summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/2configs/reaktor-krebs.nix1
-rw-r--r--krebs/3modules/external/default.nix29
-rw-r--r--krebs/nixpkgs.json6
-rw-r--r--lass/1systems/prism/config.nix15
-rw-r--r--lass/1systems/prism/physical.nix14
-rw-r--r--lass/1systems/yellow/config.nix92
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/games.nix1
-rw-r--r--lass/2configs/websites/domsen.nix24
-rw-r--r--makefu/1systems/cake/config.nix41
-rw-r--r--makefu/1systems/cake/hardware-config.nix42
-rw-r--r--makefu/1systems/gum/config.nix4
-rw-r--r--makefu/1systems/gum/hardware-config.nix2
-rw-r--r--makefu/1systems/gum/source.nix1
-rw-r--r--makefu/1systems/x/config.nix1
-rw-r--r--makefu/2configs/bureautomation/hass.nix19
-rw-r--r--makefu/2configs/default.nix2
-rw-r--r--makefu/2configs/gui/base.nix1
-rw-r--r--makefu/2configs/home-manager/desktop.nix4
-rw-r--r--makefu/2configs/home-manager/zsh.nix2
-rw-r--r--makefu/2configs/hw/malduino_elite.nix15
-rw-r--r--makefu/2configs/printer.nix3
-rw-r--r--makefu/2configs/tools/android-pentest.nix1
-rw-r--r--makefu/2configs/tools/dev.nix1
-rw-r--r--makefu/5pkgs/baidudl/default.nix23
-rw-r--r--makefu/5pkgs/default.nix10
-rw-r--r--makefu/krops.nix2
-rw-r--r--makefu/nixpkgs.json6
29 files changed, 244 insertions, 120 deletions
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index 862c9b991..67ca23ecd 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -7,6 +7,7 @@ with import <stockholm/lib>;
channels = [
"#krebs"
"#nixos-wiki"
+ "#nixos-de"
];
extraEnviron = {
REAKTOR_HOST = "irc.freenode.org";
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index a7ec0e158..089113ac6 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -84,8 +84,8 @@ in {
nets = rec {
internet = {
# eve.thalheim.io
- ip4.addr = "188.68.39.17";
- ip6.addr = "2a03:4000:13:31e::1";
+ ip4.addr = "95.216.112.61";
+ ip6.addr = "2a01:4f9:2b:1605::1";
aliases = [ "eve.i" ];
};
retiolum = {
@@ -141,6 +141,29 @@ in {
};
};
};
+ idontcare = {
+ owner = config.krebs.users.Mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
+ config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.177";
+ aliases = [ "idontcare.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
+ qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
+ OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
+ lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
+ O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
+ jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
justraute = {
owner = config.krebs.users.raute; # laptop
nets = {
@@ -393,7 +416,7 @@ in {
pubkey = ssh-for "kmein";
};
Mic92 = {
- mail = "joerg@higgsboson.tk";
+ mail = "joerg@thalheim.io";
pubkey = ssh-for "Mic92";
};
palo = {
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index d3f681a65..614d5bccf 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "0396345b79436f54920f7eb651ab42acf2eb7973",
- "date": "2018-12-30T21:22:33-05:00",
- "sha256": "10wd0wsair6dlilgaviqw2p9spgcf8qg736bzs08jha0f4zfqjs4",
+ "rev": "97e0d53d669cd07f0750a42fd535524b3cdd46d1",
+ "date": "2019-01-15T00:11:44+01:00",
+ "sha256": "111xa7qn9142dar29cil4br2mvn8f1rbiy310lkhwl73126fq8dw",
"fetchSubmodules": false
}
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index df2778bef..23746d210 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -36,10 +36,10 @@ with import <stockholm/lib>;
# TODO write function for proxy_pass (ssl/nonssl)
krebs.iptables.tables.filter.FORWARD.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
+ { v6 = false; precedence = 1000; predicate = "-d 192.168.122.141"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.PREROUTING.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
+ { v6 = false; precedence = 1000; predicate = "-d 95.216.1.130"; target = "DNAT --to-destination 192.168.122.141"; }
];
}
{
@@ -379,6 +379,7 @@ with import <stockholm/lib>;
name = "download";
home = "/var/download";
useDefaultShell = true;
+ uid = genid "download";
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-shodan.pubkey
@@ -420,6 +421,16 @@ with import <stockholm/lib>;
{ predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
];
}
+ {
+ nix.trustedUsers = [ "Mic92" ];
+ users.users.Mic92 = {
+ uid = genid_uint31 "Mic92";
+ isNormalUser = true;
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.Mic92.pubkey
