Merge remote-tracking branch 'gum/master'

2021-12-20 21:24:11 +01:00 · 2021-12-20 21:24:11 +01:00 · d77dd95689
commit d77dd95689
parent 5b71cbae40 26e0cca2e2
3 changed files with 16 additions and 15 deletions
--- a/makefu/2configs/bitwarden.nix
+++ b/makefu/2configs/bitwarden.nix
@ -2,7 +2,7 @@
 let
  port = 8812;
 in {
-  services.bitwarden_rs = {
+  services.vaultwarden = {
    enable = true;
    dbBackend = "postgresql";
    config.signups_allowed = false;
@ -13,17 +13,15 @@ in {
    config.websocket_enabled = true;
  };

-  systemd.services.bitwarden_rs.after = [ "postgresql.service" ];
+  systemd.services.vaultwarden.after = [ "postgresql.service" ];

  services.postgresql = {
    enable = true;
    ensureDatabases = [ "bitwarden" ];
-    ensureUsers = [ { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } ];
-    #initialScript = pkgs.writeText "postgresql-init.sql" ''
-    #  CREATE DATABASE bitwarden;
-    #  CREATE USER bitwardenuser WITH PASSWORD '${dbPassword}';
-    #  GRANT ALL PRIVILEGES ON DATABASE bitwarden TO bitwardenuser;
-    #'';
+    ensureUsers = [
+      { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } 
+      { name = "vaultwarden"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } 
+    ];
  };

  services.nginx.virtualHosts."bw.euer.krebsco.de" ={
--- a/makefu/2configs/dcpp/hub.nix
+++ b/makefu/2configs/dcpp/hub.nix
@ -63,8 +63,11 @@ in {
  networking.firewall.extraCommands = ''
    iptables -A PREROUTING -t nat -i ${ext-if} -p tcp --dport 411 -j REDIRECT --to-port 1511
  '';
-  systemd.services.uhub.serviceConfig = {
+  systemd.services.uhub-home.serviceConfig = {
    PrivateTmp = true;
+    DynamicUser = lib.mkForce false;
+    User = "uhub";
+    WorkingDirectory = uhubDir;
    PermissionsStartOnly = true;
    ExecStartPre = pkgs.writeDash "uhub-pre" ''
      cp -f ${toString <secrets/wildcard.krebsco.de.crt>} ${uhubDir}/uhub.crt
@ -86,6 +89,7 @@ in {
    group = "uhub";
  };
  users.groups.uhub = {};
+
  services.uhub.home = {
    enable = true;
    enableTLS = true;
@ -103,13 +107,12 @@ in {
      }
      {
        plugin = "${pkgs.uhub}/plugins/mod_welcome.so";
-        settings.motd = "shareit";
-        settings.rules = "1. Don't be an asshole";
+        settings.motd = toString (pkgs.writeText "motd" "shareit");
+        settings.rules = toString (pkgs.writeText "rules" "1. Don't be an asshole");
      }
      {
-        plugin = "${pkgs.uhub}/plugins/mod_history.so";
-        settings.motd = "shareit";
-        settings.rules = "1. Don't be an asshole";
+        plugin = "${pkgs.uhub}/plugins/mod_chat_history.so";
+        settings = {};
      }
    ];
  };
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@ -49,7 +49,7 @@ in {

  services.nextcloud = {
    enable = true;
-    package = pkgs.nextcloud21;
+    package = pkgs.nextcloud22;
    hostName = "o.euer.krebsco.de";
    # Use HTTPS for links
    https = true;