From 655dc61b2b402eab089a410c140f58c916d264f7 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 16:42:04 +0200 Subject: makefu 3: add tinc_graphs module --- makefu/3modules/default.nix | 23 ++++-------- makefu/3modules/tinc_graphs.nix | 79 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+), 17 deletions(-) create mode 100644 makefu/3modules/tinc_graphs.nix (limited to 'makefu') diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 417808425..598365c39 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -1,19 +1,8 @@ -{ config, lib, ... }: +_: -with lib; -let - cfg = config.krebs; +{ + imports = [ + ./tinc_graphs.nix + ]; +} - out = { - imports = [ - ]; - options.krebs = api; - config = mkIf cfg.enable imp; - }; - - api = { }; - - imp = { }; - -in -out diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix new file mode 100644 index 000000000..fa7f10368 --- /dev/null +++ b/makefu/3modules/tinc_graphs.nix @@ -0,0 +1,79 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.makefu.tinc_graphs; + internal_dir = "${cfg.workingDir}/internal"; + external_dir = "${cfg.workingDir}/external"; + + out = { + options.makefu.tinc_graphs = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "makefu.tinc_graphs"; + + geodbPath = mkOption { + type = types.str; + description = "Path to geocitydb, defaults to geolite-legacy"; + default = "${geolite-legacy}/share/GeoIP/GeoIPCity.dat"; + }; + + workingDir = mkOption { + type = types.str; + description = '' + Path to working dir, will create interal and external/. + Defaults to the new users home dir which defaults to + /var/cache/tinc_graphs''; + default = users.extraUsers.tinc_graphs.home; + }; + + timerConfig = mkOption { + type = with types; attrsOf str; + default = { + OnCalendar = "*:0/15"; + }; + }; + }; + + imp = { + + systemd.timers.tinc_graphs = { + description = "Build Tinc Graphs via via timer"; + + timerConfig = cfg.timerConfig; + }; + systemd.services.tinc_graphs = { + description = "Build Tinc Graphs"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + restartIfChanged = true; + + serviceConfig = { + Type = "simple"; + environment = { + EXTERNAL_FOLDER = external_dir; + INTERNAL_FOLDER = internal_dir; + GEODB = cfg.geodbPath; + }; + ExecStartPre = '' + #!/bin/sh + mkdir -p "$EXTERNAL_FOLDER" "$INTERNAL_FOLDER" + ''; + ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; + User = "tinc_graphs"; + privateTmp = true; + }; + }; + + users.extraUsers.tinc_graphs = { + uid = 3925439960; #genid tinc_graphs + home = "/var/cache/tinc_graphs"; + createHome = true; + }; + }; + +in +out -- cgit v1.2.3 From 98e22ae7da764225b5b111a54436c70fedfca5df Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 16:42:55 +0200 Subject: makefu 5 tinc_graphs: bump version --- makefu/5pkgs/default.nix | 2 +- makefu/5pkgs/tinc_graphs/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index 15dab1100..b78183a2a 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -4,7 +4,7 @@ let inherit (pkgs) callPackage; in { - alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";}; + alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";}; alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";}; alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";}; tinc_graphs = callPackage ./tinc_graphs {}; diff --git a/makefu/5pkgs/tinc_graphs/default.nix b/makefu/5pkgs/tinc_graphs/default.nix index c35a8b02e..d0a998f6b 100644 --- a/makefu/5pkgs/tinc_graphs/default.nix +++ b/makefu/5pkgs/tinc_graphs/default.nix @@ -2,7 +2,7 @@ python3Packages.buildPythonPackage rec { name = "tinc_graphs-${version}"; - version = "0.2.8"; + version = "0.2.9"; propagatedBuildInputs = with pkgs;[ python3Packages.pygeoip ## ${geolite-legacy}/share/GeoIP/GeoIPCity.dat -- cgit v1.2.3 From d768877c3447c5e54c69f386187414bcf51ce0b0 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 18:55:08 +0200 Subject: m 5 tinc_graphs: fix path for tinc caller --- makefu/5pkgs/tinc_graphs/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/5pkgs/tinc_graphs/default.nix b/makefu/5pkgs/tinc_graphs/default.nix index d0a998f6b..95f096a30 100644 --- a/makefu/5pkgs/tinc_graphs/default.nix +++ b/makefu/5pkgs/tinc_graphs/default.nix @@ -9,10 +9,12 @@ python3Packages.buildPythonPackage rec { ]; src = fetchurl { url = "https://pypi.python.org/packages/source/t/tinc_graphs/tinc_graphs-${version}.tar.gz"; - sha256 = "1rvy07ybjpqlsf9qizdp0zyq4ibd6w74k4glbbkw0x7j3j2skzdk"; + sha256 = "0fm063qhjlb8g1xahwcqqrd2dxgd38wwi55rhl1k5chr7zajsqfz"; }; preFixup = with pkgs;'' - wrapProgram $out/bin/build-graphs --prefix PATH : "${imagemagick}/bin:${graphviz}/bin" + wrapProgram $out/bin/build-graphs --prefix PATH : "$out/bin" + wrapProgram $out/bin/all-the-graphs --prefix PATH : "${imagemagick}/bin:${graphviz}/bin:$out/bin" + wrapProgram $out/bin/tinc-stats2json --prefix PATH : "${tinc}/bin" ''; meta = { homepage = http://krebsco.de/; -- cgit v1.2.3 From fad02c8d246fad661b96799aba04a94f0e96fe49 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 18:55:36 +0200 Subject: m 3 tinc_graphs: make first working version --- makefu/3modules/tinc_graphs.nix | 69 +++++++++++++++++++++++++++++++++-------- 1 file changed, 56 insertions(+), 13 deletions(-) (limited to 'makefu') diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix index fa7f10368..10f1b23a0 100644 --- a/makefu/3modules/tinc_graphs.nix +++ b/makefu/3modules/tinc_graphs.nix @@ -8,16 +8,38 @@ let out = { options.makefu.tinc_graphs = api; - config = mkIf cfg.enable imp; + config = mkIf cfg.enable imp ; }; api = { - enable = mkEnableOption "makefu.tinc_graphs"; + enable = mkEnableOption "tinc graphs"; geodbPath = mkOption { type = types.str; description = "Path to geocitydb, defaults to geolite-legacy"; - default = "${geolite-legacy}/share/GeoIP/GeoIPCity.dat"; + default = "${pkgs.geolite-legacy}/share/GeoIP/GeoIPCity.dat"; + }; + + krebsNginx = { + # configure krebs nginx to serve the new graphs + enable = mkEnableOption "tinc_graphs nginx"; + + hostnames_complete = { + #TODO: this is not a secure way to serve these graphs,better listen to + # the correct interface, krebs.nginx does not support this yet + + type = with types; listOf str; + description = "hostname which serves complete graphs"; + default = config.krebs.build.host.name; + }; + + hostnames_anonymous = { + type = with types; listOf str; + description = '' + hostname which serves anonymous graphs + must be different from hostname_complete + ''; + }; }; workingDir = mkOption { @@ -26,7 +48,7 @@ let Path to working dir, will create interal and external/. Defaults to the new users home dir which defaults to /var/cache/tinc_graphs''; - default = users.extraUsers.tinc_graphs.home; + default = config.users.extraUsers.tinc_graphs.home; }; timerConfig = mkOption { @@ -38,7 +60,7 @@ let }; imp = { - + environment.systemPackages = [ pkgs.tinc_graphs]; systemd.timers.tinc_graphs = { description = "Build Tinc Graphs via via timer"; @@ -48,22 +70,23 @@ let description = "Build Tinc Graphs"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; + environment = { + EXTERNAL_FOLDER = external_dir; + INTERNAL_FOLDER = internal_dir; + GEODB = cfg.geodbPath; + }; restartIfChanged = true; serviceConfig = { Type = "simple"; - environment = { - EXTERNAL_FOLDER = external_dir; - INTERNAL_FOLDER = internal_dir; - GEODB = cfg.geodbPath; - }; - ExecStartPre = '' + ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' #!/bin/sh - mkdir -p "$EXTERNAL_FOLDER" "$INTERNAL_FOLDER" + mkdir -p "${external_dir}" "${internal_dir}" ''; ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; - User = "tinc_graphs"; + User = "root"; # tinc cannot be queried as user, + # seems to be a tinc-pre issue privateTmp = true; }; }; @@ -73,6 +96,26 @@ let home = "/var/cache/tinc_graphs"; createHome = true; }; + + krebs.nginx.servers = mkIf cfg.krebsNginx.enable { + tinc_graphs_complete = { + server-names = cfg.krebsNginx.hostnames_complete; + locations = [ + (nameValuePair "/" '' + root ${internal_dir}; + '') + ]; + }; + tinc_graphs_anonymous = { + server-names = cfg.krebsNginx.hostnames_anonymous; + #server-names = [ "dick" ]; + locations = [ + (nameValuePair "/" '' + root ${external_dir}; + '') + ]; + }; + }; }; in -- cgit v1.2.3 From 1140a16ba6f6d8d61d6f30b43d340678de576c4b Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 18:55:53 +0200 Subject: configure graphs for wry --- makefu/1systems/wry.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index b4cdab7cf..9368f1ae5 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -9,9 +9,8 @@ in { ../2configs/base.nix ../2configs/base-sources.nix ../2configs/tinc-basic-retiolum.nix - { - } ]; + networking.firewall.allowPing = true; networking.interfaces.enp2s1.ip4 = [ { @@ -29,6 +28,15 @@ in { # prepare graphs nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + krebs.nginx.enable = true; + makefu.tinc_graphs.enable = true; + makefu.tinc_graphs.krebsNginx = { + enable = true; + hostnames_complete = [ "graphs.wry" "graphs.wry.retiolum" ]; + # TODO: remove hard-coded path + hostnames_anonymous = [ "graphs.krebsco.de" ]; + }; + networking.firewall.allowedTCPPorts = [80]; krebs.build = { user = config.krebs.users.makefu; -- cgit v1.2.3