From fa38155eec9563dc9dc620a77900d87b97443cfe Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 15 Jul 2017 18:57:16 +0200
Subject: ma: move systems to subdir, init source

---
 makefu/1systems/omo/config.nix | 204 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 204 insertions(+)
 create mode 100644 makefu/1systems/omo/config.nix

(limited to 'makefu/1systems/omo')

diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
new file mode 100644
index 000000000..0f1b8e0da
--- /dev/null
+++ b/makefu/1systems/omo/config.nix
@@ -0,0 +1,204 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, ... }:
+let
+  toMapper = id: "/media/crypt${builtins.toString id}";
+  byid = dev: "/dev/disk/by-id/" + dev;
+  keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0";
+  rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904";
+  rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2";
+  primaryInterface = "enp1s0";
+  # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512
+  # cryptsetup luksAddKey $dev tmpkey
+  # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096
+  # mkfs.xfs /dev/mapper/crypt0 -L crypt0
+
+  # omo Chassis:
+  # __FRONT_
+  # |* d0   |
+  # |       |
+  # |* d3   |
+  # |       |
+  # |* d3   |
+  # |       |
+  # |*      |
+  # |* d2   |
+  # |  * r0 |
+  # |_______|
+  cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6";
+  cryptDisk1 = byid "ata-TP02000GB_TPW151006050068";
+  cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
+  # cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907";
+  # all physical disks
+
+  # TODO callPackage ../3modules/MonitorDisks { disks = allDisks }
+  dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 ];
+  allDisks = [ rootDisk ] ++ dataDisks;
+in {
+  imports =
+    [
+      ../.
+      # TODO: unlock home partition via ssh
+      ../2configs/fs/sda-crypto-root.nix
+      ../2configs/zsh-user.nix
+      ../2configs/backup.nix
+      ../2configs/exim-retiolum.nix
+      ../2configs/smart-monitor.nix
+      ../2configs/mail-client.nix
+      # ../2configs/disable_v6.nix
+      #../2configs/graphite-standalone.nix
+      #../2configs/share-user-sftp.nix
+      ../2configs/share/omo.nix
+      ../2configs/tinc/retiolum.nix
+
+      # Logging
+      ../2configs/stats/server.nix #influx + grafana
+      ../2configs/stats/client.nix
+      ../2configs/stats/external/aralast.nix # logs to influx
+
+      # services
+      ../2configs/syncthing.nix
+      ../2configs/mqtt.nix
+      # ../2configs/logging/central-logging-client.nix
+
+      # ../2configs/torrent.nix
+
+      # ../2configs/elchos/search.nix
+      # ../2configs/elchos/log.nix
+      # ../2configs/elchos/irc-token.nix
+
+      ## as long as pyload is not in nixpkgs:
+      # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload
+    ];
+  makefu.full-populate = true;
+  makefu.server.primary-itf = primaryInterface;
+  krebs.rtorrent = {
+    downloadDir = lib.mkForce "/media/crypt0/torrent";
+    extraConfig = ''
+      upload_rate = 200
+    '';
+  };
+  users.groups.share = {
+    gid = (import <stockholm/lib>).genid "share";
+    members = [ "makefu" "misa" ];
+  };
+  networking.firewall.trustedInterfaces = [ primaryInterface ];
+  # udp:137 udp:138 tcp:445 tcp:139 - samba, allowed in local net
+  # tcp:80          - nginx for sharing files
+  # tcp:655 udp:655 - tinc
+  # tcp:8111        - graphite
+  # tcp:8112        - pyload
+  # tcp:9090        - sabnzbd
+  # tcp:9200        - elasticsearch
+  # tcp:5601        - kibana
+  networking.firewall.allowedUDPPorts = [ 655 ];
+  networking.firewall.allowedTCPPorts = [ 80 655 5601 8111 8112 9200 9090 ];
+
+  # services.openssh.allowSFTP = false;
+
+  # copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/
+  services.sabnzbd.enable = true;
+  systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+
+  virtualisation.docker.enable = true;
+  makefu.ps3netsrv = {
+    enable = true;
+    servedir = "/media/cryptX/emu/ps3";
+  };
+  # HDD Array stuff
+  services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
+
+  makefu.snapraid = {
+    enable = true;
+    disks = map toMapper [ 0 1 ];
+    parity = toMapper 2;
+  };
+
+  # TODO create folders in /media
+  system.activationScripts.createCryptFolders = ''
+    ${lib.concatMapStringsSep "\n"
+      (d: "install -m 755 -d " + (toMapper d) )
+      [ 0 1 2 "X" ]}
+  '';
+  environment.systemPackages = with pkgs;[
+    mergerfs # hard requirement for mount
+    wol # wake up filepimp
+    f3
+  ];
+  fileSystems = let
+    cryptMount = name:
+      { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };};
+  in   cryptMount "crypt0"
+    // cryptMount "crypt1"
+    // cryptMount "crypt2"
+    // { "/media/cryptX" = {
+            device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 ]);
+            fsType = "mergerfs";
+            noCheck = true;
+            options = [ "defaults" "allow_other" "nofail" "nonempty" ];
+          };
+       };
+
+  powerManagement.powerUpCommands = lib.concatStrings (map (disk: ''
+      ${pkgs.hdparm}/sbin/hdparm -S 100 ${disk}
+      ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk}
+      ${pkgs.hdparm}/sbin/hdparm -y ${disk}
+    '') allDisks);
+
+  # crypto unlocking
+  boot = {
+    initrd.luks = {
+      devices = let
+        usbkey = name: device: {
+          inherit name device keyFile;
+          keyFileSize = 4096;
+          allowDiscards = true;
+        };
+      in [
+        (usbkey "luksroot" rootPartition)
+        (usbkey "crypt0" cryptDisk0)
+        (usbkey "crypt1" cryptDisk1)
+        (usbkey "crypt2" cryptDisk2)
+      ];
+    };
+    loader.grub.device = lib.mkForce rootDisk;
+
+    initrd.availableKernelModules = [
+      "ahci"
+      "ohci_pci"
+      "ehci_pci"
+      "pata_atiixp"
+      "firewire_ohci"
+      "usb_storage"
+      "usbhid"
+    ];
+
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+  };
+  users.users.misa = {
+    uid = 9002;
+    name = "misa";
+  };
+  # hardware.enableAllFirmware = true;
+  hardware.enableRedistributableFirmware = true;
+  hardware.cpu.intel.updateMicrocode = true;
+
+  zramSwap.enable = true;
+
+  krebs.Reaktor.reaktor = {
+    nickname = "Reaktor|bot";
+    channels = [ "#krebs" "#shackspace" "#binaergewitter" ];
+    plugins = with pkgs.ReaktorPlugins;[
+                               titlebot
+                               # stockholm-issue
+                               nixos-version
+                               shack-correct
+                               sed-plugin
+                               random-emoji ];
+  };
+
+  krebs.build.host = config.krebs.hosts.omo;
+}
-- 
cgit v1.3.1


