diff options
27 files changed, 379 insertions, 88 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 5e8cdc639..2d3b7b077 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -143,7 +143,7 @@ let dc = "lass"; #dc = "cac"; nets = rec { internet = { - addrs4 = ["162.248.8.63"]; + addrs4 = ["104.233.84.57"]; aliases = [ "echelon.internet" ]; @@ -158,12 +158,42 @@ let ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA92ybhDahtGybpAkUNlG5Elxw05MVY4Pg7yK0dQugB4nVq+pnmi78 - DOMeIciecMHmJM8n9UlUU0eWZVCgHeVd23d6J0hTHCv24p24uHEGGy7XlO/dPJ6A - IjROYU0l8c03pipdJ3cDBx6riArSglwmZJ7xH/Iw0BUhRZrPqbtijY7EcG2wc+8K - N9N9mBofVMl4EcBiDR/eecK+ro8OkeOmYPtYgFJLvxTYXiPIhOxMAlkOY2fpin/t - cgFLUFuN4ag751XjjcNpVovVq95vdg+VhKrrNVWZjJt03owW81BzoryY6CD2kIPq - UxK89zEdeYOUT7AxaT/5V5v41IvGFZxCzwIDAQAB + MIIBCgKCAQEAuscWOYdHu0bpWacvwTNd6bcmrAQ0YFxJWHZF8kPZr+bMKIhnXLkJ + oJheENIM6CA9lQQQFUxh2P2pxZavW5rgVlJxIKeiB+MB4v6ZO60LmZgpCsWGD/dX + MipM2tLtQxYhvLJIJxEBWn3rxIgeEnCtZsH1KLWyLczb+QpvTjMJ4TNh1nEBPE/f + 4LUH1JHaGhcaHl2dLemR9wnnDIjmSj0ENJp2al+hWnIggcA/Zp0e4b86Oqbbs5wA + n++n5j971cTrBdA89nJDYOEtepisglScVRbgLqJG81lDA+n24RWFynn+U3oD/L8p + do+kxlwZUEDRbPU4AO5L+UeIbimsuIfXiQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + fastpoke = { + dc = "lass"; #dc = "cac"; + nets = rec { + internet = { + addrs4 = ["193.22.164.36"]; + aliases = [ + "fastpoke.internet" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.253.152"]; + addrs6 = ["42:422a:194f:ff3b:e196:2f82:5cf5:bc00"]; + aliases = [ + "fastpoke.retiolum" + "cgit.fastpoke.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAs4p5xsQYx06v+OkUbc09K6voFAbkvO66QdFoM71E10XyCeLP6iuq + DaIOFN4GrPR36pgyjqtJ+62G9uR+WsB/y14eio1p1ivDWgcpt5soOZAH5zVRRD9O + FBDlgVNwIJ6stMHy6OenEKWsfEiZRN3XstnqAqyykzjddglth1tJntn6kbZehzNQ + ezfIyN4XgaX2fhSu+UnAyLcV8wWnF9cMABjz7eKcSmRJgtG4ZiuDkbgiiEew7+pB + EPqOVQ80lJvzQKgO4PmVoAjD9A+AHnmLJNPDQQi8nIVilGCT60IX+XT1rt85Zpdy + rEaeriw/qsVJnberAhDAdQYYuM1ai2H5swIDAQAB -----END RSA PUBLIC KEY----- ''; }; @@ -352,8 +382,8 @@ let extraZones = { "krebsco.de" = '' - mediengewitter IN A ${elemAt nets.internet.addrs4 0} - flap IN A ${elemAt nets.internet.addrs4 0}''; + mediengewitter IN A ${head nets.internet.addrs4} + flap IN A ${head nets.internet.addrs4}''; }; nets = { internet = { @@ -390,14 +420,13 @@ let IN MX 10 mx42 euer IN MX 1 aspmx.l.google.com. io IN NS pigstarter.krebsco.de. - euer IN A ${elemAt nets.internet.addrs4 0} - pigstarter IN A ${elemAt nets.internet.addrs4 0} - conf IN A ${elemAt nets.internet.addrs4 0} - gold IN A ${elemAt nets.internet.addrs4 0} - graph IN A ${elemAt nets.internet.addrs4 0} - tinc IN A ${elemAt nets.internet.addrs4 0} - boot IN A ${elemAt nets.internet.addrs4 0} - mx42 IN A ${elemAt nets.internet.addrs4 0}''; + pigstarter IN A ${head nets.internet.addrs4} + conf IN A ${head nets.internet.addrs4} + gold IN A ${head nets.internet.addrs4} + graph IN A ${head nets.internet.addrs4} + tinc IN A ${head nets.internet.addrs4} + boot IN A ${head nets.internet.addrs4} + mx42 IN A ${head nets.internet.addrs4}''; }; nets = { internet = { @@ -426,15 +455,56 @@ let }; }; }; + wry = rec { + cores = 1; + dc = "makefu"; #dc = "cac"; + extraZones = { + "krebsco.de" = '' + wry IN A ${head nets.internet.addrs4} + ''; + }; + nets = rec { + internet = { + addrs4 = ["162.219.7.216"]; + aliases = [ + "wry.internet" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.29.169"]; + addrs6 = ["42:6e1e:cc8a:7cef:827:f938:8c64:baad"]; + aliases = [ + "wry.