From 7adf24631f14409208376f5554c31db73e4af0c8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 20:42:12 +0200 Subject: l nixpkgs: d151161 -> 670b4e2 (17.09) --- lass/source.nix | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/lass/source.nix b/lass/source.nix index 01631bef1..5155a272c 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -9,13 +9,8 @@ in { nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { - url = http://cgit.lassul.us/nixpkgs; - # nixos-17.03 - # + copytoram: - # 87a4615 & 334ac4f - # + acme permissions for groups - # fd7a8f1 - ref = "d151161"; + url = https://github.com/nixos/nixpkgs; + ref = "670b4e2"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 7c1f36ca1bafb4b415a5c9423842d6bef0102813 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 26 Aug 2017 20:03:57 +0200 Subject: requests2 -> requsts --- krebs/2configs/shack/muell_caller.nix | 2 +- krebs/2configs/shack/radioactive.nix | 2 +- krebs/2configs/shack/worlddomination.nix | 2 +- krebs/5pkgs/simple/Reaktor/default.nix | 2 +- krebs/5pkgs/simple/bepasty-client-cli/default.nix | 2 +- krebs/5pkgs/simple/cac-panel/default.nix | 2 +- krebs/5pkgs/simple/treq/default.nix | 2 +- krebs/5pkgs/simple/urlwatch/default.nix | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/krebs/2configs/shack/muell_caller.nix b/krebs/2configs/shack/muell_caller.nix index 2d8d78e33..a39d0cc02 100644 --- a/krebs/2configs/shack/muell_caller.nix +++ b/krebs/2configs/shack/muell_caller.nix @@ -12,7 +12,7 @@ let buildInputs = [ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ docopt - requests2 + requests paramiko python ])) diff --git a/krebs/2configs/shack/radioactive.nix b/krebs/2configs/shack/radioactive.nix index 378b54056..566146d6e 100644 --- a/krebs/2configs/shack/radioactive.nix +++ b/krebs/2configs/shack/radioactive.nix @@ -12,7 +12,7 @@ let buildInputs = [ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ docopt - requests2 + requests python ])) ]; diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix index d0f9f5fa6..828b6cd70 100644 --- a/krebs/2configs/shack/worlddomination.nix +++ b/krebs/2configs/shack/worlddomination.nix @@ -37,7 +37,7 @@ let docopt LinkHeader aiocoap - requests2 + requests paramiko python ])) diff --git a/krebs/5pkgs/simple/Reaktor/default.nix b/krebs/5pkgs/simple/Reaktor/default.nix index fc3710820..6989bb02b 100644 --- a/krebs/5pkgs/simple/Reaktor/default.nix +++ b/krebs/5pkgs/simple/Reaktor/default.nix @@ -8,7 +8,7 @@ python3Packages.buildPythonPackage rec { propagatedBuildInputs = with pkgs;[ python3Packages.docopt - python3Packages.requests2 + python3Packages.requests ]; src = fetchurl { url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz"; diff --git a/krebs/5pkgs/simple/bepasty-client-cli/default.nix b/krebs/5pkgs/simple/bepasty-client-cli/default.nix index c58e637b3..7811ef5fc 100644 --- a/krebs/5pkgs/simple/bepasty-client-cli/default.nix +++ b/krebs/5pkgs/simple/bepasty-client-cli/default.nix @@ -5,7 +5,7 @@ with pythonPackages; buildPythonPackage rec { propagatedBuildInputs = [ python_magic click - requests2 + requests ]; src = fetchFromGitHub { diff --git a/krebs/5pkgs/simple/cac-panel/default.nix b/krebs/5pkgs/simple/cac-panel/default.nix index fd4799535..57f58f4de 100644 --- a/krebs/5pkgs/simple/cac-panel/default.nix +++ b/krebs/5pkgs/simple/cac-panel/default.nix @@ -11,7 +11,7 @@ python3Packages.buildPythonPackage rec { propagatedBuildInputs = with python3Packages; [ docopt - requests2 + requests beautifulsoup4 ]; } diff --git a/krebs/5pkgs/simple/treq/default.nix