Merge remote-tracking branch 'cd/master'

5 files changed, 27 insertions, 15 deletions

diff --git a/makefu/1systems/darth.nix b/makefu/1systems/darth.nix
index ad3ac4f22..2f2358ddc 100644
--- a/makefu/1systems/darth.nix
+++ b/makefu/1systems/darth.nix
@@ -10,15 +10,27 @@ let
   allDisks = [ rootDisk auxDisk ];
 in {
   imports = [
-        ../.
-        ../2configs/fs/single-partition-ext4.nix
-        ../2configs/zsh-user.nix
-        ../2configs/smart-monitor.nix
+      ../.
+      ../2configs/fs/single-partition-ext4.nix
+      ../2configs/zsh-user.nix
+      ../2configs/smart-monitor.nix
+      ../2configs/exim-retiolum.nix
+      ../2configs/virtualization.nix
   ];
 
+  networking.firewall.allowedUDPPorts = [ 80 655 67 ];
+  networking.firewall.allowedTCPPorts = [ 80 655 ];
+  networking.firewall.checkReversePath = false;
+  #networking.firewall.enable = false;
   # virtualisation.nova.enableSingleNode = true;
   krebs.retiolum.enable = true;
 
+  boot.kernelModules = [ "coretemp" "f71882fg" ];
+
+  hardware.enableAllFirmware = true;
+  nixpkgs.config.allowUnfree = true;
+  networking.wireless.enable = true;
+
   # TODO smartd omo darth gum all-in-one
   services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
   zramSwap.enable = true;
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 710421659..7bac4398c 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -2,8 +2,8 @@
 
 with config.krebs.lib;
 let
-  external-ip = head config.krebs.build.host.nets.internet.addrs4;
-  internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+  external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+  internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
 in {
   imports = [
       ../.
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index f0f1d3088..fbd06a9c7 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -44,16 +44,21 @@ in {
       ../2configs/smart-monitor.nix
       ../2configs/mail-client.nix
       ../2configs/share-user-sftp.nix
+      ../2configs/graphite-standalone.nix
       ../2configs/omo-share.nix
     ];
+
   krebs.retiolum.enable = true;
   networking.firewall.trustedInterfaces = [ "enp3s0" ];
   # udp:137 udp:138 tcp:445 tcp:139 - samba, allowed in local net
   # tcp:80          - nginx for sharing files
   # tcp:655 udp:655 - tinc
-  # tcp:8080        - sabnzbd
+  # tcp:8111        - graphite
+  # tcp:9090        - sabnzbd
+  # tcp:9200        - elasticsearch
+  # tcp:5601        - kibana
   networking.firewall.allowedUDPPorts = [ 655 ];
-  networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
+  networking.firewall.allowedTCPPorts = [ 80 655 5601 8111 9200 9090 ];
 
   # services.openssh.allowSFTP = false;
 
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
index 748b08ef1..5e2382f37 100644
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@@ -15,11 +15,6 @@
     ];
   nixpkgs.config.allowUnfree = true;
 
-  krebs.build.source.upstream-nixpkgs = {
-    url = https://github.com/makefu/nixpkgs;
-    # HTTP Everywhere + libredir
-    rev = "8239ac6";
-  };
   fileSystems."/nix" = {
     device ="/dev/disk/by-label/nixstore";
     fsType = "ext4";
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
index edaf1b803..d9f8ded83 100644
--- a/makefu/1systems/wry.nix
+++ b/makefu/1systems/wry.nix
@@ -3,8 +3,8 @@
 with config.krebs.lib;
 let
 
-  external-ip = head config.krebs.build.host.nets.internet.addrs4;
-  internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+  external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+  internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
 in {
   imports = [
       ../.