changes
This commit is contained in:
1
hosts/web-01.cloonar.com/channel
Normal file
1
hosts/web-01.cloonar.com/channel
Normal file
@@ -0,0 +1 @@
|
||||
https://channels.nixos.org/nixos-24.05
|
||||
@@ -4,6 +4,7 @@
|
||||
./utils/modules/sops.nix
|
||||
./utils/modules/lego/lego.nix
|
||||
|
||||
|
||||
./modules/mysql.nix
|
||||
./utils/modules/nginx.nix
|
||||
./modules/bitwarden
|
||||
@@ -39,16 +40,13 @@
|
||||
# ./sites/tandem.paraclub.at.nix
|
||||
# ./sites/module.paraclub.at.nix
|
||||
|
||||
# ./sites/api.optiprot.cloonar.dev.nix
|
||||
./sites/cloonar.dev.nix
|
||||
./sites/paraclub.cloonar.dev.nix
|
||||
./sites/api.paraclub.cloonar.dev.nix
|
||||
./sites/tandem.paraclub.cloonar.dev.nix
|
||||
./sites/module.paraclub.cloonar.dev.nix
|
||||
./sites/gbv-aktuell.cloonar.dev.nix
|
||||
# ./sites/optiprot.cloonar.dev.nix
|
||||
# ./sites/mehr-leistbaren-wohnraum-schaffen.at.nix
|
||||
# ./sites/mehr-leistbaren-wohnraum-schaffen.cloonar.dev.nix
|
||||
./sites/stage.myhidden.life.nix
|
||||
];
|
||||
|
||||
nixpkgs.config.permittedInsecurePackages = [
|
||||
|
||||
@@ -90,14 +90,10 @@ in
|
||||
locations."/".extraConfig = "proxy_pass http://localhost:3001;";
|
||||
};
|
||||
|
||||
# TODO: fix for nixos 24.05
|
||||
services.postgresql.ensureUsers = [
|
||||
{
|
||||
name = "grafana";
|
||||
ensurePermissions = {
|
||||
"DATABASE \"grafana\"" = "ALL PRIVILEGES";
|
||||
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
|
||||
};
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
services.postgresql.ensureDatabases = [ "grafana" ];
|
||||
|
||||
@@ -46,13 +46,22 @@ in
|
||||
};
|
||||
chunk_encoding = "snappy";
|
||||
# Disable block transfers on shutdown
|
||||
max_transfer_retries = 0;
|
||||
};
|
||||
|
||||
# Storage
|
||||
storage_config = {
|
||||
boltdb.directory = "/var/lib/loki/boltdb";
|
||||
boltdb_shipper = {
|
||||
active_index_directory = "/var/lib/loki/index";
|
||||
cache_location = "/var/lib/loki/boltdb-cache";
|
||||
};
|
||||
tsdb_shipper = {
|
||||
active_index_directory = "/var/lib/loki/tsdb-index";
|
||||
cache_location = "/var/lib/loki/tsdb-cache";
|
||||
|
||||
};
|
||||
filesystem.directory = "/var/lib/loki/storage";
|
||||
|
||||
};
|
||||
|
||||
limits_config.retention_period = "48h";
|
||||
@@ -67,15 +76,26 @@ in
|
||||
retention_enabled = true;
|
||||
compaction_interval = "10m";
|
||||
working_directory = "/var/lib/loki/compactor";
|
||||
retention_delete_delay = "2h";
|
||||
retention_delete_worker_count = 150;
|
||||
delete_request_store = "filesystem";
|
||||
};
|
||||
|
||||
# Schema
|
||||
schema_config.configs = [
|
||||
{
|
||||
from = "2020-11-08";
|
||||
store = "boltdb";
|
||||
store = "boltdb-shipper";
|
||||
object_store = "filesystem";
|
||||
schema = "v11";
|
||||
schema = "v13";
|
||||
index.prefix = "index_";
|
||||
index.period = "24h";
|
||||
}
|
||||
{
|
||||
from = "2024-04-01";
|
||||
store = "tsdb";
|
||||
object_store = "filesystem";
|
||||
schema = "v13";
|
||||
index.prefix = "index_";
|
||||
index.period = "24h";
|
||||
}
|
||||
@@ -83,15 +103,15 @@ in
|
||||
|
||||
limits_config.ingestion_burst_size_mb = 16;
|
||||
|
||||
ruler = {
|
||||
storage = {
|
||||
type = "local";
|
||||
local.directory = rulerDir;
|
||||
};
|
||||
rule_path = "/var/lib/loki/ruler";
|
||||
alertmanager_url = "http://alertmanager.cloonar.com";
|
||||
ring.kvstore.store = "inmemory";
|
||||
};
|
||||
# ruler = {
|
||||
# storage = {
|
||||
# type = "local";
|
||||
# local.directory = rulerDir;
|
||||
# };
|
||||
# rule_path = "/var/lib/loki/ruler";
|
||||
# alertmanager_url = "http://alertmanager.cloonar.com";
|
||||
# ring.kvstore.store = "inmemory";
|
||||
# };
|
||||
|
||||
query_range.cache_results = true;
|
||||
query_range.parallelise_shardable_queries = false;
|
||||
|
||||
35
hosts/web-01.cloonar.com/sites/stage.myhidden.life.nix
Normal file
35
hosts/web-01.cloonar.com/sites/stage.myhidden.life.nix
Normal file
@@ -0,0 +1,35 @@
|
||||
{ pkgs, lib, config, ... }:
|
||||
{
|
||||
services.webstack.instances."stage.myhidden.life" = {
|
||||
enableDefaultLocations = false;
|
||||
enableMysql = true;
|
||||
authorizedKeys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCmLPJoHwL+d7dnc3aFLbRCDshxRSQ0dtAVv/LYBn2/PBlZcIyVO9drjr702GL9QuS5DQyjtoZjSOvv1ykBKedUwY3XDyyZgtqjleojKIFMXkdXtD5iG+RUraUfzcFCZU12BYXSeAXK1HmIjSDUtDOlp6lVVWxNpz1vWSRtA/+PULhP+n5Cj7232Wf372+EPfQPntOlcMbyrDLFtj7cUz+E6BH0qdX0l3QtIVnK/C1iagPAwLcwPJd9Sfs8lj5C4g8T9uBJa6OX+87lE4ySYY+Cik9BN59S0ctjXvWCFsPO3udQSC1mf33XdDenc2mbi+lZWTfrN8S2K5CsbxRsVBlbapFBRwufEpN4iQnaTu1QmzDrmktBFAPJ2jvjBJPIx6W3KOy3kUwh9WNhzd/ubf9dFTHzkTzgluo/Zk6/S8fTJiA4rbYKSkLw9Y265bvtR1kfUBLKSa/Axe5dkKysX1RNKfTJEwbh2TfIS3apQPZZc5kIEWfeK/6kbQX7WJZFtTs="
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJW5N11DiAUBfjPFCcFX3CRzF6zAWD2sxMC1+IGC73/2"
|
||||
];
|
||||
extraConfig = ''
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
|
||||
index index.php
|
||||
|
||||
charset utf-8;
|
||||
|
||||
error_page 404 /index.php;
|
||||
'';
|
||||
locations."/favicon.ico".extraConfig = ''
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
'';
|
||||
locations."/robots.txt".extraConfig = ''
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
'';
|
||||
|
||||
locations."/".extraConfig = ''
|
||||
try_files $uri $uri/ /index.php$is_args$args;
|
||||
'';
|
||||
phpPackage = pkgs.php82.withExtensions ({ enabled, all }:
|
||||
enabled ++ [ all.imagick ]);
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user