summaryrefslogtreecommitdiffstats
path: root/makefu/1systems
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-12-14 10:17:40 +0100
committertv <tv@krebsco.de>2017-12-14 10:17:40 +0100
commitb5f1febe68529f7b6ebf5e1db524ba7b6ea161f9 (patch)
tree9f05e213af4917b608cd850bdd0cfabf06d157ae /makefu/1systems
parentbd63530db16dd3f90af51750d25d07cca1526aaa (diff)
parent04f7ae22d6d0720d06f78c712eb9cd245cefce82 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/1systems')
-rw-r--r--makefu/1systems/gum/config.nix35
-rw-r--r--makefu/1systems/omo/config.nix1
-rw-r--r--makefu/1systems/tsp/config.nix2
-rw-r--r--makefu/1systems/wbob/config.nix46
-rw-r--r--makefu/1systems/wbob/source.nix2
5 files changed, 78 insertions, 8 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 98d5d2988..b66ef1ab8 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -46,7 +46,7 @@ in {
# services
<stockholm/makefu/2configs/share/gum.nix>
- <stockholm/makefu/2configs/sabnzbd.nix>
+ # <stockholm/makefu/2configs/sabnzbd.nix>
<stockholm/makefu/2configs/torrent.nix>
<stockholm/makefu/2configs/iodined.nix>
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
@@ -65,6 +65,8 @@ in {
<stockholm/makefu/2configs/deployment/graphs.nix>
<stockholm/makefu/2configs/deployment/owncloud.nix>
<stockholm/makefu/2configs/deployment/boot-euer.nix>
+ <stockholm/makefu/2configs/deployment/bgt/hidden_service.nix>
+
{
services.taskserver.enable = true;
services.taskserver.fqdn = config.krebs.build.host.name;
@@ -84,13 +86,40 @@ in {
# Temporary:
# <stockholm/makefu/2configs/temp/rst-issue.nix>
+ <stockholm/makefu/2configs/virtualisation/docker.nix>
+
+ #{
+ # services.dockerRegistry.enable = true;
+ # networking.firewall.allowedTCPPorts = [ 8443 ];
+
+ # services.nginx.virtualHosts."euer.krebsco.de" = {
+ # forceSSL = true;
+ # enableACME = true;
+ # extraConfig = ''
+ # client_max_body_size 1000M;
+ # '';
+ # locations."/".proxyPass = "http://localhost:5000";
+ # };
+ #}
+ { # wireguard server
+ networking.firewall.allowedUDPPorts = [ 51820 ];
+ #networking.wireguard.interfaces.wg0 = {
+ # ips = [ "10.244.0.1/24" ];
+ # privateKeyFile = (toString <secrets>) + "/wireguard.key";
+ # allowedIPsAsRoutes = true;
+ # peers = [{
+ # allowedIPs = [ "0.0.0.0/0" "::/0" ];
+ # publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=";
+ # }];
+ #};
+ }
];
makefu.dl-dir = "/var/download";
services.openssh.hostKeys = [
- { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
- { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
+ { bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; }
+ { path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ];
###### stable
services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 1d157460b..4af87dc10 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -61,6 +61,7 @@ in {
# logs to influx
<stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/telegraf>
+ <stockholm/makefu/2configs/stats/telegraf/europastats.nix>
# services
<stockholm/makefu/2configs/syncthing.nix>
diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix
index 7b751e514..680fa2cbc 100644
--- a/makefu/1systems/tsp/config.nix
+++ b/makefu/1systems/tsp/config.nix
@@ -32,6 +32,8 @@
# acer aspire
networking.wireless.enable = lib.mkDefault true;
+ services.xserver.synaptics.enable = true;
+
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index ac51fd9ca..c30ee4c58 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -3,6 +3,7 @@ let
rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
user = config.makefu.gui.user;
+ primaryIP = "192.168.8.11";
in {
imports =
@@ -10,16 +11,18 @@ in {
<stockholm/makefu>
<stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/tools/core.nix>
- <stockholm/makefu/2configs/tools/core-gui.nix>
- <stockholm/makefu/2configs/tools/extra-gui.nix>
- <stockholm/makefu/2configs/tools/media.nix>
+ <stockholm/makefu/2configs/disable_v6.nix>
+ # <stockholm/makefu/2configs/tools/core-gui.nix>
+ # <stockholm/makefu/2configs/tools/extra-gui.nix>
+ # <stockholm/makefu/2configs/tools/media.nix>
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/mqtt.nix>
- <stockholm/makefu/2configs/deployment/led-fader.nix>
# <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+
<stockholm/makefu/2configs/stats/client.nix>
+
# <stockholm/makefu/2configs/gui/studio-virtual.nix>
# <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
# <stockholm/makefu/2configs/audio/realtime-audio.nix>
@@ -27,6 +30,41 @@ in {
# Services
<stockholm/makefu/2configs/remote-build/slave.nix>
+ <stockholm/makefu/2configs/share/wbob.nix>
+
+ <stockholm/makefu/2configs/stats/telegraf>
+ <stockholm/makefu/2configs/deployment/led-fader.nix>
+ <stockholm/makefu/2configs/stats/external/aralast.nix>
+ <stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
+ <stockholm/makefu/2configs/deployment/bureautomation>
+ (let
+ collectd-port = 25826;
+ influx-port = 8086;
+ grafana-port = 3000; # TODO nginx forward
+ db = "collectd_db";
+ logging-interface = "enp0s25";
+ in {
+ services.grafana.enable = true;
+ services.grafana.addr = "0.0.0.0";
+
+ services.influxdb.enable = true;
+ services.influxdb.extraConfig = {
+ meta.hostname = config.krebs.build.host.name;
+ # meta.logging-enabled = true;
+ http.bind-address = ":${toString influx-port}";
+ admin.bind-address = ":8083";
+ collectd = [{
+ enabled = true;
+ typesdb = "${pkgs.collectd}/share/collectd/types.db";
+ database = db;
+ bind-address = ":${toString collectd-port}";
+ }];
+ };
+
+ networking.firewall.extraCommands = ''
+ iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
+ '';
+ })
# temporary
# <stockholm/makefu/2configs/temp/rst-issue.nix>
diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix
index 6f079d712..b768aa87d 100644
--- a/makefu/1systems/wbob/source.nix
+++ b/makefu/1systems/wbob/source.nix
@@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
name="wbob";
- musnix = true;
+ # musnix = true;
}