summaryrefslogtreecommitdiffstats
path: root/lass/1systems/mors/config.nix
diff options
context:
space:
mode:
authorjeschli <jeschli@gmail.com>2019-04-23 20:15:10 +0200
committerjeschli <jeschli@gmail.com>2019-04-23 20:15:10 +0200
commit35fdfbe5ccb3b5844b62ac2486352107484e75d4 (patch)
tree561ff21ae90ce6826ab3d74ebd9f27dee7054a0d /lass/1systems/mors/config.nix
parenta4be985644762dcc2750a366db5780687690ef7d (diff)
parentcd825d99342050bae35d5373e927ca999bae82cf (diff)
Merge branch 'master' of prism.r:stockholm
Diffstat (limited to 'lass/1systems/mors/config.nix')
-rw-r--r--lass/1systems/mors/config.nix36
1 files changed, 25 insertions, 11 deletions
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 250d96e53..f911b79d6 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -26,6 +26,8 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/syncthing.nix>
<stockholm/lass/2configs/otp-ssh.nix>
<stockholm/lass/2configs/c-base.nix>
+ <stockholm/lass/2configs/sync/decsync.nix>
+ <stockholm/lass/2configs/sync/weechat.nix>
<stockholm/lass/2configs/br.nix>
<stockholm/lass/2configs/ableton.nix>
<stockholm/lass/2configs/starcraft.nix>
@@ -36,27 +38,26 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/blue-host.nix>
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/nfs-dl.nix>
- <stockholm/lass/2configs/hardening.nix>
+ #<stockholm/lass/2configs/hardening.nix>
{
krebs.iptables.tables.filter.INPUT.rules = [
#risk of rain
{ predicate = "-p tcp --dport 11100"; target = "ACCEPT"; }
- #chromecast
- { predicate = "-p udp -m multiport --sports 32768:61000 -m multiport --dports 32768:61000"; target = "ACCEPT"; }
#quake3
{ predicate = "-p tcp --dport 27950:27965"; target = "ACCEPT"; }
{ predicate = "-p udp --dport 27950:27965"; target = "ACCEPT"; }
];
}
{
- krebs.syncthing.folders = [
- { id = "contacts"; path = "/home/lass/contacts"; peers = [ "mors" "blue" "green" "phone" ]; }
- { id = "the_playlist"; path = "/home/lass/tmp/the_playlist"; peers = [ "mors" "phone" ]; }
- ];
- lass.ensure-permissions = [
- { folder = "/home/lass/contacts"; owner = "lass"; group = "syncthing"; }
- { folder = "/home/lass/tmp/the_playlist"; owner = "lass"; group = "syncthing"; }
- ];
+ krebs.syncthing.folders."the_playlist" = {
+ path = "/home/lass/tmp/the_playlist";
+ peers = [ "mors" "phone" "prism" ];
+ };
+ krebs.permown."/home/lass/tmp/the_playlist" = {
+ owner = "lass";
+ group = "syncthing";
+ umask = "0007";
+ };
}
{
lass.umts = {
@@ -92,6 +93,7 @@ with import <stockholm/lib>;
pkgs.ovh-zone
pkgs.bank
pkgs.adb-sync
+ pkgs.transgui
];
}
{
@@ -135,6 +137,18 @@ with import <stockholm/lib>;
(pkgs.writeDashBin "btc-kraken" ''
${pkgs.curl}/bin/curl -Ss 'https://api.kraken.com/0/public/Ticker?pair=BTCEUR' | ${pkgs.jq}/bin/jq '.result.XXBTZEUR.a[0]'
'')
+ (pkgs.writeDashBin "krebsco.de" ''
+ TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
+ ${pkgs.brain}/bin/brain show krebs-secrets/ovh-secrets.json > "$TMPDIR"/ovh-secrets.json
+ OVH_ZONE_CONFIG="$TMPDIR"/ovh-secrets.json ${pkgs.krebszones}/bin/krebszones import
+ ${pkgs.coreutils}/bin/rm -rf "$TMPDIR"
+ '')
+ (pkgs.writeDashBin "lassul.us" ''
+ TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
+ ${pkgs.pass}/bin/pass show admin/ovh/api.config > "$TMPDIR"/ovh-secrets.json
+ OVH_ZONE_CONFIG="$TMPDIR"/ovh-secrets.json ${pkgs.ovh-zone}/bin/ovh-zone import /etc/zones/lassul.us lassul.us
+ ${pkgs.coreutils}/bin/rm -rf "$TMPDIR"
+ '')
];
#TODO: fix this shit