Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branches 'prism/master' and 'gum/master'

Browse Source
This commit is contained in:
tv 2017-04-12 11:21:47 +02:00
commit ea1de2f27f
20 changed files with 135 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
krebs/3modules/lass/default.nix
View File

@ -19,7 +19,6 @@ with import <stockholm/lib>;
ip4.addr = "10.243.133.99";
ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1233";
aliases = [
"dishfire.retiolum"
"dishfire.r"
];
tinc.pubkey = ''
@ -52,10 +51,8 @@ with import <stockholm/lib>;
ip4.addr = "10.243.206.103";
ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f763";
aliases = [
"echelon.retiolum"
"echelon.r"
"cgit.echelon.retiolum"
"go.retiolum"
"cgit.echelon.r"
"go.r"
];
tinc.pubkey = ''
@ -96,12 +93,11 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.103";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab";
aliases = [
"prism.retiolum"
"prism.r"
"cgit.prism.retiolum"
"cgit.prism.r"
"cache.prism.r"
"paste.r" "paste.retiolum"
"paste.r"
"p.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -144,9 +140,8 @@ with import <stockholm/lib>;
ip4.addr = "10.243.206.102";
ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f762";
aliases = [
"cloudkrebs.retiolum"
"cloudkrebs.r"
"cgit.cloudkrebs.retiolum"
"cgit.cloudkrebs.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -175,9 +170,8 @@ with import <stockholm/lib>;
ip4.addr = "10.243.81.176";
ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56";
aliases = [
"uriel.retiolum"
"uriel.r"
"cgit.uriel.retiolum"
"cgit.uriel.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -207,9 +201,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.2";
ip6.addr = "42:0:0:0:0:0:0:dea7";
aliases = [
"mors.retiolum"
"mors.r"
"cgit.mors.retiolum"
"cgit.mors.r"
];
tinc.pubkey = ''
@ -235,9 +227,8 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.3";
ip6.addr = "42:0:0:0:0:0:0:7105";
aliases = [
"helios.retiolum"
"helios.r"
"cgit.helios.retiolum"
"cgit.helios.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -262,9 +253,8 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.4";
ip6.addr = "42:0:0:0:0:0:0:50d4";
aliases = [
"shodan.retiolum"
"shodan.r"
"cgit.shodan.retiolum"
"cgit.shodan.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -289,9 +279,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.133.114";
ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1214";
aliases = [
"icarus.retiolum"
"icarus.r"
"cgit.icarus.retiolum"
"cgit.icarus.r"
];
tinc.pubkey = ''
@ -316,25 +304,25 @@ with import <stockholm/lib>;
};
users = {
lass = {
mail = "lass@mors.retiolum";
mail = "lass@mors.r";
pubkey = builtins.readFile ./ssh/mors.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp;
};
lass-uriel = {
mail = "lass@uriel.retiolum";
mail = "lass@uriel.r";
pubkey = builtins.readFile ./ssh/uriel.rsa;
};
lass-helios = {
mail = "lass@helios.retiolum";
mail = "lass@helios.r";
pubkey = builtins.readFile ./ssh/helios.rsa;
};
lass-shodan = {
mail = "lass@shodan.retiolum";
mail = "lass@shodan.r";
pubkey = builtins.readFile ./ssh/shodan.rsa;
pgp.pubkeys.default = builtins.readFile ./pgp/shodan.pgp;
};
lass-icarus = {
mail = "lass@icarus.retiolum";
mail = "lass@icarus.r";
pubkey = builtins.readFile ./ssh/icarus.rsa;
};
fritz = {

