Mic92
/
stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'prism/master'

This commit is contained in:
tv 2018-10-27 15:02:39 +02:00
parent 34e1f09bf5 24f4e8dcf0
commit 212bc39249
75 changed files with 947 additions and 570 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -1,3 +1,6 @@
[submodule "submodules/nix-writers"]
path = submodules/nix-writers
url = http://cgit.krebsco.de/nix-writers
[submodule "submodules/krops"]
path = submodules/krops
url = https://cgit.krebsco.de/krops

2
ci.nix
View File

@ -16,6 +16,6 @@ let
ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts;
build = host: owner:
((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";});
((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build/${host}";});
in mapAttrs (n: h: build n h.owner.name) ci-systems

173
jeschli/1systems/bln/config.nix
View File

@ -1,173 +0,0 @@
{ config, lib, pkgs, ... }:
# bln config file
{
imports = [
./hardware-configuration.nix
<stockholm/jeschli>
<stockholm/jeschli/2configs/virtualbox.nix>
<stockholm/jeschli/2configs/urxvt.nix>
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/xdg.nix>
<stockholm/jeschli/2configs/xserver>
# <stockholm/jeschli/1systems/bln/dcso-vpn.nix>
<stockholm/jeschli/2configs/officevpn.nix>
];
# boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot";
boot.loader.grub = {
devices = [ "nodev" ];
efiSupport = true;
enable = true;
extraEntries = ''
menuentry "Debian" {
insmod ext2
insmod chain
chainloader /EFI/debian/grubx64.efi
}
'';
version = 2;
};
jeschliFontSize = 20;
environment.shellAliases = {
n = "nix-shell";
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
gh = "cd /home/markus/go/src/github.com";
stocki = pkgs.writeDash "deploy" ''
cd ~/stockholm
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
'';
};
networking.hostName = lib.mkForce "BLN02NB0232";
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Setup Packages
nixpkgs.config.allowUnfree = true;
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
environment.systemPackages = with pkgs; [
termite
# system helper
ag
copyq
dmenu
git
tig
i3lock
keepass
networkmanagerapplet
rsync
terminator
tmux
wget
rxvt_unicode
# editors
emacs
# databases
sqlite
# internet
thunderbird
chromium
google-chrome
# programming languages
elmPackages.elm
go
gcc
ghc
python35
python35Packages.pip
# go tools
golint
gotools
# dev tools
gnumake
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
jetbrains.datagrip
texlive.combined.scheme-full
pandoc
redis
vagrant
# document viewer
zathura
samba
];
programs.bash.enableCompletion = true;
programs.vim.defaultEditor = true;
services.openssh.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
services.printing.drivers = [ pkgs.postscript-lexmark ];
services.redis.enable = true;
services.xserver = {
desktopManager.session = lib.mkForce [];
enable = true;
display = 11;
tty = 11;
dpi = 200;
videoDrivers = [ "nvidia" ];
synaptics = {
enable = false;
};
};
users.extraUsers.jeschli = {
isNormalUser = true;
extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
system.stateVersion = "17.09";
# Gogland Debugger workaround
# nixpkgs.config.packageOverrides = super: {
# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
# postFixup = ''
# interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
# '';
# });
# };
virtualisation.docker.enable = true;
# DCSO Certificates
security.pki.certificateFiles = [
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
];
hardware.bluetooth.enable = true;
krebs.build.host = config.krebs.hosts.bln;
networking.interfaces.enp0s31f6.ipv4.addresses = [
{ address = "10.99.23.2"; prefixLength = 24; }
];
}

44
jeschli/1systems/bln/dcso-vpn.nix
View File

@ -1,44 +0,0 @@
with import <stockholm/lib>;
{ ... }:
{
users.extraUsers = {
dcsovpn = rec {
name = "dcsovpn";
uid = genid "dcsovpn";
description = "user for running dcso openvpn";
home = "/home/${name}";
};
};
users.extraGroups.dcsovpn.gid = genid "dcsovpn";
services.openvpn.servers = {
dcso = {
config = ''
client
dev tun
tun-mtu 1356
mssfix
proto udp
float
remote 217.111.55.41 1194
nobind
user dcsovpn
group dcsovpn
persist-key
persist-tun
ca ${toString <secrets/dcsovpn/ca.pem>}
cert ${toString <secrets/dcsovpn/cert.pem>}
key ${toString <secrets/dcsovpn/cert.key>}
verb 3
mute 20
auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
route-method exe
route-delay 2
'';
updateResolvConf = true;
};
};
}

35
jeschli/1systems/bln/hardware-configuration.nix
View File

@ -1,35 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d";
fileSystems."/" =
{ device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/927E-01A0";
fsType = "vfat";
};
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = "powersave";
hardware.pulseaudio.enable = true;
}

20
jeschli/1systems/brauerei/config.nix
View File

@ -37,6 +37,11 @@
cd ~/stockholm
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"'
'';
deploy = pkgs.writeDash "deploy" ''
set -eu
export SYSTEM="$1"
$(nix-build $HOME/stockholm/jeschli/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
'';
};
environment.systemPackages = with pkgs; [
@ -114,10 +119,12 @@
# Don't install feh into systemPackages
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
desktopManager.session = lib.mkForce [];
displayManager.lightdm.enable = lib.mkForce false;
displayManager.job.execCmd = lib.mkForce "derp";
enable = true;
display = 11;
tty = 11;
display = lib.mkForce 11;
tty = lib.mkForce 11;
dpi = 144;
@ -138,6 +145,15 @@
isNormalUser = true;
uid = 1001; # TODO genid
};
users.users.dev = {
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
];
};
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"

1
jeschli/2configs/emacs.nix
View File

@ -67,7 +67,6 @@ let
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
epkgs.melpaPackages.evil
epkgs.melpaStablePackages.magit
epkgs.melpaPackages.mmm-mode
epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode
epkgs.melpaPackages.google-this

2
jeschli/5pkgs/simple/xmonad-jeschli/default.nix
View File

@ -222,7 +222,7 @@ myKeys conf = Map.fromList $
pagerConfig :: PagerConfig
pagerConfig = def
{ pc_font = myFont
, pc_cellwidth = 256
, pc_cellwidth = 100
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
--, pc_borderwidth = 1
--, pc_matchcolor = "#f0b000"

1
jeschli/krops.nix
View File

@ -29,6 +29,7 @@ in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
force = true;
inherit target;
source = source { test = true; };
};

6
krebs/2configs/buildbot-stockholm.nix
View File

@ -22,6 +22,12 @@
"http://cgit.ni.r/disko"
"http://cgit.prism.r/disko"
];
krops.urls = [
"http://cgit.hotdog.r/krops"
"http://cgit.ni.r/krops"
"http://cgit.prism.r/krops"
"https://git.ingolf-wagner.de/krebs/krops.git"
];
nix_writers.urls = [
"http://cgit.hotdog.r/nix-writers"
"http://cgit.ni.r/nix-writers"

