From 9829d8ff9790c194e9acb3b50f2523d389402592 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 17 Oct 2019 02:28:06 +0200 Subject: ma pkgs._4nxci: bump to 4.03 --- makefu/5pkgs/_4nxci/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/5pkgs/_4nxci/default.nix b/makefu/5pkgs/_4nxci/default.nix index dafa37ff6..47c02aca4 100644 --- a/makefu/5pkgs/_4nxci/default.nix +++ b/makefu/5pkgs/_4nxci/default.nix @@ -1,11 +1,11 @@ { stdenv, lib, fetchFromGitHub, mbedtls, python2, perl }: let - version = "1.35"; + version = "4.03"; src = fetchFromGitHub { owner = "The-4n"; repo = "4NXCI"; rev = "v${version}"; - sha256 = "0yq0irxzi4wi71ajw8ld01zfpkrgknpq7g3m76pbnwmdzkm7dra6"; + sha256 = "0n49sqv6s8cj2dw1dbcyskfc2zr92p27f1bdd6jqfbawv0fqr1wf"; }; mymbedtls = stdenv.mkDerivation { -- cgit v1.2.3 From 002913eb9bb516f0f39ef6ca26593953145d42e1 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Mon, 21 Oct 2019 23:55:22 +0200 Subject: external: change palos ssh key --- krebs/3modules/external/palo.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix index e81dd9b58..aea1792f4 100644 --- a/krebs/3modules/external/palo.nix +++ b/krebs/3modules/external/palo.nix @@ -78,7 +78,7 @@ in { }; users = { palo = { - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBYNJVuyyZmc2pCkLWjhl0/hMMb7elmI81/9LAGtk8Tz4TmVderTMohwQkaTYznwPOPuKfU1sSMLCB8rYXdAO5nqWC4bGjXJ/+D8/UKfGjSqRQ7UkfpOF3NAm+pqUSFjaVXi1BWd+jxmsD0uRks0PyNSywZfgjn5LYpD3SpxyFy/17P/PJ9vX6PELjeYvNGH3l5cXDwYky3ZZJol7quBJ5yrA6I536A4wNDzg2ow+MRVu51/nIJdnbbsC/dDHgmdRWnStOzvsA+xSEMeKvLW3CaSPINr/bMGxOPrefr79bg59gkw9Wxp51fkx0o18N1liTRfWXau+GFNGMxFluELhfGXYOH9HLedLt8H38zs5vgJ9IY+tlOzMKud5njiNkuG503AiqY2H7coN7VeVA5+6L7tmwFbCMhPal4MS0VKHNBmCTDY5QMURYUajKiUh8n5IcbuTsPM+lEszm16g5iB+XQ1vpjza5ds6DRL1H6pUF/UpUzYUlqh2RnE+CyLsFO2MB/o72NoSWRfmn7/nsg6eEg/9kSn+dwj2ythjuEkMG28Yhm/XjaGnuAE/ZpIeRDozIQNGcHpzPHMd95olfNJW7+fLi+CvSFZa9l+tdS8PoRnCdHOsO4zvESJZ2rDn0Zt0Az6XNRJfYTABDlYPGCnWN4vmlnEJqQARSSiKBDhSgPw== palo@workout"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw=="; }; }; } -- cgit v1.2.3 From f8d1d7f938fcdeb18fc2abb97c586c1cccf6fcf1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 23 Oct 2019 00:49:48 +0200 Subject: reaktor2: fix invalid character crash --- krebs/3modules/reaktor2.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index 9ab207d88..837a9bea7 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -53,6 +53,9 @@ with import ; systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg: nameValuePair cfg.systemd-service-name { after = [ "network.target" ]; + environment = { + LC_ALL = "en_US.UTF-8"; + }; wantedBy = [ "multi-user.target" ]; serviceConfig = { User = cfg.username; -- cgit v1.2.3 From ea5b591d065b721666fc3527ad45a7545a594a77 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 23 Oct 2019 21:00:14 +0200 Subject: krops: 1.16.0 -> 1.17.0 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 8f4446000..2dc172530 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 8f44460003ae10f543ccb6a29f15b57e42ca3aad +Subproject commit 2dc172530965ea4f1ead8ff166004c5734daee1f -- cgit v1.2.3 From 3e5040747ce990bcb6d86f052dd631f57ab08ea2 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 28 Oct 2019 07:38:07 +0100 Subject: shack/muellshack: mkYarnPackage is not vendored anymore, using pkgs.yarn2nix-moretea.mkYarnPackage --- krebs/2configs/shack/muellshack.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix index 9168c9ba7..179855c4c 100644 --- a/krebs/2configs/shack/muellshack.nix +++ b/krebs/2configs/shack/muellshack.nix @@ -6,7 +6,7 @@ let url = "https://git.shackspace.de/rz/muellshack"; rev = "d8a5e2d4c0a22804838675ac42b468299dcd9a76"; sha256 = "0ff6q64dgdxmpszp94z100fdic175b1vvxn4crg8p0jcabzxsv0m"; - }) {}; + }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; home = "/var/lib/muellshack"; port = "8081"; in { -- cgit v1.2.3 From f566e3433574bcecdcdee2528d73a9d202be62f6 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 28 Oct 2019 11:00:11 +0100 Subject: rtorrent module: set listen.owner in phpfpm --- krebs/3modules/rtorrent.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix index d59569317..1f88a49e1 100644 --- a/krebs/3modules/rtorrent.nix +++ b/krebs/3modules/rtorrent.nix @@ -8,7 +8,7 @@ let nginx-user = config.services.nginx.user; nginx-group = config.services.nginx.group; - fpm-socket = "/var/run/php5-fpm-rutorrent.sock"; + fpm-socket = config.services.phpfpm.pools.rutorrent.socket; webdir = rucfg.webdir; systemd-logfile = cfg.workDir + "/rtorrent-systemd.log"; @@ -332,12 +332,11 @@ let rutorrent-imp = { services.phpfpm = { - # phpfpm does not have an enable option pools.rutorrent = { user = nginx-user; group = nginx-group; - listen = fpm-socket; settings = { + "listen.owner" = nginx-user; "pm" = "dynamic"; "pm.max_children" = 5; "pm.start_servers" = 2; -- cgit v1.2.3 From 6235c7c5bc4fda9822645b356e7db26ed46fe9d0 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 28 Oct 2019 11:53:39 +0100 Subject: ma phpfpm: set listen.owner in config --- makefu/2configs/deployment/owncloud.nix | 1 + makefu/2configs/nginx/euer.wiki.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix index 59dfa3203..ed3155efc 100644 --- a/makefu/2configs/deployment/owncloud.nix +++ b/makefu/2configs/deployment/owncloud.nix @@ -127,6 +127,7 @@ let group = "nginx"; listen = socket; settings = { + "listen.owner" = "nginx"; "pm" = "dynamic"; "pm.max_children" = 32; "pm.max_requests" = 500; diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index a6766eeec..2f44d8cc1 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -27,6 +27,7 @@ in { inherit user group; listen = fpm-socket; settings = { + "listen.owner" = user; "pm" = "dynamic"; "pm.max_children" = 5; "pm.start_servers" = 2; -- cgit v1.2.3 From 6e4c26a130611da18b2b9e82b8085a0076031db5 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 29 Oct 2019 17:16:12 +0100 Subject: ma bureautomation: set service name for google_say to fix regression --- makefu/2configs/bureautomation/default.nix | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index d745d894a..48c4c0b87 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -47,8 +47,14 @@ in { elevation = 303; auth_providers = [ { type = "homeassistant";} - { type = "legacy_api_password";} + # { type = "legacy_api_password";} { type = "trusted_networks"; + trusted_networks = [ + "127.0.0.1/32" + "192.168.8.0/24" + "::1/128" + "fd00::/8" + ]; # allow_bypass_login = true; } ]; @@ -141,19 +147,15 @@ in { # TODO: https://github.com/home-assistant/home-assistant/issues/16149 base_url = "http://192.168.8.11:8123"; api_password = "sistemas"; - trusted_networks = [ - "127.0.0.1/32" - "192.168.8.0/24" - "::1/128" - "fd00::/8" - ]; }; conversation = {}; history = {}; logbook = {}; tts = [ - { platform = "google"; + { platform = "google_translate"; language = "de"; + time_memory = 57600; + service_name = "google_say"; } { platform = "voicerss"; api_key = builtins.readFile ; -- cgit v1.2.3 From b0e88c220985ddc76e0622cbcdb1eb782b1eb3cf Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 29 Oct 2019 17:26:15 +0100 Subject: ma bureautomation: fix home-assistant regression with darksky --- makefu/2configs/bureautomation/default.nix | 1 - makefu/2configs/bureautomation/sensor/outside.nix | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 48c4c0b87..9492f6ac2 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -34,7 +34,6 @@ in { pkgs.pico2wave python-forecastio jsonrpc-async jsonrpc-websocket mpd2 (callPackage ./deps/gtts-token.nix { }) - (callPackage ./deps/pyhaversion.nix { }) ]; }; autoExtraComponents = true; diff --git a/makefu/2configs/bureautomation/sensor/outside.nix b/makefu/2configs/bureautomation/sensor/outside.nix index 7dbc192a4..596473f17 100644 --- a/makefu/2configs/bureautomation/sensor/outside.nix +++ b/makefu/2configs/bureautomation/sensor/outside.nix @@ -15,7 +15,7 @@ "uv_index" ]; units = "si" ; - update_interval = { days = 0; hours = 0; minutes = 30; seconds = 0; }; + scan_interval = "00:30:00"; } { platform = "luftdaten"; name = "Ditzingen"; -- cgit v1.2.3 From 4bb3f551ab8b44b623a4dd56f295d6083eb04121 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 29 Oct 2019 19:33:55 +0100 Subject: nixpkgs: 7952807 -> c75de8b --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 01230b439..fabd3691a 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "7952807791daf3c60c99f10f371f732d897e3de8", - "date": "2019-10-13T01:14:01+02:00", - "sha256": "1h9wg0arazbyj8xfgvfhzn2gw6ya8sgcxscy1n5j182b5xri1xdk", + "rev": "c75de8bc12cc7e713206199e5ca30b224e295041", + "date": "2019-10-27T17:40:06+01:00", + "sha256": "1awipcjfvs354spzj2la1nzmi9rh2ci2mdapzf4kkabf58ilra6x", "fetchSubmodules": false } -- cgit v1.2.3 From dc543a7d507bd431dae20c77800ec877205f5108 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 30 Oct 2019 08:01:44 +0100 Subject: ma bureautomation: fix all the regression, add openwrt-luci-rpc as dependency --- makefu/2configs/bureautomation/default.nix | 9 +++--- makefu/2configs/bureautomation/deps/gtts-token.nix | 27 ----------------- .../bureautomation/deps/openwrt-luci-rpc.nix | 34 ++++++++++++++++++++++ .../2configs/bureautomation/deps/pyhaversion.nix | 33 --------------------- .../bureautomation/device_tracker/openwrt.nix | 1 - .../2configs/bureautomation/light/statuslight.nix | 8 ++--- makefu/2configs/bureautomation/sensor/pollen.nix | 2 +- 7 files changed, 44 insertions(+), 70 deletions(-) delete mode 100644 makefu/2configs/bureautomation/deps/gtts-token.nix create mode 100644 makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix delete mode 100644 makefu/2configs/bureautomation/deps/pyhaversion.nix diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index 9492f6ac2..e07e0ddf0 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -33,7 +33,7 @@ in { extraPackages = ps: with ps; [ pkgs.pico2wave python-forecastio jsonrpc-async jsonrpc-websocket mpd2 - (callPackage ./deps/gtts-token.nix { }) + (callPackage ./deps/openwrt-luci-rpc.nix { }) ]; }; autoExtraComponents = true; @@ -46,7 +46,9 @@ in { elevation = 303; auth_providers = [ { type = "homeassistant";} - # { type = "legacy_api_password";} + { type = "legacy_api_password"; + api_password = "sistemas"; + } { type = "trusted_networks"; trusted_networks = [ "127.0.0.1/32" @@ -124,7 +126,7 @@ in { aramark.binary_sensor; sensor = - [{ platform = "version"; }] ++ + # [{ platform = "version"; }] ++ # pyhaversion (import ./sensor/pollen.nix) ++ (import ./sensor/espeasy.nix) ++ (import ./sensor/airquality.nix) ++ @@ -145,7 +147,6 @@ in { http = { # TODO: https://github.com/home-assistant/home-assistant/issues/16149 base_url = "http://192.168.8.11:8123"; - api_password = "sistemas"; }; conversation = {}; history = {}; diff --git a/makefu/2configs/bureautomation/deps/gtts-token.nix b/makefu/2configs/bureautomation/deps/gtts-token.nix deleted file mode 100644 index 69640f03d..000000000 --- a/makefu/2configs/bureautomation/deps/gtts-token.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, requests -}: - -buildPythonPackage rec { - pname = "gtts-token"; - version = "1.1.3"; - - src = fetchPypi { - pname = "gTTS-token"; - inherit version; - sha256 = "9d6819a85b813f235397ef931ad4b680f03d843c9b2a9e74dd95175a4bc012c5"; - }; - - propagatedBuildInputs = [ - requests - ]; - - meta = with lib; { - description = "Calculates a token to run the Google Translate text to speech"; - homepage = https://github.com/boudewijn26/gTTS-token; - license = licenses.mit; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix b/makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix new file mode 100644 index 000000000..4eceeb146 --- /dev/null +++ b/makefu/2configs/bureautomation/deps/openwrt-luci-rpc.nix @@ -0,0 +1,34 @@ +{ lib +, buildPythonPackage +, fetchPypi +, click +, requests +, packaging +}: + +buildPythonPackage rec { + pname = "openwrt-luci-rpc"; + version = "1.1.2"; + + src = fetchPypi { + inherit pname version; + sha256 = "174a1f6c0bb2a2ed76e5299d14e2be05c612e8bcd4c15b9a9aedee1ef8e18b90"; + }; + + patchPhase = '' + sed -i -e "s/requests==2.21.0/requests/" -e "s/packaging==19.1/packaging/" setup.py + ''; + + propagatedBuildInputs = [ + click + requests + packaging + ]; + + meta = with lib; { + description = "Module for interacting with OpenWrt Luci RPC interface"; + homepage = https://github.com/fbradyirl/openwrt-luci-rpc; + license = licenses.asl20; + maintainers = [ maintainers.makefu ]; + }; +} diff --git a/makefu/2configs/bureautomation/deps/pyhaversion.nix b/makefu/2configs/bureautomation/deps/pyhaversion.nix deleted file mode 100644 index a75c6a976..000000000 --- a/makefu/2configs/bureautomation/deps/pyhaversion.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ lib -, buildPythonPackage -, fetchpatch -, fetchPypi -, aiohttp -, async-timeout -}: - -buildPythonPackage rec { - pname = "pyhaversion"; - version = "2.2.1"; - - src = fetchPypi { - inherit pname version; - sha256 = "72b65aa25d7b2dbb839a4d0218df2005c2335e93526035904d365bb668030b9f"; - }; - patches = [ - (fetchpatch { url = "https://github.com/makefu/pyhaversion/commit/f3bdc38970272cd345c2cfbde3037ea492ca27c4.patch"; - sha256 = - "1rhq4z7mdgnwhwpf5fmarnbc1ba3qysk1wqjdr0hvbzi8vmvbfcc";}) - ]; - doCheck = false; - propagatedBuildInputs = [ - aiohttp - async-timeout - ]; - - meta = with lib; { - description = ""; - homepage = https://github.com/ludeeus/pyhaversion; - # maintainers = [ maintainers. ]; - }; -} diff --git a/makefu/2configs/bureautomation/device_tracker/openwrt.nix b/makefu/2configs/bureautomation/device_tracker/openwrt.nix index d32eab60f..5de216474 100644 --- a/makefu/2configs/bureautomation/device_tracker/openwrt.nix +++ b/makefu/2configs/bureautomation/device_tracker/openwrt.nix @@ -3,7 +3,6 @@ [ { platform = "luci"; - name = "router"; host = "192.168.8.1"; username = "root"; password = import ; diff --git a/makefu/2configs/bureautomation/light/statuslight.nix b/makefu/2configs/bureautomation/light/statuslight.nix index 31f52f492..c9d301758 100644 --- a/makefu/2configs/bureautomation/light/statuslight.nix +++ b/makefu/2configs/bureautomation/light/statuslight.nix @@ -24,13 +24,13 @@ let brightness_command_topic = "/bam/${topic}/cmnd/Dimmer"; brightness_scale = 100; # color - rgb_state_topic = "/bam/${topic}/stat/Color"; + rgb_state_topic = "/bam/${topic}/stat/RESULT"; rgb_command_topic = "/bam/${topic}/cmnd/Color2"; - rgb_command_mode = "hex"; - rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}"; + rgb_value_template = "{{(value_json.Channel[0]*2.55)|int}},{{(value_json.Channel[1]*2.55)|int}},{{(value_json.Channel[2]*2.55)|int}}"; + # effects effect_state_topic = "/bam/${topic}/tele/STATE"; - effects_value_template = "{{value_json.Scheme|default(0)}}"; + effect_value_template = "{{value_json.Scheme|default(0)}}"; effect_command_topic = "/bam/${topic}/cmnd/Scheme"; effect_list = [ 0 # single color for LED light diff --git a/makefu/2configs/bureautomation/sensor/pollen.nix b/makefu/2configs/bureautomation/sensor/pollen.nix index 506dbf123..8ddb49e58 100644 --- a/makefu/2configs/bureautomation/sensor/pollen.nix +++ b/makefu/2configs/bureautomation/sensor/pollen.nix @@ -1,6 +1,6 @@ [ { platform = "dwd_pollen"; - partsregion_ids = [ + partregion_ids = [ 112 ]; } -- cgit v1.2.3 From 2e4841969a0e10be10bae5f2b937aa74c5311de1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 30 Oct 2019 18:08:24 +0000 Subject: l: add host amy/clara MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörg Thalheim --- krebs/3modules/external/default.nix | 56 +++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 1546cac62..247dae69c 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -354,6 +354,62 @@ in { }; }; }; + amy = { + owner = config.krebs.users.Mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.donna.nets.retiolum.ip4.addr + config.krebs.hosts.donna.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.181"; + aliases = [ "amy.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAr3jQRA1+hLKYVgHJA2ax5W8J3GVMTnaGpYw9Q2xXXrX/jxLZ6Ia8 + hBjIcCBDVL5Q3FnyrKB9NJeeIvCOKg8WG+8O0+wKcePKd0Vhbsx4Whog/6PWs6qh + q2sURs2tp1hjHks4kZo2WtiYD7Ue9HHdV6FlUO6yuBV0bW2RzHdLPCDSGxnQVkBM + tSwAvMCZwvVBiv4m6RyMXqmpdbAPBzgJcmJS0FY+zGxpiwsR/AdoVvnzYyFMCVpG + iFl5+k9OGhUJq72MwAXzjW5ZdCPrG+2Dd+QBhhtIMJGA2sJiJteT8vdvpTNCiHJ/ + HnW7movliN2mW86qwo7QqB5v0c9f9TjfpOld7sS/4vE3zlGi/Stf6SQWaoXez/u3 + /P9GzupcYgj76m8Z3j7BMHXCBw8iwP2pZpL9hnLdIyCcyLrzXDIzq4hlt60DPhSU + klTDBUA/cUdSJGcSn2N+WHLOTfI6qeBNKqcTk70OQsa69jAJeAtA+I9OprNYOXqb + MmQakNNlrTaNtGQxfQqEL+wqHlo8CVDGm3O9pQSNF309P4TLNU1EYm+ItScNiVCE + DKhcgvE6xHCwZnVyJN8MMy1CVyDmnHVYoaTEZ2cCvNi/hXIXgO9KWjSpAv5tP764 + UkOE4dlDpEW6G1pNf84BERfRYGDj29A/Jk9LJC/6D09QJXNu18HR0sUCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + clara = { + owner = config.krebs.users.Mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.donna.nets.retiolum.ip4.addr + config.krebs.hosts.donna.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.182"; + aliases = [ "clara.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA07G1n2sA804nnjWQzq0Fi9i6kxJUo+jVJjtkm5unw3hjflAAd/3d + WN+01GdJCk/gr7DfU/Xr5KnR39Z3ADoT1tbUb+i5AJZ5/8VHUwWM8D8mQAam6LBf + UEeLxhVH8rG6lHaKwVi9oe4gPhgptUOzX/YIlJOMYDlYRxc7Wbj7YQOAKlPuTAjY + Z5bLswfkqTMO0cioJNwwMCNWSMJf3jbKi3eTQ36sf7TDMEneNGSBUpeSjGddoNT/ + rrVIDDT8tGmtACKr+3Y0H+EA2K5IxdQKKfnPRR31RBWiTkEXBbaJzYO/ZV5/xlbN + wmblskwq9d9IwDY7qeMctci+ZUZ3epG8MUwYa4faOrgmmkQpa5B+6UOMzw/WDJEc + jTfvSzfPo4anoj8C+MOQYzRvYmp60YEZKomv2BQdBvpGIpUul8WAR2aV0K+wz66e + mUamljAXmLiPxgGKduX5VFVuXzYxeMiBBujQCLTjc+xTB2EdwihxNX1rkxz10BDc + WrgPV+/VVyThKhOvVCifWARHtT2VGcZazfQOW/y3ZmEPOYuc5ZvrSEiMeG3f64+v + UU8cQZ3yBLIhTtC+38pRlsdBQHt526q0j0rrnd30JXVAUdWBunP2UJ5QGtA8/mWn + cWSlvRf5sfbyrISz6+mLPM2qGHnCkKwORNxmv/1DY07O3Rn6hX0OY4ECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; inspector = { owner = config.krebs.users.Mic92; nets = rec { -- cgit v1.2.3 From e6349797cfa86b664783e3f772fed2580209ee66 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 31 Oct 2019 13:09:39 +0100 Subject: l mors.r: remove broken ts3 client --- lass/1systems/mors/config.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 1477d6d8b..03ff42132 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -129,7 +129,6 @@ with import ; cac-api sshpass get - teamspeak_client hashPassword urban mk_sql_pair -- cgit v1.2.3 From a52e2d79168da4154a95a8d91cf7592995e66e55 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 31 Oct 2019 15:17:18 +0100 Subject: shack/*: fix regression with mkYarnPackage and pypi2nix generated files --- krebs/2configs/shack/muell_mail.nix | 4 +-- krebs/2configs/shack/muellshack.nix | 4 +-- krebs/2configs/shack/node-light.nix | 6 ++-- krebs/2configs/shack/s3-power.nix | 7 +++-- krebs/2configs/shack/worlddomination.nix | 2 +- makefu/2configs/bureautomation/person/team.nix | 38 +++++++++++++++++++++++++- 6 files changed, 49 insertions(+), 12 deletions(-) diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix index 5ae80d780..409278954 100644 --- a/krebs/2configs/shack/muell_mail.nix +++ b/krebs/2configs/shack/muell_mail.nix @@ -4,8 +4,8 @@ let pkg = pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/muell_mail"; - rev = "861ec25ab22797d8961efb32e72d79e113aa9f0f"; - sha256 = "sha256:18cw95zbr7isv4cw80cbpd84n5z208fwh5390i6j10jkn398mjq2"; + rev = "57b67c95052d90044137b2c89007a371dc389afd"; + sha256 = "1grkzs6fxjnc2bv4kskj63d5sb4qxz6yyr85nj0da9hn7qkk4jkj"; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; home = "/var/lib/muell_mail"; cfg = toString ; diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix index 179855c4c..c1c957da3 100644 --- a/krebs/2configs/shack/muellshack.nix +++ b/krebs/2configs/shack/muellshack.nix @@ -4,8 +4,8 @@ let pkg = pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/muellshack"; - rev = "d8a5e2d4c0a22804838675ac42b468299dcd9a76"; - sha256 = "0ff6q64dgdxmpszp94z100fdic175b1vvxn4crg8p0jcabzxsv0m"; + rev = "4601f59787de090c83be6dbae6ca72d7fc84ab9f"; + sha256 = "1cshbd6ipvynbm3gmnsm58ccc1m5xc87cpd3b6jx0s6pr2j19g9j"; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; home = "/var/lib/muellshack"; port = "8081"; diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix index 8cf0007b8..38cb3b55d 100644 --- a/krebs/2configs/shack/node-light.nix +++ b/krebs/2configs/shack/node-light.nix @@ -4,9 +4,9 @@ let pkg = pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/node-light.git"; - rev = "a32c782650c4cc0adf51250fe249167d7246c59b"; - sha256 = "0clvcp1m2ay0a9ibh7s21q7d9a6nam3497bysvc6mdygblks22qy"; - }) {}; + rev = "32d8064db5172b8068f633211c8bd5688b2c8773"; + sha256 = "14jzhs7pp3hq42wq3cwqarivn1z7vcgksfzfqfc4yyh21096yi1j"; + }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; home = "/var/lib/node-light"; port = "8082"; in { diff --git a/krebs/2configs/shack/s3-power.nix b/krebs/2configs/shack/s3-power.nix index 40c42260f..f3ea67f79 100644 --- a/krebs/2configs/shack/s3-power.nix +++ b/krebs/2configs/shack/s3-power.nix @@ -4,9 +4,10 @@ let pkg = pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/s3-power"; - rev = "b2b87b56bb40d714dbbecd1285566870b256aec4"; - sha256 = "sha256:02wikwf3rgkkggwbwqisdvhlwd38w5pw011xhwvhnj114s3rynan"; - }) {}; + rev = "0687ab64"; + sha256 = "1m8h4bwykv24bbgr5v51mam4wsbp5424xcrawhs4izv563jjf130"; + }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; + home = "/var/lib/s3-power"; cfg = toString ; in { diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix index 44176a341..b38b9cab4 100644 --- a/krebs/2configs/shack/worlddomination.nix +++ b/krebs/2configs/shack/worlddomination.nix @@ -65,7 +65,7 @@ let }; LinkHeader = pythonPackages.buildPythonPackage { name = "LinkHeader-0.4.3"; - src = pkgs.fetchurl { url = "https://pypi.python.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; }; + src = pkgs.fetchurl { url = "https://files.pythonhosted.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; }; propagatedBuildInputs = [ ]; meta = with pkgs.stdenv.lib; { homepage = ""; diff --git a/makefu/2configs/bureautomation/person/team.nix b/makefu/2configs/bureautomation/person/team.nix index e18c42194..fc2d9ba17 100644 --- a/makefu/2configs/bureautomation/person/team.nix +++ b/makefu/2configs/bureautomation/person/team.nix @@ -3,7 +3,7 @@ id = 1; device_trackers = [ "device_tracker.thorsten_phone" - "device_tracker.thorsten_arbeitphone" + #"device_tracker.thorsten_arbeitphone" ]; } { name = "Felix"; @@ -26,4 +26,40 @@ "device_tracker.daniel_phone" ]; } + { name = "Thierry"; + id = 5; + device_trackers = [ + "device_tracker.thierry_phone" + ]; + } + { name = "Frank"; + id = 6; + device_trackers = [ + "device_tracker.frank_phone" + ]; + } + { name = "Carsten"; + id = 7; + device_trackers = [ + "device_tracker.carsten_phone" + ]; + } + { name = "Emeka"; + id = 8; + device_trackers = [ + "device_tracker.emeka_phone" + ]; + } + #{ name = "Sabine"; + # id = 9; + # device_trackers = [ + # "device_tracker.sabine_phone" + # ]; + #} + { name = "Tobias"; + id = 10; + device_trackers = [ + "device_tracker.tobias_phone" + ]; + } ] -- cgit v1.2.3 From d3b0e07fbb7e2cbe54a766e202de0fb952da8fa7 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 31 Oct 2019 15:19:04 +0100 Subject: wolf.r: disable swap --- krebs/1systems/wolf/config.