Merge remote-tracking branch 'cd/master'
This commit is contained in:
commit
2de31dcef8
1systems
2configs
backup.nixbase-gui.nixbepasty-dual.nix
collectd
default.nixdeployment
elchos
exim-retiolum.nixfilepimp-share.nixfs
git
graphite-standalone.nixhw
mail-client.nixmain-laptop.nixmattermost-docker.nixnginx
omo-share.nixsabnzbd.nixsolr.nixtorrent.nixzsh-user.nix3modules
|
@ -1,6 +1,6 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
byid = dev: "/dev/disk/by-id/" + dev;
|
||||
rootDisk = byid "ata-ADATA_SSD_S599_64GB_10460000000000000039";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
|
||||
|
@ -40,7 +40,7 @@ in {
|
|||
'';
|
||||
connectTo = [
|
||||
"muhbaasu" "tahoe" "flap" "wry"
|
||||
"ire" "cd" "mkdir" "rmdir"
|
||||
"cd"
|
||||
"fastpoke" "prism" "dishfire" "echelon" "cloudkrebs"
|
||||
];
|
||||
};
|
||||
|
|
|
@ -66,7 +66,7 @@ in {
|
|||
'';
|
||||
};
|
||||
users.groups.share = {
|
||||
gid = config.krebs.lib.genid "share";
|
||||
gid = (import <stockholm/lib>).genid "share";
|
||||
members = [ "makefu" "misa" ];
|
||||
};
|
||||
networking.firewall.trustedInterfaces = [ primaryInterface ];
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{ config, lib, ... }:
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
# preparation:
|
||||
# mkdir -p defaultBackupDir/host.name/src
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
# if this is not enough, check out main-laptop.nix
|
||||
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
in
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
# wildcard.krebsco.de.key
|
||||
# bepasty-secret.nix <- contains single string
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
sec = toString <secrets>;
|
||||
# secKey is nothing worth protecting on a local machine
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
# graphite-web on port 8080
|
||||
# carbon cache on port 2003 (tcp/udp)
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
connect-time-cfg = with pkgs; writeText "collectd-connect-time.cfg" ''
|
||||
LoadPlugin python
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
imports = [
|
||||
{
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
# more than just nginx config but not enough to become a module
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
hostname = config.krebs.build.host.name;
|
||||
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
# graphite-web on port 8080
|
||||
# carbon cache on port 2003 (tcp/udp)
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
sec = toString <secrets>;
|
||||
acmepath = "/var/lib/acme/";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
networking.firewall.allowedTCPPorts = [ 25 ];
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
hostname = config.krebs.build.host.name;
|
||||
in {
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# vda1 ext4 (label nixos) -> only root partition
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
# / (main-root)
|
||||
# /home (main-home)
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
|
||||
imports = [
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
# sda1: boot ext4 (label nixboot) - must be unlocked on boot if required:
|
||||
# boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||
# sda2: cryptoluks -> ext4
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
boot = {
|
||||
loader.grub.enable = true;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# vda1 ext4 (label nixos) -> only root partition
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
imports = [
|
||||
./single-partition-ext4.nix
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
# TODO: remove tv lib :)
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
repos = priv-repos // krebs-repos ;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
# TODO: remove tv lib :)
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
repos = priv-repos // krebs-repos // connector-repos ;
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
# graphite-web on port 8080
|
||||
# carbon cache on port 2003 (tcp/udp)
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
imports = [ ];
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
|
||||
imports = [ ./tp-x2x0.nix ];
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
|
||||
imports = [ ./tp-x2x0.nix ];
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
networking.wireless.enable = lib.mkDefault true;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
abook
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
# not fit into base-gui
|
||||
# TODO split generic desktop stuff and laptop-specifics like lidswitching
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
window-manager = "awesome";
|
||||
user = config.krebs.build.user.name;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{config, lib, ...}:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
sec = toString <secrets>;
|
||||
ssl_cert = "${sec}/wildcard.krebsco.de.crt";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
sec = toString <secrets>;
|
||||
ssl_cert = "${sec}/wildcard.krebsco.de.crt";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
hostname = config.krebs.build.host.name;
|
||||
user = config.services.nginx.user;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
sec = toString <secrets>;
|
||||
ext-dom = "wiki.euer.krebsco.de";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
icecult = pkgs.fetchFromGitHub {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
krebs.nginx = {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
hostname = config.krebs.build.host.name;
|
||||
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
hostname = config.krebs.build.host.name;
|
||||
# TODO local-ip from the nets config
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
web-port = 8080;
|
||||
in {
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
# graphite-web on port 8080
|
||||
# carbon cache on port 2003 (tcp/udp)
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
solrHome = "/var/db/solr";
|
||||
in {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
daemon-user = "tor";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
##
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
in
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = config.makefu.awesome;
|
||||
out = {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
# based on <nixpkgs>/nixos/modules/services/torrent/deluge.nix
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
cfg_daemon = config.makefu.deluge;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = config.makefu.forward-journal;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = config.makefu.opentracker;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = config.makefu.ps3netsrv;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
# returns dirname without / , used as disk name
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = config.makefu.taskserver;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = config.makefu.udpt;
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
nixpkgs-1509 = import (pkgs.fetchFromGitHub {
|
||||
|
|
Loading…
Reference in a new issue