diff options
| author | lassulus <lass@aidsballs.de> | 2015-07-28 20:28:21 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2015-07-28 20:28:21 +0200 |
| commit | ac64527c5707cca5fc6e6e6ecf3957129cdb32b2 (patch) | |
| tree | 741d27e6ec9279b6bd42deec2b4023aedc1bd598 /2configs | |
| parent | b5d5b75d7d6dcc42f69418e6a454a64502fa6aee (diff) | |
lass: port everything to stockholm
Diffstat (limited to '2configs')
26 files changed, 0 insertions, 1317 deletions
diff --git a/2configs/lass/base.nix b/2configs/lass/base.nix deleted file mode 100644 index 8d4a9c89..00000000 --- a/2configs/lass/base.nix +++ /dev/null @@ -1,143 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -{ - imports = [ - ../../3modules/lass/iptables.nix - ../../2configs/lass/vim.nix - { - users.extraUsers = - mapAttrs (_: h: { hashedPassword = h; }) - (import /root/src/secrets/hashedPasswords.nix); - } - { - users.extraUsers = { - root = { - openssh.authorizedKeys.keys = map readFile [ - ../../Zpubkeys/lass.ssh.pub - ]; - }; - mainUser = { - name = "lass"; - uid = 1337; - home = "/home/lass"; - group = "users"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - "audio" - "wheel" - ]; - openssh.authorizedKeys.keys = map readFile [ - ../../Zpubkeys/lass.ssh.pub - ]; - }; - }; - } - ]; - - krebs = { - enable = true; - search-domain = "retiolum"; - }; - - nix.useChroot = true; - - users.mutableUsers = false; - - boot.tmpOnTmpfs = true; - # see tmpfiles.d(5) - systemd.tmpfiles.rules = [ - "d /tmp 1777 root root - -" - ]; - - # multiple-definition-problem when defining environment.variables.EDITOR - environment.extraInit = '' - EDITOR=vim - PAGER=most - ''; - - environment.systemPackages = with pkgs; [ - nmap - - git - most - rxvt_unicode.terminfo - - #network - iptables - ]; - - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - - #fancy colors - if [ -e ~/LS_COLORS ]; then - eval $(dircolors ~/LS_COLORS) - fi - - if [ -e /etc/nixos/dotfiles/link ]; then - /etc/nixos/dotfiles/link - fi - ''; - promptInit = '' - if test $UID = 0; then - PS1='\[\033[1;31m\]\w\[\033[0m\] ' - elif test $UID = 1337; then - PS1='\[\033[1;32m\]\w\[\033[0m\] ' - else - PS1='\[\033[1;33m\]\u@\w\[\033[0m\] ' - fi - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - fi - ''; - }; - - security.setuidPrograms = [ - "sendmail" - ]; - - #services.gitolite = { - # enable = true; - # dataDir = "/home/gitolite"; - # adminPubkey = config.sshKeys.lass.pub; - #}; - - services.openssh = { - enable = true; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - lass.iptables = { - enable = true; - tables = { - filter.INPUT.policy = "DROP"; - filter.FORWARD.policy = "DROP"; - filter.INPUT.rules = [ - { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } - { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } - { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } - { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } - ]; - }; - }; - -} diff --git a/2configs/lass/binary-caches.nix b/2configs/lass/binary-caches.nix deleted file mode 100644 index c2727520..00000000 --- a/2configs/lass/binary-caches.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, ... }: - -{ - nix.sshServe.enable = true; - nix.sshServe.