diff options
| -rw-r--r-- | krebs/3modules/lass/default.nix | 32 | ||||
| -rw-r--r-- | krebs/3modules/lass/ssh/icarus.rsa | 1 | ||||
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 25 | ||||
| -rw-r--r-- | krebs/3modules/rtorrent.nix | 54 | ||||
| -rw-r--r-- | krebs/5pkgs/rutorrent/default.nix | 6 | ||||
| -rw-r--r-- | lass/1systems/helios.nix | 1 | ||||
| -rw-r--r-- | lass/1systems/icarus.nix | 59 | ||||
| -rw-r--r-- | lass/1systems/mors.nix | 18 | ||||
| -rw-r--r-- | lass/1systems/prism.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/buildbot-standalone.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/default.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/git.nix | 2 | ||||
| -rw-r--r-- | lass/2configs/power-action.nix | 4 | ||||
| -rw-r--r-- | lass/2configs/weechat.nix | 1 | ||||
| -rw-r--r-- | lass/2configs/zsh.nix | 1 | ||||
| -rw-r--r-- | makefu/1systems/fileleech.nix | 27 | ||||
| -rw-r--r-- | makefu/2configs/elchos/irc-token.nix | 62 | ||||
| -rw-r--r-- | makefu/2configs/torrent.nix | 7 | ||||
| -rw-r--r-- | makefu/3modules/default.nix | 1 | ||||
| -rw-r--r-- | makefu/3modules/server-config.nix | 10 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/auth.nix | 3 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/authfile | 1 |
22 files changed, 271 insertions, 48 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 5af1e37c..2d1819de 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -202,6 +202,7 @@ with import <stockholm/lib>; "mors.retiolum" "mors.r" "cgit.mors.retiolum" + "cgit.mors.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -273,6 +274,33 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC9vup68R0I+62FK+8LNtwM90V9P4ukBmU7G7d54wf4C"; }; + icarus = { + cores = 2; + nets = rec { + retiolum = { + ip4.addr = "10.243.133.114"; + ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1214"; + aliases = [ + "icarus.retiolum" + "icarus.r" + "cgit.icarus.retiolum" + "cgit.icarus.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAydCY+IWzF8DocCNzPiUM+xccbiDTWS/+r2le812+O4r+sUojXuzr + Q4CeN+pi2SZHEOiRm3jO8sOkGlv4I1WGs/nOu5Beb4/8wFH6wbm4cqXTqH/qFwCK + 7+9Bke8TUaoDj9E4ol9eyOx6u8Cto3ZRAUi6m1ilrfs1szFGS5ZX7mxI73uhki6t + k6Zb5sa9G8WLcLPIN7tk3Nd0kofd/smwxSN0mXoTgbAf1DZ3Fnkgox/M5VnwpPW7 + zLzbWNFyLIgDGbQ5vZBlJW7c4O0KrMlftvEQ80GeZXaKNt6UK7LSAQ4Njn+8sXTt + gl0Dx29bSPU3L8udj0Vu6ul7CiQ5bZzUCQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOPgQIMYiyD4/Co+nlOQWEzCKssemOEXAY/lbIZZaMhj"; + }; }; users = { @@ -294,6 +322,10 @@ with import <stockholm/lib>; pubkey = builtins.readFile ./ssh/shodan.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/shodan.pgp; }; + lass-icarus = { + mail = "lass@icarus.retiolum"; + pubkey = builtins.readFile ./ssh/icarus.rsa; + }; fritz = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540"; }; diff --git a/krebs/3modules/lass/ssh/icarus.rsa b/krebs/3modules/lass/ssh/icarus.rsa new file mode 100644 index 00000000..da99fcfd --- /dev/null +++ b/krebs/3modules/lass/ssh/icarus.rsa @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDz97C5WVGXgKZ3I7FMvL4TyUv+0rsrSOGI7jj5uQaaHx0SSR0V4tnZtv2hXYrfnkaPHwu2PYUeeUdMBHfbZS6l2dmaXRI9f2WG7182G3IUskMktpi84DMyh0kwK2pWmHoS+Kwo//q+lu4WXIRy4X5wVMVpPT1Oc7boDtqJt4rK8uZkuVmVzGi+5SFaBxspCsdZsX/uDWOeC4/U2l+2Pd4YYl8UdmgN3bJceKTwqKIcbK7AL91My0jrnRSU6XLuED0hcVKzjkjc6bcj1R+Mlch9cflsMQV8TfT6p7VGGvUOtVwhG1+CjraHfilzFn76wINClsQXF/ncKrGabTEWO3zTi12ukAzL2/B0IB0q61tror9uYqeI74WgLjwhnuF98hUL7hnqgV3KB1ytpt6yzXqf1Uz784z9dh0n9r0fLTkeTDbJ4uOz1XzpmAMRwuo0o7/Op7rRBLHohu2Tp6AV8sISKJN5hDGe0wD6861pH9ZrRBiUux6uylzfWp2qrZmERnk0brBl+oDQNhKs3Z0CZmLG4DZWMc5pxpQ5751/8bb6nEorg2ulDZ/h+G3myC+9Zbc/owb/HHOGOBMEpyYYYMvYAfchu50e4xtHd+wMqzFxzjfcM7u6dTdyDEXi6+TFXKBEZyvaAhW2J27HKj4iK6Td2GyK59myPG6OtCnIbw9BPw== lass@icarus diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index ff187b87..c85bf1cc 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -26,6 +26,31 @@ with import <stockholm/lib>; }; }; }; + fileleech = rec { + cores = 4; + ssh.privkey.path = <secrets/ssh_host_ed25519_key>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; + nets = { + retiolum = { + ip4.addr = "10.243.113.98"; + ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; + aliases = [ + "fileleech.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA2W20+jYvuFUjPQ+E+7Xlabf8fW/XSnTTelfo2uRcJ3FMLYQ9H3rF + 8L8StPmxn8Q20FFH/MvRmgW8pU9z4RQ3nAi+utVYqAJQtOYA9FPMxssC08w82r0K + YC6sgc9MeRjnCjQxQrQs4fqA6KpqSLxRf2c6kfNwYRgCxFMns2ncxOiPOoGLZait + nJR3m0cSRm8yCTMbznlGH99+5+3HgvuBE/UYXmmGBs7w8DevaX76butzprZ8fm4z + e5C7R9ofdVW70GGksfSI81y5xODWMbfjTRHKm4OBX7NOCiOTwx1wu8bYDN3EzN6V + UM5PJfU42sViPEZmVuC8cDcP1xemHTkh9QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + pnp = { cores = 1; nets = { diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index bcc52fb6..0c478ade 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -73,22 +73,23 @@ let # authentication also applies to rtorrent.rutorrent enable = mkEnableOption "rtorrent nginx web RPC"; - listenAddress = mkOption { - type = types.str; + port = mkOption { + type = types.nullOr types.int; description ='' - nginx listen address for rtorrent web + nginx listen port for rtorrent ''; - default = "localhost:8006"; + default = 8006; }; - enableAuth = mkEnableOption "rutorrent authentication"; - authfile = mkOption { - type = types.path; + basicAuth = mkOption { + type = types.attrsOf types.str ; description = '' - basic authentication file to be used. - Use `${pkgs.apacheHttpd}/bin/htpasswd -c <file> <username>` to create the file. - Only in use if authentication is enabled. + basic authentication to be used. If unset, no authentication will be + enabled. + + Refer to `services.nginx.virtualHosts.<name>.basicAuth` ''; + default = {}; }; }; @@ -104,7 +105,6 @@ let default = pkgs.rutorrent; }; - webdir = mkOption { type = types.path; description = '' @@ -286,36 +286,28 @@ let }; rpcweb-imp = { - krebs.nginx.enable = mkDefault true; - krebs.nginx.servers.rtorrent = { - listen = [ webcfg.listenAddress ]; - server-names = [ "default" ]; - extraConfig = '' - ${optionalString webcfg.enableAuth '' - auth_basic "rtorrent"; - auth_basic_user_file ${webcfg.authfile}; - ''} - ${optionalString rucfg.enable '' - root ${webdir}; - ''} - ''; - locations = [ - (nameValuePair "/RPC2" '' + services.nginx.enable = mkDefault true; + services.nginx.virtualHosts.rtorrent = { + default = mkDefault true; + inherit (webcfg) basicAuth port; + root = optionalString rucfg.enable webdir; + + locations = { + "/RPC2".extraConfig = '' include ${pkgs.nginx}/conf/scgi_params; scgi_param SCRIPT_NAME /RPC2; scgi_pass unix:${cfg.xmlrpc-socket}; - '') - ] ++ (optional rucfg.enable - (nameValuePair "~ \.php$" '' + ''; + } // (optionalAttrs rucfg.enable { + "~ \.php$".extraConfig = '' client_max_body_size 200M; - root ${webdir}; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:${fpm-socket}; try_files $uri =404; fastcgi_index index.php; include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi.conf; - '') + ''; } ); }; }; diff --git a/krebs/5pkgs/rutorrent/default.nix b/krebs/5pkgs/rutorrent/default.nix index 5a225955..1084e7ce 100644 --- a/krebs/5pkgs/rutorrent/default.nix +++ b/krebs/5pkgs/rutorrent/default.nix @@ -1,11 +1,11 @@ { pkgs, ... }: pkgs.stdenv.mkDerivation { - name = "rutorrent-src-3.7"; + name = "rutorrent-src_2016-12-09"; src = pkgs.fetchFromGitHub { owner = "Novik"; repo = "rutorrent"; - rev = "b727523a153454d4976f04b0c47336ae57cc50d5"; - sha256 = "0s5wa0jnck781amln9c2p4pc0i5mq3j5693ra151lnwhz63aii4a"; + rev = "580bba8c538b55c1f75f3ad65310ff4ff2a153f7"; + sha256 = "1d9lgrzipy58dnx88z393p152kx6lki0x4aw40k8w9awsci4cx7p"; }; phases = [ "installPhase" ]; diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 4472816e..298c9083 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -30,6 +30,7 @@ with import <stockholm/lib>; networking.wireless.enable = true; hardware.pulseaudio = { enable = true; + systemWide = true; }; users.users.ferret = { uid = genid "ferret"; diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix new file mode 100644 index 00000000..9a665464 --- /dev/null +++ b/lass/1systems/icarus.nix @@ -0,0 +1,59 @@ +{ config, pkgs, ... }: + +with import <stockholm/lib>; +{ + imports = [ + ../. + ../2configs/retiolum.nix + ../2configs/hw/tp-x220.nix + ../2configs/baseX.nix + ../2configs/git.nix + ../2configs/exim-retiolum.nix + ../2configs/browsers.nix + ../2configs/programs.nix + ../2configs/fetchWallpaper.nix + ../2configs/backups.nix + #{ + # users.extraUsers = { + # root = { + # openssh.authorizedKeys.keys = map readFile [ + # ../../krebs/Zpubkeys/uriel.ssh.pub + # ]; + # }; + # }; + #} + ]; + + krebs.build.host = config.krebs.hosts.icarus; + + boot = { + loader.grub.enable = true; + loader.grub.version = 2; + loader.grub.device = "/dev/sda"; + + initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; + initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; + #kernelModules = [ "kvm-intel" "msr" ]; + }; + fileSystems = { + "/" = { + device = "/dev/pool/nix"; + fsType = "btrfs"; + }; + + "/boot" = { + device = "/dev/sda1"; + }; + "/tmp" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = ["nosuid" "nodev" "noatime"]; + }; + }; + + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0" + SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0" + ''; +} diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 594f342d..4553cc15 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -68,11 +68,19 @@ with import <stockholm/lib>; { krebs.nginx = { enable = true; - servers.default.locations = [ - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; + servers.default = { + server-names = [ + "localhost" + "${config.krebs.build.host.name}" + "${config.krebs.build.host.name}.r" + "${config.krebs.build.host.name}.retiolum" + ]; + locations = [ + (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' + alias /home/$1/public_html$2; + '') + ]; + }; }; } { diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 269f9452..6c11a2f6 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -230,6 +230,7 @@ in { } { virtualisation.libvirtd.enable = true; + users.users.mainUser.extraGroups = [ "libvirtd" ]; } ]; diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 72cd6642..7057d0c3 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -102,7 +102,7 @@ in { ] ) - for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]: + for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 21a2ec03..900dd36b 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -32,6 +32,7 @@ with import <stockholm/lib>; createHome = true; useDefaultShell = true; extraGroups = [ + "audio" "fuse" ]; openssh.authorizedKeys.keys = [ diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 57950e1b..ded0922b 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -75,7 +75,7 @@ let with git // config.krebs.users; repo: singleton { - user = [ lass lass-uriel ]; + user = [ lass lass-shodan ]; repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix index c83dc80d..f22bf451 100644 --- a/lass/2configs/power-action.nix +++ b/lass/2configs/power-action.nix @@ -14,8 +14,8 @@ in { krebs.power-action = { enable = true; plans.low-battery = { - upperLimit = 30; - lowerLimit = 25; + upperLimit = 10; + lowerLimit = 15; charging = false; action = pkgs.writeDash "warn-low-battery" '' ${speak "power level low"} diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index ae07b9a2..1e5f2d17 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -16,6 +16,7 @@ in { openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey config.krebs.users.lass-shodan.pubkey + config.krebs.users.lass-icarus.pubkey ]; }; diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix index aa159be0..442a1d4d 100644 --- a/lass/2configs/zsh.nix +++ b/lass/2configs/zsh.nix @@ -118,4 +118,5 @@ fi ''; }; + users.users.${config.krebs.build.user.name}.shell = "/run/current-system/sw/bin/zsh"; } diff --git a/makefu/1systems/fileleech.nix b/makefu/1systems/fileleech.nix new file mode 100644 index 00000000..4d9b37ce --- /dev/null +++ b/makefu/1systems/fileleech.