lass: lass.iptables -> krebs.iptables

2015-10-01 22:13:40 +02:00 · 2015-10-01 22:13:40 +02:00 · 5052726286
parent 1078d1a8a3
commit 5052726286
8 changed files with 10 additions and 25 deletions
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@ -195,21 +195,11 @@
    };
  };

-  networking.firewall = {
-    allowPing = true;
-    allowedTCPPorts = [
-      8000
-    ];
-    allowedUDPPorts = [
-      67
-    ];
-  };
-
  services.mongodb = {
    enable = true;
  };

-  lass.iptables = {
+  krebs.iptables = {
    tables = {
      filter.INPUT.rules = [
        { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; precedence = 9001; }
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@ -3,7 +3,6 @@
 with lib;
 {
  imports = [
-    ../3modules/iptables.nix
    ../2configs/vim.nix
    ../2configs/zsh.nix
    ../2configs/mc.nix
@ -137,7 +136,7 @@ with lib;
    RuntimeMaxUse=128M
  '';

-  lass.iptables = {
+  krebs.iptables = {
    enable = true;
    tables = {
      filter.INPUT.policy = "DROP";
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@ -2,7 +2,6 @@

 {
  imports = [
-    ../3modules/iptables.nix
    ../3modules/folderPerms.nix
  ];

@ -47,7 +46,7 @@
    };
  };

-  lass.iptables = {
+  krebs.iptables = {
    enable = true;
    tables.filter.INPUT.rules = [
      { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
--- a/lass/2configs/fastpoke-pages.nix
+++ b/lass/2configs/fastpoke-pages.nix
@ -30,7 +30,6 @@ let

 in {
  imports = [
-    ../3modules/iptables.nix
  ] ++ map createStaticPage [
    "habsys.de"
    "pixelpocket.de"
@ -39,7 +38,7 @@ in {
    "apanowicz.de"
  ];

-  lass.iptables = {
+  krebs.iptables = {
    tables = {
      filter.INPUT.rules = [
        { predicate = "-p tcp --dport http"; target = "ACCEPT"; }
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@ -1,11 +1,8 @@
 { ... }:

 {
-  imports = [
-    ../3modules/iptables.nix
-  ];

-  lass.iptables = {
+  krebs.iptables = {
    tables = {
      filter.INPUT.rules = [
        { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
--- a/lass/2configs/steam.nix
+++ b/lass/2configs/steam.nix
@ -16,7 +16,9 @@
  environment.systemPackages = with pkgs; [
    steam
  ];
-  lass.iptables = {
+
+  #ports for inhome streaming
+  krebs.iptables = {
    tables = {
      filter.INPUT.rules = [
        { predicate = "-p tcp --dport 27031"; target = "ACCEPT"; }
--- a/lass/2configs/wordpress.nix
+++ b/lass/2configs/wordpress.nix
@ -8,10 +8,10 @@

    config = {
      imports = [
-        ../3modules/iptables.nix
+        ../../krebs/3modules/iptables.nix
      ];

-      lass.iptables = {
+      krebs.iptables = {
        enable = true;
        tables = {
          filter.INPUT.policy = "DROP";
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@ -3,6 +3,5 @@ _:
 {
  imports = [
    ./xresources.nix
-    ./iptables.nix
  ];
 }