From cea5826d1f2cd81b2effbe7324b05cefac160fc6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:27:22 +0100 Subject: l 1 prism: activate bitlbee --- lass/1systems/prism.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 87334c3c2..8707c04c1 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -10,6 +10,7 @@ in { ../2configs/downloading.nix ../2configs/git.nix ../2configs/ts3.nix + ../2configs/bitlbee.nix { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories -- cgit v1.2.3 From 870b379dd9ed6151673d6acaaf3ed2c28454a0c7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Nov 2015 02:33:30 +0100 Subject: l 1 prism: add stuff for juhulian --- lass/1systems/prism.nix | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 8707c04c1..ff5fad75f 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -88,6 +88,25 @@ in { { nixpkgs.config.allowUnfree = true; } + { + #stuff for juhulian + users.extraUsers.juhulian = { + name = "juhulian"; + uid = 1339; + home = "/home/juhulian"; + group = "users"; + createHome = true; + useDefaultShell = true; + extraGroups = [ + ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian" + ]; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 40cb49f5246ad59abbda628244bb6edbe30058c0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:02:28 +0100 Subject: l 1 echelon: disable redis --- lass/1systems/echelon.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index dc0ca0274..39af4a96f 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -13,7 +13,7 @@ in { ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix ../2configs/git.nix - ../2configs/redis.nix + #../2configs/redis.nix ../2configs/go.nix ../2configs/ircd.nix ../2configs/newsbot-js.nix -- cgit v1.2.3 From ccb6884708f8106a4f02dcd9dc98e9fd02668add Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:06:16 +0100 Subject: l 1 prism: add stuff for oneline httpserver --- lass/1systems/prism.nix | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index ff5fad75f..85021887f 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -107,6 +107,14 @@ in { { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} ]; } + { + environment.systemPackages = [ + pkgs.perlPackages.Plack + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From c373eac636525a65d28c1f39cbf599edbcf60ebc Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:10:55 +0100 Subject: l 1 mors: use new wordpress test --- lass/1systems/mors.nix | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 7db3f8333..803c149b8 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -18,10 +18,31 @@ ../2configs/chromium-patched.nix ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/wordpress.nix + #../2configs/wordpress.nix ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + { + #wordpress-test + #imports = singleton (sitesGenerators.createWordpress "testserver.de"); + imports = [ + ../3modules/wordpress_nginx.nix + ]; + lass.wordpress."testserver.de" = { + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + rootPassword = "/mysql_rootPassword"; + }; + networking.extraHosts = '' + 10.243.0.2 testserver.de + ''; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } + ]; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 8cc4395e15498aa607e96fef09d9f7b9827567fc Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 01:12:07 +0100 Subject: l 1 mors: open risk of rain port for lan --- lass/1systems/mors.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 803c149b8..7b91fa6be 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -22,6 +22,12 @@ ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + { + #risk of rain port + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } + ]; + } { #wordpress-test #imports = singleton (sitesGenerators.createWordpress "testserver.de"); -- cgit v1.2.3 From a204949071a964584bf27889277c8890ed724979 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 13:05:19 +0100 Subject: move testhosts to shared from lass --- lass/1systems/test-arch.nix | 36 ------------------------------------ lass/1systems/test-centos6.nix | 30 ------------------------------ lass/1systems/test-centos7.nix | 31 ------------------------------- 3 files changed, 97 deletions(-) delete mode 100644 lass/1systems/test-arch.nix delete mode 100644 lass/1systems/test-centos6.nix delete mode 100644 lass/1systems/test-centos7.nix (limited to 'lass/1systems') diff --git a/lass/1systems/test-arch.nix b/lass/1systems/test-arch.nix deleted file mode 100644 index 0ab9da2f3..000000000 --- a/lass/1systems/test-arch.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - -in { - imports = [ - ../2configs/base.nix - { - boot.loader.grub = { - device = "/dev/sda"; - splashImage = null; - }; - - boot.initrd.availableKernelModules = [ - "ata_piix" - "vmw_pvscsi" - ]; - - fileSystems."/" = { - device = "/dev/sda1"; - }; - } - { - networking.dhcpcd.allowInterfaces = [ - "enp*" - ]; - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-arch; -} diff --git a/lass/1systems/test-centos6.nix b/lass/1systems/test-centos6.nix deleted file mode 100644 index 7270c2262..000000000 --- a/lass/1systems/test-centos6.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - - ip = "168.235.148.52"; -in { - imports = [ - ../2configs/base.nix - ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix - { - networking.interfaces.enp11s0.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = getDefaultGateway ip; - networking.nameservers = [ - "8.8.8.8" - ]; - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-centos6; -} diff --git a/lass/1systems/test-centos7.nix b/lass/1systems/test-centos7.nix deleted file mode 100644 index 91bd3e0fe..000000000 --- a/lass/1systems/test-centos7.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - - ip = "168.235.145.85"; -in { - imports = [ - ../2configs/base.nix - ../2configs/os-templates/CAC-CentOS-7-64bit.nix - { - networking.interfaces.enp2s1.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = getDefaultGateway ip; - networking.nameservers = [ - "8.8.8.8" - ]; - - } - { - sound.enable = false; - } - ]; - - krebs.build.host = config.krebs.hosts.test-centos7; -} -- cgit v1.2.3 From a1142b25c62e4009e56b881234829fb734196d93 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 13 Nov 2015 14:57:51 +0100 Subject: l 1 prism: import weechat.nix --- lass/1systems/prism.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 85021887f..599f4704e 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -11,6 +11,7 @@ in { ../2configs/git.nix ../2configs/ts3.nix ../2configs/bitlbee.nix + ../2configs/weechat.nix { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories -- cgit v1.2.3 From 866c9f69d9e6233fd2f39a8dbee4e7facf365d55 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 17:58:21 +0100 Subject: l 1 prism: add juiceSSH key for chat --- lass/1systems/prism.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 599f4704e..d65f4a185 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -116,6 +116,11 @@ in { { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} ]; } + { + users.users.chat.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH" + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 1e81cb2151336859eed949bb6d8a17a93960bf10 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 17:58:58 +0100 Subject: l 1 prism: set timezone to Europe/Berlin --- lass/1systems/prism.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index d65f4a185..fe9967837 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -121,6 +121,9 @@ in { "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH" ]; } + { + time.timeZone = "Europe/Berlin"; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 75ab577d4922f3b57a890af668b9c0fb405a50b0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:22:09 +0100 Subject: l 1 mors: import stuff --- lass/1systems/mors.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 7b91fa6be..4ba9df6f9 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -22,6 +22,9 @@ ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/skype.nix + ../2configs/teamviewer.nix + ../2configs/libvirt.nix + ../2configs/fetchWallpaper.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ -- cgit v1.2.3 From 24105297bd9ff8af57befeb56f4ef42d439a531d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 12 Dec 2015 18:22:47 +0100 Subject: l 1 prism: activate websites --- lass/1systems/prism.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index fe9967837..95c55533c 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -124,6 +124,15 @@ in { { time.timeZone = "Europe/Berlin"; } + { + imports = [ + ../2configs/websites/wohnprojekt-rhh.de.nix + ../2configs/websites/domsen.nix + ]; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3