| services.rke2.extraKubeProxyConfig | Extra configuration to add to the kube-proxy's configuration file
|
| services.matrix-synapse.settings.log_config | The file that holds the logging configuration.
|
| services.consul-template.instances.<name>.settings.pid_file | Path to use for the pid file.
|
| services.filesender.package | The filesender package to use.
|
| services.filebrowser.group | Group under which FileBrowser runs.
|
| services.authelia.instances.<name>.settings.log.file_path | File path where the logs will be written
|
| services.xrdp.sslCert | ssl certificate path
A self-signed certificate will be generated if file not exists.
|
| services.tuned.ppdSettings.profiles | Map of PPD profiles to native TuneD profiles.
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.bacula-sd.device.<name>.archiveDevice | The specified name-string gives the system file name of the storage
device managed by this storage daemon
|
| services.etcd.peerKeyFile | Key file to use for peer to peer communication
|
| services.prometheus.alertmanager.environmentFile | File to load as environment file
|
| services.xserver.windowManager.qtile.configFile | Path to the qtile configuration file
|
| programs.less.enable | Whether to enable less, a file pager.
|
| services.coturn.pkey | Private key file in PEM format.
|
| services.hercules-ci-agent.settings.clusterJoinTokenPath | Location of the cluster-join-token.key file
|
| services.zammad.database.settings | The database.yml configuration file as key value set
|
| services.docuseal.secretKeyBaseFile | Path to file containing the secret key base
|
| services.xserver.windowManager.mlvwm.configFile | Path to the mlvwm configuration file
|
| services.xserver.windowManager.bspwm.configFile | Path to the bspwm configuration file
|
| services.glance.environmentFile | Path to an environment file as defined in systemd.exec(5)
|
| services.awstats.configs.<name>.logFile | The log file to be scanned
|
| services.openafsClient.globalCellServDBFile | Global CellServDB file to be deployed
|
| services.hercules-ci-agent.settings | These settings are written to the agent.toml file
|
| services.beesd.filesystems | BTRFS filesystems to run block-level deduplication on.
|
| services.mastodon.otpSecretFile | Path to file containing the OTP secret
|
| services.filebeat.inputs | Inputs specify how Filebeat locates and processes input data
|
| services.oink.apiKeyFile | Path to a file containing the API key to use when modifying DNS records.
|
| services.k3s.tokenFile | File path containing the k3s token to use when connecting to a server.
|
| services.filesender.localDomain | The domain serving your FileSender instance.
|
| services.cachefilesd.cacheDir | Directory to contain filesystem cache.
|
| virtualisation.fileSystems.<name>.overlay.upperdir | The path to the upperdir
|
| programs.yazi.enable | Whether to enable yazi terminal file manager.
|
| services.cjdns.confFile | Ignore all other cjdns options and load configuration from this file.
|
| services.diod.enable | Whether to enable the diod 9P file server.
|
| services.prometheus.scrapeConfigs.*.hetzner_sd_configs.*.tls_config.cert_file | Certificate file for client cert authentication to the server.
|
| services.unpoller.unifi.defaults.pass | Path of a file containing the password for the unifi service user
|
| services.printing.cups-pdf.instances.<name>.settings | Settings for a cups-pdf instance, see the descriptions in the template config file in the cups-pdf package
|
| services.ocis.environmentFile | An environment file as defined in systemd.exec(5)
|
| virtualisation.fileSystems.<name>.overlay.lowerdir | The list of path(s) to the lowerdir(s)
|
| boot.initrd.clevis.useTang | Whether the Clevis JWE file used to decrypt the devices uses a Tang server as a pin.
|
| services.athens.downloadMode | Defines how Athens behaves when a module@version
is not found in storage
|
| services.glance.settings | Configuration written to a yaml file that is read by glance
|
| services.warpgate.databaseUrlFile | Path to file containing database connection string with credentials
|
| services.duplicity.includeFileList | File containing newline-separated list of paths to include into the
backups
|
| services.duplicity.excludeFileList | File containing newline-separated list of paths to exclude into the
backups
|
| services.shairport-sync.settings | Configuration options for Shairport-Sync
|
| services.gitea.dump.type | Archive format used to store the dump file.
|
| boot.tmp.zramSettings.fs-type | The file system to put on the device
|
| services.filebrowser.enable | Whether to enable FileBrowser.
|
| services.zeronet.fileserverPort | Zeronet fileserver port.
|
| services.trickster.profiler-port | Port that the /debug/pprof endpoint will listen on.
|
| security.pki.caBundle | (Read-only) the path to the final bundle of certificate authorities as a single file.
|
| services.bacula-fd.tls | TLS Options for the File Daemon
|
| boot.loader.grub.users.<name>.hashedPasswordFile | Specifies the path to a file containing the password hash
for the account, generated with grub-mkpasswd-pbkdf2
|
| boot.initrd.services.udev.packages | This will only be used when systemd is used in stage 1.
