From 6840ea1191dd7fc1ad02ae698875e044265d716b Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 00:04:04 +0200
Subject: [PATCH 01/14] tv.identity -> krebs.build + extraHosts hack
---
1systems/tv/cd.nix | 6 +--
1systems/tv/mkdir.nix | 6 +--
1systems/tv/nomic.nix | 6 +--
1systems/tv/rmdir.nix | 6 +--
1systems/tv/wu.nix | 6 +--
2configs/tv/charybdis.nix | 8 ++--
2configs/tv/consul-server.nix | 2 +-
2configs/tv/git.nix | 8 ++--
2configs/tv/identity.nix | 8 ----
3modules/krebs/default.nix | 72 ++++++++++++++++++++++++++++++++
3modules/tv/default.nix | 1 -
3modules/tv/identity.nix | 77 -----------------------------------
12 files changed, 91 insertions(+), 115 deletions(-)
delete mode 100644 2configs/tv/identity.nix
delete mode 100644 3modules/tv/identity.nix
diff --git a/1systems/tv/cd.nix b/1systems/tv/cd.nix
index c0c41e96c..4b8c40f35 100644
--- a/1systems/tv/cd.nix
+++ b/1systems/tv/cd.nix
@@ -7,6 +7,8 @@ let
in
{
+ krebs.build.host = config.krebs.hosts.cd;
+
imports = [
../../2configs/tv/CAC-Developer-2.nix
../../2configs/tv/CAC-CentOS-7-64bit.nix
@@ -32,10 +34,6 @@ in
tv.iptables.input-internet-accept-new-tcp =
singleton config.krebs.github-hosts-sync.port;
}
- {
- imports = [ ../../2configs/tv/identity.nix ];
- tv.identity.self = config.krebs.hosts.cd;
- }
{
tv.iptables = {
enable = true;
diff --git a/1systems/tv/mkdir.nix b/1systems/tv/mkdir.nix
index 113fc9596..938f50118 100644
--- a/1systems/tv/mkdir.nix
+++ b/1systems/tv/mkdir.nix
@@ -3,6 +3,8 @@
with lib;
{
+ krebs.build.host = config.krebs.hosts.mkdir;
+
imports = [
../../2configs/tv/CAC-Developer-1.nix
../../2configs/tv/CAC-CentOS-7-64bit.nix
@@ -10,10 +12,6 @@ with lib;
../../2configs/tv/consul-server.nix
../../2configs/tv/exim-smarthost.nix
../../2configs/tv/git.nix
- {
- imports = [ ../../2configs/tv/identity.nix ];
- tv.identity.self = config.krebs.hosts.mkdir;
- }
{
tv.iptables = {
enable = true;
diff --git a/1systems/tv/nomic.nix b/1systems/tv/nomic.nix
index fc58c1698..1f7f6b188 100644
--- a/1systems/tv/nomic.nix
+++ b/1systems/tv/nomic.nix
@@ -3,16 +3,14 @@
with lib;
{
+ krebs.build.host = config.krebs.hosts.nomic;
+
imports = [
../../2configs/tv/AO753.nix
../../2configs/tv/base.nix
../../2configs/tv/consul-server.nix
../../2configs/tv/exim-retiolum.nix
../../2configs/tv/git.nix
- {
- imports = [ ../../2configs/tv/identity.nix ];
- tv.identity.self = config.krebs.hosts.nomic;
- }
{
tv.iptables = {
enable = true;
diff --git a/1systems/tv/rmdir.nix b/1systems/tv/rmdir.nix
index 15d624d1c..45e9997e4 100644
--- a/1systems/tv/rmdir.nix
+++ b/1systems/tv/rmdir.nix
@@ -3,6 +3,8 @@
with lib;
{
+ krebs.build.host = config.krebs.hosts.rmdir;
+
imports = [
../../2configs/tv/CAC-Developer-1.nix
../../2configs/tv/CAC-CentOS-7-64bit.nix
@@ -10,10 +12,6 @@ with lib;
../../2configs/tv/consul-server.nix
../../2configs/tv/exim-smarthost.nix
../../2configs/tv/git.nix
- {
- imports = [ ../../2configs/tv/identity.nix ];
- tv.identity.self = config.krebs.hosts.rmdir;
- }
{
tv.iptables = {
enable = true;
diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix
index 5ca64ce9e..0b2dab9df 100644
--- a/1systems/tv/wu.nix
+++ b/1systems/tv/wu.nix
@@ -7,6 +7,8 @@ let
in
{
+ krebs.build.host = config.krebs.hosts.wu;
+
imports = [
../../2configs/tv/w110er.nix
../../2configs/tv/base.nix
@@ -16,10 +18,6 @@ in
../../2configs/tv/mail-client.nix
../../2configs/tv/xserver.nix
../../2configs/tv/synaptics.nix # TODO w110er if xserver is enabled
- {
- imports = [ ../../2configs/tv/identity.nix ];
- tv.identity.self = config.krebs.hosts.wu;
- }
{
environment.systemPackages = with pkgs; [
