makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

Merge branch 'master' of pnp:stockholm

Browse source
This commit is contained in:
makefu 2015-11-06 22:23:46 +01:00
parent 2dcb2918d1 12597b1feb
commit 736e1426d5
19 changed files with 255 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
krebs/3modules/makefu/default.nix
View file

@ -164,6 +164,7 @@ with lib;
dc = "makefu"; #dc = "cac";
extraZones = {
"krebsco.de" = ''
euer IN A ${head nets.internet.addrs4}
wiki.euer IN A ${head nets.internet.addrs4}
wry IN A ${head nets.internet.addrs4}
io IN NS wry.krebsco.de.
@ -191,6 +192,9 @@ with lib;
"paste.retiolum"
"wry.retiolum"
"wiki.makefu.retiolum"
"wiki.wry.retiolum"
"blog.makefu.retiolum"
"blog.wry.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -240,7 +244,6 @@ with lib;
extraZones = {
"krebsco.de" = ''
euer IN A ${head nets.internet.addrs4}
share.euer IN A ${head nets.internet.addrs4}
gum IN A ${head nets.internet.addrs4}
'';

3
krebs/3modules/tv/default.nix
View file

@ -158,7 +158,8 @@ with lib;
};
};
secure = true;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILn7C3LxAs9kUynENdRNgQs4qjrhNDfXzlHTpVJt6e09";
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMPMh3nHxVcPqM+LrkK7eYxNJY1ShBXOTg1vlSR45wx";
};
ok = {
nets = {

22
krebs/5pkgs/bepasty-client-cli/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ lib, pkgs, pythonPackages, fetchurl, ... }:
with pythonPackages; buildPythonPackage rec {
name = "bepasty-client-cli-${version}";
version = "0.3.0";
propagatedBuildInputs = [
python_magic
click
requests2
];
src = fetchurl {
url = "https://pypi.python.org/packages/source/b/bepasty-client-cli/bepasty-client-cli-${version}.tar.gz";
sha256 = "002kcplyfnmr5pn2ywdfilss0rmbm8wcdzz8hzp03ksy2zr4sdbw";
};
meta = {
homepage = https://github.com/bepasty/bepasty-client-cli;
description = "CLI client for bepasty-server";
license = lib.licenses.bsd2;
};
}

7
krebs/5pkgs/krebspaste/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ writeScriptBin, pkgs }:
# TODO: use `wrapProgram --add-flags` instead?
writeScriptBin "krebspaste" ''
#! /bin/sh
exec ${pkgs.bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
''

43
krebs/5pkgs/translate-shell/default.nix Normal file
View file

@ -0,0 +1,43 @@
{stdenv, fetchurl,pkgs,... }:
let
s =
rec {
baseName="translate-shell";
version="0.9.0.9";
name="${baseName}-${version}";
url=https://github.com/soimort/translate-shell/archive/v0.9.0.9.tar.gz;
sha256="1269j4yr9dr1d8c5kmysbzfplbgdg8apqnzs5w57d29sd7gz2i34";
};
searchpath = with pkgs; stdenv.lib.makeSearchPath "bin" [
fribidi
gawk
bash
curl
less
];
buildInputs = [
pkgs.makeWrapper
];
in
stdenv.mkDerivation {
inherit (s) name version;
inherit buildInputs;
src = fetchurl {
inherit (s) url sha256;
};
# TODO: maybe mplayer
installPhase = ''
mkdir -p $out/bin
make PREFIX=$out install
wrapProgram $out/bin/trans --suffix PATH : "${searchpath}"
'';
meta = {
inherit (s) version;
description = ''translate using google api'';
license = stdenv.lib.licenses.free;
maintainers = [stdenv.lib.maintainers.makefu];
platforms = stdenv.lib.platforms.linux ;
};
}

3
krebs/default.nix
View file

@ -84,6 +84,7 @@ let out = {
cat<<EOF
# put following into config.krebs.hosts.$system:
ssh.privkey.path = <secrets/ssh.$key_type>;
ssh.pubkey = $(echo $pubkey | jq -R .);
EOF
'';
@ -178,7 +179,7 @@ let out = {
nix-path =
lib.concatStringsSep ":"
(lib.mapAttrsToList (name: _: "${name}=/root/${name}")
(lib.mapAttrsToList (name: src: "${name}=${src.target-path}")
(config.krebs.build.source.dir //
config.krebs.build.source.git));
in ''

