diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index f473d9e4c..a656fdce3 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -109,6 +109,8 @@ in {
#}
{ # wireguard server
+ # opkg install wireguard luci-proto-wireguard
+
# TODO: networking.nat
# boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
@@ -136,9 +138,23 @@ in {
allowedIPs = [ "10.244.0.3/32" ];
publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
}
+ {
+ # x-test
+ allowedIPs = [ "10.244.0.4/32" ];
+ publicKey = "vZ/AJpfDLJyU3DzvYeW70l4FNziVgSTumA89wGHG7XY=";
+ }
+ {
+ # work-router
+ allowedIPs = [ "10.244.0.5/32" ];
+ publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
+ }
];
};
}
+ { # iperf3
+ networking.firewall.allowedUDPPorts = [ 5201 ];
+ networking.firewall.allowedTCPPorts = [ 5201 ];
+ }
];
makefu.dl-dir = "/var/download";
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 3686acb6e..a32db91e1 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -61,7 +61,7 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/hw/tp-x230.nix>
<stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/wwan.nix>
- # <stockholm/makefu/2configs/hw/stk1160.nix>
+ <stockholm/makefu/2configs/hw/stk1160.nix>
# <stockholm/makefu/2configs/rad1o.nix>
# Filesystem
@@ -86,6 +86,7 @@ with import <stockholm/lib>;
nixpkgs.config.allowUnfree = true;
+ environment.systemPackages = [ pkgs.passwdqc-utils ];
# configure pulseAudio to provide a HDMI sink as well
@@ -103,7 +104,4 @@ with import <stockholm/lib>;
'';
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
-
- nix.package = pkgs.nixUnstable;
- environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
}
diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix
index 9e16a384a..ecbca9ea3 100644
--- a/makefu/2configs/deployment/photostore.krebsco.de.nix
+++ b/makefu/2configs/deployment/photostore.krebsco.de.nix
@@ -26,14 +26,16 @@ in {
services.nginx = {
enable = mkDefault true;
virtualHosts."photostore.krebsco.de" = {
- locations = {
- "/".extraConfig = ''
- uwsgi_pass unix://${wsgi-sock};
- uwsgi_param UWSGI_CHDIR ${workdir};
- uwsgi_param UWSGI_MODULE cuserver.main;
- uwsgi_param UWSGI_CALLABLE app;
- include ${pkgs.nginx}/conf/uwsgi_params;
- '';
+ enableACME = true;
+ forceSSL = true;
+ locations = {
+ "/".extraConfig = ''
+ uwsgi_pass unix://${wsgi-sock};
+ uwsgi_param UWSGI_CHDIR ${workdir};
+ uwsgi_param UWSGI_MODULE cuserver.main;
+ uwsgi_param UWSGI_CALLABLE app;
+ include ${pkgs.nginx}/conf/uwsgi_params;
+ '';
};
};
};
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
new file mode 100644
index 000000000..bdd146365
--- /dev/null
+++ b/makefu/2configs/hw/stk1160.nix
@@ -0,0 +1,14 @@
+{ pkgs, lib, ... }:
+{
+ # TODO: un-pin linuxPackages somehow
+ nixpkgs.config.packageOverrides = pkgs: {
+ linux_4_14 = pkgs.linux_4_14.override {
+ extraConfig = ''
+ MEDIA_ANALOG_TV_SUPPORT y
+ VIDEO_STK1160_COMMON m
+ VIDEO_STK1160_AC97 y
+ VIDEO_STK1160 m
+ '';
+ };
+ };
+}