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAvmCBVNKT/Su4v9nl/Nm3STPo5QxWPg7xEkzIs3Oh39BS8+r6/7UQ + rebib7mczb+ebZd+Rg2yFoGrWO8cmM0VcLy5bYRMK7in8XroLEjWecNNM4TRfNR4 + e53+LhcPdkxo0A3/D+yiut+A2Mkqe+4VXDm/JhAiAYkZTn7jUtj00Atrc7CWW1gN + sP3jIgv4+CGftdSYOB4dm699B7OD9XDLci2kOaFqFl4cjDYUok03G0AduUlRx10v + CKbKOTIdm8C36A902/3ms+Hyzkruu+VagGIZuPSwqXHJPCu7Ju+jarKQstMmpQi0 + PubweWDL0o/Dfz2qT3DuL4xDecIvGE6kv3m41hHJYiK+2/azTSehyPFbsVbL7w0V + LgKN3usnZNcpTsBWxRGT7nMFSnX2FLDu7d9OfCuaXYxHVFLZaNrpccOq8NF/7Hbk + DDW81W7CvLyJDlp0WLnAawSOGTUTPoYv/2wAapJ89i8QGCueGvEc6o2EcnBVMFEW + ejWTQzyD816f4RsplnrRqLVlIMbr9Q/n5TvlgjjhX7IMEfMy4+7qLGRQkNbFzgwK + jxNG2fFSCjOEQitm0gAtx7QRIyvYr6c7/xiHz4AwxYzBmvQsL/OK57NO4+Krwgj5 + Vk8TQ2jGO7J4bB38zaxK+Lrtfl8i1AK1171JqFMhOc34JSJ7T4LWDMECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; gum = rec { cores = 1; dc = "online.net"; #root-server extraZones = { "krebsco.de" = '' - omo IN A ${elemAt nets.internet.addrs4 0} - gum IN A ${elemAt nets.internet.addrs4 0} - paste IN A ${elemAt nets.internet.addrs4 0}''; + omo IN A ${head nets.internet.addrs4} + euer IN A ${head nets.internet.addrs4} + gum IN A ${head nets.internet.addrs4} + paste IN A ${head nets.internet.addrs4}''; }; nets = { internet = { diff --git a/krebs/Zhosts/cloudkrebs b/krebs/Zhosts/cloudkrebs index ed46a36bd..3886371ff 100644 --- a/krebs/Zhosts/cloudkrebs +++ b/krebs/Zhosts/cloudkrebs @@ -1,4 +1,4 @@ -Address = 167.88.34.190 +Address = 104.167.113.104 Subnet = 10.243.206.102 Subnet = 42:941e:2816:35f4:5c5e:206b:3f0b:f762 diff --git a/krebs/Zhosts/echelon b/krebs/Zhosts/echelon index 9d1c324fd..de4366875 100644 --- a/krebs/Zhosts/echelon +++ b/krebs/Zhosts/echelon @@ -1,12 +1,12 @@ -Address = 168.235.156.81 +Address = 104.233.84.57 Subnet = 10.243.206.103 Subnet = 42:941e:2816:35f4:5c5e:206b:3f0b:f763 -----BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEA92ybhDahtGybpAkUNlG5Elxw05MVY4Pg7yK0dQugB4nVq+pnmi78 -DOMeIciecMHmJM8n9UlUU0eWZVCgHeVd23d6J0hTHCv24p24uHEGGy7XlO/dPJ6A -IjROYU0l8c03pipdJ3cDBx6riArSglwmZJ7xH/Iw0BUhRZrPqbtijY7EcG2wc+8K -N9N9mBofVMl4EcBiDR/eecK+ro8OkeOmYPtYgFJLvxTYXiPIhOxMAlkOY2fpin/t -cgFLUFuN4ag751XjjcNpVovVq95vdg+VhKrrNVWZjJt03owW81BzoryY6CD2kIPq -UxK89zEdeYOUT7AxaT/5V5v41IvGFZxCzwIDAQAB +MIIBCgKCAQEAuscWOYdHu0bpWacvwTNd6bcmrAQ0YFxJWHZF8kPZr+bMKIhnXLkJ +oJheENIM6CA9lQQQFUxh2P2pxZavW5rgVlJxIKeiB+MB4v6ZO60LmZgpCsWGD/dX +MipM2tLtQxYhvLJIJxEBWn3rxIgeEnCtZsH1KLWyLczb+QpvTjMJ4TNh1nEBPE/f +4LUH1JHaGhcaHl2dLemR9wnnDIjmSj0ENJp2al+hWnIggcA/Zp0e4b86Oqbbs5wA +n++n5j971cTrBdA89nJDYOEtepisglScVRbgLqJG81lDA+n24RWFynn+U3oD/L8p +do+kxlwZUEDRbPU4AO5L+UeIbimsuIfXiQIDAQAB -----END RSA PUBLIC KEY----- diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix index 7c95e0f87..5235c25e5 100644 --- a/lass/1systems/cloudkrebs.nix +++ b/lass/1systems/cloudkrebs.nix @@ -25,14 +25,15 @@ krebs.build = { user = config.krebs.users.lass; - target = "root@cloudkrebs"; host = config.krebs.hosts.cloudkrebs; - deps = { - secrets = { - url = "/home/lass/secrets/${config.krebs.build.host.name}"; + source = { + dir.secrets = { + host = config.krebs.hosts.mors; + path = "/home/lass/secrets/${config.krebs.build.host.name}"; }; - stockholm = { - url = toString ../..; + dir.stockholm = { + host = config.krebs.hosts.mors; + path = "/home/lass/dev/stockholm"; }; }; }; diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index 92976366f..d1a3f34f7 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -28,14 +28,15 @@ in { krebs.build = { user = config.krebs.users.lass; - target = "root@${ip}"; host = config.krebs.hosts.echelon; - deps = { - secrets = { - url = "/home/lass/secrets/${config.krebs.build.host.name}"; + source = { + dir.secrets = { + host = config.krebs.hosts.mors; + path = "/home/lass/secrets/${config.krebs.build.host.name}"; }; - stockholm = { - url = toString ../..; + dir.stockholm = { + host = config.krebs.hosts.mors; + path = "/home/lass/dev/stockholm"; }; }; }; diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 4724fd3e3..b7291a8f2 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -22,18 +22,20 @@ ../2configs/retiolum.nix ../2configs/wordpress.nix ../2configs/bitlbee.nix + ../2configs/firefoxPatched.nix ]; krebs.build = { user = config.krebs.users.lass; - target = "root@mors"; host = config.krebs.hosts.mors; - deps = { - secrets = { - url = "/home/lass/secrets/${config.krebs.build.host.name}"; + source = { + dir.secrets = { + host = config.krebs.hosts.mors; + path = "/home/lass/secrets/${config.krebs.build.host.name}"; }; - stockholm = { - url = toString ../..; + dir.stockholm = { + host = config.krebs.hosts.mors; + path = "/home/lass/dev/stockholm"; }; }; }; @@ -172,6 +174,7 @@ environment.systemPackages = with pkgs; [ cac + get ]; #TODO: fix this shit diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index bb98975e4..9d96e7814 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -27,12 +27,14 @@ with builtins; user = config.krebs.users.lass; target = "root@uriel"; host = config.krebs.hosts.uriel; - deps = { - secrets = { - url = "/home/lass/secrets/${config.krebs.build.host.name}"; + source = { + dir.secrets = { + host = config.krebs.hosts.mors; + path = "/home/lass/secrets/${config.krebs.build.host.name}"; }; - stockholm = { - url = toString ../..; + dir.stockholm = { + host = config.krebs.hosts.mors; + path = "/home/lass/dev/stockholm"; }; }; }; diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 7c4835461..46435649b 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -42,9 +42,11 @@ with lib; enable = true; search-domain = "retiolum"; exim-retiolum.enable = true; - build.deps.nixpkgs = { - url = https://github.com/Lassulus/nixpkgs; - rev = "e74d0e7ff83c16846a81e1173543f180ad565076"; + build.source = { + git.nixpkgs = { + url = https://github.com/Lassulus/nixpkgs; + rev = "68bd8e4a9dc247726ae89cc8739574261718e328"; + }; }; }; diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 4fe06b729..f37dace2c 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -62,7 +62,7 @@ in { imports = [ ../3modules/per-user.nix ] ++ [ - ( createFirefoxUser "ff" [ "audio" ] [ pkgs.firefox ] ) + ( createFirefoxUser "ff" [ "audio" ] [ ] ) ( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] ) ( createChromiumUser "fb" [ ] [ pkgs.chromium ] ) ( createChromiumUser "gm" [ ] [ pkgs.chromium ] ) diff --git a/lass/2configs/desktop-base.nix b/lass/2configs/desktop-base.nix index 52c29d7e8..8ae768ca9 100644 --- a/lass/2configs/desktop-base.nix +++ b/lass/2configs/desktop-base.nix @@ -61,4 +61,8 @@ in { xkbOptions = "caps:backspace"; }; + services.logind.extraConfig = '' + HandleLidSwitch=ignore + ''; + } diff --git a/lass/2configs/firefoxPatched.nix b/lass/2configs/firefoxPatched.nix new file mode 100644 index 000000000..daf8a28be --- /dev/null +++ b/lass/2configs/firefoxPatched.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +let + lpkgs = import ../5pkgs { inherit pkgs; }; + + inherit (lib) + concatMapStrings + ; + + plugins = with lpkgs.firefoxPlugins; [ + noscript + ublock + vimperator + ]; + + copyXpi = plugin: + "cp ${plugin}/*.xpi $out/usr/lib/firefox-*/browser/extensions/"; + + preferences = pkgs.writeText "autoload.js" '' + pref('general.config.filename', 'firefox.cfg'); + pref('general.config.obscure_value', 0); + ''; + + config = pkgs.writeText "firefox.cfg" '' + // + lockPref("app.update.enabled", false); + lockPref("extensions.update.enabled", false); + lockPref("autoadmin.global_config_url", ""); + lockPref("extensions.checkUpdateSecurity", false); + lockPref("services.sync.enabled", false); + lockPref("browser.shell.checkDefaultBrowser", false); + lockPref("layout.spellcheckDefault", 0); + lockPref("app.update.auto", false); + lockPref("browser.newtabpage.enabled", false); + lockPref("noscript.firstRunRedirection", false); + lockPref("noscript.hoverUI", false); + lockPref("noscript.notify", false); + defaultPref("extensions.newAddons", false); + defaultPref("extensions.autoDisableScopes", 0); + defaultPref("plugin.scan.plid.all", false); + ''; + +in { + environment.systemPackages = [ + (pkgs.lib.overrideDerivation pkgs.firefox-bin (original : { + installPhase = '' + ${original.installPhase} + find $out/usr/lib + ${concatMapStrings copyXpi plugins} + cd $out/usr/lib/firefox-*/ + mkdir -p browser/defaults/preferences + cp ${preferences} browser/defaults/preferences/autoload.js + cp ${config} ./firefox.cfg + ''; + })) + ]; +} + diff --git a/lass/2configs/programs.nix b/lass/2configs/programs.nix index 41d241bac..e4840383f 100644 --- a/lass/2configs/programs.nix +++ b/lass/2configs/programs.nix @@ -7,7 +7,6 @@ gnupg1compat htop i3lock - mc mosh mpv pass diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 17cd1d822..d7df15027 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -21,6 +21,7 @@ connectTo = [ "fastpoke" "cloudkrebs" + "echelon" "pigstarter" "gum" "flap" diff --git a/lass/2configs/texlive.nix b/lass/2configs/texlive.nix index 18d72297d..fa20ef81f 100644 --- a/lass/2configs/texlive.nix +++ b/lass/2configs/texlive.nix @@ -2,6 +2,11 @@ { environment.systemPackages = with pkgs; [ - texLive + (texLiveAggregationFun { paths = [ + texLive + texLiveExtra + texLiveCMSuper + texLiveModerncv + ];}) ]; } diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix index 646e816fd..64aa45823 100644 --- a/lass/2configs/zsh.nix +++ b/lass/2configs/zsh.nix @@ -57,7 +57,7 @@ #exports export EDITOR='vim' export MANPAGER='most' - export PAGER='vim -' + export PAGER='vim -R -' # export MANPAGER='sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" | vim -R -c "set ft=man nonu nomod nolist" -' #beautiful colors @@ -103,23 +103,21 @@ case $UID in 0) - username='%F{red}root%f' + username='%F{red}root%f ' ;; 1337) username="" ;; *) - username='%F{blue}%n%f' + username='%F{blue}%n%f ' ;; esac if test -n "$SSH_CLIENT"; then PROMPT="$error$username@%F{magenta}%M%f %~ " else - PROMPT="$error$username %~ " + PROMPT="$error$username%~ " fi - - ''; }; users.defaultUserShell = "/run/current-system/sw/bin/zsh"; diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 6df35b905..7427cb620 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -8,4 +8,9 @@ rec { bitlbee-dev = callPackage ./bitlbee-dev.nix {}; bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; }; bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; }; + firefoxPlugins = { + noscript = callPackage ./firefoxPlugins/noscript.nix {}; + ublock = callPackage ./firefoxPlugins/ublock.nix {}; + vimperator = callPackage ./firefoxPlugins/vimperator.nix {}; + }; } diff --git a/lass/5pkgs/firefoxPlugins/noscript.nix b/lass/5pkgs/firefoxPlugins/noscript.nix new file mode 100644 index 000000000..67a00a1b2 --- /dev/null +++ b/lass/5pkgs/firefoxPlugins/noscript.nix @@ -0,0 +1,28 @@ +{ fetchgit, stdenv, bash, zip }: + +stdenv.mkDerivation rec { + name = "noscript"; + id = "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + + src = fetchgit { + url = "https://github.com/avian2/noscript"; + rev = "c900a079793868bb080ab1e23522d29dc121b4c6"; + sha256 = "1y06gh5a622yrsx0h7v92qnvdi97i54ln09zc1lvk8x430z5bdly"; + }; + + buildInputs = [ zip ]; + + patchPhase = '' + substituteInPlace "version.sh" \ + --replace "/bin/bash" "${bash}/bin/bash" + ''; + + buildPhase = '' + ./makexpi.sh + ''; + + installPhase = '' + mkdir -p $out/ + cp *.xpi $out/${id}.xpi + ''; +} diff --git a/lass/5pkgs/firefoxPlugins/result b/lass/5pkgs/firefoxPlugins/result new file mode 120000 index 000000000..aa5334414 --- /dev/null +++ b/lass/5pkgs/firefoxPlugins/result @@ -0,0 +1 @@ +/nix/store/gxr152p1bbgqcd839b0rckdd1h5cr886-vimperator
