diff options
Diffstat (limited to 'lass/2configs')
-rw-r--r-- | lass/2configs/baseX.nix | 2 | ||||
-rw-r--r-- | lass/2configs/bepasty.nix | 2 | ||||
-rw-r--r-- | lass/2configs/default.nix | 9 | ||||
-rw-r--r-- | lass/2configs/dns-stuff.nix | 31 | ||||
-rw-r--r-- | lass/2configs/nixpkgs.nix | 2 | ||||
-rw-r--r-- | lass/2configs/retiolum.nix | 6 | ||||
-rw-r--r-- | lass/2configs/websites/domsen.nix | 5 | ||||
-rw-r--r-- | lass/2configs/websites/fritz.nix | 2 |
8 files changed, 43 insertions, 16 deletions
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 9c51effdc..3e2e325d8 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -10,6 +10,7 @@ in { ./copyq.nix ./xresources.nix ./livestream.nix + ./dns-stuff.nix { hardware.pulseaudio = { enable = true; @@ -33,6 +34,7 @@ in { time.timeZone = "Europe/Berlin"; programs.ssh.startAgent = false; + services.openssh.forwardX11 = true; services.printing = { enable = true; diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix index c2bc3f3cd..b2d40d4f3 100644 --- a/lass/2configs/bepasty.nix +++ b/lass/2configs/bepasty.nix @@ -35,7 +35,7 @@ in { forceSSL = true; enableACME = true; }; - defaultPermissions = "read"; + defaultPermissions = "read,create"; secretKey = secKey; }); }; diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index ffed5bb70..d7deb3165 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -63,15 +63,6 @@ with import <stockholm/lib>; pkgs.pythonPackages.python ]; } - { - services.dnscrypt-proxy = { - enable = true; - resolverName = "cs-de"; - }; - networking.extraResolvconfConf = '' - name_servers='127.0.0.1' - ''; - } ]; networking.hostName = config.krebs.build.host.name; diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix new file mode 100644 index 000000000..b52d3050b --- /dev/null +++ b/lass/2configs/dns-stuff.nix @@ -0,0 +1,31 @@ +{ config, pkgs, ... }: +with import <stockholm/lib>; +{ + services.dnscrypt-proxy = { + enable = true; + localAddress = "127.1.0.1"; + resolverName = "cs-de"; + }; + services.dnsmasq = { + enable = true; + extraConfig = '' + server=127.1.0.1 + server=/dn42/172.23.75.6 + #no-resolv + cache-size=1000 + min-cache-ttl=3600 + bind-dynamic + all-servers + dnssec + trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 + address=/blog/127.0.0.1 + address=/blog/::1 + rebind-domain-ok=/onion/ + server=/.onion/127.0.0.1#9053 + port=53 + ''; + }; + networking.extraResolvconfConf = '' + name_servers='127.0.0.1' + ''; +} diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 49c44aa88..c6620afaa 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "2bb9c1c"; + ref = "f469354"; }; } diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 7f1b36c96..e7779f53e 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { @@ -25,4 +25,8 @@ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + + environment.systemPackages = [ + pkgs.tinc + ]; } diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 581b37d91..b0d28d4da 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -25,9 +25,10 @@ in { imports = [ ./sqlBackup.nix (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) - (servePage [ "karlaskop.de" "www.karlaskop.de" ]) - (servePage [ "makeup.apanowicz.de" "www.makeup.apanowicz.de" ]) + (servePage [ "karlaskop.de" ]) + (servePage [ "makeup.apanowicz.de" ]) (servePage [ "pixelpocket.de" ]) + (servePage [ "habsys.de" "habsys.eu" ]) (serveOwncloud [ "o.ubikmedia.de" ]) (serveWordpress [ "ubikmedia.de" diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index 9bf7e4a9c..45927b102 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -40,8 +40,6 @@ in { (serveWordpress [ "eastuttgart.de" "www.eastuttgart.de" ]) - (servePage [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ]) - (serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ]) ]; |