From 5db85240edfbac9c8db2218749add18d5430618a Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 21:23:34 +0100 Subject: n 2: remove MANPAGER --- nin/2configs/default.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index e181a604..260dbc5b 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -82,7 +82,6 @@ with import ; # multiple-definition-problem when defining environment.variables.EDITOR environment.extraInit = '' EDITOR=vim - MANPAGER=most ''; nixpkgs.config.allowUnfree = true; -- cgit v1.2.3 From 1b57bcf233e66710a33380f2de0874be79a96f9e Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 21:25:18 +0100 Subject: n 2: add git status alias --- nin/2configs/default.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 260dbc5b..0ff0f8ae 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -86,6 +86,10 @@ with import ; nixpkgs.config.allowUnfree = true; + environment.shellAliases = { + gs = "git status"; + }; + environment.systemPackages = with pkgs; [ #stockholm git -- cgit v1.2.3 From 832fe4868cf6c800a559ebabb07b34babb181853 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 22:08:57 +0100 Subject: n 1 hiawatha: sort, delete, add pkgs --- nin/1systems/hiawatha.nix | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'nin') diff --git a/nin/1systems/hiawatha.nix b/nin/1systems/hiawatha.nix index 6fa8a338..10098528 100644 --- a/nin/1systems/hiawatha.nix +++ b/nin/1systems/hiawatha.nix @@ -76,15 +76,14 @@ with lib; environment.systemPackages = with pkgs; [ firefox - steam - thunderbird - vim git - hexchat networkmanagerapplet python + steam + termite + thunderbird + vim virtmanager - libvirt ]; nixpkgs.config = { -- cgit v1.2.3 From ccdb47ed6c5ab88276214aacc869573dae9b867c Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 22:11:45 +0100 Subject: n 2: add dummy secrects --- nin/2configs/default.nix | 5 ++++- nin/6tests/dummysecrets/ssh.id_ed25519 | 0 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 nin/6tests/dummysecrets/ssh.id_ed25519 (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index 0ff0f8ae..ed205a79 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -58,7 +58,10 @@ with import ; user = config.krebs.users.nin; source = let inherit (config.krebs.build) host; in { nixos-config.symlink = "stockholm/nin/1systems/${host.name}.nix"; - secrets.file = "/home/nin/secrets/${host.name}"; + secrets.file = + if getEnv "dummy_secrets" == "true" + then toString + else "/home/nin/secrets/${host.name}"; stockholm.file = getEnv "PWD"; }; }; diff --git a/nin/6tests/dummysecrets/ssh.id_ed25519 b/nin/6tests/dummysecrets/ssh.id_ed25519 new file mode 100644 index 00000000..e69de29b -- cgit v1.2.3 From 9e201365e262b8c13c03fa42da32c3b57c57c9ba Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 22:20:31 +0100 Subject: n 2: add prism as binary-cache --- nin/2configs/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'nin') diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index ed205a79..fa05a560 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -46,6 +46,12 @@ with import ; SSL_CERT_FILE = ca-bundle; }; }) + { + nix = { + binaryCaches = ["http://cache.prism.r"]; + binaryCachePublicKeys = ["cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="]; + }; + } ]; networking.hostName = config.krebs.build.host.name; -- cgit v1.2.3 From 999e1391c25f4ca8b35fe70675df91aab4c6a2a7 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 22:45:42 +0100 Subject: n: move termite to default pkgs --- nin/1systems/hiawatha.nix | 1 - nin/2configs/default.nix | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) (limited to 'nin') diff --git a/nin/1systems/hiawatha.nix