From d999dc6d2536cb378e057a55759457fdfb5db7a4 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 24 Oct 2016 14:38:54 +0200 Subject: tv: DRY up ca-bundle defs --- tv/2configs/default.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 39d0c4f6..0854e53c 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -112,13 +112,14 @@ with import ; }; } - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - }; - }) + { + environment.variables = + flip genAttrs (_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt") [ + "CURL_CA_BUNDLE" + "GIT_SSL_CAINFO" + "SSL_CERT_FILE" + ]; + } { services.cron.enable = false; -- cgit v1.2.3 From 49c5be760ff16615527aa88aeada15534b01dc84 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 18:35:28 +0200 Subject: tv netcup: init at 1.0.0 --- tv/5pkgs/netcup/default.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 tv/5pkgs/netcup/default.nix diff --git a/tv/5pkgs/netcup/default.nix b/tv/5pkgs/netcup/default.nix new file mode 100644 index 00000000..2443e9e7 --- /dev/null +++ b/tv/5pkgs/netcup/default.nix @@ -0,0 +1,32 @@ +{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, w3m, ... }: +with import ; +let + readJSON = path: fromJSON (readFile path); + sed.escape = replaceChars ["/"] ["\\/"]; # close enough + PATH = makeBinPath [ + coreutils + curl + gawk + gnugrep + gnused + jq + w3m + ]; +in +stdenv.mkDerivation { + name = "netcup-1.0.0"; + src = fetchgit { + url = "http://cgit.cd.krebsco.de/netcup"; + rev = "tags/v1.0.0"; + sha256 = "0m6mk16pblvnapxykxdccvphslbv1gjfziyr86bnqin1xb1g99bq"; + }; + phases = [ "unpackPhase" "patchPhase" "installPhase" ]; + patchPhase = '' + path=${shell.escape (sed.escape PATH)} + sed -i "1s/.*/&\nPATH=$path/" vcp + ''; + installPhase = '' + mkdir -p $out/bin + cp vcp $out/bin + ''; +} -- cgit v1.2.3 From c1a423b6857f2140a9c9b425f9d5f81a679537bb Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 18:36:17 +0200 Subject: xu pkgs += netcup --- tv/1systems/xu.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index a84da38d..a7e0b839 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -54,6 +54,7 @@ with import ; jq mkpasswd netcat + netcup nix-repl nmap p7zip -- cgit v1.2.3 From b364aa96c9b162fc6e87dbfdb9a643551a285f7f Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 19:44:53 +0200 Subject: tv nixpkgs: e4fb65a -> 0195ab8 --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 0854e53c..1114ac1a 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "e4fb65a3627f8c17a2f92c08bf302dc30f0a8db9"; + ref = "0195ab84607ac3a3aa07a79d2d6c2781b1bb6731"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 3abb88edf4bf04b60212bb4c94aadb52b4c9c9ef Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 22:04:21 +0200 Subject: add krebs.tinc.*.hostsArchive --- krebs/3modules/retiolum.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index fddaed9e..ed99cc55 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -79,6 +79,15 @@ let ''; }; + hostsArchive = mkOption { + type = types.package; + default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' + ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts + ${pkgs.gnutar}/bin/tar -hcjf $out hosts + ''; + readOnly = true; + }; + hostsPackage = mkOption { type = types.package; default = pkgs.stdenv.mkDerivation { -- cgit v1.2.3 From 94656118ada956904bf266ba21bb83ace59e6082 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Oct 2016 14:42:13 +0200 Subject: l 5 xmonad-lass: implement screenshot-share --- lass/5pkgs/xmonad-lass.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 70be6102..471577a9 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -112,6 +112,7 @@ displaySomeException = displayException myKeyMap :: [([Char], X ())] myKeyMap = [ ("M4-", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f") + , ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png") , ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume 0 +4%") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume 0 -4%") -- cgit v1.2.3 From 4683b176044dc2b4ef8f7bce9da65b995ad979d6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Oct 2016 14:48:31 +0200 Subject: l 1 prism: enable libvirtd --- lass/1systems/prism.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 5da66d26..555e7fe1 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -229,6 +229,9 @@ in { enable = true; }; } + { + virtualisation.libvirtd.enable = true; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 2ebd0a1fdd2c8e82f3a960ba7fb09bb66ace89ca Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Oct 2016 15:02:46 +0200 Subject: l 2 websites domsen: disable backups until fixed --- lass/2configs/websites/domsen.nix | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index fa56d0e1..2a6df06f 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -103,27 +103,6 @@ in { "o_ubikmedia_de" ]; - krebs.backup.plans = { - prism-sql-domsen = { - method = "push"; - src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-sql"; }; - startAt = "00:01"; - }; - prism-http-domsen = { - method = "push"; - src = { host = config.krebs.hosts.prism; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-http"; }; - startAt = "00:10"; - }; - prism-o-ubikmedia-domsen = { - method = "push"; - src = { host = config.krebs.hosts.prism; path = "/srv/o.ubikmedia.de-data"; }; - dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-owncloud"; }; - startAt = "00:30"; - }; - }; - services.phpfpm.phpOptions = '' sendmail_path = ${sendmail} -t upload_max_filesize = 100M -- cgit v1.2.3 From f4007fc84d0ae7ddf3726dae433d403b7502564b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 2 Nov 2016 18:59:34 +0100 Subject: l 5 xmonad-lass: remove backlight controls --- lass/5pkgs/xmonad-lass.