From cef765bc1068b71e863f47144ee3795d43d7210f Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 17 May 2017 11:50:17 +0200
Subject: [PATCH 01/24] m 3 taskserver: rip
---
makefu/3modules/default.nix | 1 -
makefu/3modules/taskserver.nix | 60 ----------------------------------
2 files changed, 61 deletions(-)
delete mode 100644 makefu/3modules/taskserver.nix
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 546fed109..2981e0fa3 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -11,7 +11,6 @@ _:
./logging-config.nix
./server-config.nix
./snapraid.nix
- ./taskserver.nix
./torrent.nix
./udpt.nix
./umts.nix
diff --git a/makefu/3modules/taskserver.nix b/makefu/3modules/taskserver.nix
deleted file mode 100644
index 40a18fe05..000000000
--- a/makefu/3modules/taskserver.nix
+++ /dev/null
@@ -1,60 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-let
- cfg = config.makefu.taskserver;
-
- out = {
- options.makefu.taskserver = api;
- config = lib.mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "taskserver";
-
- workingDir = mkOption {
- type = types.str;
- default = "/var/lib/taskserver";
- };
-
- package = mkOption {
- type = types.package;
- default = pkgs.taskserver;
- };
-
-
- };
-
- imp = {
- environment.systemPackages = [ cfg.package ];
- systemd.services.taskserver = {
- description = "taskd server";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
- restartIfChanged = true;
- unitConfig = {
- Documentation = "http://taskwarrior.org/docs/#taskd" ;
- # https://taskwarrior.org/docs/taskserver/configure.html
- ConditionPathExists = "${cfg.workingDir}/config";
- };
- serviceConfig = {
- Type = "simple";
- ExecStart = "${cfg.package}/bin/taskd server --data ${cfg.workingDir}";
- WorkingDirectory = cfg.workingDir;
- # PrivateTmp = true;
- # InaccessibleDirectories = "/home /boot /opt /mnt /media";
- User = "taskd";
- };
- };
-
- users.users.taskd = {
- uid = genid "taskd";
- home = cfg.workingDir;
- createHome = true;
- };
- users.groups.taskd.gid = genid "taskd";
- };
-
-in
-out
-
From a16ec260c6005536ba8d73e38be2aa55b314c80f Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 19 May 2017 11:53:44 +0200
Subject: [PATCH 02/24] m 2 zsh: enable autocompletion for nix commands
---
makefu/2configs/zsh-user.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/makefu/2configs/zsh-user.nix b/makefu/2configs/zsh-user.nix
index 0f904fe3d..453bfbe80 100644
--- a/makefu/2configs/zsh-user.nix
+++ b/makefu/2configs/zsh-user.nix
@@ -44,4 +44,8 @@ in
fi
'';
};
+
+ krebs.per-user.${mainUser}.packages = [
+ pkgs.nix-zsh-completions
+ ];
}
From 7383125f6b0f0d7965ea389234a4a4d9da8151f3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 19 May 2017 11:54:37 +0200
Subject: [PATCH 03/24] m 2 time-machine: init
---
makefu/2configs/time-machine.nix | 31 +++++++++++++++++++++++++++++++
1 file changed, 31 insertions(+)
create mode 100644 makefu/2configs/time-machine.nix
diff --git a/makefu/2configs/time-machine.nix b/makefu/2configs/time-machine.nix
new file mode 100644
index 000000000..90d44e540
--- /dev/null
+++ b/makefu/2configs/time-machine.nix
@@ -0,0 +1,31 @@
+let
+ time-machine-path = "/media/crypt2/backup/time-machine/misa";
+in {
+ networking.firewall.allowedTCPPorts = [
+ 548 # netatalk
+ ];
+
+ services = {
+ netatalk = {
+ enable = true;
+
+ volumes = {
+ "misa-time-machine" = {
+ "time machine" = "yes";
+ path = time-machine-path;
+ "valid users" = "misa";
+ };
+ };
+ };
+
+ avahi = {
+ enable = true;
+ nssmdns = true;
+
+ publish = {
+ enable = true;
+ userServices = true;
+ };
+ };
+ };
+}
From d9d7f7fd32295a3208ace7c2c1cdfaf61ab70f04 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:48:14 +0200
Subject: [PATCH 04/24] m 2 aralast: init
---
makefu/2configs/logging/external/aralast.nix | 38 ++++++++++++++++++++
1 file changed, 38 insertions(+)
create mode 100644 makefu/2configs/logging/external/aralast.nix
diff --git a/makefu/2configs/logging/external/aralast.nix b/makefu/2configs/logging/external/aralast.nix
new file mode 100644
index 000000000..c335db454
--- /dev/null
+++ b/makefu/2configs/logging/external/aralast.nix
@@ -0,0 +1,38 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ pkg = pkgs.stdenv.mkDerivation {
+ name = "aralast-master";
+ src = pkgs.fetchFromGitHub {
+ owner = "makefu";
+ repo = "aralast";
+ rev = "7121598";
+ sha256 = "0vw027c698h9b69ksid5p3pji9960hd7n9xi4arrax0vfkwryb4m";
+ };
+ installPhase = ''
+ install -m755 -D aralast.sh $out/bin/aralast
+ '';
+ };
+in {
+ systemd.services.aralast = {
+ description = "periodically fetch aramark";
+ path = [
+ pkgs.curl
+ pkgs.gnugrep
+ pkgs.gnused
+ ];
+ wantedBy = [ "multi-user.target" ];
+ environment = {
+ INFLUX_HOST = "localhost";
+ INFLUX_PORT = "8086";
+ };
+ # every 10 seconds when the cantina is open
+ startAt = "Mon,Tue,Wed,Thu,Fri *-*-* 6,7,8,9,10,11,12,13,14,15:*:0/10";
+ serviceConfig = {
+ User = "nobody";
+ ExecStart = "${pkg}/bin/aralast";
+ PrivateTmp = true;
+ };
+ };
+}
From c29ba49d3dba4386ee90e784912d38b37e63efa6 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:49:34 +0200
Subject: [PATCH 05/24] m 2 central-stats-server: redirect
http://stats.makefu.r to grafana
---
makefu/2configs/logging/central-stats-server.nix | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/logging/central-stats-server.nix b/makefu/2configs/logging/central-stats-server.nix
index 4f7961f32..602fcc6d0 100644
--- a/makefu/2configs/logging/central-stats-server.nix
+++ b/makefu/2configs/logging/central-stats-server.nix
@@ -12,7 +12,9 @@ in {
services.grafana.addr = "0.0.0.0";
services.influxdb.enable = true;
-
+ # redirect grafana to stats.makefu.r
+ services.nginx.enable = true;
+ services.nginx.virtualHosts."stats.makefu.r".locations."/".proxyPass = "http://localhost:3000";
# forward these via nginx
services.influxdb.extraConfig = {
meta.hostname = config.krebs.build.host.name;
From ce43883b50db14453c21da35c8a6bd50422cfe06 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:51:12 +0200
