curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity

post(nixos): add `nix.gc` and update config style

This commit is contained in:
MDLeom 2020-05-02 06:55:36 +01:00
parent 48931151ed
commit 5e9558d92f
No known key found for this signature in database
GPG Key ID: 5D9DB57A25D34EE3
3 changed files with 39 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
source/_posts/caddy-nixos-part-2.md
View File

@ -225,11 +225,14 @@ Unattended upgrade can be enabled through the following config. Once enabled, Ni
In the config, you can also specify the time that the server will reboot. I recommend to only enable it after everything is up and running, especially when setting a web server; you wouldn't want the server to reboot itself in the middle of your tinkering. In the config, you can also specify the time that the server will reboot. I recommend to only enable it after everything is up and running, especially when setting a web server; you wouldn't want the server to reboot itself in the middle of your tinkering.
(For more advanced usage of `dates`, see [`systemd.time`](https://jlk.fjfi.cvut.cz/arch/manpages/man/systemd.time.7#CALENDAR_EVENTS))
``` js ``` js
system.autoUpgrade = { system.autoUpgrade = {
enable = true; enable = true;
allowReboot = true; allowReboot = true;
dates = "00:00"; # Daily 00:00
dates = "daily UTC";
}; };
``` ```
@ -306,3 +309,16 @@ Kernel compiled with additional security-oriented patch set. [More details](http
``` ```
boot.kernelPackages = pkgs.linuxPackages_hardened; boot.kernelPackages = pkgs.linuxPackages_hardened;
``` ```
## Remove old, unreferenced packages
Since my web server has limited disk space, it needs to run [garbage collector](https://nixos.org/nixos/manual/index.html#sec-nix-gc) from time to time.
```
## Garbage collector
nix.gc = {
automatic = true;
# Every Monday 00:00
dates = "weekly UTC";
};
```

4
source/_posts/i2p-eepsite-nixos.md
View File

@ -40,7 +40,8 @@ To join the I2P network, I'm using [i2pd](https://i2pd.website/), an (unofficial
enable = true; enable = true;
ifname = "ens3"; ifname = "ens3";
address = "xxxx"; address = "xxxx";
inTunnels.myEep = { inTunnels = {
myEep = {
enable = true; enable = true;
keys = "myEep-keys.dat"; keys = "myEep-keys.dat";
inPort = 80; inPort = 80;
@ -50,6 +51,7 @@ To join the I2P network, I'm using [i2pd](https://i2pd.website/), an (unofficial
# inbound.length = 1; # inbound.length = 1;
# outbound.length = 1; # outbound.length = 1;
}; };
};
enableIPv4 = false; enableIPv4 = false;
enableIPv6 = true; enableIPv6 = true;
}; };

4
source/_posts/tor-hidden-onion-nixos.md
View File

@ -37,7 +37,8 @@ The first step is to bring up a Tor hidden service to get an onion address. Add
services.tor = { services.tor = {
enable = true; enable = true;
enableGeoIP = false; enableGeoIP = false;
hiddenServices.myOnion = { hiddenServices = {
myOnion = {
version = 3; version = 3;
map = [ map = [
{ {
@ -47,6 +48,7 @@ The first step is to bring up a Tor hidden service to get an onion address. Add
} }
]; ];
}; };
};
extraConfig = extraConfig =
'' ''
ClientUseIPv4 0 ClientUseIPv4 0