chore: delete t480s
This commit is contained in:
parent
27a0030816
commit
855c463a93
8 changed files with 0 additions and 373 deletions
|
|
@ -1,98 +0,0 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number:
|
||||
d0:17:d1:86:81:d4:f1:28
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C=US, ST=North Carolina, L=Raleigh, O=Katello, OU=SomeOrgUnit, CN=sat-r220-02.lab.eng.rdu2.redhat.com
|
||||
Validity
|
||||
Not Before: Nov 2 15:37:13 2018 GMT
|
||||
Not After : Jan 17 15:37:13 2038 GMT
|
||||
Subject: C=US, ST=North Carolina, L=Raleigh, O=Katello, OU=SomeOrgUnit, CN=sat-r220-02.lab.eng.rdu2.redhat.com
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (2048 bit)
|
||||
Modulus:
|
||||
00:ba:03:39:e3:af:3e:c7:89:bd:d0:07:66:83:18:
|
||||
9c:c0:da:56:e8:bb:37:fe:03:67:94:9a:1c:9d:47:
|
||||
da:6a:a7:6e:56:6d:0a:73:05:79:0e:44:61:71:78:
|
||||
33:33:79:b1:ce:a6:9d:87:d0:01:81:10:d5:e3:21:
|
||||
0f:d0:e9:ef:86:dc:13:34:62:42:47:81:f6:ce:d8:
|
||||
78:de:00:0c:a6:5d:25:d8:cc:72:6a:c4:7c:e1:5b:
|
||||
84:2b:e2:3c:b6:51:7e:8e:e6:e1:55:7d:b4:c8:e7:
|
||||
98:76:eb:20:15:48:6f:2e:91:ca:b7:17:d4:d9:76:
|
||||
5b:40:1c:7e:4c:0b:6f:2c:63:fa:78:c5:8b:b5:36:
|
||||
b6:01:d9:da:58:a9:06:76:32:18:ca:b2:7c:2d:aa:
|
||||
4f:4e:f5:67:30:4c:a6:a3:e3:ef:7c:1d:d3:67:de:
|
||||
da:a5:b9:57:0d:74:01:c3:24:a9:03:61:98:91:c2:
|
||||
1f:1d:a4:36:d2:a6:f4:95:6f:01:6a:99:41:ea:f0:
|
||||
8c:7a:7d:a0:0d:34:93:a3:80:cb:19:fb:1a:e1:c4:
|
||||
0b:60:5c:8d:33:ea:90:ed:98:d2:2a:06:6e:a2:02:
|
||||
1f:f8:2c:1e:d4:d0:d4:8f:93:8d:c9:fe:21:39:6a:
|
||||
5b:7b:60:5d:2a:9c:1e:3f:51:31:b1:be:56:28:cb:
|
||||
4d:cd
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
X509v3 Key Usage:
|
||||
Digital Signature, Key Encipherment, Certificate Sign, CRL Sign
|
||||
X509v3 Extended Key Usage:
|
||||
TLS Web Server Authentication, TLS Web Client Authentication
|
||||
Netscape Cert Type:
|
||||
SSL Server, SSL CA
|
||||
Netscape Comment:
|
||||
Katello SSL Tool Generated Certificate
|
||||
X509v3 Subject Key Identifier:
|
||||
72:CD:88:06:03:FE:5D:A2:D0:B3:20:C7:37:74:06:84:A8:A8:13:DF
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:72:CD:88:06:03:FE:5D:A2:D0:B3:20:C7:37:74:06:84:A8:A8:13:DF
|
||||
DirName:/C=US/ST=North Carolina/L=Raleigh/O=Katello/OU=SomeOrgUnit/CN=sat-r220-02.lab.eng.rdu2.redhat.com
|
||||
serial:D0:17:D1:86:81:D4:F1:28
|
||||
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
