From 01978cd376f4c1add7e4ef1ad65a3cd068bf31b5 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 11:47:25 +0200 Subject: [PATCH 01/22] ma pkgs/nur.nix: init --- makefu/5pkgs/nur.nix | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 makefu/5pkgs/nur.nix diff --git a/makefu/5pkgs/nur.nix b/makefu/5pkgs/nur.nix new file mode 100644 index 000000000..65065e515 --- /dev/null +++ b/makefu/5pkgs/nur.nix @@ -0,0 +1,9 @@ +{ pkgs ? import {} }: + +{ + lib = import ./lib { inherit pkgs; }; # functions + modules = import ../3modules/default.nix; + overlays.full = import ./default.nix; + pkgs = import ./default.nix pkgs pkgs; +} // (import ./default.nix pkgs pkgs) + From d5744deab6429ae2b2cde64dcb10c869a49b1fe8 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 12:18:59 +0200 Subject: [PATCH 02/22] ma pkgs/default: remove stockholm dependency --- makefu/5pkgs/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index b1d6df67e..390c13ffe 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -1,6 +1,5 @@ -with import ; -self: super: let - +self: super: +with super.lib; with builtins; let # This callPackage will try to detect obsolete overrides. callPackage = path: args: let override = super.callPackage path args; @@ -15,6 +14,7 @@ self: super: let override else override; + eq = x: y: x == y; subdirsOf = path: mapAttrs (name: _: path + "/${name}") (filterAttrs (_: eq "directory") (readDir path)); @@ -40,6 +40,6 @@ in { }; } -// mapAttrs (_: flip callPackage {}) +// (mapAttrs (_: flip callPackage {}) (filterAttrs (_: dir: pathExists (dir + "/default.nix")) - (subdirsOf ./.)) + (subdirsOf ./.))) From d22432100f325f940ec89e1e063687668247e989 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 14:21:57 +0200 Subject: [PATCH 03/22] ma pkgs.arduino-user-env,pkqgen-ger: rip --- makefu/5pkgs/arduino-user-env/default.nix | 35 ----------------------- 1 file changed, 35 deletions(-) delete mode 100644 makefu/5pkgs/arduino-user-env/default.nix diff --git a/makefu/5pkgs/arduino-user-env/default.nix b/makefu/5pkgs/arduino-user-env/default.nix deleted file mode 100644 index 7339c50a2..000000000 --- a/makefu/5pkgs/arduino-user-env/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ lib, pkgs, ... }: let - -#TODO: make sure env exists prior to running -env_nix = pkgs.writeText "env.nix" '' - { pkgs ? import {} }: - - (pkgs.buildFHSUserEnv { - name = "arduino-user-env"; - targetPkgs = pkgs: with pkgs; [ - coreutils - ]; - multiPkgs = pkgs: with pkgs; [ - arduino - alsaLib - zlib - xorg.libXxf86vm - curl - openal - openssl_1_0_2 - xorg.libXext - xorg.libX11 - xorg.libXrandr - xorg.libXcursor - xorg.libXinerama - xorg.libXi - mesa_glu - ]; - runScript = "zsh"; - }).env -''; - - -in pkgs.writeDashBin "arduino-user-env" '' - nix-shell ${env_nix} -'' From 52a2928e7d612ef29fc656508350bc3b6e1bac9a Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 16:20:51 +0200 Subject: [PATCH 04/22] ma pkgs.drozer: fix build --- makefu/5pkgs/drozer/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix index 3df67d07e..1f353e477 100644 --- a/makefu/5pkgs/drozer/default.nix +++ b/makefu/5pkgs/drozer/default.nix @@ -1,15 +1,16 @@ -{ pkgs, lib, fetchFromGitHub, pythonPackages, jre7, jdk7 }: +{ pkgs, lib, fetchFromGitHub, pythonPackages, jre, jdk }: pythonPackages.buildPythonApplication rec { name = "drozer-${version}"; version = "2.4.3"; - buildInputs = [ jdk7 ]; + buildInputs = [ jdk ]; propagatedBuildInputs = with pythonPackages; [ protobuf pyopenssl pyyaml + service-identity ] ++ [ - jre7 + jre twisted ]; src = fetchFromGitHub { @@ -19,7 +20,7 @@ pythonPackages.buildPythonApplication rec { sha256 = "1z437y7rr53dhpi95yc2c3x8g4aix90y7zf52avcdsvhlp4iip3q"; }; prePatch = '' - sed -i 's#^exec java #exec ${jre7}/bin/java #' ./src/drozer/lib/dx + sed -i 's#^exec java #exec ${jre}/bin/java #' ./src/drozer/lib/dx patchShebangs ./src/drozer/lib/dx patchelf $(cat $NIX_CC/nix-support/dynamic-linker) ./src/drozer/lib/aapt echo starting build From 99fcc13535f309204ad4a1ec92790027452c0e62 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 16:32:15 +0200 Subject: [PATCH 05/22] ma extra-gui: rm arduino-env --- makefu/2configs/tools/extra-gui.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index ae97edd54..3d26cc574 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -12,7 +12,6 @@ virtmanager # Dev saleae-logic - arduino-user-env gitAndTools.gitFull signal-desktop ]; From fdd7b3cacf398d40df9e71dc38db1a64faa14537 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 16:33:12 +0200 Subject: [PATCH 06/22] ma nur.nix: don't export customized config --- makefu/5pkgs/nur.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/5pkgs/nur.nix b/makefu/5pkgs/nur.nix index 65065e515..817536e21 100644 --- a/makefu/5pkgs/nur.nix +++ b/makefu/5pkgs/nur.nix @@ -1,7 +1,6 @@ { pkgs ? import {} }: { - lib = import ./lib { inherit pkgs; }; # functions modules = import ../3modules/default.nix; overlays.full = import ./default.nix; pkgs = import ./default.nix pkgs pkgs; From b15785ef5520a3bd3a5c729c7f2cfb9d106abec8 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 16 Aug 2018 19:31:40 +0200 Subject: [PATCH 07/22] ma pkgs.beef: bump version, fix package --- makefu/5pkgs/beef/Gemfile | 56 +++--- makefu/5pkgs/beef/Gemfile.lock | 101 ++++++++--- makefu/5pkgs/beef/db-in-homedir.patch | 39 +++++ makefu/5pkgs/beef/default.nix | 22 ++- makefu/5pkgs/beef/gemset.nix | 242 ++++++++++++++++++++------ 5 files changed, 350 insertions(+), 110 deletions(-) create mode 100644 makefu/5pkgs/beef/db-in-homedir.patch diff --git a/makefu/5pkgs/beef/Gemfile b/makefu/5pkgs/beef/Gemfile index 1420feffd..da13e1fb8 100644 --- a/makefu/5pkgs/beef/Gemfile +++ b/makefu/5pkgs/beef/Gemfile @@ -1,15 +1,16 @@ # BeEF's Gemfile # -# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net +# Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net # Browser Exploitation Framework (BeEF) - http://beefproject.com # See the file 'doc/COPYING' for copying permission # gem 'eventmachine' gem 'thin' -gem 'sinatra' -gem 'rack', '~> 1.6.5' +gem 'sinatra', '~> 2.0' +gem 'rack', '~> 2.0' +gem 'rack-protection', '~> 2.0' gem 'em-websocket' # WebSocket support gem 'uglifier' gem 'mime-types' @@ -22,8 +23,7 @@ gem 'data_objects' gem 'rubyzip', '>= 1.2.1' gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice gem 'nokogiri', '>= 1.7' - -gem 'therubyracer' +gem 'rake' # SQLite support group :sqlite do @@ -52,11 +52,17 @@ gem 'dm-migrations' # Metasploit Integration extension group :ext_msf do gem 'msfrpc-client' + gem 'xmlrpc' end -# Twitter Notifications extension -group :ext_twitter do - #gem 'twitter', '>= 5.0.0' +# Notifications extension +group :ext_notifications do + # Pushover + gem 'rushover' + # Slack + gem 'slack-notifier' + # Twitter + gem 'twitter', '>= 5.0.0' end # DNS extension @@ -76,22 +82,24 @@ end # For running unit tests group :test do -if ENV['BEEF_TEST'] - gem 'rake' - gem 'test-unit' - gem 'test-unit-full' - gem 'curb' - gem 'selenium' - gem 'selenium-webdriver' - gem 'rspec' - gem 'bundler-audit' - # nokogirl is needed by capybara which may require one of the below commands - # sudo apt-get install libxslt-dev libxml2-dev - # sudo port install libxml2 libxslt - gem 'capybara' - # RESTful API tests/generic command module tests - gem 'rest-client', '>= 2.0.1' -end + if ENV['BEEF_TEST'] + gem 'test-unit' + gem 'test-unit-full' + gem 'rspec' + # curb gem requires curl libraries + # sudo apt-get install libcurl4-openssl-dev + gem 'curb' + # selenium-webdriver 3.x is incompatible with Firefox version 48 and prior + gem 'selenium' + gem 'selenium-webdriver', '~> 2.53.4' + # nokogirl is needed by capybara which may require one of the below commands + # sudo apt-get install libxslt-dev libxml2-dev + # sudo port install libxml2 libxslt + gem 'capybara' + # RESTful API tests/generic command module tests + gem 'rest-client', '>= 2.0.1' + gem 'byebug' + end end source 'https://rubygems.org' diff --git a/makefu/5pkgs/beef/Gemfile.lock b/makefu/5pkgs/beef/Gemfile.lock index d2e6ad45e..8f18bf220 100644 --- a/makefu/5pkgs/beef/Gemfile.lock +++ b/makefu/5pkgs/beef/Gemfile.lock @@ -4,8 +4,9 @@ GEM addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) ansi (1.5.0) - chunky_png (1.3.8) - daemons (1.2.4) + buftok (0.2.0) + chunky_png (1.3.10) + daemons (1.2.6) data_objects (0.10.17) addressable (~> 2.1) dm-core (1.2.1) @@ -26,48 +27,66 @@ GEM do_sqlite3 (~> 0.10.6) do_sqlite3 (0.10.17) data_objects (= 0.10.17) + domain_name (0.5.20180417) + unf (>= 0.0.5, < 1.0.0) em-websocket (0.5.1) eventmachine (>= 0.12.9) http_parser.rb (~> 0.6.0) + equalizer (0.0.11) erubis (2.7.0) espeak-ruby (1.0.4) eventmachine (1.0.9.1) execjs (2.7.0) fastercsv (1.5.5) filesize (0.1.1) - geoip (1.6.3) + geoip (1.6.4) + http (3.3.0) + addressable (~> 2.3) + http-cookie (~> 1.0) + http-form_data (~> 2.0) + http_parser.rb (~> 0.6.0) + http-cookie (1.0.3) + domain_name (~> 0.5) + http-form_data (2.1.1) http_parser.rb (0.6.0) jsobfu (0.4.2) rkelly-remix json (1.8.6) json_pure (1.8.6) - libv8 (3.16.14.19) + memoizable (0.4.2) + thread_safe (~> 0.3, >= 0.3.1) metasm (1.0.3) - mime-types (3.1) + mime-types (3.2.2) mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) + mime-types-data (3.2018.0812) mini_portile2 (2.3.0) mojo_magick (0.5.6) msfrpc-client (1.1.1) msgpack (~> 1) rex (~> 2) - msgpack (1.1.0) - multi_json (1.12.2) - nokogiri (1.8.1) + msgpack (1.2.4) + multi_json (1.13.1) + multipart-post (2.0.0) + mustermann (1.0.2) + naught (1.1.0) + netrc (0.11.0) + nokogiri (1.8.4) mini_portile2 (~> 2.3.0) parseconfig (1.0.8) - public_suffix (3.0.0) + public_suffix (3.0.3) qr4r (0.4.1) mojo_magick rqrcode - rack (1.6.8) - rack-protection (1.5.3) + rack (2.0.5) + rack-protection (2.0.3) rack - rainbow (2.2.2) - rake - rake (12.1.0) + rainbow (3.0.0) + rake (12.3.1) rb-readline (0.5.5) - ref (2.0.0) + rest-client (2.0.2) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 4.0) + netrc (~> 0.8) rex (2.0.11) filesize jsobfu (~> 0.4.1) @@ -86,23 +105,42 @@ GEM eventmachine (~> 1.0.0) rexec (~> 1.6.2) rubyzip (1.2.1) - sinatra (1.4.8) - rack (~> 1.5) - rack-protection (~> 1.4) - tilt (>= 1.3, < 3) + rushover (0.3.0) + json + rest-client + simple_oauth (0.3.1) + sinatra (2.0.3) + mustermann (~> 1.0) + rack (~> 2.0) + rack-protection (= 2.0.3) + tilt (~> 2.0) + slack-notifier (2.3.2) term-ansicolor (1.6.0) tins (~> 1.0) - therubyracer (0.12.3) - libv8 (~> 3.16.14.15) - ref thin (1.7.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) + thread_safe (0.3.6) tilt (2.0.8) - tins (1.15.0) - uglifier (3.2.0) + tins (1.16.3) + twitter (6.2.0) + addressable (~> 2.3) + buftok (~> 0.2.0) + equalizer (~> 0.0.11) + http (~> 3.0) + http-form_data (~> 2.0) + http_parser.rb (~> 0.6.0) + memoizable (~> 0.4.0) + multipart-post (~> 2.0) + naught (~> 1.0) + simple_oauth (~> 0.3.0) + uglifier (4.1.18) execjs (>= 0.3.0, < 3) + unf (0.1.4) + unf_ext + unf_ext (0.0.7.5) + xmlrpc (0.3.0) PLATFORMS ruby @@ -126,14 +164,19 @@ DEPENDENCIES nokogiri (>= 1.7) parseconfig qr4r - rack (~> 1.6.5) + rack (~> 2.0) + rack-protection (~> 2.0) + rake rubydns (~> 0.7.3) rubyzip (>= 1.2.1) - sinatra + rushover + sinatra (~> 2.0) + slack-notifier term-ansicolor - therubyracer thin + twitter (>= 5.0.0) uglifier + xmlrpc BUNDLED WITH - 1.15.4 + 1.14.6 diff --git a/makefu/5pkgs/beef/db-in-homedir.patch b/makefu/5pkgs/beef/db-in-homedir.patch new file mode 100644 index 000000000..e8dd8e3db --- /dev/null +++ b/makefu/5pkgs/beef/db-in-homedir.patch @@ -0,0 +1,39 @@ +--- /beef 2018-08-16 19:03:55.199437566 +0200 ++++ /beef 2018-08-16 19:27:34.735985233 +0200 +@@ -110,9 +110,20 @@ + # + # @note Database setup - use DataMapper::Logger.new($stdout, :debug) for development debugging + # ++ ++# ++# @note Create ~/.beef/ ++# ++begin ++ FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir) ++rescue => e ++ print_error "Could not create '#{$home_dir}': #{e.message}" ++end ++ + case config.get("beef.database.driver") + when "sqlite" +- DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}") ++ print_info "Using Database #{$home_dir}/#{config.get("beef.database.db_file")}" ++ DataMapper.setup(:default, "sqlite3://#{$home_dir}/#{config.get("beef.database.db_file")}") + when "mysql", "postgres" + DataMapper.setup(:default, + :adapter => config.get("beef.database.driver"), +@@ -162,14 +173,6 @@ + BeEF::Core::Console::Banners.print_network_interfaces_count + BeEF::Core::Console::Banners.print_network_interfaces_routes + +-# +-# @note Create ~/.beef/ +-# +-begin +- FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir) +-rescue => e +- print_error "Could not create '#{$home_dir}': #{e.message}" +-end + + # + # @note Check whether we load the Console Shell or not diff --git a/makefu/5pkgs/beef/default.nix b/makefu/5pkgs/beef/default.nix index 82540cde9..d444dbded 100644 --- a/makefu/5pkgs/beef/default.nix +++ b/makefu/5pkgs/beef/default.nix @@ -1,4 +1,4 @@ -{ stdenv, bundlerEnv, ruby, fetchFromGitHub }: +{ stdenv, bundlerEnv, ruby, fetchFromGitHub, nodejs }: # nix-shell --command "bundler install && bundix" in the clone, copy gemset.nix, Gemfile and Gemfile.lock let gems = bundlerEnv { @@ -7,13 +7,17 @@ let gemdir = ./.; }; in stdenv.mkDerivation { - name = "beef-2017-09-21"; + name = "beef-2018-09-21"; src = fetchFromGitHub { owner = "beefproject"; repo = "beef"; - rev = "69aa2a3"; - sha256 = "1rky61i0wzpwcq3kqfa0m5hf6wyz8q8jgzs7dpfh04w9qh32ic4p"; + rev = "d237c95"; + sha256 = "1mykbjwjcbd2a18wycaf35hi3b9rmvqz1jnk2v55sd4c39f0jpf2"; }; + prePatch = '' + ls -alhtr + ''; + patches = [ ./db-in-homedir.patch ]; buildInputs = [gems ruby]; installPhase = '' mkdir -p $out/{bin,share/beef} @@ -25,13 +29,17 @@ in stdenv.mkDerivation { bin=$out/bin/beef cat > $bin < Date: Thu, 16 Aug 2018 23:51:28 +0200 Subject: [PATCH 08/22] gitlab-ci.yml: add deployment to nur-packages for makefu --- .gitlab-ci.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3f2f28d65..1e7a7df57 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,17 @@ +before_script: + - mkdir -p ~/.ssh + - echo "$deploy_privkey" > deploy.key + - export GIT_SSH_COMMAND="ssh -i $PWD/deploy.key" + - chmod 600 deploy.key + - ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts nix-shell test: script: - env - nix-shell --pure --command 'true' -p stdenv && echo success - nix-shell --pure --command 'false' -p stdenv || echo success +nur-packages makefu: + script: + - git reset --hard origin/master + - git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD + - git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git + - git push --force deploy HEAD:master From c603d3f78100c0b0d1f06837e2742a3ac03e236b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Aug 2018 00:15:25 +0200 Subject: [PATCH 09/22] ma nur.nix: remove modules part (for now) --- makefu/5pkgs/nur.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/5pkgs/nur.nix b/makefu/5pkgs/nur.nix index 817536e21..b0607671b 100644 --- a/makefu/5pkgs/nur.nix +++ b/makefu/5pkgs/nur.nix @@ -1,7 +1,6 @@ { pkgs ? import {} }: { - modules = import ../3modules/default.nix; overlays.full = import ./default.nix; pkgs = import ./default.nix pkgs pkgs; } // (import ./default.nix pkgs pkgs) From e1ce88cb1e38679bf0b004e233f0c4249b9e662b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Aug 2018 00:20:50 +0200 Subject: [PATCH 10/22] gitlab-ci: clean up ssh key after deploy --- .gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 1e7a7df57..1946f269e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -15,3 +15,5 @@ nur-packages makefu: - git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD - git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git - git push --force deploy HEAD:master +after_script: + - rm -f deploy.key From 0ec29bc7d20e083f3f2fd4adb06af1bf53d71f41 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Aug 2018 13:15:01 +0200 Subject: [PATCH 11/22] ma pkgs.ifdnfc: init at 2016-03-01 --- makefu/5pkgs/ifdnfc/default.nix | 45 +++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 makefu/5pkgs/ifdnfc/default.nix diff --git a/makefu/5pkgs/ifdnfc/default.nix b/makefu/5pkgs/ifdnfc/default.nix new file mode 100644 index 000000000..cc7956c8c --- /dev/null +++ b/makefu/5pkgs/ifdnfc/default.nix @@ -0,0 +1,45 @@ +{ stdenv, fetchFromGitHub , pkgconfig +, pcsclite +, autoreconfHook +, libnfc +}: + +stdenv.mkDerivation rec { + name = "ifdnfc-${version}"; + version = "2016-03-01"; + + src = fetchFromGitHub { + owner = "nfc-tools"; + repo = "ifdnfc"; + rev = "0e48e8e"; + sha256 = "1cxnvhhlcbm8h49rlw5racspb85fmwqqhd3gzzpzy68vrs0b37vg"; + }; + nativeBuildInputs = [ pkgconfig autoreconfHook ]; + buildInputs = [ pcsclite libnfc ]; + + configureFlags = [ "--prefix=$(out)" ]; + makeFlags = [ "DESTDIR=/" "usbdropdir=$(out)/pcsc/drivers" ]; + + meta = with stdenv.lib; { + description = "PC/SC IFD Handler based on libnfc"; + long_description = + '' libnfc Interface Plugin to be used in services.pcscd.plugins. + It provides support for all readers which are not supported by ccid but by libnfc. + + For activating your reader you need to run + ifdnfc-activate yes with this package in your + environment.systemPackages + + To use your reader you may need to blacklist your reader kernel modules: + boot.blacklistedKernelModules = [ "pn533" "pn533_usb" "nfc" ]; + + Supports the pn533 smart-card reader chip which is for example used in + the SCM SCL3711. + ''; + homepage = https://github.com/nfc-tools/ifdnfc; + license = licenses.gpl3; + platforms = platforms.linux; + maintainers = with maintainers; [ makefu ]; + }; +} + From 2e31d4bc491aa98775194592bea2dabf5d440130 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 17 Aug 2018 13:15:33 +0200 Subject: [PATCH 12/22] ma hw/smartcard: init --- makefu/2configs/hw/smartcard.