summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--jeschli/1systems/bln/config.nix12
-rw-r--r--jeschli/1systems/brauerei/config.nix2
-rw-r--r--jeschli/source.nix2
-rw-r--r--krebs/1systems/hotdog/config.nix5
-rw-r--r--krebs/1systems/wolf/config.nix1
-rw-r--r--krebs/2configs/buildbot-all.nix4
-rw-r--r--krebs/3modules/buildbot/slave.nix2
-rw-r--r--krebs/3modules/tv/default.nix18
-rw-r--r--krebs/5pkgs/simple/stockholm/default.nix23
-rw-r--r--lass/1systems/daedalus/config.nix1
-rw-r--r--lass/1systems/dishfire/config.nix1
-rw-r--r--lass/1systems/mors/config.nix4
-rw-r--r--lass/1systems/prism/config.nix16
-rw-r--r--lass/2configs/IM.nix15
-rw-r--r--lass/2configs/dns-stuff.nix22
-rw-r--r--lass/2configs/rebuild-on-boot.nix18
-rw-r--r--lass/2configs/security-workarounds.nix2
-rw-r--r--tv/1systems/wu/config.nix6
-rw-r--r--tv/2configs/default.nix2
-rw-r--r--tv/2configs/hw/w110er.nix17
-rw-r--r--tv/2configs/vim.nix2
-rw-r--r--tv/source.nix10
22 files changed, 106 insertions, 79 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 901970e81..873c0fa3d 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -38,7 +38,7 @@
networking.hostName = "BLN02NB0154"; # Define your hostname.
networking.networkmanager.enable = true;
- #networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
+ # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
@@ -54,7 +54,11 @@
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
nixpkgs.config.allowUnfree = true;
- environment.shellAliases = { n = "nix-shell"; };
+ environment.shellAliases = {
+ n = "nix-shell";
+ gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
+ gh = "cd /home/markus/go/src/github.com";
+ };
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
environment.systemPackages = with pkgs; [
# system helper
@@ -62,6 +66,7 @@
copyq
dmenu
git
+ tig
i3lock
keepass
networkmanagerapplet
@@ -72,6 +77,8 @@
rxvt_unicode
# editors
emacs
+ # databases
+ sqlite
# internet
thunderbird
hipchat
@@ -91,6 +98,7 @@
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
+ jetbrains.datagrip
texlive.combined.scheme-full
pandoc
redis
diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 171a002da..2dec45795 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -96,7 +96,7 @@
# Enable the X11 windowing system.
services.xserver.enable = true;
- # services.xserver.layout = "us";
+ services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable touchpad support.
diff --git a/jeschli/source.nix b/jeschli/source.nix
index d1b64b0ed..ae9e1e72e 100644
--- a/jeschli/source.nix
+++ b/jeschli/source.nix
@@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "f9390d6";
+ ref = "d83c808";
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 73b5377bd..98fb88702 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -20,10 +20,5 @@
boot.isContainer = true;
networking.useDHCP = false;
- krebs.repo-sync.repos.stockholm.timerConfig = {
- OnBootSec = "5min";
- OnUnitInactiveSec = "2min";
- RandomizedDelaySec = "2min";
- };
krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm";
}
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 0b21c0b6c..9d6955e7e 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -10,7 +10,6 @@ in
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
<stockholm/krebs/2configs/collectd-base.nix>
<stockholm/krebs/2configs/stats/wolf-client.nix>
- <stockholm/krebs/2configs/save-diskspace.nix>
<stockholm/krebs/2configs/graphite.nix>
<stockholm/krebs/2configs/buildbot-krebs.nix>
diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix
index ca994e996..5ea78f227 100644
--- a/krebs/2configs/buildbot-all.nix
+++ b/krebs/2configs/buildbot-all.nix
@@ -1,10 +1,6 @@
with import <stockholm/lib>;
{ lib, config, pkgs, ... }:
{
- imports = [
- <stockholm/krebs/2configs/repo-sync.nix>
- ];
-
networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
krebs.ci.enable = true;
krebs.ci.treeStableTimer = 1;
diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix
index 0af553c5d..fba585448 100644
--- a/krebs/3modules/buildbot/slave.nix
+++ b/krebs/3modules/buildbot/slave.nix
@@ -161,7 +161,7 @@ let
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
set -efux
#remove garbage from old versions
- rm -r ${workdir}
+ rm -rf ${workdir}
mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac
echo ${contact} > ${workdir}/info/admin
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 98145274c..ce01be5f3 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -201,24 +201,6 @@ with import <stockholm/lib>;
