From e38f61c7ff54031d5f48e57b96eff0062feb99b2 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 30 Jan 2020 08:12:24 +0100 Subject: ma: update omo pubkey --- krebs/3modules/makefu/sshd/omo.pub | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/sshd/omo.pub b/krebs/3modules/makefu/sshd/omo.pub index 63bbbc70..5b943541 100644 --- a/krebs/3modules/makefu/sshd/omo.pub +++ b/krebs/3modules/makefu/sshd/omo.pub @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA -- cgit v1.2.3 From 160e9d1843b3e8c6d503a0ae023df31a27f7880c Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 12 Feb 2020 07:55:17 +0100 Subject: ma gum: add dns.euer.krebsco.de domain naim --- krebs/3modules/makefu/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index dcfee59b..6c2fd624 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -171,6 +171,7 @@ in { cgit.euer IN A ${nets.internet.ip4.addr} dl.euer IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} + dns.euer IN A ${nets.internet.ip4.addr} euer IN A ${nets.internet.ip4.addr} euer IN MX 1 aspmx.l.google.com. ghook IN A ${nets.internet.ip4.addr} -- cgit v1.2.3 From 0509f857414ef1ca9b84f6cec29985ea50ecf579 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 12 Feb 2020 07:55:39 +0100 Subject: ma gum: sort dnsnames --- krebs/3modules/makefu/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 6c2fd624..56d31352 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -164,14 +164,15 @@ in { ci = true; extraZones = { "krebsco.de" = '' + bookmark.euer IN A ${nets.internet.ip4.addr} boot IN A ${nets.internet.ip4.addr} boot.euer IN A ${nets.internet.ip4.addr} cache.euer IN A ${nets.internet.ip4.addr} cache.gum IN A ${nets.internet.ip4.addr} cgit.euer IN A ${nets.internet.ip4.addr} dl.euer IN A ${nets.internet.ip4.addr} - dockerhub IN A ${nets.internet.ip4.addr} dns.euer IN A ${nets.internet.ip4.addr} + dockerhub IN A ${nets.internet.ip4.addr} euer IN A ${nets.internet.ip4.addr} euer IN MX 1 aspmx.l.google.com. ghook IN A ${nets.internet.ip4.addr} @@ -179,7 +180,9 @@ in { gold IN A ${nets.internet.ip4.addr} graph IN A ${nets.internet.ip4.addr} gum IN A ${nets.internet.ip4.addr} + io IN NS gum.krebsco.de. iso.euer IN A ${nets.internet.ip4.addr} + mediengewitter IN CNAME over.dose.io. mon.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr} nixos.unstable IN CNAME krebscode.github.io. @@ -190,9 +193,6 @@ in { wg.euer IN A ${nets.internet.ip4.addr} wiki.euer IN A ${nets.internet.ip4.addr} wikisearch IN A ${nets.internet.ip4.addr} - bookmark.euer IN A ${nets.internet.ip4.addr} - io IN NS gum.krebsco.de. - mediengewitter IN CNAME over.dose.io. ''; }; cores = 8; -- cgit v1.2.3 From 345fc92cbf1975da935909e3769935e733890e88 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 13 Mar 2020 10:51:34 +0100 Subject: ma gum.r: add board.euer, rss.euer --- krebs/3modules/makefu/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 56d31352..c76ed0ad 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -182,6 +182,8 @@ in { gum IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. iso.euer IN A ${nets.internet.ip4.addr} + board.euer IN A ${nets.internet.ip4.addr} + rss.euer IN A ${nets.internet.ip4.addr} mediengewitter IN CNAME over.dose.io. mon.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr} @@ -202,7 +204,6 @@ in { ip6.addr = "2a01:4f8:191:12f6::2"; aliases = [ "gum.i" - "nextgum.i" ]; }; wiregrill = { @@ -238,6 +239,7 @@ in { "tracker.makefu.r" "wiki.gum.r" "wiki.makefu.r" + "warrior.gum.r" "sick.makefu.r" ]; }; -- cgit v1.2.3 From c76f1618940ff188258212a0988d3de7525f9e9e Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 25 Mar 2020 15:39:25 +0100 Subject: realwallpaper: redesign with new image sources --- krebs/3modules/realwallpaper.nix | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index a83758cc..7a0052a4 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -17,21 +17,6 @@ let default = "/var/realwallpaper/"; }; - nightmap = mkOption { - type = types.str; - default = "http://eoimages.gsfc.nasa.gov/images/imagerecords/55000/55167/earth_lights_lrg.jpg"; - }; - - daymap = mkOption { - type = types.str; - default = "https://www.nnvl.noaa.gov/images/globaldata/SnowIceCover_Daily.png"; - }; - - cloudmap = mkOption { - type = types.str; - default = "http://home.megapass.co.kr/~holywatr/cloud_data/clouds_2048.jpg"; - }; - marker = mkOption { type = types.str; default = "http://graph.r/marker.json"; @@ -67,9 +52,6 @@ let environment = { working_dir = cfg.workingDir; - nightmap_url = cfg.nightmap; - daymap_url = cfg.daymap; - cloudmap_url = cfg.cloudmap; marker_url = cfg.marker; }; -- cgit v1.2.3 From a0347a6443ac07bbb986080dafe44af4a25e0f98 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 25 Mar 2020 18:14:04 +0100 Subject: realwallpaper: add HD version with planets and krebs --- krebs/3modules/realwallpaper.