summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/lass/ssh/shodan.rsa2
-rw-r--r--lass/2configs/mail.nix9
-rw-r--r--lass/2configs/monitoring/client.nix9
-rw-r--r--lass/2configs/monitoring/server.nix12
-rw-r--r--lass/2configs/mpv.nix34
-rw-r--r--lass/2configs/websites/domsen.nix28
6 files changed, 46 insertions, 48 deletions
diff --git a/krebs/3modules/lass/ssh/shodan.rsa b/krebs/3modules/lass/ssh/shodan.rsa
index 3ee08ad41..36a8901fa 100644
--- a/krebs/3modules/lass/ssh/shodan.rsa
+++ b/krebs/3modules/lass/ssh/shodan.rsa
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV+EscrUKgsu6iO94lJQ45o0t9QV88H7RrbLCsysgesQqiCbq0XNJKSrKI4T/o5dBNfoHMi4FSuPsF3YzffvMOWmdluHRBIhDJSDiFaraHr1zu7fHDO8gsUf/a3H3LPHtRRoXQFNsIK5NRLR35WpKt+zG6GK/WLBzb2N4MR3Ym5Qo2OepW3pgMWjjbmiUbGGiao9OWgx5tjjT8PLHIWdoEmJsaE5UnOWebqY+xfkWXMLdzMBPyEdCVwUO7X3Ip0Zk/BJFSqtIHBqQtp+njgeRwfkL2xabge3VGALAnQg5iYXzT8kfzIu/wfaoSdGkdPWxMo80KDiJJlpLj1oC3ABmDj01Hgu9p+g5Em0SFevcenspTii3IvYqdq+eg5+pPny4ki9748t6FlWRsrjrmjdQVVMWbhx42+lsyxIYsdXhwWMqNwTNzvY7Fxy3/8XE14pYWCV5eEll2/hSNfI6AcOoJ0vfHvOXsY6GVMYklXDIFzmiJOpyox+DnTahyUqQ6IcLH73vp9boVK31kf8EC7VDp8ms2ZiXz9nfPYltiUOtKKG0gqg9Jgs7xthpX82WYEp2+PXzPCHWs4WXs3OsUzQ8ykXXD2A7JMVBBv0FaMD4aBsOe7hU20/sO+/J/uuPe5xnpI//uFK4KkYCmDHZcZ3Qzh9CQTISwFvOBbYtRWbDo5w== lass@shodan
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDH31q4qmu8dbnu5BJMEW5CAMW9xlZg5dNTREy6vHE5OofmDEzi5YTBYr543ppGYQL/PzepChGl8RKZETeU+pnqTTHgnUh3KkOnX0GmpKgDgFgDrdVwyU137P6RyOo/kLvfbzAu1bFC5Q5hUDdbd5dDAQGN23wsRQxx1EI1uMrrMbMUKxpk/x5+AZi0JfAOY4SJNYIRfnim5v9jAt1JHeOjKy3sT3/ZEaJqK8DAKEHo0/kYyizWn5M7do5bw2+WpG/gHpdtTD0NlKwFUyMzhFJh4ahDt9FtExnmDA45rAcVSsinhUmrPqPwBKEnUxle5tw3A4YRHUvqhHTo6G852iiPHE0DUlCKsDJwr+lw3DXjK+HYOdKMFC6nsh4x+SFrwg6JKCXPzeCH2w7VP5xJGlb3YS+NcvbYWRbiqJ/M2hVdn/Atxq2VUAdKnrNtNW4ZYH6yJTGOkcXkyKJzcTj5JZIvJd1DL0pI9aGWNxnmfyOVMgaKfdafBqU/PB8RPPAZH9RCVRH0g+Cnu0NoJmkwKaq0K+z+FF9eNqVpNnYnjVLsPvjLIXCn8kJl4/2mimDlOarj/I9Hs+k0/gbzx4PKUS87+rUVA4Hfz+MltzZQUGoIBQxciAgVVh7zLrMgnPWwvqHnMKAQ9nzgme3A4ew2Ocyl30+skLstr9e08VqErguYSw== lass@shodan
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index a08dc88da..41c7bceb2 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -113,9 +113,12 @@ let
macro index ~ ,@( 'Toggle sidebar' # toggle the sidebar
'';
- mutt = pkgs.writeDashBin "mutt" ''
- exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@
- '';
+ mutt = pkgs.concat "mutt" [
+ pkgs.neomutt
+ (pkgs.writeDashBin "mutt" ''
+ exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@
+ '')
+ ];
in {
environment.systemPackages = [
diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix
index e2b7dcae6..b8c245215 100644
--- a/lass/2configs/monitoring/client.nix
+++ b/lass/2configs/monitoring/client.nix
@@ -23,13 +23,4 @@ with import <stockholm/lib>;
};
};
};
-
- services.journalbeat = {
- enable = true;
- extraConfig = ''
- output.elasticsearch:
- hosts: ["prism:9200"]
- template.enabled: false
- '';
- };
}
diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix
index b6ccf9cc1..d1ff234ee 100644
--- a/lass/2configs/monitoring/server.nix
+++ b/lass/2configs/monitoring/server.nix
