Merge remote-tracking branch 'prism/master'

author: tv <tv@krebsco.de> 2022-06-28 22:45:06 +0200
committer: tv <tv@krebsco.de> 2022-06-28 22:45:06 +0200
commit: 87ca8682cee6cbc9230971c17590481a95a21f45 (patch)
tree: aba322986cc297b904b64adc80f93a1c1fbddcc0
parent: bce11dce189b4132d7a2f19f473590dea7508e85 (diff)
parent: 64dbf31d70497d6a66f89fdd86ac1884e28f7bc8 (diff)
6 files changed, 72 insertions, 18 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 2d73da88..8ea727dc 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -102,6 +102,7 @@ let
 
   imp = lib.mkMerge [
     { krebs = import ./external { inherit config; }; }
+    { krebs = import ./external/dbalan.nix { inherit config; }; }
     { krebs = import ./external/kmein.nix { inherit config; }; }
     { krebs = import ./external/mic92.nix { inherit config; }; }
     { krebs = import ./external/palo.nix { inherit config; }; }
diff --git a/krebs/3modules/external/dbalan.nix b/krebs/3modules/external/dbalan.nix
new file mode 100644
index 00000000..301f010d
--- /dev/null
+++ b/krebs/3modules/external/dbalan.nix
@@ -0,0 +1,50 @@
+with import <stockholm/lib>;
+{ config, ... }:
+let
+  hostDefaults = hostName: host: flip recursiveUpdate host ({
+    ci = false;
+    external = true;
+    monitoring = false;
+    owner = config.krebs.users.dbalan;
+  } // optionalAttrs (host.nets?retiolum) {
+    nets.retiolum = {
+      ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+    };
+  } // optionalAttrs (host.nets?wiregrill) {
+    nets.wiregrill = {
+      ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+    };
+  });
+in
+{
+  users = rec {
+    dbalan = {
+      mail = "dbalan@thaum.space";
+      pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
+    };
+  };
+  hosts = mapAttrs hostDefaults {
+    v60 = {
+      nets.retiolum = {
+        aliases = [ "v60.dbalan.r" ];
+        ip4.addr = "10.243.42.12";
+        tinc.pubkey = ''
+          -----BEGIN RSA PUBLIC KEY-----
+          MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
+          RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
+          1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
+          uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
+          p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
+          bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
+          I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
+          mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
+          OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
+          AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
+          9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
+          -----END RSA PUBLIC KEY-----
+        '';
+        tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
+      };
+    };
+  };
+}
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index 49d65160..b5f64ae2 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
 {
   "url": "https://github.com/NixOS/nixpkgs",
-  "rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060",
-  "date": "2022-05-24T17:55:48+02:00",
-  "path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs",
-  "sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3",
+  "rev": "f2537a505d45c31fe5d9c27ea9829b6f4c4e6ac5",
+  "date": "2022-06-26T12:26:21+02:00",
+  "path": "/nix/store/d7wgj3chybniji4l6z73a0gh67hxym3b-nixpkgs",
+  "sha256": "1z28a3gqbv62sxahlssc5a722kh46f26f5ss3arbxpv7a1272vf1",
   "fetchLFS": false,
   "fetchSubmodules": false,
   "deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 3e20b2a8..c9e1cd5e 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
 {
   "url": "https://github.com/NixOS/nixpkgs",
-  "rev": "d1086907f56c5a6c33c0c2e8dc9f42ef6988294f",
-  "date": "2022-05-28T12:29:49+02:00",
-  "path": "/nix/store/56gsa390lyiik6jdapnj98a2ww8af8ig-nixpkgs",
-  "sha256": "009dc0njvdn5pzcyd8bp4sc9byf70w4msdkv6q2zfdlnh36im1jl",
+  "rev": "cd90e773eae83ba7733d2377b6cdf84d45558780",
+  "date": "2022-06-26T19:49:46+02:00",
+  "path": "/nix/store/bmaf6x4yxcsvs5wp4rayvai4lw7g6snr-nixpkgs",
+  "sha256": "1b2wn1ncx9x4651vfcgyqrm93pd7ghnrgqjbkf6ckkpidah69m03",
   "fetchLFS": false,
   "fetchSubmodules": false,
   "deepClone": false,
diff --git a/lass/2configs/fysiirc.nix b/lass/2configs/fysiirc.nix
index e12eda42..809298df 100644
--- a/lass/2configs/fysiirc.nix
+++ b/lass/2configs/fysiirc.nix
@@ -10,8 +10,7 @@
       ${write_to_irc} "$(echo "$INPUT" | jq -r '
         "\(.action): " +
         "[\(.issue.title // .pull_request.title)] " +
-        "\(.comment.html_url // .issue.html_url // .pull_request.html_url) " +
-        "by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
+        "\(.comment.html_url // .issue.html_url // .pull_request.html_url) "
       ')"
     fi
   '';
@@ -58,16 +57,16 @@ in {
       case "$Method $Request_URI" in
         "POST /")
           payload=$(head -c "$req_content_length")
-          echo "$payload" >&2
+          raw=$(printf '%s' "$payload" | ${pkgs.curl}/bin/curl --data-binary @- http://p.krebsco.de | tail -1)
           payload2=$payload
-          payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r')
+          payload2=$(printf '%s' "$payload" | tr '\n' ' ' | tr -d '\r')
           if [ "$payload" != "$payload2" ]; then
             echo "payload has been mangled" >&2
           else
             echo "payload not mangled" >&2
           fi
-          echo "$payload2" > /tmp/last_fysi_payload
           echo "$payload2" | ${format-github-message}/bin/format-github-message
+          ${write_to_irc} "$raw"
           printf 'HTTP/1.1 200 OK\r\n'
           printf 'Connection: close\r\n'
           printf '\r\n'
diff --git a/lass/krops.nix b/lass/krops.nix
index ace37888..c8a5b94b 100644
--- a/lass/krops.nix
+++ b/lass/krops.nix
@@ -37,18 +37,22 @@
 
 in {
 
-  deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" {
+  deploy = { target ? "root@${name}/var/src", offline ? false }: pkgs.krops.writeCommand "deploy" {
     command = targetPath: ''
 
-      set -fu
+      set -xfu
 
       outDir=$(mktemp -d)
       trap "rm -rf $outDir;" INT TERM EXIT
 
-      nix build \
+      build=$(command -v nom-build || echo "nix-build")
+
+      $build \
         -I "${targetPath}" \
-        -f '<nixpkgs/nixos>' config.system.build.toplevel \
-        -o "$outDir/out"
+        '<nixpkgs/nixos>' -A config.system.build.toplevel \
+        -o "$outDir/out" \
+        ${lib.optionalString offline "--option substitute false"} \
+        # -vvvvv --show-trace
 
       nix-env -p /nix/var/nix/profiles/system --set "$outDir/out"
author	tv <tv@krebsco.de>	2022-06-28 22:45:06 +0200
committer	tv <tv@krebsco.de>	2022-06-28 22:45:06 +0200
commit	87ca8682cee6cbc9230971c17590481a95a21f45 (patch)
tree	aba322986cc297b904b64adc80f93a1c1fbddcc0
parent	bce11dce189b4132d7a2f19f473590dea7508e85 (diff)
parent	64dbf31d70497d6a66f89fdd86ac1884e28f7bc8 (diff)