stockholm/lass/2configs/iodined.nix

{ pkgs, config, ... }:

let
  # TODO: make this a parameter
  domain = "io.lassul.us";
  pw = import <secrets/iodinepw.nix>;
in {

  services.iodine.server = {
    enable = true;
    domain = domain;
    ip = "172.16.10.1/24";
    extraConfig = "-c -P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}";
  };

  krebs.iptables.tables.filter.INPUT.rules = [
    { predicate = "-p udp --dport 53"; target = "ACCEPT";}
  ];

}
l 2: add iodined.nix & import in prism 2016-09-12 22:04:48 +00:00			`{ pkgs, config, ... }:`

			`let`
			`# TODO: make this a parameter`
			`domain = "io.lassul.us";`
			`pw = import <secrets/iodinepw.nix>;`
			`in {`

l 2 iodined: iodined -> iodine.server 2016-10-11 15:43:12 +00:00			`services.iodine.server = {`
l 2: add iodined.nix & import in prism 2016-09-12 22:04:48 +00:00			`enable = true;`
			`domain = domain;`
			`ip = "172.16.10.1/24";`
l 2 iodined: add -c to running command 2016-10-01 00:16:47 +00:00			`extraConfig = "-c -P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}";`
l 2: add iodined.nix & import in prism 2016-09-12 22:04:48 +00:00			`};`

			`krebs.iptables.tables.filter.INPUT.rules = [`
l 2 iodined: open the correct port 2016-10-01 00:17:17 +00:00			`{ predicate = "-p udp --dport 53"; target = "ACCEPT";}`
l 2: add iodined.nix & import in prism 2016-09-12 22:04:48 +00:00			`];`

			`}`