\ No newline at end of file diff --git a/lass/5pkgs/firefoxPlugins/ublock.nix b/lass/5pkgs/firefoxPlugins/ublock.nix new file mode 100644 index 000000000..29ef250e8 --- /dev/null +++ b/lass/5pkgs/firefoxPlugins/ublock.nix @@ -0,0 +1,31 @@ +{ fetchgit, stdenv, bash, python, zip }: + +stdenv.mkDerivation rec { + name = "ublock"; + id = "{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}"; + + src = fetchgit { + url = "https://github.com/chrisaljoudi/uBlock"; + rev = "a70a50052a7914cbf86d46a725812b98434d8c70"; + sha256 = "1qfzy79f8x01i33x0m95k833z1jgxjwb8wvlr6fj6id1kxfvzh77"; + }; + + buildInputs = [ + zip + python + ]; + + patchPhase = '' + substituteInPlace "tools/make-firefox.sh" \ + --replace "/bin/bash" "${bash}/bin/bash" + ''; + + buildPhase = '' + tools/make-firefox.sh all + ''; + + installPhase = '' + mkdir -p $out/ + cp dist/build/uBlock.firefox.xpi $out/${id}.xpi + ''; +} diff --git a/lass/5pkgs/firefoxPlugins/vimperator.nix b/lass/5pkgs/firefoxPlugins/vimperator.nix new file mode 100644 index 000000000..dabef3d20 --- /dev/null +++ b/lass/5pkgs/firefoxPlugins/vimperator.nix @@ -0,0 +1,19 @@ +{ fetchgit, stdenv, zip }: + +stdenv.mkDerivation rec { + name = "vimperator"; + id = "vimperator@mozdev.org"; + + src = fetchgit { + url = "https://github.com/vimperator/vimperator-labs.git"; + rev = "ba7d8e72516fdc22246748c8183d7bc90f6fb073"; + sha256 = "0drz67qm5hxxzw699rswlpjkg4p2lfipx119pk1nyixrqblcsvq2"; + }; + + buildInputs = [ zip ]; + + installPhase = '' + mkdir -p $out/ + cp downloads/vimperator*.xpi $out/${id}.xpi + ''; +} diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 2dce87d5d..497c03e11 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -9,6 +9,7 @@ [ # Include the results of the hardware scan. # Base ../2configs/base.nix + ../2configs/base-sources.nix ../2configs/tinc-basic-retiolum.nix # HW/FS @@ -38,12 +39,6 @@ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; - krebs.build.deps = { - nixpkgs = { - url = https://github.com/NixOS/nixpkgs; - rev = "03921972268934d900cc32dad253ff383926771c"; - }; - }; networking.firewall.allowedTCPPorts = [ # nginx runs on 80 diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index 4dcfe4eca..d43f89a03 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -9,6 +9,9 @@ ../2configs/base.nix ../2configs/main-laptop.nix #< base-gui + # configures sources + ../2configs/base-sources.nix + # Krebs ../2configs/tinc-basic-retiolum.nix #../2configs/disable_v6.nix @@ -18,34 +21,30 @@ # applications ../2configs/exim-retiolum.nix - ../2configs/virtualization.nix + #../2configs/virtualization.nix + ../2configs/virtualization-virtualbox.nix ../2configs/wwan.nix # services ../2configs/git/brain-retiolum.nix - # ../2configs/Reaktor/simpleExtend.nix + ../2configs/tor.nix # hardware specifics are in here ../2configs/hw/tp-x220.nix # mount points ../2configs/fs/sda-crypto-root-home.nix ]; + krebs.Reaktor.enable = true; + krebs.Reaktor.debug = true; + krebs.Reaktor.nickname = "makefu|r"; krebs.build.host = config.krebs.hosts.pornocauster; krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@pornocauster"; - #krebs.Reaktor.nickname = "makefu|r"; networking.firewall.allowedTCPPorts = [ 25 ]; - krebs.build.deps = { - nixpkgs = { - url = https://github.com/NixOS/nixpkgs; - #url = https://github.com/makefu/nixpkgs; - rev = "03921972268934d900cc32dad253ff383926771c"; - }; - }; } diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix new file mode 100644 index 000000000..29ad82d4c --- /dev/null +++ b/makefu/1systems/wry.