summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2021-12-01 11:21:09 +0100
committermakefu <github@syntax-fehler.de>2021-12-01 11:21:09 +0100
commit9301506249292633447910c4273573b82915d59c (patch)
tree099cc6a77a645fa98f41b0b5466a080c0b260894
parent13c525e54862f0989eea2e4606a68c98e6b49b79 (diff)
parentb79f5ab97db8115c4b2e66e57bb84587a31ce1e0 (diff)
Merge remote-tracking branch 'lass/master'
-rw-r--r--krebs/2configs/default.nix7
-rw-r--r--krebs/3modules/default.nix8
-rw-r--r--krebs/3modules/external/default.nix1
-rw-r--r--krebs/3modules/lass/default.nix23
-rw-r--r--krebs/3modules/lass/ssh/tablet.ed255191
-rw-r--r--krebs/3modules/makefu/default.nix2
-rw-r--r--krebs/5pkgs/haskell/mailaids.nix (renamed from tv/5pkgs/haskell/mailaids.nix)0
-rw-r--r--krebs/5pkgs/haskell/purebred-email/default.nix34
-rw-r--r--krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch65
-rw-r--r--lass/1systems/prism/config.nix6
-rw-r--r--makefu/2configs/deployment/graphs.nix2
m---------submodules/krops0
-rw-r--r--tv/1systems/wu/config.nix6
-rw-r--r--tv/2configs/default.nix2
-rw-r--r--tv/2configs/gitrepos.nix3
15 files changed, 152 insertions, 8 deletions
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 4c25bc963..369b750b7 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -45,6 +45,13 @@ with import <stockholm/lib>;
services.cron.enable = false;
services.ntp.enable = false;
+ # limit journald size
+ services.journald.extraConfig = ''
+ SystemMaxUse=1G
+ RuntimeMaxUse=128M
+ Storage=persistent
+ '';
+
users.mutableUsers = false;
users.extraUsers.root.openssh.authorizedKeys.keys = [
config.krebs.users.jeschli-brauerei.pubkey
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 24b17487b..7b6639212 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -80,9 +80,9 @@ let
description = ''
The zone configuration head which is being used to create the
zone files. The string for each key is pre-pended to the zone file.
- '';
- # TODO: configure the default somewhere else,
- # maybe use krebs.dns.providers
+ '';
+ # TODO: configure the default somewhere else,
+ # maybe use krebs.dns.providers
default = {
# github.io -> 192.30.252.154
@@ -96,7 +96,7 @@ let
IN A 185.199.110.153
IN A 185.199.111.153
'';
- };
+ };
};
};
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 6fe71e31b..d919c8129 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -151,6 +151,7 @@ in {
"makanek.kmein.r"
"grafana.kmein.r"
"names.kmein.r"
+ "graph.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 1f118b8b0..280021347 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -71,6 +71,7 @@ in {
60 IN NS ns16.ovh.net.
60 IN NS dns16.ovh.net.
60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr}
IN MX 5 lassul.us.
60 IN TXT v=spf1 mx a:lassul.us -all
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
@@ -98,6 +99,10 @@ in {
addr = "95.216.1.150";
prefix = "0.0.0.0/0";
};
+ ip6 = {
+ addr = "2a01:4f9:2a:1e9::1";
+ prefix = "2a01:4f9:2a:1e9::/64";
+ };
aliases = [
"prism.i"
"paste.i"
@@ -113,6 +118,7 @@ in {
"cache.prism.r"
"cgit.prism.r"
"flix.r"
+ "jelly.r"
"paste.r"
"c.r"
"p.r"
@@ -569,6 +575,20 @@ in {
ci = false;
syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ";
};
+ tablet = {
+ nets = {
+ wiregrill = {
+ ip4.addr = "10.244.1.14";
+ ip6.addr = w6 "b";
+ aliases = [
+ "tablet.w"
+ ];
+ wireguard.pubkey = "eIafsxYEFCqmWNFon6ZsYXeDrK4X1UJ9KD0zmNZjgEI=";
+ };
+ };
+ external = true;
+ ci = false;
+ };
hilum = {
cores = 1;
nets = {
@@ -817,5 +837,8 @@ in {
mail = "lassulus@gmail.com";
pubkey = builtins.readFile ./ssh/android.ed25519;
};
+ lass-tablet = {
+ pubkey = builtins.readFile ./ssh/tablet.ed25519;
+ };
};
}
diff --git a/krebs/3modules/lass/ssh/tablet.ed25519 b/krebs/3modules/lass/ssh/tablet.ed25519
new file mode 100644
index 000000000..250be53f7
--- /dev/null
+++ b/krebs/3modules/lass/ssh/tablet.ed25519
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMaulRARjJt6gQ4q5DCj3ySAf4juHvVaIcXDRhWZ5mM u0_a234@localhost \ No newline at end of file
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 03431ce5f..7780863a3 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -221,7 +221,7 @@ in {
"cgit.gum.r"
"dcpp.gum.r"
"dcpp.nextgum.r"
- "graph.r"
+ "graph.makefu.r"
"logs.makefu.r"
"netdata.makefu.r"
"nextgum.r"
diff --git a/tv/5pkgs/haskell/mailaids.nix b/krebs/5pkgs/haskell/mailaids.nix
index f152a76f4..f152a76f4 100644
--- a/tv/5pkgs/haskell/mailaids.nix
+++ b/krebs/5pkgs/haskell/mailaids.nix
diff --git a/krebs/5pkgs/haskell/purebred-email/default.nix b/krebs/5pkgs/haskell/purebred-email/default.nix
new file mode 100644
index 000000000..ebf315388
--- /dev/null
+++ b/krebs/5pkgs/haskell/purebred-email/default.nix
@@ -0,0 +1,34 @@
+{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
+, case-insensitive, concise, deepseq, fetchgit, hedgehog, lens, lib
+, QuickCheck, quickcheck-instances, semigroupoids, semigroups
+, stringsearch, tasty, tasty-golden, tasty-hedgehog, tasty-hunit
+, tasty-quickcheck, text, time
+}:
+mkDerivation {
+ pname = "purebred-email";
+ version = "0.4.3";
+ src = fetchgit {
+ url = "https://github.com/purebred-mua/purebred-email";
+ sha256 = "06xhccavrdzfsvg65mzdnp0a7b1ilk2rqpnyvkr171ir6mqdpb19";
+ rev = "769b360643f699c0a8cd6f1c3a3de36cf0479834";
+ fetchSubmodules = true;
+ };
+ patches = [
+ ./untweak-mime-version-header.patch
+ ];
+ isLibrary = true;
+ isExecutable = true;
+ libraryHaskellDepends = [
+ attoparsec base base64-bytestring bytestring case-insensitive
+ concise deepseq lens semigroupoids semigroups stringsearch text
+ time
+ ];
+ testHaskellDepends = [
+ attoparsec base bytestring case-insensitive hedgehog lens
+ QuickCheck quickcheck-instances semigroups tasty tasty-golden
+ tasty-hedgehog tasty-hunit tasty-quickcheck text time
+ ];
+ homepage = "https://github.com/purebred-mua/purebred-email";
+ description = "types and parser for email messages (including MIME)";
+ license = lib.licenses.agpl3Plus;
+}
diff --git a/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch
new file mode 100644
index 000000000..97baf7ac1
--- /dev/null
+++ b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch
@@ -0,0 +1,65 @@
+diff --git a/src/Data/MIME.hs b/src/Data/MIME.hs
+index 19af53e..be8cbd4 100644
+--- a/src/Data/MIME.hs
++++ b/src/Data/MIME.hs
+@@ -810,7 +810,6 @@ multipart takeTillEnd boundary =
+ -- | Sets the @MIME-Version: 1.0@ header.
+ --
+ instance RenderMessage MIME where
+- tweakHeaders = set (headers . at "MIME-Version") (Just "1.0")
+ buildBody h z = Just $ case z of
+ Part partbody -> Builder.byteString partbody
+ Encapsulated msg -> buildMessage msg
+diff --git a/tests/Generator.hs b/tests/Generator.hs
+index 9e1f166..23bd122 100644
+--- a/tests/Generator.hs
++++ b/tests/Generator.hs
+@@ -64,7 +64,7 @@ exampleMailsParseSuccessfully =
+ textPlain7bit :: MIMEMessage
+ textPlain7bit =
+ let m = createTextPlainMessage "This is a simple mail."
