From 550f8fce2571537b23588b41e363c27a6cd46c0e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 30 Oct 2018 22:47:57 +0100
Subject: [PATCH 01/25] krebs.tinc: add tincUpExtra
---
krebs/3modules/tinc.nix | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index b032f3148..ecd449b09 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -75,6 +75,7 @@ let
${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${netname}
${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${netname}
''}
+ ${tinc.config.tincUpExtra}
'';
description = ''
tinc-up script to be used. Defaults to setting the
@@ -83,6 +84,11 @@ let
'';
};
+ tincUpExtra = mkOption {
+ type = types.str;
+ default = "";
+ };
+
tincPackage = mkOption {
type = types.package;
default = pkgs.tinc;
From f170326b0518d28f6ac611559edf1e4cbadeadc1 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Wed, 31 Oct 2018 13:40:57 +0100
Subject: [PATCH 02/25] nixpkgs: 81f5c26 -> 06fb025
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 60307e694..b761246cd 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "81f5c2698a87c65b4970c69d472960c574ea0db4",
- "date": "2018-10-17T20:48:45-04:00",
- "sha256": "0p4x9532d3qlbykyyq8zk62k8py9mxd1s7zgbv54zmv597rs5y35",
+ "rev": "06fb0253afabb8cc7dc85db742e2de94a4d68ca0",
+ "date": "2018-10-24T10:37:15-04:00",
+ "sha256": "0jkldgvdm8pl9cfw5faw90n0qbbzrdssgwgbihk1by4xq66khf1b",
"fetchSubmodules": false
}
From 82a97181d6c20b1ceaf544d80327cce7782d9fd9 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 5 Nov 2018 10:33:28 +0100
Subject: [PATCH 03/25] nixpkgs: 06fb025 -> bf7930d
---
krebs/nixpkgs.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index b761246cd..e013645ea 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "06fb0253afabb8cc7dc85db742e2de94a4d68ca0",
- "date": "2018-10-24T10:37:15-04:00",
- "sha256": "0jkldgvdm8pl9cfw5faw90n0qbbzrdssgwgbihk1by4xq66khf1b",
+ "rev": "bf7930d582bcf7953c3b87e649858f3f1873eb9c",
+ "date": "2018-11-04T19:36:25+01:00",
+ "sha256": "0nvn6g0pxp0glqjg985qxs7ash0cmcdc80h8jxxk6z4pnr3f2n1m",
"fetchSubmodules": false
}
From 69adc5dc17d9f9b9df605eada6a433545ff987dc Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 8 Nov 2018 19:09:11 +0100
Subject: [PATCH 04/25] tv q: add utcdate
---
tv/5pkgs/simple/q/default.nix | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/tv/5pkgs/simple/q/default.nix b/tv/5pkgs/simple/q/default.nix
index 655c75e1b..cbcec1bae 100644
--- a/tv/5pkgs/simple/q/default.nix
+++ b/tv/5pkgs/simple/q/default.nix
@@ -71,6 +71,11 @@ let
'+�[1m%Y-%m-%d�[;30mT�[;38;5;088m%H:%M�[m:%S%:z'
'';
+ q-utcdate = ''
+ ${pkgs.coreutils}/bin/date -u \
+ '+�[1m%Y-%m-%d�[;30mT�[;38;5;065m%H:%M�[m:%S%:z'
+ '';
+
q-gitdir = ''
if test -d .git; then
#git status --porcelain
@@ -295,6 +300,7 @@ pkgs.writeBashBin "q" ''
set -eu
export PATH=/var/empty
${q-cal}
+ ${q-utcdate}
${q-isodate}
${q-sgtdate}
(${q-gitdir}) &
From 9a801fa642a60a2c46240670b4e3ad66ea77d995 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 8 Nov 2018 19:25:24 +0100
Subject: [PATCH 05/25] tv mu: replace disk
---
tv/1systems/mu/config.nix | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index c26d4ab30..a653ce40d 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -15,7 +15,7 @@ with import <stockholm/lib>;
# hardware configuration
boot.initrd.luks.devices.muca = {
- device = "/dev/disk/by-uuid/a8796bb3-6c03-4ddf-b2e4-c2e44c51d352";
+ device = "/dev/disk/by-uuid/7b24a931-40b6-44a6-ba22-c805cf164e91";
};
