summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/1systems/arcadeomat/config.nix82
-rw-r--r--krebs/1systems/arcadeomat/hw.nix25
-rw-r--r--krebs/1systems/filebitch/config.nix4
-rw-r--r--krebs/1systems/puyak/config.nix8
-rw-r--r--krebs/1systems/wolf/config.nix6
-rw-r--r--krebs/2configs/default.nix7
-rw-r--r--krebs/2configs/shack/glados/automation/ampel.nix23
-rw-r--r--krebs/2configs/shack/glados/default.nix1
-rw-r--r--krebs/2configs/shack/mqtt.nix22
-rw-r--r--krebs/2configs/shack/muell_mail.nix2
-rw-r--r--krebs/2configs/shack/muellshack.nix2
-rw-r--r--krebs/2configs/shack/node-light.nix2
-rw-r--r--krebs/2configs/shack/powerraw.nix2
-rw-r--r--krebs/2configs/shack/s3-power.nix2
-rw-r--r--krebs/2configs/shack/shackDNS.nix2
-rw-r--r--krebs/2configs/shack/share.nix1
-rw-r--r--krebs/3modules/airdcpp.nix1
-rw-r--r--krebs/3modules/brockman.nix2
-rw-r--r--krebs/3modules/buildbot/master.nix1
-rw-r--r--krebs/3modules/buildbot/slave.nix1
-rw-r--r--krebs/3modules/external/default.nix53
-rw-r--r--krebs/3modules/external/mic92.nix21
-rw-r--r--krebs/3modules/github-hosts-sync.nix3
-rw-r--r--krebs/3modules/htgen.nix3
-rw-r--r--krebs/3modules/krebs/default.nix24
-rw-r--r--krebs/3modules/lass/default.nix65
-rw-r--r--krebs/3modules/lass/ssh/tablet.ed255191
-rw-r--r--krebs/3modules/realwallpaper.nix3
-rw-r--r--krebs/3modules/tinc_graphs.nix3
-rw-r--r--krebs/3modules/urlwatch.nix2
-rw-r--r--krebs/5pkgs/override/default.nix2
-rw-r--r--krebs/nixpkgs-unstable.json9
-rw-r--r--krebs/nixpkgs.json9
-rwxr-xr-xkrebs/update-nixpkgs.sh2
-rw-r--r--lass/1systems/coaxmetal/physical.nix10
-rw-r--r--lass/1systems/dishfire/config.nix10
-rw-r--r--lass/1systems/dishfire/physical.nix21
-rw-r--r--lass/1systems/prism/config.nix6
-rw-r--r--lass/1systems/yellow/config.nix2
-rw-r--r--lass/2configs/binary-cache/server.nix17
-rw-r--r--lass/2configs/bitlbee.nix17
-rw-r--r--lass/2configs/hass/default.nix11
-rw-r--r--lass/2configs/prism-share.nix3
-rw-r--r--lass/3modules/usershadow.nix17
-rw-r--r--lib/types.nix13
-rw-r--r--makefu/0tests/data/secrets/hass/tile.nix4
-rw-r--r--makefu/1systems/filepimp/config.nix8
-rw-r--r--makefu/1systems/gum/config.nix2
-rw-r--r--makefu/1systems/iso/target-config.nix6
-rw-r--r--makefu/1systems/omo/config.nix2
-rw-r--r--makefu/1systems/wbob/config.nix12
-rw-r--r--makefu/1systems/x/config.nix1
-rw-r--r--makefu/2configs/bureautomation/zigbee2mqtt/default.nix2
-rw-r--r--makefu/2configs/dcpp/hub.nix50
-rw-r--r--makefu/2configs/default.nix8
-rw-r--r--makefu/2configs/deployment/gecloudpad/gecloudpad.nix4
-rw-r--r--makefu/2configs/editor/neovim/default.nix6
-rw-r--r--makefu/2configs/filepimp-share.nix2
-rw-r--r--makefu/2configs/fs/sda-crypto-root.nix4
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix2
-rw-r--r--makefu/2configs/home/ham/automation/light_buttons.nix60
-rw-r--r--makefu/2configs/home/ham/default.nix1
-rw-r--r--makefu/2configs/home/ham/device_tracker/tile.nix10
-rw-r--r--makefu/2configs/home/ham/light/arbeitszimmer.nix20
-rw-r--r--makefu/2configs/home/ham/mqtt.nix43
-rw-r--r--makefu/2configs/lanparty/samba.nix2
-rw-r--r--makefu/2configs/minimal.nix4
-rw-r--r--makefu/2configs/mqtt.nix20
-rw-r--r--makefu/2configs/nix-community/supervision.nix1
-rw-r--r--makefu/2configs/nsupdate-data.nix6
-rw-r--r--makefu/2configs/share/omo.nix2
-rw-r--r--makefu/2configs/share/temp-share-samba.nix2
-rw-r--r--makefu/2configs/share/wbob.nix2
-rw-r--r--makefu/2configs/stats/arafetch.nix2
