diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/1systems/filebitch/hardware-configuration.nix | 28 | ||||
| -rw-r--r-- | krebs/1systems/hotdog/config.nix | 1 | ||||
| -rw-r--r-- | krebs/2configs/default.nix | 1 | ||||
| -rw-r--r-- | krebs/2configs/nscd-fix.nix | 24 | ||||
| -rw-r--r-- | krebs/2configs/reaktor2.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/external/default.nix | 143 | ||||
| -rw-r--r-- | krebs/3modules/github-hosts-sync.nix | 4 | ||||
| -rw-r--r-- | krebs/3modules/jeschli/default.nix | 3 | ||||
| -rw-r--r-- | krebs/5pkgs/haskell/reaktor2/default.nix (renamed from krebs/5pkgs/haskell/reaktor2.nix) | 8 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/alertmanager-bot-telegram/default.nix | 2 | ||||
| -rw-r--r-- | krebs/nixpkgs-unstable.json | 6 | ||||
| -rw-r--r-- | krebs/nixpkgs.json | 6 | ||||
| -rwxr-xr-x | krebs/update-nixpkgs.sh | 2 |
13 files changed, 155 insertions, 75 deletions
diff --git a/krebs/1systems/filebitch/hardware-configuration.nix b/krebs/1systems/filebitch/hardware-configuration.nix index 574618e39..1e7fa7872 100644 --- a/krebs/1systems/filebitch/hardware-configuration.nix +++ b/krebs/1systems/filebitch/hardware-configuration.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let byid = dev: "/dev/disk/by-id/" + dev; - keyFile = byid "usb-SMI_USB_DISK_AA08061700009650-0:0"; + keyFile = byid "usb-SMI_USB_DISK_AA08061700009650-0:0"; in { imports = @@ -19,7 +19,7 @@ in boot.tmpOnTmpfs = true; - boot.initrd.availableKernelModules = [ + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ohci_pci" "ehci_pci" "usb_storage" "usbhid" "sd_mod" "raid456" "usbhid" @@ -77,20 +77,18 @@ in networking.hostId = "54d97450"; # required for zfs use boot.initrd.luks.devices = let - usbkey = name: device: { - inherit name device keyFile; + usbkey = device: { + inherit device keyFile; keyFileSize = 2048; preLVM = true; }; - in [ - ((usbkey "swap" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part2")) - // { allowDiscards = true; } ) - ((usbkey "root" (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part3")) - // { allowDiscards = true; } ) - (usbkey "125" "/dev/md125") - (usbkey "126" "/dev/md126") - (usbkey "127" "/dev/md127") - ]; - - + in { + swap = ((usbkey (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part2")) + // { allowDiscards = true; } ); + root = ((usbkey (byid "ata-INTEL_SSDSA2M080G2GC_CVPO013300WD080BGN-part3")) + // { allowDiscards = true; } ); + md125 = usbkey "/dev/md125"; + md126 = usbkey "/dev/md126"; + md127 = usbkey "/dev/md127"; + }; } diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index bb84b1873..c0fa38284 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -12,7 +12,6 @@ <stockholm/krebs/2configs/buildbot-stockholm.