| containers.<name>.extraVeths.<name>.hostBridge | Put the host-side of the veth-pair into the named bridge
|
| services.bacula-sd.autochanger.<name>.changerDevice | The specified name-string must be the generic SCSI device name of the
autochanger that corresponds to the normal read/write Archive Device
specified in the Device resource
|
| users.users.<name>.extraGroups | The user's auxiliary groups.
|
| services.prosody.virtualHosts.<name>.domain | Domain name
|
| systemd.services.<name>.path | Packages added to the service's PATH
environment variable
|
| services.httpd.virtualHosts.<name>.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.nginx.virtualHosts.<name>.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.znapzend.zetup.<name>.destinations.<name>.dataset | Dataset name to send snapshots to.
|
| virtualisation.interfaces.<name>.name | Interface name
|
| services.autorandr.profiles.<name>.config.<name>.primary | Whether output should be marked as primary
|
| services.geth.<name>.metrics.port | Port number of Go Ethereum metrics service.
|
| services.geth.<name>.http.address | Listen address of Go Ethereum HTTP API.
|
| systemd.services.<name>.preStart | Shell commands executed before the service's main process
is started.
|
| services.etebase-server.settings.database.name | The database name.
|
| services.pppd.peers.<name>.config | pppd configuration for this peer, see the pppd(8) man page.
|
| services.bitcoind.<name>.dataDir | The data directory for bitcoind.
|
| services.rsync.jobs.<name>.sources | Source directories.
|
| services.h2o.hosts.<name>.tls.quic | Enables HTTP/3 over QUIC on the UDP port for TLS
|
| systemd.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.services.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.cgit.<name>.settings | cgit configuration, see cgitrc(5)
|
| services.uhub.<name>.settings | Configuration of uhub
|
| services.autosuspend.checks.<name>.class | Name of the class implementing the check
|
| services.k3s.autoDeployCharts.<name>.package | The packaged Helm chart
|
| services.i2pd.outTunnels.<name>.keys | Keyset used for tunnel identity.
|
| services.postfix.settings.master.<name>.command | A program name specifying a Postfix service/daemon process
|
| nix.registry.<name>.to | The flake reference from is rewritten to
|
| users.users.<name>.enable | If set to false, the user account will not be created
|
| services.geth.<name>.authrpc.port | Port number of Go Ethereum Auth RPC API.
|
| services.tts.servers.<name>.useCuda | Whether to offload computation onto a CUDA compatible GPU.
|
| containers.<name>.extraVeths.<name>.hostAddress | The IPv4 address assigned to the host interface.
(Not used when hostBridge is set.)
|
| services.gvpe.nodename | GVPE node name
|
| services.bitcoind.<name>.pidFile | Location of bitcoind pid file.
|
| virtualisation.allInterfaces.<name>.name | Interface name
|
| services.postfix.networksStyle | Name of standard way of trusted network specification to use,
leave blank if you specify it explicitly or if you want to use
default (localhost-only).
|
| systemd.network.networks.<name>.dhcpPrefixDelegationConfig | Each attribute in this set specifies an option in the
[DHCPPrefixDelegation] section of the unit
|
| systemd.user.units.<name>.text | Text of this systemd unit.
|
| services.bitcoind.<name>.group | The group as which to run bitcoind.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.slot | Optional slot number of the token that stores the certificate.
|
| services.netbird.clients | Attribute set of NetBird client daemons, by default each one will:
- be manageable using dedicated tooling:
netbird-<name> script,NetBird - netbird-<name> graphical interface when appropriate (see ui.enable),
- run as a
netbird-<name>.service,
- listen for incoming remote connections on the port
51820 (openFirewall by default),
- manage the
netbird-<name> wireguard interface,
- use the /var/lib/netbird-/config.json configuration file,
- override /var/lib/netbird-/config.json with values from /etc/netbird-/config.d/*.json,
- (
hardened) be locally manageable by netbird-<name> system group,
With following caveats:
- multiple daemons will interfere with each other's DNS resolution of
netbird.cloud, but
should remain fully operational otherwise
|
| ec2.zfs.datasets.<name>.mount | Where to mount this dataset.
|
| services.rke2.autoDeployCharts.<name>.package | The packaged Helm chart
|
| services.mpd.settings | Configuration for MPD
|
| systemd.services.<name>.script | Shell commands executed as the service's main process.
|
| systemd.user.services.<name>.preStop | Shell commands executed to stop the service.
|
| services.szurubooru.server.settings.name | Name shown in the website title and on the front page.
|
| networking.wireless.networks.<name>.priority | By default, all networks will get same priority group (0)
|
| programs.tsmClient.servers.<name>.nodename | Target node name on the IBM TSM server.
|
| services.i2pd.inTunnels.<name>.inbound.length | Guaranteed minimum hops for ‹name› tunnels.
|
| services.webhook.hooks.<name>.id | The ID of your hook
|
| containers.<name>.extraVeths.<name>.hostAddress6 | The IPv6 address assigned to the host interface.