-rw-r--r--makefu/2configs/tools/android-pentest.nix2
-rw-r--r--makefu/2configs/tools/dev.nix5
-rw-r--r--makefu/2configs/tools/extra-gui.nix3
-rw-r--r--makefu/2configs/urlwatch/default.nix6
-rw-r--r--makefu/3modules/ps3netsrv.nix1
-rw-r--r--makefu/5pkgs/beef/default.nix4
-rw-r--r--makefu/5pkgs/bintray-upload/default.nix4
-rw-r--r--makefu/5pkgs/cmpforopenssl/default.nix8
-rw-r--r--makefu/5pkgs/custom/alsa-tools/default.nix6
-rw-r--r--makefu/5pkgs/custom/qcma/default.nix12
-rw-r--r--makefu/5pkgs/debmirror/default.nix8
-rw-r--r--makefu/5pkgs/default.nix4
-rw-r--r--makefu/5pkgs/devpi/default.nix2
-rw-r--r--makefu/5pkgs/drozer/default.nix1
-rw-r--r--makefu/5pkgs/gen-oath-safe/default.nix4
-rw-r--r--makefu/5pkgs/kalauerbot/default.nix6
-rw-r--r--makefu/5pkgs/logstash-input-rss/default.nix4
-rw-r--r--makefu/5pkgs/logstash-output-exec/default.nix4
-rw-r--r--makefu/5pkgs/novnc/default.nix6
-rw-r--r--makefu/5pkgs/ns-atmosphere-programmer/default.nix4
-rw-r--r--makefu/5pkgs/nx_game_info/default.nix8
-rw-r--r--makefu/5pkgs/pavumeter/default.nix6
-rw-r--r--makefu/5pkgs/studio-link/default.nix3
-rw-r--r--makefu/5pkgs/uhub/default.nix48
-rw-r--r--makefu/5pkgs/v4l2loopback-dc/default.nix4
-rw-r--r--makefu/5pkgs/xdcc-dl/default.nix16
-rw-r--r--makefu/5pkgs/xmm7360/default.nix4
-rw-r--r--makefu/krops.nix2
102 files changed, 691 insertions, 305 deletions
diff --git a/krebs/1systems/arcadeomat/config.nix b/krebs/1systems/arcadeomat/config.nix
new file mode 100644
index 000000000..cdeaae180
--- /dev/null
+++ b/krebs/1systems/arcadeomat/config.nix
@@ -0,0 +1,82 @@
+{ config,lib, pkgs, ... }:
+let
+ shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
+ ext-if = "et0";
+ external-mac = "52:54:b0:0b:af:fe";
+ mainUser = "krebs";
+
+in
+{
+ imports = [
+ ./hw.nix
+ <stockholm/krebs>
+ <stockholm/krebs/2configs>
+
+ #<stockholm/krebs/2configs/binary-cache/nixos.nix>
+ #<stockholm/krebs/2configs/binary-cache/prism.nix>
+
+ <stockholm/krebs/2configs/shack/ssh-keys.nix>
+ <stockholm/krebs/2configs/save-diskspace.nix>
+ <stockholm/krebs/2configs/shack/prometheus/node.nix>
+
+ ];
+ # use your own binary cache, fallback use cache.nixos.org (which is used by
+ # apt-cacher-ng in first place)
+
+ # local discovery in shackspace
+ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
+ krebs.tinc.retiolum.extraConfig = "TCPOnly = yes";
+
+
+ #networking = {
+ # firewall.enable = false;
+ # firewall.allowedTCPPorts = [ 8088 8086 8083 ];
+ # interfaces."${ext-if}".ipv4.addresses = [
+ # {
+ # address = shack-ip;
+ # prefixLength = 20;
+ # }
+ # ];
+
+ # defaultGateway = "10.42.0.1";
+ # nameservers = [ "10.42.0.100" "10.42.0.200" ];
+ #};
+
+ #####################
+ # uninteresting stuff
+ #####################
+ krebs.build.host = config.krebs.hosts.arcadeomat;
+ users.users."${mainUser}" = {
+ uid = 9001;
+ extraGroups = [ "audio" "video" ];
+ isNormalUser = true;
+ };
+
+
+ time.timeZone = "Europe/Berlin";
+
+ # avahi
+ services.avahi = {
+ enable = true;
+ wideArea = false;
+ };
+ environment.systemPackages = with pkgs;[ glxinfo sdlmame ];
+ nixpkgs.config.allowUnfree = true;
+ hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.legacy_340;
+ boot.kernelPackages = pkgs.linuxPackages_5_4;
+
+ services.xserver = {
+ videoDrivers = [ "nvidia" ];
+ enable = true;
+ windowManager = {
+ awesome.enable = true;
+ awesome.noArgb = true;
