7 files changed, 45 insertions, 62 deletions

diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 542106d5f..0c361cc42 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -11,7 +11,7 @@
     # brain hosts/puyak/root
     ../../2configs/hw/getty-for-esp.nix
 
-    ../../2configs/buildbot/worker.nix
+    # ../../2configs/buildbot/worker.nix
 
     ## initrd unlocking
     # (brain hosts/puyak/luks-ssd;echo)  | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat  /crypt-ramfs/passphrase'
@@ -67,7 +67,7 @@
     }
 
     # create samba share for anonymous usage with the laser and 3d printer pc
-    ../../2configs/shack/share.nix
+    # ../../2configs/shack/share.nix
 
     # mobile.lounge.mpd.shack
     ../../2configs/shack/mobile.mpd.nix
@@ -159,7 +159,6 @@
   services.logind.lidSwitchExternalPower = "ignore";
 
 
-
   environment.systemPackages = [ pkgs.zsh ];
 
   system.activationScripts."disengage fancontrol" = ''
diff --git a/krebs/2configs/mastodon.nix b/krebs/2configs/mastodon.nix
index b81c229b6..3c7205167 100644
--- a/krebs/2configs/mastodon.nix
+++ b/krebs/2configs/mastodon.nix
@@ -1,4 +1,14 @@
 { config, lib, pkgs, ... }:
+let
+  mastodon-clear-cache = pkgs.writers.writeDashBin "mastodon-clear-cache" ''
+    /run/current-system/sw/bin/mastodon-tootctl media remove --prune-profiles --days=14 --concurrency=30
+    /run/current-system/sw/bin/mastodon-tootctl media remove-orphans
+    /run/current-system/sw/bin/mastodon-tootctl preview_cards remove --days=14
+    /run/current-system/sw/bin/mastodon-tootctl accounts prune
+    /run/current-system/sw/bin/mastodon-tootctl statuses remove --days 4
+    /run/current-system/sw/bin/mastodon-tootctl media remove --days 4
+  '';
+in
 {
   services.postgresql = {
     enable = true;
@@ -25,12 +35,20 @@
     443
   ];
 
+  systemd.services.mastodon-clear-cache = {
+    description = "Mastodon Clear Cache";
+    wantedBy = [ "timers.target" ];
+    startAt = "daily";
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${mastodon-clear-cache}/bin/mastodon-clear-cache";
+      User = "mastodon";
+      WorkingDirectory = "/var/lib/mastodon";
+    };
+  };
+
   environment.systemPackages = [
-    (pkgs.writers.writeDashBin "clear-mastodon-cache" ''
-      mastodon-tootctl media remove --prune-profiles --days=14 --concurrency=30
-      mastodon-tootctl media remove-orphans
-      mastodon-tootctl preview_cards remove --days=14
-    '')
+    mastodon-clear-cache
     (pkgs.writers.writeDashBin "create-mastodon-user" ''
       set -efu
       nick=$1
diff --git a/krebs/2configs/shack/share.nix b/krebs/2configs/shack/share.nix
index bc483e8d0..0ba22af78 100644
--- a/krebs/2configs/shack/share.nix
+++ b/krebs/2configs/shack/share.nix
@@ -26,21 +26,17 @@
         "guest ok" = "yes";
       };
     };
-    extraConfig = ''
-      guest account = smbguest
-      map to guest = bad user
-      # disable printing
-      load printers = no
-      printing = bsd
-      printcap name = /dev/null
-      disable spoolss = yes
-
-      # for legacy systems
-      client min protocol = NT1
-      server min protocol = NT1
-      workgroup = WORKGROUP
-      server string = ${config.networking.hostName}
-      netbios name = ${config.networking.hostName}
-    '';
+    settings.global = {
+          "guest account" = "smbguest";
+          "map to guest" = "bad user";
+          # disable printing
+          "load printers" = "no";
+          "printing" = "bsd";
+          "printcap name" = "/dev/null";
+          "disable spoolss" = "yes";
+          "workgroup" = "WORKGROUP";
+          "server string" = config.networking.hostName;
+          "netbios name" = config.networking.hostName;
+        };
   };
 }
diff --git a/krebs/2configs/shack/ssh-keys.nix b/krebs/2configs/shack/ssh-keys.nix
index 80957f3a5..183a81f99 100644
--- a/krebs/2configs/shack/ssh-keys.nix
+++ b/krebs/2configs/shack/ssh-keys.nix
@@ -2,6 +2,7 @@
 {
   users.users.root.openssh.authorizedKeys.keys = [
     config.krebs.users."0x4A6F".pubkey
+    config.krebs.users.susanne.pubkey
     config.krebs.users.hase.pubkey
     config.krebs.users.neos.pubkey
     config.krebs.users.raute.pubkey
diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix
index b7a8f18df..66a4095db 100644
--- a/krebs/2configs/shack/worlddomination.nix
+++ b/krebs/2configs/shack/worlddomination.nix
@@ -7,11 +7,11 @@ let
     src = pkgs.fetchFromGitHub {
       owner = "shackspace";
       repo = "worlddomination";
-      rev = "c7aedcde7cd1fcb870b5356a6125e1a384b0776c";
-      sha256 = "0y6haz5apwa33lz64l7b2x78wrrckbw39j4wzyd1hfk46478xi2y";
+      rev = "934387c3525e819e6b5981c417a7561d70b8b61a";
+      sha256 = "sha256-AbRqxxY6hYNg4qkk/akuw4f+wJh4nx1hfEA4Lp5B+1E=";
     };
     buildInputs = [
-      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
+      (pkgs.python310.withPackages (pythonPackages: with pythonPackages; [
         docopt
         LinkHeader
         aiocoap
@@ -30,41 +30,7 @@ let
   };
   pythonPackages = pkgs.python3Packages;
   # https://github.com/chrysn/aiocoap
-  grequests = pythonPackages.buildPythonPackage rec {
-    pname = "grequests";
-    version = "0.3.1";
-    name = "${pname}-${version}";
 
-    src = pkgs.fetchFromGitHub {
-      owner = "kennethreitz";
-      repo = "grequests";
-      rev =  "d1e70eb";
-      sha256 = "0drfx4fx65k0g5sj0pw8z3q1s0sp7idn2yz8xfb45nd6v82i37hc";
-    };
-
-    doCheck = false;
-
-    propagatedBuildInputs = with pythonPackages; [ requests gevent ];
-
-    meta = with lib;{
-      description = "Asynchronous HTTP requests";
-      homepage = https://github.com/kennethreitz/grequests;
-      license = with licenses; [ bsd2 ];
-      maintainers = with maintainers; [ matejc ];
-    };
-  };
-
-  aiocoap = pythonPackages.buildPythonPackage {
-      name = "aiocoap-0.3";
-      src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
-      propagatedBuildInputs = [ ];
-      doCheck = false; # 2 errors, dunnolol
-      meta = with pkgs.lib; {
-        homepage = "";
-        license = licenses.mit;
-        description = "Python CoAP library";
-      };
-    };
   LinkHeader = pythonPackages.buildPythonPackage {
     name = "LinkHeader-0.4.3";
     src = pkgs.fetchurl { url = "https://files.pythonhosted.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix
index 3f0dd0861..a3acf83cf 100644
--- a/krebs/3modules/brockman.nix
+++ b/krebs/3modules/brockman.nix
@@ -6,6 +6,7 @@ let
 in {
   options.krebs.brockman = {
     enable = mkEnableOption "brockman";
+    package = mkPackageOption pkgs "brockman" { };
     config = mkOption { type = types.attrs; }; # TODO make real config here
   };
 
@@ -26,7 +27,7 @@ in {
       serviceConfig = {
         Restart = "always";
         ExecStart = ''
-          ${pkgs.brockman}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)}
+          ${cfg.package}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)}
         '';
         User = config.users.extraUsers.brockman.name;
         PrivateTmp = true;
diff --git a/krebs/5pkgs/simple/repo-sync/default.nix b/krebs/5pkgs/simple/repo-sync/default.nix
index 66f220ba6..5dc5ecb98 100644
--- a/krebs/5pkgs/simple/repo-sync/default.nix
+++ b/krebs/5pkgs/simple/repo-sync/default.nix
@@ -3,6 +3,8 @@
 with python3Packages; buildPythonPackage rec {
   name = "repo-sync-${version}";
   version = "0.2.7";
+  pyproject = true;
+  build-system = [ python3Packages.setuptools ];
   propagatedBuildInputs = [
     docopt
     GitPython