Merge remote-tracking branch 'lass/master'

3 files changed, 8 insertions, 9 deletions

diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix
index 5c4b37aef..79946dad7 100644
--- a/krebs/1systems/news/config.nix
+++ b/krebs/1systems/news/config.nix
@@ -18,13 +18,6 @@
   boot.isContainer = true;
   networking.useDHCP = false;
   krebs.bindfs = {
-    "/var/lib/htgen-go" = {
-      source = "/var/state/htgen-go";
-      options = [
-        "-m ${toString config.users.users.htgen-go.uid}"
-      ];
-      clearTarget = true;
-    };
     "/var/lib/brockman" = {
       source = "/var/state/brockman";
       options = [
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 1e0687ba7..2f122f6ff 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -19,6 +19,12 @@
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/binary-cache/prism.nix>
 
+    ## news host
+
+    <stockholm/krebs/2configs/container-networking.nix>
+    <stockholm/krebs/2configs/syncthing.nix>
+    <stockholm/krebs/2configs/news-host.nix>
+
     ### shackspace ###
     # handle the worlddomination map via coap
     <stockholm/krebs/2configs/shack/worlddomination.nix>
diff --git a/krebs/1systems/puyak/net.nix b/krebs/1systems/puyak/net.nix
index 8dab11e16..a46a24952 100644
--- a/krebs/1systems/puyak/net.nix
+++ b/krebs/1systems/puyak/net.nix
@@ -8,8 +8,8 @@ in {
     SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}"
   '';
   networking = {
-    firewall.enable = false;
-    firewall.allowedTCPPorts = [ 8088 8086 8083 5901 ];
+    firewall.enable = true;
+    firewall.allowedTCPPorts = [ 80 443 8088 8086 8083 5901 ];
     interfaces."${ext-if}".ipv4.addresses = [
       {
         address = shack-ip;