summaryrefslogtreecommitdiffstats
path: root/lass/1systems
diff options
context:
space:
mode:
Diffstat (limited to 'lass/1systems')
-rw-r--r--lass/1systems/cloudkrebs.nix4
-rw-r--r--lass/1systems/dishfire.nix5
-rw-r--r--lass/1systems/echelon.nix3
-rw-r--r--lass/1systems/mors.nix109
-rw-r--r--lass/1systems/prism.nix21
-rw-r--r--lass/1systems/uriel.nix5
6 files changed, 29 insertions, 118 deletions
diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix
index 98f509050..636d6a855 100644
--- a/lass/1systems/cloudkrebs.nix
+++ b/lass/1systems/cloudkrebs.nix
@@ -2,16 +2,14 @@
let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
- inherit (lib) head;
- ip = (head config.krebs.build.host.nets.internet.addrs4);
+ ip = config.krebs.build.host.nets.internet.ip4.addr;
in {
imports = [
../.
../2configs/os-templates/CAC-CentOS-7-64bit.nix
../2configs/base.nix
../2configs/retiolum.nix
- ../2configs/fastpoke-pages.nix
../2configs/git.nix
../2configs/realwallpaper.nix
{
diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix
index c7d016cd3..7043809a5 100644
--- a/lass/1systems/dishfire.nix
+++ b/lass/1systems/dishfire.nix
@@ -26,6 +26,11 @@
fsType = "ext4";
};
+ fileSystems."/srv/http" = {
+ device = "/dev/pool/srv_http";
+ fsType = "ext4";
+ };
+
fileSystems."/boot" = {
device = "/dev/vda1";
fsType = "ext4";
diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix
index 2ff6dba70..80611ee80 100644
--- a/lass/1systems/echelon.nix
+++ b/lass/1systems/echelon.nix
@@ -2,9 +2,8 @@
let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
- inherit (lib) head;
- ip = (head config.krebs.build.host.nets.internet.addrs4);
+ ip = config.krebs.build.host.nets.internet.ip4.addr;
in {
imports = [
../.
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 1f7a13c56..0d8db212a 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -34,104 +34,6 @@
];
}
{
- #static-nginx-test
- imports = [
- ../3modules/static_nginx.nix
- ];
- lass.staticPage."testserver.de" = {
- #sslEnable = true;
- #certificate = "${toString <secrets>}/testserver.de/server.cert";
- #certificate_key = "${toString <secrets>}/testserver.de/server.pem";
- ssl = {
- enable = true;
- certificate = "${toString <secrets>}/testserver.de/server.cert";
- certificate_key = "${toString <secrets>}/testserver.de/server.pem";
- };
- };
- networking.extraHosts = ''
- 10.243.0.2 testserver.de
- '';
- }
- #{
- # #wordpress-test
- # #imports = singleton (sitesGenerators.createWordpress "testserver.de");
- # imports = [
- # ../3modules/wordpress_nginx.nix
- # ];
- # lass.wordpress."testserver.de" = {
- # multiSite = {
- # "1" = "testserver.de";
- # "2" = "bla.testserver.de";
- # };
- # };
-
- # services.mysql = {
- # enable = true;
- # package = pkgs.mariadb;
- # rootPassword = "<secrets>/mysql_rootPassword";
- # };
- # networking.extraHosts = ''
- # 10.243.0.2 testserver.de
- # '';
- # krebs.iptables.tables.filter.INPUT.rules = [
- # { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; }
- # ];
- #}
- #{
- # #owncloud-test
- # #imports = singleton (sitesGenerators.createWordpress "testserver.de");
- # imports = [
- # ../3modules/owncloud_nginx.nix
- # ];
- # lass.owncloud."owncloud-test.de" = {
- # };
-
