From 6bb208cb691565e74b4e0350cf90e0f8b21fd8e9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 21 Jul 2016 19:40:38 +0200 Subject: l 2 nixpkgs: 11a7899 -> c6ca9c8 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 931aabf0..b758bc24 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/lassulus/nixpkgs; - ref = "11a7899222929b6eb0951f7a1c0182f65b3b4637"; + ref = "c6ca9c8c8b7eb8f8e68868e36fb90e162adf080f"; }; } -- cgit v1.2.3 From d9c6fe8d3a1ea436f0f144559cd0f52c080bc9ea Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 21 Jul 2016 19:47:42 +0200 Subject: l 2: move domes mail stuff to 2/websites --- lass/2configs/exim-smarthost.nix | 1 - lass/2configs/websites/domsen.nix | 43 +++++++++++++++++++++++++++++++-------- 2 files changed, 35 insertions(+), 9 deletions(-) (limited to 'lass') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 1ba99c8c..00a3612f 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -27,7 +27,6 @@ with config.krebs.lib; { from = "lass@aidsballs.de"; to = lass.mail; } { from = "wordpress@ubikmedia.de"; to = lass.mail; } { from = "finanzamt@lassul.us"; to = lass.mail; } - { from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; } { from = "netzclub@lassul.us"; to = lass.mail; } { from = "nebenan@lassul.us"; to = lass.mail; } ]; diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 07df2e8d..becd1a87 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -110,14 +110,6 @@ in { }; }; - users.users.domsen = { - uid = genid "domsen"; - description = "maintenance acc for domsen"; - home = "/home/domsen"; - useDefaultShell = true; - extraGroups = [ "nginx" ]; - createHome = true; - }; #services.phpfpm.phpOptions = '' # extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so @@ -133,5 +125,40 @@ in { cat ${pkgs.php}/etc/php-recommended.ini > $out echo "$options" >> $out ''; + + # MAIL STUFF + # TODO: make into its own module + services.dovecot2 = { + enable = true; + mailLocation = "maildir:~/Mail"; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport pop3"; target = "ACCEPT"; } + { predicate = "-p tcp --dport imap"; target = "ACCEPT"; } + ]; + krebs.exim-smarthost = { + internet-aliases = [ + { from = "dominik@apanowicz.de"; to = "dma@ubikmedia.eu"; } + { from = "mail@jla-trading.com"; to = "jla-trading"; } + ]; + system-aliases = [ + ]; + }; + + users.users.domsen = { + uid = genid "domsen"; + description = "maintenance acc for domsen"; + home = "/home/domsen"; + useDefaultShell = true; + extraGroups = [ "nginx" ]; + createHome = true; + }; + + users.users.jla-trading = { + uid = genid "jla-trading"; + home = "/home/jla-trading"; + useDefaultShell = true; + createHome = true; + }; } -- cgit v1.2.3 From 617814725be64d5a7ce00c8a86a600644c963c67 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 21 Jul 2016 21:26:16 +0200 Subject: l 2 downloading: remove folderPermissions --- lass/2configs/downloading.nix | 14 -------------- 1 file changed, 14 deletions(-) (limited to 'lass') diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix index cf9b631c..597d2072 100644 --- a/lass/2configs/downloading.nix +++ b/lass/2configs/downloading.nix @@ -5,9 +5,6 @@ with config.krebs.lib; let rpc-password = import ; in { - imports = [ - ../3modules/folderPerms.nix - ]; users.extraUsers = { download = { @@ -64,15 +61,4 @@ in { { predicate = "-p udp --dport 51413"; target = "ACCEPT"; } ]; }; - - lass.folderPerms = { - enable = true; - permissions = [ - { - path = "/var/download"; - permission = "775"; - owner = "transmission:download"; - } - ]; - }; } -- cgit v1.2.3 From 0bd78c3b0de0fa79322e9031f45dcc62abd094d1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 21 Jul 2016 21:28:21 +0200 Subject: l 2 git: (re)move some repo-sync repos --- lass/2configs/repo-sync.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lass') diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 45a4e2af..027f31fe 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -91,12 +91,11 @@ in { (sync-remote "repo-sync" "https://github.com/makefu/repo-sync") (sync-remote "skytraq-datalogger" "https://github.com/makefu/skytraq-datalogger") (sync-remote "xintmap" "https://github.com/4z3/xintmap") + (sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper") (sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs") (sync-retiolum "go") (sync-retiolum "much") (sync-retiolum "newsbot-js") - (sync-retiolum "painload") - (sync-retiolum "realwallpaper") (sync-retiolum "stockholm") (sync-retiolum "wai-middleware-time") (sync-retiolum "web-routes-wai-custom") -- cgit v1.2.3 From 29ef105c46287bb9964269004a56c51d4a2834bd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Jul 2016 19:19:18 +0200 Subject: l 2 buildbot: uss ssh sockets --- lass/2configs/buildbot-standalone.