Merge branch 'staging/source'
This commit is contained in:
commit
b19ebc2abd
2
Makefile
2
Makefile
|
@ -12,7 +12,7 @@ export STOCKHOLM_VERSION ?= $(shell \
|
||||||
system ?= $(HOSTNAME)
|
system ?= $(HOSTNAME)
|
||||||
$(if $(system),,$(error unbound variable: system))
|
$(if $(system),,$(error unbound variable: system))
|
||||||
|
|
||||||
nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system).nix
|
nixos-config ?= $(stockholm)/$(LOGNAME)/1systems/$(system)/config.nix
|
||||||
ifneq ($(words $(wildcard $(nixos-config))),1)
|
ifneq ($(words $(wildcard $(nixos-config))),1)
|
||||||
$(error bad nixos-config: $(nixos-config))
|
$(error bad nixos-config: $(nixos-config))
|
||||||
endif
|
endif
|
||||||
|
|
|
@ -14,16 +14,9 @@ with import <stockholm/lib>;
|
||||||
default = "/nix/var/nix/profiles/system";
|
default = "/nix/var/nix/profiles/system";
|
||||||
};
|
};
|
||||||
|
|
||||||
source = mkOption {
|
|
||||||
type = types.attrsOf types.source;
|
|
||||||
default = {};
|
|
||||||
};
|
|
||||||
|
|
||||||
# TODO deprecate krebs.build.user
|
# TODO deprecate krebs.build.user
|
||||||
user = mkOption {
|
user = mkOption {
|
||||||
type = types.user;
|
type = types.user;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config.krebs.build.source.stockholm.file = mkDefault (toString <stockholm>);
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,15 +14,30 @@
|
||||||
#
|
#
|
||||||
# 1 Usage error; arguments couldn't be parsed.
|
# 1 Usage error; arguments couldn't be parsed.
|
||||||
#
|
#
|
||||||
# 2 Build error; at least one failed derivation could be found.
|
# 2 Nix error; input looks like Nix failed.
|
||||||
|
#
|
||||||
|
# 3 Build error; at least one failed derivation could be found.
|
||||||
#
|
#
|
||||||
|
|
||||||
failed_drvs=$(mktemp --tmpdir whatsupnix.XXXXXXXX)
|
tmpdir=$(mktemp -d --tmpdir whatsupnix.XXXXXXXX)
|
||||||
trap 'rm -f -- "$failed_drvs"' EXIT
|
failed_drvs=$tmpdir/failed_drvs; touch "$failed_drvs"
|
||||||
|
nix_errors=$tmpdir/nix_errors; touch "$nix_errors"
|
||||||
|
cleanup() {
|
||||||
|
rm "$failed_drvs"
|
||||||
|
rm "$nix_errors"
|
||||||
|
rmdir "$tmpdir"
|
||||||
|
}
|
||||||
|
trap cleanup EXIT
|
||||||
|
|
||||||
exec >&2
|
exec >&2
|
||||||
|
|
||||||
gawk -v failed_drvs="$failed_drvs" '
|
gawk \
|
||||||
|
-v failed_drvs="$failed_drvs" \
|
||||||
|
-v nix_errors="$nix_errors" \
|
||||||
|
'
|
||||||
|
/^(\033\[31;1m)?error:/ {
|
||||||
|
print $0 >> nix_errors
|
||||||
|
}
|
||||||
match($0, /^builder for ‘(\/nix\/store\/[^’]+\.drv)’ failed/, m) {
|
match($0, /^builder for ‘(\/nix\/store\/[^’]+\.drv)’ failed/, m) {
|
||||||
print m[1] >> failed_drvs
|
print m[1] >> failed_drvs
|
||||||
}
|
}
|
||||||
|
@ -73,8 +88,10 @@ while read -r drv; do
|
||||||
echo
|
echo
|
||||||
done < "$failed_drvs"
|
done < "$failed_drvs"
|
||||||
|
|
||||||
if test -s "$failed_drvs"; then
|
if test -s "$nix_errors"; then
|
||||||
exit 2
|
exit 2
|
||||||
|
elif test -s "$failed_drvs"; then
|
||||||
|
exit 3
|
||||||
else
|
else
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,18 +1,17 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
|
inherit (import <stockholm/lass/4lib> { inherit pkgs lib; }) getDefaultGateway;
|
||||||
|
|
||||||
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/os-templates/CAC-CentOS-7-64bit.nix
|
<stockholm/lass/2configs/os-templates/CAC-CentOS-7-64bit.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
../2configs/git.nix
|
<stockholm/lass/2configs/git.nix>
|
||||||
../2configs/realwallpaper.nix
|
<stockholm/lass/2configs/realwallpaper.nix>
|
||||||
../2configs/privoxy-retiolum.nix
|
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
||||||
{
|
{
|
||||||
networking.interfaces.enp2s1.ip4 = [
|
networking.interfaces.enp2s1.ip4 = [
|
||||||
{
|
{
|
3
lass/1systems/cloudkrebs/source.nix
Normal file
3
lass/1systems/cloudkrebs/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "cloudkrebs";
|
||||||
|
}
|
|
@ -2,11 +2,10 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
||||||
#../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/git.nix>
|
||||||
../2configs/git.nix
|
|
||||||
{
|
{
|
||||||
boot.loader.grub = {
|
boot.loader.grub = {
|
||||||
device = "/dev/vda";
|
device = "/dev/vda";
|
||||||
|
@ -56,7 +55,7 @@
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/websites/fritz.nix
|
<stockholm/lass/2configs/websites/fritz.nix>
|
||||||
];
|
];
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
