From 53968738cbeded9bd53389f4a5400500bf9e317f Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 24 Apr 2018 17:21:16 +0200 Subject: j: experimental bln focused rombus setup --- jeschli/1systems/bln/config.nix | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) (limited to 'jeschli/1systems/bln') diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index c9a7a34e2..531f753c5 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -1,13 +1,15 @@ { config, lib, pkgs, ... }: # bln config file { - imports = - [ - - - - ./hardware-configuration.nix - ]; + imports = [ + ./hardware-configuration.nix + + + + + + + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -91,14 +93,14 @@ services.printing.drivers = [ pkgs.postscript-lexmark ]; # Enable the X11 windowing system. - services.xserver.enable = true; +# services.xserver.enable = true; services.xserver.videoDrivers = [ "nvidia" ]; - services.xserver.windowManager.xmonad.enable = true; - services.xserver.windowManager.xmonad.enableContribAndExtras = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.dpi = 100; - fonts.fontconfig.dpi = 100; +# services.xserver.windowManager.xmonad.enable = true; +# services.xserver.windowManager.xmonad.enableContribAndExtras = true; +# services.xserver.displayManager.sddm.enable = true; +# services.xserver.dpi = 100; +# fonts.fontconfig.dpi = 100; users.extraUsers.jeschli = { isNormalUser = true; -- cgit v1.2.3 From 4f2bf83ff906b9ee0421dabba4ff7e9dab5b7802 Mon Sep 17 00:00:00 2001 From: jeschli Date: Fri, 4 May 2018 16:51:08 +0200 Subject: j conflicts resolve. dirty commit --- jeschli/1systems/bln/config.nix | 25 ++++++++++--------------- jeschli/1systems/bln/hardware-configuration.nix | 2 ++ 2 files changed, 12 insertions(+), 15 deletions(-) (limited to 'jeschli/1systems/bln') diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index c9a7a34e2..ad397728d 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -1,13 +1,15 @@ { config, lib, pkgs, ... }: # bln config file { - imports = - [ - - - - ./hardware-configuration.nix - ]; + imports = [ + ./hardware-configuration.nix + + + + + + + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -91,18 +93,11 @@ services.printing.drivers = [ pkgs.postscript-lexmark ]; # Enable the X11 windowing system. - services.xserver.enable = true; services.xserver.videoDrivers = [ "nvidia" ]; - services.xserver.windowManager.xmonad.enable = true; - services.xserver.windowManager.xmonad.enableContribAndExtras = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.dpi = 100; - fonts.fontconfig.dpi = 100; - users.extraUsers.jeschli = { isNormalUser = true; - extraGroups = ["docker" "vboxusers"]; + extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; diff --git a/jeschli/1systems/bln/hardware-configuration.nix b/jeschli/1systems/bln/hardware-configuration.nix index b774bfc19..35f0b3bca 100644 --- a/jeschli/1systems/bln/hardware-configuration.nix +++ b/jeschli/1systems/bln/hardware-configuration.nix @@ -30,4 +30,6 @@ nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = "powersave"; + + hardware.pulseaudio.enable = true; } -- cgit v1.2.3 From 6cd3f1607b3c0e9b42fc41f5e3545e324d0fe43a Mon Sep 17 00:00:00 2001 From: jeschli Date: Fri, 4 May 2018 16:58:43 +0200 Subject: j: changed cert hashes --- jeschli/1systems/bln/config.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'jeschli/1systems/bln') diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 190f6f539..c5f8101ea 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -123,15 +123,17 @@ # DCSO Certificates security.pki.certificateFiles = [ - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "0b5cdchdkvllnr0kz35d8jrmrf9cjw0kd98mmvzr0x6nkc8hwpdy"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "0rn57zv1ry9vj4p2248mxmafmqqmdhbrfx1plszrxsphshbk2hfz"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; }) + + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; }) ]; + hardware.bluetooth.enable = true; krebs.build.host = config.krebs.hosts.bln; } -- cgit v1.2.3 From 053cf6a43400c62129f982339b0fb63ab6f29e5c Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 19 Jun 2018 09:12:04 +0200 Subject: j bln: +dcso-vpn --- jeschli/1systems/bln/dcso-vpn.nix | 44 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 jeschli/1systems/bln/dcso-vpn.nix (limited to 'jeschli/1systems/bln') diff --git a/jeschli/1systems/bln/dcso-vpn.nix b/jeschli/1systems/bln/dcso-vpn.nix new file mode 100644 index 000000000..0a5623bf0 --- /dev/null +++ b/jeschli/1systems/bln/dcso-vpn.nix @@ -0,0 +1,44 @@ +with import ; +{ ... }: + +{ + + users.extraUsers = { + dcsovpn = rec { + name = "dcsovpn"; + uid = genid "dcsovpn"; + description = "user for running dcso openvpn"; + home = "/home/${name}"; + }; + }; + + users.extraGroups.dcsovpn.gid = genid "dcsovpn"; + + services.openvpn.servers = { + dcso = { + config = '' + client + dev tun + tun-mtu 1356 + mssfix + proto udp + float + remote 217.111.55.41 1194 + nobind + user dcsovpn + group dcsovpn + persist-key + persist-tun + ca ${toString } + cert ${toString } + key ${toString } + verb 3 + mute 20 + auth-user-pass ${toString } + route-method exe + route-delay 2 + ''; + updateResolvConf = true; + }; + }; +} -- cgit v1.2.3 From 1c64a03b396177010885147e1ff704e12f2f1b07 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 19 Jun 2018 09:14:15 +0200 Subject: j bln: +debian efi bootentry --- jeschli/1systems/bln/config.nix | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'jeschli/1systems/bln') diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index c5f8101ea..1680bcfb4 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -11,8 +11,22 @@ ]; - boot.loader.systemd-boot.enable = true; +# boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot"; + boot.loader.grub = { + devices = [ "nodev" ]; + efiSupport = true; + enable = true; + extraEntries = '' + menuentry "Debian" { + insmod ext2 + insmod chain + chainloader /EFI/debian/grubx64.efi + } + ''; + version = 2; + }; jeschliFontSize = 20; -- cgit v1.2.3 From 05c8cf3df5f6166c21dfd2dc316bf5de957dce94 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 19 Jun 2018 09:14:43 +0200 Subject: j bln: -hipchat --- jeschli/1systems/bln/config.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'jeschli/1systems/bln') diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 1680bcfb4..8b9603abb 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -70,7 +70,6 @@ sqlite # internet thunderbird - hipchat chromium google-chrome # programming languages -- cgit v1.2.3