From 4ef26cd0f67d77dbb1a35b5b43ed2272c17e64b8 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 21 Jun 2022 23:39:33 +0200
Subject: [PATCH 1/5] l krops: use nom for build
---
lass/krops.nix | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/lass/krops.nix b/lass/krops.nix
index ace37888f..c8a5b94b7 100644
--- a/lass/krops.nix
+++ b/lass/krops.nix
@@ -37,18 +37,22 @@
in {
- deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" {
+ deploy = { target ? "root@${name}/var/src", offline ? false }: pkgs.krops.writeCommand "deploy" {
command = targetPath: ''
- set -fu
+ set -xfu
outDir=$(mktemp -d)
trap "rm -rf $outDir;" INT TERM EXIT
- nix build \
+ build=$(command -v nom-build || echo "nix-build")
+
+ $build \
-I "${targetPath}" \
- -f '<nixpkgs/nixos>' config.system.build.toplevel \
- -o "$outDir/out"
+ '<nixpkgs/nixos>' -A config.system.build.toplevel \
+ -o "$outDir/out" \
+ ${lib.optionalString offline "--option substitute false"} \
+ # -vvvvv --show-trace
nix-env -p /nix/var/nix/profiles/system --set "$outDir/out"
From b33003606363dfa6a6445f4d008774ce8602e76b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 27 Jun 2022 08:32:59 +0200
Subject: [PATCH 2/5] nixpkgs: d108690 -> cd90e77
---
krebs/nixpkgs.json | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 3e20b2a87..c9e1cd5e0 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "d1086907f56c5a6c33c0c2e8dc9f42ef6988294f",
- "date": "2022-05-28T12:29:49+02:00",
- "path": "/nix/store/56gsa390lyiik6jdapnj98a2ww8af8ig-nixpkgs",
- "sha256": "009dc0njvdn5pzcyd8bp4sc9byf70w4msdkv6q2zfdlnh36im1jl",
+ "rev": "cd90e773eae83ba7733d2377b6cdf84d45558780",
+ "date": "2022-06-26T19:49:46+02:00",
+ "path": "/nix/store/bmaf6x4yxcsvs5wp4rayvai4lw7g6snr-nixpkgs",
+ "sha256": "1b2wn1ncx9x4651vfcgyqrm93pd7ghnrgqjbkf6ckkpidah69m03",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
From c776acea38436cef932dfb18d5ab8f92b43f5305 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 27 Jun 2022 08:34:04 +0200
Subject: [PATCH 3/5] nixpkgs-unstable: 5ce6597 -> f2537a5
---
krebs/nixpkgs-unstable.json | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index 49d65160d..b5f64ae2a 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060",
- "date": "2022-05-24T17:55:48+02:00",
- "path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs",
- "sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3",
+ "rev": "f2537a505d45c31fe5d9c27ea9829b6f4c4e6ac5",
+ "date": "2022-06-26T12:26:21+02:00",
+ "path": "/nix/store/d7wgj3chybniji4l6z73a0gh67hxym3b-nixpkgs",
+ "sha256": "1z28a3gqbv62sxahlssc5a722kh46f26f5ss3arbxpv7a1272vf1",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
From 0dddf50167525ab40f3bd68109e28d2242975201 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 27 Jun 2022 10:39:48 +0200
Subject: [PATCH 4/5] fysiirc: escape, post raw json link
---
lass/2configs/fysiirc.nix | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/lass/2configs/fysiirc.nix b/lass/2configs/fysiirc.nix
index e12eda42e..809298df4 100644
--- a/lass/2configs/fysiirc.nix
+++ b/lass/2configs/fysiirc.nix
@@ -10,8 +10,7 @@
${write_to_irc} "$(echo "$INPUT" | jq -r '
"\(.action): " +
"[\(.issue.title // .pull_request.title)] " +
- "\(.comment.html_url // .issue.html_url // .pull_request.html_url) " +
- "by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
+ "\(.comment.html_url // .issue.html_url // .pull_request.html_url) "
')"
fi
'';
@@ -58,16 +57,16 @@ in {
case "$Method $Request_URI" in
"POST /")
payload=$(head -c "$req_content_length")
- echo "$payload" >&2
+ raw=$(printf '%s' "$payload" | ${pkgs.curl}/bin/curl --data-binary @- http://p.krebsco.de | tail -1)
payload2=$payload
- payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r')
+ payload2=$(printf '%s' "$payload" | tr '\n' ' ' | tr -d '\r')
if [ "$payload" != "$payload2" ]; then
echo "payload has been mangled" >&2
else
echo "payload not mangled" >&2
fi
- echo "$payload2" > /tmp/last_fysi_payload
echo "$payload2" | ${format-github-message}/bin/format-github-message
+ ${write_to_irc} "$raw"
printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n'
printf '\r\n'
From 64dbf31d70497d6a66f89fdd86ac1884e28f7bc8 Mon Sep 17 00:00:00 2001
From: Dhananjay Balan <mail@dbalan.in>
Date: Tue, 28 Jun 2022 22:16:08 +0200
Subject: [PATCH 5/5] external: Add v60.dbalan.in to hosts.
---
krebs/3modules/default.nix | 1 +
krebs/3modules/external/dbalan.nix | 50 ++++++++++++++++++++++++++++++
2 files changed, 51 insertions(+)
create mode 100644 krebs/3modules/external/dbalan.nix
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 2d73da884..8ea727dc7 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -102,6 +102,7 @@ let
imp = lib.mkMerge [
{ krebs = import ./external { inherit config; }; }
+ { krebs = import ./external/dbalan.nix { inherit config; }; }
{ krebs = import ./external/kmein.nix { inherit config; }; }
{ krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; }
diff --git a/krebs/3modules/external/dbalan.nix b/krebs/3modules/external/dbalan.nix
new file mode 100644
index 000000000..301f010d3
--- /dev/null
+++ b/krebs/3modules/external/dbalan.nix
@@ -0,0 +1,50 @@
+with import <stockholm/lib>;
+{ config, ... }:
+let
+ hostDefaults = hostName: host: flip recursiveUpdate host ({
+ ci = false;
+ external = true;
+ monitoring = false;
+ owner = config.krebs.users.dbalan;
+ } // optionalAttrs (host.nets?retiolum) {
+ nets.retiolum = {
+ ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
+ };
+ } // optionalAttrs (host.nets?wiregrill) {
+ nets.wiregrill = {
+ ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
+ };
+ });
+in
+{
+ users = rec {
+ dbalan = {
+ mail = "dbalan@thaum.space";
+ pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
+ };
+ };
+ hosts = mapAttrs hostDefaults {
+ v60 = {
+ nets.retiolum = {
+ aliases = [ "v60.dbalan.r" ];
+ ip4.addr = "10.243.42.12";
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
+ RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
+ 1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
+ uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
+ p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
+ bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
+ I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
+ mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
+ OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
+ AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
+ 9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
+ };
+ };
+ };
+}