nixos-config/stubbfelnix
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update to 20.09

Browse Source
This commit is contained in:
stubbfel
2020-12-23 18:13:26 +01:00
parent fd8a8e840a
commit 6bfd763a72
4 changed files with 71 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
module/news2kindle/news2kindle.nix
View File

@@ -59,11 +59,11 @@ jobs = concatMap(recipient: concatMap(cronjob:
["${cronjob.cronExpression} root bash ${script}"]) recipient.cronJobs) reps;
odfpyNoTest = pkgs.python2Packages.odfpy.overrideAttrs (oldAttrs: rec {
odfpyNoTest = pkgs.python38Packages.odfpy.overrideAttrs (oldAttrs: rec {
doInstallCheck = false;
});
apswNoTest = pkgs.python2Packages.apsw.overrideAttrs (oldAttrs: rec {
apswNoTest = pkgs.python38Packages.apsw.overrideAttrs (oldAttrs: rec {
doInstallCheck = false;
});
@@ -73,7 +73,7 @@ calibreWithRecipes = pkgs.calibre.overrideAttrs (oldAttrs: rec {
cp -ravf recipes $out/var/news2kindle
''+ oldAttrs.installPhase ;
buildInputs = (remove pkgs.python2Packages.apsw (remove pkgs.python2Packages.odfpy oldAttrs.buildInputs)) ++ [odfpyNoTest apswNoTest pkgs.python27Packages.feedparser];
buildInputs = (remove pkgs.python38Packages.apsw (remove pkgs.python38Packages.odfpy oldAttrs.buildInputs)) ++ [odfpyNoTest apswNoTest pkgs.python38Packages.feedparser pkgs.python38Packages.pyqt5];
# patches = oldAttrs.patches ++ [./calibre-disable_plugins.patch];
# patches = [./calibre-disable_plugins.patch];

2
programs/installed.nix
View File

@@ -2,7 +2,7 @@
{
environment.systemPackages = with pkgs; [
wget curl vim nano zsh fzf tmux git exa progress tldr steamcmd
wget curl vim nano zsh fzf tmux git exa progress tldr htop
];
imports =

89
services/nextcloud.nix
View File

@@ -1,7 +1,22 @@
{ config, pkgs, ... }:
let
myPhp = pkgs.php.buildEnv {
extensions = { all, ... }: with all; [ imagick opcache apcu redis memcached ];
extraConfig = ''
memory_limit=2G
post_max_size=2G
upload_max_filesize=2G
'';
};
in
{
nixpkgs.config.permittedInsecurePackages = [
"nextcloud-18.0.10"
];
environment.systemPackages = with pkgs; [ nextcloud18 ];
services.nginx.virtualHosts."cloud.stubbe.rocks" = {
@@ -26,23 +41,33 @@
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options sameorigin;
'';
locations = {
"/robots.txt" = {
extraConfig = "allow all;";
};
"/.well-known/carddav" = {
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
};
"/.well-known/caldav" = {
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
};
# Root
"/" = {
"= /robots.txt" = {
priority = 100;
extraConfig = ''
rewrite ^ /index.php$request_uri;
allow all;
log_not_found off;
access_log off;
'';
};
"/" = {
priority = 900;
extraConfig = "rewrite ^ /index.php;";
};
"^~ /.well-known" = {
priority = 210;
extraConfig = ''
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
try_files $uri $uri/ =404;
'';
};
# PHP files
@@ -77,6 +102,7 @@
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options sameorigin;
'';
};
@@ -92,6 +118,7 @@
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
add_header X-Frame-Options sameorigin;
'';
};
# Locally installed apps:
@@ -115,11 +142,11 @@
};
users.extraUsers.nextcloud.packages = [
pkgs.php
pkgs.phpPackages.apcu
pkgs.phpPackages.memcached
pkgs.phpPackages.redis
pkgs.phpPackages.imagick
myPhp
# pkgs.phpExtensions74.apcu
# pkgs.phpPackages.memcached
# pkgs.phpPackages.redis
# pkgs.phpPackages.imagick
];
# Option I: PHP-FPM pool for Nextcloud
@@ -136,10 +163,15 @@
"listen.group" = "${server}";
"user" = "${phpfpmUser}";
"group" = "${phpfpmGroup}";
"pm" = "ondemand";
"pm.max_children" = 4;
"pm.process_idle_timeout" = "10s";
"pm.max_requests" = 200;
"pm" = "dynamic";
"pm.max_children" = "120";
"pm.start_servers" = "12";
"pm.min_spare_servers" = "6";
"pm.max_spare_servers" = "18";
};
phpEnv = {
NEXTCLOUD_CONFIG_DIR = "/var/www/nextcloud/config";
PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin";
};
};
@@ -151,8 +183,15 @@
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
'';
# services.phpfpm.phpPackage = pkgs.php71;
memory_limit=2G
post_max_size=2G
upload_max_filesize=2G
extension=${pkgs.php74Extensions.redis}/lib/php/extensions/redis.so
extension=${pkgs.php74Extensions.apcu}/lib/php/extensions/apcu.so
extension=${pkgs.php74Extensions.imagick}/lib/php/extensions/imagick.so
extension=${pkgs.php74Extensions.opcache}/lib/php/extensions/opcache.so
extension=${pkgs.php74Extensions.memcached}/lib/php/extensions/memcached.so
'';
# services.phpfpm.phpPackage = myPhp;
}

6
services/wireguard.nix
View File

@@ -1,17 +1,17 @@
{ config, pkgs, ... }:
{
boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
environment.systemPackages = [ pkgs.wireguard ];
networking.firewall.allowedTCPPorts = [ 51820 ];
networking.firewall.allowedUDPPorts = [ 51820 ];
networking.wireguard.interfaces.wg0 = {
listenPort = 51820;
privateKeyFile = "/etc/nixos/services/wg0.key";
ips = [ "192.168.43.1/24" ];
ips = [ "192.168.43.1/32" ];
peers = [
{
allowedIPs = ["192.168.43.2"];
allowedIPs = ["192.168.43.2/32"];
publicKey = "wbeCSyurE/kiXooaqieRgoDHJiDBiw/CHvF5e+LCPlw=";
persistentKeepalive = 25;
}