summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2018-11-10 19:52:37 +0100
committertv <tv@krebsco.de>2018-11-10 19:52:37 +0100
commit5ea1c2fcbb5756ef99d5fade8a7cd9e33b04a0c6 (patch)
treef6edbd9d1ff68773f413065a1f1c5dd71150be1a
parent9a801fa642a60a2c46240670b4e3ad66ea77d995 (diff)
parent05b288604e7e653efb6035b9953aa849e6e6bc19 (diff)
Merge remote-tracking branch 'prism/master'
-rw-r--r--krebs/1systems/hotdog/config.nix1
-rw-r--r--krebs/2configs/ircd.nix2
-rw-r--r--krebs/3modules/charybdis.nix110
-rw-r--r--krebs/3modules/default.nix2
-rw-r--r--krebs/3modules/lass/default.nix71
-rw-r--r--krebs/3modules/makefu/default.nix92
-rw-r--r--krebs/3modules/nin/default.nix111
-rw-r--r--krebs/5pkgs/simple/realwallpaper/default.nix4
-rw-r--r--krebs/nixpkgs.json6
-rw-r--r--lass/1systems/archprism/config.nix356
-rw-r--r--lass/1systems/archprism/physical.nix77
-rw-r--r--lass/1systems/prism/config.nix10
-rw-r--r--lass/1systems/prism/physical.nix119
-rw-r--r--lass/2configs/baseX.nix1
-rw-r--r--lass/2configs/blue.nix1
-rw-r--r--lass/2configs/ciko.nix4
-rw-r--r--lass/2configs/exim-smarthost.nix1
-rw-r--r--lass/2configs/games.nix2
-rw-r--r--lass/2configs/git.nix4
-rw-r--r--lass/2configs/mail.nix2
-rw-r--r--lass/2configs/websites/sqlBackup.nix1
-rw-r--r--lass/3modules/ejabberd/config.nix4
-rw-r--r--makefu/1systems/gum/config.nix136
-rw-r--r--makefu/1systems/gum/hardware-config.nix77
-rw-r--r--makefu/1systems/gum/rescue.txt11
-rw-r--r--makefu/1systems/gum/source.nix2
-rw-r--r--makefu/1systems/nextgum/config.nix253
-rw-r--r--makefu/1systems/nextgum/hardware-config.nix99
-rw-r--r--makefu/1systems/nextgum/source.nix5
-rw-r--r--makefu/1systems/nextgum/transfer-config.nix7
-rw-r--r--makefu/1systems/omo/config.nix43
-rw-r--r--makefu/1systems/wbob/config.nix30
-rw-r--r--makefu/1systems/x/config.nix28
-rw-r--r--makefu/2configs/backup.nix52
-rw-r--r--makefu/2configs/backup/server.nix11
-rw-r--r--makefu/2configs/backup/ssh/gum.pub1
-rw-r--r--makefu/2configs/backup/ssh/nextgum.pub1
-rw-r--r--makefu/2configs/backup/ssh/omo.pub1
-rw-r--r--makefu/2configs/backup/ssh/x.pub1
-rw-r--r--makefu/2configs/backup/state.nix25
-rw-r--r--makefu/2configs/bepasty-dual.nix5
-rw-r--r--makefu/2configs/bluetooth-mpd.nix2
-rw-r--r--makefu/2configs/dcpp/airdcpp.nix3
-rw-r--r--makefu/2configs/deployment/bureautomation/hass.nix159
-rw-r--r--makefu/2configs/deployment/bureautomation/home.nix67
-rw-r--r--makefu/2configs/deployment/bureautomation/mpd.nix9
-rw-r--r--makefu/2configs/deployment/graphs.nix5
-rw-r--r--makefu/2configs/deployment/homeautomation/default.nix177
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix1
-rw-r--r--makefu/2configs/gui/base.nix4
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix32
-rw-r--r--makefu/2configs/home-manager/cli.nix8
-rw-r--r--makefu/2configs/home-manager/default.nix3
-rw-r--r--makefu/2configs/home-manager/desktop.nix52
-rw-r--r--makefu/2configs/home-manager/mail.nix3
-rw-r--r--makefu/2configs/hw/bluetooth.nix5
-rw-r--r--makefu/2configs/hw/network-manager.nix3
-rw-r--r--makefu/2configs/hw/switch.nix10
-rw-r--r--makefu/2configs/laptop-backup.nix12
-rw-r--r--makefu/2configs/nginx/euer.blog.nix1
-rw-r--r--makefu/2configs/nginx/euer.wiki.nix1
-rw-r--r--makefu/2configs/printer.nix10
-rw-r--r--makefu/2configs/rtorrent.nix19
-rw-r--r--makefu/2configs/shack/events-publisher/default.nix (renamed from makefu/2configs/deployment/events-publisher/default.nix)4
