From 432325be09497d64cde6a970e3b58625e94f38a5 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 14 Sep 2022 21:34:29 +0200 Subject: tv weechat-tv: init --- tv/3modules/im.nix | 2 +- tv/5pkgs/simple/weechat-tv.nix | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 tv/5pkgs/simple/weechat-tv.nix diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix index 8cb13751..e98a5732 100644 --- a/tv/3modules/im.nix +++ b/tv/3modules/im.nix @@ -71,7 +71,7 @@ in { export PATH=${lib.makeSearchPath "bin" [ pkgs.tmux pkgs.gnugrep - pkgs.weechat + pkgs.weechat-tv ]} if tmux list-sessions -F\#S | grep -q '^im''$'; then exec tmux attach -t im diff --git a/tv/5pkgs/simple/weechat-tv.nix b/tv/5pkgs/simple/weechat-tv.nix new file mode 100644 index 00000000..17d28636 --- /dev/null +++ b/tv/5pkgs/simple/weechat-tv.nix @@ -0,0 +1,9 @@ +{ lib, pkgs }: + +pkgs.wrapWeechat pkgs.weechat-unwrapped { + configure = { availablePlugins, ... }: { + scripts = [ + pkgs.weechatScripts.weechat-matrix + ]; + }; +} -- cgit v1.2.3 From 9b37b535f43f361a7f57a5aebf89c139d33de01e Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 1 Apr 2022 22:46:35 +0200 Subject: tv: bump HISTSIZE --- tv/2configs/bash/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix index 42914e06..92e2499a 100644 --- a/tv/2configs/bash/default.nix +++ b/tv/2configs/bash/default.nix @@ -6,7 +6,7 @@ with import ; programs.bash = { interactiveShellInit = /* sh */ '' HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 + HISTSIZE=900001 HISTFILESIZE=$HISTSIZE HISTTIMEFORMAT= -- cgit v1.2.3 From faf453da0b479551304123f154ac2c84f995e745 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 15 Jul 2022 10:27:30 +0200 Subject: openssh known hosts: ignore hosts without aliases --- krebs/3modules/default.nix | 81 +++++++++++++++++++++++++++------------------- 1 file changed, 47 insertions(+), 34 deletions(-) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 8ea727dc..7f007048 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -138,41 +138,54 @@ let let inherit (config.krebs.build.host.ssh) privkey; in mkIf (privkey != null) [privkey]; - # TODO use imports for merging services.openssh.knownHosts = - (let inherit (config.krebs.build.host.ssh) pubkey; in - optionalAttrs (pubkey != null) { - localhost = { - hostNames = ["localhost" "127.0.0.1" "::1"]; - publicKey = pubkey; - }; - }) - // - mapAttrs - (name: host: { - hostNames = - concatLists - (mapAttrsToList - (net-name: net: - let - longs = net.aliases; - shorts = - optionals - (cfg.dns.search-domain != null) - (map (removeSuffix ".${cfg.dns.search-domain}") - (filter (hasSuffix ".${cfg.dns.search-domain}") - longs)); - add-port = a: - if net.ssh.port != 22 - then "[${a}]:${toString net.ssh.port}" - else a; - in - map add-port (shorts ++ longs ++ net.addrs)) - host.nets); - - publicKey = host.ssh.pubkey; - }) - (filterAttrs (_: host: host.ssh.pubkey != null) cfg.hosts); + filterAttrs + (knownHostName: knownHost: + knownHost.publicKey != null && + knownHost.hostNames != [] + ) + (mapAttrs + (hostName: host: { + hostNames = + concatLists + (mapAttrsToList + (netName: net: + let + aliases = + concatLists [ + shortAliases + net.aliases + net.addrs + ]; + shortAliases = + optionals + (cfg.dns.search-domain != null) + (map (removeSuffix ".${cfg.dns.search-domain}") + (filter (hasSuffix ".${cfg.dns.search-domain}") + net.aliases)); + addPort = alias: + if net.ssh.port != 22 + then "[${alias}]:${toString net.ssh.port}" + else alias; + in + map addPort aliases + ) + host.nets); + publicKey = host.ssh.pubkey; + }) + (foldl' mergeAttrs {} [ + cfg.hosts + { + localhost = { + nets.local = { + addrs = [ "127.0.0.1" "::1" ]; + aliases = [ "localhost" ]; + ssh.port = 22; + }; + ssh.pubkey = config.krebs.build.host.ssh.pubkey; + }; + } + ])); programs.ssh.extraConfig = concatMapStrings (net: '' -- cgit v1.2.3 From 4c075ee6ffc9202cf7ba5426e83c49b83254949e Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Sep 2022 20:29:07 +0200 Subject: nix-serve-ng: init at 1.0.0 --- krebs/5pkgs/haskell/nix-serve-ng.