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: +{ + imports = [ + ../. + # configure your hw: + # ../2configs/hw/CAC.nix + # ../2configs/fs/CAC-CentOS-7-64bit.nix + ../2configs/save-diskspace.nix + ../2configs/tinc/retiolum.nix + + ]; + krebs = { + enable = true; + build.host = config.krebs.hosts.fileleech; + }; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN"; + fileSystems."/" = { + device = "/dev/disk/by-id/ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN"; + }; + + boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "aacraid" "usb_storage" "usbhid" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; +} diff --git a/makefu/2configs/elchos/irc-token.nix b/makefu/2configs/elchos/irc-token.nix new file mode 100644 index 00000000..3f3c4ffc --- /dev/null +++ b/makefu/2configs/elchos/irc-token.nix @@ -0,0 +1,62 @@ +{pkgs, ...}: +with import <stockholm/lib>; +let + secret = (import <secrets/elchos-token.nix>); +in { + systemd.services.elchos-irctoken = { + startAt = "*:0/30"; + serviceConfig = { + RuntimeMaxSec = "20"; + }; + script = '' + set -euf + now=$(date -u +%Y-%m-%dT%H:%M) + sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1) + message="The secret valid for 30 minutes is $sec" + echo "token for $now (UTC) is $sec" + LOGNAME=sec-announcer + HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --static) + IRC_SERVER=irc.freenode.net + IRC_PORT=6667 + IRC_NICK=$HOSTNAME-$$ + IRC_CHANNEL='#eloop' + + export IRC_CHANNEL # for privmsg_cat + + echo2() { echo "$*"; echo "$*" >&2; } + + privmsg_cat() { ${pkgs.gawk}/bin/awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; } + + tmpdir="$(mktemp -d irc-announce_XXXXXXXX)" + cd "$tmpdir" + mkfifo ircin + trap " + rm ircin + cd '$OLDPWD' + rmdir '$tmpdir' + trap - EXIT INT QUIT + " EXIT INT QUIT + + { + echo2 "USER $LOGNAME 0 * :$LOGNAME@$HOSTNAME" + echo2 "NICK $IRC_NICK" + + # wait for MODE message + ${pkgs.gnused}/bin/sed -un '/^:[^ ]* MODE /q' + + echo2 "JOIN $IRC_CHANNEL" + + printf '%s' "$message" \ + | privmsg_cat + + echo2 "PART $IRC_CHANNEL" + + # wait for PART confirmation + sed -un '/:'"$IRC_NICK"'![^ ]* PART /q' + + echo2 'QUIT :Gone to have lunch' + } < ircin \ + | ${pkgs.netcat}/bin/netcat "$IRC_SERVER" "$IRC_PORT" |tee -a ircin + ''; + }; +} diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix index 5b9ce617..f3bc9091 100644 --- a/makefu/2configs/torrent.nix +++ b/makefu/2configs/torrent.nix @@ -4,7 +4,7 @@ with import <stockholm/lib>; let daemon-user = "tor"; - authfile = <torrent-secrets/authfile>; + basicAuth = import <torrent-secrets/auth.nix>; peer-port = 51412; web-port = 8112; daemon-port = 58846; @@ -53,9 +53,8 @@ in { enable = true; web = { enable = true; - enableAuth = true; - listenAddress = toString web-port; - inherit authfile; + port = web-port; + inherit basicAuth; }; rutorrent.enable = true; enableXMLRPC = true; diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 855e134a..16215b27 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -8,6 +8,7 @@ _: ./forward-journal.nix ./opentracker.nix ./ps3netsrv.nix + ./server-config.nix ./snapraid.nix ./taskserver.nix ./udpt.nix diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix new file mode 100644 index 00000000..dbd29d74 --- /dev/null +++ b/makefu/3modules/server-config.nix @@ -0,0 +1,10 @@ +{config, lib, pkgs, ... }: + +with import <stockholm/lib>; +{ + options.makefu.server.primary-itf = lib.mkOption { + type = types.str; + description = "Primary interface of the server"; + }; +} + diff --git a/makefu/6tests/data/secrets/auth.nix b/makefu/6tests/data/secrets/auth.nix new file mode 100644 index 00000000..92d5c34a --- /dev/null +++ b/makefu/6tests/data/secrets/auth.nix @@ -0,0 +1,3 @@ +{ + user = "password"; +} diff --git a/makefu/6tests/data/secrets/authfile b/makefu/6tests/data/secrets/authfile deleted file mode 100644 index f5e70470..00000000 --- a/makefu/6tests/data/secrets/authfile +++ /dev/null @@ -1 +0,0 @@ -"derp" |