| services.guacamole-server.extraEnvironment | Environment variables to pass to guacd.
|
| services.thanos.sidecar.reloader.config-envsubst-file | Output file for environment variable substituted config file.
|
| services.firezone.server.web.settings | Environment variables for this component of the Firezone server
|
| programs.gnupg.agent.pinentryPackage | Which pinentry package to use
|
| services.jupyterhub.jupyterhubEnv | Python environment to run jupyterhub
Customizing will affect the packages available in the hub and
proxy
|
| services.firezone.server.api.settings | Environment variables for this component of the Firezone server
|
| security.acme.defaults.credentialFiles | Environment variables suffixed by "_FILE" to set for the cert's service
for your selected dnsProvider
|
| services.prometheus.exporters.bitcoin.extraEnv | Extra environment variables for the exporter.
|
| services.jupyterhub.jupyterlabEnv | Python environment to run jupyterlab
Customizing will affect the packages available in the
jupyterlab server and the default kernel provided
|
| programs.opengamepadui.extraPackages | Additional packages to add to the OpenGamepadUI environment.
|
| services.peertube.serviceEnvironmentFile | Set environment variables for the service
|
| services.boinc.extraEnvPackages | Additional packages to make available in the environment in which
BOINC will run
|
| services.reposilite.settings.keyPath | Path to the .jsk KeyStore or paths to the PKCS#8 certificate and private key, separated by a space (see example)
|
| services.jupyter.extraEnvironmentVariables | Extra environment variables to be set in the runtime context of jupyter notebook
|
| services.gitea-actions-runner.instances.<name>.labels | Labels used to map jobs to their runtime environment
|
| services.firezone.server.domain.settings | Environment variables for this component of the Firezone server
|
| services.openvscode-server.extraEnvironment | Additional environment variables to pass to openvscode-server.
|
| services.waagent.settings.ResourceDisk.FileSystem | The file system type for the resource disk
|
| services.sharkey.setupMeilisearch | Whether to automatically set up a local Meilisearch instance and configure Sharkey to use it
|
| services.cassandra.heapNewSize | Must be left blank or set together with heapNewSize
|
| services.kubernetes.pki.etcClusterAdminKubeconfig | Symlink a kubeconfig with cluster-admin privileges to environment path
(/etc/<path>).
|
| services.klipper.firmwares.<name>.enableKlipperFlash | Whether to enable flashings scripts for firmware
|
| services.pinnwand.settings.database_uri | Database URI compatible with SQLAlchemy
|
| services.nextcloud-whiteboard-server.settings | Settings to configure backend server
|
| documentation.man.mandoc.manPath | Change the paths included in the MANPATH environment variable,
i. e. the directories where man(1)
looks for section-specific directories of man pages
|
| services.athens.downloadMode | Defines how Athens behaves when a module@version
is not found in storage
|
| services.foundationdb.extraReadWritePaths | An extra set of filesystem paths that FoundationDB can read to
and write from
|
| services.hadoop.yarn.resourcemanager.extraEnv | Extra environment variables
|
| services.matrix-continuwuity.extraEnvironment | Extra Environment variables to pass to the continuwuity server.
|
| services.xserver.displayManager.startx.generateScript | Whether to generate the system-wide xinitrc script (/etc/X11/xinit/xinitrc)
|
| services.keepalived.vrrpInstances.<name>.unicastPeers | Do not send VRRP adverts over VRRP multicast group
|
| services.xserver.desktopManager.enlightenment.enable | Enable the Enlightenment desktop environment.
|
| services.sabnzbd.settings.ntfosd.ntfosd_enable | Whether to enable NotifyOSD alerts
|
| services.suricata.settings.dpdk | Data Plane Development Kit is a framework for fast packet processing in data plane applications running on a wide variety of CPU architectures
|
| services.xserver.windowManager.xmonad.enableConfiguredRecompile | Enable recompilation even if config is set to a
non-null value
|
| programs.pay-respects.aiIntegration | Whether to enable pay-respects' LLM integration
|
| virtualisation.directBoot.enable | If enabled, the virtual machine will boot directly into the kernel instead of through a bootloader
|
| services.prometheus.exporters.pgbouncer.connectionEnvFile | File that must contain the environment variable
PGBOUNCER_EXPORTER_CONNECTION_STRING which is set to the connection
string used by pgbouncer
|
| services.prometheus.scrapeConfigs.*.ec2_sd_configs.*.secret_key | The AWS API key secret
|
| services.prometheus.scrapeConfigs.*.ec2_sd_configs.*.access_key | The AWS API key id
|
| services.xserver.windowManager.xmonad.config | Configuration from which XMonad gets compiled
|
| services.system76-scheduler.settings.processScheduler.foregroundBoost.enable | Boost foreground process priorities.
