diff options
author | makefu <github@syntax-fehler.de> | 2018-09-17 01:11:57 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2018-09-17 01:13:40 +0200 |
commit | 0823d0cbdc2861defaabc232058d96c8862c0b24 (patch) | |
tree | 6bb8d996de851b0d284c3123e3743d80cf647a89 /makefu | |
parent | 80250950625cceb084ed4251082a01fbd8de2bc1 (diff) |
ma: random cleanup
Diffstat (limited to 'makefu')
-rw-r--r-- | makefu/1systems/sdev/config.nix | 14 | ||||
-rw-r--r-- | makefu/1systems/tsp/config.nix | 47 | ||||
-rw-r--r-- | makefu/2configs/mqtt.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/share/gum-client.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/stats/server.nix | 17 | ||||
-rw-r--r-- | makefu/2configs/tinc/retiolum.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/tools/core.nix | 4 | ||||
-rw-r--r-- | makefu/2configs/tools/extra-gui.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tools/media.nix | 7 | ||||
-rw-r--r-- | makefu/5pkgs/bento4/default.nix | 3 | ||||
-rw-r--r-- | makefu/5pkgs/default.nix | 9 |
11 files changed, 41 insertions, 66 deletions
diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index c2cd23d1e..2f289d500 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -6,13 +6,13 @@ [ # Include the results of the hardware scan. <stockholm/makefu> - # <stockholm/makefu/2configs/hw/vbox-guest.nix> - { # until virtualbox-image is fixed - imports = [ - <stockholm/makefu/2configs/fs/single-partition-ext4.nix> - ]; - boot.loader.grub.device = "/dev/sda"; - } + <stockholm/makefu/2configs/hw/vbox-guest.nix> + #{ # until virtualbox-image is fixed + # imports = [ + # <stockholm/makefu/2configs/fs/single-partition-ext4.nix> + # ]; + # boot.loader.grub.device = lib.mkForce "/dev/sda"; + #} <stockholm/makefu/2configs/main-laptop.nix> # <secrets/extra-hosts.nix> diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 680fa2cbc..2921e2bcf 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -8,57 +8,32 @@ [ # Include the results of the hardware scan. <stockholm/makefu> <stockholm/makefu/2configs/main-laptop.nix> - <stockholm/makefu/2configs/tools/all.nix> - <stockholm/makefu/2configs/fs/sda-crypto-root.nix> + # <stockholm/makefu/2configs/tools/all.nix> + <stockholm/makefu/2configs/fs/single-partition-ext4.nix> # hardware specifics are in here # imports tp-x2x0.nix - # <stockholm/makefu/2configs/hw/tp-x200.nix> + <stockholm/makefu/2configs/hw/tp-x230.nix> + <stockholm/makefu/2configs/hw/bluetooth.nix> + <stockholm/makefu/2configs/hw/network-manager.nix> # <stockholm/makefu/2configs/rad1o.nix> <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/exim-retiolum.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> + + <stockholm/makefu/2configs/sshd-totp.nix> + { + programs.adb.enable = true; + } ]; - # not working in vm krebs.build.host = config.krebs.hosts.tsp; - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; - boot.loader.grub.copyKernels = true; + boot.loader.grub.device = "/dev/sda"; networking.firewall.allowedTCPPorts = [ 25 ]; - # acer aspire - networking.wireless.enable = lib.mkDefault true; - - services.xserver.synaptics.enable = true; - hardware.enableAllFirmware = true; nixpkgs.config.allowUnfree = true; - - hardware.cpu.intel.updateMicrocode = true; - - zramSwap.enable = true; - zramSwap.numDevices = 2; - - services.tlp.enable = true; - services.tlp.extraConfig = '' - # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery - START_CHARGE_THRESH_BAT0=67 - STOP_CHARGE_THRESH_BAT0=100 - - - CPU_SCALING_GOVERNOR_ON_AC=performance - CPU_SCALING_GOVERNOR_ON_BAT=ondemand - CPU_MIN_PERF_ON_AC=0 - CPU_MAX_PERF_ON_AC=100 - CPU_MIN_PERF_ON_BAT=0 - CPU_MAX_PERF_ON_BAT=30 - ''; - - powerManagement.resumeCommands = '' - ${pkgs.rfkill}/bin/rfkill unblock all - ''; - } diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix index 39c9fdfdd..c56521812 100644 --- a/makefu/2configs/mqtt.nix +++ b/makefu/2configs/mqtt.nix @@ -4,6 +4,7 @@ enable = true; host = "0.0.0.0"; users = {}; + # TODO: secure that shit allowAnonymous = true; }; } diff --git a/makefu/2configs/share/gum-client.nix b/makefu/2configs/share/gum-client.nix index be9ab026b..db2adfb1c 100644 --- a/makefu/2configs/share/gum-client.nix +++ b/makefu/2configs/share/gum-client.nix @@ -17,6 +17,7 @@ in { "file_mode=0775" "dir_mode=0775" "uid=9001" + "vers=3" ]; }; diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index 7548c733e..c8e768c99 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -2,11 +2,11 @@ with import <stockholm/lib>; let - irc-server = "rc.r"; + irc-server = "irc.r"; irc-nick = "m-alarm"; collectd-port = 25826; influx-port = 8086; - grafana-port = 3000; # TODO nginx forward + grafana-port = 3000; db = "collectd_db"; logging-interface = config.makefu.server.primary-itf; in { @@ -72,15 +72,16 @@ in { iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT - iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT - iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT - iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + #iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT - ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT - ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT - ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + #ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ''; + state = [ "/var/lib/grafana/data/grafana.db" ]; } diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix index c55b94466..98abb2406 100644 --- a/makefu/2configs/tinc/retiolum.nix +++ b/makefu/2configs/tinc/retiolum.nix @@ -1,7 +1,8 @@ -_: +{ pkgs, ... }: { imports = [ ../binary-cache/lass.nix ]; krebs.tinc.retiolum.enable = true; + environment.systemPackages = [ pkgs.tinc ]; } diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 604288904..33e896d4c 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -3,9 +3,11 @@ # tools i use when actually working with the host. # package version will now be maintained by nix-rebuild # -# essentially `nix-env -q` of the main user { environment.systemPackages = with pkgs; [ + ( pkgs.writeScriptBin "unknow" ''#!/bin/sh +${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts + '') at_spi2_core acpi bc diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 3d26cc574..1c28eeffd 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -6,6 +6,7 @@ gimp inkscape libreoffice + quodlibet # skype synergy tdesktop diff --git a/makefu/2configs/tools/media.nix b/makefu/2configs/tools/media.nix index 35faaa29f..a61b6c88e 100644 --- a/makefu/2configs/tools/media.nix +++ b/makefu/2configs/tools/media.nix @@ -3,11 +3,14 @@ { users.users.makefu.packages = with pkgs; [ kodi - streamripper - youtube-dl calibre vlc mumble mplayer + quodlibet + + plowshare + streamripper + youtube-dl ]; } diff --git a/makefu/5pkgs/bento4/default.nix b/makefu/5pkgs/bento4/default.nix index 07c64a101..6f5f1deba 100644 --- a/makefu/5pkgs/bento4/default.nix +++ b/makefu/5pkgs/bento4/default.nix @@ -1,5 +1,4 @@ { stdenv, fetchFromGitHub -, pkgconfig , cmake }: stdenv.mkDerivation rec { @@ -13,7 +12,7 @@ stdenv.mkDerivation rec { sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf"; }; - nativeBuildInputs = [ cmake pkgconfig ]; + nativeBuildInputs = [ cmake ]; installPhase = '' mkdir -p $out/{lib,bin} find -iname '*.so' -exec mv --target-directory="$out/lib" {} \; diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index d1aec70cb..390aabd73 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -33,15 +33,6 @@ in { inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: { patches = [ ./custom/inkscape/dxf_fix.patch ]; }); - pwqgen-ger = callPackage <stockholm/krebs/5pkgs/simple/passwdqc-utils> { - wordset-file = super.pkgs.fetchurl { - urls = [ - https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c - https://archive.org/download/nixos-stockholm-tarballs/pviar5j1gxiqcf3l34b4n2pil06xc8zf-wordset_4k.c - ]; - sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb"; - }; - }; } // (mapAttrs (_: flip callPackage {}) |