Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'prism/master'

Browse Source
This commit is contained in:
tv 2018-09-06 23:10:09 +02:00
commit 03764d6765
70 changed files with 1172 additions and 484 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.gitlab-ci.yml
View File

@ -1,5 +1,19 @@
before_script:
- mkdir -p ~/.ssh
- echo "$deploy_privkey" > deploy.key
- export GIT_SSH_COMMAND="ssh -i $PWD/deploy.key"
- chmod 600 deploy.key
- ssh-keyscan -H 'github.com' >> ~/.ssh/known_hosts
nix-shell test:
script:
- env
- nix-shell --pure --command 'true' -p stdenv && echo success
- nix-shell --pure --command 'false' -p stdenv || echo success
nur-packages makefu:
script:
- git reset --hard origin/master
- git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD
- git remote add deploy git@github.com:makefu/nur-packages.git || git remote set-url deploy git@github.com:makefu/nur-packages.git
- git push --force deploy HEAD:master
after_script:
- rm -f deploy.key

1
jeschli/1systems/brauerei/config.nix
View File

@ -8,6 +8,7 @@
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/xdg.nix>
<stockholm/jeschli/2configs/xserver>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/virtualbox.nix>
];

1
jeschli/1systems/enklave/config.nix
View File

@ -5,6 +5,7 @@
<stockholm/jeschli>
<stockholm/jeschli/2configs/retiolum.nix>
<stockholm/jeschli/2configs/IM.nix>
<stockholm/jeschli/2configs/git.nix>
<stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix>
{
networking.dhcpcd.allowInterfaces = [

73
jeschli/2configs/git.nix Normal file
View File

@ -0,0 +1,73 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
services.nginx.enable = true;
krebs.git = {
enable = true;
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
};
enable = true;
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
];
};
repos = public-repos;
rules = concatMap make-rules (attrValues repos);
public-repos = mapAttrs make-public-repo {
stockholm = {
cgit.desc = "Bonbon aus Git - die ganze Nacht";
};
krebs-page = {
cgit.desc = "Die Krebs Page";
};
};
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
nick = config.krebs.build.host.name;
channel = "#xxx";
server = "irc.r";
verbose = true;
branches = [ "master" ];
};
};
};
make-rules =
with git // config.krebs.users;
repo:
singleton {
user = [ jeschli jeschli-brauerei];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++
optional repo.public {
user = attrValues config.krebs.users;
repo = [ repo ];
perm = fetch;
} ++
optional (length (repo.collaborators or []) > 0) {
user = repo.collaborators;
repo = [ repo ];
perm = fetch;
};
in out

2
jeschli/2configs/retiolum.nix
View File

@ -17,7 +17,7 @@
tinc = pkgs.tinc_pre;
};
networking.firewall.allowedTCPPorts = [ 655 ];
networking.firewall.allowedTCPPorts = [ 80 655 ];
networking.firewall.allowedUDPPorts = [ 655 ];
environment.systemPackages = [

12
jeschli/2configs/steam.nix Normal file
View File

@ -0,0 +1,12 @@
{ config, pkgs, ... }:
{
nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
steam
];
hardware.opengl.driSupport32Bit = true;
#ports for inhome streaming
}

0
krebs/0tests/data/secrets/konsens.id_ed25519 Normal file
View File

3
krebs/1systems/wolf/config.nix
View File

@ -25,6 +25,7 @@ in
<stockholm/krebs/2configs/shack/muell_caller.nix>
<stockholm/krebs/2configs/shack/radioactive.nix>
<stockholm/krebs/2configs/shack/share.nix>
<stockholm/krebs/2configs/shack/mobile.mpd.nix>
{
systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate
systemd.services.telegraf.environment = {
@ -114,7 +115,7 @@ in
networking = {
firewall.enable = false;
firewall.allowedTCPPorts = [ 8088 8086 8083 ];
interfaces."${ext-if}".ip4 = [{
interfaces."${ext-if}".ipv4.addresses = [{
address = shack-ip;
prefixLength = 20;
}];

2
krebs/2configs/buildbot-stockholm.nix
View File

@ -24,7 +24,7 @@ in
testslave = "lasspass";
};
change_source.stockholm = ''
stockholm_repo = 'http://cgit.prism.r/stockholm'
stockholm_repo = 'http://cgit.hotdog.r/stockholm'
cs.append(
changes.GitPoller(
stockholm_repo,

24
krebs/2configs/repo-sync.nix
View File

@ -3,6 +3,10 @@
with import <stockholm/lib>;
let
konsens-user = {
name = "konsens";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKKozGNGBAzHnyj6xUlsjGxxknyChXvuyrddkWVVnz7";
};
mirror = "git@${config.networking.hostName}:";
defineRepo = {
@ -41,6 +45,13 @@ let
repo = [ repo ];
perm = push ''refs/*'' [ non-fast-forward create delete merge ];
}
{
user = [
konsens-user
];
repo = [ repo ];
perm = push ''refs/heads/master'' [ create merge ];
}
{
user = attrValues config.krebs.users;
repo = [ repo ];
@ -112,6 +123,19 @@ in {
krebs.repo-sync = {
enable = true;
};
krebs.konsens = {
enable = true;
repos = {
krops = { branchesToCheck = [ "lassulus" "tv" ]; };
stockholm = {};
};
};
krebs.secret.files.konsens = {
path = "/var/lib/konsens/.ssh/id_ed25519";
owner = konsens-user;
source-path = "${<secrets/konsens.id_ed25519>}";
};
imports = [
(sync-retiolum { name = "the_playlist"; desc = "Good Music collection + tools"; section = "art"; })

32
krebs/2configs/shack/mobile.mpd.nix Normal file
View File

@ -0,0 +1,32 @@
{lib,pkgs, ... }:
let
mpdHost = "mpd.shack";
ympd = name: port: let
webPort = 10000 + port;
in {
systemd.services."ympd-${name}" = {
description = "mpd for ${name}";
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody";
};
services.nginx.virtualHosts."mobile.${name}.mpd.shack" = {
serverAliases = [
"${name}.mpd.wolf.r"
"${name}.mpd.wolf.shack"
];
locations."/".proxyPass = "http://localhost:${toString webPort}";
};
};
in lib.mkMerge [{
services.nginx.enable = true;
}
(ympd "lounge" 6600)
(ympd "seminarraum" 6601)
(ympd "elab" 6602)
(ympd "kueche" 6603)
(ympd "crafting" 6604)
(ympd "fablab" 6605)
(ympd "workshop" 6606)
(ympd "klo" 6607)
]

1
krebs/3modules/default.nix
View File

@ -26,6 +26,7 @@ let
./iana-etc.nix
./iptables.nix
./kapacitor.nix
./konsens.nix
./monit.nix
./newsbot-js.nix
./nixpkgs.nix

1
krebs/3modules/jeschli/default.nix
View File

@ -132,6 +132,7 @@ with import <stockholm/lib>;
ip6.addr = "42::30";
aliases = [
"enklave.r"
"cgit.enklave.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----

80
krebs/3modules/konsens.nix Normal file
View File

@ -0,0 +1,80 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.krebs.konsens;
out = {
options.krebs.konsens = api;
config = lib.mkIf cfg.enable imp;
};
api = {
enable = mkEnableOption "git konsens finder";
repos = mkOption {
type = types.attrsOf (types.submodule ({ config, ...}: {
options = {
url = mkOption {
type = types.str;
default = "git@localhost:${config._module.args.name}";
};
branchesToCheck = mkOption {
type = types.listOf types.str;
default = [ "lassulus" "makefu" "tv" ];
};
target = mkOption {
type = types.str;
default = "master";
};
timerConfig = mkOption {
type = types.attrsOf types.str;
default = {
OnCalendar = "*:00,15,30,45";
};
};
};
}));
};
};
imp = {
users.users.konsens = rec {
name = "konsens";
uid = genid name;
home = "/var/lib/konsens";
createHome = true;
};
systemd.timers = mapAttrs' (name: repo:
nameValuePair "konsens-${name}" {
description = "konsens timer";
wantedBy = [ "timers.target" ];
timerConfig = repo.timerConfig;
}
) cfg.repos;
systemd.services = mapAttrs' (name: repo:
nameValuePair "konsens-${name}" {
after = [ "network.target" "secret.service" ];
path = [ pkgs.git ];
restartIfChanged = false;
serviceConfig = {
Type = "simple";
PermissionsStartOnly = true;
ExecStart = pkgs.writeDash "konsens-${name}" ''
if ! test -e ${name}; then
git clone ${repo.url} ${name}
fi
cd ${name}
git fetch origin
git push origin $(git merge-base ${concatMapStringsSep " " (branch: "origin/${branch}") repo.branchesToCheck}):refs/heads/master
'';
WorkingDirectory = /var/lib/konsens;
User = "konsens";
};
}
) cfg.repos;
};
in out

