diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/3modules/default.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/lass/default.nix | 30 | ||||
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 26 | ||||
| -rw-r--r-- | krebs/3modules/tinc.nix (renamed from krebs/3modules/retiolum.nix) | 48 | ||||
| -rw-r--r-- | krebs/5pkgs/Reaktor/scripts/sed-plugin.py | 18 | ||||
| -rw-r--r-- | krebs/5pkgs/goify/default.nix | 15 | ||||
| -rw-r--r-- | krebs/5pkgs/haskell-overrides/news.nix | 18 | ||||
| -rw-r--r-- | krebs/5pkgs/weechat/default.nix | 4 |
8 files changed, 118 insertions, 43 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index daa963bc8..227eb209b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -34,10 +34,10 @@ let ./Reaktor.nix ./realwallpaper.nix ./retiolum-bootstrap.nix - ./retiolum.nix ./rtorrent.nix ./secret.nix ./setuid.nix + ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix ./repo-sync.nix diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ec5811d86..b86e05319 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -10,7 +10,7 @@ with import <stockholm/lib>; internet = { ip4.addr = "144.76.172.188"; aliases = [ - "dishfire.internet" + "dishfire.i" ]; ssh.port = 45621; }; @@ -42,7 +42,7 @@ with import <stockholm/lib>; internet = { ip4.addr = "104.233.79.118"; aliases = [ - "echelon.internet" + "echelon.i" ]; ssh.port = 45621; }; @@ -82,9 +82,8 @@ with import <stockholm/lib>; internet = { ip4.addr = "213.239.205.240"; aliases = [ - "prism.internet" + "prism.i" "paste.i" - "paste.internet" ]; ssh.port = 45621; }; @@ -132,7 +131,7 @@ with import <stockholm/lib>; internet = { ip4.addr = "104.167.113.104"; aliases = [ - "cloudkrebs.internet" + "cloudkrebs.i" ]; ssh.port = 45621; }; @@ -302,6 +301,27 @@ with import <stockholm/lib>; iso = { cores = 1; }; + sokrateslaptop = { + nets = { + retiolum = { + ip4.addr = "10.243.142.104"; + ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc"; + aliases = [ + "sokrateslaptop.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 + t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ + rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW + egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 + aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V + VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { lass = { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 650344981..33202d0ab 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -26,6 +26,31 @@ with import <stockholm/lib>; }; }; }; + studio = rec { + cores = 4; + ssh.privkey.path = <secrets/ssh_host_ed25519_key>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; + nets = { + retiolum = { + ip4.addr = "10.243.227.163"; + ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6"; + aliases = [ + "studio.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti + cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk + GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI + jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1 + 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu + 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + fileleech = rec { cores = 4; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; @@ -449,6 +474,7 @@ with import <stockholm/lib>; nets = rec { internet = { ip4.addr = "188.68.40.19"; + ip6.addr = "2a03:4000:17:2df::1"; aliases = [ "gum.i" ]; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/tinc.nix index 0a3d7ed2f..8af15c13b 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/tinc.nix @@ -17,6 +17,27 @@ let in { enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + enableLegacy = mkEnableOption "/etc/tinc/${netname}"; + + confDir = mkOption { + type = types.package; + default = pkgs.linkFarm "${netname}-etc-tinc" + (mapAttrsToList (name: path: { inherit name path; }) { + "hosts" = tinc.config.hostsPackage; + "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' + Name = ${tinc.config.host.name} + Interface = ${netname} + ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} + PrivateKeyFile = ${tinc.config.privkey.path} + Port = ${toString tinc.config.host.nets.