Merge remote-tracking branch 'gum/master'

author: lassulus <lass@aidsballs.de> 2016-07-14 22:59:13 +0200
committer: lassulus <lass@aidsballs.de> 2016-07-14 22:59:13 +0200
commit: e2e532c88017f3e8a49a1dfeeef56b932465be31 (patch)
tree: 1bd4d3b83f81c8e74afc10e1e149a961bfd0484d /makefu/1systems
parent: 38a50ffaeb10812eaa9530d8df0381f2d13e360c (diff)
parent: 14242c68f234f6de0bed015817ac206f99dc4f20 (diff)
3 files changed, 33 insertions, 6 deletions
diff --git a/makefu/1systems/darth.nix b/makefu/1systems/darth.nix
index 5f1d6e121..87029a693 100644
--- a/makefu/1systems/darth.nix
+++ b/makefu/1systems/darth.nix
@@ -16,16 +16,32 @@ in {
       ../2configs/smart-monitor.nix
       ../2configs/exim-retiolum.nix
       ../2configs/virtualization.nix
+
+      ../2configs/temp-share-samba.nix
   ];
+  services.samba.shares = {
+      isos = {
+        path = "/data/isos/";
+        "read only" = "yes";
+        browseable = "yes";
+        "guest ok" = "yes";
+      };
+  };
   services.tinc.networks.siem = {
     name = "sdarth";
     extraConfig = "ConnectTo = sjump";
   };
+
+  makefu.forward-journal = {
+    enable = true;
+    src = "10.8.10.2";
+    dst = "10.8.10.6";
+  };
+
   #networking.firewall.enable = false;
   krebs.retiolum.enable = true;
 
   boot.kernelModules = [ "coretemp" "f71882fg" ];
-
   hardware.enableAllFirmware = true;
   nixpkgs.config.allowUnfree = true;
   networking = {
@@ -33,6 +49,7 @@ in {
     firewall = {
       allowPing = true;
       logRefusedConnections = false;
+      trustedInterfaces = [ "eno1" ];
       allowedUDPPorts = [ 80 655 1655 67 ];
       allowedTCPPorts = [ 80 655 1655 ];
     };
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index e71055f54..8c24e0ff5 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -75,6 +75,7 @@ in {
 
 
   # HDD Array stuff
+  environment.systemPackages = [ pkgs.mergerfs ];
   services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
 
   makefu.snapraid = let
@@ -129,7 +130,10 @@ in {
     kernelModules = [ "kvm-intel" ];
     extraModulePackages = [ ];
   };
-
+  users.users.misa = {
+    uid = 9002;
+    name = "misa";
+  };
   hardware.enableAllFirmware = true;
   hardware.cpu.intel.updateMicrocode = true;
 
diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix
index 1fe8871d2..3a3ac9c7c 100644
--- a/makefu/1systems/shoney.nix
+++ b/makefu/1systems/shoney.nix
@@ -3,8 +3,9 @@ let
   tinc-siem-ip = "10.8.10.1";
 
   ip     = "64.137.234.215";
-  alt-ip = "64.137.234.210";
-  extra-ip = "64.137.234.114"; #currently unused
+  alt-ip = "64.137.234.210";    # honeydrive honeyd
+  extra-ip1 = "64.137.234.114"; # floating tinc.siem
+  extra-ip2 = "64.137.234.232"; # honeydrive
   gw = "64.137.234.1";
 in {
   imports = [
@@ -15,7 +16,7 @@ in {
   ];
 
 
-
+  environment.systemPackages = [ pkgs.honeyd ];
   services.tinc.networks.siem.name = "sjump";
 
   krebs = {
@@ -37,10 +38,15 @@ in {
       };
     };
   };
+  makefu.forward-journal = {
+    enable = true;
+    src = "10.8.10.1";
+    dst = "10.8.10.6";
+  };
   networking =  {
     interfaces.enp2s1.ip4 = [
       { address = ip; prefixLength = 24; }
-      { address = alt-ip; prefixLength = 24; }
+      # { address = alt-ip; prefixLength = 24; }
     ];
 
     defaultGateway = gw;
author	lassulus <lass@aidsballs.de>	2016-07-14 22:59:13 +0200
committer	lassulus <lass@aidsballs.de>	2016-07-14 22:59:13 +0200
commit	e2e532c88017f3e8a49a1dfeeef56b932465be31 (patch)
tree	1bd4d3b83f81c8e74afc10e1e149a961bfd0484d /makefu/1systems
parent	38a50ffaeb10812eaa9530d8df0381f2d13e360c (diff)
parent	14242c68f234f6de0bed015817ac206f99dc4f20 (diff)