|
3
lass/1systems/dishfire/source.nix
Normal file
3
lass/1systems/dishfire/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "dishfire";
|
||||||
|
}
|
|
@ -1,22 +1,20 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
|
inherit (import <stockholm/lass/4lib> { inherit pkgs lib; }) getDefaultGateway;
|
||||||
|
|
||||||
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/os-templates/CAC-CentOS-7-64bit.nix
|
<stockholm/lass/2configs/os-templates/CAC-CentOS-7-64bit.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
../2configs/realwallpaper.nix
|
<stockholm/lass/2configs/realwallpaper.nix>
|
||||||
../2configs/privoxy-retiolum.nix
|
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
||||||
../2configs/git.nix
|
<stockholm/lass/2configs/git.nix>
|
||||||
#../2configs/redis.nix
|
<stockholm/lass/2configs/go.nix>
|
||||||
../2configs/go.nix
|
<stockholm/lass/2configs/ircd.nix>
|
||||||
../2configs/ircd.nix
|
<stockholm/lass/2configs/newsbot-js.nix>
|
||||||
../2configs/newsbot-js.nix
|
|
||||||
{
|
{
|
||||||
networking.interfaces.enp2s1.ip4 = [
|
networking.interfaces.enp2s1.ip4 = [
|
||||||
{
|
{
|
||||||
|
@ -34,9 +32,6 @@ in {
|
||||||
sound.enable = false;
|
sound.enable = false;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
imports = [
|
|
||||||
../3modules/dnsmasq.nix
|
|
||||||
];
|
|
||||||
lass.dnsmasq = {
|
lass.dnsmasq = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = ''
|
config = ''
|
3
lass/1systems/echelon/source.nix
Normal file
3
lass/1systems/echelon/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "echelon";
|
||||||
|
}
|
|
@ -1,19 +1,18 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/hw/tp-x220.nix
|
<stockholm/lass/2configs/hw/tp-x220.nix>
|
||||||
../2configs/git.nix
|
<stockholm/lass/2configs/git.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
../2configs/baseX.nix
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
../2configs/browsers.nix
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
../2configs/programs.nix
|
<stockholm/lass/2configs/programs.nix>
|
||||||
../2configs/fetchWallpaper.nix
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
../2configs/backups.nix
|
<stockholm/lass/2configs/backups.nix>
|
||||||
../2configs/games.nix
|
<stockholm/lass/2configs/games.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.icarus;
|
krebs.build.host = config.krebs.hosts.icarus;
|
4
lass/1systems/icarus/source.nix
Normal file
4
lass/1systems/icarus/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "icarus";
|
||||||
|
secure = true;
|
||||||
|
}
|
|
@ -4,12 +4,11 @@ with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
|
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
|
||||||
../../krebs
|
<stockholm/krebs>
|
||||||
../3modules
|
<stockholm/lass/3modules>
|
||||||
../5pkgs
|
<stockholm/lass/5pkgs>
|
||||||
../2configs/mc.nix
|
<stockholm/lass/2configs/mc.nix>
|
||||||
../2configs/nixpkgs.nix
|
<stockholm/lass/2configs/vim.nix>
|
||||||
../2configs/vim.nix
|
|
||||||
{
|
{
|
||||||
# /dev/stderr doesn't work. I don't know why
|
# /dev/stderr doesn't work. I don't know why
|
||||||
# /proc/self doesn't seem to work correctly
|
# /proc/self doesn't seem to work correctly
|
||||||
|
|
|
@ -3,28 +3,27 @@
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/hw/tp-x220.nix
|
<stockholm/lass/2configs/hw/tp-x220.nix>
|
||||||
../2configs/baseX.nix
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
../2configs/programs.nix
|
<stockholm/lass/2configs/programs.nix>
|
||||||
../2configs/bitcoin.nix
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
../2configs/browsers.nix
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
../2configs/games.nix
|
<stockholm/lass/2configs/games.nix>
|
||||||
../2configs/pass.nix
|
<stockholm/lass/2configs/pass.nix>
|
||||||
../2configs/elster.nix
|
<stockholm/lass/2configs/elster.nix>
|
||||||
../2configs/steam.nix
|
<stockholm/lass/2configs/steam.nix>
|
||||||
../2configs/wine.nix
|
<stockholm/lass/2configs/wine.nix>
|
||||||
../2configs/git.nix
|
<stockholm/lass/2configs/git.nix>
|
||||||
../2configs/virtualbox.nix
|
<stockholm/lass/2configs/virtualbox.nix>
|
||||||
../2configs/fetchWallpaper.nix
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
#../2configs/c-base.nix
|
<stockholm/lass/2configs/mail.nix>
|
||||||
../2configs/mail.nix
|
<stockholm/lass/2configs/repo-sync.nix>
|
||||||
../2configs/repo-sync.nix
|