70:fe:c6:9f:1a:62:e8:b0:a6:25:df:e8:51:6c:e9:08:48:00:
|
||||
72:2b:d8:a2:95:6e:57:01:8e:2a:9c:a0:14:f8:c9:8a:e3:5d:
|
||||
48:64:f9:0f:81:e7:3e:b1:c2:cb:a0:ec:55:d6:e4:7f:c0:46:
|
||||
7b:bc:66:15:88:61:73:3b:ea:9e:ea:cb:32:79:35:bc:dc:eb:
|
||||
6f:d8:d0:89:c2:ae:fd:02:43:cd:e0:38:d6:9c:16:d7:6d:bb:
|
||||
2c:73:53:3c:82:56:51:d8:96:71:e1:28:49:31:be:fb:ed:23:
|
||||
08:e5:8d:eb:48:c7:25:5d:ef:0e:30:22:d3:93:7f:f1:66:b8:
|
||||
7f:8f:5c:d2:97:e7:13:0e:5b:06:1d:fd:97:1d:a5:24:93:d9:
|
||||
8a:d2:ba:51:00:b3:71:c8:61:da:79:31:64:75:96:d0:b8:d8:
|
||||
45:57:24:40:2f:11:d6:63:70:f5:bf:8d:fc:7f:1b:b9:ad:e0:
|
||||
16:6a:89:9b:6a:0c:d3:e3:b5:14:b4:5c:36:8a:b0:dd:15:4d:
|
||||
4e:77:e9:9b:29:df:e9:e3:27:dc:87:f8:6e:5d:a9:14:42:5c:
|
||||
8b:7b:13:9d:8b:c7:7a:4d:6d:52:7e:5f:02:9f:21:15:de:98:
|
||||
5d:f5:25:30:d3:fa:b4:34:f3:ff:8d:36:c7:e3:1c:d3:b1:f7:
|
||||
b6:7b:ad:40
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFEDCCA/igAwIBAgIJANAX0YaB1PEoMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYD
|
||||
VQQGEwJVUzEXMBUGA1UECAwOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcMB1JhbGVp
|
||||
Z2gxEDAOBgNVBAoMB0thdGVsbG8xFDASBgNVBAsMC1NvbWVPcmdVbml0MSwwKgYD
|
||||
VQQDDCNzYXQtcjIyMC0wMi5sYWIuZW5nLnJkdTIucmVkaGF0LmNvbTAeFw0xODEx
|
||||
MDIxNTM3MTNaFw0zODAxMTcxNTM3MTNaMIGOMQswCQYDVQQGEwJVUzEXMBUGA1UE
|
||||
CAwOTm9ydGggQ2Fyb2xpbmExEDAOBgNVBAcMB1JhbGVpZ2gxEDAOBgNVBAoMB0th
|
||||
dGVsbG8xFDASBgNVBAsMC1NvbWVPcmdVbml0MSwwKgYDVQQDDCNzYXQtcjIyMC0w
|
||||
Mi5sYWIuZW5nLnJkdTIucmVkaGF0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||
ADCCAQoCggEBALoDOeOvPseJvdAHZoMYnMDaVui7N/4DZ5SaHJ1H2mqnblZtCnMF
|
||||
eQ5EYXF4MzN5sc6mnYfQAYEQ1eMhD9Dp74bcEzRiQkeB9s7YeN4ADKZdJdjMcmrE
|
||||
fOFbhCviPLZRfo7m4VV9tMjnmHbrIBVIby6RyrcX1Nl2W0AcfkwLbyxj+njFi7U2
|
||||
tgHZ2lipBnYyGMqyfC2qT071ZzBMpqPj73wd02fe2qW5Vw10AcMkqQNhmJHCHx2k
|
||||
NtKm9JVvAWqZQerwjHp9oA00k6OAyxn7GuHEC2BcjTPqkO2Y0ioGbqICH/gsHtTQ
|
||||
1I+Tjcn+ITlqW3tgXSqcHj9RMbG+VijLTc0CAwEAAaOCAW0wggFpMAwGA1UdEwQF
|
||||
MAMBAf8wCwYDVR0PBAQDAgGmMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
|
||||
AjARBglghkgBhvhCAQEEBAMCAkQwNQYJYIZIAYb4QgENBCgWJkthdGVsbG8gU1NM
|
||||
IFRvb2wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRyzYgGA/5dotCz
|
||||
IMc3dAaEqKgT3zCBwwYDVR0jBIG7MIG4gBRyzYgGA/5dotCzIMc3dAaEqKgT36GB
|
||||
lKSBkTCBjjELMAkGA1UEBhMCVVMxFzAVBgNVBAgMDk5vcnRoIENhcm9saW5hMRAw
|
||||
DgYDVQQHDAdSYWxlaWdoMRAwDgYDVQQKDAdLYXRlbGxvMRQwEgYDVQQLDAtTb21l
