summaryrefslogtreecommitdiffstats
path: root/lass/1systems
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-02-18 20:25:47 +0100
committertv <tv@krebsco.de>2021-02-18 20:25:47 +0100
commitf9bc618fada82326ed371b131eaed34d21626ae9 (patch)
treec48156ed3dc16594907c3744b14fcdafd2409206 /lass/1systems
parent9365aff352d99b7506bafbef6682de7bfb00df27 (diff)
parent8b7477926d0b7c1ac3d92d07e6934f9e593ea9ff (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems')
-rw-r--r--lass/1systems/coaxmetal/config.nix53
-rw-r--r--lass/1systems/coaxmetal/physical.nix52
-rw-r--r--lass/1systems/yellow/config.nix14
3 files changed, 115 insertions, 4 deletions
diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix
new file mode 100644
index 000000000..3e0b1674a
--- /dev/null
+++ b/lass/1systems/coaxmetal/config.nix
@@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ <stockholm/lass>
+
+ <stockholm/lass/2configs/retiolum.nix>
+ <stockholm/lass/2configs/exim-retiolum.nix>
+ <stockholm/lass/2configs/baseX.nix>
+ <stockholm/lass/2configs/browsers.nix>
+ <stockholm/lass/2configs/programs.nix>
+ <stockholm/lass/2configs/network-manager.nix>
+ <stockholm/lass/2configs/syncthing.nix>
+ <stockholm/lass/2configs/sync/sync.nix>
+ <stockholm/lass/2configs/games.nix>
+ <stockholm/lass/2configs/steam.nix>
+ <stockholm/lass/2configs/wine.nix>
+ <stockholm/lass/2configs/fetchWallpaper.nix>
+ <stockholm/lass/2configs/nfs-dl.nix>
+ <stockholm/lass/2configs/pass.nix>
+ <stockholm/lass/2configs/mail.nix>
+ <stockholm/lass/2configs/bitcoin.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.coaxmetal;
+
+ environment.shellAliases = {
+ deploy = pkgs.writeDash "deploy" ''
+ set -eu
+ export SYSTEM="$1"
+ $(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
+ '';
+ usb-tether-on = pkgs.writeDash "usb-tether-on" ''
+ adb shell su -c service call connectivity 33 i32 1 s16 text
+ '';
+ usb-tether-off = pkgs.writeDash "usb-tether-off" ''
+ adb shell su -c service call connectivity 33 i32 0 s16 text
+ '';
+ };
+
+ programs.adb.enable = true;
+
+ hardware.bluetooth = {
+ enable = true;
+ powerOnBoot = true;
+ # config.General.Disable = "Headset";
+ extraConfig = ''
+ [General]
+ Disable = Headset
+ '';
+ };
+ hardware.pulseaudio.package = pkgs.pulseaudioFull;
+}
diff --git a/lass/1systems/coaxmetal/physical.nix b/lass/1systems/coaxmetal/physical.nix
new file mode 100644
index 000000000..c94740c54
--- /dev/null
+++ b/lass/1systems/coaxmetal/physical.nix
@@ -0,0 +1,52 @@
+{ config, lib, pkgs, modulesPath, ... }:
+{
+ imports = [
+ ./config.nix
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ networking.hostId = "e0c335ea";
+ boot.zfs.requestEncryptionCredentials = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+ boot.loader.grub = {
+ enable = true;
+ # device = "/dev/disk/by-id/nvme-WDC_PC_SN730_SDBQNTY-1T00-1001_205349800040";
+ device = "nodev";
+ efiSupport = true;
+ # efiInstallAsRemovable = true;
+ };
+
+ services.xserver.videoDrivers = [
+ "amdgpu"
+ ];
+
+ hardware.opengl.extraPackages = [ pkgs.amdvlk ];
+ # is required for amd graphics support ( xorg wont boot otherwise )
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+ environment.variables.VK_ICD_FILENAMES =
+ "/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
+
+ boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+ boot.kernelModules = [ "kvm-amd" ];
+
+ fileSystems."/" = {
+ device = "zpool/root/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home" = {
+ device = "zpool/root/home";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/50A7-1889";
+ fsType = "vfat";
+ };
+
+ services.logind.lidSwitch = "ignore";
+ services.logind.lidSwitchDocked = "ignore";
+ boot.extraModprobeConfig = ''
+ options psmouse proto=imps
+ '';
+}
diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix
index 1afad003c..178a5adf1 100644
--- a/lass/1systems/yellow/config.nix
+++ b/lass/1systems/yellow/config.nix
@@ -152,10 +152,11 @@ with import <stockholm/lib>;
krebs.iptables = {
enable = true;
tables.filter.INPUT.rules = [
- { predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
- { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
- { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; }
- { predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
+ { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } # nginx web dir
+ { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; } # transmission-web
+ { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; } # transmission-traffic
+ { predicate = "-p udp --dport 51413"; target = "ACCEPT"; } # transmission-traffic
+ { predicate = "-p tcp --dport 8096"; target = "ACCEPT"; } # jellyfin
];
};
@@ -265,4 +266,9 @@ with import <stockholm/lib>;
'';
};
};
+
+ services.jellyfin = {
+ enable = true;
+ group = "download";
+ };
}