From 0823d0cbdc2861defaabc232058d96c8862c0b24 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 17 Sep 2018 01:11:57 +0200 Subject: [PATCH] ma: random cleanup --- makefu/1systems/sdev/config.nix | 14 ++++----- makefu/1systems/tsp/config.nix | 47 +++++++--------------------- makefu/2configs/mqtt.nix | 1 + makefu/2configs/share/gum-client.nix | 1 + makefu/2configs/stats/server.nix | 17 +++++----- makefu/2configs/tinc/retiolum.nix | 3 +- makefu/2configs/tools/core.nix | 4 ++- makefu/2configs/tools/extra-gui.nix | 1 + makefu/2configs/tools/media.nix | 7 +++-- makefu/5pkgs/bento4/default.nix | 3 +- makefu/5pkgs/default.nix | 9 ------ 11 files changed, 41 insertions(+), 66 deletions(-) diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix index c2cd23d1e..2f289d500 100644 --- a/makefu/1systems/sdev/config.nix +++ b/makefu/1systems/sdev/config.nix @@ -6,13 +6,13 @@ [ # Include the results of the hardware scan. - # - { # until virtualbox-image is fixed - imports = [ - - ]; - boot.loader.grub.device = "/dev/sda"; - } + + #{ # until virtualbox-image is fixed + # imports = [ + # + # ]; + # boot.loader.grub.device = lib.mkForce "/dev/sda"; + #} # diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 680fa2cbc..2921e2bcf 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -8,57 +8,32 @@ [ # Include the results of the hardware scan. - - + # + # hardware specifics are in here # imports tp-x2x0.nix - # + + + # + + + { + programs.adb.enable = true; + } ]; - # not working in vm krebs.build.host = config.krebs.hosts.tsp; - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; - boot.loader.grub.copyKernels = true; + boot.loader.grub.device = "/dev/sda"; networking.firewall.allowedTCPPorts = [ 25 ]; - # acer aspire - networking.wireless.enable = lib.mkDefault true; - - services.xserver.synaptics.enable = true; - hardware.enableAllFirmware = true; nixpkgs.config.allowUnfree = true; - - hardware.cpu.intel.updateMicrocode = true; - - zramSwap.enable = true; - zramSwap.numDevices = 2; - - services.tlp.enable = true; - services.tlp.extraConfig = '' - # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery - START_CHARGE_THRESH_BAT0=67 - STOP_CHARGE_THRESH_BAT0=100 - - - CPU_SCALING_GOVERNOR_ON_AC=performance - CPU_SCALING_GOVERNOR_ON_BAT=ondemand - CPU_MIN_PERF_ON_AC=0 - CPU_MAX_PERF_ON_AC=100 - CPU_MIN_PERF_ON_BAT=0 - CPU_MAX_PERF_ON_BAT=30 - ''; - - powerManagement.resumeCommands = '' - ${pkgs.rfkill}/bin/rfkill unblock all - ''; - } diff --git a/makefu/2configs/mqtt.nix b/makefu/2configs/mqtt.nix index 39c9fdfdd..c56521812 100644 --- a/makefu/2configs/mqtt.nix +++ b/makefu/2configs/mqtt.nix @@ -4,6 +4,7 @@ enable = true; host = "0.0.0.0"; users = {}; + # TODO: secure that shit allowAnonymous = true; }; } diff --git a/makefu/2configs/share/gum-client.nix b/makefu/2configs/share/gum-client.nix index be9ab026b..db2adfb1c 100644 --- a/makefu/2configs/share/gum-client.nix +++ b/makefu/2configs/share/gum-client.nix @@ -17,6 +17,7 @@ in { "file_mode=0775" "dir_mode=0775" "uid=9001" + "vers=3" ]; }; diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index 7548c733e..c8e768c99 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -2,11 +2,11 @@ with import ; let - irc-server = "rc.r"; + irc-server = "irc.r"; irc-nick = "m-alarm"; collectd-port = 25826; influx-port = 8086; - grafana-port = 3000; # TODO nginx forward + grafana-port = 3000; db = "collectd_db"; logging-interface = config.makefu.server.primary-itf; in { @@ -72,15 +72,16 @@ in { iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT - iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT - iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT - iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + #iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT - ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT - ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT - ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + #ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ''; + state = [ "/var/lib/grafana/data/grafana.db" ]; } diff --git a/makefu/2configs/tinc/retiolum.nix b/makefu/2configs/tinc/retiolum.nix index c55b94466..98abb2406 100644 --- a/makefu/2configs/tinc/retiolum.nix +++ b/makefu/2configs/tinc/retiolum.nix @@ -1,7 +1,8 @@ -_: +{ pkgs, ... }: { imports = [ ../binary-cache/lass.nix ]; krebs.tinc.retiolum.enable = true; + environment.systemPackages = [ pkgs.tinc ]; } diff --git a/makefu/2configs/tools/core.nix b/makefu/2configs/tools/core.nix index 604288904..33e896d4c 100644 --- a/makefu/2configs/tools/core.nix +++ b/makefu/2configs/tools/core.nix @@ -3,9 +3,11 @@ # tools i use when actually working with the host. # package version will now be maintained by nix-rebuild # -# essentially `nix-env -q` of the main user { environment.systemPackages = with pkgs; [ + ( pkgs.writeScriptBin "unknow" ''#!/bin/sh +${gnused}/bin/sed -i "''${1}d" ~/.ssh/known_hosts + '') at_spi2_core acpi bc diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 3d26cc574..1c28eeffd 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -6,6 +6,7 @@ gimp inkscape libreoffice + quodlibet # skype synergy tdesktop diff --git a/makefu/2configs/tools/media.nix b/makefu/2configs/tools/media.nix index 35faaa29f..a61b6c88e 100644 --- a/makefu/2configs/tools/media.nix +++ b/makefu/2configs/tools/media.nix @@ -3,11 +3,14 @@ { users.users.makefu.packages = with pkgs; [ kodi - streamripper - youtube-dl calibre vlc mumble mplayer + quodlibet + + plowshare + streamripper + youtube-dl ]; } diff --git a/makefu/5pkgs/bento4/default.nix b/makefu/5pkgs/bento4/default.nix index 07c64a101..6f5f1deba 100644 --- a/makefu/5pkgs/bento4/default.nix +++ b/makefu/5pkgs/bento4/default.nix @@ -1,5 +1,4 @@ { stdenv, fetchFromGitHub -, pkgconfig , cmake }: stdenv.mkDerivation rec { @@ -13,7 +12,7 @@ stdenv.mkDerivation rec { sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf"; }; - nativeBuildInputs = [ cmake pkgconfig ]; + nativeBuildInputs = [ cmake ]; installPhase = '' mkdir -p $out/{lib,bin} find -iname '*.so' -exec mv --target-directory="$out/lib" {} \; diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index d1aec70cb..390aabd73 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -33,15 +33,6 @@ in { inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: { patches = [ ./custom/inkscape/dxf_fix.patch ]; }); - pwqgen-ger = callPackage { - wordset-file = super.pkgs.fetchurl { - urls = [ - https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c - https://archive.org/download/nixos-stockholm-tarballs/pviar5j1gxiqcf3l34b4n2pil06xc8zf-wordset_4k.c - ]; - sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb"; - }; - }; } // (mapAttrs (_: flip callPackage {})