diff options
| -rw-r--r-- | krebs/1systems/onebutton/config.nix | 30 | ||||
| -rw-r--r-- | krebs/1systems/onebutton/source.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 32 | ||||
| -rw-r--r-- | makefu/1systems/gum/config.nix | 50 | ||||
| -rw-r--r-- | makefu/1systems/gum/hardware-config.nix | 44 | ||||
| -rw-r--r-- | makefu/source.nix | 4 |
6 files changed, 124 insertions, 38 deletions
diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix index dca00a206..b87aef5a3 100644 --- a/krebs/1systems/onebutton/config.nix +++ b/krebs/1systems/onebutton/config.nix @@ -16,6 +16,36 @@ services.nixosManual.enable = false; services.journald.extraConfig = "SystemMaxUse=50M"; } + { + systemd.services.mpc-booter = let + mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600"; + url = "http://lassul.us:8000/radio.ogg"; + say = pkgs.writeDash "say" '' + tmpfile=$(${pkgs.coreutils}/bin/mktemp) + echo "$@" > $tmpfile + ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/ + rm "$tmpfile" + ''; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + RemainAfterExit = "yes"; + Type = "oneshot"; + ExecStart = pkgs.writeDash "mpc-boot" '' + until ${mpc} stats;do + echo "waiting for mpd.shack to appear" + sleep 1 + done + ${say} "Willkommen im Shack wertes Mitglied" + + ${say} "Lassulus Super Radio wurde gestartet" + ${mpc} add ${url} + ${mpc} play + ''; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.onebutton; # NixOS wants to enable GRUB by default diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix index 8f25881c9..6842bfaab 100644 --- a/krebs/1systems/onebutton/source.nix +++ b/krebs/1systems/onebutton/source.nix @@ -4,7 +4,7 @@ let nixpkgs = pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; - rev = "6c064e6b"; # only binary cache for unstable arm6 + rev = "nixos-unstable"; # only binary cache for unstable arm6 sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; }; in import <stockholm/krebs/source.nix> { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d7a750c6e..c5404f96d 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -520,6 +520,38 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr"; }; + nextgum = rec { + ci = true; + cores = 8; + nets = rec { + internet = { + ip4.addr = "144.76.26.247"; + ip6.addr = "2a01:4f8:191:12f6::2"; + aliases = [ + "nextgum.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.0.213"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; + aliases = [ + "nextgum.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8 + aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO + npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh + 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF + 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN + VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; + }; gum = rec { ci = true; diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 9b6d9d571..951ec0104 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -2,28 +2,14 @@ with import <stockholm/lib>; let - # hw-specific - external-mac = "2a:c5:6e:d2:fc:7f"; - main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; - external-gw = "185.194.140.1"; - # single partition, label "nixos" - # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate - - - # static external-ip = config.krebs.build.host.nets.internet.ip4.addr; - external-ip6 = config.krebs.build.host.nets.internet.ip6.addr; - external-gw6 = "fe80::1"; - external-netmask = 22; - external-netmask6 = 64; - internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; - ext-if = "et0"; # gets renamed on the fly + ext-if = config.makefu.server.primary-itf; in { imports = [ <stockholm/makefu> + ./hardware-config.nix <nixpkgs/nixos/modules/profiles/qemu-guest.nix> <stockholm/makefu/2configs/headless.nix> - <stockholm/makefu/2configs/fs/single-partition-ext4.nix> # <stockholm/makefu/2configs/smart-monitor.nix> <stockholm/makefu/2configs/git/cgit-retiolum.nix> @@ -49,6 +35,7 @@ in { # <stockholm/makefu/2configs/sabnzbd.nix> <stockholm/makefu/2configs/torrent.nix> <stockholm/makefu/2configs/mosh.nix> + <stockholm/makefu/2configs/retroshare.nix> # network <stockholm/makefu/2configs/vpn/openvpn-server.nix> @@ -90,6 +77,15 @@ in { <stockholm/makefu/2configs/syncthing.nix> # <stockholm/makefu/2configs/opentracker.nix> + <stockholm/makefu/2configs/hub.nix> + { # ncdc + environment.systemPackages = [ pkgs.ncdc ]; + networking.firewall = { + allowedUDPPorts = [ 51411 ]; + allowedTCPPorts = [ 51411 ]; + }; + } + <stockholm/makefu/2configs/stats/client.nix> # <stockholm/makefu/2configs/logging/client.nix> @@ -187,7 +183,6 @@ in { ]; }; - makefu.server.primary-itf = ext-if; # access users.users = { @@ -200,6 +195,7 @@ in { weechat bepasty-client-cli get + tmux ]; services.bitlbee = { enable = true; @@ -207,15 +203,8 @@ in { }; # Hardware - boot.loader.grub.device = main-disk; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; # Network - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" - ''; - boot.kernelParams = [ ]; networking = { firewall = { allowPing = true; @@ -249,19 +238,8 @@ in { 21032 ]; }; - interfaces."${ext-if}" = { - ip4 = [{ - address = external-ip; - prefixLength = external-netmask; - }]; - ip6 = [{ - address = external-ip6; - prefixLength = external-netmask6; - }]; - }; - defaultGateway6 = external-gw6; - defaultGateway = external-gw; nameservers = [ "8.8.8.8" ]; }; + users.users.makefu.extraGroups = [ "download" "nginx" ]; } diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix new file mode 100644 index 000000000..e83f94a9f --- /dev/null +++ b/makefu/1systems/gum/hardware-config.nix @@ -0,0 +1,44 @@ +{ config, ... }: +let + external-mac = "2a:c5:6e:d2:fc:7f"; + main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; + external-gw = "185.194.140.1"; + # single partition, label "nixos" + # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate + + + # static + external-ip = config.krebs.build.host.nets.internet.ip4.addr; + external-ip6 = config.krebs.build.host.nets.internet.ip6.addr; + external-gw6 = "fe80::1"; + external-netmask = 22; + external-netmask6 = 64; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + ext-if = "et0"; # gets renamed on the fly +in { + imports = [ + <stockholm/makefu/2configs/fs/single-partition-ext4.nix> + ]; + makefu.server.primary-itf = ext-if; + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" + ''; + networking = { + interfaces."${ext-if}" = { + ipv4.addresses = [{ + address = external-ip; + prefixLength = external-netmask; + }]; + ipv6.addresses = [{ + address = external-ip6; + prefixLength = external-netmask6; + }]; + }; + defaultGateway6 = external-gw6; + defaultGateway = external-gw; + }; + boot.kernelParams = [ ]; + boot.loader.grub.device = main-disk; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; +} diff --git a/makefu/source.nix b/makefu/source.nix index ecc4dddf0..c1e291b8a 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -24,9 +24,11 @@ let ]; }; # TODO: automate updating of this ref + cherry-picks - ref = "60b6ab055ad"; # nixos-18.03 @ 2018-05-31 + ref = "ef4c5fbf5c2"; # nixos-18.03 @ 2018-05-31 # + do_sqlite3 ruby: 55a952be5b5 # + exfat-nofuse bump: ee6a5296a35 + # + uhub/sqlite: 5dd7610401747 + # + forecastio: f27584df02337 in evalSource (toString _file) [ |