Merge remote-tracking branch 'prism/master' (despite bad style)

author: tv <tv@krebsco.de> 2018-05-09 11:07:27 +0200
committer: tv <tv@krebsco.de> 2018-05-09 11:07:27 +0200
commit: 3f3c12dcd06ba211a484aabf011880a83e5832fd (patch)
tree: e713b5f6e9084c3ff5cf185a1aafc12437822ea8 /makefu
parent: edafe24e94252e2be936a760ce47485c8e4fa0af (diff)
parent: af75b96fbe412527c4bf9129de850bcab3e7c7cb (diff)
8 files changed, 71 insertions, 23 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 578e4add8..9b6d9d571 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -62,6 +62,7 @@ in {
       ## Web
       <stockholm/makefu/2configs/nginx/share-download.nix>
       <stockholm/makefu/2configs/nginx/euer.test.nix>
+      <stockholm/makefu/2configs/nginx/euer.mon.nix>
       <stockholm/makefu/2configs/nginx/euer.wiki.nix>
       <stockholm/makefu/2configs/nginx/euer.blog.nix>
       # <stockholm/makefu/2configs/nginx/gum.krebsco.de.nix>
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
index b3ce743ca..e3ca472e4 100644
--- a/makefu/1systems/gum/source.nix
+++ b/makefu/1systems/gum/source.nix
@@ -1,4 +1,5 @@
 import <stockholm/makefu/source.nix> {
   name="gum";
   torrent = true;
+  clever_kexec = true;
 }
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index bed6ae9fd..a85d5f5ce 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -50,6 +50,7 @@ in {
       <stockholm/makefu/2configs/smart-monitor.nix>
       <stockholm/makefu/2configs/mail-client.nix>
       <stockholm/makefu/2configs/mosh.nix>
+      <stockholm/makefu/2configs/tools/mobility.nix>
       # <stockholm/makefu/2configs/disable_v6.nix>
       #<stockholm/makefu/2configs/graphite-standalone.nix>
       #<stockholm/makefu/2configs/share-user-sftp.nix>
@@ -85,7 +86,7 @@ in {
       <stockholm/makefu/2configs/sshd-totp.nix>
       # <stockholm/makefu/2configs/logging/central-logging-client.nix>
 
-      # <stockholm/makefu/2configs/torrent.nix>
+      <stockholm/makefu/2configs/torrent.nix>
 
       # <stockholm/makefu/2configs/elchos/search.nix>
       # <stockholm/makefu/2configs/elchos/log.nix>
@@ -100,7 +101,7 @@ in {
   makefu.full-populate = true;
   makefu.server.primary-itf = primaryInterface;
   krebs.rtorrent = {
-    downloadDir = lib.mkForce "/media/crypt0/torrent";
+    downloadDir = lib.mkForce "/media/cryptX/torrent";
     extraConfig = ''
       upload_rate = 200
     '';
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 42f3bddb1..3cf3274f9 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -52,9 +52,10 @@ in {
           db = "collectd_db";
           logging-interface = "enp0s25";
         in {
+          networking.firewall.allowedTCPPorts = [ 3000 ];
+
           services.grafana.enable = true;
           services.grafana.addr = "0.0.0.0";
-
           services.influxdb.enable = true;
           services.influxdb.extraConfig = {
             meta.hostname = config.krebs.build.host.name;
diff --git a/makefu/2configs/hw/network-manager.nix b/makefu/2configs/hw/network-manager.nix
index 7e29849b1..d322c683d 100644
--- a/makefu/2configs/hw/network-manager.nix
+++ b/makefu/2configs/hw/network-manager.nix
@@ -11,9 +11,8 @@
 