+- in over headers (\(Headers xs) -> Headers $ (CI.mk "Subject", "Hello there") : xs) m
++ in over headers (\(Headers xs) -> Headers $ (CI.mk "MIME-Version", "1.0") : (CI.mk "Subject", "Hello there") : xs) m
+
+ multiPartMail :: MIMEMessage
+ multiPartMail =
+@@ -72,13 +72,16 @@ multiPartMail =
+ to' = Single $ Mailbox Nothing (AddrSpec "bar" (DomainDotAtom $ pure "bar.com"))
+ subject = "Hello there"
+ p = createTextPlainMessage "This is a simple mail."
++ & set (headers . at "MIME-Version") (Just "1.0")
+ a = createAttachment
+ contentTypeApplicationOctetStream
+ (Just "foo.bin")
+ "fileContentsASDF"
++ & set (headers . at "MIME-Version") (Just "1.0")
+ now = UTCTime (ModifiedJulianDay 123) (secondsToDiffTime 123)
+ in createMultipartMixedMessage "asdf" (fromList [p, a])
+- & set (headers . at "From") (Just $ renderMailboxes [from'])
++ & set (headers . at "MIME-Version") (Just "1.0")
++ . set (headers . at "From") (Just $ renderMailboxes [from'])
+ . set (headers . at "To") (Just $ renderAddresses [to'])
+ . set (headers . at "Date") (Just $ renderRFC5422Date now)
+ . set (headers . at "Subject") (Just $ T.encodeUtf8 subject)
+diff --git a/tests/Message.hs b/tests/Message.hs
+index 6711519..3e40397 100644
+--- a/tests/Message.hs
++++ b/tests/Message.hs
+@@ -29,7 +29,7 @@ import Data.Char (isPrint)
+ import Data.Foldable (fold)
+ import Data.List.NonEmpty (NonEmpty(..), intersperse)
+
+-import Control.Lens (set, view)
++import Control.Lens ((&), at, set, view)
+ import qualified Data.ByteString as B
+ import qualified Data.Text as T
+
+@@ -99,7 +99,7 @@ genMessage = Gen.choice [ genTextPlain, genMultipart, encapsulate <$> genMessage
+ prop_messageRoundTrip :: Property
+ prop_messageRoundTrip = property $ do
+ msg <- forAll genMessage
+- parse (message mime) (renderMessage msg) === Right msg
++ parse (message mime) (renderMessage $ msg & set (headers . at "MIME-Version") (Just "1.0")) === Right msg
+
+ prop_messageFromRoundTrip :: Property
+ prop_messageFromRoundTrip = property $ do
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 45f9ae00e..c92a239f9 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -284,6 +284,12 @@ with import <stockholm/lib>;
localAddress = "10.233.2.14";
};
+ services.nginx.virtualHosts."jelly.r" = {
+ locations."/".extraConfig = ''
+ proxy_pass http://10.233.2.14:8096/;
+ proxy_set_header Accept-Encoding "";
+ '';
+ };
services.nginx.virtualHosts."flix.r" = {
locations."/".extraConfig = ''
proxy_pass http://10.233.2.14:80/;
diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix
index e7dc54dd0..1f6deb1bf 100644
--- a/makefu/2configs/deployment/graphs.nix
+++ b/makefu/2configs/deployment/graphs.nix
@@ -18,7 +18,7 @@ in {
}
'';
serverAliases = [
- "graph.r"
+ "graph.makefu.r"
"graph.${hn}" "graph.${hn}.r"
];
};
diff --git a/submodules/krops b/submodules/krops
-Subproject 05f0d3b5c1d38fbbd53142362a7821cc8bc1150
+Subproject 13ae434b140035e7e2664bd5a8ef4c475413b2e
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index f0ef6f9b0..bf250cefa 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -33,5 +33,11 @@ with import <stockholm/lib>;
};
networking.wireless.enable = true;
+ networking.wireless.interfaces = [
+ "wlp3s0"
+ ];
+ networking.interfaces.enp4s0f2.useDHCP = true;
+ networking.interfaces.wlp3s0.useDHCP = true;
+ networking.useDHCP = false;
}
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 8e8d0a468..de298e162 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -1,8 +1,6 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: {
- boot.kernelPackages = mkDefault pkgs.linuxPackages_latest;
-
boot.tmpOnTmpfs = true;
krebs.enable = true;
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 2b8457e40..6f4dedad6 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -65,6 +65,9 @@ let {
public-repos = mapAttrs make-public-repo ({
} // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) {
+ couchfs = {
+ cgit.desc = "filesystem (in userspace) on top of CouchDB";
+ };
crx = {
cgit.desc = "utilities for working with Chrome extensions";
};