From 4e8d61d8f74e547c6718d55b13ae1d5eb2287bfd Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 14 Feb 2017 13:20:14 +0100
Subject: l 2 hfos: forward https from localhost

---
 lass/2configs/hfos.nix | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lass/2configs/hfos.nix')

diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix
index 7d4d544a..a4020dad 100644
--- a/lass/2configs/hfos.nix
+++ b/lass/2configs/hfos.nix
@@ -32,4 +32,8 @@ with import <stockholm/lib>;
     { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1080 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
     { v6 = false; precedence = 1000; predicate = "-d 192.168.122.208 -p tcp --dport 1443 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
   ];
+
+  krebs.iptables.tables.nat.OUTPUT.rules = [
+    { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; }
+  ];
 }
-- 
cgit v1.2.3


From 5829d6726070b037d5698faedb77fa79b311c9f2 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 21 Feb 2017 14:30:49 +0100
Subject: l 2 hfos: run krebs-iptables after libvirtd

---
 lass/2configs/hfos.nix | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'lass/2configs/hfos.nix')

diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix
index a4020dad..dcd50dd7 100644
--- a/lass/2configs/hfos.nix
+++ b/lass/2configs/hfos.nix
@@ -36,4 +36,6 @@ with import <stockholm/lib>;
   krebs.iptables.tables.nat.OUTPUT.rules = [
     { v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; }
   ];
+
+  systemd.services.krebs-iptables.after = [ "libvirtd.service" ];
 }
-- 
cgit v1.2.3


From ee9695482704af0c8371399bdf74045d5723f450 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Thu, 2 Mar 2017 15:15:45 +0100
Subject: l 2 hfos: remove lass pubkey from riot

---
 lass/2configs/hfos.nix | 1 -
 1 file changed, 1 deletion(-)

(limited to 'lass/2configs/hfos.nix')

diff --git a/lass/2configs/hfos.nix b/lass/2configs/hfos.nix
index dcd50dd7..a28a6a5d 100644
--- a/lass/2configs/hfos.nix
+++ b/lass/2configs/hfos.nix
@@ -8,7 +8,6 @@ with import <stockholm/lib>;
     extraGroups = [ "libvirtd" ];
     openssh.authorizedKeys.keys = [
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkyCwdwBrsbs3qrNQcy/SqQpex4aaQoAMuT+NDefFc8KVHOMfmkDccEyAggDTgQhUrEVIvo/fFUmGBd9sm1vN1IthO2Qh5nX+qiK/A2R7sxci0Ry6piU03R27JfpZqi6g8TSPNi1C9rC8eBqOfO3OB8oQOkFmM48Q9cmS8AV3ERLR0LaHoEqUbs86JELbtHrMdKk4Hzo8zTM/isP3GO8iDHRt4dBS/03Ve7+WVxgNwWU2HW3a3jJd3tWHrqGmS/ZfCEC/47eIj4WSW+JiH9Q0BarNEbkkMV1Mvm32MX52stGPd5FaIIUtFqD4745iVSiw8esUGFUxJ1RjWgUHr99h riot@vortex"
-      config.krebs.users.lass.pubkey
     ];
   };
 
-- 
cgit v1.2.3