Subject: [PATCH 06/24] m 2 jack-on-pulse: start as systemd user service
---
makefu/2configs/audio/jack-on-pulse.nix | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/makefu/2configs/audio/jack-on-pulse.nix b/makefu/2configs/audio/jack-on-pulse.nix
index 09d03ea9f..49b61d5a2 100644
--- a/makefu/2configs/audio/jack-on-pulse.nix
+++ b/makefu/2configs/audio/jack-on-pulse.nix
@@ -2,6 +2,7 @@
let
pulse = pkgs.pulseaudioFull;
user = config.makefu.gui.user;
+ wait_time = 30;
in
{
sound.enable = true;
@@ -13,16 +14,17 @@ in
environment.systemPackages = with pkgs; [ jack2Full ];
# from http://anderspapitto.com/posts/2015-11-26-overtone-on-nixos-with-jack-and-pulseaudio.html
- systemd.services = {
+ systemd.user.services = {
jackdbus = {
description = "Runs jack, and points pulseaudio at it";
serviceConfig = {
- User = user;
Type = "oneshot";
ExecStart = pkgs.writeScript "start_jack.sh" ''
#! ${pkgs.bash}/bin/bash
. ${config.system.build.setEnvironment}
- sleep 5 # wait for the gui to load
+
+ # TODO: correctly wait for pulseaudio, cannot use pulseaudio.service
+ sleep ${toString wait_time} # wait for the gui to load
${pkgs.jack2Full}/bin/jack_control start
sleep 3 # give some time for sources/sinks to be created
@@ -37,9 +39,11 @@ in
${pkgs.jack2Full}/bin/jack_control stop
'';
RemainAfterExit = true;
+ Restart = "always";
+ RestartSec = "5";
};
- after = [ "display-manager.service" "sound.target" ];
- wantedBy = [ "multi-user.target" ];
+ # after = [ "display-manager.service" "sound.target" ];
+ wantedBy = [ "default.target" ];
};
};
}
From 01d31cb57ddcb38d64f1eeedc25ca70ad5913e4c Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:51:36 +0200
Subject: [PATCH 07/24] m 2 led-fader: wait for mosquitto if defined locally
---
makefu/2configs/deployment/led-fader.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix
index a18416497..e4d62ae77 100644
--- a/makefu/2configs/deployment/led-fader.nix
+++ b/makefu/2configs/deployment/led-fader.nix
@@ -29,7 +29,8 @@ in {
environment = {
NIX_PATH = "/var/src";
};
- wantedBy = [ "multi-user.target" ];
+ after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ];
+ wantedBy = [ "multi-user.target" ];
serviceConfig = {
# User = "nobody"; # need a user with permissions to run nix-shell
ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json";
From b69647ac17b782fee1dfc3788bd2900a9a33b732 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:51:58 +0200
Subject: [PATCH 08/24] s wolf: enable influx for rash
---
shared/1systems/wolf.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index 75307be12..ebe393c90 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -19,6 +19,8 @@ in
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
+ services.influxdb.enable = true;
+
# local discovery in shackspace
nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
krebs.tinc.retiolum.extraConfig = "TCPOnly = yes";
@@ -46,6 +48,7 @@ in
networking = {
firewall.enable = false;
+ firewall.allowedTCPPorts = [ 8088 8086 8083 ];
interfaces.enp0s3.ip4 = [{
address = shack-ip;
prefixLength = 20;
From 00f5855223ecda48979314eeb550b5885e418a00 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:52:37 +0200
Subject: [PATCH 09/24] m 2 games: include games-user-env
---
makefu/2configs/tools/games.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/2configs/tools/games.nix b/makefu/2configs/tools/games.nix
index 34c686451..47f06287b 100644
--- a/makefu/2configs/tools/games.nix
+++ b/makefu/2configs/tools/games.nix
@@ -3,5 +3,6 @@
{
krebs.per-user.makefu.packages = with pkgs; [
steam
+ games-user-env
];
}
From 54ca947fe1f918d1b62d479df308637d60a3143b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:53:08 +0200
Subject: [PATCH 10/24] m 2 wiki-irc-bot: move to subdir, add patch
---
.../default.nix} | 7 ++++-
.../wiki-irc-bot/irc-out-notice.patch | 26 +++++++++++++++++++
2 files changed, 32 insertions(+), 1 deletion(-)
rename makefu/2configs/deployment/{wiki-irc.nix => wiki-irc-bot/default.nix} (85%)
create mode 100644 makefu/2configs/deployment/wiki-irc-bot/irc-out-notice.patch
diff --git a/makefu/2configs/deployment/wiki-irc.nix b/makefu/2configs/deployment/wiki-irc-bot/default.nix
similarity index 85%
rename from makefu/2configs/deployment/wiki-irc.nix
rename to makefu/2configs/deployment/wiki-irc-bot/default.nix
index dc7c8afe8..7ab31e698 100644
--- a/makefu/2configs/deployment/wiki-irc.nix
+++ b/makefu/2configs/deployment/wiki-irc-bot/default.nix
@@ -4,6 +4,10 @@ with lib;
let
port = 18872;
in {
+ nixpkgs.config.packageOverrides = pkgs: with pkgs; {
+ logstash = pkgs.stdenv.lib.overrideDerivation pkgs.logstash (old: {
+ patches = [ ./irc-out-notice.patch ]; });
+ };
services.logstash = {
enable = true;
inputConfig = ''
@@ -40,10 +44,11 @@ in {
file { path => "/tmp/logs.json" codec => "json_lines" }
if [output] {
irc {
- channels => [ "#nixos" , "#krebs" ]
+ channels => [ "#krebs", "#nixos" ]
host => "irc.freenode.net"
nick => "nixos-users-wiki"
format => "%{output}"
+ notice => true
}
}
'';
diff --git a/makefu/2configs/deployment/wiki-irc-bot/irc-out-notice.patch b/makefu/2configs/deployment/wiki-irc-bot/irc-out-notice.patch
new file mode 100644
index 000000000..040643f81
--- /dev/null
+++ b/makefu/2configs/deployment/wiki-irc-bot/irc-out-notice.patch
@@ -0,0 +1,26 @@
+index b63339d..8c8c747 100644
+--- a/vendor/bundle/jruby/1.9/gems/logstash-output-irc-2.0.4/lib/logstash/outputs/irc.rb
++++ b/vendor/bundle/jruby/1.9/gems/logstash-output-irc-2.0.4/lib/logstash/outputs/irc.rb
+@@ -48,6 +48,9 @@ class LogStash::Outputs::Irc < LogStash::Outputs::Base
+ # Static string after event
+ config :post_string, :validate => :string, :required => false
+
++ # Set this to true to send messages as notice
++ config :notice, :validate => :boolean, :default => false
++
+ public
+
+ def inject_bot(bot)
+@@ -90,9 +93,9 @@ class LogStash::Outputs::Irc < LogStash::Outputs::Base
+
+ @bot.channels.each do |channel|
+ @logger.debug("Sending to...", :channel => channel, :text => text)
+- channel.msg(pre_string) if !@pre_string.nil?
