merge shared into krebs

author: tv <tv@krebsco.de> 2017-07-14 00:17:58 +0200
committer: tv <tv@krebsco.de> 2017-07-14 00:21:02 +0200
commit: 58380c82848c3db0bd6c3d74904153f3464c2098 (patch)
tree: dcefa424c037ef13edba18967143b3290dc739cb /shared/2configs
parent: c213968c44befe32f115ec0122accebdabd89582 (diff)
20 files changed, 0 insertions, 916 deletions
diff --git a/shared/2configs/central-stats-client.nix b/shared/2configs/central-stats-client.nix
deleted file mode 100644
index 0412eba9..00000000
--- a/shared/2configs/central-stats-client.nix
+++ /dev/null
@@ -1,68 +0,0 @@
-{pkgs, config, ...}:
-{
-  services.collectd = {
-    enable = true;
-    autoLoadPlugin = true;
-    extraConfig = ''
-      Hostname ${config.krebs.build.host.name}
-      LoadPlugin load
-      LoadPlugin disk
-      LoadPlugin memory
-      LoadPlugin df
-      Interval 30.0
-
-      LoadPlugin interface
-      <Plugin "interface">
-        Interface "*Link"
-        Interface "lo"
-        Interface "vboxnet*"
-        Interface "virbr*"
-        IgnoreSelected true
-      </Plugin>
-
-      LoadPlugin df
-      <Plugin "df">
-        MountPoint "/nix/store"
-        # MountPoint "/run*"
-        # MountPoint "/sys*"
-        # MountPoint "/dev"
-        # MountPoint "/dev/shm"
-        # MountPoint "/tmp"
-        FSType "tmpfs"
-        FSType "binfmt_misc"
-        FSType "debugfs"
-        FSType "mqueue"
-        FSType "hugetlbfs"
-        FSType "systemd-1"
-        FSType "cgroup"
-        FSType "securityfs"
-        FSType "ramfs"
-        FSType "proc"
-        FSType "devpts"
-        FSType "devtmpfs"
-        MountPoint "/var/lib/docker/devicemapper"
-        IgnoreSelected true
-      </Plugin>
-
-      LoadPlugin cpu
-      <Plugin cpu>
-        ReportByCpu true
-        ReportByState true
-        ValuesPercentage true
-      </Plugin>
-
-      LoadPlugin network
-      <Plugin "network">
-          Server "stats.makefu.r" "25826"
-      </Plugin>
-
-      LoadPlugin curl
-      <Plugin curl>
-        <Page "smarthome">
-          URL "http://smarthome.shack/";
-          MeasureResponseTime true
-        </Page>
-      </Plugin>
-    '';
-  };
-}
diff --git a/shared/2configs/cgit-mirror.nix b/shared/2configs/cgit-mirror.nix
deleted file mode 100644
index c2326a5c..00000000
--- a/shared/2configs/cgit-mirror.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-  rules = with git; singleton {
-    user = [ wolf-repo-sync ];
-    repo = [ stockholm-mirror ];
-    perm = push ''refs/*'' [ non-fast-forward create delete merge ];
-  };
-
-  stockholm-mirror = {
-    public = true;
-    name = "stockholm-mirror";
-    cgit.desc = "mirror for all stockholm branches";
-    hooks = {
-      post-receive = pkgs.git-hooks.irc-announce {
-        nick = config.networking.hostName;
-        verbose = false;
-        channel = "#retiolum";
-        server = "ni.r";
-      };
-    };
-  };
-
-  wolf-repo-sync = {
-    name = "wolf-repo-sync";
-    mail = "spam@krebsco.de";
-    # TODO put git-sync pubkey somewhere more appropriate
-    pubkey = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwuAZB3wtAvBJFYh+gWdyGaZU4mtqM2dFXmh2rORlbXeh02msu1uv07ck1VKkQ4LgvCBcBsAOeVa1NTz99eLqutwgcqMCytvRNUCibcoEWwHObsK53KhDJj+zotwlFhnPPeK9+EpOP4ngh/tprJikttos5BwBwe2K+lfiid3fmVPZcTTYa77nCwijimMvWEx6CEjq1wiXMUc4+qcEn8Swbwomz/EEQdNE2hgoC3iMW9RqduTFdIJWnjVi0KaxenX9CvQRGbVK5SSu2gwzN59D/okQOCP6+p1gL5r3QRHSLSSRiEHctVQTkpKOifrtLZGSr5zArEmLd/cOVyssHQPCX repo-sync@wolf'';
-  };
-
-in {
-  krebs.users.wolf-repo-sync = wolf-repo-sync;
-  krebs.git = {
-    enable = true;
-    cgit = {
-      settings = {
-        root-title = "Shared Repos";
-        root-desc = "keep on krebsing";
-      };
-    };
-    inherit rules;
-    repos.stockholm-mirror = stockholm-mirror;
-  };
-}
diff --git a/shared/2configs/collectd-base.nix b/shared/2configs/collectd-base.nix
deleted file mode 100644
index 440f83fc..00000000
--- a/shared/2configs/collectd-base.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-# TODO: krebs.collectd.plugins
-with import <stockholm/lib>;
-let
-  connect-time-cfg = with pkgs; writeText "collectd-connect-time.conf" ''
-    LoadPlugin python
-    <Plugin python>
-      ModulePath "${collectd-connect-time}/lib/${python.libPrefix}/site-packages/"
-      Import "collectd_connect_time"
-      <Module collectd_connect_time>
-        target "localhost:22" "google.com" "google.de" "gum.r:22" "gum.krebsco.de" "heidi.shack:22" "10.42.0.1:22" "heise.de" "t-online.de"
-        interval 10
-      </Module>
-    </Plugin>
-  '';
-  graphite-cfg = pkgs.writeText "collectd-graphite.conf" ''
-    LoadPlugin write_graphite
-    <Plugin "write_graphite">
-      <Carbon>
-        Host "heidi.shack"
-        Port "2003"
-        Prefix "retiolum."
-        EscapeCharacter "_"
-        StoreRates false
-        AlwaysAppendDS false
-      </Carbon>
-    </Plugin>
-  '';
-in {
-  imports = [ ];
-
-  nixpkgs.config.packageOverrides = pkgs: with pkgs; {
-    collectd = pkgs.collectd.override { python= pkgs.python; };
-  };
-  services.collectd = {
-    enable = true;
-    include = [ (toString connect-time-cfg) (toString graphite-cfg) ];
-  };
-
-}
diff --git a/shared/2configs/default.nix b/shared/2configs/default.nix
deleted file mode 100644
index 2146f42e..00000000
--- a/shared/2configs/default.nix
+++ /dev/null
@@ -1,52 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-{
-  krebs.enable = true;
-  krebs.tinc.retiolum.enable = true;
-
-  # TODO rename shared user to "krebs"
-  krebs.build.user = mkDefault config.krebs.users.shared;
-
-  networking.hostName = config.krebs.build.host.name;
-
-  nix.maxJobs = 1;
-  nix.trustedBinaryCaches = [
-    "https://cache.nixos.org"
-    "http://cache.nixos.org"
-    "http://hydra.nixos.org"
-  ];
-  nix.useSandbox = true;
-
-  environment.systemPackages = with pkgs; [
-    git
-    rxvt_unicode.terminfo
-  ];
-
-  programs.ssh.startAgent = false;
-
-  services.openssh = {
-    enable = true;
-    hostKeys = [
-      { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
-    ];
-  };
-  services.cron.enable = false;
-  services.nscd.enable = false;
-  services.ntp.enable = false;
-
-  users.mutableUsers = false;
-  users.extraUsers.root.openssh.authorizedKeys.keys = [
-    # TODO
-    config.krebs.users.lass.pubkey
-    config.krebs.users.makefu.pubkey
-    # TODO HARDER:
-    config.krebs.users.makefu-omo.pubkey
-    config.krebs.users.tv.pubkey
-  ];
-
-
-  # The NixOS release to be compatible with for stateful data such as databases.
-  system.stateVersion = "15.09";
-
-}
diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix
deleted file mode 100644
index 64222e43..00000000
--- a/shared/2configs/graphite.nix
+++ /dev/null
@@ -1,93 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-# graphite-web on port 8080
-# carbon cache on port 2003 (tcp/udp)
-
-# TODO: krebs.graphite.minimal.enable
-# TODO: configure firewall
-with import <stockholm/lib>;
-{
-  imports = [ ];
-
-  services.graphite = {
-    api = {
-      enable = true;
-      listenAddress = "0.0.0.0";
-    };
-    carbon = {
-      enableCache = true;
-      # save disk usage by restricting to 1 bulk update per second
-      config = ''
-        [cache]
-        MAX_CACHE_SIZE = inf
-        MAX_UPDATES_PER_SECOND = 1
-        MAX_CREATES_PER_MINUTE = 50
-        MAX_UPDATES_PER_SECOND_ONSHUTDOWN = 9001
-
-        LOG_CACHE_HITS = False
-        LOG_CACHE_QUEUE_SORTS = False
-        LOG_UPDATES = False
-        LOG_LISTENER_CONNECTIONS = False
-        LOG_CREATES = True
-        '';
-      storageAggregation = ''
-      '';
-      storageSchemas = ''
-        [carbon]
-        pattern = ^carbon\.
-        retentions = 60:90d
-
-
-        [radiation_sensor]
-        pattern = ^sensors\.radiation\.
-        retentions = 1m:30d,5m:180d,10m:3y
-
-        [motion_sensors]
-        pattern = ^sensors\.motion\.
-        retentions = 1s:1h,60s:30d,300s:1y
-
-        [motion_sensors]
-        pattern = ^retiolum\.
-        retentions = 10s:1h,30s:30d,300s:1y
-
-        [homeassistant]
-        pattern = ^homeassistant\.
-        retentions = 10s:24h,30s:30d,300s:1y,3600s:5y
-
-        [ara]
-        pattern = ^ara\.
-        retentions = 60s:30d,300s:1y
-
-        [openweathermap]
-        pattern = ^weather\.openweathermap
-        retentions = 30m:30d,1h:5y
-
-        [stadtklima]
-        pattern = ^weather\.stadtklima-stuttgart
-        retentions = 15m:30d,30m:5y
-
-        [sensebox]
-        pattern = ^weather\.sensebox
-        retentions = 1m:90d,30m:5y
-
-        [elchos]
-        pattern = ^elchos\.
-        retentions = 10s:14d,1m:90d,10m:5y
-
-        [icinga_default]
-        pattern = ^icinga
-        retentions = 10s:14d,5m:90d,10m:5y
-
-        [icinga_internals]
-        pattern = ^icinga.*\.(max_check_attempts|reachable|current_attempt|execution_time|latency|state|state_type)
-        retentions = 5m:7d
-
-        [default]
-        pattern = .*
-        retentions = 60s:30d,300s:1y
-        '';
-    };
-  };
-  systemd.services.carbonCache.serviceConfig.Restart="always";
-  systemd.services.graphiteApi.serviceConfig.Restart="always";
-}
diff --git a/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
deleted file mode 100644
index b5ec722a..00000000
--- a/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-_:
-
-{
-  boot.loader.grub = {
-    device = "/dev/sda";
-    splashImage = null;
-  };
-
-  boot.initrd.availableKernelModules = [
-    "ata_piix"
-    "vmw_pvscsi"
-  ];
-
-  fileSystems."/" = {
-    device = "/dev/VolGroup/lv_root";
-    fsType = "ext4";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/sda1";
-    fsType = "ext4";
-  };
-
-  swapDevices = [
-    { device = "/dev/VolGroup/lv_swap"; }
-  ];
-
-  users.extraGroups = {
-    # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
-    #    Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
-    #    Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
-    #      Docs: man:tmpfiles.d(5)
-    #            man:systemd-tmpfiles(8)
-    #   Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
-    #  Main PID: 19272 (code=exited, status=1/FAILURE)
-    #
-    # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
-    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
-    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
-    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
-    # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
-    # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
-    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
-    # warning: error(s) occured while switching to the new configuration
-    lock.gid = 10001;
-  };
-}
diff --git a/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix b/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix
deleted file mode 100644
index 168d1d97..00000000
--- a/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-_:
-
-{
-  boot.loader.grub = {
-    device = "/dev/sda";
-    splashImage = null;
-  };
-
-  boot.initrd.availableKernelModules = [
-    "ata_piix"
-    "vmw_pvscsi"
-  ];
-
-  fileSystems."/" = {
-    device = "/dev/centos/root";
-    fsType = "xfs";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/sda1";
-    fsType = "xfs";
-  };
-
-  swapDevices = [
-    { device = "/dev/centos/swap"; }
-  ];
-
-  users.extraGroups = {
-    # ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories
-    #    Loaded: loaded (/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/example/systemd/system/systemd-tmpfiles-setup.service)
-    #    Active: failed (Result: exit-code) since Mon 2015-03-16 10:29:18 UTC; 4s ago
-    #      Docs: man:tmpfiles.d(5)
-    #            man:systemd-tmpfiles(8)
-    #   Process: 19272 ExecStart=/nix/store/2l33gg7nmncqkpysq9f5fxyhlw6ncm2j-systemd-217/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev (code=exited, status=1/FAILURE)
-    #  Main PID: 19272 (code=exited, status=1/FAILURE)
-    #
-    # Mar 16 10:29:17 cd systemd-tmpfiles[19272]: [/usr/lib/tmpfiles.d/legacy.conf:26] Unknown group 'lock'.
