summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/1systems/wolf/config.nix10
-rw-r--r--krebs/3modules/makefu/default.nix6
-rw-r--r--krebs/3modules/rtorrent.nix4
-rw-r--r--krebs/5pkgs/simple/internetarchive/default.nix38
-rw-r--r--krebs/5pkgs/simple/slog/default.nix26
-rw-r--r--krebs/source.nix2
-rw-r--r--lass/1systems/helios/config.nix10
-rw-r--r--lass/2configs/audit.nix9
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/source.nix2
-rw-r--r--makefu/1systems/cake/config.nix4
-rw-r--r--makefu/1systems/darth/config.nix41
-rw-r--r--makefu/1systems/gum/config.nix17
-rw-r--r--makefu/1systems/latte/config.nix2
-rw-r--r--makefu/1systems/omo/config.nix2
-rw-r--r--makefu/1systems/tsp/config.nix42
-rw-r--r--makefu/1systems/wbob/config.nix5
-rw-r--r--makefu/1systems/x/config.nix13
-rw-r--r--makefu/2configs/backup.nix13
-rw-r--r--makefu/2configs/deployment/scrape/elkstack.nix (renamed from makefu/2configs/temp/elkstack.nix)0
-rw-r--r--makefu/2configs/hw/stk1160.nix15
-rw-r--r--makefu/2configs/lanparty/lancache-dns.nix21
-rw-r--r--makefu/2configs/lanparty/lancache.nix9
-rw-r--r--makefu/2configs/lanparty/mumble-server.nix12
-rw-r--r--makefu/2configs/lanparty/samba.nix9
-rw-r--r--makefu/2configs/tools/core.nix30
-rw-r--r--makefu/2configs/tools/dev.nix3
-rw-r--r--makefu/2configs/tools/games.nix1
-rw-r--r--makefu/2configs/tools/sec.nix2
-rw-r--r--makefu/5pkgs/default.nix5
-rw-r--r--makefu/5pkgs/u3_tool/default.nix22
-rw-r--r--makefu/source.nix5
32 files changed, 251 insertions, 130 deletions
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 21ae20ea0..4d0c0ffa5 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -26,9 +26,13 @@ in
<stockholm/krebs/2configs/shack/share.nix>
{
systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate
- #systemd.services.telegraf.environment = {
- # "MIBDIRS" : ""; # extra mibs like ADSL
- #};
+ systemd.services.telegraf.environment = {
+ MIBDIRS = pkgs.fetchgit {
+ url = "http://git.shackspace.de/makefu/modem-mibs.git";
+ sha256 =
+ "a4244aa43ddd6e3ef9e64bb80f4ee952f68232aa008d3da9c78e3b627e5675c8";
+ }; # extra mibs like ADSL
+ };
services.telegraf = {
enable = true;
extraConfig = {
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 401cba97a..29f188bbe 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -5,7 +5,7 @@ with import <stockholm/lib>;
{
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) {
cake = rec {
- cores = 1;
+ cores = 4;
ci = false;
nets = {
retiolum = {
@@ -545,8 +545,8 @@ with import <stockholm/lib>;
};
nets = rec {
internet = {
- ip4.addr = "188.68.40.19";
- ip6.addr = "2a03:4000:17:2df::1";
+ ip4.addr = "185.194.143.140";
+ ip6.addr = "2a03:4000:1c:43f::1";
aliases = [
"gum.i"
];
diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix
index 472accef9..b7ef824b5 100644
--- a/krebs/3modules/rtorrent.nix
+++ b/krebs/3modules/rtorrent.nix
@@ -38,12 +38,12 @@ let
${optionalString (cfg.enableXMLRPC ) ''
# prepare socket and set permissions. rtorrent user is part of group nginx
# TODO: configure a shared torrent group
- execute_nothrow = rm,${cfg.xmlrpc-socket}
+ execute.nothrow = rm,${cfg.xmlrpc-socket}
scgi_local = ${cfg.xmlrpc-socket}
schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"ug+w,o=\",${cfg.xmlrpc-socket}"
''}
- system.file_allocate.set = ${if cfg.preAllocate then "yes" else "no"}
+ system.file.allocate.set = ${if cfg.preAllocate then "yes" else "no"}
# Prepare systemd logging
log.open_file = "rtorrent-systemd", ${systemd-logfile}
