From a89e7a5c75204c5d1ad825f25430830f718a0411 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 16 May 2017 22:03:42 +0200 Subject: krebs.tinc: expose confDir --- krebs/3modules/retiolum.nix | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 0a3d7ed2f..67d383bb1 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -18,6 +18,26 @@ let enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + confDir = mkOption { + type = types.package; + default = pkgs.linkFarm "${netname}-etc-tinc" + (mapAttrsToList (name: path: { inherit name path; }) { + "hosts" = tinc.config.hostsPackage; + "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' + Name = ${tinc.config.host.name} + Interface = ${netname} + ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} + PrivateKeyFile = ${tinc.config.privkey.path} + Port = ${toString tinc.config.host.nets.${netname}.tinc.port} + ${tinc.config.extraConfig} + ''; + "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' + ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ${tinc.config.tincUp} + ''; + }); + }; + host = mkOption { type = types.host; default = config.krebs.build.host; @@ -179,25 +199,6 @@ let let tinc = cfg.tincPackage; iproute = cfg.iproutePackage; - - confDir = let - namePathPair = name: path: { inherit name path; }; - in pkgs.linkFarm "${netname}-etc-tinc" (mapAttrsToList namePathPair { - "hosts" = cfg.hostsPackage; - "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" '' - Name = ${cfg.host.name} - Interface = ${netname} - ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)} - PrivateKeyFile = ${cfg.privkey.path} - Port = ${toString cfg.host.nets.${cfg.netname}.tinc.port} - ${cfg.extraConfig} - ''; - "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${iproute}/sbin/ip link set ${netname} up - ${cfg.tincUp} - ''; - } - ); in { description = "Tinc daemon for ${netname}"; after = [ "network.target" ]; @@ -206,7 +207,7 @@ let path = [ tinc iproute ]; serviceConfig = rec { Restart = "always"; - ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; + ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; SyslogIdentifier = netname; }; } -- cgit v1.2.3 From fe639f585e9054096c2cee6e1a3cef9f22a37c78 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 22:06:31 +0200 Subject: k3: retiolum.nix -> tinc.nix --- krebs/3modules/default.nix | 2 +- krebs/3modules/retiolum.nix | 216 -------------------------------------------- krebs/3modules/tinc.nix | 216 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 217 insertions(+), 217 deletions(-) delete mode 100644 krebs/3modules/retiolum.nix create mode 100644 krebs/3modules/tinc.nix diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index daa963bc8..227eb209b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -34,10 +34,10 @@ let ./Reaktor.nix ./realwallpaper.nix ./retiolum-bootstrap.nix - ./retiolum.nix ./rtorrent.nix ./secret.nix ./setuid.nix + ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix ./repo-sync.nix diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix deleted file mode 100644 index 67d383bb1..000000000 --- a/krebs/3modules/retiolum.nix +++ /dev/null @@ -1,216 +0,0 @@ -{ config, pkgs, lib, ... }: -with import ; -let - out = { - options.krebs.tinc = api; - config = imp; - }; - - api = mkOption { - default = {}; - description = '' - define a tinc network - ''; - type = with types; attrsOf (submodule (tinc: { - options = let - netname = tinc.config._module.args.name; - in { - - enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; - - confDir = mkOption { - type = types.package; - default = pkgs.linkFarm "${netname}-etc-tinc" - (mapAttrsToList (name: path: { inherit name path; }) { - "hosts" = tinc.config.hostsPackage; - "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' - Name = ${tinc.config.host.name} - Interface = ${netname} - ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} - PrivateKeyFile = ${tinc.config.privkey.path} - Port = ${toString tinc.config.host.nets.${netname}.tinc.port} - ${tinc.config.extraConfig} - ''; - "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up - ${tinc.config.tincUp} - ''; - }); - }; - - host = mkOption { - type = types.host; - default = config.krebs.build.host; - }; - - netname = mkOption { - type = types.enum (attrNames tinc.config.host.nets); - default = netname; - description = '' - The tinc network name. - It is used to name the TUN device and to generate the default value for - config.krebs.tinc.retiolum.hosts. - ''; - }; - - extraConfig = mkOption { - type = types.str; - default = ""; - description = '' - Extra Configuration to be appended to tinc.conf - ''; - }; - tincUp = mkOption { - type = types.string; - default = let - net = tinc.config.host.nets.${netname}; - iproute = tinc.config.iproutePackage; - in '' - ${optionalString (net.ip4 != null) /* sh */ '' - ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname} - ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname} - ''} - ${optionalString (net.ip6 != null) /* sh */ '' - ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname} - ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname} - ''} - ''; - description = '' - tinc-up script to be used. Defaults to setting the - krebs.host.nets..ip4 and ip6 for the new ips and - configures forwarding of the respecitive netmask as subnet. - ''; - }; - - tincPackage = mkOption { - type = types.package; - default = pkgs.tinc; - description = "Tincd package to use."; - }; - - hosts = mkOption { - type = with types; attrsOf host; - default = - filterAttrs (_: h: hasAttr tinc.config.netname h.nets) config.krebs.hosts; - description = '' - Hosts to generate config.krebs.tinc.retiolum.hostsPackage. - Note that these hosts must have a network named - config.krebs.tinc.retiolum.netname. - ''; - }; - - hostsArchive = mkOption { - type = types.package; - default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' - ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts - ${pkgs.gnutar}/bin/tar -hcjf $out hosts - ''; - readOnly = true; - }; - - hostsPackage = mkOption { - type = types.package; - default = pkgs.stdenv.mkDerivation { - name = "${tinc.config.netname}-tinc-hosts"; - phases = [ "installPhase" ]; - installPhase = '' - mkdir $out - ${concatStrings (lib.mapAttrsToList (_: host: '' - echo ${shell.escape host.nets."${tinc.config.netname}".tinc.config} \ - > $out/${shell.escape host.name} - '') tinc.config.hosts)} - ''; - }; - description = '' - Package of tinc host configuration files. By default, a package will - be generated from config.krebs.