diff options
-rw-r--r-- | krebs/3modules/default.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/lass/default.nix | 8 | ||||
-rw-r--r-- | krebs/3modules/tinc.nix (renamed from krebs/3modules/retiolum.nix) | 48 | ||||
-rw-r--r-- | krebs/5pkgs/default.nix | 81 | ||||
-rw-r--r-- | krebs/5pkgs/haskell-overrides/kirk.nix | 18 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/blessings.nix (renamed from krebs/5pkgs/haskell-overrides/blessings.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/default.nix | 15 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/email-header.nix (renamed from krebs/5pkgs/haskell-overrides/email-header.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/hyphenation.nix (renamed from krebs/5pkgs/haskell-overrides/hyphenation.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/kirk.nix | 21 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/news.nix (renamed from krebs/5pkgs/haskell-overrides/news.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/scanner.nix (renamed from krebs/5pkgs/haskell-overrides/scanner.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/xmonad-stockholm.nix (renamed from krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/default.nix (renamed from krebs/5pkgs/Reaktor/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/plugins.nix (renamed from krebs/5pkgs/Reaktor/plugins.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh (renamed from krebs/5pkgs/Reaktor/scripts/random-emoji.sh) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh (renamed from krebs/5pkgs/Reaktor/scripts/random-issue.sh) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py (renamed from krebs/5pkgs/Reaktor/scripts/sed-plugin.py) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh (renamed from krebs/5pkgs/Reaktor/scripts/shack-correct.sh) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/apt-cacher-ng/default.nix (renamed from krebs/5pkgs/apt-cacher-ng/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/bepasty-client-cli/default.nix (renamed from krebs/5pkgs/bepasty-client-cli/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/buildbot/default.nix (renamed from krebs/5pkgs/buildbot/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/buildbot/worker.nix (renamed from krebs/5pkgs/buildbot/worker.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/cac-api/default.nix (renamed from krebs/5pkgs/cac-api/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/cac-cert/cac.pem (renamed from krebs/5pkgs/cac-cert/cac.pem) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/cac-cert/default.nix (renamed from krebs/5pkgs/cac-cert/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/cac-panel/default.nix (renamed from krebs/5pkgs/cac-panel/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/collectd-connect-time/default.nix (renamed from krebs/5pkgs/collectd-connect-time/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/default.nix | 24 | ||||
-rw-r--r-- | krebs/5pkgs/simple/dic/default.nix (renamed from krebs/5pkgs/dic/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/drivedroid-gen-repo/default.nix (renamed from krebs/5pkgs/drivedroid-gen-repo/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/empty.nix | 2 | ||||
-rw-r--r-- | krebs/5pkgs/simple/fortclientsslvpn/default.nix (renamed from krebs/5pkgs/fortclientsslvpn/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/games-user-env/default.nix (renamed from krebs/5pkgs/games-user-env/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/get/default.nix (renamed from krebs/5pkgs/get/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/git-hooks/default.nix (renamed from krebs/5pkgs/git-hooks/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/github-hosts-sync/default.nix (renamed from krebs/5pkgs/github-hosts-sync/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/go-shortener/default.nix (renamed from krebs/5pkgs/go-shortener/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/go-shortener/packages.nix (renamed from krebs/5pkgs/go-shortener/packages.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/goify/default.nix (renamed from krebs/5pkgs/goify/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/hashPassword/default.nix (renamed from krebs/5pkgs/hashPassword/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/htgen/default.nix (renamed from krebs/5pkgs/htgen/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/irc-announce/default.nix (renamed from krebs/5pkgs/irc-announce/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/kpaste/default.nix (renamed from krebs/5pkgs/kpaste/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/krebspaste/default.nix (renamed from krebs/5pkgs/krebspaste/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/krebszones/default.nix (renamed from krebs/5pkgs/krebszones/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/logf/default.nix (renamed from krebs/5pkgs/logf/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/much/cabal.nix (renamed from krebs/5pkgs/much/cabal.