7
makefu/1systems/wry.nix
View file

@ -8,7 +8,8 @@ let
in {
imports = [
# TODO: copy this config or move to krebs
../../tv/2configs/CAC-CentOS-7-64bit.nix
../../tv/2configs/hw/CAC.nix
../../tv/2configs/fs/CAC-CentOS-7-64bit.nix
../2configs/base.nix
../2configs/unstable-sources.nix
../2configs/headless.nix
@ -23,6 +24,8 @@ in {
# other nginx
../2configs/nginx/euer.wiki.nix
../2configs/nginx/euer.blog.nix
# collectd
../2configs/collectd/collectd-base.nix
];
@ -71,5 +74,5 @@ in {
nameservers = [ "8.8.8.8" ];
};
environment.systemPackages = [ pkgs.translate-shell ];
}

4
makefu/2configs/headless.nix
View file

@ -1,4 +1,4 @@
_:
{lib,... }:
{
sound.enable = false;
sound.enable = lib.mkForce false;
}

34
makefu/2configs/nginx/euer.blog.nix
View file

@ -5,14 +5,40 @@ let
sec = toString <secrets>;
ssl_cert = "${sec}/wildcard.krebsco.de.crt";
ssl_key = "${sec}/wildcard.krebsco.de.key";
hostname = krebs.build.host.name;
hostname = config.krebs.build.host.name;
user = config.services.nginx.user;
group = config.services.nginx.group;
external-ip = head config.krebs.build.host.nets.internet.addrs4;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
base-dir = "/var/www/blog.euer";
in {
# Prepare Blog directory
systemd.services.prepare-euer-blog = {
wantedBy = [ "local-fs.target" ];
before = [ "nginx.service" ];
serviceConfig = {
# do nothing if the base dir already exists
ExecStart = pkgs.writeScript "prepare-euer-blog-service" ''
#!/bin/sh
if ! test -d "${base-dir}" ;then
mkdir -p "${base-dir}"
chown ${user}:${group} "${base-dir}"
chmod 700 "${base-dir}"
fi
'';
Type = "oneshot";
RemainAfterExit = "yes";
TimeoutSec = "0";
};
};
krebs.nginx = {
enable = mkDefault true;
servers = {
euer-blog = {
listen = [ "80" "443 ssl" ];
server-names = [ "euer.krebsco.de" "euer.blog.krebsco.de" "blog.${hostname}" ];
listen = [ "${external-ip}:80" "${external-ip}:443 ssl"
"${internal-ip}:80" "${internal-ip}:443 ssl" ];
server-names = [ "euer.krebsco.de" "blog.euer.krebsco.de" "blog.${hostname}" ];
extraConfig = ''
gzip on;
gzip_buffers 4 32k;
@ -22,7 +48,7 @@ in {
default_type text/plain;
'';
locations = singleton (nameValuePair "/" ''
root /var/www/euer.blog/;
root ${base-dir};
'');
};
};

13
makefu/2configs/nginx/euer.wiki.nix
View file

@ -51,18 +51,21 @@ in {
serviceConfig = {
ExecStart = pkgs.writeScript "prepare-tw-service" ''
#!/bin/sh
mkdir -p "${wiki-dir}" "${backup-dir}"
if ! test -d "${base-dir}" ;then
mkdir -p "${wiki-dir}" "${backup-dir}"
# write the base configuration
cat > "${base-cfg}" <<EOF
# write the base configuration
cat > "${base-cfg}" <<EOF
[users]
$(cat "${tw-pass-file}")
[directories]
backupdir = ${backup-dir}
savedir = ${wiki-dir}
EOF
chown -R ${user}:${group} "${base-dir}"
chmod 700 -R "${base-dir}"
chown -R ${user}:${group} "${base-dir}"
chmod 700 -R "${base-dir}"
fi
'';
Type = "oneshot";
RemainAfterExit = "yes";

4
tv/1systems/cd.nix
View file

@ -10,8 +10,8 @@ with lib;
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/4z3/nixpkgs;
rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692
url = https://github.com/NixOS/nixpkgs;
rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
};
dir.secrets = {
host = config.krebs.hosts.wu;

2
tv/1systems/mkdir.nix
View file

@ -24,7 +24,7 @@ in
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
rev = "e57024f821c94caf5684964474073649b8b6356b";
rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
};
dir.secrets = {
host = config.krebs.hosts.wu;

4
tv/1systems/nomic.nix
View file

@ -10,8 +10,8 @@ with lib;
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/4z3/nixpkgs;
rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692
url = https://github.com/NixOS/nixpkgs;
rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
};
dir.secrets = {
host = config.krebs.hosts.wu;

2
tv/1systems/rmdir.nix
View file

@ -24,7 +24,7 @@ in
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
rev = "68bd8e4a9dc247726ae89cc8739574261718e328";
rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
};
dir.secrets = {
host = config.krebs.hosts.wu;

4
tv/1systems/wu.nix
View file

@ -11,7 +11,8 @@ with lib;
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
rev = "e916273209560b302ab231606babf5ce1c481f08";
rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
target-path = "/var/src/nixpkgs";
};
dir.secrets = {
host = config.krebs.hosts.wu;
@ -20,6 +21,7 @@ with lib;
dir.stockholm = {
host = config.krebs.hosts.wu;
path = "/home/tv/stockholm";
target-path = "/var/src/stockholm";
};
};

