From 9904ec050bfc8ff91a4d9bff43d3d21ac06e8772 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 15 Sep 2020 22:33:29 +0200 Subject: l yellow.r: add flix-index service --- lass/1systems/yellow/config.nix | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index 82fe3fac5..bc3b1f5d5 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -251,6 +251,27 @@ with import ; 3f8a56ddb2e64eb67adfc9b337157ff4 -----END OpenVPN Static key V1----- - ''; + + systemd.services.flix-index = { + wantedBy = [ "multi-user.target" ]; + path = [ + pkgs.coreutils + pkgs.findutils + pkgs.inotifyTools + ]; + serviceConfig = { + Restart = "always"; + ExecStart = pkgs.writers.writeDash "flix-index" '' + set -efu + + DIR=/var/download/finished + cd "$DIR" + while inotifywait -rq -e create -e move -e delete "$DIR"; do + find . -type f > "$DIR"/index.tmp + mv "$DIR"/index.tmp "$DIR"/index + done + ''; + }; + }; } -- cgit v1.2.3 From 0cd3e8771b01774bcfda000634395c10d1410d89 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:13:20 +0200 Subject: l: use ipv4 addresses for wiregrill --- lass/1systems/prism/config.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 33ec21e72..42d07f36a 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -272,9 +272,9 @@ with import ; resolveLocalQueries = false; extraConfig= '' - listen-address=42:1:ce16::1 + listen-address=42:1:ce16::1,10.244.1.103 except-interface=lo - interface=wg0 + interface=wiregrill ''; }; } -- cgit v1.2.3 From db997dd0742c8c180cf88d89db052f865c477773 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:15:13 +0200 Subject: l blue: disable restic backups --- lass/1systems/blue/config.nix | 21 --------------------- 1 file changed, 21 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index c46bb351e..f6dc23d20 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -17,27 +17,6 @@ with import ; networking.nameservers = [ "1.1.1.1" ]; - services.restic.backups = genAttrs [ - "daedalus" - "icarus" - "littleT" - "prism" - "shodan" - "skynet" - ] (dest: { - initialize = true; - extraOptions = [ - "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" - ]; - repository = "sftp:backup@${dest}.r:/backups/blue"; - passwordFile = (toString ) + "/restic/${dest}"; - timerConfig = { OnCalendar = "00:05"; RandomizedDelaySec = "5h"; }; - paths = [ - "/home/" - "/var/lib" - ]; - }); - time.timeZone = "Europe/Berlin"; users.users.mainUser.openssh.authorizedKeys.keys = [ config.krebs.users.lass-android.pubkey ]; } -- cgit v1.2.3 From 985e70c5b4485467d85c014d8d8654b9cdd51b7b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:15:36 +0200 Subject: l morpheus.r: add ag to pkgs --- lass/1systems/morpheus/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/morpheus/config.nix b/lass/1systems/morpheus/config.nix index c3a8ea6c8..79fbe4c97 100644 --- a/lass/1systems/morpheus/config.nix +++ b/lass/1systems/morpheus/config.nix @@ -18,6 +18,7 @@ with import ; gitAndTools.hub nix-review firefox + ag ]; services.openssh.forwardX11 = true; -- cgit v1.2.3 From 353fd8b647e74f8aab5d9574998ea943ed582fec Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:16:11 +0200 Subject: l mors.r: migrate to new hardware --- lass/1systems/mors/physical.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/mors/physical.nix b/lass/1systems/mors/physical.nix index 2f3a68442..a9108104b 100644 --- a/lass/1systems/mors/physical.nix +++ b/lass/1systems/mors/physical.nix @@ -23,7 +23,7 @@ services.udev.extraRules = '' SUBSYSTEM=="net", DEVPATH=="/devices/pci*/*1c.1/*/net/*", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:4f:42:35", NAME="et0" + SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:37:15:d9", NAME="et0" ''; #TODO activationScripts seem broken, fix them! -- cgit v1.2.3 From 77e19ca192e5baab0d09f34ae1f9dd533ec1ea65 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:19:42 +0200 Subject: l mors.r: remove iodine from pkgs --- lass/1systems/mors/config.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index c1ceb0633..b03d95c49 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -126,8 +126,6 @@ with import ; remmina transmission - iodine - macchanger dpass -- cgit v1.2.3 From 707ffcfebb2f7689ff5129bf25d1cd99e12c4498 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:22:33 +0200 Subject: l prism.r: allow more bandwidth for murmur --- lass/1systems/prism/config.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 42d07f36a..b335353be 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -284,7 +284,10 @@ with import ; ]; } { - services.murmur.enable = true; + services.murmur = { + enable = true; + bandwidth = 10000000; + }; services.murmur.registerName = "lassul.us"; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} -- cgit v1.2.3 From 4f6084494b146fde7e6ebc8d6724aa078b78a266 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:23:59 +0200 Subject: l prism.r: add wallpaper & xanf mounts --- lass/1systems/prism/physical.