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "xts" ];
boot.initrd.availableKernelModules = [ "ahci" ];
@@ -25,16 +25,17 @@ with import <stockholm/lib>;
fileSystems = {
"/" = {
device = "/dev/mapper/muvga-root";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ fsType = "ext4";
+ options = [ "defaults" "discard" ];
};
"/home" = {
device = "/dev/mapper/muvga-home";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ fsType = "ext4";
+ options = [ "defaults" "discard" ];
};
"/boot" = {
- device = "/dev/disk/by-uuid/DC38-F165";
+ device = "/dev/disk/by-uuid/CEB1-9743";
+ fsType = "vfat";
};
};
From 70bffd8b90a7740546a20dbbdd6730ab00c7158b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 18:47:06 +0100
Subject: [PATCH 06/25] hotdog.r: remove import of gitlab-runner-shackspace
---
krebs/1systems/hotdog/config.nix | 1 -
1 file changed, 1 deletion(-)
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 0a848426c..cf72e0d73 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -10,7 +10,6 @@
<stockholm/krebs/2configs>
<stockholm/krebs/2configs/buildbot-stockholm.nix>
- <stockholm/krebs/2configs/gitlab-runner-shackspace.nix>
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/ircd.nix>
<stockholm/krebs/2configs/reaktor-retiolum.nix>
From 6416e2637665a99c7efc07d036a023463500fefe Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 18:47:34 +0100
Subject: [PATCH 07/25] realwallpaper: e056328 -> 847faeb
---
krebs/5pkgs/simple/realwallpaper/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix
index 15cc277a5..7c9812117 100644
--- a/krebs/5pkgs/simple/realwallpaper/default.nix
+++ b/krebs/5pkgs/simple/realwallpaper/default.nix
@@ -5,8 +5,8 @@ stdenv.mkDerivation {
src = fetchgit {
url = https://github.com/Lassulus/realwallpaper;
- rev = "e0563289c2ab592b669ce4549fc40130246e9d79";
- sha256 = "1zgk8ips2d686216h203w62wrw7zy9z0lrndx9f8z6f1vpvjcmqc";
+ rev = "847faebc9b7e87e4bea078e3a2304ec00b4cdfc0";
+ sha256 = "10zihkwj9vpshlxw2jk67zbsy8g4i8b1y4jzna9fdcsgn7s12jrr";
};
phases = [
From df660ff2fa05a624903b0b8c93b84c2fef3eb4e8 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 18:49:05 +0100
Subject: [PATCH 08/25] l archprism.r: new hfos ip
---
lass/1systems/archprism/config.nix | 4 ++--
lass/1systems/archprism/physical.nix | 20 ++++++++++----------
2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/lass/1systems/archprism/config.nix b/lass/1systems/archprism/config.nix
index 0a286c6f0..e6eddf8b2 100644
--- a/lass/1systems/archprism/config.nix
+++ b/lass/1systems/archprism/config.nix
@@ -36,10 +36,10 @@ with import <stockholm/lib>;
# TODO write function for proxy_pass (ssl/nonssl)
krebs.iptables.tables.filter.FORWARD.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
+ { v6 = false; precedence = 1000; predicate = "-d 192.168.122.179"; target = "ACCEPT"; }
];
krebs.iptables.tables.nat.PREROUTING.rules = [
- { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
+ { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; }
];
}
{
diff --git a/lass/1systems/archprism/physical.nix b/lass/1systems/archprism/physical.nix
index 56348d0ab..36de7dc17 100644
--- a/lass/1systems/archprism/physical.nix
+++ b/lass/1systems/archprism/physical.nix
@@ -14,16 +14,16 @@
};
};
# TODO use this network config
- #networking.interfaces.et0.ipv4.addresses = [
- # {
- # address = config.krebs.build.host.nets.internet.ip4.addr;
- # prefixLength = 27;
- # }
- # {
- # address = "46.4.114.243";
- # prefixLength = 27;
- # }
- #];
