diff options
98 files changed, 1507 insertions, 834 deletions
@@ -16,6 +16,6 @@ let ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts; build = host: owner: - ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-tmp";}); + ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";}); in mapAttrs (n: h: build n h.owner.name) ci-systems diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index cf72e0d73..916073375 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -12,8 +12,8 @@ <stockholm/krebs/2configs/buildbot-stockholm.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/ircd.nix> - <stockholm/krebs/2configs/reaktor-retiolum.nix> - <stockholm/krebs/2configs/reaktor-krebs.nix> + <stockholm/krebs/2configs/nscd-fix.nix> + <stockholm/krebs/2configs/reaktor2.nix> <stockholm/krebs/2configs/repo-sync.nix> ]; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 914b38051..ec8830711 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -161,6 +161,7 @@ in users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.ulrich.pubkey + config.krebs.users.raute.pubkey config.krebs.users.makefu-omo.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup ]; diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix new file mode 100644 index 000000000..5dc24f1de --- /dev/null +++ b/krebs/2configs/exim-smarthost.nix @@ -0,0 +1,50 @@ +with import <stockholm/lib>; +{ config, ... }: let + + format = from: to: { + inherit from; + # TODO assert is-retiolum-mail-address to; + to = concatMapStringsSep "," (getAttr "mail") (toList to); + }; + +in { + krebs.exim-smarthost.internet-aliases = + mapAttrsToList format (with config.krebs.users; let + brain-ml = [ + lass + makefu + tv + ]; + eloop-ml = spam-ml ++ [ ciko ]; + spam-ml = [ + lass + makefu + tv + ]; + ciko.mail = "ciko@slash16.net"; + in { + "anmeldung@eloop.org" = eloop-ml; + "brain@krebsco.de" = brain-ml; + "cfp@eloop.org" = eloop-ml; + "kontakt@eloop.org" = eloop-ml; + "root@eloop.org" = eloop-ml; + "youtube@eloop.org" = eloop-ml; + "eloop2016@krebsco.de" = eloop-ml; + "eloop2017@krebsco.de" = eloop-ml; + "postmaster@krebsco.de" = spam-ml; # RFC 822 + "lass@krebsco.de" = lass; + "makefu@krebsco.de" = makefu; + "spam@krebsco.de" = spam-ml; + "tv@krebsco.de" = tv; + # XXX These are no internet aliases + # XXX exim-retiolum hosts should be able to relay to retiolum addresses + "lass@retiolum" = lass; + "makefu@retiolum" = makefu; + "spam@retiolum" = spam-ml; + "tv@retiolum" = tv; + "lass@r" = lass; + "makefu@r" = makefu; + "spam@r" = spam-ml; + "tv@r" = tv; + }); +} diff --git a/krebs/2configs/nscd-fix.nix b/krebs/2configs/nscd-fix.nix new file mode 100644 index 000000000..8e5909e72 --- /dev/null +++ b/krebs/2configs/nscd-fix.nix @@ -0,0 +1,24 @@ +with import <stockholm/lib>; +{ pkgs, ... }: let + + enable = versionOlderThan "19.03"; + + versionOlderThan = v: + compareVersions + (versions.majorMinor version) + (versions.majorMinor v) + == -1; + + warning = '' + Using custom services.nscd.config because + https://github.com/NixOS/nixpkgs/pull/50316 + ''; + +in + optionalAttrs enable (trace warning { + services.nscd.enable = mkForce true; + services.nscd.config = mkForce (readFile (pkgs.fetchurl { + url = https://raw.githubusercontent.com/arianvp/nixpkgs/1d5f4cb/nixos/modules/services/system/nscd.conf; + sha256 = "1jlddk38lyynjn51zx3xi1nc29ahajyh0qg48qbq6dqlsrn3wxqs"; + })); + }) diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix deleted file mode 100644 index dc2838cae..000000000 --- a/krebs/2configs/reaktor-krebs.