From fe517173363af7547b7d6ba11703d698a9370791 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jul 2022 20:25:00 +0200 Subject: [PATCH 1/5] LoutreOS: update nixos-mailserver --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 28f27a2..38aa468 100644 --- a/flake.nix +++ b/flake.nix @@ -4,10 +4,10 @@ nixpkgs-unstable.url = "flake:nixpkgs/nixos-unstable"; utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1"; simple-nixos-mailserver = { - url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.11"; + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.05"; inputs = { nixpkgs.follows = "nixpkgs-unstable"; - nixpkgs-21_11.follows = "nixpkgs"; + nixpkgs-22_05.follows = "nixpkgs"; }; }; dogetipbot-telegram = { From 4f0c846880194dd9ca2e5bfc0139b690ac7b83d3 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jul 2022 20:25:04 +0200 Subject: [PATCH 2/5] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file changes: • Updated input 'simple-nixos-mailserver': 'gitlab:simple-nixos-mailserver/nixos-mailserver/6e3a7b2ea6f0d68b82027b988aa25d3423787303' (2021-12-07) → 'gitlab:simple-nixos-mailserver/nixos-mailserver/f535d8123c4761b2ed8138f3d202ea710a334a1d' (2022-06-22) • Removed input 'simple-nixos-mailserver/nixpkgs-21_05' • Removed input 'simple-nixos-mailserver/nixpkgs-21_11' • Added input 'simple-nixos-mailserver/nixpkgs-22_05': follows 'nixpkgs' --- flake.lock | 26 +++++--------------------- 1 file changed, 5 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index e513dfb..7593ec2 100644 --- a/flake.lock +++ b/flake.lock @@ -88,21 +88,6 @@ "type": "indirect" } }, - "nixpkgs-21_05": { - "locked": { - "lastModified": 1625692408, - "narHash": "sha256-e9L3TLLDVIJpMnHtiNHJE62oOh6emRtSZ244bgYJUZs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "c06613c25df3fe1dd26243847a3c105cf6770627", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-21.05", - "type": "indirect" - } - }, "nixpkgs-unstable": { "locked": { "lastModified": 1656835607, @@ -134,23 +119,22 @@ "nixpkgs": [ "nixpkgs-unstable" ], - "nixpkgs-21_05": "nixpkgs-21_05", - "nixpkgs-21_11": [ + "nixpkgs-22_05": [ "nixpkgs" ], "utils": "utils" }, "locked": { - "lastModified": 1638911354, - "narHash": "sha256-hNhzLOp+dApEY15vwLAQZu+sjEQbJcOXCaSfAT6lpsQ=", + "lastModified": 1655930346, + "narHash": "sha256-ht56HHOzEhjeIgAv5ZNFjSVX/in1YlUs0HG9c1EUXTM=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "6e3a7b2ea6f0d68b82027b988aa25d3423787303", + "rev": "f535d8123c4761b2ed8138f3d202ea710a334a1d", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-21.11", + "ref": "nixos-22.05", "repo": "nixos-mailserver", "type": "gitlab" } From be051f67d3f7ab090935898726e0c5e52acbe5b8 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jul 2022 20:40:48 +0200 Subject: [PATCH 3/5] LoutreOS: disable redis --- systems/LoutreOS/services.nix | 2 +- systems/LoutreOS/web.nix | 26 +++++++++++++------------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix index 2411cb4..be75dfe 100644 --- a/systems/LoutreOS/services.nix +++ b/systems/LoutreOS/services.nix @@ -90,7 +90,7 @@ in secure_ip = ["0.0.0.0/0"]; ''; - redis.enable = true; + # redis.enable = true; logrotate = { enable = true; diff --git a/systems/LoutreOS/web.nix b/systems/LoutreOS/web.nix index ce8599f..dc20e52 100644 --- a/systems/LoutreOS/web.nix +++ b/systems/LoutreOS/web.nix @@ -65,19 +65,19 @@ in services = { phpfpm.pools = { - work = { - user = config.users.users.work.name; - phpPackage = pkgs.php.withExtensions ({ all, ... }: with all; [ redis filter ]); - settings = { - "listen.owner" = config.services.nginx.user; - "pm" = "dynamic"; - "pm.max_children" = 75; - "pm.start_servers" = 10; - "pm.min_spare_servers" = 5; - "pm.max_spare_servers" = 20; - "pm.max_requests" = 500; - }; - }; + # work = { + # user = config.users.users.work.name; + # phpPackage = pkgs.php.withExtensions ({ all, ... }: with all; [ redis filter ]); + # settings = { + # "listen.owner" = config.services.nginx.user; + # "pm" = "dynamic"; + # "pm.max_children" = 75; + # "pm.start_servers" = 10; + # "pm.min_spare_servers" = 5; + # "pm.max_spare_servers" = 20; + # "pm.max_requests" = 500; + # }; + # }; drive = { user = config.users.users.webdav.name; settings = { From 349d25b20103faa33eaf90320b6c00507e8099b3 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jul 2022 20:41:04 +0200 Subject: [PATCH 4/5] LoutreOS: keep default logrotate config --- systems/LoutreOS/services.nix | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix index be75dfe..ce7f4aa 100644 --- a/systems/LoutreOS/services.nix +++ b/systems/LoutreOS/services.nix @@ -92,20 +92,8 @@ in # redis.enable = true; - logrotate = { - enable = true; - paths = { - nginx = { - path = "/var/log/nginx/*.log"; - user = config.services.nginx.user; - group = config.services.nginx.group; - keep = 7; - extraConfig = '' - compress - ''; - }; - }; - }; + # enable with nginx defult config + logrotate.enable = true; fail2ban.enable = true; From 89a8d3baa6ef7d39a435994d3186fbc9f5546164 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jul 2022 20:41:35 +0200 Subject: [PATCH 5/5] LoutreOS: fix acme config --- systems/LoutreOS/web.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/LoutreOS/web.nix b/systems/LoutreOS/web.nix index dc20e52..7917507 100644 --- a/systems/LoutreOS/web.nix +++ b/systems/LoutreOS/web.nix @@ -44,7 +44,7 @@ let in { security.acme = { - email = "paul@nyanlout.re"; + defaults.email = "paul@nyanlout.re"; acceptTerms = true; };