diff options
author | tv <tv@krebsco.de> | 2016-06-30 16:24:41 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2016-06-30 16:26:13 +0200 |
commit | 1542f9bbee823025f703e6abf3836905cee416fd (patch) | |
tree | 8815c72a69e6754c7e8d2be9247cb00220290ad7 | |
parent | c4276ef5d95624c9a4b5121a513e97634ecb0748 (diff) |
miefda: stash
-rw-r--r-- | krebs/3modules/default.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/miefda/default.nix | 39 | ||||
-rw-r--r-- | miefda/1systems/bobby.nix | 102 | ||||
-rw-r--r-- | miefda/2configs/git.nix | 91 | ||||
-rw-r--r-- | miefda/2configs/hardware-configuration.nix | 23 | ||||
-rw-r--r-- | miefda/2configs/miefda.nix | 8 | ||||
-rw-r--r-- | miefda/2configs/tinc-basic-retiolum.nix | 14 | ||||
-rw-r--r-- | miefda/2configs/tlp.nix | 25 | ||||
-rw-r--r-- | miefda/2configs/x220t.nix | 27 | ||||
-rw-r--r-- | miefda/default.nix | 6 |
10 files changed, 0 insertions, 336 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 84ce5ad48..a38d2b227 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -91,7 +91,6 @@ let imp = lib.mkMerge [ { krebs = import ./lass { inherit config lib; }; } { krebs = import ./makefu { inherit config lib; }; } - { krebs = import ./miefda { inherit config lib; }; } { krebs = import ./shared { inherit config lib; }; } { krebs = import ./tv { inherit config lib; }; } { diff --git a/krebs/3modules/miefda/default.nix b/krebs/3modules/miefda/default.nix deleted file mode 100644 index a03f7ff4d..000000000 --- a/krebs/3modules/miefda/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ config, lib, ... }: - -with config.krebs.lib; - -{ - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.miefda) { - bobby = { - cores = 4; - nets = { - retiolum = { - ip4.addr = "10.243.111.112"; - ip6.addr = "42:0:0:0:0:0:111:112"; - aliases = [ - "bobby.retiolum" - "cgit.bobby.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+AScnIqFdzGl+iRZTNZ7r91n/r1H4GzDsrAupUvJ4mi7nDN4eP8s - uLvKtJp22RxfuF3Kf4KhHb8LHQ8bLLN/KDaNDXrCNBc69d7vvLsjoY+wfGLJNu4Y - Ad/8J4r3rdb83mTA3IHb47T/70MERPBr2gF84YiG6ZoQrPQuTk4lHxaI83SOhjny - 0F0ucS/rBV6Vv9y5/756TKi1cFPSpY4X+qeWc8xWrBGJcJiiqYb8ZX2o/lkAJ5c+ - jI/VdybGFVGY9+bp4Jw5xBIo5KGuFnm8+blRmSDDl3joRneKQSx9FAu7RUwoajBu - cEbi1529NReQzIFT6Vt22ymbHftxOiuh4QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - #ssh.privkey.path = <secrets/ssh.ed25519>; - #ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+7Qa51l0NSkBiaK2s8vQEoeObV3UPZyEzMxfUK/ZAO root@stro"; - }; - }; - users = { - miefda = { - mail = "miefda@miefda.de"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCVdNCks6mrItKHYIwgW3s+NINFhHqZtLPj3l6TJUWd93ZSuuI6P+Z/0m0G9Z4tWWaXWsOCnzMA2WOKcitBbLcaQxVypJfvmfoA5CVlh4/nf8NfvbMFkVIYPehxR7YoejfKOxPOCNC3248RiD8kqa4/5IF8qdqE+mRQUIZJXvN0jZZ+rGnYo5Z544O9JqsV+VjjOgK0Fchpxf/lC8dnBucIce7gUwi5npwsGQZgSDmRobBRFVDZag1abLFNZN2faI8uqzSlU6KRRapYV266Of7j3kmDokMan4szjP1EexmTWm+arwRiz9p0M5oKs6zofez0mOyF5ux02NB3XIhbJc8CfMjeA7PmSg4ZhghjlSjIOR+1mMIDiDVi6PNLw5atzvpyfYtpf5sWpdIpXCS0lyzIgasqW4gbAiWoFPv5A0mw0QI6UqlxQ8Pdm6R7P6yQxyknrxnvFGMQPiqgl21ssSNA9A+YRd4j0nATntzOeD1bxTZkyU4FtW++0hg3Ph6HiHLfPd9w70wPr7b0RITVnBcN2ZqIO+5NIqQYU801FCNXsTuBh0ueTsVTGJYySUGkmkHyH5spLYdr1Z5w+4W+HgbxPk40pyZJ18S0umL49igxR9NsniucFy1/jqqi0TiDIsHx6vsawFT1F2rq9ZtGaRcJL6Yfz0p+uZC5rc/nI+mMlQ== miefda@nixos"; - }; - }; -} diff --git a/miefda/1systems/bobby.nix b/miefda/1systems/bobby.nix deleted file mode 100644 index b85e686b5..000000000 --- a/miefda/1systems/bobby.nix +++ /dev/null @@ -1,102 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = - [ # Include the results of the hardware scan. - ../. - ../2configs/miefda.nix - ../2configs/tlp.nix - ../2configs/x220t.nix - ../2configs/hardware-configuration.nix - ../2configs/tinc-basic-retiolum.nix - ../2configs/git.nix - ]; - - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - - # Select internationalisation properties. - i18n = { - # consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "us"; - # defaultLocale = "en_US.UTF-8"; - }; - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # List packages installed in system profile. To search by name, run: - # $ nix-env -qaP | grep wget - environment.systemPackages = with pkgs; [ - wget chromium - ]; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - services.printing.enable = true; - - # Enable the X11 windowing system. - services.xserver.enable = true; - services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable the KDE Desktop Environment. - #services.xserver.displayManager.kdm.enable = true; - services.xserver.desktopManager = { - xfce.enable = true; - xterm.enable= false; - }; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.extraUsers.miefda = { - isNormalUser = true; - initialPassword= "welcome"; - uid = 1000; - extraGroups= [ - "wheel" - ]; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "15.09"; - - - networking.hostName = config.krebs.build.host.name; - - krebs = { - enable = true; - search-domain = "retiolum"; - build = { - host = config.krebs.hosts.bobby; - user = config.krebs.users.miefda; - source = { - git.nixpkgs = { - url = https://github.com/Lassulus/nixpkgs; - rev = "363c8430f1efad8b03d5feae6b3a4f2fe7b29251"; - target-path = "/var/src/nixpkgs"; - }; - dir.secrets = { - host = config.krebs.hosts.bobby; - path = "/home/miefda/secrets/${config.krebs.build.host.name}"; - }; - dir.stockholm = { - host = config.krebs.hosts.bobby; - path = "/home/miefda/gits/stockholm"; - }; - }; - }; - }; -} diff --git a/miefda/2configs/git.nix b/miefda/2configs/git.nix deleted file mode 100644 index 51679d2a5..000000000 --- a/miefda/2configs/git.