<stockholm/lass/2configs/ircd.nix>
|
||||||
../2configs/ircd.nix
|
<stockholm/lass/2configs/logf.nix>
|
||||||
../2configs/logf.nix
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
../2configs/syncthing.nix
|
|
||||||
{
|
{
|
||||||
#risk of rain port
|
#risk of rain port
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
4
lass/1systems/mors/source.nix
Normal file
4
lass/1systems/mors/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "mors";
|
||||||
|
secure = true;
|
||||||
|
}
|
|
@ -4,13 +4,9 @@ with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||||
|
|
||||||
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
|
|
||||||
manageCerts
|
|
||||||
;
|
|
||||||
|
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
{
|
{
|
||||||
networking.interfaces.et0.ip4 = [
|
networking.interfaces.et0.ip4 = [
|
||||||
{
|
{
|
||||||
|
@ -26,33 +22,33 @@ in {
|
||||||
SUBSYSTEM=="net", ATTR{address}=="54:04:a6:7e:f4:06", NAME="et0"
|
SUBSYSTEM=="net", ATTR{address}=="54:04:a6:7e:f4:06", NAME="et0"
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/exim-smarthost.nix
|
<stockholm/lass/2configs/exim-smarthost.nix>
|
||||||
../2configs/downloading.nix
|
<stockholm/lass/2configs/downloading.nix>
|
||||||
../2configs/ts3.nix
|
<stockholm/lass/2configs/ts3.nix>
|
||||||
../2configs/bitlbee.nix
|
<stockholm/lass/2configs/bitlbee.nix>
|
||||||
../2configs/weechat.nix
|
<stockholm/lass/2configs/weechat.nix>
|
||||||
../2configs/privoxy-retiolum.nix
|
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
||||||
../2configs/radio.nix
|
<stockholm/lass/2configs/radio.nix>
|
||||||
../2configs/buildbot-standalone.nix
|
<stockholm/lass/2configs/buildbot-standalone.nix>
|
||||||
../2configs/repo-sync.nix
|
<stockholm/lass/2configs/repo-sync.nix>
|
||||||
../2configs/binary-cache/server.nix
|
<stockholm/lass/2configs/binary-cache/server.nix>
|
||||||
../2configs/iodined.nix
|
<stockholm/lass/2configs/iodined.nix>
|
||||||
../2configs/libvirt.nix
|
<stockholm/lass/2configs/libvirt.nix>
|
||||||
../2configs/hfos.nix
|
<stockholm/lass/2configs/hfos.nix>
|
||||||
../2configs/makefu-sip.nix
|
<stockholm/lass/2configs/makefu-sip.nix>
|
||||||
../2configs/monitoring/server.nix
|
<stockholm/lass/2configs/monitoring/server.nix>
|
||||||
../2configs/monitoring/monit-alarms.nix
|
<stockholm/lass/2configs/monitoring/monit-alarms.nix>
|
||||||
../2configs/paste.nix
|
<stockholm/lass/2configs/paste.nix>
|
||||||
../2configs/syncthing.nix
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
../2configs/coders-irc.nix
|
<stockholm/lass/2configs/coders-irc.nix>
|
||||||
../2configs/ciko.nix
|
<stockholm/lass/2configs/ciko.nix>
|
||||||
{
|
{
|
||||||
lass.pyload.enable = true;
|
lass.pyload.enable = true;
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/bepasty.nix
|
<stockholm/lass/2configs/bepasty.nix>
|
||||||
];
|
];
|
||||||
krebs.bepasty.servers."paste.r".nginx.extraConfig = ''
|
krebs.bepasty.servers."paste.r".nginx.extraConfig = ''
|
||||||
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
|
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
|
||||||
|
@ -170,8 +166,8 @@ in {
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/websites/domsen.nix
|
<stockholm/lass/2configs/websites/domsen.nix>
|
||||||
../2configs/websites/lassulus.nix
|
<stockholm/lass/2configs/websites/lassulus.nix>
|
||||||
];
|
];
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
|
||||||
|
@ -195,7 +191,7 @@ in {
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/realwallpaper.nix
|
<stockholm/lass/2configs/realwallpaper.nix>
|
||||||
];
|
];
|
||||||
services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
|
services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
|
||||||
alias /var/realwallpaper/realwallpaper.png;
|
alias /var/realwallpaper/realwallpaper.png;
|
3
lass/1systems/prism/source.nix
Normal file
3
lass/1systems/prism/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "prism";
|
||||||
|
}
|
|
@ -3,17 +3,17 @@
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/hw/tp-x220.nix
|
<stockholm/lass/2configs/hw/tp-x220.nix>
|
||||||
../2configs/baseX.nix
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
../2configs/git.nix
|
<stockholm/lass/2configs/git.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
../2configs/browsers.nix
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
../2configs/programs.nix
|
<stockholm/lass/2configs/programs.nix>
|
||||||
