From fa38155eec9563dc9dc620a77900d87b97443cfe Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 15 Jul 2017 18:57:16 +0200
Subject: ma: move systems to subdir, init source

---
 makefu/1systems/fileleech/config.nix | 169 +++++++++++++++++++++++++++++++++++
 1 file changed, 169 insertions(+)
 create mode 100644 makefu/1systems/fileleech/config.nix

(limited to 'makefu/1systems/fileleech')

diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix
new file mode 100644
index 000000000..3aa5a54f8
--- /dev/null
+++ b/makefu/1systems/fileleech/config.nix
@@ -0,0 +1,169 @@
+{ config, pkgs, lib, ... }:
+let
+  toMapper = id: "/media/crypt${builtins.toString id}";
+  byid = dev: "/dev/disk/by-id/" + dev;
+  keyFile = byid "usb-Intuix_DiskOnKey_09A07360336198F8-0:0";
+  rootDisk = byid "ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN";
+  rootPartition = rootDisk + "-part3";
+
+	dataDisks =  let
+		idpart = dev: byid  dev + "-part1";
+	in [
+		{ name = "crypt0"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GDLJEF";}
+	  {	name = "crypt1"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GGWG8F";}
+	  {	name = "crypt2"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GH5NAF";}
+	  {	name = "crypt3"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GJWGDF";}
+	  {	name = "crypt4"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXHF";}
+	  {	name = "crypt5"; device = idpart "scsi-1ATA_HUA722020ALA330_B9GKKXVF";}
+	  {	name = "crypt6"; device = idpart "scsi-1ATA_HUA722020ALA330_YAJJ8WRV";}
+	  {	name = "crypt7"; device = idpart "scsi-1ATA_HUA722020ALA330_YBKTUS4F";} # parity
+	];
+
+  disks = [ { name = "luksroot"; device = rootPartition; } ] ++ dataDisks;
+in {
+    imports = [
+      ../.
+      ../2configs/tinc/retiolum.nix
+      ../2configs/disable_v6.nix
+      # ../2configs/torrent.nix
+      ../2configs/fs/sda-crypto-root.nix
+
+      #../2configs/elchos/irc-token.nix
+      ../2configs/elchos/log.nix
+      ../2configs/elchos/search.nix
+      ../2configs/elchos/stats.nix
+
+    ];
+  systemd.services.grafana.serviceConfig.LimitNOFILE=10032;
+  systemd.services.graphiteApi.serviceConfig.LimitNOFILE=10032;
+  systemd.services.carbonCache.serviceConfig.LimitNOFILE=10032;
+  makefu.server.primary-itf = "enp8s0f0";
+  krebs = {
+      enable = true;
+      build.host = config.krebs.hosts.fileleech;
+  };
+	# git clone https://github.com/makefu/docker-pyload
+	# docker build .
+  # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P docker-pyload
+
+  virtualisation.docker.enable = true; # for pyload
+  networking.firewall.allowPing = true;
+  networking.firewall.logRefusedConnections = false;
+  networking.firewall.allowedTCPPorts =  [
+    51412 # torrent
+    8112  # rutorrent-web
+    8113  # pyload
+    8080  # sabnzbd
+    9090  # sabnzbd-ssl
+    655   # tinc
+    21    # ftp
+  ];
+  services.nginx.virtualHosts._download = {
+    default = true;
+    root = "/media/cryptX";
+    extraConfig = ''
+      autoindex on;
+    '';
+    basicAuth = import <secrets/kibana-auth.nix>;
+  };
+  networking.firewall.allowedUDPPorts = [
+    655 # tinc
+    51412 # torrent
+  ];
+
+  services.vsftpd.enable = true;
+  services.vsftpd.localUsers = true;
+  services.vsftpd.userlist = [ "download" ];
+  services.vsftpd.userlistEnable = true;
+  # services.vsftpd.chrootlocalUser = true;
+
+  services.sabnzbd.enable = true;
+  systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+
+  services.openssh.extraConfig = let banner = pkgs.writeText "openssh-banner" ''
+    Services:
+      ssh://download@fileleech - ssh via filebitch.shack
+      ftp://download@fileleech - access to /media/cryptX
+      http://fileleech:8112 - rutorrent
+      http://fileleech:8113 - pyload
+      https://fileleech:9090 - sabnzb
+  ''; in "Banner ${banner}";
+
+  boot.initrd.luks = {
+    devices = let
+      usbkey = name: device: {
+        inherit name device keyFile;
+        keyFileSize = 4096;
+        allowDiscards = true;
+      };
+    in builtins.map (x: usbkey x.name x.device) disks;
+  };
+  environment.systemPackages = with pkgs;[ mergerfs ];
+
+  fileSystems = let
+    cryptMount = name:
+      { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };};
+  in  cryptMount "crypt0"
+		// cryptMount "crypt1"
+		// cryptMount "crypt2"
+		// cryptMount "crypt3"
+		// cryptMount "crypt4"
+		// cryptMount "crypt5"
