summaryrefslogtreecommitdiffstats
path: root/lass/1systems/archprism
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-01-25 11:28:26 +0100
committertv <tv@krebsco.de>2021-01-25 11:28:26 +0100
commita0ca091cbf4e9ca41390ad9d54844c9eb2660406 (patch)
treeaae89f223f953a81da400d6f7deac1d5ae5d240e /lass/1systems/archprism
parent1cd73df0c8694f491d40f93a796ea58f150e88dc (diff)
parent71206dc6a2852dd69664e85aa6dcb49676ec1f6e (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems/archprism')
-rw-r--r--lass/1systems/archprism/config.nix54
-rw-r--r--lass/1systems/archprism/physical.nix77
2 files changed, 0 insertions, 131 deletions
diff --git a/lass/1systems/archprism/config.nix b/lass/1systems/archprism/config.nix
deleted file mode 100644
index 0a2ab1611..000000000
--- a/lass/1systems/archprism/config.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{ config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-
-{
- imports = [
- <stockholm/lass>
- <stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/libvirt.nix>
- { # TODO make new hfos.nix out of this vv
- boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
- users.users.riot = {
- uid = genid_uint31 "riot";
- isNormalUser = true;
- extraGroups = [ "libvirtd" ];
- openssh.authorizedKeys.keys = [
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6o6sdTu/CX1LW2Ff5bNDqGEAGwAsjf0iIe5DCdC7YikCct+7x4LTXxY+nDlPMeGcOF88X9/qFwdyh+9E4g0nUAZaeL14Uc14QDqDt/aiKjIXXTepxE/i4JD9YbTqStAnA/HYAExU15yqgUdj2dnHu7OZcGxk0ZR1OY18yclXq7Rq0Fd3pN3lPP1T4QHM9w66r83yJdFV9szvu5ral3/QuxQnCNohTkR6LoJ4Ny2RbMPTRtb+jPbTQYTWUWwV69mB8ot5nRTP4MRM9pu7vnoPF4I2S5DvSnx4C5zdKzsb7zmIvD4AmptZLrXj4UXUf00Xf7Js5W100Ne2yhYyhq+35 riot@lagrange"
- ];
- };
-
- # TODO write function for proxy_pass (ssl/nonssl)
-
- krebs.iptables.tables.filter.FORWARD.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 192.168.122.179"; target = "ACCEPT"; }
- ];
- krebs.iptables.tables.nat.PREROUTING.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; }
- ];
- }
- <stockholm/lass/2configs/container-networking.nix>
- {
- services.taskserver = {
- enable = true;
- fqdn = "lassul.us";
- listenHost = "::";
- listenPort = 53589;
- organisations.lass.users = [ "lass" "android" ];
- };
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
- ];
- }
- {
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
- ];
- }
- ];
-
- krebs.build.host = config.krebs.hosts.archprism;
- services.earlyoom = {
- enable = true;
- freeMemThreshold = 5;
- };
-}
diff --git a/lass/1systems/archprism/physical.nix b/lass/1systems/archprism/physical.nix
deleted file mode 100644
index 36de7dc17..000000000
--- a/lass/1systems/archprism/physical.nix
+++ /dev/null
@@ -1,77 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
- imports = [
- ./config.nix
- {
- boot.kernelParams = [ "net.ifnames=0" ];
- networking = {
- defaultGateway = "46.4.114.225";
- # Use google's public DNS server
- nameservers = [ "8.8.8.8" ];
- interfaces.eth0 = {
- ipAddress = "46.4.114.247";
- prefixLength = 27;
- };
- };
- # TODO use this network config
- networking.interfaces.eth0.ipv4.addresses = [
- {
- address = config.krebs.build.host.nets.internet.ip4.addr;
- prefixLength = 27;
- }
- {
- address = "46.4.114.243";
- prefixLength = 27;
- }
- ];
- #networking.defaultGateway = "46.4.114.225";
- #networking.nameservers = [
- # "8.8.8.8"
- #];
- #services.udev.extraRules = ''
- # SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
- #'';
- }
- {
- imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
-
- networking.hostId = "fb4173ea";
- boot.loader.grub = {
- devices = [
- "/dev/sda"
- "/dev/sdb"
- ];
- splashImage = null;
- };
-
- boot.initrd.availableKernelModules = [
- "ata_piix"
- "vmw_pvscsi"
- "ahci" "sd_mod"
- ];
-
- boot.kernelModules = [ "kvm-intel" ];
-
- sound.enable = false;
- nixpkgs.config.allowUnfree = true;
- time.timeZone = "Europe/Berlin";
-
- fileSystems."/" = {
- device = "rpool/root/nixos";
- fsType = "zfs";
- };
-
- fileSystems."/home" = {
- device = "rpool/home";
- fsType = "zfs";
- };
-
- fileSystems."/boot" = {
- device = "/dev/disk/by-uuid/b67c3370-1597-4ce8-8a46-e257ca32150d";
- fsType = "ext4";
- };
-
- }
- ];
-
-}