From 7f53d51c0afa7cb2c98a1b21f4df6e5590ec2ce5 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 21 Aug 2018 19:45:50 +0200 Subject: j brauerei: +steam --- jeschli/1systems/brauerei/config.nix | 1 + jeschli/2configs/steam.nix | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 jeschli/2configs/steam.nix (limited to 'jeschli') diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index e200cbcd..4cd544a6 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -8,6 +8,7 @@ + ]; diff --git a/jeschli/2configs/steam.nix b/jeschli/2configs/steam.nix new file mode 100644 index 00000000..4d2d66c6 --- /dev/null +++ b/jeschli/2configs/steam.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +{ + + nixpkgs.config.steam.java = true; + environment.systemPackages = with pkgs; [ + steam + ]; + hardware.opengl.driSupport32Bit = true; + + #ports for inhome streaming + krebs.iptables = { + tables = { + filter.INPUT.rules = [ + { predicate = "-p tcp --dport 27031"; target = "ACCEPT"; } + { predicate = "-p tcp --dport 27036"; target = "ACCEPT"; } + { predicate = "-p udp --dport 27031"; target = "ACCEPT"; } + { predicate = "-p udp --dport 27036"; target = "ACCEPT"; } + ]; + }; + }; +} -- cgit v1.2.3 From 071cc0f5b109b4e17b3d6616fcc20c419ae1f7c8 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 4 Sep 2018 19:54:22 +0200 Subject: j enklave: +cgit --- jeschli/1systems/enklave/config.nix | 1 + jeschli/2configs/retiolum.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'jeschli') diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix index 470566a8..cadec3ca 100644 --- a/jeschli/1systems/enklave/config.nix +++ b/jeschli/1systems/enklave/config.nix @@ -5,6 +5,7 @@ + { networking.dhcpcd.allowInterfaces = [ diff --git a/jeschli/2configs/retiolum.nix b/jeschli/2configs/retiolum.nix index b611cbe7..f2260965 100644 --- a/jeschli/2configs/retiolum.nix +++ b/jeschli/2configs/retiolum.nix @@ -17,7 +17,7 @@ tinc = pkgs.tinc_pre; }; - networking.firewall.allowedTCPPorts = [ 655 ]; + networking.firewall.allowedTCPPorts = [ 80 655 ]; networking.firewall.allowedUDPPorts = [ 655 ]; environment.systemPackages = [ -- cgit v1.2.3 From 228ca863767edc07ae50c82034d873ee7ef17310 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 4 Sep 2018 20:09:24 +0200 Subject: j steam: remove dead code --- jeschli/2configs/steam.nix | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'jeschli') diff --git a/jeschli/2configs/steam.nix b/jeschli/2configs/steam.nix index 4d2d66c6..06a068a3 100644 --- a/jeschli/2configs/steam.nix +++ b/jeschli/2configs/steam.nix @@ -9,14 +9,4 @@ hardware.opengl.driSupport32Bit = true; #ports for inhome streaming - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-p tcp --dport 27031"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 27036"; target = "ACCEPT"; } - { predicate = "-p udp --dport 27031"; target = "ACCEPT"; } - { predicate = "-p udp --dport 27036"; target = "ACCEPT"; } - ]; - }; - }; } -- cgit v1.2.3 From eebf0b5efe7540452cdf759b1798e3c715408fc5 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 4 Sep 2018 20:17:26 +0200 Subject: j: +git --- jeschli/2configs/git.nix | 73 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 jeschli/2configs/git.nix (limited to 'jeschli') diff --git a/jeschli/2configs/git.nix b/jeschli/2configs/git.nix new file mode 100644 index 00000000..77602e0f --- /dev/null +++ b/jeschli/2configs/git.nix @@ -0,0 +1,73 @@ +{ config, lib, pkgs, ... }: + +with import ; + +let + + out = { + services.nginx.enable = true; + krebs.git = { + enable = true; + cgit = { + settings = { + root-title = "public repositories at ${config.krebs.build.host.name}"; + root-desc = "keep calm and engage"; + }; + enable = true; + }; + repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; + rules = rules; + }; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } + ]; + }; + + repos = public-repos; + + rules = concatMap make-rules (attrValues repos); + + public-repos = mapAttrs make-public-repo { + stockholm = { + cgit.desc = "Bonbon aus Git - die ganze Nacht"; + }; + krebs-page = { + cgit.desc = "Die Krebs Page"; + }; + }; + + make-public-repo = name: { cgit ? {}, ... }: { + inherit cgit name; + public = true; + hooks = { + post-receive = pkgs.git-hooks.irc-announce { + nick = config.krebs.build.host.name; + channel = "#xxx"; + server = "irc.r"; + verbose = true; + branches = [ "master" ]; + }; + }; + }; + + make-rules = + with git // config.krebs.users; + repo: + singleton { + user = [ jeschli jeschli-brauerei]; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + } ++ + optional repo.public { + user = attrValues config.krebs.users; + repo = [ repo ]; + perm = fetch; + } ++ + optional (length (repo.collaborators or []) > 0) { + user = repo.collaborators; + repo = [ repo ]; + perm = fetch; + }; + +in out -- cgit v1.2.3