makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions1 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'gum/master'

Browse source
This commit is contained in:
lassulus 2017-08-16 12:33:54 +02:00
parent f8c0bcf1e9 a795766f3a
commit 3b24a8306d
39 changed files with 581 additions and 80 deletions

1
krebs/2configs/default.nix
View file

@ -22,6 +22,7 @@ with import <stockholm/lib>;
environment.systemPackages = with pkgs; [
git
vim
rxvt_unicode.terminfo
];

95
makefu/1systems/darth/config.nix
View file

@ -3,44 +3,62 @@
with import <stockholm/lib>;
let
byid = dev: "/dev/disk/by-id/" + dev;
rootDisk = byid "ata-ADATA_SSD_S599_64GB_10460000000000000039";
auxDisk = byid "ata-HGST_HTS721010A9E630_JR10006PH3A02F";
dataPartition = auxDisk + "-part1";
rootDisk = byid "ata-INTEL_SSDSC2BW480H6_CVTR53120385480EGN";
bootPart = rootDisk + "-part1";
rootPart = rootDisk + "-part2";
allDisks = [ rootDisk ]; # auxDisk
in {
imports = [
<stockholm/makefu>
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
<stockholm/makefu/2configs/sshd-totp.nix>
<stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/exim-retiolum.nix>
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
# <stockholm/makefu/2configs/virtualisation/libvirt.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/share/temp-share-samba.nix>
];
services.samba.shares = {
isos = {
path = "/data/isos/";
"read only" = "yes";
browseable = "yes";
"guest ok" = "yes";
};
};
services.tinc.networks.siem = {
name = "sdarth";
extraConfig = "ConnectTo = sjump";
};
<stockholm/makefu/2configs/tools/core.nix>
<stockholm/makefu/2configs/stats/client.nix>
<stockholm/makefu/2configs/nsupdate-data.nix>
# SIEM
#<stockholm/makefu/2configs/tinc/siem.nix>
# {services.tinc.networks.siem = {
# name = "sdarth";
# extraConfig = "ConnectTo = sjump";
# };
# }
# {
# makefu.forward-journal = {
# enable = true;
# src = "10.8.10.2";
# dst = "10.8.10.6";
# };
# }
## Sharing
# <stockholm/makefu/2configs/share/temp-share-samba.nix>
#{
# services.samba.shares = {
# isos = {
# path = "/data/isos/";
# "read only" = "yes";
# browseable = "yes";
# "guest ok" = "yes";
# };
# };
#}
<stockholm/makefu/2configs/share/anon-ftp.nix>
];
makefu.forward-journal = {
enable = true;
src = "10.8.10.2";
dst = "10.8.10.6";
};
#networking.firewall.enable = false;
makefu.server.primary-itf = "enp0s25";
krebs.hidden-ssh.enable = true;
boot.kernelModules = [ "coretemp" "f71882fg" ];
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
@ -49,31 +67,28 @@ in {
firewall = {
allowPing = true;
logRefusedConnections = false;
trustedInterfaces = [ "eno1" ];
# trustedInterfaces = [ "eno1" ];
allowedUDPPorts = [ 80 655 1655 67 ];
allowedTCPPorts = [ 80 655 1655 ];
};
# fallback connection to the internal virtual network
interfaces.virbr3.ip4 = [{
address = "10.8.8.2";
prefixLength = 24;
}];
# interfaces.virbr3.ip4 = [{
# address = "10.8.8.2";
# prefixLength = 24;
# }];
};
# TODO smartd omo darth gum all-in-one
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
zramSwap.enable = true;
#fileSystems."/data" = {
# device = dataPartition;
# fsType = "ext4";
#};
boot.loader.grub.device = rootDisk;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.makefu-omo.pubkey
config.krebs.users.makefu-vbob.pubkey
boot.initrd.luks.devices = [
{ name = "luksroot";
device = rootPart;
allowDiscards = true;
keyFileSize = 4096;
keyFile = "/dev/sdb";
}
];
krebs.build.host = config.krebs.hosts.darth;

