From 3602962200eadaa4f6748bf00cc6b92e188ce964 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 4 Aug 2016 23:59:12 +0200 Subject: l 2 buildbotMaster: don't use ssh anymore --- lass/2configs/buildbot-standalone.nix | 37 ++++++++++++++++------------------- 1 file changed, 17 insertions(+), 20 deletions(-) (limited to 'lass') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 1db3ffd1..90a99033 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -8,9 +8,6 @@ let ControlPath /tmp/%u_sshmux_%r@%h:%p ControlPersist 4h ''; - sshWrapper = pkgs.writeDash "ssh-wrapper" '' - ${pkgs.openssh}/bin/ssh -F ${sshHostConfig} -i ${shell.escape config.lass.build-ssh-privkey.path} "$@" - ''; in { config.krebs.buildbot.master = let @@ -74,7 +71,7 @@ in { # prepare nix-shell # the dependencies which are used by the test script - deps = [ "gnumake", "jq", "nix", "(import ).pkgs.populate" ] + deps = [ "gnumake", "jq", "nix", "(import ).pkgs.populate", "openssh" ] # TODO: --pure , prepare ENV in nix-shell command: # SSL_CERT_FILE,LOGNAME,NIX_REMOTE nixshell = ["nix-shell", @@ -93,20 +90,20 @@ in { for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ - ["make \ + ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + make \ test \ - ssh=${sshWrapper} \ - target=build@localhost${config.users.users.build.home}/testbuild \ + target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ method=build \ system={}".format(i)]) for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: addShell(f,name="build-{}".format(i),env=env_makefu, command=nixshell + \ - ["make \ + ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + make \ test \ - ssh=${sshWrapper} \ - target=build@localhost${config.users.users.build.home}/testbuild \ + target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ method=build \ system={}".format(i)]) @@ -122,30 +119,30 @@ in { for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ - ["make \ + ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + make \ test \ - ssh=${sshWrapper} \ - target=build@localhost${config.users.users.build.home}/testbuild \ + target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ method=eval \ system={}".format(i)]) for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: addShell(f,name="build-{}".format(i),env=env_makefu, command=nixshell + \ - ["make \ + ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + make \ test \ - ssh=${sshWrapper} \ - target=build@localhost${config.users.users.build.home}/testbuild \ + target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ method=eval \ system={}".format(i)]) - for i in [ "test-minimal-deploy" ]: + for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf" ]: addShell(f,name="build-{}".format(i),env=env_shared, command=nixshell + \ - ["make \ + ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + make \ test \ - ssh=${sshWrapper} \ - target=build@localhost${config.users.users.build.home}/testbuild \ + target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ method=eval \ system={}".format(i)]) -- cgit v1.2.3 From ececc8718df233cbfa516caf87d498391db4ee75 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Aug 2016 00:00:27 +0200 Subject: l 2 baseX: add mainUser to video group --- lass/2configs/baseX.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 6d26ff89..dce7dae4 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -16,7 +16,7 @@ in { systemWide = true; }; - users.extraUsers.mainUser.extraGroups = [ "audio" ]; + users.extraUsers.mainUser.extraGroups = [ "audio" "video" ]; time.timeZone = "Europe/Berlin"; -- cgit v1.2.3 From 25ab30726a4b6bea9fb907a40c55765b56731ac2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Aug 2016 00:00:43 +0200 Subject: l 2: mkForce NIX_PATH to /var/src --- lass/2configs/default.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 622ef118..dbb2a853 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -44,6 +44,11 @@ with config.krebs.lib; }; }; } + { + environment.variables = { + NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; + }; + } ]; networking.hostName = config.krebs.build.host.name; -- cgit v1.2.3 From f0925c5c44780a623137d82a1f923de628b2f868 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Aug 2016 17:49:40 +0200 Subject: l 2 nixpkgs: c6ca9c8 -> a75c0d9 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index b758bc24..57644754 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/lassulus/nixpkgs; - ref = "c6ca9c8c8b7eb8f8e68868e36fb90e162adf080f"; + ref = "a75c0d9342ecb86dedd11f61a4e6f59ecc42d151"; }; } -- cgit v1.2.3 From 2e109d7151fc070f9453f706962cf3a739556ffb Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 6 Aug 2016 22:35:34 +0200 Subject: l 1 mors: disable bitlbee --- lass/1systems/mors.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 84191da0..92a1b51e 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -17,7 +17,6 @@ ../2configs/wine.nix ../2configs/chromium-patched.nix ../2configs/git.nix - ../2configs/bitlbee.nix ../2configs/skype.nix ../2configs/teamviewer.nix ../2configs/libvirt.nix -- cgit v1.2.3 From ed6dd19c51a5e09120cc86790414fc3e9a29a662 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 6 Aug 2016 23:00:30 +0200 Subject: l 2 newsbot-js: remove truther feed --- lass/2configs/newsbot-js.