diff options
67 files changed, 1747 insertions, 634 deletions
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 53fe0839..0adcec3d 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -40,11 +40,12 @@ let }; }; - fetchWallpaperScript = pkgs.writeScript "fetchWallpaper" '' - #! ${pkgs.bash}/bin/bash + fetchWallpaperScript = pkgs.writeDash "fetchWallpaper" '' + set -euf mkdir -p ${shell.escape cfg.stateDir} - curl -s -o ${shell.escape cfg.stateDir}/wallpaper -z ${shell.escape cfg.stateDir}/wallpaper ${shell.escape cfg.url} + cd ${shell.escape cfg.stateDir} + curl -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper ''; diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 9596229d..4b99873a 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -20,6 +20,7 @@ let flatten length hasAttr + hasPrefix mkEnableOption mkOption mkIf @@ -123,7 +124,7 @@ let buildRule = tn: cn: rule: #target validation test: - assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))); + assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))) || hasPrefix "REDIRECT" rule.target; #predicate validation test: #maybe use iptables-test diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index b4686894..dddbe881 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -12,6 +12,7 @@ with config.krebs.lib; aliases = [ "dishfire.internet" ]; + ssh.port = 45621; }; retiolum = { via = internet; @@ -40,10 +41,11 @@ with config.krebs.lib; cores = 2; nets = rec { internet = { - ip4.addr = "162.252.241.33"; + ip4.addr = "104.233.79.118"; aliases = [ "echelon.internet" ]; + ssh.port = 45621; }; retiolum = { via = internet; @@ -79,6 +81,7 @@ with config.krebs.lib; aliases = [ "prism.internet" ]; + ssh.port = 45621; }; retiolum = { via = internet; @@ -143,6 +146,7 @@ with config.krebs.lib; aliases = [ "cloudkrebs.internet" ]; + ssh.port = 45621; }; retiolum = { via = internet; @@ -174,6 +178,7 @@ with config.krebs.lib; gg23 = { ip4.addr = "10.23.1.12"; aliases = ["uriel.gg23"]; + ssh.port = 45621; }; retiolum = { ip4.addr = "10.243.81.176"; @@ -205,6 +210,7 @@ with config.krebs.lib; gg23 = { ip4.addr = "10.23.1.11"; aliases = ["mors.gg23"]; + ssh.port = 45621; }; retiolum = { ip4.addr = "10.243.0.2"; @@ -257,6 +263,33 @@ with config.krebs.lib; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWlIxkX41V55Yker8n4gErx2xcKpXFNKthhbP3+bTJ7"; }; + shodan = { + cores = 2; + nets = { + retiolum = { + ip4.addr = "10.243.0.4"; + ip6.addr = "42:0:0:0:0:0:0:50d4"; + aliases = [ + "shodan.retiolum" + "shodan.r" + "cgit.shodan.