summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/hotdog/config.nix3
-rw-r--r--krebs/1systems/puyak/config.nix3
-rw-r--r--krebs/1systems/test-all-krebs-modules/config.nix1
-rw-r--r--krebs/2configs/reaktor2.nix12
-rw-r--r--krebs/2configs/repo-sync.nix1
-rwxr-xr-xkrebs/2configs/shack/doorstatus.sh74
-rw-r--r--krebs/2configs/shack/glados/default.nix6
-rw-r--r--krebs/2configs/shack/light.shack.nix6
-rw-r--r--krebs/2configs/shack/muell_mail.nix5
-rw-r--r--krebs/2configs/shack/muellshack.nix5
-rw-r--r--krebs/2configs/shack/node-light.nix5
-rw-r--r--krebs/2configs/shack/powerraw.nix6
-rw-r--r--krebs/2configs/shack/reaktor.nix30
-rw-r--r--krebs/2configs/shack/s3-power.nix5
-rw-r--r--krebs/2configs/shack/shackDNS.nix7
-rw-r--r--krebs/2configs/shack/worlddomination.nix5
-rw-r--r--krebs/3modules/Reaktor.nix155
-rw-r--r--krebs/3modules/announce-activation.nix5
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/external/default.nix66
-rw-r--r--krebs/3modules/hidden-ssh.nix33
-rw-r--r--krebs/3modules/lass/default.nix57
-rw-r--r--krebs/3modules/makefu/default.nix1
-rw-r--r--krebs/3modules/realwallpaper.nix1
-rw-r--r--krebs/5pkgs/default.nix2
-rw-r--r--krebs/5pkgs/haskell/brockman/default.nix4
-rw-r--r--krebs/5pkgs/simple/Reaktor/default.nix24
-rw-r--r--krebs/5pkgs/simple/Reaktor/plugins.nix182
-rwxr-xr-xkrebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh25
-rwxr-xr-xkrebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh18
-rw-r--r--krebs/5pkgs/simple/cyberlocker-tools/default.nix10
-rw-r--r--krebs/5pkgs/simple/git-hooks/default.nix3
-rw-r--r--krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker5
-rw-r--r--krebs/5pkgs/simple/irc-announce/default.nix9
-rw-r--r--krebs/5pkgs/simple/reaktor2-plugins.nix4
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
37 files changed, 312 insertions, 483 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index a100e414d..9f1ac9134 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -10,6 +10,9 @@
<stockholm/krebs/2configs/ircd.nix>
<stockholm/krebs/2configs/reaktor2.nix>
<stockholm/krebs/2configs/wiki.nix>
+
+ ## shackie irc bot
+ <stockholm/krebs/2configs/shack/reaktor.nix>
];
krebs.build.host = config.krebs.hosts.hotdog;
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 2f122f6ff..5ed946aca 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -109,7 +109,7 @@
<stockholm/krebs/2configs/shack/prometheus/node.nix>
<stockholm/krebs/2configs/shack/prometheus/server.nix>
<stockholm/krebs/2configs/shack/prometheus/blackbox.nix>
- <stockholm/krebs/2configs/shack/prometheus/unifi.nix>
+ #<stockholm/krebs/2configs/shack/prometheus/unifi.nix>
<stockholm/krebs/2configs/shack/prometheus/alertmanager-telegram.nix>
## Collect local statistics via collectd and send to collectd
@@ -124,7 +124,6 @@
loader.efi.canTouchEfiVariables = true;
initrd.luks.devices.luksroot.device = "/dev/sda3";
- initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
kernelModules = [ "kvm-intel" ];
diff --git a/krebs/1systems/test-all-krebs-modules/config.nix b/krebs/1systems/test-all-krebs-modules/config.nix
index 2e1b5c1ad..8495a3ded 100644
--- a/krebs/1systems/test-all-krebs-modules/config.nix
+++ b/krebs/1systems/test-all-krebs-modules/config.nix
@@ -10,7 +10,6 @@ in {
enable = true;
build.user = config.krebs.users.krebs;
build.host = config.krebs.hosts.test-all-krebs-modules;
- Reaktor.test = {};
apt-cacher-ng.enable = true;
backup.enable = true;
bepasty.enable = true;
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index 4a33c33ec..cbf3e7889 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -47,7 +47,7 @@ let
