From 86e5815ba3b05acbd49aa910dbabdfbb21de0e23 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:20:45 +0200 Subject: l prism.r: enable codimd --- lass/1systems/prism/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems/prism/config.nix') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index d7b0b701..57a12be2 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -195,6 +195,7 @@ with import ; }; } + { services.taskserver = { enable = true; -- cgit v1.2.3 From 418e9f566511af814a4b3bf4c653cca036796a73 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:24:31 +0200 Subject: l prism.r: export download/finished directly --- lass/1systems/prism/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems/prism/config.nix') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 57a12be2..e33d1ca9 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -383,7 +383,7 @@ with import ; ''; fileSystems."/export/download" = { - device = "/var/lib/containers/yellow/var/download"; + device = "/var/lib/containers/yellow/var/download/finished"; options = [ "bind" ]; }; services.nfs.server = { -- cgit v1.2.3 From 65907391192875d0051f92950516a70919272c26 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:25:20 +0200 Subject: l prism.r: allow nfs mount from retiolum --- lass/1systems/prism/config.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass/1systems/prism/config.nix') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index e33d1ca9..dbbcbc5d 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -396,6 +396,12 @@ with import ; statdPort = 4000; }; krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; } + { predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; } + { predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; } { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; } { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; } { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; } -- cgit v1.2.3 From 4d48a1e10942f2885f9728d736f7c87b58780982 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:32:59 +0200 Subject: l prism.r: add rsa hostKey --- lass/1systems/prism/config.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass/1systems/prism/config.nix') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index dbbcbc5d..eec8e34b 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -463,4 +463,10 @@ with import ; enable = true; freeMemThreshold = 5; }; + + # prism rsa hack + services.openssh.hostKeys = [{ + path = toString + "ssh.id_rsa"; + type = "rsa"; + }]; } -- cgit v1.2.3