m 1 wbob: add missing

2016-07-20 20:35:30 +02:00 · 2016-07-20 20:35:30 +02:00 · e03ae6d79d
commit e03ae6d79d
parent df7416dc31
2 changed files with 44 additions and 6 deletions
--- a/makefu/1systems/wbob.nix
+++ b/makefu/1systems/wbob.nix
@ -1,5 +1,7 @@
 { config, pkgs, ... }:
-{
+let rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
+in {
+
  makefu.awesome = {
    modkey = "Mod1";
    #TODO: integrate kiosk config into full config by templating the autostart
@ -9,19 +11,19 @@
    [ # Include the results of the hardware scan.
      ../.
      ../2configs/main-laptop.nix
+      ../2configs/virtualization.nix
+      ../2configs/tinc/retiolum.nix
    ];
  krebs = {
      enable = true;
-      retiolum.enable = true;
      build.host = config.krebs.hosts.wbob;
  };
  networking.firewall.allowedUDPPorts = [ 1655 ];
-  networking.firewall.allowedTCPPorts = [ 1655 ];
+  networking.firewall.allowedTCPPorts = [ 1655 49152 ];
  services.tinc.networks.siem = {
    name = "display";
    extraConfig = ''
      ConnectTo = sjump
-      Port = 1655
    '';
  };

@ -35,12 +37,12 @@


  # nuc hardware
-  boot.loader.grub.device = "/dev/sda";
+  boot.loader.grub.device = rootdisk;
  hardware.cpu.intel.updateMicrocode = true;
  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
  boot.kernelModules = [ "kvm-intel" ];
  fileSystems."/" = {
-      device = "/dev/sda1";
+      device = rootdisk + "-part1";
      fsType = "ext4";
  };

--- a/makefu/2configs/temp/share-samba.nix
+++ b/makefu/2configs/temp/share-samba.nix
@ -0,0 +1,36 @@
+{config, ... }:{
+  users.users.smbguest = {
+    name = "smbguest";
+    uid = config.ids.uids.smbguest;
+    description = "smb guest user";
+    home = "/var/empty";
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    139 445 # samba
+  ];
+
+  networking.firewall.allowedUDPPorts = [
+    137 138
+  ];
+  services.samba = {
+    enable = true;
+    shares = {
+      share-home = {
+        path = "/home/share/";
+        "read only" = "no";
+        browseable = "yes";
+        "guest ok" = "yes";
+      };
+    };
+    extraConfig = ''
+      guest account = smbguest
+      map to guest = bad user
+      # disable printing
+      load printers = no
+      printing = bsd
+      printcap name = /dev/null
+      disable spoolss = yes
+    '';
+  };
+}