diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/1systems/puyak/config.nix | 2 | ||||
-rw-r--r-- | krebs/1systems/wolf/config.nix | 1 | ||||
-rw-r--r-- | krebs/2configs/exim-smarthost.nix | 1 | ||||
-rw-r--r-- | krebs/2configs/shack/prometheus/unifi.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/acl.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/iana-etc.nix | 9 | ||||
-rw-r--r-- | krebs/3modules/permown.nix | 16 | ||||
-rw-r--r-- | krebs/5pkgs/haskell/email-header.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/simple/netcup/default.nix | 2 |
9 files changed, 23 insertions, 16 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index 931ebe70b..a4f22d39c 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -113,6 +113,8 @@ ]; krebs.build.host = config.krebs.hosts.puyak; + krebs.hosts.puyak.ssh.privkey.path = <secrets/ssh.id_ed25519>; + sound.enable = false; boot = { loader.systemd-boot.enable = true; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 12ce4db3e..2415bd32f 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -51,6 +51,7 @@ in # uninteresting stuff ##################### krebs.build.host = config.krebs.hosts.wolf; + krebs.hosts.wolf.ssh.privkey.path = <secrets/ssh.id_ed25519>; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix index c2f6b4dc0..2842e10d4 100644 --- a/krebs/2configs/exim-smarthost.nix +++ b/krebs/2configs/exim-smarthost.nix @@ -42,6 +42,7 @@ in { "makefu@krebsco.de" = makefu; "spam@krebsco.de" = spam-ml; "tv@krebsco.de" = tv; + "xkey@krebsco.de" = { mail = "lennart@cope.cool"; }; # XXX These are no internet aliases # XXX exim-retiolum hosts should be able to relay to retiolum addresses "lass@retiolum" = lass; diff --git a/krebs/2configs/shack/prometheus/unifi.nix b/krebs/2configs/shack/prometheus/unifi.nix index 401ecb024..34e47add9 100644 --- a/krebs/2configs/shack/prometheus/unifi.nix +++ b/krebs/2configs/shack/prometheus/unifi.nix @@ -5,6 +5,6 @@ unifiAddress = "https://unifi.shack:8443/"; unifiInsecure = true; unifiUsername = "prometheus"; # needed manual login after setup to confirm the password - unifiPassword = lib.replaceChars ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>); + unifiPassword = lib.replaceStrings ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>); }; } diff --git a/krebs/3modules/acl.nix b/krebs/3modules/acl.nix index d23706499..05f7e824b 100644 --- a/krebs/3modules/acl.nix +++ b/krebs/3modules/acl.nix @@ -33,7 +33,7 @@ in { default = {}; }; config = { - systemd.services = lib.mapAttrs' (path: rules: lib.nameValuePair "acl-${lib.replaceChars ["/"] ["_"] path}" { + systemd.services = lib.mapAttrs' (path: rules: lib.nameValuePair "acl-${lib.replaceStrings ["/"] ["_"] path}" { wantedBy = [ "multi-user.target" ]; path = [ pkgs.acl diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix index 3195f71d9..dabe2f8aa 100644 --- a/krebs/3modules/iana-etc.nix +++ b/krebs/3modules/iana-etc.nix @@ -1,5 +1,6 @@ -{ config, pkgs, lib, ... }: -with lib; { +{ config, lib, pkgs, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; +in with lib; { options.krebs.iana-etc.services = mkOption { default = {}; @@ -7,7 +8,7 @@ with lib; { options = { port = mkOption { default = config._module.args.name; - type = types.addCheck types.str (test "[1-9][0-9]*"); + type = types.addCheck types.str (slib.test "[1-9][0-9]*"); }; } // genAttrs ["tcp" "udp"] (protocol: mkOption { default = null; @@ -30,7 +31,7 @@ with lib; { (proto: let line = "${entry.${proto}.name} ${entry.port}/${proto}"; in /* sh */ '' - echo ${shell.escape line} + echo ${slib.shell.escape line} '') (filter (proto: entry.${proto} != null) ["tcp" "udp"])} '') (attrValues config.krebs.iana-etc.services)} diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix index 3ebbc44fe..ae8702978 100644 --- a/krebs/3modules/permown.nix +++ b/krebs/3modules/permown.nix @@ -1,4 +1,6 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, ... }: let + slib = import ../../lib/pure.nix { inherit lib; }; +in with lib; { options.krebs.permown = mkOption { @@ -16,7 +18,7 @@ with lib; { group = mkOption { apply = x: if x == null then "" else x; default = null; - type = types.nullOr types.groupname; + type = types.nullOr slib.types.groupname; }; keepGoing = mkOption { default = false; @@ -28,15 +30,15 @@ with lib; { ''; }; owner = mkOption { - type = types.username; + type = slib.types.username; }; path = mkOption { default = config._module.args.name; - type = types.absolute-pathname; + type = slib.types.absolute-pathname; }; umask = mkOption { default = "0027"; - type = types.file-mode; + type = slib.types.file-mode; }; }; })); @@ -48,11 +50,11 @@ with lib; { system.activationScripts.permown = let mkdir = plan: /* sh */ '' - ${pkgs.coreutils}/bin/mkdir -p ${shell.escape plan.path} + ${pkgs.coreutils}/bin/mkdir -p ${slib.shell.escape plan.path} ''; in concatMapStrings mkdir plans; - systemd.services = genAttrs' plans (plan: let + systemd.services = slib.genAttrs' plans (plan: let continuable = command: if plan.keepGoing then /* sh */ "{ ${command}; } || :" diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix index e1e9d423f..f8ce03f39 100644 --- a/krebs/5pkgs/haskell/email-header.nix +++ b/krebs/5pkgs/haskell/email-header.nix @@ -18,9 +18,9 @@ let sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x"; }; }.${versions.majorMinor version} or { - version = "0.4.1-tv2"; + version = "0.4.2-tv1"; rev = "refs/tags/v${cfg.version}"; - sha256 = "1yg4b5318lpviwgjs4kdcqg8cwfnxxfcdckcjq12r2nnj2k4ms2d"; + sha256 = "JZfqvkbb/1t0q1iWmZHmmCN2Vr+QKTiq4LVncrG+xMU="; }; in mkDerivation { diff --git a/krebs/5pkgs/simple/netcup/default.nix b/krebs/5pkgs/simple/netcup/default.nix index 408672eff..750e9cfa9 100644 --- a/krebs/5pkgs/simple/netcup/default.nix +++ b/krebs/5pkgs/simple/netcup/default.nix @@ -3,7 +3,7 @@ with stockholm.lib; let readJSON = path: fromJSON (readFile path); - sed.escape = replaceChars ["/"] ["\\/"]; # close enough + sed.escape = replaceStrings ["/"] ["\\/"]; # close enough PATH = makeBinPath [ coreutils curl |