15 files changed, 87 insertions, 51 deletions
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 0630d19a..e8438e50 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -1,20 +1,52 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 {
-    imports = [
-        <stockholm/makefu>
-        # configure your hw:
-        # <stockholm/makefu/2configs/hw/CAC.nix>
-        # <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
-        # <stockholm/makefu/2configs/save-diskspace.nix
-    ];
-    krebs = {
-        enable = true;
-        tinc.retiolum.enable = true;
-        build.host = config.krebs.hosts.cake;
+  imports = [
+    <stockholm/makefu>
+    <stockholm/makefu/2configs/tools/core.nix>
+# configure your hw:
+# <stockholm/makefu/2configs/save-diskspace.nix>
+  ];
+  krebs = {
+    enable = true;
+    tinc.retiolum.enable = true;
+    build.host = config.krebs.hosts.cake;
+  };
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
+
+  programs.info.enable = false;
+  programs.man.enable = false;
+  services.nixosManual.enable = false;
+  boot.tmpOnTmpfs = lib.mkForce false;
+
+  hardware.enableRedistributableFirmware = true;
+  hardware.firmware = [
+    (pkgs.stdenv.mkDerivation {
+     name = "broadcom-rpi3-rest";
+     src = pkgs.fetchurl {
+     url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
+     sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
+     };
+     phases = [ "installPhase" ];
+     installPhase = ''
+     mkdir -p $out/lib/firmware/brcm
+     cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
+     '';
+     })
+  ];
+  networking.wireless.enable = true;
+
+# File systems configuration for using the installer's partition layout
+  fileSystems = {
+    "/boot" = {
+      device = "/dev/disk/by-label/NIXOS_BOOT";
+      fsType = "vfat";
     };
-    # You want to change these :)
-    boot.loader.grub.device = "/dev/sda";
-    fileSystems."/" = {
-        device = "/dev/sda1";
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
     };
-}
-\ No newline at end of file
+  };
+}
diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix
index 797417a1..cd97a7c6 100644
--- a/makefu/1systems/cake/source.nix
+++ b/makefu/1systems/cake/source.nix
@@ -1,3 +1,4 @@
 import <stockholm/makefu/source.nix> {
   name="cake";
-}
-\ No newline at end of file
+  full = true;
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e1357ff0..e769b1e2 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -81,7 +81,9 @@ in {
   ];
   makefu.dl-dir = "/var/download";
 
-
+  services.openssh.hostKeys = [
+    { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
+    { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
   ###### stable
   services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
   krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 443f912d..f7db7556 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -57,7 +57,7 @@ with import <stockholm/lib>;
       <stockholm/makefu/2configs/tor.nix>
       <stockholm/makefu/2configs/vpn/vpngate.nix>
       # <stockholm/makefu/2configs/buildbot-standalone.nix>
-      <stockholm/makefu/2configs/remote-build/master.nix>
+      # <stockholm/makefu/2configs/remote-build/master.nix>
 
       # Hardware
       <stockholm/makefu/2configs/hw/tp-x230.nix>
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index ed890fe4..da246f66 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -68,7 +68,7 @@ let
 
   # TODO: get the list of all krebsministers
   krebsminister = with config.krebs.users; [ lass tv ];
-  all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx ];
+  all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx makefu-android ];
   all-exco = with config.krebs.users; [ exco ];
 
   priv-rules = repo: set-owners repo all-makefu;
diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix
index 9249280c..2ab62766 100644
--- a/makefu/2configs/stats/telegraf/europastats.nix
+++ b/makefu/2configs/stats/telegraf/europastats.nix
@@ -4,7 +4,7 @@ let
     rev = "be31da7";
     name = "europastats-${rev}";
     propagatedBuildInputs = [
-      requests2
+      requests
       docopt
     ];
     src = pkgs.fetchgit {
diff --git a/makefu/2configs/tools/sec-gui.nix b/makefu/2configs/tools/sec-gui.nix
index 2db3e439..95f130ae 100644
--- a/makefu/2configs/tools/sec-gui.nix
+++ b/makefu/2configs/tools/sec-gui.nix
@@ -1,8 +1,15 @@
 { pkgs, ... }:
 
 {
-  krebs.per-user.makefu.packages = with pkgs; [
-    tpmmanager
-    wireshark
-  ];
+  users.users.makefu = {
+    extraGroups = [ "wireshark" ];
+    packages = with pkgs; [
+      tpmmanager
+    ];
+  };
+
+  programs.wireshark = {
+    enable = true;
+    package = pkgs.wireshark;
+  };
 }
diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix
index 200ea471..048c1d1a 100644
--- a/makefu/2configs/tools/steam.nix
+++ b/makefu/2configs/tools/steam.nix
@@ -1,9 +1,7 @@
 {pkgs, ...}:
 {
   users.users.makefu.packages = [
-    (pkgs.steam.override {
-      newStdcpp = true;
-    })
+    pkgs.steam
   ];
   hardware.opengl.driSupport32Bit = true;
   hardware.pulseaudio.support32Bit = true;
diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index 2eecd642..677950f4 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -35,6 +35,7 @@ in {
       http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
       https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
       https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack
+      http://www.iozone.org/src/current/
 
       {
         url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ;
diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix
index 84664258..9cac5920 100644
--- a/makefu/3modules/server-config.nix
+++ b/makefu/3modules/server-config.nix
@@ -1,15 +1,14 @@
 {config, lib, pkgs, ... }:
 
-with import <stockholm/lib>;
-{
+with lib;{
   options.makefu.server.primary-itf = lib.mkOption {
-		type = types.str;
-		description = "Primary interface of the server";
-	};
+    type = types.str;
+    description = "Primary interface of the server";
+  };
   options.makefu.gui.user = lib.mkOption {
-		type = types.str;
-		description = "GUI user";
+    type = types.str;
+    description = "GUI user";
     default = config.krebs.build.user.name;
-	};
+  };
 }
 
diff --git a/makefu/5pkgs/custom/inkscape/dxf_fix.patch b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
index 5ea0a073..b7b491d4 100644
--- a/makefu/5pkgs/custom/inkscape/dxf_fix.patch
+++ b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
@@ -1,13 +1,12 @@
---- ./share/extensions/dxf_outlines.py	2017-02-14 00:46:57.000000000 +0100
-+++ ./share/extensions/dxf_outlines.py.new	2017-05-10 04:15:03.000000000 +0200
-@@ -340,7 +340,7 @@
-         scale = eval(self.options.units)
+--- ./share/extensions/dxf_outlines.py	2017-10-08 17:28:45.553368917 +0200
++++ ./share/extensions/dxf_outlines.py.new	2017-10-08 17:29:20.172554152 +0200
+@@ -341,7 +341,7 @@
          if not scale:
              scale = 25.4/96     # if no scale is specified, assume inch as baseunit
+         scale /= self.unittouu('1px')
 -        h = self.unittouu(self.document.getroot().xpath('@height', namespaces=inkex.NSS)[0])
-+        h = self.unittouu(self.getDocumentHeight())
++        h = self.unittouu(self.documentHeight())
          self.groupmat = [[[scale, 0.0, 0.0], [0.0, -scale, h*scale]]]
          doc = self.document.getroot()
          self.process_group(doc)
 
-
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 96975e54..e99aa696 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -24,7 +24,7 @@ in {
     alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
     alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
     qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { };
-    inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
+    inherit (callPackage ./devpi {}) devpi-web devpi-server;
     nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {};
     inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
       patches = [ ./custom/inkscape/dxf_fix.patch ];
diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix
index 885777be..3df67d07 100644
--- a/makefu/5pkgs/drozer/default.nix
+++ b/makefu/5pkgs/drozer/default.nix
@@ -5,7 +5,7 @@ pythonPackages.buildPythonApplication rec {
   version = "2.4.3";
   buildInputs = [ jdk7 ];
   propagatedBuildInputs = with pythonPackages; [
-    protobuf3_2
+    protobuf
     pyopenssl
     pyyaml
   ] ++ [
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/makefu/6tests/data/secrets/ssh_host_rsa_key
diff --git a/makefu/source.nix b/makefu/source.nix
index 1a5d4a5d..01342619 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -11,13 +11,10 @@ let
               then "buildbot"
               else "makefu";
   _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
-  ref = "46cfb36"; # unstable @ 2017-09-04
-                   # + graceful requests2 (a772c3a)
-                   # + mitmproxy fix      (eee2d17)
-                   # + tpm-tools fix      (5cb9987)
-                   # + dnscrypt-wrapper   (25703c3)
-                   # + lass wvstream fix  (76f4910,37cc2bc,0d48837)
+  ref = "727a3a3"; # unstable @ 2017-10-07
+                   # + revert wvdial (76f4910)
                    # + ruby stuff (2f0b17e4be9,55a952be5b5)
+                   # + mitmproxy fix (360a5efd,ef52c95b)
 
 in
   evalSource (toString _file) [