Merge branch 'makefu'

author: lassulus <lass@aidsballs.de> 2015-09-05 12:17:59 +0200
committer: lassulus <lass@aidsballs.de> 2015-09-05 12:17:59 +0200
commit: f54a0a9ea7fd5a9902a5b38786da42f06d615b5a (patch)
tree: d7c475b212d8acc35a5dc7d20ec1f2228c664010 /makefu
parent: f3c1727659c59ff638b1adead8e30ee2f79f39de (diff)
parent: d6d9956abc60548c755d30e6a5bd13c10abbb181 (diff)
18 files changed, 214 insertions, 24 deletions
diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix
index 963d0774..98f3ecd2 100644
--- a/makefu/1systems/pnp.nix
+++ b/makefu/1systems/pnp.nix
@@ -7,24 +7,38 @@
 {
   imports =
     [ # Include the results of the hardware scan.
-      <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+      # Base
       ../2configs/base.nix
-      ../2configs/cgit-retiolum.nix
-      # ../2configs/graphite-standalone.nix
-      ../2configs/vm-single-partition.nix
       ../2configs/tinc-basic-retiolum.nix
 
+      # HW/FS
+      <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+      ../2configs/fs/vm-single-partition.nix
+
+      # Services
+      ../2configs/git/cgit-retiolum.nix
+
+      ## Reaktor
+      ## \/ are only plugins, must enable Reaktor explicitly
+      ../2configs/Reaktor/stockholmLentil.nix
+      ../2configs/Reaktor/simpleExtend.nix
+
       ../2configs/exim-retiolum.nix
       ../2configs/urlwatch.nix
+
+      # ../2configs/graphite-standalone.nix
     ];
+  krebs.Reaktor.enable = true;
+
   krebs.build.host = config.krebs.hosts.pnp;
   krebs.build.user = config.krebs.users.makefu;
   krebs.build.target = "root@pnp";
 
+
   krebs.build.deps = {
     nixpkgs = {
       url = https://github.com/NixOS/nixpkgs;
-      rev = "13576925552b1d0751498fdda22e91a055a1ff6c";
+      rev = "03921972268934d900cc32dad253ff383926771c";
     };
   };
 
diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix
index 415c1af3..4dcfe4ec 100644
--- a/makefu/1systems/pornocauster.nix
+++ b/makefu/1systems/pornocauster.nix
@@ -13,9 +13,7 @@
       ../2configs/tinc-basic-retiolum.nix
       #../2configs/disable_v6.nix
 
-      #../2configs/sda-crypto-root.nix
-      ../2configs/sda-crypto-root-home.nix
-
+      # environment
       ../2configs/zsh-user.nix
 
       # applications
@@ -23,14 +21,22 @@
       ../2configs/virtualization.nix
       ../2configs/wwan.nix
 
+      # services
+      ../2configs/git/brain-retiolum.nix
+      # ../2configs/Reaktor/simpleExtend.nix
+
       # hardware specifics are in here
-      ../2configs/tp-x220.nix
+      ../2configs/hw/tp-x220.nix
+      # mount points
+      ../2configs/fs/sda-crypto-root-home.nix
     ];
 
   krebs.build.host = config.krebs.hosts.pornocauster;
   krebs.build.user = config.krebs.users.makefu;
   krebs.build.target = "root@pornocauster";
 