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 471577a9..0b05d514 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -119,8 +119,6 @@ myKeyMap = , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute 0 toggle") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-source-mute 1 toggle") , ("", gridselectWorkspace gridConfig W.view) - , ("", spawn "xbacklight -steps 1 -time 1 -inc 10") - , ("", spawn "xbacklight -steps 1 -time 1 -dec 10") , ("M4-a", focusUrgent) , ("M4-S-r", renameWorkspace def) -- cgit v1.2.3 From 102d2515bcf4939f064ed791d09a2bf7aab2ff32 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 3 Nov 2016 15:25:56 +0100 Subject: tv nixpkgs: 0195ab8 -> 238c7e0 --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 1114ac1a..514d313c 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "0195ab84607ac3a3aa07a79d2d6c2781b1bb6731"; + ref = "238c7e0dbf73d7f330689cb6ec4b1218526cee4e"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 4f1625d5dc7024f6e5572abdcc511c9adbe49cfe Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 3 Nov 2016 15:25:07 +0100 Subject: haskellPackages.hyphenation: init at 0.6 --- krebs/5pkgs/haskell-overrides/hyphenation.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 krebs/5pkgs/haskell-overrides/hyphenation.nix diff --git a/krebs/5pkgs/haskell-overrides/hyphenation.nix b/krebs/5pkgs/haskell-overrides/hyphenation.nix new file mode 100644 index 00000000..6e5fe945 --- /dev/null +++ b/krebs/5pkgs/haskell-overrides/hyphenation.nix @@ -0,0 +1,17 @@ +# Same as upstream but with doCheck = false because doctest has wrong version. +{ mkDerivation, base, bytestring, containers, directory +, filepath, unordered-containers, zlib, stdenv +}: +mkDerivation { + pname = "hyphenation"; + version = "0.6"; + sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7"; + libraryHaskellDepends = [ + base bytestring containers unordered-containers zlib + ]; + homepage = "http://github.com/ekmett/hyphenation"; + description = "Configurable Knuth-Liang hyphenation"; + license = stdenv.lib.licenses.bsd3; + hydraPlatforms = stdenv.lib.platforms.none; + doCheck = false; +} -- cgit v1.2.3 From 174c7ab9bd60d948c494d42621cdc85fde8ac318 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 4 Nov 2016 23:40:43 +0100 Subject: tv git: add loldns --- tv/2configs/git.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index d937be2c..eb13e428 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -32,6 +32,9 @@ let get = {}; hack = {}; load-env = {}; + loldns = { + cgit.desc = "toy DNS server"; + }; make-snapshot = {}; much = {}; netcup = { -- cgit v1.2.3 From c8068a7c5027a94ca8480f94c6a31a5663c6106a Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Nov 2016 01:06:59 +0100 Subject: tv q: report charge, power, and remaining time --- tv/5pkgs/q/default.nix | 110 +++++++++++++++++++++++++++++++------------------ 1 file changed, 70 insertions(+), 40 deletions(-) diff --git a/tv/5pkgs/q/default.nix b/tv/5pkgs/q/default.nix index f923950f..016da440 100644 --- a/tv/5pkgs/q/default.nix +++ b/tv/5pkgs/q/default.nix @@ -62,47 +62,77 @@ let fi ''; - q-power_supply = '' - for uevent in /sys/class/power_supply/*/uevent; do - if test -f $uevent; then - eval "$(${pkgs.gnused}/bin/sed -n ' - s/^\([A-Z_]\+=\)\(.*\)/\1'\'''\2'\'''/p - ' $uevent)" - - if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then - continue - fi - - charge_percentage=$(echo " - scale=2 - $POWER_SUPPLY_CHARGE_NOW / $POWER_SUPPLY_CHARGE_FULL - " | ${pkgs.bc}/bin/bc) - - lfc=$POWER_SUPPLY_CHARGE_FULL - rc=$POWER_SUPPLY_CHARGE_NOW - #rc=2800 - N=78; N=76 - N=10 - n=$(echo $N-1 | ${pkgs.bc}/bin/bc) - centi=$(echo "$rc*100/$lfc" | ${pkgs.bc}/bin/bc) - deci=$(echo "$rc*$N/$lfc" | ${pkgs.bc}/bin/bc) - energy_evel=$( - echo -n '☳ ' # TRIGRAM FOR THUNDER - if test $centi -ge 42; then echo -n '' - elif test $centi -ge 23; then echo -n '' - elif test $centi -ge 11; then echo -n '' - else echo -n ''; fi - for i in $(${pkgs.coreutils}/bin/seq 1 $deci); do - echo -n ■ - done - echo -n '' - for i in $(${pkgs.coreutils}/bin/seq $deci $n); do - echo -n ■ - done - echo '' $rc #/ $lfc - ) - echo "$energy_evel $charge_percentage" + q-power_supply = let + power_supply = pkgs.writeBash "power_supply" '' + set -efu + uevent=$1 + eval "$(${pkgs.gnused}/bin/sed -n ' + s/^\([A-Z_]\+=[0-9A-Za-z_-]*\)$/export \1/p + ' $uevent)" + if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then + exit # not battery fi + exec = .42) t_col = "1;32" + else if (r >= 23) t_col = "1;33" + else if (r >= 11) t_col = "1;31" + else t_col = "5;1;31" + return sgr(t_col) strdup("■", t1) sgr(";30") strdup("■", t2) sgr() + } + + function sgr(p) { + return "\x1b[" p "m" + } + + function strdup(s,n,t) { + t = sprintf("%"n"s","") + gsub(/ /,s,t) + return t + } + + END { + voltage_unit = "V" + voltage_now = ENVIRON["POWER_SUPPLY_VOLTAGE_NOW"] / 10^6 + voltage_min_design = ENVIRON["POWER_SUPPLY_VOLTAGE_MIN_DESIGN"] / 10^6 + + current_unit = "A" + current_now = ENVIRON["POWER_SUPPLY_CURRENT_NOW"] / 10^6 + + power_unit = "W" + power_now = current_now * voltage_now + + charge_unit = "Ah" + charge_now = ENVIRON["POWER_SUPPLY_CHARGE_NOW"] / 10^6 + charge_full = ENVIRON["POWER_SUPPLY_CHARGE_FULL"] / 10^6 + charge_ratio = charge_now / charge_full + + energy_unit = "Wh" + energy_full = charge_full * voltage_min_design + + printf "%s %s %d%% %.2f%s/%.2f%s %d%s/%.1f%s %s\n" \ + , ENVIRON["POWER_SUPPLY_NAME"] \ + , print_bar(10, charge_ratio) \ + , charge_ratio * 100 \ + , charge_now, charge_unit \ + , current_now, current_unit \ + , energy_full, energy_unit \ + , power_now, power_unit \ + , print_hm(charge_now / current_now) + } + ' + ''; + in '' + for uevent in /sys/class/power_supply/*/uevent; do + ${power_supply} "$uevent" done ''; -- cgit v1.2.3 From 67f68fe7ea55b57c5a3e69470266386549709787 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Nov 2016 01:16:11 +0100 Subject: tv q: add intel_backlight --- tv/5pkgs/q/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tv/5pkgs/q/default.nix b/tv/5pkgs/q/default.nix index 016da440..7e2a30c3 100644 --- a/tv/5pkgs/q/default.nix +++ b/tv/5pkgs/q/default.nix @@ -62,6 +62,21 @@ let fi ''; + q-intel_backlight = '' + cd /sys/class/backlight/intel_backlight + Date: Mon, 7 Nov 2016 22:14:38 +0100 Subject: l 1 shodan: add /bku --- lass/1systems/shodan.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 9d1df1d7..09589838 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -75,6 +75,10 @@ with import ; fsType = "tmpfs"; options = ["nosuid" "nodev" "noatime"]; }; + "/bku" = { + device = "/dev/pool/bku"; + fsType = "ext4"; + }; }; services.udev.extraRules = '' -- cgit v1.2.3 From 9a34aea1a07e6a50d2f1b90c1dc2b3c3748db453 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 20:50:38 +0100 Subject: tv q power_supply: try not to die --- tv/5pkgs/q/default.nix | 97 ++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 74 insertions(+), 23 deletions(-) diff --git a/tv/5pkgs/q/default.nix b/tv/5pkgs/q/default.nix index 7e2a30c3..a3a7cd73 100644 --- a/tv/5pkgs/q/default.nix +++ b/tv/5pkgs/q/default.nix @@ -84,11 +84,18 @@ let eval "$(${pkgs.gnused}/bin/sed -n ' s/^\([A-Z_]\+=[0-9A-Za-z_-]*\)$/export \1/p ' $uevent)" - if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then - exit # not battery - fi + case $POWER_SUPPLY_NAME in + AC) + exit # not battery + ;; + esac exec Date: Thu, 10 Nov 2016 20:50:59 +0100 Subject: tv nixpkgs: 238c7e0 -> 1e1112e --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 514d313c..dbf31147 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "238c7e0dbf73d7f330689cb6ec4b1218526cee4e"; + ref = "1e1112edc57e93046f35707b874d2a4f3ff321e6"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From b5ddef3996ad4a3e19d26e8bc748b6d0c954113b Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 21:49:48 +0100 Subject: painload: init at 8df031f --- krebs/5pkgs/github-hosts-sync/default.nix | 8 ++------ krebs/5pkgs/painload/default.nix | 7 +++++++ 2 files changed, 9 insertions(+), 6 deletions(-) create mode 100644 krebs/5pkgs/painload/default.nix diff --git a/krebs/5pkgs/github-hosts-sync/default.nix b/krebs/5pkgs/github-hosts-sync/default.nix index 0dcbe7fd..bc4c58bb 100644 --- a/krebs/5pkgs/github-hosts-sync/default.nix +++ b/krebs/5pkgs/github-hosts-sync/default.nix @@ -1,13 +1,9 @@ -{ stdenv, fetchgit, pkgs, ... }: +{ pkgs, stdenv, ... }: stdenv.mkDerivation { name = "github-hosts-sync"; - src = fetchgit { - url = https://github.com/krebscode/painload; - rev = "35ccac73d563ad30d2851b9aeed4cfef69ff74e3"; - sha256 = "1y1fs2p3xj2yrqpw0h5kd0f3c5p1y70xk1hjnw99sr33r67s9c35"; - }; + src = pkgs.painload; phases = [ "unpackPhase" diff --git a/krebs/5pkgs/painload/default.nix b/krebs/5pkgs/painload/default.nix new file mode 100644 index 00000000..10fd379c --- /dev/null +++ b/krebs/5pkgs/painload/default.nix @@ -0,0 +1,7 @@ +{ fetchgit, ... }: + +fetchgit { + url = https://github.com/krebscode/painload; + rev = "8df031f810a2776d8c43b03a9793cb49398bd33b"; + sha256 = "03md5k6fmz0j1ny22iw96dzq7cvijbz24ii85i0h2dhcychdp650"; +} -- cgit v1.2.3 From 15121c8ae141ae0c2b81bbf69b1a2eac4e41c2f2 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 22:22:23 +0100 Subject: ni: init --- krebs/3modules/tv/default.nix | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 0e7535e6..eaec64d5 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -218,6 +218,49 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1vJsAddvxMA84u9iJEOrIkKn7pQiemMbfW5cfK1d7g root@mu"; }; + ni = { + extraZones = { + "krebsco.de" = '' + ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} + ''; + }; + nets = { + internet = { + ip4.addr = "188.68.36.196"; + aliases = [ + "ni.i" + ]; + ssh.port = 11423; + }; + retiolum = { + via = config.krebs.hosts.ni.nets.internet; + ip4.addr = "10.243.113.223"; + ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af4"; + aliases = [ + "ni.r" + "ni.retiolum" + "cgit.ni.r" + "cgit.ni.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA7NHuW8eLVhpBfL70WwcSGVmv4dijKLJs5cH/BmqK8zN2lpiLKt12 + bhaE1YEhGoGma7Kef1Fa0V9xUkJy6C1+sVlfWp/LeY8VRSX5E3u36TEl6kl/4zu6 + Ea/44BoGUSOC9ImxVEX51czA10PFjUSrGFyK0oaRlKNsTwwpNiBOY7/6i74bhn59 + OIsySRUBd2QPjYhJkiuc7gltVfwt6wteZh8R4w2rluVGYLQPsmN/XEWgJbhzI4im + W+3/bdewHVF1soZWtdocPLeXTn5HETX5g8p2V3bwYL37oIwkCcYxOeQtT7W+lNJ2 + NvIiVh4Phojl4dBUgUQGT0NApMnsaG/4LJpSC4AGiqbsznBdSPhepob7zJggPnWY + nfAs+YrUUZp1wovhSgWfYTRglRuyYvWkoGbq411H1efawyZ0gcMr+HQlSn2keQOv + lbcvdgOAxQiEcPVixPq3mTeKaSxWyIJGFceuqtnILGifRNvViX0uo9g5rLQ41PrJ + 9F3azz3gD2Uh73j5pvLU72cge7p1a7epPYWTJYf8oc5JcI3nYTKpSqH8IYaWUjv9 + q0NwOYFDhYtUcTwdbUNl/tUWKyBcovIe7f40723pHSijiPV2WDZC2M/mOc3dvWKF + Mf00uin+7uMuKtnG6+1z5nKb/AWrqN1RZu0rnG/IkZPKwa19HYsYcOkCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb"; + }; nomic = { cores = 2; nets = { -- cgit v1.2.3 From 916487575ad9da6cdefa41e3ee4e8989ef2080a0 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 22:28:00 +0100 Subject: krebs/3/${username}: drop lib --- krebs/3modules/default.nix | 10 +++++----- krebs/3modules/lass/default.nix | 2 +- krebs/3modules/makefu/default.nix | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index ec85464d..e6ad449f 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -90,11 +90,11 @@ let }; imp = lib.mkMerge [ - { krebs = import ./lass { inherit config lib; }; } - { krebs = import ./makefu { inherit config lib; }; } - { krebs = import ./mv { inherit config lib; }; } - { krebs = import ./shared { inherit config lib; }; } - { krebs = import ./tv { inherit config lib; }; } + { krebs = import ./lass { inherit config; }; } + { krebs = import ./makefu { inherit config; }; } + { krebs = import ./mv { inherit config; }; } + { krebs = import ./shared { inherit config; }; } + { krebs = import ./tv { inherit config; }; } { krebs.dns.providers = { "krebsco.de" = "zones"; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ad1221e8..5af1e37c 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, ... }: with import ; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 7317e0b6..ff187b87 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, ... }: with import ; -- cgit v1.2.3 From d02cebe5cef7ac6c12d8971f2a49a43a9a51e6bb Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:34:15 +0100 Subject: l 2 websites lass: add some experimental stuff --- lass/2configs/websites/lassulus.nix | 47 +++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index b8342e14..29374e97 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -37,6 +37,31 @@ in { }; }; + krebs.tinc_graphs.enable = true; + + users.users.lass-stuff = { + uid = genid "lass-stuff"; + description = "lassul.us blog cgi stuff"; + home = "/var/empty"; + }; + + services.phpfpm.poolConfigs."lass-stuff" = '' + listen = /var/run/lass-stuff.socket + user = lass-stuff + group = nginx + pm = dynamic + pm.max_children = 5 + pm.start_servers = 1 + pm.min_spare_servers = 1 + pm.max_spare_servers = 1 + listen.owner = lass-stuff + listen.group = nginx + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + security.limit_extensions = + ''; + users.groups.lasscert.members = [ "dovecot2" "ejabberd" @@ -53,6 +78,28 @@ in { (nameValuePair "/.well-known/acme-challenge" '' root /var/lib/acme/challenges/lassul.us/; '') + (nameValuePair "= /retiolum-hosts.tar.bz2" '' + alias ${config.krebs.tinc.retiolum.hostsArchive}; + '') + (nameValuePair "/tinc" '' + alias ${config.krebs.tinc_graphs.workingDir}/external; + '') + (let + script = pkgs.writeBash "test" '' + echo "hello world" + ''; + #script = pkgs.execve "ddate-wrapper" { + # filename = "${pkgs.ddate}/bin/ddate"; + # argv = []; + #}; + in nameValuePair "= /ddate" '' + gzip off; + fastcgi_pass unix:/var/run/lass-stuff.socket; + include ${pkgs.nginx}/conf/fastcgi_params; + fastcgi_param DOCUMENT_ROOT /var/empty; + fastcgi_param SCRIPT_FILENAME ${script}; + fastcgi_param SCRIPT_NAME ${script}; + '') ]; ssl = { enable = true; -- cgit v1.2.3 From dd67d49ea87d4248e7ad12844564302025d603c4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:34:34 +0100 Subject: l 2 websites util: add ownloud headers --- lass/2configs/websites/util.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 23f41719..55be8a8d 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -79,6 +79,8 @@ rec { add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; + add_header X-Download-Options noopen; + add_header X-Permitted-Cross-Domain-Policies none; # Path to the root of your installation root /srv/http/${domain}/; -- cgit v1.2.3 From f88b7c81f76b1f8048863dfc660c6378550edc19 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:34:59 +0100 Subject: l 5 xmonad: add xkill binding --- lass/5pkgs/xmonad-lass.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix index 0b05d514..ec3ad82a 100644 --- a/lass/5pkgs/xmonad-lass.nix +++ b/lass/5pkgs/xmonad-lass.nix @@ -119,6 +119,7 @@ myKeyMap = , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute 0 toggle") , ("", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-source-mute 1 toggle") , ("", gridselectWorkspace gridConfig W.view) + , ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill") , ("M4-a", focusUrgent) , ("M4-S-r", renameWorkspace def) -- cgit v1.2.3 From 46a27e5aa0b6c23f3be70484db0a390a2a0dbe10 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:40:39 +0100 Subject: l 2 buildbot: disable fast-tests (broken anyway)t --- lass/2configs/buildbot-standalone.nix | 51 ----------------------------------- 1 file changed, 51 deletions(-) diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index df01a84c..d453479d 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -25,20 +25,6 @@ in { pollinterval=120)) ''; scheduler = { - force-scheduler = '' - sched.append(schedulers.ForceScheduler( - name="force", - builderNames=["fast-tests"])) - ''; - fast-tests-scheduler = '' - # test everything real quick - sched.append(schedulers.SingleBranchScheduler( - ## all branches - change_filter=util.ChangeFilter(branch_re=".