diff options
| author | lassulus <lass@aidsballs.de> | 2015-09-05 12:17:59 +0200 |
|---|---|---|
| committer | lassulus <lass@aidsballs.de> | 2015-09-05 12:17:59 +0200 |
| commit | f54a0a9ea7fd5a9902a5b38786da42f06d615b5a (patch) | |
| tree | d7c475b212d8acc35a5dc7d20ec1f2228c664010 | |
| parent | f3c1727659c59ff638b1adead8e30ee2f79f39de (diff) | |
| parent | d6d9956abc60548c755d30e6a5bd13c10abbb181 (diff) | |
Merge branch 'makefu'
| -rw-r--r-- | default.nix | 6 | ||||
| -rw-r--r-- | krebs/3modules/Reaktor.nix | 132 | ||||
| -rw-r--r-- | krebs/3modules/default.nix | 12 | ||||
| -rw-r--r-- | krebs/3modules/github-hosts-sync.nix | 6 | ||||
| -rw-r--r-- | krebs/3modules/retiolum.nix | 2 | ||||
| -rw-r--r-- | krebs/3modules/urlwatch.nix | 2 | ||||
| -rw-r--r-- | krebs/4lib/default.nix | 7 | ||||
| -rw-r--r-- | krebs/4lib/shell.nix | 22 | ||||
| -rw-r--r-- | krebs/5pkgs/Reaktor/default.nix | 19 | ||||
| -rw-r--r-- | krebs/5pkgs/cac/default.nix (renamed from krebs/5pkgs/cac.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/charybdis/default.nix (renamed from tv/5pkgs/charybdis/default.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/charybdis/remove-setenv.patch (renamed from tv/5pkgs/charybdis/remove-setenv.patch) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/default.nix | 60 | ||||
| -rw-r--r-- | krebs/5pkgs/dic/default.nix (renamed from krebs/5pkgs/dic.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/genid/default.nix (renamed from krebs/5pkgs/genid.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/github-hosts-sync/default.nix (renamed from krebs/5pkgs/github-hosts-sync.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/github-known_hosts/default.nix (renamed from krebs/5pkgs/github-known_hosts.nix) | 2 | ||||
| -rw-r--r-- | krebs/5pkgs/github-known_hosts/github.ssh.pub (renamed from Zpubkeys/github.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/hashPassword/default.nix (renamed from krebs/5pkgs/hashPassword.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/krebszones/default.nix | 20 | ||||
| -rw-r--r-- | krebs/5pkgs/lentil/default.nix (renamed from tv/5pkgs/lentil/default.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/lentil/syntaxes.patch (renamed from tv/5pkgs/lentil/syntaxes.patch) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/much/default.nix (renamed from tv/5pkgs/much.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/nq/default.nix (renamed from krebs/5pkgs/nq.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/posix-array/default.nix (renamed from krebs/5pkgs/posix-array.nix) | 0 | ||||
| -rw-r--r-- | krebs/5pkgs/pssh/default.nix | 37 | ||||
| -rw-r--r-- | krebs/5pkgs/youtube-tools/default.nix (renamed from krebs/5pkgs/youtube-tools.nix) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/Styx (renamed from Zhosts/Styx) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/ThinkArmageddon (renamed from Zhosts/ThinkArmageddon) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/TriBot (renamed from Zhosts/TriBot) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/ach (renamed from Zhosts/ach) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/air (renamed from Zhosts/air) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/alarmpi (renamed from Zhosts/alarmpi) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/albi10 (renamed from Zhosts/albi10) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/albi7 (renamed from Zhosts/albi7) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/almoehi (renamed from Zhosts/almoehi) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/alphalabs (renamed from Zhosts/alphalabs) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/apfull (renamed from Zhosts/apfull) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/bitchctl (renamed from Zhosts/bitchctl) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/bitchextend (renamed from Zhosts/bitchextend) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/bitchtop (renamed from Zhosts/bitchtop) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/box (renamed from Zhosts/box) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/bridge (renamed from Zhosts/bridge) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/c2ft (renamed from Zhosts/c2ft) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/c2fthome (renamed from Zhosts/c2fthome) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/casino (renamed from Zhosts/casino) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/cat1 (renamed from Zhosts/cat1) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/cband (renamed from Zhosts/cband) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/cd (renamed from Zhosts/cd) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/cloudkrebs (renamed from Zhosts/cloudkrebs) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/darth (renamed from Zhosts/darth) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/dei (renamed from Zhosts/dei) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/destroy (renamed from Zhosts/destroy) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/devstar (renamed from Zhosts/devstar) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/eigenserv (renamed from Zhosts/eigenserv) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/elvis (renamed from Zhosts/elvis) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/eulerwalk (renamed from Zhosts/eulerwalk) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/exile (renamed from Zhosts/exile) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/exitium_mobilis (renamed from Zhosts/exitium_mobilis) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/falk (renamed from Zhosts/falk) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/fastpoke (renamed from Zhosts/fastpoke) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/filebitch (renamed from Zhosts/filebitch) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/filepimp (renamed from Zhosts/filepimp) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/flap (renamed from Zhosts/flap) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/foobar (renamed from Zhosts/foobar) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/fuerkrebs (renamed from Zhosts/fuerkrebs) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/go (renamed from Zhosts/go) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/gum (renamed from Zhosts/gum) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/heidi (renamed from Zhosts/heidi) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/horisa (renamed from Zhosts/horisa) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/horreum_magnus (renamed from Zhosts/horreum_magnus) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/incept (renamed from Zhosts/incept) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/ire (renamed from Zhosts/ire) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/ire2 (renamed from Zhosts/ire2) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/irkel (renamed from Zhosts/irkel) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/juhulian (renamed from Zhosts/juhulian) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/k2 (renamed from Zhosts/k2) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/kabinett (renamed from Zhosts/kabinett) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/kaepsele (renamed from Zhosts/kaepsele) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/kalle (renamed from Zhosts/kalle) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/karthus (renamed from Zhosts/karthus) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/khackplug (renamed from Zhosts/khackplug) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/kheurop (renamed from Zhosts/kheurop) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/kiosk (renamed from Zhosts/kiosk) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/krebsplug (renamed from Zhosts/krebsplug) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/kvasir (renamed from Zhosts/kvasir) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/laqueus (renamed from Zhosts/laqueus) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/linuxatom (renamed from Zhosts/linuxatom) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/luminos (renamed from Zhosts/luminos) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/machine (renamed from Zhosts/machine) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/makalu (renamed from Zhosts/makalu) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/mako (renamed from Zhosts/mako) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/miefda0 (renamed from Zhosts/miefda0) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/minikrebs (renamed from Zhosts/minikrebs) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/mkdir (renamed from Zhosts/mkdir) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/monitor (renamed from Zhosts/monitor) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/mors (renamed from Zhosts/mors) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/motor (renamed from Zhosts/motor) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/mu (renamed from Zhosts/mu) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/muhbaasu (renamed from Zhosts/muhbaasu) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/nomic (renamed from Zhosts/nomic) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/nomic2 (renamed from Zhosts/nomic2) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/nukular (renamed from Zhosts/nukular) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/omo (renamed from Zhosts/omo) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/pic (renamed from Zhosts/pic) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/pigstarter (renamed from Zhosts/pigstarter) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/pike (renamed from Zhosts/pike) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/pnp (renamed from Zhosts/pnp) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/pornocauster (renamed from Zhosts/pornocauster) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/radiotuxmini (renamed from Zhosts/radiotuxmini) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/random (renamed from Zhosts/random) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/raspafari (renamed from Zhosts/raspafari) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/reimae (renamed from Zhosts/reimae) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/rmdir (renamed from Zhosts/rmdir) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/robchina (renamed from Zhosts/robchina) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/rockit (renamed from Zhosts/rockit) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/rtjure_debian_oder_so (renamed from Zhosts/rtjure_debian_oder_so) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/rtjure_ras (renamed from Zhosts/rtjure_ras) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/rtjure_rdrlab_linkstation (renamed from Zhosts/rtjure_rdrlab_linkstation) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/rubus (renamed from Zhosts/rubus) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/senderechner (renamed from Zhosts/senderechner) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/serenity (renamed from Zhosts/serenity) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/seruundroid (renamed from Zhosts/seruundroid) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/sir_krebs_a_lot (renamed from Zhosts/sir_krebs_a_lot) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/skirfir (renamed from Zhosts/skirfir) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/sleipnir (renamed from Zhosts/sleipnir) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/smove (renamed from Zhosts/smove) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/sokrates (renamed from Zhosts/sokrates) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/sokrateslaptop (renamed from Zhosts/sokrateslaptop) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/soundflower (renamed from Zhosts/soundflower) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/steve (renamed from Zhosts/steve) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/tahoe (renamed from Zhosts/tahoe) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/taschenkrebs (renamed from Zhosts/taschenkrebs) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/terrapi (renamed from Zhosts/terrapi) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/thomasDOTde (renamed from Zhosts/thomasDOTde) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/tincdroid (renamed from Zhosts/tincdroid) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/tmpd (renamed from Zhosts/tmpd) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/tpsw (renamed from Zhosts/tpsw) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/tsp (renamed from Zhosts/tsp) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/ufo (renamed from Zhosts/ufo) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/uriel (renamed from Zhosts/uriel) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/vault (renamed from Zhosts/vault) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/voyager (renamed from Zhosts/voyager) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/wooktop (renamed from Zhosts/wooktop) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/wu (renamed from Zhosts/wu) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/ytart (renamed from Zhosts/ytart) | 0 | ||||
| -rw-r--r-- | krebs/Zhosts/zombiecancer (renamed from Zhosts/zombiecancer) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/deploy_wu.ssh.pub (renamed from Zpubkeys/deploy_wu.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/lass.ssh.pub (renamed from Zpubkeys/lass.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/makefu_arch.ssh.pub (renamed from Zpubkeys/makefu_arch.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/makefu_omo.ssh.pub (renamed from Zpubkeys/makefu_omo.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/makefu_tsp.ssh.pub (renamed from Zpubkeys/makefu_tsp.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/mv_vod.ssh.pub (renamed from Zpubkeys/mv_vod.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/tv_wu.ssh.pub (renamed from Zpubkeys/tv_wu.ssh.pub) | 0 | ||||
| -rw-r--r-- | krebs/Zpubkeys/uriel.ssh.pub (renamed from Zpubkeys/uriel.ssh.pub) | 0 | ||||
| -rw-r--r-- | makefu/1systems/pnp.nix | 24 | ||||
| -rw-r--r-- | makefu/1systems/pornocauster.nix | 16 | ||||
| -rw-r--r-- | makefu/1systems/repunit.nix | 2 | ||||
| -rw-r--r-- | makefu/1systems/tsp.nix | 4 | ||||
| -rw-r--r-- | makefu/2configs/Reaktor/random-issue.sh | 20 | ||||
| -rw-r--r-- | makefu/2configs/Reaktor/simpleExtend.nix | 19 | ||||
| -rw-r--r-- | makefu/2configs/Reaktor/stockholmLentil.nix | 22 | ||||
| -rw-r--r-- | makefu/2configs/fs/cac-boot-partition.nix | 23 | ||||
| -rw-r--r-- | makefu/2configs/fs/sda-crypto-root-home.nix (renamed from makefu/2configs/sda-crypto-root-home.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/fs/sda-crypto-root.nix (renamed from makefu/2configs/sda-crypto-root.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/fs/vm-single-partition.nix (renamed from makefu/2configs/vm-single-partition.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/git/brain-retiolum.nix | 77 | ||||
| -rw-r--r-- | makefu/2configs/git/cgit-retiolum.nix (renamed from makefu/2configs/cgit-retiolum.nix) | 6 | ||||
| -rw-r--r-- | makefu/2configs/hw/tp-x200.nix (renamed from makefu/2configs/tp-x200.nix) | 0 | ||||
| -rw-r--r-- | makefu/2configs/hw/tp-x220.nix (renamed from makefu/2configs/tp-x220.nix) | 11 | ||||
| -rw-r--r-- | makefu/2configs/hw/tp-x2x0.nix (renamed from makefu/2configs/tp-x2x0.nix) | 10 | ||||
| -rw-r--r-- | makefu/2configs/tinc-basic-retiolum.nix | 2 | ||||
| -rw-r--r-- | makefu/3modules/default.nix | 2 | ||||
| -rw-r--r-- | tv/1systems/cd.nix | 11 | ||||
| -rw-r--r-- | tv/1systems/nomic.nix | 3 | ||||
| -rw-r--r-- | tv/1systems/wu.nix | 20 | ||||
| -rw-r--r-- | tv/2configs/charybdis.nix | 6 | ||||
| -rw-r--r-- | tv/2configs/mail-client.nix | 3 | ||||
