diff options
-rw-r--r-- | krebs/3modules/makefu/default.nix | 6 | ||||
-rw-r--r-- | makefu/1systems/gum.nix | 26 | ||||
-rw-r--r-- | makefu/1systems/iso.nix | 50 | ||||
-rw-r--r-- | makefu/1systems/omo.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/default.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/mqtt.nix | 9 | ||||
-rw-r--r-- | makefu/2configs/tools/core-gui.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tools/core.nix | 31 | ||||
-rw-r--r-- | makefu/2configs/tools/dev.nix | 10 | ||||
-rw-r--r-- | makefu/2configs/tools/extra-gui.nix | 7 | ||||
-rw-r--r-- | makefu/2configs/tools/media.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tools/sec.nix | 3 | ||||
-rw-r--r-- | makefu/5pkgs/f3/default.nix | 26 | ||||
-rw-r--r-- | makefu/5pkgs/libcoap/default.nix | 27 | ||||
-rw-r--r-- | makefu/5pkgs/mergerfs/default.nix | 26 | ||||
-rw-r--r-- | makefu/5pkgs/ps3netsrv/default.nix | 29 |
16 files changed, 147 insertions, 111 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 651b9a3c6..650344981 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -427,7 +427,7 @@ with import <stockholm/lib>; }; gum = rec { - cores = 1; + cores = 2; extraZones = { "krebsco.de" = '' @@ -448,7 +448,7 @@ with import <stockholm/lib>; }; nets = rec { internet = { - ip4.addr = "195.154.108.70"; + ip4.addr = "188.68.40.19"; aliases = [ "gum.i" ]; @@ -456,7 +456,7 @@ with import <stockholm/lib>; retiolum = { via = internet; ip4.addr = "10.243.0.211"; - # ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; aliases = [ "gum.r" "cgit.gum.r" diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 95d092822..93ca8f643 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -2,23 +2,32 @@ with import <stockholm/lib>; let + external-mac = "3a:66:48:8e:82:b2"; external-ip = config.krebs.build.host.nets.internet.ip4.addr; + external-gw = "188.68.40.1"; + external-netmask = 22; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; in { imports = [ ../. + <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ../2configs/headless.nix - ../2configs/fs/simple-swap.nix ../2configs/fs/single-partition-ext4.nix ../2configs/smart-monitor.nix ../2configs/git/cgit-retiolum.nix ../2configs/backup.nix # ../2configs/mattermost-docker.nix - ../2configs/disable_v6.nix + # ../2configs/disable_v6.nix ../2configs/exim-retiolum.nix ../2configs/tinc/retiolum.nix ../2configs/urlwatch.nix + # Tools + ../2configs/tools/core.nix + ../2configs/tools/dev.nix + ../2configs/tools/sec.nix + # services ../2configs/gum-share.nix ../2configs/sabnzbd.nix @@ -46,7 +55,7 @@ in { # ../2configs/logging/central-logging-client.nix ]; - services.smartd.devices = [ { device = "/dev/sda";} ]; + services.smartd.devices = [ { device = main-disk;} ]; makefu.dl-dir = "/var/download"; @@ -83,16 +92,15 @@ in { get ]; services.bitlbee.enable = true; - systemd.services.bitlbee.environment.BITLBEE_DEBUG="1"; # Hardware - boot.loader.grub.device = "/dev/sda"; - boot.initrd.availableKernelModules = [ "pata_via" "uhci_hcd" ]; + boot.loader.grub.device = main-disk; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; boot.kernelModules = [ "kvm-intel" ]; # Network services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="c8:0a:a9:c8:ee:dd", NAME="et0" + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="et0" ''; boot.kernelParams = [ ]; networking = { @@ -124,9 +132,9 @@ in { }; interfaces.et0.ip4 = [{ address = external-ip; - prefixLength = 24; + prefixLength = external-netmask; }]; - defaultGateway = "195.154.108.1"; + defaultGateway = external-gw; nameservers = [ "8.8.8.8" ]; }; diff --git a/makefu/1systems/iso.nix b/makefu/1systems/iso.nix new file mode 100644 index 000000000..ee1046f79 --- /dev/null +++ b/makefu/1systems/iso.nix @@ -0,0 +1,50 @@ +{ config, pkgs, lib, ... }: + +with import <stockholm/lib>; +{ + imports = [ + ../. + <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix> + <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> + ../2configs/tools/core.nix + ]; + # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now + # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos + krebs.build.host = config.krebs.hosts.iso; + krebs.hidden-ssh.enable = true; + environment.systemPackages = with pkgs; [ + aria2 + ddrescue + ]; + environment.extraInit = '' + EDITOR=vim + ''; + # iso-specific + boot.kernelParams = [ "copytoram" ]; + services.openssh = { + enable = true; + hostKeys = [ + { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ]; + }; + # enable ssh in the iso boot process + systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ]; + # hack `tee` behavior + nixpkgs.config.packageOverrides = super: { + irc-announce = super.callPackage <stockholm/krebs/5pkgs/irc-announce> { + pkgs = pkgs // { coreutils = pkgs.concat "coreutils-hack" [ + pkgs.coreutils + (pkgs.writeDashBin "tee" '' + if test "$1" = /dev/stderr; then + while read -r line; do + echo "$line" + echo "$line" >&2 + done + else + ${super.coreutils}/bin/tee "$@" + fi + '') + ];}; + }; + }; +} diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index ff34ee843..91785a078 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -55,7 +55,10 @@ in { ../2configs/logging/central-stats-server.nix # ../2configs/logging/central-logging-server.nix ../2configs/logging/central-stats-client.nix + + # services ../2configs/syncthing.nix + ../2configs/mqtt.nix # ../2configs/logging/central-logging-client.nix # ../2configs/torrent.nix diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 0865c3a31..6cc891047 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -4,7 +4,7 @@ with import <stockholm/lib>; { imports = [ { - users.extraUsers = + users.users = mapAttrs (_: h: { hashedPassword = h; }) (import <secrets/hashedPasswords.nix>); } @@ -134,6 +134,7 @@ with import <stockholm/lib>; }; environment.shellAliases = { + # TODO: see .aliases lsl = "ls -lAtr"; psg = "ps -ef | grep"; nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml"; diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix new file mode 100644 index 000000000..39c9fdfdd --- /dev/null +++ b/makefu/2configs/mqtt.nix @@ -0,0 +1,9 @@ +{ ... }: +{ + services.mosquitto = { + enable = true; + host = "0.0.0.0"; + users = {}; + allowAnonymous = true; + }; +} diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 0538647ae..f409b68a2 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -20,5 +20,6 @@ xdotool xorg.xbacklight scrot + wireshark ]; } diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 6ae2951eb..8a15ae2e7 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -12,11 +12,11 @@ rsync exif file + # fs ntfs3g + dosfstools pv - proot sshpass - populate usbutils p7zip hdparm @@ -27,21 +27,30 @@ sysstat which weechat - curl - wget wol tmux + iftop + mkpasswd + # storage smartmontools cifs-utils - iftop - taskwarrior - mplayer + # net + wget + curl - cac-api - cac-panel + # stockholm + git + gnumake + jq + parallel + proot + populate + + rxvt_unicode.terminfo krebspaste - krebszones - ledger + + # TODO: + taskwarrior pass ]; } diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 8acc25fcc..8e4e3270d 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -2,9 +2,15 @@ { krebs.per-user.makefu.packages = with pkgs;[ - nodemcu-uploader - esptool python35Packages.virtualenv + # embedded flashrom + mosquitto + libcoap + nodemcu-uploader + esptool + cac-api + cac-panel + krebszones ]; } diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 596734dd5..56cdccd1f 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -2,12 +2,13 @@ { krebs.per-user.makefu.packages = with pkgs;[ - inkscape gimp + inkscape libreoffice + saleae-logic skype - virtmanager synergy - saleae-logic + tdesktop + virtmanager ]; } diff --git a/makefu/2configs/tools/media.nix b/makefu/2configs/tools/media.nix index 4fc3413e8..4de2b545e 100644 --- a/makefu/2configs/tools/media.nix +++ b/makefu/2configs/tools/media.nix @@ -8,5 +8,6 @@ calibre vlc mumble + mplayer ]; } diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix index e53d9ee8e..5fb9a5fc8 100644 --- a/makefu/2configs/tools/sec.nix +++ b/makefu/2configs/tools/sec.nix @@ -11,6 +11,7 @@ nmap msf thc-hydra - wireshark + borgbackup + ledger ]; } diff --git a/makefu/5pkgs/f3/default.nix b/makefu/5pkgs/f3/default.nix deleted file mode 100644 index e7f20b1e6..000000000 --- a/makefu/5pkgs/f3/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ stdenv, fetchFromGitHub }: - -stdenv.mkDerivation rec { - name = "f3-${version}"; - version = "6.0"; - - enableParallelBuilding = true; - - src = fetchFromGitHub { - owner = "AltraMayor"; - repo = "f3"; - rev = "v${version}"; - sha256 = "1azi10ba0h9z7m0gmfnyymmfqb8380k9za8hn1rrw1s442hzgnz2"; - }; - - makeFlags = [ "PREFIX=$(out)" ]; - patchPhase = "sed -i 's/-oroot -groot//' Makefile"; - - meta = { - description = "Fight Flash Fraud"; - homepage = http://oss.digirati.com.br/f3/; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ makefu ]; - }; -} diff --git a/makefu/5pkgs/libcoap/default.nix b/makefu/5pkgs/libcoap/default.nix new file mode 100644 index 000000000..7e8d03edd --- /dev/null +++ b/makefu/5pkgs/libcoap/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, fetchFromGitHub, autoreconfHook, autoconf-archive, pkgconfig, +gettext, asciidoc, doxygen, libxml2, libxslt, docbook_xsl, ... }: +stdenv.mkDerivation rec { + name = "libcoap-${version}"; + version = "4.1.2"; + + src = fetchFromGitHub { + owner = "obgm"; + repo = "libcoap"; + rev = "v${version}"; + sha256 = "0f0qq15480ja1s03vn8lzw4b3mzdgy46hng4aigi6i6qbzf29kf5"; + }; + + patchPhase = '' + sed -i 's/$(A2X)/& --no-xmllint/' examples/Makefile.am + ''; + buildInputs = [ gettext asciidoc doxygen libxml2.bin libxslt docbook_xsl]; + nativeBuildInputs = [ autoreconfHook autoconf-archive pkgconfig ]; + + meta = { + description = ""; + homepage = http://coap.technology; + license = stdenv.lib.licenses.gpl2; + platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ makefu ]; + }; +} diff --git a/makefu/5pkgs/mergerfs/default.nix b/makefu/5pkgs/mergerfs/default.nix deleted file mode 100644 index cfb7b0ae7..000000000 --- a/makefu/5pkgs/mergerfs/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ stdenv, fetchgit, fuse, pkgconfig, which, attr, pandoc, git }: - -stdenv.mkDerivation rec { - name = "mergerfs-${version}"; - version = "2.16.1"; - - # not using fetchFromGitHub because of changelog being built with git log - src = fetchgit { - url = "https://github.com/trapexit/mergerfs"; - rev = "refs/tags/${version}"; - sha256 = "12fqgk54fnnibqiq82p4g2k6qnw3iy6dd64csmlf73yi67za5iwf"; - deepClone = true; - }; - - buildInputs = [ fuse pkgconfig which attr pandoc git ]; - - makeFlags = [ "PREFIX=$(out)" "XATTR_AVAILABLE=1" ]; - - - meta = { - homepage = https://github.com/trapexit/mergerfs; - description = "a FUSE based union filesystem"; - license = stdenv.lib.licenses.isc; - maintainers = [ stdenv.lib.maintainers.makefu ]; - }; -} diff --git a/makefu/5pkgs/ps3netsrv/default.nix b/makefu/5pkgs/ps3netsrv/default.nix deleted file mode 100644 index f62ee0c9a..000000000 --- a/makefu/5pkgs/ps3netsrv/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ stdenv, fetchgit, clang, makeWrapper, gnugrep }: - -stdenv.mkDerivation rec { - name = "ps3netsrv-${version}"; - version = "1.1.0"; - - enableParallelBuilding = true; - - src = fetchgit { - url = "https://github.com/dirkvdb/ps3netsrv--"; - fetchSubmodules = true; - rev = "e54a66cbf142b86e2cffc1701984b95adb921e81"; # latest @ 2016-05-24 - sha256 = "09hvmfzqy2jckpsml0z1gkcnar8sigmgs1q66k718fph2d3g54sa"; - }; - - nativeBuildInputs = [ gnugrep ]; - buildPhase = "make CXX=g++"; - installPhase = '' - mkdir -p $out/bin - cp ps3netsrv++ $out/bin - ''; - meta = { - description = "C++ implementation of the ps3netsrv server"; - homepage = https://github.com/dirkvdb/ps3netsrv--; - license = stdenv.lib.licenses.mit; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ makefu ]; - }; -} |