Merge remote-tracking branch 'gum/master'

16 files changed, 64 insertions, 37 deletions

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index d8093568..401cba97 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -580,7 +580,8 @@ with import <stockholm/lib>;
           '';
         };
       };
-      ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+      # configured manually
+      # ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
       ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
     };
     shoney = rec {
@@ -1031,6 +1032,10 @@ with import <stockholm/lib>;
       inherit (makefu) mail pgp;
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOXG6iwvm6zUVk+OE9ZviO+WNosAHSZw4ku0RxWbXSlSG0RfzvV4IfByF3Dw+4a8yZQmjwNkQalUURh2fEqhBLBI9XNEIL7qIu17zheguyXzpE3Smy4pbI+fjdsnfFrw+WE2n/IO8N6ojdH6sMmnWwfkFZYqqofWyLB3WUN9wy2b2z0w/jc56+HxxyTl3rD7CttTs9ak67HqIn3/pNeHoOM+JQ/te8t4ageIlPi8yJJpqZgww1RUWCgPPwZ9DP6gQjo85he76x0h9jvhnFd7m9N1aGdRDcK55QyoY/9x07R24GRutohAB/KDWSkDWQv5BW7M1LCawpJcF3DDslD1i7 makefu@gum";
     };
+    makefu-android = {
+      inherit (makefu) mail pgp;
+      pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
+    };
     makefu-bob = {
       inherit (makefu) mail pgp;
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD";
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 826af24e..e8438e50 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -1,7 +1,8 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 {
   imports = [
     <stockholm/makefu>
+    <stockholm/makefu/2configs/tools/core.nix>
 # configure your hw:
 # <stockholm/makefu/2configs/save-diskspace.nix>
   ];
@@ -18,6 +19,24 @@
   programs.info.enable = false;
   programs.man.enable = false;
   services.nixosManual.enable = false;
+  boot.tmpOnTmpfs = lib.mkForce false;
+
+  hardware.enableRedistributableFirmware = true;
+  hardware.firmware = [
+    (pkgs.stdenv.mkDerivation {
+     name = "broadcom-rpi3-rest";
+     src = pkgs.fetchurl {
+     url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
+     sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
+     };
+     phases = [ "installPhase" ];
+     installPhase = ''
+     mkdir -p $out/lib/firmware/brcm
+     cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
+     '';
+     })
+  ];
+  networking.wireless.enable = true;
 
 # File systems configuration for using the installer's partition layout
   fileSystems = {
diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix
index 797417a1..cd97a7c6 100644
--- a/makefu/1systems/cake/source.nix
+++ b/makefu/1systems/cake/source.nix
@@ -1,3 +1,4 @@
 import <stockholm/makefu/source.nix> {
   name="cake";
-}
\ No newline at end of file
+  full = true;
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e1357ff0..e769b1e2 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -81,7 +81,9 @@ in {
   ];
   makefu.dl-dir = "/var/download";
 
-
+  services.openssh.hostKeys = [
+    { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
+    { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
   ###### stable
   services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
   krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 443f912d..f7db7556 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -57,7 +57,7 @@ with import <stockholm/lib>;
       <stockholm/makefu/2configs/tor.nix>
       <stockholm/makefu/2configs/vpn/vpngate.nix>
       # <stockholm/makefu/2configs/buildbot-standalone.nix>
-      <stockholm/makefu/2configs/remote-build/master.nix>
+      # <stockholm/makefu/2configs/remote-build/master.nix>
 
       # Hardware
       <stockholm/makefu/2configs/hw/tp-x230.nix>
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index ed890fe4..da246f66 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -68,7 +68,7 @@ let
 
   # TODO: get the list of all krebsministers
   krebsminister = with config.krebs.users; [ lass tv ];
-  all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx ];
+  all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx makefu-android ];
   all-exco = with config.krebs.users; [ exco ];
 
   priv-rules = repo: set-owners repo all-makefu;
diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix
index 9249280c..2ab62766 100644
--- a/makefu/2configs/stats/telegraf/europastats.nix
+++ b/makefu/2configs/stats/telegraf/europastats.nix
@@ -4,7 +4,7 @@ let
     rev = "be31da7";
     name = "europastats-${rev}";
     propagatedBuildInputs = [
-      requests2
+      requests
       docopt
     ];
     src = pkgs.fetchgit {
diff --git a/makefu/2configs/tools/sec-gui.nix b/makefu/2configs/tools/sec-gui.nix
index 2db3e439..95f130ae 100644
--- a/makefu/2configs/tools/sec-gui.nix
+++ b/makefu/2configs/tools/sec-gui.nix
@@ -1,8 +1,15 @@
 { pkgs, ... }:
 
 {
-  krebs.per-user.makefu.packages = with pkgs; [
-    tpmmanager
-    wireshark
-  ];
+  users.users.makefu = {
+    extraGroups = [ "wireshark" ];
+    packages = with pkgs; [
+      tpmmanager
+    ];
+  };
+
+  programs.wireshark = {
+    enable = true;
+    package = pkgs.wireshark;
+  };
 }
diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix
index 200ea471..048c1d1a 100644
--- a/makefu/2configs/tools/steam.nix
+++ b/makefu/2configs/tools/steam.nix
@@ -1,9 +1,7 @@
 {pkgs, ...}:
 {
   users.users.makefu.packages = [
-    (pkgs.steam.override {
-      newStdcpp = true;
-    })
+    pkgs.steam
   ];
   hardware.opengl.driSupport32Bit = true;
   hardware.pulseaudio.support32Bit = true;
diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index 2eecd642..677950f4 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -35,6 +35,7 @@ in {
       http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
       https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
       https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack
+      http://www.iozone.org/src/current/
 
       {
         url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ;
diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix
index 84664258..9cac5920 100644
--- a/makefu/3modules/server-config.nix
+++ b/makefu/3modules/server-config.nix
@@ -1,15 +1,14 @@
 {config, lib, pkgs, ... }:
 
-with import <stockholm/lib>;
-{
+with lib;{
   options.makefu.server.primary-itf = lib.mkOption {
-		type = types.str;
-		description = "Primary interface of the server";
-	};
+    type = types.str;
+    description = "Primary interface of the server";
+  };
   options.makefu.gui.user = lib.mkOption {
-		type = types.str;
-		description = "GUI user";
+    type = types.str;
+    description = "GUI user";
     default = config.krebs.build.user.name;
-	};
+  };
 }
 
diff --git a/makefu/5pkgs/custom/inkscape/dxf_fix.patch b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
index 5ea0a073..b7b491d4 100644
--- a/makefu/5pkgs/custom/inkscape/dxf_fix.patch
+++ b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
@@ -1,13 +1,12 @@
---- ./share/extensions/dxf_outlines.py	2017-02-14 00:46:57.000000000 +0100
-+++ ./share/extensions/dxf_outlines.py.new	2017-05-10 04:15:03.000000000 +0200
-@@ -340,7 +340,7 @@
-         scale = eval(self.options.units)
+--- ./share/extensions/dxf_outlines.py	2017-10-08 17:28:45.553368917 +0200
++++ ./share/extensions/dxf_outlines.py.new	2017-10-08 17:29:20.172554152 +0200
+@@ -341,7 +341,7 @@
          if not scale:
              scale = 25.4/96     # if no scale is specified, assume inch as baseunit
+         scale /= self.unittouu('1px')
 -        h = self.unittouu(self.document.getroot().xpath('@height', namespaces=inkex.NSS)[0])
-+        h = self.unittouu(self.getDocumentHeight())
++        h = self.unittouu(self.documentHeight())
          self.groupmat = [[[scale, 0.0, 0.0], [0.0, -scale, h*scale]]]
          doc = self.document.getroot()
          self.process_group(doc)
 
-
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 96975e54..e99aa696 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -24,7 +24,7 @@ in {
     alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
     alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
     qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { };
-    inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
+    inherit (callPackage ./devpi {}) devpi-web devpi-server;
     nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {};
     inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
       patches = [ ./custom/inkscape/dxf_fix.patch ];
diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix
index 885777be..3df67d07 100644
--- a/makefu/5pkgs/drozer/default.nix
+++ b/makefu/5pkgs/drozer/default.nix
@@ -5,7 +5,7 @@ pythonPackages.buildPythonApplication rec {
   version = "2.4.3";
   buildInputs = [ jdk7 ];
   propagatedBuildInputs = with pythonPackages; [
-    protobuf3_2
+    protobuf
     pyopenssl
     pyyaml
   ] ++ [
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/makefu/6tests/data/secrets/ssh_host_rsa_key
diff --git a/makefu/source.nix b/makefu/source.nix
index a29d0900..01342619 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -11,14 +11,10 @@ let
               then "buildbot"
               else "makefu";
   _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
-  ref = "59e7765"; # unstable @ 2017-09-04
-                   # + graceful requests2 (a772c3a)
-                   # + mitmproxy fix      (eee2d17)
-                   # + tpm-tools fix      (5cb9987)
-                   # + dnscrypt-wrapper   (25703c3)
-                   # + lass wvstream fix  (76f4910,37cc2bc,0d48837)
+  ref = "727a3a3"; # unstable @ 2017-10-07
+                   # + revert wvdial (76f4910)
                    # + ruby stuff (2f0b17e4be9,55a952be5b5)
-                   # + proot aarch64 fix (05d2603173d)
+                   # + mitmproxy fix (360a5efd,ef52c95b)
 
 in
   evalSource (toString _file) [