m 1,2 : wry serves as iodine entry point

This commit is contained in:
makefu 2015-10-19 23:46:10 +02:00
parent 1b7f9b9c07
commit 66496105dd
3 changed files with 22 additions and 4 deletions

View file

@ -11,6 +11,8 @@ in {
../2configs/base-sources.nix
../2configs/tinc-basic-retiolum.nix
../2configs/iodined.nix
# Reaktor
../2configs/Reaktor/simpleExtend.nix
];
@ -46,7 +48,7 @@ in {
hostnames_anonymous = [ "graphs.krebsco.de" ];
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [ 53 80 443 ];
krebs.build = {
user = config.krebs.users.makefu;

View file

@ -3,9 +3,9 @@
{
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
#url = https://github.com/makefu/nixpkgs;
rev = "dc18f39bfb2f9d1ba62c7e8ad98544bb15cb26b2"; # nixos-15.09
#url = https://github.com/NixOS/nixpkgs;
url = https://github.com/makefu/nixpkgs;
rev = "78340b042463fd35caa587b0db2e400e5666dbe1"; # nixos-15.09 + cherry-picked iodine
};
dir.secrets = {

16
2configs/iodined.nix Normal file
View file

@ -0,0 +1,16 @@
{ services,builtins,environment,pkgs, ... }:
let
# TODO: make this a parameter
domain = "io.krebsco.de";
pw = import <secrets/iodinepw.nix>;
in {
services.iodined = {
enable = true;
domain = domain;
ip = "172.16.10.1/24";
extraConfig = "-P ${pw}";
};
}