Merge remote-tracking branch 'gum/master' into staging/18.03
This commit is contained in:
commit
1589a66802
@ -2,16 +2,15 @@
|
|||||||
|
|
||||||
python2Packages.buildPythonApplication rec {
|
python2Packages.buildPythonApplication rec {
|
||||||
name = "buildbot-classic-${version}";
|
name = "buildbot-classic-${version}";
|
||||||
version = "0.8.14";
|
version = "0.8.15";
|
||||||
namePrefix = "";
|
namePrefix = "";
|
||||||
patches = [];
|
patches = [];
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "krebscode";
|
owner = "krebscode";
|
||||||
repo = "buildbot-classic";
|
repo = "buildbot-classic";
|
||||||
# rev = "v${version}";
|
rev = version;
|
||||||
rev = "843463911";
|
sha256 = "0hmmpqxs1i3nvwj9681yi0q3qz0xdcbbm0774lkn1ic5fg3c68fm";
|
||||||
sha256 = "1ybl52ybjw5p09yik6bck9i1pvnvg94i0d32zqrwy67s77yx1mfd";
|
|
||||||
};
|
};
|
||||||
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
||||||
|
|
||||||
|
@ -52,7 +52,7 @@ in {
|
|||||||
|
|
||||||
# network
|
# network
|
||||||
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
|
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
|
||||||
<stockholm/makefu/2configs/vpn/vpnws/server.nix>
|
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
|
||||||
<stockholm/makefu/2configs/dnscrypt/server.nix>
|
<stockholm/makefu/2configs/dnscrypt/server.nix>
|
||||||
<stockholm/makefu/2configs/iodined.nix>
|
<stockholm/makefu/2configs/iodined.nix>
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@ let
|
|||||||
keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0";
|
keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0";
|
||||||
rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904";
|
rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904";
|
||||||
rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2";
|
rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2";
|
||||||
primaryInterface = "enp1s0";
|
primaryInterface = "enp2s0";
|
||||||
# cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512
|
# cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512
|
||||||
# cryptsetup luksAddKey $dev tmpkey
|
# cryptsetup luksAddKey $dev tmpkey
|
||||||
# cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096
|
# cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096
|
||||||
@ -54,6 +54,7 @@ in {
|
|||||||
#<stockholm/makefu/2configs/graphite-standalone.nix>
|
#<stockholm/makefu/2configs/graphite-standalone.nix>
|
||||||
#<stockholm/makefu/2configs/share-user-sftp.nix>
|
#<stockholm/makefu/2configs/share-user-sftp.nix>
|
||||||
<stockholm/makefu/2configs/share/omo.nix>
|
<stockholm/makefu/2configs/share/omo.nix>
|
||||||
|
# <stockholm/makefu/2configs/share/omo-timemachine.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
|
|
||||||
|
|
||||||
@ -65,6 +66,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
||||||
|
<stockholm/makefu/2configs/stats/arafetch.nix>
|
||||||
|
|
||||||
# services
|
# services
|
||||||
<stockholm/makefu/2configs/syncthing.nix>
|
<stockholm/makefu/2configs/syncthing.nix>
|
||||||
@ -72,6 +74,11 @@ in {
|
|||||||
<stockholm/makefu/2configs/remote-build/slave.nix>
|
<stockholm/makefu/2configs/remote-build/slave.nix>
|
||||||
<stockholm/makefu/2configs/deployment/google-muell.nix>
|
<stockholm/makefu/2configs/deployment/google-muell.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
|
<stockholm/makefu/2configs/bluetooth-mpd.nix>
|
||||||
|
{
|
||||||
|
hardware.pulseaudio.systemWide = true;
|
||||||
|
makefu.mpd.musicDirectory = "/media/cryptX/music";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
# security
|
# security
|
||||||
|
@ -32,66 +32,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/hydra/stockholm.nix>
|
<stockholm/makefu/2configs/hydra/stockholm.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/share/wbob.nix>
|
<stockholm/makefu/2configs/share/wbob.nix>
|
||||||
(let
|
<stockholm/makefu/2configs/bluetooth-mpd.nix>