diff --git a/2configs/tv/charybdis.nix b/2configs/tv/charybdis.nix
index a45c7aebe..265f85132 100644
--- a/2configs/tv/charybdis.nix
+++ b/2configs/tv/charybdis.nix
@@ -123,7 +123,7 @@ let
#loadmodule "extensions/ip_cloaking.so";
serverinfo {
- name = ${toJSON (head config.tv.identity.self.nets.retiolum.aliases)};
+ name = ${toJSON (head config.krebs.build.host.nets.retiolum.aliases)};
sid = "4z3";
description = "miep!";
network_name = "irc.retiolum";
@@ -133,9 +133,9 @@ let
/* On multi-homed hosts you may need the following. These define
* the addresses we connect from to other servers. */
/* for IPv4 */
- vhost = ${concatMapStringsSep ", " toJSON config.tv.identity.self.nets.retiolum.addrs4};
+ vhost = ${concatMapStringsSep ", " toJSON config.krebs.build.host.nets.retiolum.addrs4};
/* for IPv6 */
- vhost6 = ${concatMapStringsSep ", " toJSON config.tv.identity.self.nets.retiolum.addrs6};
+ vhost6 = ${concatMapStringsSep ", " toJSON config.krebs.build.host.nets.retiolum.addrs6};
/* ssl_private_key: our ssl private key */
ssl_private_key = "/tmp/ssl.key";
@@ -240,7 +240,7 @@ let
*/
# XXX This is stupid because only one host is allowed[?]
#host = ''${concatMapStringsSep ", " toJSON (
- # config.tv.identity.self.nets.retiolum.addrs
+ # config.krebs.build.host.nets.retiolum.addrs
#)};
port = 6667;
sslport = 6697;
diff --git a/2configs/tv/consul-server.nix b/2configs/tv/consul-server.nix
index 63dabdc2a..d10f9ea75 100644
--- a/2configs/tv/consul-server.nix
+++ b/2configs/tv/consul-server.nix
@@ -4,7 +4,7 @@
tv.consul = rec {
enable = true;
- inherit (config.tv.identity) self;
+ self = config.krebs.build.host;
inherit (self) dc;
server = true;
diff --git a/2configs/tv/git.nix b/2configs/tv/git.nix
index b7f9983a1..f884ea464 100644
--- a/2configs/tv/git.nix
+++ b/2configs/tv/git.nix
@@ -6,7 +6,7 @@ let
out = {
krebs.git = {
enable = true;
- root-title = "public repositories at ${config.tv.identity.self.name}";
+ root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
inherit repos rules;
};
@@ -14,7 +14,7 @@ let
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) (
public-repos //
- optionalAttrs config.tv.identity.self.secure restricted-repos
+ optionalAttrs config.krebs.build.host.secure restricted-repos
);
rules = concatMap make-rules (attrValues repos);
@@ -55,8 +55,8 @@ let
public = true;
hooks = {
post-receive = git.irc-announce {
- # TODO make nick = config.tv.identity.self.name the default
- nick = config.tv.identity.self.name;
+ # TODO make nick = config.krebs.build.host.name the default
+ nick = config.krebs.build.host.name;
channel = "#retiolum";
server = "cd.retiolum";
};
diff --git a/2configs/tv/identity.nix b/2configs/tv/identity.nix
deleted file mode 100644
index 481ac72a6..000000000
--- a/2configs/tv/identity.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ config, ... }:
-
-{
- tv.identity = {
- enable = true;
- search = "retiolum";
- };
-}
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix
index 999e68da2..601ecf017 100644
--- a/3modules/krebs/default.nix
+++ b/3modules/krebs/default.nix
@@ -19,6 +19,21 @@ let
api = {
enable = mkEnableOption "krebs";
+ build = mkOption {
+ type = types.submodule {
+ options = {
+ host = mkOption {
+ type = types.host;
+ };
+ user = mkOption {
+ type = types.user;
+ };
+ };
+ };
+ # Define defaul value, so unset values of the submodule get reported.
+ default = {};
+ };
+
hosts = mkOption {
type = with types; attrsOf host;
};
@@ -26,12 +41,69 @@ let
users = mkOption {
type = with types; attrsOf user;
};
+
+ # XXX is there a better place to define search-domain?
+ # TODO search-domains :: listOf hostname
+ search-domain = mkOption {
+ type = types.hostname;
+ default = "";
+ example = "retiolum";
+ };
};
imp = mkMerge [
{ krebs = lass-imp; }
{ krebs = makefu-imp; }
{ krebs = tv-imp; }
+ {
+ # XXX This overlaps with krebs.retiolum
+ networking.extraHosts =
+ let
+ # TODO move domain name providers to a dedicated module
+ # providers : tree label providername
+ providers = {
+ internet = "hosts";
+ retiolum = "hosts";
+ de.viljetic = "regfish";
+ de.krebsco = "ovh";
+ };
+
+ # splitByProvider : [alias] -> set providername [alias]
+ splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {};
+
+ # providerOf : alias -> providername
+ providerOf = alias:
+ tree-get (splitString "." alias) providers;
+
+ # insert : k -> v -> set k [v] -> set k [v]
+ insert = name: value: set:
+ set // { ${name} = set.${name} or [] ++ [value]; };
+
+ # tree k v = set k (either v (tree k v))
+
+ # tree-get : [k] -> tree k v -> v
+ tree-get = path: x:
+ let
+ y = x.${last path};
+ in
+ if typeOf y != "set"
+ then y
+ else tree-get (init path) y;
+ in
+ concatStringsSep "\n" (flatten (
+ # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net:
+ mapAttrsToList (hostname: host:
+ mapAttrsToList (netname: net:
+ let
+ aliases = toString (unique (longs ++ shorts));
+ longs = (splitByProvider net.aliases).hosts;
+ shorts = map (removeSuffix ".${cfg.search-domain}") longs;
+ in
+ map (addr: "${addr} ${aliases}") net.addrs
+ ) host.nets
+ ) config.krebs.hosts
+ ));
+ }
];
lass-imp = {
diff --git a/3modules/tv/default.nix b/3modules/tv/default.nix
index e267d0b9f..bb10d8261 100644
--- a/3modules/tv/default.nix
+++ b/3modules/tv/default.nix
@@ -4,7 +4,6 @@ _:
imports = [
./consul.nix
./ejabberd.nix
- ./identity.nix
./iptables.nix
];
}
diff --git a/3modules/tv/identity.nix b/3modules/tv/identity.nix
deleted file mode 100644
index 9de432203..000000000
--- a/3modules/tv/identity.nix
+++ /dev/null
@@ -1,77 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import ../../4lib/tv { inherit lib pkgs; };
-let
- cfg = config.tv.identity;
-
- out = {
- options.tv.identity = api;
- config = mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "tv.identity";
-
- self = mkOption {
- type = types.host;
- };
-
- #others = mkOption {
- # type = types.host;
- # default = filterAttrs (name: _host: name != cfg.self.name) cfg.hosts;
- #};
-
- search = mkOption {
- type = types.hostname;
- };
- };
-
- imp = {
- networking.extraHosts =
- concatStringsSep "\n" (flatten (
- # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net:
- mapAttrsToList (hostname: host:
- mapAttrsToList (netname: net:
- let
- aliases = toString (unique (longs ++ shorts));
- longs = (splitByProvider net.aliases).hosts;
- shorts = map (removeSuffix ".${cfg.search}") longs;
- in
- map (addr: "${addr} ${aliases}") net.addrs
- ) host.nets
- ) config.krebs.hosts
- ));
- };
-
- # TODO move domain name providers to a dedicated module
- # providers : tree label providername
- providers = {
- internet = "hosts";
- retiolum = "hosts";
- de.viljetic = "regfish";
- de.krebsco = "ovh";
- };
-
- # splitByProvider : [alias] -> set providername [alias]
- splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {};
-
- # providerOf : alias -> providername
- providerOf = alias:
- tree-get (splitString "." alias) providers;
-
- # insert : k -> v -> set k [v] -> set k [v]
- insert = name: value: set:
- set // { ${name} = set.${name} or [] ++ [value]; };
-
- # tree k v = set k (either v (tree k v))
-
- # tree-get : [k] -> tree k v -> v
- tree-get = path: x:
- let
- y = x.${last path};
- in
- if typeOf y != "set"
- then y
- else tree-get (init path) y;
-in
-out
From 14250e66a7b15a6ece190ba55f672fb103eadaa3 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 00:44:24 +0200
