From b836a43a395e0f2860b3243702caf53c53a6664a Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 18 Jun 2017 23:23:28 +0200 Subject: m 2 dirctator: bump to latest logstash5 --- makefu/2configs/deployment/dirctator.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/deployment/dirctator.nix b/makefu/2configs/deployment/dirctator.nix index b8e61955d..4f2f8818d 100644 --- a/makefu/2configs/deployment/dirctator.nix +++ b/makefu/2configs/deployment/dirctator.nix @@ -25,6 +25,10 @@ in { stdout { codec => rubydebug } exec { command => "${runit} '%{message}" } ''; - plugins = [ ]; + extraSettings = '' + path.plugins: [ "${pkgs.logstash-output-exec}" ] + ''; + ## NameError: `@path.plugins' is not allowable as an instance variable name + # plugins = [ pkgs.logstash-output-exec ]; }; } -- cgit v1.2.3 From 8c5cc416ace4bf4a251c878ad660e3a043bdb0ab Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 15:32:38 +0200 Subject: doc: init Commit Messages Guideline Based on the discussion irc://ni.r/#retiolum at 2017-06-26 --- doc/Commit_Messages_Guideline.md | 53 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 doc/Commit_Messages_Guideline.md diff --git a/doc/Commit_Messages_Guideline.md b/doc/Commit_Messages_Guideline.md new file mode 100644 index 000000000..e704ee575 --- /dev/null +++ b/doc/Commit_Messages_Guideline.md @@ -0,0 +1,53 @@ +# Commit Messages Guideline + +Commits SHOULD have the following format: + +``` + : + + + +(: )? +``` + +## `` +Defines where the change took place. This can be omitted if the +namespace is `krebs`. Namespaces may be shortened to one to four characters ( +lassulus -> lass, makefu -> make, tv -> tv, shared -> sha) + +## `` +Name of the component which was touched. `component` is +rather fuzzy and may mean different things, just choose what would fit best. + +Here are a numbers of samples for defining the component: + +* Change `gum` in `krebs/3modules/makefu/default.nix`: `gum.r: change ip` +* Change `prepare.sh` in `krebs/4libs/infest`: `infest: prepare stockholm ISO` +* Remove `concat` in `krebs/5pkgs`: `concat: RIP`, this commit may like some `` +* Update `types` in `krebs/3modules`: `lib/types: add managed bool to host type` +* Change host `gum` in `makefu/1systems/gum`: `ma gum.r: add taskserver` +* Change `tinc` module in `krebs/3modules`: `tinc module: add option enableLegacy` + +## `` +Describe some trivia why the commit was done: +``` +whatsupnix: init + +Import from https://github.com/NixOS/nix/issues/443#issuecomment-296752535 +``` + +## `` +Defines external resouces related to the commit: +``` +Closes: #123533 +CVE: CVE-2016-00001 +URL: https://example.com/CVE-2016-00001 +``` + +## Remarks +As a general rule of thumb you can check out: https://www.slideshare.net/TarinGamberini/commit-messages-goodpractices +Of course the pattern not always fits perfectly (for example for refactoring), +just apply some common sense and define a useful commit message, +like `refactor krebs.setuid`. + + -- cgit v1.2.3 From d8f6c52b76feaeac9240a9749f2b38c19f155b9e Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:00:37 +0200 Subject: ma hw: refactor --- makefu/2configs/hw/exfat-nofuse.nix | 4 ++++ makefu/2configs/hw/stk1160.nix | 3 +-- makefu/2configs/hw/wwan.nix | 8 ++++++++ makefu/2configs/wwan.nix | 8 -------- 4 files changed, 13 insertions(+), 10 deletions(-) create mode 100644 makefu/2configs/hw/exfat-nofuse.nix create mode 100644 makefu/2configs/hw/wwan.nix delete mode 100644 makefu/2configs/wwan.nix diff --git a/makefu/2configs/hw/exfat-nofuse.nix b/makefu/2configs/hw/exfat-nofuse.nix new file mode 100644 index 000000000..ca3485e9f --- /dev/null +++ b/makefu/2configs/hw/exfat-nofuse.nix @@ -0,0 +1,4 @@ +{ config, ... }: +{ + boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; +} diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix index b4d033d76..e73741e26 100644 --- a/makefu/2configs/hw/stk1160.nix +++ b/makefu/2configs/hw/stk1160.nix @@ -1,9 +1,8 @@ { pkgs, ... }: { # TODO: un-pin linuxPackages somehow - boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages_4_9; nixpkgs.config.packageOverrides = pkgs: { - linux_4_9 = pkgs.linux_4_9.override { + linux_latest = pkgs.linux_latest.override { extraConfig = '' MEDIA_ANALOG_TV_SUPPORT y VIDEO_STK1160_COMMON m diff --git a/makefu/2configs/hw/wwan.nix b/makefu/2configs/hw/wwan.nix new file mode 100644 index 000000000..0eb0c97d7 --- /dev/null +++ b/makefu/2configs/hw/wwan.nix @@ -0,0 +1,8 @@ +_: + +{ + makefu.umts = { + enable = true; + modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; + }; +} diff --git a/makefu/2configs/wwan.nix b/makefu/2configs/wwan.nix deleted file mode 100644 index 0eb0c97d7..000000000 --- a/makefu/2configs/wwan.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: - -{ - makefu.umts = { - enable = true; - modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; - }; -} -- cgit v1.2.3 From 0b88f7d2fee456eb0a5c8ec426e5d6f5d7d2e1f3 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:00:54 +0200 Subject: ma x.r: cleanup imports --- makefu/1systems/x.nix | 49 ++++++++++++++++++------------------------------- 1 file changed, 18 insertions(+), 31 deletions(-) diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index ee3a7bb1b..77b9915ae 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -13,59 +13,48 @@ with import ; ../2configs/tools/all.nix ../2configs/laptop-backup.nix ../2configs/dnscrypt.nix + ../2configs/avahi.nix - # testing - # ../2configs/openvpn/vpngate.nix - #../2configs/temp/share-samba.nix - # ../2configs/mediawiki.nix - # ../2configs/wordpress.nix - # ../2configs/nginx/public_html.nix - # ../2configs/nginx/icecult.nix - - # ../2configs/elchos/irc-token.nix - # ../2configs/elchos/log.nix - - #../2configs/elchos/search.nix - #../2configs/elchos/stats.nix - #../2configs/elchos/test/ftpservers.nix - - # ../2configs/tinc/siem.nix - #../2configs/torrent.nix - # temporary modules - - # ../2configs/torrent.nix - #../2configs/temp/elkstack.nix - # ../2configs/temp/sabnzbd.nix + # Debugging + # ../2configs/disable_v6.nix + # Testing + # ../2configs/deployment/dirctator.nix + # ../2configs/vncserver.nix + # ../2configs/deployment/led-fader + # ../2configs/deployment/hound # development ../2configs/sources # Krebs - # ../2configs/disable_v6.nix ../2configs/tinc/retiolum.nix # applications ../2configs/exim-retiolum.nix ../2configs/mail-client.nix ../2configs/printer.nix + + # Virtualization ../2configs/virtualization.nix + ../2configs/docker.nix ../2configs/virtualization-virtualbox.nix - ../2configs/wwan.nix - ../2configs/rad1o.nix - # services + # Services ../2configs/git/brain-retiolum.nix ../2configs/tor.nix ../2configs/steam.nix # ../2configs/buildbot-standalone.nix - # hardware specifics are in here + # Hardware ../2configs/hw/tp-x230.nix ../2configs/hw/rtl8812au.nix - ../2configs/hw/stk1160.nix + ../2configs/hw/exfat-nofuse.nix + ../2configs/hw/wwan.nix + # ../2configs/hw/stk1160.nix + # ../2configs/rad1o.nix - # mount points + # Filesystem ../2configs/fs/sda-crypto-root-home.nix ]; @@ -76,10 +65,8 @@ with import ; nixpkgs.config.allowUnfree = true; - boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; environment.systemPackages = [ pkgs.passwdqc-utils ]; - virtualisation.docker.enable = true; # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; -- cgit v1.2.3 From 02eeb5a550728213c0777ccb1a5b2392f8fef18a Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:01:36 +0200 Subject: ma tools: add more software --- makefu/2configs/tools/dev.nix | 2 ++ makefu/2configs/tools/extra-gui.nix | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 4fe7f8bf4..e40f5b36f 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -12,5 +12,7 @@ cac-api cac-panel ovh-zone + whatsupnix + brain ]; } diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 56cdccd1f..1e68e935c 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -2,13 +2,16 @@ { krebs.per-user.makefu.packages = with pkgs;[ + # media gimp inkscape libreoffice - saleae-logic skype synergy tdesktop virtmanager + # Dev + saleae-logic + arduino-user-env ]; } -- cgit v1.2.3 From 4221210d5a495f9033d9e566b6f926d3fcc9aec5 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:01:50 +0200 Subject: ma docker: init config --- makefu/2configs/docker.nix | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 makefu/2configs/docker.nix diff --git a/makefu/2configs/docker.nix b/makefu/2configs/docker.nix new file mode 100644 index 000000000..98fd980cc --- /dev/null +++ b/makefu/2configs/docker.nix @@ -0,0 +1,4 @@ +{...}: +{ + virtualisation.docker.enable = true; +} -- cgit v1.2.3 From 319add434302276a52590f1bca3701ee45443cc5 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:08:27 +0200 Subject: doc/makefu: init logbook add the logbooks i created for install_fileleech and transfer of gum --- doc/makefu/logbook/install_fileleech.md | 17 +++++++++++++++++ doc/makefu/logbook/transfer_gum.md | 16 ++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 doc/makefu/logbook/install_fileleech.md create mode 100644 doc/makefu/logbook/transfer_gum.md diff --git a/doc/makefu/logbook/install_fileleech.md b/doc/makefu/logbook/install_fileleech.md new file mode 100644 index 000000000..15f8c1bca --- /dev/null +++ b/doc/makefu/logbook/install_fileleech.md @@ -0,0 +1,17 @@ +# install fileleech + +``` +builder$ python3 host.py --create-ssh-keys --create-passwords fileleech +iso$ fdisk /dev/sda # 3 partitions, grub,boot,crypt +iso$ cryptsetup luksFormat /dev/sda3 --cipher aes-xts-plain64 -s 512 -h sha512 +iso$ cryptsetup luksAddKey /dev/sda3 hddkey +iso$ cryptsetup luksOpen --keyfile-size=4096 -d /dev/disk/by-id/usb-Intuix_DiskOnKey_09A07360336198F8-0:0 /dev/disk/by-id/ata-INTEL_SSDSA2M080G2GC_CVPO003402PB080BGN-part3 luksroot +iso$ mkfs.ext4 -Lnixboot /dev/sda2 +iso$ mkfs.ext4 -Lroot /dev/mapper/luksroot +iso$ echo 1 > /proc/sys/net/ipv6/conf/enp8s0f0/disable_ipv6 +iso$ mount /dev/mapper/luksroot /mnt +iso$ mkdir /mnt/boot +iso$ mount /dev/sda2 /mnt/boot +iso$ mkdir -p /mnt/var/src +iso$ touch /mnt/var/src/.populate +``` diff --git a/doc/makefu/logbook/transfer_gum.md b/doc/makefu/logbook/transfer_gum.md new file mode 100644 index 000000000..5f9c88256 --- /dev/null +++ b/doc/makefu/logbook/transfer_gum.md @@ -0,0 +1,16 @@ +# transfer gum to new hosts + +``` +builder$ vim krebs/3modules/makefu/default.nix +## update ip +builder$ vim makefu/1systems/gum.nix +## update hardware config + +old-gum$ rsync --progress -lprtvzF . :/mnt/ + +new-gum$ touch /mnt/var/src/.populate +new-gum$ gdisk /dev/sda r;g;w # gpt to mbr + +builder$ make -C ~/stockholm system=gum target=vcygfnhdxyxr47zu.onion install + +``` -- cgit v1.2.3 From 622d0dc0f266f94cfd5e6a5eec0ae254fec60ba3 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:22:47 +0200 Subject: ma task-client: systemPackages -> per-user --- makefu/2configs/task-client.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 makefu/2configs/task-client.nix diff --git a/makefu/2configs/task-client.nix b/makefu/2configs/task-client.nix new file mode 100644 index 000000000..330616f4a --- /dev/null +++ b/makefu/2configs/task-client.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: +{ + krebs.per-user.makefu.packages = [ + pkgs.taskwarrior + ]; + + environment.shellAliases = { + tshack = "task project:shack"; + twork = "task project:soc"; + tpki = "task project:pki"; + tkrebs = "task project:krebs"; + t = "task project: "; + }; +} -- cgit v1.2.3 From 1f72a5d66bbbc9f213e3fa5de071d06a1818d930 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 17:06:22 +0200 Subject: ma arduino-user-env: init --- makefu/5pkgs/arduino-user-env/default.nix | 35 +++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 makefu/5pkgs/arduino-user-env/default.nix diff --git a/makefu/5pkgs/arduino-user-env/default.nix b/makefu/5pkgs/arduino-user-env/default.nix new file mode 100644 index 000000000..7339c50a2 --- /dev/null +++ b/makefu/5pkgs/arduino-user-env/default.nix @@ -0,0 +1,35 @@ +{ lib, pkgs, ... }: let + +#TODO: make sure env exists prior to running +env_nix = pkgs.writeText "env.nix" '' + { pkgs ? import {} }: + + (pkgs.buildFHSUserEnv { + name = "arduino-user-env"; + targetPkgs = pkgs: with pkgs; [ + coreutils + ]; + multiPkgs = pkgs: with pkgs; [ + arduino + alsaLib + zlib + xorg.libXxf86vm + curl + openal + openssl_1_0_2 + xorg.libXext + xorg.libX11 + xorg.libXrandr + xorg.libXcursor + xorg.libXinerama + xorg.libXi + mesa_glu + ]; + runScript = "zsh"; + }).env +''; + + +in pkgs.writeDashBin "arduino-user-env" '' + nix-shell ${env_nix} +'' -- cgit v1.2.3 From d58e8035b4101b20539279247ec083b72ba0a647 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 14:22:11 +0200 Subject: k 4 infest: prepare Regression for stockholm --- krebs/4lib/infest/prepare.sh | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh index 50d521e17..8e921ce06 100644 --- a/krebs/4lib/infest/prepare.sh +++ b/krebs/4lib/infest/prepare.sh @@ -36,14 +36,7 @@ prepare() {( ;; esac ;; - nixos) - case $(cat /proc/cmdline) in - *' root=LABEL=NIXOS_ISO '*) - prepare_nixos_iso "$@" - exit - esac - ;; - stockholm) + nixos|stockholm) case $(cat /proc/cmdline) in *' root=LABEL=NIXOS_ISO '*) prepare_nixos_iso "$@" @@ -102,7 +95,8 @@ prepare_nixos_iso() { mkdir -p bin rm -f bin/nixos-install cp "$(type -p nixos-install)" bin/nixos-install - sed -i "s@^NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install + sed -i 's@^\(\(export \|\)NIX_PATH\)=\"[^\"]*\"@\1=$target_path@' bin/nixos-install + } get_nixos_install() { @@ -217,7 +211,7 @@ prepare_common() {( mkdir -p bin rm -f bin/nixos-install cp "$(type -p nixos-install)" bin/nixos-install - sed -i "s@^NIX_PATH=\"[^\"]*\"@NIX_PATH=$target_path@" bin/nixos-install + sed -i 's@^\(\(export \|\)NIX_PATH\)=\"[^\"]*\"@\1=$target_path@' bin/nixos-install if ! grep -q '^PATH.*#krebs' .bashrc; then echo '. /root/.nix-profile/etc/profile.d/nix.sh' >> .bashrc -- cgit v1.2.3