summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2015-12-26 10:44:54 +0100
committerlassulus <lass@aidsballs.de>2015-12-26 10:44:54 +0100
commit6733fa66b46f0d00b7016a92f4ef093ccb7b7a2b (patch)
tree13bca60f67491263bf027b2b1f09cf5b14b1c9c0
parentf55b44eb7cffbe0934785afd3a36001ba0713ad1 (diff)
parent763f0db52ad45eef6e09d7982cd0f6cd898857e3 (diff)
Merge remote-tracking branch 'cd/master'
-rw-r--r--krebs/3modules/Reaktor.nix20
-rw-r--r--krebs/3modules/apt-cacher-ng.nix6
-rw-r--r--krebs/3modules/bepasty-server.nix4
-rw-r--r--krebs/3modules/buildbot/slave.nix2
-rw-r--r--krebs/3modules/fetchWallpaper.nix2
-rw-r--r--krebs/3modules/git.nix8
-rw-r--r--krebs/3modules/github-hosts-sync.nix4
-rw-r--r--krebs/3modules/go.nix5
-rw-r--r--krebs/3modules/realwallpaper.nix10
-rw-r--r--krebs/3modules/retiolum.nix4
-rw-r--r--krebs/3modules/tinc_graphs.nix2
-rw-r--r--krebs/3modules/urlwatch.nix5
-rw-r--r--krebs/4lib/default.nix3
-rw-r--r--krebs/4lib/genid.nix37
-rw-r--r--krebs/5pkgs/genid/default.nix22
-rw-r--r--lass/1systems/mors.nix1
-rw-r--r--lass/2configs/libvirt.nix4
-rw-r--r--lass/2configs/skype.nix4
-rw-r--r--lass/2configs/weechat.nix2
-rw-r--r--lass/3modules/newsbot-js.nix2
-rw-r--r--lass/3modules/owncloud_nginx.nix2
-rw-r--r--lass/3modules/wordpress_nginx.nix2
-rw-r--r--makefu/1systems/vbob.nix1
-rw-r--r--tv/1systems/wu.nix1
-rw-r--r--tv/1systems/xu.nix1
-rw-r--r--tv/2configs/charybdis.nix4
-rw-r--r--tv/2configs/pulse.nix8
-rw-r--r--tv/3modules/consul.nix4
-rw-r--r--tv/3modules/ejabberd.nix4
29 files changed, 82 insertions, 92 deletions
diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
index 1ec49b81e..0fca52203 100644
--- a/krebs/3modules/Reaktor.nix
+++ b/krebs/3modules/Reaktor.nix
@@ -1,19 +1,8 @@
-{ config, pkgs,lib, ... }:
-
+{ config, lib, pkgs, ... }:
+with lib;
let
- inherit (lib)
- mkIf
- mkOption
- types
- singleton
- isString
- optionalString
- concatStrings
- escapeShellArg
- ;
-
ReaktorConfig = pkgs.writeText "config.py" ''
${if (isString cfg.overrideConfig ) then ''
# Overriden Config
@@ -86,10 +75,9 @@ let
imp = {
# for reaktor get-config
- users.extraUsers = singleton {
+ users.extraUsers = singleton rec {
name = "Reaktor";
- # uid = config.ids.uids.Reaktor;
- uid = 2066439104; #genid Reaktor
+ uid = genid name;
description = "Reaktor user";
home = "/var/lib/Reaktor";
createHome = true;
diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix
index 75296bafb..371d39b6f 100644
--- a/krebs/3modules/apt-cacher-ng.nix
+++ b/krebs/3modules/apt-cacher-ng.nix
@@ -119,16 +119,14 @@ let
imp = {
users.extraUsers.acng = {
- # uid = config.ids.uids.acng;
- uid = 897955083; #genid Reaktor
+ uid = genid "acng";
description = "apt-cacher-ng";
home = acng-home;
createHome = false;
};
users.extraGroups.acng = {
- gid = 897955083; #genid Reaktor
- # gid = config.ids.gids.Reaktor;
+ gid = genid "acng";
};
systemd.services.apt-cacher-ng = {
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix
index c99c3d11a..e74841205 100644
--- a/krebs/3modules/bepasty-server.nix
+++ b/krebs/3modules/bepasty-server.nix
@@ -130,12 +130,12 @@ let
) cfg.servers;
users.extraUsers.bepasty = {
- uid = 2796546855; #genid bepasty
+ uid = genid "bepasty";
group = "bepasty";
home = "/var/lib/bepasty-server";
};
users.extraGroups.bepasty = {
- gid = 2796546855; #genid bepasty
+ gid = genid "bepasty";
};
};
diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix
index 8711a287a..0e7796d8a 100644
--- a/krebs/3modules/buildbot/slave.nix
+++ b/krebs/3modules/buildbot/slave.nix
@@ -127,7 +127,7 @@ let
imp = {
users.extraUsers.buildbotSlave = {
