diff options
author | lassulus <lass@aidsballs.de> | 2016-10-11 17:54:00 +0200 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2016-10-11 17:54:00 +0200 |
commit | 798f90c0fd8931ef114f7c7db32daa9f15824733 (patch) | |
tree | e241892be8c85d05d297f11a5d312d41e2cb8f66 /makefu/2configs | |
parent | b6c5994e037ab92055f5cfdeb89f46864b348b39 (diff) | |
parent | fa5816431ce0314b1c3260c763a87922b0ad485b (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs')
-rw-r--r-- | makefu/2configs/default.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/iodined.nix | 10 | ||||
-rw-r--r-- | makefu/2configs/laptop-backup.nix | 12 | ||||
-rw-r--r-- | makefu/2configs/omo-share.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/sabnzbd.nix | 16 | ||||
-rw-r--r-- | makefu/2configs/temp/share-samba.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/udpt.nix | 10 | ||||
-rw-r--r-- | makefu/2configs/urlwatch.nix | 16 |
8 files changed, 45 insertions, 24 deletions
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index cdaa38f27..a7c2a983e 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -22,7 +22,7 @@ with config.krebs.lib; build = { user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; in { - nixpkgs = if config.makefu.full-populate or (getEnv "dummy_secrets" == "true") then + nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then { # stable @ 2016-07-20 git = { url = https://github.com/nixos/nixpkgs; ref = "125ffff"; }; } diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix index d57c91ce8..ca489d073 100644 --- a/makefu/2configs/iodined.nix +++ b/makefu/2configs/iodined.nix @@ -7,10 +7,12 @@ let in { services.iodined = { - enable = true; - domain = domain; - ip = "172.16.10.1/24"; - extraConfig = "-P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}"; + server = { + enable = true; + domain = domain; + ip = "172.16.10.1/24"; + extraConfig = "-P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}"; + }; }; } diff --git a/makefu/2configs/laptop-backup.nix b/makefu/2configs/laptop-backup.nix new file mode 100644 index 000000000..8df7043c8 --- /dev/null +++ b/makefu/2configs/laptop-backup.nix @@ -0,0 +1,12 @@ +{config, lib, pkgs, ... }: + +{ + systemd.user.services.duply-secrets = { + description = "run daily secrets backup"; + startAt = "daily"; + serviceConfig = { + Type = "oneshot"; + ExecStart = "{pkgs.duply}/bin/duply omo-secrets backup"; + }; + }; +} diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix index 7e9842e14..86f768662 100644 --- a/makefu/2configs/omo-share.nix +++ b/makefu/2configs/omo-share.nix @@ -21,7 +21,6 @@ in { sendfile on; sendfile_max_chunk 512k; directio 512; - aio threads; mp4; autoindex on; root /media; diff --git a/makefu/2configs/sabnzbd.nix b/makefu/2configs/sabnzbd.nix new file mode 100644 index 000000000..6b0f2ac3a --- /dev/null +++ b/makefu/2configs/sabnzbd.nix @@ -0,0 +1,16 @@ +{ pkgs, config, ... }: + +with config.krebs.lib; +let + web-port = 8080; +in { + services.sabnzbd.enable = true; + services.sabnzbd.group = "download"; + systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + + users.users.sabnzbd.group = mkForce "download"; + + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT + ''; +} diff --git a/makefu/2configs/temp/share-samba.nix b/makefu/2configs/temp/share-samba.nix index c021e66c6..34f0ab0b4 100644 --- a/makefu/2configs/temp/share-samba.nix +++ b/makefu/2configs/temp/share-samba.nix @@ -2,9 +2,11 @@ users.users.smbguest = { name = "smbguest"; uid = config.ids.uids.smbguest; + group = "share"; description = "smb guest user"; home = "/var/empty"; }; + users.groups.share.members = [ "makefu" ]; networking.firewall.allowedTCPPorts = [ 139 445 # samba diff --git a/makefu/2configs/udpt.nix b/makefu/2configs/udpt.nix index 6d55ffaf8..922743bf1 100644 --- a/makefu/2configs/udpt.nix +++ b/makefu/2configs/udpt.nix @@ -1,6 +1,7 @@ {pkgs, ...}: let + daemon-port = 6969; cfgfile = pkgs.writeText "udpt-config" '' [db] driver=sqlite3 @@ -11,7 +12,9 @@ let port=6969 threads=5 allow_remotes=yes - allow_iana_ips=no + + # allow retiolum: + allow_iana_ips=yes announce_interval=1800 cleanup_interval=120 @@ -19,7 +22,7 @@ let enable=yes [logging] - filename=- + filename=/tmp/udpt.log level=warning ''; in { @@ -27,5 +30,8 @@ in { enable = true; inherit cfgfile; }; + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p udp --dport ${toString daemon-port} -j ACCEPT + ''; } diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix index f869f5a78..e0fbefa36 100644 --- a/makefu/2configs/urlwatch.nix +++ b/makefu/2configs/urlwatch.nix @@ -1,22 +1,6 @@ { config, lib, ... }: { - nixpkgs.config.packageOverrides = pkgs: { - urlwatch = with pkgs.pythonPackages; buildPythonPackage rec { - name = "urlwatch-1.18"; - - propagatedBuildInputs = [ futures ]; - - src = pkgs.fetchurl { - url = "http://thp.io/2008/urlwatch/${name}.tar.gz"; - sha256 = "090qfgx249ks7103sap6w47f8302ix2k46wxhfssxwsqcqdl25vb"; - }; - - postFixup = '' - wrapProgram "$out/bin/urlwatch" --prefix "PYTHONPATH" : "$PYTHONPATH" - ''; - }; - }; krebs.urlwatch = { enable = true; mailto = config.krebs.users.makefu.mail; |