../2configs/fetchWallpaper.nix
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
../2configs/backups.nix
|
<stockholm/lass/2configs/backups.nix>
|
||||||
../2configs/wine.nix
|
<stockholm/lass/2configs/wine.nix>
|
||||||
#{
|
#{
|
||||||
# users.extraUsers = {
|
# users.extraUsers = {
|
||||||
# root = {
|
# root = {
|
3
lass/1systems/shodan/source.nix
Normal file
3
lass/1systems/shodan/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "shodan";
|
||||||
|
}
|
|
@ -4,9 +4,9 @@ with builtins;
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/lass>
|
||||||
../2configs/retiolum.nix
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
{
|
{
|
||||||
# locke config
|
# locke config
|
||||||
i18n.defaultLocale ="de_DE.UTF-8";
|
i18n.defaultLocale ="de_DE.UTF-8";
|
3
lass/1systems/uriel/source.nix
Normal file
3
lass/1systems/uriel/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "uriel";
|
||||||
|
}
|
|
@ -6,7 +6,6 @@ with import <stockholm/lib>;
|
||||||
../2configs/binary-cache/client.nix
|
../2configs/binary-cache/client.nix
|
||||||
../2configs/gc.nix
|
../2configs/gc.nix
|
||||||
../2configs/mc.nix
|
../2configs/mc.nix
|
||||||
../2configs/nixpkgs.nix
|
|
||||||
../2configs/vim.nix
|
../2configs/vim.nix
|
||||||
../2configs/monitoring/client.nix
|
../2configs/monitoring/client.nix
|
||||||
./htop.nix
|
./htop.nix
|
||||||
|
@ -72,16 +71,7 @@ with import <stockholm/lib>;
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
search-domain = "r";
|
search-domain = "r";
|
||||||
build = {
|
build.user = config.krebs.users.lass;
|
||||||
user = config.krebs.users.lass;
|
|
||||||
source = let inherit (config.krebs.build) host; in {
|
|
||||||
nixos-config.symlink = "stockholm/lass/1systems/${host.name}.nix";
|
|
||||||
secrets.file =
|
|
||||||
if getEnv "dummy_secrets" == "true"
|
|
||||||
then toString <stockholm/lass/2configs/tests/dummy-secrets>
|
|
||||||
else "/home/lass/secrets/${host.name}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
nix.useSandbox = true;
|
nix.useSandbox = true;
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
krebs.build.source.nixpkgs.git = {
|
|
||||||
url = https://cgit.lassul.us/nixpkgs;
|
|
||||||
ref = "d72efac";
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,6 +1,7 @@
|
||||||
_:
|
_:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
./dnsmasq.nix
|
||||||
./ejabberd
|
./ejabberd
|
||||||
./folderPerms.nix
|
./folderPerms.nix
|
||||||
./hosts.nix
|
./hosts.nix
|
||||||
|
|
24
lass/source.nix
Normal file
24
lass/source.nix
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
host@{ name, secure ? false }: let
|
||||||
|
builder = if getEnv "dummy_secrets" == "true"
|
||||||
|
then "buildbot"
|
||||||
|
else "lass";
|
||||||
|
_file = <stockholm> + "/lass/1systems/${name}/source.nix";
|
||||||
|
in
|
||||||
|
evalSource (toString _file) {
|
||||||
|
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
|
||||||
|
secrets.file = getAttr builder {
|
||||||
|
buildbot = toString <stockholm/lass/2configs/tests/dummy-secrets>;
|
||||||
|
lass = "/home/lass/secrets/${name}";
|
||||||
|
};
|
||||||
|
stockholm.file = toString <stockholm>;
|
||||||
|
nixpkgs.git = {
|
||||||
|
url = https://cgit.lassul.us/nixpkgs;
|
||||||
|
# nixos-17.03
|
||||||
|
# + copytoram:
|
||||||
|
# 87a4615 & 334ac4f
|
||||||
|
# + acme permissions for groups
|
||||||
|
# fd7a8f1
|
||||||
|
ref = "0aac3fc";
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,6 +1,9 @@
|
||||||
let
|
let
|
||||||
nixpkgs-lib = import <nixpkgs/lib>;
|
nixpkgs-lib = import <nixpkgs/lib>;
|
||||||
lib = with lib; nixpkgs-lib // builtins // {
|
lib = with lib; nixpkgs-lib // builtins // {
|
||||||
|
|
||||||
|
evalSource = import ./eval-source.nix;
|
||||||
|
|
||||||
git = import ./git.nix { inherit lib; };
|
git = import ./git.nix { inherit lib; };
|
||||||
shell = import ./shell.nix { inherit lib; };
|
shell = import ./shell.nix { inherit lib; };
|
||||||
types = nixpkgs-lib.types // import ./types.nix { inherit lib; };
|
types = nixpkgs-lib.types // import ./types.nix { inherit lib; };
|
||||||
|
|
15
lib/eval-source.nix
Normal file
15
lib/eval-source.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
eval = _file: source: evalModules {
|
||||||
|
modules = singleton {
|
||||||
|
inherit _file;
|
||||||
|
imports = map (source: { inherit source; }) (toList source);
|
||||||
|
options.source = mkOption {
|
||||||
|
type = types.attrsOf types.source;