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index e47c43fe1..e87b7bb99 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -117,10 +117,6 @@ in fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; - swapDevices = [ - { device = "/dev/disk/by-label/swap"; } - ]; - users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users."0x4A6F".pubkey config.krebs.users.ulrich.pubkey -- cgit v1.2.3 From 50732436d799f81a13f9c05b5179b52882fac512 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 2 Nov 2019 14:03:14 +0100 Subject: l uriel: enableAllFirmware -> enableRedistributableFirmware --- lass/1systems/uriel/physical.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/uriel/physical.nix b/lass/1systems/uriel/physical.nix index 9ac3468a8..2d21f00d5 100644 --- a/lass/1systems/uriel/physical.nix +++ b/lass/1systems/uriel/physical.nix @@ -3,7 +3,7 @@ ./config.nix ]; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; boot = { #kernelParams = [ # "acpi.brightness_switch_enabled=0" -- cgit v1.2.3 From 4b5e3cbc6155ee807a9b6c474972df3e4fcd237b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 2 Nov 2019 15:05:01 +0100 Subject: nixpkgs-unstable: 4cd2cb4 -> 471869c --- krebs/nixpkgs-unstable.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 5f8f0c771..a772c83a2 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "d484f2b7fc0834a068e8ace851faa449a03963f5", - "date": "2019-09-20T22:58:43+02:00", - "sha256": "0jk93ikryi2hqc30l2n5i4vlgmklrlzb8cf7b3sg1q3k70q344jn", + "rev": "471869c9185fb610e67940a701eb13b1cfb335a4", + "date": "2019-10-31T16:03:13+01:00", + "sha256": "1klbclz8n4b9k1kfwv806bqdavld1mg32l1vxsmnrqzr6zck1c54", "fetchSubmodules": false } -- cgit v1.2.3 From 1f6e39ee3552fd8f0c94def1d4f7a7a8a59d2275 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 5 Nov 2019 22:13:43 +0100 Subject: nixpkgs: c75de8b -> c5aabb0 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index fabd3691a..7fe43b4b5 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "c75de8bc12cc7e713206199e5ca30b224e295041", - "date": "2019-10-27T17:40:06+01:00", - "sha256": "1awipcjfvs354spzj2la1nzmi9rh2ci2mdapzf4kkabf58ilra6x", + "rev": "c5aabb0d603e2c1ea05f5a93b3be82437f5ebf31", + "date": "2019-10-31T21:10:56+01:00", + "sha256": "15fwszhn6078sbrb8qk83g8afvh4qnmvff0qbkbvq3cm1fxni2w1", "fetchSubmodules": false } -- cgit v1.2.3 From ae8dede5f875042eba73f0035f20defb55cfc97f Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 5 Nov 2019 23:01:37 +0100 Subject: ma bureautomation: add frosch,daily-standup --- makefu/2configs/bureautomation/default.nix | 84 +++++++++++++--------- .../2configs/bureautomation/multi/10h_timers.nix | 4 +- .../bureautomation/multi/daily-standup.nix | 54 ++++++++++++++ makefu/2configs/bureautomation/multi/frosch.nix | 2 +- 4 files changed, 107 insertions(+), 37 deletions(-) create mode 100644 makefu/2configs/bureautomation/multi/daily-standup.nix diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix index e07e0ddf0..c55bc1d14 100644 --- a/makefu/2configs/bureautomation/default.nix +++ b/makefu/2configs/bureautomation/default.nix @@ -4,7 +4,9 @@ let ten_hours = import ./multi/10h_timers.nix { inherit lib; }; # provides: timer automation script mittagessen = import ./multi/mittagessen.nix { inherit lib; }; # provides: automation script matrix = import ./multi/matrix.nix { inherit lib; }; # provides: matrix automation - aramark = import ./multi/aramark.nix { inherit lib; }; # provides: pommes sensor + frosch = import ./multi/frosch.nix { inherit lib; }; # provides: sensor binary_sensor switch light script automation + aramark = import ./multi/aramark.nix { inherit lib; }; # provides: sensor binary_sensor + standup = import ./multi/daily-standup.nix { inherit lib; }; # provides: automation script in { imports = [ ./ota.nix @@ -88,10 +90,12 @@ in { retain = true; }; }; - switch = (import ./switch/tasmota_switch.nix) ++ - (import ./switch/rfbridge.nix); - light = (import ./light/statuslight.nix) ++ - (import ./light/buzzer.nix); + switch = (import ./switch/tasmota_switch.nix) + ++ frosch.switch + ++ (import ./switch/rfbridge.nix); + light = (import ./light/statuslight.nix) + ++ (import ./light/buzzer.nix) + ++ frosch.light; timer = ten_hours.timer; notify = [ { @@ -117,31 +121,34 @@ in { ]; script = lib.fold lib.recursiveUpdate {} [ ((import ./script/multi_blink.nix) {inherit lib;}) + frosch.script ten_hours.script mittagessen.script + standup.script ]; binary_sensor = - (import ./binary_sensor/buttons.nix) ++ - (import ./binary_sensor/motion.nix) ++ - aramark.binary_sensor; + (import ./binary_sensor/buttons.nix) + ++ (import ./binary_sensor/motion.nix) + ++ frosch.binary_sensor + ++ aramark.binary_sensor; sensor = # [{ platform = "version"; }] ++ # pyhaversion - (import ./sensor/pollen.nix) ++ - (import ./sensor/espeasy.nix) ++ - (import ./sensor/airquality.nix) ++ - ((import ./sensor/outside.nix) {inherit lib;}) ++ - (import ./sensor/influxdb.nix) ++ - (import ./sensor/tasmota_firmware.nix) ++ - aramark.sensor; + (import ./sensor/pollen.nix) + ++ (import ./sensor/espeasy.nix) + ++ (import ./sensor/airquality.nix) + ++ ((import ./sensor/outside.nix) {inherit lib;}) + ++ (import ./sensor/influxdb.nix) + ++ (import ./sensor/tasmota_firmware.nix) + ++ frosch.sensor + ++ aramark.sensor; camera = (import ./camera/verkehrskamera.nix) ++ (import ./camera/comic.nix); - # not yet released - #person = - # (import ./person/team.nix ); + person = + (import ./person/team.nix ); frontend = { }; http = { @@ -196,13 +203,22 @@ in { "light.buslicht" ]; team = [ - "device_tracker.thorsten_phone" - "device_tracker.felix_phone" - "device_tracker.ecki_tablet" - "device_tracker.daniel_phone" - "device_tracker.carsten_phone" - "device_tracker.thierry_phone" - "device_tracker.frank_phone" + "person.thorsten" + #"device_tracker.thorsten_phone" + "person.felix" + "person.ecki" + "person.daniel" + # "person.carsten" + "person.thierry" + "person.frank" + "person.emeka" + #"device_tracker.felix_phone" + #"device_tracker.ecki_tablet" + #"device_tracker.daniel_phone" + #"device_tracker.carsten_phone" + #"device_tracker.thierry_phone" + #"device_tracker.frank_phone" + #"device_tracker.emeka_phone" # "person.thorsten" # "person.felix" # "person.ecki" @@ -237,8 +253,6 @@ in { ]; sensors = [ "media_player.kodi" - "script.blitz_10s" - "script.buzz_red_led_fast" "timer.felix_10h" "timer.frank_10h" "sensor.easy2_dht22_humidity" @@ -262,13 +276,15 @@ in { # feedreader.urls = [ "http://www.heise.de/security/rss/news-atom.xml" ]; # we don't use imports because the expressions do not merge in # home-assistant - automation = (import ./automation/bureau-shutdown.nix) ++ - (import ./automation/nachtlicht.nix) ++ - (import ./automation/schlechteluft.nix) ++ - (import ./automation/hass-restart.nix) ++ - ten_hours.automation ++ - matrix.automation ++ - mittagessen.automation; + automation = (import ./automation/bureau-shutdown.nix) + ++ (import ./automation/nachtlicht.nix) + ++ (import ./automation/schlechteluft.nix) + ++ (import ./automation/hass-restart.nix) + ++ ten_hours.automation + ++ matrix.automation + ++ standup.automation + ++ frosch.automation + ++ mittagessen.automation; device_tracker = (import ./device_tracker/openwrt.nix ); }; }; diff --git a/makefu/2configs/bureautomation/multi/10h_timers.nix b/makefu/2configs/bureautomation/multi/10h_timers.nix index 8cdaa8cfd..73709e738 100644 --- a/makefu/2configs/bureautomation/multi/10h_timers.nix +++ b/makefu/2configs/bureautomation/multi/10h_timers.nix @@ -122,7 +122,7 @@ let trigger = { platform = "state"; # TODO: ecki - entity_id = [ "device_tracker.${name}_phone"]; + entity_id = [ "person.${name}"]; from = "not_home"; to = "home"; }; @@ -166,7 +166,7 @@ let condition = { condition = "state"; - entity_id = "device_tracker.${name}_phone"; + entity_id = "person.${name}"; state = "home"; }; diff --git a/makefu/2configs/bureautomation/multi/daily-standup.nix b/makefu/2configs/bureautomation/multi/daily-standup.nix new file mode 100644 index 000000000..f5bd85b9d --- /dev/null +++ b/makefu/2configs/bureautomation/multi/daily-standup.nix @@ -0,0 +1,54 @@ +{ lib }: +let + random_daily_text = ''{{ [ + "Es ist so weit, es ist Standup Zeit!", + "Zehn Uhr Fünfunddreissig ist genau die richtige Zeit für ein Standup!", + "Hat jeder seine Hausaufgaben gemacht? Bitte einmal aufstehen und den Zettel nach rechts geben", + "Aufstehen zum Appell, es wird die Anwesenheit kontrolliert!", + "Hallo Kinder, wisst ihr welche Zeit es ist??? ... Genau! ... Standup Zeit!", + "Morgens, halb elf in Deutschland - das Standupchen" ] | random }}''; + +in { + script = + { "random_daily" = { + alias = "Random Daily Introduction"; + + sequence = [ + { service = "media_player.play_media"; + data = { + entity_id = "media_player.mpd"; + media_content_type = "playlist"; + media_content_id = "ansage"; + }; + } + { delay.seconds = 5; } + { service = "tts.google_say"; + entity_id = "media_player.mpd"; + data_template = { + message = random_daily_text; + language = "de"; + }; + } + ]; + }; + }; + automation = [ + { + alias = "Daily Standup"; + trigger = { + platform = "time"; + at = "10:35:00"; + }; + action = + [ + { service = "homeassistant.turn_on"; + entity_id = [ + "script.blitz_10s" + "script.random_daily" + ]; + } + ]; + + } + ]; +} diff --git a/makefu/2configs/bureautomation/multi/frosch.nix b/makefu/2configs/bureautomation/multi/frosch.nix index de93ce2b7..c0e267b69 100644 --- a/makefu/2configs/bureautomation/multi/frosch.nix +++ b/makefu/2configs/bureautomation/multi/frosch.nix @@ -1,6 +1,6 @@ { lib }: +# needs: binary_sensor.pommes let - random_pommes = '' {{ [ "Nur ein Pommes Tag ist ein guter Tag", "Schaut wie schön sie fliegen, die Pommes Seifenblasen", -- cgit v1.2.3 From c41e974b28e538f5e982e2daec134a2b12fa537b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 6 Nov 2019 08:56:20 +0100 Subject: nixpkgs-unstable: 471869c -> 7827d3f --- krebs/nixpkgs-unstable.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index a772c83a2..4829bec1d 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "471869c9185fb610e67940a701eb13b1cfb335a4", - "date": "2019-10-31T16:03:13+01:00", - "sha256": "1klbclz8n4b9k1kfwv806bqdavld1mg32l1vxsmnrqzr6zck1c54", + "rev": "7827d3f4497ed722fedca57fd4d5ca1a65c38256", + "date": "2019-11-03T11:21:05+01:00", + "sha256": "1ixjkb2ksri83iyhvl4a7hrfnb8zd3ps5jmirgaa7b617jn31cg6", "fetchSubmodules": false } -- cgit v1.2.3 From d40ee24dd506a8e9b1d6128208a36132eeb4e5cc Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Nov 2019 00:25:01 +0100 Subject: shack/node-light: bump to latest hash --- krebs/2configs/shack/node-light.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix index 38cb3b55d..9e3828463 100644 --- a/krebs/2configs/shack/node-light.nix +++ b/krebs/2configs/shack/node-light.nix @@ -4,8 +4,8 @@ let pkg = pkgs.callPackage ( pkgs.fetchgit { url = "https://git.shackspace.de/rz/node-light.git"; - rev = "32d8064db5172b8068f633211c8bd5688b2c8773"; - sha256 = "14jzhs7pp3hq42wq3cwqarivn1z7vcgksfzfqfc4yyh21096yi1j"; + rev = "9c3fe451897cf170fb192a2643180fdfe22388e8"; + sha256 = "1zsc38idg452r8wpcna5m3yqx0ri11bd1bw60bl0kpz96dqqnyba"; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; home = "/var/lib/node-light"; port = "8082"; -- cgit v1.2.3 From 42694196ee104c5e6a9a1b6d4c8c8580df73af00 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Nov 2019 00:25:42 +0100 Subject: shack/glados: fix regression, disable influx publisher, disable archiving --- krebs/2configs/shack/glados/default.nix | 43 +++++++++++++++------------------ 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix index dc345cc4e..a94e28375 100644 --- a/krebs/2configs/shack/glados/default.nix +++ b/krebs/2configs/shack/glados/default.nix @@ -53,20 +53,24 @@ in { elevation = 303; auth_providers = [ { type = "homeassistant";} - { type = "legacy_api_password";} { type = "trusted_networks"; - # allow_bypass_login = true; + trusted_networks = [ + "127.0.0.1/32" + "10.42.0.0/16" + "::1/128" + "fd00::/8" + ]; } ]; }; # https://www.home-assistant.io/components/influxdb/ - influxdb = { - database = "hass"; - tags = { - instance = "wolf"; - source = "hass"; - }; - }; + #influxdb = { + # database = "hass"; + # tags = { + # instance = "wolf"; + # source = "hass"; + # }; + #}; mqtt = { broker = "localhost"; port = 1883; @@ -110,26 +114,19 @@ in { base_url = "http://hass.shack"; use_x_forwarded_for = true; trusted_proxies = "127.0.0.1"; - api_password = "shackit"; - trusted_networks = [ - "127.0.0.1/32" - "10.42.0.0/16" - "::1/128" - "fd00::/8" - ]; }; - conversation = {}; - history = {}; - logbook = {}; + #conversation = {}; + #history = {}; + #logbook = {}; tts = [ { platform = "google"; language = "de"; } - { platform = "picotts"; - language = "de-DE"; - } + #{ platform = "picotts"; + # language = "de-DE"; + #} ]; - recorder = {}; + #recorder = {}; sun = {}; automation = wasser.automation; -- cgit v1.2.3 From 16e1495490f11a48dab42a769fbed7dffcbbdebf Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Nov 2019 09:47:29 +0100 Subject: shack/glados: remove version, google -> google_translate --- krebs/2configs/shack/glados/default.nix | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/krebs/2configs/shack/glados/default.nix b/krebs/2configs/shack/glados/default.nix index a94e28375..d000af397 100644 --- a/krebs/2configs/shack/glados/default.nix +++ b/krebs/2configs/shack/glados/default.nix @@ -39,8 +39,6 @@ in { })).override { extraPackages = ps: with ps; [ python-forecastio jsonrpc-async jsonrpc-websocket mpd2 - (callPackage ./deps/gtts-token.nix { }) - (callPackage ./deps/pyhaversion.nix { }) ]; }; autoExtraComponents = true; @@ -99,8 +97,7 @@ in { ]; sensor = - [{ platform = "version"; }] - ++ (import ./sensors/hass.nix) + (import ./sensors/hass.nix) ++ (import ./sensors/power.nix) ++ shackopen.sensor; @@ -109,8 +106,8 @@ in { camera = []; frontend = { }; + config = { }; http = { - # TODO: https://github.com/home-assistant/home-assistant/issues/16149 base_url = "http://hass.shack"; use_x_forwarded_for = true; trusted_proxies = "127.0.0.1"; @@ -119,7 +116,7 @@ in { #history = {}; #logbook = {}; tts = [ - { platform = "google"; + { platform = "google_translate"; language = "de"; } #{ platform = "picotts"; -- cgit v1.2.3 From 07712994e0a59201a498ec1815375f80a7aca122 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Nov 2019 10:59:12 +0100 Subject: ma: hardware.enableAllFirmware -> hardware.enableRedistributableFirmware what could possibly go wrong?! --- makefu/1systems/darth/config.nix | 2 +- makefu/1systems/repunit/config.nix | 2 +- makefu/1systems/tsp/config.nix | 2 +- makefu/2configs/fs/cac-boot-partition.nix | 3 +-- makefu/2configs/hw/tp-x2x0.nix | 2 +- 5 files changed, 5 insertions(+), 6 deletions(-) diff --git a/makefu/1systems/darth/config.nix b/makefu/1systems/darth/config.nix index 046c1574c..4e71d1426 100644 --- a/makefu/1systems/darth/config.nix +++ b/makefu/1systems/darth/config.nix @@ -41,7 +41,7 @@ in { makefu.server.primary-itf = "enp0s25"; # krebs.hidden-ssh.enable = true; boot.kernelModules = [ "coretemp" "f71882fg" ]; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; networking = { wireless.enable = true; diff --git a/makefu/1systems/repunit/config.nix b/makefu/1systems/repunit/config.nix index 996abff08..5589cc0a2 100644 --- a/makefu/1systems/repunit/config.nix +++ b/makefu/1systems/repunit/config.nix @@ -21,7 +21,7 @@ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; hardware.cpu.amd.updateMicrocode = true; # networking.firewall is enabled by default diff --git a/makefu/1systems/tsp/config.nix b/makefu/1systems/tsp/config.nix index 2921e2bcf..bbfaebd44 100644 --- a/makefu/1systems/tsp/config.nix +++ b/makefu/1systems/tsp/config.nix @@ -34,6 +34,6 @@ 25 ]; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; } diff --git a/makefu/2configs/fs/cac-boot-partition.nix b/makefu/2configs/fs/cac-boot-partition.nix index 3d59a25dd..14480bc4a 100644 --- a/makefu/2configs/fs/cac-boot-partition.nix +++ b/makefu/2configs/fs/cac-boot-partition.nix @@ -1,7 +1,6 @@ { config, lib, pkgs, ... }: # vda1 ext4 (label nixos) -> only root partition -with import ; { boot.loader.grub.enable = true; boot.loader.grub.version = 2; @@ -16,6 +15,6 @@ with import ; fsType = "ext4"; }; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; } diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index 564925db5..f4578bf77 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -15,7 +15,7 @@ networking.wireless.enable = lib.mkDefault true; - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; hardware.cpu.intel.updateMicrocode = true; -- cgit v1.2.3 From ef95a336406d7b0f49051b421ac3c85bb5614103 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Nov 2019 11:28:54 +0100 Subject: ma pkgs.bin2iso: use mirror of original sources --- makefu/5pkgs/bin2iso/default.nix | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/makefu/5pkgs/bin2iso/default.nix b/makefu/5pkgs/bin2iso/default.nix index 31d05fab3..676fa5b83 100644 --- a/makefu/5pkgs/bin2iso/default.nix +++ b/makefu/5pkgs/bin2iso/default.nix @@ -1,19 +1,17 @@ -{ stdenv, lib, pkgs, fetchurl }: +{ stdenv, lib, pkgs, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "bin2iso"; version = "1.9b"; - _dlver = builtins.replaceStrings ["."] [""] version; - name = "${pname}-${version}"; - src = fetchurl { - url = "http://users.eastlink.ca/~doiron/${pname}/linux/${pname}${_dlver}_linux.c"; - sha256 = "0gg4hbzlm83nnbccy79dnxbwpn7lxl3fb87ka36mlclikvknm2hy"; + src = fetchFromGitHub { + owner = "einsteinx2"; + repo = "bin2iso"; + rev = "a08f6f93b833878dc009fe59da072643f06a7830"; + sha256 = "1bnhj8z7wbq2v070zkx0xal6hx37y20a068gpy95zh13vihvbgh3"; }; - unpackPhase = "true"; - buildPhase ='' - gcc -Wall -o $pname $src + gcc -Wall -o $pname $src/src/linux_macos/${pname}_v${version}_linux.c ''; installPhase = '' @@ -21,7 +19,7 @@ stdenv.mkDerivation rec { ''; meta = { - homepage = http://users.eastlink.ca/~doiron/bin2iso/ ; + homepage = https://github.com/einsteinx2/bin2iso; description = "converts bin+cue to iso"; license = lib.licenses.gpl3; }; -- cgit v1.2.3 From cb014289287ca198418fb7ce3a253c87e7adc662 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 7 Nov 2019 11:51:32 +0100 Subject: ma wbob.r: hardware.enableRedistributableFirmware --- makefu/1systems/wbob/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 3306279b9..d8cf380e7 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -145,7 +145,7 @@ in { #}; # rt2870.bin wifi card, part of linux-unfree - hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash -- cgit v1.2.3 From 46cdc3ed4238965553d734b614b212fd96cba447 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Nov 2019 18:52:08 +0100 Subject: exim: remove because upstream has caught up --- krebs/5pkgs/override/default.nix | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 krebs/5pkgs/override/default.nix diff --git a/krebs/5pkgs/override/default.nix b/krebs/5pkgs/override/default.nix deleted file mode 100644 index 704831823..000000000 --- a/krebs/5pkgs/override/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -with import ; -self: super: { - - exim = super.exim.overrideAttrs (old: rec { - name = warnOldVersion old.name "exim-4.92.2"; - src = self.fetchurl { - url = "https://ftp.exim.org/pub/exim/exim4/${name}.tar.xz"; - sha256 = "0m56jsh2fzvwj4rdpcc3pkd5vsi40cjrpzalis7l1zq33m4axmq1"; - }; - }); - -} -- cgit v1.2.3 From d89080f8fab1f854461be15199dfa87f15c665e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 14 Nov 2019 21:06:49 +0100 Subject: nixpkgs: c5aabb0 -> cb2cdab --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 7fe43b4b5..47ff9864d 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "c5aabb0d603e2c1ea05f5a93b3be82437f5ebf31", - "date": "2019-10-31T21:10:56+01:00", - "sha256": "15fwszhn6078sbrb8qk83g8afvh4qnmvff0qbkbvq3cm1fxni2w1", + "rev": "cb2cdab71368885ce6408b3ad7cfcf544a8c38a0", + "date": "2019-11-13T08:06:47+01:00", + "sha256": "02vyx2ccrfqxz7ndlfww1ivqbq1qlmglq5690r6nvmylcm976dqw", "fetchSubmodules": false } -- cgit v1.2.3 From 7ec0d0aec76bed83642486e8503272c2a358c275 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 15 Nov 2019 10:31:07 +0000 Subject: m: use correct tinc addresses for amy/clara MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörg Thalheim --- krebs/3modules/external/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 247dae69c..821859f3c 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -359,8 +359,8 @@ in { nets = rec { retiolum = { addrs = [ - config.krebs.hosts.donna.nets.retiolum.ip4.addr - config.krebs.hosts.donna.nets.retiolum.ip6.addr + config.krebs.hosts.amy.nets.retiolum.ip4.addr + config.krebs.hosts.amy.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.181"; aliases = [ "amy.r" ]; @@ -387,8 +387,8 @@ in { nets = rec { retiolum = { addrs = [ - config.krebs.hosts.donna.nets.retiolum.ip4.addr - config.krebs.hosts.donna.nets.retiolum.ip6.addr + config.krebs.hosts.clara.nets.retiolum.ip4.addr + config.krebs.hosts.clara.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.182"; aliases = [ "clara.r" ]; -- cgit v1.2.3 From 99c985c77ff0933616f01bc7dc881d5abd214a28 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 17 Nov 2019 11:57:54 +0100 Subject: nixpkgs: cb2cdab -> 07e6648 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 47ff9864d..ba4b327f3 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "cb2cdab71368885ce6408b3ad7cfcf544a8c38a0", - "date": "2019-11-13T08:06:47+01:00", - "sha256": "02vyx2ccrfqxz7ndlfww1ivqbq1qlmglq5690r6nvmylcm976dqw", + "rev": "07e66484e679d0e28533543f762be20d6d425b66", + "date": "2019-11-16T11:23:08+00:00", + "sha256": "1d3n1yfp9xhl7nh377sp2wwnh0gscislg6gzj8sgdq169d18lgsg", "fetchSubmodules": false } -- cgit v1.2.3 From 6a102630063c01909fd1a5f383326834557b2c65 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 17 Nov 2019 12:01:31 +0100 Subject: nixpkgs-unstable: 7827d3f -> c196652 --- krebs/nixpkgs-unstable.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 4829bec1d..be96d5f7e 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "7827d3f4497ed722fedca57fd4d5ca1a65c38256", - "date": "2019-11-03T11:21:05+01:00", - "sha256": "1ixjkb2ksri83iyhvl4a7hrfnb8zd3ps5jmirgaa7b617jn31cg6", + "rev": "c1966522d7d5fa54db068140d212cba18731dd98", + "date": "2019-11-15T22:50:52+00:00", + "sha256": "104481nxv0hi1rk3g0fjzyki1668p4b46bz0j3lsqv5gv1nm43vm", "fetchSubmodules": false } -- cgit v1.2.3 From 62a59ad233ad9bcfdaad6a23f6994d1d90354c6b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 17 Nov 2019 15:45:06 +0100 Subject: l codimd: fix by using old version --- lass/2configs/codimd.