| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cert.<name>.file | Absolute path to the certificate to load
|
| power.ups.users.<name>.upsmon | Add the necessary actions for a upsmon process to work
|
| systemd.services.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.services.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| services.httpd.virtualHosts.<name>.hostName | Canonical hostname for the server.
|
| services.asusd.auraConfigs.<name>.source | Path of the source file.
|
| services.caddy.virtualHosts.<name>.hostName | Canonical hostname for the server.
|
| services.redis.servers.<name>.unixSocket | The path to the socket to bind to.
|
| services.rss2email.feeds.<name>.url | The URL at which to fetch the feed.
|
| systemd.services.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.kimai.sites.<name>.database.user | Database user.
|
| services.openafsClient.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.nginx.proxyCachePath.<name>.keysZoneSize | Set size to shared memory zone.
|
| services.openafsServer.cellServDB.<name>.*.ip | IP Address of a database server
|
| services.kimai.sites.<name>.settings | Structural Kimai's local.yaml configuration
|
| services.geth.<name>.authrpc.address | Listen address of Go Ethereum Auth RPC API.
|
| services.phpfpm.pools.<name>.phpPackage | The PHP package to use for running this PHP-FPM pool.
|
| services.restic.backups.<name>.runCheck | Whether to run the check command with the provided checkOpts options.
|
| services.k3s.autoDeployCharts.<name>.repo | The repo of the Helm chart
|
| services.fedimintd.<name>.api.bind | Address to bind on for API connections relied by the reverse proxy/tls terminator.
|
| services.fedimintd.<name>.api.port | Port to bind on for API connections relied by the reverse proxy/tls terminator.
|
| environment.etc.<name>.target | Name of symlink (relative to
/etc)
|
| users.users.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.hostapd.radios.<name>.networks.<name>.settings | Extra configuration options to put at the end of this BSS's defintion in the
hostapd.conf for the associated interface
|
| systemd.paths.<name>.wants | Start the specified units when this unit is started.
|
| systemd.paths.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| services.tinc.networks.<name>.hostSettings.<name>.addresses.*.port | The port where the host can be reached
|
| services.authelia.instances.<name>.group | The name of the group for this authelia instance.
|
| services.xserver.xkb.extraLayouts.<name>.typesFile | The path to the xkb types file
|
| services.namecoind.rpc.user | User name for RPC connections.
|
| services.quicktun.<name>.upScript | Run specified command or script after the tunnel device has been opened.
|
| services.fedimintd.<name>.nginx.config.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.redis.servers.<name>.save | The schedule in which data is persisted to disk, represented as a list of lists where the first element represent the amount of seconds and the second the number of changes
|
| services.hans.clients.<name>.extraConfig | Additional command line parameters
|
| services.iodine.clients.<name>.server | Hostname of server running iodined
|
| services.dokuwiki.sites.<name>.stateDir | Location of the DokuWiki state directory.
|
| services.rspamd.workers.<name>.enable | Whether to run the rspamd worker.
|
| services.restic.backups.<name>.checkOpts | A list of options for 'restic check'.
|
| services.i2pd.outTunnels.<name>.inbound.quantity | Number of simultaneous ‹name› tunnels.
|
| services.hostapd.radios.<name>.band | Specifies the frequency band to use, possible values are 2g for 2.4 GHz,
5g for 5 GHz, 6g for 6 GHz and 60g for 60 GHz.
|
| services.kimai.sites.<name>.database.host | Database host address.
|
| services.kimai.sites.<name>.database.port | Database host port.
|
| services.blockbook-frontend.<name>.user | The user as which to run blockbook-frontend-‹name›.
|
| services.geth.<name>.websocket.port | Port number of Go Ethereum WebSocket API.
|
| services.k3s.autoDeployCharts.<name>.hash | The hash of the packaged Helm chart
|
| services.tarsnap.archives.<name>.printStats | Print global archive statistics upon completion
|
| services.h2o.hosts.<name>.serverAliases | Additional names of virtual hosts served by this virtual host
configuration.
|
| systemd.user.services.<name>.upholds | Keeps the specified running while this unit is running
|
| security.pam.services.<name>.mysqlAuth | If set, the pam_mysql module will be used to
authenticate users against a MySQL/MariaDB database.
|
| security.pam.services.<name>.rssh | If set, the calling user's SSH agent is used to authenticate
against the configured keys
|
| services.strongswan-swanctl.swanctl.connections.<name>.remote.<name>.cacert.<name>.slot | Optional slot number of the token that stores the certificate.
|
| services.archisteamfarm.bots.<name>.username | Name of the user to log in
|
| nix.registry.<name>.flake | The flake input from is rewritten to.