278
krebs/3modules/airdcpp.nix Normal file
View File

@ -0,0 +1,278 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>; #genid
let
cfg = config.krebs.airdcpp;
out = {
options.krebs.airdcpp = api;
config = lib.mkIf cfg.enable imp;
};
api = with types;{
enable = mkEnableOption "airdcpp";
package = mkOption {
type = package;
default = pkgs.airdcpp-webclient;
};
user = mkOption {
description = ''
user which will run airdcpp. if kept default a new user will be created
'';
type = str;
default = "airdcpp";
};
extraGroups = mkOption {
description = ''extra groups for the user (only for default user)'';
type = listOf str;
default = [];
example = [ "nginx" ];
};
stateDir = mkOption {
description = ''
directory for storing state (pid,config)
'';
type = str;
default = "/var/lib/airdcpp";
};
hubs = mkOption {
type = attrsOf (submodule ( { config, ... }: {
options = {
Nick = mkOption {
description = ''
Nick Name for hub
'';
type = str;
default = cfg.Nick;
};
Password = mkOption {
description = ''
Password to be used
WARNING: will be stored in plain text in /nix/store
'';
type = str;
default = "";
apply = lib.removeSuffix "\n";
};
Server = mkOption {
description = ''
URL to the hub (must be provided)
'';
type = str;
};
AutoConnect = mkOption {
description = ''
automatically connect to the hub
'';
type = bool;
default = false;
};
};
}));
description = "hubs which should be configured via Favorites.xml,
Options are only used if no initial Favorites.xml file is provided and none exists";
default = {};
};
initialFavoritesConfigFile = mkOption {
description = ''
path inital Favorites.xml configuration if none exists
'';
type = nullOr path;
default = null;
};
dcpp = {
# entries in DCPlusPlus.xml
Nick = mkOption {
description = ''
Nick Name for connection
'';
type = str;
default = "kevin";
};
InPort = mkOption {
description = "Input Port";
type = int;
default = 16849;
};
UDPPort = mkOption {
description = "UDP open Port";
type = int;
default = 16849;
};
TLSPort = mkOption {
description = "TLS open Port";
type = int;
default = 16869;
};
DownloadSpeed = mkOption {
description = "Total Download Speed in Mbps/s";
type = str;
default = "100";
};
UploadSpeed = mkOption {
description = "Total Upload Speed in Mbp/s";
type = str;
default = "100";
};
DownloadDirectory = mkOption {
description = "Directory, where new files will be saved into";
type = str;
default = "${cfg.stateDir}/Download";
};
shares = mkOption {
default = {};
type = attrsOf (submodule ( { config, ... }: {
options = {
path = mkOption {
description = "path to the share";
type = str;
};
incoming = mkOption {
description = "incoming";
type = bool;
default = false;
};
};
}));
};
initialConfigFile = mkOption {
description = ''
path inital DCPlusPlus.xml configuration if none exists
'';
type = nullOr path;
default = null;
};
};
web = {
port = mkOption {
description = ''web-ui port
NOTE: once the initial config had been written to the state directory it will not be replaced
'';
type = int;
default = 5600;
};
initialConfigFile = mkOption {
description = ''
path inital WebServer.xml configuration if none exists
'';
type = nullOr path;
default = null;
};
# TODO: tlsPort
users = mkOption {
type = attrsOf (submodule ( { config, ... }: {
options = {
password = mkOption {
description = "password of user";
type = str;
apply = lib.removeSuffix "\n";
};
permissions = mkOption {
description = "user permissions";
type = str;
default = "admin";
};
};
}));
};
};
};
imp = let
genUsers = users: concatMapStringsSep "\n" (user:
''<WebUser Username="${user.name}" Password="${user.password}" LastLogin="0" Permissions="${user.permissions}"/>'' )
(mapAttrsToList (name: val: val // { inherit name; }) users);
webConfigFile = if (cfg.web.initialConfigFile == null) then builtins.trace "warning: airdcpp passwords are stored in plain text" pkgs.writeText "initial-config" ''
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<WebServer>
<Config>
<Server Port="${toString cfg.web.port}"/>
<TLSServer Port="0" Certificate="" CertificateKey=""/>
</Config>
<WebUsers>${genUsers cfg.web.users}
</WebUsers>
</WebServer>
'' else cfg.web.initialConfigFile;
genHubs = hubs: concatMapStringsSep "\n" (hub:
''<Hub Name="${hub.name}" Connect="${
if hub.AutoConnect then "1" else "0"
}" Description="" Password="${hub.Password}" Server="${hub.Server}" ChatUserSplit="0" UserListState="1" HubFrameOrder="" HubFrameWidths="" HubFrameVisible="" Group="" Bottom="0" Top="0" Right="0" Left="0" Nick="${hub.Nick}"/>'' )
(mapAttrsToList (name: val: val // { inherit name; }) hubs);
favoritesConfigFile = if (cfg.initialFavoritesConfigFile == null) then
builtins.trace "warning: airdcpp hub passwords are stored in plain text" pkgs.writeText "initial-config" ''
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<Favorites>
<Hubs>
${genHubs cfg.hubs}
</Hubs>
</Favorites>
'' else cfg.initialFavoritesConfigFile;
genShares = shares: concatMapStringsSep "\n" (share:
''<Directory Virtual="${share.name}" Incoming="${
if share.incoming then "1" else "0"
}" LastRefreshTime="0">${share.path}</Directory>'' )
(mapAttrsToList (name: val: val // { inherit name; }) shares);
dcppConfigFile = if (cfg.dcpp.initialConfigFile == null) then pkgs.writeText "initial-config" ''
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<DCPlusPlus>
<Settings>
<Nick type="string">${cfg.dcpp.Nick}</Nick>
<InPort type="int">${toString cfg.dcpp.InPort}</InPort>
<UDPPort type="int">${toString cfg.dcpp.UDPPort}</UDPPort>
<TLSPort type="int">${toString cfg.dcpp.TLSPort}</TLSPort>
<DownloadDirectory type="string">${cfg.dcpp.DownloadDirectory}</DownloadDirectory>
<AutoDetectIncomingConnection type="int">0</AutoDetectIncomingConnection>
<NoIpOverride type="int">1</NoIpOverride>
<WizardRunNew type="int">0</WizardRunNew>
<IPUpdate type="int">0</IPUpdate>
<AlwaysCCPM type="int">1</AlwaysCCPM>
<DownloadSpeed type="string">${cfg.dcpp.DownloadSpeed}</DownloadSpeed>
<UploadSpeed type="string">${cfg.dcpp.UploadSpeed}</UploadSpeed>
</Settings>
<Share Token="0" Name="Default">
${genShares cfg.dcpp.shares}
<NoShare/>
</Share>
<ChatFilterItems/>
</DCPlusPlus>
'' else cfg.dcpp.initialConfigFile;
in {
systemd.services.airdcpp = {
description = "airdcpp webui";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
restartIfChanged = true;
serviceConfig = {
Type = "simple";
ExecStartPre = pkgs.writeDash "prepare-env" ''
d=${cfg.stateDir}/WebServer.xml
test -e $d || install -m700 -o${cfg.user} ${webConfigFile} $d
d=${cfg.stateDir}/DCPlusPlus.xml
test -e $d || install -m700 -o${cfg.user} ${dcppConfigFile} $d
d=${cfg.stateDir}/Favorites.xml
test -e $d || install -m700 -o${cfg.user} ${favoritesConfigFile} $d
'';
PermissionsStartOnly = true;
ExecStart = "${cfg.package}/bin/airdcppd -c=${cfg.stateDir} -p=${cfg.stateDir}/airdcpp.pid";
PrivateTmp = true;
WorkingDirectory = cfg.stateDir;
User = "${cfg.user}";
};
};
users = lib.mkIf (cfg.user == "airdcpp") {
users.airdcpp = {
uid = genid "airdcpp";
home = cfg.stateDir;
createHome = true;
inherit (cfg) extraGroups;
};
groups.airdcpp.gid = genid "airdcpp";
};
};
in
out

1
krebs/3modules/buildbot/master.nix
View File

@ -82,6 +82,7 @@ let
irc = words.IRC("${cfg.irc.server}", "${cfg.irc.nick}",
channels=${builtins.toJSON cfg.irc.channels},
notify_events={
'started': 1,
'success': 1,
'failure': 1,
'exception': 1,

2
krebs/3modules/buildbot/slave.nix
View File

@ -160,8 +160,6 @@ let
# TODO: maybe also prepare buildbot.tac?
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
set -efux
#remove garbage from old versions
rm -rf ${workdir}
mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac
echo ${contact} > ${workdir}/info/admin

1
krebs/3modules/default.nix
View File

@ -6,6 +6,7 @@ let
out = {
imports = [
./airdcpp.nix
./announce-activation.nix
./apt-cacher-ng.nix
./backup.nix