+  #krebs.Reaktor.nickname = "makefu|r";
+
   networking.firewall.allowedTCPPorts = [
     25
   ];
@@ -39,7 +45,7 @@
     nixpkgs = {
       url = https://github.com/NixOS/nixpkgs;
       #url = https://github.com/makefu/nixpkgs;
-      rev = "13576925552b1d0751498fdda22e91a055a1ff6c";
+      rev = "03921972268934d900cc32dad253ff383926771c";
     };
   };
 }
diff --git a/makefu/1systems/repunit.nix b/makefu/1systems/repunit.nix
index 503fe8f6..d98ff17c 100644
--- a/makefu/1systems/repunit.nix
+++ b/makefu/1systems/repunit.nix
@@ -49,7 +49,7 @@
   };
   krebs.retiolum = {
     enable = true;
-    hosts = ../../Zhosts;
+    hosts = ../../krebs/Zhosts;
     connectTo = [
       "gum"
       "pigstarter"
diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix
index 67db2246..3c2bb2ed 100644
--- a/makefu/1systems/tsp.nix
+++ b/makefu/1systems/tsp.nix
@@ -9,9 +9,9 @@
       ../2configs/base.nix
       ../2configs/base-gui.nix
       ../2configs/tinc-basic-retiolum.nix
-      ../2configs/sda-crypto-root.nix
+      ../2configs/fs/sda-crypto-root.nix
       # hardware specifics are in here
-      ../2configs/tp-x200.nix #< imports tp-x2x0.nix
+      ../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix
 
