ma: random cleanup
This commit is contained in:
parent
cceb82a76a
commit
51edca6c1f
|
@ -6,13 +6,13 @@
|
|||
[ # Include the results of the hardware scan.
|
||||
<stockholm/makefu>
|
||||
|
||||
# <stockholm/makefu/2configs/hw/vbox-guest.nix>
|
||||
{ # until virtualbox-image is fixed
|
||||
imports = [
|
||||
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||
];
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
}
|
||||
<stockholm/makefu/2configs/hw/vbox-guest.nix>
|
||||
#{ # until virtualbox-image is fixed
|
||||
# imports = [
|
||||
# <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||
# ];
|
||||
# boot.loader.grub.device = lib.mkForce "/dev/sda";
|
||||
#}
|
||||
<stockholm/makefu/2configs/main-laptop.nix>
|
||||
# <secrets/extra-hosts.nix>
|
||||
|
||||
|
|
|
@ -8,57 +8,32 @@
|
|||
[ # Include the results of the hardware scan.
|
||||
<stockholm/makefu>
|
||||
<stockholm/makefu/2configs/main-laptop.nix>
|
||||
<stockholm/makefu/2configs/tools/all.nix>
|
||||
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
|
||||
# <stockholm/makefu/2configs/tools/all.nix>
|
||||
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||
# hardware specifics are in here
|
||||
# imports tp-x2x0.nix
|
||||
# <stockholm/makefu/2configs/hw/tp-x200.nix>
|
||||
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
||||
<stockholm/makefu/2configs/hw/bluetooth.nix>
|
||||
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||
|
||||
# <stockholm/makefu/2configs/rad1o.nix>
|
||||
|
||||
<stockholm/makefu/2configs/zsh-user.nix>
|
||||
<stockholm/makefu/2configs/exim-retiolum.nix>
|
||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||
|
||||
<stockholm/makefu/2configs/sshd-totp.nix>
|
||||
{
|
||||
programs.adb.enable = true;
|
||||
}
|
||||
];
|
||||
# not working in vm
|
||||
krebs.build.host = config.krebs.hosts.tsp;
|
||||
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||
boot.loader.grub.copyKernels = true;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
25
|
||||
];
|
||||
|
||||
# acer aspire
|
||||
networking.wireless.enable = lib.mkDefault true;
|
||||
|
||||
services.xserver.synaptics.enable = true;
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
zramSwap.enable = true;
|
||||
zramSwap.numDevices = 2;
|
||||
|
||||
services.tlp.enable = true;
|
||||
services.tlp.extraConfig = ''
|
||||
# BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery
|
||||
START_CHARGE_THRESH_BAT0=67
|
||||
STOP_CHARGE_THRESH_BAT0=100
|
||||
|
||||
|
||||
CPU_SCALING_GOVERNOR_ON_AC=performance
|
||||
CPU_SCALING_GOVERNOR_ON_BAT=ondemand
|
||||
CPU_MIN_PERF_ON_AC=0
|
||||
CPU_MAX_PERF_ON_AC=100
|
||||
CPU_MIN_PERF_ON_BAT=0
|
||||
CPU_MAX_PERF_ON_BAT=30
|
||||
'';
|
||||
|
||||
powerManagement.resumeCommands = ''
|
||||
${pkgs.rfkill}/bin/rfkill unblock all
|
||||
'';
|
||||
|
||||
}
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
enable = true;
|
||||
host = "0.0.0.0";
|
||||
users = {};
|
||||
# TODO: secure that shit
|
||||
allowAnonymous = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -17,6 +17,7 @@ in {
|
|||
"file_mode=0775"
|
||||
"dir_mode=0775"
|
||||
"uid=9001"
|
||||
"vers=3"
|
||||
];
|
||||
};
|
||||
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
irc-server = "rc.r";
|
||||
irc-server = "irc.r";
|
||||
irc-nick = "m-alarm";
|
||||
collectd-port = 25826;
|
||||
influx-port = 8086;
|
||||
grafana-port = 3000; # TODO nginx forward
|
||||
grafana-port = 3000;
|
||||
db = "collectd_db";
|
||||
logging-interface = config.makefu.server.primary-itf;
|
||||
in {
|
||||
|
@ -72,15 +72,16 @@ in {
|
|||
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||
iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||
#iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||
|
||||
ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||
ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||
ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||
ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||
#ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||
'';
|
||||
state = [ "/var/lib/grafana/data/grafana.db" ];
|
||||
}
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
_:
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
../binary-cache/lass.nix
|
||||
];
|
||||
krebs.tinc.retiolum.enable = true;
|
||||
environment.systemPackages = [ pkgs.tinc ];
|
||||
}
|
||||
|
|
|
@ -3,9 +3,11 @@
|
|||
# tools i use when actually working with the host.
|
||||
# package version will now be maintained by nix-rebuild
|
||||
#
|
||||
# essentially `nix-env -q` of the main user
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
( pkgs.writeScriptBin "unknow" ''#!/bin/sh
|
||||
${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts
|
||||
'')
|
||||
at_spi2_core
|
||||
acpi
|
||||
bc
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
gimp
|
||||
inkscape
|
||||
libreoffice
|
||||
quodlibet
|
||||
# skype
|
||||
synergy
|
||||
tdesktop
|
||||
|
|
|
@ -3,11 +3,14 @@
|
|||
{
|
||||
users.users.makefu.packages = with pkgs; [
|
||||
kodi
|
||||
streamripper
|
||||
youtube-dl
|
||||
calibre
|
||||
vlc
|
||||
mumble
|
||||
mplayer
|
||||
quodlibet
|
||||
|
||||
plowshare
|
||||
streamripper
|
||||
youtube-dl
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ stdenv, fetchFromGitHub
|
||||
, pkgconfig
|
||||
, cmake
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -13,7 +12,7 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
nativeBuildInputs = [ cmake ];
|
||||
installPhase = ''
|
||||
mkdir -p $out/{lib,bin}
|
||||
find -iname '*.so' -exec mv --target-directory="$out/lib" {} \;
|
||||
|
|
|
@ -33,15 +33,6 @@ in {
|
|||
inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
|
||||
patches = [ ./custom/inkscape/dxf_fix.patch ];
|
||||
});
|
||||
pwqgen-ger = callPackage <stockholm/krebs/5pkgs/simple/passwdqc-utils> {
|
||||
wordset-file = super.pkgs.fetchurl {
|
||||
urls = [
|
||||
https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c
|
||||
https://archive.org/download/nixos-stockholm-tarballs/pviar5j1gxiqcf3l34b4n2pil06xc8zf-wordset_4k.c
|
||||
];
|
||||
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
// (mapAttrs (_: flip callPackage {})
|
||||
|
|
Loading…
Reference in a new issue