diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/tv/default.nix | 26 | ||||
-rw-r--r-- | krebs/5pkgs/simple/git-hooks/default.nix | 7 | ||||
-rw-r--r-- | krebs/5pkgs/simple/qrscan.nix | 26 |
3 files changed, 21 insertions, 38 deletions
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index e096118c6..965505a75 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -1,11 +1,13 @@ -with import <stockholm/lib>; +with import ../../../lib; { config, ... }: let - hostDefaults = hostName: host: foldl' recursiveUpdate {} [ + evalHost = hostName: hostConfig: evalSubmodule types.host [ + hostConfig { + name = hostName; owner = config.krebs.users.tv; } - (optionalAttrs (host.nets?retiolum) { + (optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) { nets.retiolum = { ip6.addr = (krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; @@ -23,14 +25,19 @@ with import <stockholm/lib>; wireguard.pubkey = readFile pubkey-path; }; }) - host + (host: mkIf (host.config.ssh.pubkey != null) { + ssh.privkey = mapAttrs (const mkDefault) { + path = config.krebs.secret.file "ssh.id_${host.config.ssh.privkey.type}"; + type = head (toList (match "ssh-([^ ]+) .*" host.config.ssh.pubkey)); + }; + }) ]; in { dns.providers = { "viljetic.de" = "regfish"; }; - hosts = mapAttrs hostDefaults { + hosts = mapAttrs evalHost { alnus = { ci = true; cores = 2; @@ -53,7 +60,6 @@ in { tinc.pubkey_ed25519 = "Td6pRkmSzSGVJll26rULdr6W4U87xsHZ/87NEaglW3K"; }; }; - ssh.privkey.path = config.krebs.secret.file "ssh.id_rsa"; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q=="; }; au = { @@ -79,7 +85,6 @@ in { }; }; secure = true; - ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; bu = { @@ -129,7 +134,6 @@ in { }; }; secure = true; - ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO+Rrf9tvuusYlnSZwUiHS4O+AhrpVZ/6n7peSRKojTc root@hu"; }; mu = { @@ -154,7 +158,6 @@ in { tinc.pubkey_ed25519 = "cEf/Kq/2Fo70yoIcVmhIp4it9eA7L3GdkgrVE9AWU6C"; }; }; - ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1vJsAddvxMA84u9iJEOrIkKn7pQiemMbfW5cfK1d7g root@mu"; }; ni = { @@ -234,7 +237,6 @@ in { }; }; secure = true; - ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIHmwXHV7E9UGuk4voVCADjlLkyygqNw054jvrsPn5t root@nomic"; }; wu = { @@ -261,7 +263,6 @@ in { }; }; secure = true; - ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa"; }; querel = { @@ -290,7 +291,6 @@ in { ''; }; }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPFM2GdL9yOjSBmYBE07ClywNOADc/zxqXwZuWd7Mael root@querel.r"; }; xu = { @@ -321,7 +321,6 @@ in { }; }; secure = true; - ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnjfceKuHNQu7S4eYFN1FqgzMqiL7haNZMh2ZLhvuhK root@xu"; }; zu = { @@ -346,7 +345,6 @@ in { }; }; secure = true; - ssh.privkey.path = <secrets/ssh.id_rsa>; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu"; }; umz = { diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix index c9dcc7541..13fe7aa67 100644 --- a/krebs/5pkgs/simple/git-hooks/default.nix +++ b/krebs/5pkgs/simple/git-hooks/default.nix @@ -96,7 +96,12 @@ with stockholm.lib; #$host $GIT_SSH_REPO $ref $link add_message $(pink push) $link $(gray "($receive_mode)") - ${optionalString verbose /* sh */ '' + ${optionalString (verbose == false || typeOf verbose == "set") /* sh */ '' + ${optionalString (verbose.exclude or [] != []) /* sh */ '' + case $ref in (${concatStringsSep "|" verbose.exclude}) + continue + esac + ''} add_message "$( git log \ --format="$(orange %h) %s $(gray '(%ar)')" \ diff --git a/krebs/5pkgs/simple/qrscan.nix b/krebs/5pkgs/simple/qrscan.nix index 7d99dcee7..df9a98053 100644 --- a/krebs/5pkgs/simple/qrscan.nix +++ b/krebs/5pkgs/simple/qrscan.nix @@ -1,27 +1,7 @@ -{ coreutils, gnused, writeDashBin, zbar }: +{ pkgs }: -writeDashBin "qrscan" '' +pkgs.writeDashBin "qrscan" '' set -efu - tmpdir=$(${coreutils}/bin/mktemp --tmpdir -d qrscan.XXXXXXXX) - codefile=$tmpdir/code - - cleanup() { - ${coreutils}/bin/rm "$codefile" - ${coreutils}/bin/rmdir "$tmpdir" - } - - ${coreutils}/bin/mkfifo "$codefile" - - ${zbar}/bin/zbarcam > "$codefile" & - zbarcampid=$! - - exec < "$codefile" - while read -r code; do - code=$(printf %s "$code" | ${gnused}/bin/sed -n 's/^QR-Code://p') - if test -n "$code"; then - ${coreutils}/bin/kill "$zbarcampid" - echo "$code" - fi - done + ${pkgs.zbar}/bin/zbarcam -1 | ${pkgs.gnused}/bin/sed -n 's/^QR-Code://p' '' |