alnus: init

author: tv <tv@krebsco.de> 2016-07-17 19:55:38 +0200
committer: tv <tv@krebsco.de> 2016-07-17 22:19:00 +0200
commit: e2157dade8a359f81b1e6260f3c9c6e8d36360e5 (patch)
tree: c97676549b66924471cda7e54e10cd8259c6ebe5
parent: 14ccdf48b61e400fd45e180cd0a16e8f99bd0678 (diff)
2 files changed, 130 insertions, 0 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 075066961..d04f1cab2 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -7,6 +7,30 @@ with config.krebs.lib;
     "viljetic.de" = "regfish";
   };
   hosts = mapAttrs (_: setAttr "owner" config.krebs.users.tv) {
+    alnus = {
+      cores = 2;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.21.1";
+          ip6.addr = "42:0:0:0:0:0:0:2101";
+          aliases = [
+            "alnus.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEAyDGucukxY1xFSkqDaicpiCXZe3NX1Max7N+E9PKXO2yE0EFoGdUP
+            /4hZFO9IbteDwlsTd/RQIhhUWF818TLWzwasUxgmqBFN4d23IIDLHJxgRZ8cPzAs
+            gmBWwnVWRetDETc6HZK6m2rLU6PG53rRLvheZHW/B9nSfUp7n+puehJdGLnBQ8W+
+            q5d/yUmN8hqS6h62yfAZEJSr7Gh/AW6Irmf3gjKRJlRmD2z28hR5tFH+Q/ulxJXQ
+            rNVzusASjRBO9VYOSWnNWI3Zl9vaUtbtEnvyl3PaV9N3gcHzB2HHlyDIotjqXvxU
+            cPLMN0lWOZeDae/9SDT62l/YuETYQo6TxwIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+      ssh.privkey.path = <secrets/ssh.id_rsa>;
+      ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q==";
+    };
     caxi = {
       cores = 2;
       extraZones = {
@@ -391,6 +415,9 @@ with config.krebs.lib;
     };
   };
   users = {
+    dv = {
+      mail = "dv@alnus.r";
+    };
     mv = {
       mail = "mv@cd.r";
       pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod";
diff --git a/tv/1systems/alnus.nix b/tv/1systems/alnus.nix
new file mode 100644
index 000000000..360390c09
--- /dev/null
+++ b/tv/1systems/alnus.nix
@@ -0,0 +1,103 @@
+{ config, pkgs, ... }:
+
+with config.krebs.lib;
+
+{
+  imports = [
+    ../.
+    ../2configs/hw/x220.nix
+    ../2configs/exim-retiolum.nix
+    ../2configs/retiolum.nix
+  ];
+
+  # TODO remove non-hardware stuff from ../2configs/hw/x220.nix
+  # networking.wireless.enable collides with networkmanager
+  networking.wireless.enable = mkForce false;
+
+  boot = {
+    initrd = {
+      availableKernelModules = [ "ahci" ];
+      luks = {
+        cryptoModules = [ "aes" "sha512" "xts" ];
+        devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
+      };
+    };
+    loader = {
+      efi.canTouchEfiVariables = true;
+      gummiboot.enable = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    chromium
+    firefoxWrapper
+    networkmanagerapplet
+    pidginotr
+    pidgin-with-plugins
+  ];
+
+  fileSystems = {
+    "/boot" = {
+      device = "/dev/sda1";
+    };
+    "/" = {
+      device = "/dev/mapper/main-root";
+      fsType = "btrfs";
+      options = [ "defaults" "noatime" ];
+    };
+    "/home" = {
+      device = "/dev/mapper/main-home";
+      fsType = "btrfs";
+      options = [ "defaults" "noatime" ];
+    };
+  };
+
+  hardware = {
+    enableAllFirmware = true;
+    opengl.driSupport32Bit = true;
+    pulseaudio.enable = true;
+  };
+
+  i18n.defaultLocale = "de_DE.UTF-8";
+
+  krebs.build = {
+    host = config.krebs.hosts.alnus;
+    user = mkForce config.krebs.users.dv;
+    source.nixpkgs.git.ref = mkForce "d7450443c42228832c68fba203a7c15cfcfb264e";
+  };
+
+  networking.networkmanager.enable = true;
+
+  nixpkgs.config = {
+    allowUnfree = true;
+    chromium.enablePepperFlash = true;
+    firefox.enableAdobeFlash = true;
+  };
+
+  services.xserver = {
+    enable = true;
+    layout = "de";
+    xkbOptions = "eurosign:e";
+    synaptics = {
+      enable = true;
+      twoFingerScroll = true;
+    };
+    desktopManager.xfce.enable = true;
+    displayManager.auto = {
+      enable = true;
+      user = "dv";
+    };
+  };
+
+  swapDevices =[ ];
+
+  users.users.dv = {
+    inherit (config.krebs.users.dv) home uid;
+    isNormalUser = true;
+    extraGroups = [
+      "audio"
+      "video"
+      "networkmanager"
+    ];
+  };
+}
author	tv <tv@krebsco.de>	2016-07-17 19:55:38 +0200
committer	tv <tv@krebsco.de>	2016-07-17 22:19:00 +0200
commit	e2157dade8a359f81b1e6260f3c9c6e8d36360e5 (patch)
tree	c97676549b66924471cda7e54e10cd8259c6ebe5
parent	14ccdf48b61e400fd45e180cd0a16e8f99bd0678 (diff)