Merge remote-tracking branch 'cd/master'

This commit is contained in:
makefu 2015-12-26 10:51:18 +01:00
commit ed4db71add
29 changed files with 82 additions and 92 deletions

View file

@ -1,19 +1,8 @@
{ config, pkgs,lib, ... }:
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkIf
mkOption
types
singleton
isString
optionalString
concatStrings
escapeShellArg
;
ReaktorConfig = pkgs.writeText "config.py" ''
${if (isString cfg.overrideConfig ) then ''
# Overriden Config
@ -94,10 +83,9 @@ let
imp = {
# for reaktor get-config
users.extraUsers = singleton {
users.extraUsers = singleton rec {
name = "Reaktor";
# uid = config.ids.uids.Reaktor;
uid = 2066439104; #genid Reaktor
uid = genid name;
description = "Reaktor user";
home = cfg.workdir;
createHome = true;

View file

@ -119,16 +119,14 @@ let
imp = {
users.extraUsers.acng = {
# uid = config.ids.uids.acng;
uid = 897955083; #genid Reaktor
uid = genid "acng";
description = "apt-cacher-ng";
home = acng-home;
createHome = false;
};
users.extraGroups.acng = {
gid = 897955083; #genid Reaktor
# gid = config.ids.gids.Reaktor;
gid = genid "acng";
};
systemd.services.apt-cacher-ng = {

View file

@ -130,12 +130,12 @@ let
) cfg.servers;
users.extraUsers.bepasty = {
uid = 2796546855; #genid bepasty
uid = genid "bepasty";
group = "bepasty";
home = "/var/lib/bepasty-server";
};
users.extraGroups.bepasty = {
gid = 2796546855; #genid bepasty
gid = genid "bepasty";
};
};

View file

@ -127,7 +127,7 @@ let
imp = {
users.extraUsers.buildbotSlave = {
uid = 1408105834; #genid buildbotMaster
uid = genid "buildbotSlave";
description = "Buildbot Slave";
home = cfg.workDir;
createHome = false;

View file

@ -51,7 +51,7 @@ let
imp = {
users.users.fetchWallpaper = {
name = "fetchWallpaper";
uid = 3332383611; #genid fetchWallpaper
uid = genid "fetchWallpaper";
description = "fetchWallpaper user";
home = cfg.stateDir;
createHome = true;

View file

@ -145,14 +145,14 @@ let
]) (filter (x: hasAttr "allow-receive-ref" x.perm) cfg.rules));
};
users.extraUsers = singleton {
users.extraUsers = singleton rec {
description = "Git repository hosting user";
name = "git";
shell = "/bin/sh";
openssh.authorizedKeys.keys =
mapAttrsToList (_: makeAuthorizedKey git-ssh-command)
config.krebs.users;
uid = 129318403; # genid git
uid = genid name;
};
};
@ -238,9 +238,9 @@ let
};
};
fcgitwrap-user = {
fcgitwrap-user = rec {
name = "fcgiwrap";
uid = 2867890860; # genid fcgiwrap
uid = genid name;
group = "fcgiwrap";
};

View file

@ -56,9 +56,9 @@ let
};
};
user = {
user = rec {
name = "github-hosts-sync";
uid = 3220554646; # genid github-hosts-sync
uid = genid name;
};
# TODO move to lib?

View file

@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }:
with builtins;
with lib;
let
@ -31,9 +30,9 @@ let
bind = mkDefault "127.0.0.1";
};
users.extraUsers.go = {
users.extraUsers.go = rec {
name = "go";
uid = 42774411; #genid go
uid = genid name;
description = "go url shortener user";
home = "/var/lib/go";
createHome = true;

View file

@ -1,13 +1,7 @@
arg@{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib)
mkEnableOption
mkOption
types
mkIf
;
cfg = config.krebs.realwallpaper;
out = {
@ -89,7 +83,7 @@ let
};
users.extraUsers.realwallpaper = {
uid = 2009435407; #genid realwallpaper
uid = genid "realwallpaper";
home = cfg.workingDir;
createHome = true;
};

View file

@ -133,9 +133,9 @@ let
};
};
user = {
user = rec {
name = "retiolum";
uid = 301281149; # genid retiolum
uid = genid name;
};
tinc = cfg.tincPackage;

View file

@ -120,7 +120,7 @@ let
};
users.extraUsers.tinc_graphs = {
uid = 3925439960; #genid tinc_graphs
uid = genid "tinc_graphs";
home = "/var/spool/tinc_graphs";
};

View file

@ -5,7 +5,6 @@
# cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}"
# TODO hooks.py
with builtins;
with lib;
let
cfg = config.krebs.urlwatch;
@ -136,9 +135,9 @@ let
};
};
user = {
user = rec {
name = "urlwatch";
uid = 3467631196; # genid urlwatch
uid = genid name;
};
in
out

View file

@ -7,6 +7,8 @@ let out = rec {
eq = x: y: x == y;
mod = x: y: x - y * (x / y);
addName = name: set:
set // { inherit name; };
@ -17,6 +19,7 @@ let out = rec {
dir.has-default-nix = path: pathExists (path + "/default.nix");
dns = import ./dns.nix { inherit lib; };
genid = import ./genid.nix { lib = lib // out; };
git = import ./git.nix { lib = lib // out; };
listset = import ./listset.nix { inherit lib; };
shell = import ./shell.nix { inherit lib; };

