summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/hotdog/config.nix4
-rw-r--r--krebs/1systems/news/config.nix36
-rw-r--r--krebs/1systems/puyak/config.nix8
-rw-r--r--krebs/2configs/go.nix3
-rw-r--r--krebs/2configs/ircd.nix29
-rw-r--r--krebs/2configs/news-host.nix12
-rw-r--r--krebs/2configs/news.nix258
-rw-r--r--krebs/2configs/syncthing.nix15
-rw-r--r--krebs/3modules/bindfs.nix61
-rw-r--r--krebs/3modules/brockman.nix11
-rw-r--r--krebs/3modules/default.nix9
-rw-r--r--krebs/3modules/go.nix96
-rw-r--r--krebs/3modules/krebs/default.nix33
-rw-r--r--krebs/3modules/lass/default.nix7
-rw-r--r--krebs/3modules/lass/pgp/green.pgp40
-rw-r--r--krebs/3modules/lass/ssh/green.ed255191
-rw-r--r--krebs/3modules/newsbot-js.nix102
-rw-r--r--krebs/3modules/sync-containers.nix174
-rw-r--r--krebs/5pkgs/haskell/brockman.nix19
-rw-r--r--krebs/5pkgs/haskell/scanner.nix9
-rw-r--r--krebs/5pkgs/simple/TabFS/default.nix6
-rw-r--r--krebs/5pkgs/simple/TabFS/src.json10
-rw-r--r--krebs/5pkgs/simple/ecrypt/default.nix111
-rw-r--r--krebs/5pkgs/simple/git-preview.nix17
-rw-r--r--krebs/5pkgs/simple/go-shortener/default.nix56
-rw-r--r--krebs/5pkgs/simple/go-shortener/node-packages.nix88
-rw-r--r--krebs/5pkgs/simple/go-shortener/pkgs.json4
-rwxr-xr-xkrebs/5pkgs/simple/go-shortener/update.sh4
-rw-r--r--krebs/5pkgs/simple/newsbot-js/default.nix58
-rw-r--r--krebs/5pkgs/simple/newsbot-js/node-packages.nix777
-rw-r--r--krebs/5pkgs/simple/newsbot-js/pkgs.json7
-rwxr-xr-xkrebs/5pkgs/simple/newsbot-js/update.sh4
-rw-r--r--krebs/5pkgs/simple/realwallpaper/default.nix46
-rw-r--r--krebs/5pkgs/simple/rss-bridge/default.nix33
-rw-r--r--krebs/5pkgs/simple/urix.nix15
-rw-r--r--krebs/krops.nix8
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
38 files changed, 811 insertions, 1376 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index c0fa38284..a100e414d 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -1,7 +1,3 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
{ config, lib, pkgs, ... }:
{
diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix
new file mode 100644
index 000000000..5c4b37aef
--- /dev/null
+++ b/krebs/1systems/news/config.nix
@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ <stockholm/krebs>
+ <stockholm/krebs/2configs>
+
+ <stockholm/krebs/2configs/ircd.nix>
+ <stockholm/krebs/2configs/go.nix>
+
+ #### NEWS ####
+ <stockholm/krebs/2configs/ircd.nix>
+ <stockholm/krebs/2configs/news.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.news;
+
+ boot.isContainer = true;
+ networking.useDHCP = false;
+ krebs.bindfs = {
+ "/var/lib/htgen-go" = {
+ source = "/var/state/htgen-go";
+ options = [
+ "-m ${toString config.users.users.htgen-go.uid}"
+ ];
+ clearTarget = true;
+ };
+ "/var/lib/brockman" = {
+ source = "/var/state/brockman";
+ options = [
+ "-m ${toString config.users.users.brockman.uid}:${toString config.users.users.nginx.uid}"
+ ];
+ clearTarget = true;
+ };
+ };
+}
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 19cf22280..1e0687ba7 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -19,14 +19,6 @@
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/binary-cache/prism.nix>
- ### Krebs ###
- <stockholm/krebs/2configs/go.nix>
-
- #### NEWS ####
- <stockholm/krebs/2configs/ircd.nix>
- <stockholm/krebs/2configs/news.nix>
-
