From 411aec6bf9d1b53813e693f22b77972a00ce9078 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 13 Feb 2016 16:03:40 +0100 Subject: deploy,install,populate: admit target SSH port --- krebs/3modules/build.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index 3530fd595..1569072d1 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -51,6 +51,7 @@ let source = config.krebs.build.source; target-user = maybeEnv "target_user" "root"; target-host = maybeEnv "target_host" config.krebs.build.host.name; + target-port = maybeEnv "target_port" "22"; target-path = maybeEnv "target_path" "/var/src"; out = '' #! /bin/sh @@ -62,7 +63,8 @@ let } echo ${shell.escape git-script} \ - | ssh ${shell.escape "${target-user}@${target-host}"} -T + | ssh -p ${shell.escape target-port} \ + ${shell.escape "${target-user}@${target-host}"} -T unset tmpdir trap ' @@ -93,6 +95,7 @@ let (attrNames file-specs)} \ --delete \ -vFrlptD \ + -e ${shell.escape "ssh -p ${target-port}"} \ ${shell.escape target-path}/ \ ${shell.escape "${target-user}@${target-host}:${target-path}"} ''; -- cgit v1.2.3 From d38853027efe650e6de4b335014cd238624cd993 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 13 Feb 2016 16:07:01 +0100 Subject: krebs.nginx: default locations = [] --- krebs/3modules/nginx.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/nginx.nix b/krebs/3modules/nginx.nix index 921771033..5bc0903e4 100644 --- a/krebs/3modules/nginx.nix +++ b/krebs/3modules/nginx.nix @@ -34,6 +34,7 @@ let }; locations = mkOption { type = with types; listOf (attrsOf str); + default = []; }; extraConfig = mkOption { type = with types; string; @@ -76,8 +77,8 @@ let server { ${concatMapStringsSep "\n" (x: "listen ${x};") listen} server_name ${toString server-names}; - ${extraConfig} - ${indent (concatStrings (map to-location locations))} + ${indent extraConfig} + ${indent (concatMapStrings to-location locations)} } ''; -- cgit v1.2.3 From 0e35bc5c193916a5424689d04234978d3c57ecf5 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 13 Feb 2016 19:43:02 +0100 Subject: wbob: fix addrs --- krebs/3modules/makefu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 2811c0c52..d21c80e78 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -292,8 +292,8 @@ with lib; cores = 1; nets = { retiolm = { - addrs4 = ["10.243.214.15/32"]; - addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128"]; + addrs4 = ["10.243.214.15"]; + addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"]; aliases = [ "wbob.retiolum" ]; -- cgit v1.2.3 From e890eb244af82ba678e894a84983db5057fbb60a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 14 Feb 2016 13:26:37 +0100 Subject: krebs.setuid: init --- krebs/3modules/default.nix | 1 + krebs/3modules/setuid.nix | 75 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+) create mode 100644 krebs/3modules/setuid.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 3d51076cf..b2a02e9c7 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -27,6 +27,7 @@ let ./retiolum-bootstrap.nix ./realwallpaper.nix ./retiolum.nix + ./setuid.nix ./tinc_graphs.nix ./urlwatch.nix ]; diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix new file mode 100644 index 000000000..22123c926 --- /dev/null +++ b/krebs/3modules/setuid.nix @@ -0,0 +1,75 @@ +{ config, pkgs, lib, ... }: +with lib; +let + cfg = config.krebs.setuid; + + out = { + options.krebs.setuid = api; + config = imp; + }; + + api = mkOption { + default = {}; + type = let + # TODO make wrapperDir configurable + inherit (config.security) wrapperDir; + inherit (config.users) groups users; + in types.attrsOf (types.submodule ({ config, ... }: { + options = { + name = mkOption { + type = types.filename; + default = config._module.args.name; + }; + filename = mkOption { + type = mkOptionType { + # TODO unyuck string and merge with toC + name = "derivation or string"; + check = x: + isDerivation x || + isString x; + }; + apply = toString; + }; + owner = mkOption { + default = "root"; + type = types.enum (attrNames users); + }; + group = mkOption { + default = "root"; + type = types.enum (attrNames groups); + }; + mode = mkOption { + default = "4710"; + type = mkOptionType { + # TODO admit symbolic mode + name = "octal mode"; + check = x: + isString x && + match "[0-7][0-7][0-7][0-7]" x != null; + }; + }; + activate = mkOption { + type = types.str; + visible = false; + readOnly = true; + }; + }; + config.activate = let + src = pkgs.execve config.name { + inherit (config) filename; + }; + dst = "${wrapperDir}/${config.name}"; + in '' + cp ${src} ${dst} + chown ${config.owner}.