+		// cryptMount "crypt6"
+		// cryptMount "crypt7"
+
+    # this entry sometimes creates issues
+    // { "/media/cryptX" = {
+          device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 3 4 5 6 ]);
+          fsType = "mergerfs";
+          noCheck = true;
+          options = [ "defaults" "nofail" "allow_other" "nonempty" ]; };
+        }
+
+    ;
+  users.users.download = {
+    useDefaultShell = true;
+    #  name = "download";
+    home = "/media/cryptX/";
+    #  createHome = true;
+    openssh.authorizedKeys.keys = [
+      config.krebs.users.makefu.pubkey
+      config.krebs.users.lass.pubkey
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7betFnMWVeBYRhJ+2f0B5WbDdbpteIVg/BlyimXbx79R7lZ7nUq5GyMLrp7B00frUuA0su8oFFN3ODPJDstgBslBIP7kWPR2zW8NOXorrbFo3J2fKvlO77k6/wD5/M11m5nS01/aVJgAgMGLg2W12G7EMf5Wq75YsQJC/S9p8kMca589djMPRuQETu7fWq0t/Gmwq+2ELLL0csRK87LvybA92JYkAIneRnGzIlCguOXq0Vcq6pGQ1J1PfVEP76Do33X29l2hZc/+vR9ExW6s2g7fs5/5LDX9Wnq7+AEsxiEf4IOeL0hCG4/CGGCN23J+6cDrNKOP94AHO1si0O2lxFsxgNU2vdVWPNgSLottiUFBPPNEZFD++sZyutzH6PIz6D90hB2Q52X6WN9ZUtlDfQ91rHd+S2BhR6f4dAqiRDXlI5MNNDdoTT4S5R0wU/UrNwjiV/xiu/hWZYGQK7YgY4grFRblr378r8FqjLvumPDFMDLVa9eJKq1ad1x/GV5tZpsttzWj4nbixaKlZOg+TN2GHboujLx3bANz1Jqfvfto8UOeKTtA8pkb8E1PJPpBMOZcA7oHaqJrp6Vuf/SkmglHnQvGbi60OK3s61nuRmIcBiTXd+4qeAJpq1QyEDj3X/+hV0Gwz8rCo6JGkF1ETW37ZYvqU9rxNXjS+/Pfktw== jules@kvasir-2015-02-13"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINUD+p2yrc9KoTbCiuYhdfLlRu/eNX6BftToSMLs8O9qWQORjgXbDn8M9iUWXCHzdUZ9sm6Rz8TMdEV0jZq/nB01zYnW4NhMrt+NGtrmGqDa+eYrRZ4G7Rx8AYzM/ZSwERKX10txAVugV44xswRxWvFbCedujjXyWsxelf1ngb+Hiy9/CPuWNYEhTZs/YuvNkupCui2BuKuoSivJAkLhGk5YqwwcllCr39YXa/tFJWsgoQNcB9hwpzfhFm6Cc7m5DhmTWSVhQHEWyaas8Lukmd4v+mRY+KZpuhbomCHWzkxqzdBun8SXiiAKlgem9rtBIgeTEfz9OtOfF3/6VfqE7 toerb@mittagspause ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0IP143FAHBHWjEEKGOnM8SSTIgNF1MJxGCMKaJvTHf momo@k2.local"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1ZJSpBb7Cxo+c2r2JJIcbYOTm/sJxOv2NFRoDfjxGS9CCwzRbzrwJcv2d23j35mu97x3+fUvo8DyMFLvLvume2PFCijqhMDzZZvjYXZdvXA+hnh53nqZf+Pjq8Xc3tSWBHQxUokaBmZbd4LlKHh8NgKVrP2zve6OPZMzo/Es93v37KEmT8d/PfVMrQEMPZzFrCVdq2RbpdQ1nhx09zRFW7OJOazgotafjx6IYXbVq2VDnjffXInsE9ZxDzYq1cNKIH0c2BLpTd3mv76iD9i+nD6W6s48+usFQnVLt2TY1uKkfMr7043E6jBxx5kNHBe5Xxr6Zs0SkR8kKOEhMO//4ucviUYKZJn8wk2SLkAyMYVBexx8jrTdlI4xgQ7RLpSIDTCm9dfbZY/YhZDJ21lsWduQqu7DFWMe05gg4NZDjf2kwYQOzATyqISGA7ttSEPT1iymr/ffAOgLBLSqWQAteUbI2U5cnflWZGwm33JF/Pyb4S3k3/f2mIBKiRx2lsGv6mx1w0SaYRtJxDWqGYMHuFiNYbq9r/bZfLqV3Fy9kRODFJTfJh8mcTnC4zabpiQ7fnqbh1qHu0WrrBSgFW0PR2WWCJ0e5Btj1yRgXp0+d5OuxxlVInRs+l2HogdxjonMhAHrTCzJtI8UJTKXKN0FBPRDRcepeExhvNqcOUz4Kvw== me@andreaskist.de"
+			"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo2z8zsI+YF3ho0hvYzzCZi05mNyjk4iFK08+nNFCdXSG07jmRROWzTcC2ysTKZ56XD2al2abLxy4FZfmDcu9b2zJoPnIiXv/Jw0TKeZ71OyN3bILtv+6Xj1FTJ+kAUMXBfEew7UCgZZ8u8RQsFmlhqB9XqCBXmzP7I2EM1wWSzwEAgG/k6C+Ir054JjAj+fLr/wBduD1GAe8bXXF3Ojiky8OMs2oJaoGV96mrVAtVN+ftfWSvHCK31Y/KgCoPDE4LdoTir1IRfx2pZUMPkyzRW/etXT0PKD96I+/3d1xNPzNNjFpd6GqADC3xnfY3WslNgjL7gqwsC9SlEyuT1Xkd lotho@mercurius"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClaVl9Fwp4wdGLeTZdfy5MpJf+hM6fpL1k6UmtYXWgVYU7tgmStdlpLlbyMQspoFRtT7/76n4kPwCmM0c82xNXaJJMuWa98pwMp+bAwSSdOGAP/vjfzL/TUAX+Xtrw6ehF7r1O+zqw/E/bWt6UezKj08wDLWjByzdDQwslJV6lrGek4mmYRdgmHHeZ1oG89ePEZJZOM6jcZqv0AfIj0NID3ir9Z0kz9uSSXb1279Qt4953mfjs5xwhtc1B7vrxJ3qtTZUsBoAkUkLeulUEIjkfn60wvDGu/66GP5ZClXyk2gck/ZNmtFYrQoqx9EtF1KK02cC17A0nfRySQy5BnfWn root@filebitch"
+    ];
+  };
+  makefu.snapraid = {
+    enable = true;
+    disks = map toMapper [ 0 1 2 3 4 5 6 ];
+    parity = toMapper 7;
+  };
+  networking.nameservers = [ "8.8.8.8" ];
+  #networking.interfaces.enp6s0f0.ip4 = [{
+  #    address = "151.217.173.20";
+  #    prefixLength = 22;
+  #}];
+  #networking.defaultGateway = "151.217.172.1";
+  networking.interfaces.enp8s0f1.ip4 = [{
+      address = "192.168.126.1";
+      prefixLength = 24;
+  }];
+  #interfaces.enp6s0f1.ip4 = [{
+  #  address = external-ip;
+  #  prefixLength = 22;
+  #}];
+
+  boot.loader.grub.device = rootDisk;
+
+  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "aacraid" "usb_storage" "usbhid" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # http://blog.hackathon.de/using-unsupported-sfp-modules-with-linux.html
+  boot.extraModprobeConfig = ''
+    options ixgbe allow_unsupported_sfp=1
+  '';
+}
-- 
cgit v1.3.1


