makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions1 Packages Projects Releases Wiki Activity

Merge remote-tracking branches 'gum/master' and 'prism/master'

Browse source
This commit is contained in:
tv 2017-05-16 23:32:10 +02:00
parent 015649b9b3 514dda7d1e f27676c5ea
commit 1181cd4424
58 changed files with 696 additions and 143 deletions

2
krebs/3modules/default.nix
View file

@ -34,10 +34,10 @@ let
./Reaktor.nix
./realwallpaper.nix
./retiolum-bootstrap.nix
./retiolum.nix
./rtorrent.nix
./secret.nix
./setuid.nix
./tinc.nix
./tinc_graphs.nix
./urlwatch.nix
./repo-sync.nix

30
krebs/3modules/lass/default.nix
View file

@ -10,7 +10,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "144.76.172.188";
aliases = [
"dishfire.internet"
"dishfire.i"
];
ssh.port = 45621;
};
@ -42,7 +42,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "104.233.79.118";
aliases = [
"echelon.internet"
"echelon.i"
];
ssh.port = 45621;
};
@ -82,9 +82,8 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "213.239.205.240";
aliases = [
"prism.internet"
"prism.i"
"paste.i"
"paste.internet"
];
ssh.port = 45621;
};
@ -132,7 +131,7 @@ with import <stockholm/lib>;
internet = {
ip4.addr = "104.167.113.104";
aliases = [
"cloudkrebs.internet"
"cloudkrebs.i"
];
ssh.port = 45621;
};
@ -302,6 +301,27 @@ with import <stockholm/lib>;
iso = {
cores = 1;
};
sokrateslaptop = {
nets = {
retiolum = {
ip4.addr = "10.243.142.104";
ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc";
aliases = [
"sokrateslaptop.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
};
users = {
lass = {

26
krebs/3modules/makefu/default.nix
View file

@ -26,6 +26,31 @@ with import <stockholm/lib>;
};
};
};
studio = rec {
cores = 4;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio";
nets = {
retiolum = {
ip4.addr = "10.243.227.163";
ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6";
aliases = [
"studio.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti
cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk
GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI
jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1
78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu
8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
fileleech = rec {
cores = 4;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
@ -449,6 +474,7 @@ with import <stockholm/lib>;
nets = rec {
internet = {
ip4.addr = "188.68.40.19";
ip6.addr = "2a03:4000:17:2df::1";
aliases = [
"gum.i"
];

48
krebs/3modules/retiolum.nix → krebs/3modules/tinc.nix
View file

@ -17,6 +17,27 @@ let
in {
enable = mkEnableOption "krebs.tinc.${netname}" // { default = true; };
enableLegacy = mkEnableOption "/etc/tinc/${netname}";
confDir = mkOption {
type = types.package;
default = pkgs.linkFarm "${netname}-etc-tinc"
(mapAttrsToList (name: path: { inherit name path; }) {
"hosts" = tinc.config.hostsPackage;
"tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
Name = ${tinc.config.host.name}
Interface = ${netname}
${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
PrivateKeyFile = ${tinc.config.privkey.path}
Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
${tinc.config.extraConfig}
'';
"tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
${tinc.config.iproutePackage}/sbin/ip link set ${netname} up
${tinc.config.tincUp}
'';
});
};
host = mkOption {
type = types.host;
@ -175,29 +196,16 @@ let
}
) config.krebs.tinc;
environment.etc = mapAttrs' (netname: cfg:
nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy {
source = cfg.confDir;
})
) config.krebs.tinc;
systemd.services = mapAttrs (netname: cfg:
let
tinc = cfg.tincPackage;
iproute = cfg.iproutePackage;
confDir = let
namePathPair = name: path: { inherit name path; };
in pkgs.linkFarm "${netname}-etc-tinc" (mapAttrsToList namePathPair {
"hosts" = cfg.hostsPackage;
"tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" ''
Name = ${cfg.host.name}
Interface = ${netname}
${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)}
PrivateKeyFile = ${cfg.privkey.path}
Port = ${toString cfg.host.nets.${cfg.netname}.tinc.port}
${cfg.extraConfig}
'';
"tinc-up" = pkgs.writeDash "${netname}-tinc-up" ''
${iproute}/sbin/ip link set ${netname} up
${cfg.tincUp}
'';
}
);
in {
description = "Tinc daemon for ${netname}";
after = [ "network.target" ];
@ -206,7 +214,7 @@ let
path = [ tinc iproute ];
serviceConfig = rec {
Restart = "always";
ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid";
ExecStart = "${tinc}/sbin/tincd -c ${cfg.confDir} -d 0 -U ${cfg.user.name} -D --pidfile=/var/run/tinc.${SyslogIdentifier}.pid";
SyslogIdentifier = netname;
};
}

