From 66496105dd86eda15858df52acaae55f51d94bd7 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 19 Oct 2015 23:46:10 +0200 Subject: [PATCH] m 1,2 : wry serves as iodine entry point --- 1systems/wry.nix | 4 +++- 2configs/base-sources.nix | 6 +++--- 2configs/iodined.nix | 16 ++++++++++++++++ 3 files changed, 22 insertions(+), 4 deletions(-) create mode 100644 2configs/iodined.nix diff --git a/1systems/wry.nix b/1systems/wry.nix index 03b19d1..a7ed93c 100644 --- a/1systems/wry.nix +++ b/1systems/wry.nix @@ -11,6 +11,8 @@ in { ../2configs/base-sources.nix ../2configs/tinc-basic-retiolum.nix + ../2configs/iodined.nix + # Reaktor ../2configs/Reaktor/simpleExtend.nix ]; @@ -46,7 +48,7 @@ in { hostnames_anonymous = [ "graphs.krebsco.de" ]; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [ 53 80 443 ]; krebs.build = { user = config.krebs.users.makefu; diff --git a/2configs/base-sources.nix b/2configs/base-sources.nix index 826cd6f..7e6bebe 100644 --- a/2configs/base-sources.nix +++ b/2configs/base-sources.nix @@ -3,9 +3,9 @@ { krebs.build.source = { git.nixpkgs = { - url = https://github.com/NixOS/nixpkgs; - #url = https://github.com/makefu/nixpkgs; - rev = "dc18f39bfb2f9d1ba62c7e8ad98544bb15cb26b2"; # nixos-15.09 + #url = https://github.com/NixOS/nixpkgs; + url = https://github.com/makefu/nixpkgs; + rev = "78340b042463fd35caa587b0db2e400e5666dbe1"; # nixos-15.09 + cherry-picked iodine }; dir.secrets = { diff --git a/2configs/iodined.nix b/2configs/iodined.nix new file mode 100644 index 0000000..db8a1bf --- /dev/null +++ b/2configs/iodined.nix @@ -0,0 +1,16 @@ +{ services,builtins,environment,pkgs, ... }: + +let + # TODO: make this a parameter + domain = "io.krebsco.de"; + pw = import ; +in { + + services.iodined = { + enable = true; + domain = domain; + ip = "172.16.10.1/24"; + extraConfig = "-P ${pw}"; + }; + +}