-    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal configured, ignoring.
-    # Mar 16 10:29:18 cd systemd-tmpfiles[19272]: Two or more conflicting lines for /var/log/journal/7b35116927d74ea58785e00b47ac0f0d configured, ignoring.
-    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service: main process exited, code=exited, status=1/FAILURE
-    # Mar 16 10:29:18 cd systemd[1]: Failed to start Create Volatile Files and Directories.
-    # Mar 16 10:29:18 cd systemd[1]: Unit systemd-tmpfiles-setup.service entered failed state.
-    # Mar 16 10:29:18 cd systemd[1]: systemd-tmpfiles-setup.service failed.
-    # warning: error(s) occured while switching to the new configuration
-    lock.gid = 10001;
-  };
-}
diff --git a/shared/2configs/repo-sync.nix b/shared/2configs/repo-sync.nix
deleted file mode 100644
index 637a26e3..00000000
--- a/shared/2configs/repo-sync.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-{
-  krebs.repo-sync = let
-    # TODO addMirrorURL function
-    mirror = "git@wolf:stockholm-mirror";
-  in {
-    enable = true;
-    repos.stockholm = {
-      branches = {
-        makefu = {
-          origin.url = http://cgit.gum/stockholm ;
-          mirror.url = mirror;
-        };
-        tv = {
-          origin.url = http://cgit.ni.r/stockholm;
-          mirror.url = mirror;
-        };
-        lassulus = {
-          origin.url = http://cgit.prism/stockholm ;
-          mirror.url = mirror;
-        };
-      };
-      latest = {
-        url = mirror;
-        ref = "heads/master";
-      };
-    };
-  };
-}
diff --git a/shared/2configs/save-diskspace.nix b/shared/2configs/save-diskspace.nix
deleted file mode 100644
index ab074c75..00000000
--- a/shared/2configs/save-diskspace.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{lib, ... }:
-# TODO: do not check out nixpkgs master but fetch revision from github
-{
-  environment.noXlibs = true;
-  nix.gc.automatic = true;
-  nix.gc.dates = lib.mkDefault "03:10";
-  programs.info.enable = false;
-  programs.man.enable = false;
-  services.journald.extraConfig = "SystemMaxUse=50M";
-  services.nixosManual.enable = false;
-}
diff --git a/shared/2configs/shack/bincache.nix b/shared/2configs/shack/bincache.nix
deleted file mode 100644
index 9cd7fae2..00000000
--- a/shared/2configs/shack/bincache.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{...}:
-{
-  nix.binaryCaches = [
-      "http://wolf.shack:3142/nixos"
-  ];
-}
diff --git a/shared/2configs/shack/drivedroid.nix b/shared/2configs/shack/drivedroid.nix
deleted file mode 100644
index 12e4a39c..00000000
--- a/shared/2configs/shack/drivedroid.nix
+++ /dev/null
@@ -1,49 +0,0 @@
-{ config, pkgs, ... }:
-with import <stockholm/lib>;
-let
-  root = "/var/srv/drivedroid";
-in
-{
-  environment.systemPackages = [ pkgs.drivedroid-gen-repo ];
-
-  services.nginx = {
-    enable = mkDefault true;
-    virtualHosts.shack-drivedroid = {
-      serverAliases = [
-        "drivedroid.shack"
-      ];
-      # TODO: prepare this somehow
-      locations."/".extraConfig = ''
-        root ${root};
-        index main.json;
-      '';
-    };
-  };
-
-  systemd.services.drivedroid-gen-repo = {
-    description = "generates drivedroid repo file";
-    path = [
-      pkgs.coreutils
-      pkgs.drivedroid-gen-repo
-      pkgs.inotify-tools
-    ];
-    wantedBy = [ "multi-user.target" ];
-
-    serviceConfig = {
-      Type = "simple";
-      Restart = "always";
-      ExecStartPre = pkgs.writeDash "prepare-drivedroid-gen-repo" ''
-        mkdir -p ${root}/repos
-      '';
-      ExecStart = pkgs.writeDash "start-drivedroid-gen-repo" ''
-        set -efu
-        cd ${root}
-        while sleep 60; do
-          if inotifywait -r .; then
-            drivedroid-gen-repo repos > main.json
-          fi
-        done
-      '';
-    };
-  };
-}
diff --git a/shared/2configs/shack/mqtt_sub.nix b/shared/2configs/shack/mqtt_sub.nix
deleted file mode 100644
index a8427dde..00000000
