summaryrefslogtreecommitdiffstats
path: root/makefu/1systems/shoney
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-07-28 22:24:15 +0200
committermakefu <github@syntax-fehler.de>2023-07-28 22:24:15 +0200
commit060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch)
tree2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/1systems/shoney
parentcbfcc890e3b76d942b927809bf981a5fa7289e6a (diff)
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/1systems/shoney')
-rw-r--r--makefu/1systems/shoney/config.nix62
-rw-r--r--makefu/1systems/shoney/source.nix3
2 files changed, 0 insertions, 65 deletions
diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix
deleted file mode 100644
index 27d389b85..000000000
--- a/makefu/1systems/shoney/config.nix
+++ /dev/null
@@ -1,62 +0,0 @@
-{ config, pkgs, ... }:
-let
- tinc-siem-ip = "10.8.10.1";
-
- ip = "64.137.234.215";
- alt-ip = "64.137.234.210"; # honeydrive honeyd
- extra-ip1 = "64.137.234.114"; # floating tinc.siem
- extra-ip2 = "64.137.234.232"; # honeydrive
- gw = "64.137.234.1";
-in {
- imports = [
- <stockholm/makefu>
- <stockholm/makefu/2configs/save-diskspace.nix>
- <stockholm/makefu/2configs/hw/CAC.nix>
- <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
- <stockholm/makefu/2configs/tinc/retiolum.nix>
- ];
-
-
- krebs = {
- enable = true;
- build.host = config.krebs.hosts.shoney;
- tinc_graphs = {
- enable = true;
- network = "siem";
- hostsPath = "/etc/tinc/siem/hosts";
- nginx = {
- enable = true;
- # TODO: remove hard-coded hostname
- anonymous-domain = "localhost.localdomain";
- anonymous.extraConfig = "return 403;";
- complete = {
- serverAliases = [ "graph.siem" ];
- extraConfig = ''
- if ( $server_addr = "${ip}" ) {
- return 403;
- }
- '';
- };
- };
- };
- };
- makefu.forward-journal = {
- enable = true;
- src = "10.8.10.1";
- dst = "10.8.10.6";
- };
- networking = {
- interfaces.enp2s1.ipv4.addresses = [
- { address = ip; prefixLength = 24; }
- # { address = alt-ip; prefixLength = 24; }
- ];
-
- defaultGateway = gw;
- nameservers = [ "8.8.8.8" ];
- firewall = {
- trustedInterfaces = [ "tinc.siem" ];
- allowedUDPPorts = [ 655 1655 ];
- allowedTCPPorts = [ 655 1655 ];
- };
- };
-}
diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix
deleted file mode 100644
index 3616716f9..000000000
--- a/makefu/1systems/shoney/source.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-{
- name="shoney";
-}