mirror of https://gitlab.com/curben/blog
post(nixos): fix systemd start rate-limits
- https://github.com/NixOS/nixpkgs/pull/97512
This commit is contained in:
parent
7712e5efe7
commit
1cb712b5e3
|
@ -2,7 +2,7 @@
|
||||||
title: "Setup Caddy as a reverse proxy on NixOS (Part 3: Caddy)"
|
title: "Setup Caddy as a reverse proxy on NixOS (Part 3: Caddy)"
|
||||||
excerpt: "Part 3: Configure Caddy"
|
excerpt: "Part 3: Configure Caddy"
|
||||||
date: 2020-03-14
|
date: 2020-03-14
|
||||||
updated: 2020-04-08
|
updated: 2020-09-09
|
||||||
tags:
|
tags:
|
||||||
- server
|
- server
|
||||||
- linux
|
- linux
|
||||||
|
@ -100,6 +100,8 @@ in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
||||||
{ CADDYPATH = cfg.dataDir; };
|
{ CADDYPATH = cfg.dataDir; };
|
||||||
|
startLimitIntervalSec = 86400;
|
||||||
|
startLimitBurst = 5;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = ''
|
ExecStart = ''
|
||||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||||
|
@ -109,8 +111,6 @@ in {
|
||||||
User = "caddyProxy";
|
User = "caddyProxy";
|
||||||
Group = "caddyProxy";
|
Group = "caddyProxy";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
StartLimitInterval = 86400;
|
|
||||||
StartLimitBurst = 5;
|
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
LimitNPROC = 64;
|
LimitNPROC = 64;
|
||||||
LimitNOFILE = 1048576;
|
LimitNOFILE = 1048576;
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
title: Running Caddy 2 in NixOS 20.03
|
title: Running Caddy 2 in NixOS 20.03
|
||||||
excerpt: Use stable v2 instead of beta release
|
excerpt: Use stable v2 instead of beta release
|
||||||
date: 2020-05-24
|
date: 2020-05-24
|
||||||
updated: 2020-08-30
|
updated: 2020-09-09
|
||||||
tags:
|
tags:
|
||||||
- server
|
- server
|
||||||
- caddy
|
- caddy
|
||||||
|
@ -79,6 +79,8 @@ in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2)
|
environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2)
|
||||||
{ CADDYPATH = cfg.dataDir; };
|
{ CADDYPATH = cfg.dataDir; };
|
||||||
|
startLimitIntervalSec = 86400;
|
||||||
|
startLimitBurst = 5;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = if isCaddy2 then ''
|
ExecStart = if isCaddy2 then ''
|
||||||
${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter}
|
${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter}
|
||||||
|
@ -95,8 +97,6 @@ in {
|
||||||
User = "caddy";
|
User = "caddy";
|
||||||
Group = "caddy";
|
Group = "caddy";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
StartLimitInterval = 86400;
|
|
||||||
StartLimitBurst = 5;
|
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
LimitNPROC = 64;
|
LimitNPROC = 64;
|
||||||
LimitNOFILE = 1048576;
|
LimitNOFILE = 1048576;
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
title: "How to make your website available over I2P Eepsite on NixOS"
|
title: "How to make your website available over I2P Eepsite on NixOS"
|
||||||
excerpt: "A guide on I2P Eepsite on NixOS"
|
excerpt: "A guide on I2P Eepsite on NixOS"
|
||||||
date: 2020-03-21
|
date: 2020-03-21
|
||||||
updated: 2020-04-22
|
updated: 2020-09-09
|
||||||
tags:
|
tags:
|
||||||
- server
|
- server
|
||||||
- linux
|
- linux
|
||||||
|
@ -148,6 +148,8 @@ in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
||||||
{ CADDYPATH = cfg.dataDir; };
|
{ CADDYPATH = cfg.dataDir; };
|
||||||
|
startLimitIntervalSec = 86400;
|
||||||
|
startLimitBurst = 5;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = ''
|
ExecStart = ''
|
||||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||||
|
@ -157,8 +159,6 @@ in {
|
||||||
User = "caddyI2p";
|
User = "caddyI2p";
|
||||||
Group = "caddyI2p";
|
Group = "caddyI2p";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
StartLimitInterval = 86400;
|
|
||||||
StartLimitBurst = 5;
|
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
LimitNPROC = 64;
|
LimitNPROC = 64;
|
||||||
LimitNOFILE = 1048576;
|
LimitNOFILE = 1048576;
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
title: "How to make your website available over Tor hidden service on NixOS"
|
title: "How to make your website available over Tor hidden service on NixOS"
|
||||||
excerpt: "A guide on Tor hidden service on NixOS"
|
excerpt: "A guide on Tor hidden service on NixOS"
|
||||||
date: 2020-03-16
|
date: 2020-03-16
|
||||||
updated: 2020-04-22
|
updated: 2020-09-09
|
||||||
tags:
|
tags:
|
||||||
- server
|
- server
|
||||||
- linux
|
- linux
|
||||||
|
@ -123,6 +123,8 @@ in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
||||||
{ CADDYPATH = cfg.dataDir; };
|
{ CADDYPATH = cfg.dataDir; };
|
||||||
|
startLimitIntervalSec = 86400;
|
||||||
|
startLimitBurst = 5;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = ''
|
ExecStart = ''
|
||||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||||
|
@ -132,8 +134,6 @@ in {
|
||||||
User = "caddyTor";
|
User = "caddyTor";
|
||||||
Group = "caddyTor";
|
Group = "caddyTor";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
StartLimitInterval = 86400;
|
|
||||||
StartLimitBurst = 5;
|
|
||||||
NoNewPrivileges = true;
|
NoNewPrivileges = true;
|
||||||
LimitNPROC = 64;
|
LimitNPROC = 64;
|
||||||
LimitNOFILE = 1048576;
|
LimitNOFILE = 1048576;
|
||||||
|
|
Loading…
Reference in New Issue