diff options
Diffstat (limited to 'tv')
| -rw-r--r-- | tv/1systems/cd.nix | 78 | ||||
| -rw-r--r-- | tv/2configs/git.nix | 2 | ||||
| -rw-r--r-- | tv/2configs/retiolum.nix | 3 | ||||
| -rw-r--r-- | tv/5pkgs/netcup/default.nix | 2 | ||||
| -rw-r--r-- | tv/Zcerts/charybdis_cd.crt.pem | 24 |
5 files changed, 3 insertions, 106 deletions
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 043e91510..dd8e2cc64 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -10,85 +10,7 @@ with import <stockholm/lib>; ../2configs/hw/CAC-Developer-2.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix - ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/urlwatch.nix - { - tv.charybdis = { - enable = true; - ssl_cert = ../Zcerts/charybdis_cd.crt.pem; - }; - tv.iptables.input-retiolum-accept-tcp = [ - config.tv.charybdis.port - config.tv.charybdis.sslport - ]; - } - { - tv.ejabberd = { - enable = true; - hosts = [ "jabber.viljetic.de" ]; - }; - tv.iptables.input-internet-accept-tcp = [ - "xmpp-client" - "xmpp-server" - ]; - } - { - krebs.github-hosts-sync.enable = true; - tv.iptables.input-internet-accept-tcp = - singleton config.krebs.github-hosts-sync.port; - } - { - krebs.nginx.servers.cgit.server-names = [ - "cgit.cd.krebsco.de" - "cgit.cd.viljetic.de" - ]; - # TODO make public_html also available to cd, cd.retiolum (AKA default) - krebs.nginx.servers."https://viljetic.de" = { - server-names = singleton "viljetic.de"; - listen = mkForce []; # disable default - ssl = { - enable = true; - certificate = "/var/lib/acme/viljetic.de/fullchain.pem"; - certificate_key = "/var/lib/acme/viljetic.de/key.pem"; - }; - locations = [ - (nameValuePair "/" '' - root ${pkgs.viljetic-pages}; - '') - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; - }; - krebs.nginx.servers."http://viljetic.de" = { - server-names = singleton "viljetic.de"; - locations = [ - (nameValuePair "/.well-known/acme-challenge/" '' - root /var/lib/acme/challenges/viljetic.de/; - '') - (nameValuePair "/" '' - return 301 https://viljetic.de$request_uri; - '') - ]; - }; - security.acme = { - certs."viljetic.de" = { - email = "tomislav@viljetic.de"; - webroot = "/var/lib/acme/challenges/viljetic.de"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - ]; - user = "nginx"; - }; - }; - tv.iptables.input-internet-accept-tcp = [ - "http" - "https" - ]; - } ]; networking = { diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index b38ef00f9..b6724f40e 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -89,7 +89,7 @@ let # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#retiolum"; - server = "cd.retiolum"; + server = "ni.r"; verbose = true; }; }; diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix index ad1116d4f..a914dad43 100644 --- a/tv/2configs/retiolum.nix +++ b/tv/2configs/retiolum.nix @@ -7,9 +7,8 @@ with import <stockholm/lib>; enable = true; connectTo = filter (ne config.krebs.build.host.name) [ "gum" + "ni" "prism" - "echelon" - "cd" ]; tincPackage = pkgs.tinc_pre; }; diff --git a/tv/5pkgs/netcup/default.nix b/tv/5pkgs/netcup/default.nix index 2443e9e73..6d2ec6896 100644 --- a/tv/5pkgs/netcup/default.nix +++ b/tv/5pkgs/netcup/default.nix @@ -16,7 +16,7 @@ in stdenv.mkDerivation { name = "netcup-1.0.0"; src = fetchgit { - url = "http://cgit.cd.krebsco.de/netcup"; + url = "http://cgit.ni.krebsco.de/netcup"; rev = "tags/v1.0.0"; sha256 = "0m6mk16pblvnapxykxdccvphslbv1gjfziyr86bnqin1xb1g99bq"; }; diff --git a/tv/Zcerts/charybdis_cd.crt.pem b/tv/Zcerts/charybdis_cd.crt.pem deleted file mode 100644 index c613ff380..000000000 --- a/tv/Zcerts/charybdis_cd.crt.pem +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEGzCCAwOgAwIBAgIJAJJiphQRTzFPMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYD -VQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQHDBlCZW50 -bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8GA1UECwwI -cmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcNAQkBFg50 -dkB3dS5yZXRpb2x1bTAeFw0xNTA3MTkxODQ2MjhaFw0xNjA3MDkxODQ2MjhaMIGj -MQswCQYDVQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQH -DBlCZW50bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8G -A1UECwwIcmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcN -AQkBFg50dkB3dS5yZXRpb2x1bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAMyPb37kchbjZi6WsvpQeGOVEBTU8B4E24GkfetbfYtsFqW6pIKN7DlTFKzJ -3WKSLIf/cZuBQJucKuc8QXc5ZEXQ66QyCiX6al0j4C0AnHN17OhgH3yvmioWI4kI -ycD4N5TnaD2V0OK/HlhKCrIEly6+Nczeo+k5vrcgkkSYJivFpgK1r5+taBYiU4cc -Pgke2p3mRpZFfK61Ft6DlAg2rL2NVt7Qk0pp6BgCrtVIl968SmVKAEQBHnSYd9z2 -bNE2PH3qI+FLIfioOfXazmogxoQWR9LbKPUQ5nFRDXEJZg1hKDzseUkwV/oU8W3K -a37lOovqy+qwjYELrWP346/OF5UCAwEAAaNQME4wHQYDVR0OBBYEFI7WWP+tabb5 -CH5aY5mJcMdKGeaXMB8GA1UdIwQYMBaAFI7WWP+tabb5CH5aY5mJcMdKGeaXMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKAF8hSu7Cgp2jei3GPVOE+R -TtZUePjFJw7iUSYaG1loGfY23IgEzS/jPd/m4jueRTDbtDl7cFTUmKKsF1WWH84l -s49J2HktiHTiHyZphgWFfbjUZO4nbH11Pac64WPfoeTzm9LnM0xXNd/7VCDXRess -a6pXtAQXAZri9HOsAeNO0WFivu4oug2pyUoLE64o3UemSwBi0JW2W1KvuYGnQXEa -HqrFGLBSEQuD4wTePdK0USjhNC8ceMx04b1hUQzuMf8pcXdpkLN6bIOaA/FRxmX9 -3L+6CZPVfQvvw10eLjWv3UYgIjOQFCUR4LsvkVxTaEav0KwmyCC4GUr9Vd+n3eQ= ------END CERTIFICATE----- |