4 files changed, 41 insertions, 18 deletions

diff --git a/makefu/1systems/darth.nix b/makefu/1systems/darth.nix
index 5f1d6e121..87029a693 100644
--- a/makefu/1systems/darth.nix
+++ b/makefu/1systems/darth.nix
@@ -16,16 +16,32 @@ in {
       ../2configs/smart-monitor.nix
       ../2configs/exim-retiolum.nix
       ../2configs/virtualization.nix
+
+      ../2configs/temp-share-samba.nix
   ];
+  services.samba.shares = {
+      isos = {
+        path = "/data/isos/";
+        "read only" = "yes";
+        browseable = "yes";
+        "guest ok" = "yes";
+      };
+  };
   services.tinc.networks.siem = {
     name = "sdarth";
     extraConfig = "ConnectTo = sjump";
   };
+
+  makefu.forward-journal = {
+    enable = true;
+    src = "10.8.10.2";
+    dst = "10.8.10.6";
+  };
+
   #networking.firewall.enable = false;
   krebs.retiolum.enable = true;
 
   boot.kernelModules = [ "coretemp" "f71882fg" ];
-
   hardware.enableAllFirmware = true;
   nixpkgs.config.allowUnfree = true;
   networking = {
@@ -33,6 +49,7 @@ in {
     firewall = {
       allowPing = true;
       logRefusedConnections = false;
+      trustedInterfaces = [ "eno1" ];
       allowedUDPPorts = [ 80 655 1655 67 ];
       allowedTCPPorts = [ 80 655 1655 ];
     };
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index e71055f54..8c24e0ff5 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -75,6 +75,7 @@ in {
 
 
   # HDD Array stuff
+  environment.systemPackages = [ pkgs.mergerfs ];
   services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
 
   makefu.snapraid = let
@@ -129,7 +130,10 @@ in {
     kernelModules = [ "kvm-intel" ];
     extraModulePackages = [ ];
   };
-
+  users.users.misa = {
+    uid = 9002;
+    name = "misa";
+  };
   hardware.enableAllFirmware = true;
   hardware.cpu.intel.updateMicrocode = true;
 
diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix
index 1fe8871d2..3a3ac9c7c 100644
--- a/makefu/1systems/shoney.nix
+++ b/makefu/1systems/shoney.nix
@@ -3,8 +3,9 @@ let
   tinc-siem-ip = "10.8.10.1";
 
   ip     = "64.137.234.215";
-  alt-ip = "64.137.234.210";
-  extra-ip = "64.137.234.114"; #currently unused
+  alt-ip = "64.137.234.210";    # honeydrive honeyd
+  extra-ip1 = "64.137.234.114"; # floating tinc.siem
+  extra-ip2 = "64.137.234.232"; # honeydrive
   gw = "64.137.234.1";
 in {
   imports = [
@@ -15,7 +16,7 @@ in {
   ];
 
 
-
+  environment.systemPackages = [ pkgs.honeyd ];
   services.tinc.networks.siem.name = "sjump";
 
   krebs = {
@@ -37,10 +38,15 @@ in {
       };
     };
   };
+  makefu.forward-journal = {
+    enable = true;
+    src = "10.8.10.1";
+    dst = "10.8.10.6";
+  };
   networking =  {
     interfaces.enp2s1.ip4 = [
       { address = ip; prefixLength = 24; }
-      { address = alt-ip; prefixLength = 24; }
+      # { address = alt-ip; prefixLength = 24; }
     ];
 
     defaultGateway = gw;
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
index 8b71b1393..3fcb173ce 100644
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@@ -5,23 +5,23 @@
   imports =
     [ # Include the results of the hardware scan.
       ../.
-      <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>
+      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
+      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
       ../2configs/main-laptop.nix #< base-gui
+      # (toString <secrets>)/extra-hosts.nix
 
       # environment
 
     ];
-  nixpkgs.config.allowUnfree = true;
+  # workaround for https://github.com/NixOS/nixpkgs/issues/16641
+  services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
 
+  nixpkgs.config.allowUnfree = true;
   fileSystems."/nix" = {
     device ="/dev/disk/by-label/nixstore";
     fsType = "ext4";
   };
-  fileSystems."/var/lib/docker" = {
-    device ="/dev/disk/by-label/nix-docker";
-    fsType = "ext4";
-  };
-  #makefu.buildbot.master.enable = true;
+
   # allow vbob to deploy self
   users.extraUsers = {
     root = {
@@ -52,11 +52,7 @@
       "gum"
     ];
   };
-
-  networking.extraHosts = ''
-    172.17.20.190  gitlab
-    172.17.62.27   svbittool01 tool
-  '';
+  virtualisation.docker.enable = false;
 
   fileSystems."/media/share" = {
     fsType = "vboxsf";