|
||||||
|
default = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
# This function's return value can be used as pkgs.populate input.
|
||||||
|
_file: source: (eval _file source).config.source
|
|
@ -3,7 +3,7 @@ let
|
||||||
en = { enable = true;};
|
en = { enable = true;};
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/shared>
|
||||||
];
|
];
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
3
shared/1systems/test-all-krebs-modules/source.nix
Normal file
3
shared/1systems/test-all-krebs-modules/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "test-all-krebs-modules";
|
||||||
|
}
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/shared>
|
||||||
{
|
{
|
||||||
boot.loader.grub = {
|
boot.loader.grub = {
|
||||||
device = "/dev/sda";
|
device = "/dev/sda";
|
3
shared/1systems/test-arch/source.nix
Normal file
3
shared/1systems/test-arch/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "test-arch";
|
||||||
|
}
|
|
@ -7,8 +7,8 @@ let
|
||||||
gw = "168.235.148.1";
|
gw = "168.235.148.1";
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/shared>
|
||||||
../2configs/os-templates/CAC-CentOS-6.5-64bit.nix
|
<stockholm/shared/2configs/os-templates/CAC-CentOS-6.5-64bit.nix>
|
||||||
{
|
{
|
||||||
networking.interfaces.enp11s0.ip4 = [
|
networking.interfaces.enp11s0.ip4 = [
|
||||||
{
|
{
|
3
shared/1systems/test-centos6/source.nix
Normal file
3
shared/1systems/test-centos6/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "test-centos6";
|
||||||
|
}
|
|
@ -1,16 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
inherit (lib) head;
|
|
||||||
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
../.
|
|
||||||
../2configs/os-templates/CAC-CentOS-7-64bit.nix
|
|
||||||
../2configs/temp/networking.nix
|
|
||||||
../2configs/temp/dirs.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
sound.enable = false;
|
|
||||||
krebs.build.host = config.krebs.hosts.test-centos7;
|
|
||||||
}
|
|
16
shared/1systems/test-centos7/config.nix
Normal file
16
shared/1systems/test-centos7/config.nix
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (lib) head;
|
||||||
|
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
<stockholm/shared>
|
||||||
|
<stockholm/shared/2configs/os-templates/CAC-CentOS-7-64bit.nix>
|
||||||
|
<stockholm/shared/2configs/temp/networking.nix>
|
||||||
|
<stockholm/shared/2configs/temp/dirs.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
sound.enable = false;
|
||||||
|
krebs.build.host = config.krebs.hosts.test-centos7;
|
||||||
|
}
|
3
shared/1systems/test-centos7/source.nix
Normal file
3
shared/1systems/test-centos7/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "test-centos7";
|
||||||
|
}
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/shared>
|
||||||
];
|
];
|
||||||
programs.ssh.startAgent = true;
|
programs.ssh.startAgent = true;
|
||||||
programs.ssh.startAgent = false;
|
programs.ssh.startAgent = false;
|
3
shared/1systems/test-failing/source.nix
Normal file
3
shared/1systems/test-failing/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "test-failing";
|
||||||
|
}
|
|
@ -1,7 +1,7 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/shared>
|
||||||
];
|
];
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
3
shared/1systems/test-minimal-deploy/source.nix
Normal file
3
shared/1systems/test-minimal-deploy/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "test-minimal-deploy";
|
||||||
|
}
|
|
@ -4,24 +4,24 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/shared>
|
||||||
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
||||||
../2configs/collectd-base.nix
|
<stockholm/shared/2configs/collectd-base.nix>
|
||||||
../2configs/central-stats-client.nix
|
<stockholm/shared/2configs/central-stats-client.nix>
|
||||||
../2configs/save-diskspace.nix
|
<stockholm/shared/2configs/save-diskspace.nix>
|
||||||
|
|
||||||
../2configs/cgit-mirror.nix
|
<stockholm/shared/2configs/cgit-mirror.nix>
|
||||||
../2configs/graphite.nix
|
<stockholm/shared/2configs/graphite.nix>
|
||||||
../2configs/repo-sync.nix
|
<stockholm/shared/2configs/repo-sync.nix>
|
||||||
../2configs/shared-buildbot.nix
|
<stockholm/shared/2configs/shared-buildbot.nix>
|
||||||
|
|
||||||
../2configs/shack/worlddomination.nix
|
<stockholm/shared/2configs/shack/worlddomination.nix>
|
||||||
../2configs/shack/drivedroid.nix
|
<stockholm/shared/2configs/shack/drivedroid.nix>
|
||||||
# ../2configs/shack/nix-cacher.nix
|
# <stockholm/shared/2configs/shack/nix-cacher.nix>
|
||||||
../2configs/shack/mqtt_sub.nix
|
<stockholm/shared/2configs/shack/mqtt_sub.nix>
|
||||||
../2configs/shack/muell_caller.nix
|
<stockholm/shared/2configs/shack/muell_caller.nix>
|
||||||
../2configs/shack/radioactive.nix
|
<stockholm/shared/2configs/shack/radioactive.nix>
|
||||||
../2configs/shack/share.nix
|
<stockholm/shared/2configs/shack/share.nix>
|
||||||
|
|
||||||
];
|
];
|
||||||
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
# use your own binary cache, fallback use cache.nixos.org (which is used by
|
||||||
|
@ -43,6 +43,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
|
# use the up to date prism cache
|
||||||
