summaryrefslogtreecommitdiffstats
path: root/lass/1systems/green/config.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-09-09 19:42:08 +0200
committermakefu <github@syntax-fehler.de>2023-09-09 19:42:08 +0200
commit29d72c898d674d2c18fc0f4a76b5e623de0c3dfe (patch)
treefc4b0695c986a1cda6f1fbbbcbe716e203c54fa3 /lass/1systems/green/config.nix
parente157ffa72856e4378aa23b096b2efff233f3cb3d (diff)
parent083229d0211096daec08673f743ccc45b1d8a0ac (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/1systems/green/config.nix')
-rw-r--r--lass/1systems/green/config.nix76
1 files changed, 0 insertions, 76 deletions
diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix
deleted file mode 100644
index c232be9bd..000000000
--- a/lass/1systems/green/config.nix
+++ /dev/null
@@ -1,76 +0,0 @@
-with import <stockholm/lib>;
-{ config, lib, pkgs, ... }:
-{
- imports = [
- <stockholm/lass>
- <stockholm/lass/2configs>
- <stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/exim-retiolum.nix>
- <stockholm/lass/2configs/mail.nix>
-
- <stockholm/lass/2configs/syncthing.nix>
- <stockholm/lass/2configs/sync/sync.nix>
- <stockholm/lass/2configs/sync/decsync.nix>
-
- <stockholm/lass/2configs/weechat.nix>
- <stockholm/lass/2configs/bitlbee.nix>
-
- <stockholm/lass/2configs/muchsync.nix>
- <stockholm/lass/2configs/pass.nix>
-
- <stockholm/lass/2configs/git-brain.nix>
- <stockholm/lass/2configs/et-server.nix>
- <stockholm/lass/2configs/consul.nix>
-
- <stockholm/lass/2configs/atuin-server.nix>
- ];
-
- krebs.build.host = config.krebs.hosts.green;
-
- krebs.sync-containers3.inContainer = {
- enable = true;
- pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlUMf943qEQG64ob81p6dgoHq4jUjq7tSvmSdEOEU2y";
- };
-
- systemd.tmpfiles.rules = [
- "d /home/lass/.local/share 0700 lass users -"
- "d /home/lass/.local 0700 lass users -"
- "d /home/lass/.config 0700 lass users -"
-
- "d /var/state/lass_mail 0700 lass users -"
- "L+ /home/lass/Maildir - - - - ../../var/state/lass_mail"
-
- "d /var/state/lass_ssh 0700 lass users -"
- "L+ /home/lass/.ssh - - - - ../../var/state/lass_ssh"
- "d /var/state/lass_gpg 0700 lass users -"
- "L+ /home/lass/.gnupg - - - - ../../var/state/lass_gpg"
- "d /var/state/lass_sync 0700 lass users -"
- "L+ /home/lass/sync - - - - ../../var/state/lass_sync"
-
- "d /var/state/git 0700 git nogroup -"
- "L+ /var/lib/git - - - - ../../var/state/git"
- ];
-
- users.users.mainUser.openssh.authorizedKeys.keys = [
- config.krebs.users.lass-android.pubkey
- config.krebs.users.lass-tablet.pubkey
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKgpZwye6yavIs3gUIYvSi70spDa0apL2yHR0ASW74z8" # weechat ssh tunnel
- ];
-
- krebs.iptables.tables.nat.PREROUTING.rules = [
- { predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; }
- ];
-
- # workaround for ssh access from yubikey via android
- services.openssh.extraConfig = ''
- HostKeyAlgorithms +ssh-rsa
- PubkeyAcceptedAlgorithms +ssh-rsa
- '';
-
- services.dovecot2 = {
- enable = true;
- mailLocation = "maildir:~/Maildir";
- };
-
- networking.firewall.allowedTCPPorts = [ 143 ];
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 10:24:49 +0000