Merge remote-tracking branch 'prism/master'

author: tv <tv@krebsco.de> 2018-08-29 01:38:45 +0200
committer: tv <tv@krebsco.de> 2018-08-29 01:38:45 +0200
commit: 000f2a7c9123fcd4b110c6c220570758d556c837 (patch)
tree: 8464e80b13adce3b5958ad6e9bcebc8a4f559cd9 /lass/1systems
parent: 16ad5fb0a835a1022656253ae838e83fa024e692 (diff)
parent: 413e0689acd4f6b322f9996950927ebd41d0e58c (diff)
6 files changed, 7 insertions, 175 deletions
diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix
index eafc0d06c..305b3f70e 100644
--- a/lass/1systems/daedalus/config.nix
+++ b/lass/1systems/daedalus/config.nix
@@ -30,7 +30,8 @@ with import <stockholm/lib>;
       };
       environment.systemPackages = with pkgs; [
         pavucontrol
-        firefox
+        #firefox
+        chromium
         hexchat
         networkmanagerapplet
         libreoffice
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 5657742a6..68acf12b8 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -1,110 +1,7 @@
 with import <stockholm/lib>;
-{ config, lib, pkgs, ... }:
-
+{ pkgs, ... }:
 {
-  imports = [
-    <stockholm/lass>
-    <stockholm/lass/2configs/baseX.nix>
-    <stockholm/lass/2configs/browsers.nix>
-    <stockholm/lass/2configs/mouse.nix>
-    <stockholm/lass/2configs/pass.nix>
-    <stockholm/lass/2configs/retiolum.nix>
-    <stockholm/lass/2configs/otp-ssh.nix>
-    # TODO fix krebs.git.rules.[definition 2-entry 2].lass not defined
-    #<stockholm/lass/2configs/git.nix>
-    #<stockholm/lass/2configs/dcso-vpn.nix>
-    <stockholm/lass/2configs/virtualbox.nix>
-    <stockholm/lass/2configs/dcso-dev.nix>
-    <stockholm/lass/2configs/steam.nix>
-    <stockholm/lass/2configs/rtl-sdr.nix>
-    <stockholm/lass/2configs/backup.nix>
-    {
-      services.xserver.dpi = 200;
-      fonts.fontconfig.dpi = 200;
-      lass.fonts.regular = "xft:Hack-Regular:pixelsize=22,xft:Symbola";
-      lass.fonts.bold =    "xft:Hack-Bold:pixelsize=22,xft:Symbola";
-      lass.fonts.italic =  "xft:Hack-RegularOblique:pixelsize=22,xft:Symbol";
-    }
-    { #TAPIR, AGATIS, sentral, a3 - foo
-      services.redis.enable = true;
-    }
-    {
-      krebs.fetchWallpaper = {
-        enable = true;
-        url = "http://i.imgur.com/0ktqxSg.png";
-        maxTime = 9001;
-      };
-    }
-    {
-      #urban terror port
-      krebs.iptables.tables.filter.INPUT.rules = [
-        { predicate = "-p tcp --dport 27960"; target = "ACCEPT"; }
-        { predicate = "-p udp --dport 27960"; target = "ACCEPT"; }
-      ];
-    }
-  ];
-  krebs.build.host = config.krebs.hosts.helios;
-
-  krebs.git.rules = [
-    {
-      user = [ config.krebs.users.lass-helios ];
-      repo = [ config.krebs.git.repos.stockholm ];
-      perm = with git; push "refs/heads/*" [ fast-forward non-fast-forward create delete merge ];
-    }
-    {
-      lass.umts = {
-        enable = true;
-        modem = "/dev/serial/by-id/usb-Lenovo_F5521gw_2C7D8D7C35FC7040-if09";
-        initstrings = ''
-          Init1 = AT+CFUN=1
-          Init2 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
-        '';
-      };
-    }