-
### shackspace ###
# handle the worlddomination map via coap
<stockholm/krebs/2configs/shack/worlddomination.nix>
diff --git a/krebs/2configs/go.nix b/krebs/2configs/go.nix
index c39b08a8e..ce5db62d4 100644
--- a/krebs/2configs/go.nix
+++ b/krebs/2configs/go.nix
@@ -2,9 +2,6 @@
with import <stockholm/lib>;
{
- environment.systemPackages = [
- pkgs.go-shortener
- ];
krebs.go = {
enable = true;
};
diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix
index 65972aacc..789fc2f2f 100644
--- a/krebs/2configs/ircd.nix
+++ b/krebs/2configs/ircd.nix
@@ -11,12 +11,12 @@
hello
'';
config = ''
+ loadmodule "extensions/m_omode";
serverinfo {
name = "${config.krebs.build.host.name}.irc.r";
sid = "1as";
description = "miep!";
network_name = "irc.r";
- hub = yes;
vhost = "0.0.0.0";
vhost6 = "::";
@@ -26,7 +26,7 @@
#ssl_dh_params = "etc/dh.pem";
#ssld_count = 1;
- default_max_clients = 10000;
+ default_max_clients = 100000;
#nicklen = 30;
};
@@ -43,19 +43,31 @@
/* Listen on IPv6 (if you used host= above). */
host = "::";
port = 6667;
- sslport = 9999;
+ sslport = 6697;
};
class "users" {
ping_time = 2 minutes;
number_per_ident = 10;
- number_per_ip = 2048;
+ number_per_ip = 4096;
number_per_ip_global = 4096;
cidr_ipv4_bitlen = 24;
cidr_ipv6_bitlen = 64;
number_per_cidr = 65536;
- max_number = 3000;
- sendq = 1 megabyte;
+ max_number = 100000;
+ sendq = 10 megabyte;
+ };
+
+ privset "op" {
+ privs = oper:admin;
+ };
+
+ operator "aids" {
+ user = "*@*";
+ password = "balls";
+ flags = ~encrypted;
+ snomask = "+s";
+ privset = "op";
};
exempt {
@@ -93,12 +105,13 @@
channel_target_change = yes;
disable_local_channels = no;
};
+
general {
#maybe we want ident someday?
- default_floodcount = 1000;
+ default_floodcount = 10000;
disable_auth = yes;
throttle_duration = 1;
- throttle_count = 1000;
+ throttle_count = 10000;
};
'';
};
diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix
new file mode 100644
index 000000000..82360a670
--- /dev/null
+++ b/krebs/2configs/news-host.nix
@@ -0,0 +1,12 @@
+{
+ krebs.sync-containers.containers.news = {
+ peers = [
+ "shodan"
+ "mors"
+ "styx"
+ ];
+ hostIp = "10.233.2.101";
+ localIp = "10.233.2.102";
+ format = "plain";
+ };
+}
diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix
index 11c136f85..3bf991433 100644
--- a/krebs/2configs/news.nix
+++ b/krebs/2configs/news.nix
@@ -1,168 +1,112 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
{
+ services.rss-bridge = {
+ enable = true;
+ whitelist = [ "*" ];
+ };
+ services.nginx.virtualHosts = {
+ rss-bridge = {
+ serverAliases = [
+ "rss.r"
+ ];
+ };
+ "brockman.r" = {
+ serverAliases = [
+ "news.r"
+ ];
+ locations."/".extraConfig = ''
+ root /var/lib/brockman;
+ index brockman.json;
+ '';
+ };
+ };
+ systemd.tmpfiles.rules = [
+ "d /var/lib/brockman 1750 brockman nginx -"
+ ];
+
krebs.brockman = {
enable = true;
config = {
irc.host = "localhost";
+ channel = "#all";
shortener = "http://go.r";
- bots = {
- aje = { feed ="http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989"; channels = [ "#snews" ]; };
- allafrica = { feed ="http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf"; channels = [ "#snews" ]; };
- antirez = { feed ="http://antirez.com/rss"; channels = [ "#snews" "#news" ]; };
