diff options
author | tv <tv@krebsco.de> | 2018-09-06 23:10:09 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2018-09-06 23:10:09 +0200 |
commit | 03764d6765f8d2734d0960bc75cc6856bf0893d8 (patch) | |
tree | b8cbbdc3a0381b5d1b1d08149c38a6bd5be5e9c5 /makefu | |
parent | 86466154f11748365cdab50b6ac113bdfd5542be (diff) | |
parent | 96c4ab61202f515c7a361ef76c398e542771d6b4 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu')
50 files changed, 908 insertions, 318 deletions
diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix index cd97a7c62..22c40039e 100644 --- a/makefu/1systems/cake/source.nix +++ b/makefu/1systems/cake/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="cake"; full = true; } diff --git a/makefu/1systems/darth/source.nix b/makefu/1systems/darth/source.nix index b13b6c603..a8d7368ab 100644 --- a/makefu/1systems/darth/source.nix +++ b/makefu/1systems/darth/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="darth"; } diff --git a/makefu/1systems/drop/config.nix b/makefu/1systems/drop/config.nix index b7e0d0395..2757db8cc 100644 --- a/makefu/1systems/drop/config.nix +++ b/makefu/1systems/drop/config.nix @@ -30,7 +30,7 @@ in { allowedTCPPorts = [ ]; allowedUDPPorts = [ 655 ]; }; - interfaces.enp0s3.ip4 = [{ + interfaces.enp0s3.ipv4.addresses = [{ address = external-ip; inherit prefixLength; }]; diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix index 45bd6f97e..a6bc834b0 100644 --- a/makefu/1systems/drop/source.nix +++ b/makefu/1systems/drop/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="drop"; torrent = true; } diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix index e36afecd5..7e9dea9ec 100644 --- a/makefu/1systems/fileleech/config.nix +++ b/makefu/1systems/fileleech/config.nix @@ -145,13 +145,13 @@ in { networking.nameservers = [ "8.8.8.8" ]; # SPF networking.defaultGateway = "151.217.176.1"; - networking.interfaces.enp6s0f0.ip4 = [{ + networking.interfaces.enp6s0f0.ipv4.addresses = [{ address = "151.217.178.63"; prefixLength = 22; }]; # Gigabit - networking.interfaces.enp8s0f1.ip4 = [{ + networking.interfaces.enp8s0f1.ipv4.addresses = [{ address = "192.168.126.1"; prefixLength = 24; }]; diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix index caca1fbcb..b6951a273 100644 --- a/makefu/1systems/fileleech/source.nix +++ b/makefu/1systems/fileleech/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name = "fileleech"; torrent = true; } diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix index 88c9f4f08..b81a2bf4a 100644 --- a/makefu/1systems/filepimp/source.nix +++ b/makefu/1systems/filepimp/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="filepimp"; } diff --git a/makefu/1systems/full/source.nix b/makefu/1systems/full/source.nix new file mode 100644 index 000000000..1e36c6e87 --- /dev/null +++ b/makefu/1systems/full/source.nix @@ -0,0 +1,5 @@ +{ + name="gum"; + torrent = true; + clever_kexec = true; +} diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix index e3ca472e4..1e36c6e87 100644 --- a/makefu/1systems/gum/source.nix +++ b/makefu/1systems/gum/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="gum"; torrent = true; clever_kexec = true; diff --git a/makefu/1systems/iso/source.nix b/makefu/1systems/iso/source.nix index e200dbfd2..6bef8ada9 100644 --- a/makefu/1systems/iso/source.nix +++ b/makefu/1systems/iso/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="iso"; } diff --git a/makefu/1systems/kexec/source.nix b/makefu/1systems/kexec/source.nix index e200dbfd2..6bef8ada9 100644 --- a/makefu/1systems/kexec/source.nix +++ b/makefu/1systems/kexec/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="iso"; } diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix index d9600909a..ab0a454c0 100644 --- a/makefu/1systems/latte/source.nix +++ b/makefu/1systems/latte/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name = "latte"; torrent = true; } diff --git a/makefu/1systems/nextgum/source.nix b/makefu/1systems/nextgum/source.nix index 413889c47..6940498f1 100644 --- a/makefu/1systems/nextgum/source.nix +++ b/makefu/1systems/nextgum/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="nextgum"; torrent = true; clever_kexec = true; diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix index da0d87aad..0d42cc9e2 100644 --- a/makefu/1systems/omo/source.nix +++ b/makefu/1systems/omo/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="omo"; torrent = true; } diff --git a/makefu/1systems/pnp/source.nix b/makefu/1systems/pnp/source.nix index 0b630aa3b..02f7d0ab6 100644 --- a/makefu/1systems/pnp/source.nix +++ b/makefu/1systems/pnp/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="pnp"; } diff --git a/makefu/1systems/repunit/source.nix b/makefu/1systems/repunit/source.nix index ff361fb55..20d3cd1cb 100644 --- a/makefu/1systems/repunit/source.nix +++ b/makefu/1systems/repunit/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="repunit"; } diff --git a/makefu/1systems/sdev/source.nix b/makefu/1systems/sdev/source.nix index 833d9bf73..2e085740a 100644 --- a/makefu/1systems/sdev/source.nix +++ b/makefu/1systems/sdev/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="sdev"; } diff --git a/makefu/1systems/shack-autoinstall/source.nix b/makefu/1systems/shack-autoinstall/source.nix new file mode 100644 index 000000000..6bef8ada9 --- /dev/null +++ b/makefu/1systems/shack-autoinstall/source.nix @@ -0,0 +1,3 @@ +{ + name="iso"; +} diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix index ba9d0911e..27d389b85 100644 --- a/makefu/1systems/shoney/config.nix +++ b/makefu/1systems/shoney/config.nix @@ -46,7 +46,7 @@ in { dst = "10.8.10.6"; }; networking = { - interfaces.enp2s1.ip4 = [ + interfaces.enp2s1.ipv4.addresses = [ { address = ip; prefixLength = 24; } # { address = alt-ip; prefixLength = 24; } ]; diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix index 382474f5e..3616716f9 100644 --- a/makefu/1systems/shoney/source.nix +++ b/makefu/1systems/shoney/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="shoney"; } diff --git a/makefu/1systems/studio/source.nix b/makefu/1systems/studio/source.nix index f662653e7..ff88d3557 100644 --- a/makefu/1systems/studio/source.nix +++ b/makefu/1systems/studio/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="studio"; musnix = true; } diff --git a/makefu/1systems/tsp/source.nix b/makefu/1systems/tsp/source.nix index 79f6a435d..9abf503e2 100644 --- a/makefu/1systems/tsp/source.nix +++ b/makefu/1systems/tsp/source.nix @@ -1,3 +1,5 @@ -import <stockholm/makefu/source.nix> { +{ name="tsp"; + full = true; + hw = true; } diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix index 5419215e2..59744faf5 100644 --- a/makefu/1systems/vbob/source.nix +++ b/makefu/1systems/vbob/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="vbob"; # musnix = true; } diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 9d8a91e6d..e1d66a2f9 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -150,7 +150,7 @@ in { # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash networking.wireless.interfaces = [ "wlp2s0" ]; - networking.interfaces.virbr1.ip4 = [{ + networking.interfaces.virbr1.ipv4.addresses = [{ address = "10.8.8.11"; prefixLength = 24; }]; diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix index b768aa87d..c76f73760 100644 --- a/makefu/1systems/wbob/source.nix +++ b/makefu/1systems/wbob/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="wbob"; # musnix = true; } diff --git a/makefu/1systems/wry/config.nix b/makefu/1systems/wry/config.nix index 2db1a9a95..b728703ec 100644 --- a/makefu/1systems/wry/config.nix +++ b/makefu/1systems/wry/config.nix @@ -42,7 +42,7 @@ in { allowedTCPPorts = [ 53 80 443 ]; allowedUDPPorts = [ 655 53 ]; }; - interfaces.enp2s1.ip4 = [{ + interfaces.enp2s1.ipv4.addresses = [{ address = external-ip; prefixLength = 24; }]; diff --git a/makefu/1systems/wry/source.nix b/makefu/1systems/wry/source.nix index fac3877ee..730300590 100644 --- a/makefu/1systems/wry/source.nix +++ b/makefu/1systems/wry/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="wry"; } diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix index ab6429dc1..75af3255b 100644 --- a/makefu/1systems/x/source.nix +++ b/makefu/1systems/x/source.nix @@ -1,9 +1,10 @@ -import <stockholm/makefu/source.nix> { +{ name="x"; full = true; python = true; hw = true; unstable = true; mic92 = true; + clever_kexec = true; # torrent = true; } diff --git a/makefu/2configs/deployment/events-publisher/default.nix b/makefu/2configs/deployment/events-publisher/default.nix index c671b1a0b..a09554e6a 100644 --- a/makefu/2configs/deployment/events-publisher/default.nix +++ b/makefu/2configs/deployment/events-publisher/default.nix @@ -2,8 +2,8 @@ with import <stockholm/lib>; let shack-announce = pkgs.callPackage (builtins.fetchTarball { - url = "https://github.com/makefu/events-publisher/archive/5e7b083c63f25182a02c1fddb3d32cb9534fbc50.tar.gz"; - sha256 = "1zzlhyj8fr6y3a3b6qlyrm474xxxs1ydqjpkd2jva3g1lnzlmvkp"; + url = "https://github.com/makefu/events-publisher/archive/4cef900ba10348050208367af6b2035f5a0ef8b6.tar.gz"; + sha256 = "137vsibr289p3xxlw37xhizi309sygki95919hmj02dxgwmy1k74"; }) {} ; home = "/var/lib/shackannounce"; user = "shackannounce"; diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix new file mode 100644 index 000000000..d14a611b4 --- /dev/null +++ b/makefu/2configs/editor/vim.nix @@ -0,0 +1,33 @@ +{ config, pkgs, ... }: + +let + customPlugins.vim-better-whitespace = pkgs.vimUtils.buildVimPlugin { + name = "vim-better-whitespace"; + src = pkgs.fetchFromGitHub { + owner = "ntpeters"; + repo = "vim-better-whitespace"; + rev = "984c8da518799a6bfb8214e1acdcfd10f5f1eed7"; + sha256 = "10l01a8xaivz6n01x6hzfx7gd0igd0wcf9ril0sllqzbq7yx2bbk"; + }; + }; + +in { + + environment.systemPackages = [ + pkgs.python27Full # required for youcompleteme + (pkgs.vim_configurable.customize { + name = "vim"; + + vimrcConfig.customRC = builtins.readFile ./vimrc; + vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; + vimrcConfig.vam.pluginDictionaries = [ + { names = [ "undotree" + # "YouCompleteMe" + "vim-better-whitespace" ]; } + # vim-nix handles indentation better but does not perform sanity + { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } + ]; + + }) + ]; +} diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc new file mode 100644 index 000000000..8cdab55db --- /dev/null +++ b/makefu/2configs/editor/vimrc @@ -0,0 +1,98 @@ +set nocompatible +syntax on +set list +set listchars=tab:▸\ +"set list listchars=tab:>-,trail:.,extends:> + +filetype off +filetype plugin indent on + +colorscheme darkblue +set background=dark + +set number +set relativenumber +set mouse=a +set ignorecase +set incsearch +set wildignore=*.o,*.obj,*.bak,*.exe,*.os +set textwidth=79 +set shiftwidth=2 +set expandtab +set softtabstop=2 +set shiftround +set smarttab +set tabstop=2 +set et +set autoindent +set backspace=indent,eol,start + + +inoremap <F1> <ESC> +nnoremap <F1> <ESC> +vnoremap <F1> <ESC> + +nnoremap <F5> :UndotreeToggle<CR> +set undodir =~/.vim/undo +set undofile +"maximum number of changes that can be undone +set undolevels=1000000 +"maximum number lines to save for undo on a buffer reload +set undoreload=10000000 + +nnoremap <F2> :set invpaste paste?