diff options
author | tv <tv@krebsco.de> | 2016-02-01 17:56:10 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2016-02-01 17:56:10 +0100 |
commit | 0c1a2d11b18c73ddc7fdb429e0d09dcffa3906f8 (patch) | |
tree | 284d22bc2245539e64df28107407ab4e6b2f437b /tv/1systems | |
parent | b58f37ce3833b7800c0a9ec83367dc888ea571b3 (diff) |
cd: redistribute iptable rules
Diffstat (limited to 'tv/1systems')
-rw-r--r-- | tv/1systems/cd.nix | 20 |
1 files changed, 5 insertions, 15 deletions
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 1d9457600..27e94aef0 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -31,6 +31,10 @@ with lib; enable = true; hosts = [ "jabber.viljetic.de" ]; }; + tv.iptables.input-internet-accept-new-tcp = [ + "xmpp-client" + "xmpp-server" + ]; } { krebs.github-hosts-sync.enable = true; @@ -38,19 +42,6 @@ with lib; singleton config.krebs.github-hosts-sync.port; } { - tv.iptables = { - enable = true; - input-internet-accept-new-tcp = [ - "xmpp-client" - "xmpp-server" - ]; - input-retiolum-accept-new-tcp = [ - "http" - ]; - }; - } - { - tv.iptables.input-internet-accept-new-tcp = singleton "http"; krebs.nginx.servers.cgit.server-names = [ "cgit.cd.krebsco.de" "cgit.cd.viljetic.de" @@ -62,8 +53,6 @@ with lib; alias /home/$1/public_html$2; ''); }; - } - { krebs.nginx.servers.viljetic = { server-names = singleton "viljetic.de"; # TODO directly set root (instead via location) @@ -71,6 +60,7 @@ with lib; root ${pkgs.viljetic-pages}; ''); }; + tv.iptables.input-internet-accept-new-tcp = singleton "http"; } ]; |