${tinc.config.netname}.hosts. This - option's main purpose is to expose the generated hosts package to other - modules, like config.krebs.tinc_graphs. But it can - also be used to provide a custom hosts directory. - ''; - example = literalExample '' - (pkgs.stdenv.mkDerivation { - name = "my-tinc-hosts"; - src = /home/tv/my-tinc-hosts; - installPhase = "cp -R . $out"; - }) - ''; - }; - - iproutePackage = mkOption { - type = types.package; - default = pkgs.iproute; - description = "Iproute2 package to use."; - }; - - privkey = mkOption { - type = types.secret-file; - default = { - path = "${tinc.config.user.home}/tinc.rsa_key.priv"; - owner = tinc.config.user; - source-path = toString + "/${tinc.config.netname}.rsa_key.priv"; - }; - }; - - connectTo = mkOption { - type = types.listOf types.str; - ${if tinc.config.netname == "retiolum" then "default" else null} = [ - "gum" - "ni" - "prism" - ]; - description = '' - The list of hosts in the network which the client will try to connect - to. These hosts should have an 'Address' configured which points to a - routeable IPv4 or IPv6 address. - - In stockholm this can be done by configuring: - krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.ip4.addr = external-ip - krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.tinc.port = 1655; - ''; - }; - - user = mkOption { - type = types.user; - default = { - name = tinc.config.netname; - home = "/var/lib/${tinc.config.user.name}"; - }; - }; - }; - })); - }; - - imp = { - # TODO `environment.systemPackages = [ cfg.tincPackage cfg.iproutePackage ]` for each network, - # avoid conflicts in environment if the packages differ - - krebs.secret.files = mapAttrs' (netname: cfg: - nameValuePair "${netname}.rsa_key.priv" cfg.privkey ) config.krebs.tinc; - - users.users = mapAttrs' (netname: cfg: - nameValuePair "${netname}" { - inherit (cfg.user) home name uid; - createHome = true; - } - ) config.krebs.tinc; - - systemd.services = mapAttrs (netname: cfg: - let - tinc = cfg.tincPackage; - iproute = cfg.iproutePackage; - in { - description = "Tinc daemon for ${netname}"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - requires = [ "secret.service" ]; - path = [ tinc iproute ]; - serviceConfig = rec { - Restart = "always"; - ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; - SyslogIdentifier = netname; - }; - } - ) config.krebs.tinc; - }; -in out diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix new file mode 100644 index 000000000..67d383bb1 --- /dev/null +++ b/krebs/3modules/tinc.nix @@ -0,0 +1,216 @@ +{ config, pkgs, lib, ... }: +with import ; +let + out = { + options.krebs.tinc = api; + config = imp; + }; + + api = mkOption { + default = {}; + description = '' + define a tinc network + ''; + type = with types; attrsOf (submodule (tinc: { + options = let + netname = tinc.config._module.args.name; + in { + + enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + + confDir = mkOption { + type = types.package; + default = pkgs.linkFarm "${netname}-etc-tinc" + (mapAttrsToList (name: path: { inherit name path; }) { + "hosts" = tinc.config.hostsPackage; + "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' + Name = ${tinc.config.host.name} + Interface = ${netname} + ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} + PrivateKeyFile = ${tinc.config.privkey.path} + Port = ${toString tinc.config.host.nets.${netname}.tinc.port} + ${tinc.config.extraConfig} + ''; + "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' + ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ${tinc.config.tincUp} + ''; + }); + }; + + host = mkOption { + type = types.host; + default = config.krebs.build.host; + }; + + netname = mkOption { + type = types.enum (attrNames tinc.config.host.nets); + default = netname; + description = '' + The tinc network name. + It is used to name the TUN device and to generate the default value for + config.krebs.tinc.retiolum.hosts. + ''; + }; + + extraConfig = mkOption { + type = types.str; + default = ""; + description = '' + Extra Configuration to be appended to tinc.conf + ''; + }; + tincUp = mkOption { + type = types.string; + default = let + net = tinc.config.host.nets.${netname}; + iproute = tinc.config.iproutePackage; + in '' + ${optionalString (net.ip4 != null) /* sh */ '' + ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname} + ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname} + ''} + ${optionalString (net.ip6 != null) /* sh */ '' + ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname} + ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname} + ''} + ''; + description = '' + tinc-up script to be used. Defaults to setting the + krebs.host.nets..ip4 and ip6 for the new ips and + configures forwarding of the respecitive netmask as subnet. + ''; + }; + + tincPackage = mkOption { + type = types.package; + default = pkgs.tinc; + description = "Tincd package to use."; + }; + + hosts = mkOption { + type = with types; attrsOf host; + default = + filterAttrs (_: h: hasAttr tinc.config.netname h.nets) config.krebs.hosts; + description = '' + Hosts to generate config.krebs.tinc.retiolum.hostsPackage. + Note that these hosts must have a network named + config.krebs.tinc.retiolum.netname. + ''; + }; + + hostsArchive = mkOption { + type = types.package; + default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' + ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts + ${pkgs.gnutar}/bin/tar -hcjf $out hosts + ''; + readOnly = true; + }; + + hostsPackage = mkOption { + type = types.package; + default = pkgs.stdenv.mkDerivation { + name = "${tinc.config.netname}-tinc-hosts"; + phases = [ "installPhase" ]; + installPhase = '' + mkdir $out + ${concatStrings (lib.mapAttrsToList (_: host: '' + echo ${shell.escape host.nets."${tinc.config.netname}".tinc.config} \ + > $out/${shell.escape host.name} + '') tinc.config.hosts)} + ''; + }; + description = '' + Package of tinc host configuration files. By default, a package will + be generated from config.krebs.