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 makefu/2configs/hw/smartcard.nix diff --git a/makefu/2configs/hw/smartcard.nix b/makefu/2configs/hw/smartcard.nix new file mode 100644 index 000000000..1e9bca53b --- /dev/null +++ b/makefu/2configs/hw/smartcard.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: +{ + services.pcscd = { + enable = true; + plugins = with pkgs; [ ifdnfc ccid ]; + + }; + environment.systemPackages = with pkgs; [ + # need to run ifdnfc-activate before usage + ifdnfc + # pcsc_scan + pcsctools + ]; + boot.blacklistedKernelModules = [ + "pn533" "pn533_usb" + "nfc" + ]; +} From c07f56b772f3ea58d2a4c0f504fe3df381f6a043 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 24 Aug 2018 22:10:31 +0200 Subject: [PATCH 13/22] ma events-publisher: bump --- makefu/2configs/deployment/events-publisher/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefu/2configs/deployment/events-publisher/default.nix b/makefu/2configs/deployment/events-publisher/default.nix index c671b1a0b..a09554e6a 100644 --- a/makefu/2configs/deployment/events-publisher/default.nix +++ b/makefu/2configs/deployment/events-publisher/default.nix @@ -2,8 +2,8 @@ with import ; let shack-announce = pkgs.callPackage (builtins.fetchTarball { - url = "https://github.com/makefu/events-publisher/archive/5e7b083c63f25182a02c1fddb3d32cb9534fbc50.tar.gz"; - sha256 = "1zzlhyj8fr6y3a3b6qlyrm474xxxs1ydqjpkd2jva3g1lnzlmvkp"; + url = "https://github.com/makefu/events-publisher/archive/4cef900ba10348050208367af6b2035f5a0ef8b6.tar.gz"; + sha256 = "137vsibr289p3xxlw37xhizi309sygki95919hmj02dxgwmy1k74"; }) {} ; home = "/var/lib/shackannounce"; user = "shackannounce"; From 3c30bf00573a4d5bc4a47cd9178dc7cc113b91a5 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 29 Aug 2018 00:24:34 +0200 Subject: [PATCH 14/22] ma krops.nix: init --- makefu/1systems/cake/source.nix | 2 +- makefu/1systems/darth/source.nix | 2 +- makefu/1systems/drop/source.nix | 2 +- makefu/1systems/fileleech/source.nix | 2 +- makefu/1systems/filepimp/source.nix | 2 +- makefu/1systems/full/source.nix | 5 ++ makefu/1systems/gum/source.nix | 2 +- makefu/1systems/iso/source.nix | 2 +- makefu/1systems/kexec/source.nix | 2 +- makefu/1systems/latte/source.nix | 2 +- makefu/1systems/nextgum/source.nix | 2 +- makefu/1systems/omo/source.nix | 2 +- makefu/1systems/pnp/source.nix | 2 +- makefu/1systems/repunit/source.nix | 2 +- makefu/1systems/sdev/source.nix | 2 +- makefu/1systems/shack-autoinstall/source.nix | 3 + makefu/1systems/shoney/source.nix | 2 +- makefu/1systems/studio/source.nix | 2 +- makefu/1systems/tsp/source.nix | 4 +- makefu/1systems/vbob/source.nix | 2 +- makefu/1systems/wbob/source.nix | 2 +- makefu/1systems/wry/source.nix | 2 +- makefu/1systems/x/source.nix | 3 +- makefu/krops.nix | 88 ++++++++++++++++++++ makefu/nixpkgs.json | 7 ++ makefu/update-channel.sh | 9 ++ 26 files changed, 136 insertions(+), 21 deletions(-) create mode 100644 makefu/1systems/full/source.nix create mode 100644 makefu/1systems/shack-autoinstall/source.nix create mode 100644 makefu/krops.nix create mode 100644 makefu/nixpkgs.json create mode 100755 makefu/update-channel.sh diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix index cd97a7c62..22c40039e 100644 --- a/makefu/1systems/cake/source.nix +++ b/makefu/1systems/cake/source.nix @@ -1,4 +1,4 @@ -import { +{ name="cake"; full = true; } diff --git a/makefu/1systems/darth/source.nix b/makefu/1systems/darth/source.nix index b13b6c603..a8d7368ab 100644 --- a/makefu/1systems/darth/source.nix +++ b/makefu/1systems/darth/source.nix @@ -1,3 +1,3 @@ -import { +{ name="darth"; } diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix index 45bd6f97e..a6bc834b0 100644 --- a/makefu/1systems/drop/source.nix +++ b/makefu/1systems/drop/source.nix @@ -1,4 +1,4 @@ -import { +{ name="drop"; torrent = true; } diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix index caca1fbcb..b6951a273 100644 --- a/makefu/1systems/fileleech/source.nix +++ b/makefu/1systems/fileleech/source.nix @@ -1,4 +1,4 @@ -import { +{ name = "fileleech"; torrent = true; } diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix index 88c9f4f08..b81a2bf4a 100644 --- a/makefu/1systems/filepimp/source.nix +++ b/makefu/1systems/filepimp/source.nix @@ -1,3 +1,3 @@ -import { +{ name="filepimp"; } diff --git a/makefu/1systems/full/source.nix b/makefu/1systems/full/source.nix new file mode 100644 index 000000000..1e36c6e87 --- /dev/null +++ b/makefu/1systems/full/source.nix @@ -0,0 +1,5 @@ +{ + name="gum"; + torrent = true; + clever_kexec = true; +} diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix index e3ca472e4..1e36c6e87 100644 --- a/makefu/1systems/gum/source.nix +++ b/makefu/1systems/gum/source.nix @@ -1,4 +1,4 @@ -import { +{ name="gum"; torrent = true; clever_kexec = true; diff --git a/makefu/1systems/iso/source.nix b/makefu/1systems/iso/source.nix index e200dbfd2..6bef8ada9 100644 --- a/makefu/1systems/iso/source.nix +++ b/makefu/1systems/iso/source.nix @@ -1,3 +1,3 @@ -import { +{ name="iso"; } diff --git a/makefu/1systems/kexec/source.nix b/makefu/1systems/kexec/source.nix index e200dbfd2..6bef8ada9 100644 --- a/makefu/1systems/kexec/source.nix +++ b/makefu/1systems/kexec/source.nix @@ -1,3 +1,3 @@ -import { +{ name="iso"; } diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix index d9600909a..ab0a454c0 100644 --- a/makefu/1systems/latte/source.nix +++ b/makefu/1systems/latte/source.nix @@ -1,4 +1,4 @@ -import { +{ name = "latte"; torrent = true; } diff --git a/makefu/1systems/nextgum/source.nix b/makefu/1systems/nextgum/source.nix index 413889c47..6940498f1 100644 --- a/makefu/1systems/nextgum/source.nix +++ b/makefu/1systems/nextgum/source.nix @@ -1,4 +1,4 @@ -import { +{ name="nextgum"; torrent = true; clever_kexec = true; diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix index da0d87aad..0d42cc9e2 100644 --- a/makefu/1systems/omo/source.nix +++ b/makefu/1systems/omo/source.nix @@ -1,4 +1,4 @@ -import { +{ name="omo"; torrent = true; } diff --git a/makefu/1systems/pnp/source.nix b/makefu/1systems/pnp/source.nix index 0b630aa3b..02f7d0ab6 100644 --- a/makefu/1systems/pnp/source.nix +++ b/makefu/1systems/pnp/source.nix @@ -1,3 +1,3 @@ -import { +{ name="pnp"; } diff --git a/makefu/1systems/repunit/source.nix b/makefu/1systems/repunit/source.nix index ff361fb55..20d3cd1cb 100644 --- a/makefu/1systems/repunit/source.nix +++ b/makefu/1systems/repunit/source.nix @@ -1,3 +1,3 @@ -import { +{ name="repunit"; } diff --git a/makefu/1systems/sdev/source.nix b/makefu/1systems/sdev/source.nix index 833d9bf73..2e085740a 100644 --- a/makefu/1systems/sdev/source.nix +++ b/makefu/1systems/sdev/source.nix @@ -1,3 +1,3 @@ -import { +{ name="sdev"; } diff --git a/makefu/1systems/shack-autoinstall/source.nix b/makefu/1systems/shack-autoinstall/source.nix new file mode 100644 index 000000000..6bef8ada9 --- /dev/null +++ b/makefu/1systems/shack-autoinstall/source.nix @@ -0,0 +1,3 @@ +{ + name="iso"; +} diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix index 382474f5e..3616716f9 100644 --- a/makefu/1systems/shoney/source.nix +++ b/makefu/1systems/shoney/source.nix @@ -1,3 +1,3 @@ -import { +{ name="shoney"; } diff --git a/makefu/1systems/studio/source.nix b/makefu/1systems/studio/source.nix index f662653e7..ff88d3557 100644 --- a/makefu/1systems/studio/source.nix +++ b/makefu/1systems/studio/source.nix @@ -1,4 +1,4 @@ -import { +{ name="studio"; musnix = true; } diff --git a/makefu/1systems/tsp/source.nix b/makefu/1systems/tsp/source.nix index 79f6a435d..9abf503e2 100644 --- a/makefu/1systems/tsp/source.nix +++ b/makefu/1systems/tsp/source.nix @@ -1,3 +1,5 @@ -import { +{ name="tsp"; + full = true; + hw = true; } diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix index 5419215e2..59744faf5 100644 --- a/makefu/1systems/vbob/source.nix +++ b/makefu/1systems/vbob/source.nix @@ -1,4 +1,4 @@ -import { +{ name="vbob"; # musnix = true; } diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix index b768aa87d..c76f73760 100644 --- a/makefu/1systems/wbob/source.nix +++ b/makefu/1systems/wbob/source.nix @@ -1,4 +1,4 @@ -import { +{ name="wbob"; # musnix = true; } diff --git a/makefu/1systems/wry/source.nix b/makefu/1systems/wry/source.nix index fac3877ee..730300590 100644 --- a/makefu/1systems/wry/source.nix +++ b/makefu/1systems/wry/source.nix @@ -1,3 +1,3 @@ -import { +{ name="wry"; } diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix index ab6429dc1..75af3255b 100644 --- a/makefu/1systems/x/source.nix +++ b/makefu/1systems/x/source.nix @@ -1,9 +1,10 @@ -import { +{ name="x"; full = true; python = true; hw = true; unstable = true; mic92 = true; + clever_kexec = true; # torrent = true; } diff --git a/makefu/krops.nix b/makefu/krops.nix new file mode 100644 index 000000000..5ce430ad2 --- /dev/null +++ b/makefu/krops.nix @@ -0,0 +1,88 @@ +{ config ? config, name }: let + krops = builtins.fetchGit { + url = https://cgit.krebsco.de/krops/; + rev = "4e466eaf05861b47365c5ef46a31a188b70f3615"; + }; + nixpkgs-src = lib.importJSON ./nixpkgs.json; + lib = import "${krops}/lib"; + + # TODO document why pkgs should be used like this + pkgs = import "${krops}/pkgs" {}; + hostSource = { + secure = false; + full = false; + torrent = false; + hw = false; + musnix = false; + python = false; + unstable = false; #unstable channel checked out + mic92 = false; + nms = false; + clever_kexec = false; + } // import (./. + "/1systems/${name}/source.nix"); + source = { test }: lib.evalSource [ + { + # nixos-18.03 @ 2018-08-06 + # + do_sqlite3 ruby: 55a952be5b5 + # + exfat-nofuse bump: ee6a5296a35 + # + uhub/sqlite: 5dd7610401747 + nixpkgs.git = { + ref = nixpkgs-src.rev; + url = nixpkgs-src.url; + }; + nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix"; + + stockholm.file = toString ; + secrets = if test then { + file = toString (./. + "/0tests/data/secrets"); + } else { + pass = { + dir = "${lib.getEnv "HOME"}/.secrets-pass"; + inherit name; + }; + }; + } + (lib.mkIf (hostSource.torrent) { + torrent-secrets = if test then { + file = ./. + "/makefu/0tests/data/secrets"; + } else { + pass = { + dir = "${lib.getEnv "HOME"}/.secrets-pass"; + name = "torrent"; + }; + }; + }) + (lib.mkIf ( hostSource.musnix ) { + musnix.git = { + url = https://github.com/musnix/musnix.git; + ref = "master"; # follow the musnix channel, lets see how this works out + }; + }) + (lib.mkIf ( hostSource.hw ) { + nixos-hardware.git = { + url = https://github.com/nixos/nixos-hardware.git; + ref = "30fdd53"; + }; + }) + ]; + +in { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) + deploy = pkgs.krops.writeDeploy "${name}-deploy" { + source = source { test = false; }; + target = "root@${name}/var/src"; + }; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) + test = pkgs.krops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src"; + }; + + ci = map (host: + pkgs.krops.writeTest "${host.name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "TMPDIR"}/makefu/${host.name}"; + } + ) (lib.filter (host: lib.getAttr "ci" host && host.owner == "makefu") (lib.attrValues config.krebs.hosts)); +} diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json new file mode 100644 index 000000000..f39bb6688 --- /dev/null +++ b/makefu/nixpkgs.json @@ -0,0 +1,7 @@ +{ + "url": "https://github.com/makefu/nixpkgs", + "rev": "8f991294288b27b9dec05cc1e07ec6a360bb39c8", + "date": "2018-08-06T14:29:01+02:00", + "sha256": "0zan8kdjk1pwdzm1rwc3ka87k11j0zmw4mdnj70r6pm38x2fa9n6", + "fetchSubmodules": true +} diff --git a/makefu/update-channel.sh b/makefu/update-channel.sh new file mode 100755 index 000000000..59d3c434f --- /dev/null +++ b/makefu/update-channel.sh @@ -0,0 +1,9 @@ +#!