binaryCaches = [
|
binaryCaches = [
|
||||||
"http://cache.prism.r"
|
"http://cache.prism.r"
|
||||||
"https://cache.nixos.org/"
|
"https://cache.nixos.org/"
|
3
shared/1systems/wolf/source.nix
Normal file
3
shared/1systems/wolf/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/shared/source.nix> {
|
||||||
|
name = "wolf";
|
||||||
|
}
|
|
@ -7,18 +7,6 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
# TODO rename shared user to "krebs"
|
# TODO rename shared user to "krebs"
|
||||||
krebs.build.user = mkDefault config.krebs.users.shared;
|
krebs.build.user = mkDefault config.krebs.users.shared;
|
||||||
krebs.build.source = let inherit (config.krebs.build) host user; in {
|
|
||||||
nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix";
|
|
||||||
nixpkgs.git = {
|
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
|
||||||
ref = "72c9ed78d0b1d9d5f531805ddf5bf06bfd447614"; # nixos-17.03 @ 2017-06-17
|
|
||||||
};
|
|
||||||
secrets.file =
|
|
||||||
if getEnv "dummy_secrets" == "true"
|
|
||||||
then toString <stockholm/shared/6tests/data/secrets>
|
|
||||||
else "${getEnv "HOME"}/secrets/krebs/${host.name}";
|
|
||||||
stockholm.file = getEnv "PWD";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.hostName = config.krebs.build.host.name;
|
networking.hostName = config.krebs.build.host.name;
|
||||||
|
|
||||||
|
|
19
shared/source.nix
Normal file
19
shared/source.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
host@{ name, secure ? false }: let
|
||||||
|
builder = if getEnv "dummy_secrets" == "true"
|
||||||
|
then "buildbot"
|
||||||
|
else "shared";
|
||||||
|
_file = <stockholm> + "/shared/1systems/${name}/source.nix";
|
||||||
|
in
|
||||||
|
evalSource (toString _file) {
|
||||||
|
nixos-config.symlink = "stockholm/shared/1systems/${name}/config.nix";
|
||||||
|
secrets.file = getAttr builder {
|
||||||
|
buildbot = toString <stockholm/shared/6tests/data/secrets>;
|
||||||
|
lass = "${getEnv "HOME"}/secrets/krebs/${host.name}";
|
||||||
|
};
|
||||||
|
stockholm.file = toString <stockholm>;
|
||||||
|
nixpkgs.git = {
|
||||||
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
|
ref = "72c9ed78d0b1d9d5f531805ddf5bf06bfd447614"; # nixos-17.03 @ 2017-06-17
|
||||||
|
};
|
||||||
|
}
|
13
shell.nix
13
shell.nix
|
@ -43,9 +43,11 @@ let
|
||||||
'';
|
'';
|
||||||
|
|
||||||
init.env = pkgs.writeText "init.env" /* sh */ ''
|
init.env = pkgs.writeText "init.env" /* sh */ ''
|
||||||
config=''${config-$LOGNAME/1systems/$system.nix}
|
config=''${config-$LOGNAME/1systems/$system/config.nix}
|
||||||
|
source=''${source-$LOGNAME/1systems/$system/source.nix}
|
||||||
|
|
||||||
export config
|
export config
|
||||||
|
export source
|
||||||
export system
|
export system
|
||||||
export target
|
export target
|
||||||
|
|
||||||
|
@ -85,18 +87,19 @@ let
|
||||||
};
|
};
|
||||||
populate = pkgs.writeDash "init.env.populate" ''
|
populate = pkgs.writeDash "init.env.populate" ''
|
||||||
set -efu
|
set -efu
|
||||||
${pkgs.nix}/bin/nix-instantiate \
|
_source=$(${pkgs.nix}/bin/nix-instantiate \
|
||||||
--eval \
|
--eval \
|
||||||
--json \
|
--json \
|
||||||
--readonly-mode \
|
--readonly-mode \
|
||||||
--show-trace \
|
--show-trace \
|
||||||
--strict \
|
--strict \
|
||||||
-I nixos-config="$config" \
|
-I nixos-config="$config" \
|
||||||
-E 'with import <stockholm>; config.krebs.build.source' \
|
"$source")
|
||||||
|
|
echo $_source |
|
||||||
${pkgs.populate}/bin/populate \
|
${pkgs.populate}/bin/populate \
|
||||||
"$target_user@$target_host:$target_port$target_path" \
|
"$target_user@$target_host:$target_port$target_path" \
|
||||||
>&2
|
>&2
|
||||||
|
unset _source
|
||||||
'';
|
'';
|
||||||
proxy = pkgs.writeDash "init.env.proxy" ''
|
proxy = pkgs.writeDash "init.env.proxy" ''
|
||||||
set -efu
|
set -efu
|
||||||
|
@ -109,7 +112,7 @@ let
|
||||||
NIX_PATH=$(q "$target_path") \
|
NIX_PATH=$(q "$target_path") \
|
||||||
STOCKHOLM_VERSION=$STOCKHOLM_VERSION \
|
STOCKHOLM_VERSION=$STOCKHOLM_VERSION \
|
||||||
nix-shell \
|
nix-shell \
|
||||||
--command $(q \
|
--run $(q \
|
||||||
config=$config \
|
config=$config \
|
||||||
system=$system \
|
system=$system \
|
||||||
target=$target \
|
target=$target \
|
||||||
|
|
|
@ -4,10 +4,10 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/x220.nix
|
<stockholm/tv/2configs/hw/x220.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
# TODO remove non-hardware stuff from ../2configs/hw/x220.nix
|
# TODO remove non-hardware stuff from ../2configs/hw/x220.nix
|
||||||
|
@ -58,7 +58,6 @@ with import <stockholm/lib>;
|
||||||
krebs.build = {
|
krebs.build = {
|
||||||
host = config.krebs.hosts.alnus;
|
host = config.krebs.hosts.alnus;
|
||||||
user = mkForce config.krebs.users.dv;
|
user = mkForce config.krebs.users.dv;
|
||||||
source.nixpkgs.git.ref = mkForce "9b948ea439ddbaa26740ce35543e7e35d2aa6d18";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager.enable = true;
|
4
tv/1systems/alnus/source.nix
Normal file
4
tv/1systems/alnus/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "alnus";
|
||||||
|
override.nixpkgs.git.ref = "9b948ea439ddbaa26740ce35543e7e35d2aa6d18";
