Merge remote-tracking branch 'ni/master'

author: lassulus <git@lassul.us> 2023-07-09 11:32:26 +0200
committer: lassulus <git@lassul.us> 2023-07-09 11:32:26 +0200
commit: 305b9e1deee5d9b2d48ff01f647471fdd9ee766c (patch)
tree: d428676c99fff445126a1d689e6a557dd9a78a91 /krebs
parent: 581665cc9f3c3e8e281ae0fc513fec903cc17b7c (diff)
parent: a4ace2b0b35331be531795a351401bc6ca8d827c (diff)
9 files changed, 23 insertions, 16 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 931ebe70b..a4f22d39c 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -113,6 +113,8 @@
   ];
 
   krebs.build.host = config.krebs.hosts.puyak;
+  krebs.hosts.puyak.ssh.privkey.path = <secrets/ssh.id_ed25519>;
+
   sound.enable = false;
   boot = {
     loader.systemd-boot.enable = true;
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 12ce4db3e..2415bd32f 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -51,6 +51,7 @@ in
   # uninteresting stuff
   #####################
   krebs.build.host = config.krebs.hosts.wolf;
+  krebs.hosts.wolf.ssh.privkey.path = <secrets/ssh.id_ed25519>;
 
   boot.initrd.availableKernelModules = [
     "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk"
diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
index c2f6b4dc0..2842e10d4 100644
--- a/krebs/2configs/exim-smarthost.nix
+++ b/krebs/2configs/exim-smarthost.nix
@@ -42,6 +42,7 @@ in {
       "makefu@krebsco.de" = makefu;
       "spam@krebsco.de" = spam-ml;
       "tv@krebsco.de" = tv;
+      "xkey@krebsco.de" = { mail = "lennart@cope.cool"; };
       # XXX These are no internet aliases
       # XXX exim-retiolum hosts should be able to relay to retiolum addresses
       "lass@retiolum" = lass;
diff --git a/krebs/2configs/shack/prometheus/unifi.nix b/krebs/2configs/shack/prometheus/unifi.nix
index 401ecb024..34e47add9 100644
--- a/krebs/2configs/shack/prometheus/unifi.nix
+++ b/krebs/2configs/shack/prometheus/unifi.nix
@@ -5,6 +5,6 @@
     unifiAddress = "https://unifi.shack:8443/";
     unifiInsecure = true;
     unifiUsername = "prometheus"; # needed manual login after setup to confirm the password
-    unifiPassword = lib.replaceChars ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>);
+    unifiPassword = lib.replaceStrings ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>);
   };
 }
diff --git a/krebs/3modules/acl.nix b/krebs/3modules/acl.nix
index d23706499..05f7e824b 100644
--- a/krebs/3modules/acl.nix
+++ b/krebs/3modules/acl.nix
@@ -33,7 +33,7 @@ in {
     default = {};
   };
   config = {
-    systemd.services = lib.mapAttrs' (path: rules: lib.nameValuePair "acl-${lib.replaceChars ["/"] ["_"] path}" {
+    systemd.services = lib.mapAttrs' (path: rules: lib.nameValuePair "acl-${lib.replaceStrings ["/"] ["_"] path}" {
       wantedBy = [ "multi-user.target" ];
       path = [
         pkgs.acl
diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix
index 3195f71d9..dabe2f8aa 100644
--- a/krebs/3modules/iana-etc.nix
+++ b/krebs/3modules/iana-etc.nix
@@ -1,5 +1,6 @@
-{ config, pkgs, lib, ... }:
-with lib; {
+{ config, lib, pkgs, ... }: let
+  slib = import ../../lib/pure.nix { inherit lib; };
+in with lib; {
 
