| services.postgresqlWalReceiver.receivers.<name>.extraArgs | A list of extra arguments to pass to the pg_receivewal command.
|
| networking.interfaces.<name>.mtu | MTU size for packets leaving the interface
|
| networking.wg-quick.interfaces.<name>.preUp | Commands called at the start of the interface setup.
|
| services.nezha-agent.settings.use_ipv6_country_code | Use ipv6 countrycode to report location.
|
| services.keepalived.vrrpInstances.<name>.noPreempt | VRRP will normally preempt a lower priority machine when a higher
priority machine comes online. "nopreempt" allows the lower priority
machine to maintain the master role, even when a higher priority machine
comes back online
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.rekey_bytes | Number of bytes processed before initiating CHILD_SA rekeying
|
| security.auditd.settings.admin_space_left | This is a numeric value in mebibytes (MiB) that tells the audit daemon when to perform a configurable action because the system is running
low on disk space
|
| services.icecream.daemon.hostname | Hostname of the daemon in the icecream infrastructure
|
| services.hadoop.hdfs.namenode.openFirewall | Open firewall ports for HDFS NameNode.
|
| services.hadoop.hdfs.namenode.formatOnInit | Format HDFS namenode on first start
|
| services.ytdl-sub.instances.<name>.subscriptions | Subscriptions for ytdl-sub
|
| networking.bonds.<name>.lacp_rate | DEPRECATED, use driverOptions
|
| services.bind.enable | Whether to enable BIND domain name server.
|
| services.system76-scheduler.assignments.<name>.class | CPU scheduler class.
|
| services.r53-ddns.domain | The name of your domain in Route53
|
| services.litellm.settings.environment_variables | Environment variables to pass to the Lite
|
| services.keepalived.vrrpInstances.<name>.virtualRouterId | Arbitrary unique number 1..255
|
| boot.initrd.systemd.contents.<name>.dlopen.usePriority | Priority of dlopen ELF notes to include. "required" is
minimal, "recommended" includes "required", and
"suggested" includes "recommended"
|
| systemd.sockets.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| systemd.targets.<name>.description | Description of this unit used in systemd messages and progress indicators.
|
| users.mysql.pam.table | The name of table that maps unique login names to the passwords.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.replay_window | IPsec replay window to configure for this CHILD_SA
|
| services.invoiceplane.sites.<name>.database.passwordFile | A file containing the password corresponding to
database.user.
|
| services.tor.torsocks.socks5Username | SOCKS5 username
|
| fileSystems.<name>.encrypted.keyFile | Path to a keyfile used to unlock the backing encrypted
device
|
| networking.bonds.<name>.interfaces | The interfaces to bond together
|
| services.limesurvey.httpd.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.limesurvey.nginx.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.set_mark_in | Netfilter mark applied to packets after the inbound IPsec SA processed
them
|
| services.limesurvey.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| programs.proxychains.proxies.<name>.type | Proxy type.
|
| programs.proxychains.proxies.<name>.port | Proxy port
|
| services.prometheus.exporters.imap-mailstat.accounts.<name>.mailaddress | Your email address (at the moment used as login name)
|
| services.invoiceplane.sites.<name>.database.createLocally | Create the database and database user locally.
|
| services.fedimintd.<name>.nginx.config.sslTrustedCertificate | Path to root SSL certificate for stapling and client certificates.
|
| services.system76-scheduler.assignments.<name>.ioClass | IO scheduler class.
|
| services.tuned.ppdSettings | Settings for TuneD's power-profiles-daemon compatibility service.
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.close_action | Action to perform after a CHILD_SA gets closed by the peer.
- The default of
none does not take any action,
trap installs a trap policy for the CHILD_SA.start tries to re-create the CHILD_SA.
close_action does not provide any guarantee that the
CHILD_SA is kept alive
|
| networking.wg-quick.interfaces.<name>.postUp | Commands called after the interface setup.
|
| services.bookstack.nginx.serverName | Name of this virtual host
|
| systemd.services.<name>.confinement.packages | Additional packages or strings with context to add to the closure of
the chroot
|
| networking.wlanInterfaces | Creating multiple WLAN interfaces on top of one physical WLAN device (NIC)
|
| services.nullmailer.config.me | The fully-qualifiled host name of the computer running nullmailer
|
| virtualisation.oci-containers.containers.<name>.serviceName | Systemd service name that manages the container
|
| services.hqplayerd.auth.username | Username used for HQPlayer's WebUI
|
| boot.binfmt.registrations.<name>.mask | A mask to be ANDed with the byte sequence of the file before matching
|
| networking.wg-quick.interfaces.<name>.type | The type of the interface
|
| services.misskey.reverseProxy.webserver.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.postfix.settings.main.smtpd_tls_chain_files | List of paths to the server private keys and certificates.
