summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/go.nix10
-rw-r--r--krebs/3modules/iptables.nix4
-rw-r--r--krebs/3modules/reaktor2.nix4
3 files changed, 9 insertions, 9 deletions
diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix
index 0c3f42f1c..f52394dbc 100644
--- a/krebs/3modules/go.nix
+++ b/krebs/3modules/go.nix
@@ -21,6 +21,7 @@ let
imp = {
services.redis.servers.go.enable = true;
+ users.users.htgen-go.extraGroups = [ "redis-go" ];
krebs.htgen.go = {
port = cfg.port;
@@ -29,7 +30,7 @@ let
case "$Method $Request_URI" in
"GET /"*)
- if item=$(${pkgs.redis}/bin/redis-cli --raw get "''${Request_URI#/}"); then
+ if item=$(${pkgs.redis}/bin/redis-cli -s /run/redis-go/redis.sock --raw get "''${Request_URI#/}"); then
printf 'HTTP/1.1 302 Found\r\n'
printf 'Content-Type: text/plain\r\n'
printf 'Connection: closed\r\n'
@@ -54,11 +55,10 @@ let
)
sha256=$(echo "$uri" | sha256sum -b | cut -d\ -f1)
- base32=$(${pkgs.nixStable}/bin/nix-hash --to-base32 --type sha256 "$sha256")
- base32short=$(echo "$base32" | cut -c48-52)
- ${pkgs.redis}/bin/redis-cli set "$base32short" "$uri" >/dev/null
+ short=$(echo "$sha256" | cut -c1-8)
+ ${pkgs.redis}/bin/redis-cli -s /run/redis-go/redis.sock set "$short" "$uri" >/dev/null
- ref="http://$req_host/$base32short"
+ ref="http://$req_host/$short"
printf 'HTTP/1.1 200 OK\r\n'
printf 'Content-Type: text/plain; charset=UTF-8\r\n'
diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index 32a5273a5..16f1f3c84 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -108,12 +108,12 @@ let
})
({
krebs.iptables.tables.filter.INPUT.rules = map
- (portRange: { predicate = "-p tcp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; })
+ (portRange: { predicate = "-p tcp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; })
config.networking.firewall.allowedTCPPortRanges;
})
({
krebs.iptables.tables.filter.INPUT.rules = map
- (portRange: { predicate = "-p udp --dport ${toString port.from}:${toString port.to}"; target = "ACCEPT"; })
+ (portRange: { predicate = "-p udp --dport ${toString portRange.from}:${toString portRange.to}"; target = "ACCEPT"; })
config.networking.firewall.allowedUDPPortRanges;
})
({
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index 978e0c9c0..aa6254786 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -18,7 +18,7 @@ with import ../../lib/pure.nix { inherit lib; }; {
};
port = mkOption {
default = "6667";
- # TODO type = types.service-name
+ type = types.str;
};
plugins = mkOption {
default = [];
@@ -70,7 +70,7 @@ with import ../../lib/pure.nix { inherit lib; }; {
DynamicUser = true;
StateDirectory = cfg.username;
ExecStart = let
- configFile = pkgs.writeJSON configFileName configValue;
+ configFile = pkgs.writers.writeJSON configFileName configValue;
configFileName = "${cfg.systemd-service-name}.config.json";
configValue = stripAttr (
recursiveUpdate {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 22:51:23 +0000