summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornin <nin@c-base.org>2018-01-11 23:03:10 +0100
committernin <nin@c-base.org>2018-01-11 23:03:10 +0100
commit3ee37b596f64f01865cd3f7f9c32e75cebae9fae (patch)
treefad1dedf3605b14b82584d65b4a062568cb14ea7
parent9c6c3a99efecadd011052c34257db5fe9d604cb3 (diff)
parentff1f2c25af32e6c7370af6871de39af9fba872d3 (diff)
Merge branch 'master' of prism:stockholm
Diffstat
-rw-r--r--jeschli/1systems/bln/config.nix14
-rw-r--r--jeschli/1systems/brauerei/config.nix2
-rw-r--r--jeschli/1systems/enklave/config.nix45
-rw-r--r--jeschli/1systems/enklave/source.nix3
-rw-r--r--jeschli/1systems/reagenzglas/config.nix1
-rw-r--r--jeschli/2configs/default.nix2
-rw-r--r--jeschli/2configs/os-templates/CentOS-7-64bit.nix16
-rw-r--r--jeschli/2configs/retiolum.nix4
-rw-r--r--jeschli/2configs/urxvt.nix2
-rw-r--r--jeschli/source.nix2
-rw-r--r--mv/source.nix2
-rw-r--r--tv/1systems/wu/config.nix6
-rw-r--r--tv/2configs/default.nix2
-rw-r--r--tv/2configs/hw/w110er.nix17
-rw-r--r--tv/2configs/vim.nix2
-rw-r--r--tv/source.nix10
16 files changed, 111 insertions, 19 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 901970e..9e5f8c5 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -36,9 +36,9 @@
}
];
- networking.hostName = "BLN02NB0154"; # Define your hostname.
+ networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname.
networking.networkmanager.enable = true;
- #networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
+ # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
@@ -54,7 +54,11 @@
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
nixpkgs.config.allowUnfree = true;
- environment.shellAliases = { n = "nix-shell"; };
+ environment.shellAliases = {
+ n = "nix-shell";
+ gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
+ gh = "cd /home/markus/go/src/github.com";
+ };
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
environment.systemPackages = with pkgs; [
# system helper
@@ -62,6 +66,7 @@
copyq
dmenu
git
+ tig
i3lock
keepass
networkmanagerapplet
@@ -72,6 +77,8 @@
rxvt_unicode
# editors
emacs
+ # databases
+ sqlite
# internet
thunderbird
hipchat
@@ -91,6 +98,7 @@
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
+ jetbrains.datagrip
texlive.combined.scheme-full
pandoc
redis
diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 171a002..2dec457 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -96,7 +96,7 @@
# Enable the X11 windowing system.
services.xserver.enable = true;
- # services.xserver.layout = "us";
+ services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable touchpad support.
diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix
new file mode 100644
index 0000000..0100890
--- /dev/null
+++ b/jeschli/1systems/enklave/config.nix
@@ -0,0 +1,45 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ <stockholm/jeschli>
+ <stockholm/jeschli/2configs/retiolum.nix>
+ <stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix>
+ {
+ networking.dhcpcd.allowInterfaces = [
+ "enp*"
+ "eth*"
+ "ens*"
+ ];
+ }
+ {
+ services.openssh.enable = true;
+ }
+ {
+ sound.enable = false;
+ }
+ {
+ users.extraUsers = {
+ root.initialPassword = "pfeife123";
+ root.openssh.authorizedKeys.keys = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
+ ];
+ jeschli = {
+ name = "jeschli";
+ uid = 1000;
+ home = "/home/jeschli";
+ group = "users";
+ createHome = true;
+ useDefaultShell = true;
+ extraGroups = [
+ ];
+ openssh.authorizedKeys.keys = [
+"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
+ ];
+ };
+ };
+ }
+ ];
+
+ krebs.build.host = config.krebs.hosts.enklave;
+}
diff --git a/jeschli/1systems/enklave/source.nix b/jeschli/1systems/enklave/source.nix
new file mode 100644
index 0000000..4f9f37b
--- /dev/null
+++ b/jeschli/1systems/enklave/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/jeschli/source.nix> {
+ name = "enklave";
+}
diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix
index d65e897..eb2ba17 100644
--- a/jeschli/1systems/reagenzglas/config.nix
+++ b/jeschli/1systems/reagenzglas/config.nix
@@ -29,7 +29,6 @@
allowDiscards = true;
}
];
- networking.hostName = "reaganzglas"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true;
