From 1c3f7610c594e5918acd96adce2b79d7fba2765b Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Mon, 17 Aug 2015 23:21:51 +0200 Subject: urlwatch: fix ca-bundle path --- krebs/3modules/urlwatch.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 39d9fec5..531e6c87 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -78,7 +78,7 @@ let HOME = cfg.dataDir; LC_ALL = "en_US.UTF-8"; LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive"; - SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + SSL_CERT_FILE = "${pkgs.cacert}/etc/ca-bundle.crt"; }; serviceConfig = { User = user.name; @@ -100,7 +100,6 @@ let ExecStart = pkgs.writeScript "urlwatch" '' #! /bin/sh set -euf - from=${escapeShellArg cfg.from} mailto=${escapeShellArg cfg.mailto} urlsFile=${escapeShellArg urlsFile} -- cgit v1.2.3 From a97078ca589375c76721e2cdbb24197ee458fccf Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Mon, 17 Aug 2015 23:22:49 +0200 Subject: makefu/pnp: add urlwatch --- makefu/1systems/pnp.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 6693dc06..1147c20f 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -10,9 +10,12 @@ ../2configs/base.nix ../2configs/cgit-retiolum.nix - ../2configs/graphite-standalone.nix + # ../2configs/graphite-standalone.nix ../2configs/vm-single-partition.nix ../2configs/tinc-basic-retiolum.nix + + ../2configs/exim-retiolum.nix + ../2configs/urlwatch.nix ]; krebs.build.host = config.krebs.hosts.pnp; krebs.build.user = config.krebs.users.makefu; @@ -27,10 +30,14 @@ networking.firewall.allowedTCPPorts = [ # nginx runs on 80 + 80 # graphite-web runs on 8080, carbon cache runs on 2003 tcp and udp - 80 - 8080 2003 + # 8080 2003 + + # smtp + 25 ]; - networking.firewall.allowedUDPPorts = [ 2003 ]; + + # networking.firewall.allowedUDPPorts = [ 2003 ]; } -- cgit v1.2.3 From 3496e869000f7b4059ec5c2597b0504f6cb855ea Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Mon, 17 Aug 2015 23:24:37 +0200 Subject: makefu:add urlwatch,exim-retiolum --- makefu/1systems/tsp.nix | 8 +++++--- makefu/2configs/exim-retiolum.nix | 11 +++++++++++ makefu/2configs/urlwatch.nix | 17 +++++++++++++++++ 3 files changed, 33 insertions(+), 3 deletions(-) create mode 100644 makefu/2configs/exim-retiolum.nix create mode 100644 makefu/2configs/urlwatch.nix diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix index 388ded06..638d2ca8 100644 --- a/makefu/1systems/tsp.nix +++ b/makefu/1systems/tsp.nix @@ -15,13 +15,15 @@ ../2configs/disable_v6.nix ../2configs/rad1o.nix + + ../2configs/exim-retiolum.nix ]; # not working in vm krebs.build.host = config.krebs.hosts.tsp; krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@tsp"; - krebs.exim-retiolum.enable = true; + networking.firewall.allowedTCPPorts = [ 25 ]; @@ -31,8 +33,8 @@ #url = https://github.com/NixOS/nixpkgs; # rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L) url = https://github.com/makefu/nixpkgs; - rev = "8b8b65da24f13f9317504e8bcba476f9161613fe"; + #rev = "8b8b65da24f13f9317504e8bcba476f9161613fe"; + rev = "f5fe787f778b872c6b2221598501c9310cb83915"; }; }; - } diff --git a/makefu/2configs/exim-retiolum.nix b/makefu/2configs/exim-retiolum.nix new file mode 100644 index 00000000..fc570ba9 --- /dev/null +++ b/makefu/2configs/exim-retiolum.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + krebs.exim-retiolum.enable = true; + environment.systemPackages = with pkgs; [ + msmtp + mutt-kz + ]; + +} diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix new file mode 100644 index 00000000..933cb93c --- /dev/null +++ b/makefu/2configs/urlwatch.nix @@ -0,0 +1,17 @@ +{ config, ... }: + +{ + krebs.urlwatch = { + enable = true; + mailto = config.krebs.users.makefu.mail; + onCalendar = "*-*-* 05:00:00"; + urls = [ + ## nixpkgs maintenance + https://api.github.com/repos/ovh/python-ovh/tags + https://api.github.com/repos/embray/d2to1/tags + http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release + + ]; + }; +} + -- cgit v1.2.3 From f666c217906382bd63dddc83f7f822c1798c3df7 Mon Sep 17 00:00:00 2001 From: System administrator Date: Sat, 22 Aug 2015 23:28:41 +0000 Subject: add pornocauster systems --- makefu/1systems/pornocauster.nix | 43 ++++++++++++++++++++++++++++++++ makefu/2configs/sda-crypto-root-home.nix | 35 ++++++++++++++++++++++++++ 2 files changed, 78 insertions(+) create mode 100644 