post(nixos): add systemd start-rate limit for older nixos

This commit is contained in:
MDLeom 2020-09-12 05:04:37 +00:00
parent 1cb712b5e3
commit 778247fff6
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
4 changed files with 23 additions and 18 deletions

View File

@ -101,7 +101,8 @@ in {
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
{ CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
# 20.09+
# startLimitBurst = 5;
serviceConfig = {
ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
@ -111,6 +112,8 @@ in {
User = "caddyProxy";
Group = "caddyProxy";
Restart = "on-failure";
# <= 20.03
StartLimitBurst = 5;
NoNewPrivileges = true;
LimitNPROC = 64;
LimitNOFILE = 1048576;

View File

@ -80,23 +80,19 @@ in {
environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2)
{ CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
# 20.09+
# startLimitBurst = 5;
serviceConfig = {
ExecStart = if isCaddy2 then ''
${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter}
'' else ''
ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
'';
ExecReload = if isCaddy2 then ''
${cfg.package}/bin/caddy reload --config ${cfg.config} --adapter ${cfg.adapter}
'' else ''
"${pkgs.coreutils}/bin/kill -HUP $MAINPID"
'';
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Type = "simple";
User = "caddy";
Group = "caddy";
User = "caddyProxy";
Group = "caddyProxy";
Restart = "on-failure";
# <= 20.03
StartLimitBurst = 5;
NoNewPrivileges = true;
LimitNPROC = 64;
LimitNOFILE = 1048576;

View File

@ -149,16 +149,19 @@ in {
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
{ CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
# 20.09+
# startLimitBurst = 5;
serviceConfig = {
ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
'';
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Type = "simple";
User = "caddyI2p";
Group = "caddyI2p";
User = "caddyProxy";
Group = "caddyProxy";
Restart = "on-failure";
# <= 20.03
StartLimitBurst = 5;
NoNewPrivileges = true;
LimitNPROC = 64;
LimitNOFILE = 1048576;

View File

@ -124,16 +124,19 @@ in {
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
{ CADDYPATH = cfg.dataDir; };
startLimitIntervalSec = 86400;
startLimitBurst = 5;
# 20.09+
# startLimitBurst = 5;
serviceConfig = {
ExecStart = ''
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
'';
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Type = "simple";
User = "caddyTor";
Group = "caddyTor";
User = "caddyProxy";
Group = "caddyProxy";
Restart = "on-failure";
# <= 20.03
StartLimitBurst = 5;
NoNewPrivileges = true;
LimitNPROC = 64;
LimitNOFILE = 1048576;