From 8464ebbf6954a5940b9dce8927639e128434b9d7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 00:47:43 +0100 Subject: k 3 repo-sync: better types, add repo timer --- krebs/3modules/repo-sync.nix | 114 +++++++++++++++++++++++++++---------------- 1 file changed, 71 insertions(+), 43 deletions(-) diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 7705635f0..0211b31ba 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -12,7 +12,34 @@ let api = { enable = mkEnableOption "repo-sync"; repos = mkOption { - type = with types;attrsOf (attrsOf (attrsOf (attrsOf str))); + type = types.attrsOf (types.submodule { + options = { + branches = mkOption { + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + origin = mkOption { + type = types.git-source; + }; + mirror = mkOption { + type = types.git-source; + }; + }; + config = { + origin.ref = mkDefault "heads/master"; + mirror.ref = mkDefault "heads/${config._module.args.name}"; + }; + })); + }; + latest = mkOption { + type = types.nullOr types.git-source; + default = null; + }; + timerConfig = mkOption { + type = types.attrsOf types.str; + default = cfg.timerConfig; + }; + }; + }); example = literalExample '' # see `repo-sync --help` # `ref` provides sane defaults and can be omitted @@ -23,53 +50,53 @@ let # each attrset defines a group of repos for syncing { nxpkgs = { - makefu = { - origin = { - url = http://github.com/makefu/nixpkgs; - ref = "heads/dev" ; + branches = { + makefu = { + origin = { + url = http://github.com/makefu/nixpkgs; + ref = "heads/dev" ; + }; + mirror = { + url = "git@internal:nixpkgs-mirror" ; + ref = "heads/github-mirror-dev" ; + }; }; - mirror = { - url = "git@internal:nixpkgs-mirror" ; - ref = "heads/github-mirror-dev" ; + lass = { + origin = { + url = http://github.com/lass/nixpkgs; + }; + mirror = { + url = "git@internal:nixpkgs-mirror" ; + }; }; }; - lass = { - origin = { - url = http://github.com/lass/nixpkgs; - }; - mirror = { - url = "git@internal:nixpkgs-mirror" ; - }; - }; - "@latest" = { - mirror = { - url = "git@internal:nixpkgs-mirror"; - ref = "heads/master"; - }; + latest = { + url = "git@internal:nixpkgs-mirror"; + ref = "heads/master"; }; }; stockholm = { - lass = { - origin = { - url = http://cgit.prism.r/stockholm; + branches = { + lass = { + origin = { + url = http://cgit.prism.r/stockholm; + }; + mirror = { + url = "git@internal:stockholm-mirror" ; + }; }; - mirror = { - url = "git@internal:stockholm-mirror" ; + makefu = { + origin = { + url = http://gum.krebsco.de/stockholm; + }; + mirror = { + url = "git@internal:stockholm-mirror" ; + }; }; }; - makefu = { - origin = { - url = http://gum.krebsco.de/stockholm; - }; - mirror = { - url = "git@internal:stockholm-mirror" ; - }; - }; - "@latest" = { - mirror = { - url = "git@internal:stockholm-mirror"; - ref = "heads/master"; - }; + latest = { + url = "git@internal:stockholm-mirror"; + ref = "heads/master"; }; }; }; @@ -127,15 +154,16 @@ let nameValuePair "repo-sync-${name}" { description = "repo-sync timer"; wantedBy = [ "timers.target" ]; - - timerConfig = cfg.timerConfig; + timerConfig = repo.timerConfig; } ) cfg.repos; systemd.services = mapAttrs' (name: repo: let - repo-sync-config = pkgs.writeText "repo-sync-config-${name}.json" - (builtins.toJSON repo); + repo-sync-config = pkgs.writeJSON "repo-sync-config-${name}.json" + (repo.branches // optionalAttrs (repo.latest != null) { + "@latest".mirror = repo.latest; + }); in nameValuePair "repo-sync-${name}" { description = "repo-sync"; after = [ "network.target" "secret.service" ]; -- cgit v1.2.3 From d7b71cdb91943aa0db6337da66e353a92956d499 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 00:49:13 +0100 Subject: l 2 repo-sync: use new api --- lass/2configs/repo-sync.nix | 55 ++++++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 83f646130..dfea637ed 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -36,25 +36,27 @@ let sync-retiolum = name: { krebs.repo-sync.repos.