b/krebs/5pkgs/simple/treq/default.nix index 20387b9cb..7cb826a51 100644 --- a/krebs/5pkgs/simple/treq/default.nix +++ b/krebs/5pkgs/simple/treq/default.nix @@ -11,7 +11,7 @@ pythonPackages.buildPythonPackage rec { propagatedBuildInputs = with pythonPackages; [ twisted pyopenssl - requests2 + requests service-identity ]; } diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix index 509555669..adaefbc4d 100644 --- a/krebs/5pkgs/simple/urlwatch/default.nix +++ b/krebs/5pkgs/simple/urlwatch/default.nix @@ -13,7 +13,7 @@ python3Packages.buildPythonPackage rec { minidb pycodestyle pyyaml - requests2 + requests ]; meta = { -- cgit v1.2.3 From 1fd1ff57c82e6684702406ca32bfdca1c5785565 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Sep 2017 19:40:30 +0200 Subject: bepasty: pythonPackages.bepasty-server -> bepasty --- krebs/3modules/bepasty-server.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 0ca13366b..dd29a4e17 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -3,7 +3,7 @@ with import ; let gunicorn = pkgs.pythonPackages.gunicorn; - bepasty = pkgs.pythonPackages.bepasty-server; + bepasty = pkgs.bepasty; gevent = pkgs.pythonPackages.gevent; python = pkgs.pythonPackages.python; cfg = config.krebs.bepasty; -- cgit v1.2.3 From c0a4063c2d183ecf1cf7a1dc4e1a35f1f1be0733 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Sep 2017 21:13:53 +0200 Subject: l bepasty: forceSSL conflicts with enableSSL --- lass/2configs/bepasty.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix index b2d40d4f3..43647892f 100644 --- a/lass/2configs/bepasty.nix +++ b/lass/2configs/bepasty.nix @@ -31,7 +31,6 @@ in { } // genAttrs ext-doms (ext-dom: { nginx = { - enableSSL = true; forceSSL = true; enableACME = true; }; -- cgit v1.2.3 From af52d7028adddabc8f21c3989ea600206fd64666 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 20:59:27 +0200 Subject: nixpkgs 8ed299f -> 670b4e2 (17.09) --- krebs/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/source.nix b/krebs/source.nix index 1aba3d7ff..e70ee2d8a 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -14,6 +14,6 @@ in stockholm.file = toString ; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "8ed299faacbf8813fc47b4fca34f32b835d6481e"; # nixos-17.03 @ 2017-09-09 + ref = "670b4e29adc16e0a29aa5b4c126703dcca56aeb6"; # nixos-17.09 @ 2017-09-18 }; } -- cgit v1.2.3 From d973c779eb71749af464edb1ed0216b0d5317eb2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Sep 2017 21:45:42 +0200 Subject: gitlab-runner: configText -> configFile --- krebs/2configs/gitlab-runner-shackspace.nix | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/krebs/2configs/gitlab-runner-shackspace.nix b/krebs/2configs/gitlab-runner-shackspace.nix index d9b4cd589..f4247b6da 100644 --- a/krebs/2configs/gitlab-runner-shackspace.nix +++ b/krebs/2configs/gitlab-runner-shackspace.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: let url = "https://git.shackspace.de/"; # generate token from CI-token via: @@ -6,7 +6,7 @@ let ## cat /etc/gitlab-runner/config.toml token = import ; in { - systemd.services.gitlab-runner.path = [ + systemd.services.gitlab-runner.path = [ "/run/wrappers" # /run/wrappers/bin/su "/" # /bin/sh ]; @@ -16,19 +16,18 @@ in { enable = true; # configFile, configOptions and gracefulTimeout not yet in stable # gracefulTimeout = "120min"; - configText = '' - concurrent = 1 - check_interval = 0 - - [[runners]] - name = "krebs-shell" - url = "${url}" - token = "${token}" - executor = "shell" - shell = "sh" - environment = ["PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"] - [runners.cache] + configFile = pkgs.writeText "gitlab-runner.cfg" '' + concurrent = 1 + check_interval = 0 + [[runners]] + name = "krebs-shell" + url = "${url}" + token = "${token}" + executor = "shell" + shell = "sh" + environment = ["PATH=/bin:/run/wrappers/bin:/etc/per-user/gitlab-runner/bin:/etc/per-user-pkgs/gitlab-runner/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"] + [runners.cache] ''; }; } -- cgit v1.2.3 From 5b536e2d311ae6beea7f7e73115c3a061d523a59 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 1 Oct 2017 14:01:19 +0200 Subject: ma irc: ni.r -> irc.r --- makefu/1systems/pnp/config.nix | 3 ++- makefu/2configs/git/brain-retiolum.nix | 2 +- makefu/2configs/git/cgit-retiolum.nix | 2 +- makefu/2configs/stats/server.nix | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/makefu/1systems/pnp/config.nix b/makefu/1systems/pnp/config.nix index 5fbaaabc7..47fa74c00 100644 --- a/makefu/1systems/pnp/config.nix +++ b/makefu/1systems/pnp/config.nix @@ -34,7 +34,8 @@ krebs.Reaktor.debug = { debug = true; extraEnviron = { - REAKTOR_HOST = "ni.r"; + # TODO: remove hard-coded server + REAKTOR_HOST = "irc.r"; }; plugins = with pkgs.ReaktorPlugins; [ stockholm-issue nixos-version sed-plugin ]; channels = [ "#retiolum" ]; diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index 05754dc7f..b913f3056 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -21,7 +21,7 @@ let verbose = true; channel = "#retiolum"; # TODO remove the hardcoded hostname - server = "ni.r"; + server = "irc.r"; }; }; }; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 5604383e7..5d46cabb3 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -59,7 +59,7 @@ let verbose = config.krebs.build.host.name == "gum"; channel = "#retiolum"; # TODO remove the hardcoded hostname - server = "ni.r"; + server = "irc.r"; }; }; }; diff --git a/makefu/2configs/stats/server.nix b/makefu/2configs/stats/server.nix index bb91b4478..7548c733e 100644 --- a/makefu/2configs/stats/server.nix +++ b/makefu/2configs/stats/server.nix @@ -2,7 +2,7 @@ with import ; let - irc-server = "ni.r"; + irc-server = "rc.r"; irc-nick = "m-alarm"; collectd-port = 25826; influx-port = 8086; -- cgit v1.2.3 From 0fe3f562d7dc66dc4dcf39522fc17ccce6ee30b4 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 1 Oct 2017 14:01:48 +0200 Subject: ma cake.r: init --- krebs/3modules/makefu/default.nix | 25 +++++++++++++++++++++++++ makefu/1systems/cake/config.nix | 20 ++++++++++++++++++++ makefu/1systems/cake/source.nix | 3 +++ 3 files changed, 48 insertions(+) create mode 100644 makefu/1systems/cake/config.nix create mode 100644 makefu/1systems/cake/source.nix diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index a34c8cd97..d80935683 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -4,6 +4,31 @@ with import ; { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { + cake = rec { + cores = 1; + ci = false; + nets = { + retiolum = { + ip4.addr = "10.243.136.236"; + ip6.addr = "42:b3b2:9552:eef0:ee67:f3b3:8d33:eee1"; + aliases = [ + "cake.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0khdelSrOV/ZI9vvbV5aT1wVn2IfUfIdDCQIOnF2mZsrnIcuaedu + jRfZnJST1vOfL7JksF1+8pYwSn34CjJCGhyFf25lc6mARXmZe/araNrVpTntCy2+ + MqG8KZe4mIda/WPTXRYGtFVQZeClM5SCZ7EECtw8sEkwt2QtOv43p/hiMXAkOQsq + 6xc9/b4Bry7d+IjJs3waKfFQllF+C+GuK8yF0YnCEb6GZw7xkxHIO1QV4KSQ4CH7 + 36kEAdCSQ5rgaygRanUlUl+duQn1MLQ+lRlerAEcFfKrr3MKNz2jmGth8iUURdyP + MHjSWe+RkLQ6zzBaVgoKKuI9MbIbhenJWwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake"; + }; drop = rec { ci = true; cores = 1; diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix new file mode 100644 index 000000000..0630d19ad --- /dev/null +++ b/makefu/1systems/cake/config.