summaryrefslogtreecommitdiffstats
path: root/jeschli/2configs
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2018-01-10 15:30:51 +0100
committerlassulus <lassulus@lassul.us>2018-01-10 15:30:51 +0100
commit279ce3bbbc562d53ba4696c90025671be32b5e0e (patch)
tree5c2a8b12424aaa2eb5a02f350ca6304a1436dc01 /jeschli/2configs
parent42e1d088367412b3f2a340a242285c5734508735 (diff)
parent94c785281a89711742bb32cde94b9ccbb7603c21 (diff)
Merge remote-tracking branch 'prism/staging/jeschli'
Diffstat (limited to 'jeschli/2configs')
-rw-r--r--jeschli/2configs/default.nix2
-rw-r--r--jeschli/2configs/os-templates/CentOS-7-64bit.nix16
-rw-r--r--jeschli/2configs/retiolum.nix4
3 files changed, 22 insertions, 0 deletions
diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix
index 7fb240951..6d788d283 100644
--- a/jeschli/2configs/default.nix
+++ b/jeschli/2configs/default.nix
@@ -4,6 +4,7 @@ with import <stockholm/lib>;
imports = [
./vim.nix
./retiolum.nix
+ <stockholm/lass/2configs/security-workarounds.nix>
{
environment.variables = {
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
@@ -63,4 +64,5 @@ with import <stockholm/lib>;
];
krebs.enable = true;
+ networking.hostName = config.krebs.build.host.name;
}
diff --git a/jeschli/2configs/os-templates/CentOS-7-64bit.nix b/jeschli/2configs/os-templates/CentOS-7-64bit.nix
new file mode 100644
index 000000000..fb34e94e2
--- /dev/null
+++ b/jeschli/2configs/os-templates/CentOS-7-64bit.nix
@@ -0,0 +1,16 @@
+_:
+
+{
+ imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
+
+ fileSystems."/" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+}
diff --git a/jeschli/2configs/retiolum.nix b/jeschli/2configs/retiolum.nix
index 403300b30..b611cbe7d 100644
--- a/jeschli/2configs/retiolum.nix
+++ b/jeschli/2configs/retiolum.nix
@@ -9,6 +9,7 @@
"gum"
"ni"
"dishfire"
+ "enklave"
];
};
@@ -16,6 +17,9 @@
tinc = pkgs.tinc_pre;
};
+ networking.firewall.allowedTCPPorts = [ 655 ];
+ networking.firewall.allowedUDPPorts = [ 655 ];
+
environment.systemPackages = [
pkgs.tinc
];