5 files changed, 185 insertions, 61 deletions

diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix
new file mode 100644
index 00000000..5a3a788c
--- /dev/null
+++ b/krebs/3modules/announce-activation.nix
@@ -0,0 +1,60 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }: let
+  cfg = config.krebs.announce-activation;
+  announce-activation = pkgs.writeDash "announce-activation" ''
+    set -efu
+    message=$(${cfg.get-message})
+    exec ${pkgs.irc-announce}/bin/irc-announce \
+        ${shell.escape cfg.irc.server} \
+        ${shell.escape (toString cfg.irc.port)} \
+        ${shell.escape cfg.irc.nick} \
+        ${shell.escape cfg.irc.channel} \
+        "$message"
+  '';
+  default-get-message = pkgs.writeDash "announce-activation-get-message" ''
+    set -efu
+    PATH=${makeBinPath [
+      pkgs.coreutils
+      pkgs.gawk
+      pkgs.gnused
+      pkgs.nix
+    ]}
+    profile=/nix/var/nix/profiles/system
+    gen_info=$(nix-env -p "$profile" --list-generations | tail -1)
+    gen_no=$(echo "$gen_info" | awk '{print$1}')
+    pretty_name=$(sed -n '/^PRETTY_NAME=/{s/.*="//;s/"$//;p}' /etc/os-release)
+    echo "activating generation $gen_no $pretty_name"
+  '';
+in {
+  options.krebs.announce-activation = {
+    enable = mkEnableOption "announce-activation";
+    get-message = mkOption {
+      default = default-get-message;
+      type = types.package;
+    };
+    irc = {
+      # TODO rename channel to target?
+      channel = mkOption {
+        default = "#retiolum";
+        type = types.str; # TODO types.irc-channel
+      };
+      nick = mkOption {
+        default = config.krebs.build.host.name;
+        type = types.label;
+      };
+      port = mkOption {
+        default = 6667;
+        type = types.int;
+      };
+      server = mkOption {
+        default = "ni.r";
+        type = types.hostname;
+      };
+    };
+  };
+  config = mkIf cfg.enable {
+    system.activationScripts.announce-activation = ''
+      ${announce-activation}
+    '';
+  };
+}
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index abb3d37e..42df3f05 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -6,6 +6,7 @@ let
 
   out = {
     imports = [
+      ./announce-activation.nix
       ./apt-cacher-ng.nix
       ./backup.nix
       ./bepasty-server.nix
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 257268af..4e2d6df9 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -321,6 +321,34 @@ with import <stockholm/lib>;
         };
       };
     };
+    turingmachine = {
+      ci = false;
+      external = true;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.29.168";
+          ip6.addr = "42:4992:6a6d:600::1";
+          aliases = [
+            "turingmachine.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
+            t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
+            6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
+            ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
+            nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
+            5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
+            1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
+            gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
+            DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
+            W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
+            OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
   };
   users = {
     lass = {
@@ -357,5 +385,9 @@ with import <stockholm/lib>;
     wine-mors = {
       pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKfTIKmbe1RjX1fjAn//08363zAsI0CijWnaYyAC842";
     };
+    Mic92 = {
+      pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE";
+      mail = "joerg@higgsboson.tk";
+    };
   };
 }
diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix
index 2ff9a5eb..d372081e 100644
--- a/krebs/3modules/newsbot-js.nix
+++ b/krebs/3modules/newsbot-js.nix
@@ -6,46 +6,59 @@ let
 
   cfg = config.krebs.newsbot-js;
 
+  enable = cfg != {};
+
   out = {
     options.krebs.newsbot-js = api;
-    config = mkIf cfg.enable imp;
+    config = mkIf enable imp;
   };
 
-  api = {
-    enable = mkEnableOption "Enable krebs newsbot";
-    ircServer = mkOption {
-      type = types.str;
-      default = "echelon.retiolum";
-      description = "to which server the bot should connect";
-    };
-    channel = mkOption {
-      type = types.str;
-      default = "#news";
-      description = "post the news in this channel";
-    };
-    masterNick = mkOption {
-      type = types.str;
-      default = "knews";
-      description = "nickname of the master bot";
-    };
-    feeds = mkOption {
-      type = types.path;
-      description = ''
-        file with feeds to post
-        format:
-        $nick|$feedURI
-      '';
-    };
-    urlShortenerHost = mkOption {
-      type = types.str;
-      default = "echelon";
-      description = "what server to use for url shortening, host";
-    };
-    urlShortenerPort = mkOption {
-      type = types.str;
-      default = "80";
-      description = "what server to use for url shortening, port";
-    };
+  api = mkOption {
+    type = types.attrsOf (types.submodule ({ config, ... }: {
+      options = {
+        enable = mkEnableOption "Enable krebs newsbot" // { default = true; };
+
+        channel = mkOption {
+          type = types.str;
+          default = "#${config._module.args.name}";
+          description = "post the news in this channel";
+        };
+        feeds = mkOption {
+          type = types.path;
+          description = ''
+            file with feeds to post
+            format:
+            $nick|$feedURI
+          '';
+        };
+        ircServer = mkOption {
+          type = types.str;
+          default = "localhost";
+          description = "to which server the bot should connect";
+        };
+        masterNick = mkOption {
+          type = types.str;
+          default = config._module.args.name;
+          description = "nickname of the master bot";
+        };
+        package = mkOption {
+          type = types.package;
+          default = pkgs.newsbot-js;
+          description = "newsbot package to use";
+        };
+        urlShortenerHost = mkOption {
+          type = types.str;
+          default = "go";
+          description = "what server to use for url shortening, host";
+        };
+        urlShortenerPort = mkOption {
+          type = types.str;
+          default = "80";
+          description = "what server to use for url shortening, port";
+        };
+      };
+    }));
+    default = {};
   };
 
   imp = {
@@ -56,32 +69,33 @@ let
       home = "/var/empty";
     };
 
-    systemd.services.newsbot-js = {
-      description = "krebs newsbot";
-      after = [ "network.target" ];
-      wantedBy = [ "multi-user.target" ];
+    systemd.services = mapAttrs' (name: newsbot:
+      nameValuePair "newsbot-${name}" {
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
 
-      path = with pkgs; [
-        newsbot-js
-      ];
+        path = with pkgs; [
+          newsbot-js
+        ];
 
-      environment = {
-        irc_server = cfg.ircServer;
-        master_nick = cfg.masterNick;
-        news_channel = cfg.channel;
-        feeds_file = cfg.feeds;
-        url_shortener_host = cfg.urlShortenerHost;
-        url_shortener_port = cfg.urlShortenerPort;
-      };
+        environment = {
+          irc_server = newsbot.ircServer;
+          master_nick = newsbot.masterNick;
+          news_channel = newsbot.channel;
+          feeds_file = newsbot.feeds;
+          url_shortener_host = newsbot.urlShortenerHost;
+          url_shortener_port = newsbot.urlShortenerPort;
+        };
 
-      restartIfChanged = true;
+        restartIfChanged = true;
 
-      serviceConfig = {
-        User = "newsbot-js";
-        Restart = "always";
-        ExecStart = "${pkgs.newsbot-js}/bin/newsbot";
-      };
-    };
+        serviceConfig = {
+          User = "newsbot-js";
+          Restart = "always";
+          ExecStart = "${newsbot.package}/bin/newsbot";
+        };
+      }
+    ) cfg;
   };
 
 in out
diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix
index d8551899..472accef 100644
--- a/krebs/3modules/rtorrent.nix
+++ b/krebs/3modules/rtorrent.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, options, ... }:
 
 with import <stockholm/lib>;
 let
@@ -73,6 +73,15 @@ let
       # authentication also applies to rtorrent.rutorrent
       enable = mkEnableOption "rtorrent nginx web RPC";
 
+      addr = mkOption {
+        type = types.addr4;
+        default = "0.0.0.0";
+        description = ''
+          the address to listen on
+          default is 0.0.0.0
+        '';
+      };
+
       port = mkOption {
         type = types.nullOr types.int;
         description =''
@@ -290,7 +299,7 @@ let
     services.nginx.enable = mkDefault true;
     services.nginx.virtualHosts.rtorrent = {
       default = mkDefault true;
-      inherit (webcfg) basicAuth port;
+      inherit (webcfg) basicAuth;
       root = optionalString rucfg.enable webdir;
 
       locations = {
@@ -310,7 +319,15 @@ let
           include ${pkgs.nginx}/conf/fastcgi.conf;
         ''; }
       );
-    };
+    # workaround because upstream nginx api changed
+    # TODO remove when nobody uses 17.03 anymore
+    } // (if hasAttr "port" (head options.services.nginx.virtualHosts.type.getSubModules).submodule.options then {
+      port = webcfg.port;
+    } else {
+      listen = [
+        { inherit (webcfg) addr port; }
+      ];
+    });
   };
 
   rutorrent-imp = {