From 7704f80890c75f65c2906ecc17cdd89761d308ad Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sat, 15 Jul 2017 19:01:02 +0200
Subject: ma: replace path to 2configs, init source.nix

---
 makefu/1systems/darth/config.nix     | 16 ++++----
 makefu/1systems/darth/source.nix     |  3 ++
 makefu/1systems/drop/config.nix      |  8 ++--
 makefu/1systems/drop/source.nix      |  3 ++
 makefu/1systems/fileleech/config.nix | 18 ++++-----
 makefu/1systems/fileleech/source.nix |  3 ++
 makefu/1systems/filepimp/config.nix  | 16 ++++----
 makefu/1systems/filepimp/source.nix  |  3 ++
 makefu/1systems/gum/config.nix       | 74 ++++++++++++++++++------------------
 makefu/1systems/gum/source.nix       |  3 ++
 makefu/1systems/iso/config.nix       |  4 +-
 makefu/1systems/iso/source.nix       |  3 ++
 makefu/1systems/omo/config.nix       | 44 ++++++++++-----------
 makefu/1systems/omo/source.nix       |  3 ++
 makefu/1systems/pnp/config.nix       |  8 ++--
 makefu/1systems/pnp/source.nix       |  3 ++
 makefu/1systems/repunit/config.nix   |  6 +--
 makefu/1systems/repunit/source.nix   |  3 ++
 makefu/1systems/sdev/config.nix      |  6 +--
 makefu/1systems/sdev/source.nix      |  3 ++
 makefu/1systems/shoney/config.nix    | 12 +++---
 makefu/1systems/shoney/source.nix    |  3 ++
 makefu/1systems/studio/config.nix    | 16 ++++----
 makefu/1systems/studio/source.nix    |  3 ++
 makefu/1systems/tsp/config.nix       | 18 ++++-----
 makefu/1systems/tsp/source.nix       |  3 ++
 makefu/1systems/vbob/config.nix      | 22 +++++------
 makefu/1systems/vbob/source.nix      |  3 ++
 makefu/1systems/wbob/config.nix      | 32 ++++++++--------
 makefu/1systems/wbob/source.nix      |  3 ++
 makefu/1systems/wry/config.nix       | 24 ++++++------
 makefu/1systems/wry/source.nix       |  3 ++
 makefu/1systems/x/config.nix         | 70 +++++++++++++++++-----------------
 makefu/1systems/x/source.nix         |  4 ++
 makefu/source.nix                    | 41 ++++++++++++--------
 35 files changed, 274 insertions(+), 213 deletions(-)
 create mode 100644 makefu/1systems/darth/source.nix
 create mode 100644 makefu/1systems/drop/source.nix
 create mode 100644 makefu/1systems/fileleech/source.nix
 create mode 100644 makefu/1systems/filepimp/source.nix
 create mode 100644 makefu/1systems/gum/source.nix
 create mode 100644 makefu/1systems/iso/source.nix
 create mode 100644 makefu/1systems/omo/source.nix
 create mode 100644 makefu/1systems/pnp/source.nix
 create mode 100644 makefu/1systems/repunit/source.nix
 create mode 100644 makefu/1systems/sdev/source.nix
 create mode 100644 makefu/1systems/shoney/source.nix
 create mode 100644 makefu/1systems/studio/source.nix
 create mode 100644 makefu/1systems/tsp/source.nix
 create mode 100644 makefu/1systems/vbob/source.nix
 create mode 100644 makefu/1systems/wbob/source.nix
 create mode 100644 makefu/1systems/wry/source.nix
 create mode 100644 makefu/1systems/x/source.nix

(limited to 'makefu/1systems/fileleech')

diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix
index b39021176..c8d17ca70 100644
--- a/makefu/1systems/darth/config.nix
+++ b/makefu/1systems/darth/config.nix
@@ -10,15 +10,15 @@ let
   allDisks = [ rootDisk ]; # auxDisk
 in {
   imports = [
-      ../.
-      ../2configs/fs/single-partition-ext4.nix
-      ../2configs/zsh-user.nix
-      ../2configs/smart-monitor.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/virtualization.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/virtualization.nix>
 
