| fonts.fontconfig.hinting.enable | Enable font hinting
|
| services.postfix-tlspol.configurePostfix | Whether to configure the required settings to use postfix-tlspol in the local Postfix instance.
|
| fonts.fontconfig.defaultFonts.sansSerif | System-wide default sans serif font(s)
|
| boot.loader.systemd-boot.configurationLimit | Maximum number of latest generations in the boot menu
|
| services.dawarich.configureNginx | Configure nginx as a reverse proxy for dawarich
|
| services.homebridge.uiSettings | Configuration options for homebridge config UI plugin
|
| services.promtail.configuration | Specify the configuration for Promtail in Nix
|
| services.nginx.sso.configuration | nginx-sso configuration
(documentation)
as a Nix attribute set
|
| services.prometheus.alertmanager.configuration | Alertmanager configuration as nix attribute set
|
| services.awstats.configs.<name>.webService.enable | Whether to enable awstats web service.
|
| services.nextcloud.configureRedis | Whether to configure Nextcloud to use the recommended Redis settings for small instances.
The Nextcloud system check recommends to configure either Redis or Memcache for file lock caching.
The notify_push app requires Redis to be configured
|
| systemd.extraConfig | Extra config options for systemd
|
| services.nsd.extraConfig | Extra nsd config.
|
| services.fluent-bit.configurationFile | Fluent Bit configuration
|
| fonts.fontconfig.hinting.autohint | Enable the autohinter in place of the default interpreter
|
| services.awstats.configs.<name>.webService.urlPrefix | The URL prefix under which the awstats pages appear.
|
| services.prometheus.exporters.mail.configuration.servers | List of servers that should be probed.
Note: if your mailserver has rspamd(8) configured,
it can happen that emails from this exporter are marked as spam
|
| services.matrix-synapse.extraConfigFiles | Extra config files to include
|
| services.matrix-synapse.configureRedisLocally | Whether to automatically configure a local redis server for matrix-synapse.
|
| services.gitlab.extraConfig | Extra options to be added under
production in
config/gitlab.yml, as a nix attribute
set
|
| services.snapper.configs.<name>.TIMELINE_CREATE | Defines whether hourly snapshots should be created.
|
| services.borgmatic.configurations | Set of borgmatic configurations, see https://torsion.org/borgmatic/docs/reference/configuration/
|
| services.vaultwarden.configureNginx | Whether to configure nginx to serve VaultWarden.
|
| services.gotosocial.settings | Contents of the GoToSocial YAML config
|
| services.snapper.configs.<name>.SUBVOLUME | Path of the subvolume or mount point
|
| fonts.fontconfig.subpixel.rgba | Subpixel order
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_DAILY | Limits for timeline cleanup.
|
| services.tailscale.derper.configureNginx | Whether to enable nginx reverse proxy for derper
|
| services.static-web-server.configuration | Configuration for Static Web Server
|
| boot.initrd.network.openvpn.configuration | The configuration file for OpenVPN.
Unless your bootloader supports initrd secrets, this configuration
is stored insecurely in the global Nix store.
|
| services.v2ray.enable | Whether to run v2ray server
|
| systemd.oomd.extraConfig | Extra config options for systemd-oomd
|
| services.akkoma.config.":web_push_encryption".":vapid_details".subject | mailto URI for administrative contact.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_HOURLY | Limits for timeline cleanup.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_WEEKLY | Limits for timeline cleanup.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_YEARLY | Limits for timeline cleanup.
|
| services.nextcloud.config.objectstore.s3.verify_bucket_exists | Create the objectstore bucket if it does not exist.
|
| services.quorum.privateconfig | Configuration of privacy transaction manager.
|
| services.awstats.configs.<name>.webService.hostname | The hostname the web service appears under.
|
| services.confd.backend | Confd config storage backend to use.
|
| services.gitea.customDir | Gitea custom directory
|
| services.skydns.domain | Skydns default domain if not specified by etcd config.
|
| services.mastodon.configureNginx | Configure nginx as a reverse proxy for mastodon
|
| services.pipewire.extraLv2Packages | List of packages that provide LV2 plugins in lib/lv2 that should
be made available to PipeWire for [filter chains][wiki-filter-chain]
|
| services.recyclarr.configuration | Recyclarr YAML configuration as a Nix attribute set
|
| systemd.user.extraConfig | Extra config options for systemd user instances
|
| fonts.fontconfig.defaultFonts.emoji | System-wide default emoji font(s)
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.tls_config | TLS configuration.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config | Configures the scrape request's TLS settings.
|
| services.acme-dns.settings.logconfig.loglevel | Level to log on.
