summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/Reaktor.nix2
-rw-r--r--krebs/3modules/bepasty-server.nix4
-rw-r--r--krebs/3modules/fetchWallpaper.nix2
-rw-r--r--krebs/3modules/lass/default.nix134
-rw-r--r--krebs/3modules/realwallpaper.nix185
-rw-r--r--krebs/3modules/tinc_graphs.nix2
6 files changed, 279 insertions, 50 deletions
diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
index 677b6f7b8..669483f3c 100644
--- a/krebs/3modules/Reaktor.nix
+++ b/krebs/3modules/Reaktor.nix
@@ -8,7 +8,7 @@ let
out = {
options.krebs.Reaktor = api;
- config = imp;
+ config = mkIf (cfg != {}) imp;
};
api = mkOption {
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix
index dd29a4e17..e12367b7c 100644
--- a/krebs/3modules/bepasty-server.nix
+++ b/krebs/3modules/bepasty-server.nix
@@ -143,12 +143,12 @@ let
) cfg.servers;
users.extraUsers.bepasty = {
- uid = genid "bepasty";
+ uid = genid_uint31 "bepasty";
group = "bepasty";
home = "/var/lib/bepasty-server";
};
users.extraGroups.bepasty = {
- gid = genid "bepasty";
+ gid = genid_uint31 "bepasty";
};
};
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index 5a5065565..e89b86e32 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -53,7 +53,7 @@ let
imp = {
users.users.fetchWallpaper = {
name = "fetchWallpaper";
- uid = genid "fetchWallpaper";
+ uid = genid_uint31 "fetchWallpaper";
description = "fetchWallpaper user";
home = cfg.stateDir;
createHome = true;
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 836ecb3f6..44417f006 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -409,6 +409,66 @@ with import <stockholm/lib>;
};
};
};
+ scardanelli = {
+ monitoring = false;
+ ci = false;
+ external = true;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.2.2";
+ ip6.addr = "42:2:5ca:da:3111::1";
+ aliases = [
+ "scardanelli.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/
+ MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge
+ UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi
+ kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0
+ gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx
+ we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY
+ QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm
+ SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL
+ 2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f
+ m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q
+ FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5
+ lM61fOMcVW1KREdWypiDtu8CAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+ homeros = {
+ monitoring = false;
+ ci = false;
+ external = true;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.2.1";
+ ip6.addr = "42:2::0:3:05::1";
+ aliases = [
+ "homeros.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd
+ ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc
+ 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v
+ RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd
+ vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3
+ +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc
+ QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm
+ fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh
+ VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7
+ k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX
+ gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N
+ mJ/hywVtvLxNkNimyztoKKMCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ };
turingmachine = {
monitoring = false;
ci = false;
@@ -644,47 +704,6 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
};
- cabal = {
- cores = 2;
- nets = rec {
- retiolum = {
- ip4.addr = "10.243.1.4";
- ip6.addr = "42::1:4";
- aliases = [
- "cabal.r"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIECgKCBAEAukXm8xPpC6/F+wssYqQbqt1QDwsPrF3TJ9ToLFcN1WgDlhDhjM3A
- SuRDMNjRT1fvVTuXyplH5g16eokW/yLOpNnznMS3/VR372pLPEOqfuRf7wAy18jj
- rZkW3EO7nyZ8KMb+SXA8Q0KIpHY50Ezh+tqGoTZDICwoK6N5dKLgAZShS55JXwwK
- qRG3vyzV3mDjgVyT0FNfyL1/BN1qvJ+tQQ40lEbkcQauMunMzNbH058kAd6H2/0e
- LK4JkxI9XpZHE6Pf1epXyClHW7vT7APFRp9gL9tZS/XMC18+aEMFfQrNW9jb3FIq
- rU5MfJ7aubboe7dT6CRaRSWpduiKLVzY/JCoGvUziyvmR7qHsQWTEjtNuQX9joc3
- 6iq1o+gmLV0G8Xwq8cEcg5USlLxNsGBQPwYnTG6iTPPHqOv7BKucekE/opnVZseE
- fSNCGl1+tGwa3soSMI97LkpQTZxdeqf+jWZve0RbSa2Ihyod91ldFCqi1+PZx68v
- yBI0PJamlt+dBx6WQKbPngWYeD8hXo7tg0XVRVa3ZQyX+Mq6uCCb2GM8ewMUPl+A
- kcY1osFt6+sdkFGdiv3FMyijAiZumPoPprXC/4SGIsMnkoI4JfSAbTpHi2QuesqR
- KMeairdB7XGUYlMvWpDLKN2dbMdRc+l3kDUKT7hALjKeyWS/27WYeK/STxvZXEXi
- TZGHopvOFv6wcrb6nI49vIJo5mDLFamAPN3ZjeR20wP95UP7cUUSaTYX49M4lX6U
- oL5BaFrcLn2PTvS84pUxcXKAp70FgTpvGJbaWwETgDjW+H+qlGmI/BTejpL7flVs
- TOtaP/uCMxhVZSFv9bzo0ih10o+4gtU8lqxfJsVxlf2K7LVZ++LQba/u+XxRY+xw
- 3IFBfg34tnO6zYlV8XgAiJ6IUOHUZANsuBD4iMoFSVOig6t5eIOkgXR6GEkP8FBD
- rkroRMmxcu4lTCOzWIuAVOxCd4XXguoGQ4HAzpGd5ccdcb8Ev4RYEvNJY7B5tIQZ
- 4J0F9ECzJuSu1HvWTL+T6a36d2MDTkXU2IJ2tSHciXqiP+QMMF7p9Ux0tiAq4mtf
- luA94uKWg3cSyTyEM/jF66CgO6Ts3AivNE0MRNupV6AbUdr+TjzotGn9rxi168py
- w/49OVbpR9EIGC2wxx7qcSEk5chFOcgvNQMRqgIx51bbOL7JYb0f4XuA38GUqLkG
- 09PXmPeyqGzR9HsV2XZDprZdD3Dy4ojdexw0+YILg9bHaAxLHYs6WFZvzfaLLsf1
- K2I39vvrEEOy8tHi4jvMk7oVX6RWG+DOZMeXTvyUCaBHyYkA0eDlC6NeKOHxnW/g
- ZtN1W93UdklEqc5okM0/ZIke1HDRt3ZLdQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- secure = true;
- ssh.privkey.path = <secrets/ssh.id_ed25519>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsTeSAedrbp7/KmZX8Mvka702fIUy77Mvqo9HwzCbym";
- };
red = {
monitoring = false;
cores = 1;
@@ -716,6 +735,36 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp";
};
+ yellow = {
+ cores = 1;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.0.14";
+ ip6.addr = "42:0:0:0:0:0:0:14";
+ aliases = [
+ "yellow.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6lHmzq8+04h3zivJmIbP
+ MkYiW7KflcTWQrl/4jJ7DVFbrtS6BSSI0wIibW5ygtLrp2nYgWv1jhg7K9q8tWMY
+ b6tDv/ze02ywCwStbjytW3ymSZUJlRkK2DQ4Ld7JEyKmLQIjxXYah+2P3QeUxLfU
+ Uwk6vSRuTlcb94rLFOrCUDRy1cZC73ZmtdbEP2UZz3ey6beo3l/K5O4OOz+lNXgd
+ OXPls4CeNm6NYhSGTBomS/zZBzGqb+4sOtLSPraNQuc75ZVpT8nFa/7tLVytWCOP
+ vWglPTJOyQSygSoVwGU9I8pq8xF1aTE72hLGHprIJAGgQE9rmS9/3mbiGLVZpny6
+ C6Q9t6vkYBRb+jg3WozIXdUvPP19qTEFaeb08kAuf1xhjZhirfDQjI7K6SFaDOUp
+ Y/ZmCrCuaevifaXYza/lM+4qhPXmh82WD5ONOhX0Di98HBtij2lybIRUG/io4DAU
+ 52rrNAhRvMkUTBRlGG6LPC4q6khjuYgo9uley5BbyWWbCB1A9DUfbc6KfLUuxSwg
+ zLybZs/SHgXw+pJSXNgFJTYGv1i/1YQdpnbTgW4QsEp05gb+gA9/6+IjSIJdJE3p
+ DSZGcJz3gNSR1vETk8I2sSC/N8wlYXYV7wxQvSlQsehfEPrFtXM65k3RWzAAbNIJ
+ Akz4E3+xLVIMqKmHaGWi0usCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC03TCO73NQZHo7NKZiVJp2iiUbe6PQP14Kg3Bnlkqje ";
+ };
blue = {
cores = 1;
nets = {
@@ -789,9 +838,6 @@ with import <stockholm/lib>;
mail = "lass@daedalus.r";
pubkey = builtins.readFile ./ssh/daedalus.rsa;
};
- fritz = {
- pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
- };
prism-repo-sync = {
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe";
mail = "lass@prism.r";
diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix
index 044811c7d..cb940efef 100644
--- a/krebs/3modules/realwallpaper.nix
+++ b/krebs/3modules/realwallpaper.nix
@@ -77,7 +77,190 @@ let
serviceConfig = {
Type = "simple";
- ExecStart = "${pkgs.realwallpaper}/realwallpaper.sh";
+ ExecStart = pkgs.writeDash "generate-wallpaper" ''
+ set -xeuf
+
+ # usage: getimg FILENAME URL
+ fetch() {
+ echo "fetch $1"
+ curl -LsS -z "$1" -o "$1" "$2"
+ }
+
+ # usage: check_type FILENAME TYPE
+ check_type() {
+ if ! file -ib "$1" | grep -q "^$2/"; then
+ echo "$1 is not of type $2" >&2
+ rm "$1"
+ return 1
+ fi
+ }
+
+ # usage: image_size FILENAME
+ image_size() {
+ identify "$1" | awk '{print$3}'
+ }
+
+ # usage: make_mask DST SRC MASK
+ make_layer() {
+ if needs_rebuild "$@"; then
+ echo "make $1 (apply mask)" >&2
+ convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1"
+ fi
+ }
+
+ # usage: flatten DST HILAYER LOLAYER
+ flatten() {
+ if needs_rebuild "$@"; then
+ echo "make $1 (flatten)" >&2
+ composite "$2" "$3" "$1"
+ fi
+ }
+
+ # usage: needs_rebuild DST SRC...