From 7704f80890c75f65c2906ecc17cdd89761d308ad Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 15 Jul 2017 19:01:02 +0200
Subject: ma: replace path to 2configs, init source.nix

---
 makefu/1systems/darth/config.nix     | 16 ++++----
 makefu/1systems/darth/source.nix     |  3 ++
 makefu/1systems/drop/config.nix      |  8 ++--
 makefu/1systems/drop/source.nix      |  3 ++
 makefu/1systems/fileleech/config.nix | 18 ++++-----
 makefu/1systems/fileleech/source.nix |  3 ++
 makefu/1systems/filepimp/config.nix  | 16 ++++----
 makefu/1systems/filepimp/source.nix  |  3 ++
 makefu/1systems/gum/config.nix       | 74 ++++++++++++++++++------------------
 makefu/1systems/gum/source.nix       |  3 ++
 makefu/1systems/iso/config.nix       |  4 +-
 makefu/1systems/iso/source.nix       |  3 ++
 makefu/1systems/omo/config.nix       | 44 ++++++++++-----------
 makefu/1systems/omo/source.nix       |  3 ++
 makefu/1systems/pnp/config.nix       |  8 ++--
 makefu/1systems/pnp/source.nix       |  3 ++
 makefu/1systems/repunit/config.nix   |  6 +--
 makefu/1systems/repunit/source.nix   |  3 ++
 makefu/1systems/sdev/config.nix      |  6 +--
 makefu/1systems/sdev/source.nix      |  3 ++
 makefu/1systems/shoney/config.nix    | 12 +++---
 makefu/1systems/shoney/source.nix    |  3 ++
 makefu/1systems/studio/config.nix    | 16 ++++----
 makefu/1systems/studio/source.nix    |  3 ++
 makefu/1systems/tsp/config.nix       | 18 ++++-----
 makefu/1systems/tsp/source.nix       |  3 ++
 makefu/1systems/vbob/config.nix      | 22 +++++------
 makefu/1systems/vbob/source.nix      |  3 ++
 makefu/1systems/wbob/config.nix      | 32 ++++++++--------
 makefu/1systems/wbob/source.nix      |  3 ++
 makefu/1systems/wry/config.nix       | 24 ++++++------
 makefu/1systems/wry/source.nix       |  3 ++
 makefu/1systems/x/config.nix         | 70 +++++++++++++++++-----------------
 makefu/1systems/x/source.nix         |  4 ++
 makefu/source.nix                    | 41 ++++++++++++--------
 35 files changed, 274 insertions(+), 213 deletions(-)
 create mode 100644 makefu/1systems/darth/source.nix
 create mode 100644 makefu/1systems/drop/source.nix
 create mode 100644 makefu/1systems/fileleech/source.nix
 create mode 100644 makefu/1systems/filepimp/source.nix
 create mode 100644 makefu/1systems/gum/source.nix
 create mode 100644 makefu/1systems/iso/source.nix
 create mode 100644 makefu/1systems/omo/source.nix
 create mode 100644 makefu/1systems/pnp/source.nix
 create mode 100644 makefu/1systems/repunit/source.nix
 create mode 100644 makefu/1systems/sdev/source.nix
 create mode 100644 makefu/1systems/shoney/source.nix
 create mode 100644 makefu/1systems/studio/source.nix
 create mode 100644 makefu/1systems/tsp/source.nix
 create mode 100644 makefu/1systems/vbob/source.nix
 create mode 100644 makefu/1systems/wbob/source.nix
 create mode 100644 makefu/1systems/wry/source.nix
 create mode 100644 makefu/1systems/x/source.nix

