From 3ba905f2b0cff91cdeaa46c3eaed34d4bfc01215 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 29 Jan 2018 14:45:26 +0100 Subject: ma wbob-kiosk: provide chromium --- makefu/2configs/gui/wbob-kiosk.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 4b7a0c33..7db74922 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -1,11 +1,13 @@ -{ lib, ... }: +{ pkgs, lib, ... }: { imports = [ ./base.nix ]; + users.users.makefu.packages = [ pkgs.chromium ]; services.xserver = { layout = lib.mkForce "de"; + xkbVariant = lib.mkForce ""; windowManager = lib.mkForce { awesome.enable = false; @@ -16,7 +18,7 @@ # xrandrHeads = [ "HDMI1" "HDMI2" ]; # prevent screen from turning off, disable dpms displayManager.sessionCommands = '' - xset s off -dpms + xset -display :0 s off -dpms xrandr --output HDMI2 --right-of HDMI1 ''; }; -- cgit v1.2.3 From 71397b0aa5f27b0b6dbe22101287f60b237e32f0 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 29 Jan 2018 14:47:00 +0100 Subject: ma wbob.r: enable mpd via bluetooth --- makefu/1systems/wbob/config.nix | 126 ++++++++++++++++++++-------------------- 1 file changed, 62 insertions(+), 64 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index f44211b9..6434ba27 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -18,7 +18,7 @@ in { - # + @@ -31,6 +31,63 @@ in { # Services + (let + musicDirectory = "/data/music"; + in { + services.mpd = { + enable = true; + inherit musicDirectory; + # dataDir = "/home/anders/.mpd"; + network.listenAddress = "any"; + extraConfig = '' + audio_output { + type "pulse" + name "Local MPD" + server "127.0.0.1" + } + ''; + }; + # open because of truestedInterfaces + # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; + services.samba.shares.music = { + path = musicDirectory; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + + sound.enable = true; + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + # systemWide = true; + support32Bit = true; + zeroconf.discovery.enable = true; + zeroconf.publish.enable = true; + tcp = { + enable = true; + anonymousClients.allowAll = true; + anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ]; + }; + configFile = pkgs.writeText "default.pa" '' + load-module module-udev-detect + load-module module-bluetooth-policy + load-module module-bluetooth-discover + load-module module-native-protocol-unix + load-module module-always-sink + load-module module-console-kit + load-module module-systemd-login + load-module module-intended-roles + load-module module-position-event-sounds + load-module module-filter-heuristics + load-module module-filter-apply + load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 + load-module module-switch-on-connect + ''; + }; + # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio + hardware.bluetooth.enable = true; + }) # Sensors @@ -147,7 +204,10 @@ in { boot.loader.grub.device = rootdisk; hardware.cpu.intel.updateMicrocode = true; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; + + boot.kernelModules = [ "kvm-intel" + "snd-seq" "snd-rawmidi" + ]; fileSystems = { "/" = { device = rootdisk + "-part1"; @@ -174,66 +234,4 @@ in { serverAddress = "x.r"; }; }; - security.wrappers.fping = { - source = "${pkgs.fping}/bin/fping"; - setuid = true; - }; - services.smokeping = { - enable = true; - targetConfig = '' - probe = FPing - menu = Top - title = Network Latency Grapher - remark = Welcome to this SmokePing website. - - + network - menu = Net latency - title = Network latency (ICMP pings) - - ++ google - probe = FPing - host = google.de - ++ webde - probe = FPing - host = web.de - - + services - menu = Service latency - title = Service latency (DNS, HTTP) - - ++ HTTP - menu = HTTP latency - title = Service latency (HTTP) - - +++ webdeping - probe = EchoPingHttp - host = web.de - - +++ googwebping - probe = EchoPingHttp - host = google.de - - #+++ webwww - #probe = Curl - #host = web.de - - #+++ googwebwww - #probe = Curl - #host = google.de - ''; - probeConfig = '' - + FPing - binary = /run/wrappers/bin/fping - + EchoPingHttp - pings = 5 - url = / - - #+ Curl - ## probe-specific variables - #binary = ${pkgs.curl}/bin/curl - #step = 60 - ## a default for this target-specific variable - #urlformat = http://%host%/ - ''; - }; } -- cgit v1.2.3 From b31a37799eff274215d4cd9d435a9c16d496a88c Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 30 Jan 2018 08:11:00 +0100 Subject: ma pkgs.pfsshell: init --- makefu/5pkgs/pfsshell/default.nix | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 makefu/5pkgs/pfsshell/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/pfsshell/default.nix b/makefu/5pkgs/pfsshell/default.nix new file mode 100644 index 00000000..fc6b3706 --- /dev/null +++ b/makefu/5pkgs/pfsshell/default.nix @@ -0,0 +1,27 @@ +{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }: +stdenv.mkDerivation rec { + pname = "pfsshell"; + version = "64f8c2"; + name = "${pname}-${version}"; + + src = fetchFromGitHub { + owner = "makefu"; + repo = "pfsshell"; + rev = version; + sha256 = "01lbqf8s91p8id58xa16fp555i03vfycqvhv7qzpnrjy6yvp9dm8"; + }; + + buildInputs = [ ]; + + makeFlags = [ ]; + + installPhase = '' + mkdir -p $out/bin + cp pfsshell $out/bin + ''; + + meta = { + homepage = https://github.com/uyjulian/pfsshell ; + description = "browse and transfer files to/from PFS filesystems"; + }; +} -- cgit v1.2.3 From ef3a0dcff538c850c25b46165ed70c899873bece Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Feb 2018 11:55:12 +0100 Subject: ma wvdial: rip --- makefu/1systems/x/config.nix | 3 +- makefu/2configs/hw/network-manager.nix | 37 ++++++++++++++++++ makefu/2configs/hw/wwan.nix | 8 ---- makefu/3modules/wvdial.nix | 71 ---------------------------------- 4 files changed, 39 insertions(+), 80 deletions(-) create mode 100644 makefu/2configs/hw/network-manager.nix delete mode 100644 makefu/2configs/hw/wwan.nix delete mode 100644 makefu/3modules/wvdial.nix (limited to 'makefu') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index a32db91e..f3a1d488 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -59,8 +59,9 @@ with import ; # Hardware + # - + # diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix new file mode 100644 index 00000000..7e29849b --- /dev/null +++ b/makefu/2configs/hw/network-manager.nix @@ -0,0 +1,37 @@ +{ pkgs, lib, ... }: +{ + users.users.makefu = { + extraGroups = [ "networkmanager" ]; + packages = with pkgs;[ + networkmanagerapplet + gnome3.gnome_keyring gnome3.dconf + ]; + }; + networking.wireless.enable = lib.mkForce false; + + systemd.services.modemmanager = { + description = "ModemManager"; + after = [ "network-manager.service" ]; + bindsTo = [ "network-manager.service" ]; + wantedBy = [ "network-manager.service" ]; + serviceConfig = { + ExecStart = "${pkgs.modemmanager}/bin/ModemManager"; + PrivateTmp = true; + Restart = "always"; + RestartSec = "5"; + }; + }; + networking.networkmanager.enable = true; + + # TODO: put somewhere else + services.xserver.displayManager.sessionCommands = '' + ${pkgs.clipit}/bin/clipit & + ${pkgs.networkmanagerapplet}/bin/nm-applet & + ''; + +# nixOSUnstable +# networking.networkmanager.wifi = { +# powersave = true; +# scanRandMacAddress = true; +# }; +} diff --git a/makefu/2configs/hw/wwan.nix b/makefu/2configs/hw/wwan.nix deleted file mode 100644 index 0eb0c97d..00000000 --- a/makefu/2configs/hw/wwan.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: - -{ - makefu.umts = { - enable = true; - modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; - }; -} diff --git a/makefu/3modules/wvdial.nix b/makefu/3modules/wvdial.nix deleted file mode 100644 index 1ed929ed..00000000 --- a/makefu/3modules/wvdial.nix +++ /dev/null @@ -1,71 +0,0 @@ -# Global configuration for wvdial. - -{ config, lib, pkgs, ... }: - -with lib; - -let - - configFile = '' - [Dialer Defaults] - PPPD PATH = ${pkgs.ppp}/sbin/pppd - ${config.environment.wvdial.dialerDefaults} - ''; - - cfg = config.environment.wvdial; - -in -{ - ###### interface - - options = { - - environment.wvdial = { - - dialerDefaults = mkOption { - default = ""; - type = types.str; - example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"''; - description = '' - Contents of the "Dialer Defaults" section of - /etc/wvdial.conf. - ''; - }; - - pppDefaults = mkOption { - default = '' - noipdefault - usepeerdns - defaultroute - persist - noauth - ''; - type = types.str; - description = "Default ppp settings for wvdial."; - }; - - }; - - }; - - ###### implementation - - config = mkIf (cfg.dialerDefaults != "") { - - environment = { - - etc = - [ - { source = pkgs.writeText "wvdial.conf" configFile; - target = "wvdial.conf"; - } - { source = pkgs.writeText "wvdial" cfg.pppDefaults; - target = "ppp/peers/wvdial"; - } - ]; - - }; - - }; - -} -- cgit v1.2.3 From 72f440fdb567b8000ec72aefa6d3e74734c11c9e Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Feb 2018 11:56:36 +0100 Subject: ma omo.r: init google-muell --- makefu/1systems/omo/config.nix | 3 ++- makefu/2configs/deployment/google-muell.nix | 34 +++++++++++++++++++++++++++++ makefu/2configs/deployment/led-fader.nix | 20 +---------------- makefu/5pkgs/ampel/default.nix | 27 +++++++++++++++++++++++ 4 files changed, 64 insertions(+), 20 deletions(-) create mode 100644 makefu/2configs/deployment/google-muell.nix create mode 100644 makefu/5pkgs/ampel/default.nix (limited to 'makefu') diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index ce3ffbcf..1e087fef 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -19,7 +19,7 @@ let # __FRONT_ # |* d0 | # | | - # |* d3 | + # |* d1 | # | | # |* d3 | # | | @@ -68,6 +68,7 @@ in { + # security diff --git a/makefu/2configs/deployment/google-muell.nix b/makefu/2configs/deployment/google-muell.nix new file mode 100644 index 00000000..f23789ee --- /dev/null +++ b/makefu/2configs/deployment/google-muell.nix @@ -0,0 +1,34 @@ +{ config, lib, pkgs, buildPythonPackage, ... }: +with import ; +let + pkg = pkgs.ampel; + home = "/var/lib/ampel"; + sec = "${toString }/google-muell.json"; + ampelsec = "${home}/google-muell.json"; + esp = "192.168.1.23"; + sleepval = "1800"; +in { + users.users.ampel = { + uid = genid "ampel"; + createHome = true; + isSystemUser = true; + inherit home; + }; + systemd.services.google-muell-ampel = { + description = "Send led change to rgb cubes"; + after = [ "network-online.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "ampel"; + ExecStartPre = pkgs.writeDash "copy-ampel-secrets" '' + cp ${sec} ${ampelsec} + chown ampel ${ampelsec} + ''; + ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}"; + PermissionsStartOnly = true; + Restart = "always"; + RestartSec = 10; + PrivateTmp = true; + }; + }; +} diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix index 292b6679..d34b6612 100644 --- a/makefu/2configs/deployment/led-fader.nix +++ b/makefu/2configs/deployment/led-fader.nix @@ -2,25 +2,7 @@ let mq = "192.168.8.11"; - - pkg = pkgs.python3Packages.buildPythonPackage { - name = "ampel-master"; - - src = pkgs.fetchgit { - url = "http://cgit.euer.krebsco.de/ampel"; - rev = "531741b"; - sha256 = "110yij53jz074zbswylbzcd8jy7z49r9fg6i3j1gk2y3vl91g81c"; - }; - propagatedBuildInputs = with pkgs.python3Packages; [ - docopt - paho-mqtt - requests - pytz - influxdb - httplib2 - google_api_python_client - ]; - }; + pkg = pkgs.ampel; in { systemd.services.led-fader = { description = "Send led change to message queue"; diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix new file mode 100644 index 00000000..86518b9b --- /dev/null +++ b/makefu/5pkgs/ampel/default.nix @@ -0,0 +1,27 @@ +{ lib, pkgs, fetchFromGitHub, ... }: + +with pkgs.python3Packages;buildPythonPackage rec { + name = "ampel-${version}"; + version = "0.2"; + + propagatedBuildInputs = [ + docopt + paho-mqtt + requests + pytz + influxdb + httplib2 + google_api_python_client + ]; + + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/ampel"; + rev = "d8a0250"; + sha256 = "0n36lc17ca5db6pl6dswdqd5w9f881rfqck9yc4w33a5qpsxj85f"; + }; + meta = { + homepage = http://cgit.euer.krebsco.de/ampel; + description = "change colors of rgb cubes"; + license = lib.licenses.asl20; + }; +} -- cgit v1.2.3 From 083941f7dba4347084779b65cefa9b8cc9713939 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Feb 2018 11:57:58 +0100 Subject: ma gui/base: set packages only for mainuser --- makefu/2configs/gui/base.