From 060a8f28fa1fc648bdf66afb31a5d1efac868837 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Jul 2023 22:24:15 +0200 Subject: makefu: move out to own repo, add vacation-note --- makefu/1systems/vbob/config.nix | 91 ----------------------------------------- makefu/1systems/vbob/source.nix | 4 -- 2 files changed, 95 deletions(-) delete mode 100644 makefu/1systems/vbob/config.nix delete mode 100644 makefu/1systems/vbob/source.nix (limited to 'makefu/1systems/vbob') diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix deleted file mode 100644 index 208dd1ff7..000000000 --- a/makefu/1systems/vbob/config.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ lib, config, pkgs, ... }: -{ - krebs.build.host = config.krebs.hosts.vbob; - makefu.awesome.modkey = "Mod1"; - imports = - [ - - { - imports = [ ]; - boot.loader.grub.device = "/dev/sda"; - } - # - # - - # base gui - # - # - - - - # security - - - # Tools - - - # - # - - # environment - - (let - gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; - gateway = "10.0.2.2"; - in { - # make sure the route to gum gets added after the network is online - systemd.services.wireguard-wg0.after = [ "network-online.target" ]; - networking.wireguard.interfaces.wg0 = { - ips = [ "10.244.0.3/24" ]; - privateKeyFile = (toString ) + "/wireguard.key"; - # explicit route via eth0 to gum - preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"]; - peers = [ - { # gum - endpoint = "${gum-ip}:51820"; - allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ]; - publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; - persistentKeepalive = 25; - } - ]; - }; - }) - - ]; - networking.extraHosts = import (toString ); - - # allow vbob to deploy self - users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; - - environment.shellAliases = { - forti = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn"; - }; - - system.activationScripts.prepare-fortclientvpnssl = '' - # TODO: for forticlientsslpn - mkdir -p /usr/{s,}bin - ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd - ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail - ''; - - # for forticlient - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs;[ - fortclientsslvpn ppp xclip - get - logstash - #devpi-web - #devpi-client - ansible - ]; - - - networking.firewall.allowedTCPPorts = [ - 25 - 80 - 8010 - ]; - # required for qemu - systemd.services."serial-getty@ttyS0".enable = true; -} diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix deleted file mode 100644 index 59744faf5..000000000 --- a/makefu/1systems/vbob/source.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - name="vbob"; - # musnix = true; -} -- cgit v1.2.3