diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/2configs/buildbot-all.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/lass/default.nix | 43 | ||||
| -rw-r--r-- | krebs/3modules/os-release.nix | 7 | ||||
| -rw-r--r-- | krebs/5pkgs/haskell/nix-diff/default.nix | 25 | ||||
| -rw-r--r-- | krebs/5pkgs/haskell/nix-diff/nixos-system.patch | 18 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py | 17 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/electron-cash/default.nix | 64 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/kops.nix | 7 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/stockholm/default.nix | 60 | ||||
| -rw-r--r-- | krebs/5pkgs/writers.nix | 2 | ||||
| -rw-r--r-- | krebs/source.nix | 2 |
11 files changed, 68 insertions, 178 deletions
diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix index 5ea78f22..d85cde17 100644 --- a/krebs/2configs/buildbot-all.nix +++ b/krebs/2configs/buildbot-all.nix @@ -5,6 +5,5 @@ with import <stockholm/lib>; krebs.ci.enable = true; krebs.ci.treeStableTimer = 1; krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts); - krebs.ci.tests = [ "deploy" ]; } diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index e269d1fa..0c3e68c3 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -89,7 +89,7 @@ with import <stockholm/lib>; 60 IN NS ns16.ovh.net. 60 IN NS dns16.ovh.net. 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - 60 IN TXT v=spf1 mx -all + 60 IN TXT v=spf1 mx a:lassul.us -all cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} io 60 IN NS ions.lassul.us. ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} @@ -618,6 +618,47 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; }; + cabal = { + cores = 2; + nets = rec { + retiolum = { + ip4.addr = "10.243.1.4"; + ip6.addr = "42::1:4"; + aliases = [ + "cabal.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAukXm8xPpC6/F+wssYqQbqt1QDwsPrF3TJ9ToLFcN1WgDlhDhjM3A + SuRDMNjRT1fvVTuXyplH5g16eokW/yLOpNnznMS3/VR372pLPEOqfuRf7wAy18jj + rZkW3EO7nyZ8KMb+SXA8Q0KIpHY50Ezh+tqGoTZDICwoK6N5dKLgAZShS55JXwwK + qRG3vyzV3mDjgVyT0FNfyL1/BN1qvJ+tQQ40lEbkcQauMunMzNbH058kAd6H2/0e + LK4JkxI9XpZHE6Pf1epXyClHW7vT7APFRp9gL9tZS/XMC18+aEMFfQrNW9jb3FIq + rU5MfJ7aubboe7dT6CRaRSWpduiKLVzY/JCoGvUziyvmR7qHsQWTEjtNuQX9joc3 + 6iq1o+gmLV0G8Xwq8cEcg5USlLxNsGBQPwYnTG6iTPPHqOv7BKucekE/opnVZseE + fSNCGl1+tGwa3soSMI97LkpQTZxdeqf+jWZve0RbSa2Ihyod91ldFCqi1+PZx68v + yBI0PJamlt+dBx6WQKbPngWYeD8hXo7tg0XVRVa3ZQyX+Mq6uCCb2GM8ewMUPl+A + kcY1osFt6+sdkFGdiv3FMyijAiZumPoPprXC/4SGIsMnkoI4JfSAbTpHi2QuesqR + KMeairdB7XGUYlMvWpDLKN2dbMdRc+l3kDUKT7hALjKeyWS/27WYeK/STxvZXEXi + TZGHopvOFv6wcrb6nI49vIJo5mDLFamAPN3ZjeR20wP95UP7cUUSaTYX49M4lX6U + oL5BaFrcLn2PTvS84pUxcXKAp70FgTpvGJbaWwETgDjW+H+qlGmI/BTejpL7flVs + TOtaP/uCMxhVZSFv9bzo0ih10o+4gtU8lqxfJsVxlf2K7LVZ++LQba/u+XxRY+xw + 3IFBfg34tnO6zYlV8XgAiJ6IUOHUZANsuBD4iMoFSVOig6t5eIOkgXR6GEkP8FBD + rkroRMmxcu4lTCOzWIuAVOxCd4XXguoGQ4HAzpGd5ccdcb8Ev4RYEvNJY7B5tIQZ + 4J0F9ECzJuSu1HvWTL+T6a36d2MDTkXU2IJ2tSHciXqiP+QMMF7p9Ux0tiAq4mtf + luA94uKWg3cSyTyEM/jF66CgO6Ts3AivNE0MRNupV6AbUdr+TjzotGn9rxi168py + w/49OVbpR9EIGC2wxx7qcSEk5chFOcgvNQMRqgIx51bbOL7JYb0f4XuA38GUqLkG + 09PXmPeyqGzR9HsV2XZDprZdD3Dy4ojdexw0+YILg9bHaAxLHYs6WFZvzfaLLsf1 + K2I39vvrEEOy8tHi4jvMk7oVX6RWG+DOZMeXTvyUCaBHyYkA0eDlC6NeKOHxnW/g + ZtN1W93UdklEqc5okM0/ZIke1HDRt3ZLdQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsTeSAedrbp7/KmZX8Mvka702fIUy77Mvqo9HwzCbym"; + }; }; users = { lass = { diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix index 8f71a357..5fbfe661 100644 --- a/krebs/3modules/os-release.nix +++ b/krebs/3modules/os-release.nix @@ -1,8 +1,11 @@ { config, ... }: with import <stockholm/lib>; let - nixos-version-id = "${config.system.nixosVersion}"; - nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})"; + nixos-version-id = if (hasAttr "nixos" config.system) then + "${config.system.nixos.version}" else "${config.system.nixosVersion}"; + nixos-codeName = if (hasAttr "nixos" config.system) then + "${config.system.nixos.codeName}" else "${config.system.nixosCodeName}"; + nixos-version = "${nixos-version-id} (${nixos-codeName})"; nixos-pretty-name = "NixOS ${nixos-version}"; stockholm-version-id = let diff --git a/krebs/5pkgs/haskell/nix-diff/default.nix b/krebs/5pkgs/haskell/nix-diff/default.nix deleted file mode 100644 index df031504..00000000 --- a/krebs/5pkgs/haskell/nix-diff/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl -, nix-derivation, optparse-generic, stdenv, system-filepath, text -, unix, vector -}: -mkDerivation { - pname = "nix-diff"; - version = "1.0.0-krebs1"; - src = fetchgit { - url = "https://github.com/Gabriel439/nix-diff"; - sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k"; - rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d"; - }; - patches = [ - ./nixos-system.patch - ]; - isLibrary = false; - isExecutable = true; - executableHaskellDepends = [ - attoparsec base containers Diff mtl nix-derivation optparse-generic - system-filepath text unix vector - ]; - homepage = "https://github.com/Gabriel439/nix-diff"; - description = "Explain why two Nix derivations differ"; - license = stdenv.lib.licenses.bsd3; -} diff --git a/krebs/5pkgs/haskell/nix-diff/nixos-system.patch b/krebs/5pkgs/haskell/nix-diff/nixos-system.patch deleted file mode 100644 index 03e186aa..00000000 --- a/krebs/5pkgs/haskell/nix-diff/nixos-system.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff --git a/src/Main.hs b/src/Main.hs -index 959ab8e..d3b6077 100644 ---- a/src/Main.hs -+++ b/src/Main.hs -@@ -95,7 +95,12 @@ pathToText path = - underneath `/nix/store`, but this is the overwhelmingly common use case - -} - derivationName :: FilePath -> Text --derivationName = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText -+derivationName p = -+ if Data.Text.isPrefixOf "nixos-system" s -+ then "nixos-system" -+ else s -+ where -+ s = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText $ p - - -- | Group input derivations by their name - groupByName :: Map FilePath (Set Text) -> Map Text (Map FilePath (Set Text)) diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py index da8e2f72..51ac7a07 100644 --- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py @@ -18,20 +18,27 @@ def is_regex(line): myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') return myre.match(line) + line = argv[1] if is_regex(line): last = d.get(usr, None) if last: from subprocess import Popen, PIPE - p = Popen(['sed', line], stdin=PIPE, stdout=PIPE) + p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE) so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) if p.returncode: - print("something went wrong when trying to process your regex: {}".format(se.decode())) + print("something went wrong when trying to process your regex: {}".format(line.strip())) ret = so.decode() - print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) - if ret: - d[usr] = ret + if len(ret) > 512: + print('message to long, skipped') + elif len(ret.split('\n')) > 5: + print('to many lines, skipped') + else: + if last.strip() != ret.strip(): + print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) + if ret: + d[usr] = ret else: print("no last message") diff --git a/krebs/5pkgs/simple/electron-cash/default.nix b/krebs/5pkgs/simple/electron-cash/default.nix deleted file mode 100644 index e51136c6..00000000 --- a/krebs/5pkgs/simple/electron-cash/default.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ stdenv, fetchFromGitHub, python2Packages }: - -python2Packages.buildPythonApplication rec { - name = "electron-cash-${src.rev}"; - - src = fetchFromGitHub { - owner = "fyookball"; - repo = "electrum"; - rev = "a2245ea"; - sha256 = "1a0ym94azfd1yn97n2jcky344ajbj2amr9l6jpx30pqxndffpbgv"; - }; - - propagatedBuildInputs = with python2Packages; [ - dns - ecdsa - jsonrpclib - pbkdf2 - pyaes - pycrypto - pyqt4 - pysocks - qrcode - requests - tlslite - - # plugins - keepkey - trezor - ]; - - preBuild = '' - sed -i 's,usr_share = .