summaryrefslogtreecommitdiffstats
path: root/lass/2configs
diff options
context:
space:
mode:
Diffstat (limited to 'lass/2configs')
-rw-r--r--lass/2configs/buildbot-standalone.nix7
-rw-r--r--lass/2configs/downloading.nix14
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/power-action.nix4
-rw-r--r--lass/2configs/repo-sync.nix3
-rw-r--r--lass/2configs/websites/domsen.nix43
8 files changed, 46 insertions, 30 deletions
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 5afb23687..7c7693ab7 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -3,8 +3,13 @@
with config.krebs.lib;
let
+ sshHostConfig = pkgs.writeText "ssh-config" ''
+ ControlMaster auto
+ ControlPath /tmp/%u_sshmux_%r@%h:%p
+ ControlPersist 4h
+ '';
sshWrapper = pkgs.writeDash "ssh-wrapper" ''
- ${pkgs.openssh}/bin/ssh -i ${shell.escape config.lass.build-ssh-privkey.path} "$@"
+ ${pkgs.openssh}/bin/ssh -F ${sshHostConfig} -i ${shell.escape config.lass.build-ssh-privkey.path} "$@"
'';
in {
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index cf9b631c8..597d20721 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -5,9 +5,6 @@ with config.krebs.lib;
let
rpc-password = import <secrets/transmission-pw>;
in {
- imports = [
- ../3modules/folderPerms.nix
- ];
users.extraUsers = {
download = {
@@ -64,15 +61,4 @@ in {
{ predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
];
};
-
- lass.folderPerms = {
- enable = true;
- permissions = [
- {
- path = "/var/download";
- permission = "775";
- owner = "transmission:download";
- }
- ];
- };
}
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 1ba99c8cb..00a3612fd 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -27,7 +27,6 @@ with config.krebs.lib;
{ from = "lass@aidsballs.de"; to = lass.mail; }
{ from = "wordpress@ubikmedia.de"; to = lass.mail; }
{ from = "finanzamt@lassul.us"; to = lass.mail; }
- { from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; }
{ from = "netzclub@lassul.us"; to = lass.mail; }
{ from = "nebenan@lassul.us"; to = lass.mail; }
];
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 9a1cab176..ab4450715 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -80,7 +80,7 @@ let
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++
optional repo.public {
- user = [ tv makefu ];
+ user = attrValues config.krebs.users;
repo = [ repo ];
perm = fetch;
} ++
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 931aabf08..b758bc24a 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://github.com/lassulus/nixpkgs;
- ref = "11a7899222929b6eb0951f7a1c0182f65b3b4637";
+ ref = "c6ca9c8c8b7eb8f8e68868e36fb90e162adf080f";
};
}
diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix
index 0ff8547c7..133966498 100644
--- a/lass/2configs/power-action.nix
+++ b/lass/2configs/power-action.nix
@@ -11,7 +11,7 @@ let
'';
in {
- lass.power-action = {
+ krebs.power-action = {
enable = true;
plans.low-battery = {
upperLimit = 30;
@@ -36,6 +36,6 @@ in {
];
security.sudo.extraConfig = ''
- ${config.lass.power-action.user.name} ALL= (root) NOPASSWD: ${suspend}
+ ${config.krebs.power-action.user.name} ALL= (root) NOPASSWD: ${suspend}
'';
}
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index 45a4e2afd..027f31fe0 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -91,12 +91,11 @@ in {
(sync-remote "repo-sync" "https://github.com/makefu/repo-sync")
(sync-remote "skytraq-datalogger" "https://github.com/makefu/skytraq-datalogger")
(sync-remote "xintmap" "https://github.com/4z3/xintmap")
+ (sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper")
(sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs")
(sync-retiolum "go")
(sync-retiolum "much")
(sync-retiolum "newsbot-js")
- (sync-retiolum "painload")
- (sync-retiolum "realwallpaper")
(sync-retiolum "stockholm")
(sync-retiolum "wai-middleware-time")
(sync-retiolum "web-routes-wai-custom")
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 07df2e8de..becd1a872 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -110,14 +110,6 @@ in {
};
};
- users.users.domsen = {
- uid = genid "domsen";
- description = "maintenance acc for domsen";
- home = "/home/domsen";
- useDefaultShell = true;
- extraGroups = [ "nginx" ];
- createHome = true;
- };
#services.phpfpm.phpOptions = ''
# extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
@@ -133,5 +125,40 @@ in {
cat ${pkgs.php}/etc/php-recommended.ini > $out
echo "$options" >> $out
'';
+
+ # MAIL STUFF
+ # TODO: make into its own module
+ services.dovecot2 = {
+ enable = true;
+ mailLocation = "maildir:~/Mail";
+ };
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport pop3"; target = "ACCEPT"; }
+ { predicate = "-p tcp --dport imap"; target = "ACCEPT"; }
+ ];
+ krebs.exim-smarthost = {
+ internet-aliases = [
+ { from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; }
+ { from = "mail@jla-trading.com"; to = "jla-trading"; }
+ ];
+ system-aliases = [
+ ];
+ };
+
+ users.users.domsen = {
+ uid = genid "domsen";
+ description = "maintenance acc for domsen";
+ home = "/home/domsen";
+ useDefaultShell = true;
+ extraGroups = [ "nginx" ];
+ createHome = true;
+ };
+
+ users.users.jla-trading = {
+ uid = genid "jla-trading";
+ home = "/home/jla-trading";
+ useDefaultShell = true;
+ createHome = true;
+ };
}