# Select internationalisation properties.
diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix
index 7fb2409..6d788d2 100644
--- a/jeschli/2configs/default.nix
+++ b/jeschli/2configs/default.nix
@@ -4,6 +4,7 @@ with import <stockholm/lib>;
imports = [
./vim.nix
./retiolum.nix
+ <stockholm/lass/2configs/security-workarounds.nix>
{
environment.variables = {
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
@@ -63,4 +64,5 @@ with import <stockholm/lib>;
];
krebs.enable = true;
+ networking.hostName = config.krebs.build.host.name;
}
diff --git a/jeschli/2configs/os-templates/CentOS-7-64bit.nix b/jeschli/2configs/os-templates/CentOS-7-64bit.nix
new file mode 100644
index 0000000..fb34e94
--- /dev/null
+++ b/jeschli/2configs/os-templates/CentOS-7-64bit.nix
@@ -0,0 +1,16 @@
+_:
+
+{
+ imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
+
+ fileSystems."/" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+}
diff --git a/jeschli/2configs/retiolum.nix b/jeschli/2configs/retiolum.nix
index 403300b..b611cbe 100644
--- a/jeschli/2configs/retiolum.nix
+++ b/jeschli/2configs/retiolum.nix
@@ -9,6 +9,7 @@
"gum"
"ni"
"dishfire"
+ "enklave"
];
};
@@ -16,6 +17,9 @@
tinc = pkgs.tinc_pre;
};
+ networking.firewall.allowedTCPPorts = [ 655 ];
+ networking.firewall.allowedUDPPorts = [ 655 ];
+
environment.systemPackages = [
pkgs.tinc
];
diff --git a/jeschli/2configs/urxvt.nix b/jeschli/2configs/urxvt.nix
index a2e02de..69811eb 100644
--- a/jeschli/2configs/urxvt.nix
+++ b/jeschli/2configs/urxvt.nix
@@ -28,7 +28,7 @@ with import <stockholm/lib>;
URxvt*scrollBar: false
URxvt*urgentOnBell: true
- URxvt*font: xft:DejaVu Sans Mono:pixelsize=20
+ URxvt*font: xft:DejaVu Sans Mono:pixelsize=12
URXvt*faceSize: 12
'';
}
diff --git a/jeschli/source.nix b/jeschli/source.nix
index d1b64b0..382dd61 100644
--- a/jeschli/source.nix
+++ b/jeschli/source.nix
@@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "f9390d6";
+ ref = "0653b73";
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;
diff --git a/mv/source.nix b/mv/source.nix
index 2fa53a1..5f6b2fe 100644
--- a/mv/source.nix
+++ b/mv/source.nix
@@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/mv/1systems/${name}/config.nix";
nixpkgs.git = {
# nixos-17.09
- ref = mkDefault "d0f0657ca06cc8cb239cb94f430b53bcdf755887";
+ ref = mkDefault "0653b73bf61f3a23d28c38ab7e9c69a318d433de";
url = https://github.com/NixOS/nixpkgs;
};
secrets.file = getAttr builder {
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 5c59389..b3e084f 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -44,12 +44,6 @@ with import <stockholm/lib>;
};
};
- krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name;
- hardware.bumblebee.enable = true;
- hardware.bumblebee.group = "video";
- hardware.enableRedistributableFirmware= true;
- hardware.opengl.driSupport32Bit = true;
-
services.printing.enable = true;
services.udev.extraRules = ''
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 280552f..2ccab3d 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -1,6 +1,8 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: {
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+
boot.tmpOnTmpfs = true;
krebs.enable = true;
diff --git a/tv/2configs/hw/w110er.nix b/tv/2configs/hw/w110er.nix
index 787bfc6..55e9482 100644
--- a/tv/2configs/hw/w110er.nix
+++ b/tv/2configs/hw/w110er.nix
@@ -1,8 +1,20 @@
+with import <stockholm/lib>;
{ pkgs, ... }:
{
imports = [
../smartd.nix
+ {
+ # nvidia doesn't build despite
+ # https://github.com/NixOS/nixpkgs/issues/33284
+ #hardware.bumblebee.enable = true;
+ #hardware.bumblebee.group = "video";
+ #hardware.enableRedistributableFirmware= true;
+ #krebs.nixpkgs.allowUnfreePredicate = pkg:
+ # hasPrefix "nvidia-x11-" pkg.name ||
+ # hasPrefix "nvidia-persistenced-" pkg.name ||
+ # hasPrefix "nvidia-settings-" pkg.name;
+ }
];
boot.extraModprobeConfig = ''
@@ -15,6 +27,7 @@
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
+ hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = [ pkgs.vaapiIntel ];
networking.wireless.enable = true;
@@ -41,4 +54,8 @@
echo auto > $i/power/control # defaults to 'on'
done)
'';
+
+ services.xserver = {
+ videoDriver = "intel";
+ };
}
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 8a27b60..59619f9 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -233,7 +233,7 @@ let {
lua = {};
sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
sh.extraStart = concatStringsSep ''\|'' [
- ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
+ ''write\(A\|Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
''[a-z]*Phase[ \t\r\n]*=''
];
yaml = {};
diff --git a/tv/source.nix b/tv/source.nix
index 31308fc..b5e3f7c 100644
--- a/tv/source.nix
+++ b/tv/source.nix
@@ -1,8 +1,10 @@
with import <stockholm/lib>;
-host@{ name, secure ? false, override ? {} }: let
- builder = if getEnv "dummy_secrets" == "true"
- then "buildbot"
- else "tv";
+{ name
+, dummy_secrets ? getEnv "dummy_secrets" == "true"
+, override ? {}
+, secure ? false
+}@host: let
+ builder = if dummy_secrets then "buildbot" else "tv";
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
in
evalSource (toString _file) [
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-14 10:59:19 +0000