From 468f294635523a39eaf1a6794571948066b63a1c Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 17 Feb 2016 17:23:19 +0100
Subject: tv im: init
---
tv/2configs/im.nix | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
create mode 100644 tv/2configs/im.nix
(limited to 'tv/2configs')
diff --git a/tv/2configs/im.nix b/tv/2configs/im.nix
new file mode 100644
index 000000000..db1be7f0b
--- /dev/null
+++ b/tv/2configs/im.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+with config.krebs.lib;
+{
+ environment.systemPackages = with pkgs; [
+ (pkgs.writeDashBin "im" ''
+ export PATH=${makeSearchPath "bin" (with pkgs; [
+ tmux
+ gnugrep
+ weechat
+ ])}
+ if tmux list-sessions -F\#S | grep -q '^im''$'; then
+ exec tmux attach -t im
+ else
+ exec tmux new -s im weechat
+ fi
+ '')
+ ];
+ services.bitlbee = {
+ enable = true;
+ plugins = [
+ pkgs.bitlbee-facebook
+ ];
+ };
+}
--
cgit v1.2.3
From d71a8863ac10f34bfe30f950f32bbf57427e2ca7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 17 Feb 2016 17:30:39 +0100
Subject: tv krebs.backup.plans.nomic-home-xu: init
---
tv/2configs/backup.nix | 12 ++++++++++++
1 file changed, 12 insertions(+)
(limited to 'tv/2configs')
diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix
index 641e2d586..decd8b286 100644
--- a/tv/2configs/backup.nix
+++ b/tv/2configs/backup.nix
@@ -2,6 +2,18 @@
with config.krebs.lib;
{
krebs.backup.plans = {
+ nomic-home-xu = {
+ method = "push";
+ src = { host = config.krebs.hosts.nomic; path = "/home"; };
+ dst = { host = config.krebs.hosts.xu; path = "/bku/nomic-home"; };
+ startAt = "05:00";
+ snapshots = {
+ daily = { format = "%Y-%m-%d"; retain = 7; };
+ weekly = { format = "%YW%W"; retain = 4; };
+ monthly = { format = "%Y-%m"; retain = 12; };
+ yearly = { format = "%Y"; };
+ };
+ };
wu-home-xu = {
method = "push";
src = { host = config.krebs.hosts.wu; path = "/home"; };
--
cgit v1.2.3
From 38cc636c8c1b8d95579ad9a980b29b494f383779 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 17 Feb 2016 22:28:02 +0100
Subject: tv sudo: !lecture
---
tv/2configs/default.nix | 1 +
1 file changed, 1 insertion(+)
(limited to 'tv/2configs')
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index c4a2d6baa..13699a3d5 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -50,6 +50,7 @@ with config.krebs.lib;
{
security.sudo.extraConfig = ''
Defaults mailto="${config.krebs.users.tv.mail}"
+ Defaults !lecture
'';
time.timeZone = "Europe/Berlin";
}
--
cgit v1.2.3
From f5d0b2a4020b3bd5150f9861fb27a7faaddbd0b9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 17 Feb 2016 23:23:13 +0100
Subject: xu-qemu0: disable systemd-networkd-wait-online
---
tv/2configs/xu-qemu0.nix | 2 ++
1 file changed, 2 insertions(+)
(limited to 'tv/2configs')
diff --git a/tv/2configs/xu-qemu0.nix b/tv/2configs/xu-qemu0.nix
index 720a8acd8..2b67a8b84 100644
--- a/tv/2configs/xu-qemu0.nix
+++ b/tv/2configs/xu-qemu0.nix
@@ -27,6 +27,8 @@ with config.krebs.lib;
networking.dhcpcd.denyInterfaces = [ "qemubr0" ];
systemd.network.enable = true;
+ systemd.services.systemd-networkd-wait-online.enable = false;
+
services.resolved.enable = mkForce false;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
--
cgit v1.2.3
From 970eed274818cb49517fa5ef8b39a30d99302f1e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 17 Feb 2016 23:35:25 +0100