+- channel.msg(text)
+- channel.msg(post_string) if !@post_string.nil?
++ channel.send(pre_string, :notice => @notice) if !@pre_string.nil?
++ channel.send(text, :notice => @notice)
++ channel.send(post_string, :notice => @notice) if !@post_string.nil?
+ end # channels.each
+ end # def receive
+ end # class LogStash::Outputs::Irc
From b4289416165428a490542784b0ee418d85c85226 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 10:53:50 +0200
Subject: [PATCH 11/24] m 1 gum: use upstream taskserver config
---
makefu/1systems/gum.nix | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 92c446212..ddff9f783 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -48,8 +48,18 @@ in {
../2configs/deployment/mycube.connector.one.nix
../2configs/deployment/graphs.nix
../2configs/deployment/owncloud.nix
- ../2configs/deployment/wiki-irc.nix
+ ../2configs/deployment/wiki-irc-bot
../2configs/deployment/boot-euer.nix
+ {
+ services.taskserver.enable = true;
+ services.taskserver.fqdn = config.krebs.build.host.name;
+ services.taskserver.listenHost = "::";
+ services.taskserver.organisations.home.users = [ "makefu" ];
+ networking.firewall.extraCommands = ''
+ iptables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT
+ ip6tables -A INPUT -i retiolum -p tcp --dport 53589 -j ACCEPT
+ '';
+ }
# ../2configs/ipfs.nix
../2configs/syncthing.nix
@@ -78,7 +88,6 @@ in {
];
};
- makefu.taskserver.enable = true;
# access
@@ -122,6 +131,8 @@ in {
21031
# taskserver
53589
+ # temp vnc
+ 18001
];
allowedUDPPorts = [
# tinc
From 243d33abe350a1a7b41a7f2c6106fd5b92bde4c8 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Wed, 24 May 2017 16:53:57 +0200
Subject: [PATCH 12/24] m 2 gui/base: euro-sign
---
makefu/2configs/gui/base.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix
index bf6bef29d..0247010b1 100644
--- a/makefu/2configs/gui/base.nix
+++ b/makefu/2configs/gui/base.nix
@@ -24,7 +24,7 @@ in
enable = true;
layout = "us";
xkbVariant = "altgr-intl";
- xkbOptions = "ctrl:nocaps";
+ xkbOptions = "ctrl:nocaps, eurosign:e";
windowManager = {
awesome.enable = true;
From 0c92dd719a46139523f6e353c354871bd78024a4 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 25 May 2017 23:19:36 +0200
Subject: [PATCH 13/24] m 2: rename stats and share
---
makefu/1systems/gum.nix | 6 +++---
makefu/1systems/omo.nix | 13 ++++++++-----
.../{central-logging-client.nix => client.nix} | 0
.../{central-logging-server.nix => server.nix} | 0
makefu/2configs/{gum-share.nix => share/gum.nix} | 0
makefu/2configs/{omo-share.nix => share/omo.nix} | 0
makefu/2configs/{ => share}/temp-share-samba.nix | 0
.../central-stats-client.nix => stats/client.nix} | 0
.../{logging => stats}/external/aralast.nix | 0
.../central-stats-server.nix => stats/server.nix} | 0
10 files changed, 11 insertions(+), 8 deletions(-)
rename makefu/2configs/logging/{central-logging-client.nix => client.nix} (100%)
rename makefu/2configs/logging/{central-logging-server.nix => server.nix} (100%)
rename makefu/2configs/{gum-share.nix => share/gum.nix} (100%)
rename makefu/2configs/{omo-share.nix => share/omo.nix} (100%)
rename makefu/2configs/{ => share}/temp-share-samba.nix (100%)
rename makefu/2configs/{logging/central-stats-client.nix => stats/client.nix} (100%)
rename makefu/2configs/{logging => stats}/external/aralast.nix (100%)
rename makefu/2configs/{logging/central-stats-server.nix => stats/server.nix} (100%)
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index ddff9f783..fb4fac3f7 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -32,7 +32,7 @@ in {
../2configs/tools/sec.nix
# services
- ../2configs/gum-share.nix
+ ../2configs/share/gum.nix
../2configs/sabnzbd.nix
../2configs/torrent.nix
../2configs/iodined.nix
@@ -64,8 +64,8 @@ in {
../2configs/syncthing.nix
# ../2configs/opentracker.nix
- ../2configs/logging/central-stats-client.nix
- # ../2configs/logging/central-logging-client.nix
+ ../2configs/stats/client.nix
+ # ../2configs/logging/client.nix
];
makefu.dl-dir = "/var/download";
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index 91785a078..0f1b8e0da 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -50,11 +50,13 @@ in {
# ../2configs/disable_v6.nix
#../2configs/graphite-standalone.nix
#../2configs/share-user-sftp.nix
- ../2configs/omo-share.nix
+ ../2configs/share/omo.nix
../2configs/tinc/retiolum.nix
- ../2configs/logging/central-stats-server.nix
- # ../2configs/logging/central-logging-server.nix
- ../2configs/logging/central-stats-client.nix
+
+ # Logging
+ ../2configs/stats/server.nix #influx + grafana
+ ../2configs/stats/client.nix
+ ../2configs/stats/external/aralast.nix # logs to influx
# services
../2configs/syncthing.nix
@@ -180,7 +182,8 @@ in {
uid = 9002;
name = "misa";
};
- hardware.enableAllFirmware = true;
+ # hardware.enableAllFirmware = true;
+ hardware.enableRedistributableFirmware = true;
hardware.cpu.intel.updateMicrocode = true;
zramSwap.enable = true;
diff --git a/makefu/2configs/logging/central-logging-client.nix b/makefu/2configs/logging/client.nix
similarity index 100%
rename from makefu/2configs/logging/central-logging-client.nix
rename to makefu/2configs/logging/client.nix
diff --git a/makefu/2configs/logging/central-logging-server.nix b/makefu/2configs/logging/server.nix
similarity index 100%
rename from makefu/2configs/logging/central-logging-server.nix
rename to makefu/2configs/logging/server.nix
diff --git a/makefu/2configs/gum-share.nix b/makefu/2configs/share/gum.nix
similarity index 100%
rename from makefu/2configs/gum-share.nix
rename to makefu/2configs/share/gum.nix
diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/share/omo.nix
similarity index 100%
rename from makefu/2configs/omo-share.nix
rename to makefu/2configs/share/omo.nix
diff --git a/makefu/2configs/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix
similarity index 100%
rename from makefu/2configs/temp-share-samba.nix
rename to makefu/2configs/share/temp-share-samba.nix
