makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'lass/master'

Browse source
This commit is contained in:
makefu 2021-02-19 16:03:20 +01:00
parent cacc5ca523 8b7477926d
commit d239a236b0
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
6 changed files with 175 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
krebs/2configs/ircd.nix
View file

@ -5,6 +5,8 @@
6667 6669 6667 6669
]; ];
systemd.services.charybdis.serviceConfig.LimitNOFILE = 16384;
krebs.charybdis = { krebs.charybdis = {
enable = true; enable = true;
motd = '' motd = ''
@ -15,7 +17,7 @@
serverinfo { serverinfo {
name = "${config.krebs.build.host.name}.irc.r"; name = "${config.krebs.build.host.name}.irc.r";
sid = "1as"; sid = "1as";
description = "miep!"; description = "irc!";
network_name = "irc.r"; network_name = "irc.r";
vhost = "0.0.0.0"; vhost = "0.0.0.0";
@ -26,7 +28,7 @@
#ssl_dh_params = "etc/dh.pem"; #ssl_dh_params = "etc/dh.pem";
#ssld_count = 1; #ssld_count = 1;
default_max_clients = 100000; default_max_clients = 2048;
#nicklen = 30; #nicklen = 30;
}; };
@ -38,12 +40,12 @@
*/ */
host = "0.0.0.0"; host = "0.0.0.0";
port = 6667; port = 6667;
sslport = 6697; #sslport = 6697;
/* Listen on IPv6 (if you used host= above). */ /* Listen on IPv6 (if you used host= above). */
host = "::"; host = "::";
port = 6667; port = 6667;
sslport = 6697; #sslport = 6697;
}; };
class "users" { class "users" {
@ -53,9 +55,9 @@
number_per_ip_global = 4096; number_per_ip_global = 4096;
cidr_ipv4_bitlen = 24; cidr_ipv4_bitlen = 24;
cidr_ipv6_bitlen = 64; cidr_ipv6_bitlen = 64;
number_per_cidr = 65536; number_per_cidr = 65535;
max_number = 100000; max_number = 65535;
sendq = 10 megabyte; sendq = 1000 megabyte;
}; };
privset "op" { privset "op" {
@ -91,7 +93,7 @@
use_knock = yes; use_knock = yes;
knock_delay = 5 minutes; knock_delay = 5 minutes;
knock_delay_channel = 1 minute; knock_delay_channel = 1 minute;
max_chans_per_user = 15; max_chans_per_user = 150;
max_bans = 100; max_bans = 100;
max_bans_large = 500; max_bans_large = 500;
default_split_user_count = 0; default_split_user_count = 0;

9
krebs/2configs/shack/glados/default.nix
View file

@ -1,5 +1,11 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
unstable = import (pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs";
rev = (lib.importJSON ../../../nixpkgs-unstable.json).rev;
sha256 = (lib.importJSON ../../../nixpkgs-unstable.json).sha256;
}) {};
in { in {
services.nginx.virtualHosts."hass.shack" = { services.nginx.virtualHosts."hass.shack" = {
serverAliases = [ "glados.shack" ]; serverAliases = [ "glados.shack" ];
@ -40,6 +46,9 @@ in {
{ {
enable = true; enable = true;
autoExtraComponents = true; autoExtraComponents = true;
package = unstable.home-assistant.overrideAttrs (old: {
doInstallCheck = false;
});
config = { config = {
homeassistant = { homeassistant = {
name = "Glados"; name = "Glados";

52
krebs/3modules/lass/default.nix
View file

@ -125,7 +125,6 @@ in {
ip6.addr = r6 "1e1"; ip6.addr = r6 "1e1";
aliases = [ aliases = [
"uriel.r" "uriel.r"
"cgit.uriel.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -151,7 +150,6 @@ in {
ip6.addr = r6 "dea7"; ip6.addr = r6 "dea7";
aliases = [ aliases = [
"mors.r" "mors.r"
"cgit.mors.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -185,7 +183,6 @@ in {
ip6.addr = r6 "50da"; ip6.addr = r6 "50da";
aliases = [ aliases = [
"shodan.r" "shodan.r"
"cgit.shodan.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -220,7 +217,6 @@ in {
ip6.addr = r6 "1205"; ip6.addr = r6 "1205";
aliases = [ aliases = [
"icarus.r" "icarus.r"
"cgit.icarus.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -254,7 +250,6 @@ in {
ip6.addr = r6 "daed"; ip6.addr = r6 "daed";
aliases = [ aliases = [
"daedalus.r" "daedalus.r"
"cgit.daedalus.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -286,7 +281,6 @@ in {
ip6.addr = r6 "5ce7"; ip6.addr = r6 "5ce7";
aliases = [ aliases = [
"skynet.r" "skynet.r"
"cgit.skynet.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -688,11 +682,53 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU "; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU ";
syncthing.id = "JAVJ6ON-WLCWOA3-YB7EHPX-VGIN4XF-635NIVZ-WZ4HN4M-QRMLT4N-5PL5MQN"; syncthing.id = "JAVJ6ON-WLCWOA3-YB7EHPX-VGIN4XF-635NIVZ-WZ4HN4M-QRMLT4N-5PL5MQN";
}; };
coaxmetal = {
cores = 16;
nets = {
retiolum = {
ip4.addr = "10.243.0.17";
ip6.addr = r6 "17";
aliases = [
"coaxmetal.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwcuMl/W6DZ7UMK4RHrxA
xCc8CkqpUTYldPdB9KJmcH6OpbQqCcPxGOvRe42NdOfCyy11WjAjUMRGnzMyi4MK
gMEjcrl5CnQd9nF9f8Mom8cuSOVm1j46qY7Trl/MsEKsKHiYAHtLFpHz2+UI+HBU
WbSeDLLA8g79SZq/pqWHfp3YKzqP4p+dmi8j+aOZJWkGu9l+Q40qQrTJQCxYgEek
ODeBFCY3DGfJRn79IFGuhF1/jGiAwF3/1j2Rxlesazl6/Lyvmtioplsqn8J94z32
G5wyGpqn/BcXkJTlWtwb3Rrg6OOALJAqy2H5EoIVT26gwmvkEStMtvgLfAeYjL8F
G2bAtaeQGzwQZNuVJAMI9Qtb+PHw322Wz+P8U669C/HCdGCumMf+M7UDHP79kXOO
IFs1NvkU3z/iO/5bj41v8u0W8+b9NWe++dI8N8q0hWLPgnz5PI998xW06Dul7pAX
K1OMIMfTTGgAZHAF1Kdn1BSXezgwkutwzy5h8XkYclyHB2nPXkXIYmahi1XgWeAE
7B4NmefbS6H8dLOU7yMEWuxmYl41UOybtyrsp1za5wtERpQgzl6EWfIXISEdx1Ly
bmb3SGtB85RyqqCe2O9DzVZCw7mXgN69R5efyEuq3HIIN9udLNrybPNNyD/OlAqo
l/xwDxiSCEsO6yY5lGc0MCMCAwEAAQ==
-----END PUBLIC KEY-----
'';
};
wiregrill = {
ip6.addr = w6 "17";
aliases = [
"coaxmetal.w"
];
wireguard.pubkey = ''
lkjR14oOVKl03/0sUzOmddf28ps+v5qRxrbRY03Pg38=
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO9vAYuTv07c9bOjDJId3ShXJ1qIEuyrjkVYkJn9yMET ";
syncthing.id = "W5BJ4TL-GAQ46WS-ZB72HFS-XOURLBA-RNBVMYC-POFH4UA-CBORQID-BMIHNQZ";
};
}; };
users = rec { users = rec {
lass = lass-blue; lass = lass-yubikey;
lass-yubikey = { lass-yubikey = {
mail = lass.mail; mail = "lass@lassul.us";
pubkey = builtins.readFile ./ssh/yubikey.rsa; pubkey = builtins.readFile ./ssh/yubikey.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp; pgp.pubkeys.default = builtins.readFile ./pgp/yubikey.pgp;
}; };

53
lass/1systems/coaxmetal/config.nix Normal file
View file

@ -0,0 +1,53 @@
{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/lass>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/exim-retiolum.nix>
<stockholm/lass/2configs/baseX.nix>
<stockholm/lass/2configs/browsers.nix>
<stockholm/lass/2configs/programs.nix>
<stockholm/lass/2configs/network-manager.nix>
<stockholm/lass/2configs/syncthing.nix>
<stockholm/lass/2configs/sync/sync.nix>
<stockholm/lass/2configs/games.nix>
<stockholm/lass/2configs/steam.nix>
<stockholm/lass/2configs/wine.nix>
<stockholm/lass/2configs/fetchWallpaper.nix>
<stockholm/lass/2configs/nfs-dl.nix>
<stockholm/lass/2configs/pass.nix>
<stockholm/lass/2configs/mail.nix>
<stockholm/lass/2configs/bitcoin.nix>
];
krebs.build.host = config.krebs.hosts.coaxmetal;
environment.shellAliases = {
deploy = pkgs.writeDash "deploy" ''
set -eu
export SYSTEM="$1"
$(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
'';
usb-tether-on = pkgs.writeDash "usb-tether-on" ''
adb shell su -c service call connectivity 33 i32 1 s16 text
'';
usb-tether-off = pkgs.writeDash "usb-tether-off" ''
adb shell su -c service call connectivity 33 i32 0 s16 text
'';
};
programs.adb.enable = true;
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
# config.General.Disable = "Headset";
extraConfig = ''
[General]
Disable = Headset
'';
};
hardware.pulseaudio.package = pkgs.pulseaudioFull;
}

52
lass/1systems/coaxmetal/physical.nix Normal file
View file

@ -0,0 +1,52 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [
./config.nix
(modulesPath + "/installer/scan/not-detected.nix")
];
networking.hostId = "e0c335ea";
boot.zfs.requestEncryptionCredentials = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
# device = "/dev/disk/by-id/nvme-WDC_PC_SN730_SDBQNTY-1T00-1001_205349800040";
device = "nodev";
efiSupport = true;
# efiInstallAsRemovable = true;
};
services.xserver.videoDrivers = [
"amdgpu"
];
hardware.opengl.extraPackages = [ pkgs.amdvlk ];
# is required for amd graphics support ( xorg wont boot otherwise )
boot.kernelPackages = pkgs.linuxPackages_latest;
environment.variables.VK_ICD_FILENAMES =
"/run/opengl-driver/share/vulkan/icd.d/amd_icd64.json";
boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-amd" ];
fileSystems."/" = {
device = "zpool/root/root";
fsType = "zfs";
};
fileSystems."/home" = {
device = "zpool/root/home";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/50A7-1889";
fsType = "vfat";
};
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";
boot.extraModprobeConfig = ''
options psmouse proto=imps
'';
}

8
lass/5pkgs/custom/xmonad-lass/default.nix
View file

@ -35,6 +35,7 @@ import XMonad.Hooks.ManageHelpers (doCenterFloat, doRectFloat, (-?>))
import XMonad.Hooks.Place (placeHook, smart) import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.UrgencyHook (focusUrgent) import XMonad.Hooks.UrgencyHook (focusUrgent)
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..)) import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
import XMonad.Layout.BoringWindows (boringWindows, focusDown, focusUp)
import XMonad.Layout.FixedColumn (FixedColumn(..)) import XMonad.Layout.FixedColumn (FixedColumn(..))
import XMonad.Layout.Grid (Grid(..)) import XMonad.Layout.Grid (Grid(..))
import XMonad.Layout.Minimize (minimize) import XMonad.Layout.Minimize (minimize)
@ -93,7 +94,7 @@ main' = do
myLayoutHook = defLayout myLayoutHook = defLayout
where where
defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile ||| Grid) defLayout = minimize . boringWindows $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile ||| Grid)
floatHooks = composeAll floatHooks = composeAll
[ className =? "Pinentry" --> doCenterFloat [ className =? "Pinentry" --> doCenterFloat
@ -123,6 +124,11 @@ myKeyMap =
, ("<XF86Launch1>", gridselectWorkspace gridConfig W.view) , ("<XF86Launch1>", gridselectWorkspace gridConfig W.view)
, ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill") , ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill")
, ("M4-<Tab>", focusDown)
, ("M4-S-<Tab>", focusUp)
, ("M4-j", focusDown)
, ("M4-k", focusUp)
, ("M4-a", focusUrgent) , ("M4-a", focusUrgent)
, ("M4-S-r", renameWorkspace myXPConfig) , ("M4-S-r", renameWorkspace myXPConfig)
, ("M4-S-a", addWorkspacePrompt myXPConfig) , ("M4-S-a", addWorkspacePrompt myXPConfig)