diff options
82 files changed, 889 insertions, 354 deletions
diff --git a/.gitmodules b/.gitmodules index c96fec739..f35a9250d 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,6 @@ [submodule "submodules/nix-writers"] path = submodules/nix-writers url = http://cgit.krebsco.de/nix-writers +[submodule "submodules/krops"] + path = submodules/krops + url = https://cgit.krebsco.de/krops @@ -16,6 +16,6 @@ let ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts; build = host: owner: - ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";}); + ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build/${host}";}); in mapAttrs (n: h: build n h.owner.name) ci-systems diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 4c07da6e8..0edf23676 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -130,10 +130,12 @@ # Don't install feh into systemPackages # refs <nixpkgs/nixos/modules/services/x11/desktop-managers> desktopManager.session = lib.mkForce []; + displayManager.lightdm.enable = lib.mkForce false; + displayManager.job.execCmd = lib.mkForce "derp"; enable = true; - display = 11; - tty = 11; + display = lib.mkForce 11; + tty = lib.mkForce 11; dpi = 144; diff --git a/jeschli/krops.nix b/jeschli/krops.nix index 34f3aaa53..d45d57c63 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -29,6 +29,7 @@ in { # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) test = { target }: pkgs.krops.writeTest "${name}-test" { + force = true; inherit target; source = source { test = true; }; }; diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index d10fb7203..5784f2cdc 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -22,6 +22,12 @@ "http://cgit.ni.r/disko" "http://cgit.prism.r/disko" ]; + krops.urls = [ + "http://cgit.hotdog.r/krops" + "http://cgit.ni.r/krops" + "http://cgit.prism.r/krops" + "https://git.ingolf-wagner.de/krebs/krops.git" + ]; nix_writers.urls = [ "http://cgit.hotdog.r/nix-writers" "http://cgit.ni.r/nix-writers" diff --git a/makefu/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index 5250ee67a..1633840f7 100644 --- a/makefu/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -1,10 +1,10 @@ { config, lib, pkgs, ... }: with import <stockholm/lib>; #genid let - cfg = config.makefu.airdcpp; + cfg = config.krebs.airdcpp; out = { - options.makefu.airdcpp = api; + options.krebs.airdcpp = api; config = lib.mkIf cfg.enable imp; }; @@ -18,7 +18,7 @@ let user = mkOption { description = '' - user which will run udpt. if kept default a new user will be created + user which will run airdcpp. if kept default a new user will be created ''; type = str; default = "airdcpp"; @@ -37,7 +37,54 @@ let type = str; default = "/var/lib/airdcpp"; }; + hubs = mkOption { + type = attrsOf (submodule ( { config, ... }: { + options = { + Nick = mkOption { + description = '' + Nick Name for hub + ''; + type = str; + default = cfg.Nick; + }; + Password = mkOption { + description = '' + Password to be used + + WARNING: will be stored in plain text in /nix/store + ''; + type = str; + default = ""; + apply = lib.removeSuffix "\n"; + }; + Server = mkOption { + description = '' + URL to the hub (must be provided) + ''; + type = str; + }; + AutoConnect = mkOption { + description = '' + automatically connect to the hub + ''; + type = bool; + default = false; + }; + }; + })); + description = "hubs which should be configured via Favorites.xml, + Options are only used if no initial Favorites.xml file is provided and none exists"; + default = {}; + }; + initialFavoritesConfigFile = mkOption { + description = '' + path inital Favorites.xml configuration if none exists + ''; + type = nullOr path; + default = null; + }; dcpp = { + # entries in DCPlusPlus.xml Nick = mkOption { description = '' Nick Name for connection @@ -70,6 +117,11 @@ let type = str; default = "100"; }; + DownloadDirectory = mkOption { + description = "Directory, where new files will be saved into"; + type = str; + default = "${cfg.stateDir}/Download"; + }; shares = mkOption { default = {}; type = attrsOf (submodule ( { config, ... }: { @@ -117,6 +169,7 @@ let password = mkOption { description = "password of user"; type = str; + apply = lib.removeSuffix "\n"; }; permissions = mkOption { description = "user permissions"; @@ -133,11 +186,6 @@ let genUsers = users: concatMapStringsSep "\n" (user: ''<WebUser Username="${user.name}" Password="${user.password}" LastLogin="0" Permissions="${user.permissions}"/>'' ) (mapAttrsToList (name: val: val // { inherit name; }) users); - genShares = shares: concatMapStringsSep "\n" (share: - ''<Directory Virtual="stockholm" Incoming="${ - if share.incoming then "1" else "0" - }" LastRefreshTime="0">${share.path}</Directory>'' ) - (mapAttrsToList (name: val: val // { inherit name; }) shares); webConfigFile = if (cfg.web.initialConfigFile == null) then builtins.trace "warning: airdcpp passwords are stored in plain text" pkgs.writeText "initial-config" '' <?xml version="1.0" encoding="utf-8" standalone="yes"?> <WebServer> @@ -149,16 +197,34 @@ let </WebUsers> </WebServer> '' else cfg.web.initialConfigFile; + genHubs = hubs: concatMapStringsSep "\n" (hub: + ''<Hub Name="${hub.name}" Connect="${ + if hub.AutoConnect then "1" else "0" + }" Description="" Password="${hub.Password}" Server="${hub.Server}" ChatUserSplit="0" UserListState="1" HubFrameOrder="" HubFrameWidths="" HubFrameVisible="" Group="" Bottom="0" Top="0" Right="0" Left="0" Nick="${hub.Nick}"/>'' ) + (mapAttrsToList (name: val: val // { inherit name; }) hubs); + favoritesConfigFile = if (cfg.initialFavoritesConfigFile == null) then + builtins.trace "warning: airdcpp hub passwords are stored in plain text" pkgs.writeText "initial-config" '' + <?xml version="1.0" encoding="utf-8" standalone="yes"?