(Not used when hostBridge is set.)
|
| services.fedimintd.<name>.nginx.config.locations.<name>.root | Root directory for requests.
|
| services.autorandr.profiles.<name>.config.<name>.scale.method | Output scaling method.
|
| fileSystems.<name>.fsType | Type of the file system
|
| services.drupal.sites.<name>.filesDir | The location of the Drupal files directory.
|
| users.users.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| boot.initrd.luks.devices.<name>.header | The name of the file or block device that
should be used as header for the encrypted device.
|
| services.bitmagnet.settings.postgres.name | Database name to connect to
|
| services.drupal.sites.<name>.virtualHost.locations.<name>.proxyPass | Sets up a simple reverse proxy as described by https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html#simple.
|
| systemd.services.<name>.bindsTo | Like ‘requires’, but in addition, if the specified units
unexpectedly disappear, this unit will be stopped as well.
|
| users.users.<name>.shell | The path to the user's shell
|
| services.nix-store-gcs-proxy.<name>.enable | Whether to enable proxy for this bucket
|
| services.matrix-synapse.settings.database.name | The database engine name
|
| systemd.network.networks.<name>.hierarchyTokenBucketClassConfig | Each attribute in this set specifies an option in the
[HierarchyTokenBucketClass] section of the unit
|
| services.i2pd.inTunnels.<name>.inPort | Service port
|
| systemd.services.<name>.postStart | Shell commands executed after the service's main process
is started.
|
| systemd.services.<name>.reload | Shell commands executed when the service's main process
is reloaded.
|
| services.i2pd.outTunnels.<name>.inbound.length | Guaranteed minimum hops for ‹name› tunnels.
|
| services.awstats.configs.<name>.extraConfig | Extra configuration to be appended to awstats.${name}.conf.
|
| services.rsync.jobs.<name>.timerConfig | When to run the job.
|
| services.github-runners.<name>.runnerGroup | Name of the runner group to add this runner to (defaults to the default runner group)
|
| services.wyoming.piper.servers.<name>.voice | Name of the voice model to use
|
| services.drupal.sites.<name>.stateDir | The location of the Drupal site state directory.
|
| systemd.user.services.<name>.wants | Start the specified units when this unit is started.
|
| services.autorandr.profiles.<name>.config.<name>.position | Output position
|
| services.jupyter.kernels.<name>.displayName | Name that will be shown to the user.
|
| users.users.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.ndppd.proxies.<name>.ttl | Controls how long a valid or invalid entry remains in the cache, in
milliseconds.
|
| systemd.user.services.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.pgbackrest.stanzas.<name>.jobs.<name>.schedule | When or how often the backup should run
|
| services.quicktun.<name>.privateKeyFile | Path to file containing local secret key in binary or hexadecimal form.
Not needed when services.quicktun..protocol is set to raw.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.slot | Optional slot number of the token that stores the certificate.
|
| security.pam.services.<name>.text | Contents of the PAM service file.
|
| services.archisteamfarm.bots.<name>.username | Name of the user to log in
|
| services.stash.settings.stash_boxes.*.name | The name of the Stash Box
|
| systemd.services.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| systemd.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| hardware.alsa.controls.<name>.card | Name of the PCM card to control (slave).
|
| services.bind.zones.<name>.masters | List of servers for inclusion in stub and secondary zones.
|
| services.bluemap.maps.<name>.world | Path to world folder containing the dimension to render
|
| services.redis.servers.<name>.bind | The IP interface to bind to.
null means "all interfaces".
|
| services.quicktun.<name>.tunMode | Whether to operate in tun (IP) or tap (Ethernet) mode.
|
| services.spiped.config.<name>.keyfile | Name of a file containing the spiped key
|
| security.acme.certs.<name>.s3Bucket | S3 bucket name to use for HTTP-01 based challenges
|
| services.openvpn.servers | Each attribute of this option defines a systemd service that
runs an OpenVPN instance
|
| services.fedimintd.<name>.nginx.config.locations.<name>.index | Adds index directive.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.alias | Alias directory for requests.
|
| services.librespeed.frontend.servers.*.name | Name shown in the server list.
|
| services.autosuspend.wakeups.<name>.class | Name of the class implementing the check
|
| services.tahoe.nodes.<name>.web.port | The port on which the Web server will listen
|