2
krebs/3modules/lass/ssh/shodan.rsa
View File

@ -1 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV+EscrUKgsu6iO94lJQ45o0t9QV88H7RrbLCsysgesQqiCbq0XNJKSrKI4T/o5dBNfoHMi4FSuPsF3YzffvMOWmdluHRBIhDJSDiFaraHr1zu7fHDO8gsUf/a3H3LPHtRRoXQFNsIK5NRLR35WpKt+zG6GK/WLBzb2N4MR3Ym5Qo2OepW3pgMWjjbmiUbGGiao9OWgx5tjjT8PLHIWdoEmJsaE5UnOWebqY+xfkWXMLdzMBPyEdCVwUO7X3Ip0Zk/BJFSqtIHBqQtp+njgeRwfkL2xabge3VGALAnQg5iYXzT8kfzIu/wfaoSdGkdPWxMo80KDiJJlpLj1oC3ABmDj01Hgu9p+g5Em0SFevcenspTii3IvYqdq+eg5+pPny4ki9748t6FlWRsrjrmjdQVVMWbhx42+lsyxIYsdXhwWMqNwTNzvY7Fxy3/8XE14pYWCV5eEll2/hSNfI6AcOoJ0vfHvOXsY6GVMYklXDIFzmiJOpyox+DnTahyUqQ6IcLH73vp9boVK31kf8EC7VDp8ms2ZiXz9nfPYltiUOtKKG0gqg9Jgs7xthpX82WYEp2+PXzPCHWs4WXs3OsUzQ8ykXXD2A7JMVBBv0FaMD4aBsOe7hU20/sO+/J/uuPe5xnpI//uFK4KkYCmDHZcZ3Qzh9CQTISwFvOBbYtRWbDo5w== lass@shodan
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDH31q4qmu8dbnu5BJMEW5CAMW9xlZg5dNTREy6vHE5OofmDEzi5YTBYr543ppGYQL/PzepChGl8RKZETeU+pnqTTHgnUh3KkOnX0GmpKgDgFgDrdVwyU137P6RyOo/kLvfbzAu1bFC5Q5hUDdbd5dDAQGN23wsRQxx1EI1uMrrMbMUKxpk/x5+AZi0JfAOY4SJNYIRfnim5v9jAt1JHeOjKy3sT3/ZEaJqK8DAKEHo0/kYyizWn5M7do5bw2+WpG/gHpdtTD0NlKwFUyMzhFJh4ahDt9FtExnmDA45rAcVSsinhUmrPqPwBKEnUxle5tw3A4YRHUvqhHTo6G852iiPHE0DUlCKsDJwr+lw3DXjK+HYOdKMFC6nsh4x+SFrwg6JKCXPzeCH2w7VP5xJGlb3YS+NcvbYWRbiqJ/M2hVdn/Atxq2VUAdKnrNtNW4ZYH6yJTGOkcXkyKJzcTj5JZIvJd1DL0pI9aGWNxnmfyOVMgaKfdafBqU/PB8RPPAZH9RCVRH0g+Cnu0NoJmkwKaq0K+z+FF9eNqVpNnYnjVLsPvjLIXCn8kJl4/2mimDlOarj/I9Hs+k0/gbzx4PKUS87+rUVA4Hfz+MltzZQUGoIBQxciAgVVh7zLrMgnPWwvqHnMKAQ9nzgme3A4ew2Ocyl30+skLstr9e08VqErguYSw== lass@shodan

