From 48d37be5dea8c74c929bd23153361f3cf419f43e Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Fri, 14 Apr 2017 11:25:18 +0200
Subject: l 2 nixpkgs: a563923 -> 5acb454

---
 lass/2configs/nixpkgs.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 24437d04..5309c955 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
 {
   krebs.build.source.nixpkgs.git = {
     url = https://cgit.lassul.us/nixpkgs;
-    ref = "a563923";
+    ref = "5acb454";
   };
 }
-- 
cgit v1.2.3


From 930971c9e2c3aa601f4cd87586b987c312607bc7 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sat, 15 Apr 2017 17:16:20 +0200
Subject: lass: update realwallpaper locations

---
 lass/2configs/realwallpaper.nix | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix
index cf979507..4794823c 100644
--- a/lass/2configs/realwallpaper.nix
+++ b/lass/2configs/realwallpaper.nix
@@ -13,8 +13,14 @@ in {
     serverAliases = [
       hostname
     ];
-    locations."/wallpaper.png".extraConfig = ''
-      root /tmp/;
+    locations."/realwallpaper.png".extraConfig = ''
+      root /var/realwallpaper/;
+    '';
+    locations."/realwallpaper-sat.png".extraConfig = ''
+      root /var/realwallpaper/;
+    '';
+    locations."/realwallpaper-sat-krebs.png".extraConfig = ''
+      root /var/realwallpaper/;
     '';
   };
 
-- 
cgit v1.2.3


From 64ac9ab74f1cb448da51880a0776848ddd7c63b3 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sat, 15 Apr 2017 18:19:15 +0200
Subject: l 2 realwallpaper: allow only from .r

---
 lass/2configs/realwallpaper.nix | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lass/2configs')

diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix
index 4794823c..9e26d677 100644
--- a/lass/2configs/realwallpaper.nix
+++ b/lass/2configs/realwallpaper.nix
@@ -10,6 +10,11 @@ in {
   krebs.realwallpaper.enable = true;
 
   services.nginx.virtualHosts.wallpaper = {
+    extraConfig = ''
+      if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
+        return 403;
+      }
+    '';
     serverAliases = [
       hostname
     ];
-- 
cgit v1.2.3


From fbc29e63da7fca719dc20df13d31402a8d9c449b Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sat, 15 Apr 2017 18:19:45 +0200
Subject: l 2 realwallpaper: listen on .r

---
 lass/2configs/realwallpaper.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lass/2configs')

diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix
index 9e26d677..116d6627 100644
--- a/lass/2configs/realwallpaper.nix
+++ b/lass/2configs/realwallpaper.nix
@@ -17,6 +17,7 @@ in {
     '';
     serverAliases = [
       hostname
+      "${hostname}.r"
     ];
     locations."/realwallpaper.png".extraConfig = ''
       root /var/realwallpaper/;
-- 
cgit v1.2.3


From bd58053b7e8123850ca04601505efadace807100 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 16 Apr 2017 23:34:25 +0200
Subject: l 2: add sshn to pkgs

---
 lass/2configs/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'lass/2configs')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 69f8a681..b53efa75 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -151,6 +151,10 @@ with import <stockholm/lib>;
     p7zip
     unzip
     unrar
+
+    (pkgs.writeDashBin "sshn" ''
+      ${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@"
+    '')
   ];
 
   programs.bash = {
-- 
cgit v1.2.3


From b3463a3b8227a0732b1c3c4c90998f24c8ab1edf Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 16 Apr 2017 23:35:25 +0200
Subject: l 2: add syncthing.nix

---
 lass/2configs/syncthing.nix | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 lass/2configs/syncthing.nix

(limited to 'lass/2configs')

diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix
new file mode 100644
index 00000000..cef43d1e
--- /dev/null
+++ b/lass/2configs/syncthing.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+  services.syncthing = {
+    enable = true;
+    useInotify = true;
+  };
+  krebs.iptables.tables.filter.INPUT.rules = [
+    { predicate = "-p tcp --dport 22000"; target = "ACCEPT";}
+    { predicate = "-p udp --dport 21027"; target = "ACCEPT";}
+  ];
+}
-- 
cgit v1.2.3


From 3b0fa5dbe7a7e4f0b6047746545b1ce602f8e65f Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 17 Apr 2017 15:43:10 +0200
Subject: l 2 baseX: remove redundant libvirt

---
 lass/2configs/baseX.nix | 2 --
 1 file changed, 2 deletions(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 3032e244..9c51effd 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -32,8 +32,6 @@ in {
 
   time.timeZone = "Europe/Berlin";
 
-  virtualisation.libvirtd.enable = true;
-
   programs.ssh.startAgent = false;
 
   services.printing = {
-- 
cgit v1.2.3


From 7c89a9be2b7d41e0feba0a51c6e80bf046179f65 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 18 Apr 2017 17:04:40 +0200
Subject: l 2 buildbot: get stockholm source from cgit.prism

---
 lass/2configs/buildbot-standalone.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 3006e9df..7b38e44c 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -20,7 +20,7 @@ in {
   };
 
   config.krebs.buildbot.master = let
-    stockholm-mirror-url = http://cgit.lassul.us/stockholm ;
+    stockholm-mirror-url = http://cgit.prism.r/stockholm ;
   in {
     workers = {
       testworker = "lasspass";
-- 
cgit v1.2.3


From 4e55661dc4e32af76f074f57c035136a7e7b3869 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 18 Apr 2017 17:04:59 +0200
Subject: l 2: set dnscrypt resolver to cs-de

---
 lass/2configs/default.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index b53efa75..e964704c 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -64,7 +64,10 @@ with import <stockholm/lib>;
       ];
     }
     {
-      services.dnscrypt-proxy.enable = true;
+      services.dnscrypt-proxy = {
+        enable = true;
+        resolverName = "cs-de";
+      };
       networking.extraResolvconfConf = ''
         name_servers='127.0.0.1'
       '';
-- 
cgit v1.2.3


From 5443d2b08ba11323844dcd4b4b79c7580c4029ef Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 18 Apr 2017 17:05:18 +0200
Subject: l 2 fetchWallpaper: get new wp from prism

---
 lass/2configs/fetchWallpaper.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix
index 971be958..31a01c75 100644
--- a/lass/2configs/fetchWallpaper.nix
+++ b/lass/2configs/fetchWallpaper.nix
@@ -6,7 +6,7 @@ in {
   krebs.fetchWallpaper = {
     enable = true;
     unitConfig.ConditionPathExists = "!/var/run/ppp0.pid";
-    url = "prism/wallpaper.png";
+    url = "prism/realwallpaper-sat-krebs.png";
     maxTime = 10;
   };
 }
-- 
cgit v1.2.3


From d528daf9e8d4ec59b3e5355576eaf001136763cc Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 18 Apr 2017 21:02:17 +0200
Subject: l 2 nixpkgs: 5acb454 -> c85f39e

---
 lass/2configs/nixpkgs.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 5309c955..5f9800b0 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
 {
   krebs.build.source.nixpkgs.git = {
     url = https://cgit.lassul.us/nixpkgs;
-    ref = "5acb454";
+    ref = "c85f39e";
   };
 }
-- 
cgit v1.2.3