Merge remote-tracking branch 'cd/master'

author: makefu <github@syntax-fehler.de> 2015-08-31 10:47:29 +0200
committer: makefu <github@syntax-fehler.de> 2015-08-31 10:47:29 +0200
commit: 2eb8bcf9d1c293a8b28730c9a12d9a857c5a43a7 (patch)
tree: c8a1d55a148e59f51a400e0d5dc11780d4e4005c /lass/2configs/base.nix
parent: 0acd7f23e1e3adf4bf1427f186a7bf5505ff910d (diff)
parent: 83f06535de527c7470f8ff9c8b5e3a4632cf7cb9 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index 095c7660c..d44a19c1e 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -39,12 +39,20 @@ with lib;
   krebs = {
     enable = true;
     search-domain = "retiolum";
+    exim-retiolum.enable = true;
+    build.deps.nixpkgs = {
+      url = https://github.com/Lassulus/nixpkgs;
+      rev = "58a82ff50b8605b88a8f66481d8c85bf8ab53be3";
+    };
   };
 
   nix.useChroot = true;
 
   users.mutableUsers = false;
 
+  #why is this on in the first place?
+  services.ntp.enable = false;
+
   boot.tmpOnTmpfs = true;
   # see tmpfiles.d(5)
   systemd.tmpfiles.rules = [
@@ -134,6 +142,7 @@ with lib;
         { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
         { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
         { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
+        { predicate = "-i retiolum"; target = "REJECT"; precedence = -10000; }
       ];
     };
   };
author	makefu <github@syntax-fehler.de>	2015-08-31 10:47:29 +0200
committer	makefu <github@syntax-fehler.de>	2015-08-31 10:47:29 +0200
commit	2eb8bcf9d1c293a8b28730c9a12d9a857c5a43a7 (patch)
tree	c8a1d55a148e59f51a400e0d5dc11780d4e4005c /lass/2configs/base.nix
parent	0acd7f23e1e3adf4bf1427f186a7bf5505ff910d (diff)
parent	83f06535de527c7470f8ff9c8b5e3a4632cf7cb9 (diff)