commit e329245a1d812e8c30051c614438f679fc40f76e parent e064741f347a31dd739a506473eb20fb5c6ac0b2 Author: William Casarin <jb55@jb55.com> Date: Tue, 2 Mar 2021 15:55:31 -0800 BACKPORT: misc Signed-off-by: William Casarin <jb55@jb55.com> Diffstat:
| M | nix-config/machines/charon/default.nix | | | 8 | ++++++++ |
| M | nix-config/machines/charon/networking/default.nix | | | 12 | ++++-------- |
2 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/nix-config/machines/charon/default.nix b/nix-config/machines/charon/default.nix @@ -430,6 +430,14 @@ in proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } + location = /saylor-saif { + return 302 https://episodes.castos.com/5ffc6bf0bf71b5-21733898/34.-Michael-Saylor-on-The-Fiat-Standard.mp3; + } + + location = /attack { + return 302 https://nakamotoinstitute.org/mempool/speculative-attack/; + } + location /phlog { autoindex on; } diff --git a/nix-config/machines/charon/networking/default.nix b/nix-config/machines/charon/networking/default.nix @@ -3,21 +3,17 @@ let openTCP = dev: port: '' ip46tables -A nixos-fw -i ${dev} -p tcp --dport ${toString port} -j nixos-fw-accept ''; + ports = { + git = 9418; + }; in { services.openssh.gatewayPorts = "yes"; - networking.firewall.allowedTCPPorts = [ 22 443 80 70 12566 12788 5222 5269 3415 ]; - networking.firewall.trustedInterfaces = ["zt0"]; + networking.firewall.allowedTCPPorts = with ports; [ 22 443 80 70 12566 12788 5222 5269 3415 git ]; networking.domain = "jb55.com"; networking.search = [ "jb55.com" ]; networking.extraHosts = '' 127.0.0.1 jb55.com ::1 jb55.com ''; - - networking.firewall.extraCommands = '' - ${openTCP "zt0" 993} - ${openTCP "zt0" 143} - ${openTCP "zt0" 587} - ''; }