+ needs_rebuild() {
+ a="$1"
+ shift
+ if ! test -e "$a"; then
+ #echo " $a does not exist" >&2
+ result=0
+ else
+ result=1
+ for b; do
+ if test "$b" -nt "$a"; then
+ #echo " $b is newer than $a" >&2
+ result=0
+ fi
+ done
+ fi
+ #case $result in
+ # 0) echo "$a needs rebuild" >&2;;
+ #esac
+ return $result
+ }
+
+ main() {
+ cd ${cfg.workingDir}
+
+ # fetch source images in parallel
+ fetch nightmap-raw.jpg \
+ ${cfg.nightmap} &
+ fetch daymap-raw.png \
+ ${cfg.daymap} &
+ fetch clouds-raw.jpg \
+ ${cfg.cloudmap} &
+ fetch marker.json \
+ ${cfg.marker} &
+ wait
+
+ check_type nightmap-raw.jpg image
+ check_type daymap-raw.png image
+ check_type clouds-raw.jpg image
+
+ in_size=2048x1024
+ xplanet_out_size=1466x1200
+ out_geometry=1366x768+100+160
+
+ nightsnow_color='#0c1a49' # nightmap
+
+ for raw in \
+ nightmap-raw.jpg \
+ daymap-raw.png \
+ clouds-raw.jpg \
+ ;
+ do
+ normal=''${raw%-raw.*}.png
+ if needs_rebuild $normal $raw; then
+ echo "make $normal; normalize $raw" >&2
+ convert $raw -scale $in_size $normal
+ fi
+ done
+
+ # create nightmap-fullsnow
+ if needs_rebuild nightmap-fullsnow.png; then
+ convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png
+ fi
+
+ # extract daymap-snowmask from daymap-final
+ if needs_rebuild daymap-snowmask.png daymap.png; then
+ convert daymap.png -threshold 95% daymap-snowmask.png
+ fi
+
+ # extract nightmap-lightmask from nightmap
+ if needs_rebuild nightmap-lightmask.png nightmap.png; then
+ convert nightmap.png -threshold 25% nightmap-lightmask.png
+ fi
+
+ # create layers
+ make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png
+ make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png
+
+ # apply layers
+ flatten nightmap-lightsnowlayer.png \
+ nightmap-lightlayer.png \
+ nightmap-snowlayer.png
+
+ flatten nightmap-final.png \
+ nightmap-lightsnowlayer.png \
+ nightmap.png
+
+ # create marker file from json
+ if [ -s marker.json ]; then
+ jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file
+ fi
+
+ # make all unmodified files as final
+ for normal in \
+ daymap.png \
+ clouds.png \
+ ;
+ do
+ final=''${normal%.png}-final.png
+ needs_rebuild $final &&
+ ln $normal $final
+ done
+
+ # rebuild every time to update shadow
+ xplanet --num_times 1 --geometry $xplanet_out_size \
+ --output xplanet-output.png --projection merc \
+ -config ${pkgs.writeText "xplanet.config" ''
+ [earth]
+ "Earth"
+ map=daymap-final.png
+ night_map=nightmap-final.png
+ cloud_map=clouds-final.png
+ cloud_threshold=10
+ shade=15
+ ''}
+
+ xplanet --num_times 1 --geometry $xplanet_out_size \
+ --output xplanet-krebs-output.png --projection merc \
+ -config ${pkgs.writeText "xplanet-krebs.config" ''
+ [earth]
+ "Earth"
+ map=daymap-final.png
+ night_map=nightmap-final.png
+ cloud_map=clouds-final.png
+ cloud_threshold=10
+ marker_file=marker_file
+ shade=15
+ ''}
+
+ # trim xplanet output
+ if needs_rebuild realwallpaper.png xplanet-output.png; then
+ convert xplanet-output.png -crop $out_geometry \
+ realwallpaper-tmp.png
+ mv realwallpaper-tmp.png realwallpaper.png
+ fi
+
+ if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
+ convert xplanet-krebs-output.png -crop $out_geometry \
+ realwallpaper-krebs-tmp.png
+ mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png
+ fi
+ }
+
+ main "$@"
+ '';
User = "realwallpaper";
};
};
diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index 8390eccbb..486a0c9cc 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -124,7 +124,7 @@ let
};
users.extraUsers.tinc_graphs = {
- uid = genid "tinc_graphs";
+ uid = genid_uint31 "tinc_graphs";
home = "/var/spool/tinc_graphs";
};
services.nginx = mkIf cfg.nginx.enable {