summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/icarus/config.nix33
-rw-r--r--lass/1systems/mors/config.nix33
-rw-r--r--lass/1systems/shodan/config.nix57
-rw-r--r--lass/2configs/boot/coreboot.nix10
-rw-r--r--lass/2configs/hw/tp-x220.nix61
-rw-r--r--lass/2configs/hw/x220.nix32
-rw-r--r--lass/2configs/mouse.nix19
7 files changed, 73 insertions, 172 deletions
diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix
index 61837bf38..8afd97977 100644
--- a/lass/1systems/icarus/config.nix
+++ b/lass/1systems/icarus/config.nix
@@ -3,8 +3,11 @@
{
imports = [
<stockholm/lass>
+ <stockholm/lass/2configs/hw/x220.nix>
+ <stockholm/lass/2configs/boot/coreboot.nix>
+
+ <stockholm/lass/2configs/mouse.nix>
<stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/hw/tp-x220.nix>
<stockholm/lass/2configs/git.nix>
<stockholm/lass/2configs/exim-retiolum.nix>
<stockholm/lass/2configs/baseX.nix>
@@ -17,40 +20,12 @@
krebs.build.host = config.krebs.hosts.icarus;
- boot = {
- loader.grub.enable = true;
- loader.grub.version = 2;
- loader.grub.device = "/dev/sda";
- loader.grub.efiSupport = true;
-
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
- initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
- initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
- };
fileSystems = {
- "/" = {
- device = "/dev/mapper/pool-root";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
- };
- "/boot" = {
- device = "/dev/sda2";
- };
"/bku" = {
device = "/dev/mapper/pool-bku";
fsType = "btrfs";
options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
- "/home" = {
- device = "/dev/mapper/pool-home";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
- };
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
services.udev.extraRules = ''
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 29dacf8dc..2cb6a7519 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -4,8 +4,11 @@ with import <stockholm/lib>;
{
imports = [
<stockholm/lass>
+ <stockholm/lass/2configs/hw/x220.nix>
+ <stockholm/lass/2configs/boot/coreboot.nix>
+
+ <stockholm/lass/2configs/mouse.nix>
<stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/hw/tp-x220.nix>
<stockholm/lass/2configs/baseX.nix>
<stockholm/lass/2configs/exim-retiolum.nix>
<stockholm/lass/2configs/programs.nix>
@@ -92,40 +95,12 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.mors;
- boot = {
- loader.grub.enable = true;
- loader.grub.version = 2;
- loader.grub.device = "/dev/sda";
- loader.grub.efiSupport = true;
-
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
- initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
- initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
- };
fileSystems = {
- "/" = {
- device = "/dev/mapper/pool-root";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
- };
- "/boot" = {
- device = "/dev/sda2";
- };
"/bku" = {
device = "/dev/mapper/pool-bku";
fsType = "btrfs";
options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
- "/home" = {
- device = "/dev/mapper/pool-home";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
- };
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
services.udev.extraRules = ''
diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix
index a68471aa0..00ea82671 100644
--- a/lass/1systems/shodan/config.nix
+++ b/lass/1systems/shodan/config.nix
@@ -4,8 +4,11 @@ with import <stockholm/lib>;
{
imports = [
<stockholm/lass>
+ #TODO reinstall with correct layout and use lass/hw/x220
+ <stockholm/krebs/2configs/hw/x220.nix>
+
+ <stockholm/lass/2configs/mouse.nix>
<stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/hw/tp-x220.nix>
<stockholm/lass/2configs/baseX.nix>
<stockholm/lass/2configs/git.nix>
<stockholm/lass/2configs/exim-retiolum.nix>
@@ -14,58 +17,6 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/fetchWallpaper.nix>
<stockholm/lass/2configs/backups.nix>
<stockholm/lass/2configs/wine.nix>
- #{
- # users.extraUsers = {
- # root = {
- # openssh.authorizedKeys.keys = map readFile [
- # ../../krebs/Zpubkeys/uriel.ssh.pub
- # ];
