summaryrefslogtreecommitdiffstats
path: root/jeschli/1systems/bln
diff options
context:
space:
mode:
authorlassulus <lass@blue.r>2018-09-29 19:07:07 +0200
committerlassulus <lass@blue.r>2018-09-29 19:07:07 +0200
commitb9380d6aba5f4ad04cedc4fb6a4213949791e830 (patch)
tree84b386b3c68aa46d982d3018984519914952e9d8 /jeschli/1systems/bln
parentd04fa5351158f91f8c38f1b0cc072def3f357e05 (diff)
parent6cf8b42c0bf5b256db0bcd3c051c528052cfe5b2 (diff)
Merge remote-tracking branch 'enklave/master'
Diffstat (limited to 'jeschli/1systems/bln')
-rw-r--r--jeschli/1systems/bln/config.nix173
-rw-r--r--jeschli/1systems/bln/dcso-vpn.nix44
-rw-r--r--jeschli/1systems/bln/hardware-configuration.nix35
3 files changed, 0 insertions, 252 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
deleted file mode 100644
index 6e3c3bec8..000000000
--- a/jeschli/1systems/bln/config.nix
+++ /dev/null
@@ -1,173 +0,0 @@
-{ config, lib, pkgs, ... }:
-# bln config file
-{
- imports = [
- ./hardware-configuration.nix
- <stockholm/jeschli>
- <stockholm/jeschli/2configs/virtualbox.nix>
- <stockholm/jeschli/2configs/urxvt.nix>
- <stockholm/jeschli/2configs/emacs.nix>
- <stockholm/jeschli/2configs/xdg.nix>
- <stockholm/jeschli/2configs/xserver>
-# <stockholm/jeschli/1systems/bln/dcso-vpn.nix>
- <stockholm/jeschli/2configs/officevpn.nix>
- ];
-
-# boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
- boot.loader.efi.efiSysMountPoint = "/boot";
- boot.loader.grub = {
- devices = [ "nodev" ];
- efiSupport = true;
- enable = true;
- extraEntries = ''
- menuentry "Debian" {
- insmod ext2
- insmod chain
- chainloader /EFI/debian/grubx64.efi
- }
- '';
- version = 2;
- };
-
- jeschliFontSize = 20;
-
- environment.shellAliases = {
- n = "nix-shell";
- gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
- gh = "cd /home/markus/go/src/github.com";
- stocki = pkgs.writeDash "deploy" ''
- cd ~/stockholm
- LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
- '';
- };
- networking.hostName = lib.mkForce "BLN02NB0232";
- networking.networkmanager.enable = true;
-
- # Set your time zone.
- time.timeZone = "Europe/Berlin";
-
- # Setup Packages
- nixpkgs.config.allowUnfree = true;
- environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
- environment.systemPackages = with pkgs; [
- termite
- # system helper
- ag
- copyq
- dmenu
- git
- tig
- i3lock
- keepass
- networkmanagerapplet
- rsync
- terminator
- tmux
- wget
- rxvt_unicode
- # editors
- emacs
- # databases
- sqlite
- # internet
- thunderbird
- chromium
- google-chrome
- # programming languages
- elmPackages.elm
- go
- gcc
- ghc
- python35
- python35Packages.pip
- # go tools
- golint
- gotools
- # dev tools
- gnumake
- jetbrains.pycharm-professional
- jetbrains.webstorm
- jetbrains.goland
- jetbrains.datagrip
- texlive.combined.scheme-full
- pandoc
- redis
- vagrant
- # document viewer
- zathura
-
- samba
- ];
-
-
- programs.bash.enableCompletion = true;
- programs.vim.defaultEditor = true;
-
- services.openssh.enable = true;
-
- # Enable CUPS to print documents.
- services.printing.enable = true;
- services.printing.drivers = [ pkgs.postscript-lexmark ];
-
- services.redis.enable = true;
-
- services.xserver = {
-
- desktopManager.session = lib.mkForce [];
-
- enable = true;
- display = 11;
- tty = 11;
-
- dpi = 200;
-
- videoDrivers = [ "nvidia" ];
- synaptics = {
- enable = false;
- };
-
- };
-
-
- users.extraUsers.jeschli = {
- isNormalUser = true;
- extraGroups = ["docker" "vboxusers" "audio"];
- uid = 1000;
- };
-
- system.stateVersion = "17.09";
- # Gogland Debugger workaround
- # nixpkgs.config.packageOverrides = super: {
- # idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
- # postFixup = ''
- # interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
- # patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
- # chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
- # '';
- # });
- # };
-
- virtualisation.docker.enable = true;
-
- # DCSO Certificates
- security.pki.certificateFiles = [
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
-
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
- ];
-
-
- hardware.bluetooth.enable = true;
- krebs.build.host = config.krebs.hosts.bln;
-
- networking.interfaces.enp0s31f6.ipv4.addresses = [
- { address = "10.99.23.2"; prefixLength = 24; }
- ];
-
-}
diff --git a/jeschli/1systems/bln/dcso-vpn.nix b/jeschli/1systems/bln/dcso-vpn.nix
deleted file mode 100644
index 0a5623bf0..000000000
--- a/jeschli/1systems/bln/dcso-vpn.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-with import <stockholm/lib>;
-{ ... }:
-
-{
-
- users.extraUsers = {
- dcsovpn = rec {
- name = "dcsovpn";
- uid = genid "dcsovpn";
- description = "user for running dcso openvpn";
- home = "/home/${name}";
- };
- };
-
- users.extraGroups.dcsovpn.gid = genid "dcsovpn";
-
- services.openvpn.servers = {
- dcso = {
- config = ''
- client
- dev tun
- tun-mtu 1356
- mssfix
- proto udp
- float
- remote 217.111.55.41 1194
- nobind
- user dcsovpn
- group dcsovpn
- persist-key
- persist-tun
- ca ${toString <secrets/dcsovpn/ca.pem>}
- cert ${toString <secrets/dcsovpn/cert.pem>}
- key ${toString <secrets/dcsovpn/cert.key>}
- verb 3
- mute 20
- auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
- route-method exe
- route-delay 2
- '';
- updateResolvConf = true;
- };
- };
-}
diff --git a/jeschli/1systems/bln/hardware-configuration.nix b/jeschli/1systems/bln/hardware-configuration.nix
deleted file mode 100644
index 35f0b3bca..000000000
--- a/jeschli/1systems/bln/hardware-configuration.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
- imports =
- [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
- ];
-
- boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ];
- boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [ ];
-
- boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d";
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac";
- fsType = "ext4";
- };
-
- fileSystems."/home" =
- { device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea";
- fsType = "ext4";
- };
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/927E-01A0";
- fsType = "vfat";
- };
-
- swapDevices = [ ];
-
- nix.maxJobs = lib.mkDefault 8;
- powerManagement.cpuFreqGovernor = "powersave";
-
- hardware.pulseaudio.enable = true;
-}