summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/1systems/hotdog/config.nix4
-rw-r--r--krebs/2configs/buildbot-all.nix9
-rw-r--r--krebs/2configs/buildbot-krebs.nix12
-rw-r--r--krebs/2configs/buildbot-stockholm.nix178
-rw-r--r--krebs/2configs/default.nix1
-rw-r--r--krebs/2configs/news-spam.nix2
-rw-r--r--krebs/2configs/news.nix4
-rw-r--r--krebs/2configs/reaktor-krebs.nix11
-rw-r--r--krebs/2configs/reaktor-retiolum.nix4
-rw-r--r--krebs/3modules/ci.nix192
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/lass/default.nix40
-rw-r--r--krebs/3modules/lass/pgp/blue.pgp51
-rw-r--r--krebs/3modules/lass/ssh/blue.rsa1
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix42
-rw-r--r--krebs/5pkgs/simple/buildbot-classic/default.nix2
-rw-r--r--krebs/5pkgs/simple/painload/default.nix2
-rw-r--r--krebs/5pkgs/simple/repo-sync/default.nix2
-rw-r--r--krebs/5pkgs/simple/retiolum-bootstrap/default.nix4
-rw-r--r--krebs/5pkgs/simple/thesauron/default.nix7
-rw-r--r--krebs/krops.nix (renamed from krebs/kops.nix)19
-rw-r--r--krebs/source.nix2
-rw-r--r--lass/1systems/blue/config.nix49
-rw-r--r--lass/1systems/blue/physical.nix8
-rw-r--r--lass/1systems/blue/source.nix4
-rw-r--r--lass/1systems/cabal/config.nix16
-rw-r--r--lass/1systems/cabal/physical.nix12
-rw-r--r--lass/1systems/daedalus/config.nix15
-rw-r--r--lass/1systems/daedalus/physical.nix20
-rw-r--r--lass/1systems/dishfire/config.nix34
-rw-r--r--lass/1systems/dishfire/physical.nix39
-rw-r--r--lass/1systems/helios/config.nix56
-rw-r--r--lass/1systems/helios/physical.nix64
-rw-r--r--lass/1systems/icarus/config.nix16
-rw-r--r--lass/1systems/icarus/physical.nix20
-rw-r--r--lass/1systems/littleT/config.nix15
-rw-r--r--lass/1systems/littleT/physical.nix7
-rw-r--r--lass/1systems/mors/config.nix48
-rw-r--r--lass/1systems/mors/physical.nix44
-rw-r--r--lass/1systems/prism/config.nix135
-rw-r--r--lass/1systems/prism/physical.nix85
-rw-r--r--lass/1systems/red/config.nix3
-rw-r--r--lass/1systems/red/physical.nix8
-rw-r--r--lass/1systems/shodan/config.nix42
-rw-r--r--lass/1systems/shodan/physical.nix47
-rw-r--r--lass/1systems/skynet/config.nix15
-rw-r--r--lass/1systems/skynet/physical.nix12
-rw-r--r--lass/1systems/uriel/config.nix55
-rw-r--r--lass/1systems/uriel/physical.nix59
-rw-r--r--lass/1systems/xerxes/config.nix24
-rw-r--r--lass/1systems/xerxes/physical.nix29
-rw-r--r--lass/2configs/AP.nix22
-rw-r--r--lass/2configs/IM.nix73
-rw-r--r--lass/2configs/backup.nix1
-rw-r--r--lass/2configs/baseX.nix11
-rw-r--r--lass/2configs/bitlbee.nix15
-rw-r--r--lass/2configs/blue-host.nix22
-rw-r--r--lass/2configs/blue.nix60
-rw-r--r--lass/2configs/container-networking.nix15
-rw-r--r--lass/2configs/default.nix7
-rw-r--r--lass/2configs/exim-smarthost.nix5
-rw-r--r--lass/2configs/games.nix1
-rw-r--r--lass/2configs/git.nix14
-rw-r--r--lass/2configs/libvirt.nix3
-rw-r--r--lass/2configs/monitoring/prometheus-server.nix1
-rw-r--r--lass/2configs/repo-sync.nix4
-rw-r--r--lass/2configs/steam.nix2
-rw-r--r--lass/2configs/websites/domsen.nix14
-rw-r--r--lass/2configs/websites/util.nix6
-rw-r--r--lass/3modules/nichtparasoup.nix2
-rw-r--r--lass/5pkgs/l-gen-secrets/default.nix4
-rw-r--r--lass/krops.nix (renamed from lass/kops.nix)19
-rw-r--r--lass/source.nix2
-rw-r--r--makefu/5pkgs/elchhub/default.nix4
74 files changed, 1061 insertions, 817 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 662e094d1..18b751a7e 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -9,17 +9,17 @@
