From 2e39f7b3d1805346e067bdc7236bd7dfe87381a2 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 27 Oct 2017 11:07:19 +0200 Subject: mv makefu/{slog,internetarchive} krebs/ --- krebs/5pkgs/simple/internetarchive/default.nix | 38 ++++++++++++++++++++++++++ krebs/5pkgs/simple/slog/default.nix | 26 ++++++++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 krebs/5pkgs/simple/internetarchive/default.nix create mode 100644 krebs/5pkgs/simple/slog/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/internetarchive/default.nix b/krebs/5pkgs/simple/internetarchive/default.nix new file mode 100644 index 000000000..f5e1bbff3 --- /dev/null +++ b/krebs/5pkgs/simple/internetarchive/default.nix @@ -0,0 +1,38 @@ +{ pkgs, fetchFromGitHub, ... }: +with pkgs.python3Packages; +buildPythonPackage rec { + pname = "internetarchive"; + version = "1.7.3"; + name = "${pname}-${version}"; + propagatedBuildInputs = [ + requests + jsonpatch + docopt + clint + six + schema + backports_csv + ]; + +# check only works when cloned from git repo + doCheck = false; + checkInputs = [ + pytest + responses + ]; + + prePatch = '' + sed -i "s/'schema.*'/'schema>=0.4.0'/" setup.py + ''; + + src = fetchPypi { + inherit pname version; + sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g"; + }; + + meta = with stdenv.lib; { + description = "python library and cli for uploading files to internet archive"; + license = licenses.agpl3; + }; + +} diff --git a/krebs/5pkgs/simple/slog/default.nix b/krebs/5pkgs/simple/slog/default.nix new file mode 100644 index 000000000..c74a2ad80 --- /dev/null +++ b/krebs/5pkgs/simple/slog/default.nix @@ -0,0 +1,26 @@ +{ pkgs, stdenv, fetchFromGitHub }: + +## use with: +# . $(command -v slog.sh) +stdenv.mkDerivation rec { + name = "slog-${version}"; + version = "2017-10-27"; + + src = fetchFromGitHub { + owner = "makefu"; + repo = "slog"; + rev = "50367c3"; + sha256 = "16wlh8xz430101lrxmgl2wangbbhvyj4pg8k5aibnh76sgj6x77r"; + }; + + installPhase = '' + mkdir -p $out/bin + install -m755 slog.sh $out/bin + ''; + + meta = with stdenv.lib; { + description = "POSIX shell logging"; + license = licenses.mit; + }; + +} -- cgit v1.2.3 From 0ed8f933f6baf26e43e632ada61ec4367d956033 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 2 Nov 2017 14:26:50 +0100 Subject: wolf.r: add extra mibs for telegraf --- krebs/1systems/wolf/config.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 21ae20ea0..4d0c0ffa5 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -26,9 +26,13 @@ in { systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate - #systemd.services.telegraf.environment = { - # "MIBDIRS" : ""; # extra mibs like ADSL - #}; + systemd.services.telegraf.environment = { + MIBDIRS = pkgs.fetchgit { + url = "http://git.shackspace.de/makefu/modem-mibs.git"; + sha256 = + "a4244aa43ddd6e3ef9e64bb80f4ee952f68232aa008d3da9c78e3b627e5675c8"; + }; # extra mibs like ADSL + }; services.telegraf = { enable = true; extraConfig = { -- cgit v1.2.3 From 0f2fe8b6f5306976da3f230ea350f2f6596fe3f5 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 2 Nov 2017 14:27:23 +0100 Subject: ma: update gum ip --- krebs/3modules/makefu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 401cba97a..acd4184c0 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -545,8 +545,8 @@ with import ; }; nets = rec { internet = { - ip4.addr = "188.68.40.19"; - ip6.addr = "2a03:4000:17:2df::1"; + ip4.addr = "185.194.143.140"; + ip6.addr = "2a03:4000:1c:43f::1"; aliases = [ "gum.i" ]; -- cgit v1.2.3 From c25ece931d4b9e0f76330563345b9a54965363c7 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 2 Nov 2017 16:28:25 +0100 Subject: rtorrent module: replace legacy commands --- krebs/3modules/rtorrent.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index 472accef9..b7ef824b5 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -38,12 +38,12 @@ let ${optionalString (cfg.enableXMLRPC ) '' # prepare socket and set permissions. rtorrent user is part of group nginx # TODO: configure a shared torrent group - execute_nothrow = rm,${cfg.xmlrpc-socket} + execute.nothrow = rm,${cfg.xmlrpc-socket} scgi_local = ${cfg.xmlrpc-socket} schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"ug+w,o=\",${cfg.xmlrpc-socket}" ''} - system.file_allocate.set = ${if cfg.preAllocate then "yes" else "no"} + system.file.allocate.set = ${if cfg.preAllocate then "yes" else "no"} # Prepare systemd logging log.open_file = "rtorrent-systemd", ${systemd-logfile} -- cgit v1.2.3 From 24ef0f56ba48da109b7288e37304958b0320dc0e Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 2 Nov 2017 21:12:27 +0100 Subject: tv querel: init --- krebs/3modules/tv/default.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index e80becfa7..98145274c 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -254,6 +254,36 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa"; }; + querel = { + ci = true; + cores = 2; + nets = { + retiolum = { + ip4.addr = "10.243.22.22"; + ip6.addr = "42::2222"; + aliases = [ + "querel.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEArv9eB8acpUhJwRaLY9kGeM7DEPvInVvoduEbec10p4Y2PFx2MjSz + 2OhyxFRkONC4EMV9oVTKD+NRtpbRGZGLYD8ZPB622SvccgB0XnL6ZZfie1feSgrn + bPyVnX8EnEgtx9IQckHyaxWgtyrluJnY2CbLkCYgD+50KFT12rdHyAa3+QoYU65x + ACQo28i9xIpsl6dm7iWBb+ecHc7fST35OqWywtVxSpHPe1nvwaYm1p3rqqtkCGVh + iXE5ruAscri7Dskc5dGR1p7LquhBaebuylH6sfRKA6kre05+/IkXi+JLeAmAtJ+W + xezYlecEvxhguql9ZmSYAYkR4KknZb56KtvCnm29o0evvEpsaYcbtgq1D0JhoGyk + 4DixS5e+5dg470icVKxPfz1AzejxrTUTtMlI28qjAIx1FcmCBGM+T6yHs/MhNGbf + aqUmN+FwtsJ2QWFYqu9zjxxyAfrAw+gqHm0LnsKK1ttwF/2fYCTRLowY+ItB3axs + UVq7DQxyunyYalKGX2RSJ5BHczREHrfgX43HCSlcAuMuow9jHLOjzul0A49rSZ9E + vOPqbjrki0KEEQj0HN3Ax4UVqZ6mPWaTQzuup+bPQ/2Sjkx6COzMSAPmKo4l6DkA + J++ZonpnOCUkwCeCU6qJgMuHeXn0uh117Ypj/3J9eKYMO/RTSs3x8l0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPFM2GdL9yOjSBmYBE07ClywNOADc/zxqXwZuWd7Mael root@querel.r"; + }; xu = { binary-cache = { pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s="; @@ -339,6 +369,8 @@ with import ; dv = { mail = "dv@alnus.r"; }; + itak = { + }; mv-ni = { mail = "mv@ni.r"; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod"; -- cgit v1.2.3 From bc1dbd6d0ab121682c67dae85711ccab027401ae Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 10 Nov 2017 18:28:40 +0100 