- # };
- # };
- #}
- {
- users.users.sokratess = {
- uid = genid "sokratess";
- home = "/home/sokratess";
- group = "users";
- createHome = true;
- extraGroups = [
- "audio"
- "networkmanager"
- ];
- useDefaultShell = true;
- password = "aidsballs";
- };
- krebs.per-user.sokratess.packages = [
- pkgs.firefox
- pkgs.python27Packages.virtualenv
- pkgs.python27Packages.ipython
- pkgs.python27Packages.python
- ];
- }
- {
- krebs.monit = let
- echoToIrc = msg:
- pkgs.writeDash "echo_irc" ''
- set -euf
- export LOGNAME=prism-alarm
- ${pkgs.irc-announce}/bin/irc-announce \
- ni.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null
- '';
- in {
- enable = true;
- http.enable = true;
- alarms = {
- hfos = {
- test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'";
- alarm = echoToIrc "test hfos failed";
- };
- };
- };
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; }
- ];
- }
];
krebs.build.host = config.krebs.hosts.shodan;
diff --git a/lass/2configs/boot/coreboot.nix b/lass/2configs/boot/coreboot.nix
new file mode 100644
index 000000000..1548cbc2d
--- /dev/null
+++ b/lass/2configs/boot/coreboot.nix
@@ -0,0 +1,10 @@
+{ ... }:
+
+{
+ boot = {
+ loader.grub.enable = true;
+ loader.grub.version = 2;
+ loader.grub.device = "/dev/sda";
+ loader.grub.efiSupport = true;
+ };
+}
diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix
deleted file mode 100644
index 9be0b6bd2..000000000
--- a/lass/2configs/hw/tp-x220.nix
+++ /dev/null
@@ -1,61 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-{
- imports = [
- ../smartd.nix
- ];
- networking.wireless.enable = lib.mkDefault true;
-
- hardware.enableAllFirmware = true;
- nixpkgs.config.allowUnfree = true;
-
- hardware.cpu.intel.updateMicrocode = true;
-
- zramSwap.enable = true;
- zramSwap.numDevices = 2;
-
- hardware.trackpoint = {
- enable = true;
- sensitivity = 220;
- speed = 0;
- emulateWheel = true;
- };
-
- services.tlp.enable = true;
- services.tlp.extraConfig = ''
- # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery
- #START_CHARGE_THRESH_BAT0=80
- STOP_CHARGE_THRESH_BAT0=95
-
- CPU_SCALING_GOVERNOR_ON_AC=performance
- CPU_SCALING_GOVERNOR_ON_BAT=ondemand
- CPU_MIN_PERF_ON_AC=0
- CPU_MAX_PERF_ON_AC=100
- CPU_MIN_PERF_ON_BAT=0
- CPU_MAX_PERF_ON_BAT=30
- '';
-
- boot = {
- kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
- extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
- kernelParams = [ "acpi_backlight=none" ];
- };
-
- hardware.opengl.extraPackages = [
- pkgs.vaapiIntel
- pkgs.vaapiVdpau
- ];
-
- security.rngd.enable = true;
-
- services.xserver.synaptics = {
- enable = true;
- horizEdgeScroll = false;
- horizontalScroll = false;
- vertEdgeScroll = false;
- maxSpeed = "0.1";
- minSpeed = "0.01";
- tapButtons = false;
- };
-}
diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix
new file mode 100644
index 000000000..bf7decc40
--- /dev/null
+++ b/lass/2configs/hw/x220.nix
@@ -0,0 +1,32 @@
+{ ... }:
+{
+ imports = [
+ <stockholm/krebs/2configs/hw/x220.nix>
+ ];
+
+ boot = {
+ initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
+ initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/mapper/pool-root";
+ fsType = "btrfs";
+ options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ };
+ "/boot" = {
+ device = "/dev/sda2";
+ };
+ "/home" = {
+ device = "/dev/mapper/pool-home";
+ fsType = "btrfs";
+ options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ };
+ "/tmp" = {
+ device = "tmpfs";
+ fsType = "tmpfs";
+ options = ["nosuid" "nodev" "noatime"];
+ };
+ };
+}
diff --git a/lass/2configs/mouse.nix b/lass/2configs/mouse.nix
new file mode 100644
index 000000000..098809d62
--- /dev/null
+++ b/lass/2configs/mouse.nix
@@ -0,0 +1,19 @@
+{ ... }:
+{
+ hardware.trackpoint = {
+ enable = true;
+ sensitivity = 220;
+ speed = 0;
+ emulateWheel = true;
+ };
+
+ services.xserver.synaptics = {
+ enable = true;
+ horizEdgeScroll = false;
+ horizontalScroll = false;
+ vertEdgeScroll = false;
+ maxSpeed = "0.1";
+ minSpeed = "0.01";
+ tapButtons = false;
+ };
+}