The order of items matters and a private key must always be followed by the corresponding certificate.
https://www.postfix.org/postconf.5.html#smtpd_tls_chain_files
|
| services.warpgate.settings.ssh.host_key_verification | Specify host key verification action when connecting to a SSH target with unknown/differing host key.
|
| services.deepin.dde-daemon.enable | Whether to enable daemon for handling the deepin session settings.
|
| boot.initrd.luks.devices.<name>.bypassWorkqueues | Whether to bypass dm-crypt's internal read and write workqueues
|
| services.strongswan-swanctl.swanctl.connections.<name>.children.<name>.per_cpu_sas | Enable per-CPU CHILD_SAs
|
| services.doh-server.configFile | The config file for the doh-server
|
| services.gitlab-runner.services.<name>.registrationFlags | Extra command-line flags passed to
gitlab-runner register
|
| fileSystems.<name>.autoFormat | If the device does not currently contain a filesystem (as
determined by blkid), then automatically
format it with the filesystem type specified in
fsType
|
| services.zabbixWeb.nginx.virtualHost.serverName | Name of this virtual host
|
| services.netbird.tunnels.<name>.login.systemdDependencies | Additional systemd dependencies required to succeed before the Setup Key file becomes available.
|
| services.netbird.clients.<name>.login.systemdDependencies | Additional systemd dependencies required to succeed before the Setup Key file becomes available.
|
| services.pantalaimon-headless.instances.<name>.logLevel | Set the log level of the daemon.
|
| networking.wg-quick.interfaces.<name>.preDown | Command called before the interface is taken down.
|
| programs.xfs_quota.projects.<name>.sizeHardLimit | Hard limit of the project size.
|
| programs.proxychains.proxies.<name>.host | Proxy host or IP address.
|
| programs.xfs_quota.projects.<name>.sizeSoftLimit | Soft limit of the project size
|
| services.crab-hole.configFile | The config file of crab-hole
|
| services.pantalaimon-headless.instances.<name>.dataPath | The directory where pantalaimon should store its state such as the database file.
|
| services.invoiceplane.sites.<name>.quoteTemplates | List of path(s) to respective template(s) which are copied from the 'quote_templates/pdf' directory.
These templates need to be packaged before use, see example.
|
| services.jirafeau.nginxConfig.locations.<name>.proxyWebsockets | Whether to support proxying websocket connections with HTTP/1.1.
|
| services.artalk.group | Artalk group name.
|
| services.zammad.group | Name of the Zammad group.
|
| networking.wireguard.interfaces.<name>.listenPort | 16-bit port for listening
|
| networking.wg-quick.interfaces.<name>.peers | Peers linked to the interface.
|
| boot.zfs.devNodes | Name of directory from which to import ZFS device, this is passed to zpool import
as the value of the -d option
|
| services.cloudflared.tunnels.<name>.originRequest.proxyType | cloudflared starts a proxy server to translate HTTP traffic into TCP when proxying, for example, SSH or RDP
|
| containers.<name>.extraVeths.<name>.forwardPorts.*.protocol | The protocol specifier for port forwarding between host and container
|
| services.peertube.settings.video_transcription.engine_path | Custom engine path for local transcription.
|
| services.gitlab.databaseUsername | GitLab database user.
|
| services.namecoind.trustedNodes | List of the only peer IP addresses to connect to
|
| services.firezone.server.provision.accounts.<name>.features.rest_api | Whether to enable the rest_api feature for this account.
|
| services.firezone.server.provision.accounts.<name>.features.idp_sync | Whether to enable the idp_sync feature for this account.
|
| services.paretosecurity.users.<name>.inviteId | A unique ID that links the agent to Pareto Cloud
|
| services.mosquitto.listeners.*.users.<name>.hashedPassword | Specifies the hashed password for the MQTT User
|
| services.easytier.instances.<name>.environmentFiles | Environment files for this instance
|
| programs.xfs_quota.projects.<name>.fileSystem | XFS filesystem hosting the xfs_quota project.
|
| services.matrix-synapse.settings.tls_certificate_path | PEM encoded X509 certificate for TLS
|
| services.doh-server.settings.log_guessed_client_ip | Enable log IP from HTTPS-reverse proxy header: X-Forwarded-For or X-Real-IP
Note: http uri/useragent log cannot be controlled by this config
|
| services.coturn.realm | The default realm to be used for the users when no explicit
origin/realm relationship was found in the database, or if the TURN
server is not using any database (just the commands-line settings
and the userdb file)
|
| services.gitlab.host | GitLab host name
|
| services.gancio.user | The user (and PostgreSQL database name) used to run the gancio server
|
| boot.initrd.luks.devices.<name>.fido2.credentials | List of FIDO2 credential IDs
|
| services.nextcloud-spreed-signaling.settings.backend.connectionsperhost | Maximum number of concurrent backend connections per host
|
| services.postfixadmin.database.username | Username for the postgresql connection
|
| services.gitlab-runner.services.<name>.registrationConfigFile | Absolute path to a file with environment variables
used for gitlab-runner registration with runner registration
tokens
|
| services.cloudflared.tunnels.<name>.originRequest.originServerName | Hostname that cloudflared should expect from your origin server certificate.
|
| services.nextcloud.settings.default_phone_region | An ISO 3166-1
country code which replaces automatic phone-number detection
without a country code
|
| services.woodpecker-agents.agents.<name>.environment | woodpecker-agent config environment variables, for other options read the documentation
|
| openstack.zfs.datasets.<name>.properties | Properties to set on this dataset.
|
| services.fcron.allow | Users allowed to use fcrontab and fcrondyn (one name per
line, all for everyone).
|
| image.repart.partitions.<name>.nixStorePrefix | The prefix to use for store paths
|
| networking.wlanInterfaces.<name>.meshID | MeshID of interface with type mesh.
|