From 788cc63754e7dc4f559087ae37b74017e6b77d39 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 3 Jan 2018 18:23:22 +0100 Subject: l: add ableton stuff --- lass/1systems/mors/config.nix | 1 + lass/2configs/ableton.nix | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 lass/2configs/ableton.nix (limited to 'lass') diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index ad133802f..8c7c39a6f 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -30,6 +30,7 @@ with import ; + { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ diff --git a/lass/2configs/ableton.nix b/lass/2configs/ableton.nix new file mode 100644 index 000000000..9d6f481b0 --- /dev/null +++ b/lass/2configs/ableton.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: let + mainUser = config.users.extraUsers.mainUser; +in { + users.users= { + ableton = { + isNormalUser = true; + extraGroups = [ + "audio" + "video" + ]; + packages = [ + pkgs.wine + pkgs.winetricks + ]; + }; + }; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(ableton) NOPASSWD: ALL + ''; +} -- cgit v1.2.3 From a23eb141826e14987d8d72549857af86e6db7287 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 4 Jan 2018 00:01:41 +0100 Subject: l nixpkgs: 3aec59c -> 0b30c1d --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index 473dd2cf2..a6314694c 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "3aec59c"; + ref = "0b30c1d"; }; secrets = getAttr builder { buildbot.file = toString ; -- cgit v1.2.3 From 67dd126fc4244c40cd819be8cc23a15f6b1b1d6c Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 4 Jan 2018 01:25:59 +0100 Subject: fix meltdown --- lass/2configs/security-workarounds.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass') diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix index 537c8a59b..c3d07d5fe 100644 --- a/lass/2configs/security-workarounds.nix +++ b/lass/2configs/security-workarounds.nix @@ -5,4 +5,6 @@ with import ; boot.extraModprobeConfig = '' install dccp /run/current-system/sw/bin/false ''; + + boot.kernelPackages = pkgs.linuxPackages_latest; } -- cgit v1.2.3 From 194e22c517ab22664aea2148421182c6c4ac43d6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 15:45:51 +0100 Subject: l prism.r: repo-sync stockholm every 2 minutes --- lass/1systems/prism/config.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 593a1fc9c..0b2c10f92 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -302,6 +302,13 @@ in { } ]; } + { + krebs.repo-sync.repos.stockholm.timerConfig = { + OnBootSec = "5min"; + OnUnitInactiveSec = "2min"; + RandomizedDelaySec = "2min"; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 2e9d5375f6134cba6dfbc3fd048fabfa2363ff83 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 15:55:32 +0100 Subject: l mors.r: remove exfat-nofuse --- lass/1systems/mors/config.nix | 4 ---- 1 file changed, 4 deletions(-) (limited to 'lass') diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 8c7c39a6f..c231a0b10 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -70,10 +70,6 @@ with import ; pkgs.ovh-zone ]; } - { - #ps vita stuff - boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; - } { services.tor = { enable = true; -- cgit v1.2.3 From 65a1bf47566a8d17e2d3928f3eec03e941311c61 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 15:58:23 +0100 Subject: l daedalus.r: enable flash --- lass/1systems/daedalus/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 6674b3db5..8ec744584 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -41,6 +41,7 @@ with import ; skype wine ]; + nixpkgs.config.firefox.enableAdobeFlash = true; services.xserver.enable = true; services.xserver.displayManager.lightdm.enable = true; services.xserver.desktopManager.plasma5.enable = true; -- cgit v1.2.3 From 5c8676bc9cbf918fa8c1f9995d5b7cc790d5414e Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 15:59:11 +0100 Subject: l daedalus.r: add ens* to dhcpcd interfaces --- lass/1systems/dishfire/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix index 416edeb82..7993c763e 100644 --- a/lass/1systems/dishfire/config.nix +++ b/lass/1systems/dishfire/config.nix @@ -43,6 +43,7 @@ networking.dhcpcd.allowInterfaces = [ "enp*" "eth*" + "ens*" ]; } { -- cgit v1.2.3 From e083b18e34519f30bba79dfd894c3b828fd13da7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 16:00:06 +0100 Subject: l IM: add bitlbee config --- lass/2configs/IM.