diff options
54 files changed, 957 insertions, 323 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3f2f28d65..1946f269e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,19 @@ +before_script: + - mkdir -p ~/.ssh + - echo "$deploy_privkey" > deploy.key + - export GIT_SSH_COMMAND="ssh -i $PWD/deploy.key" + - chmod 600 deploy.key + - ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts nix-shell test: script: - env - nix-shell --pure --command 'true' -p stdenv && echo success - nix-shell --pure --command 'false' -p stdenv || echo success +nur-packages makefu: + script: + - git reset --hard origin/master + - git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD + - git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git + - git push --force deploy HEAD:master +after_script: + - rm -f deploy.key diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 6addb0818..914b38051 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -25,6 +25,7 @@ in <stockholm/krebs/2configs/shack/muell_caller.nix> <stockholm/krebs/2configs/shack/radioactive.nix> <stockholm/krebs/2configs/shack/share.nix> + <stockholm/krebs/2configs/shack/mobile.mpd.nix> { systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate systemd.services.telegraf.environment = { @@ -114,7 +115,7 @@ in networking = { firewall.enable = false; firewall.allowedTCPPorts = [ 8088 8086 8083 ]; - interfaces."${ext-if}".ip4 = [{ + interfaces."${ext-if}".ipv4.addresses = [{ address = shack-ip; prefixLength = 20; }]; diff --git a/krebs/2configs/shack/mobile.mpd.nix b/krebs/2configs/shack/mobile.mpd.nix new file mode 100644 index 000000000..2dc466edb --- /dev/null +++ b/krebs/2configs/shack/mobile.mpd.nix @@ -0,0 +1,32 @@ +{lib,pkgs, ... }: +let + mpdHost = "mpd.shack"; + ympd = name: port: let + webPort = 10000 + port; + in { + systemd.services."ympd-${name}" = { + description = "mpd for ${name}"; + wantedBy = [ "multi-user.target" ]; + serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody"; + }; + services.nginx.virtualHosts."mobile.${name}.mpd.shack" = { + serverAliases = [ + "${name}.mpd.wolf.r" + "${name}.mpd.wolf.shack" + ]; + locations."/".proxyPass = "http://localhost:${toString webPort}"; + }; + }; +in lib.mkMerge [{ + services.nginx.enable = true; +} + (ympd "lounge" 6600) + (ympd "seminarraum" 6601) + (ympd "elab" 6602) + (ympd "kueche" 6603) + (ympd "crafting" 6604) + (ympd "fablab" 6605) + (ympd "workshop" 6606) + (ympd "klo" 6607) + +] diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix index 53b06a702..faa3dd714 100644 --- a/krebs/3modules/retiolum-bootstrap.nix +++ b/krebs/3modules/retiolum-bootstrap.nix @@ -31,11 +31,8 @@ in enable = mkDefault true; virtualHosts.retiolum-bootstrap = { inherit (cfg) serverName sslCertificate sslCertificateKey; - enableSSL = true; + forceSSL = true; extraConfig ='' - if ($scheme = http){ - return 301 https://$server_name$request_uri; - } root ${pkgs.retiolum-bootstrap}; try_files $uri $uri/retiolum.sh; diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix index cd97a7c62..22c40039e 100644 --- a/makefu/1systems/cake/source.nix +++ b/makefu/1systems/cake/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="cake"; full = true; } diff --git a/makefu/1systems/darth/source.nix b/makefu/1systems/darth/source.nix index b13b6c603..a8d7368ab 100644 --- a/makefu/1systems/darth/source.nix +++ b/makefu/1systems/darth/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="darth"; } diff --git a/makefu/1systems/drop/config.nix b/makefu/1systems/drop/config.nix index b7e0d0395..2757db8cc 100644 --- a/makefu/1systems/drop/config.nix +++ b/makefu/1systems/drop/config.nix @@ -30,7 +30,7 @@ in { allowedTCPPorts = [ ]; allowedUDPPorts = [ 655 ]; }; - interfaces.enp0s3.ip4 = [{ + interfaces.enp0s3.ipv4.addresses = [{ address = external-ip; inherit prefixLength; }]; diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix index 45bd6f97e..a6bc834b0 100644 --- a/makefu/1systems/drop/source.nix +++ b/makefu/1systems/drop/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="drop"; torrent = true; } diff --git a/makefu/1systems/fileleech/config.nix b/makefu/1systems/fileleech/config.nix index e36afecd5..7e9dea9ec 100644 --- a/makefu/1systems/fileleech/config.nix +++ b/makefu/1systems/fileleech/config.nix @@ -145,13 +145,13 @@ in { networking.nameservers = [ "8.8.8.8" ]; # SPF networking.defaultGateway = "151.217.176.1"; - networking.interfaces.enp6s0f0.ip4 = [{ + networking.interfaces.enp6s0f0.ipv4.addresses = [{ address = "151.217.178.63"; prefixLength = 22; }]; # Gigabit - networking.interfaces.enp8s0f1.ip4 = [{ + networking.interfaces.enp8s0f1.ipv4.addresses = [{ address = "192.168.126.1"; prefixLength = 24; }]; diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix index caca1fbcb..b6951a273 100644 --- a/makefu/1systems/fileleech/source.nix +++ b/makefu/1systems/fileleech/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name = "fileleech"; torrent = true; } diff --git a/makefu/1systems/filepimp/source.nix b/makefu/1systems/filepimp/source.nix index 88c9f4f08..b81a2bf4a 100644 --- a/makefu/1systems/filepimp/source.nix +++ b/makefu/1systems/filepimp/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="filepimp"; } diff --git a/makefu/1systems/full/source.nix b/makefu/1systems/full/source.nix new file mode 100644 index 000000000..1e36c6e87 --- /dev/null +++ b/makefu/1systems/full/source.nix @@ -0,0 +1,5 @@ +{ + name="gum"; + torrent = true; + clever_kexec = true; +} diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix index e3ca472e4..1e36c6e87 100644 --- a/makefu/1systems/gum/source.nix +++ b/makefu/1systems/gum/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="gum"; torrent = true; clever_kexec = true; diff --git a/makefu/1systems/iso/source.nix b/makefu/1systems/iso/source.nix index e200dbfd2..6bef8ada9 100644 --- a/makefu/1systems/iso/source.nix +++ b/makefu/1systems/iso/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="iso"; } diff --git a/makefu/1systems/kexec/source.nix b/makefu/1systems/kexec/source.nix index e200dbfd2..6bef8ada9 100644 --- a/makefu/1systems/kexec/source.nix +++ b/makefu/1systems/kexec/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="iso"; } diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix index d9600909a..ab0a454c0 100644 --- a/makefu/1systems/latte/source.nix +++ b/makefu/1systems/latte/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name = "latte"; torrent = true; } diff --git a/makefu/1systems/nextgum/source.nix b/makefu/1systems/nextgum/source.nix index 413889c47..6940498f1 100644 --- a/makefu/1systems/nextgum/source.nix +++ b/makefu/1systems/nextgum/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="nextgum"; torrent = true; clever_kexec = true; diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix index da0d87aad..0d42cc9e2 100644 --- a/makefu/1systems/omo/source.nix +++ b/makefu/1systems/omo/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="omo"; torrent = true; } diff --git a/makefu/1systems/pnp/source.nix b/makefu/1systems/pnp/source.nix index 0b630aa3b..02f7d0ab6 100644 --- a/makefu/1systems/pnp/source.nix +++ b/makefu/1systems/pnp/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="pnp"; } diff --git a/makefu/1systems/repunit/source.nix b/makefu/1systems/repunit/source.nix index ff361fb55..20d3cd1cb 100644 --- a/makefu/1systems/repunit/source.nix +++ b/makefu/1systems/repunit/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="repunit"; } diff --git a/makefu/1systems/sdev/source.nix b/makefu/1systems/sdev/source.nix index 833d9bf73..2e085740a 100644 --- a/makefu/1systems/sdev/source.nix +++ b/makefu/1systems/sdev/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="sdev"; } diff --git a/makefu/1systems/shack-autoinstall/source.nix b/makefu/1systems/shack-autoinstall/source.nix new file mode 100644 index 000000000..6bef8ada9 --- /dev/null +++ b/makefu/1systems/shack-autoinstall/source.nix @@ -0,0 +1,3 @@ +{ + name="iso"; +} diff --git a/makefu/1systems/shoney/config.nix b/makefu/1systems/shoney/config.nix index ba9d0911e..27d389b85 100644 --- a/makefu/1systems/shoney/config.nix +++ b/makefu/1systems/shoney/config.nix @@ -46,7 +46,7 @@ in { dst = "10.8.10.6"; }; networking = { - interfaces.enp2s1.ip4 = [ + interfaces.enp2s1.ipv4.addresses = [ { address = ip; prefixLength = 24; } # { address = alt-ip; prefixLength = 24; } ]; diff --git a/makefu/1systems/shoney/source.nix b/makefu/1systems/shoney/source.nix index 382474f5e..3616716f9 100644 --- a/makefu/1systems/shoney/source.nix +++ b/makefu/1systems/shoney/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="shoney"; } diff --git a/makefu/1systems/studio/source.nix b/makefu/1systems/studio/source.nix index f662653e7..ff88d3557 100644 --- a/makefu/1systems/studio/source.nix +++ b/makefu/1systems/studio/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="studio"; musnix = true; } diff --git a/makefu/1systems/tsp/source.nix b/makefu/1systems/tsp/source.nix index 79f6a435d..9abf503e2 100644 --- a/makefu/1systems/tsp/source.nix +++ b/makefu/1systems/tsp/source.nix @@ -1,3 +1,5 @@ -import <stockholm/makefu/source.nix> { +{ name="tsp"; + full = true; + hw = true; } diff --git a/makefu/1systems/vbob/source.nix b/makefu/1systems/vbob/source.nix index 5419215e2..59744faf5 100644 --- a/makefu/1systems/vbob/source.nix +++ b/makefu/1systems/vbob/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="vbob"; # musnix = true; } diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 9d8a91e6d..e1d66a2f9 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -150,7 +150,7 @@ in { # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash networking.wireless.interfaces = [ "wlp2s0" ]; - networking.interfaces.virbr1.ip4 = [{ + networking.interfaces.virbr1.ipv4.addresses = [{ address = "10.8.8.11"; prefixLength = 24; }]; diff --git a/makefu/1systems/wbob/source.nix b/makefu/1systems/wbob/source.nix index b768aa87d..c76f73760 100644 --- a/makefu/1systems/wbob/source.nix +++ b/makefu/1systems/wbob/source.nix @@ -1,4 +1,4 @@ -import <stockholm/makefu/source.nix> { +{ name="wbob"; # musnix = true; } diff --git a/makefu/1systems/wry/config.nix b/makefu/1systems/wry/config.nix index 2db1a9a95..b728703ec 100644 --- a/makefu/1systems/wry/config.nix +++ b/makefu/1systems/wry/config.nix @@ -42,7 +42,7 @@ in { allowedTCPPorts = [ 53 80 443 ]; allowedUDPPorts = [ 655 53 ]; }; - interfaces.enp2s1.ip4 = [{ + interfaces.enp2s1.ipv4.addresses = [{ address = external-ip; prefixLength = 24; }]; diff --git a/makefu/1systems/wry/source.nix b/makefu/1systems/wry/source.nix index fac3877ee..730300590 100644 --- a/makefu/1systems/wry/source.nix +++ b/makefu/1systems/wry/source.nix @@ -1,3 +1,3 @@ -import <stockholm/makefu/source.nix> { +{ name="wry"; } diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix index ab6429dc1..75af3255b 100644 --- a/makefu/1systems/x/source.nix +++ b/makefu/1systems/x/source.nix @@ -1,9 +1,10 @@ -import <stockholm/makefu/source.nix> { +{ name="x"; full = true; python = true; hw = true; unstable = true; mic92 = true; + clever_kexec = true; # torrent = true; } diff --git a/makefu/2configs/deployment/events-publisher/default.nix b/makefu/2configs/deployment/events-publisher/default.nix index c671b1a0b..a09554e6a 100644 --- a/makefu/2configs/deployment/events-publisher/default.nix +++ b/makefu/2configs/deployment/events-publisher/default.nix @@ -2,8 +2,8 @@ with import <stockholm/lib>; let shack-announce = pkgs.callPackage (builtins.fetchTarball { - url = "https://github.com/makefu/events-publisher/archive/5e7b083c63f25182a02c1fddb3d32cb9534fbc50.tar.gz"; - sha256 = "1zzlhyj8fr6y3a3b6qlyrm474xxxs1ydqjpkd2jva3g1lnzlmvkp"; + url = "https://github.com/makefu/events-publisher/archive/4cef900ba10348050208367af6b2035f5a0ef8b6.tar.gz"; + sha256 = "137vsibr289p3xxlw37xhizi309sygki95919hmj02dxgwmy1k74"; }) {} ; home = "/var/lib/shackannounce"; user = "shackannounce"; diff --git a/makefu/2configs/editor/vim.nix b/makefu/2configs/editor/vim.nix new file mode 100644 index 000000000..d14a611b4 --- /dev/null +++ b/makefu/2configs/editor/vim.nix @@ -0,0 +1,33 @@ +{ config, pkgs, ... }: + +let + customPlugins.vim-better-whitespace = pkgs.vimUtils.buildVimPlugin { + name = "vim-better-whitespace"; + src = pkgs.fetchFromGitHub { + owner = "ntpeters"; + repo = "vim-better-whitespace"; + rev = "984c8da518799a6bfb8214e1acdcfd10f5f1eed7"; + sha256 = "10l01a8xaivz6n01x6hzfx7gd0igd0wcf9ril0sllqzbq7yx2bbk"; + }; + }; + +in { + + environment.systemPackages = [ + pkgs.python27Full # required for youcompleteme + (pkgs.vim_configurable.customize { + name = "vim"; + + vimrcConfig.customRC = builtins.readFile ./vimrc; + vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; + vimrcConfig.vam.pluginDictionaries = [ + { names = [ "undotree" + # "YouCompleteMe" + "vim-better-whitespace" ]; } + # vim-nix handles indentation better but does not perform sanity + { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } + ]; + + }) + ]; +} diff --git a/makefu/2configs/editor/vimrc b/makefu/2configs/editor/vimrc new file mode 100644 index 000000000..8cdab55db --- /dev/null +++ b/makefu/2configs/editor/vimrc @@ -0,0 +1,98 @@ +set nocompatible +syntax on +set list +set listchars=tab:▸\ +"set list listchars=tab:>-,trail:.,extends:> + +filetype off +filetype plugin indent on + +colorscheme darkblue +set background=dark + +set number +set relativenumber +set mouse=a +set ignorecase +set incsearch +set wildignore=*.o,*.obj,*.bak,*.exe,*.os +set textwidth=79 +set shiftwidth=2 +set expandtab +set softtabstop=2 +set shiftround +set smarttab +set tabstop=2 +set et +set autoindent +set backspace=indent,eol,start + + +inoremap <F1> <ESC> +nnoremap <F1> <ESC> +vnoremap <F1> <ESC> + +nnoremap <F5> :UndotreeToggle<CR> +set undodir =~/.vim/undo +set undofile +"maximum number of changes that can be undone +set undolevels=1000000 +"maximum number lines to save for undo on a buffer reload +set undoreload=10000000 + +nnoremap <F2> :set invpaste paste?<CR> +set pastetoggle=<F2> +set showmode + +set showmatch +set matchtime=3 +set hlsearch + +autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red + + +" save on focus lost +au FocusLost * :wa + +autocmd BufRead *.json set filetype=json +au BufNewFile,BufRead *.mustache set syntax=mustache + +cnoremap SudoWrite w !sudo tee > /dev/null % + +" create Backup/tmp/undo dirs +set backupdir=~/.vim/backup +set directory=~/.vim/tmp + +function! InitBackupDir() + let l:parent = $HOME . '/.vim/' + let l:backup = l:parent . 'backup/' + let l:tmpdir = l:parent . 'tmp/' + let l:undodir= l:parent . 'undo/' + + + if !isdirectory(l:parent) + call mkdir(l:parent) + endif + if !isdirectory(l:backup) + call mkdir(l:backup) + endif + if !isdirectory(l:tmpdir) + call mkdir(l:tmpdir) + endif + if !isdirectory(l:undodir) + call mkdir(l:undodir) + endif +endfunction +call InitBackupDir() + +augroup Binary + " edit binaries in xxd-output, xxd is part of vim + au! + au BufReadPre *.bin let &bin=1 + au BufReadPost *.bin if &bin | %!xxd + au BufReadPost *.bin set ft=xxd | endif + au BufWritePre *.bin if &bin | %!xxd -r + au BufWritePre *.bin endif + au BufWritePost *.bin if &bin | %!xxd + au BufWritePost *.bin set nomod | endif +augroup END diff --git a/makefu/2configs/hw/smartcard.nix b/makefu/2configs/hw/smartcard.nix new file mode 100644 index 000000000..1e9bca53b --- /dev/null +++ b/makefu/2configs/hw/smartcard.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: +{ + services.pcscd = { + enable = true; + plugins = with pkgs; [ ifdnfc ccid ]; + + }; + environment.systemPackages = with pkgs; [ + # need to run ifdnfc-activate before usage + ifdnfc + # pcsc_scan + pcsctools + ]; + boot.blacklistedKernelModules = [ + "pn533" "pn533_usb" + "nfc" + ]; +} diff --git a/makefu/2configs/nginx/rompr.nix b/makefu/2configs/nginx/rompr.nix new file mode 100644 index 000000000..8c1fbc53b --- /dev/null +++ b/makefu/2configs/nginx/rompr.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + user = config.services.nginx.user; + group = config.services.nginx.group; + src = pkgs.fetchFromGitHub { + owner = "fatg3erman"; + repo = "RompR"; + rev = "1.21"; + sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q"; + }; + fpm-socket = "/var/run/php5-rompr-fpm.sock"; + mpd-src = "/var/lib/rompr"; + +in { + services.phpfpm = { + # phpfpm does not have an enable option + poolConfigs = { + mpd = '' + user = ${user} + group = ${group} + listen = ${fpm-socket} + listen.owner = ${user} + listen.group = ${group} + pm = dynamic + pm.max_children = 5 + pm.start_servers = 2 + pm.min_spare_servers = 1 + pm.max_spare_servers = 3 + chdir = / + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; + }; + }; + # TODO: Pre-job + # TODO: prefs.var could be templated (serialized php ...) then we would not + # need to have a state dir at all + system.activationScripts.rompr = '' + mkdir -p ${mpd-src} + cp -r ${src}/. ${mpd-src} + chown -R ${user}:${group} ${mpd-src} + chmod 770 ${mpd-src} + ''; + services.nginx = { + enable = mkDefault true; + virtualHosts = { + "localhost" = { + root = mpd-src; + locations."/".index = "index.php"; + locations."~ \.php$" = { + root = mpd-src; + extraConfig = '' + client_max_body_size 200M; + fastcgi_pass unix:${fpm-socket}; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + fastcgi_index index.php; + try_files $uri =404; + ''; + }; + }; + }; + }; + services.mysql = { + enable = true; + package = pkgs.mariadb; + ensureDatabases = [ "romprdb" ]; + ensureUsers = [ + { ensurePermissions = { "romprdb.*" = "ALL PRIVILEGES"; }; + name = user; } + ]; + }; +} diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index ae97edd54..3d26cc574 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -12,7 +12,6 @@ virtmanager # Dev saleae-logic - arduino-user-env gitAndTools.gitFull signal-desktop ]; diff --git a/makefu/2configs/vim.nix b/makefu/2configs/vim.nix deleted file mode 100644 index 43d362ed9..000000000 --- a/makefu/2configs/vim.nix +++ /dev/null @@ -1,136 +0,0 @@ -{ config, pkgs, ... }: - -let - customPlugins.vim-better-whitespace = pkgs.vimUtils.buildVimPlugin { - name = "vim-better-whitespace"; - src = pkgs.fetchFromGitHub { - owner = "ntpeters"; - repo = "vim-better-whitespace"; - rev = "984c8da518799a6bfb8214e1acdcfd10f5f1eed7"; - sha256 = "10l01a8xaivz6n01x6hzfx7gd0igd0wcf9ril0sllqzbq7yx2bbk"; - }; - }; - -in { - - environment.systemPackages = [ - pkgs.python27Full # required for youcompleteme - (pkgs.vim_configurable.customize { - name = "vim"; - - vimrcConfig.customRC = '' - set nocompatible - syntax on - set list - set listchars=tab:▸\ - "set list listchars=tab:>-,trail:.,extends:> - - filetype off - filetype plugin indent on - - colorscheme darkblue - set background=dark - - set number - set relativenumber - set mouse=a - set ignorecase - set incsearch - set wildignore=*.o,*.obj,*.bak,*.exe,*.os - set textwidth=79 - set shiftwidth=2 - set expandtab - set softtabstop=2 - set shiftround - set smarttab - set tabstop=2 - set et - set autoindent - set backspace=indent,eol,start - - - inoremap <F1> <ESC> - nnoremap <F1> <ESC> - vnoremap <F1> <ESC> - - nnoremap <F5> :UndotreeToggle<CR> - set undodir =~/.vim/undo - set undofile - "maximum number of changes that can be undone - set undolevels=1000000 - "maximum number lines to save for undo on a buffer reload - set undoreload=10000000 - - nnoremap <F2> :set invpaste paste?<CR> - set pastetoggle=<F2> - set showmode - - set showmatch - set matchtime=3 - set hlsearch - - autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red - - - " save on focus lost - au FocusLost * :wa - - autocmd BufRead *.json set filetype=json - au BufNewFile,BufRead *.mustache set syntax=mustache - - cnoremap SudoWrite w !sudo tee > /dev/null % - - " create Backup/tmp/undo dirs - set backupdir=~/.vim/backup - set directory=~/.vim/tmp - - function! InitBackupDir() - let l:parent = $HOME . '/.vim/' - let l:backup = l:parent . 'backup/' - let l:tmpdir = l:parent . 'tmp/' - let l:undodir= l:parent . 'undo/' - - - if !isdirectory(l:parent) - call mkdir(l:parent) - endif - if !isdirectory(l:backup) - call mkdir(l:backup) - endif - if !isdirectory(l:tmpdir) - call mkdir(l:tmpdir) - endif - if !isdirectory(l:undodir) - call mkdir(l:undodir) - endif - endfunction - call InitBackupDir() - - augroup Binary - " edit binaries in xxd-output, xxd is part of vim - au! - au BufReadPre *.bin let &bin=1 - au BufReadPost *.bin if &bin | %!xxd - au BufReadPost *.bin set ft=xxd | endif - au BufWritePre *.bin if &bin | %!xxd -r - au BufWritePre *.bin endif - au BufWritePost *.bin if &bin | %!xxd - au BufWritePost *.bin set nomod | endif - augroup END - - - - ''; - - vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; - vimrcConfig.vam.pluginDictionaries = [ - { names = [ "undotree" - # "YouCompleteMe" - "vim-better-whitespace" ]; } - # vim-nix handles indentation better but does not perform sanity - { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } - ]; - - }) - ]; -} diff --git a/makefu/5pkgs/arduino-user-env/default.nix b/makefu/5pkgs/arduino-user-env/default.nix deleted file mode 100644 index 7339c50a2..000000000 --- a/makefu/5pkgs/arduino-user-env/default.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ lib, pkgs, ... }: let - -#TODO: make sure env exists prior to running -env_nix = pkgs.writeText "env.nix" '' - { pkgs ? import <nixpkgs> {} }: - - (pkgs.buildFHSUserEnv { - name = "arduino-user-env"; - targetPkgs = pkgs: with pkgs; [ - coreutils - ]; - multiPkgs = pkgs: with pkgs; [ - arduino - alsaLib - zlib - xorg.libXxf86vm - curl - openal - openssl_1_0_2 - xorg.libXext - xorg.libX11 - xorg.libXrandr - xorg.libXcursor - xorg.libXinerama - xorg.libXi - mesa_glu - ]; - runScript = "zsh"; - }).env -''; - - -in pkgs.writeDashBin "arduino-user-env" '' - nix-shell ${env_nix} -'' diff --git a/makefu/5pkgs/beef/Gemfile b/makefu/5pkgs/beef/Gemfile index 1420feffd..da13e1fb8 100644 --- a/makefu/5pkgs/beef/Gemfile +++ b/makefu/5pkgs/beef/Gemfile @@ -1,15 +1,16 @@ # BeEF's Gemfile # -# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net +# Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net # Browser Exploitation Framework (BeEF) - http://beefproject.com # See the file 'doc/COPYING' for copying permission # gem 'eventmachine' gem 'thin' -gem 'sinatra' -gem 'rack', '~> 1.6.5' +gem 'sinatra', '~> 2.0' +gem 'rack', '~> 2.0' +gem 'rack-protection', '~> 2.0' gem 'em-websocket' # WebSocket support gem 'uglifier' gem 'mime-types' @@ -22,8 +23,7 @@ gem 'data_objects' gem 'rubyzip', '>= 1.2.1' gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice gem 'nokogiri', '>= 1.7' - -gem 'therubyracer' +gem 'rake' # SQLite support group :sqlite do @@ -52,11 +52,17 @@ gem 'dm-migrations' # Metasploit Integration extension group :ext_msf do gem 'msfrpc-client' + gem 'xmlrpc' end -# Twitter Notifications extension -group :ext_twitter do - #gem 'twitter', '>= 5.0.0' +# Notifications extension +group :ext_notifications do + # Pushover + gem 'rushover' + # Slack + gem 'slack-notifier' + # Twitter + gem 'twitter', '>= 5.0.0' end # DNS extension @@ -76,22 +82,24 @@ end # For running unit tests group :test do -if ENV['BEEF_TEST'] - gem 'rake' - gem 'test-unit' - gem 'test-unit-full' - gem 'curb' - gem 'selenium' - gem 'selenium-webdriver' - gem 'rspec' - gem 'bundler-audit' - # nokogirl is needed by capybara which may require one of the below commands - # sudo apt-get install libxslt-dev libxml2-dev - # sudo port install libxml2 libxslt - gem 'capybara' - # RESTful API tests/generic command module tests - gem 'rest-client', '>= 2.0.1' -end + if ENV['BEEF_TEST'] + gem 'test-unit' + gem 'test-unit-full' + gem 'rspec' + # curb gem requires curl libraries + # sudo apt-get install libcurl4-openssl-dev + gem 'curb' + # selenium-webdriver 3.x is incompatible with Firefox version 48 and prior + gem 'selenium' + gem 'selenium-webdriver', '~> 2.53.4' + # nokogirl is needed by capybara which may require one of the below commands + # sudo apt-get install libxslt-dev libxml2-dev + # sudo port install libxml2 libxslt + gem 'capybara' + # RESTful API tests/generic command module tests + gem 'rest-client', '>= 2.0.1' + gem 'byebug' + end end source 'https://rubygems.org' diff --git a/makefu/5pkgs/beef/Gemfile.lock b/makefu/5pkgs/beef/Gemfile.lock index d2e6ad45e..8f18bf220 100644 --- a/makefu/5pkgs/beef/Gemfile.lock +++ b/makefu/5pkgs/beef/Gemfile.lock @@ -4,8 +4,9 @@ GEM addressable (2.5.2) public_suffix (>= 2.0.2, < 4.0) ansi (1.5.0) - chunky_png (1.3.8) - daemons (1.2.4) + buftok (0.2.0) + chunky_png (1.3.10) + daemons (1.2.6) data_objects (0.10.17) addressable (~> 2.1) dm-core (1.2.1) @@ -26,48 +27,66 @@ GEM do_sqlite3 (~> 0.10.6) do_sqlite3 (0.10.17) data_objects (= 0.10.17) + domain_name (0.5.20180417) + unf (>= 0.0.5, < 1.0.0) em-websocket (0.5.1) eventmachine (>= 0.12.9) http_parser.rb (~> 0.6.0) + equalizer (0.0.11) erubis (2.7.0) espeak-ruby (1.0.4) eventmachine (1.0.9.1) execjs (2.7.0) fastercsv (1.5.5) filesize (0.1.1) - geoip (1.6.3) + geoip (1.6.4) + http (3.3.0) + addressable (~> 2.3) + http-cookie (~> 1.0) + http-form_data (~> 2.0) + http_parser.rb (~> 0.6.0) + http-cookie (1.0.3) + domain_name (~> 0.5) + http-form_data (2.1.1) http_parser.rb (0.6.0) jsobfu (0.4.2) rkelly-remix json (1.8.6) json_pure (1.8.6) - libv8 (3.16.14.19) + memoizable (0.4.2) + thread_safe (~> 0.3, >= 0.3.1) metasm (1.0.3) - mime-types (3.1) + mime-types (3.2.2) mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) + mime-types-data (3.2018.0812) mini_portile2 (2.3.0) mojo_magick (0.5.6) msfrpc-client (1.1.1) msgpack (~> 1) rex (~> 2) - msgpack (1.1.0) - multi_json (1.12.2) - nokogiri (1.8.1) + msgpack (1.2.4) + multi_json (1.13.1) + multipart-post (2.0.0) + mustermann (1.0.2) + naught (1.1.0) + netrc (0.11.0) + nokogiri (1.8.4) mini_portile2 (~> 2.3.0) parseconfig (1.0.8) - public_suffix (3.0.0) + public_suffix (3.0.3) qr4r (0.4.1) mojo_magick rqrcode - rack (1.6.8) - rack-protection (1.5.3) + rack (2.0.5) + rack-protection (2.0.3) rack - rainbow (2.2.2) - rake - rake (12.1.0) + rainbow (3.0.0) + rake (12.3.1) rb-readline (0.5.5) - ref (2.0.0) + rest-client (2.0.2) + http-cookie (>= 1.0.2, < 2.0) + mime-types (>= 1.16, < 4.0) + netrc (~> 0.8) rex (2.0.11) filesize jsobfu (~> 0.4.1) @@ -86,23 +105,42 @@ GEM eventmachine (~> 1.0.0) rexec (~> 1.6.2) rubyzip (1.2.1) - sinatra (1.4.8) - rack (~> 1.5) - rack-protection (~> 1.4) - tilt (>= 1.3, < 3) + rushover (0.3.0) + json + rest-client + simple_oauth (0.3.1) + sinatra (2.0.3) + mustermann (~> 1.0) + rack (~> 2.0) + rack-protection (= 2.0.3) + tilt (~> 2.0) + slack-notifier (2.3.2) term-ansicolor (1.6.0) tins (~> 1.0) - therubyracer (0.12.3) - libv8 (~> 3.16.14.15) - ref thin (1.7.2) daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) + thread_safe (0.3.6) tilt (2.0.8) - tins (1.15.0) - uglifier (3.2.0) + tins (1.16.3) + twitter (6.2.0) + addressable (~> 2.3) + buftok (~> 0.2.0) + equalizer (~> 0.0.11) + http (~> 3.0) + http-form_data (~> 2.0) + http_parser.rb (~> 0.6.0) + memoizable (~> 0.4.0) + multipart-post (~> 2.0) + naught (~> 1.0) + simple_oauth (~> 0.3.0) + uglifier (4.1.18) execjs (>= 0.3.0, < 3) + unf (0.1.4) + unf_ext + unf_ext (0.0.7.5) + xmlrpc (0.3.0) PLATFORMS ruby @@ -126,14 +164,19 @@ DEPENDENCIES nokogiri (>= 1.7) parseconfig qr4r - rack (~> 1.6.5) + rack (~> 2.0) + rack-protection (~> 2.0) + rake rubydns (~> 0.7.3) rubyzip (>= 1.2.1) - sinatra + rushover + sinatra (~> 2.0) + slack-notifier term-ansicolor - therubyracer thin + twitter (>= 5.0.0) uglifier + xmlrpc BUNDLED WITH - 1.15.4 + 1.14.6 diff --git a/makefu/5pkgs/beef/db-in-homedir.patch b/makefu/5pkgs/beef/db-in-homedir.patch new file mode 100644 index 000000000..e8dd8e3db --- /dev/null +++ b/makefu/5pkgs/beef/db-in-homedir.patch @@ -0,0 +1,39 @@ +--- /beef 2018-08-16 19:03:55.199437566 +0200 ++++ /beef 2018-08-16 19:27:34.735985233 +0200 +@@ -110,9 +110,20 @@ + # + # @note Database setup - use DataMapper::Logger.new($stdout, :debug) for development debugging + # ++ ++# ++# @note Create ~/.beef/ ++# ++begin ++ FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir) ++rescue => e ++ print_error "Could not create '#{$home_dir}': #{e.message}" ++end ++ + case config.get("beef.database.driver") + when "sqlite" +- DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}") ++ print_info "Using Database #{$home_dir}/#{config.get("beef.database.db_file")}" ++ DataMapper.setup(:default, "sqlite3://#{$home_dir}/#{config.get("beef.database.db_file")}") + when "mysql", "postgres" + DataMapper.setup(:default, + :adapter => config.get("beef.database.driver"), +@@ -162,14 +173,6 @@ + BeEF::Core::Console::Banners.print_network_interfaces_count + BeEF::Core::Console::Banners.print_network_interfaces_routes + +-# +-# @note Create ~/.beef/ +-# +-begin +- FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir) +-rescue => e +- print_error "Could not create '#{$home_dir}': #{e.message}" +-end + + # + # @note Check whether we load the Console Shell or not diff --git a/makefu/5pkgs/beef/default.nix b/makefu/5pkgs/beef/default.nix index 82540cde9..d444dbded 100644 --- a/makefu/5pkgs/beef/default.nix +++ b/makefu/5pkgs/beef/default.nix @@ -1,4 +1,4 @@ -{ stdenv, bundlerEnv, ruby, fetchFromGitHub }: +{ stdenv, bundlerEnv, ruby, fetchFromGitHub, nodejs }: # nix-shell --command "bundler install && bundix" in the clone, copy gemset.nix, Gemfile and Gemfile.lock let gems = bundlerEnv { @@ -7,13 +7,17 @@ let gemdir = ./.; }; in stdenv.mkDerivation { - name = "beef-2017-09-21"; + name = "beef-2018-09-21"; src = fetchFromGitHub { owner = "beefproject"; repo = "beef"; - rev = "69aa2a3"; - sha256 = "1rky61i0wzpwcq3kqfa0m5hf6wyz8q8jgzs7dpfh04w9qh32ic4p"; + rev = "d237c95"; + sha256 = "1mykbjwjcbd2a18wycaf35hi3b9rmvqz1jnk2v55sd4c39f0jpf2"; }; + prePatch = '' + ls -alhtr + ''; + patches = [ ./db-in-homedir.patch ]; buildInputs = [gems ruby]; installPhase = '' mkdir -p $out/{bin,share/beef} @@ -25,13 +29,17 @@ in stdenv.mkDerivation { bin=$out/bin/beef cat > $bin <<EOF #!/bin/sh -e +PATH=$PATH:${nodejs}/bin/ exec ${gems}/bin/bundle exec ${ruby}/bin/ruby $out/share/beef/beef "\$@" EOF chmod +x $bin ''; - # crashes with segfault - # also, db cannot be set - meta.broken = true; + meta = with stdenv.lib; { + homepage = https://beefproject.com/; + description = "The Browser Exploitation Framework"; + platforms = platforms.linux; + maintainers = with maintainers; [ makefu ]; + }; } diff --git a/makefu/5pkgs/beef/gemset.nix b/makefu/5pkgs/beef/gemset.nix index b6af75d00..3ccd7340b 100644 --- a/makefu/5pkgs/beef/gemset.nix +++ b/makefu/5pkgs/beef/gemset.nix @@ -16,21 +16,29 @@ }; version = "1.5.0"; }; + buftok = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1rzsy1vy50v55x9z0nivf23y0r9jkmq6i130xa75pq9i8qrn1mxs"; + type = "gem"; + }; + version = "0.2.0"; + }; chunky_png = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0j0dngz6s0j3s3zaf9vrimjz65s9k7ad1c3xmmldr1vmz8sbd843"; + sha256 = "05g2xli9wbjylkmblln3bhvjalziwb92q452q8ibjagmb853424w"; type = "gem"; }; - version = "1.3.8"; + version = "1.3.10"; }; daemons = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1bmb4qrd95b5gl3ym5j3q6mf090209f4vkczggn49n56w6s6zldz"; + sha256 = "0lxqq6dgb8xhliywar2lvkwqy2ssraf9dk4b501pb4ixc2mvxbp2"; type = "gem"; }; - version = "1.2.4"; + version = "1.2.6"; }; data_objects = { dependencies = ["addressable"]; @@ -95,6 +103,15 @@ }; version = "0.10.17"; }; + domain_name = { + dependencies = ["unf"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0abdlwb64ns7ssmiqhdwgl27ly40x2l27l8hs8hn0z4kb3zd2x3v"; + type = "gem"; + }; + version = "0.5.20180417"; + }; em-websocket = { dependencies = ["eventmachine" "http_parser.rb"]; source = { @@ -104,6 +121,14 @@ }; version = "0.5.1"; }; + equalizer = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1kjmx3fygx8njxfrwcmn7clfhjhb6bvv3scy2lyyi0wqyi3brra4"; + type = "gem"; + }; + version = "0.0.11"; + }; erubis = { source = { remotes = ["https://rubygems.org"]; @@ -155,10 +180,36 @@ geoip = { source = { remotes = ["https://rubygems.org"]; - sha256 = "099hxng7h8i3pwibnassivj58iw1x7ygwq06qj6rx7j16iyz6rzx"; + sha256 = "1if16n4pjl2kshc0cqg7i03m55fspmlca6p9f4r66rpzw0v4d6jc"; type = "gem"; }; - version = "1.6.3"; + version = "1.6.4"; + }; + http = { + dependencies = ["addressable" "http-cookie" "http-form_data" "http_parser.rb"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1jlm5prw437wqpfxcigh88lfap3m7g8mnmj5as7qw6dzqnvrxwmc"; + type = "gem"; + }; + version = "3.3.0"; + }; + http-cookie = { + dependencies = ["domain_name"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "004cgs4xg5n6byjs7qld0xhsjq3n6ydfh897myr2mibvh6fjc49g"; + type = "gem"; + }; + version = "1.0.3"; + }; + http-form_data = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "15lpn604byf7cyxnw949xz4rvpcknqp7a48q73nm630gqxsa76f3"; + type = "gem"; + }; + version = "2.1.1"; }; "http_parser.rb" = { source = { @@ -193,13 +244,14 @@ }; version = "1.8.6"; }; - libv8 = { + memoizable = { + dependencies = ["thread_safe"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "0271i5sfma05gvhmrmxqb0jj667bl6m54yd49ay6yrdbh1g4wpl1"; + sha256 = "0v42bvghsvfpzybfazl14qhkrjvx0xlmxz0wwqc960ga1wld5x5c"; type = "gem"; }; - version = "3.16.14.19"; + version = "0.4.2"; }; metasm = { source = { @@ -213,18 +265,18 @@ dependencies = ["mime-types-data"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "0087z9kbnlqhci7fxh9f6il63hj1k02icq2rs0c6cppmqchr753m"; + sha256 = "0fjxy1jm52ixpnv3vg9ld9pr9f35gy0jp66i1njhqjvmnvq0iwwk"; type = "gem"; }; - version = "3.1"; + version = "3.2.2"; }; mime-types-data = { source = { remotes = ["https://rubygems.org"]; - sha256 = "04my3746hwa4yvbx1ranhfaqkgf6vavi1kyijjnw8w3dy37vqhkm"; + sha256 = "07wvp0aw2gjm4njibb70as6rh5hi1zzri5vky1q6jx95h8l56idc"; type = "gem"; }; - version = "3.2016.0521"; + version = "3.2018.0812"; }; mini_portile2 = { source = { @@ -254,27 +306,59 @@ msgpack = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0ck7w17d6b4jbb8inh1q57bghi9cjkiaxql1d3glmj1yavbpmlh7"; + sha256 = "09xy1wc4wfbd1jdrzgxwmqjzfdfxbz0cqdszq2gv6rmc3gv1c864"; type = "gem"; }; - version = "1.1.0"; + version = "1.2.4"; }; multi_json = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1raim9ddjh672m32psaa9niw67ywzjbxbdb8iijx3wv9k5b0pk2x"; + sha256 = "1rl0qy4inf1mp8mybfk56dfga0mvx97zwpmq5xmiwl5r770171nv"; + type = "gem"; + }; + version = "1.13.1"; + }; + multipart-post = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "09k0b3cybqilk1gwrwwain95rdypixb2q9w65gd44gfzsd84xi1x"; + type = "gem"; + }; + version = "2.0.0"; + }; + mustermann = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "07sb7fckrraqh48fjnqf6yl7vxxabfx0qrsrhfdz67pd838g4k8g"; + type = "gem"; + }; + version = "1.0.2"; + }; + naught = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1wwjx35zgbc0nplp8a866iafk4zsrbhwwz4pav5gydr2wm26nksg"; type = "gem"; }; - version = "1.12.2"; + version = "1.1.0"; + }; + netrc = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0gzfmcywp1da8nzfqsql2zqi648mfnx6qwkig3cv36n9m0yy676y"; + type = "gem"; + }; + version = "0.11.0"; }; nokogiri = { dependencies = ["mini_portile2"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "105xh2zkr8nsyfaj2izaisarpnkrrl9000y3nyflg9cbzrfxv021"; + sha256 = "1h9nml9h3m0mpvmh8jfnqvblnz5n5y3mmhgfc38avfmfzdrq9bgc"; type = "gem"; }; - version = "1.8.1"; + version = "1.8.4"; }; parseconfig = { source = { @@ -287,10 +371,10 @@ public_suffix = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0snaj1gxfib4ja1mvy3dzmi7am73i0mkqr0zkz045qv6509dhj5f"; + sha256 = "08q64b5br692dd3v0a9wq9q5dvycc6kmiqmjbdxkxbfizggsvx6l"; type = "gem"; }; - version = "3.0.0"; + version = "3.0.3"; }; qr4r = { dependencies = ["mojo_magick" "rqrcode"]; @@ -304,36 +388,35 @@ rack = { source = { remotes = ["https://rubygems.org"]; - sha256 = "19m7aixb2ri7p1n0iqaqx8ldi97xdhvbxijbyrrcdcl6fv5prqza"; + sha256 = "158hbn7rlc3czp2vivvam44dv6vmzz16qrh5dbzhfxbfsgiyrqw1"; type = "gem"; }; - version = "1.6.8"; + version = "2.0.5"; }; rack-protection = { dependencies = ["rack"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "0cvb21zz7p9wy23wdav63z5qzfn4nialik22yqp6gihkgfqqrh5r"; + sha256 = "1z5598qipilmnf45428jnxi63ykrgvnyywa5ckpr52zv2vpd8jdp"; type = "gem"; }; - version = "1.5.3"; + version = "2.0.3"; }; rainbow = { - dependencies = ["rake"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "08w2ghc5nv0kcq5b257h7dwjzjz1pqcavajfdx2xjyxqsvh2y34w"; + sha256 = "0bb2fpjspydr6x0s8pn1pqkzmxszvkfapv0p4627mywl7ky4zkhk"; type = "gem"; }; - version = "2.2.2"; + version = "3.0.0"; }; rake = { source = { remotes = ["https://rubygems.org"]; - sha256 = "0mfqgpp3m69s5v1rd51lfh5qpjwyia5p4rg337pw8c8wzm6pgfsw"; + sha256 = "1idi53jay34ba9j68c3mfr9wwkg3cd9qh0fn9cg42hv72c6q8dyg"; type = "gem"; }; - version = "12.1.0"; + version = "12.3.1"; }; rb-readline = { source = { @@ -343,13 +426,14 @@ }; version = "0.5.5"; }; - ref = { + rest-client = { + dependencies = ["http-cookie" "mime-types" "netrc"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "04p4pq4sikly7pvn30dc7v5x2m7fqbfwijci4z1y6a1ilwxzrjii"; + sha256 = "1hzcs2r7b5bjkf2x2z3n8z6082maz0j8vqjiciwgg3hzb63f958j"; type = "gem"; }; - version = "2.0.0"; + version = "2.0.2"; }; rex = { dependencies = ["filesize" "jsobfu" "json" "metasm" "nokogiri" "rb-readline" "robots"]; @@ -411,32 +495,48 @@ }; version = "1.2.1"; }; + rushover = { + dependencies = ["json" "rest-client"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0j6x61drcdfnbvgmkmrc92zw67acpfcz5h1a29sdf884zkwd1444"; + type = "gem"; + }; + version = "0.3.0"; + }; + simple_oauth = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0dw9ii6m7wckml100xhjc6vxpjcry174lbi9jz5v7ibjr3i94y8l"; + type = "gem"; + }; + version = "0.3.1"; + }; sinatra = { - dependencies = ["rack" "rack-protection" "tilt"]; + dependencies = ["mustermann" "rack" "rack-protection" "tilt"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "0byxzl7rx3ki0xd7aiv1x8mbah7hzd8f81l65nq8857kmgzj1jqq"; + sha256 = "1kyi55q4k4idv31h7l53hw0mnh50dwwrrsfm35j52jy7fc993m9r"; type = "gem"; }; - version = "1.4.8"; + version = "2.0.3"; }; - term-ansicolor = { - dependencies = ["tins"]; + slack-notifier = { source = { remotes = ["https://rubygems.org"]; - sha256 = "1b1wq9ljh7v3qyxkk8vik2fqx2qzwh5lval5f92llmldkw7r7k7b"; + sha256 = "1pkfn99dhy5s526r6k8d87fwwb6j287ga9s7lxqmh60z28xqh3bv"; type = "gem"; }; - version = "1.6.0"; + version = "2.3.2"; }; - therubyracer = { - dependencies = ["libv8" "ref"]; + term-ansicolor = { + dependencies = ["tins"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g95bzs2axjglyjyj6xvsywqgr80bnzlkw7mddxx1fdrak5wni2q"; + sha256 = "1b1wq9ljh7v3qyxkk8vik2fqx2qzwh5lval5f92llmldkw7r7k7b"; type = "gem"; }; - version = "0.12.3"; + version = "1.6.0"; }; thin = { dependencies = ["daemons" "eventmachine" "rack"]; @@ -447,6 +547,14 @@ }; version = "1.7.2"; }; + thread_safe = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0nmhcgq6cgz44srylra07bmaw99f5271l0dpsvl5f75m44l0gmwy"; + type = "gem"; + }; + version = "0.3.6"; + }; tilt = { source = { remotes = ["https://rubygems.org"]; @@ -458,18 +566,52 @@ tins = { source = { remotes = ["https://rubygems.org"]; - sha256 = "09whix5a7ics6787zrkwjmp16kqyh6560p9f317syks785805f7s"; + sha256 = "0g95xs4nvx5n62hb4fkbkd870l9q3y9adfc4h8j21phj9mxybkb8"; type = "gem"; }; - version = "1.15.0"; + version = "1.16.3"; + }; + twitter = { + dependencies = ["addressable" "buftok" "equalizer" "http" "http-form_data" "http_parser.rb" "memoizable" "multipart-post" "naught" "simple_oauth"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0fjyz3viabz3xs5d9aad18zgdbhfwm51jsnzigc8kxk77p1x58n5"; + type = "gem"; + }; + version = "6.2.0"; }; uglifier = { dependencies = ["execjs"]; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wmqvn4xncw6h3d5gp2a44170zwxfyj3iq4rsjp16zarvzbdmgnz"; + sha256 = "14r283lkhisq2sdccv8ngf10f2f18ly4nc3chz3kliw5nylbgznw"; + type = "gem"; + }; + version = "4.1.18"; + }; + unf = { + dependencies = ["unf_ext"]; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9"; + type = "gem"; + }; + version = "0.1.4"; + }; + unf_ext = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "06p1i6qhy34bpb8q8ms88y6f2kz86azwm098yvcc0nyqk9y729j1"; + type = "gem"; + }; + version = "0.0.7.5"; + }; + xmlrpc = { + source = { + remotes = ["https://rubygems.org"]; + sha256 = "1s744iwblw262gj357pky3d9fcx9hisvla7rnw29ysn5zsb6i683"; type = "gem"; }; - version = "3.2.0"; + version = "0.3.0"; }; }
\ No newline at end of file diff --git a/makefu/5pkgs/bento4/default.nix b/makefu/5pkgs/bento4/default.nix new file mode 100644 index 000000000..07c64a101 --- /dev/null +++ b/makefu/5pkgs/bento4/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchFromGitHub +, pkgconfig +, cmake +}: +stdenv.mkDerivation rec { + name = "bento4-${version}"; + version = "1.5.1-624"; + + src = fetchFromGitHub { + owner = "axiomatic-systems"; + repo = "Bento4"; + rev = "v${version}"; + sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf"; + }; + + nativeBuildInputs = [ cmake pkgconfig ]; + installPhase = '' + mkdir -p $out/{lib,bin} + find -iname '*.so' -exec mv --target-directory="$out/lib" {} \; + find -maxdepth 1 -executable -type f -exec mv --target-directory="$out/bin" {} \; + ''; + + meta = with stdenv.lib; { + description = "Full-featured MP4 format and MPEG DASH library and tools"; + homepage = http://bento4.com; + license = licenses.gpl3; + maintainers = with maintainers; [ makefu ]; + platforms = with platforms; linux; + }; +} diff --git a/makefu/5pkgs/cozy-audiobooks/default.nix b/makefu/5pkgs/cozy-audiobooks/default.nix new file mode 100644 index 000000000..f1d655a0a --- /dev/null +++ b/makefu/5pkgs/cozy-audiobooks/default.nix @@ -0,0 +1,99 @@ +{ stdenv, fetchFromGitHub +, ninja +, boost +, meson +, pkgconfig +, wrapGAppsHook +, appstream-glib +, desktop-file-utils +, gtk3 +, glib +, gst_all_1 +, gobjectIntrospection +, python3Packages +, file +, cairo , sqlite , gettext +, gnome3 +}: + +let + peewee = with python3Packages; buildPythonPackage rec { + # https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/python-peewee + pname = "peewee"; + version = "3.6.4"; + src = fetchPypi { + inherit pname version; + sha256 = "1fi4z9n86ri79gllwav0gv3hmwipzmkvivzfyszfqn9fi5zpp3ak"; + }; + doCheck = false; + + checkPhase = '' + python runtests.py + ''; + + buildInputs = [ + cython + sqlite + # psycopg2 + # mysql-connector + ]; + meta.license = stdenv.lib.licenses.mit; + }; +in +stdenv.mkDerivation rec { + name = "cozy-${version}"; + version = "0.6.0"; + + src = fetchFromGitHub { + owner = "geigi"; + repo = "cozy"; + rev = version; + sha256 = "1afl3qsn9h4k8fgp63z0ab9p5ashrg3g936a9rh3i9qydv6s3srd"; + }; + + postPatch = '' + chmod +x data/meson_post_install.py + patchShebangs data/meson_post_install.py + substituteInPlace cozy/magic/magic.py --replace "ctypes.util.find_library('magic')" "'${file}/lib/libmagic${stdenv.hostPlatform.extensions.sharedLibrary}'" + ''; + postInstall = '' + wrapProgram $out/bin/com.github.geigi.cozy \ + --prefix PYTHONPATH : "$PYTHONPATH:$(toPythonPath $out)" + + ''; + wrapPrefixVariables = [ "PYTHONPATH" ]; + + + nativeBuildInputs = [ + meson ninja pkgconfig + wrapGAppsHook + appstream-glib + desktop-file-utils + gobjectIntrospection + + ]; + buildInputs = with gst_all_1; [ gtk3 glib + gstreamer gst-plugins-good gst-plugins-ugly gst-plugins-base cairo gettext + gnome3.defaultIconTheme gnome3.gsettings-desktop-schemas + ] + ++ (with python3Packages; [ + python gst-python pygobject3 dbus-python mutagen peewee magic + + ]); + + checkPhase = '' + ninja test + ''; + + #preInstall = '' + # export MESON_INSTALL_PREFIX=$out + #''; + + meta = with stdenv.lib; { + description = '' + Eval nix code from python. + ''; + maintainers = [ maintainers.makefu ]; + license = licenses.mit; + }; +} diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index b1d6df67e..390c13ffe 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -1,6 +1,5 @@ -with import <stockholm/lib>; -self: super: let - +self: super: +with super.lib; with builtins; let # This callPackage will try to detect obsolete overrides. callPackage = path: args: let override = super.callPackage path args; @@ -15,6 +14,7 @@ self: super: let override else override; + eq = x: y: x == y; subdirsOf = path: mapAttrs (name: _: path + "/${name}") (filterAttrs (_: eq "directory") (readDir path)); @@ -40,6 +40,6 @@ in { }; } -// mapAttrs (_: flip callPackage {}) +// (mapAttrs (_: flip callPackage {}) (filterAttrs (_: dir: pathExists (dir + "/default.nix")) - (subdirsOf ./.)) + (subdirsOf ./.))) diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix index 3df67d07e..1f353e477 100644 --- a/makefu/5pkgs/drozer/default.nix +++ b/makefu/5pkgs/drozer/default.nix @@ -1,15 +1,16 @@ -{ pkgs, lib, fetchFromGitHub, pythonPackages, jre7, jdk7 }: +{ pkgs, lib, fetchFromGitHub, pythonPackages, jre, jdk }: pythonPackages.buildPythonApplication rec { name = "drozer-${version}"; version = "2.4.3"; - buildInputs = [ jdk7 ]; + buildInputs = [ jdk ]; propagatedBuildInputs = with pythonPackages; [ protobuf pyopenssl pyyaml + service-identity ] ++ [ - jre7 + jre twisted ]; src = fetchFromGitHub { @@ -19,7 +20,7 @@ pythonPackages.buildPythonApplication rec { sha256 = "1z437y7rr53dhpi95yc2c3x8g4aix90y7zf52avcdsvhlp4iip3q"; }; prePatch = '' - sed -i 's#^exec java #exec ${jre7}/bin/java #' ./src/drozer/lib/dx + sed -i 's#^exec java #exec ${jre}/bin/java #' ./src/drozer/lib/dx patchShebangs ./src/drozer/lib/dx patchelf $(cat $NIX_CC/nix-support/dynamic-linker) ./src/drozer/lib/aapt echo starting build diff --git a/makefu/5pkgs/ifdnfc/default.nix b/makefu/5pkgs/ifdnfc/default.nix new file mode 100644 index 000000000..cc7956c8c --- /dev/null +++ b/makefu/5pkgs/ifdnfc/default.nix @@ -0,0 +1,45 @@ +{ stdenv, fetchFromGitHub , pkgconfig +, pcsclite +, autoreconfHook +, libnfc +}: + +stdenv.mkDerivation rec { + name = "ifdnfc-${version}"; + version = "2016-03-01"; + + src = fetchFromGitHub { + owner = "nfc-tools"; + repo = "ifdnfc"; + rev = "0e48e8e"; + sha256 = "1cxnvhhlcbm8h49rlw5racspb85fmwqqhd3gzzpzy68vrs0b37vg"; + }; + nativeBuildInputs = [ pkgconfig autoreconfHook ]; + buildInputs = [ pcsclite libnfc ]; + + configureFlags = [ "--prefix=$(out)" ]; + makeFlags = [ "DESTDIR=/" "usbdropdir=$(out)/pcsc/drivers" ]; + + meta = with stdenv.lib; { + description = "PC/SC IFD Handler based on libnfc"; + long_description = + '' libnfc Interface Plugin to be used in <code>services.pcscd.plugins</code>. + It provides support for all readers which are not supported by ccid but by libnfc. + + For activating your reader you need to run + <code>ifdnfc-activate yes<code> with this package in your + <code>environment.systemPackages</code> + + To use your reader you may need to blacklist your reader kernel modules: + <code>boot.blacklistedKernelModules = [ "pn533" "pn533_usb" "nfc" ];</code> + + Supports the pn533 smart-card reader chip which is for example used in + the SCM SCL3711. + ''; + homepage = https://github.com/nfc-tools/ifdnfc; + license = licenses.gpl3; + platforms = platforms.linux; + maintainers = with maintainers; [ makefu ]; + }; +} + diff --git a/makefu/5pkgs/nur.nix b/makefu/5pkgs/nur.nix new file mode 100644 index 000000000..b0607671b --- /dev/null +++ b/makefu/5pkgs/nur.nix @@ -0,0 +1,7 @@ +{ pkgs ? import <nixpkgs> {} }: + +{ + overlays.full = import ./default.nix; + pkgs = import ./default.nix pkgs pkgs; +} // (import ./default.nix pkgs pkgs) + diff --git a/makefu/krops.nix b/makefu/krops.nix new file mode 100644 index 000000000..5ce430ad2 --- /dev/null +++ b/makefu/krops.nix @@ -0,0 +1,88 @@ +{ config ? config, name }: let + krops = builtins.fetchGit { + url = https://cgit.krebsco.de/krops/; + rev = "4e466eaf05861b47365c5ef46a31a188b70f3615"; + }; + nixpkgs-src = lib.importJSON ./nixpkgs.json; + lib = import "${krops}/lib"; + + # TODO document why pkgs should be used like this + pkgs = import "${krops}/pkgs" {}; + hostSource = { + secure = false; + full = false; + torrent = false; + hw = false; + musnix = false; + python = false; + unstable = false; #unstable channel checked out + mic92 = false; + nms = false; + clever_kexec = false; + } // import (./. + "/1systems/${name}/source.nix"); + source = { test }: lib.evalSource [ + { + # nixos-18.03 @ 2018-08-06 + # + do_sqlite3 ruby: 55a952be5b5 + # + exfat-nofuse bump: ee6a5296a35 + # + uhub/sqlite: 5dd7610401747 + nixpkgs.git = { + ref = nixpkgs-src.rev; + url = nixpkgs-src.url; + }; + nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix"; + + stockholm.file = toString <stockholm>; + secrets = if test then { + file = toString (./. + "/0tests/data/secrets"); + } else { + pass = { + dir = "${lib.getEnv "HOME"}/.secrets-pass"; + inherit name; + }; + }; + } + (lib.mkIf (hostSource.torrent) { + torrent-secrets = if test then { + file = ./. + "/makefu/0tests/data/secrets"; + } else { + pass = { + dir = "${lib.getEnv "HOME"}/.secrets-pass"; + name = "torrent"; + }; + }; + }) + (lib.mkIf ( hostSource.musnix ) { + musnix.git = { + url = https://github.com/musnix/musnix.git; + ref = "master"; # follow the musnix channel, lets see how this works out + }; + }) + (lib.mkIf ( hostSource.hw ) { + nixos-hardware.git = { + url = https://github.com/nixos/nixos-hardware.git; + ref = "30fdd53"; + }; + }) + ]; + +in { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) + deploy = pkgs.krops.writeDeploy "${name}-deploy" { + source = source { test = false; }; + target = "root@${name}/var/src"; + }; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) + test = pkgs.krops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src"; + }; + + ci = map (host: + pkgs.krops.writeTest "${host.name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "TMPDIR"}/makefu/${host.name}"; + } + ) (lib.filter (host: lib.getAttr "ci" host && host.owner == "makefu") (lib.attrValues config.krebs.hosts)); +} diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json new file mode 100644 index 000000000..f39bb6688 --- /dev/null +++ b/makefu/nixpkgs.json @@ -0,0 +1,7 @@ +{ + "url": "https://github.com/makefu/nixpkgs", + "rev": "8f991294288b27b9dec05cc1e07ec6a360bb39c8", + "date": "2018-08-06T14:29:01+02:00", + "sha256": "0zan8kdjk1pwdzm1rwc3ka87k11j0zmw4mdnj70r6pm38x2fa9n6", + "fetchSubmodules": true +} diff --git a/makefu/update-channel.sh b/makefu/update-channel.sh new file mode 100755 index 000000000..59d3c434f --- /dev/null +++ b/makefu/update-channel.sh @@ -0,0 +1,9 @@ +#!/bin/sh +dir=$(dirname $0) +oldref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') +nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ + --url https://github.com/makefu/nixpkgs \ + --rev refs/heads/master' \ +> $dir/nixpkgs.json +newref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') +echo git commit $dir/nixpkgs.json -m "nixpkgs: $oldref -> $newref" |