From 35596f7aed2f2b43064c5d41121c0d3d17503641 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Oct 2016 21:05:56 +0200 Subject: l 1 mors: activate redis --- lass/1systems/mors.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 1028ca652..b9373313c 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -77,6 +77,9 @@ with config.krebs.lib; ]; }; } + { + services.redis.enable = true; + } ]; krebs.build.host = config.krebs.hosts.mors; -- cgit v1.2.3 From 48282200043d63c5e0434fdd7b8dc79aa271b8ae Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Oct 2016 21:08:55 +0200 Subject: l 2 c-base: add cifs-utils --- lass/2configs/c-base.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix index 9d13bc30d..679a90b7e 100644 --- a/lass/2configs/c-base.nix +++ b/lass/2configs/c-base.nix @@ -16,6 +16,10 @@ in { users.extraGroups.cbasevpn.gid = genid "cbasevpn"; + environment.systemPackages = [ + pkgs.cifs-utils + ]; + services.openvpn.servers = { c-base = { config = '' -- cgit v1.2.3 From 0398342657a9548b9ada4524335b3ca864fd9c2e Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Oct 2016 21:09:26 +0200 Subject: l 2 websites domsen: remove obsolete code --- lass/2configs/websites/domsen.nix | 32 -------------------------------- 1 file changed, 32 deletions(-) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 3a3e60d39..5a4748f42 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -22,25 +22,6 @@ let exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@" ''; - check-password = pkgs.writeDash "check-password" '' - read pw - - file="/home/$PAM_USER/.shadow" - - #check if shadow file exists - test -e "$file" || exit 123 - - hash="$(${pkgs.coreutils}/bin/head -1 $file)" - salt="$(echo $hash | ${pkgs.gnused}/bin/sed 's/.*\$\(.*\)\$.*/\1/')" - - calc_hash="$(echo "$pw" | ${pkgs.mkpasswd}/bin/mkpasswd -m sha-512 -S $salt)" - if [ "$calc_hash" == $hash ]; then - exit 0 - else - exit 1 - fi - ''; - in { imports = [ ./sqlBackup.nix @@ -164,19 +145,6 @@ in { { predicate = "-p tcp --dport 465"; target = "ACCEPT"; } ]; - security.pam.services.exim.text = '' - auth required pam_env.so - auth sufficient pam_exec.so debug expose_authtok ${check-password} - auth sufficient pam_unix.so likeauth nullok - auth required pam_deny.so - account required pam_unix.so - password required pam_cracklib.so retry=3 type= - password sufficient pam_unix.so nullok use_authtok md5shadow - password required pam_deny.so - session required pam_limits.so - session required pam_unix.so - ''; - krebs.exim-smarthost = { authenticators.PLAIN = '' driver = plaintext -- cgit v1.2.3 From 51a9fb2dccf6996e1f4fe6f795076ebc6bc71d25 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Oct 2016 21:10:59 +0200 Subject: l 1 shodan: add sokratess user --- lass/1systems/shodan.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'lass') diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 5140591af..7c44807a6 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -22,6 +22,26 @@ with builtins; # }; # }; #} + { + users.users.sokratess = { + uid = genid "sokratess"; + home = "/home/sokratess"; + group = "users"; + createHome = true; + extraGroups = [ + "audio" + "networkmanager" + ]; + useDefaultShell = true; + password = "aidsballs"; + }; + krebs.per-user.sokratess.packages = [ + pkgs.firefox + pkgs.python27Packages.virtualenv + pkgs.python27Packages.ipython + pkgs.python27Packages.python + ]; + } ]; krebs.build.host = config.krebs.hosts.shodan; -- cgit v1.2.3 From 0f38de96e8749e49af333028435edb37f7b4ae60 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Oct 2016 21:40:11 +0200 Subject: l: import --- lass/1systems/shodan.nix | 2 +- lass/2configs/websites/domsen.nix | 2 +- lass/2configs/websites/fritz.nix | 2 +- lass/2configs/websites/lassulus.nix | 2 +- lass/2configs/websites/wohnprojekt-rhh.de.nix | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) (limited to 'lass') diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 7c44807a6..9d1df1d72 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: -with builtins; +with import ; { imports = [ ../. diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 5a4748f42..18c771fad 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -2,7 +2,7 @@ let - inherit (import { config = {}; inherit lib; }) + inherit (import ) genid genid_signed ; diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index 48d96b1bf..d93d310da 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -2,7 +2,7 @@ with lib; let - inherit (import { config = {}; inherit lib; }) + inherit (import ) genid head ; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 04c19fad0..b8342e148 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -2,7 +2,7 @@ with lib; let - inherit (import { config = {}; inherit lib; }) + inherit (import ) genid ; diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix index fb1a58109..0c409ca87 100644 --- a/lass/2configs/websites/wohnprojekt-rhh.de.nix +++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, ... }: let - inherit (import { config = {}; inherit lib; }) + inherit (import ) genid ; inherit (import {inherit lib pkgs;}) -- cgit v1.2.3 From 8dc0352e4f585ca6b3a7507663dfcbd91fef098a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 22 Oct 2016 01:29:16 +0200 Subject: l 2 nixpkgs: b8ede35 -> 686bc9c --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 73c96e876..4ef4c6ce7 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "b8ede35d2efa96490857c22c751e75d600bea44f"; + ref = "686bc9c5ccafbec2b6d2db61bd0803c2b7bc2b7d"; }; } -- cgit v1.2.3 From 75a3c4029db60013066b0850ed4df359fe2be3cd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 22 Oct 2016 14:25:52 +0200 Subject: l 1 helios: oraclejre -> jre --- lass/1systems/helios.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index c16080762..4e0b40906 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -41,7 +41,7 @@ with import ; environment.systemPackages = with pkgs; [ firefox chromium - oraclejre8 + jre maven arandr libreoffice -- cgit v1.2.3 From 384c96efd288c44b285d20ca8f5390b9d03af6d6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Oct 2016 05:53:41 +0200 Subject: l 1 helios: remove jre from pkgs --- lass/1systems/helios.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 4e0b40906..82db8ef7b 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -41,7 +41,6 @@ with import ; environment.systemPackages = with pkgs; [ firefox chromium - jre maven arandr libreoffice -- cgit v1.2.3