From 2c1316a0a6598dd10f8108b099e8eec8cddfadd5 Mon Sep 17 00:00:00 2001 From: Katharina Heidenreich Date: Sat, 4 Apr 2026 18:11:22 +0200 Subject: [PATCH] feat: add memory limit --- config/services.nix | 7 ++--- services/continuwuity.nix | 15 ++++----- validation/service/continuwuity.nix | 49 ++++++++++++++++++++++++----- 3 files changed, 53 insertions(+), 18 deletions(-) diff --git a/config/services.nix b/config/services.nix index d037e6b..9fcdb35 100644 --- a/config/services.nix +++ b/config/services.nix @@ -5,6 +5,9 @@ in rec { continuwuity = { port = 6167; + server_name = "nudelerde.de"; + trusted_servers = [ "matrix.org" ]; + memory_max = "512M"; }; qbittorrent = { @@ -25,10 +28,6 @@ rec { ]; }; - matrix = { - trusted_servers = [ "matrix.org" ]; - }; - vikunja = { port = 8081; }; diff --git a/services/continuwuity.nix b/services/continuwuity.nix index 2b07d7b..19ab9f6 100644 --- a/services/continuwuity.nix +++ b/services/continuwuity.nix @@ -1,17 +1,13 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: let - net = import ../config/network.nix; serv = import ../config/services.nix; serviceValidation = import ../validation/service/continuwuity.nix; - serverName = - if net ? devices && builtins.isAttrs net.devices && net.devices ? remote_proxy && net.devices.remote_proxy ? domain && builtins.isString net.devices.remote_proxy.domain then - net.devices.remote_proxy.domain - else - throw "config/network.nix must define devices.remote_proxy.domain as string for continuwuity."; + serverName = serviceValidation.getServerName serv; trustedServers = serviceValidation.getTrustedServers serv; + memoryMax = serviceValidation.getMemoryMax serv; in { services.matrix-continuwuity = { @@ -27,4 +23,9 @@ in }; }; }; + + systemd.services.matrix-continuwuity.serviceConfig = + lib.optionalAttrs (memoryMax != null) { + MemoryMax = memoryMax; + }; } diff --git a/validation/service/continuwuity.nix b/validation/service/continuwuity.nix index 4e9dc64..d428002 100644 --- a/validation/service/continuwuity.nix +++ b/validation/service/continuwuity.nix @@ -2,19 +2,54 @@ let common = import ./common.nix; in rec { + getServerName = serviceData: + let + continuwuity = + if serviceData ? continuwuity then + common.ensureAttrset "config/services.nix continuwuity" serviceData.continuwuity + else + throw "config/services.nix must define continuwuity attrset."; + + serverName = + if continuwuity ? server_name then + common.ensureString "config/services.nix continuwuity.server_name" continuwuity.server_name + else + throw "config/services.nix continuwuity.server_name must exist."; + in + if serverName != "" then + serverName + else + throw "config/services.nix continuwuity.server_name must be a non-empty string."; + getTrustedServers = serviceData: let - matrix = - if serviceData ? matrix then - common.ensureAttrset "config/services.nix matrix" serviceData.matrix + continuwuity = + if serviceData ? continuwuity then + common.ensureAttrset "config/services.nix continuwuity" serviceData.continuwuity else - throw "config/services.nix must define matrix attrset."; + throw "config/services.nix must define continuwuity attrset."; trustedServers = - if matrix ? trusted_servers then - common.ensureList "config/services.nix matrix.trusted_servers" matrix.trusted_servers + if continuwuity ? trusted_servers then + common.ensureList "config/services.nix continuwuity.trusted_servers" continuwuity.trusted_servers else - throw "config/services.nix matrix.trusted_servers must exist."; + throw "config/services.nix continuwuity.trusted_servers must exist."; in trustedServers; + + getMemoryMax = serviceData: + let + continuwuity = + if serviceData ? continuwuity then + common.ensureAttrset "config/services.nix continuwuity" serviceData.continuwuity + else + throw "config/services.nix must define continuwuity attrset."; + in + if !(continuwuity ? memory_max) then + null + else + let + value = common.ensureString "config/services.nix continuwuity.memory_max" continuwuity.memory_max; + in + if value != "" then value else throw "config/services.nix continuwuity.memory_max must be a non-empty string when provided."; } \ No newline at end of file