lass: RIP helios
This commit is contained in:
parent
21d92086fe
commit
73b073c3fe
@ -224,32 +224,6 @@ with import <stockholm/lib>;
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD";
|
||||||
};
|
};
|
||||||
helios = {
|
|
||||||
cores = 2;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.0.3";
|
|
||||||
ip6.addr = "42:0:0:0:0:0:0:7105";
|
|
||||||
aliases = [
|
|
||||||
"helios.r"
|
|
||||||
"cgit.helios.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEA9SItL2mhQpTl95gjSWRstrDajUnI5YbrVCuaDKfw9gRwMyPNiO/y
|
|
||||||
Xwv/w4Ri8NCJZLZGkj2vG3X0EfJFBEPTJPTCbF9fP7PqqVs38BD41txLp+NrFxEq
|
|
||||||
5fmFk65/eg8ujrNQoOSUGmky/BKqQhWjvxdAWuwjN933wJCcNCxyaUwljHLYEK/I
|
|
||||||
oIJX+spnFmPwmhW9hsOj8K06eHixT13+0W48GG/ZNcV3x5vWxcKUvZ4Qtzz2iMNB
|
|
||||||
hud5kae7xMUfFAzCeKF/zsjuyt2d/xQg1WgR8MXGNgYhNJFSXz94r/bivNO6H4vP
|
|
||||||
Pfjndnh8cD46ADo8woS1nQ19WId+sMbipwIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
secure = true;
|
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWlIxkX41V55Yker8n4gErx2xcKpXFNKthhbP3+bTJ7";
|
|
||||||
};
|
|
||||||
shodan = {
|
shodan = {
|
||||||
cores = 2;
|
cores = 2;
|
||||||
nets = {
|
nets = {
|
||||||
@ -339,10 +313,6 @@ with import <stockholm/lib>;
|
|||||||
mail = "lass@uriel.r";
|
mail = "lass@uriel.r";
|
||||||
pubkey = builtins.readFile ./ssh/uriel.rsa;
|
pubkey = builtins.readFile ./ssh/uriel.rsa;
|
||||||
};
|
};
|
||||||
lass-helios = {
|
|
||||||
mail = "lass@helios.r";
|
|
||||||
pubkey = builtins.readFile ./ssh/helios.rsa;
|
|
||||||
};
|
|
||||||
lass-shodan = {
|
lass-shodan = {
|
||||||
mail = "lass@shodan.r";
|
mail = "lass@shodan.r";
|
||||||
pubkey = builtins.readFile ./ssh/shodan.rsa;
|
pubkey = builtins.readFile ./ssh/shodan.rsa;
|
||||||
|
@ -1 +0,0 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBOnMtgy5GH6R6tHp2ugy5QTe3gAGxh2CKsstSNSNAJwvWGiaWJkbNmgM8KlCWeq1GJBGa95kU4I2BDO5fJd7J9vqyrTGF1+sx0Nwj/ELKSNVxDoKVYiU09pTqSB3pi46i+E8N49y4/8aRhu4/7O2dSTH7OS3YoZpt2Soas+cYJYhQdZtYQAgPX5LOkTfQvPhGR8AzrrTvOUrHyTWaSBEELVZ088LrFT6ibXHcPhwXX7A5+YMS8LLr3KRstySWzJEmfVOJxuMhQJSH1Xiq4bLilVn9V4AK5pCOnlALSYf48SexsCqzBUKgISuncurIBbXtW9EkNTMX3jSKlSQ7WniGRlmzrBAJCh4VXJUZgXDf8hAaPckIRbLosbTnEAauWcfnIXLfvI+bYkURhfYKsWelM+MS6ihk+P2yr8rNT9w5iUVJGVypOXUp45PrFuPn6ayCpNRJzqPwCCPE7fFagzLs7wibIXlrhCnRALT5HHyExFFcQoGvIq/8o+Oia8mrTimb55IDLwkiYrG6I5DPXFPKsTC0hium9T3I8dC+M7n9GbwnLTUK2kWnoklD3HTab21xJTtbF98nQ94df7doqPFxL/jongeZCGMB+PJ+BdQTtHr7tCY0kN2GXpoHxz/2w8YEWTKHhWIUsD+Utf8pDkKQfCqlm7iR7byxL51gHL9Z3Q== lass@helios
|
|
@ -70,7 +70,6 @@
|
|||||||
relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
|
relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
|
||||||
config.krebs.hosts.mors
|
config.krebs.hosts.mors
|
||||||
config.krebs.hosts.uriel
|
config.krebs.hosts.uriel
|
||||||
config.krebs.hosts.helios
|
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
@ -1,130 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
with builtins;
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../.
