summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/darth.nix20
-rw-r--r--makefu/1systems/gum.nix4
-rw-r--r--makefu/1systems/omo.nix9
-rw-r--r--makefu/1systems/vbob.nix5
-rw-r--r--makefu/1systems/wry.nix4
-rw-r--r--makefu/2configs/base-gui.nix14
-rw-r--r--makefu/2configs/deployment/mycube.connector.one.nix2
-rw-r--r--makefu/2configs/fs/sda-crypto-root-home.nix2
-rw-r--r--makefu/2configs/fs/sda-crypto-root.nix4
-rw-r--r--makefu/2configs/hw/tp-x2x0.nix1
-rw-r--r--makefu/2configs/iodined.nix2
-rw-r--r--makefu/2configs/mail-client.nix2
-rw-r--r--makefu/2configs/nginx/euer.blog.nix4
-rw-r--r--makefu/2configs/nginx/euer.test.nix4
-rw-r--r--makefu/2configs/nginx/euer.wiki.nix4
-rw-r--r--makefu/2configs/nginx/public_html.nix15
-rw-r--r--makefu/2configs/nginx/update.connector.one.nix2
-rw-r--r--makefu/2configs/omo-share.nix9
-rw-r--r--makefu/4lib/default.nix30
-rw-r--r--makefu/5pkgs/mycube-flask/default.nix4
20 files changed, 99 insertions, 42 deletions
diff --git a/makefu/1systems/darth.nix b/makefu/1systems/darth.nix
index ad3ac4f22..2f2358ddc 100644
--- a/makefu/1systems/darth.nix
+++ b/makefu/1systems/darth.nix
@@ -10,15 +10,27 @@ let
allDisks = [ rootDisk auxDisk ];
in {
imports = [
- ../.
- ../2configs/fs/single-partition-ext4.nix
- ../2configs/zsh-user.nix
- ../2configs/smart-monitor.nix
+ ../.
+ ../2configs/fs/single-partition-ext4.nix
+ ../2configs/zsh-user.nix
+ ../2configs/smart-monitor.nix
+ ../2configs/exim-retiolum.nix
+ ../2configs/virtualization.nix
];
+ networking.firewall.allowedUDPPorts = [ 80 655 67 ];
+ networking.firewall.allowedTCPPorts = [ 80 655 ];
+ networking.firewall.checkReversePath = false;
+ #networking.firewall.enable = false;
# virtualisation.nova.enableSingleNode = true;
krebs.retiolum.enable = true;
+ boot.kernelModules = [ "coretemp" "f71882fg" ];
+
+ hardware.enableAllFirmware = true;
+ nixpkgs.config.allowUnfree = true;
+ networking.wireless.enable = true;
+
# TODO smartd omo darth gum all-in-one
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
zramSwap.enable = true;
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 710421659..7bac4398c 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -2,8 +2,8 @@
with config.krebs.lib;
let
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
- internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in {
imports = [
../.
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index f0f1d3088..fbd06a9c7 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -44,16 +44,21 @@ in {
../2configs/smart-monitor.nix
../2configs/mail-client.nix
../2configs/share-user-sftp.nix
+ ../2configs/graphite-standalone.nix
../2configs/omo-share.nix
];
+
krebs.retiolum.enable = true;
networking.firewall.trustedInterfaces = [ "enp3s0" ];
# udp:137 udp:138 tcp:445 tcp:139 - samba, allowed in local net
# tcp:80 - nginx for sharing files
# tcp:655 udp:655 - tinc
- # tcp:8080 - sabnzbd
+ # tcp:8111 - graphite
+ # tcp:9090 - sabnzbd
+ # tcp:9200 - elasticsearch
+ # tcp:5601 - kibana
networking.firewall.allowedUDPPorts = [ 655 ];
- networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
+ networking.firewall.allowedTCPPorts = [ 80 655 5601 8111 9200 9090 ];
# services.openssh.allowSFTP = false;
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
index 748b08ef1..5e2382f37 100644
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@@ -15,11 +15,6 @@
];
nixpkgs.config.allowUnfree = true;
- krebs.build.source.upstream-nixpkgs = {
- url = https://github.com/makefu/nixpkgs;
- # HTTP Everywhere + libredir
- rev = "8239ac6";
- };
fileSystems."/nix" = {
device ="/dev/disk/by-label/nixstore";
fsType = "ext4";
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
index edaf1b803..d9f8ded83 100644
--- a/makefu/1systems/wry.nix
+++ b/makefu/1systems/wry.nix
@@ -3,8 +3,8 @@
with config.krebs.lib;
let
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
- internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in {
imports = [
../.
