From 6cff70a8a56bba51d0c1ae718107e04c0df36fbc Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 3 Nov 2017 13:26:32 +0100 Subject: ma pkgs.u3-tool: now in upstream --- makefu/5pkgs/u3_tool/default.nix | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 makefu/5pkgs/u3_tool/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/u3_tool/default.nix b/makefu/5pkgs/u3_tool/default.nix deleted file mode 100644 index e8c5573a8..000000000 --- a/makefu/5pkgs/u3_tool/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ stdenv, fetchurl }: - -stdenv.mkDerivation rec { - proj = "u3-tool"; - name = "${proj}-${version}"; - version = "0.3"; - - enableParallelBuilding = true; - - src = fetchurl { - url = "mirror://sourceforge/${proj}/${name}.tar.gz"; - sha256 = "1p9c9kibd1pdbdfa0nd0i3n7bvzi3xg0chm38jg3xfl8gsn0390f"; - }; - - meta = { - description = "Tool for controlling the special features of a 'U3 smart drive' USB Flash disk."; - homepage = https://sourceforge.net/projects/u3-tool/ ; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ makefu ]; - }; -} -- cgit v1.2.3 From 8574f0f177c004031a4282d121931caab62158ad Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 3 Nov 2017 13:29:14 +0100 Subject: ma lancache-dns: add storage server names --- makefu/2configs/lanparty/lancache-dns.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix index 4b4ebf0a0..f03fe8773 100644 --- a/makefu/2configs/lanparty/lancache-dns.nix +++ b/makefu/2configs/lanparty/lancache-dns.nix @@ -21,6 +21,13 @@ let stateDir = "/var/lib/unbound"; user = "unbound"; upstream-server = "8.8.8.8"; + local_ip = "192.168.1.10"; + extra-config = pkgs.writeText "local.conf" '' + server: + local-data: "piratebox. A ${local-ip}" + local-data: "store. A ${local-ip}" + local-data: "share. A ${local-ip}" + ''; in { services.unbound = { enable = true; @@ -29,6 +36,7 @@ in { forwardAddresses = [ upstream-server ]; extraConfig = '' include: "${stateDir}/lancache/*.conf" + include: "${extra-config}" ''; }; services.dnscrypt-proxy.enable = lib.mkForce false; @@ -42,7 +50,8 @@ in { path = [ pkgs.gawk pkgs.iproute pkgs.gnused ]; script = '' set -xeu - current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}') + # current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}') + current_ip=${local_ip} old_ip=10.1.1.250 mkdir -p ${stateDir} rm -rvf ${stateDir}/lancache -- cgit v1.2.3 From a98010b11c68863feaa6ff30943ef21d39a59980 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 3 Nov 2017 14:46:31 +0100 Subject: ma lancache-dns: fix local-ip variable --- makefu/2configs/lanparty/lancache-dns.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix index f03fe8773..5d90d1a99 100644 --- a/makefu/2configs/lanparty/lancache-dns.nix +++ b/makefu/2configs/lanparty/lancache-dns.nix @@ -24,9 +24,9 @@ let local_ip = "192.168.1.10"; extra-config = pkgs.writeText "local.conf" '' server: - local-data: "piratebox. A ${local-ip}" - local-data: "store. A ${local-ip}" - local-data: "share. A ${local-ip}" + local-data: "piratebox. A ${local_ip}" + local-data: "store. A ${local_ip}" + local-data: "share. A ${local_ip}" ''; in { services.unbound = { -- cgit v1.2.3 From 328f9ffdac31e164ca34cadb5db3065ba0456686 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 3 Nov 2017 14:46:54 +0100 Subject: ma lanparty/samba: add new writeable share --- makefu/2configs/lanparty/samba.