diff options
Diffstat (limited to 'lass/2configs')
| -rw-r--r-- | lass/2configs/base.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/browsers.nix | 22 | ||||
| -rw-r--r-- | lass/2configs/elster.nix | 3 | ||||
| -rw-r--r-- | lass/2configs/fetchWallpaper.nix | 11 | ||||
| -rw-r--r-- | lass/2configs/libvirt.nix | 22 | ||||
| -rw-r--r-- | lass/2configs/teamviewer.nix | 6 | ||||
| -rw-r--r-- | lass/2configs/websites/domsen.nix | 35 | ||||
| -rw-r--r-- | lass/2configs/websites/wohnprojekt-rhh.de.nix | 12 | ||||
| -rw-r--r-- | lass/2configs/xserver/default.nix | 1 |
9 files changed, 98 insertions, 18 deletions
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 61023057b..40f4e12c7 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -17,6 +17,7 @@ with lib; root = { openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.uriel.pubkey ]; }; mainUser = { @@ -30,6 +31,7 @@ with lib; ]; openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + config.krebs.users.uriel.pubkey ]; }; }; @@ -48,7 +50,7 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "8d1ce129361312334bf914ce0d27e463cb0bb21b"; + rev = "363c8430f1efad8b03d5feae6b3a4f2fe7b29251"; }; dir.secrets = { host = config.krebs.hosts.mors; diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 849778a7a..d36801863 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,16 +1,6 @@ { config, lib, pkgs, ... }: let - simpleScript = name: content: - pkgs.stdenv.mkDerivation { - inherit name; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out/bin - ln -s ${pkgs.writeScript name content} $out/bin/${name} - ''; - }; - mainUser = config.users.extraUsers.mainUser; createChromiumUser = name: extraGroups: packages: { @@ -26,8 +16,8 @@ let ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; environment.systemPackages = [ - (simpleScript name '' - sudo -u ${name} -i chromium $@ + (pkgs.writeScriptBin name '' + /var/setuid-wrappers/sudo -u ${name} -i chromium $@ '') ]; }; @@ -46,8 +36,8 @@ let ${mainUser.name} ALL=(${name}) NOPASSWD: ALL ''; environment.systemPackages = [ - (simpleScript name '' - sudo -u ${name} -i firefox $@ + (pkgs.writeScriptBin name '' + /var/setuid-wrappers/sudo -u ${name} -i firefox $@ '') ]; }; @@ -57,7 +47,7 @@ let in { environment.systemPackages = [ - (simpleScript "browser-select" '' + (pkgs.writeScriptBin "browser-select" '' BROWSER=$(echo -e "ff\ncr\nfb\ngm\nflash" | dmenu) $BROWSER $@ '') @@ -70,7 +60,7 @@ in { ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] ) ( createChromiumUser "fb" [ ] [ pkgs.chromium ] ) ( createChromiumUser "gm" [ ] [ pkgs.chromium ] ) - # ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) + ( createChromiumUser "flash" [ ] [ pkgs.flash ] ) ]; nixpkgs.config.packageOverrides = pkgs : { diff --git a/lass/2configs/elster.nix b/lass/2configs/elster.nix index 1edd01896..e3a88c789 100644 --- a/lass/2configs/elster.nix +++ b/lass/2configs/elster.nix @@ -14,6 +14,9 @@ in { createHome = true; }; }; + krebs.per-user.elster.packages = [ + pkgs.chromium + ]; security.sudo.extraConfig = '' ${mainUser.name} ALL=(elster) NOPASSWD: ALL ''; diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix new file mode 100644 index 000000000..9c27706cb --- /dev/null +++ b/lass/2configs/fetchWallpaper.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: + +let + +in { + krebs.fetchWallpaper = { + enable = true; + url = "echelon/wallpaper.png"; + }; +} + diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix new file mode 100644 index 000000000..368722e77 --- /dev/null +++ b/lass/2configs/libvirt.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + +in { + virtualisation.libvirtd.enable = true; + + users.extraUsers = { + libvirt = { + uid = 358821352; # genid libvirt + description = "user for running libvirt stuff"; + home = "/home/libvirt"; + useDefaultShell = true; + extraGroups = [ "libvirtd" "audio" ]; + createHome = true; + }; + }; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(libvirt) NOPASSWD: ALL + ''; +} diff --git a/lass/2configs/teamviewer.nix b/lass/2configs/teamviewer.nix new file mode 100644 index 000000000..48053d7db --- /dev/null +++ b/lass/2configs/teamviewer.nix @@ -0,0 +1,6 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + services.teamviewer.enable = true; +} diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix new file mode 100644 index 000000000..109c216c0 --- /dev/null +++ b/lass/2configs/websites/domsen.nix @@ -0,0 +1,35 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../../3modules/static_nginx.nix + ../../3modules/owncloud_nginx.nix + ../../3modules/wordpress_nginx.nix + ]; + + lass.staticPage = { + "karlaskop.de" = {}; + "makeup.apanowicz.de" = {}; + "pixelpocket.de" = {}; + "reich-gebaeudereinigung.de" = {}; + }; + + lass.owncloud = { + "o.ubikmedia.de" = { + instanceid = "oc8n8ddbftgh"; + }; + }; + + services.mysql = { + enable = true; + package = pkgs.mariadb; + rootPassword = toString (<secrets/mysql_rootPassword>); + }; + + #lass.wordpress = { + # "ubikmedia.de" = { + # }; + #}; + +} + diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix new file mode 100644 index 000000000..cd31450c5 --- /dev/null +++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix @@ -0,0 +1,12 @@ +{ config, ... }: + +{ + imports = [ + ../../3modules/static_nginx.nix + ]; + + lass.staticPage = { + "wohnprojekt-rhh.de" = {}; + }; +} + diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix index ceccf5fee..da337f6a7 100644 --- a/lass/2configs/xserver/default.nix +++ b/lass/2configs/xserver/default.nix @@ -108,7 +108,6 @@ let pkgs.rxvt_unicode pkgs.i3lock pkgs.haskellPackages.yeganesh - pkgs.haskellPackages.xmobar pkgs.dmenu ] ++ config.environment.systemPackages)}:/var/setuid-wrappers settle() {( |