--- a/shared/2configs/shack/mqtt_sub.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-  pkg = pkgs.stdenv.mkDerivation {
-    name = "mqtt2graphite-2017-05-29";
-    src = pkgs.fetchgit {
-      url = "https://github.com/shackspace/mqtt2graphite/";
-      rev = "117179d";
-      sha256 = "1334jbbzlqizyp7zcn4hdswhhrnkj1p4p435n5nph82lzffrsi44";
-    };
-    buildInputs = [
-      (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
-        docopt
-        paho-mqtt
-      ]))
-    ];
-    installPhase = ''
-      install -m755 -D sub.py  $out/bin/sub
-      install -m755 -D sub2.py  $out/bin/sub-new
-    '';
-  };
-in {
-  systemd.services.mqtt_sub  = {
-    description = "subscribe to mqtt, send to graphite";
-    # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ];
-    wantedBy = [ "multi-user.target"  ];
-    serviceConfig = {
-      User = "nobody";
-      ExecStart = "${pkg}/bin/sub-new";
-      PrivateTmp = true;
-    };
-  };
-}
diff --git a/shared/2configs/shack/muell_caller.nix b/shared/2configs/shack/muell_caller.nix
deleted file mode 100644
index 2d8d78e3..00000000
--- a/shared/2configs/shack/muell_caller.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-  pkg = pkgs.stdenv.mkDerivation {
-    name = "muell_caller-2017-06-01";
-    src = pkgs.fetchgit {
-      url = "https://github.com/shackspace/muell_caller/";
-      rev = "bbd4009";
-      sha256 = "1bfnfl2vdh0p5wzyz5p48qh04vvsg2445avg86fzhzragx25fqv0";
-    };
-    buildInputs = [
-      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
-        docopt
-        requests2
-        paramiko
-        python
-      ]))
-    ];
-    installPhase = ''
-      install -m755 -D call.py  $out/bin/call-muell
-    '';
-  };
-  cfg = "${toString <secrets>}/tell.json";
-in {
-  systemd.services.call_muell = {
-    description = "call muell";
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      User = "nobody"; # TODO separate user
-      ExecStartPre = pkgs.writeDash "call-muell-pre" ''
-        cp ${cfg} /tmp/tell.json
-        chown nobody /tmp/tell.json
-      '';
-      ExecStart = "${pkg}/bin/call-muell --cfg /tmp/tell.json --mode mpd loop 60";
-      Restart = "always";
-      PrivateTmp = true;
-      PermissionsStartOnly = true;
-    };
-  };
-}
diff --git a/shared/2configs/shack/nix-cacher.nix b/shared/2configs/shack/nix-cacher.nix
deleted file mode 100644
index 8feeca9a..00000000
--- a/shared/2configs/shack/nix-cacher.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ config, pkgs, ... }:
-with import <stockholm/lib>;
-let
-  cfg = config.krebs.apt-cacher-ng;
-in
-{
-  imports = [
-    ./bincache.nix
-  ];
-  krebs.apt-cacher-ng = {
-    enable = true;
-    port = 3142;
-    bindAddress = "localhost";
-    cacheExpiration = 30;
-  };
-
-  services.nginx = {
-    enable = mkDefault true;
-    virtualHosts.shack-nix-cacher = {
-      serverAliases = [
-        "acng.shack"
-      ];
-      locations."/".extraConfig = ''
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_pass http://localhost:${toString cfg.port}/;
-      '';
-    };
-  };
-}
diff --git a/shared/2configs/shack/radioactive.nix b/shared/2configs/shack/radioactive.nix
deleted file mode 100644
index 378b5405..00000000
--- a/shared/2configs/shack/radioactive.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-  pkg = pkgs.stdenv.mkDerivation {
-    name = "radioactive-2017-06-01";
-    src = pkgs.fetchgit {
-      url = "https://github.com/makefu/nagios-radioactiveathome-plugins/";
-      rev = "955f614";
-      sha256 = "0ql6npl3n6shvij0ly6a52yjmf7dc31c5x29y927k9lvp8ygin20";
-    };
-    buildInputs = [
-      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
-        docopt
-        requests2
-        python
-      ]))
-    ];
-    installPhase = ''
-      install -m755 -D add_many_points.py  $out/bin/radioactive-add-many
-    '';
-  };
-in {
-  systemd.services.radioactive = {
-    description = "radioactive";
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      User = "nobody"; # TODO separate user
-      ExecStart = "${pkg}/bin/radioactive-add-many loop 60";
-      Restart = "always";
-      PrivateTmp = true;
-      PermissionsStartOnly = true;
-    };
-  };
-}
diff --git a/shared/2configs/shack/share.nix b/shared/2configs/shack/share.nix
deleted file mode 100644
index 247b9ee7..00000000
--- a/shared/2configs/shack/share.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{config, ... }:{
-  users.users.smbguest = {
-    name = "smbguest";
-    uid = config.ids.uids.smbguest;
-    group = "share";
-    description = "smb guest user";
-    home = "/home/share";
-    createHome = true;
-  };
-
-  networking.firewall.allowedTCPPorts = [
-    139 445 # samba
-  ];
-
-  networking.firewall.allowedUDPPorts = [
-    137 138
-  ];
-  services.samba = {
-    enable = true;
-    shares = {
-      share-home = {
-        path = "/home/share/";
-        "read only" = "no";
-        browseable = "yes";
-        "guest ok" = "yes";
-      };
-    };
-    extraConfig = ''
-      guest account = smbguest
-      map to guest = bad user
-      # disable printing
-      load printers = no
-      printing = bsd
-      printcap name = /dev/null
-      disable spoolss = yes
-    '';
-  };
-}
diff --git a/shared/2configs/shack/worlddomination.nix b/shared/2configs/shack/worlddomination.nix
deleted file mode 100644
index d0f9f5fa..00000000
--- a/shared/2configs/shack/worlddomination.nix
+++ /dev/null
@@ -1,67 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-  pythonPackages = pkgs.python3Packages;
-  # https://github.com/chrysn/aiocoap
-  aiocoap = pythonPackages.buildPythonPackage {
-      name = "aiocoap-0.3";
-      src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
-      propagatedBuildInputs = [ ];
-      doCheck = false; # 2 errors, dunnolol
-      meta = with pkgs.stdenv.lib; {
-        homepage = "";
-        license = licenses.mit;
-        description = "Python CoAP library";
-      };
-    };
-  LinkHeader = pythonPackages.buildPythonPackage {
-    name = "LinkHeader-0.4.3";
-    src = pkgs.fetchurl { url = "https://pypi.python.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
-    propagatedBuildInputs = [ ];
-    meta = with pkgs.stdenv.lib; {
-      homepage = "";
-      license = licenses.bsdOriginal;
-      description = "Parse and format link headers according to RFC 5988 \"Web Linking\"";
-    };
-  };
-  pkg = pkgs.stdenv.mkDerivation {
-    name = "worlddomination-2017-06-10";
-    src = pkgs.fetchgit {
-      url = "https://github.com/shackspace/worlddomination/";
-      rev = "72fc9b5";
-      sha256 = "05h500rswzypcxy4i22qc1vkc8izbzfqa9m86xg289hjxh133xyf";
-    };
-    buildInputs = [
-      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
-        docopt
-        LinkHeader
-        aiocoap
-        requests2
-        paramiko
-        python
-      ]))
-    ];
-    installPhase = ''
-      install -m755 -D backend/push_led.py  $out/bin/push-led
-      install -m755 -D backend/loop_single.py  $out/bin/loop-single
-      # copy the provided file to the package
-      install -m755 -D backend/wd.lst  $out/${wdpath}
-    '';
-  };
-  wdpath = "/usr/worlddomination/wd.lst";
-  esphost = "10.42.24.7"; # esp8266
-  timeout = 10; # minutes
-in {
-  systemd.services.worlddomination = {
-    description = "run worlddomination";
-    wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
-      User = "nobody"; # TODO separate user
-      ExecStart = "${pkg}/bin/push-led ${esphost} ${pkg}/${wdpath} loop ${toString timeout}";
-      Restart = "always";
-      PrivateTmp = true;
-      PermissionsStartOnly = true;
-    };
-  };
-}
diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix
deleted file mode 100644
index 1d6883af..00000000
--- a/shared/2configs/shared-buildbot.nix
+++ /dev/null
@@ -1,178 +0,0 @@
-{ lib, config, pkgs, ... }:
-# The buildbot config is self-contained and currently provides a way 
-# to test "shared" configuration (infrastructure to be used by every krebsminister).
