diff options
Diffstat (limited to 'makefu/1systems')
| -rw-r--r-- | makefu/1systems/cake/config.nix | 4 | ||||
| -rw-r--r-- | makefu/1systems/darth/config.nix | 41 | ||||
| -rw-r--r-- | makefu/1systems/gum/config.nix | 17 | ||||
| -rw-r--r-- | makefu/1systems/latte/config.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/omo/config.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/tsp/config.nix | 42 | ||||
| -rw-r--r-- | makefu/1systems/wbob/config.nix | 5 | ||||
| -rw-r--r-- | makefu/1systems/x/config.nix | 13 | 
8 files changed, 76 insertions, 50 deletions
| diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix index c287c28df..1a617e52d 100644 --- a/makefu/1systems/cake/config.nix +++ b/makefu/1systems/cake/config.nix @@ -6,9 +6,6 @@  # configure your hw:  # <stockholm/makefu/2configs/save-diskspace.nix>    ]; -  users.extraUsers.root.openssh.authorizedKeys.keys = [ -    config.krebs.users.tv.pubkey -  ];    krebs = {      enable = true;      tinc.retiolum.enable = true; @@ -23,6 +20,7 @@    programs.man.enable = false;    services.nixosManual.enable = false;    boot.tmpOnTmpfs = lib.mkForce false; +  sound.enable = false;    hardware.enableRedistributableFirmware = true;    hardware.firmware = [ diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix index 7accb13d3..046c1574c 100644 --- a/makefu/1systems/darth/config.nix +++ b/makefu/1systems/darth/config.nix @@ -2,6 +2,8 @@  with import <stockholm/lib>;  let +  # all the good stuff resides in /data +    byid = dev: "/dev/disk/by-id/" + dev;    rootDisk = byid "ata-INTEL_SSDSC2BW480H6_CVTR53120385480EGN";    bootPart = rootDisk + "-part1"; @@ -21,44 +23,23 @@ in {        <stockholm/makefu/2configs/tinc/retiolum.nix>        <stockholm/makefu/2configs/tools/core.nix>        <stockholm/makefu/2configs/stats/client.nix> -      <stockholm/makefu/2configs/nsupdate-data.nix> - -      # SIEM -      #<stockholm/makefu/2configs/tinc/siem.nix> -      # {services.tinc.networks.siem = { -      #     name = "sdarth"; -      #     extraConfig = "ConnectTo = sjump"; -      #   }; -      # } +      # <stockholm/makefu/2configs/nsupdate-data.nix> -      # { -      #   makefu.forward-journal = { -      #     enable = true; -      #     src = "10.8.10.2"; -      #     dst = "10.8.10.6"; -      #   }; -      # } - -      ## Sharing -      # <stockholm/makefu/2configs/share/temp-share-samba.nix> -      #{ -      #  services.samba.shares = { -      #      isos = { -      #        path = "/data/isos/"; -      #        "read only" = "yes"; -      #        browseable = "yes"; -      #        "guest ok" = "yes"; -      #      }; -      #  }; -      #}        <stockholm/makefu/2configs/share/anon-ftp.nix> + +      # lan party +      <stockholm/makefu/2configs/lanparty/lancache.nix> +      <stockholm/makefu/2configs/lanparty/lancache-dns.nix> +      <stockholm/makefu/2configs/lanparty/samba.nix> +      <stockholm/makefu/2configs/lanparty/mumble-server.nix> +      <stockholm/makefu/2configs/virtualisation/libvirt.nix>    ];    #networking.firewall.enable = false;    makefu.server.primary-itf = "enp0s25"; -  krebs.hidden-ssh.enable = true; +  # krebs.hidden-ssh.enable = true;    boot.kernelModules = [ "coretemp" "f71882fg" ];    hardware.enableAllFirmware = true;    nixpkgs.config.allowUnfree = true; diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index e769b1e22..98d5d2988 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -2,16 +2,22 @@  with import <stockholm/lib>;  let -  external-mac = "3a:66:48:8e:82:b2"; +  # hw-specific +  external-mac = "2a:c5:6e:d2:fc:7f"; +  main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; +  external-gw = "185.194.140.1"; +  # single partition, label "nixos" +  # cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate + + +  # static    external-ip = config.krebs.build.host.nets.internet.ip4.addr;    external-ip6 = config.krebs.build.host.nets.internet.ip6.addr; -  external-gw = "188.68.40.1";    external-gw6 = "fe80::1";    external-netmask = 22;    external-netmask6 = 64; -  ext-if = "et0"; # gets renamed on the fly    internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; -  main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0"; +  ext-if = "et0"; # gets renamed on the fly  in {    imports = [        <stockholm/makefu> @@ -19,6 +25,7 @@ in {        <stockholm/makefu/2configs/headless.nix>        <stockholm/makefu/2configs/fs/single-partition-ext4.nix>        # <stockholm/makefu/2configs/smart-monitor.nix> +        <stockholm/makefu/2configs/git/cgit-retiolum.nix>        <stockholm/makefu/2configs/backup.nix>        # <stockholm/makefu/2configs/mattermost-docker.nix> @@ -76,7 +83,7 @@ in {        # <stockholm/makefu/2configs/logging/client.nix>        # Temporary: -      <stockholm/makefu/2configs/temp/rst-issue.nix> +      # <stockholm/makefu/2configs/temp/rst-issue.nix>    ];    makefu.dl-dir = "/var/download"; diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix index 3b06660c6..5352b029f 100644 --- a/makefu/1systems/latte/config.nix +++ b/makefu/1systems/latte/config.nix @@ -18,7 +18,7 @@ in {      # Security      <stockholm/makefu/2configs/sshd-totp.nix> -    <stockholm/makefu/2configs/stats/client.nix> +    # <stockholm/makefu/2configs/stats/client.nix>      # Tools      <stockholm/makefu/2configs/tools/core.