diff --git a/README.md b/README.md index 58e2dfd..1901640 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,7 @@ sda └─nix /nix ``` -### falkenstein-1 +### falkenstein Hetzner VPS running a few web apps. #### Disk layout ``` diff --git a/flake.lock b/flake.lock index a6cf154..a2c7fba 100644 --- a/flake.lock +++ b/flake.lock @@ -179,11 +179,11 @@ ] }, "locked": { - "lastModified": 1700261686, - "narHash": "sha256-kplQg6hKFNuWKrOyGp9D//G/WH1nHGJ43r2m7fagTYY=", + "lastModified": 1700419052, + "narHash": "sha256-U6a5f9ynbzcp8PMIHULbHPkbwp7YfPKOYmTcLqlalD4=", "owner": "nix-community", "repo": "home-manager", - "rev": "ecd0a800f716b80a6eac58a7ac34d6d33e6fa5ee", + "rev": "993fb02d20760067b8ee19c713d94cee07037759", "type": "github" }, "original": { @@ -280,11 +280,11 @@ ] }, "locked": { - "lastModified": 1699760693, - "narHash": "sha256-u/gkNUHQR/q23voqE5J4xmEWQIAqR+g3lUnCtzn0k7Y=", + "lastModified": 1700363379, + "narHash": "sha256-fBEVPFwSZ6AmBE1s1oT7E9WVuqRghruxTnSQ8UUlMkw=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "8aff4ca3dee60d1422489fe8d52c2f837b3ad113", + "rev": "27920146e671a0d565aaa7452907383be14d8d82", "type": "github" }, "original": { @@ -295,11 +295,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1700204040, - "narHash": "sha256-xSVcS5HBYnD3LTer7Y2K8ZQCDCXMa3QUD1MzRjHzuhI=", + "lastModified": 1700390070, + "narHash": "sha256-de9KYi8rSJpqvBfNwscWdalIJXPo8NjdIZcEJum1mH0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad", + "rev": "e4ad989506ec7d71f7302cc3067abd82730a4beb", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index abae459..46317b3 100644 --- a/flake.nix +++ b/flake.nix @@ -110,11 +110,11 @@ } ]; }; - falkenstein-1 = nixpkgs.lib.nixosSystem { + falkenstein = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = attrs; modules = [ - ./hosts/falkenstein-1 + ./hosts/falkenstein ./shared { nixpkgs.overlays = [ self.overlays.default ]; diff --git a/hosts/falkenstein-1/default.nix b/hosts/falkenstein/default.nix similarity index 100% rename from hosts/falkenstein-1/default.nix rename to hosts/falkenstein/default.nix diff --git a/hosts/falkenstein-1/hardware-configuration.nix b/hosts/falkenstein/hardware-configuration.nix similarity index 100% rename from hosts/falkenstein-1/hardware-configuration.nix rename to hosts/falkenstein/hardware-configuration.nix diff --git a/hosts/falkenstein-1/modules/backup/default.nix b/hosts/falkenstein/modules/backup/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/backup/default.nix rename to hosts/falkenstein/modules/backup/default.nix diff --git a/hosts/falkenstein-1/modules/fail2ban/default.nix b/hosts/falkenstein/modules/fail2ban/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/fail2ban/default.nix rename to hosts/falkenstein/modules/fail2ban/default.nix diff --git a/hosts/falkenstein-1/modules/mail/default.nix b/hosts/falkenstein/modules/mail/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/mail/default.nix rename to hosts/falkenstein/modules/mail/default.nix diff --git a/hosts/falkenstein-1/modules/mail/report-ham.sieve b/hosts/falkenstein/modules/mail/report-ham.sieve similarity index 100% rename from hosts/falkenstein-1/modules/mail/report-ham.sieve rename to hosts/falkenstein/modules/mail/report-ham.sieve diff --git a/hosts/falkenstein-1/modules/mail/report-spam.sieve b/hosts/falkenstein/modules/mail/report-spam.sieve similarity index 100% rename from hosts/falkenstein-1/modules/mail/report-spam.sieve rename to