summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/hotdog/config.nix17
-rw-r--r--krebs/1systems/hotdog/source.nix3
-rw-r--r--krebs/1systems/puyak/config.nix5
-rw-r--r--krebs/2configs/hw/x220.nix29
-rw-r--r--krebs/3modules/krebs/default.nix24
-rw-r--r--krebs/5pkgs/writers.nix7
6 files changed, 80 insertions, 5 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
new file mode 100644
index 000000000..18c8a86cd
--- /dev/null
+++ b/krebs/1systems/hotdog/config.nix
@@ -0,0 +1,17 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ <stockholm/krebs>
+ <stockholm/krebs/2configs>
+ ];
+
+ krebs.build.host = config.krebs.hosts.hotdog;
+
+ boot.isContainer = true;
+ networking.useDHCP = false;
+}
diff --git a/krebs/1systems/hotdog/source.nix b/krebs/1systems/hotdog/source.nix
new file mode 100644
index 000000000..0fa61b20f
--- /dev/null
+++ b/krebs/1systems/hotdog/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/krebs/source.nix> {
+ name = "hotdog";
+}
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 835d717b8..19ee2343d 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -5,6 +5,7 @@
<stockholm/krebs>
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/secret-passwords.nix>
+ <stockholm/krebs/2configs/hw/x220.nix>
<stockholm/krebs/2configs/repo-sync.nix>
<stockholm/krebs/2configs/shared-buildbot.nix>
@@ -48,10 +49,6 @@
};
};
- hardware.enableAllFirmware = true;
- networking.wireless.enable = true;
- nixpkgs.config.allowUnfree = true;
-
services.logind.extraConfig = ''
HandleLidSwitch=ignore
'';
diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix
new file mode 100644
index 000000000..c85bac0d4
--- /dev/null
+++ b/krebs/2configs/hw/x220.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+ networking.wireless.enable = lib.mkDefault true;
+
+ hardware.enableRedistributableFirmware = true;
+
+ hardware.cpu.intel.updateMicrocode = true;
+
+ services.tlp.enable = true;
+
+ boot = {
+ kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
+ extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
+ kernelParams = [ "acpi_backlight=none" ];
+ };
+
+ hardware.opengl.extraPackages = [
+ pkgs.vaapiIntel
+ pkgs.vaapiVdpau
+ ];
+
+ security.rngd.enable = true;
+
+ services.xserver = {
+ videoDriver = "intel";
+ };
+}
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index f751b4f9f..07543489a 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -30,6 +30,30 @@ let
});
in {
hosts = {
+ hotdog = {
+ owner = config.krebs.users.krebs;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.77.3";
+ ip6.addr = "42:0:0:0:0:0:77:3";
+ aliases = [
+ "hotdog.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAs9+Au3oj29C5ol/YnkG9GjfCH5z53wxjH2iy8UPike8C7GASZKqc
+ bZBrvxkIOyVs5oVtolPcaI0/nvtpIhSlmM6hg9qe1rZO6jXt53GVNvgdcUIfVHbX
+ mQmp4oVXOjPIeDqLn32Mc0O73Kp6i66zQGAXi8ejczuO0h6oSvAnjolT4wM9jugk
+ JBGCDlpl9mxAGDN5VOqbg2i0FxwtUk2UA9XghEaRcfBkVdsOrtW8sCwOg8YttQt9
+ fs7JjezUtw7JBxN754ynaahSRODcjyJhwjE18tKx6P7wsNbgbmULFQz+7IxZ01/P
+ h5ZUzfd1r1pTzQ0nYD5aRtlDd7zP7y5tUwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
+ };
puyak = {
owner = config.krebs.users.krebs;
nets = {
diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix
index c4fb8cd83..49ca3557e 100644
--- a/krebs/5pkgs/writers.nix
+++ b/krebs/5pkgs/writers.nix
@@ -262,7 +262,12 @@ with import <stockholm/lib>;
};
};
- writeJSON = name: value: pkgs.writeText name (toJSON value);
+ writeJSON = name: value: pkgs.runCommand name {
+ json = toJSON value;
+ passAsFile = [ "json" ];
+ } /* sh */ ''
+ ${pkgs.jq}/bin/jq . "$jsonPath" > "$out"
+ '';
writeNixFromCabal =
trace (toString [
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 10:55:08 +0000