37
krebs/4lib/genid.nix Normal file
View file

@ -0,0 +1,37 @@
{ lib, ... }:
with lib;
with builtins;
let out = genid;
# id = genid s = (hash s + min) % max
# min <= genid s < max
#
# min = 2^24 = 16777216 = 0x001000000
# max = 2^32 = 4294967296 = 0x100000000
#
# id is bigger than UID of nobody and GID of nogroup
# see <nixos/modules/misc/ids.nix> and some spare for stuff like lxd.
#
# :: str -> uint32
genid = s: sum16 (addmod16_16777216 (hash s));
# :: str -> list8 uint4
hash = s:
map hexint (stringToCharacters (substring 32 8 (hashString "sha1" s)));
# :: list uint -> uint
sum16 = foldl (a: i: a * 16 + i) 0;
# :: list8 uint4 -> list1 uint8 ++ list6 uint4
addmod16_16777216 = x: let
a = 16 * head x + head (tail x);
d = tail (tail x);
in [(mod (a + 1) 256)] ++ d;
# :: char -> uint4
hexint = x: hexvals.${toLower x};
# :: attrset char uint4
hexvals = listToAttrs (imap (i: c: { name = c; value = i - 1; })
(stringToCharacters "0123456789abcdef"));
in out

View file

@ -1,22 +0,0 @@
{ lib, pkgs, ... }:
pkgs.writeScriptBin "genid" ''
#! /bin/sh
# usage: genid NAME
set -euf
export PATH=${lib.makeSearchPath "bin" (with pkgs; [
bc
coreutils
])}
name=$1
hash=$(printf %s "$name" | sha1sum | cut -d\ -f1 | tr a-f A-F)
echo "
min=2^24 # bigger than nobody and nogroup, see <nixos/modules/misc/ids.nix>
# and some spare for stuff like lxd.
max=2^32 # see 2^(8*sizeof(uid_t))
ibase=16
($hash + min) % max
" | bc
''

View file

@ -184,7 +184,6 @@
cac
sshpass
get
genid
teamspeak_client
hashPassword
];

View file

@ -1,4 +1,4 @@
{ config, pkgs, ... }:
{ config, lib, pkgs, ... }:
let
mainUser = config.users.extraUsers.mainUser;
@ -8,7 +8,7 @@ in {
users.extraUsers = {
libvirt = {
uid = 358821352; # genid libvirt
uid = lib.genid "libvirt";
description = "user for running libvirt stuff";
home = "/home/libvirt";
useDefaultShell = true;

View file

@ -1,4 +1,4 @@
{ config, pkgs, ... }:
{ config, lib, pkgs, ... }:
let
mainUser = config.users.extraUsers.mainUser;
@ -7,7 +7,7 @@ in {
users.extraUsers = {
skype = {
name = "skype";
uid = 2259819492; #genid skype
uid = lib.genid "skype";
description = "user for running skype";
home = "/home/skype";
useDefaultShell = true;

View file

@ -8,7 +8,7 @@
users.extraUsers.chat = {
home = "/home/chat";
uid = 986764891; # genid chat
uid = lib.genid "chat";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [

View file

@ -51,7 +51,7 @@ let
imp = {
users.extraUsers.newsbot-js = {
name = "newsbot-js";
uid = 1616759810; #genid newsbot-js
uid = genid "newsbot-js";
description = "newsbot-js user";
home = "/var/empty";
};

View file

@ -207,7 +207,7 @@ let
# };
#});
users.users.nobody_oc = {
uid = 1651469147; # genid nobody_oc
uid = genid "nobody_oc";
useDefaultShell = true;
};
};

View file

@ -229,7 +229,7 @@ let
};
});
users.users.nobody2 = mkDefault {
uid = mkDefault 125816384; # genid nobody2
uid = mkDefault (genid "nobody2");
useDefaultShell = mkDefault true;
};
};

View file

@ -59,7 +59,6 @@ in {
buildbot
buildbot-slave
get
genid
];
networking.firewall.allowedTCPPorts = [

View file

@ -16,7 +16,6 @@ with lib;
environment.systemPackages = with pkgs; [
# stockholm
genid
gnumake
hashPassword
lentil

View file

@ -19,7 +19,6 @@ with lib;
environment.systemPackages = with pkgs; [
# stockholm
genid
gnumake
hashPassword
lentil

View file

@ -72,9 +72,9 @@ let
};
};
user = {
user = rec {
name = "charybdis";
uid = 3748224544; # genid charybdis
uid = genid name;
};
configFile = toFile "charybdis-ircd.conf" ''

View file

@ -69,12 +69,10 @@ in
};
};
users = let
id = 3768151709; # genid pulse
in {
groups.pulse.gid = id;
users = {
groups.pulse.gid = config.users.users.pulse.uid;
users.pulse = {
uid = id;
uid = genid "pulse";
group = "pulse";
extraGroups = [ "audio" ];
home = "${runDir}/home";

View file

@ -109,9 +109,9 @@ let
};
};
user = {
user = rec {
name = "consul";
uid = 2999951406; # genid consul
uid = genid name;
};
in

View file

@ -53,9 +53,9 @@ let
};
};
user = {
user = rec {
name = "ejabberd";
uid = 3499746127; # genid ejabberd
uid = genid name;
};
my-ejabberdctl = pkgs.writeScriptBin "ejabberdctl" ''