summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/gum.nix16
-rw-r--r--makefu/1systems/vbob.nix44
-rw-r--r--makefu/2configs/default.nix17
-rw-r--r--makefu/2configs/fetchWallpaper.nix24
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix9
-rw-r--r--makefu/2configs/main-laptop.nix5
-rw-r--r--makefu/2configs/tinc-basic-retiolum.nix1
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg30
8 files changed, 128 insertions, 18 deletions
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 75607aa46..417a020fa 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -14,14 +14,20 @@ in {
# ../2configs/iodined.nix
../2configs/git/cgit-retiolum.nix
../2configs/mattermost-docker.nix
+ ../2configs/nginx/euer.test.nix
];
+ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
###### stable
krebs.build.target = "root@gum.krebsco.de";
krebs.build.host = config.krebs.hosts.gum;
-
+ krebs.retiolum.extraConfig = ''
+ ListenAddress = ${external-ip} 53
+ ListenAddress = ${external-ip} 655
+ ListenAddress = ${external-ip} 21031
+ '';
# Chat
environment.systemPackages = with pkgs;[
@@ -53,10 +59,18 @@ in {
80 443
# tinc
655
+ # tinc-shack
+ 21032
+ # tinc-retiolum
+ 21031
];
allowedUDPPorts = [
# tinc
655 53
+ # tinc-retiolum
+ 21031
+ # tinc-shack
+ 21032
];
};
interfaces.et0.ip4 = [{
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
new file mode 100644
index 000000000..4d8e8ced1
--- /dev/null
+++ b/makefu/1systems/vbob.nix
@@ -0,0 +1,44 @@
+#
+#
+#
+{ config, pkgs, ... }:
+
+{
+ krebs.build.host = config.krebs.hosts.vbob;
+ krebs.build.target = "root@10.10.10.220";
+ imports =
+ [ # Include the results of the hardware scan.
+ <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>
+ ../2configs/main-laptop.nix #< base-gui
+
+ # environment
+ ../2configs/zsh-user.nix
+ ../2configs/virtualization.nix
+ ];
+ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
+ environment.systemPackages = with pkgs;[
+ get
+ ];
+
+ networking.firewall.allowedTCPPorts = [
+ 25
+ 80
+ ];
+
+ krebs.retiolum = {
+ enable = true;
+ extraConfig = "Proxy = http global.proxy.alcatel-lucent.com 8000";
+ hosts = ../../krebs/Zhosts;
+ connectTo = [
+ "gum"
+ ];
+
+ };
+ networking.proxy.default = "http://global.proxy.alcatel-lucent.com:8000";
+ fileSystems."/media/share" = {
+ fsType = "vboxsf";
+ device = "share";
+ options = "rw,uid=9001,gid=9001";
+ };
+
+}
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 760c70789..519635281 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -80,7 +80,14 @@ with lib;
"d /tmp 1777 root root - -"
];
- environment.variables.EDITOR = mkForce "vim";
+ environment.variables = {
+ NIX_PATH = with config.krebs.build.source; with dir; with git;
+ mkForce (concatStringsSep ":" [
+ "nixpkgs=${nixpkgs.target-path}"
+ "${nixpkgs.target-path}"
+ ]);
+ EDITOR = mkForce "vim";
+ };
environment.systemPackages = with pkgs; [
jq
@@ -124,6 +131,14 @@ with lib;
services.cron.enable = false;
services.nscd.enable = false;
+ services.ntp.enable = false;
+ services.timesyncd.enable = true;
+ services.ntp.servers = [
+ "pool.ntp.org"
+ "time.windows.com"
+ "time.apple.com"
+ "time.nist.gov"
+ ];
security.setuidPrograms = [ "sendmail" ];
services.journald.extraConfig = ''
diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix
new file mode 100644
index 000000000..b071a128d
--- /dev/null
+++ b/makefu/2configs/fetchWallpaper.nix
@@ -0,0 +1,24 @@
+{ config, pkgs, ... }:
+
+let
+ # check if laptop runs on umts
+ weaksauce-internet = with pkgs;writeScript "weaksauce-internet" ''
+ #! /bin/sh
+ if ${iproute}/bin/ip addr show dev ppp0 2>/dev/null \
+ | ${gnugrep}/bin/grep -q inet;then
+ exit 1
+ fi
+ '';
+
+in {
+ krebs.fetchWallpaper = {
+ enable = true;
+ display = ":0";
+ predicate = weaksauce-internet;
+ timerConfig = {
+ OnCalendar = "*:0/30";
+ };
+ url = "http://echelon/wallpaper.png";
