summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/2configs/ircd.nix6
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/external/default.nix4
-rw-r--r--krebs/3modules/external/mic92.nix108
-rw-r--r--krebs/3modules/fetchWallpaper.nix2
-rw-r--r--krebs/3modules/git.nix6
-rw-r--r--krebs/3modules/krebs/default.nix2
-rw-r--r--krebs/3modules/lass/default.nix99
-rw-r--r--krebs/3modules/solanum.nix104
-rw-r--r--krebs/3modules/sync-containers.nix2
-rw-r--r--krebs/3modules/tinc.nix5
-rw-r--r--krebs/5pkgs/default.nix31
-rw-r--r--krebs/5pkgs/haskell/X11-aeson.nix4
-rw-r--r--krebs/5pkgs/haskell/blessings.nix7
-rw-r--r--krebs/5pkgs/haskell/brockman/default.nix4
-rw-r--r--krebs/5pkgs/haskell/default.nix5
-rw-r--r--krebs/5pkgs/haskell/email-header.nix10
-rw-r--r--krebs/5pkgs/haskell/hack.nix5
-rw-r--r--krebs/5pkgs/haskell/kirk.nix7
-rw-r--r--krebs/5pkgs/haskell/much.nix8
-rw-r--r--krebs/5pkgs/haskell/news.nix4
-rw-r--r--krebs/5pkgs/haskell/reaktor2/default.nix4
-rw-r--r--krebs/5pkgs/haskell/recht.nix4
-rw-r--r--krebs/5pkgs/haskell/scanner.nix4
-rw-r--r--krebs/5pkgs/haskell/xmonad-aeson.nix4
-rw-r--r--krebs/5pkgs/haskell/xmonad-stockholm.nix4
-rw-r--r--krebs/5pkgs/override/default.nix1
-rw-r--r--krebs/5pkgs/simple/bling/default.nix5
-rw-r--r--krebs/5pkgs/simple/buildbot-classic/sqlparse.nix4
-rw-r--r--krebs/5pkgs/simple/cgit-clear-cache.nix6
-rw-r--r--krebs/5pkgs/simple/default.nix14
-rw-r--r--krebs/5pkgs/simple/eximlog.nix4
-rw-r--r--krebs/5pkgs/simple/flameshot-once/default.nix4
-rw-r--r--krebs/5pkgs/simple/flameshot-once/profile.nix2
-rw-r--r--krebs/5pkgs/simple/fzfmenu/default.nix4
-rw-r--r--krebs/5pkgs/simple/git-hooks/default.nix4
-rw-r--r--krebs/5pkgs/simple/htgen-cyberlocker/default.nix5
-rw-r--r--krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker14
-rw-r--r--krebs/5pkgs/simple/htgen-imgur/default.nix7
-rw-r--r--krebs/5pkgs/simple/irc-announce/default.nix74
-rw-r--r--krebs/5pkgs/simple/ircaids/default.nix32
-rw-r--r--krebs/5pkgs/simple/logf/default.nix2
-rw-r--r--krebs/5pkgs/simple/netcup/default.nix5
-rw-r--r--krebs/5pkgs/simple/nomads-cloud/default.nix8
-rw-r--r--krebs/5pkgs/simple/reaktor2-plugins.nix4
-rw-r--r--krebs/5pkgs/simple/urix.nix5
-rw-r--r--krebs/5pkgs/simple/withGetopt.nix4
-rw-r--r--krebs/5pkgs/test/default.nix2
-rw-r--r--krebs/default.nix2
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
-rw-r--r--lass/1systems/blue/source.nix2
-rw-r--r--lass/1systems/coaxmetal/config.nix2
-rw-r--r--lass/1systems/coaxmetal/source.nix21
-rw-r--r--lass/1systems/echelon/config.nix3
-rw-r--r--lass/1systems/green/config.nix9
-rw-r--r--lass/1systems/green/source.nix5
-rw-r--r--lass/1systems/morpheus/config.nix29
-rw-r--r--lass/1systems/morpheus/physical.nix44
-rw-r--r--lass/1systems/mors/source.nix21
-rw-r--r--lass/1systems/prism/config.nix11
-rw-r--r--lass/1systems/prism/physical.nix6
-rw-r--r--lass/1systems/red/config.nix28
-rw-r--r--lass/1systems/red/physical.nix7
-rw-r--r--lass/1systems/uriel/config.nix47
-rw-r--r--lass/1systems/uriel/physical.nix59
-rw-r--r--lass/2configs/IM.nix2
-rw-r--r--lass/2configs/baseX.nix5
-rw-r--r--lass/2configs/bepasty.nix44
-rw-r--r--lass/2configs/binary-cache/server.nix7
-rw-r--r--lass/2configs/blue.nix40
-rw-r--r--lass/2configs/codimd.nix45
-rw-r--r--lass/2configs/default.nix24
-rw-r--r--lass/2configs/exim-smarthost.nix4
-rw-r--r--lass/2configs/fetchWallpaper.nix2
-rw-r--r--lass/2configs/gc.nix2
-rw-r--r--lass/2configs/git-brain.nix57
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/green-host.nix10