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 5afb2368..7c7693ab 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -3,8 +3,13 @@ with config.krebs.lib; let + sshHostConfig = pkgs.writeText "ssh-config" '' + ControlMaster auto + ControlPath /tmp/%u_sshmux_%r@%h:%p + ControlPersist 4h + ''; sshWrapper = pkgs.writeDash "ssh-wrapper" '' - ${pkgs.openssh}/bin/ssh -i ${shell.escape config.lass.build-ssh-privkey.path} "$@" + ${pkgs.openssh}/bin/ssh -F ${sshHostConfig} -i ${shell.escape config.lass.build-ssh-privkey.path} "$@" ''; in { -- cgit v1.2.3 From 947f79a399dd9ca6dd8a177d31d8b016692040f7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Jul 2016 18:03:47 +0200 Subject: l 2 git: allow all users to fetch public repos --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 9a1cab17..ab445071 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -80,7 +80,7 @@ let perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ optional repo.public { - user = [ tv makefu ]; + user = attrValues config.krebs.users; repo = [ repo ]; perm = fetch; } ++ -- cgit v1.2.3 From b139155bee6006f21993f3b2b6bfd5adde6fff6f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Jul 2016 21:36:47 +0200 Subject: l 3 power-action -> k 3 power-action --- lass/1systems/helios.nix | 2 +- lass/2configs/power-action.nix | 4 +- lass/3modules/default.nix | 1 - lass/3modules/power-action.nix | 97 ------------------------------------------ 4 files changed, 3 insertions(+), 101 deletions(-) delete mode 100644 lass/3modules/power-action.nix (limited to 'lass') diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 5f161d73..53026a6f 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -58,7 +58,7 @@ with config.krebs.lib; # }; #} { - lass.power-action.battery = "BAT1"; + krebs.power-action.battery = "BAT1"; } ]; diff --git a/lass/2configs/power-action.nix b/lass/2configs/power-action.nix index 0ff8547c..13396649 100644 --- a/lass/2configs/power-action.nix +++ b/lass/2configs/power-action.nix @@ -11,7 +11,7 @@ let ''; in { - lass.power-action = { + krebs.power-action = { enable = true; plans.low-battery = { upperLimit = 30; @@ -36,6 +36,6 @@ in { ]; security.sudo.extraConfig = '' - ${config.lass.power-action.user.name} ALL= (root) NOPASSWD: ${suspend} + ${config.krebs.power-action.user.name} ALL= (root) NOPASSWD: ${suspend} ''; } diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 6a3b41ca..60370b23 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -4,7 +4,6 @@ _: ./ejabberd ./folderPerms.nix ./mysql-backup.nix - ./power-action.nix ./umts.nix ./urxvtd.nix ./wordpress_nginx.nix diff --git a/lass/3modules/power-action.nix b/lass/3modules/power-action.nix deleted file mode 100644 index 30875c9a..00000000 --- a/lass/3modules/power-action.nix +++ /dev/null @@ -1,97 +0,0 @@ -{ config, lib, pkgs, ... }: - -with config.krebs.lib; - -let - cfg = config.lass.power-action; - - out = { - options.lass.power-action = api; - config = lib.mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "power-action"; - battery = mkOption { - type = types.str; - default = "BAT0"; - }; - user = mkOption { - type = types.user; - default = { - name = "power-action"; - }; - }; - startAt = mkOption { - type = types.str; - default = "*:0/1"; - }; - plans = mkOption { - type = with types; attrsOf (submodule { - options = { - charging = mkOption { - type = nullOr bool; - default = null; - description = '' - check for charging status. - null = don't care - true = only if system is charging - false = only if system is discharging - ''; - }; - upperLimit = mkOption { - type = int; - }; - lowerLimit = mkOption { - type = int; - }; - action = mkOption { - type = path; - }; - }; - }); - }; - }; - - imp = { - systemd.services.power-action = { - serviceConfig = rec { - ExecStart = startScript; - User = cfg.user.name; - }; - startAt = cfg.startAt; - }; - users.users.${cfg.user.name} = { - inherit (cfg.user) name uid; - }; - }; - - startScript = pkgs.writeDash "power-action" '' - set -euf - - power="$(${powerlvl})" - state="$(${state})" - ${concatStringsSep "\n" (mapAttrsToList writeRule cfg.plans)} - ''; - charging_check = plan: - if (plan.charging == null) then "" else - if plan.charging - then ''&& [ "$state" = "true" ]'' - else ''&& ! [ "$state" = "true" ]'' - ; - - writeRule = _: plan: - "if [ $power -ge ${toString plan.lowerLimit} ] && [ $power -le ${toString plan.upperLimit} ] ${charging_check plan}; then ${plan.action}; fi"; - - powerlvl = pkgs.writeDash "powerlvl" '' - cat /sys/class/power_supply/${cfg.battery}/capacity - ''; - - state = pkgs.writeDash "state" '' - if [ "$(cat /sys/class/power_supply/${cfg.battery}/status)" = "Discharging" ] - then echo "false" - else echo "true" - fi - ''; - -in out -- cgit v1.2.3