diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-27 16:35:57 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-27 16:35:57 +0100 |
commit | ca4548ad71aa906b516b1c37dcc65b3963e41130 (patch) | |
tree | b0f6bae4e2c6115e37f72b3c3a46b5ace5610f13 /accounts | |
parent | f5f79ce39d0c90780b1e4f76848ba8210da5040f (diff) | |
download | nixos-ca4548ad71aa906b516b1c37dcc65b3963e41130.tar nixos-ca4548ad71aa906b516b1c37dcc65b3963e41130.tar.gz nixos-ca4548ad71aa906b516b1c37dcc65b3963e41130.tar.bz2 nixos-ca4548ad71aa906b516b1c37dcc65b3963e41130.tar.xz nixos-ca4548ad71aa906b516b1c37dcc65b3963e41130.zip |
gkleen@sif: socks proxy vidhar
Diffstat (limited to 'accounts')
-rw-r--r-- | accounts/gkleen@sif/ssh-hosts.nix | 10 | ||||
-rw-r--r-- | accounts/gkleen@sif/systemd.nix | 38 |
2 files changed, 34 insertions, 14 deletions
diff --git a/accounts/gkleen@sif/ssh-hosts.nix b/accounts/gkleen@sif/ssh-hosts.nix index ff319d02..e2bd2375 100644 --- a/accounts/gkleen@sif/ssh-hosts.nix +++ b/accounts/gkleen@sif/ssh-hosts.nix | |||
@@ -267,6 +267,16 @@ | |||
267 | ControlMaster = "no"; | 267 | ControlMaster = "no"; |
268 | }; | 268 | }; |
269 | }; | 269 | }; |
270 | "proxy.vidhar" = | ||
271 | { hostname = "vidhar.yggdrasil"; | ||
272 | identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil"; | ||
273 | extraOptions = { | ||
274 | ControlPath = "none"; | ||
275 | ExitOnForwardFailure = "yes"; | ||
276 | ServerAliveCountMax = "15"; | ||
277 | ServerAliveInterval = "2"; | ||
278 | }; | ||
279 | }; | ||
270 | "math60" = | 280 | "math60" = |
271 | { hostname = "math60.math.lmu.de"; | 281 | { hostname = "math60.math.lmu.de"; |
272 | }; | 282 | }; |
diff --git a/accounts/gkleen@sif/systemd.nix b/accounts/gkleen@sif/systemd.nix index a32e61b2..06eaef4f 100644 --- a/accounts/gkleen@sif/systemd.nix +++ b/accounts/gkleen@sif/systemd.nix | |||
@@ -90,26 +90,36 @@ in { | |||
90 | StartLimitBurst = 7; | 90 | StartLimitBurst = 7; |
91 | }; | 91 | }; |
92 | }; | 92 | }; |
93 | "proxy-to-autossh-socks@8118" = { | 93 | "autossh-socks@proxy.mathw0h:8121" = { |
94 | Unit = { | ||
95 | Requires = ["autossh-socks@proxy.mathw0h:8119.service" "proxy-to-autossh-socks@8118.socket"]; | ||
96 | After = ["autossh-socks@proxy.mathw0h:8119.service" "proxy-to-autossh-socks@8118.socket"]; | ||
97 | }; | ||
98 | Service = { | 94 | Service = { |
99 | ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd --exit-idle-time=10s localhost:8119"; | 95 | Type = "notify"; |
96 | NotifyAccess = "all"; | ||
97 | WorkingDirectory = "~"; | ||
98 | Restart = "always"; | ||
99 | RestartSec = "2s"; | ||
100 | ExecStart = "${autossh-socks-script} \"%I\""; | ||
101 | }; | ||
102 | Unit = { | ||
103 | StopWhenUnneeded = true; | ||
100 | }; | 104 | }; |
101 | }; | 105 | }; |
102 | }; | 106 | } // listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${port}" { |
103 | sockets = { | 107 | Unit = { |
104 | "proxy-to-autossh-socks@8118" = { | 108 | Requires = ["autossh-socks@proxy.mathw0h:${port + 1}.service" "proxy-to-autossh-socks@${port}.socket"]; |
105 | Socket = { | 109 | After = ["autossh-socks@proxy.mathw0h:${port + 1}.service" "proxy-to-autossh-socks@${port}.socket"]; |
106 | ListenStream = "%I"; | ||
107 | }; | 110 | }; |
108 | Install = { | 111 | Service = { |
109 | WantedBy = ["default.target"]; | 112 | ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd --exit-idle-time=10s localhost:${port + 1}"; |
110 | }; | 113 | }; |
114 | }) [8118 8120]); | ||
115 | sockets = listToAttrs (map (port: nameValuePair "proxy-to-autossh-socks@${port}" { | ||
116 | Socket = { | ||
117 | ListenStream = "%I"; | ||
111 | }; | 118 | }; |
112 | }; | 119 | Install = { |
120 | WantedBy = ["default.target"]; | ||
121 | }; | ||
122 | }) [8118 8120]); | ||
113 | timers = { | 123 | timers = { |
114 | sync-keepass = { | 124 | sync-keepass = { |
115 | Timer = { | 125 | Timer = { |