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/ircd.nix> - <stockholm/krebs/2configs/nscd-fix.nix> <stockholm/krebs/2configs/reaktor2.nix> <stockholm/krebs/2configs/wiki.nix> ]; diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 3442272ec..f56f6045a 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -43,7 +43,6 @@ with import <stockholm/lib>; ]; }; services.cron.enable = false; - services.nscd.enable = false; services.ntp.enable = false; users.mutableUsers = false; diff --git a/krebs/2configs/nscd-fix.nix b/krebs/2configs/nscd-fix.nix deleted file mode 100644 index 8e5909e72..000000000 --- a/krebs/2configs/nscd-fix.nix +++ /dev/null @@ -1,24 +0,0 @@ -with import <stockholm/lib>; -{ pkgs, ... }: let - - enable = versionOlderThan "19.03"; - - versionOlderThan = v: - compareVersions - (versions.majorMinor version) - (versions.majorMinor v) - == -1; - - warning = '' - Using custom services.nscd.config because - https://github.com/NixOS/nixpkgs/pull/50316 - ''; - -in - optionalAttrs enable (trace warning { - services.nscd.enable = mkForce true; - services.nscd.config = mkForce (readFile (pkgs.fetchurl { - url = https://raw.githubusercontent.com/arianvp/nixpkgs/1d5f4cb/nixos/modules/services/system/nscd.conf; - sha256 = "1jlddk38lyynjn51zx3xi1nc29ahajyh0qg48qbq6dqlsrn3wxqs"; - })); - }) diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index b80198b03..473028f95 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -95,7 +95,7 @@ let } hooks.sed (generators.command_hook { - inherit (commands) hello random-emoji nixos-version stockholm-issue; + inherit (commands) hello random-emoji nixos-version; tell = { filename = "${pkgs.Reaktor.src}/reaktor/commands/tell-on_privmsg"; diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index f9a7e7f36..d4858c67f 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -197,6 +197,60 @@ in { }; }; }; + makanek = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.84"; + aliases = [ + "makanek.r" + "makanek.kmein.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAwvtxCG7Vua6+WoStGrkL+H/g4BABidL2eikDBtbxWN+oGv2Bjrwb + VzXB8lMTCsu6M2wb3YTXXzAkc5oI4gE1sSOiCKyhYnQRrndc91KewquxTPfKL19u + JiRqax/E49IvWKARPRPXUhPfU/NNw1oIxhbcFkjwJmqDvh9SWhl5VZVynCE28ov5 + hjjhqNXZHOR8CQqPJeY8v38OAAwTWvJ6rhEQwp5dLBqmRAbvPXj7OOzCxKluDY2X + Dl4k6QAjI6NddJXsXHRYRNGiB0CP1UBC91NDtW2+HIjf1Q1Lip5agO4/SkkSUt39 + de7uYKrNcfyDUBb9Suconw0HvW+Dv4Ce5um+aa1RUrWIQdqBCOECbsXYKp66vAnK + Hidf2uznFseWxiyxz1ow8AvvSseABej5GuHI/56lywnFlnHEZLREUF/4PT+BZ0vE + uPRkzqeSNybsYYFieK8aany/RmJaoIsduGutgAiKBvkCCHru895n02xuLhZVkM2G + zfVjA2le+Gxr21/sVPrHfxResLUh4RA8fkS7erWMRF4a3IOpIS4yrM+p4pZTlTxO + Ya8buh4RgyE/0hp4QNpa4K7fvntriK+k6zHs7BcZcG2aMWP3O9/4DgjzBR3eslQV + oou23ajP11wyfrmZK0/PQGTpsU472Jj+06KtMAaH0zo4vAR8s2kV1ukCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + manakish = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.85"; + aliases = [ + "manakish.r" + "manakish.kmein.