diff options
| author | nin <nineinchnade@gmail.com> | 2017-10-17 19:54:15 +0200 |
|---|---|---|
| committer | nin <nineinchnade@gmail.com> | 2017-10-17 19:54:15 +0200 |
| commit | 9afe5210f2a44cacac4f3527b6c8b561d9e4296b (patch) | |
| tree | a83c412966783b123cd3152fe34a6f7cddcb55d6 /makefu/2configs | |
| parent | f4bf9110727f2c7113c80aaa88427b81605016ae (diff) | |
| parent | 4667bb8e4111abde822ae57993a29929c5cc9aad (diff) | |
Merge remote-tracking branch 'temp/master'
Diffstat (limited to 'makefu/2configs')
| -rw-r--r-- | makefu/2configs/binary-cache/lass.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/deployment/led-fader.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/git/brain-retiolum.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/git/cgit-retiolum.nix | 7 | ||||
| -rw-r--r-- | makefu/2configs/gui/base.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/remote-build/master.nix | 14 | ||||
| -rw-r--r-- | makefu/2configs/remote-build/slave.nix | 11 | ||||
| -rw-r--r-- | makefu/2configs/stats/server.nix | 6 | ||||
| -rw-r--r-- | makefu/2configs/stats/telegraf/europastats.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/tools/core-gui.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/tools/dev.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/tools/extra-gui.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/tools/sec-gui.nix | 15 | ||||
| -rw-r--r-- | makefu/2configs/tools/steam.nix | 6 | ||||
| -rw-r--r-- | makefu/2configs/urlwatch/default.nix | 7 | ||||
| -rw-r--r-- | makefu/2configs/vim.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/vpn/openvpn-server.nix | 8 |
17 files changed, 66 insertions, 26 deletions
diff --git a/makefu/2configs/binary-cache/lass.nix b/makefu/2configs/binary-cache/lass.nix index 4813eeb0f..46b386e14 100644 --- a/makefu/2configs/binary-cache/lass.nix +++ b/makefu/2configs/binary-cache/lass.nix @@ -7,6 +7,7 @@ ]; binaryCachePublicKeys = [ "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" + "cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI=" ]; }; } diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix index 678370c69..4c17a1d50 100644 --- a/makefu/2configs/deployment/led-fader.nix +++ b/makefu/2configs/deployment/led-fader.nix @@ -29,11 +29,11 @@ in { environment = { NIX_PATH = "/var/src"; }; - # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ]; + after = [ "network-online.target" ] ++ (lib.optional config.services.mosquitto.enable "mosquitto.service"); wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; serviceConfig = { # User = "nobody"; # need a user with permissions to run nix-shell + ExecStartPre = pkgs.writeDash "sleep.sh" "sleep 2"; ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json"; PrivateTmp = true; }; diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index 05754dc7f..3be3fccef 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -19,9 +19,9 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = true; - channel = "#retiolum"; + channel = "#xxx"; # TODO remove the hardcoded hostname - server = "ni.r"; + server = "irc.r"; }; }; }; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 30c0b0b87..da246f66a 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -24,6 +24,7 @@ let cac-api = { }; euer_blog = { }; ampel = { }; + europastats = { }; init-stockholm = { cgit.desc = "Init stuff for stockholm"; }; @@ -56,9 +57,9 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = config.krebs.build.host.name == "gum"; - channel = "#retiolum"; + channel = "#xxx"; # TODO remove the hardcoded hostname - server = "ni.r"; + server = "irc.r"; }; }; }; @@ -67,7 +68,7 @@ let # TODO: get the list of all krebsministers krebsminister = with config.krebs.users; [ lass tv ]; - all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx ]; + all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx makefu-android ]; all-exco = with config.krebs.users; [ exco ]; priv-rules = repo: set-owners repo all-makefu; diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index 0247010b1..daa0282b8 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -58,7 +58,7 @@ in hardware.pulseaudio = { enable = true; - systemWide = true; + # systemWide = true; }; services.xserver.displayManager.sessionCommands = let xdefaultsfile = pkgs.writeText "Xdefaults" '' diff --git a/makefu/2configs/remote-build/master.nix b/makefu/2configs/remote-build/master.nix new file mode 100644 index 000000000..4ad2c5ed8 --- /dev/null +++ b/makefu/2configs/remote-build/master.nix @@ -0,0 +1,14 @@ +{ pkgs, ...}: +let + sshKey = (toString <secrets>) + "/id_nixBuild"; +in { + nix.distributedBuilds = true; + # TODO: iterate over krebs.hosts + nix.buildMachines = map ( hostName: + { inherit hostName sshKey; + sshUser = "nixBuild"; + system = "x86_64-linux"; + maxJobs = 1; + }) [ "omo.r" "gum.r" "latte.r" ]; + # puyak.r "wbob.r" +} diff --git a/makefu/2configs/remote-build/slave.nix b/makefu/2configs/remote-build/slave.nix new file mode 100644 index 000000000..b6e000a34 --- /dev/null +++ b/makefu/2configs/remote-build/slave.nix @@ -0,0 +1,11 @@ +{ + nix.trustedUsers = [ "nixBuild" ]; + users.users.nixBuild = { + name = "nixBuild"; + useDefaultShell = true; + # TODO: put this somewhere else + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild" + ]; + }; +} diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index 8f9935658..7548c733e 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -2,6 +2,8 @@ with import <stockholm/lib>; let + irc-server = "rc.r"; + irc-nick = "m-alarm"; collectd-port = 25826; influx-port = 8086; grafana-port = 3000; # TODO nginx forward @@ -37,9 +39,9 @@ in { echoToIrc = pkgs.writeDash "echo_irc" '' set -euf data="$(${pkgs.jq}/bin/jq -r .message)" - export LOGNAME=malarm + export LOGNAME=${irc-nick} ${pkgs.irc-announce}/bin/irc-announce \ - irc.freenode.org 6667 malarm \#krebs-bots "$data" >/dev/null + ${irc-server} 6667 ${irc-nick} \#noise "$data" >/dev/null ''; in { enable = true; diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix index 9249280c5..2ab62766a 100644 --- a/makefu/2configs/stats/telegraf/europastats.nix +++ b/makefu/2configs/stats/telegraf/europastats.nix @@ -4,7 +4,7 @@ let rev = "be31da7"; name = "europastats-${rev}"; propagatedBuildInputs = [ - requests2 + requests docopt ]; src = pkgs.fetchgit { diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 0538647ae..2f80b08c9 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -13,7 +13,6 @@ keepassx pcmanfm evince - skype mirage tightvnc gnome3.dconf diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 6681484fd..d3d50c433 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -16,5 +16,6 @@ whatsupnix brain gen-oath-safe + cdrtools ]; } diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index b2d616764..bcc068d82 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -6,7 +6,7 @@ gimp inkscape libreoffice - skype + # skype synergy tdesktop virtmanager diff --git a/makefu/2configs/tools/sec-gui.nix b/makefu/2configs/tools/sec-gui.nix index 2db3e4391..95f130ae8 100644 --- a/makefu/2configs/tools/sec-gui.nix +++ b/makefu/2configs/tools/sec-gui.nix @@ -1,8 +1,15 @@ { pkgs, ... }: { - krebs.per-user.makefu.packages = with pkgs; [ - tpmmanager - wireshark - ]; + users.users.makefu = { + extraGroups = [ "wireshark" ]; + packages = with pkgs; [ + tpmmanager + ]; + }; + + programs.wireshark = { + enable = true; + package = pkgs.wireshark; + }; } diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix index dbe51270d..048c1d1a3 100644 --- a/makefu/2configs/tools/steam.nix +++ b/makefu/2configs/tools/steam.nix @@ -1,9 +1,7 @@ {pkgs, ...}: { - environment.systemPackages = [ - (pkgs.steam.override { - newStdcpp = true; - }) + users.users.makefu.packages = [ + pkgs.steam ]; hardware.opengl.driSupport32Bit = true; hardware.pulseaudio.support32Bit = true; diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix index 47b5d7fc3..677950f43 100644 --- a/makefu/2configs/urlwatch/default.nix +++ b/makefu/2configs/urlwatch/default.nix @@ -24,13 +24,18 @@ in { # pypi https://pypi.python.org/simple/bepasty/ - https://pypi.python.org/simple/xstatic/ https://pypi.python.org/simple/devpi-client/ + https://pypi.python.org/simple/oslo.config/ + https://pypi.python.org/simple/sqlalchemy_migrate/ + https://pypi.python.org/simple/xstatic/ + https://pypi.python.org/simple/pyserial/ + https://pypi.python.org/simple/semantic_version/ # weird shit http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack + http://www.iozone.org/src/current/ { url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ; diff --git a/makefu/2configs/vim.nix b/makefu/2configs/vim.nix index 9f3a59717..43d362ed9 100644 --- a/makefu/2configs/vim.nix +++ b/makefu/2configs/vim.nix @@ -127,6 +127,7 @@ in { { names = [ "undotree" # "YouCompleteMe" "vim-better-whitespace" ]; } + # vim-nix handles indentation better but does not perform sanity { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } ]; diff --git a/makefu/2configs/vpn/openvpn-server.nix b/makefu/2configs/vpn/openvpn-server.nix index 1e7edbf78..79754264f 100644 --- a/makefu/2configs/vpn/openvpn-server.nix +++ b/makefu/2configs/vpn/openvpn-server.nix @@ -1,13 +1,13 @@ { config, pkgs, ... }: let - out-itf = config.makefu.server.primary-itf; - # generate via openvpn --genkey --secret static.key - client-key = (toString <secrets>) + "/openvpn-laptop.key"; + out-itf = config.makefu.server.primary-itf; + # generate via openvpn --genkey --secret static.key + client-key = (toString <secrets>) + "/openvpn-laptop.key"; # domain = "vpn.euer.krebsco.de"; domain = "gum.krebsco.de"; dev = "tun0"; port = 1194; - tcp-port = 3306; + tcp-port = 3306; in { boot.kernel.sysctl."net.ipv4.ip_forward" = 1; networking.nat = { |