From eba696c5d2d8e25f1cd4a00007c3c1521fcc6e6f Mon Sep 17 00:00:00 2001
From: miefda <miefda@miefda.de>
Date: Wed, 30 Dec 2015 18:15:11 +0100
Subject: miefda: init with bobby

---
 miefda/1systems/bobby.nix                  | 102 +++++++++++++++++++++++++++++
 miefda/2configs/git.nix                    |  87 ++++++++++++++++++++++++
 miefda/2configs/hardware-configuration.nix |  23 +++++++
 miefda/2configs/miefda.nix                 |   8 +++
 miefda/2configs/tinc-basic-retiolum.nix    |  15 +++++
 miefda/2configs/tlp.nix                    |  25 +++++++
 miefda/2configs/x220t.nix                  |  27 ++++++++
 miefda/5pkgs/default.nix                   |   1 +
 8 files changed, 288 insertions(+)
 create mode 100644 miefda/1systems/bobby.nix
 create mode 100644 miefda/2configs/git.nix
 create mode 100644 miefda/2configs/hardware-configuration.nix
 create mode 100644 miefda/2configs/miefda.nix
 create mode 100644 miefda/2configs/tinc-basic-retiolum.nix
 create mode 100644 miefda/2configs/tlp.nix
 create mode 100644 miefda/2configs/x220t.nix
 create mode 100644 miefda/5pkgs/default.nix

(limited to 'miefda')

