summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
authornin <nineinchnade@gmail.com>2017-03-07 16:27:15 +0100
committernin <nineinchnade@gmail.com>2017-03-07 16:27:15 +0100
commit2edd8ca37b5c134b697315fd7ab603807760e6d6 (patch)
tree4fa4df81774907b797d04707028406788d7297e1 /makefu/2configs
parent01868340e25ffb05ea8b784c5cdf47c251157dfb (diff)
parentc05db2409061f721ba454f4bf79e635ee13a6f11 (diff)
Merge remote-tracking branch 'prism/newest'
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/base-gui.nix2
-rw-r--r--makefu/2configs/default.nix14
-rw-r--r--makefu/2configs/deployment/owncloud.nix8
-rw-r--r--makefu/2configs/hw/tp-x230.nix12
-rw-r--r--makefu/2configs/laptop-utils.nix65
-rw-r--r--makefu/2configs/logging/central-stats-server.nix15
-rw-r--r--makefu/2configs/main-laptop.nix5
-rw-r--r--makefu/2configs/omo-share.nix11
-rw-r--r--makefu/2configs/printer.nix1
-rw-r--r--makefu/2configs/tools/all.nix11
-rw-r--r--makefu/2configs/tools/core-gui.nix24
-rw-r--r--makefu/2configs/tools/core.nix46
-rw-r--r--makefu/2configs/tools/dev.nix10
-rw-r--r--makefu/2configs/tools/extra-gui.nix12
-rw-r--r--makefu/2configs/tools/games.nix7
-rw-r--r--makefu/2configs/tools/media.nix12
-rw-r--r--makefu/2configs/tools/sec.nix15
-rw-r--r--makefu/2configs/urlwatch.nix3
18 files changed, 179 insertions, 94 deletions
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index 95ebabc44..43b37cd8c 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -82,7 +82,7 @@ in
URxvt.perl-ext: default,url-select
URxvt.keysym.M-u: perl:url-select:select_next
- URxvt.url-select.launcher: chromium
+ URxvt.url-select.launcher: firefox -new-tab
URxvt.url-select.underline: true
URxvt.searchable-scrollback: CM-s
'';
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 45f7315b0..1ad7f0710 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
user = config.krebs.users.makefu;
source = let
inherit (config.krebs.build) host user;
- ref = "f66d782"; # unstable @ 2017-02-04
+ ref = "53a2baa"; # unstable @ 2017-02-28
in {
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{
@@ -145,21 +145,21 @@ with import <stockholm/lib>;
tinc = pkgs.tinc_pre;
};
- services.cron.enable = false;
- services.nscd.enable = false;
- services.ntp.enable = false;
- services.timesyncd.enable = true;
- services.ntp.servers = [
+ networking.timeServers = [
"pool.ntp.org"
"time.windows.com"
"time.apple.com"
"time.nist.gov"
];
+
nix.extraOptions = ''
auto-optimise-store = true
'';
- security.setuidPrograms = [ "sendmail" ];
+ security.wrappers.sendmail = {
+ source = "${pkgs.exim}/bin/sendmail";
+ setuid = true;
+ };
services.journald.extraConfig = ''
SystemMaxUse=1G
RuntimeMaxUse=128M
diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix
index d692ef72d..c6fb9c8e5 100644
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@@ -131,11 +131,15 @@ in {
( serveCloud [ "o.euer.krebsco.de" ] )
];
- services.mysql = {
- enable = true;
+ services.mysql = { # TODO: currently nextcloud uses sqlite
+ enable = false;
package = pkgs.mariadb;
rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
};
+ services.mysqlBackup = {
+ enable = false;
+ databases = [ "nextcloud" ];
+ };
krebs.secret.files.mysql_rootPassword = {
path = "${config.services.mysql.dataDir}/mysql_rootPassword";
diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix
index 99563a771..2de32dd94 100644
--- a/makefu/2configs/hw/tp-x230.nix
+++ b/makefu/2configs/hw/tp-x230.nix
@@ -9,20 +9,28 @@ with import <stockholm/lib>;
kernelModules = [
"kvm-intel"
"thinkpad_ec"
- # "acpi_call"
+ "acpi_call"
# "thinkpad_acpi"
# "tpm-rng"
];
extraModulePackages = [
- # config.boot.kernelPackages.acpi_call
+ config.boot.kernelPackages.acpi_call
];
+ # support backlight adjustment
+ kernelParams = [ "acpi_osi=Linux" "acpi_backlight=vendor" ];
};
+
+ # configured media keys inside awesomerc
+ # sound.mediaKeys.enable = true;
+ hardware.bluetooth.enable = true;
+
services.acpid.enable = true;
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
services.xserver = {
videoDriver = "intel";
deviceSection = ''
Option "AccelMethod" "sna"
+ Option "Backlight" "intel_backlight"
'';
};
# no entropy source working
diff --git a/makefu/2configs/laptop-utils.nix b/makefu/2configs/laptop-utils.nix
deleted file mode 100644
index ec6d4adec..000000000
--- a/makefu/2configs/laptop-utils.nix
+++ /dev/null
@@ -1,65 +0,0 @@
-{ pkgs, ... }:
-
-# tools i use when actually working with the host.
