diff options
| -rw-r--r-- | krebs/3modules/lass/default.nix | 36 | ||||
| -rw-r--r-- | krebs/nixpkgs.json | 6 | ||||
| -rw-r--r-- | lass/1systems/morpheus/config.nix | 25 | ||||
| -rw-r--r-- | lass/1systems/morpheus/physical.nix | 47 | ||||
| -rw-r--r-- | lass/2configs/hass/default.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/hass/lib.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/pass.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/vim.nix | 23 | 
8 files changed, 125 insertions, 17 deletions
| diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 9c2c0e94c..2a75cc1bb 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -565,6 +565,42 @@ in {        ci = false;        syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ";      }; +    morpheus = { +      cores = 1; +      nets = { +        retiolum = { +          ip4.addr = "10.243.0.19"; +          ip6.addr = r6 "012f"; +          aliases = [ +            "morpheus.r" +          ]; +          tinc.pubkey = '' +            -----BEGIN RSA PUBLIC KEY----- +            MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY +            T7yWiKaUuBJThWged9PdPltLUEMmv+ubQqpWHZq442VWSS36r1yMSGpUeKK+oYMN +            /Sfu+1yC4m2uXno95wpJZIcDfbbn26jT6ldJ4Yd97zyrXKljvcdrz3wZzQq0tojh +            S5Q59x/aQMJbnQpnlFnMIEVgULuFPW16+vPGsXIPdYNggaF1avcBaFl8i3M0EZVz +            Swn4hArDynDJhR7M0QdlwOpOh7O+1iOnmXqqei3LxMVHb+YtzfHgxOPxggUsy7CR +            bj9uBR9loGwgmZwaxXd1Vfbw8kn/feOb9FcW73u+SZyzwEA9HFRV0jGQe3P9mGfI +            Bwe02DOTVXEB8jTAGCw5T3bXLIOX8kqdlCECuAWFfrt8H+GjZDuGUWRcMn32orMz +            sMvkab95ZOHK6Q31mrhILOIOdyZWKPZIabL3HF6CZtu52h6MDHbmGS0w0OJYhj2+ +            VnT9ZBoaeooVg8QOE43rCXvmL5vzhLKrj4s/53wTGG5SpzLs9Q9rrJVgAnz4YQ7j +            3Ov5q3Zxyr+vO6O7Pb5X49vCQw/jzK41S0/15GEmKcoxXemzeZCpX1mbeeTUtLvA +            U7OJwldrElzictBJ1gT94L4BDvoGZVqAkXJCJPamfsWaiw6SsMqtTfECAwEAAQ== +            -----END RSA PUBLIC KEY----- +          ''; +        }; +        wiregrill = { +          ip6.addr = w6 "012f"; +          aliases = [ +            "morpheus.w" +          ]; +          wireguard.pubkey = "BdiIHJjJQThmZD8DehxPGA+bboBHjljedwaRaV5yyDY="; +        }; +      }; +      ssh.privkey.path = <secrets/ssh.id_ed25519>; +      ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f "; +    };      hilum = {        cores = 1;        nets = { diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 8fd800964..cee3c5ec8 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@  {    "url": "https://github.com/NixOS/nixpkgs-channels", -  "rev": "48723f48ab92381f0afd50143f38e45cf3080405", -  "date": "2020-05-22T11:40:20+02:00", -  "sha256": "0h3b3l867j3ybdgimfn76lw7w6yjhszd5x02pq5827l659ihcf53", +  "rev": "e2bb73ce5f786b83e984b80199112f86b8a6cc9d", +  "date": "2020-06-07T23:11:12+02:00", +  "sha256": "0mpcdwhippvgsj3kj8vw35dgz94dnzgxgsfqqzcfpmvnzjc23vk7",    "fetchSubmodules": false  } diff --git a/lass/1systems/morpheus/config.nix b/lass/1systems/morpheus/config.nix new file mode 100644 index 000000000..c3a8ea6c8 --- /dev/null +++ b/lass/1systems/morpheus/config.nix @@ -0,0 +1,25 @@ +{ config, pkgs, ... }: +with import <stockholm/lib>; +{ +  imports = [ +    <stockholm/lass> +    <stockholm/lass/2configs/retiolum.nix> +  ]; + +  krebs.build.host = config.krebs.hosts.morpheus; + +  networking.wireless.enable = false; +  networking.networkmanager.enable = true; + +  services.logind.lidSwitch = "ignore"; +  services.logind.lidSwitchDocked = "ignore"; + +  environment.systemPackages = with pkgs; [ +    gitAndTools.hub +    nix-review +    firefox +  ]; + +  services.openssh.forwardX11 = true; +  programs.x2goserver.enable = true; +} diff --git a/lass/1systems/morpheus/physical.nix b/lass/1systems/morpheus/physical.nix new file mode 100644 index 000000000..3fb03cda4 --- /dev/null +++ b/lass/1systems/morpheus/physical.nix @@ -0,0 +1,47 @@ +{ +  imports = [ +    ./config.nix +    <nixpkgs/nixos/modules/installer/scan/not-detected.nix> +  ]; + +  boot.loader.grub.enable = true; +  boot.loader.grub.version = 2; +  boot.loader.grub.efiSupport = true; +  boot.loader.grub.efiInstallAsRemovable = true; +  boot.loader.grub.device = "nodev"; + +  networking.hostId = "06442b9a"; + +  fileSystems."