${tinc.config.netname}.hosts. This + option's main purpose is to expose the generated hosts package to other + modules, like config.krebs.tinc_graphs. But it can + also be used to provide a custom hosts directory. + ''; + example = literalExample '' + (pkgs.stdenv.mkDerivation { + name = "my-tinc-hosts"; + src = /home/tv/my-tinc-hosts; + installPhase = "cp -R . $out"; + }) + ''; + }; + + iproutePackage = mkOption { + type = types.package; + default = pkgs.iproute; + description = "Iproute2 package to use."; + }; + + privkey = mkOption { + type = types.secret-file; + default = { + path = "${tinc.config.user.home}/tinc.rsa_key.priv"; + owner = tinc.config.user; + source-path = toString + "/${tinc.config.netname}.rsa_key.priv"; + }; + }; + + connectTo = mkOption { + type = types.listOf types.str; + ${if tinc.config.netname == "retiolum" then "default" else null} = [ + "gum" + "ni" + "prism" + ]; + description = '' + The list of hosts in the network which the client will try to connect + to. These hosts should have an 'Address' configured which points to a + routeable IPv4 or IPv6 address. + + In stockholm this can be done by configuring: + krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.ip4.addr = external-ip + krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.tinc.port = 1655; + ''; + }; + + user = mkOption { + type = types.user; + default = { + name = tinc.config.netname; + home = "/var/lib/${tinc.config.user.name}"; + }; + }; + }; + })); + }; + + imp = { + # TODO `environment.systemPackages = [ cfg.tincPackage cfg.iproutePackage ]` for each network, + # avoid conflicts in environment if the packages differ + + krebs.secret.files = mapAttrs' (netname: cfg: + nameValuePair "${netname}.rsa_key.priv" cfg.privkey ) config.krebs.tinc; + + users.users = mapAttrs' (netname: cfg: + nameValuePair "${netname}" { + inherit (cfg.user) home name uid; + createHome = true; + } + ) config.krebs.tinc; + + systemd.services = mapAttrs (netname: cfg: + let + tinc = cfg.tincPackage; + iproute = cfg.iproutePackage; + in { + description = "Tinc daemon for ${netname}"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + requires = [ "secret.service" ]; + path = [ tinc iproute ]; + serviceConfig = rec { + Restart = "always"; + ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; + SyslogIdentifier = netname; + }; + } + ) config.krebs.tinc; + }; +in out -- cgit v1.2.3 From e1350904390ca40e9ab8186c0ff27d088431a430 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 23:18:28 +0200 Subject: l 2 retiolum: don't open smtp --- lass/2configs/retiolum.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 7a7bf95be..647327de5 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -5,7 +5,6 @@ krebs.iptables = { tables = { filter.INPUT.rules = [ - { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } ]; -- cgit v1.2.3 From 0c2dc4ff66eded9f718a242bb342b366ee6c6978 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 23:19:08 +0200 Subject: tinc module: add option enableLegacy --- krebs/3modules/tinc.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 67d383bb1..8af15c13b 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -17,6 +17,7 @@ let in { enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + enableLegacy = mkEnableOption "/etc/tinc/${netname}"; confDir = mkOption { type = types.package; @@ -195,6 +196,12 @@ let } ) config.krebs.tinc; + environment.etc = mapAttrs' (netname: cfg: + nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy { + source = cfg.confDir; + }) + ) config.krebs.tinc; + systemd.services = mapAttrs (netname: cfg: let tinc = cfg.tincPackage; -- cgit v1.2.3 From f27676c5ea34a8d400988027e326c7022914bcf0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 23:18:50 +0200 Subject: l 2 retiolum: enable legacy /etc/tinc --- lass/2configs/retiolum.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 647327de5..7f1b36c96 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -12,6 +12,7 @@ }; krebs.tinc.retiolum = { + enableLegacy = true; enable = true; connectTo = [ "prism" -- cgit v1.2.3 From 015649b9b32c39d1f1c90ebba8d9aadb733ba8b8 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 16 May 2017 23:30:09 +0200 Subject: whatsupnix: init Import from https://github.com/NixOS/nix/issues/443#issuecomment-296752535 --- krebs/5pkgs/whatsupnix/default.nix | 15 ++++++++++++ krebs/5pkgs/whatsupnix/whatsupnix.bash | 44 ++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 krebs/5pkgs/whatsupnix/default.nix create mode 100644 krebs/5pkgs/whatsupnix/whatsupnix.bash diff --git a/krebs/5pkgs/whatsupnix/default.nix b/krebs/5pkgs/whatsupnix/default.nix new file mode 100644 index 000000000..1a108c5e9 --- /dev/null +++ b/krebs/5pkgs/whatsupnix/default.nix @@ -0,0 +1,15 @@ +{ bash, coreutils, gawk, nix, makeWrapper, stdenv }: + +stdenv.mkDerivation { + name = "whatsupnix"; + phases = [ "installPhase" ]; + nativeBuildInputs = [ makeWrapper ]; + installPhase = '' + mkdir -p $out/bin + cat - ${./whatsupnix.bash} > $out/bin/whatsupnix <<\EOF + #! ${bash}/bin/bash + export PATH=${stdenv.lib.makeBinPath [ coreutils gawk nix ]} + EOF + chmod +x $out/bin/whatsupnix + ''; +} diff --git a/krebs/5pkgs/whatsupnix/whatsupnix.bash b/krebs/5pkgs/whatsupnix/whatsupnix.bash new file mode 100644 index 000000000..a19410055 --- /dev/null +++ b/krebs/5pkgs/whatsupnix/whatsupnix.bash @@ -0,0 +1,44 @@ +#!/usr/bin/env bash + +# Prints build logs for failed derivations in quiet build mode (-Q). +# See https://github.com/NixOS/nix/issues/443 +# +# Usage: +# +# set -o pipefail +# nix-build ... -Q ... | whatsupnix +# + + +GAWK=${GAWK:-gawk} +NIX_STORE=${NIX_STORE:-nix-store} + +broken=$(mktemp) +trap 'rm -f -- "$broken"' EXIT + +exec >&2 + +$GAWK -v broken="$broken" -f <(cat - <<- 'AWK' + match($0, /builder for .*(\/nix\/store\/.+\.drv).* failed/, m) { + print m[1] >> broken + } + { print $0 } +AWK +) + +export NIX_PAGER='' # for nix-store +while read -r drv; do + title="** FAILED $drv LOG **" + frame=${title//?/*} + + echo "$frame" + echo "$title" + echo "$frame" + echo + + $NIX_STORE -l "$drv" + + echo +done < "$broken" + +exit 0 -- cgit v1.2.3 From 0901d6e6f8e5357cd06b0d6832bdbde6251b7de3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 19 May 2017 00:24:52 +0200 Subject: lib/types: add managed bool to host type --- lib/types.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/types.nix b/lib/types.nix index 30de5e177..530cd1e69 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -31,6 +31,13 @@ rec { default = null; }; + managed = mkOption { + description = '' + If true, then the host's configuration is defined in stockholm. + ''; + type = bool; + }; + owner = mkOption { type = user; }; -- cgit v1.2.3 From a9f0332f9c70088101b85c73d55e265813d94fd7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 19 May 2017 00:25:27 +0200 Subject: k 3 l: define `managed` for every host --- krebs/3modules/lass/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index b86e05319..0e1cbd876 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -3,7 +3,10 @@ with import ; { - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.lass) { + hosts = mapAttrs (_: recursiveUpdate { + owner = config.krebs.users.lass; + managed = true; + }) { dishfire = { cores = 4; nets = rec { @@ -124,6 +127,7 @@ with import ; ssh.port = 2223; }; }; + managed = false; }; cloudkrebs = { cores = 1; @@ -300,6 +304,7 @@ with import ; }; iso = { cores = 1; + managed = false; }; sokrateslaptop = { nets = { @@ -321,6 +326,7 @@ with import ; ''; }; }; + managed = false; }; }; users = { -- cgit v1.2.3 From fa08ca88dee73ac0a0b888e114ab1df3ecf4c0fa Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 19 May 2017 00:27:25 +0200 Subject: l 3 hosts: filter unmanaged hosts --- lass/3modules/hosts.