summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/2configs/ircd.nix18
-rw-r--r--krebs/2configs/shack/glados/default.nix9
-rw-r--r--krebs/3modules/lass/default.nix52
-rw-r--r--lass/1systems/coaxmetal/config.nix53
-rw-r--r--lass/1systems/coaxmetal/physical.nix52
-rw-r--r--lass/5pkgs/custom/xmonad-lass/default.nix8
6 files changed, 175 insertions, 17 deletions
diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix
index 789fc2f2f..0de07a027 100644
--- a/krebs/2configs/ircd.nix
+++ b/krebs/2configs/ircd.nix
@@ -5,6 +5,8 @@
6667 6669
];
+ systemd.services.charybdis.serviceConfig.LimitNOFILE = 16384;
+
krebs.charybdis = {
enable = true;
motd = ''
@@ -15,7 +17,7 @@
serverinfo {
name = "${config.krebs.build.host.name}.irc.r";
sid = "1as";
- description = "miep!";
+ description = "irc!";
network_name = "irc.r";
vhost = "0.0.0.0";
@@ -26,7 +28,7 @@
#ssl_dh_params = "etc/dh.pem";
#ssld_count = 1;
- default_max_clients = 100000;
+ default_max_clients = 2048;
#nicklen = 30;
};
@@ -38,12 +40,12 @@
*/
host = "0.0.0.0";
port = 6667;
- sslport = 6697;
+ #sslport = 6697;
/* Listen on IPv6 (if you used host= above). */
host = "::";
port = 6667;
- sslport = 6697;
+ #sslport = 6697;
};
class "users" {
@@ -53,9 +55,9 @@
number_per_ip_global = 4096;
cidr_ipv4_bitlen = 24;
cidr_ipv6_bitlen = 64;
- number_per_cidr = 65536;
- max_number = 100000;
- sendq = 10 megabyte;
+ number_per_cidr = 65535;
+ max_number = 65535;
+ sendq = 1000 megabyte;
};
privset "op" {
@@ -91,7 +93,7 @@
use_knock = yes;
knock_delay = 5 minutes;
knock_delay_channel = 1 minute;
- max_chans_per_user = 15;
+ max_chans_per_user = 150;
max_bans = 100;
max_bans_large = 500;
default_split_user_count = 0;
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index d546564c5..53d6e6f4a 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -1,5 +1,11 @@
{ config, pkgs, lib, ... }:
let
+ unstable = import (pkgs.fetchFromGitHub {
+ owner = "nixos";
+ repo = "nixpkgs";
+ rev = (lib.importJSON ../../../nixpkgs-unstable.json).rev;
+ sha256 = (lib.importJSON ../../../nixpkgs-unstable.json).sha256;
+ }) {};
in {
services.nginx.virtualHosts."hass.shack" = {
serverAliases = [ "glados.shack" ];
@@ -40,6 +46,9 @@ in {
{
enable = true;
autoExtraComponents = true;
+ package = unstable.home-assistant.overrideAttrs (old: {
+ doInstallCheck = false;
+ });
config = {
homeassistant = {
name = "Glados";
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index c5cf5cb15..6978c0b4e 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -125,7 +125,6 @@ in {
ip6.addr = r6 "1e1";
aliases = [
"uriel.r"
- "cgit.uriel.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -151,7 +150,6 @@ in {
ip6.addr = r6 "dea7";
aliases = [
"mors.r"
- "cgit.mors.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -185,7 +183,6 @@ in {
ip6.addr = r6 "50da";
aliases = [
"shodan.r"
- "cgit.shodan.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -220,7 +217,6 @@ in {
ip6.addr = r6 "1205";
aliases = [
"icarus.r"
- "cgit.icarus.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -254,7 +250,6 @@ in {
ip6.addr = r6 "daed";
aliases = [
"daedalus.r"