Subject: tv man: init
---
tv/2configs/man.nix | 7 +++++++
1 file changed, 7 insertions(+)
create mode 100644 tv/2configs/man.nix
(limited to 'tv/2configs')
diff --git a/tv/2configs/man.nix b/tv/2configs/man.nix
new file mode 100644
index 000000000..686e574fc
--- /dev/null
+++ b/tv/2configs/man.nix
@@ -0,0 +1,7 @@
+{ config, lib, pkgs, ... }:
+{
+ environment.systemPackages = with pkgs; [
+ manpages
+ posix_man_pages
+ ];
+}
--
cgit v1.2.3
From f7d6e2043184401f7007b248fbe3af66b2752351 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 17 Feb 2016 23:35:43 +0100
Subject: tv man: inhibit warning break
---
tv/2configs/man.nix | 5 +++++
1 file changed, 5 insertions(+)
(limited to 'tv/2configs')
diff --git a/tv/2configs/man.nix b/tv/2configs/man.nix
index 686e574fc..a84e60b73 100644
--- a/tv/2configs/man.nix
+++ b/tv/2configs/man.nix
@@ -1,5 +1,10 @@
{ config, lib, pkgs, ... }:
{
+ environment.etc."man.conf".source = pkgs.runCommand "man.conf" {} ''
+ ${pkgs.gnused}/bin/sed <${pkgs.man}/lib/man.conf >$out '
+ s:^NROFF\t.*:& -Wbreak:
+ '
+ '';
environment.systemPackages = with pkgs; [
manpages
posix_man_pages
--
cgit v1.2.3
From 7f1abe50ce0989d96c3d275a4d0481962848714f Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 18 Feb 2016 00:50:10 +0100
Subject: xu-qemu0 host: setup iptables
---
tv/2configs/xu-qemu0.nix | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
(limited to 'tv/2configs')
diff --git a/tv/2configs/xu-qemu0.nix b/tv/2configs/xu-qemu0.nix
index 2b67a8b84..5be4899c8 100644
--- a/tv/2configs/xu-qemu0.nix
+++ b/tv/2configs/xu-qemu0.nix
@@ -15,17 +15,23 @@ in
#
# make [install] system=xu-qemu0 target_host=10.56.0.101
-# TODO iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-# TODO iptables -A FORWARD -i qemubr0 -s 10.56.0.1/24 -m conntrack --ctstate NEW -j ACCEPT
-# TODO iptables -A POSTROUTING -t nat -j MASQUERADE
-# TODO iptables -A INPUT -i qemubr0 -p udp -m udp --dport bootps -j ACCEPT
-# TODO iptables -A INPUT -i qemubr0 -p udp -m udp --dport domain -j ACCEPT
-
with config.krebs.lib;
{
networking.dhcpcd.denyInterfaces = [ "qemubr0" ];
+ tv.iptables.extra = {
+ nat.POSTROUTING = ["-j MASQUERADE"];
+ filter.FORWARD = [
+ "-m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT"
+ "-i qemubr0 -s 10.56.0.1/24 -m conntrack --ctstate NEW -j ACCEPT"
+ ];
+ filter.INPUT = [
+ "-i qemubr0 -p udp -m udp --dport bootps -j ACCEPT"
+ "-i qemubr0 -p udp -m udp --dport domain -j ACCEPT"
+ ];
+ };
+
systemd.network.enable = true;
systemd.services.systemd-networkd-wait-online.enable = false;
--
cgit v1.2.3
From db6342f58c534bd2ce631fd81d6956cdd8fe4637 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 18 Feb 2016 02:55:46 +0100
Subject: tv: init backup plans xu-pull-cd-{ejabberd,home}
---
tv/2configs/backup.nix | 38 ++++++++++++++++++++------------------
1 file changed, 20 insertions(+), 18 deletions(-)
(limited to 'tv/2configs')
diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix
index decd8b286..b5512662f 100644
--- a/tv/2configs/backup.nix
+++ b/tv/2configs/backup.nix
@@ -2,41 +2,43 @@
with config.krebs.lib;
{
krebs.backup.plans = {
+ } // mapAttrs (_: recursiveUpdate {
+ snapshots = {
+ daily = { format = "%Y-%m-%d"; retain = 7; };
+ weekly = { format = "%YW%W"; retain = 4; };
+ monthly = { format = "%Y-%m"; retain = 12; };
+ yearly = { format = "%Y"; };