Subject: nixpkgs: 07ca7b6 -> 0c5a587 --- krebs/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/source.nix b/krebs/source.nix index 09edc817b..39a388e03 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -14,6 +14,6 @@ in stockholm.file = toString ; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "07ca7b64d2ff2fa7a79e4eab1aba70ff746fed8c"; # nixos-17.09 @ 2017-10-02 + ref = "0c5a587eeba5302ff87e494baefd2f14f4e19bee"; # nixos-17.09 @ 2017-11-10 }; } -- cgit v1.2.3 From 407d92e9a1a74ae275ede8fbfd9a31c7b7810afd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 01:55:15 +0100 Subject: wolf.r: fix modem-mibs hash --- krebs/1systems/wolf/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 4d0c0ffa5..0b21c0b6c 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -30,7 +30,7 @@ in MIBDIRS = pkgs.fetchgit { url = "http://git.shackspace.de/makefu/modem-mibs.git"; sha256 = - "a4244aa43ddd6e3ef9e64bb80f4ee952f68232aa008d3da9c78e3b627e5675c8"; + "1rhrpaascvj5p3dj29hrw79gm39rp0aa787x95m3r2jrcq83ln1k"; }; # extra mibs like ADSL }; services.telegraf = { -- cgit v1.2.3 From ae4cb860ea2bd99d80e66e48480e0d2a9731c2bd Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 12 Nov 2017 09:43:25 +0100 Subject: per-user module: factor away api and imp --- krebs/3modules/per-user.nix | 24 +++++++----------------- 1 file changed, 7 insertions(+), 17 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index 1b8d092bb..9cbd9e1ea 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -1,28 +1,19 @@ -{ config, lib, pkgs, ... }: - with import ; - -let +{ config, pkgs, ... }: let cfg = config.krebs.per-user; - - out = { - options.krebs.per-user = api; - config = imp; - }; - - api = mkOption { - type = with types; attrsOf (submodule { +in { + options.krebs.per-user = mkOption { + type = types.attrsOf (types.submodule { options = { packages = mkOption { - type = listOf path; + type = types.listOf types.path; default = []; }; }; }); default = {}; }; - - imp = { + config = { environment = { etc = flip mapAttrs' cfg (name: { packages, ... }: { name = "per-user/${name}"; @@ -34,5 +25,4 @@ let profiles = ["/etc/per-user/$LOGNAME"]; }; }; - -in out +} -- cgit v1.2.3 From 9c8680981fc93c7bce3c4a5198d1d4cb36bd876a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 12 Nov 2017 09:57:07 +0100 Subject: per-user module: symlinkJoin -> buildEnv Refs https://github.com/NixOS/nixpkgs/pull/31283 --- krebs/3modules/per-user.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index 9cbd9e1ea..9080e3b44 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -17,9 +17,12 @@ in { environment = { etc = flip mapAttrs' cfg (name: { packages, ... }: { name = "per-user/${name}"; - value.source = pkgs.symlinkJoin { + value.source = pkgs.buildEnv { name = "per-user.${name}"; paths = packages; + pathsToLink = [ + "/bin" + ]; }; }); profiles = ["/etc/per-user/$LOGNAME"]; -- cgit v1.2.3 From 7393d245d61eac3f0c4f9f79865f8c9e8aea4839 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 12 Nov 2017 10:47:36 +0100 Subject: per-user module: create profiles only when needed Refs https://github.com/NixOS/nixpkgs/pull/25712 --- krebs/3modules/per-user.nix | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index 9080e3b44..a7a07a8e6 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -15,16 +15,19 @@ in { }; config = { environment = { - etc = flip mapAttrs' cfg (name: { packages, ... }: { - name = "per-user/${name}"; - value.source = pkgs.buildEnv { - name = "per-user.${name}"; - paths = packages; - pathsToLink = [ - "/bin" - ]; - }; - }); + etc = + mapAttrs' + (name: per-user: { + name = "per-user/${name}"; + value.source = pkgs.buildEnv { + name = "per-user.${name}"; + paths = per-user.packages; + pathsToLink = [ + "/bin" + ]; + }; + }) + (filterAttrs (_: per-user: per-user.packages != []) cfg); profiles = ["/etc/per-user/$LOGNAME"]; }; }; -- cgit v1.2.3 From 1f50c4e068294bba196695394660527963e7690b Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 12 Nov 2017 11:35:11 +0100 Subject: urlwatch: 2.6 -> 2.7 --- krebs/5pkgs/simple/urlwatch/default.nix | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix index adaefbc4d..ebf872568 100644 --- a/krebs/5pkgs/simple/urlwatch/default.nix +++ b/krebs/5pkgs/simple/urlwatch/default.nix @@ -1,14 +1,18 @@ -{ stdenv, fetchurl, python3Packages }: +{ stdenv, fetchFromGitHub, python3Packages }: -python3Packages.buildPythonPackage rec { - name = "urlwatch-${meta.version}"; +python3Packages.buildPythonApplication rec { + name = "urlwatch-${version}"; + version = "2.7"; - src = fetchurl { - url = "https://github.com/thp/urlwatch/archive/${meta.version}.tar.gz"; - sha256 = "09bn31gn03swi7yr3s1ql8x07hx96gap1ka77kk44kk0lvfxn55b"; + src = fetchFromGitHub { + owner = "thp"; + repo = "urlwatch"; + rev = version; + sha256 = "0fx964z73yv08b1lpymmjsigf6929zx9ax5bp34rcf2c5gk11l5m"; }; propagatedBuildInputs = with python3Packages; [ + appdirs keyring minidb pycodestyle @@ -16,11 +20,10 @@ python3Packages.buildPythonPackage rec { requests ]; - meta = { + meta = with stdenv.lib; { description = "A tool for monitoring webpages for updates"; homepage = https://thp.io/2008/urlwatch/; - license = stdenv.lib.licenses.bsd3; - maintainers = [ stdenv.lib.maintainers.tv ]; - version = "2.6"; + license = licenses.bsd3; + maintainers = with maintainers; [ tv ]; }; } -- cgit v1.2.3 From 80d7aa5f9c2e881f646f62443e6d2329d9be832d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 12 Nov 2017 13:31:01 +0100 Subject: RIP archprism --- krebs/3modules/lass/default.nix | 36 ------------------------------------ 1 file changed, 36 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 3e03e71cb..f479e6504 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -132,38 +132,6 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD"; }; - archprism = rec { - cores = 4; - nets = rec { - retiolum = { - via = internet; - ip4.addr = "10.243.0.104"; - ip6.addr = "42::fa17"; - aliases = [ - "archprism.