From 4fa913765646f9964637c1807d5125bac64fb9a8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 14:36:29 +0200 Subject: [PATCH 01/40] 1 lass mors: bump rev --- lass/1systems/mors.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index e7f8d5276..e1408b21e 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -30,7 +30,7 @@ deps = { nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "961fd7b7a0f88dde7dac2f7a4c05ee4e1a25381d"; + rev = "2044542cfe37ddbaa4de93d6e11650c9eb596142"; }; secrets = { url = "/home/lass/secrets/${config.krebs.build.host.name}"; From 8490f398d7fb3d48bc291fcef71d0f4a312f907d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 14:36:56 +0200 Subject: [PATCH 02/40] 1 lass mors: disable old powertop tuneable --- lass/1systems/mors.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index e1408b21e..c2c88e6d7 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -128,7 +128,7 @@ #VM writeback timeout echo '1500' > '/proc/sys/vm/dirty_writeback_centisecs' #Autosuspend for USB device Broadcom Bluetooth Device [Broadcom Corp] - echo 'auto' > '/sys/bus/usb/devices/1-1.4/power/control' + #echo 'auto' > '/sys/bus/usb/devices/1-1.4/power/control' #Autosuspend for USB device Biometric Coprocessor echo 'auto' > '/sys/bus/usb/devices/1-1.3/power/control' From 406754183b5b28b1093aedc73925224d9fdd0028 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 14:38:32 +0200 Subject: [PATCH 03/40] lass 2 base: reject on retiolum --- lass/2configs/base.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 095c7660c..66f86ec7c 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -134,6 +134,7 @@ with lib; { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } + { predicate = "-i retiolum"; target = "REJECT"; precedence = -10000; } ]; }; }; From ca4f1e08d54b39623f716e4ff0a49aaa74acb206 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 14:39:14 +0200 Subject: [PATCH 04/40] lass 2 base: (re)enable mail --- lass/2configs/base.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 66f86ec7c..581e990e7 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -39,6 +39,7 @@ with lib; krebs = { enable = true; search-domain = "retiolum"; + exim-retiolum.enable = true; }; nix.useChroot = true; From de6564e5f5caf394db8fe22d1ecfee22cb6155d3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 15:35:27 +0200 Subject: [PATCH 05/40] krebs 5: add youtube-tools --- krebs/5pkgs/default.nix | 1 + krebs/5pkgs/youtube-tools.nix | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 krebs/5pkgs/youtube-tools.nix diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 89872f1eb..062f0a515 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -13,4 +13,5 @@ pkgs // github-known_hosts = callPackage ./github-known_hosts.nix {}; hashPassword = callPackage ./hashPassword.nix {}; posix-array = callPackage ./posix-array.nix {}; + youtube-tools = callPackage ./youtube-tools.nix {}; } diff --git a/krebs/5pkgs/youtube-tools.nix b/krebs/5pkgs/youtube-tools.nix new file mode 100644 index 000000000..29142b8b9 --- /dev/null +++ b/krebs/5pkgs/youtube-tools.nix @@ -0,0 +1,21 @@ +{ stdenv, fetchgit, ... }: + +stdenv.mkDerivation { + name = "youtube-tools"; + + src = fetchgit { + url = https://github.com/Lassulus/the_playlist; + rev = "323a66775168b6addb3acddaee0a8ff227ea4bd4"; + sha256 = "1y1fs2p3xj2yrqpw0h5kd0f3c5p1y70xk1hjnw99sr33r67s9c35"; + }; + + phases = [ + "unpackPhase" + "installPhase" + ]; + + installPhase = '' + mkdir -p $out/bin + cp bin/* $out/bin/ + ''; +} From f0bce7d3959ef1d438149cb00ac609ad3a92dfa1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 15:35:40 +0200 Subject: [PATCH 06/40] lass 1: bump rev --- lass/1systems/cloudkrebs.nix | 2 +- lass/1systems/mors.