From 2f85a4ae5975f608431fcf95cd6282d35418f885 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Dec 2021 21:10:42 +0100 Subject: [PATCH 1/3] ma uhub: update plugin settings --- makefu/2configs/dcpp/hub.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index b8ca49b74..5a88f5ef8 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -63,8 +63,11 @@ in { networking.firewall.extraCommands = '' iptables -A PREROUTING -t nat -i ${ext-if} -p tcp --dport 411 -j REDIRECT --to-port 1511 ''; - systemd.services.uhub.serviceConfig = { + systemd.services.uhub-home.serviceConfig = { PrivateTmp = true; + DynamicUser = lib.mkForce false; + User = "uhub"; + WorkingDirectory = uhubDir; PermissionsStartOnly = true; ExecStartPre = pkgs.writeDash "uhub-pre" '' cp -f ${toString } ${uhubDir}/uhub.crt @@ -86,6 +89,7 @@ in { group = "uhub"; }; users.groups.uhub = {}; + services.uhub.home = { enable = true; enableTLS = true; @@ -103,13 +107,12 @@ in { } { plugin = "${pkgs.uhub}/plugins/mod_welcome.so"; - settings.motd = "shareit"; - settings.rules = "1. Don't be an asshole"; + settings.motd = toString (pkgs.writeText "motd" "shareit"); + settings.rules = toString (pkgs.writeText "rules" "1. Don't be an asshole"); } { - plugin = "${pkgs.uhub}/plugins/mod_history.so"; - settings.motd = "shareit"; - settings.rules = "1. Don't be an asshole"; + plugin = "${pkgs.uhub}/plugins/mod_chat_history.so"; + settings = {}; } ]; }; From f58d9d52ad665b1150e9914d7178190895fed361 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Dec 2021 21:11:01 +0100 Subject: [PATCH 2/3] ma owncloud: update to 22 --- makefu/2configs/deployment/owncloud.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index 0593cf7fc..610ba75fe 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -49,7 +49,7 @@ in { services.nextcloud = { enable = true; - package = pkgs.nextcloud21; + package = pkgs.nextcloud22; hostName = "o.euer.krebsco.de"; # Use HTTPS for links https = true; From 26e0cca2e22fde8ae150354d949d9cfeb8b1833b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Dec 2021 21:11:21 +0100 Subject: [PATCH 3/3] ma bitwarden: finish migration --- makefu/2configs/bitwarden.nix | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/makefu/2configs/bitwarden.nix b/makefu/2configs/bitwarden.nix index 7e317e596..92c1c4e0e 100644 --- a/makefu/2configs/bitwarden.nix +++ b/makefu/2configs/bitwarden.nix @@ -2,7 +2,7 @@ let port = 8812; in { - services.bitwarden_rs = { + services.vaultwarden = { enable = true; dbBackend = "postgresql"; config.signups_allowed = false; @@ -13,17 +13,15 @@ in { config.websocket_enabled = true; }; - systemd.services.bitwarden_rs.after = [ "postgresql.service" ]; + systemd.services.vaultwarden.after = [ "postgresql.service" ]; services.postgresql = { enable = true; ensureDatabases = [ "bitwarden" ]; - ensureUsers = [ { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } ]; - #initialScript = pkgs.writeText "postgresql-init.sql" '' - # CREATE DATABASE bitwarden; - # CREATE USER bitwardenuser WITH PASSWORD '${dbPassword}'; - # GRANT ALL PRIVILEGES ON DATABASE bitwarden TO bitwardenuser; - #''; + ensureUsers = [ + { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } + { name = "vaultwarden"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } + ]; }; services.nginx.virtualHosts."bw.euer.krebsco.de" ={