diff options
author | tv <tv@krebsco.de> | 2017-11-28 19:06:54 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-11-28 19:06:54 +0100 |
commit | 05bc20b893ff6d441d7e8e10802134d2192e724a (patch) | |
tree | 1c34434d71eb2e3e3ced9ade09ee4b5879cc63cd /makefu/2configs | |
parent | 5163d8eba27976ccccf7703b52eb1b8f4c0295af (diff) | |
parent | 10a96c644898d9498e9f75fa543ebb395ffbca20 (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs')
-rw-r--r-- | makefu/2configs/backup.nix | 13 | ||||
-rw-r--r-- | makefu/2configs/hw/stk1160.nix | 15 | ||||
-rw-r--r-- | makefu/2configs/lanparty/lancache-dns.nix | 21 | ||||
-rw-r--r-- | makefu/2configs/lanparty/lancache.nix | 9 | ||||
-rw-r--r-- | makefu/2configs/lanparty/mumble-server.nix | 12 | ||||
-rw-r--r-- | makefu/2configs/lanparty/samba.nix | 9 | ||||
-rw-r--r-- | makefu/2configs/tools/core.nix | 30 | ||||
-rw-r--r-- | makefu/2configs/tools/dev.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/tools/games.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tools/sec.nix | 2 |
10 files changed, 81 insertions, 34 deletions
diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix index 166365ba0..a4d02af6b 100644 --- a/makefu/2configs/backup.nix +++ b/makefu/2configs/backup.nix @@ -31,6 +31,19 @@ in { krebs.backup.plans = { # wry-to-omo_root = defaultPull config.krebs.hosts.wry "/"; gum-to-omo_root = defaultPull config.krebs.hosts.gum "/"; + gum-dl-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/download" )// + { + dst.path = "/media/cryptX/backup/gum/var-download"; + dst.host = defaultBackupServer; + startAt = "19:00"; + }; + gum-owncloud-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/www/o.euer.krebsco.de" )// + { + dst.path = "/media/cryptX/backup/gum/var-www-o.euer.krebsco.de"; + dst.host = defaultBackupServer; + + startAt = "05:00"; + }; # wolf-to-omo_root = defaultPull config.krebs.hosts.wolf "/"; }; environment.systemPackages = [ diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix deleted file mode 100644 index b3a9e1a5a..000000000 --- a/makefu/2configs/hw/stk1160.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: -{ - # TODO: un-pin linuxPackages somehow - boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages; - nixpkgs.config.packageOverrides = pkgs: { - linux_4_9 = pkgs.linux_4_9.override { - extraConfig = '' - MEDIA_ANALOG_TV_SUPPORT y - VIDEO_STK1160_COMMON m - VIDEO_STK1160_AC97 y - VIDEO_STK1160 m - ''; - }; - }; -} diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix index 4b4ebf0a0..c9da7c4c4 100644 --- a/makefu/2configs/lanparty/lancache-dns.nix +++ b/makefu/2configs/lanparty/lancache-dns.nix @@ -1,6 +1,19 @@ { pkgs, lib, config, ... }: with import <stockholm/lib>; let + upstream-server = "8.8.8.8"; + # make sure the router pins the ip address to the deployed host + # and set it as dns server ( dhcp option 6,192.168.10.10 ) + local_ip = "192.168.10.10"; + + extra-config = pkgs.writeText "local.conf" '' + server: + local-data: "piratebox. A ${local_ip}" + local-data: "store. A ${local_ip}" + local-data: "share. A ${local_ip}" + ''; + + # see https://github.com/zeropingheroes/lancache for full docs lancache-dns = pkgs.stdenv.mkDerivation rec { name = "lancache-dns-2017-06-28"; @@ -11,8 +24,9 @@ let rev = "420aa62"; sha256 = "0ik7by7ripdv2avyy5kk9jp1i7rz9ksc8xmg7n9iik365q9pv94m"; }; + phases = [ "unpackPhase" "installPhase" ]; - # here we can chance to edit `includes/proxy-cache-paths.conf` + # here we have the chance to edit `includes/proxy-cache-paths.conf` installPhase = '' mkdir -p $out cp -r * $out/ @@ -20,7 +34,6 @@ let }; stateDir = "/var/lib/unbound"; user = "unbound"; - upstream-server = "8.8.8.8"; in { services.unbound = { enable = true; @@ -29,6 +42,7 @@ in { forwardAddresses = [ upstream-server ]; extraConfig = '' include: "${stateDir}/lancache/*.conf" + include: "${extra-config}" ''; }; services.dnscrypt-proxy.enable = lib.mkForce false; @@ -42,7 +56,8 @@ in { path = [ pkgs.gawk pkgs.iproute pkgs.gnused ]; script = '' set -xeu - current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}') + # current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}') + current_ip=${local_ip} old_ip=10.1.1.250 mkdir -p ${stateDir} rm -rvf ${stateDir}/lancache diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix index 3df2e3f59..bcacf2e15 100644 --- a/makefu/2configs/lanparty/lancache.nix +++ b/makefu/2configs/lanparty/lancache.nix @@ -17,15 +17,21 @@ let installPhase = '' mkdir -p $out cp -r * $out/ + rm $out/caches-enabled/* sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ -e '1 idaemon off;' \ + -e 's#/var/lancache#${cfg.statedir}#g' \ $out/nginx.conf + sed -i -e 's#/var/lancache#${cfg.statedir}#g' \ + $out/*/*.conf + ln -s $out/caches-available/* $out/caches-enabled/ ''; }; cfg = { + statedir = "/data/cache"; + group = "nginx-lancache"; user = "nginx-lancache"; - statedir = "/var/lancache"; package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ configureFlags = old.configureFlags ++ [ "--with-http_slice_module" @@ -43,6 +49,7 @@ in { preStart = '' mkdir -p ${cfg.statedir} && cd ${cfg.statedir} + chmod 700 ${cfg.statedir} PATH_CACHE=$PATH_BASE/cache PATH_LOGS=$PATH_BASE/logs diff --git a/makefu/2configs/lanparty/mumble-server.nix b/makefu/2configs/lanparty/mumble-server.nix new file mode 100644 index 000000000..5b9631cd1 --- /dev/null +++ b/makefu/2configs/lanparty/mumble-server.nix @@ -0,0 +1,12 @@ +{ config, ... }: +{ + networking.firewall.allowedTCPPorts = [ 64738 ]; + networking.firewall.allowedUDPPorts = [ 64738 ]; + services.murmur = { + enable = true; + welcometext = "Welcome to the LANest Party mumble server"; + bonjour = true; + hostName = "0.0.0.0"; + sendVersion = true; + }; +} diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix index de834ab16..4176d7b35 100644 --- a/makefu/2configs/lanparty/samba.nix +++ b/makefu/2configs/lanparty/samba.nix @@ -10,9 +10,16 @@ }; services.samba = { enable = true; + enableNmbd = true; shares = { - share-home = { + lanparty = { path = "/data/lanparty/"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + share = { + path = "/data/incoming"; "read only" = "no"; browseable = "yes"; "guest ok" = "yes"; diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 8a15ae2e7..7e9a459c3 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -5,38 +5,44 @@ # # essentially `nix-env -q` of the main user { - krebs.per-user.makefu.packages = with pkgs; [ + environment.systemPackages = with pkgs; [ at_spi2_core acpi bc rsync exif file + lsof + which + binutils + # fs - ntfs3g + cifs-utils dosfstools + ntfs3g + smartmontools + + # io pv sshpass usbutils p7zip hdparm + + # net + wget + curl inetutils ncftp - mutt tcpdump sysstat - which - weechat wol - tmux iftop + mkpasswd - # storage - smartmontools - cifs-utils - # net - wget - curl + mutt + weechat + tmux # stockholm git diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index d3d50c433..46872279a 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -2,7 +2,8 @@ { users.users.makefu.packages = with pkgs;[ - python35Packages.virtualenv + python3Packages.virtualenv + python3Packages.pyserial # embedded gi flashrom diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix index 8e815da5e..8da615963 100644 --- a/makefu/2configs/tools/games.nix +++ b/makefu/2configs/tools/games.nix @@ -6,5 +6,6 @@ ]; users.users.makefu.packages = with pkgs; [ games-user-env + wine ]; } diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix index 817cd9ead..3dc02937d 100644 --- a/makefu/2configs/tools/sec.nix +++ b/makefu/2configs/tools/sec.nix @@ -13,6 +13,6 @@ thc-hydra borgbackup ledger - u3_tool + u3-tool ]; } |