       ../2configs/disable_v6.nix
       ../2configs/rad1o.nix
diff --git a/makefu/2configs/Reaktor/random-issue.sh b/makefu/2configs/Reaktor/random-issue.sh
new file mode 100644
index 00000000..5c47c615
--- /dev/null
+++ b/makefu/2configs/Reaktor/random-issue.sh
@@ -0,0 +1,20 @@
+#! /bin/sh
+set -eu
+# requires env:
+#   $state_dir
+#   $origin
+
+# in PATH: git,lentil,coreutils
+subdir=`echo "$1" | tr -dc "[:alnum:]"`
+name=`echo "$origin" | tr -dc "[:alnum:]"`
+track="$state_dir/$name-checkout"
+(if test -e "$track" ;then
+  cd "$track"
+  git fetch origin master
+  git reset --hard origin/master
+else
+  git clone "$origin" "$track"
+fi) >&2
+
+cd "$track"
+lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1
diff --git a/makefu/2configs/Reaktor/simpleExtend.nix b/makefu/2configs/Reaktor/simpleExtend.nix
new file mode 100644
index 00000000..95175a4e
--- /dev/null
+++ b/makefu/2configs/Reaktor/simpleExtend.nix
@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+
+with pkgs;
+let
+  nixos-version-script = pkgs.writeScript "nix-version" ''
+  #! /bin/sh
+  . /etc/os-release
+  echo "$PRETTY_NAME"
+  '';
+in {
+  krebs.Reaktor.extraConfig = ''
+  public_commands.insert(0,{
+    'capname' : "nixos-version",
+    'pattern' : indirect_pattern.format("nixos-version"),
+    'argv'    : ["${nixos-version-script}"],
+    'env'     : { 'state_dir': workdir } })
+  '';
+}
+
diff --git a/makefu/2configs/Reaktor/stockholmLentil.nix b/makefu/2configs/Reaktor/stockholmLentil.nix
new file mode 100644
index 00000000..147fb5a7
--- /dev/null
+++ b/makefu/2configs/Reaktor/stockholmLentil.nix
@@ -0,0 +1,22 @@
+{ config, lib, pkgs, ... }:
+
+with pkgs;
+let
+  random-issue = pkgs.writeScript "random-issue" (builtins.readFile ./random-issue.sh);
+  random-issue-path = lib.makeSearchPath "bin" (with pkgs; [
+                        coreutils
+                        git
+                        gnused
+                        lentil]);
+in {
+  # TODO: make origin a variable, <- module is generic enough to handle different origins, not only stockholm
+  krebs.Reaktor.extraConfig = ''
+  public_commands.insert(0,{
+    'capname' : "stockholm-issue",
+    'pattern' : indirect_pattern.format("stockholm-issue"),
+    'argv'    : ["${random-issue}"],
+    'env'     : { 'state_dir': workdir,
+                  'PATH':'${random-issue-path}',
+                  'origin':'http://cgit.pnp/stockholm' } })
+  '';
+}
diff --git a/makefu/2configs/fs/cac-boot-partition.nix b/makefu/2configs/fs/cac-boot-partition.nix
new file mode 100644
index 00000000..fdf4b89d
--- /dev/null
+++ b/makefu/2configs/fs/cac-boot-partition.nix
@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+# vda1 ext4 (label nixos) -> only root partition
+with lib;
+{
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/sda";
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+  };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/boot";
+    fsType = "ext4";
+  };
+
+  hardware.enableAllFirmware = true;
+  nixpkgs.config.allowUnfree = true;
+  hardware.cpu.amd.updateMicrocode = true;
+
+}
diff --git a/makefu/2configs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix
index 3821c750..3821c750 100644
--- a/makefu/2configs/sda-crypto-root-home.nix
+++ b/makefu/2configs/fs/sda-crypto-root-home.nix
diff --git a/makefu/2configs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix
index 54db8754..54db8754 100644
--- a/makefu/2configs/sda-crypto-root.nix
+++ b/makefu/2configs/fs/sda-crypto-root.nix
diff --git a/makefu/2configs/vm-single-partition.nix b/makefu/2configs/fs/vm-single-partition.nix
index 78a5e717..78a5e717 100644
--- a/makefu/2configs/vm-single-partition.nix
+++ b/makefu/2configs/fs/vm-single-partition.nix
diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix
new file mode 100644
index 00000000..0ab64773
--- /dev/null
+++ b/makefu/2configs/git/brain-retiolum.nix
@@ -0,0 +1,77 @@
+{ config, lib, pkgs, ... }:
+# TODO: remove tv lib :)
+with import ../../../tv/4lib { inherit lib pkgs; };
+let
+
+  repos = priv-repos // krebs-repos ;
+  rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos);
+
+  krebs-repos = mapAttrs make-krebs-repo {
+    brain = {
+      desc = "braiiiins";
+    };
+  };
+
+  priv-repos = mapAttrs make-priv-repo {
+    autosync = { };
+  };
+
+  # TODO move users to separate module
+  make-priv-repo = name: { desc ? null, ... }: {
+    inherit name desc;
+    public = false;
+  };
+
+  make-krebs-repo = with git; name: { desc ? null, ... }: {
+    inherit name desc;
+    public = false;
+    hooks = {
+      post-receive = git.irc-announce {
+        nick = config.networking.hostName;
+        channel = "#retiolum";
+        # TODO remove the hardcoded hostname
+        server = "cd.retiolum";
+      };
+    };
+  };
+
+  set-owners = with git;repo: user:
+      singleton {
+        inherit user;
+        repo = [ repo ];
+        perm = push "refs/*" [ non-fast-forward create delete merge ];
+      };
+
+  set-ro-access = with git; repo: user:
+      optional repo.public {
+        inherit user;
+        repo = [ repo ];
+        perm = fetch;
+      };
+
+  # TODO: get the list of all krebsministers
+  krebsminister = with config.krebs.users; [ lass tv ];
+  all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp ];
+
+  priv-rules = repo: set-owners repo all-makefu;
+
+  krebs-rules = repo:
+    set-owners repo all-makefu ++ set-ro-access repo krebsminister;
+
+in {
+  imports = [{
+    krebs.users.makefu-omo = {
+        name = "makefu-omo" ;
+        pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_omo.ssh.pub;
+    };
+    krebs.users.makefu-tsp = {
+        name = "makefu-tsp" ;
+        pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_tsp.ssh.pub;
+    };
+  }];
+  krebs.git = {
+    enable = true;
+    cgit = false;
+    inherit repos rules;
+  };
+}
diff --git a/makefu/2configs/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 8d943956..40b51e60 100644
--- a/makefu/2configs/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -1,6 +1,6 @@
 { config, lib, pkgs, ... }:
 # TODO: remove tv lib :)
-with import ../../tv/4lib { inherit lib pkgs; };
+with import ../../../tv/4lib { inherit lib pkgs; };
 let
 
   repos = priv-repos // krebs-repos ;
@@ -63,11 +63,11 @@ in {
   imports = [{
     krebs.users.makefu-omo = {
         name = "makefu-omo" ;
-        pubkey= with builtins; readFile ../../Zpubkeys/makefu_omo.ssh.pub;
+        pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_omo.ssh.pub;
     };
     krebs.users.makefu-tsp = {
         name = "makefu-tsp" ;
-        pubkey= with builtins; readFile ../../Zpubkeys/makefu_tsp.ssh.pub;
+        pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_tsp.ssh.pub;
     };
   }];
   krebs.git = {
diff --git a/makefu/2configs/tp-x200.nix b/makefu/2configs/hw/tp-x200.nix
index ed46875d..ed46875d 100644
--- a/makefu/2configs/tp-x200.nix
+++ b/makefu/2configs/hw/tp-x200.nix
diff --git a/makefu/2configs/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix
index 787a0639..f0392215 100644
--- a/makefu/2configs/tp-x220.nix
+++ b/makefu/2configs/hw/tp-x220.nix
@@ -7,14 +7,19 @@ with lib;
 
   boot.kernelModules = [ "kvm-intel" ];
 
-  #services.xserver.vaapiDrivers = [pkgs.vaapiIntel pkgs.vaapiVdpau ];
-  services.xserver.vaapiDrivers = [];
+  services.xserver = {
+    videoDriver = "intel";
+    vaapiDrivers = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
+    deviceSection = ''
+      Option "AccelMethod" "sna"
+    '';
+  };
 
   services.xserver.displayManager.sessionCommands =''
   xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
   xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
-  xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
   xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
+  # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
   '';
 
 }
diff --git a/makefu/2configs/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix
index b79d94b4..aa2fc205 100644
--- a/makefu/2configs/tp-x2x0.nix
+++ b/makefu/2configs/hw/tp-x2x0.nix
@@ -11,9 +11,13 @@ with lib;
   zramSwap.enable = true;
   zramSwap.numDevices = 2;
 
-  hardware.trackpoint.enable = true;
-  hardware.trackpoint.sensitivity = 220;
-  hardware.trackpoint.speed = 220;
+  hardware.trackpoint = {
+    enable = true;
+    sensitivity = 220;
+    speed = 220;
+    emulateWheel = true;
+    };
+
 
   services.tlp.enable = true;
   services.tlp.extraConfig = ''
diff --git a/makefu/2configs/tinc-basic-retiolum.nix b/makefu/2configs/tinc-basic-retiolum.nix
index cb1991bd..fd6d1683 100644
--- a/makefu/2configs/tinc-basic-retiolum.nix
+++ b/makefu/2configs/tinc-basic-retiolum.nix
@@ -4,7 +4,7 @@ with lib;
 {
   krebs.retiolum = {
     enable = true;
-    hosts = ../../Zhosts;
+    hosts = ../../krebs/Zhosts;
     connectTo = [
       "gum"
       "pigstarter"
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 015f472f..41780842 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -1,6 +1,6 @@
 { config, lib, ... }:
 
-with import ../../krebs/4lib { inherit lib; };
+with lib;
 let
   cfg = config.krebs;
author	lassulus <lass@aidsballs.de>	2015-09-05 12:17:59 +0200
committer	lassulus <lass@aidsballs.de>	2015-09-05 12:17:59 +0200
commit	f54a0a9ea7fd5a9902a5b38786da42f06d615b5a (patch)
tree	d7c475b212d8acc35a5dc7d20ec1f2228c664010 /makefu
parent	f3c1727659c59ff638b1adead8e30ee2f79f39de (diff)
parent	d6d9956abc60548c755d30e6a5bd13c10abbb181 (diff)