summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitmodules3
-rw-r--r--jeschli/5pkgs/simple/xmonad-jeschli/default.nix2
-rw-r--r--jeschli/source.nix1
-rw-r--r--krebs/1systems/onebutton/config.nix30
-rw-r--r--krebs/1systems/onebutton/source.nix2
-rw-r--r--krebs/2configs/buildbot-stockholm.nix1
-rw-r--r--krebs/3modules/git.nix2
-rw-r--r--krebs/3modules/krebs/default.nix3
-rw-r--r--krebs/3modules/lass/default.nix1
-rw-r--r--krebs/3modules/makefu/default.nix32
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix2
-rw-r--r--krebs/5pkgs/simple/brain/default.nix4
-rw-r--r--krebs/5pkgs/simple/cholerab/default.nix7
-rw-r--r--krebs/5pkgs/simple/ftb/default.nix4
-rw-r--r--krebs/5pkgs/simple/pass/default.nix6
-rw-r--r--krebs/5pkgs/simple/stockholm/default.nix2
-rw-r--r--krebs/5pkgs/simple/thesauron/default.nix7
-rw-r--r--krebs/5pkgs/writers.nix318
-rw-r--r--krebs/default.nix4
-rw-r--r--krebs/krops.nix2
-rw-r--r--krebs/source.nix1
-rw-r--r--lass/1systems/cabal/config.nix5
-rw-r--r--lass/1systems/mors/config.nix6
-rw-r--r--lass/1systems/prism/config.nix30
-rw-r--r--lass/2configs/baseX.nix4
-rw-r--r--lass/2configs/blue-host.nix1
-rw-r--r--lass/2configs/dcso-dev.nix7
-rw-r--r--lass/2configs/dunst.nix6
-rw-r--r--lass/2configs/git.nix4
-rw-r--r--lass/2configs/logf.nix2
-rw-r--r--lass/2configs/mc.nix2
-rw-r--r--lass/2configs/reaktor-coders.nix8
-rw-r--r--lass/2configs/repo-sync.nix2
-rw-r--r--lass/2configs/starcraft.nix53
-rw-r--r--lass/2configs/urxvt.nix8
-rw-r--r--lass/2configs/virtualbox.nix2
-rw-r--r--lass/2configs/websites/lassulus.nix16
-rw-r--r--lass/2configs/websites/util.nix2
-rw-r--r--lass/2configs/wine.nix1
-rw-r--r--lass/3modules/usershadow.nix2
-rw-r--r--lass/3modules/xjail.nix12
-rw-r--r--lass/5pkgs/custom/xmonad-lass/default.nix28
-rw-r--r--lass/5pkgs/dpass/default.nix4
-rw-r--r--lass/5pkgs/xephyrify/default.nix4
-rw-r--r--lass/source.nix1
-rw-r--r--makefu/0tests/data/secrets/nsupdate-hub.nix1
-rw-r--r--makefu/0tests/data/secrets/uhub.sql0
-rw-r--r--makefu/1systems/gum/config.nix53
-rw-r--r--makefu/1systems/gum/hardware-config.nix46
-rw-r--r--makefu/1systems/kexec/config.nix25
-rw-r--r--makefu/1systems/kexec/source.nix3
-rw-r--r--makefu/1systems/nextgum/config.nix247
-rw-r--r--makefu/1systems/nextgum/hardware-config.nix80
-rw-r--r--makefu/1systems/nextgum/source.nix5
-rw-r--r--makefu/1systems/nextgum/transfer-config.nix7
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix1
-rw-r--r--makefu/2configs/hub.nix102
-rw-r--r--makefu/source.nix5
-rw-r--r--mv/source.nix1
-rw-r--r--nin/source.nix1
-rw-r--r--shell.nix7
m---------submodules/nix-writers0
-rw-r--r--tv/2configs/vim.nix2
-rw-r--r--tv/5pkgs/simple/xmonad-tv/default.nix2
-rw-r--r--tv/source.nix1
65 files changed, 824 insertions, 409 deletions
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 000000000..c96fec739
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "submodules/nix-writers"]
+ path = submodules/nix-writers
+ url = http://cgit.krebsco.de/nix-writers
diff --git a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
index fa03fd4d4..5aa3c2f96 100644
--- a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
+++ b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix
@@ -1,5 +1,5 @@
{ pkgs, ... }:
-pkgs.writeHaskell "xmonad-jeschli" {
+pkgs.writeHaskellPackage "xmonad-jeschli" {
executables.xmonad = {
extra-depends = [
"containers"
diff --git a/jeschli/source.nix b/jeschli/source.nix
index 29cf9d818..fc1413ee4 100644
--- a/jeschli/source.nix
+++ b/jeschli/source.nix
@@ -7,6 +7,7 @@ host@{ name, secure ? false, override ? {} }: let
pkgs = import <nixpkgs> {
overlays = map import [
<stockholm/krebs/5pkgs>
+ <stockholm/submodules/nix-writers/pkgs>
];
};
in
diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix
index dca00a206..b87aef5a3 100644
--- a/krebs/1systems/onebutton/config.nix
