Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'gum/master'

Browse Source
This commit is contained in:
lassulus 2021-12-20 21:24:11 +01:00
commit d77dd95689
3 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
makefu/2configs/bitwarden.nix
View File

@ -2,7 +2,7 @@
let let
port = 8812; port = 8812;
in { in {
services.bitwarden_rs = { services.vaultwarden = {
enable = true; enable = true;
dbBackend = "postgresql"; dbBackend = "postgresql";
config.signups_allowed = false; config.signups_allowed = false;
@ -13,17 +13,15 @@ in {
config.websocket_enabled = true; config.websocket_enabled = true;
}; };
systemd.services.bitwarden_rs.after = [ "postgresql.service" ]; systemd.services.vaultwarden.after = [ "postgresql.service" ];
services.postgresql = { services.postgresql = {
enable = true; enable = true;
ensureDatabases = [ "bitwarden" ]; ensureDatabases = [ "bitwarden" ];
ensureUsers = [ { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } ]; ensureUsers = [
#initialScript = pkgs.writeText "postgresql-init.sql" '' { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; }
# CREATE DATABASE bitwarden; { name = "vaultwarden"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; }
# CREATE USER bitwardenuser WITH PASSWORD '${dbPassword}'; ];
# GRANT ALL PRIVILEGES ON DATABASE bitwarden TO bitwardenuser;
#'';
}; };
services.nginx.virtualHosts."bw.euer.krebsco.de" ={ services.nginx.virtualHosts."bw.euer.krebsco.de" ={

15
makefu/2configs/dcpp/hub.nix
View File

@ -63,8 +63,11 @@ in {
networking.firewall.extraCommands = '' networking.firewall.extraCommands = ''
iptables -A PREROUTING -t nat -i ${ext-if} -p tcp --dport 411 -j REDIRECT --to-port 1511 iptables -A PREROUTING -t nat -i ${ext-if} -p tcp --dport 411 -j REDIRECT --to-port 1511
''; '';
systemd.services.uhub.serviceConfig = { systemd.services.uhub-home.serviceConfig = {
PrivateTmp = true; PrivateTmp = true;
DynamicUser = lib.mkForce false;
User = "uhub";
WorkingDirectory = uhubDir;
PermissionsStartOnly = true; PermissionsStartOnly = true;
ExecStartPre = pkgs.writeDash "uhub-pre" '' ExecStartPre = pkgs.writeDash "uhub-pre" ''
cp -f ${toString <secrets/wildcard.krebsco.de.crt>} ${uhubDir}/uhub.crt cp -f ${toString <secrets/wildcard.krebsco.de.crt>} ${uhubDir}/uhub.crt
@ -86,6 +89,7 @@ in {
group = "uhub"; group = "uhub";
}; };
users.groups.uhub = {}; users.groups.uhub = {};
services.uhub.home = { services.uhub.home = {
enable = true; enable = true;
enableTLS = true; enableTLS = true;
@ -103,13 +107,12 @@ in {
} }
{ {
plugin = "${pkgs.uhub}/plugins/mod_welcome.so"; plugin = "${pkgs.uhub}/plugins/mod_welcome.so";
settings.motd = "shareit"; settings.motd = toString (pkgs.writeText "motd" "shareit");
settings.rules = "1. Don't be an asshole"; settings.rules = toString (pkgs.writeText "rules" "1. Don't be an asshole");
} }
{ {
plugin = "${pkgs.uhub}/plugins/mod_history.so"; plugin = "${pkgs.uhub}/plugins/mod_chat_history.so";
settings.motd = "shareit"; settings = {};
settings.rules = "1. Don't be an asshole";
} }
]; ];
}; };

2
makefu/2configs/deployment/owncloud.nix
View File

@ -49,7 +49,7 @@ in {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud21; package = pkgs.nextcloud22;
hostName = "o.euer.krebsco.de"; hostName = "o.euer.krebsco.de";
# Use HTTPS for links # Use HTTPS for links
https = true; https = true;