|
| services.weblate.configurePostgresql | Whether to enable and configure a local PostgreSQL server by creating a user and database for weblate
|
| services.avahi.extraConfig | Extra config to append to avahi-daemon.conf.
|
| services.github-runners.<name>.tokenType | Type of token to use for runner registration
|
| services.amazon-cloudwatch-agent.configuration | See configurationFile.
configurationFile takes precedence over configuration.
|
| boot.plymouth.extraConfig | Literal string to append to configFile
and the config file generated by the plymouth module.
|
| services.snapper.configs.<name>.TIMELINE_LIMIT_MONTHLY | Limits for timeline cleanup.
|
| services.monero.environmentFile | Path to an EnvironmentFile for the monero service as defined in systemd.exec(5)
|
| fonts.fontconfig.defaultFonts.monospace | System-wide default monospace font(s)
|
| programs.zsh.ohMyZsh.custom | Path to a custom oh-my-zsh package to override config of oh-my-zsh.
(Can't be used along with customPkgs).
|
| services.zitadel.steps | Contents of the database initialization config file
|
| fonts.fontconfig.subpixel.lcdfilter | FreeType LCD filter
|
| services.journalwatch.extraConfig | Extra lines to be added verbatim to the journalwatch/config configuration file
|
| services.kubernetes.kubeconfig.caFile | Default kubeconfig certificate authority file used to connect to kube-apiserver.
|
| services.vaultwarden.configurePostgres | Whether to configure a local PostgreSQL server.
|
| services.akkoma.config.":web_push_encryption".":vapid_details".public_key | base64-encoded public ECDH key.
|
| services.kubernetes.kubeconfig.keyFile | Default kubeconfig client key file used to connect to kube-apiserver.
|
| services.cntlm.extraConfig | Additional config appended to the end of the generated cntlm.conf.
|
| boot.loader.limine.extraConfig | A string which is prepended to limine.conf
|
| services.nsd.zones.<name>.data | The actual zone data
|
| services.turn-rs.settings | Turn-rs server config file
|
| services.conman.enable | Whether to enable Enable the conman Console manager
|
| services.prometheus.sachet.configuration | Sachet's configuration as a nix attribute set.
|
| services.prometheus.scrapeConfigs.*.azure_sd_configs.*.tls_config | TLS configuration.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.tls_config | TLS configuration.
|
| services.kubernetes.kubeconfig.certFile | Default kubeconfig client certificate file used to connect to kube-apiserver.
|
| services.hadoop.extraConfDirs | Directories containing additional config files to be added to HADOOP_CONF_DIR
|
| boot.loader.limine.enrollConfig | Whether or not to enroll the config
|
| services.nginx.virtualHosts | Declarative vhost config
|
| services.kubernetes.kubeconfig.server | Default kubeconfig kube-apiserver server address.
|
| services.movim.podConfig | Pod configuration (values from php daemon.php config --help)
|
| systemd.sleep.extraConfig | Extra config options for systemd sleep state logic
|
| virtualisation.vmware.host.extraConfig | Add extra config to /etc/vmware/config
|
| virtualisation.lxc.defaultConfig | Default config (default.conf) for new containers, i.e. for
network config
|
| services.akkoma.config.":web_push_encryption".":vapid_details".private_key | base64-encoded private ECDH key
|
| services.athens.extraConfig | Extra configuration options for the athens config file.
|
| services.prometheus.remoteRead.*.tls_config | Configures the remote read request's TLS settings.
|
| services.dwm-status.extraConfig | Extra config in TOML format.
|
| services.athens.basicAuthPass | Password for basic auth
|
| services.goss.settings | The global options in config file in yaml format
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.tls_config.ca_file | CA certificate to validate API server certificate with.
|
| boot.loader.generic-extlinux-compatible.configurationLimit | Maximum number of configurations in the boot menu.
|
| containers.<name>.path | As an alternative to specifying
config, you can specify the path to
the evaluated NixOS system configuration, typically a
symlink to a system profile.
|
| services.kubernetes.proxy.kubeconfig.caFile | Kubernetes proxy certificate authority file used to connect to kube-apiserver.
|
| boot.modprobeConfig.enable | Whether to enable modprobe config
|
| services.artalk.allowModify | allow Artalk store the settings to config file persistently
|
| security.polkit.extraConfig | Any polkit rules to be added to config (in JavaScript ;-)
|
| services.prometheus.remoteWrite.*.tls_config | Configures the remote write request's TLS settings.
|
| services.kubernetes.proxy.kubeconfig.keyFile | Kubernetes proxy client key file used to connect to kube-apiserver.
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|