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/newsbot-js.nix b/lass/2configs/newsbot-js.nix index f2b70d83..46ff3fbf 100644 --- a/lass/2configs/newsbot-js.nix +++ b/lass/2configs/newsbot-js.nix @@ -159,7 +159,6 @@ let torrentfreak|http://feeds.feedburner.com/Torrentfreak|#news torr_news|http://feed.torrentfreak.com/Torrentfreak/|#news travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#news - #truther|http://truthernews.wordpress.com/feed/|#news un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#news un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#news un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#news -- cgit v1.2.3 From 2a259d83c17905b5aeee5191ac68d408d3bc799e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 6 Aug 2016 23:16:18 +0200 Subject: l 2 mpv: add up/down commands --- lass/2configs/mpv.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass') diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index ff5698e4..9988e788 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -28,6 +28,9 @@ let good = moveToDir "G" "./.good"; delete = moveToDir "D" "./.graveyard"; + up = moveToDir "U" "./up"; + down = moveToDir "Y" "./down"; + deleteCurrentTrack = pkgs.writeText "delete.lua" '' deleted_tmp = "./.graveyard" -- cgit v1.2.3 From 09de4198ea68db1dbc60eee626cd184a9e6f03cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 8 Aug 2016 10:53:48 +0200 Subject: l 1 prism: handle lassul.us cert via group --- lass/1systems/prism.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 1bc8d574..9da261ed 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -188,9 +188,16 @@ in { "fullchain.pem" "full.pem" ]; - user = "ejabberd"; + allowKeysForGroup = true; + group = "lasscert"; }; }; + users.groups.lasscert.members = [ + "dovecot2" + "ejabberd" + "exim" + "nginx" + ]; krebs.nginx.servers."lassul.us" = { server-names = [ "lassul.us" ]; locations = [ -- cgit v1.2.3 From 6e65bdf41ec81f555330f21466f174a753430110 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 Aug 2016 17:14:15 +0200 Subject: l 2 downloading: add makefu to authorizedKeys --- lass/2configs/downloading.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lass') diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix index 597d2072..a6de7c58 100644 --- a/lass/2configs/downloading.nix +++ b/lass/2configs/downloading.nix @@ -15,10 +15,11 @@ in { extraGroups = [ "download" ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - config.krebs.users.lass-uriel.pubkey - config.krebs.users.lass-shodan.pubkey + openssh.authorizedKeys.keys = with config.krebs.users; [ + lass.pubkey + lass-uriel.pubkey + lass-shodan.pubkey + makefu.pubkey ]; }; -- cgit v1.2.3 From 17d78eb7e28d5c5b875f2faeffc8b50e54501aa5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 Aug 2016 22:49:17 +0200 Subject: l 2 buildbot: add build-pkgs test --- lass/2configs/buildbot-standalone.nix | 63 +++++++++++++++++++++++++++++++++-- 1 file changed, 60 insertions(+), 3 deletions(-) (limited to 'lass') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 90a99033..12a5a736 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -44,8 +44,8 @@ in { sched.append(schedulers.SingleBranchScheduler( change_filter=util.ChangeFilter(branch_re=".*"), treeStableTimer=10, - name="prism-all-branches", - builderNames=["build-all"])) + name="build-all-branches", + builderNames=["build-all", "build-pkgs"])) ''; }; builder_pre = '' @@ -111,7 +111,7 @@ in { slavenames=slavenames, factory=f)) - ''; + ''; fast-tests = '' f = util.BuildFactory() @@ -149,7 +149,64 @@ in { bu.append(util.BuilderConfig(name="fast-tests", slavenames=slavenames, factory=f)) + ''; + build-pkgs = '' + f = util.BuildFactory() + f.addStep(grab_repo) + for i in [ + "apt-cacher-ng", + "bepasty-client-cli", + "cac-api", + "cac-cert", + "cac-panel", + "charybdis", + "collectd-connect-time", + "dic", + "drivedroid-gen-repo", + "exim", + "fortclientsslvpn", + "get", + "git-hooks", + "github-hosts-sync", + "go", + "hashPassword", + "haskellPackages.blessings", + "haskellPackages.email-header", + "haskellPackages.megaparsec", + "haskellPackages.scanner", + "haskellPackages.xmonad-stockholm", + "krebspaste", + "krebszones", + "logf", + "much", + "newsbot-js", + "noVNC", + "passwdqc-utils", + "populate", + "posix-array", + "pssh", + "push", + "Reaktor", + "realwallpaper", + "repo-sync", + "retiolum-bootstrap", + "tarantool", + "test", + "tinc_graphs", + "translate-shell", + "urlwatch", + "vncdotool", + "with-tmpdir", + "youtube-tools", + ]: + addShell(f,name="build-{}".format(i),env=env_lass, + command=nixshell + \ + ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + make system=prism pkgs.{}".format(i)]) + bu.append(util.BuilderConfig(name="build-pkgs", + slavenames=slavenames, + factory=f)) ''; }; enable = true; -- cgit v1.2.3