From b96b4fce078dc90ee59ae5a75cf0c13cbc278fb0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 30 Dec 2020 09:47:57 +0100 Subject: puyak.r: use brockman for news --- krebs/3modules/brockman.nix | 30 ++++++++++++++++++++++++++++++ krebs/3modules/default.nix | 1 + 2 files changed, 31 insertions(+) create mode 100644 krebs/3modules/brockman.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix new file mode 100644 index 00000000..21cc1420 --- /dev/null +++ b/krebs/3modules/brockman.nix @@ -0,0 +1,30 @@ +{ pkgs, lib, config, ... }: +with lib; +let + cfg = config.krebs.brockman; +in { + options.krebs.brockman = { + enable = mkEnableOption "brockman"; + config = mkOption { type = types.attrs; }; # TODO make real config here + }; + + config = mkIf cfg.enable { + users.extraUsers.brockman.isNormalUser = false; + + systemd.services.brockman = { + description = "RSS to IRC broadcaster"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + Restart = "always"; + ExecStart = '' + ${pkgs.brockman}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)} + ''; + User = config.users.extraUsers.brockman.name; + PrivateTmp = true; + RuntimeDirectory = "brockman"; + WorkingDirectory = "%t/brockman"; + }; + }; + }; +} diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index bd6bab37..2a74adac 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -11,6 +11,7 @@ let ./apt-cacher-ng.nix ./backup.nix ./bepasty-server.nix + ./brockman.nix ./buildbot/master.nix ./buildbot/slave.nix ./build.nix -- cgit v1.2.3 From e8de3384c8a5b1f1838ceb4feaea3d18f3305799 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 30 Dec 2020 17:58:04 +0100 Subject: l tv: add ssl via streaming.lassul.us --- krebs/3modules/lass/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 3466ef8e..fccfd472 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -44,6 +44,7 @@ in { matrix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { -- cgit v1.2.3 From 70b1653aacdfe8695bfb7ab23525cc5e5cf4d9b7 Mon Sep 17 00:00:00 2001 From: xkey Date: Thu, 31 Dec 2020 22:04:58 +0100 Subject: external: add karakalpakstan --- krebs/3modules/external/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 277169e1..efe3ace0 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -579,6 +579,31 @@ in { }; }; }; + karakalpakstan = { + owner = config.krebs.users.xkey; + nets = { + retiolum = { + ip4.addr = "10.243.161.1"; + aliases = [ "karakalpakstan.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA45kRCvWIaVteKQiz31AOjkEwHwOns/6SGXYzL5IswoEOT/i/8Ihl + l+ydTMTE28zs1nQp8MUBEdsJF02U8aEjPCyyMtZflZ+uaUAeJ0zAWTcb4AwdSjp+ + RKApp+LmVNDyx3W6rIgK7WYLfKhge4nRAlnshpekzaS2j7ccKhZMBIqyntYDJb6K + lE4poAgemMlE0apFV54d3ohWCZurfJ/K6BpsX7h+uwqFPOHi+pD7D/e2dHhSLXtS + 0cuFseQwqDF+xd5MAmApHO8w/BEdKWeU19TZmzkC5TlIO1HcknMq4Y8QkzCc5PXb + 5WeEdi1CyIGePldFv91LoHepsMV3nrIF7n6ZmdTuxj5GH0A0Zg0z4hrWJuXk64JM + bTpe/rDXWOG0IK0HN4z14ySD8yafLTV4gvH9Mg6jUqyqGfLpIK+o/N7ZavOeVKq5 + 3Hf9c246v1vhHjnbat5GyY79PmimEvxR51mOItpRoyJYfdSa3KrvUki0MboCiYAU + GKBmEw2BR3eybnejHqvAFov30MkmkOTz3mV/UPKELqhGCQf6UJAKG0GoxGpK3m8k + epNSAKUpj8B7+JM3Ybgl+CoAm/+qu7Ojp5j4Onn0kgB2yXryHJaNOdgraCXI2yzt + /n/eHElmKWoMCXhkV/mee1Cl2Y74XKivM6ov3lLvIDRxdXl46PvBFVkCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + }; users = { ajs124 = { -- cgit v1.2.3 From 7fc5c7d37edd803d70cfb886c6944804e340ae65 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 1 Jan 2021 00:39:51 +0100 Subject: ma gum: dl.gum and dl.makefu as aliases --- krebs/3modules/makefu/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index e204b4f3..2cb70eec 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -243,6 +243,8 @@ in { "wiki.makefu.r" "warrior.gum.r" "sick.makefu.r" + "dl.gum.r" + "dl.makefu.r" ]; }; }; -- cgit v1.2.3 From c56d012b26923a776bb9018900e963e440f74cb5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 4 Jan 2021 12:51:29 +0100 Subject: l morpheus.r: add