diff options
| -rw-r--r-- | krebs/1systems/puyak/config.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/Reaktor.nix | 16 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/buildbot-classic-slave/default.nix | 9 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/buildbot-classic/default.nix | 27 | ||||
| -rw-r--r-- | makefu/1systems/darth/config.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/filepimp/config.nix | 8 | ||||
| -rw-r--r-- | makefu/1systems/pnp/config.nix | 1 | ||||
| -rw-r--r-- | makefu/1systems/tsp/config.nix | 3 | ||||
| -rw-r--r-- | makefu/2configs/deployment/owncloud.nix | 12 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/grafana_security.nix | 5 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/kibana-auth.nix | 4 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/nsupdate-search.nix | 3 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/ssh.id_ed25519 | 0 |
13 files changed, 56 insertions, 35 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index 8454ba23f..a1df11901 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -12,6 +12,7 @@ ]; krebs.build.host = config.krebs.hosts.puyak; + sound.enable = false; boot = { loader.systemd-boot.enable = true; diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index a70f1ef5d..99a7a55ef 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -4,8 +4,7 @@ with import <stockholm/lib>; let cfg = config.krebs.Reaktor; - - workdir = "/var/lib/Reaktor"; + homedir = "/var/lib/Reaktor"; out = { options.krebs.Reaktor = api; @@ -38,6 +37,14 @@ let default = [pkgs.ReaktorPlugins.nixos-version]; }; + workdir = mkOption { + default = "/var/lib/Reaktor"; + type = types.path; + description = '' + path to be used as workdir (home dir is still /var/lib/Reaktor) + ''; + }; + extraConfig = mkOption { default = ""; type = types.string; @@ -84,7 +91,7 @@ let name = "Reaktor"; uid = genid name; description = "Reaktor user"; - home = workdir; + home = homedir; createHome = true; }; @@ -118,7 +125,7 @@ let REAKTOR_NICKNAME = botcfg.nickname; REAKTOR_DEBUG = (if botcfg.debug then "True" else "False"); REAKTOR_CHANNELS = lib.concatStringsSep "," botcfg.channels; - state_dir = workdir; + state_dir = botcfg.workdir; } // botcfg.extraEnviron; serviceConfig= { @@ -129,6 +136,7 @@ let else ''(${pkgs.Reaktor}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/reaktor-${name}-config.py'' } + mkdir -p ${botcfg.workdir} ''; ExecStart = "${pkgs.Reaktor}/bin/reaktor run /tmp/reaktor-${name}-config.py"; PrivateTmp = "true"; diff --git a/krebs/5pkgs/simple/buildbot-classic-slave/default.nix b/krebs/5pkgs/simple/buildbot-classic-slave/default.nix index c316889e4..bbc824a6a 100644 --- a/krebs/5pkgs/simple/buildbot-classic-slave/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic-slave/default.nix @@ -1,16 +1,15 @@ -{ coreutils, fetchgit, fetchFromGitHub, buildbot-classic, python2Packages, ... }: +{ coreutils, fetchgit, git, buildbot-classic, python2Packages, ... }: python2Packages.buildPythonApplication { - name = "buildbot-classic-slave-0.8.12"; + name = "buildbot-classic-slave-0.8.13"; namePrefix = ""; src = buildbot-classic.src; postUnpack = "sourceRoot=\${sourceRoot}/slave"; - patchPhase = '' - substituteInPlace buildslave/scripts/logwatcher.py --replace /usr/bin/tail ${coreutils}/bin/tail - ''; + patchPhase = ":"; + nativeBuildInputs = [ git ]; propagatedBuildInputs = [ python2Packages.twisted ]; doCheck = false; diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index a3d924c4a..353972109 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -1,4 +1,4 @@ -{ fetchgit, fetchFromGitHub, python2Packages, ... }: +{ fetchgit, fetchFromGitHub, python2Packages, git, ... }: let # https://github.com/NixOS/nixpkgs/issues/14026 nixpkgs-fix = import (fetchgit { @@ -8,18 +8,19 @@ let }) {}; in nixpkgs-fix.buildPythonApplication { - name = "buildbot-classic-0.8.12"; + name = "buildbot-classic-0.8.13"; namePrefix = ""; patches = []; - src = fetchFromGitHub { - owner = "krebscode"; - repo = "buildbot-classic"; - rev = "5b4f5f6f1"; - sha256 = "1j3xn1gjzvsf90jvfmyln71fzlhjx642ivrqf47zfxpkacljja93"; + src = fetchgit { + url = "https://github.com/krebscode/buildbot-classic"; + rev = "211ec7815"; + sha256 = "0cyn406r31qdqhpsih7w83x47b443svpgfhxqd6w3iryv0y1z95i"; + leaveDotGit = true; + }; postUnpack = "sourceRoot=\${sourceRoot}/master"; - + buildInputs = [ git ]; patchPhase = # The code insists on /usr/bin/tail, /usr/bin/make, etc. '' echo "patching erroneous absolute path references..." @@ -32,11 +33,11 @@ in nixpkgs-fix.buildPythonApplication { sed -i 's/==/>=/' setup.py ''; - propagatedBuildInputs = [ - python2Packages.jinja2 - python2Packages.twisted - nixpkgs-fix.pythonPackages.dateutil_1_5 - nixpkgs-fix.pythonPackages.sqlalchemy_migrate_0_7 + propagatedBuildInputs = with nixpkgs-fix.pythonPackages; [ + jinja2 + twisted + dateutil_1_5 + sqlalchemy_migrate_0_7 ]; doCheck = false; postInstall = '' diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix index c8d17ca70..e0f90b8dd 100644 --- a/makefu/1systems/darth/config.nix +++ b/makefu/1systems/darth/config.nix @@ -18,7 +18,7 @@ in { <stockholm/makefu/2configs/virtualization.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> - <stockholm/makefu/2configs/temp-share-samba.nix> + <stockholm/makefu/2configs/share/temp-share-samba.nix> ]; services.samba.shares = { isos = { diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix index 65e81af66..e9058ec85 100644 --- a/makefu/1systems/filepimp/config.nix +++ b/makefu/1systems/filepimp/config.nix @@ -44,7 +44,7 @@ in { kernelModules = [ "kvm-amd" ]; extraModulePackages = [ ]; }; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; hardware.cpu.amd.updateMicrocode = true; zramSwap.enable = true; @@ -73,9 +73,9 @@ in { xfsmount = name: dev: { "/media/${name}" = { device = dev; fsType = "xfs"; }; }; in - # (xfsmount "j0" (part1 jDisk0)) <stockholm/makefu> - (xfsmount "j1" (part1 jDisk1)) <stockholm/makefu> - (xfsmount "j2" (part1 jDisk2)) <stockholm/makefu> + # (xfsmount "j0" (part1 jDisk0)) // + (xfsmount "j1" (part1 jDisk1)) // + (xfsmount "j2" (part1 jDisk2)) // (xfsmount "par0" (part1 jDisk3)) ; diff --git a/makefu/1systems/pnp/config.nix b/makefu/1systems/pnp/config.nix index cc6326f19..de920cc3f 100644 --- a/makefu/1systems/pnp/config.nix +++ b/makefu/1systems/pnp/config.nix @@ -8,7 +8,6 @@ [ <stockholm/makefu> <stockholm/makefu/2configs/headless.nix> - ../../krebs/3modules/Reaktor.nix # these will be overwritten by qemu-vm.nix but will be used if the system # is directly deployed diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 7169638d4..75a11d3a7 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -10,7 +10,8 @@ <stockholm/makefu/2configs/gui/base.nix> <stockholm/makefu/2configs/fs/sda-crypto-root.nix> # hardware specifics are in here - <stockholm/makefu/2configs/hw/tp-x200.nix #< imports tp-x2x0.nix> + # imports tp-x2x0.nix + <stockholm/makefu/2configs/hw/tp-x200.nix> <stockholm/makefu/2configs/disable_v6.nix> <stockholm/makefu/2configs/rad1o.nix> diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index c6fb9c8e5..65ac5c184 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -140,10 +140,10 @@ in { enable = false; databases = [ "nextcloud" ]; }; - - krebs.secret.files.mysql_rootPassword = { - path = "${config.services.mysql.dataDir}/mysql_rootPassword"; - owner.name = "root"; - source-path = toString <secrets> + "/mysql_rootPassword"; - }; + # dataDir is only defined after mysql is enabled + # krebs.secret.files.mysql_rootPassword = { + # path = "${config.services.mysql.dataDir}/mysql_rootPassword"; + # owner.name = "root"; + # source-path = toString <secrets> + "/mysql_rootPassword"; + # }; } diff --git a/makefu/6tests/data/secrets/grafana_security.nix b/makefu/6tests/data/secrets/grafana_security.nix new file mode 100644 index 000000000..f9096b7cf --- /dev/null +++ b/makefu/6tests/data/secrets/grafana_security.nix @@ -0,0 +1,5 @@ +{ + adminUser = "dick"; + adminPassword = "butt"; +} + diff --git a/makefu/6tests/data/secrets/kibana-auth.nix b/makefu/6tests/data/secrets/kibana-auth.nix new file mode 100644 index 000000000..80e8f44c1 --- /dev/null +++ b/makefu/6tests/data/secrets/kibana-auth.nix @@ -0,0 +1,4 @@ +{ + "dick" = "butt"; +} + diff --git a/makefu/6tests/data/secrets/nsupdate-search.nix b/makefu/6tests/data/secrets/nsupdate-search.nix new file mode 100644 index 000000000..a9646aeb7 --- /dev/null +++ b/makefu/6tests/data/secrets/nsupdate-search.nix @@ -0,0 +1,3 @@ +{ + "dick.nsupdate.info" = "butt"; +} diff --git a/makefu/6tests/data/secrets/ssh.id_ed25519 b/makefu/6tests/data/secrets/ssh.id_ed25519 new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/makefu/6tests/data/secrets/ssh.id_ed25519 |