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAvzhoBsxUaEwm7ctiw3xvLFP2RoVaiHnF+Sm4J8E4DOerPToXxlyl - kxvMPaRnhtiO6MK0Vv2+VswKIeRkMm5YuD5MG7wni4vUKcRx9cCgKji/s0vGqLhl - JKK9i23q7epvQ32Is/e3P+fQ5KM50EO+TWACNaroCNoyJvZ/G8BWXw6WnIOsuX0I - AoPW2ol8/sdZxeK4hCe/aQz6y0AEvigpvPkHx+TE5fkBeIeqhiKTIWpEqjU4wXx5 - jP2izYuaIsHAihU8mm03xRxT4+4IHYt6ddrhNeBuJBsATLkDgULdQyOoEzmXCm2j - anGRBZoYVazxn7d8mKBdE09ZNc1ijULZgwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - internet = { - ip4.addr = "213.239.205.240"; - aliases = [ - "archprism.i" - ]; - ssh.port = 45621; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQChm4sqQ2bUZj+2YnTf6G5HHRTpSe1jTUhJRnwcYPYZKF+CBqBncipRpuGlGXEsptNa+7ZMcQC0ySsz5SUOMt3Ih+NehVe/qt3VtRz0l0MgOWmH2qBwKK9Y4IuxrJQzUmP4UGlOGlFj9DORssSMOyFIG4eZ9k2qMn3xal0NVRfGTShKlouWsiUILZ8I+sDNE00z8DAYesgc1yazvRnjzvLkRxdNdpYiAFBbmXMpPKK95McRJaWsuNSeal9kd5p5PagWcgN4DZ6+ebzz3NKnmzk4j+vuHX0U9lTXBqKMlzzmM2YNLRtDPfrtJNyHqLpZUpFhJKqZCD+4/0zdrzRfC7Th+5czzUCSvHiKPVsqw5eOdiQX6EyzNAF5zpkpRp//QdUNNXC5/Ku6GKCO491+TuA8VCha0fOwBONccTLUI/hGNmCh88mLbukVoeGJrbYNCOA/6kEz7ZLEveU4i+TT7okhDElMsNk+AWCZ8/NdJQNX3/K6+JJ9qAn+/yC8LdjgYYJ2oU/aw5/HyOgiQ0z4n9UfQ7j+nHysY9CQb1b3guX7yjJoc3KpNXCXEztuIRHjFD1EP8NRTSmGjsa/VjLmTLSsqjD+7IE5mT0tO5RJvmagDgdJSr/iR5D9zjW7hx7ttvektrlp9g0v3CiCFVaW4l95hGYT0HaNBLJ5R0YHm0lD+Q=="; - }; domsen-nas = { ci = false; external = true; @@ -555,10 +523,6 @@ with import ; fritz = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540"; }; - archprism-repo-sync = { - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINR9oL/OPHjjKjQ+IyRqWpgrXdZrKKAwFKIte8gYml6C"; - mail = "lass@prism.r"; - }; prism-repo-sync = { pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe"; mail = "lass@prism.r"; -- cgit v1.2.3 From f1a0eb6686a0ab4e64ad8bc9cbed509964efd1d2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 13 Nov 2017 00:16:02 +0100 Subject: l: add littleT.r --- krebs/3modules/lass/default.nix | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index f479e6504..867f1bd34 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -342,6 +342,47 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqpx9jJnn4QMGO8BOrGOLRN1rgpIkR14sQb8S+otWEL"; }; + littleT = { + cores = 2; + nets = { + retiolum = { + ip4.addr = "10.243.133.77"; + ip6.addr = "42:0:0:0:0:0:717:7137"; + aliases = [ + "littleT.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEA2nPi6ui8nJhEL3lFzDoPelFbEwFWqPnQa0uVxLAhf2WnmT/vximF + /m2ZWpKDZyKx17GXQwm8n0NgyvcemvoCVGqSHIsbxvLB6aBF6ZLkeKyx1mZioEDY + 1MWR+yr42dFn+6uVTxJhLPmOxgX0D3pWe31UycoAMSWf4eAhmFIEFUvQCAW43arO + ni1TFSsaHOCxOaLVd/r7tSO0aT72WbOat84zWccwBZXvpqt/V6/o1MGB28JwZ92G + sBMjsCsoiciSg9aAzMCdjOYdM+RSwHEHI9xMineJgZFAbQqwTvK9axyvleJvgaWR + M9906r/17tlqJ/hZ0IwA6X+OT4w/JNGruy/5phxHvZmDgvXmYD9hf2a6JmjOMPp/ + Zn6zYCDYgSYugwJ7GI39GG7f+3Xpmre87O6g6WSaMWCfdOaAeYnj+glP5+YvTLpT + +cdN9HweV27wShRozJAqTGZbD0Nfs+EXd0J/q6kP43lwv6wyZdmXCShPF2NzBlEY + xdtWKhRYKC1cs0Z2nK+XGEyznNzp1f8NC5qvTguj4kDMhoOd6WXwk460HF49Tf/c + aGQTGzgEVMAI7phTJubEmxdBooedvPFamS5wpHTmOt9dZ3qbpCgThaMblVvUu/lm + 7pkPgc60Y2RAk/Rvyy5A8AaxBXPRBNwVkM5TY/5TW+S1zY09600ZCC2GE27qGT9v + k4GHabO42n3wTHk+APodzKDBbEazhOp5Oclg4nNKqgg+IrmheB91oEqBXlfyDj8B + idVoUvbH9WPwBqdh7hoqzrHDur5wCFBphrkjEe98o5iFFFi2C8W04H7iqe+nFqvJ + y/vzKk5kbfpjov71EEje+hNUCLTWF7sjgT4Z2z8LuqjpIq+d2i5dASfTqj4VBs6D + SeiHyyAfCHG/03I9E5eizCCd98Tr30yhu3IKsdFFXsVwxHVFenq2Y1ca7uypCk+i + mDC5q5WQFEK/8SSO25i1teWBawfNVVVI/A1b676VJyafS9ebJs8TmXYRbE6rcBzH + PssdHNwbtEwhbGdQhgQ2pqQg1SIZM3zvjcpgzL9QP29tulubJ05keaw/4p/Yg/mB + ivF8EAIefXYYVxYkRQsHox7UQpSCzjOtj7gvc0KdJxshSLuryM0LxP+gk+x6JPX5 + Ht8x+oE7iL0cqBsIenc/e0XdTZ+4zrBY5hWbGH8a8VJqEYs54WRJhzQf1jzNaCbS + 8328MpRF5lXujv61aveg0i4pvczznlSV7wXmmwNAdhvSUTh34tCpRqabpCJdlRBt + NvVuij6guPKt4XV1TxXNsPCfib1vYjvwX8gUE4UhL69VmM8OBaC3XdroMfNvz9YW + 5ObxDGIEiP53Jp8hiWId0AI/XF5Ct3Gh2wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX"; + }; iso = { ci = false; cores = 1; -- cgit v1.2.3 From 80aefebe97c1d102369c42e187a14cef29c52b03 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 14 Nov 2017 10:18:20 +0100 Subject: cake.r: configure 4 cores --- krebs/3modules/makefu/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index acd4184c0..29f188bbe 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -5,7 +5,7 @@ with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { cake = rec { - cores = 1; + cores = 4; ci = false; nets = { retiolum = { -- cgit v1.2.3 From 2f183f41ca257fbe9b48b58314849175ceb2dc6b Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 15 Nov 2017 16:41:29 +0100 Subject: withGetopt: replace \\> --- krebs/5pkgs/simple/withGetopt.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/withGetopt.nix b/krebs/5pkgs/simple/withGetopt.nix index 179051bdf..d20802fb2 100644 --- a/krebs/5pkgs/simple/withGetopt.nix +++ b/krebs/5pkgs/simple/withGetopt.nix @@ -20,7 +20,7 @@ opt-spec: cmd-spec: let # true if b requires a to define its default value opts-before = a: b: - test ".*[$]${stringAsChars (c: "[${c}]") a.varname}\\>.*" (b.default or ""); + test ".*[$]${stringAsChars (c: "[${c}]") a.varname}([^0-9A-Za-z_].*)?" (b.default or ""); opts-list = let sort-out = toposort opts-before (attrValues opts); -- cgit v1.2.3 From f2160466d1482df3518a0c9abb06b746745bc0c0 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 22 Nov 2017 19:12:12 +0100 Subject: krebszones: make OVH_ZONE_CONFIG configurable --- krebs/5pkgs/simple/krebszones/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/krebszones/default.nix b/krebs/5pkgs/simple/krebszones/default.nix index b54c95d88..32608e7fa 100644 --- a/krebs/5pkgs/simple/krebszones/default.nix +++ b/krebs/5pkgs/simple/krebszones/default.nix @@ -2,7 +2,7 @@ pkgs.writeDashBin "krebszones" '' set -efu - export OVH_ZONE_CONFIG=$HOME/.secrets/krebs/ovh-zone.conf + export OVH_ZONE_CONFIG=''${OVH_ZONE_CONFIG:-$HOME/.secrets/krebs/ovh-zone.conf} case $* in import) set -- import /etc/zones/krebsco.de krebsco.de -- cgit v1.2.3 From 536efca9b7a7c300f514ccb3bf0fdb6716280068 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 22 Nov 2017 19:15:09 +0100 Subject: gum.r: add dockerhub.krebsco.de alias --- krebs/3modules/makefu/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 29f188bbe..080b8fced 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -540,6 +540,7 @@ with import ; wiki.euer IN A ${nets.internet.ip4.addr} graph IN A ${nets.internet.ip4.addr} ghook IN A ${nets.internet.ip4.addr} + dockerhub IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. ''; }; -- cgit v1.2.3 From 899ca292682f2ebf22f930c3ddb75a04eb8cc102 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 25 Nov 2017 15:40:45 +0100 Subject: exim module: disable chunking --- krebs/3modules/exim.