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/3modules/hosts.nix b/lass/3modules/hosts.nix index 125819bb0..7e3af10be 100644 --- a/lass/3modules/hosts.nix +++ b/lass/3modules/hosts.nix @@ -6,7 +6,7 @@ with import ; options.lass.hosts = mkOption { type = types.attrsOf types.host; default = - filterAttrs (_: host: host.owner.name == "lass") + filterAttrs (_: host: host.owner.name == "lass" && host.managed) config.krebs.hosts; }; } -- cgit v1.2.3 From 6ff1f811366215b82e892cb75dd9419a6de06f4d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 22 May 2017 17:20:58 +0200 Subject: l 2 baseX: enable X forwarding --- lass/2configs/baseX.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 9c51effdc..65dc6b6e9 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -33,6 +33,7 @@ in { time.timeZone = "Europe/Berlin"; programs.ssh.startAgent = false; + services.openssh.forwardX11 = true; services.printing = { enable = true; -- cgit v1.2.3 From a5390438dc08684a543e7260ff3377001c8bd5b0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 22 May 2017 17:22:28 +0200 Subject: l 2 retiolum: add tinc to systemPackages --- lass/2configs/retiolum.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 7f1b36c96..e7779f53e 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { @@ -25,4 +25,8 @@ nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + + environment.systemPackages = [ + pkgs.tinc + ]; } -- cgit v1.2.3 From fee2fa19585403a568242f3bdd870477b9cf97e7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 22 May 2017 17:24:58 +0200 Subject: l 2 nixpkgs: 2bb9c1c -> f469354 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 49c44aa88..c6620afaa 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "2bb9c1c"; + ref = "f469354"; }; } -- cgit v1.2.3 From 7545d799ddb4d4cb79a51fda3ac95262bdc15d22 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 22 May 2017 17:28:19 +0200 Subject: il 2: move dnscrypt & dnsmasq to dns-stuff.nix --- lass/2configs/baseX.nix | 1 + lass/2configs/default.nix | 9 --------- lass/2configs/dns-stuff.nix | 31 +++++++++++++++++++++++++++++++ 3 files changed, 32 insertions(+), 9 deletions(-) create mode 100644 lass/2configs/dns-stuff.nix diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 65dc6b6e9..3e2e325d8 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -10,6 +10,7 @@ in { ./copyq.nix ./xresources.nix ./livestream.nix + ./dns-stuff.nix { hardware.pulseaudio = { enable = true; diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index ffed5bb70..d7deb3165 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -63,15 +63,6 @@ with import ; pkgs.pythonPackages.python ]; } - { - services.dnscrypt-proxy = { - enable = true; - resolverName = "cs-de"; - }; - networking.extraResolvconfConf = '' - name_servers='127.0.0.1' - ''; - } ]; networking.hostName = config.krebs.build.host.name; diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix new file mode 100644 index 000000000..b52d3050b --- /dev/null +++ b/lass/2configs/dns-stuff.nix @@ -0,0 +1,31 @@ +{ config, pkgs, ... }: +with import ; +{ + services.dnscrypt-proxy = { + enable = true; + localAddress = "127.1.0.1"; + resolverName = "cs-de"; + }; + services.dnsmasq = { + enable = true; + extraConfig = '' + server=127.1.0.1 + server=/dn42/172.23.75.6 + #no-resolv + cache-size=1000 + min-cache-ttl=3600 + bind-dynamic + all-servers + dnssec + trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5 + address=/blog/127.0.0.1 + address=/blog/::1 + rebind-domain-ok=/onion/ + server=/.onion/127.0.0.1#9053 + port=53 + ''; + }; + networking.extraResolvconfConf = '' + name_servers='127.0.0.1' + ''; +} -- cgit v1.2.3 From 28b6e5d218ca984c3e34fd5385ea343a0bd3d39a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 May 2017 19:57:03 +0200 Subject: l 1 mors: enable elasticsearch --- lass/1systems/mors.nix | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index c8d9465d5..dd3777c64 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -32,14 +32,11 @@ with import ; { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } ]; } - #{ - # services.elasticsearch = { - # enable = true; - # plugins = [ - # # pkgs.elasticsearchPlugins.elasticsearch_kopf - # ]; - # }; - #} + { + services.elasticsearch = { + enable = true; + }; + } { #zalando project services.postgresql = { -- cgit v1.2.3 From a44e215d31c019fda6b0783f0d07cbd8072f919e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 May 2017 20:34:12 +0200 Subject: l 2 websites domsen: remove www. from domains --- lass/2configs/websites/domsen.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 581b37d91..62945755d 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -25,8 +25,8 @@ in { imports = [ ./sqlBackup.nix (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) - (servePage [ "karlaskop.de" "www.karlaskop.de" ]) - (servePage [ "makeup.apanowicz.de" "www.makeup.apanowicz.de" ]) + (servePage [ "karlaskop.de" ]) + (servePage [ "makeup.apanowicz.de" ]) (servePage [ "pixelpocket.de" ]) (serveOwncloud [ "o.ubikmedia.de" ]) (serveWordpress [ -- cgit v1.2.3 From d1321d64118fa50d0082e79a8fc74613aa0cb66a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 May 2017 20:35:42 +0200 Subject: l 2 websites habsys.