From 0c9a0c690e6ec575f7e72af3a8a91096c60c21e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:48:42 +0200 Subject: l domsen: add jarugadesign user, mail & page --- lass/2configs/websites/domsen.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lass/2configs/websites') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 2131c7c62..865186481 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -26,6 +26,7 @@ in { ./default.nix ./sqlBackup.nix (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) + (servePage [ "jarugadesign.de" "www.jarugadesign.de" ]) (servePage [ "freemonkey.art" "www.freemonkey.art" @@ -141,6 +142,7 @@ in { { from = "akayguen@freemonkey.art"; to ="akayguen"; } { from = "bui@freemonkey.art"; to ="bui"; } { from = "kontakt@alewis.de"; to ="klabusterbeere"; } + { from = "hallo@jarugadesign.de"; to ="kasia"; } { from = "testuser@lassul.us"; to = "testuser"; } { from = "testuser@ubikmedia.eu"; to = "testuser"; } @@ -150,6 +152,7 @@ in { "ubikmedia.eu" "ubikmedia.de" "alewis.de" + "jarugadesign.de" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; @@ -235,6 +238,12 @@ in { }; krebs.on-failure.plans.restic-backups-domsen = {}; + users.users.kasia = { + uid = genid_uint31 "kasia"; + home = "/home/kasia"; + useDefaultShell = true; + createHome = true; + }; services.restic.backups.domsen = { initialize = true; extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString + "/ssh.id_ed25519"} -s sftp'" ]; -- cgit v1.2.3 From d68e0e2e2d9f2aa07e5daf950971f4f6ff1634b7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:10 +0200 Subject: l domsen: set nextcloud overwriteProtocol --- lass/2configs/websites/domsen.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs/websites') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 865186481..912d56925 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -94,6 +94,7 @@ in { hostName = "o.xanf.org"; config = { adminpassFile = toString + "/nextcloud_pw"; + overwriteProtocol = "https"; }; https = true; nginx.enable = true; -- cgit v1.2.3 From f8164a8e32b646464376afa951232085c9f1322b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:29 +0200 Subject: l domsen: increase journalctl lines in backup errors --- lass/2configs/websites/domsen.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lass/2configs/websites') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 912d56925..c99bd7b15 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -238,13 +238,18 @@ in { createHome = true; }; - krebs.on-failure.plans.restic-backups-domsen = {}; users.users.kasia = { uid = genid_uint31 "kasia"; home = "/home/kasia"; useDefaultShell = true; createHome = true; }; + + krebs.on-failure.plans.restic-backups-domsen = { + journalctl = { + lines = 1000; + }; + }; services.restic.backups.domsen = { initialize = true; extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString + "/ssh.id_ed25519"} -s sftp'" ]; -- cgit v1.2.3 From 70a58ef2e310521029de794caba6c8351ac99e86 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:45 +0200 Subject: l domsen: use permown for permissions --- lass/2configs/websites/domsen.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'lass/2configs/websites') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index c99bd7b15..9980e0501 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -262,11 +262,41 @@ in { "/home/ms/Mail" "/home/klabusterbeere/Mail" "/home/jms/Mail" + "/home/kasia/Mail" "/home/bruno/Mail" "/home/akayguen/Mail" "/backups/sql_dumps" ]; }; + boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576"; + krebs.permown = { + "/srv/http/ubikmedia.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0007"; + }; + "/srv/http/o.ubikmedia.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0007"; + }; + "/srv/http/freemonkey.art" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + "/srv/http/jarugadesign.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + "/srv/http/reich-gebaeudereinigung.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + }; + } -- cgit v1.2.3