summaryrefslogtreecommitdiffstats
path: root/lass/1systems
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-07-09 13:11:05 +0200
committertv <tv@krebsco.de>2016-07-09 13:11:05 +0200
commit91ccc70745c232834f180e3b1cfff571cd04b267 (patch)
tree02c3d5b08771493297e8cad9665ccd13e4f785de /lass/1systems
parentdd9dbb3a896d1a0f610d60509a6d02f1737bc74b (diff)
parentec183d5531455d60b4c2423d657963b496e47b4b (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems')
-rw-r--r--lass/1systems/helios.nix44
-rw-r--r--lass/1systems/mors.nix15
-rw-r--r--lass/1systems/prism.nix27
-rw-r--r--lass/1systems/uriel.nix4
4 files changed, 70 insertions, 20 deletions
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index 51d2afe84..5f161d731 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -1,10 +1,11 @@
{ config, pkgs, ... }:
with builtins;
+with config.krebs.lib;
+
{
imports = [
../.
- ../2configs/baseX.nix
../2configs/exim-retiolum.nix
../2configs/browsers.nix
../2configs/programs.nix
@@ -12,6 +13,36 @@ with builtins;
../2configs/pass.nix
../2configs/fetchWallpaper.nix
../2configs/backups.nix
+
+ #{
+ # # conflicting stuff with gnome setup
+ # # TODO: fix this
+ # imports = [
+ # ../2configs/baseX.nix
+ # ];
+ # networking.wireless.enable = true;
+ #}
+ {
+ # gnome3 for suja
+ imports = [
+ ../2configs/default.nix
+ ];
+ services.xserver.enable = true;
+ services.xserver.desktopManager.gnome3.enable = true;
+ users.users.suja = {
+ uid = genid "suja";
+ home = "/home/suja";
+ group = "users";
+ createHome = true;
+ useDefaultShell = true;
+ extraGroups = [
+ ];
+ };
+ environment.systemPackages = with pkgs; [
+ firefox
+ chromium
+ ];
+ }
#{
# users.extraUsers = {
# root = {
@@ -21,11 +52,11 @@ with builtins;
# };
# };
#}
- {
- services.elasticsearch = {
- enable = true;
- };
- }
+ #{
+ # services.elasticsearch = {
+ # enable = true;
+ # };
+ #}
{
lass.power-action.battery = "BAT1";
}
@@ -33,7 +64,6 @@ with builtins;
krebs.build.host = config.krebs.hosts.helios;
- networking.wireless.enable = true;
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index d065d4dfa..84191da0b 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -47,12 +47,15 @@
# ];
# };
#}
- #{
- # services.postgresql = {
- # enable = true;
- # package = pkgs.postgresql;
- # };
- #}
+ {
+ #zalando project
+ services.postgresql = {
+ enable = true;
+ package = pkgs.postgresql;
+ };
+ virtualisation.docker.enable = true;
+ users.users.mainUser.extraGroups = [ "docker" ];
+ }
{
lass.umts = {
enable = true;
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 5477a8b86..270bb6fc2 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,5 +1,7 @@
{ config, lib, pkgs, ... }:
+with config.krebs.lib;
+
let
ip = config.krebs.build.host.nets.internet.ip4.addr;
@@ -24,11 +26,22 @@ in {
{
imports = [
../2configs/git.nix
- ( manageCerts [ "cgit.lassul.us" ])
- ];
- krebs.nginx.servers.cgit.server-names = [
- "cgit.lassul.us"
];
+ krebs.nginx.servers.cgit = {
+ server-names = [
+ "cgit.lassul.us"
+ ];
+ locations = [
+ (nameValuePair "/.well-known/acme-challenge" ''
+ root /var/lib/acme/challenges/cgit.lassul.us/;
+ '')
+ ];
+ ssl = {
+ enable = true;
+ certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
+ certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem";
+ };
+ };
}
{
users.extraGroups = {
@@ -189,7 +202,6 @@ in {
lass.ejabberd = {
enable = true;
hosts = [ "lassul.us" ];
- certfile = "/var/lib/acme/lassul.us/full.pem";
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
@@ -206,6 +218,11 @@ in {
'')
];
}
+ {
+ environment.systemPackages = with pkgs; [
+ mk_sql_pair
+ ];
+ }
];
krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 83553f5ca..6b56419d7 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -39,8 +39,8 @@ with builtins;
#loader.grub.version = 2;
#loader.grub.device = "/dev/sda";
- loader.systemd-boot.enable = true;
- loader.timeout = 5;
+ loader.gummiboot.enable = true;
+ loader.gummiboot.timeout = 5;
initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];