(limited to 'makefu/1systems/omo')

diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix
index b39021176..c8d17ca70 100644
--- a/makefu/1systems/darth/config.nix
+++ b/makefu/1systems/darth/config.nix
@@ -10,15 +10,15 @@ let
   allDisks = [ rootDisk ]; # auxDisk
 in {
   imports = [
-      ../.
-      ../2configs/fs/single-partition-ext4.nix
-      ../2configs/zsh-user.nix
-      ../2configs/smart-monitor.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/virtualization.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/virtualization.nix>
 
-      ../2configs/tinc/retiolum.nix
-      ../2configs/temp-share-samba.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/temp-share-samba.nix>
   ];
   services.samba.shares = {
       isos = {
diff --git a/makefu/1systems/darth/source.nix b/makefu/1systems/darth/source.nix
new file mode 100644
index 000000000..b13b6c603
--- /dev/null
+++ b/makefu/1systems/darth/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="darth";
+}
diff --git a/makefu/1systems/drop/config.nix b/makefu/1systems/drop/config.nix
index 4a94c3f61..b7e0d0395 100644
--- a/makefu/1systems/drop/config.nix
+++ b/makefu/1systems/drop/config.nix
@@ -5,10 +5,10 @@ let
   prefixLength = 18;
 in {
   imports = [
-      ../.
-      ../2configs/hw/CAC.nix
-      ../2configs/save-diskspace.nix
-      ../2configs/torrent.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/hw/CAC.nix>
+      <stockholm/makefu/2configs/save-diskspace.nix>
+      <stockholm/makefu/2configs/torrent.nix>
   ];
   krebs = {
     enable = true;
diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix
new file mode 100644
index 000000000..74de846c0
--- /dev/null
+++ b/makefu/1systems/drop/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="drop";
+}
diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix
index 3aa5a54f8..b5ec370a5 100644
--- a/makefu/1systems/fileleech/config.nix
+++ b/makefu/1systems/fileleech/config.nix
@@ -22,16 +22,16 @@ let
   disks = [ { name = "luksroot"; device = rootPartition; } ] ++ dataDisks;
 in {
     imports = [
-      ../.
-      ../2configs/tinc/retiolum.nix
-      ../2configs/disable_v6.nix
-      # ../2configs/torrent.nix
-      ../2configs/fs/sda-crypto-root.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/disable_v6.nix>
+      # <stockholm/makefu/2configs/torrent.nix>
+      <stockholm/makefu/2configs/fs/sda-crypto-root.nix>
 
-      #../2configs/elchos/irc-token.nix
-      ../2configs/elchos/log.nix
-      ../2configs/elchos/search.nix
-      ../2configs/elchos/stats.nix
+      #<stockholm/makefu/2configs/elchos/irc-token.nix>
+      <stockholm/makefu/2configs/elchos/log.nix>
+      <stockholm/makefu/2configs/elchos/search.nix>
+      <stockholm/makefu/2configs/elchos/stats.nix>
 
     ];
   systemd.services.grafana.serviceConfig.LimitNOFILE=10032;
diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix
new file mode 100644
index 000000000..699267e21
--- /dev/null
+++ b/makefu/1systems/fileleech/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="fileleech";
+}
diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix
index e143d0046..65e81af66 100644
--- a/makefu/1systems/filepimp/config.nix
+++ b/makefu/1systems/filepimp/config.nix
@@ -20,11 +20,11 @@ let
 in {
   imports =
     [ # Include the results of the hardware scan.
-      ../.
-      ../2configs/fs/single-partition-ext4.nix
-      ../2configs/smart-monitor.nix
-      ../2configs/tinc/retiolum.nix
-      ../2configs/filepimp-share.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+      <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/filepimp-share.nix>
     ];
 
   krebs.build.host = config.krebs.hosts.filepimp;
@@ -73,9 +73,9 @@ in {
     xfsmount = name: dev:
       { "/media/${name}" = { device = dev; fsType = "xfs"; }; };
   in
-  # (xfsmount "j0" (part1 jDisk0))   //
-    (xfsmount "j1" (part1 jDisk1))   //
-    (xfsmount "j2" (part1 jDisk2))   //
+  # (xfsmount "j0" (part1 jDisk0)) <stockholm/makefu>
+    (xfsmount "j1" (part1 jDisk1)) <stockholm/makefu>
+    (xfsmount "j2" (part1 jDisk2)) <stockholm/makefu>
     (xfsmount "par0" (part1 jDisk3))
     ;
 
diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix
new file mode 100644
index 000000000..88c9f4f08
--- /dev/null
+++ b/makefu/1systems/filepimp/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="filepimp";
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 51761d3fd..aaddd8a68 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -13,47 +13,47 @@ let
   main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
 in {
   imports = [
-      ../.
+      <stockholm/makefu>
        <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../2configs/headless.nix
-      ../2configs/fs/single-partition-ext4.nix
-      # ../2configs/smart-monitor.nix
-      ../2configs/git/cgit-retiolum.nix
-      ../2configs/backup.nix
-      # ../2configs/mattermost-docker.nix
-      # ../2configs/disable_v6.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/tinc/retiolum.nix
-      ../2configs/urlwatch
+      <stockholm/makefu/2configs/headless.nix>
+      <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+      # <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/git/cgit-retiolum.nix>
+      <stockholm/makefu/2configs/backup.nix>
+      # <stockholm/makefu/2configs/mattermost-docker.nix>
+      # <stockholm/makefu/2configs/disable_v6.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/urlwatch>
 
       # Security
-      ../2configs/sshd-totp.nix
+      <stockholm/makefu/2configs/sshd-totp.nix>
 
       # Tools
-      ../2configs/tools/core.nix
-      ../2configs/tools/dev.nix
-      ../2configs/tools/sec.nix
+      <stockholm/makefu/2configs/tools/core.nix>
+      <stockholm/makefu/2configs/tools/dev.nix>
+      <stockholm/makefu/2configs/tools/sec.nix>
 
       # services
-      ../2configs/share/gum.nix
-      ../2configs/sabnzbd.nix
-      ../2configs/torrent.nix
-      ../2configs/iodined.nix
+      <stockholm/makefu/2configs/share/gum.nix>
+      <stockholm/makefu/2configs/sabnzbd.nix>
+      <stockholm/makefu/2configs/torrent.nix>
+      <stockholm/makefu/2configs/iodined.nix>
 
       ## Web
-      ../2configs/nginx/share-download.nix
-      ../2configs/nginx/euer.test.nix
-      ../2configs/nginx/euer.wiki.nix
-      ../2configs/nginx/euer.blog.nix
-      ../2configs/nginx/public_html.nix
-      ../2configs/nginx/update.connector.one.nix
-
-      ../2configs/deployment/mycube.connector.one.nix
-      ../2configs/deployment/graphs.nix
-      ../2configs/deployment/owncloud.nix
-      ../2configs/deployment/wiki-irc-bot
-      ../2configs/deployment/boot-euer.nix
-      ../2configs/deployment/hound
+      <stockholm/makefu/2configs/nginx/share-download.nix>
+      <stockholm/makefu/2configs/nginx/euer.test.nix>
+      <stockholm/makefu/2configs/nginx/euer.wiki.nix>
+      <stockholm/makefu/2configs/nginx/euer.blog.nix>
+      <stockholm/makefu/2configs/nginx/public_html.nix>
+      <stockholm/makefu/2configs/nginx/update.connector.one.nix>
+
+      <stockholm/makefu/2configs/deployment/mycube.connector.one.nix>
+      <stockholm/makefu/2configs/deployment/graphs.nix>
+      <stockholm/makefu/2configs/deployment/owncloud.nix>
+      <stockholm/makefu/2configs/deployment/wiki-irc-bot>
+      <stockholm/makefu/2configs/deployment/boot-euer.nix>
+      <stockholm/makefu/2configs/deployment/hound>
       {
         services.taskserver.enable = true;
         services.taskserver.fqdn = config.krebs.build.host.name;
@@ -64,12 +64,12 @@ in {
           ip6tables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT
         '';
       }
-      # ../2configs/ipfs.nix
-      ../2configs/syncthing.nix
+      # <stockholm/makefu/2configs/ipfs.nix>
+      <stockholm/makefu/2configs/syncthing.nix>
 
-      # ../2configs/opentracker.nix
-      ../2configs/stats/client.nix
-      # ../2configs/logging/client.nix
+      # <stockholm/makefu/2configs/opentracker.nix>
+      <stockholm/makefu/2configs/stats/client.nix>
+      # <stockholm/makefu/2configs/logging/client.nix>
 