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix index 5f802148b..b2d44d135 100644 --- a/lass/2configs/codimd.nix +++ b/lass/2configs/codimd.nix @@ -1,7 +1,18 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: with import ; +let + + nixpkgs_pre_node_10_17 = import (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = "81f4c491afbc8f0fe994ef946b1ac61cf1261577"; + sha256 = "0xvawrd9nq3ybvq2pdp5gyi8gygf0yimgp0bx1xggq6l8mvgrj71"; + }) {}; +in { + nixpkgs.config.packageOverrides = pkgs: { + codimd = nixpkgs_pre_node_10_17.codimd; + }; -{ services.nginx.virtualHosts.codimd = { enableACME = true; addSSL = true; -- cgit v1.2.3 From 7f41109bc9e52cf3b8a7e74efc7bb1480dbbc574 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 20 Nov 2019 21:38:16 +0100 Subject: l autowifi: convert to submodule --- .gitmodules | 6 ++ lass/5pkgs/autowifi | 1 + lass/5pkgs/autowifi/autowifi.py | 228 ---------------------------------------- lass/5pkgs/autowifi/default.nix | 1 - 4 files changed, 7 insertions(+), 229 deletions(-) create mode 160000 lass/5pkgs/autowifi delete mode 100644 lass/5pkgs/autowifi/autowifi.py delete mode 100644 lass/5pkgs/autowifi/default.nix diff --git a/.gitmodules b/.gitmodules index f35a9250d..15d1b41de 100644 --- a/.gitmodules +++ b/.gitmodules @@ -4,3 +4,9 @@ [submodule "submodules/krops"] path = submodules/krops url = https://cgit.krebsco.de/krops +[submodule "lass/5pkgs/autowifi"] + path = lass/5pkgs/autowifi + url = https://github.com/Lassulus/autowifi +[submodule "lass/5pkgs/--force"] + path = lass/5pkgs/--force + url = https://github.com/Lassulus/autowifi diff --git a/lass/5pkgs/autowifi b/lass/5pkgs/autowifi new file mode 160000 index 000000000..cf3ae8f6f --- /dev/null +++ b/lass/5pkgs/autowifi @@ -0,0 +1 @@ +Subproject commit cf3ae8f6fe285eab67db4f36f9a3da3762c35317 diff --git a/lass/5pkgs/autowifi/autowifi.py b/lass/5pkgs/autowifi/autowifi.py deleted file mode 100644 index fa3d007e7..000000000 --- a/lass/5pkgs/autowifi/autowifi.py +++ /dev/null @@ -1,228 +0,0 @@ -import subprocess -import time -import urllib.request -import logging -import argparse -import socket -import struct -import signal -import os - -wifiDB = '' -logger = logging.getLogger() -got_signal = False - - -def signal_handler(signum, frame): - global got_signal - got_signal = True - - -def get_default_gateway() -> str: - """Read the default gateway directly from /proc.""" - with open("/proc/net/route") as fh: - for line in fh: - fields = line.strip().split() - if fields[1] != '00000000' or not int(fields[3], 16) & 2: - continue - - return socket.inet_ntoa(struct.pack(" Date: Sun, 24 Nov 2019 10:14:07 +0100 Subject: nixpkgs-unstable: c196652 -> e89b215 --- krebs/nixpkgs-unstable.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index be96d5f7e..d77432258 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "c1966522d7d5fa54db068140d212cba18731dd98", - "date": "2019-11-15T22:50:52+00:00", - "sha256": "104481nxv0hi1rk3g0fjzyki1668p4b46bz0j3lsqv5gv1nm43vm", + "rev": "e89b21504f3e61e535229afa0b121defb52d2a50", + "date": "2019-11-19T07:59:43-05:00", + "sha256": "0jqcv3rfki3mwda00g66d27k6q2y7ca5mslrnshfpbdm7j8ya0kj", "fetchSubmodules": false } -- cgit v1.2.3 From 1144633bd009f24180067e93f1e7fdc0deb41a8c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Nov 2019 10:21:25 +0100 Subject: nixpkgs: 07e6648 -> 4ad6f14 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index ba4b327f3..bb35a51b0 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "07e66484e679d0e28533543f762be20d6d425b66", - "date": "2019-11-16T11:23:08+00:00", - "sha256": "1d3n1yfp9xhl7nh377sp2wwnh0gscislg6gzj8sgdq169d18lgsg", + "rev": "4ad6f1404a8cd69a11f16edba09cc569e5012e42", + "date": "2019-11-23T00:42:36+01:00", + "sha256": "1pclh0hvma66g3yxrrh9rlzpscqk5ylypnmiczz1bwwrl8n21q3h", "fetchSubmodules": false } -- cgit v1.2.3 From 5fa963b6bc879e1307978234c884e3a88d88c7a5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Nov 2019 18:15:14 +0100 Subject: delete mb --- krebs/3modules/default.nix | 1 - krebs/3modules/mb/default.nix | 151 -------- mb/1systems/gr33n/configuration.nix | 144 -------- mb/1systems/gr33n/hardware-configuration.nix | 37 -- mb/1systems/orange/configuration.nix | 238 ------------- mb/1systems/orange/hardware-configuration.nix | 28 -- mb/1systems/p1nk/configuration.nix | 227 ------------ mb/1systems/p1nk/hardware-configuration.nix | 29 -- mb/1systems/rofl/configuration.nix | 103 ------ mb/1systems/sunsh1n3/configuration.nix | 181 ---------- mb/1systems/sunsh1n3/hardware-configuration.nix | 29 -- mb/2configs/default.nix | 222 ------------ mb/2configs/google-compute-config.nix | 231 ------------ mb/2configs/headless.nix | 25 -- mb/2configs/neovimrc | 446 ------------------------ mb/2configs/nvim.nix | 70 ---- mb/2configs/qemu-guest.nix | 19 - mb/2configs/retiolum.nix | 33 -- mb/2configs/tests/dummy-secrets/retiolum.rsa | 4 - mb/3modules/default.nix | 6 - mb/3modules/hosts.nix | 12 - mb/5pkgs/default.nix | 11 - mb/default.nix | 14 - mb/krops.nix | 54 --- 24 files changed, 2315 deletions(-) delete mode 100644 krebs/3modules/mb/default.nix delete mode 100644 mb/1systems/gr33n/configuration.nix delete mode 100644 mb/1systems/gr33n/hardware-configuration.nix delete mode 100644 mb/1systems/orange/configuration.nix delete mode 100644 mb/1systems/orange/hardware-configuration.nix delete mode 100644 mb/1systems/p1nk/configuration.nix delete mode 100644 mb/1systems/p1nk/hardware-configuration.nix delete mode 100644 mb/1systems/rofl/configuration.nix delete mode 100644 mb/1systems/sunsh1n3/configuration.nix delete mode 100644 mb/1systems/sunsh1n3/hardware-configuration.nix delete mode 100644 mb/2configs/default.nix delete mode 100644 mb/2configs/google-compute-config.nix delete mode 100644 mb/2configs/headless.nix delete mode 100644 mb/2configs/neovimrc delete mode 100644 mb/2configs/nvim.nix delete mode 100644 mb/2configs/qemu-guest.nix delete mode 100644 mb/2configs/retiolum.nix delete mode 100644 mb/2configs/tests/dummy-secrets/retiolum.rsa delete mode 100644 mb/3modules/default.nix delete mode 100644 mb/3modules/hosts.nix delete mode 100644 mb/5pkgs/default.nix delete mode 100644 mb/default.nix delete mode 100644 mb/krops.nix diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index c770391c7..fcdbcbc19 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -103,7 +103,6 @@ let { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } - { krebs = import ./mb { inherit config; }; } { krebs = import ./nin { inherit config; }; } { krebs = import ./external/palo.nix { inherit config; }; } { krebs = import ./tv { inherit config; }; } diff --git a/krebs/3modules/mb/default.nix b/krebs/3modules/mb/default.nix deleted file mode 100644 index 31e01c4ab..000000000 --- a/krebs/3modules/mb/default.nix +++ /dev/null @@ -1,151 +0,0 @@ -with import ; -{ config, ... }: let - - hostDefaults = hostName: host: flip recursiveUpdate host { - ci = true; - owner = config.krebs.users.mb; - }; - -in { - hosts = mapAttrs hostDefaults { - orange = { - nets = { - retiolum = { - ip4.addr = "10.243.42.23"; - aliases = [ - "orange.r" - "or4ng3.r" - "0r4n93.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7P0CkmC5HWnTdgGFzmA - zQuJzHSkSjcGgSkIt0pvqU6xi8P/d4eJlmeXeGTpH62JfM1xhEMpxMVd/4NOON2u - IlWnfu5bB763145IJwE0HmZziWjQXWRPAZMqYdQ5f2Pvmxv1yr3uBNzr8UlV6BjD - FXn8sCvikXttYzts9szlz5+pkY09qfiz48+DMzRBNO6JzXYQ9kPyS+TIXlGpN4Jp - C1TRF38eF2DTEZ58Yx8Z99dGrXVuqlSe77fehTQGxCckTpaZ0HS3XfZNa/cas8JY - /0RzH2n2AndnPirISDZ7r4ZIFuKAaivqaEkM8v7llI77URVB9ZJb/IqCrBzueAbt - V/5ts2HpfBAUhw0RoiH8ql+IQZsuSOpRUC2gUN8460V4SQkVtDcsVTENiD+NM5Mg - ImBv041CsW/rSJOilT2r/rWDN8RFnz/RrAQn+L31KXr81kg1TOLxO0ybs/eMJM3r - RnHFZPiiKdqPlA60g0AnzKXPR2JTszHIgHHoRUW16I1WJeuAJNjg0JDQ0JM7pZ27 - JEaCc7uR12TPiuExKaNEaxKZVY1J0hzxOzF2MFIbAMVz/3K2ycvvuLxKojqIAXxA - D+UtcOfJ62k2WnLXOEIZqFU0J2bvhxYUZOFS55wIn1UJF7hemD/LUFHBiWnuhwHk - TAEl8M851t+Zp3hZeJzgx2kCAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - }; - rofl = { - nets = { - retiolum = { - ip4.addr = "10.243.42.43"; - aliases = [ - "rofl.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnysdVVwxkmSroNUleYZm - xdaIB9EdZYCo2xj3WyhsD2lWMpj51FzSH6Y052Vy1V1TCuIXIwjidpmMohBvflG8 - txKCaBGQOZbVqRgzyCDXsNisbr05ayYuHcRrXTpn5ask4HN0Vtx2uJOn8YmOxA0D - VhyEnf8xWu+vi8dwDqRVR17QnPBYqgenzIBmAuRngvNqg6WZg+E9X2e1Dco/PMzb - VW0AgC2+zFCl4+G7dEW7uhsI6IJLy4LsJuEN4TlvWAf7tfdFEnBzTfODW8quGdts - 1Yzah4svPNNt9F1ZhOR/1bDsfVoOjI76BgB0G+ZZPQAGV1zxgn8DXSKi/tJTLNu1 - vj/n9sUJfXMYQdTAOkABghCyEDFUspPKCffQqUXUcJbLKY9fNssGGBeanMsobUQC - Ch9z7kIJ52JDcP/D58z9Yf62P5ENqXzeVPCcodIOey1EizOu/FH3jVo52we1M5sp - 1iM4hMc3ZINUBI9AA1nLWWlB3lBnErAXrhmMMHjcO4nO7/M0YU+EalkDB5eIhqiH - QJx7VnOE2UZYU9Y0vVNSWfYocU12aABK98T7lr5Tde4dI1J81sk2MUZcbNHger3f - NxpvNzOBpeC5xvq/ENCRR7MDf/59xWW5P5N7PbGprLQAi8cfdSoIEhSPz17Taq1f - 3aAAePgBsZvRQozxXZfqp58CAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - }; - p1nk = { - nets = { - retiolum = { - ip4.addr = "10.243.42.42"; - aliases = [ - "p1nk.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5YVML71oW3iJrzZKuX48 - AKrGitO5zNvsAHOI8BVsGfZTyxAAZgG4OaDX45kr27K39NcBU43LdDD0I1yjNvGe - zAoL5MIiCPD/QR1kAvLmgpMUSqOVvrk+uoGLVt6dOGvxlOiG1AAaN0gA8Q0B/jZV - 4tZlBpZ7MX9xeK10wqVT56msN69P3EzKQn1uoVRrBxEnNvI1iqmmkgMLcrFVJFBQ - 888Uuw9Hx5MO7ES/ATe8mt0zReUGvn91jYVVsPpmAopWnjCol271gflY0RomFXKy - XaIuvbeF+3otF0+MNqJfm4IsAKJjvl92pjVX0f0eBCSPCYR7D1EtgQrqflLkZKZ8 - jBGDlgpsFWt/Omz1BYcuGZU/djM4+SNxr4YRYMi3lMix3s2PmHvm304I7eEEBlC9 - qy1jq/sLaf8mHJrF6Htl7W5WS/Famkwv/VreI92iHrhsmIDiX7OIbXzYDCxT/PQa - 6uCm/3jIbcHG/ZHZ12H6thkafK0Aoe009+p1n+5Y7V2oNvYe3KzZTnCN5t6z1QHZ - V5iypsd6lNDzlodjleTgGK8FmHGRPRdq1wb3eOLE8mWZj7ygDT50FwaC8FzAcHgC - bLN/zlHvCbYmk9IJhktO3B6wtMrZl60+XCpb5rTulM94RirifFYsnTIDJApI11yb - 3AYi5dQXHjab/lvj6917xa0CAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - }; - gr33n = { - nets = { - retiolum = { - ip4.addr = "10.243.42.123"; - aliases = [ - "gr33n.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqecLfk8TlGFF7JJpv8 - kjLFNgoNfu9FYRMNG4GSxWL5w+49n6b+GC5ciOC+RJ+N56jfB9JYE0MtbuOmkY5M - JUphuvgOCNhTbBJsjnmG9n02evpxZn9HWypNC3oQCvY2K7vHpIxGKR5PyTVKPO0P - OOYKAbCLD9F2bmuLaBQ/dFXFQxfu3tjvJI9mYDWBpSkh1mYeMZLw2xxnRZLs0bEO - ZWdzxCh9UM/mgb4WYuNED9+sz7MSsaMPAqquarFCguUxhjp6rElGFcNWjXaxA5zt - JGS6VompUViVSHjSaQ5/3VRKoIQjr4NOFYQqLpmB5S2OpiggV6I9OpB7QUGlvcYd - I3j+1AeK11HuEyPqSwxjNCCrI12bSIo3685BPHbl+AMhWGhzrCkAGcOCbAefreXQ - 5v4SaKUIDlCYhN+vyNdlu2jvqQlxfJrPAfBt+jJBK6gMcAEKc7P/Oj4B9Fsl331X - s0kWH5G9t6OhO/Of8/kb2/P+YEbM6zi1QQdZAOr6Cg0y4cMt9zxLWknaM4yEDAXH - oSM33PTv9DOvBjfxRXqOHqOHRq5ayqZdIFgfLUlPTdbWRkhNzjG8f7k7p32m20A6 - Kal+OF//I2c9E9vKFzyepyTcnwi3B8+cFJ74+XYaNApdwHSb1BU/+c3O9RJExZGV - jtTSbSJHU5esECtAuXy1XH8CAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - }; - sunsh1n3 = { - ci = false; - nets = { - retiolum = { - ip4.addr = "10.243.42.142"; - aliases = [ - "sunsh1n3.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo2VCqp6mUbyo3n+1XpKf - QavpgRYQyv9wAZzYSYHjxThuLmNb/wERPbWJFMZfAGuku0blKWJISSgFWd9YL7dU - pZQZxfqo/9xnS/r0xIKrKSsBiTZt7JZmTQzj1ri11TIO0S1QPjIP5HsxlZZAw0nz - idEDlKmgWs74FPdezlXqvJyEUKDqL/ZQBtdhZZIDMkSJnCdBzXxKwv+uLVE46ZBf - 4HrtQjcj+dyVMogMIoseAgf5lS6V3pyCM7/NHZFxrIxoIAxSsUoB59i2EbK6aUK5 - yuiWHI6ZHToxN2K/0SX96hzxcwrUmdk49tTHBY0Zhn2ku6NjQPU3LuxgIwrSaSJD - /KWh6XkqR7EsCVN0AIsLvFelI2ckSyNyAlnYbMAHDt7GwHlNp4Lsy+x4ZQ6m0xTY - Z+/jt6sfoMiulPcwWEpqNCCf5A65lF77DldQhH3qYrdQ756n/kOqSfQtPCnVNYXy - LlN5rKCOgxKxxtKkwMUif2OM9RPHpM7wS09Rvek6zpL9ymhU5THF7UylLKxKGjYj - 6dTooyRVQRJdrwIYLrJIy0MfGyYiGAJxf/C0KOOZnJPCW2b51+bo5Zh+BhKZYN8H - C2DEGc8+4h5hX1TAaUfTpfVm3mMTh8H2m9N8Pdl5ji+A0m0IwHDLQyaoskcxSjvU - 9IxYLfkSD6AJqasnHlz0L08CAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - }; - }; - users = { - mb = { - mail = "mb0@codemonkey.cc"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCHAdKGHP/De/GLEsPo5RBfbaiiitMw4Y/akOekJbImswT6Np2lzqno/WBJcfVs3D39wgPKNld4P/QZc5IwxC26q/PnBFu93KES0GqnlAqUNE63IOJ8UzNdyEqWggnRiLrBU+ZgyFZvmqp6NoSO4YEGEK4RZRMJM/GcAuQMj/nGjx2AHwPGZCkIRgz8/ctBOzX1/knZd3cOnNowH1wlqUKX6UcEzJdAVDQijHF1wl0Ri8tJKq9u8s/fw+1PSOpOHaeF1BALsXSKgeJDqUCTnZW5mAVUWJ86LvvyfCP4In9lhhLisbDm2cD96QaVvJyV6HfmegdSxZ1Phh+9Qz+3WhDJRedBTSKWfK/9j7VWSb+z/KV37q72W25ZfFMSay58LmCqn3v5fGt9qj4nlPw0By4baGLiGlA7xyvkJfdt8ZVPps5d2g6UprTbSA79lYN4qtWKq2Z9t317xch7Lix6EunQcoTkJ6QXEbDrAIk3zvkWr/CtpwEhNcSdWvQsua42dkD2oOI2F2IgFyYgOx9Iba2yj8A0TD2iqfYVhsJIYuk12QfeaR7ovQ6DhHlUxyQzeF6h0Y+I4AN6Sq/Mmj/cxfQoIaAEybUQMX+7KjFceIszT3JbGlz7DCxi7DMmNYuc7LELMRG3jNAOk+fW8u42Bhgc44tzvAondojerUGqCbUDw== mb0@codemonkey.cc"; - }; - }; -} diff --git a/mb/1systems/gr33n/configuration.nix b/mb/1systems/gr33n/configuration.nix deleted file mode 100644 index dcf987791..000000000 --- a/mb/1systems/gr33n/configuration.nix +++ /dev/null @@ -1,144 +0,0 @@ -{ config, pkgs, callPackage, ... }: let - unstable = import { config = { allowUnfree = true; }; }; -in { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - - ]; - - krebs.build.host = config.krebs.hosts.gr33n; - - boot.kernelPackages = pkgs.linuxPackages_latest; - boot.extraModulePackages = with config.boot.kernelPackages; [ wireguard ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; - fileSystems."/mnt/public" = { - device = "//192.168.0.4/public"; - fsType = "cifs"; - options = let - automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; - in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; - }; - - i18n = { - consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "de"; - defaultLocale = "en_US.UTF-8"; - }; - - time.timeZone = "Europe/Berlin"; - - nixpkgs.config.allowUnfree = true; - - nixpkgs.config.packageOverrides = super: { - openvpn = super.openvpn.override { - pkcs11Support = true; - useSystemd = false; - }; - }; - - environment.shellAliases = { - ll = "ls -alh"; - ls = "ls --color=tty"; - }; - - environment.systemPackages = with pkgs; [ - curl - fish - git - htop - nmap - ranger - tcpdump - tmux - traceroute - tree - vim - wcalc - wget - xz - zbackup - ]; - - programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - - sound.enable = false; - - services.openssh.enable = true; - services.openssh.passwordAuthentication = false; - - services.codimd = { - enable = true; - workDir = "/storage/codimd"; - configuration = { - port = 1337; - host = "0.0.0.0"; - db = { - dialect = "sqlite"; - storage = "/storage/codimd/db.codimd.sqlite"; - }; - }; - }; - - networking.wireless.enable = false; - networking.networkmanager.enable = false; - krebs.iptables.enable = true; - networking.enableIPv6 = false; - - programs.fish = { - enable = true; - shellInit = '' - function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' - if begin - set -q SSH_AGENT_PID - and kill -0 $SSH_AGENT_PID - and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline - end - echo "ssh-agent running on pid $SSH_AGENT_PID" - else - eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') - end - set -l identity $HOME/.ssh/id_rsa - set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') - ssh-add -l | grep -q $fingerprint - or ssh-add $identity - end - ''; - promptInit = '' - function fish_prompt --description 'Write out the prompt' - set -l color_cwd - set -l suffix - set -l nix_shell_info ( - if test "$IN_NIX_SHELL" != "" - echo -n " " - end - ) - switch "$USER" - case root toor - if set -q fish_color_cwd_root - set color_cwd $fish_color_cwd_root - else - set color_cwd $fish_color_cwd - end - set suffix '#' - case '*' - set color_cwd $fish_color_cwd - set suffix '>' - end - - echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " - end - ''; - }; - - nix.buildCores = 4; - system.autoUpgrade.enable = false; - system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; - system.stateVersion = "19.03"; - -} diff --git a/mb/1systems/gr33n/hardware-configuration.nix b/mb/1systems/gr33n/hardware-configuration.nix deleted file mode 100644 index 1d13b8dc7..000000000 --- a/mb/1systems/gr33n/hardware-configuration.nix +++ /dev/null @@ -1,37 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -{ - imports = - [ - ]; - - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - boot.initrd.mdadmConf = '' - ARRAY /dev/md0 level=raid6 num-devices=4 metadata=1.2 name=gr33n:0 UUID=5b715fd9:0be6bfa6:19f07db4:c16836d6 - devices=/dev/sda1,/dev/sdb1,/dev/sdc1,/dev/sdd1 - ''; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/a9f2c19b-f60f-450c-87f1-146a54c4198b"; - fsType = "ext4"; - }; - fileSystems."/storage" = - { device = "/dev/disk/by-label/storage"; - fsType = "ext4"; - }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/93EB-BCA3"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; -} diff --git a/mb/1systems/orange/configuration.nix b/mb/1systems/orange/configuration.nix deleted file mode 100644 index b43bd8a0f..000000000 --- a/mb/1systems/orange/configuration.nix +++ /dev/null @@ -1,238 +0,0 @@ -{ config, pkgs, callPackage, ... }: let - unstable = import { config = { allowUnfree = true; }; }; -in { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - - - ]; - - krebs.build.host = config.krebs.hosts.orange; - - boot.kernelPackages = pkgs.linuxPackages_latest; - boot.extraModulePackages = with config.boot.kernelPackages; [ wireguard ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - boot.initrd.luks.devices = [ - { - name = "root"; - device = "/dev/disk/by-uuid/09a36f91-a713-4b82-8b41-4e7a6acc4acf"; - preLVM = true; - allowDiscards = true; - } - ]; - - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; - fileSystems."/mnt/public" = { - device = "//192.168.0.4/public"; - fsType = "cifs"; - options = let - automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; - in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; - }; - - - # Select internationalisation properties. - i18n = { - consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "de"; - defaultLocale = "en_US.UTF-8"; - }; - - time.timeZone = "Europe/Berlin"; - - nixpkgs.config.packageOverrides = super: { - openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = false; }; - }; - - nixpkgs.config.allowUnfree = true; - - fonts = { - enableCoreFonts = true; - enableGhostscriptFonts = true; - fonts = with pkgs; [ - anonymousPro - corefonts - dejavu_fonts - envypn-font - fira - gentium - gohufont - inconsolata - liberation_ttf - powerline-fonts - source-code-pro - terminus_font - ttf_bitstream_vera - ubuntu_font_family - unifont - unstable.cherry - xorg.fontbitstream100dpi - xorg.fontbitstream75dpi - xorg.fontbitstreamtype1 - ]; - }; - - environment.systemPackages = with pkgs; [ - adapta-gtk-theme - aircrackng - ag - arandr - binutils - chromium - cifs-utils - curl - evince - exfat - feh - file - firefox - freetype - gimp - git - gnupg - graphite2 - hicolor_icon_theme - htop - i3lock - jq - keepassx2 - kvm - lxappearance - man-pages - moc - mpv - mpvc - mupdf - ncdu - nmap - openvpn - pass - p7zip - powertop - ranger - rofi - sshfs - tcpdump - tmux - traceroute - tree - unstable.alacritty - unstable.ponyc - unstable.sublime3 - unstable.youtube-dl - virt-viewer - virtmanager - vulnix - wcalc - wget - xz - zbackup - ]; - - environment.variables = { - EDITOR = ["nvim"]; - }; - - environment.shellAliases = { - ll = "ls -alh"; - ls = "ls --color=tty"; - }; - - virtualisation.libvirtd.enable = true; - #virtualisation.kvmgt.enable = true; - - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.pulseaudio.support32Bit = true; - nixpkgs.config.pulseaudio = true; - - services.xserver = { - enable = true; - layout = "de"; - xkbVariant = "nodeadkeys"; - libinput.enable = true; - desktopManager = { - default = "xfce"; - xterm.enable = false; - xfce = { - enable = true; - noDesktop = true; - enableXfwm = false; - }; - }; - windowManager.ratpoison.enable = true; - }; - - services.openssh.enable = true; - #services.openssh.permitRootLogin = "yes"; - services.openssh.passwordAuthentication = false; - - networking.wireless.enable = false; - networking.networkmanager.enable = false; - krebs.iptables.enable = true; - #networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; - networking.enableIPv6 = false; - - programs.fish = { - enable = true; - shellInit = '' - function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' - if begin - set -q SSH_AGENT_PID - and kill -0 $SSH_AGENT_PID - and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline - end - echo "ssh-agent running on pid $SSH_AGENT_PID" - else - eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') - end - set -l identity $HOME/.ssh/id_rsa - set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') - ssh-add -l | grep -q $fingerprint - or ssh-add $identity - end - ''; - promptInit = '' - function fish_prompt --description 'Write out the prompt' - set -l color_cwd - set -l suffix - set -l nix_shell_info ( - if test "$IN_NIX_SHELL" != "" - echo -n " " - end - ) - switch "$USER" - case root toor - if set -q fish_color_cwd_root - set color_cwd $fish_color_cwd_root - else - set color_cwd $fish_color_cwd - end - set suffix '#' - case '*' - set color_cwd $fish_color_cwd - set suffix '>' - end - - echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " - end - ''; - }; - - nix.maxJobs = 4; - nix.buildCores = 4; - system.autoUpgrade.enable = false; - system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; - system.stateVersion = "19.03"; - -} diff --git a/mb/1systems/orange/hardware-configuration.nix b/mb/1systems/orange/hardware-configuration.nix deleted file mode 100644 index 8aa191269..000000000 --- a/mb/1systems/orange/hardware-configuration.nix +++ /dev/null @@ -1,28 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -{ - imports = - [ - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ohci_pci" "ehci_pci" "pata_atiixp" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/b1d32c54-35f8-4bf1-9fd2-82adc760af01"; - fsType = "btrfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/BF9B-03A2"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; -} diff --git a/mb/1systems/p1nk/configuration.nix b/mb/1systems/p1nk/configuration.nix deleted file mode 100644 index 19efc75b0..000000000 --- a/mb/1systems/p1nk/configuration.nix +++ /dev/null @@ -1,227 +0,0 @@ -{ config, pkgs, callPackage, ... }: let - unstable = import { config = { allowUnfree = true; }; }; -in { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - - - ]; - - krebs.build.host = config.krebs.hosts.p1nk; - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - boot.initrd.luks.devices = [ - { - name = "root"; - device = "/dev/disk/by-uuid/0392257b-f6cf-484d-8c46-e20aab4fddb7"; - preLVM = true; - allowDiscards = true; - } - ]; - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; - fileSystems."