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix index 515810e44..6e814e643 100644 --- a/lass/1systems/cloudkrebs.nix +++ b/lass/1systems/cloudkrebs.nix @@ -30,7 +30,7 @@ deps = { nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "1879a011925c561f0a7fd4043da0768bbff41d0b"; + rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90"; }; secrets = { url = "/home/lass/secrets/${config.krebs.build.host.name}"; diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index c2c88e6d7..357ad16e7 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -30,7 +30,7 @@ deps = { nixpkgs = { url = https://github.com/Lassulus/nixpkgs; - rev = "2044542cfe37ddbaa4de93d6e11650c9eb596142"; + rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90"; }; secrets = { url = "/home/lass/secrets/${config.krebs.build.host.name}"; From 7f11bbcfc0b0c53d9d2838d253d7bd48af8a4b7e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Aug 2015 16:18:57 +0200 Subject: [PATCH 07/40] krebs 5 youtube-tools: bump rev --- krebs/5pkgs/youtube-tools.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/youtube-tools.nix b/krebs/5pkgs/youtube-tools.nix index 29142b8b9..d767728be 100644 --- a/krebs/5pkgs/youtube-tools.nix +++ b/krebs/5pkgs/youtube-tools.nix @@ -5,8 +5,8 @@ stdenv.mkDerivation { src = fetchgit { url = https://github.com/Lassulus/the_playlist; - rev = "323a66775168b6addb3acddaee0a8ff227ea4bd4"; - sha256 = "1y1fs2p3xj2yrqpw0h5kd0f3c5p1y70xk1hjnw99sr33r67s9c35"; + rev = "9218b163f2d8bc965b853ed9fc9e13d15a703456"; + sha256 = "ae5db4be652d015a518e57e4ed2de34b9127e77d9272af3049832bb134e96e4d"; }; phases = [ From 0a634d3a993fbf787811130da7383e7ba4b4818a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Aug 2015 17:54:11 +0200 Subject: [PATCH 08/40] krebs 3: make uriel secure --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index f143e64b8..e508b919d 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -272,6 +272,7 @@ let ''; }; }; + secure = true; }; mors = { cores = 2; From 8be991434c07c07e6d2c89717e7ea87fbe0d6c12 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Aug 2015 15:54:58 +0200 Subject: [PATCH 09/40] Zhosts: add Port 53 to gum & flap --- Zhosts/flap | 1 + Zhosts/gum | 1 + 2 files changed, 2 insertions(+) diff --git a/Zhosts/flap b/Zhosts/flap index ea6aace53..8cce0dc92 100644 --- a/Zhosts/flap +++ b/Zhosts/flap @@ -1,4 +1,5 @@ Subnet = 10.243.211.172 +Port = 53 Subnet = 42:472a:3d01:bbe4:4425:567e:592b:065d -----BEGIN RSA PUBLIC KEY----- diff --git a/Zhosts/gum b/Zhosts/gum index 9749f975a..8bf76f2a9 100644 --- a/Zhosts/gum +++ b/Zhosts/gum @@ -1,4 +1,5 @@ Address= 195.154.108.70 +Port = 53 Subnet = 10.243.0.211 Subnet = 42:f9f0:0000:0000:0000:0000:0000:70d2 Aliases = paste From 5a1a36e1f2038df9ef7663f6675a2080a796b579 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Aug 2015 15:57:12 +0200 Subject: [PATCH 10/40] krebs 3: fix uriel's email --- krebs/3modules/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index e508b919d..3d34ddf12 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -308,7 +308,7 @@ let }; uriel = { pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; - mail = "uriel@mors.retiolum"; + mail = "lass@uriel.retiolum"; }; }; }; From ee74d4e5b866d36e9d54a9cbfe033155ae3356d8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Aug 2015 16:09:24 +0200 Subject: [PATCH 11/40] Zhosts: specify ports in new format --- Zhosts/flap | 2 +- Zhosts/gum | 2 +- lass/2configs/retiolum.nix | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Zhosts/flap b/Zhosts/flap index 8cce0dc92..94e6bdc75 100644 --- a/Zhosts/flap +++ b/Zhosts/flap @@ -1,5 +1,5 @@ Subnet = 10.243.211.172 -Port = 53 +Subnet = 10.243.211.172 53 Subnet = 42:472a:3d01:bbe4:4425:567e:592b:065d -----BEGIN RSA PUBLIC KEY----- diff --git a/Zhosts/gum b/Zhosts/gum index 8bf76f2a9..f1eaa4eab 100644 --- a/Zhosts/gum +++ b/Zhosts/gum @@ -1,5 +1,5 @@ Address= 195.154.108.70 -Port = 53 +Address= 195.154.108.70 53 Subnet = 10.243.0.211 Subnet = 42:f9f0:0000:0000:0000:0000:0000:70d2 Aliases = paste diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 2d583a88a..7c7f2b4d4 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -22,6 +22,8 @@ "fastpoke" "cloudkrebs" "pigstarter" + "gum" + "flap" ]; }; } From 5113b24959e52fdab7b40a2f5674af56044cf94d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 22 Aug 2015 16:49:37 +0200 Subject: [PATCH 12/40] lass 2 base: disable ntp --- lass/2configs/base.