diff options
| author | TheArcaneBrony <myrainbowdash949@gmail.com> | 2023-09-26 15:03:18 +0200 |
|---|---|---|
| committer | Rory& <root@rory.gay> | 2024-06-05 17:25:16 +0200 |
| commit | 10a409f984e9bce9cf15c1aaf3771a5043afc305 (patch) | |
| tree | 0c8b07784e7632a5c9b53ef3ddedb5bdbae067ab | |
| parent | Work on spacebar container (diff) | |
| download | Spacebar-Open-Infrastructure-10a409f984e9bce9cf15c1aaf3771a5043afc305.tar.xz | |
Postgres, maybe?
| -rwxr-xr-x | host/Spacebar-nginx/configuration.nix | 12 | ||||
| -rwxr-xr-x | host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix | 2 | ||||
| -rwxr-xr-x | host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix | 1 | ||||
| -rw-r--r-- | host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix | 2 | ||||
| -rwxr-xr-x | host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix | 42 | ||||
| -rwxr-xr-x | host/Spacebar-postgres/configuration.nix | 51 | ||||
| -rwxr-xr-x | old stuff/Spacebar-monitoring/configuration.nix (renamed from host/Spacebar-monitoring/configuration.nix) | 0 | ||||
| -rwxr-xr-x | old stuff/Spacebar-synapse/configuration.nix (renamed from host/Spacebar-synapse/configuration.nix) | 0 | ||||
| -rwxr-xr-x | old stuff/Spacebar-synapse/post-rebuild.sh (renamed from host/Spacebar-synapse/post-rebuild.sh) | 0 | ||||
| -rwxr-xr-x | old stuff/Spacebar-synapse/pre-rebuild.sh (renamed from host/Spacebar-synapse/pre-rebuild.sh) | 0 |
10 files changed, 51 insertions, 59 deletions
diff --git a/host/Spacebar-nginx/configuration.nix b/host/Spacebar-nginx/configuration.nix index 56b5bf1..434b2ff 100755 --- a/host/Spacebar-nginx/configuration.nix +++ b/host/Spacebar-nginx/configuration.nix @@ -26,6 +26,13 @@ recommendedProxySettings = true; recommendedTlsSettings = true; clientMaxBodySize = "50m"; + appendConfig = '' + worker_processes 16; + ''; + eventsConfig = '' + #use kqueue; + worker_connections 512; + ''; virtualHosts = { # legacy "matrix.thearcanebrony.net" = import ./nginx-hosts/thearcanebrony.net/matrix.nix; @@ -44,6 +51,11 @@ }; }; }; + + systemd.services.nginx.serviceConfig = { + LimitNOFILE=5000000; + }; + systemd.services.nginx.requires = [ "data.mount" ]; security.acme.acceptTerms = true; security.acme.defaults.email = "chris@spacebar.chat"; diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix index bed6690..277a556 100755 --- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix +++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix @@ -16,7 +16,7 @@ ''; networking.firewall = { enable = true; - allowedTCPPorts = [ 80 ]; + allowedTCPPorts = [ 80 5432 ]; }; }; hostAddress = "192.168.101.1"; diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix index bb005f9..d543ef2 100755 --- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix +++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix @@ -5,6 +5,7 @@ [ ./services/nginx.nix ./services/spacebar-server.nix + ./services/postgres.nix ]; environment.systemPackages = with pkgs; [ diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix index 97ea3e6..b3c8cad 100644 --- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix +++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix @@ -16,7 +16,7 @@ ''; initialScript = pkgs.writeText "backend-initScript" '' CREATE ROLE spacebar WITH LOGIN PASSWORD 'spacebar' CREATEDB; - CREATE DATABASE spacebar; + CREATE DATABASE spacebar WITH OWNER spacebar ENCODING 'UTF8'; GRANT ALL PRIVILEGES ON DATABASE spacebar TO spacebar; ''; #dataDir = "/data/pg"; diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix index d207687..1debbbd 100755 --- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix +++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix @@ -1,41 +1,71 @@ { config, pkgs, lib, spacebar-server, ... }: { + services.rabbitmq.enable = true; + + systemd.tmpfiles.rules = [ "d /var/lib/spacebar-server 0750 spacebar spacebar" ]; + users.users.spacebar = { + isSystemUser = true; + group = "spacebar"; + home = "/var/lib/spacebar-server"; + createHome = true; + shell = "/bin/false"; + }; + + users.groups.spacebar = { + #isSystemGroup = true; + }; + systemd.services = { "spacebar-server-api" = { wantedBy = [ "multi-user.target" ]; - after = [ "resolvconf.target" ]; + after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" ]; serviceConfig = { ExecStart = '' ${spacebar-server.packages.${pkgs.system}.default}/bin/start-api ''; #Restart = "never"; - User = "root"; + User = "spacebar"; WorkingDirectory = "/var/lib/spacebar-server"; + Environment = [ + "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar" + "LOG_REQUESTS='-'" + #"DB_LOGGING='true'" + ]; }; }; "spacebar-server-gateway" = { wantedBy = [ "multi-user.target" ]; - after = [ "resolvconf.target" ]; + after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" "spacebar-server-api.service" ]; serviceConfig = { ExecStart = '' ${spacebar-server.packages.${pkgs.system}.default}/bin/start-gateway ''; #Restart = "never"; - User = "root"; + User = "spacebar"; WorkingDirectory = "/var/lib/spacebar-server"; + Environment = [ + "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar" + "LOG_REQUESTS='-'" + #"DB_LOGGING='true'" + ]; }; }; "spacebar-server-cdn" = { wantedBy = [ "multi-user.target" ]; - after = [ "resolvconf.target" ]; + after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" "spacebar-server-api.service" ]; serviceConfig = { ExecStart = '' ${spacebar-server.packages.${pkgs.system}.default}/bin/start-cdn ''; #Restart = "never"; - User = "root"; + User = "spacebar"; WorkingDirectory = "/var/lib/spacebar-server"; + Environment = [ + "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar" + "LOG_REQUESTS='-'" + #"DB_LOGGING='true'" + ]; }; }; }; diff --git a/host/Spacebar-postgres/configuration.nix b/host/Spacebar-postgres/configuration.nix deleted file mode 100755 index b40fd3a..0000000 --- a/host/Spacebar-postgres/configuration.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, pkgs, lib, ... }: - -{ - imports = - [ - ../../modules/base.nix - ]; - - networking = { - hostName = "Spacebar-postgres"; - interfaces.ens18.ipv4.addresses = [ { - address = "192.168.1.4"; - prefixLength = 24; - } ]; - interfaces.ens19.ipv4.addresses = [ { - address = "10.10.11.4"; - prefixLength = 16; - } ]; - }; - - systemd.tmpfiles.rules = [ "d /data/pg 0750 postgres postgres" ]; - - services.postgresql = { - enable = true; - package = pkgs.postgresql_14; - enableTCPIP = true; - authentication = pkgs.lib.mkOverride 10 '' - # TYPE, DATABASE, USER, ADDRESS, METHOD - local all all trust - host all all 127.0.0.1/32 trust - host all all ::1/128 trust - host matrix-synapse-spacebar-chat matrix-synapse-spacebar-chat 192.168.1.5/32 trust - host all all 0.0.0.0/0 md5 - ''; - initialScript = pkgs.writeText "backend-initScript" '' - CREATE ROLE matrix-synapse-spacebar-chat WITH LOGIN PASSWORD '${pkgs.postgresql_14}' CREATEDB; - CREATE DATABASE matrix-synapse-spacebar-chat; - GRANT ALL PRIVILEGES ON DATABASE matrix-synapse-spacebar-chat TO matrix-synapse-spacebar-chat; - ''; - dataDir = "/data/pg"; - settings = { - "max_connections" = "100"; - "shared_buffers" = "128MB"; - "max_wal_size" = "1GB"; - "min_wal_size" = "80MB"; - }; - }; - - system.stateVersion = "22.11"; # DO NOT EDIT! -} - diff --git a/host/Spacebar-monitoring/configuration.nix b/old stuff/Spacebar-monitoring/configuration.nix index 436dc47..436dc47 100755 --- a/host/Spacebar-monitoring/configuration.nix +++ b/old stuff/Spacebar-monitoring/configuration.nix diff --git a/host/Spacebar-synapse/configuration.nix b/old stuff/Spacebar-synapse/configuration.nix index a06a83d..a06a83d 100755 --- a/host/Spacebar-synapse/configuration.nix +++ b/old stuff/Spacebar-synapse/configuration.nix diff --git a/host/Spacebar-synapse/post-rebuild.sh b/old stuff/Spacebar-synapse/post-rebuild.sh index 8dc0e7d..8dc0e7d 100755 --- a/host/Spacebar-synapse/post-rebuild.sh +++ b/old stuff/Spacebar-synapse/post-rebuild.sh diff --git a/host/Spacebar-synapse/pre-rebuild.sh b/old stuff/Spacebar-synapse/pre-rebuild.sh index 32905e3..32905e3 100755 --- a/host/Spacebar-synapse/pre-rebuild.sh +++ b/old stuff/Spacebar-synapse/pre-rebuild.sh |