diff options
| author | tv <tv@krebsco.de> | 2016-11-10 23:50:34 +0100 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2016-11-10 23:50:34 +0100 |
| commit | f458fd8be96e39b2ba6cf15f0ee48b38f294044c (patch) | |
| tree | dcb066f8482134bcc8cdb81d13c5f9798b0b5ff4 | |
| parent | 2adac450ac1f613acd81069895448623a4c8937b (diff) | |
cd: drop stuff now done by ni
| -rw-r--r-- | krebs/3modules/tv/default.nix | 10 | ||||
| -rw-r--r-- | tv/1systems/cd.nix | 58 |
2 files changed, 2 insertions, 66 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index ca8e577d..8e266e1b 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -78,11 +78,7 @@ with import <stockholm/lib>; extraZones = { # TODO generate krebsco.de zone from nets and don't use extraZones at all "krebsco.de" = '' - krebsco.de. 60 IN MX 5 mx23 - mx23 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} - cgit 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} - cgit.cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} ''; }; nets = { @@ -90,11 +86,7 @@ with import <stockholm/lib>; ip4.addr = "45.62.237.203"; aliases = [ "cd.i" - "cd.internet" "cd.krebsco.de" - "cgit.cd.krebsco.de" - "cd.viljetic.de" - "cgit.cd.viljetic.de" ]; ssh.port = 11423; }; @@ -221,7 +213,9 @@ with import <stockholm/lib>; ni = { extraZones = { "krebsco.de" = '' + krebsco.de. 60 IN MX 5 ni ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} + cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} ''; }; diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 043e9151..03a5e58d 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -10,9 +10,7 @@ with import <stockholm/lib>; ../2configs/hw/CAC-Developer-2.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix - ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/urlwatch.nix { tv.charybdis = { enable = true; @@ -33,62 +31,6 @@ with import <stockholm/lib>; "xmpp-server" ]; } - { - krebs.github-hosts-sync.enable = true; - tv.iptables.input-internet-accept-tcp = - singleton config.krebs.github-hosts-sync.port; - } - { - krebs.nginx.servers.cgit.server-names = [ - "cgit.cd.krebsco.de" - "cgit.cd.viljetic.de" - ]; - # TODO make public_html also available to cd, cd.retiolum (AKA default) - krebs.nginx.servers."https://viljetic.de" = { - server-names = singleton "viljetic.de"; - listen = mkForce []; # disable default - ssl = { - enable = true; - certificate = "/var/lib/acme/viljetic.de/fullchain.pem"; - certificate_key = "/var/lib/acme/viljetic.de/key.pem"; - }; - locations = [ - (nameValuePair "/" '' - root ${pkgs.viljetic-pages}; - '') - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; - }; - krebs.nginx.servers."http://viljetic.de" = { - server-names = singleton "viljetic.de"; - locations = [ - (nameValuePair "/.well-known/acme-challenge/" '' - root /var/lib/acme/challenges/viljetic.de/; - '') - (nameValuePair "/" '' - return 301 https://viljetic.de$request_uri; - '') - ]; - }; - security.acme = { - certs."viljetic.de" = { - email = "tomislav@viljetic.de"; - webroot = "/var/lib/acme/challenges/viljetic.de"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - ]; - user = "nginx"; - }; - }; - tv.iptables.input-internet-accept-tcp = [ - "http" - "https" - ]; - } ]; networking = { |