*"), - treeStableTimer=10, - name="fast-all-branches", - builderNames=["fast-tests"])) - ''; build-scheduler = '' # build all hosts sched.append(schedulers.SingleBranchScheduler( @@ -113,43 +99,6 @@ in { ''; - fast-tests = '' - f = util.BuildFactory() - f.addStep(grab_repo) - for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]: - addShell(f,name="build-{}".format(i),env=env_lass, - command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=eval \ - system={}".format(i)]) - - for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: - addShell(f,name="build-{}".format(i),env=env_makefu, - command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=eval \ - system={}".format(i)]) - - for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf" ]: - addShell(f,name="build-{}".format(i),env=env_shared, - command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=eval \ - system={}".format(i)]) - - bu.append(util.BuilderConfig(name="fast-tests", - slavenames=slavenames, - factory=f)) - ''; build-pkgs = '' f = util.BuildFactory() f.addStep(grab_repo) -- cgit v1.2.3 From 18e9bfd04a9e99d9ac68c45337e9508880663770 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 22:41:01 +0100 Subject: l 5 q: get battery & brightness stuff from tv --- lass/5pkgs/q/default.nix | 183 ++++++++++++++++++++++++++++++++++++----------- 1 file changed, 142 insertions(+), 41 deletions(-) diff --git a/lass/5pkgs/q/default.nix b/lass/5pkgs/q/default.nix index 571932b1..2f41ac92 100644 --- a/lass/5pkgs/q/default.nix +++ b/lass/5pkgs/q/default.nix @@ -55,47 +55,143 @@ let fi ''; - q-power_supply = '' + q-intel_backlight = '' + cd /sys/class/backlight/intel_backlight + = .42) t_col = "1;32" + else if (r >= 23) t_col = "1;33" + else if (r >= 11) t_col = "1;31" + else t_col = "5;1;31" + return sgr(t_col) strdup("■", t1) sgr(";30") strdup("■", t2) sgr() + } + + function sgr(p) { + return "\x1b[" p "m" + } + + function strdup(s,n,t) { + t = sprintf("%"n"s","") + gsub(/ /,s,t) + return t + } + + END { + name = ENVIRON["POWER_SUPPLY_NAME"] + + charge_unit = "Ah" + charge_now = ENVIRON["POWER_SUPPLY_CHARGE_NOW"] / 10^6 + charge_full = ENVIRON["POWER_SUPPLY_CHARGE_FULL"] / 10^6 + + current_unit = "A" + current_now = ENVIRON["POWER_SUPPLY_CURRENT_NOW"] / 10^6 + + energy_unit = "Wh" + energy_now = ENVIRON["POWER_SUPPLY_ENERGY_NOW"] / 10^6 + energy_full = ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6 + + power_unit = "W" + power_now = ENVIRON["POWER_SUPPLY_POWER_NOW"] / 10^6 + + voltage_unit = "V" + voltage_now = ENVIRON["POWER_SUPPLY_VOLTAGE_NOW"] / 10^6 + voltage_min_design = ENVIRON["POWER_SUPPLY_VOLTAGE_MIN_DESIGN"] / 10^6 + + #printf "charge_now: %s\n", charge_now + #printf "charge_full: %s\n", charge_full + #printf "current_now: %s\n", current_now + #printf "energy_now: %s\n", energy_now + #printf "energy_full: %s\n", energy_full + #printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"] + #printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6 + #printf "power_now: %s\n", power_now + #printf "voltage_now: %s\n", voltage_now + + if (current_now == 0 && voltage_now != 0) { + current_now = power_now / voltage_now + } + if (power_now == 0) { + power_now = current_now * voltage_now + } + if (charge_now == 0 && voltage_min_design != 0) { + charge_now = energy_now / voltage_min_design + } + if (energy_now == 0) { + energy_now = charge_now * voltage_min_design + } + if (charge_full == 0 && voltage_min_design != 0) { + charge_full = energy_full / voltage_min_design + } + if (energy_full == 0) { + energy_full = charge_full * voltage_min_design + } + + if (charge_now == 0 || charge_full == 0) { + die("unknown charge") + } + + charge_ratio = charge_now / charge_full + + out = out name + out = out sprintf(" %s", print_bar(10, charge_ratio)) + out = out sprintf(" %d%", charge_ratio * 100) + out = out sprintf(" %.2f%s", charge_now, charge_unit) + if (current_now != 0) { + out = out sprintf("/%.1f%s", current_now, current_unit) + } + out = out sprintf(" %d%s", energy_full, energy_unit) + if (power_now != 0) { + out = out sprintf("/%.1f%s", power_now, power_unit) + } + if (current_now != 0) { + out = out sprintf(" %s", print_hm(charge_now / current_now)) + } + + print out + } + ' + ''; + in '' for uevent in /sys/class/power_supply/*/uevent; do - if test -f $uevent; then - eval "$(${pkgs.gnused}/bin/sed -n ' - s/^\([A-Z_]\+=\)\(.*\)/\1'\'''\2'\'''/p - ' $uevent)" - - if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then - continue - fi - - charge_percentage=$(echo " - scale=2 - $POWER_SUPPLY_CHARGE_NOW / $POWER_SUPPLY_CHARGE_FULL - " | ${pkgs.bc}/bin/bc) - - lfc=$POWER_SUPPLY_CHARGE_FULL - rc=$POWER_SUPPLY_CHARGE_NOW - #rc=2800 - N=78; N=76 - N=10 - n=$(echo $N-1 | ${pkgs.bc}/bin/bc) - centi=$(echo "$rc*100/$lfc" | ${pkgs.bc}/bin/bc) - deci=$(echo "$rc*$N/$lfc" | ${pkgs.bc}/bin/bc) - energy_evel=$( - echo -n '☳ ' # TRIGRAM FOR THUNDER - if test $centi -ge 42; then echo -n '' - elif test $centi -ge 23; then echo -n '' - elif test $centi -ge 11; then echo -n '' - else echo -n ''; fi - for i in $(${pkgs.coreutils}/bin/seq 1 $deci); do - echo -n ■ - done - echo -n '' - for i in $(${pkgs.coreutils}/bin/seq $deci $n); do - echo -n ■ - done - echo '' $rc #/ $lfc - ) - echo "$energy_evel $charge_percentage" - fi + ${power_supply} "$uevent" || : done ''; @@ -171,15 +267,20 @@ in pkgs.writeBashBin "q" '' set -eu export PATH=/var/empty + (${q-todo}) || : + if [ "$PWD" != "$HOME" ]; then + (HOME=$PWD; ${q-todo}) || : + fi + echo ${q-cal} echo ${q-isodate} (${q-gitdir}) & + (${q-intel_backlight}) & (${q-power_supply}) & (${q-virtualization}) & (${q-wireless}) & (${q-online}) & (${q-thermal_zone}) & wait - ${q-todo} '' -- cgit v1.2.3 From 941fb77ae550beda1af873536f80ac2180a6afa9 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:00:04 +0100 Subject: krebs.tinc.retiolum: update connectTo default --- krebs/3modules/retiolum.