diff options
| author | jeschli <jeschli@gmail.com> | 2018-12-04 19:27:27 +0100 |
|---|---|---|
| committer | jeschli <jeschli@gmail.com> | 2018-12-04 19:27:27 +0100 |
| commit | 5030b74cc5c578bb82619a24592504a6008f1a10 (patch) | |
| tree | 0551e3ddb94353b7438bec02174bf3379bc89b87 /lass/1systems/archprism | |
| parent | 78b289201987675844aa37abeb4279eb4051ebe0 (diff) | |
| parent | 82988de84c177c247ebbe80940c4d50b9f073b4e (diff) | |
Merge branch 'master' of prism.r:stockholm
Diffstat (limited to 'lass/1systems/archprism')
| -rw-r--r-- | lass/1systems/archprism/config.nix | 32 | ||||
| -rw-r--r-- | lass/1systems/archprism/physical.nix | 20 |
2 files changed, 12 insertions, 40 deletions
diff --git a/lass/1systems/archprism/config.nix b/lass/1systems/archprism/config.nix index 0a286c6f0..bed8961b8 100644 --- a/lass/1systems/archprism/config.nix +++ b/lass/1systems/archprism/config.nix @@ -36,10 +36,10 @@ with import <stockholm/lib>; # TODO write function for proxy_pass (ssl/nonssl) krebs.iptables.tables.filter.FORWARD.rules = [ - { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; } + { v6 = false; precedence = 1000; predicate = "-d 192.168.122.179"; target = "ACCEPT"; } ]; krebs.iptables.tables.nat.PREROUTING.rules = [ - { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; } + { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; } ]; } { @@ -57,13 +57,6 @@ with import <stockholm/lib>; config.krebs.users.makefu.pubkey ]; }; - users.users.nin = { - uid = genid "nin"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - ]; - }; users.extraUsers.dritter = { uid = genid "dritter"; isNormalUser = true; @@ -109,26 +102,6 @@ with import <stockholm/lib>; localAddress = "10.233.2.2"; }; } - { - #onondaga - systemd.services."container@onondaga".reloadIfChanged = mkForce false; - containers.onondaga = { - config = { ... }: { - imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ]; - environment.systemPackages = [ pkgs.git ]; - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - config.krebs.users.nin.pubkey - ]; - }; - autoStart = true; - enableTun = true; - privateNetwork = true; - hostAddress = "10.233.2.5"; - localAddress = "10.233.2.6"; - }; - } <stockholm/lass/2configs/exim-smarthost.nix> <stockholm/lass/2configs/ts3.nix> <stockholm/lass/2configs/privoxy-retiolum.nix> @@ -137,7 +110,6 @@ with import <stockholm/lib>; <stockholm/lass/2configs/iodined.nix> <stockholm/lass/2configs/paste.nix> <stockholm/lass/2configs/syncthing.nix> - <stockholm/lass/2configs/reaktor-coders.nix> <stockholm/lass/2configs/ciko.nix> <stockholm/lass/2configs/container-networking.nix> <stockholm/lass/2configs/monitoring/prometheus-server.nix> diff --git a/lass/1systems/archprism/physical.nix b/lass/1systems/archprism/physical.nix index 56348d0ab..36de7dc17 100644 --- a/lass/1systems/archprism/physical.nix +++ b/lass/1systems/archprism/physical.nix @@ -14,16 +14,16 @@ }; }; # TODO use this network config - #networking.interfaces.et0.ipv4.addresses = [ - # { - # address = config.krebs.build.host.nets.internet.ip4.addr; - # prefixLength = 27; - # } - # { - # address = "46.4.114.243"; - # prefixLength = 27; - # } - #]; + networking.interfaces.eth0.ipv4.addresses = [ + { + address = config.krebs.build.host.nets.internet.ip4.addr; + prefixLength = 27; + } + { + address = "46.4.114.243"; + prefixLength = 27; + } + ]; #networking.defaultGateway = "46.4.114.225"; #networking.nameservers = [ # "8.8.8.8" |