From f7a6fc6099267c0dbf7d092e11fb7d3b36a2861b Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 24 Nov 2016 19:26:18 +0100 Subject: tv nixpkgs: a6728e1 -> 728a957 --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tv') diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index b5b1fc240..8852100e2 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -14,7 +14,7 @@ with import ; stockholm.file = "/home/tv/stockholm"; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "a6728e15cbca1d11553f01d7c3c477ae2debfd8e"; + ref = "728a9578e31a0f78f6ad07a3a2ec706ec5290f10"; }; } // optionalAttrs host.secure { secrets-master.file = "/home/tv/secrets/master"; -- cgit v1.2.3 From 39b2301f0ac624bf89f5f5b6892450a532c4bdd0 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 24 Nov 2016 22:38:29 +0100 Subject: tv backup: {xu,zu} pull ni {ejabberd,home} --- tv/2configs/backup.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'tv') diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix index 6dd24b32f..7c91b1cf1 100644 --- a/tv/2configs/backup.nix +++ b/tv/2configs/backup.nix @@ -58,6 +58,18 @@ with import ; dst = { host = config.krebs.hosts.xu; path = "/bku/cd-home"; }; startAt = "07:00"; }; + xu-pull-ni-ejabberd = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; }; + startAt = "07:00"; + }; + xu-pull-ni-home = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/home"; }; + dst = { host = config.krebs.hosts.xu; path = "/bku/ni-home"; }; + startAt = "07:00"; + }; zu-home-xu = { method = "push"; src = { host = config.krebs.hosts.zu; path = "/home"; }; @@ -76,6 +88,18 @@ with import ; dst = { host = config.krebs.hosts.zu; path = "/bku/cd-home"; }; startAt = "06:30"; }; + zu-pull-ni-ejabberd = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; }; + startAt = "06:00"; + }; + zu-pull-ni-home = { + method = "pull"; + src = { host = config.krebs.hosts.ni; path = "/home"; }; + dst = { host = config.krebs.hosts.zu; path = "/bku/ni-home"; }; + startAt = "06:30"; + }; } // mapAttrs (_: recursiveUpdate { snapshots = { minutely = { format = "%Y-%m-%dT%H:%M"; retain = 3; }; -- cgit v1.2.3 From 75122982f04ff023062473d217dca3513cde470f Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 24 Nov 2016 22:40:55 +0100 Subject: tv git: bump --- tv/2configs/git.nix | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'tv') diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix index b6724f40e..48d738365 100644 --- a/tv/2configs/git.nix +++ b/tv/2configs/git.nix @@ -29,8 +29,10 @@ let cac-api = { cgit.desc = "CloudAtCost API command line interface"; }; + dic = { + cgit.desc = "dict.leo.org command line interface"; + }; get = {}; - hack = {}; load-env = {}; loldns = { cgit.desc = "toy DNS server"; @@ -40,12 +42,9 @@ let netcup = { cgit.desc = "netcup command line interface"; }; - newsbot-js = {}; - nixpkgs = {}; populate = { cgit.desc = "source code installer"; }; - push = {}; regfish = {}; soundcloud = { cgit.desc = "SoundCloud command line interface"; @@ -53,8 +52,10 @@ let stockholm = { cgit.desc = "NixOS configuration"; }; - with-tmpdir = {}; - } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Haskell libraries"; }) { + } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) { + ni = { + }; + } // mapAttrs (_: recursiveUpdate { cgit.section = "3. Haskell libraries"; }) { blessings = {}; mime = {}; quipper = {}; @@ -63,12 +64,15 @@ let web-routes-wai-custom = {}; xintmap = {}; xmonad-stockholm = {}; - } // mapAttrs (_: recursiveUpdate { cgit.section = "3. museum"; }) { + } // mapAttrs (_: recursiveUpdate { cgit.section = "4. museum"; }) { cgserver = {}; crude-mail-setup = {}; dot-xmonad = {}; + make-snapshot = {}; nixos-infest = {}; painload = {}; + push = {}; + with-tmpdir = {}; }); restricted-repos = mapAttrs make-restricted-repo ( -- cgit v1.2.3 From edb899745b701c717e9d44785c304f9b791b84d0 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 24 Nov 2016 22:48:35 +0100 Subject: tv: use gnupg21 everywhere --- tv/5pkgs/default.