| services.bacula-fd.director.<name>.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bacula-sd.director.<name>.tls.allowedCN | Common name attribute of allowed peer certificates
|
| services.bitcoind.<name>.pidFile | Location of bitcoind pid file.
|
| services.tinc.networks.<name>.extraConfig | Extra lines to add to the tinc service configuration file
|
| systemd.services.<name>.script | Shell commands executed as the service's main process.
|
| services.cgit.<name>.nginx.location | Location to serve cgit under.
|
| services.rspamd.locals.<name>.source | Path of the source file.
|
| services.rauc.slots.<name>.*.settings | Settings for this slot.
|
| services.spiped.config.<name>.target | Address to which spiped should connect.
|
| security.pam.services.<name>.oathAuth | If set, the OATH Toolkit will be used.
|
| services.kimai.sites.<name>.poolConfig | Options for the Kimai PHP pool
|
| services.geth.<name>.authrpc.enable | Whether to enable Go Ethereum Auth RPC API.
|
| systemd.user.services.<name>.reload | Shell commands executed when the service's main process
is reloaded.
|
| systemd.user.services.<name>.postStart | Shell commands executed after the service's main process
is started.
|
| nix.registry.<name>.to | The flake reference from is rewritten to
|
| users.users.<name>.enable | If set to false, the user account will not be created
|
| services.i2pd.inTunnels.<name>.outbound.length | Guaranteed minimum hops for ‹name› tunnels.
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.module | Optional PKCS#11 module name.
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.keySize | Key size in bits
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.keySize | Key size in bits
|
| services.awstats.configs.<name>.extraConfig | Extra configuration to be appended to awstats.${name}.conf.
|
| services.tahoe.nodes.<name>.helper.enable | Whether to enable helper service.
|
| services.bitcoind.<name>.group | The group as which to run bitcoind.
|
| users.users.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.phpfpm.pools.<name>.socket | Path to the unix socket file on which to accept FastCGI requests.
This option is read-only and managed by NixOS.
|
| systemd.services.<name>.postStart | Shell commands executed after the service's main process
is started.
|
| systemd.services.<name>.reload | Shell commands executed when the service's main process
is reloaded.
|
| systemd.user.services.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| networking.wireguard.interfaces.<name>.peers.*.name | Name used to derive peer unit name.
|
| services.httpd.virtualHosts.<name>.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.nginx.virtualHosts.<name>.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.bacula-sd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.bacula-fd.director.<name>.tls.enable | Specifies if TLS should be enabled
|
| services.i2pd.outTunnels.<name>.outbound.length | Guaranteed minimum hops for ‹name› tunnels.
|
| services.nsd.zones.<name>.provideXFR | Allow these IPs and TSIG to transfer zones, addr TSIG|NOKEY|BLOCKED
address range 192.0.2.0/24, 1.2.3.4&255.255.0.0, 3.0.2.20-3.0.2.40
|
| services.fedimintd.<name>.nginx.config.locations.<name>.index | Adds index directive.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.alias | Alias directory for requests.
|
| services.nix-store-gcs-proxy.<name>.enable | Whether to enable proxy for this bucket
|
| services.jupyter.kernels.<name>.displayName | Name that will be shown to the user.
|
| services.drupal.sites.<name>.package | The drupal package to use.
|
| services.autorandr.profiles.<name>.config.<name>.primary | Whether output should be marked as primary
|
| systemd.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.openvpn.servers.<name>.up | Shell commands executed when the instance is starting.
|
| services.nginx.virtualHosts.<name>.http3 | Whether to enable the HTTP/3 protocol
|
| systemd.services.<name>.before | If the specified units are started at the same time as
this unit, delay them until this unit has started.
|
| services.xserver.displayManager.lightdm.greeter.name | The name of a .desktop file in the directory specified
in the 'package' option.
|
| systemd.paths.<name>.wants | Start the specified units when this unit is started.
|
| services.autosuspend.checks.<name>.class | Name of the class implementing the check
|
| services.filebeat.modules.<name>.module | The name of the module
|
| services.syncoid.commands.<name>.source | Source ZFS dataset
|
| services.stash.settings.stash_boxes.*.name | The name of the Stash Box
|
| services.fedimintd.<name>.ui.bind | Address to bind on for UI connections
|
| services.jupyter.kernels.<name>.env | Environment variables to set for the kernel.
|
| services.nginx.virtualHosts.<name>.root | The path of the web root directory.
|
| services.rspamd.workers.<name>.count | Number of worker instances to run
|
| services.redis.servers.<name>.syslog | Enable logging to the system logger.
|
| services.redis.servers.<name>.enable | Whether to enable Redis server.
|
| services.nebula.networks.<name>.ca | Path to the certificate authority certificate.
|
| services.redis.servers.<name>.slowLogMaxLen | Maximum number of items to keep in slow log.
|
| services.rspamd.workers.<name>.type | The type of this worker
|
| security.pam.services.<name>.otpwAuth | If set, the OTPW system will be used (if
~/.otpw exists).
|
| services.quicktun.<name>.tunMode | Whether to operate in tun (IP) or tap (Ethernet) mode.
|
| services.consul-template.instances | Attribute set of consul-template instances
|
| services.tinc.networks.<name>.hostSettings.<name>.rsaPublicKey | Legacy RSA public key of the host in PEM format, including start and
end markers
|
| services.librespeed.frontend.servers.*.name | Name shown in the server list.
|
| nix.registry.<name>.flake | The flake input from is rewritten to.
|
| services.namecoind.rpc.user | User name for RPC connections.
|
| services.sourcehut.settings."sr.ht".site-name | The name of your network of sr.ht-based sites.
|
| services.hostapd.radios.<name>.networks.<name>.macDenyFile | Specifies a file containing the MAC addresses to deny if macAcl is set to "deny" or "radius"
|
| services.hostapd.radios.<name>.networks.<name>.macAcl | Station MAC address -based authentication
|
| services.nsd.keys.<name>.algorithm | Authentication algorithm for this key.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.tryFiles | Adds try_files directive.
|
| services.fedimintd.<name>.ui.port | TCP Port to bind on for UI connections
|
| services.fedimintd.<name>.p2p.url | Public address for p2p connections from peers (if TCP is used)
|
| security.pam.services.<name>.unixAuth | Whether users can log in with passwords defined in
/etc/shadow.
|
| services.redis.servers.<name>.logLevel | Specify the server verbosity level, options: debug, verbose, notice, warning.
|
| security.wrappers.<name>.program | The name of the wrapper program
|
| users.users.<name>.extraGroups | The user's auxiliary groups.
|
| services.bacula-sd.device.<name>.mediaType | The specified name-string names the type of media supported by this
device, for example, DLT7000
|
| services.sympa.domains.<name>.webHost | Domain part of the web interface URL (no web interface for this domain if null)
|
| services.acpid.handlers.<name>.event | Event type.
|
| systemd.user.services.<name>.aliases | Aliases of that unit.
|
| security.pam.services.<name>.enable | Whether to enable this PAM service.
|
| services.nebula.networks.<name>.key | Path or reference to the host key.
|
| services.ndppd.proxies.<name>.router | Turns on or off the router flag for Neighbor Advertisement Messages.
|
| users.users.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| services.tahoe.nodes.<name>.client.helper | The furl for a Tahoe helper node
|
| services.drupal.sites.<name>.virtualHost.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.bird-lg.frontend.nameFilter | Protocol names to hide in summary tables (RE2 syntax),
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.module | Optional PKCS#11 module name.
|
| services.r53-ddns.hostname | Manually specify the hostname
|
| services.sourcehut.settings."sr.ht".owner-name | Owner's name.
|
| services.inadyn.settings.custom.<name>.ddns-server | DDNS server name.
|
| services.inadyn.settings.custom.<name>.hostname | Hostname alias(es).
|
| services.inadyn.settings.custom.<name>.username | Username for this DDNS provider.
|
| services.jupyter.kernels.<name>.language | Language of the environment
|
| services.awstats.configs.<name>.type | The type of log being collected.
|
| systemd.services.<name>.aliases | Aliases of that unit.
|
| services.librenms.distributedPoller.name | Custom name of this poller.
|