|
||||||
musicDirectory = "/data/music";
|
|
||||||
in {
|
|
||||||
services.mpd = {
|
|
||||||
enable = true;
|
|
||||||
inherit musicDirectory;
|
|
||||||
# dataDir = "/home/anders/.mpd";
|
|
||||||
network.listenAddress = "any";
|
|
||||||
extraConfig = ''
|
|
||||||
audio_output {
|
|
||||||
type "pulse"
|
|
||||||
name "Local MPD"
|
|
||||||
server "127.0.0.1"
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
# open because of truestedInterfaces
|
|
||||||
# networking.firewall.allowedTCPPorts = [ 6600 4713 ];
|
|
||||||
services.samba.shares.music = {
|
|
||||||
path = musicDirectory;
|
|
||||||
"read only" = "no";
|
|
||||||
browseable = "yes";
|
|
||||||
"guest ok" = "yes";
|
|
||||||
};
|
|
||||||
|
|
||||||
sound.enable = true;
|
|
||||||
hardware.pulseaudio = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.pulseaudioFull;
|
|
||||||
# systemWide = true;
|
|
||||||
support32Bit = true;
|
|
||||||
zeroconf.discovery.enable = true;
|
|
||||||
zeroconf.publish.enable = true;
|
|
||||||
tcp = {
|
|
||||||
enable = true;
|
|
||||||
anonymousClients.allowAll = true;
|
|
||||||
anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ];
|
|
||||||
};
|
|
||||||
configFile = pkgs.writeText "default.pa" ''
|
|
||||||
load-module module-udev-detect
|
|
||||||
load-module module-bluetooth-policy
|
|
||||||
load-module module-bluetooth-discover
|
|
||||||
load-module module-native-protocol-unix
|
|
||||||
load-module module-always-sink
|
|
||||||
load-module module-console-kit
|
|
||||||
load-module module-systemd-login
|
|
||||||
load-module module-intended-roles
|
|
||||||
load-module module-position-event-sounds
|
|
||||||
load-module module-filter-heuristics
|
|
||||||
load-module module-filter-apply
|
|
||||||
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
|
|
||||||
load-module module-switch-on-connect
|
|
||||||
# may be required for "system-wide" pulse to connect to bluetooth
|
|
||||||
#module-bluez5-device
|
|
||||||
#module-bluez5-discover
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
|
|
||||||
hardware.bluetooth.enable = true;
|
|
||||||
})
|
|
||||||
|
|
||||||
# Sensors
|
# Sensors
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
|
68
makefu/2configs/bluetooth-mpd.nix
Normal file
68
makefu/2configs/bluetooth-mpd.nix
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
{ pkgs, config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.makefu.mpd;
|
||||||
|
in {
|
||||||
|
options.makefu.mpd.musicDirectory = lib.mkOption {
|
||||||
|
description = "music Directory";
|
||||||
|
default = "/data/music";
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
config = {
|
||||||
|
services.mpd = {
|
||||||
|
enable = true;
|
||||||
|
inherit (cfg) musicDirectory;
|
||||||
|
network.listenAddress = "0.0.0.0";
|
||||||
|
extraConfig = ''
|
||||||
|
audio_output {
|
||||||
|
type "pulse"
|
||||||
|
name "Local MPD"
|
||||||
|
server "127.0.0.1"
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
# open because of truestedInterfaces
|
||||||
|
# networking.firewall.allowedTCPPorts = [ 6600 4713 ];
|
||||||
|
services.samba.shares.music = {
|
||||||
|
path = cfg.musicDirectory;
|
||||||
|
"read only" = "no";
|
||||||
|
browseable = "yes";
|
||||||
|
"guest ok" = "yes";
|
||||||
|
};
|
||||||
|
|
||||||
|
sound.enable = true;
|
||||||
|
hardware.pulseaudio = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.pulseaudioFull;
|
||||||
|
# systemWide = true;
|
||||||
|
support32Bit = true;
|
||||||
|
zeroconf.discovery.enable = true;
|
||||||
|
zeroconf.publish.enable = true;
|
||||||
|
tcp = {
|
||||||
|
enable = true;
|
||||||
|
# PULSE_SERVER=192.168.1.11 pavucontrol
|
||||||
|
anonymousClients.allowAll = true;
|
||||||
|
};
|
||||||
|
configFile = pkgs.writeText "default.pa" ''
|
||||||
|
load-module module-udev-detect
|
||||||
|
load-module module-bluetooth-policy
|
||||||
|
load-module module-bluetooth-discover
