diff options
27 files changed, 307 insertions, 84 deletions
diff --git a/jeschli/krops.nix b/jeschli/krops.nix new file mode 100644 index 000000000..e55f207d3 --- /dev/null +++ b/jeschli/krops.nix @@ -0,0 +1,40 @@ +{ name }: let + inherit (import ../krebs/krops.nix { inherit name; }) + krebs-source + lib + pkgs + ; + + source = { test }: lib.evalSource [ + krebs-source + { + nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; + secrets = if test then { + file = toString ./2configs/tests/dummy-secrets; + } else { + pass = { + dir = "${lib.getEnv "HOME"}/.password-store"; + name = "hosts/${name}"; + }; + }; + } + ]; + +in { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) + deploy = pkgs.krops.writeDeploy "${name}-deploy" { + source = source { test = false; }; + target = "root@${name}/var/src"; + }; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) + test = pkgs.krops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/tmp/${name}-stockholm-test"; + }; + + ci = pkgs.krops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/stockholm-build"; + }; +} diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 1ed38f54f..8537ce40c 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -4,6 +4,22 @@ let hostname = config.networking.hostName; + sourceRepos = [ + "http://cgit.enklave.r/stockholm" + "http://cgit.gum.r/stockholm" + "http://cgit.hotdog.r/stockholm" + "http://cgit.ni.r/stockholm" + "http://cgit.prism.r/stockholm" + ]; + + build = pkgs.writeDash "build" '' + set -eu + export USER="$1" + export SYSTEM="$2" + $(nix-build $USER/krops.nix --no-out-link --argstr name "$SYSTEM" --argstr target "$HOME/stockholm-build" -A ci) + ''; + + in { networking.firewall.allowedTCPPorts = [ 80 ]; @@ -23,17 +39,16 @@ in slaves = { testslave = "lasspass"; }; - change_source.stockholm = '' - stockholm_repo = 'http://cgit.hotdog.r/stockholm' + change_source.stockholm = concatMapStrings (repo: '' cs.append( changes.GitPoller( - stockholm_repo, - workdir='stockholm-poller', branches=True, + "${repo}", + workdir='stockholm${elemAt(splitString "." repo) 1}', branches=True, project='stockholm', pollinterval=10 ) ) - ''; + '') sourceRepos; scheduler = { auto-scheduler = '' sched.append( @@ -61,7 +76,7 @@ in builder_pre = '' # prepare grab_repo step for stockholm grab_repo = steps.Git( - repourl=stockholm_repo, + repourl=util.Property('repository', 'http://cgit.hotdog.r/stockholm'), mode='full', submodules=True, ) @@ -95,15 +110,9 @@ in env={ "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src", "NIX_REMOTE": "daemon", - "dummy_secrets": "true", }, command=[ - "nix-shell", "-I", "stockholm=.", "--run", " ".join(["test", - "--user={}".format(user), - "--system={}".format(host), - "--force-populate", - "--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user), - ]) + "${build}", user, host ], timeout=90001, workdir='build', # TODO figure out why we need this? diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 47316d5d6..74895a971 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -68,7 +68,7 @@ let fi cd ${name} git fetch origin - git push origin $(git merge-base ${concatMapStringsSep " " (branch: "origin/${branch}") repo.branchesToCheck}):refs/heads/master + git push origin $(git merge-base --octopus ${concatMapStringsSep " " (branch: "origin/${branch}") repo.branchesToCheck}):refs/heads/master ''; WorkingDirectory = /var/lib/konsens; User = "konsens"; diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index e6bafbd25..4fae6256d 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -2,7 +2,7 @@ python2Packages.buildPythonApplication rec { name = "buildbot-classic-${version}"; - version = "0.8.16"; + version = "0.8.17"; namePrefix = ""; patches = []; @@ -10,7 +10,7 @@ python2Packages.buildPythonApplication rec { owner = "krebs"; repo = "buildbot-classic"; rev = version; - sha256 = "0g686n6m0cjfyympl0ksansllx503gby3hx9gmc8hiyx6x5fkjha"; + sha256 = "0yn0n37rs2bhz9q0simnvyzz5sfrpqhbdm6pdj6qk7sab4y6xbq8"; }; postUnpack = "sourceRoot=\${sourceRoot}/master"; diff --git a/krebs/krops.nix b/krebs/krops.nix index c334bc07d..c71e60571 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -60,4 +60,9 @@ source = source { test = true; }; target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src"; }; + + ci = pkgs.krops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/stockholm-build"; + }; } diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 90e04cad1..5a9c26b9d 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -40,6 +40,9 @@ with import <stockholm/lib>; { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } #chromecast { predicate = "-p udp -m multiport --sports 32768:61000 -m multiport --dports 32768:61000"; target = "ACCEPT"; } + #quake3 + { predicate = "-p tcp --dport 27950:27965"; target = "ACCEPT"; } + { predicate = "-p udp --dport 27950:27965"; target = "ACCEPT"; } ]; } { diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 011c6022c..caa7c3065 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -38,6 +38,10 @@ let cgit.desc = "take a description of your disk layout and produce a format script"; cgit.section = "software"; }; + krebspage = { + cgit.desc = "homepage of krebs"; + cgit.section = "configuration"; + }; news = { cgit.desc = "take a rss feed and a timeout and print it to stdout"; cgit.section = "software"; diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 86877df7a..9365582b8 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -106,6 +106,12 @@ with import <stockholm/lib>; exec echo '¯\_(ツ)_/¯' ''; }) + (buildSimpleReaktorPlugin "flip" { + pattern = "^!flip$"; + script = pkgs.writeDash "shrug" '' + exec echo '(╯°□°)╯ ┻━┻' + ''; + }) ]; }; } diff --git a/lass/krops.nix b/lass/krops.nix index 776a3a55d..c5a932206 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -1,4 +1,4 @@ -{ config ? config, name }: let +{ name }: let inherit (import ../krebs/krops.nix { inherit name; }) krebs-source lib @@ -10,7 +10,7 @@ { nixos-config.symlink = "stockholm/lass/1systems/${name}/physical.nix"; secrets = if test then { - file = "/home/lass/stockholm/lass/2configs/tests/dummy-secrets"; + file = toString ./2configs/tests/dummy-secrets; } else { pass = { dir = "${lib.getEnv "HOME"}/.password-store"; @@ -30,13 +30,11 @@ in { # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) test = pkgs.krops.writeTest "${name}-test" { source = source { test = true; }; - target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src"; + target = "${lib.getEnv "HOME"}/tmp/${name}-stockholm-test"; }; - ci = map (host: - pkgs.krops.writeTest "${host.name}-test" { - source = source { test = true; }; - target = "${lib.getEnv "TMPDIR"}/lass/${host.name}"; - } - ) (lib.filter (host: lib.getAttr "ci" host && host.owner == "lass") (lib.attrValues config.krebs.hosts)); + ci = pkgs.krops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/stockholm-build"; + }; } diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 998ecd0fb..351844482 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -17,7 +17,6 @@ in { # <stockholm/makefu/2configs/disable_v6.nix> <stockholm/makefu/2configs/exim-retiolum.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> - <stockholm/makefu/2configs/urlwatch> # Security <stockholm/makefu/2configs/sshd-totp.nix> @@ -26,7 +25,6 @@ in { <stockholm/makefu/2configs/tools/core.nix> <stockholm/makefu/2configs/tools/dev.nix> <stockholm/makefu/2configs/tools/sec.nix> - <stockholm/makefu/2configs/vim.nix> <stockholm/makefu/2configs/zsh-user.nix> # services @@ -57,7 +55,7 @@ in { <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix> <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix> - <stockholm/makefu/2configs/deployment/graphs.nix> + # <stockholm/makefu/2configs/deployment/graphs.nix> <stockholm/makefu/2configs/deployment/owncloud.nix> <stockholm/makefu/2configs/deployment/boot-euer.nix> <stockholm/makefu/2configs/deployment/bgt/hidden_service.nix> @@ -196,12 +194,6 @@ in { get tmux ]; - services.bitlbee = { - enable = true; - libpurple_plugins = [ pkgs.telegram-purple ]; - }; - - # Hardware # Network networking = { diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix index 5352b029f..bec778abc 100644 --- a/makefu/1systems/latte/config.nix +++ b/makefu/1systems/latte/config.nix @@ -22,7 +22,6 @@ in { # Tools <stockholm/makefu/2configs/tools/core.nix> - <stockholm/makefu/2configs/vim.nix> <stockholm/makefu/2configs/zsh-user.nix> # Services <stockholm/makefu/2configs/remote-build/slave.nix> diff --git a/makefu/1systems/nextgum/config.nix b/makefu/1systems/nextgum/config.nix index 9761546e7..db22cf9b8 100644 --- a/makefu/1systems/nextgum/config.nix +++ b/makefu/1systems/nextgum/config.nix @@ -19,14 +19,15 @@ in { <stockholm/makefu/2configs/tools/core.nix> <stockholm/makefu/2configs/tools/dev.nix> <stockholm/makefu/2configs/tools/sec.nix> - <stockholm/makefu/2configs/vim.nix> <stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/mosh.nix> + <stockholm/makefu/2configs/gui/xpra.nix> <stockholm/makefu/2configs/git/cgit-retiolum.nix> <stockholm/makefu/2configs/backup.nix> <stockholm/makefu/2configs/exim-retiolum.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> + # services <stockholm/makefu/2configs/sabnzbd.nix> @@ -51,12 +52,13 @@ in { <stockholm/makefu/2configs/dnscrypt/server.nix> <stockholm/makefu/2configs/binary-cache/server.nix> <stockholm/makefu/2configs/iodined.nix> + <stockholm/makefu/2configs/bitlbee.nix> ## buildbot <stockholm/makefu/2configs/remote-build/slave.nix> # Removed until move: no extra mails - # <stockholm/makefu/2configs/urlwatch> + <stockholm/makefu/2configs/urlwatch> # Removed until move: avoid double-update of domain # <stockholm/makefu/2configs/hub.nix> # Removed until move: avoid letsencrypt ban @@ -166,6 +168,8 @@ in { networking.firewall.allowedTCPPorts = [ 5201 ]; } + # krebs infrastructure services + <stockholm/makefu/2configs/stats/server.nix> ]; makefu.dl-dir = "/var/download"; @@ -200,13 +204,8 @@ in { environment.systemPackages = with pkgs;[ weechat bepasty-client-cli - get tmux ]; - services.bitlbee = { - enable = true; - libpurple_plugins = [ pkgs.telegram-purple ]; - }; # Hardware diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index a85d5f5ce..109877bf1 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -10,6 +10,7 @@ let rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; primaryInterface = "enp2s0"; + firetv = "192.168.1.238"; # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 # cryptsetup luksAddKey $dev tmpkey # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 @@ -28,7 +29,8 @@ let # | * | # | * | # |_______| - cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6"; + # cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6"; + cryptDisk0 = byid "ata-ST8000DM004-2CX188_ZCT01PLV"; cryptDisk1 = byid "ata-TP02000GB_TPW151006050068"; cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG"; cryptDisk3 = byid "ata-ST8000DM004-2CX188_ZCT01SG4"; @@ -97,6 +99,71 @@ in { # Temporary: # <stockholm/makefu/2configs/temp/rst-issue.nix> + { # ncdc + environment.systemPackages = [ pkgs.ncdc ]; + networking.firewall = { + allowedUDPPorts = [ 51411 ]; + allowedTCPPorts = [ 51411 ]; + }; + } + { + systemd.services.firetv = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; + ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555"; + }; + }; + nixpkgs.config.permittedInsecurePackages = [ + "homeassistant-0.65.5" + ]; + services.home-assistant = { + config = { + homeassistant = { + name = "Home"; time_zone = "Europe/Berlin"; + latitude = "48.7687"; + longitude = "9.2478"; + }; + media_player = [ + { platform = "kodi"; + host = firetv; + } + { platform = "firetv"; + # assumes python-firetv running + } + ]; + sensor = [ + { platform = "luftdaten"; + name = "Ditzingen"; + sensorid = "663"; + monitored_conditions = [ "P1" "P2" ]; + } + # https://www.home-assistant.io/cookbook/automation_for_rainy_days/ + { platform = "darksky"; + api_key = "c73619e6ea79e553a585be06aacf3679"; + language = "de"; + monitored_conditions = [ "summary" "icon" + "nearest_storm_distance" "precip_probability" + "precip_intensity" + "temperature" # "temperature_high" "temperature_low" + "hourly_summary" + "uv_index" ]; + units = "si" ; + update_interval = { + days = 0; + hours = 0; + minutes = 10; + seconds = 0; + }; + } + ]; + frontend = { }; + http = { }; + }; + enable = true; + #configDir = "/var/lib/hass"; + }; + } ]; makefu.full-populate = true; makefu.server.primary-itf = primaryInterface; @@ -164,7 +231,7 @@ in { // cryptMount "crypt2" // cryptMount "crypt3" // { "/media/cryptX" = { - device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 ]); + device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 3 ]); fsType = "mergerfs"; noCheck = true; options = [ "defaults" "allow_other" "nofail" "nonempty" ]; diff --git a/makefu/1systems/studio/config.nix b/makefu/1systems/studio/config.nix index b9a1a5d6a..b3d9383c4 100644 --- a/makefu/1systems/studio/config.nix +++ b/makefu/1systems/studio/config.nix @@ -3,7 +3,6 @@ imports = [ <stockholm/makefu> <stockholm/makefu/2configs/vncserver.nix> - <stockholm/makefu/2configs/vim.nix> <stockholm/makefu/2configs/disable_v6.nix> <stockholm/makefu/2configs/audio/jack-on-pulse.nix> <stockholm/makefu/2configs/audio/realtime-audio.nix> diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index e5b481ab6..54a16a931 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -12,10 +12,9 @@ with import <stockholm/lib>; <stockholm/makefu/2configs/main-laptop.nix> <stockholm/makefu/2configs/extra-fonts.nix> <stockholm/makefu/2configs/tools/all.nix> - <stockholm/makefu/2configs/tools/mic92.nix> <stockholm/makefu/2configs/laptop-backup.nix> - <stockholm/makefu/2configs/dnscrypt/client.nix> + # <stockholm/makefu/2configs/dnscrypt/client.nix> <stockholm/makefu/2configs/avahi.nix> # Debugging @@ -36,6 +35,8 @@ with import <stockholm/lib>; # Krebs <stockholm/makefu/2configs/tinc/retiolum.nix> + <stockholm/makefu/2configs/share/gum-client.nix> + # applications <stockholm/makefu/2configs/exim-retiolum.nix> @@ -72,6 +73,7 @@ with import <stockholm/lib>; <stockholm/makefu/2configs/hw/irtoy.nix> <stockholm/makefu/2configs/hw/bluetooth.nix> # <stockholm/makefu/2configs/hw/rad1o.nix> + <stockholm/makefu/2configs/hw/smartcard.nix> # Filesystem <stockholm/makefu/2configs/fs/sda-crypto-root-home.nix> @@ -82,6 +84,8 @@ with import <stockholm/lib>; programs.adb.enable = true; } # temporary + <stockholm/makefu/2configs/pyload.nix> + # <stockholm/makefu/2configs/nginx/rompr.nix> # <stockholm/makefu/2configs/lanparty/lancache.nix> # <stockholm/makefu/2configs/lanparty/lancache-dns.nix> # <stockholm/makefu/2configs/lanparty/samba.nix> @@ -138,8 +142,11 @@ with import <stockholm/lib>; boot.loader.grub.configurationLimit = 3; environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ]; - nixpkgs.overlays = [ (import <python/overlay.nix>) ]; # environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; }; - + state = [ + "/home/makefu/stockholm" + "/home/makefu/backup/borgun" + "/home/makefu/.mail/" + ]; } diff --git a/makefu/2configs/bitlbee.nix b/makefu/2configs/bitlbee.nix new file mode 100644 index 000000000..17efa7113 --- /dev/null +++ b/makefu/2configs/bitlbee.nix @@ -0,0 +1,8 @@ +{pkgs, ... }: +# state: /var/lib/bitlbee +{ + services.bitlbee = { + enable = true; + libpurple_plugins = [ pkgs.telegram-purple ]; + }; +} diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 0a89d2023..6192a92a5 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -8,13 +8,16 @@ with import <stockholm/lib>; mapAttrs (_: h: { hashedPassword = h; }) (import <secrets/hashedPasswords.nix>); } - ./vim.nix + ./editor/vim.nix ./binary-cache/nixos.nix ]; boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; programs.command-not-found.enable = false; + + nix.package = pkgs.nixUnstable; + nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { enable = true; @@ -158,4 +161,10 @@ with import <stockholm/lib>; "-a task,never" ]; }; + system.activationScripts.state = optionalString (config.state != []) '' + cat << EOF + This machine is burdened with state: + ${concatMapStringsSep "\n" (d: "* ${d}") config.state} + EOF + ''; } diff --git a/makefu/2configs/deployment/events-publisher/default.nix b/makefu/2configs/deployment/events-publisher/default.nix index a09554e6a..37d74c282 100644 --- a/makefu/2configs/deployment/events-publisher/default.nix +++ b/makefu/2configs/deployment/events-publisher/default.nix @@ -2,12 +2,13 @@ with import <stockholm/lib>; let shack-announce = pkgs.callPackage (builtins.fetchTarball { - url = "https://github.com/makefu/events-publisher/archive/4cef900ba10348050208367af6b2035f5a0ef8b6.tar.gz"; - sha256 = "137vsibr289p3xxlw37xhizi309sygki95919hmj02dxgwmy1k74"; + url = "https://github.com/makefu/events-publisher/archive/c5218195e6afdc646cb7682d8f355a7ec2b90716.tar.gz"; + sha256 = "0xk74q7gah3l5zy3bkvih3k9fr1hclvf71rm3ixcmslhicl7khav"; }) {} ; home = "/var/lib/shackannounce"; user = "shackannounce"; creds = (toString <secrets>) + "/shack-announce.json"; + LOL = "DEBUG"; in { users.users.${user}= { @@ -32,14 +33,14 @@ in if test ! -e announce.state; then echo "initializing state" announce-daemon \ - --lol INFO \ + --lol ${LOL} \ --creds creds.json \ --state announce.state \ --clean --init fi echo "Running announce" announce-daemon \ - --lol INFO \ + --lol ${LOL} \ --creds creds.json \ --state announce.state ''; diff --git a/makefu/2configs/gui/xpra.nix b/makefu/2configs/gui/xpra.nix new file mode 100644 index 000000000..2384acbaa --- /dev/null +++ b/makefu/2configs/gui/xpra.nix @@ -0,0 +1,3 @@ +{ + services.xserver.displayManager.xpra.enable = true; +} diff --git a/makefu/2configs/pyload.nix b/makefu/2configs/pyload.nix new file mode 100644 index 000000000..3aa5048a4 --- /dev/null +++ b/makefu/2configs/pyload.nix @@ -0,0 +1,10 @@ +{pkgs, ... }: +{ + nixpkgs.config.unfreeRedistributable = true; + users.users.makefu.packages = with pkgs;[ + pyload + spidermonkey + tesseract + ]; + +} diff --git a/makefu/2configs/share/gum-client.nix b/makefu/2configs/share/gum-client.nix new file mode 100644 index 000000000..be9ab026b --- /dev/null +++ b/makefu/2configs/share/gum-client.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +let + automount_opts = + [ "x-systemd.automount" + "noauto" "x-systemd.idle-timeout=600" + "x-systemd.device-timeout=5s" + "x-systemd.mount-timeout=5s" + ]; + host = "nextgum"; #TODO +in { + fileSystems."/media/download" = { + device = "//${host}/download"; + fsType = "cifs"; + options = automount_opts ++ + [ "credentials=/var/src/secrets/download.smb" + "file_mode=0775" + "dir_mode=0775" + "uid=9001" + ]; + }; + +} diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix index f5942a0f7..cc59ce3cc 100644 --- a/makefu/2configs/share/gum.nix +++ b/makefu/2configs/share/gum.nix @@ -10,7 +10,7 @@ in { # description = "smb guest user"; # home = "/var/empty"; # }; - + environment.systemPackages = [ pkgs.samba ]; users.users.download.uid = genid "download"; services.samba = { enable = true; diff --git a/makefu/2configs/tools/mic92.nix b/makefu/2configs/tools/mic92.nix deleted file mode 100644 index 176e461c7..000000000 --- a/makefu/2configs/tools/mic92.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ pkgs, ... }: -{ - nixpkgs.overlays = [ - (import <mic92/nixos/overlays/mypackages>) - ]; - users.users.makefu.packages = [ - pkgs.nix-review - ]; -} diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index fa4eb827c..f06ce3d53 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -2,6 +2,7 @@ _: { imports = [ + ./state.nix ./populate.nix ./awesome-extra.nix ./deluge.nix diff --git a/makefu/3modules/state.nix b/makefu/3modules/state.nix new file mode 100644 index 000000000..461b90152 --- /dev/null +++ b/makefu/3modules/state.nix @@ -0,0 +1,9 @@ +{config, lib, pkgs, ... }: + +{ + options.state = lib.mkOption { + type = lib.types.listOf lib.types.str; + description = "state which is currently scattered on the machine"; + default = []; + }; +} diff --git a/makefu/krops.nix b/makefu/krops.nix index 5ce430ad2..9a701dcac 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -1,14 +1,14 @@ -{ config ? config, name }: let +{ config ? config, name, target ? name }: let krops = builtins.fetchGit { url = https://cgit.krebsco.de/krops/; rev = "4e466eaf05861b47365c5ef46a31a188b70f3615"; }; nixpkgs-src = lib.importJSON ./nixpkgs.json; - lib = import "${krops}/lib"; - # TODO document why pkgs should be used like this + lib = import "${krops}/lib"; pkgs = import "${krops}/pkgs" {}; - hostSource = { + + host-src = { secure = false; full = false; torrent = false; @@ -26,15 +26,17 @@ # + do_sqlite3 ruby: 55a952be5b5 # + exfat-nofuse bump: ee6a5296a35 # + uhub/sqlite: 5dd7610401747 - nixpkgs.git = { - ref = nixpkgs-src.rev; - url = nixpkgs-src.url; + nixpkgs = if test || host-src.full then { + git.ref = nixpkgs-src.rev; + git.url = nixpkgs-src.url; + } else { + file = "/home/makefu/store/${nixpkgs-src.rev}"; }; nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix"; - stockholm.file = toString <stockholm>; + stockholm.file = toString ./..; secrets = if tes |