summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/omo.nix44
-rw-r--r--makefu/1systems/vbob.nix19
-rw-r--r--makefu/1systems/wbob.nix19
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix3
-rw-r--r--makefu/2configs/tinc-basic-retiolum.nix1
-rw-r--r--makefu/2configs/urlwatch.nix1
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg3
7 files changed, 71 insertions, 19 deletions
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index 552af4e4f..19183fea8 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -31,10 +31,45 @@ in {
../2configs/nginx/omo-share.nix
../3modules
];
+ networking.firewall.trustedInterfaces = [ "enp3s0" ];
+ # udp:137 udp:138 tcp:445 tcp:139 - samba, allowed in local net
+ # tcp:80 - nginx for sharing files
+ # tcp:655 udp:655 - tinc
+ # tcp:8080 - sabnzbd
+ networking.firewall.allowedUDPPorts = [ 655 ];
+ networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
+
# services.openssh.allowSFTP = false;
- krebs.build.host = config.krebs.hosts.omo;
krebs.build.source.git.nixpkgs.rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce";
+ # samba share /media/crypt1/share
+ users.users.smbguest = {
+ name = "smbguest";
+ uid = config.ids.uids.smbguest;
+ description = "smb guest user";
+ home = "/var/empty";
+ };
+ services.samba = {
+ enable = true;
+ shares = {
+ winshare = {
+ path = "/media/crypt1/share";
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+ };
+ extraConfig = ''
+ guest account = smbguest
+ map to guest = bad user
+ # disable printing
+ load printers = no
+ printing = bsd
+ printcap name = /dev/null
+ disable spoolss = yes
+ '';
+ };
+
# copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/
services.sabnzbd.enable = true;
systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
@@ -67,6 +102,7 @@ in {
${pkgs.hdparm}/sbin/hdparm -y ${disk}
'') allDisks);
+ # crypto unlocking
boot = {
initrd.luks = {
devices = let
@@ -97,15 +133,11 @@ in {
extraModulePackages = [ ];
};
- networking.firewall.allowedUDPPorts = [ 655 ];
- # 8080: sabnzbd
- networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
-
hardware.enableAllFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
zramSwap.enable = true;
zramSwap.numDevices = 2;
-
+ krebs.build.host = config.krebs.hosts.omo;
}
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
index b8c02cb67..d95362919 100644
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@@ -2,9 +2,7 @@
#
#
{ lib, config, pkgs, ... }:
-let
- pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {};
-in {
+{
krebs.build.host = config.krebs.hosts.vbob;
krebs.build.target = "root@10.10.10.220";
imports =
@@ -15,14 +13,13 @@ in {
# environment
];
+ nixpkgs.config.allowUnfree = true;
nixpkgs.config.packageOverrides = pkgs: {
tinc = pkgs.tinc_pre;
- buildbot = pkgs-unst.buildbot;
- buildbot-slave = pkgs-unst.buildbot-slave;
};
makefu.buildbot.master = {
- enable = true;
+ enable = false;
irc = {
enable = true;
server = "cd.retiolum";
@@ -30,8 +27,9 @@ in {
allowForce = true;
};
};
+ # services.logstash.enable = true;
makefu.buildbot.slave = {
- enable = true;
+ enable = false;
masterhost = "localhost";
username = "testslave";
password = "krebspass";
@@ -41,8 +39,8 @@ in {
krebs.build.source.git.nixpkgs = {
#url = https://github.com/nixos/nixpkgs;
- # HTTP Everywhere
- rev = "a3974e";
+ # HTTP Everywhere + libredir
+ rev = "8239ac6";
};
fileSystems."/nix" = {
device ="/dev/disk/by-label/nixstore";
@@ -56,9 +54,12 @@ in {
};
};
environment.systemPackages = with pkgs;[
+ fortclientsslvpn
buildbot
buildbot-slave
get
+ genid
+ logstash
];
networking.firewall.allowedTCPPorts = [
diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix
new file mode 100644
index 000000000..d6916f006
--- /dev/null
+++ b/makefu/1systems/wbob.nix
@@ -0,0 +1,19 @@
+{ config, pkgs, ... }:
+{
+ imports =
+ [ # Include the results of the hardware scan.
+ ../2configs/main-laptop.nix
+ ];
+ krebs = {
+ enable = true;
+ retiolum.enable = true;
+ build.host = config.krebs.hosts.wbob;
+ };
+ boot.loader.grub.device = "/dev/sda";
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ fileSystems."/" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+}
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 35bb169cf..7d85eb8d1 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -16,6 +16,9 @@ let
desc = "Tinc Advanced Graph Generation";
};
cac = { };
+ init-stockholm = {
+ desc = "Init stuff for stockholm";
+ };
};
priv-repos = mapAttrs make-priv-repo {
diff --git a/makefu/2configs/tinc-basic-retiolum.nix b/makefu/2configs/tinc-basic-retiolum.nix
index 2abf4f188..f49c596fc 100644
--- a/makefu/2configs/tinc-basic-retiolum.nix
+++ b/makefu/2configs/tinc-basic-retiolum.nix
@@ -4,7 +4,6 @@ with lib;
{
krebs.retiolum = {
enable = true;
- hosts = ../../krebs/Zhosts;
connectTo = [
"gum"
"pigstarter"
diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix
index a83279ba2..f869f5a78 100644
--- a/makefu/2configs/urlwatch.nix
+++ b/makefu/2configs/urlwatch.nix
@@ -29,6 +29,7 @@
https://pypi.python.org/simple/bepasty/
https://pypi.python.org/simple/xstatic/
http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
+ http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
];
};
}
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index 15711a5d5..c1b58aa90 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -38,8 +38,6 @@ do
end)
end
-- }}}
-volwidget = wibox.widget.textbox()
-vicious.register(volwidget, vicious.widgets.volume, " $1% ", 2, "Master")
-- {{{ Mails widget type
local function worker(format,warg)
@@ -258,7 +256,6 @@ for s = 1, screen.count() do
local right_layout = wibox.layout.fixed.horizontal()
right_layout:add(mailwidget)
if s == 1 then right_layout:add(wibox.widget.systray()) end
- right_layout:add(volwidget)
right_layout:add(cpuwidget)
right_layout:add(batwidget)
right_layout:add(mytextclock)