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix index daa0282b..861a9327 100644 --- a/makefu/2configs/gui/base.nix +++ b/makefu/2configs/gui/base.nix @@ -48,13 +48,14 @@ in fonts = [ pkgs.terminus_font ]; }; - environment.systemPackages = with pkgs;[ - pavucontrol - xlockmore - rxvt_unicode-with-plugins - firefox - ]; - users.extraUsers.${mainUser}.extraGroups = [ "audio" ]; + users.users.${mainUser} = { + extraGroups = [ "audio" ]; + packages = with pkgs;[ + pavucontrol + xlockmore + rxvt_unicode-with-plugins + ]; + }; hardware.pulseaudio = { enable = true; -- cgit v1.2.3 From c1b2f919572a485cafdc56af5d9e3240ac74469c Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Feb 2018 11:59:08 +0100 Subject: ma x.r: disable makefu.umts, cleanup --- makefu/1systems/x/config.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index f3a1d488..d5a9bdcf 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -83,13 +83,9 @@ with import ; makefu.server.primary-itf = "wlp3s0"; makefu.full-populate = true; - makefu.umts.apn = "web.vodafone.de"; nixpkgs.config.allowUnfree = true; - environment.systemPackages = [ pkgs.passwdqc-utils ]; - - # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ]; @@ -101,8 +97,15 @@ with import ; krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ]; networking.extraHosts = '' - 192.168.1.11 omo.local + 192.168.1.11 omo.local ''; # hard dependency because otherwise the device will not be unlocked boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; + + nix.package = pkgs.nixUnstable; + environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ]; + nixpkgs.overlays = [ (import ) ]; + + # environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; }; + } -- cgit v1.2.3 From 4dfb5faaab57a69a5940e97feb4c8ed488d931f4 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Feb 2018 12:39:44 +0100 Subject: ma 3/umts: rip --- makefu/3modules/default.nix | 2 -- makefu/3modules/umts.nix | 84 --------------------------------------------- 2 files changed, 86 deletions(-) delete mode 100644 makefu/3modules/umts.nix (limited to 'makefu') diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index af0e81df..fa4eb827 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -14,8 +14,6 @@ _: ./snapraid.nix ./torrent.nix ./udpt.nix - ./umts.nix - ./wvdial.nix ]; } diff --git a/makefu/3modules/umts.nix b/makefu/3modules/umts.nix deleted file mode 100644 index 86669945..00000000 --- a/makefu/3modules/umts.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -let - nixpkgs-1509 = import (pkgs.fetchFromGitHub { - owner = "NixOS"; repo = "nixpkgs-channels"; - rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda"; - sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73"; - }) {}; - - wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113 - - # TODO: currently it is only netzclub - umts-bin = pkgs.writeScriptBin "umts" '' - #!/bin/sh - set -euf - systemctl start umts - trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT - echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf - journalctl -xfu umts - ''; - - wvdial-defaults = '' - Phone = *99***1# - Dial Command = ATDT - Modem = ${cfg.modem-device} - Baud = 460800 - Init1 = AT+CGDCONT=1,"IP","${config.makefu.umts.apn}","",0,0 - Init2 = ATZ - Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 - ISDN = 0 - Modem Type = Analog Modem - Username = netzclub - Password = netzclub - Stupid Mode = 1 - Idle Seconds = 0''; - - cfg = config.makefu.umts; - - out = { - options.makefu.umts = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "umts"; - - modem-device = mkOption { - default = "/dev/ttyUSB0"; - type = types.str; - description = '' - path to modem device, use /dev/serial/by-id/... - to avoid race conditions. - ''; - }; - apn = mkOption { - default = "pinternet.interkom.de"; - type = types.str; - description = '' - apn to use for dailing - ''; - }; - }; - - imp = { - environment.shellAliases = { - umts = "sudo ${umts-bin}/bin/umts"; - }; - environment.systemPackages = [ ]; - - environment.wvdial.dialerDefaults = wvdial-defaults; - - systemd.services.umts = { - description = "UMTS wvdial Service"; - serviceConfig = { - Type = "simple"; - Restart = "always"; - RestartSec = "10s"; - ExecStart = "${wvdial}/bin/wvdial -n"; - }; - }; - }; -in out -- cgit v1.2.3 From e7418fbdf1bdddeeabe123c04bbd858fc70fe031 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Feb 2018 13:20:53 +0100 Subject: ma source: bump to 2018-02-06 --- makefu/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index c22c82f3..f06c9454 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,7 +13,7 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "0f19bee"; # nixos-17.09 @ 2018-01-05 + ref = "cd36b3d"; # nixos-17.09 @ 2018-02-06 # + do_sqlite3 ruby: 55a952be5b5 # + signal: 0f19beef3 -- cgit v1.2.3 From 397a1c89319cce2c0f37ef5eb308e40954727108 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 01:32:22 +0100 Subject: ma {vbob,sdev}.r: disable vbox guest extensions for now --- makefu/1systems/sdev/config.nix | 6 ++++-- makefu/1systems/vbob/config.nix | 6 +++++- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index 38c044be..3e9548aa 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -6,7 +6,9 @@ [ # Include the results of the hardware scan. (toString ) - (toString ) + { ## Guest Extensions are currently broken + # virtualisation.virtualbox.guest.enable = true; + } # @@ -50,7 +52,7 @@ fileSystems."/media/share" = { fsType = "vboxsf"; device = "share"; - options = [ "rw" "uid=9001" "gid=9001" ]; + options = [ "rw" "uid=9001" "gid=9001" "nofail" ]; }; } diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index ffd9deae..24d42a69 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -8,8 +8,12 @@ { imports = [ ]; boot.loader.grub.device = "/dev/sda"; - virtualisation.virtualbox.guest.enable = true; } + + { ## Virtualbox guest is broken on newer kernel + # virtualisation.virtualbox.guest.enable = true; + } + # { # imports = [ # -- cgit v1.2.3 From ac824ebe74912dc8cc3224a10f0d10973f6449c5 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 01:33:29 +0100 Subject: ma gum.r: add workr --- makefu/1systems/gum/config.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'makefu') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index a656fdce..b859efc9 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -148,6 +148,11 @@ in { allowedIPs = [ "10.244.0.5/32" ]; publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw="; } + { + # workr + allowedIPs = [ "10.244.0.6/32" ]; + publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA="; + } ]; }; } -- cgit v1.2.3 From f2eedeff52caa97245db1e47d2e2413d1c991d09 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 01:33:51 +0100 Subject: ma omo.r: add cryptDisk3 --- makefu/1systems/omo/config.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 1e087fef..4e0d2a05 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -25,16 +25,18 @@ let # | | # |* | # |* d2 | - # | * r0 | + # | * | + # | * | # |_______| cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6"; cryptDisk1 = byid "ata-TP02000GB_TPW151006050068"; cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG"; + cryptDisk3 = byid "ata-ST8000DM004-2CX188_ZCT01SG4"; # cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907"; # all physical disks # TODO callPackage ../3modules/MonitorDisks { disks = allDisks } - dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 ]; + dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 cryptDisk3 ]; allDisks = [ rootDisk ] ++ dataDisks; in { imports = @@ -127,6 +129,7 @@ in { makefu.snapraid = { enable = true; + # TODO: 3 is not protected disks = map toMapper [ 0 1 ]; parity = toMapper 2; }; @@ -139,7 +142,7 @@ in { ''; environment.systemPackages = with pkgs;[ mergerfs # hard requirement for mount - wol # wake up filepimp + wol # wake up filepimp f3 ]; fileSystems = let @@ -151,6 +154,7 @@ in { in cryptMount "crypt0" // cryptMount "crypt1" // cryptMount "crypt2" + // cryptMount "crypt3" // { "/media/cryptX" = { device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 ]); fsType = "mergerfs"; @@ -179,6 +183,7 @@ in { (usbkey "crypt0" cryptDisk0) (usbkey "crypt1" cryptDisk1) (usbkey "crypt2" cryptDisk2) + (usbkey "crypt3" cryptDisk3) ]; }; loader.grub.device = lib.mkForce rootDisk; -- cgit v1.2.3 From ed60f4e68c5d0422dcf702d35a3be9d9ef2503bf Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 01:34:17 +0100 Subject: ma tools/mobility: re-introduce working exfat-nofuse --- makefu/2configs/tools/mobility.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/tools/mobility.nix b/makefu/2configs/tools/mobility.nix index f2676f11..1993a521 100644 --- a/makefu/2configs/tools/mobility.nix +++ b/makefu/2configs/tools/mobility.nix @@ -5,5 +5,5 @@ mosh ]; - # boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; + boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; } -- cgit v1.2.3 From 43c2a68a956a9630d0f1841310934065b429ecfd Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 01:34:40 +0100 Subject: ma tools/studio: remove latency_msec --- makefu/2configs/tools/studio.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/tools/studio.nix b/makefu/2configs/tools/studio.nix index 0356ba39..e0c68167 100644 --- a/makefu/2configs/tools/studio.nix +++ b/makefu/2configs/tools/studio.nix @@ -9,8 +9,8 @@ # owncloudclient (pkgs.writeScriptBin "prepare-pulseaudio" '' pactl load-module module-null-sink sink_name=stream sink_properties=device.description="Streaming" - pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream latency_msec=1 - pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream latency_msec=1 + pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream + pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream darkice -c ~/lol.conf '') ]; -- cgit v1.2.3 From b02b939e7ce78a7d66844a751551f7b0a56532d3 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 01:35:06 +0100 Subject: ma source: cd36b3d -> 51810e0 --- makefu/source.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index f06c9454..708f0d20 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,7 +13,8 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "cd36b3d"; # nixos-17.09 @ 2018-02-06 + # TODO: automate updating of this ref + cherry-picks + ref = "51810e0"; # nixos-17.09 @ 2018-02-14 # + do_sqlite3 ruby: 55a952be5b5 # + signal: 0f19beef3 -- cgit v1.2.3 From 372d965133cfe224d4cd47f63ec1fd2c8475c1ae Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 08:37:59 +0100 Subject: ma sdev.r: force virtualisation.virtualbox.guest.enable = false --- makefu/1systems/sdev/config.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index 3e9548aa..a60a8db6 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -5,9 +5,10 @@ imports = [ # Include the results of the hardware scan. + (toString ) { ## Guest Extensions are currently broken - # virtualisation.virtualbox.guest.enable = true; + virtualisation.virtualbox.guest.enable = lib.mkForce true; } # -- cgit v1.2.3 From 931e25894dc43f7c7e37026f3cc29427aa07ba80 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 09:41:59 +0100 Subject: ma vbox-guest: init --- makefu/1systems/sdev/config.nix | 19 ++++++------------- makefu/1systems/vbob/config.nix | 40 ++++----------------------------------- makefu/2configs/hw/vbox-guest.nix | 16 ++++++++++++++++ 3 files changed, 26 insertions(+), 49 deletions(-) create mode 100644 makefu/2configs/hw/vbox-guest.nix (limited to 'makefu') diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index a60a8db6..81e8cd4d 