+ awesome.luaModules = [ pkgs.luaPackages.vicious ];
+ };
+ displayManager.defaultSession = lib.mkDefault "none+awesome";
+ displayManager.autoLogin = {
+ enable = true;
+ user = mainUser;
+ };
+ };
+}
diff --git a/krebs/1systems/arcadeomat/hw.nix b/krebs/1systems/arcadeomat/hw.nix
new file mode 100644
index 000000000..b24deeecb
--- /dev/null
+++ b/krebs/1systems/arcadeomat/hw.nix
@@ -0,0 +1,25 @@
+
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "ahci" "ohci_pci" "ehci_pci" "pata_atiixp" "usbhid" "sd_mod" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ "kvm-amd" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-uuid/0aae456e-0548-4917-a282-11d5d4e403cf";
+ fsType = "ext4";
+ };
+
+ swapDevices = [ ];
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.device = "/dev/sda";
+ boot.loader.grub.copyKernels = true;
+
+}
diff --git a/krebs/1systems/filebitch/config.nix b/krebs/1systems/filebitch/config.nix
index 9c6a9da08..e27d036c8 100644
--- a/krebs/1systems/filebitch/config.nix
+++ b/krebs/1systems/filebitch/config.nix
@@ -23,8 +23,8 @@ in
}
## Collect local statistics via collectd and send to collectd
- <stockholm/krebs/2configs/stats/shack-client.nix>
- <stockholm/krebs/2configs/stats/shack-debugging.nix>
+ # <stockholm/krebs/2configs/stats/shack-client.nix>
+ # <stockholm/krebs/2configs/stats/shack-debugging.nix>
];
krebs.build.host = config.krebs.hosts.filebitch;
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 5ed946aca..f4bd472a4 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -92,8 +92,8 @@
<stockholm/krebs/2configs/shack/influx.nix>
## Collect local statistics via collectd and send to collectd
- <stockholm/krebs/2configs/stats/shack-client.nix>
- <stockholm/krebs/2configs/stats/shack-debugging.nix>
+ # <stockholm/krebs/2configs/stats/shack-client.nix>
+ # <stockholm/krebs/2configs/stats/shack-debugging.nix>
## netbox.shack: Netbox is disabled as nobody seems to be using it anyway
# <stockholm/krebs/2configs/shack/netbox.nix>
@@ -111,10 +111,6 @@
<stockholm/krebs/2configs/shack/prometheus/blackbox.nix>
#<stockholm/krebs/2configs/shack/prometheus/unifi.nix>
<stockholm/krebs/2configs/shack/prometheus/alertmanager-telegram.nix>
-
- ## Collect local statistics via collectd and send to collectd
- <stockholm/krebs/2configs/stats/shack-client.nix>
- <stockholm/krebs/2configs/stats/shack-debugging.nix>
];
krebs.build.host = config.krebs.hosts.puyak;
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 25e7c5f06..12ce4db3e 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -52,12 +52,6 @@ in
#####################
krebs.build.host = config.krebs.hosts.wolf;
- boot.kernel.sysctl = {
- # Enable IPv6 Privacy Extensions
- "net.ipv6.conf.all.use_tempaddr" = 2;
- "net.ipv6.conf.default.use_tempaddr" = 2;
- };
-
boot.initrd.availableKernelModules = [
"ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk"
];
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 4c25bc963..369b750b7 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -45,6 +45,13 @@ with import <stockholm/lib>;
services.cron.enable = false;
services.ntp.enable = false;
+ # limit journald size
+ services.journald.extraConfig = ''
+ SystemMaxUse=1G
+ RuntimeMaxUse=128M
+ Storage=persistent
+ '';
+
users.mutableUsers = false;
users.extraUsers.root.openssh.authorizedKeys.keys = [
config.krebs.users.jeschli-brauerei.pubkey
diff --git a/krebs/2configs/shack/glados/automation/ampel.nix