diff options
| -rw-r--r-- | jeschli/1systems/bln/config.nix | 12 | ||||
| -rw-r--r-- | jeschli/1systems/brauerei/config.nix | 2 | ||||
| -rw-r--r-- | jeschli/source.nix | 2 | ||||
| -rw-r--r-- | krebs/1systems/hotdog/config.nix | 5 | ||||
| -rw-r--r-- | krebs/1systems/wolf/config.nix | 1 | ||||
| -rw-r--r-- | krebs/2configs/buildbot-all.nix | 4 | ||||
| -rw-r--r-- | krebs/3modules/buildbot/slave.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/tv/default.nix | 18 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/stockholm/default.nix | 23 | ||||
| -rw-r--r-- | lass/1systems/daedalus/config.nix | 1 | ||||
| -rw-r--r-- | lass/1systems/dishfire/config.nix | 1 | ||||
| -rw-r--r-- | lass/1systems/mors/config.nix | 4 | ||||
| -rw-r--r-- | lass/1systems/prism/config.nix | 16 | ||||
| -rw-r--r-- | lass/2configs/IM.nix | 15 | ||||
| -rw-r--r-- | lass/2configs/dns-stuff.nix | 22 | ||||
| -rw-r--r-- | lass/2configs/rebuild-on-boot.nix | 18 | ||||
| -rw-r--r-- | lass/2configs/security-workarounds.nix | 2 | ||||
| -rw-r--r-- | tv/1systems/wu/config.nix | 6 | ||||
| -rw-r--r-- | tv/2configs/default.nix | 2 | ||||
| -rw-r--r-- | tv/2configs/hw/w110er.nix | 17 | ||||
| -rw-r--r-- | tv/2configs/vim.nix | 2 | ||||
| -rw-r--r-- | tv/source.nix | 10 |
22 files changed, 106 insertions, 79 deletions
diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 901970e81..873c0fa3d 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -38,7 +38,7 @@ networking.hostName = "BLN02NB0154"; # Define your hostname. networking.networkmanager.enable = true; - #networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Select internationalisation properties. # i18n = { @@ -54,7 +54,11 @@ # List packages installed in system profile. To search by name, run: # $ nix-env -qaP | grep wget nixpkgs.config.allowUnfree = true; - environment.shellAliases = { n = "nix-shell"; }; + environment.shellAliases = { + n = "nix-shell"; + gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; + gh = "cd /home/markus/go/src/github.com"; + }; environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; }; environment.systemPackages = with pkgs; [ # system helper @@ -62,6 +66,7 @@ copyq dmenu git + tig i3lock keepass networkmanagerapplet @@ -72,6 +77,8 @@ rxvt_unicode # editors emacs + # databases + sqlite # internet thunderbird hipchat @@ -91,6 +98,7 @@ jetbrains.pycharm-professional jetbrains.webstorm jetbrains.goland + jetbrains.datagrip texlive.combined.scheme-full pandoc redis diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 171a002da..2dec45795 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -96,7 +96,7 @@ # Enable the X11 windowing system. services.xserver.enable = true; - # services.xserver.layout = "us"; + services.xserver.layout = "us"; # services.xserver.xkbOptions = "eurosign:e"; # Enable touchpad support. diff --git a/jeschli/source.nix b/jeschli/source.nix index d1b64b0ed..ae9e1e72e 100644 --- a/jeschli/source.nix +++ b/jeschli/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "f9390d6"; + ref = "d83c808"; }; secrets.file = getAttr builder { buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>; diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 73b5377bd..98fb88702 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -20,10 +20,5 @@ boot.isContainer = true; networking.useDHCP = false; - krebs.repo-sync.repos.stockholm.timerConfig = { - OnBootSec = "5min"; - OnUnitInactiveSec = "2min"; - RandomizedDelaySec = "2min"; - }; krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm"; } diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 0b21c0b6c..9d6955e7e 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -10,7 +10,6 @@ in <nixpkgs/nixos/modules/profiles/qemu-guest.nix> <stockholm/krebs/2configs/collectd-base.nix> <stockholm/krebs/2configs/stats/wolf-client.nix> - <stockholm/krebs/2configs/save-diskspace.nix> <stockholm/krebs/2configs/graphite.nix> <stockholm/krebs/2configs/buildbot-krebs.nix> diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix index ca994e996..5ea78f227 100644 --- a/krebs/2configs/buildbot-all.nix +++ b/krebs/2configs/buildbot-all.nix @@ -1,10 +1,6 @@ with import <stockholm/lib>; { lib, config, pkgs, ... }: { - imports = [ - <stockholm/krebs/2configs/repo-sync.nix> - ]; - networking.firewall.allowedTCPPorts = [ 80 8010 9989 ]; krebs.ci.enable = true; krebs.ci.treeStableTimer = 1; diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index 0af553c5d..fba585448 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -161,7 +161,7 @@ let ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux #remove garbage from old versions - rm -r ${workdir} + rm -rf ${workdir} mkdir -p ${workdir}/info cp ${buildbot-slave-init} ${workdir}/buildbot.tac echo ${contact} > ${workdir}/info/admin diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 98145274c..ce01be5f3 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -201,24 +201,6 @@ with import <stockholm/lib>; }; }; }; - schnabeldrucker = { - external = true; - nets = { - gg23 = { - ip4.addr = "10.23.1.21"; - aliases = ["schnabeldrucker.gg23"]; - }; - }; - }; - schnabelscanner = { - external = true; - nets = { - gg23 = { - ip4.addr = "10.23.1.22"; - aliases = ["schnabelscanner.gg23"]; - }; - }; - }; wu = { ci = true; cores = 4; diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 5705f086d..53c1ca5ba 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -92,6 +92,17 @@ -I "$target_path" ''); + cmds.get-version = pkgs.writeDash "get-version" '' + set -efu + hostname=''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)} + version=git.$(${pkgs.git}/bin/git describe --always --dirty) + case $version in (*-dirty) + version=$version@$hostname + esac + date=$(${pkgs.coreutils}/bin/date +%y.%m) + echo "$date.$version" + ''; + cmds.install = pkgs.withGetopt { force-populate = { default = /* sh */ "false"; switch = true; }; quiet = { default = /* sh */ "false"; switch = true; }; @@ -205,7 +216,7 @@ init.env = pkgs.writeText "init.env" /* sh */ '' export HOSTNAME="$(${pkgs.nettools}/bin/hostname)" - export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${shell.get-version})}" + export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${cmds.get-version})}" export quiet export system @@ -274,16 +285,6 @@ fi ''; - shell.get-version = pkgs.writeDash "stockholm.get-version" '' - set -efu - version=git.$(${pkgs.git}/bin/git describe --always --dirty) - case $version in (*-dirty) - version=$version@$HOSTNAME - esac - date=$(${pkgs.coreutils}/bin/date +%y.%m) - echo "$date.$version" - ''; - in pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link: diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 6674b3db5..8ec744584 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -41,6 +41,7 @@ with import <stockholm/lib>; skype wine ]; + nixpkgs.config.firefox.enableAdobeFlash = true; services.xserver.enable = true; services.xserver.displayManager.lightdm.enable = true; services.xserver.desktopManager.plasma5.enable = true; diff --git a/lass/1systems/dishfire/config.nix b/lass/1systems/dishfire/config.nix index 416edeb82..7993c763e 100644 --- a/lass/1systems/dishfire/config.nix +++ b/lass/1systems/dishfire/config.nix @@ -43,6 +43,7 @@ networking.dhcpcd.allowInterfaces = [ "enp*" "eth*" + "ens*" ]; } { diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 8c7c39a6f..c231a0b10 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -71,10 +71,6 @@ with import <stockholm/lib>; ]; } { - #ps vita stuff - boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; - } - { services.tor = { enable = true; client.enable = true; diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 593a1fc9c..03e9f6eeb 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -184,14 +184,17 @@ in { } { #hotdog + systemd.services."container@hotdog".reloadIfChanged = mkForce false; containers.hotdog = { config = { ... }: { + imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey ]; }; + autoStart = true; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.1"; @@ -200,8 +203,10 @@ in { } { #kaepsele + systemd.services."container@kaepsele".reloadIfChanged = mkForce false; containers.kaepsele = { config = { ... }: { + imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [ @@ -209,6 +214,7 @@ in { tv.pubkey ]; }; + autoStart = true; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.3"; @@ -217,8 +223,10 @@ in { } { #onondaga + systemd.services."container@onondaga".reloadIfChanged = mkForce false; containers.onondaga = { config = { ... }: { + imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ @@ -226,6 +234,7 @@ in { config.krebs.users.nin.pubkey ]; }; + autoStart = true; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.5"; @@ -302,6 +311,13 @@ in { } ]; } + { + krebs.repo-sync.repos.stockholm.timerConfig = { + OnBootSec = "5min"; + OnUnitInactiveSec = "2min"; + RandomizedDelaySec = "2min"; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix index b94cb0634..51512955e 100644 --- a/lass/2configs/IM.nix +++ b/lass/2configs/IM.nix @@ -20,6 +20,17 @@ let ''; in { + services.bitlbee = { + enable = true; + portNumber = 6666; + plugins = [ + pkgs.bitlbee-facebook + pkgs.bitlbee-steam + pkgs.bitlbee-discord + ]; + libpurple_plugins = [ pkgs.telegram-purple ]; + }; + users.extraUsers.chat = { home = "/home/chat"; uid = genid "chat"; @@ -46,6 +57,10 @@ in { restartIfChanged = false; + path = [ + pkgs.rxvt_unicode.terminfo + ]; + serviceConfig = { User = "chat"; RemainAfterExit = true; diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix index 411b07503..cbcce8df9 100644 --- a/lass/2configs/dns-stuff.nix +++ b/lass/2configs/dns-stuff.nix @@ -11,24 +11,6 @@ with import <stockholm/lib>; key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C"; }; }; - services.dnsmasq = { - enable = true; - resolveLocalQueries = false; - extraConfig = '' - server=127.1.0.1 - #no-resolv - cache-size=1000 - min-cache-ttl=3600 - bind-dynamic - all-servers - dnssec - trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 - rebind-domain-ok=/onion/ - server=/.onion/127.0.0.1#9053 - port=53 - ''; - }; - networking.extraResolvconfConf = '' - name_servers='127.0.0.1' - ''; + services.resolved.enable = true; + services.resolved.fallbackDns = [ "127.1.0.1" ]; } diff --git a/lass/2configs/rebuild-on-boot.nix b/lass/2configs/rebuild-on-boot.nix new file mode 100644 index 000000000..60198be7b --- /dev/null +++ b/lass/2configs/rebuild-on-boot.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: +with import <stockholm/lib>; +{ + systemd.services.rebuild-on-boot = { + wantedBy = [ "multi-user.target" ]; + environment = { + NIX_REMOTE = "daemon"; + HOME = "/var/empty"; + }; + serviceConfig = { + ExecStart = pkgs.writeScript "rebuild" '' + #!${pkgs.bash}/bin/bash + (/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) & + ''; + ExecStop = "${pkgs.coreutils}/bin/sleep 10"; + }; + }; +} diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix index 537c8a59b..c3d07d5fe 100644 --- a/lass/2configs/security-workarounds.nix +++ b/lass/2configs/security-workarounds.nix @@ -5,4 +5,6 @@ with import <stockholm/lib>; boot.extraModprobeConfig = '' install dccp /run/current-system/sw/bin/false ''; + + boot.kernelPackages = pkgs.linuxPackages_latest; } diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix index 5c593894a..b3e084fe2 100644 --- a/tv/1systems/wu/config.nix +++ b/tv/1systems/wu/config.nix @@ -44,12 +44,6 @@ with import <stockholm/lib>; }; }; - krebs.nixpkgs.allowUnfreePredicate = pkg: hasPrefix "nvidia-x11-" pkg.name; - hardware.bumblebee.enable = true; - hardware.bumblebee.group = "video"; - hardware.enableRedistributableFirmware= true; - hardware.opengl.driSupport32Bit = true; - services.printing.enable = true; services.udev.extraRules = '' diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 280552fe4..2ccab3d09 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -1,6 +1,8 @@ with import <stockholm/lib>; { config, pkgs, ... }: { + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.tmpOnTmpfs = true; krebs.enable = true; diff --git a/tv/2configs/hw/w110er.nix b/tv/2configs/hw/w110er.nix index 787bfc6e9..55e9482d4 100644 --- a/tv/2configs/hw/w110er.nix +++ b/tv/2configs/hw/w110er.nix @@ -1,8 +1,20 @@ +with import <stockholm/lib>; { pkgs, ... }: { imports = [ ../smartd.nix + { + # nvidia doesn't build despite + # https://github.com/NixOS/nixpkgs/issues/33284 + #hardware.bumblebee.enable = true; + #hardware.bumblebee.group = "video"; + #hardware.enableRedistributableFirmware= true; + #krebs.nixpkgs.allowUnfreePredicate = pkg: + # hasPrefix "nvidia-x11-" pkg.name || + # hasPrefix "nvidia-persistenced-" pkg.name || + # hasPrefix "nvidia-settings-" pkg.name; + } ]; boot.extraModprobeConfig = '' @@ -15,6 +27,7 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + hardware.opengl.driSupport32Bit = true; hardware.opengl.extraPackages = [ pkgs.vaapiIntel ]; networking.wireless.enable = true; @@ -41,4 +54,8 @@ echo auto > $i/power/control # defaults to 'on' done) ''; + + services.xserver = { + videoDriver = "intel"; + }; } diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix index 8a27b606a..59619f9b5 100644 --- a/tv/2configs/vim.nix +++ b/tv/2configs/vim.nix @@ -233,7 +233,7 @@ let { lua = {}; sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; sh.extraStart = concatStringsSep ''\|'' [ - ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)'' + ''write\(A\|Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)'' ''[a-z]*Phase[ \t\r\n]*='' ]; yaml = {}; diff --git a/tv/source.nix b/tv/source.nix index 31308fc99..b5e3f7cd7 100644 --- a/tv/source.nix +++ b/tv/source.nix @@ -1,8 +1,10 @@ with import <stockholm/lib>; -host@{ name, secure ? false, override ? {} }: let - builder = if getEnv "dummy_secrets" == "true" - then "buildbot" - else "tv"; +{ name +, dummy_secrets ? getEnv "dummy_secrets" == "true" +, override ? {} +, secure ? false +}@host: let + builder = if dummy_secrets then "buildbot" else "tv"; _file = <stockholm> + "/tv/1systems/${name}/source.nix"; in evalSource (toString _file) [ |