ma gum.r: enable download.binaergewitter and cache.nsupdate.info

This commit is contained in:
makefu 2018-12-03 09:20:48 +01:00
parent 5782a4de2e
commit 9052d190a3
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
4 changed files with 23 additions and 6 deletions

View File

@ -4,13 +4,14 @@ with import <stockholm/lib>;
let let
external-ip = config.krebs.build.host.nets.internet.ip4.addr; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
ext-if = config.makefu.server.primary-itf; ext-if = config.makefu.server.primary-itf;
allDisks = [ "/dev/sda" "/dev/sdb" ];
in { in {
imports = [ imports = [
<stockholm/makefu> <stockholm/makefu>
./hardware-config.nix ./hardware-config.nix
{ {
users.users.lass = { users.users.lass = {
uid = 9002; uid = 19002;
isNormalUser = true; isNormalUser = true;
createHome = true; createHome = true;
useDefaultShell = true; useDefaultShell = true;
@ -21,7 +22,7 @@ in {
}; };
} }
<stockholm/makefu/2configs/headless.nix> <stockholm/makefu/2configs/headless.nix>
# <stockholm/makefu/2configs/smart-monitor.nix> <stockholm/makefu/2configs/smart-monitor.nix>
# Security # Security
<stockholm/makefu/2configs/sshd-totp.nix> <stockholm/makefu/2configs/sshd-totp.nix>
@ -93,13 +94,15 @@ in {
<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix> <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
<stockholm/makefu/2configs/nginx/gold.krebsco.de.nix> <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
<stockholm/makefu/2configs/nginx/iso.euer.nix> <stockholm/makefu/2configs/nginx/iso.euer.nix>
<stockholm/krebs/2configs/cache.nsupdate.info.nix>
<stockholm/makefu/2configs/shack/events-publisher> <stockholm/makefu/2configs/shack/events-publisher>
<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix> <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/graphs.nix> <stockholm/makefu/2configs/deployment/graphs.nix>
<stockholm/makefu/2configs/deployment/owncloud.nix> <stockholm/makefu/2configs/deployment/owncloud.nix>
<stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/deployment/boot-euer.nix>
<stockholm/makefu/2configs/deployment/bgt/hidden_service.nix> <stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
<stockholm/makefu/2configs/bgt/hidden_service.nix>
<stockholm/makefu/2configs/stats/client.nix> <stockholm/makefu/2configs/stats/client.nix>
# <stockholm/makefu/2configs/logging/client.nix> # <stockholm/makefu/2configs/logging/client.nix>
@ -132,7 +135,7 @@ in {
ListenAddress = ${external-ip} 21031 ListenAddress = ${external-ip} 21031
''; '';
connectTo = [ connectTo = [
"prism" "ni" "enklave" "dishfire" "echelon" "hotdog" "prism" "ni" "enklave" "eve" "archprism"
]; ];
}; };
@ -189,6 +192,7 @@ in {
nameservers = [ "8.8.8.8" ]; nameservers = [ "8.8.8.8" ];
}; };
users.users.makefu.extraGroups = [ "download" "nginx" ]; users.users.makefu.extraGroups = [ "download" "nginx" ];
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
boot.tmpOnTmpfs = true; boot.tmpOnTmpfs = true;
state = [ "/home/makefu/.weechat" ]; state = [ "/home/makefu/.weechat" ];
} }

View File

@ -46,7 +46,7 @@ in {
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci" "ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
"xhci_pci" "ehci_pci" "ahci" "sd_mod" "xhci_pci" "ehci_pci" "ahci" "sd_mod"
]; ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "dm-thin-pool" "kvm-intel" ];
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
fileSystems."/" = { fileSystems."/" = {
device = "/dev/mapper/nixos-root"; device = "/dev/mapper/nixos-root";
@ -56,10 +56,19 @@ in {
device = "/dev/mapper/nixos-lib"; device = "/dev/mapper/nixos-lib";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/var/log" = {
device = "/dev/mapper/nixos-log";
fsType = "ext4";
};
fileSystems."/var/download" = { fileSystems."/var/download" = {
device = "/dev/mapper/nixos-download"; device = "/dev/mapper/nixos-download";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/var/www/binaergewitter" = {
device = "/dev/mapper/nixos-binaergewitter";
fsType = "ext4";
options = [ "nofail" ];
};
fileSystems."/var/lib/borgbackup" = { fileSystems."/var/lib/borgbackup" = {
device = "/dev/mapper/nixos-backup"; device = "/dev/mapper/nixos-backup";
fsType = "ext4"; fsType = "ext4";

View File

@ -1,10 +1,14 @@
ssh gum.i -o StrictHostKeyChecking=no
mount /dev/mapper/nixos-root /mnt mount /dev/mapper/nixos-root /mnt
mount /dev/sda2 /mnt/boot mount /dev/sda2 /mnt/boot
chroot-prepare /mnt chroot-prepare /mnt
chroot /mnt /bin/sh chroot /mnt /bin/sh
journalctl -D /mnt/var/log/journal --since today # find the active system (or check grub) journalctl -D /mnt/var/log/journal --since today # find the active system (or check grub)
# ... activating ...
export PATH=/nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/sw/bin export PATH=/nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/sw/bin
/nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/activate /nix/store/9incs5sfn7n1vh1lavgp95v761nh11w3-nixos-system-nextgum-18.03pre-git/activate

View File

@ -1,5 +1,5 @@
{ {
name="nextgum"; name="gum";
torrent = true; torrent = true;
clever_kexec = true; clever_kexec = true;
} }