From c7d02cb595f59fd6f4cd471eb44aa3e1b2c13dd7 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 30 Apr 2019 20:25:53 +0200 Subject: ssh-audit: init at 1.7.0 --- krebs/5pkgs/simple/ssh-audit.nix | 55 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 krebs/5pkgs/simple/ssh-audit.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/ssh-audit.nix b/krebs/5pkgs/simple/ssh-audit.nix new file mode 100644 index 00000000..7d2e6fb3 --- /dev/null +++ b/krebs/5pkgs/simple/ssh-audit.nix @@ -0,0 +1,55 @@ +{ fetchFromGitHub, python3Packages, stdenv }: + +python3Packages.buildPythonPackage rec { + inherit (meta) version; + + pname = "ssh-audit"; + + src = fetchFromGitHub { + owner = "arthepsy"; + repo = pname; + rev = "refs/tags/v${meta.version}"; + sha256 = "0akrychkdym9f6830ysq787c9nc0bkyqvy4h72498lyghwvwc2ms"; + }; + + checkInputs = [ + python3Packages.pytest + python3Packages.pytestcov + ]; + + checkPhase = '' + py.test --cov-report= --cov=ssh-audit -v test + ''; + + postPatch = '' + printf %s "$setupPy" > setup.py + mkdir scripts + cp ssh-audit.py scripts/ssh-audit + mkdir ssh-audit + cp ssh-audit.py ssh-audit/__init__.py + ''; + + setupPy = /* py */ '' + from distutils.core import setup + setup( + author='arthepsy', + description='${meta.description}', + license='${meta.license.spdxId}', + name='${pname}', + packages=['ssh-audit'], + scripts=['scripts/ssh-audit'], + url='${meta.homepage}', + version='${version}', + ) + ''; + + meta = { + description = "tool for ssh server auditing"; + homepage = "https://github.com/arthepsy/ssh-audit"; + license = stdenv.lib.licenses.mit; + maintainers = [ + stdenv.lib.maintainers.tv + ]; + version = "1.7.0"; + }; +} -- cgit v1.2.3 From df6007c2eb3c6fab9106c3fc591fded7221b1708 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 30 Apr 2019 21:50:07 +0200 Subject: treewide: nixpkgsVersion -> version --- krebs/5pkgs/haskell/blessings.nix | 2 +- krebs/5pkgs/haskell/email-header.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix index c35706eb..7abebba5 100644 --- a/krebs/5pkgs/haskell/blessings.nix +++ b/krebs/5pkgs/haskell/blessings.nix @@ -14,7 +14,7 @@ with import ; version = "2.2.0"; sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1"; }; - }.${versions.majorMinor nixpkgsVersion}; + }.${versions.majorMinor version}; in mkDerivation { pname = "blessings"; diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix index 6689f1d2..fe4bb839 100644 --- a/krebs/5pkgs/haskell/email-header.nix +++ b/krebs/5pkgs/haskell/email-header.nix @@ -20,7 +20,7 @@ with import ; rev = "refs/tags/v${cfg.version}"; sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x"; }; - }.${versions.majorMinor nixpkgsVersion}; + }.${versions.majorMinor version}; in mkDerivation { pname = "email-header"; -- cgit v1.2.3 From 397fad23666f0705f03af166ad0b9a7d87104e4d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 5 May 2019 10:27:57 +0200 Subject: nixpkgs: cf3e277 -> 04954e3 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 0bc3abf9..ae75f607 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "cf3e277dd0bd710af0df667e9364f4bd80c72713", - "date": "2019-04-24T23:55:21+02:00", - "sha256": "1abyadl3sxf67yi65758hq6hf2j07afgp1fmkk7kd94dadx6r6f4", + "rev": "04954e39df88487bf5b6bb5e532520e83a6c22ea", + "date": "2019-05-04T20:25:55-04:00", + "sha256": "1l6wc13mwwhv0msa0596wvsq2j2kxj1wjchdz4v1zzia781rpd8m", "fetchSubmodules": false } -- cgit v1.2.3 From 31df4e128b094a757fff6641db22a042e3da6b8a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 