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAtZcWwm1tTFoMcO0EOwNdSrZW9m2tSNWzwTGjlfuNFQKPnHiKdFFH + Hym72+WtaIZmffermGTfYdMoB/lWgOB0glqH9oSBFvrLVDgdQL2il589EXBd/1Qy + 7Ye5EVy2/xEA7iZGg3j0i+q1ic48tt6ePd4+QR0LmLEa8+Gz5X0Tp9TTf7gdv+lB + dVA6p7LJixKcBsC5W0jY5oTGUP0fM844AtWbpflmlz0JZNWrkJhCksOnfhUzeIsF + 1m9rCsyK+3jGMV6ZxhEbwaOt99Wlv0N0ouPePw+xLnnGTu0rJ/RKWceYnWnrHIyb + GgGIHnm9GbMd4mAfyp63emRYDMclSQSrddpDUL2GK8TCTttr6bZm4M/pFuXQGJsQ + EG0iaE8FM+nCrhmCRnX8dRWcNmHybd34UoVGCDJ6u+ksLIivqgWeY41CauqN0vQw + U4zqp6XMXRB6vlVcyLzdTASxVKaLJt+BuvHcyqz/YslJ97z4yoLE3d7s/9gZkM// + +FD970bsyvKpKRx72rNRCO9tQJNgPsaMiW5nuHUFw71XxX8o0w//5a0h5cdbiT64 + I4ISySa4ynmHI1/v0a937/sFS0IvRI1Va0Efh2VxasNIqpDmM3hA8auPDj0Js/4c + qVnWMbvqqYlY9l//HCNxUXIhi0vcOr2PoCxBtcP5pHY8nNphQrPjRrcCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; qubasa = { owner = config.krebs.users.qubasa; nets = { @@ -254,30 +308,29 @@ in { }; }; }; - scardanelli = { + zaatar = { owner = config.krebs.users.kmein; nets = { retiolum = { - ip4.addr = "10.243.2.2"; + ip4.addr = "10.243.2.34"; aliases = [ - "scardanelli.r" - "scardanelli.kmein.r" + "zaatar.r" + "zaatar.kmein.r" ]; tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/ - MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge - UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi - kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0 - gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx - we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY - QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm - SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL - 2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f - m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q - FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5 - lM61fOMcVW1KREdWypiDtu8CAwEAAQ== - -----END PUBLIC KEY----- + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAn1L8LaoLuvHnN39Vz/8Mu/G20+z2DdWeG8XCX53seG2R+Nv4K/Fb + PikALazrN5TIxjRSRL4HEOsYAHWrHyMyRiK0RTuVZxYX4ArilpWz6+5dyt9CkPDg + mpUqhkpHuWO7zXnCcMVkn2ESzJaDIClLaaZP9klrGoaOJLGSJhfF/y4z8p6C/HlR + AjxI4z+90ReRWHWj+adSd3FZnN9yfeVQwUyqohGM0tIHvLCiDVewigLOI3IWjPom + MyUFV/UPVn0/A81C2eADgKbwn6EiJnxDtlPZWBrEJ9vd8lNWBCyGTxTcD0DuDVCe + yP5+r3uV2OYgQPYFrmWwCZJDu7qBdR4MpPP974iPFZ7WCHrvqQQNPYNZ78zBVA4x + YPNpXxp7i3Q10Vnp5fDQlxy+tfE9deeS3vk15Ydyc6gC2D9YClch720cAtPemgs3 + F1O9Uc1PfJkUS5T0t9dpxH/0k6GZ9RQyJGCW7nupWTXmnDW7+TTjszLX3KYmG7XO + pQiic0oMvSCHwEPygnHTLWSt7rroje84htbatzplpQo8GS2tffieOEsgOaHp8TNr + QkRQnNbkAermVod6yK7wtutOk55f7WtYSCw+Kdo/pdQQQpcayKpTBikUQgdGwtTV + z9V1ZlEoLaaRxqisT4DB8279Bzy3QRV+eSHMMqw3+ePjxn7NbJxFn3sCAwEAAQ== + -----END RSA PUBLIC KEY----- ''; }; }; @@ -432,6 +485,58 @@ in { }; }; }; + nxbg = { + owner = config.krebs.users.rtjure; + nets = { + retiolum = { + ip4.addr = "10.243.122.123"; + aliases = [ + "nxbg.