+++ b/krebs/1systems/onebutton/config.nix
@@ -16,6 +16,36 @@
services.nixosManual.enable = false;
services.journald.extraConfig = "SystemMaxUse=50M";
}
+ {
+ systemd.services.mpc-booter = let
+ mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600";
+ url = "http://lassul.us:8000/radio.ogg";
+ say = pkgs.writeDash "say" ''
+ tmpfile=$(${pkgs.coreutils}/bin/mktemp)
+ echo "$@" > $tmpfile
+ ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/
+ rm "$tmpfile"
+ '';
+ in {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network-online.target" ];
+ serviceConfig = {
+ RemainAfterExit = "yes";
+ Type = "oneshot";
+ ExecStart = pkgs.writeDash "mpc-boot" ''
+ until ${mpc} stats;do
+ echo "waiting for mpd.shack to appear"
+ sleep 1
+ done
+ ${say} "Willkommen im Shack wertes Mitglied"
+
+ ${say} "Lassulus Super Radio wurde gestartet"
+ ${mpc} add ${url}
+ ${mpc} play
+ '';
+ };
+ };
+ }
];
krebs.build.host = config.krebs.hosts.onebutton;
# NixOS wants to enable GRUB by default
diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix
index 8f25881c9..6842bfaab 100644
--- a/krebs/1systems/onebutton/source.nix
+++ b/krebs/1systems/onebutton/source.nix
@@ -4,7 +4,7 @@ let
nixpkgs = pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs-channels";
- rev = "6c064e6b"; # only binary cache for unstable arm6
+ rev = "nixos-unstable"; # only binary cache for unstable arm6
sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd";
};
in import <stockholm/krebs/source.nix> {
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
index 04b1c999f..62a5f9ab5 100644
--- a/krebs/2configs/buildbot-stockholm.nix
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -63,6 +63,7 @@ in
grab_repo = steps.Git(
repourl=stockholm_repo,
mode='full',
+ submodules=True,
)
'';
builder = {
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index ba0924681..5ae24b40b 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -484,7 +484,7 @@ let
reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules));
- # TODO use `writeOut`
+ # TODO use pkgs.write (from nix-writers)
scriptFarm =
farm-name: scripts:
let
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index a938f8ec9..e6eb3d287 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -174,5 +174,8 @@ in {
mail = "spam@krebsco.de";
pubkey = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwuAZB3wtAvBJFYh+gWdyGaZU4mtqM2dFXmh2rORlbXeh02msu1uv07ck1VKkQ4LgvCBcBsAOeVa1NTz99eLqutwgcqMCytvRNUCibcoEWwHObsK53KhDJj+zotwlFhnPPeK9+EpOP4ngh/tprJikttos5BwBwe2K+lfiid3fmVPZcTTYa77nCwijimMvWEx6CEjq1wiXMUc4+qcEn8Swbwomz/EEQdNE2hgoC3iMW9RqduTFdIJWnjVi0KaxenX9CvQRGbVK5SSu2gwzN59D/okQOCP6+p1gL5r3QRHSLSSRiEHctVQTkpKOifrtLZGSr5zArEmLd/cOVyssHQPCX repo-sync@wolf'';
};
+ buildbotSlave = {
+ pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7cre2crQMI6O4XtIfIiGl1GUqIi060fJlOQJgG0/NH";
+ };
};
}
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index fd74983fa..e2322e171 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -66,6 +66,7 @@ with import <stockholm/lib>;
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index d7a750c6e..c5404f96d 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -520,6 +520,38 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr";
};
+ nextgum = rec {
+ ci = true;
+ cores = 8;
+ nets = rec {
+ internet = {
+ ip4.addr = "144.76.26.247";
+ ip6.addr = "2a01:4f8:191:12f6::2";
+ aliases = [
+ "nextgum.i"
+ ];
+ };
+ retiolum = {
+ via = internet;
+ ip4.addr = "10.243.0.213";
+ ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
+ aliases = [
+ "nextgum.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8
+ aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO
+ npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh
+ 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF
+ 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN
+ VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
+ };
gum = rec {
ci = true;
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index 4016b6a16..418a3c73c 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/krebs/5pkgs/simple/Reaktor/plugins.nix
@@ -120,7 +120,7 @@ rec {
url-title = (buildSimpleReaktorPlugin "url-title" {
pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$";
path = with pkgs; [ curl perl ];
- script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" ''
+ script = pkgs.writePython3 "url-title" [ "beautifulsoup4" "lxml" ] ''
import sys
import urllib.request
from bs4 import BeautifulSoup
diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix
index e69b44f0f..9b125862b 100644
--- a/krebs/5pkgs/simple/brain/default.nix
+++ b/krebs/5pkgs/simple/brain/default.nix
@@ -1,6 +1,6 @@
-{ pass, writeOut, writeDash, ... }:
+{ pass, write, writeDash, ... }:
-writeOut "brain" {
+write "brain" {
"/bin/brain".link = writeDash "brain" ''
PASSWORD_STORE_DIR=$HOME/brain \
exec ${pass}/bin/pass $@
diff --git a/krebs/5pkgs/simple/cholerab/default.nix b/krebs/5pkgs/simple/cholerab/default.nix
new file mode 100644
index 000000000..94514fe44
--- /dev/null
+++ b/krebs/5pkgs/simple/cholerab/default.nix
@@ -0,0 +1,7 @@
+{ fetchgit, callPackage }: let
+ src = fetchgit {
+ url = "https://github.com/krebs/cholerab";
+ rev = "25d7ef051d6fc74d99b155e768b3c650296a230c";
+ sha256 = "1pymw7v2ql42iq825ccx98s4fp9jsz5b2hjr1qad6bamfc6i7yy9";
+ };
+in callPackage src {}
diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix
index c2e83c9f4..ab7d6e651 100644
--- a/krebs/5pkgs/simple/ftb/default.nix
+++ b/krebs/5pkgs/simple/ftb/default.nix
@@ -1,7 +1,7 @@
{ stdenv, fetchurl
, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm
, openjdk
-, mesa, openal
+, mesa_glu, openal
, useAlsa ? false, alsaOss ? null }:
with stdenv.lib;
@@ -26,7 +26,7 @@ stdenv.mkDerivation {
#!${stdenv.shell}
export _JAVA_AWT_WM_NONREPARENTING=1
- export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]}
+ export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa_glu openal ]}
${if useAlsa then "${alsaOss}/bin/aoss" else "" } \
${jre}/bin/java -jar $out/ftb.jar
EOF
diff --git a/krebs/5pkgs/simple/pass/default.nix b/krebs/5pkgs/simple/pass/default.nix
index 3b6928087..c2fe0e1d7 100644
--- a/krebs/5pkgs/simple/pass/default.nix
+++ b/krebs/5pkgs/simple/pass/default.nix
@@ -35,12 +35,12 @@ let
);
in stdenv.mkDerivation rec {
- version = "1.7.1";
- name = "pass-${version}";
+ version = "1.7.2";
+ name = "password-store-${version}";
src = fetchurl {
url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz";
- sha256 = "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn";
+ sha256 = "1sl0d7nc85c6c2bmmmyb8rpmn47vhkj831l153mjlkawjvhwas27";
};
patches = [ ./set-correct-program-name-for-sleep.patch
diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix
index 9afe79510..c973386d6 100644
--- a/krebs/5pkgs/simple/stockholm/default.nix
+++ b/krebs/5pkgs/simple/stockholm/default.nix
@@ -225,6 +225,6 @@
in
- pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link:
+ pkgs.write "stockholm" (lib.mapAttrs' (name: link:
lib.nameValuePair "/bin/${name}" { inherit link; }
) cmds)
diff --git a/krebs/5pkgs/simple/thesauron/default.nix b/krebs/5pkgs/simple/thesauron/default.nix
deleted file mode 100644
index d543319f2..000000000
--- a/krebs/5pkgs/simple/thesauron/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ fetchgit, callPackage }: let
- src = fetchgit {
- url = "https://github.com/krebs/thesauron";
- rev = "8ac22588cf2c20465e3c9348e7ce04885599c2a5";
- "sha256"= "1ivkjl235dnm5aaqqvarnxkz7zh0gvah22b0fqwlsflrcd5wmgva";
- };
-in callPackage src {}
diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix
deleted file mode 100644
index 1939bf854..000000000