24
makefu/1systems/gum/config.nix
View file

@ -9,6 +9,7 @@ let
external-gw6 = "fe80::1";
external-netmask = 22;
external-netmask6 = 64;
ext-if = "et0"; # gets renamed on the fly
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
in {
@ -41,6 +42,7 @@ in {
<stockholm/makefu/2configs/sabnzbd.nix>
<stockholm/makefu/2configs/torrent.nix>
<stockholm/makefu/2configs/iodined.nix>
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
## Web
<stockholm/makefu/2configs/nginx/share-download.nix>
@ -94,7 +96,7 @@ in {
];
};
makefu.server.primary-itf = ext-if;
# access
users.users = {
@ -120,7 +122,7 @@ in {
# Network
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="et0"
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
'';
boot.kernelParams = [ ];
networking = {
@ -152,14 +154,16 @@ in {
21032
];
};
interfaces.et0.ip4 = [{
address = external-ip;
prefixLength = external-netmask;
}];
interfaces.et0.ip6 = [{
address = external-ip6;
prefixLength = external-netmask6;
}];
interfaces."${ext-if}" = {
ip4 = [{
address = external-ip;
prefixLength = external-netmask;
}];
ip6 = [{
address = external-ip6;
prefixLength = external-netmask6;
}];
};
defaultGateway6 = external-gw6;
defaultGateway = external-gw;
nameservers = [ "8.8.8.8" ];

9
makefu/1systems/x/config.nix
View file

@ -42,6 +42,14 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
<stockholm/makefu/2configs/virtualisation/docker.nix>
<stockholm/makefu/2configs/virtualisation/virtualbox.nix>
{
networking.firewall.allowedTCPPorts = [ 8080 ];
networking.nat = {
enable = true;
externalInterface = "wlp3s0";
internalInterfaces = [ "vboxnet0" ];
};
}
# Services
<stockholm/makefu/2configs/git/brain-retiolum.nix>
@ -81,6 +89,7 @@ with import <stockholm/lib>;
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ];
networking.firewall.allowedUDPPorts = [ 665 26061 ];
networking.firewall.trustedInterfaces = [ "vboxnet0" ];
krebs.build.host = config.krebs.hosts.x;

2
makefu/2configs/audio/jack-on-pulse.nix
View file

@ -45,7 +45,7 @@ in
Restart = "always";
RestartSec = "5";
};
# after = [ "display-manager.service" "sound.target" ];
after = [ "display-manager.service" "sound.target" ];
wantedBy = [ "default.target" ];
};
};

1
makefu/2configs/backup.nix
View file

@ -31,6 +31,7 @@ in {
krebs.backup.plans = {
# wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
# wolf-to-omo_root = defaultPull config.krebs.hosts.wolf "/";
};
environment.systemPackages = [
pkgs.borgbackup

39
makefu/2configs/deployment/gitlab.nix Normal file
View file

@ -0,0 +1,39 @@
{ lib, config, ... }:
let
web-port = 19453;
hostn = "gitlab.makefu.r";
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in {
services.gitlab = {
enable = true;
https = false;
port = web-port;
secrets = import <secrets/gitlab/secrets.nix>;
databasePassword = import <secrets/gitlab/dbpw.nix>;
initialRootEmail = "makefu@x.r";
initialRootPassword = import <secrets/gitlab/rootpw.nix>;
host = hostn;
smtp = {
enable = true;
domain = "r";
enableStartTLSAuto = false;
port = 25;
};
};
services.nginx = {
enable = lib.mkDefault true;
virtualHosts."${hostn}".locations."/" = {
proxyPass = "http://localhost:${toString web-port}/";
extraConfig = ''
if ( $server_addr != "${internal-ip}" ) {
return 403;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
'';
};
};
}

17
makefu/2configs/elchos/search.nix
View file

@ -23,10 +23,21 @@ let
pid=${ddclientPIDFile}
${concatStringsSep "\n" (mapAttrsToList (user: pass: ''
protocol=dyndns2
use=if, if=${primary-itf}
protocol=dyndns2, server=ipv4.nsupdate.info, login=${user}, password='${pass}' ${user}
#usev6=if, if=${primary-itf}
#protocol=dyndns2, server=ipv6.nsupdate.info, login=${user}, password='${pass}' ${user}
ssl=yes
server=ipv4.nsupdate.info
login=${user}
password='${pass}'
${user}
protocol=dyndns2
usev5=if, if=${primary-itf}
ssl=yes
server=ipv6.nsupdate.info
login=${user}
password='${pass}'
${user}
'') dict)}
'';

