adjust some nginx settings

modules/packages/default.nix

@@ -56,7 +56,7 @@ inputs:
 					# encryption and authentication
 					apacheHttpd openssl ssh-to-age gnupg age sops pam_u2f
 					# networking
-					ipset iptables iproute2 dig nettools traceroute tcping-go whois tcpdump nmap
+					ipset iptables iproute2 dig nettools traceroute tcping-go whois tcpdump nmap inetutils
 					# nix tools
 					nix-output-monitor
 					# development

modules/services/default.nix

@@ -431,8 +431,8 @@ inputs:
 							Group = "v2ray";
 							CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
 							AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
-							LimitNPROC = 10000;
-							LimitNOFILE = 1000000;
+							LimitNPROC = 65536;
+							LimitNOFILE = 524288;
 						};
 						restartTriggers = [ inputs.config.sops.templates."xray-client.json".file ];
 					};
@@ -803,6 +803,11 @@ inputs:
 						nginx =
 						{
 							enable = true;
+							eventsConfig = stripeTabs
+							''
+								worker_connections 524288;
+								use epoll;
+							'';
 							streamConfig = stripeTabs
 							''
 								geoip2 ${inputs.config.services.geoipupdate.settings.DatabaseDirectory}/GeoLite2-Country.mmdb
@@ -929,7 +934,7 @@ inputs:
 									)
 									+ concatStringsSep "\n" (map
 											(port: ''${ipset} add nginx_proxy_port ${toString port}'')
-											((attrValues services.nginx.transparentProxy.map) ++ [ 443 ]) )
+											((attrValues services.nginx.transparentProxy.map) ++ [ 443 3065 ]) )
 								);
 								stop = inputs.pkgs.writeShellScript "nginx-proxy.stop" (stripeTabs
 								''