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix index 0044f5b32..cfcbbc438 100644 --- a/krebs/3modules/exim.nix +++ b/krebs/3modules/exim.nix @@ -42,6 +42,10 @@ in { exim_group = ${cfg.group.name} exim_path = /run/wrappers/bin/exim spool_directory = ${cfg.user.home} + + # https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html + chunking_advertise_hosts = + ${cfg.config} ''; systemPackages = [ pkgs.exim ]; -- cgit v1.2.3 From a96a51e9ac6abc7385702bd562fc7c34df65d143 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Nov 2017 17:55:25 +0100 Subject: hotdog.r: remove krebs reaktor --- krebs/1systems/hotdog/config.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'krebs') diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 4fdb53ae7..73b5377bd 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -13,7 +13,6 @@ - ]; -- cgit v1.2.3 From 9273a32fee20c3f8607d190aea341251de5f5364 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Nov 2017 17:55:25 +0100 Subject: hotdog.r: remove krebs reaktor --- krebs/1systems/hotdog/config.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'krebs') diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 4fdb53ae7..73b5377bd 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -13,7 +13,6 @@ - ]; -- cgit v1.2.3 From 5014ba291dce70a8b4ffb36ddc0d9cd3a45aa6e4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Nov 2017 19:40:03 +0100 Subject: types: use cidr only in tinc.subnets --- krebs/3modules/lass/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 867f1bd34..d2c3000d6 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -449,8 +449,6 @@ with import ; retiolum = rec { via = internet; addrs = [ - # edinburgh university - "129.215.0.0/16" ip4.addr ip6.addr ]; @@ -472,6 +470,10 @@ with import ; lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== -----END RSA PUBLIC KEY----- ''; + tinc.subnets = [ + # edinburgh university + "129.215.0.0/16" + ]; }; }; }; -- cgit v1.2.3 From 8f785237b2dc46c63272e360cece351b2974cb6d Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 30 Nov 2017 22:35:04 +0100 Subject: zones module: init (import from default.nix) --- krebs/3modules/default.nix | 12 +----------- krebs/3modules/zones.nix | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 11 deletions(-) create mode 100644 krebs/3modules/zones.nix (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index c89f3229d..a8933e719 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -44,6 +44,7 @@ let ./tinc_graphs.nix ./urlwatch.nix ./repo-sync.nix + ./zones.nix ]; options.krebs = api; config = lib.mkIf cfg.enable imp; @@ -171,17 +172,6 @@ let ''; }; - # Implements environment.etc."zones/" - environment.etc = let - stripEmptyLines = s: (concatStringsSep "\n" - (remove "\n" (remove "" (splitString "\n" s)))) + "\n"; - all-zones = foldAttrs (sum: current: sum + "\n" +current ) "" - ([cfg.zone-head-config] ++ combined-hosts); - combined-hosts = (mapAttrsToList (name: value: value.extraZones) cfg.hosts ); - in lib.mapAttrs' (name: value: nameValuePair - ("zones/" + name) - { text=(stripEmptyLines value); }) all-zones; - krebs.exim-smarthost.internet-aliases = let format = from: to: { inherit from; diff --git a/krebs/3modules/zones.nix b/krebs/3modules/zones.nix new file mode 100644 index 000000000..eb1351866 --- /dev/null +++ b/krebs/3modules/zones.nix @@ -0,0 +1,22 @@ +with import ; +{ config, ... }: { + + config = { + # Implements environment.etc."zones/" + environment.etc = let + stripEmptyLines = s: (concatStringsSep "\n" + (remove "\n" (remove "" (splitString "\n" s)))) + "\n"; + all-zones = foldAttrs (sum: current: sum + "\n" +current ) "" + ([config.krebs.zone-head-config] ++ combined-hosts); + combined-hosts = + mapAttrsToList (name: getAttr "extraZones") config.krebs.hosts; + in + mapAttrs' + (name: value: { + name = "zones/${name}"; + value.text = stripEmptyLines value; + }) + all-zones; + }; + +} -- cgit v1.2.3 From 3c631cfa76849cb4640e17d8cdda969e4b6f423e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 3 Dec 2017 22:29:18 +0100 Subject: fetchWallpaper: get DISPLAY from xserver.display --- krebs/3modules/fetchWallpaper.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 8d4933cb5..58d361c6e 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -26,8 +26,8 @@ let default = "/var/lib/wallpaper"; }; display = mkOption { - type = types.str; - default = ":0"; + type = types.int; + default = config.services.xserver.display; }; unitConfig = mkOption { type = types.attrsOf types.str; @@ -81,7 +81,7 @@ let environment = { URL = cfg.url; - DISPLAY = cfg.display; + DISPLAY = ":${toString cfg.display}"; }; restartIfChanged = true; -- cgit v1.2.3 From 47e7a6f6880195c41465e92b2d11f060d9e21311 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 3 Dec 2017 23:31:31 +0100 Subject: fetchWallpaper: display should be string --- krebs/3modules/fetchWallpaper.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 58d361c6e..f67188122 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -26,8 +26,8 @@ let default = "/var/lib/wallpaper"; }; display = mkOption { - type = types.int; - default = config.services.xserver.display; + type = types.str; + default = ":${toString config.services.xserver.display}"; }; unitConfig = mkOption { type = types.attrsOf types.str; @@ -81,7 +81,7 @@ let environment = { URL = cfg.url; - DISPLAY = ":${toString cfg.display}"; + DISPLAY = cfg.display; }; restartIfChanged = true; -- cgit v1.2.3 From 054d0cceb132d5f5766de31b3e859c4786fb0661 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 4 Dec 2017 01:01:26 +0100 Subject: ircd: add motd --- krebs/2configs/ircd.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs') diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index 38f58952e..b534f9ad4 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -7,6 +7,9 @@ services.charybdis = { enable = true; + motd = '' + hello + ''; config = '' serverinfo { name = "${config.krebs.build.host.name}.irc.retiolum"; -- cgit v1.2.3 From f2bdf5590eb97e6fde86e332f93a733005dfb4a7 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Dec 2017 16:24:52 +0100 Subject: xmonad-stockholm: 1.1.0 -> 1.1.1 --- krebs/5pkgs/haskell/xmonad-stockholm.