diff options
author | tv <tv@krebsco.de> | 2024-04-12 13:37:35 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2024-04-12 13:37:35 +0200 |
commit | e639b36f2b61de13a7faaac92c473985cf64a08f (patch) | |
tree | 223f2c4987b9609e3f278fd4eccea40aae6d7e4a | |
parent | cfbac46b5a3cb73505d59205c9af9b7597e5c3f2 (diff) | |
parent | 593ae434b8a088f59340d6be595cd133b5b72908 (diff) |
Merge remote-tracking branch 'orange/master'
-rw-r--r-- | flake.lock | 6 | ||||
-rw-r--r-- | kartei/lass/dishfire.nix | 40 | ||||
-rw-r--r-- | krebs/1systems/puyak/config.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/go.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/sync-containers3.nix | 20 | ||||
-rw-r--r-- | krebs/5pkgs/simple/reaktor2-plugins.nix | 6 | ||||
-rw-r--r-- | krebs/5pkgs/simple/stable-generate/default.nix | 2 |
7 files changed, 23 insertions, 56 deletions
diff --git a/flake.lock b/flake.lock index 6fba339f5..9a05f5a3c 100644 --- a/flake.lock +++ b/flake.lock @@ -18,11 +18,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1702151865, - "narHash": "sha256-9VAt19t6yQa7pHZLDbil/QctAgVsA66DLnzdRGqDisg=", + "lastModified": 1707956935, + "narHash": "sha256-ZL2TrjVsiFNKOYwYQozpbvQSwvtV/3Me7Zwhmdsfyu4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "666fc80e7b2afb570462423cb0e1cf1a3a34fedd", + "rev": "a4d4fe8c5002202493e87ec8dbc91335ff55552c", "type": "github" }, "original": { diff --git a/kartei/lass/dishfire.nix b/kartei/lass/dishfire.nix deleted file mode 100644 index 548320584..000000000 --- a/kartei/lass/dishfire.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ r6, w6, ... }: -{ - nets = rec { - internet = { - ip4 = rec { - addr = "157.90.232.92"; - prefix = "${addr}/32"; - }; - aliases = [ - "dishfire.i" - ]; - ssh.port = 45621; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.133.99"; - ip6.addr = r6 "d15f:1233"; - aliases = [ - "dishfire.r" - "grafana.lass.r" - "prometheus.lass.r" - "alert.lass.r" - ]; - tinc = { - pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAwKi49fN+0s5Cze6JThM7f7lj4da27PSJ/3w3tDFPvtQco11ksNLs - Xd3qPaQIgmcNVCR06aexae3bBeTx9y3qHvKqZVE1nCtRlRyqy1LVKSj15J1D7yz7 - uS6u/BSZiCzmdZwu3Fq5qqoK0nfzWe/NKEDWNa5l4Mz/BZQyI/hbOpn6UfFD0LpK - R4jzc9Dbk/IFNAvwb5yrgEYtwBzlXzeDvHW2JcPq3qQjK2byQYNiIyV3g0GHppEd - vDbIPDFhTn3Hv5zz/lX+/We8izzRge7MEd+Vn9Jwb5NAzwDsOHl6ExpqASv9H49U - HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - pubkey_ed25519 = "P+bhzhgTNdohWdec//t/e+8cI7zUOsS+Kq/AOtineAO"; - }; - }; - }; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy"; -} diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index fb0f6ec61..60c1c941a 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -23,7 +23,6 @@ <stockholm/krebs/2configs/container-networking.nix> <stockholm/krebs/2configs/syncthing.nix> - <stockholm/krebs/2configs/news-host.nix> ### shackspace ### # handle the worlddomination map via coap diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 9dc8fe6d2..0c3f42f1c 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -20,9 +20,7 @@ let }; imp = { - services.redis = { - enable = true; - }; + services.redis.servers.go.enable = true; krebs.htgen.go = { port = cfg.port; diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index 7373592a5..12a5ee4e7 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -43,6 +43,14 @@ in { fi ''; }; + hostname = lib.mkOption { + type = lib.types.str; + description = '' + hostname of the container, + his is continously checked by ping and the container is restarted if unreachable + ''; + default = config.name; + }; }; })); }; @@ -68,6 +76,8 @@ in { serviceConfig.ExecStart = pkgs.writers.writeDash "autoswitch" ctr.startCommand; unitConfig.X-StopOnRemoval = false; }; + # get rid of stateVersion not set warning; + system.stateVersion = config.system.nixos.release; }; autoStart = false; enableTun = true; @@ -110,8 +120,8 @@ in { set -efux consul lock sync_${ctr.name} ${pkgs.writers.writeDash "${ctr.name}-sync" '' set -efux - if ping -c 1 ${ctr.name}.r; then - nice --adjustment=30 rsync -a -e "ssh -i $CREDENTIALS_DIRECTORY/ssh_key" --timeout=30 --inplace --sparse container_sync@${ctr.name}.r:disk "$HOME"/disk.rsync + if ping -c 1 ${ctr.hostname}; then + nice --adjustment=30 rsync -a -e "ssh -i $CREDENTIALS_DIRECTORY/ssh_key" --timeout=30 --inplace --sparse container_sync@${ctr.hostname}:disk "$HOME"/disk.rsync touch "$HOME"/incomplete nice --adjustment=30 rsync --inplace "$HOME"/disk.rsync "$HOME"/disk rm -f "$HOME"/incomplete @@ -153,7 +163,7 @@ in { export payload if [ "$(jq -rn 'env.payload | fromjson.host')" = '${config.networking.hostName}' ]; then # echo 'we are the host, trying to reach container' - if $(retry -t 10 -d 10 -- ping -q -c 1 ${ctr.name}.r > /dev/null); then + if $(retry -t 10 -d 10 -- ping -q -c 1 ${ctr.hostname} > /dev/null); then # echo 'container is reachable, continueing' continue else @@ -237,8 +247,8 @@ in { /run/current-system/sw/bin/nixos-container start ${ctr.name} # wait for system to become reachable for the first time systemctl start ${ctr.name}_watcher.service - retry -t 10 -d 10 -- ping -q -c 1 ${ctr.name}.r > /dev/null - while systemctl is-active container@${ctr.name}.service >/devnull && ping -q -c 3 ${ctr.name}.r >/dev/null; do + retry -t 10 -d 10 -- ping -q -c 1 ${ctr.hostname} > /dev/null + while systemctl is-active container@${ctr.name}.service >/devnull && ping -q -c 3 ${ctr.hostname} >/dev/null; do consul kv put containers/${ctr.name} "$(jq -cn '{host: "${config.networking.hostName}", time: now}')" >/dev/null sleep 10 done diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix index b51b53a48..5b7be5d33 100644 --- a/krebs/5pkgs/simple/reaktor2-plugins.nix +++ b/krebs/5pkgs/simple/reaktor2-plugins.nix @@ -1,7 +1,7 @@ -{ lib, pkgs, stockholm, ... }: -with (builtins.trace (lib.attrNames stockholm) stockholm).lib; +{ pkgs, stockholm, ... }: +with stockholm.lib; -rec { +{ generators = { command_hook = commands: { pattern = diff --git a/krebs/5pkgs/simple/stable-generate/default.nix b/krebs/5pkgs/simple/stable-generate/default.nix index dc9c826f9..31cf6c23d 100644 --- a/krebs/5pkgs/simple/stable-generate/default.nix +++ b/krebs/5pkgs/simple/stable-generate/default.nix @@ -18,7 +18,7 @@ pkgs.writers.writeBashBin "stable-generate" '' filename=$(mktemp) curl -Ssf "$STABLE_URL/sdapi/v1/txt2img" \ -X POST \ - --Header 'Content-Type: application/json' \ + --header 'Content-Type: application/json' \ --data "$PAYLOAD" | jq -r '.images[0]' | base64 --decode > "$filename" |