diff options
35 files changed, 694 insertions, 45 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index ba1f425d9..65c1aa2ec 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -84,6 +84,7 @@ let imp = mkMerge [ { krebs = import ./lass { inherit lib; }; } { krebs = import ./makefu { inherit lib; }; } + { krebs = import ./miefda { inherit lib; }; } { krebs = import ./mv { inherit lib; }; } { krebs = import ./shared { inherit lib; }; } { krebs = import ./tv { inherit lib; }; } diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 26b0947bb..592ed475d 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -4,6 +4,38 @@ with lib; { hosts = addNames { + dishfire = { + cores = 4; + dc = "lass"; #dc = "cac"; + nets = rec { + internet = { + addrs4 = ["144.76.172.188"]; + aliases = [ + "dishfire.internet" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.133.99"]; + addrs6 = ["42:0000:0000:0000:0000:0000:d15f:1233"]; + aliases = [ + "dishfire.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwKi49fN+0s5Cze6JThM7f7lj4da27PSJ/3w3tDFPvtQco11ksNLs + Xd3qPaQIgmcNVCR06aexae3bBeTx9y3qHvKqZVE1nCtRlRyqy1LVKSj15J1D7yz7 + uS6u/BSZiCzmdZwu3Fq5qqoK0nfzWe/NKEDWNa5l4Mz/BZQyI/hbOpn6UfFD0LpK + R4jzc9Dbk/IFNAvwb5yrgEYtwBzlXzeDvHW2JcPq3qQjK2byQYNiIyV3g0GHppEd + vDbIPDFhTn3Hv5zz/lX+/We8izzRge7MEd+Vn9Jwb5NAzwDsOHl6ExpqASv9H49U + HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + #ssh.privkey.path = <secrets/ssh.id_ed25519>; + #ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK"; + }; echelon = { cores = 2; dc = "lass"; #dc = "cac"; diff --git a/krebs/3modules/miefda/default.nix b/krebs/3modules/miefda/default.nix new file mode 100644 index 000000000..8ecf898c5 --- /dev/null +++ b/krebs/3modules/miefda/default.nix @@ -0,0 +1,40 @@ +{ lib, ... }: + +with lib; + +{ + hosts = addNames { + bobby = { + cores = 4; + dc = "miefda"; + nets = { + retiolum = { + addrs4 = ["10.243.111.112"]; + addrs6 = ["42:0:0:0:0:0:111:112"]; + aliases = [ + "bobby.retiolum" + "cgit.bobby.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA+AScnIqFdzGl+iRZTNZ7r91n/r1H4GzDsrAupUvJ4mi7nDN4eP8s + uLvKtJp22RxfuF3Kf4KhHb8LHQ8bLLN/KDaNDXrCNBc69d7vvLsjoY+wfGLJNu4Y + Ad/8J4r3rdb83mTA3IHb47T/70MERPBr2gF84YiG6ZoQrPQuTk4lHxaI83SOhjny + 0F0ucS/rBV6Vv9y5/756TKi1cFPSpY4X+qeWc8xWrBGJcJiiqYb8ZX2o/lkAJ5c+ + jI/VdybGFVGY9+bp4Jw5xBIo5KGuFnm8+blRmSDDl3joRneKQSx9FAu7RUwoajBu + cEbi1529NReQzIFT6Vt22ymbHftxOiuh4QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + #ssh.privkey.path = <secrets/ssh.ed25519>; + #ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+7Qa51l0NSkBiaK2s8vQEoeObV3UPZyEzMxfUK/ZAO root@stro"; + }; + }; + users = addNames { + miefda = { + mail = "miefda@miefda.de"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCVdNCks6mrItKHYIwgW3s+NINFhHqZtLPj3l6TJUWd93ZSuuI6P+Z/0m0G9Z4tWWaXWsOCnzMA2WOKcitBbLcaQxVypJfvmfoA5CVlh4/nf8NfvbMFkVIYPehxR7YoejfKOxPOCNC3248RiD8kqa4/5IF8qdqE+mRQUIZJXvN0jZZ+rGnYo5Z544O9JqsV+VjjOgK0Fchpxf/lC8dnBucIce7gUwi5npwsGQZgSDmRobBRFVDZag1abLFNZN2faI8uqzSlU6KRRapYV266Of7j3kmDokMan4szjP1EexmTWm+arwRiz9p0M5oKs6zofez0mOyF5ux02NB3XIhbJc8CfMjeA7PmSg4ZhghjlSjIOR+1mMIDiDVi6PNLw5atzvpyfYtpf5sWpdIpXCS0lyzIgasqW4gbAiWoFPv5A0mw0QI6UqlxQ8Pdm6R7P6yQxyknrxnvFGMQPiqgl21ssSNA9A+YRd4j0nATntzOeD1bxTZkyU4FtW++0hg3Ph6HiHLfPd9w70wPr7b0RITVnBcN2ZqIO+5NIqQYU801FCNXsTuBh0ueTsVTGJYySUGkmkHyH5spLYdr1Z5w+4W+HgbxPk40pyZJ18S0umL49igxR9NsniucFy1/jqqi0TiDIsHx6vsawFT1F2rq9ZtGaRcJL6Yfz0p+uZC5rc/nI+mMlQ== miefda@nixos"; + }; + }; +} diff --git a/krebs/5pkgs/krebszones/default.nix b/krebs/5pkgs/krebszones/default.nix index f6fd672dc..9230192bd 100644 --- a/krebs/5pkgs/krebszones/default.nix +++ b/krebs/5pkgs/krebszones/default.nix @@ -1,5 +1,10 @@ { lib, pkgs,python3Packages,fetchurl, ... }: +# TODO: Prepare a diff of future and current +## ovh-zone export krebsco.de --config ~/secrets/krebs/cfg.json |sed 