70
krebs/3modules/makefu/default.nix
View File

@ -11,7 +11,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.177.9";
ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce";
aliases = [
"drop.retiolum"
"drop.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -35,7 +35,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.113.98";
ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096";
aliases = [
"fileleech.retiolum"
"fileleech.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -58,8 +58,8 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.210";
ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0001";
aliases = [
"pnp.retiolum"
"cgit.pnp.retiolum"
"pnp.r"
"cgit.pnp.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -81,7 +81,6 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.84";
ip6.addr = "42:ff6b:5f0b:460d:2cee:4d05:73f7:5566";
aliases = [
"darth.retiolum"
"darth.r"
];
tinc.pubkey = ''
@ -153,7 +152,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.212";
ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0002";
aliases = [
"tsp.retiolum"
"tsp.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -180,7 +179,6 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.91";
ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db";
aliases = [
"x.retiolum"
"x.r"
];
tinc.pubkey = ''
@ -225,7 +223,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.1.91";
ip6.addr = "42:0b2c:d90e:e717:03dd:9ac1:0000:a400";
aliases = [
"vbob.retiolum"
"vbob.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -259,14 +257,14 @@ with import <stockholm/lib>;
ip4.addr = "192.40.56.122";
ip6.addr = "2604:2880::841f:72c";
aliases = [
"pigstarter.internet"
"pigstarter.i"
];
};
retiolum = {
ip4.addr = "10.243.0.153";
ip6.addr = "42:9143:b4c0:f981:6030:7aa2:8bc5:4110";
aliases = [
"pigstarter.retiolum"
"pigstarter.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -295,7 +293,6 @@ with import <stockholm/lib>;
ip4.addr = "104.233.87.86";
aliases = [
"wry.i"
"wry.internet"
];
};
retiolum = {
@ -303,9 +300,9 @@ with import <stockholm/lib>;
ip4.addr = "10.243.29.169";
ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad";
aliases = [
"graphs.wry.retiolum"
"paste.wry.retiolum"
"wry.r" "wry.retiolum"
"wry.r"
"graphs.wry.r"
"paste.wry.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -340,8 +337,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.153.102";
ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0";
aliases = [
"filepimp.retiolum"
"filepimp.r"
"filepimp.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -371,7 +367,6 @@ with import <stockholm/lib>;
ip4.addr = "10.243.0.89";
ip6.addr = "42:f9f0::10";
aliases = [
"omo.retiolum"
"omo.r"
"logs.makefu.r"
"stats.makefu.r"
@ -416,7 +411,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.214.15";
ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732";
aliases = [
"wbob.retiolum"
"wbob.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -453,7 +448,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "195.154.108.70";
aliases = [
"gum.internet"
"gum.i"
];
};
retiolum = {
@ -462,18 +457,15 @@ with import <stockholm/lib>;
# ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
aliases = [
"gum.r"
"gum.retiolum"
"cgit.gum.retiolum"
"cgit.gum.r"
"o.gum.r"
"o.gum.retiolum"
"tracker.makefu.r"
"tracker.makefu.retiolum"
"graphs.r" "graphs.retiolum"
"wiki.makefu.retiolum"
"wiki.wry.retiolum"
"blog.makefu.retiolum"
"blog.wry.retiolum"
"graphs.r"
"wiki.makefu.r"
"wiki.gum.r"
"blog.makefu.r"
"blog.gum.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -523,7 +515,6 @@ with import <stockholm/lib>;
ip4.addr = "10.243.205.131";
ip6.addr = "42:490d:cd82:d2bb:56d5:abd1:b88b:e8b4";
aliases = [
"shoney.retiolum"
"shoney.r"
];
tinc.pubkey = ''
@ -548,7 +539,6 @@ with import <stockholm/lib>;
ip4.addr = "10.243.83.237";
ip6.addr = "42:af50:99cf:c185:f1a8:14d5:acb:8101";
aliases = [
"sdev.retiolum"
"sdev.r"
];
tinc.pubkey = ''
@ -580,14 +570,13 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "162.248.11.162";
aliases = [
"flap.internet"
"flap.i"
];
};
retiolum = {
ip4.addr = "10.243.211.172";
ip6.addr = "42:472a:3d01:bbe4:4425:567e:592b:065d";
aliases = [
"flap.retiolum"
"flap.r"
];
tinc.pubkey = ''
@ -635,7 +624,6 @@ with import <stockholm/lib>;
ip6.addr = "42:9898:a8be:ce56:0ee3:b99c:42c5:109e";
aliases = [
"heidi.r"
"heidi.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -770,7 +758,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "148.251.47.69";
aliases = [
"wooki.internet"
"wooki.i"
];
};
retiolum = {
@ -825,7 +813,7 @@ with import <stockholm/lib>;
ip4.addr = "10.243.144.142";
ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278";
aliases = [
"tcac-0-1.retiolum"
"tcac-0-1.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -848,7 +836,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "217.160.206.154";
aliases = [
"muhbaasu.internet"
"muhbaasu.i"
];
};
retiolum = {
@ -877,7 +865,9 @@ with import <stockholm/lib>;
retiolum = {
ip4.addr = "10.243.183.236";
ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c";
aliases = [ "tpsw.r" "tpsw.retiolum" ];
aliases = [
"tpsw.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ
@ -894,10 +884,10 @@ with import <stockholm/lib>;
};
users = rec {
makefu = {
mail = "makefu@x.retiolum";
mail = "makefu@x.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@x";
pgp.pubkeys.default = builtins.readFile ./default.pgp;
pgp.pubkeys.brain = builtins.readFile ./brain.pgp;
pgp.pubkeys.default = builtins.readFile ./pgp/default.asc;
pgp.pubkeys.brain = builtins.readFile ./pgp/brain.asc;
};
makefu-omo = {
inherit (makefu) mail pgp;