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix index de834ab16..32a656ad7 100644 --- a/makefu/2configs/lanparty/samba.nix +++ b/makefu/2configs/lanparty/samba.nix @@ -10,9 +10,16 @@ }; services.samba = { enable = true; + enableNmbd = true; shares = { - share-home = { + lanparty = { path = "/data/lanparty/"; + "read only" = "yes"; + browseable = "yes"; + "guest ok" = "yes"; + }; + share = { + path = "/data/lanparty/share"; "read only" = "no"; browseable = "yes"; "guest ok" = "yes"; -- cgit v1.2.3 From 5a25b91d1d0b2380371ead7fee04e33bfa0814af Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:47:36 +0100 Subject: ma tools: add lsof --- makefu/2configs/tools/core.nix | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 8a15ae2e7..eced961be 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -5,38 +5,43 @@ # # essentially `nix-env -q` of the main user { - krebs.per-user.makefu.packages = with pkgs; [ + environment.systemPackages = with pkgs; [ at_spi2_core acpi bc rsync exif file + lsof + which + # fs - ntfs3g + cifs-utils dosfstools + ntfs3g + smartmontools + + # io pv sshpass usbutils p7zip hdparm + + # net + wget + curl inetutils ncftp - mutt tcpdump sysstat - which - weechat wol - tmux iftop + mkpasswd - # storage - smartmontools - cifs-utils - # net - wget - curl + mutt + weechat + tmux # stockholm git -- cgit v1.2.3 From 9f8aa6abaedf8cbf3ce40548b1e52ac45c469c38 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:48:14 +0100 Subject: ma lancache-dns: refactor --- makefu/2configs/lanparty/lancache-dns.nix | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix index 5d90d1a99..498162d13 100644 --- a/makefu/2configs/lanparty/lancache-dns.nix +++ b/makefu/2configs/lanparty/lancache-dns.nix @@ -1,6 +1,17 @@ { pkgs, lib, config, ... }: with import ; let + upstream-server = "8.8.8.8"; + local_ip = "192.168.10.10"; + + extra-config = pkgs.writeText "local.conf" '' + server: + local-data: "piratebox. A ${local_ip}" + local-data: "store. A ${local_ip}" + local-data: "share. A ${local_ip}" + ''; + + # see https://github.com/zeropingheroes/lancache for full docs lancache-dns = pkgs.stdenv.mkDerivation rec { name = "lancache-dns-2017-06-28"; @@ -11,8 +22,9 @@ let rev = "420aa62"; sha256 = "0ik7by7ripdv2avyy5kk9jp1i7rz9ksc8xmg7n9iik365q9pv94m"; }; + phases = [ "unpackPhase" "installPhase" ]; - # here we can chance to edit `includes/proxy-cache-paths.conf` + # here we have the chance to edit `includes/proxy-cache-paths.conf` installPhase = '' mkdir -p $out cp -r * $out/ @@ -20,14 +32,6 @@ let }; stateDir = "/var/lib/unbound"; user = "unbound"; - upstream-server = "8.8.8.8"; - local_ip = "192.168.1.10"; - extra-config = pkgs.writeText "local.conf" '' - server: - local-data: "piratebox. A ${local_ip}" - local-data: "store. A ${local_ip}" - local-data: "share. A ${local_ip}" - ''; in { services.unbound = { enable = true; -- cgit v1.2.3 From 7184c979931af91187617d5b7d7c513e892b17a4 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:48:31 +0100 Subject: ma lancache: make statedir a variable --- makefu/2configs/lanparty/lancache.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix index 3df2e3f59..bcacf2e15 100644 --- a/makefu/2configs/lanparty/lancache.nix +++ b/makefu/2configs/lanparty/lancache.nix @@ -17,15 +17,21 @@ let installPhase = '' mkdir -p $out cp -r * $out/ + rm $out/caches-enabled/* sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ -e '1 idaemon off;' \ + -e 's#/var/lancache#${cfg.statedir}#g' \ $out/nginx.conf + sed -i -e 's#/var/lancache#${cfg.statedir}#g' \ + $out/*/*.conf + ln -s $out/caches-available/* $out/caches-enabled/ ''; }; cfg = { + statedir = "/data/cache"; + group = "nginx-lancache"; user = "nginx-lancache"; - statedir = "/var/lancache"; package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ configureFlags = old.configureFlags ++ [ "--with-http_slice_module" @@ -43,6 +49,7 @@ in { preStart = '' mkdir -p ${cfg.statedir} && cd ${cfg.statedir} + chmod 700 ${cfg.statedir} PATH_CACHE=$PATH_BASE/cache PATH_LOGS=$PATH_BASE/logs -- cgit v1.2.3 From c8ab30951e9780a2bfd10bcb987c46e95d6b93a0 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:49:11 +0100 Subject: ma lanparty/samba: update path --- makefu/2configs/lanparty/samba.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix index 32a656ad7..4176d7b35 100644 --- a/makefu/2configs/lanparty/samba.nix +++ b/makefu/2configs/lanparty/samba.nix @@ -19,7 +19,7 @@ "guest ok" = "yes"; }; share = { - path = "/data/lanparty/share"; + path = "/data/incoming"; "read only" = "no"; browseable = "yes"; "guest ok" = "yes"; -- cgit v1.2.3 From a55be6a344f000aaa86eec32dc84be6c4ab32708 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:49:33 +0100 Subject: ma tools: use upstream u3-tool --- makefu/2configs/tools/sec.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/tools/sec.nix b/makefu/2configs/tools/sec.nix index 817cd9ead..3dc02937d 100644 --- a/makefu/2configs/tools/sec.nix +++ b/makefu/2configs/tools/sec.nix @@ -13,6 +13,6 @@ thc-hydra borgbackup ledger - u3_tool + u3-tool ]; } -- cgit v1.2.3 From 4fa4ee36ee5b9d3d15aa826007dd648e7cd5860e Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:49:47 +0100 Subject: ma lanparty: add mumble-server --- makefu/2configs/lanparty/mumble-server.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 makefu/2configs/lanparty/mumble-server.nix (limited to 'makefu') diff --git a/makefu/2configs/lanparty/mumble-server.nix b/makefu/2configs/lanparty/mumble-server.nix new file mode 100644 index 000000000..5b9631cd1 --- /dev/null +++ b/makefu/2configs/lanparty/mumble-server.nix @@ -0,0 +1,12 @@ +{ config, ... }: +{ + networking.firewall.allowedTCPPorts = [ 64738 ]; + networking.firewall.allowedUDPPorts = [ 64738 ]; + services.murmur = { + enable = true; + welcometext = "Welcome to the LANest Party mumble server"; + bonjour = true; + hostName = "0.0.0.0"; + sendVersion = true; + }; +} -- cgit v1.2.3 From 6d2bcf3929e1a01f22f11fbe93dbfb47d68f9311 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:50:42 +0100 Subject: ma darth: use for lan partying --- makefu/1systems/darth/config.nix | 41 +++++++++++----------------------------- 1 file changed, 11 insertions(+), 30 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix index 7accb13d3..046c1574c 100644 --- a/makefu/1systems/darth/config.nix +++ b/makefu/1systems/darth/config.nix @@ -2,6 +2,8 @@ with import ; let + # all the good stuff resides in /data + byid = dev: "/dev/disk/by-id/" + dev; rootDisk = byid "ata-INTEL_SSDSC2BW480H6_CVTR53120385480EGN"; bootPart = rootDisk + "-part1"; @@ -21,44 +23,23 @@ in { - - - # SIEM - # - # {services.tinc.networks.siem = { - # name = "sdarth"; - # extraConfig = "ConnectTo = sjump"; - # }; - # } + # - # { - # makefu.forward-journal = { - # enable = true; - # src = "10.8.10.2"; - # dst = "10.8.10.6"; - # }; - # } - - ## Sharing - # - #{ - # services.samba.shares = { - # isos = { - # path = "/data/isos/"; - # "read only" = "yes"; - # browseable = "yes"; - # "guest ok" = "yes"; - # }; - # }; - #} + + # lan party + + + + + ]; #networking.firewall.enable = false; makefu.server.primary-itf = "enp0s25"; - krebs.hidden-ssh.enable = true; + # krebs.hidden-ssh.enable = true; boot.kernelModules = [ "coretemp" "f71882fg" ]; hardware.enableAllFirmware = true; nixpkgs.config.allowUnfree = true; -- cgit v1.2.3 From f45a5057aa6584177064622ba13f53e59238dae8 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:52:06 +0100 Subject: ma lanparty/lancache-dns: add documentation --- makefu/2configs/lanparty/lancache-dns.