Subject: [PATCH 02/14] krebs.users += mv
---
3modules/krebs/default.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix
index 601ecf017..23b3ab7ec 100644
--- a/3modules/krebs/default.nix
+++ b/3modules/krebs/default.nix
@@ -308,6 +308,9 @@ let
};
};
users = addNames {
+ mv = {
+ pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub;
+ };
tv = {
pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub;
};
From a489c7be84ffa76bb71542277af6c114c40961f2 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 00:44:51 +0200
Subject: [PATCH 03/14] tv: source pubkeys from registry
---
1systems/tv/cd.nix | 4 ++--
2configs/tv/base.nix | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/1systems/tv/cd.nix b/1systems/tv/cd.nix
index 4b8c40f35..fcaf19cb5 100644
--- a/1systems/tv/cd.nix
+++ b/1systems/tv/cd.nix
@@ -120,8 +120,8 @@ in
home = "/home/mv";
createHome = true;
useDefaultShell = true;
- openssh.authorizedKeys.keys = map readFile [
- ../../Zpubkeys/mv_vod.ssh.pub
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.mv.pubkey
];
};
};
diff --git a/2configs/tv/base.nix b/2configs/tv/base.nix
index 14d84c9f6..c7d3e0d2a 100644
--- a/2configs/tv/base.nix
+++ b/2configs/tv/base.nix
@@ -24,8 +24,8 @@ in
{
users.extraUsers = {
root = {
- openssh.authorizedKeys.keys = map readFile [
- ../../Zpubkeys/tv_wu.ssh.pub
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.tv.pubkey
];
};
tv = {
@@ -39,8 +39,8 @@ in
"video"
"wheel"
];
- openssh.authorizedKeys.keys = map readFile [
- ../../Zpubkeys/tv_wu.ssh.pub
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.tv.pubkey
];
};
};
From 939f1b20c2d9e7da6fbe83005057a5e14d5abf4d Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 01:05:14 +0200
Subject: [PATCH 04/14] krebs.types.user += mail
---
4lib/krebs/types.nix | 3 +++
1 file changed, 3 insertions(+)
diff --git a/4lib/krebs/types.nix b/4lib/krebs/types.nix
index ca92c6900..3d3d75a65 100644
--- a/4lib/krebs/types.nix
+++ b/4lib/krebs/types.nix
@@ -83,6 +83,9 @@ types // rec {
user = submodule {
options = {
+ mail = mkOption {
+ type = str; # TODO retiolum mail address
+ };
name = mkOption {
type = str; # TODO
};
From d03dba41d6543adc2c73a7818cd32ca79046c64b Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 01:06:13 +0200
Subject: [PATCH 05/14] krebs.users.[mt]v: set mail
---
1systems/tv/wu.nix | 2 +-
2configs/tv/base.nix | 2 +-
2configs/tv/charybdis.nix | 2 +-
2configs/tv/exim-smarthost.nix | 15 ++++++++-------
2configs/tv/smartd.nix | 2 +-
3modules/krebs/default.nix | 2 ++
6 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix
index 0b2dab9df..ccb2dd141 100644
--- a/1systems/tv/wu.nix
+++ b/1systems/tv/wu.nix
@@ -152,7 +152,7 @@ in
{
krebs.urlwatch = {
enable = true;
- mailto = "tv@wu.retiolum"; # TODO
+ mailto = config.krebs.users.tv.mail;
onCalendar = "*-*-* 05:00:00";
urls = [
## nixpkgs maintenance
diff --git a/2configs/tv/base.nix b/2configs/tv/base.nix
index c7d3e0d2a..ab6d24769 100644
--- a/2configs/tv/base.nix
+++ b/2configs/tv/base.nix
@@ -47,7 +47,7 @@ in
}
{
security.sudo.extraConfig = ''
- Defaults mailto="tv@wu.retiolum"
+ Defaults mailto="${config.krebs.users.tv.mail}"
'';
time.timeZone = "Europe/Berlin";
}
diff --git a/2configs/tv/charybdis.nix b/2configs/tv/charybdis.nix
index 265f85132..d78e162cb 100644
--- a/2configs/tv/charybdis.nix
+++ b/2configs/tv/charybdis.nix
@@ -170,7 +170,7 @@ let
admin {
name = "tv";
description = "peer";
- email = "tv@wu.retiolum";
+ mail = "${config.krebs.users.tv.mail}";
};
log {
diff --git a/2configs/tv/exim-smarthost.nix b/2configs/tv/exim-smarthost.nix
index a4c47b399..c93189b8a 100644
--- a/2configs/tv/exim-smarthost.nix
+++ b/2configs/tv/exim-smarthost.nix
@@ -11,20 +11,21 @@ in
let
retiolumHostname = "${config.networking.hostName}.retiolum";
