summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2021-12-08 08:13:30 +0100
committerlassulus <lassulus@lassul.us>2021-12-08 08:13:30 +0100
commit503c0176c1efca72e62ac3b0fee040d776108495 (patch)
tree78b3e8d2499192ec67343ee0eca13e95398dd3ba
parent8d2f6fba252d6885c458c55ba45de8cc8a828ee6 (diff)
parent78930db930a3f222feb72d344ff4f9f581bcfad9 (diff)
Merge remote-tracking branch 'gum/21.11' into 21.11
-rw-r--r--krebs/3modules/airdcpp.nix1
-rw-r--r--krebs/3modules/urlwatch.nix2
-rw-r--r--krebs/nixpkgs.json1
-rw-r--r--makefu/1systems/gum/config.nix2
-rw-r--r--makefu/1systems/omo/config.nix2
-rw-r--r--makefu/2configs/bureautomation/zigbee2mqtt/default.nix2
-rw-r--r--makefu/2configs/dcpp/hub.nix47
-rw-r--r--makefu/2configs/deployment/gecloudpad/gecloudpad.nix4
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix2
-rw-r--r--makefu/2configs/home/ham/mqtt.nix3
-rw-r--r--makefu/2configs/nsupdate-data.nix6
-rw-r--r--makefu/2configs/share/omo.nix2
-rw-r--r--makefu/2configs/tools/android-pentest.nix2
-rw-r--r--makefu/5pkgs/drozer/default.nix1
-rw-r--r--makefu/5pkgs/uhub/default.nix48
-rw-r--r--makefu/krops.nix2
16 files changed, 44 insertions, 83 deletions
diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix
index 4ac6e30e..259f613c 100644
--- a/krebs/3modules/airdcpp.nix
+++ b/krebs/3modules/airdcpp.nix
@@ -269,6 +269,7 @@ let
home = cfg.stateDir;
createHome = true;
isSystemUser = true;
+ group = "airdcpp";
inherit (cfg) extraGroups;
};
groups.airdcpp.gid = genid "airdcpp";
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index 6a159a5b..2e336de2 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -194,7 +194,9 @@ let
home = cfg.dataDir;
createHome = true;
isSystemUser = true;
+ group = user.name;
};
+ users.groups.${user.name} = {};
};
user = rec {
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index e219581a..126c0a32 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -4,7 +4,6 @@
"date": "2021-12-01T16:06:54+01:00",
"path": "/nix/store/88zw2qrbzaq3bnnsmz9qc4lvkwg0168g-nixpkgs",
"sha256": "1dyyzgcmlhpsdb4ngiy8m0x10qmh0r56ky75r8ppvvh730m3lhfj",
- "fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 1cd56994..39c0554e 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -159,7 +159,7 @@ in {
<stockholm/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix>
# <stockholm/makefu/2configs/deployment/systemdultras-rss.nix>
- <stockholm/makefu/2configs/shiori.nix>
+ # <stockholm/makefu/2configs/shiori.nix>
# <stockholm/makefu/2configs/workadventure>
<stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix>
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 6afe792e..0b4aaacb 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -75,7 +75,7 @@ in {
# Logging
#influx + grafana
<stockholm/makefu/2configs/stats/server.nix>
- <stockholm/makefu/2configs/stats/nodisk-client.nix>
+ # <stockholm/makefu/2configs/stats/nodisk-client.nix>
# logs to influx
<stockholm/makefu/2configs/stats/external/aralast.nix>
<stockholm/makefu/2configs/stats/telegraf>
diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
index ba10ae74..b3501979 100644
--- a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
+++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix
@@ -12,7 +12,7 @@ in
services.zigbee2mqtt = {
enable = true;
inherit dataDir;
- config = {
+ settings = {
permit_join = true;
serial.port = "/dev/cc2531";
homeassistant = true;
diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix
index 8b43b2fc..b8ca49b7 100644
--- a/makefu/2configs/dcpp/hub.nix
+++ b/makefu/2configs/dcpp/hub.nix
@@ -39,7 +39,9 @@ in {
home = stateDir;
isSystemUser = true;
createHome = true;
+ group = ddclientUser;
};
+ users.groups.${ddclientUser} = {};
systemd.services = {
ddclient-nsupdate-uhub = {
@@ -83,32 +85,33 @@ in {
isSystemUser = true;
group = "uhub";
};
- users.group.uhub = {};
+ users.groups.uhub = {};
services.uhub.home = {
enable = true;
- port = 1511;
enableTLS = true;
- hubConfig = ''
- hub_name = "krebshub"
- tls_certificate = ${uhubDir}/uhub.crt
- tls_private_key = ${uhubDir}/uhub.key
- registered_users_only = true
- '';
- plugins = {
- welcome = {
- enable = true;
- motd = "shareit";
- rules = "1. Don't be an asshole";
- };
- history = {
- enable = true;
- };
- authSqlite = {
- enable = true;
- file = "${uhubDir}/uhub.sql";
- };
-
+ settings = {
+ server_port = 1511;
+ hub_name = "krebshub";
+ tls_certificate = "${uhubDir}/uhub.crt";
+ tls_private_key = "${uhubDir}/uhub.key";
+ registered_users_only = true;
};
+ plugins = [
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_auth_sqlite.so";
+ settings.file = "${uhubDir}/uhub.sql";
+ }
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_welcome.so";
+ settings.motd = "shareit";
+ settings.rules = "1. Don't be an asshole";
+ }
+ {
+ plugin = "${pkgs.uhub}/plugins/mod_history.so";
+ settings.motd = "shareit";