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix index 498162d13..c9da7c4c4 100644 --- a/makefu/2configs/lanparty/lancache-dns.nix +++ b/makefu/2configs/lanparty/lancache-dns.nix @@ -2,6 +2,8 @@ with import ; let upstream-server = "8.8.8.8"; + # make sure the router pins the ip address to the deployed host + # and set it as dns server ( dhcp option 6,192.168.10.10 ) local_ip = "192.168.10.10"; extra-config = pkgs.writeText "local.conf" '' -- cgit v1.2.3 From bf7d2f52fd36b47bad03bd85451eb12c79c3a7ae Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:54:44 +0100 Subject: ma tsp.r: is now acer aspire timeline 1810tz --- makefu/1systems/tsp/config.nix | 42 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 37 insertions(+), 5 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 75a11d3a7..7b751e514 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -1,20 +1,20 @@ # # # -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { imports = [ # Include the results of the hardware scan. - + + # hardware specifics are in here # imports tp-x2x0.nix - + # - - + # @@ -22,9 +22,41 @@ ]; # not working in vm krebs.build.host = config.krebs.hosts.tsp; + boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; + boot.loader.grub.copyKernels = true; networking.firewall.allowedTCPPorts = [ 25 ]; + # acer aspire + networking.wireless.enable = lib.mkDefault true; + + hardware.enableAllFirmware = true; + nixpkgs.config.allowUnfree = true; + + hardware.cpu.intel.updateMicrocode = true; + + zramSwap.enable = true; + zramSwap.numDevices = 2; + + services.tlp.enable = true; + services.tlp.extraConfig = '' + # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery + START_CHARGE_THRESH_BAT0=67 + STOP_CHARGE_THRESH_BAT0=100 + + + CPU_SCALING_GOVERNOR_ON_AC=performance + CPU_SCALING_GOVERNOR_ON_BAT=ondemand + CPU_MIN_PERF_ON_AC=0 + CPU_MAX_PERF_ON_AC=100 + CPU_MIN_PERF_ON_BAT=0 + CPU_MAX_PERF_ON_BAT=30 + ''; + + powerManagement.resumeCommands = '' + ${pkgs.rfkill}/bin/rfkill unblock all + ''; + } -- cgit v1.2.3 From 36ad27a8ad1032afb57f765f5ef7701e7de7ab6b Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Nov 2017 10:55:09 +0100 Subject: ma backup: also backup /var/download from gum --- makefu/2configs/backup.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'makefu') diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix index 166365ba0..a4d02af6b 100644 --- a/makefu/2configs/backup.nix +++ b/makefu/2configs/backup.nix @@ -31,6 +31,19 @@ in { krebs.backup.plans = { # wry-to-omo_root = defaultPull config.krebs.hosts.wry "/"; gum-to-omo_root = defaultPull config.krebs.hosts.gum "/"; + gum-dl-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/download" )// + { + dst.path = "/media/cryptX/backup/gum/var-download"; + dst.host = defaultBackupServer; + startAt = "19:00"; + }; + gum-owncloud-to-omo_external = (defaultPull config.krebs.hosts.gum "/var/www/o.euer.krebsco.de" )// + { + dst.path = "/media/cryptX/backup/gum/var-www-o.euer.krebsco.de"; + dst.host = defaultBackupServer; + + startAt = "05:00"; + }; # wolf-to-omo_root = defaultPull config.krebs.hosts.wolf "/"; }; environment.systemPackages = [ -- cgit v1.2.3