Compare commits
No commits in common. "main" and "dathomir-update" have entirely different histories.
main
...
dathomir-u
|
@ -369,7 +369,7 @@ var config = {
|
||||||
// Message to show the users. Example: 'The service will be down for
|
// Message to show the users. Example: 'The service will be down for
|
||||||
// maintenance at 01:00 AM GMT,
|
// maintenance at 01:00 AM GMT,
|
||||||
// Does only support plaintext. No line skip.
|
// Does only support plaintext. No line skip.
|
||||||
noticeMessage: "Suite à une utilisation contraire à nos CGU, Deuxfleurs surveille activement cette instance Jitsi et enverra tout contenu illégal à la police. Pour toute question, commentaire ou suggestion, contactez moderation@deuxfleurs.fr . Following usage breaching our TOS, Deuxfleurs actively monitors this Jitsi instance and will send any illegal behavior to the Police. For any question, remark or suggestion, reach moderation@deuxfleurs.fr",
|
// noticeMessage: "Suite à une utilisation contraire à nos CGU, Deuxfleurs surveille activement cette instance Jitsi et enverra tout contenu illégal à la police. Pour toute question, commentaire ou suggestion, contactez moderation@deuxfleurs.fr . Following usage breaching our TOS, Deuxfleurs actively monitors this Jitsi instance and will send any illegal behavior to the Police. For any question, remark or suggestion, reach moderation@deuxfleurs.fr",
|
||||||
|
|
||||||
// Enables calendar integration, depends on googleApiApplicationClientID
|
// Enables calendar integration, depends on googleApiApplicationClientID
|
||||||
// and microsoftApiApplicationClientID
|
// and microsoftApiApplicationClientID
|
||||||
|
|
|
@ -81,12 +81,6 @@ http {
|
||||||
alias /srv/jitsi-meet/$1/$2;
|
alias /srv/jitsi-meet/$1/$2;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Disallow robots indexation
|
|
||||||
location = /robots.txt {
|
|
||||||
add_header Content-Type text/plain;
|
|
||||||
return 200 "User-agent: *\nDisallow: /\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
# not used yet VVV
|
# not used yet VVV
|
||||||
# colibri (JVB) websockets
|
# colibri (JVB) websockets
|
||||||
#location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) {
|
#location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) {
|
||||||
|
@ -98,12 +92,12 @@ http {
|
||||||
#}
|
#}
|
||||||
|
|
||||||
|
|
||||||
location ~* {{ key "secrets/jitsi/blacklist_regex" }} {
|
location ~ "2daut2wank2|2duat2wank|2duat2wank0|2duat2wank1|2duat2wank2|2duat2wank3|2duatr2wank|2duatr2wank0|2duatr2wank1|2duatr2wank2|2wank2daut2|daut1|duat2wank|duat2wank2|duatr2wank2|prettypanties|slutgfs|wabk2daugther|wank2daugther|wank2daut|wank2daut2|wank2daut3|wankwatch" {
|
||||||
return 302 https://www.service-public.fr/particuliers/vosdroits/R17674;
|
return 302 https://www.service-public.fr/particuliers/vosdroits/R17674;
|
||||||
}
|
}
|
||||||
|
|
||||||
location = /http-bind {
|
location = /http-bind {
|
||||||
if ($args ~* {{ key "secrets/jitsi/blacklist_regex" }}) {
|
if ($args ~ "2daut2wank2|2duat2wank|2duat2wank0|2duat2wank1|2duat2wank2|2duat2wank3|2duatr2wank|2duatr2wank0|2duatr2wank1|2duatr2wank2|2wank2daut2|daut1|duat2wank|duat2wank2|duatr2wank2|prettypanties|slutgfs|wabk2daugther|wank2daugther|wank2daut|wank2daut2|wank2daut3|wankwatch") {
|
||||||
return 403 'forbidden';
|
return 403 'forbidden';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -78,23 +78,6 @@ SystemMaxUse=1G
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
services.openssh.settings.PasswordAuthentication = false;
|
services.openssh.settings.PasswordAuthentication = false;
|
||||||
|
|
||||||
# FIXME: Temporary patch for OpenSSH (CVE-2024-6387)
|
|
||||||
# Patches from backport PR: https://github.com/NixOS/nixpkgs/pull/323765
|
|
||||||
programs.ssh.package = pkgs.openssh.overrideAttrs(prev: {
|
|
||||||
patches = prev.patches ++ [
|
|
||||||
(pkgs.fetchpatch {
|
|
||||||
url = "https://raw.githubusercontent.com/emilazy/nixpkgs/c21c340818954576c6401ad460a9d42bab030bc4/pkgs/tools/networking/openssh/openssh-9.6_p1-CVE-2024-6387.patch";
|
|
||||||
hash = "sha256-B3Wz/eWSdOnrOcVzDv+QqzLGdFlb3jivQ8qZMC3d0Qw=";
|
|
||||||
})
|
|
||||||
(pkgs.fetchpatch {
|
|
||||||
url = "https://raw.githubusercontent.com/emilazy/nixpkgs/c21c340818954576c6401ad460a9d42bab030bc4/pkgs/tools/networking/openssh/openssh-9.6_p1-chaff-logic.patch";
|
|
||||||
hash = "sha256-lepBEFxKTAwg379iCD8KQCZVAzs3qNSSyUTOcartpK4=";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
doCheck = false;
|
|
||||||
});
|
|
||||||
|
|
||||||
virtualisation.docker = {
|
virtualisation.docker = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraOptions = "--config-file=${pkgs.writeText "daemon.json" (builtins.toJSON {
|
extraOptions = "--config-file=${pkgs.writeText "daemon.json" (builtins.toJSON {
|
||||||
|
|
Loading…
Reference in a new issue