0
krebs/3modules/makefu/brain.pgp → krebs/3modules/makefu/pgp/brain.asc
View File

0
krebs/3modules/makefu/default.pgp → krebs/3modules/makefu/pgp/default.asc
View File

5
krebs/5pkgs/kpaste/default.nix Normal file
View File

@ -0,0 +1,5 @@
{ curl, writeDashBin }:
writeDashBin "kpaste" ''
exec ${curl}/bin/curl -sS http://p.r --data-binary @-
''

1
lass/1systems/mors.nix
View File

@ -66,7 +66,6 @@ with import <stockholm/lib>;
"localhost"
"${config.krebs.build.host.name}"
"${config.krebs.build.host.name}.r"
"${config.krebs.build.host.name}.retiolum"
];
locations."~ ^/~(.+?)(/.*)?\$".extraConfig = ''
alias /home/$1/public_html$2;

3
lass/1systems/prism.nix
View File

@ -45,6 +45,7 @@ in {
../2configs/makefu-sip.nix
../2configs/monitoring/server.nix
../2configs/monitoring/monit-alarms.nix
../2configs/paste.nix
{
imports = [
../2configs/bepasty.nix
@ -157,7 +158,7 @@ in {
}
{
users.users.chat.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDiupmvj8gmiqIUTk9t4AOZ6bYvIpMMuNZULwIu/lbq8epK+FyvjRtCxqkLgFw0BfNYHzT9fxJ3kZY+nf/pnpI0j8TRwLAyPnfKuBfehrtzjdNbf1jCB9BQAaLoBHkLUFLJxskIC11nHx5KJVJvZBZZ6Odq1WIb4RZXjtEreQfvF8+YyFgHQ/epmQupKK6agHGkjtqvH+hz//dwDqHU9orj8MCWxNaa2wUgn+5laAvpLS15MQeCDIz8GJtJWToETY6bvldiLp2hIAJmgx8LIecV1h7YPR81Rk80gIk3f0PDfsLnnM6ibkI5p8NGh7nRKAdf+W90HpBIHKMRpRkMYvgL3ejVuKJZyzhYKUArA6egNRAN2d67eOpR/yKV5LjRxv+JBCOln5ynDbAmP4Hq98h+0K9Md7VavrRJzzPRTH3MPx+OKqsnRBRjhKsRFIUaO6/TBjZF4RCbbSSbvBW1u+qbTWX1MGUJNB5huL/OIBdHHcTb6GI3W4Svtgq4in2KI4COBhUJogm5UmaXRHtgqvn8byxutIsXMOTFjjdDK6r7mmOj1mzlu5wEHAV6FRsII92pf4WO2GYEUxz1ABu4HvRsVKlvYoEwwBhpXecTve6nogAiDvuxHjUX1eup3If3s4SvNirNPPUQuzNriYJ4JXiU6pGCJcBgxhl+NQ7ajxCdaw== JuiceSSH"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCkmIvB8BekIE2W24+I0gnzkvkEoeulz/zQkDUVJK4oScbIvgTYmcHzQuHJyPueTm67bJCOcYaTwEDNhcR/ZvcyiCQ7Jwa5cLDTkCkcR9LQq8ry5jMNEanvTgrnBIEcwfS7jFpyFb/PRVG6hh2bPOfP+ksFplkq1BTzKt/UTaCBwVEZqi5XuFIlq/MqJg+FIjh+wyeNR5jHtqgAhVjR+YLVNXLgtVPE+dlSfbyRQHuA9FTkUj8BxxnTdwM5Sx33S61ddik1XvRn++IYqFl68fZhzyTME7t/Mvjdz8J7ew2bF2IbJrXt37yQCAOEEp9/RC5OloA7dd/5ZJjZxSzT2HnYROILsYr3S0WV4e+H2G66ZN0ftdUCYh1o5rtY7IrSes6yHsKYbpoij1IAkRkyt2XgEH5EZCk1Omx8AY3ekW1KFIEhz2DZEfnCEjPf4AGCYZ0uy4XEztxzTDkh25TVs/tym1+96qCJ1yAxwWZDbVhS/Z6aSBpsyeDRKcak8qoWVC2dEPdYuTUmwvmo3pmGn/a4UfOLNJTn0jSRjy3kSv1hYzosN4NSYZqEylFB0ABnlqoLpX3tmWtrkiKv19S+djVGxbaaYm3hjPJfds3qCWTJWPvxPPeCE8wGXVLYqOQxa5ZPYeoTwRof5YNSbj5RFYy9sDLTlHl+U4ASTHZM5S3akQ== JuiceSSH"
];
}
{

