Merge remote-tracking branch 'gum/master'
This commit is contained in:
commit
dd4439bfc8
@ -427,7 +427,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
|
|
||||||
gum = rec {
|
gum = rec {
|
||||||
cores = 1;
|
cores = 2;
|
||||||
|
|
||||||
extraZones = {
|
extraZones = {
|
||||||
"krebsco.de" = ''
|
"krebsco.de" = ''
|
||||||
@ -448,7 +448,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
nets = rec {
|
nets = rec {
|
||||||
internet = {
|
internet = {
|
||||||
ip4.addr = "195.154.108.70";
|
ip4.addr = "188.68.40.19";
|
||||||
aliases = [
|
aliases = [
|
||||||
"gum.i"
|
"gum.i"
|
||||||
];
|
];
|
||||||
@ -456,7 +456,7 @@ with import <stockholm/lib>;
|
|||||||
retiolum = {
|
retiolum = {
|
||||||
via = internet;
|
via = internet;
|
||||||
ip4.addr = "10.243.0.211";
|
ip4.addr = "10.243.0.211";
|
||||||
# ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
|
ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
|
||||||
aliases = [
|
aliases = [
|
||||||
"gum.r"
|
"gum.r"
|
||||||
"cgit.gum.r"
|
"cgit.gum.r"
|
||||||
|
@ -2,23 +2,32 @@
|
|||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
|
external-mac = "3a:66:48:8e:82:b2";
|
||||||
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||||
|
external-gw = "188.68.40.1";
|
||||||
|
external-netmask = 22;
|
||||||
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
|
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
|
||||||
|
main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
../.
|
||||||
|
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
||||||
../2configs/headless.nix
|
../2configs/headless.nix
|
||||||
../2configs/fs/simple-swap.nix
|
|
||||||
../2configs/fs/single-partition-ext4.nix
|
../2configs/fs/single-partition-ext4.nix
|
||||||
../2configs/smart-monitor.nix
|
../2configs/smart-monitor.nix
|
||||||
../2configs/git/cgit-retiolum.nix
|
../2configs/git/cgit-retiolum.nix
|
||||||
../2configs/backup.nix
|
../2configs/backup.nix
|
||||||
# ../2configs/mattermost-docker.nix
|
# ../2configs/mattermost-docker.nix
|
||||||
../2configs/disable_v6.nix
|
# ../2configs/disable_v6.nix
|
||||||
../2configs/exim-retiolum.nix
|
../2configs/exim-retiolum.nix
|
||||||
../2configs/tinc/retiolum.nix
|
../2configs/tinc/retiolum.nix
|
||||||
../2configs/urlwatch.nix
|
../2configs/urlwatch.nix
|
||||||
|
|
||||||
|
# Tools
|
||||||
|
../2configs/tools/core.nix
|
||||||
|
../2configs/tools/dev.nix
|
||||||
|
../2configs/tools/sec.nix
|
||||||
|
|
||||||
# services
|
# services
|
||||||
../2configs/gum-share.nix
|
../2configs/gum-share.nix
|
||||||
../2configs/sabnzbd.nix
|
../2configs/sabnzbd.nix
|
||||||
@ -46,7 +55,7 @@ in {
|
|||||||
# ../2configs/logging/central-logging-client.nix
|
# ../2configs/logging/central-logging-client.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
services.smartd.devices = [ { device = "/dev/sda";} ];
|
services.smartd.devices = [ { device = main-disk;} ];
|
||||||
makefu.dl-dir = "/var/download";
|
makefu.dl-dir = "/var/download";
|
||||||
|
|
||||||
|
|
||||||
@ -83,16 +92,15 @@ in {
|
|||||||
get
|
get
|
||||||
];
|
];
|
||||||
services.bitlbee.enable = true;
|
services.bitlbee.enable = true;
|
||||||
systemd.services.bitlbee.environment.BITLBEE_DEBUG="1";
|
|
||||||
|
|
||||||
# Hardware
|
# Hardware
|
||||||
boot.loader.grub.device = "/dev/sda";
|
boot.loader.grub.device = main-disk;
|
||||||
boot.initrd.availableKernelModules = [ "pata_via" "uhci_hcd" ];
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
|
||||||
# Network
|
# Network
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
SUBSYSTEM=="net", ATTR{address}=="c8:0a:a9:c8:ee:dd", NAME="et0"
|
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="et0"
|
||||||
'';
|
'';
|
||||||
boot.kernelParams = [ ];
|
boot.kernelParams = [ ];
|
||||||
networking = {
|
networking = {
|
||||||
@ -124,9 +132,9 @@ in {
|
|||||||
};
|
};
|
||||||
interfaces.et0.ip4 = [{
|
interfaces.et0.ip4 = [{
|
||||||
address = external-ip;
|
address = external-ip;
|
||||||
prefixLength = 24;
|
prefixLength = external-netmask;
|
||||||
}];
|
}];
|
||||||
defaultGateway = "195.154.108.1";
|
defaultGateway = external-gw;
|
||||||
nameservers = [ "8.8.8.8" ];
|
nameservers = [ "8.8.8.8" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
50
makefu/1systems/iso.nix
Normal file
50
makefu/1systems/iso.nix
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../.
