Merge branch 'master' into staging/17.09

author: lassulus <lassulus@lassul.us> 2017-10-01 17:54:06 +0200
committer: lassulus <lassulus@lassul.us> 2017-10-01 17:54:06 +0200
commit: d7f65ea679866f24e4ca52b51bd6f068a6b38195 (patch)
tree: 6a09e7cc2a4c9af0507bdc189652c78832a2f952
parent: d973c779eb71749af464edb1ed0216b0d5317eb2 (diff)
parent: e62f376e6177f3efb0e0bcd3aad97a991c3b6d60 (diff)
98 files changed, 2424 insertions, 670 deletions
diff --git a/.gitignore b/.gitignore
index 1ce08211..e1c6ef94 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 /.graveyard
+/TODO
diff --git a/.rsync-filter b/.rsync-filter
index 364a7986..67ec05fc 100644
--- a/.rsync-filter
+++ b/.rsync-filter
@@ -1,3 +1,4 @@
 - /.git
 - /.graveyard
+- /TODO
 P /.version-suffix
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 2ad22f49..7f49f948 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -12,6 +12,7 @@
     <stockholm/krebs/2configs/buildbot-all.nix>
     <stockholm/krebs/2configs/gitlab-runner-shackspace.nix>
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
+    <stockholm/krebs/2configs/ircd.nix>
   ];
 
   krebs.build.host = config.krebs.hosts.hotdog;
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 978bd18e..d2664ef8 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -27,6 +27,11 @@
     initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
     initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
     initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+
+    kernelModules = [ "kvm-intel" ];
+    extraModprobeConfig = ''
+      options thinkpad_acpi fan_control=1
+    '';
   };
 
   fileSystems = {
@@ -65,7 +70,10 @@
   '';
 
   environment.systemPackages = [ pkgs.zsh ];
-  boot.kernelModules = [ "kvm-intel" ];
+
+  system.activationScripts."disengage fancontrol" = ''
+    echo level disengaged > /proc/acpi/ibm/fan
+  '';
   users.users.joerg = {
     openssh.authorizedKeys.keys = [ config.krebs.users.Mic92.pubkey ];
     isNormalUser = true;
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 91aabb71..21ae20ea 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -1,6 +1,7 @@
 { config, pkgs, ... }:
 let
   shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
+  influx-host = "127.0.0.1";
 in
 {
   imports = [
@@ -23,6 +24,58 @@ in
     <stockholm/krebs/2configs/shack/muell_caller.nix>
     <stockholm/krebs/2configs/shack/radioactive.nix>
     <stockholm/krebs/2configs/shack/share.nix>
+    {
+      systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate
+      #systemd.services.telegraf.environment = {
+      #  "MIBDIRS" : ""; # extra mibs like ADSL
+      #};
+      services.telegraf = {
+        enable = true;
+        extraConfig = {
+          inputs = {
+            snmp = {
+              agents = [ "10.0.1.3:161" ];
+              version = 2;
+              community = "shack";
+              name = "snmp";
+              field = [
+                {
+                  name = "hostname";
+                  oid = "RFC1213-MIB::sysName.0";
+                  is_tag = true;
+                }
+                {
+                  name = "load-percent"; #cisco
+                  oid = ".1.3.6.1.4.1.9.9.109.1.1.1.1.4.9";
+                }
+                {
+                  name = "uptime";
+                  oid = "DISMAN-EVENT-MIB::sysUpTimeInstance";
+                }
+              ];
+              table = [{
+                name = "snmp";
+                inherit_tags = [ "hostname" ];
+                oid = "IF-MIB::ifXTable";
+                field = [{
+                  name = "ifName";
+                  oid = "IF-MIB::ifName";
+                  is_tag = true;
+                }];
+              }];
+            };
+          };
+          outputs = {
+            influxdb = {
+              urls = [ "http://${influx-host}:8086" ];
+              database = "telegraf";
+              write_consistency = "any";
+              timeout = "5s";
+            };
+          };
+        };
+      };
+    }
 
   ];
   # use your own binary cache, fallback use cache.nixos.org (which is used by
@@ -86,6 +139,9 @@ in
   boot.loader.grub.version = 2;
   boot.loader.grub.device = "/dev/vda";
 
