summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zhosts/flap1
-rw-r--r--Zhosts/gum1
-rw-r--r--krebs/3modules/default.nix3
-rw-r--r--krebs/4lib/types.nix3
-rw-r--r--krebs/5pkgs/default.nix1
-rw-r--r--krebs/5pkgs/youtube-tools.nix21
-rw-r--r--lass/1systems/cloudkrebs.nix2
-rw-r--r--lass/1systems/mors.nix7
-rw-r--r--lass/2configs/base.nix5
-rw-r--r--lass/2configs/bitlbee.nix15
-rw-r--r--lass/2configs/retiolum.nix2
-rw-r--r--lass/3modules/bitlbee.nix153
-rw-r--r--lass/5pkgs/bitlbee-dev.nix20
-rw-r--r--lass/5pkgs/bitlbee-steam.nix31
-rw-r--r--lass/5pkgs/bitlbee.nix71
-rw-r--r--lass/5pkgs/default.nix13
-rw-r--r--tv/1systems/cd.nix4
-rw-r--r--tv/1systems/nomic.nix4
-rw-r--r--tv/1systems/wu.nix4
-rw-r--r--tv/2configs/git.nix12
-rw-r--r--tv/2configs/urlwatch.nix2
21 files changed, 357 insertions, 18 deletions
diff --git a/Zhosts/flap b/Zhosts/flap
index ea6aace53..94e6bdc75 100644
--- a/Zhosts/flap
+++ b/Zhosts/flap
@@ -1,4 +1,5 @@
Subnet = 10.243.211.172
+Subnet = 10.243.211.172 53
Subnet = 42:472a:3d01:bbe4:4425:567e:592b:065d
-----BEGIN RSA PUBLIC KEY-----
diff --git a/Zhosts/gum b/Zhosts/gum
index 9749f975a..f1eaa4eab 100644
--- a/Zhosts/gum
+++ b/Zhosts/gum
@@ -1,4 +1,5 @@
Address= 195.154.108.70
+Address= 195.154.108.70 53
Subnet = 10.243.0.211
Subnet = 42:f9f0:0000:0000:0000:0000:0000:70d2
Aliases = paste
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index f143e64b8..3d34ddf12 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -272,6 +272,7 @@ let
'';
};
};
+ secure = true;
};
mors = {
cores = 2;
@@ -307,7 +308,7 @@ let
};
uriel = {
pubkey = readFile ../../Zpubkeys/uriel.ssh.pub;
- mail = "uriel@mors.retiolum";
+ mail = "lass@uriel.retiolum";
};
};
};
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index f767d20fe..4e123e723 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -47,7 +47,8 @@ types // rec {
};
addrs = mkOption {
type = listOf addr;
- apply = _: config.addrs4 ++ config.addrs6;
+ default = config.addrs4 ++ config.addrs6;
+ # TODO only default addrs make sense
};
addrs4 = mkOption {
type = listOf addr4;
diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index 89872f1eb..062f0a515 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -13,4 +13,5 @@ pkgs //
github-known_hosts = callPackage ./github-known_hosts.nix {};
hashPassword = callPackage ./hashPassword.nix {};
posix-array = callPackage ./posix-array.nix {};
+ youtube-tools = callPackage ./youtube-tools.nix {};
}
diff --git a/krebs/5pkgs/youtube-tools.nix b/krebs/5pkgs/youtube-tools.nix
new file mode 100644
index 000000000..d767728be
--- /dev/null
+++ b/krebs/5pkgs/youtube-tools.nix
@@ -0,0 +1,21 @@
+{ stdenv, fetchgit, ... }:
+
+stdenv.mkDerivation {
+ name = "youtube-tools";
+
+ src = fetchgit {
+ url = https://github.com/Lassulus/the_playlist;
+ rev = "9218b163f2d8bc965b853ed9fc9e13d15a703456";
+ sha256 = "ae5db4be652d015a518e57e4ed2de34b9127e77d9272af3049832bb134e96e4d";
+ };
+
+ phases = [
+ "unpackPhase"
+ "installPhase"
+ ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+ cp bin/* $out/bin/
+ '';
+}
diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix
index 515810e44..6e814e643 100644
--- a/lass/1systems/cloudkrebs.nix
+++ b/lass/1systems/cloudkrebs.nix
@@ -30,7 +30,7 @@
deps = {
nixpkgs = {
url = https://github.com/Lassulus/nixpkgs;
- rev = "1879a011925c561f0a7fd4043da0768bbff41d0b";
+ rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90";
};
secrets = {
url = "/home/lass/secrets/${config.krebs.build.host.name}";
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index e7f8d5276..19d7030d6 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -15,12 +15,13 @@
../2configs/wine.nix
../2configs/texlive.nix
../2configs/binary-caches.nix
- ../2configs/ircd.nix
+ #../2configs/ircd.nix
../2configs/chromium-patched.nix
../2configs/new-repos.nix
#../../2configs/tv/synaptics.nix
../2configs/retiolum.nix
../2configs/wordpress.nix
+ ../2configs/bitlbee.nix
];
krebs.build = {
@@ -30,7 +31,7 @@
deps = {
nixpkgs = {
url = https://github.com/Lassulus/nixpkgs;
- rev = "961fd7b7a0f88dde7dac2f7a4c05ee4e1a25381d";
+ rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90";
};
secrets = {
url = "/home/lass/secrets/${config.krebs.build.host.name}";
@@ -128,7 +129,7 @@
#VM writeback timeout
echo '1500' > '/proc/sys/vm/dirty_writeback_centisecs'
#Autosuspend for USB device Broadcom Bluetooth Device [Broadcom Corp]
- echo 'auto' > '/sys/bus/usb/devices/1-1.4/power/control'
+ #echo 'auto' > '/sys/bus/usb/devices/1-1.4/power/control'
#Autosuspend for USB device Biometric Coprocessor
echo 'auto' > '/sys/bus/usb/devices/1-1.3/power/control'
diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix
index 095c7660c..256c29ab1 100644
--- a/lass/2configs/base.nix
+++ b/lass/2configs/base.nix
@@ -39,12 +39,16 @@ with lib;
krebs = {
enable = true;
search-domain = "retiolum";
+ exim-retiolum.enable = true;
};
nix.useChroot = true;
users.mutableUsers = false;
+ #why is this on in the first place?
+ services.ntp.enable = false;
+
boot.tmpOnTmpfs = true;
# see tmpfiles.d(5)
systemd.tmpfiles.rules = [
@@ -134,6 +138,7 @@ with lib;
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
+ { predicate = "-i retiolum"; target = "REJECT"; precedence = -10000; }
];
};
};
diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix
new file mode 100644
index 000000000..3a0080402
--- /dev/null
+++ b/lass/2configs/bitlbee.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+
+let
+ lpkgs = import ../5pkgs { inherit pkgs; };
+in {
+
+ imports = [
+ ../3modules/bitlbee.nix
+ ];
+
+ config.lass.bitlbee = {
+ enable = true;
+ bitlbeePkg = lpkgs.bitlbee;
+ };
+}
diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix
index 2d583a88a..7c7f2b4d4 100644
--- a/lass/2configs/retiolum.nix
+++ b/lass/2configs/retiolum.nix
@@ -22,6 +22,8 @@
"fastpoke"
"cloudkrebs"
"pigstarter"
+ "gum"
+ "flap"
];
};
}
diff --git a/lass/3modules/bitlbee.nix b/lass/3modules/bitlbee.nix
new file mode 100644
index 000000000..8ce560146
--- /dev/null
+++ b/lass/3modules/bitlbee.nix
@@ -0,0 +1,153 @@
+{ config, lib, pkgs, ... }:
+
+
+let
+
+ inherit (lib)
+ mkIf
+ mkOption
+ types
+ singleton
+ ;
+
+ authModeCheck = v:
+ v == "Open" ||
+ v == "Closed" ||
+ v == "Registered"
+ ;
+
+ bitlbeeConfig = pkgs.writeText "bitlbee.conf" ''
+ [settings]
+ RunMode = Daemon
+ User = bitlbee
+ ConfigDir = ${cfg.configDir}
+ DaemonInterface = ${cfg.interface}
+ DaemonPort = ${toString cfg.portNumber}
+ AuthMode = ${cfg.authMode}
+ ${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
+ ${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
+ ${cfg.extraSettings}
+
+ [defaults]
+ ${cfg.extraDefaults}
+ '';
+
+ cfg = config.lass.bitlbee;
+
+ out = {
+ options.lass.bitlbee = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkOption {
+ default = false;
+ description = ''
+ Whether to run the BitlBee IRC to other chat network gateway.
+ Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat
+ networks via an IRC client.
+ '';
+ };
+
+ interface = mkOption {
+ default = "127.0.0.1";
+ description = ''
+ The interface the BitlBee deamon will be listening to. If `127.0.0.1',
+ only clients on the local host can connect to it; if `0.0.0.0', clients
+ can access it from any network interface.
+ '';
+ };
+
+ portNumber = mkOption {
+ default = 6667;
+ description = ''
+ Number of the port BitlBee will be listening to.
+ '';
+ };
+
+ authMode = mkOption {
+ default = "Open";
+ type = types.addCheck types.str authModeCheck;
+ description = ''
+ The following authentication modes are available:
+ Open -- Accept connections from anyone, use NickServ for user authentication.
+ Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all.
+ Registered -- Only allow registered users to use this server; this disables the register- and the account command until the user identifies himself.
+ '';
+ };
+
+ hostName = mkOption {
+ default = "";
+ type = types.str;
+ description = ''
+ Normally, BitlBee gets a hostname using getsockname(). If you have a nicer
+ alias for your BitlBee daemon, you can set it here and BitlBee will identify
+ itself with that name instead.
+ '';
+ };
+
+ configDir = mkOption {
+ default = "/var/lib/bitlbee";
+ type = types.path;
+ description = ''
+ Specify an alternative directory to store all the per-user configuration
+ files.
+ '';
+ };
+
+ protocols = mkOption {
+ default = "";
+ type = types.str;
+ description = ''
+ This option allows to remove the support of protocol, even if compiled
+ in. If nothing is given, there are no restrictions.
+ '';
+ };
+
+ extraSettings = mkOption {
+ default = "";
+ description = ''
+ Will be inserted in the Settings section of the config file.
+ '';
+ };
+
+ extraDefaults = mkOption {
+ default = "";
+ description = ''
+ Will be inserted in the Default section of the config file.
+ '';
+ };
+
+ bitlbeePkg = mkOption {
+ default = pkgs.bitlbee;
+ description = ''
+ the bitlbee pkg to use.
+ '';
+ };
+ };
+
+ imp = {
+ users.extraUsers = singleton {
+ name = "bitlbee";
+ uid = config.ids.uids.bitlbee;
+ description = "BitlBee user";
+ home = "/var/lib/bitlbee";
+ createHome = true;
+ };
+
+ users.extraGroups = singleton {
+ name = "bitlbee";
+ gid = config.ids.gids.bitlbee;
+ };
+
+ systemd.services.bitlbee = {
+ description = "BitlBee IRC to other chat networks gateway";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig.User = "bitlbee";
+ serviceConfig.ExecStart = "${cfg.bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}";
+ };
+ };
+
+in
+out
diff --git a/lass/5pkgs/bitlbee-dev.nix b/lass/5pkgs/bitlbee-dev.nix
new file mode 100644
index 000000000..dd129591e
--- /dev/null
+++ b/lass/5pkgs/bitlbee-dev.nix
@@ -0,0 +1,20 @@
+{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python }:
+
+stdenv.mkDerivation rec {
+ name = "bitlbee-3.4.1";
+
+ src = fetchurl {
+ url = "mirror://bitlbee/src/${name}.tar.gz";
+ sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh";
+ };
+
+ buildInputs = [ gnutls glib pkgconfig libotr python ];
+
+ buildPhase = "";
+
+ installPhase = ''
+ make install-dev
+ '';
+
+}
+
diff --git a/lass/5pkgs/bitlbee-steam.nix b/lass/5pkgs/bitlbee-steam.nix
new file mode 100644
index 000000000..d869eaac5
--- /dev/null
+++ b/lass/5pkgs/bitlbee-steam.nix
@@ -0,0 +1,31 @@
+{ stdenv, fetchgit, autoconf, automake, bitlbee-dev, glib, libgcrypt, libtool, pkgconfig }:
+
+stdenv.mkDerivation rec {
+ name = "bitlbee-steam-1.3.1";
+
+ src = fetchgit {
+ url = "https://github.com/jgeboski/bitlbee-steam";
+ rev = "439d777c7e8d06712ffc15c3e51d61799f4c0d0c";
+ sha256 = "493924da1083a3b23073c595a9e1989a7ae09a196524ad66ca99c4d8ccc20d2a";
+ };
+
+ buildInputs = [
+ autoconf
+ automake
+ bitlbee-dev
+ glib
+ libgcrypt
+ libtool
+ pkgconfig
+ ];
+
+ configurePhase = ''
+ ./autogen.sh
+ '';
+
+ installPhase = ''
+ mkdir -p $out
+ cp steam/.libs/steam.la $out/
+ cp steam/.libs/steam.so $out/
+ '';
+}
diff --git a/lass/5pkgs/bitlbee.nix b/lass/5pkgs/bitlbee.nix
new file mode 100644
index 000000000..2a5a8d86d
--- /dev/null
+++ b/lass/5pkgs/bitlbee.nix
@@ -0,0 +1,71 @@
+{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
+ , bitlbee-facebook ? null
+ , bitlbee-steam ? null
+}:
+
+with stdenv.lib;
+stdenv.mkDerivation rec {
+ name = "bitlbee-3.4.1";
+
+ src = fetchurl {
+ url = "mirror://bitlbee/src/${name}.tar.gz";
+ sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh";
+ };
+
+
+ buildInputs = [ gnutls glib pkgconfig libotr python ]
+ ++ optional doCheck check;
+
+ configureFlags = [
+ "--gcov=1"
+ "--otr=1"
+ "--ssl=gnutls"
+ ];
+
+ postBuild = ''
+ ${if (bitlbee-steam != null) then
+ ''
+ mkdir -p $out/lib/bitlbee/
+ find ${bitlbee-steam}
+ cp ${bitlbee-steam}/* $out/lib/bitlbee/
+ ''
+ else
+ ""
+ }
+ '';
+ #${concatMapStringsSep "\n" ([] ++
+ # (if (bitlbee-facebook != null) then
+ # "cp ${bitlbee-faceook}/* $out/"
+ # else
+ # ""
+ # ) ++
+ # (if (bitlbee-steam != null) then
+ # "cp ${bitlbee-steam}/* $out/"
+ # else
+ # ""
+ # )
+ #)}
+
+ doCheck = true;
+
+ meta = {
+ description = "IRC instant messaging gateway";
+
+ longDescription = ''
+ BitlBee brings IM (instant messaging) to IRC clients. It's a
+ great solution for people who have an IRC client running all the
+ time and don't want to run an additional MSN/AIM/whatever
+ client.
