Compare commits

...

4 Commits

Author SHA1 Message Date
Giulio De Pasquale
faf97e2b3f updated flake 2021-12-08 16:48:32 +01:00
Giulio De Pasquale
07de18a9a9 max upload size bumped to 30MB 2021-12-08 16:48:02 +01:00
Giulio De Pasquale
394b5e5070 gitea ssh listen with sshd, lfs enabled 2021-12-08 16:47:11 +01:00
Giulio De Pasquale
05a4fa074b use tmpOnTmpfsSize 2021-12-08 16:45:21 +01:00
5 changed files with 30 additions and 29 deletions

18
flake.lock generated
View File

@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1638267006,
"narHash": "sha256-heZdDlD09rnoeEiZ4wKfbXNDkO5I9qVFvX9d790h/XE=",
"lastModified": 1638553958,
"narHash": "sha256-leETjYMtD9y37CvfRSQhIGibcIl4dNVlFkY/8QgqmAM=",
"owner": "rycee",
"repo": "home-manager",
"rev": "3e93c4e8b2b479c712b7c20a428993b459118842",
"rev": "6ce1d64073f48b9bc9425218803b1b607454c1e7",
"type": "github"
},
"original": {
@ -23,11 +23,11 @@
},
"nixos-unstable": {
"locked": {
"lastModified": 1638286143,
"narHash": "sha256-A+rgjbIpz3uPRKHPXwdmouVcVn5pZqLnaZHymjkraG4=",
"lastModified": 1638806821,
"narHash": "sha256-v2qd2Bsmzft53s43eCbN+4ocrLksRdFLyF/MAGuWuDA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "29d1f6e1f625d246dcf84a78ef97b4da3cafc6ea",
"rev": "bc5d68306b40b8522ffb69ba6cff91898c2fbbff",
"type": "github"
},
"original": {
@ -39,11 +39,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1638279546,
"narHash": "sha256-1KCwN7twjp1dBdp0jPgVdYFztDkCR8+roo0B34J9oBY=",
"lastModified": 1638887115,
"narHash": "sha256-emjtIeqyJ84Eb3X7APJruTrwcfnHQKs55XGljj62prs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "96b4157790fc96e70d6e6c115e3f34bba7be490f",
"rev": "1bd4bbd49bef217a3d1adea43498270d6e779d65",
"type": "github"
},
"original": {

View File

@ -39,8 +39,10 @@ in {
services.fwupd.enable = true;
boot = {
kernelParams =
[ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" "nvme_core.default_ps_max_latency_us=5500" ];
kernelParams = [
"ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off"
"nvme_core.default_ps_max_latency_us=5500"
];
kernel.sysctl."net.ipv4.ip_forward" = 1;
initrd = {
availableKernelModules = [ "igc" "r8169" ];
@ -70,6 +72,7 @@ in {
supportedFilesystems = [ "zfs" ];
zfs.requestEncryptionCredentials = true;
tmpOnTmpfsSize = "75%";
};
networking = {

View File

@ -5,9 +5,8 @@ with import ./network.nix; {
domain = "git.giugl.io";
appName = "Gitea";
rootUrl = "https://git.giugl.io";
ssh.clonePort = 10022;
log.level = "Info";
settings.server.START_SSH_SERVER = true;
ssh.clonePort = 22;
settings.server.LFS_START_SERVER = true;
};
services.nginx.virtualHosts.${gitdomain} = {
@ -29,4 +28,5 @@ with import ./network.nix; {
${architect-lan} ${gitdomain}
${architect-wg} ${gitdomain}
'';
}

View File

@ -42,12 +42,6 @@
fsType = "vfat";
};
fileSystems."/tmp" = {
fsType = "tmpfs";
device = "tmpfs";
options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=29G" ];
};
swapDevices = [{
device = "/dev/sdc1";
size = 100000;

View File

@ -18,8 +18,8 @@ with import ./network.nix; {
auto_join_rooms:
- "#infra:matrix.giugl.io"
- "#general:matrix.giugl.io"
- "#gaming:matrix.giugl.io"
- "#movies:matrix.giugl.io"
max_upload_size: "30M"
'';
listeners = [{
port = 8008;
@ -42,6 +42,7 @@ with import ./network.nix; {
postgresql = {
enable = true;
package = pkgs.postgresql_11;
ensureDatabases = [ "synapse" ];
ensureUsers = [{
name = "matrix-synapse";
@ -54,6 +55,9 @@ with import ./network.nix; {
${matrixdomain} = {
enableACME = true;
forceSSL = true;
extraConfig = ''
client_max_body_size 30m;
'';
locations."= /.well-known/matrix/server".extraConfig =
let server = { "m.server" = "${matrixdomain}:443"; };
in ''