summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2021-06-05 14:59:56 +0200
committermakefu <github@syntax-fehler.de>2021-06-05 14:59:56 +0200
commitced3b0f76e74023c1ba99eaa791673cb6f4940e6 (patch)
treeaf0432cdbd4d7a21e2aa70b7e6d7585becd4c82d /krebs/3modules
parentfb8907aa1c0e4c0b0c5dc421f55ef8b94c5db193 (diff)
parent7fa69b3399d8b52526928df81b2a6cad3f931a28 (diff)
Merge remote-tracking branch 'lass/21.05' into 21.05
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/bepasty-server.nix1
-rw-r--r--krebs/3modules/brockman.nix2
-rw-r--r--krebs/3modules/buildbot/master.nix1
-rw-r--r--krebs/3modules/buildbot/slave.nix1
-rw-r--r--krebs/3modules/exim.nix1
-rw-r--r--krebs/3modules/external/default.nix52
-rw-r--r--krebs/3modules/fetchWallpaper.nix1
-rw-r--r--krebs/3modules/git.nix2
-rw-r--r--krebs/3modules/github-hosts-sync.nix1
-rw-r--r--krebs/3modules/htgen.nix1
-rw-r--r--krebs/3modules/realwallpaper.nix1
-rw-r--r--krebs/3modules/tinc.nix1
-rw-r--r--krebs/3modules/tinc_graphs.nix1
13 files changed, 65 insertions, 1 deletions
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix
index ffa9a29e9..051646b63 100644
--- a/krebs/3modules/bepasty-server.nix
+++ b/krebs/3modules/bepasty-server.nix
@@ -146,6 +146,7 @@ let
uid = genid_uint31 "bepasty";
group = "bepasty";
home = "/var/lib/bepasty-server";
+ isSystemUser = true;
};
users.extraGroups.bepasty = {
gid = genid_uint31 "bepasty";
diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix
index 9b2ed4a71..7a78880ea 100644
--- a/krebs/3modules/brockman.nix
+++ b/krebs/3modules/brockman.nix
@@ -12,7 +12,7 @@ in {
users.extraUsers.brockman = {
home = "/var/lib/brockman";
createHome = true;
- isNormalUser = false;
+ isSystemUser = true;
uid = genid_uint31 "brockman";
};
diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix
index 8995753ac..a845bb281 100644
--- a/krebs/3modules/buildbot/master.nix
+++ b/krebs/3modules/buildbot/master.nix
@@ -322,6 +322,7 @@ let
description = "Buildbot Master";
home = cfg.workDir;
createHome = false;
+ isSystemUser = true;
};
users.extraGroups.buildbotMaster = {
diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix
index c15169fba..d877b9911 100644
--- a/krebs/3modules/buildbot/slave.nix
+++ b/krebs/3modules/buildbot/slave.nix
@@ -131,6 +131,7 @@ let
description = "Buildbot Slave";
home = cfg.workDir;
createHome = false;
+ isSystemUser = true;
};
users.extraGroups.buildbotSlave = {
diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix
index 83d88cb0d..972c7f437 100644
--- a/krebs/3modules/exim.nix
+++ b/krebs/3modules/exim.nix
@@ -78,6 +78,7 @@ in {
inherit (cfg.user) home name uid;
createHome = true;
group = cfg.group.name;
+ isSystemUser = true;
};
};
};
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 7a2075702..31cd9e2c3 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -563,6 +563,58 @@ in {
};
};
};
+ nxnx = {
+ owner = config.krebs.users.rtjure;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.122.126";
+ aliases = [
+ "nxnx.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEA2JWNe54YaFM+flK3LlPwgOSgVRmZi+e+Qhc6uJYIxkQcAvJKpKJQ
+ 1M4h7OE7eiJLdDp/aGaHe4BuII15/0lFJwYf1Zt8E1zN54QtwuELkDgOhgkhgvVb
+ tO+maHh10xsQMFlhpUztEk8oQuBu5toC795nKY7lBR2o6V2dPbbVo1+qr7qArOWo
+ cBlshRhEDjuzJUMHLlUGu43/miWeDewAq4O7U/nNNEz/v8KbESqP9HtTjelAeWz6
+ zGha8hSn+Snkt76kP15drgn1L8MMFvnm5EeJ5VkehnpOi8Vi9Yqln+VGwlvbhEdK
+ ST0gxNBKoSvLITS1P/ypfiEXARUOffgq+kLA2Hyet0DfBjCMD+WkTBlj1QyXLs10
+ 3/xBntlOQqBcLIdpi/yRs7miyQlyblqsyiQOCukIvibdHB1RLdVBhUE3A7hgw4R+
+ +3ug/mQR+fDOpNB/sOkorcTVgA04KENUHc+6OqA0dvoAYr8l7N4+az3AtyHDNr5x
