diff options
Diffstat (limited to 'lass/2configs')
-rw-r--r-- | lass/2configs/buildbot-standalone.nix | 53 | ||||
-rw-r--r-- | lass/2configs/default.nix | 1 | ||||
-rw-r--r-- | lass/2configs/git.nix | 4 | ||||
-rw-r--r-- | lass/2configs/ircd.nix | 2 | ||||
-rw-r--r-- | lass/2configs/mpv.nix | 2 | ||||
-rw-r--r-- | lass/2configs/newsbot-js.nix | 35 | ||||
-rw-r--r-- | lass/2configs/nixpkgs.nix | 2 | ||||
-rw-r--r-- | lass/2configs/radio.nix | 6 | ||||
-rw-r--r-- | lass/2configs/retiolum.nix | 2 | ||||
-rw-r--r-- | lass/2configs/websites/lassulus.nix | 3 | ||||
-rw-r--r-- | lass/2configs/wine.nix | 4 |
11 files changed, 54 insertions, 60 deletions
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 7b38e44c6..62b823c3f 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -92,7 +92,6 @@ in { nixshell = [ "nix-shell", "-I", "stockholm=.", - "-I", "nixpkgs=/var/src/nixpkgs", "-p" ] + deps + [ "--run" ] @@ -107,11 +106,9 @@ in { for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]: addShell(f,name="build-{}".format(i),env=env_shared, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -119,11 +116,9 @@ in { for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -131,11 +126,9 @@ in { for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: addShell(f,name="build-{}".format(i),env=env_makefu, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -143,11 +136,9 @@ in { for i in [ "hiawatha", "onondaga" ]: addShell(f,name="build-{}".format(i),env=env_nin, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -211,7 +202,7 @@ in { ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ make system=prism pkgs.{}".format(i)]) bu.append(util.BuilderConfig(name="build-pkgs", @@ -255,7 +246,7 @@ in { options.lass.build-ssh-privkey = mkOption { type = types.secret-file; default = { - path = "${config.users.users.buildbotworker.home}/ssh.privkey"; + path = "${config.users.users.buildbotworker.home}/.ssh/id_rsa"; owner = { inherit (config.users.users.buildbotworker ) name uid;}; source-path = toString <secrets> + "/build.ssh.key"; }; @@ -263,16 +254,10 @@ in { config.krebs.secret.files = { build-ssh-privkey = config.lass.build-ssh-privkey; }; - config.users.users = { - build = { - name = "build"; - uid = genid "build"; - home = "/home/build"; - useDefaultShell = true; - createHome = true; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP lass@mors" - ]; - }; + config.users.users.buildbotworker = { + useDefaultShell = true; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP" + ]; }; } diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index e33514ee0..ffed5bb70 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -150,6 +150,7 @@ with import <stockholm/lib>; untilport usbutils logify + goify #unpack stuff p7zip diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 72866c067..5f686e26e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -30,6 +30,10 @@ let rules = concatMap make-rules (attrValues repos); public-repos = mapAttrs make-public-repo { + news = { + cgit.desc = "take a rss feed and a timeout and print it to stdout"; + cgit.section = "software"; + }; stockholm = { cgit.desc = "take all the computers hostage, they'll love you!"; cgit.section = "configuration"; diff --git a/lass/2configs/ircd.nix b/lass/2configs/ircd.nix index 4d2c134b6..b72e2b087 100644 --- a/lass/2configs/ircd.nix +++ b/lass/2configs/ircd.nix @@ -94,6 +94,8 @@ general { #maybe we want ident someday? disable_auth = yes; + throttle_duration = 1; + throttle_count = 1000; }; ''; }; diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index d9c6274db..bb068e7a1 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -34,7 +34,7 @@ let down = moveToDir "Y" "./down"; in { - krebs.per-user.lass.packages = [ + environment.systemPackages = [ mpv ]; } diff --git a/lass/2configs/newsbot-js.nix b/lass/2configs/newsbot-js.nix index d38af211f..070795d14 100644 --- a/lass/2configs/newsbot-js.nix +++ b/lass/2configs/newsbot-js.nix @@ -3,19 +3,17 @@ let newsfile = pkgs.writeText "feeds" '' aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#news - aktuelle_themen|http://bundestag.de/service/rss/Bundestag_Aktuelle_Themen.rss|#news #bundestag allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#news - anon|http://anoninsiders.net/feed/|#news antirez|http://antirez.com/rss|#news arbor|http://feeds2.feedburner.com/asert/|#news archlinux|http://www.archlinux.org/feeds/news/|#news ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#news augustl|http://augustl.com/atom.xml|#news bbc|http://feeds.bbci.co.uk/news/rss.xml|#news + bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#news bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#news #bundestag bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#news #bundestag - bdt_pressemitteilungen|http://bundestag.de/service/rss/Bundestag_Presse.rss|#news #bundestag - bdt_wd|http://bundestag.de/service/rss/Bundestag_WD.rss|#news #bundestag + bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#news bitcoinpakistan|https://bitcoinspakistan.com/feed/|#news #financial c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#news cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#news @@ -30,9 +28,7 @@ let chan_b|https://boards.4chan.org/b/index.rss|#brainfuck chan_biz|https://boards.4chan.org/biz/index.rss|#news #brainfuck chan_int|https://boards.4chan.org/int/index.rss|#news #brainfuck - cna|http://www.channelnewsasia.com/starterkit/servlet/cna/rss/home.xml|#news coinspotting|http://coinspotting.com/rss|#news #financial - cryptanalysis|https://cryptanalys.is/rss.php|#news cryptocoinsnews|http://www.cryptocoinsnews.com/feed/|#news #financial cryptogon|http://www.cryptogon.com/?feed=rss2|#news csm|http://rss.csmonitor.com/feeds/csm|#news @@ -52,12 +48,9 @@ let fars|http://www.farsnews.com/rss.php|#news #test faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#news faz_politik|http://www.faz.net/rss/aktuell/politik/|#news - faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news #financial - fbi|http://www.fbi.gov/homepage/RSS|#news #bullerei - fbi_news|http://www.fbi.gov/news/news_blog/rss.xml|#news - fbi_press|http://www.fbi.gov/news/current/rss.xml|#news #bullerei - fbi_stories|http://www.fbi.gov/news/stories/all-stories/rss.xml|#news #bullerei - fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news #financial + faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news + fbi|https://www.fbi.gov/news/rss.xml|#news + fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news fefe|http://blog.fefe.de/rss.xml|#news forbes|http://www.forbes.com/forbes/feed2/|#news forbes_realtime|http://www.forbes.com/real-time/feed2/|#news @@ -65,18 +58,18 @@ let geheimorganisation|http://geheimorganisation.org/feed/|#news GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#news gmanet|http://www.gmanetwork.com/news/rss/news|#news - golem|http://www.golem.de/rss.php?feed=RSS1.0|#news + golem|https://rss.golem.de/rss.php|#news google|http://news.google.com/?output=rss|#news greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#news guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#news gulli|http://ticker.gulli.com/rss/|#news handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#news #financial - heise|http://heise.de.feedsportal.com/c/35207/f/653902/index.rss|#news + heise|https://www.heise.de/newsticker/heise-atom.xml|#news hindu_business|http://www.thehindubusinessline.com/?service=rss|#news #financial hindu|http://www.thehindu.com/?service=rss|#news ign|http://feeds.ign.com/ign/all|#news independent|http://www.independent.com/rss/headlines/|#news - indymedia|http://de.indymedia.org/RSS/newswire.xml|#news + indymedia|https://de.indymedia.org/rss.xml|#news info_libera|http://www.informationliberation.com/rss.xml|#news klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#news korea_herald|http://www.koreaherald.com/rss_xml.php|#news @@ -123,11 +116,11 @@ let sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#news shackspace|http://shackspace.de/?feed=rss2|#news shz_news|http://www.shz.de/nachrichten/newsticker/rss|#news - sky_busi|http://news.sky.com/feeds/rss/business.xml|#news - sky_pol|http://news.sky.com/feeds/rss/politics.xml|#news - sky_strange|http://news.sky.com/feeds/rss/strange.xml|#news - sky_tech|http://news.sky.com/feeds/rss/technology.xml|#news - sky_world|http://news.sky.com/feeds/rss/world.xml|#news + sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#news + sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#news + sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#news + sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#news + sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#news slashdot|http://rss.slashdot.org/Slashdot/slashdot|#news slate|http://feeds.slate.com/slate|#news spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#news @@ -138,7 +131,7 @@ let stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#news sz_politik|http://rss.sueddeutsche.de/rss/Politik|#news sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#news #financial - sz_wissen|http://suche.sueddeutsche.de/rss/Wissen|#news + sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#news tagesschau|http://www.tagesschau.de/newsticker.rdf|#news taz|http://taz.de/Themen-des-Tages/!p15;rss/|#news telegraph_finance|http://www.telegraph.co.uk/finance/rss|#news #financial diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 4f1347b82..49c44aa88 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "aa03833"; + ref = "2bb9c1c"; }; } diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 6e96f8845..1e14e31bb 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -145,6 +145,12 @@ in { script = "${print_current}/bin/print_current"; pattern = "^current$"; }) + (buildSimpleReaktorPlugin "suggest" { + script = "${pkgs.writeDash "suggest" '' + echo "$@" >> $HOME/playlist_suggest + ''}"; + pattern = "^suggest: (?P<args>.*)$"; + }) ]; }; services.nginx.virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 7a7bf95be..7f1b36c96 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -5,7 +5,6 @@ krebs.iptables = { tables = { filter.INPUT.rules = [ - { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } ]; @@ -13,6 +12,7 @@ }; krebs.tinc.retiolum = { + enableLegacy = true; enable = true; connectTo = [ "prism" diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 3a8979427..0771570ca 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -80,6 +80,9 @@ in { locations."= /retiolum-hosts.tar.bz2".extraConfig = '' alias ${config.krebs.tinc.retiolum.hostsArchive}; ''; + locations."= /retiolum.hosts".extraConfig = '' + alias ${pkgs.retiolum-hosts}; + ''; locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 8d55da7fd..ee688e18c 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -4,10 +4,10 @@ let mainUser = config.users.extraUsers.mainUser; in { - environment.systemPackages = with pkgs; [ + krebs.per-user.wine.packages = with pkgs; [ wineUnstable ]; - users.extraUsers = { + users.users= { wine = { name = "wine"; description = "user for running wine"; |