From d999dc6d2536cb378e057a55759457fdfb5db7a4 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 24 Oct 2016 14:38:54 +0200 Subject: tv: DRY up ca-bundle defs --- tv/2configs/default.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'tv') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 39d0c4f6b..0854e53c2 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -112,13 +112,14 @@ with import ; }; } - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; - }; - }) + { + environment.variables = + flip genAttrs (_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt") [ + "CURL_CA_BUNDLE" + "GIT_SSL_CAINFO" + "SSL_CERT_FILE" + ]; + } { services.cron.enable = false; -- cgit v1.2.3 From 49c5be760ff16615527aa88aeada15534b01dc84 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 18:35:28 +0200 Subject: tv netcup: init at 1.0.0 --- tv/5pkgs/netcup/default.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 tv/5pkgs/netcup/default.nix (limited to 'tv') diff --git a/tv/5pkgs/netcup/default.nix b/tv/5pkgs/netcup/default.nix new file mode 100644 index 000000000..2443e9e73 --- /dev/null +++ b/tv/5pkgs/netcup/default.nix @@ -0,0 +1,32 @@ +{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, w3m, ... }: +with import ; +let + readJSON = path: fromJSON (readFile path); + sed.escape = replaceChars ["/"] ["\\/"]; # close enough + PATH = makeBinPath [ + coreutils + curl + gawk + gnugrep + gnused + jq + w3m + ]; +in +stdenv.mkDerivation { + name = "netcup-1.0.0"; + src = fetchgit { + url = "http://cgit.cd.krebsco.de/netcup"; + rev = "tags/v1.0.0"; + sha256 = "0m6mk16pblvnapxykxdccvphslbv1gjfziyr86bnqin1xb1g99bq"; + }; + phases = [ "unpackPhase" "patchPhase" "installPhase" ]; + patchPhase = '' + path=${shell.escape (sed.escape PATH)} + sed -i "1s/.*/&\nPATH=$path/" vcp + ''; + installPhase = '' + mkdir -p $out/bin + cp vcp $out/bin + ''; +} -- cgit v1.2.3 From c1a423b6857f2140a9c9b425f9d5f81a679537bb Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 18:36:17 +0200 Subject: xu pkgs += netcup --- tv/1systems/xu.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'tv') diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index a84da38db..a7e0b839d 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -54,6 +54,7 @@ with import ; jq mkpasswd netcat + netcup nix-repl nmap p7zip -- cgit v1.2.3 From b364aa96c9b162fc6e87dbfdb9a643551a285f7f Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Oct 2016 19:44:53 +0200 Subject: tv nixpkgs: e4fb65a -> 0195ab8 --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tv') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 0854e53c2..1114ac1a5 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "e4fb65a3627f8c17a2f92c08bf302dc30f0a8db9"; + ref = "0195ab84607ac3a3aa07a79d2d6c2781b1bb6731"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 102d2515bcf4939f064ed791d09a2bf7aab2ff32 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 3 Nov 2016 15:25:56 +0100 Subject: tv nixpkgs: 0195ab8 -> 238c7e0 --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tv') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 1114ac1a5..514d313c1 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "0195ab84607ac3a3aa07a79d2d6c2781b1bb6731"; + ref = "238c7e0dbf73d7f330689cb6ec4b1218526cee4e"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 174c7ab9bd60d948c494d42621cdc85fde8ac318 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 4 Nov 2016 23:40:43 +0100 Subject: tv git: add loldns --- tv/2configs/git.