-      ../2configs/tinc/retiolum.nix
-      ../2configs/temp-share-samba.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/temp-share-samba.nix>
   ];
   services.samba.shares = {
       isos = {
diff --git a/makefu/1systems/darth/source.nix b/makefu/1systems/darth/source.nix
new file mode 100644
index 000000000..b13b6c603
--- /dev/null
+++ b/makefu/1systems/darth/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="darth";
+}
diff --git a/makefu/1systems/drop/config.nix b/makefu/1systems/drop/config.nix
index 4a94c3f61..b7e0d0395 100644
--- a/makefu/1systems/drop/config.nix
+++ b/makefu/1systems/drop/config.nix
@@ -5,10 +5,10 @@ let
   prefixLength = 18;
 in {
   imports = [
-      ../.
-      ../2configs/hw/CAC.nix
-      ../2configs/save-diskspace.nix
-      ../2configs/torrent.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/hw/CAC.nix>
+      <stockholm/makefu/2configs/save-diskspace.nix>
+      <stockholm/makefu/2configs/torrent.nix>
   ];
   krebs = {
     enable = true;
diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix
new file mode 100644
index 000000000..74de846c0
--- /dev/null
+++ b/makefu/1systems/drop/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="drop";
+}
diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix
index 3aa5a54f8..b5ec370a5 100644
--- a/makefu/1systems/fileleech/config.nix
+++ b/makefu/1systems/fileleech/config.nix
@@ -22,16 +22,16 @@ let
   disks = [ { name = "luksroot"; device = rootPartition; } ] ++ dataDisks;
 in {
     imports = [
-      ../.
-      ../2configs/tinc/retiolum.nix
-      ../2configs/disable_v6.nix
-      # ../2configs/torrent.nix
-      ../2configs/fs/sda-crypto-root.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/disable_v6.nix>
+      # <stockholm/makefu/2configs/torrent.nix>
+      <stockholm/makefu/2configs/fs/sda-crypto-root.nix>
 
-      #../2configs/elchos/irc-token.nix
-      ../2configs/elchos/log.nix
-      ../2configs/elchos/search.nix
-      ../2configs/elchos/stats.nix
+      #<stockholm/makefu/2configs/elchos/irc-token.nix>
+      <stockholm/makefu/2configs/elchos/log.nix>
+      <stockholm/makefu/2configs/elchos/search.nix>
+      <stockholm/makefu/2configs/elchos/stats.nix>
 
     ];
   systemd.services.grafana.serviceConfig.LimitNOFILE=10032;
diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix
new file mode 100644
index 000000000..699267e21
--- /dev/null
+++ b/makefu/1systems/fileleech/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="fileleech";
+}
diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix
index e143d0046..65e81af66 100644
--- a/makefu/1systems/filepimp/config.nix
+++ b/makefu/1systems/filepimp/config.nix
@@ -20,11 +20,11 @@ let
 in {
   imports =
     [ # Include the results of the hardware scan.
-      ../.
-      ../2configs/fs/single-partition-ext4.nix
-      ../2configs/smart-monitor.nix
-      ../2configs/tinc/retiolum.nix
-      ../2configs/filepimp-share.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+      <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/filepimp-share.nix>
     ];
 
   krebs.build.host = config.krebs.hosts.filepimp;
@@ -73,9 +73,9 @@ in {
     xfsmount = name: dev:
       { "/media/${name}" = { device = dev; fsType = "xfs"; }; };
   in
-  # (xfsmount "j0" (part1 jDisk0))   //
-    (xfsmount "j1" (part1 jDisk1))   //
-    (xfsmount "j2" (part1 jDisk2))   //
+  # (xfsmount "j0" (part1 jDisk0)) <stockholm/makefu>
+    (xfsmount "j1" (part1 jDisk1)) <stockholm/makefu>
+    (xfsmount "j2" (part1 jDisk2)) <stockholm/makefu>
     (xfsmount "par0" (part1 jDisk3))
     ;
 
diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix
new file mode 100644
index 000000000..88c9f4f08
--- /dev/null
+++ b/makefu/1systems/filepimp/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="filepimp";
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 51761d3fd..aaddd8a68 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -13,47 +13,47 @@ let
   main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
 in {
   imports = [
-      ../.
+      <stockholm/makefu>
        <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../2configs/headless.nix
-      ../2configs/fs/single-partition-ext4.nix
-      # ../2configs/smart-monitor.nix
-      ../2configs/git/cgit-retiolum.nix
-      ../2configs/backup.nix
-      # ../2configs/mattermost-docker.nix
-      # ../2configs/disable_v6.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/tinc/retiolum.nix
-      ../2configs/urlwatch
+      <stockholm/makefu/2configs/headless.nix>
+      <stockholm/makefu/2configs/fs/single-partition-ext4.nix>
+      # <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/git/cgit-retiolum.nix>
+      <stockholm/makefu/2configs/backup.nix>
+      # <stockholm/makefu/2configs/mattermost-docker.nix>
+      # <stockholm/makefu/2configs/disable_v6.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/urlwatch>
 
       # Security
-      ../2configs/sshd-totp.nix
+      <stockholm/makefu/2configs/sshd-totp.nix>
 
       # Tools
-      ../2configs/tools/core.nix
-      ../2configs/tools/dev.nix
-      ../2configs/tools/sec.nix
+      <stockholm/makefu/2configs/tools/core.nix>
+      <stockholm/makefu/2configs/tools/dev.nix>
+      <stockholm/makefu/2configs/tools/sec.nix>
 
       # services
-      ../2configs/share/gum.nix
-      ../2configs/sabnzbd.nix
-      ../2configs/torrent.nix
-      ../2configs/iodined.nix
+      <stockholm/makefu/2configs/share/gum.nix>
+      <stockholm/makefu/2configs/sabnzbd.nix>
+      <stockholm/makefu/2configs/torrent.nix>
+      <stockholm/makefu/2configs/iodined.nix>
 
