Use the given name instead of the hostname to identify ourselves to the server.

Additional Apache modules to be used

The base64 public key of the peer.

Each attribute in this set specifies an option in the [HierarchyTokenBucketClass] section of the unit

Grants the user, created by the ensureUser attr, login permissions

Required for some non-Amazon implementations.

The admin user's full name.

The name of the interface to pull the bind_addr from.

Name of the directory under /var/lib holding the server's data

Mark all wireguard packets originating from this interface with the given firewall mark

Path to the repository

Nginx configuration can be done by adapting services.nginx.virtualHosts.<name>

Apache configuration can be done by adapting services.httpd.virtualHosts.<name>

List of IP (v4 or v6) addresses with CIDR masks from which this peer is allowed to send incoming traffic and to which outgoing traffic for this peer is directed

Subnet mask of the network, specified as the number of bits in the prefix (64).

Subnet mask of the network, specified as the number of bits in the prefix (24).

The path to the file used for signing derivation data

The LightDM greeter to login via

Use the given name instead of the hostname to identify this screen in the configuration.

Primary username

Specify the controller targets

Hostname or address where to find the Pi-Hole webinterface

Turn on proxy_arp for this device

Specifies the hashed password for the user

File, which is dynamically applied to server-settings.json before startup

User account name under which to run shairport-sync

LiveKit key file holding one or multiple application secrets

Configure the 'namespaces' section of the registration.yml for the bridge and the server

Database name

UUID of the stratis pool that the fs is located in

This is only relevant if you are using stratis.

Hostname of the machine where slurmdbd is running (i.e. name returned by hostname -s).

The domain name for the signal service.

The list of host interfaces from which macvlans will be created

Configuration for one or more device IDs

The kernel routing table to add this interface's associated routes to

The name of the table used for password alteration

List of paths that should be mounted before this one

Options used to mount the file system

Label to the repository

Optional description for the organization.

Commands called before shutting down the interface.

Set workgroup name (default WORKGROUP).

DNS name for the urls generated in the cgi.

Label of the device

Private key file as generated by wg genkey.

Source port when using UDP encapsulation

Agorakit configuration options to set in the .env file

Configures AWS Signature Version 4 settings.

Systemd service name that manages the container

Directory of sockets for controlling wpa_supplicant.

Hash algorithm to use for generated file naming

A file containing the superuser password

Match displays based on edid instead of name

Name of the corosync cluster.

database name for postgres only

Name of the default JVB room that will be joined if no special header is included in SIP invite.

If set, this file system will be mounted in the initial ramdisk

Bind to this device for native ethernet operation. all is a pseudo-name which will try to connect to all devices.

Packaged Helm charts that are linked to /var/lib/rancher/k3s/server/static/charts before k3s starts

System-wide customization file contents, has higher priority than defaultFonts settings.

Commands called after shutting down the interface.

Range of open UDP ports.

Local address(es) to use for IKE communication

Whether to enable ClamAV on-access scanner

If set, allows registration by anyone who also has the shared secret, even if registration is otherwise disabled

A set of files to be copied to /boot

A set of files to be copied to /boot

By default, all networks will get same priority group (0)

Use childless IKE_SA initiation (allow, prefer, force or never)

Each attribute in this set specifies an option in the [DeficitRoundRobinScheduler] section of the unit

Automatically generate a private key with wg genkey, at the privateKeyFile location.

How often the fan speed should be updated in seconds

Location where the file system will be mounted

VLAN to which the network interface is connected.

This settings controls how long a tombstone is considered valid

Define which other containers this one depends on

A list of device nodes to which the containers has access to.

List of sessions supported with the command used to start each session

If both mutableConfig and this option are set, the Nix configuration will take precedence over any settings configured in the server console.

Force reset of the admin password

Specifies the (clear text) password for the user

A range of TCP ports on which incoming connections are accepted.

User under which mastodon runs

The fully qualified domain name to bind to

If set, use NixOS-generated ACME certificate with the specified name for TLS

Attribute set of additional plugins that will be symlinked to the plugin subdirectory

MySQL user name.

Extra options to append to the interface section

Time to schedule IKE reauthentication

Only execute the administrator Sieve scripts for the mailbox configured with services.dovecot2.imapsieve.mailbox..name when the message originates from the indicated mailbox

Database name to store sms data

Base64 private key generated by wg genkey

Source port of the external interface on host

Common name attribute of allowed peer certificates

Common name attribute of allowed peer certificates

Controls Link-Local Multicast Name Resolution support (RFC 4795) on the local host

Interval (seconds) of the last temperatures to use to calculate the average temperature

Other route options

Other route options

Whether this VPN connection should be started automatically.