diff options
| author | lassulus <lass@aidsballs.de> | 2015-07-28 15:29:59 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2015-07-28 15:29:59 +0200 |
| commit | 7acd1262519d8f15c8eb89a0dce968eb26d6b7d4 (patch) | |
| tree | 71f807a36e60e126b6fdb0be51e70cde4bf64b4e /tv/systems/rmdir.nix | |
| parent | 7673c84204bd5bae0426b79c62e95dfccf846756 (diff) | |
| parent | 7920cfad18e69ea30bbe5e70da2cd93e0bbc05cd (diff) | |
Merge branch 'tv' into master
Diffstat (limited to 'tv/systems/rmdir.nix')
| -rw-r--r-- | tv/systems/rmdir.nix | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/tv/systems/rmdir.nix b/tv/systems/rmdir.nix new file mode 100644 index 0000000..fa91516 --- /dev/null +++ b/tv/systems/rmdir.nix @@ -0,0 +1,84 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + krebs.build.host = config.krebs.hosts.rmdir; + krebs.build.user = config.krebs.users.tv; + + krebs.build.target = "root@rmdir.internet"; + + krebs.build.deps = { + nixpkgs = { + url = https://github.com/NixOS/nixpkgs; + rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; + }; + secrets = { + url = "/home/tv/secrets/${config.krebs.build.host.name}"; + }; + stockholm = { + url = toString ../..; + }; + }; + + imports = [ + ../configs/CAC-Developer-1.nix + ../configs/CAC-CentOS-7-64bit.nix + ../configs/base.nix + ../configs/consul-server.nix + ../configs/exim-smarthost.nix + ../configs/git.nix + { + tv.iptables = { + enable = true; + input-internet-accept-new-tcp = [ + "ssh" + "tinc" + "smtp" + ]; + input-retiolum-accept-new-tcp = [ + "http" + ]; + }; + } + { + krebs.retiolum = { + enable = true; + connectTo = [ + "cd" + "mkdir" + "fastpoke" + "pigstarter" + "ire" + ]; + }; + } + ]; + + networking.interfaces.enp2s1.ip4 = [ + { + address = "167.88.44.94"; + prefixLength = 24; + } + ]; + networking.defaultGateway = "167.88.44.1"; + networking.nameservers = [ + "8.8.8.8" + ]; + + environment.systemPackages = with pkgs; [ + git # required for ./deploy, clone_or_update + htop + iftop + iotop + iptables + nethogs + rxvt_unicode.terminfo + tcpdump + ]; + + services.journald.extraConfig = '' + SystemMaxUse=1G + RuntimeMaxUse=128M + ''; +} |