summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--makefu/1systems/fileleech.nix2
-rw-r--r--makefu/1systems/gum.nix5
-rw-r--r--makefu/1systems/omo.nix5
-rw-r--r--makefu/1systems/shoney.nix2
-rw-r--r--makefu/1systems/x.nix3
-rw-r--r--makefu/2configs/base-gui.nix5
-rw-r--r--makefu/2configs/default.nix4
-rw-r--r--makefu/2configs/ipfs.nix5
-rw-r--r--makefu/2configs/syncthing.nix11
-rw-r--r--makefu/2configs/tools/core-gui.nix2
-rw-r--r--makefu/2configs/tools/core.nix1
-rw-r--r--makefu/2configs/tools/extra-gui.nix1
-rw-r--r--makefu/2configs/tools/sec.nix1
-rw-r--r--makefu/2configs/urxvtd.nix21
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg2
15 files changed, 58 insertions, 12 deletions
diff --git a/makefu/1systems/fileleech.nix b/makefu/1systems/fileleech.nix
index 4f92c2b90..3aa5a54f8 100644
--- a/makefu/1systems/fileleech.nix
+++ b/makefu/1systems/fileleech.nix
@@ -32,7 +32,6 @@ in {
../2configs/elchos/log.nix
../2configs/elchos/search.nix
../2configs/elchos/stats.nix
- ../2configs/stats-srv.nix
];
systemd.services.grafana.serviceConfig.LimitNOFILE=10032;
@@ -129,6 +128,7 @@ in {
# createHome = true;
openssh.authorizedKeys.keys = [
config.krebs.users.makefu.pubkey
+ config.krebs.users.lass.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7betFnMWVeBYRhJ+2f0B5WbDdbpteIVg/BlyimXbx79R7lZ7nUq5GyMLrp7B00frUuA0su8oFFN3ODPJDstgBslBIP7kWPR2zW8NOXorrbFo3J2fKvlO77k6/wD5/M11m5nS01/aVJgAgMGLg2W12G7EMf5Wq75YsQJC/S9p8kMca589djMPRuQETu7fWq0t/Gmwq+2ELLL0csRK87LvybA92JYkAIneRnGzIlCguOXq0Vcq6pGQ1J1PfVEP76Do33X29l2hZc/+vR9ExW6s2g7fs5/5LDX9Wnq7+AEsxiEf4IOeL0hCG4/CGGCN23J+6cDrNKOP94AHO1si0O2lxFsxgNU2vdVWPNgSLottiUFBPPNEZFD++sZyutzH6PIz6D90hB2Q52X6WN9ZUtlDfQ91rHd+S2BhR6f4dAqiRDXlI5MNNDdoTT4S5R0wU/UrNwjiV/xiu/hWZYGQK7YgY4grFRblr378r8FqjLvumPDFMDLVa9eJKq1ad1x/GV5tZpsttzWj4nbixaKlZOg+TN2GHboujLx3bANz1Jqfvfto8UOeKTtA8pkb8E1PJPpBMOZcA7oHaqJrp6Vuf/SkmglHnQvGbi60OK3s61nuRmIcBiTXd+4qeAJpq1QyEDj3X/+hV0Gwz8rCo6JGkF1ETW37ZYvqU9rxNXjS+/Pfktw== jules@kvasir-2015-02-13"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINUD+p2yrc9KoTbCiuYhdfLlRu/eNX6BftToSMLs8O9qWQORjgXbDn8M9iUWXCHzdUZ9sm6Rz8TMdEV0jZq/nB01zYnW4NhMrt+NGtrmGqDa+eYrRZ4G7Rx8AYzM/ZSwERKX10txAVugV44xswRxWvFbCedujjXyWsxelf1ngb+Hiy9/CPuWNYEhTZs/YuvNkupCui2BuKuoSivJAkLhGk5YqwwcllCr39YXa/tFJWsgoQNcB9hwpzfhFm6Cc7m5DhmTWSVhQHEWyaas8Lukmd4v+mRY+KZpuhbomCHWzkxqzdBun8SXiiAKlgem9rtBIgeTEfz9OtOfF3/6VfqE7 toerb@mittagspause ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0IP143FAHBHWjEEKGOnM8SSTIgNF1MJxGCMKaJvTHf momo@k2.local"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1ZJSpBb7Cxo+c2r2JJIcbYOTm/sJxOv2NFRoDfjxGS9CCwzRbzrwJcv2d23j35mu97x3+fUvo8DyMFLvLvume2PFCijqhMDzZZvjYXZdvXA+hnh53nqZf+Pjq8Xc3tSWBHQxUokaBmZbd4LlKHh8NgKVrP2zve6OPZMzo/Es93v37KEmT8d/PfVMrQEMPZzFrCVdq2RbpdQ1nhx09zRFW7OJOazgotafjx6IYXbVq2VDnjffXInsE9ZxDzYq1cNKIH0c2BLpTd3mv76iD9i+nD6W6s48+usFQnVLt2TY1uKkfMr7043E6jBxx5kNHBe5Xxr6Zs0SkR8kKOEhMO//4ucviUYKZJn8wk2SLkAyMYVBexx8jrTdlI4xgQ7RLpSIDTCm9dfbZY/YhZDJ21lsWduQqu7DFWMe05gg4NZDjf2kwYQOzATyqISGA7ttSEPT1iymr/ffAOgLBLSqWQAteUbI2U5cnflWZGwm33JF/Pyb4S3k3/f2mIBKiRx2lsGv6mx1w0SaYRtJxDWqGYMHuFiNYbq9r/bZfLqV3Fy9kRODFJTfJh8mcTnC4zabpiQ7fnqbh1qHu0WrrBSgFW0PR2WWCJ0e5Btj1yRgXp0+d5OuxxlVInRs+l2HogdxjonMhAHrTCzJtI8UJTKXKN0FBPRDRcepeExhvNqcOUz4Kvw== me@andreaskist.de"