18
krebs/5pkgs/Reaktor/scripts/sed-plugin.py
View file

@ -3,15 +3,17 @@
# Usage:
# _from=krebs state_dir=. python sed-plugin.py 'dick butt'
# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g'
## dick bull
# > dick bull
import shelve
from os import environ
from os.path import join
from sys import argv
d = shelve.open(join(environ['state_dir'],'sed-plugin.shelve'),writeback=True)
usr = environ['_from']
import re
d = shelve.open(join(environ['state_dir'], 'sed-plugin.shelve'), writeback=True)
usr = environ['_from']
def is_regex(line):
myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$')
return myre.match(line)
@ -19,15 +21,15 @@ def is_regex(line):
line = argv[1]
if is_regex(line):
last = d.get(usr,None)
last = d.get(usr, None)
if last:
from subprocess import Popen,PIPE
p = Popen(['sed',line],stdin=PIPE,stdout=PIPE)
so,se = p.communicate(bytes("{}\n".format(last),"UTF-8"))
from subprocess import Popen, PIPE
p = Popen(['sed', line], stdin=PIPE, stdout=PIPE)
so, se = p.communicate(bytes("{}\n".format(last), "UTF-8"))
if p.returncode:
print("something went wrong when trying to process your regex: {}".format(se.decode()))
ret = so.decode()
print("\x1b[1m{}\x1b[0m meinte: {}".format(usr,ret.strip()))
print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip()))
if ret:
d[usr] = ret

15
krebs/5pkgs/goify/default.nix
View file

@ -1,17 +1,18 @@
{ pkgs, ... }:
pkgs.writeDashBin "goify" ''
pkgs.writeBashBin "goify" ''
set -euf
GO_HOST=''${GO_HOST:-go}
while read line; do
echo "$line" | sed -E 's|https?://\S*|\n&\n|g' | while read word; do
if echo "$word" | grep -Eq ^https?:; then
${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" | tr -d '\r'
echo "$line" | sed 's|https\?://\S*|\n&\n|g' | while read word; do
if echo "$word" | grep -q '^https\?:'; then
${pkgs.curl}/bin/curl -Ss -F uri="$word" http://"$GO_HOST" \
| tr -d '\r'
else
echo "$word";
fi;
done | sed '/^$/d' | tr '\n' ' '; echo;
echo "$word"
fi
done | grep . | tr '\n' ' '; echo
done
''

18
krebs/5pkgs/haskell-overrides/news.nix Normal file
View file

@ -0,0 +1,18 @@
{ mkDerivation, base, bloomfilter, bytestring, feed, fetchgit, lens
, stdenv, wreq
}:
mkDerivation {
pname = "news";
version = "1.0.0";
src = fetchgit {
url = "http://cgit.lassul.us/news";
sha256 = "1n3ffr2a5irr5aly0y7qsafag3kxvyyh077ayk0vdwbd0s9hvnjs";
rev = "c3eb2c0a1a34fc41e18d0bc99b1c4dc73aa6eb20";
};
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
base bloomfilter bytestring feed lens wreq
];
license = stdenv.lib.licenses.mit;
}

4
krebs/5pkgs/weechat/default.nix
View file

@ -21,12 +21,12 @@ let
in
stdenv.mkDerivation rec {
version = "1.7.1";
version = "1.8";
name = "weechat-${version}";
src = fetchurl {
url = "http://weechat.org/files/src/weechat-${version}.tar.bz2";
sha256 = "1020m1lsm8lg9n0dlxgp2wbn9b0r11g8r0namnzi2x6gvxn7iyf0";
sha256 = "10km0437lg9ms6f16h20s89l2w9f9g597rykybxb16s95ql48z08";
};
outputs = [ "out" "doc" ];

1
lass/1systems/helios.nix
View file

@ -48,6 +48,7 @@ with import <stockholm/lib>;
maven
arandr
libreoffice
mpv
];
}
#{

1
lass/1systems/iso.nix
View file

@ -7,7 +7,6 @@ with import <stockholm/lib>;
../../krebs
../3modules
../5pkgs
../2configs/binary-cache/client.nix
../2configs/mc.nix
../2configs/nixpkgs.nix
../2configs/vim.nix

2
lass/1systems/prism.nix
View file

@ -256,7 +256,7 @@ in {
{
krebs.Reaktor.coders = {
nickname = "Reaktor|lass";
channels = [ "#coders" ];
channels = [ "#coders" "#germany" ];
extraEnviron = {
REAKTOR_HOST = "irc.hackint.org";
};

53
lass/2configs/buildbot-standalone.nix
View file

@ -92,7 +92,6 @@ in {
nixshell = [
"nix-shell",
"-I", "stockholm=.",
"-I", "nixpkgs=/var/src/nixpkgs",
"-p"
] + deps + [ "--run" ]
@ -107,11 +106,9 @@ in {
for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]:
addShell(f,name="build-{}".format(i),env=env_shared,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=build \
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
make NIX_PATH=$HOME/$LOGNAME test method=build \
target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@ -119,11 +116,9 @@ in {
for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=build \
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
make NIX_PATH=$HOME/$LOGNAME test method=build \
target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@ -131,11 +126,9 @@ in {
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
addShell(f,name="build-{}".format(i),env=env_makefu,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=build \
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
make NIX_PATH=$HOME/$LOGNAME test method=build \
target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@ -143,11 +136,9 @@ in {
for i in [ "hiawatha", "onondaga" ]:
addShell(f,name="build-{}".format(i),env=env_nin,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=build \
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
make NIX_PATH=$HOME/$LOGNAME test method=build \
target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
system={}".format(i)
]
)
@ -211,7 +202,7 @@ in {
]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
make system=prism pkgs.{}".format(i)])
bu.append(util.BuilderConfig(name="build-pkgs",
@ -255,7 +246,7 @@ in {
options.lass.build-ssh-privkey = mkOption {
type = types.secret-file;
default = {
path = "${config.users.users.buildbotworker.home}/ssh.privkey";
path = "${config.users.users.buildbotworker.home}/.ssh/id_rsa";
owner = { inherit (config.users.users.buildbotworker ) name uid;};
source-path = toString <secrets> + "/build.ssh.key";
};
@ -263,16 +254,10 @@ in {
config.krebs.secret.files = {
build-ssh-privkey = config.lass.build-ssh-privkey;
};
config.users.users = {
build = {
name = "build";
uid = genid "build";
home = "/home/build";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP lass@mors"
];
};
config.users.users.buildbotworker = {
useDefaultShell = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP"
];
};
}

