diff options
author | lassulus <lass@aidsballs.de> | 2016-06-25 18:38:30 +0200 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2016-06-25 18:39:08 +0200 |
commit | 2b74d0defdc3c97ffa5e1f18a5e86637f208d7cb (patch) | |
tree | 1bf34706c2ecdc1daf728132456f5ec8a1c444e5 /lass/2configs | |
parent | 6d1a29522a136adcfb3a5cfdd39cd0cdda0a794f (diff) |
l: cleanup
Diffstat (limited to 'lass/2configs')
-rw-r--r-- | lass/2configs/binary-caches.nix | 13 | ||||
-rw-r--r-- | lass/2configs/hw/tp-x220.nix | 50 | ||||
-rw-r--r-- | lass/2configs/realwallpaper-server.nix | 32 | ||||
-rw-r--r-- | lass/2configs/realwallpaper.nix | 29 | ||||
-rw-r--r-- | lass/2configs/wordpress.nix | 59 |
5 files changed, 77 insertions, 106 deletions
diff --git a/lass/2configs/binary-caches.nix b/lass/2configs/binary-caches.nix deleted file mode 100644 index c2727520d..000000000 --- a/lass/2configs/binary-caches.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, ... }: - -{ - nix.sshServe.enable = true; - nix.sshServe.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBF9SBNKE3Pw/ALwTfzpzs+j6Rpaf0kUy6FiPMmgNNNt root@mors" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCZSq5oLrokkh3F+MOdK5/nzVIEDvqyvfzLMNWmzsYD root@uriel" - ]; - nix.binaryCaches = [ - #"scp://nix-ssh@mors" - #"scp://nix-ssh@uriel" - ]; -} diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix new file mode 100644 index 000000000..e8d1e7b6d --- /dev/null +++ b/lass/2configs/hw/tp-x220.nix @@ -0,0 +1,50 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +{ + networking.wireless.enable = lib.mkDefault true; + + hardware.enableAllFirmware = true; + nixpkgs.config.allowUnfree = true; + + hardware.cpu.intel.updateMicrocode = true; + + zramSwap.enable = true; + zramSwap.numDevices = 2; + + hardware.trackpoint = { + enable = true; + sensitivity = 220; + speed = 0; + emulateWheel = true; + }; + + services.tlp.enable = true; + services.tlp.extraConfig = '' + # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery + #START_CHARGE_THRESH_BAT0=80 + STOP_CHARGE_THRESH_BAT0=95 + + CPU_SCALING_GOVERNOR_ON_AC=performance + CPU_SCALING_GOVERNOR_ON_BAT=ondemand + CPU_MIN_PERF_ON_AC=0 + CPU_MAX_PERF_ON_AC=100 + CPU_MIN_PERF_ON_BAT=0 + CPU_MAX_PERF_ON_BAT=30 + ''; + + boot = { + kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ]; + extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; + }; + + services.xserver = { + videoDriver = "intel"; + vaapiDrivers = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; + deviceSection = '' + Option "AccelMethod" "sna" + ''; + }; + + security.rngd.enable = true; +} diff --git a/lass/2configs/realwallpaper-server.nix b/lass/2configs/realwallpaper-server.nix deleted file mode 100644 index 7340fc7ca..000000000 --- a/lass/2configs/realwallpaper-server.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, lib, ... }: - -let - hostname = config.krebs.build.host.name; - inherit (lib) - nameValuePair - ; - -in { - imports = [ - ./realwallpaper.nix - ]; - - krebs.nginx.servers.wallpaper = { - server-names = [ - hostname - ]; - locations = [ - (nameValuePair "/wallpaper.png" '' - root /tmp/; - '') - ]; - }; - - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - }; -} diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index c69cb1660..2ab52ed92 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -1,5 +1,30 @@ -{ config, ... }: +{ config, lib, ... }: -{ +let + hostname = config.krebs.build.host.name; + inherit (lib) + nameValuePair + ; + +in { krebs.realwallpaper.enable = true; + + krebs.nginx.servers.wallpaper = { + server-names = [ + hostname + ]; + locations = [ + (nameValuePair "/wallpaper.png" '' + root /tmp/; + '') + ]; + }; + + krebs.iptables = { + tables = { + filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } + ]; + }; + }; } diff --git a/lass/2configs/wordpress.nix b/lass/2configs/wordpress.nix deleted file mode 100644 index bd59080d9..000000000 --- a/lass/2configs/wordpress.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ config, pkgs, ... }: - -{ - containers.wordpress = { - privateNetwork = true; - hostAddress = "192.168.101.1"; - localAddress = "192.168.101.2"; - - config = { - imports = [ - ../../krebs/3modules/iptables.nix - ]; - - krebs.iptables = { - enable = true; - tables = { - filter.INPUT.policy = "DROP"; - filter.FORWARD.policy = "DROP"; - filter.INPUT.rules = [ - { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } - { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } - { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } - { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } - { predicate = "-p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } - ]; - }; - }; - - environment.systemPackages = with pkgs; [ - iptables - ]; - - services.postgresql = { - enable = true; - package = pkgs.postgresql; - }; - - services.httpd = { - enable = true; - adminAddr = "root@apanowicz.de"; - extraModules = [ - { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; } - ]; - virtualHosts = [ - { - hostName = "wordpress"; - serverAliases = [ "wordpress" "www.wordpress" ]; - - extraSubservices = [ - { - serviceName = "wordpress"; - } - ]; - } - ]; - }; - }; - }; -} |