- archlinux = { feed ="http://www.archlinux.org/feeds/news/"; channels = [ "#snews" "#news" ]; };
- ars = { feed ="http://feeds.arstechnica.com/arstechnica/index?format=xml"; channels = [ "#snews" ]; };
- augustl = { feed ="http://augustl.com/atom.xml"; channels = [ "#snews" ]; };
- bbc = { feed ="http://feeds.bbci.co.uk/news/rss.xml"; channels = [ "#snews" ]; };
- bdt_aktuelle_themen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss"; channels = [ "#snews" ]; };
- bdt_drucksachen = { feed ="http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss"; channels = [ "#snews" ]; };
- bdt_plenarproto = { feed ="http://www.bundestag.de/rss_feeds/plenarprotokolle.rss"; channels = [ "#snews" ]; };
- bdt_pressemitteilungen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss"; channels = [ "#snews" ]; };
- bitcoinpakistan = { feed ="https://bitcoinspakistan.com/feed/"; channels = [ "#snews" ]; };
- cancer = { feed ="http://feeds.feedburner.com/ncinewsreleases?format=xml"; channels = [ "#snews" ]; };
- carta = { feed ="http://feeds2.feedburner.com/carta-standard-rss"; channels = [ "#snews" ]; };
- catholic_news = { feed ="http://feeds.feedburner.com/catholicnewsagency/dailynews"; channels = [ "#snews" ]; };
- cbc_busi = { feed ="http://rss.cbc.ca/lineup/business.xml"; channels = [ "#snews" ]; };
- cbc_offbeat = { feed ="http://www.cbc.ca/cmlink/rss-offbeat"; channels = [ "#snews" ]; };
- cbc_pol = { feed ="http://rss.cbc.ca/lineup/politics.xml"; channels = [ "#snews" ]; };
- cbc_tech = { feed ="http://rss.cbc.ca/lineup/technology.xml"; channels = [ "#snews" ]; };
- cbc_top = { feed ="http://rss.cbc.ca/lineup/topstories.xml"; channels = [ "#snews" ]; };
- ccc = { feed ="http://www.ccc.de/rss/updates.rdf"; channels = [ "#snews" ]; };
- chan_biz = { feed ="http://boards.4chan.org/biz/index.rss"; channels = [ "#snews" ]; };
- chan_g = { feed ="http://boards.4chan.org/g/index.rss"; channels = [ "#snews" ]; };
- chan_int = { feed ="http://boards.4chan.org/int/index.rss"; channels = [ "#snews" ]; };
- chan_sci = { feed ="http://boards.4chan.org/sci/index.rss"; channels = [ "#snews" ]; };
- chan_x = { feed ="http://boards.4chan.org/x/index.rss"; channels = [ "#snews" ]; };
- c = { feed ="http://www.tempolimit-lichtgeschwindigkeit.de/news.xml"; channels = [ "#snews" ]; };
- cryptogon = { feed ="http://www.cryptogon.com/?feed=rss2"; channels = [ "#snews" ]; };
- csm = { feed ="http://rss.csmonitor.com/feeds/csm"; channels = [ "#snews" ]; };
- csm_world = { feed ="http://rss.csmonitor.com/feeds/world"; channels = [ "#snews" ]; };
- danisch = { feed ="http://www.danisch.de/blog/feed/"; channels = [ "#snews" ]; };
- dod = { feed ="http://www.defense.gov/news/afps2.xml"; channels = [ "#snews" ]; };
- dwn = { feed ="http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/"; channels = [ "#snews" ]; };
- ecat = { feed ="http://ecat.com/feed"; channels = [ "#snews" ]; };
- eia_press = { feed ="http://www.eia.gov/rss/press_rss.xml"; channels = [ "#snews" ]; };
- eia_today = { feed ="http://www.eia.gov/rss/todayinenergy.xml"; channels = [ "#snews" ]; };
- embargowatch = { feed ="https://embargowatch.wordpress.com/feed/"; channels = [ "#snews" ]; };
- ethereum-comments = { feed ="http://blog.ethereum.org/comments/feed"; channels = [ "#snews" ]; };
- ethereum = { feed ="http://blog.ethereum.org/feed"; channels = [ "#snews" "#news" ]; };