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'tv') diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 4eb8a10b4..ae47ab0f3 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -35,9 +35,6 @@ with import ; ff = pkgs.writeDashBin "ff" '' exec ${pkgs.firefoxWrapper}/bin/firefox "$@" ''; - gnupg = - if elem config.krebs.build.host.name ["xu" "wu"] - then super.gnupg21 - else super.gnupg; + gnupg = pkgs.gnupg21; }; } -- cgit v1.2.3 From 8f946dd2fc4d2577fa2ae0c251a1d672bc139077 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 24 Nov 2016 23:07:48 +0100 Subject: tv binary-cache: replace wu by xu and use hosts.binary-cache.pubkey --- tv/1systems/nomic.nix | 1 - tv/1systems/wu.nix | 1 - tv/1systems/xu.nix | 2 +- tv/1systems/zu.nix | 1 - tv/2configs/binary-cache/default.nix | 33 +++++++++++++++++++++++++++++++++ tv/2configs/wu-binary-cache/client.nix | 7 ------- tv/2configs/wu-binary-cache/default.nix | 25 ------------------------- 7 files changed, 34 insertions(+), 36 deletions(-) create mode 100644 tv/2configs/binary-cache/default.nix delete mode 100644 tv/2configs/wu-binary-cache/client.nix delete mode 100644 tv/2configs/wu-binary-cache/default.nix (limited to 'tv') diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index 6669b5dcf..7d6a1d682 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -15,7 +15,6 @@ with import ; ../2configs/nginx/public_html.nix ../2configs/pulse.nix ../2configs/retiolum.nix - ../2configs/wu-binary-cache/client.nix ../2configs/xserver ]; diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 19db559f1..d5be57bb8 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -16,7 +16,6 @@ with import ; ../2configs/nginx/public_html.nix ../2configs/pulse.nix ../2configs/retiolum.nix - ../2configs/wu-binary-cache ../2configs/xserver { environment.systemPackages = with pkgs; [ diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index a7e0b839d..b6fe6dc5c 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -15,7 +15,7 @@ with import ; ../2configs/nginx/public_html.nix ../2configs/pulse.nix ../2configs/retiolum.nix - ../2configs/wu-binary-cache/client.nix + ../2configs/binary-cache ../2configs/xserver ../2configs/xu-qemu0.nix { diff --git a/tv/1systems/zu.nix b/tv/1systems/zu.nix index 056652e4b..59e8b1c7f 100644 --- a/tv/1systems/zu.nix +++ b/tv/1systems/zu.nix @@ -21,7 +21,6 @@ with import ; ../2configs/nginx/public_html.nix ../2configs/pulse.nix ../2configs/retiolum.nix - ../2configs/wu-binary-cache/client.nix ../2configs/xserver { environment.systemPackages = with pkgs; [ diff --git a/tv/2configs/binary-cache/default.nix b/tv/2configs/binary-cache/default.nix new file mode 100644 index 000000000..5902f1895 --- /dev/null +++ b/tv/2configs/binary-cache/default.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, ... }: with import ; +{ + environment.etc."binary-cache.pubkey".text = + config.krebs.build.host.binary-cache.pubkey; + + services.nix-serve = { + enable = true; + secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path; + }; + + systemd.services.nix-serve = { + requires = ["secret.service"]; + after = ["secret.service"]; + }; + + krebs.secret.files.binary-cache-seckey = { + path = "/run/secret/nix-serve.key"; + owner.name = "nix-serve"; + source-path = toString + "/nix-serve.key"; + }; + + krebs.nginx = { + enable = true; + servers.nix-serve = { + server-names = [ + "cache.${config.krebs.build.host.name}.gg23" + ]; + locations = singleton (nameValuePair "/" '' + proxy_pass http://localhost:${toString config.services.nix-serve.port}; + ''); + }; + }; +} diff --git a/tv/2configs/wu-binary-cache/client.nix b/tv/2configs/wu-binary-cache/client.nix deleted file mode 100644 index 9634c21d4..000000000 --- a/tv/2configs/wu-binary-cache/client.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: -{ - nix = { - binaryCaches = ["http://cache.wu.gg23"]; - binaryCachePublicKeys = ["cache.wu-1:cdhA201O2R2Ect463vhJFmhpMaNyT/tOvzYvtceT9q8="]; - }; -} diff --git a/tv/2configs/wu-binary-cache/default.nix b/tv/2configs/wu-binary-cache/default.nix deleted file mode 100644 index f039a552b..000000000 --- a/tv/2configs/wu-binary-cache/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, ... }: with import ; -{ - services.nix-serve = assert config.krebs.build.host.name == "wu"; { - enable = true; - secretKeyFile = config.krebs.secret.files.nix-serve-key.path; - }; - systemd.services.nix-serve = { - requires = ["secret.service"]; - after = ["secret.service"]; - }; - krebs.secret.files.nix-serve-key = { - path = "/run/secret/nix-serve.key"; - owner.name = "nix-serve"; - source-path = toString + "/nix-serve.key"; - }; - krebs.nginx = { - enable = true; - servers.nix-serve = { - server-names = [ "cache.wu.gg23" ]; - locations = singleton (nameValuePair "/" '' - proxy_pass http://localhost:${toString config.services.nix-serve.port}; - ''); - }; - }; -} -- cgit v1.2.3