diff --git a/makefu/2configs/logging/central-stats-client.nix b/makefu/2configs/stats/client.nix
similarity index 100%
rename from makefu/2configs/logging/central-stats-client.nix
rename to makefu/2configs/stats/client.nix
diff --git a/makefu/2configs/logging/external/aralast.nix b/makefu/2configs/stats/external/aralast.nix
similarity index 100%
rename from makefu/2configs/logging/external/aralast.nix
rename to makefu/2configs/stats/external/aralast.nix
diff --git a/makefu/2configs/logging/central-stats-server.nix b/makefu/2configs/stats/server.nix
similarity index 100%
rename from makefu/2configs/logging/central-stats-server.nix
rename to makefu/2configs/stats/server.nix
From e086914ce0cbe09a100475149ae9730b58d1222d Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 25 May 2017 23:21:20 +0200
Subject: [PATCH 14/24] s: enable save-diskspace
---
shared/1systems/wolf.nix | 2 ++
shared/2configs/default.nix | 2 +-
shared/2configs/save-diskspace.nix | 11 +++++++++++
3 files changed, 14 insertions(+), 1 deletion(-)
create mode 100644 shared/2configs/save-diskspace.nix
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index ebe393c90..c6cc2f81c 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -15,6 +15,7 @@ in
../2configs/shared-buildbot.nix
../2configs/share-shack.nix
../2configs/central-stats-client.nix
+ ../2configs/save-diskspace.nix
];
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
@@ -86,4 +87,5 @@ in
];
time.timeZone = "Europe/Berlin";
+ sound.enable = false;
}
diff --git a/shared/2configs/default.nix b/shared/2configs/default.nix
index e7f600cd0..894f8a997 100644
--- a/shared/2configs/default.nix
+++ b/shared/2configs/default.nix
@@ -11,7 +11,7 @@ with import <stockholm/lib>;
nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix";
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
- ref = "22da5d02466ffe465735986d705675982f3646a0"; # nixos-17.03 @ 2017-05-13
+ ref = "58e227052d40021d82d015f3f8da011ae54ea430"; # nixos-17.03 @ 2017-05-24
};
secrets.file =
if getEnv "dummy_secrets" == "true"
diff --git a/shared/2configs/save-diskspace.nix b/shared/2configs/save-diskspace.nix
new file mode 100644
index 000000000..ab074c750
--- /dev/null
+++ b/shared/2configs/save-diskspace.nix
@@ -0,0 +1,11 @@
+{lib, ... }:
+# TODO: do not check out nixpkgs master but fetch revision from github
+{
+ environment.noXlibs = true;
+ nix.gc.automatic = true;
+ nix.gc.dates = lib.mkDefault "03:10";
+ programs.info.enable = false;
+ programs.man.enable = false;
+ services.journald.extraConfig = "SystemMaxUse=50M";
+ services.nixosManual.enable = false;
+}
From 6e93f661e0b31c95f69d1bd3a6f208d26e3e0958 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 29 May 2017 10:52:58 +0200
Subject: [PATCH 15/24] l 2 nixpkgs: f469354 -> f8dfdd7
---
lass/2configs/nixpkgs.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index c6620afaa..a3916a2ea 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://cgit.lassul.us/nixpkgs;
- ref = "f469354";
+ ref = "f8dfdd7";
};
}
From 21d92086fe00c7369fde3951f92e9f73f4c05ee9 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 30 May 2017 10:06:04 +0200
Subject: [PATCH 16/24] l: move Reaktor coders config to 2configs
---
lass/1systems/prism.nix | 99 +-----------------------------------
lass/2configs/coders-irc.nix | 92 +++++++++++++++++++++++++++++++++
2 files changed, 93 insertions(+), 98 deletions(-)
create mode 100644 lass/2configs/coders-irc.nix
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 01cfe5414..02054a8e5 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }:
-
with import <stockholm/lib>;
let
@@ -46,6 +45,7 @@ in {
../2configs/monitoring/monit-alarms.nix
../2configs/paste.nix
../2configs/syncthing.nix
+ ../2configs/coders-irc.nix
{
imports = [
../2configs/bepasty.nix
@@ -253,103 +253,6 @@ in {
{ v6 = false; precedence = 1000; predicate = "-d 192.168.122.24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
];
}
- {
- krebs.Reaktor.coders = {
- nickname = "Reaktor|lass";
- channels = [ "#coders" "#germany" ];
- extraEnviron = {
- REAKTOR_HOST = "irc.hackint.org";
- };
- plugins = with pkgs.ReaktorPlugins; let
-
- lambdabot = (import (pkgs.fetchFromGitHub {
- owner = "NixOS"; repo = "nixpkgs";
- rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
- sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
- }) {}).lambdabot;
-
- lambdabotflags = ''
- -XStandaloneDeriving -XGADTs -XFlexibleContexts \
- -XFlexibleInstances -XMultiParamTypeClasses \
- -XOverloadedStrings -XFunctionalDependencies \'';
- in [
- url-title
- (buildSimpleReaktorPlugin "lambdabot-pl" {
- pattern = "^@pl (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-pl" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@pl $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-type" {
- pattern = "^@type (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-type" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@type $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-let" {
- pattern = "^@let (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-let" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@let $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-run" {
- pattern = "^@run (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-run" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@run $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-kind" {
- pattern = "^@kind (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-kind" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@kind $1"
- '';
- })
- (buildSimpleReaktorPlugin "lambdabot-kind" {
- pattern = "^@kind (?P<args>.*)$$";
- script = pkgs.writeDash "lambda-kind" ''
- exec ${lambdabot}/bin/lambdabot \
- ${indent lambdabotflags}
- -e "@kind $1"
- '';
- })
- (buildSimpleReaktorPlugin "random-unicorn-porn" {
- pattern = "^!rup$$";
- script = pkgs.writePython2 "rup" ''
- #!${pkgs.python2}/bin/python
- t1 = """
- _.
