From 767d6c9a51198ff90db621c395bb1f0409d56e9d Mon Sep 17 00:00:00 2001
From: Emelie Graven <emelie@graven.dev>
Date: Fri, 10 Dec 2021 08:32:49 +0100
Subject: [PATCH] Increase nginx and synapse file size limit

---
 .gitignore                                       |   3 ++-
 unstable/config/common/services/nginx.nix        |   3 +++
 .../config/hosts/grondahl/services/synapse.nix   |   2 +-
 unstable/config/sources/nix/sources.json         |  14 +++++++-------
 unstable/zrsognwguwinm39ineqguchhtghs5w9y        | Bin 1698 -> 0 bytes
 5 files changed, 13 insertions(+), 9 deletions(-)
 delete mode 100644 unstable/zrsognwguwinm39ineqguchhtghs5w9y

diff --git a/.gitignore b/.gitignore
index c4a847d..6609c3b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
-/result
+/unstable/result
+/stable/result
diff --git a/unstable/config/common/services/nginx.nix b/unstable/config/common/services/nginx.nix
index 89a13a4..4c1478d 100644
--- a/unstable/config/common/services/nginx.nix
+++ b/unstable/config/common/services/nginx.nix
@@ -9,6 +9,9 @@
     recommendedProxySettings = true;
     recommendedTlsSettings = true;
 
+		# 100 MB max upload
+		clientMaxBodySize = "100m";
+
     # Only allow PFS-enabled ciphers with AES256
     sslCiphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
 