+ ];
+ };
+ }
];
krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index a2b5efb29..9a84e9d63 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -63,9 +63,15 @@
defaultGateway = "95.216.1.129";
# Use google's public DNS server
nameservers = [ "8.8.8.8" ];
- interfaces.eth0 = {
- ipAddress = "95.216.1.150";
- prefixLength = 26;
- };
+ interfaces.eth0.ipv4.addresses = [
+ {
+ address = "95.216.1.150";
+ prefixLength = 26;
+ }
+ {
+ address = "95.216.1.130";
+ prefixLength = 26;
+ }
+ ];
};
}
diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix
index 58fa564a1..9d8bcd7be 100644
--- a/lass/1systems/yellow/config.nix
+++ b/lass/1systems/yellow/config.nix
@@ -88,7 +88,7 @@ with import <stockholm/lib>;
client
dev tun
proto udp
- remote 82.102.16.229 1194
+ remote 89.249.65.83 1194
resolv-retry infinite
remote-random
nobind
@@ -103,13 +103,9 @@ with import <stockholm/lib>;
reneg-sec 0
comp-lzo no
- explicit-exit-notify 3
-
remote-cert-tls server
- #mute 10000
auth-user-pass ${toString <secrets/nordvpn.txt>}
-
verb 3
pull
fast-io
@@ -118,32 +114,33 @@ with import <stockholm/lib>;
<ca>
-----BEGIN CERTIFICATE-----
- MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
- VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
- Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw
- bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y
- ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG
- A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT
- B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2
- cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
- cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG
- UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny
- mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X
- +D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT
- ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI
- 583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA
- VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT
- Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh
- MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ
- MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy
- Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW
- EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG
- SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ
- e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW
- //DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB
- wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB
- KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p
- lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9
+ MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
+ MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
+ MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV
+ BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI
+ hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF
+ kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr
+ XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU
+ eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV
+ skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu
+ MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA
+ 37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR
+ hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s
+ Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy
+ WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6
+ MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST
+ LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG
+ SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g
+ nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/
+ k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S
+ DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/
+ pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo
+ k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp
+ +RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd
+ NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa
+ wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC
+ VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S
+ PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA==
-----END CERTIFICATE-----
</ca>
key-direction 1
@@ -152,23 +149,24 @@ with import <stockholm/lib>;
