summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix6
-rw-r--r--krebs/3modules/lass/default.nix2
-rw-r--r--krebs/3modules/tv/default.nix9
-rw-r--r--krebs/5pkgs/simple/tarantool/default.nix21
-rw-r--r--krebs/5pkgs/writers.nix11
-rw-r--r--lass/2configs/mail.nix11
-rw-r--r--lass/2configs/websites/default.nix26
-rw-r--r--lass/2configs/websites/domsen.nix1
-rw-r--r--lass/2configs/websites/fritz.nix1
-rw-r--r--lass/2configs/websites/lassulus.nix1
-rw-r--r--lass/3modules/static_nginx.nix78
-rw-r--r--lib/default.nix4
-rw-r--r--lib/types.nix16
-rw-r--r--makefu/5pkgs/default.nix5
-rw-r--r--mv/1systems/stro.nix4
-rw-r--r--tv/1systems/alnus/config.nix6
-rw-r--r--tv/1systems/mu/config.nix33
-rw-r--r--tv/1systems/nomic/config.nix9
-rw-r--r--tv/1systems/test/source.nix3
-rw-r--r--tv/1systems/wu/config.nix112
-rw-r--r--tv/1systems/xu/config.nix23
-rw-r--r--tv/1systems/zu/config.nix127
-rw-r--r--tv/2configs/default.nix23
-rw-r--r--tv/2configs/nginx/public_html.nix1
-rw-r--r--tv/2configs/retiolum.nix3
-rw-r--r--tv/2configs/vim.nix4
-rw-r--r--tv/3modules/default.nix1
-rw-r--r--tv/3modules/x0vncserver.nix52
-rw-r--r--tv/5pkgs/simple/djbdns/default.nix20
29 files changed, 165 insertions, 448 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index b0ad2baf5..abb3d37eb 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -70,6 +70,12 @@ let
type = types.hostname;
default = "r";
};
+
+ sitemap = mkOption {
+ default = {};
+ type = types.attrsOf types.sitemap.entry;
+ };
+
zone-head-config = mkOption {
type = with types; attrsOf str;
description = ''
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 27009981b..4e50ef577 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -96,8 +96,8 @@ with import <stockholm/lib>;
ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab";
aliases = [
"prism.r"
- "build.prism.r"
"cache.prism.r"
+ "cgit.prism.r"
"paste.r"
"p.r"
];
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 60827d589..81db2d411 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -323,6 +323,7 @@ with import <stockholm/lib>;
aliases = [
"xu.r"
"cgit.xu.r"
+ "krebs.xu.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -374,6 +375,14 @@ with import <stockholm/lib>;
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
};
};
+ sitemap = {
+ "http://cgit.krebsco.de" = {
+ desc = "Git repositories";
+ };
+ "http://krebs.xu.r" = {
+ desc = "krebs-pages mirror";
+ };
+ };
users = {
dv = {
mail = "dv@alnus.r";
diff --git a/krebs/5pkgs/simple/tarantool/default.nix b/krebs/5pkgs/simple/tarantool/default.nix
deleted file mode 100644
index 9e22fd4f3..000000000
--- a/krebs/5pkgs/simple/tarantool/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ stdenv, fetchgit, cmake, ncurses, openssl, readline, ... }:
-
-stdenv.mkDerivation rec {
- name = "tarantool-1.7.1-164-g0fd0239";
- src = fetchgit {
- url = https://github.com/tarantool/tarantool;
- rev = builtins.elemAt (builtins.match ".*-g([0-9a-f]+)" name) 0;
- sha256 = "1jnaiizbl9j4a8vsihqx75iqa9bkh1kpwsyrgmim8ikiyzfw54dz";
- fetchSubmodules = true;
- };
- buildInputs = [
- cmake
- ncurses
- openssl
- readline
- ];
- preConfigure = ''
- echo ${(builtins.parseDrvName name).version} > VERSION
- sed -i 's/NAMES termcap/NAMES ncurses/' cmake/FindTermcap.cmake
- '';
-}
diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix
index f1626078e..850ee6f1a 100644
--- a/krebs/5pkgs/writers.nix
+++ b/krebs/5pkgs/writers.nix
@@ -29,10 +29,11 @@ with import <stockholm/lib>;
execveBin = name: cfg:
pkgs.execve name (cfg // { destination = "/bin/${name}"; });
- makeScriptWriter = interpreter: name: text:
+ makeScriptWriter = { interpreter, check ? null }: name: text:
assert (with types; either absolute-pathname filename).check name;
pkgs.writeOut (baseNameOf name) {
${optionalString (types.absolute-pathname.check name) name} = {
+ inherit check;
executable = true;
text = "#! ${interpreter}\n${text}";
};
@@ -69,7 +70,9 @@ with import <stockholm/lib>;
strip --strip-unneeded "$exe"
'';
- writeDash = pkgs.makeScriptWriter "${pkgs.dash}/bin/dash";
+ writeDash = pkgs.makeScriptWriter {
+ interpreter = "${pkgs.dash}/bin/dash";
+ };
writeDashBin = name:
