diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/Reaktor.nix | 20 | ||||
-rw-r--r-- | krebs/3modules/apt-cacher-ng.nix | 6 | ||||
-rw-r--r-- | krebs/3modules/bepasty-server.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/fetchWallpaper.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/git.nix | 8 | ||||
-rw-r--r-- | krebs/3modules/github-hosts-sync.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/go.nix | 5 | ||||
-rw-r--r-- | krebs/3modules/realwallpaper.nix | 10 | ||||
-rw-r--r-- | krebs/3modules/retiolum.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/tinc_graphs.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/urlwatch.nix | 5 | ||||
-rw-r--r-- | krebs/4lib/default.nix | 3 | ||||
-rw-r--r-- | krebs/4lib/genid.nix | 37 | ||||
-rw-r--r-- | krebs/5pkgs/genid/default.nix | 22 |
14 files changed, 64 insertions, 68 deletions
diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index 1ec49b81e..0fca52203 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -1,19 +1,8 @@ -{ config, pkgs,lib, ... }: - +{ config, lib, pkgs, ... }: +with lib; let - inherit (lib) - mkIf - mkOption - types - singleton - isString - optionalString - concatStrings - escapeShellArg - ; - ReaktorConfig = pkgs.writeText "config.py" '' ${if (isString cfg.overrideConfig ) then '' # Overriden Config @@ -86,10 +75,9 @@ let imp = { # for reaktor get-config - users.extraUsers = singleton { + users.extraUsers = singleton rec { name = "Reaktor"; - # uid = config.ids.uids.Reaktor; - uid = 2066439104; #genid Reaktor + uid = genid name; description = "Reaktor user"; home = "/var/lib/Reaktor"; createHome = true; diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix index 75296bafb..371d39b6f 100644 --- a/krebs/3modules/apt-cacher-ng.nix +++ b/krebs/3modules/apt-cacher-ng.nix @@ -119,16 +119,14 @@ let imp = { users.extraUsers.acng = { - # uid = config.ids.uids.acng; - uid = 897955083; #genid Reaktor + uid = genid "acng"; description = "apt-cacher-ng"; home = acng-home; createHome = false; }; users.extraGroups.acng = { - gid = 897955083; #genid Reaktor - # gid = config.ids.gids.Reaktor; + gid = genid "acng"; }; systemd.services.apt-cacher-ng = { diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index c99c3d11a..e74841205 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -130,12 +130,12 @@ let ) cfg.servers; users.extraUsers.bepasty = { - uid = 2796546855; #genid bepasty + uid = genid "bepasty"; group = "bepasty"; home = "/var/lib/bepasty-server"; }; users.extraGroups.bepasty = { - gid = 2796546855; #genid bepasty + gid = genid "bepasty"; }; }; diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 83ecf4177..f320c7505 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -51,7 +51,7 @@ let imp = { users.users.fetchWallpaper = { name = "fetchWallpaper"; - uid = 3332383611; #genid fetchWallpaper + uid = genid "fetchWallpaper"; description = "fetchWallpaper user"; home = cfg.stateDir; createHome = true; diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 234129497..e6267d7e6 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -145,14 +145,14 @@ let ]) (filter (x: hasAttr "allow-receive-ref" x.perm) cfg.rules)); }; - users.extraUsers = singleton { + users.extraUsers = singleton rec { description = "Git repository hosting user"; name = "git"; shell = "/bin/sh"; openssh.authorizedKeys.keys = mapAttrsToList (_: makeAuthorizedKey git-ssh-command) config.krebs.users; - uid = 129318403; # genid git + uid = genid name; }; }; @@ -238,9 +238,9 @@ let }; }; - fcgitwrap-user = { + fcgitwrap-user = rec { name = "fcgiwrap"; - uid = 2867890860; # genid fcgiwrap + uid = genid name; group = "fcgiwrap"; }; diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 5503ee8d6..2aa18d53a 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -56,9 +56,9 @@ let }; }; - user = { + user = rec { name = "github-hosts-sync"; - uid = 3220554646; # genid github-hosts-sync + uid = genid name; }; # TODO move to lib? diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 793d1f60d..08a93dab7 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: -with builtins; with lib; let @@ -31,9 +30,9 @@ let bind = mkDefault "127.0.0.1"; }; - users.extraUsers.go = { + users.extraUsers.go = rec { name = "go"; - uid = 42774411; #genid go + uid = genid name; description = "go url shortener user"; home = "/var/lib/go"; createHome = true; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index 7e02538f5..b377368f7 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -1,13 +1,7 @@ arg@{ config, lib, pkgs, ... }: +with lib; let - inherit (lib) - mkEnableOption - mkOption - types - mkIf - ; - cfg = config.krebs.realwallpaper; out = { @@ -89,7 +83,7 @@ let }; users.extraUsers.realwallpaper = { - uid = 2009435407; #genid realwallpaper + uid = genid "realwallpaper"; home = cfg.workingDir; createHome = true; }; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 28ac67306..e0e2692a8 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -133,9 +133,9 @@ let }; }; - user = { + user = rec { name = "retiolum"; - uid = 301281149; # genid retiolum + uid = genid name; }; tinc = cfg.tincPackage; diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index ba81dd416..1f32c2e59 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -120,7 +120,7 @@ let }; users.extraUsers.tinc_graphs = { - uid = 3925439960; #genid tinc_graphs + uid = genid "tinc_graphs"; home = "/var/spool/tinc_graphs"; }; diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 206bc5697..31cbfcf6e 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -5,7 +5,6 @@ # cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}" # TODO hooks.py -with builtins; with lib; let cfg = config.krebs.urlwatch; @@ -136,9 +135,9 @@ let }; }; - user = { + user = rec { name = "urlwatch"; - uid = 3467631196; # genid urlwatch + uid = genid name; }; in out diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix index 1cabeae27..dfc51bbe4 100644 --- a/krebs/4lib/default.nix +++ b/krebs/4lib/default.nix @@ -7,6 +7,8 @@ let out = rec { eq = x: y: x == y; + mod = x: y: x - y * (x / y); + addName = name: set: set // { inherit name; }; @@ -17,6 +19,7 @@ let out = rec { dir.has-default-nix = path: pathExists (path + "/default.nix"); dns = import ./dns.nix { inherit lib; }; + genid = import ./genid.nix { lib = lib // out; }; git = import ./git.nix { lib = lib // out; }; listset = import ./listset.nix { inherit lib; }; shell = import ./shell.nix { inherit lib; }; diff --git a/krebs/4lib/genid.nix b/krebs/4lib/genid.nix new file mode 100644 index 000000000..0aed1d351 --- /dev/null +++ b/krebs/4lib/genid.nix @@ -0,0 +1,37 @@ +{ lib, ... }: +with lib; +with builtins; +let out = genid; + + # id = genid s = (hash s + min) % max + # min <= genid s < max + # + # min = 2^24 = 16777216 = 0x001000000 + # max = 2^32 = 4294967296 = 0x100000000 + # + # id is bigger than UID of nobody and GID of nogroup + # see <nixos/modules/misc/ids.nix> and some spare for stuff like lxd. + # + # :: str -> uint32 + genid = s: sum16 (addmod16_16777216 (hash s)); + + # :: str -> list8 uint4 + hash = s: + map hexint (stringToCharacters (substring 32 8 (hashString "sha1" s))); + + # :: list uint -> uint + sum16 = foldl (a: i: a * 16 + i) 0; + + # :: list8 uint4 -> list1 uint8 ++ list6 uint4 + addmod16_16777216 = x: let + a = 16 * head x + head (tail x); + d = tail (tail x); + in [(mod (a + 1) 256)] ++ d; + + # :: char -> uint4 + hexint = x: hexvals.${toLower x}; + + # :: attrset char uint4 + hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; }) + (stringToCharacters "0123456789abcdef")); +in out diff --git a/krebs/5pkgs/genid/default.nix b/krebs/5pkgs/genid/default.nix deleted file mode 100644 index c75bec317..000000000 --- a/krebs/5pkgs/genid/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ lib, pkgs, ... }: - -pkgs.writeScriptBin "genid" '' - #! /bin/sh - # usage: genid NAME - set -euf - - export PATH=${lib.makeSearchPath "bin" (with pkgs; [ - bc - coreutils - ])} - - name=$1 - hash=$(printf %s "$name" | sha1sum | cut -d\ -f1 | tr a-f A-F) - echo " - min=2^24 # bigger than nobody and nogroup, see <nixos/modules/misc/ids.nix> - # and some spare for stuff like lxd. - max=2^32 # see 2^(8*sizeof(uid_t)) - ibase=16 - ($hash + min) % max - " | bc -'' |