|
||||||
|
}
|
|
@ -6,10 +6,10 @@ with import <stockholm/lib>;
|
||||||
krebs.build.host = config.krebs.hosts.caxi;
|
krebs.build.host = config.krebs.hosts.caxi;
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/CAC-Developer-1.nix
|
<stockholm/tv/2configs/hw/CAC-Developer-1.nix>
|
||||||
../2configs/fs/CAC-CentOS-7-64bit.nix
|
<stockholm/tv/2configs/fs/CAC-CentOS-7-64bit.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
networking = let
|
networking = let
|
3
tv/1systems/caxi/source.nix
Normal file
3
tv/1systems/caxi/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "caxi";
|
||||||
|
}
|
|
@ -6,11 +6,11 @@ with import <stockholm/lib>;
|
||||||
krebs.build.host = config.krebs.hosts.cd;
|
krebs.build.host = config.krebs.hosts.cd;
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/CAC-Developer-2.nix
|
<stockholm/tv/2configs/hw/CAC-Developer-2.nix>
|
||||||
../2configs/fs/CAC-CentOS-7-64bit.nix
|
<stockholm/tv/2configs/fs/CAC-CentOS-7-64bit.nix>
|
||||||
../2configs/exim-smarthost.nix
|
<stockholm/tv/2configs/exim-smarthost.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
3
tv/1systems/cd/source.nix
Normal file
3
tv/1systems/cd/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "cd";
|
||||||
|
}
|
|
@ -4,11 +4,11 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../../krebs
|
<stockholm/krebs>
|
||||||
../2configs
|
<stockholm/tv/2configs>
|
||||||
../3modules
|
<stockholm/tv/3modules>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.mu;
|
krebs.build.host = config.krebs.hosts.mu;
|
3
tv/1systems/mu/source.nix
Normal file
3
tv/1systems/mu/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "mu";
|
||||||
|
}
|
|
@ -6,16 +6,16 @@ with import <stockholm/lib>;
|
||||||
krebs.build.host = config.krebs.hosts.nomic;
|
krebs.build.host = config.krebs.hosts.nomic;
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/x220.nix
|
<stockholm/tv/2configs/hw/x220.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
../2configs/gitrepos.nix
|
<stockholm/tv/2configs/gitrepos.nix>
|
||||||
../2configs/im.nix
|
<stockholm/tv/2configs/im.nix>
|
||||||
../2configs/mail-client.nix
|
<stockholm/tv/2configs/mail-client.nix>
|
||||||
../2configs/nginx/public_html.nix
|
<stockholm/tv/2configs/nginx/public_html.nix>
|
||||||
../2configs/pulse.nix
|
<stockholm/tv/2configs/pulse.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
../2configs/xserver
|
<stockholm/tv/2configs/xserver>
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.luks = {
|
boot.initrd.luks = {
|
4
tv/1systems/nomic/source.nix
Normal file
4
tv/1systems/nomic/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "nomic";
|
||||||
|
secure = true;
|
||||||
|
}
|
3
tv/1systems/test/source.nix
Normal file
3
tv/1systems/test/source.nix
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "test";
|
||||||
|
}
|
|
@ -6,17 +6,17 @@ with import <stockholm/lib>;
|
||||||
krebs.build.host = config.krebs.hosts.wu;
|
krebs.build.host = config.krebs.hosts.wu;
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/w110er.nix
|
<stockholm/tv/2configs/hw/w110er.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
../2configs/gitrepos.nix
|
<stockholm/tv/2configs/gitrepos.nix>
|
||||||
../2configs/im.nix
|
<stockholm/tv/2configs/im.nix>
|
||||||
../2configs/mail-client.nix
|
<stockholm/tv/2configs/mail-client.nix>
|
||||||
../2configs/man.nix
|
<stockholm/tv/2configs/man.nix>
|
||||||
../2configs/nginx/public_html.nix
|
<stockholm/tv/2configs/nginx/public_html.nix>
|
||||||
../2configs/pulse.nix
|
<stockholm/tv/2configs/pulse.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
../2configs/xserver
|
<stockholm/tv/2configs/xserver>
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
# root
|
# root
|
4
tv/1systems/wu/source.nix
Normal file
4
tv/1systems/wu/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "wu";
|
||||||
|
secure = true;
|
||||||
|
}
|
|
@ -6,18 +6,18 @@ with import <stockholm/lib>;
|
||||||
krebs.build.host = config.krebs.hosts.xu;
|
krebs.build.host = config.krebs.hosts.xu;
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/x220.nix
|
<stockholm/tv/2configs/hw/x220.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
../2configs/gitconfig.nix
|
<stockholm/tv/2configs/gitconfig.nix>
|
||||||
../2configs/gitrepos.nix
|
<stockholm/tv/2configs/gitrepos.nix>
|
||||||
../2configs/mail-client.nix
|
<stockholm/tv/2configs/mail-client.nix>
|
||||||
../2configs/man.nix
|
<stockholm/tv/2configs/man.nix>
|
||||||
../2configs/nginx/public_html.nix
|
<stockholm/tv/2configs/nginx/public_html.nix>
|
||||||
../2configs/pulse.nix
|
<stockholm/tv/2configs/pulse.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
../2configs/binary-cache
|
<stockholm/tv/2configs/binary-cache>
|
||||||
../2configs/xserver
|
<stockholm/tv/2configs/xserver>
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
4
tv/1systems/xu/source.nix
Normal file
4
tv/1systems/xu/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "xu";
|
||||||
|
secure = true;
|
||||||
|
}
|
|
@ -12,16 +12,16 @@ with import <stockholm/lib>;
|
||||||
default = {};
|
default = {};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
../.