6
makefu/2configs/fs/sda-crypto-root.nix
View file

@ -4,6 +4,12 @@
# sda1: boot ext4 (label nixboot) - must be unlocked on boot if required:
# boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
# sda2: cryptoluks -> ext4
# fdisk /dev/sda
# boot 500M
# rest rest
# cryptsetup luksFormat /dev/sda2
#
with import <stockholm/lib>;
{
boot = {

32
makefu/2configs/git/gitlab-runner-shackspace.nix Normal file
View file

@ -0,0 +1,32 @@
{ config, ... }:
let
url = "https://git.shackspace.de/";
# generate token from CI-token via:
## gitlab-runner register
token = import <secrets/shackspace-gitlab-ci-token.nix> ;
in {
virtualisation.docker.enable = true;
services.gitlab-runner = {
enable = true;
gracefulTimeout = "120min";
# configFile = "/var/src/secrets/runner.toml";
configOptions = {
concurrent = 2;
runners = [{
name = "nix-krebs-1.11";
inherit token url;
executor = "docker";
builds_dir = "";
docker = {
host = "";
image = "nixos/nix:1.11";
privileged = false;
disable_cache = false;
volumes = ["/cache"];
shm_size = 0;
};
cache = {};
}];
};
};
}

4
makefu/2configs/hw/tp-x230.nix
View file

@ -33,8 +33,8 @@ with import <stockholm/lib>;
Option "Backlight" "intel_backlight"
'';
};
# no entropy source working
# security.rngd.enable = true;
security.rngd.enable = true;
services.xserver.displayManager.sessionCommands =''
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1

31
makefu/2configs/lanparty/samba.nix Normal file
View file

@ -0,0 +1,31 @@
{config, ... }:{
networking.firewall.allowedUDPPorts = [ 137 138 ];
networking.firewall.allowedTCPPorts = [ 139 445 ];
users.users.smbguest = {
name = "smbguest";
uid = config.ids.uids.smbguest;
description = "smb guest user";
home = "/data/lanparty";
createHome = true;
};
services.samba = {
enable = true;
shares = {
share-home = {
path = "/data/lanparty/";
"read only" = "no";
browseable = "yes";
"guest ok" = "yes";
};
};
extraConfig = ''
guest account = smbguest
map to guest = bad user
# disable printing
load printers = no
printing = bsd
printcap name = /dev/null
disable spoolss = yes
'';
};
}

55
makefu/2configs/nsupdate-data.nix Normal file
View file

@ -0,0 +1,55 @@
{ config, lib, pkgs, ... }:
# search also generates ddclient entries for all other logs
with import <stockholm/lib>;
let
#primary-itf = "eth0";
#primary-itf = "wlp2s0";
primary-itf = config.makefu.server.primary-itf;
ddclientUser = "ddclient";
sec = toString <secrets>;
nsupdate = import "${sec}/nsupdate-data.nix";
stateDir = "/var/spool/ddclient";
cfg = "${stateDir}/cfg";
ddclientPIDFile = "${stateDir}/ddclient.pid";
# TODO: correct cert generation requires a `real` internet ip address
gen-cfg = dict: ''
ssl=yes
cache=${stateDir}/ddclient.cache
pid=${ddclientPIDFile}
${concatStringsSep "\n" (mapAttrsToList (user: pass: ''
use=if, if=${primary-itf} protocol=dyndns2, server=ipv4.nsupdate.info, login=${user}, password='${pass}' ${user}
usev6=if, if=${primary-itf} protocol=dyndns2, server=ipv6.nsupdate.info, login=${user}, password='${pass}' ${user}
'') dict)}
'';
in {
users.extraUsers = singleton {
name = ddclientUser;
uid = genid "ddclient";
description = "ddclient daemon user";
home = stateDir;
createHome = true;
};
systemd.services = {
ddclient-nsupdate-elchos = {
wantedBy = [ "multi-user.target" ];
after = [ "ip-up.target" ];
serviceConfig = {
Type = "forking";
User = ddclientUser;
PIDFile = ddclientPIDFile;
ExecStartPre = pkgs.writeDash "init-nsupdate" ''
cp -vf ${pkgs.writeText "ddclient-config" (gen-cfg nsupdate)} ${cfg}
chmod 700 ${cfg}
'';
ExecStart = "${pkgs.ddclient}/bin/ddclient -verbose -daemon 1 -noquiet -file ${cfg}";
};
};
};
}

