diff options
author | nin <nin@c-base.org> | 2018-01-11 23:03:10 +0100 |
---|---|---|
committer | nin <nin@c-base.org> | 2018-01-11 23:03:10 +0100 |
commit | 3ee37b596f64f01865cd3f7f9c32e75cebae9fae (patch) | |
tree | fad1dedf3605b14b82584d65b4a062568cb14ea7 /jeschli | |
parent | 9c6c3a99efecadd011052c34257db5fe9d604cb3 (diff) | |
parent | ff1f2c25af32e6c7370af6871de39af9fba872d3 (diff) |
Merge branch 'master' of prism:stockholm
Diffstat (limited to 'jeschli')
-rw-r--r-- | jeschli/1systems/bln/config.nix | 14 | ||||
-rw-r--r-- | jeschli/1systems/brauerei/config.nix | 2 | ||||
-rw-r--r-- | jeschli/1systems/enklave/config.nix | 45 | ||||
-rw-r--r-- | jeschli/1systems/enklave/source.nix | 3 | ||||
-rw-r--r-- | jeschli/1systems/reagenzglas/config.nix | 1 | ||||
-rw-r--r-- | jeschli/2configs/default.nix | 2 | ||||
-rw-r--r-- | jeschli/2configs/os-templates/CentOS-7-64bit.nix | 16 | ||||
-rw-r--r-- | jeschli/2configs/retiolum.nix | 4 | ||||
-rw-r--r-- | jeschli/2configs/urxvt.nix | 2 | ||||
-rw-r--r-- | jeschli/source.nix | 2 |
10 files changed, 84 insertions, 7 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 901970e..9e5f8c5 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -36,9 +36,9 @@ } ]; - networking.hostName = "BLN02NB0154"; # Define your hostname. + networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname. networking.networkmanager.enable = true; - #networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Select internationalisation properties. # i18n = { @@ -54,7 +54,11 @@ # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget nixpkgs.config.allowUnfree = true; - environment.shellAliases = { n = "nix-shell"; }; + environment.shellAliases = { + n = "nix-shell"; + gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; + gh = "cd /home/markus/go/src/github.com"; + }; environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; }; environment.systemPackages = with pkgs; [ # system helper @@ -62,6 +66,7 @@ copyq dmenu git + tig i3lock keepass networkmanagerapplet @@ -72,6 +77,8 @@ rxvt_unicode # editors emacs + # databases + sqlite # internet thunderbird hipchat @@ -91,6 +98,7 @@ jetbrains.pycharm-professional jetbrains.webstorm jetbrains.goland + jetbrains.datagrip texlive.combined.scheme-full pandoc redis diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 171a002..2dec457 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -96,7 +96,7 @@ # Enable the X11 windowing system. services.xserver.enable = true; - # services.xserver.layout = "us"; + services.xserver.layout = "us"; # services.xserver.xkbOptions = "eurosign:e"; # Enable touchpad support. diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix new file mode 100644 index 0000000..0100890 --- /dev/null +++ b/jeschli/1systems/enklave/config.nix @@ -0,0 +1,45 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + <stockholm/jeschli> + <stockholm/jeschli/2configs/retiolum.nix> + <stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix> + { + networking.dhcpcd.allowInterfaces = [ + "enp*" + "eth*" + "ens*" + ]; + } + { + services.openssh.enable = true; + } + { + sound.enable = false; + } + { + users.extraUsers = { + root.initialPassword = "pfeife123"; + root.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos" + ]; + jeschli = { + name = "jeschli"; + uid = 1000; + home = "/home/jeschli"; + group = "users"; + createHome = true; + useDefaultShell = true; + extraGroups = [ + ]; + openssh.authorizedKeys.keys = [ +"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos" + ]; + }; + }; + } + ]; + + krebs.build.host = config.krebs.hosts.enklave; +} diff --git a/jeschli/1systems/enklave/source.nix b/jeschli/1systems/enklave/source.nix new file mode 100644 index 0000000..4f9f37b --- /dev/null +++ b/jeschli/1systems/enklave/source.nix @@ -0,0 +1,3 @@ +import <stockholm/jeschli/source.nix> { + name = "enklave"; +} diff --git a/jeschli/1systems/reagenzglas/config.nix b/jeschli/1systems/reagenzglas/config.nix index d65e897..eb2ba17 100644 --- a/jeschli/1systems/reagenzglas/config.nix +++ b/jeschli/1systems/reagenzglas/config.nix @@ -29,7 +29,6 @@ allowDiscards = true; } ]; - networking.hostName = "reaganzglas"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. networking.networkmanager.enable = true; # Select internationalisation properties. diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix index 7fb2409..6d788d2 100644 --- a/jeschli/2configs/default.nix +++ b/jeschli/2configs/default.nix @@ -4,6 +4,7 @@ with import <stockholm/lib>; imports = [ ./vim.nix ./retiolum.nix + <stockholm/lass/2configs/security-workarounds.nix> { environment.variables = { NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; @@ -63,4 +64,5 @@ with import <stockholm/lib>; ]; krebs.enable = true; + networking.hostName = config.krebs.build.host.name; } diff --git a/jeschli/2configs/os-templates/CentOS-7-64bit.nix b/jeschli/2configs/os-templates/CentOS-7-64bit.nix new file mode 100644 index 0000000..fb34e94 --- /dev/null +++ b/jeschli/2configs/os-templates/CentOS-7-64bit.nix @@ -0,0 +1,16 @@ +_: + +{ + imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ]; + + boot.loader.grub = { + device = "/dev/sda"; + splashImage = null; + }; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; + + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; +} diff --git a/jeschli/2configs/retiolum.nix b/jeschli/2configs/retiolum.nix index 403300b..b611cbe 100644 --- a/jeschli/2configs/retiolum.nix +++ b/jeschli/2configs/retiolum.nix @@ -9,6 +9,7 @@ "gum" "ni" "dishfire" + "enklave" ]; }; @@ -16,6 +17,9 @@ tinc = pkgs.tinc_pre; }; + networking.firewall.allowedTCPPorts = [ 655 ]; + networking.firewall.allowedUDPPorts = [ 655 ]; + environment.systemPackages = [ pkgs.tinc ]; diff --git a/jeschli/2configs/urxvt.nix b/jeschli/2configs/urxvt.nix index a2e02de..69811eb 100644 --- a/jeschli/2configs/urxvt.nix +++ b/jeschli/2configs/urxvt.nix @@ -28,7 +28,7 @@ with import <stockholm/lib>; URxvt*scrollBar: false URxvt*urgentOnBell: true - URxvt*font: xft:DejaVu Sans Mono:pixelsize=20 + URxvt*font: xft:DejaVu Sans Mono:pixelsize=12 URXvt*faceSize: 12 ''; } diff --git a/jeschli/source.nix b/jeschli/source.nix index d1b64b0..382dd61 100644 --- a/jeschli/source.nix +++ b/jeschli/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "f9390d6"; + ref = "0653b73"; }; secrets.file = getAttr builder { buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>; |