summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/default.nix7
-rw-r--r--lass/2configs/go.nix2
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/repo-sync.nix1
-rw-r--r--lass/2configs/websites/domsen.nix14
-rw-r--r--lass/2configs/websites/fritz.nix10
6 files changed, 18 insertions, 18 deletions
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 43c4d5b0d..a7d2a6cef 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -46,6 +46,13 @@ with import <stockholm/lib>;
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
};
}
+ (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
+ environment.variables = {
+ CURL_CA_BUNDLE = ca-bundle;
+ GIT_SSL_CAINFO = ca-bundle;
+ SSL_CERT_FILE = ca-bundle;
+ };
+ })
];
networking.hostName = config.krebs.build.host.name;
diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix
index 7d694c173..f6ddbe96d 100644
--- a/lass/2configs/go.nix
+++ b/lass/2configs/go.nix
@@ -3,7 +3,7 @@
with import <stockholm/lib>;
{
environment.systemPackages = [
- pkgs.go
+ pkgs.go-shortener
];
krebs.go = {
enable = true;
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 4ef4c6ce7..e665b6c6f 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "686bc9c5ccafbec2b6d2db61bd0803c2b7bc2b7d";
+ ref = "0195ab84607ac3a3aa07a79d2d6c2781b1bb6731";
};
}
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index f88149730..f2e4de6a7 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -93,6 +93,7 @@ in {
(sync-remote "xintmap" "https://github.com/4z3/xintmap")
(sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper")
(sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog")
+ (sync-remote "painload" "https://github.com/krebscode/painload")
(sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs")
(sync-retiolum "go")
(sync-retiolum "much")
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 18c771fad..fa56d0e12 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -142,28 +142,26 @@ in {
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport pop3s"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport imaps"; target = "ACCEPT"; }
- { predicate = "-p tcp --dport 465"; target = "ACCEPT"; }
];
krebs.exim-smarthost = {
authenticators.PLAIN = ''
driver = plaintext
- server_prompts = :
- server_condition = "''${if pam{$auth2:$auth3}{yes}{no}}"
- server_set_id = $auth2
+ public_name = PLAIN
+ server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}}
'';
authenticators.LOGIN = ''
driver = plaintext
+ public_name = LOGIN
server_prompts = "Username:: : Password::"
- server_condition = "''${if pam{$auth1:$auth2}{yes}{no}}"
- server_set_id = $auth1
+ server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}}
'';
internet-aliases = [
{ from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; }
{ from = "mail@jla-trading.com"; to = "jla-trading"; }
- { from = "testuser@lassul.us"; to = "testuser"; }
];
- system-aliases = [
+ sender_domains = [
+ "jla-trading.com"
];
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
ssl_key = "/var/lib/acme/lassul.us/key.pem";
diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix
index d93d310da..52914f444 100644
--- a/lass/2configs/websites/fritz.nix
+++ b/lass/2configs/websites/fritz.nix
@@ -88,13 +88,7 @@ in {
];
};
- services.phpfpm.phpIni = pkgs.runCommand "php.ini" {
- options = ''
- extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
- sendmail_path = "${sendmail} -t -i"
- '';
- } ''
- cat ${pkgs.php}/etc/php-recommended.ini > $out
- echo "$options" >> $out
+ services.phpfpm.phpOptions = ''
+ sendmail_path = ${sendmail} -t
'';
}