<stockholm/krebs>
<stockholm/krebs/2configs>
- <stockholm/krebs/2configs/buildbot-all.nix>
+ <stockholm/krebs/2configs/buildbot-stockholm.nix>
<stockholm/krebs/2configs/gitlab-runner-shackspace.nix>
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/ircd.nix>
<stockholm/krebs/2configs/reaktor-retiolum.nix>
+ <stockholm/krebs/2configs/reaktor-krebs.nix>
];
krebs.build.host = config.krebs.hosts.hotdog;
boot.isContainer = true;
networking.useDHCP = false;
- krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm";
environment.variables.NIX_REMOTE = "daemon";
}
diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix
deleted file mode 100644
index d85cde175..000000000
--- a/krebs/2configs/buildbot-all.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-with import <stockholm/lib>;
-{ lib, config, pkgs, ... }:
-{
- networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
- krebs.ci.enable = true;
- krebs.ci.treeStableTimer = 1;
- krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts);
-}
-
diff --git a/krebs/2configs/buildbot-krebs.nix b/krebs/2configs/buildbot-krebs.nix
deleted file mode 100644
index a09b3b98b..000000000
--- a/krebs/2configs/buildbot-krebs.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-with import <stockholm/lib>;
-{ lib, config, pkgs, ... }:
-{
- imports = [
- <stockholm/krebs/2configs/repo-sync.nix>
- ];
-
- networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
- krebs.ci.enable = true;
- krebs.ci.treeStableTimer = 120;
- krebs.ci.hosts = [ config.krebs.build.host ];
-}
diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix
new file mode 100644
index 000000000..04b1c999f
--- /dev/null
+++ b/krebs/2configs/buildbot-stockholm.nix
@@ -0,0 +1,178 @@
+{ config, pkgs, ... }: with import <stockholm/lib>;
+
+let
+
+ hostname = config.networking.hostName;
+
+in
+{
+ networking.firewall.allowedTCPPorts = [ 80 ];
+ services.nginx = {
+ enable = true;
+ virtualHosts.build = {
+ serverAliases = [ "build.${hostname}.r" ];
+ locations."/".extraConfig = ''
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_pass http://127.0.0.1:${toString config.krebs.buildbot.master.web.port};
+ '';
+ };
+ };
+
+ krebs.buildbot.master = {
+ slaves = {
+ testslave = "lasspass";
+ };
+ change_source.stockholm = ''
+ stockholm_repo = 'http://cgit.prism.r/stockholm'
+ cs.append(
+ changes.GitPoller(
+ stockholm_repo,
+ workdir='stockholm-poller', branches=True,
+ project='stockholm',
+ pollinterval=10
+ )
+ )
+ '';
+ scheduler = {
+ auto-scheduler = ''
+ sched.append(
+ schedulers.SingleBranchScheduler(
+ change_filter=util.ChangeFilter(branch_re=".*"),
+ treeStableTimer=60,
+ name="build-all-branches",
+ builderNames=[
+ "hosts",
+ ]
+ )
+ )
+ '';
+ force-scheduler = ''
+ sched.append(
+ schedulers.ForceScheduler(
+ name="hosts",
+ builderNames=[
+ "hosts",
+ ]
+ )
+ )
+ '';
+ };
+ builder_pre = ''
+ # prepare grab_repo step for stockholm
+ grab_repo = steps.Git(
+ repourl=stockholm_repo,
+ mode='full',
+ )
+ '';
+ builder = {
+ hosts = ''
+ from buildbot import interfaces
+ from buildbot.steps.shell import ShellCommand
+
+ class StepToStartMoreSteps(ShellCommand):
+ def __init__(self, **kwargs):
+ ShellCommand.__init__(self, **kwargs)
+
+ def addBuildSteps(self, steps_factories):
+ for sf in steps_factories:
+ step = interfaces.IBuildStepFactory(sf).buildStep()
+ step.setBuild(self.build)
+ step.setBuildSlave(self.build.slavebuilder.slave)
+ step_status = self.build.build_status.addStepWithName(step.name)
+ step.setStepStatus(step_status)
+ self.build.steps.append(step)
+
+ def start(self):
+ props = self.build.getProperties()
+ hosts = json.loads(props.getProperty('hosts_json'))
+ for host in hosts:
+ user = hosts[host]['owner']
+
+ self.addBuildSteps([steps.ShellCommand(
+ name=str(host),
+ env={
+ "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src",
+ "NIX_REMOTE": "daemon",
+ "dummy_secrets": "true",
+ },
+ command=[
+ "nix-shell", "-I", "stockholm=.", "--run", " ".join(["test",
+ "--user={}".format(user),
+ "--system={}".format(host),
+ "--force-populate",
+ "--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user),
+ ])
+ ],
+ timeout=90001,
+ workdir='build', # TODO figure out why we need this?
+ )])
+
+ ShellCommand.start(self)
+
+
+ f = util.BuildFactory()
+ f.addStep(grab_repo)
+
+ f.addStep(steps.SetPropertyFromCommand(
+ env={
+ "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src",
+ "NIX_REMOTE": "daemon",
+ },
+ name="get_hosts",
+ command=["nix-instantiate", "--json", "--strict", "--eval", "-E", """
+ with import <nixpkgs> {};
+ let
+ eval-config = cfg:
+ import <nixpkgs/nixos/lib/eval-config.nix> {
+ modules = [
+ (import cfg)
+ ];
+ }
+ ;
+
+ system = eval-config ./krebs/1systems/hotdog/config.nix; # TODO put a better config here
+
+ ci-systems = lib.filterAttrs (_: v: v.ci) system.config.krebs.hosts;
+
+ filtered-attrs = lib.mapAttrs ( n: v: {
+ owner = v.owner.name;
+ }) ci-systems;
+
+ in filtered-attrs
+ """],
+ property="hosts_json"
+ ))
+ f.addStep(StepToStartMoreSteps(command=["echo"])) # TODO remove dummy command from here
+
+ bu.append(
+ util.BuilderConfig(
+ name="hosts",
+ slavenames=slavenames,
+ factory=f
+ )
+ )
+ '';
+ };
+ enable = true;
+ web.enable = true;
+ irc = {
+ enable = true;
+ nick = "build|${hostname}";
+ server = "irc.r";
+ channels = [ "noise" "xxx" ];
+ allowForce = true;
+ };
+ extraConfig = ''
+ c['buildbotURL'] = "http://build.${hostname}.r/"
+ '';
+ };
+
+ krebs.buildbot.slave = {
+ enable = true;
+ masterhost = "localhost";
+ username = "testslave";
+ password = "lasspass";
+ packages = with pkgs; [ gnumake jq nix populate ];
+ };
+}
diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix
index 90aaa254a..7b970923d 100644
--- a/krebs/2configs/default.nix
+++ b/krebs/2configs/default.nix
@@ -50,6 +50,7 @@ with import <stockholm/lib>;
users.extraUsers.root.openssh.authorizedKeys.keys = [
# TODO
config.krebs.users.lass.pubkey
+ config.krebs.users.lass-mors.pubkey
config.krebs.users.makefu.pubkey
# TODO HARDER:
config.krebs.users.makefu-omo.pubkey
diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix
index 69c503bf9..a3f39b40e 100644
--- a/krebs/2configs/news-spam.nix
+++ b/krebs/2configs/news-spam.nix
@@ -94,7 +94,7 @@
[SPAM]npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews
[SPAM]nsa|https://www.nsa.gov/rss.xml|#snews #bullerei
[SPAM]nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews
- [SPAM]painload|https://github.com/krebscode/painload/commits/master.atom|#snews
+ [SPAM]painload|https://github.com/krebs/painload/commits/master.atom|#snews
[SPAM]phys|http://phys.org/rss-feed/|#snews
[SPAM]piraten|https://www.piratenpartei.de/feed/|#snews
[SPAM]polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews
diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix
index 49a5e3459..6c59f4d84 100644
