Merge remote-tracking branch 'gum/master'

This commit is contained in:
lassulus 2017-12-30 11:36:15 +01:00
commit c1ff2ddf71
13 changed files with 154 additions and 36 deletions

View File

@ -1,5 +1,7 @@
import <stockholm/makefu/source.nix> {
name="x";
full = true;
python = true;
hw = true;
# torrent = true;
}

View File

@ -1,4 +0,0 @@
{ config, ... }:
{
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
}

View File

@ -3,38 +3,14 @@
with import <stockholm/lib>;
{
imports = [ ./tp-x2x0.nix ];
boot = {
# tp-smapi is not supported bt x230 anymore
kernelModules = [
"kvm-intel"
"thinkpad_ec"
"acpi_call"
# "thinkpad_acpi"
# "tpm-rng"
];
extraModulePackages = [
config.boot.kernelPackages.acpi_call
];
# support backlight adjustment
kernelParams = [ "acpi_osi=Linux" "acpi_backlight=vendor" ];
};
imports = [ ./tp-x2x0.nix <nixos-hardware/lenovo/thinkpad/x230> ];
# configured media keys inside awesomerc
# sound.mediaKeys.enable = true;
hardware.bluetooth.enable = true;
services.acpid.enable = true;
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
services.xserver = {
videoDriver = "intel";
deviceSection = ''
Option "AccelMethod" "sna"
Option "Backlight" "intel_backlight"
'';
};
security.rngd.enable = true;
# possible i915 powersave options:
# options i915 enable_rc6=1 enable_fbc=1 semaphores=1
services.xserver.displayManager.sessionCommands =''
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1

View File

@ -17,6 +17,8 @@ with import <stockholm/lib>;
# enable synaptics so we can easily disable the touchpad
# enable the touchpad with `synclient TouchpadOff=0`
services.xserver.libinput.enable = false;
services.xserver.synaptics = {
enable = true;
additionalOptions = ''Option "TouchpadOff" "1"'';

View File

@ -8,7 +8,7 @@ in {
{ inherit hostName sshKey;
sshUser = "nixBuild";
system = "x86_64-linux";
maxJobs = 1;
}) [ "omo.r" "gum.r" "latte.r" ];
# puyak.r "wbob.r"
maxJobs = 8;
}) [ "hotdog.r" ];
# puyak.r "wbob.r" "omo.r" "gum.r" "latte.r"
}

View File

@ -0,0 +1,35 @@
{ pkgs, ...}:
let
genTopic = name: topic: tags: {
servers = [ "tcp://localhost:1883" ];
qos = 0;
connection_timeout = "30s";
topics = [ topic ];
tags = tags;
persistent_session = false;
name_override = name;
data_format = "value";
data_type = "float";
};
bamStat = stat: # Temperature or Humidity
host: # easy{1-4}
sensor: # dht11, dht22, ds18
(genTopic stat
"/bam/${host}/${sensor}/${stat}"
{"host" = host;
"scope" = "bam";
"sensor" = sensor;
} );
dht22 = host: [(bamStat "Temperature" host "dht22")
(bamStat "Humidity" host "dht22")];
dht11 = host: [(bamStat "Temperature" host "dht11")
(bamStat "Humidity" host "dht11")];
ds18 = host: [(bamStat "Temperature" host "ds18")];
in {
services.telegraf.extraConfig.inputs.mqtt_consumer =
(dht22 "easy1")
++ (dht22 "easy2")
++ (dht11 "easy3")
++ (ds18 "easy3");
}

View File

@ -7,6 +7,7 @@
./extra-gui.nix
./games.nix
./media.nix
./mobility.nix
./scanner-tools.nix
./sec.nix
./sec-gui.nix

View File

@ -2,8 +2,9 @@
{
users.users.makefu.packages = with pkgs;[
python3Packages.virtualenv
python3
python3Packages.pyserial
python3Packages.virtualenv
# embedded
gi
flashrom

View File

@ -0,0 +1,8 @@
{ config, pkgs, ... }:
{
users.users.makefu.packages = with pkgs;[
go-mtpfs
];
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
}

View File

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
users.users.makefu.packages = with pkgs; [ iproute vpn-ws ];
# vpn-ws-client vpnws wss://localhost/vpn --no-verify --exec "ip link set vpnws up;ip addr add 10.244.1.2/24 dev vpnws"
networking.interfaces.vpnws = {
virtual = true;
virtualType = "tap";
};
}

View File

@ -0,0 +1,42 @@
{pkgs, options, ... }:
let
pkg = pkgs.vpn-ws;
uid = "nginx";
gid = "nginx";
ip = "${pkgs.iproute}/bin/ip";
socket = "/run/vpn.sock";
htpasswd = (toString <secrets>) + "/vpn-ws-auth";
nginx-prepared-secrets = "/var/spool/nginx/vpn-ws-auth";
in {
systemd.services.vpn-ws-auth-prepare = {
wantedBy = [ "multi-user.target" ];
before = [ "nginx.service" ];
script = "install -m700 -o${uid} -g${gid} ${htpasswd} ${nginx-prepared-secrets}";
};
services.nginx.virtualHosts."euer.krebsco.de".locations."/vpn" = {
extraConfig = ''
auth_basic "please stand by...";
auth_basic_user_file ${nginx-prepared-secrets};
uwsgi_pass unix:${socket};
include ${pkgs.nginx}/conf/uwsgi_params;
'';
};
networking.interfaces.vpnws = {
virtual = true;
virtualType = "tap";
};
systemd.services.vpnws = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Restart = "always";
PrivateTmp = true;
ExecStartPre = pkgs.writeDash "vpnws-pre" ''
${ip} link set vpnws up
${ip} addr add 10.244.1.1/24 dev vpnws || :
'';
ExecStart = "${pkg}/bin/vpn-ws --uid ${uid} --gid ${gid} --tuntap vpnws ${socket}";
};
};
}

View File

@ -0,0 +1,30 @@
{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, openssl }:
stdenv.mkDerivation rec {
pname = "vpn-ws";
version = "9d0e866";
name = "${pname}-${version}";
src = fetchFromGitHub {
owner = "unbit";
repo = "vpn-ws";
rev = version;
sha256 = "068vzrpzgksadb31khancnpkgzhdcr6kh6k9wgm77q68skwl3w0k";
};
patchPhase = ''
sed -i 's/-Werror//' Makefile
'';
installPhase = ''
mkdir -p $out/bin
cp vpn-ws vpn-ws-client $out/bin
'';
buildInputs = [ openssl.dev ];
meta = {
homepage = https://github.com/unbit/vpn-ws;
description = "A VPN system over websockets";
license = lib.licenses.mit;
};
}

View File

@ -4,7 +4,9 @@ host@{ name,
secure ? false,
full ? false,
torrent ? false,
musnix ? false
hw ? false,
musnix ? false,
python ? false
}:
let
builder = if getEnv "dummy_secrets" == "true"
@ -45,6 +47,20 @@ in
ref = "d8b989f";
};
})
(mkIf ( hw ) {
nixos-hardware.git = {
url = https://github.com/nixos/nixos-hardware.git;
ref = "8a05dc9";
};
})
(mkIf ( python ) {
python.git = {
url = https://github.com/garbas/nixpkgs-python;
ref = "cac319b";
};
})
(mkIf ( torrent ) {
torrent-secrets.file = getAttr builder {
buildbot = toString <stockholm/makefu/6tests/data/secrets>;