*: fritz -> domsen --- lass/2configs/websites/domsen.nix | 1 + lass/2configs/websites/fritz.nix | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 62945755d..b0d28d4da 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -28,6 +28,7 @@ in { (servePage [ "karlaskop.de" ]) (servePage [ "makeup.apanowicz.de" ]) (servePage [ "pixelpocket.de" ]) + (servePage [ "habsys.de" "habsys.eu" ]) (serveOwncloud [ "o.ubikmedia.de" ]) (serveWordpress [ "ubikmedia.de" diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index 9bf7e4a9c..45927b102 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -40,8 +40,6 @@ in { (serveWordpress [ "eastuttgart.de" "www.eastuttgart.de" ]) - (servePage [ "habsys.de" "www.habsys.de" "habsys.eu" "www.habsys.eu" ]) - (serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ]) ]; -- cgit v1.2.3 From ad1e4cb239bfbb39be977c3fdf2f5f172bb5a4f5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 May 2017 20:36:23 +0200 Subject: l 3 pyload: init --- lass/3modules/default.nix | 1 + lass/3modules/pyload.nix | 55 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 lass/3modules/pyload.nix diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 73692446a..fd353e008 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -6,6 +6,7 @@ _: ./hosts.nix ./mysql-backup.nix ./news.nix + ./pyload.nix ./umts.nix ./usershadow.nix ./xresources.nix diff --git a/lass/3modules/pyload.nix b/lass/3modules/pyload.nix new file mode 100644 index 000000000..6f29ffb17 --- /dev/null +++ b/lass/3modules/pyload.nix @@ -0,0 +1,55 @@ +{ config, lib, pkgs, ... }: + +with import ; + +let + cfg = config.lass.pyload; + + out = { + options.lass.pyload = api; + config = lib.mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "pyload"; + user = mkOption { + type = types.str; + default = "download"; + }; + }; + + imp = { + + krebs.per-user.${cfg.user}.packages = [ + pkgs.pyload + pkgs.spidermonkey + pkgs.tesseract + ]; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 9099"; target = "ACCEPT"; } + ]; + systemd.services.pyload = { + description = "pyload"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + path = with pkgs; [ + pyload + spidermonkey + tesseract + dnsmasq + ]; + + restartIfChanged = true; + + serviceConfig = { + Restart = "always"; + ExecStart = "${pkgs.pyload}/bin/pyLoadCore"; + User = cfg.user; + }; + }; + + }; + +in out -- cgit v1.2.3 From 2d2550c5b5bdb10e4c2958425add337572347a11 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 23 May 2017 21:22:25 +0200 Subject: kirk: 1.0.0 -> 1.0.1 --- krebs/5pkgs/haskell-overrides/kirk.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/krebs/5pkgs/haskell-overrides/kirk.nix b/krebs/5pkgs/haskell-overrides/kirk.nix index 2cd6bb134..073e5d505 100644 --- a/krebs/5pkgs/haskell-overrides/kirk.nix +++ b/krebs/5pkgs/haskell-overrides/kirk.nix @@ -3,16 +3,19 @@ }: mkDerivation { pname = "kirk"; - version = "1.0.0"; + version = "1.0.1"; src = fetchgit { url = "http://cgit.krebsco.de/kirk"; - sha256 = "0w4drg2lyyw45abfn3g55zd6m7pl7yqxql5rpyy6qqdbvnyak94w"; - rev = "c78f3c62c0ba76465e39d1570073f867aa2d4240"; + sha256 = "1acsmmc485c54axpy9bd0320j18hs261vl1vdxns4n04sxzqd7k0"; + rev = "cdf3cb373af8f9b03a9487a63eb32e0226913589"; }; - isLibrary = false; + isLibrary = true; isExecutable = true; + libraryHaskellDepends = [ + base bytestring network optparse-applicative text + ]; executableHaskellDepends = [ - async base bytestring network optparse-applicative text + async base network optparse-applicative text ]; license = stdenv.lib.licenses.mit; } -- cgit v1.2.3 From 71719f2929c2dae1c431c09c517d8c49c7610b30 Mon Sep 17 00:00:00 2001 From: nin Date: Tue, 23 May 2017 22:45:52 +0200 Subject: n 2: change search-domain to r --- nin/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index a1ed76d98..cb02521ce 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -59,7 +59,7 @@ with import ; krebs = { enable = true; - search-domain = "retiolum"; + search-domain = "r"; build = { user = config.krebs.users.nin; source = let inherit (config.krebs.build) host; in { -- cgit v1.2.3 From 5f92b6b0a27ac6ed3289c0df96ebb9be664c0464 Mon Sep 17 00:00:00 2001 From: nin Date: Tue, 23 May 2017 22:51:09 +0200 Subject: n 2 nixpkgs: 5b0c9d4 -> 0afb6d7 --- nin/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nin/2configs/nixpkgs.nix b/nin/2configs/nixpkgs.nix index 9c3eafffd..14ddb7920 100644 --- a/nin/2configs/nixpkgs.nix +++ b/nin/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "5b0c9d4"; + ref = "0afb6d7"; }; } -- cgit v1.2.3 From e497faf8ec755da17e790782909a7aa8de7e0677 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 23 May 2017 23:35:31 +0200 Subject: l 2 bepasty: allow write for externals --- lass/2configs/bepasty.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix index c2bc3f3cd..b2d40d4f3 100644 --- a/lass/2configs/bepasty.nix +++ b/lass/2configs/bepasty.nix @@ -35,7 +35,7 @@ in { forceSSL = true; enableACME = true; }; - defaultPermissions = "read"; + defaultPermissions = "read,create"; secretKey = secKey; }); }; -- cgit v1.2.3 From 061e702a6fc0e6046d39c3975c9034a69499c45f Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 23 May 2017 23:44:17 +0200 Subject: turn krebs/5pkgs into an overlay --- krebs/5pkgs/default.nix | 14 ++++---------- krebs/5pkgs/writers.nix | 8 +++----- krebs/default.nix | 2 +- 3 files changed, 8 insertions(+), 16 deletions(-) diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 8bb244cd3..81481e14b 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,11 +1,6 @@ -{ config, lib, pkgs, ... }@args: +pkgs: oldpkgs: with import ; -{ - imports = [ - ./writers.nix - ]; - nixpkgs.config.packageOverrides = oldpkgs: let - + let # This callPackage will try to detect obsolete overrides. callPackage = path: args: let override = pkgs.callPackage path args; @@ -16,8 +11,8 @@ with import ; compareVersions upstream.name override.name != -1 then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override else override; - in {} + // import ./writers.nix pkgs oldpkgs // mapAttrs (_: flip callPackage {}) (filterAttrs (_: dir: pathExists (dir + "/default.nix")) (subdirsOf ./.)) @@ -60,5 +55,4 @@ with import ; test = { infest-cac-centos7 = callPackage ./test/infest-cac-centos7 {}; }; - }; -} + } diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix index d14090323..8ea9c37d5 100644 --- a/krebs/5pkgs/writers.nix +++ b/krebs/5pkgs/writers.nix @@ -1,7 +1,6 @@ -{ pkgs, ... }: +pkgs: oldpkgs: with import ; -{ - nixpkgs.config.packageOverrides = _: { + { # Combine a list of derivations using symlinks. Paths in later derivations # take precedence over earlier ones. @@ -323,5 +322,4 @@ with import ; }; writeSed = pkgs.makeScriptWriter "${pkgs.gnused}/bin/sed -f"; - }; -} + } diff --git a/krebs/default.nix b/krebs/default.nix index e5e8cbc49..55bf66f77 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -3,6 +3,6 @@ with import ; { imports = [ ./3modules - ./5pkgs ]; + nixpkgs.config.packageOverrides = import ./5pkgs pkgs; } -- cgit v1.2.3 From f0b98bd0114df1e1ebb82ff300f9532d86b3eb18 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 24 May 2017 01:43:50 +0200 Subject: krebs/5pkgs: move simple pkgs to a subdir --- krebs/5pkgs/Reaktor/default.nix | 22 - krebs/5pkgs/Reaktor/plugins.nix | 131 -- krebs/5pkgs/Reaktor/scripts/random-emoji.sh | 6 - krebs/5pkgs/Reaktor/scripts/random-issue.sh | 20 - krebs/5pkgs/Reaktor/scripts/sed-plugin.py | 41 - krebs/5pkgs/Reaktor/scripts/shack-correct.sh | 6 - krebs/5pkgs/apt-cacher-ng/default.nix | 21 - krebs/5pkgs/bepasty-client-cli/default.nix | 23 - krebs/5pkgs/buildbot/default.nix | 82 - krebs/5pkgs/buildbot/worker.nix | 24 - krebs/5pkgs/cac-api/default.nix | 43 - krebs/5pkgs/cac-cert/cac.pem | 88 - krebs/5pkgs/cac-cert/default.nix | 2 - krebs/5pkgs/cac-panel/default.nix | 18 - krebs/5pkgs/collectd-connect-time/default.nix | 15 - krebs/5pkgs/default.nix | 11 +- krebs/5pkgs/dic/default.nix | 36 - krebs/5pkgs/drivedroid-gen-repo/default.nix | 22 - krebs/5pkgs/fortclientsslvpn/default.nix | 92 -- krebs/5pkgs/games-user-env/default.nix | 34 - krebs/5pkgs/get/default.nix | 37 - krebs/5pkgs/git-hooks/default.nix | 107 -- krebs/5pkgs/github-hosts-sync/default.nix | 37 - krebs/5pkgs/go-shortener/default.nix | 57 - krebs/5pkgs/go-shortener/packages.nix | 44 - krebs/5pkgs/goify/default.nix | 18 - krebs/5pkgs/hashPassword/default.nix | 15 - krebs/5pkgs/htgen/default.nix | 28 - krebs/5pkgs/irc-announce/default.nix | 66 - krebs/5pkgs/kpaste/default.nix | 5 - krebs/5pkgs/krebspaste/default.nix | 6 - krebs/5pkgs/krebszones/default.nix | 25 - krebs/5pkgs/logf/default.nix | 114 -- krebs/5pkgs/much/cabal.nix | 28 - krebs/5pkgs/much/default.nix | 3 - krebs/5pkgs/netcup/default.nix | 32 - krebs/5pkgs/newsbot-js/default.nix | 60 - krebs/5pkgs/newsbot-js/packages.nix | 1747 -------------------- krebs/5pkgs/noVNC/default.nix | 21 - krebs/5pkgs/painload/default.nix | 7 - krebs/5pkgs/passwdqc-utils/default.nix | 37 - krebs/5pkgs/populate/default.nix | 36 - krebs/5pkgs/posix-array/default.nix | 30 - krebs/5pkgs/pssh/default.nix | 36 - krebs/5pkgs/push/default.nix | 49 - krebs/5pkgs/realwallpaper/default.nix | 24 - krebs/5pkgs/repo-sync/default.nix | 21 - krebs/5pkgs/retiolum-bootstrap/default.nix | 29 - krebs/5pkgs/rutorrent/default.nix | 15 - krebs/5pkgs/simple/Reaktor/default.nix | 22 + krebs/5pkgs/simple/Reaktor/plugins.nix | 131 ++ krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh | 6 + krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh | 20 + krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py | 41 + .../5pkgs/simple/Reaktor/scripts/shack-correct.sh | 6 + krebs/5pkgs/simple/apt-cacher-ng/default.nix | 21 + krebs/5pkgs/simple/bepasty-client-cli/default.nix | 23 + krebs/5pkgs/simple/buildbot/default.nix | 82 + krebs/5pkgs/simple/buildbot/worker.nix | 24 + krebs/5pkgs/simple/cac-api/default.nix | 43 + krebs/5pkgs/simple/cac-cert/cac.pem | 88 + krebs/5pkgs/simple/cac-cert/default.nix | 2 + krebs/5pkgs/simple/cac-panel/default.nix | 18 + .../5pkgs/simple/collectd-connect-time/default.nix | 15 + krebs/5pkgs/simple/default.nix | 10 + krebs/5pkgs/simple/dic/default.nix | 36 + krebs/5pkgs/simple/drivedroid-gen-repo/default.nix | 22 + krebs/5pkgs/simple/fortclientsslvpn/default.nix | 92 ++ krebs/5pkgs/simple/games-user-env/default.nix | 34 + krebs/5pkgs/simple/get/default.nix | 37 + krebs/5pkgs/simple/git-hooks/default.nix | 107 ++ krebs/5pkgs/simple/github-hosts-sync/default.nix | 37 + krebs/5pkgs/simple/go-shortener/default.nix | 57 + krebs/5pkgs/simple/go-shortener/packages.nix | 44 + krebs/5pkgs/simple/goify/default.nix | 18 + krebs/5pkgs/simple/hashPassword/default.nix | 15 + krebs/5pkgs/simple/htgen/default.nix | 28 + krebs/5pkgs/simple/irc-announce/default.nix | 66 + krebs/5pkgs/simple/kpaste/default.nix | 5 + krebs/5pkgs/simple/krebspaste/default.nix | 6 + krebs/5pkgs/simple/krebszones/default.nix | 25 + krebs/5pkgs/simple/logf/default.nix | 114 ++ krebs/5pkgs/simple/much/cabal.nix | 28 + krebs/5pkgs/simple/much/default.nix | 3 + krebs/5pkgs/simple/netcup/default.nix | 32 + krebs/5pkgs/simple/newsbot-js/default.nix | 60 + krebs/5pkgs/simple/newsbot-js/packages.nix | 1747 ++++++++++++++++++++ krebs/5pkgs/simple/noVNC/default.nix | 21 + krebs/5pkgs/simple/painload/default.nix | 7 + krebs/5pkgs/simple/passwdqc-utils/default.nix | 37 + krebs/5pkgs/simple/populate/default.nix | 36 + krebs/5pkgs/simple/posix-array/default.nix | 30 + krebs/5pkgs/simple/pssh/default.nix | 36 + krebs/5pkgs/simple/push/default.nix | 49 + krebs/5pkgs/simple/realwallpaper/default.nix | 24 + krebs/5pkgs/simple/repo-sync/default.nix | 21 + krebs/5pkgs/simple/retiolum-bootstrap/default.nix | 29 + krebs/5pkgs/simple/rutorrent/default.nix | 15 + krebs/5pkgs/simple/tarantool/default.nix | 21 + krebs/5pkgs/simple/tinc_graphs/default.nix | 26 + krebs/5pkgs/simple/translate-shell/default.nix | 43 + krebs/5pkgs/simple/treq/default.nix | 17 + krebs/5pkgs/simple/untilport/default.nix | 18 + krebs/5pkgs/simple/urlwatch/default.nix | 24 + krebs/5pkgs/simple/weechat/default.nix | 80 + krebs/5pkgs/simple/whatsupnix/default.nix | 15 + krebs/5pkgs/simple/whatsupnix/whatsupnix.bash | 44 + krebs/5pkgs/simple/with-tmpdir/default.nix | 29 + krebs/5pkgs/simple/youtube-tools/default.nix | 21 + krebs/5pkgs/simple/zandronum-bin/default.nix | 83 + krebs/5pkgs/tarantool/default.nix | 21 - krebs/5pkgs/tinc_graphs/default.nix | 26 - krebs/5pkgs/translate-shell/default.nix | 43 - krebs/5pkgs/treq/default.nix | 17 - krebs/5pkgs/untilport/default.nix | 18 - krebs/5pkgs/urlwatch/default.nix | 24 - krebs/5pkgs/weechat/default.nix | 80 - krebs/5pkgs/whatsupnix/default.nix | 15 - krebs/5pkgs/whatsupnix/whatsupnix.bash | 44 - krebs/5pkgs/with-tmpdir/default.nix | 29 - krebs/5pkgs/youtube-tools/default.nix | 21 - krebs/5pkgs/zandronum-bin/default.nix | 83 - 122 files changed, 3895 insertions(+), 3888 deletions(-) delete mode 100644 krebs/5pkgs/Reaktor/default.nix delete mode 100644 krebs/5pkgs/Reaktor/plugins.nix delete mode 100644 krebs/5pkgs/Reaktor/scripts/random-emoji.sh delete mode 100644 krebs/5pkgs/Reaktor/scripts/random-issue.sh delete mode 100644 krebs/5pkgs/Reaktor/scripts/sed-plugin.py delete mode 100644 krebs/5pkgs/Reaktor/scripts/shack-correct.sh delete mode 100644 krebs/5pkgs/apt-cacher-ng/default.nix delete mode 100644 krebs/5pkgs/bepasty-client-cli/default.nix delete mode 100644 krebs/5pkgs/buildbot/default.nix delete mode 100644 krebs/5pkgs/buildbot/worker.nix delete mode 100644 krebs/5pkgs/cac-api/default.nix delete mode 100644 krebs/5pkgs/cac-cert/cac.pem delete mode 100644 krebs/5pkgs/cac-cert/default.nix delete mode 100644 krebs/5pkgs/cac-panel/default.nix delete mode 100644 krebs/5pkgs/collectd-connect-time/default.nix delete mode 100644 krebs/5pkgs/dic/default.nix delete mode 100644 krebs/5pkgs/drivedroid-gen-repo/default.nix delete mode 100644 krebs/5pkgs/fortclientsslvpn/default.nix delete mode 100644 krebs/5pkgs/games-user-env/default.nix delete mode 100644 krebs/5pkgs/get/default.nix delete mode 100644 krebs/5pkgs/git-hooks/default.nix