|
|
||||||
../2configs/retiolum.nix
|
|
||||||
../2configs/exim-retiolum.nix
|
|
||||||
../2configs/browsers.nix
|
|
||||||
../2configs/programs.nix
|
|
||||||
../2configs/git.nix
|
|
||||||
../2configs/pass.nix
|
|
||||||
../2configs/fetchWallpaper.nix
|
|
||||||
../2configs/backups.nix
|
|
||||||
|
|
||||||
#{
|
|
||||||
# # conflicting stuff with gnome setup
|
|
||||||
# # TODO: fix this
|
|
||||||
# imports = [
|
|
||||||
# ../2configs/baseX.nix
|
|
||||||
# ];
|
|
||||||
#}
|
|
||||||
{
|
|
||||||
# gnome3 for suja
|
|
||||||
time.timeZone = "Europe/Berlin";
|
|
||||||
services.xserver.enable = true;
|
|
||||||
services.xserver.desktopManager.xfce.enable = true;
|
|
||||||
networking.wireless.enable = true;
|
|
||||||
hardware.pulseaudio = {
|
|
||||||
enable = true;
|
|
||||||
systemWide = true;
|
|
||||||
};
|
|
||||||
users.users.ferret = {
|
|
||||||
uid = genid "ferret";
|
|
||||||
home = "/home/ferret";
|
|
||||||
group = "users";
|
|
||||||
createHome = true;
|
|
||||||
useDefaultShell = true;
|
|
||||||
extraGroups = [
|
|
||||||
];
|
|
||||||
hashedPassword = "$6$SaneLuyep90p8BPn$0IDbvLgNbRGZL96obWavanTmY6IkBG84vs2b/2oqlpbmTZH3retOYbQKF1uVqu6dD0ZGF4eBq9tqPbwUjRyY00";
|
|
||||||
};
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
firefox
|
|
||||||
chromium
|
|
||||||
maven
|
|
||||||
arandr
|
|
||||||
libreoffice
|
|
||||||
mpv
|
|
||||||
];
|
|
||||||
}
|
|
||||||
#{
|
|
||||||
# users.extraUsers = {
|
|
||||||
# root = {
|
|
||||||
# openssh.authorizedKeys.keys = map readFile [
|
|
||||||
# ../../krebs/Zpubkeys/uriel.ssh.pub
|
|
||||||
# ];
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
#}
|
|
||||||
#{
|
|
||||||
# services.elasticsearch = {
|
|
||||||
# enable = true;
|
|
||||||
# };
|
|
||||||
#}
|
|
||||||
{
|
|
||||||
krebs.power-action.battery = "BAT1";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.helios;
|
|
||||||
|
|
||||||
|
|
||||||
hardware.enableAllFirmware = true;
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
boot = {
|
|
||||||
loader.grub.enable = true;
|
|
||||||
loader.grub.version = 2;
|
|
||||||
loader.grub.device = "/dev/sda";
|
|
||||||
|
|
||||||
initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
|
|
||||||
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
|
|
||||||
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
|
|
||||||
#kernelModules = [ "kvm-intel" "msr" ];
|
|
||||||
kernelModules = [ "msr" ];
|
|
||||||
};
|
|
||||||
fileSystems = {
|
|
||||||
"/" = {
|
|
||||||
device = "/dev/pool/nix";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
"/boot" = {
|
|
||||||
device = "/dev/sda1";
|
|
||||||
};
|
|
||||||
|
|
||||||
"/home" = {
|
|
||||||
device = "/dev/pool/home";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
"/bku" = {
|
|
||||||
device = "/dev/pool/bku";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
"/tmp" = {
|
|
||||||
device = "tmpfs";
|
|
||||||
fsType = "tmpfs";
|
|
||||||
options = ["nosuid" "nodev" "noatime"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
#services.udev.extraRules = ''
|
|
||||||
# SUBSYSTEM=="net", ATTR{address}=="64:27:37:7d:d8:ae", NAME="wl0"
|