37
krebs/3modules/jeschli/default.nix
View File

@ -7,43 +7,6 @@ with import <stockholm/lib>;
owner = config.krebs.users.jeschli;
ci = true;
}) {
bln = {
nets = {
retiolum = {
ip4.addr = "10.243.27.28";
ip6.addr = "42::28";
aliases = [
"bln.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEAwoN2f6iyQ1Wnk4rZVqhovny8VpwWvC9buE+NoedRaxmWmA5QIP02
BLwTWFKnbiKOQiYN+a4m/JKs0fFOjYCa2EKhqWWKwdEIN4wJTq8zrjzIaa2rdz+8
tamE+8rSYDE+RbJ6Gs3SUDfwcxJT6FXCi3JYoirdhAssLSwTf9d5IsfXvkKMabky
FpY9Im51utmIR8UmYL4Ti7dEaOxif+5Hgl1LuitC8e2IIZJhXJprK9tJk9J0LRWt
PUM31IG1+A2hNBzs5hferLmmwFvYF1sJ22NtFepxVyOLaLcLEFKWHyU+14qEMSgL
acsu0lgVZ4A1TY6vVBmawfVCzUzRfalNIty1x+qDA4MB1RQ4W7ivWCjd/+wirSyc
BLxCvriXRdUwPIRoHy0kNMmS83HGm2iv2IrHUrcH8lyJvMys216J2lCF2arRVnBn
lArObfR3mXgd/YoANmZ4cinLAjLCjCjXfOe39+pvTFph6WnDt4gOO+tQlnCk19Fa
NoiK1THcuZiFVE+4CAXVmstNqYKSMgw+Upw7/t6iUzur98iwKpcicomhJjGVVtbg
2iDf4lYVrUyb7iPns2T4EzAuHk7iESktEASU5creSbWYRu/4uyhuNlUoiCpVOEKg
H9jkrLlCpQGv/GmgdH9oj35Dsv5TINauCT2jjWV65wcKAlvyafy5UtLyF4HBRHaM
2xyxC9gxr8bmeOFyOnHVJQvpkeLxyaRp/VppjCTzr82TQvpZd5a+tISIbDGfqX1o
cEyPsowb3KHNtW9DqRBp+80fPGnQHsNjVXbJb37wjpnR/ePg/XyENbZF/OQEsjqt
bki8hZQXKJAFyx1bq/2A1q4ocx7JlJKynL4szG1unHbSPKNH2OOVvoezuP7e+lXU
gnzrSbe9lPIOp4Vu1HjWOi6tNWZFoZrSHVIK+VGxm+wm/HoS+Enj4Yq+vRvU3luv
UllR5KHHK2970RbFEUE0zaVMZjQn5KgJjFXfqfrCztp0wZ5CQo+tRFPq35llaIQ2
0WyT2IZlxt1Xr2IpOM0DpO4SJnivZT/wdZN7upzsUPf4a9suztpA3KcKAKqH0OM5
fv2/LXspc73vACAOZ9qDJnwp8bFrMOaQdAL1oPpOLB3yYTDA3E20IAQ6OKoSy1Nl
B4coqo1gBCcMrWwVFYAuc5J4itXJ0SSj67+WUnuDzPm88LI3g+AO0r1m6k6YdA58
SeNxYPMLYNLRg86rsjKjXu+QyvBsd04O/QvIxpTFCtdjbUXNS1H4++/inYZSwWPp
U0lN9erLJbwr4WqU/Mn6J+jKijXwmCSiF5if5baszMsOL/0u9yFt6OcaLyehE3sJ
eAo00n9phSna0lxtbtRnh/Gd4D7rFcX33wIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
brauerei = {
nets = {
retiolum = {

38
krebs/3modules/lass/default.nix
View File

@ -494,6 +494,44 @@ with import <stockholm/lib>;
};
};
};
eve = {
monitoring = false;
ci = false;
external = true;
nets = rec {
internet = {
# eve.thalheim.io
ip4.addr = "188.68.39.17";
ip6.addr = "2a03:4000:13:31e::1";
aliases = [ "eve.i" ];
};
retiolum = rec {
via = internet;
addrs = [
ip4.addr
ip6.addr
];
ip4.addr = "10.243.29.174";
ip6.addr = "42:4992:6a6d:a00::1";
aliases = [ "eve.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
xerxes = {
cores = 2;
nets = rec {

27
krebs/3modules/makefu/default.nix
View File

@ -4,7 +4,9 @@ with import <stockholm/lib>;
## generate keys with:
# tinc generate-keys
# ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host
{
let
pub-for = name: builtins.readFile (./ssh + "/${name}.pub");
in {
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) {
cake = rec {
cores = 4;
@ -590,6 +592,8 @@ with import <stockholm/lib>;
"cache.gum.r"
"logs.makefu.r"
"stats.makefu.r"
"backup.makefu.r"
"dcpp.nextgum.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -654,6 +658,7 @@ with import <stockholm/lib>;
"wiki.gum.r"
"blog.makefu.r"
"blog.gum.r"
"dcpp.gum.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -1099,48 +1104,48 @@ with import <stockholm/lib>;
users = rec {
makefu = {
mail = "makefu@x.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@x";
pubkey = pub-for "makefu.x";
pgp.pubkeys.default = builtins.readFile ./pgp/default.asc;
pgp.pubkeys.brain = builtins.readFile ./pgp/brain.asc;
};
makefu-omo = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch";
pubkey = pub-for "makefu.omo";
};
makefu-tsp = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1srWa67fcsw3r64eqgIuHbMbrj6Ywd9AwzCM+2dfXqYQZblchzH4Q4oydjdFOnV9LaA1LfNcWEjV/gVQKA2/xLSyXSDwzTxQDyOAZaqseKVg1F0a7wAF20+LiegQj6KXE29wcTW1RjcPncmagTBv5/vYbo1eDLKZjwGpEnG0+s+TRftrAhrgtbsuwR1GWWYACxk1CbxbcV+nIZ1RF9E1Fngbl4C4WjXDvsASi8s24utCd/XxgKwKcSFv7EWNfXlNzlETdTqyNVdhA7anc3N7d/TGrQuzCdtrvBFq4WbD3IRhSk79PXaB3L6xJ7LS8DyOSzfPyiJPK65Zw5s4BC07Z makefu@tsp";
pubkey = pub-for "makefu.tsp";
};
makefu-vbob = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiKvLKaRQPL/Y/4EWx3rNhrY5YGKK4AeqDOFTLgJ7djwJnMo7FP+OIH/4pFxS6Ri2TZwS9QsR3hsycA4n8Z15jXAOXuK52kP65Ei3lLyz9mF+/s1mJsV0Ui/UKF3jE7PEAVky7zXuyYirJpMK8LhXydpFvH95aGrL1Dk30R9/vNkE9rc1XylBfNpT0X0GXmldI+r5OPOtiKLA5BHJdlV8qDYhQsU2fH8S0tmAHF/ir2bh7+PtLE2hmRT+b8I7y1ZagkJsC0sn9GT1AS8ys5s65V2xTTIfQO1zQ4sUH0LczuRuY8MLaO33GAzhyoSQdbdRAmwZQpY/JRJ3C/UROgHYt makefu@vbob";
pubkey = pub-for "makefu.vbob";
};
makefu-tempx = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOXG6iwvm6zUVk+OE9ZviO+WNosAHSZw4ku0RxWbXSlSG0RfzvV4IfByF3Dw+4a8yZQmjwNkQalUURh2fEqhBLBI9XNEIL7qIu17zheguyXzpE3Smy4pbI+fjdsnfFrw+WE2n/IO8N6ojdH6sMmnWwfkFZYqqofWyLB3WUN9wy2b2z0w/jc56+HxxyTl3rD7CttTs9ak67HqIn3/pNeHoOM+JQ/te8t4ageIlPi8yJJpqZgww1RUWCgPPwZ9DP6gQjo85he76x0h9jvhnFd7m9N1aGdRDcK55QyoY/9x07R24GRutohAB/KDWSkDWQv5BW7M1LCawpJcF3DDslD1i7 makefu@gum";
pubkey = pub-for "makefu.tempx";
};
makefu-android = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
pubkey = pub-for "makefu.android";
};
makefu-remote-builder = {
inherit (makefu) mail pgp;
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild";
pubkey = pub-for "makefu.remote-builder";
};
makefu-bob = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD";
pubkey = pub-for "makefu.bob";
};
ciko = {
mail = "wieczorek.stefan@googlemail.com";
};
ulrich = {
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1sobyfvUu/G2Ms+T0cI4CSgtjCoO2qEYVK1jkqC2A9mLJfNoPsToLowfGszpOAM9S4Rtn+OJ+vPMvs2E4pkZmXcmJZFAKKPNadmzwqCQyskBdoyszkj7DXngX56ZQ+ZEf+vPp2tu/IN0CFNVUllUcWP2TD2ECH5qkBODBHLyGf4PvV35yGpuYNFhFSWkTxwXZ7d5eat2kmwTfryX91Z+M901t6MK0ADyUwBkbotwSn/B6xUEZzExlGhRziRlIM0MrmSMvUA1mcmMJWVfHbb5Sw8yVstUuaU98C3EzDPNlVTbu5al2sDk4+jjireMMMVHC0j8aj7DlhvcF2t7ZpAKy+HN/PFuV7+RgN3DmIMLwbSRfykH3ATVdBzoL0/XmGBRXht6M22igAMFt9o/oHtwWt2JYcNX5poS8kLcjPzGHcx7KOslZ7VZev4BTpFAZIeMYhlzsNCI88bxUqdFxIcofNIQMy4Ep4qJXlgMduQbYtPDRpclDe82yiblhz48+HF/j8+0ZBx4w3jb4XBtgeTfwM2nARsD7MRzokfMfbGf6cZ8AU0/h69ECdsy2KYCKzgFxV/SHN2fDk6SZWLHmxDZ8N02VqgXMTvkYHvDBiaNxM0/iNMKqYCfuxjQPSusBENSgwhUnBGgoGYZuz0r2oMdtzqrkC/VbDxi5gSKl+ZoaMQ== shackspace.de@myvdr.de";
pubkey = pub-for "ulrich";
mail = "shackspace.de@myvdr.de";
};
exco = {
mail = "dickbutt@excogitation.de";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== dickbutt@excogitation.de";
pubkey = pub-for "exco";
};
};
}

