diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-16 08:29:42 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-16 08:29:42 +0100 |
commit | 53f2a6631fd77163a6bbbdae3f9c0c43e17157bf (patch) | |
tree | a258cc1ac35ae61d8eceb794d4105c9631bef8b0 /accounts/gkleen@sif/systemd.nix | |
parent | 983cf94ecabd8fe3ab84e39e010345db369480ff (diff) | |
download | nixos-53f2a6631fd77163a6bbbdae3f9c0c43e17157bf.tar nixos-53f2a6631fd77163a6bbbdae3f9c0c43e17157bf.tar.gz nixos-53f2a6631fd77163a6bbbdae3f9c0c43e17157bf.tar.bz2 nixos-53f2a6631fd77163a6bbbdae3f9c0c43e17157bf.tar.xz nixos-53f2a6631fd77163a6bbbdae3f9c0c43e17157bf.zip |
gkleen@sif: better rate limit ssh
Diffstat (limited to 'accounts/gkleen@sif/systemd.nix')
-rw-r--r-- | accounts/gkleen@sif/systemd.nix | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix index c8eda9d0..a32e61b2 100644 --- a/accounts/gkleen@sif/systemd.nix +++ b/accounts/gkleen@sif/systemd.nix | |||
@@ -24,7 +24,7 @@ let | |||
24 | pid=$! | 24 | pid=$! |
25 | 25 | ||
26 | newpid="" | 26 | newpid="" |
27 | i=100 | 27 | i=200 |
28 | while ! newpid=$(${pkgs.lsof}/bin/lsof -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do | 28 | while ! newpid=$(${pkgs.lsof}/bin/lsof -Pi @localhost:"''${port}" -sTCP:LISTEN -t); do |
29 | if ! kill -0 "''${pid}"; then | 29 | if ! kill -0 "''${pid}"; then |
30 | wait "''${pid}" | 30 | wait "''${pid}" |
@@ -80,14 +80,14 @@ in { | |||
80 | NotifyAccess = "all"; | 80 | NotifyAccess = "all"; |
81 | WorkingDirectory = "~"; | 81 | WorkingDirectory = "~"; |
82 | Restart = "always"; | 82 | Restart = "always"; |
83 | RestartSec = "2s"; | 83 | RestartSec = "23s"; |
84 | ExecStart = "${autossh-socks-script} \"%I\""; | 84 | ExecStart = "${autossh-socks-script} \"%I\""; |
85 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0g.math.lmu.de" ]; | 85 | Environment = [ "SSHPASS_SECRET=gkleen@mathw0g.math.lmu.de" ]; |
86 | }; | 86 | }; |
87 | Unit = { | 87 | Unit = { |
88 | StopWhenUnneeded = true; | 88 | StopWhenUnneeded = true; |
89 | StartLimitInterval = "2s"; | 89 | StartLimitInterval = "180s"; |
90 | StartLimitBurst = 5; | 90 | StartLimitBurst = 7; |
91 | }; | 91 | }; |
92 | }; | 92 | }; |
93 | "proxy-to-autossh-socks@8118" = { | 93 | "proxy-to-autossh-socks@8118" = { |