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEArnkpu+oD59Shu9xcppkcelMT/uHsKvMKdudr67WZG/4F0xhd/5ex + an8v3OWClztIsnB+5uwl0dgamfKDAfIdg5ll2ZHcXo7dAdAN7q8DkegJD9k/Pmmi + YGsEwyENhAcX0/L1xHD5rGqH+6qQ/HrXPKPquoWCIlDDX41dyZQxJCTzkKlRGWhl + uwEMHkR4sfGgsD/OFmTVHMqygWbQIBIrUKXcHahsVj5k0LZW+ejVAQwNlzuKZi2B + n4maa6R0s4kRk2N8TPW11BcCl+rZlaX7RSn8vi+lA0Aq+A5SL1kXaKkKQT/9j2+n + G/uCDpQ6ruXaNycDkemqZg/MHDanbm5SUtjqZarfT6tRr3bwvpndxeGCeOZHkehw + iDiRsXszdwVDziRBlHs4WvFHTZUBLBsetOeo/LaB3Lt069nF5Cs6SZDi3z17ZMow + 5IU66KLQBDnSHqJWvAkBZsWrlZHMr3Csefaqli+qGpPr2gVgiwh3BrH8Ie1DBWJM + ysY0XK98s3jhLfWtc8Fg99H7QYenrh9IwfiIr5kRTmYxLBoGHO7GBRovuziJYzj+ + G1D160xnRSqVdbIg9Az9OMBHfv9/HwYwwLpQ/154SRTY6f4H3iFMt+0lJwSS6nIl + yN7HY7PKXieun8OsS3GhV/+r8UVcRmVk+who3x8Hw8MQJHp8lUNGjLUCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + nxrm = { + owner = config.krebs.users.rtjure; + nets = { + retiolum = { + ip4.addr = "10.243.122.124"; + aliases = [ + "nxrm.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxPg9J+cpmazp8ZH2eCQwbq6GdU22Nhd/ySm+K/aN+x55C4QN6gMM + cBW2o0nfHi4JtvqDtdw0s9pGh0GsLHHoQlFD/lGr1oCMAe0FeN4cSAwbUH1DYFPw + KsyiXpXLVYCqt42JjzCM8HNUMBNDlnZ60z2Ashxj79PbYJ+i3oPEIE//Vf6MPOta + vaDUXCbqsWKKEqG8t+rM4WRrqzVVpASq6Avs2x+eijVe0Yeq4tkHcO0z3SrV2TM1 + nAPYDL0QlHHBVtAt0tAfo4CC+HAwZJz8yZ0sWPzz/fJj/K3HwuFDBKZSrsIgSPBc + +JCFefuI3aNc1fKTYIu0XqCqgdB0Xu2g/AkJcqXSvJQaNPFuyk5n79C2INHcpLrp + s8NWwaUAH7XhNUGYnzevan3hiuSgIsT0T2cfERmEGyMn90fioYWN7TW9txfEX9qL + I4mkmh1xqt8ipdpfGxYmUAAj9KoHEhAnDElblIXRWY3KLdY6gT4sO80K+hTbK/J+ + oyhU0nYcAnrFJNlSNjNucM/4UlCXqs4TaCM9cRggT6PmHy+M7vLebI4JGoOpCuYw + W1fiyXCrzlTP0vidDtv9mr0vTTK78Nc8oGc46Yu3K1kFSQYS/pRCjnOin35sYe/K + ahpclNJjom6tHxcwTriT0w6Yh/fCei7WCqpWtK2m4Qho/+WA3rFc3WUCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; ada = { owner = config.krebs.users.filly; nets = { @@ -496,7 +601,7 @@ in { mail = "jacek.galowicz@gmail.com"; }; kmein = { - mail = "kieran.meinhardt@gmail.com"; + mail = "kmein@posteo.de"; pubkey = ssh-for "kmein"; }; mic92 = { diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 0b7d56098..7d618ebfd 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -62,8 +62,8 @@ let }; }; - users.extraUsers = singleton { - inherit (user) name uid; + users.users.${user.name} = { + inherit (user) uid; home = cfg.dataDir; }; }; diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index 75d7eda6e..390f7585f 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -12,6 +12,7 @@ with import <stockholm/lib>; in { hosts = mapAttrs hostDefaults { brauerei = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.27.29"; @@ -93,6 +94,7 @@ in { }; bolide = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.27.31"; @@ -130,6 +132,7 @@ in { }; reagenzglas = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.27.32"; diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2/default.nix index ae242efea..6a48f865c 100644 --- a/krebs/5pkgs/haskell/reaktor2.nix +++ b/krebs/5pkgs/haskell/reaktor2/default.nix @@ -6,13 +6,13 @@ , time, transformers, unagi-chan, unix, unordered-containers , vector, wai, warp }: -mkDerivation { +mkDerivation rec { pname = "reaktor2"; - version = "0.3.0"; + version = "0.4.0"; src = fetchgit { url = "https://cgit.krebsco.de/reaktor2"; - sha256 = "02hqpq8wcfd6rvi8qk10zy3f3lrzzqnjwqal4cbvksjn3vahz36h"; - rev = "a6893c00f78a8acd0a4bfe7da87ab6889eabcf21"; + sha256 = "0bnn23hjl57y0a5rf3h8kq078dziby7il7fandz5wh6s4i3psicp"; + rev = "v${version}"; fetchSubmodules = true; }; isLibrary = false; diff --git a/krebs/5pkgs/simple/alertmanager-bot-telegram/default.nix b/krebs/5pkgs/simple/alertmanager-bot-telegram/default.nix index f0e221406..a84407457 100644 --- a/krebs/5pkgs/simple/alertmanager-bot-telegram/default.nix +++ b/krebs/5pkgs/simple/alertmanager-bot-telegram/default.nix @@ -11,7 +11,7 @@ buildGoModule rec { sha256 = "09cciml1j8x76jpm2v5v6h2q6j1fkhsz1kswslmx8wl4wk40xgp4"; }; - modSha256 = "0nlnxkpcna7g7qslyz5i1619paw4jkb1ma4fgpsgvgx1spwrjm8h"; + vendorSha256 = "0nlnxkpcna7g7qslyz5i1619paw4jkb1ma4fgpsgvgx1spwrjm8h"; postInstall = '' install -D ./default.tmpl $out/templates/default.tmpl ''; diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 22c33bd66..9ea1d4141 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "007126eef72271480cb7670e19e501a1ad2c1ff2", - "date": "2020-10-20T10:30:15+10:00", - "sha256": "1rfvw560vp2wn3dxdhqn1rk1fgk0ak9lnqm2dqpnsrkl4b8ay9mq", + "rev": "34ad166a830d3ac1541dcce571c52231f2f0865a", + "date": "2020-11-02T21:18:15-05:00", + "sha256": "1jvi1562x3kq65w642vfimpszv65zbc7c2nv8gakhzcx4n3f47xq", "fetchSubmodules": false } diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 161a099e5..68d950208 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "7c2a362b58a1c2ba72d24aa3869da3b1a91d39e1", - "date": "2020-10-20T09:32:31+02:00", - "sha256": "0gl4xndyahasa9dv5mi3x9w8s457wl2xh9lcldizcn1irjvkrzs4", + "rev": "896270d629efd47d14972e96f4fbb79fc9f45c80", + "date": "2020-11-10T22:42:32+01:00", + "sha256": "0xmjjayg19wm6cn88sh724mrsdj6mgrql6r3zc0g4x9bx4y342p7", "fetchSubmodules": false } diff --git a/krebs/update-nixpkgs.sh b/krebs/update-nixpkgs.sh index b0ffb6adc..9a0ea7ed4 100755 --- a/krebs/update-nixpkgs.sh +++ b/krebs/update-nixpkgs.sh @@ -3,7 +3,7 @@ dir=$(dirname $0) oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --url https://github.com/NixOS/nixpkgs \ - --rev refs/heads/nixos-20.03' \ + --rev refs/heads/nixos-20.09' \ > $dir/nixpkgs.json newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" |