forked from hswaw/hscloud
hswaw/machines/customs: upgrade to workspace nixos-unstable 2021-08-11
Change-Id: I6eb4408d40e14f24ebbe3f9f3aef0be952b44e8b Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1167 Reviewed-by: vuko <vuko@hackerspace.pl>master
parent
a01905ae64
commit
b6bc3e69b9
|
@ -46,7 +46,8 @@ let
|
|||
in {
|
||||
users.users."${user}" = {
|
||||
group = "${group}";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
uid = 1001;
|
||||
};
|
||||
users.groups."${group}" = {};
|
||||
|
||||
|
|
|
@ -80,7 +80,8 @@ let
|
|||
in {
|
||||
users.users."${user}" = {
|
||||
group = "${group}";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
uid = 1002;
|
||||
};
|
||||
users.groups."${group}" = {};
|
||||
|
||||
|
|
|
@ -497,31 +497,32 @@ in {
|
|||
|
||||
services.unbound = {
|
||||
enable = true;
|
||||
interfaces = [
|
||||
networks.lan.ipv4
|
||||
"127.0.0.1"
|
||||
"::1"
|
||||
# networks.lan.ipv6 TODO
|
||||
];
|
||||
allowedAccess = [
|
||||
"127.0.0.1/8"
|
||||
"10.0.0.0/8"
|
||||
];
|
||||
extraConfig = builtins.concatStringsSep "\n" ((map (
|
||||
name: ''
|
||||
stub-zone:
|
||||
name: ${name}
|
||||
stub-addr: ${networks.uplink.ipv4}
|
||||
''
|
||||
) [ "waw.hackerspace.pl" "api.eye.fi" "api.ustream.tv" "i"]) ++ [''
|
||||
forward-zone:
|
||||
name: "."
|
||||
forward-addr: 185.236.240.1
|
||||
'']);
|
||||
|
||||
settings = {
|
||||
server = {
|
||||
interface = [
|
||||
networks.lan.ipv4
|
||||
"127.0.0.1"
|
||||
"::1"
|
||||
# networks.lan.ipv6 TODO
|
||||
];
|
||||
access-control = [
|
||||
"127.0.0.1/8 allow"
|
||||
"10.0.0.0/8 allow"
|
||||
];
|
||||
};
|
||||
|
||||
stub-zone = map (name: {
|
||||
name = name;
|
||||
stub-addr = networks.uplink.ipv4;
|
||||
}) [ "waw.hackerspace.pl" "api.eye.fi" "api.ustream.tv" "i" ];
|
||||
forward-zone = {
|
||||
name = ".";
|
||||
forward-addr = "185.236.240.1";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
# Public VPN access for Hackerspace members
|
||||
services.openvpn.servers.members.config = ''
|
||||
script-security 3
|
||||
|
|
|
@ -7,7 +7,8 @@ let
|
|||
in {
|
||||
users.users."${user}" = {
|
||||
group = "${group}";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
uid = 1004;
|
||||
};
|
||||
users.groups."${group}" = {};
|
||||
|
||||
|
|
|
@ -18,7 +18,8 @@ let
|
|||
in {
|
||||
users.users."${user}" = {
|
||||
group = "${group}";
|
||||
useDefaultShell = true;
|
||||
isSystemUser = true;
|
||||
uid = 1003;
|
||||
};
|
||||
users.groups."${group}" = {};
|
||||
|
||||
|
|
|
@ -152,7 +152,7 @@ in {
|
|||
../bgpwtf/machines/edge01.waw.bgp.wtf-hardware.nix
|
||||
];
|
||||
|
||||
"customs.hackerspace.pl" = mkMachine nixpkgsCustoms [
|
||||
"customs.hackerspace.pl" = mkMachine pkgs [
|
||||
../hswaw/machines/customs.hackerspace.pl/configuration.nix
|
||||
];
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue