diff options
Diffstat (limited to 'lass')
-rw-r--r-- | lass/1systems/helios/config.nix | 5 | ||||
-rw-r--r-- | lass/1systems/mors/config.nix | 3 | ||||
-rw-r--r-- | lass/2configs/exim-smarthost.nix | 1 | ||||
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 56 | ||||
-rw-r--r-- | lass/3modules/umts.nix | 6 |
5 files changed, 68 insertions, 3 deletions
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index 89949bcbf..37bdc0290 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -11,6 +11,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/retiolum.nix> <stockholm/lass/2configs/otp-ssh.nix> <stockholm/lass/2configs/git.nix> + <stockholm/lass/2configs/fetchWallpaper.nix> { # automatic hardware detection boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.kernelModules = [ "kvm-intel" ]; @@ -31,7 +32,6 @@ with import <stockholm/lib>; }; nix.maxJobs = lib.mkDefault 8; - powerManagement.cpuFreqGovernor = "powersave"; } { # crypto stuff boot.initrd.luks = { @@ -45,7 +45,7 @@ with import <stockholm/lib>; { services.xserver.dpi = 200; fonts.fontconfig.dpi = 200; - lass.myFont = "-schumacher-clean-*-*-*-*-26-*-*-*-*-*-iso10646-1"; + lass.myFont = "-schumacher-clean-*-*-*-*-25-*-*-*-*-*-iso10646-1"; } ]; krebs.build.host = config.krebs.hosts.helios; @@ -83,4 +83,5 @@ with import <stockholm/lib>; programs.ssh.startAgent = lib.mkForce true; + services.tlp.enable = true; } diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 4d2f8b0f8..8b90cce77 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -38,7 +38,7 @@ with import <stockholm/lib>; { lass.umts = { enable = true; - modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_C12AD95CB7B78F90-if09"; + modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09"; initstrings = '' Init1 = AT+CFUN=1 Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0 @@ -133,6 +133,7 @@ with import <stockholm/lib>; iodine macchanger + dpass ]; #TODO: fix this shit diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index a70d58828..c9d7a369a 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -42,6 +42,7 @@ with import <stockholm/lib>; { from = "securityfocus@lassul.us"; to = lass.mail; } { from = "radio@lassul.us"; to = lass.mail; } { from = "btce@lassul.us"; to = lass.mail; } + { from = "raf@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index d37dd5301..17c39a5f4 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -6,10 +6,66 @@ let genid ; + servephpBB = domains: + let + domain = head domains; + + in { + services.nginx.virtualHosts."${domain}" = { + enableACME = true; + forceSSL = true; + serverAliases = domains; + extraConfig = '' + index index.php; + root /srv/http/${domain}/; + access_log /tmp/nginx_acc.log; + error_log /tmp/nginx_err.log; + error_page 404 /404.html; + error_page 500 502 503 504 /50x.html; + client_max_body_size 100m; + ''; + locations."/".extraConfig = '' + try_files $uri $uri/ /index.php?$args; + ''; + locations."~ \.php(?:$|/)".extraConfig = '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include ${pkgs.nginx}/conf/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param HTTPS on; + fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice + fastcgi_pass unix:/srv/http/${domain}/phpfpm.pool; + fastcgi_intercept_errors on; + ''; + #Directives to send expires headers and turn off 404 error logging. + locations."~* ^.+\.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$".extraConfig = '' + access_log off; + log_not_found off; + expires max; + ''; + }; + services.phpfpm.poolConfigs."${domain}" = '' + listen = /srv/http/${domain}/phpfpm.pool + user = nginx + group = nginx + pm = dynamic + pm.max_children = 25 + pm.start_servers = 5 + pm.min_spare_servers = 3 + pm.max_spare_servers = 20 + listen.owner = nginx + listen.group = nginx + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; + }; + in { imports = [ ./default.nix ../git.nix + (servephpBB [ "rote-allez-fraktion.de" ]) ]; security.acme = { diff --git a/lass/3modules/umts.nix b/lass/3modules/umts.nix index c93c65ad2..207278440 100644 --- a/lass/3modules/umts.nix +++ b/lass/3modules/umts.nix @@ -61,6 +61,7 @@ let ''; wvdial-defaults = '' + [Dialer Defaults] Modem = ${cfg.modem} ${cfg.initstrings} Modem Type = Analog Modem @@ -70,6 +71,7 @@ let Password = ${cfg.password} Stupid Mode = 1 Idle Seconds = 0 + PPPD Path = ${pkgs.ppp}/bin/pppd ''; imp = { @@ -77,6 +79,10 @@ let umts = "sudo ${umts-bin}/bin/umts"; }; + environment.systemPackages = [ + pkgs.ppp + ]; + security.sudo.extraConfig = '' lass ALL= (root) NOPASSWD: ${umts-bin}/bin/umts ''; |