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 581e990e7..256c29ab1 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -46,6 +46,9 @@ with lib; users.mutableUsers = false; + #why is this on in the first place? + services.ntp.enable = false; + boot.tmpOnTmpfs = true; # see tmpfiles.d(5) systemd.tmpfiles.rules = [ From c9ecb538417d6d75542e56b77103b7679097b30f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Aug 2015 16:51:11 +0200 Subject: [PATCH 13/40] lass: add bitlbee-steam support --- lass/3modules/bitlbee.nix | 153 +++++++++++++++++++++++++++++++++++ lass/5pkgs/bitlbee-dev.nix | 20 +++++ lass/5pkgs/bitlbee-steam.nix | 31 +++++++ lass/5pkgs/bitlbee.nix | 71 ++++++++++++++++ lass/5pkgs/default.nix | 13 +++ 5 files changed, 288 insertions(+) create mode 100644 lass/3modules/bitlbee.nix create mode 100644 lass/5pkgs/bitlbee-dev.nix create mode 100644 lass/5pkgs/bitlbee-steam.nix create mode 100644 lass/5pkgs/bitlbee.nix create mode 100644 lass/5pkgs/default.nix diff --git a/lass/3modules/bitlbee.nix b/lass/3modules/bitlbee.nix new file mode 100644 index 000000000..8ce560146 --- /dev/null +++ b/lass/3modules/bitlbee.nix @@ -0,0 +1,153 @@ +{ config, lib, pkgs, ... }: + + +let + + inherit (lib) + mkIf + mkOption + types + singleton + ; + + authModeCheck = v: + v == "Open" || + v == "Closed" || + v == "Registered" + ; + + bitlbeeConfig = pkgs.writeText "bitlbee.conf" '' + [settings] + RunMode = Daemon + User = bitlbee + ConfigDir = ${cfg.configDir} + DaemonInterface = ${cfg.interface} + DaemonPort = ${toString cfg.portNumber} + AuthMode = ${cfg.authMode} + ${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"} + ${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"} + ${cfg.extraSettings} + + [defaults] + ${cfg.extraDefaults} + ''; + + cfg = config.lass.bitlbee; + + out = { + options.lass.bitlbee = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkOption { + default = false; + description = '' + Whether to run the BitlBee IRC to other chat network gateway. + Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat + networks via an IRC client. + ''; + }; + + interface = mkOption { + default = "127.0.0.1"; + description = '' + The interface the BitlBee deamon will be listening to. If `127.0.0.1', + only clients on the local host can connect to it; if `0.0.0.0', clients + can access it from any network interface. + ''; + }; + + portNumber = mkOption { + default = 6667; + description = '' + Number of the port BitlBee will be listening to. + ''; + }; + + authMode = mkOption { + default = "Open"; + type = types.addCheck types.str authModeCheck; + description = '' + The following authentication modes are available: + Open -- Accept connections from anyone, use NickServ for user authentication. + Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all. + Registered -- Only allow registered users to use this server; this disables the register- and the account command until the user identifies himself. + ''; + }; + + hostName = mkOption { + default = ""; + type = types.str; + description = '' + Normally, BitlBee gets a hostname using getsockname(). If you have a nicer + alias for your BitlBee daemon, you can set it here and BitlBee will identify + itself with that name instead. + ''; + }; + + configDir = mkOption { + default = "/var/lib/bitlbee"; + type = types.path; + description = '' + Specify an alternative directory to store all the per-user configuration + files. + ''; + }; + + protocols = mkOption { + default = ""; + type = types.str; + description = '' + This option allows to remove the support of protocol, even if compiled + in. If nothing is given, there are no restrictions. + ''; + }; + + extraSettings = mkOption { + default = ""; + description = '' + Will be inserted in the Settings section of the config file. + ''; + }; + + extraDefaults = mkOption { + default = ""; + description = '' + Will be inserted in the Default section of the config file. + ''; + }; + + bitlbeePkg = mkOption { + default = pkgs.bitlbee; + description = '' + the bitlbee pkg to use. + ''; + }; + }; + + imp = { + users.extraUsers = singleton { + name = "bitlbee"; + uid = config.ids.uids.bitlbee; + description = "BitlBee user"; + home = "/var/lib/bitlbee"; + createHome = true; + }; + + users.extraGroups = singleton { + name = "bitlbee"; + gid = config.ids.gids.bitlbee; + }; + + systemd.services.bitlbee = { + description = "BitlBee IRC to other chat networks