| services.autorandr.profiles.<name>.config.<name>.scale | Output scale configuration
|
| services.bird.config | BIRD Internet Routing Daemon configuration file.
http://bird.network.cz/
|
| security.pki.caBundle | (Read-only) the path to the final bundle of certificate authorities as a single file.
|
| services.athens.hgrcPath | Path to the .hgrc file.
|
| services.bacula-fd.tls | TLS Options for the File Daemon
|
| services.etcd.peerCertFile | Cert file to use for peer to peer communication
|
| services.bosun.stateFile | Path to bosun's state file.
|
| services.radvd.config | The contents of the radvd configuration file.
|
| services.rke2.tokenFile | File path containing the rke2 token to use when connecting to a server.
|
| services.yggdrasil.configFile | A file which contains JSON or HJSON configuration for yggdrasil
|
| services.firezone.gateway.tokenFile | A file containing the firezone gateway token
|
| services.prometheus.scrapeConfigs.*.basic_auth.password_file | HTTP password file
|
| services.slskd.settings.remote_file_management | Whether to enable modification of share contents through the web ui.
|
| services.autorandr.profiles.<name>.hooks.predetect | Predetect hook executed before autorandr attempts to run xrandr.
|
| boot.initrd.services.udev.packages | This will only be used when systemd is used in stage 1.
List of packages containing udev rules that will be copied to stage 1
|
| services.firefly-iii.settings.APP_KEY_FILE | The path to your appkey
|
| services.journald.remote.settings.Remote.ServerKeyFile | A path to a SSL secret key file in PEM format
|
| services.resolved.domains | A list of domains
|
| services.haven.environmentFile | Path to a file containing sensitive environment variables
|
| services.nullmailer.remotesFile | Path to the remotes control file
|
| services.mastodon.secretKeyBaseFile | Path to file containing the secret key base
|
| services.neo4j.ssl.policies.<name>.privateKey | The name of private PKCS #8 key file for this policy to be found
in the baseDirectory, or the absolute path to
the key file
|
| services.netbird.server.management.settings | Configuration of the netbird management server
|
| services.prometheus.exporters.sabnzbd.servers.*.apiKeyFile | The path to a file containing the API key
|
| services.gitea.dump.type | Archive format used to store the dump file.
|
| boot.initrd.clevis.useTang | Whether the Clevis JWE file used to decrypt the devices uses a Tang server as a pin.
|
| security.audit.rules | The ordered audit rules, with each string appearing as one line of the audit.rules file.
|
| services.dae.configFile | The path of dae config file, end with .dae.
|
| boot.tmp.zramSettings.fs-type | The file system to put on the device
|
| services.athens.tlsKeyFile | Path to the TLS key file.
|
| services.send.enable | Whether to enable Send, a file sharing web sevice for ffsend..
|
| services.vsftpd.rsaKeyFile | RSA private key file.
|
| users.mysql.passwordFile | The path to the file containing the password for the user
|
| services.nvme-rs.settings.email.smtp_password_file | File containing SMTP password
|
| services.journald.remote.output | The location of the output journal
|
| services.blockbook-frontend.<name>.certFile | To enable SSL, specify path to the name of certificate files without extension
|
| services.libinput.touchpad.accelProfile | Sets the pointer acceleration profile to the given profile
|
| programs.msmtp.accounts | Named accounts and their respective configurations
|
| boot.loader.systemd-boot.extraEntries | Any additional entries you want added to the systemd-boot menu
|
| services.nginx.logError | Configures logging
|
| swapDevices | The swap devices and swap files
|
| services.go-neb.config | Your config.yaml as a Nix attribute set
|
| programs.git.lfs.enable | Whether to enable git-lfs (Large File Storage).
|
| services.gvpe.configFile | GVPE config file, if already present
|
| services.ttyd.keyFile | SSL key file path
|
| services.vsftpd.rsaCertFile | RSA certificate file.
|
| users.groups.<name>.members | The user names of the group members, added to the
/etc/group file.
|
| services.prometheus.exporters.restic.rcloneConfigFile | Path to the file containing rclone configuration
|
| services.mediatomb.customCfg | Allow the service to create and use its own config file inside the dataDir as
configured by services.mediatomb.dataDir
|
| services.xserver.xkb.extraLayouts.<name>.typesFile | The path to the xkb types file
|
| services.mediatomb.mediaDirectories.*.hidden-files | Whether to index the hidden files or not.
|
| services.headscale.settings.policy.path | If the mode is set to "file", the path to a
HuJSON file containing ACL policies.
