summaryrefslogtreecommitdiffstats
path: root/tv/1systems
diff options
context:
space:
mode:
Diffstat (limited to 'tv/1systems')
-rw-r--r--tv/1systems/cd.nix43
-rw-r--r--tv/1systems/mkdir.nix1
-rw-r--r--tv/1systems/nomic.nix41
-rw-r--r--tv/1systems/rmdir.nix1
-rw-r--r--tv/1systems/wu.nix43
-rw-r--r--tv/1systems/xu.nix44
6 files changed, 26 insertions, 147 deletions
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix
index 8c2a9ae43..e42d5750a 100644
--- a/tv/1systems/cd.nix
+++ b/tv/1systems/cd.nix
@@ -6,12 +6,17 @@ with lib;
krebs.build.host = config.krebs.hosts.cd;
krebs.build.target = "root@cd.internet";
+ krebs.build.source.upstream-nixpkgs = {
+ url = https://github.com/NixOS/nixpkgs;
+ rev = "b7ff030";
+ };
+
imports = [
../2configs/hw/CAC-Developer-2.nix
../2configs/fs/CAC-CentOS-7-64bit.nix
- #../2configs/consul-server.nix
../2configs/exim-smarthost.nix
../2configs/git.nix
+ ../2configs/retiolum.nix
../2configs/urlwatch.nix
{
imports = [ ../2configs/charybdis.nix ];
@@ -25,6 +30,10 @@ with lib;
enable = true;
hosts = [ "jabber.viljetic.de" ];
};
+ tv.iptables.input-internet-accept-new-tcp = [
+ "xmpp-client"
+ "xmpp-server"
+ ];
}
{
krebs.github-hosts-sync.enable = true;
@@ -32,38 +41,17 @@ with lib;
singleton config.krebs.github-hosts-sync.port;
}
{
- tv.iptables = {
- enable = true;
- input-internet-accept-new-tcp = [
- "ssh"
- "tinc"
- "smtp"
- "xmpp-client"
- "xmpp-server"
- ];
- input-retiolum-accept-new-tcp = [
- "http"
- ];
- };
- }
- {
- tv.iptables.input-internet-accept-new-tcp = singleton "http";
krebs.nginx.servers.cgit.server-names = [
"cgit.cd.krebsco.de"
"cgit.cd.viljetic.de"
];
- }
- {
# TODO make public_html also available to cd, cd.retiolum (AKA default)
- tv.iptables.input-internet-accept-new-tcp = singleton "http";
krebs.nginx.servers.public_html = {
server-names = singleton "cd.viljetic.de";
locations = singleton (nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
alias /home/$1/public_html$2;
'');
};
- }
- {
krebs.nginx.servers.viljetic = {
server-names = singleton "viljetic.de";
# TODO directly set root (instead via location)
@@ -71,16 +59,7 @@ with lib;
root ${pkgs.viljetic-pages};
'');
};
- }
- {
- krebs.retiolum = {
- enable = true;
- connectTo = [
- "fastpoke"
- "pigstarter"
- "ire"
- ];
- };
+ tv.iptables.input-internet-accept-new-tcp = singleton "http";
}
];
diff --git a/tv/1systems/mkdir.nix b/tv/1systems/mkdir.nix
index 9d8a0bcfa..79e5f73b9 100644
--- a/tv/1systems/mkdir.nix
+++ b/tv/1systems/mkdir.nix
@@ -22,7 +22,6 @@ in
imports = [
../2configs/hw/CAC-Developer-1.nix
../2configs/fs/CAC-CentOS-7-64bit.nix
- ../2configs/consul-server.nix
../2configs/exim-smarthost.nix
../2configs/git.nix
{
diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix
index 0c6c935a3..37ef204c7 100644
--- a/tv/1systems/nomic.nix
+++ b/tv/1systems/nomic.nix
@@ -5,45 +5,14 @@ with lib;
{
krebs.build.host = config.krebs.hosts.nomic;
- krebs.build.target = "root@nomic.gg23";
-
imports = [
../2configs/hw/AO753.nix
- #../2configs/consul-server.nix
+ ../2configs/exim-retiolum.nix
../2configs/git.nix
- {
- tv.iptables = {
- enable = true;
- input-internet-accept-new-tcp = [
- "ssh"
- "http"
- "tinc"
- "smtp"
- ];
- };
- }
- {
- krebs.exim-retiolum.enable = true;
- }
- {
- krebs.nginx = {
- enable = true;
- servers.default.locations = [
- (nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
- alias /home/$1/public_html$2;
- '')
- ];
- };
- }
- {
- krebs.retiolum = {
- enable = true;
- connectTo = [
- "gum"
- "pigstarter"
- ];
- };
- }
+ ../2configs/nginx-public_html.nix
