summaryrefslogtreecommitdiffstats
path: root/krebs/1systems/puyak
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/1systems/puyak')
-rw-r--r--krebs/1systems/puyak/config.nix6
-rw-r--r--krebs/1systems/puyak/net.nix4
2 files changed, 8 insertions, 2 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 1e0687ba7..2f122f6ff 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -19,6 +19,12 @@
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/binary-cache/prism.nix>
+ ## news host
+
+ <stockholm/krebs/2configs/container-networking.nix>
+ <stockholm/krebs/2configs/syncthing.nix>
+ <stockholm/krebs/2configs/news-host.nix>
+
### shackspace ###
# handle the worlddomination map via coap
<stockholm/krebs/2configs/shack/worlddomination.nix>
diff --git a/krebs/1systems/puyak/net.nix b/krebs/1systems/puyak/net.nix
index 8dab11e16..a46a24952 100644
--- a/krebs/1systems/puyak/net.nix
+++ b/krebs/1systems/puyak/net.nix
@@ -8,8 +8,8 @@ in {
SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}"
'';
networking = {
- firewall.enable = false;
- firewall.allowedTCPPorts = [ 8088 8086 8083 5901 ];
+ firewall.enable = true;
+ firewall.allowedTCPPorts = [ 80 443 8088 8086 8083 5901 ];
interfaces."${ext-if}".ipv4.addresses = [
{
address = shack-ip;