- "cgit.daedalus.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -286,7 +281,6 @@ in {
ip6.addr = r6 "5ce7";
aliases = [
"skynet.r"
- "cgit.skynet.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -688,11 +682,53 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU ";
syncthing.id = "JAVJ6ON-WLCWOA3-YB7EHPX-VGIN4XF-635NIVZ-WZ4HN4M-QRMLT4N-5PL5MQN";
};
+
+ coaxmetal = {
+ cores = 16;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.17";
+ ip6.addr = r6 "17";
+ aliases = [
+ "coaxmetal.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwcuMl/W6DZ7UMK4RHrxA
+ xCc8CkqpUTYldPdB9KJmcH6OpbQqCcPxGOvRe42NdOfCyy11WjAjUMRGnzMyi4MK
+ gMEjcrl5CnQd9nF9f8Mom8cuSOVm1j46qY7Trl/MsEKsKHiYAHtLFpHz2+UI+HBU
+ WbSeDLLA8g79SZq/pqWHfp3YKzqP4p+dmi8j+aOZJWkGu9l+Q40qQrTJQCxYgEek
+ ODeBFCY3DGfJRn79IFGuhF1/jGiAwF3/1j2Rxlesazl6/Lyvmtioplsqn8J94z32
+ G5wyGpqn/BcXkJTlWtwb3Rrg6OOALJAqy2H5EoIVT26gwmvkEStMtvgLfAeYjL8F
+ G2bAtaeQGzwQZNuVJAMI9Qtb+PHw322Wz+P8U669C/HCdGCumMf+M7UDHP79kXOO
+ IFs1NvkU3z/iO/5bj41v8u0W8+b9NWe++dI8N8q0hWLPgnz5PI998xW06Dul7pAX
+ K1OMIMfTTGgAZHAF1Kdn1BSXezgwkutwzy5h8XkYclyHB2nPXkXIYmahi1XgWeAE
+ 7B4NmefbS6H8dLOU7yMEWuxmYl41UOybtyrsp1za5wtERpQgzl6EWfIXISEdx1Ly
+ bmb3SGtB85RyqqCe2O9DzVZCw7mXgN69R5efyEuq3HIIN9udLNrybPNNyD/OlAqo
+ l/xwDxiSCEsO6yY5lGc0MCMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ wiregrill = {
+ ip6.addr = w6 "17";
+ aliases = [
+ "coaxmetal.w"
+ ];
+ wireguard.pubkey = ''
+ lkjR14oOVKl03/0sUzOmddf28ps+v5qRxrbRY03Pg38=
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO9vAYuTv07c9bOjDJId3ShXJ1qIEuyrjkVYkJn9yMET ";
+ syncthing.id = "W5BJ4TL-GAQ46WS-ZB72HFS-XOURLBA-RNBVMYC-POFH4UA-CBORQID-BMIHNQZ";
+ };
+
};
users = rec {
- lass = lass-blue;
+ lass = lass-yubikey;
lass-yubikey = {
- mail = lass.mail;
+ mail = "lass@lassul.us";
pubkey = builtins.readFile ./ssh/yubikey.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp;
};
diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix
new file mode 100644
index 000000000..3e0b1674a
--- /dev/null
+++ b/lass/1systems/coaxmetal/config.nix
@@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ <stockholm/lass>
+
+ <stockholm/lass/2configs/retiolum.nix>
+ <stockholm/lass/2configs/exim-retiolum.nix>
+ <stockholm/lass/2configs/baseX.nix>
+ <stockholm/lass/2configs/browsers.nix>
+ <stockholm/lass/2configs/programs.nix>
+ <stockholm/lass/2configs/network-manager.nix>
+ <stockholm/lass/2configs/syncthing.nix>
+ <stockholm/lass/2configs/sync/sync.nix>
+ <stockholm/lass/2configs/games.nix>
+ <stockholm/lass/2configs/steam.nix>
+ <stockholm/lass/2configs/wine.nix>
+ <stockholm/lass/2configs/fetchWallpaper.nix>
+ <stockholm/lass/2configs/nfs-dl.nix>
+ <stockholm/lass/2configs/pass.nix>
+ <stockholm/lass/2configs/mail.nix>
+ <stockholm/lass/2configs/bitcoin.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.coaxmetal;
+
+ environment.shellAliases = {
+ deploy = pkgs.writeDash "deploy" ''
+ set -eu
+ export SYSTEM="$1"
+ $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
+ '';
+ usb-tether-on = pkgs.writeDash "usb-tether-on" ''
+ adb shell su -c service call connectivity 33 i32 1 s16 text
+ '';
