diff options
| -rw-r--r-- | krebs/3modules/bepasty-server.nix | 8 | ||||
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 22 | ||||
| -rw-r--r-- | makefu/1systems/pornocauster.nix | 4 | ||||
| -rw-r--r-- | makefu/1systems/wry.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/default.nix | 9 | ||||
| -rw-r--r-- | makefu/2configs/deployment/mycube.connector.one.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/iodined.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/laptop-utils.nix | 17 | ||||
| -rw-r--r-- | makefu/2configs/mail-client.nix | 6 | ||||
| -rw-r--r-- | makefu/5pkgs/mycube-flask/default.nix | 2 |
10 files changed, 42 insertions, 36 deletions
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 9e777a5ef..cbf87b2a7 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -96,9 +96,13 @@ let wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; restartIfChanged = true; - environment = { + environment = let + penv = python.buildEnv.override { + extraLibs = [ bepasty gevent ]; + }; + in { BEPASTY_CONFIG = "${server.workDir}/bepasty-${name}.conf"; - PYTHONPATH= "${bepasty}/lib/${python.libPrefix}/site-packages:${gevent}/lib/${python.libPrefix}/site-packages"; + PYTHONPATH= "${penv}/${python.sitePackages}/"; }; serviceConfig = { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index ccf21c868..24f0cdd84 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -221,17 +221,17 @@ with config.krebs.lib; ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAvmCBVNKT/Su4v9nl/Nm3STPo5QxWPg7xEkzIs3Oh39BS8+r6/7UQ - rebib7mczb+ebZd+Rg2yFoGrWO8cmM0VcLy5bYRMK7in8XroLEjWecNNM4TRfNR4 - e53+LhcPdkxo0A3/D+yiut+A2Mkqe+4VXDm/JhAiAYkZTn7jUtj00Atrc7CWW1gN - sP3jIgv4+CGftdSYOB4dm699B7OD9XDLci2kOaFqFl4cjDYUok03G0AduUlRx10v - CKbKOTIdm8C36A902/3ms+Hyzkruu+VagGIZuPSwqXHJPCu7Ju+jarKQstMmpQi0 - PubweWDL0o/Dfz2qT3DuL4xDecIvGE6kv3m41hHJYiK+2/azTSehyPFbsVbL7w0V - LgKN3usnZNcpTsBWxRGT7nMFSnX2FLDu7d9OfCuaXYxHVFLZaNrpccOq8NF/7Hbk - DDW81W7CvLyJDlp0WLnAawSOGTUTPoYv/2wAapJ89i8QGCueGvEc6o2EcnBVMFEW - ejWTQzyD816f4RsplnrRqLVlIMbr9Q/n5TvlgjjhX7IMEfMy4+7qLGRQkNbFzgwK - jxNG2fFSCjOEQitm0gAtx7QRIyvYr6c7/xiHz4AwxYzBmvQsL/OK57NO4+Krwgj5 - Vk8TQ2jGO7J4bB38zaxK+Lrtfl8i1AK1171JqFMhOc34JSJ7T4LWDMECAwEAAQ== + MIICCgKCAgEAs9bq++H4HF8EpZMfWGfoIsh/C+YNO2pg74UPBsP/tFFe71yzWwUn + U9LW0n3bBqCMQ/oDthbSMwCkS9JzcUi22QJEdjbQs/aay9gZR115b+UxWPocw0Ms + ZoREKo3Oe0hETk7Ing8NdBDI0kCBh9QnvqQ3iKd0rBae3DYvcWlDsY93GLGMddgA + 7E9oa3EHVYH/MPZaeJtTknaJduanBSbiEb/xQOqxTadHoQASKU6DQD1czMH3hLG2 + 8Wn4MBj9fgKBAoIy092tIzPtE2QwAHO73yz4mSW/3r190hREgVbjuEPiw4w5mEyQ + j+NeN3f3heFKx+GCgdWH9xPw6m6qPdqUiGUPq91KXMOhNa8lLcTp95mHdCMesZCF + TFj7hf6y+SVt17Vo+YUL7UqnMtAm3eZZmwyDu0DfKFrdgz6MtDD+5dQp9g8VHpqw + RfbaB1Srlr24EUYYoOBEF9CcIacFbsr+MKh+hQk5R0uEMSeAWARzxvvr69iMgdEC + zDiu0rrRLN+CrfgkDir7pkRKxeA1lz8KpySyIZRziNg6mSHjKjih4++Bbu4N2ack + 86h84qBrA8lq2xsub4+HgKZGH2l5Y8tvlr+rx0mQKEJkT6XDKCXZFPfl2N0QrWGT + Dv7l2vn0QMj9E6+BdRhYaO/m3+cIZ9faM851nRj/gq2OOtzW3ekrne0CAwEAAQ== -----END RSA PUBLIC KEY----- ''; }; diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index b2cf0be79..9415f2345 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -8,6 +8,7 @@ [ # Include the results of the hardware scan. ../. ../2configs/main-laptop.nix #< base-gui + zsh + ../2configs/laptop-utils.nix # Krebs ../2configs/tinc-basic-retiolum.nix @@ -39,6 +40,9 @@ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + # steam + hardware.opengl.driSupport32Bit = true; + hardware.pulseaudio.support32Bit = true; # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 747321968..462ec4faf 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -11,7 +11,6 @@ in { # TODO: copy this config or move to krebs ../../tv/2configs/hw/CAC.nix ../../tv/2configs/fs/CAC-CentOS-7-64bit.nix - ../2configs/unstable-sources.nix ../2configs/headless.nix ../2configs/tinc-basic-retiolum.nix @@ -28,7 +27,8 @@ in { # collectd ../2configs/collectd/collectd-base.nix ]; - + services.nixosManual.enable = false; + programs.man.enable = false; krebs.build.host = config.krebs.hosts.wry; krebs.Reaktor = { diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 3043a1af3..313ccbec7 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -4,13 +4,6 @@ with config.krebs.lib; { system.stateVersion = "15.09"; - system.replaceRuntimeDependencies = with pkgs.lib; - [{original = pkgs.glibc; replacement = pkgs.stdenv.lib.overrideDerivation pkgs.glibc (oldAttr: { patches = oldAttr.patches ++ - [(pkgs.fetchurl { url = "https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/cve-2015-7547.patch"; - sha256 = "0awpc4rp2x27rjpj83ps0rclmn73hsgfv2xxk18k82w4hdxqpp5r";})]; - });} - ]; - imports = [ { users.extraUsers = @@ -29,7 +22,7 @@ with config.krebs.lib; source = mapAttrs (_: mkDefault) { nixpkgs = { url = https://github.com/nixos/nixpkgs; - rev = "77f8f35d57618c1ba456d968524f2fb2c3448295"; # unstable @ 2015-01-27, tested on wry + rev = "40c586b7ce2c559374df435f46d673baf711c543"; # unstable @ 2016-02-27, tested on wry }; secrets = "/home/makefu/secrets/${config.krebs.build.host.name}/"; stockholm = "/home/makefu/stockholm"; diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix index 38fc4a243..125b3dfff 100644 --- a/makefu/2configs/deployment/mycube.connector.one.nix +++ b/makefu/2configs/deployment/mycube.connector.one.nix @@ -16,7 +16,7 @@ in { vassals = { mycube-flask = { type = "normal"; - python2Packages = self: with self; [ pkgs.mycube-flask flask redis werkzeug jinja2 markupsafe itsdangerous ]; + pythonPackages = self: with self; [ pkgs.mycube-flask ]; socket = wsgi-sock; }; }; diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix index db8a1bfed..2e69d167c 100644 --- a/makefu/2configs/iodined.nix +++ b/makefu/2configs/iodined.nix @@ -1,4 +1,4 @@ -{ services,builtins,environment,pkgs, ... }: +{ pkgs, config, ... }: let # TODO: make this a parameter @@ -10,7 +10,7 @@ in { enable = true; domain = domain; ip = "172.16.10.1/24"; - extraConfig = "-P ${pw}"; + extraConfig = "-P ${pw} -l ${pkgs.lib.head config.krebs.build.host.nets.internet.addrs4}"; }; } diff --git a/makefu/2configs/laptop-utils.nix b/makefu/2configs/laptop-utils.nix index b5ba2ec3b..815ff7489 100644 --- a/makefu/2configs/laptop-utils.nix +++ b/makefu/2configs/laptop-utils.nix @@ -6,7 +6,11 @@ # essentially `nix-env -q` of the main user # TODO: split gui and non-gui { - environment.systemPackages = with pkgs; [ + nixpkgs.config.firefox = { + enableAdobeFlash = true; + }; + + krebs.per-user.makefu.packages = with pkgs; [ # core at_spi2_core acpi @@ -27,11 +31,14 @@ # gui + chromium clipit feh + firefox keepassx pcmanfm skype + mirage tightvnc gnome3.dconf vlc @@ -39,10 +46,6 @@ wireshark xdotool - # browser - firefox - chromium - # sectools aria2 binwalk @@ -53,10 +56,10 @@ # stuff - cac-cli + cac-api cac-panel krebspaste ledger - password-store + pass ]; } diff --git a/makefu/2configs/mail-client.nix b/makefu/2configs/mail-client.nix index 036924071..793daa6f8 100644 --- a/makefu/2configs/mail-client.nix +++ b/makefu/2configs/mail-client.nix @@ -4,11 +4,13 @@ with config.krebs.lib; { environment.systemPackages = with pkgs; [ abook + gnupg + imapfilter msmtp mutt-kz notmuch offlineimap - imapfilter - gnupg + openssl + w3m ]; } diff --git a/makefu/5pkgs/mycube-flask/default.nix b/makefu/5pkgs/mycube-flask/default.nix index d01abbbd4..5bf85a66a 100644 --- a/makefu/5pkgs/mycube-flask/default.nix +++ b/makefu/5pkgs/mycube-flask/default.nix @@ -2,7 +2,7 @@ with pkgs.pythonPackages;buildPythonPackage rec { name = "mycube-flask-${version}"; - version = "0.2.3"; + version = "0.2.3.4"; propagatedBuildInputs = [ flask redis |