summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/urlwatch.nix3
-rw-r--r--makefu/1systems/pnp.nix17
-rw-r--r--makefu/1systems/pornocauster.nix45
-rw-r--r--makefu/1systems/repunit.nix3
-rw-r--r--makefu/1systems/tsp.nix15
-rw-r--r--makefu/2configs/base-gui.nix30
-rw-r--r--makefu/2configs/cgit-retiolum.nix2
-rw-r--r--makefu/2configs/exim-retiolum.nix11
-rw-r--r--makefu/2configs/main-laptop.nix23
-rw-r--r--makefu/2configs/sda-crypto-root-home.nix39
-rw-r--r--makefu/2configs/tp-x200.nix24
-rw-r--r--makefu/2configs/tp-x220.nix19
-rw-r--r--makefu/2configs/tp-x2x0.nix22
-rw-r--r--makefu/2configs/urlwatch.nix17
-rw-r--r--makefu/2configs/virtualization.nix8
-rw-r--r--makefu/2configs/wwan.nix29
-rw-r--r--makefu/2configs/zsh-user.nix10
17 files changed, 263 insertions, 54 deletions
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index 39d9fec54..531e6c87b 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -78,7 +78,7 @@ let
HOME = cfg.dataDir;
LC_ALL = "en_US.UTF-8";
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
- SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+ SSL_CERT_FILE = "${pkgs.cacert}/etc/ca-bundle.crt";
};
serviceConfig = {
User = user.name;
@@ -100,7 +100,6 @@ let
ExecStart = pkgs.writeScript "urlwatch" ''
#! /bin/sh
set -euf
-
from=${escapeShellArg cfg.from}
mailto=${escapeShellArg cfg.mailto}
urlsFile=${escapeShellArg urlsFile}
diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix
index 6693dc066..963d07744 100644
--- a/makefu/1systems/pnp.nix
+++ b/makefu/1systems/pnp.nix
@@ -10,9 +10,12 @@
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
../2configs/base.nix
../2configs/cgit-retiolum.nix
- ../2configs/graphite-standalone.nix
+ # ../2configs/graphite-standalone.nix
../2configs/vm-single-partition.nix
../2configs/tinc-basic-retiolum.nix
+
+ ../2configs/exim-retiolum.nix
+ ../2configs/urlwatch.nix
];
krebs.build.host = config.krebs.hosts.pnp;
krebs.build.user = config.krebs.users.makefu;
@@ -21,16 +24,20 @@
krebs.build.deps = {
nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
- rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
+ rev = "13576925552b1d0751498fdda22e91a055a1ff6c";
};
};
networking.firewall.allowedTCPPorts = [
# nginx runs on 80
+ 80
# graphite-web runs on 8080, carbon cache runs on 2003 tcp and udp
- 80
- 8080 2003
+ # 8080 2003
+
+ # smtp
+ 25
];
- networking.firewall.allowedUDPPorts = [ 2003 ];
+
+ # networking.firewall.allowedUDPPorts = [ 2003 ];
}
diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix
new file mode 100644
index 000000000..415c1af30
--- /dev/null
+++ b/makefu/1systems/pornocauster.nix
@@ -0,0 +1,45 @@
+#
+#
+#
+{ config, pkgs, ... }:
+
+{
+ imports =
+ [ # Include the results of the hardware scan.