+ usb-tether-off = pkgs.writeDash "usb-tether-off" ''
+ adb shell su -c service call connectivity 33 i32 0 s16 text
+ '';
+ };
+
+ programs.adb.enable = true;
+
+ hardware.bluetooth = {
+ enable = true;
+ powerOnBoot = true;
+ # config.General.Disable = "Headset";
+ extraConfig = ''
+ [General]
+ Disable = Headset
+ '';
+ };
+ hardware.pulseaudio.package = pkgs.pulseaudioFull;
+}
diff --git a/lass/1systems/coaxmetal/physical.nix b/lass/1systems/coaxmetal/physical.nix
new file mode 100644
index 000000000..c94740c54
--- /dev/null
+++ b/lass/1systems/coaxmetal/physical.nix
@@ -0,0 +1,52 @@
+{ config, lib, pkgs, modulesPath, ... }:
+{
+ imports = [
+ ./config.nix
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ networking.hostId = "e0c335ea";
+ boot.zfs.requestEncryptionCredentials = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+ boot.loader.grub = {
+ enable = true;
+ # device = "/dev/disk/by-id/nvme-WDC_PC_SN730_SDBQNTY-1T00-1001_205349800040";
+ device = "nodev";
+ efiSupport = true;
+ # efiInstallAsRemovable = true;
+ };
+
+ services.xserver.videoDrivers = [
+ "amdgpu"
+ ];
+
+ hardware.opengl.extraPackages = [ pkgs.amdvlk ];
+ # is required for amd graphics support ( xorg wont boot otherwise )
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+ environment.variables.VK_ICD_FILENAMES =
+ "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
+
+ boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+ boot.kernelModules = [ "kvm-amd" ];
+
+ fileSystems."/" = {
+ device = "zpool/root/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home" = {
+ device = "zpool/root/home";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/50A7-1889";
+ fsType = "vfat";
+ };
+
+ services.logind.lidSwitch = "ignore";
+ services.logind.lidSwitchDocked = "ignore";
+ boot.extraModprobeConfig = ''
+ options psmouse proto=imps
+ '';
+}
diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix
index 5a741353d..3b45552b3 100644
--- a/lass/5pkgs/custom/xmonad-lass/default.nix
+++ b/lass/5pkgs/custom/xmonad-lass/default.nix
@@ -35,6 +35,7 @@ import XMonad.Hooks.ManageHelpers (doCenterFloat, doRectFloat, (-?>))
import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.UrgencyHook (focusUrgent)
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
+import XMonad.Layout.BoringWindows (boringWindows, focusDown, focusUp)
import XMonad.Layout.FixedColumn (FixedColumn(..))
import XMonad.Layout.Grid (Grid(..))
import XMonad.Layout.Minimize (minimize)
@@ -93,7 +94,7 @@ main' = do
myLayoutHook = defLayout
where
- defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile ||| Grid)
+ defLayout = minimize . boringWindows $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile ||| Grid)
floatHooks = composeAll
[ className =? "Pinentry" --> doCenterFloat
@@ -123,6 +124,11 @@ myKeyMap =
, ("<XF86Launch1>", gridselectWorkspace gridConfig W.view)
, ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill")
+ , ("M4-<Tab>", focusDown)
+ , ("M4-S-<Tab>", focusUp)
+ , ("M4-j", focusDown)
+ , ("M4-k", focusUp)
+
, ("M4-a", focusUrgent)
, ("M4-S-r", renameWorkspace myXPConfig)
, ("M4-S-a", addWorkspacePrompt myXPConfig)