From 48502fb07e2f3c1adfe098179172d3d43fed3cba Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Tue, 24 May 2016 23:19:43 +0200
Subject: k 3 l: add fritz pubkey

---
 krebs/3modules/lass/default.nix | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'krebs')

diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 03e067f35..65da85ac4 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -311,5 +311,8 @@ with config.krebs.lib;
       pubkey = builtins.readFile ./ssh/shodan.rsa;
       pgp.pubkeys.default = builtins.readFile ./pgp/shodan.pgp;
     };
+    fritz = {
+      pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
+    };
   };
 }
-- 
cgit v1.2.3


From 0d8a0ed71d370455f192efea903e96b01ab86e25 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 25 May 2016 00:08:34 +0200
Subject: writeHaskellBin: init

---
 krebs/5pkgs/builders.nix | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'krebs')

diff --git a/krebs/5pkgs/builders.nix b/krebs/5pkgs/builders.nix
index 19169b186..8506801bb 100644
--- a/krebs/5pkgs/builders.nix
+++ b/krebs/5pkgs/builders.nix
@@ -66,6 +66,46 @@ rec {
     mv "$textPath" $out
   '';
 
+  writeHaskellBin =
+    k:
+    let
+      k' = parseDrvName k;
+      name = k'.name;
+      version = if k'.version != "" then k'.version else "0";
+    in
+    { build-depends ? ["base"] ++ depends
+    , depends ? []
+    , ghc-options ? ["-Wall" "-O3" "-threaded" "-rtsopts"]
+    , haskellPackages ? pkgs.haskellPackages
+    , license ? "WTFPL"
+    }:
+    main-text:
+    let
+      cabal-file = pkgs.writeText "${name}-${version}.cabal" ''
+        build-type: Simple
+        cabal-version: >= 1.2
+        name: ${name}
+        version: ${version}
+
+        executable ${name}
+          build-depends: ${concatStringsSep "," build-depends}
+          ghc-options: ${toString ghc-options}
+          main-is: ${main-file.name}
+      '';
+      main-file = pkgs.writeText "${name}-${version}.hs" main-text;
+    in
+      haskellPackages.mkDerivation rec {
+        inherit license version;
+        executableHaskellDepends = attrVals build-depends haskellPackages;
+        isExecutable = true;
+        isLibrary = false;
+        pname = name;
+        src = pkgs.runCommand "${name}-${version}-src" {} ''
+          install -D ${cabal-file} $out/${cabal-file.name}
+          install -D ${main-file}  $out/${main-file.name}
+        '';
+      };
+
   writeNixFromCabal = name: path: pkgs.runCommand name {} ''
     ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
   '';
-- 
cgit v1.2.3


From 2b71d7f72865215717a2c604cb391f87af73c0a9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 25 May 2016 00:28:09 +0200
Subject: writeNixFromCabal: deprecate

---
 krebs/5pkgs/builders.nix | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'krebs')

diff --git a/krebs/5pkgs/builders.nix b/krebs/5pkgs/builders.nix
index 8506801bb..39b91d144 100644
--- a/krebs/5pkgs/builders.nix
+++ b/krebs/5pkgs/builders.nix
@@ -106,7 +106,12 @@ rec {
         '';
       };
 
-  writeNixFromCabal = name: path: pkgs.runCommand name {} ''
-    ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
-  '';
+  writeNixFromCabal =
+    trace (toString [
+      "The function `writeNixFromCabal` has been deprecated in favour of"
+      "`writeHaskellBin'."
+    ])
+    (name: path: pkgs.runCommand name {} ''
+      ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out
+    '');
 }
-- 
cgit v1.2.3


From cc938e61f8d86b2554509a748fc455f0157f9cf7 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Sun, 29 May 2016 00:32:55 +0200
Subject: k 3 iptables: allow DNAT rules

---
 krebs/3modules/iptables.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'krebs')

diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix
index 4b99873a1..bb06a9388 100644
--- a/krebs/3modules/iptables.nix
+++ b/krebs/3modules/iptables.nix
@@ -124,7 +124,7 @@ let
 
       buildRule = tn: cn: rule:
         #target validation test:
-        assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))) || hasPrefix "REDIRECT" rule.target;
+        assert (elem rule.target ([ "ACCEPT" "REJECT" "DROP" "QUEUE" "LOG" "RETURN" ] ++ (attrNames ts."${tn}"))) || hasPrefix "REDIRECT" rule.target || hasPrefix "DNAT" rule.target;
 
         #predicate validation test:
         #maybe use iptables-test
-- 
cgit v1.2.3


From 806e592d3e67defff6d626ef3b48647d1a4c28cf Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Wed, 1 Jun 2016 00:07:14 +0200
Subject: k 3 nginx: unique server-names to silence nginx

---
 krebs/3modules/nginx.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'krebs')

diff --git a/krebs/3modules/nginx.nix b/krebs/3modules/nginx.nix
index 6af93a570..fc7fcca6f 100644
--- a/krebs/3modules/nginx.nix
+++ b/krebs/3modules/nginx.nix
@@ -119,7 +119,7 @@ let
 
   to-server = { server-names, listen, locations, extraConfig, ssl, ... }: ''
     server {
-      server_name ${toString server-names};
+      server_name ${toString (unique server-names)};
       ${concatMapStringsSep "\n" (x: indent "listen ${x};") listen}
       ${optionalString ssl.enable (indent ''
         listen 443 ssl;
-- 
cgit v1.2.3


From 7bd85d7bbbce68ba7317e16b805b1093ded3f1e2 Mon Sep 17 00:00:00 2001
From: lassulus <lass@aidsballs.de>
Date: Wed, 1 Jun 2016 00:14:48 +0200
Subject: k 5: disable buildbot override

---
 krebs/5pkgs/default.nix | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'krebs')

diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index c96e71538..53fc4de44 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -36,13 +36,13 @@ with config.krebs.lib;
 
     ReaktorPlugins = callPackage ./Reaktor/plugins.nix {};
 
-    buildbot = callPackage <nixpkgs/pkgs/development/tools/build-managers/buildbot> {
-      inherit (pkgs.pythonPackages) twisted jinja2;
-      dateutil = pkgs.pythonPackages.dateutil_1_5;
-      sqlalchemy_migrate_0_7 = pkgs.pythonPackages.sqlalchemy_migrate_func (pkgs.pythonPackages.sqlalchemy7.override {
-        doCheck = false;
-      });
-    };
+    #buildbot = callPackage <nixpkgs/pkgs/development/tools/build-managers/buildbot> {
+    #  inherit (pkgs.pythonPackages) twisted jinja2;
+    #  dateutil = pkgs.pythonPackages.dateutil_1_5;
+    #  sqlalchemy_migrate_0_7 = pkgs.pythonPackages.sqlalchemy_migrate_func (pkgs.pythonPackages.sqlalchemy7.override {
+    #    doCheck = false;
+    #  });
+    #};
 
     # XXX symlinkJoin changed arguments somewhere around nixpkgs d541e0d
     symlinkJoin = { name, paths, ... }@args: let
-- 
cgit v1.2.3

[cgit] Unable to lock slot /tmp/cgit/16000000.lock: No such file or directory (2)