+
+ BitlBee currently supports the following IM networks/protocols:
+ XMPP/Jabber (including Google Talk), MSN Messenger, Yahoo!
+ Messenger, AIM and ICQ.
+ '';
+
+ homepage = http://www.bitlbee.org/;
+ license = licenses.gpl2Plus;
+
+ maintainers = with maintainers; [ wkennington pSub ];
+ platforms = platforms.gnu; # arbitrary choice
+ };
+}
diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix
new file mode 100644
index 000000000..c776262ff
--- /dev/null
+++ b/lass/5pkgs/default.nix
@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+let
+ inherit (pkgs) callPackage;
+ kpkgs = import ../../krebs/5pkgs { inherit pkgs; };
+in
+
+kpkgs //
+rec {
+ bitlbee-dev = callPackage ./bitlbee-dev.nix {};
+ bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; };
+ bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; };
+}
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix
index 659b95065..9f412d9b8 100644
--- a/tv/1systems/cd.nix
+++ b/tv/1systems/cd.nix
@@ -14,8 +14,8 @@ in
krebs.build.deps = {
nixpkgs = {
- url = https://github.com/NixOS/nixpkgs;
- rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
+ url = https://github.com/4z3/nixpkgs;
+ rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692
};
secrets = {
url = "/home/tv/secrets/${config.krebs.build.host.name}";
diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix
index 6418cdc5e..028e53539 100644
--- a/tv/1systems/nomic.nix
+++ b/tv/1systems/nomic.nix
@@ -10,8 +10,8 @@ with lib;
krebs.build.deps = {
nixpkgs = {
- url = https://github.com/NixOS/nixpkgs;
- rev = "9d5508d85c33b8fb22d79dde6176792eac2c2696";
+ url = https://github.com/4z3/nixpkgs;
+ rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692
};
secrets = {
url = "/home/tv/secrets/${config.krebs.build.host.name}";
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix
index 20dbca12f..2233b48d1 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu.nix
@@ -14,8 +14,8 @@ in
krebs.build.deps = {
nixpkgs = {
- url = https://github.com/NixOS/nixpkgs;
- rev = "9d5508d85c33b8fb22d79dde6176792eac2c2696";
+ url = https://github.com/4z3/nixpkgs;
+ rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692
};
secrets = {
url = "/home/tv/secrets/${config.krebs.build.host.name}";
diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix
index 8d662494c..264cb4a1c 100644
--- a/tv/2configs/git.nix
+++ b/tv/2configs/git.nix
@@ -8,14 +8,14 @@ let
enable = true;
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
- inherit repos rules;
+ repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
+ rules = rules;
};
};
- repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) (
+ repos =
public-repos //
- optionalAttrs config.krebs.build.host.secure restricted-repos
- );
+ optionalAttrs config.krebs.build.host.secure restricted-repos;
rules = concatMap make-rules (attrValues repos);
@@ -66,8 +66,8 @@ let
};
};
- make-restricted-repo = name: { desc ? null, ... }: {
- inherit name desc;
+ make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: {
+ inherit name collaborators desc;
public = false;
};
diff --git a/tv/2configs/urlwatch.nix b/tv/2configs/urlwatch.nix
index a69b1519c..26e56e09c 100644
--- a/tv/2configs/urlwatch.nix
+++ b/tv/2configs/urlwatch.nix
@@ -11,6 +11,8 @@
# 2014-07-29 when one of the following urls change
# then we have to update the package
+ http://www.exim.org/
+
# ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
https://api.github.com/repos/simple-evcorr/sec/tags