summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2015-10-01 22:13:40 +0200
committerlassulus <lass@aidsballs.de>2015-10-01 22:13:40 +0200
commit505272628636d38cdce6aba37f56283d1eb820ed (patch)
treef975e3114ec7b11e093635f98cb875b3da85809d
parent1078d1a8a3f4f17f20fa81c76f9af39fc844e801 (diff)
lass: lass.iptables -> krebs.iptables
-rw-r--r--lass/1systems/mors.nix12
-rw-r--r--lass/2configs/base.nix3
-rw-r--r--lass/2configs/downloading.nix3
-rw-r--r--lass/2configs/fastpoke-pages.nix3
-rw-r--r--lass/2configs/retiolum.nix5
-rw-r--r--lass/2configs/steam.nix4
-rw-r--r--lass/2configs/wordpress.nix4
-rw-r--r--lass/3modules/default.nix1
8 files changed, 10 insertions, 25 deletions
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index b7291a8f2..c67cc8209 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -195,21 +195,11 @@
};
};
- networking.firewall = {
- allowPing = true;
- allowedTCPPorts = [
- 8000
- ];
- allowedUDPPorts = [
- 67
- ];
- };
-
services.mongodb = {
enable = true;
};
- lass.iptables = {
+ krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; precedence = 9001; }
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index 46435649b..e131caf52 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -3,7 +3,6 @@
with lib;
{
imports = [
- ../3modules/iptables.nix
../2configs/vim.nix
../2configs/zsh.nix
../2configs/mc.nix
@@ -137,7 +136,7 @@ with lib;
RuntimeMaxUse=128M
'';
- lass.iptables = {
+ krebs.iptables = {
enable = true;
tables = {
filter.INPUT.policy = "DROP";
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index e6d31a6c4..5052da5c8 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -2,7 +2,6 @@
{
imports = [
- ../3modules/iptables.nix
../3modules/folderPerms.nix
];
@@ -47,7 +46,7 @@
};
};
- lass.iptables = {
+ krebs.iptables = {
enable = true;
tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
diff --git a/lass/2configs/fastpoke-pages.nix b/lass/2configs/fastpoke-pages.nix
index 1c8106a88..b84b27c0d 100644
--- a/lass/2configs/fastpoke-pages.nix
+++ b/lass/2configs/fastpoke-pages.nix
@@ -30,7 +30,6 @@ let
in {
imports = [
- ../3modules/iptables.nix
] ++ map createStaticPage [
"habsys.de"
"pixelpocket.de"
@@ -39,7 +38,7 @@ in {
"apanowicz.de"
];
- lass.iptables = {
+ krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index d7df15027..7f0bcc5e8 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -1,11 +1,8 @@
{ ... }:
{
- imports = [
- ../3modules/iptables.nix
- ];
- lass.iptables = {
+ krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
diff --git a/lass/2configs/steam.nix b/lass/2configs/steam.nix
index bd895e156..225ddd308 100644
--- a/lass/2configs/steam.nix
+++ b/lass/2configs/steam.nix
@@ -16,7 +16,9 @@
environment.systemPackages = with pkgs; [
steam
];
- lass.iptables = {
+
+ #ports for inhome streaming
+ krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport 27031"; target = "ACCEPT"; }
diff --git a/lass/2configs/wordpress.nix b/lass/2configs/wordpress.nix
index 9458deb38..bd59080d9 100644
--- a/lass/2configs/wordpress.nix
+++ b/lass/2configs/wordpress.nix
@@ -8,10 +8,10 @@
config = {
imports = [
- ../3modules/iptables.nix
+ ../../krebs/3modules/iptables.nix
];
- lass.iptables = {
+ krebs.iptables = {
enable = true;
tables = {
filter.INPUT.policy = "DROP";
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index d4e231ec7..9de987bf3 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -3,6 +3,5 @@ _:
{
imports = [
./xresources.nix
- ./iptables.nix
];
}