diff --git a/miefda/1systems/bobby.nix b/miefda/1systems/bobby.nix
new file mode 100644
index 000000000..d24595256
--- /dev/null
+++ b/miefda/1systems/bobby.nix
@@ -0,0 +1,102 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+
+      ../2configs/miefda.nix
+      ../2configs/tlp.nix
+      ../2configs/x220t.nix
+      ../2configs/hardware-configuration.nix
+      ../2configs/tinc-basic-retiolum.nix
+      ../2configs/git.nix
+    ];
+
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  # Define on which hard drive you want to install Grub.
+  boot.loader.grub.device = "/dev/sda";
+
+  networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Select internationalisation properties.
+   i18n = {
+  #   consoleFont = "Lat2-Terminus16";
+     consoleKeyMap = "us";
+  #   defaultLocale = "en_US.UTF-8";
+   };
+
+  # Set your time zone.
+  time.timeZone = "Europe/Amsterdam";
+
+  # List packages installed in system profile. To search by name, run:
+  # $ nix-env -qaP | grep wget
+ environment.systemPackages = with pkgs; [
+     wget chromium 
+   ];
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  services.xserver.layout = "us";
+  # services.xserver.xkbOptions = "eurosign:e";
+
+  # Enable the KDE Desktop Environment.
+  #services.xserver.displayManager.kdm.enable = true;
+   services.xserver.desktopManager = {
+       xfce.enable = true;
+       xterm.enable= false;
+   }; 
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+   users.extraUsers.miefda = {
+     isNormalUser = true;
+     initialPassword= "welcome";
+     uid = 1000;
+     extraGroups= [
+        "wheel" 
+     ];
+   };
+
+  # The NixOS release to be compatible with for stateful data such as databases.
+  system.stateVersion = "15.09";
+
+  
+  networking.hostName = config.krebs.build.host.name;
+
+  krebs = {
+    enable = true;
+    search-domain = "retiolum";
+    build = {
+      host = config.krebs.hosts.bobby;
+      user = config.krebs.users.miefda;
+      source = {
+        git.nixpkgs = {
+          url = https://github.com/Lassulus/nixpkgs;
+          rev = "363c8430f1efad8b03d5feae6b3a4f2fe7b29251";
+          target-path = "/var/src/nixpkgs";
+        };
+        dir.secrets = {
+          host = config.krebs.hosts.bobby;
+          path = "/home/miefda/secrets/${config.krebs.build.host.name}";
+        };
+        dir.stockholm = {
+          host = config.krebs.hosts.bobby;
+          path = "/home/miefda/gits/stockholm";
+        };
+      };
+    };
+  };
+}
diff --git a/miefda/2configs/git.nix b/miefda/2configs/git.nix
new file mode 100644
index 000000000..84bb50399
--- /dev/null
+++ b/miefda/2configs/git.nix
@@ -0,0 +1,87 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+  out = {
+    krebs.git = {
+      enable = true;
+      root-title = "public repositories at ${config.krebs.build.host.name}";
+      root-desc = "keep calm and engage";
+      repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
+      rules = rules;
+    };
+
+    krebs.iptables.tables.filter.INPUT.rules = [
+      { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
+    ];
+  };
+
+  repos =
+    public-repos //
+    optionalAttrs config.krebs.build.host.secure restricted-repos;
+
+  rules = concatMap make-rules (attrValues repos);
+
+  public-repos = mapAttrs make-public-repo {
+    painload = {};
+    stockholm = {
+      desc = "take all the computers hostage, they'll love you!";
+    };
+    #wai-middleware-time = {};
+    #web-routes-wai-custom = {};
+    #go = {};
+    #newsbot-js = {};
+    #kimsufi-check = {};
+    #realwallpaper = {};
+  };
+
+  restricted-repos = mapAttrs make-restricted-repo (
+    {
+      brain = {
+        collaborators = with config.krebs.users; [ tv makefu ];
+      };
+    } //
+    import <secrets/repos.nix> { inherit config lib pkgs; }
+  );
+
+  make-public-repo = name: { desc ? null, ... }: {
+    inherit name desc;
+    public = true;
+    hooks = {
+      post-receive = pkgs.git-hooks.irc-announce {
+        # TODO make nick = config.krebs.build.host.name the default
+        nick = config.krebs.build.host.name;
+        channel = "#retiolum";
+        server = "cd.retiolum";
+        verbose = config.krebs.build.host.name == "prism";
+      };
+    };
+  };
+
+  make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: {
+    inherit name collaborators desc;
+    public = false;
+  };
+
+  make-rules =
+    with git // config.krebs.users;
+    repo:
+      singleton {
+        user = miefda;
+        repo = [ repo ];
+        perm = push "refs/*" [ non-fast-forward create delete merge ];
+      } ++
+      optional repo.public {
+        user = [ lass tv makefu uriel ];
+        repo = [ repo ];
+        perm = fetch;
+      } ++
+      optional (length (repo.collaborators or []) > 0) {
+        user = repo.collaborators;
+        repo = [ repo ];
+        perm = fetch;
+      };
+
+in out
diff --git a/miefda/2configs/hardware-configuration.nix b/miefda/2configs/hardware-configuration.nix
new file mode 100644
index 000000000..3eb1f43fe
--- /dev/null
+++ b/miefda/2configs/hardware-configuration.nix
@@ -0,0 +1,23 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "ehci_pci" "ata_piix" "usb_storage" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/4db70ae3-1ff9-43d7-8fcc-83264761a0bb";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+  nix.maxJobs = 4;
+}
diff --git a/miefda/2configs/miefda.nix b/miefda/2configs/miefda.nix
new file mode 100644
index 000000000..545987a68
--- /dev/null
+++ b/miefda/2configs/miefda.nix
@@ -0,0 +1,8 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+  
+  #networking.wicd.enable = true;
+
+}
diff --git a/miefda/2configs/tinc-basic-retiolum.nix b/miefda/2configs/tinc-basic-retiolum.nix
new file mode 100644
index 000000000..153b41d78
--- /dev/null
+++ b/miefda/2configs/tinc-basic-retiolum.nix
@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+  krebs.retiolum = {
+    enable = true;
+    hosts = ../../krebs/Zhosts;
+    connectTo = [
+      "gum"
+      "pigstarter"
+      "prism"
+      "ire"
+    ];
+  };
+}
diff --git a/miefda/2configs/tlp.nix b/miefda/2configs/tlp.nix
new file mode 100644
index 000000000..0e1bb0d6b
--- /dev/null
+++ b/miefda/2configs/tlp.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+  hardware.enableAllFirmware = true;
+  nixpkgs.config.allowUnfree = true;
+
+  hardware.cpu.intel.updateMicrocode = true;
+
+  zramSwap.enable = true;
+  zramSwap.numDevices = 2;
+
+  hardware.trackpoint = {
+    enable = true;
+    sensitivity = 220;
+    speed = 220;
+    emulateWheel = true;
+    };
+
+
+  services.tlp.enable = true;
+  services.tlp.extraConfig = ''
+  START_CHARGE_THRESH_BAT0=80
+  '';
+}
diff --git a/miefda/2configs/x220t.nix b/miefda/2configs/x220t.nix
new file mode 100644
index 000000000..bea84f796
--- /dev/null
+++ b/miefda/2configs/x220t.nix
@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+{
+
+  services.xserver = {
+	xkbVariant = "altgr-intl";
+    videoDriver = "intel";
+   # vaapiDrivers = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
+    deviceSection = ''
+      Option "AccelMethod" "sna"
+    '';
+  };
+
+
+
+  services.xserver.displayManager.sessionCommands =''
+  xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
+  xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
+  xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
+  # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
+  '';
+
+  hardware.bluetooth.enable = true;
+
+
+}
diff --git a/miefda/5pkgs/default.nix b/miefda/5pkgs/default.nix
new file mode 100644
index 000000000..2eb33a153
--- /dev/null
+++ b/miefda/5pkgs/default.nix
@@ -0,0 +1 @@
+_:{}
-- 
cgit v1.3.1