6
lass/2configs/default.nix
View File

@ -64,10 +64,7 @@ with import <stockholm/lib>;
];
}
{
services.dnscrypt-proxy = {
enable = true;
resolverName = "d0wn-nl-ns3";
};
services.dnscrypt-proxy.enable = true;
networking.extraResolvconfConf = ''
name_servers='127.0.0.1'
'';
@ -138,6 +135,7 @@ with import <stockholm/lib>;
aria2
#neat utils
kpaste
krebspaste
mosh
pciutils

2
lass/2configs/go.nix
View File

@ -17,7 +17,7 @@ with import <stockholm/lib>;
'';
serverAliases = [
"go"
"go.retiolum"
"go.r"
];
};
};

7
lass/2configs/hw/tp-x220.nix
View File

@ -51,6 +51,11 @@ with import <stockholm/lib>;
services.xserver.synaptics = {
enable = true;
additionalOptions = ''Option "TouchpadOff" "1"'';
horizEdgeScroll = false;
horizontalScroll = false;
vertEdgeScroll = false;
maxSpeed = "0.1";
minSpeed = "0.01";
tapButtons = false;
};
}

9
lass/2configs/mail.nix
View File

@ -113,9 +113,12 @@ let
macro index ~ ,@( 'Toggle sidebar' # toggle the sidebar
'';
mutt = pkgs.writeDashBin "mutt" ''
exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@
'';
mutt = pkgs.concat "mutt" [
pkgs.neomutt
(pkgs.writeDashBin "mutt" ''
exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@
'')
];
in {
environment.systemPackages = [

9
lass/2configs/monitoring/client.nix
View File

@ -23,13 +23,4 @@ with import <stockholm/lib>;
};
};
};
services.journalbeat = {
enable = true;
extraConfig = ''
output.elasticsearch:
hosts: ["prism:9200"]
template.enabled: false
'';
};
}

12
lass/2configs/monitoring/server.nix
View File

@ -79,21 +79,9 @@ with import <stockholm/lib>;
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
};
services.elasticsearch = {
enable = true;
listenAddress = "0.0.0.0";
};
services.kibana = {
enable = true;
listenAddress = "0.0.0.0";
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
{ predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
{ predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; }
{ predicate = "-p tcp -i retiolum --dport 9200"; target = "ACCEPT"; }
{ predicate = "-p tcp -i retiolum --dport 5601"; target = "ACCEPT"; }
];
}