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index ed99cc55..0a3d7ed2 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -134,7 +134,11 @@ let connectTo = mkOption { type = types.listOf types.str; - default = [ "fastpoke" "cd" "prism" "gum" ]; + ${if tinc.config.netname == "retiolum" then "default" else null} = [ + "gum" + "ni" + "prism" + ]; description = '' The list of hosts in the network which the client will try to connect to. These hosts should have an 'Address' configured which points to a -- cgit v1.2.3 From 8ba54ab453f6fd0805214eeef6f60fa470760fca Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:15:33 +0100 Subject: pkgs.*.src.url: s/cd/ni/g --- krebs/3modules/os-release.nix | 2 +- krebs/3modules/tv/default.nix | 1 + krebs/5pkgs/cac-api/default.nix | 2 +- krebs/5pkgs/get/default.nix | 2 +- krebs/5pkgs/haskell-overrides/blessings.nix | 2 +- krebs/5pkgs/haskell-overrides/scanner.nix | 2 +- krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix | 2 +- krebs/5pkgs/much/default.nix | 2 +- krebs/5pkgs/populate/default.nix | 2 +- krebs/5pkgs/push/default.nix | 2 +- krebs/5pkgs/with-tmpdir/default.nix | 2 +- tv/2configs/git.nix | 2 +- 12 files changed, 12 insertions(+), 11 deletions(-) diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix index 50cf72ef..0779feed 100644 --- a/krebs/3modules/os-release.nix +++ b/krebs/3modules/os-release.nix @@ -13,7 +13,7 @@ let version-id = "${stockholm-version-id}/${nixos-version-id}"; pretty-name = "${stockholm-pretty-name} / ${nixos-pretty-name}"; - home-url = http://cgit.cd.krebsco.de/stockholm; + home-url = http://cgit.ni.krebsco.de/stockholm; in { # http://0pointer.de/public/systemd-man/os-release.html diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index eaec64d5..c6381077 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -222,6 +222,7 @@ with import ; extraZones = { "krebsco.de" = '' ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} + cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} ''; }; nets = { diff --git a/krebs/5pkgs/cac-api/default.nix b/krebs/5pkgs/cac-api/default.nix index 85a906e1..e2bd8c14 100644 --- a/krebs/5pkgs/cac-api/default.nix +++ b/krebs/5pkgs/cac-api/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation { name = "cac-api-1.1.2"; src = fetchgit { - url = http://cgit.cd.krebsco.de/cac-api; + url = http://cgit.ni.krebsco.de/cac-api; rev = "67e93510e7742acae44db30275abbfe671aa9b7b"; sha256 = "1vxh57j7vrq5sg9j1sam0538kkkhqpgf230vvdz2ifzgkj01z27l"; }; diff --git a/krebs/5pkgs/get/default.nix b/krebs/5pkgs/get/default.nix index 7dda8660..83f6b022 100644 --- a/krebs/5pkgs/get/default.nix +++ b/krebs/5pkgs/get/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation { name = "get-1.4.1"; src = fetchgit { - url = http://cgit.cd.krebsco.de/get; + url = http://cgit.ni.krebsco.de/get; rev = "41c0c35805ec1708729f73d14650d8ebc94a405b"; sha256 = "0rx1qsbb4py14795yhhqwlvaibj2569fqm7x2671l868xi59h9f9"; }; diff --git a/krebs/5pkgs/haskell-overrides/blessings.nix b/krebs/5pkgs/haskell-overrides/blessings.nix index ba776b35..5fb57a33 100644 --- a/krebs/5pkgs/haskell-overrides/blessings.nix +++ b/krebs/5pkgs/haskell-overrides/blessings.nix @@ -3,7 +3,7 @@ mkDerivation { pname = "blessings"; version = "1.0.0"; src = fetchgit { - url = http://cgit.cd.krebsco.de/blessings; + url = http://cgit.ni.krebsco.de/blessings; rev = "25a510dcb38ea9158e9969d56eb66cb1b860ab5f"; sha256 = "0xg329h1y68ndg4w3m1jp38pkg3gqg7r19q70gqqj4mswb6qcrqc"; }; diff --git a/krebs/5pkgs/haskell-overrides/scanner.nix b/krebs/5pkgs/haskell-overrides/scanner.nix index 5146fa41..071fd757 100644 --- a/krebs/5pkgs/haskell-overrides/scanner.nix +++ b/krebs/5pkgs/haskell-overrides/scanner.nix @@ -3,7 +3,7 @@ mkDerivation { pname = "scanner"; version = "1.0.0"; src = fetchgit { - url = http://cgit.cd.krebsco.de/scanner; + url = http://cgit.ni.krebsco.de/scanner; rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad"; sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn"; }; diff --git a/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix b/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix index 12eab943..bf19e7d6 100644 --- a/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix +++ b/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix @@ -5,7 +5,7 @@ mkDerivation { pname = "xmonad-stockholm"; version = "1.1.0"; src = fetchgit { - url = http://cgit.cd.krebsco.de/xmonad-stockholm; + url = http://cgit.ni.krebsco.de/xmonad-stockholm; rev = "179d29fd4c765dee698058ef63295331ac603639"; sha256 = "0c6mj68xsxxr4j8adkzhjszi7bg6cpisrsmqn587a16sblpbrnkj"; }; diff --git a/krebs/5pkgs/much/default.nix b/krebs/5pkgs/much/default.nix index 61a58b01..aa3c56fe 100644 --- a/krebs/5pkgs/much/default.nix +++ b/krebs/5pkgs/much/default.nix @@ -12,7 +12,7 @@ mkDerivation { pname = "much"; version = "1.0.0"; src = fetchgit { - url = "http://cgit.cd.krebsco.de/much"; + url = "http://cgit.ni.krebsco.de/much"; rev = "045dc986b4de225a927175f81c8ccfdab450202c"; sha256 = "17jbw7x82a3bgn1qv5k764f103knrf865dmx48h7192vdh8gz766"; }; diff --git a/krebs/5pkgs/populate/default.nix b/krebs/5pkgs/populate/default.nix index dc5750bd..3ec43222 100644 --- a/krebs/5pkgs/populate/default.nix +++ b/krebs/5pkgs/populate/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { version = "1.2.0"; src = fetchgit { - url = http://cgit.cd.krebsco.de/populate; + url = http://cgit.ni.krebsco.de/populate; rev = "refs/tags/v${version}"; sha256 = "0q3110hkkxn9bc3a63xbx1hyd1fpzz4wrck4lng3j5a9i1y1jm07"; }; diff --git a/krebs/5pkgs/push/default.nix b/krebs/5pkgs/push/default.nix index 9a627fe3..2e0291aa 100644 --- a/krebs/5pkgs/push/default.nix +++ b/krebs/5pkgs/push/default.