summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2019-11-12 19:18:31 +0100
committertv <tv@krebsco.de>2019-11-12 19:18:31 +0100
commiteaefd713c281e8802e4ff902b35a17b8b39f2b16 (patch)
treeed7521ae3c0c49dce87045c213618179042174ae /krebs
parent46cdc3ed4238965553d734b614b212fd96cba447 (diff)
parent4b5e3cbc6155ee807a9b6c474972df3e4fcd237b (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/wolf/config.nix4
-rw-r--r--krebs/2configs/shack/muell_mail.nix4
-rw-r--r--krebs/2configs/shack/muellshack.nix6
-rw-r--r--krebs/2configs/shack/node-light.nix6
-rw-r--r--krebs/2configs/shack/s3-power.nix7
-rw-r--r--krebs/2configs/shack/worlddomination.nix2
-rw-r--r--krebs/3modules/external/default.nix56
-rw-r--r--krebs/3modules/external/palo.nix2
-rw-r--r--krebs/3modules/jeschli/default.nix27
-rw-r--r--krebs/3modules/reaktor2.nix3
-rw-r--r--krebs/3modules/rtorrent.nix5
-rw-r--r--krebs/nixpkgs-unstable.json6
-rw-r--r--krebs/nixpkgs.json6
13 files changed, 95 insertions, 39 deletions
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index e47c43fe1..e87b7bb99 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -117,10 +117,6 @@ in
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
- swapDevices = [
- { device = "/dev/disk/by-label/swap"; }
- ];
-
users.extraUsers.root.openssh.authorizedKeys.keys = [
config.krebs.users."0x4A6F".pubkey
config.krebs.users.ulrich.pubkey
diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix
index 5ae80d780..409278954 100644
--- a/krebs/2configs/shack/muell_mail.nix
+++ b/krebs/2configs/shack/muell_mail.nix
@@ -4,8 +4,8 @@ let
pkg = pkgs.callPackage (
pkgs.fetchgit {
url = "https://git.shackspace.de/rz/muell_mail";
- rev = "861ec25ab22797d8961efb32e72d79e113aa9f0f";
- sha256 = "sha256:18cw95zbr7isv4cw80cbpd84n5z208fwh5390i6j10jkn398mjq2";
+ rev = "57b67c95052d90044137b2c89007a371dc389afd";
+ sha256 = "1grkzs6fxjnc2bv4kskj63d5sb4qxz6yyr85nj0da9hn7qkk4jkj";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/muell_mail";
cfg = toString <secrets/shack/muell_mail.js>;
diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix
index 9168c9ba7..c1c957da3 100644
--- a/krebs/2configs/shack/muellshack.nix
+++ b/krebs/2configs/shack/muellshack.nix
@@ -4,9 +4,9 @@ let
pkg = pkgs.callPackage (
pkgs.fetchgit {
url = "https://git.shackspace.de/rz/muellshack";
- rev = "d8a5e2d4c0a22804838675ac42b468299dcd9a76";
- sha256 = "0ff6q64dgdxmpszp94z100fdic175b1vvxn4crg8p0jcabzxsv0m";
- }) {};
+ rev = "4601f59787de090c83be6dbae6ca72d7fc84ab9f";
+ sha256 = "1cshbd6ipvynbm3gmnsm58ccc1m5xc87cpd3b6jx0s6pr2j19g9j";
+ }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/muellshack";
port = "8081";
in {
diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix
index 8cf0007b8..38cb3b55d 100644
--- a/krebs/2configs/shack/node-light.nix
+++ b/krebs/2configs/shack/node-light.nix
@@ -4,9 +4,9 @@ let
pkg = pkgs.callPackage (
pkgs.fetchgit {
url = "https://git.shackspace.de/rz/node-light.git";
