summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/htgen.nix68
-rw-r--r--krebs/3modules/lass/ssh/shodan.rsa2
-rw-r--r--krebs/3modules/makefu/default.nix2
-rw-r--r--krebs/5pkgs/apt-cacher-ng/default.nix4
-rw-r--r--krebs/5pkgs/htgen/default.nix28
6 files changed, 101 insertions, 4 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index f336c966f..d24cea1a2 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -20,6 +20,7 @@ let
./github-hosts-sync.nix
./git.nix
./go.nix
+ ./htgen.nix
./iptables.nix
./kapacitor.nix
./monit.nix
diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix
new file mode 100644
index 000000000..0dddca6c8
--- /dev/null
+++ b/krebs/3modules/htgen.nix
@@ -0,0 +1,68 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ cfg = config.krebs.htgen;
+
+ out = {
+ options.krebs.htgen = api;
+ config = imp;
+ };
+
+ api = mkOption {
+ default = {};
+ type = types.attrsOf (types.submodule ({ config, ... }: {
+ options = {
+ enable = mkEnableOption "krebs.htgen-${config.name}";
+
+ name = mkOption {
+ type = types.username;
+ default = config._module.args.name;
+ };
+
+ port = mkOption {
+ type = types.uint;
+ };
+
+ script = mkOption {
+ type = types.str;
+ };
+ user = mkOption {
+ type = types.user;
+ default = {
+ name = "htgen-${config.name}";
+ home = "/var/lib/htgen-${config.name}";
+ };
+ };
+ };
+ }));
+ };
+ imp = {
+
+ systemd.services = mapAttrs' (name: htgen:
+ nameValuePair "htgen-${name}" {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+ environment = {
+ HTGEN_PORT = toString htgen.port;
+ HTGEN_SCRIPT = htgen.script;
+ };
+ serviceConfig = {
+ SyslogIdentifier = "htgen";
+ User = htgen.user.name;
+ PrivateTmp = true;
+ Restart = "always";
+ ExecStart = "${pkgs.htgen}/bin/htgen --serve";
+ };
+ }
+ ) cfg;
+
+ users.users = mapAttrs' (name: htgen:
+ nameValuePair htgen.user.name {
+ inherit (htgen.user) home name uid;
+ createHome = true;
+ }
+ ) cfg;
+
+ };
+in out
diff --git a/krebs/3modules/lass/ssh/shodan.rsa b/krebs/3modules/lass/ssh/shodan.rsa
index 3ee08ad41..36a8901fa 100644
--- a/krebs/3modules/lass/ssh/shodan.rsa
+++ b/krebs/3modules/lass/ssh/shodan.rsa
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV+EscrUKgsu6iO94lJQ45o0t9QV88H7RrbLCsysgesQqiCbq0XNJKSrKI4T/o5dBNfoHMi4FSuPsF3YzffvMOWmdluHRBIhDJSDiFaraHr1zu7fHDO8gsUf/a3H3LPHtRRoXQFNsIK5NRLR35WpKt+zG6GK/WLBzb2N4MR3Ym5Qo2OepW3pgMWjjbmiUbGGiao9OWgx5tjjT8PLHIWdoEmJsaE5UnOWebqY+xfkWXMLdzMBPyEdCVwUO7X3Ip0Zk/BJFSqtIHBqQtp+njgeRwfkL2xabge3VGALAnQg5iYXzT8kfzIu/wfaoSdGkdPWxMo80KDiJJlpLj1oC3ABmDj01Hgu9p+g5Em0SFevcenspTii3IvYqdq+eg5+pPny4ki9748t6FlWRsrjrmjdQVVMWbhx42+lsyxIYsdXhwWMqNwTNzvY7Fxy3/8XE14pYWCV5eEll2/hSNfI6AcOoJ0vfHvOXsY6GVMYklXDIFzmiJOpyox+DnTahyUqQ6IcLH73vp9boVK31kf8EC7VDp8ms2ZiXz9nfPYltiUOtKKG0gqg9Jgs7xthpX82WYEp2+PXzPCHWs4WXs3OsUzQ8ykXXD2A7JMVBBv0FaMD4aBsOe7hU20/sO+/J/uuPe5xnpI//uFK4KkYCmDHZcZ3Qzh9CQTISwFvOBbYtRWbDo5w== lass@shodan