From b96fd072e1ac5e5b6b5b3e92c678dc4bb4cb7e1f Mon Sep 17 00:00:00 2001
From: miefda <miefda@miefda.de>
Date: Wed, 30 Dec 2015 18:17:38 +0100
Subject: mi 2 git: bobby now verbose

---
 miefda/2configs/git.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'miefda')

diff --git a/miefda/2configs/git.nix b/miefda/2configs/git.nix
index 84bb50399..fec828f80 100644
--- a/miefda/2configs/git.nix
+++ b/miefda/2configs/git.nix
@@ -55,7 +55,7 @@ let
         nick = config.krebs.build.host.name;
         channel = "#retiolum";
         server = "cd.retiolum";
-        verbose = config.krebs.build.host.name == "prism";
+        verbose = config.krebs.build.host.name == "bobby";
       };
     };
   };
-- 
cgit v1.3.1


From 0cf6d065f43c66efadd0a364c3414e6ecdae0004 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 11 Feb 2016 03:47:26 +0100
Subject: *: turn 5pkgs into a(n optional) module

---
 default.nix              |  6 +-----
 krebs/5pkgs/default.nix  | 50 +++++++++++++++++++++++++-----------------------
 lass/5pkgs/default.nix   | 21 ++++++++++----------
 makefu/5pkgs/default.nix | 12 +++++++-----
 miefda/5pkgs/default.nix |  1 -
 mv/5pkgs/default.nix     | 39 +++++++++++++++++++------------------
 shared/5pkgs/default.nix |  5 -----
 tv/5pkgs/default.nix     | 37 +++++++++++++++++++----------------
 8 files changed, 85 insertions(+), 86 deletions(-)
 delete mode 100644 miefda/5pkgs/default.nix
 delete mode 100644 shared/5pkgs/default.nix

(limited to 'miefda')

diff --git a/default.nix b/default.nix
index b0ad60d8a..2aa0a8e14 100644
--- a/default.nix
+++ b/default.nix
@@ -43,16 +43,12 @@ let stockholm = {
     imports = builtins.filter lib.dir.has-default-nix (lib.concatLists [
       (map (f: f "2configs") [ lib.upath ])
       (map (f: f "3modules") [ lib.kpath lib.upath ])
+      (map (f: f "5pkgs") [ lib.kpath lib.upath ])
     ]);
 
     krebs.current.enable = true;
     krebs.current.host = config.krebs.hosts.${current-host-name};
     krebs.current.user = config.krebs.users.${current-user-name};
-
-    nixpkgs.config.packageOverrides = pkgs: let
-      kpkgs = import (lib.kpath "5pkgs") { inherit lib pkgs; };
-      upkgs = import (lib.upath "5pkgs") { inherit lib; pkgs = pkgs // kpkgs; };
-    in kpkgs // upkgs;
   };
 