- rev = "a32c782650c4cc0adf51250fe249167d7246c59b";
- sha256 = "0clvcp1m2ay0a9ibh7s21q7d9a6nam3497bysvc6mdygblks22qy";
- }) {};
+ rev = "32d8064db5172b8068f633211c8bd5688b2c8773";
+ sha256 = "14jzhs7pp3hq42wq3cwqarivn1z7vcgksfzfqfc4yyh21096yi1j";
+ }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/node-light";
port = "8082";
in {
diff --git a/krebs/2configs/shack/s3-power.nix b/krebs/2configs/shack/s3-power.nix
index 40c42260f..f3ea67f79 100644
--- a/krebs/2configs/shack/s3-power.nix
+++ b/krebs/2configs/shack/s3-power.nix
@@ -4,9 +4,10 @@ let
pkg = pkgs.callPackage (
pkgs.fetchgit {
url = "https://git.shackspace.de/rz/s3-power";
- rev = "b2b87b56bb40d714dbbecd1285566870b256aec4";
- sha256 = "sha256:02wikwf3rgkkggwbwqisdvhlwd38w5pw011xhwvhnj114s3rynan";
- }) {};
+ rev = "0687ab64";
+ sha256 = "1m8h4bwykv24bbgr5v51mam4wsbp5424xcrawhs4izv563jjf130";
+ }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
+
home = "/var/lib/s3-power";
cfg = toString <secrets/shack/s3-power.json>;
in {
diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix
index 44176a341..b38b9cab4 100644
--- a/krebs/2configs/shack/worlddomination.nix
+++ b/krebs/2configs/shack/worlddomination.nix
@@ -65,7 +65,7 @@ let
};
LinkHeader = pythonPackages.buildPythonPackage {
name = "LinkHeader-0.4.3";
- src = pkgs.fetchurl { url = "https://pypi.python.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
+ src = pkgs.fetchurl { url = "https://files.pythonhosted.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
propagatedBuildInputs = [ ];
meta = with pkgs.stdenv.lib; {
homepage = "";
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 1546cac62..247dae69c 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -354,6 +354,62 @@ in {
};
};
};
+ amy = {
+ owner = config.krebs.users.Mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.donna.nets.retiolum.ip4.addr
+ config.krebs.hosts.donna.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.181";
+ aliases = [ "amy.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAr3jQRA1+hLKYVgHJA2ax5W8J3GVMTnaGpYw9Q2xXXrX/jxLZ6Ia8
+ hBjIcCBDVL5Q3FnyrKB9NJeeIvCOKg8WG+8O0+wKcePKd0Vhbsx4Whog/6PWs6qh
+ q2sURs2tp1hjHks4kZo2WtiYD7Ue9HHdV6FlUO6yuBV0bW2RzHdLPCDSGxnQVkBM
+ tSwAvMCZwvVBiv4m6RyMXqmpdbAPBzgJcmJS0FY+zGxpiwsR/AdoVvnzYyFMCVpG
+ iFl5+k9OGhUJq72MwAXzjW5ZdCPrG+2Dd+QBhhtIMJGA2sJiJteT8vdvpTNCiHJ/
+ HnW7movliN2mW86qwo7QqB5v0c9f9TjfpOld7sS/4vE3zlGi/Stf6SQWaoXez/u3
+ /P9GzupcYgj76m8Z3j7BMHXCBw8iwP2pZpL9hnLdIyCcyLrzXDIzq4hlt60DPhSU
+ klTDBUA/cUdSJGcSn2N+WHLOTfI6qeBNKqcTk70OQsa69jAJeAtA+I9OprNYOXqb
+ MmQakNNlrTaNtGQxfQqEL+wqHlo8CVDGm3O9pQSNF309P4TLNU1EYm+ItScNiVCE
+ DKhcgvE6xHCwZnVyJN8MMy1CVyDmnHVYoaTEZ2cCvNi/hXIXgO9KWjSpAv5tP764
+ UkOE4dlDpEW6G1pNf84BERfRYGDj29A/Jk9LJC/6D09QJXNu18HR0sUCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+ clara = {
+ owner = config.krebs.users.Mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.donna.nets.retiolum.ip4.addr
+ config.krebs.hosts.donna.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.182";
