diff options
| -rw-r--r-- | krebs/3modules/default.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/htgen.nix | 68 | ||||
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 2 | ||||
| -rw-r--r-- | krebs/5pkgs/apt-cacher-ng/default.nix | 4 | ||||
| -rw-r--r-- | krebs/5pkgs/htgen/default.nix | 28 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 7 | ||||
| -rw-r--r-- | lass/2configs/repo-sync.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/websites/domsen.nix | 1 | ||||
| -rw-r--r-- | makefu/1systems/omo.nix | 13 | ||||
| -rw-r--r-- | makefu/1systems/wry.nix | 14 | ||||
| -rw-r--r-- | makefu/1systems/x.nix | 3 | ||||
| -rw-r--r-- | makefu/2configs/backup.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/base-gui.nix | 7 | ||||
| -rw-r--r-- | makefu/2configs/default.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/extra-fonts.nix | 14 | ||||
| -rw-r--r-- | makefu/2configs/printer.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/urlwatch.nix | 2 | ||||
| -rw-r--r-- | makefu/5pkgs/dymo-cups-drivers/default.nix | 17 | ||||
| -rw-r--r-- | makefu/5pkgs/taskserver/default.nix | 43 | ||||
| -rw-r--r-- | shared/1systems/wolf.nix | 1 | ||||
| -rw-r--r-- | shared/2configs/share-shack.nix | 38 |
21 files changed, 184 insertions, 86 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index f336c966..d24cea1a 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -20,6 +20,7 @@ let ./github-hosts-sync.nix ./git.nix ./go.nix + ./htgen.nix ./iptables.nix ./kapacitor.nix ./monit.nix diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix new file mode 100644 index 00000000..0dddca6c --- /dev/null +++ b/krebs/3modules/htgen.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + cfg = config.krebs.htgen; + + out = { + options.krebs.htgen = api; + config = imp; + }; + + api = mkOption { + default = {}; + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + enable = mkEnableOption "krebs.htgen-${config.name}"; + + name = mkOption { + type = types.username; + default = config._module.args.name; + }; + + port = mkOption { + type = types.uint; + }; + + script = mkOption { + type = types.str; + }; + user = mkOption { + type = types.user; + default = { + name = "htgen-${config.name}"; + home = "/var/lib/htgen-${config.name}"; + }; + }; + }; + })); + }; + imp = { + + systemd.services = mapAttrs' (name: htgen: + nameValuePair "htgen-${name}" { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + environment = { + HTGEN_PORT = toString htgen.port; + HTGEN_SCRIPT = htgen.script; + }; + serviceConfig = { + SyslogIdentifier = "htgen"; + User = htgen.user.name; + PrivateTmp = true; + Restart = "always"; + ExecStart = "${pkgs.htgen}/bin/htgen --serve"; + }; + } + ) cfg; + + users.users = mapAttrs' (name: htgen: + nameValuePair htgen.user.name { + inherit (htgen.user) home name uid; + createHome = true; + } + ) cfg; + + }; +in out diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 489f62b6..7a6a88e8 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -464,7 +464,7 @@ with import <stockholm/lib>; retiolum = { via = internet; ip4.addr = "10.243.0.211"; - ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; + # ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; aliases = [ "gum.r" "gum.retiolum" diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix index 53736dcf..e3986713 100644 --- a/krebs/5pkgs/apt-cacher-ng/default.nix +++ b/krebs/5pkgs/apt-cacher-ng/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "apt-cacher-ng-${version}"; - version = "0.9.3.2"; + version = "2"; src = fetchurl { url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz"; - sha256 = "1bvng9mwrggvc93q2alj0x72i56wifnjs2dsycr17mapsv0f2gnc"; + sha256 = "0bkc3012vinridl5ch46pwnxjalymx4wf6nxax64nm7bdkcj9azf"; }; NIX_LDFLAGS = "-lpthread"; diff --git a/krebs/5pkgs/htgen/default.nix b/krebs/5pkgs/htgen/default.nix new file mode 100644 index 00000000..f9dfeb3d --- /dev/null +++ b/krebs/5pkgs/htgen/default.nix @@ -0,0 +1,28 @@ +{ bash, coreutils, gnused, stdenv, fetchgit, ucspi-tcp }: +with import <stockholm/lib>; +let + version = "1.1"; +in stdenv.mkDerivation { + name = "htgen-${version}"; + + src = fetchgit { + url = "http://cgit.krebsco.de/htgen"; + rev = "refs/tags/v${version}"; + sha256 = "1zxj0fv9vdrqyl3x2hgq7a6xdlzpclf93akygysrzsqk9wjapp4z"; + }; + + installPhase = '' + mkdir -p $out/bin + { + echo '#! ${bash}/bin/bash' + echo 'export PATH=${makeBinPath [ + ucspi-tcp + coreutils + gnused + ]}''${PATH+":$PATH"}' + cat htgen + } > $out/bin/htgen + chmod +x $out/bin/htgen + cp -r examples $out + ''; +} diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 710eb946..be08d0ec 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -32,10 +32,13 @@ let public-repos = mapAttrs make-public-repo { stockholm = { cgit.desc = "take all the computers hostage, they'll love you!"; + cgit.section = "configuration"; }; - kimsufi-check = {}; } // mapAttrs make-public-repo-silent { - the_playlist = {}; + the_playlist = { + cgit.desc = "Good Music collection + tools"; + cgit.section = "art"; + }; }; restricted-repos = mapAttrs make-restricted-repo ( diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index dfea637e..74e50854 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -10,6 +10,7 @@ let public = true; name = mkDefault "${name}"; cgit.desc = mkDefault "mirror for ${name}"; + cgit.section = mkDefault "mirror"; hooks = mkIf announce (mkDefault { post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index daecdcd2..fde3f7c2 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -120,6 +120,7 @@ in { sender_domains = [ "jla-trading.com" "ubikmedia.eu" + "ubikmedia.de" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index a6a336fe..99303b60 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -43,7 +43,6 @@ in { # TODO: unlock home partition via ssh ../2configs/fs/sda-crypto-root.nix ../2configs/zsh-user.nix - ../2configs/urlwatch.nix ../2configs/backup.nix ../2configs/exim-retiolum.nix ../2configs/smart-monitor.nix @@ -182,5 +181,17 @@ in { zramSwap.enable = true; + krebs.Reaktor.reaktor = { + nickname = "Reaktor|bot"; + channels = [ "#krebs" "#shackspace" "#binaergewitter" ]; + plugins = with pkgs.ReaktorPlugins;[ + titlebot + # stockholm-issue + nixos-version + shack-correct + sed-plugin + random-emoji ]; + }; + krebs.build.host = config.krebs.hosts.omo; } diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 2457ab92..c403d235 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -33,18 +33,6 @@ in { krebs.build.host = config.krebs.hosts.wry; - krebs.Reaktor.reaktor = { - nickname = "Reaktor|bot"; - channels = [ "#krebs" "#shackspace" "#binaergewitter" ]; - plugins = with pkgs.ReaktorPlugins;[ - titlebot - # stockholm-issue - nixos-version - shack-correct - sed-plugin - random-emoji ]; - }; - # prepare graphs services.nginx.enable = true; krebs.retiolum-bootstrap.enable = true; @@ -64,7 +52,7 @@ in { return 403; } ''; - serverAliases = [ "graphs.retiolum" "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ]; + serverAliases = [ "graphs.r" "graphs.retiolum" "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ]; }; anonymous = { enableSSL = true; diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index 9666f50f..9cedc04a 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -8,6 +8,7 @@ [ # base ../. ../2configs/main-laptop.nix + ../2configs/extra-fonts.nix ../2configs/tools/all.nix ../2configs/laptop-backup.nix ../2configs/dnscrypt.nix @@ -46,7 +47,7 @@ ../2configs/mail-client.nix ../2configs/printer.nix ../2configs/virtualization.nix - # ../2configs/virtualization-virtualbox.nix + ../2configs/virtualization-virtualbox.nix ../2configs/wwan.nix ../2configs/rad1o.nix diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix index 280dc1df..9ed89032 100644 --- a/makefu/2configs/backup.nix +++ b/makefu/2configs/backup.nix @@ -29,7 +29,7 @@ let }; in { krebs.backup.plans = { - wry-to-omo_root = defaultPull config.krebs.hosts.wry "/"; + # wry-to-omo_root = defaultPull config.krebs.hosts.wry "/"; gum-to-omo_root = defaultPull config.krebs.hosts.gum "/"; }; } diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index 43b37cd8..ba4c551b 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -41,7 +41,7 @@ in fonts = { enableCoreFonts = true; enableFontDir = true; - enableGhostscriptFonts = false; + enableGhostscriptFonts = true; fonts = [ pkgs.terminus_font ]; }; @@ -62,7 +62,7 @@ in cat |derp <<EOF XTerm*background: black XTerm*foreground: white - XTerm*FaceName : Terminus:pixelsize=14 + XTerm*FaceName : xft:xos4 Terminus:pixelsize=14 URxvt*termName: rxvt URxvt*saveLines: 10000 @@ -74,7 +74,8 @@ in URxvt.background: black URxvt.urgentOnBell: true URxvt.visualBell: false - URxvt.font : xft:Terminus + URxvt.font : xft:xos4 Terminus:size=12 + ! blue URxvt*color4: #268bd2 diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 1ad7f071..2f340a67 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -22,7 +22,7 @@ with import <stockholm/lib>; user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; - ref = "53a2baa"; # unstable @ 2017-02-28 + ref = "3ff00fa"; # unstable @ 2017-03-31 + cups-dymo in { nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then { diff --git a/makefu/2configs/extra-fonts.nix b/makefu/2configs/extra-fonts.nix new file mode 100644 index 00000000..7b3a5f19 --- /dev/null +++ b/makefu/2configs/extra-fonts.nix @@ -0,0 +1,14 @@ + { pkgs, ... }: + { + fonts = { + enableFontDir = true; + enableGhostscriptFonts = true; + fonts = with pkgs; [ + inconsolata # monospaced + ubuntu_font_family # Ubuntu fonts + unifont # some international languages + dejavu_fonts + terminus_font + ]; + }; + } diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 7c7b00ab..509ed512 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -5,7 +5,7 @@ enable = true; drivers = [ pkgs.samsungUnifiedLinuxDriver - pkgs.dymo-cups-drivers + pkgs.cups-dymo ]; }; diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix index 20eb031a..5b82d810 100644 --- a/makefu/2configs/urlwatch.nix +++ b/makefu/2configs/urlwatch.nix @@ -10,6 +10,7 @@ https://api.github.com/repos/ovh/python-ovh/tags https://api.github.com/repos/embray/d2to1/tags http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release + https://api.github.com/repos/Mic92/vicious/tags https://pypi.python.org/simple/bepasty/ https://pypi.python.org/simple/xstatic/ http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ @@ -19,6 +20,7 @@ https://api.github.com/repos/embray/d2to1/tags https://api.github.com/repos/dorimanx/exfat-nofuse/commits https://api.github.com/repos/dorimanx/exfat-nofuse/tags + https://api.github.com/repos/radare/radare2/tags ]; }; } diff --git a/makefu/5pkgs/dymo-cups-drivers/default.nix b/makefu/5pkgs/dymo-cups-drivers/default.nix deleted file mode 100644 index d47bae6d..00000000 --- a/makefu/5pkgs/dymo-cups-drivers/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ stdenv, lib, pkgs, fetchurl, cups, ... }: - -stdenv.mkDerivation rec { - name = "dymo-cups-drivers-${version}"; - version = "1.4.0"; - src = fetchurl { - url = "http://download.dymo.com/dymo/Software/Download%20Drivers/Linux/Download/${name}.tar.gz"; - sha256 = "0wagsrz3q7yrkzb5ws0m5faq68rqnqfap9p98sgk5jl6x7krf1y6"; - }; - buildInputs = [ cups ]; - makeFlags = [ "cupsfilterdir=$(out)/lib/cups/filter" "cupsmodeldir=$(out)/share/cups/model" ]; - - # acd_cli gets dumped in bin and gets overwritten by fixupPhase - meta = { - description = "Dymo printer drivers"; - }; -} diff --git a/makefu/5pkgs/taskserver/default.nix b/makefu/5pkgs/taskserver/default.nix deleted file mode 100644 index a1502b4d..00000000 --- a/makefu/5pkgs/taskserver/default.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ stdenv, fetchurl, cmake, libuuid, gnutls, makeWrapper }: - -stdenv.mkDerivation rec { - name = "taskserver-${version}"; - version = "1.1.0"; - - enableParallelBuilding = true; - - src = fetchurl { - url = "http://www.taskwarrior.org/download/taskd-${version}.tar.gz"; - sha256 = "1d110q9vw8g5syzihxymik7hd27z1592wkpz55kya6lphzk8i13v"; - }; - - patchPhase = '' - pkipath=$out/share/taskd/pki - mkdir -p $pkipath - cp -r pki/* $pkipath - echo "patching paths in pki/generate" - sed -i "s#^\.#$pkipath#" $pkipath/generate - for f in $pkipath/generate* ;do - i=$(basename $f) - echo patching $i - sed -i \ - -e 's/which/type -p/g' \ - -e 's#^\. ./vars#if test -e ./vars;then . ./vars; else echo "cannot find ./vars - copy the template from '$pkipath'/vars into the working directory";exit 1; fi#' $f - - echo wrapping $i - makeWrapper $pkipath/$i $out/bin/taskd-pki-$i \ - --prefix PATH : ${gnutls}/bin/ - done - ''; - - buildInputs = [ makeWrapper ]; - nativeBuildInputs = [ cmake libuuid gnutls ]; - - meta = { - description = "Server for synchronising Taskwarrior clients"; - homepage = http://taskwarrior.org; - license = stdenv.lib.licenses.mit; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ matthiasbeyer makefu ]; - }; -} diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index b0b82278..722a0881 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -15,6 +15,7 @@ in ../2configs/cgit-mirror.nix ../2configs/repo-sync.nix ../2configs/graphite.nix + ../2configs/share-shack.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) diff --git a/shared/2configs/share-shack.nix b/shared/2configs/share-shack.nix new file mode 100644 index 00000000..247b9ee7 --- /dev/null +++ b/shared/2configs/share-shack.nix @@ -0,0 +1,38 @@ +{config, ... }:{ + users.users.smbguest = { + name = "smbguest"; + uid = config.ids.uids.smbguest; + group = "share"; + description = "smb guest user"; + home = "/home/share"; + createHome = true; + }; + + networking.firewall.allowedTCPPorts = [ + 139 445 # samba + ]; + + networking.firewall.allowedUDPPorts = [ + 137 138 + ]; + services.samba = { + enable = true; + shares = { + share-home = { + path = "/home/share/"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + }; + extraConfig = '' + guest account = smbguest + map to guest = bad user + # disable printing + load printers = no + printing = bsd + printcap name = /dev/null + disable spoolss = yes + ''; + }; +} |