diff options
Diffstat (limited to 'makefu/1systems')
| -rw-r--r-- | makefu/1systems/drop.nix | 40 | ||||
| -rw-r--r-- | makefu/1systems/gum.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/shoney.nix | 1 | ||||
| -rw-r--r-- | makefu/1systems/wry.nix | 5 | ||||
| -rw-r--r-- | makefu/1systems/x.nix | 8 |
5 files changed, 51 insertions, 5 deletions
diff --git a/makefu/1systems/drop.nix b/makefu/1systems/drop.nix new file mode 100644 index 000000000..4a94c3f61 --- /dev/null +++ b/makefu/1systems/drop.nix @@ -0,0 +1,40 @@ +{ config, pkgs, ... }: +let + external-ip = "45.55.145.62"; + default-gw = "45.55.128.1"; + prefixLength = 18; +in { + imports = [ + ../. + ../2configs/hw/CAC.nix + ../2configs/save-diskspace.nix + ../2configs/torrent.nix + ]; + krebs = { + enable = true; + tinc.retiolum.enable = true; + build.host = config.krebs.hosts.drop; + }; + + boot.loader.grub.device = "/dev/vda"; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ]; + fileSystems."/" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; + + networking = { + firewall = { + allowPing = true; + logRefusedConnections = false; + allowedTCPPorts = [ ]; + allowedUDPPorts = [ 655 ]; + }; + interfaces.enp0s3.ip4 = [{ + address = external-ip; + inherit prefixLength; + }]; + defaultGateway = default-gw; + nameservers = [ "8.8.8.8" ]; + }; +} diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index a4e2d1760..0d8ac0053 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -21,9 +21,9 @@ in { ../2configs/exim-retiolum.nix ../2configs/tinc/retiolum.nix ../2configs/urlwatch.nix + ../2configs/torrent.nix ]; - services.smartd.devices = [ { device = "/dev/sda";} ]; ###### stable diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix index 7081f6a95..1c5d2352e 100644 --- a/makefu/1systems/shoney.nix +++ b/makefu/1systems/shoney.nix @@ -14,6 +14,7 @@ in { ../2configs/hw/CAC.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/tinc/retiolum.nix + ../2configs/torrent.nix ]; diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 3764ab4b5..81cd362e6 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -24,9 +24,10 @@ in { ../2configs/nginx/euer.test.nix # collectd - ../2configs/collectd/collectd-base.nix + # ../2configs/collectd/collectd-base.nix ../2configs/tinc/retiolum.nix + ../2configs/torrent.nix ]; krebs.build.host = config.krebs.hosts.wry; @@ -83,5 +84,5 @@ in { nameservers = [ "8.8.8.8" ]; }; - environment.systemPackages = [ ]; + environment.systemPackages = [ pkgs.screen ]; } diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index d41edfa46..4829aaabd 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -32,6 +32,7 @@ # hardware specifics are in here ../2configs/hw/tp-x220.nix ../2configs/hw/rtl8812au.nix + ../2configs/hw/bcm4352.nix # mount points ../2configs/fs/sda-crypto-root-home.nix # ../2configs/mediawiki.nix @@ -41,10 +42,13 @@ ../2configs/tinc/retiolum.nix # temporary modules ../2configs/temp/share-samba.nix - # ../2configs/temp/elkstack.nix + ../2configs/temp/elkstack.nix # ../2configs/temp/sabnzbd.nix ../2configs/tinc/siem.nix + ../2configs/torrent.nix ]; + makefu.full-populate = true; + makefu.deluge.web.enable = true; krebs.nginx = { default404 = false; servers.default.listen = [ "80 default_server" ]; @@ -57,7 +61,7 @@ # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ 80 24800 26061 ]; + networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 ]; networking.firewall.allowedUDPPorts = [ 665 26061 ]; krebs.build.host = config.krebs.hosts.x; |