-  ];
-
   environment.systemPackages = with pkgs; [
-    ag
-    vim
-    git
-    rsync
-    hashPassword
-    thunderbird
     dpass
-
-    # we want tensorflow! (with GPU acceleration)
-    python3Packages.tensorflowWithCuda
-  ];
-
-  users.users = {
-    root.openssh.authorizedKeys.keys = [
-      config.krebs.users.lass-helios.pubkey
-    ];
-  };
-
-  services.tlp.enable = true;
-
-  networking.hostName = lib.mkForce "BLN02NB0162";
-
-  security.pki.certificateFiles = [
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
-
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
-    (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
   ];
-
-  programs.adb.enable = true;
-  users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
-
-  services.printing.drivers = [ pkgs.postscript-lexmark ];
-
-  services.logind.extraConfig = ''
-    HandleLidSwitch=ignore
-  '';
-
-  virtualisation.docker.enable = true;
 }
diff --git a/lass/1systems/helios/physical.nix b/lass/1systems/helios/physical.nix
deleted file mode 100644
index a5212454f..000000000
--- a/lass/1systems/helios/physical.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{ pkgs, ... }:
-{
-  imports = [
-    ./config.nix
-    { # automatic hardware detection
-      boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
-      boot.kernelModules = [ "kvm-intel" ];
-
-      fileSystems."/" = {
-        device = "/dev/pool/root";
-        fsType = "btrfs";
-      };
-
-      fileSystems."/boot" = {
-        device = "/dev/disk/by-uuid/1F60-17C6";
-        fsType = "vfat";
-      };
-
-      fileSystems."/home" = {
-        device = "/dev/pool/home";
-        fsType = "btrfs";
-      };
-
-      fileSystems."/tmp" = {
-        device = "tmpfs";
-        fsType = "tmpfs";
-        options = ["nosuid" "nodev" "noatime"];
-      };
-    }
-    { # crypto stuff
-      boot.initrd.luks = {
-        cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
-        devices =  [{
-           name = "luksroot";
-           device = "/dev/nvme0n1p3";
-        }];
-      };
-    }
-  ];
-
-  # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  networking.wireless.enable = true;
-  hardware.enableRedistributableFirmware = true;
-
-
-  services.udev.extraRules = ''
-    SUBSYSTEM=="net", ATTR{address}=="f8:59:71:a9:05:65", NAME="wl0"
-    SUBSYSTEM=="net", ATTR{address}=="54:e1:ad:4f:06:83", NAME="et0"
-  '';
-
-  services.xserver.videoDrivers = [ "nvidia" ];
-  services.xserver.xrandrHeads = [
-    { output = "DP-2"; primary = true; }
-    { output = "DP-4"; monitorConfig = ''Option "Rotate" "left"''; }
-    { output = "DP-0"; }
-  ];
-
-  services.xserver.displayManager.sessionCommands = ''
-    ${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --scale 0.5x0.5 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal
-  '';
-}
diff --git a/lass/1systems/helios/source.nix b/lass/1systems/helios/source.nix
deleted file mode 100644
index bfe4dca4c..000000000
--- a/lass/1systems/helios/source.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-import <stockholm/lass/source.nix> {
-  name = "helios";