assert types.filename.check name;
@@ -305,5 +308,7 @@ with import <stockholm/lib>;
};
};
- writeSed = pkgs.makeScriptWriter "${pkgs.gnused}/bin/sed -f";
+ writeSed = pkgs.makeScriptWriter {
+ interpreter = "${pkgs.gnused}/bin/sed -f";
+ };
}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index fe82fea59..a90890aab 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -15,6 +15,10 @@ let
${pkgs.msmtp}/bin/msmtp -C ${msmtprc} "$@"
'';
+ mailcap = pkgs.writeText "mailcap" ''
+ text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
+ '';
+
muttrc = pkgs.writeText "muttrc" ''
# gpg
source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
@@ -37,6 +41,9 @@ let
<display-message><enter-command> set crypt_verify_sig=\$my_crypt_verify_sig<enter>" \
'Verify PGP signature'
+ # read html mails
+ auto_view text/html
+ set mailcap_path = ${mailcap}
# notmuch
set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
@@ -59,7 +66,7 @@ let
recipent="$(echo $1 | sed 's/[^,]*<\([^>]*\)[^,]*/ \1/g')"
# output to mutt
# V
- echo "%4C %Z %?GI?%GI& ? %[%d/%b] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
+ echo "%4C %Z %?GI?%GI& ? %[%y-%m-%d] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
# args to mutt-index dash script
# V
''} %r |"
@@ -119,6 +126,8 @@ let
bind pager t noop
macro index t "<modify-labels>+TODO\n" # tag as Archived
+ # top index bar in email view
+ set pager_index_lines=7
# sidebar
set sidebar_width = 20
diff --git a/lass/2configs/websites/default.nix b/lass/2configs/websites/default.nix
new file mode 100644
index 000000000..1ffa105a7
--- /dev/null
+++ b/lass/2configs/websites/default.nix
@@ -0,0 +1,26 @@
+{ config, lib, ... }:
+
+with import <stockholm/lib>;
+
+{
+ services.nginx = {
+ recommendedGzipSettings = true;
+ recommendedOptimisation = true;
+ recommendedTlsSettings = true;
+
+ virtualHosts._http = {
+ default = true;
+ extraConfig = ''
+ return 404;
+ '';
+ };
+
+ virtualHosts.default = {
+ locations."= /etc/os-release".extraConfig = ''
+ default_type text/plain;
+ alias /etc/os-release;
+ '';
+ };
+ };
+}
+
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index b0e5375c7..10ff142f9 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -23,6 +23,7 @@ let
in {
imports = [
+ ./default.nix
./sqlBackup.nix
(servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
(servePage [
diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix
index 45927b102..aa57a9857 100644
--- a/lass/2configs/websites/fritz.nix
+++ b/lass/2configs/websites/fritz.nix
@@ -26,6 +26,7 @@ in {
services.nginx.enable = true;
imports = [
+ ./default.nix
./sqlBackup.nix
(serveWordpress [ "radical-dreamers.de" "www.radical-dreamers.de" ])
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 0771570ca..93b817c3b 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -8,6 +8,7 @@ let
in {
imports = [
+ ./default.nix
../git.nix
];
diff --git a/lass/3modules/static_nginx.nix b/lass/3modules/static_nginx.nix
deleted file mode 100644
index cd33a2cf1..000000000
--- a/lass/3modules/static_nginx.nix
+++ /dev/null
@@ -1,78 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-let
- cfg = config.lass.staticPage;
-
- out = {
- options.lass.staticPage = api;
- config = imp;
- };
-
- api = mkOption {
- type = with types; attrsOf (submodule ({ config, ... }: {
- options = {
- domain = mkOption {
- type = str;
- default = config._module.args.name;
- };
- folder = mkOption {
- type = str;
- default = "/srv/http/${config.domain}";
- };
- #sslEnable = mkEnableOption "ssl";
- #certificate = mkOption {
- # type = str;
- #};
- #certificate_key = mkOption {
- # type = str;
- #};
- #ciphers = mkOption {
- # type = str;
- # default = "AES128+EECDH:AES128+EDH";
- #};
- ssl = mkOption {
- type = with types; submodule ({
- options = {
- enable = mkEnableOption "ssl";
- certificate = mkOption {
- type = str;
- };
- certificate_key = mkOption {
- type = str;
- };
- };
- });
- default = {};
- };
- };
- }));
- default = {};
- };
-
- user = config.services.nginx.user;
- group = config.services.nginx.group;
-
- external-ip = config.krebs.build.host.nets.internet.ip4.addr;
-
- imp = {
- krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ssl, ... }: {
- server-names = [
- "${domain}"
- "www.${domain}"
- ];
- locations = [
- (nameValuePair "/" ''
- root ${folder};
- '')
- (nameValuePair "~ /\\." ''
- deny all;
- '')
- ];
- inherit ssl;
-
- });
- };
-
-in out
diff --git a/lib/default.nix b/lib/default.nix
index 4c54f60aa..e5e40975e 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -20,10 +20,6 @@ let
then lib.lpad n c (c + s)
else s;
- subdirsOf = path:
- lib.mapAttrs (name: _: path + "/${name}")
- (filterAttrs (_: eq "directory") (readDir path));
-
genAttrs' = names: f: listToAttrs (map f names);
getAttrs = names: set:
diff --git a/lib/types.nix b/lib/types.nix
index 236190ccd..8c6846887 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -5,7 +5,7 @@ let
all any concatMapStringsSep concatStringsSep const filter flip
genid hasSuffix head isInt isString length mergeOneOption mkOption
mkOptionType optional optionalAttrs optionals range splitString
- stringLength substring test typeOf;
+ stringLength substring test testString typeOf;
inherit (lib.types)
attrsOf bool either enum int listOf nullOr path str string submodule;
in
@@ -357,6 +357,20 @@ rec {
pgp-pubkey = str;
+ sitemap.entry = submodule ({ config, ... }: {
+ options = {
+ desc = mkOption {
+ default = null;
+ type = nullOr str;
+ };
+ href = mkOption {
+ ${if testString "https?://.*" config._module.args.name
+ then "default" else null} = config._module.args.name;
+ type = nullOr str; # TODO nullOr uri?
+ };
+ };
+ });
+
ssh-pubkey = str;
ssh-privkey = submodule {
options = {
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 99f8cf864..bb776ef25 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -15,6 +15,10 @@ self: super: let
override
else override;
+ subdirsOf = path:
+ mapAttrs (name: _: path + "/${name}")
+ (filterAttrs (_: eq "directory") (readDir path));
+
in {
alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
@@ -27,7 +31,6 @@ in {
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
};
};
-
}
// mapAttrs (_: flip callPackage {})
diff --git a/mv/1systems/stro.nix b/mv/1systems/stro.nix
index c8035b88e..bb37aedda 100644
--- a/mv/1systems/stro.nix
+++ b/mv/1systems/stro.nix
@@ -143,10 +143,6 @@ with import <stockholm/lib>;
};
};
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
security.sudo.extraConfig = ''
Defaults env_keep+="SSH_CLIENT"
Defaults mailto="${config.krebs.users.mv.mail}"
diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix
index dd9e594fc..71302d594 100644
--- a/tv/1systems/alnus/config.nix
+++ b/tv/1systems/alnus/config.nix
@@ -1,8 +1,6 @@
-{ config, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
imports = [
<stockholm/tv>
<stockholm/tv/2configs/hw/x220.nix>
@@ -81,8 +79,6 @@ with import <stockholm/lib>;
};
};
- swapDevices =[ ];
-
users.users.dv = {
inherit (config.krebs.users.dv) home uid;
isNormalUser = true;
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 4c6d16329..089481872 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -1,8 +1,6 @@
-{ config, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
imports = [
<stockholm/krebs>
<stockholm/tv/2configs>
@@ -14,15 +12,7 @@ with import <stockholm/lib>;
krebs.build.host = config.krebs.hosts.mu;
krebs.build.user = mkForce config.krebs.users.vv;
- services.udev.extraRules = ''
- SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0"
- SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0"
-
- # for jack
- KERNEL=="rtc0", GROUP="audio"
- KERNEL=="hpet", GROUP="audio"
- '';
-
+ tv.x0vncserver.enable = true;
# hardware configuration
boot.initrd.luks.devices = [
@@ -33,10 +23,6 @@ with import <stockholm/lib>;
boot.kernelModules = [ "fbcon" "kvm-intel" ];
boot.extraModulePackages = [ ];
- boot.extraModprobeConfig = ''
- options kvm_intel nested=1
- '';
-
fileSystems = {
"/" = {
device = "/dev/vgmu1/nixroot";
@@ -50,15 +36,8 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = [ "nosuid" "nodev" "noatime" ];
- };
};
- swapDevices =[ ];
-
nixpkgs.config.allowUnfree = true;
hardware.opengl.driSupport32Bit = true;
@@ -66,8 +45,8 @@ with import <stockholm/lib>;
hardware.enableRedistributableFirmware = true;