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBF9SBNKE3Pw/ALwTfzpzs+j6Rpaf0kUy6FiPMmgNNNt root@mors" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCZSq5oLrokkh3F+MOdK5/nzVIEDvqyvfzLMNWmzsYD root@uriel" - ]; - nix.binaryCaches = [ - #"scp://nix-ssh@mors" - #"scp://nix-ssh@uriel" - ]; -} diff --git a/2configs/lass/bird.nix b/2configs/lass/bird.nix deleted file mode 100644 index 3fc265cd..00000000 --- a/2configs/lass/bird.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ config, ... }: - -{ - config.services.bird = { - enable = true; - config = '' - router id 192.168.122.1; - protocol device { - scan time 10; - } - ''; - }; -} diff --git a/2configs/lass/bitcoin.nix b/2configs/lass/bitcoin.nix deleted file mode 100644 index d3bccbf5..00000000 --- a/2configs/lass/bitcoin.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - electrum - ]; - - users.extraUsers = { - bitcoin = { - name = "bitcoin"; - description = "user for bitcoin stuff"; - home = "/home/bitcoin"; - useDefaultShell = true; - createHome = true; - }; - }; -} diff --git a/2configs/lass/browsers.nix b/2configs/lass/browsers.nix deleted file mode 100644 index 8aecea92..00000000 --- a/2configs/lass/browsers.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; - -in { - - nixpkgs.config.packageOverrides = pkgs : { - chromium = pkgs.chromium.override { - pulseSupport = true; - }; - }; - - environment.systemPackages = with pkgs; [ - firefox - ]; - - users.extraUsers = { - firefox = { - name = "firefox"; - description = "user for running firefox"; - home = "/home/firefox"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - chromium = { - name = "chromium"; - description = "user for running chromium"; - home = "/home/chromium"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - facebook = { - name = "facebook"; - description = "user for running facebook in chromium"; - home = "/home/facebook"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - google = { - name = "google"; - description = "user for running google+/gmail in chromium"; - home = "/home/google"; - useDefaultShell = true; - createHome = true; - }; - flash = { - name = "flash"; - description = "user for running flash stuff"; - home = "/home/flash"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - }; - - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(firefox) NOPASSWD: ALL - ${mainUser.name} ALL=(chromium) NOPASSWD: ALL - ${mainUser.name} ALL=(facebook) NOPASSWD: ALL - ${mainUser.name} ALL=(google) NOPASSWD: ALL - ${mainUser.name} ALL=(flash) NOPASSWD: ALL - ''; -} diff --git a/2configs/lass/chromium-patched.nix b/2configs/lass/chromium-patched.nix deleted file mode 100644 index 71518177..00000000 --- a/2configs/lass/chromium-patched.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ config, pkgs, ... }: - -#settings to test: -# - #"ForceEphemeralProfiles": true, -let - masterPolicy = pkgs.writeText "master.json" '' - { - "PasswordManagerEnabled": false, - "DefaultGeolocationSetting": 2, - "RestoreOnStartup": 1, - "AutoFillEnabled": false, - "BackgroundModeEnabled": false, - "DefaultBrowserSettingEnabled": false, - "SafeBrowsingEnabled": false, - "ExtensionInstallForcelist": [ - "cjpalhdlnbpafiamejdnhcphjbkeiagm;https://clients2.google.com/service/update2/crx", - "ihlenndgcmojhcghmfjfneahoeklbjjh;https://clients2.google.com/service/update2/crx" - ] - } - ''; - - master_preferences = pkgs.writeText "master_preferences" '' - { - "browser": { - "custom_chrome_frame": true - }, - - "extensions": { - "theme": { - "id": "", - "use_system": true - } - } - } - ''; -in { - environment.etc."chromium/policies/managed/master.json".source = pkgs.lib.mkForce masterPolicy; - - environment.systemPackages = [ - #pkgs.chromium - (pkgs.lib.overrideDerivation pkgs.chromium (attrs: { - buildCommand = attrs.buildCommand + '' - touch $out/TEST123 - ''; - })) - ]; -} diff --git a/2configs/lass/desktop-base.nix b/2configs/lass/desktop-base.nix deleted file mode 100644 index 9b98e4a8..00000000 --- a/2configs/lass/desktop-base.