summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/apt-cacher-ng.nix157
-rw-r--r--krebs/3modules/default.nix2
-rw-r--r--krebs/3modules/shared/default.nix15
-rw-r--r--krebs/3modules/tinc_graphs.nix2
-rw-r--r--krebs/5pkgs/Reaktor/default.nix4
-rw-r--r--krebs/5pkgs/apt-cacher-ng/default.nix21
-rw-r--r--krebs/5pkgs/drivedroid-gen-repo/default.nix22
-rw-r--r--krebs/Zpubkeys/exco.ssh.pub1
8 files changed, 216 insertions, 8 deletions
diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix
new file mode 100644
index 000000000..75296bafb
--- /dev/null
+++ b/krebs/3modules/apt-cacher-ng.nix
@@ -0,0 +1,157 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+let
+ acng-config = pkgs.writeTextFile {
+ name = "acng-configuration";
+ destination = "/acng.conf";
+ text = ''
+ ForeGround: 1
+ CacheDir: ${cfg.cacheDir}
+ LogDir: ${cfg.logDir}
+ PidFile: /var/run/apt-cacher-ng.pid
+ ExTreshold: ${toString cfg.cacheExpiration}
+ CAfile: ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt
+
+ Port: ${toString cfg.port}
+ BindAddress: ${cfg.bindAddress}
+
+ # defaults:
+ Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian
+ Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu
+ Remap-debvol: file:debvol_mirror*.gz /debian-volatile ; file:backends_debvol
+ Remap-cygwin: file:cygwin_mirrors /cygwin
+ Remap-sfnet: file:sfnet_mirrors
+ Remap-alxrep: file:archlx_mirrors /archlinux
+ Remap-fedora: file:fedora_mirrors
+ Remap-epel: file:epel_mirrors
+ Remap-slrep: file:sl_mirrors # Scientific Linux
+ Remap-gentoo: file:gentoo_mirrors.gz /gentoo ; file:backends_gentoo
+
+ ReportPage: acng-report.html
+ SupportDir: ${pkgs.apt-cacher-ng}/lib/apt-cacher-ng
+ LocalDirs: acng-doc ${pkgs.apt-cacher-ng}/share/doc/apt-cacher-ng
+
+ # Nix cache
+ ${optionalString cfg.enableNixCache ''
+ Remap-nix: http://cache.nixos.org /nixos ; https://cache.nixos.org
+ PfilePatternEx: (^|.*?/).*\.nar(info)?(|\.gz|\.xz|\.bz2)$
+ VfilePatternEx: (^|.*?/)nix-cache-info$
+ ''}
+
+ ${cfg.extraConfig}
+ '';
+ };
+
+ acng-home = "/var/cache/acng";
+ cfg = config.krebs.apt-cacher-ng;
+
+ api = {
+ enable = mkEnableOption "apt-cacher-ng";
+
+ cacheDir = mkOption {
+ default = acng-home + "/cache";
+ type = types.str;
+ description = ''
+ Path to apt-cacher-ng cache directory.
+ Will be created and chowned to acng-user
+ '';
+ };
+
+ logDir = mkOption {
+ default = acng-home + "/log";
+ type = types.str;
+ description = ''
+ Path to apt-cacher-ng log directory.
+ Will be created and chowned to acng-user
+ '';
+ };
+
+ port = mkOption {
+ default = 3142;
+ type = types.int;
+ description = ''
+ port of apt-cacher-ng
+ '';
+ };
+
+ bindAddress = mkOption {
+ default = "";
+ type = types.str;
+ example = "localhost 192.168.7.254 publicNameOnMainInterface";
+ description = ''
+ listen address of apt-cacher-ng. Defaults to every interface.
+ '';
+ };
+
+ cacheExpiration = mkOption {
+ default = 4;
+ type = types.int;
+ description = ''
+ number of days before packages expire in the cache without being
+ requested.
+ '';
+ };
+
+ enableNixCache = mkOption {
+ default = true;
+ type = types.bool;
+ description = ''
+ enable cache.nixos.org caching via PfilePatternEx and VfilePatternEx.
+
+ to use the apt-cacher-ng in your nixos configuration:
+ nix.binary-cache = [ http://acng-host:port/nixos ];
+
+ These options cannot be used in extraConfig, use SVfilePattern and
+ SPfilePattern or disable this option.
