From e6884999a9a002c20ab854aa14c428792ab72b21 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 31 Aug 2021 21:35:23 +0200 Subject: ma pkgs.mediawiki-matrix-bot: init at 1.0.0 --- makefu/5pkgs/mediawiki-matrix-bot/default.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 makefu/5pkgs/mediawiki-matrix-bot/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/mediawiki-matrix-bot/default.nix b/makefu/5pkgs/mediawiki-matrix-bot/default.nix new file mode 100644 index 000000000..4a91a9161 --- /dev/null +++ b/makefu/5pkgs/mediawiki-matrix-bot/default.nix @@ -0,0 +1,22 @@ +{ buildPythonApplication, fetchFromGitHub, feedparser, matrix-nio, docopt, aiohttp, aiofiles, +mypy }: + +buildPythonApplication rec { + pname = "mediawiki-matrix-bot"; + version = "1.0.0"; + src = fetchFromGitHub { + owner = "nix-community"; + repo = "mediawiki-matrix-bot"; + rev = "v${version}"; + sha256 = "1923097j1xh34jmm0zhmvma614jcxaagj89c1fc1j2qyv14ybsvs"; + }; + propagatedBuildInputs = [ + feedparser matrix-nio docopt aiohttp aiofiles + ]; + nativeBuildInputs = [ + mypy + ]; + checkPhase = '' + mypy --strict mediawiki_matrix_bot + ''; +} -- cgit v1.2.3 From 5c570ab3fc90ca689a9f01c0bffd2470130738ba Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 1 Sep 2021 13:35:05 +0200 Subject: ma nix-community: add mediawiki-matrix-bot --- makefu/1systems/gum/config.nix | 3 ++- .../nix-community/mediawiki-matrix-bot.nix | 23 ++++++++++++++++++++++ .../5pkgs/custom/mediawiki-matrix-bot/default.nix | 22 +++++++++++++++++++++ makefu/5pkgs/mediawiki-matrix-bot/default.nix | 22 --------------------- 4 files changed, 47 insertions(+), 23 deletions(-) create mode 100644 makefu/2configs/nix-community/mediawiki-matrix-bot.nix create mode 100644 makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix delete mode 100644 makefu/5pkgs/mediawiki-matrix-bot/default.nix (limited to 'makefu') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 1cfa8e4a4..adf025fd3 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -23,6 +23,7 @@ in { } + # @@ -182,7 +183,7 @@ in { # krebs infrastructure services - + # ]; makefu.dl-dir = "/var/download"; diff --git a/makefu/2configs/nix-community/mediawiki-matrix-bot.nix b/makefu/2configs/nix-community/mediawiki-matrix-bot.nix new file mode 100644 index 000000000..6dff64121 --- /dev/null +++ b/makefu/2configs/nix-community/mediawiki-matrix-bot.nix @@ -0,0 +1,23 @@ +{ pkgs, ... }: +let + seccfg = toString ; + statecfg = "/var/lib/mediawiki-matrix-bot/config.json"; +in { + systemd.services.mediawiki-matrix-bot = { + description = "Mediawiki Matrix Bot"; + after = [ "network-online.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Restart = "always"; + RestartSec = "60s"; + DynamicUser = true; + StateDirectory = "mediawiki-matrix-bot"; + PermissionsStartOnly = true; + ExecStartPre = pkgs.writeDash "mediawikibot-copy-config" '' + install -D -m644 ${seccfg} ${statecfg} + ''; + ExecStart = "${pkgs.mediawiki-matrix-bot}/bin/mediawiki-matrix-bot ${statecfg}"; + PrivateTmp = true; + }; + }; +} diff --git a/makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix b/makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix new file mode 100644 index 000000000..4a91a9161 --- /dev/null +++ b/makefu/5pkgs/custom/mediawiki-matrix-bot/default.nix @@ -0,0 +1,22 @@ +{ buildPythonApplication, fetchFromGitHub, feedparser, matrix-nio, docopt, aiohttp, aiofiles, +mypy }: + +buildPythonApplication rec { + pname = "mediawiki-matrix-bot"; + version = "1.0.0"; + src = fetchFromGitHub { + owner = "nix-community"; + repo = "mediawiki-matrix-bot"; + rev = "v${version}"; + sha256 = "1923097j1xh34jmm0zhmvma614jcxaagj89c1fc1j2qyv14ybsvs"; + }; + propagatedBuildInputs = [ + feedparser matrix-nio docopt aiohttp aiofiles + ]; + nativeBuildInputs = [ + mypy + ]; + checkPhase = '' + mypy --strict mediawiki_matrix_bot + ''; +} diff --git a/makefu/5pkgs/mediawiki-matrix-bot/default.nix b/makefu/5pkgs/mediawiki-matrix-bot/default.nix deleted file mode 100644 index 4a91a9161..000000000 --- a/makefu/5pkgs/mediawiki-matrix-bot/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ buildPythonApplication, fetchFromGitHub, feedparser, matrix-nio, docopt, aiohttp, aiofiles, -mypy }: - -buildPythonApplication rec { - pname = "mediawiki-matrix-bot"; - version = "1.0.0"; - src = fetchFromGitHub { - owner = "nix-community"; - repo = "mediawiki-matrix-bot"; - rev = "v${version}"; - sha256 = "1923097j1xh34jmm0zhmvma614jcxaagj89c1fc1j2qyv14ybsvs"; - }; - propagatedBuildInputs = [ - feedparser matrix-nio docopt aiohttp aiofiles - ]; - nativeBuildInputs = [ - mypy - ]; - checkPhase = '' - mypy --strict mediawiki_matrix_bot - ''; -} -- cgit v1.2.3 From ee66b2f02d455060267f8f59c1fea97b8310668d Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Sep 2021 18:23:38 +0200 Subject: ma pkgs/dev: add cyberlocker --- makefu/2configs/tools/dev.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index ac6d91e85..36f867559 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -33,6 +33,7 @@ cac-api cac-panel krebszones + cyberlocker-tools ovh-zone gen-oath-safe cdrtools -- cgit v1.2.3 From 1ea6362ab559036bc86e8576b810b0f500fa3a30 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Sep 2021 18:40:25 +0200 Subject: ma pkgs: add mediawiki-matrix-bot --- makefu/5pkgs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index 756734b65..2d54455e6 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -41,6 +41,7 @@ in { inherit (callPackage ./devpi {}) devpi-web ; nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {}; liveproxy = super.pkgs.python3Packages.callPackage ./custom/liveproxy {}; + mediawiki-matrix-bot = super.pkgs.python3Packages.callPackage ./custom/mediawiki-matrix-bot {}; hydra-check = super.pkgs.python3Packages.callPackage ./custom/hydra-check {}; pwqgen-ger = super.pkgs.passwdqc-utils.override { wordset-file = super.pkgs.fetchurl { -- cgit v1.2.3 From 05381eb02e1b39b3a371b4d530c20ea1201aeaae Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Sep 2021 20:42:42 +0200 Subject: ma gum: add supervision --- makefu/1systems/gum/config.nix | 1 + makefu/2configs/nix-community/supervision.nix | 82 +++++++++++++++++++++++++++ 2 files changed, 83 insertions(+) create mode 100644 makefu/2configs/nix-community/supervision.nix (limited to 'makefu') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index adf025fd3..2a1d39c04 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -24,6 +24,7 @@ in { + # diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix new file mode 100644 index 000000000..f648b9c17 --- /dev/null +++ b/makefu/2configs/nix-community/supervision.nix @@ -0,0 +1,82 @@ +{ config, lib, pkgs, ... }: +let + isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules; + port = "9273"; +in { + + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT + ''; + + services.telegraf = { + enable = true; + extraConfig = { + agent.interval = "60s"; + inputs = { + prometheus.metric_version = 2; + kernel_vmstat = { }; + smart = lib.mkIf (!isVM) { + path = pkgs.writeShellScript "smartctl" '' + exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@" + ''; + }; + system = { }; + mem = { }; + file = [{ + data_format = "influx"; + file_tag = "name"; + files = [ "/var/log/telegraf/*" ]; + }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) { + name_override = "ext4_errors"; + files = [ "/sys/fs/ext4/*/errors_count" ]; + data_format = "value"; + }; + exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) { + ## Commands array + commands = [ + (pkgs.writeScript "zpool-health" '' + #!