From 3d1544c785700777ca5e421094cdde930b0de126 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 Nov 2021 11:43:25 +0100 Subject: Revert "l: rip dishfire.r" This reverts commit 61e6552da3c48256bf4d17ae691721b3a7d000f2. --- lass/1systems/dishfire/config.nix | 63 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 lass/1systems/dishfire/config.nix (limited to 'lass/1systems/dishfire/config.nix') diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix new file mode 100644 index 000000000..3d5f32180 --- /dev/null +++ b/lass/1systems/dishfire/config.nix @@ -0,0 +1,63 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + + + + { + networking.dhcpcd.allowInterfaces = [ + "enp*" + "eth*" + "ens*" + ]; + } + { + sound.enable = false; + } + { + environment.systemPackages = with pkgs; [ + mk_sql_pair + ]; + } + { + imports = [ + + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport http"; target = "ACCEPT"; } + { predicate = "-p tcp --dport https"; target = "ACCEPT"; } + ]; + } + { + #TODO: abstract & move to own file + krebs.exim-smarthost = { + enable = true; + relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [ + config.krebs.hosts.mors + config.krebs.hosts.uriel + ]; + system-aliases = [ + { from = "mailer-daemon"; to = "postmaster"; } + { from = "postmaster"; to = "root"; } + { from = "nobody"; to = "root"; } + { from = "hostmaster"; to = "root"; } + { from = "usenet"; to = "root"; } + { from = "news"; to = "root"; } + { from = "webmaster"; to = "root"; } + { from = "www"; to = "root"; } + { from = "ftp"; to = "root"; } + { from = "abuse"; to = "root"; } + { from = "noc"; to = "root"; } + { from = "security"; to = "root"; } + { from = "root"; to = "lass"; } + ]; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } + ]; + } + ]; + + krebs.build.host = config.krebs.hosts.dishfire; +} -- cgit v1.2.3 From ff9a042e70779e860d7a07a24e3ffb1f40119c32 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 Nov 2021 12:47:06 +0100 Subject: l dishfire.r: revive with minimal config --- lass/1systems/dishfire/config.nix | 53 --------------------------------------- 1 file changed, 53 deletions(-) (limited to 'lass/1systems/dishfire/config.nix') diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix index 3d5f32180..b814d7188 100644 --- a/lass/1systems/dishfire/config.nix +++ b/lass/1systems/dishfire/config.nix @@ -4,59 +4,6 @@ imports = [ - - { - networking.dhcpcd.allowInterfaces = [ - "enp*" - "eth*" - "ens*" - ]; - } - { - sound.enable = false; - } - { - environment.systemPackages = with pkgs; [ - mk_sql_pair - ]; - } - { - imports = [ - - ]; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport http"; target = "ACCEPT"; } - { predicate = "-p tcp --dport https"; target = "ACCEPT"; } - ]; - } - { - #TODO: abstract & move to own file - krebs.exim-smarthost = { - enable = true; - relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [ - config.krebs.hosts.mors - config.krebs.hosts.uriel - ]; - system-aliases = [ - { from = "mailer-daemon"; to = "postmaster"; } - { from = "postmaster"; to = "root"; } - { from = "nobody"; to = "root"; } - { from = "hostmaster"; to = "root"; } - { from = "usenet"; to = "root"; } - { from = "news"; to = "root"; } - { from = "webmaster"; to = "root"; } - { from = "www"; to = "root"; } - { from = "ftp"; to = "root"; } - { from = "abuse"; to = "root"; } - { from = "noc"; to = "root"; } - { from = "security"; to = "root"; } - { from = "root"; to = "lass"; } - ]; - }; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } - ]; - } ]; krebs.build.host = config.krebs.hosts.dishfire; -- cgit v1.2.3