user: remove stuff

falkenstein: configure log retention
thinkpad: reenable all modules
2025-04-04 13:56:19 +02:00 · 2024-03-23 00:32:49 +01:00 · 2024-03-23 00:32:21 +01:00 · 2024-03-23 00:31:32 +01:00 · 2024-03-22 17:24:57 +01:00
9 changed files with 104 additions and 75 deletions
--- a/hosts/falkenstein/default.nix
+++ b/hosts/falkenstein/default.nix
@ -5,6 +5,7 @@
      # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./modules/backup
+      ./modules/logging
      ./modules/dns
      ./modules/fail2ban
      ./modules/mail
--- a/hosts/falkenstein/modules/logging/default.nix
+++ b/hosts/falkenstein/modules/logging/default.nix
@ -0,0 +1,36 @@
+{ pkgs, ... }:
+{
+  services.rsyslogd = {
+    enable = true;
+    defaultConfig = ''
+      :programname, isequal, "postfix" /var/log/postfix.log
+
+      auth.*                          -/var/log/auth.log
+    '';
+  };
+  services.logrotate.configFile = pkgs.writeText "logrotate.conf" ''
+    weekly
+    missingok
+    notifempty
+    rotate 4
+    "/var/log/postfix.log" {
+      compress
+      delaycompress
+      weekly
+      rotate 156
+      dateext
+      dateformat .%Y-%m-%d
+      extension log
+    }
+    "/var/log/nginx/*.log" {
+      compress
+      delaycompress
+      weekly
+      postrotate
+        [ ! -f /var/run/nginx/nginx.pid ] || kill -USR1 `cat /var/run/nginx/nginx.pid`
+      endscript
+      rotate 26
+      su nginx nginx
+    }
+  '';
+}
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@ -24,13 +24,13 @@
  # Use the systemd-boot EFI boot loader.
  boot = {
    kernelModules = [ "v4l2loopback" ];
-    kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
-    extraModulePackages = [
-      config.boot.kernelPackages.v4l2loopback
-    ];
-    extraModprobeConfig = ''
-      options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
-    '';
+    kernelPackages = pkgs.linuxPackages_latest;
+    # extraModulePackages = [
+    #   config.boot.kernelPackages.v4l2loopback
+    # ];
+    # extraModprobeConfig = ''
+    #   options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
+    # '';
    tmp.useTmpfs = true;
  };

@ -59,7 +59,7 @@
    devmon.enable = true; # automount stuff
    upower.enable = true;
    fwupd.enable = true; # firmware updates
-    zfs.autoScrub.enable = true;
+    btrfs.autoScrub.enable = true;
  };
  hardware.bluetooth = {
    enable = true;
--- a/hosts/thinkpad/hardware-configuration.nix
+++ b/hosts/thinkpad/hardware-configuration.nix
@ -35,39 +35,47 @@
  };


-  fileSystems."/nix" =
-    {
-      device = "rpool/nixos/nix";
-      fsType = "zfs";
+#  fileSystems."/" =
+#    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+#      fsType = "btrfs";
+#      options = [ "subvol=root" ];
+ #   };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+      fsType = "btrfs";
+      options = [ "subvol=home" "compress=zstd" ];
    };

-  fileSystems."/var/lib" =
-    {
-      device = "rpool/nixos/var/lib";
-      fsType = "zfs";
+  fileSystems."/nix" =
+    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+      fsType = "btrfs";
+      options = [ "subvol=nix" "compress=zstd" "noatime"];
    };

  fileSystems."/var/log" =
-    {
-      device = "rpool/nixos/var/log";
-      fsType = "zfs";
+    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+      fsType = "btrfs";
+      options = [ "subvol=log" "compress=zstd" ];
    };

-  fileSystems."/home" =
-    {
-      device = "rpool/nixos/home";
-      fsType = "zfs";
-    };
-  fileSystems."/" =
-    {
-      device = "tmpfs";
-      fsType = "tmpfs";
-      options = [ "mode=755" ];
+  fileSystems."/var/lib" =
+    { device = "/dev/disk/by-uuid/43e42607-bc44-45de-a2c1-a09a4e34daf1";
+      fsType = "btrfs";
+      options = [ "subvol=lib" "compress=zstd" ];
    };

+
+   fileSystems."/" =
+     {
+       device = "tmpfs";
+       fsType = "tmpfs";
+       options = [ "mode=755" ];
+     };
+
  fileSystems."/boot" =
    {
-      device = "/dev/disk/by-uuid/DF86-7611";
+      device = "/dev/disk/by-uuid/12CE-A600";
      fsType = "vfat";
    };