- internet-aliases = [
- { from = "tomislav@viljetic.de"; to = "tv@wu.retiolum"; }
+ internet-aliases = with config.krebs.users; [
+ { from = "tomislav@viljetic.de"; to = tv.mail; }
# (mindestens) lisp-stammtisch und elli haben die:
- { from = "tv@viljetic.de"; to = "tv@wu.retiolum"; }
+ { from = "tv@viljetic.de"; to = tv.mail; }
- { from = "tv@destroy.dyn.shackspace.de"; to = "tv@wu.retiolum"; }
+ { from = "tv@destroy.dyn.shackspace.de"; to = tv.mail; }
- { from = "mirko@viljetic.de"; to = "mv@cd.retiolum"; }
+ { from = "mirko@viljetic.de"; to = mv.mail; }
# TODO killme (wo wird die benutzt?)
- { from = "tv@cd.retiolum"; to = "tv@wu.retiolum"; }
+ { from = "tv@cd.retiolum"; to = tv.mail; }
- { from = "postmaster@krebsco.de"; to = "tv@wu.retiolum"; }
+ # TODO lists@smtp.retiolum [consul]
+ { from = "postmaster@krebsco.de"; to = tv.mail; }
];
system-aliases = [
diff --git a/2configs/tv/smartd.nix b/2configs/tv/smartd.nix
index 2e9d955d1..9c4d8b2d8 100644
--- a/2configs/tv/smartd.nix
+++ b/2configs/tv/smartd.nix
@@ -8,7 +8,7 @@
device = "DEVICESCAN";
options = toString [
"-a"
- "-m tv@wu.retiolum"
+ "-m ${config.krebs.users.tv.mail}"
"-s (O/../.././09|S/../.././04|L/../../6/05)"
];
}
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix
index 23b3ab7ec..43e7e4c59 100644
--- a/3modules/krebs/default.nix
+++ b/3modules/krebs/default.nix
@@ -309,9 +309,11 @@ let
};
users = addNames {
mv = {
+ mail = "mv@cd.retiolum";
pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub;
};
tv = {
+ mail = "tv@wu.retiolum";
pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub;
};
};
From 4df0d6e75b7e34db2fda4c8b782b93d265475272 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 01:14:34 +0200
Subject: [PATCH 06/14] tv base: set krebs.search-domain
---
2configs/tv/base.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/2configs/tv/base.nix b/2configs/tv/base.nix
index ab6d24769..40fe9ee04 100644
--- a/2configs/tv/base.nix
+++ b/2configs/tv/base.nix
@@ -10,6 +10,7 @@ in
{
krebs.enable = true;
+ krebs.search-domain = "retiolum";
imports = [
{
From 1eb292f0c9eeb7d0fad6738bc4f06e646cae289e Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 01:29:37 +0200
Subject: [PATCH 07/14] krebs.git.repos.*.hooks: default = {}
---
2configs/tv/git.nix | 1 -
3modules/krebs/git.nix | 1 +
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/2configs/tv/git.nix b/2configs/tv/git.nix
index f884ea464..2c0cc6b14 100644
--- a/2configs/tv/git.nix
+++ b/2configs/tv/git.nix
@@ -66,7 +66,6 @@ let
make-restricted-repo = name: { desc ? null, ... }: {
inherit name desc;
public = false;
- hooks = {}; # TODO default
};
make-rules =
diff --git a/3modules/krebs/git.nix b/3modules/krebs/git.nix
index 499d33095..604645189 100644
--- a/3modules/krebs/git.nix
+++ b/3modules/krebs/git.nix
@@ -72,6 +72,7 @@ let
};
hooks = mkOption {
type = types.attrsOf types.str;
+ default = {};
description = ''
Repository-specific hooks.
