From 6dfee5d766d16bd90aaf846f591c7168563554cd Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sat, 15 Apr 2017 22:27:59 +0200
Subject: l 1 iso: enable hidden-ssh

---
 lass/1systems/iso.nix | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lass/1systems/iso.nix')

diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
index 9dfbf7cb..bee1c148 100644
--- a/lass/1systems/iso.nix
+++ b/lass/1systems/iso.nix
@@ -148,5 +148,8 @@ with import <stockholm/lib>;
         };
       };
     }
+    {
+      krebs.hidden-ssh.enable = true;
+    }
   ];
 }
-- 
cgit v1.2.3


From 6a53a331d11fcf1ff1d36645c3bd42c4c9d0c51c Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 16 Apr 2017 23:33:54 +0200
Subject: l 1 iso: make sshd work

---
 lass/1systems/iso.nix | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

(limited to 'lass/1systems/iso.nix')

diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
index bee1c148..01d698c4 100644
--- a/lass/1systems/iso.nix
+++ b/lass/1systems/iso.nix
@@ -15,7 +15,6 @@ with import <stockholm/lib>;
       krebs.enable = true;
       krebs.build.user = config.krebs.users.lass;
       krebs.build.host = config.krebs.hosts.iso;
-      krebs.build.source.nixos-config.symlink = "stockholm/lass/1systems/${config.krebs.buil.host.name}.nix";
     }
     {
       nixpkgs.config.allowUnfree = true;
@@ -122,18 +121,12 @@ with import <stockholm/lib>;
           { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
         ];
       };
+      systemd.services.sshd.wantedBy = mkForce [ "multi-user.target" ];
     }
     {
       krebs.iptables = {
         enable = true;
         tables = {
-          nat.PREROUTING.rules = [
-            { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
-            { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
-          ];
-          nat.OUTPUT.rules = [
-            { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
-          ];
           filter.INPUT.policy = "DROP";
           filter.FORWARD.policy = "DROP";
           filter.INPUT.rules = [
-- 
cgit v1.2.3


From 0011f32a343a88ec1b7e5426d271a419bfeb6444 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 18 Apr 2017 19:55:19 +0200
Subject: l 1 iso: enable copytoram

---
 lass/1systems/iso.nix | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lass/1systems/iso.nix')

diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
index 01d698c4..5bbd0c1d 100644
--- a/lass/1systems/iso.nix
+++ b/lass/1systems/iso.nix
@@ -11,6 +11,9 @@ with import <stockholm/lib>;
     ../2configs/mc.nix
     ../2configs/nixpkgs.nix
     ../2configs/vim.nix
+    {
+      boot.kernelParams = [ "copytoram" ];
+    }
     {
       krebs.enable = true;
       krebs.build.user = config.krebs.users.lass;
-- 
cgit v1.2.3


From d40738d41573eca83d7e84f8a9946f8d8441a0d0 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Wed, 19 Apr 2017 00:13:52 +0200
Subject: l 1 iso: hack around buggy /dev/stderr in live iso

---
 lass/1systems/iso.nix | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'lass/1systems/iso.nix')

diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
index 5bbd0c1d..99399550 100644
--- a/lass/1systems/iso.nix
+++ b/lass/1systems/iso.nix
@@ -12,6 +12,27 @@ with import <stockholm/lib>;
     ../2configs/nixpkgs.nix
     ../2configs/vim.nix
     {
+      # /dev/stderr doesn't work. I don't know why
+      # /proc/self doesn't seem to work correctly
+      # /dev/pts is empty except for 1 file
+      # my life sucks
+      nixpkgs.config.packageOverrides = super: {
+        irc-announce = super.callPackage <stockholm/krebs/5pkgs/irc-announce> {
+          pkgs = pkgs // { coreutils = pkgs.concat "coreutils-hack" [
+            pkgs.coreutils
+            (pkgs.writeDashBin "tee" ''
+              if test "$1" = /dev/stderr; then
+                while read -r line; do
+                  echo "$line"
+                  echo "$line" >&2
+                done
+              else
+                ${super.coreutils}/bin/tee "$@"
+              fi
+            '')
+          ];};
+        };
+      };
       boot.kernelParams = [ "copytoram" ];
     }
     {
-- 
cgit v1.2.3