7 files changed, 56 insertions, 120 deletions

diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix
index 6cfba567..82c17205 100644
--- a/lass/1systems/cloudkrebs.nix
+++ b/lass/1systems/cloudkrebs.nix
@@ -9,8 +9,8 @@ in {
     ../.
     ../2configs/os-templates/CAC-CentOS-7-64bit.nix
     ../2configs/base.nix
+    ../2configs/exim-retiolum.nix
     ../2configs/retiolum.nix
-    ../2configs/fastpoke-pages.nix
     ../2configs/git.nix
     ../2configs/realwallpaper.nix
     {
diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix
index c7d016cd..4e3b84bd 100644
--- a/lass/1systems/dishfire.nix
+++ b/lass/1systems/dishfire.nix
@@ -5,6 +5,7 @@
     ../.
     <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
     ../2configs/base.nix
+    ../2configs/exim-retiolum.nix
     ../2configs/git.nix
     ../2configs/websites/fritz.nix
     {
@@ -26,10 +27,19 @@
         fsType = "ext4";
       };
 
+      fileSystems."/srv/http" = {
+        device = "/dev/pool/srv_http";
+        fsType = "ext4";
+      };
+
       fileSystems."/boot" = {
         device = "/dev/vda1";
         fsType = "ext4";
       };
+      fileSystems."/bku" = {
+        device = "/dev/pool/bku";
+        fsType = "ext4";
+      };
     }
     {
       networking.dhcpcd.allowInterfaces = [
@@ -40,6 +50,11 @@
     {
       sound.enable = false;
     }
+    {
+      environment.systemPackages = with pkgs; [
+        mk_sql_pair
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.dishfire;
diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix
index 80611ee8..e2fa1c5f 100644
--- a/lass/1systems/echelon.nix
+++ b/lass/1systems/echelon.nix
@@ -9,6 +9,7 @@ in {
     ../.
     ../2configs/os-templates/CAC-CentOS-7-64bit.nix
     ../2configs/base.nix
+    ../2configs/exim-retiolum.nix
     ../2configs/retiolum.nix
     ../2configs/realwallpaper-server.nix
     ../2configs/privoxy-retiolum.nix
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index cc98c2c5..0c7c0d8e 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -5,6 +5,7 @@ with builtins;
   imports = [
     ../.
     ../2configs/baseX.nix
+    ../2configs/exim-retiolum.nix
     ../2configs/browsers.nix
     ../2configs/programs.nix
     ../2configs/git.nix
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 1f7a13c5..bdc9c324 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -4,6 +4,7 @@
   imports = [
     ../.
     ../2configs/baseX.nix
+    ../2configs/exim-retiolum.nix
     ../2configs/programs.nix
     ../2configs/bitcoin.nix
     ../2configs/browsers.nix
@@ -33,124 +34,28 @@
         { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; }
       ];
     }
-    {
-      #static-nginx-test
-      imports = [
-        ../3modules/static_nginx.nix
-      ];
-      lass.staticPage."testserver.de" = {
-        #sslEnable = true;
-        #certificate = "${toString <secrets>}/testserver.de/server.cert";
-        #certificate_key = "${toString <secrets>}/testserver.de/server.pem";
-        ssl = {
-          enable = true;
-          certificate = "${toString <secrets>}/testserver.de/server.cert";
-          certificate_key = "${toString <secrets>}/testserver.de/server.pem";
-        };
-      };
-      networking.extraHosts = ''
-        10.243.0.2 testserver.de
-      '';
-    }
     #{
-    #  #wordpress-test
-    #  #imports = singleton (sitesGenerators.createWordpress "testserver.de");
-    #  imports = [
-    #    ../3modules/wordpress_nginx.nix
-    #  ];
-    #  lass.wordpress."testserver.de" = {
-    #    multiSite = {
-    #      "1" = "testserver.de";
-    #      "2" = "bla.testserver.de";
-    #    };
-    #  };
-
     #  services.mysql = {
     #    enable = true;
     #    package = pkgs.mariadb;
     #    rootPassword = "<secrets>/mysql_rootPassword";
     #  };
-    #  networking.extraHosts = ''
-    #    10.243.0.2 testserver.de
-    #  '';
-    #  krebs.iptables.tables.filter.INPUT.rules = [
-    #    { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; }
-    #  ];
     #}
     #{
-    #  #owncloud-test
-    #  #imports = singleton (sitesGenerators.createWordpress "testserver.de");
-    #  imports = [
-    #    ../3modules/owncloud_nginx.nix
-    #  ];
-    #  lass.owncloud."owncloud-test.de" = {
+    #  services.elasticsearch = {
+    #    enable = true;
+    #    plugins = [
+    #    #  pkgs.elasticsearchPlugins.elasticsearch_kopf
+    #    ];
+    #  };
+    #}
+    #{
+    #  services.postgresql = {
+    #    enable = true;
+    #    package = pkgs.postgresql;
     #  };
-
-    #  #services.mysql = {
-    #  #  enable = true;
-    #  #  package = pkgs.mariadb;
-    #  #  rootPassword = "<secrets>/mysql_rootPassword";
-    #  #};
-    #  networking.extraHosts = ''
-    #    10.243.0.2 owncloud-test.de
-    #  '';
-    #  krebs.iptables.tables.filter.INPUT.rules = [
-    #    { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; precedence = 9998; }
-    #  ];
     #}
     {
-      containers.pythonenv = {
-        config = {
-          services.openssh.enable = true;
-          users.users.root.openssh.authorizedKeys.keys = [
-            config.krebs.users.lass.pubkey
-          ];
-
-          environment = {
-            systemPackages = with pkgs; [
-              git
-              libxml2
-              libxslt
-              libzip
-              python27Full
-              python27Packages.buildout
-              stdenv
-              zlib
-            ];
-
-            pathsToLink = [ "/include" ];
-
-            shellInit = ''
-              # help pip to find libz.so when building lxml
-              export LIBRARY_PATH=/var/run/current-system/sw/lib
-              # ditto for header files, e.g. sqlite
-              export C_INCLUDE_PATH=/var/run/current-system/sw/include
-            '';
-          };
-
-        };
-      };
-    }
-    {
-      services.mysql = {
-        enable = true;
-        package = pkgs.mariadb;
-        rootPassword = "<secrets>/mysql_rootPassword";
-      };
-    }
-    {
-      services.elasticsearch = {
-        enable = true;
-        plugins = [
-        #  pkgs.elasticsearchPlugins.elasticsearch_kopf
-        ];
-      };
-    }
-    {
-      services.postgresql = {
-        enable = true;
-        package = pkgs.postgresql;
-      };
     }
   ];
 