diff --git a/krebs/5pkgs/simple/internetarchive/default.nix b/krebs/5pkgs/simple/internetarchive/default.nix
new file mode 100644
index 000000000..f5e1bbff3
--- /dev/null
+++ b/krebs/5pkgs/simple/internetarchive/default.nix
@@ -0,0 +1,38 @@
+{ pkgs, fetchFromGitHub, ... }:
+with pkgs.python3Packages;
+buildPythonPackage rec {
+ pname = "internetarchive";
+ version = "1.7.3";
+ name = "${pname}-${version}";
+ propagatedBuildInputs = [
+ requests
+ jsonpatch
+ docopt
+ clint
+ six
+ schema
+ backports_csv
+ ];
+
+# check only works when cloned from git repo
+ doCheck = false;
+ checkInputs = [
+ pytest
+ responses
+ ];
+
+ prePatch = ''
+ sed -i "s/'schema.*'/'schema>=0.4.0'/" setup.py
+ '';
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g";
+ };
+
+ meta = with stdenv.lib; {
+ description = "python library and cli for uploading files to internet archive";
+ license = licenses.agpl3;
+ };
+
+}
diff --git a/krebs/5pkgs/simple/slog/default.nix b/krebs/5pkgs/simple/slog/default.nix
new file mode 100644
index 000000000..c74a2ad80
--- /dev/null
+++ b/krebs/5pkgs/simple/slog/default.nix
@@ -0,0 +1,26 @@
+{ pkgs, stdenv, fetchFromGitHub }:
+
+## use with:
+# . $(command -v slog.sh)
+stdenv.mkDerivation rec {
+ name = "slog-${version}";
+ version = "2017-10-27";
+
+ src = fetchFromGitHub {
+ owner = "makefu";
+ repo = "slog";
+ rev = "50367c3";
+ sha256 = "16wlh8xz430101lrxmgl2wangbbhvyj4pg8k5aibnh76sgj6x77r";
+ };
+
+ installPhase = ''
+ mkdir -p $out/bin
+ install -m755 slog.sh $out/bin
+ '';
+
+ meta = with stdenv.lib; {
+ description = "POSIX shell logging";
+ license = licenses.mit;
+ };
+
+}
diff --git a/krebs/source.nix b/krebs/source.nix
index 09edc817b..39a388e03 100644
--- a/krebs/source.nix
+++ b/krebs/source.nix
@@ -14,6 +14,6 @@ in
stockholm.file = toString <stockholm>;
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
- ref = "07ca7b64d2ff2fa7a79e4eab1aba70ff746fed8c"; # nixos-17.09 @ 2017-10-02
+ ref = "0c5a587eeba5302ff87e494baefd2f14f4e19bee"; # nixos-17.09 @ 2017-11-10
};
}
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix
index 70aa3832d..c64789d8d 100644
--- a/lass/1systems/helios/config.nix
+++ b/lass/1systems/helios/config.nix
@@ -105,6 +105,8 @@ with import <stockholm/lib>;
{ output = "DP-2"; primary = true; }
];
+ networking.hostName = lib.mkForce "BLN02NB0162";
+
security.pki.certificateFiles = [
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; })
@@ -117,4 +119,12 @@ with import <stockholm/lib>;
];
lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
+
+ programs.adb.enable = true;
+ users.users.mainUser.extraGroups = [ "adbusers" ];
+
+ services.printing = {
+ enable = true;
+ drivers = [ pkgs.postscript-lexmark ];
+ };
}
diff --git a/lass/2configs/audit.nix b/lass/2configs/audit.nix
deleted file mode 100644
index 644741a5b..000000000
--- a/lass/2configs/audit.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ ... }:
-
-{
- security.audit = {
- rules = [
- "-a task,never"
- ];
- };
-}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 180647a6d..f8b750093 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -2,7 +2,6 @@
with import <stockholm/lib>;
{
imports = [
- ../2configs/audit.nix
../2configs/binary-cache/client.nix
../2configs/gc.nix
../2configs/mc.nix
diff --git a/lass/source.nix b/lass/source.nix
index 4849cadcc..d0f77573d 100644
--- a/lass/source.nix
+++ b/lass/source.nix
@@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "6a0a00d";
+ ref = "0c5a587";
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/lass/2configs/tests/dummy-secrets>;