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'tv') diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index d937be2c4..eb13e4282 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -32,6 +32,9 @@ let get = {}; hack = {}; load-env = {}; + loldns = { + cgit.desc = "toy DNS server"; + }; make-snapshot = {}; much = {}; netcup = { -- cgit v1.2.3 From c8068a7c5027a94ca8480f94c6a31a5663c6106a Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Nov 2016 01:06:59 +0100 Subject: tv q: report charge, power, and remaining time --- tv/5pkgs/q/default.nix | 110 +++++++++++++++++++++++++++++++------------------ 1 file changed, 70 insertions(+), 40 deletions(-) (limited to 'tv') diff --git a/tv/5pkgs/q/default.nix b/tv/5pkgs/q/default.nix index f923950f0..016da4405 100644 --- a/tv/5pkgs/q/default.nix +++ b/tv/5pkgs/q/default.nix @@ -62,47 +62,77 @@ let fi ''; - q-power_supply = '' - for uevent in /sys/class/power_supply/*/uevent; do - if test -f $uevent; then - eval "$(${pkgs.gnused}/bin/sed -n ' - s/^\([A-Z_]\+=\)\(.*\)/\1'\'''\2'\'''/p - ' $uevent)" - - if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then - continue - fi - - charge_percentage=$(echo " - scale=2 - $POWER_SUPPLY_CHARGE_NOW / $POWER_SUPPLY_CHARGE_FULL - " | ${pkgs.bc}/bin/bc) - - lfc=$POWER_SUPPLY_CHARGE_FULL - rc=$POWER_SUPPLY_CHARGE_NOW - #rc=2800 - N=78; N=76 - N=10 - n=$(echo $N-1 | ${pkgs.bc}/bin/bc) - centi=$(echo "$rc*100/$lfc" | ${pkgs.bc}/bin/bc) - deci=$(echo "$rc*$N/$lfc" | ${pkgs.bc}/bin/bc) - energy_evel=$( - echo -n '☳ ' # TRIGRAM FOR THUNDER - if test $centi -ge 42; then echo -n '' - elif test $centi -ge 23; then echo -n '' - elif test $centi -ge 11; then echo -n '' - else echo -n ''; fi - for i in $(${pkgs.coreutils}/bin/seq 1 $deci); do - echo -n ■ - done - echo -n '' - for i in $(${pkgs.coreutils}/bin/seq $deci $n); do - echo -n ■ - done - echo '' $rc #/ $lfc - ) - echo "$energy_evel $charge_percentage" + q-power_supply = let + power_supply = pkgs.writeBash "power_supply" '' + set -efu + uevent=$1 + eval "$(${pkgs.gnused}/bin/sed -n ' + s/^\([A-Z_]\+=[0-9A-Za-z_-]*\)$/export \1/p + ' $uevent)" + if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then + exit # not battery fi + exec = .42) t_col = "1;32" + else if (r >= 23) t_col = "1;33" + else if (r >= 11) t_col = "1;31" + else t_col = "5;1;31" + return sgr(t_col) strdup("■", t1) sgr(";30") strdup("■", t2) sgr() + } + + function sgr(p) { + return "\x1b[" p "m" + } + + function strdup(s,n,t) { + t = sprintf("%"n"s","") + gsub(/ /,s,t) + return t + } + + END { + voltage_unit = "V" + voltage_now = ENVIRON["POWER_SUPPLY_VOLTAGE_NOW"] / 10^6 + voltage_min_design = ENVIRON["POWER_SUPPLY_VOLTAGE_MIN_DESIGN"] / 10^6 + + current_unit = "A" + current_now = ENVIRON["POWER_SUPPLY_CURRENT_NOW"] / 10^6 + + power_unit = "W" + power_now = current_now * voltage_now + + charge_unit = "Ah" + charge_now = ENVIRON["POWER_SUPPLY_CHARGE_NOW"] / 10^6 + charge_full = ENVIRON["POWER_SUPPLY_CHARGE_FULL"] / 10^6 + charge_ratio = charge_now / charge_full + + energy_unit = "Wh" + energy_full = charge_full * voltage_min_design + + printf "%s %s %d%% %.2f%s/%.2f%s %d%s/%.1f%s %s\n" \ + , ENVIRON["POWER_SUPPLY_NAME"] \ + , print_bar(10, charge_ratio) \ + , charge_ratio * 100 \ + , charge_now, charge_unit \ + , current_now, current_unit \ + , energy_full, energy_unit \ + , power_now, power_unit \ + , print_hm(charge_now / current_now) + } + ' + ''; + in '' + for uevent in /sys/class/power_supply/*/uevent; do + ${power_supply} "$uevent" done ''; -- cgit v1.2.3 From 67f68fe7ea55b57c5a3e69470266386549709787 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 7 Nov 2016 01:16:11 +0100 Subject: tv q: add intel_backlight --- tv/5pkgs/q/default.