summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-05-09 11:07:27 +0200
committertv <tv@krebsco.de>2018-05-09 11:07:27 +0200
commit3f3c12dcd06ba211a484aabf011880a83e5832fd (patch)
treee713b5f6e9084c3ff5cf185a1aafc12437822ea8 /makefu
parentedafe24e94252e2be936a760ce47485c8e4fa0af (diff)
parentaf75b96fbe412527c4bf9129de850bcab3e7c7cb (diff)
Merge remote-tracking branch 'prism/master' (despite bad style)
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/gum/config.nix1
-rw-r--r--makefu/1systems/gum/source.nix1
-rw-r--r--makefu/1systems/omo/config.nix5
-rw-r--r--makefu/1systems/wbob/config.nix3
-rw-r--r--makefu/2configs/hw/network-manager.nix3
-rw-r--r--makefu/2configs/nginx/euer.mon.nix26
-rw-r--r--makefu/2configs/tools/core-gui.nix4
-rw-r--r--makefu/source.nix51
8 files changed, 71 insertions, 23 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 578e4add8..9b6d9d571 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -62,6 +62,7 @@ in {
## Web
<stockholm/makefu/2configs/nginx/share-download.nix>
<stockholm/makefu/2configs/nginx/euer.test.nix>
+ <stockholm/makefu/2configs/nginx/euer.mon.nix>
<stockholm/makefu/2configs/nginx/euer.wiki.nix>
<stockholm/makefu/2configs/nginx/euer.blog.nix>
# <stockholm/makefu/2configs/nginx/gum.krebsco.de.nix>
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
index b3ce743ca..e3ca472e4 100644
--- a/makefu/1systems/gum/source.nix
+++ b/makefu/1systems/gum/source.nix
@@ -1,4 +1,5 @@
import <stockholm/makefu/source.nix> {
name="gum";
torrent = true;
+ clever_kexec = true;
}
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index bed6ae9fd..a85d5f5ce 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -50,6 +50,7 @@ in {
<stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/mail-client.nix>
<stockholm/makefu/2configs/mosh.nix>
+ <stockholm/makefu/2configs/tools/mobility.nix>
# <stockholm/makefu/2configs/disable_v6.nix>
#<stockholm/makefu/2configs/graphite-standalone.nix>
#<stockholm/makefu/2configs/share-user-sftp.nix>
@@ -85,7 +86,7 @@ in {
<stockholm/makefu/2configs/sshd-totp.nix>
# <stockholm/makefu/2configs/logging/central-logging-client.nix>
- # <stockholm/makefu/2configs/torrent.nix>
+ <stockholm/makefu/2configs/torrent.nix>
# <stockholm/makefu/2configs/elchos/search.nix>
# <stockholm/makefu/2configs/elchos/log.nix>
@@ -100,7 +101,7 @@ in {
makefu.full-populate = true;
makefu.server.primary-itf = primaryInterface;
krebs.rtorrent = {
- downloadDir = lib.mkForce "/media/crypt0/torrent";
+ downloadDir = lib.mkForce "/media/cryptX/torrent";
extraConfig = ''
upload_rate = 200
'';
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 42f3bddb1..3cf3274f9 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -52,9 +52,10 @@ in {
db = "collectd_db";
logging-interface = "enp0s25";
in {
+ networking.firewall.allowedTCPPorts = [ 3000 ];
+
services.grafana.enable = true;
services.grafana.addr = "0.0.0.0";
-
services.influxdb.enable = true;
services.influxdb.extraConfig = {
meta.hostname = config.krebs.build.host.name;
diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix
index 7e29849b1..d322c683d 100644
--- a/makefu/2configs/hw/network-manager.nix
+++ b/makefu/2configs/hw/network-manager.nix
@@ -11,9 +11,8 @@
systemd.services.modemmanager = {
description = "ModemManager";
- after = [ "network-manager.service" ];
bindsTo = [ "network-manager.service" ];
- wantedBy = [ "network-manager.service" ];
+ wantedBy = [ "network-manager.service" "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
PrivateTmp = true;
diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix
new file mode 100644
index 000000000..c5a7e68af
--- /dev/null
+++ b/makefu/2configs/nginx/euer.mon.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ hostname = config.krebs.build.host.name;
+ user = config.services.nginx.user;
+ group = config.services.nginx.group;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
+in {
+ services.nginx = {
+ enable = mkDefault true;
+ virtualHosts."mon.euer.krebsco.de" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ proxyPass = "http://wbob.r:3000/";
+ extraConfig = ''
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ '';
+ };
+ };
+ };
+}
diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix
index 2f80b08c9..898bae10d 100644
--- a/makefu/2configs/tools/core-gui.nix
+++ b/makefu/2configs/tools/core-gui.nix
@@ -1,10 +1,6 @@
{ pkgs, ... }:
{
- nixpkgs.config.firefox = {
- enableAdobeFlash = true;
- };
-
krebs.per-user.makefu.packages = with pkgs; [
chromium
clipit
diff --git a/makefu/source.nix b/makefu/source.nix
index bcdb66a66..40aeac8b6 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -1,14 +1,16 @@
with import <stockholm/lib>;
host@{ name,
override ? {}
-, secure ? false
-, full ? false
-, torrent ? false
-, hw ? false
-, musnix ? false
-, python ? false
-, unstable ? false #unstable channel checked out
-, mic92 ? false
+, secure ? false
+, full ? false
+, torrent ? false
+, hw ? false
+, musnix ? false
+, python ? false
+, unstable ? false #unstable channel checked out
+, mic92 ? false
+, nms ? false
+, clever_kexec ?false
}:
let
builder = if getEnv "dummy_secrets" == "true"
@@ -42,11 +44,15 @@ in
file = "/home/makefu/store/${ref}";
};
- secrets.file = getAttr builder {
- buildbot = toString <stockholm/makefu/6tests/data/secrets>;
- makefu = "/home/makefu/secrets/${name}";
+ secrets = getAttr builder {
+ buildbot.file = toString <stockholm/makefu/6tests/data/secrets>;
+ makefu.pass = {
+ inherit name;
+ dir = "${getEnv "HOME"}/.secrets-pass";
+ };
};
+
stockholm.file = toString <stockholm>;
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
}
@@ -72,9 +78,12 @@ in
})
(mkIf ( torrent ) {
- torrent-secrets.file = getAttr builder {
- buildbot = toString <stockholm/makefu/6tests/data/secrets>;
- makefu = "/home/makefu/secrets/torrent" ;
+ torrent-secrets = getAttr builder {
+ buildbot.file = toString <stockholm/makefu/6tests/data/secrets>;
+ makefu.pass = {
+ name = "torrent";
+ dir = "${getEnv "HOME"}/.secrets-pass";
+ };
};
})
@@ -92,5 +101,19 @@ in
};
})
+ (mkIf ( nms ) {
+ nms.git = {
+ url = https://github.com/r-raymond/nixos-mailserver;
+ ref = "v2.1.2";
+ };
+ })
+
+ (mkIf ( clever_kexec ) {
+ clever_kexec.git = {
+ url = https://github.com/cleverca22/nix-tests;
+ ref = "5a670de7f2decfaafc95c34ffeb0f1896662f3d7";
+ };
+ })
+
override
]