diff options
| author | lassulus <lass@aidsballs.de> | 2015-08-02 21:13:47 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2015-08-02 21:13:47 +0200 |
| commit | b4606691878584d39018834354ef9e4a6048f4c4 (patch) | |
| tree | f10d92612b2cc0a55608c0c948daa3a411180f7f | |
| parent | 9756bedf5286fe716740d8f224b5c4094843f984 (diff) | |
| parent | 7e00495a4839777e2afcdfc6f63695bb23af6e50 (diff) | |
Merge branch 'tv' into newmaster
| -rw-r--r-- | makefu/1systems/pnp.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/repunit.nix | 63 | ||||
| -rw-r--r-- | tv/2configs/base.nix | 2 |
3 files changed, 66 insertions, 1 deletions
diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 4c4ce716..54965898 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -40,6 +40,8 @@ # networking.firewall is enabled by default networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.rejectPackets = true; + networking.firewall.allowPing = true; fileSystems."/" = { device = "/dev/disk/by-label/nixos"; diff --git a/makefu/1systems/repunit.nix b/makefu/1systems/repunit.nix new file mode 100644 index 00000000..7596a3d5 --- /dev/null +++ b/makefu/1systems/repunit.nix @@ -0,0 +1,63 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + <nixpkgs/nixos/modules/profiles/qemu-guest.nix> + ../2configs/base.nix + ../2configs/cgit-retiolum.nix + ]; + krebs.build.host = config.krebs.hosts.repunit; + krebs.build.user = config.krebs.users.makefu; + krebs.build.target = "root@repunit"; + + krebs.build.deps = { + nixpkgs = { + url = https://github.com/NixOS/nixpkgs; + rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870"; + }; + secrets = { + url = "/home/makefu/secrets/${config.krebs.build.host.name}"; + }; + stockholm = { + url = toString ../..; + }; + }; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/vda"; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + hardware.enableAllFirmware = true; + hardware.cpu.amd.updateMicrocode = true; + +# networking.firewall is enabled by default + networking.firewall.allowedTCPPorts = [ 80 ]; + networking.firewall.allowPing = true; + + fileSystems."/" = + { device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + krebs.retiolum = { + enable = true; + hosts = ../../Zhosts; + connectTo = [ + "gum" + "pigstarter" + "fastpoke" + ]; + }; + +# $ nix-env -qaP | grep wget + environment.systemPackages = with pkgs; [ + jq + ]; +} diff --git a/tv/2configs/base.nix b/tv/2configs/base.nix index 997d4c23..89a66115 100644 --- a/tv/2configs/base.nix +++ b/tv/2configs/base.nix @@ -90,7 +90,7 @@ in rxvt_unicode.terminfo ]; - environment.shellAliases = { + environment.shellAliases = mkForce { # alias cal='cal -m3' gp = "${pkgs.pari}/bin/gp -q"; df = "df -h"; |