b/nin/1systems/hiawatha.nix index 10098528..9d01d7a7 100644 --- a/nin/1systems/hiawatha.nix +++ b/nin/1systems/hiawatha.nix @@ -80,7 +80,6 @@ with lib; networkmanagerapplet python steam - termite thunderbird vim virtmanager diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix index fa05a560..a1ed76d9 100644 --- a/nin/2configs/default.nix +++ b/nin/2configs/default.nix @@ -107,6 +107,7 @@ with import ; proot populate p7zip + termite unzip unrar hashPassword -- cgit v1.2.3 From 1ab3ea7e240edf496eb6db3725f2b6f0411bbb34 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 22:49:00 +0100 Subject: n 6: add to dummysecrets hashedPassword.nix --- nin/6tests/dummysecrets/hashedPasswords.nix | 1 + 1 file changed, 1 insertion(+) create mode 100644 nin/6tests/dummysecrets/hashedPasswords.nix (limited to 'nin') diff --git a/nin/6tests/dummysecrets/hashedPasswords.nix b/nin/6tests/dummysecrets/hashedPasswords.nix new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/nin/6tests/dummysecrets/hashedPasswords.nix @@ -0,0 +1 @@ +{} -- cgit v1.2.3 From 712b05eb47ef796500a057cd6c2bec50152db970 Mon Sep 17 00:00:00 2001 From: nin Date: Thu, 26 Jan 2017 23:22:35 +0100 Subject: n 2: add git config --- nin/1systems/hiawatha.nix | 1 + nin/1systems/onondaga.nix | 1 + nin/2configs/git.nix | 70 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 72 insertions(+) create mode 100644 nin/2configs/git.nix (limited to 'nin') diff --git a/nin/1systems/hiawatha.nix b/nin/1systems/hiawatha.nix index 9d01d7a7..af865497 100644 --- a/nin/1systems/hiawatha.nix +++ b/nin/1systems/hiawatha.nix @@ -11,6 +11,7 @@ with lib; ../. ../2configs/retiolum.nix + ../2configs/git.nix ]; krebs.build.host = config.krebs.hosts.hiawatha; diff --git a/nin/1systems/onondaga.nix b/nin/1systems/onondaga.nix index 59f26c46..57684703 100644 --- a/nin/1systems/onondaga.nix +++ b/nin/1systems/onondaga.nix @@ -10,6 +10,7 @@ ../2configs/retiolum.nix ../2configs/weechat.nix + ../2configs/git.nix ]; krebs.build.host = config.krebs.hosts.onondaga; diff --git a/nin/2configs/git.nix b/nin/2configs/git.nix new file mode 100644 index 00000000..39f919e7 --- /dev/null +++ b/nin/2configs/git.nix @@ -0,0 +1,70 @@ +{ config, lib, pkgs, ... }: + +with import ; + +let + + out = { + krebs.git = { + enable = true; + cgit = { + settings = { + root-title = "public repositories at ${config.krebs.build.host.name}"; + root-desc = "keep calm and engage"; + }; + }; + repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; + rules = rules; + }; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } + ]; + }; + + repos = public-repos; + + rules = concatMap make-rules (attrValues repos); + + public-repos = mapAttrs make-public-repo { + stockholm = { + cgit.desc = "take all the computers hostage, they'll love you!"; + }; + }; + + make-public-repo = name: { cgit ? {}, ... }: { + inherit cgit name; + public = true; + hooks = { + post-receive = pkgs.git-hooks.irc-announce { + # TODO make nick = config.krebs.build.host.name the default + nick = config.krebs.build.host.name; + channel = "#retiolum"; + server = "ni.r"; + verbose = config.krebs.build.host.name == "onondaga"; + # TODO define branches in some kind of option per repo + branches = [ "master" ]; + }; + }; + }; + + make-rules = + with git // config.krebs.users; + repo: + singleton { + user = [ nin ]; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + } ++ + optional repo.public { + user = attrValues config.krebs.users; + repo = [ repo ]; + perm = fetch; + } ++ + optional (length (repo.collaborators or []) > 0) { + user = repo.collaborators; + repo = [ repo ]; + perm = fetch; + }; + +in out -- cgit v1.2.3