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index c39997ebf..3186f8887 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -35,10 +35,12 @@ in {
../2configs/nginx/update.connector.one.nix
../2configs/deployment/mycube.connector.one.nix
../2configs/deployment/graphs.nix
+ # ../2configs/ipfs.nix
+ ../2configs/syncthing.nix
# ../2configs/opentracker.nix
../2configs/logging/central-stats-client.nix
- ../2configs/logging/central-logging-client.nix
+ # ../2configs/logging/central-logging-client.nix
];
services.smartd.devices = [ { device = "/dev/sda";} ];
@@ -79,7 +81,6 @@ in {
];
services.bitlbee.enable = true;
systemd.services.bitlbee.environment.BITLBEE_DEBUG="1";
- # systemd.services.bitlbee.serviceConfig.ExecStart = "${pkgs.bitlbee}/bin/bitlbee -Dnv -c
# Hardware
boot.loader.grub.device = "/dev/sda";
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index 99303b604..ff34ee843 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -53,9 +53,10 @@ in {
../2configs/omo-share.nix
../2configs/tinc/retiolum.nix
../2configs/logging/central-stats-server.nix
- ../2configs/logging/central-logging-server.nix
+ # ../2configs/logging/central-logging-server.nix
../2configs/logging/central-stats-client.nix
- ../2configs/logging/central-logging-client.nix
+ ../2configs/syncthing.nix
+ # ../2configs/logging/central-logging-client.nix
# ../2configs/torrent.nix
diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix
index 96aeb2856..9f04e97eb 100644
--- a/makefu/1systems/shoney.nix
+++ b/makefu/1systems/shoney.nix
@@ -31,7 +31,7 @@ in {
anonymous-domain = "localhost.localdomain";
anonymous.extraConfig = "return 403;";
complete = {
- serverAliases = [ "graphs.siem" ];
+ serverAliases = [ "graph.siem" ];
extraConfig = ''
if ( $server_addr = "${ip}" ) {
return 403;
diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix
index 9cedc04a8..51c9543ef 100644
--- a/makefu/1systems/x.nix
+++ b/makefu/1systems/x.nix
@@ -2,6 +2,7 @@
#
#
{ config, pkgs, ... }:
+with import <stockholm/lib>;
{
imports =
@@ -78,7 +79,7 @@
};
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
- environment.systemPackages = [ pkgs.passwdqc-utils pkgs.bintray-upload ];
+ environment.systemPackages = [ pkgs.passwdqc-utils ];
virtualisation.docker.enable = true;
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index ba4c551b3..1a19ab36b 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -16,7 +16,10 @@ let
mainUser = config.krebs.build.user.name;
in
{
- imports = [ ];
+ imports = [
+ ./urxvtd.nix
+ ];
+
services.xserver = {
enable = true;
layout = "us";
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index cd9b4c056..0865c3a31 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -11,7 +11,7 @@ with import <stockholm/lib>;
./vim.nix
./binary-cache/nixos.nix
];
-
+ programs.command-not-found.enable = false;
nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
krebs = {
enable = true;
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
user = config.krebs.users.makefu;
source = let
inherit (config.krebs.build) host user;
