curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity

post(nixos): fix systemd start rate-limits 

- https://github.com/NixOS/nixpkgs/pull/97512
This commit is contained in:
MDLeom 2020-09-09 08:42:42 +00:00
parent 7712e5efe7
commit 1cb712b5e3
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
4 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source/_posts/caddy-nixos-part-3.md
View File

@ -2,7 +2,7 @@
title: "Setup Caddy as a reverse proxy on NixOS (Part 3: Caddy)" title: "Setup Caddy as a reverse proxy on NixOS (Part 3: Caddy)"
excerpt: "Part 3: Configure Caddy" excerpt: "Part 3: Configure Caddy"
date: 2020-03-14 date: 2020-03-14
updated: 2020-04-08 updated: 2020-09-09
tags: tags:
- server - server
- linux - linux
@ -100,6 +100,8 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
environment = mkIf (versionAtLeast config.system.stateVersion "17.09") environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
{ CADDYPATH = cfg.dataDir; }; { CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
serviceConfig = { serviceConfig = {
ExecStart = '' ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
@ -109,8 +111,6 @@ in {
User = "caddyProxy"; User = "caddyProxy";
Group = "caddyProxy"; Group = "caddyProxy";
Restart = "on-failure"; Restart = "on-failure";
StartLimitInterval = 86400;
StartLimitBurst = 5;
NoNewPrivileges = true; NoNewPrivileges = true;
LimitNPROC = 64; LimitNPROC = 64;
LimitNOFILE = 1048576; LimitNOFILE = 1048576;

6
source/_posts/caddy-v2-nixos.md
View File

@ -2,7 +2,7 @@
title: Running Caddy 2 in NixOS 20.03 title: Running Caddy 2 in NixOS 20.03
excerpt: Use stable v2 instead of beta release excerpt: Use stable v2 instead of beta release
date: 2020-05-24 date: 2020-05-24
updated: 2020-08-30 updated: 2020-09-09
tags: tags:
- server - server
- caddy - caddy
@ -79,6 +79,8 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2) environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2)
{ CADDYPATH = cfg.dataDir; }; { CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
serviceConfig = { serviceConfig = {
ExecStart = if isCaddy2 then '' ExecStart = if isCaddy2 then ''
${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter} ${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter}
@ -95,8 +97,6 @@ in {
User = "caddy"; User = "caddy";
Group = "caddy"; Group = "caddy";
Restart = "on-failure"; Restart = "on-failure";
StartLimitInterval = 86400;
StartLimitBurst = 5;
NoNewPrivileges = true; NoNewPrivileges = true;
LimitNPROC = 64; LimitNPROC = 64;
LimitNOFILE = 1048576; LimitNOFILE = 1048576;

6
source/_posts/i2p-eepsite-nixos.md
View File

@ -2,7 +2,7 @@
title: "How to make your website available over I2P Eepsite on NixOS" title: "How to make your website available over I2P Eepsite on NixOS"
excerpt: "A guide on I2P Eepsite on NixOS" excerpt: "A guide on I2P Eepsite on NixOS"
date: 2020-03-21 date: 2020-03-21
updated: 2020-04-22 updated: 2020-09-09
tags: tags:
- server - server
- linux - linux
@ -148,6 +148,8 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
environment = mkIf (versionAtLeast config.system.stateVersion "17.09") environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
{ CADDYPATH = cfg.dataDir; }; { CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
serviceConfig = { serviceConfig = {
ExecStart = '' ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
@ -157,8 +159,6 @@ in {
User = "caddyI2p"; User = "caddyI2p";
Group = "caddyI2p"; Group = "caddyI2p";
Restart = "on-failure"; Restart = "on-failure";
StartLimitInterval = 86400;
StartLimitBurst = 5;
NoNewPrivileges = true; NoNewPrivileges = true;
LimitNPROC = 64; LimitNPROC = 64;
LimitNOFILE = 1048576; LimitNOFILE = 1048576;

6
source/_posts/tor-hidden-onion-nixos.md
View File

@ -2,7 +2,7 @@
title: "How to make your website available over Tor hidden service on NixOS" title: "How to make your website available over Tor hidden service on NixOS"
excerpt: "A guide on Tor hidden service on NixOS" excerpt: "A guide on Tor hidden service on NixOS"
date: 2020-03-16 date: 2020-03-16
updated: 2020-04-22 updated: 2020-09-09
tags: tags:
- server - server
- linux - linux
@ -123,6 +123,8 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
environment = mkIf (versionAtLeast config.system.stateVersion "17.09") environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
{ CADDYPATH = cfg.dataDir; }; { CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
serviceConfig = { serviceConfig = {
ExecStart = '' ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
@ -132,8 +134,6 @@ in {
User = "caddyTor"; User = "caddyTor";
Group = "caddyTor"; Group = "caddyTor";
Restart = "on-failure"; Restart = "on-failure";
StartLimitInterval = 86400;
StartLimitBurst = 5;
NoNewPrivileges = true; NoNewPrivileges = true;
LimitNPROC = 64; LimitNPROC = 64;
LimitNOFILE = 1048576; LimitNOFILE = 1048576;