From 4097f5167196dadfa53865769c242126746285d3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 9 Jan 2017 17:12:50 +0100 Subject: l 1 shodan: reinstall with btrfs --- lass/1systems/shodan.nix | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 095898380..232e91d90 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -59,17 +59,13 @@ with import ; fileSystems = { "/" = { device = "/dev/pool/nix"; - fsType = "ext4"; + fsType = "btrfs"; }; "/boot" = { device = "/dev/sda1"; }; - "/home/lass" = { - device = "/dev/pool/home-lass"; - fsType = "ext4"; - }; "/tmp" = { device = "tmpfs"; fsType = "tmpfs"; @@ -77,7 +73,7 @@ with import ; }; "/bku" = { device = "/dev/pool/bku"; - fsType = "ext4"; + fsType = "btrfs"; }; }; -- cgit v1.2.3 From 8616bb393f7c994c78af50f10058434610157e57 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 10 Jan 2017 19:40:32 +0100 Subject: l 1 prism: change sequence of ip addresses --- lass/1systems/prism.nix | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 854c98f46..d07acebee 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -12,6 +12,22 @@ let in { imports = [ ../. + { + networking.interfaces.et0.ip4 = [ + { + address = ip; + prefixLength = 24; + } + ]; + networking.defaultGateway = "213.239.205.225"; + networking.nameservers = [ + "8.8.8.8" + ]; + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="54:04:a6:7e:f4:06", NAME="et0" + ''; + + } ../2configs/retiolum.nix ../2configs/exim-smarthost.nix ../2configs/downloading.nix @@ -48,22 +64,6 @@ in { lock.gid = 10001; }; } - { - networking.interfaces.et0.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = "213.239.205.225"; - networking.nameservers = [ - "8.8.8.8" - ]; - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="54:04:a6:7e:f4:06", NAME="et0" - ''; - - } { boot.loader.grub = { devices = [ -- cgit v1.2.3 From f4a720ea3d257ccd18e3e03b0538e6c18ce4520c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 15 Jan 2017 15:50:57 +0100 Subject: l 1: update macs of some network devices --- lass/1systems/icarus.nix | 4 ++-- lass/1systems/mors.nix | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix index 3998fc177..8402613da 100644 --- a/lass/1systems/icarus.nix +++ b/lass/1systems/icarus.nix @@ -54,7 +54,7 @@ with import ; }; services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0" + SUBSYSTEM=="net", ATTR{address}=="08:11:96:0a:5d:6c", NAME="wl0" + SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" ''; } diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 012bd359f..19b512dde 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -289,7 +289,7 @@ with import ; services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:8f:85:c9", NAME="et0" + SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" ''; #TODO activationScripts seem broken, fix them! -- cgit v1.2.3 From 242e0fcb6c6ff300d3a7780ed9cd929448ac824c Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 16 Jan 2017 17:25:21 +0100 Subject: l 1 prism: add (temporary) config for nin --- lass/1systems/prism.nix | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index d07acebee..313a18a9c 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -226,6 +226,33 @@ in { enable = true; }; } + { + users.users.nin = { + uid = genid "nin"; + inherit (config.krebs.users.nin) home; + group = "users"; + createHome = true; + useDefaultShell = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.nin.pubkey + ]; + extraGroups = [ + "libvirtd" + ]; + }; + krebs.git.rules = [ + { + user = [ config.krebs.users.nin ]; + repo = [ config.krebs.git.repos.stockholm ]; + perm = with git; push "refs/heads/nin" [ fast-forward non-fast-forward create delete merge ]; + } + ]; + krebs.repo-sync.repos.stockholm.nin = { + origin.url = "http://cgit.prism/stockholm"; + origin.ref = "heads/nin"; + mirror.url = "git@${config.networking.hostName}:stockholm"; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From bd9dddd97fe5b881ac07d52f047e775bbdaf406b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 21 Jan 2017 18:29:49 +0100 Subject: l 1 icarus: now installed with init --- lass/1systems/icarus.nix | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix index 8402613da..7f632e9bf 100644 --- a/lass/1systems/icarus.nix +++ b/lass/1systems/icarus.nix @@ -14,15 +14,6 @@ with import ; ../2configs/fetchWallpaper.nix ../2configs/backups.nix ../2configs/games.nix - #{ - # users.extraUsers = { - # root = { - # openssh.authorizedKeys.keys = map readFile [ - # ../../krebs/Zpubkeys/uriel.ssh.pub - # ]; - # }; - # }; - #} ]; krebs.build.host = config.krebs.hosts.icarus; @@ -32,19 +23,28 @@ with import ; loader.grub.version = 2; loader.grub.device = "/dev/sda"; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; - #kernelModules = [ "kvm-intel" "msr" ]; }; fileSystems = { "/" = { - device = "/dev/pool/nix"; + device = "/dev/mapper/pool-root"; fsType = "btrfs"; + options = ["defaults" "noatime" "ssd" "compress=lzo"]; + }; + "/bku" = { + device = "/dev/mapper/pool-bku"; + fsType = "btrfs"; + options = ["defaults" "noatime" "ssd" "compress=lzo"]; + }; + "/home" = { + device = "/dev/mapper/pool-home"; + fsType = "btrfs"; + options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/boot" = { - device = "/dev/sda1"; + device = "/dev/sda2"; }; "/tmp" = { device = "tmpfs"; -- cgit v1.2.3 From c3be272e9b699033437a34c37feecd7775c84046 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 21 Jan 2017 18:37:48 +0100 Subject: l 1 prism: forward 1337 to onondaga --- lass/1systems/prism.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 313a18a9c..34d81f099 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -252,6 +252,12 @@ in { origin.ref = "heads/nin"; mirror.url = "git@${config.networking.hostName}:stockholm"; }; + krebs.iptables.tables.nat.PREROUTING.rules = [ + { v6 = false; precedence = 1000; predicate = "-d 213.239.205.240 -p tcp --dport 1337"; target = "DNAT --to-destination 192.168.122.24:22"; } + ]; + krebs.iptables.tables.filter.FORWARD.rules = [ + { v6 = false; precedence = 1000; predicate = "-d 192.168.122.24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } + ]; } ]; -- cgit v1.2.3 From a08ac6fc1770f1043446a81b2a6ce574dbd35899 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 21 Jan 2017 18:40:39 +0100 Subject: l 1 mors: remove mount for /bku (nonexistant) --- lass/1systems/mors.nix | 5 ----- 1 file changed, 5 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 19b512dde..dde867eb3 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -256,11 +256,6 @@ with import ; fsType = "ext4"; }; - "/bku" = { - device = "/dev/big/backups"; - fsType = "ext4"; - }; - "/home/games/.local/share/Steam" = { device = "/dev/big/steam"; fsType = "ext4"; -- cgit v1.2.3 From