- # #services.mysql = {
- # # enable = true;
- # # package = pkgs.mariadb;
- # # rootPassword = "<secrets>/mysql_rootPassword";
- # #};
- # networking.extraHosts = ''
- # 10.243.0.2 owncloud-test.de
- # '';
- # krebs.iptables.tables.filter.INPUT.rules = [
- # { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; }
- # ];
- #}
- {
- containers.pythonenv = {
- config = {
- services.openssh.enable = true;
- users.users.root.openssh.authorizedKeys.keys = [
- config.krebs.users.lass.pubkey
- ];
-
- environment = {
- systemPackages = with pkgs; [
- git
- libxml2
- libxslt
- libzip
- python27Full
- python27Packages.buildout
- stdenv
- zlib
- ];
-
- pathsToLink = [ "/include" ];
-
- shellInit = ''
- # help pip to find libz.so when building lxml
- export LIBRARY_PATH=/var/run/current-system/sw/lib
- # ditto for header files, e.g. sqlite
- export C_INCLUDE_PATH=/var/run/current-system/sw/include
- '';
- };
-
- };
- };
- }
- {
services.mysql = {
enable = true;
package = pkgs.mariadb;
@@ -158,15 +60,6 @@
networking.wireless.enable = true;
- networking.extraHosts = ''
- 213.239.205.240 wohnprojekt-rhh.de
- 213.239.205.240 karlaskop.de
- 213.239.205.240 makeup.apanowicz.de
- 213.239.205.240 pixelpocket.de
- 213.239.205.240 reich-gebaeudereinigung.de
- 213.239.205.240 o.ubikmedia.de
- '';
-
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
@@ -206,7 +99,7 @@
fsType = "ext4";
};
- "/mnt/backups" = {
+ "/bku" = {
device = "/dev/big/backups";
fsType = "ext4";
};
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 4d40c8d59..09a802b53 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,9 +1,7 @@
{ config, lib, pkgs, ... }:
let
- inherit (lib) head;
-
- ip = (head config.krebs.build.host.nets.internet.addrs4);
+ ip = config.krebs.build.host.nets.internet.ip4.addr;
in {
imports = [
../.
@@ -79,6 +77,18 @@ in {
device = "/dev/pool/download";
};
+ fileSystems."/srv/http" = {
+ device = "/dev/pool/http";
+ };
+
+ fileSystems."/srv/o.ubikmedia.de-data" = {
+ device = "/dev/pool/owncloud-ubik-data";
+ };
+
+ fileSystems."/bku" = {
+ device = "/dev/pool/bku";
+ };
+
}
{
sound.enable = false;
@@ -119,7 +129,7 @@ in {
}
{
users.users.chat.openssh.authorizedKeys.keys = [
- "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFhFJUMTfPbv3SzqlT9S67Av/m/ctLfTd3mMhD4O9hZc+t+dZmaHWj3v1KujzMBiDp3Yfo2YdVVZLTwTluHD8yNoQH418Vm01nrYHwOsc5J0br3mb0URZSstPiz6/6Fc+PNCDfQ2skUAWUidWiH+JolROFQ4y2lfpLOw+wsK2jj+Gqx6w== JuiceSSH"
+ "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBBQjn/3n283RZkBs2CFqbpukyQ3zkLIjewRpKttPa5d4PUiT7/vOlutWH5EP4BxXQSoeZStx8D2alGjxfK+nfDvRJGGofpm23cN4j4i24Fcam1y1H7wqRXO1qbz5AB3qPg== JuiceSSH"
config.krebs.users.lass-uriel.pubkey
];
}
@@ -132,7 +142,8 @@ in {
../2configs/websites/domsen.nix
];
krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
+ { predicate = "-p tcp --dport http"; target = "ACCEPT"; }
+ { predicate = "-p tcp --dport https"; target = "ACCEPT"; }
];
}
{
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 4e4eca21f..8bb2348e6 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -47,6 +47,11 @@ with builtins;
fsType = "ext4";
};
+ "/bku" = {
+ device = "/dev/pool/bku";
+ fsType = "ext4";
+ };
+
"/boot" = {
device = "/dev/sda1";
};