--- a/krebs/5pkgs/writers.nix
+++ /dev/null
@@ -1,318 +0,0 @@
-pkgs: oldpkgs:
-with import <stockholm/lib>;
- {
- execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let
- in pkgs.writeC name { inherit destination; } /* c */ ''
- #include <unistd.h>
-
- static char *const filename = ${toC filename};
-
- ${if argv == null
- then /* Propagate arguments */ /* c */ ''
- #define MAIN_ARGS int argc, char **argv
- ''
- else /* Provide fixed arguments */ /* c */ ''
- #define MAIN_ARGS void
- static char *const argv[] = ${toC (argv ++ [null])};
- ''}
-
- static char *const envp[] = ${toC (
- mapAttrsToList (k: v: "${k}=${v}") envp ++ [null]
- )};
-
- int main (MAIN_ARGS) {
- execve(filename, argv, envp);
- return -1;
- }
- '';
-
- execveBin = name: cfg:
- pkgs.execve name (cfg // { destination = "/bin/${name}"; });
-
- makeScriptWriter = { interpreter, check ? null }: name: text:
- assert (with types; either absolute-pathname filename).check name;
- pkgs.writeOut (baseNameOf name) {
- ${optionalString (types.absolute-pathname.check name) name} = {
- inherit check;
- executable = true;
- text = "#! ${interpreter}\n${text}";
- };
- };
-
- writeBash = name: text:
- assert (with types; either absolute-pathname filename).check name;
- pkgs.writeOut (baseNameOf name) {
- ${optionalString (types.absolute-pathname.check name) name} = {
- executable = true;
- text = "#! ${pkgs.bash}/bin/bash\n${text}";
- };
- };
-
- writeBashBin = name:
- assert types.filename.check name;
- pkgs.writeBash "/bin/${name}";
-
- writeC = name: { destination ? "" }: text: pkgs.runCommand name {
- inherit text;
- passAsFile = [ "text" ];
- } /* sh */ ''
- PATH=${makeBinPath (with pkgs; [
- # TODO remove if everyone migrated to 18.03
- (if hasAttr "binutils-unwrapped" pkgs then binutils-unwrapped else binutils)
- coreutils
- gcc
- ])}
- exe=$out${destination}
- mkdir -p "$(dirname "$exe")"
- gcc -O -Wall -o "$exe" -x c "$textPath"
- strip --strip-unneeded "$exe"
- '';
-
- writeDash = pkgs.makeScriptWriter {
- interpreter = "${pkgs.dash}/bin/dash";
- };
-
- writeDashBin = name:
- assert types.filename.check name;
- pkgs.writeDash "/bin/${name}";
-
- writeEximConfig = name: text: pkgs.runCommand name {
- inherit text;
- passAsFile = [ "text" ];
- } /* sh */ ''
- # TODO validate exim config even with config.nix.useChroot == true
- # currently doing so will fail because "user exim was not found"
- #${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null
- mv "$textPath" $out
- '';
-
- writeOut = name: specs0:
- let
- writers.link =
- { path
- , link
- }:
- assert path == "" || types.absolute-pathname.check path;
- assert types.package.check link;
- {
- install = /* sh */ ''
- ${optionalString (path != "") /* sh */ ''
- ${pkgs.coreutils}/bin/mkdir -p $out${dirOf path}
- ''}
- ${pkgs.coreutils}/bin/ln -s ${link} $out${path}
- '';
- };
-
- writers.text =
- { path
- , check ? null
- , executable ? false
- , mode ? if executable then "0755" else "0644"
- , text
- }:
- assert path == "" || types.absolute-pathname.check path;
- assert types.bool.check executable;
- assert types.file-mode.check mode;
- rec {
- var = "file_${hashString "sha1" path}";
- val = text;
- install = /* sh */ ''
- ${optionalString (check != null) /* sh */ ''
- ${check} ''$${var}Path
- ''}
- ${pkgs.coreutils}/bin/install \
- -m ${mode} \
- -D \
- ''$${var}Path $out${path}
- '';
- };
-
- write = spec: writers.${spec.type} (removeAttrs spec ["type"]);
-
- specs =
- mapAttrsToList
- (path: spec: let
- known-types = [ "link" "text" ];
- found-types = attrNames (getAttrs known-types spec);
- type = assert length found-types == 1; head found-types;
- in spec // { inherit path type; })
- specs0;
-
- files = map write specs;
-
- filevars = genAttrs' (filter (hasAttr "var") files)
- (spec: nameValuePair spec.var spec.val);
-
- env