+ ../2configs/pulse.nix
+ ../2configs/retiolum.nix
+ ../2configs/xserver
];
boot.initrd.luks = {
diff --git a/tv/1systems/rmdir.nix b/tv/1systems/rmdir.nix
index 1f1d975c9..6fd79c596 100644
--- a/tv/1systems/rmdir.nix
+++ b/tv/1systems/rmdir.nix
@@ -23,7 +23,6 @@ in
imports = [
../2configs/hw/CAC-Developer-1.nix
../2configs/fs/CAC-CentOS-7-64bit.nix
- ../2configs/consul-server.nix
../2configs/exim-smarthost.nix
../2configs/git.nix
{
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix
index 54ceb7783..29e6de08b 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu.nix
@@ -7,10 +7,12 @@ with lib;
imports = [
../2configs/hw/w110er.nix
- #../2configs/consul-client.nix
+ ../2configs/exim-retiolum.nix
../2configs/git.nix
../2configs/mail-client.nix
+ ../2configs/nginx-public_html.nix
../2configs/pulse.nix
+ ../2configs/retiolum.nix
../2configs/xserver
{
environment.systemPackages = with pkgs; [
@@ -18,7 +20,7 @@ with lib;
# stockholm
gnumake
hashPassword
- lentil
+ haskellPackages.lentil
parallel
(pkgs.writeScriptBin "im" ''
#! ${pkgs.bash}/bin/bash
@@ -41,7 +43,7 @@ with lib;
# tv
bc
bind # dig
- cac
+ cac-api
dic
file
get
@@ -123,39 +125,6 @@ with lib;
unison
];
}
- {
- tv.iptables = {
- enable = true;
- input-internet-accept-new-tcp = [
- "ssh"
- "http"
- "tinc"
- "smtp"
- ];
- };
- }
- {
- krebs.exim-retiolum.enable = true;
- }
- {
- krebs.nginx = {
- enable = true;
- servers.default.locations = [
- (nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
- alias /home/$1/public_html$2;
- '')
- ];
- };
- }
- {
- krebs.retiolum = {
- enable = true;
- connectTo = [
- "gum"
- "pigstarter"
- ];
- };
- }
];
boot.initrd.luks = {
@@ -188,7 +157,7 @@ with lib;
nixpkgs.config.chromium.enablePepperFlash = true;
- nixpkgs.config.allowUnfree = true;
+ nixpkgs.config.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name;
hardware.bumblebee.enable = true;
hardware.bumblebee.group = "video";
hardware.enableAllFirmware = true;
diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix
index 1f3e010a4..8c4af2bd3 100644
--- a/tv/1systems/xu.nix
+++ b/tv/1systems/xu.nix
@@ -5,15 +5,14 @@ with lib;
{
krebs.build.host = config.krebs.hosts.xu;
- krebs.build.source.git.nixpkgs.rev =
- "7ae05edcdd14f6ace83ead9bf0d114e97c89a83a";
-
imports = [
../2configs/hw/x220.nix
- #../2configs/consul-client.nix
+ ../2configs/exim-retiolum.nix
../2configs/git.nix
../2configs/mail-client.nix
+ ../2configs/nginx-public_html.nix
../2configs/pulse.nix
+ ../2configs/retiolum.nix
../2configs/xserver
{
environment.systemPackages = with pkgs; [
@@ -21,7 +20,7 @@ with lib;
# stockholm
gnumake
hashPassword
- lentil
+ haskellPackages.lentil
parallel
(pkgs.writeScriptBin "im" ''
#! ${pkgs.bash}/bin/bash
@@ -124,40 +123,6 @@ with lib;
unison
];
}
- {
- tv.iptables = {
- enable = true;
- input-internet-accept-new-tcp = [
- "ssh"
- "http"
- "tinc"
- "smtp"
- ];
- };
- }
- {
- krebs.exim-retiolum.enable = true;
- }
- {
- krebs.nginx = {
- enable = true;
- servers.default.locations = [
- (nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
- alias /home/$1/public_html$2;
- '')
- ];
- };
- }
- {
- krebs.retiolum = {
- enable = true;
- connectTo = [
- "cd"
- "gum"
- "pigstarter"
- ];
- };
- }
];
boot.initrd.luks = {
@@ -190,7 +155,6 @@ with lib;
nixpkgs.config.chromium.enablePepperFlash = true;
- nixpkgs.config.allowUnfree = true;
#hardware.bumblebee.enable = true;
#hardware.bumblebee.group = "video";
hardware.enableAllFirmware = true;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 05:27:35 +0000