diff options
| author | jeschli <jeschli@gmail.com> | 2018-12-28 14:48:30 +0100 |
|---|---|---|
| committer | jeschli <jeschli@gmail.com> | 2018-12-28 14:48:30 +0100 |
| commit | 06b6454af78e8236a67d69cab94f62c32054be47 (patch) | |
| tree | 749fd6025d2e799314cf46d51027dc23fb19c7b8 | |
| parent | 8605ac91ae3a3859ab906a5fa2e9b0e3dfcd6e1e (diff) | |
| parent | fb254e60949f029cc7cb48764093b49932d0acde (diff) | |
Merge branch 'master' of prism.r:stockholm
50 files changed, 646 insertions, 263 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 02d28ddc8..baa49dbe0 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -8,31 +8,151 @@ with import <stockholm/lib>; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); + ssh-for = name: builtins.readFile (./ssh + "/${name}.pub"); + tinc-for = name: builtins.readFile (./tinc + "/${name}.pub"); in { hosts = mapAttrs hostDefaults { - sokrateslaptop = { - owner = config.krebs.users.sokratess; - nets = { + dpdkm = { + owner = config.krebs.users.Mic92; + nets = rec { retiolum = { - ip4.addr = "10.243.142.104"; - aliases = [ - "sokrateslaptop.r" + ip4.addr = "10.243.29.173"; + aliases = [ "dpdkm.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj + NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp + qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP + X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn + f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa + bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL + Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T + B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w + tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n + dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls + mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + eddie = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eddie.thalheim.io + ip4.addr = "129.215.197.11"; + aliases = [ "eddie.i" ]; + }; + retiolum = { + via = internet; + addrs = [ + config.krebs.hosts.eddie.nets.retiolum.ip4.addr + config.krebs.hosts.eddie.nets.retiolum.ip6.addr ]; + ip4.addr = "10.243.29.170"; + aliases = [ "eddie.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 - t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ - rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW - egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 - aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V - VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d + j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm + 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF + 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua + KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq + iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t + 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD + kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u + hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay + pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ + lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.subnets = [ + # edinburgh university + "129.215.0.0/16" + ]; + }; + }; + }; + eve = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eve.thalheim.io + ip4.addr = "188.68.39.17"; + ip6.addr = "2a03:4000:13:31e::1"; + aliases = [ "eve.i" ]; + }; + retiolum = { + via = internet; + addrs = [ + config.krebs.hosts.eve.nets.retiolum.ip4.addr + config.krebs.hosts.eve.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.174"; + aliases = [ "eve.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH + XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82 + 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk + 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI + +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3 + dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW + pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP + c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi + YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI + 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13 + Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ== -----END RSA PUBLIC KEY----- ''; }; }; }; + homeros = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.1"; + aliases = [ + "homeros.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd + ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc + 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v + RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd + vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3 + +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc + QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm + fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh + VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7 + k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX + gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N + mJ/hywVtvLxNkNimyztoKKMCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + justraute = { + owner = config.krebs.users.raute; # laptop + nets = { + retiolum = { + ip4.addr = "10.243.183.231"; + aliases = [ + "justraute.r" + ]; + tinc.pubkey = tinc-for "justraute"; + }; + }; + }; kruck = { owner = config.krebs.users.palo; nets = { @@ -59,6 +179,55 @@ in { }; }; }; + qubasa = { + owner = config.krebs.users.qubasa; + nets = { + retiolum = { + ip4.addr = "10.243.29.175"; + aliases = [ "qubasa.r" ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6ioASTOx6Vndp316u89Z + f+9WgfyVGw9deP2pQjoHnsPjBqRrsDCQGFO/U1ILQn0AWskQpHWHRir7Q6cI90jm + 8MqqGVymVFbeYbrOLHLjp+2fle9iU9DfST4O76TQwF/3elLf3tpGFS8EB+qF3Ig7 + aVOf5TuHPWWj6VtGTuWW9I8MsPnNykyRstlWXEztIs2zQrc0cO1IGd1QVarDGqTs + KR4Zm7PvF7U193NzPLaH6jcdjF37FETLrNxAu88M+YnvXBp4oRHeJmvBloazpH0v + aSb3+vNRlViMSlf9ImpAHlFRyvYYDAWlIY0nyeNUJna1ImGloSStLtBAhFAwc65j + kmrXeK3TVAoGZQOvSbjFmI/nBgfHEOnz/9aRVHGUNoQ/nAM6UhALFEZV6sdjX6W4 + 3p670DEO5fiI3fqqErkscbv8zSEjfmxV4YGMXVMw8Ub87fGwQEF17uDLeqD0k9AB + 7umwrWP53YffauAqinma0I6RcLRVRfJ2vhyBH1mKwAAW55WU6DpBTydy46kxy/Oz + k9Cnxw7oMydUAAdnf5Axgs+dcx43lnXvGsoHi4lZycYhqtPe2YI152HAbGfmrixV + Slzh8aiinBkLYW2VzJNTRmHvB3njjeua4/guXwe00G7MIs3UDMIieJNcVxb+E07v + vF2rqhqU9b+1MQRhIPsBf4cCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + rock = { + owner = config.krebs.users.Mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.171"; + aliases = [ "rock.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM + DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7 + HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh + mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf + Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M + Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD + 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4 + fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv + 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav + ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q + cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; scardanelli = { owner = config.krebs.users.kmein; nets = { @@ -86,33 +255,40 @@ in { }; }; }; - homeros = { - owner = config.krebs.users.kmein; + sokrateslaptop = { + owner = config.krebs.users.sokratess; nets = { retiolum = { - ip4.addr = "10.243.2.1"; + ip4.addr = "10.243.142.104"; aliases = [ - "homeros.r" + "sokrateslaptop.r" ]; tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd - ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc - 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v - RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd - vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3 - +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc - QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm - fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh - VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7 - k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX - gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N - mJ/hywVtvLxNkNimyztoKKMCAwEAAQ== - -----END PUBLIC KEY----- + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 + t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ + rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW + egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 + aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V + VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + -----END RSA PUBLIC KEY----- ''; }; }; }; + tpsw = { + cores = 2; + owner = config.krebs.users.ciko; # main laptop + nets = { + retiolum = { + ip4.addr = "10.243.183.236"; + aliases = [ + "tpsw.r" + ]; + tinc.pubkey = tinc-for "tpsw"; + }; + }; + }; turingmachine = { owner = config.krebs.users.Mic92; nets = { @@ -139,68 +315,6 @@ in { }; }; }; - eddie = { - owner = config.krebs.users.Mic92; - nets = rec { - internet = { - # eddie.thalheim.io - ip4.addr = "129.215.197.11"; - aliases = [ "eddie.i" ]; - }; - retiolum = { - via = internet; - addrs = [ - config.krebs.hosts.eddie.nets.retiolum.ip4.addr - config.krebs.hosts.eddie.nets.retiolum.ip6.addr - ]; - ip4.addr = "10.243.29.170"; - aliases = [ "eddie.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d - j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm - 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF - 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua - KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq - iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t - 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD - kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u - hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay - pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ - lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - tinc.subnets = [ - # edinburgh university - "129.215.0.0/16" - ]; - }; - }; - }; - rock = { - owner = config.krebs.users.Mic92; - nets = { - retiolum = { - ip4.addr = "10.243.29.171"; - aliases = [ "rock.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM - DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7 - HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh - mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf - Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M - Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD - 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4 - fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv - 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav - ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q - cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; inspector = { owner = config.krebs.users.Mic92; nets = rec { @@ -230,77 +344,51 @@ in { }; }; }; - dpdkm = { - owner = config.krebs.users.Mic92; - nets = rec { - retiolum = { - ip4.addr = "10.243.29.173"; - aliases = [ "dpdkm.