+ settings.rules = "1. Don't be an asshole";
+ }
+ ];
};
networking.firewall.allowedTCPPorts = [ 411 1511 ];
}
diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
index 7d51dfa0..6f20ff57 100644
--- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
+++ b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix
@@ -11,8 +11,8 @@ with pkgs.python3Packages;buildPythonPackage rec {
src = fetchFromGitHub {
owner = "binaergewitter";
repo = "gecloudpad";
- rev = "master";
- sha256 = "0p9lcphp3r7hyypxadzw4x9ix6d0anmspxnjnj0v2jjll8gxqlhf";
+ rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5";
+ sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb";
};
meta = {
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
index 2f6a26d8..dc28cf4d 100644
--- a/makefu/2configs/gui/wbob-kiosk.nix
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -17,7 +17,7 @@
user = "makefu";
};
displayManager.defaultSession = "gnome";
- desktopManager.gnome3.enable = true;
+ desktopManager.gnome.enable = true;
displayManager.sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms
${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1
diff --git a/makefu/2configs/home/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix
index 0eca1574..c90afff4 100644
--- a/makefu/2configs/home/ham/mqtt.nix
+++ b/makefu/2configs/home/ham/mqtt.nix
@@ -9,8 +9,7 @@
listeners = [
{
port = 1883;
- omitPasswordAuth = true;
- checkPasswords = true;
+ omitPasswordAuth = false;
users.sensor = {
hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg==";
acl = [ "topic readwrite #" ];
diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix
index 2f8f4acc..3b6518f6 100644
--- a/makefu/2configs/nsupdate-data.nix
+++ b/makefu/2configs/nsupdate-data.nix
@@ -28,14 +28,16 @@ let
'';
in {
- users.extraUsers = singleton {
+ users.users.${ddclientUser} = {
name = ddclientUser;
- uid = genid "ddclient";
+ uid = genid ddclientUser;
description = "ddclient daemon user";
home = stateDir;
createHome = true;
isSystemUser = true;
+ group = ddclientUser;
};
+ users.groups.${ddclientUser} = {};
systemd.services = {
ddclient-nsupdate-elchos = {
diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix
index 308142f0..93536b63 100644
--- a/makefu/2configs/share/omo.nix
+++ b/makefu/2configs/share/omo.nix
@@ -14,7 +14,9 @@ in {
uid = config.ids.uids.smbguest;
description = "smb guest user";
home = "/var/empty";
+ group = "share";
};
+ users.groups.share = {};
services.samba = {
enable = true;
shares = {
diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix
index 766aacb9..1f622a8e 100644
--- a/makefu/2configs/tools/android-pentest.nix
+++ b/makefu/2configs/tools/android-pentest.nix
@@ -6,7 +6,7 @@
# mitmproxy
nmap
msf
- drozer
+ #drozer
#dex2jar
apktool
jd-gui
diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix
index 1f353e47..22d720f3 100644
--- a/makefu/5pkgs/drozer/default.nix
+++ b/makefu/5pkgs/drozer/default.nix
@@ -30,5 +30,6 @@ pythonPackages.buildPythonApplication rec {
homepage = https://github.com/mwrlabs/drozer/;
description = "The Leading Security Assessment Framework for Android";
license = lib.licenses.bsd2;
+ broken = true;
};
}
diff --git a/makefu/5pkgs/uhub/default.nix b/makefu/5pkgs/uhub/default.nix
deleted file mode 100644
index e0ee035e..00000000
--- a/makefu/5pkgs/uhub/default.nix
+++ /dev/null
@@ -1,48 +0,0 @@
-{ stdenv, lib, fetchpatch, fetchFromGitHub, cmake, openssl, sqlite, pkgconfig, systemd
-, tlsSupport ? false }:
-
-assert tlsSupport -> openssl != null;
-
-stdenv.mkDerivation rec {
- pname = "uhub";
- version = "2019-06-18";
-
- src = fetchFromGitHub {
- owner = "janvidar";
- repo = "uhub";
- rev = "78a703924064a92cedeb0a5aab5a80d8f77db73e";
- sha256 = "1dqmj08salhbcdlkglbi03hn9jzgmhjqlb0iysafpzrrwi0mca1z";
- };
-
- nativeBuildInputs = [ pkgconfig ];
- buildInputs = [ cmake sqlite systemd ] ++ lib.optional tlsSupport openssl;
-
- outputs = [ "out"
- "mod_example"
- "mod_welcome"
- "mod_logging"
- "mod_auth_simple"
- "mod_auth_sqlite"
- "mod_chat_history"
- "mod_chat_only"
- "mod_topic"
- "mod_no_guest_downloads"
- ];
-
- patches = [
- <nixpkgs/pkgs/servers/uhub/plugin-dir.patch>
- ];
-
- cmakeFlags = ''
- -DSYSTEMD_SUPPORT=ON
- ${if tlsSupport then "-DSSL_SUPPORT=ON" else "-DSSL_SUPPORT=OFF"}
- '';
-
- meta = with lib; {
- description = "High performance peer-to-peer hub for the ADC network";
- homepage = https://www.uhub.org/;
- license = licenses.gpl3;
- maintainers = [ maintainers.ehmry ];
- platforms = platforms.unix;
- };
-}
diff --git a/makefu/krops.nix b/makefu/krops.nix
index fd53f004..1db4401a 100644
--- a/makefu/krops.nix
+++ b/makefu/krops.nix
@@ -77,7 +77,7 @@
(lib.mkIf ( host-src.home-manager ) {
home-manager.git = {
url = https://github.com/rycee/home-manager;
- ref = "fd5fbb0a241f644908cdf01ccd1821d0606fb4fd";
+ ref = "6ce1d64073f48b9bc9425218803b1b607454c1e7";
};
})
];