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: +{ + imports = [ + + # configure your hw: + # + # + # { + name="cake"; +} \ No newline at end of file -- cgit v1.2.3 From b01385c974dd3f4a9cbf0e7e992e960cd9ebf295 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 1 Oct 2017 14:28:34 +0200 Subject: ma: #retiolum -> #xxx --- makefu/1systems/pnp/config.nix | 2 +- makefu/2configs/git/brain-retiolum.nix | 2 +- makefu/2configs/git/cgit-retiolum.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/makefu/1systems/pnp/config.nix b/makefu/1systems/pnp/config.nix index 47fa74c00..6c9fc0606 100644 --- a/makefu/1systems/pnp/config.nix +++ b/makefu/1systems/pnp/config.nix @@ -38,7 +38,7 @@ REAKTOR_HOST = "irc.r"; }; plugins = with pkgs.ReaktorPlugins; [ stockholm-issue nixos-version sed-plugin ]; - channels = [ "#retiolum" ]; + channels = [ "#xxx" ]; }; krebs.build.host = config.krebs.hosts.pnp; diff --git a/makefu/2configs/git/brain-retiolum.nix b/makefu/2configs/git/brain-retiolum.nix index b913f3056..3be3fccef 100644 --- a/makefu/2configs/git/brain-retiolum.nix +++ b/makefu/2configs/git/brain-retiolum.nix @@ -19,7 +19,7 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = true; - channel = "#retiolum"; + channel = "#xxx"; # TODO remove the hardcoded hostname server = "irc.r"; }; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 5d46cabb3..ed890fe40 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -57,7 +57,7 @@ let post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; verbose = config.krebs.build.host.name == "gum"; - channel = "#retiolum"; + channel = "#xxx"; # TODO remove the hardcoded hostname server = "irc.r"; }; -- cgit v1.2.3 From e62f376e6177f3efb0e0bcd3aad97a991c3b6d60 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 1 Oct 2017 14:42:20 +0200 Subject: ma tools: disable skype --- makefu/2configs/tools/core-gui.nix | 1 - makefu/2configs/tools/extra-gui.nix | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/makefu/2configs/tools/core-gui.nix b/makefu/2configs/tools/core-gui.nix index 0538647ae..2f80b08c9 100644 --- a/makefu/2configs/tools/core-gui.nix +++ b/makefu/2configs/tools/core-gui.nix @@ -13,7 +13,6 @@ keepassx pcmanfm evince - skype mirage tightvnc gnome3.dconf diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index b2d616764..bcc068d82 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -6,7 +6,7 @@ gimp inkscape libreoffice - skype + # skype synergy tdesktop virtmanager -- cgit v1.2.3 From f1908e0fa546bde76a95d3da20521d6170cd08f8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 18:06:27 +0200 Subject: l nixpkgs: 670b4e2 -> 5ac8389 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/source.nix b/lass/source.nix index 5155a272c..6a6fff9b5 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "670b4e2"; + ref = "5ac8389"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 345aa5d1e693c4952e7734471c61ea7da36e8fbb Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 18:39:14 +0200 Subject: l users: add lass-android --- krebs/3modules/lass/default.nix | 4 ++++ krebs/3modules/lass/ssh/android.rsa | 1 + 2 files changed, 5 insertions(+) create mode 100644 krebs/3modules/lass/ssh/android.rsa diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 364c02d1d..4b553fac2 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -515,6 +515,10 @@ with import ; pubkey = builtins.readFile ./ssh/mors.