summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-01-09 19:06:50 +0100
committertv <tv@krebsco.de>2018-01-09 19:06:50 +0100
commit8ff5c5e992ebafeca5edb2b22a0ab700edc715a5 (patch)
treee141f28bca4e5494669282d41c1c8dbbc96b4ce8 /makefu
parentfb0bbec70ae1a0dd4fdc3c9bc9ed47f2a8573fd9 (diff)
parent5ef3a2c6caa2f018c2adf795de992e0487dd2413 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/filepimp/config.nix5
-rw-r--r--makefu/1systems/gum/config.nix27
-rw-r--r--makefu/1systems/omo/config.nix5
-rw-r--r--makefu/1systems/vbob/config.nix26
-rw-r--r--makefu/2configs/default.nix3
-rw-r--r--makefu/2configs/tools/all.nix1
-rw-r--r--makefu/2configs/tools/consoles.nix9
-rw-r--r--makefu/2configs/tools/dev.nix3
-rw-r--r--makefu/2configs/tools/mobility.nix2
-rw-r--r--makefu/5pkgs/bin2iso/default.nix28
-rw-r--r--makefu/5pkgs/cue2pops/default.nix24
-rw-r--r--makefu/5pkgs/gen-oath-safe/default.nix5
-rw-r--r--makefu/5pkgs/hdl-dump/default.nix33
-rw-r--r--makefu/5pkgs/opl-utils/default.nix27
-rw-r--r--makefu/source.nix3
15 files changed, 188 insertions, 13 deletions
diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix
index e9058ec85..30ba61a9b 100644
--- a/makefu/1systems/filepimp/config.nix
+++ b/makefu/1systems/filepimp/config.nix
@@ -71,7 +71,10 @@ in {
'') allDisks);
fileSystems = let
xfsmount = name: dev:
- { "/media/${name}" = { device = dev; fsType = "xfs"; }; };
+ { "/media/${name}" = {
+ device = dev; fsType = "xfs";
+ options = [ "nofail" ];
+ }; };
in
# (xfsmount "j0" (part1 jDisk0)) //
(xfsmount "j1" (part1 jDisk1)) //
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 1fe0b62f9..6e5f3c2d4 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -108,16 +108,35 @@ in {
# };
#}
{ # wireguard server
- networking.firewall.allowedUDPPorts = [ 51820 ];
+
+ # TODO: networking.nat
+
+ # boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
+ # conf.all.proxy_arp =1
+ networking.firewall = {
+ allowedUDPPorts = [ 51820 ];
+ extraCommands = ''
+ iptables -t nat -A POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE
+ '';
+ };
+
networking.wireguard.interfaces.wg0 = {
ips = [ "10.244.0.1/24" ];
+ listenPort = 51820;
privateKeyFile = (toString <secrets>) + "/wireguard.key";
allowedIPsAsRoutes = true;
- peers = [{
- # allowedIPs = [ "0.0.0.0/0" "::/0" ];
+ peers = [
+ {
+ # x
allowedIPs = [ "10.244.0.2/32" ];
publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=";
- }];
+ }
+ {
+ # vbob
+ allowedIPs = [ "10.244.0.3/32" ];
+ publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
+ }
+ ];
};
}
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index aaecebadc..ce3ffbcf3 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -143,7 +143,10 @@ in {
];
fileSystems = let
cryptMount = name:
- { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };};
+ { "/media/${name}" = {
+ device = "/dev/mapper/${name}"; fsType = "xfs";
+ options = [ "nofail" ];
+ };};
in cryptMount "crypt0"
// cryptMount "crypt1"
// cryptMount "crypt2"
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index f318c0e61..ffd9deaee 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -7,7 +7,8 @@
<stockholm/makefu>
{
imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
- boot.loader.grub.device = "/dev/vda";
+ boot.loader.grub.device = "/dev/sda";
+ virtualisation.virtualbox.guest.enable = true;
}
# {
# imports = [
@@ -49,6 +50,27 @@