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; - -{ - krebs.Reaktor.krebs = { - nickname = "Reaktor|krebs"; - channels = [ - "#krebs" - "#nixos-wiki" - ]; - extraEnviron = { - REAKTOR_HOST = "irc.freenode.org"; - REAKTOR_NICKSERV_PASSWORD = "/var/lib/Reaktor/reaktor_nickserv_password"; - }; - plugins = with pkgs.ReaktorPlugins; [ - sed-plugin - task-add - task-delete - task-done - task-list - ] ++ - (attrValues (todo "agenda")) - ; - }; - krebs.secret.files.nix-serve-key = { - path = "/var/lib/Reaktor/reaktor_nickserv_password"; - owner.name = "Reaktor"; - source-path = toString <secrets> + "/reaktor_nickserv_password"; - }; -} diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix deleted file mode 100644 index 824f59d09..000000000 --- a/krebs/2configs/reaktor-retiolum.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; - -{ - krebs.Reaktor.retiolum = { - nickname = "Reaktor|lass"; - channels = [ "#noise" "#xxx" ]; - extraEnviron = { - REAKTOR_HOST = "irc.r"; - }; - plugins = with pkgs.ReaktorPlugins; [ - sed-plugin - task-add - task-delete - task-done - task-list - ] ++ - (attrValues (todo "agenda")) - ; - }; -} diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix new file mode 100644 index 000000000..ff6b539ba --- /dev/null +++ b/krebs/2configs/reaktor2.nix @@ -0,0 +1,152 @@ +with import <stockholm/lib>; +{ config, pkgs, ... }: + +let + #for shared state directory + stateDir = config.krebs.reaktor2.r.stateDir; + + generators = pkgs.reaktor2-plugins.generators; + hooks = pkgs.reaktor2-plugins.hooks; + commands = pkgs.reaktor2-plugins.commands; + + task = name: let + rcFile = builtins.toFile "taskrc" '' + confirmation=no + ''; + in { + pattern = "^${name}-([a-z]+)(?::\\s*(.*))?"; + activate = "match"; + command = 1; + arguments = [2]; + env.TASKDATA = "${stateDir}/${name}"; + commands = { + add.filename = pkgs.writeDash "${name}-task-add" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$1" + ''; + list.filename = pkgs.writeDash "${name}-task-list" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} export \ + | ${pkgs.jq}/bin/jq -r ' + .[] | select(.id != 0) | "\(.id) \(.description)" + ' + ''; + delete.filename = pkgs.writeDash "${name}-task-delete" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$1" + ''; + done.filename = pkgs.writeDash "${name}-task-done" '' + ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$1" + ''; + }; + }; + + systemPlugin = { + plugin = "system"; + config = { + workdir = stateDir; + hooks.JOIN = [ + { + activate = "always"; + command = { + filename = + "${pkgs.Reaktor.src}/reaktor/commands/tell-on_join"; + env = { + PATH = makeBinPath [ + pkgs.coreutils # XXX env, touch + pkgs.jq # XXX sed + pkgs.utillinux # XXX flock + ]; + state_file = "${stateDir}/tell.json"; + }; + }; + } + ]; + hooks.PRIVMSG = [ + { + pattern = "^bier bal(ance)*$"; + activate = "match"; + command = { + env = { + state_file = "${stateDir}/ledger"; + }; + filename = pkgs.writeDash "bier-balance" '' + ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \ + | ${pkgs.coreutils}/bin/tail +2 \ + | ${pkgs.miller}/bin/mlr --icsv --opprint cat + ''; + }; + } + { + pattern = ''^(\S+)\s+([+-][1-9][0-9]*)\s+(\S+)$''; + activate = "match"; + arguments = [1 2 3]; + command = { + env = { + # TODO; get state as argument + state_file = "${stateDir}/ledger"; + }; + filename = pkgs.writeDash "ledger-add" '' + set -x + tonick=$1 + amt=$2 + unit=$3 + printf '%s\n %s %d %s\n %s %d %s\n' "$(date -Id)" "$tonick" "$amt" "$unit" "$_from" "$(expr 0 - "''${amt#+}")" "$unit" >> $state_file + ''; + |