syncthing id --- krebs/3modules/lass/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index fccfd472..a4586bed 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -605,6 +605,7 @@ in { }; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f "; + syncthing.id = "JS4RFIL-MJP2SMJ-EOQXCPQ-MC3NB4V-BQ77GN5-LPKGLWY-GHDP732-G22OJQQ"; }; hilum = { cores = 1; -- cgit v1.2.3 From dbb2024585e67c3ceaf968255263a0662c174c19 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 7 Jan 2021 23:17:07 +0100 Subject: newsbot-js: remove package and module --- krebs/3modules/default.nix | 1 - krebs/3modules/newsbot-js.nix | 102 ------------------------------------------ 2 files changed, 103 deletions(-) delete mode 100644 krebs/3modules/newsbot-js.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 2a74adac..8c620a4e 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -37,7 +37,6 @@ let ./kapacitor.nix ./konsens.nix ./monit.nix - ./newsbot-js.nix ./nixpkgs.nix ./on-failure.nix ./os-release.nix diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix deleted file mode 100644 index a3640caa..00000000 --- a/krebs/3modules/newsbot-js.nix +++ /dev/null @@ -1,102 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -let - - cfg = config.krebs.newsbot-js; - - enable = cfg != {}; - - out = { - options.krebs.newsbot-js = api; - config = mkIf enable imp; - }; - - api = mkOption { - type = types.attrsOf (types.submodule ({ config, ... }: { - options = { - enable = mkEnableOption "Enable krebs newsbot" // { default = true; }; - - channel = mkOption { - type = types.str; - default = "#${config._module.args.name}"; - description = "post the news in this channel"; - }; - feeds = mkOption { - type = types.path; - description = '' - file with feeds to post - format: - $nick|$feedURI - ''; - }; - ircServer = mkOption { - type = types.str; - default = "localhost"; - description = "to which server the bot should connect"; - }; - masterNick = mkOption { - type = types.str; - default = config._module.args.name; - description = "nickname of the master bot"; - }; - package = mkOption { - type = types.package; - default = pkgs.newsbot-js; - description = "newsbot package to use"; - }; - urlShortenerHost = mkOption { - type = types.str; - default = "go.r"; - description = "what server to use for url shortening, host"; - }; - urlShortenerPort = mkOption { - type = types.str; - default = "80"; - description = "what server to use for url shortening, port"; - }; - }; - })); - default = {}; - }; - - imp = { - users.extraUsers.newsbot-js = { - name = "newsbot-js"; - uid = genid "newsbot-js"; - description = "newsbot-js user"; - home = "/var/empty"; - }; - - systemd.services = mapAttrs' (name: newsbot: - nameValuePair "newsbot-${name}" { - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - - path = with pkgs; [ - newsbot-js - ]; - - environment = { - irc_server = newsbot.ircServer; - master_nick = newsbot.masterNick; - news_channel = newsbot.channel; - feeds_file = newsbot.feeds; - url_shortener_host = newsbot.urlShortenerHost; - url_shortener_port = newsbot.urlShortenerPort; - }; - - restartIfChanged = true; - - serviceConfig = { - User = "newsbot-js"; - Restart = "always"; - ExecStart = "${newsbot.package}/bin/newsbot"; - WatchdogSec = "86400"; - }; - } - ) cfg; - }; - -in out -- cgit v1.2.3 From edf923cc7bb315b3068094510c04b40619c42620 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 8 Jan 2021 00:37:52 +0100 Subject: brockman: add home as statedir --- krebs/3modules/brockman.