summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2019-01-28 08:32:05 +0100
committermakefu <github@syntax-fehler.de>2019-01-28 08:32:05 +0100
commit7bc36518d1afc1050994e0806477fed2c8fa45da (patch)
treef801d55e368f7ce7c10a97482808eeab9491f45f /lass
parent0c25e9790578821a1038831ea852c6bfbc83ff97 (diff)
parent56a0b3f0020b4465d1f1d573e5d427d8c702fd86 (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/prism/config.nix15
-rw-r--r--lass/1systems/prism/physical.nix14
-rw-r--r--lass/1systems/yellow/config.nix92
-rw-r--r--lass/2configs/baseX.nix2
-rw-r--r--lass/2configs/default.nix5
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/mail.nix2
-rw-r--r--lass/2configs/reaktor-coders.nix194
-rw-r--r--lass/2configs/websites/domsen.nix24
9 files changed, 198 insertions, 151 deletions
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index df2778bef..23746d210 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -36,10 +36,10 @@ with import <stockholm/lib>;
# TODO write function for proxy_pass (ssl/nonssl)
krebs.iptables.tables.filter.FORWARD.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
+ { v6 = false; precedence = 1000; predicate = "-d 192.168.122.141"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.PREROUTING.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
+ { v6 = false; precedence = 1000; predicate = "-d 95.216.1.130"; target = "DNAT --to-destination 192.168.122.141"; }
];
}
{
@@ -379,6 +379,7 @@ with import <stockholm/lib>;
name = "download";
home = "/var/download";
useDefaultShell = true;
+ uid = genid "download";
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-shodan.pubkey
@@ -420,6 +421,16 @@ with import <stockholm/lib>;
{ predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
];
}
+ {
+ nix.trustedUsers = [ "Mic92" ];
+ users.users.Mic92 = {
+ uid = genid_uint31 "Mic92";
+ isNormalUser = true;
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.Mic92.pubkey
+ ];
+ };
+ }
];
krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index a2b5efb29..9a84e9d63 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -63,9 +63,15 @@
defaultGateway = "95.216.1.129";
# Use google's public DNS server
nameservers = [ "8.8.8.8" ];
- interfaces.eth0 = {
- ipAddress = "95.216.1.150";
- prefixLength = 26;
- };
+ interfaces.eth0.ipv4.addresses = [
+ {
+ address = "95.216.1.150";
+ prefixLength = 26;
+ }
+ {
+ address = "95.216.1.130";
+ prefixLength = 26;
+ }
+ ];
};
}
diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix
index 58fa564a1..9d8bcd7be 100644
--- a/lass/1systems/yellow/config.nix
+++ b/lass/1systems/yellow/config.nix
@@ -88,7 +88,7 @@ with import <stockholm/lib>;
client
dev tun
proto udp
- remote 82.102.16.229 1194
+ remote 89.249.65.83 1194
resolv-retry infinite
remote-random
nobind
@@ -103,13 +103,9 @@ with import <stockholm/lib>;
reneg-sec 0
comp-lzo no
- explicit-exit-notify 3
-
remote-cert-tls server
- #mute 10000
auth-user-pass ${toString <secrets/nordvpn.txt>}
-
verb 3
pull
fast-io
@@ -118,32 +114,33 @@ with import <stockholm/lib>;
<ca>
-----BEGIN CERTIFICATE-----
- MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
- VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
- Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw
- bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y
- ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG
- A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT
- B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2
- cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
- cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG
- UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny
- mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X
- +D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT
- ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI
- 583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA
- VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT
- Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh
- MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ
- MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy
- Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW
- EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG
- SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ
- e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW
- //DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB
- wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB
- KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p
- lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9
+ MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
+ MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
+ MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV
+ BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI
+ hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF
+ kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr
+ XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU
+ eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV
+ skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu
+ MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA
+ 37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR
+ hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s
+ Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy
+ WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6
+ MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST
+ LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG
+ SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g
+ nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/
+ k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S
+ DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/
+ pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo
+ k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp
+ +RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd
+ NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa
+ wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC
+ VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S
+ PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA==
-----END CERTIFICATE-----
</ca>
key-direction 1
@@ -152,23 +149,24 @@ with import <stockholm/lib>;
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
- 49b2f54c6ee58d2d97331681bb577d55
- 054f56d92b743c31e80b684de0388702
- ad3bf51088cd88f3fac7eb0729f2263c
- 51d82a6eb7e2ed4ae6dfa65b1ac764d0
- b9dedf1379c1b29b36396d64cb6fd6b2
- e61f869f9a13001dadc02db171f04c4d
- c46d1132c1f31709e7b54a6eabae3ea8
- fbd2681363c185f4cb1be5aa42a27c31
- 21db7b2187fd11c1acf224a0d5a44466
- b4b5a3cc34ec0227fe40007e8b379654
- f1e8e2b63c6b46ee7ab6f1bd82f57837
- 92c209e8f25bc9ed493cb5c1d891ae72
- 7f54f4693c5b20f136ca23e639fd8ea0
- 865b4e22dd2af43e13e6b075f12427b2
- 08af9ffd09c56baa694165f57fe2697a
- 3377fa34aebcba587c79941d83deaf45
+ e685bdaf659a25a200e2b9e39e51ff03
+ 0fc72cf1ce07232bd8b2be5e6c670143
+ f51e937e670eee09d4f2ea5a6e4e6996
+ 5db852c275351b86fc4ca892d78ae002
+ d6f70d029bd79c4d1c26cf14e9588033
+ cf639f8a74809f29f72b9d58f9b8f5fe
+ fc7938eade40e9fed6cb92184abb2cc1
+ 0eb1a296df243b251df0643d53724cdb
+ 5a92a1d6cb817804c4a9319b57d53be5
+ 80815bcfcb2df55018cc83fc43bc7ff8
+ 2d51f9b88364776ee9d12fc85cc7ea5b
+ 9741c4f598c485316db066d52db4540e
+ 212e1518a9bd4828219e24b20d88f598
+ a196c9de96012090e333519ae18d3509
+ 9427e7b372d348d352dc4c85e18cd4b9
+ 3f8a56ddb2e64eb67adfc9b337157ff4
-----END OpenVPN Static key V1-----
</tls-auth>
+
'';
}
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index b8a0a9f2a..1d2d1173d 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -74,7 +74,7 @@ in {
nmap
pavucontrol
powertop
- rxvt_unicode_with-plugins
+ rxvt_unicode-with-plugins
sxiv
taskwarrior
termite
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 69e697a1d..2547e8bac 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -2,6 +2,7 @@ with import <stockholm/lib>;
{ config, pkgs, ... }:
{
imports = [
+ <stockholm/krebs/2configs/nscd-fix.nix>
./binary-cache/client.nix
./gc.nix
./mc.nix
@@ -81,9 +82,6 @@ with import <stockholm/lib>;
services.timesyncd.enable = mkForce true;
- #why is this on in the first place?
- services.nscd.enable = false;
-
systemd.tmpfiles.rules = [
"d /tmp 1777 root root - -"
];
@@ -115,6 +113,7 @@ with import <stockholm/lib>;
#network
iptables
iftop
+ tcpdump
#stuff for dl
aria2
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index f487a9910..555295422 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -96,6 +96,7 @@ with import <stockholm/lib>;
{ from = "nordvpn@lassul.us"; to = lass.mail; }
{ from = "csv-direct@lassul.us"; to = lass.mail; }
{ from = "nintendo@lassul.us"; to = lass.mail; }
+ { from = "overleaf@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 3c19fe061..52d380b7c 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -225,7 +225,7 @@ in {
msmtp
mutt
pkgs.notmuch
- pkgs.much
+ pkgs.haskellPackages.much
tag-new-mails
tag-old-mails
];
diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 7cdcdf20c..44d9d6866 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -1,99 +1,107 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
-{
- krebs.Reaktor.coders = {
- nickname = "Reaktor|lass";
- channels = [ "#coders" "#germany" "#panthermoderns" ];
- extraEnviron = {
- REAKTOR_HOST = "irc.hackint.org";
- };
- plugins = with pkgs.ReaktorPlugins; let
-
- lambdabot = (import (pkgs.fetchFromGitHub {
- owner = "NixOS"; repo = "nixpkgs";
- rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
- sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
- }) {}).lambdabot;
-
- lambdabotflags = ''
- -XStandaloneDeriving -XGADTs -XFlexibleContexts \
- -XFlexibleInstances -XMultiParamTypeClasses \
- -XOverloadedStrings -XFunctionalDependencies \'';
- in [
- sed-plugin
- url-title
- (buildSimpleReaktorPlugin "lambdabot-pl" {
- pattern = "^@pl (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-pl" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@pl $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-type" {