${config.group} ${dst} + chmod ${config.mode} ${dst} + ''; + })); + }; + + imp = { + system.activationScripts."krebs.setuid" = stringAfter [ "setuid" ] + (concatMapStringsSep "\n" (getAttr "activate") (attrValues cfg)); + }; + +in out -- cgit v1.2.3 From 9f16d7ea71a2566b973ad0ac603c63ac3c6f4311 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 14 Feb 2016 13:38:47 +0100 Subject: krebs.lib: init --- krebs/3modules/default.nix | 1 + krebs/3modules/lib.nix | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 krebs/3modules/lib.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index b2a02e9c7..695562192 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -20,6 +20,7 @@ let ./git.nix ./go.nix ./iptables.nix + ./lib.nix ./nginx.nix ./nixpkgs.nix ./per-user.nix diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix new file mode 100644 index 000000000..31390a263 --- /dev/null +++ b/krebs/3modules/lib.nix @@ -0,0 +1,11 @@ +{ config, pkgs, lib, ... }: +with lib; +let + out = { + options.krebs.lib = api; + }; + api = mkOption { + default = {}; + type = types.attrs; + }; +in out -- cgit v1.2.3 From 673853e092c211e26a08030f87f9c868c6442a71 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 14 Feb 2016 16:43:44 +0100 Subject: RIP specialArgs.lib --- krebs/3modules/Reaktor.nix | 4 ++-- krebs/3modules/apt-cacher-ng.nix | 4 ++-- krebs/3modules/backup.nix | 4 ++-- krebs/3modules/bepasty-server.nix | 6 +++--- krebs/3modules/build.nix | 2 +- krebs/3modules/buildbot/master.nix | 4 ++-- krebs/3modules/buildbot/slave.nix | 4 ++-- krebs/3modules/current.nix | 4 ++-- krebs/3modules/default.nix | 18 +++++++++--------- krebs/3modules/exim-retiolum.nix | 4 ++-- krebs/3modules/exim-smarthost.nix | 5 ++--- krebs/3modules/fetchWallpaper.nix | 4 ++-- krebs/3modules/git.nix | 8 ++++---- krebs/3modules/github-hosts-sync.nix | 4 ++-- krebs/3modules/go.nix | 4 ++-- krebs/3modules/lass/default.nix | 4 ++-- krebs/3modules/makefu/default.nix | 4 ++-- krebs/3modules/miefda/default.nix | 4 ++-- krebs/3modules/mv/default.nix | 4 ++-- krebs/3modules/nginx.nix | 7 +++---- krebs/3modules/nixpkgs.nix | 8 ++++---- krebs/3modules/per-user.nix | 2 +- krebs/3modules/realwallpaper.nix | 6 +++--- krebs/3modules/retiolum-bootstrap.nix | 4 ++-- krebs/3modules/retiolum.nix | 4 ++-- krebs/3modules/setuid.nix | 2 +- krebs/3modules/shared/default.nix | 7 +++---- krebs/3modules/tinc_graphs.nix | 4 ++-- krebs/3modules/tv/default.nix | 4 ++-- krebs/3modules/urlwatch.nix | 4 ++-- 30 files changed, 72 insertions(+), 75 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index 92400139c..d58661a28 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let ReaktorConfig = pkgs.writeText "config.py" '' @@ -16,7 +16,7 @@ let out = { options.krebs.Reaktor = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix index 371d39b6f..46b405842 100644 --- a/krebs/3modules/apt-cacher-ng.nix +++ b/krebs/3modules/apt-cacher-ng.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let acng-config = pkgs.writeTextFile { name = "acng-configuration"; @@ -151,5 +151,5 @@ let in { options.krebs.apt-cacher-ng = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; } diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 66a325ed9..5e1a1597b 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -1,9 +1,9 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let out = { options.krebs.backup = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; cfg = config.krebs.backup; diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index e74841205..9e777a5ef 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let gunicorn = pkgs.pythonPackages.gunicorn; bepasty = pkgs.pythonPackages.bepasty-server; @@ -10,8 +10,8 @@ let out = { options.krebs.bepasty = api; - config = mkIf cfg.enable (mkMerge [ - (mkIf cfg.serveNginx nginx-imp) + config = lib.mkIf cfg.enable (lib.mkMerge [ + (lib.mkIf cfg.serveNginx nginx-imp) imp ]); }; diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index 1569072d1..a1f446188 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with lib; +with config.krebs.lib; let out = { diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index 74385a433..825cb3413 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let buildbot = pkgs.buildbot; buildbot-master-config = pkgs.writeText "buildbot-master.cfg" '' @@ -381,5 +381,5 @@ let in { options.krebs.buildbot.master = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; } diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index 0e7796d8a..7705ac31c 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let buildbot-slave-init = pkgs.writeText "buildbot-slave.tac" '' import os @@ -182,5 +182,5 @@ let in { options.krebs.buildbot.slave = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; } diff --git a/krebs/3modules/current.nix b/krebs/3modules/current.nix index 41941e289..9f63e33ac 100644 --- a/krebs/3modules/current.nix +++ b/krebs/3modules/current.nix @@ -1,13 +1,13 