'';
From 8d7c80aac644558768a689012d7b31d23f559d66 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 01:38:26 +0200
Subject: [PATCH 08/14] {1 tv * -> 2 tv base} networking.hostName
---
1systems/tv/cd.nix | 1 -
1systems/tv/mkdir.nix | 1 -
1systems/tv/nomic.nix | 2 --
1systems/tv/rmdir.nix | 1 -
1systems/tv/wu.nix | 2 --
2configs/tv/base.nix | 2 ++
6 files changed, 2 insertions(+), 7 deletions(-)
diff --git a/1systems/tv/cd.nix b/1systems/tv/cd.nix
index fcaf19cb5..6913508b5 100644
--- a/1systems/tv/cd.nix
+++ b/1systems/tv/cd.nix
@@ -84,7 +84,6 @@ in
}
];
- networking.hostName = "cd";
networking.interfaces.enp2s1.ip4 = [
{
address = "162.219.7.216";
diff --git a/1systems/tv/mkdir.nix b/1systems/tv/mkdir.nix
index 938f50118..7542ad0ce 100644
--- a/1systems/tv/mkdir.nix
+++ b/1systems/tv/mkdir.nix
@@ -38,7 +38,6 @@ with lib;
}
];
- networking.hostName = "mkdir";
networking.interfaces.enp2s1.ip4 = [
{
address = "162.248.167.241"; # TODO
diff --git a/1systems/tv/nomic.nix b/1systems/tv/nomic.nix
index 1f7f6b188..cd6e02596 100644
--- a/1systems/tv/nomic.nix
+++ b/1systems/tv/nomic.nix
@@ -97,6 +97,4 @@ with lib;
rxvt_unicode.terminfo
tmux
];
-
- networking.hostName = "nomic";
}
diff --git a/1systems/tv/rmdir.nix b/1systems/tv/rmdir.nix
index 45e9997e4..9233014ba 100644
--- a/1systems/tv/rmdir.nix
+++ b/1systems/tv/rmdir.nix
@@ -39,7 +39,6 @@ with lib;
}
];
- networking.hostName = "rmdir";
networking.interfaces.enp2s1.ip4 = [
{
address = "167.88.44.94";
diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix
index ccb2dd141..809f43c8b 100644
--- a/1systems/tv/wu.nix
+++ b/1systems/tv/wu.nix
@@ -422,8 +422,6 @@ in
hardware.opengl.driSupport32Bit = true;
hardware.pulseaudio.enable = true;
- networking.hostName = "wu";
-
environment.systemPackages = with pkgs; [
xlibs.fontschumachermisc
slock
diff --git a/2configs/tv/base.nix b/2configs/tv/base.nix
index 40fe9ee04..06f83ea9e 100644
--- a/2configs/tv/base.nix
+++ b/2configs/tv/base.nix
@@ -12,6 +12,8 @@ in
krebs.enable = true;
krebs.search-domain = "retiolum";
+ networking.hostName = config.krebs.build.host.name;
+
imports = [
{
users.extraUsers =
From fca9bf179a5cd29b6804b2e16bb21374b82876bf Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 01:46:10 +0200
Subject: [PATCH 09/14] {1 tv wu -> 2 tv} urlwatch
---
1systems/tv/wu.nix | 51 +---------------------------------------
2configs/tv/urlwatch.nix | 51 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 52 insertions(+), 50 deletions(-)
create mode 100644 2configs/tv/urlwatch.nix
diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix
index 809f43c8b..37264635b 100644
--- a/1systems/tv/wu.nix
+++ b/1systems/tv/wu.nix
@@ -18,6 +18,7 @@ in
../../2configs/tv/mail-client.nix
../../2configs/tv/xserver.nix
../../2configs/tv/synaptics.nix # TODO w110er if xserver is enabled
+ ../../2configs/tv/urlwatch.nix
{
environment.systemPackages = with pkgs; [
@@ -94,7 +95,6 @@ in
#ppp
#proot
#pythonPackages.arandr
- #pythonPackages.urlwatch
#pythonPackages.youtube-dl
#racket
#rxvt_unicode-with-plugins
@@ -149,55 +149,6 @@ in
];
};
}
- {
- krebs.urlwatch = {
- enable = true;
- mailto = config.krebs.users.tv.mail;
- onCalendar = "*-*-* 05:00:00";
- urls = [
- ## nixpkgs maintenance
-
- # 2014-07-29 when one of the following urls change
- # then we have to update the package
-
- # ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
- https://api.github.com/repos/simple-evcorr/sec/tags
-
- # ref src/nixpkgs/pkgs/tools/networking/urlwatch/default.nix
- https://thp.io/2008/urlwatch/
-
- # 2014-12-20 ref src/nixpkgs/pkgs/tools/networking/tlsdate/default.nix
- https://api.github.com/repos/ioerror/tlsdate/tags
-
- # 2015-02-18
- # ref ~/src/nixpkgs/pkgs/tools/text/qprint/default.nix
- http://www.fourmilab.ch/webtools/qprint/
-
- # 2014-09-24 ref https://github.com/4z3/xintmap
- http://www.mathstat.dal.ca/~selinger/quipper/
