makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'ni/master'

Browse source
This commit is contained in:
lassulus 2022-12-08 13:11:27 +01:00
parent ac32440c0b f8fdd76e71
commit d7341bbff6
6 changed files with 65 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
krebs/3modules/exim-smarthost.nix
View file

@ -12,6 +12,8 @@ let
api = { api = {
enable = mkEnableOption "krebs.exim-smarthost"; enable = mkEnableOption "krebs.exim-smarthost";
enableSPFVerification = mkEnableOption "SPF verification";
authenticators = mkOption { authenticators = mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = {}; default = {};
@ -126,8 +128,9 @@ let
domainlist sender_domains = ${concatStringsSep ":" cfg.sender_domains} domainlist sender_domains = ${concatStringsSep ":" cfg.sender_domains}
hostlist relay_from_hosts = <;${concatStringsSep ";" cfg.relay_from_hosts} hostlist relay_from_hosts = <;${concatStringsSep ";" cfg.relay_from_hosts}
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data acl_smtp_data = acl_check_data
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
never_users = root never_users = root
@ -179,6 +182,41 @@ let
accept accept
acl_check_mail:
${if cfg.enableSPFVerification then indent /* exim */ ''
accept
authenticated = *
accept
hosts = +relay_from_hosts
deny
spf = fail : softfail
log_message = spf=$spf_result
message = SPF validation failed: \
$sender_host_address is not allowed to send mail from \
''${if def:sender_address_domain\
{$sender_address_domain}\
{$sender_helo_name}}
deny
spf = permerror
log_message = spf=$spf_result
message = SPF validation failed: \
syntax error in SPF record(s) for \
''${if def:sender_address_domain\
{$sender_address_domain}\
{$sender_helo_name}}
defer
spf = temperror
log_message = spf=$spf_result; deferred
message = temporary error during SPF validation; \
please try again later
warn
spf = none : neutral
log_message = spf=$spf_result
accept
add_header = $spf_received
'' else indent /* exim */ ''
accept
''}
begin routers begin routers

21
krebs/3modules/htgen.nix
View file

@ -2,6 +2,12 @@
with import <stockholm/lib>; with import <stockholm/lib>;
let let
optionalAttr = name: value:
if name != null then
{ ${name} = value; }
else
{};
cfg = config.krebs.htgen; cfg = config.krebs.htgen;
out = { out = {
@ -30,8 +36,15 @@ let
}; };
script = mkOption { script = mkOption {
type = types.str; type = types.nullOr types.str;
default = null;
}; };
scriptFile = mkOption {
type = types.nullOr types.str;
default = null;
};
user = mkOption { user = mkOption {
type = types.user; type = types.user;
default = { default = {
@ -54,8 +67,10 @@ let
after = [ "network.target" ]; after = [ "network.target" ];
environment = { environment = {
HTGEN_PORT = toString htgen.port; HTGEN_PORT = toString htgen.port;
HTGEN_SCRIPT = htgen.script; }
}; // optionalAttr "HTGEN_SCRIPT" htgen.script
// optionalAttr "HTGEN_SCRIPT_FILE" htgen.scriptFile
;
serviceConfig = { serviceConfig = {
SyslogIdentifier = "htgen"; SyslogIdentifier = "htgen";
User = htgen.user.name; User = htgen.user.name;

7
krebs/5pkgs/simple/htgen/default.nix
View file

@ -1,13 +1,12 @@
{ fetchgit, lib, pkgs, stdenv }: { fetchgit, lib, pkgs, stdenv }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "htgen"; pname = "htgen";
version = "1.3.1"; version = "1.4.0";
#src = <htgen>;
src = fetchgit { src = fetchgit {
url = "http://cgit.krebsco.de/htgen"; url = "https://cgit.krebsco.de/htgen";
rev = "refs/tags/${version}"; rev = "refs/tags/${version}";
sha256 = "0ml8kp89bwkrwy6iqclzyhxgv2qn9dcpwaafbmsr4mgcl70zx22r"; sha256 = "1k6xdr4g1p2wjiyizwh33ihw3azbar7kmhyxywcq0whpip9inpmj";
}; };
installPhase = '' installPhase = ''

3
tv/2configs/hw/x220.nix
View file

@ -61,6 +61,9 @@ in
emulateWheel = true; emulateWheel = true;
}; };
# Conflicts with TLP, but gets enabled by DEs.
services.power-profiles-daemon.enable = false;
services.tlp.enable = true; services.tlp.enable = true;
services.tlp.settings = { services.tlp.settings = {
START_CHARGE_THRESH_BAT0 = 80; START_CHARGE_THRESH_BAT0 = 80;

4
tv/2configs/imgur.nix
View file

@ -18,8 +18,6 @@ with import <stockholm/lib>;
krebs.htgen.imgur = { krebs.htgen.imgur = {
port = 7771; port = 7771;
script = /* sh */ '' scriptFile = "${pkgs.htgen-imgur}/bin/htgen-imgur";
(. ${pkgs.htgen-imgur}/bin/htgen-imgur)
'';
}; };
} }

2
tv/5pkgs/simple/imagescan-plugin-networkscan.nix
View file

@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
preFixup = '' preFixup = ''
patchelf --set-interpreter \ patchelf --set-interpreter \
${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \ ${pkgs.pkgsi686Linux.glibc}/lib/ld-linux-x86-64.so.2 \
$out/lib/utsushi/networkscan $out/lib/utsushi/networkscan
# libstdc++.so.6 # libstdc++.so.6