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj - NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp - qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP - X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn - f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa - bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL - Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T - B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w - tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n - dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls - mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - eve = { - owner = config.krebs.users.Mic92; - nets = rec { - internet = { - # eve.thalheim.io - ip4.addr = "188.68.39.17"; - ip6.addr = "2a03:4000:13:31e::1"; - aliases = [ "eve.i" ]; - }; - retiolum = { - via = internet; - addrs = [ - config.krebs.hosts.eve.nets.retiolum.ip4.addr - config.krebs.hosts.eve.nets.retiolum.ip6.addr - ]; - ip4.addr = "10.243.29.174"; - aliases = [ "eve.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH - XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82 - 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk - 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI - +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3 - dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW - pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP - c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi - YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI - 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13 - Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; + miaoski = { + owner = config.krebs.users.miaoski; + nets = { + wiregrill = { + aliases = [ "miaoski.w" ]; + wireguard = { + pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4="; + }; }; }; }; }; users = { - Mic92 = { - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE"; - mail = "joerg@higgsboson.tk"; + ciko = { + mail = "wieczorek.stefan@googlemail.com"; + }; + exco = { + mail = "dickbutt@excogitation.de"; + pubkey = ssh-for "exco"; }; kmein = { + mail = "kieran.meinhardt@gmail.com"; + pubkey = ssh-for "kmein"; + }; + Mic92 = { + mail = "joerg@higgsboson.tk"; + pubkey = ssh-for "Mic92"; }; palo = { }; + qubasa = { + mail = "luis.nixos@gmail.com"; + }; + raute = { + mail = "macxylo@gmail.com"; + pubkey = ssh-for "raute"; + }; sokratess = { }; + ulrich = { + mail = "shackspace.de@myvdr.de"; + pubkey = ssh-for "ulrich"; + }; + miaoski = { + }; }; } diff --git a/krebs/3modules/external/ssh/Mic92.pub b/krebs/3modules/external/ssh/Mic92.pub new file mode 100644 index 000000000..600709c78 --- /dev/null +++ b/krebs/3modules/external/ssh/Mic92.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE diff --git a/krebs/3modules/makefu/ssh/exco.pub b/krebs/3modules/external/ssh/exco.pub index cab884c0c..cab884c0c 100644 --- a/krebs/3modules/makefu/ssh/exco.pub +++ b/krebs/3modules/external/ssh/exco.pub diff --git a/krebs/3modules/external/ssh/kmein.pub b/krebs/3modules/external/ssh/kmein.pub new file mode 100644 index 000000000..5711a2c1c --- /dev/null +++ b/krebs/3modules/external/ssh/kmein.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com diff --git a/krebs/3modules/external/ssh/raute.pub b/krebs/3modules/external/ssh/raute.pub new file mode 100644 index 000000000..69b4d3d10 --- /dev/null +++ b/krebs/3modules/external/ssh/raute.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH385gr3BAKJ92k1FaOLx2wFMgDFTmupOcww5g/bEAsO raute@wolf diff --git a/krebs/3modules/makefu/ssh/ulrich.pub b/krebs/3modules/external/ssh/ulrich.pub index 8ac69004c..8ac69004c 100644 --- a/krebs/3modules/makefu/ssh/ulrich.pub +++ b/krebs/3modules/external/ssh/ulrich.pub diff --git a/krebs/3modules/external/tinc/justraute.pub b/krebs/3modules/external/tinc/justraute.pub new file mode 100644 index 000000000..b4af349b7 --- /dev/null +++ b/krebs/3modules/external/tinc/justraute.pub @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0FJ2Wh7y8lgXOLXR2VQh +BsERf4uoWQ2UZexxv5bo6H9aYmyc+pA7q9ScP+ljKIXHLG3RbskIDFJLfs2HHS2u +rCD3Pv71Ihx8fgmP7VdJktvFV8uBbDk2YF28Kd198ggEPL9ki1+LKzauTv0CCBcK +O78VgN8v+l42v+oQSFk30FBYCpvld39dv74etb4/T4zmn7H3RNH+gPU1T0dge4yu +xdlCk4TmNXWcw3cDvcCDDJFblH100IWRZ8enH4wHC5LvSKcYCqiiILsKAPuS8/J0 +cUePfRln1ZJDvR8AlO8ejRU7PC7550JbyqRbu0oAro2fLz7BOAJi6v8SbPU4GUaT +uFDwJsIqcRnnC8a7N4DouDyUUnTWdTtuDtl0R/I9SYY/u4MhgmFI8bribhwDMmdC +V7UM+023cC/mM9TqCPP0xdy3oiTXRyWk9aNEWep4box/VXmNsJ0hjeIi/W06eXBZ +0j5T3wKnuxSzktyhq8Jt4zJEuarBfwGBcxNf+3CHuKjfN7SAxmQZCRwS/2cPcNDS +HkApVsqTdOuLaXnoCJQyxvMQt70OCXmOs/bk0ZAcqNRJ+gYot1duplB+15+ro07j +3sLbwUMsfpC40CnHd3s1w74/5l1DAc9Mo4I5xX0QH7PCgVzJ9wEctonaItWzT/q4 +vElG9ULoGQb0prlJC35i738CAwEAAQ== +-----END PUBLIC KEY----- diff --git a/krebs/3modules/external/tinc/tpsw.pub b/krebs/3modules/external/tinc/tpsw.pub new file mode 100644 index 000000000..38b0cb293 --- /dev/null +++ b/krebs/3modules/external/tinc/tpsw.pub @@ -0,0 +1,8 @@ +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ +Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML +WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl +OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM +0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd +pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 1117dc61c..630c14f18 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -91,14 +91,16 @@ in { }; wiregrill = { via = internet; - ip4.addr = "10.244.1.1"; ip6.addr = w6 "1"; aliases = [ "prism.w" ]; wireguard = { pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk="; - subnets = [ "10.244.1.0/24" "42:1::/32" ]; + subnets = [ + (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR + (krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR + ]; }; }; }; @@ -274,7 +276,7 @@ in { nets = rec { retiolum = { ip4.addr = "10.243.133.115"; - ip6.addr = r6 "dead"; + ip6.addr = r6 "daed"; aliases = [ "daedalus.r" "cgit.daedalus.r" @@ -290,8 +292,14 @@ in { -----END RSA PUBLIC KEY----- ''; }; + wiregrill = { + ip6.addr = w6 "daed"; + aliases = [ + "daedalus.w" + ]; + wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI="; + }; }; - secure = true; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g"; }; @@ -470,7 +478,6 @@ in { phone = { nets = { wiregrill = { - ip4.addr = "10.244.1.2"; ip6.addr = w6 "a"; aliases = [ "phone.w" diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index befec2156..e60bbee70 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -992,57 +992,6 @@ in { }; }; }; - } // { # hosts only maintained in stockholm, not owned by me - muhbaasu = rec { - owner = config.krebs.users.root; - cores = 1; - nets = { - internet = { - ip4.addr = "217.160.206.154"; - aliases = [ - "muhbaasu.i" - ]; - }; - retiolum = { - ip4.addr = "10.243.139.184"; - aliases = [ - "muhbaasu.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0f4C4xKXpnyV1ig03O2Kef8ag+/5WGkW90uxEBb/h5NY9barex+Z - KqVbkPdHhwoCIINuCVcOnJXzeo0FZtSEq3zVhscVm0PVdNfjct8a9KMsK0iUmuul - 5WD9Glh5/1wkEmbRfVxDErhssz1b8YmFOAGQn+ujO/Znn3BLv36uKQvpqU2y5bzb - +rVnq3eE1bCSeuj41bgEve8+vxpforjLO6gbE91mwp3Ol6nkkp6CjpG+aFTuLCAj - YR0MIl2gGwskOGSI38QxlLouOlIGwus5f+KfC94ZP0pMwu5pT45UOUkVnlBXuZ9E - igNHG2Vtm76nB3yYHndOvuDTOufatX61dQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; - tpsw = { - cores = 2; - owner = config.krebs.users.ciko; # main laptop - nets = { - retiolum = { - ip4.addr = "10.243.183.236"; - aliases = [ - "tpsw.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ - Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML - WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl - OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM - 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd - pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; }; users = rec { makefu = { @@ -1079,16 +1028,5 @@ in { inherit (makefu) mail pgp; pubkey = pub-for "makefu.bob"; }; - ciko = { - mail = "wieczorek.stefan@googlemail.com"; - }; - ulrich = { - pubkey = pub-for "ulrich"; - mail = "shackspace.de@myvdr.de"; - }; - exco = { - mail = "dickbutt@excogitation.de"; - pubkey = pub-for "exco"; - }; }; } diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 0683492bc..a20801b12 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -1,12 +1,30 @@ with import <stockholm/lib>; { config, ... }: let - hostDefaults = hostName: host: flip recursiveUpdate host ({ - owner = config.krebs.users.tv; - } // optionalAttrs (host.nets?retiolum) { - nets.retiolum.ip6.addr = - (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; - }); + hostDefaults = hostName: host: foldl' recursiveUpdate {} [ + { + owner = config.krebs.users.tv; + } + (optionalAttrs (host.nets?retiolum) { + nets.retiolum = { + ip6.addr = + (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; + }; + }) + (let + pubkey-path = ./wiregrill + "/${hostName}.pub"; + in optionalAttrs (pathExists pubkey-path) { + nets.wiregrill = { + aliases = [ + "${hostName}.w" + ]; + ip6.addr = + (krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address; + wireguard.pubkey = readFile pubkey-path; + }; + }) + host + ]; in { dns.providers = { @@ -103,6 +121,9 @@ in { -----END RSA PUBLIC KEY----- ''; }; + wiregrill.wireguard.subnets = [ + (krebs.genipv6 "wiregrill" "tv" 0).subnetCIDR + ]; }; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; }; diff --git a/krebs/3modules/tv/wiregrill/alnus.pub b/krebs/3modules/tv/wiregrill/alnus.pub new file mode 100644 index 000000000..de85e54da --- /dev/null +++ b/krebs/3modules/tv/wiregrill/alnus.pub @@ -0,0 +1 @@ +w7+6kMf1P3Ka0kXXY4CCbr80TrWPYpe/zd13yuvz9SE= diff --git a/krebs/3modules/tv/wiregrill/mu.pub b/krebs/3modules/tv/wiregrill/mu.pub new file mode 100644 index 000000000..18edc8986 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/mu.pub @@ -0,0 +1 @@ +4bboT+cZM1BYvNho9oKbO0MFnPFTvmASR+1IdV4/fwQ= diff --git a/krebs/3modules/tv/wiregrill/ni.pub b/krebs/3modules/tv/wiregrill/ni.pub new file mode 100644 index 000000000..257b29833 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/ni.pub @@ -0,0 +1 @@ +KiIiwkuin+E4FXqFajJjnoGKkHW3H3FzIx5EQrF1+lw= diff --git a/krebs/3modules/tv/wiregrill/nomic.pub b/krebs/3modules/tv/wiregrill/nomic.pub new file mode 100644 index 000000000..be9c94be6 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/nomic.pub @@ -0,0 +1 @@ +UgvgarDtuSvbciNx5SU2NDbctb9/OTQ9Kr8H/O3931A= diff --git a/krebs/3modules/tv/wiregrill/querel.pub b/krebs/3modules/tv/wiregrill/querel.pub new file mode 100644 index 000000000..2273cf99d --- /dev/null +++ b/krebs/3modules/tv/wiregrill/querel.pub @@ -0,0 +1 @@ +sxaqrsqcDgdM3+QH6mxzqDs3SLWgm7J8AytpIbRZ2n0= diff --git a/krebs/3modules/tv/wiregrill/wu.pub b/krebs/3modules/tv/wiregrill/wu.pub new file mode 100644 index 000000000..0d25d9de9 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/wu.pub @@ -0,0 +1 @@ +68bL6l3/sjbirva80tm0Dw6/PJu1S95nJC58gWCh42E= diff --git a/krebs/3modules/tv/wiregrill/xu.pub b/krebs/3modules/tv/wiregrill/xu.pub new file mode 100644 index 000000000..ba0c7dd04 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/xu.pub @@ -0,0 +1 @@ +XU76RFN0jG/YjffAPg3e3VuHF/iKMvVoRhHmixvLL1s= diff --git a/krebs/3modules/tv/wiregrill/zu.pub b/krebs/3modules/tv/wiregrill/zu.pub new file mode 100644 index 000000000..0238dd653 --- /dev/null +++ b/krebs/3modules/tv/wiregrill/zu.pub @@ -0,0 +1 @@ +WrILdnsketejrJuYM/sLEh89GdSVbddv8BG/D3sW7kw= diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 61fd085be..821c79cde 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "5d4a1a3897e2d674522bcb3aa0026c9e32d8fd7c", - "date": "2018-11-24T00:40:22-05:00", - "sha256": "19kryzx9a6x68mpyxks3dajraf92hkbnw1zf952k73s2k4qw9jlq", + "rev": "b9fa31cea0e119ecf1867af4944ddc2f7633aacd", + "date": "2018-12-22T15:37:52+00:00", + "sha256": "1iqdra7nvcwbydjirjsk71rpzk4ljc0gzqy33fcp8l18y8iwh47k", "fetchSubmodules": false } diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 305b3f70e..e28fbf2f8 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -6,9 +6,8 @@ with import <stockholm/lib>; <stockholm/lass> <stockholm/lass/2configs/retiolum.nix> - <stockholm/lass/2configs/games.nix> - <stockholm/lass/2configs/steam.nix> <stockholm/lass/2configs/backup.nix> + <stockholm/lass/2configs/nfs-dl.nix> { # bubsy config users.users.bubsy = { @@ -72,6 +71,7 @@ with import <stockholm/lib>; #remote control environment.systemPackages = with pkgs; [ x11vnc + torbrowser ]; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; } diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 46cdbbb66..b39f03df9 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -147,6 +147,7 @@ with import <stockholm/lib>; OnCalendar = "00:37"; }; + nixpkgs.config.android_sdk.accept_license = true; programs.adb.enable = true; users.users.mainUser.extraGroups = [ "adbusers" "docker" ]; virtualisation.docker.enable = true; diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 6c454b4ac..df2778bef 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -82,6 +82,13 @@ with import <stockholm/lib>; ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ]; }; + users.users.kmein = { + uid = genid_uint31 "kmein"; + isNormalUser = true; + openssh.authorizedKeys.keys = [ + config.krebs.users.kmein.pubkey + ]; + }; } { #hotdog @@ -309,7 +316,7 @@ with import <stockholm/lib>; { precedence = 1000; predicate = "-i retiolum -o wiregrill"; target = "ACCEPT"; } ]; krebs.iptables.tables.nat.POSTROUTING.rules = [ - { v4 = false; predicate = "-s 42:1:ce16::/48 ! -d 42:1:ce16::48"; target = "MASQUERADE"; } + { v4 = false; predicate = "-s 42:1::/32 ! -d 42:1::/48"; target = "MASQUERADE"; } { v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; } ]; services.dnsmasq = { @@ -390,6 +397,28 @@ with import <stockholm/lib>; ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || : chown download: /var/download/finished ''; + + fileSystems."/export/download" = { + device = "/var/lib/containers/yellow/var/download"; + options = [ "bind" ]; + }; + services.nfs.server = { + enable = true; + exports = '' + /export 42::/16(insecure,ro,crossmnt) + ''; + lockdPort = 4001; + mountdPort = 4002; + statdPort = 4000; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; } + { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; } + ]; } ]; diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 1b6a1d593..1f2bb511f 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -9,6 +9,7 @@ in { ./power-action.nix ./copyq.nix ./urxvt.nix + ./nfs-dl.nix { hardware.pulseaudio = { enable = true; diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 1acfe5056..f487a9910 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -95,6 +95,7 @@ with import <stockholm/lib>; { from = "lesswrong@lassul.us"; to = lass.mail; } { from = "nordvpn@lassul.us"; to = lass.mail; } { from = "csv-direct@lassul.us"; to = lass.mail; } + { from = "nintendo@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/nfs-dl.nix b/lass/2configs/nfs-dl.nix new file mode 100644 index 000000000..abbcc1d42 --- /dev/null +++ b/lass/2configs/nfs-dl.nix @@ -0,0 +1,7 @@ +{ + fileSystems."/mnt/prism" = { + device = "prism.w:/export"; + fsType = "nfs"; + }; +} + diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index ce7df4bfb..25dac0ac4 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -135,6 +135,7 @@ in { "jla-trading.com" "ubikmedia.eu" "ubikmedia.de" + "alewis.de" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 17af0d00d..307f1c2b3 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -63,6 +63,9 @@ in { locations."= /retiolum.hosts".extraConfig = '' alias ${pkgs.retiolum-hosts}; ''; + locations."= /wireguard-key".extraConfig = '' + alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey}; + ''; locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix index 897e35e61..10a6e4643 100644 --- a/lass/2configs/websites/sqlBackup.nix +++ b/lass/2configs/websites/sqlBackup.nix @@ -20,9 +20,7 @@ lass.mysqlBackup = { enable = true; - config.all = { - password = toString (<secrets/mysql_rootPassword>); - }; + config.all = {}; }; } diff --git a/lass/2configs/wiregrill.nix b/lass/2configs/wiregrill.nix index b2ee35df3..0183bd4e5 100644 --- a/lass/2configs/wiregrill.nix +++ b/lass/2configs/wiregrill.nix @@ -37,7 +37,7 @@ in mkIf (hasAttr "wiregrill" config.krebs.build.host.nets) { ; endpoint = mkIf (!isNull host.nets.wiregrill.via) (host.nets.wiregrill.via.ip4.addr + ":${toString host.nets.wiregrill.wireguard.port}"); persistentKeepalive = mkIf (!isNull host.nets.wiregrill.via) 61; - publicKey = host.nets.wiregrill.wireguard.pubkey; + publicKey = (replaceStrings ["\n"] [""] host.nets.wiregrill.wireguard.pubkey); }) (filterAttrs (_: h: hasAttr "wiregrill" h.nets) config.krebs.hosts); }; diff --git a/lass/3modules/mysql-backup.nix b/lass/3modules/mysql-backup.nix index d2ae67171..516f96c34 100644 --- a/lass/3modules/mysql-backup.nix +++ b/lass/3modules/mysql-backup.nix @@ -41,7 +41,7 @@ let }; location = mkOption { type = str; - default = "/bku/sql_dumps"; + default = "/backups/sql_dumps"; }; }; })); @@ -51,11 +51,9 @@ let imp = { - #systemd.timers = - # mapAttrs (_: plan: { - # wantedBy = [ "timers.target" ]; - # timerConfig = plan.timerConfig; - #}) cfg.config; + services.mysql.ensureUsers = [ + { ensurePermissions = { "*.