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix index bf19e7d66..954cfd76a 100644 --- a/krebs/5pkgs/haskell/xmonad-stockholm.nix +++ b/krebs/5pkgs/haskell/xmonad-stockholm.nix @@ -1,13 +1,13 @@ { mkDerivation, base, containers, fetchgit, stdenv, X11, X11-xshape , xmonad, xmonad-contrib }: -mkDerivation { +mkDerivation rec { pname = "xmonad-stockholm"; - version = "1.1.0"; + version = "1.1.1"; src = fetchgit { url = http://cgit.ni.krebsco.de/xmonad-stockholm; - rev = "179d29fd4c765dee698058ef63295331ac603639"; - sha256 = "0c6mj68xsxxr4j8adkzhjszi7bg6cpisrsmqn587a16sblpbrnkj"; + rev = "refs/tags/v${version}"; + sha256 = "05nnfg6q35z3qgf507qa80bz32jl4k719dl5phlmchplp3769585"; }; libraryHaskellDepends = [ base containers X11 X11-xshape xmonad xmonad-contrib -- cgit v1.2.3 From d039cd9f487bac52e598f6a715924c58315a1e0a Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Dec 2017 22:36:03 +0100 Subject: haskellPackages.nix-diff: init at 1.0.0 --- krebs/5pkgs/haskell/nix-diff.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 krebs/5pkgs/haskell/nix-diff.nix (limited to 'krebs') diff --git a/krebs/5pkgs/haskell/nix-diff.nix b/krebs/5pkgs/haskell/nix-diff.nix new file mode 100644 index 000000000..2070dbd2e --- /dev/null +++ b/krebs/5pkgs/haskell/nix-diff.nix @@ -0,0 +1,22 @@ +{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl +, nix-derivation, optparse-generic, stdenv, system-filepath, text +, unix, vector +}: +mkDerivation { + pname = "nix-diff"; + version = "1.0.0"; + src = fetchgit { + url = "https://github.com/Gabriel439/nix-diff"; + sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k"; + rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d"; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + attoparsec base containers Diff mtl nix-derivation optparse-generic + system-filepath text unix vector + ]; + homepage = "https://github.com/Gabriel439/nix-diff"; + description = "Explain why two Nix derivations differ"; + license = stdenv.lib.licenses.bsd3; +} -- cgit v1.2.3 From d2de3e883ac0bb229ef45a15fcbf4feb31bb5b75 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Dec 2017 23:08:36 +0100 Subject: stockholm: init --- krebs/5pkgs/simple/stockholm/default.nix | 279 +++++++++++++++++++++++++++++++ 1 file changed, 279 insertions(+) create mode 100644 krebs/5pkgs/simple/stockholm/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix new file mode 100644 index 000000000..3d41c49c2 --- /dev/null +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -0,0 +1,279 @@ +{ pkgs }: let + + stockholm-dir = ../../../..; + + lib = import (stockholm-dir + "/lib"); + + # + # high level commands + # + + cmds.deploy = pkgs.withGetopt { + diff = { default = /* sh */ "false"; switch = true; }; + force-populate = { default = /* sh */ "false"; switch = true; }; + quiet = { default = /* sh */ "false"; switch = true; }; + source_file = { + default = /* sh */ "$user/1systems/$system/source.nix"; + long = "source"; + }; + system = {}; + target.default = /* sh */ "$system"; + user.default = /* sh */ "$LOGNAME"; + } (opts: pkgs.writeDash "stockholm.deploy" '' + set -efu + + . ${init.env} + . ${init.proxy "deploy" opts} + + if \test ${opts.diff.ref} = true; then + + system_profile=/nix/var/nix/profiles/system + system_drv_cur=/etc/system.drv + + system_drv_new=$( + ${pkgs.nix}/bin/nix-instantiate \ + -Q \ + -I "$target_path" \ + -E ' + (import { + modules = [ ]; + }).config.system.build.toplevel + ' + ) + + if \test -e "$system_drv_cur"; then + + system_drv_cur_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_cur") + system_drv_new_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_new") + + if \test "$system_drv_cur_c" = "$system_drv_new_c"; then + echo "$0: system up to date" >&2 + exit 0 + fi + + system_drv_cur=$system_drv_cur_c \ + system_drv_new=$system_drv_new_c \ + ${pkgs.utillinux}/bin/script \ + --command ' + ${pkgs.haskellPackages.nix-diff}/bin/nix-diff \ + "$system_drv_cur" "$system_drv_new" + ' \ + --quiet \ + --return \ + /dev/null + + printf 'deploy? [N/y] ' >&2 + read -r REPLY + if \test "$REPLY" != y; then + echo "$0: abort!" >&2 + exit 1 + fi + else + echo "$0: --${opts.diff.long} has no effect because "$system_drv_cur" doesn't exist" >&2 + fi + + new_system=$(${pkgs.nix}/bin/nix-store --realize "$system_drv_new") + + ${pkgs.nix}/bin/nix-env -p "$system_profile" --set "$new_system" + PATH=${lib.makeBinPath [ + pkgs.systemd + ]} \ + "$system_profile"/bin/switch-to-configuration switch + + ${pkgs.coreutils}/bin/ln -fns "$system_drv_new" "$system_drv_cur" + exit + fi + + # Use system's nixos-rebuild, which is not self-contained + export PATH=/run/current-system/sw/bin + exec ${utils.with-whatsupnix} \ + nixos-rebuild switch \ + --show-trace \ + -I "$target_path" + ''); + + cmds.install = pkgs.withGetopt { + force-populate = { default = /* sh */ "false"; switch = true; }; + quiet = { default = /* sh */ "false"; switch = true; }; + source_file = { + default = /* sh */ "$user/1systems/$system/source.nix"; + long = "source"; + }; + system = {}; + target = {}; + user.default = /* sh */ "$LOGNAME"; + } (opts: pkgs.writeBash "stockholm.install" '' + set -efu + + . ${init.env} + + if \test "''${using_proxy-}" != true; then + ${pkgs.openssh}/bin/ssh \ + -o StrictHostKeyChecking=no \ + -o UserKnownHostsFile=/dev/null \ + "$target_user@$target_host" -p "$target_port" \ + env target_path=$(${pkgs.quote}/bin/quote "$target_path") \ + sh -s prepare \ + < ${stockholm-dir + "/krebs/4lib/infest/prepare.sh"} + # TODO inline prepare.sh? + fi + + . ${init.proxy "install" opts} + + # Reset PATH because we need access to nixos-install. + # TODO provide nixos-install instead of relying on prepare.sh + export PATH="$OLD_PATH" + + # these variables get defined by nix-shell (i.e. nix-build) from + # XDG_RUNTIME_DIR and reference the wrong directory (/run/user/0), + # which only exists on / and not at /mnt. + export NIX_BUILD_TOP=/tmp + export TEMPDIR=/tmp + export TEMP=/tmp + export TMPDIR=/tmp + export TMP=/tmp + export XDG_RUNTIME_DIR=/tmp + + export NIXOS_CONFIG="$target_path/nixos-config" + + cd + exec nixos-install + ''); + + cmds.test = pkgs.withGetopt { + force-populate = { default = /* sh */ "false"; switch = true; }; + quiet = { default = /* sh */ "false"; switch = true; }; + source_file = { + default = /* sh */ "$user/1systems/$system/source.nix"; + long = "source"; + }; + system = {}; + target = {}; + user.default = /* sh */ "$LOGNAME"; + } (opts: pkgs.writeDash "stockholm.test" /* sh */ '' + set -efu + + export dummy_secrets=true + + . ${init.env} + . ${init.proxy "test" opts} + + exec ${utils.build} config.system.build.toplevel + ''); + + # + # low level commands + # + + # usage: get-source SOURCE_FILE + cmds.get-source = pkgs.writeDash "stockholm.get-source" '' + set -efu + exec ${pkgs.nix}/bin/nix-instantiate \ + --eval \ + --json \ + --readonly-mode \ + --show-trace \ + --strict \ + "$1" + ''; + + # usage: parse-target [--default=TARGET] TARGET + # TARGET = [USER@]HOST[:PORT][/PATH] + cmds.parse-target = pkgs.withGetopt { + default_target = { + long = "default"; + short = "d"; + }; + } (opts: pkgs.writeDash "stockholm.parse-target" '' + set -efu + target=$1; shift + for arg; do echo "$0: bad argument: $arg" >&2; done + if \test $# != 0; then exit 2; fi + exec ${pkgs.jq}/bin/jq \ + -enr \ + --arg default_target "$default_target" \ + --arg target "$target" \ + -f ${pkgs.writeText "stockholm.parse-target.jq" '' + def parse: match("^(?:([^@]+)@)?([^:/]+)?(?::([0-9]+))?(/.*)?$") | { + user: .captures[0].string, + host: .captures[1].string, + port: .captures[2].string, + path: .captures[3].string, + }; + def sanitize: with_entries(select(.value != null)); + ($default_target | parse) + ($target | parse | sanitize) | + . + { local: (.user == env.LOGNAME and .host == env.HOSTNAME) } + ''} + ''); + + init.env = pkgs.writeText "init.env" /* sh */ '' + export quiet + export system + export target + export user + + default_target=root@$system:22/var/src + + export target_object="$(parse-target "$target" -d "$default_target")" + export target_user="$(echo $target_object | ${pkgs.jq}/bin/jq -r .user)" + export target_host="$(echo $target_object | ${pkgs.jq}/bin/jq -r .host)" + export target_port="$(echo $target_object | ${pkgs.jq}/bin/jq -r .port)" + export target_path="$(echo $target_object | ${pkgs.jq}/bin/jq -r .path)" + export target_local="$(echo $target_object | ${pkgs.jq}/bin/jq -r .local)" + ''; + + init.proxy = command: opts: pkgs.writeText "init.proxy" /* sh */ '' + if \test "''${using_proxy-}" != true; then + + source=$(get-source "$source_file") + qualified_target=$target_user@$target_host:$target_port$target_path + if \test "$force_populate" = true; then + echo "$source" | ${pkgs.populate}/bin/populate --force "$qualified_target" + else + echo "$source" | ${pkgs.populate}/bin/populate "$qualified_target" + fi + + if \test "$target_local" != true; then + exec ${pkgs.openssh}/bin/ssh \ + "$target_user@$target_host" -p "$target_port" \ + cd "$target_path/stockholm" \; \ + NIX_PATH=$(${pkgs.quote}/bin/quote "$target_path") \ + STOCKHOLM_VERSION=$(${pkgs.quote}/bin/quote "$STOCKHOLM_VERSION") \ + nix-shell --run "$(${pkgs.quote}/bin/quote " + ${lib.concatStringsSep " " (lib.mapAttrsToList + (name: opt: /* sh */ + "${opt.varname}=\$(${pkgs.quote}/bin/quote ${opt.ref})") + opts + )} \ + using_proxy=true \ + ${lib.shell.escape command} \ + $WITHGETOPT_ORIG_ARGS \ + ")" + fi + fi + ''; + + utils.build = pkgs.writeDash "utils.build" '' + set -efu + ${utils.with-whatsupnix} \ + ${pkgs.nix}/bin/nix-build \ + --no-out-link \ + --show-trace \ + -E "with import ; $1" \ + -I "$target_path" \ + ''; + + utils.with-whatsupnix = pkgs.writeDash "utils.with-whatsupnix" '' + set -efu + if \test "$quiet" = true; then + "$@" -Q 2>&1 | ${pkgs.whatsupnix}/bin/whatsupnix + else + exec "$@" + fi + ''; + +in + + pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link: + lib.nameValuePair "/bin/${name}" { inherit link; } + ) cmds) -- cgit v1.2.3 From 3fb25717c5c7dbe69f56cea4c529cac398789c2b Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Dec 2017 23:20:50 +0100 Subject: stockholm: interpolate cmds.* --- krebs/5pkgs/simple/stockholm/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 3d41c49c2..3d9cea64d 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -214,7 +214,9 @@ default_target=root@$system:22/var/src - export target_object="$(parse-target "$target" -d "$default_target")" + export target_object="$( + ${cmds.parse-target} "$target" -d "$default_target" + )" export target_user="$(echo $target_object | ${pkgs.jq}/bin/jq -r .user)" export target_host="$(echo $target_object | ${pkgs.jq}/bin/jq -r .host)" export target_port="$(echo $target_object | ${pkgs.jq}/bin/jq -r .port)" @@ -225,7 +227,7 @@ init.proxy = command: opts: pkgs.writeText "init.proxy" /* sh */ '' if \test "''${using_proxy-}" != true; then - source=$(get-source "$source_file") + source=$(${cmds.get-source} "$source_file") qualified_target=$target_user@$target_host:$target_port$target_path if \test "$force_populate" = true; then echo "$source" | ${pkgs.populate}/bin/populate --force "$qualified_target" -- cgit v1.2.3 From 289dd785e5bd5f3a628a7f0282ed4f8638277c5c Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Dec 2017 23:25:09 +0100 Subject: stockholm: export HOSTNAME and STOCKHOLM_VERSION --- krebs/5pkgs/simple/stockholm/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 3d9cea64d..da07c8120 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -207,6 +207,10 @@ ''); init.env = pkgs.writeText "init.env" /* sh */ '' + + export HOSTNAME="$(${pkgs.nettools}/bin/hostname)" + export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${shell.get-version})}" + export quiet export system export target @@ -274,6 +278,16 @@ fi ''; + shell.get-version = pkgs.writeDash "stockholm.get-version" '' + set -efu + version=git.$(${pkgs.git}/bin/git describe --always --dirty) + case $version in (*-dirty) + version=$version@$HOSTNAME + esac + date=$(${pkgs.coreutils}/bin/date +%y.%m) + echo "$date.