- uid = 1408105834; #genid buildbotMaster
+ uid = genid "buildbotSlave";
description = "Buildbot Slave";
home = cfg.workDir;
createHome = false;
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index 83ecf4177..f320c7505 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -51,7 +51,7 @@ let
imp = {
users.users.fetchWallpaper = {
name = "fetchWallpaper";
- uid = 3332383611; #genid fetchWallpaper
+ uid = genid "fetchWallpaper";
description = "fetchWallpaper user";
home = cfg.stateDir;
createHome = true;
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index 234129497..e6267d7e6 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -145,14 +145,14 @@ let
]) (filter (x: hasAttr "allow-receive-ref" x.perm) cfg.rules));
};
- users.extraUsers = singleton {
+ users.extraUsers = singleton rec {
description = "Git repository hosting user";
name = "git";
shell = "/bin/sh";
openssh.authorizedKeys.keys =
mapAttrsToList (_: makeAuthorizedKey git-ssh-command)
config.krebs.users;
- uid = 129318403; # genid git
+ uid = genid name;
};
};
@@ -238,9 +238,9 @@ let
};
};
- fcgitwrap-user = {
+ fcgitwrap-user = rec {
name = "fcgiwrap";
- uid = 2867890860; # genid fcgiwrap
+ uid = genid name;
group = "fcgiwrap";
};
diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix
index 5503ee8d6..2aa18d53a 100644
--- a/krebs/3modules/github-hosts-sync.nix
+++ b/krebs/3modules/github-hosts-sync.nix
@@ -56,9 +56,9 @@ let
};
};
- user = {
+ user = rec {
name = "github-hosts-sync";
- uid = 3220554646; # genid github-hosts-sync
+ uid = genid name;
};
# TODO move to lib?
diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix
index 793d1f60d..08a93dab7 100644
--- a/krebs/3modules/go.nix
+++ b/krebs/3modules/go.nix
@@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }:
-with builtins;
with lib;
let
@@ -31,9 +30,9 @@ let
bind = mkDefault "127.0.0.1";
};
- users.extraUsers.go = {
+ users.extraUsers.go = rec {
name = "go";
- uid = 42774411; #genid go
+ uid = genid name;
description = "go url shortener user";
home = "/var/lib/go";
createHome = true;
diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix
index 7e02538f5..b377368f7 100644
--- a/krebs/3modules/realwallpaper.nix
+++ b/krebs/3modules/realwallpaper.nix
@@ -1,13 +1,7 @@
arg@{ config, lib, pkgs, ... }:
+with lib;
let
- inherit (lib)
- mkEnableOption
- mkOption
- types
- mkIf
- ;
-
cfg = config.krebs.realwallpaper;
out = {
@@ -89,7 +83,7 @@ let
};
users.extraUsers.realwallpaper = {
- uid = 2009435407; #genid realwallpaper
+ uid = genid "realwallpaper";
home = cfg.workingDir;
createHome = true;
};
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix
index 28ac67306..e0e2692a8 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/retiolum.nix
@@ -133,9 +133,9 @@ let
};
};
- user = {
+ user = rec {
name = "retiolum";
- uid = 301281149; # genid retiolum
+ uid = genid name;
};
tinc = cfg.tincPackage;
diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index ba81dd416..1f32c2e59 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -120,7 +120,7 @@ let
};
users.extraUsers.tinc_graphs = {
- uid = 3925439960; #genid tinc_graphs
+ uid = genid "tinc_graphs";
home = "/var/spool/tinc_graphs";
};
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index 206bc5697..31cbfcf6e 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -5,7 +5,6 @@
# cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}"
# TODO hooks.py
-with builtins;
with lib;
let
cfg = config.krebs.urlwatch;
@@ -136,9 +135,9 @@ let
};
};
- user = {
+ user = rec {
name = "urlwatch";
- uid = 3467631196; # genid urlwatch
+ uid = genid name;