/" = { +    device = "/dev/pool/root"; +    fsType = "btrfs"; +  }; + +  fileSystems."/boot" = { +    device = "/dev/disk/by-uuid/1F60-17C6"; +    fsType = "vfat"; +  }; + +  fileSystems."/home" = { +    device = "/dev/pool/home"; +    fsType = "btrfs"; +  }; + +  fileSystems."/tmp" = { +    device = "tmpfs"; +    fsType = "tmpfs"; +    options = ["nosuid" "nodev" "noatime"]; +  }; +  boot.initrd.luks = { +    cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; +    devices =  [{ +       name = "luksroot"; +       device = "/dev/nvme0n1p3"; +    }]; +  }; + +  services.udev.extraRules = '' +    SUBSYSTEM=="net", ATTR{address}=="f8:59:71:a9:05:65", NAME="wl0" +    SUBSYSTEM=="net", ATTR{address}=="54:e1:ad:4f:06:83", NAME="et0" +  ''; +} diff --git a/lass/2configs/hass/default.nix b/lass/2configs/hass/default.nix index 639ba3d3f..a48c61a69 100644 --- a/lass/2configs/hass/default.nix +++ b/lass/2configs/hass/default.nix @@ -14,6 +14,7 @@ with import ./lib.nix { inherit lib; };      { predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto      { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass      { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass +    { predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass    ];    services.home-assistant = { diff --git a/lass/2configs/hass/lib.nix b/lass/2configs/hass/lib.nix index 555cfae28..9281a19ec 100644 --- a/lass/2configs/hass/lib.nix +++ b/lass/2configs/hass/lib.nix @@ -99,7 +99,7 @@ rec {            conditions = [              {                condition = "template"; -              value_template = "{{ trigger.to_state.attributes.illuminance < 13000 }}"; +              value_template = "{{ trigger.to_state.attributes.illuminance < 7500 }}";              }              {                condition = "template"; diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix index 156ebcae7..6b2a0142a 100644 --- a/lass/2configs/pass.nix +++ b/lass/2configs/pass.nix @@ -1,7 +1,7 @@  { config, pkgs, ... }:  { -  krebs.per-user.lass.packages = with pkgs; [ +  users.users.lass.packages = with pkgs; [      (pass.withExtensions (ext: [ ext.pass-otp ]))      gnupg    ]; diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index f55886e2e..0e4ac5394 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -127,7 +127,6 @@ let    extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [      pkgs.vimPlugins.ack-vim -    pkgs.vimPlugins.Gundo      pkgs.vimPlugins.undotree      pkgs.vimPlugins.vim-go      pkgs.vimPlugins.fzf-vim @@ -155,26 +154,26 @@ let          let colors_name = ${toJSON name} -        hi Normal       ctermbg=235 -        hi Comment      ctermfg=242 -        hi Constant     ctermfg=062 -        hi Identifier   ctermfg=068 +        hi Normal       ctermbg=016 +        hi Comment      ctermfg=255 +        hi Constant     ctermfg=229 +        hi Identifier   ctermfg=123          hi Function     ctermfg=041          hi Statement    ctermfg=167          hi PreProc      ctermfg=167 -        hi Type         ctermfg=041 +        hi Type         ctermfg=046          hi Delimiter    ctermfg=251 -        hi Special      ctermfg=062 +        hi Special      ctermfg=146 -        hi Garbage      ctermbg=088 -        hi TabStop      ctermbg=016 -        hi NBSP         ctermbg=094 +        hi Garbage      ctermbg=124 +        hi TabStop      ctermbg=020 +        hi NBSP         ctermbg=056          hi NarrowNBSP   ctermbg=097          hi Todo         ctermfg=174 ctermbg=NONE -        hi NixCode      ctermfg=148 +        hi NixCode      ctermfg=190          hi NixData      ctermfg=149 -        hi NixQuote     ctermfg=150 +        hi NixQuote     ctermfg=119          hi diffNewFile  ctermfg=207          hi diffFile     ctermfg=207 | 
