summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix2
-rw-r--r--krebs/3modules/lass/default.nix30
-rw-r--r--krebs/3modules/makefu/default.nix26
-rw-r--r--krebs/3modules/tinc.nix (renamed from krebs/3modules/retiolum.nix)48
-rw-r--r--krebs/5pkgs/Reaktor/scripts/sed-plugin.py18
-rw-r--r--krebs/5pkgs/goify/default.nix15
-rw-r--r--krebs/5pkgs/haskell-overrides/news.nix18
-rw-r--r--krebs/5pkgs/weechat/default.nix4
-rw-r--r--lass/1systems/helios.nix1
-rw-r--r--lass/1systems/iso.nix1
-rw-r--r--lass/1systems/prism.nix2
-rw-r--r--lass/2configs/buildbot-standalone.nix53
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/2configs/git.nix4
-rw-r--r--lass/2configs/ircd.nix2
-rw-r--r--lass/2configs/mpv.nix2
-rw-r--r--lass/2configs/newsbot-js.nix35
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/radio.nix6
-rw-r--r--lass/2configs/retiolum.nix2
-rw-r--r--lass/2configs/websites/lassulus.nix3
-rw-r--r--lass/2configs/wine.nix4
-rw-r--r--lass/3modules/default.nix1
-rw-r--r--lass/3modules/news.nix76
-rw-r--r--lass/5pkgs/default.nix1
-rw-r--r--lass/5pkgs/xml2json/default.nix17
-rw-r--r--makefu/1systems/gum.nix11
-rw-r--r--makefu/1systems/studio.nix75
-rw-r--r--makefu/1systems/tsp.nix2
-rw-r--r--makefu/1systems/wbob.nix31
-rw-r--r--makefu/1systems/x.nix2
-rw-r--r--makefu/2configs/audio/jack-on-pulse.nix45
-rw-r--r--makefu/2configs/audio/realtime-audio.nix16
-rw-r--r--makefu/2configs/avahi.nix8
-rw-r--r--makefu/2configs/backup.nix5
-rw-r--r--makefu/2configs/default.nix2
-rw-r--r--makefu/2configs/deployment/led-fader.nix39
-rw-r--r--makefu/2configs/deployment/wiki-irc.nix4
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix1
-rw-r--r--makefu/2configs/gui/base.nix (renamed from makefu/2configs/base-gui.nix)4
-rw-r--r--makefu/2configs/gui/studio.nix22
-rw-r--r--makefu/2configs/gui/urxvtd.nix (renamed from makefu/2configs/urxvtd.nix)0
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix23
-rw-r--r--makefu/2configs/main-laptop.nix2
-rw-r--r--makefu/2configs/sources/default.nix7
-rw-r--r--makefu/2configs/sources/musnix.nix6
-rw-r--r--makefu/2configs/urlwatch.nix1
-rw-r--r--makefu/2configs/vncserver.nix62
-rw-r--r--makefu/3modules/server-config.nix5
-rw-r--r--makefu/3modules/taskserver.nix4
-rw-r--r--makefu/5pkgs/acdcli/default.nix2
-rw-r--r--makefu/5pkgs/alsa-tools/default.nix4
-rw-r--r--makefu/5pkgs/bintray-upload/default.nix2
-rw-r--r--makefu/5pkgs/devpi/default.nix2
-rw-r--r--makefu/5pkgs/elchhub/default.nix2
-rw-r--r--makefu/5pkgs/novnc/default.nix41
-rw-r--r--makefu/5pkgs/shackie/default.nix33
-rw-r--r--shared/2configs/default.nix2
58 files changed, 696 insertions, 143 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index daa963bc8..227eb209b 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -34,10 +34,10 @@ let
./Reaktor.nix
./realwallpaper.nix
./retiolum-bootstrap.nix
- ./retiolum.nix
./rtorrent.nix
./secret.nix
./setuid.nix
+ ./tinc.nix
./tinc_graphs.nix
./urlwatch.nix
./repo-sync.nix
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index ec5811d86..b86e05319 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -10,7 +10,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "144.76.172.188";
aliases = [
- "dishfire.internet"
+ "dishfire.i"
];
ssh.port = 45621;
};
@@ -42,7 +42,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "104.233.79.118";
aliases = [
- "echelon.internet"
+ "echelon.i"
];
ssh.port = 45621;
};
@@ -82,9 +82,8 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "213.239.205.240";
aliases = [
- "prism.internet"
+ "prism.i"
"paste.i"
- "paste.internet"
];
ssh.port = 45621;
};
@@ -132,7 +131,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "104.167.113.104";
aliases = [
- "cloudkrebs.internet"
+ "cloudkrebs.i"
];
ssh.port = 45621;
};
@@ -302,6 +301,27 @@ with import <stockholm/lib>;
iso = {
cores = 1;
};
+ sokrateslaptop = {
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.142.104";
+ ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc";
+ aliases = [
+ "sokrateslaptop.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
+ t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
+ rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
+ egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
+ aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
+ VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
};
users = {
lass = {
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 650344981..33202d0ab 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -26,6 +26,31 @@ with import <stockholm/lib>;
};
};
};
+ studio = rec {
+ cores = 4;
+ ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio";
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.227.163";
+ ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6";
+ aliases = [
+ "studio.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti
+ cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk
+ GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI
+ jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1
+ 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu
+ 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+
fileleech = rec {
cores = 4;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
@@ -449,6 +474,7 @@ with import <stockholm/lib>;
nets = rec {
internet = {
ip4.addr = "188.68.40.19";
+ ip6.addr = "2a03:4000:17:2df::1";
aliases = [
"gum.i"
];
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/tinc.nix
index 0a3d7ed2f..8af15c13b 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/tinc.nix
@@ -17,6 +17,27 @@ let
in {
enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; };
+ enableLegacy = mkEnableOption "/etc/tinc/${netname}";
+
+ confDir = mkOption {
+ type = types.package;
+ default = pkgs.linkFarm "${netname}-etc-tinc"
+ (mapAttrsToList (name: path: { inherit name path; }) {
+ "hosts" = tinc.config.hostsPackage;
+ "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
+ Name = ${tinc.config.host.name}
+ Interface = ${netname}
+ ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
+ PrivateKeyFile = ${tinc.config.privkey.path}
+ Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
+ ${tinc.config.extraConfig}
+ '';
+ "tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
+ ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up
+ ${tinc.config.tincUp}
+ '';
+ });
+ };
host = mkOption {
type = types.host;
@@ -175,29 +196,16 @@ let
}
) config.krebs.tinc;
+ environment.etc = mapAttrs' (netname: cfg:
+ nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy {
+ source = cfg.confDir;
+ })
+ ) config.krebs.tinc;
+
systemd.services = mapAttrs (netname: cfg:
let
tinc = cfg.tincPackage;
iproute = cfg.iproutePackage;
-
- confDir = let
- namePathPair = name: path: { inherit name path; };
- in pkgs.linkFarm "${netname}-etc-tinc" (mapAttrsToList namePathPair {
- "hosts" = cfg.hostsPackage;
- "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" ''
- Name = ${cfg.host.name}
- Interface = ${netname}
- ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)}
- PrivateKeyFile = ${cfg.privkey.path}
- Port = ${toString cfg.host.nets.${cfg.netname}.tinc.port}
- ${cfg.extraConfig}
- '';
- "tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
- ${iproute}/sbin/ip link set ${netname} up
- ${cfg.tincUp}
- '';
- }
- );
in {
description = "Tinc daemon for ${netname}";
after = [ "network.target" ];
@@ -206,7 +214,7 @@ let
path = [ tinc iproute ];
serviceConfig = rec {
Restart = "always";
- ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid";
+ ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid";
SyslogIdentifier = netname;
};
}
diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
index 22b48e59d..da8e2f726 100644
--- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
+++ b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py
@@ -3,15 +3,17 @@
# Usage:
# _from=krebs state_dir=. python sed-plugin.py 'dick butt'
# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g'
-## dick bull
+# > dick bull
import shelve
from os import environ
from os.path import join
from sys import argv
-d = shelve.open(join(environ['state_dir'],'sed-plugin.shelve'),writeback=True)
-usr = environ['_from']
import re
+d = shelve.open(join(environ['state_dir'], 'sed-plugin.shelve'), writeback=True)
+usr = environ['_from']
+
+
def is_regex(line):
myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$')
return myre.match(line)
@@ -19,15 +21,15 @@ def is_regex(line):
line = argv[1]
if is_regex(line):
- last = d.get(usr,None)
+ last = d.get(usr, None)
if last:
- from subprocess import Popen,PIPE
- p = Popen(['sed',line],stdin=PIPE,stdout=PIPE)
- so,se = p.communicate(bytes("{}\n".format(last),"UTF-8"))
+ from subprocess import Popen, PIPE
+ p = Popen(['sed', line], stdin=PIPE, stdout=PIPE)
+ so, se = p.communicate(bytes("{}\n".format(last), "UTF-8"))
if p.returncode:
print("something went wrong when trying to process your regex: {}".format(se.decode()))
ret = so.decode()
- print("\x1b[1m{}\x1b[0m meinte: {}".format(usr,ret.strip()))
+ print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip()))
if ret:
d[usr] = ret
diff --git a/krebs/5pkgs/goify/default.nix b/krebs/5pkgs/goify/default.nix
index e2849b5c7..9c44aaeeb 100644
--- a/krebs/5pkgs/goify/default.nix
+++ b/krebs/5pkgs/goify/default.nix
@@ -1,17 +1,18 @@
{ pkgs, ... }:
-pkgs.writeDashBin "goify" ''
+pkgs.writeBashBin "goify" ''
set -euf
GO_HOST=''${GO_HOST:-go}
while read line; do
- echo "$line" | sed -E 's|https?://\S*|\n&\n|g' | while read word; do
- if echo "$word" | grep -Eq ^https?:; then
- ${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" | tr -d '\r'
+ echo "$line" | sed 's|https\?://\S*|\n&\n|g' | while read word; do
+ if echo "$word" | grep -q '^https\?:'; then