|
<stockholm/tv>
|
||||||
../2configs/hw/x220.nix
|
<stockholm/tv/2configs/hw/x220.nix>
|
||||||
../2configs/exim-retiolum.nix
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
../2configs/gitrepos.nix
|
<stockholm/tv/2configs/gitrepos.nix>
|
||||||
../2configs/mail-client.nix
|
<stockholm/tv/2configs/mail-client.nix>
|
||||||
../2configs/man.nix
|
<stockholm/tv/2configs/man.nix>
|
||||||
../2configs/nginx/public_html.nix
|
<stockholm/tv/2configs/nginx/public_html.nix>
|
||||||
../2configs/pulse.nix
|
<stockholm/tv/2configs/pulse.nix>
|
||||||
../2configs/retiolum.nix
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
../2configs/xserver
|
<stockholm/tv/2configs/xserver>
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
4
tv/1systems/zu/source.nix
Normal file
4
tv/1systems/zu/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
import <stockholm/tv/source.nix> {
|
||||||
|
name = "zu";
|
||||||
|
secure = true;
|
||||||
|
}
|
|
@ -6,23 +6,7 @@ with import <stockholm/lib>;
|
||||||
in {
|
in {
|
||||||
krebs.enable = true;
|
krebs.enable = true;
|
||||||
|
|
||||||
krebs.build = {
|
krebs.build.user = config.krebs.users.tv;
|
||||||
user = config.krebs.users.tv;
|
|
||||||
source = let inherit (config.krebs.build) host; in {
|
|
||||||
nixos-config.symlink = "stockholm/tv/1systems/${host.name}.nix";
|
|
||||||
secrets.file = getAttr builder {
|
|
||||||
buildbot = toString <stockholm/tv/dummy_secrets>;
|
|
||||||
tv = "/home/tv/secrets/${host.name}";
|
|
||||||
};
|
|
||||||
secrets-common.file = "/home/tv/secrets/common";
|
|
||||||
nixpkgs.git = {
|
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
|
||||||
ref = "057f89b9344e5341796046f25ae4f269be6d4529"; # nixos-17.03
|
|
||||||
};
|
|
||||||
} // optionalAttrs host.secure {
|
|
||||||
secrets-master.file = "/home/tv/secrets/master";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.hostName = config.krebs.build.host.name;
|
networking.hostName = config.krebs.build.host.name;
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
networking.wireless.enable = true;
|
networking.wireless.enable = true;
|
||||||
|
|
||||||
# Required for Centrino.
|
# Required for Centrino.
|
||||||
hardware.enableAllFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
|
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
|
||||||
|
|
||||||
|
|
27
tv/source.nix
Normal file
27
tv/source.nix
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
host@{ name, secure ? false, override ? {} }: let
|
||||||
|
builder = if getEnv "dummy_secrets" == "true"
|
||||||
|
then "buildbot"
|
||||||
|
else "tv";
|
||||||
|
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
|
||||||
|
in
|
||||||
|
evalSource (toString _file) [
|
||||||
|
{
|
||||||
|
nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix";
|
||||||
|
nixpkgs.git = {
|
||||||
|
# nixos-17.03
|
||||||
|
ref = mkDefault "1b57bf274ae5c76e91b2b264d8aa8bfcecb72102";
|
||||||
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
|
};
|
||||||
|
secrets.file = getAttr builder {
|
||||||
|
buildbot = toString <stockholm/tv/dummy_secrets>;
|
||||||
|
tv = "/home/tv/secrets/${name}";
|
||||||
|
};
|
||||||
|
secrets-common.file = "/home/tv/secrets/common";
|
||||||
|
stockholm.file = toString <stockholm>;
|
||||||
|
}
|
||||||
|
(mkIf secure {
|
||||||
|
secrets-master.file = "/home/tv/secrets/master";
|
||||||
|
})
|
||||||
|
override
|
||||||
|
]
|
Loading…
Reference in a new issue