summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-11-28 19:06:54 +0100
committertv <tv@krebsco.de>2017-11-28 19:06:54 +0100
commit05bc20b893ff6d441d7e8e10802134d2192e724a (patch)
tree1c34434d71eb2e3e3ced9ade09ee4b5879cc63cd /makefu/2configs
parent5163d8eba27976ccccf7703b52eb1b8f4c0295af (diff)
parent10a96c644898d9498e9f75fa543ebb395ffbca20 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/backup.nix13
-rw-r--r--makefu/2configs/hw/stk1160.nix15
-rw-r--r--makefu/2configs/lanparty/lancache-dns.nix21
-rw-r--r--makefu/2configs/lanparty/lancache.nix9
-rw-r--r--makefu/2configs/lanparty/mumble-server.nix12
-rw-r--r--makefu/2configs/lanparty/samba.nix9
-rw-r--r--makefu/2configs/tools/core.nix30
-rw-r--r--makefu/2configs/tools/dev.nix3
-rw-r--r--makefu/2configs/tools/games.nix1
-rw-r--r--makefu/2configs/tools/sec.nix2
10 files changed, 81 insertions, 34 deletions
diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix
index 166365ba0..a4d02af6b 100644
--- a/makefu/2configs/backup.nix
+++ b/makefu/2configs/backup.nix
@@ -31,6 +31,19 @@ in {
krebs.backup.plans = {
# wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
+ gum-dl-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/download" )//
+ {
+ dst.path = "/media/cryptX/backup/gum/var-download";
+ dst.host = defaultBackupServer;
+ startAt = "19:00";
+ };
+ gum-owncloud-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/www/o.euer.krebsco.de" )//
+ {
+ dst.path = "/media/cryptX/backup/gum/var-www-o.euer.krebsco.de";
+ dst.host = defaultBackupServer;
+
+ startAt = "05:00";
+ };
# wolf-to-omo_root = defaultPull config.krebs.hosts.wolf "/";
};
environment.systemPackages = [
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
deleted file mode 100644
index b3a9e1a5a..000000000
--- a/makefu/2configs/hw/stk1160.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ pkgs, ... }:
-{
- # TODO: un-pin linuxPackages somehow
- boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
- nixpkgs.config.packageOverrides = pkgs: {
- linux_4_9 = pkgs.linux_4_9.override {
- extraConfig = ''
- MEDIA_ANALOG_TV_SUPPORT y
- VIDEO_STK1160_COMMON m
- VIDEO_STK1160_AC97 y
- VIDEO_STK1160 m
- '';
- };
- };
-}
diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix
index 4b4ebf0a0..c9da7c4c4 100644
--- a/makefu/2configs/lanparty/lancache-dns.nix
+++ b/makefu/2configs/lanparty/lancache-dns.nix
@@ -1,6 +1,19 @@
{ pkgs, lib, config, ... }:
with import <stockholm/lib>;
let
+ upstream-server = "8.8.8.8";
+ # make sure the router pins the ip address to the deployed host
+ # and set it as dns server ( dhcp option 6,192.168.10.10 )
+ local_ip = "192.168.10.10";
+
+ extra-config = pkgs.writeText "local.conf" ''
+ server:
+ local-data: "piratebox. A ${local_ip}"
+ local-data: "store. A ${local_ip}"
+ local-data: "share. A ${local_ip}"
+ '';
+
+
# see https://github.com/zeropingheroes/lancache for full docs
lancache-dns = pkgs.stdenv.mkDerivation rec {
name = "lancache-dns-2017-06-28";
@@ -11,8 +24,9 @@ let
rev = "420aa62";
sha256 = "0ik7by7ripdv2avyy5kk9jp1i7rz9ksc8xmg7n9iik365q9pv94m";
};
+
phases = [ "unpackPhase" "installPhase" ];
- # here we can chance to edit `includes/proxy-cache-paths.conf`
+ # here we have the chance to edit `includes/proxy-cache-paths.conf`
installPhase = ''
mkdir -p $out
cp -r * $out/
@@ -20,7 +34,6 @@ let
};
stateDir = "/var/lib/unbound";
user = "unbound";
- upstream-server = "8.8.8.8";
in {
services.unbound = {
enable = true;
@@ -29,6 +42,7 @@ in {
forwardAddresses = [ upstream-server ];
extraConfig = ''
include: "${stateDir}/lancache/*.conf"
+ include: "${extra-config}"
'';
};
services.dnscrypt-proxy.enable = lib.mkForce false;
@@ -42,7 +56,8 @@ in {
path = [ pkgs.gawk pkgs.iproute pkgs.gnused ];