   systemd.services.modemmanager = {
     description = "ModemManager";
-    after = [ "network-manager.service" ];
     bindsTo = [ "network-manager.service" ];
-    wantedBy = [ "network-manager.service" ];
+    wantedBy = [ "network-manager.service" "multi-user.target" ];
     serviceConfig = {
       ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
       PrivateTmp = true;
diff --git a/makefu/2configs/nginx/euer.mon.nix b/makefu/2configs/nginx/euer.mon.nix
new file mode 100644
index 000000000..c5a7e68af
--- /dev/null
+++ b/makefu/2configs/nginx/euer.mon.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+  hostname = config.krebs.build.host.name;
+  user = config.services.nginx.user;
+  group = config.services.nginx.group;
+  external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+  internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
+in {
+  services.nginx = {
+    enable = mkDefault true;
+    virtualHosts."mon.euer.krebsco.de" = {
+      forceSSL = true;
+      enableACME = true;
+      locations."/" =  {
+        proxyPass = "http://wbob.r:3000/";
+        extraConfig = ''
+          proxy_set_header   Host $host;
+          proxy_set_header   X-Real-IP          $remote_addr;
+          proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        '';
+      };
+    };
+  };
+}
diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix
index 2f80b08c9..898bae10d 100644
--- a/makefu/2configs/tools/core-gui.nix
+++ b/makefu/2configs/tools/core-gui.nix
@@ -1,10 +1,6 @@
 { pkgs, ... }:
 
 {
-  nixpkgs.config.firefox = {
-    enableAdobeFlash = true;
-  };
-
   krebs.per-user.makefu.packages = with pkgs; [
     chromium
     clipit
diff --git a/makefu/source.nix b/makefu/source.nix
index bcdb66a66..40aeac8b6 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -1,14 +1,16 @@
 with import <stockholm/lib>;
 host@{ name,
   override ? {}
-,  secure ? false
-,  full ? false
-,  torrent ? false
-,  hw ? false
-,  musnix ? false
-,  python ? false
-,  unstable ? false #unstable channel checked out
-,  mic92 ? false
+, secure ? false
+, full ? false
+, torrent ? false
+, hw ? false
+, musnix ? false
+, python ? false
+, unstable ? false #unstable channel checked out
+, mic92 ? false
+, nms ? false
+, clever_kexec ?false
 }:
 let
   builder = if getEnv "dummy_secrets" == "true"
@@ -42,11 +44,15 @@ in
           file = "/home/makefu/store/${ref}";
         };
 
-      secrets.file = getAttr builder {
-        buildbot = toString <stockholm/makefu/6tests/data/secrets>;
-        makefu = "/home/makefu/secrets/${name}";
+      secrets = getAttr builder {
+        buildbot.file = toString <stockholm/makefu/6tests/data/secrets>;
+        makefu.pass = {
+          inherit name;
+          dir = "${getEnv "HOME"}/.secrets-pass";
+        };
       };
 
+
       stockholm.file = toString <stockholm>;
       stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
     }
@@ -72,9 +78,12 @@ in
     })
 
     (mkIf ( torrent ) {
-      torrent-secrets.file = getAttr builder {
-        buildbot = toString <stockholm/makefu/6tests/data/secrets>;
-        makefu = "/home/makefu/secrets/torrent" ;
+      torrent-secrets = getAttr builder {
+        buildbot.file = toString <stockholm/makefu/6tests/data/secrets>;
+        makefu.pass = {
+          name = "torrent";
+          dir = "${getEnv "HOME"}/.secrets-pass";
+        };
       };
     })
 
@@ -92,5 +101,19 @@ in
       };
     })
 
+    (mkIf ( nms ) {
+      nms.git = {
+        url = https://github.com/r-raymond/nixos-mailserver;
+        ref = "v2.1.2";
+      };
+    })
+
+    (mkIf ( clever_kexec ) {
+      clever_kexec.git = {
+        url = https://github.com/cleverca22/nix-tests;
+        ref = "5a670de7f2decfaafc95c34ffeb0f1896662f3d7";
+      };
+    })
+
     override
   ]
author	tv <tv@krebsco.de>	2018-05-09 11:07:27 +0200
committer	tv <tv@krebsco.de>	2018-05-09 11:07:27 +0200
commit	3f3c12dcd06ba211a484aabf011880a83e5832fd (patch)
tree	e713b5f6e9084c3ff5cf185a1aafc12437822ea8 /makefu
parent	edafe24e94252e2be936a760ce47485c8e4fa0af (diff)
parent	af75b96fbe412527c4bf9129de850bcab3e7c7cb (diff)