From 2e7f0ada013810e577944434f42000313befe549 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Thu, 7 Jun 2018 08:24:56 +0200
Subject: l: kops -> krops

---
 lass/1systems/blue/config.nix | 8 ++++++++
 lass/1systems/mors/config.nix | 8 --------
 2 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix
index aef055cf0..a84bb37f6 100644
--- a/lass/1systems/blue/config.nix
+++ b/lass/1systems/blue/config.nix
@@ -12,6 +12,14 @@ with import <stockholm/lib>;
 
   krebs.build.host = config.krebs.hosts.blue;
 
+  environment.shellAliases = {
+    deploy = pkgs.writeDash "deploy" ''
+      set -eu
+      export SYSTEM="$1"
+      $(nix-build $HOME/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
+    '';
+  };
+
   networking.nameservers = [ "1.1.1.1" ];
 
   lass.restic = genAttrs [
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index de6963eb5..97e69146e 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -140,14 +140,6 @@ with import <stockholm/lib>;
     OnCalendar = "00:37";
   };
 
-  environment.shellAliases = {
-    deploy = pkgs.writeDash "deploy" ''
-      set -eu
-      export SYSTEM="$1"
-      $(nix-build $HOME/stockholm/lass/kops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
-    '';
-  };
-
   nix.package = pkgs.nixUnstable;
   programs.adb.enable = true;
   users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
-- 
cgit v1.2.3


From bc0cd03da463c9cf67ba47b034bbbe32d9391beb Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Fri, 8 Jun 2018 04:57:52 +0200
Subject: move Reaktor|krebs from prism to hotdog

---
 lass/1systems/prism/config.nix | 1 -
 1 file changed, 1 deletion(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 7a9537b64..285dbfa9d 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -175,7 +175,6 @@ with import <stockholm/lib>;
         alias /var/realwallpaper/realwallpaper.png;
       '';
     }
-    <stockholm/krebs/2configs/reaktor-krebs.nix>
     <stockholm/lass/2configs/dcso-dev.nix>
     {
       users.users.jeschli = {
-- 
cgit v1.2.3


From e34ca32676d1fe6a4aab3cca1518b111a36ef8cd Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Fri, 8 Jun 2018 04:59:14 +0200
Subject: l prism.r: remove unnecessary iptables forward

---
 lass/1systems/prism/config.nix | 15 ---------------
 1 file changed, 15 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 285dbfa9d..d6d1ce2e4 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -293,21 +293,6 @@ with import <stockholm/lib>;
         };
       };
     }
-    { #weechat port forwarding to blue
-      krebs.iptables.tables.filter.INPUT.rules = [
-        { predicate = "-p tcp --dport 9998"; target = "ACCEPT";}
-      ];
-      krebs.iptables.tables.nat.PREROUTING.rules = [
-        { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.prism.nets.internet.ip4.addr} -p tcp --dport 9998"; target = "DNAT --to-destination ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}:9999"; }
-      ];
-      krebs.iptables.tables.filter.FORWARD.rules = [
-        { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "ACCEPT"; }
-        { v6 = false; precedence = 1000; predicate = "-s ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}"; target = "ACCEPT"; }
-      ];
-      krebs.iptables.tables.nat.POSTROUTING.rules = [
-        { v6 = false; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "MASQUERADE"; }
-      ];
-    }
     {
       krebs.iptables.tables.filter.INPUT.rules = [
          { predicate = "-p udp --dport 51820"; target = "ACCEPT"; }
-- 
cgit v1.2.3


From d7d39081d0c3866696e38fb42ae7e2ae28f28c69 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Fri, 8 Jun 2018 05:04:21 +0200
Subject: l prism.r: open ports for mosh

---
 lass/1systems/prism/config.nix | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index d6d1ce2e4..61d147c5f 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -321,6 +321,11 @@ with import <stockholm/lib>;
         ];
       };
     }
+    {
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
-- 
cgit v1.2.3


From 9b389fd6644a71c0fb8fdc7764727d771d54e221 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Mon, 11 Jun 2018 15:45:12 +0200
Subject: Revert "l prism.r: remove unnecessary iptables forward"

This reverts commit e34ca32676d1fe6a4aab3cca1518b111a36ef8cd.
---
 lass/1systems/prism/config.nix | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 61d147c5f..9a0bb49e9 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -293,6 +293,21 @@ with import <stockholm/lib>;
         };
       };
     }
+    { #weechat port forwarding to blue
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p tcp --dport 9998"; target = "ACCEPT";}
+      ];
+      krebs.iptables.tables.nat.PREROUTING.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.prism.nets.internet.ip4.addr} -p tcp --dport 9998"; target = "DNAT --to-destination ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}:9999"; }
+      ];
+      krebs.iptables.tables.filter.FORWARD.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "ACCEPT"; }
+        { v6 = false; precedence = 1000; predicate = "-s ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}"; target = "ACCEPT"; }
+      ];
+      krebs.iptables.tables.nat.POSTROUTING.rules = [
+        { v6 = false; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "MASQUERADE"; }
+      ];
+    }
     {
       krebs.iptables.tables.filter.INPUT.rules = [
          { predicate = "-p udp --dport 51820"; target = "ACCEPT"; }
-- 
cgit v1.2.3