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'lass') diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix index b94cb0634..80cebf099 100644 --- a/lass/2configs/IM.nix +++ b/lass/2configs/IM.nix @@ -20,6 +20,17 @@ let ''; in { + services.bitlbee = { + enable = true; + portNumber = 6666; + plugins = [ + pkgs.bitlbee-facebook + pkgs.bitlbee-steam + pkgs.bitlbee-discord + ]; + libpurple_plugins = [ pkgs.telegram-purple ]; + }; + users.extraUsers.chat = { home = "/home/chat"; uid = genid "chat"; -- cgit v1.2.3 From 21bd13b2de964b178e5d42b69efc337e09698dd2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 20:59:29 +0100 Subject: l: container hackery --- lass/1systems/prism/config.nix | 9 +++++++++ lass/2configs/rebuild-on-boot.nix | 18 ++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 lass/2configs/rebuild-on-boot.nix (limited to 'lass') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 0b2c10f92..03e9f6eeb 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -184,14 +184,17 @@ in { } { #hotdog + systemd.services."container@hotdog".reloadIfChanged = mkForce false; containers.hotdog = { config = { ... }: { + imports = [ ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey ]; }; + autoStart = true; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.1"; @@ -200,8 +203,10 @@ in { } { #kaepsele + systemd.services."container@kaepsele".reloadIfChanged = mkForce false; containers.kaepsele = { config = { ... }: { + imports = [ ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [ @@ -209,6 +214,7 @@ in { tv.pubkey ]; }; + autoStart = true; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.3"; @@ -217,8 +223,10 @@ in { } { #onondaga + systemd.services."container@onondaga".reloadIfChanged = mkForce false; containers.onondaga = { config = { ... }: { + imports = [ ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ @@ -226,6 +234,7 @@ in { config.krebs.users.nin.pubkey ]; }; + autoStart = true; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.5"; diff --git a/lass/2configs/rebuild-on-boot.nix b/lass/2configs/rebuild-on-boot.nix new file mode 100644 index 000000000..60198be7b --- /dev/null +++ b/lass/2configs/rebuild-on-boot.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: +with import ; +{ + systemd.services.rebuild-on-boot = { + wantedBy = [ "multi-user.target" ]; + environment = { + NIX_REMOTE = "daemon"; + HOME = "/var/empty"; + }; + serviceConfig = { + ExecStart = pkgs.writeScript "rebuild" '' + #!${pkgs.bash}/bin/bash + (/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) & + ''; + ExecStop = "${pkgs.coreutils}/bin/sleep 10"; + }; + }; +} -- cgit v1.2.3 From 99b379715123cdec8f527de4c71700c02974383f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 6 Jan 2018 01:50:16 +0100 Subject: l IM: add rxvt_unicode.terminfo --- lass/2configs/IM.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix index 80cebf099..51512955e 100644 --- a/lass/2configs/IM.nix +++ b/lass/2configs/IM.nix @@ -57,6 +57,10 @@ in { restartIfChanged = false; + path = [ + pkgs.rxvt_unicode.terminfo + ]; + serviceConfig = { User = "chat"; RemainAfterExit = true; -- cgit v1.2.3 From acecab429219d9086e23fa8912ecb05c017211d1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 6 Jan 2018 01:50:51 +0100 Subject: l dns: use resolved --- lass/2configs/dns-stuff.nix | 22 ++-------------------- 1 file changed, 2 insertions(+), 20 deletions(-) (limited to 'lass') diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix index 411b07503..cbcce8df9 100644 --- a/lass/2configs/dns-stuff.nix +++ b/lass/2configs/dns-stuff.nix @@ -11,24 +11,6 @@ with import ; key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C"; }; }; - services.dnsmasq = { - enable = true; - resolveLocalQueries = false; - extraConfig = '' - server=127.1.0.1 - #no-resolv - cache-size=1000 - min-cache-ttl=3600 - bind-dynamic - all-servers - dnssec - trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 - rebind-domain-ok=/onion/ - server=/.onion/127.0.0.1#9053 - port=53 - ''; - }; - networking.extraResolvconfConf = '' - name_servers='127.0.0.1' - ''; + services.resolved.enable = true; + services.resolved.fallbackDns = [ "127.1.0.1" ]; } -- cgit v1.2.3 From 99065dfd7ad990ea7ad4c44b7b209de7e3859926 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 Jan 2018 01:16:45 +0100 Subject: l nixpkgs: 0b30c1d -> 0653b73 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index a6314694c..f622285b1 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "0b30c1d"; + ref = "0653b73"; }; secrets = getAttr builder { buildbot.file = toString ; -- cgit v1.2.3 From 5ef3a2c6caa2f018c2adf795de992e0487dd2413 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 Jan 2018 18:03:28 +0100 Subject: l nixpkgs: 0653b73 -> d202e30 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index f622285b1..46c6d31dc 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "0653b73"; + ref = "d202e30"; }; secrets = getAttr builder { buildbot.file = toString ; -- cgit v1.2.3