+ ../2configs/base.nix
+ ../2configs/main-laptop.nix #< base-gui
+
+ # Krebs
+ ../2configs/tinc-basic-retiolum.nix
+ #../2configs/disable_v6.nix
+
+ #../2configs/sda-crypto-root.nix
+ ../2configs/sda-crypto-root-home.nix
+
+ ../2configs/zsh-user.nix
+
+ # applications
+ ../2configs/exim-retiolum.nix
+ ../2configs/virtualization.nix
+ ../2configs/wwan.nix
+
+ # hardware specifics are in here
+ ../2configs/tp-x220.nix
+ ];
+
+ krebs.build.host = config.krebs.hosts.pornocauster;
+ krebs.build.user = config.krebs.users.makefu;
+ krebs.build.target = "root@pornocauster";
+
+ networking.firewall.allowedTCPPorts = [
+ 25
+ ];
+
+ krebs.build.deps = {
+ nixpkgs = {
+ url = https://github.com/NixOS/nixpkgs;
+ #url = https://github.com/makefu/nixpkgs;
+ rev = "13576925552b1d0751498fdda22e91a055a1ff6c";
+ };
+ };
+}
diff --git a/makefu/1systems/repunit.nix b/makefu/1systems/repunit.nix
index 7596a3d54..503fe8f65 100644
--- a/makefu/1systems/repunit.nix
+++ b/makefu/1systems/repunit.nix
@@ -18,7 +18,8 @@
krebs.build.deps = {
nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
- rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
+ #url = https://github.com/makefu/nixpkgs;
+ rev = "13576925552b1d0751498fdda22e91a055a1ff6c";
};
secrets = {
url = "/home/makefu/secrets/${config.krebs.build.host.name}";
diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix
index 388ded068..67db22460 100644
--- a/makefu/1systems/tsp.nix
+++ b/makefu/1systems/tsp.nix
@@ -11,28 +11,29 @@
../2configs/tinc-basic-retiolum.nix
../2configs/sda-crypto-root.nix
# hardware specifics are in here
- ../2configs/tp-x200.nix
+ ../2configs/tp-x200.nix #< imports tp-x2x0.nix
../2configs/disable_v6.nix
../2configs/rad1o.nix
+
+ ../2configs/zsh-user.nix
+ ../2configs/exim-retiolum.nix
];
# not working in vm
krebs.build.host = config.krebs.hosts.tsp;
krebs.build.user = config.krebs.users.makefu;
krebs.build.target = "root@tsp";
- krebs.exim-retiolum.enable = true;
+
networking.firewall.allowedTCPPorts = [
25
];
krebs.build.deps = {
nixpkgs = {
- #url = https://github.com/NixOS/nixpkgs;
- # rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
- url = https://github.com/makefu/nixpkgs;
- rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
+ url = https://github.com/NixOS/nixpkgs;
+ #url = https://github.com/makefu/nixpkgs;
+ rev = "13576925552b1d0751498fdda22e91a055a1ff6c";
};
};
-
}
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index 55fcd6baa..6896a66dc 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -1,11 +1,15 @@
{ config, lib, pkgs, ... }:
##
-# of course this name is a lie - it prepares a GUI environment close to my
-# current configuration.
+# of course this name is a lie
+# - it prepares a GUI environment close to my
+# current configuration,specifically:
#
-# autologin with mainUser into awesome
-##
+# * autologin with mainUser into awesome
+# * audio
+# * terminus font
#
+# if this is not enough, check out main-laptop.nix
+
with lib;
let
mainUser = config.krebs.build.user.name;
@@ -28,14 +32,6 @@ in
displayManager.auto.user = mainUser;
desktopManager.xterm.enable = false;
};
- services.redshift = {
- enable = true;
- latitude = "48.7";
- longitude = "9.1";
- };
-
-## FONTS
-# TODO: somewhere else?
