From 80dfbf3d5c0d7324ee4111af5d3cac9e05a4ffa8 Mon Sep 17 00:00:00 2001 From: Inex Code Date: Sat, 27 Jul 2024 02:52:21 +0300 Subject: [PATCH] Add systemd slices to all SP modules --- sp-modules/bitwarden/module.nix | 7 +++++++ sp-modules/gitea/module.nix | 17 ++++++++++------- sp-modules/jitsi-meet/module.nix | 10 ++++++++++ sp-modules/monitoring/module.nix | 16 ++++++++++++++-- sp-modules/nextcloud/module.nix | 8 ++++++++ sp-modules/ocserv/module.nix | 8 ++++++++ sp-modules/pleroma/module.nix | 8 ++++++++ sp-modules/roundcube/module.nix | 8 ++++++++ sp-modules/simple-nixos-mailserver/config.nix | 13 +++++++++++++ 9 files changed, 86 insertions(+), 9 deletions(-) diff --git a/sp-modules/bitwarden/module.nix b/sp-modules/bitwarden/module.nix index 5f4b799..4146a27 100644 --- a/sp-modules/bitwarden/module.nix +++ b/sp-modules/bitwarden/module.nix @@ -116,5 +116,12 @@ in # NixOS upstream bug? Otherwise, backup-vaultwarden cannot find sqlite DB. systemd.services.backup-vaultwarden.unitConfig.ConditionPathExists = "/var/lib/bitwarden_rs/db.sqlite3"; + + systemd = { + services.vaultwarden.serviceConfig.Slice = "bitwarden.slice"; + slices.bitwarden = { + description = "Bitwarden service slice"; + }; + }; }; } diff --git a/sp-modules/gitea/module.nix b/sp-modules/gitea/module.nix index 7f08864..d854127 100644 --- a/sp-modules/gitea/module.nix +++ b/sp-modules/gitea/module.nix @@ -146,14 +146,17 @@ in }; }; }; - systemd.services.forgejo = { - unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/gitea"; - serviceConfig = { - Slice = "gitea.slice"; + systemd = { + services.forgejo = { + unitConfig.RequiresMountsFor = lib.mkIf sp.useBinds "/volumes/${cfg.location}/gitea"; + serviceConfig = { + Slice = "gitea.slice"; + }; + }; + slices.gitea = { + description = "Forgejo service slice"; }; }; - systemd.slices.gitea = { - description = "Forgejo service slice"; - }; + }; } diff --git a/sp-modules/jitsi-meet/module.nix b/sp-modules/jitsi-meet/module.nix index 3dae656..2954226 100644 --- a/sp-modules/jitsi-meet/module.nix +++ b/sp-modules/jitsi-meet/module.nix @@ -40,5 +40,15 @@ in useACMEHost = domain; enableACME = false; }; + systemd = { + services = { + jicofo.serviceConfig.Slice = "jitsi-meet.slice"; + jitsi-videobridge2.serviceConfig.Slice = "jitsi-meet.slice"; + prosody.serviceConfig.Slice = "jitsi-meet.slice"; + }; + slices.jitsi-meet = { + description = "Jitsi Meet service slice"; + }; + }; }; } diff --git a/sp-modules/monitoring/module.nix b/sp-modules/monitoring/module.nix index 5c06e2a..5981af7 100644 --- a/sp-modules/monitoring/module.nix +++ b/sp-modules/monitoring/module.nix @@ -1,6 +1,8 @@ -{config, lib, ...}: let +{ config, lib, ... }: +let cfg = config.selfprivacy.modules.monitoring; -in { +in +{ options.selfprivacy.modules.monitoring = { enable = lib.mkOption { default = false; @@ -54,5 +56,15 @@ in { } ]; }; + systemd = { + services = { + prometheus.serviceConfig.Slice = "monitoring.slice"; + prometheus-node-exporter.serviceConfig.Slice = "monitoring.slice"; + cadvisor.serviceConfig.Slice = "monitoring.slice"; + }; + slices.monitoring = { + description = "Monitoring service slice"; + }; + }; }; } diff --git a/sp-modules/nextcloud/module.nix b/sp-modules/nextcloud/module.nix index b0f1a12..dad5087 100644 --- a/sp-modules/nextcloud/module.nix +++ b/sp-modules/nextcloud/module.nix @@ -83,5 +83,13 @@ useACMEHost = sp.domain; forceSSL = true; }; + systemd = { + services = { + phpfpm-nextcloud.serviceConfig.Slice = "nextcloud.slice"; + }; + slices.nextcloud = { + description = "Nextcloud service slice"; + }; + }; }; } diff --git a/sp-modules/ocserv/module.nix b/sp-modules/ocserv/module.nix index b7ebd6b..f8da4a6 100644 --- a/sp-modules/ocserv/module.nix +++ b/sp-modules/ocserv/module.nix @@ -76,5 +76,13 @@ in ''; }; systemd.services.ocserv.unitConfig.ConditionPathExists = [ cert key ]; + systemd = { + services = { + ocserv.serviceConfig.Slice = "ocserv.slice"; + }; + slices.ocserv = { + description = "ocserv service slice"; + }; + }; }; } diff --git a/sp-modules/pleroma/module.nix b/sp-modules/pleroma/module.nix index 97cda59..172aa31 100644 --- a/sp-modules/pleroma/module.nix +++ b/sp-modules/pleroma/module.nix @@ -126,5 +126,13 @@ in }; }; }; + systemd = { + services = { + pleroma.serviceConfig.Slice = "pleroma.slice"; + }; + slices.pleroma = { + description = "Pleroma service slice"; + }; + }; }; } diff --git a/sp-modules/roundcube/module.nix b/sp-modules/roundcube/module.nix index 01b6566..d01038e 100644 --- a/sp-modules/roundcube/module.nix +++ b/sp-modules/roundcube/module.nix @@ -35,5 +35,13 @@ in useACMEHost = domain; enableACME = false; }; + systemd = { + services = { + phpfpm-roundcube.serviceConfig.Slice = "roundcube.slice"; + }; + slices.roundcube = { + description = "Roundcube service slice"; + }; + }; }; } diff --git a/sp-modules/simple-nixos-mailserver/config.nix b/sp-modules/simple-nixos-mailserver/config.nix index 81d847f..80bcbe8 100644 --- a/sp-modules/simple-nixos-mailserver/config.nix +++ b/sp-modules/simple-nixos-mailserver/config.nix @@ -89,4 +89,17 @@ lib.mkIf sp.modules.simple-nixos-mailserver.enable virusScanning = false; }; + + systemd = { + services = { + dovecot2.serviceConfig.Slice = "simple-nixos-mailserver.slice"; + postfix.serviceConfig.Slice = "simple-nixos-mailserver.slice"; + rspamd.serviceConfig.Slice = "simple-nixos-mailserver.slice"; + redis-rspamd.serviceConfig.Slice = "simple-nixos-mailserver.slice"; + opendkim.serviceConfig.Slice = "simple-nixos-mailserver.slice"; + }; + slices.simple-nixos-mailserver = { + description = "Simple NixOS Mailserver service slice"; + }; + }; }