5 files changed, 78 insertions, 8 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 98d5d2988..b66ef1ab8 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -46,7 +46,7 @@ in {
 
       # services
       <stockholm/makefu/2configs/share/gum.nix>
-      <stockholm/makefu/2configs/sabnzbd.nix>
+      # <stockholm/makefu/2configs/sabnzbd.nix>
       <stockholm/makefu/2configs/torrent.nix>
       <stockholm/makefu/2configs/iodined.nix>
       <stockholm/makefu/2configs/vpn/openvpn-server.nix>
@@ -65,6 +65,8 @@ in {
       <stockholm/makefu/2configs/deployment/graphs.nix>
       <stockholm/makefu/2configs/deployment/owncloud.nix>
       <stockholm/makefu/2configs/deployment/boot-euer.nix>
+      <stockholm/makefu/2configs/deployment/bgt/hidden_service.nix>
+
       {
         services.taskserver.enable = true;
         services.taskserver.fqdn = config.krebs.build.host.name;
@@ -84,13 +86,40 @@ in {
 
       # Temporary:
       # <stockholm/makefu/2configs/temp/rst-issue.nix>
+      <stockholm/makefu/2configs/virtualisation/docker.nix>
+
+      #{
+      #  services.dockerRegistry.enable = true;
+      #  networking.firewall.allowedTCPPorts = [ 8443 ];
+
+      #  services.nginx.virtualHosts."euer.krebsco.de" = {
+      #    forceSSL = true;
+      #    enableACME = true;
+      #    extraConfig = ''
+      #      client_max_body_size 1000M;
+      #    '';
+      #    locations."/".proxyPass = "http://localhost:5000";
+      #  };
+      #}
+      { # wireguard server
+        networking.firewall.allowedUDPPorts = [ 51820 ];
+        #networking.wireguard.interfaces.wg0 = {
+        #  ips = [ "10.244.0.1/24" ];
+        #  privateKeyFile = (toString <secrets>) + "/wireguard.key";
+        #  allowedIPsAsRoutes = true;
+        #  peers = [{
+        #    allowedIPs = [ "0.0.0.0/0" "::/0" ];
+        #    publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=";
+        #  }];
+        #};
+      }
 
   ];
   makefu.dl-dir = "/var/download";
 
   services.openssh.hostKeys = [
-    { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
-    { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
+    { bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; }
+    { path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ];
   ###### stable
   services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
   krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 1d157460b..4af87dc10 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -61,6 +61,7 @@ in {
       # logs to influx
       <stockholm/makefu/2configs/stats/external/aralast.nix>
       <stockholm/makefu/2configs/stats/telegraf>
+      <stockholm/makefu/2configs/stats/telegraf/europastats.nix>
 
       # services
       <stockholm/makefu/2configs/syncthing.nix>
diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix
index 7b751e514..680fa2cbc 100644
--- a/makefu/1systems/tsp/config.nix
+++ b/makefu/1systems/tsp/config.nix
@@ -32,6 +32,8 @@
   # acer aspire
   networking.wireless.enable = lib.mkDefault true;
 
+  services.xserver.synaptics.enable = true;
+
   hardware.enableAllFirmware = true;
   nixpkgs.config.allowUnfree = true;
 
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index ac51fd9ca..c30ee4c58 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -3,6 +3,7 @@ let
   rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
   datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
   user = config.makefu.gui.user;
+  primaryIP = "192.168.8.11";
 in {
 
   imports =
@@ -10,16 +11,18 @@ in {
       <stockholm/makefu>
       <stockholm/makefu/2configs/zsh-user.nix>
       <stockholm/makefu/2configs/tools/core.nix>
-      <stockholm/makefu/2configs/tools/core-gui.nix>
-      <stockholm/makefu/2configs/tools/extra-gui.nix>
-      <stockholm/makefu/2configs/tools/media.nix>
+      <stockholm/makefu/2configs/disable_v6.nix>
+      # <stockholm/makefu/2configs/tools/core-gui.nix>
+      # <stockholm/makefu/2configs/tools/extra-gui.nix>
+      # <stockholm/makefu/2configs/tools/media.nix>
       <stockholm/makefu/2configs/virtualisation/libvirt.nix>
       <stockholm/makefu/2configs/tinc/retiolum.nix>
       <stockholm/makefu/2configs/mqtt.nix>
-      <stockholm/makefu/2configs/deployment/led-fader.nix>
       # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+
       <stockholm/makefu/2configs/stats/client.nix>
 
+
       # <stockholm/makefu/2configs/gui/studio-virtual.nix>
       # <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
       # <stockholm/makefu/2configs/audio/realtime-audio.nix>
@@ -27,6 +30,41 @@ in {
 
       # Services
       <stockholm/makefu/2configs/remote-build/slave.nix>
+      <stockholm/makefu/2configs/share/wbob.nix>
+
+      <stockholm/makefu/2configs/stats/telegraf>
+      <stockholm/makefu/2configs/deployment/led-fader.nix>
+      <stockholm/makefu/2configs/stats/external/aralast.nix>
+      <stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
+      <stockholm/makefu/2configs/deployment/bureautomation>
+      (let
+          collectd-port = 25826;
+          influx-port = 8086;
+          grafana-port = 3000; # TODO nginx forward
+          db = "collectd_db";
+          logging-interface = "enp0s25";
+        in {
+          services.grafana.enable = true;
+          services.grafana.addr = "0.0.0.0";
+
+          services.influxdb.enable = true;
+          services.influxdb.extraConfig = {
+            meta.hostname = config.krebs.build.host.name;
+            # meta.logging-enabled = true;
+            http.bind-address = ":${toString influx-port}";
+            admin.bind-address = ":8083";
+            collectd = [{
+              enabled = true;
+              typesdb = "${pkgs.collectd}/share/collectd/types.db";
+              database = db;
+              bind-address = ":${toString collectd-port}";
+            }];
+          };
+
+          networking.firewall.extraCommands = ''
+            iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
+          '';
+      })
 
       # temporary
       # <stockholm/makefu/2configs/temp/rst-issue.nix>
diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix
index 6f079d712..b768aa87d 100644
--- a/makefu/1systems/wbob/source.nix
+++ b/makefu/1systems/wbob/source.nix
@@ -1,4 +1,4 @@
 import <stockholm/makefu/source.nix> {
   name="wbob";
-  musnix = true;
+  # musnix = true;
 }