From 6154dd151372339df10f12c3594004350deb9ad7 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 17 Jun 2018 22:54:59 +0200 Subject: ma gum.r: split sw/hw config --- makefu/1systems/gum/config.nix | 50 +++++++++------------------------ makefu/1systems/gum/hardware-config.nix | 44 +++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+), 36 deletions(-) create mode 100644 makefu/1systems/gum/hardware-config.nix diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 9b6d9d571..951ec0104 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -2,28 +2,14 @@ with import ; let - # hw-specific - external-mac = "2a:c5:6e:d2:fc:7f"; - main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; - external-gw = "185.194.140.1"; - # single partition, label "nixos" - # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate - - - # static external-ip = config.krebs.build.host.nets.internet.ip4.addr; - external-ip6 = config.krebs.build.host.nets.internet.ip6.addr; - external-gw6 = "fe80::1"; - external-netmask = 22; - external-netmask6 = 64; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - ext-if = "et0"; # gets renamed on the fly + ext-if = config.makefu.server.primary-itf; in { imports = [ + ./hardware-config.nix - # @@ -49,6 +35,7 @@ in { # + # network @@ -90,6 +77,15 @@ in { # + + { # ncdc + environment.systemPackages = [ pkgs.ncdc ]; + networking.firewall = { + allowedUDPPorts = [ 51411 ]; + allowedTCPPorts = [ 51411 ]; + }; + } + # @@ -187,7 +183,6 @@ in { ]; }; - makefu.server.primary-itf = ext-if; # access users.users = { @@ -200,6 +195,7 @@ in { weechat bepasty-client-cli get + tmux ]; services.bitlbee = { enable = true; @@ -207,15 +203,8 @@ in { }; # Hardware - boot.loader.grub.device = main-disk; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; # Network - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" - ''; - boot.kernelParams = [ ]; networking = { firewall = { allowPing = true; @@ -249,19 +238,8 @@ in { 21032 ]; }; - interfaces."${ext-if}" = { - ip4 = [{ - address = external-ip; - prefixLength = external-netmask; - }]; - ip6 = [{ - address = external-ip6; - prefixLength = external-netmask6; - }]; - }; - defaultGateway6 = external-gw6; - defaultGateway = external-gw; nameservers = [ "8.8.8.8" ]; }; + users.users.makefu.extraGroups = [ "download" "nginx" ]; } diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix new file mode 100644 index 000000000..e83f94a9f --- /dev/null +++ b/makefu/1systems/gum/hardware-config.nix @@ -0,0 +1,44 @@ +{ config, ... }: +let + external-mac = "2a:c5:6e:d2:fc:7f"; + main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; + external-gw = "185.194.140.1"; + # single partition, label "nixos" + # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate + + + # static + external-ip = config.krebs.build.host.nets.internet.ip4.addr; + external-ip6 = config.krebs.build.host.nets.internet.ip6.addr; + external-gw6 = "fe80::1"; + external-netmask = 22; + external-netmask6 = 64; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + ext-if = "et0"; # gets renamed on the fly +in { + imports = [ + + ]; + makefu.server.primary-itf = ext-if; + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" + ''; + networking = { + interfaces."${ext-if}" = { + ipv4.addresses = [{ + address = external-ip; + prefixLength = external-netmask; + }]; + ipv6.addresses = [{ + address = external-ip6; + prefixLength = external-netmask6; + }]; + }; + defaultGateway6 = external-gw6; + defaultGateway = external-gw; + }; + boot.kernelParams = [ ]; + boot.loader.grub.device = main-disk; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; +} -- cgit v1.2.3 From 14693d22bbd3f5a171becb2b92cad5a53d4e3ea4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 24 Jun 2018 23:41:27 +0200 Subject: nextgum.r: init --- krebs/3modules/makefu/default.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d7a750c6e..c5404f96d 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -520,6 +520,38 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr"; }; + nextgum = rec { + ci = true; + cores = 8; + nets = rec { + internet = { + ip4.addr = "144.76.26.247"; + ip6.addr = "2a01:4f8:191:12f6::2"; + aliases = [ + "nextgum.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.0.213"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; + aliases = [ + "nextgum.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8 + aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO + npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh + 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF + 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN + VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; + }; gum = rec { ci = true; -- cgit v1.2.3 From 179a0c8e86868428d2895742d2b066cc72542070 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 24 Jun 2018 23:42:30 +0200 Subject: onebutton.r: add mpc-booter --- krebs/1systems/onebutton/config.nix | 30 ++++++++++++++++++++++++++++++ krebs/1systems/onebutton/source.nix | 2 +- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix index dca00a206..b87aef5a3 100644 --- a/krebs/1systems/onebutton/config.nix +++ b/krebs/1systems/onebutton/config.nix @@ -16,6 +16,36 @@ services.nixosManual.enable = false; services.journald.extraConfig = "SystemMaxUse=50M"; } + { + systemd.services.mpc-booter = let + mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600"; + url = "http://lassul.us:8000/radio.ogg"; + say = pkgs.writeDash "say" '' + tmpfile=$(${pkgs.coreutils}/bin/mktemp) + echo "$@" > $tmpfile + ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/ + rm "$tmpfile" + ''; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + RemainAfterExit = "yes"; + Type = "oneshot"; + ExecStart = pkgs.writeDash "mpc-boot" '' + until ${mpc} stats;do + echo "waiting for mpd.shack to appear" + sleep 1 + done + ${say} "Willkommen im Shack wertes Mitglied" + + ${say} "Lassulus Super Radio wurde gestartet" + ${mpc} add ${url} + ${mpc} play + ''; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.onebutton; # NixOS wants to enable GRUB by default diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix index 8f25881c9..6842bfaab 100644 --- a/krebs/1systems/onebutton/source.nix +++ b/krebs/1systems/onebutton/source.nix @@ -4,7 +4,7 @@ let nixpkgs = pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; - rev = "6c064e6b"; # only binary cache for unstable arm6 + rev = "nixos-unstable"; # only binary cache for unstable arm6 sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; }; in import { -- cgit v1.2.3 From 522148ec0e642b739b79de16aa7fe51832f90a30 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 24 Jun 2018 23:43:19 +0200 Subject: ma source: cherry-pick forecastio and uhub/sqlite --- makefu/source.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/makefu/source.nix b/makefu/source.nix index 56d9095b2..85953615e 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -23,9 +23,11 @@ let ]; }; # TODO: automate updating of this ref + cherry-picks - ref = "60b6ab055ad"; # nixos-18.03 @ 2018-05-31 + ref = "ef4c5fbf5c2"; # nixos-18.03 @ 2018-05-31 # + do_sqlite3 ruby: 55a952be5b5 # + exfat-nofuse bump: ee6a5296a35 + # + uhub/sqlite: 5dd7610401747 + # + forecastio: f27584df02337 in evalSource (toString _file) [ -- cgit v1.2.3 From 2f4f8a1a27ae1742dc412074d2a9294f367add84 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 24 Jun 2018 23:45:12 +0200 Subject: ma kexec: init dummy host for deploying kexec tarballs --- makefu/1systems/kexec/config.nix | 25 +++++++++++++++++++++++++ makefu/1systems/kexec/source.nix | 3 +++ 2 files changed, 28 insertions(+) create mode 100644 makefu/1systems/kexec/config.nix create mode 100644 makefu/1systems/kexec/source.nix diff --git a/makefu/1systems/kexec/config.nix b/makefu/1systems/kexec/config.nix new file mode 100644 index 000000000..5bf19f978 --- /dev/null +++ b/makefu/1systems/kexec/config.nix @@ -0,0 +1,25 @@ +{ config, pkgs, lib, ... }: + +with import ; +{ + imports = [ + + # + + + ]; + # cd ~/stockholm ; nix-build '' -A config.system.build.kexec_tarball -j 4 -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso + + krebs.build.host = config.krebs.hosts.iso; + krebs.hidden-ssh.enable = true; + environment.extraInit = '' + EDITOR=vim + ''; + services.openssh = { + enable = true; + hostKeys = [ + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; +} diff --git a/makefu/1systems/kexec/source.nix b/makefu/1systems/kexec/source.nix new file mode 100644 index 000000000..e200dbfd2 --- /dev/null +++ b/makefu/1systems/kexec/source.nix @@ -0,0 +1,3 @@ +import { + name="iso"; +} -- cgit v1.2.3 From 6ddad27d009181ca2cc8ae2ad20715477e604fd6 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 24 Jun 2018 23:45:48 +0200 Subject: ma nextgum.r: in preparation to move nextgum -> gum --- makefu/1systems/gum/config.nix | 3 +- makefu/1systems/gum/hardware-config.nix | 2 + makefu/1systems/nextgum/config.nix | 247 ++++++++++++++++++++++++++++ makefu/1systems/nextgum/hardware-config.nix | 80 +++++++++ makefu/1systems/nextgum/source.nix | 5 + makefu/1systems/nextgum/transfer-config.nix | 7 + 6 files changed, 342 insertions(+), 2 deletions(-) create mode 100644 makefu/1systems/nextgum/config.nix create mode 100644 makefu/1systems/nextgum/hardware-config.nix create mode 100644 makefu/1systems/nextgum/source.nix create mode 100644 makefu/1systems/nextgum/transfer-config.nix diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 951ec0104..3dbf5da19 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -8,7 +8,6 @@ in { imports = [ ./hardware-config.nix - # @@ -241,5 +240,5 @@ in { nameservers = [ "8.8.8.8" ]; }; users.users.makefu.extraGroups = [ "download" "nginx" ]; - + boot.tmpOnTmpfs = true; } diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix index e83f94a9f..a40709169 100644 --- a/makefu/1systems/gum/hardware-config.nix +++ b/makefu/1systems/gum/hardware-config.nix @@ -17,8 +17,10 @@ let ext-if = "et0"; # gets renamed on the fly in { imports = [ + ]; + makefu.server.primary-itf = ext-if; services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" diff --git a/makefu/1systems/nextgum/config.nix b/makefu/1systems/nextgum/config.nix new file mode 100644 index 000000000..a23ccf7b2 --- /dev/null +++ b/makefu/1systems/nextgum/config.nix @@ -0,0 +1,247 @@ +{ config, lib, pkgs, ... }: + +with import ; +let + external-ip = config.krebs.build.host.nets.internet.ip4.addr; + ext-if = config.makefu.server.primary-itf; +in { + imports = [ + + ./hardware-config.nix + ./transfer-config.nix + + # + + # Security + + + # Tools + + + + + + + + + + + + # services + + + # sharing + + + # + ## + # + { # ncdc + environment.systemPackages = [ pkgs.ncdc ]; + networking.firewall = { + allowedUDPPorts = [ 51411 ]; + allowedTCPPorts = [ 51411 ]; + }; + } + # + + ## network + + # + + + + ## buildbot + # + + # Removed until move: no extra mails + # + # Removed until move: avoid double-update of domain + # + # Removed until move: avoid letsencrypt ban + ### Web + # + # + # + # + # + ## + # + # + # + + # + # + # + # + # + + { + services.taskserver.enable = true; + services.taskserver.fqdn = config.krebs.build.host.name; + services.taskserver.listenHost = "::"; + services.taskserver.organisations.home.users = [ "makefu" ]; + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT + ip6tables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT + ''; + } + + + + # + + ## Temporary: + # + + + #{ + # services.dockerRegistry.enable = true; + # networking.firewall.allowedTCPPorts = [ 8443 ]; + + # services.nginx.virtualHosts."euer.krebsco.de" = { + # forceSSL = true; + # enableACME = true; + # extraConfig = '' + # client_max_body_size 1000M; + # ''; + # locations."/".proxyPass = "http://localhost:5000"; + # }; + #} + { # wireguard server + + # opkg install wireguard luci-proto-wireguard + + # TODO: networking.nat + + # boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + # conf.all.proxy_arp =1 + networking.firewall = { + allowedUDPPorts = [ 51820 ]; + extraCommands = '' + iptables -t nat -A POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE + ''; + }; + + networking.wireguard.interfaces.wg0 = { + ips = [ "10.244.0.1/24" ]; + listenPort = 51820; + privateKeyFile = (toString ) + "/wireguard.key"; + allowedIPsAsRoutes = true; + peers = [ + { + # x + allowedIPs = [ "10.244.0.2/32" ]; + publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; + } + { + # vbob + allowedIPs = [ "10.244.0.3/32" ]; + publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw="; + } + { + # x-test + allowedIPs = [ "10.244.0.4/32" ]; + publicKey = "vZ/AJpfDLJyU3DzvYeW70l4FNziVgSTumA89wGHG7XY="; + } + { + # work-router + allowedIPs = [ "10.244.0.5/32" ]; + publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw="; + } + { + # workr + allowedIPs = [ "10.244.0.6/32" ]; + publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA="; + } + ]; + }; + } + { # iperf3 + networking.firewall.allowedUDPPorts = [ 5201 ]; + networking.firewall.allowedTCPPorts = [ 5201 ]; + } + + ]; + makefu.dl-dir = "/var/download"; + + services.openssh.hostKeys = [ + { bits = 4096; path = (toString ); type = "rsa"; } + { path = (toString ); type = "ed25519"; } ]; + ###### stable + services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ]; + krebs.build.host = config.krebs.hosts.gum; + + krebs.tinc.retiolum = { + extraConfig = '' + ListenAddress = ${external-ip} 53 + ListenAddress = ${external-ip} 655 + ListenAddress = ${external-ip} 21031 + ''; + connectTo = [ + "muhbaasu" "tahoe" "flap" "wry" + "ni" + "fastpoke" "prism" "dishfire" "echelon" "cloudkrebs" + ]; + }; + + + # access + users.users = { + root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-omo.pubkey ]; + makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey config.krebs.users.makefu-bob.pubkey ]; + }; + + # Chat + environment.systemPackages = with pkgs;[ + weechat + bepasty-client-cli + get + tmux + ]; + services.bitlbee = { + enable = true; + libpurple_plugins = [ pkgs.telegram-purple ]; + }; + + # Hardware + + # Network + networking = { + firewall = { + allowPing = true; + logRefusedConnections = false; + allowedTCPPorts = [ + # smtp + 25 + # http + 80 443 + # httptunnel + 8080 8443 + # tinc + 655 + # tinc-shack + 21032 + # tinc-retiolum + 21031 + # taskserver + 53589 + # temp vnc + 18001 + # temp reverseshell + 31337 + ]; + allowedUDPPorts = [ + # tinc + 655 53 + # tinc-retiolum + 21031 + # tinc-shack + 21032 + ]; + }; + nameservers = [ "8.8.8.8" ]; + }; + users.users.makefu.extraGroups = [ "download" "nginx" ]; + boot.tmpOnTmpfs = true; +} diff --git a/makefu/1systems/nextgum/hardware-config.nix b/makefu/1systems/nextgum/hardware-config.nix new file mode 100644 index 000000000..36fea6544 --- /dev/null +++ b/makefu/1systems/nextgum/hardware-config.nix @@ -0,0 +1,80 @@ +{ config, ... }: +let + external-mac = "50:46:5d:9f:63:6b"; + main-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_13H8863AS"; + sec-disk = "/dev/disk/by-id/ata-TOSHIBA_DT01ACA300_23OJ2GJAS"; + external-gw = "144.76.26.225"; + # single partition, label "nixos" + # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate + + + # static + external-ip = "144.76.26.247"; + external-ip6 = "2a01:4f8:191:12f6::2"; + external-gw6 = "fe80::1"; + external-netmask = 27; + external-netmask6 = 64; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + ext-if = "et0"; # gets renamed on the fly +in { + imports = [ + ]; + makefu.server.primary-itf = ext-if; + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" + ''; + networking = { + interfaces."${ext-if}" = { + ipv4.addresses = [{ + address = external-ip; + prefixLength = external-netmask; + }]; + ipv6.addresses = [{ + address = external-ip6; + prefixLength = external-netmask6; + }]; + }; + defaultGateway6 = external-gw6; + defaultGateway = external-gw; + }; + boot.kernelParams = [ ]; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.devices = [ main-disk ]; + boot.initrd.availableKernelModules = [ + "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" + "xhci_pci" "ehci_pci" "ahci" "sd_mod" + ]; + boot.kernelModules = [ "kvm-intel" ]; + hardware.enableRedistributableFirmware = true; + fileSystems."/" = { + device = "/dev/mapper/nixos-root"; + fsType = "ext4"; + }; + fileSystems."/boot" = { + device = "/dev/sda2"; + fsType = "vfat"; + }; + # parted -s -a optimal "$disk" \ + # mklabel gpt \ + # mkpart no-fs 0 1024KiB \ + # set 1 bios_grub on \ + # mkpart ESP fat32 1025KiB 1024MiB set 2 boot on \ + # mkpart primary 1025MiB 100% + # parted -s -a optimal "/dev/sdb" \ + # mklabel gpt \ + # mkpart primary 1M 100% + + #mkfs.vfat /dev/sda2 + #pvcreate /dev/sda3 + #pvcreate /dev/sdb1 + #vgcreate nixos /dev/sda3 /dev/sdb1 + #lvcreate -L 120G -n root nixos + #mkfs.ext4 /dev/mapper/nixos-root + #mount /dev/mapper/nixos-root /mnt + #mkdir /mnt/boot + #mount /dev/sda2 /mnt/boot + #mkdir -p /mnt/var/src + #touch /mnt/var/src/.populate + +} diff --git a/makefu/1systems/nextgum/source.nix b/makefu/1systems/nextgum/source.nix new file mode 100644 index 000000000..413889c47 --- /dev/null +++ b/makefu/1systems/nextgum/source.nix @@ -0,0 +1,5 @@ +import { + name="nextgum"; + torrent = true; + clever_kexec = true; +} diff --git a/makefu/1systems/nextgum/transfer-config.nix b/makefu/1systems/nextgum/transfer-config.nix new file mode 100644 index 000000000..92df60195 --- /dev/null +++ b/makefu/1systems/nextgum/transfer-config.nix @@ -0,0 +1,7 @@ +{ config, lib, ... }: +# configuration which is only required for the time of the transfer +{ + krebs.tinc.retiolum.connectTo = [ "gum" ]; + krebs.build.host = lib.mkForce config.krebs.hosts.nextgum; +} + -- cgit v1.2.3 From 4d07a747298fca730ba42f29e3f054be390dbab6 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 25 Jun 2018 09:18:41 +0200 Subject: ma gum.r: remove retroshare import --- makefu/1systems/gum/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 3dbf5da19..998ecd0fb 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -34,7 +34,7 @@ in { # - + # # network -- cgit v1.2.3