64
krebs/3modules/lass/default.nix
View File

@ -11,39 +11,6 @@ with import <stockholm/lib>;
ci = true;
monitoring = true;
}) {
dishfire = {
cores = 4;
nets = rec {
internet = {
ip4.addr = "144.76.172.188";
aliases = [
"dishfire.i"
];
ssh.port = 45621;
};
retiolum = {
via = internet;
ip4.addr = "10.243.133.99";
ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1233";
aliases = [
"dishfire.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAwKi49fN+0s5Cze6JThM7f7lj4da27PSJ/3w3tDFPvtQco11ksNLs
Xd3qPaQIgmcNVCR06aexae3bBeTx9y3qHvKqZVE1nCtRlRyqy1LVKSj15J1D7yz7
uS6u/BSZiCzmdZwu3Fq5qqoK0nfzWe/NKEDWNa5l4Mz/BZQyI/hbOpn6UfFD0LpK
R4jzc9Dbk/IFNAvwb5yrgEYtwBzlXzeDvHW2JcPq3qQjK2byQYNiIyV3g0GHppEd
vDbIPDFhTn3Hv5zz/lX+/We8izzRge7MEd+Vn9Jwb5NAzwDsOHl6ExpqASv9H49U
HwgPw5pstabyrsDWXybSYUb+8LcZf+unGwIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.port = 993;
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy";
};
prism = rec {
cores = 4;
extraZones = {
@ -441,7 +408,7 @@ with import <stockholm/lib>;
};
};
};
borg = {
rock = {
monitoring = false;
ci = false;
external = true;
@ -449,22 +416,21 @@ with import <stockholm/lib>;
retiolum = {
ip4.addr = "10.243.29.171";
ip6.addr = "42:4992:6a6d:700::2";
aliases = [ "borg.r" ];
aliases = [ "rock.r" ];
tinc.pubkey = ''
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0bHZApTM7Hl4qqNakSwq
bt7zJoTVK9ePoC3Mue1VmJ1mCKMaxKdzlO31kPeHtkilAzgyIJdgikyKFlApGsQL
aIuU9h55X7TbikoDD6ghbSrAe3Pgc+sJ3OZ7wO7Qb8CKgJvEbkk/u68YiJgyTjYD
HNjIQzlsGdpoSke9vwC8qWanfgN7c2MMGtakqfXDjYjCgp7O43i+SMupkMSXIXMA
5XUFh/vVp6xgPxBofcw0uQIyZ5v4PPFjnGPm4rnMbFzbhubntHjDadwGd5Niyw4O
zNNKNchTLfNiuNGqTZeYd0kJ5fNMKykhpSs+ou34MvexvpuyPlFuotnPXN/nOMml
3nwiqzthzPuBZRLswxT0WvlA8wlbeTOKJ0wTIR4dDuAF+euDtoNocVEN5PJNc7yN
fmwAV6geESoJbZQMSCtAp1NioaBlRPp1pFfoM/GotHywuFrTIxyoIBiYhkpWyQvq
WYw5j13IKqkL7jDchhoBmcardmh+AP5bL3uQ84BgaYNwFzHp04qIRrrdpF0eMaHB
/8zaqsNLn4/zQJB5ffkelwoIqfvLPQeCMLzHGHgP5xUnWgmZZGiiDLvhuaMeNq4U
EpCKoTL178sPOgNfHfd8mEqx0qKYuPrNQEdlpa5xOZqwx56pfYpGWY+KtF2FHLhS
iO64GCJqCi1MKBYx/NhaxKMCAwEAAQ==
-----END PUBLIC KEY-----
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};

5
krebs/3modules/retiolum-bootstrap.nix
View File

@ -31,11 +31,8 @@ in
enable = mkDefault true;
virtualHosts.retiolum-bootstrap = {
inherit (cfg) serverName sslCertificate sslCertificateKey;
enableSSL = true;
forceSSL = true;
extraConfig =''
if ($scheme = http){
return 301 https://$server_name$request_uri;
}
root ${pkgs.retiolum-bootstrap};
try_files $uri $uri/retiolum.sh;

6
krebs/nixpkgs.json
View File

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "4df3426f5a5e78cef4835897a43abd9e2a092b74",
"date": "2018-08-19T09:20:40+02:00",
"sha256": "05k5mssiqxffxi45mss9wjns6k76i248rpasa48akdcriry1mp63",
"rev": "a37638d46706610d12c9747614fd1b8f8d35ad48",
"date": "2018-08-30T21:03:26+02:00",
"sha256": "0rsdkk4z7pkqr2mw0pq7i6fkqs7gbi5kral3c8smm9bw104sn8v7",
"fetchSubmodules": true
}

63
lass/1systems/dishfire/config.nix
View File

@ -1,63 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/lass>
<stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/git.nix>
{
networking.dhcpcd.allowInterfaces = [
"enp*"
"eth*"
"ens*"
];
}
{
sound.enable = false;
}
{
environment.systemPackages = with pkgs; [
mk_sql_pair
];
}
{
imports = [
<stockholm/lass/2configs/websites/fritz.nix>
];
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport https"; target = "ACCEPT"; }
];
}
{
#TODO: abstract & move to own file
krebs.exim-smarthost = {
enable = true;
relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
config.krebs.hosts.mors
config.krebs.hosts.uriel
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
{ from = "postmaster"; to = "root"; }
{ from = "nobody"; to = "root"; }
{ from = "hostmaster"; to = "root"; }
{ from = "usenet"; to = "root"; }
{ from = "news"; to = "root"; }
{ from = "webmaster"; to = "root"; }
{ from = "www"; to = "root"; }
{ from = "ftp"; to = "root"; }
{ from = "abuse"; to = "root"; }
{ from = "noc"; to = "root"; }
{ from = "security"; to = "root"; }
{ from = "root"; to = "lass"; }
];
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport smtp"; target = "ACCEPT"; }
];
}
];
krebs.build.host = config.krebs.hosts.dishfire;
}

39
lass/1systems/dishfire/physical.nix
View File

@ -1,39 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [
./config.nix
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
];
boot.loader.grub = {
device = "/dev/vda";
splashImage = null;
};
boot.initrd.availableKernelModules = [
"ata_piix"
"ehci_pci"
"uhci_hcd"
"virtio_pci"
"virtio_blk"
];
fileSystems."/" = {
device = "/dev/mapper/pool-nix";
fsType = "ext4";
};
fileSystems."/srv/http" = {
device = "/dev/pool/srv_http";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/vda1";
fsType = "ext4";
};
fileSystems."/bku" = {
device = "/dev/pool/bku";
fsType = "ext4";
};
}

3
lass/1systems/dishfire/source.nix
View File

@ -1,3 +0,0 @@
import <stockholm/lass/source.nix> {
name = "dishfire";
}

2
makefu/1systems/cake/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="cake";
full = true;
}

2
makefu/1systems/darth/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="darth";
}

2
makefu/1systems/drop/config.nix
View File

@ -30,7 +30,7 @@ in {
allowedTCPPorts = [ ];
allowedUDPPorts = [ 655 ];
};
interfaces.enp0s3.ip4 = [{
interfaces.enp0s3.ipv4.addresses = [{
address = external-ip;
inherit prefixLength;
}];

2
makefu/1systems/drop/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="drop";
torrent = true;
}

