| services.dspam.domainSocket | Path to local domain socket which is used for communication with the daemon
|
| services.c2fmzq-server.passphraseFile | Path to file containing the database passphrase
|
| services.anuko-time-tracker.nginx.addSSL | Whether to enable HTTPS in addition to plain HTTP
|
| services.grafana.settings.database.type | Database type.
|
| services.asterisk.enable | Whether to enable the Asterisk PBX server.
|
| services.heisenbridge.identd.port | identd listen port
|
| services.flannel.kubeconfig | Path to kubeconfig to use for storing flannel config using the
Kubernetes API
|
| services._3proxy.services.*.extraArguments | Extra arguments for service
|
| services.borgbackup.jobs.<name>.inhibitsSleep | Prevents the system from sleeping while backing up.
|
| services.dockerRegistry.enableDelete | Enable delete for manifests and blobs.
|
| hardware.alsa.controls.<name>.card | Name of the PCM card to control (slave).
|
| services.discourse.admin.fullName | The admin user's full name.
|
| services.fedimintd.<name>.nginx.config.listen.*.port | Port number to listen on
|
| hardware.openrazer.users | Usernames to be added to the "openrazer" group, so that they
can start and interact with the OpenRazer userspace daemon.
|
| services.gitea.mailerPasswordFile | Path to a file containing the SMTP password.
|
| networking.nat.enableIPv6 | Whether to enable IPv6 NAT.
|
| services.glitchtip.listenAddress | The address to listen on.
|
| services.grafana.provision.alerting.contactPoints.settings | Grafana contact points configuration in Nix
|
| services.hadoop.containerExecutorCfg | Yarn container-executor.cfg definition
https://hadoop.apache.org/docs/r2.7.2/hadoop-yarn/hadoop-yarn-site/SecureContainer.html
|
| services.irqbalance.enable | Whether to enable irqbalance daemon.
|
| services._3proxy.services | Use this option to define 3proxy services.
|
| services.klipper.configDir | Path to Klipper config file.
|
| services.clatd.enable | Whether to enable clatd.
|
| services.ersatztv.group | Group under which ErsatzTV runs.
|
| services.homed.settings.Home | Options for systemd-homed
|
| services.gitea.minioAccessKeyId | Path to a file containing the Minio access key id.
|
| services.gancio.nginx.forceSSL | Whether to add a separate nginx server block that redirects (defaults
to 301, configurable with redirectCode) all plain HTTP traffic to
HTTPS
|
| image.repart.partitions | Specify partitions as a set of the names of the partitions with their
configuration as the key.
|
| networking.interfaces.<name>.ipv6.routes.*.prefixLength | Subnet mask of the network, specified as the number of
bits in the prefix (64).
|
| services.clatd.settings | Configuration of clatd
|
| services.athens.singleFlight.redis.endpoint | URL of the redis server.
|
| services.fediwall.settings | Fediwall configuration
|
| services.castopod.database.createLocally | Create the database and database user locally.
|
| services.grafana.settings.server.cert_file | Path to the certificate file (if protocol is set to https or h2).
|
| services.jenkins.port | Specifies port number on which the jenkins HTTP interface listens
|
| services.httpd.virtualHosts.<name>.forceSSL | Whether to add a separate nginx server block that permanently redirects (301)
all plain HTTP traffic to HTTPS
|
| services.gokapi.environment.GOKAPI_CONFIG_FILE | Sets the filename for the config file.
|
| services.incron.systab | The system incrontab contents.
|
| services.dependency-track.javaArgs | Java options passed to JVM
|
| hardware.firmware | List of packages containing firmware files
|
| services.homepage-dashboard.package | The homepage-dashboard package to use.
|
| boot.loader.systemd-boot.windows.<name>.title | The title of the boot menu entry.
|
| security.agnos.settings.accounts.*.certificates | Certificates for agnos to issue or renew.
|
| services.gitea.settings.server.DISABLE_SSH | Disable external SSH feature.
|
| services.bitwarden-directory-connector-cli.ldap.rootPath | Root path for LDAP.
|
| services.lifecycled.awsRegion | The region used for accessing AWS services.
|
| services.headscale.settings.derp.auto_update_enabled | Whether to automatically update DERP maps on a set frequency.
|
| security.loginDefs.settings.UID_MAX | Range of user IDs used for the creation of regular users by useradd or newusers.
|
| services.chrony.extraFlags | Extra flags passed to the chronyd command.
