Merge remote-tracking branch 'pnp/master'

2015-11-12 14:15:57 +01:00 · 2015-11-12 14:15:57 +01:00 · e6b3931daf
commit e6b3931daf
parent 6295f79357 cdc77bf0bc
3 changed files with 34 additions and 10 deletions
--- a/krebs/4lib/infest/prepare.sh
+++ b/krebs/4lib/infest/prepare.sh
@ -66,6 +66,7 @@ prepare_debian() {
  type bzip2 2>/dev/null || apt-get install bzip2
  type git   2>/dev/null || apt-get install git
  type rsync 2>/dev/null || apt-get install rsync
+  type curl 2>/dev/null || apt-get install curl
  prepare_common
 }

--- a/krebs/default.nix
+++ b/krebs/default.nix
@ -11,6 +11,7 @@ let out = {
    inherit infest;
    inherit init;
    inherit nixos-install;
+    inherit populate;
  };

  deploy =
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@ -9,24 +9,47 @@ in {
      # TODO: copy this config or move to krebs
      ../2configs/tinc-basic-retiolum.nix
      ../2configs/headless.nix
+      ../2configs/fs/single-partition-ext4.nix
      # ../2configs/iodined.nix

-      # Reaktor
-      ../2configs/Reaktor/simpleExtend.nix
  ];

+  krebs.build.target = "root@gum.krebsco.de";
  krebs.build.host = config.krebs.hosts.gum;

-  krebs.Reaktor.enable = true;
+  # Chat
+  environment.systemPackages = with pkgs;[
+    weechat
+  ];
+  services.bitlbee.enable = true;

-  # prepare graphs
-  krebs.nginx.enable = true;
+  # Hardware
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "pata_via" "uhci_hcd" ];
+  boot.kernelModules = [ "kvm-intel" ];

+  # Network
+
+  services.udev.extraRules = ''
+    SUBSYSTEM=="net", ATTR{address}=="c8:0a:a9:c8:ee:dd", NAME="et0"
+  '';
  networking = {
-    firewall.allowPing = true;
-    firewall.allowedTCPPorts = [ 80 443 655 ];
-    firewall.allowedUDPPorts = [ 655 ];
-    interfaces.enp2s1.ip4 = [{
+  firewall = {
+      allowPing = true;
+      allowedTCPPorts = [
+        # smtp
+        25
+        # http
+        80 443
+        # tinc
+        655
+      ];
+      allowedUDPPorts = [
+        # tinc
+        655 53
+      ];
+    };
+    interfaces.et0.ip4 = [{
      address = external-ip;
      prefixLength = 24;
    }];
@ -34,5 +57,4 @@ in {
    nameservers = [ "8.8.8.8" ];
  };

-  # based on ../../tv/2configs/CAC-Developer-2.nix
 }