1
krebs/3modules/makefu/ssh/exco.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== dickbutt@excogitation.de

1
krebs/3modules/makefu/ssh/makefu.android.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x

1
krebs/3modules/makefu/ssh/makefu.bob.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD

1
krebs/3modules/makefu/ssh/makefu.omo.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch

1
krebs/3modules/makefu/ssh/makefu.remote-builder.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild

1
krebs/3modules/makefu/ssh/makefu.tempx.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOXG6iwvm6zUVk+OE9ZviO+WNosAHSZw4ku0RxWbXSlSG0RfzvV4IfByF3Dw+4a8yZQmjwNkQalUURh2fEqhBLBI9XNEIL7qIu17zheguyXzpE3Smy4pbI+fjdsnfFrw+WE2n/IO8N6ojdH6sMmnWwfkFZYqqofWyLB3WUN9wy2b2z0w/jc56+HxxyTl3rD7CttTs9ak67HqIn3/pNeHoOM+JQ/te8t4ageIlPi8yJJpqZgww1RUWCgPPwZ9DP6gQjo85he76x0h9jvhnFd7m9N1aGdRDcK55QyoY/9x07R24GRutohAB/KDWSkDWQv5BW7M1LCawpJcF3DDslD1i7 makefu@gum

1
krebs/3modules/makefu/ssh/makefu.tsp.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1srWa67fcsw3r64eqgIuHbMbrj6Ywd9AwzCM+2dfXqYQZblchzH4Q4oydjdFOnV9LaA1LfNcWEjV/gVQKA2/xLSyXSDwzTxQDyOAZaqseKVg1F0a7wAF20+LiegQj6KXE29wcTW1RjcPncmagTBv5/vYbo1eDLKZjwGpEnG0+s+TRftrAhrgtbsuwR1GWWYACxk1CbxbcV+nIZ1RF9E1Fngbl4C4WjXDvsASi8s24utCd/XxgKwKcSFv7EWNfXlNzlETdTqyNVdhA7anc3N7d/TGrQuzCdtrvBFq4WbD3IRhSk79PXaB3L6xJ7LS8DyOSzfPyiJPK65Zw5s4BC07Z makefu@tsp

1
krebs/3modules/makefu/ssh/makefu.vbob.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiKvLKaRQPL/Y/4EWx3rNhrY5YGKK4AeqDOFTLgJ7djwJnMo7FP+OIH/4pFxS6Ri2TZwS9QsR3hsycA4n8Z15jXAOXuK52kP65Ei3lLyz9mF+/s1mJsV0Ui/UKF3jE7PEAVky7zXuyYirJpMK8LhXydpFvH95aGrL1Dk30R9/vNkE9rc1XylBfNpT0X0GXmldI+r5OPOtiKLA5BHJdlV8qDYhQsU2fH8S0tmAHF/ir2bh7+PtLE2hmRT+b8I7y1ZagkJsC0sn9GT1AS8ys5s65V2xTTIfQO1zQ4sUH0LczuRuY8MLaO33GAzhyoSQdbdRAmwZQpY/JRJ3C/UROgHYt makefu@vbob

1
krebs/3modules/makefu/ssh/makefu.x.pub Normal file
View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@x

1
krebs/3modules/makefu/ssh/ulrich.pub Normal file
View File

@ -0,0 +1 @@
AAAAB3NzaC1yc2EAAAADAQABAAACAQC1sobyfvUu/G2Ms+T0cI4CSgtjCoO2qEYVK1jkqC2A9mLJfNoPsToLowfGszpOAM9S4Rtn+OJ+vPMvs2E4pkZmXcmJZFAKKPNadmzwqCQyskBdoyszkj7DXngX56ZQ+ZEf+vPp2tu/IN0CFNVUllUcWP2TD2ECH5qkBODBHLyGf4PvV35yGpuYNFhFSWkTxwXZ7d5eat2kmwTfryX91Z+M901t6MK0ADyUwBkbotwSn/B6xUEZzExlGhRziRlIM0MrmSMvUA1mcmMJWVfHbb5Sw8yVstUuaU98C3EzDPNlVTbu5al2sDk4+jjireMMMVHC0j8aj7DlhvcF2t7ZpAKy+HN/PFuV7+RgN3DmIMLwbSRfykH3ATVdBzoL0/XmGBRXht6M22igAMFt9o/oHtwWt2JYcNX5poS8kLcjPzGHcx7KOslZ7VZev4BTpFAZIeMYhlzsNCI88bxUqdFxIcofNIQMy4Ep4qJXlgMduQbYtPDRpclDe82yiblhz48+HF/j8+0ZBx4w3jb4XBtgeTfwM2nARsD7MRzokfMfbGf6cZ8AU0/h69ECdsy2KYCKzgFxV/SHN2fDk6SZWLHmxDZ8N02VqgXMTvkYHvDBiaNxM0/iNMKqYCfuxjQPSusBENSgwhUnBGgoGYZuz0r2oMdtzqrkC/VbDxi5gSKl+ZoaMQ== shackspace.de@myvdr.de

4
krebs/5pkgs/simple/Reaktor/default.nix
View File

@ -2,7 +2,7 @@
python3Packages.buildPythonPackage rec {
name = "Reaktor-${version}";
version = "0.6.0";
version = "0.6.2";
doCheck = false;
@ -14,7 +14,7 @@ python3Packages.buildPythonPackage rec {
owner = "krebs";
repo = "Reaktor";
rev = version;
sha256 = "0nsnv1rixmlg5wkb74b4f5bycb42b9rp4b14hijh558hbsa1b9am";
sha256 = "0h8pj0x9b5fnxddwrc0f63rxd3275v5phmjc0fv4kiwlzvbcxj6m";
};
meta = {
homepage = http://krebsco.de/;

2
krebs/5pkgs/simple/Reaktor/plugins.nix
View File

@ -120,7 +120,7 @@ rec {
url-title = (buildSimpleReaktorPlugin "url-title" {
pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$";
path = with pkgs; [ curl perl ];
script = pkgs.writePython3 "url-title" { deps = [ "beautifulsoup4" "lxml" ]; } ''
script = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } ''
import cgi
import sys
import urllib.request

28
krebs/5pkgs/simple/airdcpp-webclient/default.nix Normal file
View File

@ -0,0 +1,28 @@
{ stdenv, fetchurl, makeWrapper, which
}:
stdenv.mkDerivation rec {
name = "airdcpp-webclient-${version}";
version = "2.3.0";
src = fetchurl {
url = http://web-builds.airdcpp.net/stable/airdcpp_2.3.0_webui-2.3.0_64-bit_portable.tar.gz;
sha256 = "0yvcl0nc70fghc7vfsgvbpryi5q97arld8adql4way4qa0mdnyv1";
};
phases = [ "unpackPhase" "installPhase" ];
installPhase = ''
mkdir -p $out/{share,bin}
cp -r * $out/share
makeWrapper $out/share/airdcppd $out/bin/airdcppd --prefix PATH ${which}/bin
'';
nativeBuildInputs = [ makeWrapper ];
meta = with stdenv.lib; {
# to start it: airdcpp -p=<pid-file> -c=<config-store-path (must be writeable)> --configure
description = "dcpp client (statically precompiled)";
homepage = http://fixme;
license = licenses.gpl3;
maintainers = with maintainers; [ makefu ];
platforms = with platforms; linux;
};
}

6
krebs/5pkgs/simple/buildbot-classic/default.nix
View File

@ -2,7 +2,7 @@
python2Packages.buildPythonApplication rec {
name = "buildbot-classic-${version}";
version = "0.8.17";
version = "0.8.18";
namePrefix = "";
patches = [];
@ -10,14 +10,14 @@ python2Packages.buildPythonApplication rec {
owner = "krebs";
repo = "buildbot-classic";
rev = version;
sha256 = "0yn0n37rs2bhz9q0simnvyzz5sfrpqhbdm6pdj6qk7sab4y6xbq8";
sha256 = "0b4y3n9zd2gdy8xwk1vpvs4n9fbg72vi8mx4ydgijwngcmdqkjmq";
};
postUnpack = "sourceRoot=\${sourceRoot}/master";
propagatedBuildInputs = [
python2Packages.jinja2
python2Packages.twisted
python2Packages.dateutil_1_5
python2Packages.dateutil
python2Packages.sqlalchemy_migrate
python2Packages.pysqlite
pkgs.coreutils

1
krebs/5pkgs/simple/repo-sync/default.nix
View File

@ -3,7 +3,6 @@
with python3Packages; buildPythonPackage rec {
name = "repo-sync-${version}";
version = "0.2.7";
disabled = isPy26 || isPy27;
propagatedBuildInputs = [
docopt
GitPython

