summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/fileleech.nix27
-rw-r--r--makefu/2configs/default.nix2
-rw-r--r--makefu/2configs/elchos/irc-token.nix62
-rw-r--r--makefu/2configs/torrent.nix7
-rw-r--r--makefu/3modules/default.nix1
-rw-r--r--makefu/3modules/server-config.nix10
-rw-r--r--makefu/6tests/data/secrets/auth.nix3
-rw-r--r--makefu/6tests/data/secrets/authfile1
8 files changed, 107 insertions, 6 deletions
diff --git a/makefu/1systems/fileleech.nix b/makefu/1systems/fileleech.nix
new file mode 100644
index 000000000..4d9b37cea
--- /dev/null
+++ b/makefu/1systems/fileleech.nix
@@ -0,0 +1,27 @@
+{ config, pkgs, ... }:
+{
+ imports = [
+ ../.
+ # configure your hw:
+ # ../2configs/hw/CAC.nix
+ # ../2configs/fs/CAC-CentOS-7-64bit.nix
+ ../2configs/save-diskspace.nix
+ ../2configs/tinc/retiolum.nix
+
+ ];
+ krebs = {
+ enable = true;
+ build.host = config.krebs.hosts.fileleech;
+ };
+
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.device = "/dev/disk/by-id/ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN";
+ fileSystems."/" = {
+ device = "/dev/disk/by-id/ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN";
+ };
+
+ boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "aacraid" "usb_storage" "usbhid" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+}
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 9a2adbc3e..9e3f3eb61 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
user = config.krebs.users.makefu;
source = let
inherit (config.krebs.build) host user;
- ref = "f52eaf4"; # stable @ 2016-12-12
+ ref = "ee13b9af"; # stable @ 2016-12-12
in {
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{
diff --git a/makefu/2configs/elchos/irc-token.nix b/makefu/2configs/elchos/irc-token.nix
new file mode 100644
index 000000000..3f3c4ffc3
--- /dev/null
+++ b/makefu/2configs/elchos/irc-token.nix
@@ -0,0 +1,62 @@
+{pkgs, ...}:
+with import <stockholm/lib>;
+let
+ secret = (import <secrets/elchos-token.nix>);
+in {
+ systemd.services.elchos-irctoken = {
+ startAt = "*:0/30";
+ serviceConfig = {
+ RuntimeMaxSec = "20";
+ };
+ script = ''
+ set -euf
+ now=$(date -u +%Y-%m-%dT%H:%M)
+ sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1)
+ message="The secret valid for 30 minutes is $sec"
+ echo "token for $now (UTC) is $sec"
+ LOGNAME=sec-announcer
+ HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --static)
+ IRC_SERVER=irc.freenode.net
+ IRC_PORT=6667
+ IRC_NICK=$HOSTNAME-$$
+ IRC_CHANNEL='#eloop'
+
+ export IRC_CHANNEL # for privmsg_cat
+
+ echo2() { echo "$*"; echo "$*" >&2; }
+
+ privmsg_cat() { ${pkgs.gawk}/bin/awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
+
+ tmpdir="$(mktemp -d irc-announce_XXXXXXXX)"
+ cd "$tmpdir"
+ mkfifo ircin
+ trap "
+ rm ircin
+ cd '$OLDPWD'
+ rmdir '$tmpdir'
+ trap - EXIT INT QUIT
+ " EXIT INT QUIT
+
+ {
+ echo2 "USER $LOGNAME 0 * :$LOGNAME@$HOSTNAME"
+ echo2 "NICK $IRC_NICK"
+
+ # wait for MODE message
+ ${pkgs.gnused}/bin/sed -un '/^:[^ ]* MODE /q'
+
+ echo2 "JOIN $IRC_CHANNEL"
+
+ printf '%s' "$message" \
+ | privmsg_cat
+
+ echo2 "PART $IRC_CHANNEL"
+
+ # wait for PART confirmation
+ sed -un '/:'"$IRC_NICK"'![^ ]* PART /q'
+
+ echo2 'QUIT :Gone to have lunch'
+ } < ircin \
+ | ${pkgs.netcat}/bin/netcat "$IRC_SERVER" "$IRC_PORT" |tee -a ircin
+ '';
+ };
+}
diff --git a/makefu/2configs/torrent.nix b/makefu/2configs/torrent.nix
index 5b9ce6178..f3bc9091b 100644
--- a/makefu/2configs/torrent.nix
+++ b/makefu/2configs/torrent.nix
@@ -4,7 +4,7 @@ with import <stockholm/lib>;
let
daemon-user = "tor";
- authfile = <torrent-secrets/authfile>;
+ basicAuth = import <torrent-secrets/auth.nix>;
peer-port = 51412;
web-port = 8112;
daemon-port = 58846;
@@ -53,9 +53,8 @@ in {
enable = true;
web = {
enable = true;
- enableAuth = true;
- listenAddress = toString web-port;
- inherit authfile;
+ port = web-port;
+ inherit basicAuth;
};
rutorrent.enable = true;
enableXMLRPC = true;
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 855e134ab..16215b27a 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -8,6 +8,7 @@ _:
./forward-journal.nix
./opentracker.nix
./ps3netsrv.nix
+ ./server-config.nix
./snapraid.nix
./taskserver.nix
./udpt.nix
diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix
new file mode 100644
index 000000000..dbd29d748
--- /dev/null
+++ b/makefu/3modules/server-config.nix
@@ -0,0 +1,10 @@
+{config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+ options.makefu.server.primary-itf = lib.mkOption {
+ type = types.str;
+ description = "Primary interface of the server";
+ };
+}
+
diff --git a/makefu/6tests/data/secrets/auth.nix b/makefu/6tests/data/secrets/auth.nix
new file mode 100644
index 000000000..92d5c34a8
--- /dev/null
+++ b/makefu/6tests/data/secrets/auth.nix
@@ -0,0 +1,3 @@
+{
+ user = "password";
+}
diff --git a/makefu/6tests/data/secrets/authfile b/makefu/6tests/data/secrets/authfile
deleted file mode 100644
index f5e704702..000000000
--- a/makefu/6tests/data/secrets/authfile
+++ /dev/null
@@ -1 +0,0 @@
-"derp"