diff options
author | tzlil <tzlils@protonmail.com> | 2023-08-20 15:30:07 +0300 |
---|---|---|
committer | tzlil <tzlils@protonmail.com> | 2023-08-20 15:30:07 +0300 |
commit | 6197695dfb24f1ae3269359fb9e189b24fdd86a3 (patch) | |
tree | 159fbc9b14a87048b5b820044a62f95030b2edb6 /hosts | |
parent | 61a06724bc39e94da259efba3693857bae21949f (diff) |
fix dendrite, disable dhcpv6 dns servers
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/navi/default.nix | 2 | ||||
-rw-r--r-- | hosts/vps/services/git.nix | 7 | ||||
-rw-r--r-- | hosts/vps/services/matrix.nix | 16 |
3 files changed, 17 insertions, 8 deletions
diff --git a/hosts/navi/default.nix b/hosts/navi/default.nix index 755d06b..a5ad367 100644 --- a/hosts/navi/default.nix +++ b/hosts/navi/default.nix @@ -54,7 +54,7 @@ dhcpV4Config = { UseDNS = false; }; - ipv6AcceptRAConfig = { + dhcpV6Config = { UseDNS = false; }; }; diff --git a/hosts/vps/services/git.nix b/hosts/vps/services/git.nix index 2b6d0a2..84c4241 100644 --- a/hosts/vps/services/git.nix +++ b/hosts/vps/services/git.nix @@ -3,7 +3,8 @@ config, ... }: { - config = let cgit = pkgs.cgit-pink; + config = let + cgit = pkgs.cgit-pink; in { users.groups.git = {}; users.users.git = { @@ -56,6 +57,8 @@ transport fastcgi { env SCRIPT_FILENAME ${cgit}/cgit/cgit.cgi env CGIT_CONFIG ${pkgs.writeText "cgitrc" (pkgs.lib.generators.toKeyValue {} { + about-filter = "${cgit}/lib/cgit/filters/about-formatting.py"; + source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py"; css = "/cgit.css"; logo = "/cgit.png"; favicon = "/favicon.ico"; @@ -69,8 +72,6 @@ root-title = "tzlil.net"; root-desc = "Tzlil's Git Repositories"; scan-path = config.users.users.git.home; - about-filter = "${cgit}/lib/cgit/filters/about-formatting.py"; - source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py"; logo-link = "/"; readme = ":README.md"; })} diff --git a/hosts/vps/services/matrix.nix b/hosts/vps/services/matrix.nix index 005040f..af38f58 100644 --- a/hosts/vps/services/matrix.nix +++ b/hosts/vps/services/matrix.nix @@ -102,9 +102,17 @@ ensureDatabases = ["dendrite"]; }; + users.groups.dendrite = {}; + users.users.dendrite = { + isSystemUser = true; + description = "dendrite"; + group = "dendrite"; + }; # not needed if i use /var/lib/private , DynamicUser can remap the permissions for the service - # systemd.services.dendrite.serviceConfig.User = "dendrite"; - # systemd.services.dendrite.serviceConfig.Group = "dendrite"; + systemd.services.dendrite.serviceConfig.User = "dendrite"; + systemd.services.dendrite.serviceConfig.Group = "dendrite"; + systemd.services.dendrite.serviceConfig.DynamicUser = lib.mkForce "false"; + environment.persistence."/nix/persist".directories = [ { directory = "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}"; @@ -114,8 +122,8 @@ { directory = "/var/lib/private/dendrite"; - user = "root"; - group = "root"; + user = "dendrite"; + group = "dendrite"; } ]; |