diff --git a/source/_posts/caddy-nixos-part-3.md b/source/_posts/caddy-nixos-part-3.md index 94d4202..08d6680 100644 --- a/source/_posts/caddy-nixos-part-3.md +++ b/source/_posts/caddy-nixos-part-3.md @@ -101,7 +101,8 @@ in { environment = mkIf (versionAtLeast config.system.stateVersion "17.09") { CADDYPATH = cfg.dataDir; }; startLimitIntervalSec = 86400; - startLimitBurst = 5; + # 20.09+ + # startLimitBurst = 5; serviceConfig = { ExecStart = '' ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} @@ -111,6 +112,8 @@ in { User = "caddyProxy"; Group = "caddyProxy"; Restart = "on-failure"; + # <= 20.03 + StartLimitBurst = 5; NoNewPrivileges = true; LimitNPROC = 64; LimitNOFILE = 1048576; diff --git a/source/_posts/caddy-v2-nixos.md b/source/_posts/caddy-v2-nixos.md index 4bffa1f..7b4ca5c 100644 --- a/source/_posts/caddy-v2-nixos.md +++ b/source/_posts/caddy-v2-nixos.md @@ -80,23 +80,19 @@ in { environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2) { CADDYPATH = cfg.dataDir; }; startLimitIntervalSec = 86400; - startLimitBurst = 5; + # 20.09+ + # startLimitBurst = 5; serviceConfig = { - ExecStart = if isCaddy2 then '' - ${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter} - '' else '' + ExecStart = '' ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} ''; - ExecReload = if isCaddy2 then '' - ${cfg.package}/bin/caddy reload --config ${cfg.config} --adapter ${cfg.adapter} - '' else '' - "${pkgs.coreutils}/bin/kill -HUP $MAINPID" - ''; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Type = "simple"; - User = "caddy"; - Group = "caddy"; + User = "caddyProxy"; + Group = "caddyProxy"; Restart = "on-failure"; + # <= 20.03 + StartLimitBurst = 5; NoNewPrivileges = true; LimitNPROC = 64; LimitNOFILE = 1048576; diff --git a/source/_posts/i2p-eepsite-nixos.md b/source/_posts/i2p-eepsite-nixos.md index 91b2a69..9e35b59 100644 --- a/source/_posts/i2p-eepsite-nixos.md +++ b/source/_posts/i2p-eepsite-nixos.md @@ -149,16 +149,19 @@ in { environment = mkIf (versionAtLeast config.system.stateVersion "17.09") { CADDYPATH = cfg.dataDir; }; startLimitIntervalSec = 86400; - startLimitBurst = 5; + # 20.09+ + # startLimitBurst = 5; serviceConfig = { ExecStart = '' ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} ''; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Type = "simple"; - User = "caddyI2p"; - Group = "caddyI2p"; + User = "caddyProxy"; + Group = "caddyProxy"; Restart = "on-failure"; + # <= 20.03 + StartLimitBurst = 5; NoNewPrivileges = true; LimitNPROC = 64; LimitNOFILE = 1048576; diff --git a/source/_posts/tor-hidden-onion-nixos.md b/source/_posts/tor-hidden-onion-nixos.md index 113e0ae..62025db 100644 --- a/source/_posts/tor-hidden-onion-nixos.md +++ b/source/_posts/tor-hidden-onion-nixos.md @@ -124,16 +124,19 @@ in { environment = mkIf (versionAtLeast config.system.stateVersion "17.09") { CADDYPATH = cfg.dataDir; }; startLimitIntervalSec = 86400; - startLimitBurst = 5; + # 20.09+ + # startLimitBurst = 5; serviceConfig = { ExecStart = '' ${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config} ''; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Type = "simple"; - User = "caddyTor"; - Group = "caddyTor"; + User = "caddyProxy"; + Group = "caddyProxy"; Restart = "on-failure"; + # <= 20.03 + StartLimitBurst = 5; NoNewPrivileges = true; LimitNPROC = 64; LimitNOFILE = 1048576;