@@ -79,21 +79,9 @@ with import <stockholm/lib>;
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
};
- services.elasticsearch = {
- enable = true;
- listenAddress = "0.0.0.0";
- };
-
- services.kibana = {
- enable = true;
- listenAddress = "0.0.0.0";
- };
-
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
{ predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
{ predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; }
- { predicate = "-p tcp -i retiolum --dport 9200"; target = "ACCEPT"; }
- { predicate = "-p tcp -i retiolum --dport 5601"; target = "ACCEPT"; }
];
}
diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix
index 9988e788f..d9c6274db 100644
--- a/lass/2configs/mpv.nix
+++ b/lass/2configs/mpv.nix
@@ -2,15 +2,17 @@
let
- mpv-config = pkgs.writeText "mpv-config" ''
- script=${lib.concatStringsSep "," [
- good
- delete
- ]}
- '';
- mpv = pkgs.writeDashBin "mpv" ''
- exec ${pkgs.mpv}/bin/mpv --no-config --include=${mpv-config} "$@"
- '';
+ scripts = lib.concatStringsSep "," [
+ good
+ delete
+ ];
+
+ mpv = pkgs.concat "mpv" [
+ pkgs.mpv
+ (pkgs.writeDashBin "mpv" ''
+ exec ${pkgs.mpv}/bin/mpv --no-config --script=${scripts} "$@"
+ '')
+ ];
moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" ''
tmp_dir = "${dir}"
@@ -31,20 +33,6 @@ let
up = moveToDir "U" "./up";
down = moveToDir "Y" "./down";
- deleteCurrentTrack = pkgs.writeText "delete.lua" ''
- deleted_tmp = "./.graveyard"
-
- -- Delete the current track by moving it to the `deleted_tmp` location.
- function delete_current_track()
- track = mp.get_property("path")
- os.execute("mkdir -p '" .. deleted_tmp .. "'")
- os.execute("mv '" .. track .. "' '" .. deleted_tmp .. "'")
- print("'" .. track .. "' deleted.")
- end
-
- mp.add_key_binding("D", "delete_current_track", delete_current_track)
- '';
-
in {
krebs.per-user.lass.packages = [
mpv
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index fde3f7c2b..684742512 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -21,6 +21,22 @@ let
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
'';
+ restartPhpfpm_o.ubikmedia = pkgs.writeDash "restartPhpfpm_o.ubikmedia.org" ''
+ ${pkgs.systemd}/bin/systemctl restart phpfpm-o.ubikmedia.de.service
+ '';
+
+ restartPhpfpm_o.ubikmedia_wrapper = pkgs.writeDashBin "restartPhpfpm_o.ubikmedia" ''
+ /run/wrappers/bin/sudo ${restartPhpfpm_o.ubikmedia}
+ '';
+
+ restartPhpfpm_ubikmedia = pkgs.writeDash "restartPhpfpm_ubikmedia.org" ''
+ ${pkgs.systemd}/bin/systemctl restart phpfpm-ubikmedia.de.service
+ '';
+
+ restartPhpfpm_ubikmedia_wrapper = pkgs.writeDashBin "restartPhpfpm_ubikmedia" ''
+ /run/wrappers/bin/sudo ${restartPhpfpm_ubikmedia}
+ '';
+
in {
imports = [
./sqlBackup.nix
@@ -162,5 +178,17 @@ in {
useDefaultShell = true;
createHome = true;
};
+
+ #sudo restart wrappers
+ security.sudo.extraConfig = ''
+ domsen ALL= (root) NOPASSWD: ${restartPhpfpm_o.ubikmedia}
+ domsen ALL= (root) NOPASSWD: ${restartPhpfpm_ubikmedia}
+ '';
+
+ krebs.per-user.domsen.packages = [
+ restartPhpfpm_ubikmedia_wrapper
+ restartPhpfpm_o.ubikmedia_wrapper
+ ];
+
}