| services.rke2.manifests.<name>.target | Name of the symlink (relative to /var/lib/rancher/rke2/server/manifests)
|
| services.h2o.hosts.<name>.tls | TLS options for virtual host
|
| systemd.slices.<name>.wants | Start the specified units when this unit is started.
|
| systemd.timers.<name>.wants | Start the specified units when this unit is started.
|
| services.i2pd.inTunnels.<name>.enable | Whether to enable ‹name›.
|
| services.nix-store-gcs-proxy.<name>.bucketName | Name of Google storage bucket
|
| services.mysql.initialDatabases.*.name | The name of the database to create.
|
| services.hostapd.radios.<name>.networks.<name>.ssid | SSID to be used in IEEE 802.11 management frames.
|
| services.geth.<name>.http.apis | APIs to enable over WebSocket
|
| swapDevices.*.device | Path of the device or swap file.
|
| systemd.timers.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| systemd.slices.<name>.partOf | If the specified units are stopped or restarted, then this
unit is stopped or restarted as well.
|
| nix.settings.extra-sandbox-paths | Directories from the host filesystem to be included
in the sandbox.
|
| services.cgit.<name>.repos | cgit repository settings, see cgitrc(5)
|
| services.chromadb.dbpath | Location where ChromaDB stores its files
|
| services.i2pd.outTunnels.<name>.enable | Whether to enable ‹name›.
|
| services.cgit.<name>.nginx.virtualHost | VirtualHost to serve cgit on, defaults to the attribute name.
|
| services.bcg.rename | Rename nodes to different name.
|
| services.prometheus.remoteWrite.*.name | Name of the remote write config, which if specified must be unique among remote write configs
|
| services.writefreely.admin.name | The name of the first admin user.
|
| services.cgit.<name>.enable | Whether to enable cgit.
|
| services.nntp-proxy.users.<name>.username | Username
|
| services.discourse.secretKeyBaseFile | The path to a file containing the
secret_key_base secret
|
| services.multipath.devices.*.getuid_callout | (Superseded by uid_attribute) The default program and args to callout
to obtain a unique path identifier
|
| services.postgresql.ensureUsers.*.name | Name of the user to ensure.
|
| systemd.units.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.stash.settings.plugins_path | Path to scrapers
|
| services.quicktun.<name>.privateKey | Local secret key in hexadecimal form.
This option is deprecated
|
| users.users.<name>.subUidRanges | Subordinate user ids that user is allowed to use
|
| users.users.<name>.subGidRanges | Subordinate group ids that user is allowed to use
|
| virtualisation.podman.enable | This option enables Podman, a daemonless container engine for
developing, managing, and running OCI Containers on your Linux System
|
| services.h2o.hosts.<name>.http | HTTP options for virtual host
|
| services.h2o.hosts.<name>.acme | ACME options for virtual host.
|
| services.hostapd.radios.<name>.networks.<name>.group | Members of this group can access the control socket for this interface.
|
| services.geth.<name>.gcmode | Blockchain garbage collection mode.
|
| services.uhub.<name>.enable | Whether to enable hub instance.
|
| services.firezone.headless-client.name | The name of this client as shown in firezone
|
| services.connman.networkInterfaceBlacklist | Default blacklisted interfaces, this includes NixOS containers interfaces (ve).
|
| virtualisation.lxc.defaultConfig | Default config (default.conf) for new containers, i.e. for
network config
|
| services.ndppd.proxies.<name>.rules.<name>.interface | Interface to use when method is iface.
|
| users.groups.<name>.members | The user names of the group members, added to the
/etc/group file.
|
| systemd.slices.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| systemd.timers.<name>.after | If the specified units are started at the same time as
this unit, delay this unit until they have started.
|
| services.pretix.settings.database.name | Database name.
|
| services.geth.<name>.http.port | Port number of Go Ethereum HTTP API.
|
| services.hostapd.radios.<name>.networks.<name>.utf8Ssid | Whether the SSID is to be interpreted using UTF-8 encoding.
|
| systemd.units.<name>.aliases | Aliases of that unit.
|
| services.go-camo.sslKey | Path to TLS private key.
|
| users.users.<name>.subUidRanges.*.count | Count of subordinate user ids
|
| users.users.<name>.subGidRanges.*.count | Count of subordinate group ids
|
| services.cntlm.username | Proxy account name, without the possibility to include domain name ('at' sign is interpreted literally).