4
makefu/1systems/fileleech/config.nix
View File

@ -145,13 +145,13 @@ in {
networking.nameservers = [ "8.8.8.8" ];
# SPF
networking.defaultGateway = "151.217.176.1";
networking.interfaces.enp6s0f0.ip4 = [{
networking.interfaces.enp6s0f0.ipv4.addresses = [{
address = "151.217.178.63";
prefixLength = 22;
}];
# Gigabit
networking.interfaces.enp8s0f1.ip4 = [{
networking.interfaces.enp8s0f1.ipv4.addresses = [{
address = "192.168.126.1";
prefixLength = 24;
}];

2
makefu/1systems/fileleech/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name = "fileleech";
torrent = true;
}

2
makefu/1systems/filepimp/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="filepimp";
}

5
makefu/1systems/full/source.nix Normal file
View File

@ -0,0 +1,5 @@
{
name="gum";
torrent = true;
clever_kexec = true;
}

2
makefu/1systems/gum/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="gum";
torrent = true;
clever_kexec = true;

2
makefu/1systems/iso/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="iso";
}

2
makefu/1systems/kexec/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="iso";
}

2
makefu/1systems/latte/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name = "latte";
torrent = true;
}

2
makefu/1systems/nextgum/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="nextgum";
torrent = true;
clever_kexec = true;

2
makefu/1systems/omo/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="omo";
torrent = true;
}

2
makefu/1systems/pnp/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="pnp";
}

2
makefu/1systems/repunit/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="repunit";
}

2
makefu/1systems/sdev/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="sdev";
}

3
makefu/1systems/shack-autoinstall/source.nix Normal file
View File

@ -0,0 +1,3 @@
{
name="iso";
}

2
makefu/1systems/shoney/config.nix
View File

@ -46,7 +46,7 @@ in {
dst = "10.8.10.6";
};
networking = {
interfaces.enp2s1.ip4 = [
interfaces.enp2s1.ipv4.addresses = [
{ address = ip; prefixLength = 24; }
# { address = alt-ip; prefixLength = 24; }
];

2
makefu/1systems/shoney/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="shoney";
}

2
makefu/1systems/studio/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="studio";
musnix = true;
}

4
makefu/1systems/tsp/source.nix
View File

@ -1,3 +1,5 @@
import <stockholm/makefu/source.nix> {
{
name="tsp";
full = true;
hw = true;
}

2
makefu/1systems/vbob/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="vbob";
# musnix = true;
}

2
makefu/1systems/wbob/config.nix
View File

@ -150,7 +150,7 @@ in {
# rt2870 with nonfree creates wlp2s0 from wlp0s20u2
# not explicitly setting the interface results in wpa_supplicant to crash
networking.wireless.interfaces = [ "wlp2s0" ];
networking.interfaces.virbr1.ip4 = [{
networking.interfaces.virbr1.ipv4.addresses = [{
address = "10.8.8.11";
prefixLength = 24;
}];

2
makefu/1systems/wbob/source.nix
View File

@ -1,4 +1,4 @@
import <stockholm/makefu/source.nix> {
{
name="wbob";
# musnix = true;
}

2
makefu/1systems/wry/config.nix
View File

@ -42,7 +42,7 @@ in {
allowedTCPPorts = [ 53 80 443 ];
allowedUDPPorts = [ 655 53 ];
};
interfaces.enp2s1.ip4 = [{
interfaces.enp2s1.ipv4.addresses = [{
address = external-ip;
prefixLength = 24;
}];

2
makefu/1systems/wry/source.nix
View File

@ -1,3 +1,3 @@
import <stockholm/makefu/source.nix> {
{
name="wry";
}

3
makefu/1systems/x/source.nix
View File

@ -1,9 +1,10 @@
import <stockholm/makefu/source.nix> {
{
name="x";
full = true;
python = true;
hw = true;
unstable = true;
mic92 = true;
clever_kexec = true;
# torrent = true;
}

4
makefu/2configs/deployment/events-publisher/default.nix
View File

@ -2,8 +2,8 @@
with import <stockholm/lib>;
let
shack-announce = pkgs.callPackage (builtins.fetchTarball {
url = "https://github.com/makefu/events-publisher/archive/5e7b083c63f25182a02c1fddb3d32cb9534fbc50.tar.gz";
sha256 = "1zzlhyj8fr6y3a3b6qlyrm474xxxs1ydqjpkd2jva3g1lnzlmvkp";
url = "https://github.com/makefu/events-publisher/archive/4cef900ba10348050208367af6b2035f5a0ef8b6.tar.gz";
sha256 = "137vsibr289p3xxlw37xhizi309sygki95919hmj02dxgwmy1k74";
}) {} ;
home = "/var/lib/shackannounce";
user = "shackannounce";

33
makefu/2configs/editor/vim.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, pkgs, ... }:
let
customPlugins.vim-better-whitespace = pkgs.vimUtils.buildVimPlugin {
name = "vim-better-whitespace";
src = pkgs.fetchFromGitHub {
owner = "ntpeters";
repo = "vim-better-whitespace";
rev = "984c8da518799a6bfb8214e1acdcfd10f5f1eed7";
sha256 = "10l01a8xaivz6n01x6hzfx7gd0igd0wcf9ril0sllqzbq7yx2bbk";
};
};
in {
environment.systemPackages = [
pkgs.python27Full # required for youcompleteme
(pkgs.vim_configurable.customize {
name = "vim";
vimrcConfig.customRC = builtins.readFile ./vimrc;
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [ "undotree"
# "YouCompleteMe"
"vim-better-whitespace" ]; }
# vim-nix handles indentation better but does not perform sanity
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
];
})
];
}

98
makefu/2configs/editor/vimrc Normal file
View File

@ -0,0 +1,98 @@
set nocompatible
syntax on
set list
set listchars=tab:▸\
"set list listchars=tab:>-,trail:.,extends:>
filetype off
filetype plugin indent on
colorscheme darkblue
set background=dark
set number
set relativenumber
set mouse=a
set ignorecase
set incsearch
set wildignore=*.o,*.obj,*.bak,*.exe,*.os
set textwidth=79
set shiftwidth=2
set expandtab
set softtabstop=2
set shiftround
set smarttab
set tabstop=2
set et
set autoindent
set backspace=indent,eol,start
inoremap <F1> <ESC>
nnoremap <F1> <ESC>
vnoremap <F1> <ESC>
nnoremap <F5> :UndotreeToggle<CR>
set undodir =~/.vim/undo
set undofile
"maximum number of changes that can be undone
set undolevels=1000000
"maximum number lines to save for undo on a buffer reload
set undoreload=10000000
nnoremap <F2> :set invpaste paste?<CR>
set pastetoggle=<F2>
set showmode
set showmatch
set matchtime=3
set hlsearch
autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red
" save on focus lost
au FocusLost * :wa
autocmd BufRead *.json set filetype=json
au BufNewFile,BufRead *.mustache set syntax=mustache
cnoremap SudoWrite w !sudo tee > /dev/null %
" create Backup/tmp/undo dirs
set backupdir=~/.vim/backup
set directory=~/.vim/tmp
function! InitBackupDir()
let l:parent = $HOME . '/.vim/'
let l:backup = l:parent . 'backup/'
let l:tmpdir = l:parent . 'tmp/'
let l:undodir= l:parent . 'undo/'
if !isdirectory(l:parent)
call mkdir(l:parent)
endif
if !isdirectory(l:backup)
call mkdir(l:backup)
endif
if !isdirectory(l:tmpdir)
call mkdir(l:tmpdir)
endif
if !isdirectory(l:undodir)
call mkdir(l:undodir)
endif
endfunction
call InitBackupDir()
augroup Binary
" edit binaries in xxd-output, xxd is part of vim
au!
au BufReadPre *.bin let &bin=1
au BufReadPost *.bin if &bin | %!xxd
au BufReadPost *.bin set ft=xxd | endif
au BufWritePre *.bin if &bin | %!xxd -r
au BufWritePre *.bin endif
au BufWritePost *.bin if &bin | %!xxd
au BufWritePost *.bin set nomod | endif
augroup END