-
- # 2014-12-12 remove nixopsUnstable when nixops get's bumped to 1.3
- # ref https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/package-management/nixops/unstable.nix
- http://nixos.org/releases/nixops/
-
- ## other
-
- https://nixos.org/channels/nixos-unstable/git-revision
-
- ## 2014-10-17
- ## TODO update ~/src/login/default.nix
- #http://hackage.haskell.org/package/bcrypt
- #http://hackage.haskell.org/package/cron
- #http://hackage.haskell.org/package/hyphenation
- #http://hackage.haskell.org/package/iso8601-time
- #http://hackage.haskell.org/package/ixset-typed
- #http://hackage.haskell.org/package/system-command
- #http://hackage.haskell.org/package/transformers
- #http://hackage.haskell.org/package/web-routes-wai
- #http://hackage.haskell.org/package/web-page
- ];
- };
- }
{
users.extraGroups = {
tv-sub.gid = 1337;
diff --git a/2configs/tv/urlwatch.nix b/2configs/tv/urlwatch.nix
new file mode 100644
index 000000000..a69b1519c
--- /dev/null
+++ b/2configs/tv/urlwatch.nix
@@ -0,0 +1,51 @@
+{ config, ... }:
+
+{
+ krebs.urlwatch = {
+ enable = true;
+ mailto = config.krebs.users.tv.mail;
+ onCalendar = "*-*-* 05:00:00";
+ urls = [
+ ## nixpkgs maintenance
+
+ # 2014-07-29 when one of the following urls change
+ # then we have to update the package
+
+ # ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
+ https://api.github.com/repos/simple-evcorr/sec/tags
+
+ # ref src/nixpkgs/pkgs/tools/networking/urlwatch/default.nix
+ https://thp.io/2008/urlwatch/
+
+ # 2014-12-20 ref src/nixpkgs/pkgs/tools/networking/tlsdate/default.nix
+ https://api.github.com/repos/ioerror/tlsdate/tags
+
+ # 2015-02-18
+ # ref ~/src/nixpkgs/pkgs/tools/text/qprint/default.nix
+ http://www.fourmilab.ch/webtools/qprint/
+
+ # 2014-09-24 ref https://github.com/4z3/xintmap
+ http://www.mathstat.dal.ca/~selinger/quipper/
+
+ # 2014-12-12 remove nixopsUnstable when nixops get's bumped to 1.3
+ # ref https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/package-management/nixops/unstable.nix
+ http://nixos.org/releases/nixops/
+
+ ## other
+
+ https://nixos.org/channels/nixos-unstable/git-revision
+
+ ## 2014-10-17
+ ## TODO update ~/src/login/default.nix
+ #http://hackage.haskell.org/package/bcrypt
+ #http://hackage.haskell.org/package/cron
+ #http://hackage.haskell.org/package/hyphenation
+ #http://hackage.haskell.org/package/iso8601-time
+ #http://hackage.haskell.org/package/ixset-typed
+ #http://hackage.haskell.org/package/system-command
+ #http://hackage.haskell.org/package/transformers
+ #http://hackage.haskell.org/package/web-routes-wai
+ #http://hackage.haskell.org/package/web-page
+ ];
+ };
+}
From 0a5548c379a373157448c3b3798073c6d426033b Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 02:14:44 +0200
Subject: [PATCH 10/14] {3 -> 4} krebs {listset,tree}
---
3modules/krebs/default.nix | 19 ++-----------------
4lib/krebs/default.nix | 18 ++++++++++++++++++
2 files changed, 20 insertions(+), 17 deletions(-)
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix
index 43e7e4c59..33c108811 100644
--- a/3modules/krebs/default.nix
+++ b/3modules/krebs/default.nix
@@ -68,27 +68,12 @@ let
de.krebsco = "ovh";
};
- # splitByProvider : [alias] -> set providername [alias]
- splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {};
+ # splitByProvider : [alias] -> listset providername alias
+ splitByProvider = foldl (acc: alias: listset-insert (providerOf alias) alias acc) {};
# providerOf : alias -> providername
providerOf = alias:
tree-get (splitString "." alias) providers;
-
- # insert : k -> v -> set k [v] -> set k [v]
- insert = name: value: set:
- set // { ${name} = set.${name} or [] ++ [value]; };
-
- # tree k v = set k (either v (tree k v))
-
- # tree-get : [k] -> tree k v -> v
- tree-get = path: x:
- let
- y = x.${last path};
- in
- if typeOf y != "set"
- then y