(And de-boost background ones)
|
| services.headscale.settings.oidc.client_secret_path | Path to OpenID Connect client secret file
|
| services.prometheus.scrapeConfigs.*.lightsail_sd_configs.*.secret_key | The AWS API keys
|
| services.prometheus.scrapeConfigs.*.lightsail_sd_configs.*.access_key | The AWS API keys
|
| services.doh-server.settings.ecs_allow_non_global_ip | By default, non global IP addresses are never forwarded to upstream servers
|
| programs.zsh.shellAliases | Set of aliases for zsh shell, which overrides environment.shellAliases
|
| programs.fish.shellAliases | Set of aliases for fish shell, which overrides environment.shellAliases
|
| programs.bash.shellAliases | Set of aliases for bash shell, which overrides environment.shellAliases
|
| qt.enable | Whether to enable Qt configuration, including theming
|
| users.users.<name>.packages | The set of packages that should be made available to the user
|
| services.patroni.settings | The primary patroni configuration
|
| services.netdata.configDir | Complete netdata config directory except netdata.conf
|
| users.extraUsers.<name>.packages | The set of packages that should be made available to the user
|
| services.xserver.wacom.enable | Whether to enable the Wacom touchscreen/digitizer/tablet
|
| programs.steam.package | The Steam package to use
|
| services.hylafax.userAccessFile | The hosts.hfaxd
file entry in the spooling area
will be symlinked to the location given here
|
| programs.git.lfs.enablePureSSHTransfer | Whether to enable Enable pure SSH transfer in server side by adding git-lfs-transfer to environment.systemPackages.
|
| services.gitlab-runner.extraPackages | Extra packages to add to PATH for the gitlab-runner process
|
| services.swapspace.installWrapper | This will add swapspace wrapped with the generated config, to environment.systemPackages
|
| documentation.enable | Whether to install documentation of packages from
environment.systemPackages into the generated system path
|
| services.alloy.configPath | Alloy configuration file/directory path
|
| services.mqtt2influxdb.mqtt.password | MQTT password
|
| programs.steam.gamescopeSession.env | Environmental variables to be passed to GameScope for the session.
|
| services.maddy.secrets | A list of files containing the various secrets
|
| services.mqtt2influxdb.influxdb.password | Password for InfluxDB login
|
| programs.steam.extraCompatPackages | Extra packages to be used as compatibility tools for Steam on Linux
|
| hardware.nvidia.prime.offload.enableOffloadCmd | Whether to enable adding a nvidia-offload convenience script to environment.systemPackages
for offloading programs to an nvidia device
|
| services.eintopf.secrets | A list of files containing the various secrets
|
| services.atuin.database.uri | URI to the database
|
| services.evcc.settings | evcc configuration as a Nix attribute set
|
| services.vmagent.checkConfig | Check configuration
|
| services.pomerium.secretsFile | Path to file containing secrets for Pomerium, in systemd
EnvironmentFile format
|
| services.rspamd-trainer.secrets | A list of files containing the various secrets
|
| services.duplicity.secretFile | Path of a file containing secrets (gpg passphrase, access key...) in
the format of EnvironmentFile as described by
systemd.exec(5)
|
| services.ipfs-cluster.secretFile | File containing the cluster secret in the format of EnvironmentFile as described by
systemd.exec(5)
|
| programs.opengamepadui.gamescopeSession.env | Environmental variables to be passed to GameScope for the session.
|
| services.minio.rootCredentialsFile | File containing the MINIO_ROOT_USER, default is "minioadmin", and
MINIO_ROOT_PASSWORD (length >= 8), default is "minioadmin"; in the format of
an EnvironmentFile=, as described by systemd.exec(5).
|
| services.prefect.databasePasswordFile | path to a file containing e.g.:
DBPASSWORD=supersecret
stored outside the nix store, read by systemd as EnvironmentFile.
|
| services.mealie.credentialsFile | File containing credentials used in mealie such as POSTGRES_PASSWORD
or sensitive LDAP options
|
| services.pyload.credentialsFile | File containing PYLOAD_DEFAULT_USERNAME and
PYLOAD_DEFAULT_PASSWORD in the format of an EnvironmentFile=,
as described by systemd.exec(5)
|
| services.traccar.settings | config.xml configuration as a Nix attribute set
|
| services.mautrix-signal.settings | config.yaml configuration as a Nix attribute set
|
| services.firefox-syncserver.secrets | A file containing the various secrets
|
| services.mautrix-telegram.settings | config.yaml configuration as a Nix attribute set
|
| boot.isNspawnContainer | Whether the machine is running in an nspawn container
|
| services.miniflux.adminCredentialsFile | File containing the ADMIN_USERNAME and
ADMIN_PASSWORD (length >= 6) in the format of
an EnvironmentFile=, as described by systemd.exec(5).
|
| services.rmfakecloud.extraSettings | Extra settings in the form of a set of key-value pairs
|
| services.mautrix-whatsapp.settings | config.yaml configuration as a Nix attribute set
|
| services.mautrix-meta.instances.<name>.settings | config.yaml configuration as a Nix attribute set
|
| services.wstunnel.clients.<name>.httpProxy | Proxy to use to connect to the wstunnel server (USER:PASS@HOST:PORT).
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the environmentFile option
to a file containing PROXY_PASSWORD=<your-password-here> and set
this option to <user>:$PROXY_PASSWORD@<host>:<port>
|
| services.mattermost.database.password | Password for local Mattermost database user
|
| services.nextcloud-whiteboard-server.secrets | A list of files containing the various secrets
|
| services.icecream.daemon.user | User to run the icecream daemon as
|
| xdg.portal.extraPortals | List of additional portals to add to path
|
| programs.nm-applet.indicator | Whether to use indicator instead of status icon
|
| services.geoclue2.enableDemoAgent | Whether to use the GeoClue demo agent
|
| programs.dms-shell.systemd.target | The systemd target that will automatically start the DankMaterialShell service
|
| hardware.graphics.enable | Whether to enable hardware accelerated graphics drivers
|
| services.icecream.daemon.cacheLimit | Maximum size in Megabytes of cache used to store compile environments of compile clients.
|