+ '';
+ };
+
+ extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ description = ''
+ extra config appended to the generated acng.conf
+ '';
+ };
+ };
+
+ imp = {
+
+ users.extraUsers.acng = {
+ # uid = config.ids.uids.acng;
+ uid = 897955083; #genid Reaktor
+ description = "apt-cacher-ng";
+ home = acng-home;
+ createHome = false;
+ };
+
+ users.extraGroups.acng = {
+ gid = 897955083; #genid Reaktor
+ # gid = config.ids.gids.Reaktor;
+ };
+
+ systemd.services.apt-cacher-ng = {
+ description = "apt-cacher-ng";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ PermissionsStartOnly = true;
+ ExecStartPre = pkgs.writeScript "acng-init" ''
+ #!/bin/sh
+ mkdir -p ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
+ chown acng:acng ${shell.escape cfg.cacheDir} ${shell.escape cfg.logDir}
+ '';
+ ExecStart = "${pkgs.apt-cacher-ng}/bin/apt-cacher-ng -c ${acng-config}";
+ PrivateTmp = "true";
+ User = "acng";
+ Restart = "always";
+ RestartSec = "10";
+ };
+ };
+ };
+in
+{
+ options.krebs.apt-cacher-ng = api;
+ config = mkIf cfg.enable imp;
+}
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 0ca6c8033..6d2b090a2 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -6,6 +6,7 @@ let
out = {
imports = [
+ ./apt-cacher-ng.nix
./bepasty-server.nix
./build.nix
./current.nix
@@ -86,6 +87,7 @@ let
krebs.dns.providers = {
de.krebsco = "zones";
gg23 = "hosts";
+ shack = "hosts";
internet = "hosts";
retiolum = "hosts";
};
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix
index 13aae886b..b332676c6 100644
--- a/krebs/3modules/shared/default.nix
+++ b/krebs/3modules/shared/default.nix
@@ -33,12 +33,17 @@ let
in {
hosts = addNames {
wolf = {
- #dc = "shack";
+ dc = "shack";
nets = {
- #shack = {
- # addrs4 = [ TODO ];
- # aliases = ["wolf.shack"];
- #};
+ shack = {
+ addrs4 = [ "10.42.2.150" ];
+ aliases = [
+ "wolf.shack"
+ "graphite.shack"
+ "acng.shack"
+ "drivedroid.shack"
+ ];
+ };
retiolum = {
addrs4 = ["10.243.77.1"];
addrs6 = ["42:0:0:0:0:0:77:1"];
diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index e415d20ab..20aa385a9 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -89,9 +89,9 @@ let
};
restartIfChanged = true;
-
serviceConfig = {
Type = "simple";
+ restart = "always";
ExecStartPre = pkgs.writeScript "tinc_graphs-init" ''
#!/bin/sh
diff --git a/krebs/5pkgs/Reaktor/default.nix b/krebs/5pkgs/Reaktor/default.nix
index c38aa6423..c4a362757 100644
--- a/krebs/5pkgs/Reaktor/default.nix
+++ b/krebs/5pkgs/Reaktor/default.nix
@@ -2,14 +2,14 @@
python3Packages.buildPythonPackage rec {
name = "Reaktor-${version}";
- version = "0.5.0";
+ version = "0.5.1";
propagatedBuildInputs = with pkgs;[
python3Packages.docopt
python3Packages.requests2
];
src = fetchurl {
url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz";
- sha256 = "1npag52xmnyqv56z0anyf6xf00q0smfzsippal0xdbxrfj7s8qim";
+ sha256 = "0dn9r0cyxi1sji2pnybsrc4hhaaq7hmf235nlgkrxqlsdb7y6n6n";
};
meta = {
homepage = http://krebsco.de/;
diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix
new file mode 100644
index 000000000..f253cdba0
--- /dev/null
+++ b/krebs/5pkgs/apt-cacher-ng/default.nix
@@ -0,0 +1,21 @@
+{ stdenv, fetchurl, cmake, doxygen, zlib, openssl, bzip2, pkgconfig, libpthreadstubs }:
+
+stdenv.mkDerivation rec {
+ name = "apt-cacher-ng-${version}";
+ version = "0.8.6";
+
+ src = fetchurl {
+ url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz";
+ sha256 = "0044dfks8djl11fs28jj8894i4rq424xix3d3fkvzz2i6lnp8nr5";
+ };
+
+ NIX_LDFLAGS = "-lpthread";
+ buildInputs = [ doxygen cmake zlib openssl bzip2 pkgconfig libpthreadstubs ];
+
+ meta = {
+ description = "A caching proxy specialized for linux distribution files";
+ homepage = http://www.unix-ag.uni-kl.de/~bloch/acng/;
+ license = stdenv.lib.licenses.gpl2;
+ maintainers = [ stdenv.lib.maintainers.makefu ];
+ };
+}
diff --git a/krebs/5pkgs/drivedroid-gen-repo/default.nix b/krebs/5pkgs/drivedroid-gen-repo/default.nix
new file mode 100644
index 000000000..087f97c9a
--- /dev/null
+++ b/krebs/5pkgs/drivedroid-gen-repo/default.nix
@@ -0,0 +1,22 @@
+{stdenv,fetchurl,pkgs,python3Packages, ... }:
+
+python3Packages.buildPythonPackage rec {
+ name = "drivedroid-gen-repo-${version}";
+ version = "0.4.2";
+
+ propagatedBuildInputs = with pkgs;[
+ python3Packages.docopt
+ ];
+
+ src = fetchurl {
+ url = "https://pypi.python.org/packages/source/d/drivedroid-gen-repo/drivedroid-gen-repo-${version}.tar.gz";
+ sha256 = "1w4dqc9ndyiv5kjh2y8n4p4c280vhqyj8s7y6al2klchcp2ab7q7";
+ };
+
+ meta = {
+ homepage = http://krebsco.de/;
+ description = "Generate Drivedroid repos";
+ license = stdenv.lib.licenses.wtfpl;
+ };
+}
+
diff --git a/krebs/Zpubkeys/exco.ssh.pub b/krebs/Zpubkeys/exco.ssh.pub
new file mode 100644
index 000000000..e2afcf3fb
--- /dev/null
+++ b/krebs/Zpubkeys/exco.ssh.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== christian.stoeveken@gmail.com
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 02:02:55 +0000