diff options
Diffstat (limited to 'lass/1systems')
| -rw-r--r-- | lass/1systems/cloudkrebs.nix | 1 | ||||
| -rw-r--r-- | lass/1systems/echelon.nix | 2 | ||||
| -rw-r--r-- | lass/1systems/helios.nix | 3 | ||||
| -rw-r--r-- | lass/1systems/mors.nix | 50 | ||||
| -rw-r--r-- | lass/1systems/prism.nix | 55 | ||||
| -rw-r--r-- | lass/1systems/shodan.nix | 26 | ||||
| -rw-r--r-- | lass/1systems/uriel.nix | 10 |
7 files changed, 47 insertions, 100 deletions
diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix index a3cc9d7b3..5aa35f5a7 100644 --- a/lass/1systems/cloudkrebs.nix +++ b/lass/1systems/cloudkrebs.nix @@ -13,7 +13,6 @@ in { ../2configs/retiolum.nix ../2configs/git.nix ../2configs/realwallpaper.nix - ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix { networking.interfaces.enp2s1.ip4 = [ diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index 97734a7bd..8d944ed40 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -11,7 +11,7 @@ in { ../2configs/default.nix ../2configs/exim-retiolum.nix ../2configs/retiolum.nix - ../2configs/realwallpaper-server.nix + ../2configs/realwallpaper.nix ../2configs/privoxy-retiolum.nix ../2configs/git.nix #../2configs/redis.nix diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 10b00de47..51d2afe84 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -26,6 +26,9 @@ with builtins; enable = true; }; } + { + lass.power-action.battery = "BAT1"; + } ]; krebs.build.host = config.krebs.hosts.helios; diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 062e4c29d..d065d4dfa 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -3,6 +3,7 @@ { imports = [ ../. + ../2configs/hw/tp-x220.nix ../2configs/baseX.nix ../2configs/exim-retiolum.nix ../2configs/programs.nix @@ -14,14 +15,9 @@ ../2configs/elster.nix ../2configs/steam.nix ../2configs/wine.nix - #../2configs/texlive.nix - ../2configs/binary-caches.nix - #../2configs/ircd.nix ../2configs/chromium-patched.nix ../2configs/git.nix - #../2configs/wordpress.nix ../2configs/bitlbee.nix - #../2configs/firefoxPatched.nix ../2configs/skype.nix ../2configs/teamviewer.nix ../2configs/libvirt.nix @@ -29,7 +25,7 @@ ../2configs/c-base.nix ../2configs/mail.nix ../2configs/krebs-pass.nix - ../2configs/umts.nix + ../2configs/repo-sync.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ @@ -58,16 +54,19 @@ # }; #} { + lass.umts = { + enable = true; + modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_38214921FBBBC7B0-if09"; + initstrings = '' + Init1 = AT+CFUN=1 + Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0 + ''; + }; } ]; krebs.build.host = config.krebs.hosts.mors; - networking.wireless.enable = true; - - hardware.enableAllFirmware = true; - nixpkgs.config.allowUnfree = true; - boot = { loader.grub.enable = true; loader.grub.version = 2; @@ -77,7 +76,6 @@ initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; #kernelModules = [ "kvm-intel" "msr" ]; - kernelModules = [ "msr" ]; }; fileSystems = { "/" = { @@ -168,22 +166,6 @@ echo 'auto' > '/sys/bus/pci/devices/0000:00:1c.4/power/control' ''; - hardware.trackpoint = { - enable = true; - sensitivity = 220; - speed = 0; - emulateWheel = true; - }; - - services.xserver = { - videoDriver = "intel"; - vaapiDrivers = [ pkgs.vaapiIntel ]; - deviceSection = '' - Option "AccelMethod" "sna" - BusID "PCI:0:2:0" - ''; - }; - environment.systemPackages = with pkgs; [ acronym cac-api @@ -214,15 +196,11 @@ }; }; - services.mongodb = { - enable = true; + krebs.repo-sync.timerConfig = { + OnCalendar = "00:37"; }; - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; precedence = 9001; } - ]; - }; + services.mongodb = { + enable = true; }; } diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 9a9bd4730..1eb81cd0a 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -1,5 +1,7 @@ { config, lib, pkgs, ... }: +with config.krebs.lib; + let