delete mode 100644 krebs/5pkgs/github-hosts-sync/default.nix delete mode 100644 krebs/5pkgs/go-shortener/default.nix delete mode 100644 krebs/5pkgs/go-shortener/packages.nix delete mode 100644 krebs/5pkgs/goify/default.nix delete mode 100644 krebs/5pkgs/hashPassword/default.nix delete mode 100644 krebs/5pkgs/htgen/default.nix delete mode 100644 krebs/5pkgs/irc-announce/default.nix delete mode 100644 krebs/5pkgs/kpaste/default.nix delete mode 100644 krebs/5pkgs/krebspaste/default.nix delete mode 100644 krebs/5pkgs/krebszones/default.nix delete mode 100644 krebs/5pkgs/logf/default.nix delete mode 100644 krebs/5pkgs/much/cabal.nix delete mode 100644 krebs/5pkgs/much/default.nix delete mode 100644 krebs/5pkgs/netcup/default.nix delete mode 100644 krebs/5pkgs/newsbot-js/default.nix delete mode 100644 krebs/5pkgs/newsbot-js/packages.nix delete mode 100644 krebs/5pkgs/noVNC/default.nix delete mode 100644 krebs/5pkgs/painload/default.nix delete mode 100644 krebs/5pkgs/passwdqc-utils/default.nix delete mode 100644 krebs/5pkgs/populate/default.nix delete mode 100644 krebs/5pkgs/posix-array/default.nix delete mode 100644 krebs/5pkgs/pssh/default.nix delete mode 100644 krebs/5pkgs/push/default.nix delete mode 100644 krebs/5pkgs/realwallpaper/default.nix delete mode 100644 krebs/5pkgs/repo-sync/default.nix delete mode 100644 krebs/5pkgs/retiolum-bootstrap/default.nix delete mode 100644 krebs/5pkgs/rutorrent/default.nix create mode 100644 krebs/5pkgs/simple/Reaktor/default.nix create mode 100644 krebs/5pkgs/simple/Reaktor/plugins.nix create mode 100644 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh create mode 100644 krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh create mode 100644 krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py create mode 100644 krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh create mode 100644 krebs/5pkgs/simple/apt-cacher-ng/default.nix create mode 100644 krebs/5pkgs/simple/bepasty-client-cli/default.nix create mode 100644 krebs/5pkgs/simple/buildbot/default.nix create mode 100644 krebs/5pkgs/simple/buildbot/worker.nix create mode 100644 krebs/5pkgs/simple/cac-api/default.nix create mode 100644 krebs/5pkgs/simple/cac-cert/cac.pem create mode 100644 krebs/5pkgs/simple/cac-cert/default.nix create mode 100644 krebs/5pkgs/simple/cac-panel/default.nix create mode 100644 krebs/5pkgs/simple/collectd-connect-time/default.nix create mode 100644 krebs/5pkgs/simple/default.nix create mode 100644 krebs/5pkgs/simple/dic/default.nix create mode 100644 krebs/5pkgs/simple/drivedroid-gen-repo/default.nix create mode 100644 krebs/5pkgs/simple/fortclientsslvpn/default.nix create mode 100644 krebs/5pkgs/simple/games-user-env/default.nix create mode 100644 krebs/5pkgs/simple/get/default.nix create mode 100644 krebs/5pkgs/simple/git-hooks/default.nix create mode 100644 krebs/5pkgs/simple/github-hosts-sync/default.nix create mode 100644 krebs/5pkgs/simple/go-shortener/default.nix create mode 100644 krebs/5pkgs/simple/go-shortener/packages.nix create mode 100644 krebs/5pkgs/simple/goify/default.nix create mode 100644 krebs/5pkgs/simple/hashPassword/default.nix create mode 100644 krebs/5pkgs/simple/htgen/default.nix create mode 100644 krebs/5pkgs/simple/irc-announce/default.nix create mode 100644 krebs/5pkgs/simple/kpaste/default.nix create mode 100644 krebs/5pkgs/simple/krebspaste/default.nix create mode 100644 krebs/5pkgs/simple/krebszones/default.nix create mode 100644 krebs/5pkgs/simple/logf/default.nix create mode 100644 krebs/5pkgs/simple/much/cabal.nix create mode 100644 krebs/5pkgs/simple/much/default.nix create mode 100644 krebs/5pkgs/simple/netcup/default.nix create mode 100644 krebs/5pkgs/simple/newsbot-js/default.nix create mode 100644 krebs/5pkgs/simple/newsbot-js/packages.nix create mode 100644 krebs/5pkgs/simple/noVNC/default.nix create mode 100644 krebs/5pkgs/simple/painload/default.nix create mode 100644 krebs/5pkgs/simple/passwdqc-utils/default.nix create mode 100644 krebs/5pkgs/simple/populate/default.nix create mode 100644 krebs/5pkgs/simple/posix-array/default.nix create mode 100644 krebs/5pkgs/simple/pssh/default.nix create mode 100644 krebs/5pkgs/simple/push/default.nix create mode 100644 krebs/5pkgs/simple/realwallpaper/default.nix create mode 100644 krebs/5pkgs/simple/repo-sync/default.nix create mode 100644 krebs/5pkgs/simple/retiolum-bootstrap/default.nix create mode 100644 krebs/5pkgs/simple/rutorrent/default.nix create mode 100644 krebs/5pkgs/simple/tarantool/default.nix create mode 100644 krebs/5pkgs/simple/tinc_graphs/default.nix create mode 100644 krebs/5pkgs/simple/translate-shell/default.nix create mode 100644 krebs/5pkgs/simple/treq/default.nix create mode 100644 krebs/5pkgs/simple/untilport/default.nix create mode 100644 krebs/5pkgs/simple/urlwatch/default.nix create mode 100644 krebs/5pkgs/simple/weechat/default.nix create mode 100644 krebs/5pkgs/simple/whatsupnix/default.nix create mode 100644 krebs/5pkgs/simple/whatsupnix/whatsupnix.bash create mode 100644 krebs/5pkgs/simple/with-tmpdir/default.nix create mode 100644 krebs/5pkgs/simple/youtube-tools/default.nix create mode 100644 krebs/5pkgs/simple/zandronum-bin/default.nix delete mode 100644 krebs/5pkgs/tarantool/default.nix delete mode 100644 krebs/5pkgs/tinc_graphs/default.nix delete mode 100644 krebs/5pkgs/translate-shell/default.nix delete mode 100644 krebs/5pkgs/treq/default.nix delete mode 100644 krebs/5pkgs/untilport/default.nix delete mode 100644 krebs/5pkgs/urlwatch/default.nix delete mode 100644 krebs/5pkgs/weechat/default.nix delete mode 100644 krebs/5pkgs/whatsupnix/default.nix delete mode 100644 krebs/5pkgs/whatsupnix/whatsupnix.bash delete mode 100644 krebs/5pkgs/with-tmpdir/default.nix delete mode 100644 krebs/5pkgs/youtube-tools/default.nix delete mode 100644 krebs/5pkgs/zandronum-bin/default.nix diff --git a/krebs/5pkgs/Reaktor/default.nix b/krebs/5pkgs/Reaktor/default.nix deleted file mode 100644 index fc3710820..000000000 --- a/krebs/5pkgs/Reaktor/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ lib, pkgs,python3Packages,fetchurl, ... }: - -python3Packages.buildPythonPackage rec { - name = "Reaktor-${version}"; - version = "0.5.1"; - - doCheck = false; - - propagatedBuildInputs = with pkgs;[ - python3Packages.docopt - python3Packages.requests2 - ]; - src = fetchurl { - url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz"; - sha256 = "0dn9r0cyxi1sji2pnybsrc4hhaaq7hmf235nlgkrxqlsdb7y6n6n"; - }; - meta = { - homepage = http://krebsco.de/; - description = "An IRC bot based on asynchat"; - license = lib.licenses.wtfpl; - }; -} diff --git a/krebs/5pkgs/Reaktor/plugins.nix b/krebs/5pkgs/Reaktor/plugins.nix deleted file mode 100644 index e85e41cfe..000000000 --- a/krebs/5pkgs/Reaktor/plugins.nix +++ /dev/null @@ -1,131 +0,0 @@ -{ stdenv, lib, pkgs, makeWrapper }: - -rec { - # Begin API - buildBaseReaktorPlugin = { name - , config # python extra configuration for plugin - , phases ? [] - , ... } @ attrs: - stdenv.mkDerivation (attrs // { - name = "Reaktor-plugin-" + name; - isReaktorPlugin = true; - }); - - buildSimpleReaktorPlugin = name: { script - , path ? [] - , env ? {} - , append_rule ? false # append the rule instead of insert - , pattern ? "" - , ... } @ attrs: - let - path_env = { "PATH" = lib.makeSearchPath "bin" (path ++ [ pkgs.coreutils ]); }; - src_dir = pkgs.substituteAll ( { - inherit name; - dir = "bin"; - isExecutable = true; - src = script; - }); - src_file = "${src_dir}/bin/${name}"; - config = '' - public_commands.