6
krebs/krops.nix
View File

@ -1,9 +1,6 @@
{ name }: rec {
krops = builtins.fetchGit {
url = https://cgit.krebsco.de/krops/;
rev = "c46166d407c7d246112f13346621a3fbdb25889e";
};
krops = ../submodules/krops;
lib = import "${krops}/lib";
@ -57,6 +54,7 @@
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
force = true;
inherit target;
source = source { test = true; };
};

8
krebs/nixpkgs.json
View File

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "a37638d46706610d12c9747614fd1b8f8d35ad48",
"date": "2018-08-30T21:03:26+02:00",
"sha256": "0rsdkk4z7pkqr2mw0pq7i6fkqs7gbi5kral3c8smm9bw104sn8v7",
"fetchSubmodules": true
"rev": "81f5c2698a87c65b4970c69d472960c574ea0db4",
"date": "2018-10-17T20:48:45-04:00",
"sha256": "0p4x9532d3qlbykyyq8zk62k8py9mxd1s7zgbv54zmv597rs5y35",
"fetchSubmodules": false
}

2
krebs/update-channel.sh
View File

@ -3,7 +3,7 @@ dir=$(dirname $0)
oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/NixOS/nixpkgs-channels \
--rev refs/heads/nixos-18.03' \
--rev refs/heads/nixos-18.09' \
> $dir/nixpkgs.json
newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"

2
lass/1systems/mors/config.nix
View File

@ -77,6 +77,7 @@ with import <stockholm/lib>;
environment.systemPackages = [
pkgs.ovh-zone
pkgs.bank
pkgs.adb-sync
];
}
{
@ -143,7 +144,6 @@ with import <stockholm/lib>;
OnCalendar = "00:37";
};
nix.package = pkgs.nixUnstable;
programs.adb.enable = true;
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
virtualisation.docker.enable = true;

10
lass/1systems/prism/config.nix
View File

@ -291,16 +291,6 @@ with import <stockholm/lib>;
];
}
{
services.nginx = {
enable = true;
virtualHosts."radio.lassul.us" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = ''
proxy_pass http://localhost:8000;
'';
};
};
}
{
lass.nichtparasoup.enable = true;

96
lass/1systems/prism/physical.nix
View File

@ -3,27 +3,39 @@
imports = [
./config.nix
{
networking.interfaces.et0.ipv4.addresses = [
{
address = config.krebs.build.host.nets.internet.ip4.addr;
boot.kernelParams = [ "net.ifnames=0" ];
networking = {
defaultGateway = "46.4.114.225";
# Use google's public DNS server
nameservers = [ "8.8.8.8" ];
interfaces.eth0 = {
ipAddress = "46.4.114.247";
prefixLength = 27;
}
{
address = "46.4.114.243";
prefixLength = 27;
}
];
networking.defaultGateway = "46.4.114.225";
networking.nameservers = [
"8.8.8.8"
];
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
'';
};
};
# TODO use this network config
#networking.interfaces.et0.ipv4.addresses = [
# {
# address = config.krebs.build.host.nets.internet.ip4.addr;
# prefixLength = 27;
# }
# {
# address = "46.4.114.243";
# prefixLength = 27;
# }
#];
#networking.defaultGateway = "46.4.114.225";
#networking.nameservers = [
# "8.8.8.8"
#];
#services.udev.extraRules = ''
# SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
#'';
}
{
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
networking.hostId = "fb4173ea";
boot.loader.grub = {
devices = [
"/dev/sda"
@ -40,45 +52,25 @@
boot.kernelModules = [ "kvm-intel" ];
fileSystems."/" = {
device = "/dev/pool/nix_root";
fsType = "ext4";
};
fileSystems."/tmp" = {
device = "tmpfs";
fsType = "tmpfs";
options = ["nosuid" "nodev" "noatime"];
};
fileSystems."/var/download" = {
device = "/dev/pool/download";
fsType = "ext4";
};
fileSystems."/srv/http" = {
device = "/dev/pool/http";
fsType = "ext4";
};
fileSystems."/home" = {
device = "/dev/pool/home";
fsType = "ext4";
};
fileSystems."/bku" = {
device = "/dev/pool/bku";
fsType = "ext4";
};
swapDevices = [
{ label = "swap1"; }
{ label = "swap2"; }
];
sound.enable = false;
nixpkgs.config.allowUnfree = true;
time.timeZone = "Europe/Berlin";
fileSystems."/" = {
device = "rpool/root/nixos";
fsType = "zfs";
};
fileSystems."/home" = {
device = "rpool/home";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/b67c3370-1597-4ce8-8a46-e257ca32150d";
fsType = "ext4";
};
}
];

1
lass/2configs/baseX.nix
View File

@ -71,7 +71,6 @@ in {
lm_sensors
ncdu
nix-index
nix-repl
nmap
pavucontrol
powertop

1
lass/2configs/exim-smarthost.nix
View File

@ -89,6 +89,7 @@ with import <stockholm/lib>;
{ from = "cis@lassul.us"; to = lass.mail; }
{ from = "afra@lassul.us"; to = lass.mail; }
{ from = "ksp@lassul.us"; to = lass.mail; }
{ from = "ccc@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }

1
lass/2configs/games.nix
View File

@ -57,7 +57,6 @@ let
in {
environment.systemPackages = with pkgs; [
(dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; })
doom1
doom2
vdoom1

28
lass/2configs/git.nix
View File

@ -50,18 +50,38 @@ let
cgit.desc = "take a description of your disk layout and produce a format script";
cgit.section = "software";
};
go = {
cgit.desc = "url shortener";
cgit.section = "software";
};
krebspage = {
cgit.desc = "homepage of krebs";
cgit.section = "configuration";
};
krops = {
cgit.desc = "krebs deployment";
cgit.section = "software";
};
news = {
cgit.desc = "take a rss feed and a timeout and print it to stdout";
cgit.section = "software";
};
newsbot-js = {
cgit.desc = "print rss feeds to irc channels";
cgit.section = "software";
};
nix-user-chroot = {
cgit.desc = "Fork of nix-user-chroot by lethalman";
cgit.section = "software";
};
nix-writers = {
cgit.desc = "high level writers for nix";
cgit.section = "software";
};
nixos-generators = {
cgit.desc = "custom image builders";
cgit.section = "software";
};
nixpkgs = {
cgit.desc = "nixpkgs fork";
cgit.section = "configuration";
@ -81,14 +101,6 @@ let
cgit.desc = "Good Music collection + tools";
cgit.section = "art";
};
nix-user-chroot = {
cgit.desc = "Fork of nix-user-chroot by lethalman";
cgit.section = "software";
};
krops = {
cgit.desc = "krebs deployment";
cgit.section = "software";
};
xmonad-stockholm = {
cgit.desc = "krebs xmonad modules";
cgit.section = "configuration";

1
lass/2configs/mail.nix
View File

@ -210,6 +210,7 @@ in {
environment.systemPackages = [
msmtp
mutt
pkgs.notmuch
pkgs.much
tag-new-mails
tag-old-mails

86
lass/2configs/radio.nix
View File

@ -36,8 +36,9 @@ in {
home = "/home/${name}";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-mors.pubkey
];
};
};
@ -131,6 +132,30 @@ in {
};
};
systemd.services.radio-recent = let
recentlyPlayed = pkgs.writeDash "recentlyPlayed" ''
LIMIT=1000 #how many tracks to keep in the history
HISTORY_FILE=/tmp/played
while :; do
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
${pkgs.mpc_cli}/bin/mpc current -f %file%
done | while read track; do
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
done
'';
in {
description = "radio recently played";
after = [ "mpd.service" "network.target" ];
wantedBy = [ "multi-user.target" ];
restartIfChanged = true;
serviceConfig = {
ExecStart = recentlyPlayed;
};
};
krebs.Reaktor.playlist = {
nickname = "the_playlist|r";
channels = [
@ -157,27 +182,40 @@ in {
})
];
};
services.nginx.virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let
html = pkgs.writeText "index.html" ''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>lassulus playlist</title>
</head>
<body>
<div style="display:inline-block;margin:0px;padding:0px;overflow:hidden">
<iframe src="https://kiwiirc.com/client/irc.freenode.org/?nick=kiwi_test|?&theme=cli#the_playlist" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:95%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="95%" width="100%"></iframe>
</div>
<div style="position:absolute;bottom:1px;display:inline-block;background-color:red;">
<audio controls autoplay="autoplay"><source src="http://lassul.us:8000/radio.ogg" type="audio/ogg">Your browser does not support the audio element.</audio>
</div>
<!-- page content -->
</body>
</html>
services.nginx = {
enable = true;
virtualHosts."radio.lassul.us" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = ''
proxy_pass http://localhost:8000;
'';
locations."/recent".extraConfig = ''
alias /tmp/played;
'';
};
virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let
html = pkgs.writeText "index.html" ''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>lassulus playlist</title>
</head>
<body>
<div style="display:inline-block;margin:0px;padding:0px;overflow:hidden">
<iframe src="https://kiwiirc.com/client/irc.freenode.org/?nick=kiwi_test|?&theme=cli#the_playlist" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:95%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="95%" width="100%"></iframe>
</div>
<div style="position:absolute;bottom:1px;display:inline-block;background-color:red;">
<audio controls autoplay="autoplay"><source src="http://lassul.us:8000/radio.ogg" type="audio/ogg">Your browser does not support the audio element.</audio>
</div>
<!-- page content -->
</body>
</html>
'';
in ''
default_type "text/html";
alias ${html};
'';
in ''
default_type "text/html";
alias ${html};
'';
};
}