   ];
   makefu.dl-dir = "/var/download";
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
new file mode 100644
index 000000000..82d42b496
--- /dev/null
+++ b/makefu/1systems/gum/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="gum";
+}
diff --git a/makefu/1systems/iso/config.nix b/makefu/1systems/iso/config.nix
index c679241e5..f863321bd 100644
--- a/makefu/1systems/iso/config.nix
+++ b/makefu/1systems/iso/config.nix
@@ -3,10 +3,10 @@
 with import <stockholm/lib>;
 {
   imports = [
-    ../.
+    <stockholm/makefu>
     <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
     <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
-    ../2configs/tools/core.nix
+    <stockholm/makefu/2configs/tools/core.nix>
   ];
   # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
   # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
diff --git a/makefu/1systems/iso/source.nix b/makefu/1systems/iso/source.nix
new file mode 100644
index 000000000..e200dbfd2
--- /dev/null
+++ b/makefu/1systems/iso/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="iso";
+}
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 0f1b8e0da..732f1d860 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -39,35 +39,35 @@ let
 in {
   imports =
     [
-      ../.
+      <stockholm/makefu>
       # TODO: unlock home partition via ssh
-      ../2configs/fs/sda-crypto-root.nix
-      ../2configs/zsh-user.nix
-      ../2configs/backup.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/smart-monitor.nix
-      ../2configs/mail-client.nix
-      # ../2configs/disable_v6.nix
-      #../2configs/graphite-standalone.nix
-      #../2configs/share-user-sftp.nix
-      ../2configs/share/omo.nix
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/fs/sda-crypto-root.nix>
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/backup.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/mail-client.nix>
+      # <stockholm/makefu/2configs/disable_v6.nix>
+      #<stockholm/makefu/2configs/graphite-standalone.nix>
+      #<stockholm/makefu/2configs/share-user-sftp.nix>
+      <stockholm/makefu/2configs/share/omo.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
       # Logging
-      ../2configs/stats/server.nix #influx + grafana
-      ../2configs/stats/client.nix
-      ../2configs/stats/external/aralast.nix # logs to influx
+      <stockholm/makefu/2configs/stats/server.nix #influx + grafana>
+      <stockholm/makefu/2configs/stats/client.nix>
+      <stockholm/makefu/2configs/stats/external/aralast.nix # logs to influx>
 
       # services
-      ../2configs/syncthing.nix
-      ../2configs/mqtt.nix
-      # ../2configs/logging/central-logging-client.nix
+      <stockholm/makefu/2configs/syncthing.nix>
+      <stockholm/makefu/2configs/mqtt.nix>
+      # <stockholm/makefu/2configs/logging/central-logging-client.nix>
 
-      # ../2configs/torrent.nix
+      # <stockholm/makefu/2configs/torrent.nix>
 
-      # ../2configs/elchos/search.nix
-      # ../2configs/elchos/log.nix
-      # ../2configs/elchos/irc-token.nix
+      # <stockholm/makefu/2configs/elchos/search.nix>
+      # <stockholm/makefu/2configs/elchos/log.nix>
+      # <stockholm/makefu/2configs/elchos/irc-token.nix>
 
       ## as long as pyload is not in nixpkgs:
       # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload
diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix
new file mode 100644
index 000000000..94fd9cbe6
--- /dev/null
+++ b/makefu/1systems/omo/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="omo";
+}
diff --git a/makefu/1systems/pnp/config.nix b/makefu/1systems/pnp/config.nix
index 971676b79..cc6326f19 100644
--- a/makefu/1systems/pnp/config.nix
+++ b/makefu/1systems/pnp/config.nix
@@ -6,16 +6,16 @@
 {
   imports =
     [
-      ../.
-      ../2configs/headless.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/headless.nix>
       ../../krebs/3modules/Reaktor.nix
 
       # these will be overwritten by qemu-vm.nix but will be used if the system
       # is directly deployed
       <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../2configs/fs/vm-single-partition.nix
+      <stockholm/makefu/2configs/fs/vm-single-partition.nix>
 
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
       # config.system.build.vm
       (toString <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>)
diff --git a/makefu/1systems/pnp/source.nix b/makefu/1systems/pnp/source.nix
new file mode 100644
index 000000000..0b630aa3b
--- /dev/null
+++ b/makefu/1systems/pnp/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="pnp";
+}
diff --git a/makefu/1systems/repunit/config.nix b/makefu/1systems/repunit/config.nix
index 7102b8f81..996abff08 100644
--- a/makefu/1systems/repunit/config.nix
+++ b/makefu/1systems/repunit/config.nix
@@ -7,10 +7,10 @@
 {
   imports =
     [ # Include the results of the hardware scan.
-      ../.
+      <stockholm/makefu>
       <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../2configs/git/cgit-retiolum.nix
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/git/cgit-retiolum.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
     ];
   krebs.build.host = config.krebs.hosts.repunit;
 
diff --git a/makefu/1systems/repunit/source.nix b/makefu/1systems/repunit/source.nix
new file mode 100644
index 000000000..ff361fb55
--- /dev/null
+++ b/makefu/1systems/repunit/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="repunit";
+}
diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index 233f7cefa..f3853a788 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -4,14 +4,14 @@
   makefu.awesome.modkey = "Mod1";
   imports =
     [ # Include the results of the hardware scan.
-      ../.
+      <stockholm/makefu>
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
-      ../2configs/main-laptop.nix #< base-gui
+      <stockholm/makefu/2configs/main-laptop.nix #< base-gui>
       # <secrets/extra-hosts.nix>
 
