summaryrefslogtreecommitdiffstats
path: root/lass/1systems
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2020-10-03 13:44:30 +0200
committertv <tv@krebsco.de>2020-10-03 13:44:30 +0200
commitd1e52425e0d5d79a33b11c92cc2afb498075d953 (patch)
tree29277982f014eaae680e006b6afc7fdb42e8d9b2 /lass/1systems
parent654f64f05935a69607a540f2e8d15619cee9e15e (diff)
parent7e7499d86302d261c8f8404fb34f2ac091318d0e (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems')
-rw-r--r--lass/1systems/blue/config.nix21
-rw-r--r--lass/1systems/morpheus/config.nix1
-rw-r--r--lass/1systems/mors/config.nix2
-rw-r--r--lass/1systems/mors/physical.nix2
-rw-r--r--lass/1systems/prism/config.nix9
-rw-r--r--lass/1systems/prism/physical.nix10
-rw-r--r--lass/1systems/shodan/physical.nix2
-rwxr-xr-xlass/1systems/wizard/run-vm.sh7
-rw-r--r--lass/1systems/wizard/test.nix2
-rw-r--r--lass/1systems/xerxes/config.nix26
-rw-r--r--lass/1systems/yellow/config.nix26
11 files changed, 59 insertions, 49 deletions
diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix
index c46bb351e..f6dc23d20 100644
--- a/lass/1systems/blue/config.nix
+++ b/lass/1systems/blue/config.nix
@@ -17,27 +17,6 @@ with import <stockholm/lib>;
networking.nameservers = [ "1.1.1.1" ];
- services.restic.backups = genAttrs [
- "daedalus"
- "icarus"
- "littleT"
- "prism"
- "shodan"
- "skynet"
- ] (dest: {
- initialize = true;
- extraOptions = [
- "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
- ];
- repository = "sftp:backup@${dest}.r:/backups/blue";
- passwordFile = (toString <secrets>) + "/restic/${dest}";
- timerConfig = { OnCalendar = "00:05"; RandomizedDelaySec = "5h"; };
- paths = [
- "/home/"
- "/var/lib"
- ];
- });
-
time.timeZone = "Europe/Berlin";
users.users.mainUser.openssh.authorizedKeys.keys = [ config.krebs.users.lass-android.pubkey ];
}
diff --git a/lass/1systems/morpheus/config.nix b/lass/1systems/morpheus/config.nix
index c3a8ea6c8..79fbe4c97 100644
--- a/lass/1systems/morpheus/config.nix
+++ b/lass/1systems/morpheus/config.nix
@@ -18,6 +18,7 @@ with import <stockholm/lib>;
gitAndTools.hub
nix-review
firefox
+ ag
];
services.openssh.forwardX11 = true;
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index c1ceb0633..b03d95c49 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -126,8 +126,6 @@ with import <stockholm/lib>;
remmina
transmission
- iodine
-
macchanger
dpass
diff --git a/lass/1systems/mors/physical.nix b/lass/1systems/mors/physical.nix
index 2f3a68442..a9108104b 100644
--- a/lass/1systems/mors/physical.nix
+++ b/lass/1systems/mors/physical.nix
@@ -23,7 +23,7 @@
services.udev.extraRules = ''
SUBSYSTEM=="net", DEVPATH=="/devices/pci*/*1c.1/*/net/*", NAME="wl0"
- SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:4f:42:35", NAME="et0"
+ SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:37:15:d9", NAME="et0"
'';
#TODO activationScripts seem broken, fix them!
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 33ec21e72..b335353be 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -272,9 +272,9 @@ with import <stockholm/lib>;
resolveLocalQueries = false;
extraConfig= ''
- listen-address=42:1:ce16::1
+ listen-address=42:1:ce16::1,10.244.1.103
except-interface=lo
- interface=wg0
+ interface=wiregrill
'';
};
}
@@ -284,7 +284,10 @@ with import <stockholm/lib>;
];
}
{
- services.murmur.enable = true;
+ services.murmur = {
+ enable = true;
+ bandwidth = 10000000;
+ };
services.murmur.registerName = "lassul.us";
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 7458f5ffd..1a3bee850 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -55,6 +55,16 @@
fsType = "zfs";
};
+ fileSystems."/var/realwallpaper/archive" = {
+ device = "tank/wallpaper";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home/xanf" = {
+ device = "/dev/disk/by-id/wwn-0x500a07511becb076";
+ fsType = "ext4";
+ };
+
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
diff --git a/lass/1systems/shodan/physical.nix b/lass/1systems/shodan/physical.nix
index 39a4d9661..55e91b0e4 100644
--- a/lass/1systems/shodan/physical.nix
+++ b/lass/1systems/shodan/physical.nix
@@ -10,7 +10,7 @@
loader.grub.version = 2;
loader.grub.device = "/dev/sda";
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
+ initrd.luks.devices.lusksroot.device = "/dev/sda2";
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
};
diff --git a/lass/1systems/wizard/run-vm.sh b/lass/1systems/wizard/run-vm.sh
new file mode 100755
index 000000000..13914ad5f
--- /dev/null
+++ b/lass/1systems/wizard/run-vm.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env nix-shell
+#! nix-shell -i bash -p nixos-generators
+
+set -efu
+
+WD=$(dirname "$0")
+nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/config.nix -f vm-nogui --run
diff --git a/lass/1systems/wizard/test.nix b/lass/1systems/wizard/test.nix
index c7a27102a..165b9f14d 100644
--- a/lass/1systems/wizard/test.nix
+++ b/lass/1systems/wizard/test.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
{
imports = [
- ./default.nix
+ ./config.nix
];
virtualisation.emptyDiskImages = [
8000
diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix
index e4a4fb505..8c4362865 100644
--- a/lass/1systems/xerxes/config.nix
+++ b/lass/1systems/xerxes/config.nix
@@ -41,22 +41,6 @@
displayManager.lightdm.autoLogin.user = "lass";
};
- services.syncthing.declarative = {
- folders = {
- the_playlist = {
- path = "/home/lass/tmp/the_playlist";
- devices = [ "mors" "phone" "prism" "xerxes" ];
- };
- };
- };
- krebs.permown = {
- "/home/lass/tmp/the_playlist" = {
- owner = "lass";
- group = "syncthing";
- umask = "0007";
- };
- };
-
boot.blacklistedKernelModules = [ "xpad" ];
systemd.services.xboxdrv = {
wantedBy = [ "multi-user.target" ];
@@ -93,7 +77,15 @@
};
};
- hardware.bluetooth.enable = true;
+ hardware.bluetooth = {
+ enable = true;
+ powerOnBoot = true;
+ # config.General.Disable = "Headset";
+ extraConfig = ''
+ [General]
+ Disable = Headset
+ '';
+ };
hardware.pulseaudio.package = pkgs.pulseaudioFull;
# hardware.pulseaudio.configFile = pkgs.writeText "default.pa" ''
# load-module module-bluetooth-policy
diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix
index 82fe3fac5..d400697d7 100644
--- a/lass/1systems/yellow/config.nix
+++ b/lass/1systems/yellow/config.nix
@@ -172,7 +172,7 @@ with import <stockholm/lib>;
client
dev tun
proto udp
- remote 89.249.65.83 1194
+ remote 185.230.127.27 1194
resolv-retry infinite
remote-random
nobind
@@ -195,7 +195,6 @@ with import <stockholm/lib>;
fast-io
cipher AES-256-CBC
auth SHA512
-
<ca>
-----BEGIN CERTIFICATE-----
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
@@ -251,6 +250,27 @@ with import <stockholm/lib>;
3f8a56ddb2e64eb67adfc9b337157ff4
-----END OpenVPN Static key V1-----
</tls-auth>
-
'';
+
+ systemd.services.flix-index = {
+ wantedBy = [ "multi-user.target" ];
+ path = [
+ pkgs.coreutils
+ pkgs.findutils
+ pkgs.inotifyTools
+ ];
+ serviceConfig = {
+ Restart = "always";
+ ExecStart = pkgs.writers.writeDash "flix-index" ''
+ set -efu
+
+ DIR=/var/download/finished
+ cd "$DIR"
+ while inotifywait -rq -e create -e move -e delete "$DIR"; do
+ find . -type f > "$DIR"/index.tmp
+ mv "$DIR"/index.tmp "$DIR"/index
+ done
+ '';
+ };
+ };
}