18
lass/2configs/reaktor-coders.nix
View File

@ -63,24 +63,6 @@ with import <stockholm/lib>;
-e "@kind $1"
'';
})
(buildSimpleReaktorPlugin "random-unicorn-porn" {
pattern = "^!rup$$";
script = pkgs.writePython2 "rup" {} ''
t1 = """
_.
;=',_ ()
8===D~~ S" .--`||
sS \__ ||
__.' ( \-->||
_=/ _./-\/ ||
8===D~~ ((\( /-' -'l ||
) |/ \\ (_))
\\ \\
'~ '~
"""
print(t1)
'';
})
(buildSimpleReaktorPlugin "ping" {
pattern = "^!ping (?P<args>.*)$$";
script = pkgs.writeDash "ping" ''

2
lass/2configs/urxvt.nix
View File

@ -5,7 +5,7 @@ with import <stockholm/lib>;
services.urxvtd.enable = true;
krebs.xresources.resources.urxvt = ''
URxvt*SaveLines: 1000000
URxvt.saveLines: 100000
URxvt*scrollBar: false
URxvt*urgentOnBell: true
URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select

15
lass/2configs/vim.nix
View File

@ -2,20 +2,13 @@
with import <stockholm/lib>;
let
unstable_nixpkgs = import (pkgs.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "a8c71037e041725d40fbf2f3047347b6833b1703";
sha256 = "1z4cchcw7qgjhy0x6mnz7iqvpswc2nfjpdynxc54zpm66khfrjqw";
}) {};
out = {
environment.systemPackages = [
(hiPrio vim)
pkgs.python35Packages.flake8
(pkgs.writeDashBin "govet" ''
go vet "$@"
'')
(hiPrio (unstable_nixpkgs.python3.withPackages (ps: [
(hiPrio (pkgs.python3.withPackages (ps: [
ps.python-language-server
ps.pyls-isort
])))
@ -70,6 +63,8 @@ let
au Syntax * syn match Garbage containedin=ALL /\s\+$/
\ | syn match TabStop containedin=ALL /\t\+/
\ | syn keyword Todo containedin=ALL TODO
\ | syn match NBSP '\%xa0'
\ | syn match NarrowNBSP '\%u202F'
au BufRead,BufNewFile *.hs so ${hs.vim}
@ -135,7 +130,7 @@ let
pkgs.vimPlugins.undotree
pkgs.vimPlugins.vim-go
pkgs.vimPlugins.fzf-vim
unstable_nixpkgs.vimPlugins.LanguageClient-neovim
pkgs.vimPlugins.LanguageClient-neovim
(pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchFromGitHub {
@ -172,6 +167,8 @@ let
hi Garbage ctermbg=088
hi TabStop ctermbg=016
hi NBSP ctermbg=094
hi NarrowNBSP ctermbg=097
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=148

6
lass/2configs/websites/domsen.nix
View File

@ -66,6 +66,12 @@ in {
])
];
services.mysql.ensureDatabases = [ "ubikmedia_de" "o_ubikmedia_de" ];
services.mysql.ensureUsers = [
{ ensurePermissions = { "ubikmedia_de.*" = "ALL"; }; name = "nginx"; }
{ ensurePermissions = { "o_ubikmedia_de.*" = "ALL"; }; name = "nginx"; }
];
services.nginx.virtualHosts."ubikmedia.de".locations."/piwika".extraConfig = ''
try_files $uri $uri/ /index.php?$args;
'';

5
lass/2configs/websites/lassulus.nix
View File

@ -145,8 +145,9 @@ in {
home = "/srv/http/lassul.us";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
openssh.authorizedKeys.keys = with config.krebs.users; [
lass.pubkey
lass-mors.pubkey
];
};
}

7
lass/3modules/xjail.nix
View File

@ -120,10 +120,13 @@ with import <stockholm/lib>;
${pkgs.coreutils}/bin/kill $WM_PID
${pkgs.coreutils}/bin/kill $XEPHYR_PID
'';
# TODO fix xephyr which doesn't honor resizes anymore
sudo_ = pkgs.writeDash "${cfg.name}-sudo" (if cfg.vglrun then ''
/var/run/wrappers/bin/sudo -u ${cfg.name} -i ${vglrun_} "$@"
'' else ''
/var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
#/var/run/wrappers/bin/sudo -u ${cfg.name} -i env DISPLAY=:${cfg.display} ${cfg.script} "$@"
/var/run/wrappers/bin/sudo -u ${cfg.name} -i ${cfg.script} "$@"
'');
vglrun_ = pkgs.writeDash "${cfg.name}-vglrun" ''
DISPLAY=:${cfg.display} ${pkgs.virtualgl}/bin/vglrun ${cfg.extraVglrunArgs} ${cfg.script} "$@"
@ -163,7 +166,7 @@ with import <stockholm/lib>;
lass.xjail-bins = mapAttrs' (name: cfg:
nameValuePair name (pkgs.writeScriptBin cfg.name ''
${scripts.${name}.existing} "$@"
${scripts.${name}.sudo} "$@"
'')
) config.lass.xjail;
};

5
lass/5pkgs/custom/xmonad-lass/default.nix
View File

@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS)
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized)
import XMonad.Hooks.EwmhDesktops (ewmh)
import XMonad.Hooks.FloatNext (floatNext)
import XMonad.Hooks.FloatNext (floatNextHook)
@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.UrgencyHook (focusUrgent)
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
import XMonad.Layout.FixedColumn (FixedColumn(..))
import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
import XMonad.Layout.Minimize (minimize)
import XMonad.Layout.NoBorders (smartBorders)
import XMonad.Layout.SimplestFloat (simplestFloat)
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
@ -135,7 +136,7 @@ myKeyMap =
, ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
, ("M4-m", withFocused minimizeWindow)
, ("M4-S-m", sendMessage RestoreNextMinimizedWin)
, ("M4-S-m", withLastMinimized maximizeWindow)
, ("M4-q", windowPromptGoto infixAutoXPConfig)
, ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)

5
lass/krops.nix
View File

@ -22,13 +22,14 @@
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${name}/var/src";
inherit target;
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
force = true;
inherit target;
source = source { test = true; };
};

0
makefu/0tests/data/secrets/airdcpp-makefu.pw Normal file
View File

0
makefu/0tests/data/secrets/krebshub.pw Normal file
View File

5
makefu/1systems/nextgum/config.nix
View File

@ -25,11 +25,12 @@ in {
<stockholm/makefu/2configs/git/cgit-retiolum.nix>
<stockholm/makefu/2configs/backup.nix>
<stockholm/makefu/2configs/exim-retiolum.nix>
# <stockholm/makefu/2configs/exim-retiolum.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
# services
<stockholm/makefu/2configs/sabnzbd.nix>
<stockholm/makefu/2configs/mail/mail.euer.nix>
# sharing
<stockholm/makefu/2configs/share/gum.nix>
@ -73,6 +74,7 @@ in {
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
#<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
<stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
<stockholm/makefu/2configs/nginx/iso.euer.nix>
<stockholm/makefu/2configs/deployment/events-publisher>
#<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
@ -94,6 +96,7 @@ in {
<stockholm/makefu/2configs/stats/client.nix>
<stockholm/makefu/2configs/dcpp/airdcpp.nix>
# <stockholm/makefu/2configs/logging/client.nix>
## Temporary:

