citadel

My dotfiles, scripts and nix configs
git clone git://jb55.com/citadel
Log | Files | Refs | README | LICENSE

commit e329245a1d812e8c30051c614438f679fc40f76e
parent e064741f347a31dd739a506473eb20fb5c6ac0b2
Author: William Casarin <jb55@jb55.com>
Date:   Tue,  2 Mar 2021 15:55:31 -0800

BACKPORT: misc

Signed-off-by: William Casarin <jb55@jb55.com>

Diffstat:
Mnix-config/machines/charon/default.nix | 8++++++++
Mnix-config/machines/charon/networking/default.nix | 12++++--------
2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/nix-config/machines/charon/default.nix b/nix-config/machines/charon/default.nix @@ -430,6 +430,14 @@ in proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } + location = /saylor-saif { + return 302 https://episodes.castos.com/5ffc6bf0bf71b5-21733898/34.-Michael-Saylor-on-The-Fiat-Standard.mp3; + } + + location = /attack { + return 302 https://nakamotoinstitute.org/mempool/speculative-attack/; + } + location /phlog { autoindex on; } diff --git a/nix-config/machines/charon/networking/default.nix b/nix-config/machines/charon/networking/default.nix @@ -3,21 +3,17 @@ let openTCP = dev: port: '' ip46tables -A nixos-fw -i ${dev} -p tcp --dport ${toString port} -j nixos-fw-accept ''; + ports = { + git = 9418; + }; in { services.openssh.gatewayPorts = "yes"; - networking.firewall.allowedTCPPorts = [ 22 443 80 70 12566 12788 5222 5269 3415 ]; - networking.firewall.trustedInterfaces = ["zt0"]; + networking.firewall.allowedTCPPorts = with ports; [ 22 443 80 70 12566 12788 5222 5269 3415 git ]; networking.domain = "jb55.com"; networking.search = [ "jb55.com" ]; networking.extraHosts = '' 127.0.0.1 jb55.com ::1 jb55.com ''; - - networking.firewall.extraCommands = '' - ${openTCP "zt0" 993} - ${openTCP "zt0" 143} - ${openTCP "zt0" 587} - ''; }