|
||||
T3JnVW5pdDEsMCoGA1UEAwwjc2F0LXIyMjAtMDIubGFiLmVuZy5yZHUyLnJlZGhh
|
||||
dC5jb22CCQDQF9GGgdTxKDANBgkqhkiG9w0BAQsFAAOCAQEAcP7Gnxpi6LCmJd/o
|
||||
UWzpCEgAcivYopVuVwGOKpygFPjJiuNdSGT5D4HnPrHCy6DsVdbkf8BGe7xmFYhh
|
||||
czvqnurLMnk1vNzrb9jQicKu/QJDzeA41pwW1227LHNTPIJWUdiWceEoSTG+++0j
|
||||
COWN60jHJV3vDjAi05N/8Wa4f49c0pfnEw5bBh39lx2lJJPZitK6UQCzcchh2nkx
|
||||
ZHWW0LjYRVckQC8R1mNw9b+N/H8bua3gFmqJm2oM0+O1FLRcNoqw3RVNTnfpmynf
|
||||
6eMn3If4bl2pFEJci3sTnYvHek1tUn5fAp8hFd6YXfUlMNP6tDTz/402x+Mc07H3
|
||||
tnutQA==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
{...}: {
|
||||
disabledModules = ["system/boot/initrd-network.nix"];
|
||||
|
||||
imports = [
|
||||
../../modules/initrd-network.nix
|
||||
|
||||
../../profiles/common/configuration.nix
|
||||
../../profiles/graphical/configuration.nix
|
||||
../../modules/encryptedDisk.nix
|
||||
|
||||
./system.nix
|
||||
./hw.nix
|
||||
./pkg.nix
|
||||
./user.nix
|
||||
];
|
||||
}
|
||||
|
|
@ -1,30 +0,0 @@
|
|||
{...}: let
|
||||
stage1Modules = [
|
||||
"aesni_intel"
|
||||
"kvm-intel"
|
||||
"aes_x86_64"
|
||||
"nvme"
|
||||
"nvme_core"
|
||||
|
||||
"pcieport"
|
||||
"thunderbolt"
|
||||
"e1000e"
|
||||
"xhci_pci"
|
||||
"hxci_hcd"
|
||||
];
|
||||
in {
|
||||
# TASK: new device
|
||||
hardware.encryptedDisk = {
|
||||
enable = true;
|
||||
diskId = "ata-Crucial_CT750MX300SSD1_16161311C7A6";
|
||||
};
|
||||
|
||||
# boot.initrd.availableKernelModules = stage1Modules;
|
||||
boot.initrd.kernelModules = stage1Modules;
|
||||
boot.extraModprobeConfig = ''
|
||||
options kvm-intel nested=1
|
||||
options kvm-intel enable_shadow_vmcs=1
|
||||
options kvm-intel enable_apicv=1
|
||||
options kvm-intel ept=1
|
||||
'';
|
||||
}
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
nixpkgs.config.packageOverrides = pkgs:
|
||||
with pkgs; {
|
||||
nixPath =
|
||||
(import ../../../default.nix {
|
||||
versionsPath = ./versions.nix;
|
||||
})
|
||||
.nixPath;
|
||||
};
|
||||
home-manager.users.steveej = import ../../../home-manager/configuration/graphical-fullblown.nix {
|
||||
inherit pkgs;
|
||||
};
|
||||
services.teamviewer.enable = true;
|
||||
system.stateVersion = "19.09";
|
||||
}
|
||||
|
|
@ -1,134 +0,0 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
keys = import ../../../variables/keys.nix;
|
||||
in {
|
||||
# TASK: new device
|
||||
networking.hostName = "steveej-t480s-work"; # Define your hostname.
