From e3cce01913c6a22946cc01438079bc3410ded9b2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Oct 2016 14:58:46 +0200 Subject: l: add lassulus-blog config, repair ssl for cgit --- lass/1systems/prism.nix | 49 +------------------------------------------------ 1 file changed, 1 insertion(+), 48 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 51d106b5e..9fa210d08 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -24,26 +24,6 @@ in { ../2configs/repo-sync.nix ../2configs/binary-cache/server.nix ../2configs/iodined.nix - { - imports = [ - ../2configs/git.nix - ]; - krebs.nginx.servers.cgit = { - server-names = [ - "cgit.lassul.us" - ]; - locations = [ - (nameValuePair "/.well-known/acme-challenge" '' - root /var/lib/acme/challenges/cgit.lassul.us/; - '') - ]; - ssl = { - enable = true; - certificate = "/var/lib/acme/cgit.lassul.us/fullchain.pem"; - certificate_key = "/var/lib/acme/cgit.lassul.us/key.pem"; - }; - }; - } { users.extraGroups = { # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories @@ -174,6 +154,7 @@ in { imports = [ ../2configs/websites/wohnprojekt-rhh.de.nix ../2configs/websites/domsen.nix + ../2configs/websites/lassulus.nix ]; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport http"; target = "ACCEPT"; } @@ -186,34 +167,6 @@ in { }; } { - security.acme = { - certs."lassul.us" = { - email = "lass@lassul.us"; - webroot = "/var/lib/acme/challenges/lassul.us"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - "full.pem" - ]; - allowKeysForGroup = true; - group = "lasscert"; - }; - }; - users.groups.lasscert.members = [ - "dovecot2" - "ejabberd" - "exim" - "nginx" - ]; - krebs.nginx.servers."lassul.us" = { - server-names = [ "lassul.us" ]; - locations = [ - (lib.nameValuePair "/.well-known/acme-challenge" '' - root /var/lib/acme/challenges/lassul.us/; - '') - ]; - }; lass.ejabberd = { enable = true; hosts = [ "lassul.us" ]; -- cgit v1.2.3 From d0d3cd8e54a78ea1bf16b2b9de5366d15aad7581 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Oct 2016 15:02:06 +0200 Subject: l 1 prism: remove obsolete key --- lass/1systems/prism.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/1systems') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 9fa210d08..8b4f1d7a2 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -144,7 +144,6 @@ in { users.users.chat.openssh.authorizedKeys.keys = [ "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHF9tijlMoEevRZCG1AggukxWggfxPHUwg6Ye113ODG6PZ2m98oSmnsjixDy4GfIJjy+8HBbkwS6iH+fsNk86QtAgFNMjBl+9YvEzNRBzcyCqdOkZFvvZvV2oYA7I15il4ln62PDPKjEIS3YPhZPSwc6GhrlsFTnIG56NF/93IhF7R/FA== JuiceSSH" config.krebs.users.lass-uriel.pubkey - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQ8DJhHAqmdrB2+qkV/OuKjR4QDXUww2TWItyDrs+/6F58WacMozgaZr2goA5JQJ5d19nC3LzYb4yLGguADsp987I6cAu5iXPT5PHKc0eRWDN+AGlpTgUtN1BvVrnJZaUJrR9WlHhFYlkOkzAsB15fKYciVWsyxBCVZ+3oiTEjs2L/sfbrgailWqHIUWDftUnJx8EFmSUVZ2GZWklMcgBo0FJD1i0x5u2dQGguNY+28DzQmKgUMS+xD/uUZvrFIWr9I6CBqhsuHJo8n85BT3B3QdG8ARLt5FKPr5L3My6UjlxOkKrDNLjJFjERFCsuIxnrO3tQhvKXQYlOyskHokocYSdcIq8svghJLA3kmRYIjHjZ4y1BNENsk79WyYNMAi5y+A0Evmu+g3ks/DiW3vI/Sw/D3Uc7ilbImpaoL5qUC4+WZM3J2b3Z1AU5D1QiojpKkB9Qt1bokCm8hrRCG9ZDKqAD6IqmI1ARRjfgA4zKwKUhmMqG4p55YGGVf9OeK0rXgX0Z2InyFXeBaU2aBcDfdKD/65w5MnC9CsJnjELdd4r9u2ugTPExzOo3WUlNuOTB1WoZ8CiY2OVGle/E/MzKUDfGuIFhUsFeX0YcLHPbo+mesISNUPaeadSuMuHE8W4FOeEq51toBo/gkxgjtqqWMOd9SxnDQTMBKq3L/w7nEQ== lass@mors" ]; } { -- cgit v1.2.3 From a2605f25ee48daaf883c6823564686fa49bff0f3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Oct 2016 23:47:00 +0200 Subject: l 1 uriel: set defaultLocale to de_DE --- lass/1systems/uriel.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index aa5286ae0..acc7348e8 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -9,6 +9,7 @@ with config.krebs.lib; ../2configs/exim-retiolum.nix { # locke config + i18n.defaultLocale ="de_DE.UTF-8"; time.timeZone = "Europe/Berlin"; services.xserver.enable = true; users.users.locke = { -- cgit v1.2.3 From bbaee1993c9786bf01f15c34d0d8993842712477 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Oct 2016 23:47:27 +0200 Subject: l 1 uriel: add pavucontrol to pkgs --- lass/1systems/uriel.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/1systems') diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index acc7348e8..1068da114 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -29,6 +29,7 @@ with config.krebs.lib; systemWide = true; }; environment.systemPackages = with pkgs; [ + pavucontrol firefox hexchat networkmanagerapplet -- cgit v1.2.3 From c7be88d76a359379d8d75126a746fd3772aa5036 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Oct 2016 23:47:48 +0200 Subject: l 1 uriel: gummiboot -> systemd-boot --- lass/1systems/uriel.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lass/1systems') diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index 1068da114..e1417c83d 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -53,8 +53,8 @@ with config.krebs.lib; #loader.grub.version = 2; #loader.grub.device = "/dev/sda"; - loader.gummiboot.enable = true; - loader.gummiboot.timeout = 5; + loader.systemd-boot.enable = true; + loader.timeout = 5; initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; -- cgit v1.2.3