From 6777ba6cb5d001b93a0ce3ebe2a3bd1cc4a490e2 Mon Sep 17 00:00:00 2001 From: kat witch Date: Mon, 26 Apr 2021 19:37:27 +0100 Subject: [PATCH] hosts/samhain: NFS move + correct interface --- hosts/samhain/nixos/default.nix | 29 ++++++++++------------------- 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/hosts/samhain/nixos/default.nix b/hosts/samhain/nixos/default.nix index 4712d7e2..ea9ccfd9 100644 --- a/hosts/samhain/nixos/default.nix +++ b/hosts/samhain/nixos/default.nix @@ -44,18 +44,6 @@ in { group = "nginx"; }; - fileSystems."/mnt/hex-corn" = { - device = "storah.net.lilwit.ch:/data/cornbox"; - fsType = "nfs"; - options = [ "x-systemd.automount" "noauto" ]; - }; - - fileSystems."/mnt/hex-tor" = { - device = "storah.net.lilwit.ch:/data/torrents"; - fsType = "nfs"; - options = [ "x-systemd.automount" "noauto" ]; - }; - secrets.files.kat-glauca-dns = { text = '' user="${tf.variables.dyn_username.ref}" @@ -98,33 +86,36 @@ in { # other stuffs boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - boot.supportedFilesystems = [ "zfs" "xfs" "nfs" ]; + boot.supportedFilesystems = [ "zfs" "xfs" ]; networking.hostName = "samhain"; networking.hostId = "617050fc"; networking.useDHCP = false; networking.interfaces.enp34s0.useDHCP = true; networking.firewall.allowPing = true; - networking.firewall.interfaces.enp1s0.allowedTCPPorts = [ + networking.firewall.interfaces.enp34s0.allowedTCPPorts = [ 1935 # rtmp 80 # http 443 # https - 445 # samba - 139 # samba ]; networking.firewall.interfaces.hexnet.allowedTCPPorts = [ 80 # http 443 # https 32101 # mpv + 443 # https + 111 # nfs + 2049 # nfs ]; - networking.firewall.interfaces.enp1s0.allowedUDPPorts = [ - 137 # samba - 138 # samba + networking.firewall.interfaces.enp34s0.allowedUDPPorts = [ 4010 # scream + 111 # nfs + 2049 # nfs ]; + networking.firewall.interfaces.hexnet.allowedUDPPorts = [ ]; + networking.firewall.allowedUDPPortRanges = [{ from = 32768; to = 60999;