18
makefu/2configs/hw/smartcard.nix Normal file
View File

@ -0,0 +1,18 @@
{ pkgs, ... }:
{
services.pcscd = {
enable = true;
plugins = with pkgs; [ ifdnfc ccid ];
};
environment.systemPackages = with pkgs; [
# need to run ifdnfc-activate before usage
ifdnfc
# pcsc_scan
pcsctools
];
boot.blacklistedKernelModules = [
"pn533" "pn533_usb"
"nfc"
];
}

76
makefu/2configs/nginx/rompr.nix Normal file
View File

@ -0,0 +1,76 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
user = config.services.nginx.user;
group = config.services.nginx.group;
src = pkgs.fetchFromGitHub {
owner = "fatg3erman";
repo = "RompR";
rev = "1.21";
sha256 = "00gk2c610qgpsb6y296h9pz2aaa6gfq4cqhn15l7fdrk3lkvh01q";
};
fpm-socket = "/var/run/php5-rompr-fpm.sock";
mpd-src = "/var/lib/rompr";
in {
services.phpfpm = {
# phpfpm does not have an enable option
poolConfigs = {
mpd = ''
user = ${user}
group = ${group}
listen = ${fpm-socket}
listen.owner = ${user}
listen.group = ${group}
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chdir = /
php_admin_value[error_log] = 'stderr'
php_admin_flag[log_errors] = on
catch_workers_output = yes
'';
};
};
# TODO: Pre-job
# TODO: prefs.var could be templated (serialized php ...) then we would not
# need to have a state dir at all
system.activationScripts.rompr = ''
mkdir -p ${mpd-src}
cp -r ${src}/. ${mpd-src}
chown -R ${user}:${group} ${mpd-src}
chmod 770 ${mpd-src}
'';
services.nginx = {
enable = mkDefault true;
virtualHosts = {
"localhost" = {
root = mpd-src;
locations."/".index = "index.php";
locations."~ \.php$" = {
root = mpd-src;
extraConfig = ''
client_max_body_size 200M;
fastcgi_pass unix:${fpm-socket};
include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
fastcgi_index index.php;
try_files $uri =404;
'';
};
};
};
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
ensureDatabases = [ "romprdb" ];
ensureUsers = [
{ ensurePermissions = { "romprdb.*" = "ALL PRIVILEGES"; };
name = user; }
];
};
}

1
makefu/2configs/tools/extra-gui.nix
View File

@ -12,7 +12,6 @@
virtmanager
# Dev
saleae-logic
arduino-user-env
gitAndTools.gitFull
signal-desktop
];

136
makefu/2configs/vim.nix
View File

@ -1,136 +0,0 @@
{ config, pkgs, ... }:
let
customPlugins.vim-better-whitespace = pkgs.vimUtils.buildVimPlugin {
name = "vim-better-whitespace";
src = pkgs.fetchFromGitHub {
owner = "ntpeters";
repo = "vim-better-whitespace";
rev = "984c8da518799a6bfb8214e1acdcfd10f5f1eed7";
sha256 = "10l01a8xaivz6n01x6hzfx7gd0igd0wcf9ril0sllqzbq7yx2bbk";
};
};
in {
environment.systemPackages = [
pkgs.python27Full # required for youcompleteme
(pkgs.vim_configurable.customize {
name = "vim";
vimrcConfig.customRC = ''
set nocompatible
syntax on
set list
set listchars=tab:\
"set list listchars=tab:>-,trail:.,extends:>
filetype off
filetype plugin indent on
colorscheme darkblue
set background=dark
set number
set relativenumber
set mouse=a
set ignorecase
set incsearch
set wildignore=*.o,*.obj,*.bak,*.exe,*.os
set textwidth=79
set shiftwidth=2
set expandtab
set softtabstop=2
set shiftround
set smarttab
set tabstop=2
set et
set autoindent
set backspace=indent,eol,start
inoremap <F1> <ESC>
nnoremap <F1> <ESC>
vnoremap <F1> <ESC>
nnoremap <F5> :UndotreeToggle<CR>
set undodir =~/.vim/undo
set undofile
"maximum number of changes that can be undone
set undolevels=1000000
"maximum number lines to save for undo on a buffer reload
set undoreload=10000000
nnoremap <F2> :set invpaste paste?<CR>
set pastetoggle=<F2>
set showmode
set showmatch
set matchtime=3
set hlsearch
autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red
" save on focus lost
au FocusLost * :wa
autocmd BufRead *.json set filetype=json
au BufNewFile,BufRead *.mustache set syntax=mustache
cnoremap SudoWrite w !sudo tee > /dev/null %
" create Backup/tmp/undo dirs
set backupdir=~/.vim/backup
set directory=~/.vim/tmp
function! InitBackupDir()
let l:parent = $HOME . '/.vim/'
let l:backup = l:parent . 'backup/'
let l:tmpdir = l:parent . 'tmp/'
let l:undodir= l:parent . 'undo/'
if !isdirectory(l:parent)
call mkdir(l:parent)
endif
if !isdirectory(l:backup)
call mkdir(l:backup)
endif
if !isdirectory(l:tmpdir)
call mkdir(l:tmpdir)
endif
if !isdirectory(l:undodir)
call mkdir(l:undodir)
endif
endfunction
call InitBackupDir()
augroup Binary
" edit binaries in xxd-output, xxd is part of vim
au!
au BufReadPre *.bin let &bin=1
au BufReadPost *.bin if &bin | %!xxd
au BufReadPost *.bin set ft=xxd | endif
au BufWritePre *.bin if &bin | %!xxd -r
au BufWritePre *.bin endif
au BufWritePost *.bin if &bin | %!xxd
au BufWritePost *.bin set nomod | endif
augroup END
'';
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [ "undotree"
# "YouCompleteMe"
"vim-better-whitespace" ]; }
# vim-nix handles indentation better but does not perform sanity
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
];
})
];
}

35
makefu/5pkgs/arduino-user-env/default.nix
View File

@ -1,35 +0,0 @@
{ lib, pkgs, ... }: let
#TODO: make sure env exists prior to running
env_nix = pkgs.writeText "env.nix" ''
{ pkgs ? import <nixpkgs> {} }:
(pkgs.buildFHSUserEnv {
name = "arduino-user-env";
targetPkgs = pkgs: with pkgs; [
coreutils
];
multiPkgs = pkgs: with pkgs; [
arduino
alsaLib
zlib
xorg.libXxf86vm
curl
openal
openssl_1_0_2
xorg.libXext
xorg.libX11
xorg.libXrandr
xorg.libXcursor
xorg.libXinerama
xorg.libXi
mesa_glu
];
runScript = "zsh";
}).env
'';
in pkgs.writeDashBin "arduino-user-env" ''
nix-shell ${env_nix}
''

56
makefu/5pkgs/beef/Gemfile
View File

@ -1,15 +1,16 @@
# BeEF's Gemfile
#
# Copyright (c) 2006-2017 Wade Alcorn - wade@bindshell.net
# Copyright (c) 2006-2018 Wade Alcorn - wade@bindshell.net
# Browser Exploitation Framework (BeEF) - http://beefproject.com
# See the file 'doc/COPYING' for copying permission
#
gem 'eventmachine'
gem 'thin'
gem 'sinatra'
gem 'rack', '~> 1.6.5'
gem 'sinatra', '~> 2.0'
gem 'rack', '~> 2.0'
gem 'rack-protection', '~> 2.0'
gem 'em-websocket' # WebSocket support
gem 'uglifier'
gem 'mime-types'
@ -22,8 +23,7 @@ gem 'data_objects'
gem 'rubyzip', '>= 1.2.1'
gem 'espeak-ruby', '>= 1.0.4' # Text-to-Voice
gem 'nokogiri', '>= 1.7'
gem 'therubyracer'
gem 'rake'
# SQLite support
group :sqlite do
@ -52,11 +52,17 @@ gem 'dm-migrations'
# Metasploit Integration extension
group :ext_msf do
gem 'msfrpc-client'
gem 'xmlrpc'
end
# Twitter Notifications extension
group :ext_twitter do
#gem 'twitter', '>= 5.0.0'
# Notifications extension
group :ext_notifications do
# Pushover
gem 'rushover'
# Slack
gem 'slack-notifier'
# Twitter
gem 'twitter', '>= 5.0.0'
end
# DNS extension
@ -76,22 +82,24 @@ end
# For running unit tests
group :test do
if ENV['BEEF_TEST']
gem 'rake'
gem 'test-unit'
gem 'test-unit-full'
gem 'curb'
gem 'selenium'
gem 'selenium-webdriver'
gem 'rspec'
gem 'bundler-audit'
# nokogirl is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev
# sudo port install libxml2 libxslt
gem 'capybara'
# RESTful API tests/generic command module tests
gem 'rest-client', '>= 2.0.1'
end
if ENV['BEEF_TEST']
gem 'test-unit'
gem 'test-unit-full'
gem 'rspec'
# curb gem requires curl libraries
# sudo apt-get install libcurl4-openssl-dev
gem 'curb'
# selenium-webdriver 3.x is incompatible with Firefox version 48 and prior
gem 'selenium'
gem 'selenium-webdriver', '~> 2.53.4'
# nokogirl is needed by capybara which may require one of the below commands
# sudo apt-get install libxslt-dev libxml2-dev
# sudo port install libxml2 libxslt
gem 'capybara'
# RESTful API tests/generic command module tests
gem 'rest-client', '>= 2.0.1'
gem 'byebug'
end
end
source 'https://rubygems.org'

101
makefu/5pkgs/beef/Gemfile.lock
View File

@ -4,8 +4,9 @@ GEM
addressable (2.5.2)
public_suffix (>= 2.0.2, < 4.0)
ansi (1.5.0)
chunky_png (1.3.8)
daemons (1.2.4)
buftok (0.2.0)
chunky_png (1.3.10)
daemons (1.2.6)
data_objects (0.10.17)
addressable (~> 2.1)
dm-core (1.2.1)
@ -26,48 +27,66 @@ GEM
do_sqlite3 (~> 0.10.6)
do_sqlite3 (0.10.17)
data_objects (= 0.10.17)
domain_name (0.5.20180417)
unf (>= 0.0.5, < 1.0.0)
em-websocket (0.5.1)
eventmachine (>= 0.12.9)
http_parser.rb (~> 0.6.0)
equalizer (0.0.11)
erubis (2.7.0)
espeak-ruby (1.0.4)
eventmachine (1.0.9.1)
execjs (2.7.0)
fastercsv (1.5.5)
filesize (0.1.1)
geoip (1.6.3)
geoip (1.6.4)
http (3.3.0)
addressable (~> 2.3)
http-cookie (~> 1.0)
http-form_data (~> 2.0)
http_parser.rb (~> 0.6.0)
http-cookie (1.0.3)
domain_name (~> 0.5)
http-form_data (2.1.1)
http_parser.rb (0.6.0)
jsobfu (0.4.2)
rkelly-remix
json (1.8.6)
json_pure (1.8.6)
libv8 (3.16.14.19)
memoizable (0.4.2)
thread_safe (~> 0.3, >= 0.3.1)
metasm (1.0.3)
mime-types (3.1)
mime-types (3.2.2)
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mime-types-data (3.2018.0812)
mini_portile2 (2.3.0)
mojo_magick (0.5.6)
msfrpc-client (1.1.1)
msgpack (~> 1)
rex (~> 2)
msgpack (1.1.0)
multi_json (1.12.2)
nokogiri (1.8.1)
msgpack (1.2.4)
multi_json (1.13.1)
multipart-post (2.0.0)
mustermann (1.0.2)
naught (1.1.0)
netrc (0.11.0)
nokogiri (1.8.4)
mini_portile2 (~> 2.3.0)
parseconfig (1.0.8)
public_suffix (3.0.0)
public_suffix (3.0.3)
qr4r (0.4.1)
mojo_magick
rqrcode
rack (1.6.8)
rack-protection (1.5.3)
rack (2.0.5)
rack-protection (2.0.3)
rack
rainbow (2.2.2)
rake
rake (12.1.0)
rainbow (3.0.0)
rake (12.3.1)
rb-readline (0.5.5)
ref (2.0.0)
rest-client (2.0.2)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
rex (2.0.11)
filesize
jsobfu (~> 0.4.1)
@ -86,23 +105,42 @@ GEM
eventmachine (~> 1.0.0)
rexec (~> 1.6.2)
rubyzip (1.2.1)
sinatra (1.4.8)
rack (~> 1.5)
rack-protection (~> 1.4)
tilt (>= 1.3, < 3)
rushover (0.3.0)
json
rest-client
simple_oauth (0.3.1)
sinatra (2.0.3)
mustermann (~> 1.0)
rack (~> 2.0)
rack-protection (= 2.0.3)
tilt (~> 2.0)
slack-notifier (2.3.2)
term-ansicolor (1.6.0)
tins (~> 1.0)
therubyracer (0.12.3)
libv8 (~> 3.16.14.15)
ref
thin (1.7.2)
daemons (~> 1.0, >= 1.0.9)
eventmachine (~> 1.0, >= 1.0.4)
rack (>= 1, < 3)
thread_safe (0.3.6)
tilt (2.0.8)
tins (1.15.0)
uglifier (3.2.0)
tins (1.16.3)
twitter (6.2.0)
addressable (~> 2.3)
buftok (~> 0.2.0)
equalizer (~> 0.0.11)
http (~> 3.0)
http-form_data (~> 2.0)
http_parser.rb (~> 0.6.0)
memoizable (~> 0.4.0)
multipart-post (~> 2.0)
naught (~> 1.0)
simple_oauth (~> 0.3.0)
uglifier (4.1.18)
execjs (>= 0.3.0, < 3)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.5)
xmlrpc (0.3.0)
PLATFORMS
ruby
@ -126,14 +164,19 @@ DEPENDENCIES
nokogiri (>= 1.7)
parseconfig
qr4r
rack (~> 1.6.5)
rack (~> 2.0)
rack-protection (~> 2.0)
rake
rubydns (~> 0.7.3)
rubyzip (>= 1.2.1)
sinatra
rushover
sinatra (~> 2.0)
slack-notifier
term-ansicolor
therubyracer
thin
twitter (>= 5.0.0)
uglifier
xmlrpc
BUNDLED WITH
1.15.4
1.14.6

39
makefu/5pkgs/beef/db-in-homedir.patch Normal file
View File

@ -0,0 +1,39 @@
--- /beef 2018-08-16 19:03:55.199437566 +0200
+++ /beef 2018-08-16 19:27:34.735985233 +0200
@@ -110,9 +110,20 @@
#
# @note Database setup - use DataMapper::Logger.new($stdout, :debug) for development debugging
#
+
+#
+# @note Create ~/.beef/
+#
+begin
+ FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir)
+rescue => e
+ print_error "Could not create '#{$home_dir}': #{e.message}"
+end
+
case config.get("beef.database.driver")
when "sqlite"
- DataMapper.setup(:default, "sqlite3://#{$root_dir}/#{config.get("beef.database.db_file")}")
+ print_info "Using Database #{$home_dir}/#{config.get("beef.database.db_file")}"
+ DataMapper.setup(:default, "sqlite3://#{$home_dir}/#{config.get("beef.database.db_file")}")
when "mysql", "postgres"
DataMapper.setup(:default,
:adapter => config.get("beef.database.driver"),
@@ -162,14 +173,6 @@
BeEF::Core::Console::Banners.print_network_interfaces_count
BeEF::Core::Console::Banners.print_network_interfaces_routes
-#
-# @note Create ~/.beef/
-#
-begin
- FileUtils.mkdir_p($home_dir) unless File.directory?($home_dir)
-rescue => e
- print_error "Could not create '#{$home_dir}': #{e.message}"
-end
#
# @note Check whether we load the Console Shell or not