makefu/1systems/pornocauster.nix create mode 100644 makefu/2configs/sda-crypto-root-home.nix diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix new file mode 100644 index 00000000..b8ba9289 --- /dev/null +++ b/makefu/1systems/pornocauster.nix @@ -0,0 +1,43 @@ +# +# +# +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ../2configs/base.nix + ../2configs/base-gui.nix + ../2configs/tinc-basic-retiolum.nix + #../2configs/sda-crypto-root.nix + ../2configs/sda-crypto-root-home.nix + # hardware specifics are in here + ../2configs/tp-x200.nix + + #../2configs/disable_v6.nix + #../2configs/rad1o.nix + + #../2configs/exim-retiolum.nix + ]; + # not working in vm + krebs.build.host = config.krebs.hosts.pornocauster; + krebs.build.user = config.krebs.users.makefu; + krebs.build.target = "root@localhost"; + + boot.kernelModules = [ "kvm-intel" ]; + + + networking.firewall.allowedTCPPorts = [ + 25 + ]; + + krebs.build.deps = { + nixpkgs = { + #url = https://github.com/NixOS/nixpkgs; + # rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L) + url = https://github.com/makefu/nixpkgs; + #rev = "8b8b65da24f13f9317504e8bcba476f9161613fe"; + rev = "f5fe787f778b872c6b2221598501c9310cb83915"; + }; + }; +} diff --git a/makefu/2configs/sda-crypto-root-home.nix b/makefu/2configs/sda-crypto-root-home.nix new file mode 100644 index 00000000..28d14011 --- /dev/null +++ b/makefu/2configs/sda-crypto-root-home.nix @@ -0,0 +1,35 @@ +{ config, lib, pkgs, ... }: + +# sda: bootloader grub2 +# sda1: boot ext4 (label nixboot) +# sda2: cryptoluks -> ext4 +with lib; +{ + boot = { + loader.grub.enable =true; + loader.grub.version =2; + loader.grub.device = "/dev/sda"; + + initrd.luks.devices = [ { name = "main"; device = "/dev/sda2"; allowDiscards=true; }]; + initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ]; + initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; + }; + fileSystems = { + "/" = { + device = "/dev/mapper/main-root"; + fsType = "ext4"; + options="defaults,discard"; + }; + # TODO: just import sda-crypto-root, add this device + "/home" = { + device = "/dev/mapper/main-home"; + fsType = "ext4"; + options="defaults,discard"; + }; + "/boot" = { + device = "/dev/disk/by-label/nixboot"; + fsType = "ext4"; + options="defaults,discard"; + }; + }; +} -- cgit v1.2.3 From 7a1e2f83b242b6779e1590082fbe93a8ed429611 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 23 Aug 2015 02:48:35 +0200 Subject: makefu: cleanup,refactoring after transfer --- makefu/1systems/pornocauster.nix | 17 +++++++++-------- makefu/1systems/tsp.nix | 3 ++- makefu/2configs/base-gui.nix | 30 ++++++++++++------------------ makefu/2configs/main-laptop.nix | 23 +++++++++++++++++++++++ makefu/2configs/sda-crypto-root-home.nix | 6 +++++- makefu/2configs/tp-x200.nix | 27 ++------------------------- makefu/2configs/tp-x220.nix | 10 ++++++++++ makefu/2configs/tp-x2x0.nix | 27 +++++++++++++++++++++++++++ makefu/2configs/zsh-user.nix | 10 ++++++++++ 9 files changed, 100 insertions(+), 53 deletions(-) create mode 100644 makefu/2configs/main-laptop.nix create mode 100644 makefu/2configs/tp-x220.nix create mode 100644 makefu/2configs/tp-x2x0.nix create mode 100644 makefu/2configs/zsh-user.nix diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index b8ba9289..b6b7a59b 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -7,22 +7,24 @@ imports = [ # Include the results of the hardware scan. ../2configs/base.nix - ../2configs/base-gui.nix + ../2configs/main-laptop.nix #< base-gui + ../2configs/tinc-basic-retiolum.nix #../2configs/sda-crypto-root.nix ../2configs/sda-crypto-root-home.nix - # hardware specifics are in here - ../2configs/tp-x200.nix + ../2configs/zsh-user.nix + ../2configs/exim-retiolum.nix #../2configs/disable_v6.nix - #../2configs/rad1o.nix - #../2configs/exim-retiolum.nix + # hardware specifics are in here + ../2configs/tp-x220.nix ]; - # not working in vm + krebs.build.host = config.krebs.hosts.pornocauster; krebs.build.user = config.krebs.users.makefu; - krebs.build.target = "root@localhost"; + krebs.build.target = "root@pornocauster"; + boot.kernelModules = [ "kvm-intel" ]; @@ -36,7 +38,6 @@ #url = https://github.com/NixOS/nixpkgs; # rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L) url = https://github.com/makefu/nixpkgs; - #rev = "8b8b65da24f13f9317504e8bcba476f9161613fe"; rev = "f5fe787f778b872c6b2221598501c9310cb83915"; }; }; diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix index 638d2ca8..887778c8 100644 --- a/makefu/1systems/tsp.nix +++ b/makefu/1systems/tsp.nix @@ -11,11 +11,12 @@ ../2configs/tinc-basic-retiolum.nix ../2configs/sda-crypto-root.nix # hardware specifics are in here - ../2configs/tp-x200.nix + ../2configs/tp-x200.nix #< imports tp-x2x0.nix ../2configs/disable_v6.nix ../2configs/rad1o.nix + ../2configs/zsh-user.nix ../2configs/exim-retiolum.nix ]; # not working in vm diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index 55fcd6ba..6896a66d 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -1,11 +1,15 @@ { config, lib, pkgs, ... }: ## -# of course this name is a lie - it prepares a GUI environment close to my -# current configuration. +# of course this name is a lie +# - it prepares a GUI environment close to my +# current configuration,specifically: # -# autologin with mainUser into awesome -## +# * autologin with mainUser into awesome +# * audio +# * terminus font # +# if this is not enough, check out main-laptop.nix + with lib; let mainUser = config.krebs.build.user.name; @@ -28,14 +32,6 @@ in displayManager.auto.user = mainUser; desktopManager.xterm.enable = false; }; - services.redshift = { - enable = true; - latitude = "48.7"; - longitude = "9.1"; - }; - -## FONTS -# TODO: somewhere else? i18n.consoleFont = "Lat2-Terminus16"; @@ -49,14 +45,12 @@ in environment.systemPackages = with pkgs;[ xlockmore rxvt_unicode-with-plugins - vlc firefox - chromium ]; - # TODO: use mainUser - users.extraUsers.makefu.extraGroups = [ "audio" ]; + users.extraUsers.${mainUser}.extraGroups = [ "audio" ]; + hardware.pulseaudio = { - enable = true; - # systemWide = true; + enable = true; + # systemWide = true; }; } diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix new file mode 100644 index 00000000..8d2c8213 --- /dev/null +++ b/makefu/2configs/main-laptop.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +# stuff for the main laptop +# this is pretty much nice-to-have and does +# not fit into base-gui + +with lib; +{ + imports = [ ./base-gui.nix ]; + environment.systemPackages = with pkgs;[ + vlc + firefox + chromium + keepassx + ]; + + services.redshift = { + enable = true; + latitude = "48.7"; + longitude = "9.1"; + }; + +} diff --git a/makefu/2configs/sda-crypto-root-home.nix b/makefu/2configs/sda-crypto-root-home.nix index 28d14011..3821c750 100644 --- a/makefu/2configs/sda-crypto-root-home.nix +++ b/makefu/2configs/sda-crypto-root-home.nix @@ -1,8 +1,12 @@ { config, lib, pkgs, ... }: +# ssd # # sda: bootloader grub2 # sda1: boot ext4 (label nixboot) -# sda2: cryptoluks -> ext4 +# sda2: cryptoluks -> lvm: +# / (main-root) +# /home (main-home) + with lib; { boot = { diff --git a/makefu/2configs/tp-x200.nix b/makefu/2configs/tp-x200.nix index 2bbc75c2..aed6d644 100644 --- a/makefu/2configs/tp-x200.nix +++ b/makefu/2configs/tp-x200.nix @@ -2,36 +2,13 @@ with lib; { - #services.xserver = { - # videoDriver = "intel"; - #}; + + imports = [ ./tp-x2x0.nix ]; boot = { kernelModules = [ "tp_smapi" "msr" ]; extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; }; - - #networking.wireless.enable = true; - - hardware.enableAllFirmware = true; - nixpkgs.config.allowUnfree = true; - - zramSwap.enable = true; - zramSwap.numDevices = 2; - - hardware.trackpoint.enable = true; - hardware.trackpoint.sensitivity = 255; - hardware.trackpoint.speed = 255; - services.xserver.displayManager.sessionCommands = '' - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 1 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 200 - ''; - services.thinkfan.enable = true; - services.tlp.enable = true; - services.tlp.extraConfig = '' - START_CHARGE_THRESH_BAT0=80 - ''; } diff --git a/makefu/2configs/tp-x220.nix b/makefu/2configs/tp-x220.nix new file mode 100644 index 00000000..64eb78b1 --- /dev/null +++ b/makefu/2configs/tp-x220.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + + imports = [ ./tp-x2x0.nix ]; + + boot.kernelModules = [ "kvm-intel" ]; + +} diff --git a/makefu/2configs/tp-x2x0.nix b/makefu/2configs/tp-x2x0.nix new file mode 100644 index 00000000..e6556301 --- /dev/null +++ b/makefu/2configs/tp-x2x0.