summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--0make/makefu/pnp.makefile4
-rw-r--r--Zpubkeys/makefu_omo.ssh.pub1
-rw-r--r--makefu/1systems/pnp.nix (renamed from 1systems/makefu/pnp.nix)19
-rw-r--r--makefu/2configs/base.nix (renamed from 2configs/makefu/base.nix)1
-rw-r--r--makefu/2configs/cgit-retiolum.nix (renamed from 2configs/makefu/cgit-retiolum.nix)41
-rw-r--r--makefu/3modules/default.nix (renamed from 3modules/makefu/default.nix)2
6 files changed, 45 insertions, 23 deletions
diff --git a/0make/makefu/pnp.makefile b/0make/makefu/pnp.makefile
deleted file mode 100644
index a18efe0e0..000000000
--- a/0make/makefu/pnp.makefile
+++ /dev/null
@@ -1,4 +0,0 @@
-deploy_host := root@pnp
-nixpkgs_url := https://github.com/nixos/nixpkgs
-nixpkgs_rev := 4c01e6d91993b6de128795f4fbdd25f6227fb870
-secrets_dir := /home/makefu/secrets/pnp
diff --git a/Zpubkeys/makefu_omo.ssh.pub b/Zpubkeys/makefu_omo.ssh.pub
new file mode 100644
index 000000000..5567040fb
--- /dev/null
+++ b/Zpubkeys/makefu_omo.ssh.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch
diff --git a/1systems/makefu/pnp.nix b/makefu/1systems/pnp.nix
index 1019c4d70..4c4ce716f 100644
--- a/1systems/makefu/pnp.nix
+++ b/makefu/1systems/pnp.nix
@@ -8,10 +8,25 @@
imports =
[ # Include the results of the hardware scan.
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
- ../../2configs/makefu/base.nix
- ../../2configs/makefu/cgit-retiolum.nix
+ ../2configs/base.nix
+ ../2configs/cgit-retiolum.nix
];
krebs.build.host = config.krebs.hosts.pnp;
+ krebs.build.user = config.krebs.users.makefu;
+ krebs.build.target = "root@pnp";
+
+ krebs.build.deps = {
+ nixpkgs = {
+ url = https://github.com/NixOS/nixpkgs;
+ rev = "4c01e6d91993b6de128795f4fbdd25f6227fb870";
+ };
+ secrets = {
+ url = "/home/makefu/secrets/${config.krebs.build.host.name}";
+ };
+ stockholm = {
+ url = toString ../..;
+ };
+ };
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
diff --git a/2configs/makefu/base.nix b/makefu/2configs/base.nix
index b052b13e4..8dfb2ef27 100644
--- a/2configs/makefu/base.nix
+++ b/makefu/2configs/base.nix
@@ -39,6 +39,7 @@ with lib;
'';
environment.systemPackages = with pkgs; [
+ jq
git
vim
gnumake
diff --git a/2configs/makefu/cgit-retiolum.nix b/makefu/2configs/cgit-retiolum.nix
index 7b8e3bc97..7dfb181c5 100644
--- a/2configs/makefu/cgit-retiolum.nix
+++ b/makefu/2configs/cgit-retiolum.nix
@@ -1,17 +1,8 @@
{ config, lib, pkgs, ... }:
# TODO: remove tv lib :)
-with import ../../4lib/tv { inherit lib pkgs; };
+with import ../../tv/4lib { inherit lib pkgs; };
let
- out = {
- imports = [ ../../3modules/krebs/git.nix ];
- krebs.git = {
- enable = true;
- root-title = "public repositories ";
- root-desc = "keep on krebsing";
- inherit repos rules;
- };
- };
repos = priv-repos // krebs-repos ;
rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos);
@@ -39,12 +30,13 @@ let
post-receive = git.irc-announce {
nick = config.networking.hostName;
channel = "#retiolum";
+ # TODO remove the hardcoded hostname
server = "cd.retiolum";
};
};
};
- set-owners = with git; repo: user:
+ set-owners = with git;repo: user:
singleton {
inherit user;
repo = [ repo ];
@@ -61,10 +53,27 @@ let
# TODO: get the list of all krebsministers
krebsminister = with config.krebs.users; [ lass tv uriel ];
- priv-rules = with config.krebs.users; repo:
- set-owners repo [ makefu ];
+ #all-makefu = with config.krebs.users; [ makefu ];
+
+
+ all-makefu = with config.krebs.users; [ makefu makefu-omo ];
- krebs-rules = with config.krebs.users; repo:
- set-owners repo [ makefu ] ++ set-ro-access repo krebsminister ;
+ priv-rules = repo: set-owners repo all-makefu;
-in out
+ krebs-rules = repo:
+ set-owners repo all-makefu ++ set-ro-access repo krebsminister;
+
+in {
+ imports = [{
+ krebs.users.makefu-omo = {
+ name = "makefu-omo" ;
+ pubkey= with builtins; readFile ../../Zpubkeys/makefu_omo.ssh.pub;
+ };
+ }];
+ krebs.git = {
+ enable = true;
+ root-title = "public repositories";
+ root-desc = "keep on krebsing";
+ inherit repos rules;
+ };
+}
diff --git a/3modules/makefu/default.nix b/makefu/3modules/default.nix
index 45ca8c3eb..015f472f7 100644
--- a/3modules/makefu/default.nix
+++ b/makefu/3modules/default.nix
@@ -1,6 +1,6 @@
{ config, lib, ... }:
-with import ../../4lib/krebs { inherit lib; };
+with import ../../krebs/4lib { inherit lib; };
let
cfg = config.krebs;