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.current; out = { options.krebs.current = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 695562192..23f82ed1c 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs; @@ -33,7 +33,7 @@ let ./urlwatch.nix ]; options.krebs = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { @@ -84,13 +84,13 @@ let }; }; - imp = mkMerge [ - { krebs = import ./lass { inherit lib; }; } - { krebs = import ./makefu { inherit lib; }; } - { krebs = import ./miefda { inherit lib; }; } - { krebs = import ./mv { inherit lib; }; } - { krebs = import ./shared { inherit lib; }; } - { krebs = import ./tv { inherit lib; }; } + imp = lib.mkMerge [ + { krebs = import ./lass { inherit config lib; }; } + { krebs = import ./makefu { inherit config lib; }; } + { krebs = import ./miefda { inherit config lib; }; } + { krebs = import ./mv { inherit config lib; }; } + { krebs = import ./shared { inherit config lib; }; } + { krebs = import ./tv { inherit config lib; }; } { krebs.dns.providers = { de.krebsco = "zones"; diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix index ea012c38c..1722eef1f 100644 --- a/krebs/3modules/exim-retiolum.nix +++ b/krebs/3modules/exim-retiolum.nix @@ -1,12 +1,12 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.exim-retiolum; out = { options.krebs.exim-retiolum = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index a564430ea..267ee2900 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -1,13 +1,12 @@ { config, pkgs, lib, ... }: -with builtins; -with lib; +with config.krebs.lib; let cfg = config.krebs.exim-smarthost; out = { options.krebs.exim-smarthost = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 225f00803..53fe0839d 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -1,13 +1,13 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.fetchWallpaper; out = { options.krebs.fetchWallpaper = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 11cf21b5f..a9542718d 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, lib, pkgs, ... }: # TODO unify logging of shell scripts to user and journal # TODO move all scripts to ${etcDir}, so ControlMaster connections @@ -6,13 +6,13 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with lib; +with config.krebs.lib; let cfg = config.krebs.git; out = { options.krebs.git = api; - config = mkIf cfg.enable (mkMerge [ + config = with lib; mkIf cfg.enable (mkMerge [ (mkIf cfg.cgit cgit-imp) git-imp ]); @@ -86,7 +86,7 @@ let singleton { user = [ config.krebs.users.tv ]; repo = [ testing ]; # see literal example of repos - perm = push "refs/*" (with lib.git; [ + perm = push "refs/*" (with config.krebs.lib.git; [ non-fast-forward create delete merge ]); } diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 2aa18d53a..1d3873232 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.github-hosts-sync; out = { options.krebs.github-hosts-sync = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 08a93dab7..52a104bb9 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -1,13 +1,13 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.go; out = { options.krebs.go = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 749d3ff49..41a609105 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -1,6 +1,6 @@ -{ lib, ... }: +{ config, lib, ... }: -with lib; +with config.krebs.lib; { hosts = { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d21c80e78..ca83d6906 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -1,6 +1,6 @@ -{ lib, ... }: +{ config, lib, ... }: -with lib; +with config.krebs.lib; { hosts = { diff --git a/krebs/3modules/miefda/default.nix b/krebs/3modules/miefda/default.nix index 0cfa8bd27..6587ad92d 100644 --- a/krebs/3modules/miefda/default.nix +++ b/krebs/3modules/miefda/default.nix @@ -1,6 +1,6 @@ -{ lib, ... }: +{ config, lib, ... }: -with lib; +with config.krebs.lib; { hosts = { diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix index 8803cb249..33f941aae 100644 --- a/krebs/3modules/mv/default.nix +++ b/krebs/3modules/mv/default.nix @@ -1,6 +1,6 @@ -{ lib, ... }: +{ config, ... }: -with lib; +with config.krebs.lib; { hosts = { diff --git a/krebs/3modules/nginx.nix b/krebs/3modules/nginx.nix index 5bc0903e4..7b7163071 100644 --- a/krebs/3modules/nginx.nix +++ b/krebs/3modules/nginx.nix @@ -1,13 +1,12 @@ -{ config, pkgs, lib, ... }: +{ config, lib, pkgs, ... }: -with builtins; -with lib; +with config.krebs.lib; let cfg = config.krebs.nginx; out = { options.krebs.nginx = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/nixpkgs.nix b/krebs/3modules/nixpkgs.nix index 4129f9483..5816b8a30 100644 --- a/krebs/3modules/nixpkgs.nix +++ b/krebs/3modules/nixpkgs.nix @@ -1,11 +1,11 @@ -{ config, pkgs, lib, ... }: -with lib; +{ config, lib, pkgs, ... }: +with config.krebs.lib; let cfg = config.krebs.nixpkgs; out = { options.krebs.nixpkgs = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { @@ -37,7 +37,7 @@ let }; }; - imp = mkIf (cfg.allowUnfreePredicate != null) { + imp = lib.mkIf (cfg.allowUnfreePredicate != null) { nixpkgs.config.allowUnfreePredicate = cfg.allowUnfreePredicate; }; in out diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix index ee213deda..13da5c4c3 100644 --- a/krebs/3modules/per-user.nix +++ b/krebs/3modules/per-user.