From 0e607fe1bc50b596301086b064a74232d7126f5c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Jun 2017 19:46:56 +0200 Subject: l nixpkgs: 4847963 -> e84de79 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 2adba34bb..34f0a064b 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "4847963"; + ref = "e84de79"; }; } -- cgit v1.2.3 From 1b2a4d09ed9e30c6874697ca9421087a5573a0ad Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Jun 2017 20:59:02 +0200 Subject: l nixpkgs: e84de79 -> 0a4db15 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 34f0a064b..1c68d58d5 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "e84de79"; + ref = "0a4db15"; }; } -- cgit v1.2.3 From 3be018f9f65e4d7ca2681c9fa20b9f7d2cd32287 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 30 Jun 2017 13:11:17 +0200 Subject: l exim: add polo@lassul.us & shack@lassul.us --- lass/2configs/exim-smarthost.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index b8d00e7d4..fd2f1f765 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -32,6 +32,8 @@ with import ; { from = "feed@lassul.us"; to = lass.mail; } { from = "art@lassul.us"; to = lass.mail; } { from = "irgendwas@lassul.us"; to = lass.mail; } + { from = "polo@lassul.us"; to = lass.mail; } + { from = "shack@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From bc07a6043eecb26c5a995e2dab02e84ef52ebea0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 30 Jun 2017 13:14:57 +0200 Subject: l pkgs.init: use grub with EFI, remove /bku --- lass/5pkgs/init/default.nix | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) (limited to 'lass') diff --git a/lass/5pkgs/init/default.nix b/lass/5pkgs/init/default.nix index b484d2c38..679187531 100644 --- a/lass/5pkgs/init/default.nix +++ b/lass/5pkgs/init/default.nix @@ -19,14 +19,15 @@ pkgs.writeText "init" '' disk=${disk} - luksdev=${disk}2 + luksdev=${disk}3 luksmap=/dev/mapper/${luksmap} vgname=${vgname} + bootdev=/dev/sda2 + rootdev=/dev/mapper/${vgname}-root homedev=/dev/mapper/${vgname}-home - bkudev=/dev/mapper/${vgname}-bku # #generate keyfile @@ -49,7 +50,8 @@ pkgs.writeText "init" '' mklabel gpt \ mkpart no-fs 0 1024KiB \ set 1 bios_grub on \ - mkpart primary 1025KiB 100% + mkpart ESP fat32 1025KiB 1024MiB set 2 boot on \ + mkpart primary 1025MiB 100% fi if ! test "$(blkid -o value -s PARTLABEL "$luksdev")" = primary; then @@ -78,9 +80,8 @@ pkgs.writeText "init" '' lvchange -a y /dev/mapper/"$vgname" - if ! test -e "$rootdev"; then lvcreate -L 100G -n root "$vgname"; fi - if ! test -e "$homedev"; then lvcreate -L 100G -n home "$vgname"; fi - if ! test -e "$bkudev"; then lvcreate -L 200G -n bku "$vgname"; fi + if ! test -e "$rootdev"; then lvcreate -L 7G -n root "$vgname"; fi + if ! test -e "$homedev"; then lvcreate -L 100M -n home "$vgname"; fi # lvchange -a n "$vgname" @@ -89,6 +90,10 @@ pkgs.writeText "init" '' # formatting # + if ! test "$(blkid -o value -s TYPE "$bootdev")" = vfat; then + mkfs.vfat "$bootdev" + fi + if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then mkfs.btrfs "$rootdev" fi @@ -97,22 +102,18 @@ pkgs.writeText "init" '' mkfs.btrfs "$homedev" fi - if ! test "$(blkid -o value -s TYPE "$bkudev")" = btrfs; then - mkfs.btrfs "$bkudev" - fi - if ! test "$(lsblk -n -o MOUNTPOINT "$rootdev")" = /mnt; then mount "$rootdev" /mnt fi + if ! test "$(lsblk -n -o MOUNTPOINT "$bootdev")" = /mnt/boot; then + mkdir -m 0000 -p /mnt/boot + mount "$bootdev" /mnt/boot + fi if ! test "$(lsblk -n -o MOUNTPOINT "$homedev")" = /mnt/home; then mkdir -m 0000 -p /mnt/home mount "$homedev" /mnt/home fi - if ! test "$(lsblk -n -o MOUNTPOINT "$bkudev")" = /mnt/bku; then - mkdir -m 0000 -p /mnt/bku - mount "$bkudev" /mnt/bku - fi # umount -R /mnt @@ -122,6 +123,7 @@ pkgs.writeText "init" '' nix-env -iA nixos.git + # TODO: get sentinal file from target_path mkdir -p /mnt/var/src touch /mnt/var/src/.populate -- cgit v1.2.3 From ee95efd51080341f8be19a685152ecdb4a1f12f5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 30 Jun 2017 13:44:07 +0200 Subject: l icarus: use new fileSystem layout --- lass/1systems/icarus.