13
makefu/1systems/nextgum/hardware-config.nix
View File

@ -41,11 +41,12 @@ in {
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.devices = [ main-disk ];
boot.initrd.kernelModules = [ "dm-raid" ];
boot.initrd.availableKernelModules = [
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
];
boot.kernelModules = [ "kvm-intel" "dm-raid" "dm_thin_pool" ];
boot.kernelModules = [ "kvm-intel" ];
hardware.enableRedistributableFirmware = true;
fileSystems."/" = {
device = "/dev/mapper/nixos-root";
@ -59,6 +60,10 @@ in {
device = "/dev/mapper/nixos-download";
fsType = "ext4";
};
fileSystems."/var/lib/borgbackup" = {
device = "/dev/mapper/nixos-backup";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/sda2";
fsType = "vfat";
@ -79,8 +84,12 @@ in {
#vgcreate nixos /dev/sda3 /dev/sdb1
#lvcreate -L 120G -m 1 -n root nixos
#lvcreate -L 50G -m 1 -n lib nixos
#lvcreate -L 50G -n download nixos
#lvcreate -L 100G -n download nixos
#lvcreate -L 100G -n backup nixos
#mkfs.ext4 /dev/mapper/nixos-root
#mkfs.ext4 /dev/mapper/nixos-lib
#mkfs.ext4 /dev/mapper/nixos-download
#mkfs.ext4 /dev/mapper/nixos-borgbackup
#mount /dev/mapper/nixos-root /mnt
#mkdir /mnt/boot
#mount /dev/sda2 /mnt/boot

4
makefu/1systems/x/config.nix
View File

@ -7,6 +7,10 @@
[ # base
<stockholm/makefu>
<stockholm/makefu/2configs/nur.nix>
<stockholm/makefu/2configs/home-manager>
<stockholm/makefu/2configs/home-manager/desktop.nix>
<stockholm/makefu/2configs/home-manager/cli.nix>
<stockholm/makefu/2configs/home-manager/mail.nix>
<stockholm/makefu/2configs/main-laptop.nix>
<stockholm/makefu/2configs/extra-fonts.nix>
<stockholm/makefu/2configs/tools/all.nix>

1
makefu/1systems/x/source.nix
View File

@ -6,5 +6,6 @@
unstable = true;
mic92 = true;
clever_kexec = true;
home-manager = true;
# torrent = true;
}

48
makefu/2configs/dcpp/airdcpp.nix Normal file
View File

@ -0,0 +1,48 @@
{ config, ... }:
{
krebs.airdcpp = {
enable = true;
extraGroups = [ "download" ];
web.port = 5600;
web.users.makefu.password = builtins.readFile <secrets/airdcpp-makefu.pw>; # watch out for newline!
hubs."krebshub" =
{ Nick = "makefu-${config.krebs.build.host.name}";
Password = builtins.readFile <secrets/krebshub.pw>;
Server = "adcs://hub.nsupdate.info:411";
AutoConnect = true;
};
dcpp = {
shares = {
# Incoming must be writeable!
incoming = { path = config.makefu.dl-dir + "/finished/dcpp"; incoming = true; };
audiobooks.path = config.makefu.dl-dir + "/finished/audiobooks";
};
Nick = "makefu";
DownloadSpeed = "1000";
UploadSpeed = "1000";
};
};
networking.firewall.allowedTCPPorts =
[ config.krebs.airdcpp.dcpp.InPort
config.krebs.airdcpp.dcpp.TLSPort
];
networking.firewall.allowedUDPPorts = [ config.krebs.airdcpp.dcpp.UDPPort ];
services.nginx.virtualHosts."dcpp.${config.krebs.build.host.name}.r".locations."/" =
{ proxyPass = "http://localhost:${toString config.krebs.airdcpp.web.port}/";
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
gzip_types text/plain application/javascript;
# Proxy websockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
'';
};
}

117
makefu/2configs/default.nix
View File

@ -10,14 +10,27 @@ with import <stockholm/lib>;
}
./editor/vim.nix
./binary-cache/nixos.nix
./minimal.nix
];
# users are super important
users.users = {
root = {
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
};
makefu = {
uid = 9001;
group = "users";
home = "/home/makefu";
createHome = true;
useDefaultShell = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
};
};
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
programs.command-not-found.enable = false;
nix.package = pkgs.nixUnstable;
nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
krebs = {
enable = true;
@ -27,90 +40,23 @@ with import <stockholm/lib>;
build.user = config.krebs.users.makefu;
};
users.extraUsers = {
root = {
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
};
makefu = {
uid = 9001;
group = "users";
home = "/home/makefu";
createHome = true;
useDefaultShell = true;
extraGroups = [
"wheel"
];
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
};
};
networking.hostName = config.krebs.build.host.name;
nix.maxJobs = 2;
nix.buildCores = config.krebs.build.host.cores;
time.timeZone = "Europe/Berlin";
programs.ssh = {
startAgent = false;
};
services.openssh.enable = true;
nix.useSandbox = true;
users.mutableUsers = false;
boot.tmpOnTmpfs = true;
networking.firewall.rejectPackets = true;
networking.firewall.allowPing = true;
systemd.tmpfiles.rules = [
"d /tmp 1777 root root - -"
];
nix.nixPath = [ "/var/src" ];
environment.variables = let
ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
in {
NIX_PATH = mkForce "/var/src";
EDITOR = mkForce "vim";
CURL_CA_BUNDLE = ca-bundle;
GIT_SSL_CAINFO = ca-bundle;
SSL_CERT_FILE = ca-bundle;
};
environment.systemPackages = with pkgs; [
jq
git
get
gnumake
rxvt_unicode.terminfo
htop
];
programs.bash = {
enableCompletion = true;
interactiveShellInit = ''
HISTCONTROL='erasedups:ignorespace'
HISTSIZE=900001
HISTFILESIZE=$HISTSIZE
PYTHONSTARTUP="~/.pythonrc";
shopt -s checkhash
shopt -s histappend histreedit histverify
shopt -s no_empty_cmd_completion
'';
promptInit = ''
case $UID in
0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;;
9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;;
*) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;;
esac
if test -n "$SSH_CLIENT"; then
PS1='\[\033[35m\]\h'" $PS1"
fi
'';
};
programs.bash.enableCompletion = true;
environment.shellAliases = {
# TODO: see .aliases
@ -126,12 +72,6 @@ with import <stockholm/lib>;
tinc = pkgs.tinc_pre;
};
networking.timeServers = [
"pool.ntp.org"
"time.windows.com"
"time.apple.com"
"time.nist.gov"
];
nix.extraOptions = ''
auto-optimise-store = true
@ -145,26 +85,5 @@ with import <stockholm/lib>;
SystemMaxUse=1G
RuntimeMaxUse=128M
'';
# Enable IPv6 Privacy Extensions
boot.kernel.sysctl = {
"net.ipv6.conf.all.use_tempaddr" = 2;
"net.ipv6.conf.default.use_tempaddr" = 2;
};
i18n = {
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};
# suppress chrome autit event messages
security.audit = {
rules = [
"-a task,never"
];
};
system.activationScripts.state = optionalString (config.state != []) ''
cat << EOF
This machine is burdened with state:
${concatMapStringsSep "\n" (d: "* ${d}") config.state}
EOF
'';
}

12
makefu/2configs/home-manager/cli.nix Normal file
View File

@ -0,0 +1,12 @@
{
home-manager.users.makefu = {
services.gpg-agent = {
defaultCacheTtl = 900;
maxCacheTtl = 7200;
defaultCacheTtlSsh = 3600;
maxCacheTtlSsh = 86400;
enableSshSupport = true;
};
programs.fzf.enable = true; # alt-c
};
}

7
makefu/2configs/home-manager/default.nix Normal file
View File

@ -0,0 +1,7 @@
{
imports = [
<home-manager/nixos>
];
home-manager.users.makefu = {
};
}

31
makefu/2configs/home-manager/desktop.nix Normal file
View File

@ -0,0 +1,31 @@
{pkgs, ... }: {
home-manager.users.makefu = {
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
services.network-manager-applet.enable = true;
services.blueman-applet.enable = true;
services.pasystray.enable = true;
systemd.user.services.network-manager-applet.Service.Environment = ''
XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache
'';
systemd.user.services.clipit = {
Unit = {
Description = "clipboard manager";
After = [ "graphical-session-pre.target" ];
PartOf = [ "graphical-session.target" ];
};
Install = {
WantedBy = [ "graphical-session.target" ];
};
Service = {
Environment = ''
XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache
'';
ExecStart = "${pkgs.clipit}/bin/clipit";
Restart = "on-abort";
};
};
};
}