- pattern = "^@type (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-type" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@type $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-let" {
- pattern = "^@let (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-let" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@let $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-run" {
- pattern = "^@run (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-run" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@run $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-kind" {
- pattern = "^@kind (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-kind" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@kind $1"
- '';
- })
- (buildSimpleReaktorPlugin "ping" {
- pattern = "^!ping (?P<args>.*)$$";
- script = pkgs.writeDash "ping" ''
- exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
- '';
- })
- (buildSimpleReaktorPlugin "google" {
- pattern = "^!g (?P<args>.*)$$";
- script = pkgs.writeDash "google" ''
- exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \
- ${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"'
- '';
- })
- (buildSimpleReaktorPlugin "blockchain" {
- pattern = ".*[Bb]lockchain.*$$";
- script = pkgs.writeDash "blockchain" ''
- exec echo 'DID SOMEBODY SAY BLOCKCHAIN? https://paste.krebsco.de/r99pMoQq/+inline'
- '';
- })
- (buildSimpleReaktorPlugin "shrug" {
- pattern = "^!shrug$";
- script = pkgs.writeDash "shrug" ''
- exec echo '¯\_(ツ)_/¯'
- '';
- })
- (buildSimpleReaktorPlugin "flip" {
- pattern = "^!flip$";
- script = pkgs.writeDash "shrug" ''
- exec echo '(╯°□°)╯ ┻━┻'
- '';
- })
+let
+ hooks = pkgs.reaktor2-plugins.hooks;
+in {
+ krebs.reaktor2.coders = {
+ hostname = "irc.hackint.org";
+ port = "9999";
+ useTLS = true;
+ nick = "reaktor2|lass";
+ plugins = [
+ {
+ plugin = "register";
+ config = {
+ channels = [
+ "#coders"
+ "#germany"
+ "#panthermoderns"
+ ];
+ };
+ }
+ {
+ plugin = "system";
+ config = {
+ workdir = config.krebs.reaktor2.coders.stateDir;
+ hooks.PRIVMSG = [
+ hooks.sed
+ hooks.url-title
+ {
+ activate = "match";
+ pattern = ''@([^ ]+) (.*)$'';
+ command = 1;
+ arguments = [2];
+ commands = let
+ lambdabot = (import (pkgs.fetchFromGitHub {
+ owner = "NixOS"; repo = "nixpkgs";
+ rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
+ sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
+ }) {}).lambdabot;
+ lambdabotWrapper = pkgs.writeDash "lambdabot.wrapper" ''
+ exec ${lambdabot}/bin/lambdabot \
+ -XStandaloneDeriving -XGADTs -XFlexibleContexts \
+ -XFlexibleInstances -XMultiParamTypeClasses \
+ -XOverloadedStrings -XFunctionalDependencies \
+ -e "$@"
+ '';
+ in {
+ pl = {
+ env.HOME = config.krebs.reaktor2.coders.stateDir;
+ filename = pkgs.writeDash "lambdabot-pl" ''
+ ${lambdabotWrapper} "@pl $1"
+ '';
+ };
+ type = {
+ env.HOME = config.krebs.reaktor2.coders.stateDir;
+ filename = pkgs.writeDash "lambdabot-type" ''
+ ${lambdabotWrapper} "@type $1"
+ '';
+ };
+ "let" = {
+ env.HOME = config.krebs.reaktor2.coders.stateDir;
+ filename = pkgs.writeDash "lambdabot-let" ''
+ ${lambdabotWrapper} "@let $1"
+ '';
+ };
+ run = {
+ env.HOME = config.krebs.reaktor2.coders.stateDir;
+ filename = pkgs.writeDash "lambdabot-run" ''
+ ${lambdabotWrapper} "@run $1"
+ '';
+ };
+ kind = {
+ env.HOME = config.krebs.reaktor2.coders.stateDir;
+ filename = pkgs.writeDash "lambdabot-kind" ''
+ ${lambdabotWrapper} "@kind $1"
+ '';
+ };
+ };
+ }
+ {
+ activate = "match";
+ pattern = ''!([^ ]+)(?:\s*(.*))?'';
+ command = 1;
+ arguments = [2];
+ commands = {
+ ping.filename = pkgs.writeDash "ping" ''
+ exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
+ '';
+ google.filename = pkgs.writeDash "google" ''
+ exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \
+ ${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"'
+ '';
+ shrug.filename = pkgs.writeDash "shrug" ''
+ exec echo '¯\_(ツ)_/¯'
+ '';
+ table.filename = pkgs.writeDash "table" ''
+ exec echo '(╯°□°)╯ ┻━┻'
+ '';
+ };
+ }
+ ];
+ };
+ }
];
};
}
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 223fc73ba..7fb248139 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -155,6 +155,13 @@ in {
ssl_key = "/var/lib/acme/lassul.us/key.pem";
};
+ users.users.UBIK-SFTP = {
+ uid = genid_uint31 "UBIK-SFTP";
+ home = "/home/UBIK-SFTP";
+ useDefaultShell = true;
+ createHome = true;
+ };
+
users.users.xanf = {
uid = genid_uint31 "xanf";
home = "/home/xanf";
@@ -227,5 +234,22 @@ in {
createHome = true;
};
+ services.restic.backups.domsen = {
+ initialize = true;
+ extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr.duckdns.org -p 52222 -i ${toString <secrets> + "/ssh.id_ed25519"} -s sftp'" ];
+ repository = "sftp:efOVcMWSZ@wilhelmstr.duckdns.org:/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES";
+ passwordFile = toString <secrets> + "/domsen_backup_pw";
+ paths = [
+ "/srv/http"
+ "/home/domsen/Mail"
+ "/home/ms/Mail"
+ "/home/klabusterbeere/Mail"
+ "/home/jms/Mail"
+ "/home/bruno/Mail"
+ "/home/akayguen/Mail"
+ "/backups/sql_dumps"
+ ];
+ };
+
}