- ;=',_ ()
- 8===D~~ S" .--`||
- sS \__ ||
- __.' ( \-->||
- _=/ _./-\/ ||
- 8===D~~ ((\( /-' -'l ||
- ) |/ \\ (_))
- \\ \\
- '~ '~
- """
- print(t1)
- '';
- })
- (buildSimpleReaktorPlugin "ping" {
- pattern = "^!ping (?P<args>.*)$$";
- script = pkgs.writeDash "ping" ''
- exec /var/setuid-wrappers/ping -q -c1 "$1" 2>&1 | tail -1
- '';
- })
- ];
- };
- }
{
krebs.Reaktor.prism = {
nickname = "Reaktor|lass";
diff --git a/lass/2configs/coders-irc.nix b/lass/2configs/coders-irc.nix
new file mode 100644
index 000000000..61cc7cfe0
--- /dev/null
+++ b/lass/2configs/coders-irc.nix
@@ -0,0 +1,92 @@
+{ config, lib, pkgs, ... }:
+with import <stockholm/lib>;
+
+{
+ krebs.Reaktor.coders = {
+ nickname = "Reaktor|lass";
+ channels = [ "#coders" "#germany" ];
+ extraEnviron = {
+ REAKTOR_HOST = "irc.hackint.org";
+ };
+ plugins = with pkgs.ReaktorPlugins; let
+
+ lambdabot = (import (pkgs.fetchFromGitHub {
+ owner = "NixOS"; repo = "nixpkgs";
+ rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
+ sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
+ }) {}).lambdabot;
+
+ lambdabotflags = ''
+ -XStandaloneDeriving -XGADTs -XFlexibleContexts \
+ -XFlexibleInstances -XMultiParamTypeClasses \
+ -XOverloadedStrings -XFunctionalDependencies \'';
+ in [
+ url-title
+ (buildSimpleReaktorPlugin "lambdabot-pl" {
+ pattern = "^@pl (?P<args>.*)$$";
+ script = pkgs.writeDash "lambda-pl" ''
+ exec ${lambdabot}/bin/lambdabot \
+ ${indent lambdabotflags}
+ -e "@pl $1"
+ '';
+ })
+ (buildSimpleReaktorPlugin "lambdabot-type" {
+ pattern = "^@type (?P<args>.*)$$";
+ script = pkgs.writeDash "lambda-type" ''
+ exec ${lambdabot}/bin/lambdabot \
+ ${indent lambdabotflags}
+ -e "@type $1"
+ '';
+ })
+ (buildSimpleReaktorPlugin "lambdabot-let" {
+ pattern = "^@let (?P<args>.*)$$";
+ script = pkgs.writeDash "lambda-let" ''
+ exec ${lambdabot}/bin/lambdabot \
+ ${indent lambdabotflags}
+ -e "@let $1"
+ '';
+ })
+ (buildSimpleReaktorPlugin "lambdabot-run" {
+ pattern = "^@run (?P<args>.*)$$";
+ script = pkgs.writeDash "lambda-run" ''
+ exec ${lambdabot}/bin/lambdabot \
+ ${indent lambdabotflags}
+ -e "@run $1"
+ '';
+ })
+ (buildSimpleReaktorPlugin "lambdabot-kind" {
+ pattern = "^@kind (?P<args>.*)$$";
+ script = pkgs.writeDash "lambda-kind" ''
+ exec ${lambdabot}/bin/lambdabot \
+ ${indent lambdabotflags}
+ -e "@kind $1"
+ '';
+ })
+ (buildSimpleReaktorPlugin "random-unicorn-porn" {
+ pattern = "^!rup$$";
+ script = pkgs.writePython2 "rup" ''
+ #!${pkgs.python2}/bin/python
+ t1 = """
+ _.
+ ;=',_ ()
+ 8===D~~ S" .--`||
+ sS \__ ||
+ __.' ( \-->||
+ _=/ _./-\/ ||
+ 8===D~~ ((\( /-' -'l ||
+ ) |/ \\ (_))
+ \\ \\
+ '~ '~
+ """
+ print(t1)
+ '';
+ })
+ (buildSimpleReaktorPlugin "ping" {
+ pattern = "^!ping (?P<args>.*)$$";
+ script = pkgs.writeDash "ping" ''
+ exec /var/setuid-wrappers/ping -q -c1 "$1" 2>&1 | tail -1
+ '';
+ })
+ ];
+ };
+}
From 90822f64e0bf247c5cca2f035077553cac5ceb79 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 09:21:20 +0200
Subject: [PATCH 17/24] shared: move shack config to shack/
---
makefu/2configs/deployment/hound/default.nix | 24 +++++++++++
shared/1systems/wolf.nix | 19 +++++----
.../drivedroid.nix} | 0
shared/2configs/shack/mqtt_sub.nix | 34 +++++++++++++++
shared/2configs/shack/muell_caller.nix | 41 +++++++++++++++++++
.../nix-cacher.nix} | 0
.../{share-shack.nix => shack/share.nix} | 0
7 files changed, 111 insertions(+), 7 deletions(-)
create mode 100644 makefu/2configs/deployment/hound/default.nix
rename shared/2configs/{shack-drivedroid.nix => shack/drivedroid.nix} (100%)
create mode 100644 shared/2configs/shack/mqtt_sub.nix
create mode 100644 shared/2configs/shack/muell_caller.nix
rename shared/2configs/{shack-nix-cacher.nix => shack/nix-cacher.nix} (100%)
rename shared/2configs/{share-shack.nix => shack/share.nix} (100%)
diff --git a/makefu/2configs/deployment/hound/default.nix b/makefu/2configs/deployment/hound/default.nix
new file mode 100644
index 000000000..9e8f88895
--- /dev/null
+++ b/makefu/2configs/deployment/hound/default.nix
@@ -0,0 +1,24 @@
+{ config, pkgs, ... }:
+{
+ services.nginx.virtualHosts."wikisearch.krebsco.de".locations."/".proxyPass = "http://localhost:6080";
+ services.hound = {
+ enable = true;
+ listen = "127.0.0.1:6080";
+ # package = pkgs.hound.overrideDerivation(oldAttrs: {
+ # patches = [ ./keep-repo.patch ];
+ # });
+ config = ''{
+ "max-concurrent-indexers" : 2,
+ "dbpath" : "${config.services.hound.home}/data",
+ "repos" : {
+ "nixos-users-wiki": {
+ "url" : "https://github.com/nixos-users/wiki.wiki.git",
+ "url-pattern" : {
+ "base-url" : "{url}/{path}"
+ }
+ }
+ }
+ }'';
+ };
+
+}
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index c6cc2f81c..9acc5894b 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -6,16 +6,21 @@ in
imports = [
../.