$version" + ''; + in pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link: -- cgit v1.2.3 From 3f8ae7bf425eb2addef7634a113197774fe3f76a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Dec 2017 23:37:19 +0100 Subject: krebs.hosts: set default --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index a8933e719..7cf02cd8b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -61,6 +61,7 @@ let hosts = mkOption { type = with types; attrsOf host; + default = {}; }; users = mkOption { -- cgit v1.2.3 From 7b38d1a8219ff7cfa39202ff17f1c92bd799c9b0 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 6 Dec 2017 00:02:17 +0100 Subject: stockholm: drop OLD_PATH --- krebs/5pkgs/simple/stockholm/default.nix | 4 ---- 1 file changed, 4 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index da07c8120..5705f086d 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -120,10 +120,6 @@ . ${init.proxy "install" opts} - # Reset PATH because we need access to nixos-install. - # TODO provide nixos-install instead of relying on prepare.sh - export PATH="$OLD_PATH" - # these variables get defined by nix-shell (i.e. nix-build) from # XDG_RUNTIME_DIR and reference the wrong directory (/run/user/0), # which only exists on / and not at /mnt. -- cgit v1.2.3 From 19781ae7a4897c8f67e98ac6c57b75bb0c3d06b4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Dec 2017 00:08:11 +0100 Subject: krebs ci: stockholm=. --- krebs/3modules/ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index adbc1ebe1..b56f5c543 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -104,7 +104,7 @@ in "dummy_secrets": "true", }, command=[ - "nix-shell", "--run", " ".join(["test", + "nix-shell", "-I", "stockholm=.", "--run", " ".join(["test", "--user={}".format(user), "--system={}".format(host), "--force-populate", -- cgit v1.2.3 From 6b089cb852928fbbf345ac41652028804daf94cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Dec 2017 17:12:10 +0100 Subject: l: adopt reagenzglas (for now) --- krebs/3modules/lass/default.nix | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index d2c3000d6..772d96009 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -535,6 +535,45 @@ with import ; }; }; }; + reagenzglas = { + ci = false; + external = true; + nets = { + retiolum = { + ip4.addr = "10.243.27.27"; + ip6.addr = "42::27"; + aliases = [ + "reagenzglas.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEA4Tbq6aiMhPz55Of/WDEmESGmScRJedQSJoyRuDEDabEktdbP/m7P + bwpLp0lGYphx42+lutFcYOGoH/Lglfj39yhDcrpkYfTnzcGOWutXGuZ+iR5vmGj0 + utJRf/4+a4sB5NboBVZ9Ke/RTjDNSov00C2hFCYTXz89Gd2ap1nDPQpnejOS+9aO + 2W6P/WIKhRH7TfW6M7mUCrjVxWXZgdfSCQYxAXU/+1uAGmJ9qlGlQUIGUGv9Znv5 + hurqwAHzSgEkKc2iUumosz6a8W9Oo3TAEC+jMEO2l/+GJ/8VysG1wtLWDX03GU3u + mBAtrJppEw4QNPTeFg6XSFIwV8Z0fWZ4lGsPJLbAkLUMxtKVWKbdrdpnmiQpLfBW + 8BRbT1pjwEdw0hefA6NwCO3/Y5piEaUEz/gYz9xHFMDXUj9stHtaF0HaqonWyb06 + aX3EEqRBxVsj6/Sgd33b77xqY4WBoOlbhfWj+EAD1Ova26lHELpAg0Z4AncpyOzw + pJcX81U8GgQp899YAc3EAldFfiu094CvM2NKd110K90VlTpos+sqFfNE87vpprMu + 3d1NsYzf+FUM/aXASlqTNL+i8qBDAlODkLdj4+VZ2BjkSH+p2BLZouizSzu4X3I/ + lfy554Dbb/98zlwmX9JrWzBRs2GxxFdIDZ1jK+Ci5qM7oTfujBwiE4jZA6wlK8u5 + +IenSBdaJb0J8nS0Bziz/BLkuBCrl/YFelpZlY0pw6WYlraKbf/nsOpumOYh6zdz + 9jiIPElGvso9FhwigX7xWCiYMK3ryAqm8CL0cTscQW3Yy2JKm1tNIQtAacwnNVli + PqdnPJSo942I+Fl6ZPjZ19ivJIqC+2TjGEY2Et8DkiL6YZfy4bM1zhoWMlXBIil0 + ynnKR/h/CC67cq94JCbtRWKiYXIYtfHPQkS7S1Lk6aSYbIch/wROyh7XJ7EGE7nn + GAVMqI/P/qbW3rwEJGXzI4eJAHa2hwpP2Slimf6uUD/6L2bAnduhYoTsnNSjJmNE + hCC+MHohzk7+isZl0jwIEcMpsohMAwoa5BEhbuYJWeUesT/4PeddLIGYubTZAXp2 + ZdYRepSNUEhSZV0H99MhlqeooDJxnWpsiba5Gb0s6p4gTReGy0jMtWnxI2P5RUFX + vEGt77v4MGrWYTzAL/ZRmESsOj7TXqpSK5YcMC2nr8PcV66LuMjOkRrGoVOV3fBe + G/9pNVb68SRwfPoGa5nGe6C7GPcgko9rgGLLcU1r/4L2bqFhdIQdSfaUX2Hscm44 + 5GdN2UvuwwVxOyU1uPqJcBNnr2yt3x3kw5+zDQ00z/pFntTXWm19m6BUtbkdwN2x + Bn1P3P/mRTEaHxQr9RGg8Zjnix/Q6G7I5QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { lass = { -- cgit v1.2.3 From e909dcaefe3fd9a7b944babb97a53c824fad3d8c Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Dec 2017 17:58:08 +0100 Subject: l: add jeschli user --- krebs/3modules/lass/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 772d96009..ff6ba474f 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -622,5 +622,8 @@ with import ; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE"; mail = "joerg@higgsboson.tk"; }; + jeschli = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01"; + }; }; } -- cgit v1.2.3 From 8dcf39d38372391eed74318a5b67885b1a6ac29c Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 8 Dec 2017 13:37:52 +0100 Subject: ma hosts: disable v6 for wbob, disable pubkey for latte --- krebs/3modules/makefu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 080b8fced..9f1842b88 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -107,7 +107,7 @@ with import ; ci = true; cores = 1; ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte"; + # ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte"; nets = { internet = { ip4.addr = "185.215.224.160"; @@ -500,7 +500,7 @@ with import ; }; retiolum = { ip4.addr = "10.243.214.15"; - ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; + # ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ "wbob.r" ]; -- cgit v1.2.3 From b4fb85aa44a7094a8adb9fd60ffde75d13841ae9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 11 Dec 2017 20:24:24 +0100 Subject: l: add xerxes.r --- krebs/3modules/lass/default.nix | 45 ++++++++++++++++++++++++++++++++++++++ krebs/3modules/lass/ssh/xerxes.rsa | 1 + 2 files changed, 46 insertions(+) create mode 100644 krebs/3modules/lass/ssh/xerxes.rsa (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ff6ba474f..ecf549df9 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -574,6 +574,47 @@ with import ; }; }; }; + xerxes = { + cores = 2; + nets = rec { + retiolum = { + ip4.addr = "10.243.1.3"; + ip6.addr = "42::1:3"; + aliases = [ + "xerxes.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U + MZyAqNjLuKq3CKzJLo02ZmdFs4CT1Hj28p5IC0wLUWn53hrqdy8cCJDvIiKIv+Jk + gItsxJyMnRtsdDbB6IFJ08D5ReGdAFJT5lqpN0DZuNC6UQRxzUK5fwKYVVzVX2+W + /EZzEPe5XbE69V/Op2XJ2G6byg9KjOzNJyJxyjwVco7OXn1OBNp94NXoFrUO7kxb + mTNnh3D+iB4c3qv8woLhmb+Uh/9MbXS14QrSf85ou4kfUjb5gdhjIlzz+jfA/6XO + X4t86uv8L5IzrhSGb0TmhrIh5HhUmSKT4RdHJom0LB7EASMR2ZY9AqIG11XmXuhj + +2b5INBZSj8Cotv5aoRXiPSaOd7bw7lklYe4ZxAU+avXot9K3/4XVLmi6Wa6Okim + hz+MEYjW5gXY+YSUWXOR4o24jTmDjQJpdL83eKwLVAtbrE7TcVszHX6zfMoQZ5M9 + 3EtOkDMxhC+WfkL+DLQAURhgcPTZoaj0cAlvpb0TELZESwTBI09jh/IBMXHBZwI4 + H1gOD5YENpf0yUbLjVu4p82Qly10y58XFnUmYay0EnEgdPOOVViovGEqTiAHMmm5 + JixtwJDz7a6Prb+owIg27/eE1/E6hpfXpU8U83qDYGkIJazLnufy32MTFE4T9fI4 + hS8icFcNlsobZp+1pB3YK4GV5BnvMwOIVXVlP8yMCRTDRWZ4oYmAZ5apD7OXyNwe + SUP2mCNNlQCqyjRsxj5S1lZQRy1sLQztU5Sff4xYNK+5aPgJACmvSi3uaJAxBloo + 4xCCYzxhaBlvwVISJXZTq76VSPybeQ+pmSZFMleNnWOstvevLFeOoH2Is0Ioi1Fe + vnu5r0D0VYsb746wyRooiEuOAjBmni8X/je6Vwr1gb/WZfZ23EwYpGyakJdxLNv3 + Li+LD9vUfOR80WL608sUU45tAx1RAy6QcH/YDtdClbOdK53+cQVTsYnCvDW8uGlO + scQWgk+od3qvo6yCPO7pRlEd3nedcPSGh/KjBHao6eP+bsVERp733Vb9qrEVwmxv + jlZ1m12V63wHVu9uMAGi9MhK+2Q/l7uLTj03OYpi4NYKL2Bu01VXfoxuauuZLdIJ + Z3ZV+qUcjzZI0PBlGxubq6CqVFoSB7nhHUbcdPQ66WUnwoKq0cKmE7VOlJQvJ07u + /Wsl8BIsxODVt0rTzEAx0hTd5mJCX7sCawRt+NF+1DZizl9ouebNMkNlsEAg4Ps0 + bQerZLcOmpYjGa5+lWDwJIMXVIcxwTmQR86stlP/KQm0vdOvH2ZUWTXcYvCYlHkQ + sgVnnA2wt+7UpZnEBHy04ry+jYaSsPdYgwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; + }; }; users = { lass = { @@ -602,6 +643,10 @@ with import ; mail = "lass@icarus.r"; pubkey = builtins.readFile ./ssh/icarus.rsa; }; + lass-xerxes = { + mail = "lass@xerxes.r"; + pubkey = builtins.readFile ./ssh/xerxes.rsa; + }; fritz = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540"; }; diff --git a/krebs/3modules/lass/ssh/xerxes.rsa b/krebs/3modules/lass/ssh/xerxes.rsa new file mode 100644 index 000000000..2b5da7b25 --- /dev/null +++ b/krebs/3modules/lass/ssh/xerxes.rsa @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGjBN0aFs6GxNwMjCvlddbN6+vb6LZuWiWWe+wbAynaGuGbae0TXCLp0/eMNy7fH8poDjpdW9M4mKbBFKOqyG8WJLCPFoQw761tjKl1hccJn0hFSkQAEGKxtfzHlAl/Mz+59yvqNg7/WNSivv41hE7btYltzRy238VQDYFv2eLM7acyxrgGo7tWOtkbpfELj5cM8Qw1j3TF9bGV5pK6IOEtaHbmalS8Iiz77syAu+6E/y6zKBTtGMHI15l6RNJ/Y7A1LM/WwuNL+9dJMYWJFVHy3/4dpaxiioHREiSawUbz9wNHknCrT6vaPCIVVcujhz9Oee1C5UiYUyyfJrFYdlzaTg7FuLNIt2hKMY6NYx1D8/Pwpq1JOsaEfK/K5ytCgaJb115mRevcaUA5s7KYNWHmmZvy08JzCgSM6ZPRtfkQIcha77wVq6DugJ+KgBz+oADQRKiaMrumOMldd0B3q4Oxb71gDTE1XLAbWJnd/0Up1H5GAtZZUUrMUslZiU/23R6SOkyEMLWQTx/KgkWcz8DZLtib5o03uZpfJDVqp2CR+sjmy4x9aa+lSaOzuZP0KRyg+mOKl0o3zL7TNAzrzSCORVBg7nOh+0SPJkDxVRkc6dVY1L3ZOfdm2P/19fhWEr5ECgVrmYYKnDPwWY1iWJlZsiEc3Mj7KB1m44ov0FJg2hiNnydImqcXTCoszp515MBmeHnpqJsqEZuWS8dAnaEiOwZaSKIO1E7lQ7CoP86+eD4yAwLq6fb2tgjHT69LgDMaIha4hMfrO2o4UDVw9OZMfnPtyatI4pxplaQDoQM1p0dej0rZ7uxL1tfoKAyT0UCdtjhxfnNs0x1gOQbML4eGbqyKuyF82eOQRgKRDqH/tParoE4SRBVi7o3s0kILRmXA3ng3n1uhEiGwPTH8JsQ9huM+XOhH8+CzQeg4yb/jCrhsDzvLaW654+ouq9G+kjwqmO4vLNs5eZxfae84rppbS2MJqK1x8rkJixvKBKEfvYJOuDNV+hXyMbToaq8qtGy7cCSq4+UDio3DsSHY0Tpt9e+yEzoOOqFQLQyq6uHv/+u9MY+VADoa4N64U3S2SXul9tE3g6hOAY0F5BYMbxQSuj59kzwghlAmbsyWN2FCmWdsfCQkkZX7wCTj20DtZB/GdVSGNgHGAoU5JZrXKca3A2Yc9hzbYjyNYr0NmQ9NUbkbaOkcYJRIUXtS2OBOHP+FoUkkqL3ieKXR07l5xJbWLzbyVUxN9Zii4Baj5xnDO/RLZPDvTUxbER/0d1orMZztL2EKmfSn4j4uhWqpi04Rg9sWH+WVLAq22EKhAuqcFEOUimjcyZWYKxcAq5Z51NJNBQB7euz55eCJUZkBUYEpNuYr0UDlmBxKB2r6ZWDeNXT7eLxBdwDHCHSqXV7qOG1vMhHtjbbxmQMnkQ4InhO9TdpaN3tj67nGmc6hhgYO4b7NvyL1/pvDPrHrR/3GzkDkwqvt3uESdVdqAJSCk6gFh9V1aGs= lass@xerxes -- cgit v1.2.3 From 05d85719fc4d3f1f01104fecf8ab7c1af5359588 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 12 Dec 2017 16:29:24 +0100 Subject: pkgs.apt-cacher-ng: rip --- krebs/5pkgs/simple/apt-cacher-ng/default.nix | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 krebs/5pkgs/simple/apt-cacher-ng/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/apt-cacher-ng/default.nix b/krebs/5pkgs/simple/apt-cacher-ng/default.nix deleted file mode 100644 index e3986713b..000000000 --- a/krebs/5pkgs/simple/apt-cacher-ng/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ stdenv, fetchurl, cmake, doxygen, zlib, openssl, bzip2, pkgconfig, libpthreadstubs }: - -stdenv.mkDerivation rec { - name = "apt-cacher-ng-${version}"; - version = "2"; - - src = fetchurl { - url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz"; - sha256 = "0bkc3012vinridl5ch46pwnxjalymx4wf6nxax64nm7bdkcj9azf"; - }; - - NIX_LDFLAGS = "-lpthread"; - buildInputs = [ doxygen cmake zlib openssl bzip2 pkgconfig libpthreadstubs ]; - - meta = { - description = "A caching proxy specialized for linux distribution files"; - homepage = http://www.unix-ag.uni-kl.de/~bloch/acng/; - license = stdenv.lib.licenses.gpl2; - maintainers = [ stdenv.lib.maintainers.makefu ]; - }; -} -- cgit v1.2.3 From 42cdfa733ca9e0432ba6096206ff34fb40b539db Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 12 Dec 2017 16:32:21 +0100 Subject: pkgs.passwdqc-utils: rip --- krebs/5pkgs/simple/passwdqc-utils/default.nix | 37 --------------------------- 1 file changed, 37 deletions(-) delete mode 100644 krebs/5pkgs/simple/passwdqc-utils/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/passwdqc-utils/default.nix b/krebs/5pkgs/simple/passwdqc-utils/default.nix deleted file mode 100644 index 53e7f5482..000000000 --- a/krebs/5pkgs/simple/passwdqc-utils/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ stdenv, pam, - fetchurl, lib, - wordset-file ? null, # set your own wordset-file - ... }: - -stdenv.mkDerivation rec { - name = "passwdqc-utils-${version}"; - version = "1.3.0"; - buildInputs = [ pam ]; - - src = fetchurl { - url = "http://www.openwall.com/passwdqc/passwdqc-${version}.tar.gz"; - sha256 = "0l3zbrp4pvah0dz33m48aqlz9nx663cc1fqhnlwr0p853b10la93"; - }; - - buildTargets = "utils"; - installFlags= [ "BINDIR=$(out)/bin" - "CONFDIR=$(out)/etc" - "SHARED_LIBDIR=$(out)/lib" - "DEVEL_LIBDIR=$(out)/lib" - "SECUREDIR=$(out)/lib/security" - "INCLUDEDIR=$(out)/include" - "MANDIR=$(out)/man" ]; - - patchPhase = lib.optionalString (wordset-file != null) '' - cp -f ${wordset-file} wordset_4k.c - ''; - - installTargets = "install_lib install_utils"; - - meta = { - description = "passwdqc utils (pwqgen,pwqcheck) and library"; - license = stdenv.lib.licenses.bsd3; - maintainers = [ stdenv.lib.maintainers.makefu ]; - patforms = stdenv.lib.platforms.linux; # more installFlags must be set for Darwin,Solaris - }; -} -- cgit v1.2.3 From 7838e709d149b9bf33c542a7451e235a61a29a21 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Dec 2017 18:50:36 +0100 Subject: krebs.backup: restartIfChanged = false --- krebs/3modules/backup.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 6f015d66b..c0b218c15 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -83,6 +83,7 @@ let rsync utillinux ]; + restartIfChanged = false; serviceConfig = rec { ExecStart = start plan; SyslogIdentifier = ExecStart.name; -- cgit v1.2.3 From 47f3d044e4d8e45168d54dc69368a598330b76ae Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Dec 2017 18:53:07 +0100 Subject: krebs.repo-sync: restartIfChanged = false --- krebs/3modules/repo-sync.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 0211b31ba..b2e3aa7c5 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3mod