jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fd rg & gpt removed & nextcloud max upload size

Browse Source
This commit is contained in:
Danilo Reyes 2023-11-11 21:59:08 -06:00
parent 958b17708d
commit d043e4f356
3 changed files with 39 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/configuration.org
View File

@ -705,6 +705,8 @@ environment = {
jellyfin-ffmpeg # coolest video converter! jellyfin-ffmpeg # coolest video converter!
mediainfo mediainfo
dlib dlib
fd
ripgrep
]; ];
variables = rec { variables = rec {
# PATH # PATH

70
server/nginx.nix
View File

@ -8,7 +8,6 @@ let
workstation = "192.168.1.64"; workstation = "192.168.1.64";
collabora = "https://192.168.1.69:9980"; collabora = "https://192.168.1.69:9980";
jellyfinPort = "8096"; jellyfinPort = "8096";
gptPort = "7860";
nextcloudPort = 80; nextcloudPort = 80;
flamePort = 5005; flamePort = 5005;
secretFlamePort = 5007; secretFlamePort = 5007;
@ -30,47 +29,48 @@ in {
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
appendHttpConfig = '' appendHttpConfig = ''
### GLOBAL ### GLOBAL
# Add HSTS header with preloading to HTTPS requests. # client_max_body_size 25G;
# Adding this header to HTTP requests is discouraged # Add HSTS header with preloading to HTTPS requests.
map $scheme $hsts_header { # Adding this header to HTTP requests is discouraged
https "max-age=31536000; includeSubdomains; preload"; map $scheme $hsts_header {
} https "max-age=31536000; includeSubdomains; preload";
add_header Strict-Transport-Security $hsts_header; }
add_header Strict-Transport-Security $hsts_header;
# Enable CSP for your services. # Enable CSP for your services.
#add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always; #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
# Minimize information leaked to other domains # Minimize information leaked to other domains
add_header 'Referrer-Policy' 'origin-when-cross-origin'; add_header 'Referrer-Policy' 'origin-when-cross-origin';
# Disable embedding as a frame # Disable embedding as a frame
# add_header X-Frame-Options DENY; # add_header X-Frame-Options DENY;
# Prevent injection of code in other mime types (XSS Attacks) # Prevent injection of code in other mime types (XSS Attacks)
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
# Enable XSS protection of the browser. # Enable XSS protection of the browser.
# May be unnecessary when CSP is configured properly (see above) # May be unnecessary when CSP is configured properly (see above)
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
# This might create errors # This might create errors
proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict"; proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
# NEXTCLOUD # NEXTCLOUD
# upstream php-handler { # upstream php-handler {
# server ${localhost}:9000; # server ${localhost}:9000;
# #server unix:/var/run/php/php7.4-fpm.sock; # #server unix:/var/run/php/php7.4-fpm.sock;
# } # }
# Set the `immutable` cache control options only for assets with a cache busting `v` argument # Set the `immutable` cache control options only for assets with a cache busting `v` argument
# map $arg_v $asset_immutable { # map $arg_v $asset_immutable {
# "" ""; # "" "";
# default "immutable"; # default "immutable";
# } # }
# JELLYFIN # JELLYFIN
proxy_cache_path /var/cache/nginx/jellyfin-videos levels=1:2 keys_zone=jellyfin-videos:100m inactive=90d max_size=35000m; proxy_cache_path /var/cache/nginx/jellyfin-videos levels=1:2 keys_zone=jellyfin-videos:100m inactive=90d max_size=35000m;
proxy_cache_path /var/cache/nginx/jellyfin levels=1:2 keys_zone=jellyfin:100m max_size=15g inactive=30d use_temp_path=off; proxy_cache_path /var/cache/nginx/jellyfin levels=1:2 keys_zone=jellyfin:100m max_size=15g inactive=30d use_temp_path=off;
map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; } map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; }
map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; } map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; }
''; '';
virtualHosts = let virtualHosts = let
base = locations: { base = locations: {

2
server/servers.nix
View File

@ -112,6 +112,8 @@ in {
extraTrustedDomains = [ "cloud.rotehaare.art" "danilo-reyes.com" ]; extraTrustedDomains = [ "cloud.rotehaare.art" "danilo-reyes.com" ];
}; };
phpOptions = { phpOptions = {
upload_max_filesize = "25G";
post_max_size = "25G";
catch_workers_output = "yes"; catch_workers_output = "yes";
display_errors = "stderr"; display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT"; error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";