diff options
-rw-r--r-- | makefu/1systems/fileleech.nix | 2 | ||||
-rw-r--r-- | makefu/1systems/gum.nix | 5 | ||||
-rw-r--r-- | makefu/1systems/omo.nix | 5 | ||||
-rw-r--r-- | makefu/1systems/shoney.nix | 2 | ||||
-rw-r--r-- | makefu/1systems/x.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/base-gui.nix | 5 | ||||
-rw-r--r-- | makefu/2configs/default.nix | 4 | ||||
-rw-r--r-- | makefu/2configs/ipfs.nix | 5 | ||||
-rw-r--r-- | makefu/2configs/syncthing.nix | 11 | ||||
-rw-r--r-- | makefu/2configs/tools/core-gui.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/tools/core.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tools/extra-gui.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tools/sec.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/urxvtd.nix | 21 | ||||
-rw-r--r-- | makefu/5pkgs/awesomecfg/full.cfg | 2 |
15 files changed, 58 insertions, 12 deletions
diff --git a/makefu/1systems/fileleech.nix b/makefu/1systems/fileleech.nix index 4f92c2b90..3aa5a54f8 100644 --- a/makefu/1systems/fileleech.nix +++ b/makefu/1systems/fileleech.nix @@ -32,7 +32,6 @@ in { ../2configs/elchos/log.nix ../2configs/elchos/search.nix ../2configs/elchos/stats.nix - ../2configs/stats-srv.nix ]; systemd.services.grafana.serviceConfig.LimitNOFILE=10032; @@ -129,6 +128,7 @@ in { # createHome = true; openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey + config.krebs.users.lass.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7betFnMWVeBYRhJ+2f0B5WbDdbpteIVg/BlyimXbx79R7lZ7nUq5GyMLrp7B00frUuA0su8oFFN3ODPJDstgBslBIP7kWPR2zW8NOXorrbFo3J2fKvlO77k6/wD5/M11m5nS01/aVJgAgMGLg2W12G7EMf5Wq75YsQJC/S9p8kMca589djMPRuQETu7fWq0t/Gmwq+2ELLL0csRK87LvybA92JYkAIneRnGzIlCguOXq0Vcq6pGQ1J1PfVEP76Do33X29l2hZc/+vR9ExW6s2g7fs5/5LDX9Wnq7+AEsxiEf4IOeL0hCG4/CGGCN23J+6cDrNKOP94AHO1si0O2lxFsxgNU2vdVWPNgSLottiUFBPPNEZFD++sZyutzH6PIz6D90hB2Q52X6WN9ZUtlDfQ91rHd+S2BhR6f4dAqiRDXlI5MNNDdoTT4S5R0wU/UrNwjiV/xiu/hWZYGQK7YgY4grFRblr378r8FqjLvumPDFMDLVa9eJKq1ad1x/GV5tZpsttzWj4nbixaKlZOg+TN2GHboujLx3bANz1Jqfvfto8UOeKTtA8pkb8E1PJPpBMOZcA7oHaqJrp6Vuf/SkmglHnQvGbi60OK3s61nuRmIcBiTXd+4qeAJpq1QyEDj3X/+hV0Gwz8rCo6JGkF1ETW37ZYvqU9rxNXjS+/Pfktw== jules@kvasir-2015-02-13" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINUD+p2yrc9KoTbCiuYhdfLlRu/eNX6BftToSMLs8O9qWQORjgXbDn8M9iUWXCHzdUZ9sm6Rz8TMdEV0jZq/nB01zYnW4NhMrt+NGtrmGqDa+eYrRZ4G7Rx8AYzM/ZSwERKX10txAVugV44xswRxWvFbCedujjXyWsxelf1ngb+Hiy9/CPuWNYEhTZs/YuvNkupCui2BuKuoSivJAkLhGk5YqwwcllCr39YXa/tFJWsgoQNcB9hwpzfhFm6Cc7m5DhmTWSVhQHEWyaas8Lukmd4v+mRY+KZpuhbomCHWzkxqzdBun8SXiiAKlgem9rtBIgeTEfz9OtOfF3/6VfqE7 toerb@mittagspause ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0IP143FAHBHWjEEKGOnM8SSTIgNF1MJxGCMKaJvTHf momo@k2.local" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1ZJSpBb7Cxo+c2r2JJIcbYOTm/sJxOv2NFRoDfjxGS9CCwzRbzrwJcv2d23j35mu97x3+fUvo8DyMFLvLvume2PFCijqhMDzZZvjYXZdvXA+hnh53nqZf+Pjq8Xc3tSWBHQxUokaBmZbd4LlKHh8NgKVrP2zve6OPZMzo/Es93v37KEmT8d/PfVMrQEMPZzFrCVdq2RbpdQ1nhx09zRFW7OJOazgotafjx6IYXbVq2VDnjffXInsE9ZxDzYq1cNKIH0c2BLpTd3mv76iD9i+nD6W6s48+usFQnVLt2TY1uKkfMr7043E6jBxx5kNHBe5Xxr6Zs0SkR8kKOEhMO//4ucviUYKZJn8wk2SLkAyMYVBexx8jrTdlI4xgQ7RLpSIDTCm9dfbZY/YhZDJ21lsWduQqu7DFWMe05gg4NZDjf2kwYQOzATyqISGA7ttSEPT1iymr/ffAOgLBLSqWQAteUbI2U5cnflWZGwm33JF/Pyb4S3k3/f2mIBKiRx2lsGv6mx1w0SaYRtJxDWqGYMHuFiNYbq9r/bZfLqV3Fy9kRODFJTfJh8mcTnC4zabpiQ7fnqbh1qHu0WrrBSgFW0PR2WWCJ0e5Btj1yRgXp0+d5OuxxlVInRs+l2HogdxjonMhAHrTCzJtI8UJTKXKN0FBPRDRcepeExhvNqcOUz4Kvw== me@andreaskist.de" diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index