|
||||||
|
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
|
||||||
|
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
|
||||||
|
../2configs/tools/core.nix
|
||||||
|
];
|
||||||
|
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
|
||||||
|
# cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
|
||||||
|
krebs.build.host = config.krebs.hosts.iso;
|
||||||
|
krebs.hidden-ssh.enable = true;
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
aria2
|
||||||
|
ddrescue
|
||||||
|
];
|
||||||
|
environment.extraInit = ''
|
||||||
|
EDITOR=vim
|
||||||
|
'';
|
||||||
|
# iso-specific
|
||||||
|
boot.kernelParams = [ "copytoram" ];
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
hostKeys = [
|
||||||
|
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
# enable ssh in the iso boot process
|
||||||
|
systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||||
|
# hack `tee` behavior
|
||||||
|
nixpkgs.config.packageOverrides = super: {
|
||||||
|
irc-announce = super.callPackage <stockholm/krebs/5pkgs/irc-announce> {
|
||||||
|
pkgs = pkgs // { coreutils = pkgs.concat "coreutils-hack" [
|
||||||
|
pkgs.coreutils
|
||||||
|
(pkgs.writeDashBin "tee" ''
|
||||||
|
if test "$1" = /dev/stderr; then
|
||||||
|
while read -r line; do
|
||||||
|
echo "$line"
|
||||||
|
echo "$line" >&2
|
||||||
|
done
|
||||||
|
else
|
||||||
|
${super.coreutils}/bin/tee "$@"
|
||||||
|
fi
|
||||||
|
'')
|
||||||
|
];};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -55,7 +55,10 @@ in {
|
|||||||
../2configs/logging/central-stats-server.nix
|
../2configs/logging/central-stats-server.nix
|
||||||
# ../2configs/logging/central-logging-server.nix
|
# ../2configs/logging/central-logging-server.nix
|
||||||
../2configs/logging/central-stats-client.nix
|
../2configs/logging/central-stats-client.nix
|
||||||
|
|
||||||
|
# services
|
||||||
../2configs/syncthing.nix
|
../2configs/syncthing.nix
|
||||||
|
../2configs/mqtt.nix
|
||||||
# ../2configs/logging/central-logging-client.nix
|
# ../2configs/logging/central-logging-client.nix
|
||||||
|
|
||||||
# ../2configs/torrent.nix
|
# ../2configs/torrent.nix
|
||||||
|
@ -4,7 +4,7 @@ with import <stockholm/lib>;
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
{
|
{
|
||||||
users.extraUsers =
|
users.users =
|
||||||
mapAttrs (_: h: { hashedPassword = h; })
|
mapAttrs (_: h: { hashedPassword = h; })
|
||||||
(import <secrets/hashedPasswords.nix>);
|
(import <secrets/hashedPasswords.nix>);
|
||||||
}
|
}
|
||||||
@ -134,6 +134,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
|
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
|
# TODO: see .aliases
|
||||||
lsl = "ls -lAtr";
|
lsl = "ls -lAtr";
|
||||||
psg = "ps -ef | grep";
|
psg = "ps -ef | grep";
|
||||||
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
|
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
|
||||||
|
9
makefu/2configs/mqtt.nix
Normal file
9
makefu/2configs/mqtt.nix
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
services.mosquitto = {
|
||||||
|
enable = true;
|
||||||
|
host = "0.0.0.0";
|
||||||
|
users = {};
|
||||||
|
allowAnonymous = true;
|
||||||
|
};
|
||||||
|
}
|
@ -20,5 +20,6 @@
|
|||||||
xdotool
|
xdotool
|
||||||
xorg.xbacklight
|
xorg.xbacklight
|
||||||
