updates

2024-10-31 15:39:24 +01:00 · 2024-10-31 15:39:24 +01:00 · c5bc2e1a19
commit c5bc2e1a19
parent 448b9e7439
8 changed files with 221 additions and 184 deletions
--- a/nixos/hosts/hades/mastodon/configuration.nix
+++ b/nixos/hosts/hades/mastodon/configuration.nix
@ -8,7 +8,6 @@ in {
  networking.interfaces.eth0.useDHCP = true;

  # Better cache hits
-  environment.noXlibs = lib.mkForce false;
  services = {
    elasticsearch = {
      enable = true;
@ -84,6 +83,8 @@ in {

        AUTHORIZED_FETCH = "true";

+        MAX_TOOT_CHARS = "8192";
+
        # https://github.com/cybrespace/cybrespace-meta/blob/master/s3.md;
        # https://shivering-isles.com/Mastodon-and-Amazon-S3
        S3_ENABLED = "true";
--- a/nixos/hosts/hades/storage/configuration.nix
+++ b/nixos/hosts/hades/storage/configuration.nix
@ -6,9 +6,35 @@
    ./fs.nix
  ];

-
  boot.loader.systemd-boot.enable = true;
  services = {
+    scrutiny = {
+      enable = true;
+      openFirewall = true;
+      influxdb.enable = true;
+      collector.enable = true;
+      collector.settings = {
+        host.id = "storage-vm";
+        devices = [
+          {
+            device = "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00013";
+            ignore = true;
+          }
+          {
+            device = "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00015";
+            ignore = true;
+          }
+          {
+            device = "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00017";
+            ignore = true;
+          }
+          {
+            device = "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00019";
+            ignore = true;
+          }
+        ];
+      };
+    };

    # Enable the OpenSSH daemon.
    openssh.enable = true;
@ -55,6 +81,18 @@
    };
  };

+  users.groups.backup = {
+    gid = 10000;
+    members = [ "vivian" "syncthing" ];
+  };
+
+  services.syncthing = {
+    enable = true;
+    openDefaultPorts = true;
+    guiAddress = "0.0.0.0:8384";
+    group = "backup";
+  };
+
  # Disable firewall, as NFS makes it annoying
  networking.firewall.enable = false;

--- a/nixos/hosts/olympus/mailserver/configuration.nix
+++ b/nixos/hosts/olympus/mailserver/configuration.nix
@ -48,11 +48,12 @@ in {
        aliases = [
          "postmaster@0x76.dev"
          "abuse@0x76.dev"
-
-          "v@meowy.tech"
          "abuse@meowy.tech"
          "postmaster@meowy.tech"
+          "abuse@xirion.net"
+          "postmaster@xirion.net"

+          "@meowy.tech"
          "@xirion.net"
          "@0x76.dev"
        ];
--- a/nixos/hosts/olympus/mosquitto/configuration.nix
+++ b/nixos/hosts/olympus/mosquitto/configuration.nix
@ -3,8 +3,10 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).

 { config, pkgs, ... }:
-let mosquittoPort = 1883;
-in {
+let
+  mosquittoPort = 1883;
+in
+{
  imports = [ ];

  # This value determines the NixOS release from which the default
@ -20,15 +22,21 @@ in {

  services.mosquitto = {
    enable = true;
-    listeners = [{
-      port = mosquittoPort;
-      settings.allow_anonymous = true;
-      acl = [ "topic readwrite #" ];
-      users = {
-        vivian = { acl = [ "readwrite #" ]; };
-        zigbee2mqtt = { acl = [ "readwrite #" ]; };
-      };
-    }];
+    listeners = [
+      {
+        port = mosquittoPort;
+        settings.allow_anonymous = true;
+        acl = [ "topic readwrite #" ];
+        users = {
+          vivian = {
+            acl = [ "readwrite #" ];
+          };
+          zigbee2mqtt = {
+            acl = [ "readwrite #" ];
+          };
+        };
+      }
+    ];

  };

@ -39,7 +47,9 @@ in {
      homeassistant = true;
      permit_join = false;

-      serial = { port = "/dev/ttyUSB0"; };
+      serial = {
+        port = "/dev/ttyUSB0";
+      };

      mqtt = {
        base_topic = "zigbee2mqtt";
@ -47,10 +57,14 @@ in {
        user = "zigbee2mqtt";
      };

-      frontend = { port = 8080; };
+      frontend = {
+        port = 8080;
+      };
    };
  };

-  networking.firewall.allowedTCPPorts =
-    [ mosquittoPort config.services.zigbee2mqtt.settings.frontend.port ];
+  networking.firewall.allowedTCPPorts = [
+    mosquittoPort
+    config.services.zigbee2mqtt.settings.frontend.port
+  ];
 }
--- a/nixos/hosts/olympus/nginx/configuration.nix
+++ b/nixos/hosts/olympus/nginx/configuration.nix
@ -5,9 +5,9 @@ let
      base_url = "https://chat.meowy.tech";
      server_name = "meowy.tech";
    };
-    "org.matrix.msc3575.proxy" = {
-      "url" = "https://sliding-chat.meowy.tech";
-    };
+    # "org.matrix.msc3575.proxy" = {
+    #   "url" = "https://sliding-chat.meowy.tech";
+    # };
  };
  serverConfig."m.server" = "chat.meowy.tech:443";
  mkWellKnown = data: ''
@ -127,7 +127,7 @@ in
              return 303 https://element.chat.meowy.tech;
            '';
            "= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
-            "= /_matrix/client/unstable/org.matrix.msc3575/sync".proxyPass = "http://synapse.olympus:8009";
+            # "= /_matrix/client/unstable/org.matrix.msc3575/sync".proxyPass = "http://synapse.olympus:8009";
            "/_matrix".proxyPass = "http://synapse.olympus:8008";
            "/_synapse/client".proxyPass = "http://synapse.olympus:8008";
            "/_synapse/admin" = {
@ -146,11 +146,11 @@ in
            };
          };
        };
-        "sliding-chat.meowy.tech" = {
-          enableACME = true;
-          forceSSL = true;
-          locations."/".proxyPass = "http://synapse.olympus:8009";
-        };
+        # "sliding-chat.meowy.tech" = {
+        #   enableACME = true;
+        #   forceSSL = true;
+        #   locations."/".proxyPass = "http://synapse.olympus:8009";
+        # };
        "element.chat.meowy.tech" = {
          enableACME = true;
          forceSSL = true;
--- a/nixos/hosts/olympus/synapse/configuration.nix
+++ b/nixos/hosts/olympus/synapse/configuration.nix
@ -43,7 +43,7 @@ in
  };

  services.matrix-sliding-sync = {
-    enable = true;
+    enable = false;
    createDatabase = true;
    environmentFile = "${vs.synapse}/sync";
    settings = {