2024-06-10 10:41:57 +00:00
6 changed files with 42 additions and 20 deletions
--- a/hosts/metronom/networking.nix
+++ b/hosts/metronom/networking.nix
@ -16,7 +16,4 @@
  networking.enableIPv6 = true;
  networking.useDHCP = false;
  networking.interfaces."enp1s0".useDHCP = true;
-
-  # TODO: ssh via wireguard only
-  services.openssh.openFirewall = true;
 }
--- a/hosts/tankstelle/networking.nix
+++ b/hosts/tankstelle/networking.nix
@ -35,7 +35,4 @@
      ];
    };
  };
-
-  # TODO: ssh via wireguard only
-  services.openssh.openFirewall = true;
 }
--- a/hosts/tankstelle/wireguard.nix
+++ b/hosts/tankstelle/wireguard.nix
@ -41,14 +41,14 @@
    };
  };

-  #services.openssh.listenAddresses = [
-  #  {
-  #    addr = "10.7.6.4";
-  #    port = 22;
-  #  }
-  #  {
-  #    addr = "[fd00:fae:fae:fae:fae:4::]";
-  #    port = 22;
-  #  }
-  #];
+  services.openssh.listenAddresses = [
+    {
+      addr = "10.7.6.4";
+      port = 22;
+    }
+    {
+      addr = "[fd00:fae:fae:fae:fae:4::]";
+      port = 22;
+    }
+  ];
 }
--- a/modules/loki/default.nix
+++ b/modules/loki/default.nix
@ -33,9 +33,36 @@
          };
        };
      };
+      ingester = {
+        chunk_encoding = "snappy";
+        chunk_idle_period = "1h";
+      };
+      query_range = {
+        results_cache = {
+          cache = {
+            embedded_cache = {
+              enabled = true;
+              max_size_mb = 500;
+            };
+          };
+        };
+      };
+      chunk_store_config = {
+        max_look_back_period = "0s";
+        chunk_cache_config = {
+          embedded_cache = {
+            enabled = true;
+            max_size_mb = 500;
+            ttl = "24h";
+          };
+        };
+      };
      # Keep logs for 4 weeks
      # https://grafana.com/docs/loki/latest/operations/storage/retention/
-      limits_config.retention_period = "4w";
+      limits_config = {
+        retention_period = "4w";
+        split_queries_by_interval = "0";
+      };
      compactor = {
        shared_store = "filesystem";
        compaction_interval = "10m";
--- a/modules/nextcloud/default.nix
+++ b/modules/nextcloud/default.nix
@ -61,10 +61,10 @@
      mail_smtpauthtype = "PLAIN";
      mail_domain = "pub.solar";
      mail_smtpname = "admins@pub.solar";
-      mail_smtpsecure = "tls";
-      mail_smtpauth = 1;
+      mail_smtpsecure = "ssl";
+      mail_smtpauth = true;
      mail_smtphost = "mail.pub.solar";
-      mail_smtpport = "587";
+      mail_smtpport = "465";

      # This is to allow connections to collabora and keycloak, among other services
      # running on the same host
--- a/overlays/default.nix
+++ b/overlays/default.nix
@ -13,6 +13,7 @@
              in
              {
                forgejo-runner = unstable.forgejo-runner;
+                prometheus-node-exporter = unstable.prometheus-node-exporter;
                element-themes = prev.callPackage ./pkgs/element-themes { inherit (inputs) element-themes; };
                element-stickerpicker = prev.callPackage ./pkgs/element-stickerpicker {
                  inherit (inputs) element-stickers maunium-stickerpicker;