summaryrefslogtreecommitdiffstats
path: root/makefu/1systems/gum
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-07-17 20:22:52 +0200
committertv <tv@krebsco.de>2018-07-17 20:22:52 +0200
commit3dedfb8de4dc7e741f4db5310739884fba68b5bd (patch)
tree25e2955462d2998afe04356128f9d464d1b40b52 /makefu/1systems/gum
parent75aa3b118b6c74b2e87ccf7e3da53aa06fa7d569 (diff)
parent74698c904460db569a3c6c8355c0b25a94c98800 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/1systems/gum')
-rw-r--r--makefu/1systems/gum/config.nix53
-rw-r--r--makefu/1systems/gum/hardware-config.nix46
2 files changed, 61 insertions, 38 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 9b6d9d571..998ecd0fb 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -2,28 +2,13 @@
with import <stockholm/lib>;
let
- # hw-specific
- external-mac = "2a:c5:6e:d2:fc:7f";
- main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
- external-gw = "185.194.140.1";
- # single partition, label "nixos"
- # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate
-
-
- # static
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
- external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
- external-gw6 = "fe80::1";
- external-netmask = 22;
- external-netmask6 = 64;
- internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
- ext-if = "et0"; # gets renamed on the fly
+ ext-if = config.makefu.server.primary-itf;
in {
imports = [
<stockholm/makefu>
- <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+ ./hardware-config.nix
<stockholm/makefu/2configs/headless.nix>
- <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
# <stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/git/cgit-retiolum.nix>
@@ -49,6 +34,7 @@ in {
# <stockholm/makefu/2configs/sabnzbd.nix>
<stockholm/makefu/2configs/torrent.nix>
<stockholm/makefu/2configs/mosh.nix>
+ # <stockholm/makefu/2configs/retroshare.nix>
# network
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
@@ -90,6 +76,15 @@ in {
<stockholm/makefu/2configs/syncthing.nix>
# <stockholm/makefu/2configs/opentracker.nix>
+ <stockholm/makefu/2configs/hub.nix>
+ { # ncdc
+ environment.systemPackages = [ pkgs.ncdc ];
+ networking.firewall = {
+ allowedUDPPorts = [ 51411 ];
+ allowedTCPPorts = [ 51411 ];
+ };
+ }
+
<stockholm/makefu/2configs/stats/client.nix>
# <stockholm/makefu/2configs/logging/client.nix>
@@ -187,7 +182,6 @@ in {
];
};
- makefu.server.primary-itf = ext-if;
# access
users.users = {
@@ -200,6 +194,7 @@ in {
weechat
bepasty-client-cli
get
+ tmux
];
services.bitlbee = {
enable = true;
@@ -207,15 +202,8 @@ in {
};
# Hardware
- boot.loader.grub.device = main-disk;
- boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
- boot.kernelModules = [ "kvm-intel" ];
# Network
- services.udev.extraRules = ''
- SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
- '';
- boot.kernelParams = [ ];
networking = {
firewall = {
allowPing = true;
@@ -249,19 +237,8 @@ in {
21032
];
};
- interfaces."${ext-if}" = {
- ip4 = [{
- address = external-ip;
- prefixLength = external-netmask;
- }];
- ip6 = [{
- address = external-ip6;
- prefixLength = external-netmask6;
- }];
- };
- defaultGateway6 = external-gw6;
- defaultGateway = external-gw;
nameservers = [ "8.8.8.8" ];
};
-
+ users.users.makefu.extraGroups = [ "download" "nginx" ];
+ boot.tmpOnTmpfs = true;
}
diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix
new file mode 100644
index 000000000..a40709169
--- /dev/null
+++ b/makefu/1systems/gum/hardware-config.nix
@@ -0,0 +1,46 @@
+{ config, ... }:
+let
+ external-mac = "2a:c5:6e:d2:fc:7f";
+ main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
+ external-gw = "185.194.140.1";
+ # single partition, label "nixos"
+ # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate
+
+
+ # static
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
+ external-gw6 = "fe80::1";
+ external-netmask = 22;
+ external-netmask6 = 64;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
+ ext-if = "et0"; # gets renamed on the fly
+in {
+ imports = [
+ <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+ <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+ ];
+
+ makefu.server.primary-itf = ext-if;
+ services.udev.extraRules = ''
+ SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
+ '';
+ networking = {
+ interfaces."${ext-if}" = {
+ ipv4.addresses = [{
+ address = external-ip;
+ prefixLength = external-netmask;
+ }];
+ ipv6.addresses = [{
+ address = external-ip6;
+ prefixLength = external-netmask6;
+ }];
+ };
+ defaultGateway6 = external-gw6;
+ defaultGateway = external-gw;
+ };
+ boot.kernelParams = [ ];
+ boot.loader.grub.device = main-disk;
+ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
+ boot.kernelModules = [ "kvm-intel" ];
+}