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index c287c28df..1a617e52d 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -6,9 +6,6 @@
# configure your hw:
# <stockholm/makefu/2configs/save-diskspace.nix>
];
- users.extraUsers.root.openssh.authorizedKeys.keys = [
- config.krebs.users.tv.pubkey
- ];
krebs = {
enable = true;
tinc.retiolum.enable = true;
@@ -23,6 +20,7 @@
programs.man.enable = false;
services.nixosManual.enable = false;
boot.tmpOnTmpfs = lib.mkForce false;
+ sound.enable = false;
hardware.enableRedistributableFirmware = true;
hardware.firmware = [
diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix
index 7accb13d3..046c1574c 100644
--- a/makefu/1systems/darth/config.nix
+++ b/makefu/1systems/darth/config.nix
@@ -2,6 +2,8 @@
with import <stockholm/lib>;
let
+ # all the good stuff resides in /data
+
byid = dev: "/dev/disk/by-id/" + dev;
rootDisk = byid "ata-INTEL_SSDSC2BW480H6_CVTR53120385480EGN";
bootPart = rootDisk + "-part1";
@@ -21,44 +23,23 @@ in {
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/tools/core.nix>
<stockholm/makefu/2configs/stats/client.nix>
- <stockholm/makefu/2configs/nsupdate-data.nix>
-
- # SIEM
- #<stockholm/makefu/2configs/tinc/siem.nix>
- # {services.tinc.networks.siem = {
- # name = "sdarth";
- # extraConfig = "ConnectTo = sjump";
- # };
- # }
+ # <stockholm/makefu/2configs/nsupdate-data.nix>
- # {
- # makefu.forward-journal = {
- # enable = true;
- # src = "10.8.10.2";
- # dst = "10.8.10.6";
- # };
- # }
-
- ## Sharing
- # <stockholm/makefu/2configs/share/temp-share-samba.nix>
- #{
- # services.samba.shares = {
- # isos = {
- # path = "/data/isos/";
- # "read only" = "yes";
- # browseable = "yes";
- # "guest ok" = "yes";
- # };
- # };
- #}
<stockholm/makefu/2configs/share/anon-ftp.nix>
+
+ # lan party
+ <stockholm/makefu/2configs/lanparty/lancache.nix>
+ <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
+ <stockholm/makefu/2configs/lanparty/samba.nix>
+ <stockholm/makefu/2configs/lanparty/mumble-server.nix>
+ <stockholm/makefu/2configs/virtualisation/libvirt.nix>
];
#networking.firewall.enable = false;
makefu.server.primary-itf = "enp0s25";
- krebs.hidden-ssh.enable = true;
+ # krebs.hidden-ssh.enable = true;
boot.kernelModules = [ "coretemp" "f71882fg" ];
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e769b1e22..98d5d2988 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -2,16 +2,22 @@
with import <stockholm/lib>;
let
- external-mac = "3a:66:48:8e:82:b2";
+ # hw-specific
+ external-mac = "2a:c5:6e:d2:fc:7f";
+ main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
+ external-gw = "185.194.140.1";
+ # single partition, label "nixos"
+ # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate
+
+
+ # static
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
- external-gw = "188.68.40.1";
external-gw6 = "fe80::1";
external-netmask = 22;
external-netmask6 = 64;
- ext-if = "et0"; # gets renamed on the fly
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
- main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
+ ext-if = "et0"; # gets renamed on the fly
in {
imports = [
<stockholm/makefu>
@@ -19,6 +25,7 @@ in {
<stockholm/makefu/2configs/headless.nix>
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
# <stockholm/makefu/2configs/smart-monitor.nix>
+
<stockholm/makefu/2configs/git/cgit-retiolum.nix>
<stockholm/makefu/2configs/backup.nix>
# <stockholm/makefu/2configs/mattermost-docker.nix>
@@ -76,7 +83,7 @@ in {
