diff options
author | makefu <github@syntax-fehler.de> | 2021-12-01 11:21:09 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2021-12-01 11:21:09 +0100 |
commit | 9301506249292633447910c4273573b82915d59c (patch) | |
tree | 099cc6a77a645fa98f41b0b5466a080c0b260894 /krebs | |
parent | 13c525e54862f0989eea2e4606a68c98e6b49b79 (diff) | |
parent | b79f5ab97db8115c4b2e66e57bb84587a31ce1e0 (diff) |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/2configs/default.nix | 7 | ||||
-rw-r--r-- | krebs/3modules/default.nix | 8 | ||||
-rw-r--r-- | krebs/3modules/external/default.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/lass/default.nix | 23 | ||||
-rw-r--r-- | krebs/3modules/lass/ssh/tablet.ed25519 | 1 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 2 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/mailaids.nix | 21 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/purebred-email/default.nix | 34 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch | 65 |
9 files changed, 157 insertions, 5 deletions
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 4c25bc963..369b750b7 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -45,6 +45,13 @@ with import <stockholm/lib>; services.cron.enable = false; services.ntp.enable = false; + # limit journald size + services.journald.extraConfig = '' + SystemMaxUse=1G + RuntimeMaxUse=128M + Storage=persistent + ''; + users.mutableUsers = false; users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.jeschli-brauerei.pubkey diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 24b17487b..7b6639212 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -80,9 +80,9 @@ let description = '' The zone configuration head which is being used to create the zone files. The string for each key is pre-pended to the zone file. - ''; - # TODO: configure the default somewhere else, - # maybe use krebs.dns.providers + ''; + # TODO: configure the default somewhere else, + # maybe use krebs.dns.providers default = { # github.io -> 192.30.252.154 @@ -96,7 +96,7 @@ let IN A 185.199.110.153 IN A 185.199.111.153 ''; - }; + }; }; }; diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 6fe71e31b..d919c8129 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -151,6 +151,7 @@ in { "makanek.kmein.r" "grafana.kmein.r" "names.kmein.r" + "graph.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 1f118b8b0..280021347 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -71,6 +71,7 @@ in { 60 IN NS ns16.ovh.net. 60 IN NS dns16.ovh.net. 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr} IN MX 5 lassul.us. 60 IN TXT v=spf1 mx a:lassul.us -all 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) @@ -98,6 +99,10 @@ in { addr = "95.216.1.150"; prefix = "0.0.0.0/0"; }; + ip6 = { + addr = "2a01:4f9:2a:1e9::1"; + prefix = "2a01:4f9:2a:1e9::/64"; + }; aliases = [ "prism.i" "paste.i" @@ -113,6 +118,7 @@ in { "cache.prism.r" "cgit.prism.r" "flix.r" + "jelly.r" "paste.r" "c.r" "p.r" @@ -569,6 +575,20 @@ in { ci = false; syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; + tablet = { + nets = { + wiregrill = { + ip4.addr = "10.244.1.14"; + ip6.addr = w6 "b"; + aliases = [ + "tablet.w" + ]; + wireguard.pubkey = "eIafsxYEFCqmWNFon6ZsYXeDrK4X1UJ9KD0zmNZjgEI="; + }; + }; + external = true; + ci = false; + }; hilum = { cores = 1; nets = { @@ -817,5 +837,8 @@ in { mail = "lassulus@gmail.com"; pubkey = builtins.readFile ./ssh/android.ed25519; }; + lass-tablet = { + pubkey = builtins.readFile ./ssh/tablet.ed25519; + }; }; } diff --git a/krebs/3modules/lass/ssh/tablet.ed25519 b/krebs/3modules/lass/ssh/tablet.ed25519 new file mode 100644 index 000000000..250be53f7 --- /dev/null +++ b/krebs/3modules/lass/ssh/tablet.ed25519 @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMaulRARjJt6gQ4q5DCj3ySAf4juHvVaIcXDRhWZ5mM u0_a234@localhost
\ No newline at end of file diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 03431ce5f..7780863a3 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -221,7 +221,7 @@ in { "cgit.gum.r" "dcpp.gum.r" "dcpp.nextgum.r" - "graph.r" + "graph.makefu.r" "logs.makefu.r" "netdata.makefu.r" "nextgum.r" diff --git a/krebs/5pkgs/haskell/mailaids.nix b/krebs/5pkgs/haskell/mailaids.nix new file mode 100644 index 000000000..f152a76f4 --- /dev/null +++ b/krebs/5pkgs/haskell/mailaids.nix @@ -0,0 +1,21 @@ +{ mkDerivation, aeson, aeson-pretty, base, bytestring +, case-insensitive, fetchgit, lens, optparse-applicative +, purebred-email, lib, text, vector, word8 +}: +mkDerivation { + pname = "mailaids"; + version = "1.0.0"; + src = fetchgit { + url = "https://cgit.krebsco.de/mailaids"; + sha256 = "15h0k82czm89gkwhp1rwdy77jz8dmb626qdz7c2narvz9j7169v5"; + rev = "8f11927ea74d6adb332c884502ebd9c486837523"; + fetchSubmodules = true; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + aeson aeson-pretty base bytestring case-insensitive lens + optparse-applicative purebred-email text vector word8 + ]; + license = lib.licenses.mit; +} diff --git a/krebs/5pkgs/haskell/purebred-email/default.nix b/krebs/5pkgs/haskell/purebred-email/default.nix new file mode 100644 index 000000000..ebf315388 --- /dev/null +++ b/krebs/5pkgs/haskell/purebred-email/default.nix @@ -0,0 +1,34 @@ +{ mkDerivation, attoparsec, base, base64-bytestring, bytestring +, case-insensitive, concise, deepseq, fetchgit, hedgehog, lens, lib +, QuickCheck, quickcheck-instances, semigroupoids, semigroups +, stringsearch, tasty, tasty-golden, tasty-hedgehog, tasty-hunit +, tasty-quickcheck, text, time +}: +mkDerivation { + pname = "purebred-email"; + version = "0.4.3"; + src = fetchgit { + url = "https://github.com/purebred-mua/purebred-email"; + sha256 = "06xhccavrdzfsvg65mzdnp0a7b1ilk2rqpnyvkr171ir6mqdpb19"; + rev = "769b360643f699c0a8cd6f1c3a3de36cf0479834"; + fetchSubmodules = true; + }; + patches = [ + ./untweak-mime-version-header.patch + ]; + isLibrary = true; + isExecutable = true; + libraryHaskellDepends = [ + attoparsec base base64-bytestring bytestring case-insensitive + concise deepseq lens semigroupoids semigroups stringsearch text + time + ]; + testHaskellDepends = [ + attoparsec base bytestring case-insensitive hedgehog lens + QuickCheck quickcheck-instances semigroups tasty tasty-golden + tasty-hedgehog tasty-hunit tasty-quickcheck text time + ]; + homepage = "https://github.com/purebred-mua/purebred-email"; + description = "types and parser for email messages (including MIME)"; + license = lib.licenses.agpl3Plus; +} diff --git a/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch new file mode 100644 index 000000000..97baf7ac1 --- /dev/null +++ b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch @@ -0,0 +1,65 @@ +diff --git a/src/Data/MIME.hs b/src/Data/MIME.hs +index 19af53e..be8cbd4 100644 +--- a/src/Data/MIME.hs ++++ b/src/Data/MIME.hs +@@ -810,7 +810,6 @@ multipart takeTillEnd boundary = + -- | Sets the @MIME-Version: 1.0@ header. + -- + instance RenderMessage MIME where +- tweakHeaders = set (headers . at "MIME-Version") (Just "1.0") + buildBody h z = Just $ case z of + Part partbody -> Builder.byteString partbody + Encapsulated msg -> buildMessage msg +diff --git a/tests/Generator.hs b/tests/Generator.hs +index 9e1f166..23bd122 100644 +--- a/tests/Generator.hs ++++ b/tests/Generator.hs +@@ -64,7 +64,7 @@ exampleMailsParseSuccessfully = + textPlain7bit :: MIMEMessage + textPlain7bit = + let m = createTextPlainMessage "This is a simple mail." +- in over headers (\(Headers xs) -> Headers $ (CI.mk "Subject", "Hello there") : xs) m ++ in over headers (\(Headers xs) -> Headers $ (CI.mk "MIME-Version", "1.0") : (CI.mk "Subject", "Hello there") : xs) m + + multiPartMail :: MIMEMessage + multiPartMail = +@@ -72,13 +72,16 @@ multiPartMail = + to' = Single $ Mailbox Nothing (AddrSpec "bar" (DomainDotAtom $ pure "bar.com")) + subject = "Hello there" + p = createTextPlainMessage "This is a simple mail." ++ & set (headers . at "MIME-Version") (Just "1.0") + a = createAttachment + contentTypeApplicationOctetStream + (Just "foo.bin") + "fileContentsASDF" ++ & set (headers . at "MIME-Version") (Just "1.0") + now = UTCTime (ModifiedJulianDay 123) (secondsToDiffTime 123) + in createMultipartMixedMessage "asdf" (fromList [p, a]) +- & set (headers . at "From") (Just $ renderMailboxes [from']) ++ & set (headers . at "MIME-Version") (Just "1.0") ++ . set (headers . at "From") (Just $ renderMailboxes [from']) + . set (headers . at "To") (Just $ renderAddresses [to']) + . set (headers . at "Date") (Just $ renderRFC5422Date now) + . set (headers . at "Subject") (Just $ T.encodeUtf8 subject) +diff --git a/tests/Message.hs b/tests/Message.hs +index 6711519..3e40397 100644 +--- a/tests/Message.hs ++++ b/tests/Message.hs +@@ -29,7 +29,7 @@ import Data.Char (isPrint) + import Data.Foldable (fold) + import Data.List.NonEmpty (NonEmpty(..), intersperse) + +-import Control.Lens (set, view) ++import Control.Lens ((&), at, set, view) + import qualified Data.ByteString as B + import qualified Data.Text as T + +@@ -99,7 +99,7 @@ genMessage = Gen.choice [ genTextPlain, genMultipart, encapsulate <$> genMessage + prop_messageRoundTrip :: Property + prop_messageRoundTrip = property $ do + msg <- forAll genMessage +- parse (message mime) (renderMessage msg) === Right msg ++ parse (message mime) (renderMessage $ msg & set (headers . at "MIME-Version") (Just "1.0")) === Right msg + + prop_messageFromRoundTrip :: Property + prop_messageFromRoundTrip = property $ do |