diff options
author | lassulus <lassulus@lassul.us> | 2017-10-01 17:54:06 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2017-10-01 17:54:06 +0200 |
commit | d7f65ea679866f24e4ca52b51bd6f068a6b38195 (patch) | |
tree | 6a09e7cc2a4c9af0507bdc189652c78832a2f952 /makefu/2configs | |
parent | d973c779eb71749af464edb1ed0216b0d5317eb2 (diff) | |
parent | e62f376e6177f3efb0e0bcd3aad97a991c3b6d60 (diff) |
Merge branch 'master' into staging/17.09
Diffstat (limited to 'makefu/2configs')
21 files changed, 139 insertions, 26 deletions
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix index 678370c69..4c17a1d50 100644 --- a/makefu/2configs/deployment/led-fader.nix +++ b/makefu/2configs/deployment/led-fader.nix @@ -29,11 +29,11 @@ in { environment = { NIX_PATH = "/var/src"; }; - # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ]; + after = [ "network-online.target" ] ++ (lib.optional config.services.mosquitto.enable "mosquitto.service"); wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; serviceConfig = { # User = "nobody"; # need a user with permissions to run nix-shell + ExecStartPre = pkgs.writeDash "sleep.sh" "sleep 2"; ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json"; PrivateTmp = true; }; diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index 05754dc7f..3be3fccef 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -19,9 +19,9 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = true; - channel = "#retiolum"; + channel = "#xxx"; # TODO remove the hardcoded hostname - server = "ni.r"; + server = "irc.r"; }; }; }; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 30c0b0b87..ed890fe40 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -24,6 +24,7 @@ let cac-api = { }; euer_blog = { }; ampel = { }; + europastats = { }; init-stockholm = { cgit.desc = "Init stuff for stockholm"; }; @@ -56,9 +57,9 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = config.krebs.build.host.name == "gum"; - channel = "#retiolum"; + channel = "#xxx"; # TODO remove the hardcoded hostname - server = "ni.r"; + server = "irc.r"; }; }; }; diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index 0247010b1..daa0282b8 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -58,7 +58,7 @@ in hardware.pulseaudio = { enable = true; - systemWide = true; + # systemWide = true; }; services.xserver.displayManager.sessionCommands = let xdefaultsfile = pkgs.writeText "Xdefaults" '' diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 0865a0841..51e69d8b7 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -14,17 +14,20 @@ in { # scanners are printers just in reverse anyway services.saned.enable = true; - users.users."${mainUser}".extraGroups = [ "scanner" ]; + users.users."${mainUser}".extraGroups = [ "scanner" "lp" ]; hardware.sane = { enable = true; - extraBackends = [ pkgs.samsungUnifiedLinuxDriver ]; + extraBackends = [ ]; # $ scanimage -p --format=jpg --mode=Gray --source="Automatic Document Feeder" -v --batch="lol%d.jpg" --resolution=150 # requires 'sane-extra', scan via: - extraConfig."magicolor" = '' - net 10.42.20.30 0x2098 - ''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf + #extraConfig."magicolor" = '' + # net 10.42.20.30 0x2098 + #''; # 10.42.20.30: uhrenkind.shack magicolor 1690mf + extraConfig."xerox_mfp" = '' + tcp 192.168.1.5 + ''; #home printer SCX-3205W }; } diff --git a/makefu/2configs/remote-build/master.nix b/makefu/2configs/remote-build/master.nix new file mode 100644 index 000000000..4ad2c5ed8 --- /dev/null +++ b/makefu/2configs/remote-build/master.nix @@ -0,0 +1,14 @@ +{ pkgs, ...