Merge remote-tracking branch 'wolf/master'
This commit is contained in:
lassulus
commit
d5cfc4bf19
|
|
@ -344,7 +344,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
|
|||
cores = 1;
|
||||
nets = {
|
||||
internet = {
|
||||
ip4.addr = "64.137.235.70";
|
||||
ip4.addr = "64.137.234.215";
|
||||
aliases = [
|
||||
"shoney.i"
|
||||
];
|
||||
|
|
|
|||
|
|
@ -17,19 +17,37 @@ in {
|
|||
../2configs/exim-retiolum.nix
|
||||
../2configs/virtualization.nix
|
||||
];
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 80 655 67 ];
|
||||
networking.firewall.allowedTCPPorts = [ 80 655 ];
|
||||
networking.firewall.checkReversePath = false;
|
||||
services.tinc.networks.siem = {
|
||||
name = "sdarth";
|
||||
extraConfig = "ConnectTo = sjump";
|
||||
};
|
||||
#networking.firewall.enable = false;
|
||||
# virtualisation.nova.enableSingleNode = true;
|
||||
krebs.retiolum.enable = true;
|
||||
|
||||
boot.kernelModules = [ "coretemp" "f71882fg" ];
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
networking.wireless.enable = true;
|
||||
networking = {
|
||||
wireless.enable = true;
|
||||
firewall = {
|
||||
allowPing = true;
|
||||
logRefusedConnections = false;
|
||||
allowedUDPPorts = [ 80 655 67 ];
|
||||
allowedTCPPorts = [ 80 655 ];
|
||||
};
|
||||
nat = {
|
||||
enable = true;
|
||||
internalIPs = [ "10.8.10.0/24" ];
|
||||
#internalInterfaces = [ "tinc.siem" ];
|
||||
externalIP = "10.8.8.2";
|
||||
externalInterface = "virbr3";
|
||||
};
|
||||
interfaces.virbr3.ip4 = [{
|
||||
address = "10.8.8.2";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
};
|
||||
|
||||
# TODO smartd omo darth gum all-in-one
|
||||
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
|
||||
|
|
|
|||
|
|
@ -1,15 +1,20 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
ip = "64.137.235.70";
|
||||
gw = "64.137.235.1";
|
||||
ip = "64.137.234.215";
|
||||
alt-ip = "64.137.234.210";
|
||||
extra-ip = "64.137.234.114"; #currently unused
|
||||
gw = "64.137.234.1";
|
||||
in {
|
||||
imports = [
|
||||
../.
|
||||
../../tv/2configs/hw/CAC.nix
|
||||
../../tv/2configs/fs/CAC-CentOS-7-64bit.nix
|
||||
../2configs/hw/CAC.nix
|
||||
../2configs/fs/CAC-CentOS-7-64bit.nix
|
||||
|
||||
];
|
||||
|
||||
|
||||
services.tinc.networks.siem.name = "sjump";
|
||||
|
||||
# minimal resources
|
||||
services.nixosManual.enable = false;
|
||||
programs.man.enable = false;
|
||||
|
|
@ -21,10 +26,13 @@ in {
|
|||
retiolum.enable = true;
|
||||
build.host = config.krebs.hosts.shoney;
|
||||
};
|
||||
networking.interfaces.enp2s1.ip4 = [ {
|
||||
address = ip;
|
||||
prefixLength = 24;
|
||||
} ];
|
||||
networking.interfaces.enp2s1.ip4 = [
|
||||
{ address = ip; prefixLength = 24; }
|
||||
{ address = alt-ip; prefixLength = 24; }
|
||||
];
|
||||
|
||||
networking.defaultGateway = gw;
|
||||
networking.nameservers = [ "8.8.8.8" ];
|
||||
networking.firewall.allowedUDPPorts = [ 655 1655 ];
|
||||
networking.firewall.allowedTCPPorts = [ 655 1655 ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ in {
|
|||
imports = [
|
||||
../.
|
||||
# TODO: copy this config or move to krebs
|
||||
../../tv/2configs/hw/CAC.nix
|
||||
../../tv/2configs/fs/CAC-CentOS-7-64bit.nix
|
||||
../2configs/hw/CAC.nix
|
||||
../2configs/fs/CAC-CentOS-7-64bit.nix
|
||||
../2configs/headless.nix
|
||||
|
||||
../2configs/bepasty-dual.nix
|
||||
|
|
|
|||
20
makefu/2configs/fs/CAC-CentOS-7-64bit.nix
Normal file
20
makefu/2configs/fs/CAC-CentOS-7-64bit.nix
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
_:
|
||||
|
||||
{
|
||||
boot.loader.grub = {
|
||||
device = "/dev/sda";
|
||||
};
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/centos/root";
|
||||
fsType = "xfs";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/sda1";
|
||||
fsType = "xfs";
|
||||
};
|
||||
};
|
||||
swapDevices = [
|
||||
{ device = "/dev/centos/swap"; }
|
||||
];
|
||||
}
|
||||
13
makefu/2configs/hw/CAC.nix
Normal file
13
makefu/2configs/hw/CAC.nix
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
_:
|
||||
{
|
||||
boot.initrd.availableKernelModules = [
|
||||
"ata_piix"
|
||||
"vmw_pvscsi"
|
||||
];
|
||||
boot.loader.grub.splashImage = null;
|
||||
nix = {
|
||||
daemonIONiceLevel = 1;
|
||||
daemonNiceLevel = 1;
|
||||
};
|
||||
sound.enable = false;
|
||||
}
|
||||
|
|
@ -22,7 +22,7 @@ in
|
|||
|
||||
# local discovery in shackspace
|
||||
nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
|
||||
|
||||
krebs.retiolum.extraConfig = "TCPOnly = yes";
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
addr = "0.0.0.0";
|
||||
|
|
@ -37,7 +37,7 @@ in
|
|||
|
||||
networking = {
|
||||
firewall.enable = false;
|
||||
interfaces.eth0.ip4 = [{
|
||||
interfaces.enp0s3.ip4 = [{
|
||||
address = shack-ip;
|
||||
prefixLength = 20;
|
||||
}];
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@
|
|||
stockholm_repo,
|
||||
workdir='stockholm-poller', branches=True,
|
||||
project='stockholm',
|
||||
pollinterval=120))
|
||||
pollinterval=60))
|
||||
'';
|
||||
scheduler = {
|
||||
force-scheduler = ''
|
||||
|
|
@ -43,7 +43,7 @@
|
|||
sched.append(schedulers.SingleBranchScheduler(
|
||||
## all branches
|
||||
change_filter=util.ChangeFilter(branch_re=".*"),
|
||||
# treeStableTimer=10,
|
||||
treeStableTimer=10,
|
||||
name="fast-all-branches",
|
||||
builderNames=["fast-tests"]))
|
||||
'';
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user