From 3fa63a4f312a885d353177db911f8a52ce7a1e1c Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 22 Oct 2016 15:26:16 +0200 Subject: m 2 mycube: fix redis mimimi --- makefu/2configs/deployment/mycube.connector.one.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix index 8f51c91dd..daadad05d 100644 --- a/makefu/2configs/deployment/mycube.connector.one.nix +++ b/makefu/2configs/deployment/mycube.connector.one.nix @@ -6,7 +6,11 @@ let external-ip = config.krebs.build.host.nets.internet.ip4.addr; wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock"; in { - services.redis.enable = true; + services.redis = { + enable = true; + }; + systemd.services.redis.serviceConfig.LimitNOFILE=10032; + services.uwsgi = { enable = true; user = "nginx"; -- cgit v1.2.3 From 2e22fa7234c95cccb1680fb47954f339e6e0b326 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 27 Oct 2016 14:55:50 +0200 Subject: m 2 hw: Plot twist - x220 was an x230 ALL ALONG! --- makefu/1systems/x.nix | 6 +++--- makefu/2configs/hw/tp-x220.nix | 34 -------------------------------- makefu/2configs/hw/tp-x230.nix | 44 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 47 insertions(+), 37 deletions(-) delete mode 100644 makefu/2configs/hw/tp-x220.nix create mode 100644 makefu/2configs/hw/tp-x230.nix (limited to 'makefu') diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index e7f5d0dae..e1aec360d 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -32,7 +32,7 @@ # ../2configs/buildbot-standalone.nix # hardware specifics are in here - ../2configs/hw/tp-x220.nix + ../2configs/hw/tp-x230.nix ../2configs/hw/rtl8812au.nix ../2configs/hw/bcm4352.nix # mount points @@ -46,7 +46,7 @@ # temporary modules ../2configs/temp/share-samba.nix ../2configs/laptop-backup.nix - ../2configs/temp/elkstack.nix + #../2configs/temp/elkstack.nix # ../2configs/temp/sabnzbd.nix ../2configs/tinc/siem.nix #../2configs/torrent.nix @@ -62,7 +62,7 @@ environment.systemPackages = [ pkgs.passwdqc-utils pkgs.bintray-upload ]; - # virtualisation.docker.enable = true; + virtualisation.docker.enable = true; # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; diff --git a/makefu/2configs/hw/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix deleted file mode 100644 index ce3e34ad3..000000000 --- a/makefu/2configs/hw/tp-x220.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - - imports = [ ./tp-x2x0.nix ]; - boot = { - kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" "tp_smapi" ]; - extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; - }; - hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; - services.xserver = { - videoDriver = "intel"; - deviceSection = '' - Option "AccelMethod" "sna" - ''; - }; - - security.rngd.enable = true; - - services.xserver.displayManager.sessionCommands ='' - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 - xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 - # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 - ''; - - # enable HDMI output switching with pulseaudio - hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' - ${builtins.readFile "${config.hardware.pulseaudio.package.out}/etc/pulse/default.pa"} - load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" - ''; - -} diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix new file mode 100644 index 000000000..99563a771 --- /dev/null +++ b/makefu/2configs/hw/tp-x230.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: + +with import ; +{ + + imports = [ ./tp-x2x0.nix ]; + boot = { + # tp-smapi is not supported bt x230 anymore + kernelModules = [ + "kvm-intel" + "thinkpad_ec" + # "acpi_call" + # "thinkpad_acpi" + # "tpm-rng" + ]; + extraModulePackages = [ + # config.boot.kernelPackages.acpi_call + ]; + }; + services.acpid.enable = true; + hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; + services.xserver = { + videoDriver = "intel"; + deviceSection = '' + Option "AccelMethod" "sna" + ''; + }; + # no entropy source working + # security.rngd.enable = true; + + services.xserver.displayManager.sessionCommands ='' + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 + xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 + xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 + # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 + ''; + + # enable HDMI output switching with pulseaudio + hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' + ${builtins.readFile "${config.hardware.pulseaudio.package.out}/etc/pulse/default.pa"} + load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" + ''; + +} -- cgit v1.2.3 From ebd5e96517a001376d927ac147e0cadb0bde1c14 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:06:09 +0200 Subject: m 2 euer.wiki: remove comment as it supposently breaks phpfpm config --- makefu/2configs/nginx/euer.wiki.