i18n.consoleFont = "Lat2-Terminus16";
@@ -49,14 +45,12 @@ in
environment.systemPackages = with pkgs;[
xlockmore
rxvt_unicode-with-plugins
- vlc
firefox
- chromium
];
- # TODO: use mainUser
- users.extraUsers.makefu.extraGroups = [ "audio" ];
+ users.extraUsers.${mainUser}.extraGroups = [ "audio" ];
+
hardware.pulseaudio = {
- enable = true;
- # systemWide = true;
+ enable = true;
+ # systemWide = true;
};
}
diff --git a/makefu/2configs/cgit-retiolum.nix b/makefu/2configs/cgit-retiolum.nix
index d352f5792..8d9439569 100644
--- a/makefu/2configs/cgit-retiolum.nix
+++ b/makefu/2configs/cgit-retiolum.nix
@@ -8,7 +8,7 @@ let
krebs-repos = mapAttrs make-krebs-repo {
stockholm = {
- desc = "take all the computers hostage, they'll love you!";
+ desc = "Make all the systems into 1systems!";
};
};
diff --git a/makefu/2configs/exim-retiolum.nix b/makefu/2configs/exim-retiolum.nix
new file mode 100644
index 000000000..fc570ba97
--- /dev/null
+++ b/makefu/2configs/exim-retiolum.nix
@@ -0,0 +1,11 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+ krebs.exim-retiolum.enable = true;
+ environment.systemPackages = with pkgs; [
+ msmtp
+ mutt-kz
+ ];
+
+}
diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix
new file mode 100644
index 000000000..8d2c8213e
--- /dev/null
+++ b/makefu/2configs/main-laptop.nix
@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+# stuff for the main laptop
+# this is pretty much nice-to-have and does
+# not fit into base-gui
+
+with lib;
+{
+ imports = [ ./base-gui.nix ];
+ environment.systemPackages = with pkgs;[
+ vlc
+ firefox
+ chromium
+ keepassx
+ ];
+
+ services.redshift = {
+ enable = true;
+ latitude = "48.7";
+ longitude = "9.1";
+ };
+
+}
diff --git a/makefu/2configs/sda-crypto-root-home.nix b/makefu/2configs/sda-crypto-root-home.nix
new file mode 100644
index 000000000..3821c7504
--- /dev/null
+++ b/makefu/2configs/sda-crypto-root-home.nix
@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+
+# ssd #
+# sda: bootloader grub2
+# sda1: boot ext4 (label nixboot)
+# sda2: cryptoluks -> lvm:
+# / (main-root)
+# /home (main-home)
+
+with lib;
+{
+ boot = {
+ loader.grub.enable =true;
+ loader.grub.version =2;
+ loader.grub.device = "/dev/sda";
+
+ initrd.luks.devices = [ { name = "main"; device = "/dev/sda2"; allowDiscards=true; }];
+ initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/mapper/main-root";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ # TODO: just import sda-crypto-root, add this device
+ "/home" = {
+ device = "/dev/mapper/main-home";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ "/boot" = {
+ device = "/dev/disk/by-label/nixboot";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ };
+}
diff --git a/makefu/2configs/tp-x200.nix b/makefu/2configs/tp-x200.nix
index 2bbc75c20..ed46875d8 100644
--- a/makefu/2configs/tp-x200.nix
+++ b/makefu/2configs/tp-x200.nix
@@ -2,36 +2,20 @@
with lib;
{
- #services.xserver = {
- # videoDriver = "intel";
- #};
+
+ imports = [ ./tp-x2x0.nix ];
boot = {
kernelModules = [ "tp_smapi" "msr" ];
extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
};
+ services.thinkfan.enable = true;
- #networking.wireless.enable = true;
-
- hardware.enableAllFirmware = true;
- nixpkgs.config.allowUnfree = true;
-
- zramSwap.enable = true;
- zramSwap.numDevices = 2;
-
- hardware.trackpoint.enable = true;
- hardware.trackpoint.sensitivity = 255;
- hardware.trackpoint.speed = 255;
+ # only works on tp-x200 , not x220
services.xserver.displayManager.sessionCommands = ''
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 1
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 2