1
lass/2configs/default.nix
View file

@ -150,6 +150,7 @@ with import <stockholm/lib>;
untilport
usbutils
logify
goify
#unpack stuff
p7zip

4
lass/2configs/git.nix
View file

@ -30,6 +30,10 @@ let
rules = concatMap make-rules (attrValues repos);
public-repos = mapAttrs make-public-repo {
news = {
cgit.desc = "take a rss feed and a timeout and print it to stdout";
cgit.section = "software";
};
stockholm = {
cgit.desc = "take all the computers hostage, they'll love you!";
cgit.section = "configuration";

2
lass/2configs/ircd.nix
View file

@ -94,6 +94,8 @@
general {
#maybe we want ident someday?
disable_auth = yes;
throttle_duration = 1;
throttle_count = 1000;
};
'';
};

2
lass/2configs/mpv.nix
View file

@ -34,7 +34,7 @@ let
down = moveToDir "Y" "./down";
in {
krebs.per-user.lass.packages = [
environment.systemPackages = [
mpv
];
}

35
lass/2configs/newsbot-js.nix
View file

@ -3,19 +3,17 @@
let
newsfile = pkgs.writeText "feeds" ''
aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#news
aktuelle_themen|http://bundestag.de/service/rss/Bundestag_Aktuelle_Themen.rss|#news #bundestag
allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#news
anon|http://anoninsiders.net/feed/|#news
antirez|http://antirez.com/rss|#news
arbor|http://feeds2.feedburner.com/asert/|#news
archlinux|http://www.archlinux.org/feeds/news/|#news
ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#news
augustl|http://augustl.com/atom.xml|#news
bbc|http://feeds.bbci.co.uk/news/rss.xml|#news
bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#news
bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#news #bundestag
bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#news #bundestag
bdt_pressemitteilungen|http://bundestag.de/service/rss/Bundestag_Presse.rss|#news #bundestag
bdt_wd|http://bundestag.de/service/rss/Bundestag_WD.rss|#news #bundestag
bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#news
bitcoinpakistan|https://bitcoinspakistan.com/feed/|#news #financial
c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#news
cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#news
@ -30,9 +28,7 @@ let
chan_b|https://boards.4chan.org/b/index.rss|#brainfuck
chan_biz|https://boards.4chan.org/biz/index.rss|#news #brainfuck
chan_int|https://boards.4chan.org/int/index.rss|#news #brainfuck
cna|http://www.channelnewsasia.com/starterkit/servlet/cna/rss/home.xml|#news
coinspotting|http://coinspotting.com/rss|#news #financial
cryptanalysis|https://cryptanalys.is/rss.php|#news
cryptocoinsnews|http://www.cryptocoinsnews.com/feed/|#news #financial
cryptogon|http://www.cryptogon.com/?feed=rss2|#news
csm|http://rss.csmonitor.com/feeds/csm|#news
@ -52,12 +48,9 @@ let
fars|http://www.farsnews.com/rss.php|#news #test
faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#news
faz_politik|http://www.faz.net/rss/aktuell/politik/|#news
faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news #financial
fbi|http://www.fbi.gov/homepage/RSS|#news #bullerei
fbi_news|http://www.fbi.gov/news/news_blog/rss.xml|#news
fbi_press|http://www.fbi.gov/news/current/rss.xml|#news #bullerei
fbi_stories|http://www.fbi.gov/news/stories/all-stories/rss.xml|#news #bullerei
fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news #financial
faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news
fbi|https://www.fbi.gov/news/rss.xml|#news
fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news
fefe|http://blog.fefe.de/rss.xml|#news
forbes|http://www.forbes.com/forbes/feed2/|#news
forbes_realtime|http://www.forbes.com/real-time/feed2/|#news
@ -65,18 +58,18 @@ let
geheimorganisation|http://geheimorganisation.org/feed/|#news
GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#news
gmanet|http://www.gmanetwork.com/news/rss/news|#news
golem|http://www.golem.de/rss.php?feed=RSS1.0|#news
golem|https://rss.golem.de/rss.php|#news
google|http://news.google.com/?output=rss|#news
greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#news
guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#news
gulli|http://ticker.gulli.com/rss/|#news
handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#news #financial
heise|http://heise.de.feedsportal.com/c/35207/f/653902/index.rss|#news
heise|https://www.heise.de/newsticker/heise-atom.xml|#news
hindu_business|http://www.thehindubusinessline.com/?service=rss|#news #financial
hindu|http://www.thehindu.com/?service=rss|#news
ign|http://feeds.ign.com/ign/all|#news
independent|http://www.independent.com/rss/headlines/|#news
indymedia|http://de.indymedia.org/RSS/newswire.xml|#news
indymedia|https://de.indymedia.org/rss.xml|#news
info_libera|http://www.informationliberation.com/rss.xml|#news
klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#news
korea_herald|http://www.koreaherald.com/rss_xml.php|#news
@ -123,11 +116,11 @@ let
sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#news
shackspace|http://shackspace.de/?feed=rss2|#news
shz_news|http://www.shz.de/nachrichten/newsticker/rss|#news
sky_busi|http://news.sky.com/feeds/rss/business.xml|#news
sky_pol|http://news.sky.com/feeds/rss/politics.xml|#news
sky_strange|http://news.sky.com/feeds/rss/strange.xml|#news
sky_tech|http://news.sky.com/feeds/rss/technology.xml|#news
sky_world|http://news.sky.com/feeds/rss/world.xml|#news
sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#news
sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#news
sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#news
sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#news
sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#news
slashdot|http://rss.slashdot.org/Slashdot/slashdot|#news
slate|http://feeds.slate.com/slate|#news
spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#news
@ -138,7 +131,7 @@ let
stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#news
sz_politik|http://rss.sueddeutsche.de/rss/Politik|#news
sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#news #financial
sz_wissen|http://suche.sueddeutsche.de/rss/Wissen|#news
sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#news
tagesschau|http://www.tagesschau.de/newsticker.rdf|#news
taz|http://taz.de/Themen-des-Tages/!p15;rss/|#news
telegraph_finance|http://www.telegraph.co.uk/finance/rss|#news #financial

