3 files changed, 92 insertions, 3 deletions
diff --git a/makefu/5pkgs/Fluffy/default.nix b/makefu/5pkgs/Fluffy/default.nix
new file mode 100644
index 00000000..59a04a52
--- /dev/null
+++ b/makefu/5pkgs/Fluffy/default.nix
@@ -0,0 +1,42 @@
+{ lib, pkgs, python3Packages, ... }:
+
+with python3Packages; buildPythonApplication rec {
+  name = "Fluffy-${version}";
+  format = "other";
+  version = "2.7";
+
+  src = pkgs.fetchFromGitHub {
+    owner = "fourminute";
+    repo = "Fluffy";
+    rev = "v${version}";
+    sha256 = "1l346bklidcl40q91cfdszrfskdwlmfjbmsc3mgs0i8wi1yhvq99";
+  };
+
+  prePatch = ''
+    sed -e "s|/tmp|$HOME/.config/fluffy|" -i linux/fluffy.desktop
+  '';
+
+  installPhase = ''
+    env
+    install -Dm 644 linux/80-fluffy-switch.rules "$out/etc/udev/rules.d/80-fluffy-switch.rules"
+    install -Dm 644 linux/fluffy.desktop "$out/usr/share/applications/fluffy.desktop"
+    install -Dm 644 icons/16x16/fluffy.png "$out/share/icons/hicolor/16x16/apps/fluffy.png"
+    install -Dm 644 icons/24x24/fluffy.png "$out/share/icons/hicolor/24x24/apps/fluffy.png"
+    install -Dm 644 icons/32x32/fluffy.png "$out/share/icons/hicolor/32x32/apps/fluffy.png"
+    install -Dm 644 icons/48x48/fluffy.png "$out/share/icons/hicolor/48x48/apps/fluffy.png"
+    install -Dm 644 icons/64x64/fluffy.png "$out/share/icons/hicolor/64x64/apps/fluffy.png"
+    install -Dm 644 icons/128x128/fluffy.png "$out/share/icons/hicolor/128x128/apps/fluffy.png"
+    install -Dm 755 fluffy.pyw "$out/bin/fluffy"
+    wrapProgram  "$out/bin/fluffy" --set PYTHONPATH "$PYTHONPATH"
+  '';
+
+  propagatedBuildInputs = [
+    pyqt5 pyusb  libusb1 configparser tkinter
+  ];
+
+  meta = {
+    homepage = https://github.com/fourminute/Fluffy;
+    description = "A feature-rich tool for installing NSPs";
+    license = lib.licenses.gpl3;
+  };
+}
diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix
index 70fdfda7..fb722a52 100644
--- a/makefu/5pkgs/ampel/default.nix
+++ b/makefu/5pkgs/ampel/default.nix
@@ -2,7 +2,7 @@
 
 with pkgs.python3Packages;buildPythonPackage rec {
   name = "ampel-${version}";
-  version = "0.2.4";
+  version = "0.2.5";
 
   propagatedBuildInputs = [
     docopt
@@ -16,8 +16,8 @@ with pkgs.python3Packages;buildPythonPackage rec {
 
   src = pkgs.fetchgit {
       url = "http://cgit.euer.krebsco.de/ampel";
-      rev = "04e1c8c38ffe53175ae719121ad88534a8a662db";
-      sha256 = "00jgr3jg2yi91hd7388v8rncfbq8fx8dvr03sg749dzpsg58hfxn";
+      rev = "ce239876820699f02054e71b4fd0950509833379";
+      sha256 = "1ja32lr04lwq4shi49kppa1zzjw0zlqaqy71pr5sbajgp4zj7kh8";
   };
   meta = {
     homepage = http://cgit.euer.krebsco.de/ampel;
diff --git a/makefu/5pkgs/init-host/default.nix b/makefu/5pkgs/init-host/default.nix
new file mode 100644
index 00000000..d1d3f719
--- /dev/null
+++ b/makefu/5pkgs/init-host/default.nix
@@ -0,0 +1,47 @@
+{ pkgs }:
+pkgs.writeDashBin "generate-secrets" ''
+  set -euf
+  HOSTNAME="''${1?must provide hostname}"
+  TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
+  PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
+  HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
+
+  ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
+  ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
+  ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
+  cat <<EOF > $TMPDIR/hashedPasswords.nix
+  {
+    root = "$HASHED_PASSWORD";
+  }
+  EOF
+
+  cd $TMPDIR
+  for x in *; do
+    ${pkgs.coreutils}/bin/cat $x | secrets insert -m $HOSTNAME/$x > /dev/null
+  done
+  echo $PASSWORD | secrets insert -m $HOSTNAME/root > /dev/null
+
+  cat <<EOF
+    $HOSTNAME = {
+      cores = 1;
+      owner = config.krebs.users.makefu;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.0.changeme";
+          ip6.addr = "42:0:0:0:0:0:0:changeme";
+          aliases = [
+            "$HOSTNAME.r"
+          ];
+          tinc.pubkey = ${"''"}
+  $(cat $TMPDIR/retiolum.rsa_key.pub)
+          ${"''"};
+        };
+      };
+      ssh.privkey.path = <secrets/ssh.id_ed25519>;
+      ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)";
+    };
+  EOF
+
+  rm -rf $TMPDIR
+''
+