summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2021-01-23 18:09:13 +0100
committerlassulus <lassulus@lassul.us>2021-01-23 18:09:13 +0100
commit0b5b4b8eab751d0d1d32573c6f69d08a82b4af1e (patch)
treedc751e9360ebbd73a24f97ec0820130ad9295e07
parent2185fb0bfa56b365e33d0baf0274499076c1166b (diff)
l green.r: setup with sync-containers
-rw-r--r--lass/1systems/green/config.nix71
1 files changed, 69 insertions, 2 deletions
diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix
index 0b4b50ee4..d7683ff5f 100644
--- a/lass/1systems/green/config.nix
+++ b/lass/1systems/green/config.nix
@@ -9,13 +9,80 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/mail.nix>
<stockholm/lass/2configs/syncthing.nix>
+ <stockholm/lass/2configs/sync/sync.nix>
<stockholm/lass/2configs/sync/decsync.nix>
<stockholm/lass/2configs/sync/weechat.nix>
+
+ <stockholm/lass/2configs/bitlbee.nix>
+ <stockholm/lass/2configs/IM.nix>
+ <stockholm/lass/2configs/muchsync.nix>
+ <stockholm/lass/2configs/pass.nix>
];
krebs.build.host = config.krebs.hosts.green;
- #networking.nameservers = [ "1.1.1.1" ];
+ users.users.mainUser.openssh.authorizedKeys.keys = [
+ config.krebs.users.lass-android.pubkey
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMe23IAHn4Ow4J4i8M9GJshqvY80U11NKPLum6b1XLn" # weechat ssh tunnel
+ ];
+
+ lass.bindfs = {
+ "/home/lass/.weechat" = {
+ source = "/var/state/lass_weechat";
+ options = [
+ "-M ${concatMapStringsSep ":" (u: toString config.users.users.${u}.uid) [ "syncthing" "mainUser" ]}"
+ "--create-for-user=${toString config.users.users.syncthing.uid}"
+ ];
+ };
+ "/home/lass/Maildir" = {
+ source = "/var/state/lass_mail";
+ options = [
+ "-M ${toString config.users.users.mainUser.uid}"
+ ];
+ };
+ "/home/lass/sync" = {
+ source = "/var/state/lass_sync";
+ options = [
+ "-M ${concatMapStringsSep ":" (u: toString config.users.users.${u}.uid) [ "syncthing" "mainUser" ]}"
+ "--create-for-user=${toString config.users.users.syncthing.uid}"
+ ];
+ };
+ "/var/lib/bitlbee" = {
+ source = "/var/state/bitlbee";
+ options = [
+ "-M ${toString config.users.users.bitlbee.uid}"
+ ];
+ clearTarget = true;
+ };
+ "/home/lass/.ssh" = {
+ source = "/var/state/lass_ssh";
+ options = [
+ "-M ${toString config.users.users.mainUser.uid}"
+ ];
+ clearTarget = true;
+ };
+ "/home/lass/.gnupg" = {
+ source = "/var/state/lass_gnupg";
+ options = [
+ "-M ${toString config.users.users.mainUser.uid}"
+ ];
+ clearTarget = true;
+ };
+ };
- #time.timeZone = "Europe/Berlin";
+ systemd.services."bindfs-_home_lass_Maildir".serviceConfig.ExecStartPost = pkgs.writeDash "symlink-notmuch" ''
+ sleep 1
+ mkdir -p /home/lass/notmuch
+ chown lass: /home/lass/notmuch
+ ln -sfTr /home/lass/notmuch /home/lass/Maildir/.notmuch
+
+ mkdir -p /home/lass/notmuch/muchsync
+ chown lass: /home/lass/notmuch/muchsync
+ mkdir -p /home/lass/Maildir/.muchsync
+ ln -sfTr /home/lass/Maildir/.muchsync /home/lass/notmuch/muchsync/tmp
+ '';
+
+ krebs.iptables.tables.nat.PREROUTING.rules = [
+ { predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; precedence = 101; }
+ ];
}