activate = "always";
command = {
filename =
- "${pkgs.Reaktor.src}/reaktor/commands/tell-on_join";
+ <stockholm/krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh>;
env = {
PATH = makeBinPath [
pkgs.coreutils # XXX env, touch
@@ -95,10 +95,10 @@ let
}
hooks.sed
(generators.command_hook {
- inherit (commands) hello random-emoji nixos-version;
+ inherit (commands) random-emoji nixos-version;
tell = {
filename =
- "${pkgs.Reaktor.src}/reaktor/commands/tell-on_privmsg";
+ <stockholm/krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh>;
env = {
PATH = makeBinPath [
pkgs.coreutils # XXX date, env
@@ -223,9 +223,13 @@ in {
spanDate.title = new Date(entryDate).toString();
spanDate.appendChild(document.createTextNode(entryDate));
+ const link = document.createElement("a");
+ link.href = "http://wiki.r/agenda/" + encodeURIComponent(agendaItem.description.replaceAll("/", "\u29F8"));
+ link.appendChild(document.createTextNode(agendaItem.description));
+
const dd = document.createElement("dd");
dd.className = "description";
- dd.appendChild(document.createTextNode(agendaItem.description));
+ dd.appendChild(link);
dd.appendChild(document.createTextNode(" "));
dd.appendChild(spanDate);
diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix
index 392e6bed3..e2be477fd 100644
--- a/krebs/2configs/repo-sync.nix
+++ b/krebs/2configs/repo-sync.nix
@@ -183,7 +183,6 @@ in {
(sync-remote { name = "skytraq-datalogger"; url = "https://github.com/makefu/skytraq-datalogger"; })
(sync-remote { name = "realwallpaper"; url = "https://github.com/lassulus/realwallpaper"; })
(sync-remote { name = "painload"; url = "https://github.com/krebs/painload"; })
- (sync-remote { name = "Reaktor"; url = "https://github.com/krebs/Reaktor"; })
(sync-remote { name = "nixos-wiki"; url = "https://github.com/Mic92/nixos-wiki.wiki.git"; })
];
}
diff --git a/krebs/2configs/shack/doorstatus.sh b/krebs/2configs/shack/doorstatus.sh
new file mode 100755
index 000000000..11e710cfd
--- /dev/null
+++ b/krebs/2configs/shack/doorstatus.sh
@@ -0,0 +1,74 @@
+#!/bin/sh
+# needs in path:
+# curl jq
+# creates and manages $PWD/state
+set -euf
+
+send_reaktor(){
+ # usage: send_reaktor "text"
+ echo "send_reaktor: $1"
+ curl -fsS http://localhost:7777 \
+ -H content-type:application/json \
+ -d "$(jq -n \
+ --arg text "$1" '{
+ command:"PRIVMSG",
+ params:["#shackspace",$text]
+ }'
+ )"
+}
+
+open=$(shuf -n1 <<EOF
+happy hacking, shack ist offen
+Heureka, der shack ist offen
+Die Türe ist offen, der shack will bespielt werden
+Frohlocket, der shack ist offen
+shack is love, shack is life, shack is offen
+Bin da, wer noch? shack hat geöffnet!
+shack hat geöffnet: Arbeiten Sie sicher, arbeiten Sie klug!
+Bin ich schon drin? Ich bin schon drin.. das war ja einfach. Also im shack.
+Uuuuund es setzt sich in Bewegung, wir öffnen den shack, los, los! Ja da guckt ihr, jetzt gehts looos!
+EOF
+)
+
+close=$(shuf -n1 <<EOF
+Hacking vorbei, shack ist zu!
+Tja, shack ist zu
+Shackie-closie
+Der Sandmann kommt, alle shackies sind zu haus und die Tür ist zu
+shack hat Stromsparmodus aktiviert
+Tür ist zu, shackspace ist jetzt koronakonform
+Oh nein, eine Tür, sie ist verschlossen! Also, die vom shack
+Ihr kennt das ja: Abschalten. Der shack ist zu.
+EOF
+)
+error=$(shuf -n1 <<EOF
+Hase, api ist kaputt! Bitte reparieren
+API liefert kein sinnvolles Ergebnis, keine Ahnung ob shack offen oder zu ist
+shack api defekt :(
+Hubel Hubel, jemand könnte mal die shack api reparieren
+API sagt derp
+Siehste das? API? Da soll ich jetzt nen Request drauf machen? Jetzt werd ich aber langsam n bisschen wild hier langsam!
