From 2ac7d159f81da79e7b52f27ea38543990bb486ce Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 13 Aug 2016 22:38:09 +0200 Subject: m bcm4352: init for x --- makefu/2configs/hw/bcm4352.nix | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 makefu/2configs/hw/bcm4352.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/hw/bcm4352.nix b/makefu/2configs/hw/bcm4352.nix new file mode 100644 index 00000000..516637eb --- /dev/null +++ b/makefu/2configs/hw/bcm4352.nix @@ -0,0 +1,6 @@ +{config, ...}: +{ + networking.enableB43Firmware = true; + boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; +} + -- cgit v1.2.3 From 79e3a3dad36f67296001f269e6716a1bd21c983c Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:54:46 +0200 Subject: m 3 populate: allow minimal populate --- makefu/2configs/default.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'makefu/2configs') diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7e4c87cf..cdaa38f2 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -22,10 +22,17 @@ with config.krebs.lib; build = { user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; in { - nixpkgs.git = { - url = https://github.com/nixos/nixpkgs; - ref = "125ffff"; # stable @ 2016-07-20 - }; + nixpkgs = if config.makefu.full-populate or (getEnv "dummy_secrets" == "true") then + { # stable @ 2016-07-20 + git = { url = https://github.com/nixos/nixpkgs; ref = "125ffff"; }; + } + else + # TODO use http, once it is implemented + # right now it is simply extracted revision folder + + ## prepare so we do not have to wait for rsync: + ## cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/125ffff -L | tar zx && mv NixOS-nixpkgs-125ffff nixpkgs + { file = "/home/makefu/store/125ffff";}; secrets.file = if getEnv "dummy_secrets" == "true" then toString -- cgit v1.2.3 From 90afbfa31af036f4475005cd80dbf6b1722c4de4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 11:55:46 +0200 Subject: m 5 torrent: implement shared torrent secret --- makefu/2configs/torrent.nix | 81 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 makefu/2configs/torrent.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix new file mode 100644 index 00000000..c18db9fa --- /dev/null +++ b/makefu/2configs/torrent.nix @@ -0,0 +1,81 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; + +let + daemon-user = "tor"; + daemon-pw = (import ); + peer-port = 51412; + web-port = 8112; + daemon-port = 58846; + dl-dir = "/var/download"; +in { + # prepare secrets + krebs.build.source.torrent-secrets.file = + if getEnv "dummy_secrets" == "true" + then toString + else "/home/makefu/secrets/torrent"; + + users.users = { + download = { + name = "download"; + home = dl-dir; + uid = genid "download"; + createHome = true; + useDefaultShell = true; + group = "download"; + openssh.authorizedKeys.keys = [ ]; + }; + }; + # todo: race condition, do this after download user has been created + system.activationScripts."download-dir-chmod" = '' + for i in finished torrents; do + mkdir -p "${dl-dir}/$i" + chown download:download "${dl-dir}/$i" + chmod 770 "${dl-dir}/$i" + done + ''; + + users.extraGroups = { + download = { + gid = genid "download"; + members = [ + config.krebs.build.user.name + "download" + "deluge" + ]; + }; + }; + + makefu.deluge = { + enable = true; + auth = "${daemon-user}:${daemon-pw}:10"; + # web.enable = true; + cfg = { + autoadd_enable = true; + download_location = dl-dir + "/finished"; + torrentfiles_location = dl-dir + "/torrents"; copy_torrent_file = true; + lsd = true; + dht = true; + upnp = true; + natpmp = true; + add_paused = false; + allow_remote = true; + remove_seed_at_ratio = false; + move_completed = false; + daemon_port = daemon-port; + listen_ports = [ peer-port peer-port ]; + outgoing_ports = [ peer-port peer-port ]; + # performance tuning + cache_expiry = 3600; + stop_seed_at_ratio = true; + }; + }; + + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport ${toString daemon-port} -j ACCEPT + ''; + + networking.firewall.allowedTCPPorts = [ peer-port ]; + networking.firewall.allowedUDPPorts = [ peer-port ]; +} -- cgit v1.2.3 From 54ccd367175e33c0aab67e8ef46d4d73bcf8183c Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 12:07:05 +0200 Subject: m 2 udpt: init --- makefu/2configs/udpt.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 makefu/2configs/udpt.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/udpt.nix b/makefu/2configs/udpt.nix new file mode 100644 index 00000000..6d55ffaf --- /dev/null +++ b/makefu/2configs/udpt.nix @@ -0,0 +1,31 @@ +{pkgs, ...}: + +let + cfgfile = pkgs.writeText "udpt-config" '' + [db] + driver=sqlite3 + param=:memory: + + [tracker] + is_dynamic=yes + port=6969 + threads=5 + allow_remotes=yes + allow_iana_ips=no + announce_interval=1800 + cleanup_interval=120 + + [apiserver] + enable=yes + + [logging] + filename=- + level=warning + ''; +in { + makefu.udpt = { + enable = true; + inherit cfgfile; + }; + +} -- cgit v1.2.3 From 0e93cd309189b46194f246b98df672bffbcc7c52 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 21 Aug 2016 12:21:35 +0200 Subject: m 2 temp: init --- makefu/2configs/temp/8812au.nix | 6 ++++++ makefu/2configs/temp/elkstack.nix | 5 +++++ makefu/2configs/temp/sabnzbd.nix | 5 +++++ 3 files changed, 16 insertions(+) create mode 100644 makefu/2configs/temp/8812au.nix create mode 100644 makefu/2configs/temp/elkstack.nix create mode 100644 makefu/2configs/temp/sabnzbd.nix (limited to 'makefu/2configs') diff --git a/makefu/2configs/temp/8812au.nix b/makefu/2configs/temp/8812au.nix new file mode 100644 index 00000000..9587171b --- /dev/null +++ b/makefu/2configs/temp/8812au.nix @@ -0,0 +1,6 @@ +{config, pkgs, ...}: +{ + #boot.extraModulePackages = [ pkgs.rtl8812au ]; + boot.extraModulePackages = [config.boot.kernelPackages.rtl8812au ]; + boot.kernelModules = [ "rtl8812au" ]; +} diff --git a/makefu/2configs/temp/elkstack.nix b/makefu/2configs/temp/elkstack.nix new file mode 100644 index 00000000..c6bf1c6d --- /dev/null +++ b/makefu/2configs/temp/elkstack.nix @@ -0,0 +1,5 @@ +_: +{ + services.elasticsearch.enable = true; + services.kibana.enable = true; +} diff --git a/makefu/2configs/temp/sabnzbd.nix b/makefu/2configs/temp/sabnzbd.nix new file mode 100644 index 00000000..d8eab273 --- /dev/null +++ b/makefu/2configs/temp/sabnzbd.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: +{ + services.sabnzbd.enable = true; + systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; +} -- cgit v1.2.3