Merge remote-tracking branch 'gum/master'

author: tv <tv@krebsco.de> 2015-12-20 19:37:46 +0100
committer: tv <tv@krebsco.de> 2015-12-20 19:37:46 +0100
commit: c89907175546aa0c39bc6b2c4960f0ea6e6db8c9 (patch)
tree: 158bf1a5938fc37efc466b00b3f0906ac2a50d9f /lass/1systems
parent: c09bc6a29f21f1c6bd21575e385b8b3bc5c89b8a (diff)
parent: 5821d8438578db623a3e248c52fefa424fad0b51 (diff)
6 files changed, 78 insertions, 99 deletions
diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix
index dc0ca0274..39af4a96f 100644
--- a/lass/1systems/echelon.nix
+++ b/lass/1systems/echelon.nix
@@ -13,7 +13,7 @@ in {
     ../2configs/realwallpaper-server.nix
     ../2configs/privoxy-retiolum.nix
     ../2configs/git.nix
-    ../2configs/redis.nix
+    #../2configs/redis.nix
     ../2configs/go.nix
     ../2configs/ircd.nix
     ../2configs/newsbot-js.nix
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 7db3f8333..4ba9df6f9 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -18,10 +18,40 @@
     ../2configs/chromium-patched.nix
     ../2configs/git.nix
     ../2configs/retiolum.nix
-    ../2configs/wordpress.nix
+    #../2configs/wordpress.nix
     ../2configs/bitlbee.nix
     ../2configs/firefoxPatched.nix
     ../2configs/skype.nix
+    ../2configs/teamviewer.nix
+    ../2configs/libvirt.nix
+    ../2configs/fetchWallpaper.nix
+    {
+      #risk of rain port
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; }
+      ];
+    }
+    {
+      #wordpress-test
+      #imports = singleton (sitesGenerators.createWordpress "testserver.de");
+      imports = [
+        ../3modules/wordpress_nginx.nix
+      ];
+      lass.wordpress."testserver.de" = {
+      };
+
+      services.mysql = {
+        enable = true;
+        package = pkgs.mariadb;
+        rootPassword = "<secrets>/mysql_rootPassword";
+      };
+      networking.extraHosts = ''
+        10.243.0.2 testserver.de
+      '';
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; }
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.mors;
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 87334c3c2..95c55533c 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -10,6 +10,8 @@ in {
     ../2configs/downloading.nix
     ../2configs/git.nix
     ../2configs/ts3.nix
+    ../2configs/bitlbee.nix
+    ../2configs/weechat.nix
     {
       users.extraGroups = {
         # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
@@ -87,6 +89,50 @@ in {
     {
       nixpkgs.config.allowUnfree = true;
     }
+    {
+      #stuff for juhulian
+      users.extraUsers.juhulian = {
+        name = "juhulian";
+        uid = 1339;
+        home = "/home/juhulian";
+        group = "users";
+        createHome = true;
+        useDefaultShell = true;
+        extraGroups = [
+        ];
+        openssh.authorizedKeys.keys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
+        ];
+      };
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
+      ];
+    }
+    {
+      environment.systemPackages = [
+        pkgs.perlPackages.Plack
+      ];
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p tcp --dport 8080"; target = "ACCEPT";}
+      ];
+    }
+    {
+      users.users.chat.openssh.authorizedKeys.keys = [
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH"
+      ];
+    }
+    {
+      time.timeZone = "Europe/Berlin";
+    }
+    {
+      imports = [
+        ../2configs/websites/wohnprojekt-rhh.de.nix
+        ../2configs/websites/domsen.nix
+      ];
+      krebs.iptables.tables.filter.INPUT.rules = [
+         { predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/1systems/test-arch.nix b/lass/1systems/test-arch.nix
deleted file mode 100644
index 0ab9da2f3..000000000
--- a/lass/1systems/test-arch.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
-  inherit (lib) head;
-
-in {
-  imports = [
-    ../2configs/base.nix
-    {
-      boot.loader.grub = {
-        device = "/dev/sda";
-        splashImage = null;
-      };
-
-      boot.initrd.availableKernelModules = [
-        "ata_piix"
-        "vmw_pvscsi"
-      ];
-
-      fileSystems."/" = {
-        device = "/dev/sda1";
-      };
-    }
-    {
-      networking.dhcpcd.allowInterfaces = [
-        "enp*"
-      ];
-    }
-    {
-      sound.enable = false;
-    }
-  ];
-
-  krebs.build.host = config.krebs.hosts.test-arch;
-}
diff --git a/lass/1systems/test-centos6.nix b/lass/1systems/test-centos6.nix
deleted file mode 100644
index 7270c2262..000000000
--- a/lass/1systems/test-centos6.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
-  inherit (lib) head;
-
-  ip = "168.235.148.52";
-in {
-  imports = [
-    ../2configs/base.nix
-    ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix
-    {
-      networking.interfaces.enp11s0.ip4 = [
-        {
-          address = ip;
-          prefixLength = 24;
-        }
-      ];
-      networking.defaultGateway = getDefaultGateway ip;
-      networking.nameservers = [
-        "8.8.8.8"
-      ];
-    }
-    {
-      sound.enable = false;
-    }
-  ];
-
-  krebs.build.host = config.krebs.hosts.test-centos6;
-}
diff --git a/lass/1systems/test-centos7.nix b/lass/1systems/test-centos7.nix
deleted file mode 100644
index 91bd3e0fe..000000000
--- a/lass/1systems/test-centos7.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-  inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
-  inherit (lib) head;
-
-  ip = "168.235.145.85";
-in {
-  imports = [
-    ../2configs/base.nix
-    ../2configs/os-templates/CAC-CentOS-7-64bit.nix
-    {
-      networking.interfaces.enp2s1.ip4 = [
-        {
-          address = ip;
-          prefixLength = 24;
-        }
-      ];
-      networking.defaultGateway = getDefaultGateway ip;
-      networking.nameservers = [
-        "8.8.8.8"
-      ];
-
-    }
-    {
-      sound.enable = false;
-    }
-  ];
-
-  krebs.build.host = config.krebs.hosts.test-centos7;
-}
author	tv <tv@krebsco.de>	2015-12-20 19:37:46 +0100
committer	tv <tv@krebsco.de>	2015-12-20 19:37:46 +0100
commit	c89907175546aa0c39bc6b2c4960f0ea6e6db8c9 (patch)
tree	158bf1a5938fc37efc466b00b3f0906ac2a50d9f /lass/1systems
parent	c09bc6a29f21f1c6bd21575e385b8b3bc5c89b8a (diff)
parent	5821d8438578db623a3e248c52fefa424fad0b51 (diff)