diff options
author | makefu <github@syntax-fehler.de> | 2018-10-21 23:33:33 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2018-10-21 23:33:33 +0200 |
commit | 5c1e92aaf6fc0a3882207a5cb3ff03b7aeab04d6 (patch) | |
tree | 91d784268c6dbb4f9cf4b8e2ccba4dca8c67e4ed /makefu | |
parent | 2e88305f407f1b3b2d71e7c3948645374c8cfd65 (diff) |
ma gum.r: manage less services
Diffstat (limited to 'makefu')
-rw-r--r-- | makefu/1systems/gum/config.nix | 69 |
1 files changed, 35 insertions, 34 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 36af23bb5..75b0680b2 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -8,11 +8,23 @@ in { imports = [ <stockholm/makefu> ./hardware-config.nix + { + users.users.lass = { + uid = 9002; + isNormalUser = true; + createHome = true; + useDefaultShell = true; + openssh.authorizedKeys.keys = with config.krebs.users; [ + lass.pubkey + makefu.pubkey + ]; + }; + } <stockholm/makefu/2configs/headless.nix> # <stockholm/makefu/2configs/smart-monitor.nix> <stockholm/makefu/2configs/git/cgit-retiolum.nix> - <stockholm/makefu/2configs/backup.nix> + <stockholm/makefu/2configs/backup/state.nix> # <stockholm/makefu/2configs/mattermost-docker.nix> # <stockholm/makefu/2configs/disable_v6.nix> <stockholm/makefu/2configs/exim-retiolum.nix> @@ -42,23 +54,24 @@ in { # buildbot <stockholm/makefu/2configs/remote-build/slave.nix> + <stockholm/makefu/2configs/shack/gitlab-runner> ## Web - <stockholm/makefu/2configs/nginx/share-download.nix> - <stockholm/makefu/2configs/nginx/euer.test.nix> - <stockholm/makefu/2configs/nginx/euer.mon.nix> - <stockholm/makefu/2configs/nginx/euer.wiki.nix> - <stockholm/makefu/2configs/nginx/euer.blog.nix> - # <stockholm/makefu/2configs/nginx/gum.krebsco.de.nix> - <stockholm/makefu/2configs/nginx/public_html.nix> - <stockholm/makefu/2configs/nginx/update.connector.one.nix> - <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix> - - <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix> + #<stockholm/makefu/2configs/nginx/share-download.nix> + #<stockholm/makefu/2configs/nginx/euer.test.nix> + #<stockholm/makefu/2configs/nginx/euer.mon.nix> + #<stockholm/makefu/2configs/nginx/euer.wiki.nix> + #<stockholm/makefu/2configs/nginx/euer.blog.nix> + ## <stockholm/makefu/2configs/nginx/gum.krebsco.de.nix> + #<stockholm/makefu/2configs/nginx/public_html.nix> + #<stockholm/makefu/2configs/nginx/update.connector.one.nix> + #<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix> + + # <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix> # <stockholm/makefu/2configs/deployment/graphs.nix> - <stockholm/makefu/2configs/deployment/owncloud.nix> - <stockholm/makefu/2configs/deployment/boot-euer.nix> - <stockholm/makefu/2configs/deployment/bgt/hidden_service.nix> + # <stockholm/makefu/2configs/deployment/owncloud.nix> + # <stockholm/makefu/2configs/deployment/boot-euer.nix> + # <stockholm/makefu/2configs/deployment/bgt/hidden_service.nix> { services.taskserver.enable = true; @@ -71,11 +84,11 @@ in { ''; } # <stockholm/makefu/2configs/ipfs.nix> - <stockholm/makefu/2configs/syncthing.nix> + # <stockholm/makefu/2configs/syncthing.nix> # <stockholm/makefu/2configs/opentracker.nix> <stockholm/makefu/2configs/dcpp/hub.nix> - <stockholm/makefu/2configs/dcpp/client.nix> + <stockholm/makefu/2configs/dcpp/airdcpp.nix> <stockholm/makefu/2configs/stats/client.nix> # <stockholm/makefu/2configs/logging/client.nix> @@ -98,10 +111,6 @@ in { # }; #} <stockholm/makefu/2configs/wireguard/server.nix> - { # iperf3 - networking.firewall.allowedUDPPorts = [ 5201 ]; - networking.firewall.allowedTCPPorts = [ 5201 ]; - } ]; makefu.dl-dir = "/var/download"; @@ -133,20 +142,12 @@ in { makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey config.krebs.users.makefu-bob.pubkey ]; }; - # Chat - environment.systemPackages = with pkgs;[ - weechat - bepasty-client-cli - get - tmux - ]; - # Network networking = { firewall = { - allowPing = true; - logRefusedConnections = false; - allowedTCPPorts = [ + allowPing = true; + logRefusedConnections = false; + allowedTCPPorts = [ # smtp 25 # http @@ -174,9 +175,9 @@ in { # tinc-shack 21032 ]; + }; + nameservers = [ "8.8.8.8" ]; }; - nameservers = [ "8.8.8.8" ]; - }; users.users.makefu.extraGroups = [ "download" "nginx" ]; boot.tmpOnTmpfs = true; } |