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; - -let - - out = { - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories at ${config.krebs.build.host.name}"; - root-desc = "keep calm and engage"; - }; - }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; - rules = rules; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - - repos = - public-repos // - optionalAttrs config.krebs.build.host.secure restricted-repos; - - rules = concatMap make-rules (attrValues repos); - - public-repos = mapAttrs make-public-repo { - painload = {}; - stockholm = { - cgit.desc = "take all the computers hostage, they'll love you!"; - }; - #wai-middleware-time = {}; - #web-routes-wai-custom = {}; - #go = {}; - #newsbot-js = {}; - #kimsufi-check = {}; - #realwallpaper = {}; - }; - - restricted-repos = mapAttrs make-restricted-repo ( - { - brain = { - collaborators = with config.krebs.users; [ tv makefu ]; - }; - } // - import <secrets/repos.nix> { inherit config lib pkgs; } - ); - - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - hooks = { - post-receive = pkgs.git-hooks.irc-announce { - # TODO make nick = config.krebs.build.host.name the default - nick = config.krebs.build.host.name; - channel = "#retiolum"; - server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "bobby"; - }; - }; - }; - - make-restricted-repo = name: { collaborators ? [], ... }: { - inherit collaborators name; - public = false; - }; - - make-rules = - with git // config.krebs.users; - repo: - singleton { - user = miefda; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - } ++ - optional repo.public { - user = [ lass tv makefu uriel ]; - repo = [ repo ]; - perm = fetch; - } ++ - optional (length (repo.collaborators or []) > 0) { - user = repo.collaborators; - repo = [ repo ]; - perm = fetch; - }; - -in out diff --git a/miefda/2configs/hardware-configuration.nix b/miefda/2configs/hardware-configuration.nix deleted file mode 100644 index 3eb1f43fe..000000000 --- a/miefda/2configs/hardware-configuration.nix +++ /dev/null @@ -1,23 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -{ - imports = - [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - ]; - - boot.initrd.availableKernelModules = [ "ehci_pci" "ata_piix" "usb_storage" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/4db70ae3-1ff9-43d7-8fcc-83264761a0bb"; - fsType = "ext4"; - }; - - swapDevices = [ ]; - - nix.maxJobs = 4; -} diff --git a/miefda/2configs/miefda.nix b/miefda/2configs/miefda.nix deleted file mode 100644 index f17e8aa34..000000000 --- a/miefda/2configs/miefda.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; -{ - - #networking.wicd.enable = true; - -} diff --git a/miefda/2configs/tinc-basic-retiolum.nix b/miefda/2configs/tinc-basic-retiolum.nix deleted file mode 100644 index f82fd6b03..000000000 --- a/miefda/2configs/tinc-basic-retiolum.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; -{ - krebs.retiolum = { - enable = true; - connectTo = [ - "gum" - "pigstarter" - "prism" - "ire" - ]; - }; -} diff --git a/miefda/2configs/tlp.nix b/miefda/2configs/tlp.nix deleted file mode 100644 index 32f4f2ee7..000000000 --- a/miefda/2configs/tlp.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; -{ - hardware.enableAllFirmware = true; - nixpkgs.config.allowUnfree = true; - - hardware.cpu.intel.updateMicrocode = true; - - zramSwap.enable = true; - zramSwap.numDevices = 2; - - hardware.trackpoint = { - enable = true; - sensitivity = 220; - speed = 220; - emulateWheel = true; - }; - - - services.tlp.enable = true; - services.tlp.extraConfig = '' - START_CHARGE_THRESH_BAT0=80 - ''; -} diff --git a/miefda/2configs/x220t.nix b/miefda/2configs/x220t.nix deleted file mode 100644 index 2d128e533..000000000 --- a/miefda/2configs/x220t.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; -{ - - services.xserver = { - xkbVariant = "altgr-intl"; - videoDriver = "intel"; - # vaapiDrivers = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; - deviceSection = '' - Option "AccelMethod" "sna" - ''; - }; - - - - services.xserver.displayManager.sessionCommands ='' - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 - # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 - ''; - - hardware.bluetooth.enable = true; - - -} diff --git a/miefda/default.nix b/miefda/default.nix deleted file mode 100644 index 7f275c2eb..000000000 --- a/miefda/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: -{ - imports = [ - ../krebs - ]; -} |