/mnt/public" = { - device = "//192.168.0.4/public"; - fsType = "cifs"; - options = let - automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; - in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; - }; - - - i18n = { - consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "de"; - defaultLocale = "en_US.UTF-8"; - }; - - time.timeZone = "Europe/Berlin"; - - fonts = { - enableCoreFonts = true; - enableGhostscriptFonts = true; - fonts = with pkgs; [ - anonymousPro - corefonts - dejavu_fonts - envypn-font - fira - gentium - gohufont - inconsolata - liberation_ttf - powerline-fonts - source-code-pro - terminus_font - ttf_bitstream_vera - ubuntu_font_family - unifont - unstable.cherry - xorg.fontbitstream100dpi - xorg.fontbitstream75dpi - xorg.fontbitstreamtype1 - ]; - }; - - nixpkgs.config.packageOverrides = super: { - openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = false; }; - }; - - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs; [ - adapta-gtk-theme - aircrackng - ag - arandr - binutils - chromium - cifs-utils - curl - evince - exfat - feh - file - firefox - freetype - gimp - git - gnupg - graphite2 - hicolor_icon_theme - htop - i3lock - jq - keepassx2 - kvm - lxappearance - man-pages - moc - mpv - mpvc - mupdf - ncdu - nmap - openvpn - pass - p7zip - powertop - ranger - rofi - sshfs - tcpdump - tmux - traceroute - tree - unstable.alacritty - unstable.ponyc - unstable.sublime3 - youtube-dl - virt-viewer - virtmanager - vulnix - wcalc - wget - xz - zbackup - ]; - - environment.shellAliases = { - ll = "ls -alh"; - ls = "ls --color=tty"; - }; - - virtualisation.libvirtd.enable = true; - virtualisation.kvmgt.enable = true; - - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.pulseaudio.support32Bit = true; - - services.xserver = { - enable = true; - layout = "de"; - xkbOptions = "nodeadkeys"; - libinput.enable = true; - desktopManager = { - default = "xfce"; - xterm.enable = false; - xfce = { - enable = true; - noDesktop = true; - enableXfwm = false; - }; - }; - windowManager.ratpoison.enable = true; - windowManager.pekwm.enable = true; - }; - - services.openssh.enable = true; - services.openssh.passwordAuthentication = false; - - krebs.iptables.enable = true; - networking.networkmanager.enable = false; - networking.wireless.enable = true; - networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; - networking.enableIPv6 = false; - - programs.fish = { - enable = true; - shellInit = '' - function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' - if begin - set -q SSH_AGENT_PID - and kill -0 $SSH_AGENT_PID - and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline - end - echo "ssh-agent running on pid $SSH_AGENT_PID" - else - eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') - end - set -l identity $HOME/.ssh/id_rsa - set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') - ssh-add -l | grep -q $fingerprint - or ssh-add $identity - end - ''; - promptInit = '' - function fish_prompt --description 'Write out the prompt' - set -l color_cwd - set -l suffix - set -l nix_shell_info ( - if test "$IN_NIX_SHELL" != "" - echo -n " " - end - ) - switch "$USER" - case root toor - if set -q fish_color_cwd_root - set color_cwd $fish_color_cwd_root - else - set color_cwd $fish_color_cwd - end - set suffix '#' - case '*' - set color_cwd $fish_color_cwd - set suffix '>' - end - - echo -n -s "$USER" @ (set_color magenta) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " - end - ''; - }; - - nix.maxJobs = 4; - nix.buildCores = 4; - system.autoUpgrade.enable = false; - system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; - system.stateVersion = "19.03"; - -} diff --git a/mb/1systems/p1nk/hardware-configuration.nix b/mb/1systems/p1nk/hardware-configuration.nix deleted file mode 100644 index ab5b6e204..000000000 --- a/mb/1systems/p1nk/hardware-configuration.nix +++ /dev/null @@ -1,29 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -{ - imports = - [ - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/4cc2add6-ed19-4685-bbd9-b992bd8d51fb"; - fsType = "btrfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/9F87-AEAA"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; -} diff --git a/mb/1systems/rofl/configuration.nix b/mb/1systems/rofl/configuration.nix deleted file mode 100644 index 3c5c56c84..000000000 --- a/mb/1systems/rofl/configuration.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ config, pkgs, callPackage, ... }: let - unstable = import { config = { allowUnfree = true; }; }; -in { - imports = - [ # Include the results of the hardware scan. - - - ]; - - krebs.build.host = config.krebs.hosts.rofl; - - i18n = { - consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "de"; - defaultLocale = "en_US.UTF-8"; - }; - - time.timeZone = "Europe/Berlin"; - - nixpkgs.config.allowUnfree = true; - - environment.shellAliases = { - ll = "ls -alh"; - ls = "ls --color=tty"; - }; - - environment.systemPackages = with pkgs; [ - curl - fish - git - htop - nmap - ranger - tcpdump - tmux - traceroute - tree - vim - xz - zbackup - ]; - - sound.enable = false; - - services.openssh.enable = true; - services.openssh.passwordAuthentication = false; - - networking.wireless.enable = false; - networking.networkmanager.enable = false; - krebs.iptables.enable = true; - networking.enableIPv6 = false; - - programs.fish = { - enable = true; - shellInit = '' - function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' - if begin - set -q SSH_AGENT_PID - and kill -0 $SSH_AGENT_PID - and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline - end - echo "ssh-agent running on pid $SSH_AGENT_PID" - else - eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') - end - set -l identity $HOME/.ssh/id_rsa - set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') - ssh-add -l | grep -q $fingerprint - or ssh-add $identity - end - ''; - promptInit = '' - function fish_prompt --description 'Write out the prompt' - set -l color_cwd - set -l suffix - set -l nix_shell_info ( - if test "$IN_NIX_SHELL" != "" - echo -n " " - end - ) - switch "$USER" - case root toor - if set -q fish_color_cwd_root - set color_cwd $fish_color_cwd_root - else - set color_cwd $fish_color_cwd - end - set suffix '#' - case '*' - set color_cwd $fish_color_cwd - set suffix '>' - end - - echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " - end - ''; - }; - - system.autoUpgrade.enable = false; - system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; - system.stateVersion = "19.03"; - -} diff --git a/mb/1systems/sunsh1n3/configuration.nix b/mb/1systems/sunsh1n3/configuration.nix deleted file mode 100644 index 633d122ea..000000000 --- a/mb/1systems/sunsh1n3/configuration.nix +++ /dev/null @@ -1,181 +0,0 @@ - -{ config, pkgs, ... }: let - unstable = import { config = { allowUnfree = true; }; }; -in { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - - ]; - - krebs.build.host = config.krebs.hosts.sunsh1n3; - - boot.kernelPackages = pkgs.linuxPackages_latest; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; - - boot.initrd.luks.devices = [ - { - name = "root"; - device = "/dev/disk/by-uuid/5354ba31-c7de-4b55-8f86-a2a437dfbb21"; - preLVM = true; - allowDiscards = true; - } - ]; - - i18n = { - consoleFont = "Lat2-Terminus16"; - consoleKeyMap = "de"; - defaultLocale = "en_US.UTF-8"; - }; - - time.timeZone = "Europe/Berlin"; - - nixpkgs.config.packageOverrides = super : { - openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = true ; }; - }; - - nixpkgs.config.allowUnfree = true; - - fonts = { - enableCoreFonts = true; - enableGhostscriptFonts = true; - fonts = with pkgs; [ - anonymousPro - corefonts - dejavu_fonts - envypn-font - fira - gentium - gohufont - inconsolata - liberation_ttf - powerline-fonts - source-code-pro - terminus_font - ttf_bitstream_vera - ubuntu_font_family - unifont - unstable.cherry - xorg.fontbitstream100dpi - xorg.fontbitstream75dpi - xorg.fontbitstreamtype1 - ]; - }; - - environment.systemPackages = with pkgs; [ - wget vim git curl fish - ag - chromium - firefox - gimp - p7zip - htop - mpv - mpvc - nmap - ntfs3g - keepassx2 - sshfs - #unstable.skrooge - skrooge - unstable.alacritty - tmux - tree - wcalc - virtmanager - virt-viewer - (wine.override { wineBuild = "wineWow"; }) - xz - zbackup - ]; - - virtualisation.libvirtd.enable = true; - virtualisation.kvmgt.enable = true; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - - programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - programs.dconf.enable = true; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - services.openssh.passwordAuthentication = false; - - krebs.iptables.enable = true; - #networking.wireless.enable = true; - networking.networkmanager.enable = true; - networking.enableIPv6 = false; - - # Enable sound. - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.pulseaudio.support32Bit = true; - nixpkgs.config.pulseaudio = true; - - services.xserver.enable = true; - services.xserver.layout = "de"; - services.xserver.xkbOptions = "nodeadkeys"; - services.xserver.libinput.enable = true; - - # Enable the KDE Desktop Environment. - services.xserver.displayManager.sddm.enable = true; - services.xserver.desktopManager.plasma5.enable = true; - - programs.fish = { - enable = true; - shellInit = '' - function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' - if begin - set -q SSH_AGENT_PID - and kill -0 $SSH_AGENT_PID - and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline - end - echo "ssh-agent running on pid $SSH_AGENT_PID" - else - eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') - end - set -l identity $HOME/.ssh/id_rsa - set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') - ssh-add -l | grep -q $fingerprint - or ssh-add $identity - end - ''; - promptInit = '' - function fish_prompt --description 'Write out the prompt' - set -l color_cwd - set -l suffix - set -l nix_shell_info ( - if test "$IN_NIX_SHELL" != "" - echo -n " " - end - ) - switch "$USER" - case root toor - if set -q fish_color_cwd_root - set color_cwd $fish_color_cwd_root - else - set color_cwd $fish_color_cwd - end - set suffix '#' - case '*' - set color_cwd $fish_color_cwd - set suffix '>' - end - - echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " - end - ''; - }; - - nix.buildCores = 4; - - system.stateVersion = "19.09"; - -} diff --git a/mb/1systems/sunsh1n3/hardware-configuration.nix b/mb/1systems/sunsh1n3/hardware-configuration.nix deleted file mode 100644 index 2beee7c4f..000000000 --- a/mb/1systems/sunsh1n3/hardware-configuration.nix +++ /dev/null @@ -1,29 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, ... }: - -{ - imports = - [ - ]; - - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/a3257922-d2d4-45ae-87cc-cc38d32e0774"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/60A6-4DAB"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; -} diff --git a/mb/2configs/default.nix b/mb/2configs/default.nix deleted file mode 100644 index 3066d1c36..000000000 --- a/mb/2configs/default.nix +++ /dev/null @@ -1,222 +0,0 @@ -with import ; -{ config, pkgs, ... }: -{ - imports = [ - { - users.users = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.mb.pubkey - ]; - }; - mb = { - name = "mb"; - uid = 1337; - home = "/home/mb"; - group = "users"; - createHome = true; - shell = "/run/current-system/sw/bin/fish"; - extraGroups = [ - "audio" - "video" - "fuse" - "wheel" - "kvm" - "qemu-libvirtd" - "libvirtd" - ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.mb.pubkey - ]; - }; - xo = { - name = "xo"; - uid = 2323; - home = "/home/xo"; - group = "users"; - createHome = true; - shell = "/run/current-system/sw/bin/fish"; - extraGroups = [ - "audio" - "video" - "fuse" - "wheel" - "kvm" - "qemu-libvirtd" - "libvirtd" - ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.mb.pubkey - ]; - }; - }; - } - { - environment.variables = { - NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; - }; - } - (let ca-bundle = "/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - }) - ]; - - networking.hostName = config.krebs.build.host.name; - - krebs = { - enable = true; - build.user = config.krebs.users.mb; - }; - - users.mutableUsers = true; - - services.timesyncd.enable = mkForce true; - - systemd.tmpfiles.rules = [ - "d /tmp 1777 root root - -" - ]; - - # multiple-definition-problem when defining environment.variables.EDITOR - environment.extraInit = '' - EDITOR=vim - ''; - - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs; [ - #stockholm - git - git-preview - gnumake - jq - parallel - proot - populate - - #style - most - rxvt_unicode.terminfo - - #monitoring tools - htop - iotop - - #network - iptables - iftop - tcpdump - - #stuff for dl - aria2 - - #neat utils - fish - file - kpaste - krebspaste - mosh - pciutils - psmisc - tmux - untilport - usbutils - - #unpack stuff - p7zip - - (pkgs.writeDashBin "sshn" '' - ${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@" - '') - ]; - - services.openssh = { - enable = true; - permitRootLogin = "yes"; - passwordAuthentication = false; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - - programs.fish = { - enable = true; - shellInit = '' - function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' - if begin - set -q SSH_AGENT_PID - and kill -0 $SSH_AGENT_PID - and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline - end - echo "ssh-agent running on pid $SSH_AGENT_PID" - else - eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') - end - set -l identity $HOME/.ssh/id_rsa - set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') - ssh-add -l | grep -q $fingerprint - or ssh-add $identity - end - ''; - promptInit = '' - function fish_prompt --description 'Write out the prompt' - set -l color_cwd - set -l suffix - set -l nix_shell_info ( - if test "$IN_NIX_SHELL" != "" - echo -n " " - end - ) - switch "$USER" - case root toor - if set -q fish_color_cwd_root - set color_cwd $fish_color_cwd_root - else - set color_cwd $fish_color_cwd - end - set suffix '#' - case '*' - set color_cwd $fish_color_cwd - set suffix '>' - end - - echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " - end - ''; - }; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - krebs.iptables = { - enable = true; - tables = { - nat.PREROUTING.rules = [ - { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; } - { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; } - ]; - nat.OUTPUT.rules = [ - { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; } - ]; - filter.INPUT.policy = "DROP"; - filter.FORWARD.policy = "DROP"; - filter.INPUT.rules = [ - { predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";} - { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } - { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } - { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } - { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } - { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } - { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } - { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } - { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } - ]; - }; - }; -} diff --git a/mb/2configs/google-compute-config.nix b/mb/2configs/google-compute-config.nix deleted file mode 100644 index b201bd4b8..000000000 --- a/mb/2configs/google-compute-config.nix +++ /dev/null @@ -1,231 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib; -let - gce = pkgs.google-compute-engine; -in -{ - imports = [ - ./headless.nix - ./qemu-guest.nix - ]; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - autoResize = true; - }; - - boot.growPartition = true; - boot.kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ]; - boot.initrd.kernelModules = [ "virtio_scsi" ]; - boot.kernelModules = [ "virtio_pci" "virtio_net" ]; - - # Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd. - boot.loader.grub.device = "/dev/sda"; - boot.loader.timeout = 0; - - # Don't put old configurations in the GRUB menu. The user has no - # way to select them anyway. - boot.loader.grub.configurationLimit = 0; - - # Allow root logins only using the SSH key that the user specified - # at instance creation time. - #services.openssh.enable = true; - #services.openssh.permitRootLogin = "prohibit-password"; - #services.openssh.passwordAuthentication = mkDefault false; - - # Use GCE udev rules for dynamic disk volumes - services.udev.packages = [ gce ]; - - # Force getting the hostname from Google Compute. - networking.hostName = mkDefault ""; - - # Always include cryptsetup so that NixOps can use it. - environment.systemPackages = [ pkgs.cryptsetup ]; - - # Make sure GCE image does not replace host key that NixOps sets - environment.etc."default/instance_configs.cfg".text = lib.mkDefault '' - [InstanceSetup] - set_host_keys = false - ''; - - # Rely on GCP's firewall instead - networking.firewall.enable = mkDefault false; - - # Configure default metadata hostnames - networking.extraHosts = '' - 169.254.169.254 metadata.google.internal metadata - ''; - - networking.timeServers = [ "metadata.google.internal" ]; - - networking.usePredictableInterfaceNames = false; - - # GC has 1460 MTU - networking.interfaces.eth0.mtu = 1460; - - security.googleOsLogin.enable = true; - - systemd.services.google-clock-skew-daemon = { - description = "Google Compute Engine Clock Skew Daemon"; - after = [ - "network.target" - "google-instance-setup.service" - "google-network-setup.service" - ]; - requires = ["network.target"]; - wantedBy = ["multi-user.target"]; - serviceConfig = { - Type = "simple"; - ExecStart = "${gce}/bin/google_clock_skew_daemon --debug"; - }; - }; - - systemd.services.google-instance-setup = { - description = "Google Compute Engine Instance Setup"; - after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service"]; - before = ["sshd.service"]; - wants = ["local-fs.target" "network-online.target" "network.target"]; - wantedBy = [ "sshd.service" "multi-user.target" ]; - path = with pkgs; [ ethtool openssh ]; - serviceConfig = { - ExecStart = "${gce}/bin/google_instance_setup --debug"; - Type = "oneshot"; - }; - }; - - systemd.services.google-network-daemon = { - description = "Google Compute Engine Network Daemon"; - after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service" "google-instance-setup.service"]; - wants = ["local-fs.target" "network-online.target" "network.target"]; - requires = ["network.target"]; - partOf = ["network.target"]; - wantedBy = [ "multi-user.target" ]; - path = with pkgs; [ iproute ]; - serviceConfig = { - ExecStart = "${gce}/bin/google_network_daemon --debug"; - }; - }; - - systemd.services.google-shutdown-scripts = { - description = "Google Compute Engine Shutdown Scripts"; - after = [ - "local-fs.target" - "network-online.target" - "network.target" - "rsyslog.service" - "systemd-resolved.service" - "google-instance-setup.service" - "google-network-daemon.service" - ]; - wants = [ "local-fs.target" "network-online.target" "network.target"]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.coreutils}/bin/true"; - ExecStop = "${gce}/bin/google_metadata_script_runner --debug --script-type shutdown"; - Type = "oneshot"; - RemainAfterExit = true; - TimeoutStopSec = "infinity"; - }; - }; - - systemd.services.google-startup-scripts = { - description = "Google Compute Engine Startup Scripts"; - after = [ - "local-fs.target" - "network-online.target" - "network.target" - "rsyslog.service" - "google-instance-setup.service" - "google-network-daemon.service" - ]; - wants = ["local-fs.target" "network-online.target" "network.target"]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${gce}/bin/google_metadata_script_runner --debug --script-type startup"; - KillMode = "process"; - Type = "oneshot"; - }; - }; - - - # Settings taken from https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf - boot.kernel.sysctl = { - # Turn on SYN-flood protections. Starting with 2.6.26, there is no loss - # of TCP functionality/features under normal conditions. When flood - # protections kick in under high unanswered-SYN load, the system - # should remain more stable, with a trade off of some loss of TCP - # functionality/features (e.g. TCP Window scaling). - "net.ipv4.tcp_syncookies" = mkDefault "1"; - - # ignores source-routed packets - "net.ipv4.conf.all.accept_source_route" = mkDefault "0"; - - # ignores source-routed packets - "net.ipv4.conf.default.accept_source_route" = mkDefault "0"; - - # ignores ICMP redirects - "net.ipv4.conf.all.accept_redirects" = mkDefault "0"; - - # ignores ICMP redirects - "net.ipv4.conf.default.accept_redirects" = mkDefault "0"; - - # ignores ICMP redirects from non-GW hosts - "net.ipv4.conf.all.secure_redirects" = mkDefault "1"; - - # ignores ICMP redirects from non-GW hosts - "net.ipv4.conf.default.secure_redirects" = mkDefault "1"; - - # don't allow traffic between networks or act as a router - "net.ipv4.ip_forward" = mkDefault "0"; - - # don't allow traffic between networks or act as a router - "net.ipv4.conf.all.send_redirects" = mkDefault "0"; - - # don't allow traffic between networks or act as a router - "net.ipv4.conf.default.send_redirects" = mkDefault "0"; - - # reverse path filtering - IP spoofing protection - "net.ipv4.conf.all.rp_filter" = mkDefault "1"; - - # reverse path filtering - IP spoofing protection - "net.ipv4.conf.default.rp_filter" = mkDefault "1"; - - # ignores ICMP broadcasts to avoid participating in Smurf attacks - "net.ipv4.icmp_echo_ignore_broadcasts" = mkDefault "1"; - - # ignores bad ICMP errors - "net.ipv4.icmp_ignore_bogus_error_responses" = mkDefault "1"; - - # logs spoofed, source-routed, and redirect packets - "net.ipv4.conf.all.log_martians" = mkDefault "1"; - - # log spoofed, source-routed, and redirect packets - "net.ipv4.conf.default.log_martians" = mkDefault "1"; - - # implements RFC 1337 fix - "net.ipv4.tcp_rfc1337" = mkDefault "1"; - - # randomizes addresses of mmap base, heap, stack and VDSO page - "kernel.randomize_va_space" = mkDefault "2"; - - # Reboot the machine soon after a kernel panic. - "kernel.panic" = mkDefault "10"; - - ## Not part of the original config - - # provides protection from ToCToU races - "fs.protected_hardlinks" = mkDefault "1"; - - # provides protection from ToCToU races - "fs.protected_symlinks" = mkDefault "1"; - - # makes locating kernel addresses more difficult - "kernel.kptr_restrict" = mkDefault "1"; - - # set ptrace protections - "kernel.yama.ptrace_scope" = mkOverride 500 "1"; - - # set perf only available to root - "kernel.perf_event_paranoid" = mkDefault "2"; - }; -} diff --git a/mb/2configs/headless.nix b/mb/2configs/headless.nix deleted file mode 100644 index 46a9b6a7d..000000000 --- a/mb/2configs/headless.nix +++ /dev/null @@ -1,25 +0,0 @@ -# Common configuration for headless machines (e.g., Amazon EC2 -# instances). - -{ lib, ... }: - -with lib; - -{ - boot.vesa = false; - - # Don't start a tty on the serial consoles. - systemd.services."serial-getty@ttyS0".enable = false; - systemd.services."serial-getty@hvc0".enable = false; - systemd.services."getty@tty1".enable = false; - systemd.services."autovt@".enable = false; - - # Since we can't manually respond to a panic, just reboot. - boot.kernelParams = [ "panic=1" "boot.panic_on_fail" ]; - - # Don't allow emergency mode, because we don't have a console. - systemd.enableEmergencyMode = false; - - # Being headless, we don't need a GRUB splash image. - boot.loader.grub.splashImage = null; -} diff --git a/mb/2configs/neovimrc b/mb/2configs/neovimrc deleted file mode 100644 index 8dbeaec7b..000000000 --- a/mb/2configs/neovimrc +++ /dev/null @@ -1,446 +0,0 @@ - -"***************************************************************************** -"" Functions -"***************************************************************************** - -function! GetBufferList() - redir =>buflist - silent! ls! - redir END - return buflist -endfunction - -function! ToggleList(bufname, pfx) - let buflist = GetBufferList() - for bufnum in map(filter(split(buflist, '\n'), 