From f1ebd4e4e1bdc76bfca894ace336064b81cc98a1 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 06:43:26 +0100 Subject: krebs knownHosts: add-port everywhere --- krebs/3modules/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 52950690..e11d40a0 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -179,7 +179,6 @@ let (mapAttrsToList (net-name: net: let - aliases = shorts ++ longs; longs = net.aliases; shorts = map (removeSuffix ".${cfg.search-domain}") @@ -190,7 +189,7 @@ let then "[${a}]:${toString net.ssh.port}" else a; in - aliases ++ map add-port net.addrs) + map add-port (shorts ++ longs ++ net.addrs)) host.nets); publicKey = host.ssh.pubkey; -- cgit v1.2.3 From 4c40eba8161d4afaa85984737c6f03adf861be7a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 7 Feb 2016 15:58:49 +0100 Subject: krebs: add localhost to knownHosts --- krebs/3modules/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index e11d40a0..e4e5642c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -155,7 +155,16 @@ let let inherit (config.krebs.build.host.ssh) privkey; in mkIf (privkey != null) (mkForce [privkey]); + # TODO use imports for merging services.openssh.knownHosts = + (let inherit (config.krebs.build.host.ssh) pubkey; in + optionalAttrs (pubkey != null) { + localhost = { + hostNames = ["localhost" "127.0.0.1" "::1"]; + publicKey = pubkey; + }; + }) + // # GitHub's IPv4 address range is 192.30.252.0/22 # Refs https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist/ # 192.30.252.0/22 = 192.30.252.0-192.30.255.255 (1024 addresses) -- cgit v1.2.3 From 8b130a66287b829e7b6f9be0130df7231c7a6605 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 10 Feb 2016 19:06:32 +0100 Subject: krebs.nixpkgs.allowUnfreePredicate: init --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 62db9a5a..3d51076c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -21,6 +21,7 @@ let ./go.nix ./iptables.nix ./nginx.nix + ./nixpkgs.nix ./per-user.nix ./Reaktor.nix ./retiolum-bootstrap.nix -- cgit v1.2.3 From e890eb244af82ba678e894a84983db5057fbb60a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 14 Feb 2016 13:26:37 +0100 Subject: krebs.setuid: init --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 3d51076c..b2a02e9c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -27,6 +27,7 @@ let ./retiolum-bootstrap.nix ./realwallpaper.nix ./retiolum.nix + ./setuid.nix ./tinc_graphs.nix ./urlwatch.nix ]; -- cgit v1.2.3 From 9f16d7ea71a2566b973ad0ac603c63ac3c6f4311 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 14 Feb 2016 13:38:47 +0100 Subject: krebs.lib: init --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index b2a02e9c..69556219 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -20,6 +20,7 @@ let ./git.nix ./go.nix ./iptables.nix + ./lib.nix ./nginx.nix ./nixpkgs.nix ./per-user.nix -- cgit v1.2.3 From 673853e092c211e26a08030f87f9c868c6442a71 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 14 Feb 2016 16:43:44 +0100 Subject: RIP specialArgs.lib --- krebs/3modules/default.nix | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 69556219..23f82ed1 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs; @@ -33,7 +33,7 @@ let ./urlwatch.nix ]; options.krebs = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { @@ -84,13 +84,13 @@ let }; }; - imp = mkMerge [ - { krebs = import ./lass { inherit lib; }; } - { krebs = import ./makefu { inherit lib; }; } - { krebs = import ./miefda { inherit lib; }; } - { krebs = import ./mv { inherit lib; }; } - { krebs = import ./shared { inherit lib; }; } - { krebs = import ./tv { inherit lib; }; } + imp = lib.mkMerge [ + { krebs = import ./lass { inherit config lib; }; } + { krebs = import ./makefu { inherit config lib; }; } + { krebs = import ./miefda { inherit config lib; }; } + { krebs = import ./mv { inherit config lib; }; } + { krebs = import ./shared { inherit config lib; }; } + { krebs = import ./tv { inherit config lib; }; } { krebs.dns.providers = { de.krebsco = "zones"; -- cgit v1.2.3 From b7a92f63884af00eb0243ec9328be689a6c9b845 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 15 Feb 2016 16:29:01 +0100 Subject: *: make eval.config.krebs.build.host.name work everywhere --- krebs/3modules/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 23f82ed1..16a74e7c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -9,9 +9,9 @@ let ./apt-cacher-ng.nix ./backup.nix ./bepasty-server.nix - ./build.nix ./buildbot/master.nix ./buildbot/slave.nix + ./build.nix ./current.nix ./exim-retiolum.nix ./exim-smarthost.nix @@ -25,8 +25,8 @@ let ./nixpkgs.nix ./per-user.nix ./Reaktor.nix - ./retiolum-bootstrap.nix ./realwallpaper.nix + ./retiolum-bootstrap.nix ./retiolum.nix ./setuid.nix ./tinc_graphs.nix -- cgit v1.2.3