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.cert.<name>.handle | Hex-encoded CKA_ID or handle of the certificate on a token or TPM,
respectively
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.index | Adds DirectoryIndex directive
|
| services.wordpress.sites.<name>.virtualHost.locations.<name>.alias | Alias directory for requests
|
| services.nsd.zones.<name>.maxRefreshSecs | Limit refresh time for secondary zones
|
| services.tor.relay.onionServices.<name>.map | See torrc manual.
|
| services.dokuwiki.sites.<name>.acl.*.actor | User or group to restrict
|
| services.bepasty.servers.<name>.dataDir | Path to the directory where the pastes will be saved to
|
| services.borgbackup.jobs.<name>.dateFormat | Arguments passed to date
to create a timestamp suffix for the archive name.
|
| security.pam.services.<name>.makeHomeDir | Whether to try to create home directories for users
with $HOMEs pointing to nonexistent
locations on session login.
|
| services.quicktun.<name>.remotePort | Remote UDP port
|
| users.users.<name>.extraGroups | The user's auxiliary groups.
|
| services.ax25.axports.<name>.package | The ax25-tools package to use.
|
| services.nylon.<name>.verbosity | Enable verbose output, default is to not be verbose.
|
| services.drupal.sites.<name>.virtualHost.locations.<name>.priority | Order of this location block in relation to the others in the vhost
|
| security.pam.services.<name>.limits.*.type | Type of this limit
|
| services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| services.cjdns.ETHInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.cjdns.UDPInterface.connectTo.<name>.login | (optional) name your peer has for you
|
| services.nylon.<name>.deniedIPRanges | Denied client IP ranges, these gets evaluated after the allowed IP ranges, defaults to all IPv4 addresses:
[ "0.0.0.0/0" ]
To block all other access than the allowed.
|
| systemd.services.<name>.scriptArgs | Arguments passed to the main process script
|
| systemd.user.services.<name>.onFailure | A list of one or more units that are activated when
this unit enters the "failed" state.
|
| systemd.user.services.<name>.onSuccess | A list of one or more units that are activated when
this unit enters the "inactive" state.
|
| services.nginx.virtualHosts.<name>.quic | Whether to enable the QUIC transport protocol
|
| systemd.user.services.<name>.unitConfig | Each attribute in this set specifies an option in the
[Unit] section of the unit
|
| services.httpd.virtualHosts.<name>.servedFiles | This option provides a simple way to serve individual, static files.
This option has been deprecated and will be removed in a future
version of NixOS
|
| services.netbird.tunnels.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| services.netbird.clients.<name>.suffixedName | A systemd service name to use (without .service suffix).
|
| services.znapzend.zetup.<name>.plan | The znapzend backup plan to use for the source
|
| boot.initrd.luks.devices.<name>.header | The name of the file or block device that
should be used as header for the encrypted device.
|
| services.nginx.virtualHosts.<name>.locations.<name>.fastcgiParams | FastCGI parameters to override
|
| services.borgbackup.jobs.<name>.wrapper | Name of the wrapper that is installed into PATH
|
| services.logcheck.ignore.<name>.level | Set the logcheck level.
|
| services.sanoid.datasets.<name>.daily | Number of daily snapshots.
|
| services.znapzend.zetup.<name>.enable | Whether to enable this source.
|
| services.borgbackup.jobs.<name>.postCreate | Shell commands to run after borg create
|
| users.users.<name>.cryptHomeLuks | Path to encrypted luks device that contains
the user's home directory.
|
| services.tahoe.nodes.<name>.storage.enable | Whether to enable storage service.
|
| services.wyoming.piper.servers.<name>.uri | URI to bind the wyoming server to.
|
| security.pam.services.<name>.limits.*.item | Item this limit applies to
|
| services.bacula-sd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.bacula-fd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.fedimintd.<name>.nginx.config.locations.<name>.extraConfig | These lines go to the end of the location verbatim.
|
| services.drupal.sites.<name>.virtualHost | Apache configuration can be done by adapting services.httpd.virtualHosts.
|
| services.drupal.sites.<name>.extraConfig | Extra configuration values that you want to insert into settings.php
|
| services.phpfpm.pools.<name>.phpOptions | "Options appended to the PHP configuration file php.ini used for this PHP-FPM pool."
|
| services.znapzend.zetup.<name>.destinations.<name>.host | Host to use for the destination dataset
|
| services.redis.servers.<name>.group | Group account under which this instance of redis-server runs.
If left as the default value this group will automatically be
created on system activation, otherwise you are responsible for
ensuring the group exists before the redis service starts.
|