# <stockholm/makefu/2configs/logging/client.nix>
# Temporary:
- <stockholm/makefu/2configs/temp/rst-issue.nix>
+ # <stockholm/makefu/2configs/temp/rst-issue.nix>
];
makefu.dl-dir = "/var/download";
diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix
index 3b06660c6..5352b029f 100644
--- a/makefu/1systems/latte/config.nix
+++ b/makefu/1systems/latte/config.nix
@@ -18,7 +18,7 @@ in {
# Security
<stockholm/makefu/2configs/sshd-totp.nix>
- <stockholm/makefu/2configs/stats/client.nix>
+ # <stockholm/makefu/2configs/stats/client.nix>
# Tools
<stockholm/makefu/2configs/tools/core.nix>
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index a22ff10bd..1d157460b 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -82,7 +82,7 @@ in {
# docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload
# Temporary:
- <stockholm/makefu/2configs/temp/rst-issue.nix>
+ # <stockholm/makefu/2configs/temp/rst-issue.nix>
];
makefu.full-populate = true;
makefu.server.primary-itf = primaryInterface;
diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix
index 75a11d3a7..7b751e514 100644
--- a/makefu/1systems/tsp/config.nix
+++ b/makefu/1systems/tsp/config.nix
@@ -1,20 +1,20 @@
#
#
#
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
{
imports =
[ # Include the results of the hardware scan.
<stockholm/makefu>
- <stockholm/makefu/2configs/gui/base.nix>
+ <stockholm/makefu/2configs/main-laptop.nix>
+ <stockholm/makefu/2configs/tools/all.nix>
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
# hardware specifics are in here
# imports tp-x2x0.nix
- <stockholm/makefu/2configs/hw/tp-x200.nix>
+ # <stockholm/makefu/2configs/hw/tp-x200.nix>
- <stockholm/makefu/2configs/disable_v6.nix>
- <stockholm/makefu/2configs/rad1o.nix>
+ # <stockholm/makefu/2configs/rad1o.nix>
<stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/exim-retiolum.nix>
@@ -22,9 +22,41 @@
];
# not working in vm
krebs.build.host = config.krebs.hosts.tsp;
+ boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
+ boot.loader.grub.copyKernels = true;
networking.firewall.allowedTCPPorts = [
25
];
+ # acer aspire
+ networking.wireless.enable = lib.mkDefault true;
+
+ hardware.enableAllFirmware = true;
+ nixpkgs.config.allowUnfree = true;
+
+ hardware.cpu.intel.updateMicrocode = true;
+
+ zramSwap.enable = true;
+ zramSwap.numDevices = 2;
+
+ services.tlp.enable = true;
+ services.tlp.extraConfig = ''
+ # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery
+ START_CHARGE_THRESH_BAT0=67
+ STOP_CHARGE_THRESH_BAT0=100
+
+
+ CPU_SCALING_GOVERNOR_ON_AC=performance
+ CPU_SCALING_GOVERNOR_ON_BAT=ondemand
+ CPU_MIN_PERF_ON_AC=0
+ CPU_MAX_PERF_ON_AC=100
+ CPU_MIN_PERF_ON_BAT=0
+ CPU_MAX_PERF_ON_BAT=30
+ '';
+
+ powerManagement.resumeCommands = ''
+ ${pkgs.rfkill}/bin/rfkill unblock all
+ '';
+
}
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 3a53b70cb..ac51fd9ca 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -24,9 +24,12 @@ in {
# <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
# <stockholm/makefu/2configs/audio/realtime-audio.nix>
# <stockholm/makefu/2configs/vncserver.nix>
- <stockholm/makefu/2configs/temp/rst-issue.nix>
+
# Services
<stockholm/makefu/2configs/remote-build/slave.nix>
+
+ # temporary
+ # <stockholm/makefu/2configs/temp/rst-issue.nix>
];
krebs = {
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index f7db75564..1dd1a070f 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -23,8 +23,6 @@ with import <stockholm/lib>;
# <stockholm/makefu/2configs/deployment/wiki-irc-bot>
# <stockholm/makefu/2configs/torrent.nix>
- # <stockholm/makefu/2configs/lanparty/lancache.nix>
- # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
# <stockholm/makefu/2configs/deployment/dirctator.nix>
# <stockholm/makefu/2configs/vncserver.nix>
# <stockholm/makefu/2configs/deployment/led-fader>
@@ -64,7 +62,7 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/exfat-nofuse.nix>
<stockholm/makefu/2configs/hw/wwan.nix>
- <stockholm/makefu/2configs/hw/stk1160.nix>
+ # <stockholm/makefu/2configs/hw/stk1160.nix>
# <stockholm/makefu/2configs/rad1o.nix>
# Filesystem
@@ -75,6 +73,11 @@ with import <stockholm/lib>;
{
programs.adb.enable = true;
}
+ # temporary
+ # <stockholm/makefu/2configs/lanparty/lancache.nix>
+ # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
+ # <stockholm/makefu/2configs/lanparty/samba.nix>
+ # <stockholm/makefu/2configs/lanparty/mumble-server.nix>
];
@@ -84,7 +87,6 @@ with import <stockholm/lib>;
nixpkgs.config.allowUnfree = true;
- environment.systemPackages = [ pkgs.passwdqc-utils ];
# configure pulseAudio to provide a HDMI sink as well
@@ -102,4 +104,7 @@ with import <stockholm/lib>;
'';
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
+
+ nix.package = pkgs.nixUnstable;
+ environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
}
diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix
index 166365ba0..a4d02af6b 100644
--- a/makefu/2configs/backup.nix
+++ b/makefu/2configs/backup.nix
@@ -31,6 +31,19 @@ in {
krebs.backup.plans = {
# wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
+ gum-dl-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/download" )//
+ {
+ dst.path = "/media/cryptX/backup/gum/var-download";
+ dst.host = defaultBackupServer;
+ startAt = "19:00";
+ };
+ gum-owncloud-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/www/o.euer.krebsco.de" )//
+ {
+ dst.path = "/media/cryptX/backup/gum/var-www-o.euer.krebsco.de";
+ dst.host = defaultBackupServer;
+
+ startAt = "05:00";
+ };
# wolf-to-omo_root = defaultPull config.krebs.hosts.wolf "/";
};
environment.systemPackages = [
diff --git a/makefu/2configs/temp/elkstack.nix b/makefu/2configs/deployment/scrape/elkstack.nix
index c6bf1c6d8..c6bf1c6d8 100644
--- a/makefu/2configs/temp/elkstack.nix
+++ b/makefu/2configs/deployment/scrape/elkstack.nix
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
deleted file mode 100644
index b3a9e1a5a..000000000
--- a/makefu/2configs/hw/stk1160.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ pkgs, ... }:
-{
- # TODO: un-pin linuxPackages somehow
- boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
- nixpkgs.config.packageOverrides = pkgs: {
- linux_4_9 = pkgs.linux_4_9.override {
- extraConfig = ''
- MEDIA_ANALOG_TV_SUPPORT y
- VIDEO_STK1160_COMMON m
- VIDEO_STK1160_AC97 y
- VIDEO_STK1160 m
- '';
- };
- };
-}
diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix
index 4b4ebf0a0..c9da7c4c4 100644
--- a/makefu/2configs/lanparty/lancache-dns.nix
+++ b/makefu/2configs/lanparty/lancache-dns.nix
@@ -1,6 +1,19 @@
{ pkgs, lib, config, ... }:
with import <stockholm/lib>;
let
+ upstream-server = "8.8.8.8";
+ # make sure the router pins the ip address to the deployed host
+ # and set it as dns server ( dhcp option 6,192.168.10.10 )
+ local_ip = "192.168.10.10";
+
+ extra-config = pkgs.writeText "local.conf" ''
+ server:
+ local-data: "piratebox. A ${local_ip}"
+ local-data: "store. A ${local_ip}"
+ local-data: "share. A ${local_ip}"
+ '';
+
+
# see https://github.com/zeropingheroes/lancache for full docs
lancache-dns = pkgs.stdenv.mkDerivation rec {
