From 7d30101dd3f4b6e1191e37ea6a81c1c33fa535de Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 13:57:55 +0100
Subject: [PATCH 1/4] Revert "ma hw/stk1160: rip"
This reverts commit 1cbc2e5aa359e7e9b4b32c9ef75902576347a6d0.
---
makefu/1systems/x/config.nix | 6 ++----
makefu/2configs/hw/stk1160.nix | 15 +++++++++++++++
2 files changed, 17 insertions(+), 4 deletions(-)
create mode 100644 makefu/2configs/hw/stk1160.nix
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 3686acb6e..a32db91e1 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -61,7 +61,7 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/hw/tp-x230.nix>
<stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/wwan.nix>
- # <stockholm/makefu/2configs/hw/stk1160.nix>
+ <stockholm/makefu/2configs/hw/stk1160.nix>
# <stockholm/makefu/2configs/rad1o.nix>
# Filesystem
@@ -86,6 +86,7 @@ with import <stockholm/lib>;
nixpkgs.config.allowUnfree = true;
+ environment.systemPackages = [ pkgs.passwdqc-utils ];
# configure pulseAudio to provide a HDMI sink as well
@@ -103,7 +104,4 @@ with import <stockholm/lib>;
'';
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
-
- nix.package = pkgs.nixUnstable;
- environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
}
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
new file mode 100644
index 000000000..b3a9e1a5a
--- /dev/null
+++ b/makefu/2configs/hw/stk1160.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+ # TODO: un-pin linuxPackages somehow
+ boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
+ nixpkgs.config.packageOverrides = pkgs: {
+ linux_4_9 = pkgs.linux_4_9.override {
+ extraConfig = ''
+ MEDIA_ANALOG_TV_SUPPORT y
+ VIDEO_STK1160_COMMON m
+ VIDEO_STK1160_AC97 y
+ VIDEO_STK1160 m
+ '';
+ };
+ };
+}
From a645fb4b9acd5103bcb1b33ada8ba93f120834fa Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:15:02 +0100
Subject: [PATCH 2/4] ma photostore.krebsco.de: enable ssl
---
.../deployment/photostore.krebsco.de.nix | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix
index 9e16a384a..ecbca9ea3 100644
--- a/makefu/2configs/deployment/photostore.krebsco.de.nix
+++ b/makefu/2configs/deployment/photostore.krebsco.de.nix
@@ -26,14 +26,16 @@ in {
services.nginx = {
enable = mkDefault true;
virtualHosts."photostore.krebsco.de" = {
- locations = {
- "/".extraConfig = ''
- uwsgi_pass unix://${wsgi-sock};
- uwsgi_param UWSGI_CHDIR ${workdir};
- uwsgi_param UWSGI_MODULE cuserver.main;
- uwsgi_param UWSGI_CALLABLE app;
- include ${pkgs.nginx}/conf/uwsgi_params;
- '';
+ enableACME = true;
+ forceSSL = true;
+ locations = {
+ "/".extraConfig = ''
+ uwsgi_pass unix://${wsgi-sock};
+ uwsgi_param UWSGI_CHDIR ${workdir};
+ uwsgi_param UWSGI_MODULE cuserver.main;
+ uwsgi_param UWSGI_CALLABLE app;
+ include ${pkgs.nginx}/conf/uwsgi_params;
+ '';
};
};
};
From 0c8071080121deb593be0899bc20ec3eb3169688 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:15:48 +0100
Subject: [PATCH 3/4] ma gum.r: add vpn pubkeys for work router
---
makefu/1systems/gum/config.nix | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index f473d9e4c..a656fdce3 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -109,6 +109,8 @@ in {
#}
{ # wireguard server
+ # opkg install wireguard luci-proto-wireguard
+
# TODO: networking.nat
# boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
@@ -136,9 +138,23 @@ in {
allowedIPs = [ "10.244.0.3/32" ];
publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
}
+ {
+ # x-test
+ allowedIPs = [ "10.244.0.4/32" ];
+ publicKey = "vZ/AJpfDLJyU3DzvYeW70l4FNziVgSTumA89wGHG7XY=";
+ }
+ {
+ # work-router
+ allowedIPs = [ "10.244.0.5/32" ];
+ publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
+ }
];
};
}
+ { # iperf3
+ networking.firewall.allowedUDPPorts = [ 5201 ];
+ networking.firewall.allowedTCPPorts = [ 5201 ];
+ }
];
makefu.dl-dir = "/var/download";
From 79ac162a9e967993252d910f5a6bb74c810fd0a1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 28 Jan 2018 14:16:11 +0100
Subject: [PATCH 4/4] ma hw/stk1160: bump linux kernel
---
makefu/2configs/hw/stk1160.nix | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix
index b3a9e1a5a..bdd146365 100644
--- a/makefu/2configs/hw/stk1160.nix
+++ b/makefu/2configs/hw/stk1160.nix
@@ -1,9 +1,8 @@
-{ pkgs, ... }:
+{ pkgs, lib, ... }:
{
# TODO: un-pin linuxPackages somehow
- boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages;
nixpkgs.config.packageOverrides = pkgs: {
- linux_4_9 = pkgs.linux_4_9.override {
+ linux_4_14 = pkgs.linux_4_14.override {
extraConfig = ''
MEDIA_ANALOG_TV_SUPPORT y
VIDEO_STK1160_COMMON m