${name} = { - makefu = { - origin.url = "http://cgit.gum/${name}"; - mirror.url = "${mirror}${name}"; + branches = { + makefu = { + origin.url = "http://cgit.gum/${name}"; + mirror.url = "${mirror}${name}"; + }; + tv = { + origin.url = "http://cgit.ni.r/${name}"; + mirror.url = "${mirror}${name}"; + }; + nin = { + origin.url = "http://cgit.onondaga.r/${name}"; + mirror.url = "${mirror}${name}"; + }; + lassulus = { + origin.url = "http://cgit.lassul.us/${name}"; + mirror.url = "${mirror}${name}"; + }; }; - tv = { - origin.url = "http://cgit.ni.r/${name}"; - mirror.url = "${mirror}${name}"; - }; - nin = { - origin.url = "http://cgit.onondaga.r/${name}"; - mirror.url = "${mirror}${name}"; - }; - lassulus = { - origin.url = "http://cgit.lassul.us/${name}"; - mirror.url = "${mirror}${name}"; - }; - "@latest" = { - mirror.url = "${mirror}${name}"; - mirror.ref = "heads/newest"; + latest = { + url = "${mirror}${name}"; + ref = "heads/newest"; }; }; krebs.git = defineRepo name (config.networking.hostName == "prism"); @@ -63,9 +65,11 @@ let sync-remote = name: url: { krebs.repo-sync.repos.${name} = { - remote = { - origin.url = url; - mirror.url = "${mirror}${name}"; + branches = { + remote = { + origin.url = url; + mirror.url = "${mirror}${name}"; + }; }; }; krebs.git = defineRepo name (config.networking.hostName == "prism"); @@ -74,9 +78,11 @@ let sync-remote-silent = name: url: { krebs.repo-sync.repos.${name} = { - remote = { - origin.url = url; - mirror.url = "${mirror}${name}"; + branches = { + remote = { + origin.url = url; + mirror.url = "${mirror}${name}"; + }; }; }; krebs.git = defineRepo name false; @@ -109,4 +115,3 @@ in { (sync-retiolum "xmonad-stockholm") ]; } - -- cgit v1.2.3 From c6654de563efb4e4afcb53a6760ab6767693389f Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 00:52:31 +0100 Subject: s 2 repo-sync: use new api --- shared/2configs/repo-sync.nix | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/shared/2configs/repo-sync.nix b/shared/2configs/repo-sync.nix index 4219e5d01..004ea5942 100644 --- a/shared/2configs/repo-sync.nix +++ b/shared/2configs/repo-sync.nix @@ -8,19 +8,21 @@ with lib; in { enable = true; repos.stockholm = { - makefu = { - origin.url = http://cgit.gum/stockholm ; - mirror.url = mirror; - }; - tv = { - origin.url = http://cgit.ni.r/stockholm; - mirror.url = mirror; - }; - lassulus = { - origin.url = http://cgit.prism/stockholm ; - mirror.url = mirror; + branches = { + makefu = { + origin.url = http://cgit.gum/stockholm ; + mirror.url = mirror; + }; + tv = { + origin.url = http://cgit.ni.r/stockholm; + mirror.url = mirror; + }; + lassulus = { + origin.url = http://cgit.prism/stockholm ; + mirror.url = mirror; + }; }; - "@latest" = { + latest = { mirror.url = mirror; }; }; -- cgit v1.2.3 From 9a50ea0143161746f9be9dc99abb87c384b9cc27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 00:58:09 +0100 Subject: l 2: add logf.nix --- lass/1systems/mors.nix | 2 +- lass/2configs/logf.nix | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 lass/2configs/logf.nix diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index bffb08ad3..223e16bae 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -24,6 +24,7 @@ with import ; ../2configs/krebs-pass.nix ../2configs/repo-sync.nix ../2configs/ircd.nix + ../2configs/logf.nix { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ @@ -192,7 +193,6 @@ with import ; remmina thunderbird - logf iodine macchanger diff --git a/lass/2configs/logf.nix b/lass/2configs/logf.nix new file mode 100644 index 000000000..3c4948db1 --- /dev/null +++ b/lass/2configs/logf.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: +with import ; +let + host-colors = { + mors = "131"; + prism = "95"; + uriel = "61"; + shodan = "51"; + icarus = "53"; + echelon = "197"; + helios = "199"; + cloudkrebs = "119"; + }; +in { + environment.systemPackages = [ + (pkgs.writeDashBin "logf" '' + export LOGF_HOST_COLORS=${pkgs.writeJSON "host-colors" host-colors} + ${pkgs.logf}/bin/logf ${concatMapStringsSep " " (name: "root@${name}") (attrNames config.lass.hosts)} + '') + ]; +} -- cgit v1.2.3 From 9d1653fe7526922680f93b0990de85619d9a9dca Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 01:06:04 +0100 Subject: l 1 prism: saner repo-sync timers --- lass/1systems/prism.