From 3e2e11bb334baf060c36f4c7373286aeb56ba780 Mon Sep 17 00:00:00 2001 From: muon Date: Thu, 1 Jan 2026 16:00:16 +0000 Subject: [PATCH 1/2] Update transmission --- modules/nixos/server/audio.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/nixos/server/audio.nix b/modules/nixos/server/audio.nix index 8b1af15..7cb6714 100644 --- a/modules/nixos/server/audio.nix +++ b/modules/nixos/server/audio.nix @@ -40,6 +40,7 @@ in with lib; { openFirewall = true; openRPCPort = true; port = arr.torrent.port; + package = pkgs.transmission_4; settings = { download-dir = "/storage1/download"; rpc-port = arr.torrent.port; From 1aec25fdaad55c79f50149e2c4cd4f7fe52b2065 Mon Sep 17 00:00:00 2001 From: muon Date: Thu, 1 Jan 2026 16:39:28 +0000 Subject: [PATCH 2/2] Update nginx --- modules/nixos/server/nginx.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/nixos/server/nginx.nix b/modules/nixos/server/nginx.nix index fafb4df..c307231 100644 --- a/modules/nixos/server/nginx.nix +++ b/modules/nixos/server/nginx.nix @@ -82,7 +82,7 @@ in add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; - add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always; + add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self'; script-src 'self'; object-src 'none'; base-uri 'none';"; always; add_header Permissions-Policy "interest-cohort=()" always; # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; ''; @@ -99,6 +99,14 @@ in "/" = { proxyPass = "http://${cfg.ip}:${toString port}/"; proxyWebsockets = true; + extraConfig = + # sh + '' + client_max_body_size 50000M; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + send_timeout 600s; + ''; }; }; in