diff options
| author | lassulus <lassulus@lassul.us> | 2017-07-23 21:10:50 +0200 |
|---|---|---|
| committer | lassulus <lassulus@lassul.us> | 2017-07-23 21:39:31 +0200 |
| commit | 8d34735c3099648fb3444d218c78fb3fb7612c46 (patch) | |
| tree | 5d47da9bdb11a35372cc61ae257b726101f84775 /lass/1systems | |
| parent | 1bf9e1e1eea95ea9efeb72a48e19a6df11881a7f (diff) | |
lass: cleanup
Diffstat (limited to 'lass/1systems')
| -rw-r--r-- | lass/1systems/icarus/config.nix | 33 | ||||
| -rw-r--r-- | lass/1systems/mors/config.nix | 33 | ||||
| -rw-r--r-- | lass/1systems/shodan/config.nix | 57 |
3 files changed, 12 insertions, 111 deletions
diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 61837bf3..8afd9797 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -3,8 +3,11 @@ { imports = [ <stockholm/lass> + <stockholm/lass/2configs/hw/x220.nix> + <stockholm/lass/2configs/boot/coreboot.nix> + + <stockholm/lass/2configs/mouse.nix> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/hw/tp-x220.nix> <stockholm/lass/2configs/git.nix> <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/baseX.nix> @@ -17,40 +20,12 @@ krebs.build.host = config.krebs.hosts.icarus; - boot = { - loader.grub.enable = true; - loader.grub.version = 2; - loader.grub.device = "/dev/sda"; - loader.grub.efiSupport = true; - - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; - initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; - }; fileSystems = { - "/" = { - device = "/dev/mapper/pool-root"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - "/boot" = { - device = "/dev/sda2"; - }; "/bku" = { device = "/dev/mapper/pool-bku"; fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/home" = { - device = "/dev/mapper/pool-home"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - "/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["nosuid" "nodev" "noatime"]; - }; }; services.udev.extraRules = '' diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 29dacf8d..2cb6a751 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -4,8 +4,11 @@ with import <stockholm/lib>; { imports = [ <stockholm/lass> + <stockholm/lass/2configs/hw/x220.nix> + <stockholm/lass/2configs/boot/coreboot.nix> + + <stockholm/lass/2configs/mouse.nix> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/hw/tp-x220.nix> <stockholm/lass/2configs/baseX.nix> <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/programs.nix> @@ -92,40 +95,12 @@ with import <stockholm/lib>; krebs.build.host = config.krebs.hosts.mors; - boot = { - loader.grub.enable = true; - loader.grub.version = 2; - loader.grub.device = "/dev/sda"; - loader.grub.efiSupport = true; - - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; - initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; - }; fileSystems = { - "/" = { - device = "/dev/mapper/pool-root"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - "/boot" = { - device = "/dev/sda2"; - }; "/bku" = { device = "/dev/mapper/pool-bku"; fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/home" = { - device = "/dev/mapper/pool-home"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - "/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["nosuid" "nodev" "noatime"]; - }; }; services.udev.extraRules = '' diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index a68471aa..00ea8267 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -4,8 +4,11 @@ with import <stockholm/lib>; { imports = [ <stockholm/lass> + #TODO reinstall with correct layout and use lass/hw/x220 + <stockholm/krebs/2configs/hw/x220.nix> + + <stockholm/lass/2configs/mouse.nix> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/hw/tp-x220.nix> <stockholm/lass/2configs/baseX.nix> <stockholm/lass/2configs/git.nix> <stockholm/lass/2configs/exim-retiolum.nix> @@ -14,58 +17,6 @@ with import <stockholm/lib>; <stockholm/lass/2configs/fetchWallpaper.nix> <stockholm/lass/2configs/backups.nix> <stockholm/lass/2configs/wine.nix> - #{ - # users.extraUsers = { - # root = { - # openssh.authorizedKeys.keys = map readFile [ - # ../../krebs/Zpubkeys/uriel.ssh.pub - # ]; - # }; - # }; - #} - { - users.users.sokratess = { - uid = genid "sokratess"; - home = "/home/sokratess"; - group = "users"; - createHome = true; - extraGroups = [ - "audio" - "networkmanager" - ]; - useDefaultShell = true; - password = "aidsballs"; - }; - krebs.per-user.sokratess.packages = [ - pkgs.firefox - pkgs.python27Packages.virtualenv - pkgs.python27Packages.ipython - pkgs.python27Packages.python - ]; - } - { - krebs.monit = let - echoToIrc = msg: - pkgs.writeDash "echo_irc" '' - set -euf - export LOGNAME=prism-alarm - ${pkgs.irc-announce}/bin/irc-announce \ - ni.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null - ''; - in { - enable = true; - http.enable = true; - alarms = { - hfos = { - test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'"; - alarm = echoToIrc "test hfos failed"; - }; - }; - }; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; } - ]; - } ]; krebs.build.host = config.krebs.hosts.shodan; |