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'lass') diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix index b869a67a7..13c517e3b 100644 --- a/lass/1systems/icarus.nix +++ b/lass/1systems/icarus.nix @@ -6,9 +6,9 @@ with import ; ../. ../2configs/retiolum.nix ../2configs/hw/tp-x220.nix - ../2configs/baseX.nix ../2configs/git.nix ../2configs/exim-retiolum.nix + ../2configs/baseX.nix ../2configs/browsers.nix ../2configs/programs.nix ../2configs/fetchWallpaper.nix @@ -22,9 +22,9 @@ with import ; loader.grub.enable = true; loader.grub.version = 2; loader.grub.device = "/dev/sda"; - loader.grub.enableCryptodisk = true; + loader.grub.efiSupport = true; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; }; @@ -34,11 +34,14 @@ with import ; fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/bku" = { - device = "/dev/mapper/pool-bku"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; + "/boot" = { + device = "/dev/sda2"; }; + #"/bku" = { + # device = "/dev/mapper/pool-bku"; + # fsType = "btrfs"; + # options = ["defaults" "noatime" "ssd" "compress=lzo"]; + #}; "/home" = { device = "/dev/mapper/pool-home"; fsType = "btrfs"; -- cgit v1.2.3 From e05591d73e4400a901525dc18a54981a5be6f82f Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 30 Jun 2017 13:44:29 +0200 Subject: l mors: use new fileSystem layout --- lass/1systems/mors.nix | 47 ++++++++++++++--------------------------------- 1 file changed, 14 insertions(+), 33 deletions(-) (limited to 'lass') diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index b9ab54503..0bfd54515 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -96,49 +96,30 @@ with import ; loader.grub.enable = true; loader.grub.version = 2; loader.grub.device = "/dev/sda"; + loader.grub.efiSupport = true; - initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; + initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ]; initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; }; fileSystems = { "/" = { - device = "/dev/big/nix"; - fsType = "ext4"; + device = "/dev/mapper/pool-root"; + fsType = "btrfs"; + options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/boot" = { - device = "/dev/sda1"; - }; - - "/mnt/loot" = { - device = "/dev/big/loot"; - fsType = "ext4"; + device = "/dev/sda2"; }; - + #"/bku" = { + # device = "/dev/mapper/pool-bku"; + # fsType = "btrfs"; + # options = ["defaults" "noatime" "ssd" "compress=lzo"]; + #}; "/home" = { - device = "/dev/big/home"; - fsType = "ext4"; - }; - - "/home/lass" = { - device = "/dev/big/home-lass"; - fsType = "ext4"; - }; - - "/home/games/.local/share/Steam" = { - device = "/dev/big/steam"; - fsType = "ext4"; - }; - - "/home/virtual/virtual" = { - device = "/dev/big/virtual"; - fsType = "ext4"; - }; - - "/mnt/conf" = { - device = "/dev/big/conf"; - fsType = "ext4"; + device = "/dev/mapper/pool-home"; + fsType = "btrfs"; + options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; "/tmp" = { device = "tmpfs"; -- cgit v1.2.3 From d5aca8696caeac6d88923e1f668af213abc987fa Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 30 Jun 2017 13:48:55 +0200 Subject: l buildbot: tests hosts in correct order --- lass/2configs/buildbot-standalone.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lass') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index e765ddbb4..449feb382 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -120,9 +120,6 @@ in { system={}".format(host)] ) - for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]: - build_host(env_tv, i) - for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]: build_host(env_lass, i) @@ -135,6 +132,9 @@ in { for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]: build_host(env_shared, i) + for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]: + build_host(env_tv, i) + bu.append( util.BuilderConfig( name="build-hosts", -- cgit v1.2.3 From 70e5b248691010a81a121d206d039cce816a8a79 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 3 Jul 2017 00:07:38 +0200 Subject: l prism.r: fetch nixpkgs only once per day --- lass/1systems/prism.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index af847333d..531dec9df 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -229,6 +229,10 @@ in { OnUnitInactiveSec = "2min"; RandomizedDelaySec = "2min"; }; + krebs.repo-sync.repos.nixpkgs.timerConfig = { + OnBootSec = "90min"; + OnUnitInactiveSec = "24h"; + }; } { lass.usershadow = { -- cgit v1.2.3 From 9adfb0d7f2bc70a78f08f078625beec1d067e596 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 4 Jul 2017 16:35:27 +0200 Subject: l shodan.r: install wine --- lass/1systems/shodan.