-# package version will now be maintained by nix-rebuild
-#
-# essentially `nix-env -q` of the main user
-# TODO: split gui and non-gui
-{
- nixpkgs.config.firefox = {
- enableAdobeFlash = true;
- };
-
- krebs.per-user.makefu.packages = with pkgs; [
- # core
- at_spi2_core
- acpi
- bc
- exif
- file
- ntfs3g
- pv
- proot
- sshpass
- unzip
- unrar
- usbutils
- zip
-
- # dev
- python35Packages.virtualenv
-
-
- # gui
- chromium
- clipit
- feh
- firefox
- keepassx
- pcmanfm
- skype
- mirage
- tightvnc
- gnome3.dconf
- vlc
- virtmanager
- wireshark
- xdotool
-
- # sectools
- aria2
- pythonPackages.binwalk-full
- dnsmasq
- iodine
- mtr
- nmap
-
-
- # stuff
- cac-api
- cac-panel
- krebspaste
- ledger
- pass
- ];
-}
diff --git a/makefu/2configs/logging/central-stats-server.nix b/makefu/2configs/logging/central-stats-server.nix
index 8151d4939..30ad63879 100644
--- a/makefu/2configs/logging/central-stats-server.nix
+++ b/makefu/2configs/logging/central-stats-server.nix
@@ -5,10 +5,9 @@ let
collectd-port = 25826;
influx-port = 8086;
grafana-port = 3000; # TODO nginx forward
+ db = "collectd_db";
+ logging-interface = config.makefu.server.primary-itf;
in {
- imports = [
- ../../../lass/3modules/kapacitor.nix
- ];
services.grafana.enable = true;
services.grafana.addr = "0.0.0.0";
@@ -27,11 +26,11 @@ in {
collectd = [{
enabled = true;
typesdb = "${pkgs.collectd}/share/collectd/types.db";
- database = "collectd_db";
+ database = db;
port = collectd-port;
}];
};
- lass.kapacitor =
+ krebs.kapacitor =
let
echoToIrc = pkgs.writeDash "echo_irc" ''
set -euf
@@ -43,7 +42,8 @@ in {
in {
enable = true;
alarms = {
- cpu_deadman = ''
+ cpu_deadman.database = db;
+ cpu_deadman.text = ''
var data = batch
|query(${"'''"}
SELECT mean("value") AS mean
@@ -68,5 +68,8 @@ in {
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
+ iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
+ iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
+ iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
'';
}
diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix
index e1c3d20ff..eaf6dec97 100644
--- a/makefu/2configs/main-laptop.nix
+++ b/makefu/2configs/main-laptop.nix
@@ -14,7 +14,8 @@ in {
./base-gui.nix
./fetchWallpaper.nix
./zsh-user.nix
- ./laptop-utils.nix
+ ./tools/core.nix
+ ./tools/core-gui.nix
];
users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ];
@@ -60,7 +61,7 @@ in {
sleep 1
'')
[ 5 4 3 2 1 ]}
- /var/setuid-wrappers/sudo ${pkgs.systemd}/bin/systemctl suspend
+ /var/run/wrappers/bin/sudo ${pkgs.systemd}/bin/systemctl suspend
'';
};
};
diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix
index 8a3eab98a..7d7a4ec57 100644
--- a/makefu/2configs/omo-share.nix
+++ b/makefu/2configs/omo-share.nix
@@ -48,15 +48,8 @@ in {
browseable = "yes";
"guest ok" = "yes";
};
- crypt0-rw = {
- path = "/media/crypt0/";
- "read only" = "no";
- browseable = "yes";
- "guest ok" = "no";
- "valid users" = "makefu";
- };
- crypt1-rw = {
- path = "/media/crypt1/";
+ media-rw = {
+ path = "/media/";
"read only" = "no";
browseable = "yes";
"guest ok" = "no";
diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index d288748f9..7c7b00abc 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -5,6 +5,7 @@
enable = true;
drivers = [
pkgs.samsungUnifiedLinuxDriver
+ pkgs.dymo-cups-drivers
];
};
diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix
new file mode 100644
index 000000000..e64e216e0
--- /dev/null
+++ b/makefu/2configs/tools/all.nix
@@ -0,0 +1,11 @@
+{
+ imports = [
+ ./core.nix
+ ./core-gui.nix
