summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2016-10-11 17:54:00 +0200
committerlassulus <lass@aidsballs.de>2016-10-11 17:54:00 +0200
commit798f90c0fd8931ef114f7c7db32daa9f15824733 (patch)
treee241892be8c85d05d297f11a5d312d41e2cb8f66 /makefu/2configs
parentb6c5994e037ab92055f5cfdeb89f46864b348b39 (diff)
parentfa5816431ce0314b1c3260c763a87922b0ad485b (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/default.nix2
-rw-r--r--makefu/2configs/iodined.nix10
-rw-r--r--makefu/2configs/laptop-backup.nix12
-rw-r--r--makefu/2configs/omo-share.nix1
-rw-r--r--makefu/2configs/sabnzbd.nix16
-rw-r--r--makefu/2configs/temp/share-samba.nix2
-rw-r--r--makefu/2configs/udpt.nix10
-rw-r--r--makefu/2configs/urlwatch.nix16
8 files changed, 45 insertions, 24 deletions
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index cdaa38f27..a7c2a983e 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -22,7 +22,7 @@ with config.krebs.lib;
build = {
user = config.krebs.users.makefu;
source = let inherit (config.krebs.build) host user; in {
- nixpkgs = if config.makefu.full-populate or (getEnv "dummy_secrets" == "true") then
+ nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{ # stable @ 2016-07-20
git = { url = https://github.com/nixos/nixpkgs; ref = "125ffff"; };
}
diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix
index d57c91ce8..ca489d073 100644
--- a/makefu/2configs/iodined.nix
+++ b/makefu/2configs/iodined.nix
@@ -7,10 +7,12 @@ let
in {
services.iodined = {
- enable = true;
- domain = domain;
- ip = "172.16.10.1/24";
- extraConfig = "-P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}";
+ server = {
+ enable = true;
+ domain = domain;
+ ip = "172.16.10.1/24";
+ extraConfig = "-P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}";
+ };
};
}
diff --git a/makefu/2configs/laptop-backup.nix b/makefu/2configs/laptop-backup.nix
new file mode 100644
index 000000000..8df7043c8
--- /dev/null
+++ b/makefu/2configs/laptop-backup.nix
@@ -0,0 +1,12 @@
+{config, lib, pkgs, ... }:
+
+{
+ systemd.user.services.duply-secrets = {
+ description = "run daily secrets backup";
+ startAt = "daily";
+ serviceConfig = {
+ Type = "oneshot";
+ ExecStart = "{pkgs.duply}/bin/duply omo-secrets backup";
+ };
+ };
+}
diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix
index 7e9842e14..86f768662 100644
--- a/makefu/2configs/omo-share.nix
+++ b/makefu/2configs/omo-share.nix
@@ -21,7 +21,6 @@ in {
sendfile on;
sendfile_max_chunk 512k;
directio 512;
- aio threads;
mp4;
autoindex on;
root /media;
diff --git a/makefu/2configs/sabnzbd.nix b/makefu/2configs/sabnzbd.nix
new file mode 100644
index 000000000..6b0f2ac3a
--- /dev/null
+++ b/makefu/2configs/sabnzbd.nix
@@ -0,0 +1,16 @@
+{ pkgs, config, ... }:
+
+with config.krebs.lib;
+let
+ web-port = 8080;
+in {
+ services.sabnzbd.enable = true;
+ services.sabnzbd.group = "download";
+ systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+
+ users.users.sabnzbd.group = mkForce "download";
+
+ networking.firewall.extraCommands = ''
+ iptables -A INPUT -i retiolum -p tcp --dport ${toString web-port} -j ACCEPT
+ '';
+}
diff --git a/makefu/2configs/temp/share-samba.nix b/makefu/2configs/temp/share-samba.nix
index c021e66c6..34f0ab0b4 100644
--- a/makefu/2configs/temp/share-samba.nix
+++ b/makefu/2configs/temp/share-samba.nix
@@ -2,9 +2,11 @@
users.users.smbguest = {
name = "smbguest";
uid = config.ids.uids.smbguest;
+ group = "share";
description = "smb guest user";
home = "/var/empty";
};
+ users.groups.share.members = [ "makefu" ];
networking.firewall.allowedTCPPorts = [
139 445 # samba
diff --git a/makefu/2configs/udpt.nix b/makefu/2configs/udpt.nix
index 6d55ffaf8..922743bf1 100644
--- a/makefu/2configs/udpt.nix
+++ b/makefu/2configs/udpt.nix
@@ -1,6 +1,7 @@
{pkgs, ...}:
let
+ daemon-port = 6969;
cfgfile = pkgs.writeText "udpt-config" ''
[db]
driver=sqlite3
@@ -11,7 +12,9 @@ let
port=6969
threads=5
allow_remotes=yes
- allow_iana_ips=no
+
+ # allow retiolum:
+ allow_iana_ips=yes
announce_interval=1800
cleanup_interval=120
@@ -19,7 +22,7 @@ let
enable=yes
[logging]
- filename=-
+ filename=/tmp/udpt.log
level=warning
'';
in {
@@ -27,5 +30,8 @@ in {
enable = true;
inherit cfgfile;
};
+ networking.firewall.extraCommands = ''
+ iptables -A INPUT -i retiolum -p udp --dport ${toString daemon-port} -j ACCEPT
+ '';
}
diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix
index f869f5a78..e0fbefa36 100644
--- a/makefu/2configs/urlwatch.nix
+++ b/makefu/2configs/urlwatch.nix
@@ -1,22 +1,6 @@
{ config, lib, ... }:
{
- nixpkgs.config.packageOverrides = pkgs: {
- urlwatch = with pkgs.pythonPackages; buildPythonPackage rec {
- name = "urlwatch-1.18";
-
- propagatedBuildInputs = [ futures ];
-
- src = pkgs.fetchurl {
- url = "http://thp.io/2008/urlwatch/${name}.tar.gz";
- sha256 = "090qfgx249ks7103sap6w47f8302ix2k46wxhfssxwsqcqdl25vb";
- };
-
- postFixup = ''
- wrapProgram "$out/bin/urlwatch" --prefix "PYTHONPATH" : "$PYTHONPATH"
- '';
- };
- };
krebs.urlwatch = {
enable = true;
mailto = config.krebs.users.makefu.mail;