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index 341a2ab20..b807957ba 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -10,16 +10,6 @@
#
# if this is not enough, check out main-laptop.nix
-## TODO: .Xdefaults:
-# URxvt*termName: rxvt
-# URxvt.scrollBar : false
-# URxvt*scrollBar_right: false
-# URxvt*borderLess: false
-# URxvt.foreground: white
-# URxvt.background: black
-# URxvt.urgentOnBell: true
-# URxvt.visualBell: false
-# URxvt.font : xft:Terminus
with config.krebs.lib;
let
@@ -83,7 +73,9 @@ in
XTerm*FaceName : Terminus:pixelsize=14
URxvt*termName: rxvt
- URxvt.scrollBar : False
+ URxvt*saveLines: 10000
+ URxvt*loginShell: false
+ URxvt.scrollBar : false
URxvt*scrollBar_right: false
URxvt*borderLess: false
URxvt.foreground: white
diff --git a/makefu/2configs/deployment/mycube.connector.one.nix b/makefu/2configs/deployment/mycube.connector.one.nix
index 125b3dfff..8f51c91dd 100644
--- a/makefu/2configs/deployment/mycube.connector.one.nix
+++ b/makefu/2configs/deployment/mycube.connector.one.nix
@@ -3,7 +3,7 @@
with config.krebs.lib;
let
hostname = config.krebs.build.host.name;
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock";
in {
services.redis.enable = true;
diff --git a/makefu/2configs/fs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix
index 5214cf872..1ef0d69e9 100644
--- a/makefu/2configs/fs/sda-crypto-root-home.nix
+++ b/makefu/2configs/fs/sda-crypto-root-home.nix
@@ -19,7 +19,7 @@ with config.krebs.lib;
"/home" = {
device = "/dev/mapper/main-home";
fsType = "ext4";
- options="defaults,discard";
+ options = [ "defaults" "discard" ];
};
};
}
diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix
index e9d7b755a..b82c0e44e 100644
--- a/makefu/2configs/fs/sda-crypto-root.nix
+++ b/makefu/2configs/fs/sda-crypto-root.nix
@@ -18,12 +18,12 @@ with config.krebs.lib;
"/" = {
device = "/dev/mapper/luksroot";
fsType = "ext4";
- options="defaults,discard";
+ options = [ "defaults" "discard" ];
};
"/boot" = {
device = "/dev/disk/by-label/nixboot";
fsType = "ext4";
- options="defaults,discard";
+ options = [ "defaults" "discard" ];
};
};
}
diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix
index d5ce34bd4..7f9dc67a5 100644
--- a/makefu/2configs/hw/tp-x2x0.nix
+++ b/makefu/2configs/hw/tp-x2x0.nix
@@ -23,6 +23,7 @@ with config.krebs.lib;
services.tlp.enable = true;
services.tlp.extraConfig = ''
START_CHARGE_THRESH_BAT0=80
+ STOP_CHARGE_THRESH_BAT0=95
CPU_SCALING_GOVERNOR_ON_AC=performance
CPU_SCALING_GOVERNOR_ON_BAT=ondemand
diff --git a/makefu/2configs/iodined.nix b/makefu/2configs/iodined.nix
index 2e69d167c..d57c91ce8 100644
--- a/makefu/2configs/iodined.nix
+++ b/makefu/2configs/iodined.nix
@@ -10,7 +10,7 @@ in {
enable = true;
domain = domain;
ip = "172.16.10.1/24";
- extraConfig = "-P ${pw} -l ${pkgs.lib.head config.krebs.build.host.nets.internet.addrs4}";
+ extraConfig = "-P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}";
};
}
diff --git a/makefu/2configs/mail-client.nix b/makefu/2configs/mail-client.nix
index 793daa6f8..eeade94e8 100644
--- a/makefu/2configs/mail-client.nix
+++ b/makefu/2configs/mail-client.nix
@@ -7,7 +7,7 @@ with config.krebs.lib;
gnupg
imapfilter
msmtp
- mutt-kz
+ mutt
notmuch
offlineimap
openssl
diff --git a/makefu/2configs/nginx/euer.blog.nix b/makefu/2configs/nginx/euer.blog.nix
index 9d08f4b9a..137c0b0e3 100644
--- a/makefu/2configs/nginx/euer.blog.nix
+++ b/makefu/2configs/nginx/euer.blog.nix
@@ -8,8 +8,8 @@ let
hostname = config.krebs.build.host.name;
user = config.services.nginx.user;
group = config.services.nginx.group;
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
- internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
base-dir = "/var/www/blog.euer";
in {
# Prepare Blog directory
diff --git a/makefu/2configs/nginx/euer.test.nix b/makefu/2configs/nginx/euer.test.nix
index f7214e613..84b9bacda 100644
--- a/makefu/2configs/nginx/euer.test.nix