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index dca616936..044e2ccf8 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -13,6 +13,7 @@ with import ; ../2configs/programs.nix ../2configs/fetchWallpaper.nix ../2configs/backups.nix + ../2configs/wine.nix #{ # users.extraUsers = { # root = { -- cgit v1.2.3 From 1f755eac1f1b5cc7dd00279c1628ebea7b5de0df Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 4 Jul 2017 16:39:10 +0200 Subject: l buildbot: refactor to use nix-shell --- lass/2configs/buildbot-standalone.nix | 76 +++++++++-------------------------- 1 file changed, 18 insertions(+), 58 deletions(-) (limited to 'lass') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 449feb382..6c2a92c08 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -56,51 +56,6 @@ in { mode='full' ) - # TODO: get nixpkgs/stockholm paths from krebs - env_lass = { - "LOGNAME": "lass", - "NIX_REMOTE": "daemon", - "dummy_secrets": "true", - } - env_makefu = { - "LOGNAME": "makefu", - "NIX_REMOTE": "daemon", - "dummy_secrets": "true", - } - env_nin = { - "LOGNAME": "nin", - "NIX_REMOTE": "daemon", - "dummy_secrets": "true", - } - env_shared = { - "LOGNAME": "shared", - "NIX_REMOTE": "daemon", - "dummy_secrets": "true", - } - env_tv = { - "LOGNAME": "tv", - "NIX_REMOTE": "daemon", - "dummy_secrets": "true", - } - - # prepare nix-shell - # the dependencies which are used by the test script - deps = [ - "gnumake", - "jq", - "nix", - "(import ).pkgs.populate", - "openssh" - ] - # TODO: --pure , prepare ENV in nix-shell command: - # SSL_CERT_FILE,LOGNAME,NIX_REMOTE - nixshell = [ - "nix-shell", - "-I", "/var/src", - "-I", "stockholm=.", - "-p" - ] + deps + [ "--run" ] - # prepare addShell function def addShell(factory,**kwargs): factory.addStep(steps.ShellCommand(**kwargs)) @@ -110,30 +65,35 @@ in { f = util.BuildFactory() f.addStep(grab_repo) - def build_host(env, host): - addShell(f,name="build-{}".format(i),env=env, - command=nixshell + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ - echo $HOME; echo $LOGNAME; \ - test -e $HOME/$LOGNAME/nixpkgs || cp -r /var/src/nixpkgs $HOME/$LOGNAME/; \ - make NIX_PATH=$HOME/$LOGNAME:secrets=/var/src/stockholm/null test method=build \ - target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ - system={}".format(host)] + def build_host(user, host): + addShell(f, + name="{}".format(i), + env={ + "LOGNAME": user, + "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", + "NIX_REMOTE": "daemon", + "dummy_secrets": "true", + }, + command=[ + "nix-shell", "--run", + "test --system={} --target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME".format(host) + ] ) for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]: - build_host(env_lass, i) + build_host("lass", i) for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: - build_host(env_makefu, i) + build_host("makefu", i) for i in [ "hiawatha", "onondaga" ]: - build_host(env_nin, i) + build_host("nin", i) for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]: - build_host(env_shared, i) + build_host("shared", i) for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]: - build_host(env_tv, i) + build_host("tv", i) bu.append( util.BuilderConfig( -- cgit v1.2.3 From 589440efcc2644c6d1cb7364ea56083a6541ae99 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 4 Jul 2017 16:40:07 +0200 Subject: l mail: sort = threads as default --- lass/2configs/mail.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index feb532709..e39c09b84 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -48,6 +48,8 @@ let set use_from=yes set envelope_from=yes + set sort=threads + set index_format="%4C %Z %?GI?%GI& ? %[%d/%b] %-16.15F %?M?(%3M)& ? %s %> %?g?%g?" virtual-mailboxes \ -- cgit v1.2.3 From dad5dc23cc4883b40299436616220410e6b1cb05 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 4 Jul 2017 16:42:10 +0200 Subject: l nixpkgs: 0a4db15 -> 2e983f1 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 1c68d58d5..151242e45 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "0a4db15"; + ref = "2e983f1"; }; } -- cgit v1.2.3 From 04f315090f024cffacc489157702a5ea3a9757e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 4 Jul 2017 16:42:41 +0200 Subject: l domsen-websites: add some new domains --- lass/2configs/websites/domsen.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index aaf311576..36ded3b30 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -61,6 +61,11 @@ in { "karlaskop.ubikmedia.de" "nb.ubikmedia.de" "youthtube.ubikmedia.de" + "weirdwednesday.ubikmedia.de" + "weirdwednesday.de" + "www.weirdwednesday.de" + "freemonkey.ubikmedia.de" + "jarugadesign.ubikmedia.de" ]) ]; -- cgit v1.2.3 From b338c2e73c30368d5288b0b1e222c0113cb55b0c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 4 Jul 2017 16:43:03 +0200 Subject: l default.nix: don't set stockholm.file --- lass/2configs/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index d7deb3165..27b74a30b 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -79,7 +79,6 @@ with import ; if getEnv "dummy_secrets" == "true" then toString else "/home/lass/secrets/${host.name}"; - stockholm.file = getEnv "PWD"; }; }; }; -- cgit v1.2.3