From e082da2c23ebff82717df11d266ecfd22a70db56 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 24 Jul 2015 12:34:25 +0200 Subject: 3 tv retiolum: RIP --- 3modules/tv/retiolum.nix | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 3modules/tv/retiolum.nix (limited to '3modules') diff --git a/3modules/tv/retiolum.nix b/3modules/tv/retiolum.nix deleted file mode 100644 index d0037744..00000000 --- a/3modules/tv/retiolum.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, lib, ... }: - -with lib; -let - cfg = config.tv.retiolum; - - out = { - imports = [ ../../3modules/krebs/retiolum.nix ]; - options.tv.retiolum = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "tv.retiolum"; - - connectTo = mkOption { - type = with types; listOf str; - }; - - hosts = mkOption { - type = types.path; - }; - }; - - imp = { - krebs.retiolum = cfg; - }; - -in out -- cgit v1.2.3 From faf5f6c172d6a6915e18cdec85e3543051eb0449 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 24 Jul 2015 12:41:41 +0200 Subject: krebs.retiolum: define type of hosts --- 3modules/krebs/retiolum.nix | 40 ++++++++++++++++++---------------------- 1 file changed, 18 insertions(+), 22 deletions(-) (limited to '3modules') diff --git a/3modules/krebs/retiolum.nix b/3modules/krebs/retiolum.nix index 447592ee..1406f2fc 100644 --- a/3modules/krebs/retiolum.nix +++ b/3modules/krebs/retiolum.nix @@ -57,9 +57,9 @@ let }; hosts = mkOption { - default = null; + type = with types; either package path; + default = ../../Zhosts; description = '' - Hosts package or path to use. If a path is given, then it will be used to generate an ad-hoc package. ''; }; @@ -127,24 +127,20 @@ let }; tinc = cfg.tincPackage; - hostsType = builtins.typeOf cfg.hosts; - hosts = - if hostsType == "package" then - # use package as is - cfg.hosts - else if hostsType == "path" then - # use path to generate a package - pkgs.stdenv.mkDerivation { - name = "custom-retiolum-hosts"; - src = cfg.hosts; - installPhase = '' - mkdir $out - find . -name .git -prune -o -type f -print0 | xargs -0 cp --target-directory $out - ''; - } - else - abort "The option `services.retiolum.hosts' must be set to a package or a path" - ; + + hosts = getAttr (typeOf cfg.hosts) { + package = cfg.hosts; + path = pkgs.stdenv.mkDerivation { + name = "custom-retiolum-hosts"; + src = cfg.hosts; + installPhase = '' + mkdir $out + find . -name .git -prune -o -type f -print0 \ + | xargs -0 cp --target-directory $out + ''; + }; + }; + iproute = cfg.iproutePackage; retiolumExtraHosts = import (pkgs.runCommand "retiolum-etc-hosts" @@ -222,5 +218,5 @@ let chmod +x $out/tinc-up ''; -in -out + +in out -- cgit v1.2.3 From f1ebbc73395e733e222b7f51e3fb554579ec1916 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 24 Jul 2015 17:34:08 +0200 Subject: autoimport 3*/{krebs,$(LOGNAME)} --- 3modules/krebs/default.nix | 11 +++++++++++ 3modules/tv/consul.nix | 1 - 3modules/tv/default.nix | 10 ++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 3modules/krebs/default.nix create mode 100644 3modules/tv/default.nix (limited to '3modules') diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix new file mode 100644 index 00000000..fe94e09b --- /dev/null +++ b/3modules/krebs/default.nix @@ -0,0 +1,11 @@ +_: + +{ + imports = [ + ./github-hosts-sync.nix + ./git.nix + ./nginx.nix + ./retiolum.nix + ./urlwatch.nix + ]; +} diff --git a/3modules/tv/consul.nix b/3modules/tv/consul.nix index 312faa02..4e54c2ab 100644 --- a/3modules/tv/consul.nix +++ b/3modules/tv/consul.nix @@ -10,7 +10,6 @@ let cfg = config.tv.consul; out = { - imports = [ ../../3modules/tv/iptables.nix ]; options.tv.consul = api; config = mkIf cfg.enable (mkMerge [ imp diff --git a/3modules/tv/default.nix b/3modules/tv/default.nix new file mode 100644 index 00000000..e267d0b9 --- /dev/null +++ b/3modules/tv/default.nix @@ -0,0 +1,10 @@ +_: + +{ + imports = [ + ./consul.nix + ./ejabberd.nix + ./identity.nix + ./iptables.nix + ]; +} -- cgit v1.2.3 From a62be1cef8726a2afa61df3dac9e19a71882b370 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 24 Jul 2015 20:48:00 +0200 Subject: {2 tv git -> 3 krebs}.users --- 3modules/krebs/default.nix | 54 ++++++++++++++++++++++++++++++++++++---------- 3modules/krebs/git.nix | 11 ++++------ 2 files changed, 47 insertions(+), 18 deletions(-) (limited to '3modules') diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix index fe94e09b..b8722d18 100644 --- a/3modules/krebs/default.nix +++ b/3modules/krebs/default.nix @@ -1,11 +1,43 @@ -_: - -{ - imports = [ - ./github-hosts-sync.nix - ./git.nix - ./nginx.nix - ./retiolum.nix - ./urlwatch.nix - ]; -} +{ config, lib, ... }: + +with import ../../4lib/krebs { inherit lib; }; +let + cfg = config.krebs; + + out = { + imports = [ + ./github-hosts-sync.nix + ./git.nix + ./nginx.nix + ./retiolum.nix + ./urlwatch.nix + ]; + options.krebs = api; + config = mkIf cfg.enable imp; + }; + + api = { + users = mkOption { + type = with types; attrsOf user; + default = addNames { + lass = { + pubkey = readFile ../../Zpubkeys/lass.ssh.pub; + }; + makefu = { + pubkey = readFile ../../Zpubkeys/makefu.ssh.pub; + }; + tv = { + pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; + }; + uriel = { + pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; + }; + }; + }; + }; + + imp = { + }; + +in +out diff --git a/3modules/krebs/git.nix b/3modules/krebs/git.nix index 3c3e9342..be6619b4 100644 --- a/3modules/krebs/git.nix +++ b/3modules/krebs/git.nix @@ -6,8 +6,7 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with builtins; -with lib; +with import ../../4lib/krebs { inherit lib; }; let cfg = config.krebs.git; @@ -119,9 +118,6 @@ let rules = mkOption { type = types.unspecified; }; - users = mkOption { - type = types.unspecified; - }; }; git-imp = { @@ -149,7 +145,8 @@ let name = "git"; shell = "/bin/sh"; openssh.authorizedKeys.keys = - mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users; + mapAttrsToList (_: makeAuthorizedKey git-ssh-command) + config.krebs.users; uid = 129318403; # genid git }; }; @@ -255,7 +252,7 @@ let isPublicRepo = getAttr "public"; # TODO this is also in ./cgit.nix - makeAuthorizedKey = git-ssh-command: user@{ name, pubkey }: + makeAuthorizedKey = git-ssh-command: user@{ name, pubkey, ... }: # TODO assert name # TODO assert pubkey let -- cgit v1.2.3