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 200
'';
-
- services.thinkfan.enable = true;
- services.tlp.enable = true;
- services.tlp.extraConfig = ''
- START_CHARGE_THRESH_BAT0=80
- '';
}
diff --git a/makefu/2configs/tp-x220.nix b/makefu/2configs/tp-x220.nix
new file mode 100644
index 000000000..1aacb07cd
--- /dev/null
+++ b/makefu/2configs/tp-x220.nix
@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+
+ imports = [ ./tp-x2x0.nix ];
+
+ boot.kernelModules = [ "kvm-intel" ];
+
+ services.xserver.vaapiDrivers = [pkgs.vaapiIntel pkgs.vaapiVdpau ];
+
+ services.xserver.displayManager.sessionCommands =''
+ xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
+ xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
+ xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
+ xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
+ '';
+
+}
diff --git a/makefu/2configs/tp-x2x0.nix b/makefu/2configs/tp-x2x0.nix
new file mode 100644
index 000000000..b79d94b4a
--- /dev/null
+++ b/makefu/2configs/tp-x2x0.nix
@@ -0,0 +1,22 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+ # TODO: put this somewhere else
+ networking.wireless.enable = true;
+
+ hardware.enableAllFirmware = true;
+ nixpkgs.config.allowUnfree = true;
+
+ zramSwap.enable = true;
+ zramSwap.numDevices = 2;
+
+ hardware.trackpoint.enable = true;
+ hardware.trackpoint.sensitivity = 220;
+ hardware.trackpoint.speed = 220;
+
+ services.tlp.enable = true;
+ services.tlp.extraConfig = ''
+ START_CHARGE_THRESH_BAT0=80
+ '';
+}
diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix
new file mode 100644
index 000000000..933cb93c5
--- /dev/null
+++ b/makefu/2configs/urlwatch.nix
@@ -0,0 +1,17 @@
+{ config, ... }:
+
+{
+ krebs.urlwatch = {
+ enable = true;
+ mailto = config.krebs.users.makefu.mail;
+ onCalendar = "*-*-* 05:00:00";
+ urls = [
+ ## nixpkgs maintenance
+ https://api.github.com/repos/ovh/python-ovh/tags
+ https://api.github.com/repos/embray/d2to1/tags
+ http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release
+
+ ];
+ };
+}
+
diff --git a/makefu/2configs/virtualization.nix b/makefu/2configs/virtualization.nix
new file mode 100644
index 000000000..b3f8c8284
--- /dev/null
+++ b/makefu/2configs/virtualization.nix
@@ -0,0 +1,8 @@
+{ config, lib, pkgs, ... }:
+
+let
+ mainUser = config.krebs.build.user;
+in {
+ virtualisation.libvirtd.enable = true;
+ users.extraUsers.${mainUser.name}.extraGroups = [ "libvirtd" ];
+}
diff --git a/makefu/2configs/wwan.nix b/makefu/2configs/wwan.nix
new file mode 100644
index 000000000..dd1c63090
--- /dev/null
+++ b/makefu/2configs/wwan.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+#usage: $ wvdial
+
+let
+ mainUser = config.krebs.build.user;
+in {
+ environment.systemPackages = with pkgs;[
+ wvdial
+ ];
+
+ # configure for NETZCLUB
+ environment.wvdial.dialerDefaults = ''
+ Phone = *99***1#
+ Dial Command = ATDT
+ Modem = /dev/ttyACM0
+ Baud = 460800
+ Init1 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
+ Init2 = ATZ
+ Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
+ ISDN = 0
+ Modem Type = Analog Modem
+ Username = netzclub
+ Password = netzclub
+ Stupid Mode = 1
+ Idle Seconds = 0'';
+
+ users.extraUsers.${mainUser.name}.extraGroups = [ "dialout" ];
+}
diff --git a/makefu/2configs/zsh-user.nix b/makefu/2configs/zsh-user.nix
new file mode 100644
index 000000000..3089b706a
--- /dev/null
+++ b/makefu/2configs/zsh-user.nix
@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+##
+with lib;
+let
+ mainUser = config.krebs.build.user.name;
+in
+{
+ programs.zsh.enable = true;
+ users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
+}