summaryrefslogtreecommitdiffstats
path: root/makefu/1systems
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-01-16 02:01:48 +0100
committermakefu <github@syntax-fehler.de>2016-01-16 02:01:48 +0100
commit7cf54a1d791fff716968a145feb55f28b84aef76 (patch)
treec140efc5965c2b4a74c1a479b7867148ea9bb4c6 /makefu/1systems
parent3bb965c3f071f30a2ac381fb18cb2da5603193a3 (diff)
parent0c1c54e728d8838b184d43a9adb67f4258a21569 (diff)
Merge branch 'master' of gum:stockholm
Diffstat (limited to 'makefu/1systems')
-rw-r--r--makefu/1systems/omo.nix18
-rw-r--r--makefu/1systems/pornocauster.nix5
2 files changed, 20 insertions, 3 deletions
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index e19205a95..e11665fbc 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -27,10 +27,20 @@ in {
../2configs/exim-retiolum.nix
../2configs/smart-monitor.nix
../2configs/mail-client.nix
+ ../2configs/share-user-sftp.nix
+ ../2configs/nginx/omo-share.nix
../3modules
];
+ # services.openssh.allowSFTP = false;
krebs.build.host = config.krebs.hosts.omo;
+
+ # copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/
+ services.sabnzbd.enable = true;
+ systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+
+ # HDD Array stuff
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
+
makefu.snapraid = let
toMapper = id: "/media/crypt${builtins.toString id}";
in {
@@ -38,7 +48,6 @@ in {
disks = map toMapper [ 0 1 ];
parity = toMapper 2;
};
- # AMD E350
fileSystems = let
cryptMount = name:
{ "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };};
@@ -56,6 +65,7 @@ in {
${pkgs.hdparm}/sbin/hdparm -B 127 ${disk}
${pkgs.hdparm}/sbin/hdparm -y ${disk}
'') allDisks);
+
boot = {
initrd.luks = {
devices = let
@@ -87,10 +97,14 @@ in {
};
networking.firewall.allowedUDPPorts = [ 655 ];
+ # 8080: sabnzbd
+ networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
+
hardware.enableAllFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
- #zramSwap.enable = true;
+ zramSwap.enable = true;
zramSwap.numDevices = 2;
+
}
diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix
index 690e26b36..d7fa8edc5 100644
--- a/makefu/1systems/pornocauster.nix
+++ b/makefu/1systems/pornocauster.nix
@@ -35,12 +35,14 @@
# ../2configs/mediawiki.nix
#../2configs/wordpress.nix
];
+ hardware.sane.enable = true;
+ hardware.sane.extraBackends = [ pkgs.samsungUnifiedLinuxDriver ];
nixpkgs.config.packageOverrides = pkgs: {
tinc = pkgs.tinc_pre;
};
krebs.Reaktor = {
- enable = true;
+ enable = false;
nickname = "makefu|r";
plugins = with pkgs.ReaktorPlugins; [ nixos-version random-emoji ];
};
@@ -59,6 +61,7 @@
hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" ''
${builtins.readFile "${config.hardware.pulseaudio.package}/etc/pulse/default.pa"}
load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI"'';
+ networking.firewall.enable = false;
networking.firewall.allowedTCPPorts = [
25
];