|
| services.firezone.server.smtp.passwordFile | File containing the password for the given username
|
| services.tsidp.environmentFile | Path to an environment file loaded for the tsidp service
|
| services.pdfding.database.passwordFile | File containing POSTGRES_PASSWORD
|
| services.autorandr.profiles.<name>.hooks.postswitch | Postswitch hook executed after mode switch.
|
| services.cloudflared.certificateFile | Account certificate file, necessary to create, delete and manage tunnels
|
| services.lasuite-meet.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| services.athens.tlsCertFile | Path to the TLS certificate file.
|
| services.athens.netrcPath | Path to the .netrc file.
|
| boot.initrd.enable | Whether to enable the NixOS initial RAM disk (initrd)
|
| services.prosody.ssl.key | Path to the key file.
|
| services.ntp.extraConfig | Additional text appended to ntp.conf.
|
| services.plikd.enable | Whether to enable plikd, a temporary file upload system.
|
| services.tika.configFile | The Apache Tika configuration (XML) file to use.
|
| services.ndppd.configFile | Path to configuration file.
|
| services.locate.output | The database file to build.
|
| services.vault.tlsKeyFile | TLS private key file
|
| users.users.<name>.subUidRanges | Subordinate user ids that user is allowed to use
|
| users.users.<name>.subGidRanges | Subordinate group ids that user is allowed to use
|
| services.prometheus.remoteRead.*.bearer_token_file | Sets the Authorization header on every remote read request with the bearer token
read from the configured file
|
| services.autorandr.profiles.<name>.config.<name>.transform | Refer to
xrandr(1)
for the documentation of the transform matrix.
|
| services.dashy.settings | Settings serialized into user-data/conf.yml before build
|
| services.angrr.settings.profile-policies.<name>.keep-booted-system | Whether to keep the last booted system generation
|
| programs.schroot.profiles.<name>.nssdatabases | System databases (as described in /etc/nsswitch.conf on GNU/Linux systems) to copy into the chroot from the host.
|
| services.prometheus.scrapeConfigs.*.file_sd_configs.*.refresh_interval | Refresh interval to re-read the files
|
| services.dnsmasq.settings | Configuration of dnsmasq
|
| services.jupyterhub.extraConfig | Extra contents appended to the jupyterhub configuration
Jupyterhub configuration is a normal python file using
Traitlets. https://jupyterhub.readthedocs.io/en/stable/getting-started/config-basics.html
|
| services.traccar.settings | config.xml configuration as a Nix attribute set
|
| services.newt.environmentFile | Path to a file containing sensitive environment variables for Newt
|
| services.frr.configFile | Configuration file to use for FRR
|
| services.prometheus.remoteWrite.*.bearer_token_file | Sets the Authorization header on every remote write request with the bearer token
read from the configured file
|
| services.murmur.logFile | Path to the log file for Murmur daemon
|
| boot.loader.grub.extraConfig | Additional GRUB commands inserted in the configuration file
just before the menu entries.
|
| services.cfssl.dbConfig | Certificate db configuration file
|
| services.cntlm.configText | Verbatim contents of cntlm.conf.
|
| services.mongodb.pidFile | Location of MongoDB pid file
|
| services.ndppd.routeTTL | This tells 'ndppd' how often to reload the route file /proc/net/ipv6_route,
in milliseconds.
|
| services.ncps.netrcFile | The path to netrc file for upstream authentication
|
| services.nghttpx.tls.crt | Path to the TLS certificate file.
|
| services.nghttpx.tls.key | Path to the TLS key file.
|
| services.vault.tlsCertFile | TLS certificate file
|
| systemd.mounts.*.options | Options used to mount the file system.
|
| xdg.portal.wlr.enable | Whether to enable desktop portal for wlroots-based desktops
|
| services.github-runners.<name>.tokenFile | The full path to a file which contains either
- a fine-grained personal access token (PAT),
- a classic PAT
- or a runner registration token
Changing this option or the tokenFile’s content triggers a new runner registration
|
| services.yarr.authFilePath | Path to a file containing username:password. null means no authentication required to use the service.
|
| services.kanidm.provision.extraJsonFile | A JSON file for provisioning persons, groups & systems
|
| services.livebook.environmentFile | Additional environment file as defined in systemd.exec(5)
|
| hardware.tuxedo-drivers.settings.charging-profile | The maximum charge level to help reduce battery wear:
high_capacity charges to 100% (driver default)balanced charges to 90%stationary charges to 80% (maximum lifespan)
Note: Regardless of the configured charging profile, the operating system will always report the battery as being charged to 100%.
|
| services.castopod.database.passwordFile | A file containing the password corresponding to
services.castopod.database.user
|