2
lass/2configs/nixpkgs.nix
View file

@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://cgit.lassul.us/nixpkgs;
ref = "aa03833";
ref = "2bb9c1c";
};
}

6
lass/2configs/radio.nix
View file

@ -145,6 +145,12 @@ in {
script = "${print_current}/bin/print_current";
pattern = "^current$";
})
(buildSimpleReaktorPlugin "suggest" {
script = "${pkgs.writeDash "suggest" ''
echo "$@" >> $HOME/playlist_suggest
''}";
pattern = "^suggest: (?P<args>.*)$";
})
];
};
services.nginx.virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let

2
lass/2configs/retiolum.nix
View file

@ -5,7 +5,6 @@
krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
{ predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
];
@ -13,6 +12,7 @@
};
krebs.tinc.retiolum = {
enableLegacy = true;
enable = true;
connectTo = [
"prism"

3
lass/2configs/websites/lassulus.nix
View file

@ -80,6 +80,9 @@ in {
locations."= /retiolum-hosts.tar.bz2".extraConfig = ''
alias ${config.krebs.tinc.retiolum.hostsArchive};
'';
locations."= /retiolum.hosts".extraConfig = ''
alias ${pkgs.retiolum-hosts};
'';
locations."/tinc".extraConfig = ''
alias ${config.krebs.tinc_graphs.workingDir}/external;
'';

4
lass/2configs/wine.nix
View file

@ -4,10 +4,10 @@ let
mainUser = config.users.extraUsers.mainUser;
in {
environment.systemPackages = with pkgs; [
krebs.per-user.wine.packages = with pkgs; [
wineUnstable
];
users.extraUsers = {
users.users= {
wine = {
name = "wine";
description = "user for running wine";

1
lass/3modules/default.nix
View file

@ -5,6 +5,7 @@ _:
./folderPerms.nix
./hosts.nix
./mysql-backup.nix
./news.nix
./umts.nix
./usershadow.nix
./xresources.nix

76
lass/3modules/news.nix Normal file
View file

@ -0,0 +1,76 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.lass.news;
out = {
options.lass.news = api;
config = lib.mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "news";
feeds = mkOption {
type = types.listOf (types.submodule { options = {
nick = mkOption {
type = types.str;
};
feedurl = mkOption {
type = types.str;
};
interval = mkOption {
type = types.int;
default = 1000;
};
channels = mkOption {
type = types.listOf types.str;
};
};});
};
user = mkOption {
type = types.user;
default = {
name = "news";
home = "/var/lib/news";
};
};
ircServer = mkOption {
type = types.str;
default = "echelon.r";
description = "to which server the bot should connect";
};
};
imp = {
users.users.${cfg.user.name} = {
inherit (cfg.user) home name uid;
createHome = true;
};
systemd.services = listToAttrs (map (feed:
nameValuePair "news-${feed.nick}" {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
SyslogIdentifier = "news-${feed.nick}";
User = cfg.user.name;
PrivateTmp = true;
Restart = "always";
ExecStart = pkgs.writeDash "news-${feed.nick}" ''
${pkgs.haskellPackages.news}/bin/news '${feed.feedurl}' '${toString feed.interval}' \
| ${pkgs.goify}/bin/goify \
| while :; do
${pkgs.haskellPackages.kirk}/bin/ircout --nick '${feed.nick}' --host '${cfg.ircServer}' \
\${concatStringsSep " \\" feed.channels}
done
'';
};
}
) cfg.feeds);
};
in out

1
lass/5pkgs/default.nix
View file

@ -19,6 +19,7 @@
q = pkgs.callPackage ./q {};
rs = pkgs.callPackage ./rs/default.nix {};
urban = pkgs.callPackage ./urban/default.nix {};
xml2json = pkgs.callPackage ./xml2json/default.nix {};
xmonad-lass = import ./xmonad-lass.nix { inherit pkgs; };
yt-next = pkgs.callPackage ./yt-next/default.nix {};
};