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'tv') diff --git a/tv/5pkgs/q/default.nix b/tv/5pkgs/q/default.nix index 016da4405..7e2a30c3e 100644 --- a/tv/5pkgs/q/default.nix +++ b/tv/5pkgs/q/default.nix @@ -62,6 +62,21 @@ let fi ''; + q-intel_backlight = '' + cd /sys/class/backlight/intel_backlight + Date: Thu, 10 Nov 2016 20:50:38 +0100 Subject: tv q power_supply: try not to die --- tv/5pkgs/q/default.nix | 97 ++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 74 insertions(+), 23 deletions(-) (limited to 'tv') diff --git a/tv/5pkgs/q/default.nix b/tv/5pkgs/q/default.nix index 7e2a30c3e..a3a7cd739 100644 --- a/tv/5pkgs/q/default.nix +++ b/tv/5pkgs/q/default.nix @@ -84,11 +84,18 @@ let eval "$(${pkgs.gnused}/bin/sed -n ' s/^\([A-Z_]\+=[0-9A-Za-z_-]*\)$/export \1/p ' $uevent)" - if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then - exit # not battery - fi + case $POWER_SUPPLY_NAME in + AC) + exit # not battery + ;; + esac exec Date: Thu, 10 Nov 2016 20:50:59 +0100 Subject: tv nixpkgs: 238c7e0 -> 1e1112e --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tv') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 514d313c1..dbf311479 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "238c7e0dbf73d7f330689cb6ec4b1218526cee4e"; + ref = "1e1112edc57e93046f35707b874d2a4f3ff321e6"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 8ba54ab453f6fd0805214eeef6f60fa470760fca Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:15:33 +0100 Subject: pkgs.*.src.url: s/cd/ni/g --- tv/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tv') diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index eb13e4282..b38ef00f9 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -84,7 +84,7 @@ let make-public-repo = name: { cgit ? {}, ... }: { inherit cgit name; public = true; - hooks = optionalAttrs (config.krebs.build.host.name == "cd") { + hooks = optionalAttrs (config.krebs.build.host.name == "ni") { post-receive = pkgs.git-hooks.irc-announce { # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; -- cgit v1.2.3 From f458fd8be96e39b2ba6cf15f0ee48b38f294044c Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:50:34 +0100 Subject: cd: drop stuff now done by ni --- tv/1systems/cd.nix | 58 ------------------------------------------------------ 1 file changed, 58 deletions(-) (limited to 'tv') diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 043e91510..03a5e58d7 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -10,9 +10,7 @@ with import ; ../2configs/hw/CAC-Developer-2.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix - ../2configs/git.nix ../2configs/retiolum.nix - ../2configs/urlwatch.nix { tv.charybdis = { enable = true; @@ -33,62 +31,6 @@ with import ; "xmpp-server" ]; } - { - krebs.github-hosts-sync.enable = true; - tv.iptables.input-internet-accept-tcp = - singleton config.krebs.github-hosts-sync.port; - } - { - krebs.nginx.servers.cgit.server-names = [ - "cgit.cd.krebsco.de" - "cgit.cd.viljetic.de" - ]; - # TODO make public_html also available to cd, cd.retiolum (AKA default) - krebs.nginx.servers."https://viljetic.de" = { - server-names = singleton "viljetic.de"; - listen = mkForce []; # disable default - ssl = { - enable = true; - certificate = "/var/lib/acme/viljetic.de/fullchain.pem"; - certificate_key = "/var/lib/acme/viljetic.de/key.pem"; - }; - locations = [ - (nameValuePair "/" '' - root ${pkgs.viljetic-pages}; - '') - (nameValuePair "~ ^/~(.+?)(/.*)?\$" '' - alias /home/$1/public_html$2; - '') - ]; - }; - krebs.nginx.servers."http://viljetic.de" = { - server-names = singleton "viljetic.de"; - locations = [ - (nameValuePair "/.well-known/acme-challenge/" '' - root /var/lib/acme/challenges/viljetic.de/; - '') - (nameValuePair "/" '' - return 301 https://viljetic.de$request_uri; - '') - ]; - }; - security.acme = { - certs."viljetic.de" = { - email = "tomislav@viljetic.de"; - webroot = "/var/lib/acme/challenges/viljetic.de"; - plugins = [ - "account_key.json" - "key.pem" - "fullchain.pem" - ]; - user = "nginx"; - }; - }; - tv.iptables.input-internet-accept-tcp = [ - "http" - "https" - ]; - } ]; networking = { -- cgit v1.2.3 From a125dad5a88a5d30acb061dad36be07aadf3d28a Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 10 Nov 2016 23:54:09 +0100 Subject: tv retiolum: s/cd|echelon/ni/ --- tv/2configs/retiolum.