From 77baef49ab6c461e293c27bf51bd0e2cc5f200f4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Jan 2019 16:26:30 +0100 Subject: l prism.r hfos: update ip addresses --- lass/1systems/prism/config.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index df2778be..dbd4ceb1 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -36,10 +36,10 @@ with import ; # TODO write function for proxy_pass (ssl/nonssl) krebs.iptables.tables.filter.FORWARD.rules = [ - { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; } + { v6 = false; precedence = 1000; predicate = "-d 192.168.122.141"; target = "ACCEPT"; } ]; krebs.iptables.tables.nat.PREROUTING.rules = [ - { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; } + { v6 = false; precedence = 1000; predicate = "-d 95.216.1.130"; target = "DNAT --to-destination 192.168.122.141"; } ]; } { -- cgit v1.2.3 From b3587bfbfa74c5581987e0dd965189d51d96bcce Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Jan 2019 16:27:18 +0100 Subject: l prism.r: add uid for download user --- lass/1systems/prism/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index dbd4ceb1..b4a514d5 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -379,6 +379,7 @@ with import ; name = "download"; home = "/var/download"; useDefaultShell = true; + uid = genid "download"; openssh.authorizedKeys.keys = with config.krebs.users; [ lass.pubkey lass-shodan.pubkey -- cgit v1.2.3 From c893dbd47960335402a9727c879f6f92c104aaf4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Jan 2019 16:27:56 +0100 Subject: l prism.r: add Mic92 to trustedUsers --- lass/1systems/prism/config.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index b4a514d5..23746d21 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -421,6 +421,16 @@ with import ; { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; } ]; } + { + nix.trustedUsers = [ "Mic92" ]; + users.users.Mic92 = { + uid = genid_uint31 "Mic92"; + isNormalUser = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.Mic92.pubkey + ]; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 04297e6c094a13051ee54d700d6fe55ad1f1ede5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Jan 2019 16:28:50 +0100 Subject: l prism.r: add new ip --- lass/1systems/prism/physical.nix | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix index a2b5efb2..9a84e9d6 100644 --- a/lass/1systems/prism/physical.nix +++ b/lass/1systems/prism/physical.nix @@ -63,9 +63,15 @@ defaultGateway = "95.216.1.129"; # Use google's public DNS server nameservers = [ "8.8.8.8" ]; - interfaces.eth0 = { - ipAddress = "95.216.1.150"; - prefixLength = 26; - }; + interfaces.eth0.ipv4.addresses = [ + { + address = "95.216.1.150"; + prefixLength = 26; + } + { + address = "95.216.1.130"; + prefixLength = 26; + } + ]; }; } -- cgit v1.2.3