summaryrefslogtreecommitdiffstats
path: root/tv/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'tv/2configs')
-rw-r--r--tv/2configs/default.nix2
-rw-r--r--tv/2configs/exim-retiolum.nix2
-rw-r--r--tv/2configs/exim-smarthost.nix2
-rw-r--r--tv/2configs/nginx/default.nix2
-rw-r--r--tv/2configs/nginx/public_html.nix2
-rw-r--r--tv/2configs/retiolum.nix6
6 files changed, 9 insertions, 7 deletions
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 741955eee..2eab8d1db 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -174,7 +174,7 @@ with config.krebs.lib;
{ type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
];
};
- tv.iptables.input-internet-accept-new-tcp = singleton "ssh";
+ tv.iptables.input-internet-accept-tcp = singleton "ssh";
}
{
diff --git a/tv/2configs/exim-retiolum.nix b/tv/2configs/exim-retiolum.nix
index 9197a3c30..ad355f8b4 100644
--- a/tv/2configs/exim-retiolum.nix
+++ b/tv/2configs/exim-retiolum.nix
@@ -4,5 +4,5 @@ with config.krebs.lib;
{
krebs.exim-retiolum.enable = true;
- tv.iptables.input-retiolum-accept-new-tcp = singleton "smtp";
+ tv.iptables.input-retiolum-accept-tcp = singleton "smtp";
}
diff --git a/tv/2configs/exim-smarthost.nix b/tv/2configs/exim-smarthost.nix
index 3616a8f52..351b54da1 100644
--- a/tv/2configs/exim-smarthost.nix
+++ b/tv/2configs/exim-smarthost.nix
@@ -43,5 +43,5 @@ with config.krebs.lib;
{ from = "mirko"; to = "mv"; }
];
};
- tv.iptables.input-internet-accept-new-tcp = singleton "smtp";
+ tv.iptables.input-internet-accept-tcp = singleton "smtp";
}
diff --git a/tv/2configs/nginx/default.nix b/tv/2configs/nginx/default.nix
index 1fac65a31..d0d07d5ca 100644
--- a/tv/2configs/nginx/default.nix
+++ b/tv/2configs/nginx/default.nix
@@ -12,6 +12,6 @@ with config.krebs.lib;
];
};
tv.iptables = optionalAttrs config.krebs.nginx.enable {
- input-retiolum-accept-new-tcp = singleton "http";
+ input-retiolum-accept-tcp = singleton "http";
};
}
diff --git a/tv/2configs/nginx/public_html.nix b/tv/2configs/nginx/public_html.nix
index 15a3b5482..858f16563 100644
--- a/tv/2configs/nginx/public_html.nix
+++ b/tv/2configs/nginx/public_html.nix
@@ -11,5 +11,5 @@ with config.krebs.lib;
'')
];
};
- tv.iptables.input-internet-accept-new-tcp = singleton "http";
+ tv.iptables.input-internet-accept-tcp = singleton "http";
}
diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix
index e1598d792..f79454157 100644
--- a/tv/2configs/retiolum.nix
+++ b/tv/2configs/retiolum.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
with config.krebs.lib;
@@ -12,6 +12,8 @@ with config.krebs.lib;
"cd"
"ire"
];
+ tincPackage = pkgs.tinc_pre;
};
- tv.iptables.input-internet-accept-new-tcp = singleton "tinc";
+ tv.iptables.input-internet-accept-tcp = singleton "tinc";
+ tv.iptables.input-internet-accept-udp = singleton "tinc";
}