diff options
65 files changed, 824 insertions, 409 deletions
diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 000000000..c96fec739 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "submodules/nix-writers"] + path = submodules/nix-writers + url = http://cgit.krebsco.de/nix-writers diff --git a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix index fa03fd4d4..5aa3c2f96 100644 --- a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix +++ b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix @@ -1,5 +1,5 @@ { pkgs, ... }: -pkgs.writeHaskell "xmonad-jeschli" { +pkgs.writeHaskellPackage "xmonad-jeschli" { executables.xmonad = { extra-depends = [ "containers" diff --git a/jeschli/source.nix b/jeschli/source.nix index 29cf9d818..fc1413ee4 100644 --- a/jeschli/source.nix +++ b/jeschli/source.nix @@ -7,6 +7,7 @@ host@{ name, secure ? false, override ? {} }: let pkgs = import <nixpkgs> { overlays = map import [ <stockholm/krebs/5pkgs> + <stockholm/submodules/nix-writers/pkgs> ]; }; in diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix index dca00a206..b87aef5a3 100644 --- a/krebs/1systems/onebutton/config.nix +++ b/krebs/1systems/onebutton/config.nix @@ -16,6 +16,36 @@ services.nixosManual.enable = false; services.journald.extraConfig = "SystemMaxUse=50M"; } + { + systemd.services.mpc-booter = let + mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600"; + url = "http://lassul.us:8000/radio.ogg"; + say = pkgs.writeDash "say" '' + tmpfile=$(${pkgs.coreutils}/bin/mktemp) + echo "$@" > $tmpfile + ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/ + rm "$tmpfile" + ''; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + RemainAfterExit = "yes"; + Type = "oneshot"; + ExecStart = pkgs.writeDash "mpc-boot" '' + until ${mpc} stats;do + echo "waiting for mpd.shack to appear" + sleep 1 + done + ${say} "Willkommen im Shack wertes Mitglied" + + ${say} "Lassulus Super Radio wurde gestartet" + ${mpc} add ${url} + ${mpc} play + ''; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.onebutton; # NixOS wants to enable GRUB by default diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix index 8f25881c9..6842bfaab 100644 --- a/krebs/1systems/onebutton/source.nix +++ b/krebs/1systems/onebutton/source.nix @@ -4,7 +4,7 @@ let nixpkgs = pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; - rev = "6c064e6b"; # only binary cache for unstable arm6 + rev = "nixos-unstable"; # only binary cache for unstable arm6 sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; }; in import <stockholm/krebs/source.nix> { diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 04b1c999f..62a5f9ab5 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -63,6 +63,7 @@ in grab_repo = steps.Git( repourl=stockholm_repo, mode='full', + submodules=True, ) ''; builder = { diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index ba0924681..5ae24b40b 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -484,7 +484,7 @@ let reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules)); - # TODO use `writeOut` + # TODO use pkgs.write (from nix-writers) scriptFarm = farm-name: scripts: let diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index a938f8ec9..e6eb3d287 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -174,5 +174,8 @@ in { mail = "spam@krebsco.de"; pubkey = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwuAZB3wtAvBJFYh+gWdyGaZU4mtqM2dFXmh2rORlbXeh02msu1uv07ck1VKkQ4LgvCBcBsAOeVa1NTz99eLqutwgcqMCytvRNUCibcoEWwHObsK53KhDJj+zotwlFhnPPeK9+EpOP4ngh/tprJikttos5BwBwe2K+lfiid3fmVPZcTTYa77nCwijimMvWEx6CEjq1wiXMUc4+qcEn8Swbwomz/EEQdNE2hgoC3iMW9RqduTFdIJWnjVi0KaxenX9CvQRGbVK5SSu2gwzN59D/okQOCP6+p1gL5r3QRHSLSSRiEHctVQTkpKOifrtLZGSr5zArEmLd/cOVyssHQPCX repo-sync@wolf''; }; + buildbotSlave = { + pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7cre2crQMI6O4XtIfIiGl1GUqIi060fJlOQJgG0/NH"; + }; }; } diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index fd74983fa..e2322e171 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -66,6 +66,7 @@ with import <stockholm/lib>; ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d7a750c6e..c5404f96d 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -520,6 +520,38 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr"; }; + nextgum = rec { + ci = true; + cores = 8; + nets = rec { + internet = { + ip4.addr = "144.76.26.247"; + ip6.addr = "2a01:4f8:191:12f6::2"; + aliases = [ + "nextgum.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.0.213"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; + aliases = [ + "nextgum.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8 + aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO + npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh + 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF + 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN + VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; + }; gum = rec { ci = true; diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 4016b6a16..418a3c73c 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -120,7 +120,7 @@ rec { url-title = (buildSimpleReaktorPlugin "url-title" { pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; - script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" '' + script = pkgs.writePython3 "url-title" [ "beautifulsoup4" "lxml" ] '' import sys import urllib.request from bs4 import BeautifulSoup diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix index e69b44f0f..9b125862b 100644 --- a/krebs/5pkgs/simple/brain/default.nix +++ b/krebs/5pkgs/simple/brain/default.nix @@ -1,6 +1,6 @@ -{ pass, writeOut, writeDash, ... }: +{ pass, write, writeDash, ... }: -writeOut "brain" { +write "brain" { "/bin/brain".link = writeDash "brain" '' PASSWORD_STORE_DIR=$HOME/brain \ exec ${pass}/bin/pass $@ diff --git a/krebs/5pkgs/simple/cholerab/default.nix b/krebs/5pkgs/simple/cholerab/default.nix new file mode 100644 index 000000000..94514fe44 --- /dev/null +++ b/krebs/5pkgs/simple/cholerab/default.nix @@ -0,0 +1,7 @@ +{ fetchgit, callPackage }: let + src = fetchgit { + url = "https://github.com/krebs/cholerab"; + rev = "25d7ef051d6fc74d99b155e768b3c650296a230c"; + sha256 = "1pymw7v2ql42iq825ccx98s4fp9jsz5b2hjr1qad6bamfc6i7yy9"; + }; +in callPackage src {} diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix index c2e83c9f4..ab7d6e651 100644 --- a/krebs/5pkgs/simple/ftb/default.nix +++ b/krebs/5pkgs/simple/ftb/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl , jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm , openjdk -, mesa, openal +, mesa_glu, openal , useAlsa ? false, alsaOss ? null }: with stdenv.lib; @@ -26,7 +26,7 @@ stdenv.mkDerivation { #!${stdenv.shell} export _JAVA_AWT_WM_NONREPARENTING=1 - export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]} + export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa_glu openal ]} ${if useAlsa then "${alsaOss}/bin/aoss" else "" } \ ${jre}/bin/java -jar $out/ftb.jar EOF diff --git a/krebs/5pkgs/simple/pass/default.nix b/krebs/5pkgs/simple/pass/default.nix index 3b6928087..c2fe0e1d7 100644 --- a/krebs/5pkgs/simple/pass/default.nix +++ b/krebs/5pkgs/simple/pass/default.nix @@ -35,12 +35,12 @@ let ); in stdenv.mkDerivation rec { - version = "1.7.1"; - name = "pass-${version}"; + version = "1.7.2"; + name = "password-store-${version}"; src = fetchurl { url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz"; - sha256 = "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn"; + sha256 = "1sl0d7nc85c6c2bmmmyb8rpmn47vhkj831l153mjlkawjvhwas27"; }; patches = [ ./set-correct-program-name-for-sleep.patch diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 