From 13486879b764092d0004464510615ffa1f8152a2 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Thu, 7 Jul 2016 23:07:22 +0200
Subject: l 1 prism: fix ssl for cgit.lassul.us

---
 lass/1systems/prism.nix | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 5477a8b8..1eb81cd0 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,5 +1,7 @@
 { config, lib, pkgs, ... }:
 
+with config.krebs.lib;
+
 let
   ip = config.krebs.build.host.nets.internet.ip4.addr;
 
@@ -24,11 +26,22 @@ in {
     {
       imports = [
         ../2configs/git.nix
-        ( manageCerts [ "cgit.lassul.us" ])
-      ];
-      krebs.nginx.servers.cgit.server-names = [
-        "cgit.lassul.us"
       ];
+      krebs.nginx.servers.cgit = {
+        server-names = [
+          "cgit.lassul.us"
+        ];
+        locations = [
+          (nameValuePair "/.well-known/acme-challenge" ''
+            root /var/lib/acme/challenges/cgit.lassul.us/;
+          '')
+        ];
+        ssl = {
+          enable = true;
+          certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem";
+          certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem";
+        };
+      };
     }
     {
       users.extraGroups = {
-- 
cgit v1.2.3


From 18099cc66486abb27fd50bff2fe23ec03c8ff27d Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 8 Jul 2016 09:43:12 +0200
Subject: Revert "l 1 uriel: update boot.loader options"

This reverts commit f9c561566d1b18bb89f0eff33cdbd0225300ab2f.
---
 lass/1systems/uriel.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index 83553f5c..6b56419d 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -39,8 +39,8 @@ with builtins;
     #loader.grub.version = 2;
     #loader.grub.device = "/dev/sda";
 
-    loader.systemd-boot.enable = true;
-    loader.timeout = 5;
+    loader.gummiboot.enable = true;
+    loader.gummiboot.timeout = 5;
 
     initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
     initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
-- 
cgit v1.2.3


From b689da8fb0ee097e2aadb099d967a4fa1d8fad60 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 8 Jul 2016 09:43:49 +0200
Subject: l 1 prism: remove obsolete certfile option

---
 lass/1systems/prism.nix | 1 -
 1 file changed, 1 deletion(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 1eb81cd0..ed8c2995 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -202,7 +202,6 @@ in {
       lass.ejabberd = {
         enable = true;
         hosts = [ "lassul.us" ];
-        certfile = "/var/lib/acme/lassul.us/full.pem";
       };
       krebs.iptables.tables.filter.INPUT.rules = [
         { predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
-- 
cgit v1.2.3


From 59b318e84dd15e9e2268247a844c233919105964 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 8 Jul 2016 13:38:50 +0200
Subject: l 1 helios: use gnome3 as desktopManager

---
 lass/1systems/helios.nix | 34 ++++++++++++++++++++++++++++++++--
 1 file changed, 32 insertions(+), 2 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index 51d2afe8..fe8039d9 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -1,10 +1,11 @@
 { config, pkgs, ... }:
 
 with builtins;
+with config.krebs.lib;
+
 {
   imports = [
     ../.
-    ../2configs/baseX.nix
     ../2configs/exim-retiolum.nix
     ../2configs/browsers.nix
     ../2configs/programs.nix
@@ -12,6 +13,36 @@ with builtins;
     ../2configs/pass.nix
     ../2configs/fetchWallpaper.nix
     ../2configs/backups.nix
+
+    #{
+    #  # conflicting stuff with gnome setup
+    #  # TODO: fix this
+    #  imports = [
+    #    ../2configs/baseX.nix
+    #  ];
+    #  networking.wireless.enable = true;
+    #}
+    {
+      # gnome3 for suja
+      imports = [
+        ../2configs/default.nix
+      ];
+      services.xserver.enable = true;
+      services.xserver.desktopManager.gnome3.enable = true;
+      users.users.suja = {
+        uid = genid "suja";
+        home = "/home/suja";
+        group = "users";
+        createHome = true;
+        useDefaultShell = true;
+        extraGroups = [
+        ];
+      };
+      environment.systemPackages = with pkgs; [
+        firefox
+        chromium
+      ];
+    }
     #{
     #  users.extraUsers = {
     #    root = {
@@ -33,7 +64,6 @@ with builtins;
 
   krebs.build.host = config.krebs.hosts.helios;
 
-  networking.wireless.enable = true;
 
   hardware.enableAllFirmware = true;
   nixpkgs.config.allowUnfree = true;
-- 
cgit v1.2.3


From 14cbd11e0e5a18eaf85b5f984ec4ed3a39da494b Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 8 Jul 2016 13:42:12 +0200
Subject: l 1 prism: add mk_sql_pair

---
 lass/1systems/prism.nix | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lass/1systems')

diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index ed8c2995..270bb6fc 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -218,6 +218,11 @@ in {
         '')
       ];
     }
+    {
+      environment.systemPackages = with pkgs; [
+        mk_sql_pair
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
-- 
cgit v1.2.3


From 8b2fe38a8ee27036c6c408bab6bf1af38d19c05c Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 8 Jul 2016 13:42:29 +0200
Subject: l 1 helios: disable ES (again)

---
 lass/1systems/helios.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index fe8039d9..5f161d73 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -52,11 +52,11 @@ with config.krebs.lib;
     #    };
     #  };
     #}
-    {
-      services.elasticsearch = {
-        enable = true;
-      };
-    }
+    #{
+    #  services.elasticsearch = {
+    #    enable = true;
+    #  };
+    #}
     {
       lass.power-action.battery = "BAT1";
     }
-- 
cgit v1.2.3


From ec183d5531455d60b4c2423d657963b496e47b4b Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Fri, 8 Jul 2016 13:43:56 +0200
Subject: l 1 mors: add zalando project

---
 lass/1systems/mors.nix | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'lass/1systems')

diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index d065d4df..84191da0 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -47,12 +47,15 @@
     #    ];
     #  };
     #}
-    #{
-    #  services.postgresql = {
-    #    enable = true;
-    #    package = pkgs.postgresql;
-    #  };
-    #}
+    {
+      #zalando project
+      services.postgresql = {
+        enable = true;
+        package = pkgs.postgresql;
+      };
+      virtualisation.docker.enable = true;
+      users.users.mainUser.extraGroups = [ "docker" ];
+    }
     {
       lass.umts = {
         enable = true;
-- 
cgit v1.2.3