summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
authorjeschli <jeschli@gmail.com>2019-08-06 15:51:38 +0200
committerjeschli <jeschli@gmail.com>2019-08-06 15:51:38 +0200
commit01a431857a42a6a3fcbd6eff414071ca8ef15e74 (patch)
tree0eb84976b1850959233d758a7a27249498797b26 /krebs/3modules
parentcd4f0290ed091cdae9b5d8526f4387b54e2c42dc (diff)
parent2885fbd942163d733586cd966c76ccf9159ae208 (diff)
Merge branch 'master' of prism.r:stockholm
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/external/default.nix24
-rw-r--r--krebs/3modules/syncthing.nix1
2 files changed, 25 insertions, 0 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 5b602fc7d..66f9620c7 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -232,7 +232,12 @@ in {
rose = {
owner = config.krebs.users.Mic92;
nets = rec {
+ internet = {
+ ip4.addr = "129.215.165.52";
+ aliases = [ "rose.i" ];
+ };
retiolum = {
+ via = internet;
addrs = [
config.krebs.hosts.rose.nets.retiolum.ip4.addr
config.krebs.hosts.rose.nets.retiolum.ip6.addr
@@ -260,7 +265,12 @@ in {
martha = {
owner = config.krebs.users.Mic92;
nets = rec {
+ internet = {
+ ip4.addr = "129.215.165.53";
+ aliases = [ "martha.i" ];
+ };
retiolum = {
+ via = internet;
addrs = [
config.krebs.hosts.martha.nets.retiolum.ip4.addr
config.krebs.hosts.martha.nets.retiolum.ip6.addr
@@ -288,7 +298,12 @@ in {
donna = {
owner = config.krebs.users.Mic92;
nets = rec {
+ internet = {
+ ip4.addr = "129.215.165.54";
+ aliases = [ "donna.i" ];
+ };
retiolum = {
+ via = internet;
addrs = [
config.krebs.hosts.donna.nets.retiolum.ip4.addr
config.krebs.hosts.donna.nets.retiolum.ip6.addr
@@ -620,6 +635,13 @@ in {
};
};
};
+ domsen-backup = {
+ owner = config.krebs.users.domsen;
+ ci = false;
+ external = true;
+ syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC";
+ nets = {};
+ };
};
users = {
ciko = {
@@ -665,5 +687,7 @@ in {
filly = {
};
pie_ = {};
+ domsen = {
+ };
};
}
diff --git a/krebs/3modules/syncthing.nix b/krebs/3modules/syncthing.nix
index 939c8fddf..799ed7eda 100644
--- a/krebs/3modules/syncthing.nix
+++ b/krebs/3modules/syncthing.nix
@@ -176,6 +176,7 @@ in
config = mkIf kcfg.enable {
systemd.services.syncthing = mkIf (kcfg.cert != null || kcfg.key != null) {
+ serviceConfig.PermissionsStartOnly = mkDefault true;
preStart = ''
${optionalString (kcfg.cert != null) ''
cp ${toString kcfg.cert} ${scfg.configDir}/cert.pem