diff --git a/hosts/metronom/networking.nix b/hosts/metronom/networking.nix index b309ec32..380c2207 100644 --- a/hosts/metronom/networking.nix +++ b/hosts/metronom/networking.nix @@ -16,7 +16,4 @@ networking.enableIPv6 = true; networking.useDHCP = false; networking.interfaces."enp1s0".useDHCP = true; - - # TODO: ssh via wireguard only - services.openssh.openFirewall = true; } diff --git a/hosts/tankstelle/networking.nix b/hosts/tankstelle/networking.nix index 1ef2e26a..8e893923 100644 --- a/hosts/tankstelle/networking.nix +++ b/hosts/tankstelle/networking.nix @@ -35,7 +35,4 @@ ]; }; }; - - # TODO: ssh via wireguard only - services.openssh.openFirewall = true; } diff --git a/hosts/tankstelle/wireguard.nix b/hosts/tankstelle/wireguard.nix index d8979eba..ceb430b1 100644 --- a/hosts/tankstelle/wireguard.nix +++ b/hosts/tankstelle/wireguard.nix @@ -41,14 +41,14 @@ }; }; - #services.openssh.listenAddresses = [ - # { - # addr = "10.7.6.4"; - # port = 22; - # } - # { - # addr = "[fd00:fae:fae:fae:fae:4::]"; - # port = 22; - # } - #]; + services.openssh.listenAddresses = [ + { + addr = "10.7.6.4"; + port = 22; + } + { + addr = "[fd00:fae:fae:fae:fae:4::]"; + port = 22; + } + ]; } diff --git a/modules/loki/default.nix b/modules/loki/default.nix index bd28afe8..0c3ea193 100644 --- a/modules/loki/default.nix +++ b/modules/loki/default.nix @@ -33,9 +33,36 @@ }; }; }; + ingester = { + chunk_encoding = "snappy"; + chunk_idle_period = "1h"; + }; + query_range = { + results_cache = { + cache = { + embedded_cache = { + enabled = true; + max_size_mb = 500; + }; + }; + }; + }; + chunk_store_config = { + max_look_back_period = "0s"; + chunk_cache_config = { + embedded_cache = { + enabled = true; + max_size_mb = 500; + ttl = "24h"; + }; + }; + }; # Keep logs for 4 weeks # https://grafana.com/docs/loki/latest/operations/storage/retention/ - limits_config.retention_period = "4w"; + limits_config = { + retention_period = "4w"; + split_queries_by_interval = "0"; + }; compactor = { shared_store = "filesystem"; compaction_interval = "10m"; diff --git a/modules/nextcloud/default.nix b/modules/nextcloud/default.nix index 64f194a6..dba197c3 100644 --- a/modules/nextcloud/default.nix +++ b/modules/nextcloud/default.nix @@ -61,10 +61,10 @@ mail_smtpauthtype = "PLAIN"; mail_domain = "pub.solar"; mail_smtpname = "admins@pub.solar"; - mail_smtpsecure = "tls"; - mail_smtpauth = 1; + mail_smtpsecure = "ssl"; + mail_smtpauth = true; mail_smtphost = "mail.pub.solar"; - mail_smtpport = "587"; + mail_smtpport = "465"; # This is to allow connections to collabora and keycloak, among other services # running on the same host diff --git a/overlays/default.nix b/overlays/default.nix index 5807ce88..d137603e 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -13,6 +13,7 @@ in { forgejo-runner = unstable.forgejo-runner; + prometheus-node-exporter = unstable.prometheus-node-exporter; element-themes = prev.callPackage ./pkgs/element-themes { inherit (inputs) element-themes; }; element-stickerpicker = prev.callPackage ./pkgs/element-stickerpicker { inherit (inputs) element-stickers maunium-stickerpicker;