| -rw-r--r-- | tv/2configs/test.nix | 31 | ||||
| -rw-r--r-- | tv/4lib/default.nix | 9 | ||||
| -rw-r--r-- | tv/5pkgs/default.nix | 6 | ||||
| -rw-r--r-- | tv/Zcerts/charybdis_cd.crt.pem (renamed from Zcerts/charybdis_cd.crt.pem) | 0 |
182 files changed, 567 insertions, 87 deletions
diff --git a/default.nix b/default.nix index 59a76f81b..875f0d5b4 100644 --- a/default.nix +++ b/default.nix @@ -8,6 +8,12 @@ let "${user-name}/1systems/${system-name}.nix" "${user-name}/3modules" "krebs/3modules" + ] ++ [ + ({ lib, pkgs, ... }: { + _module.args.pkgs = + (import ./krebs/5pkgs { inherit lib pkgs; }) // + (import (./. + "/${user-name}/5pkgs") { inherit lib pkgs; }); + }) ]; }; diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix new file mode 100644 index 000000000..fce24fa63 --- /dev/null +++ b/krebs/3modules/Reaktor.nix @@ -0,0 +1,132 @@ +{ config, pkgs,lib, ... }: + + +let + kpkgs = import ../5pkgs { inherit pkgs; inherit lib; }; + + inherit (lib) + mkIf + mkOption + types + singleton + isString + optionalString + concatStrings + escapeShellArg + ; + + ReaktorConfig = pkgs.writeText "config.py" '' + ${if (isString cfg.overrideConfig ) then '' + # Overriden Config + ${cfg.overrideConfig} + '' else ""} + ## Extra Config + ${cfg.extraConfig} + ''; + cfg = config.krebs.Reaktor; + + out = { + options.krebs.Reaktor = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkOption { + default = false; + description = '' + Start Reaktor at system boot + ''; + }; + + nickname = mkOption { + default = config.krebs.build.host.name + "|r"; + type = types.string; + description = '' + The nick name of the irc bot. + Defaults to {hostname}|r + ''; + }; + + + overrideConfig = mkOption { + default = null; + type = types.nullOr types.str; + description = '' + configuration to be used instead of default ones. + Reaktor default cfg can be retrieved via `reaktor get-config` + ''; + }; + extraConfig = mkOption { + default = ""; + type = types.string; + description = '' + configuration appended to the default or overridden configuration + ''; + }; + + ReaktorPkg = mkOption { + default = kpkgs.Reaktor; + description = '' + the Reaktor pkg to use. + ''; + }; + debug = mkOption { + default = false; + description = '' + Reaktor debug output + ''; + }; + }; + + imp = { + # for reaktor get-config + environment.systemPackages = [ cfg.ReaktorPkg ]; + users.extraUsers = singleton { + name = "Reaktor"; + # uid = config.ids.uids.Reaktor; + uid = 2066439104; #genid Reaktor + description = "Reaktor user"; + home = "/var/lib/Reaktor"; + createHome = true; + }; + + #users.extraGroups = singleton { + # name = "Reaktor"; + # gid = config.ids.gids.Reaktor; + #}; + + systemd.services.Reaktor = { + path = with pkgs; [ + utillinux #flock for tell_on-join + # git # for nag + python # for caps + ]; + description = "Reaktor IRC Bot"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + environment = { + GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + REAKTOR_NICKNAME = cfg.nickname; + REAKTOR_DEBUG = (if cfg.debug then "True" else "False"); + }; + serviceConfig= { + ExecStartPre = pkgs.writeScript "Reaktor-init" '' + #! /bin/sh + ${if (isString cfg.overrideConfig) then + ''cp ${ReaktorConfig} /tmp/config.py'' + else + ''(${cfg.ReaktorPkg}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/config.py'' + } + ''; + ExecStart = "${cfg.ReaktorPkg}/bin/reaktor run /tmp/config.py"; + PrivateTmp = "true"; + User = "Reaktor"; + Restart = "on-abort"; + StartLimitInterval = "1m"; + StartLimitBurst = "1"; + }; + }; + }; + +in +out diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 78907960b..c683d406c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -11,6 +11,7 @@ let ./github-hosts-sync.nix ./git.nix ./nginx.nix + ./Reaktor.nix ./retiolum.nix ./urlwatch.nix ]; @@ -332,11 +333,11 @@ let }; users = addNames { lass = { - pubkey = readFile ../../Zpubkeys/lass.ssh.pub; + pubkey = readFile ../Zpubkeys/lass.ssh.pub; mail = "lass@mors.retiolum"; }; uriel = { - pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; + pubkey = readFile ../Zpubkeys/uriel.ssh.pub; mail = "lass@uriel.retiolum"; }; }; @@ -468,6 +469,7 @@ let IN MX 10 mx42 euer IN MX 1 aspmx.l.google.com. io IN NS pigstarter.krebsco.de. + euer IN A ${elemAt nets.internet.addrs4 0} pigstarter IN A ${elemAt nets.internet.addrs4 0} conf IN A ${elemAt nets.internet.addrs4 0} gold IN A ${elemAt nets.internet.addrs4 0} @@ -543,7 +545,7 @@ let users = addNames { makefu = { mail = "makefu@pornocauster.retiolum"; - pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub; + pubkey = readFile ../Zpubkeys/makefu_arch.ssh.pub; }; }; }; @@ -714,11 +716,11 @@ let users = addNames { mv = { mail = "mv@cd.retiolum"; - pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub; + pubkey = readFile ../Zpubkeys/mv_vod.ssh.pub; }; tv = { mail = "tv@wu.retiolum"; - pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; + pubkey = readFile ../Zpubkeys/tv_wu.ssh.pub; }; }; }; diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 0274b9d15..dbc0cc1de 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -61,9 +61,9 @@ let ${cfg.ssh-identity-file} \ "$ssh_identity_file_target" - ln -snf ${kpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts + ln -snf ${pkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts ''; - ExecStart = "${kpkgs.github-hosts-sync}/bin/github-hosts-sync"; + ExecStart = "${pkgs.github-hosts-sync}/bin/github-hosts-sync"; }; }; @@ -77,7 +77,5 @@ let name = "github-hosts-sync"; uid = 3220554646; # genid github-hosts-sync }; - - kpkgs = import ../../krebs/5pkgs { inherit pkgs; }; in out diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 481d6565c..4e70b78aa 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -58,7 +58,7 @@ let hosts = mkOption { type = with types; either package path; - default = ../../Zhosts; + default = ../Zhosts; description = '' If a path is given, then it will be used to generate an ad-hoc package. ''; diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 531e6c87b..80d9f5e93 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -78,7 +78,7 @@ let HOME = cfg.dataDir; LC_ALL = "en_US.UTF-8"; LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive"; - SSL_CERT_FILE = "${pkgs.cacert}/etc/ca-bundle.crt"; + SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; }; serviceConfig = { User = user.name; diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix index b67585335..ca7219c7e 100644 --- a/krebs/4lib/default.nix +++ b/krebs/4lib/default.nix @@ -14,5 +14,12 @@ builtins // lib // rec { dns = import ./dns.nix { inherit lib; }; listset = import ./listset.nix { inherit lib; }; + shell = import ./shell.nix { inherit lib; }; tree = import ./tree.nix { inherit lib; }; + + toC = x: { + list = "{ ${concatStringsSep ", " (map toC x)} }"; + null = "NULL"; + string = toJSON x; # close enough + }.${typeOf x}; } diff --git a/krebs/4lib/shell.nix b/krebs/4lib/shell.nix new file mode 100644 index 000000000..2a6da5c16 --- /dev/null +++ b/krebs/4lib/shell.nix @@ -0,0 +1,22 @@ +{ lib, ... }: + +with builtins; +with lib; + +rec { + escape = + let + isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null; + in + stringAsChars (c: + if isSafeChar c then c + else if c == "\n" then "'\n'" + else "\\${c}"); + + # + # shell script generators + # + + # example: "${cat (toJSON { foo = "bar"; })} | jq -r .foo" + cat = s: "printf '%s' ${escape s}"; +} diff --git a/krebs/5pkgs/Reaktor/default.nix b/krebs/5pkgs/Reaktor/default.nix new file mode 100644 index 000000000..524782081 --- /dev/null +++ b/krebs/5pkgs/Reaktor/default.nix @@ -0,0 +1,19 @@ +{ lib, pkgs,python3Packages,fetchurl, ... }: + +python3Packages.buildPythonPackage rec { + name = "Reaktor-${version}"; + version = "0.4.3"; + propagatedBuildInputs = with pkgs;[ + python3Packages.docopt + python3Packages.requests2 + ]; + src = fetchurl { + url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz"; + sha256 = "1rvfw9vg7i7z2ah7m5k3zik2b92d3xdaqa8am62qw6vgvmxcmfp4"; + }; + meta = { + homepage = http://krebsco.de/; + description = "An IRC bot based on asynchat"; + license = lib.licenses.wtfpl; + }; +} diff --git a/krebs/5pkgs/cac.nix b/krebs/5pkgs/cac/default.nix index eff523048..eff523048 100644 --- a/krebs/5pkgs/cac.nix +++ b/krebs/5pkgs/cac/default.nix diff --git a/tv/5pkgs/charybdis/default.nix b/krebs/5pkgs/charybdis/default.nix index f3e6be40e..f3e6be40e 100644 --- a/tv/5pkgs/charybdis/default.nix +++ b/krebs/5pkgs/charybdis/default.nix diff --git a/tv/5pkgs/charybdis/remove-setenv.patch b/krebs/5pkgs/charybdis/remove-setenv.patch index bbaf95e19..bbaf95e19 100644 --- a/tv/5pkgs/charybdis/remove-setenv.patch +++ b/krebs/5pkgs/charybdis/remove-setenv.patch diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 2454c19c8..39d3d69ce 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,18 +1,54 @@ -{ pkgs, ... }: +{ lib, pkgs, ... }: + +with import ../4lib { inherit lib; }; let inherit (pkgs) callPackage; in -pkgs // -{ - cac = callPackage ./cac.nix {}; - dic = callPackage ./dic.nix {}; - genid = callPackage ./genid.nix {}; - github-hosts-sync = callPackage ./github-hosts-sync.nix {}; - github-known_hosts = callPackage ./github-known_hosts.nix {}; - hashPassword = callPackage ./hashPassword.nix {}; - nq = callPackage ./nq.nix {}; - posix-array = callPackage ./posix-array.nix {}; - youtube-tools = callPackage ./youtube-tools.nix {}; +rec { + cac = callPackage ./cac {}; + charybdis = callPackage ./charybdis {}; + dic = callPackage ./dic {}; + genid = callPackage ./genid {}; + github-hosts-sync = callPackage ./github-hosts-sync {}; + github-known_hosts = callPackage ./github-known_hosts {}; + hashPassword = callPackage ./hashPassword {}; + krebszones = callPackage ./krebszones {}; + lentil = callPackage ./lentil {}; + much = callPackage ./much {}; + nq = callPackage ./nq {}; + posix-array = callPackage ./posix-array {}; + pssh = callPackage ./pssh {}; + Reaktor = callPackage ./Reaktor {}; + youtube-tools = callPackage ./youtube-tools {}; + + execve = name: { filename, argv, envp ? {}, destination ? "" }: + writeC name { inherit destination; } '' + #include <unistd.h> + int main () { + const char *filename = ${toC filename}; + char *const argv[] = ${toC (argv ++ [null])}; + char *const envp[] = ${toC ( + mapAttrsToList (k: v: "${k}=${v}") envp ++ [null] + )}; + execve(filename, argv, envp); + return -1; + } + ''; + + execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; }); + + writeC = name: { destination ? "" }: src: pkgs.runCommand name {} '' + PATH=${lib.makeSearchPath "bin" (with pkgs; [ + binutils + coreutils + gcc + ])} + src=${pkgs.writeText "${name}.c" src} + exe=$out${destination} + mkdir -p "$(dirname "$exe")" + gcc -O -Wall -o "$exe" $src + strip --strip-unneeded "$exe" + ''; } diff --git a/krebs/5pkgs/dic.nix b/krebs/5pkgs/dic/default.nix index 571773d22..571773d22 100644 --- a/krebs/5pkgs/dic.nix +++ b/krebs/5pkgs/dic/default.nix diff --git a/krebs/5pkgs/genid.nix b/krebs/5pkgs/genid/default.nix index c75bec317..c75bec317 100644 --- a/krebs/5pkgs/genid.nix +++ b/krebs/5pkgs/genid/default.nix diff --git a/krebs/5pkgs/github-hosts-sync.nix b/krebs/5pkgs/github-hosts-sync/default.nix index d69b2b12b..d69b2b12b 100644 --- a/krebs/5pkgs/github-hosts-sync.nix +++ b/krebs/5pkgs/github-hosts-sync/default.nix diff --git a/krebs/5pkgs/github-known_hosts.nix b/krebs/5pkgs/github-known_hosts/default.nix index 302fdd8d5..fe5efe413 100644 --- a/krebs/5pkgs/github-known_hosts.nix +++ b/krebs/5pkgs/github-known_hosts/default.nix @@ -4,7 +4,7 @@ with builtins; with lib; let - github-pubkey = removeSuffix "\n" (readFile ../../Zpubkeys/github.ssh.pub); + github-pubkey = removeSuffix "\n" (readFile ./github.ssh.pub); in toFile "github-known_hosts" diff --git a/Zpubkeys/github.ssh.pub b/krebs/5pkgs/github-known_hosts/github.ssh.pub index 90f6e2b71..90f6e2b71 100644 --- a/Zpubkeys/github.ssh.pub +++ b/krebs/5pkgs/github-known_hosts/github.ssh.pub diff --git a/krebs/5pkgs/hashPassword.nix b/krebs/5pkgs/hashPassword/default.nix index a10340cc4..a10340cc4 100644 --- a/krebs/5pkgs/hashPassword.nix +++ b/krebs/5pkgs/hashPassword/default.nix diff --git a/krebs/5pkgs/krebszones/default.nix b/krebs/5pkgs/krebszones/default.nix new file mode 100644 index 000000000..62805c73c --- /dev/null +++ b/krebs/5pkgs/krebszones/default.nix @@ -0,0 +1,20 @@ +{ lib, pkgs,python3Packages,fetchurl, ... }: + +python3Packages.buildPythonPackage rec { + name = "krebszones-${version}"; + version = "0.4.3"; + propagatedBuildInputs = with pkgs.python3Packages;[ + d2to1 # for setup to work + ovh + docopt + ]; + src = fetchurl { + url = "https://pypi.python.org/packages/source/k/krebszones/krebszones-${version}.tar.gz"; + sha256 = "1i6aqy27bikypc4mq7ymfnvf42rr5sxiy6l7gnyk6ifhlp1jq8z5"; + }; + meta = { + homepage = http://krebsco.de/; + description = "OVH Zone Upload"; + license = lib.licenses.wtfpl; + }; +} diff --git a/tv/5pkgs/lentil/default.nix b/krebs/5pkgs/lentil/default.nix index fc9b4fd31..fc9b4fd31 100644 --- a/tv/5pkgs/lentil/default.nix +++ b/krebs/5pkgs/lentil/default.nix diff --git a/tv/5pkgs/lentil/syntaxes.patch b/krebs/5pkgs/lentil/syntaxes.patch index a9390ae51..a9390ae51 100644 --- a/tv/5pkgs/lentil/syntaxes.patch +++ b/krebs/5pkgs/lentil/syntaxes.patch diff --git a/tv/5pkgs/much.nix b/krebs/5pkgs/much/default.nix index 82586b422..82586b422 100644 --- a/tv/5pkgs/much.nix +++ b/krebs/5pkgs/much/default.nix diff --git a/krebs/5pkgs/nq.nix b/krebs/5pkgs/nq/default.nix index 0f397a43c..0f397a43c 100644 --- a/krebs/5pkgs/nq.nix +++ b/krebs/5pkgs/nq/default.nix diff --git a/krebs/5pkgs/posix-array.nix b/krebs/5pkgs/posix-array/default.nix index 456a3cc11..456a3cc11 100644 --- a/krebs/5pkgs/posix-array.nix +++ b/krebs/5pkgs/posix-array/default.nix diff --git a/krebs/5pkgs/pssh/default.nix b/krebs/5pkgs/pssh/default.nix new file mode 100644 index 000000000..fd48d3e7c --- /dev/null +++ b/krebs/5pkgs/pssh/default.nix @@ -0,0 +1,37 @@ +{ writeScriptBin }: + +writeScriptBin "pssh" '' + #! /bin/sh + set -efu + case ''${1-} in + + # TODO create plog with -o json | jq ... | map date + + # usage: pssh {-j,--journal} host... + # Follow journal at each host. + -j|--journal) + shift + "$0" journalctl -n0 -ocat --follow --all ::: "$@" \ + | while read line; do + printf '%s %s\n' "$(date --rfc-3339=s)" "$line" + done + ;; + + -*) + echo $0: unknown option: $1 >&2 + exit 1 + ;; + + # usage: pssh command [arg...] ::: host... + # Run command at each host. + *) + exec parallel \ + --line-buffer \ + -j0 \ + --no-notice \ + --tagstring {} \ + ssh -T {} "$@" + ;; + + esac +'' diff --git a/krebs/5pkgs/youtube-tools.nix b/krebs/5pkgs/youtube-tools/default.nix index d767728be..d767728be 100644 --- a/krebs/5pkgs/youtube-tools.nix +++ b/krebs/5pkgs/youtube-tools/default.nix diff --git a/Zhosts/Styx b/krebs/Zhosts/Styx index fad453168..fad453168 100644 --- a/Zhosts/Styx +++ b/krebs/Zhosts/Styx diff --git a/Zhosts/ThinkArmageddon b/krebs/Zhosts/ThinkArmageddon index e51e1c92b..e51e1c92b 100644 --- a/Zhosts/ThinkArmageddon +++ b/krebs/Zhosts/ThinkArmageddon diff --git a/Zhosts/TriBot b/krebs/Zhosts/TriBot index 821046f5d..821046f5d 100644 --- a/Zhosts/TriBot +++ b/krebs/Zhosts/TriBot diff --git a/Zhosts/ach b/krebs/Zhosts/ach index 7774f17c4..7774f17c4 100644 --- a/Zhosts/ach +++ b/krebs/Zhosts/ach diff --git a/Zhosts/air b/krebs/Zhosts/air index f27106f0e..f27106f0e 100644 --- a/Zhosts/air +++ b/krebs/Zhosts/air diff --git a/Zhosts/alarmpi b/krebs/Zhosts/alarmpi index 205b0d838..205b0d838 100644 --- a/Zhosts/alarmpi +++ b/krebs/Zhosts/alarmpi diff --git a/Zhosts/albi10 b/krebs/Zhosts/albi10 index 9bcca7ccd..9bcca7ccd 100644 --- a/Zhosts/albi10 +++ b/krebs/Zhosts/albi10 diff --git a/Zhosts/albi7 b/krebs/Zhosts/albi7 index 32cf0dc84..32cf0dc84 100644 --- a/Zhosts/albi7 +++ b/krebs/Zhosts/albi7 diff --git a/Zhosts/almoehi b/krebs/Zhosts/almoehi index d856f682f..d856f682f 100644 --- a/Zhosts/almoehi +++ b/krebs/Zhosts/almoehi diff --git a/Zhosts/alphalabs b/krebs/Zhosts/alphalabs index e5f98d692..e5f98d692 100644 --- a/Zhosts/alphalabs +++ b/krebs/Zhosts/alphalabs diff --git a/Zhosts/apfull b/krebs/Zhosts/apfull index c64750b84..c64750b84 100644 --- a/Zhosts/apfull +++ b/krebs/Zhosts/apfull diff --git a/Zhosts/bitchctl b/krebs/Zhosts/bitchctl index 8f188a2ae..8f188a2ae 100644 --- a/Zhosts/bitchctl +++ b/krebs/Zhosts/bitchctl diff --git a/Zhosts/bitchextend b/krebs/Zhosts/bitchextend index 82d8ffa43..82d8ffa43 100644 --- a/Zhosts/bitchextend +++ b/krebs/Zhosts/bitchextend diff --git a/Zhosts/bitchtop b/krebs/Zhosts/bitchtop index 975575efa..975575efa 100644 --- a/Zhosts/bitchtop +++ b/krebs/Zhosts/bitchtop diff --git a/Zhosts/box b/krebs/Zhosts/box index e02f8ca67..e02f8ca67 100644 --- a/Zhosts/box +++ b/krebs/Zhosts/box diff --git a/Zhosts/bridge b/krebs/Zhosts/bridge index db75113be..db75113be 100644 --- a/Zhosts/bridge +++ b/krebs/Zhosts/bridge diff --git a/Zhosts/c2ft b/krebs/Zhosts/c2ft index 8ce0539e2..8ce0539e2 100644 --- a/Zhosts/c2ft +++ b/krebs/Zhosts/c2ft diff --git a/Zhosts/c2fthome b/krebs/Zhosts/c2fthome index a8eaabc97..a8eaabc97 100644 --- a/Zhosts/c2fthome +++ b/krebs/Zhosts/c2fthome diff --git a/Zhosts/casino b/krebs/Zhosts/casino index e35691c3c..e35691c3c 100644 --- a/Zhosts/casino +++ b/krebs/Zhosts/casino diff --git a/Zhosts/cat1 b/krebs/Zhosts/cat1 index 1a9dd2fea..1a9dd2fea 100644 --- a/Zhosts/cat1 +++ b/krebs/Zhosts/cat1 diff --git a/Zhosts/cband b/krebs/Zhosts/cband index 51c51e9c9..51c51e9c9 100644 --- a/Zhosts/cband +++ b/krebs/Zhosts/cband diff --git a/Zhosts/cd b/krebs/Zhosts/cd index d65814f46..d65814f46 100644 --- a/Zhosts/cd +++ b/krebs/Zhosts/cd diff --git a/Zhosts/cloudkrebs b/krebs/Zhosts/cloudkrebs index ed46a36bd..ed46a36bd 100644 --- a/Zhosts/cloudkrebs +++ b/krebs/Zhosts/cloudkrebs diff --git a/Zhosts/darth b/krebs/Zhosts/darth index bcabc5f58..bcabc5f58 100644 --- a/Zhosts/darth +++ b/krebs/Zhosts/darth diff --git a/Zhosts/dei b/krebs/Zhosts/dei index 0d401b019..0d401b019 100644 --- a/Zhosts/dei +++ b/krebs/Zhosts/dei diff --git a/Zhosts/destroy b/krebs/Zhosts/destroy index 8b5f7f5ab..8b5f7f5ab 100644 --- a/Zhosts/destroy +++ b/krebs/Zhosts/destroy diff --git a/Zhosts/devstar b/krebs/Zhosts/devstar index 875f62e2a..875f62e2a 100644 --- a/Zhosts/devstar +++ b/krebs/Zhosts/devstar diff --git a/Zhosts/eigenserv b/krebs/Zhosts/eigenserv index f59667940..f59667940 100644 --- a/Zhosts/eigenserv +++ b/krebs/Zhosts/eigenserv diff --git a/Zhosts/elvis b/krebs/Zhosts/elvis index c98ce7865..c98ce7865 100644 --- a/Zhosts/elvis +++ b/krebs/Zhosts/elvis diff --git a/Zhosts/eulerwalk b/krebs/Zhosts/eulerwalk index b6dbf43e0..b6dbf43e0 100644 --- a/Zhosts/eulerwalk +++ b/krebs/Zhosts/eulerwalk diff --git a/Zhosts/exile b/krebs/Zhosts/exile index 25d68ca4c..25d68ca4c 100644 --- a/Zhosts/exile +++ b/krebs/Zhosts/exile diff --git a/Zhosts/exitium_mobilis b/krebs/Zhosts/exitium_mobilis index 3b112a0f7..3b112a0f7 100644 --- a/Zhosts/exitium_mobilis +++ b/krebs/Zhosts/exitium_mobilis diff --git a/Zhosts/falk b/krebs/Zhosts/falk index a8c9e2f21..a8c9e2f21 100644 --- a/Zhosts/falk +++ b/krebs/Zhosts/falk diff --git a/Zhosts/fastpoke b/krebs/Zhosts/fastpoke index c897a97bc..c897a97bc 100644 --- a/Zhosts/fastpoke +++ b/krebs/Zhosts/fastpoke diff --git a/Zhosts/filebitch b/krebs/Zhosts/filebitch index 64c88cb0d..64c88cb0d 100644 --- a/Zhosts/filebitch +++ b/krebs/Zhosts/filebitch diff --git a/Zhosts/filepimp b/krebs/Zhosts/filepimp index c689c8852..c689c8852 100644 --- a/Zhosts/filepimp +++ b/krebs/Zhosts/filepimp diff --git a/Zhosts/flap b/krebs/Zhosts/flap index 94e6bdc75..94e6bdc75 100644 --- a/Zhosts/flap +++ b/krebs/Zhosts/flap diff --git a/Zhosts/foobar b/krebs/Zhosts/foobar index 2c77b79c4..2c77b79c4 100644 --- a/Zhosts/foobar +++ b/krebs/Zhosts/foobar diff --git a/Zhosts/fuerkrebs b/krebs/Zhosts/fuerkrebs index 35bbcf181..35bbcf181 100644 --- a/Zhosts/fuerkrebs +++ b/krebs/Zhosts/fuerkrebs diff --git a/Zhosts/go b/krebs/Zhosts/go index de9ebeb78..de9ebeb78 100644 --- a/Zhosts/go +++ b/krebs/Zhosts/go diff --git a/Zhosts/gum b/krebs/Zhosts/gum index f1eaa4eab..f1eaa4eab 100644 --- a/Zhosts/gum +++ b/krebs/Zhosts/gum diff --git a/Zhosts/heidi b/krebs/Zhosts/heidi index c8af51b04..c8af51b04 100644 --- a/Zhosts/heidi +++ b/krebs/Zhosts/heidi diff --git a/Zhosts/horisa b/krebs/Zhosts/horisa index ac4ed6dab..ac4ed6dab 100644 --- a/Zhosts/horisa +++ b/krebs/Zhosts/horisa diff --git a/Zhosts/horreum_magnus b/krebs/Zhosts/horreum_magnus index 3019e9cf5..3019e9cf5 100644 --- a/Zhosts/horreum_magnus +++ b/krebs/Zhosts/horreum_magnus diff --git a/Zhosts/incept b/krebs/Zhosts/incept index 348e44b1b..348e44b1b 100644 --- a/Zhosts/incept +++ b/krebs/Zhosts/incept diff --git a/Zhosts/ire b/krebs/Zhosts/ire index 724158cb0..724158cb0 100644 --- a/Zhosts/ire +++ b/krebs/Zhosts/ire diff --git a/Zhosts/ire2 b/krebs/Zhosts/ire2 index 6b9d0a79c..6b9d0a79c 100644 --- a/Zhosts/ire2 +++ b/krebs/Zhosts/ire2 diff --git a/Zhosts/irkel b/krebs/Zhosts/irkel index b197e5d29..b197e5d29 100644 --- a/Zhosts/irkel +++ b/krebs/Zhosts/irkel diff --git a/Zhosts/juhulian b/krebs/Zhosts/juhulian index d9da75aa0..d9da75aa0 100644 --- a/Zhosts/juhulian +++ b/krebs/Zhosts/juhulian diff --git a/Zhosts/k2 b/krebs/Zhosts/k2 index 588f96cc3..588f96cc3 100644 --- a/Zhosts/k2 +++ b/krebs/Zhosts/k2 diff --git a/Zhosts/kabinett b/krebs/Zhosts/kabinett index e434d4190..e434d4190 100644 --- a/Zhosts/kabinett +++ b/krebs/Zhosts/kabinett diff --git a/Zhosts/kaepsele b/krebs/Zhosts/kaepsele index fc8bf4587..fc8bf4587 100644 --- a/Zhosts/kaepsele +++ b/krebs/Zhosts/kaepsele diff --git a/Zhosts/kalle b/krebs/Zhosts/kalle index 8238887c8..8238887c8 100644 --- a/Zhosts/kalle +++ b/krebs/Zhosts/kalle diff --git a/Zhosts/karthus b/krebs/Zhosts/karthus index 75a8d15d6..75a8d15d6 100644 --- a/Zhosts/karthus +++ b/krebs/Zhosts/karthus diff --git a/Zhosts/khackplug b/krebs/Zhosts/khackplug index c149d93b1..c149d93b1 100644 --- a/Zhosts/khackplug +++ b/krebs/Zhosts/khackplug diff --git a/Zhosts/kheurop b/krebs/Zhosts/kheurop index bbe93fe0f..bbe93fe0f 100644 --- a/Zhosts/kheurop +++ b/krebs/Zhosts/kheurop diff --git a/Zhosts/kiosk b/krebs/Zhosts/kiosk index 8f53a08fe..8f53a08fe 100644 --- a/Zhosts/kiosk +++ b/krebs/Zhosts/kiosk diff --git a/Zhosts/krebsplug b/krebs/Zhosts/krebsplug index ab9c966c1..ab9c966c1 100644 --- a/Zhosts/krebsplug +++ b/krebs/Zhosts/krebsplug diff --git a/Zhosts/kvasir b/krebs/Zhosts/kvasir index 470172528..470172528 100644 --- a/Zhosts/kvasir +++ b/krebs/Zhosts/kvasir diff --git a/Zhosts/laqueus b/krebs/Zhosts/laqueus index 0bdef307e..0bdef307e 100644 --- a/Zhosts/laqueus +++ b/krebs/Zhosts/laqueus diff --git a/Zhosts/linuxatom b/krebs/Zhosts/linuxatom index dfd09b514..dfd09b514 100644 --- a/Zhosts/linuxatom +++ b/krebs/Zhosts/linuxatom diff --git a/Zhosts/luminos b/krebs/Zhosts/luminos index fe04b33da..fe04b33da 100644 --- a/Zhosts/luminos +++ b/krebs/Zhosts/luminos diff --git a/Zhosts/machine b/krebs/Zhosts/machine index 4927fc847..4927fc847 100644 --- a/Zhosts/machine +++ b/krebs/Zhosts/machine diff --git a/Zhosts/makalu b/krebs/Zhosts/makalu index 3d080ca52..3d080ca52 100644 --- a/Zhosts/makalu +++ b/krebs/Zhosts/makalu diff --git a/Zhosts/mako b/krebs/Zhosts/mako index 0488bcaae..0488bcaae 100644 --- a/Zhosts/mako +++ b/krebs/Zhosts/mako diff --git a/Zhosts/miefda0 b/krebs/Zhosts/miefda0 index acf001249..acf001249 100644 --- a/Zhosts/miefda0 +++ b/krebs/Zhosts/miefda0 diff --git a/Zhosts/minikrebs b/krebs/Zhosts/minikrebs index b0d605583..b0d605583 100644 --- a/Zhosts/minikrebs +++ b/krebs/Zhosts/minikrebs diff --git a/Zhosts/mkdir b/krebs/Zhosts/mkdir index 2233fd5b5..2233fd5b5 100644 --- a/Zhosts/mkdir +++ b/krebs/Zhosts/mkdir diff --git a/Zhosts/monitor b/krebs/Zhosts/monitor index 8584f70b1..8584f70b1 100644 --- a/Zhosts/monitor +++ b/krebs/Zhosts/monitor diff --git a/Zhosts/mors b/krebs/Zhosts/mors index be9782b10..be9782b10 100644 --- a/Zhosts/mors +++ b/krebs/Zhosts/mors diff --git a/Zhosts/motor b/krebs/Zhosts/motor index 41ff57438..41ff57438 100644 --- a/Zhosts/motor +++ b/krebs/Zhosts/motor diff --git a/Zhosts/mu b/krebs/Zhosts/mu index 90bca775b..90bca775b 100644 --- a/Zhosts/mu +++ b/krebs/Zhosts/mu diff --git a/Zhosts/muhbaasu b/krebs/Zhosts/muhbaasu index 490fe3fae..490fe3fae 100644 --- a/Zhosts/muhbaasu +++ b/krebs/Zhosts/muhbaasu diff --git a/Zhosts/nomic b/krebs/Zhosts/nomic index f418233c1..f418233c1 100644 --- a/Zhosts/nomic +++ b/krebs/Zhosts/nomic diff --git a/Zhosts/nomic2 b/krebs/Zhosts/nomic2 index 63d83ff54..63d83ff54 100644 --- a/Zhosts/nomic2 +++ b/krebs/Zhosts/nomic2 diff --git a/Zhosts/nukular b/krebs/Zhosts/nukular index 27bd2bfd3..27bd2bfd3 100644 --- a/Zhosts/nukular +++ b/krebs/Zhosts/nukular diff --git a/Zhosts/omo b/krebs/Zhosts/omo index d2788d28c..d2788d28c 100644 --- a/Zhosts/omo +++ b/krebs/Zhosts/omo diff --git a/Zhosts/pic b/krebs/Zhosts/pic index fb091856d..fb091856d 100644 --- a/Zhosts/pic +++ b/krebs/Zhosts/pic diff --git a/Zhosts/pigstarter b/krebs/Zhosts/pigstarter index dd12a0d8e..dd12a0d8e 100644 --- a/Zhosts/pigstarter +++ b/krebs/Zhosts/pigstarter diff --git a/Zhosts/pike b/krebs/Zhosts/pike index 1d47a6144..1d47a6144 100644 --- a/Zhosts/pike +++ b/krebs/Zhosts/pike diff --git a/Zhosts/pnp b/krebs/Zhosts/pnp index 66c99f24d..66c99f24d 100644 --- a/Zhosts/pnp +++ b/krebs/Zhosts/pnp diff --git a/Zhosts/pornocauster b/krebs/Zhosts/pornocauster index cc7d89556..cc7d89556 100644 --- a/Zhosts/pornocauster +++ b/krebs/Zhosts/pornocauster diff --git a/Zhosts/radiotuxmini b/krebs/Zhosts/radiotuxmini index 96c069314..96c069314 100644 --- a/Zhosts/radiotuxmini +++ b/krebs/Zhosts/radiotuxmini diff --git a/Zhosts/random b/krebs/Zhosts/random index 59a354e93..59a354e93 100644 --- a/Zhosts/random +++ b/krebs/Zhosts/random diff --git a/Zhosts/raspafari b/krebs/Zhosts/raspafari index 1e1b48503..1e1b48503 100644 --- a/Zhosts/raspafari +++ b/krebs/Zhosts/raspafari diff --git a/Zhosts/reimae b/krebs/Zhosts/reimae index 125cde652..125cde652 100644 --- a/Zhosts/reimae +++ b/krebs/Zhosts/reimae diff --git a/Zhosts/rmdir b/krebs/Zhosts/rmdir index 09dec741b..09dec741b 100644 --- a/Zhosts/rmdir +++ b/krebs/Zhosts/rmdir diff --git a/Zhosts/robchina b/krebs/Zhosts/robchina index ee67405ae..ee67405ae 100644 --- a/Zhosts/robchina +++ b/krebs/Zhosts/robchina diff --git a/Zhosts/rockit b/krebs/Zhosts/rockit index e67272c35..e67272c35 100644 --- a/Zhosts/rockit +++ b/krebs/Zhosts/rockit diff --git a/Zhosts/rtjure_debian_oder_so b/krebs/Zhosts/rtjure_debian_oder_so index 3000705b4..3000705b4 100644 --- a/Zhosts/rtjure_debian_oder_so +++ b/krebs/Zhosts/rtjure_debian_oder_so diff --git a/Zhosts/rtjure_ras b/krebs/Zhosts/rtjure_ras index ba44cb020..ba44cb020 100644 --- a/Zhosts/rtjure_ras +++ b/krebs/Zhosts/rtjure_ras diff --git a/Zhosts/rtjure_rdrlab_linkstation b/krebs/Zhosts/rtjure_rdrlab_linkstation index dfc8c0311..dfc8c0311 100644 --- a/Zhosts/rtjure_rdrlab_linkstation +++ b/krebs/Zhosts/rtjure_rdrlab_linkstation diff --git a/Zhosts/rubus b/krebs/Zhosts/rubus index aef8d4b39..aef8d4b39 100644 --- a/Zhosts/rubus +++ b/krebs/Zhosts/rubus diff --git a/Zhosts/senderechner b/krebs/Zhosts/senderechner index 4cce73cab..4cce73cab 100644 --- a/Zhosts/senderechner +++ b/krebs/Zhosts/senderechner diff --git a/Zhosts/serenity b/krebs/Zhosts/serenity index 09c519a00..09c519a00 100644 --- a/Zhosts/serenity +++ b/krebs/Zhosts/serenity diff --git a/Zhosts/seruundroid b/krebs/Zhosts/seruundroid index b4f0848e7..b4f0848e7 100644 --- a/Zhosts/seruundroid +++ b/krebs/Zhosts/seruundroid diff --git a/Zhosts/sir_krebs_a_lot b/krebs/Zhosts/sir_krebs_a_lot index f4fffd9d5..f4fffd9d5 100644 --- a/Zhosts/sir_krebs_a_lot +++ b/krebs/Zhosts/sir_krebs_a_lot diff --git a/Zhosts/skirfir b/krebs/Zhosts/skirfir index 0214e7a1c..0214e7a1c 100644 --- a/Zhosts/skirfir +++ b/krebs/Zhosts/skirfir diff --git a/Zhosts/sleipnir b/krebs/Zhosts/sleipnir index 1c82461de..1c82461de 100644 --- a/Zhosts/sleipnir +++ b/krebs/Zhosts/sleipnir diff --git a/Zhosts/smove b/krebs/Zhosts/smove index fc7e194fa..fc7e194fa 100644 --- a/Zhosts/smove +++ b/krebs/Zhosts/smove diff --git a/Zhosts/sokrates b/krebs/Zhosts/sokrates index 97cf1b478..97cf1b478 100644 --- a/Zhosts/sokrates +++ b/krebs/Zhosts/sokrates diff --git a/Zhosts/sokrateslaptop b/krebs/Zhosts/sokrateslaptop index e05f24153..e05f24153 100644 --- a/Zhosts/sokrateslaptop +++ b/krebs/Zhosts/sokrateslaptop diff --git a/Zhosts/soundflower b/krebs/Zhosts/soundflower index 4085fd11f..4085fd11f 100644 --- a/Zhosts/soundflower +++ b/krebs/Zhosts/soundflower diff --git a/Zhosts/steve b/krebs/Zhosts/steve index f86eaa50d..f86eaa50d 100644 --- a/Zhosts/steve +++ b/krebs/Zhosts/steve diff --git a/Zhosts/tahoe b/krebs/Zhosts/tahoe index 3e78595d3..3e78595d3 100644 --- a/Zhosts/tahoe +++ b/krebs/Zhosts/tahoe diff --git a/Zhosts/taschenkrebs b/krebs/Zhosts/taschenkrebs index 94c37eadd..94c37eadd 100644 --- a/Zhosts/taschenkrebs +++ b/krebs/Zhosts/taschenkrebs diff --git a/Zhosts/terrapi b/krebs/Zhosts/terrapi index cf1748eb8..cf1748eb8 100644 --- a/Zhosts/terrapi +++ b/krebs/Zhosts/terrapi diff --git a/Zhosts/thomasDOTde b/krebs/Zhosts/thomasDOTde index ce47b39e8..ce47b39e8 100644 --- a/Zhosts/thomasDOTde +++ b/krebs/Zhosts/thomasDOTde diff --git a/Zhosts/tincdroid b/krebs/Zhosts/tincdroid index c240f3d6b..c240f3d6b 100644 --- a/Zhosts/tincdroid +++ b/krebs/Zhosts/tincdroid diff --git a/Zhosts/tmpd b/krebs/Zhosts/tmpd index 52db6b258..52db6b258 100644 --- a/Zhosts/tmpd +++ b/krebs/Zhosts/tmpd diff --git a/Zhosts/tpsw b/krebs/Zhosts/tpsw index 4e7b2a890..4e7b2a890 100644 --- a/Zhosts/tpsw +++ b/krebs/Zhosts/tpsw diff --git a/Zhosts/tsp b/krebs/Zhosts/tsp index 314abb3f5..314abb3f5 100644 --- a/Zhosts/tsp +++ b/krebs/Zhosts/tsp diff --git a/Zhosts/ufo b/krebs/Zhosts/ufo index 7103515b4..7103515b4 100644 --- a/Zhosts/ufo +++ b/krebs/Zhosts/ufo diff --git a/Zhosts/uriel b/krebs/Zhosts/uriel index f5f6de5f8..f5f6de5f8 100644 --- a/Zhosts/uriel +++ b/krebs/Zhosts/uriel diff --git a/Zhosts/vault b/krebs/Zhosts/vault index 7ed3866c6..7ed3866c6 100644 --- a/Zhosts/vault +++ b/krebs/Zhosts/vault diff --git a/Zhosts/voyager b/krebs/Zhosts/voyager index 216d8dff4..216d8dff4 100644 --- a/Zhosts/voyager +++ b/krebs/Zhosts/voyager diff --git a/Zhosts/wooktop b/krebs/Zhosts/wooktop index bd0cb9454..bd0cb9454 100644 --- a/Zhosts/wooktop +++ b/krebs/Zhosts/wooktop diff --git a/Zhosts/wu b/krebs/Zhosts/wu index a63adc7cc..a63adc7cc 100644 --- a/Zhosts/wu +++ b/krebs/Zhosts/wu diff --git a/Zhosts/ytart b/krebs/Zhosts/ytart index 09a55f65e..09a55f65e 100644 --- a/Zhosts/ytart +++ b/krebs/Zhosts/ytart diff --git a/Zhosts/zombiecancer b/krebs/Zhosts/zombiecancer index c073123f5..c073123f5 100644 --- a/Zhosts/zombiecancer +++ b/krebs/Zhosts/zombiecancer diff --git a/Zpubkeys/deploy_wu.ssh.pub b/krebs/Zpubkeys/deploy_wu.ssh.pub index a54a1ca37..a54a1ca37 100644 --- a/Zpubkeys/deploy_wu.ssh.pub +++ b/krebs/Zpubkeys/deploy_wu.ssh.pub diff --git a/Zpubkeys/lass.ssh.pub b/krebs/Zpubkeys/lass.ssh.pub index 172fd2dda..172fd2dda 100644 --- a/Zpubkeys/lass.ssh.pub +++ b/krebs/Zpubkeys/lass.ssh.pub diff --git a/Zpubkeys/makefu_arch.ssh.pub b/krebs/Zpubkeys/makefu_arch.ssh.pub index 6092ec469..6092ec469 100644 --- a/Zpubkeys/makefu_arch.ssh.pub +++ b/krebs/Zpubkeys/makefu_arch.ssh.pub diff --git a/Zpubkeys/makefu_omo.ssh.pub b/krebs/Zpubkeys/makefu_omo.ssh.pub index 5567040fb..5567040fb 100644 --- a/Zpubkeys/makefu_omo.ssh.pub +++ b/krebs/Zpubkeys/makefu_omo.ssh.pub diff --git a/Zpubkeys/makefu_tsp.ssh.pub b/krebs/Zpubkeys/makefu_tsp.ssh.pub index 9a9c9b6f8..9a9c9b6f8 100644 --- a/Zpubkeys/makefu_tsp.ssh.pub +++ b/krebs/Zpubkeys/makefu_tsp.ssh.pub diff --git a/Zpubkeys/mv_vod.ssh.pub b/krebs/Zpubkeys/mv_vod.ssh.pub index 7b7d2e260..7b7d2e260 100644 --- a/Zpubkeys/mv_vod.ssh.pub +++ b/krebs/Zpubkeys/mv_vod.ssh.pub diff --git a/Zpubkeys/tv_wu.ssh.pub b/krebs/Zpubkeys/tv_wu.ssh.pub index b6e2634e8..b6e2634e8 100644 --- a/Zpubkeys/tv_wu.ssh.pub +++ b/krebs/Zpubkeys/tv_wu.ssh.pub diff --git a/Zpubkeys/uriel.ssh.pub b/krebs/Zpubkeys/uriel.ssh.pub index 015b57837..015b57837 100644 --- a/Zpubkeys/uriel.ssh.pub +++ b/krebs/Zpubkeys/uriel.ssh.pub diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 963d07744..98f3ecd22 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -7,24 +7,38 @@ { imports = [ # Include the results of the hardware scan. - <nixpkgs/nixos/modules/profiles/qemu-guest.nix> + # Base ../2configs/base.nix - ../2configs/cgit-retiolum.nix - # ../2configs/graphite-standalone.nix - ../2configs/vm-single-partition.nix ../2configs/tinc-basic-retiolum.nix + # HW/FS + <nixpkgs/nixos/modules/profiles/qemu-guest.nix> + ../2configs/fs/vm-single-partition.nix + + # Services + ../2configs/git/cgit-retiolum.nix + + ## Reaktor + ## \/ are only plugins, must enable Reaktor explicitly + ../2configs/Reaktor/stockholmLentil.nix + ../2configs/Reaktor/simpleExtend.nix + ../2configs/exim-retiolum.nix ../2configs/urlwatch.nix + + # ../2configs/graphite-standalone.nix ]; + krebs.Reaktor.enable = true; + krebs.build.host = config.krebs.hosts.pnp; krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@pnp"; + krebs.build.deps = { nixpkgs = { url = https://github.com/NixOS/nixpkgs; - rev = "13576925552b1d0751498fdda22e91a055a1ff6c"; + rev = "03921972268934d900cc32dad253ff383926771c"; }; }; diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index 415c1af30..4dcfe4eca 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -13,9 +13,7 @@ ../2configs/tinc-basic-retiolum.nix #../2configs/disable_v6.nix - #../2configs/sda-crypto-root.nix - ../2configs/sda-crypto-root-home.nix - + # environment ../2configs/zsh-user.nix # applications @@ -23,14 +21,22 @@ ../2configs/virtualization.nix ../2configs/wwan.nix + # services + ../2configs/git/brain-retiolum.nix + # ../2configs/Reaktor/simpleExtend.nix + # hardware specifics are in here - ../2configs/tp-x220.nix + ../2configs/hw/tp-x220.nix + # mount points + ../2configs/fs/sda-crypto-root-home.nix ]; krebs.build.host = config.krebs.hosts.pornocauster; krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@pornocauster"; + #krebs.Reaktor.nickname = "makefu|r"; + networking.firewall.allowedTCPPorts = [ 25 ]; @@ -39,7 +45,7 @@ nixpkgs = { url = https://github.com/NixOS/nixpkgs; #url = https://github.com/makefu/nixpkgs; - rev = "13576925552b1d0751498fdda22e91a055a1ff6c"; + rev = "03921972268934d900cc32dad253ff383926771c"; }; }; } diff --git a/makefu/1systems/repunit.nix b/makefu/1systems/repunit.nix index 503fe8f65..d98ff17c1 100644 --- a/makefu/1systems/repunit.nix +++ b/makefu/1systems/repunit.nix @@ -49,7 +49,7 @@ }; krebs.retiolum = { enable = true; - hosts = ../../Zhosts; + hosts = ../../krebs/Zhosts; connectTo = [ "gum" "pigstarter" diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix index 67db22460..3c2bb2eda 100644 --- a/makefu/1systems/tsp.nix +++ b/makefu/1systems/tsp.nix @@ -9,9 +9,9 @@ ../2configs/base.nix ../2configs/base-gui.nix ../2configs/tinc-basic-retiolum.nix - ../2configs/sda-crypto-root.nix + ../2configs/fs/sda-crypto-root.nix # hardware specifics are in here - ../2configs/tp-x200.nix #< imports tp-x2x0.nix + ../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix ../2configs/disable_v6.nix ../2configs/rad1o.nix diff --git a/makefu/2configs/Reaktor/random-issue.sh b/makefu/2configs/Reaktor/random-issue.sh new file mode 100644 index 000000000..5c47c6156 --- /dev/null +++ b/makefu/2configs/Reaktor/random-issue.sh @@ -0,0 +1,20 @@ +#! /bin/sh +set -eu +# requires env: +# $state_dir +# $origin + +# in PATH: git,lentil,coreutils +subdir=`echo "$1" | tr -dc "[:alnum:]"` +name=`echo "$origin" | tr -dc "[:alnum:]"` +track="$state_dir/$name-checkout" +(if test -e "$track" ;then + cd "$track" + git fetch origin master + git reset --hard origin/master +else + git clone "$origin" "$track" +fi) >&2 + +cd "$track" +lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1 diff --git a/makefu/2configs/Reaktor/simpleExtend.nix b/makefu/2configs/Reaktor/simpleExtend.nix new file mode 100644 index 000000000..95175a4e0 --- /dev/null +++ b/makefu/2configs/Reaktor/simpleExtend.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: + +with pkgs; +let + nixos-version-script = pkgs.writeScript "nix-version" '' + #! /bin/sh + . /etc/os-release + echo "$PRETTY_NAME" + ''; +in { + krebs.Reaktor.extraConfig = '' + public_commands.insert(0,{ + 'capname' : "nixos-version", + 'pattern' : indirect_pattern.format("nixos-version"), + 'argv' : ["${nixos-version-script}"], + 'env' : { 'state_dir': workdir } }) + ''; +} + diff --git a/makefu/2configs/Reaktor/stockholmLentil.nix b/makefu/2configs/Reaktor/stockholmLentil.nix new file mode 100644 index 000000000..147fb5a7a --- /dev/null +++ b/makefu/2configs/Reaktor/stockholmLentil.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, ... }: + +with pkgs; +let + random-issue = pkgs.writeScript "random-issue" (builtins.readFile ./random-issue.sh); + random-issue-path = lib.makeSearchPath "bin" (with pkgs; [ + coreutils + git + gnused + lentil]); +in { + # TODO: make origin a variable, <- module is generic enough to handle different origins, not only stockholm + krebs.Reaktor.extraConfig = '' + public_commands.insert(0,{ + 'capname' : "stockholm-issue", + 'pattern' : indirect_pattern.format("stockholm-issue"), + 'argv' : ["${random-issue}"], + 'env' : { 'state_dir': workdir, + 'PATH':'${random-issue-path}', + 'origin':'http://cgit.pnp/stockholm' } }) + ''; +} diff --git a/makefu/2configs/fs/cac-boot-partition.nix b/makefu/2configs/fs/cac-boot-partition.nix new file mode 100644 index 000000000..fdf4b89d8 --- /dev/null +++ b/makefu/2configs/fs/cac-boot-partition.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +# vda1 ext4 (label nixos) -> only root partition +with lib; +{ + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "ext4"; + }; + + hardware.enableAllFirmware = true; + nixpkgs.config.allowUnfree = true; + hardware.cpu.amd.updateMicrocode = true; + +} diff --git a/makefu/2configs/sda-crypto-root-home.nix b/makefu/2configs/fs/sda-crypto-root-home.nix index 3821c7504..3821c7504 100644 --- a/makefu/2configs/sda-crypto-root-home.nix +++ b/makefu/2configs/fs/sda-crypto-root-home.nix diff --git a/makefu/2configs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix index 54db87547..54db87547 100644 --- a/makefu/2configs/sda-crypto-root.nix +++ b/makefu/2configs/fs/sda-crypto-root.nix diff --git a/makefu/2configs/vm-single-partition.nix b/makefu/2configs/fs/vm-single-partition.nix index 78a5e7175..78a5e7175 100644 --- a/makefu/2configs/vm-single-partition.nix +++ b/makefu/2configs/fs/vm-single-partition.nix diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix new file mode 100644 index 000000000..0ab64773f --- /dev/null +++ b/makefu/2configs/git/brain-retiolum.nix @@ -0,0 +1,77 @@ +{ config, lib, pkgs, ... }: +# TODO: remove tv lib :) +with import ../../../tv/4lib { inherit lib pkgs; }; +let + + repos = priv-repos // krebs-repos ; + rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos); + + krebs-repos = mapAttrs make-krebs-repo { + brain = { + desc = "braiiiins"; + }; + }; + + priv-repos = mapAttrs make-priv-repo { + autosync = { }; + }; + + # TODO move users to separate module + make-priv-repo = name: { desc ? null, ... }: { + inherit name desc; + public = false; + }; + + make-krebs-repo = with git; name: { desc ? null, ... }: { + inherit name desc; + public = false; + hooks = { + post-receive = git.irc-announce { + nick = config.networking.hostName; + channel = "#retiolum"; + # TODO remove the hardcoded hostname + server = "cd.retiolum"; + }; + }; + }; + + set-owners = with git;repo: user: + singleton { + inherit user; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + }; + + set-ro-access = with git; repo: user: + optional repo.public { + inherit user; + repo = [ repo ]; + perm = fetch; + }; + + # TODO: get the list of all krebsministers + krebsminister = with config.krebs.users; [ lass tv ]; + all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp ]; + + priv-rules = repo: set-owners repo all-makefu; + + krebs-rules = repo: + set-owners repo all-makefu ++ set-ro-access repo krebsminister; + +in { + imports = [{ + krebs.users.makefu-omo = { + name = "makefu-omo" ; + pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_omo.ssh.pub; + }; + krebs.users.makefu-tsp = { + name = "makefu-tsp" ; + pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_tsp.ssh.pub; + }; + }]; + krebs.git = { + enable = true; + cgit = false; + inherit repos rules; + }; +} diff --git