From ac2ee4b50c0da6a5aa685a1df24ea724206cc184 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Thu, 10 Oct 2019 23:50:17 +0200 Subject: [PATCH 1/4] service wkd PGP --- systems/LoutreOS/services.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix index 8951e9d..1ef512f 100644 --- a/systems/LoutreOS/services.nix +++ b/systems/LoutreOS/services.nix @@ -11,6 +11,7 @@ let musique_port = 52349; factorio_port = 52351; airsonic_port = 4040; + wkd_port = 52352; jellyfin_backend = '' http-request set-header X-Forwarded-Port %[dst_port] @@ -91,6 +92,7 @@ in "ci.${domaine}" = { ip = "127.0.0.1"; port = 52350; auth = false; }; "factorio.${domaine}" = { ip = "127.0.0.1"; port = factorio_port; auth = false; }; "airsonic.${domaine}" = { ip = "127.0.0.1"; port = airsonic_port; auth = false; }; + "${domaine}" = { ip = "127.0.0.1"; port = wkd_port; auth = false; }; }; }; @@ -242,6 +244,15 @@ in listen = [ { addr = "127.0.0.1"; port = factorio_port; } ]; locations = { "/" = { root = "/var/www/factorio"; }; }; }; + "wkd" = { + listen = [ { addr = "127.0.0.1"; port = wkd_port; } ]; + locations = { "/.well-known/openpgpkey/" = { + alias = "/var/lib/gnupg/wks/nyanlout.re"; + extraConfig = '' + add_header Access-Control-Allow-Origin * always; + ''; + }; }; + }; }; }; From e028e0b545ff2bfd9b1bff73d5152aff4e8059f5 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Fri, 4 Oct 2019 22:31:43 +0200 Subject: [PATCH 2/4] ajout serveur Minecraft --- systems/LoutreOS/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix index bc6be76..51cee57 100644 --- a/systems/LoutreOS/configuration.nix +++ b/systems/LoutreOS/configuration.nix @@ -33,7 +33,7 @@ in ]; nixpkgs.config.allowUnfree = false; - nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.28.1-slimserver" "minecraft-server" ]); + nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.30.0-slimserver" "minecraft-server" ]); services.zfs = { autoSnapshot.enable = true; From b8b055d492efc9cfb12c96d698e63e9ef5cd5d8c Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Fri, 4 Oct 2019 22:36:31 +0200 Subject: [PATCH 3/4] changements pour 19.09 --- services/haproxy-acme.nix | 3 +-- services/mail-server.nix | 2 +- services/site-musique.nix | 35 +++++++++++++++--------------- systems/LoutreOS/configuration.nix | 2 +- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/services/haproxy-acme.nix b/services/haproxy-acme.nix index fe72ce6..4309e95 100644 --- a/services/haproxy-acme.nix +++ b/services/haproxy-acme.nix @@ -84,7 +84,7 @@ in enable = mkEnableOption "HAproxy + ACME"; domaine = mkOption { - type = types.string; + type = types.str; example = "example.com"; description = '' Sous domaine à utiliser @@ -140,7 +140,6 @@ in ''; }; }; - security.acme.directory = "/var/lib/acme"; users.groups.acme.members = [ "haproxy" ]; diff --git a/services/mail-server.nix b/services/mail-server.nix index b104820..15a5288 100644 --- a/services/mail-server.nix +++ b/services/mail-server.nix @@ -9,7 +9,7 @@ in options.services.mailserver = { enable = mkEnableOption "Mail Server"; domaine = mkOption { - type = types.string; + type = types.str; example = "example.com"; description = "Nom de domaine du serveur de mails"; }; diff --git a/services/site-musique.nix b/services/site-musique.nix index 62cee74..ff4fde4 100644 --- a/services/site-musique.nix +++ b/services/site-musique.nix @@ -37,7 +37,7 @@ in extraConfig = '' location ~* \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/run/phpfpm/musique; + fastcgi_pass unix:${config.services.phpfpm.pools.musique.socket}; include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi.conf; } @@ -46,21 +46,22 @@ in }; }; - services.phpfpm.poolConfigs.musique = '' - listen = /run/phpfpm/musique - listen.owner = nginx - listen.group = nginx - listen.mode = 0660 - user = nginx - pm = dynamic - pm.max_children = 75 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 20 - pm.max_requests = 500 - php_admin_value[error_log] = 'stderr' - php_admin_flag[log_errors] = on - catch_workers_output = yes - ''; + services.phpfpm.pools.musique = { + user = "nginx"; + settings = { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + "listen.mode" = "0660"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 1; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + "php_admin_value[error_log]" = "stderr"; + "php_admin_flag[log_errors]" = "on"; + "catch_workers_output" = "yes"; + }; + }; }; } diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix index 51cee57..3cb1df7 100644 --- a/systems/LoutreOS/configuration.nix +++ b/systems/LoutreOS/configuration.nix @@ -33,7 +33,7 @@ in ]; nixpkgs.config.allowUnfree = false; - nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.30.0-slimserver" "minecraft-server" ]); + nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (builtins.parseDrvName pkg.pname).name [ "factorio-headless" "perl5.30.0-slimserver" "minecraft-server" ]); services.zfs = { autoSnapshot.enable = true; From e10c46d37ed8345120be10e354f57e3f7f81c4d3 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Fri, 11 Oct 2019 00:24:15 +0200 Subject: [PATCH 4/4] gitea: fix database password file --- systems/LoutreOS/services.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix index 1ef512f..1a36b6e 100644 --- a/systems/LoutreOS/services.nix +++ b/systems/LoutreOS/services.nix @@ -412,7 +412,7 @@ in database = { type = "postgres"; port = 5432; - passwordFile = "/mnt/secrets/gitea_database_passwordFile"; + passwordFile = "/var/lib/gitea/custom/conf/database_password"; }; log.level = "Warn"; extraConfig = ''