*" = "ALL"; }; name = "root"; } + ]; systemd.services = mapAttrs' (_: plan: nameValuePair "mysqlBackup-${plan.name}" { @@ -75,8 +73,10 @@ let start = plan: let - backupScript = plan: db: - "mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz"; + backupScript = plan: db: '' + mkdir -p ${plan.location} + mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz + ''; in pkgs.pkgs.writeDash "mysqlBackup.${plan.name}" '' ${concatMapStringsSep "\n" (backupScript plan) plan.databases} diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 79e6416e1..483e37bc8 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -11,10 +11,7 @@ pkgs.writeHaskellPackage "xmonad-lass" { "xmonad-stockholm" ]; text = /* haskell */ '' -{-# LANGUAGE DeriveDataTypeable #-} -- for XS -{-# LANGUAGE FlexibleContexts #-} -- for xmonad' {-# LANGUAGE LambdaCase #-} -{-# LANGUAGE ScopedTypeVariables #-} module Main where @@ -28,7 +25,7 @@ import System.Environment (getArgs, lookupEnv) import System.Exit (exitFailure) import System.IO (hPutStrLn, stderr) import System.Posix.Process (executeFile) -import XMonad.Actions.CopyWindow (copy, kill1) +import XMonad.Actions.CopyWindow (copy, copyToAll, kill1) import XMonad.Actions.CycleWS (toggleWS) import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace) import XMonad.Actions.DynamicWorkspaces (withWorkspace) @@ -149,6 +146,8 @@ myKeyMap = , ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show") + , ("M4-<F2>", windows copyToAll) + , ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" '' export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index dcfa3d0e5..97b4555a5 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -21,6 +21,7 @@ in { ]; }; } + <stockholm/makefu/2configs/support-nixos.nix> # <stockholm/makefu/2configs/stats/client.nix> <stockholm/makefu/2configs/stats/netdata-server.nix> @@ -131,6 +132,7 @@ in { <stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix> <stockholm/makefu/2configs/bgt/hidden_service.nix> + <stockholm/makefu/2configs/bgt/backup.nix> # <stockholm/makefu/2configs/logging/client.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 81b1e0ea1..ac2677b7f 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -11,6 +11,7 @@ in { ./hw/omo.nix #./hw/tsp.nix <stockholm/makefu> + <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/backup/state.nix> <stockholm/makefu/2configs/exim-retiolum.nix> diff --git a/makefu/2configs/bgt/backup.nix b/makefu/2configs/bgt/backup.nix new file mode 100644 index 000000000..3b9baadef --- /dev/null +++ b/makefu/2configs/bgt/backup.nix @@ -0,0 +1,20 @@ +{ + # Manual steps: + # 1. ssh-copy-id root ssh-key to the remotes you want to back up + # 2. run `rsnapshot hourly` manually as root to check if everything works + services.rsnapshot = { + enable = true; + cronIntervals = { + daily = "50 21 * * *"; + hourly = "0 */4 * * *"; + }; + extraConfig = '' +retain hourly 5 +retain daily 365 +snapshot_root /var/backup +backup root@binaergewitter.jit.computer:/opt/isso jit +backup root@binaergewitter.jit.computer:/etc/systemd/system/isso.service jit +backup root@binaergewitter.jit.computer:/etc/nginx/conf.d/isso.conf jit + ''; + }; +} diff --git a/makefu/2configs/hw/ssd.nix b/makefu/2configs/hw/ssd.nix new file mode 100644 index 000000000..9615b34d8 --- /dev/null +++ b/makefu/2configs/hw/ssd.nix @@ -0,0 +1,4 @@ +{ + # ssd trimming + services.fstrim.enable = true; +} diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index 98fe30daf..42ae309d0 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -4,6 +4,7 @@ with import <stockholm/lib>; { imports = [ ./tpm.nix + ./ssd.nix ]; boot.kernelModules = [ @@ -50,6 +51,7 @@ with import <stockholm/lib>; CPU_MAX_PERF_ON_BAT=30 ''; + powerManagement.resumeCommands = '' ${pkgs.rfkill}/bin/rfkill unblock all ''; diff --git a/makefu/2configs/support-nixos.nix b/makefu/2configs/support-nixos.nix new file mode 100644 index 000000000..d4e5556ff --- /dev/null +++ b/makefu/2configs/support-nixos.nix @@ -0,0 +1 @@ +{ makefu.distrobump.enable = true; } diff --git a/makefu/3modules/bump-distrowatch.nix b/makefu/3modules/bump-distrowatch.nix new file mode 100644 index 000000000..18426cdcc --- /dev/null +++ b/makefu/3modules/bump-distrowatch.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.makefu.distrobump; + + imp = { + systemd.services.distrobump = { + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + path = [ pkgs.curl ]; + restartIfChanged = false; + startAt = "daily"; + serviceConfig = { + PrivateTmp = true; + Type = "oneshot"; + ExecStart = pkgs.writeDash "bump-distrowatch" '' + set -euf + UA='Mozilla/5.0 (X11; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0' + curl -Lvc /tmp/cookie.jar -A "$UA" 'https://distrowatch.com/' >/dev/null + sleep $(shuf -i 3-15 -n1).