Author: NicolasPierron
Date: Tue Jun 14 02:37:22 2011
New Revision: 27445
URL: https://svn.nixos.org/websvn/nix/?rev=27445&sc=1
Log:
Keukenhof:
- Fix partition types.
- Do not start after network-interfaces but after ip-up event.
- Update samba configuration.
- Fix UPS driver. (it has changed since previous installed version)
- Advertise the hostname.
- Refuse root login with ssh.
Modified:
configurations/trunk/misc/nicolas.b.pierron/common/freepopsd.nix
configurations/trunk/misc/nicolas.b.pierron/common/fuppes.nix
configurations/trunk/misc/nicolas.b.pierron/common/irc.nix
configurations/trunk/misc/nicolas.b.pierron/common/packages.nix
configurations/trunk/misc/nicolas.b.pierron/common/ups.nix
configurations/trunk/misc/nicolas.b.pierron/keukenhof.nix
Modified: configurations/trunk/misc/nicolas.b.pierron/common/freepopsd.nix
==============================================================================
--- configurations/trunk/misc/nicolas.b.pierron/common/freepopsd.nix Mon Jun
13 22:17:22 2011 (r27444)
+++ configurations/trunk/misc/nicolas.b.pierron/common/freepopsd.nix Tue Jun
14 02:37:22 2011 (r27445)
@@ -93,7 +93,7 @@
config = mkIf cfg.enable {
jobs.freepopsd = {
description = "Freepopsd (webmail over POP3)";
- startOn = "started network-interfaces";
+ startOn = "ip-up";
exec = ''${freepops}/bin/freepopsd \
-p ${toString cfg.port} \
-t ${toString cfg.threads} \
Modified: configurations/trunk/misc/nicolas.b.pierron/common/fuppes.nix
==============================================================================
--- configurations/trunk/misc/nicolas.b.pierron/common/fuppes.nix Mon Jun
13 22:17:22 2011 (r27444)
+++ configurations/trunk/misc/nicolas.b.pierron/common/fuppes.nix Tue Jun
14 02:37:22 2011 (r27445)
@@ -102,7 +102,7 @@
config = mkIf cfg.enable {
jobs.fuppesd = {
description = "UPnP A/V Media Server. (${cfg.name})";
- startOn = "started network-interfaces";
+ startOn = "ip-up";
daemonType = "fork";
exec = ''/var/setuid-wrappers/sudo -u ${cfg.user} --
${pkgs.fuppes}/bin/fuppesd --friendly-name ${cfg.name} --log-level ${toString
cfg.log.level} --log-file ${cfg.log.file} --config-file ${cfg.config}
--vfolder-config-file ${cfg.vfolder} --database-file ${cfg.database}'';
};
Modified: configurations/trunk/misc/nicolas.b.pierron/common/irc.nix
==============================================================================
--- configurations/trunk/misc/nicolas.b.pierron/common/irc.nix Mon Jun 13
22:17:22 2011 (r27444)
+++ configurations/trunk/misc/nicolas.b.pierron/common/irc.nix Tue Jun 14
02:37:22 2011 (r27445)
@@ -30,7 +30,7 @@
config = mkIf cfg.enable {
jobs.ircSession = {
description = "Start the irc client of ${cfg.user}.";
- startOn = "started network-interfaces";
+ startOn = "ip-up";
daemonType = "fork";
# connect on it with: ssh username@my-server -t screen -d -R irc
exec = ''/var/setuid-wrappers/sudo -u ${cfg.user} --
${pkgs.screen}/bin/screen -m -d -S irc ${pkgs.irssi}/bin/irssi'';
Modified: configurations/trunk/misc/nicolas.b.pierron/common/packages.nix
==============================================================================
--- configurations/trunk/misc/nicolas.b.pierron/common/packages.nix Mon Jun
13 22:17:22 2011 (r27444)
+++ configurations/trunk/misc/nicolas.b.pierron/common/packages.nix Tue Jun
14 02:37:22 2011 (r27445)
@@ -12,7 +12,8 @@
myTexLive = texLiveAggregationFun {
paths = [
- texLive texLiveExtra texLiveCMSuper texLiveBeamer
+ texLive /*texLiveContext*/ texLiveExtra texLiveCMSuper
+ texLiveLatexXColor texLivePGF texLiveBeamer
];
};
in
@@ -25,36 +26,39 @@
];
editors = [
- emacs eclipseNew
+ emacs
+ ] ++ optionals enabled.xserver [
+ eclipseNew
];
dev = [
- autoconf automake gettext gnumake gnupatch gcc gfortran gawk ocaml gdb
+ autoconf automake gettext gnumake gnupatch gawk ocaml gdb
help2man libtool m4 readline
- pkgconfig pythonFull pyx ruby myTexLive
+ pkgconfig pythonFull pyx ruby /* myTexLive */
bison flex ncurses zlib help2man
jdk jre apacheAnt
];
vcs = [
- subversion git
+ subversion gitFull
];
images = [
- gnuplot ghostscript graphviz imagemagick taskJuggler transfig
+ gnuplot ghostscript graphviz imagemagick /* taskJuggler */ transfig
] ++ optionals enabled.xserver [
dia inkscape
];
utils = [
diffstat diffutils
- bc binutils eject fuse sshfsFuse lzma pstree unzip which
+ bc binutils eject fuse sshfsFuse lzma /* pstree */ unzip which
su coreutils
bash zsh
];
display = optionals enabled.xserver [
xlibs.xmessage xpdf xorg.xset xterm xorg.xev
+ # should be added only if wmii is enabled.
