Merge remote-tracking branch 'ni/master'

6 files changed, 96 insertions, 52 deletions

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 8ea727dc7..7f0070483 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -138,41 +138,54 @@ let
         let inherit (config.krebs.build.host.ssh) privkey; in
         mkIf (privkey != null) [privkey];
 
-      # TODO use imports for merging
       services.openssh.knownHosts =
-        (let inherit (config.krebs.build.host.ssh) pubkey; in
-          optionalAttrs (pubkey != null) {
-            localhost = {
-              hostNames = ["localhost" "127.0.0.1" "::1"];
-              publicKey = pubkey;
-            };
-          })
-        //
-        mapAttrs
-          (name: host: {
-            hostNames =
-              concatLists
-                (mapAttrsToList
-                  (net-name: net:
-                    let
-                      longs = net.aliases;
-                      shorts =
-                        optionals
-                          (cfg.dns.search-domain != null)
-                          (map (removeSuffix ".${cfg.dns.search-domain}")
-                               (filter (hasSuffix ".${cfg.dns.search-domain}")
-                                       longs));
-                      add-port = a:
-                        if net.ssh.port != 22
-                          then "[${a}]:${toString net.ssh.port}"
-                          else a;
-                    in
-                    map add-port (shorts ++ longs ++ net.addrs))
-                  host.nets);
-
-            publicKey = host.ssh.pubkey;
-          })
-          (filterAttrs (_: host: host.ssh.pubkey != null) cfg.hosts);
+        filterAttrs
+          (knownHostName: knownHost:
+            knownHost.publicKey != null &&
+            knownHost.hostNames != []
+          )
+          (mapAttrs
+            (hostName: host: {
+              hostNames =
+                concatLists
+                  (mapAttrsToList
+                    (netName: net:
+                      let
+                        aliases =
+                          concatLists [
+                            shortAliases
+                            net.aliases
+                            net.addrs
+                          ];
+                        shortAliases =
+                          optionals
+                            (cfg.dns.search-domain != null)
+                            (map (removeSuffix ".${cfg.dns.search-domain}")
+                                 (filter (hasSuffix ".${cfg.dns.search-domain}")
+                                         net.aliases));
+                        addPort = alias:
+                          if net.ssh.port != 22
+                            then "[${alias}]:${toString net.ssh.port}"
+                            else alias;
+                      in
+                      map addPort aliases
+                    )
+                    host.nets);
+              publicKey = host.ssh.pubkey;
+            })
+            (foldl' mergeAttrs {} [
+              cfg.hosts
+              {
+                localhost = {
+                  nets.local = {
+                    addrs = [ "127.0.0.1" "::1" ];
+                    aliases = [ "localhost" ];
+                    ssh.port = 22;
+                  };
+                  ssh.pubkey = config.krebs.build.host.ssh.pubkey;
+                };
+              }
+            ]));
 