};
};
};
- schnabeldrucker = {
- external = true;
- nets = {
- gg23 = {
- ip4.addr = "10.23.1.21";
- aliases = ["schnabeldrucker.gg23"];
- };
- };
- };
- schnabelscanner = {
- external = true;
- nets = {
- gg23 = {
- ip4.addr = "10.23.1.22";
- aliases = ["schnabelscanner.gg23"];
- };
- };
- };
wu = {
ci = true;
cores = 4;
diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix
index 5705f086d..53c1ca5ba 100644
--- a/krebs/5pkgs/simple/stockholm/default.nix
+++ b/krebs/5pkgs/simple/stockholm/default.nix
@@ -92,6 +92,17 @@
-I "$target_path"
'');
+ cmds.get-version = pkgs.writeDash "get-version" ''
+ set -efu
+ hostname=''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)}
+ version=git.$(${pkgs.git}/bin/git describe --always --dirty)
+ case $version in (*-dirty)
+ version=$version@$hostname
+ esac
+ date=$(${pkgs.coreutils}/bin/date +%y.%m)
+ echo "$date.$version"
+ '';
+
cmds.install = pkgs.withGetopt {
force-populate = { default = /* sh */ "false"; switch = true; };
quiet = { default = /* sh */ "false"; switch = true; };
@@ -205,7 +216,7 @@
init.env = pkgs.writeText "init.env" /* sh */ ''
export HOSTNAME="$(${pkgs.nettools}/bin/hostname)"
- export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${shell.get-version})}"
+ export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${cmds.get-version})}"
export quiet
export system
@@ -274,16 +285,6 @@
fi
'';
- shell.get-version = pkgs.writeDash "stockholm.get-version" ''
- set -efu
- version=git.$(${pkgs.git}/bin/git describe --always --dirty)
- case $version in (*-dirty)
- version=$version@$HOSTNAME
- esac
- date=$(${pkgs.coreutils}/bin/date +%y.%m)
- echo "$date.$version"
- '';
-
in
pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link:
diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix
index 6674b3db5..8ec744584 100644
--- a/lass/1systems/daedalus/config.nix
+++ b/lass/1systems/daedalus/config.nix
@@ -41,6 +41,7 @@ with import <stockholm/lib>;
skype
wine
];
+ nixpkgs.config.firefox.enableAdobeFlash = true;
services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix
index 416edeb82..7993c763e 100644
--- a/lass/1systems/dishfire/config.nix
+++ b/lass/1systems/dishfire/config.nix
@@ -43,6 +43,7 @@
networking.dhcpcd.allowInterfaces = [
"enp*"
"eth*"
+ "ens*"
];
}
{
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 8c7c39a6f..c231a0b10 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -71,10 +71,6 @@ with import <stockholm/lib>;
];
}
{
- #ps vita stuff
- boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
- }
- {
services.tor = {
enable = true;
client.enable = true;
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 593a1fc9c..03e9f6eeb 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -184,14 +184,17 @@ in {
}
{
#hotdog
+ systemd.services."container@hotdog".reloadIfChanged = mkForce false;
containers.hotdog = {
config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
};
+ autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.1";
@@ -200,8 +203,10 @@ in {
}
{
#kaepsele
+ systemd.services."container@kaepsele".reloadIfChanged = mkForce false;
containers.kaepsele = {
config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [
@@ -209,6 +214,7 @@ in {
tv.pubkey
];
};
+ autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.3";
@@ -217,8 +223,10 @@ in {
}
{
#onondaga
+ systemd.services."container@onondaga".reloadIfChanged = mkForce false;
containers.onondaga = {
config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
@@ -226,6 +234,7 @@ in {
config.krebs.users.nin.pubkey
];
};
+ autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.5";
@@ -302,6 +311,13 @@ in {
}
];
}
+ {
+ krebs.repo-sync.repos.stockholm.timerConfig = {
+ OnBootSec = "5min";
+ OnUnitInactiveSec = "2min";
+ RandomizedDelaySec = "2min";
+ };
+ }
];
krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix
index b94cb0634..51512955e 100644
--- a/lass/2configs/IM.nix
+++ b/lass/2configs/IM.nix
@@ -20,6 +20,17 @@ let
'';
in {
+ services.bitlbee = {
+ enable = true;
+ portNumber = 6666;
+ plugins = [
+ pkgs.bitlbee-facebook
+ pkgs.bitlbee-steam
+ pkgs.bitlbee-discord
+ ];
+ libpurple_plugins = [ pkgs.telegram-purple ];
+ };
+
users.extraUsers.chat = {
home = "/home/chat";
uid = genid "chat";
@@ -46,6 +57,10 @@ in {
restartIfChanged = false;
+ path = [
+ pkgs.rxvt_unicode.terminfo
+ ];
+
serviceConfig = {
User = "chat";
RemainAfterExit = true;
diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix
index 411b07503..cbcce8df9 100644
--- a/lass/2configs/dns-stuff.nix
+++ b/lass/2configs/dns-stuff.nix
@@ -11,24 +11,6 @@ with import <stockholm/lib>;
key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C";
};
};
- services.dnsmasq = {
- enable = true;
- resolveLocalQueries = false;
- extraConfig = ''
- server=127.1.0.1
- #no-resolv
- cache-size=1000
- min-cache-ttl=3600
- bind-dynamic
- all-servers
- dnssec
- trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
- rebind-domain-ok=/onion/
- server=/.onion/127.0.0.1#9053
- port=53
- '';
- };
- networking.extraResolvconfConf = ''
- name_servers='127.0.0.1'
- '';
+ services.resolved.enable = true;
+ services.resolved.fallbackDns = [ "127.1.0.1" ];
}
diff --git a/lass/2configs/rebuild-on-boot.nix b/lass/2configs/rebuild-on-boot.nix
new file mode 100644
index 000000000..60198be7b
--- /dev/null
+++ b/lass/2configs/rebuild-on-boot.nix
@@ -0,0 +1,18 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+ systemd.services.rebuild-on-boot = {
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ NIX_REMOTE = "daemon";
+ HOME = "/var/empty";
+ };
+ serviceConfig = {
+ ExecStart = pkgs.writeScript "rebuild" ''
+ #!${pkgs.bash}/bin/bash
+ (/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) &
+ '';
+ ExecStop = "${pkgs.coreutils}/bin/sleep 10";
+ };
+ };
+}
diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix
index 537c8a59b..c3d07d5fe 100644
--- a/lass/2configs/security-workarounds.nix
+++ b/lass/2configs/security-workarounds.nix
@@ -5,4 +5,6 @@ with import <stockholm/lib>;
boot.extraModprobeConfig = ''
install dccp /run/current-system/sw/bin/false
'';
+
+ boot.kernelPackages = pkgs.linuxPackages_latest;
}
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 5c593894a..b3e084fe2 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -44,12 +44,6 @@ with import <stockholm/lib>;
};
};
- krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name;
- hardware.bumblebee.enable = true;
- hardware.bumblebee.group = "video";
- hardware.enableRedistributableFirmware= true;
- hardware.opengl.driSupport32Bit = true;
-
services.printing.enable = true;
services.udev.extraRules = ''
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 280552fe4..2ccab3d09 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -1,6 +1,8 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: {
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+
boot.tmpOnTmpfs = true;
krebs.enable = true;
diff --git a/tv/2configs/hw/w110er.nix b/tv/2configs/hw/w110er.nix
index 787bfc6e9..55e9482d4 100644
--- a/tv/2configs/hw/w110er.nix
+++ b/tv/2configs/hw/w110er.nix
@@ -1,8 +1,20 @@
+with import <stockholm/lib>;
{ pkgs, ... }:
{
imports = [
../smartd.nix
+ {
+ # nvidia doesn't build despite
+ # https://github.com/NixOS/nixpkgs/issues/33284
+ #hardware.bumblebee.enable = true;
+ #hardware.bumblebee.group = "video";
+ #hardware.enableRedistributableFirmware= true;
+ #krebs.nixpkgs.allowUnfreePredicate = pkg:
+ # hasPrefix "nvidia-x11-" pkg.name ||
+ # hasPrefix "nvidia-persistenced-" pkg.name ||
+ # hasPrefix "nvidia-settings-" pkg.name;
+ }
];
boot.extraModprobeConfig = ''
@@ -15,6 +27,7 @@
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
+ hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = [ pkgs.vaapiIntel ];
networking.wireless.enable = true;
@@ -41,4 +54,8 @@
echo auto > $i/power/control # defaults to 'on'
done)
'';
+
+ services.xserver = {
+ videoDriver = "intel";
+ };
}
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 8a27b606a..59619f9b5 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -233,7 +233,7 @@ let {
lua = {};
sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
sh.extraStart = concatStringsSep ''\|'' [
- ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
+ ''write\(A\|Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
''[a-z]*Phase[ \t\r\n]*=''
];
yaml = {};
diff --git a/tv/source.nix b/tv/source.nix
index 31308fc99..b5e3f7cd7 100644
--- a/tv/source.nix
+++ b/tv/source.nix
@@ -1,8 +1,10 @@
with import <stockholm/lib>;
-host@{ name, secure ? false, override ? {} }: let
- builder = if getEnv "dummy_secrets" == "true"
- then "buildbot"
- else "tv";
+{ name
+, dummy_secrets ? getEnv "dummy_secrets" == "true"
+, override ? {}
+, secure ? false
+}@host: let
+ builder = if dummy_secrets then "buildbot" else "tv";
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
in
evalSource (toString _file) [