From 96fc1908a2488fd4ccedfea7b6bdf64425de2e83 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 22 Mar 2019 08:07:04 +0100 Subject: l syncthing: use module --- lass/1systems/icarus/config.nix | 1 + lass/1systems/skynet/config.nix | 1 + 2 files changed, 2 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index d2d4bd3e..868d7508 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -17,6 +17,7 @@ + ]; krebs.build.host = config.krebs.hosts.icarus; diff --git a/lass/1systems/skynet/config.nix b/lass/1systems/skynet/config.nix index 4b806af7..0bf3e6b4 100644 --- a/lass/1systems/skynet/config.nix +++ b/lass/1systems/skynet/config.nix @@ -7,6 +7,7 @@ with import ; + { services.xserver.enable = true; services.xserver.desktopManager.xfce.enable = true; -- cgit v1.2.3 From 5b15417be2e76e3df03f8b67baaf29230cfa88c6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Mar 2019 16:05:21 +0100 Subject: l icarus.r: enable thinkfan --- lass/1systems/icarus/physical.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus/physical.nix b/lass/1systems/icarus/physical.nix index 6cc77a47..d764dabc 100644 --- a/lass/1systems/icarus/physical.nix +++ b/lass/1systems/icarus/physical.nix @@ -17,4 +17,6 @@ SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" ''; + + services.thinkfan.enable = true; } -- cgit v1.2.3 From db9a1e4bb93f8023daf7b360b2719dc92f744217 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Mar 2019 16:06:39 +0100 Subject: l blue.r & littleT.r: import syncthing --- lass/1systems/blue/config.nix | 1 + lass/1systems/littleT/config.nix | 1 + 2 files changed, 2 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index a84bb37f..d740403d 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -8,6 +8,7 @@ with import ; + ]; krebs.build.host = config.krebs.hosts.blue; diff --git a/lass/1systems/littleT/config.nix b/lass/1systems/littleT/config.nix index 7fe143c3..eee23ee6 100644 --- a/lass/1systems/littleT/config.nix +++ b/lass/1systems/littleT/config.nix @@ -7,6 +7,7 @@ with import ; + ]; networking.networkmanager.enable = true; -- cgit v1.2.3 From bd539533789a85a1786ae6f997a76d16d453b7f4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Mar 2019 14:39:52 +0100 Subject: l blue: use file nixpkgs deployment when not testing --- lass/1systems/blue/source.nix | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index a52771a4..8f748ab8 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,20 +1,11 @@ { lib, pkgs, ... }: { nixpkgs = lib.mkForce { - derivation = let + file = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; - in '' - with import (builtins.fetchTarball { - url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz"; - sha256 = "${sha256}"; - }) {}; - pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = "${rev}"; - sha256 = "${sha256}"; - } - ''; + }); }; } -- cgit v1.2.3 From 797dd8cc2ac3b67ec385e0350db1c3c77012486f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:44:57 +0200 Subject: l: sync more with syncthing --- lass/1systems/blue/config.nix | 7 +++++++ lass/1systems/mors/config.nix | 10 ++++++++++ 2 files changed, 17 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index d740403d..da555a86 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -13,6 +13,13 @@ with import ; krebs.build.host = config.krebs.hosts.blue; + krebs.syncthing.folders = [ + { id = "contacts"; path = "/home/lass/contacts"; peers = [ "mors" "blue" "green" "phone" ]; } + ]; + lass.ensure-permissions = [ + { folder = "/home/lass/contacts"; owner = "lass"; group = "syncthing"; } + ]; + environment.shellAliases = { deploy = pkgs.writeDash "deploy" '' set -eu diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index f35ebff5..250d96e5 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -48,6 +48,16 @@ with import ; { predicate = "-p udp --dport 27950:27965"; target = "ACCEPT"; } ]; } + { + krebs.syncthing.folders = [ + { id = "contacts"; path = "/home/lass/contacts"; peers = [ "mors" "blue" "green" "phone" ]; } + { id = "the_playlist"; path = "/home/lass/tmp/the_playlist"; peers = [ "mors" "phone" ]; } + ]; + lass.ensure-permissions = [ + { folder = "/home/lass/contacts"; owner = "lass"; group = "syncthing"; } + { folder = "/home/lass/tmp/the_playlist"; owner = "lass"; group = "syncthing"; } + ]; + } { lass.umts = { enable = true; -- cgit v1.2.3 From 44a48a8d3a4ce4732545a96828bf41ab6cf283da Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:35:34 +0200 Subject: l: add green.r --- lass/1systems/green/config.nix | 28 ++++++++++++++++++++++++++++ lass/1systems/green/physical.nix | 8 ++++++++ lass/1systems/green/source.nix | 14 ++++++++++++++ 3 files changed, 50 insertions(+) create mode 100644 lass/1systems/green/config.nix create mode 100644 lass/1systems/green/physical.nix create mode 100644 lass/1systems/green/source.nix (limited to 'lass/1systems') diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix new file mode 100644 index 00000000..6ae157e3 --- /dev/null +++ b/lass/1systems/green/config.nix @@ -0,0 +1,28 @@ +with import ; +{ config, lib, pkgs, ... }: +{ + imports = [ + + + + + + + # + + ]; + + krebs.build.host = config.krebs.hosts.green; + + krebs.syncthing.folders = [ + { id = "contacts"; path = "/home/lass/contacts"; peers = [ "mors" "blue" "green" "phone" ]; } + ]; + lass.ensure-permissions = [ + { folder = "/home/lass/contacts"; owner = "lass"; group = "syncthing"; } + ]; + + + #networking.nameservers = [ "1.1.1.1" ]; + + #time.timeZone = "Europe/Berlin"; +} diff --git a/lass/1systems/green/physical.nix b/lass/1systems/green/physical.nix new file mode 100644 index 00000000..7499ff72 --- /dev/null +++ b/lass/1systems/green/physical.nix @@ -0,0 +1,8 @@ +{ + imports = [ + ./config.nix + ]; + boot.isContainer = true; + networking.useDHCP = false; + environment.variables.NIX_REMOTE = "daemon"; +} diff --git a/lass/1systems/green/source.nix b/lass/1systems/green/source.nix new file mode 100644 index 00000000..21f3a8bd --- /dev/null +++ b/lass/1systems/green/source.nix @@ -0,0 +1,14 @@ +{ lib, pkgs, ... }: +{ + nixpkgs = lib.mkForce { + file = { + path = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; + sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; + }); + useChecksum = true; + }; + }; +} -- cgit v1.2.3 From 4769b3186597117daec579ac71df79e2fafabcf5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:55:47 +0200 Subject: l blue.r: backup with services.restic --- lass/1systems/blue/config.nix | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index da555a86..84c8a5b3 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -30,7 +30,7 @@ with import ; networking.nameservers = [ "1.1.1.1" ]; - lass.restic = genAttrs [ + services.restic.backups = genAttrs [ "daedalus" "icarus" "littleT" @@ -38,20 +38,19 @@ with import ; "shodan" "skynet" ] (dest: { - dirs = [ - "/home/" - "/var/lib" + initialize = true; + extraOptions = [ + "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" ]; + repository = "sftp:backup@${dest}.r:/backups/blue"; passwordFile = (toString ) + "/restic/${dest}"; - repo = "sftp:backup@${dest}.r:/backups/blue"; - extraArguments = [ - "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" + timerConfig = { OnCalendar = "00:05"; RandomizedDelaySec = "5h"; }; + paths = [ + "/home/" + "/var/lib" ]; - timerConfig = { - OnCalendar = "00:05"; - RandomizedDelaySec = "5h"; - }; }); + time.timeZone = "Europe/Berlin"; users.users.mainUser.openssh.authorizedKeys.keys = [ config.krebs.users.lass-android.pubkey ]; } -- cgit v1.2.3 From d72523a157380b602f9033404c63f512693cbb09 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:56:27 +0200 Subject: l blue.r deploy: point to stockholms new dir --- lass/1systems/blue/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix index 84c8a5b3..a287f548 100644 --- a/lass/1systems/blue/config.nix +++ b/lass/1systems/blue/config.nix @@ -24,7 +24,7 @@ with import ; deploy = pkgs.writeDash "deploy" '' set -eu export SYSTEM="$1" - $(nix-build $HOME/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) + $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) ''; }; -- cgit v1.2.3 From fc85c6d16800f73eb088c42cf67f9f6918ce3001 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:56:50 +0200 Subject: l blue.r: add checksum check to nixpkgs populate --- lass/1systems/blue/source.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index 8f748ab8..21f3a8bd 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,11 +1,14 @@ { lib, pkgs, ... }: { nixpkgs = lib.mkForce { - file = toString (pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; - sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; - }); + file = { + path = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev; + sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256; + }); + useChecksum = true; + }; }; } -- cgit v1.2.3 From 02515a27de2141558f390939dc2e0824c0665e2f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:57:26 +0200 Subject: l mors.r: add /backups fs --- lass/1systems/mors/physical.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/mors/physical.nix b/lass/1systems/mors/physical.nix index 680dc9bd..25425f14 100644 --- a/lass/1systems/mors/physical.nix +++ b/lass/1systems/mors/physical.nix @@ -15,6 +15,10 @@ device = "/dev/mapper/pool-virtual"; fsType = "ext4"; }; + "/backups" = { + device = "/dev/pool/backup"; + fsType = "ext4"; + }; }; services.udev.extraRules = '' -- cgit v1.2.3 From 2b1140bc4c98b40bd7100ead1b20a7569873157f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:57:58 +0200 Subject: l daedalus.r: add /backups fs --- lass/1systems/daedalus/physical.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/daedalus/physical.nix b/lass/1systems/daedalus/physical.nix index 33a0cb47..d10ced7d 100644 --- a/lass/1systems/daedalus/physical.nix +++ b/lass/1systems/daedalus/physical.nix @@ -11,6 +11,10 @@ fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; + "/backups" = { + device = "/dev/pool/backup"; + fsType = "ext4"; + }; }; services.udev.extraRules = '' -- cgit v1.2.3 From 79fcc0eb126b45f07982f9f12de39346151df4cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 18:59:31 +0200 Subject: l shodan.r: add /backups fs --- lass/1systems/shodan/physical.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/shodan/physical.nix b/lass/1systems/shodan/physical.nix index 4a550d0a..41508127 100644 --- a/lass/1systems/shodan/physical.nix +++ b/lass/1systems/shodan/physical.nix @@ -38,6 +38,10 @@ device = "/dev/pool/bku"; fsType = "btrfs"; }; + "/backups" = { + device = "/dev/pool/backup"; + fsType = "ext4"; + }; }; services.udev.extraRules = '' -- cgit v1.2.3 From 1c999ffaaea7a1856a8fcd53f178f8b79e5f9c17 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:00:05 +0200 Subject: l yellow.r: fix startup permissions --- lass/1systems/yellow/config.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index 9d8bcd7b..5737faea 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -11,7 +11,8 @@ with import ; system.activationScripts.downloadFolder = '' mkdir -p /var/download - chown download:download /var/download + chown transmission:download /var/download + chown transmission:download /var/download/finished chmod 775 /var/download ''; -- cgit v1.2.3 From 3f23200f7bc5b26ad1f7a05800812dd8548a09ca Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:01:31 +0200 Subject: l yellow.r: show nginx for all hosts --- lass/1systems/yellow/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index 5737faea..8b3b2814 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -44,7 +44,7 @@ with import ; fancyindex ]; }; - virtualHosts."dl" = { + virtualHosts.default = { default = true; locations."