       ## Web
-      ../2configs/nginx/share-download.nix
-      ../2configs/nginx/euer.test.nix
-      ../2configs/nginx/euer.wiki.nix
-      ../2configs/nginx/euer.blog.nix
-      ../2configs/nginx/public_html.nix
-      ../2configs/nginx/update.connector.one.nix
-
-      ../2configs/deployment/mycube.connector.one.nix
-      ../2configs/deployment/graphs.nix
-      ../2configs/deployment/owncloud.nix
-      ../2configs/deployment/wiki-irc-bot
-      ../2configs/deployment/boot-euer.nix
-      ../2configs/deployment/hound
+      <stockholm/makefu/2configs/nginx/share-download.nix>
+      <stockholm/makefu/2configs/nginx/euer.test.nix>
+      <stockholm/makefu/2configs/nginx/euer.wiki.nix>
+      <stockholm/makefu/2configs/nginx/euer.blog.nix>
+      <stockholm/makefu/2configs/nginx/public_html.nix>
+      <stockholm/makefu/2configs/nginx/update.connector.one.nix>
+
+      <stockholm/makefu/2configs/deployment/mycube.connector.one.nix>
+      <stockholm/makefu/2configs/deployment/graphs.nix>
+      <stockholm/makefu/2configs/deployment/owncloud.nix>
+      <stockholm/makefu/2configs/deployment/wiki-irc-bot>
+      <stockholm/makefu/2configs/deployment/boot-euer.nix>
+      <stockholm/makefu/2configs/deployment/hound>
       {
         services.taskserver.enable = true;
         services.taskserver.fqdn = config.krebs.build.host.name;
@@ -64,12 +64,12 @@ in {
           ip6tables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT
         '';
       }
-      # ../2configs/ipfs.nix
-      ../2configs/syncthing.nix
+      # <stockholm/makefu/2configs/ipfs.nix>
+      <stockholm/makefu/2configs/syncthing.nix>
 
-      # ../2configs/opentracker.nix
-      ../2configs/stats/client.nix
-      # ../2configs/logging/client.nix
+      # <stockholm/makefu/2configs/opentracker.nix>
+      <stockholm/makefu/2configs/stats/client.nix>
+      # <stockholm/makefu/2configs/logging/client.nix>
 
   ];
   makefu.dl-dir = "/var/download";
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
new file mode 100644
index 000000000..82d42b496
--- /dev/null
+++ b/makefu/1systems/gum/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="gum";
+}
diff --git a/makefu/1systems/iso/config.nix b/makefu/1systems/iso/config.nix
index c679241e5..f863321bd 100644
--- a/makefu/1systems/iso/config.nix
+++ b/makefu/1systems/iso/config.nix
@@ -3,10 +3,10 @@
 with import <stockholm/lib>;
 {
   imports = [
-    ../.
+    <stockholm/makefu>
     <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
     <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
-    ../2configs/tools/core.nix
+    <stockholm/makefu/2configs/tools/core.nix>
   ];
   # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
   # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
diff --git a/makefu/1systems/iso/source.nix b/makefu/1systems/iso/source.nix
new file mode 100644
index 000000000..e200dbfd2
--- /dev/null
+++ b/makefu/1systems/iso/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="iso";
+}
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 0f1b8e0da..732f1d860 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -39,35 +39,35 @@ let
 in {
   imports =
     [
-      ../.
+      <stockholm/makefu>
       # TODO: unlock home partition via ssh
-      ../2configs/fs/sda-crypto-root.nix
-      ../2configs/zsh-user.nix
-      ../2configs/backup.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/smart-monitor.nix
-      ../2configs/mail-client.nix
-      # ../2configs/disable_v6.nix
-      #../2configs/graphite-standalone.nix
-      #../2configs/share-user-sftp.nix
-      ../2configs/share/omo.nix
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/fs/sda-crypto-root.nix>
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/backup.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/smart-monitor.nix>
+      <stockholm/makefu/2configs/mail-client.nix>
+      # <stockholm/makefu/2configs/disable_v6.nix>
+      #<stockholm/makefu/2configs/graphite-standalone.nix>
+      #<stockholm/makefu/2configs/share-user-sftp.nix>
+      <stockholm/makefu/2configs/share/omo.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
       # Logging
-      ../2configs/stats/server.nix #influx + grafana
-      ../2configs/stats/client.nix
-      ../2configs/stats/external/aralast.nix # logs to influx
+      <stockholm/makefu/2configs/stats/server.nix #influx + grafana>
+      <stockholm/makefu/2configs/stats/client.nix>
+      <stockholm/makefu/2configs/stats/external/aralast.nix # logs to influx>
 
       # services
-      ../2configs/syncthing.nix
-      ../2configs/mqtt.nix
-      # ../2configs/logging/central-logging-client.nix
+      <stockholm/makefu/2configs/syncthing.nix>
+      <stockholm/makefu/2configs/mqtt.nix>
+      # <stockholm/makefu/2configs/logging/central-logging-client.nix>
 
-      # ../2configs/torrent.nix
+      # <stockholm/makefu/2configs/torrent.nix>
 
-      # ../2configs/elchos/search.nix
-      # ../2configs/elchos/log.nix
-      # ../2configs/elchos/irc-token.nix
+      # <stockholm/makefu/2configs/elchos/search.nix>
+      # <stockholm/makefu/2configs/elchos/log.nix>
+      # <stockholm/makefu/2configs/elchos/irc-token.nix>
 
       ## as long as pyload is not in nixpkgs:
       # docker run -d -v /var/lib/pyload:/opt/pyload/pyload-config -v /media/crypt0/pyload:/opt/pyload/Downloads --name pyload --restart=always -p 8112:8000 -P writl/pyload
diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix
new file mode 100644
index 000000000..94fd9cbe6
--- /dev/null
+++ b/makefu/1systems/omo/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="omo";
+}
diff --git a/makefu/1systems/pnp/config.nix b/makefu/1systems/pnp/config.nix
index 971676b79..cc6326f19 100644
--- a/makefu/1systems/pnp/config.nix
+++ b/makefu/1systems/pnp/config.nix
@@ -6,16 +6,16 @@
 {
   imports =
     [
-      ../.
-      ../2configs/headless.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/headless.nix>
       ../../krebs/3modules/Reaktor.nix
 
       # these will be overwritten by qemu-vm.nix but will be used if the system
       # is directly deployed
       <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../2configs/fs/vm-single-partition.nix
+      <stockholm/makefu/2configs/fs/vm-single-partition.nix>
 