scrot
|
scrot
|
||||||
|
wireshark
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -12,11 +12,11 @@
|
|||||||
rsync
|
rsync
|
||||||
exif
|
exif
|
||||||
file
|
file
|
||||||
|
# fs
|
||||||
ntfs3g
|
ntfs3g
|
||||||
|
dosfstools
|
||||||
pv
|
pv
|
||||||
proot
|
|
||||||
sshpass
|
sshpass
|
||||||
populate
|
|
||||||
usbutils
|
usbutils
|
||||||
p7zip
|
p7zip
|
||||||
hdparm
|
hdparm
|
||||||
@ -27,21 +27,30 @@
|
|||||||
sysstat
|
sysstat
|
||||||
which
|
which
|
||||||
weechat
|
weechat
|
||||||
curl
|
|
||||||
wget
|
|
||||||
wol
|
wol
|
||||||
tmux
|
tmux
|
||||||
|
iftop
|
||||||
|
mkpasswd
|
||||||
|
# storage
|
||||||
smartmontools
|
smartmontools
|
||||||
cifs-utils
|
cifs-utils
|
||||||
iftop
|
# net
|
||||||
taskwarrior
|
wget
|
||||||
mplayer
|
curl
|
||||||
|
|
||||||
cac-api
|
# stockholm
|
||||||
cac-panel
|
git
|
||||||
|
gnumake
|
||||||
|
jq
|
||||||
|
parallel
|
||||||
|
proot
|
||||||
|
populate
|
||||||
|
|
||||||
|
rxvt_unicode.terminfo
|
||||||
krebspaste
|
krebspaste
|
||||||
krebszones
|
|
||||||
ledger
|
# TODO:
|
||||||
|
taskwarrior
|
||||||
pass
|
pass
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -2,9 +2,15 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = with pkgs;[
|
krebs.per-user.makefu.packages = with pkgs;[
|
||||||
|
python35Packages.virtualenv
|
||||||
|
# embedded
|
||||||
|
flashrom
|
||||||
|
mosquitto
|
||||||
|
libcoap
|
||||||
nodemcu-uploader
|
nodemcu-uploader
|
||||||
esptool
|
esptool
|
||||||
python35Packages.virtualenv
|
cac-api
|
||||||
flashrom
|
cac-panel
|
||||||
|
krebszones
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -2,12 +2,13 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = with pkgs;[
|
krebs.per-user.makefu.packages = with pkgs;[
|
||||||
inkscape
|
|
||||||
gimp
|
gimp
|
||||||
|
inkscape
|
||||||
libreoffice
|
libreoffice
|
||||||
skype
|
|
||||||
virtmanager
|
|
||||||
synergy
|
|
||||||
saleae-logic
|
saleae-logic
|
||||||
|
skype
|
||||||
|
synergy
|
||||||
|
tdesktop
|
||||||
|
virtmanager
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -8,5 +8,6 @@
|
|||||||
calibre
|
calibre
|
||||||
vlc
|
vlc
|
||||||
mumble
|
mumble
|
||||||
|
mplayer
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
nmap
|
nmap
|
||||||
msf
|
msf
|
||||||
thc-hydra
|
thc-hydra
|
||||||
wireshark
|
borgbackup
|
||||||
|
ledger
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -1,26 +0,0 @@
|
|||||||
{ stdenv, fetchFromGitHub }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "f3-${version}";
|
|
||||||
version = "6.0";
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "AltraMayor";
|
|
||||||
repo = "f3";
|
|
||||||
rev = "v${version}";
|
|
||||||
sha256 = "1azi10ba0h9z7m0gmfnyymmfqb8380k9za8hn1rrw1s442hzgnz2";
|
|
||||||
};
|
|
||||||
|
|
||||||
makeFlags = [ "PREFIX=$(out)" ];
|
|
||||||
patchPhase = "sed -i 's/-oroot -groot//' Makefile";
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
description = "Fight Flash Fraud";
|
|
||||||
homepage = http://oss.digirati.com.br/f3/;
|
|
||||||
license = stdenv.lib.licenses.gpl2;
|
|
||||||
platforms = stdenv.lib.platforms.linux;
|
|
||||||
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
|
||||||
};
|
|
||||||
}
|
|
27
makefu/5pkgs/libcoap/default.nix
Normal file
27