fc9dbd78356cc4af53f1b3cc48e9025a44f4f764 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 21 Jan 2017 22:08:12 +0100 Subject: l 1 prism: add #coders Reaktor config --- lass/1systems/prism.nix | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 34d81f099..6d5a7c965 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -259,6 +259,49 @@ in { { v6 = false; precedence = 1000; predicate = "-d 192.168.122.24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; } ]; } + { + krebs.Reaktor.coders = { + nickname = "reaktor-lass"; + channels = [ "#coders" ]; + extraEnviron = { + REAKTOR_HOST = "irc.hackint.org"; + }; + plugins = with pkgs.ReaktorPlugins; [ + sed-plugin + url-title + (buildSimpleReaktorPlugin "lambdabot-pl" { + pattern = "^@pl(?P.*)$$"; + script = pkgs.writeDash "lambda-pl" '' + exec ${pkgs.lambdabot}/bin/lambdabot -e "@pl $1" + ''; + }) + (buildSimpleReaktorPlugin "lambdabot-type" { + pattern = "^@type(?P.*)$$"; + script = pkgs.writeDash "lambda-type" '' + exec ${pkgs.lambdabot}/bin/lambdabot -e "@type $1" + ''; + }) + (buildSimpleReaktorPlugin "lambdabot-let" { + pattern = "^@let(?P.*)$$"; + script = pkgs.writeDash "lambda-let" '' + exec ${pkgs.lambdabot}/bin/lambdabot -e "@let $1" + ''; + }) + (buildSimpleReaktorPlugin "lambdabot-run" { + pattern = "^@run(?P.*)$$"; + script = pkgs.writeDash "lambda-run" '' + exec ${pkgs.lambdabot}/bin/lambdabot -e "@run $1" + ''; + }) + (buildSimpleReaktorPlugin "lambdabot-kind" { + pattern = "^@kind(?P.*)$$"; + script = pkgs.writeDash "lambda-kind" '' + exec ${pkgs.lambdabot}/bin/lambdabot -e "@kind $1" + ''; + }) + ]; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 1f4becad4dbbb512684045f55a42021ab7695c24 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 21 Jan 2017 23:50:48 +0100 Subject: l 1 prism: add some flags to lambdabot --- lass/1systems/prism.nix | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 6d5a7c965..83f669a3d 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -266,37 +266,52 @@ in { extraEnviron = { REAKTOR_HOST = "irc.hackint.org"; }; - plugins = with pkgs.ReaktorPlugins; [ + plugins = with pkgs.ReaktorPlugins; let + lambdabotflags = '' + -XStandaloneDeriving -XGADTs -XFlexibleContexts \ + -XFlexibleInstances -XMultiParamTypeClasses \ + -XOverloadedStrings -XFunctionalDependencies \''; + in [ sed-plugin url-title (buildSimpleReaktorPlugin "lambdabot-pl" { pattern = "^@pl(?P.*)$$"; script = pkgs.writeDash "lambda-pl" '' - exec ${pkgs.lambdabot}/bin/lambdabot -e "@pl $1" + exec ${pkgs.lambdabot}/bin/lambdabot \ + ${indent lambdabotflags} + -e "@pl $1" ''; }) (buildSimpleReaktorPlugin "lambdabot-type" { pattern = "^@type(?P.*)$$"; script = pkgs.writeDash "lambda-type" '' - exec ${pkgs.lambdabot}/bin/lambdabot -e "@type $1" + exec ${pkgs.lambdabot}/bin/lambdabot \ + ${indent lambdabotflags} + -e "@type $1" ''; }) (buildSimpleReaktorPlugin "lambdabot-let" { pattern = "^@let(?P.*)$$"; script = pkgs.writeDash "lambda-let" '' - exec ${pkgs.lambdabot}/bin/lambdabot -e "@let $1" + exec ${pkgs.lambdabot}/bin/lambdabot \ + ${indent lambdabotflags} + -e "@let $1" ''; }) (buildSimpleReaktorPlugin "lambdabot-run" { pattern = "^@run(?P.*)$$"; script = pkgs.writeDash "lambda-run" '' - exec ${pkgs.lambdabot}/bin/lambdabot -e "@run $1" + exec ${pkgs.lambdabot}/bin/lambdabot \ + ${indent lambdabotflags} + -e "@run $1" ''; }) (buildSimpleReaktorPlugin "lambdabot-kind" { pattern = "^@kind(?P.*)$$"; script = pkgs.writeDash "lambda-kind" '' - exec ${pkgs.lambdabot}/bin/lambdabot -e "@kind $1" + exec ${pkgs.lambdabot}/bin/lambdabot \ + ${indent lambdabotflags} + -e "@kind $1" ''; }) ]; -- cgit v1.2.3 From 705bf2c5e3f5a903a705cad70e9f8df5e904580d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 22 Jan 2017 23:40:38 +0100 Subject: l 1 icarus: use grubs crytpodisk & remove /boot --- lass/1systems/icarus.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix index 7f632e9bf..b869a67a7 100644 --- a/lass/1systems/icarus.nix +++ b/lass/1systems/icarus.nix @@ -22,8 +22,9 @@ with import ; loader.grub.enable = true; loader.grub.version = 2; loader.grub.device = "/dev/sda"; + loader.grub.enableCryptodisk = true; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; + initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; }; @@ -43,9 +44,6 @@ with import ; fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/boot" = { - device = "/dev/sda2"; - }; "/tmp" = { device = "tmpfs"; fsType = "tmpfs"; -- cgit v1.2.3 From f07d696cd8ecde00a6a5388f9609d57d4142a9c4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 23 Jan 2017 13:37:52 +0100 Subject: l 1 prism: do more stuff in #coders --- lass/1systems/prism.nix | 43 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 83f669a3d..d8980a10c 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -275,7 +275,7 @@ in { sed-plugin url-title (buildSimpleReaktorPlugin "lambdabot-pl" { - pattern = "^@pl(?P.*)$$"; + pattern = "^@pl (?P.*)$$"; script = pkgs.writeDash "lambda-pl" '' exec ${pkgs.lambdabot}/bin/lambdabot \ ${indent lambdabotflags} @@ -283,7 +283,7 @@ in { ''; }) (buildSimpleReaktorPlugin "lambdabot-type" { - pattern = "^@type(?P.*)$$"; + pattern = "^@type (?P.*)$$"; script = pkgs.writeDash "lambda-type" '' exec ${pkgs.lambdabot}/bin/lambdabot \ ${indent lambdabotflags} @@ -291,7 +291,7 @@ in { ''; }) (buildSimpleReaktorPlugin "lambdabot-let" { - pattern = "^@let(?P.*)$$"; + pattern = "^@let (?P.*)$$"; script = pkgs.writeDash "lambda-let" '' exec ${pkgs.lambdabot}/bin/lambdabot \ ${indent lambdabotflags} @@ -299,7 +299,7 @@ in { ''; }) (buildSimpleReaktorPlugin "lambdabot-run" { - pattern = "^@run(?P.*)$$"; + pattern = "^@run (?P.*)$$"; script = pkgs.writeDash "lambda-run" '' exec ${pkgs.lambdabot}/bin/lambdabot \ ${indent lambdabotflags} @@ -307,13 +307,46 @@ in { ''; }) (buildSimpleReaktorPlugin "lambdabot-kind" { - pattern = "^@kind(?P.*)$$"; + pattern = "^@kind (?P.*)$$"; script = pkgs.writeDash "lambda-kind" '' exec ${pkgs.lambdabot}/bin/lambdabot \ ${indent lambdabotflags} -e "@kind $1" ''; }) + (buildSimpleReaktorPlugin "lambdabot-kind" { + pattern = "^@kind (?P.*)$$"; + script = pkgs.writeDash "lambda-kind" '' + exec ${pkgs.lambdabot}/bin/lambdabot \ + ${indent lambdabotflags} + -e "@kind $1" + ''; + }) + (buildSimpleReaktorPlugin "random-unicorn-porn" { + pattern = "^!rup$$"; + script = pkgs.writePython2 "rup" '' + #!${pkgs.python2}/bin/python + t1 = """ + _. + ;=',_ () + 8===D~~ S" .--`|| + sS \__ || + __.' ( \-->|| + _=/ _./-\/ || + 8===D~~ ((\( /-' -'l || + ) |/ \\ (_)) + \\ \\ + '~ '~ + """ + print(t1) + ''; + }) + (buildSimpleReaktorPlugin "ping" { + pattern = "^!ping (?P.*)$$"; + script = pkgs.writeDash "ping" '' + exec /var/setuid-wrappers/ping -q -c1 "$1" 2>&1 | tail -1 + ''; + }) ]; }; } -- cgit v1.2.3