17
lass/5pkgs/xml2json/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ pkgs, ... }:
let
pp = pkgs.python35Packages;
in pp.buildPythonPackage rec {
name = "xml2json-${version}";
version = "22ffcd";
propagatedBuildInputs = [
pp.simplejson
];
src = pkgs.fetchFromGitHub {
owner = "hay";
repo = "xml2json";
rev = "${version}";
sha256 = "1snjd6q6bk517350gdrl8kkphkra0iaz56i583h2q57ab09r29vc";
};
doCheck = false;
}

11
makefu/1systems/gum.nix
View file

@ -4,8 +4,11 @@ with import <stockholm/lib>;
let
external-mac = "3a:66:48:8e:82:b2";
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
external-gw = "188.68.40.1";
external-gw6 = "fe80::1";
external-netmask = 22;
external-netmask6 = 64;
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
in {
@ -14,7 +17,7 @@ in {
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
../2configs/headless.nix
../2configs/fs/single-partition-ext4.nix
../2configs/smart-monitor.nix
# ../2configs/smart-monitor.nix
../2configs/git/cgit-retiolum.nix
../2configs/backup.nix
# ../2configs/mattermost-docker.nix
@ -55,7 +58,6 @@ in {
# ../2configs/logging/central-logging-client.nix
];
services.smartd.devices = [ { device = main-disk;} ];
makefu.dl-dir = "/var/download";
@ -134,6 +136,11 @@ in {
address = external-ip;
prefixLength = external-netmask;
}];
interfaces.et0.ip6 = [{
address = external-ip6;
prefixLength = external-netmask6;
}];
defaultGateway6 = external-gw6;
defaultGateway = external-gw;
nameservers = [ "8.8.8.8" ];
};

75
makefu/1systems/studio.nix Normal file
View file

@ -0,0 +1,75 @@
{ config, pkgs, ... }:
{
imports = [
../.
../2configs/vncserver.nix
../2configs/vim.nix
../2configs/disable_v6.nix
../2configs/jack-on-pulse.nix
../2configs/gui/studio.nix
];
makefu.gui.user = "user"; # we use an extra user
krebs = {
enable = true;
tinc.retiolum.enable = true;
build.host = config.krebs.hosts.studio;
};
networking.firewall.allowedTCPPorts = [ 655 ];
networking.firewall.allowedUDPPorts = [ 655 ];
environment.systemPackages = with pkgs;[
# audio foo
## pulseaudio
pavucontrol
paprefs
pamixer
# extra alsa tools
alsa-hdspconf
alsa-hdspmixer
alsa-hdsploader
# recording
darkice
(mumble.override { jackSupport = true; })
# browsing
firefox
chromium
];
nixpkgs.config.allowUnfree = true;
fonts = {
enableCoreFonts = true;
enableFontDir = true;
enableGhostscriptFonts = true;
fonts = [ ];
};
# ingos favorite display manager
# hardware
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/0aeda516-230e-4c54-9e27-13515c2f3f21";
fsType = "ext4";
};
swapDevices = [ { device = "/dev/disk/by-uuid/1914af67-5a8f-41d3-a1c2-211c39605da9"; } ];
users.users.user = {
isNormalUser = true;
extraGroups = [ "wheel" "audio" ];
uid = 1000;
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
};
}

2
makefu/1systems/tsp.nix
View file

@ -7,7 +7,7 @@
imports =
[ # Include the results of the hardware scan.
../.
../2configs/base-gui.nix
../2configs/gui/base.nix
../2configs/fs/sda-crypto-root.nix
# hardware specifics are in here
../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix

31
makefu/1systems/wbob.nix
View file

@ -1,20 +1,28 @@
{ config, pkgs, lib, ... }:
let
let
rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
user = config.makefu.gui.user;
in {
imports =
[ # Include the results of the hardware scan.
../.
../2configs/zsh-user.nix
../2configs/base-gui.nix
../2configs/tools/core.nix
../2configs/tools/core-gui.nix
../2configs/tools/extra-gui.nix
../2configs/tools/media.nix
../2configs/virtualization.nix
../2configs/tinc/retiolum.nix
../2configs/mqtt.nix
../2configs/deployment/led-fader.nix
# ../2configs/gui/wbob-kiosk.nix
../2configs/gui/studio.nix
../2configs/audio/jack-on-pulse.nix
../2configs/audio/realtime-audio.nix
../2configs/vncserver.nix
];
krebs = {
@ -24,25 +32,10 @@ in {
swapDevices = [ { device = "/var/swap"; } ];
services.xserver = {
layout = lib.mkForce "de";
windowManager = lib.mkForce {
awesome.enable = false;
default = "none";
};
desktopManager.xfce.enable = true;
# xrandrHeads = [ "HDMI1" "HDMI2" ];
# prevent screen from turning off, disable dpms
displayManager.sessionCommands = ''
xset s off -dpms
xrandr --output HDMI2 --right-of HDMI1
'';
};
networking.firewall.allowedUDPPorts = [ 655 ];
networking.firewall.allowedTCPPorts = [ 655 49152 ];
networking.firewall.trustedInterfaces = [ "enp0s25" ];
#services.tinc.networks.siem = {
# name = "display";
# extraConfig = ''
@ -85,7 +78,7 @@ in {
# TODO: add crypto layer
systemd.services."synergy-client" = {
environment.DISPLAY = ":0";
serviceConfig.User = "makefu";
serviceConfig.User = user;
};
services.synergy = {