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
       # config.system.build.vm
       (toString <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>)
diff --git a/makefu/1systems/pnp/source.nix b/makefu/1systems/pnp/source.nix
new file mode 100644
index 000000000..0b630aa3b
--- /dev/null
+++ b/makefu/1systems/pnp/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="pnp";
+}
diff --git a/makefu/1systems/repunit/config.nix b/makefu/1systems/repunit/config.nix
index 7102b8f81..996abff08 100644
--- a/makefu/1systems/repunit/config.nix
+++ b/makefu/1systems/repunit/config.nix
@@ -7,10 +7,10 @@
 {
   imports =
     [ # Include the results of the hardware scan.
-      ../.
+      <stockholm/makefu>
       <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../2configs/git/cgit-retiolum.nix
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/git/cgit-retiolum.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
     ];
   krebs.build.host = config.krebs.hosts.repunit;
 
diff --git a/makefu/1systems/repunit/source.nix b/makefu/1systems/repunit/source.nix
new file mode 100644
index 000000000..ff361fb55
--- /dev/null
+++ b/makefu/1systems/repunit/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="repunit";
+}
diff --git a/makefu/1systems/sdev/config.nix b/makefu/1systems/sdev/config.nix
index 233f7cefa..f3853a788 100644
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@@ -4,14 +4,14 @@
   makefu.awesome.modkey = "Mod1";
   imports =
     [ # Include the results of the hardware scan.
-      ../.
+      <stockholm/makefu>
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
-      ../2configs/main-laptop.nix #< base-gui
+      <stockholm/makefu/2configs/main-laptop.nix #< base-gui>
       # <secrets/extra-hosts.nix>
 
       # environment
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
     ];
   # workaround for https://github.com/NixOS/nixpkgs/issues/16641
diff --git a/makefu/1systems/sdev/source.nix b/makefu/1systems/sdev/source.nix
new file mode 100644
index 000000000..833d9bf73
--- /dev/null
+++ b/makefu/1systems/sdev/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="sdev";
+}
diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix
index 9f04e97eb..6cec260d2 100644
--- a/makefu/1systems/shoney/config.nix
+++ b/makefu/1systems/shoney/config.nix
@@ -9,12 +9,12 @@ let
   gw = "64.137.234.1";
 in {
   imports = [
-    ../.
-    ../2configs/save-diskspace.nix
-    ../2configs/hw/CAC.nix
-    ../2configs/fs/CAC-CentOS-7-64bit.nix
-    ../2configs/tinc/retiolum.nix
-    ../2configs/torrent.nix
+    <stockholm/makefu>
+    <stockholm/makefu/2configs/save-diskspace.nix>
+    <stockholm/makefu/2configs/hw/CAC.nix>
+    <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
+    <stockholm/makefu/2configs/tinc/retiolum.nix>
+    <stockholm/makefu/2configs/torrent.nix>
   ];
 
 
diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix
new file mode 100644
index 000000000..382474f5e
--- /dev/null
+++ b/makefu/1systems/shoney/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="shoney";
+}
diff --git a/makefu/1systems/studio/config.nix b/makefu/1systems/studio/config.nix
index f7d49cac6..b9a1a5d6a 100644
--- a/makefu/1systems/studio/config.nix
+++ b/makefu/1systems/studio/config.nix
@@ -1,14 +1,14 @@
 { config, pkgs, ... }:
 {
   imports = [
-    ../.
-    ../2configs/vncserver.nix
-    ../2configs/vim.nix
-    ../2configs/disable_v6.nix
-    ../2configs/audio/jack-on-pulse.nix
-    ../2configs/audio/realtime-audio.nix
-    ../2configs/gui/studio.nix
-    ../2configs/binary-cache/lass.nix
+    <stockholm/makefu>
+    <stockholm/makefu/2configs/vncserver.nix>
+    <stockholm/makefu/2configs/vim.nix>
+    <stockholm/makefu/2configs/disable_v6.nix>
+    <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
+    <stockholm/makefu/2configs/audio/realtime-audio.nix>
+    <stockholm/makefu/2configs/gui/studio.nix>
+    <stockholm/makefu/2configs/binary-cache/lass.nix>
 
   ];
   makefu.gui.user = "user"; # we use an extra user
diff --git a/makefu/1systems/studio/source.nix b/makefu/1systems/studio/source.nix
new file mode 100644
index 000000000..f5a7e19c4
--- /dev/null
+++ b/makefu/1systems/studio/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="studio";
+}
diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix
index 25fc2b49b..7169638d4 100644
--- a/makefu/1systems/tsp/config.nix
+++ b/makefu/1systems/tsp/config.nix
@@ -6,18 +6,18 @@
 {
   imports =
     [ # Include the results of the hardware scan.
-      ../.
-      ../2configs/gui/base.nix
-      ../2configs/fs/sda-crypto-root.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/gui/base.nix>
+      <stockholm/makefu/2configs/fs/sda-crypto-root.nix>
       # hardware specifics are in here
-      ../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix
+      <stockholm/makefu/2configs/hw/tp-x200.nix #< imports tp-x2x0.nix>
 
-      ../2configs/disable_v6.nix
-      ../2configs/rad1o.nix
+      <stockholm/makefu/2configs/disable_v6.nix>
+      <stockholm/makefu/2configs/rad1o.nix>
 
-      ../2configs/zsh-user.nix
-      ../2configs/exim-retiolum.nix
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
     ];
   # not working in vm
   krebs.build.host = config.krebs.hosts.tsp;
diff --git a/makefu/1systems/tsp/source.nix b/makefu/1systems/tsp/source.nix
new file mode 100644
index 000000000..79f6a435d
--- /dev/null
+++ b/makefu/1systems/tsp/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="tsp";
+}
diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix
index d8e275bf6..933fcf047 100644
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@@ -4,24 +4,24 @@
   makefu.awesome.modkey = "Mod1";
   imports =
     [ # Include the results of the hardware scan.
-      ../.
+      <stockholm/makefu>
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
       (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
-      ../2configs/main-laptop.nix #< base-gui
-      ../2configs/sshd-totp.nix
+      <stockholm/makefu/2configs/main-laptop.nix #< base-gui>
+      <stockholm/makefu/2configs/sshd-totp.nix>
 