/Nginx-Fancyindex-Theme-dark" = { extraConfig = '' -- cgit v1.2.3 From c3e644d0f597218a6e419a8c779789e302f40e0e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:09:12 +0200 Subject: l yellow.r: add lass-android to download keys --- lass/1systems/prism/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 23746d21..8e710322 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -386,6 +386,7 @@ with import ; lass-icarus.pubkey lass-daedalus.pubkey lass-helios.pubkey + lass-android.pubkey makefu.pubkey wine-mors.pubkey ]; -- cgit v1.2.3 From 7d971fc78e35bbc0a84d51b45a5aaa18dfa65a59 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:09:37 +0200 Subject: l icarus.r: share prism in local network --- lass/1systems/icarus/config.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 868d7508..06b1e736 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -18,6 +18,8 @@ + + ]; krebs.build.host = config.krebs.hosts.icarus; -- cgit v1.2.3 From 33283cb99c9a9494f8530542f1ab72a432b1709c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:14:54 +0200 Subject: l: remove prometheus monitoring --- lass/1systems/prism/config.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 8e710322..6ff90071 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -139,7 +139,6 @@ with import ; - { # quasi bepasty.nix imports = [ -- cgit v1.2.3 From 4c602540d076f6b305e449ecf9690e6e423159a5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:15:09 +0200 Subject: l prism.r: RIP onondaga --- lass/1systems/prism/config.nix | 19 ------------------- 1 file changed, 19 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 6ff90071..b307627d 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -109,25 +109,6 @@ with import ; localAddress = "10.233.2.2"; }; } - { - #onondaga - systemd.services."container@onondaga".reloadIfChanged = mkForce false; - containers.onondaga = { - config = { ... }: { - imports = [ ]; - environment.systemPackages = [ pkgs.git ]; - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - ]; - }; - autoStart = true; - enableTun = true; - privateNetwork = true; - hostAddress = "10.233.2.5"; - localAddress = "10.233.2.6"; - }; - } -- cgit v1.2.3 From 4de0d6a5be8d007b8bc41141cd363a09aad22ca9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 7 Apr 2019 19:17:35 +0200 Subject: l prism.r: add palo to download keys --- lass/1systems/prism/config.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index b307627d..b3b7ac0d 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -266,6 +266,7 @@ with import ; "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACADLPxtB2f2tocXHxD3ul9D1537hTht6/un87JYZNnoYABveasyIcdFIfp5lPJmj3PjwqXNTA4M/3V+ufrpZ91dxFeXWI5mOI4YB3xRu+Elja8g7nfvCz1HrH3sD1equos/7ltQ1GZYvHGw40qD1/ZtOODwRwrYJ7l/DUBrjk/tzXRjm0+ZgyQsb3G9a80cA8d3fiuQDxbAzdoJF46wt36ZfuSMpJ/Td8CbCoLlV/uL9QZemOglyxNxR607qGfRNXF1An+P+fFq24GmdHpMJ00DfjZ/dJRL9QSs7vd07uyB4Qty4VHwRhc46XH6KL7VTF1D3INF/BeBZx90GBxOvpgEji7Zrf7O5eSAjM2Do1+t+Ev2IIuiltB+QqTir4rZcrCBrJ2+zD3DDymKffVi8sz15AvdrFkIplzZxpOcgm9Ns2w/uh8sxeV6J58aoLEVmd2KRUfJFYiS1EuEjYo2OHlj8ltIh3VlfYdWksGpQc71IT0iEWvzvjYcfCda9uzFLKdLfBy4GB8+s4zR2CX9aGDyJaIY1kt/xqDeztnYwW1owG+fLMrDJlq3Mu+KmJljb30jzrOPhFYVZgWenmMFgH2RBzVEmnsR0f2LFVLj6N/a9fpEJ3WhxMOc5Ybdpgg/l9KUdgvWLk6KOtba+z9fuYT1YgwtZBoMgHAdZLmZ/DGtff