20 May 2019 11:42:36 +0200 Subject: nixpkgs: 04954e3 -> 705986f --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index ae75f607..811eb826 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "04954e39df88487bf5b6bb5e532520e83a6c22ea", - "date": "2019-05-04T20:25:55-04:00", - "sha256": "1l6wc13mwwhv0msa0596wvsq2j2kxj1wjchdz4v1zzia781rpd8m", + "rev": "705986f5a986be5c5ae13193b487c7ec8ca05f16", + "date": "2019-05-18T20:38:59-04:00", + "sha256": "0zpch2cpl2yx0mp7hnyjd03hqs7rxza9wc2p97njsdzhi56gxwxp", "fetchSubmodules": false } -- cgit v1.2.3 From c74d86cf6a1299ba0a11fcfb2341a8632b147420 Mon Sep 17 00:00:00 2001 From: magenbluten Date: Tue, 21 May 2019 19:43:40 +0200 Subject: mb: add new machines --- krebs/3modules/mb/default.nix | 52 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/mb/default.nix b/krebs/3modules/mb/default.nix index c98db4b2..d6e45ba5 100644 --- a/krebs/3modules/mb/default.nix +++ b/krebs/3modules/mb/default.nix @@ -63,6 +63,58 @@ in { }; }; }; + gr33n = { + nets = { + retiolum = { + ip4.addr = "10.243.42.123"; + aliases = [ + "gr33n.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqecLfk8TlGFF7JJpv8 + kjLFNgoNfu9FYRMNG4GSxWL5w+49n6b+GC5ciOC+RJ+N56jfB9JYE0MtbuOmkY5M + JUphuvgOCNhTbBJsjnmG9n02evpxZn9HWypNC3oQCvY2K7vHpIxGKR5PyTVKPO0P + OOYKAbCLD9F2bmuLaBQ/dFXFQxfu3tjvJI9mYDWBpSkh1mYeMZLw2xxnRZLs0bEO + ZWdzxCh9UM/mgb4WYuNED9+sz7MSsaMPAqquarFCguUxhjp6rElGFcNWjXaxA5zt + JGS6VompUViVSHjSaQ5/3VRKoIQjr4NOFYQqLpmB5S2OpiggV6I9OpB7QUGlvcYd + I3j+1AeK11HuEyPqSwxjNCCrI12bSIo3685BPHbl+AMhWGhzrCkAGcOCbAefreXQ + 5v4SaKUIDlCYhN+vyNdlu2jvqQlxfJrPAfBt+jJBK6gMcAEKc7P/Oj4B9Fsl331X + s0kWH5G9t6OhO/Of8/kb2/P+YEbM6zi1QQdZAOr6Cg0y4cMt9zxLWknaM4yEDAXH + oSM33PTv9DOvBjfxRXqOHqOHRq5ayqZdIFgfLUlPTdbWRkhNzjG8f7k7p32m20A6 + Kal+OF//I2c9E9vKFzyepyTcnwi3B8+cFJ74+XYaNApdwHSb1BU/+c3O9RJExZGV + jtTSbSJHU5esECtAuXy1XH8CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + sunsh1n3 = { + nets = { + retiolum = { + ip4.addr = "10.243.42.142"; + aliases = [ + "sunsh1n3.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo2VCqp6mUbyo3n+1XpKf + QavpgRYQyv9wAZzYSYHjxThuLmNb/wERPbWJFMZfAGuku0blKWJISSgFWd9YL7dU + pZQZxfqo/9xnS/r0xIKrKSsBiTZt7JZmTQzj1ri11TIO0S1QPjIP5HsxlZZAw0nz + idEDlKmgWs74FPdezlXqvJyEUKDqL/ZQBtdhZZIDMkSJnCdBzXxKwv+uLVE46ZBf + 4HrtQjcj+dyVMogMIoseAgf5lS6V3pyCM7/NHZFxrIxoIAxSsUoB59i2EbK6aUK5 + yuiWHI6ZHToxN2K/0SX96hzxcwrUmdk49tTHBY0Zhn2ku6NjQPU3LuxgIwrSaSJD + /KWh6XkqR7EsCVN0AIsLvFelI2ckSyNyAlnYbMAHDt7GwHlNp4Lsy+x4ZQ6m0xTY + Z+/jt6sfoMiulPcwWEpqNCCf5A65lF77DldQhH3qYrdQ756n/kOqSfQtPCnVNYXy + LlN5rKCOgxKxxtKkwMUif2OM9RPHpM7wS09Rvek6zpL9ymhU5THF7UylLKxKGjYj + 6dTooyRVQRJdrwIYLrJIy0MfGyYiGAJxf/C0KOOZnJPCW2b51+bo5Zh+BhKZYN8H + C2DEGc8+4h5hX1TAaUfTpfVm3mMTh8H2m9N8Pdl5ji+A0m0IwHDLQyaoskcxSjvU + 9IxYLfkSD6AJqasnHlz0L08CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; }; users = { mb = { -- cgit v1.2.3 From be12b8a41370f50b413376717a5db38edfebd828 Mon Sep 17 00:00:00 2001 From: magenbluten Date: Tue, 21 May 2019 20:23:09 +0200 Subject: mb sunshine.r: disable ci --- krebs/3modules/mb/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/mb/default.nix b/krebs/3modules/mb/default.nix index d6e45ba5..e77811f0 100644 --- a/krebs/3modules/mb/default.nix +++ b/krebs/3modules/mb/default.nix @@ -3,7 +3,6 @@ with import ; hostDefaults = hostName: host: flip recursiveUpdate host { ci = true; - monitoring = true; owner = config.krebs.users.mb; }; @@ -90,6 +89,7 @@ in { }; }; sunsh1n3 = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.42.142"; -- cgit v1.2.3