--- a/hosts/thinkpad/modules/virtualisation/default.nix
+++ b/hosts/thinkpad/modules/virtualisation/default.nix
@ -1,7 +1,10 @@
 { pkgs, ... }:
 {
  virtualisation = {
-    docker.enable = true;
+    docker = {
+      enable = true;
+      extraOptions = "--iptables=false";
+    };
    libvirtd = {
      enable = true;
      qemu = {
@ -15,7 +18,7 @@
    spiceUSBRedirection.enable = true;
  };
  # allow libvirts internal network stuff
-  networking.firewall.trustedInterfaces = [ "virbr0" "br0" ];
+  networking.firewall.trustedInterfaces = [ "virbr0" "br0" "docker0" ];
  programs.virt-manager.enable = true;
  environment.systemPackages = with pkgs; [
    virt-viewer
--- a/overlays/default.nix
+++ b/overlays/default.nix
@ -15,6 +15,30 @@ in
    # freeimage is broken
    withBackends = [ "libtiff" "libjpeg" "libpng" "librsvg" "libheif" ];
  };
+  # don't compile the bloat
+  rsyslog = prev.rsyslog.override {
+    withMysql = false;
+    withJemalloc = false;
+    withPostgres = false;
+    withUuid = false;
+    withCurl = false;
+    withDbi = false;
+    withNetSnmp = false;
+    withGnutls = false;
+    withGcrypt = false;
+    withLognorm = false;
+    withMaxminddb = false;
+    withOpenssl = false;
+    withRelp = false;
+    withKsi = false;
+    withLogging = false;
+    withHadoop = false;
+    withRdkafka = false;
+    withMongo = false;
+    withCzmq = false;
+    withRabbitmq = false;
+    withHiredis = false;
+  };

  gnome-break-timer = callPackage ../pkgs/gnome-break-timer { };
  jmri = callPackage ../pkgs/jmri { };
--- a/users/rouven/modules/default.nix
+++ b/users/rouven/modules/default.nix
@ -8,7 +8,6 @@
    ./helix
    ./wayland
    ./mpv
-    ./qutebrowser
    ./ssh
    ./theme
    ./tex
--- a/users/rouven/modules/packages.nix
+++ b/users/rouven/modules/packages.nix
@ -27,7 +27,6 @@

    # messaging
    tdesktop
-    gajim
    gomuks
    profanity
    fractal
--- a/users/rouven/modules/qutebrowser/default.nix
+++ b/users/rouven/modules/qutebrowser/default.nix
@ -1,41 +0,0 @@
-{ ... }:
-{
-  programs.qutebrowser = {
-    enable = true;
-    searchEngines = {
-      DEFAULT = "https://duckduckgo.com/?q={}";
-      aw = "https://wiki.archlinux.org/?search={}";
-      nw = "https://nixos.wiki/index.php?search={}";
-      ns = "https://search.nixos.org/packages?query={}";
-      nso = "https://search.nixos.org/options?query={}";
-      wp = "https://en.wikipedia.org/wiki/Special:Search?search={}";
-      y = "http://localhost:8090/yacysearch.html?query={}";
-      yt = "https://www.youtube.com/results?search_query={}";
-      g = "https://www.google.com/search?hl=en&q={}";
-    };
-    quickmarks = {
-      nix-search = "https://search.nixos.org/options?";
-      home-search = "https://mipmip.github.io/home-manager-option-search/";
-      jexam = "https://jexam.inf.tu-dresden.de";
-      opal = "https://bildungsportal.sachsen.de/opal/home?2";
-      fruitbasket = "https://github.com/fsr/fruitbasket";
-    };
-    keyBindings = {
-      normal = {
-        "<Ctrl-m>" = "hint links spawn mpv {hint-url}";
-      };
-    };
-    settings = {
-      colors.webpage = {
-        darkmode.enabled = false;
-        preferred_color_scheme = "dark";
-      };
-      content.blocking = {
-        enabled = true;
-        method = "both";
-      };
-      statusbar.show = "in-mode";
-      tabs.show = "switching";
-    };
-  };
-}
Author	SHA1	Message	Date
Rouven Seifert	1a4cbd560e	user: remove stuff	2024-03-23 00:32:49 +01:00
Rouven Seifert	c776c72286	falkenstein: configure log retention	2024-03-23 00:32:21 +01:00
Rouven Seifert	a8d2ace6ab	thinkpad: reenable all modules	2024-03-23 00:31:32 +01:00
Rouven Seifert	a16bc598a4	thinkpad: revert to btrfs zfs just randomly decided to fail	2024-03-22 17:24:57 +01:00