makefu/5pkgs/libcoap/default.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ lib, stdenv, fetchFromGitHub, autoreconfHook, autoconf-archive, pkgconfig,
|
||||||
|
gettext, asciidoc, doxygen, libxml2, libxslt, docbook_xsl, ... }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "libcoap-${version}";
|
||||||
|
version = "4.1.2";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "obgm";
|
||||||
|
repo = "libcoap";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "0f0qq15480ja1s03vn8lzw4b3mzdgy46hng4aigi6i6qbzf29kf5";
|
||||||
|
};
|
||||||
|
|
||||||
|
patchPhase = ''
|
||||||
|
sed -i 's/$(A2X)/& --no-xmllint/' examples/Makefile.am
|
||||||
|
'';
|
||||||
|
buildInputs = [ gettext asciidoc doxygen libxml2.bin libxslt docbook_xsl];
|
||||||
|
nativeBuildInputs = [ autoreconfHook autoconf-archive pkgconfig ];
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "";
|
||||||
|
homepage = http://coap.technology;
|
||||||
|
license = stdenv.lib.licenses.gpl2;
|
||||||
|
platforms = stdenv.lib.platforms.linux;
|
||||||
|
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
||||||
|
};
|
||||||
|
}
|
@ -1,26 +0,0 @@
|
|||||||
{ stdenv, fetchgit, fuse, pkgconfig, which, attr, pandoc, git }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "mergerfs-${version}";
|
|
||||||
version = "2.16.1";
|
|
||||||
|
|
||||||
# not using fetchFromGitHub because of changelog being built with git log
|
|
||||||
src = fetchgit {
|
|
||||||
url = "https://github.com/trapexit/mergerfs";
|
|
||||||
rev = "refs/tags/${version}";
|
|
||||||
sha256 = "12fqgk54fnnibqiq82p4g2k6qnw3iy6dd64csmlf73yi67za5iwf";
|
|
||||||
deepClone = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
buildInputs = [ fuse pkgconfig which attr pandoc git ];
|
|
||||||
|
|
||||||
makeFlags = [ "PREFIX=$(out)" "XATTR_AVAILABLE=1" ];
|
|
||||||
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
homepage = https://github.com/trapexit/mergerfs;
|
|
||||||
description = "a FUSE based union filesystem";
|
|
||||||
license = stdenv.lib.licenses.isc;
|
|
||||||
maintainers = [ stdenv.lib.maintainers.makefu ];
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,29 +0,0 @@
|
|||||||
{ stdenv, fetchgit, clang, makeWrapper, gnugrep }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "ps3netsrv-${version}";
|
|
||||||
version = "1.1.0";
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
|
||||||
|
|
||||||
src = fetchgit {
|
|
||||||
url = "https://github.com/dirkvdb/ps3netsrv--";
|
|
||||||
fetchSubmodules = true;
|
|
||||||
rev = "e54a66cbf142b86e2cffc1701984b95adb921e81"; # latest @ 2016-05-24
|
|
||||||
sha256 = "09hvmfzqy2jckpsml0z1gkcnar8sigmgs1q66k718fph2d3g54sa";
|
|
||||||
};
|
|
||||||
|
|
||||||
nativeBuildInputs = [ gnugrep ];
|
|
||||||
buildPhase = "make CXX=g++";
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/bin
|
|
||||||
cp ps3netsrv++ $out/bin
|
|
||||||
'';
|
|
||||||
meta = {
|
|
||||||
description = "C++ implementation of the ps3netsrv server";
|
|
||||||
homepage = https://github.com/dirkvdb/ps3netsrv--;
|
|
||||||
license = stdenv.lib.licenses.mit;
|
|
||||||
platforms = stdenv.lib.platforms.linux;
|
|
||||||
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
|
||||||
};
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user