From 1a7d62733ca6d49114d5a19eeb6052d51a7c19b2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 May 2017 20:10:36 +0200 Subject: k 5 goify: fix extra space bug --- krebs/5pkgs/goify/default.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/goify/default.nix b/krebs/5pkgs/goify/default.nix index e2849b5c7..9c44aaeeb 100644 --- a/krebs/5pkgs/goify/default.nix +++ b/krebs/5pkgs/goify/default.nix @@ -1,17 +1,18 @@ { pkgs, ... }: -pkgs.writeDashBin "goify" '' +pkgs.writeBashBin "goify" '' set -euf GO_HOST=''${GO_HOST:-go} while read line; do - echo "$line" | sed -E 's|https?://\S*|\n&\n|g' | while read word; do - if echo "$word" | grep -Eq ^https?:; then - ${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" | tr -d '\r' + echo "$line" | sed 's|https\?://\S*|\n&\n|g' | while read word; do + if echo "$word" | grep -q '^https\?:'; then + ${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" \ + | tr -d '\r' else - echo "$word"; - fi; - done | sed '/^$/d' | tr '\n' ' '; echo; + echo "$word" + fi + done | grep . | tr '\n' ' '; echo done '' -- cgit v1.2.3 From e48425770fe42617d244909497867ec800cc691e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 May 2017 22:52:19 +0200 Subject: youtube-dl: init at 2017.04.28 --- krebs/5pkgs/youtube-dl/default.nix | 58 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 krebs/5pkgs/youtube-dl/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/youtube-dl/default.nix b/krebs/5pkgs/youtube-dl/default.nix new file mode 100644 index 000000000..b0c449d49 --- /dev/null +++ b/krebs/5pkgs/youtube-dl/default.nix @@ -0,0 +1,58 @@ +{ stdenv, fetchurl, pkgs +, zip, ffmpeg, rtmpdump, atomicparsley, pandoc +# Pandoc is required to build the package's man page. Release tarballs contain a +# formatted man page already, though, it will still be installed. We keep the +# manpage argument in place in case someone wants to use this derivation to +# build a Git version of the tool that doesn't have the formatted man page +# included. +, generateManPage ? false +, ffmpegSupport ? true +, rtmpSupport ? true +, makeWrapper }: + +with stdenv.lib; +let + buildPythonApplication = args: pkgs.pythonPackages.buildPythonPackage ({namePrefix="";} // args ); +in buildPythonApplication rec { + + name = "youtube-dl-${version}"; + version = "2017.04.28"; + + src = fetchurl { + url = "https://yt-dl.org/downloads/${version}/${name}.tar.gz"; + sha256 = "0d3mgf8qxb07b7bjf79ppaxhcl4f47q0zjpshp6y2q0lalfskh3j"; + }; + + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ zip ] ++ optional generateManPage pandoc; + + # Ensure ffmpeg is available in $PATH for post-processing & transcoding support. + # rtmpdump is required to download files over RTMP + # atomicparsley for embedding thumbnails + postInstall = let + packagesToBinPath = + [ atomicparsley ] + ++ optional ffmpegSupport ffmpeg + ++ optional rtmpSupport rtmpdump; + in '' + wrapProgram $out/bin/youtube-dl --prefix PATH : "${makeBinPath packagesToBinPath}" + ''; + + # Requires network + doCheck = false; + + meta = { + homepage = http://rg3.github.io/youtube-dl/; + repositories.git = https://github.com/rg3/youtube-dl.git; + description = "Command-line tool to download videos from YouTube.com and other sites"; + longDescription = '' + youtube-dl is a small, Python-based command-line program + to download videos from YouTube.com and a few more sites. + youtube-dl is released to the public domain, which means + you can modify it, redistribute it or use it however you like. + ''; + license = licenses.publicDomain; + platforms = with platforms; linux ++ darwin; + maintainers = with maintainers; [ bluescreen303 phreedom AndersonTorres fuuzetsu fpletz ]; + }; +} -- cgit v1.2.3 From f8891425d6b918237656201a1256e81605983546 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 8 May 2017 21:08:13 +0200 Subject: youtube-dl: remove because upstream catched up --- krebs/5pkgs/youtube-dl/default.nix | 58 -------------------------------------- 1 file changed, 58 deletions(-) delete mode 100644 krebs/5pkgs/youtube-dl/default.nix (limited to 'krebs') diff --git a/krebs/5pkgs/youtube-dl/default.nix b/krebs/5pkgs/youtube-dl/default.nix deleted file mode 100644 index b0c449d49..000000000 --- a/krebs/5pkgs/youtube-dl/default.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ stdenv, fetchurl, pkgs -, zip, ffmpeg, rtmpdump, atomicparsley, pandoc -# Pandoc is required to build the package's man page. Release tarballs contain a -# formatted man page already, though, it will still be installed. We keep the -# manpage argument in place in case someone wants to use this derivation to -# build a Git version of the tool that doesn't have the formatted man page -# included. -, generateManPage ? false -, ffmpegSupport ? true -, rtmpSupport ? true -, makeWrapper }: - -with stdenv.lib; -let - buildPythonApplication = args: pkgs.pythonPackages.buildPythonPackage ({namePrefix="";} // args ); -in buildPythonApplication rec { - - name = "youtube-dl-${version}"; - version = "2017.04.28"; - - src = fetchurl { - url = "https://yt-dl.org/downloads/${version}/${name}.tar.gz"; - sha256 = "0d3mgf8qxb07b7bjf79ppaxhcl4f47q0zjpshp6y2q0lalfskh3j"; - }; - - nativeBuildInputs = [ makeWrapper ]; - buildInputs = [ zip ] ++ optional generateManPage pandoc; - - # Ensure ffmpeg is available in $PATH for post-processing & transcoding support. - # rtmpdump is required to download files over RTMP - # atomicparsley for embedding thumbnails - postInstall = let - packagesToBinPath = - [ atomicparsley ] - ++ optional ffmpegSupport ffmpeg - ++ optional rtmpSupport rtmpdump; - in '' - wrapProgram $out/bin/youtube-dl --prefix PATH : "${makeBinPath packagesToBinPath}" - ''; - - # Requires network - doCheck = false; - - meta = { - homepage = http://rg3.github.io/youtube-dl/; - repositories.git = https://github.com/rg3/youtube-dl.git; - description = "Command-line tool to download videos from YouTube.com and other sites"; - longDescription = '' - youtube-dl is a small, Python-based command-line program - to download videos from YouTube.com and a few more sites. - youtube-dl is released to the public domain, which means - you can modify it, redistribute it or use it however you like. - ''; - license = licenses.publicDomain; - platforms = with platforms; linux ++ darwin; - maintainers = with maintainers; [ bluescreen303 phreedom AndersonTorres fuuzetsu fpletz ]; - }; -} -- cgit v1.2.3 From 41841469b36bf26cafaa6741fdcb9a0c36982dc3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 21:38:45 +0200 Subject: news: init at 1.0.0 --- krebs/5pkgs/haskell-overrides/news.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 krebs/5pkgs/haskell-overrides/news.nix (limited to 'krebs') diff --git a/krebs/5pkgs/haskell-overrides/news.nix b/krebs/5pkgs/haskell-overrides/news.nix new file mode 100644 index 000000000..ba5e7a5e1 --- /dev/null +++ b/krebs/5pkgs/haskell-overrides/news.nix @@ -0,0 +1,18 @@ +{ mkDerivation, base, bloomfilter, bytestring, feed, fetchgit, lens +, stdenv, wreq +}: +mkDerivation { + pname = "news"; + version = "1.0.0"; + src = fetchgit { + url = "http://cgit.lassul.us/news"; + sha256 = "1n3ffr2a5irr5aly0y7qsafag3kxvyyh077ayk0vdwbd0s9hvnjs"; + rev = "c3eb2c0a1a34fc41e18d0bc99b1c4dc73aa6eb20"; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + base bloomfilter bytestring feed lens wreq + ]; + license = stdenv.lib.licenses.mit; +} -- cgit v1.2.3 From f83a90fd7d7c83f71ed4f5c86cf10985cbe605f9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 22:45:16 +0200 Subject: k 3 l: add sokrateslaptop --- krebs/3modules/lass/default.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ec5811d86..cd8238dc1 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -302,6 +302,27 @@ with import ; iso = { cores = 1; }; + sokrateslaptop = { + nets = { + retiolum = { + ip4.addr = "10.243.142.104"; + ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc"; + aliases = [ + "sokrateslaptop.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 + t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ + rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW + egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 + aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V + VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { lass = { -- cgit v1.2.3 From 991687f7428440356403b6c63d695397b33078a6 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 9 May 2017 22:52:53 +0200 Subject: m studio: init --- krebs/3modules/makefu/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 650344981..7e098eea1 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -26,6 +26,31 @@ with import ; }; }; }; + studio = rec { + cores = 4; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; + nets = { + retiolum = { + ip4.addr = "10.243.227.163"; + ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6"; + aliases = [ + "studio.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti + cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk + GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI + jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1 + 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu + 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + fileleech = rec { cores = 4; ssh.privkey.path = ; -- cgit v1.2.3 From d95ff6942d2244a7f019032787073e5f087755c2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 11 May 2017 16:16:13 +0200 Subject: l 3 l: .internet -> .i --- krebs/3modules/lass/default.nix | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index cd8238dc1..b86e05319 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -10,7 +10,7 @@ with import ; internet = { ip4.addr = "144.76.172.188"; aliases = [ - "dishfire.internet" + "dishfire.i" ]; ssh.port = 45621; }; @@ -42,7 +42,7 @@ with import ; internet = { ip4.addr = "104.233.79.118"; aliases = [ - "echelon.internet" + "echelon.i" ]; ssh.port = 45621; }; @@ -82,9 +82,8 @@ with import ; internet = { ip4.addr = "213.239.205.240"; aliases = [ - "prism.internet" + "prism.i" "paste.i" - "paste.internet" ]; ssh.port = 45621; }; @@ -132,7 +131,7 @@ with import ; internet = { ip4.addr = "104.167.113.104"; aliases = [ - "cloudkrebs.internet" + "cloudkrebs.i" ]; ssh.port = 45621; }; -- cgit v1.2.3 From f65349a3bcf315a0e89db63772c1a164352c6693 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 12 May 2017 11:30:26 +0200 Subject: k 3 m: retab --- krebs/3modules/makefu/default.nix | 49 ++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 24 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 7e098eea1..33202d0ab 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -26,30 +26,30 @@ with import ; }; }; }; - studio = rec { - cores = 4; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; - nets = { - retiolum = { - ip4.addr = "10.243.227.163"; - ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6"; - aliases = [ - "studio.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti - cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk - GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI - jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1 - 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu - 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; + studio = rec { + cores = 4; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; + nets = { + retiolum = { + ip4.addr = "10.243.227.163"; + ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6"; + aliases = [ + "studio.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti + cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk + GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI + jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1 + 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu + 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; fileleech = rec { cores = 4; @@ -474,6 +474,7 @@ with import ; nets = rec { internet = { ip4.addr = "188.68.40.19"; + ip6.addr = "2a03:4000:17:2df::1"; aliases = [ "gum.i" ]; -- cgit v1.2.3 From ddc78797c290044ebbe593eca66e731d15b3b288 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 12 May 2017 19:24:41 +0200 Subject: k 5 R sed: make pep80 happy --- krebs/5pkgs/Reaktor/scripts/sed-plugin.py | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py index 22b48e59d..f96b849e2 100644 --- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py @@ -3,15 +3,17 @@ # Usage: # _from=krebs state_dir=. python sed-plugin.py 'dick butt' # _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' -## dick bull +# > dick bull import shelve from os import environ from os.path import join from sys import argv -d = shelve.open(join(environ['state_dir'],'sed-plugin.shelve'),writeback=True) -usr = environ['_from'] import re +d = shelve.open(join(environ['state_dir'], 'sed-plugin.shelve'), writeback=True) +usr = environ['_from'] + + def is_regex(line): myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') return myre.match(line) @@ -19,11 +21,11 @@ def is_regex(line): line = argv[1] if is_regex(line): - last = d.get(usr,None) + last = d.get(usr, None) if last: - from subprocess import Popen,PIPE - p = Popen(['sed',line],stdin=PIPE,stdout=PIPE) - so,se = p.communicate(bytes("{}\n".format(last),"UTF-8")) + from subprocess import Popen, PIPE + p = Popen(['sed', line], stdin=PIPE, stdout=PIPE) + so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) if p.returncode: print("something went wrong when trying to process your regex: {}".format(se.decode())) ret = so.decode() -- cgit v1.2.3 From d04f5af71e0861210a6a307aa8d3289abed2ada8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 12 May 2017 19:25:39 +0200 Subject: k 5 R sed: write english --- krebs/5pkgs/Reaktor/scripts/sed-plugin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py index f96b849e2..da8e2f726 100644 --- a/krebs/5pkgs/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/Reaktor/scripts/sed-plugin.py @@ -29,7 +29,7 @@ if is_regex(line): if p.returncode: print("something went wrong when trying to process your regex: {}".format(se.decode())) ret = so.decode() - print("\x1b[1m{}\x1b[0m meinte: {}".format(usr,ret.strip())) + print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) if ret: d[usr] = ret -- cgit v1.2.3 From 44cc54eef16e1b309eff1b17dbb2cfe8ac76948d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 15 May 2017 23:38:50 +0200 Subject: weechat: 1.7.1 -> 1.8 --- krebs/5pkgs/weechat/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/weechat/default.nix b/krebs/5pkgs/weechat/default.nix index f5dc6a8d4..c703ca8bf 100644 --- a/krebs/5pkgs/weechat/default.nix +++ b/krebs/5pkgs/weechat/default.nix @@ -21,12 +21,12 @@ let in stdenv.mkDerivation rec { - version = "1.7.1"; + version = "1.8"; name = "weechat-${version}"; src = fetchurl { url = "http://weechat.org/files/src/weechat-${version}.tar.bz2"; - sha256 = "1020m1lsm8lg9n0dlxgp2wbn9b0r11g8r0namnzi2x6gvxn7iyf0"; + sha256 = "10km0437lg9ms6f16h20s89l2w9f9g597rykybxb16s95ql48z08"; }; outputs = [ "out" "doc" ]; -- cgit v1.2.3 From a89e7a5c75204c5d1ad825f25430830f718a0411 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 16 May 2017 22:03:42 +0200 Subject: krebs.tinc: expose confDir --- krebs/3modules/retiolum.nix | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 0a3d7ed2f..67d383bb1 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -18,6 +18,26 @@ let enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + confDir = mkOption { + type = types.package; + default = pkgs.linkFarm "${netname}-etc-tinc" + (mapAttrsToList (name: path: { inherit name path; }) { + "hosts" = tinc.config.hostsPackage; + "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' + Name = ${tinc.config.host.name} + Interface = ${netname} + ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} + PrivateKeyFile = ${tinc.config.privkey.path} + Port = ${toString tinc.config.host.nets.${netname}.tinc.port} + ${tinc.config.extraConfig} + ''; + "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' + ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ${tinc.config.tincUp} + ''; + }); + }; + host = mkOption { type = types.host; default = config.krebs.build.host; @@ -179,25 +199,6 @@ let let tinc = cfg.tincPackage; iproute = cfg.iproutePackage; - - confDir = let - namePathPair = name: path: { inherit name path; }; - in pkgs.linkFarm "${netname}-etc-tinc" (mapAttrsToList namePathPair { - "hosts" = cfg.hostsPackage; - "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" '' - Name = ${cfg.host.name} - Interface = ${netname} - ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)} - PrivateKeyFile = ${cfg.privkey.path} - Port = ${toString cfg.host.nets.${cfg.netname}.tinc.port} - ${cfg.extraConfig} - ''; - "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${iproute}/sbin/ip link set ${netname} up - ${cfg.tincUp} - ''; - } - ); in { description = "Tinc daemon for ${netname}"; after = [ "network.target" ]; @@ -206,7 +207,7 @@ let path = [ tinc iproute ]; serviceConfig = rec { Restart = "always"; - ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; + ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; SyslogIdentifier = netname; }; } -- cgit v1.2.3 From fe639f585e9054096c2cee6e1a3cef9f22a37c78 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 22:06:31 +0200 Subject: k3: retiolum.nix -> tinc.nix --- krebs/3modules/default.nix | 2 +- krebs/3modules/retiolum.nix | 216 -------------------------------------------- krebs/3modules/tinc.nix | 216 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 217 insertions(+), 217 deletions(-) delete mode 100644 krebs/3modules/retiolum.nix create mode 100644 krebs/3modules/tinc.nix (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index daa963bc8..227eb209b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -34,10 +34,10 @@ let ./Reaktor.nix ./realwallpaper.nix ./retiolum-bootstrap.nix - ./retiolum.nix ./rtorrent.nix ./secret.nix ./setuid.nix + ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix ./repo-sync.nix diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix deleted file mode 100644 index 67d383bb1..000000000 --- a/krebs/3modules/retiolum.nix +++ /dev/null @@ -1,216 +0,0 @@ -{ config, pkgs, lib, ... }: -with import ; -let - out = { - options.krebs.tinc = api; - config = imp; - }; - - api = mkOption { - default = {}; - description = '' - define a tinc network - ''; - type = with types; attrsOf (submodule (tinc: { - options = let - netname = tinc.config._module.args.name; - in { - - enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; - - confDir = mkOption { - type = types.package; - default = pkgs.linkFarm "${netname}-etc-tinc" - (mapAttrsToList (name: path: { inherit name path; }) { - "hosts" = tinc.config.hostsPackage; - "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' - Name = ${tinc.config.host.name} - Interface = ${netname} - ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} - PrivateKeyFile = ${tinc.config.privkey.path} - Port = ${toString tinc.config.host.nets.${netname}.tinc.port} - ${tinc.config.extraConfig} - ''; - "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' - ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up - ${tinc.config.tincUp} - ''; - }); - }; - - host = mkOption { - type = types.host; - default = config.krebs.build.host; - }; - - netname = mkOption { - type = types.enum (attrNames tinc.config.host.nets); - default = netname; - description = '' - The tinc network name. - It is used to name the TUN device and to generate the default value for - config.krebs.tinc.retiolum.hosts. - ''; - }; - - extraConfig = mkOption { - type = types.str; - default = ""; - description = '' - Extra Configuration to be appended to tinc.conf - ''; - }; - tincUp = mkOption { - type = types.string; - default = let - net = tinc.config.host.nets.${netname}; - iproute = tinc.config.iproutePackage; - in '' - ${optionalString (net.ip4 != null) /* sh */ '' - ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname} - ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname} - ''} - ${optionalString (net.ip6 != null) /* sh */ '' - ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname} - ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname} - ''} - ''; - description = '' - tinc-up script to be used. Defaults to setting the - krebs.host.nets..ip4 and ip6 for the new ips and - configures forwarding of the respecitive netmask as subnet. - ''; - }; - - tincPackage = mkOption { - type = types.package; - default = pkgs.tinc; - description = "Tincd package to use."; - }; - - hosts = mkOption { - type = with types; attrsOf host; - default = - filterAttrs (_: h: hasAttr tinc.config.netname h.nets) config.krebs.hosts; - description = '' - Hosts to generate config.krebs.tinc.retiolum.hostsPackage. - Note that these hosts must have a network named - config.krebs.tinc.retiolum.netname. - ''; - }; - - hostsArchive = mkOption { - type = types.package; - default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' - ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts - ${pkgs.gnutar}/bin/tar -hcjf $out hosts - ''; - readOnly = true; - }; - - hostsPackage = mkOption { - type = types.package; - default = pkgs.stdenv.mkDerivation { - name = "${tinc.config.netname}-tinc-hosts"; - phases = [ "installPhase" ]; - installPhase = '' - mkdir $out - ${concatStrings (lib.mapAttrsToList (_: host: '' - echo ${shell.escape host.nets."${tinc.config.netname}".tinc.config} \ - > $out/${shell.escape host.name} - '') tinc.config.hosts)} - ''; - }; - description = '' - Package of tinc host configuration files. By default, a package will - be generated from config.krebs.${tinc.config.netname}.hosts. This - option's main purpose is to expose the generated hosts package to other - modules, like config.krebs.tinc_graphs. But it can - also be used to provide a custom hosts directory. - ''; - example = literalExample '' - (pkgs.stdenv.mkDerivation { - name = "my-tinc-hosts"; - src = /home/tv/my-tinc-hosts; - installPhase = "cp -R . $out"; - }) - ''; - }; - - iproutePackage = mkOption { - type = types.package; - default = pkgs.iproute; - description = "Iproute2 package to use."; - }; - - privkey = mkOption { - type = types.secret-file; - default = { - path = "${tinc.config.user.home}/tinc.rsa_key.priv"; - owner = tinc.config.user; - source-path = toString + "/${tinc.config.netname}.rsa_key.priv"; - }; - }; - - connectTo = mkOption { - type = types.listOf types.str; - ${if tinc.config.netname == "retiolum" then "default" else null} = [ - "gum" - "ni" - "prism" - ]; - description = '' - The list of hosts in the network which the client will try to connect - to. These hosts should have an 'Address' configured which points to a - routeable IPv4 or IPv6 address. - - In stockholm this can be done by configuring: - krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.ip4.addr = external-ip - krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.tinc.port = 1655; - ''; - }; - - user = mkOption { - type = types.user; - default = { - name = tinc.config.netname; - home = "/var/lib/${tinc.config.user.name}"; - }; - }; - }; - })); - }; - - imp = { - # TODO `environment.systemPackages = [ cfg.tincPackage cfg.iproutePackage ]` for each network, - # avoid conflicts in environment if the packages differ - - krebs.secret.files = mapAttrs' (netname: cfg: - nameValuePair "${netname}.rsa_key.priv" cfg.privkey ) config.krebs.tinc; - - users.users = mapAttrs' (netname: cfg: - nameValuePair "${netname}" { - inherit (cfg.user) home name uid; - createHome = true; - } - ) config.krebs.tinc; - - systemd.services = mapAttrs (netname: cfg: - let - tinc = cfg.tincPackage; - iproute = cfg.iproutePackage; - in { - description = "Tinc daemon for ${netname}"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - requires = [ "secret.service" ]; - path = [ tinc iproute ]; - serviceConfig = rec { - Restart = "always"; - ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; - SyslogIdentifier = netname; - }; - } - ) config.krebs.tinc; - }; -in out diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix new file mode 100644 index 000000000..67d383bb1 --- /dev/null +++ b/krebs/3modules/tinc.nix @@ -0,0 +1,216 @@ +{ config, pkgs, lib, ... }: +with import ; +let + out = { + options.krebs.tinc = api; + config = imp; + }; + + api = mkOption { + default = {}; + description = '' + define a tinc network + ''; + type = with types; attrsOf (submodule (tinc: { + options = let + netname = tinc.config._module.args.name; + in { + + enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + + confDir = mkOption { + type = types.package; + default = pkgs.linkFarm "${netname}-etc-tinc" + (mapAttrsToList (name: path: { inherit name path; }) { + "hosts" = tinc.config.hostsPackage; + "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' + Name = ${tinc.config.host.name} + Interface = ${netname} + ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} + PrivateKeyFile = ${tinc.config.privkey.path} + Port = ${toString tinc.config.host.nets.${netname}.tinc.port} + ${tinc.config.extraConfig} + ''; + "tinc-up" = pkgs.writeDash "${netname}-tinc-up" '' + ${tinc.config.iproutePackage}/sbin/ip link set ${netname} up + ${tinc.config.tincUp} + ''; + }); + }; + + host = mkOption { + type = types.host; + default = config.krebs.build.host; + }; + + netname = mkOption { + type = types.enum (attrNames tinc.config.host.nets); + default = netname; + description = '' + The tinc network name. + It is used to name the TUN device and to generate the default value for + config.krebs.tinc.retiolum.hosts. + ''; + }; + + extraConfig = mkOption { + type = types.str; + default = ""; + description = '' + Extra Configuration to be appended to tinc.conf + ''; + }; + tincUp = mkOption { + type = types.string; + default = let + net = tinc.config.host.nets.${netname}; + iproute = tinc.config.iproutePackage; + in '' + ${optionalString (net.ip4 != null) /* sh */ '' + ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${netname} + ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${netname} + ''} + ${optionalString (net.ip6 != null) /* sh */ '' + ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname} + ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname} + ''} + ''; + description = '' + tinc-up script to be used. Defaults to setting the + krebs.host.nets..ip4 and ip6 for the new ips and + configures forwarding of the respecitive netmask as subnet. + ''; + }; + + tincPackage = mkOption { + type = types.package; + default = pkgs.tinc; + description = "Tincd package to use."; + }; + + hosts = mkOption { + type = with types; attrsOf host; + default = + filterAttrs (_: h: hasAttr tinc.config.netname h.nets) config.krebs.hosts; + description = '' + Hosts to generate config.krebs.tinc.retiolum.hostsPackage. + Note that these hosts must have a network named + config.krebs.tinc.retiolum.netname. + ''; + }; + + hostsArchive = mkOption { + type = types.package; + default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} '' + ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts + ${pkgs.gnutar}/bin/tar -hcjf $out hosts + ''; + readOnly = true; + }; + + hostsPackage = mkOption { + type = types.package; + default = pkgs.stdenv.mkDerivation { + name = "${tinc.config.netname}-tinc-hosts"; + phases = [ "installPhase" ]; + installPhase = '' + mkdir $out + ${concatStrings (lib.mapAttrsToList (_: host: '' + echo ${shell.escape host.nets."${tinc.config.netname}".tinc.config} \ + > $out/${shell.escape host.name} + '') tinc.config.hosts)} + ''; + }; + description = '' + Package of tinc host configuration files. By default, a package will + be generated from config.krebs.${tinc.config.netname}.hosts. This + option's main purpose is to expose the generated hosts package to other + modules, like config.krebs.tinc_graphs. But it can + also be used to provide a custom hosts directory. + ''; + example = literalExample '' + (pkgs.stdenv.mkDerivation { + name = "my-tinc-hosts"; + src = /home/tv/my-tinc-hosts; + installPhase = "cp -R . $out"; + }) + ''; + }; + + iproutePackage = mkOption { + type = types.package; + default = pkgs.iproute; + description = "Iproute2 package to use."; + }; + + privkey = mkOption { + type = types.secret-file; + default = { + path = "${tinc.config.user.home}/tinc.rsa_key.priv"; + owner = tinc.config.user; + source-path = toString + "/${tinc.config.netname}.rsa_key.priv"; + }; + }; + + connectTo = mkOption { + type = types.listOf types.str; + ${if tinc.config.netname == "retiolum" then "default" else null} = [ + "gum" + "ni" + "prism" + ]; + description = '' + The list of hosts in the network which the client will try to connect + to. These hosts should have an 'Address' configured which points to a + routeable IPv4 or IPv6 address. + + In stockholm this can be done by configuring: + krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.ip4.addr = external-ip + krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.tinc.port = 1655; + ''; + }; + + user = mkOption { + type = types.user; + default = { + name = tinc.config.netname; + home = "/var/lib/${tinc.config.user.name}"; + }; + }; + }; + })); + }; + + imp = { + # TODO `environment.systemPackages = [ cfg.tincPackage cfg.iproutePackage ]` for each network, + # avoid conflicts in environment if the packages differ + + krebs.secret.files = mapAttrs' (netname: cfg: + nameValuePair "${netname}.rsa_key.priv" cfg.privkey ) config.krebs.tinc; + + users.users = mapAttrs' (netname: cfg: + nameValuePair "${netname}" { + inherit (cfg.user) home name uid; + createHome = true; + } + ) config.krebs.tinc; + + systemd.services = mapAttrs (netname: cfg: + let + tinc = cfg.tincPackage; + iproute = cfg.iproutePackage; + in { + description = "Tinc daemon for ${netname}"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + requires = [ "secret.service" ]; + path = [ tinc iproute ]; + serviceConfig = rec { + Restart = "always"; + ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid"; + SyslogIdentifier = netname; + }; + } + ) config.krebs.tinc; + }; +in out -- cgit v1.2.3 From 0c2dc4ff66eded9f718a242bb342b366ee6c6978 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 23:19:08 +0200 Subject: tinc module: add option enableLegacy --- krebs/3modules/tinc.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 67d383bb1..8af15c13b 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -17,6 +17,7 @@ let in { enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; }; + enableLegacy = mkEnableOption "/etc/tinc/${netname}"; confDir = mkOption { type = types.package; @@ -195,6 +196,12 @@ let } ) config.krebs.tinc; + environment.etc = mapAttrs' (netname: cfg: + nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy { + source = cfg.confDir; + }) + ) config.krebs.tinc; + systemd.services = mapAttrs (netname: cfg: let tinc = cfg.tincPackage; -- cgit v1.2.3