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
- 49b2f54c6ee58d2d97331681bb577d55
- 054f56d92b743c31e80b684de0388702
- ad3bf51088cd88f3fac7eb0729f2263c
- 51d82a6eb7e2ed4ae6dfa65b1ac764d0
- b9dedf1379c1b29b36396d64cb6fd6b2
- e61f869f9a13001dadc02db171f04c4d
- c46d1132c1f31709e7b54a6eabae3ea8
- fbd2681363c185f4cb1be5aa42a27c31
- 21db7b2187fd11c1acf224a0d5a44466
- b4b5a3cc34ec0227fe40007e8b379654
- f1e8e2b63c6b46ee7ab6f1bd82f57837
- 92c209e8f25bc9ed493cb5c1d891ae72
- 7f54f4693c5b20f136ca23e639fd8ea0
- 865b4e22dd2af43e13e6b075f12427b2
- 08af9ffd09c56baa694165f57fe2697a
- 3377fa34aebcba587c79941d83deaf45
+ e685bdaf659a25a200e2b9e39e51ff03
+ 0fc72cf1ce07232bd8b2be5e6c670143
+ f51e937e670eee09d4f2ea5a6e4e6996
+ 5db852c275351b86fc4ca892d78ae002
+ d6f70d029bd79c4d1c26cf14e9588033
+ cf639f8a74809f29f72b9d58f9b8f5fe
+ fc7938eade40e9fed6cb92184abb2cc1
+ 0eb1a296df243b251df0643d53724cdb
+ 5a92a1d6cb817804c4a9319b57d53be5
+ 80815bcfcb2df55018cc83fc43bc7ff8
+ 2d51f9b88364776ee9d12fc85cc7ea5b
+ 9741c4f598c485316db066d52db4540e
+ 212e1518a9bd4828219e24b20d88f598
+ a196c9de96012090e333519ae18d3509
+ 9427e7b372d348d352dc4c85e18cd4b9
+ 3f8a56ddb2e64eb67adfc9b337157ff4
-----END OpenVPN Static key V1-----
</tls-auth>
+
'';
}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 69e697a1d..d3676a9b9 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -115,6 +115,7 @@ with import <stockholm/lib>;
#network
iptables
iftop
+ tcpdump
#stuff for dl
aria2
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index f487a9910..555295422 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -96,6 +96,7 @@ with import <stockholm/lib>;
{ from = "nordvpn@lassul.us"; to = lass.mail; }
{ from = "csv-direct@lassul.us"; to = lass.mail; }
{ from = "nintendo@lassul.us"; to = lass.mail; }
+ { from = "overleaf@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 62e3f6d52..a3acb82bb 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -74,7 +74,6 @@ in {
createHome = true;
useDefaultShell = true;
packages = with pkgs; [
- ftb
minecraft
steam-run
dolphinEmu
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 223fc73ba..7fb248139 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -155,6 +155,13 @@ in {
ssl_key = "/var/lib/acme/lassul.us/key.pem";
};
+ users.users.UBIK-SFTP = {
+ uid = genid_uint31 "UBIK-SFTP";
+ home = "/home/UBIK-SFTP";
+ useDefaultShell = true;
+ createHome = true;
+ };
+
users.users.xanf = {
uid = genid_uint31 "xanf";
home = "/home/xanf";
@@ -227,5 +234,22 @@ in {
createHome = true;
};
+ services.restic.backups.domsen = {
+ initialize = true;
+ extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr.duckdns.org -p 52222 -i ${toString <secrets> + "/ssh.id_ed25519"} -s sftp'" ];
+ repository = "sftp:efOVcMWSZ@wilhelmstr.duckdns.org:/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES";
+ passwordFile = toString <secrets> + "/domsen_backup_pw";
+ paths = [
+ "/srv/http"
+ "/home/domsen/Mail"
+ "/home/ms/Mail"
+ "/home/klabusterbeere/Mail"
+ "/home/jms/Mail"
+ "/home/bruno/Mail"
+ "/home/akayguen/Mail"
+ "/backups/sql_dumps"
+ ];
+ };
+
}
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 2491352eb..e40042b2d 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -2,6 +2,7 @@
{
imports = [
<stockholm/makefu>
+ ./hardware-config.nix
<stockholm/makefu/2configs/tools/core.nix>
# configure your hw:
# <stockholm/makefu/2configs/save-diskspace.nix>
@@ -11,46 +12,10 @@
tinc.retiolum.enable = true;
build.host = config.krebs.hosts.cake;
};
- boot.loader.grub.enable = false;
- boot.loader.generic-extlinux-compatible.enable = true;
- boot.kernelPackages = pkgs.linuxPackages_latest;
- boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
- programs.info.enable = false;
- programs.man.enable = false;
+ documentation.info.enable = false;
+ documentation.man.enable = false;
services.nixosManual.enable = false;
- boot.tmpOnTmpfs = lib.mkForce false;
sound.enable = false;
- hardware.enableRedistributableFirmware = true;
- hardware.firmware = [
- (pkgs.stdenv.mkDerivation {
- name = "broadcom-rpi3-rest";
- src = pkgs.fetchurl {
- url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
- sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
- };
- phases = [ "installPhase" ];
- installPhase = ''
- mkdir -p $out/lib/firmware/brcm
- cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