gateway"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig.User = "bitlbee"; + serviceConfig.ExecStart = "${cfg.bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}"; + }; + }; + +in +out diff --git a/lass/5pkgs/bitlbee-dev.nix b/lass/5pkgs/bitlbee-dev.nix new file mode 100644 index 000000000..dd129591e --- /dev/null +++ b/lass/5pkgs/bitlbee-dev.nix @@ -0,0 +1,20 @@ +{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python }: + +stdenv.mkDerivation rec { + name = "bitlbee-3.4.1"; + + src = fetchurl { + url = "mirror://bitlbee/src/${name}.tar.gz"; + sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh"; + }; + + buildInputs = [ gnutls glib pkgconfig libotr python ]; + + buildPhase = ""; + + installPhase = '' + make install-dev + ''; + +} + diff --git a/lass/5pkgs/bitlbee-steam.nix b/lass/5pkgs/bitlbee-steam.nix new file mode 100644 index 000000000..d869eaac5 --- /dev/null +++ b/lass/5pkgs/bitlbee-steam.nix @@ -0,0 +1,31 @@ +{ stdenv, fetchgit, autoconf, automake, bitlbee-dev, glib, libgcrypt, libtool, pkgconfig }: + +stdenv.mkDerivation rec { + name = "bitlbee-steam-1.3.1"; + + src = fetchgit { + url = "https://github.com/jgeboski/bitlbee-steam"; + rev = "439d777c7e8d06712ffc15c3e51d61799f4c0d0c"; + sha256 = "493924da1083a3b23073c595a9e1989a7ae09a196524ad66ca99c4d8ccc20d2a"; + }; + + buildInputs = [ + autoconf + automake + bitlbee-dev + glib + libgcrypt + libtool + pkgconfig + ]; + + configurePhase = '' + ./autogen.sh + ''; + + installPhase = '' + mkdir -p $out + cp steam/.libs/steam.la $out/ + cp steam/.libs/steam.so $out/ + ''; +} diff --git a/lass/5pkgs/bitlbee.nix b/lass/5pkgs/bitlbee.nix new file mode 100644 index 000000000..2a5a8d86d --- /dev/null +++ b/lass/5pkgs/bitlbee.nix @@ -0,0 +1,71 @@ +{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python + , bitlbee-facebook ? null + , bitlbee-steam ? null +}: + +with stdenv.lib; +stdenv.mkDerivation rec { + name = "bitlbee-3.4.1"; + + src = fetchurl { + url = "mirror://bitlbee/src/${name}.tar.gz"; + sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh"; + }; + + + buildInputs = [ gnutls glib pkgconfig libotr python ] + ++ optional doCheck check; + + configureFlags = [ + "--gcov=1" + "--otr=1" + "--ssl=gnutls" + ]; + + postBuild = '' + ${if (bitlbee-steam != null) then + '' + mkdir -p $out/lib/bitlbee/ + find ${bitlbee-steam} + cp ${bitlbee-steam}/* $out/lib/bitlbee/ + '' + else + "" + } + ''; + #${concatMapStringsSep "\n" ([] ++ + # (if (bitlbee-facebook != null) then + # "cp ${bitlbee-faceook}/* $out/" + # else + # "" + # ) ++ + # (if (bitlbee-steam != null) then + # "cp ${bitlbee-steam}/* $out/" + # else + # "" + # ) + #)} + + doCheck = true; + + meta = { + description = "IRC instant messaging gateway"; + + longDescription = '' + BitlBee brings IM (instant messaging) to IRC clients. It's a + great solution for people who have an IRC client running all the + time and don't want to run an additional MSN/AIM/whatever + client. + + BitlBee currently supports the following IM networks/protocols: + XMPP/Jabber (including Google Talk), MSN Messenger, Yahoo! + Messenger, AIM and ICQ. + ''; + + homepage = http://www.bitlbee.org/; + license = licenses.gpl2Plus; + + maintainers = with maintainers; [ wkennington pSub ]; + platforms = platforms.gnu; # arbitrary choice + }; +} diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix new file mode 100644 index 000000000..c776262ff --- /dev/null +++ b/lass/5pkgs/default.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +let + inherit (pkgs) callPackage; + kpkgs = import ../../krebs/5pkgs { inherit pkgs; }; +in + +kpkgs // +rec { + bitlbee-dev = callPackage ./bitlbee-dev.nix {}; + bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; }; + bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; }; +} From 8247a5a618d6b0fc3688077fe36508b8bf88dcc3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Aug 2015 16:51:51 +0200 Subject: [PATCH 14/40] lass 2: add bitlbee --- lass/1systems/mors.nix | 3 ++- lass/2configs/bitlbee.nix | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 lass/2configs/bitlbee.nix diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 357ad16e7..19d7030d6 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -15,12 +15,13 @@ ../2configs/wine.nix ../2configs/texlive.nix ../2configs/binary-caches.nix - ../2configs/ircd.nix + #../2configs/ircd.nix ../2configs/chromium-patched.nix ../2configs/new-repos.nix #../../2configs/tv/synaptics.nix ../2configs/retiolum.nix ../2configs/wordpress.nix + ../2configs/bitlbee.nix ]; krebs.build = { diff --git a/lass/2configs/bitlbee.nix b/lass/2configs/bitlbee.nix new file mode 100644 index 000000000..3a0080402 --- /dev/null +++ b/lass/2configs/bitlbee.