22
makefu/5pkgs/beef/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, bundlerEnv, ruby, fetchFromGitHub }:
{ stdenv, bundlerEnv, ruby, fetchFromGitHub, nodejs }:
# nix-shell --command "bundler install && bundix" in the clone, copy gemset.nix, Gemfile and Gemfile.lock
let
gems = bundlerEnv {
@ -7,13 +7,17 @@ let
gemdir = ./.;
};
in stdenv.mkDerivation {
name = "beef-2017-09-21";
name = "beef-2018-09-21";
src = fetchFromGitHub {
owner = "beefproject";
repo = "beef";
rev = "69aa2a3";
sha256 = "1rky61i0wzpwcq3kqfa0m5hf6wyz8q8jgzs7dpfh04w9qh32ic4p";
rev = "d237c95";
sha256 = "1mykbjwjcbd2a18wycaf35hi3b9rmvqz1jnk2v55sd4c39f0jpf2";
};
prePatch = ''
ls -alhtr
'';
patches = [ ./db-in-homedir.patch ];
buildInputs = [gems ruby];
installPhase = ''
mkdir -p $out/{bin,share/beef}
@ -25,13 +29,17 @@ in stdenv.mkDerivation {
bin=$out/bin/beef
cat > $bin <<EOF
#!/bin/sh -e
PATH=$PATH:${nodejs}/bin/
exec ${gems}/bin/bundle exec ${ruby}/bin/ruby $out/share/beef/beef "\$@"
EOF
chmod +x $bin
'';
# crashes with segfault
# also, db cannot be set
meta.broken = true;
meta = with stdenv.lib; {
homepage = https://beefproject.com/;
description = "The Browser Exploitation Framework";
platforms = platforms.linux;
maintainers = with maintainers; [ makefu ];
};
}

242
makefu/5pkgs/beef/gemset.nix
View File

@ -16,21 +16,29 @@
};
version = "1.5.0";
};
buftok = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1rzsy1vy50v55x9z0nivf23y0r9jkmq6i130xa75pq9i8qrn1mxs";
type = "gem";
};
version = "0.2.0";
};
chunky_png = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0j0dngz6s0j3s3zaf9vrimjz65s9k7ad1c3xmmldr1vmz8sbd843";
sha256 = "05g2xli9wbjylkmblln3bhvjalziwb92q452q8ibjagmb853424w";
type = "gem";
};
version = "1.3.8";
version = "1.3.10";
};
daemons = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1bmb4qrd95b5gl3ym5j3q6mf090209f4vkczggn49n56w6s6zldz";
sha256 = "0lxqq6dgb8xhliywar2lvkwqy2ssraf9dk4b501pb4ixc2mvxbp2";
type = "gem";
};
version = "1.2.4";
version = "1.2.6";
};
data_objects = {
dependencies = ["addressable"];
@ -95,6 +103,15 @@
};
version = "0.10.17";
};
domain_name = {
dependencies = ["unf"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0abdlwb64ns7ssmiqhdwgl27ly40x2l27l8hs8hn0z4kb3zd2x3v";
type = "gem";
};
version = "0.5.20180417";
};
em-websocket = {
dependencies = ["eventmachine" "http_parser.rb"];
source = {
@ -104,6 +121,14 @@
};
version = "0.5.1";
};
equalizer = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1kjmx3fygx8njxfrwcmn7clfhjhb6bvv3scy2lyyi0wqyi3brra4";
type = "gem";
};
version = "0.0.11";
};
erubis = {
source = {
remotes = ["https://rubygems.org"];
@ -155,10 +180,36 @@
geoip = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "099hxng7h8i3pwibnassivj58iw1x7ygwq06qj6rx7j16iyz6rzx";
sha256 = "1if16n4pjl2kshc0cqg7i03m55fspmlca6p9f4r66rpzw0v4d6jc";
type = "gem";
};
version = "1.6.3";
version = "1.6.4";
};
http = {
dependencies = ["addressable" "http-cookie" "http-form_data" "http_parser.rb"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1jlm5prw437wqpfxcigh88lfap3m7g8mnmj5as7qw6dzqnvrxwmc";
type = "gem";
};
version = "3.3.0";
};
http-cookie = {
dependencies = ["domain_name"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "004cgs4xg5n6byjs7qld0xhsjq3n6ydfh897myr2mibvh6fjc49g";
type = "gem";
};
version = "1.0.3";
};
http-form_data = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "15lpn604byf7cyxnw949xz4rvpcknqp7a48q73nm630gqxsa76f3";
type = "gem";
};
version = "2.1.1";
};
"http_parser.rb" = {
source = {
@ -193,13 +244,14 @@
};
version = "1.8.6";
};
libv8 = {
memoizable = {
dependencies = ["thread_safe"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0271i5sfma05gvhmrmxqb0jj667bl6m54yd49ay6yrdbh1g4wpl1";
sha256 = "0v42bvghsvfpzybfazl14qhkrjvx0xlmxz0wwqc960ga1wld5x5c";
type = "gem";
};
version = "3.16.14.19";
version = "0.4.2";
};
metasm = {
source = {
@ -213,18 +265,18 @@
dependencies = ["mime-types-data"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0087z9kbnlqhci7fxh9f6il63hj1k02icq2rs0c6cppmqchr753m";
sha256 = "0fjxy1jm52ixpnv3vg9ld9pr9f35gy0jp66i1njhqjvmnvq0iwwk";
type = "gem";
};
version = "3.1";
version = "3.2.2";
};
mime-types-data = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "04my3746hwa4yvbx1ranhfaqkgf6vavi1kyijjnw8w3dy37vqhkm";
sha256 = "07wvp0aw2gjm4njibb70as6rh5hi1zzri5vky1q6jx95h8l56idc";
type = "gem";
};
version = "3.2016.0521";
version = "3.2018.0812";
};
mini_portile2 = {
source = {
@ -254,27 +306,59 @@
msgpack = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0ck7w17d6b4jbb8inh1q57bghi9cjkiaxql1d3glmj1yavbpmlh7";
sha256 = "09xy1wc4wfbd1jdrzgxwmqjzfdfxbz0cqdszq2gv6rmc3gv1c864";
type = "gem";
};
version = "1.1.0";
version = "1.2.4";
};
multi_json = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1raim9ddjh672m32psaa9niw67ywzjbxbdb8iijx3wv9k5b0pk2x";
sha256 = "1rl0qy4inf1mp8mybfk56dfga0mvx97zwpmq5xmiwl5r770171nv";
type = "gem";
};
version = "1.12.2";
version = "1.13.1";
};
multipart-post = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "09k0b3cybqilk1gwrwwain95rdypixb2q9w65gd44gfzsd84xi1x";
type = "gem";
};
version = "2.0.0";
};
mustermann = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "07sb7fckrraqh48fjnqf6yl7vxxabfx0qrsrhfdz67pd838g4k8g";
type = "gem";
};
version = "1.0.2";
};
naught = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1wwjx35zgbc0nplp8a866iafk4zsrbhwwz4pav5gydr2wm26nksg";
type = "gem";
};
version = "1.1.0";
};
netrc = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0gzfmcywp1da8nzfqsql2zqi648mfnx6qwkig3cv36n9m0yy676y";
type = "gem";
};
version = "0.11.0";
};
nokogiri = {
dependencies = ["mini_portile2"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "105xh2zkr8nsyfaj2izaisarpnkrrl9000y3nyflg9cbzrfxv021";
sha256 = "1h9nml9h3m0mpvmh8jfnqvblnz5n5y3mmhgfc38avfmfzdrq9bgc";
type = "gem";
};
version = "1.8.1";
version = "1.8.4";
};
parseconfig = {
source = {
@ -287,10 +371,10 @@
public_suffix = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0snaj1gxfib4ja1mvy3dzmi7am73i0mkqr0zkz045qv6509dhj5f";
sha256 = "08q64b5br692dd3v0a9wq9q5dvycc6kmiqmjbdxkxbfizggsvx6l";
type = "gem";
};
version = "3.0.0";
version = "3.0.3";
};
qr4r = {
dependencies = ["mojo_magick" "rqrcode"];
@ -304,36 +388,35 @@
rack = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "19m7aixb2ri7p1n0iqaqx8ldi97xdhvbxijbyrrcdcl6fv5prqza";
sha256 = "158hbn7rlc3czp2vivvam44dv6vmzz16qrh5dbzhfxbfsgiyrqw1";
type = "gem";
};
version = "1.6.8";
version = "2.0.5";
};
rack-protection = {
dependencies = ["rack"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0cvb21zz7p9wy23wdav63z5qzfn4nialik22yqp6gihkgfqqrh5r";
sha256 = "1z5598qipilmnf45428jnxi63ykrgvnyywa5ckpr52zv2vpd8jdp";
type = "gem";
};
version = "1.5.3";
version = "2.0.3";
};
rainbow = {
dependencies = ["rake"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "08w2ghc5nv0kcq5b257h7dwjzjz1pqcavajfdx2xjyxqsvh2y34w";
sha256 = "0bb2fpjspydr6x0s8pn1pqkzmxszvkfapv0p4627mywl7ky4zkhk";
type = "gem";
};
version = "2.2.2";
version = "3.0.0";
};
rake = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0mfqgpp3m69s5v1rd51lfh5qpjwyia5p4rg337pw8c8wzm6pgfsw";
sha256 = "1idi53jay34ba9j68c3mfr9wwkg3cd9qh0fn9cg42hv72c6q8dyg";
type = "gem";
};
version = "12.1.0";
version = "12.3.1";
};
rb-readline = {
source = {
@ -343,13 +426,14 @@
};
version = "0.5.5";
};
ref = {
rest-client = {
dependencies = ["http-cookie" "mime-types" "netrc"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "04p4pq4sikly7pvn30dc7v5x2m7fqbfwijci4z1y6a1ilwxzrjii";
sha256 = "1hzcs2r7b5bjkf2x2z3n8z6082maz0j8vqjiciwgg3hzb63f958j";
type = "gem";
};
version = "2.0.0";
version = "2.0.2";
};
rex = {
dependencies = ["filesize" "jsobfu" "json" "metasm" "nokogiri" "rb-readline" "robots"];
@ -411,14 +495,39 @@
};
version = "1.2.1";
};
sinatra = {
dependencies = ["rack" "rack-protection" "tilt"];
rushover = {
dependencies = ["json" "rest-client"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0byxzl7rx3ki0xd7aiv1x8mbah7hzd8f81l65nq8857kmgzj1jqq";
sha256 = "0j6x61drcdfnbvgmkmrc92zw67acpfcz5h1a29sdf884zkwd1444";
type = "gem";
};
version = "1.4.8";
version = "0.3.0";
};
simple_oauth = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0dw9ii6m7wckml100xhjc6vxpjcry174lbi9jz5v7ibjr3i94y8l";
type = "gem";
};
version = "0.3.1";
};
sinatra = {
dependencies = ["mustermann" "rack" "rack-protection" "tilt"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1kyi55q4k4idv31h7l53hw0mnh50dwwrrsfm35j52jy7fc993m9r";
type = "gem";
};
version = "2.0.3";
};
slack-notifier = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1pkfn99dhy5s526r6k8d87fwwb6j287ga9s7lxqmh60z28xqh3bv";
type = "gem";
};
version = "2.3.2";
};
term-ansicolor = {
dependencies = ["tins"];
@ -429,15 +538,6 @@
};
version = "1.6.0";
};
therubyracer = {
dependencies = ["libv8" "ref"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1g95bzs2axjglyjyj6xvsywqgr80bnzlkw7mddxx1fdrak5wni2q";
type = "gem";
};
version = "0.12.3";
};
thin = {
dependencies = ["daemons" "eventmachine" "rack"];
source = {
@ -447,6 +547,14 @@
};
version = "1.7.2";
};
thread_safe = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "0nmhcgq6cgz44srylra07bmaw99f5271l0dpsvl5f75m44l0gmwy";
type = "gem";
};
version = "0.3.6";
};
tilt = {
source = {
remotes = ["https://rubygems.org"];
@ -458,18 +566,52 @@
tins = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "09whix5a7ics6787zrkwjmp16kqyh6560p9f317syks785805f7s";
sha256 = "0g95xs4nvx5n62hb4fkbkd870l9q3y9adfc4h8j21phj9mxybkb8";
type = "gem";
};
version = "1.15.0";
version = "1.16.3";
};
twitter = {
dependencies = ["addressable" "buftok" "equalizer" "http" "http-form_data" "http_parser.rb" "memoizable" "multipart-post" "naught" "simple_oauth"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0fjyz3viabz3xs5d9aad18zgdbhfwm51jsnzigc8kxk77p1x58n5";
type = "gem";
};
version = "6.2.0";
};
uglifier = {
dependencies = ["execjs"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0wmqvn4xncw6h3d5gp2a44170zwxfyj3iq4rsjp16zarvzbdmgnz";
sha256 = "14r283lkhisq2sdccv8ngf10f2f18ly4nc3chz3kliw5nylbgznw";
type = "gem";
};
version = "3.2.0";
version = "4.1.18";
};
unf = {
dependencies = ["unf_ext"];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0bh2cf73i2ffh4fcpdn9ir4mhq8zi50ik0zqa1braahzadx536a9";
type = "gem";
};
version = "0.1.4";
};
unf_ext = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "06p1i6qhy34bpb8q8ms88y6f2kz86azwm098yvcc0nyqk9y729j1";
type = "gem";
};
version = "0.0.7.5";
};
xmlrpc = {
source = {
remotes = ["https://rubygems.org"];
sha256 = "1s744iwblw262gj357pky3d9fcx9hisvla7rnw29ysn5zsb6i683";
type = "gem";
};
version = "0.3.0";
};
}