+Der API ist ein bisschen ein Otto geworden, ischwör der will mich flaxen
+ich möchte den geschäftsführer sprechen, das API geht nicht mehr!
+Herr makefu an Kasse 3 bitte, Kasse 3 bitte Herr makefu. Der API Computer ist mal wieder ausgefallen
+EOF
+)
+
+state=$(curl https://api.shackspace.de/v1/space | jq .doorState.open)
+prevstate=$(cat state ||:)
+
+if test "$state" == "$(cat state)";then
+ #echo "current and last state is the same ($state), doing nothing"
+ :
+else
+ echo "API state and last state differ ( '$state' != '$prevstate')"
+ if test "$state" == "true";then
+ send_reaktor "$open"
+ elif test "$state" == "false";then
+ send_reaktor "$close"
+ else
+ send_reaktor "$error"
+ fi
+ echo "updating state"
+ printf "%s" "$state" > state
+fi
diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix
index 53d6e6f4a..51c2ad94f 100644
--- a/krebs/2configs/shack/glados/default.nix
+++ b/krebs/2configs/shack/glados/default.nix
@@ -112,7 +112,8 @@ in {
}
{ platform = "mpd";
name = "kiosk";
- host = "lounge.kiosk.shack";
+ #host = "lounge.kiosk.shack";
+ host = "kiosk.shack";
}
];
@@ -123,7 +124,7 @@ in {
http = {
base_url = "http://hass.shack";
use_x_forwarded_for = true;
- trusted_proxies = "127.0.0.1";
+ trusted_proxies = [ "127.0.0.1" "::1" ];
};
#conversation = {};
@@ -139,6 +140,7 @@ in {
language = "de";
cache = true;
time_memory = 57600;
+ base_url = "http://hass.shack";
}
];
device_tracker = [];
diff --git a/krebs/2configs/shack/light.shack.nix b/krebs/2configs/shack/light.shack.nix
index 8e01cb1bf..715339a69 100644
--- a/krebs/2configs/shack/light.shack.nix
+++ b/krebs/2configs/shack/light.shack.nix
@@ -1,7 +1,9 @@
{ config, pkgs, ... }:
let
- light-shack-src = pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/standby.shack";
+ light-shack-src =
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "standby.shack";
rev = "e1b90a0a";
sha256 = "07fmz63arc5rxa0a3778srwz0jflp4ad6xnwkkc56hwybby0bclh";
};
diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix
index 951450200..9308c7b13 100644
--- a/krebs/2configs/shack/muell_mail.nix
+++ b/krebs/2configs/shack/muell_mail.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/muell_mail";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "muell_mail";
rev = "c3e43687879f95e01a82ef176fa15678543b2eb8";
sha256 = "0hgchwam5ma96s2v6mx2jfkh833psadmisjbm3k3153rlxp46frx";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix
index b032b4299..cabe72b40 100644
--- a/krebs/2configs/shack/muellshack.nix
+++ b/krebs/2configs/shack/muellshack.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/muellshack";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "muellshack";
rev = "dc80cf1edaa3d86ec2bebae8596ad1d4c4e3650a";
sha256 = "1yipr66zhrg5m20pf3rzvgvvl78an6ddkq6zc45rxb2r0i7ipkyh";
diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix
index 2e69d5aaa..7a648d4ee 100644
--- a/krebs/2configs/shack/node-light.nix
+++ b/krebs/2configs/shack/node-light.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/node-light.git";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "node-light";
rev = "90a9347b73af3a9960bd992e6293b357226ef6a0";
sha256 = "1av9w3w8aknlra25jw6gqxzbb01i9kdlfziy29lwz7mnryjayvwk";
}) { };
diff --git a/krebs/2configs/shack/powerraw.nix b/krebs/2configs/shack/powerraw.nix
index 43c743587..64e1911cf 100644
--- a/krebs/2configs/shack/powerraw.nix
+++ b/krebs/2configs/shack/powerraw.nix
@@ -6,14 +6,16 @@
let
influx-url = "http://influx.shack:8086";
pkg = pkgs.python3.pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/powermeter.git";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "powermeter";
