diff options
author | makefu <github@syntax-fehler.de> | 2017-11-02 14:24:48 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2017-11-02 14:24:48 +0100 |
commit | 4baad9d4226f15ff1ff326ebcb36fc1bd83a98c5 (patch) | |
tree | 4c68d68d78903f12a681e57051ba2b420099a00c /nin/2configs | |
parent | 2e39f7b3d1805346e067bdc7236bd7dfe87381a2 (diff) | |
parent | 6934b5d83f245b723cf7d685d7ab0a758947bdc8 (diff) |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'nin/2configs')
-rw-r--r-- | nin/2configs/default.nix | 9 | ||||
-rw-r--r-- | nin/2configs/skype.nix | 27 |
2 files changed, 30 insertions, 6 deletions
diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 212fd368e..0d2253c27 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -4,6 +4,7 @@ with import <stockholm/lib>; { imports = [ ../2configs/vim.nix + <stockholm/krebs/2configs/binary-cache/prism.nix> { users.extraUsers = mapAttrs (_: h: { hashedPassword = h; }) @@ -45,12 +46,6 @@ with import <stockholm/lib>; SSL_CERT_FILE = ca-bundle; }; }) - { - nix = { - binaryCaches = ["http://cache.prism.r"]; - binaryCachePublicKeys = ["cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="]; - }; - } ]; networking.hostName = config.krebs.build.host.name; @@ -96,6 +91,7 @@ with import <stockholm/lib>; gnumake jq proot + pavucontrol populate p7zip termite @@ -158,6 +154,7 @@ with import <stockholm/lib>; filter.INPUT.rules = [ { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } + { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } diff --git a/nin/2configs/skype.nix b/nin/2configs/skype.nix new file mode 100644 index 000000000..621dfae82 --- /dev/null +++ b/nin/2configs/skype.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +let + mainUser = config.users.extraUsers.nin; + inherit (import <stockholm/lib>) genid; + +in { + users.extraUsers = { + skype = { + name = "skype"; + uid = genid "skype"; + description = "user for running skype"; + home = "/home/skype"; + useDefaultShell = true; + extraGroups = [ "audio" "video" ]; + createHome = true; + }; + }; + + krebs.per-user.skype.packages = [ + pkgs.skype + ]; + + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(skype) NOPASSWD: ALL + ''; +} |