- europa_ric = { feed ="http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml"; channels = [ "#snews" ]; };
- eu_survei = { feed ="http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx"; channels = [ "#snews" ]; };
- exploitdb = { feed ="http://www.exploit-db.com/rss.xml"; channels = [ "#snews" ]; };
- fars = { feed ="http://www.farsnews.com/rss.php"; channels = [ "#snews #test" ]; };
- faz_feui = { feed ="http://www.faz.net/rss/aktuell/feuilleton/"; channels = [ "#snews" ]; };
- faz_politik = { feed ="http://www.faz.net/rss/aktuell/politik/"; channels = [ "#snews" ]; };
- faz_wirtschaft = { feed ="http://www.faz.net/rss/aktuell/wirtschaft/"; channels = [ "#snews" ]; };
- fbi = { feed ="https://www.fbi.gov/news/rss.xml"; channels = [ "#snews" ]; };
- fedreserve = { feed ="http://www.federalreserve.gov/feeds/press_all.xml"; channels = [ "#snews" ]; };
- fefe = { feed ="http://blog.fefe.de/rss.xml"; channels = [ "#snews" ]; };
- forbes = { feed ="http://www.forbes.com/forbes/feed2/"; channels = [ "#snews" ]; };
- forbes_realtime = { feed ="http://www.forbes.com/real-time/feed2/"; channels = [ "#snews" ]; };
- fox = { feed ="http://feeds.foxnews.com/foxnews/latest"; channels = [ "#snews" ]; };
- geheimorganisation = { feed ="http://geheimorganisation.org/feed/"; channels = [ "#snews" ]; };
- GerForPol = { feed ="http://www.german-foreign-policy.com/de/news/rss-2.0"; channels = [ "#snews" ]; };
- gmanet = { feed ="http://www.gmanetwork.com/news/rss/news"; channels = [ "#snews" ]; };
- golem = { feed ="http://rss.golem.de/rss.php"; channels = [ "#snews" ]; };
- google = { feed ="http://news.google.com/?output=rss"; channels = [ "#snews" ]; };
- greenpeace = { feed ="http://feeds.feedburner.com/GreenpeaceNews"; channels = [ "#snews" ]; };
- guardian_uk = { feed ="http://feeds.theguardian.com/theguardian/uk-news/rss"; channels = [ "#snews" ]; };
- gulli = { feed ="http://ticker.gulli.com/rss/"; channels = [ "#snews" ]; };
- hackernews = { feed ="https://news.ycombinator.com/rss"; channels = [ "#snews" ]; };
- handelsblatt = { feed ="http://www.handelsblatt.com/contentexport/feed/schlagzeilen"; channels = [ "#snews" ]; };
- heise = { feed ="https://www.heise.de/newsticker/heise-atom.xml"; channels = [ "#snews" ]; };
- hindu_business = { feed ="http://www.thehindubusinessline.com/?service=rss"; channels = [ "#snews" ]; };
- hindu = { feed ="http://www.thehindu.com/?service=rss"; channels = [ "#snews" ]; };
- ign = { feed ="http://feeds.ign.com/ign/all"; channels = [ "#snews" ]; };
- independent = { feed ="http://www.independent.com/rss/headlines/"; channels = [ "#snews" ]; };
- indymedia = { feed ="https://de.indymedia.org/rss.xml"; channels = [ "#snews" ]; };
- info_libera = { feed ="http://www.informationliberation.com/rss.xml"; channels = [ "#snews" ]; };
- klagen-gegen-rundfuckbeitrag = { feed ="http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default"; channels = [ "#snews" ]; };
- korea_herald = { feed ="http://www.koreaherald.com/rss_xml.php"; channels = [ "#snews" ]; };
- linuxinsider = { feed ="http://www.linuxinsider.com/perl/syndication/rssfull.pl"; channels = [ "#snews" ]; };
- lisp = { feed ="http://planet.lisp.org/rss20.xml"; channels = [ "#snews" ]; };