|
||||||
# SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:b8:c8:2e", NAME="et0"
|
|
||||||
#'';
|
|
||||||
|
|
||||||
services.xserver.synaptics = {
|
|
||||||
enable = true;
|
|
||||||
twoFingerScroll = true;
|
|
||||||
accelFactor = "0.035";
|
|
||||||
additionalOptions = ''
|
|
||||||
Option "FingerHigh" "60"
|
|
||||||
Option "FingerLow" "60"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
@ -107,29 +107,5 @@ with import <stockholm/lib>;
|
|||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/mors-home"; };
|
dst = { host = config.krebs.hosts.shodan; path = "/bku/mors-home"; };
|
||||||
startAt = "05:00";
|
startAt = "05:00";
|
||||||
};
|
};
|
||||||
dishfire-http-helios = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.helios; path = "/bku/dishfire-http"; };
|
|
||||||
startAt = "12:00";
|
|
||||||
};
|
|
||||||
dishfire-sql-helios = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.helios; path = "/bku/dishfire-sql"; };
|
|
||||||
startAt = "12:15";
|
|
||||||
};
|
|
||||||
prism-sql-helios = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.helios; path = "/bku/prism-sql_dumps"; };
|
|
||||||
startAt = "12:30";
|
|
||||||
};
|
|
||||||
prism-http-helios = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.helios; path = "/bku/prism-http"; };
|
|
||||||
startAt = "12:45";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -113,7 +113,7 @@ in {
|
|||||||
]
|
]
|
||||||
)
|
)
|
||||||
|
|
||||||
for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
|
for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
|
||||||
addShell(f,name="build-{}".format(i),env=env_lass,
|
addShell(f,name="build-{}".format(i),env=env_lass,
|
||||||
command=nixshell + \
|
command=nixshell + \
|
||||||
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
|
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
|
||||||
|
@ -15,7 +15,6 @@ with import <stockholm/lib>;
|
|||||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||||
lass.pubkey
|
lass.pubkey
|
||||||
lass-shodan.pubkey
|
lass-shodan.pubkey
|
||||||
lass-helios.pubkey
|
|
||||||
lass-icarus.pubkey
|
lass-icarus.pubkey
|
||||||
makefu.pubkey
|
makefu.pubkey
|
||||||
];
|
];
|
||||||
|
@ -16,7 +16,6 @@ with import <stockholm/lib>;
|
|||||||
relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [
|
relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [
|
||||||
config.krebs.hosts.mors
|
config.krebs.hosts.mors
|
||||||
config.krebs.hosts.uriel
|
config.krebs.hosts.uriel
|
||||||
config.krebs.hosts.helios
|
|
||||||
];
|
];
|
||||||
internet-aliases = with config.krebs.users; [
|
internet-aliases = with config.krebs.users; [
|
||||||
{ from = "postmaster@lassul.us"; to = lass.mail; } # RFC 822
|
{ from = "postmaster@lassul.us"; to = lass.mail; } # RFC 822
|
||||||
|
@ -8,7 +8,6 @@ let
|
|||||||
shodan = "51";
|
shodan = "51";
|
||||||
icarus = "53";
|
icarus = "53";
|
||||||
echelon = "197";
|
echelon = "197";
|
||||||
helios = "199";
|
|
||||||
cloudkrebs = "119";
|
cloudkrebs = "119";
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
|
Loading…
Reference in New Issue
Block a user