--- a/krebs/2configs/news.nix
+++ b/krebs/2configs/news.nix
@@ -8,7 +8,7 @@
ethereum|http://blog.ethereum.org/feed|#news
LtU|http://lambda-the-ultimate.org/rss.xml|#news
mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#news
- painload|https://github.com/krebscode/painload/commits/master.atom|#news
+ painload|https://github.com/krebs/painload/commits/master.atom|#news
reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news
reddit_nix|http://www.reddit.com/r/nixos/.rss|#news
shackspace|http://shackspace.de/atom.xml|#news
@@ -16,7 +16,7 @@
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
weechat|http://dev.weechat.org/feed/atom|#news
xkcd|https://xkcd.com/rss.xml|#news
- painload|https://github.com/krebscode/painload/commits/master.atom|#news
+ painload|https://github.com/krebs/painload/commits/master.atom|#news
'';
};
}
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index 6b17b457d..fa51b84f0 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -13,13 +13,8 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
- wiki-todo-add
- wiki-todo-done
- wiki-todo-show
- ];
+ ] ++
+ (attrValues (todo "agenda"))
+ ;
};
- services.nginx.virtualHosts."lassul.us".locations."/wiki-todo".extraConfig = ''
- default_type "text/plain";
- alias /var/lib/Reaktor/state/wiki-todo;
- '';
}
diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix
index 144b7d484..b32d39b7e 100644
--- a/krebs/2configs/reaktor-retiolum.nix
+++ b/krebs/2configs/reaktor-retiolum.nix
@@ -10,6 +10,8 @@ with import <stockholm/lib>;
};
plugins = with pkgs.ReaktorPlugins; [
sed-plugin
- ];
+ ] ++
+ (attrValues (todo "agenda"))
+ ;
};
}
diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix
deleted file mode 100644
index e97aa16eb..000000000
--- a/krebs/3modules/ci.nix
+++ /dev/null
@@ -1,192 +0,0 @@
-{ config, pkgs, ... }:
-with import <stockholm/lib>;
-let
- cfg = config.krebs.ci;
-
- hostname = config.networking.hostName;
-in
-{
- options.krebs.ci = {
- enable = mkEnableOption "krebs continous integration";
- stockholmSrc = mkOption {
- type = types.str;
- default = "http://cgit.${hostname}.r/stockholm";
- };
- treeStableTimer = mkOption {
- type = types.int;
- default = 10;
- description = "how long to wait until we test changes (in minutes)";
- };
- hosts = mkOption {
- type = types.listOf types.host;
- default = [];
- description = ''
- List of hosts that should be build
- '';
- };
- tests = mkOption {
- type = types.listOf types.str;
- default = [];
- description = ''
- List of tests that should be build
- '';
- };
- };
-
- config = mkIf cfg.enable {
- services.nginx = {
- enable = true;
- virtualHosts.build = {
- serverAliases = [ "build.${hostname}.r" ];
- locations."/".extraConfig = ''
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_pass http://127.0.0.1:${toString config.krebs.buildbot.master.web.port};
- '';
- };
- };
-
- krebs.buildbot.master = {
- slaves = {
- testslave = "lasspass";
- };
- change_source.stockholm = ''
- stockholm_repo = '${cfg.stockholmSrc}'
- cs.append(
- changes.GitPoller(
- stockholm_repo,
- workdir='stockholm-poller', branches=True,
- project='stockholm',
- pollinterval=10
- )
- )
- '';
- scheduler = {
- build-scheduler = ''
- sched.append(
- schedulers.SingleBranchScheduler(
- change_filter=util.ChangeFilter(branch_re=".*"),
- treeStableTimer=${toString cfg.treeStableTimer}*60,
- name="build-all-branches",
- builderNames=[
- ${optionalS