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA9bUSItw8rEu2Cm2+3IGHyRxopre9lqpFjZNG2QTnjXkZ97QlDesT + YYZgM2lBkYcDN3/LdGaFFKrQQSGiF90oXA2wFqPuIfycx+1+TENGCzF8pExwbTd7 + ROSVnISbghXYDgr3TqkjpPmnM+piFKymMDBGhxWuy1bw1AUfvRzhQwPAvtjB4VvF + 7AVN/Z9dAZ/LLmYfYq7fL8V7PzQNvR+f5DP6+Eubx0xCuyuo63bWuGgp3pqKupx4 + xsixtMQPuqMBvOUo0SBCCPa9a+6I8dSwqAmKWM5BhmNlNCRDi37mH/m96av7SIiZ + V29hwypVnmLoJEFiDzPMCdiH9wJNpHuHuQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC9vup68R0I+62FK+8LNtwM90V9P4ukBmU7G7d54wf4C"; + }; }; users = { diff --git a/krebs/3modules/lass/default.pgp b/krebs/3modules/lass/default.pgp index 38e2fa8d..6d985f0e 100644 --- a/krebs/3modules/lass/default.pgp +++ b/krebs/3modules/lass/default.pgp @@ -1,52 +1,51 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2 -mQINBFSZ3/oBEADYvRPoLdDkASIArXyWR5ccugJQURxMDgphAGrvj6qskSkn0chF -gnc/kcQr4aVTaDFdonSyHjYvspDOZm5BgHAICCu1PL8rkMTGS+vHM5dlwnok6IKy -e2aLjLPq5sHyp4+Zeq1eHe5TQ1cgN0cPdMMnEHd8GQke21pRQ5Vz79s8qRfWlt1Y -+OQ5uY/52iZ9qJ11/N4bPPe/Zm63sRTpGw14i8UCgBAsMQOG1XPUX2/IJc1CC9+1 -Ohn/hPCbIdCbwOs7/HFFMRWmV6w4ul9gr7Js0owkWAS8FNOactS2i2SSwdONetKs -UbCVQ1PubPBZvh2Vij/oUBK5BvfNDR6nRYhOjYbt6PW/Q6bjqGecjnlO98dpcqag -+8bdl1JY9FpE4RzfuRgAFjVbtNztrmm9t6EuOHGZ5ec34TG9+i02ixh0YTEDK/Yt -my2MfIbGUbeIYRKJscqgxKkL6nv4x0lOvs8nDiUmqztGdSdTGni+BAWZz3+1xaJH -DTyQ36qYauBb5FWneRTBeagrDOAvvk/WxS+fMFZpnQovevOQBqxEL62fntikmMFn -ddPgq7R1VPdivvr+BO8yMI8i45Vn9EzIJR02WAp7oAsT966yzopVT4JLT8++CVPh -/VBrFID9yRyWjW5IJPsMsOt7z3UJaP08ua0UG4uVqo6dT6IdR8jKKxYdvwARAQAB -tCBsYXNzdWx1cyA8bGFzc3VsdXNAYWlkc2JhbGxzLmRlPokCPQQTAQoAJwUCVJnf -+gIbAwUJBaOagAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRAyqvthRFEnnviI -D/95QdNgttsly9CUeHKGfNGlJ2NgDepqob/VR2385q7cXCbFftRIsD0vaWYfsQ87 -kbKs3fpeHz8teKqZtMnXYkPIaSK0TcoaqQtyfkmj+agP2YRSkNYonlmmCiCWkodP -2VnnmRUSwHcgxS14xsUHh13JXsU5nTHDAdJqOxUX6l6Lxb989h7Q8wTn5SX1XRVd -0U5P7fNXKvVF34J6uGyWraxQLOqJEEzi82F/61hbI6zVPhxu/R+qmiSqgHIlp0ax -u+8u3eyDVP1q95AMPaL1GsNYDcSl5njbkEbruSmjVcO99cD1ZLAODFJuaa+h/IvQ -HoPnFL3hRo0SHt/RimokboJL7nx5jT/0y+FtGuPMVKUqiLApOfoeWeHWVKgMLV/0 -1+O4jEDRMNSIClI2YHdgyuQPBuHkaYXrrpDpJnYDEz2qAiijx+xIAPzifxebuVFV -NQl/XnXlzTmYrt0GHfCrNZa/ZtsqQqnJSRpydjey+ATGgs+3Oqa6z8lHhYx83ST2 -cGsUmSnzk0TnxXmqwWxb3aGA0kO50atrObWwNXud7n3hu4V0FWwfHXUk8gJxtMN6 -IenjLcI0WyLwSKvTazF6GSgtUhwNgON88eiqLS8CWdop4CEyEUfxFoZeQoS72Yzq -4pSOYPnbRDcBn2zkYaWyCTmf9qvWbZOu0Sl2lfy9n5LiKrkCDQRUmd/6ARAAq+Mt -/9LohA9Qnz/GjE504h38G3USXgEV9/ctr2PXkc2onW67u45trLSYLyCK6kDq3VIN -/3uLt8Pr+IL41NntW1exRtqohVeKI38CCqR5RP9tVxLkyxnpA/SPpSvOjWhyBkph -MRXYta1+nBHwxSaPcc2e+15pk/cYgg0cTY7Nvgo+wL4bgI+b2OHwwIwRov/t4aim -0y63OaCG82NqWrX7i2ONaR8RsZ8RHLnC+TyFaoj0mdp+vp4WFwxbqcIq+Vvn1m5j -gPlkzXK4Yrykp2IULGuj+qZyS043FzZYhbxZoE85zIMtQ5gV/ktaP25+YsU1bwb9 -75FQvdMM827bbOJJ67/l96asQNg1TMzosL8/t9xLPDry4YYu8kRIPZgKWvT0Eg1Q -AWzWJCXplTdPlhj660OCGuuyv/XJIbhqtBVZhIyR7gs6EZHZ6FHax7F41fEWGgSv -WVAMrjrnG4XYAyCP1yiW1i7/ogCzKXYvV42tzBFuPcza6jhBnU17w5E7nwYaEWgA -02Ai7aTK9WDAi8j8emQ8XppU9hqEILSvR5tG4R0YOAUbIUplIpnpf8KcEhNy48ei -MuhiTJBjPyu7bRJoZXvipNPjqhESGlvrcr1QKuEqPLRcfLo3DOt3zgxBqOZZGHKL -ckaud05wevMPK09F7taLgwBCHOmAxiMa5NQVjL8AEQEAAYkCJQQYAQoADwUCVJnf -+gIbDAUJBaOagAAKCRAyqvthRFEnngGYD/wP77ax6yczKT/AHEvqyMMRPigLHIHy -XIWt8uNKwbn1RTXuH9Nj1rtVuj7ck4jscNwmDYeT52ZDxHQjLHWgAG0CBq6afdBi -VwLur6M7jv0EwY/SMed+QD1+a59kiO8+difwLDF+Q50lYQ4fmSGsfdQ4Qxesm92r -Y1Q/xFg1K9MNZbItpzYTE4P+ii4kU5BnWwExX2OEhhlrNUjJhA30HvvUID6bsguq -Jl7mWnGpS5YYqPxiABNI++TzYXQvP95nWGROvdx2vSPuJ756S8VJ81LL7BmQyQzq -8S/ciHjmgtgLRyncqqXl1uJBqtK+50vEFHxJrANdDNzD+K4S7+23DpRsmEl/2ECQ -laGsU6HtYbnr+hc1alE4uNMEN1/a75EFI59BISnUm8jIy1nLhcIXMhFh4JuG7kGk -2ePa4Gv2DafMR8N0WYPIhP3LIIDP0s9gv2QSA+5BmI9OhZDkz9Ubuut1+PMfWCXm -aNmF2Bh8puTffsFxGJSiQ4CXDzuNRqMR5wB0OCnB/WAnuZhRAJhXmgR8FJY+EvTN -PcA1QZIZ0hQGVf8eJ5Gx4W1w2Q6mQCGnCy1XtEkZP0BOP0Or5CMtqP/VSuwaF4wh -4FLYTOLZ7oDr2ErK/bhnpuoPoUU0y3n7AG/nhtmqenlMPLWB246XnEoJMb6Ar8vW -It6jrzDh3+COSQ== -=0gFT +mQINBFcWQhEBEADwt+hHRZxZx05USejn4x5LVWqqg5I2nIzjwI8pVyBra2AmXaMA +SAImFk1W6oM35rwYmez6TG8QC7RPRUrMHX2aAdDwJ/VtU/b87q0ICwlMxYUnikg1 +tsHV4kRB7ukm+Rs0ECMqZzjwdlbiEEfQ6VPUrIBzDHeD0idkC82DonZ6xe083klH +LpO36ckBOtyaoZZspzRu5yB76vsbeviVqsQ9WTQ8GoQk1i6FUbTbtOlvjhtx05Rk +ic66RrfFSM/ElLe5yA96kZd7m/Sn9WIRwRj3clxnT1vAVpMlpISsTutEQtuG3MDX +tT3EPVSSZEEcY1xxlJF+u1JZu4QqqtH+nczjshv+z3HZdmGd7OGqmgI8D3Ly/Ufi +Uyz+ewZbhbgy/XSHqwriUbnMuE9OKxx0LqlQLA59+/icT+upW4TexiHKd6PYeSeJ +kCxUEAmzqxsnilmwbehQrmmhI7uzxT8YxNGjF5mRJ1zOY55praTMKlp3MOxKvVPn +EZSyWm/22CuUZZEX0XR6TBgkL71VoGrlaezADzhHu9i5yBwbNCuiE2CYcS5IuDf+ +GkoKGtWeLbXTXccWOaIItSzlVUcJx3D009kTXeLEo2T1RPpz41LMvqWkUlZg4CA1 +zMAcudsXDtXGJEvS3dZAaiUUdASktzNL/ltuW/CXITJ0V7UjmA0pOyLDOQARAQAB +tBlsYXNzdWx1cyA8bGFzc0BsYXNzdWwudXM+iQI3BBMBCAAhBQJXFkIRAhsDBQsJ +CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEInoKVKXan5NFVsP/RfU4dychz5eadnN +/iCybL2eXCkpNbSJaPVqKKmBqY4oDEqK0NekwgOiWXFuFI6BpNyTW5z1a2PaBgF2 +bG5K/k/aGnzUUqH+LhtMCYr90UjJPtsrgi+C5poL4e2EsPN1SASSOSYFtYY1EQCe +NcYut2foM/PjviJKuS9t/kJxmZn8Vi3+qQKSwys219IQuXqos44aihjnwEL+TR6D +MgcDCW2QSCqB5kfksjustSihDck8ZkT+nISTrSdZVPzROcyBeswN/UqjOUBZd1p1 +sO7SqDaBnzovRD3G4kyscepPWChnOFCIq9tuE2Mai2QliQ4q1Bn0+8uhLPLG+nQI +leL/6pFXY9ecjmpqrSAXEysDUgfpiqJzDtv8WC3fY7wl88/ROiHrgF8x5P4PmUMl +oTfe+BGQar6BNV3rStPsW6Ogm6Mu6WNVXCRIJboM+ev3JdVSGF/ehnmb06EGCIrI +ahWbMViDSAjOvM92By/RJkP8ADCN2ezvdf86Ubyib5EyRoleu0WHvtO1mLQn0pIP +cYCGXrnQlkduC7ENS942hLUq976LPH1ZatM26gaN1MKxN03v+6e9E6jtxUH3wWk1 +oDGddTl+zu4fqUxEAA391sPMhp+DTVxXmPKvpnJivKAsL2Hkg0vKQt6VQNEv2Lgm +G8vdqOcapWLBcddR9d0DpFgkZNQCuQINBFcWQhEBEADgv6HfZQyxuiFpHQbt59s4 +7mA4AmzgjA1GiS73xo16qjwLieKPJWlrgPk4OOwqQpdygZ9LAhH+FIqcGo4wCNKL +1qiMQeQcFOACvLOfxpv8F1TkOc9IbQUoMPxXEYRK/c0ZtaWpe8dy4QL3tDwS/ovk +sCZBpvXdpJXDuccfTQ23UPozWKs21JAIKqbO7p5n86VGr0Co07xmBsxOK6ylK8YM +ftBjugfbxfmFApW2lAsjeDe7J5RY6W5NaeMg/IxTy6wkfoz1UjwtQaRvp1XbWqPz +Ib+mx8AeRQQXzuVKxS20ZVgazSZHg1PYu9PoKTIWK0NLd68CydcQ4q6F3PjNytFH +tDM13q5kWmTU0yFy2OWvy4JAq2z02C+Z+/+nffp0ZfsdEeVNm5ZvlDLmOYMWFzDj +OScYgBYIAvAs3pYV+xl6pxvdTyI3JXed7Q889e36TC3mwUIR4sL+oOfctA7Swzkr +aU8uMCwIE6ppGsxIcXQt15sUjgM5THXzAQXVkbM8i1x9F0JjP7bFMWcIP1pmqcaO +6znM2D/wocY+RO3xYj0GLFgRBW2O/pJUWrWHInpO3mrwZeRMGZix5nZH8U6cvfD5 +9SwIVdyKj6sZklcS2JJclBDrAudYUbckAuV7KI1ZWcU4kVS3joYdWcFQO3vOxJW5 +mGXML9roJXeXN664iNBgpQARAQABiQIfBBgBCAAJBQJXFkIRAhsMAAoJEInoKVKX +an5NGhcP/jkeR/fYPYuYEUWLGBxq2hFhwMssiJ+pwx5Nj+Kh9rLm90LBLCcwBVu0 +ILbaePkPCmin8p9F+AOy11DsWb5lBrlyUqU6+ID9nY/WbNL5ZYl6zIBmuYQ5qFEA +n5NQD6hLllC6wyOqIeKXrnkvFJMW8+W0aYRQh7hhpAzyJz9gawXWvWY45NhWl3Tm +S3LfJbA5nM6uZvO0VU7LERgfwTgPSjMwYVQGtktndy9N4Avi1N02l5BEmuZoXwTC +oQuW6LiAPGE2ztXztyNGnUYUAGMWl22UTezqfU/aOG9Qum+QebwTgBUH4pTgLiV/ +pWxXib517wGkect/0Yd+zcya8lA7x1EzFFMb3i4ToawIz76I2ncIlpC2q31x2nVI +6fBW4kfu8AR7XW9Yyv+plIuva1AeTf+sMc7FSb5CpOmjjLpUfQ96vZvQwarcEip7 +UmOBoAoFdhtwJotskBOje52AUgDIBWZrIfH1bq7/NjAO73UdR1mJkOpY01qQXkED +TiLeIBGYqseCbnJNi1PVOVNEOT4Up3/RSjpAu8dBrXKqx7yS8bKlVk3RsIDlgyb4 +rWMc88uBl57YsjSnQN36LN7j0hPpb0TAD1OsPI1pepsKUAPZKA2EAyLXKyQ3oLqN +DWU4ZWpIi8+RKm3UpWgQ9qN4tuRHvVX/AQjEW1LkhfmR2VIqnrkv +=fgFG -----END PGP PUBLIC KEY BLOCK----- diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 814e6929..a6d4597f 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -479,12 +479,12 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA961eCQE562VPYjuZtd0+FNRfUghvD2ccjUlihMjzg46GAK+duqK+ - 4peWklGOL4eRYQBg6G2VDzWiU2MxXVbXUZaMrxh7fTc3G3LdbqTxzAv3GQKR/6iA - 9bGUf6u4ztVNAcj2mrY3mfs4gMlBQyQ2wcM0ZUpiAMaRB4cdq7I4GVHbYTFYfQuI - 2zdnr0w8AjlMpFFcD0ExsWeppiJsE7iiME/S2VVfh2NrEpAKQbLH9fKrfkiJA/+9 - 0VIH9wLLIYngUtQKbvEQ5xgx6ybrg0vO8ZqZ1ZGXYxOQZzWzPP0tvDU0QHSKYSWb - FjcOf1lWSWjsjHxMl/Gh57hjNJFCbs8yjQIDAQAB + MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d + fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs + e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1 + KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99 + oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf + wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB -----END RSA PUBLIC KEY----- ''; }; diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index 13da5c4c..93a7d229 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -26,7 +26,10 @@ let environment = { etc = flip mapAttrs' cfg (name: { packages, ... }: { name = "per-user/${name}"; - value.source = pkgs.symlinkJoin "per-user.${name}" packages; + value.source = pkgs.symlinkJoin { + name = "per-user.${name}"; + paths = packages; + }; }); profiles = ["/etc/per-user/$LOGNAME"]; }; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 5aaeb5a3..5a035fa5 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -102,6 +102,10 @@ let The list of hosts in the network which the client will try to connect to. These hosts should have an 'Address' configured which points to a routeable IPv4 or IPv6 address. + + In stockholm this can be done by configuring: + krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.addrs4 = + [ "${external-ip} ${external-port}" ] ''; }; diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index bcc894b2..c96e7153 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -36,6 +36,19 @@ with config.krebs.lib; ReaktorPlugins = callPackage ./Reaktor/plugins.nix {}; + buildbot = callPackage <nixpkgs/pkgs/development/tools/build-managers/buildbot> { + inherit (pkgs.pythonPackages) twisted jinja2; + dateutil = pkgs.pythonPackages.dateutil_1_5; + sqlalchemy_migrate_0_7 = pkgs.pythonPackages.sqlalchemy_migrate_func (pkgs.pythonPackages.sqlalchemy7.override { + doCheck = false; + }); + }; + + # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d + symlinkJoin = { name, paths, ... }@args: let + x = pkgs.symlinkJoin args; + in if typeOf x != "lambda" then x else pkgs.symlinkJoin name paths; + test = { infest-cac-centos7 = callPackage ./test/infest-cac-centos7 {}; }; diff --git a/krebs/5pkgs/fortclientsslvpn/default.nix b/krebs/5pkgs/fortclientsslvpn/default.nix index 602766f4..11d56740 100644 --- a/krebs/5pkgs/fortclientsslvpn/default.nix +++ b/krebs/5pkgs/fortclientsslvpn/default.nix @@ -5,6 +5,10 @@ stdenv.mkDerivation rec { # forticlient will be copied into /tmp before execution. this