Merge remote-tracking branch 'gum/master'

author: lassulus <lass@aidsballs.de> 2016-08-21 13:16:56 +0200
committer: lassulus <lass@aidsballs.de> 2016-08-21 13:16:56 +0200
commit: d50198d880c4be21413f9bb536b784005204beb9 (patch)
tree: 28ea56d3694e7239e532474f677a95f6604c00c5 /makefu/1systems/drop.nix
parent: 3eb5f58a0ee9778006d4e37fee17e0b3e096a52a (diff)
parent: d1c4d12cee228cba1da4da7bba82b6cf6cb708ec (diff)
1 files changed, 40 insertions, 0 deletions
diff --git a/makefu/1systems/drop.nix b/makefu/1systems/drop.nix
new file mode 100644
index 000000000..4a94c3f61
--- /dev/null
+++ b/makefu/1systems/drop.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, ... }:
+let
+  external-ip = "45.55.145.62";
+  default-gw = "45.55.128.1";
+  prefixLength = 18;
+in {
+  imports = [
+      ../.
+      ../2configs/hw/CAC.nix
+      ../2configs/save-diskspace.nix
+      ../2configs/torrent.nix
+  ];
+  krebs = {
+    enable = true;
+    tinc.retiolum.enable = true;
+    build.host = config.krebs.hosts.drop;
+  };
+
+  boot.loader.grub.device = "/dev/vda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ];
+  fileSystems."/" = {
+    device = "/dev/vda1";
+    fsType = "ext4";
+  };
+
+  networking = {
+    firewall = {
+      allowPing = true;
+      logRefusedConnections = false;
+      allowedTCPPorts = [ ];
+      allowedUDPPorts = [ 655 ];
+    };
+    interfaces.enp0s3.ip4 = [{
+      address = external-ip;
+      inherit prefixLength;
+    }];
+    defaultGateway = default-gw;
+    nameservers = [ "8.8.8.8" ];
+  };
+}
author	lassulus <lass@aidsballs.de>	2016-08-21 13:16:56 +0200
committer	lassulus <lass@aidsballs.de>	2016-08-21 13:16:56 +0200
commit	d50198d880c4be21413f9bb536b784005204beb9 (patch)
tree	28ea56d3694e7239e532474f677a95f6604c00c5 /makefu/1systems/drop.nix
parent	3eb5f58a0ee9778006d4e37fee17e0b3e096a52a (diff)
parent	d1c4d12cee228cba1da4da7bba82b6cf6cb708ec (diff)