diff options
Diffstat (limited to 'lass/1systems')
-rw-r--r-- | lass/1systems/cloudkrebs.nix | 4 | ||||
-rw-r--r-- | lass/1systems/dishfire.nix | 5 | ||||
-rw-r--r-- | lass/1systems/echelon.nix | 3 | ||||
-rw-r--r-- | lass/1systems/mors.nix | 109 | ||||
-rw-r--r-- | lass/1systems/prism.nix | 21 | ||||
-rw-r--r-- | lass/1systems/uriel.nix | 5 |
6 files changed, 29 insertions, 118 deletions
diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix index 98f509050..636d6a855 100644 --- a/lass/1systems/cloudkrebs.nix +++ b/lass/1systems/cloudkrebs.nix @@ -2,16 +2,14 @@ let inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - ip = (head config.krebs.build.host.nets.internet.addrs4); + ip = config.krebs.build.host.nets.internet.ip4.addr; in { imports = [ ../. ../2configs/os-templates/CAC-CentOS-7-64bit.nix ../2configs/base.nix ../2configs/retiolum.nix - ../2configs/fastpoke-pages.nix ../2configs/git.nix ../2configs/realwallpaper.nix { diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix index c7d016cd3..7043809a5 100644 --- a/lass/1systems/dishfire.nix +++ b/lass/1systems/dishfire.nix @@ -26,6 +26,11 @@ fsType = "ext4"; }; + fileSystems."/srv/http" = { + device = "/dev/pool/srv_http"; + fsType = "ext4"; + }; + fileSystems."/boot" = { device = "/dev/vda1"; fsType = "ext4"; diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index 2ff6dba70..80611ee80 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -2,9 +2,8 @@ let inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; - inherit (lib) head; - ip = (head config.krebs.build.host.nets.internet.addrs4); + ip = config.krebs.build.host.nets.internet.ip4.addr; in { imports = [ ../. diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 1f7a13c56..0d8db212a 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -34,104 +34,6 @@ ]; } { - #static-nginx-test - imports = [ - ../3modules/static_nginx.nix - ]; - lass.staticPage."testserver.de" = { - #sslEnable = true; - #certificate = "${toString <secrets>}/testserver.de/server.cert"; - #certificate_key = "${toString <secrets>}/testserver.de/server.pem"; - ssl = { - enable = true; - certificate = "${toString <secrets>}/testserver.de/server.cert"; - certificate_key = "${toString <secrets>}/testserver.de/server.pem"; - }; - }; - networking.extraHosts = '' - 10.243.0.2 testserver.de - ''; - } - #{ - # #wordpress-test - # #imports = singleton (sitesGenerators.createWordpress "testserver.de"); - # imports = [ - # ../3modules/wordpress_nginx.nix - # ]; - # lass.wordpress."testserver.de" = { - # multiSite = { - # "1" = "testserver.de"; - # "2" = "bla.testserver.de"; - # }; - # }; - - # services.mysql = { - # enable = true; - # package = pkgs.mariadb; - # rootPassword = "<secrets>/mysql_rootPassword"; - # }; - # networking.extraHosts = '' - # 10.243.0.2 testserver.de - # ''; - # krebs.iptables.tables.filter.INPUT.rules = [ - # { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } - # ]; - #} - #{ - # #owncloud-test - # #imports = singleton (sitesGenerators.createWordpress "testserver.de"); - # imports = [ - # ../3modules/owncloud_nginx.nix - # ]; - # lass.owncloud."owncloud-test.de" = { - # }; - - # #services.mysql = { - # # enable = true; - # # package = pkgs.mariadb; - # # rootPassword = "<secrets>/mysql_rootPassword"; - # #}; - # networking.extraHosts = '' - # 10.243.0.2 owncloud-test.de - # ''; - # krebs.iptables.tables.filter.INPUT.rules = [ - # { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; } - # ]; - #} - { - containers.pythonenv = { - config = { - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - ]; - - environment = { - systemPackages = with pkgs; [ - git - libxml2 - libxslt - libzip - python27Full - python27Packages.buildout - stdenv - zlib - ]; - - pathsToLink = [ "/include" ]; - - shellInit = '' - # help pip to find libz.so when building lxml - export LIBRARY_PATH=/var/run/current-system/sw/lib - # ditto for header files, e.g. sqlite - export C_INCLUDE_PATH=/var/run/current-system/sw/include - ''; - }; - - }; - }; - } - { services.mysql = { enable = true; package = pkgs.mariadb; @@ -158,15 +60,6 @@ networking.wireless.enable = true; - networking.extraHosts = '' - 213.239.205.240 wohnprojekt-rhh.de - 213.239.205.240 karlaskop.de - 213.239.205.240 makeup.apanowicz.de - 213.239.205.240 pixelpocket.de - 213.239.205.240 reich-gebaeudereinigung.de - 213.239.205.240 o.ubikmedia.de - ''; - hardware.enableAllFirmware = true; nixpkgs.config.allowUnfree = true; @@ -206,7 +99,7 @@ fsType = "ext4"; }; - "/mnt/backups" = { + "/bku" = { device = "/dev/big/backups"; fsType = "ext4"; }; diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 4d40c8d59..09a802b53 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -1,9 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (lib) head; - - ip = (head config.krebs.build.host.nets.internet.addrs4); + ip = config.krebs.build.host.nets.internet.ip4.addr; in { imports = [ ../. @@ -79,6 +77,18 @@ in { device = "/dev/pool/download"; }; + fileSystems."/srv/http" = { + device = "/dev/pool/http"; + }; + + fileSystems."/srv/o.ubikmedia.de-data" = { + device = "/dev/pool/owncloud-ubik-data"; + }; + + fileSystems."/bku" = { + device = "/dev/pool/bku"; + }; + } { sound.enable = false; @@ -119,7 +129,7 @@ in { } { users.users.chat.openssh.authorizedKeys.keys = [ - "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFhFJUMTfPbv3SzqlT9S67Av/m/ctLfTd3mMhD4O9hZc+t+dZmaHWj3v1KujzMBiDp3Yfo2YdVVZLTwTluHD8yNoQH418Vm01nrYHwOsc5J0br3mb0URZSstPiz6/6Fc+PNCDfQ2skUAWUidWiH+JolROFQ4y2lfpLOw+wsK2jj+Gqx6w== JuiceSSH" + "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBBQjn/3n283RZkBs2CFqbpukyQ3zkLIjewRpKttPa5d4PUiT7/vOlutWH5EP4BxXQSoeZStx8D2alGjxfK+nfDvRJGGofpm23cN4j4i24Fcam1y1H7wqRXO1qbz5AB3qPg== JuiceSSH" config.krebs.users.lass-uriel.pubkey ]; } @@ -132,7 +142,8 @@ in { ../2configs/websites/domsen.nix ]; krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } + { predicate = "-p tcp --dport http"; target = "ACCEPT"; } + { predicate = "-p tcp --dport https"; target = "ACCEPT"; } ]; } { diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index 4e4eca21f..8bb2348e6 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -47,6 +47,11 @@ with builtins; fsType = "ext4"; }; + "/bku" = { + device = "/dev/pool/bku"; + fsType = "ext4"; + }; + "/boot" = { device = "/dev/sda1"; }; |