summaryrefslogtreecommitdiffstats
path: root/makefu/1systems/omo.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-04-07 20:29:33 +0200
committertv <tv@krebsco.de>2016-04-07 20:29:33 +0200
commite1a287c78bab2847fee7c4f1a18a765d89ca373f (patch)
tree336fc62199af9b1c38acf2de0a2bafbe8ed72efc /makefu/1systems/omo.nix
parent033bf438bd2ae39d6a465c475500a24514cc2739 (diff)
parent66b7a76a26a40bd4ecca8c83aafe5f2e5fefa461 (diff)
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'makefu/1systems/omo.nix')
-rw-r--r--makefu/1systems/omo.nix13
1 files changed, 10 insertions, 3 deletions
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index bfcd2298a..fbd06a9c7 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -11,7 +11,7 @@ let
# cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512
# cryptsetup luksAddKey $dev tmpkey
# cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096
- # mkfs.ext4 /dev/mapper/crypt0 -L crypt0 -T largefile
+ # mkfs.xfs /dev/mapper/crypt0 -L crypt0
# omo Chassis:
# __FRONT_
@@ -30,6 +30,8 @@ let
cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
# cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907";
# all physical disks
+
+ # TODO callPackage ../3modules/MonitorDisks { disks = allDisks }
allDisks = [ rootDisk cryptDisk0 cryptDisk1 cryptDisk2 ];
in {
imports =
@@ -42,16 +44,21 @@ in {
../2configs/smart-monitor.nix
../2configs/mail-client.nix
../2configs/share-user-sftp.nix
+ ../2configs/graphite-standalone.nix
../2configs/omo-share.nix
];
+
krebs.retiolum.enable = true;
networking.firewall.trustedInterfaces = [ "enp3s0" ];
# udp:137 udp:138 tcp:445 tcp:139 - samba, allowed in local net
# tcp:80 - nginx for sharing files
# tcp:655 udp:655 - tinc
- # tcp:8080 - sabnzbd
+ # tcp:8111 - graphite
+ # tcp:9090 - sabnzbd
+ # tcp:9200 - elasticsearch
+ # tcp:5601 - kibana
networking.firewall.allowedUDPPorts = [ 655 ];
- networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
+ networking.firewall.allowedTCPPorts = [ 80 655 5601 8111 9200 9090 ];
# services.openssh.allowSFTP = false;