2015-07-24 08:52:43 +00:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
2015-07-24 21:03:50 +00:00
|
|
|
|
imports =
|
|
|
|
|
[ # Include the results of the hardware scan.
|
|
|
|
|
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
2015-07-28 23:07:41 +00:00
|
|
|
|
../2configs/base.nix
|
|
|
|
|
../2configs/cgit-retiolum.nix
|
2015-08-05 12:56:38 +00:00
|
|
|
|
../2configs/graphite-standalone.nix
|
2015-07-24 21:03:50 +00:00
|
|
|
|
];
|
2015-07-26 16:18:41 +00:00
|
|
|
|
krebs.build.host = config.krebs.hosts.pnp;
|
2015-07-29 09:56:31 +00:00
|
|
|
|
krebs.build.user = config.krebs.users.makefu;
|
|
|
|
|
krebs.build.target = "root@pnp";
|
|
|
|
|
|
|
|
|
|
krebs.build.deps = {
|
|
|
|
|
nixpkgs = {
|
|
|
|
|
url = https://github.com/NixOS/nixpkgs;
|
|
|
|
|
rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
|
|
|
|
|
};
|
|
|
|
|
secrets = {
|
|
|
|
|
url = "/home/makefu/secrets/${config.krebs.build.host.name}";
|
|
|
|
|
};
|
|
|
|
|
stockholm = {
|
|
|
|
|
url = toString ../..;
|
|
|
|
|
};
|
|
|
|
|
};
|
2015-07-26 16:18:41 +00:00
|
|
|
|
|
2015-07-24 21:03:50 +00:00
|
|
|
|
boot.loader.grub.enable = true;
|
|
|
|
|
boot.loader.grub.version = 2;
|
|
|
|
|
boot.loader.grub.device = "/dev/vda";
|
|
|
|
|
|
|
|
|
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ];
|
|
|
|
|
boot.kernelModules = [ ];
|
|
|
|
|
boot.extraModulePackages = [ ];
|
|
|
|
|
hardware.enableAllFirmware = true;
|
|
|
|
|
hardware.cpu.amd.updateMicrocode = true;
|
|
|
|
|
|
2015-08-05 12:56:38 +00:00
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
|
# nginx runs on 80
|
|
|
|
|
80
|
|
|
|
|
# graphite-web runs on 8080, carbon cache runs on 2003 tcp and udp
|
|
|
|
|
8080 2003
|
|
|
|
|
];
|
|
|
|
|
networking.firewall.allowedUDPPorts = [ 2003 ];
|
2015-07-29 13:50:37 +00:00
|
|
|
|
networking.firewall.rejectPackets = true;
|
2015-07-29 13:38:47 +00:00
|
|
|
|
networking.firewall.allowPing = true;
|
2015-07-24 21:03:50 +00:00
|
|
|
|
|
|
|
|
|
fileSystems."/" =
|
|
|
|
|
{ device = "/dev/disk/by-label/nixos";
|
|
|
|
|
fsType = "ext4";
|
|
|
|
|
};
|
|
|
|
|
krebs.retiolum = {
|
|
|
|
|
enable = true;
|
|
|
|
|
hosts = ../../Zhosts;
|
|
|
|
|
connectTo = [
|
|
|
|
|
"gum"
|
|
|
|
|
"pigstarter"
|
|
|
|
|
"fastpoke"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2015-07-24 08:52:43 +00:00
|
|
|
|
# $ nix-env -qaP | grep wget
|
2015-07-24 21:03:50 +00:00
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
jq
|
|
|
|
|
];
|
2015-07-24 08:52:43 +00:00
|
|
|
|
}
|