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; -in { - imports = [ - ./base.nix - ]; - - time.timeZone = "Europe/Berlin"; - - virtualisation.libvirtd.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - programs.ssh.startAgent = false; - - security.setuidPrograms = [ "slock" ]; - - services.printing = { - enable = true; - drivers = [ pkgs.foomatic_filters ]; - }; - - environment.systemPackages = with pkgs; [ - - powertop - - #window manager stuff - haskellPackages.xmobar - haskellPackages.yeganesh - dmenu2 - xlibs.fontschumachermisc - ]; - - fonts.fonts = [ - pkgs.xlibs.fontschumachermisc - ]; - - services.xserver = { - enable = true; - - windowManager.xmonad.extraPackages = hspkgs: with hspkgs; [ - X11-xshape - ]; - windowManager.xmonad.enable = true; - windowManager.xmonad.enableContribAndExtras = true; - windowManager.default = "xmonad"; - desktopManager.default = "none"; - desktopManager.xterm.enable = false; - displayManager.slim.enable = true; - displayManager.auto.enable = true; - displayManager.auto.user = mainUser.name; - - layout = "us"; - xkbModel = "evdev"; - xkbVariant = "altgr-intl"; - }; - -} diff --git a/2configs/lass/elster.nix b/2configs/lass/elster.nix deleted file mode 100644 index 1edd0189..00000000 --- a/2configs/lass/elster.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; - -in { - users.extraUsers = { - elster = { - name = "elster"; - description = "user for running elster-online"; - home = "/home/elster"; - useDefaultShell = true; - extraGroups = []; - createHome = true; - }; - }; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(elster) NOPASSWD: ALL - ''; -} diff --git a/2configs/lass/fastpoke-pages.nix b/2configs/lass/fastpoke-pages.nix deleted file mode 100644 index 74e92ccc..00000000 --- a/2configs/lass/fastpoke-pages.nix +++ /dev/null @@ -1,97 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - createStaticPage = domain: - { - krebs.nginx.servers."${domain}" = { - server-names = [ - "${domain}" - "www.${domain}" - ]; - locations = [ - (nameValuePair "/" '' - root /var/lib/http/${domain}; - '') - ]; - }; - #networking.extraHosts = '' - # 10.243.206.102 ${domain} - #''; - }; - -in { - imports = [ - ../../3modules/lass/iptables.nix - ] ++ map createStaticPage [ - "habsys.de" - "pixelpocket.de" - "karlaskop.de" - "ubikmedia.de" - "apanowicz.de" - ]; - - lass.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-p tcp --dport http"; target = "ACCEPT"; } - ]; - }; - }; - - - krebs.nginx = { - enable = true; - servers = { - - #"habsys.de" = { - # server-names = [ - # "habsys.de" - # "www.habsys.de" - # ]; - # locations = [ - # (nameValuePair "/" '' - # root /var/lib/http/habsys.de; - # '') - # ]; - #}; - - #"karlaskop.de" = { - # server-names = [ - # "karlaskop.de" - # "www.karlaskop.de" - # ]; - # locations = [ - # (nameValuePair "/" '' - # root /var/lib/http/karlaskop.de; - # '') - # ]; - #}; - - #"pixelpocket.de" = { - # server-names = [ - # "pixelpocket.de" - # "www.karlaskop.de" - # ]; - # locations = [ - # (nameValuePair "/" '' - # root /var/lib/http/karlaskop.de; - # '') - # ]; - #}; - - }; - }; - - #services.postgresql = { - # enable = true; - #}; - - #config.services.vsftpd = { - # enable = true; - # userlistEnable = true; - # userlistFile = pkgs.writeFile "vsftpd-userlist" '' - # ''; - #}; -} diff --git a/2configs/lass/games.nix b/2configs/lass/games.nix deleted file mode 100644 index 6043a875..00000000 --- a/2configs/lass/games.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; - -in { - environment.systemPackages = with pkgs; [ - dwarf_fortress - ]; - - users.extraUsers = { - games = { - name = "games"; - description = "user playing games"; - home = "/home/games"; - extraGroups = [ "audio" "video" "input" ]; - createHome = true; - useDefaultShell = true; - }; - }; - - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(games) NOPASSWD: ALL - ''; -} diff --git a/2configs/lass/gitolite-base.nix b/2configs/lass/gitolite-base.nix deleted file mode 100644 index b4762995..00000000 --- a/2configs/lass/gitolite-base.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ config, ... }: - -{ - services.gitolite = { - mutable = false; - keys = { - lass = config.sshKeys.lass.pub; - uriel = config.sshKeys.uriel.pub; - }; - rc = '' - %RC = ( - UMASK => 0077, - GIT_CONFIG_KEYS => "", - LOG_EXTRA => 1, - ROLES => { - READERS => 1, - WRITERS => 1, - }, - LOCAL_CODE => "$ENV{HOME}/.gitolite", - ENABLE => [ - 'help', - 'desc', - 'info', - 'perms', - 'writable', - 'ssh-authkeys', - 'git-config', - 'daemon', - 'gitweb', - 'repo-specific-hooks', - ], - ); - 1; - ''; - - repoSpecificHooks = { - irc-announce = '' - #! /bin/sh - set -euf - - config_file="$GL_ADMIN_BASE/conf/irc-announce.conf" - if test -f "$config_file"; then - . "$config_file" - fi - - # XXX when changing IRC_CHANNEL or IRC_SERVER/_PORT, don't forget to update - # any relevant gitolite LOCAL_CODE! - # CAVEAT we hope that IRC_NICK is unique - IRC_NICK="''${IRC_NICK-gl$GL_TID}" - IRC_CHANNEL="''${IRC_CHANNEL-#retiolum}" - IRC_SERVER="''${IRC_SERVER-ire.retiolum}" - IRC_PORT="''${IRC_PORT-6667}" - - # for privmsg_cat below - export IRC_CHANNEL - - # collect users that are mentioned in the gitolite configuration - interested_users="$(perl -e ' - do "gl-conf"; - print join(" ", keys%{ $one_repo{$ENV{"GL_REPO"}} }); - ')" - - # CAVEAT beware of real TABs in grep pattern! - # CAVEAT there will never be more than 42 relevant log entries! - tab=$(printf '\x09') - log="$(tail -n 42 "$GL_LOGFILE" | grep "^[^$tab]*$tab$GL_TID$tab" || :)" - - update_log="$(echo "$log" | grep "^[^$tab]*$tab$GL_TID''${tab}update")" - - # (debug output) - env | sed 's/^/env: /' - echo "$log" | sed 's/^/log: /' - - # see http://gitolite.com/gitolite/dev-notes.html#lff - reponame=$(echo "$update_log" | cut -f 4) - username=$(echo "$update_log" | cut -f 5) - ref_name=$(echo "$update_log" | cut -f 7 | sed 's|^refs/heads/||') - old_sha=$(echo "$update_log" | cut -f 8) - new_sha=$(echo "$update_log" | cut -f 9) - - # check if new branch is created - if test $old_sha = 0000000000000000000000000000000000000000; then - # TODO what should we really show? - old_sha=$new_sha^ - fi - - # - git_log="$(git log $old_sha..