|
||||
|
||||
# Used for testing local Openshift clusters
|
||||
environment.etc."NetworkManager/dnsmasq.d/openshift.conf".text = let
|
||||
openshiftClusterName = "openshift-steveej";
|
||||
openshiftDomain = "openshift.testing";
|
||||
openshiftSubnetBase = "192.168.126";
|
||||
in ''
|
||||
server=/${openshiftDomain}/${openshiftSubnetBase}.1
|
||||
address=/.apps.${openshiftClusterName}.${openshiftDomain}/${openshiftSubnetBase}.51
|
||||
'';
|
||||
networking.firewall.enable = lib.mkForce false;
|
||||
networking.firewall.checkReversePath = false;
|
||||
|
||||
networking.bridges."virbr1".interfaces = [];
|
||||
networking.interfaces."virbr1".ipv4.addresses = [
|
||||
{
|
||||
address = "10.254.254.254";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
|
||||
services.printing = {
|
||||
enable = true;
|
||||
drivers = with pkgs; [hplip mfcl3770cdw.driver mfcl3770cdw.cupswrapper];
|
||||
};
|
||||
|
||||
services.fprintd.enable = true;
|
||||
security.pam.services = {
|
||||
login.fprintAuth = true;
|
||||
sudo.fprintAuth = true;
|
||||
};
|
||||
|
||||
# Kubernetes
|
||||
# services.kubernetes.roles = ["master" "node"];
|
||||
|
||||
# virtualization
|
||||
virtualisation = {
|
||||
libvirtd = {enable = true;};
|
||||
|
||||
virtualbox.host = {
|
||||
enable = false;
|
||||
addNetworkInterface = false;
|
||||
};
|
||||
|
||||
docker = {
|
||||
enable = true;
|
||||
extraOptions = "--experimental";
|
||||
};
|
||||
};
|
||||
|
||||
boot.initrd.network = {
|
||||
enable = true;
|
||||
useDHCP = true;
|
||||
udhcpc.extraArgs = ["-x hostname:${config.networking.hostName}"];
|
||||
|
||||
ssh = {
|
||||
enable = true;
|
||||
authorizedKeys = keys.users.steveej.openssh;
|
||||
hostKeys = [
|
||||
"/etc/secrets/initrd/ssh_host_rsa_key"
|
||||
"/etc/secrets/initrd/ssh_host_ed25519_key"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
security.pki.certificateFiles = [
|
||||
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
../../../../certificates/sat-r220-02.lab.eng.rdu2.redhat.com.crt
|
||||
];
|
||||
|
||||
services.xserver.videoDrivers = ["modesetting"];
|
||||
services.xserver.serverFlagsSection = ''
|
||||
Option "BlankTime" "0"
|
||||
Option "StandbyTime" "0"
|
||||
Option "SuspendTime" "0"
|
||||
Option "OffTime" "0"
|
||||
'';
|
||||
|
||||
# the default profile uses linuxPackages_latest
|
||||
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
|
||||
|
||||
krb5 = {
|
||||
enable = true;
|
||||
config = let
|
||||
pkinit_crt = pkgs.fetchurl {
|
||||
url = "https://password.corp.redhat.com/ipa.crt";
|
||||
sha256 = "0cflhkb7szzlakjmz2rmw8l8j5jqsyy2rl7ciclmi5fdfjrrx1cd";
|
||||
};
|
||||
in ''
|
||||
[libdefaults]
|
||||
default_realm = IPA.REDHAT.COM
|
||||
dns_lookup_realm = true
|
||||
dns_lookup_kdc = true
|
||||
rdns = false
|
||||
dns_canonicalize_hostname = true
|
||||
ticket_lifetime = 24h
|
||||
forwardable = true
|
||||
udp_preference_limit = 0
|
||||
default_ccache_name = KEYRING:persistent:%{uid}
|
||||
|
||||
[realms]
|
||||
REDHAT.COM = {
|
||||
default_domain = redhat.com
|
||||
dns_lookup_kdc = true
|
||||
master_kdc = kerberos.corp.redhat.com
|
||||
admin_server = kerberos.corp.redhat.com
|
||||
}
|
||||
|
||||
#make sure to save the IPA CA cert
|
