From 7adf24631f14409208376f5554c31db73e4af0c8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 20:42:12 +0200 Subject: l nixpkgs: d151161 -> 670b4e2 (17.09) --- lass/source.nix | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index 01631bef1..5155a272c 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -9,13 +9,8 @@ in { nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { - url = http://cgit.lassul.us/nixpkgs; - # nixos-17.03 - # + copytoram: - # 87a4615 & 334ac4f - # + acme permissions for groups - # fd7a8f1 - ref = "d151161"; + url = https://github.com/nixos/nixpkgs; + ref = "670b4e2"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From c0a4063c2d183ecf1cf7a1dc4e1a35f1f1be0733 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Sep 2017 21:13:53 +0200 Subject: l bepasty: forceSSL conflicts with enableSSL --- lass/2configs/bepasty.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix index b2d40d4f3..43647892f 100644 --- a/lass/2configs/bepasty.nix +++ b/lass/2configs/bepasty.nix @@ -31,7 +31,6 @@ in { } // genAttrs ext-doms (ext-dom: { nginx = { - enableSSL = true; forceSSL = true; enableACME = true; }; -- cgit v1.2.3 From f1908e0fa546bde76a95d3da20521d6170cd08f8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 18:06:27 +0200 Subject: l nixpkgs: 670b4e2 -> 5ac8389 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index 5155a272c..6a6fff9b5 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "670b4e2"; + ref = "5ac8389"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 543291b53368c6124c9095e7227cd5176cb3fe65 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 18:39:38 +0200 Subject: l authorized lass-android for weechat --- lass/1systems/archprism/config.nix | 5 ----- lass/2configs/weechat.nix | 9 +++++---- 2 files changed, 5 insertions(+), 9 deletions(-) (limited to 'lass') diff --git a/lass/1systems/archprism/config.nix b/lass/1systems/archprism/config.nix index 69a0476fb..6411c423d 100644 --- a/lass/1systems/archprism/config.nix +++ b/lass/1systems/archprism/config.nix @@ -156,11 +156,6 @@ in { { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} ]; } - { - users.users.chat.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjesiOnhpT9XgWZqw/64M5lVQg3q0k22BtMyCv+33sGX8VmfTyD11GuwSjNGf5WiswKLqFvYBQsHfDDtS3k0ZNTDncGw3Pbilm6QoCuHEyDPaQYin0P+JmkocrL/6QF5uhZVFnsXCH5wntwOa00VFGwpMgQYSfRlReRx42Pu9Jk+iJduZMRBbOMvJI68Z7iJ4DgW/1U9J4MQdCsk7QlFgUstQQfV1zk4VfVfXuxDP3hjx6Q05nDChjpmzJbFunzb7aiy/1/Sl0QhROTpvxrQLksg7yYLw4BRs9ptjehX45A2Sxi8WKOb/g5u3xJNy0X07rE+N+o5v2hS7wF0DLQdK5+4TGtO+Y+ABUCqqA+T1ynAjNBWvsgY5uD4PZjuPgCMSw0JBmIy/P0THi3v5/8Cohvfnspl7Jpf80qENMu3unvvE9EePzgSRZY1PvDjPQfkWy0yBX1yQMhHuVGke9QgaletitwuahRujml37waeUuOl8Rpz+2iV+6OIS4tfO368uLFHKWbobXTbTDXODBgxZ/IyvO7vxM2uDX/kIWaeYKrip3nSyWBYnixwrcS4vm6ZQcoejwp2KCfGQwIE4MnGYRlwcOEYjvyjLkZHDiZEivUQ0rThMYBzec8bQ08QW8oxF+NXkFKG3awt3f7TKTRkYqQcOMpFKmV24KDiwgwm0miQ== JuiceSSH" - ]; - } { time.timeZone = "Europe/Berlin"; } diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 1e5f2d177..4b6445619 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -13,10 +13,11 @@ in { uid = genid "chat"; useDefaultShell = true; createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - config.krebs.users.lass-shodan.pubkey - config.krebs.users.lass-icarus.pubkey + openssh.authorizedKeys.keys = with config.krebs.users; [ + lass.pubkey + lass-shodan.pubkey + lass-icarus.pubkey + lass-android.pubkey ]; }; -- cgit v1.2.3 From ea793ecf797f82dce0b70d0eb5b268f5326ba79b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 11:45:25 +0200 Subject: Revert "l nixpkgs: 670b4e2 -> 5ac8389" This reverts commit f1908e0fa546bde76a95d3da20521d6170cd08f8. --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index 6a6fff9b5..5155a272c 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "5ac8389"; + ref = "670b4e2"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From d3b17d180642d3a344495468c27355f6a7521d42 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 17:57:24 +0200 Subject: l nixpkgs: 670b4e2 -> b61d084 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index 5155a272c..c6dc127cb 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "670b4e2"; + ref = "b61d084"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 2ad003037417f90c04df833a2ad27fd5a52c754e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:38:28 +0200 Subject: l ejabberd: RIP --- lass/5pkgs/default.nix | 3 --- lass/5pkgs/ejabberd/default.nix | 28 ---------------------------- 2 files changed, 31 deletions(-) delete mode 100644 lass/5pkgs/ejabberd/default.nix (limited to 'lass') diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 46633ba1a..d04833255 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -4,9 +4,6 @@ nixpkgs.config.packageOverrides = rec { acronym = pkgs.callPackage ./acronym/default.nix {}; dpass = pkgs.callPackage ./dpass {}; - ejabberd = pkgs.callPackage ./ejabberd { - erlang = pkgs.erlangR16; - }; firefoxPlugins = { noscript = pkgs.callPackage ./firefoxPlugins/noscript.nix {}; ublock = pkgs.callPackage ./firefoxPlugins/ublock.nix {}; diff --git a/lass/5pkgs/ejabberd/default.nix b/lass/5pkgs/ejabberd/default.nix deleted file mode 100644 index 3a77c5cd1..000000000 --- a/lass/5pkgs/ejabberd/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{stdenv, fetchurl, expat, erlang, zlib, openssl, pam, lib}: - -stdenv.mkDerivation rec { - version = "2.1.13"; - name = "ejabberd-${version}"; - src = fetchurl { - url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz"; - sha256 = "0vf8mfrx7vr3c5h3nfp3qcgwf2kmzq20rjv1h9sk3nimwir1q3d8"; - }; - buildInputs = [ expat erlang zlib openssl pam ]; - patchPhase = '' - sed -i \ - -e "s|erl \\\|${erlang}/bin/erl \\\|" \ - -e 's|EXEC_CMD=\"sh -c\"|EXEC_CMD=\"${stdenv.shell} -c\"|' \ - src/ejabberdctl.template - ''; - preConfigure = '' - cd src - ''; - configureFlags = ["--enable-pam"]; - - meta = { - description = "Open-source XMPP application server written in Erlang"; - license = stdenv.lib.licenses.gpl2; - homepage = http://www.ejabberd.im; - maintainers = [ lib.maintainers.sander ]; - }; -} -- cgit v1.2.3 From 5ab273b5364a35fed96473e4290147940425c6b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:45:28 +0200 Subject: l wine: pkgs.wineFull -> pkgs.wine --- lass/2configs/wine.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 2444d32d3..0d2b731ca 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -5,7 +5,7 @@ let in { krebs.per-user.wine.packages = with pkgs; [ - wineFull + wine #(wineFull.override { wineBuild = "wine64"; }) ]; users.users= { -- cgit v1.2.3 From 336f4315d9364407f209d5789423dfe8831e4caf Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:50:19 +0200 Subject: l prism.r: track nginx changes --- lass/1systems/prism/config.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 5b3091a39..8e44b113b 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -115,7 +115,12 @@ in { }; services.nginx.virtualHosts."hackerfleet.de-s" = { serverName = "hackerfleet.de"; - port = 443; + listen = [ + { + addr = "0.0.0.0"; + port = 443; + } + ]; serverAliases = [ "*.hackerfleet.de" ]; -- cgit v1.2.3 From 32d9ba480b4797baf4ccdc015685f9ea472f036f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 11:11:40 +0200 Subject: l nixpkgs: b61d084 -> 07ca7b6 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/source.nix b/lass/source.nix index c6dc127cb..296a20417 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "b61d084"; + ref = "07ca7b6"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 958e86fadf2a2ca2901e7bd5fd8a0fcc16cbe103 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 11:38:11 +0200 Subject: l copyq: fix startup --- lass/2configs/copyq.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index b255254f2..fa01a99c9 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -25,12 +25,15 @@ in { environment = { DISPLAY = ":0"; }; + path = with pkgs; [ + qt5.full + ]; serviceConfig = { SyslogIdentifier = "copyq"; ExecStart = "${pkgs.copyq}/bin/copyq"; ExecStartPost = copyqConfig; Restart = "always"; - RestartSec = "2s"; + RestartSec = "15s"; StartLimitBurst = 0; User = "lass"; }; -- cgit v1.2.3 From c54d84b9efe01a7f4f8837b2308b7e2d61f1926f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 13:43:13 +0200 Subject: l sqlBackup: set mysql.dataDir to /var/mysql --- lass/2configs/websites/sqlBackup.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix index 7cb4b320e..2fffa6cc9 100644 --- a/lass/2configs/websites/sqlBackup.nix +++ b/lass/2configs/websites/sqlBackup.nix @@ -3,12 +3,13 @@ { krebs.secret.files.mysql_rootPassword = { path = "${config.services.mysql.dataDir}/mysql_rootPassword"; - owner.name = "root"; + owner.name = "mysql"; source-path = toString + "/mysql_rootPassword"; }; services.mysql = { enable = true; + dataDir = "/var/mysql"; package = pkgs.mariadb; rootPassword = config.krebs.secret.files.mysql_rootPassword.path; }; -- cgit v1.2.3 From c37c047ee6c080f7d76f2e19269162615a9aacfb Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 13:43:31 +0200 Subject: l weechat: open mosh port --- lass/2configs/weechat.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lass') diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 4b6445619..d5496ac09 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -21,6 +21,11 @@ in { ]; }; + # mosh + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} + ]; + #systemd.services.chat = { # description = "chat environment setup"; # after = [ "network.target" ]; -- cgit v1.2.3