From 2ac7d159f81da79e7b52f27ea38543990bb486ce Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 13 Aug 2016 22:38:09 +0200 Subject: m bcm4352: init for x --- makefu/1systems/x.nix | 1 + makefu/2configs/hw/bcm4352.nix | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 makefu/2configs/hw/bcm4352.nix diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index d41edfa46..2d6923c9e 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -32,6 +32,7 @@ # hardware specifics are in here ../2configs/hw/tp-x220.nix ../2configs/hw/rtl8812au.nix + ../2configs/hw/bcm4352.nix # mount points ../2configs/fs/sda-crypto-root-home.nix # ../2configs/mediawiki.nix diff --git a/makefu/2configs/hw/bcm4352.nix b/makefu/2configs/hw/bcm4352.nix new file mode 100644 index 000000000..516637eb8 --- /dev/null +++ b/makefu/2configs/hw/bcm4352.nix @@ -0,0 +1,6 @@ +{config, ...}: +{ + networking.enableB43Firmware = true; + boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; +} + -- cgit v1.2.3 From 08f1686dd30e5cace0713158e87d2c4bad27bddf Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 18 Aug 2016 16:39:28 +0200 Subject: m 3 deluge: init module --- makefu/3modules/default.nix | 1 + makefu/3modules/deluge.nix | 182 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 183 insertions(+) create mode 100644 makefu/3modules/deluge.nix diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 7fc095bab..bdba4ae46 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -8,6 +8,7 @@ _: ./snapraid.nix ./taskserver.nix ./umts.nix + ./deluge.nix ]; } diff --git a/makefu/3modules/deluge.nix b/makefu/3modules/deluge.nix new file mode 100644 index 000000000..8097885b1 --- /dev/null +++ b/makefu/3modules/deluge.nix @@ -0,0 +1,182 @@ +{ config, lib, pkgs, ... }: +# based on /nixos/modules/services/torrent/deluge.nix +with config.krebs.lib; + +let + cfg_daemon = config.makefu.deluge; + homedir = cfg_daemon.homedir; + cfg_web = config.makefu.deluge.web; + core_conf = pkgs.writeText "deluge-core-cfg" '' + { + "file": 1, + "format": 1 + }${builtins.toJSON (recursiveUpdate default_core_cfg cfg_daemon.cfg)} + ''; + + default_core_cfg = { + # ports and networking + daemon_port = 58846; allow_remote = false; + listen_ports = [ 0 0 ]; # from -> to, 0 -> random + outgoing_ports = [ 0 0 ]; + random_port = true; + random_outgoing_ports = true; + listen_interface = ""; + # folders + move_completed_path = homedir +"/complete"; move_completed = false; + autoadd_location = homedir + "/watch"; autoadd_enable = true; + download_location = homedir + "/data"; + torrentfiles_location = homedir + "/torrents"; copy_torrent_file = false; del_copy_torrent_file = false; + plugins_location = homedir + "/.config/deluge/plugins"; enabled_plugins = []; + geoip_db_location = pkgs.geolite-legacy + "/share/GeoIP/GeoIP.dat"; + queue_new_to_top = false; + info_sent = 0; + send_info = false; + compact_allocation = false; + # peer discovery, extras + lsd = true; + natpmp = true; + utpex = false; + dht = false; + upnp = true; + peer_tos = "0x08"; + # active torrents + dont_count_slow_torrents = false; + max_active_limit = -1; + max_active_downloading = -1; + max_active_seeding = -1; + max_upload_slots_global = -1; + # seeding + share_ratio_limit = -1; + seed_time_ratio_limit = -1; + seed_time_limit = 180; + stop_seed_at_ratio = false; + remove_seed_at_ratio = false; + stop_seed_ratio = 2; + # speed and connections + rate_limit_ip_overhead = true; + ignore_limits_on_local_network = true; + max_download_speed = -1; + max_upload_speed = -1; + max_upload_speed_per_torrent = -1; + max_download_speed_per_torrent = -1; + max_half_open_connections = -1; + max_connections_global = -1; + max_connections_per_second = -1; + max_connections_per_torrent = -1; + max_upload_slots_per_torrent = -1; + enc_in_policy = 1; + enc_prefer_rc4 = true; + enc_level = 2; + enc_out_policy = 1; + cache_size = 8192; + cache_expiry = 60; + prioritize_first_last_pieces = false; + auto_managed = true; + proxies = { + peer = { + username = ""; + password = ""; + hostname = ""; + type = 0; + port = 8080; + }; + web_seed = { + username = ""; + password = ""; + hostname = ""; + type = 0; + port = 8080; + }; + tracker = { + username = ""; + password = ""; + hostname = ""; + type = 0; + port = 8080; + }; + dht = { + username = ""; + password = ""; + hostname = ""; + type = 0; + port = 8080; + }; + }; + add_paused = false; + new_release_check = false; + }; + + api = { + enable = mkEnableOption "deluge daemon"; + + cfg = mkOption { + default = default_core_cfg; + type = types.attrsOf types.unspecified; + description = '' + for full configuration see defaults + ''; + example = { + "daemon_port"= 58846; + "download_location"= "/var/download"; + }; + }; + + auth = mkOption { + default = []; + example = ["alice:MyC0mpL3xPass:10"]; + type = types.lines; + }; + + homedir = mkOption { + default = "/var/lib/deluge"; + description = "Home directory of deluge user"; + type = types.str; + }; + + web = { + enable = mkEnableOption "deluge web"; + }; + }; + imp = { + + systemd.services.deluged = { + after = [ "network.target" ]; + description = "Deluge BitTorrent Daemon"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluged -d"; + ExecStartPre = pkgs.writeDash "deluged-init" '' + mkdir -p ${homedir}/.config/deluge + cp ${core_conf} ${homedir}/.config/deluge/core.conf + ''; + Restart = "on-success"; + User = "deluge"; + Group = "deluge"; + }; + }; + + systemd.services.delugeweb = mkIf cfg_web.enable { + after = [ "network.target" ]; + description = "Deluge BitTorrent WebUI"; + wantedBy = [ "multi-user.target" ]; + serviceConfig.ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluge --ui web"; + serviceConfig.User = "deluge"; + serviceConfig.Group = "deluge"; + }; + + environment.systemPackages = [ pkgs.pythonPackages.deluge ]; + + users.extraUsers.deluge = { + group = "deluge"; + uid = config.ids.uids.deluge; + home = cfg_daemon.homedir; + createHome = true; + description = "Deluge Daemon user"; + }; + + users.extraGroups.deluge.gid = config.ids.gids.deluge; + }; +in { + options.makefu.deluge = api; + config = lib.mkIf cfg_daemon.enable imp; +} -- cgit v1.2.3 From ccf521e4a46fed3b4e2075a4ace7b9ed382d4b82 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 01:24:50 +0200 Subject: m : init drop --- krebs/3modules/makefu/default.nix | 23 ++++++++++++++++++++++ makefu/1systems/drop.nix | 40 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 makefu/1systems/drop.nix diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index dffb6b0a1..e45d907d3 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -4,6 +4,28 @@ with config.krebs.lib; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { + drop = rec { + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.177.9"; + ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; + aliases = [ + "drop.