Compare commits
15 Commits
extraction
...
upgrade-16
| Author | SHA1 | Date | |
|---|---|---|---|
| 021b1d5c26 | |||
|
31f57965f9 | ||
|
|
0a3d820dd6 | ||
|
|
f0f266cb55 | ||
|
|
1916d6eb90 | ||
| fa32aed569 | |||
| 9201266575 | |||
| 756a18b2e8 | |||
| 3b04c2edb0 | |||
| 2982725e0b | |||
| 9e8d3b24b3 | |||
| dba3a46ebd | |||
| 7d28694819 | |||
| ed5420e1b0 | |||
| d6bfe1c706 |
2
Makefile
2
Makefile
@@ -37,7 +37,7 @@ push: submodules-push
|
||||
|
||||
submodules-update:
|
||||
#git submodule update --remote
|
||||
#git submodule foreach git co master
|
||||
git submodule foreach git co master
|
||||
git submodule foreach git ff
|
||||
|
||||
submodules-push:
|
||||
|
||||
@@ -55,10 +55,27 @@ in
|
||||
online-ipv6 = mkEnableOption "Profil pour activer l'IPv6 de online.net";
|
||||
print = mkEnableOption "Profil pour activer cups & pouvoir imprimer.";
|
||||
rabbitmq = mkEnableOption "Profil pour activer le service de messagerie AMQP.";
|
||||
radicale = mkEnableOption "Profil pour activer le service d'hébergement de calendrier + tâches & contacts.";
|
||||
swap = mkEnableOption "Profil pour que le swap soit activé.";
|
||||
virtualbox = mkEnableOption "Profil pour l'utilisation de VirtualBox.";
|
||||
xmonad = mkEnableOption "Profil pour activer le gestionnaire de fenêtres xmonad.";
|
||||
znc = mkEnableOption "Profil pour activer le relais IRC ZNC.";
|
||||
|
||||
tincAddress = mkOption {
|
||||
default = "";
|
||||
example = "192.168.1.1";
|
||||
description = "Adresse du noeud tinc local";
|
||||
type = lib.types.string;
|
||||
};
|
||||
tincExtraConfig = mkOption {
|
||||
default = "";
|
||||
example = ''
|
||||
Mode = router
|
||||
ConnecTo = bar
|
||||
'';
|
||||
description = "Configuration supplémentaire pour tinc";
|
||||
type = lib.types.string;
|
||||
};
|
||||
};
|
||||
#* Utilisé pour avoir des raccourcis de machine
|
||||
r6d.computers = {
|
||||
@@ -173,6 +190,7 @@ in
|
||||
|
||||
r6d.config-generator = {
|
||||
docker = true;
|
||||
radicale = true;
|
||||
};
|
||||
})
|
||||
(mkIf comp.isRadx {
|
||||
@@ -205,6 +223,8 @@ in
|
||||
|
||||
r6d.config-generator = {
|
||||
laptop = true;
|
||||
tincAddress = "192.168.12.2/24";
|
||||
tincExtraConfig = "ConnectTo = phenom_dubronetwork_fr";
|
||||
};
|
||||
})
|
||||
(mkIf comp.isMonstre {
|
||||
@@ -258,6 +278,7 @@ in
|
||||
nix-serve-server = true;
|
||||
laptop = true;
|
||||
edition-photo = true;
|
||||
tincAddress = "192.168.12.1/24";
|
||||
};
|
||||
})
|
||||
(mkIf comp.isRollo {
|
||||
|
||||
@@ -23,6 +23,9 @@ in
|
||||
# Lancement de dbus pour les utilisateurs
|
||||
services.dbus.socketActivated = true;
|
||||
|
||||
# NixOS Hardening
|
||||
#security.grsecurity.enable = true;
|
||||
|
||||
# Paquets
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
@@ -42,6 +45,7 @@ in
|
||||
p7zip # compression de fichier
|
||||
parted # partitionnement de disque
|
||||
pciutils
|
||||
pinentry # pour taper les mots de passe gpg
|
||||
psmisc # fournis les utilitaires comme killall, fuser, pstree
|
||||
python # python -- python -m SimpleHTTPServer 8000
|
||||
python34Packages.glances # monitoring
|
||||
@@ -56,6 +60,7 @@ in
|
||||
];
|
||||
shellAliases = {
|
||||
byobu = "byobu-tmux";
|
||||
gpg = "gpg2";
|
||||
jacques-a-dit = "sudo";
|
||||
tree = "tree -C";
|
||||
tree1 = "tree -d -L 1";
|
||||
|
||||
@@ -1,34 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
####################################### HYDRA
|
||||
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
|
||||
# une fois installé :
|
||||
# 1. créer chef SSH : ssh-keygen -C "hydra@pedro.dubronetwork.fr" -N "" -f /etc/nixos/id_buildfarm
|
||||
# 2. récupérer la clef publique du serveur ssh : ssh-keyscan localhost + l'ajouter dans les knownHosts
|
||||
# 2. créer un utilisateur
|
||||
# su - hydra
|
||||
# hydra-create-user jpierre03 --password toto --role 'admin'
|
||||
# accessible à hydra.pedro.dubnronetwork.fr
|
||||
services.hydra = {
|
||||
enable = true;
|
||||
hydraURL = "http://hydra.pedro.dubronetwork.fr";
|
||||
notificationSender = "hydra@${config.networking.hostName}";
|
||||
listenHost = "localhost";
|
||||
minimumDiskFree = 50; # Go
|
||||
};
|
||||
|
||||
programs.ssh.knownHosts."pedro.dubronetwork.fr".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7fjo2ysLqlfSo6BKnc6I6m1ayoPrbwEEyTKZmUzsOD";
|
||||
nix = {
|
||||
distributedBuilds = true;
|
||||
buildMachines = [
|
||||
{ hostName = "pedro.dubronetwork.fr"; maxJobs = 2; speedFactor = 10; sshKey = "/etc/nixos/id_buildfarm"; sshUser = "root"; system = "x86_64-linux"; }
|
||||
];
|
||||
extraOptions = "auto-optimise-store = true";
|
||||
};
|
||||
# nix.gc = {
|
||||
# automatic = true;
|
||||
#};
|
||||
}
|
||||
@@ -19,10 +19,11 @@ mkIf cfg.hydra-builder {
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
nix.gc.automatic = true;
|
||||
|
||||
users.users."hydrabuild" = {
|
||||
description = "Execution des job hydra";
|
||||
users.users."hydrabld" = {
|
||||
description = "Execution des jobs hydra";
|
||||
group = "nixbld";
|
||||
isNormalUser = false;
|
||||
extraGroups = [ "nixbld" ];
|
||||
isNormalUser = true;
|
||||
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGYpjcWJCf8dXpv2LmoIaNVbwZXEC50QUU6Az+lqeD89 hydra radx"
|
||||
|
||||
Reference in New Issue
Block a user