From 4613095009ca1bffaa2c5a6a0eb3a18c1ab83131 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 20 Jun 2018 12:47:11 +0200 Subject: l: add radio.lassul.us --- lass/1systems/prism/config.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 9a0bb49e9..f6943c7f1 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -280,6 +280,18 @@ with import ; "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" ]; } + { + services.nginx = { + enable = true; + virtualHosts."radio.lassul.us" = { + forceSSL = true; + enableACME = true; + locations."/".extraConfig = '' + proxy_pass http://localhost:8000; + ''; + }; + }; + } { lass.nichtparasoup.enable = true; services.nginx = { -- cgit v1.2.3 From b1d315bb776792d81b0efdfd99e53d4f3695c9a6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 22 Jun 2018 20:18:34 +0200 Subject: l prism.r: enable murmur --- lass/1systems/prism/config.nix | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index f6943c7f1..780403813 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -353,6 +353,14 @@ with import ; { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} ]; } + { + services.murmur.enable = true; + services.murmur.registerName = "lassul.us"; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} + ]; + + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 2395f5cf47292f2eee7f65cafeecec9bb800765c Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 27 Jun 2018 23:37:25 +0200 Subject: l prism.r xmonad-stockholm: add add jeschli push access --- lass/1systems/prism/config.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 780403813..2626ebf33 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -188,6 +188,16 @@ with import ; ]; }; krebs.git.rules = [ + { + user = with config.krebs.users; [ + jeschli + jeschli-bln + jeschli-bolide + jeschli-brauerei + ]; + repo = [ config.krebs.git.repos.xmonad-stockholm ]; + perm = with git; push "refs/heads/jeschli*" [ fast-forward non-fast-forward create delete merge ]; + } { user = with config.krebs.users; [ jeschli -- cgit v1.2.3 From 279bf4e5530c6337f05916d2d7f86f62921eb7b9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 8 Jul 2018 01:02:22 +0200 Subject: l prism.r: activate earlyoom --- lass/1systems/prism/config.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 2626ebf33..f50f4fae5 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -376,4 +376,8 @@ with import ; krebs.build.host = config.krebs.hosts.prism; # workaround because grub store paths are broken boot.copyKernels = true; + services.earlyoom = { + enable = true; + freeMemThreshold = 5; + }; } -- cgit v1.2.3 From ecf5a6cfb25d5534d53e7cc0a361a2d7ff45cd90 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Jul 2018 18:56:39 +0200 Subject: l prism.r: disable forwarding to blue --- lass/1systems/prism/config.nix | 15 --------------- 1 file changed, 15 deletions(-) (limited to 'lass/1systems/prism') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index f50f4fae5..6be45d38d 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -315,21 +315,6 @@ with import ; }; }; } - { #weechat port forwarding to blue - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 9998"; target = "ACCEPT";} - ]; - krebs.iptables.tables.nat.PREROUTING.rules = [ - { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.prism.nets.internet.ip4.addr} -p tcp --dport 9998"; target = "DNAT --to-destination ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}:9999"; } - ]; - krebs.iptables.tables.filter.FORWARD.rules = [ - { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "ACCEPT"; } - { v6 = false; precedence = 1000; predicate = "-s ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}"; target = "ACCEPT"; } - ]; - krebs.iptables.tables.nat.POSTROUTING.rules = [ - { v6 = false; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "MASQUERADE"; } - ]; - } { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p udp --dport 51820"; target = "ACCEPT"; } -- cgit v1.2.3