|
||||||
|
load-module module-native-protocol-unix
|
||||||
|
load-module module-always-sink
|
||||||
|
load-module module-console-kit
|
||||||
|
load-module module-systemd-login
|
||||||
|
load-module module-intended-roles
|
||||||
|
load-module module-position-event-sounds
|
||||||
|
load-module module-filter-heuristics
|
||||||
|
load-module module-filter-apply
|
||||||
|
load-module module-switch-on-connect
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
|
||||||
|
hardware.bluetooth.enable = true;
|
||||||
|
#hardware.bluetooth.extraConfig = ''
|
||||||
|
# [general]
|
||||||
|
# Enable=Source,Sink,Media,Socket
|
||||||
|
#'';
|
||||||
|
};
|
||||||
|
}
|
@ -30,6 +30,7 @@ in {
|
|||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations = {
|
locations = {
|
||||||
"/".extraConfig = ''
|
"/".extraConfig = ''
|
||||||
|
expires -1;
|
||||||
uwsgi_pass unix://${wsgi-sock};
|
uwsgi_pass unix://${wsgi-sock};
|
||||||
uwsgi_param UWSGI_CHDIR ${workdir};
|
uwsgi_param UWSGI_CHDIR ${workdir};
|
||||||
uwsgi_param UWSGI_MODULE cuserver.main;
|
uwsgi_param UWSGI_MODULE cuserver.main;
|
||||||
|
@ -17,6 +17,7 @@ let
|
|||||||
# contains:
|
# contains:
|
||||||
# user1 = pass1
|
# user1 = pass1
|
||||||
# userN = passN
|
# userN = passN
|
||||||
|
# afterwards put /var/www/<ext-dom>/user1.html as tiddlywiki
|
||||||
tw-pass-file = "${sec}/tw-pass.ini";
|
tw-pass-file = "${sec}/tw-pass.ini";
|
||||||
|
|
||||||
in {
|
in {
|
||||||
@ -45,7 +46,7 @@ in {
|
|||||||
|
|
||||||
systemd.services.prepare-tw = {
|
systemd.services.prepare-tw = {
|
||||||
wantedBy = [ "local-fs.target" ];
|
wantedBy = [ "local-fs.target" ];
|
||||||
before = [ "phpfpm.service" ];
|
before = [ "phpfpm.service" "nginx.service" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = pkgs.writeScript "prepare-tw-service" ''
|
ExecStart = pkgs.writeScript "prepare-tw-service" ''
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
@ -92,6 +93,7 @@ in {
|
|||||||
locations = {
|
locations = {
|
||||||
"/" = {
|
"/" = {
|
||||||
root = wiki-dir;
|
root = wiki-dir;
|
||||||
|
index = "makefu.html";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
expires -1;
|
expires -1;
|
||||||
autoindex on;
|
autoindex on;
|
||||||
|
36
makefu/2configs/stats/arafetch.nix
Normal file
36
makefu/2configs/stats/arafetch.nix
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
{ pkgs, lib, ...}:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
pkg = with pkgs.python3Packages;buildPythonPackage rec {
|
||||||
|
rev = "762d747";
|
||||||
|
name = "europastats-${rev}";
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
requests
|
||||||
|
docopt
|
||||||
|
influxdb
|
||||||
|
beautifulsoup4
|
||||||
|
];
|
||||||
|
src = pkgs.fetchgit {
|
||||||
|
url = "http://cgit.euer.krebsco.de/arafetch";
|
||||||
|
inherit rev;
|
||||||
|
sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
home = "/var/lib/arafetch";
|
||||||
|
in {
|
||||||
|
users.users.arafetch = {
|
||||||
|
uid = genid "arafetch";
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.arafetch = {
|
||||||
|
startAt = "Mon 09:15:00";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment = {
|
||||||
|
OUTDIR = home;
|
||||||
|
};
|
||||||
|
path = [ pkg pkgs.git pkgs.wget ];
|
||||||
|
script = "${pkg}/bin/weekrun";
|
||||||
|
};
|
||||||
|
}
|
@ -21,9 +21,9 @@ let
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
# TODO: automate updating of this ref + cherry-picks
|
# TODO: automate updating of this ref + cherry-picks
|
||||||
ref = "6b6e72b"; # nixos-17.09 @ 2018-03-07
|
ref = "6583793"; # nixos-17.09 @ 2018-03-07
|
||||||
# + do_sqlite3 ruby: 55a952be5b5
|
# + do_sqlite3 ruby: 55a952be5b5
|
||||||
# + signal: 0f19beef3
|
# + signal: 0f19beef3, 50ad913, 9449782, b7046ab2
|
||||||
|
|
||||||
in
|
in
|
||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
|
Loading…
Reference in New Issue
Block a user