       programs.ssh.extraConfig = concatMapStrings
         (net: ''
diff --git a/krebs/5pkgs/haskell/nix-serve-ng.nix b/krebs/5pkgs/haskell/nix-serve-ng.nix
new file mode 100644
index 000000000..8866b205b
--- /dev/null
+++ b/krebs/5pkgs/haskell/nix-serve-ng.nix
@@ -0,0 +1,30 @@
+{ mkDerivation, async, base, base16, base32, bytestring, charset
+, fetchgit, http-client, http-types, lib, managed, megaparsec, mtl
+, network, nix, optparse-applicative, tasty-bench, temporary, text
+, turtle, vector, wai, wai-extra, warp, warp-tls
+, boost
+}:
+mkDerivation {
+  pname = "nix-serve-ng";
+  version = "1.0.0";
+  src = fetchgit {
+    url = "https://github.com/aristanetworks/nix-serve-ng";
+    sha256 = "0mqp67z5mi8rsjahdh395n7ppf0b65k8rd3pvnl281g02rbr69y2";
+    rev = "433f70f4daae156b84853f5aaa11987aa5ce7277";
+    fetchSubmodules = true;
+  };
+  isLibrary = false;
+  isExecutable = true;
+  executableHaskellDepends = [
+    base base16 base32 bytestring charset http-types managed megaparsec
+    mtl network optparse-applicative vector wai wai-extra warp warp-tls
+  ];
+  executablePkgconfigDepends = [ nix ];
+  executableSystemDepends = [ boost.dev ];
+  benchmarkHaskellDepends = [
+    async base bytestring http-client tasty-bench temporary text turtle
+    vector
+  ];
+  description = "A drop-in replacement for nix-serve that's faster and more stable";
+  license = lib.licenses.bsd3;
+}
diff --git a/tv/2configs/bash/default.nix b/tv/2configs/bash/default.nix
index 42914e060..92e2499a9 100644
--- a/tv/2configs/bash/default.nix
+++ b/tv/2configs/bash/default.nix
@@ -6,7 +6,7 @@ with import <stockholm/lib>;
   programs.bash = {
     interactiveShellInit = /* sh */ ''
       HISTCONTROL='erasedups:ignorespace'
-      HISTSIZE=65536
+      HISTSIZE=900001
       HISTFILESIZE=$HISTSIZE
       HISTTIMEFORMAT=
 
diff --git a/tv/2configs/binary-cache/default.nix b/tv/2configs/binary-cache/default.nix
index f6eaba36f..58791f4f6 100644
--- a/tv/2configs/binary-cache/default.nix
+++ b/tv/2configs/binary-cache/default.nix
@@ -3,24 +3,15 @@
   environment.etc."binary-cache.pubkey".text =
     config.krebs.build.host.binary-cache.pubkey;
 
+  nixpkgs.overlays = [
+    (self: super: {
+      nix-serve = self.haskellPackages.nix-serve-ng;
+    })
+  ];
+
   services.nix-serve = {
     enable = true;
-    secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path;
-  };
-
-  systemd.services.nix-serve = {
-    after = [
-      config.krebs.secret.files.binary-cache-seckey.service
-    ];
-    partOf = [
-      config.krebs.secret.files.binary-cache-seckey.service
-    ];
-  };
-
-  krebs.secret.files.binary-cache-seckey = {
-    path = "/run/secret/nix-serve.key";
-    owner.name = "nix-serve";
-    source-path = toString <secrets> + "/nix-serve.key";
+    secretKeyFile = toString <secrets> + "/nix-serve.key";
   };
 
   services.nginx = {
@@ -28,6 +19,7 @@
     virtualHosts.nix-serve = {
       serverAliases = [
         "cache.${config.krebs.build.host.name}.hkw"
+        "cache.${config.krebs.build.host.name}.r"
       ];
       locations."/".extraConfig = ''
         proxy_pass http://localhost:${toString config.services.nix-serve.port};
diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix
index 8cb137510..e98a57327 100644
--- a/tv/3modules/im.nix
+++ b/tv/3modules/im.nix
@@ -71,7 +71,7 @@ in {
           export PATH=${lib.makeSearchPath "bin" [
             pkgs.tmux
             pkgs.gnugrep
-            pkgs.weechat
+            pkgs.weechat-tv
           ]}
           if tmux list-sessions -F\#S | grep -q '^im''$'; then
             exec tmux attach -t im
diff --git a/tv/5pkgs/simple/weechat-tv.nix b/tv/5pkgs/simple/weechat-tv.nix
new file mode 100644
index 000000000..17d286366
--- /dev/null
+++ b/tv/5pkgs/simple/weechat-tv.nix
@@ -0,0 +1,9 @@
+{ lib, pkgs }:
+
+pkgs.wrapWeechat pkgs.weechat-unwrapped {
+  configure = { availablePlugins, ... }: {
+    scripts = [
+      pkgs.weechatScripts.weechat-matrix
+    ];
+  };
+}