name = "lancache-dns-2017-06-28";
@@ -11,8 +24,9 @@ let
rev = "420aa62";
sha256 = "0ik7by7ripdv2avyy5kk9jp1i7rz9ksc8xmg7n9iik365q9pv94m";
};
+
phases = [ "unpackPhase" "installPhase" ];
- # here we can chance to edit `includes/proxy-cache-paths.conf`
+ # here we have the chance to edit `includes/proxy-cache-paths.conf`
installPhase = ''
mkdir -p $out
cp -r * $out/
@@ -20,7 +34,6 @@ let
};
stateDir = "/var/lib/unbound";
user = "unbound";
- upstream-server = "8.8.8.8";
in {
services.unbound = {
enable = true;
@@ -29,6 +42,7 @@ in {
forwardAddresses = [ upstream-server ];
extraConfig = ''
include: "${stateDir}/lancache/*.conf"
+ include: "${extra-config}"
'';
};
services.dnscrypt-proxy.enable = lib.mkForce false;
@@ -42,7 +56,8 @@ in {
path = [ pkgs.gawk pkgs.iproute pkgs.gnused ];
script = ''
set -xeu
- current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}')
+ # current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}')
+ current_ip=${local_ip}
old_ip=10.1.1.250
mkdir -p ${stateDir}
rm -rvf ${stateDir}/lancache
diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix
index 3df2e3f59..bcacf2e15 100644
--- a/makefu/2configs/lanparty/lancache.nix
+++ b/makefu/2configs/lanparty/lancache.nix
@@ -17,15 +17,21 @@ let
installPhase = ''
mkdir -p $out
cp -r * $out/
+ rm $out/caches-enabled/*
sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \
-e '1 idaemon off;' \
+ -e 's#/var/lancache#${cfg.statedir}#g' \
$out/nginx.conf
+ sed -i -e 's#/var/lancache#${cfg.statedir}#g' \
+ $out/*/*.conf
+ ln -s $out/caches-available/* $out/caches-enabled/
'';
};
cfg = {
+ statedir = "/data/cache";
+
group = "nginx-lancache";
user = "nginx-lancache";
- statedir = "/var/lancache";
package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{
configureFlags = old.configureFlags ++ [
"--with-http_slice_module"
@@ -43,6 +49,7 @@ in {
preStart = ''
mkdir -p ${cfg.statedir} && cd ${cfg.statedir}
+ chmod 700 ${cfg.statedir}
PATH_CACHE=$PATH_BASE/cache
PATH_LOGS=$PATH_BASE/logs
diff --git a/makefu/2configs/lanparty/mumble-server.nix b/makefu/2configs/lanparty/mumble-server.nix
new file mode 100644
index 000000000..5b9631cd1
--- /dev/null
+++ b/makefu/2configs/lanparty/mumble-server.nix
@@ -0,0 +1,12 @@
+{ config, ... }:
+{
+ networking.firewall.allowedTCPPorts = [ 64738 ];
+ networking.firewall.allowedUDPPorts = [ 64738 ];
+ services.murmur = {
+ enable = true;
+ welcometext = "Welcome to the LANest Party mumble server";
+ bonjour = true;
+ hostName = "0.0.0.0";
+ sendVersion = true;
+ };
+}
diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix
index de834ab16..4176d7b35 100644
--- a/makefu/2configs/lanparty/samba.nix
+++ b/makefu/2configs/lanparty/samba.nix
@@ -10,9 +10,16 @@
};
services.samba = {
enable = true;
+ enableNmbd = true;
shares = {
- share-home = {
+ lanparty = {
path = "/data/lanparty/";
+ "read only" = "yes";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+ share = {
+ path = "/data/incoming";
"read only" = "no";
browseable = "yes";
"guest ok" = "yes";
diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix
index 8a15ae2e7..7e9a459c3 100644
--- a/makefu/2configs/tools/core.nix
+++ b/makefu/2configs/tools/core.nix
@@ -5,38 +5,44 @@
#
# essentially `nix-env -q` of the main user
{
- krebs.per-user.makefu.packages = with pkgs; [
+ environment.systemPackages = with pkgs; [
at_spi2_core
acpi
bc
rsync
exif
file
+ lsof
+ which
+ binutils
+
# fs
- ntfs3g
+ cifs-utils
dosfstools
+ ntfs3g
+ smartmontools
+
+ # io
pv
<