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index 21cc1420..55e8255b 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -9,7 +9,11 @@ in { }; config = mkIf cfg.enable { - users.extraUsers.brockman.isNormalUser = false; + users.extraUsers.brockman = { + home = "/var/lib/brockman"; + createHome = true; + isNormalUser = false; + }; systemd.services.brockman = { description = "RSS to IRC broadcaster"; -- cgit v1.2.3 From f3f6778c035f11b361beefc23cbb4250a94be7fb Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 8 Jan 2021 00:38:34 +0100 Subject: go: implement with htgen --- krebs/3modules/go.nix | 96 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 61 insertions(+), 35 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 218ac922..4df73509 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -13,52 +13,78 @@ let api = { enable = mkEnableOption "Enable go url shortener"; port = mkOption { - type = types.str; - default = "1337"; + type = types.int; + default = 1337; description = "on which port go should run on"; }; - redisKeyPrefix = mkOption { - type = types.str; - default = "go:"; - description = "change the Redis key prefix which defaults to `go:`"; - }; }; imp = { - services.redis = { - enable = mkDefault true; - bind = mkDefault "127.0.0.1"; - }; + krebs.htgen.go = { + port = cfg.port; + script = ''. ${pkgs.writeDash "go" '' + find_item() { + if test ''${#1} -ge 7; then + set -- "$(find "$STATEDIR/items" -mindepth 1 -maxdepth 1 \ + -regex "$STATEDIR/items/$1[0-9A-Za-z]*$")" + if test -n "$1" && test $(echo "$1" | wc -l) = 1; then + echo "$1" + return 0 + fi + fi + return 1 + } - users.extraUsers.go = rec { - name = "go"; - uid = genid name; - description = "go url shortener user"; - home = "/var/lib/go"; - createHome = true; - }; + STATEDIR=$HOME + mkdir -p "$STATEDIR/items" - systemd.services.go = { - description = "go url shortener"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + case "$Method $Request_URI" in + "GET /"*) + if item=$(find_item "''${Request_URI#/}"); then + uri=$(cat "$item") + printf 'HTTP/1.1 302 Found\r\n' + printf 'Content-Type: text/plain\r\n' + printf 'Connection: closed\r\n' + printf 'Location: %s\r\n' "$uri" + printf '\r\n' + exit + fi + ;; + "POST /") + uri=$(mktemp -t htgen.$$.content.XXXXXXXX) + trap 'rm $uri >&2' EXIT - path = with pkgs; [ - go-shortener - ]; + head -c "$req_content_length" \ + | sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \ + | xargs -0 echo -e \ + | tee /tmp/tee.log \ + | ${pkgs.urix}/bin/urix \ + | head -1 \ + > "$uri" + sha256=$(sha256sum -b "$uri" | cut -d\ -f1) + base32=$(${pkgs.nixStable}/bin/nix-hash --to-base32 --type sha256 "$sha256") + item="$STATEDIR/items/$base32" + ref="http://$req_host/$base32" - environment = { - PORT = cfg.port; - REDIS_KEY_PREFIX = cfg.redisKeyPrefix; - }; + if ! test -e "$item"; then + mkdir -v -p "$STATEDIR/items" >&2 + cp -v "$uri" "$item" >&2 + fi - restartIfChanged = true; + base32short=$(echo "$base32" | cut -b-7) + if item=$(find_item "$base32short"); then + ref="http://$req_host/$base32short" + fi - serviceConfig = { - User = "go"; - Restart = "always"; - ExecStart = "${pkgs.go-shortener}/bin/go"; - }; + printf 'HTTP/1.1 200 OK\r\n' + printf 'Content-Type: text/plain; charset=UTF-8\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + printf '%s\n' "$ref" + exit + ;; + esac + ''}''; }; }; -- cgit v1.2.3 From 947f2a600bad22a3b26656698c69208f9cee7018 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 8 Jan 2021 12:20:29 +0100 Subject: news: add rss-bridge as rss.r --- krebs/3modules/krebs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 5e3ddcb2..3e3e1381 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -131,6 +131,7 @@ in { "build.puyak.r" "cgit.puyak.r" "go.r" + "rss.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From 98becc8ff6a3eab2fd407475f7848df08acdd7fc Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Jan 2021 22:21:32 +0100 Subject: news: serve state at http://brockman.r --- krebs/3modules/krebs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 3e3e1381..d0648418 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -128,6 +128,7 @@ in { ip4.addr = "10.243.77.2"; aliases = [ "puyak.r" + "brockman.r" "build.puyak.r" "cgit.puyak.r" "go.r" -- cgit v1.2.3