$(shuf -i 0-9 -n1) + curl -Lvc /tmp/cookie.jar -A "$UA" -e 'https://distrowatch.com/' 'https://distrowatch.com/nixos?frphr' >/dev/null + ''; + RandomizedDelaySec = 28800; + }; + }; + }; +in +{ + options.makefu.distrobump.enable = lib.mkEnableOption "distrobump"; + config = lib.mkIf cfg.enable imp; +} diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 65b5a6afd..c6d8fccc3 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -3,6 +3,7 @@ _: { imports = [ ./awesome-extra.nix + ./bump-distrowatch.nix ./deluge.nix ./forward-journal.nix ./netdata.nix diff --git a/makefu/5pkgs/ns-atmosphere-programmer/default.nix b/makefu/5pkgs/ns-atmosphere-programmer/default.nix index 1e1cb1d86..88a408578 100644 --- a/makefu/5pkgs/ns-atmosphere-programmer/default.nix +++ b/makefu/5pkgs/ns-atmosphere-programmer/default.nix @@ -10,15 +10,16 @@ stdenv.mkDerivation rec { version = "0.1"; src = fetchzip { - url = "http://www.ns-atmosphere.com/media/content/ns-atmosphere-programmer-linux-v01.zip"; - sha256 = "0g2fxbirgi0lm0mi69cmknqj7626fxjkwn98bqx5pcalxplww8k0"; + url = "https://archive.org/download/ns-atmosphere-programmer/ns-atmosphere-programmer-ubuntu-64bit-v01.zip"; + # original source: http://www.ns-atmosphere.com/media/content/ns-atmosphere-programmer-ubuntu-64bit-v01.zip + sha256 = "1cnyydsmrcpfwpdiry7qybh179499wpbvlzq5rk442hq9ak416ri"; }; buildInputs = with xlibs; [ libX11 libXxf86vm libSM gnome3.gtk libpng12 ]; nativeBuildInputs = [ autoPatchelfHook makeWrapper ]; installPhase = '' - install -D -m755 NS-Atmosphere-Programmer-Linux-v0.1/NS-Atmosphere $out/bin/NS-Atmosphere + install -D -m755 NS-Atmosphere $out/bin/NS-Atmosphere wrapProgram $out/bin/NS-Atmosphere --prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \ --suffix XDG_DATA_DIRS : '${gnome3.defaultIconTheme}/share' ''; @@ -26,7 +27,7 @@ stdenv.mkDerivation rec { dontStrip = true; meta = with stdenv.lib; { - description = "Payload programmer for ns-atmosphere injector"; + description = "Payload programmer for ns-atmosphere injector for nintendo switch"; homepage = http://www.ns-atmosphere.com; maintainers = [ maintainers.makefu ]; platforms = platforms.linux; diff --git a/makefu/5pkgs/xdcc-dl/default.nix b/makefu/5pkgs/xdcc-dl/default.nix new file mode 100644 index 000000000..d9fdc3d2b --- /dev/null +++ b/makefu/5pkgs/xdcc-dl/default.nix @@ -0,0 +1,195 @@ +# generated using pypi2nix tool (version: 1.8.0) +# See more at: https://github.com/garbas/pypi2nix +# +# COMMAND: +# pypi2nix -V 3.6 -r ./lol +# + +{ pkgs ? import <nixpkgs> {} +}: + +let + + inherit (pkgs) makeWrapper; + inherit (pkgs.stdenv.lib) fix' extends inNixShell; + + pythonPackages = + import "${toString pkgs.path}/pkgs/top-level/python-packages.nix" { + inherit pkgs; + inherit (pkgs) stdenv; + python = pkgs.python36; + }; + + commonBuildInputs = []; + commonDoCheck = false; + + withPackages = pkgs': + let + pkgs = builtins.removeAttrs pkgs' ["__unfix__"]; + interpreter = pythonPackages.buildPythonPackage { + name = "python36-interpreter"; + buildInputs = [ makeWrapper ] ++ (builtins.attrValues pkgs); + buildCommand = '' + mkdir -p $out/bin + ln -s ${pythonPackages.python.interpreter} $out/bin/${pythonPackages.python.executable} + for dep in ${builtins.concatStringsSep " " (builtins.attrValues pkgs)}; do + if [ -d "$dep/bin" ]; then + for prog in "$dep/bin/"*; do + if [ -f $prog ]; then + ln -s $prog $out/bin/`basename $prog` + fi + done + fi + done + for prog in "$out/bin/"*; do + wrapProgram "$prog" --prefix PYTHONPATH : "$PYTHONPATH" + done + pushd $out/bin + ln -s ${pythonPackages.python.executable} python + popd + ''; + passthru.interpreter = pythonPackages.python; + }; + in { + __old = pythonPackages; + inherit interpreter; + mkDerivation = pythonPackages.buildPythonPackage; + packages = pkgs; + overrideDerivation = drv: f: + pythonPackages.buildPythonPackage (drv.drvAttrs // f drv.drvAttrs); + withPackages = pkgs'': + withPackages (pkgs // pkgs''); + }; + + python = withPackages {}; + + generated = self: { + inherit (pythonPackages) requests irc beautifulsoup4 six pyqt5; + "PyExecJS" = python.mkDerivation { + name = "PyExecJS-1.5.0"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/1c/a0/359e179605bbf3f6c6ed96c44e056eebed39732b67427f30d56e259934f2/PyExecJS-1.5.0.tar.gz"; sha256 = "99315766f8155eea195a3f4179b35cd8dc64b2360c081ae29d92c603c26aeaaa"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ + self."six" + ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.mit; + description = "Run JavaScript code from Python"; + }; + }; + + + + + "bs4" = python.mkDerivation { + name = "bs4-0.0.1"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/10/ed/7e8b97591f6f456174139ec089c769f89a94a1a4025fe967691de971f314/bs4-0.0.1.tar.gz"; sha256 = "36ecea1fd7cc5c0c6e4a1ff075df26d50da647b75376626cc186e2212886dd3a"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ + self."beautifulsoup4" + ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.mit; + description = "Screen-scraping library"; + }; + }; + + + + "certifi" = python.mkDerivation { + name = "certifi-2017.11.5"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/23/3f/8be01c50ed24a4bd6b8da799839066ce0288f66f5e11f0367323467f0cbc/certifi-2017.11.5.tar.gz"; sha256 = "5ec74291ca1136b40f0379e1128ff80e866597e4e2c1e755739a913bbc3613c0"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = "MPL-2.0"; + description = "Python package for providing Mozilla's CA Bundle."; + }; + }; + + + + "cfscrape" = python.mkDerivation { + name = "cfscrape-1.9.1"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/cf/9a/50d3844d67fe5507217fd47c9e382e769ab5f7d967b41c25ba3712c441c3/cfscrape-1.9.1.tar.gz"; sha256 = "9cee3708c643904eaa010a64dd1715890457bb77010d87405fc1bfeb892508d7"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ + self."PyExecJS" + self."requests" + ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = ""; + description = "A simple Python module to bypass Cloudflare's anti-bot page. See https://github.com/Anorov/cloudflare-scrape for more information."; + }; + }; + + + + "typing" = python.mkDerivation { + name = "typing-3.6.2"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/ca/38/16ba8d542e609997fdcd0214628421c971f8c395084085354b11ff4ac9c3/typing-3.6.2.tar.gz"; sha256 = "d514bd84b284dd3e844f0305ac07511f097e325171f6cc4a20878d11ad771849"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.psfl; + description = "Type Hints for Python"; + }; + }; + + + + + "urwid" = python.mkDerivation { + name = "urwid-1.3.1"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/85/5d/9317d75b7488c335b86bd9559ca03a2a023ed3413d0e8bfe18bea76f24be/urwid-1.3.1.tar.gz"; sha256 = "cfcec03e36de25a1073e2e35c2c7b0cc6969b85745715c3a025a31d9786896a1"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.lgpl2; + description = "A full-featured console (xterm et al.) user interface library"; + }; + }; + + + + "xdcc-dl" = python.mkDerivation { + name = "xdcc-dl-2.1.0"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/52/5a/1f1c8e77c212074d508701f208440bdfac4c6366de3f74fc9772a09369ef/xdcc_dl-2.1.0.tar.gz"; sha256 = "7071fca28de83ab0944b086a6dac0af053225b5663d9cf28a8dac868d81b2fc6"; }; + doCheck = commonDoCheck; + buildInputs = commonBuildInputs; + propagatedBuildInputs = [ + self."bs4" + self."cfscrape" + self."irc" + self."requests" + self."typing" + self."urwid" + ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.gpl3; + description = "An XDCC File Downloader based on the irclib framework"; + }; + }; + + }; + +in python.withPackages + (fix' (pkgs.lib.fold + extends + generated + [] + ) + ) diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix index 001ad0bc4..949a98b2a 100644 --- a/tv/1systems/alnus/config.nix +++ b/tv/1systems/alnus/config.nix @@ -8,10 +8,6 @@ with import <stockholm/lib>; <stockholm/tv/2configs/retiolum.nix> ]; - # TODO remove non-hardware stuff from ../2configs/hw/x220.nix - # networking.wireless.enable collides with networkmanager - networking.wireless.enable = mkForce false; - boot = { initrd = { availableKernelModules = [ "ahci" ]; diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix index a653ce40d..f1cd7d673 100644 --- a/tv/1systems/mu/config.nix +++ b/tv/1systems/mu/config.nix @@ -5,6 +5,7 @@ with import <stockholm/lib>; <stockholm/tv> <stockholm/tv/2configs/br.nix> <stockholm/tv/2configs/exim-retiolum.nix> + <stockholm/tv/2configs/hw/x220.nix> <stockholm/tv/2configs/retiolum.nix> ]; @@ -13,10 +14,7 @@ with import <stockholm/lib>; tv.x0vncserver.enable = true; - # hardware configuration - boot.initrd.luks.devices.muca = { - device = "/dev/disk/by-uuid/7b24a931-40b6-44a6-ba22-c805cf164e91"; - }; + boot.initrd.luks.devices.muca.device = "/dev/sda2"; boot.initrd.luks.cryptoModules = [ "aes" "sha512" "xts" ]; boot.initrd.availableKernelModules = [ "ahci" ]; boot.kernelModules = [ "fbcon" "kvm-intel" ]; @@ -34,7 +32,7 @@ with import <stockholm/lib>; options = [ "defaults" "discard" ]; }; "/boot" = { - device = "/dev/disk/by-uuid/CEB1-9743"; + device = "/dev/sda1"; fsType = "vfat"; }; }; diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix index 996a5e7ec..a89f07e8a 100644 --- a/tv/1systems/nomic/config.nix +++ b/tv/1systems/nomic/config.nix @@ -64,4 +64,6 @@ with import <stockholm/lib>; gnupg tmux ]; + + networking.wireless.enable = true; } diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix index 17eeff5da..4c491d65b 100644 --- a/tv/1systems/wu/config.nix +++ b/tv/1systems/wu/config.nix @@ -41,6 +41,8 @@ with import <stockholm/lib>; }; }; + networking.wireless.enable = true; + services.printing.enable = true; services.udev.extraRules = '' diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index 5421cab92..b9c76cf49 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -147,6 +147,8 @@ with import <stockholm/lib>; gptfdisk ]; + networking.wireless.enable = true; + #services.bitlbee.enable = true; #services.tor.client.enable = true; #services.tor.enable = true; diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix index 414d2f226..bbfcfafc1 100644 --- a/tv/1systems/zu/config.nix +++ b/tv/1systems/zu/config.nix @@ -44,6 +44,8 @@ with import <stockholm/lib>; }; }; + networking.wireless.enable = true; + services.printing.enable = true; #services.bitlbee.enable = true; diff --git a/tv/2configs/hw/AO753.nix b/tv/2configs/hw/AO753.nix index 8625078da..4df5e097a 100644 --- a/tv/2configs/hw/AO753.nix +++ b/tv/2configs/hw/AO753.nix @@ -25,8 +25,6 @@ with import <stockholm/lib>; config.boot.kernelPackages.broadcom_sta ]; - networking.wireless.enable = true; - nix = { buildCores = 2; maxJobs = 2; diff --git a/tv/2configs/hw/x220.nix b/tv/2configs/hw/x220.nix index 38a89cfc3..35e7d8941 100644 --- a/tv/2configs/hw/x220.nix +++ b/tv/2configs/hw/x220.nix @@ -26,8 +26,6 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - networking.wireless.enable = true; - # Required for Centrino. hardware.enableRedistributableFirmware = true; |