diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/3modules/default.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/fetchWallpaper.nix | 22 | ||||
| -rw-r--r-- | krebs/3modules/htgen.nix | 68 | ||||
| -rw-r--r-- | krebs/3modules/iptables.nix | 6 | ||||
| -rw-r--r-- | krebs/3modules/tv/default.nix | 4 | ||||
| -rw-r--r-- | krebs/5pkgs/htgen/default.nix | 28 | ||||
| -rw-r--r-- | krebs/5pkgs/krebspaste/default.nix | 2 |
7 files changed, 119 insertions, 12 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index f336c966f..d24cea1a2 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -20,6 +20,7 @@ let ./github-hosts-sync.nix ./git.nix ./go.nix + ./htgen.nix ./iptables.nix ./kapacitor.nix ./monit.nix diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index e226a9060..e00c0ec9b 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -21,10 +21,9 @@ let OnCalendar = "*:00,10,20,30,40,50"; }; }; - # TODO find a better default stateDir stateDir = mkOption { type = types.str; - default = "$HOME/wallpaper"; + default = "/var/lib/wallpaper"; }; display = mkOption { type = types.str; @@ -52,27 +51,35 @@ let mkdir -p ${cfg.stateDir} cd ${cfg.stateDir} (curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || : - feh --no-fehbg --bg-scale wallpaper + feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper ''; imp = { - systemd.user.timers.fetchWallpaper = { + users.users.fetchWallpaper = { + name = "fetchWallpaper"; + uid = genid "fetchWallpaper"; + description = "fetchWallpaper user"; + home = cfg.stateDir; + createHome = true; + }; + + systemd.timers.fetchWallpaper = { description = "fetch wallpaper timer"; wantedBy = [ "timers.target" ]; timerConfig = cfg.timerConfig; }; - systemd.user.services.fetchWallpaper = { + systemd.services.fetchWallpaper = { description = "fetch wallpaper"; - wantedBy = [ "default.target" ]; + after = [ "network.target" ]; path = with pkgs; [ curl feh - coreutils ]; environment = { + URL = cfg.url; DISPLAY = cfg.display; }; restartIfChanged = true; @@ -80,6 +87,7 @@ let serviceConfig = { Type = "simple"; ExecStart = fetchWallpaperScript; + User = "fetchWallpaper"; }; unitConfig = cfg.unitConfig; diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix new file mode 100644 index 000000000..0dddca6c8 --- /dev/null +++ b/krebs/3modules/htgen.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + cfg = config.krebs.htgen; + + out = { + options.krebs.htgen = api; + config = imp; + }; + + api = mkOption { + default = {}; + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + enable = mkEnableOption "krebs.htgen-${config.name}"; + + name = mkOption { + type = types.username; + default = config._module.args.name; + }; + + port = mkOption { + type = types.uint; + }; + + script = mkOption { + type = types.str; + }; + user = mkOption { + type = types.user; + default = { + name = "htgen-${config.name}"; + home = "/var/lib/htgen-${config.name}"; + }; + }; + }; + })); + }; + imp = { + + systemd.services = mapAttrs' (name: htgen: + nameValuePair "htgen-${name}" { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + environment = { + HTGEN_PORT = toString htgen.port; + HTGEN_SCRIPT = htgen.script; + }; + serviceConfig = { + SyslogIdentifier = "htgen"; + User = htgen.user.name; + PrivateTmp = true; + Restart = "always"; + ExecStart = "${pkgs.htgen}/bin/htgen --serve"; + }; + } + ) cfg; + + users.users = mapAttrs' (name: htgen: + nameValuePair htgen.user.name { + inherit (htgen.user) home name uid; + createHome = true; + } + ) cfg; + + }; +in out diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index 09b493c20..d64ed86de 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -68,8 +68,8 @@ let networking.firewall.enable = false; systemd.services.krebs-iptables = { - description = "krebs-iptables"; - wantedBy = [ "network-pre.target" ]; + wantedBy = [ "sysinit.target" ]; + wants = [ "network-pre.target" ]; before = [ "network-pre.target" ]; after = [ "systemd-modules-load.service" ]; @@ -85,6 +85,8 @@ let Restart = "always"; ExecStart = startScript; }; + + unitConfig.DefaultDependencies = false; }; }; diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index d44c322aa..3f00f30c2 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -224,8 +224,8 @@ with import <stockholm/lib>; internet = { ip4.addr = "188.68.36.196"; aliases = [ - "cgit.ni.i" "ni.i" + "cgit.ni.i" ]; ssh.port = 11423; }; @@ -360,8 +360,8 @@ with import <stockholm/lib>; gg23 = { ip4.addr = "10.23.1.38"; aliases = [ - "cache.xu.gg23" "xu.gg23" + "cache.xu.gg23" ]; ssh.port = 11423; }; diff --git a/krebs/5pkgs/htgen/default.nix b/krebs/5pkgs/htgen/default.nix new file mode 100644 index 000000000..f9dfeb3d1 --- /dev/null +++ b/krebs/5pkgs/htgen/default.nix @@ -0,0 +1,28 @@ +{ bash, coreutils, gnused, stdenv, fetchgit, ucspi-tcp }: +with import <stockholm/lib>; +let + version = "1.1"; +in stdenv.mkDerivation { + name = "htgen-${version}"; + + src = fetchgit { + url = "http://cgit.krebsco.de/htgen"; + rev = "refs/tags/v${version}"; + sha256 = "1zxj0fv9vdrqyl3x2hgq7a6xdlzpclf93akygysrzsqk9wjapp4z"; + }; + + installPhase = '' + mkdir -p $out/bin + { + echo '#! ${bash}/bin/bash' + echo 'export PATH=${makeBinPath [ + ucspi-tcp + coreutils + gnused + ]}''${PATH+":$PATH"}' + cat htgen + } > $out/bin/htgen + chmod +x $out/bin/htgen + cp -r examples $out + ''; +} diff --git a/krebs/5pkgs/krebspaste/default.nix b/krebs/5pkgs/krebspaste/default.nix index dd7616a05..8c6676d0e 100644 --- a/krebs/5pkgs/krebspaste/default.nix +++ b/krebs/5pkgs/krebspaste/default.nix @@ -2,5 +2,5 @@ # TODO use `execve` instead? writeDashBin "krebspaste" '' - exec ${bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@" + exec ${bepasty-client-cli}/bin/bepasty-cli -L 1m --url http://paste.r "$@" '' |