colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

servo: gate costly services behind sane.maxBuildCost option

Browse Source
This commit is contained in:
Colin
2025-08-21 02:42:58 +00:00
parent 91578c0b78
commit e700ff392f
4 changed files with 502 additions and 494 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/by-name/servo/services/jellyfin/default.nix
View File

@@ -14,10 +14,11 @@
# #
# N.B.: default install DOES NOT SUPPORT DLNA out of the box. # N.B.: default install DOES NOT SUPPORT DLNA out of the box.
# one must install it as a "plugin", which can be done through the UI. # one must install it as a "plugin", which can be done through the UI.
{ ... }: { config, lib, ... }:
# lib.mkIf false #< XXX(2024-11-17): disabled because it hasn't been working for months; web UI hangs on load, TVs see no files # lib.mkIf false #< XXX(2024-11-17): disabled because it hasn't been working for months; web UI hangs on load, TVs see no files
{ {
config = lib.mkIf (config.sane.maxBuildCost >= 2) {
# https://jellyfin.org/docs/general/networking/index.html # https://jellyfin.org/docs/general/networking/index.html
sane.ports.ports."1900" = { sane.ports.ports."1900" = {
protocol = [ "udp" ]; protocol = [ "udp" ];
@@ -168,4 +169,5 @@
}; };
sane.dns.zones."uninsane.org".inet.CNAME."jelly" = "native"; sane.dns.zones."uninsane.org".inet.CNAME."jelly" = "native";
};
} }

4
hosts/by-name/servo/services/kiwix-serve.nix
View File

@@ -1,5 +1,6 @@
{ pkgs, ... }: { config, lib, pkgs, ... }:
{ {
config = lib.mkIf (config.sane.maxBuildCost >= 3) {
sane.services.kiwix-serve = { sane.services.kiwix-serve = {
enable = true; enable = true;
port = 8013; port = 8013;
@@ -37,4 +38,5 @@
}; };
sane.dns.zones."uninsane.org".inet.CNAME."w" = "native"; sane.dns.zones."uninsane.org".inet.CNAME."w" = "native";
};
} }

4
hosts/by-name/servo/services/lemmy.nix
View File

@@ -3,7 +3,7 @@
# - <repo:LemmyNet/lemmy:docker/nginx.conf> # - <repo:LemmyNet/lemmy:docker/nginx.conf>
# - <repo:LemmyNet/lemmy-ansible:templates/nginx.conf> # - <repo:LemmyNet/lemmy-ansible:templates/nginx.conf>
{ lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
uiPort = 1234; # default ui port is 1234 uiPort = 1234; # default ui port is 1234
backendPort = 8536; # default backend port is 8536 backendPort = 8536; # default backend port is 8536
@@ -24,6 +24,7 @@ let
media.video.max_frame_count = 30 * 60 * 60; media.video.max_frame_count = 30 * 60 * 60;
}; };
in { in {
config = lib.mkIf (config.sane.maxBuildCost >= 2) {
services.lemmy = { services.lemmy = {
enable = true; enable = true;
settings.hostname = "lemmy.uninsane.org"; settings.hostname = "lemmy.uninsane.org";
@@ -174,4 +175,5 @@ in {
serviceConfig.SystemCallArchitectures = "native"; serviceConfig.SystemCallArchitectures = "native";
serviceConfig.SystemCallFilter = [ "@system-service" ]; serviceConfig.SystemCallFilter = [ "@system-service" ];
}; };
};
} }

2
hosts/by-name/servo/services/pleroma.nix
View File

@@ -14,6 +14,7 @@ let
# logLevel = "debug"; # logLevel = "debug";
in in
{ {
config = lib.mkIf (config.sane.maxBuildCost >= 2) {
sane.persist.sys.byStore.private = [ sane.persist.sys.byStore.private = [
# contains media i've uploaded to the server # contains media i've uploaded to the server
{ user = "pleroma"; group = "pleroma"; path = "/var/lib/pleroma"; method = "bind"; } { user = "pleroma"; group = "pleroma"; path = "/var/lib/pleroma"; method = "bind"; }
@@ -217,4 +218,5 @@ in
sops.secrets."pleroma_secrets" = { sops.secrets."pleroma_secrets" = {
owner = config.users.users.pleroma.name; owner = config.users.users.pleroma.name;
}; };
};
} }