       # Tools
-      ../2configs/tools/core.nix
-      ../2configs/tools/core-gui.nix
-      ../2configs/tools/dev.nix
-      ../2configs/tools/extra-gui.nix
-      ../2configs/tools/sec.nix
+      <stockholm/makefu/2configs/tools/core.nix>
+      <stockholm/makefu/2configs/tools/core-gui.nix>
+      <stockholm/makefu/2configs/tools/dev.nix>
+      <stockholm/makefu/2configs/tools/extra-gui.nix>
+      <stockholm/makefu/2configs/tools/sec.nix>
 
       # environment
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
-      ../2configs/audio/jack-on-pulse.nix
-      ../2configs/audio/realtime-audio.nix
+      <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
+      <stockholm/makefu/2configs/audio/realtime-audio.nix>
 
     ];
   networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix
new file mode 100644
index 000000000..96c3f368c
--- /dev/null
+++ b/makefu/1systems/vbob/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="vbob";
+}
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index 5d0dd4a79..c530aaad3 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -7,23 +7,23 @@ in {
 
   imports =
     [ # Include the results of the hardware scan.
-      ../.
-      ../2configs/zsh-user.nix
-      ../2configs/tools/core.nix
-      ../2configs/tools/core-gui.nix
-      ../2configs/tools/extra-gui.nix
-      ../2configs/tools/media.nix
-      ../2configs/virtualization.nix
-      ../2configs/tinc/retiolum.nix
-      ../2configs/mqtt.nix
-      ../2configs/deployment/led-fader.nix
-      # ../2configs/gui/wbob-kiosk.nix
-      ../2configs/stats/client.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/zsh-user.nix>
+      <stockholm/makefu/2configs/tools/core.nix>
+      <stockholm/makefu/2configs/tools/core-gui.nix>
+      <stockholm/makefu/2configs/tools/extra-gui.nix>
+      <stockholm/makefu/2configs/tools/media.nix>
+      <stockholm/makefu/2configs/virtualization.nix>
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      <stockholm/makefu/2configs/mqtt.nix>
+      <stockholm/makefu/2configs/deployment/led-fader.nix>
+      # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
+      <stockholm/makefu/2configs/stats/client.nix>
 
-      ../2configs/gui/studio.nix
-      ../2configs/audio/jack-on-pulse.nix
-      ../2configs/audio/realtime-audio.nix
-      ../2configs/vncserver.nix
+      <stockholm/makefu/2configs/gui/studio.nix>
+      <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
+      <stockholm/makefu/2configs/audio/realtime-audio.nix>
+      <stockholm/makefu/2configs/vncserver.nix>
     ];
 
   krebs = {
diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix
new file mode 100644
index 000000000..419ebbe3b
--- /dev/null
+++ b/makefu/1systems/wbob/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="wbob";
+}
diff --git a/makefu/1systems/wry/config.nix b/makefu/1systems/wry/config.nix
index f5097bf40..2db1a9a95 100644
--- a/makefu/1systems/wry/config.nix
+++ b/makefu/1systems/wry/config.nix
@@ -7,26 +7,26 @@ let
   internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
 in {
   imports = [
-      ../.
+      <stockholm/makefu>
       # TODO: copy this config or move to krebs
-      ../2configs/hw/CAC.nix
-      ../2configs/fs/CAC-CentOS-7-64bit.nix
-      ../2configs/save-diskspace.nix
+      <stockholm/makefu/2configs/hw/CAC.nix>
+      <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
+      <stockholm/makefu/2configs/save-diskspace.nix>
 
-      # ../2configs/bepasty-dual.nix
+      # <stockholm/makefu/2configs/bepasty-dual.nix>
 
-      ../2configs/iodined.nix
-      ../2configs/backup.nix
+      <stockholm/makefu/2configs/iodined.nix>
+      <stockholm/makefu/2configs/backup.nix>
 
       # other nginx
-      # ../2configs/nginx/euer.test.nix
+      # <stockholm/makefu/2configs/nginx/euer.test.nix>
 
       # collectd
-      ../2configs/stats/client.nix
-      ../2configs/logging/client.nix
+      <stockholm/makefu/2configs/stats/client.nix>
+      <stockholm/makefu/2configs/logging/client.nix>
 
-      ../2configs/tinc/retiolum.nix
-      # ../2configs/torrent.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
+      # <stockholm/makefu/2configs/torrent.nix>
   ];
 
   krebs.build.host = config.krebs.hosts.wry;
diff --git a/makefu/1systems/wry/source.nix b/makefu/1systems/wry/source.nix
new file mode 100644
index 000000000..fac3877ee
--- /dev/null
+++ b/makefu/1systems/wry/source.nix
@@ -0,0 +1,3 @@
+import <stockholm/makefu/source.nix> {
+  name="wry";
+}
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 235862e85..b84394cd2 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -7,61 +7,61 @@ with import <stockholm/lib>;
 {
   imports =
     [ # base
-      ../.
-      ../2configs/main-laptop.nix
-      ../2configs/extra-fonts.nix
-      ../2configs/tools/all.nix
-      ../2configs/laptop-backup.nix
-      ../2configs/dnscrypt.nix
-      ../2configs/avahi.nix
+      <stockholm/makefu>
+      <stockholm/makefu/2configs/main-laptop.nix>
+      <stockholm/makefu/2configs/extra-fonts.nix>
+      <stockholm/makefu/2configs/tools/all.nix>
+      <stockholm/makefu/2configs/laptop-backup.nix>
+      <stockholm/makefu/2configs/dnscrypt.nix>
+      <stockholm/makefu/2configs/avahi.nix>
 