c39997ebf..3186f8887 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -35,10 +35,12 @@ in { ../2configs/nginx/update.connector.one.nix ../2configs/deployment/mycube.connector.one.nix ../2configs/deployment/graphs.nix + # ../2configs/ipfs.nix + ../2configs/syncthing.nix # ../2configs/opentracker.nix ../2configs/logging/central-stats-client.nix - ../2configs/logging/central-logging-client.nix + # ../2configs/logging/central-logging-client.nix ]; services.smartd.devices = [ { device = "/dev/sda";} ]; @@ -79,7 +81,6 @@ in { ]; services.bitlbee.enable = true; systemd.services.bitlbee.environment.BITLBEE_DEBUG="1"; - # systemd.services.bitlbee.serviceConfig.ExecStart = "${pkgs.bitlbee}/bin/bitlbee -Dnv -c # Hardware boot.loader.grub.device = "/dev/sda"; diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index 99303b604..ff34ee843 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -53,9 +53,10 @@ in { ../2configs/omo-share.nix ../2configs/tinc/retiolum.nix ../2configs/logging/central-stats-server.nix - ../2configs/logging/central-logging-server.nix + # ../2configs/logging/central-logging-server.nix ../2configs/logging/central-stats-client.nix - ../2configs/logging/central-logging-client.nix + ../2configs/syncthing.nix + # ../2configs/logging/central-logging-client.nix # ../2configs/torrent.nix diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix index 96aeb2856..9f04e97eb 100644 --- a/makefu/1systems/shoney.nix +++ b/makefu/1systems/shoney.nix @@ -31,7 +31,7 @@ in { anonymous-domain = "localhost.localdomain"; anonymous.extraConfig = "return 403;"; complete = { - serverAliases = [ "graphs.siem" ]; + serverAliases = [ "graph.siem" ]; extraConfig = '' if ( $server_addr = "${ip}" ) { return 403; diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index 9cedc04a8..51c9543ef 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -2,6 +2,7 @@ # # { config, pkgs, ... }: +with import <stockholm/lib>; { imports = @@ -78,7 +79,7 @@ }; boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; - environment.systemPackages = [ pkgs.passwdqc-utils pkgs.bintray-upload ]; + environment.systemPackages = [ pkgs.passwdqc-utils ]; virtualisation.docker.enable = true; diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index ba4c551b3..1a19ab36b 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -16,7 +16,10 @@ let mainUser = config.krebs.build.user.name; in { - imports = [ ]; + imports = [ + ./urxvtd.nix + ]; + services.xserver = { enable = true; layout = "us"; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index cd9b4c056..0865c3a31 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -11,7 +11,7 @@ with import <stockholm/lib>; ./vim.nix ./binary-cache/nixos.nix ]; - + programs.command-not-found.enable = false; nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { enable = true; @@ -22,7 +22,7 @@ with import <stockholm/lib>; user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; - ref = "2982661"; # unstable @ 2017-03-31 + cups-dymo + snapraid-11.1 + ref = "4fac473"; # unstable @ 2017-03-31 + command-not-found in { nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then { diff --git a/makefu/2configs/ipfs.nix b/makefu/2configs/ipfs.nix new file mode 100644 index 000000000..cc07e063d --- /dev/null +++ b/makefu/2configs/ipfs.nix @@ -0,0 +1,5 @@ +{...}: +{ + services.ipfs.enable = true; + networking.firewall.allowedTCPPorts = [ 4001 ]; +} diff --git a/makefu/2configs/syncthing.nix b/makefu/2configs/syncthing.nix new file mode 100644 index 000000000..6b758ea2d --- /dev/null +++ b/makefu/2configs/syncthing.nix @@ -0,0 +1,11 @@ +{...}: + +with import <stockholm/lib>; { + services.syncthing = { + enable = true; + openDefaultPorts = true; + useInotify = true; + group = "download"; + }; + users.extraGroups.download.gid = genid "download"; +} diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 6d62e92c0..0538647ae 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -12,11 +12,11 @@ firefox keepassx pcmanfm + evince skype mirage tightvnc gnome3.dconf - wireshark xdotool xorg.xbacklight scrot diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 86d72c662..6ae2951eb 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -40,6 +40,7 @@ cac-api cac-panel krebspaste + krebszones ledger pass ]; diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 9cfacf408..596734dd5 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -4,6 +4,7 @@ krebs.per-user.makefu.packages = with pkgs;[ inkscape gimp + libreoffice skype virtmanager synergy diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix index 5ab699f35..e53d9ee8e 100644 --- a/makefu/2configs/tools/sec.nix +++ b/makefu/2configs/tools/sec.nix @@ -11,5 +11,6 @@ nmap msf thc-hydra + wireshark ]; } diff --git a/makefu/2configs/urxvtd.nix b/makefu/2configs/urxvtd.nix new file mode 100644 index 000000000..286b87ab3 --- /dev/null +++ b/makefu/2configs/urxvtd.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: + +let + mainUser = config.krebs.build.user.name; +in { + systemd.services.urxvtd = { + wantedBy = [ "multi-user.target" ]; + before = [ "graphical.target" ]; + reloadIfChanged = true; + serviceConfig = { + SyslogIdentifier = "urxvtd"; + ExecReload = "${pkgs.coreutils}/bin/echo NOP"; + ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd"; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = mainUser; + }; + }; + # TODO: sessionCommands from base-gui related to urxvt in this file +} diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index e43341d25..73ff42e9f 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -90,7 +90,7 @@ client.connect_signal("focus", function(c) c.border_color = beautiful.border_foc client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end) -- This is used later as the default terminal and editor to run. -terminal = "urxvt" +terminal = "urxvtc" editor = os.getenv("EDITOR") or "vim" editor_cmd = terminal .. " -e " .. editor browser = "firefox" |