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA1QxukdeDqI47nm7/gd5Y9dZZbJULA02ak0A2cB4lmysJjgMFAfbl + 6qpH7HCZk6s+4eI7H+UHUF177W7Z1qq3bqGLmlgdMMAzuDNz9UvNLhrthZMp3tCI + GIFD28O1bKgDAYgsF/X21CRqEvgk3vRDp9yqIVIzQDmerOrZUx62Rx9Fssl/7ooW + 0319fxcTw6GZEp7RXNzgIobnWPydakh+/I0inP0rC6It/vM5Hi2bV71QPZUyJ78C + Szh4S8TznW7yMzTQaOENeaUKfqEyN+CW2OomVdWIBOvTJVpvfAut/kg1dyUGgHlT + F8OlAoNAyxCSxqbM0fY0wtqKD7FaYY9cbQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; pnp = { cores = 1; nets = { @@ -338,6 +360,7 @@ with config.krebs.lib; ip6.addr = "42:f9f0::10"; aliases = [ "omo.retiolum" + "tracker.makefu.r" "omo.r" ]; tinc.pubkey = '' diff --git a/makefu/1systems/drop.nix b/makefu/1systems/drop.nix new file mode 100644 index 000000000..4a94c3f61 --- /dev/null +++ b/makefu/1systems/drop.nix @@ -0,0 +1,40 @@ +{ config, pkgs, ... }: +let + external-ip = "45.55.145.62"; + default-gw = "45.55.128.1"; + prefixLength = 18; +in { + imports = [ + ../. + ../2configs/hw/CAC.nix + ../2configs/save-diskspace.nix + ../2configs/torrent.nix + ]; + krebs = { + enable = true; + tinc.retiolum.enable = true; + build.host = config.krebs.hosts.drop; + }; + + boot.loader.grub.device = "/dev/vda"; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ]; + fileSystems."/" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; + + networking = { + firewall = { + allowPing = true; + logRefusedConnections = false; + allowedTCPPorts = [ ]; + allowedUDPPorts = [ 655 ]; + }; + interfaces.enp0s3.ip4 = [{ + address = external-ip; + inherit prefixLength; + }]; + defaultGateway = default-gw; + nameservers = [ "8.8.8.8" ]; + }; +} -- cgit v1.2.3 From 75ff0e4937db594865379aa64f856fa7813d5cd5 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:53:07 +0200 Subject: m 3 deluge: implement auth --- makefu/3modules/deluge.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/makefu/3modules/deluge.nix b/makefu/3modules/deluge.nix index 8097885b1..e81f96f85 100644 --- a/makefu/3modules/deluge.nix +++ b/makefu/3modules/deluge.nix @@ -5,12 +5,13 @@ with config.krebs.lib; let cfg_daemon = config.makefu.deluge; homedir = cfg_daemon.homedir; + delugedir = "${homedir}/.config/deluge"; cfg_web = config.makefu.deluge.web; core_conf = pkgs.writeText "deluge-core-cfg" '' { "file": 1, "format": 1 - }${builtins.toJSON (recursiveUpdate default_core_cfg cfg_daemon.cfg)} + }${builtins.toJSON (default_core_cfg // cfg_daemon.cfg)} ''; default_core_cfg = { @@ -145,9 +146,11 @@ let wantedBy = [ "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluged -d"; - ExecStartPre = pkgs.writeDash "deluged-init" '' - mkdir -p ${homedir}/.config/deluge - cp ${core_conf} ${homedir}/.config/deluge/core.conf + ExecStartPre = let + in pkgs.writeDash "deluged-init" '' + mkdir -p ${delugedir} + echo ${shell.escape cfg_daemon.auth} > ${delugedir}/auth + cp -f ${core_conf} ${delugedir}/core.conf ''; Restart = "on-success"; User = "deluge"; -- cgit v1.2.3 From a20c72f58842eebc6f6823397b90a60ae64e44b7 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:53:31 +0200 Subject: m 5 udpt: init --- makefu/5pkgs/default.nix | 1 + makefu/5pkgs/udpt/default.nix | 29 +++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 makefu/5pkgs/udpt/default.nix diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index 6598f5d3f..51987c35b 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -21,6 +21,7 @@ in tw-upload-plugin = callPackage ./tw-upload-plugin {}; skytraq-logger = callPackage ./skytraq-logger {}; taskserver = callPackage ./taskserver {}; + udpt = callPackage ./udpt {}; wol = callPackage ./wol {}; }; } diff --git a/makefu/5pkgs/udpt/default.nix b/makefu/5pkgs/udpt/default.nix new file mode 100644 index 000000000..99bcac18b --- /dev/null +++ b/makefu/5pkgs/udpt/default.nix @@ -0,0 +1,29 @@ +{ stdenv, boost, sqlite, fetchFromGitHub }: + +stdenv.mkDerivation rec { + proj = "udpt"; + name = "udpt-${rev}"; + rev = "0790558"; + + enableParallelBuilding = true; + + src = fetchFromGitHub { + owner = "naim94a"; + repo = "udpt"; + inherit rev; + sha256 = "0rgkjwvnqwbnqy7pm3dk176d3plb5lypaf12533yr0yfzcp6gnzk"; + }; + buildInputs = [ boost sqlite ]; + installPhase = '' + mkdir -p $out/bin $out/etc/ + cp