a/makefu/2configs/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 8d9439569..40b51e601 100644 --- a/makefu/2configs/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: # TODO: remove tv lib :) -with import ../../tv/4lib { inherit lib pkgs; }; +with import ../../../tv/4lib { inherit lib pkgs; }; let repos = priv-repos // krebs-repos ; @@ -63,11 +63,11 @@ in { imports = [{ krebs.users.makefu-omo = { name = "makefu-omo" ; - pubkey= with builtins; readFile ../../Zpubkeys/makefu_omo.ssh.pub; + pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_omo.ssh.pub; }; krebs.users.makefu-tsp = { name = "makefu-tsp" ; - pubkey= with builtins; readFile ../../Zpubkeys/makefu_tsp.ssh.pub; + pubkey= with builtins; readFile ../../../krebs/Zpubkeys/makefu_tsp.ssh.pub; }; }]; krebs.git = { diff --git a/makefu/2configs/tp-x200.nix b/makefu/2configs/hw/tp-x200.nix index ed46875d8..ed46875d8 100644 --- a/makefu/2configs/tp-x200.nix +++ b/makefu/2configs/hw/tp-x200.nix diff --git a/makefu/2configs/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix index 787a0639e..f03922150 100644 --- a/makefu/2configs/tp-x220.nix +++ b/makefu/2configs/hw/tp-x220.nix @@ -7,14 +7,19 @@ with lib; boot.kernelModules = [ "kvm-intel" ]; - #services.xserver.vaapiDrivers = [pkgs.vaapiIntel pkgs.vaapiVdpau ]; - services.xserver.vaapiDrivers = []; + services.xserver = { + videoDriver = "intel"; + vaapiDrivers = [ pkgs.vaapiIntel pkgs.vaapiVdpau ]; + deviceSection = '' + Option "AccelMethod" "sna" + ''; + }; services.xserver.displayManager.sessionCommands ='' xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 - xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5 + # xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200 ''; } diff --git a/makefu/2configs/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index b79d94b4a..aa2fc2050 100644 --- a/makefu/2configs/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -11,9 +11,13 @@ with lib; zramSwap.enable = true; zramSwap.numDevices = 2; - hardware.trackpoint.enable = true; - hardware.trackpoint.sensitivity = 220; - hardware.trackpoint.speed = 220; + hardware.trackpoint = { + enable = true; + sensitivity = 220; + speed = 220; + emulateWheel = true; + }; + services.tlp.enable = true; services.tlp.extraConfig = '' diff --git a/makefu/2configs/tinc-basic-retiolum.nix b/makefu/2configs/tinc-basic-retiolum.nix index cb1991bd6..fd6d1683d 100644 --- a/makefu/2configs/tinc-basic-retiolum.nix +++ b/makefu/2configs/tinc-basic-retiolum.nix @@ -4,7 +4,7 @@ with lib; { krebs.retiolum = { enable = true; - hosts = ../../Zhosts; + hosts = ../../krebs/Zhosts; connectTo = [ "gum" "pigstarter" diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 015f472f7..417808425 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with import ../../krebs/4lib { inherit lib; }; +with lib; let cfg = config.krebs; diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 9f412d9b8..b385848f1 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -2,10 +2,6 @@ with lib; -let - tvpkgs = import ../5pkgs { inherit pkgs; }; -in - { krebs.build.host = config.krebs.hosts.cd; krebs.build.user = config.krebs.users.tv; @@ -29,13 +25,13 @@ in ../2configs/CAC-Developer-2.nix ../2configs/CAC-CentOS-7-64bit.nix ../2configs/base.nix - ../2configs/consul-server.nix + #../2configs/consul-server.nix ../2configs/git.nix { imports = [ ../2configs/charybdis.nix ]; tv.charybdis = { enable = true; - sslCert = ../../Zcerts/charybdis_cd.crt.pem; + sslCert = ../Zcerts/charybdis_cd.crt.pem; }; } { @@ -136,7 +132,7 @@ in server-names = singleton "viljetic.de"; # TODO directly set root (instead via location) locations = singleton (nameValuePair "/" '' - root ${tvpkgs.viljetic-pages}; + root ${pkgs.viljetic-pages}; ''); }; } @@ -171,6 +167,7 @@ in iptables mutt # for mv nethogs + ntp # ntpate rxvt_unicode.terminfo tcpdump ]; diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index 028e53539..f08e74bbe 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -24,7 +24,7 @@ with lib; imports = [ ../2configs/AO753.nix ../2configs/base.nix - ../2configs/consul-server.nix + #../2configs/consul-server.nix ../2configs/git.nix { tv.iptables = { @@ -112,6 +112,7 @@ with lib; exit 23 esac '') + ntp # ntpate rxvt_unicode.terminfo tmux ]; diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index e48da90ad..6cd1565f7 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -2,10 +2,6 @@ with lib; -let - tvpkgs = import ../5pkgs { inherit pkgs; }; -in - { krebs.build.host = config.krebs.hosts.wu; krebs.build.user = config.krebs.users.tv; @@ -28,22 +24,23 @@ in imports = [ ../2configs/w110er.nix ../2configs/base.nix - ../2configs/consul-client.nix + #../2configs/consul-client.nix ../2configs/git.nix ../2configs/mail-client.nix ../2configs/xserver.nix ../2configs/synaptics.nix # TODO w110er if xserver is enabled + ../2configs/test.nix ../2configs/urlwatch.nix { environment.systemPackages = with pkgs; [ # stockholm + genid git gnumake + hashPassword + lentil parallel - tvpkgs.genid - tvpkgs.hashPassword - tvpkgs.lentil (pkgs.writeScriptBin "ff" '' #! ${pkgs.bash}/bin/bash exec sudo -u ff -i <<EOF @@ -71,6 +68,8 @@ in # tv bc bind # dig + cac + dic file gitAndTools.qgit gnupg21 @@ -83,16 +82,15 @@ in netcat nix-repl nmap + nq p7zip pavucontrol posix_man_pages + pssh qrencode sxiv texLive tmux - tvpkgs.cac - tvpkgs.dic - tvpkgs.nq zathura #ack diff --git a/tv/2configs/charybdis.nix b/tv/2configs/charybdis.nix index a2952219d..a949026de 100644 --- a/tv/2configs/charybdis.nix +++ b/tv/2configs/charybdis.nix @@ -1,9 +1,5 @@ { config, lib, pkgs, ... }: -let - tvpkgs = import ../5pkgs { inherit pkgs; }; -in - with builtins; with lib; let @@ -63,7 +59,7 @@ let ExecStart = pkgs.writeScript "charybdis-service" '' #! /bin/sh set -euf - exec ${tvpkgs.charybdis}/bin/charybdis-ircd \ + exec ${pkgs.charybdis}/bin/charybdis-ircd \ -foreground \ -logfile /dev/stderr \ -configfile ${configFile} diff --git a/tv/2configs/mail-client.nix b/tv/2configs/mail-client.nix index a632cf7c4..8b6f8bbcd 100644 --- a/tv/2configs/mail-client.nix +++ b/tv/2configs/mail-client.nix @@ -1,7 +1,6 @@ { pkgs, ... }: -with import ../5pkgs { inherit pkgs; }; - +with pkgs; { environment.systemPackages = [ much diff --git a/tv/2configs/test.nix b/tv/2configs/test.nix new file mode 100644 index 000000000..409b4e9b4 --- /dev/null +++ b/tv/2configs/test.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with import ../4lib { inherit lib pkgs; }; + +let + out = { + environment.systemPackages = [ + su-test + ]; + security.sudo.extraConfig = '' + tv ALL=(test) NOPASSWD: ALL + ''; + users.extraUsers.test = { + shell = "${test-shell}"; + }; + }; + + su-test = pkgs.execveBin "su-test" rec { + filename = "/var/setuid-wrappers/sudo"; + argv = ["sudo" "-u" "test" "-i"]; + }; + + test-shell = pkgs.execve "test-shell" rec { + filename = "${pkgs.bash}/bin/bash"; + argv = ["sh" "--noprofile" "-l"]; + envp.ENV = pkgs.writeText "test-env" '' + ${shell.cat "Hello, `$(j0w\nd0g!)`!\\o/\n"} >&2 + ''; + }; + +in out diff --git a/tv/4lib/default.nix b/tv/4lib/default.nix index 352689af4..106535ba2 100644 --- a/tv/4lib/default.nix +++ b/tv/4lib/default.nix @@ -16,12 +16,5 @@ krebs // rec { # "7.4.335" -> "74" majmin = with lib; x : concatStrings (take 2 (splitString "." x)); - shell-escape = - let - isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null; - in - stringAsChars (c: - if isSafeChar c then c - else if c == "\n" then "'\n'" - else "\\${c}"); + shell-escape = krebs.shell.escape; } diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 7b5d10a60..4175292f2 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -2,12 +2,8 @@ let inherit (pkgs) callPackage; - kpkgs = import ../../krebs/5pkgs { inherit pkgs; }; in -kpkgs // { - charybdis = callPackage ./charybdis {}; - lentil = callPackage ./lentil {}; - much = callPackage ./much.nix {}; +{ viljetic-pages = callPackage ./viljetic-pages {}; } diff --git a/Zcerts/charybdis_cd.crt.pem b/tv/Zcerts/charybdis_cd.crt.pem index c613ff380..c613ff380 100644 --- a/Zcerts/charybdis_cd.crt.pem +++ b/tv/Zcerts/charybdis_cd.crt.pem |