rev = "438b08f";
sha256 = "0c5czmrwlw985b7ia6077mfrvbf2fq51iajb481pgqbywgxqis5m";
}) {};
in {
# receive response from light.shack / standby.shack
networking.firewall.allowedUDPPorts = [ 11111 ];
+ networking.firewall.allowedTCPPorts = [ 11111 ];
users.users.powermeter = {
extraGroups = [ "dialout" ];
isSystemUser = true;
diff --git a/krebs/2configs/shack/reaktor.nix b/krebs/2configs/shack/reaktor.nix
new file mode 100644
index 000000000..a31c7a687
--- /dev/null
+++ b/krebs/2configs/shack/reaktor.nix
@@ -0,0 +1,30 @@
+{ config, lib, pkgs, ... }:
+{
+ krebs.reaktor2.shackie = {
+ hostname = "irc.libera.chat";
+ port = "6697";
+ nick = "shackie";
+ API.listen = "inet://127.0.0.1:7777";
+ plugins = [
+ {
+ plugin = "register";
+ config = {
+ channels = [
+ "#shackspace"
+ ];
+ };
+ }
+ ];
+ };
+ systemd.services.announce_doorstatus = {
+ startAt = "*:0/1";
+ path = with pkgs; [ curl jq ];
+ script = builtins.readFile ./doorstatus.sh;
+ serviceConfig = {
+ DynamicUser = true;
+ StateDirectory = "doorstatus";
+ WorkingDirectory = "/var/lib/doorstatus";
+ PrivateTmp = true;
+ };
+ };
+}
diff --git a/krebs/2configs/shack/s3-power.nix b/krebs/2configs/shack/s3-power.nix
index 0ce8a8786..bed98d860 100644
--- a/krebs/2configs/shack/s3-power.nix
+++ b/krebs/2configs/shack/s3-power.nix
@@ -2,8 +2,9 @@
let
pkg = pkgs.callPackage (
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/s3-power";
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "s3-power";
rev = "0687ab64";
sha256 = "1m8h4bwykv24bbgr5v51mam4wsbp5424xcrawhs4izv563jjf130";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
diff --git a/krebs/2configs/shack/shackDNS.nix b/krebs/2configs/shack/shackDNS.nix
index c9cdfd24b..00f79abc4 100644
--- a/krebs/2configs/shack/shackDNS.nix
+++ b/krebs/2configs/shack/shackDNS.nix
@@ -1,9 +1,10 @@
{ config, lib, pkgs, ... }:
let
- pkg =
- pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/shackdns";
+ pkg =
+ pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "shackdns";
rev = "e55cc906c734b398683f9607b93f1ad6435d8575";
sha256 = "1hkwhf3hqb4fz06b1ckh7sl0zcyi4da5fgdlksian8lxyd19n8sq";
};
diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix
index 4bdb095f1..e339d3174 100644
--- a/krebs/2configs/shack/worlddomination.nix
+++ b/krebs/2configs/shack/worlddomination.nix
@@ -4,8 +4,9 @@ with import <stockholm/lib>;
let
pkg = pkgs.stdenv.mkDerivation {
name = "worlddomination-2020-12-01";
- src = pkgs.fetchgit {
- url = "https://git.shackspace.de/rz/worlddomination.git";
+ src = pkgs.fetchFromGitHub {
+ owner = "shackspace";
+ repo = "worlddomination";
rev = "c7aedcde7cd1fcb870b5356a6125e1a384b0776c";
sha256 = "0y6haz5apwa33lz64l7b2x78wrrckbw39j4wzyd1hfk46478xi2y";
};
diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
deleted file mode 100644
index 2a035d7be..000000000
--- a/krebs/3modules/Reaktor.nix
+++ /dev/null
@@ -1,155 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
-
- cfg = config.krebs.Reaktor;
- homedir = "/var/lib/Reaktor";
-
- out = {
- options.krebs.Reaktor = api;
- config = mkIf (cfg != {}) imp;
- };
-
- api = mkOption {
- default = {};
- type = with types; attrsOf (submodule ({ options = {
-
- nickname = mkOption {
- default = config.krebs.build.host.name + "|r";
- type = types.str;
- description = ''
- The nick name of the irc bot.
- Defaults to {hostname}|r
- '';
- };
-
- overrideConfig = mkOption {
- default = null;
- type = types.nullOr types.str;
- description = ''
- configuration to be used instead of default ones.