- '';
- })
- ];
- networking.wireless.enable = true;
- users.extraUsers.root.openssh.authorizedKeys.keys = [
- config.krebs.users.Mic92.pubkey
- ];
-
-# File systems configuration for using the installer's partition layout
- fileSystems = {
- "/boot" = {
- device = "/dev/disk/by-label/NIXOS_BOOT";
- fsType = "vfat";
- };
- "/" = {
- device = "/dev/disk/by-label/NIXOS_SD";
- fsType = "ext4";
- };
- };
}
diff --git a/makefu/1systems/cake/hardware-config.nix b/makefu/1systems/cake/hardware-config.nix
new file mode 100644
index 000000000..d021f9458
--- /dev/null
+++ b/makefu/1systems/cake/hardware-config.nix
@@ -0,0 +1,42 @@
+{ pkgs, lib, ... }:
+{
+ # raspi3
+ boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ];
+ boot.loader.grub.enable = false;
+ boot.loader.raspberryPi.enable = true;
+ boot.loader.raspberryPi.version = 3;
+ boot.loader.raspberryPi.uboot.enable = true;
+ boot.loader.raspberryPi.uboot.configurationLimit = 3;
+ boot.loader.raspberryPi.firmwareConfig = ''
+ gpu_mem=32
+ arm_freq=1350
+ core_freq=500
+ over_voltage=4
+ disable_splash=1
+ # bye bye warranty
+ force_turbo=1
+ '';
+ boot.loader.generationsDir.enable = lib.mkDefault false;
+
+ boot.tmpOnTmpfs = lib.mkForce false;
+ boot.cleanTmpDir = true;
+ hardware.enableRedistributableFirmware = true;
+
+ ## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747
+ # boot.kernelPackages = pkgs.linuxPackages_latest;
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+ environment.systemPackages = [ pkgs.raspberrypi-tools ];
+ networking.wireless.enable = true;
+ # File systems configuration for using the installer's partition layout
+ swapDevices = [ { device = "/var/swap"; size = 2048; } ];
+ fileSystems = {
+ "/boot" = {
+ device = "/dev/disk/by-label/NIXOS_BOOT";
+ fsType = "vfat";
+ };
+ "/" = {
+ device = "/dev/disk/by-label/NIXOS_SD";
+ fsType = "ext4";
+ };
+ };
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 6024260dc..e274b4bf8 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -22,6 +22,8 @@ in {
};
}
<stockholm/makefu/2configs/support-nixos.nix>
+ <stockholm/makefu/2configs/home-manager>
+ <stockholm/makefu/2configs/home-manager/cli.nix>
# <stockholm/makefu/2configs/stats/client.nix>
<stockholm/makefu/2configs/stats/netdata-server.nix>
@@ -123,7 +125,7 @@ in {
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
# <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
- <stockholm/makefu/2configs/nginx/iso.euer.nix>
+ # <stockholm/makefu/2configs/nginx/iso.euer.nix>
<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/graphs.nix>
diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix
index e9670a5a4..542b79fe7 100644
--- a/makefu/1systems/gum/hardware-config.nix
+++ b/makefu/1systems/gum/hardware-config.nix
@@ -34,7 +34,7 @@ in {
prefixLength = external-netmask6;
}];
};
- defaultGateway6 = external-gw6;
+ defaultGateway6 = { address = external-gw6; interface = ext-if; };
defaultGateway = external-gw;
};
boot.kernelParams = [ ];
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
index 1e36c6e87..43586ede4 100644
--- a/makefu/1systems/gum/source.nix
+++ b/makefu/1systems/gum/source.nix
@@ -2,4 +2,5 @@
name="gum";
torrent = true;
clever_kexec = true;
+ home-manager = true;
}
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 5a4eea2e4..35779507b 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -69,6 +69,7 @@
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
<stockholm/makefu/2configs/hw/mceusb.nix>
+ <stockholm/makefu/2configs/hw/malduino_elite.nix>
# <stockholm/makefu/2configs/hw/tpm.nix>
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/network-manager.nix>
diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix
index a89a4813f..57184bdf7 100644
--- a/makefu/2configs/bureautomation/hass.nix
+++ b/makefu/2configs/bureautomation/hass.nix
@@ -3,19 +3,14 @@ let
tasmota_plug = name: topic:
{ platform = "mqtt";
inherit name;
- state_topic = "/bam/${topic}/stat/POWER1";
- command_topic = "/bam/${topic}/cmnd/POWER1";
+ state_topic = "/bam/${topic}/stat/POWER";
+ command_topic = "/bam/${topic}/cmnd/POWER";
availability_topic = "/bam/${topic}/tele/LWT";
payload_on= "ON";
payload_off= "OFF";
payload_available= "Online";
payload_not_available= "Offline";
};
- tasmota_stecki = name: topic:
- ( tasmota_plug name topic) //