${pkgs.gawk}/bin/awk -f + BEGIN { + while ("${pkgs.zfs}/bin/zpool status" | getline) { + if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 } + if ($1 ~ /state:/) { printf " state=\"%s\",", $2 } + if ($1 ~ /errors:/) { + if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2 + } + } + } + '') + ]; + data_format = "influx"; + }; + systemd_units = { }; + swap = { }; + disk.tagdrop = { + fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ]; + device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ]; + }; + diskio = { }; + }; + outputs.prometheus_client = { + listen = ":${port}"; + metric_version = 2; + }; + }; + }; + + security.sudo.extraRules = lib.mkIf (!isVM) [{ + users = [ "telegraf" ]; + commands = [{ + command = "${pkgs.smartmontools}/bin/smartctl"; + options = [ "NOPASSWD" ]; + }]; + }]; + # avoid logging sudo use + security.sudo.configFile = '' + Defaults:telegraf !syslog,!pam_session + ''; + # create dummy file to avoid telegraf errors + systemd.tmpfiles.rules = [ + "f /var/log/telegraf/dummy 0444 root root - -" + ]; +} -- cgit v1.2.3 From 434fba596af8edf91d0dc1635ab481dd838e60eb Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 5 Sep 2021 20:59:07 +0200 Subject: ma secrets: add mediawikibot-config.json dummy file --- makefu/0tests/data/secrets/mediawikibot-config.json | 1 + 1 file changed, 1 insertion(+) create mode 100644 makefu/0tests/data/secrets/mediawikibot-config.json (limited to 'makefu') diff --git a/makefu/0tests/data/secrets/mediawikibot-config.json b/makefu/0tests/data/secrets/mediawikibot-config.json new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/makefu/0tests/data/secrets/mediawikibot-config.json @@ -0,0 +1 @@ +{} -- cgit v1.2.3 From d81a4fcfdfed37f5b6db61c50fae090aa84a2da5 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 10 Sep 2021 22:32:53 +0200 Subject: ma pkgs.chitubox: bump to 1.9.0 --- makefu/5pkgs/chitubox/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'makefu') diff --git a/makefu/5pkgs/chitubox/default.nix b/makefu/5pkgs/chitubox/default.nix index bea33e64f..d0596e700 100644 --- a/makefu/5pkgs/chitubox/default.nix +++ b/makefu/5pkgs/chitubox/default.nix @@ -4,26 +4,26 @@ , libpulseaudio , xlibs , gst_all_1 -, kerberos +, krb5 , alsaLib }: # via https://raw.githubusercontent.com/simon-the-sourcerer-ab/chitubox/main/default.nix stdenv.mkDerivation rec { pname = "chitubox"; - version = "1.8.1"; + version = "1.9.0"; src = builtins.fetchTarball { #url = "https://sac.chitubox.com/software/download.do?softwareId=17839&softwareVersionId=v${version}&fileName=CHITUBOX_V${version}.tar.gz"; url = "https://archive.org/download/chitubox-v-1.8.1.tar/CHITUBOX_V${version}.tar.gz"; - sha256 = "08fh8w7s5qvlx6bhdg24g81a7zprq7n8m27w2vdv0cd8j0wixbsx"; + sha256 = "1ywcizxdkwlhi8z3jshl3b6ha8iwibssxh8fk7s32h3z8vl8zcl7"; }; nativeBuildInputs = [ autoPatchelfHook ]; buildInputs = with xlibs; [ stdenv.cc.cc.lib libglvnd libgcrypt zlib glib fontconfig freetype libdrm - libxkbcommon libpulseaudio kerberos alsaLib + libxkbcommon libpulseaudio alsaLib xcbutilwm xcbutilimage xcbutilrenderutil xcbutilkeysyms - gst_all_1.gst-plugins-base gst_all_1.gstreamer + gst_all_1.gst-plugins-base gst_all_1.gstreamer krb5 ]; buildPhase = '' -- cgit v1.2.3