summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/puyak/config.nix2
-rw-r--r--krebs/1systems/wolf/config.nix1
-rw-r--r--krebs/2configs/exim-smarthost.nix1
-rw-r--r--krebs/2configs/shack/prometheus/unifi.nix2
-rw-r--r--krebs/3modules/acl.nix2
-rw-r--r--krebs/3modules/iana-etc.nix9
-rw-r--r--krebs/3modules/permown.nix16
-rw-r--r--krebs/5pkgs/haskell/email-header.nix4
-rw-r--r--krebs/5pkgs/simple/netcup/default.nix2
9 files changed, 23 insertions, 16 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 931ebe70b..a4f22d39c 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -113,6 +113,8 @@
];
krebs.build.host = config.krebs.hosts.puyak;
+ krebs.hosts.puyak.ssh.privkey.path = <secrets/ssh.id_ed25519>;
+
sound.enable = false;
boot = {
loader.systemd-boot.enable = true;
diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 12ce4db3e..2415bd32f 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -51,6 +51,7 @@ in
# uninteresting stuff
#####################
krebs.build.host = config.krebs.hosts.wolf;
+ krebs.hosts.wolf.ssh.privkey.path = <secrets/ssh.id_ed25519>;
boot.initrd.availableKernelModules = [
"ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk"
diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
index c2f6b4dc0..2842e10d4 100644
--- a/krebs/2configs/exim-smarthost.nix
+++ b/krebs/2configs/exim-smarthost.nix
@@ -42,6 +42,7 @@ in {
"makefu@krebsco.de" = makefu;
"spam@krebsco.de" = spam-ml;
"tv@krebsco.de" = tv;
+ "xkey@krebsco.de" = { mail = "lennart@cope.cool"; };
# XXX These are no internet aliases
# XXX exim-retiolum hosts should be able to relay to retiolum addresses
"lass@retiolum" = lass;
diff --git a/krebs/2configs/shack/prometheus/unifi.nix b/krebs/2configs/shack/prometheus/unifi.nix
index 401ecb024..34e47add9 100644
--- a/krebs/2configs/shack/prometheus/unifi.nix
+++ b/krebs/2configs/shack/prometheus/unifi.nix
@@ -5,6 +5,6 @@
unifiAddress = "https://unifi.shack:8443/";
unifiInsecure = true;
unifiUsername = "prometheus"; # needed manual login after setup to confirm the password
- unifiPassword = lib.replaceChars ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>);
+ unifiPassword = lib.replaceStrings ["\n"] [""] (builtins.readFile <secrets/shack/unifi-prometheus-pw>);
};
}
diff --git a/krebs/3modules/acl.nix b/krebs/3modules/acl.nix
index d23706499..05f7e824b 100644
--- a/krebs/3modules/acl.nix
+++ b/krebs/3modules/acl.nix
@@ -33,7 +33,7 @@ in {
default = {};
};
config = {
- systemd.services = lib.mapAttrs' (path: rules: lib.nameValuePair "acl-${lib.replaceChars ["/"] ["_"] path}" {
+ systemd.services = lib.mapAttrs' (path: rules: lib.nameValuePair "acl-${lib.replaceStrings ["/"] ["_"] path}" {
wantedBy = [ "multi-user.target" ];
path = [
pkgs.acl
diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix
index 3195f71d9..dabe2f8aa 100644
--- a/krebs/3modules/iana-etc.nix
+++ b/krebs/3modules/iana-etc.nix
@@ -1,5 +1,6 @@
-{ config, pkgs, lib, ... }:
-with lib; {
+{ config, lib, pkgs, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
+in with lib; {
options.krebs.iana-etc.services = mkOption {
default = {};
@@ -7,7 +8,7 @@ with lib; {
options = {
port = mkOption {
default = config._module.args.name;
- type = types.addCheck types.str (test "[1-9][0-9]*");
+ type = types.addCheck types.str (slib.test "[1-9][0-9]*");
};
} // genAttrs ["tcp" "udp"] (protocol: mkOption {
default = null;
@@ -30,7 +31,7 @@ with lib; {
(proto: let
line = "${entry.${proto}.name} ${entry.port}/${proto}";
in /* sh */ ''
- echo ${shell.escape line}
+ echo ${slib.shell.escape line}
'')
(filter (proto: entry.${proto} != null) ["tcp" "udp"])}
'') (attrValues config.krebs.iana-etc.services)}
diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix
index 3ebbc44fe..ae8702978 100644
--- a/krebs/3modules/permown.nix
+++ b/krebs/3modules/permown.nix
@@ -1,4 +1,6 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, lib, ... }: let
+ slib = import ../../lib/pure.nix { inherit lib; };
+in
with lib; {
options.krebs.permown = mkOption {
@@ -16,7 +18,7 @@ with lib; {
group = mkOption {
apply = x: if x == null then "" else x;
default = null;
- type = types.nullOr types.groupname;
+ type = types.nullOr slib.types.groupname;
};
keepGoing = mkOption {
default = false;
@@ -28,15 +30,15 @@ with lib; {
'';
};
owner = mkOption {
- type = types.username;
+ type = slib.types.username;
};
path = mkOption {
default = config._module.args.name;
- type = types.absolute-pathname;
+ type = slib.types.absolute-pathname;
};
umask = mkOption {
default = "0027";
- type = types.file-mode;
+ type = slib.types.file-mode;
};
};
}));
@@ -48,11 +50,11 @@ with lib; {
system.activationScripts.permown = let
mkdir = plan: /* sh */ ''
- ${pkgs.coreutils}/bin/mkdir -p ${shell.escape plan.path}
+ ${pkgs.coreutils}/bin/mkdir -p ${slib.shell.escape plan.path}
'';
in concatMapStrings mkdir plans;
- systemd.services = genAttrs' plans (plan: let
+ systemd.services = slib.genAttrs' plans (plan: let
continuable = command:
if plan.keepGoing
then /* sh */ "{ ${command}; } || :"
diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix
index e1e9d423f..f8ce03f39 100644
--- a/krebs/5pkgs/haskell/email-header.nix
+++ b/krebs/5pkgs/haskell/email-header.nix
@@ -18,9 +18,9 @@ let
sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
};
}.${versions.majorMinor version} or {
- version = "0.4.1-tv2";
+ version = "0.4.2-tv1";
rev = "refs/tags/v${cfg.version}";
- sha256 = "1yg4b5318lpviwgjs4kdcqg8cwfnxxfcdckcjq12r2nnj2k4ms2d";
+ sha256 = "JZfqvkbb/1t0q1iWmZHmmCN2Vr+QKTiq4LVncrG+xMU=";
};
in mkDerivation {
diff --git a/krebs/5pkgs/simple/netcup/default.nix b/krebs/5pkgs/simple/netcup/default.nix
index 408672eff..750e9cfa9 100644
--- a/krebs/5pkgs/simple/netcup/default.nix
+++ b/krebs/5pkgs/simple/netcup/default.nix
@@ -3,7 +3,7 @@ with stockholm.lib;
let
readJSON = path: fromJSON (readFile path);
- sed.escape = replaceChars ["/"] ["\\/"]; # close enough
+ sed.escape = replaceStrings ["/"] ["\\/"]; # close enough
PATH = makeBinPath [
coreutils
curl