+ };
+ }) {
nomic-home-xu = {
method = "push";
src = { host = config.krebs.hosts.nomic; path = "/home"; };
dst = { host = config.krebs.hosts.xu; path = "/bku/nomic-home"; };
startAt = "05:00";
- snapshots = {
- daily = { format = "%Y-%m-%d"; retain = 7; };
- weekly = { format = "%YW%W"; retain = 4; };
- monthly = { format = "%Y-%m"; retain = 12; };
- yearly = { format = "%Y"; };
- };
};
wu-home-xu = {
method = "push";
src = { host = config.krebs.hosts.wu; path = "/home"; };
dst = { host = config.krebs.hosts.xu; path = "/bku/wu-home"; };
startAt = "05:00";
- snapshots = {
- daily = { format = "%Y-%m-%d"; retain = 7; };
- weekly = { format = "%YW%W"; retain = 4; };
- monthly = { format = "%Y-%m"; retain = 12; };
- yearly = { format = "%Y"; };
- };
};
xu-home-wu = {
method = "push";
src = { host = config.krebs.hosts.xu; path = "/home"; };
dst = { host = config.krebs.hosts.wu; path = "/bku/xu-home"; };
startAt = "06:00";
- snapshots = {
- daily = { format = "%Y-%m-%d"; retain = 7; };
- weekly = { format = "%YW%W"; retain = 4; };
- monthly = { format = "%Y-%m"; retain = 12; };
- yearly = { format = "%Y"; };
- };
+ };
+ xu-pull-cd-ejabberd = {
+ method = "pull";
+ src = { host = config.krebs.hosts.cd; path = "/var/ejabberd"; };
+ dst = { host = config.krebs.hosts.xu; path = "/bku/cd-ejabberd"; };
+ startAt = "07:00";
+ };
+ xu-pull-cd-home = {
+ method = "pull";
+ src = { host = config.krebs.hosts.cd; path = "/home"; };
+ dst = { host = config.krebs.hosts.xu; path = "/bku/cd-home"; };
+ startAt = "07:00";
};
} // mapAttrs (_: recursiveUpdate {
snapshots = {
--
cgit v1.2.3
From ffc47bf80d521635021b3f7a0122092708ebd2bf Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 18 Feb 2016 14:14:30 +0100
Subject: tv urlwatch: filter pypi/vncdotool/json through jq
---
tv/2configs/urlwatch.nix | 41 ++++++++++++++++++++++++++++++++++++++---
1 file changed, 38 insertions(+), 3 deletions(-)
(limited to 'tv/2configs')
diff --git a/tv/2configs/urlwatch.nix b/tv/2configs/urlwatch.nix
index 0106cddf7..51b53230b 100644
--- a/tv/2configs/urlwatch.nix
+++ b/tv/2configs/urlwatch.nix
@@ -1,5 +1,5 @@
-{ config, ... }:
-
+{ config, pkgs, ... }:
+with config.krebs.lib;
{
krebs.urlwatch = {
enable = true;
@@ -52,8 +52,43 @@
# is derived from `configFile` in:
https://raw.githubusercontent.com/NixOS/nixpkgs/master/nixos/modules/services/x11/xserver.nix
- https://pypi.python.org/pypi/vncdotool
+ {
+ url = https://pypi.python.org/pypi/vncdotool/json;
+ filter = "system:${pkgs.jq}/bin/jq -r '.releases|keys[]'";
+ }
https://api.github.com/repos/kanaka/noVNC/tags
];
+ hooksFile = toFile "hooks.py" ''
+ import subprocess
+ import urlwatch
+
+ class CaseFilter(urlwatch.filters.FilterBase):
+ """Filter for piping data through an external process"""
+
+ __kind__ = 'system'
+
+ def filter(self, data, subfilter=None):
+ if subfilter is None:
+ raise ValueError('The system filter needs a command')
+
+ proc = subprocess.Popen(
+ subfilter,
+ shell=True,
+ stdin=subprocess.PIPE,
+ stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE,
+ )
+
+ (stdout, stderr) = proc.communicate(data.encode())
+
+ if proc.returncode != 0:
+ raise RuntimeError(
+ "system filter returned non-zero exit status %d; stderr:\n"
+ % proc.returncode
+ + stderr.decode()
+ )
+
+ return stdout.decode()
+ '';
};
}
--
cgit v1.2.3