script = ''
set -xeu
- current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}')
+ # current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}')
+ current_ip=${local_ip}
old_ip=10.1.1.250
mkdir -p ${stateDir}
rm -rvf ${stateDir}/lancache
diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix
index 3df2e3f59..bcacf2e15 100644
--- a/makefu/2configs/lanparty/lancache.nix
+++ b/makefu/2configs/lanparty/lancache.nix
@@ -17,15 +17,21 @@ let
installPhase = ''
mkdir -p $out
cp -r * $out/
+ rm $out/caches-enabled/*
sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \
-e '1 idaemon off;' \
+ -e 's#/var/lancache#${cfg.statedir}#g' \
$out/nginx.conf
+ sed -i -e 's#/var/lancache#${cfg.statedir}#g' \
+ $out/*/*.conf
+ ln -s $out/caches-available/* $out/caches-enabled/
'';
};
cfg = {
+ statedir = "/data/cache";
+
group = "nginx-lancache";
user = "nginx-lancache";
- statedir = "/var/lancache";
package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{
configureFlags = old.configureFlags ++ [
"--with-http_slice_module"
@@ -43,6 +49,7 @@ in {
preStart = ''
mkdir -p ${cfg.statedir} && cd ${cfg.statedir}
+ chmod 700 ${cfg.statedir}
PATH_CACHE=$PATH_BASE/cache
PATH_LOGS=$PATH_BASE/logs
diff --git a/makefu/2configs/lanparty/mumble-server.nix b/makefu/2configs/lanparty/mumble-server.nix
new file mode 100644
index 000000000..5b9631cd1
--- /dev/null
+++ b/makefu/2configs/lanparty/mumble-server.nix
@@ -0,0 +1,12 @@
+{ config, ... }:
+{
+ networking.firewall.allowedTCPPorts = [ 64738 ];
+ networking.firewall.allowedUDPPorts = [ 64738 ];
+ services.murmur = {
+ enable = true;
+ welcometext = "Welcome to the LANest Party mumble server";
+ bonjour = true;
+ hostName = "0.0.0.0";
+ sendVersion = true;
+ };
+}
diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix
index de834ab16..4176d7b35 100644
--- a/makefu/2configs/lanparty/samba.nix
+++ b/makefu/2configs/lanparty/samba.nix
@@ -10,9 +10,16 @@
};
services.samba = {
enable = true;
+ enableNmbd = true;
shares = {
- share-home = {
+ lanparty = {
path = "/data/lanparty/";
+ "read only" = "yes";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+ share = {
+ path = "/data/incoming";
"read only" = "no";
browseable = "yes";
"guest ok" = "yes";
diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix
index 8a15ae2e7..7e9a459c3 100644
--- a/makefu/2configs/tools/core.nix
+++ b/makefu/2configs/tools/core.nix
@@ -5,38 +5,44 @@
#
# essentially `nix-env -q` of the main user
{
- krebs.per-user.makefu.packages = with pkgs; [
+ environment.systemPackages = with pkgs; [
at_spi2_core
acpi
bc
rsync
exif
file
+ lsof
+ which
+ binutils
+
# fs
- ntfs3g
+ cifs-utils
dosfstools
+ ntfs3g
+ smartmontools
+
+ # io
pv
sshpass
usbutils
p7zip
hdparm
+
+ # net
+ wget
+ curl
inetutils
ncftp
- mutt
tcpdump
sysstat
- which
- weechat
wol
- tmux
iftop
+
mkpasswd
- # storage
- smartmontools
- cifs-utils
- # net
- wget
- curl
+ mutt
+ weechat
+ tmux
# stockholm
git
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index d3d50c433..46872279a 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -2,7 +2,8 @@
{
users.users.makefu.packages = with pkgs;[
- python35Packages.virtualenv
+ python3Packages.virtualenv
+ python3Packages.pyserial
# embedded
gi
flashrom
diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix
index 8e815da5e..8da615963 100644
--- a/makefu/2configs/tools/games.nix
+++ b/makefu/2configs/tools/games.nix
@@ -6,5 +6,6 @@
];
users.users.makefu.packages = with pkgs; [
games-user-env
+ wine
];
}
diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix
index 817cd9ead..3dc02937d 100644
--- a/makefu/2configs/tools/sec.nix
+++ b/makefu/2configs/tools/sec.nix
@@ -13,6 +13,6 @@
thc-hydra
borgbackup
ledger
- u3_tool
+ u3-tool
];
}