3
tv/1systems/xu.nix
View file

@ -11,7 +11,7 @@ with lib;
krebs.build.source = {
git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs;
rev = "e57024f821c94caf5684964474073649b8b6356b";
rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
};
dir.secrets = {
host = config.krebs.hosts.wu;
@ -110,7 +110,6 @@ with lib;
#minicom
#mtools
#ncmpc
#neovim
#nethogs
#nix-prefetch-scripts #cvs bug
#openssl

14
tv/2configs/base.nix
View file

@ -3,17 +3,13 @@
with builtins;
with lib;
let
# "7.4.335" -> "74"
majmin = x: concatStrings (take 2 (splitString "." x));
in
{
krebs.enable = true;
networking.hostName = config.krebs.build.host.name;
imports = [
./vim.nix
{
# stockholm dependencies
environment.systemPackages = with pkgs; [
@ -107,10 +103,8 @@ in
lAtr = "ls -lAtr";
# alias ll='ls -l'
ls = "ls -h --color=auto --group-directories-first";
# alias vim='vim -p'
# alias vi='vim'
# alias view='vim -R'
dmesg = "dmesg -L --reltime";
view = "vim -R";
};
programs.bash = {
@ -153,10 +147,6 @@ in
}
{
nixpkgs.config.packageOverrides = pkgs: {
nano = pkgs.vim;
};
services.cron.enable = false;
services.nscd.enable = false;
services.ntp.enable = false;

118
tv/2configs/vim.nix Normal file
View file

@ -0,0 +1,118 @@
{ lib, pkgs, ... }:
with lib;
let
out = {
environment.systemPackages = [
pkgs.vim
];
# Nano really is just a stupid name for Vim.
nixpkgs.config.packageOverrides = pkgs: {
nano = pkgs.vim;
};
environment.etc.vimrc.source = vimrc;
environment.variables.EDITOR = mkForce "vim";
environment.variables.VIMINIT = ":so /etc/vimrc";
};
extra-runtimepath = concatStringsSep "," [
"${pkgs.vimPlugins.undotree}/share/vim-plugins/undotree"
];
vimrc = pkgs.writeText "vimrc" ''
set nocompatible
set autoindent
set backspace=indent,eol,start
set backup
set backupdir=$HOME/.vim/backup/
set directory=$HOME/.vim/cache//
set hlsearch
set incsearch
set mouse=a
set noruler
set pastetoggle=<INS>
set runtimepath=${extra-runtimepath},$VIMRUNTIME
set shortmess+=I
set showcmd
set showmatch
set ttimeoutlen=0
set undodir=$HOME/.vim/undo
set undofile
set undolevels=1000000
set undoreload=1000000
set viminfo='20,<1000,s100,h,n$HOME/.vim/cache/info
set visualbell
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
set wildmode=longest,full
set et ts=2 sts=2 sw=2
filetype plugin indent on
set t_Co=256
colorscheme industry
syntax on
au Syntax * syn match Tabstop containedin=ALL /\t\+/
\ | hi Tabstop ctermbg=16
\ | syn match TrailingSpace containedin=ALL /\s\+$/
\ | hi TrailingSpace ctermbg=88
\ | hi Normal ctermfg=White
au BufRead,BufNewFile *.nix so ${pkgs.writeText "nix.vim" ''
setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match INT /[0-9]\+/
syn match PATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match HPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match SPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match URI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
hi link INT Constant
hi link PATH Constant
hi link HPATH Constant
hi link SPATH Constant
hi link URI Constant
syn match String /"\([^"]\|\\\"\)*"/
syn match Comment /\s#.*/
''}
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
nmap <esc>q :buffer
nmap <M-q> :buffer
cnoremap <C-A> <Home>
noremap <C-c> :q<cr>
nnoremap <esc>[5^ :tabp<cr>
nnoremap <esc>[6^ :tabn<cr>
nnoremap <esc>[5@ :tabm -1<cr>
nnoremap <esc>[6@ :tabm +1<cr>
nnoremap <f1> :tabp<cr>
nnoremap <f2> :tabn<cr>
inoremap <f1> <esc>:tabp<cr>
inoremap <f2> <esc>:tabn<cr>
" <C-{Up,Down,Right,Left>
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
" <[C]S-{Up,Down,Right,Left>
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
vnoremap u <nop>
'';
in
out

3
tv/4lib/default.nix
View file

@ -6,9 +6,6 @@ lib // rec {
inherit lib pkgs;
};
# "7.4.335" -> "74"
majmin = with lib; x : concatStrings (take 2 (splitString "." x));
# TODO deprecate shell-escape for lass
shell-escape = lib.shell.escape;
}