diff options
| author | tv <tv@shackspace.de> | 2015-07-16 23:22:30 +0200 |
|---|---|---|
| committer | tv <tv@shackspace.de> | 2015-07-16 23:22:30 +0200 |
| commit | 57c520b722f25f384301118046bf9cf182d4edd7 (patch) | |
| tree | 57983c04bb49fe0375300861111a61cede545794 | |
| parent | 447c63edbd403abf026800d10594ed037b4304e9 (diff) | |
Goodbye old world, and thanks for all the fish!
118 files changed, 0 insertions, 8659 deletions
diff --git a/old/Makefile b/old/Makefile deleted file mode 100644 index bef7727c..00000000 --- a/old/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -all:;@exit 23 - -tv-cluster := cd mkdir nomic rmdir wu -deploy-cd:; ./deploy cd -deploy-mkdir:; ./deploy mkdir -deploy-nomic:; ./deploy nomic root@nomic-local -deploy-rmdir:; ./deploy rmdir -deploy-wu:; ./deploy wu root@localhost - -ifndef cluster -cluster := $(LOGNAME) -endif -hosts := $($(cluster)-cluster) -ifeq ($(hosts),) -$(error bad cluster: $(cluster)) -else -.ONESHELL: - -.PHONY: deploy $(addprefix deploy-,$(hosts)) -deploy: - exec parallel \ - -j 0 \ - --no-notice \ - --rpl '{u} s/^.* deploy-(.*)/\1/' \ - --tagstring '{u}' \ - --line-buffer \ - $(MAKE) deploy-{} ::: $(hosts) - -.PHONY: rotate-consul-encrypt -rotate-consul-encrypt: - umask 0377 - mkencrypt() { dd status=none if=/dev/random bs=1 count=16 | base64; } - json=$$(printf '{"encrypt":"%s"}\n' $$(mkencrypt)) - cmd=' - f=secrets/{}/rsync/etc/consul/encrypt.json - rm -f "$$f" - echo "$$json" > "$$f" - ' - export json - exec parallel \ - -j 0 \ - --no-notice \ - --rpl '{u} s/^.* deploy-(.*)/\1/' \ - --tagstring '{u}' \ - --line-buffer \ - --quote \ - sh -eufc "$$cmd" ::: $(hosts) -endif diff --git a/old/README.md b/old/README.md deleted file mode 100644 index 8a72d2fe..00000000 --- a/old/README.md +++ /dev/null @@ -1,32 +0,0 @@ - - -# Turn a Cloud at Cost CentOS-7-64bit server into NixOS - -1. Configure the system (`$systemname`) you'd like to install (see Configuration below). -2. Create new server instance (either Custom or cloudpro) using "CentOS-7-64bit". - Note the servername (something like c731445864-cloudpro-388922936). -3. `cac_login=xxx cac_key=yyy ./infest-cac-CentOS-7-64bit.sh servername:$servername $systename` -4. Enjoy. (`ssh root@$systename`) - -# Configuration - -Configure your system in modules/$systemname -See modules/cd/default.nix as an example. - -Notice that modules/$systemname/networking will be autogenerated (but not committed). - -secrets/$systemname/nix/foo can be accessed as `<secrets/foo>` from within the configuration. - -You might want `secrets/$systemname/rsync/etc/tinc/retiolum/rsa_key.priv`. - -You might want `secrets/$systemname/nix/hashedPasswords.nix`, which looks like - -```nix -_: { users.extraUsers.root.hashedPassword = "XXX"; } -``` - -`XXX` can be generated with e.g. - -``` -mkpasswd -m sha-512 -S $(openssl rand -base64 16 | tr -d '+=' | head -c 16) -``` diff --git a/old/bin/copy-secrets b/old/bin/copy-secrets deleted file mode 100755 index f4049359..00000000 --- a/old/bin/copy-secrets +++ /dev/null @@ -1,69 +0,0 @@ -#! /bin/sh -# -# copy-secrets system_name target -# -set -euf - -system_name=$1 -target=$2 - -nixos_config=$config_root/modules/$system_name -secrets_nix=$secrets_root/$system_name/nix -secrets_rsync=$secrets_root/$system_name/rsync - -if ! test -e "$secrets_rsync"; then - exit # nothing to do -fi - -# XXX this is ugly -# Notice NIX_PATH used from host -# Notice secrets required to evaluate configuration -NIX_PATH=$NIX_PATH:nixos-config=$PWD/modules/$system_name -NIX_PATH=$NIX_PATH:secrets=$PWD/secrets/$system_name/nix -export NIX_PATH - -case $(nixos-query tv.retiolum.enable 2>/dev/null) in true) - retiolum_secret=$(nixos-query tv.retiolum.privateKeyFile) - retiolum_uid=$(nixos-query users.extraUsers.retiolum-tinc.uid) -esac - -case $(nixos-query services.ejabberd-cd.enable 2>/dev/null) in true) - ejabberd_secret=$(nixos-query services.ejabberd-cd.certFile) - ejabberd_uid=$(nixos-query users.extraUsers.ejabberd.uid) -esac - -case $(nixos-query tv.consul.enable 2>/dev/null) in true) - consul_secret=$(nixos-query tv.consul.encrypt-file) - consul_uid=$(nixos-query users.extraUsers.consul.uid) -esac - -(set -x - rsync \ - --rsync-path="mkdir -p \"$2\" && rsync" \ - -vzrlptD \ - "$secrets_rsync/" \ - "$target:/") - -ssh "$target" -T <<EOF -set -euf - -retiolum_secret=${retiolum_secret-} -retiolum_uid=${retiolum_uid-} -ejabberd_secret=${ejabberd_secret-} -ejabberd_uid=${ejabberd_uid-} -consul_secret=${consul_secret-} -consul_uid=${consul_uid-} - -if test -n "\$retiolum_secret"; then - chown -v "\$retiolum_uid:0" "\$retiolum_secret" -fi - -if test -n "\$ejabberd_secret"; then - chown -v "\$ejabberd_uid:0" "\$ejabberd_secret" -fi - -if test -n "\$consul_secret"; then - chown -v "\$consul_uid:0" "\$consul_secret" -fi - -EOF diff --git a/old/bin/genid b/old/bin/genid deleted file mode 100755 index 8e224074..00000000 --- a/old/bin/genid +++ /dev/null @@ -1,11 +0,0 @@ -#! /bin/sh -# usage: genid NAME -set -euf -name=$1 -hash=$(printf %s "$name" | sha1sum | cut -d\ -f1 | tr a-f A-F) -echo " - min=2^16 # bigger than nobody and nogroup, see <nixos/modules/misc/ids.nix> - max=2^32 # see 2^(8*sizeof(uid_t)) - ibase=16 - ($hash + min) % max -" | bc diff --git a/old/bin/netmask-to-prefix b/old/bin/netmask-to-prefix deleted file mode 100755 index 1c4dbeb2..00000000 --- a/old/bin/netmask-to-prefix +++ /dev/null @@ -1,12 +0,0 @@ -#! /bin/sh -set -euf - -netmask=$1 - -binaryNetmask=$(echo $1 | sed 's/^/obase=2;/;s/\./;/g' | bc | tr -d \\n) -binaryPrefix=$(echo $binaryNetmask | sed -n 's/^\(1*\)0*$/\1/p') -if ! echo $binaryPrefix | grep -q .; then - echo $0: bad netmas |