summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2018-11-30 23:19:32 +0100
committermakefu <github@syntax-fehler.de>2018-11-30 23:19:32 +0100
commitb8db7293383772b936b6937cc05b5588021ca693 (patch)
tree74cd0a8da1fd703080697bed04ffc1a8279a60ae /lass/2configs
parent861d4481f710d60d0d84aa8b1f8997f7fc18890d (diff)
parent7f5431a4999fea9626df300f707aa8c62de894e3 (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/baseX.nix6
-rw-r--r--lass/2configs/downloading.nix65
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/tests/dummy-secrets/nordvpn.txt0
-rw-r--r--lass/2configs/websites/lassulus.nix16
5 files changed, 7 insertions, 81 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 9b44e8f0e..d781f8c71 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -126,6 +126,12 @@ in {
restartIfChanged = false;
};
+ nixpkgs.config.packageOverrides = super: {
+ dmenu = pkgs.writeDashBin "dmenu" ''
+ ${pkgs.fzfmenu}/bin/fzfmenu "$@"
+ '';
+ };
+
krebs.xresources.enable = true;
lass.screenlock.enable = true;
}
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
deleted file mode 100644
index 8d0fb0d02..000000000
--- a/lass/2configs/downloading.nix
+++ /dev/null
@@ -1,65 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-{
- users.extraUsers = {
- download = {
- name = "download";
- home = "/var/download";
- createHome = true;
- useDefaultShell = true;
- extraGroups = [
- "download"
- ];
- openssh.authorizedKeys.keys = with config.krebs.users; [
- lass.pubkey
- lass-shodan.pubkey
- lass-icarus.pubkey
- lass-daedalus.pubkey
- lass-helios.pubkey
- makefu.pubkey
- wine-mors.pubkey
- ];
- };
-
- transmission = {
- extraGroups = [
- "download"
- ];
- };
- };
-
- users.extraGroups = {
- download = {
- members = [
- "download"
- "transmission"
- ];
- };
- };
-
- krebs.rtorrent = {
- enable = true;
- web = {
- enable = true;
- port = 9091;
- basicAuth = import <secrets/torrent-auth>;
- };
- rutorrent.enable = true;
- enableXMLRPC = true;
- listenPort = 51413;
- downloadDir = "/var/download/finished";
- # dump old torrents into watch folder to have them re-added
- watchDir = "/var/download/watch";
- };
-
- krebs.iptables = {
- enable = true;
- tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
- { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; }
- { predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
- ];
- };
-}
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 9bb70d1c2..1ee45bb41 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -93,6 +93,7 @@ with import <stockholm/lib>;
{ from = "neocron@lassul.us"; to = lass.mail; }
{ from = "osmocom@lassul.us"; to = lass.mail; }
{ from = "lesswrong@lassul.us"; to = lass.mail; }
+ { from = "nordvpn@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/tests/dummy-secrets/nordvpn.txt b/lass/2configs/tests/dummy-secrets/nordvpn.txt
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/lass/2configs/tests/dummy-secrets/nordvpn.txt
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index b72b20928..6470d86f7 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -66,22 +66,6 @@ in {
locations."/tinc".extraConfig = ''
alias ${config.krebs.tinc_graphs.workingDir}/external;
'';
- locations."/urlaubyay2018".extraConfig = ''
- autoindex on;
- alias /srv/http/lassul.us-media/india2018;
- auth_basic "Restricted Content";
- auth_basic_user_file ${pkgs.writeText "pics-user-pass" ''
- paolo:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0
- ''};
- '';
- locations."/heilstadt".extraConfig = ''
- autoindex on;
- alias /srv/http/lassul.us-media/grabowsee2018;
- auth_basic "Restricted Content";
- auth_basic_user_file ${pkgs.writeText "pics-user-pass" ''
- c-base:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0
- ''};
- '';
locations."/krebspage".extraConfig = ''
default_type "text/html";
alias ${pkgs.krebspage}/index.html;