- Reaktor default cfg can be retrieved via `reaktor get-config`
- '';
- };
-
- plugins = mkOption {
- default = [pkgs.ReaktorPlugins.nixos-version];
- };
-
- workdir = mkOption {
- default = "/var/lib/Reaktor";
- type = types.path;
- description = ''
- path to be used as workdir (home dir is still /var/lib/Reaktor)
- '';
- };
-
- extraConfig = mkOption {
- default = "";
- type = types.str;
- description = ''
- configuration appended to the default or overridden configuration
- '';
- };
-
- extraEnviron = mkOption {
- default = {};
- type = types.attrsOf types.str;
- description = ''
- Environment to be provided to the service, can be:
- REAKTOR_HOST
- REAKTOR_PORT
- REAKTOR_STATEDIR
-
- debug and nickname can be set separately via the Reaktor api
- '';
- };
-
- channels = mkOption {
- default = [ "#krebs" ];
- type = types.listOf types.str;
- description = ''
- Channels the Reaktor should connect to at startup.
- '';
- };
-
- debug = mkOption {
- default = false;
- description = ''
- Reaktor debug output
- '';
- };
- };}));
- };
-
- imp = {
- # TODO get user per configured bot
- # TODO get home from api
- # for reaktor get-config
- users.extraUsers = singleton rec {
- name = "Reaktor";
- uid = genid name;
- description = "Reaktor user";
- home = homedir;
- createHome = true;
- };
-
- #users.extraGroups = singleton {
- # name = "Reaktor";
- # gid = config.ids.gids.Reaktor;
- #};
-
- systemd.services = mapAttrs' (name: botcfg:
- let
- ReaktorConfig = pkgs.writeText "config.py" ''
- ${if (isString botcfg.overrideConfig ) then ''
- # Overriden Config
- ${botcfg.overrideConfig}
- '' else ""}
- ## Extra Config
- ${concatStringsSep "\n" (map (plug: plug.config) botcfg.plugins)}
- ${botcfg.extraConfig}
- '';
- in nameValuePair "Reaktor-${name}" {
- path = with pkgs; [
- git # for nag
- jq # for tell
- python # for caps
- utillinux # flock for tell
- ];
- description = "Reaktor IRC Bot";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
- environment = {
- GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
- PYTHONPATH = "${pkgs.Reaktor}/lib/python3.6/site-packages";
- REAKTOR_NICKNAME = botcfg.nickname;
- REAKTOR_DEBUG = (if botcfg.debug then "True" else "False");
- REAKTOR_CHANNELS = lib.concatStringsSep "," botcfg.channels;
- state_dir = botcfg.workdir;
-
- } // botcfg.extraEnviron;
- serviceConfig= {
- ExecStartPre = pkgs.writeScript "Reaktor-init" ''
- #! /bin/sh
- ${if (isString botcfg.overrideConfig) then
- ''cp ${ReaktorConfig} /tmp/reaktor-${name}-config.py''
- else
- ''(${pkgs.Reaktor}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/reaktor-${name}-config.py''
- }
- mkdir -p ${botcfg.workdir}
- '';
- ExecStart = "${pkgs.Reaktor}/bin/reaktor run /tmp/reaktor-${name}-config.py";
- PrivateTmp = "true";
- User = "Reaktor";
- Restart = "always";
- RestartSec= "30" ;
- };
- }
- ) cfg;
-
- };
-
-in
-out
diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix
index 76eb4b136..a40ae8cef 100644
--- a/krebs/3modules/announce-activation.nix
+++ b/krebs/3modules/announce-activation.nix
@@ -9,6 +9,7 @@ with import <stockholm/lib>;
${shell.escape (toString cfg.irc.port)} \
${shell.escape cfg.irc.nick} \
${shell.escape cfg.irc.channel} \
+ ${escapeShellArg cfg.irc.tls} \
"$message"
'';
default-get-message = pkgs.writeDash "announce-activation-get-message" ''
@@ -50,6 +51,10 @@ in {
default = "irc.r";
type = types.hostname;
};
+ tls = mkOption {
+ default = false;
+ type = types.bool;
+ };
};
};
config = mkIf cfg.enable {
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 30ca82b97..149995a23 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -43,7 +43,6 @@ let