       # Debugging
-      # ../2configs/disable_v6.nix
+      # <stockholm/makefu/2configs/disable_v6.nix>
 
       # Testing
-      # ../2configs/lanparty/lancache.nix
-      # ../2configs/lanparty/lancache-dns.nix
-      # ../2configs/deployment/dirctator.nix
-      # ../2configs/vncserver.nix
-      # ../2configs/deployment/led-fader
-      # ../2configs/deployment/hound
+      # <stockholm/makefu/2configs/lanparty/lancache.nix>
+      # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
+      # <stockholm/makefu/2configs/deployment/dirctator.nix>
+      # <stockholm/makefu/2configs/vncserver.nix>
+      # <stockholm/makefu/2configs/deployment/led-fader>
+      # <stockholm/makefu/2configs/deployment/hound>
 
       # development
-      ../2configs/sources
+      <stockholm/makefu/2configs/sources>
 
       # Krebs
-      ../2configs/tinc/retiolum.nix
+      <stockholm/makefu/2configs/tinc/retiolum.nix>
 
       # applications
-      ../2configs/exim-retiolum.nix
-      ../2configs/mail-client.nix
-      ../2configs/printer.nix
-      ../2configs/task-client.nix
+      <stockholm/makefu/2configs/exim-retiolum.nix>
+      <stockholm/makefu/2configs/mail-client.nix>
+      <stockholm/makefu/2configs/printer.nix>
+      <stockholm/makefu/2configs/task-client.nix>
 
       # Virtualization
-      ../2configs/virtualization.nix
-      ../2configs/docker.nix
-      ../2configs/virtualization-virtualbox.nix
+      <stockholm/makefu/2configs/virtualization.nix>
+      <stockholm/makefu/2configs/docker.nix>
+      <stockholm/makefu/2configs/virtualization-virtualbox.nix>
 
       # Services
-      ../2configs/git/brain-retiolum.nix
-      ../2configs/tor.nix
-      ../2configs/steam.nix
-      # ../2configs/buildbot-standalone.nix
+      <stockholm/makefu/2configs/git/brain-retiolum.nix>
+      <stockholm/makefu/2configs/tor.nix>
+      <stockholm/makefu/2configs/steam.nix>
+      # <stockholm/makefu/2configs/buildbot-standalone.nix>
 
       # Hardware
-      ../2configs/hw/tp-x230.nix
-      ../2configs/hw/rtl8812au.nix
-      ../2configs/hw/exfat-nofuse.nix
-      ../2configs/hw/wwan.nix
-      # ../2configs/hw/stk1160.nix
-      # ../2configs/rad1o.nix
+      <stockholm/makefu/2configs/hw/tp-x230.nix>
+      <stockholm/makefu/2configs/hw/rtl8812au.nix>
+      <stockholm/makefu/2configs/hw/exfat-nofuse.nix>
+      <stockholm/makefu/2configs/hw/wwan.nix>
+      # <stockholm/makefu/2configs/hw/stk1160.nix>
+      # <stockholm/makefu/2configs/rad1o.nix>
 
       # Filesystem
-      ../2configs/fs/sda-crypto-root-home.nix
+      <stockholm/makefu/2configs/fs/sda-crypto-root-home.nix>
 
       # Security
-      ../2configs/sshd-totp.nix
+      <stockholm/makefu/2configs/sshd-totp.nix>
 
     ];
 
diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix
new file mode 100644
index 000000000..54ec3c8a9
--- /dev/null
+++ b/makefu/1systems/x/source.nix
@@ -0,0 +1,4 @@
+import <stockholm/makefu/source.nix> {
+  name="x";
+  full = true;
+}
diff --git a/makefu/source.nix b/makefu/source.nix
index 18733ee5c..a24af4dfb 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -1,29 +1,38 @@
 with import <stockholm/lib>;
-host@{ name, secure ? false, override ? {} }: let
+host@{ name, secure ? false, override ? {}, full ? false }: let
   builder = if getEnv "dummy_secrets" == "true"
               then "buildbot"
-              else "tv";
-  _file = <stockholm> + "/tv/1systems/${name}/source.nix";
+              else "makefu";
+  _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
+  ref = "06734d1"; # unstable @ 2017-07-03 + graceful requests2 (a772c3aa)
+
 in
   evalSource (toString _file) [
     {
-      nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix";
-      nixpkgs.git = {
-        # nixos-17.03
-        ref = mkDefault "94941cb0455bfc50b1bf63186cfad7136d629f78";
-        url = https://github.com/NixOS/nixpkgs;
-      };
+      nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
+      # always perform a full populate when buildbot
+      nixpkgs = if full || (builder == "buildbot" ) then {
+          git = {
+            url = https://github.com/makefu/nixpkgs;
+            inherit ref;
+          };
+        } else {
+          # TODO use http, once it is implemented
+          # right now it is simply extracted revision folder
+
+          ## prepare so we do not have to wait for rsync:
+          ## cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/125ffff  -L | tar zx  && mv NixOS-nixpkgs-125ffff nixpkgs
+          file = "/home/makefu/store/${ref}";
+        };
+
       secrets.file = getAttr builder {
-        buildbot = toString <stockholm/tv/dummy_secrets>;
-        tv = "/home/tv/secrets/${name}";
+        buildbot = toString <stockholm/makefu/6tests/data/secrets>;
+        makefu = "/home/makefu/secrets/${name}";
       };
       stockholm.file = toString <stockholm>;
     }
-    (mkIf (builder == "tv") {
-      secrets-common.file = "/home/tv/secrets/common";
-    })
-    (mkIf (builder == "tv" && secure) {
-      secrets-master.file = "/home/tv/secrets/master";
+    (mkIf (builder == "makefu") {
+      secrets-common.file = "/home/makefu/secrets/common";
     })
     override
   ]
-- 
cgit v1.3.1