30
makefu/5pkgs/bento4/default.nix Normal file
View File

@ -0,0 +1,30 @@
{ stdenv, fetchFromGitHub
, pkgconfig
, cmake
}:
stdenv.mkDerivation rec {
name = "bento4-${version}";
version = "1.5.1-624";
src = fetchFromGitHub {
owner = "axiomatic-systems";
repo = "Bento4";
rev = "v${version}";
sha256 = "1cq6vhrq3n3lc1n454slbc66qdyqam2srxgdhfpyfxbq5c4y06nf";
};
nativeBuildInputs = [ cmake pkgconfig ];
installPhase = ''
mkdir -p $out/{lib,bin}
find -iname '*.so' -exec mv --target-directory="$out/lib" {} \;
find -maxdepth 1 -executable -type f -exec mv --target-directory="$out/bin" {} \;
'';
meta = with stdenv.lib; {
description = "Full-featured MP4 format and MPEG DASH library and tools";
homepage = http://bento4.com;
license = licenses.gpl3;
maintainers = with maintainers; [ makefu ];
platforms = with platforms; linux;
};
}

99
makefu/5pkgs/cozy-audiobooks/default.nix Normal file
View File

@ -0,0 +1,99 @@
{ stdenv, fetchFromGitHub
, ninja
, boost
, meson
, pkgconfig
, wrapGAppsHook
, appstream-glib
, desktop-file-utils
, gtk3
, glib
, gst_all_1
, gobjectIntrospection
, python3Packages
, file
, cairo , sqlite , gettext
, gnome3
}:
let
peewee = with python3Packages; buildPythonPackage rec {
# https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/python-peewee
pname = "peewee";
version = "3.6.4";
src = fetchPypi {
inherit pname version;
sha256 = "1fi4z9n86ri79gllwav0gv3hmwipzmkvivzfyszfqn9fi5zpp3ak";
};
doCheck = false;
checkPhase = ''
python runtests.py
'';
buildInputs = [
cython
sqlite
# psycopg2
# mysql-connector
];
meta.license = stdenv.lib.licenses.mit;
};
in
stdenv.mkDerivation rec {
name = "cozy-${version}";
version = "0.6.0";
src = fetchFromGitHub {
owner = "geigi";
repo = "cozy";
rev = version;
sha256 = "1afl3qsn9h4k8fgp63z0ab9p5ashrg3g936a9rh3i9qydv6s3srd";
};
postPatch = ''
chmod +x data/meson_post_install.py
patchShebangs data/meson_post_install.py
substituteInPlace cozy/magic/magic.py --replace "ctypes.util.find_library('magic')" "'${file}/lib/libmagic${stdenv.hostPlatform.extensions.sharedLibrary}'"
'';
postInstall = ''
wrapProgram $out/bin/com.github.geigi.cozy \
--prefix PYTHONPATH : "$PYTHONPATH:$(toPythonPath $out)"
'';
wrapPrefixVariables = [ "PYTHONPATH" ];
nativeBuildInputs = [
meson ninja pkgconfig
wrapGAppsHook
appstream-glib
desktop-file-utils
gobjectIntrospection
];
buildInputs = with gst_all_1; [ gtk3 glib
gstreamer gst-plugins-good gst-plugins-ugly gst-plugins-base cairo gettext
gnome3.defaultIconTheme gnome3.gsettings-desktop-schemas
]
++ (with python3Packages; [
python gst-python pygobject3 dbus-python mutagen peewee magic
]);
checkPhase = ''
ninja test
'';
#preInstall = ''
# export MESON_INSTALL_PREFIX=$out
#'';
meta = with stdenv.lib; {
description = ''
Eval nix code from python.
'';
maintainers = [ maintainers.makefu ];
license = licenses.mit;
};
}

