9 files changed, 32 insertions, 36 deletions

diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index 0103b6ec0..2784375c2 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -19,12 +19,11 @@ with builtins;
     #  };
     #}
     {
-      krebs.iptables = {
-        tables = {
-          filter.INPUT.rules = [
-            { predicate = "-p tcp --dport 8000"; target = "ACCEPT"; precedence = 9001; }
-          ];
-        };
+      services.elasticsearch = {
+        enable = true;
+        plugins = [
+          pkgs.elasticsearchPlugins.elasticsearch_kopf
+        ];
       };
     }
   ];
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 9f492e2c6..01d69c403 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -328,7 +328,4 @@
     tapButtons = false;
     twoFingerScroll = true;
   };
-
-  #for google hangout
-  users.extraUsers.gm.extraGroups = [ "audio" "video" ];
 }
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 05b3470e5..864e59b21 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -83,10 +83,10 @@ in {
     {
       sound.enable = false;
     }
-    {
-      #workaround for server dying after 6-7h
-      boot.kernelPackages = pkgs.linuxPackages_4_2;
-    }
+    #{
+    #  #workaround for server dying after 6-7h
+    #  boot.kernelPackages = pkgs.linuxPackages_4_2;
+    #}
     {
       nixpkgs.config.allowUnfree = true;
     }
@@ -119,7 +119,8 @@ in {
     }
     {
       users.users.chat.openssh.authorizedKeys.keys = [
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH"
+        "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFhFJUMTfPbv3SzqlT9S67Av/m/ctLfTd3mMhD4O9hZc+t+dZmaHWj3v1KujzMBiDp3Yfo2YdVVZLTwTluHD8yNoQH418Vm01nrYHwOsc5J0br3mb0URZSstPiz6/6Fc+PNCDfQ2skUAWUidWiH+JolROFQ4y2lfpLOw+wsK2jj+Gqx6w== JuiceSSH"
+        config.krebs.users.lass-uriel.pubkey
       ];
     }
     {
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 0758164f0..4e4eca21f 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -15,15 +15,6 @@ with builtins;
     ../2configs/bitlbee.nix
     ../2configs/weechat.nix
     ../2configs/skype.nix
-    {
-      users.extraUsers = {
-        root = {
-          openssh.authorizedKeys.keys = map readFile [
-            ../../krebs/Zpubkeys/uriel.ssh.pub
-          ];
-        };
-      };
-    }
   ];
 
   krebs.build.host = config.krebs.hosts.uriel;
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index d2c96fdaa..af4ee6d27 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -54,8 +54,8 @@ with config.krebs.lib;
         #secrets-common = "/home/lass/secrets/common";
         stockholm = "/home/lass/stockholm";
         nixpkgs = {
-          url = https://github.com/Lassulus/nixpkgs;
-          rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce";
+          url = https://github.com/NixOS/nixpkgs;
+          rev = "885acea1dd82b0354ff2b6bcf1268b3031cf93df";
           dev = "/home/lass/src/nixpkgs";
         };
       } // optionalAttrs config.krebs.build.host.secure {
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index eb764068b..47a16d4cb 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -1,6 +1,8 @@
 { config, lib, pkgs, ... }:
 
 let
+  inherit (config.krebs.lib) genid;
+
   mainUser = config.users.extraUsers.mainUser;
   createChromiumUser = name: extraGroups: packages:
     {
@@ -8,6 +10,7 @@ let
         inherit name;
         inherit extraGroups;
         home = "/home/${name}";
+        uid = genid name;
         useDefaultShell = true;
         createHome = true;
       };
@@ -28,6 +31,7 @@ let
         inherit name;
         inherit extraGroups;
         home = "/home/${name}";
+        uid = genid name;
         useDefaultShell = true;
         createHome = true;
       };
@@ -48,16 +52,17 @@ in {
 
   environment.systemPackages = [
     (pkgs.writeScriptBin "browser-select" ''
-      BROWSER=$(echo -e "ff\ncr\nfb\ngm\nflash" | dmenu)
+      BROWSER=$(echo -e "ff\ncr\nwk\nfb\ngm\nflash" | dmenu)
       $BROWSER $@
     '')
   ];
 
   imports = [
-    ( createFirefoxUser "ff" [ "audio" ] [ ] )
+    ( createFirefoxUser "ff" [ "audio" ] [ pkgs.firefox ] )
     ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] )
-    ( createChromiumUser "fb" [ ] [ pkgs.chromium ] )
-    ( createChromiumUser "gm" [ ] [ pkgs.chromium ] )
+    ( createChromiumUser "wk" [ "audio" ] [ pkgs.chromium ] )
+    ( createChromiumUser "fb" [ "audio" ] [ pkgs.chromium ] )
+    ( createChromiumUser "gm" [ "audio" ] [ pkgs.chromium ] )
     ( createChromiumUser "flash" [ "audio" ] [ pkgs.flash ] )
   ];
 
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index f8a63706e..1646cdea9 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -16,8 +16,6 @@
     enable = true;
     connectTo = [
       "prism"
-      "cloudkrebs"
-      "echelon"
       "pigstarter"
       "gum"
       "flap"
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
index 6a257f0bb..98f5df42a 100644
--- a/lass/2configs/weechat.nix
+++ b/lass/2configs/weechat.nix
@@ -1,14 +1,17 @@
 { config, lib, pkgs, ... }:
 
-{
-  krebs.per-user.chat.packages = [
-    pkgs.weechat
-    pkgs.tmux
+let
+  inherit (config.krebs.lib) genid;
+in {
+  krebs.per-user.chat.packages = with pkgs; [
+    mosh
+    tmux
+    weechat
   ];
 
   users.extraUsers.chat = {
     home = "/home/chat";
-    uid = lib.genid "chat";
+    uid = genid "chat";
     useDefaultShell = true;
     createHome = true;
     openssh.authorizedKeys.keys = [
diff --git a/lass/3modules/newsbot-js.nix b/lass/3modules/newsbot-js.nix
index 5e340b26f..0772971da 100644
--- a/lass/3modules/newsbot-js.nix
+++ b/lass/3modules/newsbot-js.nix
@@ -4,6 +4,8 @@ with builtins;
 with lib;
 
 let
+  inherit (config.krebs.lib) genid;
+
   cfg = config.lass.newsbot-js;
 
   out = {