2
makefu/2configs/share/anon-ftp.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }:
let
ftpdir = "/home/ftp";
ftpdir = "/data";
in {
networking.firewall = {
allowedTCPPorts = [ 20 21 ];

4
makefu/2configs/share/gum.nix
View file

@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
with config.krebs.lib;
with import <stockholm/lib>;
let
hostname = config.krebs.build.host.name;
in {
@ -11,7 +11,7 @@ in {
# home = "/var/empty";
# };
users.users.download = { };
users.users.download.uid = genid "download";
services.samba = {
enable = true;
shares = {

3
makefu/2configs/tools/android-pentest.nix
View file

@ -10,5 +10,8 @@
apktool
jd-gui
android-studio
jdk
jre
openssl
];
}

3
makefu/2configs/tools/dev.nix
View file

@ -1,9 +1,10 @@
{ pkgs, ... }:
{
krebs.per-user.makefu.packages = with pkgs;[
users.users.makefu.packages = with pkgs;[
python35Packages.virtualenv
# embedded
gi
flashrom
mosquitto
libcoap

1
makefu/2configs/tools/extra-gui.nix
View file

@ -13,5 +13,6 @@
# Dev
saleae-logic
arduino-user-env
gitAndTools.gitFull
];
}

25
makefu/2configs/urlwatch/default.nix
View file

@ -1,6 +1,11 @@
{ config, lib, ... }:
{
let
grss = name: { #github rss feed
url = "https://github.com/${name}/releases.atom";
filter = "grepi:(<updated|<media.thumbnail)";
};
in {
krebs.urlwatch = {
enable = true;
mailto = config.krebs.users.makefu.mail;
@ -10,14 +15,7 @@
## nixpkgs maintenance
# github
## No rate limit
https://github.com/amadvance/snapraid/releases.atom
https://github.com/radare/radare2/releases.atom
https://github.com/ovh/python-ovh/releases.atom
https://github.com/embray/d2to1/releases.atom
https://github.com/Mic92/vicious/releases.atom
https://github.com/embray/d2to1/releases.atom
https://github.com/dorimanx/exfat-nofuse/releases.atom
https://github.com/rapid7/metasploit-framework/releases.atom
## rate limited
# https://api.github.com/repos/dorimanx/exfat-nofuse/commits
# https://api.github.com/repos/mcepl/gen-oath-safe/commits
@ -39,6 +37,15 @@
filter = "grep:Software/Linux/dymo-cups-drivers";
}
# TODO: dymo cups
] ++ map grss [
"amadvance/snapraid"
"radare/radare2"
"ovh/python-ovh"
"embray/d2to1"
"Mic92/vicious"
"embray/d2to1"
"dorimanx/exfat-nofuse"
"rapid7/metasploit-framework"
];
};
}

3
makefu/2configs/vim.nix
View file

@ -21,6 +21,9 @@ in {
vimrcConfig.customRC = ''
set nocompatible
syntax on
set list
set listchars=tab:
"set list listchars=tab:>-,trail:.,extends:>
filetype off
filetype plugin indent on

6
makefu/2configs/virtualisation/docker.nix
View file

@ -1,4 +1,8 @@
{...}:
{ pkgs, ... }:
{
virtualisation.docker.enable = true;
environment.systemPackages = with pkgs;[
docker
docker_compose
];
}

