diff options
Diffstat (limited to 'makefu')
42 files changed, 152 insertions, 118 deletions
diff --git a/makefu/1systems/filepimp.nix b/makefu/1systems/filepimp.nix index fb9324ee9..f2c592ea9 100644 --- a/makefu/1systems/filepimp.nix +++ b/makefu/1systems/filepimp.nix @@ -11,6 +11,7 @@ let in { imports = [ # Include the results of the hardware scan. + ../. ../2configs/fs/single-partition-ext4.nix ../2configs/tinc-basic-retiolum.nix ../2configs/smart-monitor.nix diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index c4dfbf4b7..04adc4941 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -1,11 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let external-ip = head config.krebs.build.host.nets.internet.addrs4; internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; in { imports = [ + ../. ../2configs/tinc-basic-retiolum.nix ../2configs/headless.nix ../2configs/fs/simple-swap.nix @@ -26,7 +27,6 @@ in { nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; ###### stable - krebs.build.target = "root@gum.krebsco.de"; krebs.build.host = config.krebs.hosts.gum; krebs.retiolum.extraConfig = '' ListenAddress = ${external-ip} 53 diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index 34d5a394d..6cff35e9d 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -20,6 +20,7 @@ let in { imports = [ + ../. # TODO: unlock home partition via ssh ../2configs/fs/single-partition-ext4.nix ../2configs/tinc-basic-retiolum.nix diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 51c124bbe..8791ad1d7 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -6,6 +6,7 @@ { imports = [ + ../. ../2configs/tinc-basic-retiolum.nix ../2configs/headless.nix ../../krebs/3modules/Reaktor.nix diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index d7fa8edc5..b2cf0be79 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -6,6 +6,7 @@ { imports = [ # Include the results of the hardware scan. + ../. ../2configs/main-laptop.nix #< base-gui + zsh # Krebs @@ -18,7 +19,6 @@ ../2configs/exim-retiolum.nix ../2configs/mail-client.nix ../2configs/printer.nix - #../2configs/virtualization.nix ../2configs/virtualization.nix ../2configs/virtualization-virtualbox.nix ../2configs/wwan.nix @@ -35,33 +35,13 @@ # ../2configs/mediawiki.nix #../2configs/wordpress.nix ]; - hardware.sane.enable = true; - hardware.sane.extraBackends = [ pkgs.samsungUnifiedLinuxDriver ]; + nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; - krebs.Reaktor = { - enable = false; - nickname = "makefu|r"; - plugins = with pkgs.ReaktorPlugins; [ nixos-version random-emoji ]; - }; - - # nix.binaryCaches = [ "http://acng.shack/nixos" "https://cache.nixos.org" ]; - - environment.systemPackages = with pkgs;[ - get - virtmanager - gnome3.dconf - krebspaste - ]; - - services.logind.extraConfig = "HandleLidSwitch=ignore"; # configure pulseAudio to provide a HDMI sink as well - hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' - ${builtins.readFile "${config.hardware.pulseaudio.package}/etc/pulse/default.pa"} - load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI"''; - networking.firewall.enable = false; + networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ 25 ]; diff --git a/makefu/1systems/repunit.nix b/makefu/1systems/repunit.nix index 0c6ba09fb..f9421cfa2 100644 --- a/makefu/1systems/repunit.nix +++ b/makefu/1systems/repunit.nix @@ -7,8 +7,9 @@ { imports = [ # Include the results of the hardware scan. + ../. <nixpkgs/nixos/modules/profiles/qemu-guest.nix> - ../2configs/cgit-retiolum.nix + ../2configs/git/cgit-retiolum.nix ]; krebs.build.host = config.krebs.hosts.repunit; diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix index 990db65d2..d5d44cce0 100644 --- a/makefu/1systems/tsp.nix +++ b/makefu/1systems/tsp.nix @@ -6,6 +6,7 @@ { imports = [ # Include the results of the hardware scan. + ../. ../2configs/base-gui.nix ../2configs/tinc-basic-retiolum.nix ../2configs/fs/sda-crypto-root.nix diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index 90b490802..e07525d0d 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -4,9 +4,9 @@ { lib, config, pkgs, ... }: { krebs.build.host = config.krebs.hosts.vbob; - krebs.build.target = "root@10.10.10.220"; imports = [ # Include the results of the hardware scan. + ../. <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix> ../2configs/main-laptop.nix #< base-gui @@ -18,8 +18,8 @@ tinc = pkgs.tinc_pre; }; - krebs.build.source.nixpkgs = { - # url = https://github.com/nixos/nixpkgs; + krebs.build.source.upstream-nixpkgs = { + url = https://github.com/makefu/nixpkgs; # HTTP Everywhere + libredir rev = "8239ac6"; }; @@ -39,7 +39,6 @@ buildbot buildbot-slave get - genid logstash ]; diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix index d6916f006..b4f7c9058 100644 --- a/makefu/1systems/wbob.nix +++ b/makefu/1systems/wbob.nix @@ -2,18 +2,60 @@ { imports = [ # Include the results of the hardware scan. + ../. ../2configs/main-laptop.nix ]; - krebs = { - enable = true; - retiolum.enable = true; - build.host = config.krebs.hosts.wbob; - }; - boot.loader.grub.device = "/dev/sda"; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" ]; - boot.kernelModules = [ "kvm-intel" ]; - fileSystems."/" = { - device = "/dev/sda1"; - fsType = "ext4"; - }; + krebs = { + enable = true; + retiolum.enable = true; + build.host = config.krebs.hosts.wbob; + }; + + # rt2870.bin wifi card, part of linux-unfree + hardware.enableAllFirmware = true; + nixpkgs.config.allowUnfree = true; + networking.wireless.enable = true; + # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 + # not explicitly setting the interface results in wpa_supplicant to crash + networking.wireless.interfaces = [ "wlp2s0" ]; + + + # nuc hardware + boot.loader.grub.device = "/dev/sda"; + hardware.cpu.intel.updateMicrocode = true; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; + + # DualHead on NUC + services.xserver = { + # xrandrHeads = [ "HDMI1" "HDMI2" ]; + # prevent screen from turning off, disable dpms + displayManager.sessionCommands = '' + xset s off -dpms + xrandr --output HDMI2 --right-of HDMI1 + ''; + }; + ## TODO Awesomecfg + autostart chrome + # + #local current_screen = 1 + #awful.rules.rules = { + # { rule = { class = "chromium-browser" }, + # callback = function() + # awful.client.movetotag(tags[current_screen][1],c) + # if (current_screen == 1) then + # current_screen = current_screen+1 + # else + # current_screen = current_screen-1 + # end + # end + # }, + #} + #awful.util.spawn_with_shell("chromium --new-window --kiosk http://wolf:3000/dashboard/db/soc-critical-values") + # prevent Race Condition + #awful.util.spawn_with_shell("sleep 0.5;chromium --new-window --kiosk http://wolf:3000/dashboard/db/aralast") + } diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index f022311c9..747321968 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -1,12 +1,13 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let external-ip = head config.krebs.build.host.nets.internet.addrs4; internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; in { imports = [ + ../. # TODO: copy this config or move to krebs ../../tv/2configs/hw/CAC.nix ../../tv/2configs/fs/CAC-CentOS-7-64bit.nix diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix index ed6d1f4a7..6f79ed4f4 100644 --- a/makefu/2configs/backup.nix +++ b/makefu/2configs/backup.nix @@ -1,5 +1,5 @@ { config, lib, ... }: -with lib; +with config.krebs.lib; let startAt = "0,6,12,18:00"; defaultBackupServer = config.krebs.hosts.omo; @@ -24,7 +24,7 @@ let }; }; in { - krebs.backup.plans = addNames { + krebs.backup.plans = { wry-to-omo_var-www = defaultPull wry "/var/www"; }; } diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index 1d6750284..341a2ab20 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -21,7 +21,7 @@ # URxvt.visualBell: false # URxvt.font : xft:Terminus -with lib; +with config.krebs.lib; let mainUser = config.krebs.build.user.name; awesomecfg = pkgs.awesomecfg.full; @@ -44,6 +44,8 @@ in displayManager.auto.user = mainUser; desktopManager.xterm.enable = false; }; + # lid switch is handled via button presses + services.logind.extraConfig = mkDefault "HandleLidSwitch=ignore"; nixpkgs.config.packageOverrides = pkgs: rec { awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : { postFixup = '' diff --git a/makefu/2configs/bepasty-dual.nix b/makefu/2configs/bepasty-dual.nix index 123ae3cf9..5682f5eb6 100644 --- a/makefu/2configs/bepasty-dual.nix +++ b/makefu/2configs/bepasty-dual.nix @@ -10,7 +10,7 @@ # wildcard.krebsco.de.key # bepasty-secret.nix <- contains single string -with lib; +with config.krebs.lib; let sec = toString <secrets>; # secKey is nothing worth protecting on a local machine diff --git a/makefu/2configs/collectd/collectd-base.nix b/makefu/2configs/collectd/collectd-base.nix index 7909c1be5..c739368ca 100644 --- a/makefu/2configs/collectd/collectd-base.nix +++ b/makefu/2configs/collectd/collectd-base.nix @@ -2,7 +2,7 @@ # graphite-web on port 8080 # carbon cache on port 2003 (tcp/udp) -with lib; +with config.krebs.lib; let connect-time-cfg = with pkgs; writeText "collectd-connect-time.cfg" '' LoadPlugin python diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 2b4e31119..83018e9f8 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { system.stateVersion = "15.09"; @@ -18,20 +18,17 @@ with lib; enable = true; search-domain = "retiolum"; build = { - target = mkDefault "root@${config.krebs.build.host.name}"; user = config.krebs.users.makefu; source = mapAttrs (_: mkDefault) { - upstream-nixpkgs = { + nixpkgs = { url = https://github.com/nixos/nixpkgs; - rev = "93d8671e2c6d1d25f126ed30e5e6f16764330119"; # unstable @ 2015-01-03, tested on filepimp + rev = "77f8f35d57618c1ba456d968524f2fb2c3448295"; # unstable @ 2015-01-27, tested on wry }; secrets = "/home/makefu/secrets/${config.krebs.build.host.name}/"; stockholm = "/home/makefu/stockholm"; # Defaults for all stockholm users? nixos-config = "symlink:stockholm/${config.krebs.build.user.name}/1systems/${config.krebs.build.host.name}.nix"; - nixpkgs = symlink:stockholm/nixpkgs; - stockholm-user = "symlink:stockholm/${config.krebs.build.user.name}"; }; }; }; @@ -87,6 +84,7 @@ with lib; environment.systemPackages = with pkgs; [ jq git + get gnumake rxvt_unicode.terminfo htop diff --git a/makefu/2configs/exim-retiolum.nix b/makefu/2configs/exim-retiolum.nix index b8c5c5236..34943f593 100644 --- a/makefu/2configs/exim-retiolum.nix +++ b/makefu/2configs/exim-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.exim-retiolum.enable = true; environment.systemPackages = with pkgs; [ diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix index b071a128d..786df6d40 100644 --- a/makefu/2configs/fetchWallpaper.nix +++ b/makefu/2configs/fetchWallpaper.nix @@ -1,24 +1,15 @@ { config, pkgs, ... }: -let - # check if laptop runs on umts - weaksauce-internet = with pkgs;writeScript "weaksauce-internet" '' - #! /bin/sh - if ${iproute}/bin/ip addr show dev ppp0 2>/dev/null \ - | ${gnugrep}/bin/grep -q inet;then - exit 1 - fi - ''; - -in { +{ krebs.fetchWallpaper = { enable = true; display = ":0"; - predicate = weaksauce-internet; + unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; timerConfig = { OnCalendar = "*:0/30"; }; url = "http://echelon/wallpaper.png"; }; + } diff --git a/makefu/2configs/fs/cac-boot-partition.nix b/makefu/2configs/fs/cac-boot-partition.nix index cec004582..bf08504d5 100644 --- a/makefu/2configs/fs/cac-boot-partition.nix +++ b/makefu/2configs/fs/cac-boot-partition.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: # vda1 ext4 (label nixos) -> only root partition -with lib; +with config.krebs.lib; { boot.loader.grub.enable = true; boot.loader.grub.version = 2; diff --git a/makefu/2configs/fs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix index cc2133a49..5214cf872 100644 --- a/makefu/2configs/fs/sda-crypto-root-home.nix +++ b/makefu/2configs/fs/sda-crypto-root-home.nix @@ -8,7 +8,7 @@ # / (main-root) # /home (main-home) -with lib; +with config.krebs.lib; { imports = [ diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix index 2bfe26960..e9d7b755a 100644 --- a/makefu/2configs/fs/sda-crypto-root.nix +++ b/makefu/2configs/fs/sda-crypto-root.nix @@ -3,7 +3,7 @@ # sda: bootloader grub2 # sda1: boot ext4 (label nixboot) # sda2: cryptoluks -> ext4 -with lib; +with config.krebs.lib; { boot = { loader.grub.enable = true; diff --git a/makefu/2configs/fs/vm-single-partition.nix b/makefu/2configs/fs/vm-single-partition.nix index 27e28cb68..88f209597 100644 --- a/makefu/2configs/fs/vm-single-partition.nix +++ b/makefu/2configs/fs/vm-single-partition.