- else tree-get (init path) y;
in
concatStringsSep "\n" (flatten (
# TODO deepMap ["hosts" "nets"] (hostname: host: netname: net:
diff --git a/4lib/krebs/default.nix b/4lib/krebs/default.nix
index 0c59076b6..0c42a5de3 100644
--- a/4lib/krebs/default.nix
+++ b/4lib/krebs/default.nix
@@ -12,4 +12,22 @@ builtins // lib // rec {
types = import ./types.nix { inherit lib; };
+
+ # listset k v = set k [v]
+
+ # listset-insert : k -> v -> listset k v -> listset k v
+ listset-insert = name: value: set:
+ set // { ${name} = set.${name} or [] ++ [value]; };
+
+ # tree k v = set k (either v (tree k v))
+
+ # tree-get : [k] -> tree k v -> v
+ tree-get = path: x:
+ let
+ y = x.${last path};
+ in
+ if typeOf y != "set"
+ then y
+ else tree-get (init path) y;
+
}
From 3ddc26515aa21295f89bf1c9839a18427f9f61e7 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sat, 25 Jul 2015 18:16:51 +0200
Subject: [PATCH 11/14] default.nix: retab
---
default.nix | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/default.nix b/default.nix
index 2deb7539a..49e889924 100644
--- a/default.nix
+++ b/default.nix
@@ -2,19 +2,19 @@
let
- eval = import <nixpkgs/nixos/lib/eval-config.nix> {
+ eval = import <nixpkgs/nixos/lib/eval-config.nix> {
system = builtins.currentSystem;
- modules = [
+ modules = [
(./1systems + "/${user-name}/${system-name}.nix")
- (./3modules/krebs)
- (./3modules + "/${user-name}")
- ];
- };
+ (./3modules/krebs)
+ (./3modules + "/${user-name}")
+ ];
+ };
in
{
- inherit (eval) config options;
+ inherit (eval) config options;
- system = eval.config.system.build.toplevel;
+ system = eval.config.system.build.toplevel;
}
From 3197897292f0fc8f38d30ad6ddc9742be4a7cc1d Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sun, 26 Jul 2015 12:09:55 +0200
Subject: [PATCH 12/14] 0 tv nomic nixpkgs: 6ad8fab -> 9d5508d
---
0make/tv/nomic.makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/0make/tv/nomic.makefile b/0make/tv/nomic.makefile
index 4ae1ccd10..9e0b8671b 100644
--- a/0make/tv/nomic.makefile
+++ b/0make/tv/nomic.makefile
@@ -1,4 +1,4 @@
deploy_host := root@nomic.gg23
nixpkgs_url := https://github.com/NixOS/nixpkgs
-nixpkgs_rev := 6ad8fab785695d04a6925e8b3464ca7c71a85c3f
+nixpkgs_rev := 9d5508d85c33b8fb22d79dde6176792eac2c2696
secrets_dir := /home/tv/secrets/nomic
From f811bc0144b7268031a960d85e0dfee35d5e8fed Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sun, 26 Jul 2015 14:03:39 +0200
Subject: [PATCH 13/14] 1 tv wu: systemPackages += ff
---
1systems/tv/wu.nix | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix
index 37264635b..f542581ba 100644
--- a/1systems/tv/wu.nix
+++ b/1systems/tv/wu.nix
@@ -29,6 +29,12 @@ in
Zpkgs.genid
Zpkgs.hashPassword
Zpkgs.lentil
+ (pkgs.writeScriptBin "ff" ''
+ #! ${pkgs.bash}/bin/bash
+ exec sudo -u ff -i <<EOF
+ exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
+ EOF
+ '')
# root
cryptsetup
@@ -363,7 +369,6 @@ in
};
};
- nixpkgs.config.firefox.enableAdobeFlash = true;
nixpkgs.config.chromium.enablePepperFlash = true;
nixpkgs.config.allowUnfree = true;
From cea33984057136ea0deac369650e490f420b5445 Mon Sep 17 00:00:00 2001
From: tv <tv@shackspace.de>
Date: Sun, 26 Jul 2015 14:17:39 +0200
Subject: [PATCH 14/14] 1 tv wu: systemPackages += im -= weechat
---
1systems/tv/wu.nix | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix
index f542581ba..192b65b9d 100644
--- a/1systems/tv/wu.nix
+++ b/1systems/tv/wu.nix
@@ -35,6 +35,19 @@ in
exec ${pkgs.firefoxWrapper}/bin/firefox $(printf " %q" "$@")
EOF
'')
+ (pkgs.writeScriptBin "im" ''
+ #! ${pkgs.bash}/bin/bash
+ export PATH=${makeSearchPath "bin" (with pkgs; [
+ tmux
+ gnugrep
+ weechat
+ ])}
+ if tmux list-sessions -F\#S | grep -q '^im''$'; then
+ exec tmux attach -t im
+ else
+ exec tmux new -s im weechat
+ fi
+ '')
# root
cryptsetup
@@ -62,7 +75,6 @@ in
sxiv
texLive
tmux
- weechat
zathura
Zpkgs.dic