*,usr_share = "'$out'/share",g' setup.py - pyrcc4 icons.qrc -o gui/qt/icons_rc.py - # Recording the creation timestamps introduces indeterminism to the build - sed -i '/Created: .*/d' gui/qt/icons_rc.py - ''; - - postInstall = '' - # Despite setting usr_share above, these files are installed under - # $out/nix ... - mv $out/lib/python2.7/site-packages/nix/store"/"*/share $out - rm -rf $out/lib/python2.7/site-packages/nix - - substituteInPlace $out/share/applications/electron.desktop \ - --replace "Exec=electrum %u" "Exec=$out/bin/electrum %u" - ''; - - doInstallCheck = true; - installCheckPhase = '' - $out/bin/electrum help >/dev/null - ''; - - meta = with stdenv.lib; { - description = "A lightweight Bitcoin wallet"; - longDescription = '' - An easy-to-use Bitcoin client featuring wallets generated from - mnemonic seeds (in addition to other, more advanced, wallet options) - and the ability to perform transactions without downloading a copy - of the blockchain. - ''; - homepage = https://electrum.org/; - license = licenses.mit; - }; -} diff --git a/krebs/5pkgs/simple/kops.nix b/krebs/5pkgs/simple/kops.nix new file mode 100644 index 00000000..a6c82f3c --- /dev/null +++ b/krebs/5pkgs/simple/kops.nix @@ -0,0 +1,7 @@ +{ fetchgit, ... }: + +fetchgit { + url = https://cgit.krebsco.de/kops; + rev = "refs/tags/v1.0.0"; + sha256 = "0wg8d80sxa46z4i7ir79sci2hwmv3qskzqdg0si64p6vazy8vckb"; +} diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 4d15e7ac..9afe7951 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -9,7 +9,6 @@ # cmds.deploy = pkgs.withGetopt { - diff = { default = /* sh */ "false"; switch = true; }; force-populate = { default = /* sh */ "false"; switch = true; }; quiet = { default = /* sh */ "false"; switch = true; }; source_file = { @@ -25,65 +24,6 @@ . ${init.env} . ${init.proxy "deploy" opts} - if \test ${opts.diff.ref} = true; then - - system_profile=/nix/var/nix/profiles/system - system_drv_cur=/etc/system.drv - - system_drv_new=$( - ${pkgs.nix}/bin/nix-instantiate \ - -Q \ - -I "$target_path" \ - -E ' - (import <nixpkgs/nixos/lib/eval-config.nix> { - modules = [ <nixos-config> ]; - }).config.system.build.toplevel - ' - ) - - if \test -e "$system_drv_cur"; then - - system_drv_cur_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_cur") - system_drv_new_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_new") - - if \test "$system_drv_cur_c" = "$system_drv_new_c"; then - echo "$0: system up to date" >&2 - exit 0 - fi - - system_drv_cur=$system_drv_cur_c \ - system_drv_new=$system_drv_new_c \ - ${pkgs.utillinux}/bin/script \ - --command ' - ${pkgs.haskellPackages.nix-diff}/bin/nix-diff \ - "$system_drv_cur" "$system_drv_new" - ' \ - --quiet \ - --return \ - /dev/null - - printf 'deploy? [N/y] ' >&2 - read -r REPLY - if \test "$REPLY" != y; then - echo "$0: abort!" >&2 - exit 1 - fi - else - echo "$0: --${opts.diff.long} has no effect because "$system_drv_cur" doesn't exist" >&2 - fi - - new_system=$(${pkgs.nix}/bin/nix-store --realize "$system_drv_new") - - ${pkgs.nix}/bin/nix-env -p "$system_profile" --set "$new_system" - PATH=${lib.makeBinPath [ - pkgs.systemd - ]} \ - "$system_profile"/bin/switch-to-configuration switch - - ${pkgs.coreutils}/bin/ln -fns "$system_drv_new" "$system_drv_cur" - exit - fi - # Use system's nixos-rebuild, which is not self-contained export PATH=/run/current-system/sw/bin exec ${utils.with-whatsupnix} \ diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix index a48fc0f8..23773e17 100644 --- a/krebs/5pkgs/writers.nix +++ b/krebs/5pkgs/writers.nix @@ -57,7 +57,7 @@ with import <stockholm/lib>; passAsFile = [ "text" ]; } /* sh */ '' PATH=${makeBinPath (with pkgs; [ - binutils + binutils-unwrapped coreutils gcc ])} diff --git a/krebs/source.nix b/krebs/source.nix index 7e0ea7e4..0bd797a1 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -24,7 +24,7 @@ in stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "c5bc83b503dfb29eb27c1deb0268f15c1858e7ce"; # nixos-17.09 @ 2018-02-27 + ref = "48856a91c02b456c80c37c863d8610090b38707a"; # nixos-18.03 # 2018-03-24 }; } override |