2
makefu/1systems/x.nix
View file

@ -38,6 +38,8 @@ with import <stockholm/lib>;
# ../2configs/temp/sabnzbd.nix
# development
../2configs/sources
# Krebs
# ../2configs/disable_v6.nix

45
makefu/2configs/audio/jack-on-pulse.nix Normal file
View file

@ -0,0 +1,45 @@
{ config, pkgs, ... }:
let
pulse = pkgs.pulseaudioFull;
user = config.makefu.gui.user;
in
{
sound.enable = true;
hardware.pulseaudio = {
enable = true;
package = pulse;
};
environment.systemPackages = with pkgs; [ jack2Full ];
# from http://anderspapitto.com/posts/2015-11-26-overtone-on-nixos-with-jack-and-pulseaudio.html
systemd.services = {
jackdbus = {
description = "Runs jack, and points pulseaudio at it";
serviceConfig = {
User = user;
Type = "oneshot";
ExecStart = pkgs.writeScript "start_jack.sh" ''
#! ${pkgs.bash}/bin/bash
. ${config.system.build.setEnvironment}
sleep 5 # wait for the gui to load
${pkgs.jack2Full}/bin/jack_control start
sleep 3 # give some time for sources/sinks to be created
${pulse}/bin/pacmd set-default-sink jack_out
${pulse}/bin/pacmd set-default-source jack_in
'';
ExecStop = pkgs.writeScript "stop_jack.sh" ''
#! ${pkgs.bash}/bin/bash
. ${config.system.build.setEnvironment}
${pkgs.jack2Full}/bin/jack_control stop
'';
RemainAfterExit = true;
};
after = [ "display-manager.service" "sound.target" ];
wantedBy = [ "multi-user.target" ];
};
};
}

16
makefu/2configs/audio/realtime-audio.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, pkgs, ... }:
let
user = config.makefu.gui.user;
in
{
imports = [
../sources/musnix.nix # populate musnix
<musnix>
];
musnix.enable = true;
musnix.kernel.optimize = true;
musnix.kernel.realtime = true;
# TODO: musnix.kernel.packages = pkgs.linuxPackages_latest_rt;
users.users."${user}".extraGroups = [ "audio" ];
}

8
makefu/2configs/avahi.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, ...}:
{
services.avahi = {
enable = true;
wideArea = false;
};
environment.systemPackages = [ pkgs.avahi ];
}

5
makefu/2configs/backup.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
# preparation:
@ -32,4 +32,7 @@ in {
# wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
};
environment.systemPackages = [
pkgs.borgbackup
];
}

2
makefu/2configs/default.nix
View file

@ -22,7 +22,7 @@ with import <stockholm/lib>;
user = config.krebs.users.makefu;
source = let
inherit (config.krebs.build) host user;
ref = "4fac473"; # unstable @ 2017-03-31 + command-not-found
ref = "a772c3a"; # unstable @ 2017-05-09 + graceful requests2
in {
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{

39
makefu/2configs/deployment/led-fader.nix Normal file
View file

@ -0,0 +1,39 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
mq = "192.168.8.11";
pkg = pkgs.stdenv.mkDerivation {
name = "ampel-master";
src = pkgs.fetchgit {
url = "http://cgit.euer.krebsco.de/ampel";
rev = "07a6791de368e16cc0864d2676fd255eba522cee";
sha256 = "1jxjapvkfglvgapy7gjbr1nra3ay418nvz70bvypcmv7wc8d4h8q";
};
buildInputs = [
(pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
docopt
paho-mqtt
]))
];
installPhase = ''
install -m755 -D fade.py $out/bin/fade.py
install -m755 -D ampel.py $out/bin/ampel
install -m755 -D times.json $out/share/times.json
'';
};
in {
systemd.services.led-fader = {
description = "Send led change to message queue";
environment = {
NIX_PATH = "/var/src";
};
wantedBy = [ "multi-user.target" ];
serviceConfig = {
# User = "nobody"; # need a user with permissions to run nix-shell
ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json";
PrivateTmp = true;
};
};
}

4
makefu/2configs/deployment/wiki-irc.nix
View file

@ -40,9 +40,9 @@ in {
file { path => "/tmp/logs.json" codec => "json_lines" }
if [output] {
irc {
channels => [ "#krebs" ]
channels => [ "#nixos" , "#krebs" ]
host => "irc.freenode.net"
nick => "nixos-wiki"
nick => "nixos-users-wiki"
format => "%{output}"
}
}

1
makefu/2configs/git/cgit-retiolum.nix
View file

@ -19,6 +19,7 @@ let
cgit.desc = "Build new Stockholm hosts";
};
cac-api = { };
ampel = { };
init-stockholm = {
cgit.desc = "Init stuff for stockholm";
};