# environment
<stockholm/makefu/2configs/tinc/retiolum.nix>
+ (let
+ gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr;
+ gateway = "10.0.2.2";
+ in {
+ # make sure the route to gum gets added after the network is online
+ systemd.services.wireguard-wg0.after = [ "network-online.target" ];
+ networking.wireguard.interfaces.wg0 = {
+ ips = [ "10.244.0.3/24" ];
+ privateKeyFile = (toString <secrets>) + "/wireguard.key";
+ # explicit route via eth0 to gum
+ preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"];
+ peers = [
+ { # gum
+ endpoint = "${gum-ip}:51820";
+ allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ];
+ publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
+ persistentKeepalive = 25;
+ }
+ ];
+ };
+ })
];
networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
@@ -90,5 +112,5 @@
8010
];
-
+ systemd.services."serial-getty@ttyS0".enable = true;
}
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 25f9f63bf..0a89d2023 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -11,6 +11,9 @@ with import <stockholm/lib>;
./vim.nix
./binary-cache/nixos.nix
];
+
+ boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
+
programs.command-not-found.enable = false;
nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
krebs = {
diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix
index 1ac22e34c..2bb438f16 100644
--- a/makefu/2configs/tools/all.nix
+++ b/makefu/2configs/tools/all.nix
@@ -1,6 +1,7 @@
{
imports = [
./android-pentest.nix
+ ./consoles.nix
./core.nix
./core-gui.nix
./dev.nix
diff --git a/makefu/2configs/tools/consoles.nix b/makefu/2configs/tools/consoles.nix
new file mode 100644
index 000000000..7090804d4
--- /dev/null
+++ b/makefu/2configs/tools/consoles.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+{
+ users.users.makefu.packages = with pkgs; [
+ opl-utils
+ hdl-dump
+ bin2iso
+ cue2pops
+ ];
+}
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 04a65df26..b652241bd 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -21,6 +21,9 @@
gen-oath-safe
cdrtools
stockholm
+ # nix related
+ nix-repl
+ nix-index
# git-related
tig
];
diff --git a/makefu/2configs/tools/mobility.nix b/makefu/2configs/tools/mobility.nix
index 1993a5212..f2676f11c 100644
--- a/makefu/2configs/tools/mobility.nix
+++ b/makefu/2configs/tools/mobility.nix
@@ -5,5 +5,5 @@
mosh
];
- boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
+ # boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
}
diff --git a/makefu/5pkgs/bin2iso/default.nix b/makefu/5pkgs/bin2iso/default.nix
new file mode 100644
index 000000000..31d05fab3
--- /dev/null
+++ b/makefu/5pkgs/bin2iso/default.nix
@@ -0,0 +1,28 @@
+{ stdenv, lib, pkgs, fetchurl }:
+stdenv.mkDerivation rec {
+ pname = "bin2iso";
+ version = "1.9b";
+ _dlver = builtins.replaceStrings ["."] [""] version;
+ name = "${pname}-${version}";
+
+ src = fetchurl {
+ url = "http://users.eastlink.ca/~doiron/${pname}/linux/${pname}${_dlver}_linux.c";
+ sha256 = "0gg4hbzlm83nnbccy79dnxbwpn7lxl3fb87ka36mlclikvknm2hy";
+ };
+
+ unpackPhase = "true";
+
+ buildPhase =''
+ gcc -Wall -o $pname $src
+ '';
+
+ installPhase = ''
+ install -Dm755 $pname $out/bin/$pname
+ '';
+
+ meta = {
+ homepage = http://users.eastlink.ca/~doiron/bin2iso/ ;
+ description = "converts bin+cue to iso";
+ license = lib.licenses.gpl3;
+ };
+}
diff --git a/makefu/5pkgs/cue2pops/default.nix b/makefu/5pkgs/cue2pops/default.nix
new file mode 100644
index 000000000..218ae8307
--- /dev/null
+++ b/makefu/5pkgs/cue2pops/default.nix
@@ -0,0 +1,24 @@
+{ stdenv, lib, pkgs, fetchFromGitHub }:
+
+stdenv.mkDerivation rec {
+ pname = "cue2pops";
+ version = "2";
+ name = "${pname}-${version}";
+
+ src = fetchFromGitHub {
+ owner = "makefu";
+ repo = "cue2pops-linux";
+ rev = "541863a";
+ sha256 = "05w84726g3k33rz0wwb9v77g7xh4cnhy9sxlpilf775nli9bynrk";
+ };
+
+ installPhase = ''
+ install -Dm755 $pname $out/bin/$pname
+ '';
+
+ meta = {
+ homepage = http://users.eastlink.ca/~doiron/bin2iso/ ;
+ description = "converts bin+cue to iso";
+ license = lib.licenses.gpl3;
+ };
+}
diff --git a/makefu/5pkgs/gen-oath-safe/default.nix b/makefu/5pkgs/gen-oath-safe/default.nix
index 344dc1a02..bad4b08a8 100644
--- a/makefu/5pkgs/gen-oath-safe/default.nix
+++ b/makefu/5pkgs/gen-oath-safe/default.nix
@@ -1,7 +1,6 @@
{ coreutils, makeWrapper, openssl, libcaca, qrencode, fetchFromGitHub, yubikey-manager, python, stdenv, ... }:
-builtins.trace "Warning: HTOP mode of gen-oath-safe is currently broken"
- stdenv.mkDerivation {
+stdenv.mkDerivation {
name = "gen-oath-safe-2017-06-30";
src = fetchFromGitHub {
owner = "mcepl";
@@ -24,7 +23,7 @@ builtins.trace "Warning: HTOP mode of gen-oath-safe is currently broken"
coreutils
openssl
qrencode
- #yubikey-manager
+ yubikey-manager
libcaca
python
];
diff --git a/makefu/5pkgs/hdl-dump/default.nix b/makefu/5pkgs/hdl-dump/default.nix
new file mode 100644
index 000000000..bd454223a
--- /dev/null
+++ b/makefu/5pkgs/hdl-dump/default.nix
@@ -0,0 +1,33 @@
+{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }:
+stdenv.mkDerivation rec {
+ pname = "hdl-dump";
+ version = "75df8d7";
+ name = "${pname}-${version}";
+
+ src = fetchFromGitHub {
+ owner = "AKuHAK";
+ repo = "hdl-dump";
+ rev = version;
+ sha256 = "10jjr6p5yn0c182x17m7q68jmf8gizcny7wjxw7z5yh0fv5s48z4";
+ };
+
+ buildInputs = [ upx wine ];
+
+ makeFlags = [ "RELEASE=yes" ];
+
+ # uses wine, currently broken
+ #postBuild = ''
+ # make -C gui
+ #'';
+
+ installPhase = ''
+ mkdir -p $out/bin
+ cp hdl_dump $out/bin
+ '';
+
+ meta = {
+ homepage = https://github.com/AKuHAK/hdl-dump ;
+ description = "copy isos to psx hdd";
+ license = lib.licenses.gpl2;
+ };
+}
diff --git a/makefu/5pkgs/opl-utils/default.nix b/makefu/5pkgs/opl-utils/default.nix
new file mode 100644
index 000000000..f4430f333
--- /dev/null
+++ b/makefu/5pkgs/opl-utils/default.nix
@@ -0,0 +1,27 @@
+{ stdenv, lib, pkgs, fetchFromGitHub }:
+stdenv.mkDerivation rec {
+ pname = "opl-utils";
+ version = "881c0d2";
+ name = "${pname}-${version}";
+
+ src = fetchFromGitHub {
+ owner = "ifcaro";
+ repo = "open-ps2-loader";
+ rev = version;
+ sha256 = "1c2hgbyp5hymyq60mrk7g0m3gi00wqx165pdwwwb740q0qig07d1";
+ };
+
+
+ preBuild = "cd pc/";
+
+ installPhase = ''
+ mkdir -p $out/bin
+ cp */bin/* $out/bin
+ '';
+
+ meta = {
+ homepage = https://github.com/ifcaro/Open-PS2-Loader;
+ description = "open-ps2-loader utils (opl2iso,iso2opl,genvmc)";
+ license = lib.licenses.afl3;
+ };
+}
diff --git a/makefu/source.nix b/makefu/source.nix
index fde1d9680..c22c82f32 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -13,8 +13,9 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
- ref = "3874de4"; # unstable @ 2017-12-08
+ ref = "0f19bee"; # nixos-17.09 @ 2018-01-05
# + do_sqlite3 ruby: 55a952be5b5
+ # + signal: 0f19beef3
in
evalSource (toString _file) [