};
in
out
diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix
index 1cabeae27..dfc51bbe4 100644
--- a/krebs/4lib/default.nix
+++ b/krebs/4lib/default.nix
@@ -7,6 +7,8 @@ let out = rec {
eq = x: y: x == y;
+ mod = x: y: x - y * (x / y);
+
addName = name: set:
set // { inherit name; };
@@ -17,6 +19,7 @@ let out = rec {
dir.has-default-nix = path: pathExists (path + "/default.nix");
dns = import ./dns.nix { inherit lib; };
+ genid = import ./genid.nix { lib = lib // out; };
git = import ./git.nix { lib = lib // out; };
listset = import ./listset.nix { inherit lib; };
shell = import ./shell.nix { inherit lib; };
diff --git a/krebs/4lib/genid.nix b/krebs/4lib/genid.nix
new file mode 100644
index 000000000..0aed1d351
--- /dev/null
+++ b/krebs/4lib/genid.nix
@@ -0,0 +1,37 @@
+{ lib, ... }:
+with lib;
+with builtins;
+let out = genid;
+
+ # id = genid s = (hash s + min) % max
+ # min <= genid s < max
+ #
+ # min = 2^24 = 16777216 = 0x001000000
+ # max = 2^32 = 4294967296 = 0x100000000
+ #
+ # id is bigger than UID of nobody and GID of nogroup
+ # see <nixos/modules/misc/ids.nix> and some spare for stuff like lxd.
+ #
+ # :: str -> uint32
+ genid = s: sum16 (addmod16_16777216 (hash s));
+
+ # :: str -> list8 uint4
+ hash = s:
+ map hexint (stringToCharacters (substring 32 8 (hashString "sha1" s)));
+
+ # :: list uint -> uint
+ sum16 = foldl (a: i: a * 16 + i) 0;
+
+ # :: list8 uint4 -> list1 uint8 ++ list6 uint4
+ addmod16_16777216 = x: let
+ a = 16 * head x + head (tail x);
+ d = tail (tail x);
+ in [(mod (a + 1) 256)] ++ d;
+
+ # :: char -> uint4
+ hexint = x: hexvals.${toLower x};
+
+ # :: attrset char uint4
+ hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; })
+ (stringToCharacters "0123456789abcdef"));
+in out
diff --git a/krebs/5pkgs/genid/default.nix b/krebs/5pkgs/genid/default.nix
deleted file mode 100644
index c75bec317..000000000
--- a/krebs/5pkgs/genid/default.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ lib, pkgs, ... }:
-
-pkgs.writeScriptBin "genid" ''
- #! /bin/sh
- # usage: genid NAME
- set -euf
-
- export PATH=${lib.makeSearchPath "bin" (with pkgs; [
- bc
- coreutils
- ])}
-
- name=$1
- hash=$(printf %s "$name" | sha1sum | cut -d\ -f1 | tr a-f A-F)
- echo "
- min=2^24 # bigger than nobody and nogroup, see <nixos/modules/misc/ids.nix>
- # and some spare for stuff like lxd.
- max=2^32 # see 2^(8*sizeof(uid_t))
- ibase=16
- ($hash + min) % max
- " | bc
-''
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 9b2200c58..61f57f1f9 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -210,7 +210,6 @@
cac
sshpass
get
- genid
teamspeak_client
hashPassword
];
diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix
index 368722e77..7520a0e36 100644
--- a/lass/2configs/libvirt.nix
+++ b/lass/2configs/libvirt.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
let
mainUser = config.users.extraUsers.mainUser;
@@ -8,7 +8,7 @@ in {
users.extraUsers = {
libvirt = {
- uid = 358821352; # genid libvirt
+ uid = lib.genid "libvirt";
description = "user for running libvirt stuff";
home = "/home/libvirt";
useDefaultShell = true;
diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix
index 6a226441b..d62a18a52 100644
--- a/lass/2configs/skype.nix
+++ b/lass/2configs/skype.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
let
mainUser = config.users.extraUsers.mainUser;
@@ -7,7 +7,7 @@ in {
users.extraUsers = {
skype = {
name = "skype";
- uid = 2259819492; #genid skype
+ uid = lib.genid "skype";
description = "user for running skype";
home = "/home/skype";
useDefaultShell = true;