-rw-r--r--makefu/2configs/shack/gitlab-runner/default.nix31
-rw-r--r--makefu/2configs/stats/arafetch.nix2
-rw-r--r--makefu/2configs/taskd.nix11
-rw-r--r--makefu/2configs/tools/android-pentest.nix2
-rw-r--r--makefu/2configs/tools/desktop.nix2
-rw-r--r--makefu/2configs/tools/extra-gui.nix1
-rw-r--r--makefu/2configs/tools/media.nix4
-rw-r--r--makefu/2configs/tools/mobility.nix2
-rw-r--r--makefu/2configs/tools/secrets.nix2
-rw-r--r--makefu/2configs/torrent.nix20
-rw-r--r--makefu/2configs/virtualisation/virtualbox.nix21
-rw-r--r--makefu/5pkgs/_4nxci/default.nix (renamed from makefu/5pkgs/4nxci/default.nix)44
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg6
-rw-r--r--makefu/5pkgs/cozy-audiobooks/default.nix95
-rw-r--r--makefu/5pkgs/custom/inkscape/dxf_fix.patch12
-rw-r--r--makefu/5pkgs/default.nix3
-rw-r--r--makefu/5pkgs/esniper/default.nix32
-rw-r--r--makefu/5pkgs/esniper/find-ca-bundle.patch26
-rw-r--r--makefu/5pkgs/ifdnfc/default.nix45
-rw-r--r--makefu/5pkgs/jd-gui/default.nix36
-rw-r--r--makefu/5pkgs/mcomix/default.nix24
-rw-r--r--makefu/5pkgs/ns-atmosphere-programmer/default.nix36
-rw-r--r--makefu/5pkgs/switch-launcher/default.nix24
-rw-r--r--makefu/5pkgs/targetcli/default.nix64
-rw-r--r--makefu/5pkgs/zj-58/default.nix30
-rw-r--r--makefu/krops.nix2
-rw-r--r--makefu/nixpkgs.json6
-rw-r--r--nin/0tests/dummysecrets/hashedPasswords.nix1
-rw-r--r--nin/0tests/dummysecrets/ssh.id_ed255190
-rw-r--r--nin/1systems/axon/config.nix132
-rw-r--r--nin/1systems/hiawatha/config.nix126
-rw-r--r--nin/1systems/onondaga/config.nix23
-rw-r--r--nin/2configs/ableton.nix20
-rw-r--r--nin/2configs/copyq.nix38
-rw-r--r--nin/2configs/default.nix173
-rw-r--r--nin/2configs/git.nix60
-rw-r--r--nin/2configs/im.nix19
-rw-r--r--nin/2configs/retiolum.nix28
-rw-r--r--nin/2configs/skype.nix27
-rw-r--r--nin/2configs/termite.nix22
-rw-r--r--nin/2configs/vim.nix355
-rw-r--r--nin/2configs/weechat.nix21
-rw-r--r--nin/default.nix7
107 files changed, 1570 insertions, 2424 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 0a848426c..cf72e0d73 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -10,7 +10,6 @@
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/buildbot-stockholm.nix>
- <stockholm/krebs/2configs/gitlab-runner-shackspace.nix>
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/ircd.nix>
<stockholm/krebs/2configs/reaktor-retiolum.nix>
diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix
index 962dbf49c..65972aacc 100644
--- a/krebs/2configs/ircd.nix
+++ b/krebs/2configs/ircd.nix
@@ -5,7 +5,7 @@
6667 6669
];
- services.charybdis = {
+ krebs.charybdis = {
enable = true;
motd = ''
hello
diff --git a/krebs/3modules/charybdis.nix b/krebs/3modules/charybdis.nix
new file mode 100644
index 000000000..f4a7c1313
--- /dev/null
+++ b/krebs/3modules/charybdis.nix
@@ -0,0 +1,110 @@
+{ config, lib, pkgs, ... }:
+
+let
+ inherit (lib) mkEnableOption mkIf mkOption singleton types;
+ inherit (pkgs) coreutils charybdis;
+ cfg = config.krebs.charybdis;
+
+ configFile = pkgs.writeText "charybdis.conf" ''
+ ${cfg.config}
+ '';
+in
+
+{
+
+ ###### interface
+
+ options = {
+
+ krebs.charybdis = {
+
+ enable = mkEnableOption "Charybdis IRC daemon";
+
+ config = mkOption {
+ type = types.string;
+ description = ''
+ Charybdis IRC daemon configuration file.
+ '';
+ };
+
+ statedir = mkOption {
+ type = types.string;
+ default = "/var/lib/charybdis";
+ description = ''
+ Location of the state directory of charybdis.