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: # vda1 ext4 (label nixos) -> only root partition -with lib; +with config.krebs.lib; { imports = [ ./single-partition-ext4.nix diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index 25ef584bf..58fd250e5 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: # TODO: remove tv lib :) -with lib; +with config.krebs.lib; let repos = priv-repos // krebs-repos ; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 7d85eb8d1..a488d98f2 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: # TODO: remove tv lib :) -with lib; +with config.krebs.lib; let repos = priv-repos // krebs-repos // connector-repos ; diff --git a/makefu/2configs/graphite-standalone.nix b/makefu/2configs/graphite-standalone.nix index 8b70c11c8..dd5438e8d 100644 --- a/makefu/2configs/graphite-standalone.nix +++ b/makefu/2configs/graphite-standalone.nix @@ -2,7 +2,7 @@ # graphite-web on port 8080 # carbon cache on port 2003 (tcp/udp) -with lib; +with config.krebs.lib; { imports = [ ]; diff --git a/makefu/2configs/hw/tp-x200.nix b/makefu/2configs/hw/tp-x200.nix index ed46875d8..f17ac74a6 100644 --- a/makefu/2configs/hw/tp-x200.nix +++ b/makefu/2configs/hw/tp-x200.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { imports = [ ./tp-x2x0.nix ]; diff --git a/makefu/2configs/hw/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix index f03922150..0a471bde0 100644 --- a/makefu/2configs/hw/tp-x220.nix +++ b/makefu/2configs/hw/tp-x220.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { imports = [ ./tp-x2x0.nix ]; @@ -16,10 +16,16 @@ with lib; }; services.xserver.displayManager.sessionCommands ='' - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 - # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 + # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 + ''; + + # enable HDMI output switching with pulseaudio + hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' + ${builtins.readFile "${config.hardware.pulseaudio.package}/etc/pulse/default.pa"} + load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" ''; } diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index ebc72a06e..892be07b8 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { # TODO: put this somewhere else networking.wireless.enable = true; @@ -18,18 +18,18 @@ with lib; sensitivity = 220; speed = 220; emulateWheel = true; - }; + }; services.tlp.enable = true; services.tlp.extraConfig = '' - START_CHARGE_THRESH_BAT0=80 - - CPU_SCALING_GOVERNOR_ON_AC=performance - CPU_SCALING_GOVERNOR_ON_BAT=ondemand - CPU_MIN_PERF_ON_AC=0 - CPU_MAX_PERF_ON_AC=100 - CPU_MIN_PERF_ON_BAT=0 - CPU_MAX_PERF_ON_BAT=30 + START_CHARGE_THRESH_BAT0=80 + + CPU_SCALING_GOVERNOR_ON_AC=performance + CPU_SCALING_GOVERNOR_ON_BAT=ondemand + CPU_MIN_PERF_ON_AC=0 + CPU_MAX_PERF_ON_AC=100 + CPU_MIN_PERF_ON_BAT=0 + CPU_MAX_PERF_ON_BAT=30 ''; } diff --git a/makefu/2configs/mail-client.nix b/makefu/2configs/mail-client.nix index bda21e9d0..913cbf25b 100644 --- a/makefu/2configs/mail-client.nix +++ b/makefu/2configs/mail-client.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { environment.systemPackages = with pkgs; [ msmtp diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix index b725f661d..c3e43723c 100644 --- a/makefu/2configs/main-laptop.nix +++ b/makefu/2configs/main-laptop.nix @@ -3,8 +3,9 @@ # stuff for the main laptop # this is pretty much nice-to-have and does # not fit into base-gui +# TODO split generic desktop stuff and laptop-specifics like lidswitching -with lib; +with config.krebs.lib; { imports = [ ./base-gui.nix @@ -17,8 +18,10 @@ with lib; chromium keepassx ntfs3g + at_spi2_core + gnome3.dconf virtmanager - at_spi2_core # dep for virtmanager? + krebspaste ]; services.redshift = { diff --git a/makefu/2configs/mattermost-docker.nix b/makefu/2configs/mattermost-docker.nix index 20a93dff1..e679a3d91 100644 --- a/makefu/2configs/mattermost-docker.nix +++ b/make |