-rw-r--r--lass/2configs/hw/x220.nix6
-rw-r--r--lass/2configs/mpv.nix7
-rw-r--r--lass/2configs/muchsync.nix1
-rw-r--r--lass/2configs/murmur.nix13
-rw-r--r--lass/2configs/pass.nix8
-rw-r--r--lass/2configs/pipewire.nix2
-rw-r--r--lass/2configs/prism-mounts/samba.nix15
-rw-r--r--lass/2configs/programs.nix14
-rw-r--r--lass/2configs/radio.nix85
-rw-r--r--lass/2configs/reaktor-coders.nix37
-rw-r--r--lass/2configs/steam.nix2
-rw-r--r--lass/2configs/sync/sync.nix2
-rw-r--r--lass/2configs/tmux.nix46
-rw-r--r--lass/2configs/ts3.nix19
-rw-r--r--lass/2configs/vim.nix15
-rw-r--r--lass/2configs/websites/default.nix7
-rw-r--r--lass/2configs/websites/domsen.nix19
-rw-r--r--lass/2configs/websites/lassulus.nix1
-rw-r--r--lass/2configs/zsh.nix7
-rw-r--r--lass/3modules/klem.nix2
-rw-r--r--lass/5pkgs/sshify/default.nix1
-rw-r--r--lass/krops.nix20
m---------submodules/krops0
-rw-r--r--tv/2configs/elm-packages-proxy.nix107
-rw-r--r--tv/2configs/gitrepos.nix3
-rw-r--r--tv/5pkgs/haskell/mailaids.nix4
-rw-r--r--tv/5pkgs/haskell/th-env/default.nix4
106 files changed, 815 insertions, 842 deletions
diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix
index d26aa5962..904878731 100644
--- a/krebs/2configs/ircd.nix
+++ b/krebs/2configs/ircd.nix
@@ -1,13 +1,13 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
{
networking.firewall.allowedTCPPorts = [
6667 6669
];
- systemd.services.solanum.serviceConfig.LimitNOFILE = 16384;
+ systemd.services.solanum.serviceConfig.LimitNOFILE = lib.mkForce 16384;
- krebs.solanum = {
+ services.solanum = {
enable = true;
motd = ''
hello
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 149995a23..24b17487b 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -50,7 +50,6 @@ let
./secret.nix
./setuid.nix
./shadow.nix
- ./solanum.nix
./sync-containers.nix
./tinc.nix
./tinc_graphs.nix
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index eff2967e0..28d58b525 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -150,6 +150,7 @@ in {
"makanek.r"
"makanek.kmein.r"
"grafana.kmein.r"
+ "names.kmein.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -263,6 +264,7 @@ in {
"zaatar.r"
"zaatar.kmein.r"
"radio.kmein.r"
+ "bvg.kmein.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -585,7 +587,7 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.13.12";
- aliases = [ "catalonia.r" "aleph.r" ];
+ aliases = [ "catalonia.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index 3ef693290..b4e046303 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -256,6 +256,10 @@ in {
okelmann = {
owner = config.krebs.users.mic92;
nets.retiolum = {
+ addrs = [
+ config.krebs.hosts.okelmann.nets.retiolum.ip4.addr
+ config.krebs.hosts.okelmann.nets.retiolum.ip6.addr
+ ];
ip4.addr = "10.243.29.190";
aliases = [
"okelmann.r"
@@ -275,6 +279,10 @@ in {
aendernix = {
owner = config.krebs.users.mic92;
nets.retiolum = {
+ addrs = [
+ config.krebs.hosts.aendernix.nets.retiolum.ip4.addr
+ config.krebs.hosts.aendernix.nets.retiolum.ip6.addr
+ ];
ip4.addr = "10.243.29.172";
aliases = [
"aendernix.r"
@@ -296,6 +304,30 @@ in {
'';
};
};
+ aenderpad = {
+ owner = config.krebs.users.mic92;
+ nets.retiolum = {
+ addrs = [
+ config.krebs.hosts.aenderpad.nets.retiolum.ip4.addr
+ config.krebs.hosts.aenderpad.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.201";
+ aliases = [
+ "aendernix.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAvHSVUd6/5P2rK3s9iQhVrxkjufDIi0Kn04iVB4Z0TpUvnmFAP+Hv
+ d7umo95lNkAPL9c3byv4ooQjOskrp7GmgQRijLUvJSAZ9FBVWPAjMXs+gk9oJnQj