82
makefu/5pkgs/cmpforopenssl/default.nix Normal file
View file

@ -0,0 +1,82 @@
{ stdenv, fetchurl, buildPackages, perl, fetchgit
, hostPlatform
}:
with stdenv.lib;
let
common = args@{ rev, sha256, patches ? [] }: stdenv.mkDerivation rec {
name = "cmpforopenssl-${rev}";
src = fetchgit {
url = "https://git.code.sf.net/p/cmpforopenssl/git";
inherit sha256 rev;
fetchSubmodules = false;
deepClone = false;
};
patches =
(args.patches or [])
++ [ ./nix-ssl-cert-file.patch ];
outputs = [ "bin" "dev" "out" "man" ];
setOutputFlags = false;
separateDebugInfo = stdenv.isLinux;
nativeBuildInputs = [ perl ];
configureScript = "./config";
configureFlags = [
"shared"
"--libdir=lib"
"--openssldir=etc/ssl"
] ;
makeFlags = [ "MANDIR=$(man)/share/man" ];
# Parallel building is broken in OpenSSL.
enableParallelBuilding = false;
postInstall = ''
# If we're building dynamic libraries, then don't install static
# libraries.
if [ -n "$(echo $out/lib/*.so $out/lib/*.dylib $out/lib/*.dll)" ]; then
rm "$out/lib/"*.a
fi
mkdir -p $bin
mv $out/bin $bin/
mkdir $dev
mv $out/include $dev/
# remove dependency on Perl at runtime
rm -r $out/etc/ssl/misc
rmdir $out/etc/ssl/{certs,private}
'';
postFixup = ''
# Check to make sure the main output doesn't depend on perl
if grep -r '${buildPackages.perl}' $out; then
echo "Found an erroneous dependency on perl ^^^" >&2
exit 1
fi
'';
meta = {
homepage = https://sourceforge.net/p/cmpforopenssl ;
description = "A cryptographic library that implements the SSL and TLS protocols";
platforms = stdenv.lib.platforms.all;
maintainers = [ stdenv.lib.maintainers.makefu ];
priority = 0; # resolves collision with man-pages
};
};
in common {
rev = "462b3";
sha256 = "1h2k1c4lg27gmsyd72zrlr303jw765x8sscxblq2jwb44jag85na";
}

14
makefu/5pkgs/cmpforopenssl/nix-ssl-cert-file.patch Normal file
View file

@ -0,0 +1,14 @@
diff -ru -x '*~' openssl-1.0.2j-orig/crypto/x509/by_file.c openssl-1.0.2j/crypto/x509/by_file.c
--- openssl-1.0.2j-orig/crypto/x509/by_file.c 2016-09-26 11:49:07.000000000 +0200
+++ openssl-1.0.2j/crypto/x509/by_file.c 2016-10-13 16:54:31.400288302 +0200
@@ -97,7 +97,9 @@
switch (cmd) {
case X509_L_FILE_LOAD:
if (argl == X509_FILETYPE_DEFAULT) {
- file = (char *)getenv(X509_get_default_cert_file_env());
+ file = (char *)getenv("NIX_SSL_CERT_FILE");
+ if (!file)
+ file = (char *)getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file(ctx, file,
X509_FILETYPE_PEM) != 0);

0
makefu/5pkgs/alsa-tools/default.nix → makefu/5pkgs/custom/alsa-tools/default.nix
View file

3
makefu/5pkgs/custom/default.nix Normal file
View file

@ -0,0 +1,3 @@
{}:
{
}

5
makefu/5pkgs/qcma/default.nix → makefu/5pkgs/custom/qcma/default.nix
View file

@ -1,5 +1,5 @@
{ lib, stdenv, fetchFromGitHub, fetchgit, libusb, libtool, autoconf, pkgconfig, git,
gettext, automake, libxml2 , qmakeHook, makeQtWrapper,
gettext, automake, libxml2 , qmake,
qtbase, qttools, qtmultimedia, libnotify, ffmpeg, gdk_pixbuf }:
let
libvitamtp = stdenv.mkDerivation rec {
@ -52,13 +52,14 @@ in stdenv.mkDerivation rec {
enableParallelBuilding = true;
buildInputs = [ gdk_pixbuf ffmpeg libnotify libvitamtp git qtmultimedia qtbase ];
nativeBuildInputs = [ qmakeHook qttools pkgconfig makeQtWrapper ];
nativeBuildInputs = [ qmake qttools pkgconfig ];
meta = {
description = "Content Manager Assistant for the PS Vita";
homepage = https://github.com/codestation/qcma;
license = stdenv.lib.licenses.gpl2;
platforms = stdenv.lib.platforms.linux;
broken = true;
maintainers = with stdenv.lib.maintainers; [ makefu ];
};
}

11
makefu/5pkgs/default.nix
View file

@ -20,13 +20,14 @@ self: super: let
(filterAttrs (_: eq "directory") (readDir path));
in {
alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";};
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { };
inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
nodemcu-uploader = callPackage ./nodemcu-uploader {};
nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {};
pwqgen-ger = callPackage <stockholm/krebs/5pkgs/simple/passwdqc-utils> {
wordset-file = pkgs.fetchurl {
wordset-file = super.pkgs.fetchurl {
url = https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c ;
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
};

50
makefu/5pkgs/dionaea/default.nix Normal file
View file

@ -0,0 +1,50 @@
{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub,
libpcap, libdnet, libevent, readline, autoconf, automake, libtool, zlib, pcre,
libev,
... }:
let
liblcfg = stdenv.mkDerivation rec {
name = "liblcfg-${version}";
version = "750bc90";
src = fetchFromGitHub {
owner = "ThomasAdam";
repo = "liblcfg";
rev = version;
sha256 = "1k3r47p81paw5802jklx9xqbjrxr26pahipxn9nq3177qhxxibkr";
};
buildInputs = with pkgs;[ autoconf automake ];
preConfigure = ''autoreconf -fi'';
sourceRoot = "${name}-src/code";
};
in stdenv.mkDerivation rec {
name = "liblcfg-${version}";
#version = "1.5c"; #original, does not compile due to libc errors
#src = fetchurl {
# url = "http://www.honeyd.org/uploads/honeyd-${version}.tar.gz";
# sha256 = "0vcih16fk5pir5ssfil8x79nvi62faw0xvk8s5klnysv111db1ii";
#};
#version = "64d087c"; # honeyd-1.6.7
# sha256 = "0zhnn13r24y1q494xcfx64vyp84zqk8qmsl41fq2674230bn0p31";
version = "6756787f94c4f1ac53d1e5545d052774a0446c04";
src = fetchFromGitHub {
owner = "rep";
repo = "dionaea";
rev = version;
sha256 = "04zjr9b7x0rqwzgb9gfxq6pclb817gz4qaghdl8xa79bqf9vv2p7";
};
buildInputs = with pkgs;[ libtool automake autoconf ];
configureFlags = [
"--with-liblcfg=${liblcfg}"
"--with-libpcap=${libpcap}"
];
meta = {
homepage = http://www.honeyd.org/;
description = "virtual Honeypots";
license = lib.licenses.gpl2;
};
}

2
makefu/5pkgs/farpd/default.nix
View file

@ -24,7 +24,7 @@ stdenv.mkDerivation rec {
zlib
coreutils
python
pythonPackages.sqlite3
pythonPackages.pysqlite
];
patches = [
( fetchurl {

30
makefu/5pkgs/libopencm3/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, stdenv, fetchFromGitHub, gcc-arm-embedded, python }:
stdenv.mkDerivation rec {
name = "libopencm-${version}";
version = "2017-04-01";
src = fetchFromGitHub {
owner = "libopencm3";
repo = "libopencm3";
rev = "383fafc862c0d47f30965f00409d03a328049278";
sha256 = "0ar67icxl39cf7yb5glx3zd5413vcs7zp1jq0gzv1napvmrv3jv9";
};
buildInputs = [ gcc-arm-embedded python ];
buildPhase = ''
sed -i 's#/usr/bin/env python#${python}/bin/python#' ./scripts/irq2nvic_h
make
'';
installPhase = ''
mkdir -p $out
cp -r lib $out/
'';
meta = {
description = "Open Source ARM cortex m microcontroller library";
homepage = https://github.com/libopencm3/libopencm3;
license = stdenv.lib.licenses.gpl2;
platforms = stdenv.lib.platforms.linux;
maintainers = with stdenv.lib.maintainers; [ makefu ];
};
}