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + # TODO: pot this somewhere else + networking.wireless.enable = true; + + hardware.enableAllFirmware = true; + nixpkgs.config.allowUnfree = true; + + zramSwap.enable = true; + zramSwap.numDevices = 2; + + hardware.trackpoint.enable = true; + hardware.trackpoint.sensitivity = 220; + hardware.trackpoint.speed = 220; + services.xserver.displayManager.sessionCommands = '' + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 1 + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 2 + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 200 + ''; + + services.tlp.enable = true; + services.tlp.extraConfig = '' + START_CHARGE_THRESH_BAT0=80 + ''; +} diff --git a/makefu/2configs/zsh-user.nix b/makefu/2configs/zsh-user.nix new file mode 100644 index 00000000..3089b706 --- /dev/null +++ b/makefu/2configs/zsh-user.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: +## +with lib; +let + mainUser = config.krebs.build.user.name; +in +{ + programs.zsh.enable = true; + users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh"; +} -- cgit v1.2.3 From 6c206726e33e51cfac947ada4ad5ec7e5e107830 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 23 Aug 2015 14:15:41 +0200 Subject: makefu: add button-3 scrolling to x220 config --- makefu/1systems/pornocauster.nix | 4 ---- makefu/2configs/tp-x220.nix | 6 ++++++ 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index b6b7a59b..21859453 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -25,10 +25,6 @@ krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@pornocauster"; - - boot.kernelModules = [ "kvm-intel" ]; - - networking.firewall.allowedTCPPorts = [ 25 ]; diff --git a/makefu/2configs/tp-x220.nix b/makefu/2configs/tp-x220.nix index 64eb78b1..d079d5b3 100644 --- a/makefu/2configs/tp-x220.nix +++ b/makefu/2configs/tp-x220.nix @@ -6,5 +6,11 @@ with lib; imports = [ ./tp-x2x0.nix ]; boot.kernelModules = [ "kvm-intel" ]; + services.xserver.displayManager.sessionCommands ='' + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 + ''; } -- cgit v1.2.3 From a7f605bdf00771dd36d5f40acb52dcdf68063575 Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Sun, 23 Aug 2015 14:35:13 +0200 Subject: makefu: add wwan with wvdial --- makefu/2configs/wwan.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 makefu/2configs/wwan.nix diff --git a/makefu/2configs/wwan.nix b/makefu/2configs/wwan.nix new file mode 100644 index 00000000..fdf3e8df --- /dev/null +++ b/makefu/2configs/wwan.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: +let + mainUser = config.krebs.build.user; +in { + environment.systemPackages = with pkgs;[ + wvdial + ]; + + users.extraUsers.${mainUser.name}.extraGroups = [ "dialout" ]; +} -- cgit v1.2.3 From 46eb6b4d40880542d30788266ef190801b781a31 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 23 Aug 2015 14:49:54 +0200 Subject: makefu/cgit: change stockholm description --- makefu/2configs/cgit-retiolum.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/cgit-retiolum.nix b/makefu/2configs/cgit-retiolum.nix index d352f579..8d943956 100644 --- a/makefu/2configs/cgit-retiolum.nix +++ b/makefu/2configs/cgit-retiolum.nix @@ -8,7 +8,7 @@ let krebs-repos = mapAttrs make-krebs-repo { stockholm = { - desc = "take all the computers hostage, they'll love you!"; + desc = "Make all the systems into 1systems!"; }; }; -- cgit v1.2.3 From dce1ad91445297ecc122f968a12339438eabaa63 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 23 Aug 2015 15:03:11 +0200 Subject: makefu:add wwan configuration for netzclub --- makefu/2configs/wwan.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/makefu/2configs/wwan.nix b/makefu/2configs/wwan.nix index fdf3e8df..1492213b 100644 --- a/makefu/2configs/wwan.nix +++ b/makefu/2configs/wwan.nix @@ -1,4 +1,5 @@ { config, lib, pkgs, ... }: + let mainUser = config.krebs.build.user; in { @@ -6,5 +7,21 @@ in { wvdial ]; + # configure for NETZCLUB + environment.wvdial.dialerDefaults = '' + Phone = *99***1# + Dial Command = ATDT + Modem = /dev/ttyACM0 + Baud = 460800 + Init1 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0 + Init2 = ATZ + Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 + ISDN = 0 + Modem Type = Analog Modem + Username = netzclub + Password = netzclub + Stupid Mode = 1 + Idle Seconds = 0''; + users.extraUsers.${mainUser.name}.extraGroups = [ "dialout" ]; } -- cgit v1.2.3