+  # without it `/nix/store` is not added grub paths
+  boot.loader.grub.copyKernels = true;
+
   fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
 
   swapDevices = [
@@ -100,6 +156,7 @@ in
   users.extraUsers.root.openssh.authorizedKeys.keys = [
     config.krebs.users.ulrich.pubkey
     config.krebs.users.makefu-omo.pubkey
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
   ];
 
   time.timeZone = "Europe/Berlin";
diff --git a/krebs/2configs/binary-cache/prism.nix b/krebs/2configs/binary-cache/prism.nix
index 4813eeb0..46b386e1 100644
--- a/krebs/2configs/binary-cache/prism.nix
+++ b/krebs/2configs/binary-cache/prism.nix
@@ -7,6 +7,7 @@
     ];
     binaryCachePublicKeys = [
       "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
+      "cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI="
     ];
   };
 }
diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix
index c85bac0d..44743b87 100644
--- a/krebs/2configs/hw/x220.nix
+++ b/krebs/2configs/hw/x220.nix
@@ -8,6 +8,8 @@ with import <stockholm/lib>;
 
   hardware.cpu.intel.updateMicrocode = true;
 
+  hardware.opengl.enable = true;
+
   services.tlp.enable = true;
 
   boot = {
diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix
index b0b0b2f6..84b7d9c0 100644
--- a/krebs/2configs/repo-sync.nix
+++ b/krebs/2configs/repo-sync.nix
@@ -15,8 +15,8 @@ let
         post-receive = pkgs.git-hooks.irc-announce {
           nick = config.networking.hostName;
           verbose = false;
-          channel = "#retiolum";
-          server = "ni.r";
+          channel = "#xxx";
+          server = "irc.r";
           branches = [ "master" ];
         };
       });
diff --git a/krebs/2configs/shack/muell_caller.nix b/krebs/2configs/shack/muell_caller.nix
index a39d0cc0..19768cb2 100644
--- a/krebs/2configs/shack/muell_caller.nix
+++ b/krebs/2configs/shack/muell_caller.nix
@@ -6,8 +6,8 @@ let
     name = "muell_caller-2017-06-01";
     src = pkgs.fetchgit {
       url = "https://github.com/shackspace/muell_caller/";
-      rev = "bbd4009";
-      sha256 = "1bfnfl2vdh0p5wzyz5p48qh04vvsg2445avg86fzhzragx25fqv0";
+      rev = "ee4e499";
+      sha256 = "0q1v07q633sbqg4wkgf0zya2bnqrikpyjhzp05iwn2vcs8rvsi3k";
     };
     buildInputs = [
       (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix
index 5a3a788c..8f8440eb 100644
--- a/krebs/3modules/announce-activation.nix
+++ b/krebs/3modules/announce-activation.nix
@@ -35,7 +35,7 @@ in {
     irc = {
       # TODO rename channel to target?
       channel = mkOption {
-        default = "#retiolum";
+        default = "#xxx";
         type = types.str; # TODO types.irc-channel
       };
       nick = mkOption {
@@ -47,7 +47,7 @@ in {
         type = types.int;
       };
       server = mkOption {
-        default = "ni.r";
+        default = "irc.r";
         type = types.hostname;
       };
     };
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix
index dab87792..adbc1ebe 100644
--- a/krebs/3modules/ci.nix
+++ b/krebs/3modules/ci.nix
@@ -133,8 +133,8 @@ in
       irc = {
         enable = true;
         nick = "build|${hostname}";
-        server = "ni.r";
-        channels = [ "retiolum" "noise" ];
+        server = "irc.r";
+        channels = [ "xxx" "noise" ];
         allowForce = true;
       };
       extraConfig = ''
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 42df3f05..48cf7971 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -24,6 +24,7 @@ let
       ./go.nix
       ./hidden-ssh.nix
       ./htgen.nix
+      ./iana-etc.nix
       ./iptables.nix
       ./kapacitor.nix
       ./monit.nix
diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix
new file mode 100644
index 00000000..f6d47f27
--- /dev/null
+++ b/krebs/3modules/iana-etc.nix
@@ -0,0 +1,55 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }: {
+
+  options.krebs.iana-etc.services = mkOption {
+    default = {};
+    type = types.attrsOf (types.submodule ({ config, ... }: {
+      options = {
+        port = mkOption {
+          default = config._module.args.name;
+          type = types.addCheck types.str (test "[1-9][0-9]*");
author	lassulus <lassulus@lassul.us>	2017-10-01 17:54:06 +0200
committer	lassulus <lassulus@lassul.us>	2017-10-01 17:54:06 +0200
commit	d7f65ea679866f24e4ca52b51bd6f068a6b38195 (patch)
tree	6a09e7cc2a4c9af0507bdc189652c78832a2f952
parent	d973c779eb71749af464edb1ed0216b0d5317eb2 (diff)
parent	e62f376e6177f3efb0e0bcd3aad97a991c3b6d60 (diff)