's/[ ]\+/ /g' | sort current +## sed 's/[ ]\+/ /g'/etc/zones/krebsco.de | sort > future +## diff future.sorted current.sorted + python3Packages.buildPythonPackage rec { name = "krebszones-${version}"; version = "0.4.4"; diff --git a/krebs/Zhosts/dishfire b/krebs/Zhosts/dishfire new file mode 100644 index 000000000..c4cf68b6b --- /dev/null +++ b/krebs/Zhosts/dishfire @@ -0,0 +1,12 @@ +Address = 144.76.172.188 +Subnet = 10.243.133.99 +Subnet = 42:0000:0000:0000:0000:0000:d15f:1233 + +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAwKi49fN+0s5Cze6JThM7f7lj4da27PSJ/3w3tDFPvtQco11ksNLs +Xd3qPaQIgmcNVCR06aexae3bBeTx9y3qHvKqZVE1nCtRlRyqy1LVKSj15J1D7yz7 +uS6u/BSZiCzmdZwu3Fq5qqoK0nfzWe/NKEDWNa5l4Mz/BZQyI/hbOpn6UfFD0LpK +R4jzc9Dbk/IFNAvwb5yrgEYtwBzlXzeDvHW2JcPq3qQjK2byQYNiIyV3g0GHppEd +vDbIPDFhTn3Hv5zz/lX+/We8izzRge7MEd+Vn9Jwb5NAzwDsOHl6ExpqASv9H49U +HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix new file mode 100644 index 000000000..a1288d578 --- /dev/null +++ b/lass/1systems/dishfire.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + <nixpkgs/nixos/modules/profiles/qemu-guest.nix> + ../2configs/base.nix + { + boot.loader.grub = { + device = "/dev/vda"; + splashImage = null; + }; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "ehci_pci" + "uhci_hcd" + "virtio_pci" + "virtio_blk" + ]; + + fileSystems."/" = { + device = "/dev/mapper/pool-nix"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; + } + { + networking.dhcpcd.allowInterfaces = [ + "enp*" + "eth*" + ]; + } + { + sound.enable = false; + } + ]; + + krebs.build.host = config.krebs.hosts.dishfire; +} diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 61f57f1f9..effaa576b 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -25,6 +25,7 @@ ../2configs/teamviewer.nix ../2configs/libvirt.nix ../2configs/fetchWallpaper.nix + ../2configs/buildbot-standalone.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index 1b008cbfd..d53e783d0 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -13,6 +13,7 @@ with builtins; ../2configs/retiolum.nix ../2configs/bitlbee.nix ../2configs/weechat.nix + ../2configs/skype.nix { users.extraUsers = { root = { diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 66e12b262..ab7cda7d3 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -50,7 +50,8 @@ with lib; source = { git.nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "93d8671e2c6d1d25f126ed30e5e6f16764330119"; + rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce"; + target-path = "/var/src/nixpkgs"; }; dir.secrets = { host = config.krebs.hosts.mors; @@ -176,4 +177,10 @@ with lib; noipv4ll ''; + #CVE-2016-0777 and CVE-2016-0778 workaround + #https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt + programs.ssh.extraConfig = '' + UseRoaming no + ''; + } diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 0596682df..ede1c7b7b 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -31,6 +31,7 @@ in { environment.systemPackages = with pkgs; [ + dmenu gitAndTools.qgit mpv much diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix new file mode 100644 index 000000000..4d02fb97a --- /dev/null +++ b/lass/2configs/buildbot-standalone.nix @@ -0,0 +1,78 @@ +{ lib, config, pkgs, ... }: +{ + #networking.firewall.allowedTCPPorts = [ 8010 9989 ]; + krebs.buildbot.master = { + slaves = { + testslave = "lasspass"; + }; + change_source.stockholm = '' + stockholm_repo = 'http://cgit.mors/stockholm' + cs.append(changes.GitPoller( + stockholm_repo, + workdir='stockholm-poller', branch='master', + project='stockholm', + pollinterval=120)) + ''; + scheduler = { + force-scheduler = '' + sched.append(schedulers.ForceScheduler( + name="force", + builderNames=["fast-tests"])) + ''; + fast-tests-scheduler = '' + # test the master real quick + sched.append(schedulers.SingleBranchScheduler( + change_filter=util.ChangeFilter(branch="master"), + name="fast-master-test", + builderNames=["fast-tests"])) + ''; + }; + builder_pre = '' + # prepare grab_repo step for stockholm + grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental') + + env = {"LOGNAME": "lass", "NIX_REMOTE": "daemon"} + + # prepare nix-shell + # the dependencies which are used by the test script + deps = [ "gnumake", "jq","nix","rsync" ] + # TODO: --pure , prepare ENV in nix-shell command: + # SSL_CERT_FILE,LOGNAME,NIX_REMOTE + nixshell = ["nix-shell", "-I", "stockholm=.", "-p" ] + deps + [ "--run" ] + + # prepare addShell function + def addShell(factory,**kwargs): + factory.addStep(steps.ShellCommand(**kwargs)) + ''; + builder = { + fast-tests = '' + f = util.BuildFactory() + f.addStep(grab_repo) + addShell(f,name="mors-eval",env=env, + command=nixshell + ["make -s eval get=krebs.deploy filter=json system=mors"]) + + bu.append(util.BuilderConfig(name="fast-tests", + slavenames=slavenames, + factory=f)) + ''; + }; + enable = true; + web.enable = true; + irc = { + enable = true; + nick = "lass-buildbot"; + server = "cd.retiolum"; + channels = [ "retiolum" ]; + allowForce = true; + }; + }; + + krebs.buildbot.slave = { + enable = true; + masterhost = "localhost"; + username = "testslave"; + password = "lasspass"; + packages = with pkgs;[ git nix ]; + extraEnviron = { NIX_PATH="nixpkgs=${toString <nixpkgs>}"; }; + }; +} diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 16ecaefec..10e54074c 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -74,7 +74,7 @@ let perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ optional repo.public { - user = [ tv makefu uriel ]; + user = [ tv makefu miefda uriel ]; repo = [ repo ]; perm = fetch; } ++ diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 1907424ec..ac7524506 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -21,7 +21,7 @@ in { ]; - + services.smartd.devices = [ { device = "/dev/sda";} ]; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; ###### stable @@ -32,6 +32,9 @@ in { ListenAddress = ${external-ip} 655 ListenAddress = ${external-ip} 21031 ''; + krebs.nginx.servers.cgit.server-names = [ + "cgit.euer.krebsco.de" + ]; # Chat environment.systemPackages = with pkgs;[ diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index e19205a95..552af4e4f 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -27,10 +27,21 @@ in { ../2configs/exim-retiolum.nix ../2configs/smart-monitor.nix ../2configs/mail-client.nix + ../2configs/share-user-sftp.nix + ../2configs/nginx/omo-share.nix ../3modules ]; + # services.openssh.allowSFTP = false; krebs.build.host = config.krebs.hosts.omo; + krebs.build.source.git.nixpkgs.rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce"; + + # copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/ + services.sabnzbd.enable = true; + systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + + # HDD Array stuff services.smartd.devices = builtins.map (x: { device = x; }) allDisks; + makefu.snapraid = let toMapper = id: "/media/crypt${builtins.toString id}"; in { @@ -38,7 +49,6 @@ in { disks = map toMapper [ 0 1 ]; parity = toMapper 2; }; - # AMD E350 fileSystems = let cryptMount = name: { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };}; @@ -56,6 +66,7 @@ in { ${pkgs.hdparm}/sbin/hdparm -B 127 ${disk} ${pkgs.hdparm}/sbin/hdparm -y ${disk} '') allDisks); + boot = { initrd.luks = { devices = let @@ -87,10 +98,14 @@ in { }; networking.firewall.allowedUDPPorts = [ 655 ]; + # 8080: sabnzbd + networking.firewall.allowedTCPPorts = [ 80 655 8080 ]; + hardware.enableAllFirmware = true; hardware.cpu.amd.updateMicrocode = true; - #zramSwap.enable = true; + zramSwap.enable = true; zramSwap.numDevices = 2; + } diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index 690e26b36..d7fa8edc5 