From 10fc9eb4ee5151bee86026cd81a73d333551b612 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Sat, 31 Oct 2015 15:09:43 +0100
Subject: l 2: get ssh-keys via api

---
 lass/2configs/base.nix        | 8 ++++----
 lass/2configs/downloading.nix | 4 ++--
 2 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index 057af7bc..11bc4f08 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -15,8 +15,8 @@ with lib;
     {
       users.extraUsers = {
         root = {
-          openssh.authorizedKeys.keys = map readFile [
-            ../../krebs/Zpubkeys/lass.ssh.pub
+          openssh.authorizedKeys.keys = [
+            config.krebs.users.lass.pubkey
           ];
         };
         mainUser = {
@@ -28,8 +28,8 @@ with lib;
           useDefaultShell = true;
           extraGroups = [
           ];
-          openssh.authorizedKeys.keys = map readFile [
-            ../../krebs/Zpubkeys/lass.ssh.pub
+          openssh.authorizedKeys.keys = [
+            config.krebs.users.lass.pubkey
           ];
         };
       };
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index 553a3a55..b9f3449e 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -15,8 +15,8 @@ with lib;
       extraGroups = [
         "download"
       ];
-      openssh.authorizedKeys.keys = map readFile [
-        ../../krebs/Zpubkeys/lass.ssh.pub
+      openssh.authorizedKeys.keys = [
+        config.krebs.users.lass.pubkey
       ];
     };
 
-- 
cgit v1.2.3


From e8d41346d34cf24652e8e77fab6bb0a0dd86a199 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Sat, 31 Oct 2015 15:11:15 +0100
Subject: l 2 downloading: get rpc-password from secrets

---
 lass/2configs/downloading.nix | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'lass/2configs')

diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index b9f3449e..e80b7400 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -1,7 +1,10 @@
 { config, lib, pkgs, ... }:
 
 with lib;
-{
+
+let
+  rpc-password = import <secrets/transmission-pw.nix>;
+in {
   imports = [
     ../3modules/folderPerms.nix
   ];
@@ -46,8 +49,7 @@ with lib;
       rpc-authentication-required = true;
       rpc-whitelist-enabled = false;
       rpc-username = "download";
-      #add rpc-password in secrets
-      rpc-password = "test123";
+      inherit rpc-password;
       peer-port = 51413;
     };
   };
-- 
cgit v1.2.3


From f18a958ce57d2a91af9ba547cbf8cb21e19b99f8 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Sun, 1 Nov 2015 19:57:05 +0100
Subject: l 2: add ts3.nix

---
 lass/2configs/ts3.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 lass/2configs/ts3.nix

(limited to 'lass/2configs')

diff --git a/lass/2configs/ts3.nix b/lass/2configs/ts3.nix
new file mode 100644
index 00000000..5b92d091
--- /dev/null
+++ b/lass/2configs/ts3.nix
@@ -0,0 +1,19 @@
+{ config, ... }:
+
+{
+  services.teamspeak3 = {
+    enable = true;
+  };
+
+  krebs.iptables.tables.filter.INPUT.rules = [
+    #voice port
+    { predicate = "-p tcp --dport 9987"; target = "ACCEPT"; }
+    { predicate = "-p udp --dport 9987"; target = "ACCEPT"; }
+    ##file transfer port
+    #{ predicate = "-p tcp --dport 30033"; target = "ACCEPT"; }
+    #{ predicate = "-p udp --dport 30033"; target = "ACCEPT"; }
+    ##query port
+    #{ predicate = "-p tcp --dport 10011"; target = "ACCEPT"; }
+    #{ predicate = "-p udp --dport 10011"; target = "ACCEPT"; }
+  ];
+}
-- 
cgit v1.2.3