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/much/default.nix (renamed from krebs/5pkgs/much/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/netcup/default.nix (renamed from krebs/5pkgs/netcup/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/newsbot-js/default.nix (renamed from krebs/5pkgs/newsbot-js/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/newsbot-js/packages.nix (renamed from krebs/5pkgs/newsbot-js/packages.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/noVNC/default.nix (renamed from krebs/5pkgs/noVNC/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/painload/default.nix (renamed from krebs/5pkgs/painload/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/passwdqc-utils/default.nix (renamed from krebs/5pkgs/passwdqc-utils/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/populate/default.nix (renamed from krebs/5pkgs/populate/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/posix-array/default.nix (renamed from krebs/5pkgs/posix-array/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/pssh/default.nix (renamed from krebs/5pkgs/pssh/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/push/default.nix (renamed from krebs/5pkgs/push/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/realwallpaper/default.nix (renamed from krebs/5pkgs/realwallpaper/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/repo-sync/default.nix (renamed from krebs/5pkgs/repo-sync/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/retiolum-bootstrap/default.nix (renamed from krebs/5pkgs/retiolum-bootstrap/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/rutorrent/default.nix (renamed from krebs/5pkgs/rutorrent/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/tarantool/default.nix (renamed from krebs/5pkgs/tarantool/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/tinc_graphs/default.nix (renamed from krebs/5pkgs/tinc_graphs/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/translate-shell/default.nix (renamed from krebs/5pkgs/translate-shell/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/treq/default.nix (renamed from krebs/5pkgs/treq/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/untilport/default.nix (renamed from krebs/5pkgs/untilport/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/urlwatch/default.nix (renamed from krebs/5pkgs/urlwatch/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/weechat/default.nix (renamed from krebs/5pkgs/weechat/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/whatsupnix/default.nix | 15 | ||||
-rw-r--r-- | krebs/5pkgs/simple/whatsupnix/whatsupnix.bash | 44 | ||||
-rw-r--r-- | krebs/5pkgs/simple/with-tmpdir/default.nix (renamed from krebs/5pkgs/with-tmpdir/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/youtube-tools/default.nix (renamed from krebs/5pkgs/youtube-tools/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/simple/zandronum-bin/default.nix (renamed from krebs/5pkgs/zandronum-bin/default.nix) | 0 | ||||
-rw-r--r-- | krebs/5pkgs/test/default.nix | 9 | ||||
-rw-r--r-- | krebs/5pkgs/writers.nix | 8 | ||||
-rw-r--r-- | krebs/default.nix | 2 | ||||
-rw-r--r-- | lass/1systems/iso.nix | 2 | ||||
-rw-r--r-- | lass/1systems/mors.nix | 13 | ||||
-rw-r--r-- | lass/1systems/prism.nix | 99 | ||||
-rw-r--r-- | lass/2configs/baseX.nix | 2 | ||||
-rw-r--r-- | lass/2configs/bepasty.nix | 2 | ||||
-rw-r--r-- | lass/2configs/coders-irc.nix | 92 | ||||
-rw-r--r-- | lass/2configs/default.nix | 9 | ||||
-rw-r--r-- | lass/2configs/dns-stuff.nix | 31 | ||||
-rw-r--r-- | lass/2configs/nixpkgs.nix | 2 | ||||
-rw-r--r-- | lass/2configs/retiolum.nix | 8 | ||||
-rw-r--r-- | lass/2configs/websites/domsen.nix | 5 | ||||
-rw-r--r-- | lass/2configs/websites/fritz.nix | 2 | ||||
-rw-r--r-- | lass/3modules/default.nix | 1 | ||||
-rw-r--r-- | lass/3modules/hosts.nix | 2 | ||||
-rw-r--r-- | lass/3modules/pyload.nix | 55 | ||||
-rw-r--r-- | lib/types.nix | 7 | ||||
-rw-r--r-- | makefu/1systems/iso.nix | 2 | ||||
-rw-r--r-- | makefu/5pkgs/default.nix | 2 | ||||
-rw-r--r-- | nin/2configs/default.nix | 2 | ||||
-rw-r--r-- | nin/2configs/nixpkgs.nix | 2 |
98 files changed, 406 insertions, 231 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index daa963bc8..227eb209b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -34,10 +34,10 @@ let ./Reaktor.nix ./realwallpaper.nix ./retiolum-bootstrap.nix - ./retiolum.nix ./rtorrent.nix ./secret.nix ./setuid.nix + ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix ./repo-sync.nix diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index b86e05319..0e1cbd876 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -3,7 +3,10 @@ with import <stockholm/lib>; { - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.lass) { + hosts = mapAttrs (_: recursiveUpdate { + owner = config.krebs.users.lass; + managed = true; + }) { dishfire = { cores = 4; nets = rec { @@ -124,6 +127,7 @@ with import <stockholm/lib>; ssh.port = 2223; }; }; + managed = false; }; cloudkrebs = { cores = 1; @@ -300,6 +304,7 @@ with import <stockholm/lib>; }; iso = { cores = 1; + managed = false; }; sokrateslaptop = { nets = { @@ -321,6 +326,7 @@ with import <stockholm/lib>; ''; }; }; + managed = false; }; }; users = { diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/tinc.nix index 0a3d7ed2f..8af15c13b 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/tinc.nix @@ -17,6 +17,27 @@ let in { enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + enableLegacy = mkEnableOption "/etc/tinc/${netname}"; + + confDir = mkOption { + type = types.package; + default = pkgs.linkFarm "${netname}-etc-tinc" + (mapAttrsToList (name: path: { inherit name path; }) { + "hosts" = tinc.config.hostsPackage; + "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' + Name = ${tinc.config.host.name} + Interface = ${netname} + ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} + PrivateKeyFile = ${tinc.config.privkey.path} + Port = ${toString tinc.config.host.nets.${netname}.tinc.port} + ${tinc.config.extraConfig} + ''; + "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' + ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ${tinc.config.tincUp} + ''; + }); + }; host = mkOption { type = types.host; @@ -175,29 +196,16 @@ let } ) config.krebs.tinc; + environment.etc = mapAttrs' (netname: cfg: + nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy { + source = cfg.confDir; + }) + ) config.krebs.tinc; + systemd.services = mapAttrs (netname: cfg: let tinc = cfg.tincPackage; iproute = cfg.iproutePackage; - - confDir = let - namePathPair = name: path: { inherit name path; }; - in pkgs.linkFarm "${netname}-etc-tinc" (mapAttrsToList namePathPair { - "hosts" = cfg.hostsPackage; - "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" '' - Name = ${cfg.host.name} - Interface = ${netname} - ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)} - PrivateKeyFile = ${cfg.privkey.path} - Port = ${toString cfg.host.nets.${cfg.netname}.tinc.port} - ${cfg.extraConfig} - ''; - "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${iproute}/sbin/ip link set ${netname} up - ${cfg.tincUp} - ''; - } - ); in { description = "Tinc daemon for ${netname}"; after = [ "network.target" ]; @@ -206,7 +214,7 @@ let path = [ tinc iproute ]; serviceConfig = rec { Restart = "always"; - ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; + ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; SyslogIdentifier = netname; }; } diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 8bb244cd3..39e89a4b6 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,64 +1,33 @@ -{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; -{ - imports = [ - ./writers.nix - ]; - nixpkgs.config.packageOverrides = oldpkgs: let - - # This callPackage will try to detect obsolete overrides. - callPackage = path: args: let - override = pkgs.callPackage path args; - upstream = optionalAttrs (override ? "name") - (oldpkgs.${(parseDrvName override.name).name} or {}); - in if upstream ? "name" && - override ? "name" && - compareVersions upstream.name override.name != -1 - then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override - else override; - - in {} - // mapAttrs (_: flip callPackage {}) - (filterAttrs (_: dir: pathExists (dir + "/default.nix")) - (subdirsOf ./.)) - // { - empty = pkgs.runCommand "empty-1.0.0" {} "mkdir $out"; - haskellPackages = oldpkgs.haskellPackages.override { - overrides = self: super: - mapAttrs (name: path: self.callPackage path {}) - (mapAttrs' - (name: type: - if hasSuffix ".nix" name - then { - name = removeSuffix ".nix" name; - value = ./haskell-overrides + "/${name}"; - } - else null) - (builtins.readDir ./haskell-overrides)); - }; +self: super: - ReaktorPlugins = callPackage ./Reaktor/plugins.nix {}; +# Import files and subdirectories like they are overlays. +foldl' mergeAttrs {} + (map + (name: import (./. + "/${name}") self super) + (filter + (name: name != "default.nix" && !hasPrefix "." name) + (attrNames (readDir ./.)))) - buildbot = callPackage ./buildbot {}; - buildbot-full = callPackage ./buildbot { - plugins = with pkgs.buildbot-plugins; [ www console-view waterfall-view ]; - }; - buildbot-worker = callPackage ./buildbot/worker.nix {}; +// - # https://github.com/proot-me/PRoot/issues/106 - proot = pkgs.writeDashBin "proot" '' - export PROOT_NO_SECCOMP=1 - exec ${oldpkgs.proot}/bin/proot "$@" - ''; - - # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d - symlinkJoin = { name, paths, ... }@args: let - x = oldpkgs.symlinkJoin args; - in if typeOf x != "lambda" then x else oldpkgs.symlinkJoin name paths; +{ + ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {}; - test = { - infest-cac-centos7 = callPackage ./test/infest-cac-centos7 {}; - }; + buildbot-full = self.callPackage ./simple/buildbot { + plugins = with self.buildbot-plugins; [ www console-view waterfall-view ]; }; + buildbot-worker = self.callPackage ./simple/buildbot/worker.nix {}; + + # https://github.com/proot-me/PRoot/issues/106 + proot = self.writeDashBin "proot" '' + export PROOT_NO_SECCOMP=1 + exec ${super.proot}/bin/proot "$@" + ''; + + # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d + symlink |