diff --git a/1systems/darth/config.nix b/1systems/darth/config.nix index b390211..c8d17ca 100644 --- a/1systems/darth/config.nix +++ b/1systems/darth/config.nix @@ -10,15 +10,15 @@ let allDisks = [ rootDisk ]; # auxDisk in { imports = [ - ../. - ../2configs/fs/single-partition-ext4.nix - ../2configs/zsh-user.nix - ../2configs/smart-monitor.nix - ../2configs/exim-retiolum.nix - ../2configs/virtualization.nix + + + + + + - ../2configs/tinc/retiolum.nix - ../2configs/temp-share-samba.nix + + ]; services.samba.shares = { isos = { diff --git a/1systems/darth/source.nix b/1systems/darth/source.nix new file mode 100644 index 0000000..b13b6c6 --- /dev/null +++ b/1systems/darth/source.nix @@ -0,0 +1,3 @@ +import { + name="darth"; +} diff --git a/1systems/drop/config.nix b/1systems/drop/config.nix index 4a94c3f..b7e0d03 100644 --- a/1systems/drop/config.nix +++ b/1systems/drop/config.nix @@ -5,10 +5,10 @@ let prefixLength = 18; in { imports = [ - ../. - ../2configs/hw/CAC.nix - ../2configs/save-diskspace.nix - ../2configs/torrent.nix + + + + ]; krebs = { enable = true; diff --git a/1systems/drop/source.nix b/1systems/drop/source.nix new file mode 100644 index 0000000..74de846 --- /dev/null +++ b/1systems/drop/source.nix @@ -0,0 +1,3 @@ +import { + name="drop"; +} diff --git a/1systems/fileleech/config.nix b/1systems/fileleech/config.nix index 3aa5a54..b5ec370 100644 --- a/1systems/fileleech/config.nix +++ b/1systems/fileleech/config.nix @@ -22,16 +22,16 @@ let disks = [ { name = "luksroot"; device = rootPartition; } ] ++ dataDisks; in { imports = [ - ../. - ../2configs/tinc/retiolum.nix - ../2configs/disable_v6.nix - # ../2configs/torrent.nix - ../2configs/fs/sda-crypto-root.nix + + + + # + - #../2configs/elchos/irc-token.nix - ../2configs/elchos/log.nix - ../2configs/elchos/search.nix - ../2configs/elchos/stats.nix + # + + + ]; systemd.services.grafana.serviceConfig.LimitNOFILE=10032; diff --git a/1systems/fileleech/source.nix b/1systems/fileleech/source.nix new file mode 100644 index 0000000..699267e --- /dev/null +++ b/1systems/fileleech/source.nix @@ -0,0 +1,3 @@ +import { + name="fileleech"; +} diff --git a/1systems/filepimp/config.nix b/1systems/filepimp/config.nix index e143d00..65e81af 100644 --- a/1systems/filepimp/config.nix +++ b/1systems/filepimp/config.nix @@ -20,11 +20,11 @@ let in { imports = [ # Include the results of the hardware scan. - ../. - ../2configs/fs/single-partition-ext4.nix - ../2configs/smart-monitor.nix - ../2configs/tinc/retiolum.nix - ../2configs/filepimp-share.nix + + + + + ]; krebs.build.host = config.krebs.hosts.filepimp; @@ -73,9 +73,9 @@ in { xfsmount = name: dev: { "/media/${name}" = { device = dev; fsType = "xfs"; }; }; in - # (xfsmount "j0" (part1 jDisk0)) // - (xfsmount "j1" (part1 jDisk1)) // - (xfsmount "j2" (part1 jDisk2)) // + # (xfsmount "j0" (part1 jDisk0)) + (xfsmount "j1" (part1 jDisk1)) + (xfsmount "j2" (part1 jDisk2)) (xfsmount "par0" (part1 jDisk3)) ; diff --git a/1systems/filepimp/source.nix b/1systems/filepimp/source.nix new file mode 100644 index 0000000..88c9f4f --- /dev/null +++ b/1systems/filepimp/source.nix @@ -0,0 +1,3 @@ +import { + name="filepimp"; +} diff --git a/1systems/gum/config.nix b/1systems/gum/config.nix index 51761d3..aaddd8a 100644 --- a/1systems/gum/config.nix +++ b/1systems/gum/config.nix @@ -13,47 +13,47 @@ let main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; in { imports = [ - ../. + - ../2configs/headless.nix - ../2configs/fs/single-partition-ext4.nix - # ../2configs/smart-monitor.nix - ../2configs/git/cgit-retiolum.nix - ../2configs/backup.nix - # ../2configs/mattermost-docker.nix - # ../2configs/disable_v6.nix - ../2configs/exim-retiolum.nix - ../2configs/tinc/retiolum.nix - ../2configs/urlwatch + + + # + + + # + # + + + # Security - ../2configs/sshd-totp.nix + # Tools - ../2configs/tools/core.nix - ../2configs/tools/dev.nix - ../2configs/tools/sec.nix + + + # services - ../2configs/share/gum.nix - ../2configs/sabnzbd.nix - ../2configs/torrent.nix - ../2configs/iodined.nix + + + + ## Web - ../2configs/nginx/share-download.nix - ../2configs/nginx/euer.test.nix - ../2configs/nginx/euer.wiki.nix - ../2configs/nginx/euer.blog.nix - ../2configs/nginx/public_html.nix - ../2configs/nginx/update.connector.one.nix + + + + + + - ../2configs/deployment/mycube.connector.one.nix - ../2configs/deployment/graphs.nix - ../2configs/deployment/owncloud.nix - ../2configs/deployment/wiki-irc-bot - ../2configs/deployment/boot-euer.nix - ../2configs/deployment/hound + + + + + + { services.taskserver.enable = true; services.taskserver.fqdn = config.krebs.build.host.name; @@ -64,12 +64,12 @@ in { ip6tables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT ''; } - # ../2configs/ipfs.nix - ../2configs/syncthing.nix + # + - # ../2configs/opentracker.nix - ../2configs/stats/client.nix - # ../2configs/logging/client.nix + # + + # ]; makefu.dl-dir = "/var/download"; diff --git a/1systems/gum/source.nix b/1systems/gum/source.nix new file mode 100644 index 0000000..82d42b4 --- /dev/null +++ b/1systems/gum/source.nix @@ -0,0 +1,3 @@ +import { + name="gum"; +} diff --git a/1systems/iso/config.nix b/1systems/iso/config.nix index c679241..f863321 100644 --- a/1systems/iso/config.nix +++ b/1systems/iso/config.nix @@ -3,10 +3,10 @@ with import ; { imports = [ - ../. + - ../2configs/tools/core.nix + ]; # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos diff --git a/1systems/iso/source.nix b/1systems/iso/source.nix new file mode 100644 index 0000000..e200dbf --- /dev/null +++ b/1systems/iso/source.nix @@ -0,0 +1,3 @@ +import { + name="iso"; +} diff --git a/1systems/omo/config.nix b/1systems/omo/config.nix index 0f1b8e0..732f1d8 100644 --- a/1systems/omo/config.nix +++ b/1systems/omo/config.nix @@ -39,35 +39,35 @@ let in { imports = [ - ../. + # TODO: unlock home partition via ssh - ../2configs/fs/sda-crypto-root.nix - ../2configs/zsh-user.nix - ../2configs/backup.nix - ../2configs/exim-retiolum.nix - ../2configs/smart-monitor.nix - ../2configs/mail-client.nix - # ../2configs/disable_v6.nix - #../2configs/graphite-standalone.nix - #../2configs/share-user-sftp.nix - ../2configs/share/omo.nix - ../2configs/tinc/retiolum.nix + + + + + + + # + # + # + + # Logging - ../2configs/stats/server.nix #influx + grafana - ../2configs/stats/client.nix - ../2configs/stats/external/aralast.nix # logs to influx + + + # services - ../2configs/syncthing.nix - ../2configs/mqtt.nix - # ../2configs/logging/central-logging-client.nix + + + # - # ../2configs/torrent.nix + # - # ../2configs/elchos/search.nix - # ../2configs/elchos/log.nix - # ../2configs/elchos/irc-token.nix + # + # + # ## as long as pyload is not in nixpkgs: # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload diff --git a/1systems/omo/source.nix b/1systems/omo/source.nix new file mode 100644 index 0000000..94fd9cb --- /dev/null +++ b/1systems/omo/source.nix @@ -0,0 +1,3 @@ +import { + name="omo"; +} diff --git a/1systems/pnp/config.nix b/1systems/pnp/config.nix index 971676b..cc6326f 100644 --- a/1systems/pnp/config.nix +++ b/1systems/pnp/config.nix @@ -6,16 +6,16 @@ { imports = [ - ../. - ../2configs/headless.nix + + ../../krebs/3modules/Reaktor.nix # these will be overwritten by qemu-vm.nix but will be used if the system # is directly deployed - ../2configs/fs/vm-single-partition.nix + - ../2configs/tinc/retiolum.nix + # config.system.build.vm (toString ) diff --git a/1systems/pnp/source.nix b/1systems/pnp/source.nix new file mode 100644 index 0000000..0b630aa --- /dev/null +++ b/1systems/pnp/source.nix @@ -0,0 +1,3 @@ +import { + name="pnp"; +} diff --git a/1systems/repunit/config.nix b/1systems/repunit/config.nix index 7102b8f..996abff 100644 --- a/1systems/repunit/config.nix +++ b/1systems/repunit/config.nix @@ -7,10 +7,10 @@ { imports = [ # Include the results of the hardware scan. - ../. + - ../2configs/git/cgit-retiolum.nix - ../2configs/tinc/retiolum.nix + + ]; krebs.build.host = config.krebs.hosts.repunit; diff --git a/1systems/repunit/source.nix b/1systems/repunit/source.nix new file mode 100644 index 0000000..ff361fb --- /dev/null +++ b/1systems/repunit/source.nix @@ -0,0 +1,3 @@ +import { + name="repunit"; +} diff --git a/1systems/sdev/config.nix b/1systems/sdev/config.nix index 233f7ce..f3853a7 100644 --- a/1systems/sdev/config.nix +++ b/1systems/sdev/config.nix @@ -4,14 +4,14 @@ makefu.awesome.modkey = "Mod1"; imports = [ # Include the results of the hardware scan. - ../. + (toString ) (toString ) - ../2configs/main-laptop.nix #< base-gui + # # environment - ../2configs/tinc/retiolum.nix + ]; # workaround for https://github.com/NixOS/nixpkgs/issues/16641 diff --git a/1systems/sdev/source.nix b/1systems/sdev/source.nix new file mode 100644 index 0000000..833d9bf --- /dev/null +++ b/1systems/sdev/source.nix @@ -0,0 +1,3 @@ +import { + name="sdev"; +} diff --git a/1systems/shoney/config.nix b/1systems/shoney/config.nix index 9f04e97..6cec260 100644 --- a/1systems/shoney/config.nix +++ b/1systems/shoney/config.nix @@ -9,12 +9,12 @@ let gw = "64.137.234.1"; in { imports = [ - ../. - ../2configs/save-diskspace.nix - ../2configs/hw/CAC.nix - ../2configs/fs/CAC-CentOS-7-64bit.nix - ../2configs/tinc/retiolum.nix - ../2configs/torrent.nix + + + + + + ]; diff --git a/1systems/shoney/source.nix b/1systems/shoney/source.nix new file mode 100644 index 0000000..382474f --- /dev/null +++ b/1systems/shoney/source.nix @@ -0,0 +1,3 @@ +import { + name="shoney"; +} diff --git a/1systems/studio/config.nix b/1systems/studio/config.nix index f7d49ca..b9a1a5d 100644 --- a/1systems/studio/config.nix +++ b/1systems/studio/config.nix @@ -1,14 +1,14 @@ { config, pkgs, ... }: { imports = [ - ../. - ../2configs/vncserver.nix - ../2configs/vim.nix - ../2configs/disable_v6.nix - ../2configs/audio/jack-on-pulse.nix - ../2configs/audio/realtime-audio.nix - ../2configs/gui/studio.nix - ../2configs/binary-cache/lass.nix + + + + + + + + ]; makefu.gui.user = "user"; # we use an extra user diff --git a/1systems/studio/source.nix b/1systems/studio/source.nix new file mode 100644 index 0000000..f5a7e19 --- /dev/null +++ b/1systems/studio/source.nix @@ -0,0 +1,3 @@ +import { + name="studio"; +} diff --git a/1systems/tsp/config.nix b/1systems/tsp/config.nix index 25fc2b4..7169638 100644 --- a/1systems/tsp/config.nix +++ b/1systems/tsp/config.nix @@ -6,18 +6,18 @@ { imports = [ # Include