diff options
Diffstat (limited to 'makefu/2configs')
| -rw-r--r-- | makefu/2configs/base-gui.nix | 5 | ||||
| -rw-r--r-- | makefu/2configs/default.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/deployment/graphs.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/dnscrypt.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/fetchWallpaper.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/ipfs.nix | 5 | ||||
| -rw-r--r-- | makefu/2configs/logging/central-stats-server.nix | 7 | ||||
| -rw-r--r-- | makefu/2configs/syncthing.nix | 11 | ||||
| -rw-r--r-- | makefu/2configs/tools/core-gui.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/tools/core.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/tools/extra-gui.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/tools/sec.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/urxvtd.nix | 21 |
13 files changed, 58 insertions, 7 deletions
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index ba4c551b..1a19ab36 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -16,7 +16,10 @@ let mainUser = config.krebs.build.user.name; in { - imports = [ ]; + imports = [ + ./urxvtd.nix + ]; + services.xserver = { enable = true; layout = "us"; diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index cd9b4c05..0865c3a3 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -11,7 +11,7 @@ with import <stockholm/lib>; ./vim.nix ./binary-cache/nixos.nix ]; - + programs.command-not-found.enable = false; nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { enable = true; @@ -22,7 +22,7 @@ with import <stockholm/lib>; user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; - ref = "2982661"; # unstable @ 2017-03-31 + cups-dymo + snapraid-11.1 + ref = "4fac473"; # unstable @ 2017-03-31 + command-not-found in { nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then { diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix index 35a724f6..b33ddece 100644 --- a/makefu/2configs/deployment/graphs.nix +++ b/makefu/2configs/deployment/graphs.nix @@ -23,8 +23,8 @@ in { } ''; serverAliases = [ - "graphs.r" "graphs.retiolum" - "graphs.${hn}" "graphs.${hn}.retiolum" + "graph.r" + "graph.${hn}" "graph.${hn}.r" ]; }; anonymous = { diff --git a/makefu/2configs/dnscrypt.nix b/makefu/2configs/dnscrypt.nix index d810456f..6e7ef0f8 100644 --- a/makefu/2configs/dnscrypt.nix +++ b/makefu/2configs/dnscrypt.nix @@ -1,5 +1,6 @@ { services.dnscrypt-proxy.enable = true; + services.dnscrypt-proxy.resolverName = "cs-de"; networking.extraResolvconfConf = '' name_servers='127.0.0.1' ''; diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix index fb74919c..16a7a13b 100644 --- a/makefu/2configs/fetchWallpaper.nix +++ b/makefu/2configs/fetchWallpaper.nix @@ -8,7 +8,7 @@ timerConfig = { OnCalendar = "*:0/30"; }; - url = "http://echelon/wallpaper.png"; + url = "http://prism.r/realwallpaper-sat-krebs.png"; }; } diff --git a/makefu/2configs/ipfs.nix b/makefu/2configs/ipfs.nix new file mode 100644 index 00000000..cc07e063 --- /dev/null +++ b/makefu/2configs/ipfs.nix @@ -0,0 +1,5 @@ +{...}: +{ + services.ipfs.enable = true; + networking.firewall.allowedTCPPorts = [ 4001 ]; +} diff --git a/makefu/2configs/logging/central-stats-server.nix b/makefu/2configs/logging/central-stats-server.nix index 30ad6387..4f7961f3 100644 --- a/makefu/2configs/logging/central-stats-server.nix +++ b/makefu/2configs/logging/central-stats-server.nix @@ -71,5 +71,12 @@ in { iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + + ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT + ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT + ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ''; } diff --git a/makefu/2configs/syncthing.nix b/makefu/2configs/syncthing.nix new file mode 100644 index 00000000..6b758ea2 --- /dev/null +++ b/makefu/2configs/syncthing.nix @@ -0,0 +1,11 @@ +{...}: + +with import <stockholm/lib>; { + services.syncthing = { + enable = true; + openDefaultPorts = true; + useInotify = true; + group = "download"; + }; + users.extraGroups.download.gid = genid "download"; +} diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 6d62e92c..0538647a 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -12,11 +12,11 @@ firefox keepassx pcmanfm + evince skype mirage tightvnc gnome3.dconf - wireshark xdotool xorg.xbacklight scrot diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 86d72c66..6ae2951e 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -40,6 +40,7 @@ cac-api cac-panel krebspaste + krebszones ledger pass ]; diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 9cfacf40..596734dd 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -4,6 +4,7 @@ krebs.per-user.makefu.packages = with pkgs;[ inkscape gimp + libreoffice skype virtmanager synergy diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix index 5ab699f3..e53d9ee8 100644 --- a/makefu/2configs/tools/sec.nix +++ b/makefu/2configs/tools/sec.nix @@ -11,5 +11,6 @@ nmap msf thc-hydra + wireshark ]; } diff --git a/makefu/2configs/urxvtd.nix b/makefu/2configs/urxvtd.nix new file mode 100644 index 00000000..286b87ab --- /dev/null +++ b/makefu/2configs/urxvtd.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: + +let + mainUser = config.krebs.build.user.name; +in { + systemd.services.urxvtd = { + wantedBy = [ "multi-user.target" ]; + before = [ "graphical.target" ]; + reloadIfChanged = true; + serviceConfig = { + SyslogIdentifier = "urxvtd"; + ExecReload = "${pkgs.coreutils}/bin/echo NOP"; + ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd"; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = mainUser; + }; + }; + # TODO: sessionCommands from base-gui related to urxvt in this file +} |