> + <Favorites> + <Hubs> + ${genHubs cfg.hubs} + </Hubs> + </Favorites> + '' else cfg.initialFavoritesConfigFile; + genShares = shares: concatMapStringsSep "\n" (share: + ''<Directory Virtual="${share.name}" Incoming="${ + if share.incoming then "1" else "0" + }" LastRefreshTime="0">${share.path}</Directory>'' ) + (mapAttrsToList (name: val: val // { inherit name; }) shares); dcppConfigFile = if (cfg.dcpp.initialConfigFile == null) then pkgs.writeText "initial-config" '' <?xml version="1.0" encoding="utf-8" standalone="yes"?> <DCPlusPlus> <Settings> <Nick type="string">${cfg.dcpp.Nick}</Nick> - <ConfigVersion type="string">${cfg.package.version}</ConfigVersion> <InPort type="int">${toString cfg.dcpp.InPort}</InPort> <UDPPort type="int">${toString cfg.dcpp.UDPPort}</UDPPort> <TLSPort type="int">${toString cfg.dcpp.TLSPort}</TLSPort> - <ConfigBuildNumber type="int">0</ConfigBuildNumber> + <DownloadDirectory type="string">${cfg.dcpp.DownloadDirectory}</DownloadDirectory> <AutoDetectIncomingConnection type="int">0</AutoDetectIncomingConnection> <NoIpOverride type="int">1</NoIpOverride> <WizardRunNew type="int">0</WizardRunNew> @@ -187,6 +253,8 @@ let test -e $d || install -m700 -o${cfg.user} ${webConfigFile} $d d=${cfg.stateDir}/DCPlusPlus.xml test -e $d || install -m700 -o${cfg.user} ${dcppConfigFile} $d + d=${cfg.stateDir}/Favorites.xml + test -e $d || install -m700 -o${cfg.user} ${favoritesConfigFile} $d ''; PermissionsStartOnly = true; ExecStart = "${cfg.package}/bin/airdcppd -c=${cfg.stateDir} -p=${cfg.stateDir}/airdcpp.pid"; diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 41b701cd0..6307649e3 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -6,6 +6,7 @@ let out = { imports = [ + ./airdcpp.nix ./announce-activation.nix ./apt-cacher-ng.nix ./backup.nix diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 8a923efd2..f6b4e3c69 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -121,6 +121,10 @@ let cgit-settings = types.submodule { # A setting's value of `null` means cgit's default should be used. options = { + about-filter = mkOption { + type = types.nullOr types.package; + default = null; + }; cache-root = mkOption { type = types.absolute-pathname; default = "/tmp/cgit"; @@ -166,6 +170,10 @@ let types.nullOr (types.enum ["week" "month" "quarter" "year"]); default = "year"; }; + readme = mkOption { + type = types.listOf types.str; + default = []; + }; robots = mkOption { type = types.nullOr (types.listOf types.str); default = ["nofollow" "noindex"]; @@ -394,8 +402,14 @@ let kv-to-cgitrc = k: v: getAttr (typeOf v) { bool = kv-to-cgitrc k (if v then 1 else 0); null = []; # This will be removed by `flatten`. - list = "${k}=${concatStringsSep ", " v}"; + list = { + readme = map (x: "readme=${x}") v; + }.${k} or "${k}=${concatStringsSep ", " v}"; int = "${k}=${toString v}"; + set = + if subtypes.cgit-settings.check v + then "${k}=${v}" + else error "kv-to-cgitrc: unhandled type: set"; string = "${k}=${v}"; }; in diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 7d9ef5075..6b4dc3f17 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -494,6 +494,44 @@ with import <stockholm/lib>; }; }; }; + eve = { + monitoring = false; + ci = false; + external = true; + nets = rec { + internet = { + # eve.thalheim.io + ip4.addr = "188.68.39.17"; + ip6.addr = "2a03:4000:13:31e::1"; + aliases = [ "eve.i" ]; + }; + retiolum = rec { + via = internet; + addrs = [ + ip4.addr + ip6.addr + ]; + ip4.addr = "10.243.29.174"; + ip6.addr = "42:4992:6a6d:a00::1"; + aliases = [ "eve.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH + XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82 + 08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk + 6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI + +xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3 + dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW + pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP + c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi + YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI + 61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13 + Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; xerxes = { cores = 2; nets = rec { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 454f9bc65..e2152ea1a 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -4,7 +4,9 @@ with import <stockholm/lib>; ## generate keys with: # tinc generate-keys # ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host -{ +let + pub-for = name: builtins.readFile (./ssh + "/${name}.pub"); +in { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { cake = rec { cores = 4; @@ -590,6 +592,8 @@ with import <stockholm/lib>; "cache.gum.r" "logs.makefu.r" "stats.makefu.r" + "backup.makefu.r" + "dcpp.nextgum.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -654,6 +658,7 @@ with import <stockholm/lib>; "wiki.gum.r" "blog.makefu.r" "blog.gum.r" + "dcpp.gum.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -1099,48 +1104,48 @@ with import <stockholm/lib>; users = rec { makefu = { mail = "makefu@x.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIy |