diff options
author | makefu <github@syntax-fehler.de> | 2016-07-20 20:35:30 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2016-07-20 20:35:30 +0200 |
commit | e03ae6d79d77e654bb586475b52c7e6aa24ac06f (patch) | |
tree | 30b65d3e4aa7425180fea6f1cabd0091f0529d41 | |
parent | df7416dc319e6815e32fa5fb32ba00d41481d368 (diff) |
m 1 wbob: add missing
-rw-r--r-- | makefu/1systems/wbob.nix | 14 | ||||
-rw-r--r-- | makefu/2configs/temp/share-samba.nix | 36 |
2 files changed, 44 insertions, 6 deletions
diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix index 45b935af0..e8e0b091f 100644 --- a/makefu/1systems/wbob.nix +++ b/makefu/1systems/wbob.nix @@ -1,5 +1,7 @@ { config, pkgs, ... }: -{ +let rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115"; +in { + makefu.awesome = { modkey = "Mod1"; #TODO: integrate kiosk config into full config by templating the autostart @@ -9,19 +11,19 @@ [ # Include the results of the hardware scan. ../. ../2configs/main-laptop.nix + ../2configs/virtualization.nix + ../2configs/tinc/retiolum.nix ]; krebs = { enable = true; - retiolum.enable = true; build.host = config.krebs.hosts.wbob; }; networking.firewall.allowedUDPPorts = [ 1655 ]; - networking.firewall.allowedTCPPorts = [ 1655 ]; + networking.firewall.allowedTCPPorts = [ 1655 49152 ]; services.tinc.networks.siem = { name = "display"; extraConfig = '' ConnectTo = sjump - Port = 1655 ''; }; @@ -35,12 +37,12 @@ # nuc hardware - boot.loader.grub.device = "/dev/sda"; + boot.loader.grub.device = rootdisk; hardware.cpu.intel.updateMicrocode = true; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.kernelModules = [ "kvm-intel" ]; fileSystems."/" = { - device = "/dev/sda1"; + device = rootdisk + "-part1"; fsType = "ext4"; }; diff --git a/makefu/2configs/temp/share-samba.nix b/makefu/2configs/temp/share-samba.nix new file mode 100644 index 000000000..c021e66c6 --- /dev/null +++ b/makefu/2configs/temp/share-samba.nix @@ -0,0 +1,36 @@ +{config, ... }:{ + users.users.smbguest = { + name = "smbguest"; + uid = config.ids.uids.smbguest; + description = "smb guest user"; + home = "/var/empty"; + }; + + networking.firewall.allowedTCPPorts = [ + 139 445 # samba + ]; + + networking.firewall.allowedUDPPorts = [ + 137 138 + ]; + services.samba = { + enable = true; + shares = { + share-home = { + path = "/home/share/"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + }; + extraConfig = '' + guest account = smbguest + map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; +} |