diff options
author | tv <tv@krebsco.de> | 2019-05-15 16:10:14 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2019-05-15 16:10:14 +0200 |
commit | 1ceae8b0e3f37b5d3a4b8ef52621f2959abaab8e (patch) | |
tree | 67d182fa8e62f01ed346714c615a64577fae1b66 /makefu/2configs | |
parent | df6007c2eb3c6fab9106c3fc591fded7221b1708 (diff) | |
parent | f541eae020a229b99afe531139be246f8aecb695 (diff) |
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'makefu/2configs')
-rw-r--r-- | makefu/2configs/backup/ssh/wbob.pub | 1 | ||||
-rw-r--r-- | makefu/2configs/bureautomation/hass.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/editor/vim.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/editor/vimrc | 11 | ||||
-rw-r--r-- | makefu/2configs/fs/sda-crypto-root-home.nix | 26 | ||||
-rw-r--r-- | makefu/2configs/fs/sda-crypto-root.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/home-manager/zsh.nix | 4 | ||||
-rw-r--r-- | makefu/2configs/hw/network-manager.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/mail/mail.euer.nix | 8 | ||||
-rw-r--r-- | makefu/2configs/mqtt.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/nur.nix | 6 | ||||
-rw-r--r-- | makefu/2configs/printer.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/stats/arafetch.nix | 6 | ||||
-rw-r--r-- | makefu/2configs/task-client.nix | 7 | ||||
-rw-r--r-- | makefu/2configs/taskd.nix | 1 |
15 files changed, 50 insertions, 32 deletions
diff --git a/makefu/2configs/backup/ssh/wbob.pub b/makefu/2configs/backup/ssh/wbob.pub new file mode 100644 index 000000000..52d56d956 --- /dev/null +++ b/makefu/2configs/backup/ssh/wbob.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix index 02465520c..ace1d10ce 100644 --- a/makefu/2configs/bureautomation/hass.nix +++ b/makefu/2configs/bureautomation/hass.nix @@ -146,6 +146,7 @@ in { "device_tracker.ecki_tablet" "device_tracker.daniel_phone" "device_tracker.carsten_phone" + "device_tracker.thierry_phone" # "person.thorsten" # "person.felix" # "person.ecki" diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix index 8a58e44de..d14a611b4 100644 --- a/makefu/2configs/editor/vim.nix +++ b/makefu/2configs/editor/vim.nix @@ -23,7 +23,6 @@ in { vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" # "YouCompleteMe" - "LanguageClient-neovim" "vim-better-whitespace" ]; } # vim-nix handles indentation better but does not perform sanity { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc index 96c505ba8..8cdab55db 100644 --- a/makefu/2configs/editor/vimrc +++ b/makefu/2configs/editor/vimrc @@ -96,14 +96,3 @@ augroup Binary au BufWritePost *.bin if &bin | %!xxd au BufWritePost *.bin set nomod | endif augroup END - -let g:LanguageClient_serverCommands = { -\ 'python': ['pyls'] -\ } -nnoremap <F6> :call LanguageClient_contextMenu()<CR> -nnoremap <silent> gh :call LanguageClient_textDocument_hover()<CR> -nnoremap <silent> gd :call LanguageClient_textDocument_definition()<CR> -nnoremap <silent> gr :call LanguageClient_textDocument_references()<CR> -nnoremap <silent> gs :call LanguageClient_textDocument_documentSymbol()<CR> -nnoremap <silent> <F2> :call LanguageClient_textDocument_rename()<CR> -nnoremap <silent> gf :call LanguageClient_textDocument_formatting()<CR> diff --git a/makefu/2configs/fs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix index e790ed6a8..4f0cf8c6b 100644 --- a/makefu/2configs/fs/sda-crypto-root-home.nix +++ b/makefu/2configs/fs/sda-crypto-root-home.nix @@ -8,7 +8,31 @@ # / (main-root) # /home (main-home) -with import <stockholm/lib>; +# clean the boot sector: +# dd if=/dev/zero of=/dev/sda count=2048 +# Installation Instruction on ISO: +# fdisk /dev/sda + # boot 500M + # rest rest +# cryptsetup luksFormat /dev/sda2 +# mkfs.ext4 -L nixboot /dev/sda1 +# cryptsetup luksOpen /dev/sda2 cryptoluks +# pvcreate /dev/mapper/cryptoluks +# vgcreate main /dev/mapper/cryptoluks +# lvcreate -L 200Gib main -n root +# lvcreate -L 800Gib main -n home +# mkfs.ext4 /dev/main/root +# mkfs.ext4 /dev/main/home +# mount /dev/mapper/main-root /mnt +# mkdir -p /mnt/{boot,home,var/src} /var/src +# mount /dev/sda1 /mnt/boot +# mount /dev/mapper/main-home /mnt/home +# touch /mnt/var/src/.populate +# mount -o bind /mnt/var/src /var/src +# nix-channel --add https://nixos.org/channels/nixos-19.03 nixpkgs && # nix-channel --update +# nix-env -iA nixpkgs.gitMinimal +# (on deploy-host) $(nix-build ~/stockholm/makefu/krops.nix --no-out-link --argstr name x --argstr target 10.42.22.91 -A deploy --show-trace) +# NIXOS_CONFIG=/var/src/nixos-config nixos-install -I /var/src --no-root-passwd --no-channel-copy { imports = [ diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix index 55cfd74f5..e49843cfe 100644 --- a/makefu/2configs/fs/sda-crypto-root.nix +++ b/makefu/2configs/fs/sda-crypto-root.nix @@ -9,8 +9,7 @@ # boot 500M # rest rest # cryptsetup luksFormat /dev/sda2 -# -with import <stockholm/lib>; +# mkfs.ext4 -L nixboot /dev/sda1 { boot = { loader.grub.enable = true; diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix index 267a2e878..d24969ef0 100644 --- a/makefu/2configs/home-manager/zsh.nix +++ b/makefu/2configs/home-manager/zsh.nix @@ -25,12 +25,12 @@ then [ -d .direnv ] || mkdir .direnv local tmp=$(nix-shell --show-trace "$@" \ - --run "\"$direnv\" dump bash") + --run "\"$direnv\" dump zsh") echo "$tmp" > "$cache" fi local path_backup=$PATH term_backup=$TERM - direnv_load cat "$cache" + . "$cache" export PATH=$PATH:$path_backup TERM=$term_backup diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix index 3b9d04549..d7b262b91 100644 --- a/makefu/2configs/hw/network-manager.nix +++ b/makefu/2configs/hw/network-manager.nix @@ -30,4 +30,7 @@ state = [ "/etc/NetworkManager/system-connections" #NM stateful config files ]; + networking.networkmanager.dispatcherScripts = [ + { source = "${pkgs.prison-break}/bin/prison-break"; } + ]; } diff --git a/makefu/2configs/mail/mail.euer.nix b/makefu/2configs/mail/mail.euer.nix index f8f82e76b..d27b888a7 100644 --- a/makefu/2configs/mail/mail.euer.nix +++ b/makefu/2configs/mail/mail.euer.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { imports = [ - (builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.0/nixos-mailserver-v2.2.0.tar.gz") + (builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz") ]; mailserver = { @@ -32,8 +32,12 @@ }; services.dovecot2.extraConfig = '' - ssl_dh = </var/lib/dhparams/dovecot.pem + ssl_dh = </var/lib/dhparams/dovecot2.pem ''; + state = [ # https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/wikis/A-Complete-Backup-Guide + config.mailserver.mailDirectory + config.mailserver.dkimKeyDirectory + ]; # workaround for DH creation # security.dhparams = { # enable = true; diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix index c56521812..8b77df962 100644 --- a/makefu/2configs/mqtt.nix +++ b/makefu/2configs/mqtt.nix @@ -5,6 +5,9 @@ host = "0.0.0.0"; users = {}; # TODO: secure that shit + aclExtraConf = '' + pattern readwrite /# + ''; allowAnonymous = true; }; } diff --git a/makefu/2configs/nur.nix b/makefu/2configs/nur.nix index dda00063a..3cb4981e0 100644 --- a/makefu/2configs/nur.nix +++ b/makefu/2configs/nur.nix @@ -1,7 +1,7 @@ { pkgs, ... }:{ nixpkgs.config.packageOverrides = pkgs: { - nur = pkgs.callPackage (import (builtins.fetchGit { - url = "https://github.com/nix-community/NUR"; - })) {}; + nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { + inherit pkgs; + }; }; } diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 0889ebbc1..d297483b2 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -32,4 +32,5 @@ in { tcp 192.168.1.5 ''; #home printer SCX-3205W }; + state = [ "/var/lib/cups" ]; } diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix index c16629cc5..6ab9d3774 100644 --- a/makefu/2configs/stats/arafetch.nix +++ b/makefu/2configs/stats/arafetch.nix @@ -2,7 +2,7 @@ with import <stockholm/lib>; let pkg = with pkgs.python3Packages;buildPythonPackage rec { - rev = "762d747"; + rev = "775d0c2"; name = "arafetch-${rev}"; propagatedBuildInputs = [ requests @@ -13,7 +13,7 @@ let src = pkgs.fetchgit { url = "http://cgit.euer.krebsco.de/arafetch"; inherit rev; - sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws"; + sha256 = "0z35avn7vmbd1661ca1zkc9i4lwcm03kpwgiqxddpkp1yxhl548p"; }; }; home = "/var/lib/arafetch"; @@ -34,7 +34,7 @@ in { path = [ pkg pkgs.git pkgs.wget ]; serviceConfig = { User = "arafetch"; - Restart = "always"; + # Restart = "always"; WorkingDirectory = home; PrivateTmp = true; ExecStart = pkgs.writeDash "start-weekrun" '' diff --git a/makefu/2configs/task-client.nix b/makefu/2configs/task-client.nix index 470193d6c..1fdddb9b1 100644 --- a/makefu/2configs/task-client.nix +++ b/makefu/2configs/task-client.nix @@ -4,11 +4,4 @@ pkgs.taskwarrior ]; - environment.shellAliases = { - tshack = "task project:shack"; - twork = "task project:soc"; - tpki = "task project:pki"; - tkrebs = "task project:krebs"; - t = "task project: "; - }; } diff --git a/makefu/2configs/taskd.nix b/makefu/2configs/taskd.nix index 5ca3b9904..122ad66a7 100644 --- a/makefu/2configs/taskd.nix +++ b/makefu/2configs/taskd.nix @@ -1,5 +1,6 @@ {config, ... }: { + state = [ config.services.taskserver.dataDir ]; services.taskserver.enable = true; services.taskserver.fqdn = config.krebs.build.host.name; services.taskserver.listenHost = "::"; |