-  secure = true;
-}
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index ad4f8a504..90e04cad1 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -33,6 +33,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/dunst.nix>
     <stockholm/lass/2configs/rtl-sdr.nix>
     <stockholm/lass/2configs/backup.nix>
+    <stockholm/lass/2configs/print.nix>
     {
       krebs.iptables.tables.filter.INPUT.rules = [
         #risk of rain
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 6be45d38d..0f20d1c4e 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -175,7 +175,6 @@ with import <stockholm/lib>;
         alias /var/realwallpaper/realwallpaper.png;
       '';
     }
-    <stockholm/lass/2configs/dcso-dev.nix>
     {
       users.users.jeschli = {
         uid = genid "jeschli";
@@ -288,6 +287,8 @@ with import <stockholm/lib>;
     {
       users.users.download.openssh.authorizedKeys.keys = [
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACADLPxtB2f2tocXHxD3ul9D1537hTht6/un87JYZNnoYABveasyIcdFIfp5lPJmj3PjwqXNTA4M/3V+ufrpZ91dxFeXWI5mOI4YB3xRu+Elja8g7nfvCz1HrH3sD1equos/7ltQ1GZYvHGw40qD1/ZtOODwRwrYJ7l/DUBrjk/tzXRjm0+ZgyQsb3G9a80cA8d3fiuQDxbAzdoJF46wt36ZfuSMpJ/Td8CbCoLlV/uL9QZemOglyxNxR607qGfRNXF1An+P+fFq24GmdHpMJ00DfjZ/dJRL9QSs7vd07uyB4Qty4VHwRhc46XH6KL7VTF1D3INF/BeBZx90GBxOvpgEji7Zrf7O5eSAjM2Do1+t+Ev2IIuiltB+QqTir4rZcrCBrJ2+zD3DDymKffVi8sz15AvdrFkIplzZxpOcgm9Ns2w/uh8sxeV6J58aoLEVmd2KRUfJFYiS1EuEjYo2OHlj8ltIh3VlfYdWksGpQc71IT0iEWvzvjYcfCda9uzFLKdLfBy4GB8+s4zR2CX9aGDyJaIY1kt/xqDeztnYwW1owG+fLMrDJlq3Mu+KmJljb30jzrOPhFYVZgWenmMFgH2RBzVEmnsR0f2LFVLj6N/a9fpEJ3WhxMOc5Ybdpgg/l9KUdgvWLk6KOtba+z9fuYT1YgwtZBoMgHAdZLmZ/DGtff palo@pepe"
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGMjbYFmmvpF60YBShyFISbjN+O3e4GPkfsre6xFqz20joi8YqpD/5PtrMsGrPd1ZoZ9qSwXJtbb1WBomFg0xzRSNa1/FliKiE1ilcaB3aUZRtP0OWHIvWD3/YL/0h+/YXDGTfb8FNvpgJmnbN3Q0gw8cwWw+eve5BMyqDhzFvycxO4qDuP2JXkGpdhJqjaYZhP5rPH2mgv1oU1RnOA3A7APZVGf1m6JSmV7FZR514aGlFV+NpsvS29Mib8fcswgpoGhMN6jeh/nf49tp01LUAOmXSqdHIWNOTt3Mt7S4rU7RZwEhswdSRbKdKFRMj+uRkhJ4CPcNuuGtSY3id0Ja7IvrvxNaQUk1L8nBcza709jvSBYWSY5/aGL1ocA/PNWXDpOTp2PWwxkh39aPMqZXPTH3KC4IkRp5SiKibEhdmjnToV7nUAJe4IWn1b7QdoqS03ib0X87DnHWIbvi8UZlImM7pn0rs+rwnOo4lQwrTz7kbBHPaa6XOZAuDYND2728vtcrhwzVrKgiXWbyF6VzvwxPeeStmn1gENvozbj1hl9gbQ1cH/a4pZFBV/OFl/ryzDnB2ghM4acNJazXx/6/us9hX+np1YxIzJaxENj677MLc6HitM2g6XJGaixBQ0U2NNjcjIuQT0ZaeKXsSLnu1Y7+uslbVAwsQ4pJmSxxMMQ== palo@workhorse"
       ];
     }
     {
@@ -338,7 +339,7 @@ with import <stockholm/lib>;
           {
             # lass-android
             allowedIPs = [ "10.244.1.2/32" ];
-            publicKey = "63+ns9AGv6e6a8WgxiZNFEt1xQT0YKFlEHzRaYJWtmk=";
+            publicKey = "zVunBVOxsMETlnHkgjfH71HaZjjNUOeYNveAVv5z3jw=";
           }
         ];
       };
author	tv <tv@krebsco.de>	2018-08-29 01:38:45 +0200
committer	tv <tv@krebsco.de>	2018-08-29 01:38:45 +0200
commit	000f2a7c9123fcd4b110c6c220570758d556c837 (patch)
tree	8464e80b13adce3b5958ad6e9bcebc8a4f559cd9 /lass/1systems
parent	16ad5fb0a835a1022656253ae838e83fa024e692 (diff)
parent	413e0689acd4f6b322f9996950927ebd41d0e58c (diff)