10
makefu/5pkgs/default.nix
View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
self: super: let
self: super:
with super.lib; with builtins; let
# This callPackage will try to detect obsolete overrides.
callPackage = path: args: let
override = super.callPackage path args;
@ -15,6 +14,7 @@ self: super: let
override
else override;
eq = x: y: x == y;
subdirsOf = path:
mapAttrs (name: _: path + "/${name}")
(filterAttrs (_: eq "directory") (readDir path));
@ -40,6 +40,6 @@ in {
};
}
// mapAttrs (_: flip callPackage {})
// (mapAttrs (_: flip callPackage {})
(filterAttrs (_: dir: pathExists (dir + "/default.nix"))
(subdirsOf ./.))
(subdirsOf ./.)))

9
makefu/5pkgs/drozer/default.nix
View File

@ -1,15 +1,16 @@
{ pkgs, lib, fetchFromGitHub, pythonPackages, jre7, jdk7 }:
{ pkgs, lib, fetchFromGitHub, pythonPackages, jre, jdk }:
pythonPackages.buildPythonApplication rec {
name = "drozer-${version}";
version = "2.4.3";
buildInputs = [ jdk7 ];
buildInputs = [ jdk ];
propagatedBuildInputs = with pythonPackages; [
protobuf
pyopenssl
pyyaml
service-identity
] ++ [
jre7
jre
twisted
];
src = fetchFromGitHub {
@ -19,7 +20,7 @@ pythonPackages.buildPythonApplication rec {
sha256 = "1z437y7rr53dhpi95yc2c3x8g4aix90y7zf52avcdsvhlp4iip3q";
};
prePatch = ''
sed -i 's#^exec java #exec ${jre7}/bin/java #' ./src/drozer/lib/dx
sed -i 's#^exec java #exec ${jre}/bin/java #' ./src/drozer/lib/dx
patchShebangs ./src/drozer/lib/dx
patchelf $(cat $NIX_CC/nix-support/dynamic-linker) ./src/drozer/lib/aapt
echo starting build

45
makefu/5pkgs/ifdnfc/default.nix Normal file
View File

@ -0,0 +1,45 @@
{ stdenv, fetchFromGitHub , pkgconfig
, pcsclite
, autoreconfHook
, libnfc
}:
stdenv.mkDerivation rec {
name = "ifdnfc-${version}";
version = "2016-03-01";
src = fetchFromGitHub {
owner = "nfc-tools";
repo = "ifdnfc";
rev = "0e48e8e";
sha256 = "1cxnvhhlcbm8h49rlw5racspb85fmwqqhd3gzzpzy68vrs0b37vg";
};
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ pcsclite libnfc ];
configureFlags = [ "--prefix=$(out)" ];
makeFlags = [ "DESTDIR=/" "usbdropdir=$(out)/pcsc/drivers" ];
meta = with stdenv.lib; {
description = "PC/SC IFD Handler based on libnfc";
long_description =
'' libnfc Interface Plugin to be used in <code>services.pcscd.plugins</code>.
It provides support for all readers which are not supported by ccid but by libnfc.
For activating your reader you need to run
<code>ifdnfc-activate yes<code> with this package in your
<code>environment.systemPackages</code>
To use your reader you may need to blacklist your reader kernel modules:
<code>boot.blacklistedKernelModules = [ "pn533" "pn533_usb" "nfc" ];</code>
Supports the pn533 smart-card reader chip which is for example used in
the SCM SCL3711.
'';
homepage = https://github.com/nfc-tools/ifdnfc;
license = licenses.gpl3;
platforms = platforms.linux;
maintainers = with maintainers; [ makefu ];
};
}

7
makefu/5pkgs/nur.nix Normal file
View File

@ -0,0 +1,7 @@
{ pkgs ? import <nixpkgs> {} }:
{
overlays.full = import ./default.nix;
pkgs = import ./default.nix pkgs pkgs;
} // (import ./default.nix pkgs pkgs)

88
makefu/krops.nix Normal file
View File

@ -0,0 +1,88 @@
{ config ? config, name }: let
krops = builtins.fetchGit {
url = https://cgit.krebsco.de/krops/;
rev = "4e466eaf05861b47365c5ef46a31a188b70f3615";
};
nixpkgs-src = lib.importJSON ./nixpkgs.json;
lib = import "${krops}/lib";
# TODO document why pkgs should be used like this
pkgs = import "${krops}/pkgs" {};
hostSource = {
secure = false;
full = false;
torrent = false;
hw = false;
musnix = false;
python = false;
unstable = false; #unstable channel checked out
mic92 = false;
nms = false;
clever_kexec = false;
} // import (./. + "/1systems/${name}/source.nix");
source = { test }: lib.evalSource [
{
# nixos-18.03 @ 2018-08-06
# + do_sqlite3 ruby: 55a952be5b5
# + exfat-nofuse bump: ee6a5296a35
# + uhub/sqlite: 5dd7610401747
nixpkgs.git = {
ref = nixpkgs-src.rev;
url = nixpkgs-src.url;
};
nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
stockholm.file = toString <stockholm>;
secrets = if test then {
file = toString (./. + "/0tests/data/secrets");
} else {
pass = {
dir = "${lib.getEnv "HOME"}/.secrets-pass";
inherit name;
};
};
}
(lib.mkIf (hostSource.torrent) {
torrent-secrets = if test then {
file = ./. + "/makefu/0tests/data/secrets";
} else {
pass = {
dir = "${lib.getEnv "HOME"}/.secrets-pass";
name = "torrent";
};
};
})
(lib.mkIf ( hostSource.musnix ) {
musnix.git = {
url = https://github.com/musnix/musnix.git;
ref = "master"; # follow the musnix channel, lets see how this works out
};
})
(lib.mkIf ( hostSource.hw ) {
nixos-hardware.git = {
url = https://github.com/nixos/nixos-hardware.git;
ref = "30fdd53";
};
})
];
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${name}/var/src";
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test)
test = pkgs.krops.writeTest "${name}-test" {
source = source { test = true; };
target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src";
};
ci = map (host:
pkgs.krops.writeTest "${host.name}-test" {
source = source { test = true; };
target = "${lib.getEnv "TMPDIR"}/makefu/${host.name}";
}
) (lib.filter (host: lib.getAttr "ci" host && host.owner == "makefu") (lib.attrValues config.krebs.hosts));
}

7
makefu/nixpkgs.json Normal file
View File

@ -0,0 +1,7 @@
{
"url": "https://github.com/makefu/nixpkgs",
"rev": "8f991294288b27b9dec05cc1e07ec6a360bb39c8",
"date": "2018-08-06T14:29:01+02:00",
"sha256": "0zan8kdjk1pwdzm1rwc3ka87k11j0zmw4mdnj70r6pm38x2fa9n6",
"fetchSubmodules": true
}

9
makefu/update-channel.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/sh
dir=$(dirname $0)
oldref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/makefu/nixpkgs \
--rev refs/heads/master' \
> $dir/nixpkgs.json
newref=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
echo git commit $dir/nixpkgs.json -m "nixpkgs: $oldref -> $newref"