is necessary as # the software demands $base to be writeable + # mkdir /etc/ppp ; touch /etc/ppp/options + ## i still have not found which tool uses tail ... i tried redirecting it in forticlientsslvpn and subproc + # ln -s /run/current-system/sw/bin/tail /usr/bin/tail + src = fetchurl { # archive.org mirror: # https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz diff --git a/krebs/5pkgs/repo-sync/default.nix b/krebs/5pkgs/repo-sync/default.nix index 789c03f3..7cba87b0 100644 --- a/krebs/5pkgs/repo-sync/default.nix +++ b/krebs/5pkgs/repo-sync/default.nix @@ -2,7 +2,7 @@ with python3Packages; buildPythonPackage rec { name = "repo-sync-${version}"; - version = "0.2.5"; + version = "0.2.6"; disabled = isPy26 || isPy27; propagatedBuildInputs = [ docopt @@ -11,7 +11,7 @@ with python3Packages; buildPythonPackage rec { ]; src = fetchurl { url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz"; - sha256 = "1a59bj0vc5ajq8indkvkdk022yzvvv5mjb57hk3xf1j3wpr85p84"; + sha256 = "1hqa9qw9qg7mxgniqzys9szycs05llg4yik8a9wz94a437zzarsk"; }; meta = { homepage = http://github.com/makefu/repo-sync; diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix index 6cfba567..a3cc9d7b 100644 --- a/lass/1systems/cloudkrebs.nix +++ b/lass/1systems/cloudkrebs.nix @@ -8,11 +8,13 @@ in { imports = [ ../. ../2configs/os-templates/CAC-CentOS-7-64bit.nix - ../2configs/base.nix + ../2configs/default.nix + ../2configs/exim-retiolum.nix ../2configs/retiolum.nix - ../2configs/fastpoke-pages.nix ../2configs/git.nix ../2configs/realwallpaper.nix + ../2configs/realwallpaper-server.nix + ../2configs/privoxy-retiolum.nix { networking.interfaces.enp2s1.ip4 = [ { diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix index c7d016cd..b5e55195 100644 --- a/lass/1systems/dishfire.nix +++ b/lass/1systems/dishfire.nix @@ -4,9 +4,9 @@ imports = [ ../. <nixpkgs/nixos/modules/profiles/qemu-guest.nix> - ../2configs/base.nix + ../2configs/default.nix + ../2configs/exim-retiolum.nix ../2configs/git.nix - ../2configs/websites/fritz.nix { boot.loader.grub = { device = "/dev/vda"; @@ -26,10 +26,19 @@ fsType = "ext4"; }; + fileSystems."/srv/http" = { + device = "/dev/pool/srv_http"; + fsType = "ext4"; + }; + fileSystems."/boot" = { device = "/dev/vda1"; fsType = "ext4"; }; + fileSystems."/bku" = { + device = "/dev/pool/bku"; + fsType = "ext4"; + }; } { networking.dhcpcd.allowInterfaces = [ @@ -40,6 +49,20 @@ { sound.enable = false; } + { + environment.systemPackages = with pkgs; [ + mk_sql_pair + ]; + |