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index a22ff10bd..1d157460b 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -82,7 +82,7 @@ in {        # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload        # Temporary: -      <stockholm/makefu/2configs/temp/rst-issue.nix> +      # <stockholm/makefu/2configs/temp/rst-issue.nix>      ];    makefu.full-populate = true;    makefu.server.primary-itf = primaryInterface; diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 75a11d3a7..7b751e514 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -1,20 +1,20 @@  #  #  # -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }:  {    imports =      [ # Include the results of the hardware scan.        <stockholm/makefu> -      <stockholm/makefu/2configs/gui/base.nix> +      <stockholm/makefu/2configs/main-laptop.nix> +      <stockholm/makefu/2configs/tools/all.nix>        <stockholm/makefu/2configs/fs/sda-crypto-root.nix>        # hardware specifics are in here        # imports tp-x2x0.nix -      <stockholm/makefu/2configs/hw/tp-x200.nix> +      # <stockholm/makefu/2configs/hw/tp-x200.nix> -      <stockholm/makefu/2configs/disable_v6.nix> -      <stockholm/makefu/2configs/rad1o.nix> +      # <stockholm/makefu/2configs/rad1o.nix>        <stockholm/makefu/2configs/zsh-user.nix>        <stockholm/makefu/2configs/exim-retiolum.nix> @@ -22,9 +22,41 @@      ];    # not working in vm    krebs.build.host = config.krebs.hosts.tsp; +  boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; +  boot.loader.grub.copyKernels = true;    networking.firewall.allowedTCPPorts = [      25    ]; +  # acer aspire +  networking.wireless.enable = lib.mkDefault true; + +  hardware.enableAllFirmware = true; +  nixpkgs.config.allowUnfree = true; + +  hardware.cpu.intel.updateMicrocode = true; + +  zramSwap.enable = true; +  zramSwap.numDevices = 2; + +  services.tlp.enable = true; +  services.tlp.extraConfig = '' +    # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery +    START_CHARGE_THRESH_BAT0=67 +    STOP_CHARGE_THRESH_BAT0=100 + + +    CPU_SCALING_GOVERNOR_ON_AC=performance +    CPU_SCALING_GOVERNOR_ON_BAT=ondemand +    CPU_MIN_PERF_ON_AC=0 +    CPU_MAX_PERF_ON_AC=100 +    CPU_MIN_PERF_ON_BAT=0 +    CPU_MAX_PERF_ON_BAT=30 +  ''; + +  powerManagement.resumeCommands = '' +    ${pkgs.rfkill}/bin/rfkill unblock all +  ''; +  } diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 3a53b70cb..ac51fd9ca 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -24,9 +24,12 @@ in {        # <stockholm/makefu/2configs/audio/jack-on-pulse.nix>        # <stockholm/makefu/2configs/audio/realtime-audio.nix>        # <stockholm/makefu/2configs/vncserver.nix> -      <stockholm/makefu/2configs/temp/rst-issue.nix> +        # Services        <stockholm/makefu/2configs/remote-build/slave.nix> + +      # temporary +      # <stockholm/makefu/2configs/temp/rst-issue.nix>    ];    krebs = { diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index f7db75564..1dd1a070f 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -23,8 +23,6 @@ with import <stockholm/lib>;        # <stockholm/makefu/2configs/deployment/wiki-irc-bot>        # <stockholm/makefu/2configs/torrent.nix> -      # <stockholm/makefu/2configs/lanparty/lancache.nix> -      # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>        # <stockholm/makefu/2configs/deployment/dirctator.nix>        # <stockholm/makefu/2configs/vncserver.nix>        # <stockholm/makefu/2configs/deployment/led-fader> @@ -64,7 +62,7 @@ with import <stockholm/lib>;        <stockholm/makefu/2configs/hw/rtl8812au.nix>        <stockholm/makefu/2configs/hw/exfat-nofuse.nix>        <stockholm/makefu/2configs/hw/wwan.nix> -      <stockholm/makefu/2configs/hw/stk1160.nix> +      # <stockholm/makefu/2configs/hw/stk1160.nix>        # <stockholm/makefu/2configs/rad1o.nix>        # Filesystem @@ -75,6 +73,11 @@ with import <stockholm/lib>;        {          programs.adb.enable = true;        } +      # temporary +      # <stockholm/makefu/2configs/lanparty/lancache.nix> +      # <stockholm/makefu/2configs/lanparty/lancache-dns.nix> +      # <stockholm/makefu/2configs/lanparty/samba.nix> +      # <stockholm/makefu/2configs/lanparty/mumble-server.nix>      ]; @@ -84,7 +87,6 @@ with import <stockholm/lib>;    nixpkgs.config.allowUnfree = true; -  environment.systemPackages = [ pkgs.passwdqc-utils ];    # configure pulseAudio to provide a HDMI sink as well @@ -102,4 +104,7 @@ with import <stockholm/lib>;    '';    # hard dependency because otherwise the device will not be unlocked    boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; + +  nix.package = pkgs.nixUnstable; +  environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];  } | 