@@ -158,15 +63,6 @@
 
   networking.wireless.enable = true;
 
-  networking.extraHosts = ''
-    213.239.205.240 wohnprojekt-rhh.de
-    213.239.205.240 karlaskop.de
-    213.239.205.240 makeup.apanowicz.de
-    213.239.205.240 pixelpocket.de
-    213.239.205.240 reich-gebaeudereinigung.de
-    213.239.205.240 o.ubikmedia.de
-  '';
-
   hardware.enableAllFirmware = true;
   nixpkgs.config.allowUnfree = true;
 
@@ -206,7 +102,7 @@
       fsType = "ext4";
     };
 
-    "/mnt/backups" = {
+    "/bku" = {
       device = "/dev/big/backups";
       fsType = "ext4";
     };
@@ -293,6 +189,9 @@
     get
     teamspeak_client
     hashPassword
+    urban
+    mk_sql_pair
+    skype
   ];
 
   #TODO: fix this shit
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 20c919b9..e1743c99 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -6,6 +6,7 @@ in {
   imports = [
     ../.
     ../2configs/base.nix
+    ../2configs/exim-smarthost.nix
     ../2configs/downloading.nix
     ../2configs/git.nix
     ../2configs/ts3.nix
@@ -77,6 +78,18 @@ in {
         device = "/dev/pool/download";
       };
 
+      fileSystems."/srv/http" = {
+        device = "/dev/pool/http";
+      };
+
+      fileSystems."/srv/o.ubikmedia.de-data" = {
+        device = "/dev/pool/owncloud-ubik-data";
+      };
+
+      fileSystems."/bku" = {
+        device = "/dev/pool/bku";
+      };
+
     }
     {
       sound.enable = false;
@@ -117,7 +130,7 @@ in {
     }
     {
       users.users.chat.openssh.authorizedKeys.keys = [
-        "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFhFJUMTfPbv3SzqlT9S67Av/m/ctLfTd3mMhD4O9hZc+t+dZmaHWj3v1KujzMBiDp3Yfo2YdVVZLTwTluHD8yNoQH418Vm01nrYHwOsc5J0br3mb0URZSstPiz6/6Fc+PNCDfQ2skUAWUidWiH+JolROFQ4y2lfpLOw+wsK2jj+Gqx6w== JuiceSSH"
+        "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBBQjn/3n283RZkBs2CFqbpukyQ3zkLIjewRpKttPa5d4PUiT7/vOlutWH5EP4BxXQSoeZStx8D2alGjxfK+nfDvRJGGofpm23cN4j4i24Fcam1y1H7wqRXO1qbz5AB3qPg== JuiceSSH"
         config.krebs.users.lass-uriel.pubkey
       ];
     }
@@ -130,7 +143,8 @@ in {
         ../2configs/websites/domsen.nix
       ];
       krebs.iptables.tables.filter.INPUT.rules = [
-         { predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
+         { predicate = "-p tcp --dport http"; target = "ACCEPT"; }
+         { predicate = "-p tcp --dport https"; target = "ACCEPT"; }
       ];
     }
     {
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 4e4eca21..92996c18 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -5,6 +5,7 @@ with builtins;
   imports = [
     ../.
     ../2configs/baseX.nix
+    ../2configs/exim-retiolum.nix
     ../2configs/browsers.nix
     ../2configs/games.nix
     ../2configs/pass.nix
@@ -47,6 +48,11 @@ with builtins;
       fsType = "ext4";
     };
 
+    "/bku" = {
+      device = "/dev/pool/bku";
+      fsType = "ext4";
+    };
+
     "/boot" = {
       device = "/dev/sda1";
     };