diff options
Diffstat (limited to 'lass/2configs/default.nix')
| -rw-r--r-- | lass/2configs/default.nix | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index dea32d4d..972b4760 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -2,15 +2,16 @@ with import <stockholm/lib>; { config, pkgs, ... }: { imports = [ + <stockholm/krebs/2configs/nscd-fix.nix> ./binary-cache/client.nix + ./backup.nix ./gc.nix ./mc.nix ./vim.nix - ./monitoring/node-exporter.nix ./zsh.nix ./htop.nix ./security-workarounds.nix - ./wirelum.nix + ./wiregrill.nix { users.extraUsers = mapAttrs (_: h: { hashedPassword = h; }) @@ -41,8 +42,6 @@ with import <stockholm/lib>; openssh.authorizedKeys.keys = [ config.krebs.users.lass-mors.pubkey config.krebs.users.lass-blue.pubkey - config.krebs.users.lass-shodan.pubkey - config.krebs.users.lass-icarus.pubkey ]; }; }; @@ -72,7 +71,6 @@ with import <stockholm/lib>; krebs = { enable = true; - search-domain = "r"; build.user = config.krebs.users.lass; }; @@ -82,9 +80,6 @@ with import <stockholm/lib>; services.timesyncd.enable = mkForce true; - #why is this on in the first place? - services.nscd.enable = false; - systemd.tmpfiles.rules = [ "d /tmp 1777 root root - -" ]; @@ -116,6 +111,7 @@ with import <stockholm/lib>; #network iptables iftop + tcpdump #stuff for dl aria2 @@ -213,6 +209,7 @@ with import <stockholm/lib>; { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } { predicate = "-i retiolum -p udp -m udp --dport 53"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 19999"; target = "ACCEPT"; } ]; }; }; @@ -220,4 +217,7 @@ with import <stockholm/lib>; networking.dhcpcd.extraConfig = '' noipv4ll ''; + services.netdata = { + enable = true; + }; } |