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation { name = "push-1.1.2"; src = fetchgit { - url = http://cgit.cd.krebsco.de/push; + url = http://cgit.ni.krebsco.de/push; rev = "da5b3a4b05ef822cc41d36b6cc2071a2e78506d4"; sha256 = "0gfxz207lm11g77rw02jcqpvzhx07j9hzgjgscbmslzl5r8icd6g"; }; diff --git a/krebs/5pkgs/with-tmpdir/default.nix b/krebs/5pkgs/with-tmpdir/default.nix index 517e4631..9862671f 100644 --- a/krebs/5pkgs/with-tmpdir/default.nix +++ b/krebs/5pkgs/with-tmpdir/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation { name = "with-tmpdir-1"; src = fetchgit { - url = http://cgit.cd.krebsco.de/with-tmpdir; + url = http://cgit.ni.krebsco.de/with-tmpdir; rev = "3243c02ed8cd27a04c080bd39560204980f6c16a"; sha256 = "80ee6cafb2c337999ddcd1e41747d6256b7cfcea605358c2046eb7e3729555c6"; }; diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index eb13e428..b38ef00f 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -84,7 +84,7 @@ let make-public-repo = name: { cgit ? {}, ... }: { inherit cgit name; public = true; - hooks = optionalAttrs (config.krebs.build.host.name == "cd") { + hooks = optionalAttrs (config.krebs.build.host.name == "ni") { post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; -- cgit v1.2.3 From 2adac450ac1f613acd81069895448623a4c8937b Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:17:36 +0100 Subject: ni aliases += cgit.ni.i --- krebs/3modules/tv/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index c6381077..ca8e577d 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -229,6 +229,7 @@ with import ; internet = { ip4.addr = "188.68.36.196"; aliases = [ + "cgit.ni.i" "ni.i" ]; ssh.port = 11423; -- cgit v1.2.3 From e6c7b13f5990d96e269ee12b9bf6b15bfa7d5b82 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 10 Nov 2016 23:20:05 +0100 Subject: l 2 repo-sync: fetch from ni (was cd) --- lass/2configs/repo-sync.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index f2e4de6a..f5879a82 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -41,7 +41,7 @@ let mirror.url = "${mirror}${name}"; }; tv = { - origin.url = "http://cgit.cd/${name}"; + origin.url = "http://cgit.ni.i/${name}"; mirror.url = "${mirror}${name}"; }; lassulus = { -- cgit v1.2.3 From f458fd8be96e39b2ba6cf15f0ee48b38f294044c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:50:34 +0100 Subject: cd: drop stuff now done by ni --- krebs/3modules/tv/default.nix | 10 ++------ tv/1systems/cd.nix | 58 ------------------------------------------- 2 files changed, 2 insertions(+), 66 deletions(-) diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index ca8e577d..8e266e1b 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -78,11 +78,7 @@ with import ; extraZones = { # TODO generate krebsco.de zone from nets and don't use extraZones at all "krebsco.de" = '' - krebsco.de. 60 IN MX 5 mx23 - mx23 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} - cgit 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} - cgit.cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} ''; }; nets = { @@ -90,11 +86,7 @@ with import ; ip4.addr = "45.62.237.203"; aliases = [ "cd.i" - "cd.internet" "cd.krebsco.de" - "cgit.cd.krebsco.de" - "cd.viljetic.de" - "cgit.cd.viljetic.de" ]; ssh.port = 11423; }; @@ -221,7 +213,9 @@ with import ; ni = { extraZones = { "krebsco.de" = '' + krebsco.de. 60 IN MX 5 ni ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} + cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} ''; }; diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 043e9151..03a5e58d 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -10,9 +10,7 @@ with import ; ../2configs/hw/CAC-Developer-2.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix - ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/urlwatch.nix { tv.charybdis = { enable = true; @@ -33,62 +31,6 @@ with import ; "xmpp-server" ]; } - { - krebs.github-hosts-sync.enable = true; - tv.iptables.input-internet-accept-tcp = - singleton config.krebs.github-hosts-sync.port; - } - { - krebs.nginx.servers.cgit.server-names = [ - "cgit.cd.krebsco.de" - "cgit.cd.viljetic.de" - ]; - # TODO make public_html also available to cd, cd.retiolum (AKA default) - krebs.nginx.servers."https://viljetic.de" = { - server-names = singleton "viljetic.de"; - listen = mkForce []; # disable default - ssl = { - enable = true; - certificate = "/var/lib/acme/viljetic.de/fullchain.pem"; - certificate_key = "/var/lib/acme/viljetic.de/key.pem"; - }; - locations = [ - (nameValuePair "/" '' - root ${pkgs.viljetic-pages}; - '') - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; - }; - krebs.nginx.servers."http://viljetic.de" = { - server-names = singleton "viljetic.de"; - locations = [ - (nameValuePair "/.well-known/acme-challenge/" '' - root /var/lib/acme/challenges/viljetic.de/; - '') - (nameValuePair "/" '' - return 301 https://viljetic.de$request_uri; - '') - ]; - }; - security.acme = { - certs."viljetic.de" = { - email = "tomislav@viljetic.de"; - webroot = "/var/lib/acme/challenges/viljetic.de"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - ]; - user = "nginx"; - }; - }; - tv.iptables.input-internet-accept-tcp = [ - "http" - "https" - ]; - } ]; networking = { -- cgit v1.2.3 From a125dad5a88a5d30acb061dad36be07aadf3d28a Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:54:09 +0100 Subject: tv retiolum: s/cd|echelon/ni/ --- tv/2configs/retiolum.