'v:val =~ "'.a:bufname.'"'), 'str2nr(matchstr(v:val, "\\d\\+"))') - if bufwinnr(bufnum) != -1 - exec(a:pfx.'close') - return - endif - endfor - if a:pfx == 'l' && len(getloclist(0)) == 0 - echohl ErrorMsg - echo "Location List is Empty." - return - endif - let winnr = winnr() - exec(a:pfx.'open') - if winnr() != winnr - wincmd p - endif -endfunction - - -"***************************************************************************** -"" Basic Setup -"*****************************************************************************" -" General -let no_buffers_menu=1 -syntax on -set ruler -set number -set mousemodel=popup -set t_Co=256 -set guioptions=egmrti -set gfn=Monospace\ 10 - -" TODO: Testing if this works against automatically setting paste mode -" Issue: https://github.com/neovim/neovim/issues/7994 -au InsertLeave * set nopaste - - -" undofile - This allows you to use undos after exiting and restarting -" This, like swap and backups, uses .vim-undo first, then ~/.vim/undo -" :help undo-persistence -if exists("+undofile") - if isdirectory($HOME . '/.vim/undo') == 0 - :silent !mkdir -p ~/.vim/undo > /dev/null 2>&1 - endif - set undodir=./.vim-undo// - set undodir+=~/.vim/undo// - set undofile -endif - -" Encoding -set encoding=utf-8 -set fileencoding=utf-8 -set fileencodings=utf-8 -set bomb -set binary - -" Fix backspace indent -set backspace=indent,eol,start - -" Tabs. May be overriten by autocmd rules -set tabstop=4 -set softtabstop=0 -set shiftwidth=4 -set expandtab - -" Map leader to , -let mapleader=',' - -" Enable hidden buffers -set hidden - -" Searching -set hlsearch -set incsearch -set ignorecase -set smartcase - -" Directories for swp files -set nobackup -set noswapfile - -set fileformats=unix,dos,mac - -" File overview -set wildmode=list:longest,list:full -set wildignore+=*.o,*.obj,.git,*.rbc,*.pyc,__pycache__ - -" Shell to emulate -if exists('$SHELL') - set shell=$SHELL -else - set shell=/bin/bash -endif - -" Set color scheme -colorscheme molokai - -"Show always Status bar -set laststatus=2 - -" Use modeline overrides -set modeline -set modelines=10 - -" Set terminal title -set title -set titleold="Terminal" -set titlestring=%F - -" search will center on the line it's found in. -nnoremap n nzzzv -nnoremap N Nzzzv - - - -"***************************************************************************** -"" Abbreviations -"***************************************************************************** -" no one is really happy until you have this shortcuts -cnoreabbrev W! w! -cnoreabbrev Q! q! -cnoreabbrev Qall! qall! -cnoreabbrev Wq wq -cnoreabbrev Wa wa -cnoreabbrev wQ wq -cnoreabbrev WQ wq -cnoreabbrev W w -cnoreabbrev Q q -cnoreabbrev Qall qall - -" NERDTree configuration -let g:NERDTreeChDirMode=2 -let g:NERDTreeIgnore=['\.rbc$', '\~$', '\.pyc$', '\.db$', '\.sqlite$', '__pycache__'] -let g:NERDTreeSortOrder=['^__\.py$', '\/$', '*', '\.swp$', '\.bak$', '\~$'] -let g:NERDTreeShowBookmarks=1 -let g:nerdtree_tabs_focus_on_files=1 -let g:NERDTreeMapOpenInTabSilent = '' -let g:NERDTreeWinSize = 50 -set wildignore+=*/tmp/*,*.so,*.swp,*.zip,*.pyc,*.db,*.sqlite -nnoremap :NERDTreeFind -nnoremap :NERDTreeToggle - -" open terminal emulation -nnoremap sh :terminal:startinsert - -"***************************************************************************** -"" Autocmd Rules -"***************************************************************************** -"" The PC is fast enough, do syntax highlight syncing from start unless 200 lines -augroup vimrc-sync-fromstart - autocmd! - autocmd BufEnter * :syntax sync maxlines=200 -augroup END - -" Nasm filetype -augroup nasm - autocmd! - autocmd BufRead,BufNewFile *.nasm set ft=nasm -augroup END - -" Binary filetype -augroup Binary - au! - au BufReadPre *.bin,*.exe,*.elf let &bin=1 - au BufReadPost *.bin,*.exe,*.elf if &bin | %!xxd - au BufReadPost *.bin,*.exe,*.elf set ft=xxd | endif - au BufWritePre *.bin,*.exe,*.elf if &bin | %!xxd -r - au BufWritePre *.bin,*.exe,*.elf endif - au BufWritePost *.bin,*.exe,*.elf if &bin | %!xxd - au BufWritePost *.bin,*.exe,*.elf set nomod | endif -augroup END - -" Binary filetype -augroup fasm - au! - au BufReadPost *.fasm set ft=fasm -augroup END - -augroup deoplete-update - autocmd! - autocmd VimEnter * UpdateRemotePlugin -augroup END - -"" Remember cursor position -augroup vimrc-remember-cursor-position - autocmd! - autocmd BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif -augroup END - -"" txt -" augroup vimrc-wrapping -" autocmd! -" autocmd BufRead,BufNewFile *.txt call s:setupWrapping() -" augroup END - -"" make/cmake -augroup vimrc-make-cmake - autocmd! - autocmd FileType make setlocal noexpandtab - autocmd BufNewFile,BufRead CMakeLists.txt setlocal filetype=cmake -augroup END - -set autoread - -"***************************************************************************** -"" Mappings -"***************************************************************************** - -" Split -noremap h :split -noremap v :vsplit - -" Git -noremap ga :Gwrite -noremap gc :Gcommit -noremap gsh :Gpush -noremap gll :Gpull -noremap gs :Gstatus -noremap gb :Gblame -noremap gd :Gvdiff -noremap gr :Gremove - -" Tabs -nnoremap gt -nnoremap gT -nnoremap :tabnew - -" Set working directory -nnoremap . :lcd %:p:h - -" Opens an edit command with the path of the currently edited file filled in -noremap e :e =expand("%:p:h") . "/" - -" Opens a tab edit command with the path of the currently edited file filled -noremap te :tabe =expand("%:p:h") . "/" - -" Tagbar -nmap :TagbarToggle -let g:tagbar_autofocus = 1 - -" Copy/Paste/Cut -set clipboard^=unnamed,unnamedplus - -noremap YY "+y -noremap p "+gP -noremap XX "+x - -" Enable mouse for vim -set mouse=a - -" Buffer nav -noremap z :bp -noremap q :bp -noremap x :bn -noremap w :bn - -" Close buffer -noremap c :bd - -" Clean search (highlight) -nnoremap :noh - -" Switching windows -noremap j -noremap k -noremap l -noremap h - -" Vmap for maintain Visual Mode after shifting > and < -vmap < >gv - -" Move visual block -vnoremap J :m '>+1gv=gv -vnoremap K :m '<-2gv=gv - -" Open current line on GitHub -nnoremap o :.Gbrowse - - -" Save on strg+s if not in paste mode -nmap :w -vmap gv -imap - -" Quit on strg+q in normal mode -nnoremap :q - -" Strg+d to replace word under cursor -nnoremap :%s/\<\>//g - -" Strg+f ro find word under cursor -nnoremap :/ - -" Remove unneccessary spaces -nnoremap :let _s=@/ :%s/\s\+$//e :let @/=_s :nohl :unlet _s - -" Reindent whole file with F6 -map mzgg=G`z - -" Toggle location list -nmap :call ToggleList("Quickfix List", 'c') - -" Replacing text in visual mode doesn't copy it anymore -xmap p ReplaceWithRegisterVisual -xmap ReplaceWithRegisterVisual - -" ALE mappings -nmap i (ale_hover) -nmap d (ale_go_to_definition_in_tab) -nmap rf (ale_find_references) -nmap (ale_fix) - -" Vim-Go mappings -au FileType go nmap i :GoDoc -au FileType go nmap d :GoDef -au FileType go nmap rf :GoReferrers - - -"" Opens an edit command with the path of the currently edited file filled in -noremap e :e =expand("%:p:h") . "/" - -" Use tab for navigatin in autocompletion window -inoremap pumvisible() ? "\" : "\" -inoremap pumvisible() ? "\" : "\" - - -"***************************************************************************** -"" Plugin settings -"***************************************************************************** - -" vim-airline -set statusline+=%{fugitive#statusline()} -let g:airline_theme = 'powerlineish' -let g:airline#extensions#syntastic#enabled = 1 -let g:airline#extensions#branch#enabled = 1 -let g:airline#extensions#tabline#enabled = 1 -let g:airline#extensions#tagbar#enabled = 1 -let g:airline_skip_empty_sections = 1 -let g:airline#extensions#ale#enabled = 1 - -" show indent lines -let g:indent_guides_enable_on_vim_startup = 1 -let g:indent_guides_auto_colors = 0 -hi IndentGuidesOdd ctermbg=235 -hi IndentGuidesEven ctermbg=235 -let g:indent_guides_guide_size = 1 -let g:indent_guides_start_level = 2 - -" Enable autocompletion -let g:deoplete#enable_at_startup = 1 -set completeopt-=preview - -" Ale no preview on hover -let g:ale_close_preview_on_insert = 0 -let g:ale_cursor_detail = 0 - -" Ale skip if file size over 2G -let g:ale_maximum_file_size = "2147483648" - -" Ale to loclist and quickfix -let g:ale_set_quickfix = 1 -" let g:ale_set_loclist = 1 - - -" Ale language server -let g:ale_linters = { - \ 'python': ['pyls'], - \ 'c': ['cquery'], - \ 'cpp': ['cquery'], - \ 'xml': ['xmllint'] - \ } - - -" ALE fixers -let g:ale_fixers = { '*': ['remove_trailing_lines', 'trim_whitespace'] } -let g:ale_fixers.python = ['black'] -let g:ale_fixers.go = ['gofmt'] -let g:ale_fixers.c = ['clang-format'] -let g:ale_fixers.cpp = ['clang-format'] -let g:ale_fixers.json = ['jq'] -let g:ale_fixers.xml = ['xmllint'] - -let g:ale_completion_enabled = 1 -let g:ale_sign_error = '⤫' -let g:ale_sign_warning = '⚠' -let g:ale_lint_on_insert_leave = 1 - -" Vim-Go Settings -let g:go_auto_sameids = 1 -let g:go_fmt_command = "goimports" -let g:go_auto_type_info = 1 - -" Disable syntastic for langserver supported languages -let g:syntastic_mode_map = { - \ "mode": "active", - \ "passive_filetypes": ["go", "python", "c", "cpp", "xml" ] - \ } -let g:syntastic_always_populate_loc_list = 1 -let g:syntastic_auto_loc_list = 2 -let g:syntastic_aggregate_errors = 1 -let g:syntastic_check_on_open = 1 -let g:syntastic_check_on_wq = 0 -let g:syntastic_error_symbol='✗' -let g:syntastic_warning_symbol='⚠' -let g:syntastic_style_error_symbol = '✗' -let g:syntastic_style_warning_symbol = '⚠' - -"***************************************************************************** -"" Shortcuts overview -"***************************************************************************** -" Shortcuts overview -" F1 --> Filetree find -" F2 --> Filetree toggle -" F3 --> Function overview -" F4 --> Toggle error bar - -" F5 --> Remove trailing whitespaces -" F6 --> Reindent whole file -" F7 --> Format and lint file -" ,i --> Information about function -" ,d --> Jump to definition -" ,r --> Rename in all occurences -" ,rf --> Find references of function/variable -" ,e --> Change current file -" ,te --> Open file in new tab -" strg+f --> Find current selected word -" strg+d --> Replace current selected word -" strg+s --> Save file -" strg+q --> Close current file -" space+, --> Stop highlighting words after search - diff --git a/mb/2configs/nvim.nix b/mb/2configs/nvim.nix deleted file mode 100644 index a8e4173e2..000000000 --- a/mb/2configs/nvim.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ pkgs, config, ... }: let - #unstable = import { }; -in - -{ - environment.variables = { - EDITOR = ["nvim"]; - }; - - nixpkgs.config.packageOverrides = pkgs: with pkgs;{ - neovim_custom = neovim.override { - configure = { - customRC = builtins.readFile ./neovimrc; - - packages.myVimPackage = with pkgs.vimPlugins; - { - # loaded on launch - start = [ - nerdtree # file manager - commentary # comment stuff out based on language - fugitive # full git integration - vim-airline-themes # lean & mean status/tabline - vim-airline # status bar - gitgutter # git diff in the gutter (sign column) - vim-trailing-whitespace # trailing whitspaces in red - tagbar # F3 function overview - syntastic # Fallback to singlethreaded but huge syntax support - ReplaceWithRegister # For better copying/replacing - polyglot # Language pack - vim-indent-guides # for displaying indent levels - ale # threaded language client - vim-go # go linting - deoplete-go # go autocompletion completion - deoplete-nvim # general autocompletion - molokai # color scheme - ]; - - # manually loadable by calling `:packadd $plugin-name` - opt = []; - }; - }; - }; - }; - - environment.systemPackages = with pkgs; [ - ctags - neovim_custom - jq # For fixing json files - xxd # .bin files will be displayed with xxd - shellcheck # Shell linting - ansible-lint # Ansible linting - unzip # To vim into unzipped files - nodePackages.jsonlint # json linting - #python36Packages.python-language-server # python linting - #python36Packages.pyls-mypy # Python static type checker - #python36Packages.black # Python code formatter - #python37Packages.yamllint # For linting yaml files - #python37Packages.libxml2 # For fixing yaml files - cquery # C/C++ support - clang-tools # C++ fixer - ]; - - fonts = { - fonts = with pkgs; [ - font-awesome_5 - ]; - }; - -} - diff --git a/mb/2configs/qemu-guest.nix b/mb/2configs/qemu-guest.nix deleted file mode 100644 index 315d04093..000000000 --- a/mb/2configs/qemu-guest.nix +++ /dev/null @@ -1,19 +0,0 @@ -# Common configuration for virtual machines running under QEMU (using -# virtio). - -{ ... }: - -{ - boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_mmio" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" ]; - boot.initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ]; - - boot.initrd.postDeviceCommands = - '' - # Set the system time from the hardware clock to work around a - # bug in qemu-kvm > 1.5.2 (where the VM clock is initialised - # to the *boot time* of the host). - hwclock -s - ''; - - security.rngd.enable = false; -} diff --git a/mb/2configs/retiolum.nix b/mb/2configs/retiolum.nix deleted file mode 100644 index 5a87d52af..000000000 --- a/mb/2configs/retiolum.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ config, pkgs, ... }: - -{ - - krebs.iptables = { - tables = { - filter.INPUT.rules = let - tincport = toString config.krebs.build.host.nets.retiolum.tinc.port; - in [ - { predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; } - { predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; } - ]; - }; - }; - - krebs.tinc.retiolum = { - enableLegacy = true; - enable = true; - connectTo = [ - "prism" - "gum" - "ni" - ]; - }; - - nixpkgs.config.packageOverrides = pkgs: { - tinc = pkgs.tinc_pre; - }; - - environment.systemPackages = [ - pkgs.tinc - ]; -} diff --git a/mb/2configs/tests/dummy-secrets/retiolum.rsa b/mb/2configs/tests/dummy-secrets/retiolum.rsa deleted file mode 100644 index 99a4033f6..000000000 --- a/mb/2configs/tests/dummy-secrets/retiolum.rsa +++ /dev/null @@ -1,4 +0,0 @@ - ------BEGIN RSA PRIVATE KEY----- -this is a private key ------END RSA PRIVATE KEY----- diff --git a/mb/3modules/default.nix b/mb/3modules/default.nix deleted file mode 100644 index 99d09d4ec..000000000 --- a/mb/3modules/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: -{ - imports = [ - ./hosts.nix - ]; -} diff --git a/mb/3modules/hosts.nix b/mb/3modules/hosts.nix deleted file mode 100644 index 5dc9b5ca4..000000000 --- a/mb/3modules/hosts.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, ... }: - -with import ; - -{ - options.mb.hosts = mkOption { - type = types.attrsOf types.host; - default = - filterAttrs (_: host: host.owner.name == "mb" && host.ci) - config.krebs.hosts; - }; -} diff --git a/mb/5pkgs/default.nix b/mb/5pkgs/default.nix deleted file mode 100644 index 3fa5b5e85..000000000 --- a/mb/5pkgs/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -with import ; - -self: super: - -# Import files and subdirectories like they are overlays. -foldl' mergeAttrs {} - (map - (name: import (./. + "/${name}") self super) - (filter - (name: name != "default.nix" && !hasPrefix "." name) - (attrNames (readDir ./.)))) diff --git a/mb/default.nix b/mb/default.nix deleted file mode 100644 index 0bec0c2c2..000000000 --- a/mb/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ - ../krebs - ./2configs - ./3modules - ]; - nixpkgs.config.packageOverrides = import ./5pkgs pkgs; - krebs.tinc.retiolum.privkey = { - source-path = toString + "/${config.krebs.tinc.retiolum.netname}.rsa"; - path = "${config.krebs.tinc.retiolum.user.home}/tinc.rsa_key.priv"; - owner = config.krebs.tinc.retiolum.user; - }; -} diff --git a/mb/krops.nix b/mb/krops.nix deleted file mode 100644 index cb9ab3fdb..000000000 --- a/mb/krops.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ name }: let - inherit (import ../krebs/krops.nix { inherit name; }) - krebs-source - lib - pkgs - ; - - host-source = if lib.pathExists (./. + "/1systems/${name}/source.nix") then - import (./. + "/1systems/${name}/source.nix") { inherit lib pkgs; } - else - {} - ; - - source = { test }: lib.evalSource ([ - (krebs-source { test = test; }) - { - nixos-config.symlink = "stockholm/mb/1systems/${name}/configuration.nix"; - nixpkgs-unstable.git = { - url = "https://github.com/nixos/nixpkgs-channels"; - ref = "nixos-unstable"; - }; - secrets = if test then { - file = toString ./2configs/tests/dummy-secrets; - } else { - pass = { - dir = "${lib.getEnv "HOME"}/.password-store"; - name = "hosts/${name}"; - }; - }; - } - ] ++ (lib.optional (! test) host-source)); - -in { - - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) - deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" { - source = source { test = false; }; - inherit target; - }; - - # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A populate) - populate = { target, force ? false }: pkgs.populate { - inherit force; - source = source { test = false; }; - target = lib.mkTarget target; - }; - - # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) - test = { target }: pkgs.krops.writeTest "${name}-test" { - force = true; - inherit target; - source = source { test = true; }; - }; -} -- cgit v1.2.3 From 0d404b0c1e25ede892fc856bf8c619ead35c6863 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Nov 2019 18:48:13 +0100 Subject: newsbot-js: fix build on 19.09 --- .gitmodules | 3 - krebs/5pkgs/simple/newsbot-js/default.nix | 8 +- krebs/5pkgs/simple/newsbot-js/node-packages.nix | 461 ++++++++++-------------- krebs/5pkgs/simple/newsbot-js/update.sh | 4 +- 4 files changed, 204 insertions(+), 272 deletions(-) diff --git a/.gitmodules b/.gitmodules index 15d1b41de..5b4336510 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,6 +7,3 @@ [submodule "lass/5pkgs/autowifi"] path = lass/5pkgs/autowifi url = https://github.com/Lassulus/autowifi -[submodule "lass/5pkgs/--force"] - path = lass/5pkgs/--force - url = https://github.com/Lassulus/autowifi diff --git a/krebs/5pkgs/simple/newsbot-js/default.nix b/krebs/5pkgs/simple/newsbot-js/default.nix index 055e6b476..0ac66f433 100644 --- a/krebs/5pkgs/simple/newsbot-js/default.nix +++ b/krebs/5pkgs/simple/newsbot-js/default.nix @@ -1,11 +1,11 @@ -{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-12_x, pkgs, icu }: +{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs, pkgs, icu }: with lib; let nodeEnv = import { inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile; - nodejs = nodejs-12_x; + nodejs = nodejs; libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null; }; @@ -36,7 +36,7 @@ in stdenv.mkDerivation { ]; buildInputs = [ - nodejs-12_x + nodejs makeWrapper ]; @@ -45,7 +45,7 @@ in stdenv.mkDerivation { cp newsbot.js $out/ cat > $out/newsbot << EOF - ${nodejs-12_x}/bin/node $out/newsbot.js + ${nodejs}/bin/node $out/newsbot.js EOF chmod +x $out/newsbot diff --git a/krebs/5pkgs/simple/newsbot-js/node-packages.nix b/krebs/5pkgs/simple/newsbot-js/node-packages.nix index d6b2a06dd..ea45b93f3 100644 --- a/krebs/5pkgs/simple/newsbot-js/node-packages.nix +++ b/krebs/5pkgs/simple/newsbot-js/node-packages.nix @@ -1,4 +1,4 @@ -# This file has been generated by node2nix 1.5.3. Do not edit! +# This file has been generated by node2nix 1.7.0. Do not edit! {nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: @@ -13,22 +13,13 @@ let sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746"; }; }; - "ajv-5.5.2" = { + "ajv-6.10.2" = { name = "ajv"; packageName = "ajv"; - version = "5.5.2"; + version = "6.10.2"; src = fetchurl { - url = "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz"; - sha1 = "73b5eeca3fab653e3d3f9422b341ad42205dc965"; - }; - }; - "array-filter-0.0.1" = { - name = "array-filter"; - packageName = "array-filter"; - version = "0.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/array-filter/-/array-filter-0.0.1.tgz"; - sha1 = "7da8cf2e26628ed732803581fd21f67cacd2eeec"; + url = "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz"; + sha512 = "TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw=="; }; }; "array-indexofobject-0.0.1" = { @@ -40,31 +31,13 @@ let sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a"; }; }; - "array-map-0.0.0" = { - name = "array-map"; - packageName = "array-map"; - version = "0.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/array-map/-/array-map-0.0.0.tgz"; - sha1 = "88a2bab73d1cf7bcd5c1b118a003f66f665fa662"; - }; - }; - "array-reduce-0.0.0" = { - name = "array-reduce"; - packageName = "array-reduce"; - version = "0.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/array-reduce/-/array-reduce-0.0.0.tgz"; - sha1 = "173899d3ffd1c7d9383e4479525dbe278cab5f2b"; - }; - }; - "asn1-0.2.3" = { + "asn1-0.2.4" = { name = "asn1"; packageName = "asn1"; - version = "0.2.3"; + version = "0.2.4"; src = fetchurl { - url = "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz"; - sha1 = "dac8787713c9966849fc8180777ebe9c1ddf3b86"; + url = "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz"; + sha512 = "jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg=="; }; }; "assert-plus-1.0.0" = { @@ -94,40 +67,22 @@ let sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8"; }; }; - "aws4-1.6.0" = { + "aws4-1.8.0" = { name = "aws4"; packageName = "aws4"; - version = "1.6.0"; + version = "1.8.0"; src = fetchurl { - url = "https://registry.npmjs.org/aws4/-/aws4-1.6.0.tgz"; - sha1 = "83ef5ca860b2b32e4a0deedee8c771b9db57471e"; + url = "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz"; + sha512 = "ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ=="; }; }; - "bcrypt-pbkdf-1.0.1" = { + "bcrypt-pbkdf-1.0.2" = { name = "bcrypt-pbkdf"; packageName = "bcrypt-pbkdf"; - version = "1.