${netname}.tinc.port} + ${tinc.config.extraConfig} + ''; + "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' + ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ${tinc.config.tincUp} + ''; + }); + }; host = mkOption { type = types.host; @@ -175,29 +196,16 @@ let } ) config.krebs.tinc; + environment.etc = mapAttrs' (netname: cfg: + nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy { + source = cfg.confDir; + }) + ) config.krebs.tinc; + systemd.services = mapAttrs (netname: cfg: let tinc = cfg.tincPackage; iproute = cfg.iproutePackage; - - confDir = let - namePathPair = name: path: { inherit name path; }; - in pkgs.linkFarm "${netname}-etc-tinc" (mapAttrsToList namePathPair { - "hosts" = cfg.hostsPackage; - "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" '' - Name = ${cfg.host.name} - Interface = ${netname} - ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)} - PrivateKeyFile = ${cfg.privkey.path} - Port = ${toString cfg.host.nets.${cfg.netname}.tinc.port} - ${cfg.extraConfig} - ''; - "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${iproute}/sbin/ip link set ${netname} up - ${cfg.tincUp} - ''; - } - ); in { description = "Tinc daemon for ${netname}"; after = [ "network.target" ]; @@ -206,7 +214,7 @@ let path = [ tinc iproute ]; serviceConfig = rec { Restart = "always"; - ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; + ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; SyslogIdentifier = netname; }; } diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py index 22b48e59d..da8e2f726 100644 --- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py @@ -3,15 +3,17 @@ # Usage: # _from=krebs state_dir=. python sed-plugin.py 'dick butt' # _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' -## dick bull +# > dick bull import shelve from os import environ from os.path import join from sys import argv -d = shelve.open(join(environ['state_dir'],'sed-plugin.shelve'),writeback=True) -usr = environ['_from'] import re +d = shelve.open(join(environ['state_dir'], 'sed-plugin.shelve'), writeback=True) +usr = environ['_from'] + + def is_regex(line): myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') return myre.match(line) @@ -19,15 +21,15 @@ def is_regex(line): line = argv[1] if is_regex(line): - last = d.get(usr,None) + last = d.get(usr, None) if last: - from subprocess import Popen,PIPE - p = Popen(['sed',line],stdin=PIPE,stdout=PIPE) - so,se = p.communicate(bytes("{}\n".format(last),"UTF-8")) + from subprocess import Popen, PIPE + p = Popen(['sed', line], stdin=PIPE, stdout=PIPE) + so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) if p.returncode: print("something went wrong when trying to process your regex: {}".format(se.decode())) ret = so.decode() - print("\x1b[1m{}\x1b[0m meinte: {}".format(usr,ret.strip())) + print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) if ret: d[usr] = ret diff --git a/krebs/5pkgs/goify/default.nix b/krebs/5pkgs/goify/default.nix index e2849b5c7..9c44aaeeb 100644 --- a/krebs/5pkgs/goify/default.nix +++ b/krebs/5pkgs/goify/default.nix @@ -1,17 +1,18 @@ { pkgs, ... }: -pkgs.writeDashBin "goify" '' +pkgs.writeBashBin "goify" '' set -euf GO_HOST=''${GO_HOST:-go} while read line; do - echo "$line" | sed -E 's|https?://\S*|\n&\n|g' | while read word; do - if echo "$word" | grep -Eq ^https?:; then - ${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" | tr -d '\r' + echo "$line" | sed 's|https\?://\S*|\n&\n|g' | while read word; do + if echo "$word" | grep -q '^https\?:'; then + ${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" \ + | tr -d '\r' else - echo "$word"; - fi; - done | sed '/^$/d' | tr '\n' ' '; echo; + echo "$word" + fi + done | grep . | tr '\n' ' '; echo done '' diff --git a/krebs/5pkgs/haskell-overrides/news.nix b/krebs/5pkgs/haskell-overrides/news.nix new file mode 100644 index 000000000..ba5e7a5e1 --- /dev/null +++ b/krebs/5pkgs/haskell-overrides/news.nix @@ -0,0 +1,18 @@ +{ mkDerivation, base, bloomfilter, bytestring, feed, fetchgit, lens +, stdenv, wreq +}: +mkDerivation { + pname = "news"; + version = "1.0.0"; + src = fetchgit { + url = "http://cgit.lassul.us/news"; + sha256 = "1n3ffr2a5irr5aly0y7qsafag3kxvyyh077ayk0vdwbd0s9hvnjs"; + rev = "c3eb2c0a1a34fc41e18d0bc99b1c4dc73aa6eb20"; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + base bloomfilter bytestring feed lens wreq + ]; + license = stdenv.lib.licenses.mit; +} diff --git a/krebs/5pkgs/weechat/default.nix b/krebs/5pkgs/weechat/default.nix index f5dc6a8d4..c703ca8bf 100644 --- a/krebs/5pkgs/weechat/default.nix +++ b/krebs/5pkgs/weechat/default.nix @@ -21,12 +21,12 @@ let in stdenv.mkDerivation rec { - version = "1.7.1"; + version = "1.8"; name = "weechat-${version}"; src = fetchurl { url = "http://weechat.org/files/src/weechat-${version}.tar.bz2"; - sha256 = "1020m1lsm8lg9n0dlxgp2wbn9b0r11g8r0namnzi2x6gvxn7iyf0"; + sha256 = "10km0437lg9ms6f16h20s89l2w9f9g597rykybxb16s95ql48z08"; }; outputs = [ "out" "doc" ]; |