diff options
Diffstat (limited to 'makefu/1systems')
-rw-r--r-- | makefu/1systems/omo.nix | 18 | ||||
-rw-r--r-- | makefu/1systems/pornocauster.nix | 5 |
2 files changed, 20 insertions, 3 deletions
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index e19205a95..e11665fbc 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -27,10 +27,20 @@ in { ../2configs/exim-retiolum.nix ../2configs/smart-monitor.nix ../2configs/mail-client.nix + ../2configs/share-user-sftp.nix + ../2configs/nginx/omo-share.nix ../3modules ]; + # services.openssh.allowSFTP = false; krebs.build.host = config.krebs.hosts.omo; + + # copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/ + services.sabnzbd.enable = true; + systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + + # HDD Array stuff services.smartd.devices = builtins.map (x: { device = x; }) allDisks; + makefu.snapraid = let toMapper = id: "/media/crypt${builtins.toString id}"; in { @@ -38,7 +48,6 @@ in { disks = map toMapper [ 0 1 ]; parity = toMapper 2; }; - # AMD E350 fileSystems = let cryptMount = name: { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };}; @@ -56,6 +65,7 @@ in { ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} ${pkgs.hdparm}/sbin/hdparm -y ${disk} '') allDisks); + boot = { initrd.luks = { devices = let @@ -87,10 +97,14 @@ in { }; networking.firewall.allowedUDPPorts = [ 655 ]; + # 8080: sabnzbd + networking.firewall.allowedTCPPorts = [ 80 655 8080 ]; + hardware.enableAllFirmware = true; hardware.cpu.amd.updateMicrocode = true; - #zramSwap.enable = true; + zramSwap.enable = true; zramSwap.numDevices = 2; + } diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index 690e26b36..d7fa8edc5 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -35,12 +35,14 @@ # ../2configs/mediawiki.nix #../2configs/wordpress.nix ]; + hardware.sane.enable = true; + hardware.sane.extraBackends = [ pkgs.samsungUnifiedLinuxDriver ]; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; krebs.Reaktor = { - enable = true; + enable = false; nickname = "makefu|r"; plugins = with pkgs.ReaktorPlugins; [ nixos-version random-emoji ]; }; @@ -59,6 +61,7 @@ hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' ${builtins.readFile "${config.hardware.pulseaudio.package}/etc/pulse/default.pa"} load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI"''; + networking.firewall.enable = false; networking.firewall.allowedTCPPorts = [ 25 ]; |