From b1983327610628028021374e519baa27dc63d9bf Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Wed, 20 Dec 2017 18:15:49 +0100
Subject: [PATCH 01/24] jeschli bln: +sqlite, datagrip
---
jeschli/1systems/bln/config.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 901970e81..0748667ba 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -72,6 +72,8 @@
rxvt_unicode
# editors
emacs
+ # databases
+ sqlite
# internet
thunderbird
hipchat
@@ -91,6 +93,7 @@
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
+ jetbrains.datagrip
texlive.combined.scheme-full
pandoc
redis
From c87334ccc6406ab07904ce3715378dd9bf392286 Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Sat, 23 Dec 2017 09:19:45 +0100
Subject: [PATCH 02/24] jeschli bln: gh/gd aliases
---
jeschli/1systems/bln/config.nix | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 0748667ba..578638a7e 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -54,7 +54,11 @@
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
nixpkgs.config.allowUnfree = true;
- environment.shellAliases = { n = "nix-shell"; };
+ environment.shellAliases = {
+ n = "nix-shell";
+ gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
+ gh = "cd /home/markus/go/src/github.com";
+ };
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
environment.systemPackages = with pkgs; [
# system helper
From 08fa15d17350f78ee6a85e5d7194ce663e0103a9 Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Wed, 27 Dec 2017 17:34:26 +0100
Subject: [PATCH 03/24] jeschli bln: wireless for 34c3
---
jeschli/1systems/bln/config.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 578638a7e..9ea680129 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -37,8 +37,8 @@
];
networking.hostName = "BLN02NB0154"; # Define your hostname.
- networking.networkmanager.enable = true;
- #networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
+ # networking.networkmanager.enable = true;
+ networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
From 84fdbeba2ceee152a128f5e9013043c172c07ecf Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 2 Jan 2018 20:22:44 +0100
Subject: [PATCH 04/24] tv source: turn dummy_secrets into an argument
---
tv/source.nix | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/tv/source.nix b/tv/source.nix
index 31308fc99..b5e3f7cd7 100644
--- a/tv/source.nix
+++ b/tv/source.nix
@@ -1,8 +1,10 @@
with import <stockholm/lib>;
-host@{ name, secure ? false, override ? {} }: let
- builder = if getEnv "dummy_secrets" == "true"
- then "buildbot"
- else "tv";
+{ name
+, dummy_secrets ? getEnv "dummy_secrets" == "true"
+, override ? {}
+, secure ? false
+}@host: let
+ builder = if dummy_secrets then "buildbot" else "tv";
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
in
evalSource (toString _file) [
From 68733092391f43d0fd9e04f095cdad826e2d54e8 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 2 Jan 2018 21:18:51 +0100
Subject: [PATCH 05/24] stockholm: {shell => cmds}.get-version
---
krebs/5pkgs/simple/stockholm/default.nix | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)
diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix
index 5705f086d..53c1ca5ba 100644
--- a/krebs/5pkgs/simple/stockholm/default.nix
+++ b/krebs/5pkgs/simple/stockholm/default.nix
@@ -92,6 +92,17 @@
-I "$target_path"
'');
+ cmds.get-version = pkgs.writeDash "get-version" ''
+ set -efu
+ hostname=''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)}
+ version=git.$(${pkgs.git}/bin/git describe --always --dirty)
+ case $version in (*-dirty)
+ version=$version@$hostname
+ esac