4
makefu/2configs/base-gui.nix → makefu/2configs/gui/base.nix
View file

@ -65,7 +65,7 @@ in
cat |derp <<EOF
XTerm*background: black
XTerm*foreground: white
XTerm*FaceName : xft:xos4 Terminus:pixelsize=14
XTerm*FaceName : xft:xos4 Terminus:pixelsize=11
URxvt*termName: rxvt
URxvt*saveLines: 10000
@ -77,7 +77,7 @@ in
URxvt.background: black
URxvt.urgentOnBell: true
URxvt.visualBell: false
URxvt.font : xft:xos4 Terminus:size=12
URxvt.font : xft:xos4 Terminus:size=11
! blue

22
makefu/2configs/gui/studio.nix Normal file
View file

@ -0,0 +1,22 @@
{ config, lib, ... }:
let
user = config.makefu.gui.user;
in
{
services.xserver.enable = true;
services.xserver.displayManager.sddm = {
enable = true;
autoLogin.enable = true;
autoLogin.user = user;
};
# services.xserver.windowMananger.default = "plasma5";
services.xserver.desktopManager = {
default = "plasma5";
plasma5.enable = true;
};
services.xserver.layout = "us";
services.xserver.xkbVariant = "altgr-intl";
services.xserver.xkbOptions = "ctrl:nocaps";
}

0
makefu/2configs/urxvtd.nix → makefu/2configs/gui/urxvtd.nix
View file

23
makefu/2configs/gui/wbob-kiosk.nix Normal file
View file

@ -0,0 +1,23 @@
{ lib, ... }:
{
imports = [
./base.nix
];
services.xserver = {
layout = lib.mkForce "de";
windowManager = lib.mkForce {
awesome.enable = false;
default = "none";
};
desktopManager.xfce.enable = true;
# xrandrHeads = [ "HDMI1" "HDMI2" ];
# prevent screen from turning off, disable dpms
displayManager.sessionCommands = ''
xset s off -dpms
xrandr --output HDMI2 --right-of HDMI1
'';
};
}

2
makefu/2configs/main-laptop.nix
View file

@ -11,7 +11,7 @@ let
user = config.krebs.build.user.name;
in {
imports = [
./base-gui.nix
./gui/base.nix
./fetchWallpaper.nix
./zsh-user.nix
./tools/core.nix

7
makefu/2configs/sources/default.nix Normal file
View file

@ -0,0 +1,7 @@
# the builder pc (my laptop) will also require the sources i use to deploy
# other boxes
{
imports = [
./musnix.nix
];
}

6
makefu/2configs/sources/musnix.nix Normal file
View file

@ -0,0 +1,6 @@
{
krebs.build.source.musnix.git = {
url = https://github.com/musnix/musnix.git;
ref = "37a8378";
};
}

1
makefu/2configs/urlwatch.nix
View file

@ -20,6 +20,7 @@
https://api.github.com/repos/dorimanx/exfat-nofuse/commits
https://api.github.com/repos/dorimanx/exfat-nofuse/tags
https://api.github.com/repos/radare/radare2/tags
https://api.github.com/repos/rapid7/metasploit-framework/tags
];
};
}

62
makefu/2configs/vncserver.nix Normal file
View file

@ -0,0 +1,62 @@
{config,lib,pkgs, ...}:
with lib;
let
pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
pwtmp = "/tmp/vnc-password";
# nixos-unstable tigervnc is currently broken :\
package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
user = config.makefu.gui.user;
vnc_port = 5900;
web_port = 6080;
in {
networking.firewall.allowedTCPPorts = [ 80 vnc_port web_port ];
systemd.services = {
terminal-server = {
description = "VNC Terminal Server";
after = [ "display-manager.service" "graphical.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = user;
Restart = "always";
ExecStartPre = pkgs.writeDash "terminal-pre" ''
sleep 5
install -m0700 -o ${user} ${pwfile} ${pwtmp}
'';
ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}";
PermissionsStartOnly = true;
PrivateTmp = true;
};
};
terminal-web = {
description = "noVNC Web Server";
after = [ "terminal-server.service" "graphical.target" "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "nobody";
ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}";
PrivateTmp = true;
};
};
};
services.nginx.enable = true;
services.nginx.virtualHosts._.locations = {
"/" = {
root = "${pkgs.novnc}";
index = "vnc_auto.html";
};
"/websockify" = {
proxyPass = "http://127.0.0.1:6080/";
extraConfig = ''
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# VNC connection timeout
proxy_read_timeout 61s;
# Disable cache
proxy_buffering off;
'';
};
};
}

5
makefu/3modules/server-config.nix
View file

@ -6,5 +6,10 @@ with import <stockholm/lib>;
type = types.str;
description = "Primary interface of the server";
};
options.makefu.gui.user = lib.mkOption {
type = types.str;
description = "GUI user";
default = config.krebs.build.user.name;
};
}

4
makefu/3modules/taskserver.nix
View file

@ -41,8 +41,8 @@ let
Type = "simple";
ExecStart = "${cfg.package}/bin/taskd server --data ${cfg.workingDir}";
WorkingDirectory = cfg.workingDir;
PrivateTmp = true;
InaccessibleDirectories = "/home /boot /opt /mnt /media";
# PrivateTmp = true;
# InaccessibleDirectories = "/home /boot /opt /mnt /media";
User = "taskd";
};
};

2
makefu/5pkgs/acdcli/default.nix
View file

@ -4,7 +4,7 @@ with python3Packages; buildPythonPackage rec {
name = "acdcli-${version}";
version = "0.3.2";
propagatedBuildInputs = [
dateutil colorama fusepy appdirs requests2 requests_toolbelt six
dateutil colorama fusepy appdirs requests requests_toolbelt six
];
src = fetchurl {
url = "mirror://pypi/a/acdcli/${name}.tar.gz";

4
makefu/5pkgs/alsa-tools/default.nix
View file

@ -1,4 +1,4 @@
{stdenv,alsaToolTarget,fetchurl, alsaLib, ncurses, fltk13, gtk}:
{stdenv,alsaToolTarget,fetchurl, alsaLib, ncurses, fltk13, gtk3}:
stdenv.mkDerivation rec {
name = "alsa-${alsaToolTarget}-${version}";
@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
sha256 = "1lgvyb81md25s9ciswpdsbibmx9s030kvyylf0673w3kbamz1awl";
};
sourceRoot = "${alsaToolsName}/${alsaToolTarget}/";
buildInputs = [ alsaLib fltk13 gtk ncurses ];
buildInputs = [ alsaLib fltk13 gtk3 ncurses ];
meta = {
homepage = http://www.alsa-project.org/;

2
makefu/5pkgs/bintray-upload/default.nix
View file

@ -10,7 +10,7 @@ pkgs.python3Packages.buildPythonPackage rec {
sha256 = "1401saisk98n5wgw73nwh8hb484vayw5c6dlypxc1fp4ybym4zi9";
};
propagatedBuildInputs = with pkgs.python3Packages; [ requests2 ];
propagatedBuildInputs = with pkgs.python3Packages; [ requests ];
meta = {
description = "Simple BinTray utility for uploading packages";

2
makefu/5pkgs/devpi/default.nix
View file

@ -56,7 +56,7 @@ let
sha256 = "0l3a7iyk596x6pvzg7604lzzi012qszr804fqn6f517zcy1xz23j";
};
propagatedBuildInputs = with pkgs.python3Packages; [ requests2 py ];
propagatedBuildInputs = with pkgs.python3Packages; [ requests py ];
meta = {
homepage = https://bitbucket.org/hpk42/devpi;

2
makefu/5pkgs/elchhub/default.nix
View file

@ -16,7 +16,7 @@ in buildPythonPackage rec {
version = "1.0.5";
propagatedBuildInputs = [
flask
requests2
requests
ftputil
redis
];

41
makefu/5pkgs/novnc/default.nix Normal file
View file

@ -0,0 +1,41 @@
{ stdenv, fetchurl, pkgs }:
# source: https://github.com/hyphon81/Nixtack/blob/master/noVNC/noVNC.nix
let
in
stdenv.mkDerivation rec {
name = "novnc-${version}";
version = "0.6.2";
src = fetchurl {
url = "https://github.com/novnc/noVNC/archive/v${version}.tar.gz";
sha256 = "16ygbdzdmnfg9a26d9il4a6fr16qmq0ix9imfbpzl0drfbj7z8kh";
};
p = stdenv.lib.makeBinPath [ pkgs.nettools pkgs.python27Packages.websockify
pkgs.coreutils pkgs.which pkgs.procps ];
# TODO: propagatedBuildInputs does not seem to work with shell scripts
patchPhase = ''
sed -i '1aset -efu\nexport PATH=${p}\n' utils/launch.sh
'';
installPhase = ''
mkdir -p $out/bin
cp utils/launch.sh $out/bin/launch-novnc.sh
chmod +x $out/bin/launch-novnc.sh
mkdir -p $out/images
cp -r images/* $out/images/
mkdir -p $out/include
cp -r include/* $out/include/
cp favicon.ico $out
cp vnc.html $out
cp vnc_auto.html $out
'';
meta = with stdenv.lib; {
homepage = http://novnc.com/info.html;
repositories.git = git://github.com/novnc/noVNC.git;
description = ''
A HTML5 VNC Client
'';
license = licenses.mpl20;
};
}

33
makefu/5pkgs/shackie/default.nix Normal file
View file

@ -0,0 +1,33 @@
{ pkgs, fetchFromGitHub, ... }:
with pkgs.python3Packages;
let
asyncio-irc = buildPythonPackage rec {
name = "asyncio-irc-${version}";
version = "2016-09-02";
src = fetchFromGitHub {
owner = "watchtower";
repo = "asyncirc";
rev = "5384d19";
sha256 = "0xgzdvp0ig0im7r3vbqd3a9rzac0lkk2mvf7y4fw56p8k61df8nv";
};
propagatedBuildInputs = [ blinker ];
};
in
buildPythonPackage rec {
name = "shackie-${version}";
version = "2017-04-24";
propagatedBuildInputs = [
asyncio-irc
beautifulsoup4
lxml
pytz
redis
requests
];
src = fetchFromGitHub {
owner = "shackspace";
repo = "shackie";
rev = "e717ec7";
sha256 = "1ffbjm3x2xcyxl42hfsjs5xg1pm0xsprdi5if9zxa5ycqydmiw3l";
};
}

2
shared/2configs/default.nix
View file

@ -11,7 +11,7 @@ with import <stockholm/lib>;
nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix";
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
ref = "5b0c9d4f92f15f171afa65caf13a29ac1c068a10"; # nixos-17.03 @ 2017-03-03
ref = "22da5d02466ffe465735986d705675982f3646a0"; # nixos-17.03 @ 2017-05-13
};
secrets.file =
if getEnv "dummy_secrets" == "true"