From b82fd9ba290c988e03e34c51fc3b1976be11739d Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 4 Sep 2015 01:29:32 +0200 Subject: krebs tv hosts: add xu --- krebs/3modules/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 140045b9..077a0e06 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -683,6 +683,31 @@ let }; secure = true; }; + xu = { + cores = 4; + # TODO xu is mobile, so dc means "home data center" + dc = "tv"; #dc = "gg23"; + nets = { + retiolum = { + addrs4 = ["10.243.13.38"]; + addrs6 = ["42:0:0:0:0:0:0:1338"]; + aliases = [ + "xu.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAl3l7IWbfbkVgaJFM3s9g2UCh2rmqoTba16Of7NNWMj05L/hIkUsQ + uc43/QzidWh/4gEaq5MQ7JpLyzVBQYRJkNlPRF/Z07KdLBskAZCjDYdYue9BrziX + 8s2Irs2+FNbCK2LqtrPhbcXQJvixsk6vjl2OBpWTDUcDEsk+D1YQilxdtyUzCUkw + mmRo/mzNsLZsYlSgZ6El/ZLkRdtexAzGxJ0DrukpDR0uqXXkp7jUaxRCZ+Cwanvj + 4I1Hu5aHzWB7KJ1SIvpX3a4f+mun1gh3TPqWP5PUqJok1PSuScz6P2UGaLZZyH63 + 4o+9nGJPuzb9bpMVRaVGtKXd39jwY7mbqwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + }; }; users = addNames { mv = { -- cgit v1.2.3 From 9dcea815c6d840abee2009c2cb56695039dbc8c8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 5 Sep 2015 12:12:21 +0200 Subject: krebs 3: make rsync work on retarted systems --- krebs/3modules/default.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 65ebad7b..ab78bcd2 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -58,8 +58,6 @@ let --exclude .graveyard \ --exclude old \ --rsync-path="mkdir -p \"$2\" && rsync" \ - --usermap=\*:0 \ - --groupmap=\*:0 \ --delete-excluded \ -vrLptgoD \ "$src" "$dst" -- cgit v1.2.3 From f3c1727659c59ff638b1adead8e30ee2f79f39de Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 5 Sep 2015 12:15:31 +0200 Subject: lass: add echelon --- krebs/3modules/default.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index ab78bcd2..78907960 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -216,6 +216,37 @@ let lass-imp = { hosts = addNames { + echelon = { + cores = 4; + dc = "lass"; #dc = "cac"; + nets = rec { + internet = { + addrs4 = ["162.248.167.198"]; + aliases = [ + "echelon.internet" + ]; + }; + retiolum = { + via = internet; + addrs4 = ["10.243.206.103"]; + addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f763"]; + aliases = [ + "echelon.retiolum" + "cgit.echelon.retiolum" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA92ybhDahtGybpAkUNlG5Elxw05MVY4Pg7yK0dQugB4nVq+pnmi78 + DOMeIciecMHmJM8n9UlUU0eWZVCgHeVd23d6J0hTHCv24p24uHEGGy7XlO/dPJ6A + IjROYU0l8c03pipdJ3cDBx6riArSglwmZJ7xH/Iw0BUhRZrPqbtijY7EcG2wc+8K + N9N9mBofVMl4EcBiDR/eecK+ro8OkeOmYPtYgFJLvxTYXiPIhOxMAlkOY2fpin/t + cgFLUFuN4ag751XjjcNpVovVq95vdg+VhKrrNVWZjJt03owW81BzoryY6CD2kIPq + UxK89zEdeYOUT7AxaT/5V5v41IvGFZxCzwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; cloudkrebs = { cores = 1; dc = "lass"; #dc = "cac"; -- cgit v1.2.3 From ab946ab7c12a5f25c62c0abfea5fa38189411e7b Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 18 Sep 2015 03:04:39 +0200 Subject: add "make infest" --- krebs/3modules/default.nix | 106 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index a6b5a190..2db9feda 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -121,6 +121,112 @@ let exec "$profile"/bin/switch-to-configuration switch EOF + + ''; + }; + infest = mkOption { + type = types.str; + default = '' + #! /bin/sh + set -efux + + target=${escapeShellArg cfg.build.target} + + push(){( + src=$1/ + dst=$target:/mnt$2 + rsync \ + --exclude .git \ + --exclude .graveyard \ + --exclude old \ + --rsync-path="mkdir -p \"/mnt$2\" && rsync" \ + --delete-excluded \ + -vrLptgoD \ + "$src" "$dst" + )} + + cat krebs/4lib/infest/1prepare | ssh "$target" + cat krebs/4lib/infest/2install-nix | ssh "$target" + + ${concatStrings (mapAttrsToList (name: { url, rev, ... }: + optionalString (rev == null) '' + push ${toString (map escapeShellArg [ + "${url}" + "/root/src/${name}" + ])} + '') config.deps)} + + ssh -S none "$target" /bin/sh <<\EOF + set -efux + + fetch(){( + url=$1 + rev=$2 + dst=$3 + mkdir -p "$dst" + cd "$dst" + if ! test -e .git; then + git init + fi + if ! cur_url=$(git config remote.origin.url 2>/dev/null); then + git remote add origin "$url" + elif test "$cur_url" != "$url"; then + git remote set-url origin "$url" + fi + if test "$(git rev-parse --verify HEAD 2>/dev/null)" != "$rev"; then + git fetch origin + git checkout "$rev" -- . + git checkout -q "$rev" + git submodule init + git submodule update + fi + git clean -dxf + )} + + ${concatStrings (mapAttrsToList (name: { url, rev, ... }: + optionalString (rev != null) '' + fetch ${toString (map escapeShellArg [ + url + rev + "/mnt/root/src/${name}" + ])} + '') config.deps)} + + export PATH=/root/.nix-profile/bin:/root/.nix-profile/sbin:$PATH + + sed < "$(type -p nixos-install)" > nixos-install ' + /^echo "building the system configuration..."/,/--set -A system/{ + s/.*/# &/ + s@.*--set -A system.*@&\n${concatStringsSep " " [ + "NIX_PATH=/mnt/root/src/" + "nix-env" + "-Q" + "-p /nix/var/nix/profiles/system" + "-f \"\"" + "--set" + "-A system" + "--argstr user-name ${escapeShellArg cfg.build.user.name}" + "--argstr system-name ${escapeShellArg cfg.build.host.name}" + ]}@ + } + ' + + sed -i 's/^nixpkgs=.*$/#&/' nixos-install + + + chmod +x nixos-install + + echo {} > /root/dummy.nix + + echo build system... + profile=/nix/var/nix/profiles/system + NIXOS_CONFIG=/root/dummy.nix \ + ./nixos-install -I /root/src/ + #nl -bp nixos-install + + EOF + + cat krebs/4lib/infest/4finalize | ssh "$target" ''; }; host = mkOption { -- cgit v1.2.3 From c20e49bd20554f2874aded7f29dd4958b3b78f38 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 18 Sep 2015 03:07:13 +0200 Subject: krebs 3: update echelon ip --- krebs/3modules/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 2db9feda..3879ccdd 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -328,7 +328,7 @@ let dc = "lass"; #dc = "cac"; nets = rec { internet = { - addrs4 = ["162.248.167.198"]; + addrs4 = ["162.248.8.61"]; aliases = [ "echelon.internet" ]; -- cgit v1.2.3 From 1c6d6918d710dd106dd163ef271cad0bf83edeec Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 19 Sep 2015 23:40:25 +0200 Subject: krebs 3: update echelon ip --- krebs/3modules/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 3879ccdd..0ffdec5f 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -328,7 +328,7 @@ let dc = "lass"; #dc = "cac"; nets = rec { internet = { - addrs4 = ["162.248.8.61"]; + addrs4 = ["162.248.8.63"]; aliases = [ "echelon.internet" ]; -- cgit v1.2.3