+ networking.interfaces.eth0.ipv4.addresses = [
+ {
+ address = config.krebs.build.host.nets.internet.ip4.addr;
+ prefixLength = 27;
+ }
+ {
+ address = "46.4.114.243";
+ prefixLength = 27;
+ }
+ ];
#networking.defaultGateway = "46.4.114.225";
#networking.nameservers = [
# "8.8.8.8"
From 3902f97c56cd374c67374b57357811621d8cec29 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 18:53:16 +0100
Subject: [PATCH 09/25] l prism.r: remove deprecated grub workaround
---
lass/1systems/prism/config.nix | 2 --
1 file changed, 2 deletions(-)
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index bf7de6fc5..01479b69c 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -349,8 +349,6 @@ with import <stockholm/lib>;
];
krebs.build.host = config.krebs.hosts.prism;
- # workaround because grub store paths are broken
- boot.copyKernels = true;
services.earlyoom = {
enable = true;
freeMemThreshold = 5;
From cf22b956cd0f11a25c09c6e04b440dd456a23e03 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 18:56:25 +0100
Subject: [PATCH 10/25] l prism.r: new physical host
---
lass/1systems/prism/physical.nix | 119 +++++++++++++------------------
1 file changed, 49 insertions(+), 70 deletions(-)
diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 56348d0ab..4388c13fa 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -1,77 +1,56 @@
{ config, lib, pkgs, ... }:
+
{
+
imports = [
./config.nix
- {
- boot.kernelParams = [ "net.ifnames=0" ];
- networking = {
- defaultGateway = "46.4.114.225";
- # Use google's public DNS server
- nameservers = [ "8.8.8.8" ];
- interfaces.eth0 = {
- ipAddress = "46.4.114.247";
- prefixLength = 27;
- };
- };
- # TODO use this network config
- #networking.interfaces.et0.ipv4.addresses = [
- # {
- # address = config.krebs.build.host.nets.internet.ip4.addr;
- # prefixLength = 27;
- # }
- # {
- # address = "46.4.114.243";
- # prefixLength = 27;
- # }
- #];
- #networking.defaultGateway = "46.4.114.225";
- #networking.nameservers = [
- # "8.8.8.8"
- #];
- #services.udev.extraRules = ''
- # SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
- #'';
- }
- {
- imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
-
- networking.hostId = "fb4173ea";
- boot.loader.grub = {
- devices = [
- "/dev/sda"
- "/dev/sdb"
- ];
- splashImage = null;
- };
-
- boot.initrd.availableKernelModules = [
- "ata_piix"
- "vmw_pvscsi"
- "ahci" "sd_mod"
- ];
-
- boot.kernelModules = [ "kvm-intel" ];
-
- sound.enable = false;
- nixpkgs.config.allowUnfree = true;
- time.timeZone = "Europe/Berlin";
-
- fileSystems."/" = {
- device = "rpool/root/nixos";
- fsType = "zfs";
- };
-
- fileSystems."/home" = {
- device = "rpool/home";
- fsType = "zfs";
- };
-
- fileSystems."/boot" = {
- device = "/dev/disk/by-uuid/b67c3370-1597-4ce8-8a46-e257ca32150d";
- fsType = "ext4";
- };
-
- }
+ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
+ boot.kernelModules = [ "kvm-intel" ];
+
+ fileSystems."/" = {
+ device = "rpool/root/nixos";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/d155d6ff-8e89-4876-a9e7-d1b7ba6a4804";
+ fsType = "ext4";
+ };
+
+ fileSystems."/srv/http" = {
+ device = "tank/srv-http";
+ fsType = "zfs";
+ };
+
+ fileSystems."/var/lib/containers" = {
+ device = "tank/containers";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home" = {
+ device = "tank/home";
+ fsType = "zfs";
+ };
+
+ nix.maxJobs = lib.mkDefault 8;
+ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.devices = [ "/dev/sda" "/dev/sdb" ];
+
+ boot.kernelParams = [ "net.ifnames=0" ];
