From 3102c977b0736d897ebbbdba89aeb3f7f0211d2b Mon Sep 17 00:00:00 2001 From: Jonas Juselius Date: Thu, 18 Aug 2022 10:36:06 +0200 Subject: [PATCH] fix mail relay and add infiniband pkey --- clusters/stokes/cluster.nix | 62 ++++++++++++++++++++++++++++++------ clusters/stokes/connauthfile | 1 + clusters/stokes/default.nix | 36 ++++++++++++++++++--- clusters/stokes/overlays.nix | 11 +++++++ clusters/stokes/users.nix | 27 ++++++++++++++-- 5 files changed, 119 insertions(+), 18 deletions(-) create mode 100644 clusters/stokes/connauthfile create mode 100644 clusters/stokes/overlays.nix diff --git a/clusters/stokes/cluster.nix b/clusters/stokes/cluster.nix index 98ff163..1ee8e3e 100644 --- a/clusters/stokes/cluster.nix +++ b/clusters/stokes/cluster.nix @@ -12,6 +12,10 @@ let configuration = { system.autoUpgrade.enable = lib.mkForce false; + nixpkgs.overlays = [ + (import ./overlays.nix) + ]; + boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; @@ -23,6 +27,9 @@ let ]; }; + services.udev.extraRules = '' + KERNEL=="ibp59s0", SUBSYSTEM=="net", ATTR{create_child}:="0x2222" + ''; console = { font = "Lat2-Terminus16"; @@ -30,14 +37,49 @@ let }; i18n = { - defaultLocale = "en_DK.UTF-8"; + defaultLocale = "en_US.UTF-8"; extraLocaleSettings = { - LC_TIME = "en_DK.UTF-8"; + LC_CTYPE="en_DK.UTF-8"; + LC_TIME="en_DK.UTF-8"; + LC_PAPER="en_DK.UTF-8"; + LC_NAME="en_DK.UTF-8"; + LC_ADDRESS="en_DK.UTF-8"; + LC_TELEPHONE="en_DK.UTF-8"; + LC_MEASUREMENT="en_DK.UTF-8"; + LC_IDENTIFICATION="en_DK.UTF-8"; }; }; time.timeZone = "Europe/Oslo"; + programs.msmtp = { + enable = true; + accounts = { + default = { + auth = false; + tls = false; + tls_starttls = false; + port = 24; + from = "stokes@regnekraft.io"; + host = "smtpgw.itpartner.no"; + # user = "utvikling"; + # password = "S0m3rp0m@de#21!"; + }; + }; + defaults = { + aliases = "/etc/aliases"; + }; + }; + + environment.etc = { + "aliases" = { + text = '' + root: jonas.juselius@oceanbox.io + ''; + mode = "0644"; + }; + }; + features = { os = { # boot.uefi = true; @@ -47,14 +89,6 @@ let "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCk5EKXxo/KLogjqSxSf/GkQdZ30UxB3wXc5k6Y6RRKQ/5iJ+XyYTbuqYOUp30p54apZzbayU2icahE/upr754lQicQwJtOXW/Iut57VRhSpq4P+mKCIdT58xCUkAZYr8Aja8UjHlYeJgFvp023K/fqmwbapu8R1gh4bzXm7uU1XeJoYfuOb+Cb8NGMn1ICrw2aztA0yVOXZ7tyJd2qyr1+6PuM/Ca2nKN4wLIX2vwyN3vZjR15nkIaHQGlTaJlNk2NEG1YTxsIQ9axDjNtyL80kjUr5M8zxW6s0h3451zr1b21EetP1i+1POIjS9uWXv5iabF+1Qb1GaS4FAYzzpqNY+moLzY7Zqfi05MPsMYkNoZ1Kg5aj0IuZb0OM9i6ZJrFs9nYAGG0uLSUTfrs957f9nokFyILGYg5xY46YN3uQrqfZifvcR0KaEdxEKvnfq0qrNG3uYLR/OYm2yblRcNbWgDoQ1hH7qa9uJM2JrPM07s4sJGkqfAib8Hwz9+l7jMrL6KIGUOA4aX0B1KZaIKKiZa42WlgdbeA17aW3laIqS5mZCkI3pLMYZAxe+A6rQi+V8ZAvDSyOL/Vws3lboXaN5QLu17R8uCY7MkIAvRBiZSpdWNeX3JO5m6zexkxkrFlxyEBf+ott4ATSw+eMYMs8i5xQRqPjgO1cABWkUdGpw== martin.moe.carstens@itpartner.no" ]; docker.enable = false; - - mailRelay = { - enable = true; - adminEmail = "jonas.juselius@tromso.serit.no"; - mailDomain = "itpartner.no"; - mailGateway = "smtpgw.itpartner.no:465"; - mailAuthUser = "utvikling"; - }; }; cachix.enable = false; @@ -135,6 +169,13 @@ let systemd.services."serial-getty@ttyS0".enable = true; + environment.etc."beegfs/connauthfile" = { + source = ./connauthfile; + mode = "0400"; + uid = 0; + gid = 0; + }; + nix = { maxJobs = 32; trustedUsers = [ "@wheel" ]; @@ -217,6 +258,7 @@ let openssh-shosts = pkgs.openssh.overrideAttrs (attrs: { buildFlags = [ "SSH_KEYSIGN=/run/wrappers/bin/ssh-keysign" ]; + doCheck = false; # the tests take hours }); myvnc = diff --git a/clusters/stokes/connauthfile b/clusters/stokes/connauthfile new file mode 100644 index 0000000..8c58a28 --- /dev/null +++ b/clusters/stokes/connauthfile @@ -0,0 +1 @@ +Elt8pIV7F5(MtsDٝX%N:@(9s6]*q;SYbˤkhd1mk