- liveleak = { feed ="http://www.liveleak.com/rss"; channels = [ "#snews" ]; };
- lolmythesis = { feed ="http://lolmythesis.com/rss"; channels = [ "#snews" ]; };
- LtU = { feed ="http://lambda-the-ultimate.org/rss.xml"; channels = [ "#snews" "#news" ]; };
- lukepalmer = { feed ="http://lukepalmer.wordpress.com/feed/"; channels = [ "#snews" ]; };
- mit = { feed ="http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss"; channels = [ "#snews" ]; };
- mongrel2_master = { feed ="https://github.com/zedshaw/mongrel2/commits/master.atom"; channels = [ "#snews" "#news" ]; };
- nds = { feed ="http://www.nachdenkseiten.de/?feed=atom"; channels = [ "#snews" ]; };
- netzpolitik = { feed ="https://netzpolitik.org/feed/"; channels = [ "#snews" ]; };
- newsbtc = { feed ="http://newsbtc.com/feed/"; channels = [ "#snews" ]; };
- nnewsg = { feed ="http://www.net-news-global.net/rss/rssfeed.xml"; channels = [ "#snews" ]; };
- npr_busi = { feed ="http://www.npr.org/rss/rss.php?id=1006"; channels = [ "#snews" ]; };
- npr_headlines = { feed ="http://www.npr.org/rss/rss.php?id=1001"; channels = [ "#snews" ]; };
- npr_pol = { feed ="http://www.npr.org/rss/rss.php?id=1012"; channels = [ "#snews" ]; };
- npr_world = { feed ="http://www.npr.org/rss/rss.php?id=1004"; channels = [ "#snews" ]; };
- nsa = { feed ="https://www.nsa.gov/rss.xml"; channels = [ "#snews #bullerei" ]; };
- nytimes = { feed ="http://rss.nytimes.com/services/xml/rss/nyt/World.xml"; channels = [ "#snews" ]; };
- painload = { feed ="https://github.com/krebs/painload/commits/master.atom"; channels = [ "#snews" "#news" ]; };
- phys = { feed ="http://phys.org/rss-feed/"; channels = [ "#snews" ]; };
- piraten = { feed ="https://www.piratenpartei.de/feed/"; channels = [ "#snews" ]; };
- polizei_berlin = { feed ="http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml"; channels = [ "#snews" ]; };
- presse_polizei = { feed ="http://www.presseportal.de/rss/polizei.rss2"; channels = [ "#snews" ]; };
- presseportal = { feed ="http://www.presseportal.de/rss/presseportal.rss2"; channels = [ "#snews" ]; };
- prisonplanet = { feed ="http://prisonplanet.com/feed.rss"; channels = [ "#snews" ]; };
- rawstory = { feed ="http://www.rawstory.com/rs/feed/"; channels = [ "#snews" ]; };
- reddit_4chan = { feed ="http://www.reddit.com/r/4chan/new/.rss"; channels = [ "#snews" ]; };
- reddit_anticonsum = { feed ="http://www.reddit.com/r/Anticonsumption/new/.rss"; channels = [ "#snews" ]; };
- reddit_btc = { feed ="http://www.reddit.com/r/Bitcoin/new/.rss"; channels = [ "#snews" ]; };
- reddit_consp = { feed ="http://reddit.com/r/conspiracy/.rss"; channels = [ "#snews" ]; };
- reddit_haskell = { feed ="http://www.reddit.com/r/haskell/.rss"; channels = [ "#snews" "#news" ]; };
- reddit_nix = { feed ="http://www.reddit.com/r/nixos/.rss"; channels = [ "#snews" "#news" ]; };
- reddit_prog = { feed ="http://www.reddit.com/r/programming/new/.rss"; channels = [ "#snews" ]; };
- reddit_sci = { feed ="http://www.reddit.com/r/science/.rss"; channels = [ "#snews" ]; };
- reddit_tech = { feed ="http://www.reddit.com/r/technology/.rss"; channels = [ "#snews" ]; };
- reddit_tpp = { feed ="http://www.reddit.com/r/twitchplayspokemon/.rss"; channels = [ "#snews" ]; };
- reddit_world = { feed ="http://www.reddit.com/r/worldnews/.rss"; channels = [ "#snews" ]; };