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index 22cf9c9b7..9d0b74871 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -44,7 +44,6 @@ in { pm.min_spare_servers = 1 pm.max_spare_servers = 3 chdir = / - # errors to journal php_admin_value[error_log] = 'stderr' php_admin_flag[log_errors] = on catch_workers_output = yes -- cgit v1.2.3 From 121c5cb92cba3594cbe4743ff80e46b6e85aeb4d Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:07:29 +0200 Subject: m 2 default: use ca-bundle for CURL GIT, PIP --- makefu/2configs/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index cb6fe55b8..bbe108074 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -90,9 +90,14 @@ with import ; "d /tmp 1777 root root - -" ]; nix.nixPath = [ "/var/src" ]; - environment.variables = { + environment.variables = let + ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + in { NIX_PATH = mkForce "/var/src"; EDITOR = mkForce "vim"; + CURL_CA_BUNDLE = ca-bundle; + GIT_SSL_CAINFO = ca-bundle; + SSL_CERT_FILE = ca-bundle; }; environment.systemPackages = with pkgs; [ -- cgit v1.2.3 From 255af71a2511d7e819d5724fb792ee75a7999783 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:09:58 +0200 Subject: m 2 urlwatch: use git-upload-pack --- makefu/2configs/urlwatch.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix index 0d8f888fa..d575d18bc 100644 --- a/makefu/2configs/urlwatch.nix +++ b/makefu/2configs/urlwatch.nix @@ -15,7 +15,7 @@ http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ https://github.com/amadvance/snapraid/releases.atom - https://erdgeist.org/gitweb/opentracker/commit/ + https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack ]; }; } -- cgit v1.2.3 From 4056d9b66db3a2b6968a2b7dcb48b0a5f6205a52 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:10:40 +0200 Subject: m 2 hw: fix bcm and rfkill after resume --- makefu/2configs/hw/bcm4352.nix | 1 + makefu/2configs/hw/tp-x2x0.nix | 7 ++++--- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/hw/bcm4352.nix b/makefu/2configs/hw/bcm4352.nix index 516637eb8..5dc8a1449 100644 --- a/makefu/2configs/hw/bcm4352.nix +++ b/makefu/2configs/hw/bcm4352.nix @@ -1,6 +1,7 @@ {config, ...}: { networking.enableB43Firmware = true; + boot.kernelModules = [ "wl" ]; boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; } diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index 2b615ecfa..02bd8bb01 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -28,8 +28,9 @@ with import ; services.tlp.enable = true; services.tlp.extraConfig = '' # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery - #START_CHARGE_THRESH_BAT0=80 - STOP_CHARGE_THRESH_BAT0=95 + START_CHARGE_THRESH_BAT0=67 + STOP_CHARGE_THRESH_BAT0=100 + CPU_SCALING_GOVERNOR_ON_AC=performance CPU_SCALING_GOVERNOR_ON_BAT=ondemand @@ -40,6 +41,6 @@ with import ; ''; powerManagement.resumeCommands = '' - {pkgs.rfkill}/bin/rfkill unblock all + ${pkgs.rfkill}/bin/rfkill unblock all ''; } -- cgit v1.2.3 From c26a3ce4b465db07f3d94e263588b96d167e53fa Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 28 Oct 2016 14:11:31 +0200 Subject: m 1 gum: add gum-share --- makefu/1systems/gum.nix | 1 + makefu/2configs/gum-share.nix | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 makefu/2configs/gum-share.nix (limited to 'makefu') diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index bfd880b88..8a43d25ff 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -24,6 +24,7 @@ in { ../2configs/torrent.nix ../2configs/graphite-standalone.nix ../2configs/sabnzbd.nix + ../2configs/gum-share.nix ../2configs/opentracker.nix diff --git a/makefu/2configs/gum-share.nix b/makefu/2configs/gum-share.nix new file mode 100644 index 000000000..e578f43d3 --- /dev/null +++ b/makefu/2configs/gum-share.nix @@ -0,0 +1,39 @@ +{ config, lib, pkgs, ... }: + +with config.krebs.lib; +let + hostname = config.krebs.build.host.name; +in { + # users.users.smbguest = { + # name = "smbguest"; + # uid = config.ids.uids.smbguest; + # description = "smb guest user"; + # home = "/var/empty"; + # }; + + users.users.download = { }; + services.samba = { + enable = true; + shares = { + download = { + path = "/var/download"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "no"; + "valid users" = "download"; + }; + }; + extraConfig = '' + # guest account = smbguest + # map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport 445 -j ACCEPT + ''; +} -- cgit v1.2.3 From 09fac6376315022edb27d53974d9c31eb672badb Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 30 Oct 2016 19:59:12 +0100 Subject: m 2 retiolum: only use prism cache if in retiolum --- makefu/2configs/default.nix | 1 - makefu/2configs/tinc/retiolum.nix | 3 +++ 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index bbe108074..db69be2fa 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -10,7 +10,6 @@ with import ; } ./vim.nix ./binary-cache/nixos.nix - ./binary-cache/lass.nix ]; nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix index dcb072461..c55b94466 100644 --- a/makefu/2configs/tinc/retiolum.nix +++ b/makefu/2configs/tinc/retiolum.nix @@ -1,4 +1,7 @@ _: { + imports = [ + ../binary-cache/lass.nix + ]; krebs.tinc.retiolum.enable = true; } -- cgit v1.2.3 [cgit] Unable to lock slot /tmp/cgit/41200000.lock: No such file or directory (2)