+ networking = {
+ hostId = "2283aaae";
+ defaultGateway = "95.216.1.129";
+ # Use google's public DNS server
+ nameservers = [ "8.8.8.8" ];
+ interfaces.eth0 = {
+ ipAddress = "95.216.1.150";
+ prefixLength = 26;
+ };
+ };
}
From 2912ca43a9607f88780535fc32c5ad0a43d7bd3a Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:00:04 +0100
Subject: [PATCH 11/25] l blue: add l-gen-secrets
---
lass/2configs/blue.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix
index 68f2256cf..4d4a92eb9 100644
--- a/lass/2configs/blue.nix
+++ b/lass/2configs/blue.nix
@@ -15,6 +15,7 @@ with (import <stockholm/lib>);
dic
nmap
git-preview
+ l-gen-secrets
];
services.tor.enable = true;
From 95c9cd185bdd29b19454a771d5a98d7c594d7cdb Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:02:49 +0100
Subject: [PATCH 12/25] l ciko: chmod +x
---
lass/2configs/ciko.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lass/2configs/ciko.nix b/lass/2configs/ciko.nix
index b08cf9307..6818db460 100644
--- a/lass/2configs/ciko.nix
+++ b/lass/2configs/ciko.nix
@@ -19,5 +19,9 @@ with import <stockholm/lib>;
"slash16.net"
];
};
+
+ system.activationScripts.user-shadow = ''
+ ${pkgs.coreutils}/bin/chmod +x /home/ciko
+ '';
}
From 4a5608ba7bb92450ca5c3ef5567818d65b0330a9 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:03:08 +0100
Subject: [PATCH 13/25] l: add neocron@lassul.us
---
lass/2configs/exim-smarthost.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 6ef3c8595..733115a74 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -90,6 +90,7 @@ with import <stockholm/lib>;
{ from = "afra@lassul.us"; to = lass.mail; }
{ from = "ksp@lassul.us"; to = lass.mail; }
{ from = "ccc@lassul.us"; to = lass.mail; }
+ { from = "neocron@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
From 93b4db56dfbb4981e5732cad981fba899c1309ce Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:03:43 +0100
Subject: [PATCH 14/25] l games: add steam-run & dolphinEmu to pkgs
---
lass/2configs/games.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 17c3cf3be..49602898e 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -75,6 +75,8 @@ in {
packages = with pkgs; [
ftb
minecraft
+ steam-run
+ dolphinEmu
];
};
};
From ab6b32baa7282a5127def657dc0e595464b0bf9c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:13:01 +0100
Subject: [PATCH 15/25] l git: chmod +x /var/spool
---
lass/2configs/git.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index c5b5c01fb..62173e33f 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -21,6 +21,10 @@ let
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
];
+
+ system.activationScripts.spool-chmod = ''
+ ${pkgs.coreutils}/bin/chmod +x /var/spool
+ '';
};
cgit-clear-cache = pkgs.cgit-clear-cache.override {
From 1c473c7c203e30aa7f48715c965786350084f901 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:15:11 +0100
Subject: [PATCH 16/25] l mail: add nix@lassul.us to nix ml
---
lass/2configs/mail.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index e50689254..46939c97e 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -51,7 +51,7 @@ let
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
lugs = [ "to:lugs@lug-s.org" ];
- nix-devel = [ "to:nix-devel@googlegroups.com" ];
+ nix = [ "to:nix-devel@googlegroups.com" "to:nix@lassul.us" ];
patreon = [ "to:patreon@lassul.us" ];
paypal = [ "to:paypal@lassul.us" ];
ptl = [ "to:ptl@posttenebraslab.ch" ];
From 70c12e9b021d2b5e532110713a6456ab312f6b64 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:38:54 +0100
