From bad96e419784bfd541b5b85671ece6ef4ddb19df Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Mon, 20 Nov 2023 22:46:51 +0100 Subject: [PATCH] falkenstein-1 -> falkenstein --- README.md | 2 +- flake.lock | 18 ++++---- flake.nix | 4 +- .../default.nix | 0 .../hardware-configuration.nix | 0 .../modules/backup/default.nix | 0 .../modules/fail2ban/default.nix | 0 .../modules/mail/default.nix | 0 .../modules/mail/report-ham.sieve | 0 .../modules/mail/report-spam.sieve | 0 .../modules/networks/default.nix | 2 +- .../modules/nginx/default.nix | 0 .../modules/pfersel/default.nix | 0 .../modules/purge/default.nix | 0 .../modules/trucksimulatorbot/default.nix | 0 hosts/thinkpad/default.nix | 41 ++++++++++-------- hosts/thinkpad/modules/networks/default.nix | 5 +++ hosts/thinkpad/modules/networks/uni.nix | 2 +- secrets/thinkpad/wireless.age | Bin 754 -> 763 bytes 19 files changed, 41 insertions(+), 33 deletions(-) rename hosts/{falkenstein-1 => falkenstein}/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/hardware-configuration.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/backup/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/fail2ban/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/mail/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/mail/report-ham.sieve (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/mail/report-spam.sieve (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/networks/default.nix (98%) rename hosts/{falkenstein-1 => falkenstein}/modules/nginx/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/pfersel/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/purge/default.nix (100%) rename hosts/{falkenstein-1 => falkenstein}/modules/trucksimulatorbot/default.nix (100%) diff --git a/README.md b/README.md index 58e2dfd..1901640 100644 --- a/README.md +++ b/README.md @@ -54,7 +54,7 @@ sda └─nix /nix ``` -### falkenstein-1 +### falkenstein Hetzner VPS running a few web apps. #### Disk layout ``` diff --git a/flake.lock b/flake.lock index a6cf154..a2c7fba 100644 --- a/flake.lock +++ b/flake.lock @@ -179,11 +179,11 @@ ] }, "locked": { - "lastModified": 1700261686, - "narHash": "sha256-kplQg6hKFNuWKrOyGp9D//G/WH1nHGJ43r2m7fagTYY=", + "lastModified": 1700419052, + "narHash": "sha256-U6a5f9ynbzcp8PMIHULbHPkbwp7YfPKOYmTcLqlalD4=", "owner": "nix-community", "repo": "home-manager", - "rev": "ecd0a800f716b80a6eac58a7ac34d6d33e6fa5ee", + "rev": "993fb02d20760067b8ee19c713d94cee07037759", "type": "github" }, "original": { @@ -280,11 +280,11 @@ ] }, "locked": { - "lastModified": 1699760693, - "narHash": "sha256-u/gkNUHQR/q23voqE5J4xmEWQIAqR+g3lUnCtzn0k7Y=", + "lastModified": 1700363379, + "narHash": "sha256-fBEVPFwSZ6AmBE1s1oT7E9WVuqRghruxTnSQ8UUlMkw=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "8aff4ca3dee60d1422489fe8d52c2f837b3ad113", + "rev": "27920146e671a0d565aaa7452907383be14d8d82", "type": "github" }, "original": { @@ -295,11 +295,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1700204040, - "narHash": "sha256-xSVcS5HBYnD3LTer7Y2K8ZQCDCXMa3QUD1MzRjHzuhI=", + "lastModified": 1700390070, + "narHash": "sha256-de9KYi8rSJpqvBfNwscWdalIJXPo8NjdIZcEJum1mH0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad", + "rev": "e4ad989506ec7d71f7302cc3067abd82730a4beb", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index abae459..46317b3 100644 --- a/flake.nix +++ b/flake.nix @@ -110,11 +110,11 @@ } ]; }; - falkenstein-1 = nixpkgs.lib.nixosSystem { + falkenstein = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = attrs; modules = [ - ./hosts/falkenstein-1 + ./hosts/falkenstein ./shared { nixpkgs.overlays = [ self.overlays.default ]; diff --git a/hosts/falkenstein-1/default.nix b/hosts/falkenstein/default.nix similarity index 100% rename from hosts/falkenstein-1/default.nix rename to hosts/falkenstein/default.nix diff --git a/hosts/falkenstein-1/hardware-configuration.nix b/hosts/falkenstein/hardware-configuration.nix similarity index 100% rename from hosts/falkenstein-1/hardware-configuration.nix rename to hosts/falkenstein/hardware-configuration.nix diff --git a/hosts/falkenstein-1/modules/backup/default.nix b/hosts/falkenstein/modules/backup/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/backup/default.nix rename to hosts/falkenstein/modules/backup/default.nix diff --git a/hosts/falkenstein-1/modules/fail2ban/default.nix b/hosts/falkenstein/modules/fail2ban/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/fail2ban/default.nix rename to hosts/falkenstein/modules/fail2ban/default.nix diff --git a/hosts/falkenstein-1/modules/mail/default.nix b/hosts/falkenstein/modules/mail/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/mail/default.nix rename to hosts/falkenstein/modules/mail/default.nix diff --git a/hosts/falkenstein-1/modules/mail/report-ham.sieve b/hosts/falkenstein/modules/mail/report-ham.sieve similarity index 100% rename from hosts/falkenstein-1/modules/mail/report-ham.sieve rename to hosts/falkenstein/modules/mail/report-ham.sieve diff --git a/hosts/falkenstein-1/modules/mail/report-spam.sieve b/hosts/falkenstein/modules/mail/report-spam.sieve similarity index 100% rename from hosts/falkenstein-1/modules/mail/report-spam.sieve rename to hosts/falkenstein/modules/mail/report-spam.sieve diff --git a/hosts/falkenstein-1/modules/networks/default.nix b/hosts/falkenstein/modules/networks/default.nix similarity index 98% rename from hosts/falkenstein-1/modules/networks/default.nix rename to hosts/falkenstein/modules/networks/default.nix index 0e10527..7f394c8 100644 --- a/hosts/falkenstein-1/modules/networks/default.nix +++ b/hosts/falkenstein/modules/networks/default.nix @@ -12,7 +12,7 @@ }; networking = { - hostName = "falkenstein-1"; + hostName = "falkenstein"; nftables.enable = true; domain = "rfive.de"; useNetworkd = true; diff --git a/hosts/falkenstein-1/modules/nginx/default.nix b/hosts/falkenstein/modules/nginx/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/nginx/default.nix rename to hosts/falkenstein/modules/nginx/default.nix diff --git a/hosts/falkenstein-1/modules/pfersel/default.nix b/hosts/falkenstein/modules/pfersel/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/pfersel/default.nix rename to hosts/falkenstein/modules/pfersel/default.nix diff --git a/hosts/falkenstein-1/modules/purge/default.nix b/hosts/falkenstein/modules/purge/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/purge/default.nix rename to hosts/falkenstein/modules/purge/default.nix diff --git a/hosts/falkenstein-1/modules/trucksimulatorbot/default.nix b/hosts/falkenstein/modules/trucksimulatorbot/default.nix similarity index 100% rename from hosts/falkenstein-1/modules/trucksimulatorbot/default.nix rename to hosts/falkenstein/modules/trucksimulatorbot/default.nix diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 