wmiiSnap wmiimenu
];
@@ -69,15 +73,20 @@
pkgs.kde42.kdegames
];
- extraPackages =
+ systemPackages =
web
++ editors
+/*
++ dev
+*/
++ vcs
+/*
++ images
++ utils
++ display
++ fun
+*/
;
};
+
}
Modified: configurations/trunk/misc/nicolas.b.pierron/common/ups.nix
==============================================================================
--- configurations/trunk/misc/nicolas.b.pierron/common/ups.nix Mon Jun 13
22:17:22 2011 (r27444)
+++ configurations/trunk/misc/nicolas.b.pierron/common/ups.nix Tue Jun 14
02:37:22 2011 (r27445)
@@ -33,6 +33,8 @@
upsOptions = {name, config, ...}:
{
options = {
+ # This can be infered from the UPS model by looking at
+ # /nix/store/nut/share/driver.list
driver = mkOption {
type = types.uniq types.string;
description = ''
@@ -201,7 +203,8 @@
jobs.upsmon = {
description = "Uninterruptible Power Supplies (Monitor)";
- startOn = "started network-interfaces";
+ startOn = "ip-up";
+ daemonType = "fork";
exec = ''${nut}/sbin/upsmon'';
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
@@ -210,7 +213,9 @@
jobs.upsd = {
description = "Uninterruptible Power Supplies (Daemon)";
startOn = "started network-interfaces and upsmon";
- exec = ''${nut}/sbin/upsd'';
+ daemonType = "fork";
+ # TODO: replace 'root' by another username.
+ exec = ''${nut}/sbin/upsd -u root'';
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
};
@@ -218,7 +223,8 @@
jobs.upsdrv = {
description = "Uninterruptible Power Supplies (Register all UPS)";
startOn = "started upsd";
- exec = ''${nut}/sbin/upsdrvctl start'';
+ # TODO: replace 'root' by another username.
+ exec = ''${nut}/bin/upsdrvctl -u root start'';
task = true;
environment.NUT_CONFPATH = "/etc/nut/";
environment.NUT_STATEPATH = "/var/lib/nut/";
Modified: configurations/trunk/misc/nicolas.b.pierron/keukenhof.nix
==============================================================================
--- configurations/trunk/misc/nicolas.b.pierron/keukenhof.nix Mon Jun 13
22:17:22 2011 (r27444)
+++ configurations/trunk/misc/nicolas.b.pierron/keukenhof.nix Tue Jun 14
02:37:22 2011 (r27445)
@@ -10,6 +10,7 @@
./common/kb_fr.nix
./common/user.nix
./common/preferencies.nix
+ ./common/packages.nix
# Extra services
./common/irc.nix
@@ -19,7 +20,7 @@
];
## Basics
- boot.initrd.availableKernelModules = [ "ext4" ];
+ #boot.initrd.availableKernelModules = [ "ext4" ];
boot.loader.grub = {
enable = true;
@@ -35,12 +36,14 @@
fileSystems = [
{ label = "boot"; fsType = "ext3"; mountPoint = "/boot"; }
- { label = "nixos"; fsType = "ext4"; mountPoint = "/"; }
+ { label = "nixos"; fsType = "ext3"; mountPoint = "/"; }
# RAID-0 array
- { label = "data"; fsType = "ext3"; mountPoint = "/mnt/data"; }
+ { label = "data"; fsType = "ext2"; mountPoint = "/mnt/data"; }
];
swapDevices = [
+ { label = "swap-a2"; }
+ { label = "swap-b2"; }
];
@@ -59,33 +62,34 @@
# This is only shared inside a secure network.
extraConfig =
''
- max log size = 50000
- workgroup = MSHOME
- server string = Sharing Server
- security = share
- guest account = share
+ max log size = 50000
+ workgroup = MSHOME
+ server string = Sharing Server
+ security = share
+ guest account = share
[public]
- comment = Shared file space
- path = /home/share/
- guest ok = yes
- browseable = yes
- public = yes
- writable = yes
- create mask = 0644
+ comment = Shared file space
+ path = /home/share/
+ guest ok = yes
+ browseable = yes
+ public = yes
+ writable = yes
+ create mask = 0644
[tmp]
- comment = Temporary file space
- path = /tmp
- read only = no
- public = yes
- create mask = 0644
+ comment = Temporary file space
+ path = /tmp
+ read only = no
+ public = yes
+ create mask = 0644
'';
};
## Fetch /deprecated/ webmail with a pop access.
services.mail.freepopsd = {
- enable = true;
+ # Damn, I've ported something which is no longer used ...
+ enable = false;
port = 1110;
};
@@ -94,7 +98,7 @@
enable = true;
maxStartDelay = 120;
ups.iPEL1000 = {
- driver = "megatec_usb";
+ driver = "blazer_usb";
port = "auto";
description = "USB UPS device";
};
@@ -137,4 +141,17 @@
enable = true;
user = "nicolas";
};
-}
\ No newline at end of file
+
+ ## Advertise the server hostname to quickly identify the network
+ jobs.advHostname = {
+ description = "Advertise hostname";
+ exec = ''${pkgs.socat}/bin/socat TCP-LISTEN:5556,fork
EXEC:${pkgs.nettools}/bin/hostname,pty,stderr'';
+ };
+
+ ## security
+ services.openssh = {
+ enable = true;
+ permitRootLogin = "no";
+ };
+
+}
_______________________________________________
nix-commits mailing list
[email protected]
http://mail.cs.uu.nl/mailman/listinfo/nix-commits