+++ b/makefu/2configs/nginx/euer.test.nix
@@ -5,8 +5,8 @@ let
hostname = config.krebs.build.host.name;
user = config.services.nginx.user;
group = config.services.nginx.group;
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
- internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in {
krebs.nginx = {
enable = mkDefault true;
diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix
index a5572a519..10985c833 100644
--- a/makefu/2configs/nginx/euer.wiki.nix
+++ b/makefu/2configs/nginx/euer.wiki.nix
@@ -18,8 +18,8 @@ let
# user1 = pass1
# userN = passN
tw-pass-file = "${sec}/tw-pass.ini";
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
- internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in {
services.phpfpm = {
# phpfpm does not have an enable option
diff --git a/makefu/2configs/nginx/public_html.nix b/makefu/2configs/nginx/public_html.nix
new file mode 100644
index 000000000..9df8351ca
--- /dev/null
+++ b/makefu/2configs/nginx/public_html.nix
@@ -0,0 +1,15 @@
+{ config, lib, ... }:
+
+with config.krebs.lib;
+
+{
+ krebs.nginx = {
+ enable = true;
+ servers.default.locations = [
+ (nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
+ alias /home/$1/public_html$2;
+ autoindex on;
+ '')
+ ];
+ };
+}
diff --git a/makefu/2configs/nginx/update.connector.one.nix b/makefu/2configs/nginx/update.connector.one.nix
index ac5e6b17b..dde3e3a64 100644
--- a/makefu/2configs/nginx/update.connector.one.nix
+++ b/makefu/2configs/nginx/update.connector.one.nix
@@ -3,7 +3,7 @@
with config.krebs.lib;
let
hostname = config.krebs.build.host.name;
- external-ip = head config.krebs.build.host.nets.internet.addrs4;
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
in {
krebs.nginx = {
enable = mkDefault true;
diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix
index a9640b38b..c943e3d9a 100644
--- a/makefu/2configs/omo-share.nix
+++ b/makefu/2configs/omo-share.nix
@@ -5,7 +5,7 @@ let
hostname = config.krebs.build.host.name;
# TODO local-ip from the nets config
local-ip = "192.168.1.11";
- # local-ip = head config.krebs.build.host.nets.retiolum.addrs4;
+ # local-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in {
krebs.nginx = {
enable = mkDefault true;
@@ -48,6 +48,13 @@ in {
browseable = "yes";
"guest ok" = "yes";
};
+
+ emu = {
+ path = "/media/crypt1/emu";
+ "read only" = "yes";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
usenet = {
path = "/media/crypt0/usenet/dst";
"read only" = "yes";
diff --git a/makefu/4lib/default.nix b/makefu/4lib/default.nix
new file mode 100644
index 000000000..5e9ab2087
--- /dev/null
+++ b/makefu/4lib/default.nix
@@ -0,0 +1,30 @@
+{ config, lib, ... }:
+
+with lib;
+let
+ addDefaultTime = bku-entry: recursiveUpdate {
+ snapshots = {
+ daily = { format = "%Y-%m-%d"; retain = 7; };
+ weekly = { format = "%YW%W"; retain = 4; };
+ monthly = { format = "%Y-%m"; retain = 12; };
+ yearly = { format = "%Y"; };
+ };
+ startAt = "5:23";
+ } bku-entry;
+
+ backup-host = config.krebs.hosts.omo;
+ backup-path = "/media/backup";
+in {
+ bku = {
+ inherit addDefaultTime;
+ simplePath = addDefaultTime (path: {
+ method = "pull";
+ src = { host = config.krebs.build.host; inherit path; };
+ dst = {
+ host = backup-host;
+ path = backup-path ++ config.krebs.build.host.name
+ ++ builtins.replaceStrings ["/"] ["-"] path;
+ };
+ });
+ };
+}
diff --git a/makefu/5pkgs/mycube-flask/default.nix b/makefu/5pkgs/mycube-flask/default.nix
index 5bf85a66a..1b1672f08 100644
--- a/makefu/5pkgs/mycube-flask/default.nix
+++ b/makefu/5pkgs/mycube-flask/default.nix
@@ -10,8 +10,8 @@ with pkgs.pythonPackages;buildPythonPackage rec {
src = fetchFromGitHub {
owner = "makefu";
repo = "mycube-flask";
- rev = "5f5260a";
- sha256 = "1jx0h81nlmi1xry2vw46rvsanq0sdca6hlq31lhh7klqrg885hgh";
+ rev = "48dc6857";
+ sha256 = "1ax1vz6m5982l1mmp9vmywn9nw9p9h4m3ss74zazyspxq1wjim0v";
};
meta = {
homepage = https://github.com/makefu/mycube-flask;