diff --git a/unstable/config/hosts/grondahl/services/synapse.nix b/unstable/config/hosts/grondahl/services/synapse.nix
index 8e96cb5..9d0c32e 100644
--- a/unstable/config/hosts/grondahl/services/synapse.nix
+++ b/unstable/config/hosts/grondahl/services/synapse.nix
@@ -7,7 +7,7 @@
     enable_registration = false;
     registration_shared_secret = builtins.toString config.secrets.files.synapse_registration_shared_secret.file;
     turn_shared_secret = builtins.toString config.secrets.files.turn_shared_secret.file;
-    max_upload_size = "20M";
+    max_upload_size = "100M";
     database_type = "psycopg2";
     database_user = "synapse";
     database_name = "synapse";
diff --git a/unstable/config/sources/nix/sources.json b/unstable/config/sources/nix/sources.json
index c02530c..3f85426 100644
--- a/unstable/config/sources/nix/sources.json
+++ b/unstable/config/sources/nix/sources.json
@@ -17,22 +17,22 @@
         "homepage": "",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "08cda8e3a5a4e685af525e5a589dfeb74267d505",
-        "sha256": "0bf3mbss7c3lyf5h8g1vwjbs0cg4h0c8ixbaz1kv24ahyy8n61y3",
+        "rev": "4c9f07277bd4bc29a051ff2a0ca58c6403e3881a",
+        "sha256": "0kz99f42173dh6sa7vw31vr4w348whmbv5n8yfylcjk6widhsslj",
         "type": "tarball",
-        "url": "https://github.com/NixOS/nixos-hardware/archive/08cda8e3a5a4e685af525e5a589dfeb74267d505.tar.gz",
+        "url": "https://github.com/NixOS/nixos-hardware/archive/4c9f07277bd4bc29a051ff2a0ca58c6403e3881a.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "nixpkgs": {
-        "branch": "nixos-unstable-small",
+        "branch": "21.11",
         "description": "Nix Packages collection",
         "homepage": "",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "db22325869a05e376dbab1c31ea7664dd5fcf860",
-        "sha256": "0pihqkl1c5bmb62657r38irvacav51ab0r4vfa2wn027ch1ry29m",
+        "rev": "a7ecde854aee5c4c7cd6177f54a99d2c1ff28a31",
+        "sha256": "162dywda2dvfj1248afxc45kcrg83appjd0nmdb541hl7rnncf02",
         "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/db22325869a05e376dbab1c31ea7664dd5fcf860.tar.gz",
+        "url": "https://github.com/NixOS/nixpkgs/archive/a7ecde854aee5c4c7cd6177f54a99d2c1ff28a31.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "nixus": {
diff --git a/unstable/zrsognwguwinm39ineqguchhtghs5w9y b/unstable/zrsognwguwinm39ineqguchhtghs5w9y
deleted file mode 100644
index fc57b3400ac550619e2a9f5563322da90476b234..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1698
zcmbPX%#s**+)j*Bn~jl$@s>M3BO|**%hXcUD|1)K&6=ckX6IFjrX!l4d*_P0VPE1L
zc42Z;ZP^w@*WA>c%v1&UqQtV)JO!InFxMd+%+*UtEwk&G%pxqt#bC`O&CJTp$-&Od
zD$2#l!Obeh#LURRB*(}k-XNyPB6c~i`u7Gl$KBt;edoU3n*U5-*F{z)po11LNis5U
zaSFf$U4Jt&T$k&9`q?z<ga!M<-X#v#bTsy{{?Kn1<$qsV5>WVfiV4GiU#alstl3H{
z^QEesF7@vI%>S9!rRsZ{rE_WaYmW{)zD`DC76C>M23erhe!Elk7V>7AEI-Q3B_jWR
zu~MG-bfDF<8fJm)g^3jHW&a=Q%6#+4sR<JQX3n>3O_?t=r{<ymEW3cM30i-RrPR3F
zy>}n4kx>nJt#dJA=ik@bK4+#s5;?JRTc2}MB9ltJrNgXw&7Bs(haVifG3!W$y>m;t
z$|8?EZ6T5K4?cNkdWJo4`W_dw{K3T))i-xrrV0J*`LX@S`Tqay>Bs)g5aC(+VomqT
z?!Kx>+c)yOvoj+XG^KnJ3^K1#yJ$97e)rL@3upR#>E`K*6%-fTRby;3x9&RIwxGyr
z#z%8E+6zxxdiuWF>Rl_vsxy)+nzyBzzFL*-VE3l(?{1%UHv(fj7=^Fxedcv6c&$$4
zN6(Khk4L)t<T9^YUh8|_qUL0l9;;0QpHj)xEed#JyExUZV*)s`E%3!?4W5*M9Mh-L
z82-CdPEt@h_C?T+ZDAl|sMwVFO*u+3mC<i%j;vW0d32Q^!~cl4i?pxA|1F-i%vjXr
zySl6fPvbdpk5p#XjsMH%26gZg71MK(W4d`0`#%G|kG1SIZHpJipJ(<g)LeLP5|`o4
z3;X|dv0P-G@cmrDLZOXZQzAv=mlZ#}oAl}4#Lcg5A5G{tIA(dw{JFuQRdHJSO+Qp*
zB@zV1PcF?%*&^{X&Zud<W_R_(n_}W84tTik?QvwfC#K>1<l>Q;EEz%x{<k(d<tYd4
zZhE~f!i{-D`NH|SznV3j+rxQTBYmTflwA%MIP>Tu>$}WdIT~!OjW5@{UU_1N?aS(I
zuhvZZ{qTHz?12;g8<!hBo~?8$?o`&sXRF?7U)y_OV_2tcP4?C5zJ)5)+qyp1om5=g
z%GcU+`uL>pTiv>k=)N~9sa<yFezdf$T-8Dyp85ByCvMZ5()w!(-wse=aDo%HFj)3c
z)4JwQvZvamX{X+vylS-lr$NlG{jtgyOiz5uv^rzo@t#Ejn9~*TME(g*CTS*yMnrZl
zQ(%z<>H+1$N@2&%8&55JusX>$;Gm##QSR>0g`gtf1ScqVU?R6JG5i(VD(GkS+5GZW
zk2?w4$K-+vsyi0n6TgtyQ@YoCfBYwNhX3As<Bn;@C`l}oo3wPvm!s?VcQ47j9`)sJ
z^3PZ6&h0<J(7?*baBtbKmelTpH^diA>GaBeGh@SxcW1mBmw$_IS!=LZ=gv<?hSnJ^
zr?0gymll;cE$})c-FeXgMUh<Y%Dd%@*It>jc_-@*3s5NO3vq#q%;}+wte`UUr&`KZ
zoodYu=F`^(O?dEX!#a-~@yU@v9uGun<Lg%U7&0?*uy@pfgGvowQ0X&C^RRL<y!B&1
z&K2&Wj0_(IHL4;G@hQ)F-&P@@^y!1?hZUEfO=3KMVb+6R?3bHYFf!cl=AC8#dCR6}
zS@p&jj|nYF;`UFp%etQR=SBAsUx6DukoXNljo*j8dwu5W&A(7-=>I0hTKz%xD!EH7
zTlb}=vc#`H7Fd`<jHAPtq!ln7Eu+ZDusH9p=Hso;?^I?4AKr8M%&~)&`Q{%lt>3PH
uUBG+e<0NxNhEI>I>sooLG}q~>-B+y4I1*ClE-kh}<oBJQNpg3xikSheGS!g)