summaryrefslogtreecommitdiffstats
path: root/lass/1systems/helios
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-08-29 01:38:45 +0200
committertv <tv@krebsco.de>2018-08-29 01:38:45 +0200
commit000f2a7c9123fcd4b110c6c220570758d556c837 (patch)
tree8464e80b13adce3b5958ad6e9bcebc8a4f559cd9 /lass/1systems/helios
parent16ad5fb0a835a1022656253ae838e83fa024e692 (diff)
parent413e0689acd4f6b322f9996950927ebd41d0e58c (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems/helios')
-rw-r--r--lass/1systems/helios/config.nix105
-rw-r--r--lass/1systems/helios/physical.nix64
-rw-r--r--lass/1systems/helios/source.nix4
3 files changed, 1 insertions, 172 deletions
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 5657742a6..68acf12b8 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -1,110 +1,7 @@
with import <stockholm/lib>;
-{ config, lib, pkgs, ... }:
-
+{ pkgs, ... }:
{
- imports = [
- <stockholm/lass>
- <stockholm/lass/2configs/baseX.nix>
- <stockholm/lass/2configs/browsers.nix>
- <stockholm/lass/2configs/mouse.nix>
- <stockholm/lass/2configs/pass.nix>
- <stockholm/lass/2configs/retiolum.nix>
- <stockholm/lass/2configs/otp-ssh.nix>
- # TODO fix krebs.git.rules.[definition 2-entry 2].lass not defined
- #<stockholm/lass/2configs/git.nix>
- #<stockholm/lass/2configs/dcso-vpn.nix>
- <stockholm/lass/2configs/virtualbox.nix>
- <stockholm/lass/2configs/dcso-dev.nix>
- <stockholm/lass/2configs/steam.nix>
- <stockholm/lass/2configs/rtl-sdr.nix>
- <stockholm/lass/2configs/backup.nix>
- {
- services.xserver.dpi = 200;
- fonts.fontconfig.dpi = 200;
- lass.fonts.regular = "xft:Hack-Regular:pixelsize=22,xft:Symbola";
- lass.fonts.bold = "xft:Hack-Bold:pixelsize=22,xft:Symbola";
- lass.fonts.italic = "xft:Hack-RegularOblique:pixelsize=22,xft:Symbol";
- }
- { #TAPIR, AGATIS, sentral, a3 - foo
- services.redis.enable = true;
- }
- {
- krebs.fetchWallpaper = {
- enable = true;
- url = "http://i.imgur.com/0ktqxSg.png";
- maxTime = 9001;
- };
- }
- {
- #urban terror port
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 27960"; target = "ACCEPT"; }
- { predicate = "-p udp --dport 27960"; target = "ACCEPT"; }
- ];
- }
- ];
- krebs.build.host = config.krebs.hosts.helios;
-
- krebs.git.rules = [
- {
- user = [ config.krebs.users.lass-helios ];
- repo = [ config.krebs.git.repos.stockholm ];
- perm = with git; push "refs/heads/*" [ fast-forward non-fast-forward create delete merge ];
- }
- {
- lass.umts = {
- enable = true;
- modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09";
- initstrings = ''
- Init1 = AT+CFUN=1
- Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
- '';
- };
- }
- ];
-
environment.systemPackages = with pkgs; [
- ag
- vim
- git
- rsync
- hashPassword
- thunderbird
dpass
-
- # we want tensorflow! (with GPU acceleration)
- python3Packages.tensorflowWithCuda
- ];
-
- users.users = {
- root.openssh.authorizedKeys.keys = [
- config.krebs.users.lass-helios.pubkey
- ];
- };
-
- services.tlp.enable = true;
-
- networking.hostName = lib.mkForce "BLN02NB0162";
-
- security.pki.certificateFiles = [
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
-
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
- (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
];
-
- programs.adb.enable = true;
- users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
-
- services.printing.drivers = [ pkgs.postscript-lexmark ];
-
- services.logind.extraConfig = ''
- HandleLidSwitch=ignore
- '';
-
- virtualisation.docker.enable = true;
}
diff --git a/lass/1systems/helios/physical.nix b/lass/1systems/helios/physical.nix
deleted file mode 100644
index a5212454f..000000000
--- a/lass/1systems/helios/physical.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{ pkgs, ... }:
-{
- imports = [
- ./config.nix
- { # automatic hardware detection
- boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
- boot.kernelModules = [ "kvm-intel" ];
-
- fileSystems."/" = {
- device = "/dev/pool/root";
- fsType = "btrfs";
- };
-
- fileSystems."/boot" = {
- device = "/dev/disk/by-uuid/1F60-17C6";
- fsType = "vfat";
- };
-
- fileSystems."/home" = {
- device = "/dev/pool/home";
- fsType = "btrfs";
- };
-
- fileSystems."/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
- }
- { # crypto stuff
- boot.initrd.luks = {
- cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
- devices = [{
- name = "luksroot";
- device = "/dev/nvme0n1p3";
- }];
- };
- }
- ];
-
- # Use the systemd-boot EFI boot loader.
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
-
- networking.wireless.enable = true;
- hardware.enableRedistributableFirmware = true;
-
-
- services.udev.extraRules = ''
- SUBSYSTEM=="net", ATTR{address}=="f8:59:71:a9:05:65", NAME="wl0"
- SUBSYSTEM=="net", ATTR{address}=="54:e1:ad:4f:06:83", NAME="et0"
- '';
-
- services.xserver.videoDrivers = [ "nvidia" ];
- services.xserver.xrandrHeads = [
- { output = "DP-2"; primary = true; }
- { output = "DP-4"; monitorConfig = ''Option "Rotate" "left"''; }
- { output = "DP-0"; }
- ];
-
- services.xserver.displayManager.sessionCommands = ''
- ${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --scale 0.5x0.5 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal
- '';
-}
diff --git a/lass/1systems/helios/source.nix b/lass/1systems/helios/source.nix
deleted file mode 100644
index bfe4dca4c..000000000
--- a/lass/1systems/helios/source.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-import <stockholm/lass/source.nix> {
- name = "helios";
- secure = true;
-}