<CR> +set pastetoggle=<F2> +set showmode + +set showmatch +set matchtime=3 +set hlsearch + +autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red + + +" save on focus lost +au FocusLost * :wa + +autocmd BufRead *.json set filetype=json +au BufNewFile,BufRead *.mustache set syntax=mustache + +cnoremap SudoWrite w !sudo tee > /dev/null % + +" create Backup/tmp/undo dirs +set backupdir=~/.vim/backup +set directory=~/.vim/tmp + +function! InitBackupDir() + let l:parent = $HOME . '/.vim/' + let l:backup = l:parent . 'backup/' + let l:tmpdir = l:parent . 'tmp/' + let l:undodir= l:parent . 'undo/' + + + if !isdirectory(l:parent) + call mkdir(l:parent) + endif + if !isdirectory(l:backup) + call mkdir(l:backup) + endif + if !isdirectory(l:tmpdir) + call mkdir(l:tmpdir) + endif + if !isdirectory(l:undodir) + call mkdir(l:undodir) + endif +endfunction +call InitBackupDir() + +augroup Binary + " edit binaries in xxd-output, xxd is part of vim + au! + au BufReadPre *.bin let &bin=1 + au BufReadPost *.bin if &bin | %!xxd + au BufReadPost *.bin set ft=xxd | endif + au BufWritePre *.bin if &bin | %!xxd -r + au BufWritePre *.bin endif + au BufWritePost *.bin if &bin | %!xxd + au BufWritePost *.bin set nomod | endif +augroup END diff --git a/makefu/2configs/hw/smartcard.nix b/makefu/2configs/hw/smartcard.nix new file mode 100644 index 000000000..1e9bca53b --- /dev/null +++ b/makefu/2configs/hw/smartcard.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: +{ + services.pcscd = { + enable = true; + plugins = with pkgs; [ ifdnfc ccid ]; + + }; + environment.systemPackages = with pkgs; [ + # need to run ifdnfc-activate before usage + ifdnfc + # pcsc_scan + pcsctools + ]; + boot.blacklistedKernelModules = [ + "pn533" "pn533_usb" + "nfc" + ]; +} diff --git a/makefu/2configs/nginx/rompr.nix b/makefu/2configs/nginx/rompr.nix new file mode 100644 index 000000000..8c1fbc53b --- /dev/null +++ b/makefu/2configs/nginx/rompr.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + user = config.services.nginx.user; + group = config.services.nginx.group; + src = pkgs.fetchFromGitHub { + owner = "fatg3erman"; + repo = "RompR"; + rev = "1.21"; + sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q"; + }; + fpm-socket = "/var/run/php5-rompr-fpm.sock"; + mpd-src = "/var/lib/rompr"; + +in { + services.phpfpm = { + # phpfpm does not have an enable option + poolConfigs = { + mpd = '' + user = ${user} + group = ${group} + listen = ${fpm-socket} + listen.owner = ${user} + listen.group = ${group} + pm = dynamic + pm.max_children = 5 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 3 + chdir = / + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; + }; + }; + # TODO: Pre-job + # TODO: prefs.var could be templated (serialized php ...) then we would not + # need to have a state dir at all + system.activationScripts.rompr = '' + mkdir -p ${mpd-src} + cp -r ${src}/. ${mpd-src} + chown -R ${user}:${group} ${mpd-src} + chmod 770 ${mpd-src} + ''; + services.nginx = { + enable = mkDefault true; + virtualHosts = { + "localhost" = { + root = mpd-src; + locations."/".index = "index.php"; + locations."~ \.php$" = { + root = mpd-src; + extraConfig = '' + client_max_body_size 200M; + fastcgi_pass unix:${fpm-socket}; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + fastcgi_index index.php; + try_files $uri =404; + ''; + }; + }; + }; + }; + services.mysql = { + enable = true; + package = pkgs.mariadb; + ensureDatabases = [ "romprdb" ]; + ensureUsers = [ + { ensurePe |