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix index 7458f5ffd..1a3bee850 100644 --- a/lass/1systems/prism/physical.nix +++ b/lass/1systems/prism/physical.nix @@ -55,6 +55,16 @@ fsType = "zfs"; }; + fileSystems."/var/realwallpaper/archive" = { + device = "tank/wallpaper"; + fsType = "zfs"; + }; + + fileSystems."/home/xanf" = { + device = "/dev/disk/by-id/wwn-0x500a07511becb076"; + fsType = "ext4"; + }; + nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; -- cgit v1.2.3 From 41accf7ac76136c929c69679c45df2b3f6216e77 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:24:24 +0200 Subject: l shodan.r: use new luks device schema --- lass/1systems/shodan/physical.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/shodan/physical.nix b/lass/1systems/shodan/physical.nix index 39a4d9661..55e91b0e4 100644 --- a/lass/1systems/shodan/physical.nix +++ b/lass/1systems/shodan/physical.nix @@ -10,7 +10,7 @@ loader.grub.version = 2; loader.grub.device = "/dev/sda"; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + initrd.luks.devices.lusksroot.device = "/dev/sda2"; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; }; -- cgit v1.2.3 From e778f9d6f511874ae0dff55dbfa2b0694d96b06d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:26:35 +0200 Subject: l wizard.r: fix local testing --- lass/1systems/wizard/run-vm.sh | 7 +++++++ lass/1systems/wizard/test.nix | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100755 lass/1systems/wizard/run-vm.sh (limited to 'lass/1systems') diff --git a/lass/1systems/wizard/run-vm.sh b/lass/1systems/wizard/run-vm.sh new file mode 100755 index 000000000..13914ad5f --- /dev/null +++ b/lass/1systems/wizard/run-vm.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env nix-shell +#! nix-shell -i bash -p nixos-generators + +set -efu + +WD=$(dirname "$0") +nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/config.nix -f vm-nogui --run diff --git a/lass/1systems/wizard/test.nix b/lass/1systems/wizard/test.nix index c7a27102a..165b9f14d 100644 --- a/lass/1systems/wizard/test.nix +++ b/lass/1systems/wizard/test.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: { imports = [ - ./default.nix + ./config.nix ]; virtualisation.emptyDiskImages = [ 8000 -- cgit v1.2.3 From 2aa02e6f60aa10119ae0f085e6dec509616a64ab Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:27:31 +0200 Subject: l xerxes.r: remove the_playlist share --- lass/1systems/xerxes/config.nix | 16 ---------------- 1 file changed, 16 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix index e4a4fb505..6f64c6999 100644 --- a/lass/1systems/xerxes/config.nix +++ b/lass/1systems/xerxes/config.nix @@ -41,22 +41,6 @@ displayManager.lightdm.autoLogin.user = "lass"; }; - services.syncthing.declarative = { - folders = { - the_playlist = { - path = "/home/lass/tmp/the_playlist"; - devices = [ "mors" "phone" "prism" "xerxes" ]; - }; - }; - }; - krebs.permown = { - "/home/lass/tmp/the_playlist" = { - owner = "lass"; - group = "syncthing"; - umask = "0007"; - }; - }; - boot.blacklistedKernelModules = [ "xpad" ]; systemd.services.xboxdrv = { wantedBy = [ "multi-user.target" ]; -- cgit v1.2.3 From 9a38ff748296af8a8ef90ae7f4212f6c6173cf4b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:27:57 +0200 Subject: l xerxes.r: activate bluetooth --- lass/1systems/xerxes/config.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix index 6f64c6999..8c4362865 100644 --- a/lass/1systems/xerxes/config.nix +++ b/lass/1systems/xerxes/config.nix @@ -77,7 +77,15 @@ }; }; - hardware.bluetooth.enable = true; + hardware.bluetooth = { + enable = true; + powerOnBoot = true; + # config.General.Disable = "Headset"; + extraConfig = '' + [General] + Disable = Headset + ''; + }; hardware.pulseaudio.package = pkgs.pulseaudioFull; # hardware.pulseaudio.configFile = pkgs.writeText "default.pa" '' # load-module module-bluetooth-policy -- cgit v1.2.3 From 33a37f3d2194a7f9cfaf94e249a049a921d3f679 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 27 Sep 2020 15:28:46 +0200 Subject: l yellow.r: use new nordvpn endpoint --- lass/1systems/yellow/config.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index bc3b1f5d5..d400697d7 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -172,7 +172,7 @@ with import ; client dev tun proto udp - remote 89.249.65.83 1194 + remote 185.230.127.27 1194 resolv-retry infinite remote-random nobind @@ -195,7 +195,6 @@ with import ; fast-io cipher AES-256-CBC auth SHA512 - -----BEGIN CERTIFICATE----- MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ -- cgit v1.2.3