| services.typesense.apiKeyFile | Sets the admin api key for typesense
|
| services.rkvm.server.settings.key | TLS key path.
This should be generated with rkvm-certificate-gen.
|
| services.ergo.api.keyHash | Hex-encoded Blake2b256 hash of an API key as a 64-chars long Base16 string.
|
| services.gns3-server.ssl.keyFile | Private key file for the certificate.
|
| services.nsd.keys.<name>.keyFile | Path to the file which contains the actual base64 encoded
key
|
| services.morty.key | HMAC url validation key (hexadecimal encoded)
|
| console.keyMap | The keyboard mapping table for the virtual consoles.
|
| services.prosody.ssl.key | Path to the key file.
|
| services.nghttpx.tls.key | Path to the TLS key file.
|
| services.etcd.keyFile | Key file to use for clients
|
| services.bacula-sd.tls.key | The path of a PEM encoded TLS private key
|
| services.bacula-fd.tls.key | The path of a PEM encoded TLS private key
|
| services.bacula-dir.tls.key | The path of a PEM encoded TLS private key
|
| services.oauth2-proxy.tls.key | Path to private key file.
|
| services.rkvm.server.settings.switch-keys | A key list specifying a host switch combination.
A list of key names is available in https://github.com/htrefil/rkvm/blob/master/switch-keys.md.
|
| boot.initrd.luks.devices.<name>.keyFileSize | The size of the key file
|
| services.pgmanage.tls.key | TLS key
|
| services.llama-swap.tls.keyFile | Path to the TLS private key file
|
| services.thanos.rule.grpc-server-tls-key | TLS Key for the gRPC server, leave blank to disable TLS
|
| services.warpgate.settings.http.key | Path to HTTPS listener private key.
|
| boot.initrd.luks.devices.<name>.keyFileOffset | The offset of the key file
|
| services.btrbk.sshAccess.*.key | SSH public key allowed to login as user btrbk to run remote backups.
|
| services.thanos.store.grpc-server-tls-key | TLS Key for the gRPC server, leave blank to disable TLS
|
| services.thanos.query.grpc-server-tls-key | TLS Key for the gRPC server, leave blank to disable TLS
|
| services.public-inbox.nntp.key | Path to TLS key to use for connections to public-inbox-nntpd(1).
|
| services.public-inbox.imap.key | Path to TLS key to use for connections to public-inbox-imapd(1).
|
| services.warpgate.settings.mysql.key | Path to MySQL listener private key.
|
| services.ttyd.keyFile | SSL key file path
|
| services.ghostunnel.servers.<name>.key | Path to certificate private key (PEM with private key)
|
| security.acme.certs.<name>.keyType | Key type to use for private keys
|
| services.athens.storage.s3.key | Access key id for the S3 storage backend.
|
| services.journald.gateway.key | Specify the path to a file or AF_UNIX stream socket to read the
secret server key corresponding to the certificate specified with
services.journald.gateway.cert from
|
| services.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| services.namecoind.rpc.key | Key file for securing RPC connections.
|
| services.kubernetes.apiserver.etcd.keyFile | Etcd key file.
|
| services.taskserver.pki.manual.server.key | Fully qualified path to the server key.
Setting this option will prevent automatic CA creation and handling.
|
| services.molly-brown.keyPath | Path to TLS key
|
| services.go-camo.keyFile | A file containing the HMAC key to use for signing URLs
|
| services.thanos.receive.grpc-server-tls-key | TLS Key for the gRPC server, leave blank to disable TLS
|
| services.thanos.sidecar.grpc-server-tls-key | TLS Key for the gRPC server, leave blank to disable TLS
|
| services.galene.keyFile | Path to the server's private key
|
| services.athens.storage.minio.key | Access key id for the minio storage backend.
|
| services.kanidm.server.settings.tls_key | TLS key in pem format.
|
| services.documize.key | The key.pem file used for https.
|
| security.acme.defaults.keyType | Key type to use for private keys
|
| programs.tmux.keyMode | VI or Emacs style shortcuts.
|
| services.warpgate.settings.postgres.key | Path to PostgreSQL listener private key.
|
| services.flannel.etcd.keyFile | Etcd key file
|
| services.sourcehut.settings.mail.pgp-privkey | An absolute file path (which should be outside the Nix-store)
to an OpenPGP private key
|
| services.nebula.networks.<name>.key | Path or reference to the host key.
|
| services.mycelium.keyFile | Optional path to a file containing the mycelium key material
|
| services.gitolite.adminPubkey | Initial administrative public key for Gitolite
|
| boot.initrd.luks.devices.<name>.yubikey.keyLength | Length of the LUKS slot key derived with PBKDF2 in byte.