palo@pepe" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGMjbYFmmvpF60YBShyFISbjN+O3e4GPkfsre6xFqz20joi8YqpD/5PtrMsGrPd1ZoZ9qSwXJtbb1WBomFg0xzRSNa1/FliKiE1ilcaB3aUZRtP0OWHIvWD3/YL/0h+/YXDGTfb8FNvpgJmnbN3Q0gw8cwWw+eve5BMyqDhzFvycxO4qDuP2JXkGpdhJqjaYZhP5rPH2mgv1oU1RnOA3A7APZVGf1m6JSmV7FZR514aGlFV+NpsvS29Mib8fcswgpoGhMN6jeh/nf49tp01LUAOmXSqdHIWNOTt3Mt7S4rU7RZwEhswdSRbKdKFRMj+uRkhJ4CPcNuuGtSY3id0Ja7IvrvxNaQUk1L8nBcza709jvSBYWSY5/aGL1ocA/PNWXDpOTp2PWwxkh39aPMqZXPTH3KC4IkRp5SiKibEhdmjnToV7nUAJe4IWn1b7QdoqS03ib0X87DnHWIbvi8UZlImM7pn0rs+rwnOo4lQwrTz7kbBHPaa6XOZAuDYND2728vtcrhwzVrKgiXWbyF6VzvwxPeeStmn1gENvozbj1hl9gbQ1cH/a4pZFBV/OFl/ryzDnB2ghM4acNJazXx/6/us9hX+np1YxIzJaxENj677MLc6HitM2g6XJGaixBQ0U2NNjcjIuQT0ZaeKXsSLnu1Y7+uslbVAwsQ4pJmSxxMMQ== palo@workhorse" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbsRjUwOMnxAt/K6A2M/33PbwQCEYVfqfmkXBwkw/L+ZLCnVxfdxJ79ds1k6kyUVcxfHcvxGvUCcM0wr4T7aaP79fsfSf3lcOgySeAtkQjfQL+IdMk0FQVz612cTPg2uWhMFvHGkGSBvSbKNw72RnUaw9qlF8fBx22FozrlmnbY4APTXeqwiF0VeBMq8qr4H9NdIoIFIcq398jn/Na8gYLUfmuDw18AWCt+u7Eg0B/qIU0hi/gK40Lk9+g8Nn19SCad1YOgNDG7aNpEwgT7I7BNXC5oLD31QKKuXmBa/mCLqRLAGW2sJ2ZhBR4tPLMgNrxtn2jxzVVjY+v3bWQnPocB9H9PsdtdNrULLfeJ4y9a3p3kfOzOgYMrnPAjasrkiIyOBBNEFAn/bbvpH01glbF8tVMcPOSD+W89oxTBEgqk6w34QAfySDMW34dIUHeq82v+X0wN9SK6xbBRBsjSpAC4ZcNyzl1JLIMcdZ5mbQXakD3kzDFs5kfjxlkrp3S5gqiSmCp5w/osykjxSH6wnPPCcgzpCBNGRULKw5vbzDSnLAQ3nSYB9tIj4Hp62XymsxVnY+6MsVVy206BYAXrKJomK7sIeLL2wIMYNnAUdSBjqQ5IEE2m+5+YaK0NMNsk2munNrN96ZE3r5xe/BDqfaLMpPfosOTXBtT7tLMlV6zkQ== palo@workout" ]; } { -- cgit v1.2.3 From 04d10421ed339a2342e92f5cabda83afbd7fd450 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Mar 2019 16:54:31 +0100 Subject: l: NIX_REMOTE is now set by nixos correctly --- lass/1systems/blue/physical.nix | 1 - lass/1systems/red/physical.nix | 1 - lass/1systems/yellow/physical.nix | 1 - 3 files changed, 3 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/blue/physical.nix b/lass/1systems/blue/physical.nix index 7499ff72..b6aa3a89 100644 --- a/lass/1systems/blue/physical.nix +++ b/lass/1systems/blue/physical.nix @@ -4,5 +4,4 @@ ]; boot.isContainer = true; networking.useDHCP = false; - environment.variables.NIX_REMOTE = "daemon"; } diff --git a/lass/1systems/red/physical.nix b/lass/1systems/red/physical.nix index 7499ff72..b6aa3a89 100644 --- a/lass/1systems/red/physical.nix +++ b/lass/1systems/red/physical.nix @@ -4,5 +4,4 @@ ]; boot.isContainer = true; networking.useDHCP = false; - environment.variables.NIX_REMOTE = "daemon"; } diff --git a/lass/1systems/yellow/physical.nix b/lass/1systems/yellow/physical.nix index 7499ff72..b6aa3a89 100644 --- a/lass/1systems/yellow/physical.nix +++ b/lass/1systems/yellow/physical.nix @@ -4,5 +4,4 @@ ]; boot.isContainer = true; networking.useDHCP = false; - environment.variables.NIX_REMOTE = "daemon"; } -- cgit v1.2.3 From 8f0b3d939eb933bfb1d9a3b2ac2147960abbbfd8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 8 Apr 2019 18:56:09 +0200 Subject: l green.r: don't set NIX_REMOTE --- lass/1systems/green/physical.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/green/physical.nix b/lass/1systems/green/physical.nix index 7499ff72..b6aa3a89 100644 --- a/lass/1systems/green/physical.nix +++ b/lass/1systems/green/physical.nix @@ -4,5 +4,4 @@ ]; boot.isContainer = true; networking.useDHCP = false; - environment.variables.NIX_REMOTE = "daemon"; } -- cgit v1.2.3 From 07a56f4d03da08739cafe7c0006a01a9ff8e345a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 8 Apr 2019 19:02:42 +0200 Subject: l mors.r: disable hardening --- lass/1systems/mors/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 250d96e5..fa5fb551 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -36,7 +36,7 @@ with import ; - + # { krebs.iptables.tables.filter.INPUT.rules = [ #risk of rain -- cgit v1.2.3