       # environment
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
     ];
   # workaround for https://github.com/NixOS/nixpkgs/issues/16641
diff --git a/makefu/1systems/sdev/source.nix b/makefu/1systems/sdev/source.nix
new file mode 100644
index 000000000..833d9bf73
--- /dev/null
+++ b/makefu/1systems/sdev/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="sdev";
+}
diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix
index 9f04e97eb..6cec260d2 100644
--- a/makefu/1systems/shoney/config.nix
+++ b/makefu/1systems/shoney/config.nix
@@ -9,12 +9,12 @@ let
   gw = "64.137.234.1";
 in {
   imports = [
-    ../.
-    ../2configs/save-diskspace.nix
-    ../2configs/hw/CAC.nix
-    ../2configs/fs/CAC-CentOS-7-64bit.nix
-    ../2configs/tinc/retiolum.nix
-    ../2configs/torrent.nix
+    <stockholm/makefu>
+    <stockholm/makefu/2configs/save-diskspace.nix>
+    <stockholm/makefu/2configs/hw/CAC.nix>
+    <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
+    <stockholm/makefu/2configs/tinc/retiolum.nix>
+    <stockholm/makefu/2configs/torrent.nix>
   ];
 
 
diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix
new file mode 100644
index 000000000..382474f5e
--- /dev/null
+++ b/makefu/1systems/shoney/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="shoney";
+}
diff --git a/makefu/1systems/studio/config.nix b/makefu/1systems/studio/config.nix
index f7d49cac6..b9a1a5d6a 100644
--- a/makefu/1systems/studio/config.nix
+++ b/makefu/1systems/studio/config.nix
@@ -1,14 +1,14 @@
 { config, pkgs, ... }:
 {
   imports = [
-    ../.
-    ../2configs/vncserver.nix
-    ../2configs/vim.nix
-    ../2configs/disable_v6.nix
-    ../2configs/audio/jack-on-pulse.nix
-    ../2configs/audio/realtime-audio.nix
-    ../2configs/gui/studio.nix
-    ../2configs/binary-cache/lass.nix
+    <stockholm/makefu>
+    <stockholm/makefu/2configs/vncserver.nix>
+    <stockholm/makefu/2configs/vim.nix>
+    <stockholm/makefu/2configs/disable_v6.nix>
+    <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
+    <stockholm/makefu/2configs/audio/realtime-audio.nix>
+    <stockholm/makefu/2configs/gui/studio.nix>
+    <stockholm/makefu/2configs/binary-cache/lass.nix>
 
   ];
   makefu.gui.user = "user"; # we use an extra user
diff --git a/makefu/1systems/studio/source.nix b/makefu/1systems/studio/source.nix
new file mode 100644
index 000000000..f5a7e19c4
--- /dev/null
+++ b/makefu/1systems/studio/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="studio";
+}
diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix
index 25fc2b49b..7169638d4 100644
--- a/makefu/1systems/tsp/config.nix
+++ b/makefu/1systems/tsp/config.nix
@@ -6,18 +6,18 @@
 {
   imports =
     [ # Include the results of the hardware scan.
-      ../.
-      ../2configs/gui/base.nix
-      ../2configs/fs/sda-crypto-root.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/gui/base.nix>
+      <stockholm/makefu/2configs/fs/sda-crypto-root.nix>
       # hardware specifics are in here
-      ../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix
+      <stockholm/makefu/2configs/hw/tp-x200.nix #< imports tp-x2x0.nix>
 
-      ../2configs/disable_v6.nix
-      ../2configs/rad1o.nix
+      <stockholm/makefu/2configs/disable_v6.nix>
+      <stockholm/makefu/2configs/rad1o.nix>
 
-      ../2configs/zsh-user.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
     ];
   # not working in vm
   krebs.build.host = config.krebs.hosts.tsp;
diff --git a/makefu/1systems/tsp/source.nix b/makefu/1systems/tsp/source.nix
new file mode 100644
index 000000000..79f6a435d
--- /dev/null
+++ b/makefu/1systems/tsp/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="tsp";
+}
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index d8e275bf6..933fcf047 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -4,24 +4,24 @@
   makefu.awesome.modkey = "Mod1";
   imports =
     [ # Include the results of the hardware scan.
-      ../.
+      <stockholm/makefu>
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
-      ../2configs/main-laptop.nix #< base-gui
-      ../2configs/sshd-totp.nix
+      <stockholm/makefu/2configs/main-laptop.nix #< base-gui>
+      <stockholm/makefu/2configs/sshd-totp.nix>
 
       # Tools
-      ../2configs/tools/core.nix
-      ../2configs/tools/core-gui.nix
-      ../2configs/tools/dev.nix
-      ../2configs/tools/extra-gui.nix
-      ../2configs/tools/sec.nix
+      <stockholm/makefu/2configs/tools/core.nix>
+      <stockholm/makefu/2configs/tools/core-gui.nix>
+      <stockholm/makefu/2configs/tools/dev.nix>
+      <stockholm/makefu/2configs/tools/extra-gui.nix>
+      <stockholm/makefu/2configs/tools/sec.nix>
 
       # environment
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
-      ../2configs/audio/jack-on-pulse.nix
-      ../2configs/audio/realtime-audio.nix
+      <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
+      <stockholm/makefu/2configs/audio/realtime-audio.nix>
 