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -35,12 +35,14 @@ # ../2configs/mediawiki.nix #../2configs/wordpress.nix ]; + hardware.sane.enable = true; + hardware.sane.extraBackends = [ pkgs.samsungUnifiedLinuxDriver ]; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; krebs.Reaktor = { - enable = true; + enable = false; nickname = "makefu|r"; plugins = with pkgs.ReaktorPlugins; [ nixos-version random-emoji ]; }; @@ -59,6 +61,7 @@ hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' ${builtins.readFile "${config.hardware.pulseaudio.package}/etc/pulse/default.pa"} load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI"''; + networking.firewall.enable = false; networking.firewall.allowedTCPPorts = [ 25 ]; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7593eaff7..ec1100582 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -13,7 +13,7 @@ with lib; ./vim.nix ]; - + nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { enable = true; search-domain = "retiolum"; @@ -65,7 +65,12 @@ with lib; time.timeZone = "Europe/Berlin"; #nix.maxJobs = 1; - programs.ssh.startAgent = false; + programs.ssh = { + startAgent = false; + extraConfig = '' + UseRoaming no + ''; + }; services.openssh.enable = true; nix.useChroot = true; diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index 047895ce6..ebc72a06e 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -24,5 +24,12 @@ with lib; services.tlp.enable = true; services.tlp.extraConfig = '' START_CHARGE_THRESH_BAT0=80 + + CPU_SCALING_GOVERNOR_ON_AC=performance + CPU_SCALING_GOVERNOR_ON_BAT=ondemand + CPU_MIN_PERF_ON_AC=0 + CPU_MAX_PERF_ON_AC=100 + CPU_MIN_PERF_ON_BAT=0 + CPU_MAX_PERF_ON_BAT=30 ''; } diff --git a/makefu/2configs/nginx/omo-share.nix b/makefu/2configs/nginx/omo-share.nix new file mode 100644 index 000000000..ce85e0442 --- /dev/null +++ b/makefu/2configs/nginx/omo-share.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + hostname = config.krebs.build.host.name; + # TODO local-ip from the nets config + local-ip = "192.168.1.11"; + # local-ip = head config.krebs.build.host.nets.retiolum.addrs4; +in { + krebs.nginx = { + enable = mkDefault true; + servers = { + omo-share = { + listen = [ "${local-ip}:80" ]; + locations = singleton (nameValuePair "/" '' + autoindex on; + root /media; + limit_rate_after 100m; + limit_rate 5m; + mp4_buffer_size 4M; + mp4_max_buffer_size 10M; + allow all; + access_log off; + keepalive_timeout 65; + keepalive_requests 200; + reset_timedout_connection on; + sendfile on; + tcp_nopush on; + gzip off; + ''); + }; + }; + }; +} diff --git a/makefu/2configs/share-user-sftp.nix b/makefu/2configs/share-user-sftp.nix new file mode 100644 index 000000000..2c93143ec --- /dev/null +++ b/makefu/2configs/share-user-sftp.nix @@ -0,0 +1,21 @@ +{ config, ... }: + +{ + users.users = { + share = { + uid = 9002; + home = "/var/empty"; + openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; + }; + }; + # we will use internal-sftp to make uncomplicated Chroot work + services.openssh.extraConfig = '' + Match User share + ChrootDirectory /media + ForceCommand internal-sftp + AllowTcpForwarding no + PermitTunnel no + X11Forwarding no + Match All + ''; +} diff --git a/makefu/2configs/smart-monitor.nix b/makefu/2configs/smart-monitor.nix index 9b0290a9b..daf3aad01 100644 --- a/makefu/2configs/smart-monitor.nix +++ b/makefu/2configs/smart-monitor.nix @@ -3,6 +3,7 @@ krebs.exim-retiolum.enable = lib.mkDefault true; services.smartd = { enable = true; + autodetect = false; notifications = { mail = { enable = true; @@ -12,8 +13,6 @@ # short daily, long weekly, check on boot defaults.monitored = "-a -o on -s (S/../.././02|L/../../7/04)"; - devices = lib.mkDefault [{ - device = "/dev/sda"; - }]; + devices = lib.mkDefault [ ]; }; } diff --git a/makefu/2configs/vim.nix b/makefu/2configs/vim.nix index 02a46d22a..227d73c81 100644 --- a/makefu/2configs/vim.nix +++ b/makefu/2configs/vim.nix @@ -122,7 +122,7 @@ in { vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" - "YouCompleteMe" + # "YouCompleteMe" "vim-better-whitespace" ]; } { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } ]; diff --git a/makefu/2configs/virtualization.nix b/makefu/2configs/virtualization.nix index b3f8c8284..b90467ab8 100644 --- a/makefu/2configs/virtualization.nix +++ b/makefu/2configs/virtualization.nix @@ -5,4 +5,5 @@ let in { virtualisation.libvirtd.enable = true; users.extraUsers.