/bin/sh +dir=$(dirname $0) +oldref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') +nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ + --url https://github.com/makefu/nixpkgs \ + --rev refs/heads/master' \ +> $dir/nixpkgs.json +newref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') +echo git commit $dir/nixpkgs.json -m "nixpkgs: $oldref -> $newref" From 70c41d322cfd91485886d32422c06888166277bc Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 29 Aug 2018 00:49:00 +0200 Subject: [PATCH 15/22] retiolum-bootstrap: forceSSL --- krebs/3modules/retiolum-bootstrap.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix index 53b06a702..faa3dd714 100644 --- a/krebs/3modules/retiolum-bootstrap.nix +++ b/krebs/3modules/retiolum-bootstrap.nix @@ -31,11 +31,8 @@ in enable = mkDefault true; virtualHosts.retiolum-bootstrap = { inherit (cfg) serverName sslCertificate sslCertificateKey; - enableSSL = true; + forceSSL = true; extraConfig ='' - if ($scheme = http){ - return 301 https://$server_name$request_uri; - } root ${pkgs.retiolum-bootstrap}; try_files $uri $uri/retiolum.sh; From 7fa3fc7b1a34f471c6e4b92b2b7cdd545649214f Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 29 Aug 2018 00:57:57 +0200 Subject: [PATCH 16/22] ma 1system: ip4 -> ipv4.addresses --- makefu/1systems/drop/config.nix | 2 +- makefu/1systems/fileleech/config.nix | 4 ++-- makefu/1systems/shoney/config.nix | 2 +- makefu/1systems/wbob/config.nix | 2 +- makefu/1systems/wry/config.nix | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/makefu/1systems/drop/config.nix b/makefu/1systems/drop/config.nix index b7e0d0395..2757db8cc 100644 --- a/makefu/1systems/drop/config.nix +++ b/makefu/1systems/drop/config.nix @@ -30,7 +30,7 @@ in { allowedTCPPorts = [ ]; allowedUDPPorts = [ 655 ]; }; - interfaces.enp0s3.ip4 = [{ + interfaces.enp0s3.ipv4.addresses = [{ address = external-ip; inherit prefixLength; }]; diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix index e36afecd5..7e9dea9ec 100644 --- a/makefu/1systems/fileleech/config.nix +++ b/makefu/1systems/fileleech/config.nix @@ -145,13 +145,13 @@ in { networking.nameservers = [ "8.8.8.8" ]; # SPF networking.defaultGateway = "151.217.176.1"; - networking.interfaces.enp6s0f0.ip4 = [{ + networking.interfaces.enp6s0f0.ipv4.addresses = [{ address = "151.217.178.63"; prefixLength = 22; }]; # Gigabit - networking.interfaces.enp8s0f1.ip4 = [{ + networking.interfaces.enp8s0f1.ipv4.addresses = [{ address = "192.168.126.1"; prefixLength = 24; }]; diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix index ba9d0911e..27d389b85 100644 --- a/makefu/1systems/shoney/config.nix +++ b/makefu/1systems/shoney/config.nix @@ -46,7 +46,7 @@ in { dst = "10.8.10.6"; }; networking = { - interfaces.enp2s1.ip4 = [ + interfaces.enp2s1.ipv4.addresses = [ { address = ip; prefixLength = 24; } # { address = alt-ip; prefixLength = 24; } ]; diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 9d8a91e6d..e1d66a2f9 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -150,7 +150,7 @@ in { # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash networking.wireless.interfaces = [ "wlp2s0" ]; - networking.interfaces.virbr1.ip4 = [{ + networking.interfaces.virbr1.ipv4.addresses = [{ address = "10.8.8.11"; prefixLength = 24; }]; diff --git a/makefu/1systems/wry/config.nix b/makefu/1systems/wry/config.nix index 2db1a9a95..b728703ec 100644 --- a/makefu/1systems/wry/config.nix +++ b/makefu/1systems/wry/config.nix @@ -42,7 +42,7 @@ in { allowedTCPPorts = [ 53 80 443 ]; allowedUDPPorts = [ 655 53 ]; }; - interfaces.enp2s1.ip4 = [{ + interfaces.enp2s1.ipv4.addresses = [{ address = external-ip; prefixLength = 24; }]; From 9f637ad3d8f8c230f6ce537a2bbeb085a1adc5f5 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 29 Aug 2018 23:43:16 +0200 Subject: [PATCH 17/22] ma pkgs.cozy-audiobooks: init at 0.6.0 what a pain --- makefu/5pkgs/cozy-audiobooks/default.nix | 100 +++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 makefu/5pkgs/cozy-audiobooks/default.nix diff --git a/makefu/5pkgs/cozy-audiobooks/default.nix b/makefu/5pkgs/cozy-audiobooks/default.nix new file mode 100644 index 000000000..312889fc3 --- /dev/null +++ b/makefu/5pkgs/cozy-audiobooks/default.nix @@ -0,0 +1,100 @@ +{ stdenv, fetchFromGitHub, fetchPypi +, ninja +, boost +, meson +, pkgconfig +, wrapGAppsHook +, appstream-glib +, desktop-file-utils +, gtk3 +, glib +, isPy3k +, gst_all_1 +, gobjectIntrospection +, python3Packages +, file +, cairo , sqlite , gettext +, gnome3 +}: + +let + peewee = with python3Packages; buildPythonPackage rec { + # https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/python-peewee + pname = "peewee"; + version = "3.6.4"; + src = fetchPypi { + inherit pname version; + sha256 = "1fi4z9n86ri79gllwav0gv3hmwipzmkvivzfyszfqn9fi5zpp3ak"; + }; + doCheck = false; + + checkPhase = '' + python runtests.py + ''; + + buildInputs = [ + cython + sqlite + # psycopg2 + # mysql-connector + ]; + meta.license = stdenv.lib.licenses.mit; + }; +in +stdenv.mkDerivation rec { + name = "cozy-${version}"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "geigi"; + repo = "cozy"; + rev = version; + sha256 = "1afl3qsn9h4k8fgp63z0ab9p5ashrg3g936a9rh3i9qydv6s3srd"; + }; + + postPatch = '' + chmod +x data/meson_post_install.py + patchShebangs data/meson_post_install.py + substituteInPlace cozy/magic/magic.py --replace "ctypes.util.find_library('magic')" "'${file}/lib/libmagic${stdenv.hostPlatform.extensions.sharedLibrary}'" + ''; + postInstall = '' + wrapProgram $out/bin/com.github.geigi.cozy \ + --prefix PYTHONPATH : "$PYTHONPATH:$(toPythonPath $out)" + + ''; + wrapPrefixVariables = [ "PYTHONPATH" ]; + + + nativeBuildInputs = [ + meson ninja pkgconfig + wrapGAppsHook + appstream-glib + desktop-file-utils + gobjectIntrospection + + ]; + buildInputs = with gst_all_1; [ gtk3 glib + gstreamer gst-plugins-good cairo gettext file.out + gnome3.defaultIconTheme gnome3.gsettings-desktop-schemas + ] + ++ (with python3Packages; [ + python gst-python pygobject3 dbus-python mutagen peewee magic + + ]); + + checkPhase = '' + ninja test + ''; + + #preInstall = '' + # export MESON_INSTALL_PREFIX=$out + #''; + + meta = with stdenv.lib; { + description = '' + Eval nix code from python. + ''; + maintainers = [ maintainers.makefu ]; + license = licenses.mit; + }; +} From f697fa64c92fdaac5751b64773ade4ad095c8b2c Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 30 Aug 2018 16:38:43 +0200 Subject: [PATCH 18/22] ma pkgs.bento4: init at 1.5.1-624 --- makefu/2configs/{ => editor}/vim.nix | 0 makefu/5pkgs/bento4/default.nix | 30 ++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+) rename makefu/2configs/{ => editor}/vim.nix (100%) create mode 100644 makefu/5pkgs/bento4/default.nix diff --git a/makefu/2configs/vim.nix b/makefu/2configs/editor/vim.nix similarity index 100% rename from makefu/2configs/vim.nix rename to makefu/2configs/editor/vim.nix diff --git a/makefu/5pkgs/bento4/default.nix b/makefu/5pkgs/bento4/default.nix new file mode 100644 index 000000000..07c64a101 --- /dev/null +++ b/makefu/5pkgs/bento4/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchFromGitHub +, pkgconfig +, cmake +}: +stdenv.mkDerivation rec { + name = "bento4-${version}"; + version = "1.5.1-624"; + + src = fetchFromGitHub { + owner = "axiomatic-systems"; + repo = "Bento4"; + rev = "v${version}"; + sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf"; + }; + + nativeBuildInputs = [ cmake pkgconfig ]; + installPhase = '' + mkdir -p $out/{lib,bin} + find -iname '*.so' -exec mv --target-directory="$out/lib" {} \; + find -maxdepth 1 -executable -type f -exec mv --target-directory="$out/bin" {} \; + ''; + + meta = with stdenv.lib; { + description = "Full-featured MP4 format and MPEG DASH library and tools"; + homepage = http://bento4.com; + license = licenses.gpl3; + maintainers = with maintainers; [ makefu ]; + platforms = with platforms; linux; + }; +} From 9b3c1509c37389b20d84ab536882c8a65abafa31 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 30 Aug 2018 16:39:23 +0200 Subject: [PATCH 19/22] ma vim: move to editor --- makefu/2configs/editor/vim.nix | 105 +-------------------------------- makefu/2configs/editor/vimrc | 98 ++++++++++++++++++++++++++++++ 2 files changed, 99 insertions(+), 104 deletions(-) create mode 100644 makefu/2configs/editor/vimrc diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix index 43d362ed9..d14a611b4 100644 --- a/makefu/2configs/editor/vim.nix +++ b/makefu/2configs/editor/vim.nix @@ -18,110 +18,7 @@ in { (pkgs.vim_configurable.customize { name = "vim"; - vimrcConfig.customRC = '' - set nocompatible - syntax on - set list - set listchars=tab:▸\ - "set list listchars=tab:>-,trail:.,extends:> - - filetype off - filetype plugin indent on - - colorscheme darkblue - set background=dark - - set number - set relativenumber - set mouse=a - set ignorecase - set incsearch - set wildignore=*.o,*.obj,*.bak,*.exe,*.os - set textwidth=79 - set shiftwidth=2 - set expandtab - set softtabstop=2 - set shiftround - set smarttab - set tabstop=2 - set et - set autoindent - set backspace=indent,eol,start - - - inoremap - nnoremap - vnoremap - - nnoremap :UndotreeToggle - set undodir =~/.vim/undo - set undofile - "maximum number of changes that can be undone - set undolevels=1000000 - "maximum number lines to save for undo on a buffer reload - set undoreload=10000000 - - nnoremap :set invpaste paste? - set pastetoggle= - set showmode - - set showmatch - set matchtime=3 - set hlsearch - - autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red - - - " save on focus lost - au FocusLost * :wa - - autocmd BufRead *.json set filetype=json - au BufNewFile,BufRead *.mustache set syntax=mustache - - cnoremap SudoWrite w !sudo tee > /dev/null % - - " create Backup/tmp/undo dirs - set backupdir=~/.vim/backup - set directory=~/.vim/tmp - - function! InitBackupDir() - let l:parent = $HOME . '/.vim/' - let l:backup = l:parent . 'backup/' - let l:tmpdir = l:parent . 'tmp/' - let l:undodir= l:parent . 'undo/' - - - if !isdirectory(l:parent) - call mkdir(l:parent) - endif - if !isdirectory(l:backup) - call mkdir(l:backup) - endif - if !isdirectory(l:tmpdir) - call mkdir(l:tmpdir) - endif - if !isdirectory(l:undodir) - call mkdir(l:undodir) - endif - endfunction - call InitBackupDir() - - augroup Binary - " edit binaries in xxd-output, xxd is part of vim - au! - au BufReadPre *.bin let &bin=1 - au BufReadPost *.bin if &bin | %!xxd - au BufReadPost *.bin set ft=xxd | endif - au BufWritePre *.bin if &bin | %!xxd -r - au BufWritePre *.bin endif - au BufWritePost *.bin if &bin | %!xxd - au BufWritePost *.bin set nomod | endif - augroup END - - - - ''; - + vimrcConfig.customRC = builtins.readFile ./vimrc; vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc new file mode 100644 index 000000000..8cdab55db --- /dev/null +++ b/makefu/2configs/editor/vimrc @@ -0,0 +1,98 @@ +set nocompatible +syntax on +set list +set listchars=tab:▸\ +"set list listchars=tab:>-,trail:.,extends:> + +filetype off +filetype plugin indent on + +colorscheme darkblue +set background=dark + +set number +set relativenumber +set mouse=a +set ignorecase +set incsearch +set wildignore=*.o,*.obj,*.bak,*.exe,*.os +set textwidth=79 +set shiftwidth=2 +set expandtab +set softtabstop=2 +set shiftround +set smarttab +set tabstop=2 +set et +set autoindent +set backspace=indent,eol,start + + +inoremap +nnoremap +vnoremap + +nnoremap :UndotreeToggle +set undodir =~/.vim/undo +set undofile +"maximum number of changes that can be undone +set undolevels=1000000 +"maximum number lines to save for undo on a buffer reload +set undoreload=10000000 + +nnoremap :set invpaste paste? +set pastetoggle= +set showmode + +set showmatch +set matchtime=3 +set hlsearch + +autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red + + +" save on focus lost +au FocusLost * :wa + +autocmd BufRead *.json set filetype=json +au BufNewFile,BufRead *.mustache set syntax=mustache + +cnoremap SudoWrite w !sudo tee > /dev/null % + +" create Backup/tmp/undo dirs +set backupdir=~/.vim/backup +set directory=~/.vim/tmp + +function! InitBackupDir() + let l:parent = $HOME . '/.vim/' + let l:backup = l:parent . 