hosts/falkenstein/modules/mail/report-spam.sieve diff --git a/hosts/falkenstein-1/modules/networks/default.nix b/hosts/falkenstein/modules/networks/default.nix similarity index 98% rename from hosts/falkenstein-1/modules/networks/default.nix rename to hosts/falkenstein/modules/networks/default.nix index 0e10527..7f394c8 100644 --- a/hosts/falkenstein-1/modules/networks/default.nix +++ b/hosts/falkenstein/modules/networks/default.nix @@ -12,7 +12,7 @@ }; networking = { - hostName = "falkenstein-1"; + hostName = "falkenstein"; nftables.enable = true; domain = "rfive.de"; useNetworkd = true; diff --git a/hosts/falkenstein-1/modules/nginx/default.nix b/hosts/falkenstein/modules/nginx/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/nginx/default.nix rename to hosts/falkenstein/modules/nginx/default.nix diff --git a/hosts/falkenstein-1/modules/pfersel/default.nix b/hosts/falkenstein/modules/pfersel/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/pfersel/default.nix rename to hosts/falkenstein/modules/pfersel/default.nix diff --git a/hosts/falkenstein-1/modules/purge/default.nix b/hosts/falkenstein/modules/purge/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/purge/default.nix rename to hosts/falkenstein/modules/purge/default.nix diff --git a/hosts/falkenstein-1/modules/trucksimulatorbot/default.nix b/hosts/falkenstein/modules/trucksimulatorbot/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/trucksimulatorbot/default.nix rename to hosts/falkenstein/modules/trucksimulatorbot/default.nix diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 90826f1..3a0b5ba 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -76,19 +76,21 @@ ]; }; - fonts.packages = with pkgs; [ - nerdfonts - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - dejavu_fonts - fira - ]; - + fonts = { + enableDefaultFonts = false; + packages = with pkgs; + [ + nerdfonts + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + fira + ]; + }; # Enable sound. sound.enable = true; #hardware.pulseaudio.enable = true; - hardware.opengl.enable = true; hardware.bluetooth.enable = true; security = { @@ -185,6 +187,7 @@ htop-vim dig traceroute + mtr whois inetutils lsof @@ -202,15 +205,15 @@ qpwgraph ]; - services.mysql = { - enable = true; - package = pkgs.mariadb; - ensureUsers = [ - { - name = "user1"; - } - ]; - }; + # services.mysql = { + # enable = true; + # package = pkgs.mariadb; + # ensureUsers = [ + # { + # name = "user1"; + # } + # ]; + # }; programs.java.enable = true; programs.wireshark = { diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index 65e6e7e..84ed648 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -47,6 +47,11 @@ psk = "@DORM_PSK@"; authProtocols = [ "SAE" ]; }; + "@DORM5_SSID@" = { + priority = 5; + psk = "@DORM_PSK@"; + authProtocols = [ "SAE" ]; + }; "@PIXEL_SSID@" = { psk = "@PIXEL_PSK@"; authProtocols = [ "WPA-PSK" ]; diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index 17b7bd2..29d9e3f 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -33,13 +33,13 @@ authProtocols = [ "WPA-EAP" ]; }; agdsn-office = { + priority = 5; auth = '' eap=TTLS anonymous_identity="wifi@agdsn.de" ca_cert="/etc/ssl/certs/ca-certificates.crt" domain_suffix_match="radius.agdsn.de" identity="r5" - priority=5 proto=WPA2 password="@AGDSN_AUTH@" phase2="auth=PAP" diff --git a/secrets/thinkpad/wireless.age b/secrets/thinkpad/wireless.age index 3d89e87..be8b4dc 100644 Binary files a/secrets/thinkpad/wireless.age and b/secrets/thinkpad/wireless.age differ