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index b55732f65..a7a7f6129 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -215,8 +215,13 @@ in { } { krebs.repo-sync.timerConfig = { + OnBootSec = "15min"; + OnUnitInactiveSec = "90min"; + RandomizedDelaySec = "30min"; + }; + krebs.repo-sync.repos.stockholm.timerConfig = { OnBootSec = "5min"; - OnUnitInactiveSec = "3min"; + OnUnitInactiveSec = "2min"; RandomizedDelaySec = "2min"; }; } -- cgit v1.2.3 From 3374fe9566a366451ea59f325ecb1e2da7046322 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 01:06:31 +0100 Subject: l 2 nixpkgs: use cgit.lassul.us as gitserver --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 59851f25a..a6409b7db 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -2,7 +2,7 @@ { krebs.build.source.nixpkgs.git = { - url = https://github.com/nixos/nixpkgs; + url = https://cgit.lassul.us/nixpkgs; ref = "c0ecd31"; }; } -- cgit v1.2.3 From 3a3a436b49d555c57079f806f33908ac2430099b Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 8 Mar 2017 14:20:17 +0100 Subject: m 1 wbob: laptop-utils -> tools --- makefu/1systems/wbob.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix index 184f74147..43fbd6d2b 100644 --- a/makefu/1systems/wbob.nix +++ b/makefu/1systems/wbob.nix @@ -9,7 +9,10 @@ in { ../. ../2configs/zsh-user.nix ../2configs/base-gui.nix - ../2configs/laptop-utils.nix + ../2configs/tools/core.nix + ../2configs/tools/core-gui.nix + ../2configs/tools/extra-gui.nix + ../2configs/tools/media.nix ../2configs/virtualization.nix ../2configs/tinc/retiolum.nix ]; -- cgit v1.2.3 From 42639587fd0f28b8568f2aee8cf3463b0cc0e239 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 14:22:04 +0100 Subject: s 2 repo-sync: fix latest --- shared/2configs/repo-sync.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/shared/2configs/repo-sync.nix b/shared/2configs/repo-sync.nix index 004ea5942..637a26e3c 100644 --- a/shared/2configs/repo-sync.nix +++ b/shared/2configs/repo-sync.nix @@ -23,7 +23,8 @@ with lib; }; }; latest = { - mirror.url = mirror; + url = mirror; + ref = "heads/master"; }; }; }; -- cgit v1.2.3 From 4ccb7a1a2ccff15a9338de93924bda8e1640bb7d Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 16:06:05 +0100 Subject: l 2 nixpkgs: c0ecd31 -> c554a0c --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index a6409b7db..20918d294 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "c0ecd31"; + ref = "c554a0c97f5030a66cc81d41e1f39bff5095efba"; }; } -- cgit v1.2.3 From cf9c5ee222931f65bf9b37a3f66e849dee3a57ac Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 17:12:26 +0100 Subject: s 1 wolf: add prism as binary cache --- shared/1systems/wolf.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index ce3c63f28..b0b822780 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -32,7 +32,17 @@ in security = import ; }; - nix.binaryCaches = [ "http://localhost:3142/nixos" "https://cache.nixos.org" ]; + nix = { + binaryCaches = [ + "http://localhost:3142/nixos" + "http://cache.prism.r" + "https://cache.nixos.org/" + ]; + binaryCachePublicKeys = [ + "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" + "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" + ]; + }; networking = { firewall.enable = false; -- cgit v1.2.3 From 4ebc0e7adc7605e154916aefad47331761036abb Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Mar 2017 17:12:48 +0100 Subject: l 2 htop: hide process information from other user --- lass/2configs/htop.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/htop.nix b/lass/2configs/htop.nix index 0296101ac..69e04a05b 100644 --- a/lass/2configs/htop.nix +++ b/lass/2configs/htop.nix @@ -3,6 +3,7 @@ with import ; { + security.hideProcessInformation = true; nixpkgs.config.packageOverrides = super: { htop = pkgs.concat "htop" [ super.htop -- cgit v1.2.3