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -6,9 +6,12 @@ [ # Include the results of the hardware scan. - (toString ) - { ## Guest Extensions are currently broken - virtualisation.virtualbox.guest.enable = lib.mkForce true; + + { # until virtualbox-image is fixed + imports = [ + + ]; + boot.loader.grub.device = "/dev/sda"; } # @@ -17,11 +20,6 @@ ]; - # workaround for https://github.com/NixOS/nixpkgs/issues/16641 - services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ]; - - nixpkgs.config.allowUnfree = true; - # allow sdev to deploy self users.extraUsers = { root = { @@ -50,10 +48,5 @@ 8010 ]; - fileSystems."/media/share" = { - fsType = "vboxsf"; - device = "share"; - options = [ "rw" "uid=9001" "gid=9001" "nofail" ]; - }; } diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index 24d42a69..c74f6edb 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -9,33 +9,8 @@ imports = [ ]; boot.loader.grub.device = "/dev/sda"; } - - { ## Virtualbox guest is broken on newer kernel - # virtualisation.virtualbox.guest.enable = true; - } - - # { - # imports = [ - # - # ]; - # virtualbox.baseImageSize = 35 * 1024; - # fileSystems."/media/share" = { - # fsType = "vboxsf"; - # device = "share"; - # options = [ "rw" "uid=9001" "gid=9001" ]; - # }; - # } - - # { - # imports = [ - # - # ]; - # fileSystems."/nix" = { - # device ="/dev/disk/by-label/nixstore"; - # fsType = "ext4"; - # }; - # } - + + # # base gui # @@ -79,14 +54,8 @@ ]; networking.extraHosts = import (toString ); - nixpkgs.config.allowUnfree = true; - # allow vbob to deploy self - users.extraUsers = { - root = { - openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; - }; - }; + users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; environment.shellAliases = { forti = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn"; @@ -107,7 +76,6 @@ #devpi-client ansible ]; - # virtualisation.docker.enable = true; networking.firewall.allowedTCPPorts = [ @@ -115,6 +83,6 @@ 80 8010 ]; - + # required for qemu systemd.services."serial-getty@ttyS0".enable = true; } diff --git a/makefu/2configs/hw/vbox-guest.nix b/makefu/2configs/hw/vbox-guest.nix new file mode 100644 index 00000000..3ba8ef90 --- /dev/null +++ b/makefu/2configs/hw/vbox-guest.nix @@ -0,0 +1,16 @@ +{ lib, ...}: +{ + ## Guest Extensions are currently broken + imports = [ + # (toString ) + ]; + # virtualisation.virtualbox.guest.enable = true; + services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ]; + + fileSystems."/media/share" = { + fsType = "vboxsf"; + device = "share"; + options = [ "rw" "uid=9001" "gid=9001" "nofail" ]; + }; + # virtualbox.baseImageSize = 35 * 1024; +} -- cgit v1.2.3 From cd31fcaefa6349248bd1a437027e83c7e05b22af Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 14 Feb 2018 09:49:57 +0100 Subject: ma docker: use 2configs --- makefu/1systems/omo/config.nix | 2 +- makefu/1systems/sdev/config.nix | 4 +--- makefu/1systems/vbob/config.nix | 1 - 3 files changed, 2 insertions(+), 5 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 4e0d2a05..01438397 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -71,6 +71,7 @@ in { + # security @@ -119,7 +120,6 @@ in { services.sabnzbd.enable = true; systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - virtualisation.docker.enable = true; makefu.ps3netsrv = { enable = true; servedir = "/media/cryptX/emu/ps3"; diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index 81e8cd4d..7a87362d 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -18,6 +18,7 @@ # environment + ]; # allow sdev to deploy self @@ -31,7 +32,6 @@ ppp xclip get passwdqc-utils - docker gnupg populate (pkgs.writeScriptBin "tor-browser" '' @@ -40,8 +40,6 @@ '') ]; - virtualisation.docker.enable = true; - networking.firewall.allowedTCPPorts = [ 25 80 diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index c74f6edb..1f68ad9c 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -71,7 +71,6 @@ fortclientsslvpn ppp xclip get logstash - # docker #devpi-web #devpi-client ansible -- cgit v1.2.3 From 1ccef680d2497903a988663e4114487315a99f39 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 15 Feb 2018 10:17:41 +0100 Subject: ma x.r: init wireguard, disable wifi, enable pcmanfm --- makefu/1systems/x/config.nix | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index d5a9bdcf..8d18b450 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -60,7 +60,7 @@ with import ; # Hardware # - + # # @@ -78,6 +78,38 @@ with import ; # # # + # + + { + networking.wireguard.interfaces.wg0 = { + ips = [ "10.244.0.2/24" ]; + privateKeyFile = (toString ) + "/wireguard.key"; + allowedIPsAsRoutes = true; + peers = [ + { + # gum + endpoint = "${config.krebs.hosts.gum.nets.internet.ip4.addr}:51820"; + allowedIPs = [ "10.244.0.0/24" ]; + publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + } + #{ + # # vbob + # allowedIPs = [ "10.244.0.3/32" ]; + # publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw="; + #} + ]; + }; + } + + { # auto-mounting + services.udisks2.enable = true; + services.devmon.enable = true; + # services.gnome3.gvfs.enable = true; + users.users.makefu.packages = with pkgs;[ + gvfs pcmanfm lxmenu-data + ]; + environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; + } ]; -- cgit v1.2.3 From cdf69ce25896caf40932c0389b33b2fa9c3ab77a Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 16 Feb 2018 20:48:56 +0100 Subject: ma vbox-guest: remove from vhosts, prepare for working upstream --- makefu/1systems/sdev/config.nix | 2 +- makefu/1systems/vbob/config.nix | 2 +- makefu/2configs/hw/vbox-guest.nix | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index 7a87362d..d209a078 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -6,7 +6,7 @@ [ # Include the results of the hardware scan. - + # { # until virtualbox-image is fixed imports = [ diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index 1f68ad9c..64709de3 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -9,7 +9,7 @@ imports = [ ]; boot.loader.grub.device = "/dev/sda"; } - + # # # base gui diff --git a/makefu/2configs/hw/vbox-guest.nix b/makefu/2configs/hw/vbox-guest.nix index 3ba8ef90..65f915a2 100644 --- a/makefu/2configs/hw/vbox-guest.nix +++ b/makefu/2configs/hw/vbox-guest.nix @@ -2,9 +2,9 @@ { ## Guest Extensions are currently broken imports = [ - # (toString ) + (toString ) ]; - # virtualisation.virtualbox.guest.enable = true; + virtualisation.virtualbox.guest.enable = true; services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ]; fileSystems."/media/share" = { -- cgit v1.2.3 From 24b8fbc40be4008bb32697309c729df72132454d Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 16 Feb 2018 21:56:41 +0100 Subject: ma x.r: vbox+extensionpack does not build --- makefu/1systems/x/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index 8d18b450..b4d4aa66 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -40,7 +40,7 @@ with import ; # Virtualization - + # { networking.firewall.allowedTCPPorts = [ 8080 ]; networking.nat = { -- cgit v1.2.3 From b28b86580d22e67d9a0552e96841643f77e03927 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 16 Feb 2018 21:57:05 +0100 Subject: ma sdev.,vbob.r: allow unfree --- makefu/1systems/sdev/config.nix | 2 ++ makefu/1systems/vbob/config.nix | 4 ++++ 2 files changed, 6 insertions(+) (limited to 'makefu') diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index d209a078..c2cd23d1 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -27,6 +27,8 @@ openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ]; }; }; + # corefonts + nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs;[ ppp xclip diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index 64709de3..208dd1ff 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -67,6 +67,10 @@ ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail ''; + + # for forticlient + nixpkgs.config.allowUnfree = true; + environment.systemPackages = with pkgs;[ fortclientsslvpn ppp xclip get -- cgit v1.2.3