Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
5ee80a05eb
|
@ -226,7 +226,7 @@ in {
|
||||||
{
|
{
|
||||||
users.users.tv = {
|
users.users.tv = {
|
||||||
uid = genid "tv";
|
uid = genid "tv";
|
||||||
home = "/home/tv";
|
inherit (config.krebs.users.tv) home;
|
||||||
group = "users";
|
group = "users";
|
||||||
createHome = true;
|
createHome = true;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
|
9
lass/2configs/audit.nix
Normal file
9
lass/2configs/audit.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
security.audit = {
|
||||||
|
rules = [
|
||||||
|
"-a task,never"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
|
@ -86,17 +86,17 @@ in {
|
||||||
["make \
|
["make \
|
||||||
test \
|
test \
|
||||||
ssh=${sshWrapper} \
|
ssh=${sshWrapper} \
|
||||||
target=build@localhost:${config.users.users.build.home}/testbuild \
|
target=build@localhost${config.users.users.build.home}/testbuild \
|
||||||
method=build \
|
method=build \
|
||||||
system={}".format(i)])
|
system={}".format(i)])
|
||||||
|
|
||||||
for i in [ "pornocauster", "wry" ]:
|
for i in [ "pornocauster", "wry", "vbob", "wbob", "shoney" ]:
|
||||||
addShell(f,name="build-{}".format(i),env=env_makefu,
|
addShell(f,name="build-{}".format(i),env=env_makefu,
|
||||||
command=nixshell + \
|
command=nixshell + \
|
||||||
["make \
|
["make \
|
||||||
test \
|
test \
|
||||||
ssh=${sshWrapper} \
|
ssh=${sshWrapper} \
|
||||||
target=build@localhost:${config.users.users.build.home}/testbuild \
|
target=build@localhost${config.users.users.build.home}/testbuild \
|
||||||
method=build \
|
method=build \
|
||||||
system={}".format(i)])
|
system={}".format(i)])
|
||||||
|
|
||||||
|
@ -147,7 +147,7 @@ in {
|
||||||
password = "lasspass";
|
password = "lasspass";
|
||||||
packages = with pkgs; [ gnumake jq nix populate ];
|
packages = with pkgs; [ gnumake jq nix populate ];
|
||||||
extraEnviron = {
|
extraEnviron = {
|
||||||
NIX_PATH="nixpkgs=/var/src/nixpkgs";
|
NIX_PATH="/var/src";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config.krebs.iptables = {
|
config.krebs.iptables = {
|
||||||
|
|
|
@ -3,13 +3,14 @@
|
||||||
with config.krebs.lib;
|
with config.krebs.lib;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/vim.nix
|
../2configs/audit.nix
|
||||||
../2configs/zsh.nix
|
|
||||||
../2configs/mc.nix
|
|
||||||
../2configs/retiolum.nix
|
|
||||||
../2configs/nixpkgs.nix
|
|
||||||
../2configs/binary-cache/client.nix
|
../2configs/binary-cache/client.nix
|
||||||
../2configs/gc.nix
|
../2configs/gc.nix
|
||||||
|
../2configs/mc.nix
|
||||||
|
../2configs/nixpkgs.nix
|
||||||
|
../2configs/retiolum.nix
|
||||||
|
../2configs/vim.nix
|
||||||
|
../2configs/zsh.nix
|
||||||
./backups.nix
|
./backups.nix
|
||||||
{
|
{
|
||||||
users.extraUsers =
|
users.extraUsers =
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
krebs.build.source.nixpkgs = {
|
krebs.build.source.nixpkgs.git = {
|
||||||
url = https://github.com/lassulus/nixpkgs;
|
url = https://github.com/lassulus/nixpkgs;
|
||||||
rev = "446d4c1fc10f53cf97abea1996d067ad93de2ded";
|
ref = "11a7899222929b6eb0951f7a1c0182f65b3b4637";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,7 @@ let
|
||||||
head
|
head
|
||||||
;
|
;
|
||||||
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
|
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
|
||||||
|
manageCerts
|
||||||
ssl
|
ssl
|
||||||
servePage
|
servePage
|
||||||
serveWordpress
|
serveWordpress
|
||||||
|
@ -48,6 +49,9 @@ in {
|
||||||
|
|
||||||
(ssl [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ])
|
(ssl [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ])
|
||||||
(servePage [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ])
|
(servePage [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ])
|
||||||
|
|
||||||
|
(manageCerts [ "goldbarrendiebstahl.radical-dreamers.de" ])
|
||||||
|
(serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ])
|
||||||
];
|
];
|
||||||
|
|
||||||
lass.mysqlBackup.config.all.databases = [
|
lass.mysqlBackup.config.all.databases = [
|
||||||
|
@ -74,6 +78,16 @@ in {
|
||||||
config.krebs.users.fritz.pubkey
|
config.krebs.users.fritz.pubkey
|
||||||
];
|
];
|
||||||
|
|
||||||
|
users.users.goldbarrendiebstahl = {
|
||||||
|
home = "/srv/http/goldbarrendiebstahl.radical-dreamers.de";
|
||||||
|
uid = genid "goldbarrendiebstahl";
|
||||||
|
createHome = true;
|
||||||
|
useDefaultShell = true;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.fritz.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
services.phpfpm.phpIni = pkgs.runCommand "php.ini" {
|
services.phpfpm.phpIni = pkgs.runCommand "php.ini" {
|
||||||
options = ''
|
options = ''
|
||||||
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
|
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
|
||||||
|
|
|
@ -17,7 +17,7 @@ with lib;
|
||||||
mirror.url = mirror;
|
mirror.url = mirror;
|
||||||
};
|
};
|
||||||
lassulus = {
|
lassulus = {
|
||||||
origin.url = http://cgit.cloudkrebs/stockholm ;
|
origin.url = http://cgit.prism/stockholm ;
|
||||||
mirror.url = mirror;
|
mirror.url = mirror;
|
||||||
};
|
};
|
||||||
"@latest" = {
|
"@latest" = {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user