summaryrefslogtreecommitdiffstats
path: root/jeschli/2configs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-01-16 20:19:27 +0100
committertv <tv@krebsco.de>2018-01-16 20:19:27 +0100
commitcc4e5322aeca08d121b7769517136b05d7e391ca (patch)
tree8d8757d91cd631c58d30cb98589973a4983e9d4a /jeschli/2configs
parent1c06f938b3d4e4e036184639ecdcadec27b5d8f8 (diff)
parent74d1531be988057ccadd3de5184d915dcf84c92d (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'jeschli/2configs')
-rw-r--r--jeschli/2configs/default.nix2
-rw-r--r--jeschli/2configs/os-templates/CentOS-7-64bit.nix16
-rw-r--r--jeschli/2configs/retiolum.nix4
3 files changed, 22 insertions, 0 deletions
diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix
index 7fb240951..6d788d283 100644
--- a/jeschli/2configs/default.nix
+++ b/jeschli/2configs/default.nix
@@ -4,6 +4,7 @@ with import <stockholm/lib>;
imports = [
./vim.nix
./retiolum.nix
+ <stockholm/lass/2configs/security-workarounds.nix>
{
environment.variables = {
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
@@ -63,4 +64,5 @@ with import <stockholm/lib>;
];
krebs.enable = true;
+ networking.hostName = config.krebs.build.host.name;
}
diff --git a/jeschli/2configs/os-templates/CentOS-7-64bit.nix b/jeschli/2configs/os-templates/CentOS-7-64bit.nix
new file mode 100644
index 000000000..fb34e94e2
--- /dev/null
+++ b/jeschli/2configs/os-templates/CentOS-7-64bit.nix
@@ -0,0 +1,16 @@
+_:
+
+{
+ imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
+
+ boot.loader.grub = {
+ device = "/dev/sda";
+ splashImage = null;
+ };
+ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
+
+ fileSystems."/" = {
+ device = "/dev/sda1";
+ fsType = "ext4";
+ };
+}
diff --git a/jeschli/2configs/retiolum.nix b/jeschli/2configs/retiolum.nix
index 403300b30..b611cbe7d 100644
--- a/jeschli/2configs/retiolum.nix
+++ b/jeschli/2configs/retiolum.nix
@@ -9,6 +9,7 @@
"gum"
"ni"
"dishfire"
+ "enklave"
];
};
@@ -16,6 +17,9 @@
tinc = pkgs.tinc_pre;
};
+ networking.firewall.allowedTCPPorts = [ 655 ];
+ networking.firewall.allowedUDPPorts = [ 655 ];
+
environment.systemPackages = [
pkgs.tinc
];