List of packages containing udev rules that will be copied to stage 1
|
| users.users.<name>.pamMount | Attributes for user's entry in
pam_mount.conf.xml
|
| services.power-profiles-daemon.package | The power-profiles-daemon package to use.
|
| services.etcd.peerCertFile | Cert file to use for peer to peer communication
|
| services.bosun.stateFile | Path to bosun's state file.
|
| services.mautrix-discord.environmentFile | File containing environment variables to substitute when copying the configuration
out of Nix store to the services.mautrix-discord.dataDir
|
| services.athens.hgrcPath | Path to the .hgrc file.
|
| boot.initrd.systemd.tmpfiles.settings | Similar to systemd.tmpfiles.settings but the rules are
only applied by systemd-tmpfiles before initrd-switch-root.target
|
| services.timesyncd.servers | The set of NTP servers from which to synchronise
|
| services.mosquitto.listeners.*.users.<name>.passwordFile | Specifies the path to a file containing the
clear text password for the MQTT user
|
| services.suricata.settings.rule-files | Files to load suricata-update managed rules, relative to 'default-rule-path'.
|
| services.firezone.gateway.tokenFile | A file containing the firezone gateway token
|
| services.matterbridge.configPath | The path to the matterbridge configuration file.
|
| services.gitolite.extraGitoliteRc | Extra configuration to append to the default ~/.gitolite.rc
|
| programs.git.lfs.enable | Whether to enable git-lfs (Large File Storage).
|
| services.factorio.extraSettingsFile | File, which is dynamically applied to server-settings.json before
startup
|
| services.prometheus.scrapeConfigs.*.puppetdb_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| services.prometheus.scrapeConfigs.*.scaleway_sd_configs.*.tls_config.key_file | Key file for client cert authentication to the server.
|
| security.audit.rules | The ordered audit rules, with each string appearing as one line of the audit.rules file.
|
| programs.openvpn3.log-service.settings | Options stored in /etc/openvpn3/log-service.json configuration file
|
| services.foundationdb.logSize | Roll over to a new log file after the current log file
reaches the specified size.
|
| services.scrutiny.settings | Scrutiny settings to be rendered into the configuration file
|
| services.lldap.settings.jwt_secret_file | Path to a file containing the JWT secret.
|
| services.send.enable | Whether to enable Send, a file sharing web sevice for ffsend..
|
| services.blockbook-frontend.<name>.cssDir | Location of the dir with main.css CSS file
|
| services.filebeat.modules.<name>.module | The name of the module
|
| services.cloudflare-ddns.credentialsFile | Path to a file containing the Cloudflare API authentication token
|
| services.firefly-iii.settings.APP_KEY_FILE | The path to your appkey
|
| users.mysql.passwordFile | The path to the file containing the password for the user
|
| services.athens.tlsKeyFile | Path to the TLS key file.
|
| services.vsftpd.rsaKeyFile | RSA private key file.
|
| services.journald.remote.settings.Remote.ServerKeyFile | A path to a SSL secret key file in PEM format
|
| xdg.portal.wlr.enable | Whether to enable desktop portal for wlroots-based desktops
|
| services.xserver.windowManager.bspwm.sxhkd.configFile | Path to the sxhkd configuration file
|
| services.cachefilesd.enable | Whether to enable cachefilesd network filesystems caching daemon.
|
| services.ttyd.keyFile | SSL key file path
|
| services.nginx.logError | Configures logging
|
| boot.loader.systemd-boot.extraEntries | Any additional entries you want added to the systemd-boot menu
|
| services.rke2.tokenFile | File path containing the rke2 token to use when connecting to a server.
|
| services.engelsystem.settings | Options to be added to config.php, as a nix attribute set
|
| services.neo4j.ssl.policies.<name>.privateKey | The name of private PKCS #8 key file for this policy to be found
in the baseDirectory, or the absolute path to
the key file
|
| boot.initrd.enable | Whether to enable the NixOS initial RAM disk (initrd)
|
| services.power-profiles-daemon.enable | Whether to enable power-profiles-daemon, a DBus daemon that allows
changing system behavior based upon user-selected power profiles.
|
| services.journald.remote.output | The location of the output journal
|