summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/lass/default.nix40
-rw-r--r--krebs/3modules/tinc.nix8
-rw-r--r--krebs/5pkgs/haskell/blessings.nix17
-rw-r--r--krebs/nixpkgs-unstable.json7
-rw-r--r--krebs/nixpkgs.json6
-rwxr-xr-xkrebs/update-nixpkgs-unstable.sh9
-rwxr-xr-xkrebs/update-nixpkgs.sh (renamed from krebs/update-channel.sh)0
7 files changed, 69 insertions, 18 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index a8314e11c..78f3542fa 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -638,6 +638,46 @@ in {
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f ";
};
+ hilum = {
+ cores = 1;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.20.123";
+ ip6.addr = r6 "005b";
+ aliases = [
+ "hilum.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAul1zLdJ76kIqVWjxT2bb
+ pLx6gu6VycxaDcWAoTWSjPsOT2IJf3NYC6i8D6WASnRqR6djp06OG7Onu0r5hZhi
+ V5nelDUvR75qVAx9ZeuQDSdNpWuVMds/C3cQM6QQHD1kFwnr2n6VH/qy0W9duW8c
+ SGX3C80nRpmY0cCEEnxFdFdLSd0c15M+lFVAaqh2225ujXyyvkwH874yvpWLPSdh
+ 4xjZdrOFarl5yb9q83HcZsdunn+469BeKCWB8bs+nRsp9Wwj1en1yAZTB3WazYNE
+ saFQ0xGa7VGfHN0PjqgZEF2I2IiQJ+H3N5XRQ7dcJzsDRB8lMrCx2ynJkJRSjLXz
+ vgZjW+Rf47V9CLRjJGCp1xh6GbXqjsIYh5yqZkgH4Sm1VpMBYdr/kLjiygwzV8jY
+ 8uoBUgEHLc5B73/D3GlMe3bOJmxxMfyPITVTFHgznycalBNBSsgKpIwWae6LbYhZ
+ wrpi66IQOyC6YYThqn8pz3KUz17HxyacA/mS6/jcRP+IiHb9CYcS4BsjTpH3NnM3
+ RkSWE3FGE+ULH1W/VeA8pZRKAR1rypvMRdewbFTQpe/dNgif5O5Fe/7l/6KDzzCh
+ Zqqr6sEFhutPUd6PcaVtQlfzYkJ9MGYWYr4S17D7Q9V0H37a0AcRaYH59FCmlFjl
+ 87b8jfJNXlKFW+EBxBxN2uECAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ wiregrill = {
+ ip6.addr = w6 "005b";
+ aliases = [
+ "hilum.w"
+ ];
+ wireguard.pubkey = ''
+ 0DRcCDR0O+UqV07DsGfS4On+6YaZ3LPfvni9u1NZNhw=
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPARXXe0HaP1r0pLqtInhnbYSZsP0g4VC6aaWP7qi5+w";
+ syncthing.id = "J6PHKTS-2JG5NOL-H5ZWOF6-6L6ENA7-L4RO6DV-BQHU7YL-CHOLDCC-S5YX3AC";
+ };
};
users = rec {
lass = lass-blue;
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index 24eac7158..ed00d187c 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -110,8 +110,12 @@ let
hostsArchive = mkOption {
type = types.package;
default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} ''
- ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts
- ${pkgs.gnutar}/bin/tar -hcjf $out hosts
+ cp \
+ --no-preserve=mode \
+ --recursive \
+ ${tinc.config.hostsPackage} \
+ hosts
+ ${pkgs.gnutar}/bin/tar -cjf $out hosts
'';
readOnly = true;
};
diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix
index 55f2d17d0..b0e81fdc1 100644
--- a/krebs/5pkgs/haskell/blessings.nix
+++ b/krebs/5pkgs/haskell/blessings.nix
@@ -6,19 +6,10 @@ with import <stockholm/lib>;
version = "1.1.0";
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
};
- "18.09" = {
- version = "2.2.0";
- sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
- };
- "19.03" = {
- version = "2.2.0";
- sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
- };
- "19.09" = {
- version = "2.2.0";
- sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
- };
- }.${versions.majorMinor version};
+ }.${versions.majorMinor version} or {
+ version = "2.2.0";
+ sha256 = "1pb56dgf3jj2kq3cbbppwzyg3ccgqy9xara62hkjwyxzdx20clk1";
+ };
in mkDerivation {
pname = "blessings";
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
new file mode 100644
index 000000000..5f8f0c771
--- /dev/null
+++ b/krebs/nixpkgs-unstable.json
@@ -0,0 +1,7 @@
+{
+ "url": "https://github.com/NixOS/nixpkgs-channels",
+ "rev": "d484f2b7fc0834a068e8ace851faa449a03963f5",
+ "date": "2019-09-20T22:58:43+02:00",
+ "sha256": "0jk93ikryi2hqc30l2n5i4vlgmklrlzb8cf7b3sg1q3k70q344jn",
+ "fetchSubmodules": false
+}
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index a72f5cad5..f1dd0bf6d 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "8a30e242181410931bcd0384f7147b6f1ce286a2",
- "date": "2019-09-10T08:24:01-04:00",
- "sha256": "0574zwcgy3pqjcxli4948sd3sy6h0qw6fvsm4r530gqj41gpwf6b",
+ "rev": "021d733ea3f87b8c9232020b4e606d08eaca160b",
+ "date": "2019-09-20T08:20:21+02:00",
+ "sha256": "13600nzrakvg2hsfg5yr7x0jp9m762nvjyddf07q60d3m7vx9jxy",
"fetchSubmodules": false
}
diff --git a/krebs/update-nixpkgs-unstable.sh b/krebs/update-nixpkgs-unstable.sh
new file mode 100755
index 000000000..068da5f6f
--- /dev/null
+++ b/krebs/update-nixpkgs-unstable.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+dir=$(dirname $0)
+oldrev=$(cat $dir/nixpkgs-unstable.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
+nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
+ --url https://github.com/NixOS/nixpkgs-channels \
+ --rev refs/heads/nixos-unstable' \
+> $dir/nixpkgs-unstable.json
+newrev=$(cat $dir/nixpkgs-unstable.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
+git commit $dir/nixpkgs.json -m "nixpkgs-unstable: $oldrev -> $newrev"
diff --git a/krebs/update-channel.sh b/krebs/update-nixpkgs.sh
index 08354357a..08354357a 100755
--- a/krebs/update-channel.sh
+++ b/krebs/update-nixpkgs.sh