diff options
93 files changed, 1389 insertions, 3413 deletions
diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index c365798f3..bd17c3765 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -2,7 +2,15 @@ with config.krebs.lib; let - buildbot = pkgs.buildbot; + + # https://github.com/NixOS/nixpkgs/issues/14026 + nixpkgs-fix = import (pkgs.fetchgit { + url = https://github.com/nixos/nixpkgs; + rev = "e026b5c243ea39810826e68362718f5d703fb5d0"; + sha256 = "87e0724910a6df0371f883f99a8cf42e366fb4119f676f6f74ffb404beca2632"; + }) {}; + + buildbot = nixpkgs-fix.buildbot; buildbot-master-config = pkgs.writeText "buildbot-master.cfg" '' # -*- python -*- from buildbot.plugins import * diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index c114b74df..a38d2b227 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -91,8 +91,6 @@ let imp = lib.mkMerge [ { krebs = import ./lass { inherit config lib; }; } { krebs = import ./makefu { inherit config lib; }; } - { krebs = import ./miefda { inherit config lib; }; } - { krebs = import ./mv { inherit config lib; }; } { krebs = import ./shared { inherit config lib; }; } { krebs = import ./tv { inherit config lib; }; } { diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index dccc11b3f..b610ff3d1 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -1,4 +1,4 @@ -arg@{ config, lib, pkgs, ... }: +{ config, lib, pkgs, ... }: let inherit (pkgs) writeText; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 760c2d69d..08e8995fa 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -91,6 +91,7 @@ with config.krebs.lib; "prism.retiolum" "prism.r" "cgit.prism.retiolum" + "cgit.prism.r" "cache.prism.r" ]; tinc.pubkey = '' @@ -296,5 +297,13 @@ with config.krebs.lib; fritz = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540"; }; + prism-repo-sync = { + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINR9oL/OPHjjKjQ+IyRqWpgrXdZrKKAwFKIte8gYml6C"; + mail = "lass@prism.r"; + }; + mors-repo-sync = { + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h"; + mail = "lass@mors.r"; + }; }; } diff --git a/krebs/3modules/miefda/default.nix b/krebs/3modules/miefda/default.nix deleted file mode 100644 index a03f7ff4d..000000000 --- a/krebs/3modules/miefda/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ config, lib, ... }: - -with config.krebs.lib; - -{ - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.miefda) { - bobby = { - cores = 4; - nets = { - retiolum = { - ip4.addr = "10.243.111.112"; - ip6.addr = "42:0:0:0:0:0:111:112"; - aliases = [ - "bobby.retiolum" - "cgit.bobby.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA+AScnIqFdzGl+iRZTNZ7r91n/r1H4GzDsrAupUvJ4mi7nDN4eP8s - uLvKtJp22RxfuF3Kf4KhHb8LHQ8bLLN/KDaNDXrCNBc69d7vvLsjoY+wfGLJNu4Y - Ad/8J4r3rdb83mTA3IHb47T/70MERPBr2gF84YiG6ZoQrPQuTk4lHxaI83SOhjny - 0F0ucS/rBV6Vv9y5/756TKi1cFPSpY4X+qeWc8xWrBGJcJiiqYb8ZX2o/lkAJ5c+ - jI/VdybGFVGY9+bp4Jw5xBIo5KGuFnm8+blRmSDDl3joRneKQSx9FAu7RUwoajBu - cEbi1529NReQzIFT6Vt22ymbHftxOiuh4QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - #ssh.privkey.path = <secrets/ssh.ed25519>; - #ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+7Qa51l0NSkBiaK2s8vQEoeObV3UPZyEzMxfUK/ZAO root@stro"; - }; - }; - users = { - miefda = { - mail = "miefda@miefda.de"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCVdNCks6mrItKHYIwgW3s+NINFhHqZtLPj3l6TJUWd93ZSuuI6P+Z/0m0G9Z4tWWaXWsOCnzMA2WOKcitBbLcaQxVypJfvmfoA5CVlh4/nf8NfvbMFkVIYPehxR7YoejfKOxPOCNC3248RiD8kqa4/5IF8qdqE+mRQUIZJXvN0jZZ+rGnYo5Z544O9JqsV+VjjOgK0Fchpxf/lC8dnBucIce7gUwi5npwsGQZgSDmRobBRFVDZag1abLFNZN2faI8uqzSlU6KRRapYV266Of7j3kmDokMan4szjP1EexmTWm+arwRiz9p0M5oKs6zofez0mOyF5ux02NB3XIhbJc8CfMjeA7PmSg4ZhghjlSjIOR+1mMIDiDVi6PNLw5atzvpyfYtpf5sWpdIpXCS0lyzIgasqW4gbAiWoFPv5A0mw0QI6UqlxQ8Pdm6R7P6yQxyknrxnvFGMQPiqgl21ssSNA9A+YRd4j0nATntzOeD1bxTZkyU4FtW++0hg3Ph6HiHLfPd9w70wPr7b0RITVnBcN2ZqIO+5NIqQYU801FCNXsTuBh0ueTsVTGJYySUGkmkHyH5spLYdr1Z5w+4W+HgbxPk40pyZJ18S0umL49igxR9NsniucFy1/jqqi0TiDIsHx6vsawFT1F2rq9ZtGaRcJL6Yfz0p+uZC5rc/nI+mMlQ== miefda@nixos"; - }; - }; -} diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix deleted file mode 100644 index 20118c61f..000000000 --- a/krebs/3modules/mv/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ config, ... }: - -with config.krebs.lib; - -{ - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.mv) { - stro = { - cores = 4; - nets = { - retiolum = { - ip4.addr = "10.243.111.111"; - ip6.addr = "42:0:0:0:0:0:111:111"; - aliases = [ - "stro.retiolum" - "cgit.stro.retiolum" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0vIzLyoetOyi3R7qOh3gjSvUVjPEdqCvd0NEevDCIhhFy0nIbZ/b - vnuk3EUeTb6e384J8fKB4agig0JeR3JjtDvtjy5g9Cdy2nrU71w8wqU0etmv2PTb - FjbCFfeBXn0N3U7gXwjZGCvjAXa1a4jGb4R2iYBYGG3aY4reCN8B8Ah81h+S0oLg - ZJJfaBmWM5vNRFEI5X4CLaVnwtsoZuXIjYStgNn/9Mg/Y6NQS0H0H+HFeyhigAqG - oYGqNar/2QqPU176V/FwrD30F3qJV1uyzuPta7hmdfOxqYjZ/jqdPSRYtlunYYcq - XbH5oYmzO9NEeVWzjdac/DiV2OP8HufoYwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+7Qa51l0NSkBiaK2s8vQEoeObV3UPZyEzMxfUK/ZAO root@stro"; - }; - }; - users = { - mv-stro = { - mail = "mv@stro.retiolum"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCxM34g1GUm5EtU00DAOlGSx8MsCWunhGTrozurj460QT7EdUbZvj0AcrQC0lP9kaZyhX+KueTjmLC+ICsnlHYeg4zoSEnSAUkccuyZxfgynVc4wrpfNAc1nHjDhDb/ulnC+8wNxvxUpI0XlBgu/Y7AbbChZj3ofv6uGGHJKfG3uSyCkt9VTCi1KwydHpe9P252N8NbopnbnkT0EMkRHruh7ICEKr4/ivmUL/IUrbFicEeCy4SeRAl8+00x4WqqvbBPzgdXn0AIjKLvus3dBoQubJNpUoXnyXJbElnit5a7QcgZJNLMbV0kf9zzCGduxkADzHkAFB9D4PuSMYt62iy12QlGbm80A9ncuwaSyJf7hPTvNbU8VyCblyfRz/SCaudUrfk5Xbxxu26FHi4hZqr3IUQt4T8pD8JWYGl4n2ZKnD8hHz/jrmNBK8h9d+VFafU9t1hRxlFsW1AhMEM+kfWClyhfTcKBKbml2a657lgUEVmlZt+18kwwsivM1QhHNTgxn5urRXRkh1VQ40UQroVuV1OUmvAngyAthF441VPGc5z7kEI+D4qjmUjSy6k4dvEy/RGfsAgJCf63zilRuUbL68f2OpxE8aeZZUXPvgdLml284pry7+C5sjlnCDoJfCj/yhdVx6mU9pWUd/Q97CLQewbsYhMzsqlBlIkXuipkDQ== mv@stro"; - }; - }; -} diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index c5c806cdf..0317d1eca 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -11,38 +11,39 @@ let api = { enable = mkEnableOption "repo-sync"; - config = mkOption { - type = with types;attrsOf (attrsOf (attrsOf str)); + repos = mkOption { + type = with types;attrsOf (attrsOf (attrsOf (attrsOf str))); example = literalExample '' # see `repo-sync --help` # `ref` provides sane defaults and can be omitted # attrset will be converted to json and be used as config - { + { repo = { makefu = { - origin = { - url = http://github.com/makefu/repo ; - ref = "heads/dev" ; - }; - mirror = { - url = "git@internal:mirror" ; - ref = "heads/github-mirror-dev" ; - }; + origin = { + url = http://github.com/makefu/repo ; + ref = "heads/dev" ; + }; + mirror = { + url = "git@internal:mirror" ; + ref = "heads/github-mirror-dev" ; + }; }; lass = { - origin = { - url = http://github.com/lass/repo ; - }; - mirror = { - url = "git@internal:mirror" ; - }; + origin = { + url = http://github.com/lass/repo ; + }; + mirror = { + url = "git@internal:mirror" ; + }; }; "@latest" = { - mirror = { - url = "git@internal:mirror"; - ref = "heads/master"; - }; + mirror = { + url = "git@internal:mirror"; + ref = "heads/master"; + }; }; + }; }; ''; }; @@ -56,53 +57,75 @@ let type = types.str; default = "/var/lib/repo-sync"; }; + |