Merge remote-tracking branch 'ni/master'

7 files changed, 45 insertions, 15 deletions

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index b0ad2baf5..abb3d37eb 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -70,6 +70,12 @@ let
       type = types.hostname;
       default = "r";
     };
+
+    sitemap = mkOption {
+      default = {};
+      type = types.attrsOf types.sitemap.entry;
+    };
+
     zone-head-config  = mkOption {
       type = with types; attrsOf str;
       description = ''
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 60827d589..81db2d411 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -323,6 +323,7 @@ with import <stockholm/lib>;
           aliases = [
             "xu.r"
             "cgit.xu.r"
+            "krebs.xu.r"
           ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----
@@ -374,6 +375,14 @@ with import <stockholm/lib>;
       ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
     };
   };
+  sitemap = {
+    "http://cgit.krebsco.de" = {
+      desc = "Git repositories";
+    };
+    "http://krebs.xu.r" = {
+      desc = "krebs-pages mirror";
+    };
+  };
   users = {
     dv = {
       mail = "dv@alnus.r";
diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix
index f1626078e..850ee6f1a 100644
--- a/krebs/5pkgs/writers.nix
+++ b/krebs/5pkgs/writers.nix
@@ -29,10 +29,11 @@ with import <stockholm/lib>;
     execveBin = name: cfg:
       pkgs.execve name (cfg // { destination = "/bin/${name}"; });
 
-    makeScriptWriter = interpreter: name: text:
+    makeScriptWriter = { interpreter, check ? null }: name: text:
       assert (with types; either absolute-pathname filename).check name;
       pkgs.writeOut (baseNameOf name) {
         ${optionalString (types.absolute-pathname.check name) name} = {
+          inherit check;
           executable = true;
           text = "#! ${interpreter}\n${text}";
         };
@@ -69,7 +70,9 @@ with import <stockholm/lib>;
       strip --strip-unneeded "$exe"
     '';
 
-    writeDash = pkgs.makeScriptWriter "${pkgs.dash}/bin/dash";
+    writeDash = pkgs.makeScriptWriter {
+      interpreter = "${pkgs.dash}/bin/dash";
+    };
 
     writeDashBin = name:
       assert types.filename.check name;
@@ -305,5 +308,7 @@ with import <stockholm/lib>;
         };
       };
 
-    writeSed = pkgs.makeScriptWriter "${pkgs.gnused}/bin/sed -f";
+    writeSed = pkgs.makeScriptWriter {
+      interpreter = "${pkgs.gnused}/bin/sed -f";
+    };
   }
diff --git a/lib/types.nix b/lib/types.nix
index 236190ccd..8c6846887 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -5,7 +5,7 @@ let
     all any concatMapStringsSep concatStringsSep const filter flip
     genid hasSuffix head isInt isString length mergeOneOption mkOption
     mkOptionType optional optionalAttrs optionals range splitString
-    stringLength substring test typeOf;
+    stringLength substring test testString typeOf;
   inherit (lib.types)
     attrsOf bool either enum int listOf nullOr path str string submodule;
 in
@@ -357,6 +357,20 @@ rec {
 
   pgp-pubkey = str;
 
+  sitemap.entry = submodule ({ config, ... }: {
+    options = {
+      desc = mkOption {
+        default = null;
+        type = nullOr str;
+      };
+      href = mkOption {
+        ${if testString "https?://.*" config._module.args.name
+          then "default" else null} = config._module.args.name;
+        type = nullOr str; # TODO nullOr uri?
+      };
+    };
+  });
+
   ssh-pubkey = str;
   ssh-privkey = submodule {
     options = {
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 2bffdddb3..e7516a455 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -13,6 +13,7 @@ with import <stockholm/lib>;
     <stockholm/tv/2configs/gitrepos.nix>
     <stockholm/tv/2configs/mail-client.nix>
     <stockholm/tv/2configs/man.nix>
+    <stockholm/tv/2configs/nginx/krebs-pages.nix>
     <stockholm/tv/2configs/nginx/public_html.nix>
     <stockholm/tv/2configs/pulse.nix>
     <stockholm/tv/2configs/retiolum.nix>
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index b59311092..834a89083 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -22,16 +22,6 @@ in {
     ./vim.nix
     ./xdg.nix
     {
-      # stockholm dependencies
-      environment.systemPackages = with pkgs; [
-        git
-        gnumake
-        hashPassword
-        populate
-        whatsupnix
-      ];
-    }
-    {
       users = {
         defaultUserShell = "/run/current-system/sw/bin/bash";
         mutableUsers = false;
@@ -47,7 +37,7 @@ in {
     {
       security.hideProcessInformation = true;
       security.sudo.extraConfig = ''
-        Defaults env_keep+="SSH_CLIENT"
+        Defaults env_keep+="SSH_CLIENT XMONAD_SPAWN_WORKSPACE"
         Defaults mailto="${config.krebs.users.tv.mail}"
         Defaults !lecture
       '';
@@ -142,6 +132,8 @@ in {
     {
       environment.systemPackages = [
         pkgs.get
+        pkgs.git
+        pkgs.hashPassword
         pkgs.htop
         pkgs.kpaste
         pkgs.krebspaste
diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix
index a914dad43..9940b1026 100644
--- a/tv/2configs/retiolum.nix
+++ b/tv/2configs/retiolum.nix
@@ -10,6 +10,9 @@ with import <stockholm/lib>;
       "ni"
       "prism"
     ];
+    extraConfig = ''
+      LocalDiscovery = yes
+    '';
     tincPackage = pkgs.tinc_pre;
   };
   tv.iptables.input-internet-accept-tcp = singleton "tinc";