`statix fix`
This commit is contained in:
parent
314c7960d1
commit
1714681532
|
@ -37,7 +37,7 @@
|
||||||
"aarch64-linux"
|
"aarch64-linux"
|
||||||
"aarch64-darwin"
|
"aarch64-darwin"
|
||||||
];
|
];
|
||||||
forAllSystems = f: nixlib.genAttrs systems (system: f system);
|
forAllSystems = f: nixlib.genAttrs systems f;
|
||||||
allMachines = nixlib.mapAttrsToList (name: _: name) self.nixosConfigurations;
|
allMachines = nixlib.mapAttrsToList (name: _: name) self.nixosConfigurations;
|
||||||
importantMachines = [
|
importantMachines = [
|
||||||
"bekkalokk"
|
"bekkalokk"
|
||||||
|
|
|
@ -879,7 +879,7 @@ let
|
||||||
|
|
||||||
inherit (pkgs) pam_krb5 pam_ccreds;
|
inherit (pkgs) pam_krb5 pam_ccreds;
|
||||||
|
|
||||||
use_ldap = (config.users.ldap.enable && config.users.ldap.loginPam);
|
use_ldap = config.users.ldap.enable && config.users.ldap.loginPam;
|
||||||
pam_ldap = if config.users.ldap.daemon.enable then pkgs.nss_pam_ldapd else pkgs.pam_ldap;
|
pam_ldap = if config.users.ldap.daemon.enable then pkgs.nss_pam_ldapd else pkgs.pam_ldap;
|
||||||
|
|
||||||
# Create a limits.conf(5) file.
|
# Create a limits.conf(5) file.
|
||||||
|
@ -1510,7 +1510,7 @@ in
|
||||||
it complains "Cannot create session: Already running in a
|
it complains "Cannot create session: Already running in a
|
||||||
session". */
|
session". */
|
||||||
runuser-l = { rootOK = true; unixAuth = false; };
|
runuser-l = { rootOK = true; unixAuth = false; };
|
||||||
} // optionalAttrs (config.security.pam.enableFscrypt) {
|
} // optionalAttrs config.security.pam.enableFscrypt {
|
||||||
# Allow fscrypt to verify login passphrase
|
# Allow fscrypt to verify login passphrase
|
||||||
fscrypt = {};
|
fscrypt = {};
|
||||||
};
|
};
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
services.mjolnir = {
|
services.mjolnir = {
|
||||||
enable = true;
|
enable = true;
|
||||||
pantalaimon.enable = false;
|
pantalaimon.enable = false;
|
||||||
homeserverUrl = http://127.0.0.1:8008;
|
homeserverUrl = "http://127.0.0.1:8008";
|
||||||
accessTokenFile = config.sops.secrets."matrix/mjolnir/access_token".path;
|
accessTokenFile = config.sops.secrets."matrix/mjolnir/access_token".path;
|
||||||
managementRoom = "!gsdeCoWjvYRBrzuiRq:pvv.ntnu.no";
|
managementRoom = "!gsdeCoWjvYRBrzuiRq:pvv.ntnu.no";
|
||||||
protectedRooms = map (a: "https://matrix.to/#/${a}") [
|
protectedRooms = map (a: "https://matrix.to/#/${a}") [
|
||||||
|
|
|
@ -143,10 +143,10 @@ in {
|
||||||
services.redis.servers."".enable = true;
|
services.redis.servers."".enable = true;
|
||||||
|
|
||||||
services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [
|
services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [
|
||||||
({
|
{
|
||||||
kTLS = true;
|
kTLS = true;
|
||||||
})
|
}
|
||||||
({
|
{
|
||||||
locations."/.well-known/matrix/server" = {
|
locations."/.well-known/matrix/server" = {
|
||||||
return = ''
|
return = ''
|
||||||
200 '{"m.server": "matrix.pvv.ntnu.no:443"}'
|
200 '{"m.server": "matrix.pvv.ntnu.no:443"}'
|
||||||
|
@ -156,16 +156,16 @@ in {
|
||||||
add_header Access-Control-Allow-Origin *;
|
add_header Access-Control-Allow-Origin *;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
})
|
}
|
||||||
({
|
{
|
||||||
locations = let
|
locations = let
|
||||||
connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w;
|
connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w;
|
||||||
socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString (c.port)}";
|
socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString c.port}";
|
||||||
|
|
||||||
metricsPath = w: "/metrics/${w.type}/${toString w.index}";
|
metricsPath = w: "/metrics/${w.type}/${toString w.index}";
|
||||||
proxyPath = w: "http://${socketAddress w}/_synapse/metrics";
|
proxyPath = w: "http://${socketAddress w}/_synapse/metrics";
|
||||||
in lib.mapAttrs' (n: v: lib.nameValuePair
|
in lib.mapAttrs' (n: v: lib.nameValuePair
|
||||||
(metricsPath v) ({
|
(metricsPath v) {
|
||||||
proxyPass = proxyPath v;
|
proxyPass = proxyPath v;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
allow ${values.hosts.ildkule.ipv4};
|
allow ${values.hosts.ildkule.ipv4};
|
||||||
|
@ -174,10 +174,10 @@ in {
|
||||||
allow ${values.hosts.ildkule.ipv6_global};
|
allow ${values.hosts.ildkule.ipv6_global};
|
||||||
deny all;
|
deny all;
|
||||||
'';
|
'';
|
||||||
}))
|
|
||||||
cfg.workers.instances;
|
|
||||||
})
|
})
|
||||||
({
|
cfg.workers.instances;
|
||||||
|
}
|
||||||
|
{
|
||||||
locations."/metrics/master/1" = {
|
locations."/metrics/master/1" = {
|
||||||
proxyPass = "http://127.0.0.1:9000/_synapse/metrics";
|
proxyPass = "http://127.0.0.1:9000/_synapse/metrics";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
|
@ -202,5 +202,5 @@ in {
|
||||||
labels = { };
|
labels = { };
|
||||||
}]) + "/";
|
}]) + "/";
|
||||||
};
|
};
|
||||||
})];
|
}];
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,13 +34,13 @@ in {
|
||||||
{
|
{
|
||||||
name = "Ildkule Prometheus";
|
name = "Ildkule Prometheus";
|
||||||
type = "prometheus";
|
type = "prometheus";
|
||||||
url = ("http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}");
|
url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}";
|
||||||
isDefault = true;
|
isDefault = true;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "Ildkule loki";
|
name = "Ildkule loki";
|
||||||
type = "loki";
|
type = "loki";
|
||||||
url = ("http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}");
|
url = "http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
dashboards.settings.providers = [
|
dashboards.settings.providers = [
|
||||||
|
|
Loading…
Reference in New Issue