ip = config.krebs.build.host.nets.internet.ip4.addr; @@ -19,14 +21,27 @@ in { ../2configs/privoxy-retiolum.nix ../2configs/radio.nix ../2configs/buildbot-standalone.nix + ../2configs/repo-sync.nix + ../2configs/binary-cache/server.nix { imports = [ ../2configs/git.nix - ( manageCerts [ "cgit.lassul.us" ]) - ]; - krebs.nginx.servers.cgit.server-names = [ - "cgit.lassul.us" ]; + krebs.nginx.servers.cgit = { + server-names = [ + "cgit.lassul.us" + ]; + locations = [ + (nameValuePair "/.well-known/acme-challenge" '' + root /var/lib/acme/challenges/cgit.lassul.us/; + '') + ]; + ssl = { + enable = true; + certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; + certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem"; + }; + }; } { users.extraGroups = { @@ -66,8 +81,6 @@ in { } { - #boot.loader.gummiboot.enable = true; - #boot.loader.efi.canTouchEfiVariables = true; boot.loader.grub = { devices = [ "/dev/sda" @@ -110,10 +123,6 @@ in { { sound.enable = false; } - #{ - # #workaround for server dying after 6-7h - # boot.kernelPackages = pkgs.linuxPackages_4_2; - #} { nixpkgs.config.allowUnfree = true; } @@ -202,7 +211,7 @@ in { } { imports = [ - ../2configs/realwallpaper-server.nix + ../2configs/realwallpaper.nix ]; krebs.nginx.servers."lassul.us".locations = [ (lib.nameValuePair "/wallpaper.png" '' @@ -210,30 +219,6 @@ in { '') ]; } - { - services.nix-serve = { - enable = true; - secretKeyFile = config.krebs.secret.files.nix-serve-key.path; - }; - systemd.services.nix-serve = { - requires = ["secret.service"]; - after = ["secret.service"]; - }; - krebs.secret.files.nix-serve-key = { - path = "/run/secret/nix-serve.key"; - owner.name = "nix-serve"; - source-path = toString <secrets> + "/nix-serve.key"; - }; - krebs.nginx = { - enable = true; - servers.nix-serve = { - server-names = [ "cache.prism.r" ]; - locations = lib.singleton (lib.nameValuePair "/" '' - proxy_pass http://localhost:${toString config.services.nix-serve.port}; - ''); - }; - }; - } ]; krebs.build.host = config.krebs.hosts.prism; diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 073d86790..96d64bda3 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -4,6 +4,7 @@ with builtins; { imports = [ ../. + ../2configs/hw/tp-x220.nix ../2configs/baseX.nix ../2configs/git.nix ../2configs/exim-retiolum.nix @@ -20,34 +21,10 @@ with builtins; # }; # }; #} - { - #x220 config from mors - #TODO: make x220 config file (or look in other user dir) - hardware.trackpoint = { - enable = true; - sensitivity = 220; - speed = 0; - emulateWheel = true; - }; - - services.xserver = { - videoDriver = "intel"; - vaapiDrivers = [ pkgs.vaapiIntel ]; - deviceSection = '' - Option "AccelMethod" "sna" - BusID "PCI:0:2:0" - ''; - }; - } ]; krebs.build.host = config.krebs.hosts.shodan; - networking.wireless.enable = true; - - hardware.enableAllFirmware = true; - nixpkgs.config.allowUnfree = true; - boot = { loader.grub.enable = true; loader.grub.version = 2; @@ -57,7 +34,6 @@ with builtins; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; #kernelModules = [ "kvm-intel" "msr" ]; - kernelModules = [ "msr" ]; }; fileSystems = { "/" = { diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index 92996c181..83553f5ca 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -16,6 +16,12 @@ with builtins; ../2configs/bitlbee.nix ../2configs/weechat.nix ../2configs/skype.nix + { + lass.umts = { + enable = true; + modem = "/dev/serial/by-id/usb-HUAWEI_Technologies_HUAWEI_Mobile-if00-port0"; + }; + } ]; krebs.build.host = config.krebs.hosts.uriel; @@ -33,8 +39,8 @@ with builtins; #loader.grub.version = 2; #loader.grub.device = "/dev/sda"; - loader.gummiboot.enable = true; - loader.gummiboot.timeout = 5; + loader.systemd-boot.enable = true; + loader.timeout = 5; initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; |