- ref = "2982661"; # unstable @ 2017-03-31 + cups-dymo + snapraid-11.1
+ ref = "4fac473"; # unstable @ 2017-03-31 + command-not-found
in {
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{
diff --git a/makefu/2configs/ipfs.nix b/makefu/2configs/ipfs.nix
new file mode 100644
index 000000000..cc07e063d
--- /dev/null
+++ b/makefu/2configs/ipfs.nix
@@ -0,0 +1,5 @@
+{...}:
+{
+ services.ipfs.enable = true;
+ networking.firewall.allowedTCPPorts = [ 4001 ];
+}
diff --git a/makefu/2configs/syncthing.nix b/makefu/2configs/syncthing.nix
new file mode 100644
index 000000000..6b758ea2d
--- /dev/null
+++ b/makefu/2configs/syncthing.nix
@@ -0,0 +1,11 @@
+{...}:
+
+with import <stockholm/lib>; {
+ services.syncthing = {
+ enable = true;
+ openDefaultPorts = true;
+ useInotify = true;
+ group = "download";
+ };
+ users.extraGroups.download.gid = genid "download";
+}
diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix
index 6d62e92c0..0538647ae 100644
--- a/makefu/2configs/tools/core-gui.nix
+++ b/makefu/2configs/tools/core-gui.nix
@@ -12,11 +12,11 @@
firefox
keepassx
pcmanfm
+ evince
skype
mirage
tightvnc
gnome3.dconf
- wireshark
xdotool
xorg.xbacklight
scrot
diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix
index 86d72c662..6ae2951eb 100644
--- a/makefu/2configs/tools/core.nix
+++ b/makefu/2configs/tools/core.nix
@@ -40,6 +40,7 @@
cac-api
cac-panel
krebspaste
+ krebszones
ledger
pass
];
diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix
index 9cfacf408..596734dd5 100644
--- a/makefu/2configs/tools/extra-gui.nix
+++ b/makefu/2configs/tools/extra-gui.nix
@@ -4,6 +4,7 @@
krebs.per-user.makefu.packages = with pkgs;[
inkscape
gimp
+ libreoffice
skype
virtmanager
synergy
diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix
index 5ab699f35..e53d9ee8e 100644
--- a/makefu/2configs/tools/sec.nix
+++ b/makefu/2configs/tools/sec.nix
@@ -11,5 +11,6 @@
nmap
msf
thc-hydra
+ wireshark
];
}
diff --git a/makefu/2configs/urxvtd.nix b/makefu/2configs/urxvtd.nix
new file mode 100644
index 000000000..286b87ab3
--- /dev/null
+++ b/makefu/2configs/urxvtd.nix
@@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+
+let
+ mainUser = config.krebs.build.user.name;
+in {
+ systemd.services.urxvtd = {
+ wantedBy = [ "multi-user.target" ];
+ before = [ "graphical.target" ];
+ reloadIfChanged = true;
+ serviceConfig = {
+ SyslogIdentifier = "urxvtd";
+ ExecReload = "${pkgs.coreutils}/bin/echo NOP";
+ ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd";
+ Restart = "always";
+ RestartSec = "2s";
+ StartLimitBurst = 0;
+ User = mainUser;
+ };
+ };
+ # TODO: sessionCommands from base-gui related to urxvt in this file
+}
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index e43341d25..73ff42e9f 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -90,7 +90,7 @@ client.connect_signal("focus", function(c) c.border_color = beautiful.border_foc
client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end)
-- This is used later as the default terminal and editor to run.
-terminal = "urxvt"
+terminal = "urxvtc"
editor = os.getenv("EDITOR") or "vim"
editor_cmd = terminal .. " -e " .. editor
browser = "firefox"