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.per-user; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index b377368f7..df374e184 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -1,12 +1,12 @@ -arg@{ config, lib, pkgs, ... }: +{ config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.realwallpaper; out = { options.krebs.realwallpaper = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix index 65bb51193..40382d098 100644 --- a/krebs/3modules/retiolum-bootstrap.nix +++ b/krebs/3modules/retiolum-bootstrap.nix @@ -1,12 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.retiolum-bootstrap; out = { options.krebs.retiolum-bootstrap = api; - config = mkIf cfg.enable imp ; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 407695273..d0162eae9 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -1,11 +1,11 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.retiolum; out = { options.krebs.retiolum = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index 22123c926..1137788d8 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.setuid; diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix index df4c529bf..208b596f8 100644 --- a/krebs/3modules/shared/default.nix +++ b/krebs/3modules/shared/default.nix @@ -1,9 +1,8 @@ -{ lib, ... }: - -with lib; +{ config, ... }: +with config.krebs.lib; let - testHosts = lib.genAttrs [ + testHosts = genAttrs [ "test-arch" "test-centos6" "test-centos7" diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index dc0484a8b..2692de982 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.krebs.tinc_graphs; internal_dir = "${cfg.workingDir}/internal"; @@ -8,7 +8,7 @@ let out = { options.krebs.tinc_graphs = api; - config = mkIf cfg.enable imp ; + config = lib.mkIf cfg.enable imp ; }; api = { diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 9a0b99396..f8d3d8671 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -1,6 +1,6 @@ -{ lib, ... }: +{ config, ... }: -with lib; +with config.krebs.lib; { dns.providers = { diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 7a9fb55fd..cd4976a21 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -5,14 +5,14 @@ # cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}" # TODO hooks.py -with lib; +with config.krebs.lib; let cfg = config.krebs.urlwatch; # TODO assert sendmail's existence out = { options.krebs.urlwatch = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { -- cgit v1.2.3 From 8f520b19b623919fa6319029a955d43fd051773c Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 15 Feb 2016 16:27:11 +0100 Subject: don't try to mimic nixpkgs --- krebs/3modules/lib.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix index 31390a263..b19f275b5 100644 --- a/krebs/3modules/lib.nix +++ b/krebs/3modules/lib.nix @@ -3,9 +3,13 @@ with lib; let out = { options.krebs.lib = api; + config = imp; }; api = mkOption { default = {}; type = types.attrs; }; + imp = { + krebs.lib = lib // import ../4lib { inherit lib; } // builtins; + }; in out -- cgit v1.2.3 From b7a92f63884af00eb0243ec9328be689a6c9b845 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 15 Feb 2016 16:29:01 +0100 Subject: *: make eval.config.krebs.build.host.name work everywhere --- krebs/3modules/backup.nix | 2 +- krebs/3modules/default.nix | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 5e1a1597b..0aa86dec9 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -210,7 +210,7 @@ let | ${pkgs.coreutils}/bin/head -1; } ''; - # Note that we don't escape word on purpose, so we deref shell vars. + # Note that we don't escape word on purpose, so we can deref shell vars. # TODO type word network-ssh-port = host: word: '' case ${word} in diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 23f82ed1c..16a74e7c1 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -9,9 +9,9 @@ let ./apt-cacher-ng.nix ./backup.nix ./bepasty-server.nix - ./build.nix ./buildbot/master.nix ./buildbot/slave.nix + ./build.nix ./current.nix ./exim-retiolum.nix ./exim-smarthost.nix @@ -25,8 +25,8 @@ let ./nixpkgs.nix ./per-user.nix ./Reaktor.nix - ./retiolum-bootstrap.nix ./realwallpaper.nix + ./retiolum-bootstrap.nix ./retiolum.nix ./setuid.nix ./tinc_graphs.nix -- cgit v1.2.3 [cgit] Unable to lock slot /tmp/cgit/a7000000.lock: No such file or directory (2)