diff --git a/1systems/darth/config.nix b/1systems/darth/config.nix index 4e71d14..52df9b5 100644 --- a/1systems/darth/config.nix +++ b/1systems/darth/config.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with pkgs.stockholm.lib; let # all the good stuff resides in /data diff --git a/1systems/gum/config.nix b/1systems/gum/config.nix index f40f113..8d6acf6 100644 --- a/1systems/gum/config.nix +++ b/1systems/gum/config.nix @@ -1,13 +1,12 @@ { config, lib, pkgs, ... }: -with import ; +with pkgs.stockholm.lib; let external-ip = config.krebs.build.host.nets.internet.ip4.addr; ext-if = config.makefu.server.primary-itf; allDisks = [ "/dev/sda" "/dev/sdb" ]; in { imports = [ - ./hetznercloud { # wait for mount @@ -27,38 +26,38 @@ in { ]; }; } - - - - - - # - - - # + ../../2configs/nur.nix + ../../2configs/support-nixos.nix + ../../2configs/nix-community/supervision.nix + ../../2configs/home-manager + ../../2configs/home-manager/cli.nix + # ../../2configs/stats/client.nix + ../../2configs/share + ../../2configs/share/hetzner-client.nix + # ../../2configs/stats/netdata-server.nix - + ../../2configs/headless.nix # Security - + ../../2configs/sshd-totp.nix # Tools - - - - # + ../../2configs/tools/core.nix + ../../2configs/tools/dev.nix + ../../2configs/tools/sec.nix + #../../2configs/tools/desktop.nix - - - - # + ../../2configs/zsh-user.nix + ../../2configs/mosh.nix + ../../2configs/storj/forward-port.nix + # ../../2configs/gui/xpra.nix # networking - # - # - # - # - + # ../../2configs/vpn/vpnws/server.nix + #../../2configs/dnscrypt/server.nix + # ../../2configs/iodined.nix + # ../../2configs/backup.nix + ../../2configs/tinc/retiolum.nix { # bonus retiolum config for connecting more hosts krebs.tinc.retiolum = { #extraConfig = lib.mkForce '' @@ -89,65 +88,65 @@ in { } # ci - # - + # ../../2configs/exim-retiolum.nix + ../../2configs/git/cgit-retiolum.nix ### systemdUltras ### - + ../../2configs/systemdultras/ircbot.nix ###### Shack ##### - # - # + # ../../2configs/shack/events-publisher + # ../../2configs/shack/gitlab-runner - - - + ../../2configs/remote-build/slave.nix + ../../2configs/remote-build/aarch64-community.nix + ../../2configs/taskd.nix # services - # postgres backend - # - # + ../../2configs/bitlbee.nix # postgres backend + # ../../2configs/sabnzbd.nix + # ../../2configs/mail/mail.euer.nix { krebs.exim.enable = mkDefault true; } - + ../../2configs/nix-community/mediawiki-matrix-bot.nix # sharing - # samba sahre - - # + ../../2configs/share/gum.nix # samba sahre + ../../2configs/torrent/rtorrent.nix + # ../../2configs/sickbeard { nixpkgs.config.allowUnfree = true; } - # - ## - # - # - # + #../../2configs/retroshare.nix + ## ../../2configs/ipfs.nix + #../../2configs/syncthing.nix + # ../../2configs/sync + # ../../2configs/opentracker.nix ## network - # - # - + # ../../2configs/vpn/openvpn-server.nix + # ../../2configs/vpn/vpnws/server.nix + ../../2configs/binary-cache/server.nix { makefu.backup.server.repo = "/var/backup/borg"; } - - - - + ../../2configs/backup/server.nix + ../../2configs/backup/state.nix + ../../2configs/wireguard/server.nix + ../../2configs/wireguard/wiregrill.nix { # recent changes mediawiki bot networking.firewall.allowedUDPPorts = [ 5005 5006 ]; } # Removed until move: no extra mails - # + # ../../2configs/urlwatch # Removed until move: avoid letsencrypt ban ### Web - # postgres backend - # postgres backend - + ../../2configs/bitwarden.nix # postgres backend + ../../2configs/deployment/rss/rss.euer.krebsco.de.nix # postgres backend + ../../2configs/deployment/rss/ratt.nix - - #postgres backend + ../../2configs/deployment/ntfysh.nix + ../../2configs/deployment/owncloud.nix #postgres backend ### Moving owncloud data dir to /media/cloud/nextcloud-data { users.users.nextcloud.extraGroups = [ "download" ]; @@ -167,57 +166,57 @@ in { #}; } - - # - - - - - ## - # - # - - # - # + ../../2configs/nginx/dl.euer.krebsco.de.nix + #../../2configs/nginx/euer.test.nix + ../../2configs/nginx/euer.mon.nix + ../../2configs/nginx/euer.wiki.nix + ../../2configs/nginx/euer.blog.nix + ../../2configs/nginx/music.euer.nix + ## ../../2configs/nginx/gum.krebsco.de.nix + #../../2configs/nginx/public_html.nix + #../../2configs/nginx/update.connector.one.nix + ../../2configs/nginx/misa-felix-hochzeit.ml.nix + # ../../2configs/nginx/gold.krebsco.de.nix + # ../../2configs/nginx/iso.euer.nix - # - # - # - # - # - - - # - - - # + # ../../2configs/deployment/photostore.krebsco.de.nix + # ../../2configs/deployment/graphs.nix + #../../2configs/deployment/owncloud.nix + # ../../2configs/deployment/board.euer.krebsco.de.nix + #../../2configs/deployment/feed.euer.krebsco.de + ../../2configs/deployment/boot-euer.nix + ../../2configs/deployment/gecloudpad + #../../2configs/deployment/docker/archiveteam-warrior.nix + ../../2configs/deployment/mediengewitter.de.nix + ../../2configs/bgt/etherpad.euer.krebsco.de.nix + # ../../2configs/deployment/systemdultras-rss.nix - - # + ../../2configs/shiori.nix + #../../2configs/workadventure - - - - # + ../../2configs/bgt/download.binaergewitter.de.nix + ../../2configs/bgt/hidden_service.nix + ../../2configs/bgt/backup.nix + # ../../2configs/bgt/social-to-irc.nix - # + # ../../2configs/logging/client.nix # sharing - - { krebs.airdcpp.dcpp.shares = { - download.path = config.makefu.dl-dir + "/finished"; - sorted.path = config.makefu.dl-dir + "/sorted"; - }; - } - + # ../../2configs/dcpp/airdcpp.nix + #{ krebs.airdcpp.dcpp.shares = { + # download.path = config.makefu.dl-dir + "/finished"; + # sorted.path = config.makefu.dl-dir + "/sorted"; + # }; + #} + # ../../2configs/dcpp/hub.nix ## Temporary: - # - # - # + # ../../2configs/temp/rst-issue.nix + # ../../2configs/virtualisation/docker.nix + #../../2configs/virtualisation/libvirt.nix # krebs infrastructure services - # + # ../../2configs/stats/server.nix ]; # makefu.dl-dir = "/var/download"; diff --git a/1systems/iso/config.nix b/1systems/iso/config.nix index 2071212..f64deb0 100644 --- a/1systems/iso/config.nix +++ b/1systems/iso/config.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with pkgs.stockholm.lib; { imports = [ # diff --git a/1systems/kexec/config.nix b/1systems/kexec/config.nix index 5bf19f9..545bbb1 100644 --- a/1systems/kexec/config.nix +++ b/1systems/kexec/config.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with pkgs.stockholm.lib; { imports = [ diff --git a/1systems/omo/config.nix b/1systems/omo/config.nix index 224e170..27fe318 100644 --- a/1systems/omo/config.nix +++ b/1systems/omo/config.nix @@ -10,10 +10,10 @@ in { [ ./hw/omo.nix #./hw/tsp.nix - - - - + ../../2configs/default.nix + ../../2configs/headless.nix + ../../2configs/support-nixos.nix + ../../2configs/nur.nix # x11 forwarding { services.openssh.forwardX11 = true; @@ -24,39 +24,39 @@ in { { environment.systemPackages = [ pkgs.youtube-dl2kodi pkgs.youtube-dl]; } - - - - - # + ../../2configs/zsh-user.nix + ../../2configs/home-manager + ../../2configs/home-manager/cli.nix + ../../2configs/editor/neovim + # ../../2configs/storj/client.nix - + ../../2configs/backup/state.nix { makefu.backup.server.repo = "/media/cryptX/backup/borg"; } - - - # - - - - - - - - # - # + ../../2configs/backup/server.nix + ../../2configs/exim-retiolum.nix + # ../../2configs/smart-monitor.nix + ../../2configs/mail-client.nix + ../../2configs/mosh.nix + ../../2configs/tools/core.nix + ../../2configs/tools/dev.nix + ../../2configs/tools/desktop.nix + ../../2configs/tools/mobility.nix + ../../2configs/tools/consoles.nix + #../../2configs/graphite-standalone.nix + #../../2configs/share-user-sftp.nix - - # + ../../2configs/urlwatch + # ../../2configs/legacy_only.nix - - - - + ../../2configs/share + ../../2configs/share/omo.nix + ../../2configs/share/gum-client.nix + ../../2configs/sync - - # + ../../2configs/wireguard/wiregrill.nix + #../../2configs/dcpp/airdcpp.nix #{ krebs.airdcpp.dcpp.shares = let # d = path: "/media/cryptX/${path}"; # in { @@ -72,42 +72,42 @@ in { #services.sabnzbd.enable = true; #systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; } - # - + # ../../2configs/share/omo-timemachine.nix + ../../2configs/tinc/retiolum.nix # statistics - # + # ../../2configs/stats/client.nix # Logging #influx + grafana - - # + ../../2configs/stats/server.nix + # ../../2configs/stats/nodisk-client.nix # logs to influx - - - # - - + ../../2configs/stats/external/aralast.nix + ../../2configs/stats/telegraf + # ../../2configs/stats/telegraf/europastats.nix + ../../2configs/stats/telegraf/hamstats.nix + ../../2configs/hw/cdrip.nix # services { services.nginx.enable = true; networking.firewall.allowedTCPPorts = [ 80 8123 ]; } - # - + # ../../2configs/syncthing.nix + ../../2configs/remote-build/slave.nix # TODO: - - + ../../2configs/virtualisation/docker.nix + ../../2configs/bluetooth-mpd.nix - - - - # - - # - # - - + ../../2configs/home/jellyfin.nix + ../../2configs/home/music.nix + ../../2configs/home/photoprism.nix + # ../../2configs/home/tonie.nix + ../../2configs/home/ps4srv.nix + # ../../2configs/home/metube.nix + # ../../2configs/home/ham + ../../2configs/home/ham/docker.nix + ../../2configs/home/zigbee2mqtt { makefu.ps3netsrv = { enable = true; @@ -123,10 +123,10 @@ in { } # security - - # + ../../2configs/sshd-totp.nix + # ../../2configs/logging/central-logging-client.nix - # + # ../../2configs/torrent.nix { #krebs.rtorrent = { # downloadDir = lib.mkForce "/media/cryptX/torrent"; @@ -136,23 +136,23 @@ in { #}; } - # - # - # + # ../../2configs/elchos/search.nix + # ../../2configs/elchos/log.nix + # ../../2configs/elchos/irc-token.nix ## as long as pyload is not in nixpkgs: # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload # Temporary: - # - + # ../../2configs/temp/rst-issue.nix + ../../2configs/bgt/social-to-irc.nix ]; makefu.full-populate = true; nixpkgs.config.allowUnfree = true; users.users.share.isNormalUser = true; users.groups.share = { - gid = (import ).genid "share"; + gid = pkgs.stockholm.lib.genid "share"; members = [ "makefu" "misa" ]; }; networking.firewall.trustedInterfaces = [ primaryInterface "docker0" ]; diff --git a/1systems/omo/hw/omo.nix b/1systems/omo/hw/omo.nix index eaedbb7..1fd5212 100644 --- a/1systems/omo/hw/omo.nix +++ b/1systems/omo/hw/omo.nix @@ -40,7 +40,8 @@ in { imports = [ # TODO: unlock home partition via ssh ./vaapi.nix - ]; + ../../../2configs/fs/sda-crypto-root.nix + ]; makefu.server.primary-itf = primaryInterface; system.activationScripts.createCryptFolders = '' diff --git a/1systems/shack-autoinstall/config.nix b/1systems/shack-autoinstall/config.nix index d53c411..18bfd2c 100644 --- a/1systems/shack-autoinstall/config.nix +++ b/1systems/shack-autoinstall/config.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ; +with pkgs.stockholm.lib; let disk = "/dev/sda"; in { diff --git a/1systems/wry/config.nix b/1systems/wry/config.nix index b728703..abeb7d8 100644 --- a/1systems/wry/config.nix +++ b/1systems/wry/config.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ; +with pkgs.stockholm.lib; let external-ip = config.krebs.build.host.nets.internet.ip4.addr; diff --git a/1systems/x/config.nix b/1systems/x/config.nix index 18722dc..e4602b3 100644 --- a/1systems/x/config.nix +++ b/1systems/x/config.nix @@ -6,8 +6,7 @@ # ./x230 ./x13 - (self + "/2configs/default.nix") - + ../../2configs/default.nix ## Common Hardware Components # (self + "/makefu/2configs/hw/mceusb.nix") # (self + "/2configs/hw/rtl8812au.nix")