diff options
author | tv <tv@krebsco.de> | 2021-01-25 11:28:26 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2021-01-25 11:28:26 +0100 |
commit | a0ca091cbf4e9ca41390ad9d54844c9eb2660406 (patch) | |
tree | aae89f223f953a81da400d6f7deac1d5ae5d240e /lass/1systems/yellow | |
parent | 1cd73df0c8694f491d40f93a796ea58f150e88dc (diff) | |
parent | 71206dc6a2852dd69664e85aa6dcb49676ec1f6e (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems/yellow')
-rw-r--r-- | lass/1systems/yellow/config.nix | 20 |
1 files changed, 6 insertions, 14 deletions
diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index d400697d7..1afad003c 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -9,30 +9,21 @@ with import <stockholm/lib>; krebs.build.host = config.krebs.hosts.yellow; - system.activationScripts.downloadFolder = '' - mkdir -p /var/download - chown transmission:download /var/download - chown transmission:download /var/download/finished - chmod 775 /var/download - ''; - - users.users.download = { uid = genid "download"; }; users.groups.download.members = [ "transmission" ]; - users.users.transmission.group = mkForce "download"; systemd.services.transmission.bindsTo = [ "openvpn-nordvpn.service" ]; systemd.services.transmission.after = [ "openvpn-nordvpn.service" ]; - systemd.services.transmission.postStart = '' - chmod 775 /var/download/finished - ''; services.transmission = { enable = true; + group = "download"; + downloadDirPermissions = "775"; settings = { download-dir = "/var/download/finished"; incomplete-dir = "/var/download/incoming"; incomplete-dir-enable = true; + rpc-bind-address = "0.0.0.0"; message-level = 1; - umask = "002"; + umask = 18; rpc-whitelist-enabled = false; rpc-host-whitelist-enabled = false; }; @@ -172,7 +163,7 @@ with import <stockholm/lib>; client dev tun proto udp - remote 185.230.127.27 1194 + remote 91.207.172.77 1194 resolv-retry infinite remote-random nobind @@ -195,6 +186,7 @@ with import <stockholm/lib>; fast-io cipher AES-256-CBC auth SHA512 + <ca> -----BEGIN CERTIFICATE----- MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ |