fixes for oracle when updating to latest

This commit is contained in:
Noah Masur 2022-12-06 17:56:29 +00:00
parent 427bd1a421
commit 9b12369e43
7 changed files with 24 additions and 13 deletions

View File

@ -1,4 +1,4 @@
{ inputs, globals, ... }: { inputs, globals, overlays, ... }:
with inputs; with inputs;
@ -15,7 +15,8 @@ nixpkgs.lib.nixosSystem {
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
gui.enable = false; gui.enable = false;
colorscheme = (import ../../modules/colorscheme/gruvbox); theme = { colors = (import ../../modules/colorscheme/gruvbox).dark; };
nixpkgs.overlays = overlays;
# FQDNs for various services # FQDNs for various services
networking.hostName = "oracle"; networking.hostName = "oracle";

View File

@ -5,6 +5,7 @@
passwordHash = lib.mkOption { passwordHash = lib.mkOption {
type = lib.types.nullOr lib.types.str; type = lib.types.nullOr lib.types.str;
description = "Password created with mkpasswd -m sha-512"; description = "Password created with mkpasswd -m sha-512";
default = null;
# Test it by running: mkpasswd -m sha-512 --salt "PZYiMGmJIIHAepTM" # Test it by running: mkpasswd -m sha-512 --salt "PZYiMGmJIIHAepTM"
}; };

View File

@ -15,7 +15,7 @@
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud24; # Required to specify package = pkgs.nextcloud25; # Required to specify
https = true; https = true;
hostName = "localhost"; hostName = "localhost";
maxUploadSize = "50G"; maxUploadSize = "50G";

View File

@ -8,6 +8,10 @@
config = { config = {
services.grafana.enable = true; services.grafana.enable = true;
# Required to fix error in latest nixpkgs
services.grafana.settings = { };
services.prometheus = { services.prometheus = {
enable = true; enable = true;
exporters.node.enable = true; exporters.node.enable = true;

View File

@ -50,6 +50,10 @@
}]; }];
}]; }];
# Caddy and Transmission both try to set rmem_max for larger UDP packets.
# We will choose Transmission's recommendation (4 MB).
boot.kernel.sysctl."net.core.rmem_max" = 4194304;
# Allow inbound connections to reach namespace # Allow inbound connections to reach namespace
systemd.services.transmission-web-netns = { systemd.services.transmission-web-netns = {
description = "Forward to transmission in wireguard namespace"; description = "Forward to transmission in wireguard namespace";

View File

@ -52,6 +52,7 @@ in {
handle = [{ handle = [{
handler = "reverse_proxy"; handler = "reverse_proxy";
upstreams = [{ dial = "localhost:8222"; }]; upstreams = [{ dial = "localhost:8222"; }];
headers.request.add."X-Real-IP" = [ "{http.request.remote.host}" ];
}]; }];
}]; }];

View File

@ -1,20 +1,20 @@
diff --git a/cps/__init__.py b/cps/__init__.py diff --git a/cps/__init__.py b/cps/__init__.py
index 0b912d23..ad5d1fa9 100644 index 1ba1f778..da0bc718 100644
--- a/cps/__init__.py --- a/cps/__init__.py
+++ b/cps/__init__.py +++ b/cps/__init__.py
@@ -83,7 +83,6 @@ app.config.update( @@ -100,7 +100,6 @@ updater_thread = Updater()
lm = MyLoginManager() def create_app():
lm.login_view = 'web.login' lm.login_view = 'web.login'
lm.anonymous_user = ub.Anonymous lm.anonymous_user = ub.Anonymous
-lm.session_protection = 'strong' - lm.session_protection = 'strong'
if wtf_present: if csrf:
csrf = CSRFProtect() csrf.init_app(app)
diff --git a/cps/admin.py b/cps/admin.py diff --git a/cps/admin.py b/cps/admin.py
index 1004ee78..e295066e 100644 index 09a553b4..5c646e46 100644
--- a/cps/admin.py --- a/cps/admin.py
+++ b/cps/admin.py +++ b/cps/admin.py
@@ -98,8 +98,6 @@ def before_request(): @@ -104,8 +104,6 @@ def before_request():
# make remember me function work # make remember me function work
if current_user.is_authenticated: if current_user.is_authenticated:
confirm_login() confirm_login()