+ aliases = [ "clara.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEA07G1n2sA804nnjWQzq0Fi9i6kxJUo+jVJjtkm5unw3hjflAAd/3d
+ WN+01GdJCk/gr7DfU/Xr5KnR39Z3ADoT1tbUb+i5AJZ5/8VHUwWM8D8mQAam6LBf
+ UEeLxhVH8rG6lHaKwVi9oe4gPhgptUOzX/YIlJOMYDlYRxc7Wbj7YQOAKlPuTAjY
+ Z5bLswfkqTMO0cioJNwwMCNWSMJf3jbKi3eTQ36sf7TDMEneNGSBUpeSjGddoNT/
+ rrVIDDT8tGmtACKr+3Y0H+EA2K5IxdQKKfnPRR31RBWiTkEXBbaJzYO/ZV5/xlbN
+ wmblskwq9d9IwDY7qeMctci+ZUZ3epG8MUwYa4faOrgmmkQpa5B+6UOMzw/WDJEc
+ jTfvSzfPo4anoj8C+MOQYzRvYmp60YEZKomv2BQdBvpGIpUul8WAR2aV0K+wz66e
+ mUamljAXmLiPxgGKduX5VFVuXzYxeMiBBujQCLTjc+xTB2EdwihxNX1rkxz10BDc
+ WrgPV+/VVyThKhOvVCifWARHtT2VGcZazfQOW/y3ZmEPOYuc5ZvrSEiMeG3f64+v
+ UU8cQZ3yBLIhTtC+38pRlsdBQHt526q0j0rrnd30JXVAUdWBunP2UJ5QGtA8/mWn
+ cWSlvRf5sfbyrISz6+mLPM2qGHnCkKwORNxmv/1DY07O3Rn6hX0OY4ECAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
inspector = {
owner = config.krebs.users.Mic92;
nets = rec {
diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix
index e81dd9b58..aea1792f4 100644
--- a/krebs/3modules/external/palo.nix
+++ b/krebs/3modules/external/palo.nix
@@ -78,7 +78,7 @@ in {
};
users = {
palo = {
- pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBYNJVuyyZmc2pCkLWjhl0/hMMb7elmI81/9LAGtk8Tz4TmVderTMohwQkaTYznwPOPuKfU1sSMLCB8rYXdAO5nqWC4bGjXJ/+D8/UKfGjSqRQ7UkfpOF3NAm+pqUSFjaVXi1BWd+jxmsD0uRks0PyNSywZfgjn5LYpD3SpxyFy/17P/PJ9vX6PELjeYvNGH3l5cXDwYky3ZZJol7quBJ5yrA6I536A4wNDzg2ow+MRVu51/nIJdnbbsC/dDHgmdRWnStOzvsA+xSEMeKvLW3CaSPINr/bMGxOPrefr79bg59gkw9Wxp51fkx0o18N1liTRfWXau+GFNGMxFluELhfGXYOH9HLedLt8H38zs5vgJ9IY+tlOzMKud5njiNkuG503AiqY2H7coN7VeVA5+6L7tmwFbCMhPal4MS0VKHNBmCTDY5QMURYUajKiUh8n5IcbuTsPM+lEszm16g5iB+XQ1vpjza5ds6DRL1H6pUF/UpUzYUlqh2RnE+CyLsFO2MB/o72NoSWRfmn7/nsg6eEg/9kSn+dwj2ythjuEkMG28Yhm/XjaGnuAE/ZpIeRDozIQNGcHpzPHMd95olfNJW7+fLi+CvSFZa9l+tdS8PoRnCdHOsO4zvESJZ2rDn0Zt0Az6XNRJfYTABDlYPGCnWN4vmlnEJqQARSSiKBDhSgPw== palo@workout";
+ pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
};
};
}
diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix
index c6a4b40eb..75d7eda6e 100644
--- a/krebs/3modules/jeschli/default.nix
+++ b/krebs/3modules/jeschli/default.nix
@@ -137,19 +137,20 @@ in {
"reagenzglas.r"
];
tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAon6oMki2GuJah9c1jNj0CupIPNo765AxtpSkut1PvoydAVYWZMO0
- /UQgrvoDQPq3VQU98LHhtQVjmfmcxmxIK3mWoM356P9TGsheOspTcVP4HCMoWZoF
- QpgpQs1RNuG/nAAcoVHnTqFeFt6oWsykESIWj5jFV5XA+KanyLFThi8aWPumJgOV
- W0AR4+0eECMjBXCV0yRaug4cnFKwLtTQ993AP6Di+5iyh8H39wuASUA/USfMItyX
- KEPCT1LPVu2JKsLE/aQEqX1ra3qVJ+SzSPKvOJGKNjcN0e84TuqGrh6cmEDcT/hd
- MNZisdPvWA8UwXZfsT/TOGyd8MBqgGxWS6JSFHXy9enyjvS+rws8U0IySlnAIEoi
- mXi0leXXDHSQBUnLgDwx4yAJ2R63bUr0pvVd9NBvS9CYHH3TETuwxtMsd3Djm1tu
- 9/GxN78N+dTHCwOFw/RFOGKCDuM2v1P0f56SdcADqiziuVn+Sj/WPL7rM7qLkySv
- jAqY7q5PUjcz/tltJUJwIHaV3sSB6+zOKhSPhGE5ASr4dYEnxiTSD2YE7fj3+WKK
- ShG3cpjOwgW0/Ut88zIs7zQxfHj5ZML+Gh2E2LN5nb7StMBWafgvq58eTKbMCKbx
- ev7cFjOOV86sCjqtt5LVSi7TPAtolnmLyxzM+s/eZoLYITh+Zo8UERMCAwEAAQ==
