diff options
Diffstat (limited to 'makefu')
| -rw-r--r-- | makefu/1systems/wbob.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/x.nix (renamed from makefu/1systems/pornocauster.nix) | 16 | ||||
| -rw-r--r-- | makefu/2configs/tinc/siem.nix | 12 |
3 files changed, 17 insertions, 13 deletions
diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix index e8e0b091f..ff593ab35 100644 --- a/makefu/1systems/wbob.nix +++ b/makefu/1systems/wbob.nix @@ -66,7 +66,7 @@ in { client = { enable = true; screenName = "wbob"; - serverAddress = "pornocauster.r"; + serverAddress = "x.r"; }; }; } diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/x.nix index b683e5630..d41edfa46 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/x.nix @@ -43,16 +43,8 @@ ../2configs/temp/share-samba.nix # ../2configs/temp/elkstack.nix # ../2configs/temp/sabnzbd.nix + ../2configs/tinc/siem.nix ]; - - services.tinc.networks.siem = { - name = "makefu"; - extraConfig = '' - ConnectTo = sdarth - ConnectTo = sjump - ''; - }; - krebs.nginx = { default404 = false; servers.default.listen = [ "80 default_server" ]; @@ -65,10 +57,10 @@ # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ 80 24800 ]; - networking.firewall.allowedUDPPorts = [ 665 ]; + networking.firewall.allowedTCPPorts = [ 80 24800 26061 ]; + networking.firewall.allowedUDPPorts = [ 665 26061 ]; - krebs.build.host = config.krebs.hosts.pornocauster; + krebs.build.host = config.krebs.hosts.x; krebs.hosts.omo.nets.retiolum.via.ip4.addr = "192.168.1.11"; krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ]; diff --git a/makefu/2configs/tinc/siem.nix b/makefu/2configs/tinc/siem.nix new file mode 100644 index 000000000..fae72590f --- /dev/null +++ b/makefu/2configs/tinc/siem.nix @@ -0,0 +1,12 @@ +{lib, config, ... }: +{ + # TODO do not know why we need to force it, port is only set via default to 655 + krebs.build.host.nets.siem.tinc.port = lib.mkForce 1655; + + networking.firewall.allowedUDPPorts = [ 1665 ]; + networking.firewall.allowedTCPPorts = [ 1655 ]; + krebs.tinc.siem = { + enable = true; + connectTo = [ "shoney" ]; + }; +} |