diff options
Diffstat (limited to 'lass')
76 files changed, 1139 insertions, 841 deletions
diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index a84bb37f..14f4971f 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -8,6 +8,9 @@ with import <stockholm/lib>; <stockholm/lass/2configs/exim-retiolum.nix> <stockholm/lass/2configs/blue.nix> + <stockholm/lass/2configs/syncthing.nix> + <stockholm/lass/2configs/sync/decsync.nix> + <stockholm/lass/2configs/sync/weechat.nix> ]; krebs.build.host = config.krebs.hosts.blue; @@ -16,13 +19,13 @@ with import <stockholm/lib>; deploy = pkgs.writeDash "deploy" '' set -eu export SYSTEM="$1" - $(nix-build $HOME/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) + $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) ''; }; networking.nameservers = [ "1.1.1.1" ]; - lass.restic = genAttrs [ + services.restic.backups = genAttrs [ "daedalus" "icarus" "littleT" @@ -30,20 +33,19 @@ with import <stockholm/lib>; "shodan" "skynet" ] (dest: { - dirs = [ - "/home/" - "/var/lib" + initialize = true; + extraOptions = [ + "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" ]; + repository = "sftp:backup@${dest}.r:/backups/blue"; passwordFile = (toString <secrets>) + "/restic/${dest}"; - repo = "sftp:backup@${dest}.r:/backups/blue"; - extraArguments = [ - "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" + timerConfig = { OnCalendar = "00:05"; RandomizedDelaySec = "5h"; }; + paths = [ + "/home/" + "/var/lib" ]; - timerConfig = { - OnCalendar = "00:05"; - RandomizedDelaySec = "5h"; - }; }); + time.timeZone = "Europe/Berlin"; users.users.mainUser.openssh.authorizedKeys.keys = [ config.krebs.users.lass-android.pubkey ]; } diff --git a/lass/1systems/blue/physical.nix b/lass/1systems/blue/physical.nix index 7499ff72..b6aa3a89 100644 --- a/lass/1systems/blue/physical.nix +++ b/lass/1systems/blue/physical.nix @@ -4,5 +4,4 @@ ]; boot.isContainer = true; networking.useDHCP = false; - environment.variables.NIX_REMOTE = "daemon"; } diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index 8f748ab8..21f3a8bd 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,11 +1,14 @@ { lib, pkgs, ... }: { nixpkgs = lib.mkForce { - file = toString (pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; - sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; - }); + file = { + path = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; + sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; + }); + useChecksum = true; + }; }; } diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 305b3f70..df886803 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -6,9 +6,8 @@ with import <stockholm/lib>; <stockholm/lass> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/games.nix> - <stockholm/lass/2configs/steam.nix> <stockholm/lass/2configs/backup.nix> + <stockholm/lass/2configs/nfs-dl.nix> { # bubsy config users.users.bubsy = { @@ -28,6 +27,12 @@ with import <stockholm/lib>; enable = true; systemWide = true; }; + programs.chromium = { + enable = true; + extensions = [ + "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin + ]; + }; environment.systemPackages = with pkgs; [ pavucontrol #firefox @@ -41,7 +46,7 @@ with import <stockholm/lib>; wine geeqie vlc - minecraft + zsnes ]; nixpkgs.config.firefox.enableAdobeFlash = true; services.xserver.enable = true; @@ -52,6 +57,8 @@ with import <stockholm/lib>; { krebs.per-user.bitcoin.packages = [ pkgs.electrum + pkgs.electron-cash + pkgs.altcoins.litecoin ]; users.extraUsers = { bitcoin = { @@ -72,6 +79,7 @@ with import <stockholm/lib>; #remote control environment.systemPackages = with pkgs; [ x11vnc + torbrowser ]; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; } diff --git a/lass/1systems/daedalus/physical.nix b/lass/1systems/daedalus/physical.nix index 33a0cb47..d10ced7d 100644 --- a/lass/1systems/daedalus/physical.nix +++ b/lass/1systems/daedalus/physical.nix @@ -11,6 +11,10 @@ fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; + "/backups" = { + device = "/dev/pool/backup"; + fsType = "ext4"; + }; }; services.udev.extraRules = '' diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix new file mode 100644 index 00000000..0b4b50ee --- /dev/null +++ b/lass/1systems/green/config.nix @@ -0,0 +1,21 @@ +with import <stockholm/lib>; +{ config, lib, pkgs, ... }: +{ + imports = [ + <stockholm/lass> + <stockholm/lass/2configs> + <stockholm/lass/2configs/retiolum.nix> + <stockholm/lass/2configs/exim-retiolum.nix> + <stockholm/lass/2configs/mail.nix> + + <stockholm/lass/2configs/syncthing.nix> + <stockholm/lass/2configs/sync/decsync.nix> + <stockholm/lass/2configs/sync/weechat.nix> + ]; + + krebs.build.host = config.krebs.hosts.green; + + #networking.nameservers = [ "1.1.1.1" ]; + + #time.timeZone = "Europe/Berlin"; +} diff --git a/lass/1systems/green/physical.nix b/lass/1systems/green/physical.nix new file mode 100644 index 00000000..b6aa3a89 --- /dev/null +++ b/lass/1systems/green/physical.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./config.nix + ]; + boot.isContainer = true; + networking.useDHCP = false; +} diff --git a/lass/1systems/green/source.nix b/lass/1systems/green/source.nix new file mode 100644 index 00000000..21f3a8bd --- /dev/null +++ b/lass/1systems/green/source.nix @@ -0,0 +1,14 @@ +{ lib, pkgs, ... }: +{ + nixpkgs = lib.mkForce { + file = { + path = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; + sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; + }); + useChecksum = true; + }; + }; +} diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index d2d4bd3e..d8c8699a 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -17,6 +17,10 @@ <stockholm/lass/2configs/backup.nix> <stockholm/lass/2configs/wine.nix> <stockholm/lass/2configs/blue-host.nix> + <stockholm/lass/2configs/syncthing.nix> + <stockholm/lass/2configs/nfs-dl.nix> + <stockholm/lass/2configs/prism-share.nix> + <stockholm/lass/2configs/ssh-cryptsetup.nix> ]; krebs.build.host = config.krebs.hosts.icarus; diff --git a/lass/1systems/icarus/physical.nix b/lass/1systems/icarus/physical.nix index 6cc77a47..d764dabc 100644 --- a/lass/1systems/icarus/physical.nix +++ b/lass/1systems/icarus/physical.nix @@ -17,4 +17,6 @@ SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" ''; + + services.thinkfan.enable = true; } diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix index be064bed..a814cc6b 100644 --- a/lass/1systems/iso.nix +++ b/lass/1systems/iso.nix @@ -6,7 +6,6 @@ with import <stockholm/lib>; <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix> <stockholm/krebs> <stockholm/lass/3modules> - <stockholm/lass/5pkgs> <stockholm/lass/2configs/mc.nix> <stockholm/lass/2configs/vim.nix> { @@ -40,9 +39,10 @@ with import <stockholm/lib>; networking.hostName = "lass-iso"; } { + nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs; krebs.enable = true; krebs.build.user = config.krebs.users.lass; - krebs.build.host = config.krebs.hosts.iso; + krebs.build.host = {}; } { nixpkgs.config.allowUnfree = true; @@ -174,11 +174,13 @@ with import <stockholm/lib>; user = "lass"; }; windowManager.default = "xmonad"; - windowManager.session = [{ + windowManager.session = let + xmonad-lass = pkgs.callPackage <stockholm/lass/5pkgs/custom/xmonad-lass> { inherit config; }; + in [{ name = "xmonad"; start = '' ${pkgs.xorg.xhost}/bin/xhost +LOCAL: - ${pkgs.xmonad-lass}/bin/xmonad & + ${xmonad-lass}/bin/xmonad & waitPID=$! ''; }]; diff --git a/lass/1systems/littleT/config.nix b/lass/1systems/littleT/config.nix index 44617d3e..d44e6205 100644 --- a/lass/1systems/littleT/config.nix +++ b/lass/1systems/littleT/config.nix @@ -6,52 +6,13 @@ with import <stockholm/lib>; <stockholm/lass> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/backup.nix> - <stockholm/lass/2configs/steam.nix> - { - users.users.blacky = { - uid = genid "blacky"; - home = "/home/blacky"; - group = "users"; - createHome = true; - extraGroups = [ - "audio" - "networkmanager" - "video" - ]; - useDefaultShell = true; - }; - networking.networkmanager.enable = true; - networking.wireless.enable = mkForce false; - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - environment.systemPackages = with pkgs; [ - pavucontrol - chromium - hexchat - networkmanagerapplet - vlc - ]; - services.xserver.enable = true; - services.xserver.displayManager.lightdm.enable = true; - services.xserver.desktopManager.plasma5.enable = true; - services.xserver.layout = "de"; - users.mutableUsers = mkForce true; - services.xserver.synaptics.enable = true; - } - { - #remote control - environment.systemPackages = with pkgs; [ - x11vnc - ]; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; } - ]; - } + <stockholm/lass/2configs/blue-host.nix> + <stockholm/lass/2configs/syncthing.nix> + <stockholm/lass/2configs/green-host.nix> ]; + networking.networkmanager.enable = true; + networking.wireless.enable = mkForce false; time.timeZone = "Europe/Berlin"; hardware.trackpoint = { diff --git a/lass/1systems/littleT/physical.nix b/lass/1systems/littleT/physical.nix index 9776211a..550f058a 100644 --- a/lass/1systems/littleT/physical.nix +++ b/lass/1systems/littleT/physical.nix @@ -1,7 +1,25 @@ { imports = [ ./config.nix - <stockholm/lass/2configs/hw/x220.nix> - <stockholm/lass/2configs/boot/stock-x220.nix> + <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ]; + fileSystems."/" = + { device = "rpool/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/5B2E-3734"; + fsType = "vfat"; + }; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.device = "nodev"; + networking.hostId = "584248c6"; + + boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.kernelModules = [ "kvm-intel" ]; + } diff --git a/lass/1systems/morpheus/config.nix b/lass/1systems/morpheus/config.nix new file mode 100644 index 00000000..cab267d5 --- /dev/null +++ b/lass/1systems/morpheus/config.nix @@ -0,0 +1,41 @@ +{ config, pkgs, ... }: +with import <stockholm/lib>; +{ + imports = [ + <stockholm/lass> + + <stockholm/lass/2configs/retiolum.nix> + <stockholm/lass/2configs/power-action.nix> + <stockholm/lass/2configs/baseX.nix> + <stockholm/lass/2configs/games.nix> + <stockholm/lass/2configs/steam.nix> + ]; + + krebs.build.host = config.krebs.hosts.morpheus; + + networking.wireless.enable = false; + networking.networkmanager.enable = true; + + services.logind.extraConfig = '' + HandleLidSwitch=ignore + ''; + + nixpkgs.config.packageOverrides = super: { + steam = super.steam.override { + withPrimus = true; + extraPkgs = p: with p; [ + glxinfo + nettools + bumblebee + ]; + }; + }; + + + services.xserver.desktopManager.default = "none"; + services.xserver.displayManager.lightdm.autoLogin = { + enable = true; + user = "lass"; + timeout = 5; + }; +} diff --git a/lass/1systems/morpheus/physical.nix b/lass/1systems/morpheus/physical.nix new file mode 100644 index 00000000..0f08acb2 --- /dev/null +++ b/lass/1systems/morpheus/physical.nix @@ -0,0 +1,32 @@ +{ lib, ... }: +{ + imports = [ + <nixpkgs/nixos/modules/installer/scan/not-detected.nix> + ./config.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostId = "60ce7e88"; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.kernelParams = [ "acpi_osi=!" ''acpi_osi="Windows 2009"'' ]; + + hardware.bumblebee.enable = true; + hardware.bumblebee.group = "video"; + + fileSystems."/" = + { device = "rpool/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/DF3B-4528"; + fsType = "vfat"; + }; + + nix.maxJobs = lib.mkDefault 8; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; +} diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 207c7c64..5076beee 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1syste |