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, ... }: + +let + + ip = (lib.elemAt config.krebs.build.host.nets.internet.addrs4 0); +in { + imports = [ + ../../tv/2configs/CAC-CentOS-7-64bit.nix + ../2configs/base.nix + ../2configs/tinc-basic-retiolum.nix + { + } + ]; + networking.firewall.allowPing = true; + networking.interfaces.enp2s1.ip4 = [ + { + address = ip; + prefixLength = 24; + } + ]; + networking.defaultGateway = "104.233.80.1"; + networking.nameservers = [ + "8.8.8.8" + ]; + + # based on ../../tv/2configs/CAC-Developer-2.nix + sound.enable = false; + krebs.build = { + user = config.krebs.users.makefu; + target = "root@${ip}"; + host = config.krebs.hosts.wry; + }; + +} diff --git a/makefu/2configs/base-sources.nix b/makefu/2configs/base-sources.nix new file mode 100644 index 000000000..a2715ba4c --- /dev/null +++ b/makefu/2configs/base-sources.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +{ + krebs.build.source = { + git.nixpkgs = { + url = https://github.com/NixOS/nixpkgs; + #url = https://github.com/makefu/nixpkgs; + rev = "68bd8e4a9dc247726ae89cc8739574261718e328"; + }; + dir.secrets = { + host = config.krebs.hosts.pornocauster; + path = "/home/makefu/secrets/${config.krebs.build.host.name}/"; + }; + dir.stockholm = { + host = config.krebs.hosts.pornocauster; + path = toString ../.. ; + }; + }; +} diff --git a/makefu/2configs/base.nix b/makefu/2configs/base.nix index a5c64f4f3..34b413024 100644 --- a/makefu/2configs/base.nix +++ b/makefu/2configs/base.nix @@ -37,15 +37,6 @@ with lib; time.timeZone = "Europe/Berlin"; #nix.maxJobs = 1; - krebs.build.deps = { - secrets = { - url = "/home/makefu/secrets/${config.krebs.build.host.name}"; - }; - stockholm = { - url = toString ../..; - }; - }; - services.openssh.enable = true; nix.useChroot = true; diff --git a/makefu/2configs/tor.nix b/makefu/2configs/tor.nix new file mode 100644 index 000000000..e466a1839 --- /dev/null +++ b/makefu/2configs/tor.nix @@ -0,0 +1,7 @@ +{ config, lib, pkgs, ... }: + +{ + services.tor.enable = true; + services.tor.client.enable = true; + # also enables services.tor.client.privoxy +} diff --git a/makefu/2configs/virtualization-virtualbox.nix b/makefu/2configs/virtualization-virtualbox.nix new file mode 100644 index 000000000..164401f77 --- /dev/null +++ b/makefu/2configs/virtualization-virtualbox.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: + +let + mainUser = config.krebs.build.user; + version = "5.0.4"; + rev = "102546"; + vboxguestpkg = pkgs.fetchurl { + url = "http://download.virtualbox.org/virtualbox/${version}/Oracle_VM_VirtualBox_Extension_Pack-${version}-${rev}.vbox-extpack"; + sha256 = "1ykwpjvfgj11iwhx70bh2hbxhyy3hg6rnqzl4qac7xzg8xw8wqg4"; + }; +in { + inherit vboxguestpkg; + virtualisation.virtualbox.host.enable = true; + nixpkgs.config.virtualbox.enableExtensionPack = true; + + users.extraGroups.vboxusers.members = [ "${mainUser.name}" ]; |