- r-ethereum = { feed ="http://www.reddit.com/r/ethereum/.rss"; channels = [ "#snews" ]; };
- reuters = { feed ="http://feeds.reuters.com/Reuters/worldNews"; channels = [ "#snews" ]; };
- reuters-odd = { feed ="http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml"; channels = [ "#snews" ]; };
- rt = { feed ="http://rt.com/rss/news/"; channels = [ "#snews" ]; };
- schallurauch = { feed ="http://feeds.feedburner.com/SchallUndRauch"; channels = [ "#snews" ]; };
- sciencemag = { feed ="http://news.sciencemag.org/rss/current.xml"; channels = [ "#snews" ]; };
- scmp = { feed ="http://www.scmp.com/rss/91/feed"; channels = [ "#snews" ]; };
- sec-db = { feed ="http://feeds.security-database.com/SecurityDatabaseToolsWatch"; channels = [ "#snews" ]; };
- shackspace = { feed ="http://shackspace.de/atom.xml"; channels = [ "#snews" "#news" ]; };
- shz_news = { feed ="http://www.shz.de/nachrichten/newsticker/rss"; channels = [ "#snews" ]; };
- sky_busi = { feed ="http://feeds.skynews.com/feeds/rss/business.xml"; channels = [ "#snews" ]; };
- sky_pol = { feed ="http://feeds.skynews.com/feeds/rss/politics.xml"; channels = [ "#snews" ]; };
- sky_strange = { feed ="http://feeds.skynews.com/feeds/rss/strange.xml"; channels = [ "#snews" ]; };
- sky_tech = { feed ="http://feeds.skynews.com/feeds/rss/technology.xml"; channels = [ "#snews" ]; };
- sky_world = { feed ="http://feeds.skynews.com/feeds/rss/world.xml"; channels = [ "#snews" ]; };
- slashdot = { feed ="http://rss.slashdot.org/Slashdot/slashdot"; channels = [ "#snews" ]; };
- slate = { feed ="http://feeds.slate.com/slate"; channels = [ "#snews" ]; };
- spiegel_eil = { feed ="http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss"; channels = [ "#snews" ]; };
- spiegel_top = { feed ="http://www.spiegel.de/schlagzeilen/tops/index.rss"; channels = [ "#snews" ]; };
- standardmedia_ke = { feed ="http://www.standardmedia.co.ke/rss/headlines.php"; channels = [ "#snews" ]; };
- stern = { feed ="http://www.stern.de/feed/standard/all/"; channels = [ "#snews" ]; };
- stz = { feed ="http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed"; channels = [ "#snews" ]; };
- sz_politik = { feed ="http://rss.sueddeutsche.de/rss/Politik"; channels = [ "#snews" ]; };
- sz_wirtschaft = { feed ="http://rss.sueddeutsche.de/rss/Wirtschaft"; channels = [ "#snews" ]; };
- sz_wissen = { feed ="http://rss.sueddeutsche.de/rss/Wissen"; channels = [ "#snews" ]; };
- tagesschau = { feed ="http://www.tagesschau.de/newsticker.rdf"; channels = [ "#snews" ]; };
- taz = { feed ="http://taz.de/Themen-des-Tages/!p15;rss/"; channels = [ "#snews" ]; };
- telegraph = { feed ="http://www.telegraph.co.uk/rss.xml"; channels = [ "#snews" ]; };
- telepolis = { feed ="http://www.heise.de/tp/rss/news-atom.xml"; channels = [ "#snews" ]; };
- the_insider = { feed ="http://www.theinsider.org/rss/news/headlines-xml.asp"; channels = [ "#snews" ]; };
- tigsource = { feed ="http://www.tigsource.com/feed/"; channels = [ "#snews" ]; };
- tinc = { feed ="http://tinc-vpn.org/news/index.rss"; channels = [ "#snews" "#news" ]; };
- torr_bits = { feed ="http://feeds.feedburner.com/TorrentfreakBits"; channels = [ "#snews" ]; };
- torrentfreak = { feed ="http://feeds.feedburner.com/Torrentfreak"; channels = [ "#snews" ]; };
- torr_news = { feed ="http://feed.torrentfreak.com/Torrentfreak/"; channels = [ "#snews" ]; };
- travel_warnings = { feed ="http://feeds.travel.state.gov/ca/travelwarnings-alerts"; channels = [ "#snews" ]; };
- un_afr = { feed ="http://www.un.org/apps/news/rss/rss_africa.asp"; channels = [ "#snews" ]; };
- un_am = { feed ="http://www.un.org/apps/news/rss/rss_americas.asp"; channels = [ "#snews" ]; };
- un_eu = { feed ="http://www.un.org/apps/news/rss/rss_europe.asp"; channels = [ "#snews" ]; };
- un_me = { feed ="http://www.un.org/apps/news/rss/rss_mideast.asp"; channels = [ "#snews" ]; };
- un_pac = { feed ="http://www.un.org/apps/news/rss/rss_asiapac.asp"; channels = [ "#snews" ]; };
- un_top = { feed ="http://www.un.org/apps/news/rss/rss_top.asp"; channels = [ "#snews" ]; };
- us_math_society = { feed ="http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1"; channels = [ "#snews" ]; };
- vimperator = { feed ="https://sites.google.com/a/vimperator.org/www/blog/posts.xml"; channels = [ "#snews" "#news" ]; };
- weechat = { feed ="http://dev.weechat.org/feed/atom"; channels = [ "#snews" "#news" ]; };
- xkcd = { feed ="https://xkcd.com/rss.xml"; channels = [ "#snews" "#news" ]; };
- zdnet = { feed ="http://www.zdnet.com/news/rss.xml"; channels = [ "#snews" ]; };
+ controller = {
+ nick = "brockman";
+ channels = [ "#all" ];
};
+ bots = {};
};
};
+
+ krebs.reaktor2.news = {
+ hostname = "localhost";
+ port = "6667";
+ nick = "brockman-helper";
+ plugins = [
+ {
+ plugin = "register";
+ config = {
+ channels = [
+ "#all"
+ "#aluhut"
+ "#news"
+ ];
+ };
+ }
+ {
+ plugin = "system";
+ config = {
+ hooks.PRIVMSG = [
+ {
+ activate = "match";
+ pattern = "^brockman-helper:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$";
+ command = 1;
+ arguments = [2];
+ commands = {
+ add-reddit.filename = pkgs.writeDash "add-reddit" ''
+ set -euf
+ if [ "$#" -ne 1 ]; then
+ echo 'usage: brockman-helper: add-reddit $reddit_channel'
+ exit 1
+ fi
+ reddit_channel=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
+ echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Telegram&username=$reddit_channel&format=Mrss"
+ '';
+ add-telegram.filename = pkgs.writeDash "add-telegram" ''
+ set -euf
+ if [ "$#" -ne 1 ]; then
+ echo 'usage: brockman-helper: add-telegram $telegram_user'
+ exit 1
+ fi
+ telegram_user=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
+ echo "brockman: add t_$telegram_user http://rss.r/?action=display&bridge=Telegram&username=$telegram_user&format=Mrss"
+ '';
+ add-youtube.filename = pkgs.writeDash "add-youtube" ''
+ set -euf
+ if [ "$#" -ne 1 ]; then
+ echo 'usage: brockman-helper: add-youtube $nick $channelid'
+ exit 1
+ fi
+ youtube_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
+ youtube_id=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][1]')
+ echo "brockman: add yt_$youtube_nick http://rss.r/?action=display&bridge=Youtube&context=By+channel+id&c=$youtube_id&duration_min=&duration_max=&format=Mrss"
+ '';
+ search.filename = pkgs.writeDash "search" ''
+ set -euf
+ if [ "$#" -ne 1 ]; then
+ echo 'usage: brockman-helper: search $searchterm'
+ exit 1
+ fi
+ searchterm=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
+ ${pkgs.curl}/bin/curl -Ss "https://feedsearch.dev/api/v1/search?url=$searchterm&info=true&favicon=false" |
+ ${pkgs.jq}/bin/jq '.[].url'
+ '';
+ };
+ }
+ ];
+ };
+ }
+ ];
+ };
}
diff --git a/krebs/2configs/syncthing.nix b/krebs/2configs/syncthing.nix
new file mode 100644
index 000000000..31e33ad5e
--- /dev/null
+++ b/krebs/2configs/syncthing.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }: with import <stockholm/lib>; let
+ mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
+
+ all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
+ used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders));
+ used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
+in {
+ services.syncthing = {
+ enable = true;
+ configDir = "/var/lib/syncthing";
+ declarative = {
+ devices = mk_peers used_peers;
+ };
+ };
+}
diff --git a/krebs/3modules/bindfs.nix b/krebs/3modules/bindfs.nix
new file mode 100644
index 000000000..7e3730e86
--- /dev/null
+++ b/krebs/3modules/bindfs.nix
@@ -0,0 +1,61 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }:
+let
+ cfg = config.krebs.bindfs;
+in {
+ options.krebs.bindfs = mkOption {
+ type = types.attrsOf (types.submodule ({ config, ... }: {
+ options = {
+ target = mkOption {
+ description = ''
+ destination where bindfs mounts to.
+ second positional argument to bindfs.
+ '';
+ default = config._module.args.name;
+ type = types.absolute-pathname;
+ };
+ source = mkOption {
+ description = ''
+ source folder where the mounted directory is originally.
+ first positional argument to bindfs.
+ '';
+ type = types.absolute-pathname;
+ };
+ options = mkOption {
+ description = ''
+ additional arguments to bindfs
+ '';
+ type = types.listOf types.str;
+ default = [];
+ };
+ clearTarget = mkOption {
+ description = ''
+ whether to clear the target folder before mounting
+ '';
+ type = types.bool;
+ default = false;
+ };
+ };
+ }));
+ default = {};
+ };
+
+ config = mkIf (cfg != {}) {
+ systemd.services = mapAttrs' (n: mount: let
+ name = replaceStrings [ "/" ] [ "_" ] n;
+ in nameValuePair "bindfs-${name}" {
+ wantedBy = [ "local-fs.target" ];
+ path = [ pkgs.coreutils ];
+ serviceConfig = {
+ ExecStartPre = pkgs.writeDash "bindfs-init-${name}" ''
+ ${optionalString mount.clearTarget ''
+ rm -rf '${mount.target}'
+ ''}
+ mkdir -p '${mount.source}'
+ mkdir -p '${mount.target}'
+ '';
+ ExecStart = "${pkgs.bindfs}/bin/bindfs -f ${concatStringsSep " " mount.options} ${mount.source} ${mount.target}";
+ };
+ }) cfg;
+ };
+}
diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix
index 21cc14202..32aa3489b 100644
--- a/krebs/3modules/brockman.nix
+++ b/krebs/3modules/brockman.nix
@@ -1,5 +1,5 @@
-{ pkgs, lib, config, ... }:
-with lib;
+{ pkgs, config, ... }:
+with import <stockholm/lib>;
let
cfg = config.krebs.brockman;
in {
@@ -9,7 +9,12 @@ in {
};
config = mkIf cfg.enable {
- users.extraUsers.brockman.isNormalUser = false;
+ users.extraUsers.brockman = {
+ home = "/var/lib/brockman";
+ createHome = true;
+ isNormalUser = false;
+ uid = genid_uint31 "brockman";
+ };
systemd.services.brockman = {
description = "RSS to IRC broadcaster";
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 2a74adac3..e7d04ead8 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -11,6 +11,7 @@ let
./apt-cacher-ng.nix
./backup.nix
./bepasty-server.nix
+ ./bindfs.nix
./brockman.nix
./buildbot/master.nix