diff options
Diffstat (limited to 'lass/1systems/ubik')
-rw-r--r-- | lass/1systems/ubik/config.nix | 276 | ||||
-rw-r--r-- | lass/1systems/ubik/physical.nix | 7 |
2 files changed, 0 insertions, 283 deletions
diff --git a/lass/1systems/ubik/config.nix b/lass/1systems/ubik/config.nix deleted file mode 100644 index 3afbf6bd1..000000000 --- a/lass/1systems/ubik/config.nix +++ /dev/null @@ -1,276 +0,0 @@ -with import <stockholm/lib>; -{ config, lib, pkgs, ... }: -{ - imports = [ - <stockholm/lass> - <stockholm/lass/2configs> - <stockholm/lass/2configs/retiolum.nix> - ]; - - krebs.build.host = config.krebs.hosts.ubik; - - krebs.sync-containers3.inContainer = { - enable = true; - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPBFGMjH0+Dco6DVFZbByENMci8CFTLXCL7j53yctPnM"; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "acme@lassul.us"; - }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - # nextcloud - services.nginx.virtualHosts."c.apanowicz.de" = { - enableACME = true; - forceSSL = true; - }; - services.nextcloud = { - enable = true; - enableBrokenCiphersForSSE = false; - hostName = "c.apanowicz.de"; - package = pkgs.nextcloud25; - config.adminpassFile = "/run/nextcloud.pw"; - https = true; - maxUploadSize = "9001M"; - }; - systemd.services.nextcloud-setup.serviceConfig.ExecStartPre = [ - "+${pkgs.writeDash "copy-pw" '' - ${pkgs.rsync}/bin/rsync \ - --chown nextcloud:nextcloud \ - --chmod 0700 \ - /var/src/secrets/nextcloud.pw /run/nextcloud.pw - ''}" - ]; - - # mail - lass.usershadow.enable = true; - services.nginx.virtualHosts."mail.ubikmedia.eu" = { - enableACME = true; - forceSSL = true; - }; - services.roundcube = { - enable = true; - hostName = "mail.ubikmedia.eu"; - extraConfig = '' - $config['smtp_debug'] = true; - $config['smtp_host'] = "localhost:25"; - ''; - }; - services.dovecot2 = { - enable = true; - showPAMFailure = true; - mailLocation = "maildir:~/Mail"; - sslServerCert = "/var/lib/acme/mail.ubikmedia.eu/fullchain.pem"; - sslServerKey = "/var/lib/acme/mail.ubikmedia.eu/key.pem"; - }; - krebs.exim-smarthost = { - ssl_cert = "/var/lib/acme/mail.ubikmedia.eu/fullchain.pem"; - ssl_key = "/var/lib/acme/mail.ubikmedia.eu/key.pem"; - authenticators.PLAIN = '' - driver = plaintext - public_name = PLAIN - server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth2 $auth3}{yes}{no}} - ''; - authenticators.LOGIN = '' - driver = plaintext - public_name = LOGIN - server_prompts = "Username:: : Password::" - server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}} - # server_condition = ''${run{/run/current-system/sw/bin/debug_exim ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}} - ''; - internet-aliases = [ - { from = "dma@ubikmedia.de"; to = "domsen"; } - { from = "dma@ubikmedia.eu"; to = "domsen"; } - { from = "hallo@apanowicz.de"; to = "domsen"; } - { from = "bruno@apanowicz.de"; to = "bruno"; } - { from = "mail@jla-trading.com"; to = "jla-trading"; } - { from = "jms@ubikmedia.eu"; to = "jms"; } - { from = "ms@ubikmedia.eu"; to = "ms"; } - { from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms"; } - { from = "kontakt@alewis.de"; to ="klabusterbeere"; } - { from = "hallo@jarugadesign.de"; to ="kasia"; } - { from = "noreply@beeshmooth.ch"; to ="besmooth@gmx.ch"; } - - { from = "testuser@ubikmedia.eu"; to = "testuser"; } - ]; - sender_domains = [ - "jla-trading.com" - "ubikmedia.eu" - "ubikmedia.de" - "apanowicz.de" - "alewis.de" - "jarugadesign.de" - "beesmooth.ch" - "event-extra.de" - ]; - dkim = [ - { domain = "ubikmedia.eu"; } - { domain = "apanowicz.de"; } - { domain = "beesmooth.ch"; } - ]; - }; - - # users - users.users.UBIK-SFTP = { - uid = pkgs.stockholm.lib.genid_uint31 "UBIK-SFTP"; - home = "/home/UBIK-SFTP"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.xanf = { - uid = pkgs.stockholm.lib.genid_uint31 "xanf"; - group = "xanf"; - home = "/home/xanf"; - useDefaultShell = true; - createHome = false; # creathome forces permissions - isNormalUser = true; - }; - - users.users.domsen = { - uid = pkgs.stockholm.lib.genid_uint31 "domsen"; - description = "maintenance acc for domsen"; - home = "/home/domsen"; - useDefaultShell = true; - extraGroups = [ "syncthing" "download" "xanf" ]; - createHome = true; - isNormalUser = true; - }; - - users.users.bruno = { - uid = pkgs.stockholm.lib.genid_uint31 "bruno"; - home = "/home/bruno"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.jla-trading = { - uid = pkgs.stockholm.lib.genid_uint31 "jla-trading"; - home = "/home/jla-trading"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.jms = { - uid = pkgs.stockholm.lib.genid_uint31 "jms"; - home = "/home/jms"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.ms = { - uid = pkgs.stockholm.lib.genid_uint31 "ms"; - home = "/home/ms"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.testuser = { - uid = pkgs.stockholm.lib.genid_uint31 "testuser"; - home = "/home/testuser"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.bui = { - uid = pkgs.stockholm.lib.genid_uint31 "bui"; - home = "/home/bui"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.klabusterbeere = { - uid = pkgs.stockholm.lib.genid_uint31 "klabusterbeere"; - home = "/home/klabusterbeere"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.kasia = { - uid = pkgs.stockholm.lib.genid_uint31 "kasia"; - home = "/home/kasia"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.XANF_TEAM = { - uid = pkgs.stockholm.lib.genid_uint31 "XANF_TEAM"; - group = "xanf"; - home = "/home/XANF_TEAM"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.dif = { - uid = pkgs.stockholm.lib.genid_uint31 "dif"; - home = "/home/dif"; - useDefaultShell = true; - extraGroups = [ "xanf" ]; - createHome = true; - isNormalUser = true; - }; - - users.users.lavafilms = { - uid = pkgs.stockholm.lib.genid_uint31 "lavafilms"; - home = "/home/lavafilms"; - useDefaultShell = true; - extraGroups = [ "xanf" ]; - createHome = true; - isNormalUser = true; - }; - - users.users.movematchers = { - uid = pkgs.stockholm.lib.genid_uint31 "movematchers"; - home = "/home/movematchers"; - useDefaultShell = true; - extraGroups = [ "xanf" ]; - createHome = true; - isNormalUser = true; - }; - - users.users.blackphoton = { - uid = pkgs.stockholm.lib.genid_uint31 "blackphoton"; - home = "/home/blackphoton"; - useDefaultShell = true; - extraGroups = [ "xanf" ]; - createHome = true; - isNormalUser = true; - }; - - users.users.line = { - uid = pkgs.stockholm.lib.genid_uint31 "line"; - home = "/home/line"; - useDefaultShell = true; - # extraGroups = [ "xanf" ]; - createHome = true; - isNormalUser = true; - }; - - users.users.avada = { - uid = pkgs.stockholm.lib.genid_uint31 "avada"; - home = "/home/avada"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - - users.users.familienrat = { - uid = pkgs.stockholm.lib.genid_uint31 "familienrat"; - home = "/home/familienrat"; - useDefaultShell = true; - createHome = true; - isNormalUser = true; - }; - -} diff --git a/lass/1systems/ubik/physical.nix b/lass/1systems/ubik/physical.nix deleted file mode 100644 index 8577daf34..000000000 --- a/lass/1systems/ubik/physical.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./config.nix - ]; - boot.isContainer = true; - networking.useDHCP = true; -} |