}: +let + sshKey = (toString <secrets>) + "/id_nixBuild"; +in { + nix.distributedBuilds = true; + # TODO: iterate over krebs.hosts + nix.buildMachines = map ( hostName: + { inherit hostName sshKey; + sshUser = "nixBuild"; + system = "x86_64-linux"; + maxJobs = 1; + }) [ "omo.r" "gum.r" "latte.r" ]; + # puyak.r "wbob.r" +} diff --git a/makefu/2configs/remote-build/slave.nix b/makefu/2configs/remote-build/slave.nix new file mode 100644 index 000000000..b6e000a34 --- /dev/null +++ b/makefu/2configs/remote-build/slave.nix @@ -0,0 +1,11 @@ +{ + nix.trustedUsers = [ "nixBuild" ]; + users.users.nixBuild = { + name = "nixBuild"; + useDefaultShell = true; + # TODO: put this somewhere else + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild" + ]; + }; +} diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index 8f9935658..7548c733e 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -2,6 +2,8 @@ with import <stockholm/lib>; let + irc-server = "rc.r"; + irc-nick = "m-alarm"; collectd-port = 25826; influx-port = 8086; grafana-port = 3000; # TODO nginx forward @@ -37,9 +39,9 @@ in { echoToIrc = pkgs.writeDash "echo_irc" '' set -euf data="$(${pkgs.jq}/bin/jq -r .message)" - export LOGNAME=malarm + export LOGNAME=${irc-nick} ${pkgs.irc-announce}/bin/irc-announce \ - irc.freenode.org 6667 malarm \#krebs-bots "$data" >/dev/null + ${irc-server} 6667 ${irc-nick} \#noise "$data" >/dev/null ''; in { enable = true; diff --git a/makefu/2configs/stats/telegraf/default.nix b/makefu/2configs/stats/telegraf/default.nix new file mode 100644 index 000000000..4da6561d6 --- /dev/null +++ b/makefu/2configs/stats/telegraf/default.nix @@ -0,0 +1,20 @@ +{...}: +let + url = "http://localhost:8086"; +in { + imports = [ + ./europastats.nix + ]; + services.telegraf = { + enable = true; + extraConfig = { + agent.debug = true; + outputs = { + influxdb = [{ + urls = [ url ]; + database = "telegraf"; + }]; + }; + }; + }; +} diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix new file mode 100644 index 000000000..9249280c5 --- /dev/null +++ b/makefu/2configs/stats/telegraf/europastats.nix @@ -0,0 +1,43 @@ +{ pkgs, ...}: +let + pkg = with pkgs.python3Packages;buildPythonPackage rec { + rev = "be31da7"; + name = "europastats-${rev}"; + propagatedBuildInputs = [ + requests2 + docopt + ]; + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/europastats"; + inherit rev; + sha256 = "0qj18vgj9nm6aisyqhk3iz3rf8xp7mn5jc6sfylcaw588a9sjfvc"; + }; + }; +in { + services.telegraf.extraConfig.inputs.exec = [ + { + commands = [ "${pkg}/bin/europa-attractions"]; + timeout = "1m"; + data_format = "json"; + name_override = "europawaiting"; + interval = "1m"; + tag_keys = [ + "status" + "type" + "name" + ]; + } + { + commands = [ "${pkg}/bin/europa-weather"]; + timeout = "20s"; + data_format = "json"; + name_override = "europaweather"; + interval = "10m"; + tag_keys = [ + "type" + "name" + "offset" + ]; + } + ]; +} diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix index c7a116918..7755e2872 100644 --- a/makefu/2configs/tools/all.nix +++ b/makefu/2configs/tools/all.nix @@ -7,6 +7,7 @@ ./extra-gui.nix ./games.nix ./media.nix + ./scanner-tools.nix ./sec.nix ./sec-gui.nix ./studio.nix diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 0538647ae..2f80b08c9 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -13,7 +13,6 @@ keepassx pcmanfm evince - skype mirage tightvnc gnome3.dconf diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index b2d616764..bcc068d82 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -6,7 +6,7 @@ gimp inkscape libreoffice - skype + # skype synergy tdesktop virtmanager diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix index 47f06287b..8e815da5e 100644 --- a/makefu/2configs/tools/games.nix +++ b/makefu/2configs/tools/games.nix @@ -1,8 +1,10 @@ { pkgs, ... }: { - krebs.per-user.makefu.packages = with pkgs; [ - steam + imports = [ + ./steam.nix + ]; + users.users.makefu.packages = with pkgs; [ games-user-env ]; } diff --git a/makefu/2configs/tools/scanner-tools.nix b/makefu/2configs/tools/scanner-tools.nix new file mode 100644 index 000000000..ef2e913e4 --- /dev/null +++ b/makefu/2configs/tools/scanner-tools.nix @@ -0,0 +1,7 @@ +{ + # ln -s /run/current-system/sw/bin/xsane ~/.gimp-2.8/plug-ins/xsane + nixpkgs.config.packageOverrides = pkgs: { + xsaneGimp = pkgs.xsane.override { gimpSupport = true; }; + }; +} + diff --git a/makefu/2configs/steam.nix b/makefu/2configs/tools/steam.nix index d4ec84abf..200ea4719 100644 --- a/makefu/2configs/steam.nix +++ b/makefu/2configs/tools/steam.nix @@ -1,6 +1,10 @@ {pkgs, ...}: { - environment.systemPackages = [ pkgs.steam ]; + users.users.makefu.packages = [ + (pkgs.steam.override { + newStdcpp = true; + }) + ]; hardware.opengl.driSupport32Bit = true; hardware.pulseaudio.support32Bit = true; } diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix index 47b5d7fc3..2eecd6428 100644 --- a/makefu/2configs/urlwatch/default.nix +++ b/makefu/2configs/urlwatch/default.nix @@ -24,8 +24,12 @@ in { # pypi https://pypi.python.org/simple/bepasty/ - https://pypi.python.org/simple/xstatic/ https://pypi.python.org/simple/devpi-client/ + https://pypi.python.org/simple/oslo.config/ + https://pypi.python.org/simple/sqlalchemy_migrate/ + https://pypi.python.org/simple/xstatic/ + https://pypi.python.org/simple/pyserial/ + https://pypi.python.org/simple/semantic_version/ # weird shit http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ diff --git a/makefu/2configs/vim.nix b/makefu/2configs/vim.nix index 9f3a59717..43d362ed9 100644 --- a/makefu/2configs/vim.nix +++ b/makefu/2configs/vim.nix @@ -127,6 +127,7 @@ in { { names = [ "undotree" # "YouCompleteMe" "vim-better-whitespace" ]; } + # vim-nix handles indentation better but does not perform sanity { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } ]; diff --git a/makefu/2configs/virtualisation/docker.nix b/makefu/2configs/virtualisation/docker.nix index ddef9e371..951bdbf26 100644 --- a/makefu/2configs/virtualisation/docker.nix +++ b/makefu/2configs/virtualisation/docker.nix @@ -1,8 +1,9 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { virtualisation.docker.enable = true; environment.systemPackages = with pkgs;[ docker docker_compose ]; + users.extraUsers.${config.krebs.build.user.name}.extraGroups = [ "docker" ]; } diff --git a/makefu/2configs/vncserver.nix b/makefu/2configs/vncserver.nix index 3d1d9fe75..e62a3f748 100644 --- a/makefu/2configs/vncserver.nix +++ b/makefu/2configs/vncserver.nix @@ -33,7 +33,7 @@ in { serviceConfig = { User = "nobody"; ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}"; - PrivateTmp = true; + PrivateTmp = true; }; }; }; diff --git a/makefu/2configs/vpn/openvpn-server.nix b/makefu/2configs/vpn/openvpn-server.nix index 1e7edbf78..79754264f 100644 --- a/makefu/2configs/vpn/openvpn-server.nix +++ b/makefu/2configs/vpn/openvpn-server.nix @@ -1,13 +1,13 @@ { config, pkgs, ... }: let - out-itf = config.makefu.server.primary-itf; - # generate via openvpn --genkey --secret static.key - client-key = (toString <secrets>) + "/openvpn-laptop.key"; + out-itf = config.makefu.server.primary-itf; + # generate via openvpn --genkey --secret static.key + client-key = (toString <secrets>) + "/openvpn-laptop.key"; # domain = "vpn.euer.krebsco.de"; domain = "gum.krebsco.de"; dev = "tun0"; port = 1194; - tcp-port = 3306; + tcp-port = 3306; in { boot.kernel.sysctl."net.ipv4.ip_forward" = 1; networking.nat = { |