| hardware.deviceTree.overlays.*.name | Name of this overlay
|
| services.pdfding.database.name | PostgreSQL database name
|
| virtualisation.forwardPorts.*.host.address | The IPv4 address of the host.
|
| services.nsd.ratelimit.ipv6PrefixLength | IPv6 prefix length
|
| power.ups.ups.<name>.summary | Lines which would be added inside ups.conf for handling this UPS.
|
| services.firezone.gateway.name | The name of this gateway as shown in firezone
|
| services.zabbixProxy.database.name | Database name.
|
| networking.supplicant.<name>.userControlled.socketDir | Directory of sockets for controlling wpa_supplicant.
|
| services.legit.settings.server.name | Server name.
|
| services.home-assistant.config.http.server_host | Only listen to incoming requests on specific IP/host
|
| networking.vswitches.<name>.supportedOpenFlowVersions | Supported versions to enable on this switch.
|
| services.syncthing.settings.options.localAnnouncePort | The port on which to listen and send IPv4 broadcast announcements to.
|
| systemd.automounts.*.name | The name of this systemd unit, including its extension
|
| services.sftpgo.settings.ftpd.bindings | Configure listen addresses and ports for ftpd.
|
| networking.fqdnOrHostName | Either the fully qualified domain name (FQDN), or just the host name if
it does not exist
|
| services.selfoss.database.name | Name of the existing database (has no effect if type is "sqlite").
|
| services.printing.listenAddresses | A list of addresses and ports on which to listen.
|
| virtualisation.forwardPorts.*.guest.address | The IPv4 address on the guest VLAN.
|
| services.firezone.server.provision.accounts.<name>.gatewayGroups.<name>.name | The name of this gateway group
|
| services.autossh.sessions.*.name | Name of the local AutoSSH session
|
| services.thanos.query.endpoints | Addresses of statically configured Thanos API servers (repeatable)
|
| services.rustdesk-server.signal.relayHosts | The relay server IP addresses or DNS names of the RustDesk relay.
|
| services.firezone.server.provision.accounts.<name>.resources.<name>.name | The name of this resource
|
| virtualisation.forwardPorts | When using the SLiRP user networking (default), this option allows to
forward ports to/from the host/guest.
If the NixOS firewall on the virtual machine is enabled, you also
have to open the guest ports to enable the traffic between host and
guest.
Currently QEMU supports only IPv4 forwarding.
|
| security.acme.certs.<name>.domain | Domain to fetch certificate for (defaults to the entry name).
|
| programs.neovim.runtime.<name>.target | Name of symlink
|
| services.eris-server.listenCoap | Server CoAP listen address
|
| services.nsd.zones.<name>.zoneStats | When set to something distinct to null NSD is able to collect
statistics per zone
|
| services.komodo-periphery.allowedIps | IP addresses or subnets allowed to call the periphery API
|
| users.extraGroups.<name>.gid | The group GID
|
| networking.supplicant.<name>.userControlled.enable | Allow normal users to control wpa_supplicant through wpa_gui or wpa_cli
|
| users.users.<name>.shell | The path to the user's shell
|
| networking.bridges | This option allows you to define Ethernet bridge devices
that connect physical networks together
|
| systemd.user.units.<name>.text | Text of this systemd unit.
|
| services.cgit.<name>.user | User to run the cgit service as.
|
| services.sftpgo.settings.sftpd.bindings | Configure listen addresses and ports for sftpd.
|
| services.sftpgo.settings.httpd.bindings | Configure listen addresses and ports for httpd.
|
| nix.registry.<name>.to | The flake reference from is rewritten to
|
| users.users.<name>.enable | If set to false, the user account will not be created
|
| security.wrappers.<name>.program | The name of the wrapper program
|
| services.castopod.database.name | Database name.
|
| services.agorakit.database.name | Database name.
|
| services.dolibarr.database.name | Database name.
|
| services.mastodon.database.name | Database name.
|
| services.pixelfed.database.name | Database name.
|
| services.peertube.database.name | Database name.
|
| services.zabbixServer.database.name | Database name.
|
| services.windmill.database.name | Database name.
|
| power.ups.users.<name>.upsmon | Add the necessary actions for a upsmon process to work
|
| services.i2pd.inTunnels.<name>.port | Bind port for ‹name› endpoint.
|
| services.parsedmarc.settings.smtp.to | The addresses to send outgoing mail to.