   eval = config: import (lib.npath "nixos/lib/eval-config.nix") {
diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index 89e19dffd..1cf3de56e 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -1,31 +1,33 @@
 { lib, pkgs, ... }@args:
 with lib;
 {
-  haskellPackages = pkgs.haskellPackages.override {
-    overrides = self: super:
-      mapAttrs (name: path: self.callPackage path {})
-        (mapAttrs'
-          (name: type:
-            if hasSuffix ".nix" name
-              then {
-                name = removeSuffix ".nix" name;
-                value = ./haskell-overrides + "/${name}";
-              }
-              else null)
-          (builtins.readDir ./haskell-overrides));
-  };
+  nixpkgs.config.packageOverrides = pkgs: {
+    haskellPackages = pkgs.haskellPackages.override {
+      overrides = self: super:
+        mapAttrs (name: path: self.callPackage path {})
+          (mapAttrs'
+            (name: type:
+              if hasSuffix ".nix" name
+                then {
+                  name = removeSuffix ".nix" name;
+                  value = ./haskell-overrides + "/${name}";
+                }
+                else null)
+            (builtins.readDir ./haskell-overrides));
+    };
 
-  push = pkgs.callPackage ./push {
-    inherit (subdirs) get jq;
-  };
+    push = pkgs.callPackage ./push {
+      inherit (subdirs) get jq;
+    };
 
-  ReaktorPlugins = pkgs.callPackage ./Reaktor/plugins.nix {};
+    ReaktorPlugins = pkgs.callPackage ./Reaktor/plugins.nix {};
 
-  test = {
-    infest-cac-centos7 = pkgs.callPackage ./test/infest-cac-centos7 {};
-  };
+    test = {
+      infest-cac-centos7 = pkgs.callPackage ./test/infest-cac-centos7 {};
+    };
+  }
+  // import ./builders.nix args
+  // mapAttrs (_: flip pkgs.callPackage {})
+              (filterAttrs (_: dir.has-default-nix)
+                           (subdirsOf ./.));
 }
-// import ./builders.nix args
-// mapAttrs (_: flip pkgs.callPackage {})
-            (filterAttrs (_: dir.has-default-nix)
-                         (subdirsOf ./.))
diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix
index 2b9582912..fee4654ae 100644
--- a/lass/5pkgs/default.nix
+++ b/lass/5pkgs/default.nix
@@ -3,15 +3,16 @@
 let
   inherit (pkgs) callPackage;
 in
-
-rec {
-  firefoxPlugins = {
-    noscript = callPackage ./firefoxPlugins/noscript.nix {};
-    ublock = callPackage ./firefoxPlugins/ublock.nix {};
-    vimperator = callPackage ./firefoxPlugins/vimperator.nix {};
+{
+  nixpkgs.config.packageOverrides = rec {
+    firefoxPlugins = {
+      noscript = callPackage ./firefoxPlugins/noscript.nix {};
+      ublock = callPackage ./firefoxPlugins/ublock.nix {};
+      vimperator = callPackage ./firefoxPlugins/vimperator.nix {};
+    };
+    newsbot-js = callPackage ./newsbot-js/default.nix {};
+    xmonad-lass =
+      let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in
+      pkgs.haskellPackages.callPackage src {};
   };
-  newsbot-js = callPackage ./newsbot-js/default.nix {};
-  xmonad-lass =
-    let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in
-    pkgs.haskellPackages.callPackage src {};
 }
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 436c52fcd..c4a7f498f 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -4,9 +4,11 @@ let
   inherit (pkgs) callPackage;
 in
 {
-  alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
-  alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
-  alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
-  awesomecfg = callPackage ./awesomecfg {};
-  tw-upload-plugin = callPackage ./tw-upload-plugin {};
+  nixpkgs.config.packageOverrides = rec {
+    alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
+    alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
+    alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
+    awesomecfg = callPackage ./awesomecfg {};
+    tw-upload-plugin = callPackage ./tw-upload-plugin {};
+  };
 }
diff --git a/miefda/5pkgs/default.nix b/miefda/5pkgs/default.nix
deleted file mode 100644
index 2eb33a153..000000000
--- a/miefda/5pkgs/default.nix
+++ /dev/null
@@ -1 +0,0 @@
-_:{}
diff --git a/mv/5pkgs/default.nix b/mv/5pkgs/default.nix
index 0c72c450e..882ac0413 100644
--- a/mv/5pkgs/default.nix
+++ b/mv/5pkgs/default.nix
@@ -1,23 +1,24 @@
 { pkgs, ... }:
 