46
makefu/2configs/home-manager/mail.nix Normal file
View File

@ -0,0 +1,46 @@
{
home-manager.users.makefu = {
accounts.email.accounts.syntaxfehler = {
address = "felix.richter@syntax-fehler.de";
userName = "Felix.Richter@syntax-fehler.de";
imap = {
host = "syntax-fehler.de";
tls = {
enable = true;
};
};
smtp = {
host = "syntax-fehler.de";
tls = {
enable = true;
};
};
msmtp.enable = true;
notmuch.enable = true;
offlineimap = {
enable = true;
postSyncHookCommand = "notmuch new";
extraConfig.remote = {
holdconnectionopen = true;
idlefolders = "['INBOX']";
};
};
primary = true;
realName = "Felix Richter";
passwordCommand = "gpg --use-agent --quiet --batch -d /home/makefu/.mail/syntax-fehler.gpg";
};
programs.offlineimap.enable = true;
programs.offlineimap.extraConfig = {
mbnames = {
filename = "~/.mutt/muttrc.mailboxes";
header = "'mailboxes '";
peritem = "'+%(accountname)s/%(foldername)s'";
sep = "' '";
footer = "'\\n'";
};
general = {
ui = "TTY.TTYUI";
};
};
};
}

88
makefu/2configs/minimal.nix Normal file
View File

@ -0,0 +1,88 @@
{ lib, pkgs, config, ... }:
# minimal subset of sane configuration for stockholm
{
# nobody needs this
programs.command-not-found.enable = false;
# the only true timezone (even after the the removal of DST)
time.timeZone = "Europe/Berlin";
networking.hostName = config.krebs.build.host.name;
nix.buildCores = config.krebs.build.host.cores;
# we use gpg if necessary (or nothing at all)
programs.ssh.startAgent = false;
# all boxes look the same
nix.useSandbox = true;
# we configure users via nix
users.mutableUsers = false;
# sane firewalling
networking.firewall.rejectPackets = true;
networking.firewall.allowPing = true;
# openssh all the way down
services.openssh.enable = true;
# we use stockholm via populate
nix.nixPath = [ "/var/src" ];
environment.variables = let
ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
in {
NIX_PATH = lib.mkForce "/var/src";
EDITOR = lib.mkForce "vim";
CURL_CA_BUNDLE = ca-bundle;
GIT_SSL_CAINFO = ca-bundle;
SSL_CERT_FILE = ca-bundle;
};
programs.bash = {
interactiveShellInit = ''
HISTCONTROL='erasedups:ignorespace'
HISTSIZE=900001
HISTFILESIZE=$HISTSIZE
shopt -s checkhash
shopt -s histappend histreedit histverify
shopt -s no_empty_cmd_completion
'';
promptInit = ''
case $UID in
0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;;
9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;;
*) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;;
esac
if test -n "$SSH_CLIENT"; then
PS1='\[\033[35m\]\h'" $PS1"
fi
'';
};
# trust the cool guys
networking.timeServers = [
"pool.ntp.org"
"time.nist.gov"
];
# the only locale you will ever need
i18n = {
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};
# suppress chrome autit event messages
security.audit = {
rules = [
"-a task,never"
];
};
# Enable IPv6 Privacy Extensions
boot.kernel.sysctl = {
"net.ipv6.conf.all.use_tempaddr" = 2;
"net.ipv6.conf.default.use_tempaddr" = 2;
};
}

4
makefu/3modules/default.nix
View File

@ -2,17 +2,17 @@ _:
{
imports = [
./state.nix
./populate.nix
./awesome-extra.nix
./deluge.nix
./forward-journal.nix
./opentracker.nix
./ps3netsrv.nix
./logging-config.nix
./populate.nix
./sane-extra.nix
./server-config.nix
./snapraid.nix
./state.nix
./torrent.nix
./udpt.nix
];

7
makefu/3modules/state.nix
View File

@ -6,4 +6,11 @@
description = "state which is currently scattered on the machine";
default = [];
};
config.system.activationScripts.state = lib.optionalString (config.state != []) ''
cat << EOF
This machine is burdened with state:
${lib.concatMapStringsSep "\n" (d: "* ${d}") config.state}
EOF
'';
}

52
makefu/5pkgs/4nxci/default.nix Normal file
View File

@ -0,0 +1,52 @@
{ stdenv, lib, fetchFromGitHub, mbedtls, python2 }:
let
mymbedtls = lib.overrideDerivation mbedtls (old: rec {
name = "mbedtls-${version}";
version = "2.13.0";
src = fetchFromGitHub {
owner = "ARMmbed";
repo = "mbedtls";
rev = name;
sha256 = "1257kp7yxkwwbx5v14kmrmgk1f9zagiddg5alm4wbj0pmgbrm14j";
};
buildInputs = old.buildInputs ++ [ python2 ];
postConfigure = ''
perl scripts/config.pl set MBEDTLS_CMAC_C
'';
doCheck = false;
});
in stdenv.mkDerivation rec {
name = "4nxci-${version}";
version = "1.30";
src = fetchFromGitHub {
owner = "The-4n";
repo = "4NXCI";
rev = "v${version}";
sha256 = "0nrd19z88iahxcdx468lzgxlvkl65smwx8f9s19431cszyhvpxyh";
};
buildPhase = ''
cp config.mk.template config.mk
sed -i 's#\(INCLUDE =\).*#\1${mymbedtls}/include#' Makefile
sed -i 's#\(LIBDIR =\).*#\1${mymbedtls}/lib#' Makefile
make 4nxci
'';
installPhase = ''
install -m755 -D 4nxci $out/bin/4nxci
'';
#preInstall = ''
# mkdir -p $out/bin
#'';
buildInputs = [ mymbedtls ];
meta = {
description = "convert xci to nsp";
license = lib.licenses.isc;
};
}

30
makefu/5pkgs/pavumeter/default.nix Normal file
View File

@ -0,0 +1,30 @@
{ lib, stdenv, fetchurl, libusb, libtool, autoconf, pkgconfig, git,
gettext, automake, libxml2
, autoreconfHook
, lynx
, gtkmm2
, libpulseaudio
, gnome2
, libsigcxx
}:
stdenv.mkDerivation rec {
pname = "pavumeter";
name = "${pname}-${version}";
version = "0.9.3";
src = fetchurl {
url = "http://0pointer.de/lennart/projects/${pname}/${name}.tar.gz";
sha256 = "0yq67w8j8l1xsv8pp37bylax22npd6msbavr6pb25yvyq825i3gx";
};
buildInputs = [ gtkmm2 libpulseaudio gnome2.gnome_icon_theme ];
nativeBuildInputs = [ pkgconfig autoreconfHook lynx ];
meta = {
description = "PulseAudio volumene meter";
homepage = http://0pointer.de/lennart/projects/pavumeter;
license = stdenv.lib.licenses.gpl2;
platforms = stdenv.lib.platforms.linux;
maintainers = with stdenv.lib.maintainers; [ makefu ];
};
}

17
makefu/krops.nix
View File

@ -1,8 +1,5 @@
{ config ? config, name, target ? name }: let
krops = builtins.fetchGit {
url = https://cgit.krebsco.de/krops/;
rev = "4e466eaf05861b47365c5ef46a31a188b70f3615";
};
krops = ../submodules/krops;
nixpkgs-src = lib.importJSON ./nixpkgs.json;
lib = import "${krops}/lib";
@ -20,12 +17,11 @@
nms = false;
arm6 = false;
clever_kexec = false;
home-manager = false;
} // import (./. + "/1systems/${name}/source.nix");
source = { test }: lib.evalSource [
{
# nixos-18.03 @ 2018-08-06
# + do_sqlite3 ruby: 55a952be5b5
# + exfat-nofuse bump: ee6a5296a35
# nixos-18.09 @ 2018-09-18
# + uhub/sqlite: 5dd7610401747
nixpkgs = if test || host-src.full then {
git.ref = nixpkgs-src.rev;
@ -70,6 +66,12 @@
ref = "30fdd53";
};
})
(lib.mkIf ( host-src.home-manager ) {
home-manager.git = {
url = https://github.com/rycee/home-manager;
ref = "6eea2a4";
};
})
];
in {
@ -81,6 +83,7 @@ in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target ? target }: pkgs.krops.writeTest "${name}-test" {
force = true;
inherit target;
source = source { test = true; };
};

1
nin/2configs/games.nix
View File

@ -57,7 +57,6 @@ let
in {
environment.systemPackages = with pkgs; [
dwarf_fortress
doom1
doom2
vdoom1

1
nin/krops.nix
View File

@ -29,6 +29,7 @@ in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
force = true;
inherit target;
source = source { test = true; };
};

1
submodules/krops Submodule

@ -0,0 +1 @@
Subproject commit e2b29654251367545700154ffbac806705dd04c0

4
tv/2configs/xserver/default.nix
View File

@ -45,8 +45,8 @@ in {
displayManager.job.execCmd = mkForce "derp";
enable = true;
display = 11;
tty = 11;
display = mkForce 11;
tty = mkForce 11;
synaptics = {
enable = true;

1
tv/krops.nix
View File

@ -16,6 +16,7 @@
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "tv-krops-${name}-ci" {
force = true;
inherit source target;
};