90826f1..3a0b5ba 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -76,19 +76,21 @@ ]; }; - fonts.packages = with pkgs; [ - nerdfonts - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - dejavu_fonts - fira - ]; - + fonts = { + enableDefaultFonts = false; + packages = with pkgs; + [ + nerdfonts + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + dejavu_fonts + fira + ]; + }; # Enable sound. sound.enable = true; #hardware.pulseaudio.enable = true; - hardware.opengl.enable = true; hardware.bluetooth.enable = true; security = { @@ -185,6 +187,7 @@ htop-vim dig traceroute + mtr whois inetutils lsof @@ -202,15 +205,15 @@ qpwgraph ]; - services.mysql = { - enable = true; - package = pkgs.mariadb; - ensureUsers = [ - { - name = "user1"; - } - ]; - }; + # services.mysql = { + # enable = true; + # package = pkgs.mariadb; + # ensureUsers = [ + # { + # name = "user1"; + # } + # ]; + # }; programs.java.enable = true; programs.wireshark = { diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index 65e6e7e..84ed648 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -47,6 +47,11 @@ psk = "@DORM_PSK@"; authProtocols = [ "SAE" ]; }; + "@DORM5_SSID@" = { + priority = 5; + psk = "@DORM_PSK@"; + authProtocols = [ "SAE" ]; + }; "@PIXEL_SSID@" = { psk = "@PIXEL_PSK@"; authProtocols = [ "WPA-PSK" ]; diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index 17b7bd2..29d9e3f 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -33,13 +33,13 @@ authProtocols = [ "WPA-EAP" ]; }; agdsn-office = { + priority = 5; auth = '' eap=TTLS anonymous_identity="wifi@agdsn.de" ca_cert="/etc/ssl/certs/ca-certificates.crt" domain_suffix_match="radius.agdsn.de" identity="r5" - priority=5 proto=WPA2 password="@AGDSN_AUTH@" phase2="auth=PAP" diff --git a/secrets/thinkpad/wireless.age b/secrets/thinkpad/wireless.age index 3d89e87e0d5bb510c72eb4443ff47814c55a7a42..be8b4dcab8732f9a28d19092763fb9d49595806e 100644 GIT binary patch delta 731 zcmV<10wn$N1^We%EPqXUPB1}mcywb|VOKR+OLli=RB&cVLUC7TId5k{T3BOPQf+21 zT6#EbMG8S{dRj?OIcRN4NGnKEdT(k&Sx06=Yjsw4Ml@GOXH{n_cSKl2V?t{yK?*HC zAaiqQEoEdfH8n9gAVpSsbU9HVW@BM$H!)*SYcVryc1%@hRex%0H#ap=G(t~IIAnNG zG-+~pOj0*=bvQv|3N}bNVoXnJHDpFKVOB|KYE5cmG)-c8M|x26RrW@AiH zHY+tW3N1b$UM**GWnpt=AZ#F2VM|;fD?V^0C3zr5bA2l;DO3tZHB4G!a8g<{c0xo= zQ+GscIb?cjHh*Y!SxP}lQD;F*YHfKmOm=E$Vr5B5FlcKqOj&hVP)lS&Q$kEIY)oQ7 z3O8ppY-2+&V|rD2GiWt3NNa6%Zg@{CR!K`iYYHtbEg)1cN=P&}GH7{sNJMK{S1WB# zZFE;rYj`$nZb(&VGiX>sdRI<#R%J#pRSLm4*e^DM&3~9g7lQaBY?+e(T||-G!Y+Wl z_GVIlS1K~i3QR|L$sf`^@W!+lh*Sn9o%u%@EOi+qZOiyLr*RIjb9HhiD+Iu;@%^s+ zkh{>0)`H6aUF*Dk1Z)?Qna<(jPP;me01I3jA~bd2^Y$(kkP?2|VBOpUH=f2l${@6c zE^MyiM1O2=@C@;cg^=GK#T1+zTVc!Incq;O_+%DJ&ld z(TK{_7}NA|KKI`&iz^e1jbbQzhx02_PzrcTfM?nz2=Nj-rE$=h7_vA09-ywIBYW_6gaFbZ`J>SuvF1$6ro>8`YQQ)1qvpBbV^34!6UYk zHXJi%$%cgsvr&{%Lc4>jZMt+fujz*gV6)OW-YO&ZtklZu9<(#pHl3fzwRB0!n`r{S NiY3z5k+k_EHlK}tCa?ei delta 722 zcmV;@0xkXf1@Z-uEPr@UNJw~EY;9OMW=tz*SXNhTPgqHHF?ujFM|Wl`Yj!kfNlsZb zN-t7wFbYIfHdSRtT2e)4P+2uaRxf!*XIe{1c6M@9cxZNGHD+Zwcxh-bW^yl3a|$g! zAaiqQEoEdfH8n9gAVpSsbU9HVI8#GYa$waAb0KR!uW;NH9(} zPHc8FP-8W9S4ek33R7uvHbgHgW>08KSTs3scR6uEFfc_nLP2b0Q7bcVYiU_HRZ~@1 zP)%fW3N1b$T4_jBP)tNEXL4m>b7dfDIDAuWC@^0jQZy_iX*_--AUt((J}EFRC?G31 zLOvlY3UPERcYjQIHaA0bIYo4MO-bE~^(wqqXOHG&pudN#2Pd_AUYr-*?>} zt;JN9Yca=npY^d_yj-Ul(XMRP3*q5USNAXWoy1b3==MC=DoW$0XXqPPdgqio5e7Ef z>*ZhqTV|PN`kgP{A+g#Y_-99)6W{3KA~ADk6-yM^hZJ3h6_$iK^)i`eH*EQm>h(%8 zEJ(?4{+srFI}oa;-4VAgPy|Vj{pDw