+ ./dev.nix
+ ./extra-gui.nix
+ ./games.nix
+ ./media.nix
+ ./sec.nix
+ ];
+}
diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix
new file mode 100644
index 000000000..6d62e92c0
--- /dev/null
+++ b/makefu/2configs/tools/core-gui.nix
@@ -0,0 +1,24 @@
+{ pkgs, ... }:
+
+{
+ nixpkgs.config.firefox = {
+ enableAdobeFlash = true;
+ };
+
+ krebs.per-user.makefu.packages = with pkgs; [
+ chromium
+ clipit
+ feh
+ firefox
+ keepassx
+ pcmanfm
+ skype
+ mirage
+ tightvnc
+ gnome3.dconf
+ wireshark
+ xdotool
+ xorg.xbacklight
+ scrot
+ ];
+}
diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix
new file mode 100644
index 000000000..86d72c662
--- /dev/null
+++ b/makefu/2configs/tools/core.nix
@@ -0,0 +1,46 @@
+{ pkgs, ... }:
+
+# tools i use when actually working with the host.
+# package version will now be maintained by nix-rebuild
+#
+# essentially `nix-env -q` of the main user
+{
+ krebs.per-user.makefu.packages = with pkgs; [
+ at_spi2_core
+ acpi
+ bc
+ rsync
+ exif
+ file
+ ntfs3g
+ pv
+ proot
+ sshpass
+ populate
+ usbutils
+ p7zip
+ hdparm
+ inetutils
+ ncftp
+ mutt
+ tcpdump
+ sysstat
+ which
+ weechat
+ curl
+ wget
+ wol
+ tmux
+ smartmontools
+ cifs-utils
+ iftop
+ taskwarrior
+ mplayer
+
+ cac-api
+ cac-panel
+ krebspaste
+ ledger
+ pass
+ ];
+}
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
new file mode 100644
index 000000000..8acc25fcc
--- /dev/null
+++ b/makefu/2configs/tools/dev.nix
@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+
+{
+ krebs.per-user.makefu.packages = with pkgs;[
+ nodemcu-uploader
+ esptool
+ python35Packages.virtualenv
+ flashrom
+ ];
+}
diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix
new file mode 100644
index 000000000..9cfacf408
--- /dev/null
+++ b/makefu/2configs/tools/extra-gui.nix
@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+ krebs.per-user.makefu.packages = with pkgs;[
+ inkscape
+ gimp
+ skype
+ virtmanager
+ synergy
+ saleae-logic
+ ];
+}
diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix
new file mode 100644
index 000000000..34c686451
--- /dev/null
+++ b/makefu/2configs/tools/games.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+
+{
+ krebs.per-user.makefu.packages = with pkgs; [
+ steam
+ ];
+}
diff --git a/makefu/2configs/tools/media.nix b/makefu/2configs/tools/media.nix
new file mode 100644
index 000000000..4fc3413e8
--- /dev/null
+++ b/makefu/2configs/tools/media.nix
@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+ krebs.per-user.makefu.packages = with pkgs; [
+ kodi
+ streamripper
+ youtube-dl
+ calibre
+ vlc
+ mumble
+ ];
+}
diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix
new file mode 100644
index 000000000..5ab699f35
--- /dev/null
+++ b/makefu/2configs/tools/sec.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+
+{
+ krebs.per-user.makefu.packages = with pkgs; [
+ aria2
+ # mitmproxy
+ pythonPackages.binwalk-full
+ dnsmasq
+ iodine
+ mtr
+ nmap
+ msf
+ thc-hydra
+ ];
+}
diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix
index d575d18bc..20eb031a1 100644
--- a/makefu/2configs/urlwatch.nix
+++ b/makefu/2configs/urlwatch.nix
@@ -16,6 +16,9 @@
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
https://github.com/amadvance/snapraid/releases.atom
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
+ https://api.github.com/repos/embray/d2to1/tags
+ https://api.github.com/repos/dorimanx/exfat-nofuse/commits
+ https://api.github.com/repos/dorimanx/exfat-nofuse/tags
];
};
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 09:28:20 +0000