|
| power.ups.users.<name>.actions | Allow the user to do certain things with upsd
|
| services.frr.pathd.extraOptions | Extra options to be appended to the FRR pathd daemon options.
|
| services.multipath.devices.*.path_checker | The default method used to determine the paths state
|
| services.geth.<name>.extraArgs | Additional arguments passed to Go Ethereum.
|
| services.geth.<name>.enable | Whether to enable Go Ethereum Node.
|
| users.users.<name>.autoSubUidGidRange | Automatically allocate subordinate user and group ids for this user
|
| services.rauc.slots.<name>.*.type | The type of the device.
|
| services.tts.servers.<name>.model | Name of the model to download and use for speech synthesis
|
| services.netdata.configDir | Complete netdata config directory except netdata.conf
|
| services.supybot.configFile | Path to initial supybot config file
|
| fileSystems.<name>.label | Label of the device
|
| hardware.alsa.cardAliases.<name>.driver | Name of the kernel module that provides the card.
|
| services.pgbackrest.stanzas.<name>.jobs.<name>.type | Backup type as described in:
https://pgbackrest.org/command.html#command-backup/category-command/option-type
|
| users.extraUsers.<name>.extraGroups | The user's auxiliary groups.
|
| services.tinc.networks.<name>.hostSettings | The name of the host in the network as well as the configuration for that host
|
| users.extraUsers.<name>.enable | If set to false, the user account will not be created
|
| services.filesender.database.name | Database name.
|
| services.limesurvey.database.name | Database name.
|
| services.zoneminder.database.name | Name of database.
|
| services.go-camo.sslCert | Path to TLS certificate.
|
| services.coder.tlsKey | The path to the TLS key.
|
| services.yarr.baseUrl | Base path of the service url.
|
| services.nsd.zones.<name>.allowNotify | Listed primary servers are allowed to notify this secondary server
|
| environment.pathsToLink | List of directories to be symlinked in /run/current-system/sw.
|
| services.nginx.virtualHosts.<name>.locations.<name>.root | Root directory for requests.
|
| hardware.sane.brscan5.netDevices.<name>.nodename | The node name of the device
|
| hardware.sane.brscan4.netDevices.<name>.nodename | The node name of the device
|
| services.szurubooru.database.name | Name of the PostgreSQL database.
|
| services.linkwarden.database.name | The name of the Linkwarden database.
|
| services.hylafax.modems.<name>.type | Name of modem configuration file,
will be searched for in config
in the spooling area directory.
|
| services.i2pd.inTunnels.<name>.address | Bind address for ‹name› endpoint.
|
| systemd.slices.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| systemd.timers.<name>.wantedBy | Units that want (i.e. depend on) this unit
|
| services.uhub.<name>.enableTLS | Whether to enable TLS support.
|
| virtualisation.docker.enableOnBoot | When enabled dockerd is started on boot
|
| services.autorandr.profiles.<name>.config.<name>.dpi | Output DPI configuration.
|
| boot.loader.grub.mirroredBoots.*.efiSysMountPoint | The path to the efi system mount point
|
| services.akkoma.config.":pleroma".":instance".name | Instance name.
|
| services.mattermost.database.name | Local Mattermost database name.
|
| services.scrutiny.settings.web.listen.basepath | If Scrutiny will be behind a path prefixed reverse proxy, you can override this
value to serve Scrutiny on a subpath.
|
| services.hadoop.yarn.nodemanager.resource.cpuVCores | Number of vcores that can be allocated for containers.
|
| virtualisation.docker.enableNvidia | Deprecated, please use hardware.nvidia-container-toolkit.enable instead
|
| virtualisation.podman.enableNvidia | Deprecated, please use hardware.nvidia-container-toolkit.enable instead
|
| services.prometheus.exporters.pve.environmentFile | Path to the service's environment file
|
| hardware.alsa.controls.<name>.device | Name of the PCM device to control (slave).
|
| services.nginx.proxyCachePath.<name>.keysZoneName | Set name to shared memory zone.
|
| services.i2pd.outTunnels.<name>.address | Bind address for ‹name› endpoint.
|
| services.postfix.masterConfig.<name>.command | A program name specifying a Postfix service/daemon process
|
| systemd.sockets.<name>.wants | Start the specified units when this unit is started.
|