   options.krebs.iana-etc.services = mkOption {
     default = {};
@@ -7,7 +8,7 @@ with lib; {
       options = {
         port = mkOption {
           default = config._module.args.name;
-          type = types.addCheck types.str (test "[1-9][0-9]*");
+          type = types.addCheck types.str (slib.test "[1-9][0-9]*");
         };
       } // genAttrs ["tcp" "udp"] (protocol: mkOption {
         default = null;
@@ -30,7 +31,7 @@ with lib; {
             (proto: let
               line = "${entry.${proto}.name} ${entry.port}/${proto}";
             in /* sh */ ''
-              echo ${shell.escape line}
+              echo ${slib.shell.escape line}
             '')
             (filter (proto: entry.${proto} != null) ["tcp" "udp"])}
           '') (attrValues config.krebs.iana-etc.services)}
diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix
index 3ebbc44fe..ae8702978 100644
--- a/krebs/3modules/permown.nix
+++ b/krebs/3modules/permown.nix
@@ -1,4 +1,6 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, lib, ... }: let
+  slib = import ../../lib/pure.nix { inherit lib; };
+in
 with lib; {
 
   options.krebs.permown = mkOption {
@@ -16,7 +18,7 @@ with lib; {
         group = mkOption {
           apply = x: if x == null then "" else x;
           default = null;
-          type = types.nullOr types.groupname;
+          type = types.nullOr slib.types.groupname;
         };
         keepGoing = mkOption {
           default = false;
@@ -28,15 +30,15 @@ with lib; {
           '';
         };
         owner = mkOption {
-          type = types.username;
+          type = slib.types.username;
         };
         path = mkOption {
           default = config._module.args.name;
-          type = types.absolute-pathname;
+          type = slib.types.absolute-pathname;
         };
         umask = mkOption {
           default = "0027";
-          type = types.file-mode;
+          type = slib.types.file-mode;
         };
       };
     }));
@@ -48,11 +50,11 @@ with lib; {
 
     system.activationScripts.permown = let
       mkdir = plan: /* sh */ ''
-        ${pkgs.coreutils}/bin/mkdir -p ${shell.escape plan.path}
+        ${pkgs.coreutils}/bin/mkdir -p ${slib.shell.escape plan.path}
       '';
     in concatMapStrings mkdir plans;
 
-    systemd.services = genAttrs' plans (plan: let
+    systemd.services = slib.genAttrs' plans (plan: let
       continuable = command:
         if plan.keepGoing
           then /* sh */ "{ ${command}; } || :"
diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix
index e1e9d423f..f8ce03f39 100644
--- a/krebs/5pkgs/haskell/email-header.nix
+++ b/krebs/5pkgs/haskell/email-header.nix
@@ -18,9 +18,9 @@ let
       sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
     };
   }.${versions.majorMinor version} or {
-    version = "0.4.1-tv2";
+    version = "0.4.2-tv1";
     rev = "refs/tags/v${cfg.version}";
-    sha256 = "1yg4b5318lpviwgjs4kdcqg8cwfnxxfcdckcjq12r2nnj2k4ms2d";
+    sha256 = "JZfqvkbb/1t0q1iWmZHmmCN2Vr+QKTiq4LVncrG+xMU=";
   };
 
 in mkDerivation {
diff --git a/krebs/5pkgs/simple/netcup/default.nix b/krebs/5pkgs/simple/netcup/default.nix
index 408672eff..750e9cfa9 100644
--- a/krebs/5pkgs/simple/netcup/default.nix
+++ b/krebs/5pkgs/simple/netcup/default.nix
@@ -3,7 +3,7 @@ with stockholm.lib;
 
 let
   readJSON = path: fromJSON (readFile path);
-  sed.escape = replaceChars ["/"] ["\\/"]; # close enough
+  sed.escape = replaceStrings ["/"] ["\\/"]; # close enough
   PATH = makeBinPath [
     coreutils
     curl
author	lassulus <git@lassul.us>	2023-07-09 11:32:26 +0200
committer	lassulus <git@lassul.us>	2023-07-09 11:32:26 +0200
commit	305b9e1deee5d9b2d48ff01f647471fdd9ee766c (patch)
tree	d428676c99fff445126a1d689e6a557dd9a78a91 /krebs
parent	581665cc9f3c3e8e281ae0fc513fec903cc17b7c (diff)
parent	a4ace2b0b35331be531795a351401bc6ca8d827c (diff)