$new_sha --pretty=oneline --abbrev-commit)" - commit_count=$(echo "$git_log" | wc -l) - - # echo2 and cat2 are used output to both, stdout and stderr - # This is used to see what we send to the irc server. (debug output) - echo2() { echo "$*"; echo "$*" >&2; } - cat2() { tee /dev/stderr; } - - # privmsg_cat transforms stdin to a privmsg - privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; } - - # ircin is used to feed the output of netcat back to the "irc client" - # so we can implement expect-like behavior with sed^_^ - # XXX mkselfdestructingtmpfifo would be nice instead of this cruft - tmpdir="$(mktemp -d irc-announce_XXXXXXXX)" - cd "$tmpdir" - mkfifo ircin - trap " - rm ircin - cd '$OLDPWD' - rmdir '$tmpdir' - trap - EXIT INT QUIT - " EXIT INT QUIT - - # - # - # - { - echo2 "USER $LOGNAME 0 * :$LOGNAME@$(hostname)" - echo2 "NICK $IRC_NICK" - - # wait for MODE message - sed -n '/^:[^ ]* MODE /q' - - echo2 "JOIN $IRC_CHANNEL" - - echo "$interested_users" \ - | tr ' ' '\n' \ - | grep -v "^$GL_USER" \ - | sed 's/$/: poke/' \ - | privmsg_cat \ - | cat2 - - printf '[\x0313%s\x03] %s pushed %s new commit%s to \x036%s %s\x03\n' \ - "$reponame" \ - "$username" \ - "$commit_count" \ - "$(test $commit_count = 1 || echo s)" \ - "$(hostname)" \ - "$ref_name" \ - | privmsg_cat \ - | cat2 - - echo "$git_log" \ - | sed 's/^/\x0314/;s/ /\x03 /' \ - | privmsg_cat \ - | cat2 - - echo2 "PART $IRC_CHANNEL" - - # wait for PART confirmation - sed -n '/:'"$IRC_NICK"'![^ ]* PART /q' - - echo2 'QUIT :Gone to have lunch' - } < ircin \ - | nc "$IRC_SERVER" "$IRC_PORT" | tee -a ircin - ''; - }; - customFiles = [ - { - path = ".gitolite/conf/irc-announce.conf"; - file = '' - IRC_NICK="$(hostname)$GL_TID" - case "$GL_REPO" in - brain|painload|services|load-env|config) - IRC_CHANNEL='#retiolum' - ;; - *) - IRC_CHANNEL='&testing' - ;; - esac - ''; - } - ]; - }; -} diff --git a/2configs/lass/identity.nix b/2configs/lass/identity.nix deleted file mode 100644 index bfaad14d..00000000 --- a/2configs/lass/identity.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ config, ... }: - -{ - imports = [ ../../3modules/tv/identity.nix ]; - tv.identity = { - enable = true; - search = "retiolum"; - hosts = { - cloudkrebs = { - cores = 1; - dc = "lass"; #dc = "cac"; - nets = rec { - internet = { - addrs4 = ["104.167.113.104"]; - aliases = [ - "cloudkrebs.internet" - ]; - }; - retiolum = { - via = internet; - addrs4 = ["10.243.206.102"]; - addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f762"]; - aliases = [ - "cloudkrebs.retiolum" - "cgit.cloudkrebs.retiolum" - "habsys.de" - "pixelpocket.de" - "karlaskop.de" - "ubikmedia.de" - "apanowicz.de" - "aidsballs.de" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAttUygCu7G6lIA9y+9rfTpLKIy2UgNDglUVoKZYLs8JPjtAtQVbtA - OcWwwPc8ijLQvwJWa8e/shqSzSIrtOe+HJbRGdXLdBLtOuLKpz+ZFHcS+95RS5aF - QTehg+QY7pvhbrrwKX936tkMR568suTQG6C8qNC/5jWYO/wIxFMhnQ2iRRKQOq1v - 3aGGPC16KeXKVioY9KoV98S3n1rZW1JK07CIsZU4qb5txtLlW6FplJ7UmhVku1WC - sgOOj9yi6Zk1t8R2Pwv9gxa3Hc270voj5U+I2hgLV/LjheE8yhQgYHEA4vXerPdO - TGSATlSmMtE2NYGrKsLM7pKn286aSpXinwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - }; - }; -} diff --git a/2configs/lass/ircd.nix b/2configs/lass/ircd.nix deleted file mode 100644 index f71b769f..00000000 --- a/2configs/lass/ircd.nix +++ /dev/null @@ -1,92 +0,0 @@ -{ config, pkgs, ... }: - -{ - config.services.charybdis = { - enable = true; - config = '' - serverinfo { - name = "ire.irc.retiolum"; - sid = "4z3"; - description = "miep!"; - network_name = "irc.retiolum"; - network_desc = "Retiolum IRC Network"; - hub = yes; - - vhost = "0.0.0.0"; - vhost6 = "::"; - - #ssl_private_key = "etc/ssl.key"; - #ssl_cert = "etc/ssl.cert"; - #ssl_dh_params = "etc/dh.pem"; - #ssld_count = 1; - - default_max_clients = 10000; - #nicklen = 30; - }; - - listen { - defer_accept = yes; - - /* If you want to listen on a specific IP only, specify host. - * host definitions apply only to the following port line. - */ - host = "0.0.0.0"; - port = 6667; - sslport = 6697; - - /* Listen on IPv6 (if you used host= above). */ - host = "::"; - port = 6667; - sslport = 9999; - }; - - class "users" { - ping_time = 2 minutes; - number_per_ident = 200; - number_per_ip = 200; - number_per_ip_global = 500; - cidr_ipv4_bitlen = 24; - cidr_ipv6_bitlen = 64; - number_per_cidr = 9000; - max_number = 10000; - sendq = 400 kbytes; - }; - - exempt { - ip = "127.0.0.1"; - }; - - auth { - user = "*@*"; - class = "users"; - flags = exceed_limit; - }; - - channel { - use_invex = yes; - use_except = yes; - use_forward = yes; - use_knock = yes; - knock_delay = 5 minutes; - knock_delay_channel = 1 minute; - max_chans_per_user = 15; - max_bans = 100; - max_bans_large = 500; - default_split_user_count = 0; - default_split_server_count = 0; - no_create_on_split = no; - no_join_on_split = no; - burst_topicwho = yes; - kick_on_split_riding = no; - only_ascii_channels = no; - resv_forcepart = yes; - channel_target_change = yes; - disable_local_channels = no; - }; - general { - #maybe we want ident someday? - disable_auth = yes; - }; - ''; - }; -} diff --git a/2configs/lass/mors/repos.nix b/2configs/lass/mors/repos.nix deleted file mode 100644 index 1f7f3345..00000000 --- a/2configs/lass/mors/repos.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ ... }: - -{ - imports = [ - ../lass/gitolite-base.nix - ../common/krebs-keys.nix - ../common/krebs-repos.nix - ]; - - services.gitolite = { - repos = { - - config = { - users = { - lass = "RW+"; - uriel = "R"; - tv = "R"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - }; - - pass = { - users = { - lass = "RW+"; - uriel = "R"; - }; - }; - - load-env = { - users = { - lass = "RW+"; - uriel = "R"; - tv = "R"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - }; - - emse-drywall = { - users = { - lass = "RW+"; - uriel = "R"; - tv = "R"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - }; - - emse-hsdb = { - users = { - lass = "RW+"; - uriel = "R"; - tv = "R"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - }; - - brain = { - users = { - lass = "RW+"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - #hooks.post-receive = irc-announce; - }; - - painload = { - users = { - lass = "RW+"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - }; - - services = { - users = { - lass = "RW+"; - }; - extraConfig = "option hook.post-receive = irc-announce"; - }; - - xmonad-config = { - users = { - lass = "RW+"; - uriel = "R"; - }; - }; - - }; - }; -} diff --git a/2configs/lass/mors/retiolum.nix b/2configs/lass/mors/retiolum.nix deleted file mode 100644 index 1148bee9..00000000 --- a/2configs/lass/mors/retiolum.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../tv/retiolum - ]; - - tv.retiolum = { - enable = true; - hosts = <retiolum-hosts>; - privateKeyFile = "/etc/nixos/secrets/mors.retiolum.rsa_key.priv"; - connectTo = [ - "fastpoke" - "gum" - "ire" - ]; - }; - |