summaryrefslogtreecommitdiffstats
path: root/krebs/2configs/cache.nsupdate.info.nix
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2018-11-21 02:46:05 +0100
committerlassulus <lassulus@lassul.us>2018-11-21 02:46:05 +0100
commit14a178d38de5ecdc45f45afebb7950dd54cbd178 (patch)
treec2513f393d7f78396636cef725095693265d9bec /krebs/2configs/cache.nsupdate.info.nix
parent24a82d39f57be38898519edea6baaf6c04741ecb (diff)
parentc4484dee1a7fb1bfc3952cf4211a22fa0d6002ca (diff)
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'krebs/2configs/cache.nsupdate.info.nix')
-rw-r--r--krebs/2configs/cache.nsupdate.info.nix33
1 files changed, 33 insertions, 0 deletions
diff --git a/krebs/2configs/cache.nsupdate.info.nix b/krebs/2configs/cache.nsupdate.info.nix
new file mode 100644
index 00000000..056667d8
--- /dev/null
+++ b/krebs/2configs/cache.nsupdate.info.nix
@@ -0,0 +1,33 @@
+{lib, ... }:
+with lib;
+let
+ domain = "cache.nsupdate.info";
+in {
+ # This only works for a single domain for nsupdate.info as multiple usernames
+ # and passwords are required for multiple domains
+ services.ddclient = {
+ enable = true;
+ server = "ipv4.nsupdate.info";
+ username = domain;
+ password = import ((toString <secrets>) + "/nsupdate-cache.nix");
+ domains = [ domain ];
+ use= "if, if=et0";
+ # use = "web, web=http://ipv4.nsupdate.info/myip";
+
+ };
+ krebs.cachecache = {
+ enable = true;
+ enableSSL = false; # disable letsencrypt for testing
+ cacheDir = "/var/cache/nix-cache-cache";
+ maxSize = "10g";
+
+ # assumes that the domain is reachable from the internet
+ virtualHost = domain;
+ };
+
+ boot.kernelModules = [ "tcp_bbr" ];
+
+ boot.kernel.sysctl."net.ipv4.tcp_congestion_control" = "bbr";
+ boot.kernel.sysctl."net.core.default_qdisc" = "fq";
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 00:26:13 +0000