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz"; - sha1 = "63bc5dcb61331b92bc05fd528953c33462a06f8d"; - }; - }; - "boom-4.3.1" = { - name = "boom"; - packageName = "boom"; - version = "4.3.1"; - src = fetchurl { - url = "https://registry.npmjs.org/boom/-/boom-4.3.1.tgz"; - sha1 = "4f8a3005cb4a7e3889f749030fd25b96e01d2e31"; - }; - }; - "boom-5.2.0" = { - name = "boom"; - packageName = "boom"; - version = "5.2.0"; + version = "1.0.2"; src = fetchurl { - url = "https://registry.npmjs.org/boom/-/boom-5.2.0.tgz"; - sha512 = "19h20yqpvca08dns1rs4f057f10w63v0snxfml4h5khsk266x3x1im0w72bza4k2xn0kfz6jlv001dhcvxsjr09bmbqnysils9m7437"; + url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz"; + sha1 = "a4301d389b6a43f9b67ff3ca11a3f6637e360e9e"; }; }; "caseless-0.12.0" = { @@ -139,22 +94,13 @@ let sha1 = "1b681c21ff84033c826543090689420d187151dc"; }; }; - "co-4.6.0" = { - name = "co"; - packageName = "co"; - version = "4.6.0"; - src = fetchurl { - url = "https://registry.npmjs.org/co/-/co-4.6.0.tgz"; - sha1 = "6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184"; - }; - }; - "combined-stream-1.0.6" = { + "combined-stream-1.0.8" = { name = "combined-stream"; packageName = "combined-stream"; - version = "1.0.6"; + version = "1.0.8"; src = fetchurl { - url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.6.tgz"; - sha1 = "723e7df6e801ac5613113a7e445a9b69cb632818"; + url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz"; + sha512 = "FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg=="; }; }; "core-util-is-1.0.2" = { @@ -166,15 +112,6 @@ let sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7"; }; }; - "cryptiles-3.1.2" = { - name = "cryptiles"; - packageName = "cryptiles"; - version = "3.1.2"; - src = fetchurl { - url = "https://registry.npmjs.org/cryptiles/-/cryptiles-3.1.2.tgz"; - sha1 = "a89fbb220f5ce25ec56e8c4aa8a4fd7b5b0d29fe"; - }; - }; "dashdash-1.14.1" = { name = "dashdash"; packageName = "dashdash"; @@ -193,22 +130,22 @@ let sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619"; }; }; - "ecc-jsbn-0.1.1" = { + "ecc-jsbn-0.1.2" = { name = "ecc-jsbn"; packageName = "ecc-jsbn"; - version = "0.1.1"; + version = "0.1.2"; src = fetchurl { - url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz"; - sha1 = "0fc73a9ed5f0d53c38193398523ef7e543777505"; + url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz"; + sha1 = "3a83a904e54353287874c564b7549386849a98c9"; }; }; - "extend-3.0.1" = { + "extend-3.0.2" = { name = "extend"; packageName = "extend"; - version = "3.0.1"; + version = "3.0.2"; src = fetchurl { - url = "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz"; - sha1 = "a755ea7bc1adfcc5a31ce7e762dbaadc5e636444"; + url = "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz"; + sha512 = "fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g=="; }; }; "extsprintf-1.3.0" = { @@ -220,13 +157,13 @@ let sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05"; }; }; - "fast-deep-equal-1.1.0" = { + "fast-deep-equal-2.0.1" = { name = "fast-deep-equal"; packageName = "fast-deep-equal"; - version = "1.1.0"; + version = "2.0.1"; src = fetchurl { - url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz"; - sha1 = "c053477817c86b51daa853c81e059b733d023614"; + url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz"; + sha1 = "7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49"; }; }; "fast-json-stable-stringify-2.0.0" = { @@ -247,13 +184,13 @@ let sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91"; }; }; - "form-data-2.3.2" = { + "form-data-2.3.3" = { name = "form-data"; packageName = "form-data"; - version = "2.3.2"; + version = "2.3.3"; src = fetchurl { - url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz"; - sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099"; + url = "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz"; + sha512 = "1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ=="; }; }; "getpass-0.1.7" = { @@ -274,31 +211,13 @@ let sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92"; }; }; - "har-validator-5.0.3" = { + "har-validator-5.1.3" = { name = "har-validator"; packageName = "har-validator"; - version = "5.0.3"; + version = "5.1.3"; src = fetchurl { - url = "https://registry.npmjs.org/har-validator/-/har-validator-5.0.3.tgz"; - sha1 = "ba402c266194f15956ef15e0fcf242993f6a7dfd"; - }; - }; - "hawk-6.0.2" = { - name = "hawk"; - packageName = "hawk"; - version = "6.0.2"; - src = fetchurl { - url = "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz"; - sha512 = "1nl2hjr2mnhj5jlaz8mh54z7acwz5j5idkch04qgjk78756gw5d0fjk4a2immil5ij9ijdssb9ndpryvnh2xpcbgcjv8lxybn330als"; - }; - }; - "hoek-4.2.1" = { - name = "hoek"; - packageName = "hoek"; - version = "4.2.1"; - src = fetchurl { - url = "https://registry.npmjs.org/hoek/-/hoek-4.2.1.tgz"; - sha512 = "1y8kprb3qldxqj31zai5n8dvhydsl9nn5w4rskhnbzzhldn6pm6n5lcyam3sfkb61a62d5m58k8im7z6ngwbd9cw9zp4zm4y7ckrf20"; + url = "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz"; + sha512 = "sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g=="; }; }; "http-signature-1.2.0" = { @@ -319,22 +238,22 @@ let sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed"; }; }; - "inherits-2.0.3" = { + "inherits-2.0.4" = { name = "inherits"; packageName = "inherits"; - version = "2.0.3"; + version = "2.0.4"; src = fetchurl { - url = "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz"; - sha1 = "633c2c83e3da42a502f52466022480f4208261de"; + url = "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz"; + sha512 = "k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="; }; }; - "irc-colors-1.4.2" = { + "irc-colors-1.5.0" = { name = "irc-colors"; packageName = "irc-colors"; - version = "1.4.2"; + version = "1.5.0"; src = fetchurl { - url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.4.2.tgz"; - sha512 = "0f75yhavbhr8lbh3lh83rvyfrrrcxjawnd2rz7sacjd3zxj5524xr28j66f2l11vlngdkbplxz5xsq9dnwrcyqa0jh64k2pvzhn17a1"; + url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.5.0.tgz"; + sha512 = "HtszKchBQTcqw1DC09uD7i7vvMayHGM1OCo6AHt5pkgZEyo99ClhHTMJdf+Ezc9ovuNNxcH89QfyclGthjZJOw=="; }; }; "is-typedarray-1.0.0" = { @@ -382,13 +301,13 @@ let sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13"; }; }; - "json-schema-traverse-0.3.1" = { + "json-schema-traverse-0.4.1" = { name = "json-schema-traverse"; packageName = "json-schema-traverse"; - version = "0.3.1"; + version = "0.4.1"; src = fetchurl { - url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz"; - sha1 = "349a6d44c53a51de89b40805c5d5e59b417d3340"; + url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz"; + sha512 = "xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="; }; }; "json-stringify-safe-5.0.1" = { @@ -400,15 +319,6 @@ let sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb"; }; }; - "jsonify-0.0.0" = { - name = "jsonify"; - packageName = "jsonify"; - version = "0.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz"; - sha1 = "2c74b6ee41d93ca51b7b5aaee8f503631d252a73"; - }; - }; "jsprim-1.4.1" = { name = "jsprim"; packageName = "jsprim"; @@ -454,40 +364,40 @@ let sha1 = "d0225373aeb652adc1bc82e4945339a842754773"; }; }; - "mime-db-1.33.0" = { + "mime-db-1.42.0" = { name = "mime-db"; packageName = "mime-db"; - version = "1.33.0"; + version = "1.42.0"; src = fetchurl { - url = "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz"; - sha512 = "36xnw59ik9fqym00cmwb5nyzg0l03k70cp413f7639j93wgmzk1mh0xjc7i6zz3r6k9xnwh0g5cm5a1f3y8c6plgy4qld7fm887ywh4"; + url = "https://registry.npmjs.org/mime-db/-/mime-db-1.42.0.tgz"; + sha512 = "UbfJCR4UAVRNgMpfImz05smAXK7+c+ZntjaA26ANtkXLlOe947Aag5zdIcKQULAiF9Cq4WxBi9jUs5zkA84bYQ=="; }; }; - "mime-types-2.1.18" = { + "mime-types-2.1.25" = { name = "mime-types"; packageName = "mime-types"; - version = "2.1.18"; + version = "2.1.25"; src = fetchurl { - url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.18.tgz"; - sha512 = "22krj1kw7n9z10zdyx7smcaim4bzwqsqzhspwha06q58gcrxfp93hw2cd0vk5crhq5p2dwzqlpacg32lrmp5sjzb798zdzy35mdmkwm"; + url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.25.tgz"; + sha512 = "5KhStqB5xpTAeGqKBAMgwaYMnQik7teQN4IAzC7npDv6kzeU6prfkR67bc87J1kWMPGkoaZSq1npmexMgkmEVg=="; }; }; - "mri-1.1.0" = { + "mri-1.1.4" = { name = "mri"; packageName = "mri"; - version = "1.1.0"; + version = "1.1.4"; src = fetchurl { - url = "https://registry.npmjs.org/mri/-/mri-1.1.0.tgz"; - sha1 = "5c0a3f29c8ccffbbb1ec941dcec09d71fa32f36a"; + url = "https://registry.npmjs.org/mri/-/mri-1.1.4.tgz"; + sha512 = "6y7IjGPm8AzlvoUrwAaw1tLnUBudaS3752vcd8JtrpGGQn+rXIe63LFVHm/YMwtqAuh+LJPCFdlLYPWM1nYn6w=="; }; }; - "nan-2.10.0" = { + "nan-2.14.0" = { name = "nan"; packageName = "nan"; - version = "2.10.0"; + version = "2.14.0"; src = fetchurl { - url = "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz"; - sha512 = "349rr7x0djrlkav4gbhkg355852ingn965r0kkch8rr4cwp7qki9676zpq8cq988yszzd2hld6szsbbnd1v6rghzf11abn1nyzlj1vc"; + url = "https://registry.npmjs.org/nan/-/nan-2.14.0.tgz"; + sha512 = "INOFj37C7k3AfaNTtX8RhsTw7qRy7eLET14cROi9+5HAVbbHuIWUHEauBv5qT4Av2tWasiTY1Jw6puUNqRJXQg=="; }; }; "node-icu-charset-detector-0.2.0" = { @@ -499,13 +409,13 @@ let sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639"; }; }; - "oauth-sign-0.8.2" = { + "oauth-sign-0.9.0" = { name = "oauth-sign"; packageName = "oauth-sign"; - version = "0.8.2"; + version = "0.9.0"; src = fetchurl { - url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz"; - sha1 = "46a6ab7f0aead8deae9ec0565780b7d4efeb9d43"; + url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz"; + sha512 = "fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="; }; }; "performance-now-2.1.0" = { @@ -517,13 +427,22 @@ let sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"; }; }; - "process-nextick-args-2.0.0" = { + "process-nextick-args-2.0.1" = { name = "process-nextick-args"; packageName = "process-nextick-args"; - version = "2.0.0"; + version = "2.0.1"; src = fetchurl { - url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz"; - sha512 = "0rw8xpqqkhs91722slvzf8icxfaimqp4w8zb3840jxr7r8n8035byl6dhdi5bm0yr6x7sdws0gf3m025fg6hqgaklwlbl4d7bah5l9j"; + url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz"; + sha512 = "3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="; + }; + }; + "psl-1.4.0" = { + name = "psl"; + packageName = "psl"; + version = "1.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz"; + sha512 = "HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw=="; }; }; "punycode-1.4.1" = { @@ -535,13 +454,22 @@ let sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"; }; }; - "qs-6.5.1" = { + "punycode-2.1.1" = { + name = "punycode"; + packageName = "punycode"; + version = "2.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz"; + sha512 = "XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A=="; + }; + }; + "qs-6.5.2" = { name = "qs"; packageName = "qs"; - version = "6.5.1"; + version = "6.5.2"; src = fetchurl { - url = "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz"; - sha512 = "3waqapyj1k4g135sgj636rmswiaixq19is1rw0rpv4qp6k7dl0a9nwy06m7yl5lbdk9p6xpwwngnggbzlzaz6rh11c86j2nvnnf273r"; + url = "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz"; + sha512 = "N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA=="; }; }; "readable-stream-2.3.6" = { @@ -550,16 +478,34 @@ let version = "2.3.6"; src = fetchurl { url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz"; - sha512 = "0mj9b6190amln9rg89x5pq2n195s3v0gzicpdamv1kbabg69aw5m71l34jsjn7bqil7405l6l35x9ijnb3h4jz5vx2i00l8sl1ll2xm"; + sha512 = "tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw=="; }; }; - "safe-buffer-5.1.1" = { + "safe-buffer-5.1.2" = { name = "safe-buffer"; packageName = "safe-buffer"; - version = "5.1.1"; + version = "5.1.2"; src = fetchurl { - url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz"; - sha512 = "1p28rllll1w65yzq5azi4izx962399xdsdlfbaynn7vmp981hiss05jhiy9hm7sbbfk3b4dhlcv0zy07fc59mnc07hdv6wcgqkcvawh"; + url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz"; + sha512 = "Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="; + }; + }; + "safe-buffer-5.2.0" = { + name = "safe-buffer"; + packageName = "safe-buffer"; + version = "5.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz"; + sha512 = "fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="; + }; + }; + "safer-buffer-2.1.2" = { + name = "safer-buffer"; + packageName = "safer-buffer"; + version = "2.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz"; + sha512 = "YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="; }; }; "sax-1.2.4" = { @@ -568,25 +514,16 @@ let version = "1.2.4"; src = fetchurl { url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz"; - sha512 = "1dn291mjsda42w8kldlbmngk6dhjxfbvvd5lckyqmwbjaj6069iq3wx0nvcfglwnpddz2qa93lzf4hv77iz43bd2qixa079sjzl799n"; + sha512 = "NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="; }; }; - "sntp-2.1.0" = { - name = "sntp"; - packageName = "sntp"; - version = "2.1.0"; - src = fetchurl { - url = "https://registry.npmjs.org/sntp/-/sntp-2.1.0.tgz"; - sha512 = "0k2smmr24w5hb1cpql6vcgh58vzp4pmh9anf0bgz3arlsgq1mapnlq9fjqr6xs10aq1cmxaw987fwknqi62frax0fvs9bj3q3kmpg8l"; - }; - }; - "sshpk-1.14.1" = { + "sshpk-1.16.1" = { name = "sshpk"; packageName = "sshpk"; - version = "1.14.1"; + version = "1.16.1"; src = fetchurl { - url = "https://registry.npmjs.org/sshpk/-/sshpk-1.14.1.tgz"; - sha1 = "130f5975eddad963f1d56f92b9ac6c51fa9f83eb"; + url = "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz"; + sha512 = "HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg=="; }; }; "string_decoder-1.1.1" = { @@ -595,25 +532,16 @@ let version = "1.1.1"; src = fetchurl { url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz"; - sha512 = "315yd4vzwrwk3vwj1klf46y1cj2jbvf88066y2rnwhksb98phj46jkxixbwsp3h607w7czy7cby522s7sx8mvspdpdm3s72y2ga3x4z"; + sha512 = "n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg=="; }; }; - "stringstream-0.0.5" = { - name = "stringstream"; - packageName = "stringstream"; - version = "0.0.5"; - src = fetchurl { - url = "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz"; - sha1 = "4e484cd4de5a0bbbee18e46307710a8a81621878"; - }; - }; - "tough-cookie-2.3.4" = { + "tough-cookie-2.4.3" = { name = "tough-cookie"; packageName = "tough-cookie"; - version = "2.3.4"; + version = "2.4.3"; src = fetchurl { - url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.4.tgz"; - sha512 = "0ncm6j3cjq1f26mzjf04k9bkw1b08w53s4qa3a11c1bdj4pgnqv1422c1xs5jyy6y1psppjx52fhagq5zkjkgrcpdkxcdiry96r77jd"; + url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz"; + sha512 = "Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ=="; }; }; "tunnel-agent-0.6.0" = { @@ -634,6 +562,15 @@ let sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64"; }; }; + "uri-js-4.2.2" = { + name = "uri-js"; + packageName = "uri-js"; + version = "4.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz"; + sha512 = "KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ=="; + }; + }; "util-deprecate-1.0.2" = { name = "util-deprecate"; packageName = "util-deprecate"; @@ -643,13 +580,13 @@ let sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf"; }; }; - "uuid-3.2.1" = { + "uuid-3.3.3" = { name = "uuid"; packageName = "uuid"; - version = "3.2.1"; + version = "3.3.3"; src = fetchurl { - url = "https://registry.npmjs.org/uuid/-/uuid-3.2.1.tgz"; - sha512 = "0843vl1c974n8kw5kn0kvhvhwk8y8jydr0xkwwl2963xxmkw4ingk6xj9c8m48jw2i95giglxzq5aw5v5mij9kv7fzln8pxav1cr6cd"; + url = "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz"; + sha512 = "pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ=="; }; }; "verror-1.10.0" = { @@ -676,16 +613,16 @@ in sources."addressparser-1.0.1" sources."array-indexofobject-0.0.1" sources."core-util-is-1.0.2" - sources."inherits-2.0.3" + sources."inherits-2.0.4" sources."isarray-1.0.0" sources."lodash.assign-4.2.0" sources."lodash.get-4.4.2" sources."lodash.has-4.5.2" sources."lodash.uniq-4.5.0" - sources."mri-1.1.0" - sources."process-nextick-args-2.0.0" + sources."mri-1.1.4" + sources."process-nextick-args-2.0.1" sources."readable-stream-2.3.6" - sources."safe-buffer-5.1.1" + sources."safe-buffer-5.1.2" sources."sax-1.2.4" sources."string_decoder-1.1.1" sources."util-deprecate-1.0.2" @@ -698,29 +635,32 @@ in }; production = true; bypassCache = true; + reconstructLock = true; }; form-data = nodeEnv.buildNodePackage { name = "form-data"; packageName = "form-data"; - version = "2.3.2"; + version = "3.0.0"; src = fetchurl { - url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz"; - sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099"; + url = "https://registry.npmjs.org/form-data/-/form-data-3.0.0.tgz"; + sha512 = "CKMFDglpbMi6PyN+brwB9Q/GOw0eAnsrEZDgcsH5Krhz5Od/haKHAX0NmQfha2zPPz0JpWzA7GJHGSnvCRLWsg=="; }; dependencies = [ sources."asynckit-0.4.0" - sources."combined-stream-1.0.6" + sources."combined-stream-1.0.8" sources."delayed-stream-1.0.0" - sources."mime-db-1.33.0" - sources."mime-types-2.1.18" + sources."mime-db-1.42.0" + sources."mime-types-2.1.25" ]; buildInputs = globalBuildInputs; meta = { description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications."; + homepage = "https://github.com/form-data/form-data#readme"; license = "MIT"; }; production = true; bypassCache = true; + reconstructLock = true; }; irc = nodeEnv.buildNodePackage { name = "irc"; @@ -732,8 +672,8 @@ in }; dependencies = [ sources."iconv-2.2.3" - sources."irc-colors-1.4.2" - sources."nan-2.10.0" + sources."irc-colors-1.5.0" + sources."nan-2.14.0" sources."node-icu-charset-detector-0.2.0" ]; buildInputs = globalBuildInputs; @@ -744,69 +684,66 @@ in }; production = true; bypassCache = true; + reconstructLock = true; }; request = nodeEnv.buildNodePackage { name = "request"; packageName = "request"; - version = "2.85.0"; + version = "2.88.0"; src = fetchurl { - url = "https://registry.npmjs.org/request/-/request-2.85.0.tgz"; - sha512 = "2d3hg10zs5ycnr8prmiwdhacf88fl0x0bi6szs0z2r07zcbk419laixwpjp8sqapbc2ifyyih7p3r60wgr58bmcncz3pqnx523c8zph"; + url = "https://registry.npmjs.org/request/-/request-2.88.0.tgz"; + sha512 = "NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg=="; }; dependencies = [ - sources."ajv-5.5.2" - sources."asn1-0.2.3" + sources."ajv-6.10.2" + sources."asn1-0.2.4" sources."assert-plus-1.0.0" sources."asynckit-0.4.0" sources."aws-sign2-0.7.0" - sources."aws4-1.6.0" - sources."bcrypt-pbkdf-1.0.1" - sources."boom-4.3.1" + sources."aws4-1.8.0" + sources."bcrypt-pbkdf-1.0.2" sources."caseless-0.12.0" - sources."co-4.6.0" - sources."combined-stream-1.0.6" + sources."combined-stream-1.0.8" sources."core-util-is-1.0.2" - (sources."cryptiles-3.1.2" // { - dependencies = [ - sources."boom-5.2.0" - ]; - }) sources."dashdash-1.14.1" sources."delayed-stream-1.0.0" - sources."ecc-jsbn-0.1.1" - sources."extend-3.0.1" + sources."ecc-jsbn-0.1.2" + sources."extend-3.0.2" sources."extsprintf-1.3.0" - sources."fast-deep-equal-1.1.0" + sources."fast-deep-equal-2.0.1" sources."fast-json-stable-stringify-2.0.0" sources."forever-agent-0.6.1" - sources."form-data-2.3.2" + sources."form-data-2.3.3" sources."getpass-0.1.7" sources."har-schema-2.0.0" - sources."har-validator-5.0.3" - sources."hawk-6.0.2" - sources."hoek-4.2.1" + sources."har-validator-5.1.3" sources."http-signature-1.2.0" sources."is-typedarray-1.0.0" sources."isstream-0.1.2" sources."jsbn-0.1.1" sources."json-schema-0.2.3" - sources."json-schema-traverse-0.3.1" + sources."json-schema-traverse-0.4.1" sources."json-stringify-safe-5.0.1" sources."jsprim-1.4.1" - sources."mime-db-1.33.0" - sources."mime-types-2.1.18" - sources."oauth-sign-0.8.2" + sources."mime-db-1.42.0" + sources."mime-types-2.1.25" + sources."oauth-sign-0.9.0" sources."performance-now-2.1.0" - sources."punycode-1.4.1" - sources."qs-6.5.1" - sources."safe-buffer-5.1.1" - sources."sntp-2.1.0" - sources."sshpk-1.14.1" - sources."stringstream-0.0.5" - sources."tough-cookie-2.3.4" + sources."psl-1.4.0" + sources."punycode-2.1.1" + sources."qs-6.5.2" + sources."safe-buffer-5.2.0" + sources."safer-buffer-2.1.2" + sources."sshpk-1.16.1" + (sources."tough-cookie-2.4.3" // { + dependencies = [ + sources."punycode-1.4.1" + ]; + }) sources."tunnel-agent-0.6.0" sources."tweetnacl-0.14.5" - sources."uuid-3.2.1" + sources."uri-js-4.2.2" + sources."uuid-3.3.3" sources."verror-1.10.0" ]; buildInputs = globalBuildInputs; @@ -817,28 +754,24 @@ in }; production = true; bypassCache = true; + reconstructLock = true; }; shell-quote = nodeEnv.buildNodePackage { name = "shell-quote"; packageName = "shell-quote"; - version = "1.6.1"; + version = "1.7.2"; src = fetchurl { - url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.6.1.tgz"; - sha1 = "f4781949cce402697127430ea3b3c5476f481767"; + url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz"; + sha512 = "mRz/m/JVscCrkMyPqHc/bczi3OQHkLTqXHEFu0zDhK/qfv3UcOA4SVmRCLmos4bhjr9ekVQubj/R7waKapmiQg=="; }; - dependencies = [ - sources."array-filter-0.0.1" - sources."array-map-0.0.0" - sources."array-reduce-0.0.0" - sources."jsonify-0.0.0" - ]; buildInputs = globalBuildInputs; meta = { description = "quote and parse shell commands"; - homepage = "https://github.com/substack/node-shell-quote#readme"; + homepage = https://github.com/substack/node-shell-quote; license = "MIT"; }; production = true; bypassCache = true; + reconstructLock = true; }; } \ No newline at end of file diff --git a/krebs/5pkgs/simple/newsbot-js/update.sh b/krebs/5pkgs/simple/newsbot-js/update.sh index 0c1ecc58c..ee7e43f1a 100755 --- a/krebs/5pkgs/simple/newsbot-js/update.sh +++ b/krebs/5pkgs/simple/newsbot-js/update.sh @@ -1,2 +1,4 @@ -node2nix -8 -i pkgs.json -c combine.nix +#! /usr/bin/env nix-shell +#! nix-shell -i bash -p nodePackages.node2nix +node2nix -12 -i pkgs.json -c combine.nix rm node-env.nix combine.nix -- cgit v1.2.3 From aa341e428a489133061a3e898ed6a93a5c290b54 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Nov 2019 23:46:08 +0100 Subject: l codimd: remove deprecated override --- lass/2configs/codimd.nix | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix index b2d44d135..e55090de9 100644 --- a/lass/2configs/codimd.nix +++ b/lass/2configs/codimd.nix @@ -1,18 +1,6 @@ { config, pkgs, lib, ... }: with import ; -let - - nixpkgs_pre_node_10_17 = import (pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = "81f4c491afbc8f0fe994ef946b1ac61cf1261577"; - sha256 = "0xvawrd9nq3ybvq2pdp5gyi8gygf0yimgp0bx1xggq6l8mvgrj71"; - }) {}; -in { - nixpkgs.config.packageOverrides = pkgs: { - codimd = nixpkgs_pre_node_10_17.codimd; - }; - +{ services.nginx.virtualHosts.codimd = { enableACME = true; addSSL = true; -- cgit v1.2.3 From d48d88dab343088fb765adced8bbb862a81a8d14 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 25 Nov 2019 08:48:14 +0100 Subject: ma shack/prometheus: import alerting-rules from mayflower see: https://github.com/mayflower/nixexprs/blob/master/modules/monitoring/alert-rules.nix --- krebs/2configs/shack/prometheus/alert-rules.nix | 102 ++++++++++++++++++++++++ krebs/2configs/shack/prometheus/server.nix | 90 ++------------------- 2 files changed, 108 insertions(+), 84 deletions(-) create mode 100644 krebs/2configs/shack/prometheus/alert-rules.nix diff --git a/krebs/2configs/shack/prometheus/alert-rules.nix b/krebs/2configs/shack/prometheus/alert-rules.nix new file mode 100644 index 000000000..096c551ba --- /dev/null +++ b/krebs/2configs/shack/prometheus/alert-rules.nix @@ -0,0 +1,102 @@ +{ lib }: +with lib; + +let + deviceFilter = ''device!="ramfs",device!="rpc_pipefs",device!="lxcfs",device!="nsfs",device!