3 files changed, 168 insertions, 0 deletions

diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix
new file mode 100644
index 000000000..c9f4ffa8d
--- /dev/null
+++ b/shared/2configs/base.nix
@@ -0,0 +1,74 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+  krebs.enable = true;
+  krebs.retiolum = {
+    enable = true;
+    connectTo = [
+      # TODO remove connectTo cd, this was only used for bootstrapping
+      "cd"
+      "gum"
+      "pigstarter"
+    ];
+  };
+
+  krebs.build.source = {
+    git.nixpkgs = {
+      url = https://github.com/NixOS/nixpkgs;
+      rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
+    };
+    dir.secrets = {
+      host = config.krebs.current.host;
+      path = "${getEnv "HOME"}/secrets/krebs/wolf";
+    };
+    dir.stockholm = {
+      host = config.krebs.current.host;
+      path = "${getEnv "HOME"}/stockholm";
+    };
+  };
+
+  networking.hostName = config.krebs.build.host.name;
+
+  nix.maxJobs = 1;
+  nix.trustedBinaryCaches = [
+    "https://cache.nixos.org"
+    "http://cache.nixos.org"
+    "http://hydra.nixos.org"
+  ];
+  nix.useChroot = true;
+
+  nixpkgs.config.packageOverrides = pkgs: {
+    nano = pkgs.vim;
+  };
+
+  environment.systemPackages = with pkgs; [
+    git
+    rxvt_unicode.terminfo
+  ];
+
+  programs.ssh.startAgent = false;
+
+  services.openssh = {
+    enable = true;
+    hostKeys = [
+      { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+    ];
+  };
+  services.cron.enable = false;
+  services.nscd.enable = false;
+  services.ntp.enable = false;
+
+  users.mutableUsers = false;
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+    # TODO
+    config.krebs.users.lass.pubkey
+    config.krebs.users.makefu.pubkey
+    config.krebs.users.tv.pubkey
+  ];
+
+
+  # The NixOS release to be compatible with for stateful data such as databases.
+  system.stateVersion = "15.09";
+
+}
diff --git a/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
new file mode 100644
index 000000000..b5ec722a0
--- /dev/null
+++ b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
@@ -0,0 +1,47 @@
+_:
+
+{
+  boot.loader.grub = {
+    device = "/dev/sda";
+    splashImage = null;
+  };
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "vmw_pvscsi"
+  ];
+
+  fileSystems."/" = {
+    device = "/dev/VolGroup/lv_root";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
+  };
+
+  swapDevices = [
+    { device = "/dev/VolGroup/lv_swap"; }
+  ];
+
+  users.extraGroups = {
+    # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
+    #    Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
+    #    Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
+    #      Docs: man:tmpfiles.d(5)
+    #            man:systemd-tmpfiles(8)
+    #   Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
+    #  Main PID: 19272 (code=exited, status=1/FAILURE)
+    #
+    # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
+    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
+    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
+    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
+    # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
+    # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
+    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
+    # warning: error(s) occured while switching to the new configuration
+    lock.gid = 10001;
+  };
+}
diff --git a/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix
new file mode 100644
index 000000000..168d1d97b
--- /dev/null
+++ b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix
@@ -0,0 +1,47 @@
+_:
+
+{
+  boot.loader.grub = {
+    device = "/dev/sda";
+    splashImage = null;
+  };
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "vmw_pvscsi"
+  ];
+
+  fileSystems."/" = {
+    device = "/dev/centos/root";
+    fsType = "xfs";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/sda1";
+    fsType = "xfs";
+  };
+
+  swapDevices = [
+    { device = "/dev/centos/swap"; }
+  ];
+
+  users.extraGroups = {
+    # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
+    #    Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
+    #    Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
+    #      Docs: man:tmpfiles.d(5)
+    #            man:systemd-tmpfiles(8)
+    #   Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
+    #  Main PID: 19272 (code=exited, status=1/FAILURE)
+    #
+    # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
+    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
+    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
+    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
+    # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
+    # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
+    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
+    # warning: error(s) occured while switching to the new configuration
+    lock.gid = 10001;
+  };
+}