+ };
+}
+
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 304d39fcd..68fd976d6 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -24,6 +24,7 @@ let
connector-repos = mapAttrs make-priv-repo {
connector = { };
+ minikrebs = { };
mattermost = {
desc = "Mattermost Docker files";
};
@@ -42,7 +43,7 @@ let
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
nick = config.networking.hostName;
- verbose = config.krebs.build.host.name == "pnp";
+ verbose = config.krebs.build.host.name == "gum";
channel = "#retiolum";
# TODO remove the hardcoded hostname
server = "cd.retiolum";
@@ -54,7 +55,7 @@ let
# TODO: get the list of all krebsministers
krebsminister = with config.krebs.users; [ lass tv uriel ];
- all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp ];
+ all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob ];
all-exco = with config.krebs.users; [ exco ];
priv-rules = repo: set-owners repo all-makefu;
@@ -85,6 +86,10 @@ in {
name = "makefu-omo" ;
pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_omo.ssh.pub;
};
+ makefu-vbob = {
+ name = "makefu-vbob" ;
+ pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_vbob.ssh.pub;
+ };
makefu-tsp = {
name = "makefu-tsp" ;
pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_tsp.ssh.pub;
diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix
index dfc8c1c07..00a3e73ca 100644
--- a/makefu/2configs/main-laptop.nix
+++ b/makefu/2configs/main-laptop.nix
@@ -6,7 +6,10 @@
with lib;
{
- imports = [ ./base-gui.nix ];
+ imports = [
+ ./base-gui.nix
+ ./fetchWallpaper.nix
+ ];
environment.systemPackages = with pkgs;[
vlc
firefox
diff --git a/makefu/2configs/tinc-basic-retiolum.nix b/makefu/2configs/tinc-basic-retiolum.nix
index fd6d1683d..2abf4f188 100644
--- a/makefu/2configs/tinc-basic-retiolum.nix
+++ b/makefu/2configs/tinc-basic-retiolum.nix
@@ -9,6 +9,7 @@ with lib;
"gum"
"pigstarter"
"fastpoke"
+ "ire"
];
};
}
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index b3f94e655..15711a5d5 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -12,6 +12,8 @@ local beautiful = require("beautiful")
local naughty = require("naughty")
local menubar = require("menubar")
+
+
-- {{{ Error handling
-- Check if awesome encountered an error during startup and fell back to
-- another config (This code will only ever execute for the fallback config)
@@ -90,6 +92,20 @@ vicious.register(batwidget, vicious.widgets.bat, "$2%", 61, "BAT0")
--
-- beautiful.init("/nix/store/qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/themes/default/theme.lua")
+function find_default_theme()
+ -- find the default lua theme in the package path
+ for path in package.path:gmatch('([^;]+);') do
+ if path:match('awesome.*share') then
+ theme_path = path:match('^([^?]*)') .. '../themes/default/theme.lua'
+ if awful.util.file_readable(theme_path) then return theme_path end
+ end
+ end
+end
+
+beautiful.init(find_default_theme())
+client.connect_signal("focus", function(c) c.border_color = beautiful.border_focus end)
+client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end)
+
-- This is used later as the default terminal and editor to run.
terminal = "urxvt"
editor = os.getenv("EDITOR") or "vim"
@@ -494,21 +510,9 @@ local os = {
date = os.date,
time = os.time
}
+
-- }}}
-function find_default_theme()
- -- find the default lua theme in the package path
- for path in package.path:gmatch('([^;]+);') do
- if path:match('awesome.*share') then
- theme_path = path:match('^([^?]*)') .. '../themes/default/theme.lua'
- if awful.util.file_readable(theme_path) then return theme_path end
- end
- end
-end
-
-beautiful.init(find_default_theme())
-client.connect_signal("focus", function(c) c.border_color = beautiful.border_focus end)
-client.connect_signal("unfocus", function(c) c.border_color = beautiful.border_normal end)
-- }}}