Merge remote-tracking branch 'prism/master'

author: tv <tv@krebsco.de> 2017-10-03 18:48:18 +0200
committer: tv <tv@krebsco.de> 2017-10-03 18:48:18 +0200
commit: d567c2c21e0fe029a069edda8eda28cd24771511 (patch)
tree: bcc1ea51b71b22c18ac653a1b4aded927e6c173e /lass/2configs
parent: 32a8fc0396769946242ef8c1a48fb64ae572e0db (diff)
parent: 902a65304d1e07ce5a7192a0403d6fa1bed1f135 (diff)
5 files changed, 17 insertions, 8 deletions
diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix
index b2d40d4f3..43647892f 100644
--- a/lass/2configs/bepasty.nix
+++ b/lass/2configs/bepasty.nix
@@ -31,7 +31,6 @@ in {
     } //
     genAttrs ext-doms (ext-dom: {
       nginx = {
-        enableSSL = true;
         forceSSL = true;
         enableACME = true;
       };
diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix
index b255254f2..fa01a99c9 100644
--- a/lass/2configs/copyq.nix
+++ b/lass/2configs/copyq.nix
@@ -25,12 +25,15 @@ in {
     environment = {
       DISPLAY = ":0";
     };
+    path = with pkgs; [
+      qt5.full
+    ];
     serviceConfig = {
       SyslogIdentifier = "copyq";
       ExecStart = "${pkgs.copyq}/bin/copyq";
       ExecStartPost = copyqConfig;
       Restart = "always";
-      RestartSec = "2s";
+      RestartSec = "15s";
       StartLimitBurst = 0;
       User = "lass";
     };
diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix
index 7cb4b320e..2fffa6cc9 100644
--- a/lass/2configs/websites/sqlBackup.nix
+++ b/lass/2configs/websites/sqlBackup.nix
@@ -3,12 +3,13 @@
 {
   krebs.secret.files.mysql_rootPassword = {
     path = "${config.services.mysql.dataDir}/mysql_rootPassword";
-    owner.name = "root";
+    owner.name = "mysql";
     source-path = toString <secrets> + "/mysql_rootPassword";
   };
 
   services.mysql = {
     enable = true;
+    dataDir = "/var/mysql";
     package = pkgs.mariadb;
     rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
   };
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
index 1e5f2d177..d5496ac09 100644
--- a/lass/2configs/weechat.nix
+++ b/lass/2configs/weechat.nix
@@ -13,13 +13,19 @@ in {
     uid = genid "chat";
     useDefaultShell = true;
     createHome = true;
-    openssh.authorizedKeys.keys = [
-      config.krebs.users.lass.pubkey
-      config.krebs.users.lass-shodan.pubkey
-      config.krebs.users.lass-icarus.pubkey
+    openssh.authorizedKeys.keys = with config.krebs.users; [
+      lass.pubkey
+      lass-shodan.pubkey
+      lass-icarus.pubkey
+      lass-android.pubkey
     ];
   };
 
+  # mosh
+  krebs.iptables.tables.filter.INPUT.rules = [
+    { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
+  ];
+
   #systemd.services.chat = {
   #  description = "chat environment setup";
   #  after = [ "network.target" ];
diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix
index 2444d32d3..0d2b731ca 100644
--- a/lass/2configs/wine.nix
+++ b/lass/2configs/wine.nix
@@ -5,7 +5,7 @@ let
 
 in {
   krebs.per-user.wine.packages = with pkgs; [
-    wineFull
+    wine
     #(wineFull.override { wineBuild = "wine64"; })
   ];
   users.users= {
author	tv <tv@krebsco.de>	2017-10-03 18:48:18 +0200
committer	tv <tv@krebsco.de>	2017-10-03 18:48:18 +0200
commit	d567c2c21e0fe029a069edda8eda28cd24771511 (patch)
tree	bcc1ea51b71b22c18ac653a1b4aded927e6c173e /lass/2configs
parent	32a8fc0396769946242ef8c1a48fb64ae572e0db (diff)
parent	902a65304d1e07ce5a7192a0403d6fa1bed1f135 (diff)