${mainUser.name}.extraGroups = [ "libvirtd" ]; + networking.firewall.checkReversePath = false; # TODO: unsolved issue in nixpkgs:#9067 [bug] } diff --git a/makefu/2configs/wwan.nix b/makefu/2configs/wwan.nix index 29a610ac6..1e76cd28a 100644 --- a/makefu/2configs/wwan.nix +++ b/makefu/2configs/wwan.nix @@ -1,33 +1,9 @@ -{ config, lib, pkgs, ... }: +_: -#usage: $ wvdial - -let - mainUser = config.krebs.build.user; -in { - environment.systemPackages = with pkgs;[ - wvdial - ]; - - environment.shellAliases = { - umts = "sudo wvdial netzclub"; +{ + imports = [ ../3modules ]; + makefu.umts = { + enable = true; + modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; }; - - # configure for NETZCLUB - environment.wvdial.dialerDefaults = '' - Phone = *99***1# - Dial Command = ATDT - Modem = /dev/ttyACM0 - Baud = 460800 - Init1 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0 - Init2 = ATZ - Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 - ISDN = 0 - Modem Type = Analog Modem - Username = netzclub - Password = netzclub - Stupid Mode = 1 - Idle Seconds = 0''; - - users.extraUsers.${mainUser.name}.extraGroups = [ "dialout" ]; } diff --git a/makefu/2configs/zsh-user.nix b/makefu/2configs/zsh-user.nix index 1b1762418..f79f258f3 100644 --- a/makefu/2configs/zsh-user.nix +++ b/makefu/2configs/zsh-user.nix @@ -19,8 +19,7 @@ in bindkey -e # shift-tab bindkey '^[[Z' reverse-menu-complete - - autoload -U compinit && compinit + bindkey "\e[3~" delete-char zstyle ':completion:*' menu select # load gpg-agent diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 218c9138e..f007a8418 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -3,6 +3,7 @@ _: { imports = [ ./snapraid.nix + ./umts.nix ]; } diff --git a/makefu/3modules/umts.nix b/makefu/3modules/umts.nix new file mode 100644 index 000000000..d7be45f62 --- /dev/null +++ b/makefu/3modules/umts.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + # TODO: currently it is only netzclub + umts-bin = pkgs.writeScriptBin "umts" '' + #!/bin/sh + set -euf + systemctl start umts + trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT + echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf + journalctl -xfu umts + ''; + + wvdial-defaults = '' + Phone = *99***1# + Dial Command = ATDT + Modem = ${cfg.modem-device} + Baud = 460800 + Init1 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0 + Init2 = ATZ + Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 + ISDN = 0 + Modem Type = Analog Modem + Username = netzclub + Password = netzclub + Stupid Mode = 1 + Idle Seconds = 0''; + + cfg = config.makefu.umts; + + out = { + options.makefu.umts = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "umts"; + + modem-device = mkOption { + default = "/dev/ttyUSB0"; + type = types.str; + description = '' + path to modem device, use <filename>/dev/serial/by-id/...</filename> + to avoid race conditions. + ''; + }; + }; + + imp = { + environment.shellAliases = { + umts = "sudo ${umts-bin}/bin/umts"; + }; + environment.systemPackages = [ ]; + + environment.wvdial.dialerDefaults = wvdial-defaults; + + systemd.targets.network-umts = { + description = "System is running on UMTS"; + unitConfig.StopWhenUnneeded = true; + }; + + systemd.services.umts = { + description |