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
index 18007ed61..6a257f0bb 100644
--- a/lass/2configs/weechat.nix
+++ b/lass/2configs/weechat.nix
@@ -8,7 +8,7 @@
users.extraUsers.chat = {
home = "/home/chat";
- uid = 986764891; # genid chat
+ uid = lib.genid "chat";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
diff --git a/lass/3modules/newsbot-js.nix b/lass/3modules/newsbot-js.nix
index 6d87d256d..5e340b26f 100644
--- a/lass/3modules/newsbot-js.nix
+++ b/lass/3modules/newsbot-js.nix
@@ -51,7 +51,7 @@ let
imp = {
users.extraUsers.newsbot-js = {
name = "newsbot-js";
- uid = 1616759810; #genid newsbot-js
+ uid = genid "newsbot-js";
description = "newsbot-js user";
home = "/var/empty";
};
diff --git a/lass/3modules/owncloud_nginx.nix b/lass/3modules/owncloud_nginx.nix
index a0db87b0b..0cb11846c 100644
--- a/lass/3modules/owncloud_nginx.nix
+++ b/lass/3modules/owncloud_nginx.nix
@@ -207,7 +207,7 @@ let
# };
#});
users.users.nobody_oc = {
- uid = 1651469147; # genid nobody_oc
+ uid = genid "nobody_oc";
useDefaultShell = true;
};
};
diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix
index 2f31f6e02..974aacd83 100644
--- a/lass/3modules/wordpress_nginx.nix
+++ b/lass/3modules/wordpress_nginx.nix
@@ -229,7 +229,7 @@ let
};
});
users.users.nobody2 = mkDefault {
- uid = mkDefault 125816384; # genid nobody2
+ uid = mkDefault (genid "nobody2");
useDefaultShell = mkDefault true;
};
};
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
index a24cefd0d..b8c02cb67 100644
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@@ -59,7 +59,6 @@ in {
buildbot
buildbot-slave
get
- genid
];
networking.firewall.allowedTCPPorts = [
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix
index a768e781b..54ceb7783 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu.nix
@@ -16,7 +16,6 @@ with lib;
environment.systemPackages = with pkgs; [
# stockholm
- genid
gnumake
hashPassword
lentil
diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix
index eac36fafb..1f3e010a4 100644
--- a/tv/1systems/xu.nix
+++ b/tv/1systems/xu.nix
@@ -19,7 +19,6 @@ with lib;
environment.systemPackages = with pkgs; [
# stockholm
- genid
gnumake
hashPassword
lentil
diff --git a/tv/2configs/charybdis.nix b/tv/2configs/charybdis.nix
index 80c6f7c4a..f9ab3da68 100644
--- a/tv/2configs/charybdis.nix
+++ b/tv/2configs/charybdis.nix
@@ -72,9 +72,9 @@ let
};
};
- user = {
+ user = rec {
name = "charybdis";
- uid = 3748224544; # genid charybdis
+ uid = genid name;
};
configFile = toFile "charybdis-ircd.conf" ''
diff --git a/tv/2configs/pulse.nix b/tv/2configs/pulse.nix
index 0ddc52789..3db3532d5 100644
--- a/tv/2configs/pulse.nix
+++ b/tv/2configs/pulse.nix
@@ -69,12 +69,10 @@ in
};
};
- users = let
- id = 3768151709; # genid pulse
- in {
- groups.pulse.gid = id;
+ users = {
+ groups.pulse.gid = config.users.users.pulse.uid;
users.pulse = {
- uid = id;
+ uid = genid "pulse";
group = "pulse";
extraGroups = [ "audio" ];
home = "${runDir}/home";
diff --git a/tv/3modules/consul.nix b/tv/3modules/consul.nix
index ccdee07f5..5c955fdb5 100644
--- a/tv/3modules/consul.nix
+++ b/tv/3modules/consul.nix
@@ -109,9 +109,9 @@ let
};
};
- user = {
+ user = rec {
name = "consul";
- uid = 2999951406; # genid consul
+ uid = genid name;
};
in
diff --git a/tv/3modules/ejabberd.nix b/tv/3modules/ejabberd.nix
index 6b231fb56..581e10074 100644
--- a/tv/3modules/ejabberd.nix
+++ b/tv/3modules/ejabberd.nix
@@ -53,9 +53,9 @@ let
};
};
- user = {
+ user = rec {
name = "ejabberd";
- uid = 3499746127; # genid ejabberd
+ uid = genid name;
};
my-ejabberdctl = pkgs.writeScriptBin "ejabberdctl" ''