Subject: [PATCH 17/25] l sqlBackup: remove mysql_password
---
lass/2configs/websites/sqlBackup.nix | 1 -
1 file changed, 1 deletion(-)
diff --git a/lass/2configs/websites/sqlBackup.nix b/lass/2configs/websites/sqlBackup.nix
index 2fffa6cc9..897e35e61 100644
--- a/lass/2configs/websites/sqlBackup.nix
+++ b/lass/2configs/websites/sqlBackup.nix
@@ -11,7 +11,6 @@
enable = true;
dataDir = "/var/mysql";
package = pkgs.mariadb;
- rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
};
systemd.services.mysql = {
From 62aebdf0584ee8c512da2f9a8d12d87995266484 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sat, 10 Nov 2018 19:39:07 +0100
Subject: [PATCH 18/25] l ejabberd: allow registration
---
lass/3modules/ejabberd/config.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lass/3modules/ejabberd/config.nix b/lass/3modules/ejabberd/config.nix
index 68bcfa340..e7288313a 100644
--- a/lass/3modules/ejabberd/config.nix
+++ b/lass/3modules/ejabberd/config.nix
@@ -96,9 +96,9 @@ in /* yaml */ ''
mod_privacy: {}
mod_private: {}
mod_register:
- access_from: deny
+ access_from: allow
access: register
- ip_access: trusted_network
+ # ip_access: trusted_network
registration_watchers: ${toJSON config.registration_watchers}
mod_roster: {}
mod_shared_roster: {}
From dfb9c237607b73f00cd52ca5c5b731f45d83f932 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 10 Nov 2018 20:06:31 +0100
Subject: [PATCH 19/25] krebs: add youtube@eloop.org
---
krebs/3modules/default.nix | 1 +
1 file changed, 1 insertion(+)
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 8f2e22acf..ca67ce65c 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -201,6 +201,7 @@ let
"cfp@eloop.org" = eloop-ml;
"kontakt@eloop.org" = eloop-ml;
"root@eloop.org" = eloop-ml;
+ "youtube@eloop.org" = eloop-ml;
"eloop2016@krebsco.de" = eloop-ml;
"eloop2017@krebsco.de" = eloop-ml;
"postmaster@krebsco.de" = spam-ml; # RFC 822
From cd720e1a9ed12413504ddae2d381279ec30ce24a Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Sat, 10 Nov 2018 20:18:41 +0100
Subject: [PATCH 20/25] l: add cache.krebsco.de & cache.lassul.us
---
krebs/3modules/lass/default.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 9b9f052a5..08fd85737 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -17,6 +17,7 @@ with import <stockholm/lib>;
"krebsco.de" = ''
prism IN A ${nets.internet.ip4.addr}
paste IN A ${nets.internet.ip4.addr}
+ cache IN A ${nets.internet.ip4.addr}
'';
"lassul.us" = ''
$TTL 3600
@@ -34,6 +35,7 @@ with import <stockholm/lib>;
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
From f2dd2793cd1dad28a65d78d307e59b74fb63f23c Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Sat, 10 Nov 2018 20:29:39 +0100
Subject: [PATCH 21/25] l dns-stuff: sort
---
krebs/3modules/lass/default.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 08fd85737..836ecb3f6 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -15,9 +15,9 @@ with import <stockholm/lib>;
cores = 4;
extraZones = {
"krebsco.de" = ''
- prism IN A ${nets.internet.ip4.addr}
- paste IN A ${nets.internet.ip4.addr}
cache IN A ${nets.internet.ip4.addr}
+ paste IN A ${nets.internet.ip4.addr}
+ prism IN A ${nets.internet.ip4.addr}
'';
"lassul.us" = ''
$TTL 3600
@@ -28,14 +28,14 @@ with import <stockholm/lib>;
60 IN TXT v=spf1 mx a:lassul.us -all
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"
+ cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
io 60 IN NS ions.lassul.us.
