summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xhost/Spacebar-nginx/configuration.nix12
-rwxr-xr-xhost/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix2
-rwxr-xr-xhost/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix1
-rw-r--r--host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix2
-rwxr-xr-xhost/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix42
-rwxr-xr-xhost/Spacebar-postgres/configuration.nix51
-rwxr-xr-xold stuff/Spacebar-monitoring/configuration.nix (renamed from host/Spacebar-monitoring/configuration.nix)0
-rwxr-xr-xold stuff/Spacebar-synapse/configuration.nix (renamed from host/Spacebar-synapse/configuration.nix)0
-rwxr-xr-xold stuff/Spacebar-synapse/post-rebuild.sh (renamed from host/Spacebar-synapse/post-rebuild.sh)0
-rwxr-xr-xold stuff/Spacebar-synapse/pre-rebuild.sh (renamed from host/Spacebar-synapse/pre-rebuild.sh)0
10 files changed, 51 insertions, 59 deletions
diff --git a/host/Spacebar-nginx/configuration.nix b/host/Spacebar-nginx/configuration.nix
index 56b5bf1..434b2ff 100755
--- a/host/Spacebar-nginx/configuration.nix
+++ b/host/Spacebar-nginx/configuration.nix
@@ -26,6 +26,13 @@
       recommendedProxySettings = true;
       recommendedTlsSettings = true;
       clientMaxBodySize = "50m";
+      appendConfig = ''
+        worker_processes 16;
+        '';
+      eventsConfig = ''
+        #use kqueue;
+        worker_connections 512;
+        '';
       virtualHosts = {
         # legacy
         "matrix.thearcanebrony.net" = import ./nginx-hosts/thearcanebrony.net/matrix.nix;
@@ -44,6 +51,11 @@
       };
     };
   };
+
+  systemd.services.nginx.serviceConfig = {
+    LimitNOFILE=5000000;
+  };
+
   systemd.services.nginx.requires = [ "data.mount" ];
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "chris@spacebar.chat";
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix
index bed6690..277a556 100755
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/container.nix
@@ -16,7 +16,7 @@
       '';
     networking.firewall = {
       enable = true;
-      allowedTCPPorts = [ 80 ];
+      allowedTCPPorts = [ 80 5432 ];
     };
   };  
   hostAddress = "192.168.101.1";
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix
index bb005f9..d543ef2 100755
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/root.nix
@@ -5,6 +5,7 @@
     [
       ./services/nginx.nix
       ./services/spacebar-server.nix
+      ./services/postgres.nix
     ];
 
   environment.systemPackages = with pkgs; [
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix
index 97ea3e6..b3c8cad 100644
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/postgres.nix
@@ -16,7 +16,7 @@
     '';
     initialScript = pkgs.writeText "backend-initScript" ''
       CREATE ROLE spacebar WITH LOGIN PASSWORD 'spacebar' CREATEDB;
-      CREATE DATABASE spacebar;
+      CREATE DATABASE spacebar WITH OWNER spacebar ENCODING 'UTF8';
       GRANT ALL PRIVILEGES ON DATABASE spacebar TO spacebar;
     '';
     #dataDir = "/data/pg";
diff --git a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix
index d207687..1debbbd 100755
--- a/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix
+++ b/host/Spacebar-nginx/containers/spacebar-server-dev-nix/services/spacebar-server.nix
@@ -1,41 +1,71 @@
 { config, pkgs, lib, spacebar-server, ... }:
 
 {
+  services.rabbitmq.enable = true;
+
+  systemd.tmpfiles.rules = [  "d /var/lib/spacebar-server 0750 spacebar spacebar" ];
+  users.users.spacebar = {
+    isSystemUser = true;
+    group = "spacebar";
+    home = "/var/lib/spacebar-server";
+    createHome = true;
+    shell = "/bin/false";
+  };
+
+  users.groups.spacebar = {
+    #isSystemGroup = true;
+  };
+
   systemd.services = {
     "spacebar-server-api" = {
         wantedBy = [ "multi-user.target" ];
-        after = [ "resolvconf.target" ];
+        after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" ];
         serviceConfig = {
             ExecStart = ''
               ${spacebar-server.packages.${pkgs.system}.default}/bin/start-api
               '';
             #Restart = "never";
-            User = "root";
+            User = "spacebar";
             WorkingDirectory = "/var/lib/spacebar-server";
+            Environment = [
+              "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar"
+              "LOG_REQUESTS='-'"
+              #"DB_LOGGING='true'"
+            ];
         };
     };
     "spacebar-server-gateway" = {
         wantedBy = [ "multi-user.target" ];
-        after = [ "resolvconf.target" ];
+        after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" "spacebar-server-api.service" ];
         serviceConfig = {
             ExecStart = ''
               ${spacebar-server.packages.${pkgs.system}.default}/bin/start-gateway
               '';
             #Restart = "never";
-            User = "root";
+            User = "spacebar";
             WorkingDirectory = "/var/lib/spacebar-server";
+            Environment = [
+              "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar"
+              "LOG_REQUESTS='-'"
+              #"DB_LOGGING='true'"
+            ];
         };
     };
     "spacebar-server-cdn" = {
         wantedBy = [ "multi-user.target" ];
-        after = [ "resolvconf.target" ];
+        after = [ "resolvconf.target" "postgresql.service" "rabbitmq.service" "spacebar-server-api.service" ];
         serviceConfig = {
             ExecStart = ''
               ${spacebar-server.packages.${pkgs.system}.default}/bin/start-cdn
               '';
             #Restart = "never";
-            User = "root";
+            User = "spacebar";
             WorkingDirectory = "/var/lib/spacebar-server";
+            Environment = [
+              "DATABASE=postgres://spacebar:spacebar@127.0.0.1/spacebar"
+              "LOG_REQUESTS='-'"
+              #"DB_LOGGING='true'"
+            ];
         };
     };
   };
diff --git a/host/Spacebar-postgres/configuration.nix b/host/Spacebar-postgres/configuration.nix
deleted file mode 100755
index b40fd3a..0000000
--- a/host/Spacebar-postgres/configuration.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-{
-  imports =
-    [
-      ../../modules/base.nix
-    ];
-
-  networking = {
-    hostName = "Spacebar-postgres";
-    interfaces.ens18.ipv4.addresses = [ { 
-      address = "192.168.1.4";
-      prefixLength = 24;
-    } ];
-    interfaces.ens19.ipv4.addresses = [ {
-      address = "10.10.11.4";
-      prefixLength = 16;
-    } ];
-  };
-  
-  systemd.tmpfiles.rules = [  "d /data/pg 0750 postgres postgres" ];
-
-  services.postgresql = {
-    enable = true;
-    package = pkgs.postgresql_14;
-    enableTCPIP = true;
-    authentication = pkgs.lib.mkOverride 10 ''
-      # TYPE, DATABASE, USER, ADDRESS, METHOD
-      local all all trust
-      host all all 127.0.0.1/32 trust
-      host all all ::1/128 trust
-      host matrix-synapse-spacebar-chat matrix-synapse-spacebar-chat 192.168.1.5/32 trust
-      host all all 0.0.0.0/0 md5
-    '';
-    initialScript = pkgs.writeText "backend-initScript" ''
-      CREATE ROLE matrix-synapse-spacebar-chat WITH LOGIN PASSWORD '${pkgs.postgresql_14}' CREATEDB;
-      CREATE DATABASE matrix-synapse-spacebar-chat;
-      GRANT ALL PRIVILEGES ON DATABASE matrix-synapse-spacebar-chat TO matrix-synapse-spacebar-chat;
-    '';
-    dataDir = "/data/pg";
-    settings = {
-      "max_connections" = "100";
-      "shared_buffers" = "128MB";
-      "max_wal_size" = "1GB";
-      "min_wal_size" = "80MB";
-    };
-  };
-
-  system.stateVersion = "22.11"; # DO NOT EDIT!
-}
-
diff --git a/host/Spacebar-monitoring/configuration.nix b/old stuff/Spacebar-monitoring/configuration.nix
index 436dc47..436dc47 100755
--- a/host/Spacebar-monitoring/configuration.nix
+++ b/old stuff/Spacebar-monitoring/configuration.nix
diff --git a/host/Spacebar-synapse/configuration.nix b/old stuff/Spacebar-synapse/configuration.nix
index a06a83d..a06a83d 100755
--- a/host/Spacebar-synapse/configuration.nix
+++ b/old stuff/Spacebar-synapse/configuration.nix
diff --git a/host/Spacebar-synapse/post-rebuild.sh b/old stuff/Spacebar-synapse/post-rebuild.sh
index 8dc0e7d..8dc0e7d 100755
--- a/host/Spacebar-synapse/post-rebuild.sh
+++ b/old stuff/Spacebar-synapse/post-rebuild.sh
diff --git a/host/Spacebar-synapse/pre-rebuild.sh b/old stuff/Spacebar-synapse/pre-rebuild.sh
index 32905e3..32905e3 100755
--- a/host/Spacebar-synapse/pre-rebuild.sh
+++ b/old stuff/Spacebar-synapse/pre-rebuild.sh
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-08 15:17:48 +0000