./permown.nix
./per-user.nix
./power-action.nix
- ./Reaktor.nix
./reaktor2.nix
./realwallpaper.nix
./retiolum-bootstrap.nix
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 75be58326..eff2967e0 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -18,42 +18,14 @@ with import <stockholm/lib>;
in {
hosts = mapAttrs hostDefaults {
- toum = {
- owner = config.krebs.users.kmein;
- nets = {
- retiolum = {
- ip4.addr = "10.243.2.3";
- aliases = [
- "toum.r"
- "toum.kmein.r"
- ];
- tinc.pubkey = ''
- -----BEGIN PUBLIC KEY-----
- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2tRtskPP6391+ZX9xzsx
- CUotXuqYucYmnUbrRSIlxASVqTmAf3nDOE5EDBBcTdSwnb02JcJW4Zh7+BGgMxjF
- GxDPs6ETI28mHK+6rp8TOkMnyDb5mtSGVZPvKJU9fFOt6aAX1J1BzTfwtHtVQq7K
- WBzdpeKXlw4dIQ6K6SGmPIPpEh9pE1Xb+GuVljCXKxGJFbW40dmh2ZdadO7umBDu
- vRk08jT9/BUnUP6KrZlvyePnG38z6srMrVU+XAHu5D2qZ9y+QIp3kw7Y5JUrNXc7
- 9q9P9TYx15GiIz2mSJKcLVmkLRebsaqdV7dBibPbfdGE+NB+F1FYPGDdW4cnonon
- DzzjGm/FDfOCXEnSkYGQDBWpfd/8AWum1xGJxJCPNBJElGE2o5jDWo4Y1b9gHP0M
- vARm8AOK8R1pQ7BP+pNMO0gGw2NDrtWiWpTeZ7SqXmZAZ/Gmyen9X+/fowcbTyDH
- b9joIuMQeOtxbUV2JprZIdit9NBFSZq/7Re/GBUwjGBm3LabIXFNGKZovx/f9lf8
- r5tVs4SPauiKzZS0K1Gz1NSq+3OXaY5EwVrBUXptYqRT7uyhVloOPRUsqRFeB0Fn
- Y5xOpDJ0UiJxgFbdH5Vb81D/VjNO9Q4nZib8wSEuLrYLHGoceQPX4+Ov9IdhIL4B
- BMTCaF+VCWC5PCLr0e61KqMCAwEAAQ==
- -----END PUBLIC KEY-----
- '';
- };
- };
- };
- wilde = {
+ kabsa = {
owner = config.krebs.users.kmein;
nets = {
retiolum = {
ip4.addr = "10.243.2.4";
aliases = [
- "wilde.r"
- "wilde.kmein.r"
+ "kabsa.r"
+ "kabsa.kmein.r"
];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
@@ -99,34 +71,6 @@ in {
};
};
};
- homeros = {
- owner = config.krebs.users.kmein;
- nets = {
- retiolum = {
- ip4.addr = "10.243.2.1";
- aliases = [
- "homeros.r"
- "homeros.kmein.r"
- ];
- tinc.pubkey = ''
- -----BEGIN PUBLIC KEY-----
- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd
- ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc
- 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v
- RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd
- vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3
- +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc
- QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm
- fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh
- VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7
- k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX
- gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N
- mJ/hywVtvLxNkNimyztoKKMCAwEAAQ==
- -----END PUBLIC KEY-----
- '';
- };
- };
- };
horisa = {
cores = 2;
owner = config.krebs.users.ulrich; # main laptop
@@ -205,6 +149,7 @@ in {
aliases = [
"makanek.r"
"makanek.kmein.r"
+ "grafana.kmein.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -317,6 +262,7 @@ in {
aliases = [
"zaatar.r"
"zaatar.kmein.r"
+ "radio.kmein.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -639,7 +585,7 @@ in {
nets = {
retiolum = {
ip4.addr = "10.243.13.12";
- aliases = [ "catalonia.r" ];
+ aliases = [ "catalonia.r" "aleph.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y
diff --git a/krebs/3modules/hidden-ssh.nix b/krebs/3modules/hidden-ssh.nix
index 1e56e62f9..acbe717d9 100644
--- a/krebs/3modules/hidden-ssh.nix
+++ b/krebs/3modules/hidden-ssh.nix
@@ -19,6 +19,14 @@ let
type = types.str;
default = "irc.hackint.org";
};
+ port = mkOption {
+ type = types.int;
+ default = 6697;
+ };
+ tls = mkOption {
+ type = types.bool;
+ default = true;
+ };
message = mkOption {
type = types.str;
default = "SSH Hidden Service at ";
@@ -27,14 +35,17 @@ let