     ];
   networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix
new file mode 100644
index 000000000..96c3f368c
--- /dev/null
+++ b/makefu/1systems/vbob/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="vbob";
+}
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 5d0dd4a79..c530aaad3 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -7,23 +7,23 @@ in {
 
   imports =
     [ # Include the results of the hardware scan.
-      ../.
-      ../2configs/zsh-user.nix
-      ../2configs/tools/core.nix
-      ../2configs/tools/core-gui.nix
-      ../2configs/tools/extra-gui.nix
-      ../2configs/tools/media.nix
-      ../2configs/virtualization.nix
-      ../2configs/tinc/retiolum.nix
-      ../2configs/mqtt.nix
-      ../2configs/deployment/led-fader.nix
-      # ../2configs/gui/wbob-kiosk.nix
-      ../2configs/stats/client.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/tools/core.nix>
+      <stockholm/makefu/2configs/tools/core-gui.nix>
+      <stockholm/makefu/2configs/tools/extra-gui.nix>
+      <stockholm/makefu/2configs/tools/media.nix>
+      <stockholm/makefu/2configs/virtualization.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/mqtt.nix>
+      <stockholm/makefu/2configs/deployment/led-fader.nix>
+      # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+      <stockholm/makefu/2configs/stats/client.nix>
 
-      ../2configs/gui/studio.nix
-      ../2configs/audio/jack-on-pulse.nix
-      ../2configs/audio/realtime-audio.nix
-      ../2configs/vncserver.nix
+      <stockholm/makefu/2configs/gui/studio.nix>
+      <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
+      <stockholm/makefu/2configs/audio/realtime-audio.nix>
+      <stockholm/makefu/2configs/vncserver.nix>
     ];
 
   krebs = {
diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix
new file mode 100644
index 000000000..419ebbe3b
--- /dev/null
+++ b/makefu/1systems/wbob/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="wbob";
+}
diff --git a/makefu/1systems/wry/config.nix b/makefu/1systems/wry/config.nix
index f5097bf40..2db1a9a95 100644
--- a/makefu/1systems/wry/config.nix
+++ b/makefu/1systems/wry/config.nix
@@ -7,26 +7,26 @@ let
   internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
 in {
   imports = [
-      ../.
+      <stockholm/makefu>
       # TODO: copy this config or move to krebs
-      ../2configs/hw/CAC.nix
-      ../2configs/fs/CAC-CentOS-7-64bit.nix
-      ../2configs/save-diskspace.nix
+      <stockholm/makefu/2configs/hw/CAC.nix>
+      <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
+      <stockholm/makefu/2configs/save-diskspace.nix>
 
-      # ../2configs/bepasty-dual.nix
+      # <stockholm/makefu/2configs/bepasty-dual.nix>
 
-      ../2configs/iodined.nix
-      ../2configs/backup.nix
+      <stockholm/makefu/2configs/iodined.nix>
+      <stockholm/makefu/2configs/backup.nix>
 
       # other nginx
-      # ../2configs/nginx/euer.test.nix
+      # <stockholm/makefu/2configs/nginx/euer.test.nix>
 
       # collectd
-      ../2configs/stats/client.nix
-      ../2configs/logging/client.nix
+      <stockholm/makefu/2configs/stats/client.nix>
+      <stockholm/makefu/2configs/logging/client.nix>
 
-      ../2configs/tinc/retiolum.nix
-      # ../2configs/torrent.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      # <stockholm/makefu/2configs/torrent.nix>
   ];
 
   krebs.build.host = config.krebs.hosts.wry;
diff --git a/makefu/1systems/wry/source.nix b/makefu/1systems/wry/source.nix
new file mode 100644
index 000000000..fac3877ee
--- /dev/null
+++ b/makefu/1systems/wry/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="wry";
+}
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 235862e85..b84394cd2 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -7,61 +7,61 @@ with import <stockholm/lib>;
 {
   imports =
     [ # base
-      ../.
-      ../2configs/main-laptop.nix
-      ../2configs/extra-fonts.nix
-      ../2configs/tools/all.nix
-      ../2configs/laptop-backup.nix
-      ../2configs/dnscrypt.nix
-      ../2configs/avahi.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/main-laptop.nix>
+      <stockholm/makefu/2configs/extra-fonts.nix>
+      <stockholm/makefu/2configs/tools/all.nix>
+      <stockholm/makefu/2configs/laptop-backup.nix>
+      <stockholm/makefu/2configs/dnscrypt.nix>
+      <stockholm/makefu/2configs/avahi.nix>
 
       # Debugging
-      # ../2configs/disable_v6.nix
+      # <stockholm/makefu/2configs/disable_v6.nix>
 
       # Testing
-      # ../2configs/lanparty/lancache.nix
-      # ../2configs/lanparty/lancache-dns.nix
-      # ../2configs/deployment/dirctator.nix
-      # ../2configs/vncserver.nix
-      # ../2configs/deployment/led-fader
-      # ../2configs/deployment/hound
+      # <stockholm/makefu/2configs/lanparty/lancache.nix>
+      # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
+      # <stockholm/makefu/2configs/deployment/dirctator.nix>
+      # <stockholm/makefu/2configs/vncserver.nix>
+      # <stockholm/makefu/2configs/deployment/led-fader>
+      # <stockholm/makefu/2configs/deployment/hound>
 
