name>.connection.type | The connection type defines the connection kind, like vpn, wireguard, gsm, wifi and more.
|
| services.teeworlds.game.tournamentMode | Whether to enable tournament mode
|
| services.strongswan-swanctl.swanctl.connections.<name>.unique | Connection uniqueness policy to enforce
|
| services.minetest-server.world | Name of the world to use
|
| services.slskd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.misskey.reverseProxy.host | The fully qualified domain name to bind to
|
| services.movim.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.pds.settings.PDS_HOSTNAME | Instance hostname (base domain name)
|
| services.resolved.llmnr | Controls Link-Local Multicast Name Resolution support
(RFC 4795) on the local host
|
| hardware.firmware | List of packages containing firmware files
|
| services.davis.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.borgmatic.configurations.<name>.repositories | A required list of local or remote repositories with paths and
optional labels (which can be used with the --repository flag to
select a repository)
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.x_forwarded | Use the X-Forwarded-For (XFF) header as the client IP and not the
actual client IP.
|
| services.firewalld.settings.IPv6_rpfilter | Performs reverse path filtering (RPF) on IPv6 packets as per RFC 3704
|
| services.reposilite.settings.hostname | The hostname to bind to
|
| services.snipe-it.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.slurm.controlMachine | The short hostname of the machine where SLURM control functions are
executed (i.e. the name returned by the command "hostname -s", use "tux001"
rather than "tux001.my.com").
|
| services.netbird.server.signal.domain | The domain name for the signal service.
|
| boot.zfs.extraPools | Name or GUID of extra ZFS pools that you wish to import during boot
|
| networking.ucarp.upscript | Command to run after become master, the interface name, virtual address
and optional extra parameters are passed as arguments.
|
| services.xserver.xrandrHeads.*.output | The output name of the monitor, as shown by
xrandr(1) invoked without arguments.
|
| services.dsnet.settings.ExternalHostname | The hostname that clients should use to connect to this server
|
| services.strongswan-swanctl.swanctl.connections.<name>.local_addrs | Local address(es) to use for IKE communication
|
| services.firezone.server.provision.accounts.<name>.features.flow_activities | Whether to enable the flow_activities feature for this account.
|
| services.firezone.server.provision.accounts.<name>.features.traffic_filters | Whether to enable the traffic_filters feature for this account.
|
| services.rustus.storage.s3_access_key_file | File path that contains the S3 access key.
|
| services.rustus.storage.s3_secret_key_file | File path that contains the S3 secret key.
|
| services.strongswan-swanctl.swanctl.connections.<name>.send_certreq | Send certificate request payloads to offer trusted root CA certificates to
the peer
|
| services.sanoid.datasets.<name>.post_snapshot_script | Script to run after taking snapshot.
|
| virtualisation.virtualbox.host.enableHardening | Enable hardened VirtualBox, which ensures that only the binaries in the
system path get access to the devices exposed by the kernel modules
instead of all users in the vboxusers group.
Disabling this can put your system's security at risk, as local users
in the vboxusers group can tamper with the VirtualBox device files.
|
| services.suricata.settings.unix-command.filename | Filename for unix-command socket.
|
| services.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| services.restic.server.privateRepos | Enable private repos
|
| services.mastodon.user | User under which mastodon runs
|
| services.tailscale.derper.domain | Domain name under which the derper server is reachable.
|
| services.openvscode-server.host | The host name or IP address the server should listen to.
|
| services.knot-resolver.enable | Whether to enable knot-resolver (version 6) domain name server
|
| services.gitea.settings.server.DOMAIN | Domain name of your server.
|
| services.vault-agent.instances | Attribute set of vault-agent instances
|
| services.postfix.settings.main.myhostname | The internet hostname of this mail system
|
| services.strongswan-swanctl.swanctl.authorities.<name>.cert_uri_base | Defines the base URI for the Hash and URL feature supported by
IKEv2
|
| services.strongswan-swanctl.swanctl.connections.<name>.reauth_time | Time to schedule IKE reauthentication
|
| services.trilium-server.instanceName | Instance name used to distinguish between different instances
|
| services.tailscale.authKeyFile | A file containing the auth key
|
| services.ncps.cache.lru.scheduleTimeZone | The name of the timezone to use for the cron schedule
|
| services.nominatim.enable | Whether to enable nominatim
|
| services._3proxy.resolution | Use this option to configure name resolution and DNS caching.
|
| services.buildbot-worker.adminMessage | Name of the administrator of this worker
|
| programs.regreet.cursorTheme.package | The package that provides the cursor theme given in the name option.
|
| services.kapacitor.defaultDatabase.username | The username to connect to the remote InfluxDB server
|
| services.victorialogs.basicAuthUsername | Basic Auth username used to protect VictoriaLogs instance by authorization
|
| services.sanoid.templates.<name>.post_snapshot_script | Script to run after taking snapshot.
|
| services.roundcube.enable | Whether to enable roundcube
|
| services.matomo.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.portunus.ldap.searchUserName | The login name of the search user
|
| services.monica.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.postfix.networksStyle | Name of standard way of trusted network specification to use,
leave blank if you specify it explicitly or if you want to use
default (localhost-only).
|
| services.akkoma.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| programs.kubeswitch.commandName | The name of the command to use
|
| services.gancio.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.fluidd.nginx.http3 | Whether to enable the HTTP/3 protocol
|
| services.gammu-smsd.backend.sql.database | Database name to store sms data
|
| services.gitlab.registry.serviceName | GitLab container registry service name.
|
| services.gotify.stateDirectoryName | The name of the directory below /var/lib where
gotify stores its runtime data.
|
| users.ldap.daemon.rootpwmoddn | The distinguished name to use to bind to the LDAP server
when the root user tries to modify a user's password.
|
| services.matrix-synapse.workers.<name>.worker_listeners.*.resources.*.compress | Whether synapse should compress HTTP responses to clients that support it
|
| services.slurm.dbdserver.storageUser | Database user name.
|
| services.rustus.storage.s3_region | S3 region name.
|
| image.repart.verityStore.partitionIds.store | Specify the attribute name of the store partition.
|
| services.lavalink.plugins.*.configName | The name of the plugin to use as the key for the plugin configuration.
|
| services.authelia.instances.<name>.settings.default_2fa_method | Default 2FA method for new users and fallback for preferred but disabled methods.
|
| services.heisenbridge.namespaces | Configure the 'namespaces' section of the registration.yml for the bridge and the server
|
| services.journaldriver.applicationCredentials | Path to the service account private key (in JSON-format) used
to forward log entries to Stackdriver Logging on non-GCP
instances
|