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index 7a0052a4..cfa8a65b 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -45,6 +45,7 @@ let path = with pkgs; [ xplanet imagemagick + inkscape curl file jq -- cgit v1.2.3 From a29d406c681dcc95230db76cc6f0038b98b8adbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 2 Feb 2020 12:48:15 +0000 Subject: m: drop idontcare, add herbert --- krebs/3modules/external/mic92.nix | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index a748b145..23ab4f68 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -144,24 +144,24 @@ in { }; }; }; - idontcare = { + herbert = { owner = config.krebs.users.Mic92; nets = rec { retiolum = { addrs = [ - config.krebs.hosts.idontcare.nets.retiolum.ip4.addr - config.krebs.hosts.idontcare.nets.retiolum.ip6.addr + config.krebs.hosts.herbert.nets.retiolum.ip4.addr + config.krebs.hosts.herbert.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.177"; - aliases = [ "idontcare.r" ]; + aliases = [ "herbert.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O - qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A - OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An - lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb - O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw - jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB + MIIBCgKCAQEA7ZINr8YxVwHtcOR+ySpc9UjnJWsFXlOyu3CnrJ8IrY+mPA25UmNZ + stXd8QbJuxpad9HyPs294uW8UmXttEZzIwAlikVHasM5IQHVltudTTFvv7s3YFWd + /lgpHbo8zOA2mafx+Sr02Fy/lHjk6BTf8IOzdJIpUHZL/P+FUl9baBwGLmtbEvPh + fbvtf5QryBjJ9nRnb+wsPVpeFE/LncIMK/bYQsyE01T5QDu/muAaeYPbgm6FqaQH + OJ4oEHsarWBvU1qzgz/IRz0BHHeTrbbP3AG/glTwL02Z1mtTXSjME7cfk7ZRM5Cj + jXAqnqu2m1B08Kii+zYp4BPZDmPLT5gq+QIDAQAB -----END RSA PUBLIC KEY----- ''; }; -- cgit v1.2.3 From 0578d851885e59b317d653982b7b74f10739b9f3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Apr 2020 12:33:08 +0200 Subject: syncthing: use upstream module --- krebs/3modules/default.nix | 1 - krebs/3modules/syncthing.nix | 206 ------------------------------------------- 2 files changed, 207 deletions(-) delete mode 100644 krebs/3modules/syncthing.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 6f06f451..aa06a883 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -50,7 +50,6 @@ let ./secret.nix ./setuid.nix ./shadow.nix - ./syncthing.nix ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix diff --git a/krebs/3modules/syncthing.nix b/krebs/3modules/syncthing.nix deleted file mode 100644 index 799ed7ed..00000000 --- a/krebs/3modules/syncthing.nix +++ /dev/null @@ -1,206 +0,0 @@ -{ config, pkgs, ... }: with import ; - -let - - kcfg = config.krebs.syncthing; - scfg = config.services.syncthing; - - devices = mapAttrsToList (name: peer: { - name = name; - deviceID = peer.id; - addresses = peer.addresses; - }) kcfg.peers; - - folders = mapAttrsToList ( _: folder: { - inherit (folder) path id type; - devices = map (peer: { deviceId = kcfg.peers.${peer}.id; }) folder.peers; - rescanIntervalS = folder.rescanInterval; - fsWatcherEnabled = folder.watch; - fsWatcherDelayS = folder.watchDelay; - ignoreDelete = folder.ignoreDelete; - ignorePerms = folder.ignorePerms; - }) kcfg.folders; - - getApiKey = pkgs.writeDash "getAPIKey" '' - ${pkgs.libxml2}/bin/xmllint \ - --xpath 'string(configuration/gui/apikey)'\ - ${scfg.configDir}/config.xml - ''; - - updateConfig = pkgs.writeDash "merge-syncthing-config" '' - set -efu - - # XXX this assumes the GUI address to be "IPv4 address and port" - host=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 0)} - port=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 1)} - - # wait for service to restart - ${pkgs.untilport}/bin/untilport "$host" "$port" - - API_KEY=$(${getApiKey}) - - _curl() { - ${pkgs.curl}/bin/curl \ - -Ss \ - -H "X-API-Key: $API_KEY" \ - "http://$host:$port/rest""$@" - } - - old_config=$(_curl /system/config) - new_config=${shell.escape (toJSON { - inherit devices folders; - })} - new_config=$(${pkgs.jq}/bin/jq -en \ - --argjson old_config "$old_config" \ - --argjson new_config "$new_config" \ - ' - $old_config * $new_config - ${optionalString (!kcfg.overridePeers) '' - * { devices: $old_config.devices } - ''} - ${optionalString (!kcfg.overrideFolders) '' - * { folders: $old_config.folders } - ''} - ' - ) - echo $new_config | _curl /system/config -d @- - _curl /system/restart -X POST - ''; - -in - -{ - options.krebs.syncthing = { - - enable = mkEnableOption "syncthing-init"; - - cert = mkOption { - type = types.nullOr types.absolute-pathname; - default = null; - }; - - key = mkOption { - type = types.nullOr types.absolute-pathname; - default = null; - }; - - overridePeers = mkOption { - type = types.bool; - default = true; - description = '' - Whether to delete the peers which are not configured via the peers option - ''; - }; - peers = mkOption { - default = {}; - type = types.attrsOf (types.submodule ({ - options = { - - # TODO make into addr + port submodule - addresses = mkOption { - type = types.listOf types.str; - default = []; - }; - - #TODO check - id = mkOption { - type = types.str; - }; - - }; - })); - }; - - overrideFolders = mkOption { - type = types.bool; - default = true; - description = '' - Whether to delete the folders which are not configured via the peers option - ''; - }; - folders = mkOption { - default = {}; - type = types.attrsOf (types.submodule ({ config, ... }: { - options = { - - path = mkOption { - type = types.absolute-pathname; - default = config._module.args.name; - }; - - id = mkOption { - type = types.str; - default = config._module.args.name; - }; - - peers = mkOption { - type = types.listOf types.str; - default = []; - }; - - rescanInterval = mkOption { - type = types.int; - default = 3600; - }; - - type = mkOption { - type = types.enum [ "sendreceive" "sendonly" "receiveonly" ]; - default = "sendreceive"; - }; - - watch = mkOption { - type = types.bool; - default = true; - }; - - watchDelay = mkOption { - type = types.int; - default = 10; - }; - - ignoreDelete = mkOption { - type = types.bool; - default = false; - }; - - ignorePerms = mkOption { - type = types.bool; - default = true; - }; - - }; - })); - }; - }; - - config = mkIf kcfg.enable { - - systemd.services.syncthing = mkIf (kcfg.cert != null || kcfg.key != null) { - serviceConfig.PermissionsStartOnly = mkDefault true; - preStart = '' - ${optionalString (kcfg.cert != null) '' - cp ${toString kcfg.cert} ${scfg.configDir}/cert.pem - chown ${scfg.user}:${scfg.group} ${scfg.configDir}/cert.pem - chmod 400 ${scfg.configDir}/cert.pem - ''} - ${optionalString (kcfg.key != null) '' - cp ${toString kcfg.key} ${scfg.configDir}/key.pem - chown ${scfg.user}:${scfg.group} ${scfg.configDir}/key.pem - chmod 400 ${scfg.configDir}/key.pem - ''} - ''; - }; - - systemd.services.syncthing-init = { - after = [ "syncthing.service" ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - User = scfg.user; - RemainAfterExit = true; - Type = "oneshot"; - ExecStart = updateConfig; - }; - }; - }; -} -- cgit v1.2.3 From 7b72fc3de26431c0b739b9572984f5be768030b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Apr 2020 10:34:27 +0200 Subject: ci: fetch every 100s --- krebs/3modules/ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 7695667f..50db0b97 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -52,7 +52,7 @@ let "${url}", workdir='${name}-${elemAt(splitString "." url) 1}', branches=True, project='${name}', - pollinterval=10 + pollinterval=100 ) ) '') repo.urls) -- cgit v1.2.3 From 0cb8ab061a8aa5691e6fc78c8552c18ab035fe53 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Apr 2020 17:06:24 +0200 Subject: hidden-ssh: add message option --- krebs/3modules/hidden-ssh.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/hidden-ssh.nix b/krebs/3modules/hidden-ssh.nix index 2d697e49..f497de45 100644 --- a/krebs/3modules/hidden-ssh.nix +++ b/krebs/3modules/hidden-ssh.nix @@ -19,6 +19,10 @@ let type = types.str; default = "irc.freenode.org"; }; + message = mkOption { + type = types.str; + default = "SSH Hidden Service at "; + }; }; imp = let @@ -50,7 +54,7 @@ let ${pkgs.irc-announce}/bin/irc-announce \ ${cfg.server} 6667 ${config.krebs.build.host.name}-ssh \ \${cfg.channel} \ - "SSH Hidden Service at $(cat ${hiddenServiceDir}/hostname)" + "${cfg.message}$(cat ${hiddenServiceDir}/hostname)" ''; PrivateTmp = "true"; User = "tor"; -- cgit v1.2.3