steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'pr/bump' into 'master'

Browse source 
bump latest changes to master

See merge request steveeJ/infra!35
This commit is contained in:
steveej 2020-02-26 20:49:04 +00:00
commit b52d56f9e8
8 changed files with 53 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.envrc
View file

@ -1 +1 @@
use nix
eval "$(lorri direnv)"

2
_archive/environments/dev/rust/.envrc
View file

@ -1 +1 @@
use nix
eval "$(lorri direnv)"

1
nix/home-manager/configuration/graphical-fullblown.nix
View file

@ -65,7 +65,6 @@ in {
PATH=pkgs.lib.concatStringsSep ":" [
"$HOME/.local/bin"
"$HOME/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/bin"
"$HOME/.cargo/bin"
"$HOME/.gem/ruby/2.3.0/bin"
"$HOME/.npm-packages/bin"

1
nix/home-manager/profiles/common.nix
View file

@ -25,6 +25,7 @@ in {
};
programs.direnv.enable = true;
services.lorri.enable = true;
home.sessionVariables = {
NIXPKGS_ALLOW_UNFREE = "1";

44
nix/os/devices/steveej-t480s-work/system.nix
View file

@ -91,4 +91,48 @@ in {
"${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
../../../../certificates/sat-r220-02.lab.eng.rdu2.redhat.com.crt
];
services.xserver.videoDrivers = [ "modesetting" ];
boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
krb5 = {
enable = true;
config = let
pkinit_crt = pkgs.fetchurl {
url = "https://password.corp.redhat.com/ipa.crt";
sha256 = "0cflhkb7szzlakjmz2rmw8l8j5jqsyy2rl7ciclmi5fdfjrrx1cd";
};
in ''
[libdefaults]
default_realm = IPA.REDHAT.COM
dns_lookup_realm = true
dns_lookup_kdc = true
rdns = false
dns_canonicalize_hostname = true
ticket_lifetime = 24h
forwardable = true
udp_preference_limit = 0
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
REDHAT.COM = {
default_domain = redhat.com
dns_lookup_kdc = true
master_kdc = kerberos.corp.redhat.com
admin_server = kerberos.corp.redhat.com
}
#make sure to save the IPA CA cert
#mkdir /etc/ipa && curl -o /etc/ipa/ca.crt https://password.corp.redhat.com/ipa.crt
IPA.REDHAT.COM = {
pkinit_anchors = FILE:${pkinit_crt}
pkinit_pool = FILE:${pkinit_crt}
default_domain = ipa.redhat.com
dns_lookup_kdc = true
# Trust tickets issued by legacy realm on this host
auth_to_local = RULE:[1:$1@$0](.*@REDHAT\.COM)s/@.*//
auth_to_local = DEFAULT
}
'';
};
}

8
nix/os/devices/steveej-t480s-work/versions.nix
View file

@ -1,20 +1,20 @@
{
channelsNixosStable = {
ref = "nixos-19.09";
rev = "f7d050ed4e3af90502c88bf0ae1fef62dcbde265";
rev = "8731aaaf8b30888bc24994096db830993090d7c4";
};
channelsNixosUnstable = {
ref = "nixos-unstable";
rev = "100012e55bc2a82fc680cba31a426ad38ead6fab";
rev = "8130f3c1c2bb0e533b5e150c39911d6e61dcecc2";
};
nixpkgsMaster = {
url = "https://github.com/NixOS/nixpkgs/";
ref = "master";
rev = "0834d16531df583e161bd53ad5aee86854ad85b0";
rev = "329102c47bd1c68f0acdf4feec64232202948c7a";
};
homeManagerModule = {
url = "https://github.com/rycee/home-manager";
ref = "release-19.09";
rev = "8d663335eb7b5032f637d8b719416ae4f2c1f612";
rev = "0d1ca254d0f213a118459c5be8ae465018132f74";
};
}

2
nix/pkgs/duplicacy/.envrc
View file

@ -1 +1 @@
use nix
eval "$(lorri direnv)"

1
services/home-ch/router-wan.lan/Justfile
View file

@ -6,3 +6,4 @@ post-setup:
just -v _run_ssh_cmd "opkg install luci-ssl"
just -v _run_ssh_cmd "opkg install luci-app-samba samba36-server"
just -v _run_ssh_cmd "opkg install block-mount blockd kmod-fs-vfat kmod-usb-storage usbutils"
just -v _run_ssh_cmd "/etc/init.d/uhttpd restart"