udpt $out/bin + cp udpt.conf $out/etc/ + ''; + meta = { + description = "udp tracker"; + homepage = https://github.com/naim94a/udpt; + license = stdenv.lib.licenses.gpl3; + platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ makefu ]; + }; +} -- cgit v1.2.3 From 96f862ced4e621f88bcbf7d1ad4ea1d8422f53d7 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:53:58 +0200 Subject: m 3 udpt: init --- makefu/3modules/default.nix | 4 +++- makefu/3modules/udpt.nix | 57 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 makefu/3modules/udpt.nix diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index bdba4ae46..031ef1bc2 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -2,13 +2,15 @@ _: { imports = [ + ./populate.nix ./awesome-extra.nix + ./deluge.nix ./forward-journal.nix ./ps3netsrv.nix ./snapraid.nix ./taskserver.nix + ./udpt.nix ./umts.nix - ./deluge.nix ]; } diff --git a/makefu/3modules/udpt.nix b/makefu/3modules/udpt.nix new file mode 100644 index 000000000..2086bd540 --- /dev/null +++ b/makefu/3modules/udpt.nix @@ -0,0 +1,57 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +let + cfg = config.makefu.udpt; + + out = { + options.makefu.udpt = api; + config = lib.mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "udpt"; + + package = mkOption { + type = types.package; + default = pkgs.udpt; + }; + + cfgfile = mkOption { + type = types.path; + default = "${cfg.package}/etc/udpt.conf"; + }; + + user = mkOption { + description = '' + user which will run udpt. if kept default a new user will be created + ''; + type = types.str; + default = "udpt"; + }; + + }; + + imp = { + systemd.services.udpt = { + description = "udpt server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + restartIfChanged = true; + serviceConfig = { + Type = "simple"; + ExecStart = "${cfg.package}/bin/udpt -c ${shell.escape cfg.cfgfile}"; + PrivateTmp = true; + User = "${cfg.user}"; + }; + }; + users = lib.mkIf (cfg.user == "udpt") { + users.udpt = { + uid = genid "udpt"; + }; + groups.udpt.gid = genid "udpt"; + }; + }; +in +out + -- cgit v1.2.3 From 79e3a3dad36f67296001f269e6716a1bd21c983c Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:54:46 +0200 Subject: m 3 populate: allow minimal populate --- makefu/2configs/default.nix | 15 +++++++++++---- makefu/3modules/populate.nix | 5 +++++ 2 files changed, 16 insertions(+), 4 deletions(-) create mode 100644 makefu/3modules/populate.nix diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7e4c87cfb..cdaa38f27 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -22,10 +22,17 @@ with config.krebs.lib; build = { user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; in { - nixpkgs.git = { - url = https://github.com/nixos/nixpkgs; - ref = "125ffff"; # stable @ 2016-07-20 - }; + nixpkgs = if config.makefu.full-populate or (getEnv "dummy_secrets" == "true") then + { # stable @ 2016-07-20 + git = { url = https://github.com/nixos/nixpkgs; ref = "125ffff"; }; + } + else + # TODO use http, once it is implemented + # right now it is simply extracted revision folder + + ## prepare so we do not have to wait for rsync: + ## cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/125ffff -L | tar zx && mv NixOS-nixpkgs-125ffff nixpkgs + { file = "/home/makefu/store/125ffff";}; secrets.file = if getEnv "dummy_secrets" == "true" then toString diff --git a/makefu/3modules/populate.nix b/makefu/3modules/populate.nix new file mode 100644 index 000000000..19d3b3690 --- /dev/null +++ b/makefu/3modules/populate.nix @@ -0,0 +1,5 @@ +{config, lib, pkgs, ... }: + +{ + options.makefu.full-populate = lib.mkEnableOption "always do a full clone of nixpkgs"; +} -- cgit v1.2.3 From 90afbfa31af036f4475005cd80dbf6b1722c4de4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:55:46 +0200 Subject: m 5 torrent: implement shared torrent secret --- makefu/2configs/torrent.nix | 81 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 makefu/2configs/torrent.nix diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix new file mode 100644 index 000000000..c18db9fa3 --- /dev/null +++ b/makefu/2configs/torrent.nix @@ -0,0 +1,81 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; + +let + daemon-user = "tor"; + daemon-pw = (import ); + peer-port = 51412; + web-port = 8112; + daemon-port = 58846; + dl-dir = "/var/download"; +in { + # prepare secrets + krebs.build.source.torrent-secrets.file = + if getEnv "dummy_secrets" == "true" + then toString + else "/home/makefu/secrets/torrent"; + + users.users = { + download = { + name = "download"; + home = dl-dir; + uid = genid "download"; + createHome = true; + useDefaultShell = true; + group = "download"; + openssh.authorizedKeys.keys = [ ]; + }; + }; + # todo: race condition, do this after download user has been created + system.activationScripts."download-dir-chmod" = '' + for i in finished torrents; do + mkdir -p "${dl-dir}/$i" + chown download:download "${dl-dir}/$i" + chmod 770 "${dl-dir}/$i" + done + ''; + + users.extraGroups = { + download = { + gid = genid "download"; + members = [ + config.krebs.build.user.name + "download" + "deluge" + ]; + }; + }; + + makefu.deluge = { + enable = true; + auth = "${daemon-user}:${daemon-pw}:10"; + # web.enable = true; + cfg = { + autoadd_enable = true; + download_location = dl-dir + "/finished"; + torrentfiles_location = dl-dir + "/torrents"; copy_torrent_file = true; + lsd = true; + dht = true; + upnp = true; + natpmp = true; + add_paused = false; + allow_remote = true; + remove_seed_at_ratio = false; + move_completed = false; + daemon_port = daemon-port; + listen_ports = [ peer-port peer-port ]; + outgoing_ports = [ peer-port peer-port ]; + # performance tuning + cache_expiry = 3600; + stop_seed_at_ratio = true; + }; + }; + + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport ${toString daemon-port} -j ACCEPT + ''; + + networking.firewall.allowedTCPPorts = [ peer-port ]; + networking.firewall.allowedUDPPorts = [ peer-port ]; +} -- cgit v1.2.3 From 9c1cd09a8171ffd85a77a7e89a020cabcab2b4f4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 12:06:31 +0200 Subject: m 1 *: add torrent --- makefu/1systems/gum.nix | 2 +- makefu/1systems/shoney.nix | 1 + makefu/1systems/wry.nix | 5 +++-- makefu/1systems/x.nix | 7 +++++-- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index a4e2d1760..0d8ac0053 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -21,9 +21,9 @@ in { ../2configs/exim-retiolum.nix ../2configs/tinc/retiolum.nix ../2configs/urlwatch.nix + ../2configs/torrent.nix ]; - services.smartd.devices = [ { device = "/dev/sda";} ]; ###### stable diff --git a/makefu/1systems/shoney.nix b/makefu/1systems/shoney.nix index 7081f6a95..1c5d2352e 100644 --- a/makefu/1systems/shoney.nix +++ b/makefu/1systems/shoney.nix @@ -14,6 +14,7 @@ in { ../2configs/hw/CAC.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/tinc/retiolum.nix + ../2configs/torrent.nix ]; diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 3764ab4b5..81cd362e6 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -24,9 +24,10 @@ in { ../2configs/nginx/euer.test.nix # collectd - ../2configs/collectd/collectd-base.nix + # ../2configs/collectd/collectd-base.nix ../2configs/tinc/retiolum.nix + ../2configs/torrent.nix ]; krebs.build.host = config.krebs.hosts.wry; @@ -83,5 +84,5 @@ in { nameservers = [ "8.8.8.8" ]; }; - environment.systemPackages = [ ]; + environment.systemPackages = [ pkgs.screen ]; } diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index 2d6923c9e..4829aaabd 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -42,10 +42,13 @@ ../2configs/tinc/retiolum.nix # temporary modules ../2configs/temp/share-samba.nix - # ../2configs/temp/elkstack.nix + ../2configs/temp/elkstack.nix # ../2configs/temp/sabnzbd.nix ../2configs/tinc/siem.nix + ../2configs/torrent.nix ]; + makefu.full-populate = true; + makefu.deluge.web.enable = true; krebs.nginx = { default404 = false; servers.default.listen = [ "80 default_server" ]; @@ -58,7 +61,7 @@ # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ 80 24800 26061 ]; + networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 ]; networking.firewall.allowedUDPPorts = [ 665 26061 ]; krebs.build.host = config.krebs.hosts.x; -- cgit v1.2.3 From 54ccd367175e33c0aab67e8ef46d4d73bcf8183c Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 12:07:05 +0200 Subject: m 2 udpt: init --- makefu/2configs/udpt.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 makefu/2configs/udpt.nix diff --git a/makefu/2configs/udpt.nix b/makefu/2configs/udpt.nix new file mode 100644 index 000000000..6d55ffaf8 --- /dev/null +++ b/makefu/2configs/udpt.nix @@ -0,0 +1,31 @@ +{pkgs, ...}: + +let + cfgfile = pkgs.writeText "udpt-config" '' + [db] + driver=sqlite3 + param=:memory: + + [tracker] + is_dynamic=yes + port=6969 + threads=5 + allow_remotes=yes + allow_iana_ips=no + announce_interval=1800 + cleanup_interval=120 + + [apiserver] + enable=yes + + [logging] + filename=- + level=warning + ''; +in { + makefu.udpt = { + enable = true; + inherit cfgfile; + }; + +} -- cgit v1.2.3 From 0e93cd309189b46194f246b98df672bffbcc7c52 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 12:21:35 +0200 Subject: m 2 temp: init --- makefu/2configs/temp/8812au.nix | 6 ++++++ makefu/2configs/temp/elkstack.nix | 5 +++++ makefu/2configs/temp/sabnzbd.nix | 5 +++++ 3 files changed, 16 insertions(+) create mode 100644 makefu/2configs/temp/8812au.nix create mode 100644 makefu/2configs/temp/elkstack.nix create mode 100644 makefu/2configs/temp/sabnzbd.nix diff --git a/makefu/2configs/temp/8812au.nix b/makefu/2configs/temp/8812au.nix new file mode 100644 index 000000000..9587171b3 --- /dev/null +++ b/makefu/2configs/temp/8812au.nix @@ -0,0 +1,6 @@ +{config, pkgs, ...}: +{ + #boot.extraModulePackages = [ pkgs.rtl8812au ]; + boot.extraModulePackages = [config.boot.kernelPackages.rtl8812au ]; + boot.kernelModules = [ "rtl8812au" ]; +} diff --git a/makefu/2configs/temp/elkstack.nix b/makefu/2configs/temp/elkstack.nix new file mode 100644 index 000000000..c6bf1c6d8 --- /dev/null +++ b/makefu/2configs/temp/elkstack.nix @@ -0,0 +1,5 @@ +_: +{ + services.elasticsearch.enable = true; + services.kibana.enable = true; +} diff --git a/makefu/2configs/temp/sabnzbd.nix b/makefu/2configs/temp/sabnzbd.nix new file mode 100644 index 000000000..d8eab2732 --- /dev/null +++ b/makefu/2configs/temp/sabnzbd.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: +{ + services.sabnzbd.enable = true; + systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; +} -- cgit v1.2.3 From d1c4d12cee228cba1da4da7bba82b6cf6cb708ec Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 12:32:22 +0200 Subject: m 6 secrets: add daemon-pw --- makefu/6tests/data/secrets/daemon-pw | 1 + 1 file changed, 1 insertion(+) create mode 100644 makefu/6tests/data/secrets/daemon-pw diff --git a/makefu/6tests/data/secrets/daemon-pw b/makefu/6tests/data/secrets/daemon-pw new file mode 100644 index 000000000..e16c76dff --- /dev/null +++ b/makefu/6tests/data/secrets/daemon-pw @@ -0,0 +1 @@ +"" -- cgit v1.2.3