32
makefu/5pkgs/logstash-output-exec/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ pkgs, stdenv, lib, fetchFromGitHub }:
# TODO: requires ftw ruby package
stdenv.mkDerivation rec {
name = "logstash-input-github-${version}";
version = "3.1.0";
src = fetchFromGitHub {
owner = "logstash-plugins";
repo = "logstash-output-exec";
rev = "v${version}";
sha256 = "0ix5w9l6hrbjaymkh7fzymjvpkiias3hs0l77zdpcwdaa6cz53nf";
};
dontBuild = true;
dontPatchELF = true;
dontStrip = true;
dontPatchShebangs = true;
installPhase = ''
mkdir -p $out/logstash
cp -r lib/* $out
'';
meta = with lib; {
description = "logstash output plugin";
homepage = https://github.com/logstash-plugins/logstash-output-exec;
license = stdenv.lib.licenses.asl20;
platforms = stdenv.lib.platforms.unix;
maintainers = with maintainers; [ makefu ];
};
}

20
makefu/5pkgs/mcomix/default.nix Normal file
View file

@ -0,0 +1,20 @@
{ pkgs, lib ,python2Packages, fetchurl, gtk3}:
python2Packages.buildPythonPackage rec {
name = "mcomix-${version}";
version = "1.2.1";
src = fetchurl {
url = "mirror://sourceforge/mcomix/${name}.tar.bz2";
sha256 = "0fzsf9pklhfs1rzwzj64c0v30b74nk94p93h371rpg45qnfiahvy";
};
propagatedBuildInputs = with python2Packages;
[ python2Packages.pygtk gtk3 python2Packages.pillow ];
meta = {
homepage = https://github.com/pyload/pyload;
description = "Free and Open Source download manager written in Python";
license = lib.licenses.gpl3;
maintainers = with lib.maintainers; [ makefu ];
};
}

12
makefu/5pkgs/minibar/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ lib, pkgs, fetchFromGitHub, ... }:
with pkgs.python3Packages;buildPythonPackage rec {
name = "minibar-${version}";
version = "0.5.0";
src = fetchFromGitHub {
owner = "canassa";
repo = "minibar";
rev = "c8ecd61";
sha256 = "1k718zrjd11rw93nmz2wxvhvsai6lwqfblnwjpmkpnslcdan7641";
};
}

17
makefu/5pkgs/nltk/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, pkgs, fetchFromGitHub, ... }:
with pkgs.pythonPackages;buildPythonPackage rec {
name = "nltk-${version}";
version = "3.2.1";
src = pkgs.fetchurl{
#url = "mirror://pypi/n/${name}.tar.gz";
url = "https://pypi.python.org/packages/58/85/8fa6f8c488507aab7d6234ce754bbbe61bfeb8382489785e2d764bf8f52a/${name}.tar.gz";
sha256 = "0skxbhnymwlspjkzga0f7x1hg3y50fwpfghs8g8k7fh6f4nknlym";
};
meta = {
homepage = http://nltk.org;
description = "Natural languages Toolkit";
license = lib.licenses.asl20;
};
}

1
makefu/5pkgs/novnc/default.nix
View file

@ -13,7 +13,6 @@ stdenv.mkDerivation rec {
};
p = stdenv.lib.makeBinPath [ pkgs.nettools pkgs.python27Packages.websockify
pkgs.coreutils pkgs.which pkgs.procps ];
# TODO: propagatedBuildInputs does not seem to work with shell scripts
patchPhase = ''
sed -i '1aset -efu\nexport PATH=${p}\n' utils/launch.sh
'';

12
makefu/5pkgs/programs-db/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ stdenv }:
stdenv.mkDerivation rec {
name = "programs-db";
src = builtins.fetchTarball https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz ;
phases = [ "unpackPhase" "installPhase" ];
installPhase = ''
cp programs.sqlite $out
'';
}

1
makefu/6tests/data/secrets/nsupdate-data.nix Normal file
View file

@ -0,0 +1 @@
{ "lol" = "wut"; }

1
makefu/6tests/data/secrets/shackspace-gitlab-ci-token.nix Normal file
View file

@ -0,0 +1 @@
"lol"

5
makefu/source.nix
View file

@ -11,7 +11,10 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
ref = "1e47827"; # unstable @ 2017-07-31 + graceful requests2 (a772c3aa) + libpurple bitlbee ( ce6fe1a, 65e38b7 )
ref = "9d4bd6b"; # unstable @ 2017-07-31
# + graceful requests2 (a772c3aa)
# + libpurple bitlbee ( ce6fe1a, 65e38b7 )
# + buildbot-runner ( f3cecc5 )
in
evalSource (toString _file) [