+ ${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" \
+ | tr -d '\r'
else
- echo "$word";
- fi;
- done | sed '/^$/d' | tr '\n' ' '; echo;
+ echo "$word"
+ fi
+ done | grep . | tr '\n' ' '; echo
done
''
diff --git a/krebs/5pkgs/haskell-overrides/news.nix b/krebs/5pkgs/haskell-overrides/news.nix
new file mode 100644
index 000000000..ba5e7a5e1
--- /dev/null
+++ b/krebs/5pkgs/haskell-overrides/news.nix
@@ -0,0 +1,18 @@
+{ mkDerivation, base, bloomfilter, bytestring, feed, fetchgit, lens
+, stdenv, wreq
+}:
+mkDerivation {
+ pname = "news";
+ version = "1.0.0";
+ src = fetchgit {
+ url = "http://cgit.lassul.us/news";
+ sha256 = "1n3ffr2a5irr5aly0y7qsafag3kxvyyh077ayk0vdwbd0s9hvnjs";
+ rev = "c3eb2c0a1a34fc41e18d0bc99b1c4dc73aa6eb20";
+ };
+ isLibrary = false;
+ isExecutable = true;
+ executableHaskellDepends = [
+ base bloomfilter bytestring feed lens wreq
+ ];
+ license = stdenv.lib.licenses.mit;
+}
diff --git a/krebs/5pkgs/weechat/default.nix b/krebs/5pkgs/weechat/default.nix
index f5dc6a8d4..c703ca8bf 100644
--- a/krebs/5pkgs/weechat/default.nix
+++ b/krebs/5pkgs/weechat/default.nix
@@ -21,12 +21,12 @@ let
in
stdenv.mkDerivation rec {
- version = "1.7.1";
+ version = "1.8";
name = "weechat-${version}";
src = fetchurl {
url = "http://weechat.org/files/src/weechat-${version}.tar.bz2";
- sha256 = "1020m1lsm8lg9n0dlxgp2wbn9b0r11g8r0namnzi2x6gvxn7iyf0";
+ sha256 = "10km0437lg9ms6f16h20s89l2w9f9g597rykybxb16s95ql48z08";
};
outputs = [ "out" "doc" ];
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index 298c9083d..99760dfdb 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -48,6 +48,7 @@ with import <stockholm/lib>;
maven
arandr
libreoffice
+ mpv
];
}
#{
diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
index 99399550c..30fc674bc 100644
--- a/lass/1systems/iso.nix
+++ b/lass/1systems/iso.nix
@@ -7,7 +7,6 @@ with import <stockholm/lib>;
../../krebs
../3modules
../5pkgs
- ../2configs/binary-cache/client.nix
../2configs/mc.nix
../2configs/nixpkgs.nix
../2configs/vim.nix
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index c897ab655..01cfe5414 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -256,7 +256,7 @@ in {
{
krebs.Reaktor.coders = {
nickname = "Reaktor|lass";
- channels = [ "#coders" ];
+ channels = [ "#coders" "#germany" ];
extraEnviron = {
REAKTOR_HOST = "irc.hackint.org";
};
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 7b38e44c6..62b823c3f 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -92,7 +92,6 @@ in {
nixshell = [
"nix-shell",
"-I", "stockholm=.",
- "-I", "nixpkgs=/var/src/nixpkgs",
"-p"
] + deps + [ "--run" ]
@@ -107,11 +106,9 @@ in {
for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]:
addShell(f,name="build-{}".format(i),env=env_shared,
command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=build \
+ ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
+ make NIX_PATH=$HOME/$LOGNAME test method=build \
+ target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@@ -119,11 +116,9 @@ in {
for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=build \
+ ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
+ make NIX_PATH=$HOME/$LOGNAME test method=build \
+ target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@@ -131,11 +126,9 @@ in {
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
addShell(f,name="build-{}".format(i),env=env_makefu,
command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=build \
+ ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
+ make NIX_PATH=$HOME/$LOGNAME test method=build \
+ target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@@ -143,11 +136,9 @@ in {
for i in [ "hiawatha", "onondaga" ]:
addShell(f,name="build-{}".format(i),env=env_nin,
command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=build \
+ ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
+ make NIX_PATH=$HOME/$LOGNAME test method=build \
+ target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@@ -211,7 +202,7 @@ in {
]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
+ ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
make system=prism pkgs.{}".format(i)])
bu.append(util.BuilderConfig(name="build-pkgs",
@@ -255,7 +246,7 @@ in {
options.lass.build-ssh-privkey = mkOption {
type = types.secret-file;
default = {
- path = "${config.users.users.buildbotworker.home}/ssh.privkey";
+ path = "${config.users.users.buildbotworker.home}/.ssh/id_rsa";
owner = { inherit (config.users.users.buildbotworker ) name uid;};
source-path = toString <secrets> + "/build.ssh.key";
};
@@ -263,16 +254,10 @@ in {
config.krebs.secret.files = {
build-ssh-privkey = config.lass.build-ssh-privkey;
};
- config.users.users = {
- build = {
- name = "build";
- uid = genid "build";
- home = "/home/build";
- useDefaultShell = true;
- createHome = true;
- openssh.authorizedKeys.keys = [
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5