From 716a2fc6e842ff051df6de1999b5b97780f2d2cd Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 30 Jun 2016 00:52:35 +0200 Subject: tv iptables: add input-*-accept-udp --- tv/1systems/cd.nix | 8 ++++---- tv/1systems/mkdir.nix | 4 ++-- tv/1systems/rmdir.nix | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) (limited to 'tv/1systems') diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 32d956b8..a46edb4d 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -18,7 +18,7 @@ with config.krebs.lib; enable = true; ssl_cert = ../Zcerts/charybdis_cd.crt.pem; }; - tv.iptables.input-retiolum-accept-new-tcp = [ + tv.iptables.input-retiolum-accept-tcp = [ config.tv.charybdis.port config.tv.charybdis.sslport ]; @@ -28,14 +28,14 @@ with config.krebs.lib; enable = true; hosts = [ "jabber.viljetic.de" ]; }; - tv.iptables.input-internet-accept-new-tcp = [ + tv.iptables.input-internet-accept-tcp = [ "xmpp-client" "xmpp-server" ]; } { krebs.github-hosts-sync.enable = true; - tv.iptables.input-internet-accept-new-tcp = + tv.iptables.input-internet-accept-tcp = singleton config.krebs.github-hosts-sync.port; } { @@ -57,7 +57,7 @@ with config.krebs.lib; root ${pkgs.viljetic-pages}; ''); }; - tv.iptables.input-internet-accept-new-tcp = singleton "http"; + tv.iptables.input-internet-accept-tcp = singleton "http"; } ]; diff --git a/tv/1systems/mkdir.nix b/tv/1systems/mkdir.nix index f46ed954..dcec1e20 100644 --- a/tv/1systems/mkdir.nix +++ b/tv/1systems/mkdir.nix @@ -22,12 +22,12 @@ in { tv.iptables = { enable = true; - input-internet-accept-new-tcp = [ + input-internet-accept-tcp = [ "ssh" "tinc" "smtp" ]; - input-retiolum-accept-new-tcp = [ + input-retiolum-accept-tcp = [ "http" ]; }; diff --git a/tv/1systems/rmdir.nix b/tv/1systems/rmdir.nix index 25fae2c3..34f92602 100644 --- a/tv/1systems/rmdir.nix +++ b/tv/1systems/rmdir.nix @@ -22,12 +22,12 @@ in { tv.iptables = { enable = true; - input-internet-accept-new-tcp = [ + input-internet-accept-tcp = [ "ssh" "tinc" "smtp" ]; - input-retiolum-accept-new-tcp = [ + input-retiolum-accept-tcp = [ "http" ]; }; -- cgit v1.2.3 From 2f65d9c19752a808bc49a8e6bf675ae6b6916a3c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 30 Jun 2016 01:05:21 +0200 Subject: tv: use tinc_pre --- tv/1systems/mu.nix | 2 +- tv/1systems/wu.nix | 2 +- tv/1systems/xu.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'tv/1systems') diff --git a/tv/1systems/mu.nix b/tv/1systems/mu.nix index 06da15ec..ec208a0b 100644 --- a/tv/1systems/mu.nix +++ b/tv/1systems/mu.nix @@ -76,7 +76,7 @@ with config.krebs.lib; environment.systemPackages = with pkgs; [ slock - tinc + tinc_pre iptables vim gimp diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index cebd7c9e..6bb54437 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -153,7 +153,7 @@ with config.krebs.lib; environment.systemPackages = with pkgs; [ ethtool - tinc + tinc_pre iptables #jack2 ]; diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index 6ba7ab32..a3a242c4 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -163,7 +163,7 @@ with config.krebs.lib; environment.systemPackages = with pkgs; [ ethtool - tinc + tinc_pre iptables #jack2 -- cgit v1.2.3 From 0c7a44139fba572487fe853310b6d88a6ffa21c3 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 30 Jun 2016 01:34:25 +0200 Subject: xu,wu: s/gnupg21/gnupg1compat+&/ --- tv/1systems/wu.nix | 2 +- tv/1systems/xu.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'tv/1systems') diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 6bb54437..d115e274 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -38,7 +38,7 @@ with config.krebs.lib; dic file get - gnupg21 + gnupg1compat haskellPackages.hledger htop jq diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index a3a242c4..7277f5cb 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -49,7 +49,7 @@ with config.krebs.lib; cac-api dic file - gnupg21 + gnupg1compat haskellPackages.hledger htop jq -- cgit v1.2.3