diff --git a/services/haproxy-acme.nix b/services/haproxy-acme.nix index 4309e95..fe72ce6 100644 --- a/services/haproxy-acme.nix +++ b/services/haproxy-acme.nix @@ -84,7 +84,7 @@ in enable = mkEnableOption "HAproxy + ACME"; domaine = mkOption { - type = types.str; + type = types.string; example = "example.com"; description = '' Sous domaine à utiliser @@ -140,6 +140,7 @@ in ''; }; }; + security.acme.directory = "/var/lib/acme"; users.groups.acme.members = [ "haproxy" ]; diff --git a/services/mail-server.nix b/services/mail-server.nix index 15a5288..b104820 100644 --- a/services/mail-server.nix +++ b/services/mail-server.nix @@ -9,7 +9,7 @@ in options.services.mailserver = { enable = mkEnableOption "Mail Server"; domaine = mkOption { - type = types.str; + type = types.string; example = "example.com"; description = "Nom de domaine du serveur de mails"; }; diff --git a/services/site-musique.nix b/services/site-musique.nix index ff4fde4..62cee74 100644 --- a/services/site-musique.nix +++ b/services/site-musique.nix @@ -37,7 +37,7 @@ in extraConfig = '' location ~* \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:${config.services.phpfpm.pools.musique.socket}; + fastcgi_pass unix:/run/phpfpm/musique; include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi.conf; } @@ -46,22 +46,21 @@ in }; }; - services.phpfpm.pools.musique = { - user = "nginx"; - settings = { - "listen.owner" = "nginx"; - "listen.group" = "nginx"; - "listen.mode" = "0660"; - "pm" = "dynamic"; - "pm.max_children" = 75; - "pm.start_servers" = 2; - "pm.min_spare_servers" = 1; - "pm.max_spare_servers" = 20; - "pm.max_requests" = 500; - "php_admin_value[error_log]" = "stderr"; - "php_admin_flag[log_errors]" = "on"; - "catch_workers_output" = "yes"; - }; - }; + services.phpfpm.poolConfigs.musique = '' + listen = /run/phpfpm/musique + listen.owner = nginx + listen.group = nginx + listen.mode = 0660 + user = nginx + pm = dynamic + pm.max_children = 75 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 20 + pm.max_requests = 500 + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; }; } diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix index 3cb1df7..bc6be76 100644 --- a/systems/LoutreOS/configuration.nix +++ b/systems/LoutreOS/configuration.nix @@ -33,7 +33,7 @@ in ]; nixpkgs.config.allowUnfree = false; - nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (builtins.parseDrvName pkg.pname).name [ "factorio-headless" "perl5.30.0-slimserver" "minecraft-server" ]); + nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.28.1-slimserver" "minecraft-server" ]); services.zfs = { autoSnapshot.enable = true; diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix index 1a36b6e..8951e9d 100644 --- a/systems/LoutreOS/services.nix +++ b/systems/LoutreOS/services.nix @@ -11,7 +11,6 @@ let musique_port = 52349; factorio_port = 52351; airsonic_port = 4040; - wkd_port = 52352; jellyfin_backend = '' http-request set-header X-Forwarded-Port %[dst_port] @@ -92,7 +91,6 @@ in "ci.${domaine}" = { ip = "127.0.0.1"; port = 52350; auth = false; }; "factorio.${domaine}" = { ip = "127.0.0.1"; port = factorio_port; auth = false; }; "airsonic.${domaine}" = { ip = "127.0.0.1"; port = airsonic_port; auth = false; }; - "${domaine}" = { ip = "127.0.0.1"; port = wkd_port; auth = false; }; }; }; @@ -244,15 +242,6 @@ in listen = [ { addr = "127.0.0.1"; port = factorio_port; } ]; locations = { "/" = { root = "/var/www/factorio"; }; }; }; - "wkd" = { - listen = [ { addr = "127.0.0.1"; port = wkd_port; } ]; - locations = { "/.well-known/openpgpkey/" = { - alias = "/var/lib/gnupg/wks/nyanlout.re"; - extraConfig = '' - add_header Access-Control-Allow-Origin * always; - ''; - }; }; - }; }; }; @@ -412,7 +401,7 @@ in database = { type = "postgres"; port = 5432; - passwordFile = "/var/lib/gitea/custom/conf/database_password"; + passwordFile = "/mnt/secrets/gitea_database_passwordFile"; }; log.level = "Warn"; extraConfig = ''