- -----END RSA PUBLIC KEY-----
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwYLQr5m/x7Q6w8sL8QwI
+ GSEScP4V1Eun77mpV5ygk8FBV7S7Cj64QaEntM4NPNMS8DOs3qDkXQbC5yQQhVdG
+ rL191UK7B1VxprsyVDY5wj2bR96vOX9KadYSpk2lEaB2yyA8Xt2t4VrhcDOIk3k+
+ COMIbeqFd4rs5B2kV8p1KIFScng0x7uDhEvpn8zTakbtXWzcqirzBzqLTt9GqHE9
+ wXAca7iYCabhp6tzrOF7ifkRXgFy9+RPjUb8cqOyYL0k4zRSqNRDUQaySgUHRUwo
+ EzE/piLnBQHX/7tc9PdNPHizL62HeLOCnsKB+MoaJqsey6KPhxVDwYw3dJ/C3pCS
+ wFMUlt6D/5LxPL2yXJRRGb+I/hLnKGzbfB7Hz4Mh2PW2NMtdK0NMouDdH1VRnx68
+ QdL0MetHECz+TjpZIrn0Y2OCizDDGiKDndafQi4VPnWGulYUHtpIIMHkAS6xCHHn
+ 5Rfe1LRxNXVSfqcQEYbjf+PNmwUw8etzBwYzB6zFFnQhw+6kWBPqnB38NkQ0Fzhc
+ h7isl2iq9aotObk9p53gj1i8eaSCeq6C5sFM9Bs3d00HfCLNTCNMqYZynmapo+3Q
+ 0P6oX3YWzM2oUiknWKKOVyDUwCJolwlAeNOvlwCDzsiAAAB7INYBnJCIIPPcoE/q
+ iddgcSx6Poq15h8H5tr439kCAwEAAQ==
+ -----END PUBLIC KEY-----
'';
};
};
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index 9ab207d88..837a9bea7 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -53,6 +53,9 @@ with import <stockholm/lib>;
systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg:
nameValuePair cfg.systemd-service-name {
after = [ "network.target" ];
+ environment = {
+ LC_ALL = "en_US.UTF-8";
+ };
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = cfg.username;
diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix
index d59569317..1f88a49e1 100644
--- a/krebs/3modules/rtorrent.nix
+++ b/krebs/3modules/rtorrent.nix
@@ -8,7 +8,7 @@ let
nginx-user = config.services.nginx.user;
nginx-group = config.services.nginx.group;
- fpm-socket = "/var/run/php5-fpm-rutorrent.sock";
+ fpm-socket = config.services.phpfpm.pools.rutorrent.socket;
webdir = rucfg.webdir;
systemd-logfile = cfg.workDir + "/rtorrent-systemd.log";
@@ -332,12 +332,11 @@ let
rutorrent-imp = {
services.phpfpm = {
- # phpfpm does not have an enable option
pools.rutorrent = {
user = nginx-user;
group = nginx-group;
- listen = fpm-socket;
settings = {
+ "listen.owner" = nginx-user;
"pm" = "dynamic";
"pm.max_children" = 5;
"pm.start_servers" = 2;
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index 5f8f0c771..a772c83a2 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "d484f2b7fc0834a068e8ace851faa449a03963f5",
- "date": "2019-09-20T22:58:43+02:00",
- "sha256": "0jk93ikryi2hqc30l2n5i4vlgmklrlzb8cf7b3sg1q3k70q344jn",
+ "rev": "471869c9185fb610e67940a701eb13b1cfb335a4",
+ "date": "2019-10-31T16:03:13+01:00",
+ "sha256": "1klbclz8n4b9k1kfwv806bqdavld1mg32l1vxsmnrqzr6zck1c54",
"fetchSubmodules": false
}
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 01230b439..fabd3691a 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "7952807791daf3c60c99f10f371f732d897e3de8",
- "date": "2019-10-13T01:14:01+02:00",
- "sha256": "1h9wg0arazbyj8xfgvfhzn2gw6ya8sgcxscy1n5j182b5xri1xdk",
+ "rev": "c75de8bc12cc7e713206199e5ca30b224e295041",
+ "date": "2019-10-27T17:40:06+01:00",
+ "sha256": "1awipcjfvs354spzj2la1nzmi9rh2ci2mdapzf4kkabf58ilra6x",
"fetchSubmodules": false
}