- boot.loader.gummiboot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
+ boot.loader.systemd-boot.enable = true;
networking.networkmanager.enable = true;
@@ -97,7 +76,6 @@ with import <stockholm/lib>;
programs.ssh.startAgent = false;
security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
slock.source = "${pkgs.slock}/bin/slock";
};
@@ -152,9 +130,4 @@ with import <stockholm/lib>;
"networkmanager"
];
};
-
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
}
diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix
index d0144986b..996a5e7ec 100644
--- a/tv/1systems/nomic/config.nix
+++ b/tv/1systems/nomic/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.nomic;
imports = [
@@ -50,11 +48,6 @@ with import <stockholm/lib>;
fsType = "btrfs";
};
- swapDevices = [ ];
-
- # TODO base
- boot.tmpOnTmpfs = true;
-
environment.systemPackages = with pkgs; [
(writeDashBin "play" ''
set -euf
diff --git a/tv/1systems/test/source.nix b/tv/1systems/test/source.nix
deleted file mode 100644
index f756b8586..000000000
--- a/tv/1systems/test/source.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-import <stockholm/tv/source.nix> {
- name = "test";
-}
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 1e28cc78a..79b5aa269 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.wu;
imports = [
@@ -17,91 +15,6 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/pulse.nix>
<stockholm/tv/2configs/retiolum.nix>
<stockholm/tv/2configs/xserver>
- {
- environment.systemPackages = with pkgs; [
- # root
- cryptsetup
-
- # tv
- bc
- bind # dig
- cac-api
- dic
- file
- get
- gnupg1compat
- haskellPackages.hledger
- jq
- mkpasswd
- netcat
- nix-repl
- nmap
- p7zip
- push
- qrencode
- tmux
-
- #ack
- #apache-httpd
- #ascii
- #emacs
- #es
- #esniper
- #gcc
- #gptfdisk
- #graphviz
- #haskellPackages.cabal2nix
- #haskellPackages.ghc
- #haskellPackages.shake
- #hdparm
- #i7z
- #iftop
- #imagemagick
- #inotifyTools
- #iodine
- #iotop
- #lshw
- #lsof
- #minicom
- #mtools
- #ncmpc
- #neovim
- #nethogs
- #nix-prefetch-scripts #cvs bug
- #openssl
- #openswan
- #parted
- #perl
- #powertop
- #ppp
- #proot
- #pythonPackages.arandr
- #pythonPackages.youtube-dl
- #racket
- #rxvt_unicode-with-plugins
- #scrot
- #sec
- #silver-searcher
- #sloccount
- #smartmontools
- #socat
- #sshpass
- #strongswan
- #sysdig
- #sysstat
- #tcpdump
- #tlsdate
- #unetbootin
- #utillinuxCurses
- #wvdial
- #xdotool
- #xkill
- #xl2tpd
- #xsel
-
- unison
- ];
- }
];
boot.initrd.luks = {
@@ -130,11 +43,6 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name;
@@ -143,24 +51,8 @@ with import <stockholm/lib>;
hardware.enableRedistributableFirmware= true;
hardware.opengl.driSupport32Bit = true;
- environment.systemPackages = with pkgs; [
- ethtool
- tinc_pre
- iptables
- #jack2
- ];
-
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
services.printing.enable = true;
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
-
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0"
SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0"
@@ -169,6 +61,4 @@ with import <stockholm/lib>;
KERNEL=="rtc0", GROUP="audio"
KERNEL=="hpet", GROUP="audio"
'';
-
- virtualisation.virtualbox.host.enable = true;
}
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 2bffdddb3..0abd544ce 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -1,8 +1,6 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.xu;
imports = [
@@ -13,6 +11,7 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/gitrepos.nix>
<stockholm/tv/2configs/mail-client.nix>
<stockholm/tv/2configs/man.nix>
+ <stockholm/tv/2configs/nginx/krebs-pages.nix>
<stockholm/tv/2configs/nginx/public_html.nix>
<stockholm/tv/2configs/pulse.nix>
<stockholm/tv/2configs/retiolum.nix>
@@ -136,11 +135,6 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
};
environment.systemPackages = with pkgs; [
@@ -152,23 +146,14 @@ with import <stockholm/lib>;
gptfdisk
];
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
- };
-
services.printing.enable = true;
- # see tmpfiles.d(5)
- systemd.tmpfiles.rules = [
- "d /tmp 1777 root root - -" # does this work with mounted /tmp?