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp; }; + lass-android = { + mail = "lassulus@gmail.com"; + pubkey = builtins.readFile ./ssh/android.rsa; + }; lass-helios = { mail = "lass@helios.r"; pubkey = builtins.readFile ./ssh/helios.rsa; diff --git a/krebs/3modules/lass/ssh/android.rsa b/krebs/3modules/lass/ssh/android.rsa new file mode 100644 index 000000000..b39f7ce1e --- /dev/null +++ b/krebs/3modules/lass/ssh/android.rsa @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjesiOnhpT9XgWZqw/64M5lVQg3q0k22BtMyCv+33sGX8VmfTyD11GuwSjNGf5WiswKLqFvYBQsHfDDtS3k0ZNTDncGw3Pbilm6QoCuHEyDPaQYin0P+JmkocrL/6QF5uhZVFnsXCH5wntwOa00VFGwpMgQYSfRlReRx42Pu9Jk+iJduZMRBbOMvJI68Z7iJ4DgW/1U9J4MQdCsk7QlFgUstQQfV1zk4VfVfXuxDP3hjx6Q05nDChjpmzJbFunzb7aiy/1/Sl0QhROTpvxrQLksg7yYLw4BRs9ptjehX45A2Sxi8WKOb/g5u3xJNy0X07rE+N+o5v2hS7wF0DLQdK5+4TGtO+Y+ABUCqqA+T1ynAjNBWvsgY5uD4PZjuPgCMSw0JBmIy/P0THi3v5/8Cohvfnspl7Jpf80qENMu3unvvE9EePzgSRZY1PvDjPQfkWy0yBX1yQMhHuVGke9QgaletitwuahRujml37waeUuOl8Rpz+2iV+6OIS4tfO368uLFHKWbobXTbTDXODBgxZ/IyvO7vxM2uDX/kIWaeYKrip3nSyWBYnixwrcS4vm6ZQcoejwp2KCfGQwIE4MnGYRlwcOEYjvyjLkZHDiZEivUQ0rThMYBzec8bQ08QW8oxF+NXkFKG3awt3f7TKTRkYqQcOMpFKmV24KDiwgwm0miQ== JuiceSSH -- cgit v1.2.3 From 543291b53368c6124c9095e7227cd5176cb3fe65 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 18:39:38 +0200 Subject: l authorized lass-android for weechat --- lass/1systems/archprism/config.nix | 5 ----- lass/2configs/weechat.nix | 9 +++++---- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/lass/1systems/archprism/config.nix b/lass/1systems/archprism/config.nix index 69a0476fb..6411c423d 100644 --- a/lass/1systems/archprism/config.nix +++ b/lass/1systems/archprism/config.nix @@ -156,11 +156,6 @@ in { { predicate = "-p tcp --dport 8080"; target = "ACCEPT";} ]; } - { - users.users.chat.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjesiOnhpT9XgWZqw/64M5lVQg3q0k22BtMyCv+33sGX8VmfTyD11GuwSjNGf5WiswKLqFvYBQsHfDDtS3k0ZNTDncGw3Pbilm6QoCuHEyDPaQYin0P+JmkocrL/6QF5uhZVFnsXCH5wntwOa00VFGwpMgQYSfRlReRx42Pu9Jk+iJduZMRBbOMvJI68Z7iJ4DgW/1U9J4MQdCsk7QlFgUstQQfV1zk4VfVfXuxDP3hjx6Q05nDChjpmzJbFunzb7aiy/1/Sl0QhROTpvxrQLksg7yYLw4BRs9ptjehX45A2Sxi8WKOb/g5u3xJNy0X07rE+N+o5v2hS7wF0DLQdK5+4TGtO+Y+ABUCqqA+T1ynAjNBWvsgY5uD4PZjuPgCMSw0JBmIy/P0THi3v5/8Cohvfnspl7Jpf80qENMu3unvvE9EePzgSRZY1PvDjPQfkWy0yBX1yQMhHuVGke9QgaletitwuahRujml37waeUuOl8Rpz+2iV+6OIS4tfO368uLFHKWbobXTbTDXODBgxZ/IyvO7vxM2uDX/kIWaeYKrip3nSyWBYnixwrcS4vm6ZQcoejwp2KCfGQwIE4MnGYRlwcOEYjvyjLkZHDiZEivUQ0rThMYBzec8bQ08QW8oxF+NXkFKG3awt3f7TKTRkYqQcOMpFKmV24KDiwgwm0miQ== JuiceSSH" - ]; - } { time.timeZone = "Europe/Berlin"; } diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 1e5f2d177..4b6445619 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -13,10 +13,11 @@ in { uid = genid "chat"; useDefaultShell = true; createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.lass.pubkey - config.krebs.users.lass-shodan.pubkey - config.krebs.users.lass-icarus.pubkey + openssh.authorizedKeys.keys = with config.krebs.users; [ + lass.pubkey + lass-shodan.pubkey + lass-icarus.pubkey + lass-android.pubkey ]; }; -- cgit v1.2.3 From a02a812fbf02460109425fb3bc4418681c7f832d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Oct 2017 22:55:18 +0200 Subject: l hosts: update android rsa key --- krebs/3modules/lass/ssh/android.rsa | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/lass/ssh/android.rsa b/krebs/3modules/lass/ssh/android.rsa index b39f7ce1e..f5190f45c 100644 --- a/krebs/3modules/lass/ssh/android.rsa +++ b/krebs/3modules/lass/ssh/android.rsa @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDjesiOnhpT9XgWZqw/64M5lVQg3q0k22BtMyCv+33sGX8VmfTyD11GuwSjNGf5WiswKLqFvYBQsHfDDtS3k0ZNTDncGw3Pbilm6QoCuHEyDPaQYin0P+JmkocrL/6QF5uhZVFnsXCH5wntwOa00VFGwpMgQYSfRlReRx42Pu9Jk+iJduZMRBbOMvJI68Z7iJ4DgW/1U9J4MQdCsk7QlFgUstQQfV1zk4VfVfXuxDP3hjx6Q05nDChjpmzJbFunzb7aiy/1/Sl0QhROTpvxrQLksg7yYLw4BRs9ptjehX45A2Sxi8WKOb/g5u3xJNy0X07rE+N+o5v2hS7wF0DLQdK5+4TGtO+Y+ABUCqqA+T1ynAjNBWvsgY5uD4PZjuPgCMSw0JBmIy/P0THi3v5/8Cohvfnspl7Jpf80qENMu3unvvE9EePzgSRZY1PvDjPQfkWy0yBX1yQMhHuVGke9QgaletitwuahRujml37waeUuOl8Rpz+2iV+6OIS4tfO368uLFHKWbobXTbTDXODBgxZ/IyvO7vxM2uDX/kIWaeYKrip3nSyWBYnixwrcS4vm6ZQcoejwp2KCfGQwIE4MnGYRlwcOEYjvyjLkZHDiZEivUQ0rThMYBzec8bQ08QW8oxF+NXkFKG3awt3f7TKTRkYqQcOMpFKmV24KDiwgwm0miQ== JuiceSSH +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGgImN/9D4yJBjYlkAvT3X45kzt4n8hmgsqPcdcHWNC7fofWG4fZe8NNrTLdKsK+xYxTstj49l8Vb3YDvw4fAyyyhms/eFRlD2BRqAISwc39EIeTC4g3PXNeUtUGdczXKxsJf5iWf4kxUrUOuZ3FeKxeYXDMSqzzk1oKalhWNl4PmgRc5FzjeRJ2WziilwFq7ntLswoeTBW3c53fbcp3XuPza3M1/sN3NHJx9ZMpWVfJhZ/CXr+nqpc25ZIr5HZVZbgDTyJQimlTF5JCfU0NiiBIh7ep7x4o93tARmilit7+mWUkkxk6ba+zG6nr+s+zyd85AFAYRioOEczbC6mI44UZUB11KkEzOon5JWSA8pK+DPqsqhFkwWYMHLXZp8zemdp9kushRZ6nuI9MzBwacngro1vAvDL6jrS5MR7zf7rMAo6wexovWoEowvZz629mjC3OAt9iOm4VJdvEmq+rHLfjjznVEY6llF7DUu2QNEazaXhxZH9V9N1gyubIE97SQVqmwDrf8BGC0Hq+hC4OOweqfo4XP0etbqAfDozZbqcqyE1m9Bj8DpjrSXka1PuJf5fgEtoxPadd2qdiHMfIx9sM+4uu2nI5aFvWO3OlJmhF80QzNdFzZWjsyvJ24C1/a2FAyzoab1Sg9ljstQThseTtvlXcX8jfFn0U3RbgXgCgOWad3Oy9vA0OCdsHut0nzv3UO+T5+wv2+lvE3QSSKOlmVtdKMhCFb+Rg+FliKxyd820h9yR3wDYmkurVkAxaj8Kx5MaY/7aypOi8fRAV2FSDtCKkuMyPv4xEtdPi/4lj55pRBEO8lJkeb+WurCzZ7ZeaPdrW1YIQtToPpiz3dXeRhkts6jq8247xIplzHh9Iu18gOrnZ+ygn70g19x842vvcfLQNAghDPS93msJdSe+EtulMCwNTjUaF9LyzhW9ptLG9NmwgbT5kGsFiRw3BFdyfcQVWVzDhuP3hPPx+hjiZtFfpIKpxV9MjO1xQ830Ngk3JpSphMZTQ432yfvu9yEsUWmAa8ax1jxJ361AiIp0U2xioJmdVd3E2sxkpOUYqE89IR9X6hS3fH38Gc5IL5+BnhuZvRgXuA+nrqdU4pMB3TIoC5oXlOMRXpxaS91YiO4ERx2t6WkBRCoaDuRWnLpewV6lhjwi1+4Emlrs2q1R0K64emZTv7O1MKwWRHOlBJD3HLyCCS763OzYW4mEQcfBAQtbm6sTooJ+D/zbmYgbnZt0z/nP9R/n25pzlSPpZ49fCiRV7QN6D9mksISTz8qIiCzNBn1F7DUewXqkrdPopl4npeNVcOyyo7P1lFFGde+jq/7REdzD+vno1h9+17WZbyzQtlOyipQYzb6l4QuXq/zejJrELJAQdN4yRQq5NJzIh0HXaPnPC083T791moBflyqiwPEIWsSMfILqSqL1jVVNgvV4fHnMixgH2zK9f0EyE3fG9PnuRribPR2DlESqpHZTcBixgh660EPKh0gCLYoWKgU= lass-android@XperiaXCompact -- cgit v1.2.3 From ea793ecf797f82dce0b70d0eb5b268f5326ba79b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 11:45:25 +0200 Subject: Revert "l nixpkgs: 670b4e2 -> 5ac8389" This reverts commit f1908e0fa546bde76a95d3da20521d6170cd08f8. --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/source.nix b/lass/source.nix index 6a6fff9b5..5155a272c 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "5ac8389"; + ref = "670b4e2"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From fdcaa8de73138d590a3702de2f3c3bd1cfacfc40 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 17:57:05 +0200 Subject: krebs.tinc: import types explicitly --- krebs/3modules/tinc.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 8af15c13b..0fd0a35bc 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -1,6 +1,7 @@ { config, pkgs, lib, ... }: with import ; let + inherit (import ) types; out = { options.krebs.tinc = api; config = imp; -- cgit v1.2.3 From d3b17d180642d3a344495468c27355f6a7521d42 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 17:57:24 +0200 Subject: l nixpkgs: 670b4e2 -> b61d084 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/source.nix b/lass/source.nix index 5155a272c..c6dc127cb 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "670b4e2"; + ref = "b61d084"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 2ad003037417f90c04df833a2ad27fd5a52c754e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:38:28 +0200 Subject: l ejabberd: RIP --- lass/5pkgs/default.nix | 3 --- lass/5pkgs/ejabberd/default.nix | 28 ---------------------------- 2 files changed, 31 deletions(-) delete mode 100644 lass/5pkgs/ejabberd/default.nix diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 46633ba1a..d04833255 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -4,9 +4,6 @@ nixpkgs.config.packageOverrides = rec { acronym = pkgs.callPackage ./acronym/default.nix {}; dpass = pkgs.callPackage ./dpass {}; - ejabberd = pkgs.callPackage ./ejabberd { - erlang = pkgs.erlangR16; - }; firefoxPlugins = { noscript = pkgs.callPackage ./firefoxPlugins/noscript.nix {}; ublock = pkgs.callPackage ./firefoxPlugins/ublock.nix {}; diff --git a/lass/5pkgs/ejabberd/default.nix b/lass/5pkgs/ejabberd/default.nix deleted file mode 100644 index 3a77c5cd1..000000000 --- a/lass/5pkgs/ejabberd/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{stdenv, fetchurl, expat, erlang, zlib, openssl, pam, lib}: - -stdenv.mkDerivation rec { - version = "2.1.13"; - name = "ejabberd-${version}"; - src = fetchurl { - url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz"; - sha256 = "0vf8mfrx7vr3c5h3nfp3qcgwf2kmzq20rjv1h9sk3nimwir1q3d8"; - }; - buildInputs = [ expat erlang zlib openssl pam ]; - patchPhase = '' - sed -i \ - -e "s|erl \\\|${erlang}/bin/erl \\\|" \ - -e 's|EXEC_CMD=\"sh -c\"|EXEC_CMD=\"${stdenv.shell} -c\"|' \ - src/ejabberdctl.template - ''; - preConfigure = '' - cd src - ''; - configureFlags = ["--enable-pam"]; - - meta = { - description = "Open-source XMPP application server written in Erlang"; - license = stdenv.lib.licenses.gpl2; - homepage = http://www.ejabberd.im; - maintainers = [ lib.maintainers.sander ]; - }; -} -- cgit v1.2.3 From 5ab273b5364a35fed96473e4290147940425c6b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:45:28 +0200 Subject: l wine: pkgs.wineFull -> pkgs.wine --- lass/2configs/wine.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 2444d32d3..0d2b731ca 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -5,7 +5,7 @@ let in { krebs.per-user.wine.packages = with pkgs; [ - wineFull + wine #(wineFull.override { wineBuild = "wine64"; }) ]; users.users= { -- cgit v1.2.3 From 336f4315d9364407f209d5789423dfe8831e4caf Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Oct 2017 18:50:19 +0200 Subject: l prism.r: track nginx changes --- lass/1systems/prism/config.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 5b3091a39..8e44b113b 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -115,7 +115,12 @@ in { }; services.nginx.virtualHosts."hackerfleet.de-s" = { serverName = "hackerfleet.de"; - port = 443; + listen = [ + { + addr = "0.0.0.0"; + port = 443; + } + ]; serverAliases = [ "*.hackerfleet.de" ]; -- cgit v1.2.3 From 32d9ba480b4797baf4ccdc015685f9ea472f036f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 11:11:40 +0200 Subject: l nixpkgs: b61d084 -> 07ca7b6 --- lass/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/source.nix b/lass/source.nix index c6dc127cb..296a20417 100644 --- a/lass/source.nix +++ b/lass/source.nix @@ -10,7 +10,7 @@ in nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "b61d084"; + ref = "07ca7b6"; }; secrets.file = getAttr builder { buildbot = toString ; -- cgit v1.2.3 From 958e86fadf2a2ca2901e7bd5fd8a0fcc16cbe103 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 11:38:11 +0200 Subject: l copyq: fix startup --- lass/2configs/copyq.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lass/2configs/copyq.nix b/lass/2configs/copyq.nix index b255254f2..fa01a99c9 100644 --- a/lass/2configs/copyq.nix +++ b/lass/2configs/copyq.nix @@ -25,12 +25,15 @@ in { environment = { DISPLAY = ":0"; }; + path = with pkgs; [ + qt5.full + ]; serviceConfig = { SyslogIdentifier = "copyq"; ExecStart = "${pkgs.copyq}/bin/copyq"; ExecStartPost = copyqConfig; Restart = "always"; - RestartSec = "2s"; + RestartSec = "15s"; StartLimitBurst = 0; User = "lass"; }; -- cgit v1.2.3 From 613600914d6c7d8c9d5b1b7bfd1292b863ebd6e6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 11:44:33 +0200 Subject: nixpkgs: 670b4e2 -> 07ca7b6 --- krebs/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/source.nix b/krebs/source.nix index e70ee2d8a..09edc817b 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -14,6 +14,6 @@ in stockholm.file = toString ; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "670b4e29adc16e0a29aa5b4c126703dcca56aeb6"; # nixos-17.09 @ 2017-09-18 + ref = "07ca7b64d2ff2fa7a79e4eab1aba70ff746fed8c"; # nixos-17.09 @ 2017-10-02 }; } -- cgit v1.2.3 From c54d84b9efe01a7f4f8837b2308b7e2d61f1926f Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 13:43:13 +0200 Subject: l sqlBackup: set mysql.dataDir to /var/mysql --- lass/2configs/websites/sqlBackup.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix index 7cb4b320e..2fffa6cc9 100644 --- a/lass/2configs/websites/sqlBackup.nix +++ b/lass/2configs/websites/sqlBackup.nix @@ -3,12 +3,13 @@ { krebs.secret.files.mysql_rootPassword = { path = "${config.services.mysql.dataDir}/mysql_rootPassword"; - owner.name = "root"; + owner.name = "mysql"; source-path = toString + "/mysql_rootPassword"; }; services.mysql = { enable = true; + dataDir = "/var/mysql"; package = pkgs.mariadb; rootPassword = config.krebs.secret.files.mysql_rootPassword.path; }; -- cgit v1.2.3 From c37c047ee6c080f7d76f2e19269162615a9aacfb Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 3 Oct 2017 13:43:31 +0200 Subject: l weechat: open mosh port --- lass/2configs/weechat.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 4b6445619..d5496ac09 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -21,6 +21,11 @@ in { ]; }; + # mosh + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";} + ]; + #systemd.services.chat = { # description = "chat environment setup"; # after = [ "network.target" ]; -- cgit v1.2.3 From 902a65304d1e07ce5a7192a0403d6fa1bed1f135 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 3 Oct 2017 18:40:44 +0200 Subject: tinc module: workaround nixpkgs's lib.types.types Introduced by nixpkgs 152c63c9ff82276e225ac4a4fa71c791d33e443d --- krebs/3modules/tinc.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 0fd0a35bc..b032f3148 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -1,7 +1,6 @@ -{ config, pkgs, lib, ... }: with import ; +{ config, pkgs, ... }: let - inherit (import ) types; out = { options.krebs.tinc = api; config = imp; @@ -12,7 +11,7 @@ let description = '' define a tinc network ''; - type = with types; attrsOf (submodule (tinc: { + type = types.attrsOf (types.submodule (tinc: { options = let netname = tinc.config._module.args.name; in { @@ -117,7 +116,7 @@ let phases = [ "installPhase" ]; installPhase = '' mkdir $out - ${concatStrings (lib.mapAttrsToList (_: host: '' + ${concatStrings (mapAttrsToList (_: host: '' echo ${shell.escape host.nets."${tinc.config.netname}".tinc.config} \ > $out/${shell.escape host.name} '') tinc.config.hosts)} -- cgit v1.2.3