       # development
-      ../2configs/sources
+      <stockholm/makefu/2configs/sources>
 
       # Krebs
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
       # applications
-      ../2configs/exim-retiolum.nix
-      ../2configs/mail-client.nix
-      ../2configs/printer.nix
-      ../2configs/task-client.nix
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/mail-client.nix>
+      <stockholm/makefu/2configs/printer.nix>
+      <stockholm/makefu/2configs/task-client.nix>
 
       # Virtualization
-      ../2configs/virtualization.nix
-      ../2configs/docker.nix
-      ../2configs/virtualization-virtualbox.nix
+      <stockholm/makefu/2configs/virtualization.nix>
+      <stockholm/makefu/2configs/docker.nix>
+      <stockholm/makefu/2configs/virtualization-virtualbox.nix>
 
       # Services
-      ../2configs/git/brain-retiolum.nix
-      ../2configs/tor.nix
-      ../2configs/steam.nix
-      # ../2configs/buildbot-standalone.nix
+      <stockholm/makefu/2configs/git/brain-retiolum.nix>
+      <stockholm/makefu/2configs/tor.nix>
+      <stockholm/makefu/2configs/steam.nix>
+      # <stockholm/makefu/2configs/buildbot-standalone.nix>
 
       # Hardware
-      ../2configs/hw/tp-x230.nix
-      ../2configs/hw/rtl8812au.nix
-      ../2configs/hw/exfat-nofuse.nix
-      ../2configs/hw/wwan.nix
-      # ../2configs/hw/stk1160.nix
-      # ../2configs/rad1o.nix
+      <stockholm/makefu/2configs/hw/tp-x230.nix>
+      <stockholm/makefu/2configs/hw/rtl8812au.nix>
+      <stockholm/makefu/2configs/hw/exfat-nofuse.nix>
+      <stockholm/makefu/2configs/hw/wwan.nix>
+      # <stockholm/makefu/2configs/hw/stk1160.nix>
+      # <stockholm/makefu/2configs/rad1o.nix>
 
       # Filesystem
-      ../2configs/fs/sda-crypto-root-home.nix
+      <stockholm/makefu/2configs/fs/sda-crypto-root-home.nix>
 
       # Security
-      ../2configs/sshd-totp.nix
+      <stockholm/makefu/2configs/sshd-totp.nix>
 
     ];
 
diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix
new file mode 100644
index 000000000..54ec3c8a9
--- /dev/null
+++ b/makefu/1systems/x/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/makefu/source.nix> {
+  name="x";
+  full = true;
+}
diff --git a/makefu/source.nix b/makefu/source.nix
index 18733ee5c..a24af4dfb 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -1,29 +1,38 @@
 with import <stockholm/lib>;
-host@{ name, secure ? false, override ? {} }: let
+host@{ name, secure ? false, override ? {}, full ? false }: let
   builder = if getEnv "dummy_secrets" == "true"
               then "buildbot"
-              else "tv";
-  _file = <stockholm> + "/tv/1systems/${name}/source.nix";
+              else "makefu";
+  _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
+  ref = "06734d1"; # unstable @ 2017-07-03 + graceful requests2 (a772c3aa)
+
 in
   evalSource (toString _file) [
     {
-      nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix";
-      nixpkgs.git = {
-        # nixos-17.03
-        ref = mkDefault "94941cb0455bfc50b1bf63186cfad7136d629f78";
-        url = https://github.com/NixOS/nixpkgs;
-      };
+      nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
+      # always perform a full populate when buildbot
+      nixpkgs = if full || (builder == "buildbot" ) then {
+          git = {
+            url = https://github.com/makefu/nixpkgs;
+            inherit ref;
+          };
+        } else {
+          # TODO use http, once it is implemented
+          # right now it is simply extracted revision folder
+
+          ## prepare so we do not have to wait for rsync:
+          ## cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/125ffff  -L | tar zx  && mv NixOS-nixpkgs-125ffff nixpkgs
+          file = "/home/makefu/store/${ref}";
+        };
+
       secrets.file = getAttr builder {
-        buildbot = toString <stockholm/tv/dummy_secrets>;
-        tv = "/home/tv/secrets/${name}";
+        buildbot = toString <stockholm/makefu/6tests/data/secrets>;
+        makefu = "/home/makefu/secrets/${name}";
       };
       stockholm.file = toString <stockholm>;
     }
-    (mkIf (builder == "tv") {
-      secrets-common.file = "/home/tv/secrets/common";
-    })
-    (mkIf (builder == "tv" && secure) {
-      secrets-master.file = "/home/tv/secrets/master";
+    (mkIf (builder == "makefu") {
+      secrets-common.file = "/home/makefu/secrets/common";
     })
     override
   ]
-- 
cgit v1.3.1