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
- ../2configs/cgit-mirror.nix
../2configs/collectd-base.nix
- ../2configs/graphite.nix
- ../2configs/repo-sync.nix
- ../2configs/shack-drivedroid.nix
- ../2configs/shack-nix-cacher.nix
- ../2configs/shared-buildbot.nix
- ../2configs/share-shack.nix
+ ../2configs/shack/share.nix
../2configs/central-stats-client.nix
../2configs/save-diskspace.nix
+
+ ../2configs/cgit-mirror.nix
+ ../2configs/graphite.nix
+ ../2configs/repo-sync.nix
+ ../2configs/shared-buildbot.nix
+ ../2configs/shack/drivedroid.nix
+ ../2configs/shack/nix-cacher.nix
+
+ ../2configs/shack/mqtt_sub.nix
+ ../2configs/shack/muell_caller.nix
+
];
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack/drivedroid.nix
similarity index 100%
rename from shared/2configs/shack-drivedroid.nix
rename to shared/2configs/shack/drivedroid.nix
diff --git a/shared/2configs/shack/mqtt_sub.nix b/shared/2configs/shack/mqtt_sub.nix
new file mode 100644
index 000000000..dafa06ba9
--- /dev/null
+++ b/shared/2configs/shack/mqtt_sub.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ pkg = pkgs.stdenv.mkDerivation {
+ name = "mqtt2graphite-2017-05-29";
+ src = pkgs.fetchgit {
+ url = "https://github.com/shackspace/mqtt2graphite/";
+ rev = "8c060e6";
+ sha256 = "06x7a1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg";
+ };
+ buildInputs = [
+ (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
+ docopt
+ paho-mqtt
+ ]))
+ ];
+ installPhase = ''
+ install -m755 -D sub.py $out/bin/sub
+ install -m755 -D sub2.py $out/bin/sub-new
+ '';
+ };
+in {
+ systemd.services.mqtt_sub = {
+ description = "subscribe to mqtt, send to graphite";
+ # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "nobody";
+ ExecStart = "${pkg}/bin/sub-new";
+ PrivateTmp = true;
+ };
+ };
+}
diff --git a/shared/2configs/shack/muell_caller.nix b/shared/2configs/shack/muell_caller.nix
new file mode 100644
index 000000000..613ed2e4f
--- /dev/null
+++ b/shared/2configs/shack/muell_caller.nix
@@ -0,0 +1,41 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ pkg = pkgs.stdenv.mkDerivation {
+ name = "muell_caller-2017-06-01";
+ src = pkgs.fetchgit {
+ url = "https://github.com/shackspace/muell_caller/";
+ rev = "bbd4009";
+ sha256 = "06xaa1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg";
+ };
+ buildInputs = [
+ (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
+ docopt
+ requests
+ paramiko
+ python
+ ]))
+ ];
+ installPhase = ''
+ install -m755 -D call.py $out/bin/call-muell
+ '';
+ };
+ cfg = "${toString <secrets>}/tell.json";
+in {
+ systemd.services.mqtt_sub = {
+ description = "call muell";
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "nobody"; # TODO separate user
+ ExecStartPre = writeDash "call-muell-pre" ''
+ cp ${cfg} /tmp/tell.json
+ chown nobody /tmp/tell.json
+ '';
+ ExecStart = "${pkg}/bin/call-muell --cfg /tmp/tell.json --mode mpd loop 60";
+ Restart = "always";
+ PrivateTmp = true;
+ PermissionsStartOnly = true;
+ };
+ };
+}
diff --git a/shared/2configs/shack-nix-cacher.nix b/shared/2configs/shack/nix-cacher.nix
similarity index 100%
rename from shared/2configs/shack-nix-cacher.nix
rename to shared/2configs/shack/nix-cacher.nix
diff --git a/shared/2configs/share-shack.nix b/shared/2configs/shack/share.nix
similarity index 100%
rename from shared/2configs/share-shack.nix
rename to shared/2configs/shack/share.nix
From bb4c3d978a59f6efa5e6084afd55cd3e4f708a56 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 10:12:43 +0200
Subject: [PATCH 18/24] m: add hound to omo, wikisearch.krebsco.de
---
krebs/3modules/makefu/default.nix | 2 ++
makefu/1systems/gum.nix | 1 +
makefu/2configs/deployment/hound/default.nix | 6 +++++-
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 33202d0ab..c95e1761c 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -459,6 +459,7 @@ with import <stockholm/lib>;
share.euer IN A ${nets.internet.ip4.addr}
mattermost.euer IN A ${nets.internet.ip4.addr}
gum IN A ${nets.internet.ip4.addr}
+ wikisearch IN A ${nets.internet.ip4.addr}
pigstarter IN A ${nets.internet.ip4.addr}
cgit.euer IN A ${nets.internet.ip4.addr}
euer IN A ${nets.internet.ip4.addr}
@@ -490,6 +491,7 @@ with import <stockholm/lib>;
"tracker.makefu.r"
"graph.r"
+ "search.makefu.r"
"wiki.makefu.r"
"wiki.gum.r"
"blog.makefu.r"
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index fb4fac3f7..519313f57 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -50,6 +50,7 @@ in {
../2configs/deployment/owncloud.nix
../2configs/deployment/wiki-irc-bot
../2configs/deployment/boot-euer.nix
+ ../2configs/deployment/hound
{
services.taskserver.enable = true;
services.taskserver.fqdn = config.krebs.build.host.name;
diff --git a/makefu/2configs/deployment/hound/default.nix b/makefu/2configs/deployment/hound/default.nix
index 9e8f88895..0cfb5cdeb 100644
--- a/makefu/2configs/deployment/hound/default.nix
+++ b/makefu/2configs/deployment/hound/default.nix
@@ -1,6 +1,10 @@
{ config, pkgs, ... }:
{
- services.nginx.virtualHosts."wikisearch.krebsco.de".locations."/".proxyPass = "http://localhost:6080";
+ services.nginx.virtualHosts."wikisearch.krebsco.de" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/".proxyPass = "http://localhost:6080";
+ };
services.hound = {
enable = true;
listen = "127.0.0.1:6080";
From 1c1314f667730264c91f75d50f679ef87c8a6e3a Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 10:13:14 +0200
Subject: [PATCH 19/24] s 2 muell_caller: fix derivation
---
shared/2configs/shack/muell_caller.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/shared/2configs/shack/muell_caller.nix b/shared/2configs/shack/muell_caller.nix
index 613ed2e4f..2d8d78e33 100644
--- a/shared/2configs/shack/muell_caller.nix
+++ b/shared/2configs/shack/muell_caller.nix
@@ -7,12 +7,12 @@ let
src = pkgs.fetchgit {
url = "https://github.com/shackspace/muell_caller/";
rev = "bbd4009";
- sha256 = "06xaa1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg";
+ sha256 = "1bfnfl2vdh0p5wzyz5p48qh04vvsg2445avg86fzhzragx25fqv0";
};
buildInputs = [
(pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
docopt
- requests
+ requests2
paramiko
python
]))
@@ -23,12 +23,12 @@ let
};
cfg = "${toString <secrets>}/tell.json";
in {
- systemd.services.mqtt_sub = {
+ systemd.services.call_muell = {
description = "call muell";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "nobody"; # TODO separate user
- ExecStartPre = writeDash "call-muell-pre" ''
+ ExecStartPre = pkgs.writeDash "call-muell-pre" ''
cp ${cfg} /tmp/tell.json
chown nobody /tmp/tell.json
'';
From 9858a7279aab6f7c04b2c12e282df4ce67c4b9b3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 10:13:31 +0200
Subject: [PATCH 20/24] s 2 graphite: add graphite
---
shared/2configs/graphite.nix | 38 ++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix
index 8a1238466..689aedd04 100644
--- a/shared/2configs/graphite.nix
+++ b/shared/2configs/graphite.nix
@@ -22,12 +22,50 @@ with import <stockholm/lib>;
MAX_CACHE_SIZE = inf
MAX_UPDATES_PER_SECOND = 1
MAX_CREATES_PER_MINUTE = 50
+ MAX_UPDATES_PER_SECOND_ONSHUTDOWN = 9001
'';
storageSchemas = ''
[carbon]
pattern = ^carbon\.
retentions = 60:90d
+
+ [radiation_sensor]
+ pattern = ^sensors\.radiation\.
+ retentions = 1m:30d,5m:180d,10m:3y
+
+ [motion_sensors]
+ pattern = ^sensors\.motion\.
+ retentions = 1s:1h,60s:30d,300s:1y
+
+ [motion_sensors]
+ pattern = ^retiolum\.
