summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-01-16 01:30:37 +0100
committermakefu <github@syntax-fehler.de>2016-01-16 01:30:48 +0100
commit2ef651f78d0b8e2bf19f9bdbbfa982a0a5991c22 (patch)
tree0014e39854da4386ffc0c49c5f8a2adcf8ffd551
parent7a0480e5fe2b0b0762e56caa1878f7ada8cb76e1 (diff)
ma 2 default: useroaming no, omo: provide share
-rw-r--r--makefu/1systems/omo.nix4
-rw-r--r--makefu/2configs/default.nix7
-rw-r--r--makefu/2configs/nginx/omo-share.nix34
3 files changed, 42 insertions, 3 deletions
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index 2a657995c..e11665fbc 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -28,11 +28,11 @@ in {
../2configs/smart-monitor.nix
../2configs/mail-client.nix
../2configs/share-user-sftp.nix
+ ../2configs/nginx/omo-share.nix
../3modules
];
# services.openssh.allowSFTP = false;
krebs.build.host = config.krebs.hosts.omo;
-
# copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/
services.sabnzbd.enable = true;
@@ -98,7 +98,7 @@ in {
networking.firewall.allowedUDPPorts = [ 655 ];
# 8080: sabnzbd
- networking.firewall.allowedTCPPorts = [ 655 8080 ];
+ networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
hardware.enableAllFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 7593eaff7..7771e24d4 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -65,7 +65,12 @@ with lib;
time.timeZone = "Europe/Berlin";
#nix.maxJobs = 1;
- programs.ssh.startAgent = false;
+ programs.ssh = {
+ startAgent = false;
+ extraConfig = ''
+ UseRoaming no
+ '';
+ };
services.openssh.enable = true;
nix.useChroot = true;
diff --git a/makefu/2configs/nginx/omo-share.nix b/makefu/2configs/nginx/omo-share.nix
new file mode 100644
index 000000000..ce85e0442
--- /dev/null
+++ b/makefu/2configs/nginx/omo-share.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+ hostname = config.krebs.build.host.name;
+ # TODO local-ip from the nets config
+ local-ip = "192.168.1.11";
+ # local-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+in {
+ krebs.nginx = {
+ enable = mkDefault true;
+ servers = {
+ omo-share = {
+ listen = [ "${local-ip}:80" ];
+ locations = singleton (nameValuePair "/" ''
+ autoindex on;
+ root /media;
+ limit_rate_after 100m;
+ limit_rate 5m;
+ mp4_buffer_size 4M;
+ mp4_max_buffer_size 10M;
+ allow all;
+ access_log off;
+ keepalive_timeout 65;
+ keepalive_requests 200;
+ reset_timedout_connection on;
+ sendfile on;
+ tcp_nopush on;
+ gzip off;
+ '');
+ };
+ };
+ };
+}