felixalb/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add workers with matrix-synapse-next, various fixes and updates

Browse Source
This commit is contained in:
Felix Albrigtsen
2023-08-14 08:37:20 +02:00
parent 687ce3604a
commit 1ec9c08e22
7 changed files with 166 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/voyager/configuration.nix
View File

@@ -25,6 +25,7 @@
./services/hedgedoc.nix
./services/vaultwarden.nix
./services/calibre.nix
./services/fancontrol.nix
# ./services/code-server.nix
];

1
hosts/voyager/services/calibre.nix
View File

@@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }:
let
domain = "books.home.feal.no";
storage = "/tank/media/books";

63
hosts/voyager/services/fancontrol.nix Normal file
View File

@@ -0,0 +1,63 @@
{ config, lib, pkgs, ... }:
{
systemd.timers."fancontrol" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar="*:0/3";
Unit = "fancontrol.service";
};
};
systemd.services."fancontrol" = {
environment = {
TEMP_MIN_FALLING = "50";
TEMP_MAX_RISING = "56";
TEMP_CRIT = "70";
LOW_FAN_SPEED = "0x10";
};
script = ''
SET_FAN_MANUAL="0x30 0x30 0x01 0x00" # Enable manual control
SET_FAN_AUTO="0x30 0x30 0x01 0x01" # Disable manual control
SET_FAN_LOW="0x30 0x30 0x02 0xff $LOW_FAN_SPEED"
SET_FAN_MAX="0x30 0x30 0x02 0xff 0x64" # force 100%
# Get all temperatures readings starting with "Temp ", find all two digit numbers followed by spaces, find the largest one, trim the trailing space
maxcoretemp=$(${pkgs.ipmitool}/bin/ipmitool sdr type temperature | grep '^Temp ' | grep -Po '\d{2} ' | sort -nr | head -n1 | xargs)
# Verify that we read a valid number
ISNUMBER='^[0-9]+$'
if ! [[ $maxcoretemp =~ $ISNUMBER ]] ; then
echo "Error: could not read temperature" >&2
exit 2
fi
echo "Highest measured CPU temperature: '$maxcoretemp'"
if [ "$maxcoretemp" -gt "$TEMP_CRIT" ]; then
echo "TOO HOT, CRITICAL CPU TEMP"
${pkgs.ipmitool}/bin/ipmitool raw $SET_FAN_MANUAL
${pkgs.ipmitool}/bin/ipmitool raw $SET_FAN_MAX
exit 1
fi
if [ "$maxcoretemp" -gt "$TEMP_MAX_RISING" ]; then
echo "TOO HOT, switching to IDRAC fan controL"
${pkgs.ipmitool}/bin/ipmitool raw $SET_FAN_AUTO
exit 0
fi
if [ "$maxcoretemp" -lt "$TEMP_MIN_FALLING" ]; then
echo "Sufficiently cooled, stepping down fans"
${pkgs.ipmitool}/bin/ipmitool raw $SET_FAN_MANUAL
${pkgs.ipmitool}/bin/ipmitool raw $SET_FAN_LOW
exit 0
fi
echo "Temperature is between limits, doing nothing..."
'';
};
}

7
hosts/voyager/services/gitea.nix
View File

@@ -3,7 +3,7 @@ let
cfg = config.services.gitea;
domain = "git.feal.no";
httpPort = 3004;
/* sshPort = 2222; */
sshPort = 2222;
in {
services.gitea = {
enable = true;
@@ -17,7 +17,7 @@ in {
server = {
LANDING_PAGE=''"/felixalb"'';
HTTP_PORT = httpPort;
/* SSH_PORT = sshPort; */
SSH_PORT = sshPort;
SSH_DOMAIN = "voyager.home.feal.no";
DOMAIN = domain;
ROOT_URL = "https://${domain}";
@@ -51,6 +51,5 @@ in {
# - configure mailer
};
/* networking.firewall.allowedTCPPorts = [ httpPort sshPort ]; */
networking.firewall.allowedTCPPorts = [ httpPort ];
networking.firewall.allowedTCPPorts = [ httpPort sshPort ];
}

88
hosts/voyager/services/matrix/synapse.nix
View File

@@ -1,4 +1,4 @@
{ config, pkgs, ... }:
{ config, pkgs, lib, ... }:
let
main_ip = "127.0.1.2";
in
@@ -9,9 +9,19 @@ in
group = "matrix-synapse";
};
services.matrix-synapse = {
services.matrix-synapse-next = {
enable = true;
package = pkgs.matrix-synapse;
enableNginx = true;
workers = {
federationSenders = 1;
federationReceivers = 2;
initialSyncers = 1;
normalSyncers = 1;
eventPersisters = 1;
useUserDirectoryWorker = true;
};
extraConfigFiles = [
config.sops.secrets."matrix/synapse/registrationsecret".path
@@ -63,42 +73,50 @@ in
tls_certificate_path = "/etc/ssl-snakeoil/matrix_feal_no.crt";
tls_private_key_path = "/etc/ssl-snakeoil/matrix_feal_no.key";
listeners = [
{ port = 8008;
bind_addresses = [ main_ip ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{ names = [ "client" ]; compress = true; }
{ names = [ "federation" ]; compress = true; }
];
}
];
/* listeners = [ */
/* { port = 8008; */
/* bind_addresses = [ main_ip ]; */
/* type = "http"; */
/* tls = false; */
/* x_forwarded = true; */
/* resources = [ */
/* { names = [ "client" ]; compress = true; } */
/* { names = [ "federation" ]; compress = true; } */
/* ]; */
/* } */
/* ]; */
};
};
services.redis.servers."".enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx = {
enable = true;
enableReload = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts."matrix.feal.no" = {
locations."/_matrix" = {
proxyPass = "http://${main_ip}:8008";
extraConfig = ''
client_max_body_size 50M;
'';
};
# locations."/_synapse/client".proxyPass = "http://${main_ip}:8008";
locations."/" = {
proxyPass = "http://${main_ip}:8008";
};
};
services.nginx.virtualHosts."matrix.feal.no" = {
enableACME = lib.mkForce false;
forceSSL = lib.mkForce false;
/* sslCertificate = "/etc/ssl-snakeoil/matrix_feal_no.crt"; */
/* sslKey = "/etc/ssl-snakeoil/matrix_feal_no.key"; */
};
/* services.nginx = { */
/* enable = true; */
/* enableReload = true; */
/* recommendedOptimisation = true; */
/* recommendedGzipSettings = true; */
/* recommendedProxySettings = true; */
/* virtualHosts."matrix.feal.no" = { */
/* locations."/_matrix" = { */
/* proxyPass = "http://${main_ip}:8008"; */
/* extraConfig = '' */
/* client_max_body_size 50M; */
/* ''; */
/* }; */
/* # locations."/_synapse/client".proxyPass = "http://${main_ip}:8008"; */
/* locations."/" = { */
/* proxyPass = "http://${main_ip}:8008"; */
/* }; */
/* }; */
/* }; */
}