="borgfs"''; +in mapAttrsToList (name: opts: { + alert = name; + expr = opts.condition; + for = opts.time or "2m"; + labels = if (opts.page or true) then { severity = "page"; } else {}; + annotations = { + summary = opts.summary; + description = opts.description; + }; +}) { + node_down = { + condition = ''up{job="node"} == 0''; + summary = "{{$labels.alias}}: Node is down."; + description = "{{$labels.alias}} has been down for more than 2 minutes."; + }; + node_systemd_service_failed = { + condition = ''node_systemd_unit_state{state="failed"} == 1''; + summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start."; + description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}."; + }; + node_filesystem_full_80percent = { + condition = ''sort(node_filesystem_free_bytes{${deviceFilter}} < node_filesystem_size_bytes{${deviceFilter}} * 0.2) / 1024^3''; + time = "10m"; + summary = "{{$labels.alias}}: Filesystem is running out of space soon."; + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 20% space left on its filesystem."; + }; + node_filesystem_full_in_7d = { + condition = ''predict_linear(node_filesystem_free_bytes{${deviceFilter}}[2d], 7*24*3600) <= 0''; + time = "1h"; + summary = "{{$labels.alias}}: Filesystem is running out of space in 7 days."; + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 7 days"; + }; + node_filesystem_full_in_30d = { + condition = ''predict_linear(node_filesystem_free_bytes{${deviceFilter}}[30d], 30*24*3600) <= 0''; + time = "1h"; + summary = "{{$labels.alias}}: Filesystem is running out of space in 30 days."; + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 30 days"; + }; + node_filedescriptors_full_in_3h = { + condition = ''predict_linear(node_filefd_allocated[3h], 3*3600) >= node_filefd_maximum''; + time = "20m"; + summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours."; + description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours"; + }; + node_filedescriptors_full_in_7d = { + condition = ''predict_linear(node_filefd_allocated[7d], 7*24*3600) >= node_filefd_maximum''; + time = "1h"; + summary = "{{$labels.alias}} is running out of available file descriptors in 7 days."; + description = "{{$labels.alias}} is running out of available file descriptors in approx. 7 days"; + }; + node_load15 = { + condition = ''node_load15 / on(alias) count(node_cpu_seconds_total{mode="system"}) by (alias) >= 1.0''; + time = "10m"; + summary = "{{$labels.alias}}: Running on high load: {{$value}}"; + description = "{{$labels.alias}} is running with load15 > 1 for at least 5 minutes: {{$value}}"; + }; + node_ram_using_90percent = { + condition = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1"; + time = "1h"; + summary = "{{$labels.alias}}: Using lots of RAM."; + description = "{{$labels.alias}} is using at least 90% of its RAM for at least 1 hour."; + }; + node_swap_using_30percent = { + condition = "node_memory_SwapTotal_bytes - (node_memory_SwapFree_bytes + node_memory_SwapCached_bytes) > node_memory_SwapTotal_bytes * 0.3"; + time = "30m"; + summary = "{{$labels.alias}}: Using more than 30% of its swap."; + description = "{{$labels.alias}} is using 30% of its swap space for at least 30 minutes."; + }; + node_visible_confluence_space = { + condition = "node_visible_confluence_space != 0"; + summary = "crowd prometheus cann see the {{$labels.space_name}} confluence space!"; + description = "crowd user `prometheus` can see the `{{$labels.space_name}}` confluence space."; + }; + node_hwmon_temp = { + condition = "node_hwmon_temp_celsius > node_hwmon_temp_crit_celsius*0.9 OR node_hwmon_temp_celsius > node_hwmon_temp_max_celsius*0.95"; + time = "5m"; + summary = "{{$labels.alias}}: Sensor {{$labels.sensor}}/{{$labels.chip}} temp is high: {{$value}} "; + description = "{{$labels.alias}} reports hwmon sensor {{$labels.sensor}}/{{$labels.chip}} temperature value is nearly critical: {{$value}}"; + }; + node_conntrack_limit = { + condition = "node_nf_conntrack_entries_limit - node_nf_conntrack_entries < 1000"; + time = "5m"; + summary = "{{$labels.alias}}: Number of tracked connections high"; + description = "{{$labels.alias}} has only {{$value}} free slots for connection tracking available."; + }; + node_reboot = { + condition = "time() - node_boot_time_seconds < 300"; + summary = "{{$labels.alias}}: Reboot"; + description = "{{$labels.alias}} just rebooted."; + }; + node_uptime = { + condition = "time() - node_boot_time_seconds > 2592000"; + page = false; + summary = "{{$labels.alias}}: Uptime monster"; + description = "{{$labels.alias}} has been up for more than 30 days."; + }; +} diff --git a/krebs/2configs/shack/prometheus/server.nix b/krebs/2configs/shack/prometheus/server.nix index 7f6f38610..f5d2e7640 100644 --- a/krebs/2configs/shack/prometheus/server.nix +++ b/krebs/2configs/shack/prometheus/server.nix @@ -28,90 +28,12 @@ "-storage.local.index-cache-size.label-name-to-label-values 2097152" "-storage.local.index-cache-size.label-pair-to-fingerprints 41943040" ]; - rules = [ - '' - ALERT node_down - IF up == 0 - FOR 5m - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}}: Node is down.", - description = "{{$labels.alias}} has been down for more than 5 minutes." - } - ALERT node_systemd_service_failed - IF node_systemd_unit_state{state="failed"} == 1 - FOR 4m - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.", - description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}." - } - ALERT node_filesystem_full_90percent - IF sort(node_filesystem_free{device!="ramfs"} < node_filesystem_size{device!="ramfs"} * 0.1) / 1024^3 - FOR 5m - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}}: Filesystem is running out of space soon.", - description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 10% space left on its filesystem." - } - ALERT node_filesystem_full_in_4h - IF predict_linear(node_filesystem_free{device!="ramfs"}[1h], 4*3600) <= 0 - FOR 5m - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}}: Filesystem is running out of space in 4 hours.", - description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 4 hours" - } - ALERT node_filedescriptors_full_in_3h - IF predict_linear(node_filefd_allocated[1h], 3*3600) >= node_filefd_maximum - FOR 20m - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.", - description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours" - } - ALERT node_load1_90percent - IF node_load1 / on(alias) count(node_cpu{mode="system"}) by (alias) >= 0.9 - FOR 1h - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}}: Running on high load.", - description = "{{$labels.alias}} is running with > 90% total load for at least 1h." - } - ALERT node_cpu_util_90percent - IF 100 - (avg by (alias) (irate(node_cpu{mode="idle"}[5m])) * 100) >= 90 - FOR 1h - LABELS { - severity="page" - } - ANNOTATIONS { - summary = "{{$labels.alias}}: High CPU utilization.", - description = "{{$labels.alias}} has total CPU utilization over 90% for at least 1h." - } - ALERT node_ram_using_90percent - IF node_memory_MemFree + node_memory_Buffers + node_memory_Cached < node_memory_MemTotal * 0.1 - FOR 30m - LABELS { - severity="page" - } - ANNOTATIONS { - summary="{{$labels.alias}}: Using lots of RAM.", - description="{{$labels.alias}} is using at least 90% of its RAM for at least 30 minutes now.", - } - '' - ]; + ruleFiles = lib.singleton (pkgs.writeText "prometheus-rules.yml" (builtins.toJSON { + groups = lib.singleton { + name = "mf-alerting-rules"; + rules = import ./alert-rules.nix { inherit lib; }; + }; + })); scrapeConfigs = [ { job_name = "node"; -- cgit v1.2.3 From 4908f1f4ebb77640acf0150f400a25188f906911 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 25 Nov 2019 12:32:12 +0100 Subject: gitlab-ci: add puyak deployment --- .gitlab-ci.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fb273c932..3ff991aa4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -11,13 +11,14 @@ before_script: - ssh-keyscan -H 'ssh.git.shackspace.de' >> ~/.ssh/known_hosts # import secret key for secrets - echo "$secrets_gpg_key" | gpg --import -wolf deployment test: +deployment test: stage: test script: - GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - test $(PASSWORD_STORE_DIR=~/brain pass smoke) == 1337 - git submodule update --init - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target /tmp -A test) + - $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target /tmp -A test) nix-shell test: stage: test script: @@ -34,7 +35,6 @@ wolf deployment: - git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain - git submodule update --init - ssh-keyscan -H 'wolf.shack' >> ~/.ssh/known_hosts - # TODO, hostname wolf cannot be resolved - $(nix-build krebs/krops.nix --no-out-link --argstr name wolf --argstr target wolf.shack -A deploy) only: changes: @@ -42,6 +42,20 @@ wolf deployment: - krebs/**/* - lib/**/* - .gitmodules +puyak deployment: + stage: deploy + script: + - cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa + - git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain + - git submodule update --init + - ssh-keyscan -H 'puyak.shack' >> ~/.ssh/known_hosts + - $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target puyak.shack -A deploy) + only: + changes: + - .gitlab-ci.yml + - krebs/**/* + - lib/**/* + - .gitmodules nur-packages makefu: stage: deploy script: -- cgit v1.2.3 From 71d782a50a52f1db917aabec71ce924bd7416904 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 25 Nov 2019 13:26:32 +0100 Subject: shack: streamline ssh-key deployment onto puyak and wolf --- krebs/1systems/puyak/config.nix | 7 +------ krebs/1systems/wolf/config.nix | 10 ++-------- krebs/2configs/shack/ssh-keys.nix | 10 ++++++++++ 3 files changed, 13 insertions(+), 14 deletions(-) create mode 100644 krebs/2configs/shack/ssh-keys.nix diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index 6493c6df4..a20f6929e 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -13,6 +13,7 @@ + @@ -81,12 +82,6 @@ echo level disengaged > /proc/acpi/ibm/fan ''; - # to access vorstand vm - users.users.root.openssh.authorizedKeys.keys = [ - config.krebs.users.ulrich.pubkey - config.krebs.users.raute.pubkey - ]; - users.users.joerg = { openssh.authorizedKeys.keys = [ config.krebs.users.Mic92.pubkey ]; isNormalUser = true; diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index e87b7bb99..059e09ac1 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -16,6 +16,7 @@ in # handle the worlddomination map via coap + # drivedroid.shack for shackphone @@ -117,14 +118,6 @@ in fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - config.krebs.users."0x4A6F".pubkey - config.krebs.users.ulrich.pubkey - config.krebs.users.raute.pubkey - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci - ]; - services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" ''; @@ -137,6 +130,7 @@ in enable = true; wideArea = false; }; + environment.systemPackages = [ pkgs.avahi ]; } diff --git a/krebs/2configs/shack/ssh-keys.nix b/krebs/2configs/shack/ssh-keys.nix new file mode 100644 index 000000000..9c7f507f1 --- /dev/null +++ b/krebs/2configs/shack/ssh-keys.nix @@ -0,0 +1,10 @@ +{ config, ... }: +{ + users.users.root.openssh.authorizedKeys.keys = [ + config.krebs.users."0x4A6F".pubkey + config.krebs.users.ulrich.pubkey + config.krebs.users.raute.pubkey + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Lx5MKtVjB/Ef6LpEiIAgVwY5xKQFdHuLQR+odQO4cAgxj1QaIXGN0moixY52DebVQhAtiCNiFZ83uJyOj8kmu30yuXwtSOQeqziA859qMJKZ4ZcYdKvbXwnf2Chm5Ck/0FvtpjTWHIZAogwP1wQto/lcqHOjrTAnZeJfQuHTswYUSnmUU5zdsEZ9HidDPUc2Gv0wkBNd+KMQyOZl0HkaxHWvn0h4KK4hYZisOpeTfXJxD87bo+Eg4LL2vvnHW6dF6Ygrbd/0XRMsRRI8OAReVBUoJn7IE1wwAl/FpblNmhaF9hlL7g7hR1ADvaWMMw0e8SSzW6Y+oIa8qFQL6wR1 gitlab-builder" # for being deployed by gitlab ci + ]; +} -- cgit v1.2.3 From dc75a54cfb8b431e9ea43be6dc7207fd77f54c2f Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 27 Nov 2019 09:52:53 +0100 Subject: krebs exim-smarthost: RIP slash16 --- krebs/2configs/exim-smarthost.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix index 698e20da1..224a38ac3 100644 --- a/krebs/2configs/exim-smarthost.nix +++ b/krebs/2configs/exim-smarthost.nix @@ -15,13 +15,12 @@ in { makefu tv ]; - eloop-ml = spam-ml ++ [ ciko ]; + eloop-ml = spam-ml; spam-ml = [ lass makefu tv ]; - ciko.mail = "ciko@slash16.net"; in { "anmeldung@eloop.org" = eloop-ml; "brain@krebsco.de" = brain-ml; -- cgit v1.2.3 From 7dff5292e959ac977939273101c84dd39f3cb86d Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 29 Nov 2019 13:42:44 +0100 Subject: krops: 1.17.0 -> 1.18.0 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 2dc172530..53dfb30af 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 2dc172530965ea4f1ead8ff166004c5734daee1f +Subproject commit 53dfb30af324408c34fc7f664a05992e186ca4e9 -- cgit v1.2.3 From 001acc5a523db45414ebfdca808e308f027e39b5 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 29 Nov 2019 13:43:27 +0100 Subject: ma iso: add justdoit,target-config.nix --- makefu/1systems/iso/config.nix | 30 +++++-- makefu/1systems/iso/justdoit.nix | 128 +++++++++++++++++++++++++++ makefu/1systems/iso/target-config.nix | 40 +++++++++ makefu/2configs/nginx/dl.euer.krebsco.de.nix | 17 ++++ makefu/2configs/nginx/share-download.nix | 17 ---- 5 files changed, 206 insertions(+), 26 deletions(-) create mode 100644 makefu/1systems/iso/justdoit.nix create mode 100644 makefu/1systems/iso/target-config.nix create mode 100644 makefu/2configs/nginx/dl.euer.krebsco.de.nix delete mode 100644 makefu/2configs/nginx/share-download.nix diff --git a/makefu/1systems/iso/config.nix b/makefu/1systems/iso/config.nix index fdf203d5b..6c4f62310 100644 --- a/makefu/1systems/iso/config.nix +++ b/makefu/1systems/iso/config.nix @@ -3,20 +3,32 @@ with import ; { imports = [ - + # - + # + ./justdoit.nix + { + kexec.justdoit = { + # bootSize = 512; + rootDevice = "/dev/sdb"; + swapSize = 1024; + bootType = "vfat"; + luksEncrypt = true; + uefi = true; + }; + } ]; + boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now - # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos - krebs.build.host = { cores = 0; }; + # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso/config.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos + #krebs.build.host = { cores = 0; }; isoImage.isoBaseName = lib.mkForce "stockholm"; - krebs.hidden-ssh.enable = true; - environment.systemPackages = with pkgs; [ - aria2 - ddrescue - ]; + #krebs.hidden-ssh.enable = true; + # environment.systemPackages = with pkgs; [ + # aria2 + # ddrescue + # ]; environment.extraInit = '' EDITOR=vim ''; diff --git a/makefu/1systems/iso/justdoit.nix b/makefu/1systems/iso/justdoit.nix new file mode 100644 index 000000000..7947953f9 --- /dev/null +++ b/makefu/1systems/iso/justdoit.nix @@ -0,0 +1,128 @@ +{ config, pkgs, lib, ... }: + +with lib; +let + cfg = config.kexec.justdoit; + x = if cfg.nvme then "p" else ""; +in { + options = { + kexec.justdoit = { + rootDevice = mkOption { + type = types.str; + default = "/dev/sda"; + description = "the root block device that justdoit will nuke from orbit and force nixos onto"; + }; + bootSize = mkOption { + type = types.int; + default = 256; + description = "size of /boot in mb"; + }; + bootType = mkOption { + type = types.enum [ "ext4" "vfat" "zfs" ]; + default = "ext4"; + }; + swapSize = mkOption { + type = types.int; + default = 1024; + description = "size of swap in mb"; + }; + poolName = mkOption { + type = types.str; + default = "tank"; + description = "zfs pool name"; + }; + luksEncrypt = mkOption { + type = types.bool; + default = false; + description = "encrypt all of zfs and swap"; + }; + uefi = mkOption { + type = types.bool; + default = false; + description = "create a uefi install"; + }; + nvme = mkOption { + type = types.bool; + default = false; + description = "rootDevice is nvme"; + }; + }; + }; + config = let + mkBootTable = { + ext4 = "mkfs.ext4 $NIXOS_BOOT -L NIXOS_BOOT"; + vfat = "mkfs.vfat $NIXOS_BOOT -n NIXOS_BOOT"; + zfs = ""; + }; + in lib.mkIf true { + system.build.justdoit = pkgs.writeScriptBin "justdoit" '' + #!${pkgs.stdenv.shell} + set -e + vgchange -a n + wipefs -a ${cfg.rootDevice} + dd if=/dev/zero of=${cfg.rootDevice} bs=512 count=10000 + sfdisk ${cfg.rootDevice} < /mnt/etc/nixos/generated.nix <; +{ + services.nginx = { + enable = mkDefault true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + virtualHosts."dl.euer.krebsco.de" = { + root = config.makefu.dl-dir; + extraConfig = "autoindex on;"; + forceSSL = true; + enableACME = true; + basicAuth = import ; + }; + }; +} diff --git a/makefu/2configs/nginx/share-download.nix b/makefu/2configs/nginx/share-download.nix deleted file mode 100644 index 828a66a74..000000000 --- a/makefu/2configs/nginx/share-download.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - services.nginx = { - enable = mkDefault true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - virtualHosts."dl.euer.krebsco.de" = { - root = config.makefu.dl-dir; - extraConfig = "autoindex on;"; - forceSSL = true; - enableACME = true; - basicAuth = import ; - }; - }; -} -- cgit v1.2.3 From b025e28b42194cc6316596b954024b41abab81f5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 29 Nov 2019 14:11:18 +0100 Subject: ci: redownload all repos --- krebs/3modules/ci.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index cbf24effe..7695667fd 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -135,6 +135,7 @@ let f_${name} = util.BuildFactory() f_${name}.addStep(steps.Git( repourl=util.Property('repository', '${head repo.urls}'), + method='clobber', mode='full', submodules=True, )) -- cgit v1.2.3 From 33d48ec6ee52374151a79a086e0f5d463f05cac7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Dec 2019 16:16:17 +0100 Subject: bepasty-server use python3 --- krebs/3modules/bepasty-server.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index 4892a8723..ffa9a29e9 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -2,10 +2,10 @@ with import ; let - gunicorn = pkgs.python27Packages.gunicorn; - bepasty = pkgs.bepasty.override { python3Packages = pkgs.python27Packages; }; - gevent = pkgs.python27Packages.gevent; - python = pkgs.python27Packages.python; + gunicorn = pkgs.python3Packages.gunicorn; + bepasty = pkgs.bepasty; + gevent = pkgs.python3Packages.gevent; + python = pkgs.python3Packages.python; cfg = config.krebs.bepasty; out = { -- cgit v1.2.3 From 40572ba261cbd2d01ca18b2473834a4719255fd5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Dec 2019 16:23:19 +0100 Subject: l: remove archprism --- krebs/3modules/lass/default.nix | 38 -------------------------------------- 1 file changed, 38 deletions(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 30c7b085f..00847071a 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -111,44 +111,6 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD"; syncthing.id = "QITFKYQ-VEPIPL2-AZIXHMD-BBT62ML-YHSB35A-BSUIBXS-QYMPFHW-M7XN2QU"; }; - archprism = { - cores = 1; - nets = rec { - internet = { - ip4.addr = "46.4.114.247"; - aliases = [ - "archprism.i" - ]; - ssh.port = 45621; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.0.123"; - aliases = [ - "archprism.r" - ]; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6dK0jsPSb7kWMGjfyWbG - wQYYt8vi5pY/1/Ohk0iy84+mfb1SCJdm5IOC4WXgHtmfd468OluUpU5etAu13D3n - f0iDeCuohH0uTjP+EojnKrAXYTiTRpySqXjVmhaWwFyMAACFdzKFb9cgMoByrP0U - 5qruBcupK8Zwxt+Pe8IadRpPuOmz/bMYS7r+NKwybttoIX+YVm4myNzqdtMT77+H - BYR2mzW99T5YI54YZoCe0+XiIEQsosd6IL/9dP0+6vku6nHLD4qb81Q9AgaT+hte - s/ivHL+Fe2GULEQUi8aoEfXrPwnGFVY+QYxLw2G9A0Gfe9KnYBXDn99HXUGcFu2l - x7duN6mnT3WNC6VReh9m5+rPMnih/3l82W0tH1lBWUtdKcxx6yhkyUFgKOvkm4UP - gf1+EIpxf+bM7jlWylKGc+bD+dTMFV+tzHE6qHlcnzdZQrhYd0zjOXGnm4Kl1ec5 - GSlpmqTcjgR+42l6frAENo3fndqYw1WkDtswImDz3Wjuco7BiOULHTJvQN+Ao1DI - l2MQDOWJoN4eYIE4XPqLSvdOSavHQB2WGv+dFDDpWOxnDLNi19aubtynIfpGJXxV - L8s9kUTG00Hdv08BG06hGt0+2Sy1PTVniDcTftHKmEOPS6Y5rJzQih7JdakSUQCc - 6j/HwgWTf85Io/tbVMTNtkECAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD"; - }; - uriel = { monitoring = false; cores = 1; -- cgit v1.2.3 From 5ad00a189b85f2deb9c7035f4b515a3b5733d382 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 1 Dec 2019 16:26:04 +0100 Subject: update-nixpkgs-unstable: fix commit msg --- krebs/update-nixpkgs-unstable.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/update-nixpkgs-unstable.sh b/krebs/update-nixpkgs-unstable.sh index 068da5f6f..592023f20 100755 --- a/krebs/update-nixpkgs-unstable.sh +++ b/krebs/update-nixpkgs-unstable.sh @@ -6,4 +6,4 @@ nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --rev refs/heads/nixos-unstable' \ > $dir/nixpkgs-unstable.json newrev=$(cat $dir/nixpkgs-unstable.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') -git commit $dir/nixpkgs.json -m "nixpkgs-unstable: $oldrev -> $newrev" +git commit $dir/nixpkgs-unstable.json -m "nixpkgs-unstable: $oldrev -> $newrev" -- cgit v1.2.3 From 53fd88bcef4d0cd45de4c4d48e8e282f4b225cba Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 2 Dec 2019 01:11:37 +0100 Subject: iana-etc module: allow adding new services This fixes a bug which only allowed modifying existing services. --- krebs/3modules/iana-etc.nix | 40 ++++++++++++++-------------------------- 1 file changed, 14 insertions(+), 26 deletions(-) diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix index f6d47f27e..e8037128d 100644 --- a/krebs/3modules/iana-etc.nix +++ b/krebs/3modules/iana-etc.nix @@ -23,32 +23,20 @@ with import ; }; config.environment.etc = mkIf (config.krebs.iana-etc.services != {}) { - services.source = mkForce (pkgs.runCommand "krebs-iana-etc" {} '' - exec < ${pkgs.iana_etc}/etc/services - exec > $out - awk -F '[ /]+' ' - BEGIN { - port=0 - } - ${concatMapStringsSep "\n" (entry: '' - $2 == ${entry.port} { - port=$2 - next - } - port == ${entry.port} { - ${concatMapStringsSep "\n" - (proto: let - s = "${entry.${proto}.name} ${entry.port}/${proto}"; - in - "print ${toJSON s}") - (filter (proto: entry.${proto} != null) ["tcp" "udp"])} - port=0 - } - '') (attrValues config.krebs.iana-etc.services)} - { - print $0 - } - ' + services.source = mkForce (pkgs.runCommand "krebs-iana-etc" {} /* sh */ '' + { + ${concatMapStringsSep "\n" (entry: /* sh */ '' + ${concatMapStringsSep "\n" + (proto: let + line = "${entry.${proto}.name} ${entry.port}/${proto}"; + in /* sh */ '' + echo ${shell.escape line} + '') + (filter (proto: entry.${proto} != null) ["tcp" "udp"])} + '') (attrValues config.krebs.iana-etc.services)} + cat ${pkgs.iana_etc}/etc/services + } | + sort -b -k 2,2 -u > $out ''); }; -- cgit v1.2.3 From 37b0c5ae490bf94bf2e5df1502d0a284e3d60c37 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 2 Dec 2019 01:15:57 +0100 Subject: tv im: configs -> modules --- tv/1systems/nomic/config.nix | 1 - tv/2configs/im.nix | 24 --------------- tv/3modules/default.nix | 1 + tv/3modules/im.nix | 72 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 73 insertions(+), 25 deletions(-) delete mode 100644 tv/2configs/im.nix create mode 100644 tv/3modules/im.nix diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix index a89f07e8a..86f9b7ec2 100644 --- a/tv/1systems/nomic/config.nix +++ b/tv/1systems/nomic/config.nix @@ -8,7 +8,6 @@ with import ; - diff --git a/tv/2configs/im.nix b/tv/2configs/im.nix deleted file mode 100644 index 82f1be042..000000000 --- a/tv/2configs/im.