summaryrefslogtreecommitdiffstats
path: root/tv/1systems/wu.nix
diff options
context:
space:
mode:
Diffstat (limited to 'tv/1systems/wu.nix')
-rw-r--r--tv/1systems/wu.nix154
1 files changed, 2 insertions, 152 deletions
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix
index 85fba1d8a..3fa5481e2 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu.nix
@@ -4,28 +4,9 @@ with lib;
{
krebs.build.host = config.krebs.hosts.wu;
- krebs.build.user = config.krebs.users.tv;
-
- krebs.build.target = "root@wu";
-
- krebs.build.source = {
- git.nixpkgs = {
- url = https://github.com/NixOS/nixpkgs;
- rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
- };
- dir.secrets = {
- host = config.krebs.hosts.wu;
- path = "/home/tv/secrets/wu";
- };
- dir.stockholm = {
- host = config.krebs.hosts.wu;
- path = "/home/tv/stockholm";
- };
- };
imports = [
../2configs/hw/w110er.nix
- ../2configs/base.nix
#../2configs/consul-client.nix
../2configs/git.nix
../2configs/mail-client.nix
@@ -62,31 +43,24 @@ with lib;
bind # dig
cac
dic
- ff
file
get
- gitAndTools.qgit
gnupg21
haskellPackages.hledger
htop
jq
manpages
mkpasswd
- mpv
netcat
nix-repl
nmap
nq
p7zip
- pavucontrol
posix_man_pages
- pssh
push
qrencode
- sxiv
texLive
tmux
- zathura
#ack
#apache-httpd
@@ -145,6 +119,8 @@ with lib;
#xkill
#xl2tpd
#xsel
+
+ unison
];
}
{
@@ -180,132 +156,6 @@ with lib;
];
};
}
- {
- users.extraGroups = {
- tv.gid = 1337;
- slaves.gid = 3799582008; # genid slaves
- };
-
- users.extraUsers =
- mapAttrs (name: user@{ extraGroups ? [], ... }: user // {
- inherit name;
- home = "/home/${name}";
- createHome = true;
- useDefaultShell = true;
- group = "tv";
- extraGroups = ["slaves"] ++ extraGroups;
- }) {
- ff = {
- uid = 13378001;
- extraGroups = [
- "audio"
- "video"
- ];
- };
-
- cr = {
- uid = 13378002;
- extraGroups = [
- "audio"
- "video"
- ];
- };
-
- fa = {
- uid = 2300001;
- };
-
- rl = {
- uid = 2300002;
- };
-
- tief = {
- uid = 2300702;
- };
-
- btc-bitcoind = {
- uid = 2301001;
- };
-
- btc-electrum = {
- uid = 2301002;
- };
-
- ltc-litecoind = {
- uid = 2301101;
- };
-
- eth = {
- uid = 2302001;
- };
-
- emse-hsdb = {
- uid = 4200101;
- };
-
- wine = {
- uid = 13370400;
- extraGroups = [
- "audio"
- "video"
- ];
- };
-
- df = {
- uid = 13370401;
- extraGroups = [
- "audio"
- "video"
- ];
- };
-
- xr = {
- uid = 13370061;
- extraGroups = [
- "audio"
- "video"
- ];
- };
-
- "23" = {
- uid = 13370023;
- };
-
- electrum = {
- uid = 13370102;
- };
-
- skype = {
- uid = 6660001;
- extraGroups = [
- "audio"
- ];
- };
-
- onion = {
- uid = 6660010;
- };
-
- zalora = {
- uid = 1000301;
- extraGroups = [
- "audio"
- # TODO remove vboxusers when hardening is active
- "vboxusers"
- "video"
- ];
- };
- };
-
- security.sudo.extraConfig =
- let
- isSlave = u: elem "slaves" u.extraGroups;
- masterOf = u: u.group;
- slaves = filterAttrs (_: isSlave) config.users.extraUsers;
- toSudoers = u: "${masterOf u} ALL=(${u.name}) NOPASSWD: ALL";
- in
- concatMapStringsSep "\n" toSudoers (attrValues slaves);
- }
];
boot.initrd.luks = {