diff options
| -rw-r--r-- | krebs/3modules/shared/default.nix | 1 | ||||
| -rw-r--r-- | krebs/5pkgs/irc-announce/default.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/x.nix | 5 | ||||
| -rw-r--r-- | makefu/2configs/dnscrypt.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/fetchWallpaper.nix | 2 | ||||
| -rw-r--r-- | makefu/2configs/logging/central-stats-server.nix | 7 | ||||
| -rw-r--r-- | shared/1systems/wolf.nix | 1 | ||||
| -rw-r--r-- | shared/2configs/central-stats-client.nix | 68 | ||||
| -rw-r--r-- | shared/2configs/shared-buildbot.nix | 14 | ||||
| -rw-r--r-- | tv/2configs/default.nix | 2 | ||||
| -rw-r--r-- | tv/2configs/git.nix | 5 |
11 files changed, 99 insertions, 9 deletions
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix index 5e4935e3a..17179a39f 100644 --- a/krebs/3modules/shared/default.nix +++ b/krebs/3modules/shared/default.nix @@ -47,6 +47,7 @@ in { ip6.addr = "42:0:0:0:0:0:77:1"; aliases = [ "wolf.r" + "build.wolf.r" "cgit.wolf.r" ]; tinc.pubkey = '' diff --git a/krebs/5pkgs/irc-announce/default.nix b/krebs/5pkgs/irc-announce/default.nix index e1f4919d5..6eb725b71 100644 --- a/krebs/5pkgs/irc-announce/default.nix +++ b/krebs/5pkgs/irc-announce/default.nix @@ -24,7 +24,7 @@ pkgs.writeDashBin "irc-announce" '' # echo2 and cat2 are used output to both, stdout and stderr # This is used to see what we send to the irc server. (debug output) echo2() { echo "$*"; echo "$*" >&2; } - cat2() { tee /dev/stderr; } + cat2() { awk '{print;print > "/dev/stderr"}'; } # privmsg_cat transforms stdin to a privmsg privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; } diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index 51c9543ef..866aac3bd 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -72,11 +72,6 @@ with import <stockholm/lib>; makefu.umts.apn = "web.vodafone.de"; nixpkgs.config.allowUnfree = true; - krebs.nginx = { - default404 = false; - servers.default.listen = [ "80 default_server" ]; - servers.default.server-names = [ "_" ]; - }; boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; environment.systemPackages = [ pkgs.passwdqc-utils ]; diff --git a/makefu/2configs/dnscrypt.nix b/makefu/2configs/dnscrypt.nix index d810456f3..6e7ef0f82 100644 --- a/makefu/2configs/dnscrypt.nix +++ b/makefu/2configs/dnscrypt.nix @@ -1,5 +1,6 @@ { services.dnscrypt-proxy.enable = true; + services.dnscrypt-proxy.resolverName = "cs-de"; networking.extraResolvconfConf = '' name_servers='127.0.0.1' ''; diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix index fb74919c4..16a7a13b2 100644 --- a/makefu/2configs/fetchWallpaper.nix +++ b/makefu/2configs/fetchWallpaper.nix @@ -8,7 +8,7 @@ timerConfig = { OnCalendar = "*:0/30"; }; - url = "http://echelon/wallpaper.png"; + url = "http://prism.r/realwallpaper-sat-krebs.png"; }; } diff --git a/makefu/2configs/logging/central-stats-server.nix b/makefu/2configs/logging/central-stats-server.nix index 30ad63879..4f7961f32 100644 --- a/makefu/2configs/logging/central-stats-server.nix +++ b/makefu/2configs/logging/central-stats-server.nix @@ -71,5 +71,12 @@ in { iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT + + ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT + ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT + ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT + ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ''; } diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 0b4448022..75307be12 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -14,6 +14,7 @@ in ../2configs/shack-nix-cacher.nix ../2configs/shared-buildbot.nix ../2configs/share-shack.nix + ../2configs/central-stats-client.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) diff --git a/shared/2configs/central-stats-client.nix b/shared/2configs/central-stats-client.nix new file mode 100644 index 000000000..0412eba9a --- /dev/null +++ b/shared/2configs/central-stats-client.nix @@ -0,0 +1,68 @@ +{pkgs, config, ...}: +{ + services.collectd = { + enable = true; + autoLoadPlugin = true; + extraConfig = '' + Hostname ${config.krebs.build.host.name} + LoadPlugin load + LoadPlugin disk + LoadPlugin memory + LoadPlugin df + Interval 30.0 + + LoadPlugin interface + <Plugin "interface"> + Interface "*Link" + Interface "lo" + Interface "vboxnet*" + Interface "virbr*" + IgnoreSelected true + </Plugin> + + LoadPlugin df + <Plugin "df"> + MountPoint "/nix/store" + # MountPoint "/run*" + # MountPoint "/sys*" + # MountPoint "/dev" + # MountPoint "/dev/shm" + # MountPoint "/tmp" + FSType "tmpfs" + FSType "binfmt_misc" + FSType "debugfs" + FSType "mqueue" + FSType "hugetlbfs" + FSType "systemd-1" + FSType "cgroup" + FSType "securityfs" + FSType "ramfs" + FSType "proc" + FSType "devpts" + FSType "devtmpfs" + MountPoint "/var/lib/docker/devicemapper" + IgnoreSelected true + </Plugin> + + LoadPlugin cpu + <Plugin cpu> + ReportByCpu true + ReportByState true + ValuesPercentage true + </Plugin> + + LoadPlugin network + <Plugin "network"> + Server "stats.makefu.r" "25826" + </Plugin> + + LoadPlugin curl + <Plugin curl> + <Page "smarthome"> + URL "http://smarthome.shack/"; + MeasureResponseTime true + </Page> + </Plugin> + ''; + }; +} diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix index cf08882a9..1d6883afe 100644 --- a/shared/2configs/shared-buildbot.nix +++ b/shared/2configs/shared-buildbot.nix @@ -9,11 +9,20 @@ { # due to the fact that we actually build stuff on the box via the daemon, # /nix/store should be cleaned up automatically as well + services.nginx.virtualHosts.build = { + serverAliases = [ "build.wolf.r" ]; + locations."/".extraConfig = '' + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port}; + ''; + }; + nix.gc.automatic = true; nix.gc.dates = "05:23"; networking.firewall.allowedTCPPorts = [ 8010 9989 ]; krebs.buildbot.master = let - stockholm-mirror-url = http://cgit.wolf/stockholm-mirror ; + stockholm-mirror-url = http://cgit.wolf.r/stockholm-mirror ; in { secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ]; workers = { @@ -151,6 +160,9 @@ channels = [ { channel = "retiolum"; } ]; allowForce = true; }; + extraConfig = '' + c['buildbotURL'] = "http://build.wolf.r/" + ''; }; krebs.buildbot.worker = { diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index ede73f4e5..fd8bafe05 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import <stockholm/lib>; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "b647a67dfee066b75d2f54b789f7646016662071"; # nixos-17.03 + ref = "67c6638b089a5766435e07057ff73b35c82440cc"; # nixos-17.03 }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index 1f7b6b00b..d45321cd8 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -33,6 +33,9 @@ let { cgit.desc = "dict.leo.org command line interface"; }; get = {}; + htgen = { + cgit.desc = "toy HTTP server"; + }; irc = { cgit.desc = "toy IRC client"; }; @@ -48,6 +51,7 @@ let { populate = { cgit.desc = "source code installer"; }; + q = {}; regfish = {}; soundcloud = { cgit.desc = "SoundCloud command line interface"; @@ -71,6 +75,7 @@ let { cgserver = {}; crude-mail-setup = {}; dot-xmonad = {}; + hirc = {}; make-snapshot = {}; nixos-infest = {}; painload = {}; |