+ retentions = 10s:1h,30s:30d,300s:1y
+
+ [homeassistant]
+ pattern = ^homeassistant\.
+ retentions = 10s:24h,30s:30d,300s:1y,3600s:5y
+
+ [ara]
+ pattern = ^ara\.
+ retentions = 60s:30d,300s:1y
+
+ [openweathermap]
+ pattern = ^weather\.openweathermap
+ retentions = 30m:30d,1h:5y
+
+ [stadtklima]
+ pattern = ^weather\.stadtklima-stuttgart
+ retentions = 15m:30d,30m:5y
+
+ [sensebox]
+ pattern = ^weather\.sensebox
+ retentions = 1m:90d,30m:5y
+
+ [elchos]
+ pattern = ^elchos\.
+ retentions = 10s:14d,1m:90d,10m:5y
+
[default]
pattern = .*
retentions = 60s:30d,300s:1y
From 28b51692a2f2fe22301954d1ae1b4fd36fc3f8bb Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 10:14:01 +0200
Subject: [PATCH 21/24] m 2 aralast:fix timing
---
makefu/2configs/stats/external/aralast.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/makefu/2configs/stats/external/aralast.nix b/makefu/2configs/stats/external/aralast.nix
index c335db454..870db99a8 100644
--- a/makefu/2configs/stats/external/aralast.nix
+++ b/makefu/2configs/stats/external/aralast.nix
@@ -28,7 +28,7 @@ in {
INFLUX_PORT = "8086";
};
# every 10 seconds when the cantina is open
- startAt = "Mon,Tue,Wed,Thu,Fri *-*-* 6,7,8,9,10,11,12,13,14,15:*:0/10";
+ startAt = "Mon,Tue,Wed,Thu,Fri *-*-* 6,7,8,9,10,11,12,13,14,15:*:0,15,30,45";
serviceConfig = {
User = "nobody";
ExecStart = "${pkg}/bin/aralast";
From cee103989f43adb9eb0db81803c5b2f6ea7068e7 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 10:14:55 +0200
Subject: [PATCH 22/24] m 1 studio: add real-time audio
---
makefu/1systems/studio.nix | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/makefu/1systems/studio.nix b/makefu/1systems/studio.nix
index 400d9f883..f7d49cac6 100644
--- a/makefu/1systems/studio.nix
+++ b/makefu/1systems/studio.nix
@@ -5,8 +5,10 @@
../2configs/vncserver.nix
../2configs/vim.nix
../2configs/disable_v6.nix
- ../2configs/jack-on-pulse.nix
+ ../2configs/audio/jack-on-pulse.nix
+ ../2configs/audio/realtime-audio.nix
../2configs/gui/studio.nix
+ ../2configs/binary-cache/lass.nix
];
makefu.gui.user = "user"; # we use an extra user
From 9e04d0132133840fba14aca194f18925e3f353d5 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 1 Jun 2017 10:15:28 +0200
Subject: [PATCH 23/24] m 1 wbob: add stats client
---
makefu/1systems/wbob.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix
index 7f465ec72..5d0dd4a79 100644
--- a/makefu/1systems/wbob.nix
+++ b/makefu/1systems/wbob.nix
@@ -18,6 +18,7 @@ in {
../2configs/mqtt.nix
../2configs/deployment/led-fader.nix
# ../2configs/gui/wbob-kiosk.nix
+ ../2configs/stats/client.nix
../2configs/gui/studio.nix
../2configs/audio/jack-on-pulse.nix
From 73b073c3fe037f31e05828a1071c9b4b19f7a2ff Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Thu, 1 Jun 2017 12:49:21 +0200
Subject: [PATCH 24/24] lass: RIP helios
---
krebs/3modules/lass/default.nix | 30 ------
krebs/3modules/lass/ssh/helios.rsa | 1 -
lass/1systems/dishfire.nix | 1 -
lass/1systems/helios.nix | 130 --------------------------
lass/2configs/backups.nix | 24 -----
lass/2configs/buildbot-standalone.nix | 2 +-
lass/2configs/downloading.nix | 1 -
lass/2configs/exim-smarthost.nix | 1 -
lass/2configs/logf.nix | 1 -
9 files changed, 1 insertion(+), 190 deletions(-)
delete mode 100644 krebs/3modules/lass/ssh/helios.rsa
delete mode 100644 lass/1systems/helios.nix
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 0e1cbd876..05b7b5078 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -224,32 +224,6 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD";
};
- helios = {
- cores = 2;
- nets = {
- retiolum = {
- ip4.addr = "10.243.0.3";
- ip6.addr = "42:0:0:0:0:0:0:7105";
- aliases = [
- "helios.r"
- "cgit.helios.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA9SItL2mhQpTl95gjSWRstrDajUnI5YbrVCuaDKfw9gRwMyPNiO/y
- Xwv/w4Ri8NCJZLZGkj2vG3X0EfJFBEPTJPTCbF9fP7PqqVs38BD41txLp+NrFxEq
- 5fmFk65/eg8ujrNQoOSUGmky/BKqQhWjvxdAWuwjN933wJCcNCxyaUwljHLYEK/I
- oIJX+spnFmPwmhW9hsOj8K06eHixT13+0W48GG/ZNcV3x5vWxcKUvZ4Qtzz2iMNB
- hud5kae7xMUfFAzCeKF/zsjuyt2d/xQg1WgR8MXGNgYhNJFSXz94r/bivNO6H4vP
- Pfjndnh8cD46ADo8woS1nQ19WId+sMbipwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- secure = true;
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWlIxkX41V55Yker8n4gErx2xcKpXFNKthhbP3+bTJ7";
- };
shodan = {
cores = 2;
nets = {
@@ -339,10 +313,6 @@ with import <stockholm/lib>;
mail = "lass@uriel.r";
pubkey = builtins.readFile ./ssh/uriel.rsa;
};
- lass-helios = {
- mail = "lass@helios.r";
- pubkey = builtins.readFile ./ssh/helios.rsa;
- };
lass-shodan = {
mail = "lass@shodan.r";
pubkey = builtins.readFile ./ssh/shodan.rsa;
diff --git a/krebs/3modules/lass/ssh/helios.rsa b/krebs/3modules/lass/ssh/helios.rsa
deleted file mode 100644
index c2a54b621..000000000
--- a/krebs/3modules/lass/ssh/helios.rsa
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBOnMtgy5GH6R6tHp2ugy5QTe3gAGxh2CKsstSNSNAJwvWGiaWJkbNmgM8KlCWeq1GJBGa95kU4I2BDO5fJd7J9vqyrTGF1+sx0Nwj/ELKSNVxDoKVYiU09pTqSB3pi46i+E8N49y4/8aRhu4/7O2dSTH7OS3YoZpt2Soas+cYJYhQdZtYQAgPX5LOkTfQvPhGR8AzrrTvOUrHyTWaSBEELVZ088LrFT6ibXHcPhwXX7A5+YMS8LLr3KRstySWzJEmfVOJxuMhQJSH1Xiq4bLilVn9V4AK5pCOnlALSYf48SexsCqzBUKgISuncurIBbXtW9EkNTMX3jSKlSQ7WniGRlmzrBAJCh4VXJUZgXDf8hAaPckIRbLosbTnEAauWcfnIXLfvI+bYkURhfYKsWelM+MS6ihk+P2yr8rNT9w5iUVJGVypOXUp45PrFuPn6ayCpNRJzqPwCCPE7fFagzLs7wibIXlrhCnRALT5HHyExFFcQoGvIq/8o+Oia8mrTimb55IDLwkiYrG6I5DPXFPKsTC0hium9T3I8dC+M7n9GbwnLTUK2kWnoklD3HTab21xJTtbF98nQ94df7doqPFxL/jongeZCGMB+PJ+BdQTtHr7tCY0kN2GXpoHxz/2w8YEWTKHhWIUsD+Utf8pDkKQfCqlm7iR7byxL51gHL9Z3Q== lass@helios
diff --git a/lass/1systems/dishfire.nix b/lass/1systems/dishfire.nix
index 9c77f909d..e12367aca 100644
--- a/lass/1systems/dishfire.nix
+++ b/lass/1systems/dishfire.nix
@@ -70,7 +70,6 @@
relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
config.krebs.hosts.mors
config.krebs.hosts.uriel
- config.krebs.hosts.helios
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
deleted file mode 100644
index 99760dfdb..000000000
--- a/lass/1systems/helios.nix
+++ /dev/null
@@ -1,130 +0,0 @@
-{ config, pkgs, ... }:
-
-with builtins;
-with import <stockholm/lib>;
-
-{
- imports = [
- ../.