34
lass/2configs/mpv.nix
View File

@ -2,15 +2,17 @@
let
mpv-config = pkgs.writeText "mpv-config" ''
script=${lib.concatStringsSep "," [
good
delete
]}
'';
mpv = pkgs.writeDashBin "mpv" ''
exec ${pkgs.mpv}/bin/mpv --no-config --include=${mpv-config} "$@"
'';
scripts = lib.concatStringsSep "," [
good
delete
];
mpv = pkgs.concat "mpv" [
pkgs.mpv
(pkgs.writeDashBin "mpv" ''
exec ${pkgs.mpv}/bin/mpv --no-config --script=${scripts} "$@"
'')
];
moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" ''
tmp_dir = "${dir}"
@ -31,20 +33,6 @@ let
up = moveToDir "U" "./up";
down = moveToDir "Y" "./down";
deleteCurrentTrack = pkgs.writeText "delete.lua" ''
deleted_tmp = "./.graveyard"
-- Delete the current track by moving it to the `deleted_tmp` location.
function delete_current_track()
track = mp.get_property("path")
os.execute("mkdir -p '" .. deleted_tmp .. "'")
os.execute("mv '" .. track .. "' '" .. deleted_tmp .. "'")
print("'" .. track .. "' deleted.")
end
mp.add_key_binding("D", "delete_current_track", delete_current_track)
'';
in {
krebs.per-user.lass.packages = [
mpv

2
lass/2configs/nixpkgs.nix
View File

@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://cgit.lassul.us/nixpkgs;
ref = "ade5837";
ref = "a563923";
};
}

27
lass/2configs/paste.nix Normal file
View File

@ -0,0 +1,27 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
services.nginx.virtualHosts.paste = {
serverAliases = [ "p.r" ];
locations."/".extraConfig = ''
client_max_body_size 4G;
proxy_set_header Host $host;
proxy_pass http://localhost:9081;
'';
};
krebs.htgen.paste = {
port = 9081;
script = toString [
"PATH=${makeBinPath [
pkgs.nix
]}:$PATH"
"STATEDIR=$HOME"
". ${pkgs.htgen}/examples/paste"
];
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT";}
{ predicate = "-i retiolum -p tcp --dport 9081"; target = "ACCEPT";}
];
}

1
lass/2configs/repo-sync.nix
View File

@ -105,6 +105,7 @@ in {
(sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper")
(sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog")
(sync-remote "painload" "https://github.com/krebscode/painload")
(sync-remote "Reaktor" "https://github.com/krebscode/Reaktor")
(sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs")
(sync-retiolum "go")
(sync-retiolum "much")

29
lass/2configs/websites/domsen.nix
View File

@ -21,6 +21,22 @@ let
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
'';
restartPhpfpm_o.ubikmedia = pkgs.writeDash "restartPhpfpm_o.ubikmedia.org" ''
${pkgs.systemd}/bin/systemctl restart phpfpm-o.ubikmedia.de.service
'';
restartPhpfpm_o.ubikmedia_wrapper = pkgs.writeDashBin "restartPhpfpm_o.ubikmedia" ''
/run/wrappers/bin/sudo ${restartPhpfpm_o.ubikmedia}
'';
restartPhpfpm_ubikmedia = pkgs.writeDash "restartPhpfpm_ubikmedia.org" ''
${pkgs.systemd}/bin/systemctl restart phpfpm-ubikmedia.de.service
'';
restartPhpfpm_ubikmedia_wrapper = pkgs.writeDashBin "restartPhpfpm_ubikmedia" ''
/run/wrappers/bin/sudo ${restartPhpfpm_ubikmedia}
'';
in {
imports = [
./sqlBackup.nix
@ -116,6 +132,7 @@ in {
{ from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms"; }
{ from = "testuser@lassul.us"; to = "testuser"; }
{ from = "testuser@ubikmedia.eu"; to = "testuser"; }
];
sender_domains = [
"jla-trading.com"
@ -162,5 +179,17 @@ in {
useDefaultShell = true;
createHome = true;
};
#sudo restart wrappers
security.sudo.extraConfig = ''
domsen ALL= (root) NOPASSWD: ${restartPhpfpm_o.ubikmedia}
domsen ALL= (root) NOPASSWD: ${restartPhpfpm_ubikmedia}
'';
krebs.per-user.domsen.packages = [
restartPhpfpm_ubikmedia_wrapper
restartPhpfpm_o.ubikmedia_wrapper
];
}

2
makefu/2configs/default.nix
View File

@ -17,7 +17,7 @@ with import <stockholm/lib>;
enable = true;
dns.providers.lan = "hosts";
search-domain = "retiolum";
search-domain = "r";
build = {
user = config.krebs.users.makefu;
source = let