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| users.users.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| systemd.paths.<name>.wants | Start the specified units when this unit is started.
|
| systemd.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.cloudlog.database.name | MySQL database name.
|
| services.dawarich.database.name | The name of the dawarich database.
|
| services.freshrss.database.name | Database name for FreshRSS.
|
| services.resolved.settings.Resolve.DNS | List of IP addresses to query as recursive DNS resolvers.
|
| services.wyoming.satellite.name | Name of the satellite.
|
| nix.registry.<name>.flake | The flake input from is rewritten to.
|
| services.gitwatch.<name>.user | The name of services's user
|
| services.hans.clients | Each attribute of this option defines a systemd service that
runs hans
|
| services.factorio.game-name | Name of the game as it will appear in the game listing.
|
| services.i2pd.outTunnels.<name>.port | Bind port for ‹name› endpoint.
|
| services.netbox.settings.ALLOWED_HOSTS | A list of valid fully-qualified domain names (FQDNs) and/or IP
addresses that can be used to reach the NetBox service.
|
| users.users.<name>.extraGroups | The user's auxiliary groups.
|
| services.corosync.nodelist.*.name | Node name
|
| services.firezone.server.provision.accounts.<name>.name | The account name
|
| services.mastodon.trustedProxy | You need to set it to the IP from which your reverse proxy sends requests to Mastodon's web process,
otherwise Mastodon will record the reverse proxy's own IP as the IP of all requests, which would be
bad because IP addresses are used for important rate limits and security functions.
|
| boot.initrd.luks.devices.<name>.header | The name of the file or block device that
should be used as header for the encrypted device.
|
| services.journalbeat.name | Name of the beat
|
| users.users.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| services.opengfw.rules.*.modifier.name | Name of the modifier.
|
| boot.initrd.luks.devices.<name>.keyFile | The name of the file (can be a raw device or a partition) that
should be used as the decryption key for the encrypted device
|
| services.shadowsocks.localAddress | Local addresses to which the server binds.
|
| services.invoiceplane.sites.<name>.database.name | Database name.
|
| services.umurmur.settings.bindaddr6 | IPv6 address to bind to
|
| services.nginx.defaultListenAddresses | If vhosts do not specify listenAddresses, use these addresses by default
|
| ec2.zfs.datasets.<name>.mount | Where to mount this dataset.
|
| services.h2o.hosts.<name>.tls | TLS options for virtual host
|
| services.bacula-sd.device.<name>.archiveDevice | The specified name-string gives the system file name of the storage
device managed by this storage daemon
|
| services.lokinet.settings.dns.upstream | Upstream resolver(s) to use as fallback for non-loki addresses
|
| services.yggdrasil.settings.Listen | Listen addresses for incoming connections
|
| nix.registry.<name>.from | The flake reference to be rewritten
|
| services.geth.<name>.port | Port number Go Ethereum will be listening on, both TCP and UDP.
|
| systemd.paths.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.geth.<name>.http.apis | APIs to enable over WebSocket
|
| services.cgit.<name>.group | Group to run the cgit service as.
|
| services.nghttpx.frontends.*.server | Frontend server interface binding specification as either a
host:port pair or a unix domain docket
|
| users.users.<name>.createHome | Whether to create the home directory and ensure ownership as well as
permissions to match the user.
|
| services.anuko-time-tracker.database.name | Database name.
|
| security.acme.certs.<name>.s3Bucket | S3 bucket name to use for HTTP-01 based challenges
|
| services.nsd.zones.<name>.requestXFR | Format: [AXFR|UDP] <ip-address> <key-name | NOKEY>
|
| programs.tsmClient.servers.<name>.nodename | Target node name on the IBM TSM server.
|
| services.sftpgo.settings.webdavd.bindings | Configure listen addresses and ports for webdavd.
|
| services.clamsmtp.instances.*.action | Action to take when a virus is detected
|
| services.cgit.<name>.scanPath | A path which will be scanned for repositories.
|
| systemd.user.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.user.paths.<name>.wants | Start the specified units when this unit is started.
|