- ];
-
#services.bitlbee.enable = true;
#services.tor.client.enable = true;
#services.tor.enable = true;
- #services.virtualboxHost.enable = true;
-
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09";
+
+ virtualisation.virtualbox.host.enable = true;
}
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index d2aab8c51..414d2f226 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -1,17 +1,9 @@
-{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
+{ config, pkgs, ... }: {
-{
krebs.build.host = config.krebs.hosts.zu;
imports = [
- {
- options.tv.test.sercret-file = mkOption {
- type = types.secret-file;
- default = {};
- };
- }
<stockholm/tv>
<stockholm/tv/2configs/hw/x220.nix>
<stockholm/tv/2configs/exim-retiolum.nix>
@@ -22,93 +14,6 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/pulse.nix>
<stockholm/tv/2configs/retiolum.nix>
<stockholm/tv/2configs/xserver>
- {
- environment.systemPackages = with pkgs; [
-
- # root
- cryptsetup
-
- # tv
- bc
- bind # dig
- cac-api
- dic
- file
- gnupg1compat
- haskellPackages.hledger
- jq
- mkpasswd
- netcat
- nix-repl
- nmap
- p7zip
- pass
- q
- qrencode
- # XXX fails at systemd.services.dbus.unitConfig
- #texlive
- tmux
-
- #ack
- #apache-httpd
- #ascii
- #emacs
- #es
- #esniper
- #gcc
- #gptfdisk
- #graphviz
- #haskellPackages.cabal2nix
- #haskellPackages.ghc
- #haskellPackages.shake
- #hdparm
- #i7z
- #iftop
- #imagemagick
- #inotifyTools
- #iodine
- #iotop
- #lshw
- #lsof
- #minicom
- #mtools
- #ncmpc
- #nethogs
- #nix-prefetch-scripts #cvs bug
- #openssl
- #openswan
- #parted
- #perl
- #powertop
- #ppp
- #proot
- #pythonPackages.arandr
- #pythonPackages.youtube-dl
- #racket
- #rxvt_unicode-with-plugins
- #scrot
- #sec
- #silver-searcher
- #sloccount
- #smartmontools
- #socat
- #sshpass
- #strongswan
- #sysdig
- #sysstat
- #tcpdump
- #tlsdate
- #unetbootin
- #utillinuxCurses
- #wvdial
- #xdotool
- #xkill
- #xl2tpd
- #xsel
-
- unison
- ];
- }
];
boot.initrd.luks = {
@@ -124,6 +29,11 @@ with import <stockholm/lib>;
fsType = "btrfs";
options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
+ "/bku" = {
+ device = "/dev/mapper/zuvga-bku";
+ fsType = "btrfs";
+ options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ };
"/home" = {
device = "/dev/mapper/zuvga-home";
fsType = "btrfs";
@@ -132,38 +42,13 @@ with import <stockholm/lib>;
"/boot" = {
device = "/dev/sda1";
};
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
- };
-
- environment.systemPackages = with pkgs; [
- ethtool
- tinc_pre
- iptables
- #jack2
-
- gptfdisk
- ];
-
- security.wrappers = {
- sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
};
services.printing.enable = true;
- # see tmpfiles.d(5)