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix index ad1116d4..a914dad4 100644 --- a/tv/2configs/retiolum.nix +++ b/tv/2configs/retiolum.nix @@ -7,9 +7,8 @@ with import ; enable = true; connectTo = filter (ne config.krebs.build.host.name) [ "gum" + "ni" "prism" - "echelon" - "cd" ]; tincPackage = pkgs.tinc_pre; }; -- cgit v1.2.3 From ae73660522fb8a02a86eaa7124285a3aaa3cbb14 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 11 Nov 2016 01:50:59 +0100 Subject: krebs: no extraHosts w/o aliases #2 --- krebs/3modules/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index e6ad449f..82ede952 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -130,7 +130,9 @@ let shorts = let s = ".${cfg.search-domain}"; in map (removeSuffix s) (filter (hasSuffix s) longs); in - map (addr: "${addr} ${toString aliases}") net.addrs + optionals + (aliases != []) + (map (addr: "${addr} ${toString aliases}") net.addrs) ) (filterAttrs (name: host: host.aliases != []) host.nets) ) cfg.hosts )); -- cgit v1.2.3 From b837dec290e54f532cd5539c93a663ba11f68c54 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 11 Nov 2016 08:47:46 +0100 Subject: cd: drop stuff now done by ni #2 --- lass/2configs/buildbot-standalone.nix | 2 +- lass/2configs/git.nix | 2 +- lass/2configs/repo-sync.nix | 4 ++-- makefu/1systems/gum.nix | 2 +- makefu/1systems/pnp.nix | 2 +- makefu/2configs/git/brain-retiolum.nix | 2 +- makefu/2configs/git/cgit-retiolum.nix | 2 +- shared/2configs/cgit-mirror.nix | 2 +- shared/2configs/repo-sync.nix | 2 +- shared/2configs/shared-buildbot.nix | 2 +- tv/1systems/cd.nix | 20 -------------------- tv/2configs/git.nix | 2 +- tv/5pkgs/netcup/default.nix | 2 +- tv/Zcerts/charybdis_cd.crt.pem | 24 ------------------------ 14 files changed, 13 insertions(+), 57 deletions(-) delete mode 100644 tv/Zcerts/charybdis_cd.crt.pem diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index df01a84c..d6dc1b22 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -212,7 +212,7 @@ in { irc = { enable = true; nick = "buildbot-lass"; - server = "cd.retiolum"; + server = "ni.r"; channels = [ "retiolum" ]; allowForce = true; }; diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 06cae734..57950e1b 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -54,7 +54,7 @@ let # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#retiolum"; - server = "cd.retiolum"; + server = "ni.r"; verbose = config.krebs.build.host.name == "prism"; branches = [ "master" ]; }; diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index f8814973..fe782c4c 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -15,7 +15,7 @@ let nick = config.networking.hostName; verbose = false; channel = "#retiolum"; - server = "cd.retiolum"; + server = "ni.r"; branches = [ "newest" ]; }; }); @@ -41,7 +41,7 @@ let mirror.url = "${mirror}${name}"; }; tv = { - origin.url = "http://cgit.cd/${name}"; + origin.url = "http://cgit.ni.r/${name}"; mirror.url = "${mirror}${name}"; }; lassulus = { diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index bfd880b8..86882554 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -40,7 +40,7 @@ in { ''; connectTo = [ "muhbaasu" "tahoe" "flap" "wry" - "cd" + "ni" "fastpoke" "prism" "dishfire" "echelon" "cloudkrebs" ]; }; diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index a460a87e..0c3676c8 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -36,7 +36,7 @@ enable = true; debug = true; extraEnviron = { - REAKTOR_HOST = "cd.retiolum"; + REAKTOR_HOST = "ni.r"; }; plugins = with pkgs.ReaktorPlugins; [ stockholm-issue nixos-version sed-plugin ]; channels = [ "#retiolum" ]; diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index 81305272..b637ca03 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -29,7 +29,7 @@ let nick = config.networking.hostName; channel = "#retiolum"; # TODO remove the hardcoded hostname - server = "cd.retiolum"; + server = "ni.r"; }; }; }; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 5c2a0fbd..553a2397 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -52,7 +52,7 @@ let verbose = config.krebs.build.host.name == "gum"; channel = "#retiolum"; # TODO remove the hardcoded hostname - server = "cd.retiolum"; + server = "ni.r"; }; }; }; diff --git a/shared/2configs/cgit-mirror.nix b/shared/2configs/cgit-mirror.nix index a3860a0e..c2326a5c 100644 --- a/shared/2configs/cgit-mirror.nix +++ b/shared/2configs/cgit-mirror.nix @@ -17,7 +17,7 @@ let nick = config.networking.hostName; verbose = false; channel = "#retiolum"; - server = "cd.retiolum"; + server = "ni.r"; }; }; }; diff --git a/shared/2configs/repo-sync.nix b/shared/2configs/repo-sync.nix index 753b0f47..4219e5d0 100644 --- a/shared/2configs/repo-sync.nix +++ b/shared/2configs/repo-sync.nix @@ -13,7 +13,7 @@ with lib; mirror.url = mirror; }; tv = { - origin.url = http://cgit.cd/stockholm ; + origin.url = http://cgit.ni.r/stockholm; mirror.url = mirror; }; lassulus = { diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix index 22144e9e..7aed6272 100644 --- a/shared/2configs/shared-buildbot.nix +++ b/shared/2configs/shared-buildbot.nix @@ -159,7 +159,7 @@ irc = { enable = true; nick = "wolfbot"; - server = "cd.retiolum"; + server = "ni.r"; channels = [ "retiolum" ]; allowForce = true; }; diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 03a5e58d..dd8e2cc6 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -11,26 +11,6 @@ with import ; ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix ../2configs/retiolum.nix - { - tv.charybdis = { - enable = true; - ssl_cert = ../Zcerts/charybdis_cd.crt.pem; - }; - tv.iptables.input-retiolum-accept-tcp = [ - config.tv.charybdis.port - config.tv.charybdis.sslport - ]; - } - { - tv.ejabberd = { - enable = true; - hosts = [ "jabber.viljetic.de" ]; - }; - tv.iptables.input-internet-accept-tcp = [ - "xmpp-client" - "xmpp-server" - ]; - } ]; networking = { diff --git a/tv/2configs/git