9afe79510..c973386d6 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -225,6 +225,6 @@ in - pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link: + pkgs.write "stockholm" (lib.mapAttrs' (name: link: lib.nameValuePair "/bin/${name}" { inherit link; } ) cmds) diff --git a/krebs/5pkgs/simple/thesauron/default.nix b/krebs/5pkgs/simple/thesauron/default.nix deleted file mode 100644 index d543319f2..000000000 --- a/krebs/5pkgs/simple/thesauron/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ fetchgit, callPackage }: let - src = fetchgit { - url = "https://github.com/krebs/thesauron"; - rev = "8ac22588cf2c20465e3c9348e7ce04885599c2a5"; - "sha256"= "1ivkjl235dnm5aaqqvarnxkz7zh0gvah22b0fqwlsflrcd5wmgva"; - }; -in callPackage src {} diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix deleted file mode 100644 index 1939bf854..000000000 --- a/krebs/5pkgs/writers.nix +++ /dev/null @@ -1,318 +0,0 @@ -pkgs: oldpkgs: -with import <stockholm/lib>; - { - execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let - in pkgs.writeC name { inherit destination; } /* c */ '' - #include <unistd.h> - - static char *const filename = ${toC filename}; - - ${if argv == null - then /* Propagate arguments */ /* c */ '' - #define MAIN_ARGS int argc, char **argv - '' - else /* Provide fixed arguments */ /* c */ '' - #define MAIN_ARGS void - static char *const argv[] = ${toC (argv ++ [null])}; - ''} - - static char *const envp[] = ${toC ( - mapAttrsToList (k: v: "${k}=${v}") envp ++ [null] - )}; - - int main (MAIN_ARGS) { - execve(filename, argv, envp); - return -1; - } - ''; - - execveBin = name: cfg: - pkgs.execve name (cfg // { destination = "/bin/${name}"; }); - - makeScriptWriter = { interpreter, check ? null }: name: text: - assert (with types; either absolute-pathname filename).check name; - pkgs.writeOut (baseNameOf name) { - ${optionalString (types.absolute-pathname.check name) name} = { - inherit check; - executable = true; - text = "#! ${interpreter}\n${text}"; - }; - }; - - writeBash = name: text: - assert (with types; either absolute-pathname filename).check name; - pkgs.writeOut (baseNameOf name) { - ${optionalString (types.absolute-pathname.check name) name} = { - executable = true; - text = "#! ${pkgs.bash}/bin/bash\n${text}"; - }; - }; - - writeBashBin = name: - assert types.filename.check name; - pkgs.writeBash "/bin/${name}"; - - writeC = name: { destination ? "" }: text: pkgs.runCommand name { - inherit text; - passAsFile = [ "text" ]; - } /* sh */ '' - PATH=${makeBinPath (with pkgs; [ - # TODO remove if everyone migrated to 18.03 - (if hasAttr "binutils-unwrapped" pkgs then binutils-unwrapped else binutils) - coreutils - gcc - ])} - exe=$out${destination} - mkdir -p "$(dirname "$exe")" - gcc -O -Wall -o "$exe" -x c "$textPath" - strip --strip-unneeded "$exe" - ''; - - writeDash = pkgs.makeScriptWriter { - interpreter = "${pkgs.dash}/bin/dash"; - }; - - writeDashBin = name: - assert types.filename.check name; - pkgs.writeDash "/bin/${name}"; - - writeEximConfig = name: text: pkgs.runCommand name { - inherit text; - passAsFile = [ "text" ]; - } /* sh */ '' - # TODO validate exim config even with config.nix.useChroot == true - # currently doing so will fail because "user exim was not found" - #${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null - mv "$textPath" $out - ''; - - writeOut = name: specs0: - let - writers.link = - { path - , link - }: - assert path == "" || types.absolute-pathname.check path; - assert types.package.check link; - { - install = /* sh */ '' - ${optionalString (path != "") /* sh */ '' - ${pkgs.coreutils}/bin/mkdir -p $out${dirOf path} - ''} - ${pkgs.coreutils}/bin/ln -s ${link} $out${path} - ''; - }; - - writers.text = - { path - , check ? null - , executable ? false - , mode ? if executable th |