7 files changed, 88 insertions, 25 deletions
diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix
index 2dce87d5d..497c03e11 100644
--- a/makefu/1systems/pnp.nix
+++ b/makefu/1systems/pnp.nix
@@ -9,6 +9,7 @@
     [ # Include the results of the hardware scan.
       # Base
       ../2configs/base.nix
+      ../2configs/base-sources.nix
       ../2configs/tinc-basic-retiolum.nix
 
       # HW/FS
@@ -38,12 +39,6 @@
 
   nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
 
-  krebs.build.deps = {
-    nixpkgs = {
-      url = https://github.com/NixOS/nixpkgs;
-      rev = "03921972268934d900cc32dad253ff383926771c";
-    };
-  };
 
   networking.firewall.allowedTCPPorts = [
   # nginx runs on 80
diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix
index 4dcfe4eca..d43f89a03 100644
--- a/makefu/1systems/pornocauster.nix
+++ b/makefu/1systems/pornocauster.nix
@@ -9,6 +9,9 @@
       ../2configs/base.nix
       ../2configs/main-laptop.nix #< base-gui
 
+      # configures sources
+      ../2configs/base-sources.nix
+
       # Krebs
       ../2configs/tinc-basic-retiolum.nix
       #../2configs/disable_v6.nix
@@ -18,34 +21,30 @@
 
       # applications
       ../2configs/exim-retiolum.nix
-      ../2configs/virtualization.nix
+      #../2configs/virtualization.nix
+      ../2configs/virtualization-virtualbox.nix
       ../2configs/wwan.nix
 
       # services
       ../2configs/git/brain-retiolum.nix
-      # ../2configs/Reaktor/simpleExtend.nix
+      ../2configs/tor.nix
 
       # hardware specifics are in here
       ../2configs/hw/tp-x220.nix
       # mount points
       ../2configs/fs/sda-crypto-root-home.nix
     ];
+  krebs.Reaktor.enable = true;
+  krebs.Reaktor.debug = true;
+  krebs.Reaktor.nickname = "makefu|r";
 
   krebs.build.host = config.krebs.hosts.pornocauster;
   krebs.build.user = config.krebs.users.makefu;
   krebs.build.target = "root@pornocauster";
 
-  #krebs.Reaktor.nickname = "makefu|r";
 
   networking.firewall.allowedTCPPorts = [
     25
   ];
 
-  krebs.build.deps = {
-    nixpkgs = {
-      url = https://github.com/NixOS/nixpkgs;
-      #url = https://github.com/makefu/nixpkgs;
-      rev = "03921972268934d900cc32dad253ff383926771c";
-    };
-  };
 }
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
new file mode 100644
index 000000000..29ad82d4c
--- /dev/null
+++ b/makefu/1systems/wry.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, ... }:
+
+let
+
+  ip = (lib.elemAt config.krebs.build.host.nets.internet.addrs4 0);
+in {
+  imports = [
+    ../../tv/2configs/CAC-CentOS-7-64bit.nix
+    ../2configs/base.nix
+    ../2configs/tinc-basic-retiolum.nix
+    {
+    }
+  ];
+  networking.firewall.allowPing = true;
+  networking.interfaces.enp2s1.ip4 = [
+      {
+        address = ip;
+        prefixLength = 24;
+      }
+    ];
+    networking.defaultGateway = "104.233.80.1";
+    networking.nameservers = [
+      "8.8.8.8"
+    ];
+
+  # based on ../../tv/2configs/CAC-Developer-2.nix
+  sound.enable = false;
+  krebs.build = {
+    user = config.krebs.users.makefu;
+    target = "root@${ip}";
+    host = config.krebs.hosts.wry;
+  };
+
+}
diff --git a/makefu/2configs/base-sources.nix b/makefu/2configs/base-sources.nix
new file mode 100644
index 000000000..a2715ba4c
--- /dev/null
+++ b/makefu/2configs/base-sources.nix
@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+
+{
+  krebs.build.source = {
+    git.nixpkgs = {
+      url = https://github.com/NixOS/nixpkgs;
+      #url = https://github.com/makefu/nixpkgs;
+      rev = "68bd8e4a9dc247726ae89cc8739574261718e328";
+    };
+    dir.secrets = {
+      host = config.krebs.hosts.pornocauster;
+      path = "/home/makefu/secrets/${config.krebs.build.host.name}/";
+    };
+    dir.stockholm = {
+      host = config.krebs.hosts.pornocauster;
+      path = toString ../.. ;
+    };
+  };
+}
diff --git a/makefu/2configs/base.nix b/makefu/2configs/base.nix
index a5c64f4f3..34b413024 100644
--- a/makefu/2configs/base.nix
+++ b/makefu/2configs/base.nix
@@ -37,15 +37,6 @@ with lib;
   time.timeZone = "Europe/Berlin";
   #nix.maxJobs = 1;
 
-  krebs.build.deps = {
-    secrets = {
-      url = "/home/makefu/secrets/${config.krebs.build.host.name}";
-    };
-    stockholm = {
-      url = toString ../..;
-    };
-  };
-
   services.openssh.enable = true;
   nix.useChroot = true;
 
diff --git a/makefu/2configs/tor.nix b/makefu/2configs/tor.nix
new file mode 100644
index 000000000..e466a1839
--- /dev/null
+++ b/makefu/2configs/tor.nix
@@ -0,0 +1,7 @@
+{ config, lib, pkgs, ... }:
+
+{
+  services.tor.enable = true;
+  services.tor.client.enable = true;
+  # also enables services.tor.client.privoxy
+}
diff --git a/makefu/2configs/virtualization-virtualbox.nix b/makefu/2configs/virtualization-virtualbox.nix
new file mode 100644
index 000000000..164401f77
--- /dev/null
+++ b/makefu/2configs/virtualization-virtualbox.nix
@@ -0,0 +1,18 @@
+{ config, lib, pkgs, ... }:
+
+let
+  mainUser = config.krebs.build.user;
+  version = "5.0.4";
+  rev = "102546";
+  vboxguestpkg = pkgs.fetchurl {
+        url = "http://download.virtualbox.org/virtualbox/${version}/Oracle_VM_VirtualBox_Extension_Pack-${version}-${rev}.vbox-extpack";
+        sha256 = "1ykwpjvfgj11iwhx70bh2hbxhyy3hg6rnqzl4qac7xzg8xw8wqg4";
+      };
+in {
+  inherit vboxguestpkg;
+  virtualisation.virtualbox.host.enable = true;
+  nixpkgs.config.virtualbox.enableExtensionPack = true;
+
+  users.extraGroups.vboxusers.members = [ "${mainUser.name}" ];
+  environment.systemPackages = [ vboxguestpkg ];
+}