+ date=$(${pkgs.coreutils}/bin/date +%y.%m)
+ echo "$date.$version"
+ '';
+
cmds.install = pkgs.withGetopt {
force-populate = { default = /* sh */ "false"; switch = true; };
quiet = { default = /* sh */ "false"; switch = true; };
@@ -205,7 +216,7 @@
init.env = pkgs.writeText "init.env" /* sh */ ''
export HOSTNAME="$(${pkgs.nettools}/bin/hostname)"
- export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${shell.get-version})}"
+ export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${cmds.get-version})}"
export quiet
export system
@@ -274,16 +285,6 @@
fi
'';
- shell.get-version = pkgs.writeDash "stockholm.get-version" ''
- set -efu
- version=git.$(${pkgs.git}/bin/git describe --always --dirty)
- case $version in (*-dirty)
- version=$version@$HOSTNAME
- esac
- date=$(${pkgs.coreutils}/bin/date +%y.%m)
- echo "$date.$version"
- '';
-
in
pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link:
From 67dd126fc4244c40cd819be8cc23a15f6b1b1d6c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 4 Jan 2018 01:25:59 +0100
Subject: [PATCH 06/24] fix meltdown
---
lass/2configs/security-workarounds.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix
index 537c8a59b..c3d07d5fe 100644
--- a/lass/2configs/security-workarounds.nix
+++ b/lass/2configs/security-workarounds.nix
@@ -5,4 +5,6 @@ with import <stockholm/lib>;
boot.extraModprobeConfig = ''
install dccp /run/current-system/sw/bin/false
'';
+
+ boot.kernelPackages = pkgs.linuxPackages_latest;
}
From 593ca08de18e8e5a20ef23ec0ef950a5572156a9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 4 Jan 2018 02:19:22 +0100
Subject: [PATCH 07/24] wolf: don't use gone save-diskspace
---
krebs/1systems/wolf/config.nix | 1 -
1 file changed, 1 deletion(-)
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 0b21c0b6c..9d6955e7e 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -10,7 +10,6 @@ in
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
<stockholm/krebs/2configs/collectd-base.nix>
<stockholm/krebs/2configs/stats/wolf-client.nix>
- <stockholm/krebs/2configs/save-diskspace.nix>
<stockholm/krebs/2configs/graphite.nix>
<stockholm/krebs/2configs/buildbot-krebs.nix>
From 5dc8b8b3f3203d32653eb27c7c0dff6f29afca73 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 4 Jan 2018 02:28:44 +0100
Subject: [PATCH 08/24] tv wu: move video driver stuff to w110er
---
tv/1systems/wu/config.nix | 6 ------
tv/2configs/hw/w110er.nix | 17 +++++++++++++++++
2 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index 5c593894a..b3e084fe2 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -44,12 +44,6 @@ with import <stockholm/lib>;
};
};
- krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name;
- hardware.bumblebee.enable = true;
- hardware.bumblebee.group = "video";
- hardware.enableRedistributableFirmware= true;
- hardware.opengl.driSupport32Bit = true;
-
services.printing.enable = true;
services.udev.extraRules = ''
diff --git a/tv/2configs/hw/w110er.nix b/tv/2configs/hw/w110er.nix
index 787bfc6e9..55e9482d4 100644
--- a/tv/2configs/hw/w110er.nix
+++ b/tv/2configs/hw/w110er.nix
@@ -1,8 +1,20 @@
+with import <stockholm/lib>;
{ pkgs, ... }:
{
imports = [
../smartd.nix
+ {
+ # nvidia doesn't build despite
+ # https://github.com/NixOS/nixpkgs/issues/33284
+ #hardware.bumblebee.enable = true;
+ #hardware.bumblebee.group = "video";
+ #hardware.enableRedistributableFirmware= true;
+ #krebs.nixpkgs.allowUnfreePredicate = pkg:
+ # hasPrefix "nvidia-x11-" pkg.name ||
+ # hasPrefix "nvidia-persistenced-" pkg.name ||
+ # hasPrefix "nvidia-settings-" pkg.name;
+ }
];
boot.extraModprobeConfig = ''
@@ -15,6 +27,7 @@
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
+ hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = [ pkgs.vaapiIntel ];
networking.wireless.enable = true;
@@ -41,4 +54,8 @@
echo auto > $i/power/control # defaults to 'on'
done)
'';
+
+ services.xserver = {
+ videoDriver = "intel";
+ };
}
From 98aedda77da37071ff6b9a2e989fac1e6b1e2270 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 4 Jan 2018 02:31:27 +0100
Subject: [PATCH 09/24] tv vim: sh.extraStart add writeAsh
---
tv/2configs/vim.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix
index 8a27b606a..59619f9b5 100644
--- a/tv/2configs/vim.nix
+++ b/tv/2configs/vim.nix
@@ -233,7 +233,7 @@ let {
lua = {};
sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
sh.extraStart = concatStringsSep ''\|'' [
- ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
+ ''write\(A\|Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
''[a-z]*Phase[ \t\r\n]*=''
];
yaml = {};
From 8bf0916f1e1ffbf233564726bb07ead1f33b19c0 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 4 Jan 2018 02:35:11 +0100
Subject: [PATCH 10/24] tv: use pkgs.linuxPackages_latest
---
tv/2configs/default.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 280552fe4..2ccab3d09 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -1,6 +1,8 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: {
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+
boot.tmpOnTmpfs = true;
krebs.enable = true;
From 1f85655f52ebeaf32d615aae72231c8449604b89 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 4 Jan 2018 02:40:36 +0100
Subject: [PATCH 11/24] tv: RIP schnabel*
---
krebs/3modules/tv/default.nix | 18 ------------------
1 file changed, 18 deletions(-)
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 98145274c..ce01be5f3 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -201,24 +201,6 @@ with import <stockholm/lib>;
};
};
};
- schnabeldrucker = {
- external = true;
- nets = {
- gg23 = {
- ip4.addr = "10.23.1.21";
- aliases = ["schnabeldrucker.gg23"];
- };
- };
- };
- schnabelscanner = {
- external = true;
- nets = {
- gg23 = {
- ip4.addr = "10.23.1.22";
- aliases = ["schnabelscanner.gg23"];
- };
- };
- };
wu = {
ci = true;
cores = 4;
From 63800b93ffb9e1e612f2d51ff88597b351caeefb Mon Sep 17 00:00:00 2001
From: jeschli <jeschli@gmail.com>
Date: Thu, 4 Jan 2018 18:51:22 +0100
Subject: [PATCH 12/24] jeschli nixpkgs: f9390d6 -> d83c808
---
jeschli/1systems/brauerei/config.nix | 2 +-
jeschli/source.nix | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix
index 171a002da..2dec45795 100644
--- a/jeschli/1systems/brauerei/config.nix
+++ b/jeschli/1systems/brauerei/config.nix
@@ -96,7 +96,7 @@
# Enable the X11 windowing system.
services.xserver.enable = true;
- # services.xserver.layout = "us";
+ services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable touchpad support.
diff --git a/jeschli/source.nix b/jeschli/source.nix
index d1b64b0ed..ae9e1e72e 100644
--- a/jeschli/source.nix
+++ b/jeschli/source.nix
@@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "f9390d6";
+ ref = "d83c808";
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;
From 9b46b200cb4b4b1ba36d7cdc21765806f3bd5734 Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Fri, 5 Jan 2018 10:46:36 +0100
Subject: [PATCH 13/24] jeschli bln: activated nm again
---
jeschli/1systems/bln/config.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 9ea680129..5ffa99c86 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -37,8 +37,8 @@
];
networking.hostName = "BLN02NB0154"; # Define your hostname.
- # networking.networkmanager.enable = true;
- networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
+ networking.networkmanager.enable = true;
+ # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
From 07e5ece6f65952f1b88d5c2cea9da4a9137b7567 Mon Sep 17 00:00:00 2001
From: Markus Hihn <markus.hihn@dcso.de>
Date: Fri, 5 Jan 2018 12:37:34 +0100
Subject: [PATCH 14/24] jeschli bln: +tig
---
jeschli/1systems/bln/config.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix
index 5ffa99c86..873c0fa3d 100644
--- a/jeschli/1systems/bln/config.nix
+++ b/jeschli/1systems/bln/config.nix
@@ -66,6 +66,7 @@
copyq
dmenu
git
+ tig
i3lock
keepass
networkmanagerapplet
From a6722fd306a19678f757680da989808af5fc9973 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 15:45:27 +0100
Subject: [PATCH 15/24] hotdog.r: remove repo-sync
---
krebs/1systems/hotdog/config.nix | 5 -----
krebs/2configs/buildbot-all.nix | 4 ----
2 files changed, 9 deletions(-)
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 73b5377bd..98fb88702 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -20,10 +20,5 @@
boot.isContainer = true;
networking.useDHCP = false;
- krebs.repo-sync.repos.stockholm.timerConfig = {
- OnBootSec = "5min";
- OnUnitInactiveSec = "2min";
- RandomizedDelaySec = "2min";
- };
krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm";
}
diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix
index ca994e996..5ea78f227 100644
--- a/krebs/2configs/buildbot-all.nix
+++ b/krebs/2configs/buildbot-all.nix
@@ -1,10 +1,6 @@
with import <stockholm/lib>;
{ lib, config, pkgs, ... }:
{
- imports = [
- <stockholm/krebs/2configs/repo-sync.nix>
- ];
-
networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
krebs.ci.enable = true;
krebs.ci.treeStableTimer = 1;
From 194e22c517ab22664aea2148421182c6c4ac43d6 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 15:45:51 +0100
Subject: [PATCH 16/24] l prism.r: repo-sync stockholm every 2 minutes
---
lass/1systems/prism/config.nix | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 593a1fc9c..0b2c10f92 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -302,6 +302,13 @@ in {
}
];
}
+ {
+ krebs.repo-sync.repos.stockholm.timerConfig = {
+ OnBootSec = "5min";
+ OnUnitInactiveSec = "2min";
+ RandomizedDelaySec = "2min";
+ };
+ }
];
krebs.build.host = config.krebs.hosts.prism;
From bd3b2a2bbd3c9b2e6dee2646a580f83b8438d03d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 15:46:13 +0100
Subject: [PATCH 17/24] buildbot slave: don't fail on remove
---
krebs/3modules/buildbot/slave.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix
index 0af553c5d..fba585448 100644
--- a/krebs/3modules/buildbot/slave.nix
+++ b/krebs/3modules/buildbot/slave.nix
@@ -161,7 +161,7 @@ let
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
set -efux
#remove garbage from old versions
- rm -r ${workdir}
+ rm -rf ${workdir}
mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac
echo ${contact} > ${workdir}/info/admin
From 2e9d5375f6134cba6dfbc3fd048fabfa2363ff83 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 15:55:32 +0100
Subject: [PATCH 18/24] l mors.r: remove exfat-nofuse
---
lass/1systems/mors/config.nix | 4 ----
1 file changed, 4 deletions(-)
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index 8c7c39a6f..c231a0b10 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -70,10 +70,6 @@ with import <stockholm/lib>;
pkgs.ovh-zone
];
}
- {
- #ps vita stuff
- boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
- }
{
services.tor = {
enable = true;
From 65a1bf47566a8d17e2d3928f3eec03e941311c61 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 15:58:23 +0100
Subject: [PATCH 19/24] l daedalus.r: enable flash
---
lass/1systems/daedalus/config.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix
index 6674b3db5..8ec744584 100644
--- a/lass/1systems/daedalus/config.nix
+++ b/lass/1systems/daedalus/config.nix
@@ -41,6 +41,7 @@ with import <stockholm/lib>;
skype
wine
];
+ nixpkgs.config.firefox.enableAdobeFlash = true;
services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
From 5c8676bc9cbf918fa8c1f9995d5b7cc790d5414e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 15:59:11 +0100
Subject: [PATCH 20/24] l daedalus.r: add ens* to dhcpcd interfaces
---
lass/1systems/dishfire/config.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix
index 416edeb82..7993c763e 100644
