diff options
author | makefu <github@syntax-fehler.de> | 2021-06-06 19:15:44 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2021-06-06 19:15:44 +0200 |
commit | 74058abe0b5da0753c2167d6bab29eb1eae88366 (patch) | |
tree | 748e9e75c0498161629597f7469933e69303168b | |
parent | 88a845f7a1a037bf6bcf23863d41f36c4cedcd7e (diff) | |
parent | a5bc9126db72f59062ff9d6a72b2fa35437b42cb (diff) |
Merge branch '21.05'
122 files changed, 607 insertions, 594 deletions
diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix index 3780e0d7..bb273652 100644 --- a/krebs/2configs/hw/x220.nix +++ b/krebs/2configs/hw/x220.nix @@ -22,8 +22,6 @@ with import <stockholm/lib>; pkgs.vaapiVdpau ]; - security.rngd.enable = mkDefault true; - services.xserver = { videoDriver = "intel"; }; diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index d4ac9e42..d26aa596 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -61,7 +61,7 @@ }; privset "op" { - privs = oper:admin; + privs = oper:admin, oper:general; }; operator "aids" { diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix index 2da3e6fc..84a39f95 100644 --- a/krebs/2configs/news.nix +++ b/krebs/2configs/news.nix @@ -68,6 +68,7 @@ wantedBy = [ "multi-user.target" ]; }; + systemd.services.brockman.bindsTo = [ "solanum.service" ]; systemd.services.brockman.serviceConfig.LimitNOFILE = 16384; systemd.services.brockman.environment.BROCKMAN_LOG_LEVEL = "DEBUG"; krebs.brockman = { diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 2823aabe..14e0a3d7 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -119,6 +119,7 @@ in { users.users.reaktor2 = { uid = genid_uint31 "reaktor2"; home = stateDir; + isSystemUser = true; }; krebs.reaktor2 = { diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix index 48156471..95145020 100644 --- a/krebs/2configs/shack/muell_mail.nix +++ b/krebs/2configs/shack/muell_mail.nix @@ -12,6 +12,7 @@ let in { users.users.muell_mail = { inherit home; + isSystemUser = true; createHome = true; }; systemd.services.muell_mail = { diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix index e894b939..b032b429 100644 --- a/krebs/2configs/shack/muellshack.nix +++ b/krebs/2configs/shack/muellshack.nix @@ -13,6 +13,7 @@ let in { users.users.muellshack = { inherit home; + isSystemUser = true; createHome = true; }; services.nginx.virtualHosts."muell.shack" = { diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix index 4a981ea8..2e69d5aa 100644 --- a/krebs/2configs/shack/node-light.nix +++ b/krebs/2configs/shack/node-light.nix @@ -14,6 +14,7 @@ in { networking.firewall.allowedUDPPorts = [ 2342 ]; users.users.node-light = { inherit home; + isSystemUser = true; createHome = true; }; services.nginx.virtualHosts."lounge.light.shack" = { diff --git a/krebs/2configs/shack/powerraw.nix b/krebs/2configs/shack/powerraw.nix index cc3692e8..43c74358 100644 --- a/krebs/2configs/shack/powerraw.nix +++ b/krebs/2configs/shack/powerraw.nix @@ -14,7 +14,10 @@ let in { # receive response from light.shack / standby.shack networking.firewall.allowedUDPPorts = [ 11111 ]; - users.users.powermeter.extraGroups = [ "dialout" ]; + users.users.powermeter = { + extraGroups = [ "dialout" ]; + isSystemUser = true; + }; # we make sure that usb-ttl has the correct permissions # creates /dev/powerraw |