diff options
Diffstat (limited to 'lass')
| -rw-r--r-- | lass/1systems/helios/config.nix | 3 | ||||
| -rw-r--r-- | lass/1systems/mors/config.nix | 8 | ||||
| -rw-r--r-- | lass/1systems/prism/config.nix | 19 | ||||
| -rw-r--r-- | lass/2configs/browsers.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/dcso-dev.nix | 10 | ||||
| -rw-r--r-- | lass/2configs/exim-smarthost.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/vim.nix | 28 | ||||
| -rw-r--r-- | lass/2configs/websites/lassulus.nix | 16 |
9 files changed, 65 insertions, 26 deletions
diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index bd7f75c3e..5657742a6 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -71,6 +71,9 @@ with import <stockholm/lib>; hashPassword thunderbird dpass + + # we want tensorflow! (with GPU acceleration) + python3Packages.tensorflowWithCuda ]; users.users = { diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index fd26d0b66..8892d426d 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -80,9 +80,6 @@ with import <stockholm/lib>; client.enable = true; }; } - { - services.mongodb.enable = true; - } ]; krebs.build.host = config.krebs.hosts.mors; @@ -180,4 +177,9 @@ with import <stockholm/lib>; }; }); virtualisation.libvirtd.enable = true; + + services.earlyoom = { + enable = true; + freeMemThreshold = 5; + }; } diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 2626ebf33..6be45d38d 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -315,21 +315,6 @@ with import <stockholm/lib>; }; }; } - { #weechat port forwarding to blue - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 9998"; target = "ACCEPT";} - ]; - krebs.iptables.tables.nat.PREROUTING.rules = [ - { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.prism.nets.internet.ip4.addr} -p tcp --dport 9998"; target = "DNAT --to-destination ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}:9999"; } - ]; - krebs.iptables.tables.filter.FORWARD.rules = [ - { v6 = false; precedence = 1000; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "ACCEPT"; } - { v6 = false; precedence = 1000; predicate = "-s ${config.krebs.hosts.blue.nets.retiolum.ip4.addr}"; target = "ACCEPT"; } - ]; - krebs.iptables.tables.nat.POSTROUTING.rules = [ - { v6 = false; predicate = "-d ${config.krebs.hosts.blue.nets.retiolum.ip4.addr} -p tcp --dport 9999"; target = "MASQUERADE"; } - ]; - } { krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p udp --dport 51820"; target = "ACCEPT"; } @@ -376,4 +361,8 @@ with import <stockholm/lib>; krebs.build.host = config.krebs.hosts.prism; # workaround because grub store paths are broken boot.copyKernels = true; + services.earlyoom = { + enable = true; + freeMemThreshold = 5; + }; } diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 3030d8faf..272169e92 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -90,7 +90,7 @@ in { } ( createQuteUser "qb" [ "audio" ] 20 ) ( createFirefoxUser "ff" [ "audio" ] 10 ) - ( createChromiumUser "cr" [ "audio" ] 9 ) + ( createChromiumUser "cr" [ "audio" "video" ] 9 ) ( createChromiumUser "gm" [ "video" "audio" ] 8 ) ( createChromiumUser "wk" [ "audio" ] 0 ) ( createChromiumUser "fb" [ "audio" ] 0 ) diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index 62a601dc3..41a73a499 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -9,7 +9,7 @@ in { dev = { name = "dev"; uid = genid "dev"; - extraGroups = [ "docker" ]; + extraGroups = [ "docker" "vboxusers" ]; description = "user for collaborative development"; home = "/home/dev"; useDefaultShell = true; @@ -60,8 +60,14 @@ in { ${mainUser.name} ALL=(dev) NOPASSWD: ALL ''; - services.rabbitmq.enable = true; networking.interfaces.et0.ipv4.addresses = [ { address = "10.99.23.1"; prefixLength = 24; } ]; + virtualisation.docker.enable = true; + environment.etc."docker/daemon.json".source = pkgs.writeText "daemon.json" '' + { + "bip": "172.25.0.1/16" + } + ''; + services.rabbitmq.enable = true; } diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 371f20885..db6bda005 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -83,6 +83,7 @@ with import <stockholm/lib>; { from = "elitedangerous@lassul.us"; to = lass.mail; } { from = "boardgamegeek@lassul.us"; to = lass.mail; } { from = "qwertee@lassul.us"; to = lass.mail; } + { from = "zazzle@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 707796dd9..9e3c426ed 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -30,6 +30,10 @@ let rules = concatMap make-rules (attrValues repos); public-repos = mapAttrs make-public-repo { + cholerab = { + cgit.desc = "krebs thesauron & enterprise-patterns"; + cgit.section = "documentation"; + }; news = { cgit.desc = "take a rss feed and a timeout and print it to stdout"; cgit.section = "software"; diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 6014fd082..823d9a8ca 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -2,6 +2,12 @@ with import <stockholm/lib>; let + unstable_nixpkgs = import (pkgs.fetchFromGitHub { + owner = "NixOS"; + repo = "nixpkgs"; + rev = "a8c71037e041725d40fbf2f3047347b6833b1703"; + sha256 = "1z4cchcw7qgjhy0x6mnz7iqvpswc2nfjpdynxc54zpm66khfrjqw"; + }) {}; out = { environment.systemPackages = [ (hiPrio vim) @@ -9,6 +15,10 @@ let (pkgs.writeDashBin "govet" '' go vet "$@" '') + (hiPrio (unstable_nixpkgs.python3.withPackages (ps: [ + ps.python-language-server + ps.pyls-isort + ]))) ]; environment.etc.vimrc.source = vimrc; @@ -68,11 +78,17 @@ let au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile "Syntastic config - let g:syntastic_python_checkers=['flake8'] - let g:syntastic_python_flake8_post_args='--ignore=E501' + "let g:syntastic_python_checkers=['flake8'] + "let g:syntastic_python_flake8_post_args='--ignore=E501' - let g:go_metalinter_autosave = 1 - let g:go_metalinter_deadline = "10s" + nnoremap <F5> :call LanguageClient_contextMenu()<CR> + set hidden + let g:LanguageClient_serverCommands = { + \ 'python': ['pyls'], + \ 'go': ['~/go/bin/go-langserver'] + \ } + + let g:LanguageClient_diagnosticsDisplay = { 2: { "signText": "W" } } nmap <esc>q :buffer nmap <M-q> :buffer @@ -115,9 +131,11 @@ let extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ pkgs.vimPlugins.ack-vim pkgs.vimPlugins.Gundo - pkgs.vimPlugins.Syntastic + #pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree pkgs.vimPlugins.vim-go + pkgs.vimPlugins.fzf-vim + unstable_nixpkgs.vimPlugins.LanguageClient-neovim (pkgs.vimUtils.buildVimPlugin { name = "file-line-1.0"; src = pkgs.fetchFromGitHub { diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 53f1eea5c..f60a66952 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -66,6 +66,22 @@ in { locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; + locations."/urlaubyay2018".extraConfig = '' + autoindex on; + alias /srv/http/lassul.us-media/india2018; + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "pics-user-pass" '' + paolo:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0 + ''}; + ''; + locations."/heilstadt".extraConfig = '' + autoindex on; + alias /srv/http/lassul.us-media/grabowsee2018; + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "pics-user-pass" '' + c-base:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0 + ''}; + ''; # TODO make this work! locations."= /ddate".extraConfig = let script = pkgs.writeBash "test" '' |