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, lib, pkgs, ... }: -with import ; -{ - environment.systemPackages = with pkgs; [ - (pkgs.writeDashBin "im" '' - export PATH=${makeSearchPath "bin" (with pkgs; [ - tmux - gnugrep - weechat - ])} - if tmux list-sessions -F\#S | grep -q '^im''$'; then - exec tmux attach -t im - else - exec tmux new -s im weechat - fi - '') - ]; - services.bitlbee = { - enable = true; - plugins = [ - pkgs.bitlbee-facebook - ]; - }; -} diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix index db2cdcd1f..5be1beef8 100644 --- a/tv/3modules/default.nix +++ b/tv/3modules/default.nix @@ -5,6 +5,7 @@ ./ejabberd ./focus.nix ./hosts.nix + ./im.nix ./iptables.nix ./slock.nix ./x0vncserver.nix diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix new file mode 100644 index 000000000..830c4baef --- /dev/null +++ b/tv/3modules/im.nix @@ -0,0 +1,72 @@ +{ config, pkgs, ... }: let + im = config.tv.im; + lib = import ; +in { + options = { + tv.im.client.enable = lib.mkEnableOption "tv.im.client" // { + default = config.krebs.build.host.name == im.client.host.name; + }; + tv.im.client.term = lib.mkOption { + default = "rxvt-unicode-256color"; + type = lib.types.filename; + }; + tv.im.client.useIPv6 = lib.mkEnableOption "tv.im.client.useIPv6" // { + default = true; + }; + tv.im.client.host = lib.mkOption { + default = config.krebs.hosts.xu; + type = lib.types.host; + }; + tv.im.client.user = lib.mkOption { + default = config.krebs.users.tv; + type = lib.types.user; + }; + + tv.im.server.enable = lib.mkEnableOption "tv.im.server" // { + default = config.krebs.build.host.name == im.server.host.name; + }; + tv.im.server.host = lib.mkOption { + default = config.krebs.hosts.nomic; + type = lib.types.host; + }; + tv.im.server.user = lib.mkOption { + default = config.krebs.users.tv; + type = lib.types.user; + }; + }; + imports = [ + (lib.mkIf im.client.enable { + users.users.${im.client.user.name}.packages = [ + (pkgs.writeDashBin "im" '' + exec ${pkgs.openssh}/bin/ssh \ + ${lib.optionalString im.client.useIPv6 "-6"} \ + ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \ + -t \ + im + '') + ]; + }) + (lib.mkIf im.server.enable { + services.bitlbee = { + enable = true; + plugins = [ + pkgs.bitlbee-facebook + ]; + }; + users.users.${im.server.user.name}.packages = [ + (pkgs.writeDashBin "im" '' + export PATH=${lib.makeSearchPath "bin" [ + pkgs.tmux + pkgs.gnugrep + pkgs.weechat + ]} + if tmux list-sessions -F\#S | grep -q '^im''$'; then + exec tmux attach -t im + else + exec tmux new -s im weechat + fi + '') + ]; + }) + ]; +} -- cgit v1.2.3 From 3a02da9677be9c200be3972e4c358a388a63e4fd Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 2 Dec 2019 01:27:22 +0100 Subject: tv im: add mosh support --- tv/3modules/im.nix | 35 ++++++++++++++++++++++++++++++----- 1 file changed, 30 insertions(+), 5 deletions(-) diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix index 830c4baef..905b7803b 100644 --- a/tv/3modules/im.nix +++ b/tv/3modules/im.nix @@ -29,6 +29,9 @@ in { default = config.krebs.hosts.nomic; type = lib.types.host; }; + tv.im.server.mosh.enable = lib.mkEnableOption "tv.im.server.mosh" // { + default = true; + }; tv.im.server.user = lib.mkOption { default = config.krebs.users.tv; type = lib.types.user; @@ -38,11 +41,18 @@ in { (lib.mkIf im.client.enable { users.users.${im.client.user.name}.packages = [ (pkgs.writeDashBin "im" '' - exec ${pkgs.openssh}/bin/ssh \ - ${lib.optionalString im.client.useIPv6 "-6"} \ - ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \ - -t \ - im + ${if im.server.mosh.enable then /* sh */ '' + exec ${pkgs.mosh}/bin/mosh \ + ${lib.optionalString im.client.useIPv6 "-6"} \ + ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \ + env TERM=${im.client.term} im + '' else /* sh */ '' + exec ${pkgs.openssh}/bin/ssh \ + ${lib.optionalString im.client.useIPv6 "-6"} \ + ${im.server.user.name}@${lib.head im.server.host.nets.retiolum.aliases} \ + -t \ + im + ''} '') ]; }) @@ -54,6 +64,7 @@ in { ]; }; users.users.${im.server.user.name}.packages = [ + pkgs.mosh (pkgs.writeDashBin "im" '' export PATH=${lib.makeSearchPath "bin" [ pkgs.tmux @@ -68,5 +79,19 @@ in { '') ]; }) + (lib.mkIf im.server.mosh.enable { + krebs.setuid.utempter = { + filename = "${pkgs.libutempter}/lib/utempter/utempter"; + owner = "nobody"; + group = "utmp"; + mode = "2111"; + }; + tv.iptables.extra4.filter.Retiolum = [ + "-s ${im.client.host.nets.retiolum.ip4.addr} -p udp --dport 60000:61000 -j ACCEPT" + ]; + tv.iptables.extra6.filter.Retiolum = [ + "-s ${im.client.host.nets.retiolum.ip6.addr} -p udp --dport 60000:61000 -j ACCEPT" + ]; + }) ]; } -- cgit v1.2.3 From 8878105178928069a09fd56c22523cb041b3dfa3 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 2 Dec 2019 01:29:07 +0100 Subject: tv im: add weechat relay support --- tv/3modules/im.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tv/3modules/im.nix b/tv/3modules/im.nix index 905b7803b..8cb137510 100644 --- a/tv/3modules/im.nix +++ b/tv/3modules/im.nix @@ -32,6 +32,8 @@ in { tv.im.server.mosh.enable = lib.mkEnableOption "tv.im.server.mosh" // { default = true; }; + tv.im.server.weechat.relay.enable = + lib.mkEnableOption "tv.im.server.weechat.relay"; tv.im.server.user = lib.mkOption { default = config.krebs.users.tv; type = lib.types.user; @@ -93,5 +95,16 @@ in { "-s ${im.client.host.nets.retiolum.ip6.addr} -p udp --dport 60000:61000 -j ACCEPT" ]; }) + (lib.mkIf im.server.weechat.relay.enable { + krebs.iana-etc.services = { + "9001".tcp.name = "weechat-ssl"; + }; + tv.iptables.extra4.filter.Retiolum = [ + "-s ${im.client.host.nets.retiolum.ip4.addr} -p tcp -m tcp --dport 9001 -j ACCEPT" + ]; + tv.iptables.extra6.filter.Retiolum = [ + "-s ${im.client.host.nets.retiolum.ip6.addr} -p tcp -m tcp --dport 9001 -j ACCEPT" + ]; + }) ]; } -- cgit v1.2.3 From 9b79b05f3282d405dcd7f737c9424b11464ac3e1 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 2 Dec 2019 14:32:19 +0100 Subject: krops: 1.18.0 -> 1.18.1 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 53dfb30af..f2f8cbf1a 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 53dfb30af324408c34fc7f664a05992e186ca4e9 +Subproject commit f2f8cbf1afcb2c26d11e5f82c0b523b2cb10205c -- cgit v1.2.3 From b7ca39ac003e76f8f912ed6a18c8342cec3ad3e4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:52:32 +0100 Subject: l blue.r: dont populate nixpkgs-unstable --- lass/1systems/blue/source.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index 1a98fc058..2b4158211 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -11,4 +11,7 @@ useChecksum = true; }; }); + nixpkgs-unstable = lib.mkForce { + file.path = "/var/empty"; + }; } -- cgit v1.2.3 From 7b9e4ac1425aea47b2ca8510db7a406b9712871a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:53:34 +0100 Subject: l hilum.r: mount nfs-dl --- lass/1systems/hilum/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/hilum/config.nix b/lass/1systems/hilum/config.nix index f57d275d8..d4a389a4a 100644 --- a/lass/1systems/hilum/config.nix +++ b/lass/1systems/hilum/config.nix @@ -10,6 +10,7 @@ + ]; krebs.build.host = config.krebs.hosts.hilum; -- cgit v1.2.3 From 77dc0b8034999c6a060c785b8b74134a2c5b7555 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:54:07 +0100 Subject: l icarus.r: add media center --- lass/1systems/icarus/config.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 86727700f..46f0892a2 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -1,5 +1,6 @@ { config, lib, pkgs, ... }: +with import ; { imports = [ @@ -21,6 +22,18 @@ ]; + #media center + users.users.media = { + isNormalUser = true; + uid = genid_uint31 "media"; + extraGroups = [ "video" "audio" ]; + }; + + services.xserver.displayManager.lightdm.autoLogin = { + enable = true; + user = "media"; + }; + krebs.build.host = config.krebs.hosts.icarus; programs.adb.enable = true; } -- cgit v1.2.3 From 49af8cbd2f998ad945000ac863aca28748009c3e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:55:24 +0100 Subject: l prism.r: don't rebuild hotdog onchange --- lass/1systems/prism/config.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index f4c011dcf..3dd194436 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -110,14 +110,13 @@ with import ; systemd.services."container@hotdog".reloadIfChanged = mkForce false; containers.hotdog = { config = { ... }: { - imports = [ ]; environment.systemPackages = [ pkgs.git ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey ]; }; - autoStart = true; + autoStart = false; enableTun = true; privateNetwork = true; hostAddress = "10.233.2.1"; -- cgit v1.2.3 From 48831924206127edf3771e9aa8f47b8dc96e8f66 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:56:06 +0100 Subject: l prism.r: merge palos keys --- lass/1systems/prism/config.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 3dd194436..a8d409d7f 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -264,13 +264,9 @@ with import ; { users.users.download.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACADLPxtB2f2tocXHxD3ul9D1537hTht6/un87JYZNnoYABveasyIcdFIfp5lPJmj3PjwqXNTA4M/3V+ufrpZ91dxFeXWI5mOI4YB3xRu+Elja8g7nfvCz1HrH3sD1equos/7ltQ1GZYvHGw40qD1/ZtOODwRwrYJ7l/DUBrjk/tzXRjm0+ZgyQsb3G9a80cA8d3fiuQDxbAzdoJF46wt36ZfuSMpJ/Td8CbCoLlV/uL9QZemOglyxNxR607qGfRNXF1An+P+fFq24GmdHpMJ00DfjZ/dJRL9QSs7vd07uyB4Qty4VHwRhc46XH6KL7VTF1D3INF/BeBZx90GBxOvpgEji7Zrf7O5eSAjM2Do1+t+Ev2IIuiltB+QqTir4rZcrCBrJ2+zD3DDymKffVi8sz15AvdrFkIplzZxpOcgm9Ns2w/uh8sxeV6J58aoLEVmd2KRUfJFYiS1EuEjYo2OHlj8ltIh3VlfYdWksGpQc71IT0iEWvzvjYcfCda9uzFLKdLfBy4GB8+s4zR2CX9aGDyJaIY1kt/xqDeztnYwW1owG+fLMrDJlq3Mu+KmJljb30jzrOPhFYVZgWenmMFgH2RBzVEmnsR0f2LFVLj6N/a9fpEJ3WhxMOc5Ybdpgg/l9KUdgvWLk6KOtba+z9fuYT1YgwtZBoMgHAdZLmZ/DGtff palo@pepe" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGMjbYFmmvpF60YBShyFISbjN+O3e4GPkfsre6xFqz20joi8YqpD/5PtrMsGrPd1ZoZ9qSwXJtbb1WBomFg0xzRSNa1/FliKiE1ilcaB3aUZRtP0OWHIvWD3/YL/0h+/YXDGTfb8FNvpgJmnbN3Q0gw8cwWw+eve5BMyqDhzFvycxO4qDuP2JXkGpdhJqjaYZhP5rPH2mgv1oU1RnOA3A7APZVGf1m6JSmV7FZR514aGlFV+NpsvS29Mib8fcswgpoGhMN6jeh/nf49tp01LUAOmXSqdHIWNOTt3Mt7S4rU7RZwEhswdSRbKdKFRMj+uRkhJ4CPcNuuGtSY3id0Ja7IvrvxNaQUk1L8nBcza709jvSBYWSY5/aGL1ocA/PNWXDpOTp2PWwxkh39aPMqZXPTH3KC4IkRp5SiKibEhdmjnToV7nUAJe4IWn1b7QdoqS03ib0X87DnHWIbvi8UZlImM7pn0rs+rwnOo4lQwrTz7kbBHPaa6XOZAuDYND2728vtcrhwzVrKgiXWbyF6VzvwxPeeStmn1gENvozbj1hl9gbQ1cH/a4pZFBV/OFl/ryzDnB2ghM4acNJazXx/6/us9hX+np1YxIzJaxENj677MLc6HitM2g6XJGaixBQ0U2NNjcjIuQT0ZaeKXsSLnu1Y7+uslbVAwsQ4pJmSxxMMQ== palo@workhorse" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbsRjUwOMnxAt/K6A2M/33PbwQCEYVfqfmkXBwkw/L+ZLCnVxfdxJ79ds1k6kyUVcxfHcvxGvUCcM0wr4T7aaP79fsfSf3lcOgySeAtkQjfQL+IdMk0FQVz612cTPg2uWhMFvHGkGSBvSbKNw72RnUaw9qlF8fBx22FozrlmnbY4APTXeqwiF0VeBMq8qr4H9NdIoIFIcq398jn/Na8gYLUfmuDw18AWCt+u7Eg0B/qIU0hi/gK40Lk9+g8Nn19SCad1YOgNDG7aNpEwgT7I7BNXC5oLD31QKKuXmBa/mCLqRLAGW2sJ2ZhBR4tPLMgNrxtn2jxzVVjY+v3bWQnPocB9H9PsdtdNrULLfeJ4y9a3p3kfOzOgYMrnPAjasrkiIyOBBNEFAn/bbvpH01glbF8tVMcPOSD+W89oxTBEgqk6w34QAfySDMW34dIUHeq82v+X0wN9SK6xbBRBsjSpAC4ZcNyzl1JLIMcdZ5mbQXakD3kzDFs5kfjxlkrp3S5gqiSmCp5w/osykjxSH6wnPPCcgzpCBNGRULKw5vbzDSnLAQ3nSYB9tIj4Hp62XymsxVnY+6MsVVy206BYAXrKJomK7sIeLL2wIMYNnAUdSBjqQ5IEE2m+5+YaK0NMNsk2munNrN96ZE3r5xe/BDqfaLMpPfosOTXBtT7tLMlV6zkQ== palo@workout" + config.krebs.users.palo.pubkey ]; } - { - } { lass.nichtparasoup.enable = true; services.nginx = { -- cgit v1.2.3 From 79fce4068fb939077f2430baa27e6e55c9f65726 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:57:00 +0100 Subject: l prism.r: open udp for murmur --- lass/1systems/prism/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index a8d409d7f..e7330c359 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -317,6 +317,7 @@ with import ; services.murmur.registerName = "lassul.us"; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 64738"; target = "ACCEPT";} + { predicate = "-p udp --dport 64738"; target = "ACCEPT";} ]; } -- cgit v1.2.3 From f33c977511d3bac5dbf2c6c6e84a1e508ca4aeb1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:57:25 +0100 Subject: l prism.r: add flix endpoint --- lass/1systems/prism/config.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index e7330c359..9028843dd 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -338,6 +338,19 @@ with import ; localAddress = "10.233.2.14"; }; + services.nginx.virtualHosts."lassul.us".locations."^~ /flix/".extraConfig = '' + if ($scheme != "https") { + rewrite ^ https://$host$request_uri permanent; + } + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "flix-user-pass" '' + krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0 + ''}; + proxy_pass http://10.233.2.14:80/; + proxy_set_header Accept-Encoding ""; + sub_filter "https://lassul.us/" "https://lassul.us/flix/"; + sub_filter_once off; + ''; services.nginx.virtualHosts."lassul.us".locations."^~ /transmission".extraConfig = '' if ($scheme != "https") { rewrite ^ https://$host$request_uri permanent; -- cgit v1.2.3 From b4098f19780ba38ab20531ecdeee11a31f15030d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:57:50 +0100 Subject: l prism.r: add transmission session id header --- lass/1systems/prism/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 9028843dd..cde65ea6c 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -359,6 +359,7 @@ with import ; auth_basic_user_file ${pkgs.writeText "transmission-user-pass" '' krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0 ''}; + proxy_pass_header X-Transmission-Session-Id; proxy_pass http://10.233.2.14:9091; ''; -- cgit v1.2.3 From 03ce170299ec26808b56ea4c7490cd913c80203c Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 2 Dec 2019 15:58:40 +0100 Subject: l shodan.r: add gg23 config --- lass/1systems/shodan/config.nix | 79 +--------------------- lass/1systems/shodan/physical.nix | 1 + lass/2configs/gg23.nix | 134 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 138 insertions(+), 76 deletions(-) create mode 100644 lass/2configs/gg23.nix diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index ad510283f..b3de15837 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -18,14 +18,11 @@ with import ; + ]; krebs.build.host = config.krebs.hosts.shodan; - services.logind.extraConfig = '' - HandleLidSwitch=ignore - ''; - #media center users.users.media = { isNormalUser = true; @@ -38,77 +35,7 @@ with import ; user = "media"; }; - #hass - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 8123"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 1883"; target = "ACCEPT"; } - # zerotierone - { predicate = "-p udp --dport 9993"; target = "ACCEPT"; } - ]; + services.logind.lidSwitch = "ignore"; + services.logind.lidSwitchDocked = "ignore"; - services.home-assistant = let - tasmota_s20 = name: topic: { - platform = "mqtt"; - inherit name; - state_topic = "stat/${topic}/POWER"; - command_topic = "cmnd/${topic}/POWER"; - payload_on = "ON"; - payload_off = "OFF"; - }; - in { - enable = true; - package = pkgs.home-assistant.override { - python3 = pkgs.python36; - #extraComponents = [ - # (pkgs.fetchgit { - # url = "https://github.com/marcschumacher/dwd_pollen"; - # rev = "0.1"; - # sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p"; - # }) - #]; - }; - config = { - homeassistant = { - name = "Home"; time_zone = "Europe/Berlin"; - latitude = "48.7687"; - longitude = "9.2478"; - elevation = 247; - }; - sun.elevation = 66; - discovery = {}; - frontend = { }; - mqtt = { - broker = "localhost"; - port = 1883; - client_id = "home-assistant"; - username = "gg23"; - password = "gg23-mqtt"; - keepalive = 60; - protocol = 3.1; - }; - sensor = [ - ]; - switch = [ - (tasmota_s20 "Drucker Strom" "drucker") - (tasmota_s20 "Bett Licht" "bett") - ]; - device_tracker = [ - { - platform = "luci"; - } - ]; - }; - }; - - services.mosquitto = { - enable = true; - host = "0.0.0.0"; - allowAnonymous = false; - checkPasswords = true; - users.gg23 = { - password = "gg23-mqtt"; - acl = [ "topic readwrite #" ]; - }; - }; - environment.systemPackages = [ pkgs.mosquitto ]; } diff --git a/lass/1systems/shodan/physical.nix b/lass/1systems/shodan/physical.nix index 7cfeba932..39a4d9661 100644 --- a/lass/1systems/shodan/physical.nix +++ b/lass/1systems/shodan/physical.nix @@ -46,5 +46,6 @@ services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0" + SUBSYSTEM=="net", ATTR{address}=="00:e0:4c:69:ea:71", NAME="int0" ''; } diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix new file mode 100644 index 000000000..2ec7b94d3 --- /dev/null +++ b/lass/2configs/gg23.nix @@ -0,0 +1,134 @@ +{ config, pkgs, ... }: +with import ; + +{ + networking.networkmanager.unmanaged = [ "int0" ]; + networking.interfaces.int0.ipv4.addresses = [{ + address = "10.42.0.1"; + prefixLength = 24; + }]; + + services.dhcpd4 = { + enable = true; + interfaces = [ "int0" ]; + extraConfig = '' + option subnet-mask 255.255.255.0; + option routers 10.42.0.1; + option domain-name-servers 10.42.0.1; + subnet 10.42.0.0 netmask 255.255.255.0 { + range 10.42.0.100 10.42.0.200; + } + ''; + machines = [ + { ethernetAddress = "c8:3d:d4:2c:40:ae"; hostName = "tv"; ipAddress = "10.42.0.3"; } + { ethernetAddress = "3c:2a:f4:22:28:37"; hostName = "drucker"; ipAddress = "10.42.0.4"; } + { ethernetAddress = "80:7d:3a:67:b7:01"; hostName = "s20-bett"; ipAddress = "10.42.0.10"; } + { ethernetAddress = "80:7d:3a:68:04:f0"; hostName = "s20-drucker"; ipAddress = "10.42.0.11"; } + { ethernetAddress = "80:7d:3a:68:11:a5"; hostName = "s20-kueche"; ipAddress = "10.42.0.12"; } + { ethernetAddress = "80:7d:3a:67:bb:69"; hostName = "s20-stereo"; ipAddress = "10.42.0.13"; } + { ethernetAddress = "80:8d:b7:c5:80:dc"; hostName = "arubaAP"; ipAddress = "10.42.0.99"; } + ]; + }; + + services.dnsmasq = { + enable = true; + resolveLocalQueries = false; + + extraConfig = '' + local=/gg23/ + domain=gg23 + expand-hosts + listen-address=10.42.0.1 + interface=int0 + ''; + }; + + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass + { predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto + { predicate = "-i int0 -p udp --dport 53"; target = "ACCEPT"; } # dns + ]; + krebs.iptables.tables.filter.FORWARD.rules = [ + { v6 = false; predicate = "-d 10.42.0.0/24 -o int0 -m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; } + { v6 = false; predicate = "-s 10.42.0.0/24 -i int0"; target = "ACCEPT"; } + { v6 = false; predicate = "-o int0"; target = "REJECT --reject-with icmp-port-unreachable"; } + { v6 = false; predicate = "-i int0"; target = "REJECT --reject-with icmp-port-unreachable"; } + ]; + krebs.iptables.tables.nat.PREROUTING.rules = [ + { v6 = false; predicate = "-s 10.42.0.0/24"; target = "ACCEPT"; precedence = 1000; } + ]; + krebs.iptables.tables.nat.POSTROUTING.rules = [ + { v6 = false; predicate = "-s 10.42.0.0/24 ! -d 10.42.0.0/24"; target = "MASQUERADE"; } + ]; + + services.home-assistant = let + tasmota_s20 = name: topic: { + platform = "mqtt"; + inherit name; + state_topic = "stat/${topic}/POWER"; + command_topic = "cmnd/${topic}/POWER"; + payload_on = "ON"; + payload_off = "OFF"; + }; + in { + enable = true; + package = pkgs.home-assistant.override { + python3 = pkgs.python36; + #extraComponents = [ + # (pkgs.fetchgit { + # url = "https://github.com/marcschumacher/dwd_pollen"; + # rev = "0.1"; + # sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymllz2p"; + # }) + #]; + }; + config = { + homeassistant = { + name = "Home"; time_zone = "Europe/Berlin"; + latitude = "48.7687"; + longitude = "9.2478"; + elevation = 247; + }; + sun.elevation = 66; + discovery = {}; + frontend = { }; + mqtt = { + broker = "localhost"; + port = 1883; + client_id = "home-assistant"; + username = "gg23"; + password = "gg23-mqtt"; + keepalive = 60; + protocol = 3.1; + }; + sensor = [ + ]; + switch = [ + (tasmota_s20 "Drucker Strom" "drucker") + (tasmota_s20 "Bett Licht" "bett") + (tasmota_s20 "Kueche Licht" "kueche") + ]; + device_tracker = [ + { + platform = "luci"; + } + ]; + }; + }; + + services.mosquitto = { + enable = true; + host = "0.0.0.0"; + allowAnonymous = false; + checkPasswords = true; + users.gg23 = { + password = "gg23-mqtt"; + acl = [ "topic readwrite #" ]; + }; + }; + environment.systemPackages = [ pkgs.mosquitto ]; + +} + -- cgit v1.2.3 From 96fab2da57b6b4bf862c05ea99df31139bde9b9a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 7 Dec 2019 22:43:59 +0100 Subject: l br: set new ip --- lass/2configs/br.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/br.nix b/lass/2configs/br.nix index e4ccffe23..6e0a2385c 100644 --- a/lass/2configs/br.nix +++ b/lass/2configs/br.nix @@ -19,7 +19,7 @@ with import ; netDevices = { bra = { model = "MFCL2700DN"; - ip = "10.42.23.221"; + ip = "10.42.0.4"; }; }; }; -- cgit v1.2.3 From 58031cd50f2f7c8f3b9713077bdc5829b092f4e4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 8 Dec 2019 23:13:04 +0100 Subject: realwallpaper: use working cloudmap --- krebs/3modules/realwallpaper.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index a0c00c20d..c09bb008d 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -29,7 +29,7 @@ let cloudmap = mkOption { type = types.str; - default = "http://xplanetclouds.com/free/local/clouds_2048.jpg"; + default = "http://home.megapass.co.kr/~holywatr/cloud_data/clouds_2048.jpg"; }; marker = mkOption { -- cgit v1.2.3 From 46da29b95bd78f0229642547c25a3fff2686adaf Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 10 Dec 2019 15:56:20 +0100 Subject: pkgs.tinc_graphs: bump to 3.11 --- krebs/5pkgs/simple/tinc_graphs/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/simple/tinc_graphs/default.nix b/krebs/5pkgs/simple/tinc_graphs/default.nix index 20bbc53ba..025e85df0 100644 --- a/krebs/5pkgs/simple/tinc_graphs/default.nix +++ b/krebs/5pkgs/simple/tinc_graphs/default.nix @@ -2,15 +2,17 @@ python3Packages.buildPythonPackage rec { name = "tinc_graphs-${version}"; - version = "0.3.10"; + version = "0.3.11"; + propagatedBuildInputs = with pkgs;[ python3Packages.pygeoip ## ${geolite-legacy}/share/GeoIP/GeoIPCity.dat ]; src = fetchurl { url = "mirror://pypi/t/tinc_graphs/${name}.tar.gz"; - sha256 = "0f4cvb9424fhfmc0hbzmynzh9528fyhx00ayq1nbpgd1p89yw7mc"; + sha256 = "0akvi2srwqny3cd4b9ghssq8wi4kcxd2khabnnvylzs1s9i28fpa"; }; + preFixup = with pkgs;'' wrapProgram $out/bin/build-graphs --prefix PATH : "$out/bin" wrapProgram $out/bin/all-the-graphs --prefix PATH : "${imagemagick}/bin:${graphviz}/bin:$out/bin" -- cgit v1.2.3 From 4baf38fb30d416524768bb28bce5d384a96aff7c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 14 Dec 2019 12:46:01 +0100 Subject: nixpkgs: 4ad6f14 -> 45ea609 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index bb35a51b0..446f27007 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "4ad6f1404a8cd69a11f16edba09cc569e5012e42", - "date": "2019-11-23T00:42:36+01:00", - "sha256": "1pclh0hvma66g3yxrrh9rlzpscqk5ylypnmiczz1bwwrl8n21q3h", + "rev": "45ea60922036b7be302b95d107595f6eb5cd0675", + "date": "2019-12-10T12:38:05+01:00", + "sha256": "11wm7af6ab2979z8yrpcprb6d99kbrjq44a48ayi4a7c58a2xb6q", "fetchSubmodules": false } -- cgit v1.2.3 From e2a43e1e30b635b85a79bedb3d40cd8a888a1d49 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 14 Dec 2019 12:47:00 +0100 Subject: nixpkgs-unstable: e89b215 -> 3140fa8 --- krebs/nixpkgs-unstable.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index d77432258..fa22e2747 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "e89b21504f3e61e535229afa0b121defb52d2a50", - "date": "2019-11-19T07:59:43-05:00", - "sha256": "0jqcv3rfki3mwda00g66d27k6q2y7ca5mslrnshfpbdm7j8ya0kj", + "rev": "3140fa89c51233397f496f49014f6b23216667c2", + "date": "2019-12-05T01:28:43+01:00", + "sha256": "18p0d5lnfvzsyfah02mf6bi249990pfwnylwhqdh8qi70ncrk3f8", "fetchSubmodules": false } -- cgit v1.2.3 [cgit] Unable to lock slot /tmp/cgit/08000000.lock: No such file or directory (2)