blob: c873ae4d586cc95060cd2f39c66d96628e0e7ada (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
{ config, lib, pkgs, ... }:
let
hostname = config.krebs.build.host.name;
inherit (lib)
nameValuePair
;
in {
krebs.realwallpaper.enable = true;
system.activationScripts.wallpaper-chmod = ''
${pkgs.coreutils}/bin/chmod +x /var/realwallpaper
'';
services.nginx.virtualHosts.wallpaper = {
extraConfig = ''
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
return 403;
}
'';
serverAliases = [
hostname
"${hostname}.r"
];
locations."/realwallpaper.png".extraConfig = ''
root /var/realwallpaper/;
'';
locations."/realwallpaper-krebs.png".extraConfig = ''
root /var/realwallpaper/;
'';
locations."/realwallpaper-krebs-stars.png".extraConfig = ''
root /var/realwallpaper/;
'';
locations."/realwallpaper-video.mp4".extraConfig = ''
root /var/realwallpaper/archive;
'';
};
krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
];
};
};
}
|