+ 6bovXJ3DurmW3h1ZRmkWn256j7g8lEMtf5LGFxs9Bwi4wqZTbI6DzTQhmNm76Spb
+ 2UMSzr9kDcNj5r6LDhDKEDtx4P1Opshgsf9AusV81N5nqDcvAYsvEqYoPvjKIPwF
+ 5jtfHY7hM7SdYoVgdAY8RFH7xuRkLQW4LBxPKjP3pEQPCgXcuEELm33PGr+w/vhC
+ jxeyKP+uSeuBBMSatTWG3kU8W2LxVML65QIDAQAB
+ -----END RSA PUBLIC KEY-----
+ Ed25519PublicKey = jC2UzKiUtWUlZF2ET88qM+Ot+GpoWxFFfpi8TCCr0uM
+ '';
+ };
+ };
dimitra = {
owner = config.krebs.users.mic92;
nets.retiolum = {
@@ -761,5 +793,81 @@ in {
};
};
};
+
+
+ ryan = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.ryan.nets.retiolum.ip4.addr
+ config.krebs.hosts.ryan.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.198";
+ aliases = [ "ryan.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA0RE5jmBiEGmaYLVFmpCyVvlb6K3Zh2uxh7sVm44k31d9PEHHm4Wz
+ HQH+ueaefGVu19xLRJQGu4ZMl7oRbb5awiqKdSGgInhQaNzxUIHW4cCCdOVkgZSy
+ NjI9LMcc8tQtkoFGt6OhAzaViuGMo+aJAkLuXNf8hz5uR2flqQEeKfG5Kc7Z1DAQ
+ QNoBRtY0pltyK2y/Ip8cZ9cdxR5oLww67ykhY+eLy9tZLfKs6uWSq+2CV0cpNNQ9
+ Sh8fSbkjb4+JkxWAHDOyAnwFxnxstMcW0cscOW7nXYDi5IpvvesJlk698un7bLhm
+ vCkAd+WiNuTGfs9t0r6FDDVDREBhNk1sLwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ Ed25519PublicKey = sOD149OLZ2yUEjRpwbGdwHULKF2qNY3F+9AsEi1G0ZM
+ '';
+ };
+ };
+ };
+
+ graham = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.graham.nets.retiolum.ip4.addr
+ config.krebs.hosts.graham.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.199";
+ aliases = [ "graham.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAtnM8VqFlEPLPYfKOZvN4kKklrVEyX4WewlqHO8vtxML9ND5BHCdn
+ UeRsThvbKVRqEvZLTAXKClZRYVr2IroHqfx0euTq3FYTUbNNQ4KgcFAfLKWoxGfK
+ HsQbYpS93/sUtmhRBGcgXPnEkE6yqvFBXxcmB1QqdmgYKdY2Gtikwrv/5hb4AlNe
+ /gyzKGtAKYogspLI6EpEwlD9CGDNIUPJ4uQ56gDhV/qtyMSE6X0igSSVZayDc+x1
+ InPkH90xsa0/uXjYDnXNdMguLArGkRzMhd6DzK4vEaPFIX59yMX+tEj46rGY7xAI
+ gUZUI2codqY5Z93W5GC+ws34y0bpfeMMWwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ Ed25519PublicKey = xMJNMMXZRCbWkN9CzLFohkGUK54dPcrrosFD7xgIFXA
+ '';
+ };
+ };
+ };
+
+ maurice = {
+ owner = config.krebs.users.mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.maurice.nets.retiolum.ip4.addr
+ config.krebs.hosts.maurice.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.200";
+ aliases = [ "maurice.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAsLKBfPtZkjWGu6uitCV+4c5aQox2t4N8XNhY2mqE806XsYrqAC+y
+ d0oLOxRMUjfh9stDnEW/YRoLEKz9oZdRYd4eenP0Q3c3HdRFDBNCs27M5a8ysqZD
+ 5w9+B+9OfUmMv61NyKiaR6WtoGbE849cj1UNk1z04elshfU7h829D8QnD4j1A1gf
+ bOaNG+RzOP6qP/6Q30rxAiTxRPi+FhcHvxa33y1ZVobvnfGcJa+AzsTbgH9T9Yob
+ GuXFZvuQVSyWOLOgY/vVml904q8gScMpBesAsZJ7DEXxSTga0Rt99Ti3d9ABwBI5
+ 1YabQlGLaAkrj3PMgrDyayzGBDDDva9fEQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ Ed25519PublicKey = pkMuJ4kbyleQAdau+sfmLtzTuUy7uL+wwcgV/GWC7/N
+ '';
+ };
+ };
+ };
};
}
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index 852c8f630..dc0133a63 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -55,10 +55,12 @@ let
name = "fetchWallpaper";
uid = genid_uint31 "fetchWallpaper";
description = "fetchWallpaper user";
+ group = "fetchWallpaper";
home = cfg.stateDir;
createHome = true;
isSystemUser = true;
};
+ users.groups.fetchWallpaper = {};
systemd.timers.fetchWallpaper = {
description = "fetch wallpaper timer";
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index d31d91b7c..0aa1ae0f2 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -362,10 +362,8 @@ let
users.users.${cfg.user.name} = {
inherit (cfg.user) home name uid;
description = "Git repository hosting user";
- extraGroups = [
- # To allow running cgit-clear-cache via hooks.
-