From d5c580daa1c1fd878dad9f08ea699bc531791a08 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 19 Apr 2019 16:14:53 +0200
Subject: init mb

---
 mb/2configs/retiolum.nix | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 mb/2configs/retiolum.nix

(limited to 'mb/2configs/retiolum.nix')

diff --git a/mb/2configs/retiolum.nix b/mb/2configs/retiolum.nix
new file mode 100644
index 00000000..5a87d52a
--- /dev/null
+++ b/mb/2configs/retiolum.nix
@@ -0,0 +1,33 @@
+{ config, pkgs, ... }:
+
+{
+
+  krebs.iptables = {
+    tables = {
+      filter.INPUT.rules = let
+        tincport = toString config.krebs.build.host.nets.retiolum.tinc.port;
+      in [
+        { predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; }
+        { predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; }
+      ];
+    };
+  };
+
+  krebs.tinc.retiolum = {
+    enableLegacy = true;
+    enable = true;
+    connectTo = [
+      "prism"
+      "gum"
+      "ni"
+    ];
+  };
+
+  nixpkgs.config.packageOverrides = pkgs: {
+    tinc = pkgs.tinc_pre;
+  };
+
+  environment.systemPackages = [
+    pkgs.tinc
+  ];
+}
-- 
cgit v1.2.3