summaryrefslogtreecommitdiffstats
path: root/lass/1systems/prism
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2019-10-14 09:25:42 +0200
committermakefu <github@syntax-fehler.de>2019-10-14 09:25:42 +0200
commitc288a54f76a6c556fbdc50c0b5d7793edb2c7a34 (patch)
tree4d649db7fb911475f17a9c474b6b24babdbed0bb /lass/1systems/prism
parent0459d44921fab70ad876ffe40d61283da2e6be06 (diff)
parentc8e29c89bc2d5fa254aeb0a98207c4fa47b5aa3c (diff)
Merge remote-tracking branch 'lass/19.09' into 19.09
Diffstat (limited to 'lass/1systems/prism')
-rw-r--r--lass/1systems/prism/config.nix31
1 files changed, 29 insertions, 2 deletions
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 845cf943c..13e865c6e 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -65,6 +65,13 @@ with import <stockholm/lib>;
config.krebs.users.makefu.pubkey
];
};
+ users.users.nin = {
+ uid = genid "nin";
+ isNormalUser = true;
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.nin.pubkey
+ ];
+ };
users.extraUsers.dritter = {
uid = genid_uint31 "dritter";
isNormalUser = true;
@@ -117,6 +124,26 @@ with import <stockholm/lib>;
localAddress = "10.233.2.2";
};
}
+ {
+ #onondaga
+ systemd.services."container@onondaga".reloadIfChanged = mkForce false;
+ containers.onondaga = {
+ config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
+ environment.systemPackages = [ pkgs.git ];
+ services.openssh.enable = true;
+ users.users.root.openssh.authorizedKeys.keys = [
+ config.krebs.users.lass.pubkey
+ config.krebs.users.nin.pubkey
+ ];
+ };
+ autoStart = true;
+ enableTun = true;
+ privateNetwork = true;
+ hostAddress = "10.233.2.5";
+ localAddress = "10.233.2.6";
+ };
+ }
<stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/ts3.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix>
@@ -157,7 +184,7 @@ with import <stockholm/lib>;
imports = [
<stockholm/lass/2configs/realwallpaper.nix>
];
- services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
+ services.nginx.virtualHosts."lassul.us".locations."= /wallpaper.png".extraConfig = ''
alias /var/realwallpaper/realwallpaper.png;
'';
}
@@ -352,7 +379,7 @@ with import <stockholm/lib>;
services.nginx.virtualHosts."lassul.us".locations."^~ /transmission".extraConfig = ''
if ($scheme != "https") {
- rewrite ^ https://$host$uri permanent;
+ rewrite ^ https://$host$request_uri permanent;
}
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "transmission-user-pass" ''