||||
#mkdir /etc/ipa && curl -o /etc/ipa/ca.crt https://password.corp.redhat.com/ipa.crt
|
||||
IPA.REDHAT.COM = {
|
||||
pkinit_anchors = FILE:${pkinit_crt}
|
||||
pkinit_pool = FILE:${pkinit_crt}
|
||||
default_domain = ipa.redhat.com
|
||||
dns_lookup_kdc = true
|
||||
# Trust tickets issued by legacy realm on this host
|
||||
auth_to_local = RULE:[1:$1@$0](.*@REDHAT\.COM)s/@.*//
|
||||
auth_to_local = DEFAULT
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
hardware.ledger.enable = true;
|
||||
}
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
passwords = import ../../../variables/passwords.crypt.nix;
|
||||
keys = import ../../../variables/keys.nix;
|
||||
inherit (import ../../lib/default.nix {}) mkUser;
|
||||
in {
|
||||
users.extraUsers.steveej2 = mkUser {
|
||||
uid = 1001;
|
||||
openssh.authorizedKeys.keys = keys.users.steveej.openssh;
|
||||
};
|
||||
|
||||
users.extraUsers.steveej3 = mkUser {
|
||||
uid = 1002;
|
||||
openssh.authorizedKeys.keys = keys.users.steveej.openssh;
|
||||
shell = pkgs.posh {image = "quay.io/enarx/fedora";};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,26 +0,0 @@
|
|||
let
|
||||
nixpkgs = {
|
||||
url = "https://github.com/NixOS/nixpkgs/";
|
||||
ref = "nixos-20.09";
|
||||
rev = "b94726217f7cdc02ddf277b65553762d520da196";
|
||||
};
|
||||
in {
|
||||
inherit nixpkgs;
|
||||
nixos = nixpkgs // {suffix = "/nixos";};
|
||||
"channels-nixos-stable" = nixpkgs;
|
||||
"channels-nixos-unstable" = {
|
||||
url = "https://github.com/NixOS/nixpkgs/";
|
||||
ref = "nixos-unstable";
|
||||
rev = "e9158eca70ae59e73fae23be5d13d3fa0cfc78b4";
|
||||
};
|
||||
"nixpkgs-master" = {
|
||||
url = "https://github.com/NixOS/nixpkgs/";
|
||||
ref = "master";
|
||||
rev = "cd75006f1abd1671f2367b8cfd9406b32f5296da";
|
||||
};
|
||||
"home-manager-module" = {
|
||||
url = "https://github.com/nix-community/home-manager";
|
||||
ref = "release-20.09";
|
||||
rev = "63f299b3347aea183fc5088e4d6c4a193b334a41";
|
||||
};
|
||||
}
|
||||
|
|
@ -1,34 +0,0 @@
|
|||
let
|
||||
nixpkgs = {
|
||||
url = "https://github.com/NixOS/nixpkgs/";
|
||||
ref = "nixos-20.09";
|
||||
rev = ''
|
||||
<% git ls-remote https://github.com/nixos/nixpkgs nixos-20.09 | awk '{ print $1 }' | tr -d '
|
||||
' -%>'';
|
||||
};
|
||||
in {
|
||||
inherit nixpkgs;
|
||||
nixos = nixpkgs // {suffix = "/nixos";};
|
||||
"channels-nixos-stable" = nixpkgs;
|
||||
"channels-nixos-unstable" = {
|
||||
url = "https://github.com/NixOS/nixpkgs/";
|
||||
ref = "nixos-unstable";
|
||||
rev = ''
|
||||
<% git ls-remote https://github.com/nixos/nixpkgs nixos-unstable | awk '{ print $1 }' | tr -d '
|
||||
' -%>'';
|
||||
};
|
||||
"nixpkgs-master" = {
|
||||
url = "https://github.com/NixOS/nixpkgs/";
|
||||
ref = "master";
|
||||
rev = ''
|
||||
<% git ls-remote https://github.com/NixOS/nixpkgs.git master | head -n1 | awk '{ print $1 }' | tr -d '
|
||||
' -%>'';
|
||||
};
|
||||
"home-manager-module" = {
|
||||
url = "https://github.com/nix-community/home-manager";
|
||||
ref = "release-20.09";
|
||||
rev = ''
|
||||
<% git ls-remote https://github.com/nix-community/home-manager.git release-20.09 | awk '{ print $1 }' | tr -d '
|
||||
' -%>'';
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue