From 68733092391f43d0fd9e04f095cdad826e2d54e8 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 2 Jan 2018 21:18:51 +0100 Subject: stockholm: {shell => cmds}.get-version --- krebs/5pkgs/simple/stockholm/default.nix | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 5705f086d..53c1ca5ba 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -92,6 +92,17 @@ -I "$target_path" ''); + cmds.get-version = pkgs.writeDash "get-version" '' + set -efu + hostname=''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)} + version=git.$(${pkgs.git}/bin/git describe --always --dirty) + case $version in (*-dirty) + version=$version@$hostname + esac + date=$(${pkgs.coreutils}/bin/date +%y.%m) + echo "$date.$version" + ''; + cmds.install = pkgs.withGetopt { force-populate = { default = /* sh */ "false"; switch = true; }; quiet = { default = /* sh */ "false"; switch = true; }; @@ -205,7 +216,7 @@ init.env = pkgs.writeText "init.env" /* sh */ '' export HOSTNAME="$(${pkgs.nettools}/bin/hostname)" - export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${shell.get-version})}" + export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${cmds.get-version})}" export quiet export system @@ -274,16 +285,6 @@ fi ''; - shell.get-version = pkgs.writeDash "stockholm.get-version" '' - set -efu - version=git.$(${pkgs.git}/bin/git describe --always --dirty) - case $version in (*-dirty) - version=$version@$HOSTNAME - esac - date=$(${pkgs.coreutils}/bin/date +%y.%m) - echo "$date.$version" - ''; - in pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link: -- cgit v1.2.3 From a9f803207243425d5c06ce82820c27a4de8af5ad Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 4 Jan 2018 00:02:21 +0100 Subject: nixpkgs: cb751f9 -> 0b30c1d --- krebs/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/source.nix b/krebs/source.nix index 8fbdce284..b952aa2a2 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -17,6 +17,6 @@ in stockholm.file = toString ; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "cb751f9b1c3fe6885f3257e69ce328f77523ad77"; # nixos-17.09 @ 2017-12-13 + ref = "0b30c1dd4c638e318957fc6a9198cf2429e38cb5"; # nixos-17.09 @ 2018-01-04 }; } -- cgit v1.2.3 From 593ca08de18e8e5a20ef23ec0ef950a5572156a9 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 4 Jan 2018 02:19:22 +0100 Subject: wolf: don't use gone save-diskspace --- krebs/1systems/wolf/config.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'krebs') diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 0b21c0b6c..9d6955e7e 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -10,7 +10,6 @@ in - -- cgit v1.2.3 From 1f85655f52ebeaf32d615aae72231c8449604b89 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 4 Jan 2018 02:40:36 +0100 Subject: tv: RIP schnabel* --- krebs/3modules/tv/default.nix | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 98145274c..ce01be5f3 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -201,24 +201,6 @@ with import ; }; }; }; - schnabeldrucker = { - external = true; - nets = { - gg23 = { - ip4.addr = "10.23.1.21"; - aliases = ["schnabeldrucker.gg23"]; - }; - }; - }; - schnabelscanner = { - external = true; - nets = { - gg23 = { - ip4.addr = "10.23.1.22"; - aliases = ["schnabelscanner.gg23"]; - }; - }; - }; wu = { ci = true; cores = 4; -- cgit v1.2.3 From a6722fd306a19678f757680da989808af5fc9973 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 15:45:27 +0100 Subject: hotdog.r: remove repo-sync --- krebs/1systems/hotdog/config.nix | 5 ----- krebs/2configs/buildbot-all.nix | 4 ---- 2 files changed, 9 deletions(-) (limited to 'krebs') diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 73b5377bd..98fb88702 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -20,10 +20,5 @@ boot.isContainer = true; networking.useDHCP = false; - krebs.repo-sync.repos.stockholm.timerConfig = { - OnBootSec = "5min"; - OnUnitInactiveSec = "2min"; - RandomizedDelaySec = "2min"; - }; krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm"; } diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix index ca994e996..5ea78f227 100644 --- a/krebs/2configs/buildbot-all.nix +++ b/krebs/2configs/buildbot-all.nix @@ -1,10 +1,6 @@ with import ; { lib, config, pkgs, ... }: { - imports = [ - - ]; - networking.firewall.allowedTCPPorts = [ 80 8010 9989 ]; krebs.ci.enable = true; krebs.ci.treeStableTimer = 1; -- cgit v1.2.3 From bd3b2a2bbd3c9b2e6dee2646a580f83b8438d03d Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Jan 2018 15:46:13 +0100 Subject: buildbot slave: don't fail on remove --- krebs/3modules/buildbot/slave.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index 0af553c5d..fba585448 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -161,7 +161,7 @@ let ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux #remove garbage from old versions - rm -r ${workdir} + rm -rf ${workdir} mkdir -p ${workdir}/info cp ${buildbot-slave-init} ${workdir}/buildbot.tac echo ${contact} > ${workdir}/info/admin -- cgit v1.2.3 From 9da4f1242ad782a54b524f6c470cfe82be4a63b4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 20:49:58 +0100 Subject: pkgs.internetarchive: fix build --- krebs/5pkgs/simple/internetarchive/default.nix | 33 +++++++++++++------------- 1 file changed, 17 insertions(+), 16 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/internetarchive/default.nix b/krebs/5pkgs/simple/internetarchive/default.nix index f5e1bbff3..2f55e6f42 100644 --- a/krebs/5pkgs/simple/internetarchive/default.nix +++ b/krebs/5pkgs/simple/internetarchive/default.nix @@ -1,38 +1,39 @@ -{ pkgs, fetchFromGitHub, ... }: +{ stdenv, pkgs, fetchPypi, ... }: with pkgs.python3Packages; buildPythonPackage rec { pname = "internetarchive"; version = "1.7.3"; name = "${pname}-${version}"; + + src = fetchPypi { + inherit pname version; + sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g"; + }; + propagatedBuildInputs = [ requests - jsonpatch - docopt - clint - six - schema - backports_csv + jsonpatch + docopt + clint + six + schema + backports_csv ]; -# check only works when cloned from git repo + # check only works when cloned from git repo doCheck = false; + checkInputs = [ pytest - responses + responses ]; prePatch = '' sed -i "s/'schema.*'/'schema>=0.4.0'/" setup.py - ''; - - src = fetchPypi { - inherit pname version; - sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g"; - }; + ''; meta = with stdenv.lib; { description = "python library and cli for uploading files to internet archive"; license = licenses.agpl3; }; - } -- cgit v1.2.3 From 05c6e0b86c3cc59662d8daf26e81127a18a96a50 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 8 Jan 2018 09:14:48 +0100 Subject: pkgs.internetarchive: remove fetchPypi, coming from python3Packages --- krebs/5pkgs/simple/internetarchive/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/internetarchive/default.nix b/krebs/5pkgs/simple/internetarchive/default.nix index 2f55e6f42..3c83093be 100644 --- a/krebs/5pkgs/simple/internetarchive/default.nix +++ b/krebs/5pkgs/simple/internetarchive/default.nix @@ -1,4 +1,4 @@ -{ stdenv, pkgs, fetchPypi, ... }: +{ stdenv, pkgs, ... }: with pkgs.python3Packages; buildPythonPackage rec { pname = "internetarchive"; -- cgit v1.2.3 From bcfbd293602d3ca28f43c930077f659125690b2d Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 9 Jan 2018 05:28:54 +0100 Subject: tv: add SPF record --- krebs/3modules/tv/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index ce01be5f3..cc09313f7 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -122,6 +122,7 @@ with import ; cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} krebsco.de. 60 IN MX 5 ni + krebsco.de. 60 IN TXT v=spf1 mx -all ''; }; nets = { -- cgit v1.2.3 From 33882a3c88392c2d4afe771f13551cafabce0179 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 9 Jan 2018 19:08:20 +0100 Subject: nin: .retiolum -> .r --- krebs/3modules/nin/default.nix | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix index 1a0999b8d..1531a2c89 100644 --- a/krebs/3modules/nin/default.nix +++ b/krebs/3modules/nin/default.nix @@ -14,7 +14,6 @@ with import ; ip4.addr = "10.243.132.96"; ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342"; aliases = [ - "hiawatha.retiolum" "hiawatha.r" ]; tinc.pubkey = '' @@ -39,7 +38,6 @@ with import ; ip4.addr = "10.243.134.66"; ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379"; aliases = [ - "axon.retiolum" "axon.r" ]; tinc.pubkey = '' @@ -80,10 +78,8 @@ with import ; ip4.addr = "10.243.132.55"; ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357"; aliases = [ - "onondaga.retiolum" "onondaga.r" "cgit.onondaga.r" - "cgit.onondaga.retiolum" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -104,11 +100,11 @@ with import ; }; users = { nin = { - mail = "nin@axon.retiolum"; + mail = "nin@axon.r"; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon"; }; nin_h = { - mail = "nin@hiawatha.retiolum"; + mail = "nin@hiawatha.r"; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha"; }; }; -- cgit v1.2.3 From 39f611a0d85319c998c7245fdc379e0c0ea28f41 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 9 Jan 2018 19:09:15 +0100 Subject: ircd: .retiolum -> .r --- krebs/2configs/ircd.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index b534f9ad4..962dbf49c 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -12,10 +12,10 @@ ''; config = '' serverinfo { - name = "${config.krebs.build.host.name}.irc.retiolum"; + name = "${config.krebs.build.host.name}.irc.r"; sid = "1as"; description = "miep!"; - network_name = "irc.retiolum"; + network_name = "irc.r"; hub = yes; vhost = "0.0.0.0"; -- cgit v1.2.3 From 26c4dfbdfc7c484e49717426ea1516d559a8ac61 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 Jan 2018 21:40:39 +0100 Subject: infest prepare: add hetzner_rescue support --- krebs/4lib/infest/prepare.sh | 82 ++++++++++++++++++++++++++++++++------------ 1 file changed, 61 insertions(+), 21 deletions(-) (limited to 'krebs') diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh index ccfc4f49b..4179d8294 100644 --- a/krebs/4lib/infest/prepare.sh +++ b/krebs/4lib/infest/prepare.sh @@ -21,6 +21,10 @@ prepare() {( esac ;; debian) + if grep -Fq Hetzner /etc/motd; then + prepare_hetzner_rescue "$@" + exit + fi case $VERSION_ID in 7) prepare_debian "$@" @@ -72,7 +76,7 @@ prepare_debian() { type bzip2 2>/dev/null || apt-get install bzip2 type git 2>/dev/null || apt-get install git type rsync 2>/dev/null || apt-get install rsync - type curl 2>/dev/null || apt-get install curl + type curl 2>/dev/null || apt-get install curl prepare_common } @@ -94,6 +98,31 @@ prepare_nixos_iso() { sed -i "s@NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install } +prepare_hetzner_rescue() { + mountpoint /mnt + + type bzip2 2>/dev/null || apt-get install bzip2 + type git 2>/dev/null || apt-get install git + type rsync 2>/dev/null || apt-get install rsync + type curl 2>/dev/null || apt-get install curl + + mkdir -p /mnt/"$target_path" + mkdir -p "$target_path" + + if ! mountpoint "$target_path"; then + mount --rbind /mnt/"$target_path" "$target_path" + fi + + mkdir -p bin + rm -f bin/nixos-install + cp "$(type -p nixos-install)" bin/nixos-install + sed -i "s@NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install + + _prepare_nix_users + _prepare_nix + _prepare_nixos_install +} + get_nixos_install() { echo "installing nixos-install" 2>&1 c=$(mktemp) @@ -107,24 +136,10 @@ EOF nix-env -i -A config.system.build.nixos-install -f "" rm -v $c } + prepare_common() {( - if ! getent group nixbld >/dev/null; then - groupadd -g 30000 -r nixbld - fi - for i in `seq 1 10`; do - if ! getent passwd nixbld$i 2>/dev/null; then - useradd \ - -d /var/empty \ - -g 30000 \ - -G 30000 \ - -l \ - -M \ - -s /sbin/nologin \ - -u $(expr 30000 + $i) \ - nixbld$i - fi - done + _prepare_nix_users # # mount install directory @@ -173,10 +188,12 @@ prepare_common() {( mount --bind /nix /mnt/nix fi - # - # install nix - # + _prepare_nix + + _prepare_nixos_install +)} +_prepare_nix() {( # install nix on host (cf. https://nixos.org/nix/install) if ! test -e /root/.nix-profile/etc/profile.d/nix.sh; then ( @@ -201,8 +218,31 @@ prepare_common() {( if ! mountpoint "$target_path"; then mount --rbind /mnt/"$target_path" "$target_path" fi +)} + +_prepare_nix_users() {( + if ! getent group nixbld >/dev/null; then + groupadd -g 30000 -r nixbld + fi + for i in `seq 1 10`; do + if ! getent passwd nixbld$i 2>/dev/null; then + useradd \ + -d /var/empty \ + -g 30000 \ + -G 30000 \ + -l \ + -M \ + -s /sbin/nologin \ + -u $(expr 30000 + $i) \ + nixbld$i + fi + done +)} + +_prepare_nixos_install() { get_nixos_install + mkdir -p bin rm -f bin/nixos-install cp "$(type -p nixos-install)" bin/nixos-install @@ -212,6 +252,6 @@ prepare_common() {( echo '. /root/.nix-profile/etc/profile.d/nix.sh' >> .bashrc echo 'PATH=$HOME/bin:$PATH #krebs' >> .bashrc fi -)} +} prepare "$@" -- cgit v1.2.3 From f4a23ea078c385fd3f9bfe23f935cd6886d4571d Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 9 Jan 2018 22:04:02 +0100 Subject: infest prepare: add _which --- krebs/4lib/infest/prepare.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh index 4179d8294..ee5f334c7 100644 --- a/krebs/4lib/infest/prepare.sh +++ b/krebs/4lib/infest/prepare.sh @@ -94,11 +94,14 @@ prepare_nixos_iso() { mkdir -p bin rm -f bin/nixos-install - cp "$(type -p nixos-install)" bin/nixos-install + cp "$(_which nixos-install)" bin/nixos-install sed -i "s@NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install } prepare_hetzner_rescue() { + _which() ( + which "$1" + ) mountpoint /mnt type bzip2 2>/dev/null || apt-get install bzip2 @@ -138,6 +141,9 @@ EOF } prepare_common() {( + _which() ( + type -p "$1" + ) _prepare_nix_users @@ -245,7 +251,7 @@ _prepare_nixos_install() { mkdir -p bin rm -f bin/nixos-install - cp "$(type -p nixos-install)" bin/nixos-install + cp "$(_which nixos-install)" bin/nixos-install sed -i "s@NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install if ! grep -q '^PATH.*#krebs' .bashrc; then -- cgit v1.2.3 From 4c0e2b269f6f2df9725cca59e151f6c39b593fdb Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 9 Jan 2018 22:06:16 +0100 Subject: infest prepare: remove duplicated code --- krebs/4lib/infest/prepare.sh | 5 ----- 1 file changed, 5 deletions(-) (limited to 'krebs') diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh index ee5f334c7..ff1ab1fb7 100644 --- a/krebs/4lib/infest/prepare.sh +++ b/krebs/4lib/infest/prepare.sh @@ -116,11 +116,6 @@ prepare_hetzner_rescue() { mount --rbind /mnt/"$target_path" "$target_path" fi - mkdir -p bin - rm -f bin/nixos-install - cp "$(type -p nixos-install)" bin/nixos-install - sed -i "s@NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install - _prepare_nix_users _prepare_nix _prepare_nixos_install -- cgit v1.2.3 From 794e4fe21b9d0841f80ecab184716fbf88328aed Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 9 Jan 2018 22:07:04 +0100 Subject: infest prepare: no subshell for _prepare* --- krebs/4lib/infest/prepare.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh index ff1ab1fb7..78c1c6ec1 100644 --- a/krebs/4lib/infest/prepare.sh +++ b/krebs/4lib/infest/prepare.sh @@ -194,7 +194,7 @@ prepare_common() {( _prepare_nixos_install )} -_prepare_nix() {( +_prepare_nix() { # install nix on host (cf. https://nixos.org/nix/install) if ! test -e /root/.nix-profile/etc/profile.d/nix.sh; then ( @@ -219,9 +219,9 @@ _prepare_nix() {( if ! mountpoint "$target_path"; then mount --rbind /mnt/"$target_path" "$target_path" fi -)} +} -_prepare_nix_users() {( +_prepare_nix_users() { if ! getent group nixbld >/dev/null; then groupadd -g 30000 -r nixbld fi @@ -238,7 +238,7 @@ _prepare_nix_users() {( nixbld$i fi done -)} +} _prepare_nixos_install() { -- cgit v1.2.3 From cc51c5f7db21749b87b0db096087b7e7447a8f0a Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 10 Jan 2018 00:04:07 +0100 Subject: ma photostore.krebsco.de: init on gum.r also init the application server and config --- krebs/3modules/makefu/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 9f1842b88..56e5c6b82 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -541,6 +541,7 @@ with import ; graph IN A ${nets.internet.ip4.addr} ghook IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} + photostore IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. ''; }; -- cgit v1.2.3 From 547812c8efd0bffa73529ab1b864cc871a8ca6d7 Mon Sep 17 00:00:00 2001 From: jeschli Date: Wed, 10 Jan 2018 15:09:21 +0100 Subject: jeschli: +enklave.r --- krebs/3modules/jeschli/default.nix | 46 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index 0d161e1c8..c7e882742 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -118,6 +118,52 @@ with import ; }; }; }; + enklave = { + nets = rec { + internet = { + ip4.addr = "88.198.164.182"; + aliases = [ + "enklave.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.27.30"; + ip6.addr = "42::30"; + aliases = [ + "enklave.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIID8gKCA+kAt8zRg/g0jRmqXn6rVul/tdjWtLPcu0aTjNJ5OYZh50i7WqWllGVz + +FfJicuq/Xd1l5qrgUN7MD+Wrfeov+G9lzSgacfPhXMujutXxX3JwW/9f7UN+yoN + Sw29Zj+NWb45HyI5WVwMQ332KbKjNcWdTRe+O39oE6bZWg54oEeZOad2UJ7/83sB + yNEV/B7bJ0+X9HR8XCKrHI/RkjixNauMDlquGzoVyqLKIWwUnBl9CwtNBCYHbvYD + G1rWeCewd9Z6KsqcKSePfa4mn5eOluWcXmbrD/sx8oII40oNUs3kI7a2HExB2Yle + P9Q5MQrXRZfI3bdrh1aHieBodZLtosHPNuJIpo8ZaCX88WLhGR3nhJa1vvM1vNwd + TSSAdobdZUcuIQJKnVxwP4rXQAKPkN2+ddy+tXCGvfFAsdGKDbgPy4FgT+Ed28vg + 3W0fef/3sDNGPY1VAa58/pLz9Un3kNJKUjt00tWamo8daU/3mxZs83nIqDHLq86l + 1+wCl37l+KHe7pUVZ3smoezPRCMoUThmc7VzupbQG+piiSSyiYQi0CuBusa44t76 + 1lMr3pOdRBBAoetZ745ZZVx8s+eYk+C1BmQbLJAfzQ9sbH3LAwXpuAH70mtrFqWl + C3LF89/5mZRbFxALZv9cVx3LqIZDjwpKlwPWorZwo14L+eAagdPCcnVNo6ZcVow2 + mAdNnf7C33fvRsU+rUEIZVPsBHZfAv+f0jqQ65TMvl32VZ0FlxxahSZSj64n8iwr + Z+DOxKA9OcAaTrHQReYLpWUfNceVDLfOmQLeih8hNgClgqPgYJP/OtN+ox3NP6ZX + +Gkx9HO7a+agtyJxjh3NYbT/NkRW8HcjW8KgRN7jlE9sQi5/FoxKQOUdHmLTvjdk + YJXqdPWMYHj2xt4A8x2nzl/si6lwDsod+zdY5RGSdYhoybEOs4wZZIuArmm8GP+C + IbtgutknAuqvm2FOxyWCbLFTimgqC5BgrNUsXFJJLsHQ3bWFJtVpJlSa5Y0iypCP + Yr/cefbDrGfs3eCy7FlYDIkCcH06FPm1LTs6USisrtKFObRQN+zPSPln9FysNmpH + h0YUhrWdTO+wN78K5gc4ALPNUlyqmH61h8jS2qSdrRZLcZWIi4K4banG6EJcWRvV + kaVxghY1i/Z9x43bZRpBPvpM462IDx08vYX9AcFmF7JfjAXPwJO/EqZVsY1YPDzO + vdXWrtTORO8R8Pjq3X952yNqgHBcJQh7Q9TBcj+XBtkidOSnTt3Sp/RumsucUW19 + 0wMempDPiCOAadLmR4cW5XL1ednXurkd+5gHCmB1Sl7FueP5dgLB/mhXjmITE3zH + aQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + + }; users = { jeschli = { -- cgit v1.2.3