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDH31q4qmu8dbnu5BJMEW5CAMW9xlZg5dNTREy6vHE5OofmDEzi5YTBYr543ppGYQL/PzepChGl8RKZETeU+pnqTTHgnUh3KkOnX0GmpKgDgFgDrdVwyU137P6RyOo/kLvfbzAu1bFC5Q5hUDdbd5dDAQGN23wsRQxx1EI1uMrrMbMUKxpk/x5+AZi0JfAOY4SJNYIRfnim5v9jAt1JHeOjKy3sT3/ZEaJqK8DAKEHo0/kYyizWn5M7do5bw2+WpG/gHpdtTD0NlKwFUyMzhFJh4ahDt9FtExnmDA45rAcVSsinhUmrPqPwBKEnUxle5tw3A4YRHUvqhHTo6G852iiPHE0DUlCKsDJwr+lw3DXjK+HYOdKMFC6nsh4x+SFrwg6JKCXPzeCH2w7VP5xJGlb3YS+NcvbYWRbiqJ/M2hVdn/Atxq2VUAdKnrNtNW4ZYH6yJTGOkcXkyKJzcTj5JZIvJd1DL0pI9aGWNxnmfyOVMgaKfdafBqU/PB8RPPAZH9RCVRH0g+Cnu0NoJmkwKaq0K+z+FF9eNqVpNnYnjVLsPvjLIXCn8kJl4/2mimDlOarj/I9Hs+k0/gbzx4PKUS87+rUVA4Hfz+MltzZQUGoIBQxciAgVVh7zLrMgnPWwvqHnMKAQ9nzgme3A4ew2Ocyl30+skLstr9e08VqErguYSw== lass@shodan
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 489f62b65..7a6a88e85 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -464,7 +464,7 @@ with import <stockholm/lib>;
retiolum = {
via = internet;
ip4.addr = "10.243.0.211";
- ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
+ # ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
aliases = [
"gum.r"
"gum.retiolum"
diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix
index 53736dcfb..e3986713b 100644
--- a/krebs/5pkgs/apt-cacher-ng/default.nix
+++ b/krebs/5pkgs/apt-cacher-ng/default.nix
@@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "apt-cacher-ng-${version}";
- version = "0.9.3.2";
+ version = "2";
src = fetchurl {
url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz";
- sha256 = "1bvng9mwrggvc93q2alj0x72i56wifnjs2dsycr17mapsv0f2gnc";
+ sha256 = "0bkc3012vinridl5ch46pwnxjalymx4wf6nxax64nm7bdkcj9azf";
};
NIX_LDFLAGS = "-lpthread";
diff --git a/krebs/5pkgs/htgen/default.nix b/krebs/5pkgs/htgen/default.nix
new file mode 100644
index 000000000..f9dfeb3d1
--- /dev/null
+++ b/krebs/5pkgs/htgen/default.nix
@@ -0,0 +1,28 @@
+{ bash, coreutils, gnused, stdenv, fetchgit, ucspi-tcp }:
+with import <stockholm/lib>;
+let
+ version = "1.1";
+in stdenv.mkDerivation {
+ name = "htgen-${version}";
+
+ src = fetchgit {
+ url = "http://cgit.krebsco.de/htgen";
+ rev = "refs/tags/v${version}";
+ sha256 = "1zxj0fv9vdrqyl3x2hgq7a6xdlzpclf93akygysrzsqk9wjapp4z";
+ };
+
+ installPhase = ''
+ mkdir -p $out/bin
+ {
+ echo '#! ${bash}/bin/bash'
+ echo 'export PATH=${makeBinPath [
+ ucspi-tcp
+ coreutils
+ gnused
+ ]}''${PATH+":$PATH"}'
+ cat htgen
+ } > $out/bin/htgen
+ chmod +x $out/bin/htgen
+ cp -r examples $out
+ '';
+}