diff options
| -rw-r--r-- | lass/1systems/helios.nix | 19 | ||||
| -rw-r--r-- | lass/1systems/mors.nix | 39 | ||||
| -rw-r--r-- | lass/2configs/browsers.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/xserver/default.nix | 6 |
5 files changed, 54 insertions, 14 deletions
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 88fb6aac7..0103b6ec0 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -8,6 +8,7 @@ with builtins; ../2configs/browsers.nix ../2configs/programs.nix ../2configs/git.nix + ../2configs/pass.nix #{ # users.extraUsers = { # root = { @@ -17,6 +18,15 @@ with builtins; # }; # }; #} + { + krebs.iptables = { + tables = { + filter.INPUT.rules = [ + { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; precedence = 9001; } + ]; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.helios; @@ -53,15 +63,6 @@ with builtins; # SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:b8:c8:2e", NAME="et0" #''; - services.xserver = { - videoDriver = "intel"; - vaapiDrivers = [ pkgs.vaapiIntel ]; - deviceSection = '' - Option "AccelMethod" "sna" - BusID "PCI:0:2:0" - ''; - }; - services.xserver.synaptics = { enable = true; twoFingerScroll = true; diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index f6ac1b4e6..e3bb4e487 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -97,6 +97,45 @@ # { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } # ]; #} + { + containers.pythonenv = { + config = { + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + config.krebs.users.lass.pubkey + ]; + + environment = { + systemPackages = with pkgs; [ + git + libxml2 + libxslt + libzip + python27Full + python27Packages.buildout + stdenv + zlib + ]; + + pathsToLink = [ "/include" ]; + + shellInit = '' + # help pip to find libz.so when building lxml + export LIBRARY_PATH=/var/run/current-system/sw/lib + # ditto for header files, e.g. sqlite + export C_INCLUDE_PATH=/var/run/current-system/sw/include + ''; + }; + + }; + }; + } + { + services.postgresql = { + enable = true; + authentication = "local all all ident"; + }; + } ]; krebs.build.host = config.krebs.hosts.mors; diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 61016fed0..eb764068b 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -58,7 +58,7 @@ in { ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] ) ( createChromiumUser "fb" [ ] [ pkgs.chromium ] ) ( createChromiumUser "gm" [ ] [ pkgs.chromium ] ) - ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) + ( createChromiumUser "flash" [ "audio" ] [ pkgs.flash ] ) ]; nixpkgs.config.packageOverrides = pkgs : { diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 76b897d1f..0aab298c7 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -42,6 +42,8 @@ let brain = { collaborators = with config.krebs.users; [ tv makefu ]; }; + extraction_webinterface = {}; + politics-fetching = {}; } // import <secrets/repos.nix> { inherit config lib pkgs; } ); diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix index 82cfd57bb..203ed0b09 100644 --- a/lass/2configs/xserver/default.nix +++ b/lass/2configs/xserver/default.nix @@ -93,11 +93,9 @@ let xmonad-start = pkgs.writeScriptBin "xmonad" '' #! ${pkgs.bash}/bin/bash set -efu - export PATH; PATH=${makeSearchPath "bin" [ - pkgs.alsaUtils - pkgs.pulseaudioLight + export PATH; PATH=${makeSearchPath "bin" ([ pkgs.rxvt_unicode - ]}:/var/setuid-wrappers + ] ++ config.environment.systemPackages)}:/var/setuid-wrappers settle() {( # Use PATH for a clean journal command=''${1##*/} |