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 krebs/5pkgs/haskell/nix-serve-ng.nix diff --git a/krebs/5pkgs/haskell/nix-serve-ng.nix b/krebs/5pkgs/haskell/nix-serve-ng.nix new file mode 100644 index 00000000..8866b205 --- /dev/null +++ b/krebs/5pkgs/haskell/nix-serve-ng.nix @@ -0,0 +1,30 @@ +{ mkDerivation, async, base, base16, base32, bytestring, charset +, fetchgit, http-client, http-types, lib, managed, megaparsec, mtl +, network, nix, optparse-applicative, tasty-bench, temporary, text +, turtle, vector, wai, wai-extra, warp, warp-tls +, boost +}: +mkDerivation { + pname = "nix-serve-ng"; + version = "1.0.0"; + src = fetchgit { + url = "https://github.com/aristanetworks/nix-serve-ng"; + sha256 = "0mqp67z5mi8rsjahdh395n7ppf0b65k8rd3pvnl281g02rbr69y2"; + rev = "433f70f4daae156b84853f5aaa11987aa5ce7277"; + fetchSubmodules = true; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + base base16 base32 bytestring charset http-types managed megaparsec + mtl network optparse-applicative vector wai wai-extra warp warp-tls + ]; + executablePkgconfigDepends = [ nix ]; + executableSystemDepends = [ boost.dev ]; + benchmarkHaskellDepends = [ + async base bytestring http-client tasty-bench temporary text turtle + vector + ]; + description = "A drop-in replacement for nix-serve that's faster and more stable"; + license = lib.licenses.bsd3; +} -- cgit v1.2.3 From 707c6b640dca086634581220614c6094ebbcccbf Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Sep 2022 20:35:43 +0200 Subject: tv binary-cache: use nix-serve-ng --- tv/2configs/binary-cache/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tv/2configs/binary-cache/default.nix b/tv/2configs/binary-cache/default.nix index f6eaba36..e5342cd5 100644 --- a/tv/2configs/binary-cache/default.nix +++ b/tv/2configs/binary-cache/default.nix @@ -3,6 +3,12 @@ environment.etc."binary-cache.pubkey".text = config.krebs.build.host.binary-cache.pubkey; + nixpkgs.overlays = [ + (self: super: { + nix-serve = self.haskellPackages.nix-serve-ng; + }) + ]; + services.nix-serve = { enable = true; secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path; -- cgit v1.2.3 From 3e6f01c3003558a7db1094742fc2cbedf985cd23 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Sep 2022 20:51:27 +0200 Subject: tv binary-cache: drop krebs.secert --- tv/2configs/binary-cache/default.nix | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/tv/2configs/binary-cache/default.nix b/tv/2configs/binary-cache/default.nix index e5342cd5..6ef7a385 100644 --- a/tv/2configs/binary-cache/default.nix +++ b/tv/2configs/binary-cache/default.nix @@ -11,22 +11,7 @@ services.nix-serve = { enable = true; - secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path; - }; - - systemd.services.nix-serve = { - after = [ - config.krebs.secret.files.binary-cache-seckey.service - ]; - partOf = [ - config.krebs.secret.files.binary-cache-seckey.service - ]; - }; - - krebs.secret.files.binary-cache-seckey = { - path = "/run/secret/nix-serve.key"; - owner.name = "nix-serve"; - source-path = toString + "/nix-serve.key"; + secretKeyFile = toString + "/nix-serve.key"; }; services.nginx = { -- cgit v1.2.3 From d76cf33d1f000389558da8c8f5e17db966b8a5a7 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 15 Sep 2022 20:52:00 +0200 Subject: tv binary-cache: add retiolum alias --- tv/2configs/binary-cache/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/binary-cache/default.nix b/tv/2configs/binary-cache/default.nix index 6ef7a385..58791f4f 100644 --- a/tv/2configs/binary-cache/default.nix +++ b/tv/2configs/binary-cache/default.nix @@ -19,6 +19,7 @@ virtualHosts.nix-serve = { serverAliases = [ "cache.${config.krebs.build.host.name}.hkw" + "cache.${config.krebs.build.host.name}.r" ]; locations."/".extraConfig = '' proxy_pass http://localhost:${toString config.services.nix-serve.port}; -- cgit v1.2.3