${if append_rule then "append(" else "insert(0," }{ - 'capname' : "${name}", - 'pattern' : ${if pattern == "" then - ''indirect_pattern.format("${name}")'' else - ''"${pattern}"'' }, - 'argv' : ["${src_file}"], - 'env' : ${builtins.toJSON (path_env // env)} }) - ''; - config_file = pkgs.writeText "plugin.py" config; - in buildBaseReaktorPlugin (attrs // rec { - inherit name config; - - phases = [ "installPhase" ]; - buildInputs = [ makeWrapper ]; - installPhase = '' - mkdir -p $out/bin $out/etc/Reaktor - ln -s ${src_file} $out/bin - wrapProgram $out/bin/${name} \ - --prefix PATH : ${path_env.PATH} - ln -s ${config_file} $out/etc/Reaktor/plugin.py - ''; - - }); - # End API - - # Begin Plugins - random-emoji = buildSimpleReaktorPlugin "emoji" { - path = with pkgs; [ gnused gnugrep xmlstarlet curl ]; - script = ./scripts/random-emoji.sh; - }; - - sed-plugin = buildSimpleReaktorPlugin "sed-plugin" { - path = [ pkgs.gnused pkgs.python3 ]; - # only support s///gi the plugin needs to see every msg - # TODO: this will eat up the last regex, fix Reaktor to support fallthru - append_rule = true; - pattern = "^(?P.*)$$"; - script = ./scripts/sed-plugin.py; - }; - - shack-correct = buildSimpleReaktorPlugin "shack-correct" { - path = [ pkgs.gnused ]; - pattern = "^(?P.*Shack.*)$$"; - script = ./scripts/shack-correct.sh; - }; - - nixos-version = buildSimpleReaktorPlugin "nixos-version" { - script = pkgs.writeDash "nixos-version" '' - . /etc/os-release - echo "$PRETTY_NAME" - ''; - }; - stockholm-issue = buildSimpleReaktorPlugin "stockholm-issue" { - script = ./scripts/random-issue.sh; - path = with pkgs; [ git gnused haskellPackages.lentil ]; - env = { "origin" = "http://cgit.gum/stockholm"; }; - }; - - titlebot = - let - pypkgs = pkgs.python3Packages; - titlebot_cmds = pypkgs.buildPythonPackage { - name = "titlebot_cmds"; - propagatedBuildInputs = with pypkgs; [ setuptools ]; - src = pkgs.fetchurl { - url = "https://github.com/makefu/reaktor-titlebot/archive/2.1.0.tar.gz"; - sha256 = "0wvf09wmk8b52f9j65qrw81nwrhs9pfhijwrlkzp5l7l2q8cjkp6"; - }; - }; - in buildBaseReaktorPlugin rec { - name = "titlebot"; - phases = [ "installPhase" ]; - installPhase = '' - mkdir -p $out - ln -s ${titlebot_cmds}/* $out - ''; - config = '' - def titlebot_cmd(cmd): - from os import environ - return { 'capname': None, - 'env': { 'TITLEDB': - environ['state_dir']+'/suggestions.json' }, - 'pattern': '^\\.' + cmd + '\\s*(?:\\s+(?P.*))?$$', - 'argv': [ '${titlebot_cmds}/bin/' + cmd ] } - for i in ['up','help','list','top','new']: - public_commands.insert(0,titlebot_cmd(i)) - commands.insert(0,titlebot_cmd('clear')) - ''; - }; - - url-title = (buildSimpleReaktorPlugin "url-title" { - pattern = "^.*(?Phttp[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; - path = with pkgs; [ curl perl ]; - script = pkgs.writeDash "lambda-pl" '' - if [ "$#" -gt 0 ]; then - curl -SsL --max-time 5 "$1" | - perl -l -0777 -ne 'print $1 if /\s*(.*?)(?: - youtube)?\s*<\/title/si' - fi - ''; - }); - -} diff --git a/krebs/5pkgs/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/Reaktor/scripts/random-emoji.sh deleted file mode 100644 index 386aa68b9..000000000 --- a/krebs/5pkgs/Reaktor/scripts/random-emoji.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -curl http://emojicons.com/random -s | \ - grep data-text | \ - sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ - head -n 1 | \ - xmlstarlet unesc diff --git a/krebs/5pkgs/Reaktor/scripts/random-issue.sh b/krebs/5pkgs/Reaktor/scripts/random-issue.sh deleted file mode 100644 index 5c47c6156..000000000 --- a/krebs/5pkgs/Reaktor/scripts/random-issue.sh +++ /dev/null @@ -1,20 +0,0 @@ -#! /bin/sh -set -eu -# requires env: -# $state_dir -# $origin - -# in PATH: git,lentil,coreutils -subdir=`echo "$1" | tr -dc "[:alnum:]"` -name=`echo "$origin" | tr -dc "[:alnum:]"` -track="$state_dir/$name-checkout" -(if test -e "$track" ;then - cd "$track" - git fetch origin master - git reset --hard origin/master -else - git clone "$origin" "$track" -fi) >&2 - -cd "$track" -lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1 diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py deleted file mode 100644 index da8e2f726..000000000 --- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env python3 - -# Usage: -# _from=krebs state_dir=. python sed-plugin.py 'dick butt' -# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' -# > dick bull -import shelve -from os import environ -from os.path import join -from sys import argv -import re - -d = shelve.open(join(environ['state_dir'], 'sed-plugin.shelve'), writeback=True) -usr = environ['_from'] - - -def is_regex(line): - myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') - return myre.match(line) - -line = argv[1] - -if is_regex(line): - last = d.get(usr, None) - if last: - from subprocess import Popen, PIPE - p = Popen(['sed', line], stdin=PIPE, stdout=PIPE) - so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) - if p.returncode: - print("something went wrong when trying to process your regex: {}".format(se.decode())) - ret = so.decode() - print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) - if ret: - d[usr] = ret - - else: - print("no last message") -else: - d[usr] = line - -d.close() diff --git a/krebs/5pkgs/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/Reaktor/scripts/shack-correct.sh deleted file mode 100644 index 3b4d04f80..000000000 --- a/krebs/5pkgs/Reaktor/scripts/shack-correct.sh +++ /dev/null @@ -1,6 +0,0 @@ -#! /bin/sh -set -eu -printf "Sie meinten wohl \"" -echo -n $@ | sed 's/Shack/shack/g' -echo "\"" -echo "${_from}--" diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix deleted file mode