the results of the hardware scan. - ../. - ../2configs/gui/base.nix - ../2configs/fs/sda-crypto-root.nix + + + # hardware specifics are in here - ../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix + - ../2configs/disable_v6.nix - ../2configs/rad1o.nix + + - ../2configs/zsh-user.nix - ../2configs/exim-retiolum.nix - ../2configs/tinc/retiolum.nix + + + ]; # not working in vm krebs.build.host = config.krebs.hosts.tsp; diff --git a/1systems/tsp/source.nix b/1systems/tsp/source.nix new file mode 100644 index 0000000..79f6a43 --- /dev/null +++ b/1systems/tsp/source.nix @@ -0,0 +1,3 @@ +import { + name="tsp"; +} diff --git a/1systems/vbob/config.nix b/1systems/vbob/config.nix index d8e275b..933fcf0 100644 --- a/1systems/vbob/config.nix +++ b/1systems/vbob/config.nix @@ -4,24 +4,24 @@ makefu.awesome.modkey = "Mod1"; imports = [ # Include the results of the hardware scan. - ../. + (toString ) (toString ) - ../2configs/main-laptop.nix #< base-gui - ../2configs/sshd-totp.nix + + # Tools - ../2configs/tools/core.nix - ../2configs/tools/core-gui.nix - ../2configs/tools/dev.nix - ../2configs/tools/extra-gui.nix - ../2configs/tools/sec.nix + + + + + # environment - ../2configs/tinc/retiolum.nix + - ../2configs/audio/jack-on-pulse.nix - ../2configs/audio/realtime-audio.nix + + ]; networking.extraHosts = import (toString ); diff --git a/1systems/vbob/source.nix b/1systems/vbob/source.nix new file mode 100644 index 0000000..96c3f36 --- /dev/null +++ b/1systems/vbob/source.nix @@ -0,0 +1,3 @@ +import { + name="vbob"; +} diff --git a/1systems/wbob/config.nix b/1systems/wbob/config.nix index 5d0dd4a..c530aaa 100644 --- a/1systems/wbob/config.nix +++ b/1systems/wbob/config.nix @@ -7,23 +7,23 @@ in { imports = [ # Include the results of the hardware scan. - ../. - ../2configs/zsh-user.nix - ../2configs/tools/core.nix - ../2configs/tools/core-gui.nix - ../2configs/tools/extra-gui.nix - ../2configs/tools/media.nix - ../2configs/virtualization.nix - ../2configs/tinc/retiolum.nix - ../2configs/mqtt.nix - ../2configs/deployment/led-fader.nix - # ../2configs/gui/wbob-kiosk.nix - ../2configs/stats/client.nix + + + + + + + + + + + # + - ../2configs/gui/studio.nix - ../2configs/audio/jack-on-pulse.nix - ../2configs/audio/realtime-audio.nix - ../2configs/vncserver.nix + + + + ]; krebs = { diff --git a/1systems/wbob/source.nix b/1systems/wbob/source.nix new file mode 100644 index 0000000..419ebbe --- /dev/null +++ b/1systems/wbob/source.nix @@ -0,0 +1,3 @@ +import { + name="wbob"; +} diff --git a/1systems/wry/config.nix b/1systems/wry/config.nix index f5097bf..2db1a9a 100644 --- a/1systems/wry/config.nix +++ b/1systems/wry/config.nix @@ -7,26 +7,26 @@ let internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; in { imports = [ - ../. + # TODO: copy this config or move to krebs - ../2configs/hw/CAC.nix - ../2configs/fs/CAC-CentOS-7-64bit.nix - ../2configs/save-diskspace.nix + + + - # ../2configs/bepasty-dual.nix + # - ../2configs/iodined.nix - ../2configs/backup.nix + + # other nginx - # ../2configs/nginx/euer.test.nix + # # collectd - ../2configs/stats/client.nix - ../2configs/logging/client.nix + + - ../2configs/tinc/retiolum.nix - # ../2configs/torrent.nix + + # ]; krebs.build.host = config.krebs.hosts.wry; diff --git a/1systems/wry/source.nix b/1systems/wry/source.nix new file mode 100644 index 0000000..fac3877 --- /dev/null +++ b/1systems/wry/source.nix @@ -0,0 +1,3 @@ +import { + name="wry"; +} diff --git