'backup/' + let l:tmpdir = l:parent . 'tmp/' + let l:undodir= l:parent . 'undo/' + + + if !isdirectory(l:parent) + call mkdir(l:parent) + endif + if !isdirectory(l:backup) + call mkdir(l:backup) + endif + if !isdirectory(l:tmpdir) + call mkdir(l:tmpdir) + endif + if !isdirectory(l:undodir) + call mkdir(l:undodir) + endif +endfunction +call InitBackupDir() + +augroup Binary + " edit binaries in xxd-output, xxd is part of vim + au! + au BufReadPre *.bin let &bin=1 + au BufReadPost *.bin if &bin | %!xxd + au BufReadPost *.bin set ft=xxd | endif + au BufWritePre *.bin if &bin | %!xxd -r + au BufWritePre *.bin endif + au BufWritePost *.bin if &bin | %!xxd + au BufWritePost *.bin set nomod | endif +augroup END From 7ffc39781f7abe588376c392184cb1b7654bf659 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 1 Sep 2018 12:17:21 +0200 Subject: [PATCH 20/22] ma pkgs.cozy-audiobooks: use pythonPackages instead of variables --- makefu/5pkgs/cozy-audiobooks/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/makefu/5pkgs/cozy-audiobooks/default.nix b/makefu/5pkgs/cozy-audiobooks/default.nix index 312889fc3..f1d655a0a 100644 --- a/makefu/5pkgs/cozy-audiobooks/default.nix +++ b/makefu/5pkgs/cozy-audiobooks/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, fetchPypi +{ stdenv, fetchFromGitHub , ninja , boost , meson @@ -8,7 +8,6 @@ , desktop-file-utils , gtk3 , glib -, isPy3k , gst_all_1 , gobjectIntrospection , python3Packages @@ -74,7 +73,7 @@ stdenv.mkDerivation rec { ]; buildInputs = with gst_all_1; [ gtk3 glib - gstreamer gst-plugins-good cairo gettext file.out + gstreamer gst-plugins-good gst-plugins-ugly gst-plugins-base cairo gettext gnome3.defaultIconTheme gnome3.gsettings-desktop-schemas ] ++ (with python3Packages; [ From bf1747adb41e7c255f0c863b38cf446a70dcccab Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 2 Sep 2018 22:12:33 +0200 Subject: [PATCH 21/22] ma rompr: init (but will never use it) --- makefu/2configs/nginx/rompr.nix | 76 +++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 makefu/2configs/nginx/rompr.nix diff --git a/makefu/2configs/nginx/rompr.nix b/makefu/2configs/nginx/rompr.nix new file mode 100644 index 000000000..8c1fbc53b --- /dev/null +++ b/makefu/2configs/nginx/rompr.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: + +with import ; +let + user = config.services.nginx.user; + group = config.services.nginx.group; + src = pkgs.fetchFromGitHub { + owner = "fatg3erman"; + repo = "RompR"; + rev = "1.21"; + sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q"; + }; + fpm-socket = "/var/run/php5-rompr-fpm.sock"; + mpd-src = "/var/lib/rompr"; + +in { + services.phpfpm = { + # phpfpm does not have an enable option + poolConfigs = { + mpd = '' + user = ${user} + group = ${group} + listen = ${fpm-socket} + listen.owner = ${user} + listen.group = ${group} + pm = dynamic + pm.max_children = 5 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 3 + chdir = / + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; + }; + }; + # TODO: Pre-job + # TODO: prefs.var could be templated (serialized php ...) then we would not + # need to have a state dir at all + system.activationScripts.rompr = '' + mkdir -p ${mpd-src} + cp -r ${src}/. ${mpd-src} + chown -R ${user}:${group} ${mpd-src} + chmod 770 ${mpd-src} + ''; + services.nginx = { + enable = mkDefault true; + virtualHosts = { + "localhost" = { + root = mpd-src; + locations."/".index = "index.php"; + locations."~ \.php$" = { + root = mpd-src; + extraConfig = '' + client_max_body_size 200M; + fastcgi_pass unix:${fpm-socket}; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + fastcgi_index index.php; + try_files $uri =404; + ''; + }; + }; + }; + }; + services.mysql = { + enable = true; + package = pkgs.mariadb; + ensureDatabases = [ "romprdb" ]; + ensureUsers = [ + { ensurePermissions = { "romprdb.*" = "ALL PRIVILEGES"; }; + name = user; } + ]; + }; +} From 481376c1509661cbf1bdb17b9887b3a4f0487b6f Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 3 Sep 2018 00:37:13 +0200 Subject: [PATCH 22/22] wolf.r: add mobile mpd web frontends --- krebs/1systems/wolf/config.nix | 3 ++- krebs/2configs/shack/mobile.mpd.nix | 32 +++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 krebs/2configs/shack/mobile.mpd.nix diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 6addb0818..914b38051 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -25,6 +25,7 @@ in + { systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate systemd.services.telegraf.environment = { @@ -114,7 +115,7 @@ in networking = { firewall.enable = false; firewall.allowedTCPPorts = [ 8088 8086 8083 ]; - interfaces."${ext-if}".ip4 = [{ + interfaces."${ext-if}".ipv4.addresses = [{ address = shack-ip; prefixLength = 20; }]; diff --git a/krebs/2configs/shack/mobile.mpd.nix b/krebs/2configs/shack/mobile.mpd.nix new file mode 100644 index 000000000..2dc466edb --- /dev/null +++ b/krebs/2configs/shack/mobile.mpd.nix @@ -0,0 +1,32 @@ +{lib,pkgs, ... }: +let + mpdHost = "mpd.shack"; + ympd = name: port: let + webPort = 10000 + port; + in { + systemd.services."ympd-${name}" = { + description = "mpd for ${name}"; + wantedBy = [ "multi-user.target" ]; + serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody"; + }; + services.nginx.virtualHosts."mobile.${name}.mpd.shack" = { + serverAliases = [ + "${name}.mpd.wolf.r" + "${name}.mpd.wolf.shack" + ]; + locations."/".proxyPass = "http://localhost:${toString webPort}"; + }; + }; +in lib.mkMerge [{ + services.nginx.enable = true; +} + (ympd "lounge" 6600) + (ympd "seminarraum" 6601) + (ympd "elab" 6602) + (ympd "kueche" 6603) + (ympd "crafting" 6604) + (ympd "fablab" 6605) + (ympd "workshop" 6606) + (ympd "klo" 6607) + +]