 {
-  # TODO use XDG_RUNTIME_DIR?
-  cr = pkgs.writeScriptBin "cr" ''
-    #! /bin/sh
-    set -efu
-    export LC_TIME=de_DE.utf8
-    exec ${pkgs.chromium}/bin/chromium \
-        --ssl-version-min=tls1 \
-        --disk-cache-dir=/tmp/chromium-disk-cache_"$LOGNAME" \
-        --disk-cache-size=50000000 \
-        "%@"
-  '';
-  ff = pkgs.writeScriptBin "ff" ''
-    #! /bin/sh
-    set -efu
-    exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
-  '';
-  xmonad-tv =
-    let src = pkgs.writeNixFromCabal "xmonad-tv.nix" ./xmonad-tv; in
-    pkgs.haskellPackages.callPackage src {};
+  nixpkgs.config.packageOverrides = rec {
+    cr = pkgs.writeScriptBin "cr" ''
+      #! /bin/sh
+      set -efu
+      export LC_TIME=de_DE.utf8
+      exec ${pkgs.chromium}/bin/chromium \
+          --ssl-version-min=tls1 \
+          --disk-cache-dir=/tmp/chromium-disk-cache_"$LOGNAME" \
+          --disk-cache-size=50000000 \
+          "%@"
+    '';
+    ff = pkgs.writeScriptBin "ff" ''
+      #! /bin/sh
+      set -efu
+      exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
+    '';
+    xmonad-tv =
+      let src = pkgs.writeNixFromCabal "xmonad-tv.nix" ./xmonad-tv; in
+      pkgs.haskellPackages.callPackage src {};
+  };
 }
diff --git a/shared/5pkgs/default.nix b/shared/5pkgs/default.nix
deleted file mode 100644
index fdcfbb209..000000000
--- a/shared/5pkgs/default.nix
+++ /dev/null
@@ -1,5 +0,0 @@
-# TODO don't require 5pkgs
-_:
-
-{
-}
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index be10e91eb..b520e1a32 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -1,22 +1,25 @@
 { pkgs, ... }:
 
 {
-  cr = pkgs.writeScriptBin "cr" ''
-    #! /bin/sh
-    set -efu
-    export LC_TIME=de_DE.utf8
-    exec ${pkgs.chromium}/bin/chromium \
-        --ssl-version-min=tls1 \
-        --disk-cache-dir=/tmp/chromium-disk-cache_"$LOGNAME" \
-        --disk-cache-size=50000000 \
-        "%@"
-  '';
-  ejabberd = pkgs.callPackage ./ejabberd {
-    erlang = pkgs.erlangR16;
+  nixpkgs.config.packageOverrides = {
+    # TODO use XDG_RUNTIME_DIR?
+    cr = pkgs.writeScriptBin "cr" ''
+      #! /bin/sh
+      set -efu
+      export LC_TIME=de_DE.utf8
+      exec ${pkgs.chromium}/bin/chromium \
+          --ssl-version-min=tls1 \
+          --disk-cache-dir=/tmp/chromium-disk-cache_"$LOGNAME" \
+          --disk-cache-size=50000000 \
+          "%@"
+    '';
+    ejabberd = pkgs.callPackage ./ejabberd {
+      erlang = pkgs.erlangR16;
+    };
+    ff = pkgs.callPackage ./ff {};
+    viljetic-pages = pkgs.callPackage ./viljetic-pages {};
+    xmonad-tv =
+      let src = pkgs.writeNixFromCabal "xmonad-tv.nix" ./xmonad-tv; in
+      pkgs.haskellPackages.callPackage src {};
   };
-  ff = pkgs.callPackage ./ff {};
-  viljetic-pages = pkgs.callPackage ./viljetic-pages {};
-  xmonad-tv =
-    let src = pkgs.writeNixFromCabal "xmonad-tv.nix" ./xmonad-tv; in
-    pkgs.haskellPackages.callPackage src {};
 }
-- 
cgit v1.3.1

[cgit] Unable to lock slot /tmp/cgit/d5300000.lock: No such file or directory (2)