| services.nghttpx.backends.*.params.affinity | If "ip" is given, client IP based session affinity is
enabled
|
| services.prometheus.exporters.dmarc.user | User name under which the dmarc exporter shall be run.
|
| services.prometheus.exporters.nginx.user | User name under which the nginx exporter shall be run.
|
| services.prometheus.exporters.kafka.user | User name under which the kafka exporter shall be run.
|
| services.prometheus.exporters.idrac.user | User name under which the idrac exporter shall be run.
|
| services.prometheus.exporters.fritz.user | User name under which the fritz exporter shall be run.
|
| services.prometheus.exporters.v2ray.user | User name under which the v2ray exporter shall be run.
|
| services.prometheus.exporters.redis.user | User name under which the redis exporter shall be run.
|
| services.prometheus.exporters.jitsi.user | User name under which the jitsi exporter shall be run.
|
| programs.chromium.initialPrefs | Initial preferences are used to configure the browser for the first run
|
| virtualisation.oci-containers.containers.<name>.networks | Networks to attach the container to
|
| services.nghttpx.frontends.*.params.sni-fwd | When performing a match to select a backend server, SNI host
name received from the client is used instead of the request
host
|
| services.tailscale.interfaceName | The interface name for tunnel traffic
|
| services.akkoma.config.":pleroma"."Pleroma.Web.Endpoint".url.host | Domain name of the instance.
|
| systemd.network.networks.<name>.enhancedTransmissionSelectionConfig | Each attribute in this set specifies an option in the
[EnhancedTransmissionSelection] section of the unit
|
| services.airsonic.listenAddress | The host name or IP address on which to bind Airsonic
|
| services.dysnomia.extraContainerProperties | An attribute set providing additional container settings in addition to the default properties
|
| services.dnscrypt-proxy2.upstreamDefaults | Whether to base the config declared in services.dnscrypt-proxy2.settings on the upstream example config (https://github.com/DNSCrypt/dnscrypt-proxy/blob/master/dnscrypt-proxy/example-dnscrypt-proxy.toml)
Disable this if you want to declare your dnscrypt config from scratch.
|
| virtualisation.oci-containers.containers.<name>.login.passwordFile | Path to file containing password.
|
| services.bookstack.nginx.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services.documize.stateDirectoryName | The name of the directory below /var/lib/private
where documize runs in and stores, for example, backups.
|
| virtualisation.oci-containers.containers.<name>.extraOptions | Extra options for podman run.
|
| hardware.nvidia-container-toolkit.enable-hooks | List of hooks to enable when generating the CDI specification
|
| services.qbittorrent.serverConfig | Free-form settings mapped to the qBittorrent.conf file in the profile
|
| services.maubot.settings.plugin_databases.postgres_max_conns_per_plugin | Maximum number of connections per plugin instance.
|
| hardware.display.edid.linuxhw | Exposes EDID files from users-sourced database at https://github.com/linuxhw/EDID
Attribute names will be mapped to EDID filenames <NAME>.bin
|
| boot.zfs.extraPools | Name or GUID of extra ZFS pools that you wish to import during boot
|
| services.mjolnir.pantalaimon | pantalaimon options (enables E2E Encryption support)
|
| services.crowdsec-firewall-bouncer.createRulesets | Whether to have the module create the appropriate firewall configuration
based on the bouncer settings
|
| programs.regreet.font.package | The package that provides the font given in the name option.
|
| services.borgmatic.configurations.<name>.source_directories | List of source directories and files to backup
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.http_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.grafana.settings.users.user_invite_max_lifetime_duration | The duration in time a user invitation remains valid before expiring
|
| services.prometheus.exporters.pihole.user | User name under which the pihole exporter shall be run.
|
| services.prometheus.exporters.shelly.user | User name under which the shelly exporter shall be run.
|
| services.prometheus.exporters.tibber.user | User name under which the tibber exporter shall be run.
|
| services.prometheus.exporters.rspamd.user | User name under which the rspamd exporter shall be run.
|
| services.prometheus.exporters.fastly.user | User name under which the fastly exporter shall be run.
|
| services.prometheus.exporters.script.user | User name under which the script exporter shall be run.
|
| services.prometheus.exporters.statsd.user | User name under which the statsd exporter shall be run.
|
| services.prometheus.exporters.domain.user | User name under which the domain exporter shall be run.
|
| services.prometheus.exporters.dnssec.user | User name under which the dnssec exporter shall be run.
|
| services.prometheus.exporters.restic.user | User name under which the restic exporter shall be run.
|
| services.prometheus.exporters.mysqld.user | User name under which the mysqld exporter shall be run.
|
| services.prometheus.exporters.deluge.user | User name under which the deluge exporter shall be run.
|
| services.zabbixWeb.nginx.virtualHost.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.consul-template.instances | Attribute set of consul-template instances
|
| virtualisation.oci-containers.containers.<name>.preRunExtraOptions | Extra options for podman that go before the run argument.
|
| services.anuko-time-tracker.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.grafana.settings.security.strict_transport_security_preload | Set to true to enable HSTS preloading option
|
| services.prometheus.scrapeConfigs.*.tls_config | Configures the scrape request's TLS settings.
|
| services.icingaweb2.virtualHost | Name of the nginx virtualhost to use and setup
|
| networking.wg-quick.interfaces.<name>.peers.*.persistentKeepalive | This is optional and is by default off, because most
users will not need it
|
| services.bitwarden-directory-connector-cli.ldap | Options to configure the LDAP connection
|
| services.bitwarden-directory-connector-cli.sync | Options to configure what gets synced
|
| services.postgresqlBackup.backupAll | Backup all databases using pg_dumpall
|
| services.matrix-tuwunel.stateDirectory | The name of the directory under /var/lib/ where the database will be stored
|
| services.jirafeau.nginxConfig.http3_hq | Whether to enable the HTTP/0.9 protocol negotiation used in QUIC interoperability tests
|
| services._3proxy.resolution.nscache | Set name cache size for IPv4.
|
| hardware.nvidia-container-toolkit.disable-hooks | List of hooks to disable when generating the CDI specification
|
| networking.wireguard.interfaces.<name>.dynamicEndpointRefreshSeconds | Periodically refresh the endpoint hostname or address for all peers
|
| virtualisation.fileSystems.<name>.overlay.useStage1BaseDirectories | If enabled, lowerdir, upperdir and workdir will be prefixed with /sysroot
|
| services.archisteamfarm.ipcSettings | Settings to write to IPC.config
|
| services.prometheus.exporters.nvidia-gpu.user | User name under which the nvidia-gpu exporter shall be run.
|
| services.headscale.settings.ephemeral_node_inactivity_timeout | Time before an inactive ephemeral node is deleted.
|
| services.bookstack.nginx.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| services.prometheus.scrapeConfigs.*.label_name_length_limit | Per-scrape limit on length of labels name that will be accepted for a sample
|
| programs.regreet.theme.package | The package that provides the theme given in the name option.
|
| virtualisation.oci-containers.containers.<name>.log-driver | Logging driver for the container
|
| virtualisation.oci-containers.containers.<name>.volumes | List of volumes to attach to this container
|
| services.mediawiki.httpd.virtualHost.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.unpoller.unifi.controllers.*.user | Unifi service user name.
|
| hardware.openrazer.batteryNotifier | Settings for device battery notifications.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.scrapeConfigs.*.azure_sd_configs.*.tls_config.server_name | ServerName extension to indicate the name of the server.
http://tools.ietf.org/html/rfc4366#section-3.1
|
| services.prometheus.exporters.unbound.user | User name under which the unbound exporter shall be run.
|
| services.prometheus.exporters.sabnzbd.user | User name under which the sabnzbd exporter shall be run.
|
| services.prometheus.exporters.dovecot.user | User name under which the dovecot exporter shall be run.
|
| services.prometheus.exporters.varnish.user | User name under which the varnish exporter shall be run.
|
| services.prometheus.exporters.process.user | User name under which the process exporter shall be run.
|
| services.prometheus.exporters.mongodb.user | User name under which the mongodb exporter shall be run.
|
| services.prometheus.exporters.systemd.user | User name under which the systemd exporter shall be run.
|
| services.prometheus.exporters.apcupsd.user | User name under which the apcupsd exporter shall be run.
|
| services.prometheus.exporters.bitcoin.user | User name under which the bitcoin exporter shall be run.
|
| services.prometheus.exporters.dnsmasq.user | User name under which the dnsmasq exporter shall be run.
|
| services.prometheus.exporters.libvirt.user | User name under which the libvirt exporter shall be run.
|
| services.prometheus.exporters.klipper.user | User name under which the klipper exporter shall be run.
|
| services.prometheus.exporters.postfix.user | User name under which the postfix exporter shall be run.
|
| services.prometheus.exporters.ecoflow.user | User name under which the ecoflow exporter shall be run.
|
| services.prometheus.exporters.bitcoin.rpcUser | RPC user name.
|
| virtualisation.oci-containers.containers.<name>.privileged | Give extended privileges to the container
|
| virtualisation.oci-containers.containers.<name>.entrypoint | Override the default entrypoint of the image.
|
| services.limesurvey.nginx.virtualHost.http3 | Whether to enable the HTTP/3 protocol
|
| services.nginx.recommendedOptimisation | Enable recommended optimisation settings.
|
| services.prometheus.scrapeConfigs.*.dns_sd_configs.*.names | A list of DNS SRV record names to be queried.
|
| containers.<name>.allowedDevices.*.modifier | Device node access modifier
|
| services.jirafeau.nginxConfig.acmeFallbackHost | Host which to proxy requests to if ACME challenge is not found
|
| networking.networkmanager.ensureProfiles.profiles.<name>.connection.type | The connection type defines the connection kind, like vpn, wireguard, gsm, wifi and more.
|
| virtualisation.oci-containers.containers.<name>.podman.sdnotify | Determines how podman should notify systemd that the unit is ready
|