|
| services.drupal.sites.<name>.virtualHost.extraConfig | These lines go to httpd.conf verbatim
|
| services.gammu-smsd.extraConfig.smsd | Extra config lines to be added into [smsd] section
|
| services.bepasty.servers.<name>.workDir | Path to the working directory (used for config and pidfile)
|
| services.dolibarr.h2o | With this option, you can customize an H2O virtual host which already
has sensible defaults for Dolibarr
|
| services.karma.settings | Karma dashboard configuration as nix attributes
|
| services.aerospike.extraConfig | Extra configuration
|
| services.hadoop.hdfsSiteDefault | Default options for hdfs-site.xml
|
| services.glitchtip.enable | Whether to enable GlitchTip.
|
| services.borgbackup.jobs | Deduplicating backups using BorgBackup
|
| services.dawarich.extraEnvFiles | Extra environment files to pass to all Dawarich services
|
| hardware.mwProCapture.enable | Whether to enable the Magewell Pro Capture family kernel module.
|
| networking.dhcpcd.allowInterfaces | Enable the DHCP client for any interface whose name matches
any of the shell glob patterns in this list
|
| services.influxdb2.provision.organizations.<name>.description | Optional description for the organization.
|
| services.atuin.openRegistration | Allow new user registrations with the atuin server.
|
| services.gollum.enable | Whether to enable Gollum, a git-powered wiki service.
|
| boot.binfmt.emulatedSystems | List of systems to emulate
|
| services.athens.basicAuthPass | Password for basic auth
|
| services.autosuspend.wakeups.<name>.class | Name of the class implementing the check
|
| services.documize.offline | Set true for offline mode.
|
| services.fwupd.daemonSettings.DisabledDevices | List of device GUIDs to be disabled.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.pairwiseCiphers | Set of accepted cipher suites (encryption algorithms) for pairwise keys (unicast packets)
|
| services.displayManager.sddm.stopScript | A script to execute when stopping the display server.
|
| services.jitsi-meet.secureDomain.authentication | The authentication type to be used by jitsi
|
| services.jibri.xmppEnvironments.<name>.call.login.username | User part of the JID for the recorder.
|
| services.ghostunnel.servers.<name>.unsafeTarget | If set, does not limit target to localhost, 127.0.0.1, [::1], or UNIX sockets
|
| services.artalk.workdir | Artalk working directory
|
| services.bacula-sd.tls.certificate | The full path to the PEM encoded TLS certificate
|
| services.baikal.enable | Whether to enable baikal.
|
| services.ceph.rgw.package | The ceph package to use.
|
| services.headscale.settings.oidc.extra_params | Custom query parameters to send with the Authorize Endpoint request.
|
| services.akkoma.dist.extraFlags | Extra flags to pass to Erlang
|
| services.canaille.settings | Settings for Canaille
|
| services.kmonad.keyboards.<name>.defcfg.compose.key | The (optional) compose key to use.
|
| services.librenms.nginx.locations.<name>.index | Adds index directive.
|
| services.angrr.configFile | Path to the angrr configuration file in TOML format
|
| services.fusionInventory.servers | The urls of the OCS/GLPI servers to connect to.
|
| services.anubis.defaultOptions.settings.DIFFICULTY | The difficulty required for clients to solve the challenge
|
| programs.git.lfs.enablePureSSHTransfer | Whether to enable Enable pure SSH transfer in server side by adding git-lfs-transfer to environment.systemPackages.
|
| services.grocy.settings.currency | ISO 4217 code for the currency to display.
|
| services.invidious.extraSettingsFile | A file including Invidious settings
|
| services.lavalink.home | The home directory for lavalink.
|
| networking.greTunnels.<name>.type | Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic.
|
| services.crowdsec-firewall-bouncer.registerBouncer.bouncerName | Name to register the bouncer as to the CrowdSec API
|
| services.davis.nginx.listen.*.ssl | Enable SSL.
|
| services.hardware.lcd.client.restartForever | Try restarting the client forever.
|
| services.kmonad.keyboards.<name>.defcfg.allowCommands | Whether to enable keys to run shell commands.
|
| programs.neovim.defaultEditor | When enabled, installs neovim and configures neovim to be the default editor
using the EDITOR environment variable.
|
| services.librespeed.frontend.servers.*.getIpURL | URL path to IP lookup on this server
|
| environment.plasma6.excludePackages | List of default packages to exclude from the configuration
|
| security.pam.mount.cryptMountOptions | Global mount options that apply to every crypt volume
|
| services.asusd.auraConfigs.<name>.text | Text of the file.
|