--- a/lass/1systems/dishfire/config.nix
+++ b/lass/1systems/dishfire/config.nix
@@ -43,6 +43,7 @@
networking.dhcpcd.allowInterfaces = [
"enp*"
"eth*"
+ "ens*"
];
}
{
From e083b18e34519f30bba79dfd894c3b828fd13da7 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 16:00:06 +0100
Subject: [PATCH 21/24] l IM: add bitlbee config
---
lass/2configs/IM.nix | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix
index b94cb0634..80cebf099 100644
--- a/lass/2configs/IM.nix
+++ b/lass/2configs/IM.nix
@@ -20,6 +20,17 @@ let
'';
in {
+ services.bitlbee = {
+ enable = true;
+ portNumber = 6666;
+ plugins = [
+ pkgs.bitlbee-facebook
+ pkgs.bitlbee-steam
+ pkgs.bitlbee-discord
+ ];
+ libpurple_plugins = [ pkgs.telegram-purple ];
+ };
+
users.extraUsers.chat = {
home = "/home/chat";
uid = genid "chat";
From 21bd13b2de964b178e5d42b69efc337e09698dd2 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 5 Jan 2018 20:59:29 +0100
Subject: [PATCH 22/24] l: container hackery
---
lass/1systems/prism/config.nix | 9 +++++++++
lass/2configs/rebuild-on-boot.nix | 18 ++++++++++++++++++
2 files changed, 27 insertions(+)
create mode 100644 lass/2configs/rebuild-on-boot.nix
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 0b2c10f92..03e9f6eeb 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -184,14 +184,17 @@ in {
}
{
#hotdog
+ systemd.services."container@hotdog".reloadIfChanged = mkForce false;
containers.hotdog = {
config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
};
+ autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.1";
@@ -200,8 +203,10 @@ in {
}
{
#kaepsele
+ systemd.services."container@kaepsele".reloadIfChanged = mkForce false;
containers.kaepsele = {
config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [
@@ -209,6 +214,7 @@ in {
tv.pubkey
];
};
+ autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.3";
@@ -217,8 +223,10 @@ in {
}
{
#onondaga
+ systemd.services."container@onondaga".reloadIfChanged = mkForce false;
containers.onondaga = {
config = { ... }: {
+ imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
@@ -226,6 +234,7 @@ in {
config.krebs.users.nin.pubkey
];
};
+ autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.5";
diff --git a/lass/2configs/rebuild-on-boot.nix b/lass/2configs/rebuild-on-boot.nix
new file mode 100644
index 000000000..60198be7b
--- /dev/null
+++ b/lass/2configs/rebuild-on-boot.nix
@@ -0,0 +1,18 @@
+{ config, pkgs, ... }:
+with import <stockholm/lib>;
+{
+ systemd.services.rebuild-on-boot = {
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ NIX_REMOTE = "daemon";
+ HOME = "/var/empty";
+ };
+ serviceConfig = {
+ ExecStart = pkgs.writeScript "rebuild" ''
+ #!${pkgs.bash}/bin/bash
+ (/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) &
+ '';
+ ExecStop = "${pkgs.coreutils}/bin/sleep 10";
+ };
+ };
+}
From 99b379715123cdec8f527de4c71700c02974383f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 6 Jan 2018 01:50:16 +0100
Subject: [PATCH 23/24] l IM: add rxvt_unicode.terminfo
---
lass/2configs/IM.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix
index 80cebf099..51512955e 100644
--- a/lass/2configs/IM.nix
+++ b/lass/2configs/IM.nix
@@ -57,6 +57,10 @@ in {
restartIfChanged = false;
+ path = [
+ pkgs.rxvt_unicode.terminfo
+ ];
+
serviceConfig = {
User = "chat";
RemainAfterExit = true;
From acecab429219d9086e23fa8912ecb05c017211d1 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 6 Jan 2018 01:50:51 +0100
Subject: [PATCH 24/24] l dns: use resolved
---
lass/2configs/dns-stuff.nix | 22 ++--------------------
1 file changed, 2 insertions(+), 20 deletions(-)
diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix
index 411b07503..cbcce8df9 100644
--- a/lass/2configs/dns-stuff.nix
+++ b/lass/2configs/dns-stuff.nix
@@ -11,24 +11,6 @@ with import <stockholm/lib>;
key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C";
};
};
- services.dnsmasq = {
- enable = true;
- resolveLocalQueries = false;
- extraConfig = ''
- server=127.1.0.1
- #no-resolv
- cache-size=1000
- min-cache-ttl=3600
- bind-dynamic
- all-servers
- dnssec
- trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
- rebind-domain-ok=/onion/
- server=/.onion/127.0.0.1#9053
- port=53
- '';
- };
- networking.extraResolvconfConf = ''
- name_servers='127.0.0.1'
- '';
+ services.resolved.enable = true;
+ services.resolved.fallbackDns = [ "127.1.0.1" ];
}