From 6654f03b09b7b80e3ee6339c92e6172579349744 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 23 Mar 2019 16:08:20 +0100
Subject: l: enable netdata on all hosts

---
 lass/2configs/default.nix | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lass/2configs/default.nix')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 2547e8bac..085cc04b7 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -218,4 +218,7 @@ with import <stockholm/lib>;
   networking.dhcpcd.extraConfig = ''
     noipv4ll
   '';
+  services.netdata = {
+    enable = true;
+  };
 }
-- 
cgit v1.2.3


From d820e42a584160f3ff7d00a8ccf19ae82717ba90 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 7 Apr 2019 19:08:11 +0200
Subject: l: import backup.nix

---
 lass/2configs/default.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lass/2configs/default.nix')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 085cc04b7..646d3e0c1 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -4,6 +4,7 @@ with import <stockholm/lib>;
   imports = [
     <stockholm/krebs/2configs/nscd-fix.nix>
     ./binary-cache/client.nix
+    ./backup.nix
     ./gc.nix
     ./mc.nix
     ./vim.nix
-- 
cgit v1.2.3


From d817fe8a18625eb684f06de97e058f66ebbea50d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 7 Apr 2019 19:08:32 +0200
Subject: l: don't authorize shodan/icarus

---
 lass/2configs/default.nix | 2 --
 1 file changed, 2 deletions(-)

(limited to 'lass/2configs/default.nix')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 646d3e0c1..9dc2eed21 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -43,8 +43,6 @@ with import <stockholm/lib>;
           openssh.authorizedKeys.keys = [
             config.krebs.users.lass-mors.pubkey
             config.krebs.users.lass-blue.pubkey
-            config.krebs.users.lass-shodan.pubkey
-            config.krebs.users.lass-icarus.pubkey
           ];
         };
       };
-- 
cgit v1.2.3


From 33283cb99c9a9494f8530542f1ab72a432b1709c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 7 Apr 2019 19:14:54 +0200
Subject: l: remove prometheus monitoring

---
 lass/2configs/default.nix | 1 -
 1 file changed, 1 deletion(-)

(limited to 'lass/2configs/default.nix')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 9dc2eed21..7ee83c174 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -8,7 +8,6 @@ with import <stockholm/lib>;
     ./gc.nix
     ./mc.nix
     ./vim.nix
-    ./monitoring/node-exporter.nix
     ./zsh.nix
     ./htop.nix
     ./security-workarounds.nix
-- 
cgit v1.2.3


From a93670a60ee8fd21794846c4526d68aa2f244556 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 7 Apr 2019 19:18:46 +0200
Subject: l: open port 19999 (netdata)

---
 lass/2configs/default.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lass/2configs/default.nix')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 7ee83c174..972b4760a 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -209,6 +209,7 @@ with import <stockholm/lib>;
         { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
         { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
         { predicate = "-i retiolum -p udp -m udp --dport 53"; target = "ACCEPT"; }
+        { predicate = "-i retiolum -p tcp --dport 19999"; target = "ACCEPT"; }
       ];
     };
   };
-- 
cgit v1.2.3