+ 4otjxOq4fmu80sbm5Ry9SoNYMc4fOuWIZDHZ/ntDKqzHw3BaNB9vNkpKj22nArI4
+ cwAMPPJMJJ+Ef7tIzZ+NKtPudqztoLa5AYNllV7K9gS6NG0Yzk6iIQ42bKgfsZFn
+ 9AkCdv8EycNIAIbBomPv2XIKYlKs3RfWEjRcSl3TQl4b3bilCicgnLECAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+ nxnv = {
+ owner = config.krebs.users.rtjure;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.122.127";
+ aliases = [
+ "nxnv.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAxEs92W/wRl3wlB6fNS2KUS+ubFAPLkgQYhk4JXeEeTpUq1H27oxB
+ ZWgWOlLMqnvn3w+aHQviWWPl5F6jXCxDOWCwyLhZU4cs45+ub9KKezCeE8IN+gAt
+ NKDqmRFzao9EXoT7sR65BblqEUR/Aqpykv7n4JdL5pGDbw1GGJ6Xf5QZo2sYm4wp
+ wdqOROn/V2Sm8NgmD1K6Sa2i6BLHSvHqunI4qoTyMfGXl8sbw6I2iclpQy8td9bt
+ 1WA7F9kVTZdhaWgfpiZ8sKQ9LoFKoy6jnoppQcl/E8V2XNnjPy8obaLX9rTJ/deT
+ eW9qmfZeYiFSaDLLWEIZjhaU2l9z72oWyUW8w8GZQD+ypGi+UDMkbAhRHiaVGOZy
+ S7AodiEL2Ebzj6XJaNYC3LYm5R8U6XlvcHwn4FDtgKkqwXz08cZsPwQLoBjXUEi/
+ 9/A5WEwrmp62TJ/ZRcRwV8/dBklrc/4FT0q0CiMuCWcbjF891d68TvcXlVU3gCwN
+ ld80CS17o2dOsBBW4nft7+9tL545p7mMjw6Oa4kRUTo2n1mYkMdTGZR+tOCD6hvW
+ 45IG7vGq5EnRwolekGoMRf8RthajU2RXcIoNWnVon0so0Rja+AU9G7dobd/2qila
+ jta1Mou2vzUSAbdwXtBwJHlV9882p1utMlU9XVEZwQXfWSt488tQqzsCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
ada = {
owner = config.krebs.users.filly;
nets = {
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index e89b86e32..852c8f630 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -57,6 +57,7 @@ let
description = "fetchWallpaper user";
home = cfg.stateDir;
createHome = true;
+ isSystemUser = true;
};
systemd.timers.fetchWallpaper = {
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index 4eb881341..d31d91b7c 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -366,6 +366,7 @@ let
# To allow running cgit-clear-cache via hooks.
cfg.cgit.fcgiwrap.group.name
];
+ isSystemUser = true;
shell = "/bin/sh";
openssh.authorizedKeys.keys =
unique
@@ -384,6 +385,7 @@ let
users.${cfg.cgit.fcgiwrap.user.name} = {
inherit (cfg.cgit.fcgiwrap.user) home name uid;
group = cfg.cgit.fcgiwrap.group.name;
+ isSystemUser = true;
};
};
diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix
index 7d618ebfd..d385ec355 100644
--- a/krebs/3modules/github-hosts-sync.nix
+++ b/krebs/3modules/github-hosts-sync.nix
@@ -65,6 +65,7 @@ let
users.users.${user.name} = {
inherit (user) uid;
home = cfg.dataDir;
+ isSystemUser = true;
};
};
diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix
index 70c4fcd2b..063bccc68 100644
--- a/krebs/3modules/htgen.nix
+++ b/krebs/3modules/htgen.nix
@@ -66,6 +66,7 @@ let
nameValuePair htgen.user.name {
inherit (htgen.user) home name uid;
createHome = true;
+ isSystemUser = true;
}
) cfg;
diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix
index 86b74a8ca..76f333963 100644
--- a/krebs/3modules/realwallpaper.nix
+++ b/krebs/3modules/realwallpaper.nix
@@ -60,6 +60,7 @@ let
uid = genid "realwallpaper";
home = cfg.workingDir;
createHome = true;
+ isSystemUser = true;
};
};
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index 4252c8d3b..a8a78a43e 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -236,6 +236,7 @@ let
nameValuePair "${netname}" {
inherit (cfg.user) home name uid;
createHome = true;
+ isSystemUser = true;
}
) config.krebs.tinc;
diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index 33a24871f..19cce8aa4 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -127,6 +127,7 @@ let
users.extraUsers.tinc_graphs = {
uid = genid_uint31 "tinc_graphs";
home = "/var/spool/tinc_graphs";
+ isSystemUser = true;
};
services.nginx = mkIf cfg.nginx.enable {
enable = mkDefault true;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-06 11:57:07 +0000