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
- paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
- cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
From 96a3e3c35d305699b7f279c3ea2fd0a18c8d6e97 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Sat, 10 Nov 2018 21:46:35 +0100
Subject: [PATCH 22/25] l realwallpaper: serve realwallpaper-krebs.png
---
lass/2configs/realwallpaper.nix | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix
index 116d66276..16b999817 100644
--- a/lass/2configs/realwallpaper.nix
+++ b/lass/2configs/realwallpaper.nix
@@ -22,10 +22,7 @@ in {
locations."/realwallpaper.png".extraConfig = ''
root /var/realwallpaper/;
'';
- locations."/realwallpaper-sat.png".extraConfig = ''
- root /var/realwallpaper/;
- '';
- locations."/realwallpaper-sat-krebs.png".extraConfig = ''
+ locations."/realwallpaper-krebs.png".extraConfig = ''
root /var/realwallpaper/;
'';
};
From 271871090289d166ea34ae41df63eaa1cf26da19 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Sat, 10 Nov 2018 21:45:27 +0100
Subject: [PATCH 23/25] l & m: fetchWallpaper: fetch realwallpaper-krebs.png
---
lass/2configs/fetchWallpaper.nix | 2 +-
makefu/2configs/fetchWallpaper.nix | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix
index 31a01c754..e756c3424 100644
--- a/lass/2configs/fetchWallpaper.nix
+++ b/lass/2configs/fetchWallpaper.nix
@@ -6,7 +6,7 @@ in {
krebs.fetchWallpaper = {
enable = true;
unitConfig.ConditionPathExists = "!/var/run/ppp0.pid";
- url = "prism/realwallpaper-sat-krebs.png";
+ url = "prism/realwallpaper-krebs.png";
maxTime = 10;
};
}
diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix
index 16a7a13b2..f63417e8f 100644
--- a/makefu/2configs/fetchWallpaper.nix
+++ b/makefu/2configs/fetchWallpaper.nix
@@ -8,7 +8,7 @@
timerConfig = {
OnCalendar = "*:0/30";
};
- url = "http://prism.r/realwallpaper-sat-krebs.png";
+ url = "http://prism.r/realwallpaper-krebs.png";
};
}
From d41f85b671433be0576f03554e92d4756e608c75 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Sat, 10 Nov 2018 21:45:52 +0100
Subject: [PATCH 24/25] l binary-cache: serve under
cache.{krebsco.de,lassul.us}
---
lass/2configs/binary-cache/server.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix
index 991bbeb54..220e41d0a 100644
--- a/lass/2configs/binary-cache/server.nix
+++ b/lass/2configs/binary-cache/server.nix
@@ -20,7 +20,7 @@
services.nginx = {
enable = true;
virtualHosts.nix-serve = {
- serverAliases = [ "cache.prism.r" ];
+ serverAliases = [ "cache.prism.r" "cache.krebsco.de" "cache.lassul.us" ];
locations."/".extraConfig = ''
proxy_pass http://localhost:${toString config.services.nix-serve.port};
'';
From 30a6c5219a120b7323e46c621a21da7ab8fc1d29 Mon Sep 17 00:00:00 2001
From: lassulus <lass@blue.r>
Date: Sat, 10 Nov 2018 21:46:12 +0100
Subject: [PATCH 25/25] l realwallpaper: chmod +x
---
lass/2configs/realwallpaper.nix | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix
index 16b999817..e0cb37f67 100644
--- a/lass/2configs/realwallpaper.nix
+++ b/lass/2configs/realwallpaper.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
let
hostname = config.krebs.build.host.name;
@@ -9,6 +9,9 @@ let
in {
krebs.realwallpaper.enable = true;
+ system.activationScripts.user-shadow = ''
+ ${pkgs.coreutils}/bin/chmod +x /var/realwallpaper
+ '';
services.nginx.virtualHosts.wallpaper = {
extraConfig = ''
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {