mirror of https://gitlab.com/curben/blog
post(nixos): add systemd start-rate limit for older nixos
This commit is contained in:
parent
1cb712b5e3
commit
778247fff6
|
@ -101,7 +101,8 @@ in {
|
|||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
||||
{ CADDYPATH = cfg.dataDir; };
|
||||
startLimitIntervalSec = 86400;
|
||||
startLimitBurst = 5;
|
||||
# 20.09+
|
||||
# startLimitBurst = 5;
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||
|
@ -111,6 +112,8 @@ in {
|
|||
User = "caddyProxy";
|
||||
Group = "caddyProxy";
|
||||
Restart = "on-failure";
|
||||
# <= 20.03
|
||||
StartLimitBurst = 5;
|
||||
NoNewPrivileges = true;
|
||||
LimitNPROC = 64;
|
||||
LimitNOFILE = 1048576;
|
||||
|
|
|
@ -80,23 +80,19 @@ in {
|
|||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09" && !isCaddy2)
|
||||
{ CADDYPATH = cfg.dataDir; };
|
||||
startLimitIntervalSec = 86400;
|
||||
startLimitBurst = 5;
|
||||
# 20.09+
|
||||
# startLimitBurst = 5;
|
||||
serviceConfig = {
|
||||
ExecStart = if isCaddy2 then ''
|
||||
${cfg.package}/bin/caddy run --config ${cfg.config} --adapter ${cfg.adapter}
|
||||
'' else ''
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||
'';
|
||||
ExecReload = if isCaddy2 then ''
|
||||
${cfg.package}/bin/caddy reload --config ${cfg.config} --adapter ${cfg.adapter}
|
||||
'' else ''
|
||||
"${pkgs.coreutils}/bin/kill -HUP $MAINPID"
|
||||
'';
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
Type = "simple";
|
||||
User = "caddy";
|
||||
Group = "caddy";
|
||||
User = "caddyProxy";
|
||||
Group = "caddyProxy";
|
||||
Restart = "on-failure";
|
||||
# <= 20.03
|
||||
StartLimitBurst = 5;
|
||||
NoNewPrivileges = true;
|
||||
LimitNPROC = 64;
|
||||
LimitNOFILE = 1048576;
|
||||
|
|
|
@ -149,16 +149,19 @@ in {
|
|||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
||||
{ CADDYPATH = cfg.dataDir; };
|
||||
startLimitIntervalSec = 86400;
|
||||
startLimitBurst = 5;
|
||||
# 20.09+
|
||||
# startLimitBurst = 5;
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||
'';
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
Type = "simple";
|
||||
User = "caddyI2p";
|
||||
Group = "caddyI2p";
|
||||
User = "caddyProxy";
|
||||
Group = "caddyProxy";
|
||||
Restart = "on-failure";
|
||||
# <= 20.03
|
||||
StartLimitBurst = 5;
|
||||
NoNewPrivileges = true;
|
||||
LimitNPROC = 64;
|
||||
LimitNOFILE = 1048576;
|
||||
|
|
|
@ -124,16 +124,19 @@ in {
|
|||
environment = mkIf (versionAtLeast config.system.stateVersion "17.09")
|
||||
{ CADDYPATH = cfg.dataDir; };
|
||||
startLimitIntervalSec = 86400;
|
||||
startLimitBurst = 5;
|
||||
# 20.09+
|
||||
# startLimitBurst = 5;
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/caddy -root=/var/tmp -conf=${cfg.config}
|
||||
'';
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
Type = "simple";
|
||||
User = "caddyTor";
|
||||
Group = "caddyTor";
|
||||
User = "caddyProxy";
|
||||
Group = "caddyProxy";
|
||||
Restart = "on-failure";
|
||||
# <= 20.03
|
||||
StartLimitBurst = 5;
|
||||
NoNewPrivileges = true;
|
||||
LimitNPROC = 64;
|
||||
LimitNOFILE = 1048576;
|
||||
|
|
Loading…
Reference in New Issue