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'tv') diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix index ad1116d4f..a914dad43 100644 --- a/tv/2configs/retiolum.nix +++ b/tv/2configs/retiolum.nix @@ -7,9 +7,8 @@ with import ; enable = true; connectTo = filter (ne config.krebs.build.host.name) [ "gum" + "ni" "prism" - "echelon" - "cd" ]; tincPackage = pkgs.tinc_pre; }; -- cgit v1.2.3 From b837dec290e54f532cd5539c93a663ba11f68c54 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 11 Nov 2016 08:47:46 +0100 Subject: cd: drop stuff now done by ni #2 --- tv/1systems/cd.nix | 20 -------------------- tv/2configs/git.nix | 2 +- tv/5pkgs/netcup/default.nix | 2 +- tv/Zcerts/charybdis_cd.crt.pem | 24 ------------------------ 4 files changed, 2 insertions(+), 46 deletions(-) delete mode 100644 tv/Zcerts/charybdis_cd.crt.pem (limited to 'tv') diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 03a5e58d7..dd8e2cc64 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -11,26 +11,6 @@ with import ; ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix ../2configs/retiolum.nix - { - tv.charybdis = { - enable = true; - ssl_cert = ../Zcerts/charybdis_cd.crt.pem; - }; - tv.iptables.input-retiolum-accept-tcp = [ - config.tv.charybdis.port - config.tv.charybdis.sslport - ]; - } - { - tv.ejabberd = { - enable = true; - hosts = [ "jabber.viljetic.de" ]; - }; - tv.iptables.input-internet-accept-tcp = [ - "xmpp-client" - "xmpp-server" - ]; - } ]; networking = { diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index b38ef00f9..b6724f40e 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -89,7 +89,7 @@ let # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#retiolum"; - server = "cd.retiolum"; + server = "ni.r"; verbose = true; }; }; diff --git a/tv/5pkgs/netcup/default.nix b/tv/5pkgs/netcup/default.nix index 2443e9e73..6d2ec6896 100644 --- a/tv/5pkgs/netcup/default.nix +++ b/tv/5pkgs/netcup/default.nix @@ -16,7 +16,7 @@ in stdenv.mkDerivation { name = "netcup-1.0.0"; src = fetchgit { - url = "http://cgit.cd.krebsco.de/netcup"; + url = "http://cgit.ni.krebsco.de/netcup"; rev = "tags/v1.0.0"; sha256 = "0m6mk16pblvnapxykxdccvphslbv1gjfziyr86bnqin1xb1g99bq"; }; diff --git a/tv/Zcerts/charybdis_cd.crt.pem b/tv/Zcerts/charybdis_cd.crt.pem deleted file mode 100644 index c613ff380..000000000 --- a/tv/Zcerts/charybdis_cd.crt.pem +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEGzCCAwOgAwIBAgIJAJJiphQRTzFPMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYD -VQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQHDBlCZW50 -bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8GA1UECwwI -cmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcNAQkBFg50 -dkB3dS5yZXRpb2x1bTAeFw0xNTA3MTkxODQ2MjhaFw0xNjA3MDkxODQ2MjhaMIGj -MQswCQYDVQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQH -DBlCZW50bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8G -A1UECwwIcmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcN -AQkBFg50dkB3dS5yZXRpb2x1bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAMyPb37kchbjZi6WsvpQeGOVEBTU8B4E24GkfetbfYtsFqW6pIKN7DlTFKzJ -3WKSLIf/cZuBQJucKuc8QXc5ZEXQ66QyCiX6al0j4C0AnHN17OhgH3yvmioWI4kI -ycD4N5TnaD2V0OK/HlhKCrIEly6+Nczeo+k5vrcgkkSYJivFpgK1r5+taBYiU4cc -Pgke2p3mRpZFfK61Ft6DlAg2rL2NVt7Qk0pp6BgCrtVIl968SmVKAEQBHnSYd9z2 -bNE2PH3qI+FLIfioOfXazmogxoQWR9LbKPUQ5nFRDXEJZg1hKDzseUkwV/oU8W3K -a37lOovqy+qwjYELrWP346/OF5UCAwEAAaNQME4wHQYDVR0OBBYEFI7WWP+tabb5 -CH5aY5mJcMdKGeaXMB8GA1UdIwQYMBaAFI7WWP+tabb5CH5aY5mJcMdKGeaXMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKAF8hSu7Cgp2jei3GPVOE+R -TtZUePjFJw7iUSYaG1loGfY23IgEzS/jPd/m4jueRTDbtDl7cFTUmKKsF1WWH84l -s49J2HktiHTiHyZphgWFfbjUZO4nbH11Pac64WPfoeTzm9LnM0xXNd/7VCDXRess -a6pXtAQXAZri9HOsAeNO0WFivu4oug2pyUoLE64o3UemSwBi0JW2W1KvuYGnQXEa -HqrFGLBSEQuD4wTePdK0USjhNC8ceMx04b1hUQzuMf8pcXdpkLN6bIOaA/FRxmX9 -3L+6CZPVfQvvw10eLjWv3UYgIjOQFCUR4LsvkVxTaEav0KwmyCC4GUr9Vd+n3eQ= ------END CERTIFICATE----- -- cgit v1.2.3