+ '';
+ };
+
+ user = mkOption {
+ type = types.string;
+ default = "ircd";
+ description = ''
+ Charybdis IRC daemon user.
+ '';
+ };
+
+ group = mkOption {
+ type = types.string;
+ default = "ircd";
+ description = ''
+ Charybdis IRC daemon group.
+ '';
+ };
+
+ motd = mkOption {
+ type = types.nullOr types.lines;
+ default = null;
+ description = ''
+ Charybdis MOTD text.
+
+ Charybdis will read its MOTD from /etc/charybdis/ircd.motd .
+ If set, the value of this option will be written to this path.
+ '';
+ };
+
+ };
+
+ };
+
+
+ ###### implementation
+
+ config = mkIf cfg.enable (lib.mkMerge [
+ {
+ users.users = singleton {
+ name = cfg.user;
+ description = "Charybdis IRC daemon user";
+ uid = config.ids.uids.ircd;
+ group = cfg.group;
+ };
+
+ users.groups = singleton {
+ name = cfg.group;
+ gid = config.ids.gids.ircd;
+ };
+
+ systemd.services.charybdis = {
+ description = "Charybdis IRC daemon";
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ BANDB_DBPATH = "${cfg.statedir}/ban.db";
+ };
+ serviceConfig = {
+ ExecStart = "${charybdis}/bin/charybdis -foreground -logfile /dev/stdout -configfile ${configFile}";
+ Group = cfg.group;
+ User = cfg.user;
+ PermissionsStartOnly = true; # preStart needs to run with root permissions
+ };
+ preStart = ''
+ ${coreutils}/bin/mkdir -p ${cfg.statedir}
+ ${coreutils}/bin/chown ${cfg.user}:${cfg.group} ${cfg.statedir}
+ '';
+ };
+
+ }
+
+ (mkIf (cfg.motd != null) {
+ environment.etc."charybdis/ircd.motd".text = cfg.motd;
+ })
+ ]);
+}
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 6307649e3..8f2e22acf 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -14,6 +14,7 @@ let
./buildbot/master.nix
./buildbot/slave.nix
./build.nix
+ ./charybdis.nix
./ci.nix
./current.nix
./exim.nix
@@ -111,7 +112,6 @@ let
{ krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
- { krebs = import ./nin { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }
{
krebs.dns.providers = {
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 6b4dc3f17..9b9f052a5 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -38,7 +38,7 @@ with import <stockholm/lib>;
};
nets = rec {
internet = {
- ip4.addr = "46.4.114.247";
+ ip4.addr = "95.216.1.150";
aliases = [
"prism.i"
"paste.i"
@@ -87,6 +87,46 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
};
+
+ archprism = {
+ cores = 1;
+ nets = rec {
+ internet = {
+ ip4.addr = "46.4.114.247";
+ aliases = [
+ "archprism.i"
+ ];
+ ssh.port = 45621;
+ };
+ retiolum = {
+ via = internet;
+ ip4.addr = "10.243.0.123";
+ ip6.addr = "42:0:0:0:0:0:0:123";
+ aliases = [
+ "archprism.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6dK0jsPSb7kWMGjfyWbG
+ wQYYt8vi5pY/1/Ohk0iy84+mfb1SCJdm5IOC4WXgHtmfd468OluUpU5etAu13D3n
+ f0iDeCuohH0uTjP+EojnKrAXYTiTRpySqXjVmhaWwFyMAACFdzKFb9cgMoByrP0U
+ 5qruBcupK8Zwxt+Pe8IadRpPuOmz/bMYS7r+NKwybttoIX+YVm4myNzqdtMT77+H
+ BYR2mzW99T5YI54YZoCe0+XiIEQsosd6IL/9dP0+6vku6nHLD4qb81Q9AgaT+hte
+ s/ivHL+Fe2GULEQUi8aoEfXrPwnGFVY+QYxLw2G9A0Gfe9KnYBXDn99HXUGcFu2l
+ x7duN6mnT3WNC6VReh9m5+rPMnih/3l82W0tH1lBWUtdKcxx6yhkyUFgKOvkm4UP
+ gf1+EIpxf+bM7jlWylKGc+bD+dTMFV+tzHE6qHlcnzdZQrhYd0zjOXGnm4Kl1ec5
+ GSlpmqTcjgR+42l6frAENo3fndqYw1WkDtswImDz3Wjuco7BiOULHTJvQN+Ao1DI
+ l2MQDOWJoN4eYIE4XPqLSvdOSavHQB2WGv+dFDDpWOxnDLNi19aubtynIfpGJXxV
+ L8s9kUTG00Hdv08BG06hGt0+2Sy1PTVniDcTftHKmEOPS6Y5rJzQih7JdakSUQCc
+ 6j/HwgWTf85Io/tbVMTNtkECAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;