33 lines
597 B
Nix
33 lines
597 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
{
|
|
# memory allocator
|
|
# BREAKS REDIS-IMMICH
|
|
# environment.memoryAllocator.provider = "graphene-hardened";
|
|
|
|
# disable coredumps
|
|
systemd.coredump.enable = false;
|
|
|
|
services = {
|
|
dbus.implementation = "broker";
|
|
/*
|
|
logrotate.enable = true;
|
|
journald = {
|
|
storage = "volatile"; # Store logs in memory
|
|
upload.enable = false; # Disable remote log upload (the default)
|
|
extraConfig = ''
|
|
SystemMaxUse=500M
|
|
SystemMaxFileSize=50M
|
|
'';
|
|
};
|
|
*/
|
|
};
|
|
|
|
services.fail2ban.enable = true;
|
|
}
|