a/1systems/x/config.nix b/1systems/x/config.nix index 235862e..b84394c 100644 --- a/1systems/x/config.nix +++ b/1systems/x/config.nix @@ -7,61 +7,61 @@ with import ; { imports = [ # base - ../. - ../2configs/main-laptop.nix - ../2configs/extra-fonts.nix - ../2configs/tools/all.nix - ../2configs/laptop-backup.nix - ../2configs/dnscrypt.nix - ../2configs/avahi.nix + + + + + + + # Debugging - # ../2configs/disable_v6.nix + # # Testing - # ../2configs/lanparty/lancache.nix - # ../2configs/lanparty/lancache-dns.nix - # ../2configs/deployment/dirctator.nix - # ../2configs/vncserver.nix - # ../2configs/deployment/led-fader - # ../2configs/deployment/hound + # + # + # + # + # + # # development - ../2configs/sources + # Krebs - ../2configs/tinc/retiolum.nix + # applications - ../2configs/exim-retiolum.nix - ../2configs/mail-client.nix - ../2configs/printer.nix - ../2configs/task-client.nix + + + + # Virtualization - ../2configs/virtualization.nix - ../2configs/docker.nix - ../2configs/virtualization-virtualbox.nix + + + # Services - ../2configs/git/brain-retiolum.nix - ../2configs/tor.nix - ../2configs/steam.nix - # ../2configs/buildbot-standalone.nix + + + + # # Hardware - ../2configs/hw/tp-x230.nix - ../2configs/hw/rtl8812au.nix - ../2configs/hw/exfat-nofuse.nix - ../2configs/hw/wwan.nix - # ../2configs/hw/stk1160.nix - # ../2configs/rad1o.nix + + + + + # + # # Filesystem - ../2configs/fs/sda-crypto-root-home.nix + # Security - ../2configs/sshd-totp.nix + ]; diff --git a/1systems/x/source.nix b/1systems/x/source.nix new file mode 100644 index 0000000..54ec3c8 --- /dev/null +++ b/1systems/x/source.nix @@ -0,0 +1,4 @@ +import { + name="x"; + full = true; +} diff --git a/source.nix b/source.nix index 18733ee..a24af4d 100644 --- a/source.nix +++ b/source.nix @@ -1,29 +1,38 @@ with import ; -host@{ name, secure ? false, override ? {} }: let +host@{ name, secure ? false, override ? {}, full ? false }: let builder = if getEnv "dummy_secrets" == "true" then "buildbot" - else "tv"; - _file = + "/tv/1systems/${name}/source.nix"; + else "makefu"; + _file = + "/makefu/1systems/${name}/source.nix"; + ref = "06734d1"; # unstable @ 2017-07-03 + graceful requests2 (a772c3aa) + in evalSource (toString _file) [ { - nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; - nixpkgs.git = { - # nixos-17.03 - ref = mkDefault "94941cb0455bfc50b1bf63186cfad7136d629f78"; - url = https://github.com/NixOS/nixpkgs; - }; + nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix"; + # always perform a full populate when buildbot + nixpkgs = if full || (builder == "buildbot" ) then { + git = { + url = https://github.com/makefu/nixpkgs; + inherit ref; + }; + } else { + # TODO use http, once it is implemented + # right now it is simply extracted revision folder + + ## prepare so we do not have to wait for rsync: + ## cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/125ffff -L | tar zx && mv NixOS-nixpkgs-125ffff nixpkgs + file = "/home/makefu/store/${ref}"; + }; + secrets.file = getAttr builder { - buildbot = toString ; - tv = "/home/tv/secrets/${name}"; + buildbot = toString ; + makefu = "/home/makefu/secrets/${name}"; }; stockholm.file = toString ; } - (mkIf (builder == "tv") { - secrets-common.file = "/home/tv/secrets/common"; - }) - (mkIf (builder == "tv" && secure) { - secrets-master.file = "/home/tv/secrets/master"; + (mkIf (builder == "makefu") { + secrets-common.file = "/home/makefu/secrets/common"; }) override ]