- { state_topic = "/bam/${topic}/stat/POWER";
- command_topic = "/bam/${topic}/cmnd/POWER";
- };
espeasy_dht22 = name: [
{ platform = "mqtt";
name = "${name} DHT22 Temperature";
@@ -77,8 +72,8 @@ in {
switch = [
(tasmota_plug "Bauarbeiterlampe" "plug")
(tasmota_plug "Blitzdings" "plug2")
- (tasmota_stecki "Fernseher" "fernseher")
- (tasmota_plug "Pluggy" "plug4")
+ (tasmota_plug "Fernseher" "plug3")
+ (tasmota_plug "Feuer" "plug4")
];
binary_sensor = [
{ platform = "mqtt";
@@ -179,7 +174,7 @@ in {
"switch.bauarbeiterlampe"
"switch.blitzdings"
"switch.fernseher"
- "switch.pluggy"
+ "switch.feuer"
];
camera = [
"camera.Baumarkt"
@@ -212,7 +207,7 @@ in {
};
action = {
service = "homeassistant.turn_on";
- entity_id = [ "switch.fernseher" "switch.blitzdings" ];
+ entity_id = [ "switch.fernseher" "switch.feuer" ];
};
}
{ alias = "Turn off Fernseher 10 minutes after last movement";
@@ -231,7 +226,7 @@ in {
];
action = {
service = "homeassistant.turn_off";
- entity_id = [ "switch.fernseher" "switch.blitzdings" ];
+ entity_id = [ "switch.fernseher" "switch.feuer" ];
};
condition =
{ condition = "and";
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index cbfb4da1c..177114a49 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -84,5 +84,5 @@ with import <stockholm/lib>;
SystemMaxUse=1G
RuntimeMaxUse=128M
'';
-
+ environment.pathsToLink = [ "/share" ];
}
diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix
index 6bcd09826..63ce6201a 100644
--- a/makefu/2configs/gui/base.nix
+++ b/makefu/2configs/gui/base.nix
@@ -28,6 +28,7 @@ in
windowManager = {
awesome.enable = true;
+ awesome.noArgb = true;
awesome.luaModules = [ pkgs.luaPackages.vicious ];
default = "awesome";
};
diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix
index 40a1c6497..3be020faa 100644
--- a/makefu/2configs/home-manager/desktop.nix
+++ b/makefu/2configs/home-manager/desktop.nix
@@ -1,8 +1,9 @@
{ pkgs, lib, ... }:
{
- users.users.makefu.packages = with pkgs;[ bat direnv ];
+ users.users.makefu.packages = with pkgs;[ bat direnv clipit ];
home-manager.users.makefu = {
+ systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.networkmanagerapplet}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
programs.firefox.enable = true;
programs.obs-studio.enable = true;
@@ -36,6 +37,7 @@
};
Service = {
+ Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.clipit}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
ExecStart = "${pkgs.clipit}/bin/clipit";
Restart = "on-abort";
};
diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix
index dff6d9337..59658e667 100644
--- a/makefu/2configs/home-manager/zsh.nix
+++ b/makefu/2configs/home-manager/zsh.nix
@@ -56,7 +56,7 @@
];
}
EOF
- ${EDITOR:-vim} default.nix
+ ''${EDITOR:-vim} default.nix
fi
}
eval "$(direnv hook zsh)"
diff --git a/makefu/2configs/hw/malduino_elite.nix b/makefu/2configs/hw/malduino_elite.nix
new file mode 100644
index 000000000..1af85493f
--- /dev/null
+++ b/makefu/2configs/hw/malduino_elite.nix
@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+
+{
+
+ services.udev.extraRules = ''
+ ACTION!="add|change", GOTO="mm_usb_device_blacklist_local_end"
+ SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_local_end"
+ ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_local_end"
+
+ ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9204", ENV{ID_MM_DEVICE_IGNORE}="1"
+ ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9203", ENV{ID_MM_DEVICE_IGNORE}="1"
+
+ LABEL="mm_usb_device_blacklist_local_end"
+ '';
+}
diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index fb1a67358..0889ebbc1 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -6,7 +6,8 @@ in {
services.printing = {
enable = true;
drivers = with pkgs; [
- samsungUnifiedLinuxDriver
+ # samsungUnifiedLinuxDriver
+ splix # scx 3200
cups-dymo # dymo labelwriter
foo2zjs # magicolor 1690mf
cups-zj-58
diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix
index 9dedafdd2..05560db90 100644
--- a/makefu/2configs/tools/android-pentest.nix
+++ b/makefu/2configs/tools/android-pentest.nix
@@ -1,6 +1,7 @@
{ pkgs, ... }:
{
+ nixpkgs.config.android_sdk.accept_license = true;
users.users.makefu.packages = with pkgs; [
mitmproxy
nmap
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 09ee63498..f8e3f9f46 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix