From 53bea08c263fa5f481255ed51da8ec79a88e11a8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:48:57 +0100 Subject: l daedalus: kill games & steam --- lass/1systems/daedalus/config.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 305b3f70e..4472711e5 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -6,8 +6,6 @@ with import ; - - { # bubsy config -- cgit v1.2.3 From 54d220f7fd758adb3e7289331a77ee27097aae9b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:49:17 +0100 Subject: l daedalus: add torbrowser to pkgs --- lass/1systems/daedalus/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 4472711e5..a43603f50 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -70,6 +70,7 @@ with import ; #remote control environment.systemPackages = with pkgs; [ x11vnc + torbrowser ]; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; } -- cgit v1.2.3 From e8f21e098edb2c3af5fc36f5df616e8f76f7f7b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:49:45 +0100 Subject: l mors: accept android sdk license --- lass/1systems/mors/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 46cdbbb66..b39f03df9 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -147,6 +147,7 @@ with import ; OnCalendar = "00:37"; }; + nixpkgs.config.android_sdk.accept_license = true; programs.adb.enable = true; users.users.mainUser.extraGroups = [ "adbusers" "docker" ]; virtualisation.docker.enable = true; -- cgit v1.2.3 From d5db3117b570e2afaa9133e44b7f04fd10bb0ad1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 15:50:05 +0100 Subject: l prism: add wiregrill nfs export --- lass/1systems/prism/config.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 6c454b4ac..034721660 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -390,6 +390,28 @@ with import ; ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || : chown download: /var/download/finished ''; + + fileSystems."/export/download" = { + device = "/var/lib/containers/yellow/var/download"; + options = [ "bind" ]; + }; + services.nfs.server = { + enable = true; + exports = '' + /export 42::/16(insecure,ro,crossmnt) + ''; + lockdPort = 4001; + mountdPort = 4002; + statdPort = 4000; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; } + ]; } ]; -- cgit v1.2.3 From 7a7dc91f179520bcc78ee1bd6e907979e1508260 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Dec 2018 16:32:41 +0100 Subject: l: add nfs-dl.nix --- lass/1systems/daedalus/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index a43603f50..e28fbf2f8 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -7,6 +7,7 @@ with import ; + { # bubsy config users.users.bubsy = { -- cgit v1.2.3 From 712ef03b7afce99f359cf1a5072b63f493ed461b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 25 Dec 2018 14:24:32 +0100 Subject: l prism: fix MASQUERADING for externals --- lass/1systems/prism/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 034721660..dd8ab0dd9 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -309,7 +309,7 @@ with import ; { precedence = 1000; predicate = "-i retiolum -o wiregrill"; target = "ACCEPT"; } ]; krebs.iptables.tables.nat.POSTROUTING.rules = [ - { v4 = false; predicate = "-s 42:1:ce16::/48 ! -d 42:1:ce16::48"; target = "MASQUERADE"; } + { v4 = false; predicate = "-s 42:1::/32 ! -d 42:1::/48"; target = "MASQUERADE"; } { v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; } ]; services.dnsmasq = { -- cgit v1.2.3 From e4138df4aa790fca87223dee67c921627bf28a26 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 26 Dec 2018 16:44:25 +0100 Subject: l prism: add kmein user --- lass/1systems/prism/config.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index dd8ab0dd9..df2778bef 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -82,6 +82,13 @@ with import ; ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ]; }; + users.users.kmein = { + uid = genid_uint31 "kmein"; + isNormalUser = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.kmein.pubkey + ]; + }; } { #hotdog -- cgit v1.2.3