update all the things

Author: andir

config/servers/bertha/default.nix

@@ -63,7 +63,7 @@ in
     fsType = "ext4";
   };
 
-  h4ck.monitoring.targetHost = "fd21:a07e:735e:ffff::1";
+  h4ck.monitoring.targetHost = "[fd21:a07e:735e:ffff::1]"; # need to add [ & ] for some URL scheme that changed over the years. Prometheus used to take these just fine :(
   h4ck.wireguardBackbone = {
     addresses = [
       "fe80::1/64"
@@ -477,10 +477,12 @@ in
         chain forward_to_lan {
           tcp dport { 22 } accept
           tcp dport { 6882 } accept;
+          udp dport { 49001 } accept;
 
-          ip6 nexthdr tcp tcp dport { 22, 80, 443, 655, 4001, 8000, 9100, 22000, 16686 } accept
+          ip6 nexthdr tcp tcp dport { 22, 80, 443, 655, 4001, 8000, 9100, 22000, 16686, 49001 } accept
           # allow mosh
           udp dport 60000-61000 accept
+          ip saddr 172.20.25.51/32 accept
 
           # forward to monitoring ports, final access control happens on each device
           ${lib.concatMapStringsSep "\n" (port: "tcp dport ${toString port} accept") monitoringPorts}
@@ -505,6 +507,7 @@ in
            type nat hook prerouting priority dstnat;
            # tcp dport { 4001 } dnat to $somewhere
            iifname uplink tcp dport { 6882 } dnat to 10.250.11.249
+           iifname uplink udp dport { 49001 } dnat to 172.20.24.174
 
            # dnat udp dport map @somemap;
         }

config/servers/bertha/unifi.nix

@@ -1,7 +1,7 @@
 { pkgs, config, lib, ... }:
 {
   services.unifi = {
-    enable = true;
+    enable = false;
     #mongodbPackage = pkgs.mongodb-4_2;
     unifiPackage = pkgs.unifi.overrideAttrs (
       _: rec {
@@ -15,8 +15,8 @@
   };
 
 
-  users.users.unifi.group = "unifi";
-  users.groups.unifi = { };
+  # users.users.unifi.group = "unifi";
+  # users.groups.unifi = { };
 
   services.nginx = {
     # disabled since unifi seems to request logins for unknown reason..

config/servers/crappy/default.nix

@@ -122,11 +122,10 @@
   ];
 
   environment.systemPackages = with pkgs; [
-    #rockpi4.mpv
-    mpv
+    rockpi4.mpv
     youtube-dl
     #rockpi4.mpp
-    #rockpi4.ffmpeg
+    rockpi4.ffmpeg
     ffmpeg
     syncplay
     streamlink

config/servers/crappy/graphical.nix

@@ -3,33 +3,8 @@
   environment.systemPackages = with pkgs; [
     ate
     firefox
-    (
-      ((pkgs.kodi.withPackages (p: with p; [
-        youtube
-        netflix
-        pvr-iptvsimple
-        a4ksubtitles
-        (p.buildKodiAddon {
-          pname = "plugin.video.media-ccc-de";
-          version = "git+" + pkgs.sources."plugin.video.media-ccc-de".revision;
-          namespace = "plugin.video.media-ccc-de";
-          src = sources."plugin.video.media-ccc-de";
-          propagatedBuildInputs = with p; [
-            requests
-            routing
-          ];
-        })
-      ])).override {
-        kodi = (pkgs.kodi.override { waylandSupport = true; }).overrideAttrs ({ patches ? [ ], ... }: {
-          patches = patches ++ [
-            #(pkgs.fetchpatch {
-            #  url = "https://github.com/xbmc/xbmc/pull/20632/commits/3f02f813997d19d15917fb4eb3387c60a3696837.patch";
-            #  sha256 = "0f8f3245f3jg5ghvfyjhbvjvv3xz8gnbmhzwwvvdd55m3yz19m94";
-            #})
-          ];
-        });
-      })
-    )
+    rockpi4.kodi
+    rockpi4.mpv
   ];
 
   networking.firewall.extraStopCommands = ''