- ../2configs/retiolum.nix
- ../2configs/exim-retiolum.nix
- ../2configs/browsers.nix
- ../2configs/programs.nix
- ../2configs/git.nix
- ../2configs/pass.nix
- ../2configs/fetchWallpaper.nix
- ../2configs/backups.nix
-
- #{
- # # conflicting stuff with gnome setup
- # # TODO: fix this
- # imports = [
- # ../2configs/baseX.nix
- # ];
- #}
- {
- # gnome3 for suja
- time.timeZone = "Europe/Berlin";
- services.xserver.enable = true;
- services.xserver.desktopManager.xfce.enable = true;
- networking.wireless.enable = true;
- hardware.pulseaudio = {
- enable = true;
- systemWide = true;
- };
- users.users.ferret = {
- uid = genid "ferret";
- home = "/home/ferret";
- group = "users";
- createHome = true;
- useDefaultShell = true;
- extraGroups = [
- ];
- hashedPassword = "$6$SaneLuyep90p8BPn$0IDbvLgNbRGZL96obWavanTmY6IkBG84vs2b/2oqlpbmTZH3retOYbQKF1uVqu6dD0ZGF4eBq9tqPbwUjRyY00";
- };
- environment.systemPackages = with pkgs; [
- firefox
- chromium
- maven
- arandr
- libreoffice
- mpv
- ];
- }
- #{
- # users.extraUsers = {
- # root = {
- # openssh.authorizedKeys.keys = map readFile [
- # ../../krebs/Zpubkeys/uriel.ssh.pub
- # ];
- # };
- # };
- #}
- #{
- # services.elasticsearch = {
- # enable = true;
- # };
- #}
- {
- krebs.power-action.battery = "BAT1";
- }
- ];
-
- krebs.build.host = config.krebs.hosts.helios;
-
-
- hardware.enableAllFirmware = true;
- nixpkgs.config.allowUnfree = true;
-
- boot = {
- loader.grub.enable = true;
- loader.grub.version = 2;
- loader.grub.device = "/dev/sda";
-
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
- initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
- initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
- #kernelModules = [ "kvm-intel" "msr" ];
- kernelModules = [ "msr" ];
- };
- fileSystems = {
- "/" = {
- device = "/dev/pool/nix";
- fsType = "ext4";
- };
-
- "/boot" = {
- device = "/dev/sda1";
- };
-
- "/home" = {
- device = "/dev/pool/home";
- fsType = "ext4";
- };
-
- "/bku" = {
- device = "/dev/pool/bku";
- fsType = "ext4";
- };
- "/tmp" = {
- device = "tmpfs";
- fsType = "tmpfs";
- options = ["nosuid" "nodev" "noatime"];
- };
- };
-
- #services.udev.extraRules = ''
- # SUBSYSTEM=="net", ATTR{address}=="64:27:37:7d:d8:ae", NAME="wl0"
- # SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:b8:c8:2e", NAME="et0"
- #'';
-
- services.xserver.synaptics = {
- enable = true;
- twoFingerScroll = true;
- accelFactor = "0.035";
- additionalOptions = ''
- Option "FingerHigh" "60"
- Option "FingerLow" "60"
- '';
- };
-}
diff --git a/lass/2configs/backups.nix b/lass/2configs/backups.nix
index 22b48f6e8..b20e15dd9 100644
--- a/lass/2configs/backups.nix
+++ b/lass/2configs/backups.nix
@@ -107,29 +107,5 @@ with import <stockholm/lib>;
dst = { host = config.krebs.hosts.shodan; path = "/bku/mors-home"; };
startAt = "05:00";
};
- dishfire-http-helios = {
- method = "pull";
- src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
- dst = { host = config.krebs.hosts.helios; path = "/bku/dishfire-http"; };
- startAt = "12:00";
- };
- dishfire-sql-helios = {
- method = "pull";
- src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
- dst = { host = config.krebs.hosts.helios; path = "/bku/dishfire-sql"; };
- startAt = "12:15";
- };
- prism-sql-helios = {
- method = "pull";
- src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
- dst = { host = config.krebs.hosts.helios; path = "/bku/prism-sql_dumps"; };
- startAt = "12:30";
- };
- prism-http-helios = {
- method = "pull";
- src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
- dst = { host = config.krebs.hosts.helios; path = "/bku/prism-http"; };
- startAt = "12:45";
- };
};
}
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 62b823c3f..227152482 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -113,7 +113,7 @@ in {
]
)
- for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
+ for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index eb9575018..d32262810 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -15,7 +15,6 @@ with import <stockholm/lib>;
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-shodan.pubkey
- lass-helios.pubkey
lass-icarus.pubkey
makefu.pubkey
];
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 3353cdac0..b8d00e7d4 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -16,7 +16,6 @@ with import <stockholm/lib>;
relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [
config.krebs.hosts.mors
config.krebs.hosts.uriel
- config.krebs.hosts.helios
];
internet-aliases = with config.krebs.users; [
{ from = "postmaster@lassul.us"; to = lass.mail; } # RFC 822
diff --git a/lass/2configs/logf.nix b/lass/2configs/logf.nix
index 3c4948db1..03414a745 100644
--- a/lass/2configs/logf.nix
+++ b/lass/2configs/logf.nix
@@ -8,7 +8,6 @@ let
shodan = "51";
icarus = "53";
echelon = "197";
- helios = "199";
cloudkrebs = "119";
};
in {