|
| services.sourcehut.settings."sr.ht".service-key | An absolute file path (which should be outside the Nix-store)
to a key used for encrypting session cookies
|
| services.thanos.query-frontend.grpc-server-tls-key | TLS Key for the gRPC server, leave blank to disable TLS
|
| services.sourcehut.settings.mail.pgp-key-id | OpenPGP key identifier.
|
| services.prosody.virtualHosts.<name>.ssl.key | Path to the key file.
|
| services.bacula-sd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.bacula-fd.director.<name>.tls.key | The path of a PEM encoded TLS private key
|
| services.grafana.settings.server.cert_key | Path to the certificate key file (if protocol is set to https or h2).
|
| services.lasuite-meet.livekit.keyFile | LiveKit key file holding one or multiple application secrets
|
| boot.initrd.luks.devices.<name>.keyFile | The name of the file (can be a raw device or a partition) that
should be used as the decryption key for the encrypted device
|
| services.sourcehut.settings."sr.ht".network-key | An absolute file path (which should be outside the Nix-store)
to a secret key to encrypt internal messages with
|
| services.kmonad.keyboards.<name>.defcfg.compose.key | The (optional) compose key to use.
|
| services.syncthing.key | Path to the key.pem file, which will be copied into Syncthing's
configDir.
|
| services.infinoted.keyFile | Private key to use for TLS
|
| services.sourcehut.settings.webhooks.private-key | An absolute file path (which should be outside the Nix-store)
to a base64-encoded Ed25519 key for signing webhook payloads
|
| services.thanos.query.grpc-client-tls-key | TLS Key for the client's certificate
|
| services.tarsnap.keyfile | The keyfile which associates this machine with your tarsnap
account
|
| services.misskey.settings.meilisearch.apiKey | The Meilisearch API key.
|
| nix.sshServe.keys | A list of SSH public keys allowed to access the binary cache via SSH.
|
| services.gitlab.registry.keyFile | Path to GitLab container registry certificate-key.
|
| services.coturn.pkey | Private key file in PEM format.
|
| services.foundationdb.tls.key | Private key file for the certificate.
|
| services.movim.h2o.tls.identity.*.key-file | Path to key file
|
| security.agnos.generateKeys.keySize | Key size in bits to use when generating new keys.
|
| services.cfdyndns.apikeyFile | The path to a file containing the API Key
used to authenticate with CloudFlare.
|
| services.keyd.enable | Whether to enable keyd, a key remapping daemon.
|
| programs.ssh.knownHosts.<name>.publicKey | The public key data for the host
|
| services.zeyple.keys | List of public key files that will be imported by gpg.
|
| services.nsd.zones.<name>.dnssecPolicy.ksk.keySize | Key size in bits
|
| services.nsd.zones.<name>.dnssecPolicy.zsk.keySize | Key size in bits
|
| boot.loader.systemd-boot.sortKey | The sort key used for the NixOS bootloader entries
|
| services.dkimproxy-out.keySize | Size of the RSA key to use to sign outgoing emails
|
| services.misskey.meilisearch.keyFile | The path to a file containing the Meilisearch API key
|
| services.crowdsec-firewall-bouncer.settings.api_key | API key to authenticate with a local crowdsec API
|
| services.nextcloud-spreed-signaling.settings.https.key | Path to the private key used for the HTTPS listener
|
| services.prometheus.exporters.pve.server.keyFile | Path to a SSL private key file for the server
|
| services.stash.settings.stash_boxes.*.apikey | Stash Box API key
|
| services.h2o.hosts.<name>.tls.identity.*.key-file | Path to key file
|
| nix.settings.trusted-public-keys | List of public keys used to sign binary caches
|
| services.sourcehut.settings.objects.s3-access-key | Access key to the S3-compatible object storage service
|
| services.komodo-periphery.ssl.keyFile | Path to SSL key file.
|
| services.schleuder.settings.keyserver | Key server from which to fetch and update keys
|
| services.keycloak.settings | Configuration options corresponding to parameters set in
conf/keycloak.conf
|
| services.reposilite.settings.keyPath | Path to the .jsk KeyStore or paths to the PKCS#8 certificate and private key, separated by a space (see example)
|
| services.sourcehut.settings.objects.s3-secret-key | An absolute file path (which should be outside the Nix-store)
to the secret key of the S3-compatible object storage service.
|
| services.kubernetes.kubelet.taints.<name>.key | Key of taint.
|
| services.bcg.mqtt.keyfile | Key file for MQTT server access.
|
| services.tarsnap.archives.<name>.keyfile | Set a specific keyfile for this archive
|