-
-# You can add your own test, test steps as required. Deploy the config on a
-# shared host like wolf and everything should be fine.
-
-# TODO for all users schedule a build for fast tests
-{
-  # due to the fact that we actually build stuff on the box via the daemon,
-  # /nix/store should be cleaned up automatically as well
-  services.nginx.virtualHosts.build = {
-    serverAliases = [ "build.wolf.r" ];
-    locations."/".extraConfig = ''
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection "upgrade";
-      proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
-    '';
-  };
-
-  nix.gc.automatic = true;
-  nix.gc.dates = "05:23";
-  networking.firewall.allowedTCPPorts = [ 8010 9989 ];
-  krebs.buildbot.master = let
-    stockholm-mirror-url = http://cgit.wolf.r/stockholm-mirror ;
-  in {
-    secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
-    workers = {
-      testworker =  "krebspass";
-    };
-    change_source.stockholm = ''
-  stockholm_repo = '${stockholm-mirror-url}'
-  cs.append(changes.GitPoller(
-          stockholm_repo,
-          workdir='stockholm-poller', branches=True,
-          project='stockholm',
-          pollinterval=60))
-    '';
-    scheduler = {
-        force-scheduler = ''
-  sched.append(schedulers.ForceScheduler(
-                              name="force",
-                              builderNames=[
-                              #  "full-tests",
-                                "fast-tests",
-                                "build-local"
-                              ]))
-        '';
-        fast-tests-scheduler = ''
-  # test everything real quick
-  sched.append(schedulers.AnyBranchScheduler(
-                              treeStableTimer=10,
-                              name="fast-all-branches",
-                              builderNames=["fast-tests"]))
-        '';
-        test-cac-infest-master = ''
-  # files everyone depends on or are part of the share branch
-  def shared_files(change):
-    r =re.compile("^((krebs|shared)/.*|Makefile|default.nix)")
-    for file in change.files:
-      if r.match(file):
-        return True
-    return False
-
-  sched.append(schedulers.SingleBranchScheduler(
-                              change_filter=util.ChangeFilter(branch="master"),
-                              fileIsImportant=shared_files,
-                              treeStableTimer=60*60, # master was stable for the last hour
-                              name="full-master",
-                              builderNames=[
-                              #  "full-tests",
-                                "build-local"
-                              ]))
-        '';
-    };
-    builder_pre = ''
-  # prepare grab_repo step for stockholm
-  grab_repo = steps.Git(repourl=stockholm_repo, mode='incremental')
-
-  env = {
-    "LOGNAME": "shared",
-    "NIX_REMOTE": "daemon",
-    "dummy_secrets": "true",
-  }
-
-  # prepare nix-shell
-  # the dependencies which are used by the test script
-  deps = [ "gnumake", "jq", "nix",
-            "(import <stockholm>).pkgs.populate",
-            "(import <stockholm>).pkgs.test.infest-cac-centos7" ]
-  # TODO: --p
author	tv <tv@krebsco.de>	2017-07-14 00:17:58 +0200
committer	tv <tv@krebsco.de>	2017-07-14 00:21:02 +0200
commit	58380c82848c3db0bd6c3d74904153f3464c2098 (patch)
tree	dcefa424c037ef13edba18967143b3290dc739cb /shared/2configs
parent	c213968c44befe32f115ec0122accebdabd89582 (diff)