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: + +let + lpkgs = import ../5pkgs { inherit pkgs; }; +in { + + imports = [ + ../3modules/bitlbee.nix + ]; + + config.lass.bitlbee = { + enable = true; + bitlbeePkg = lpkgs.bitlbee; + }; +} From 2db4f7f0af42800aa7a9ae7fc70cd1f1a5d03dab Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Aug 2015 13:21:42 +0200 Subject: [PATCH 15/40] lass 2 new-repos: allow secret collaborateurs --- lass/2configs/new-repos.nix | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/lass/2configs/new-repos.nix b/lass/2configs/new-repos.nix index 64e9a7f14..026f9a665 100644 --- a/lass/2configs/new-repos.nix +++ b/lass/2configs/new-repos.nix @@ -1,6 +1,7 @@ { config, lib, pkgs, ... }: with import ../../tv/4lib { inherit lib pkgs; }; + let out = { @@ -8,14 +9,14 @@ let enable = true; root-title = "public repositories at ${config.krebs.build.host.name}"; root-desc = "keep calm and engage"; - inherit repos rules; + repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; + rules = rules; }; }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) ( + repos = public-repos // - optionalAttrs config.krebs.build.host.secure restricted-repos - ); + optionalAttrs config.krebs.build.host.secure restricted-repos; rules = concatMap make-rules (attrValues repos); @@ -50,8 +51,8 @@ let }; }; - make-restricted-repo = name: { desc ? null, ... }: { - inherit name desc; + make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: { + inherit name collaborators desc; public = false; }; From 75aad3ac9680a5fb6fcf9f8002639cf64935bf45 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Aug 2015 15:50:39 +0200 Subject: [PATCH 16/40] lass: move nixpkgs.rev to base --- lass/1systems/cloudkrebs.nix | 4 ---- lass/1systems/mors.nix | 4 ---- lass/1systems/uriel.nix | 4 ---- lass/2configs/base.nix | 4 ++++ 4 files changed, 4 insertions(+), 12 deletions(-) diff --git a/lass/1systems/cloudkrebs.nix b/lass/1systems/cloudkrebs.nix index 6e814e643..7c95e0f87 100644 --- a/lass/1systems/cloudkrebs.nix +++ b/lass/1systems/cloudkrebs.nix @@ -28,10 +28,6 @@ target = "root@cloudkrebs"; host = config.krebs.hosts.cloudkrebs; deps = { - nixpkgs = { - url = https://github.com/Lassulus/nixpkgs; - rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90"; - }; secrets = { url = "/home/lass/secrets/${config.krebs.build.host.name}"; }; diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 19d7030d6..d07fe14d9 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -29,10 +29,6 @@ target = "root@mors"; host = config.krebs.hosts.mors; deps = { - nixpkgs = { - url = https://github.com/Lassulus/nixpkgs; - rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90"; - }; secrets = { url = "/home/lass/secrets/${config.krebs.build.host.name}"; }; diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index 041b891b6..7c3d08123 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -28,10 +28,6 @@ with builtins; target = "root@uriel"; host = config.krebs.hosts.uriel; deps = { - nixpkgs = { - url = https://github.com/Lassulus/nixpkgs; - rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90"; - }; secrets = { url = "/home/lass/secrets/${config.krebs.build.host.name}"; }; diff --git a/lass/2configs/base.nix b/lass/2configs/base.nix index 256c29ab1..d44a19c1e 100644 --- a/lass/2configs/base.nix +++ b/lass/2configs/base.nix @@ -40,6 +40,10 @@ with lib; enable = true; search-domain = "retiolum"; exim-retiolum.enable = true; + build.deps.nixpkgs = { + url = https://github.com/Lassulus/nixpkgs; + rev = "58a82ff50b8605b88a8f66481d8c85bf8ab53be3"; + }; }; nix.useChroot = true; From 8063be1b3798a3aa8f488dd7025adc6adcdf013b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Aug 2015 15:51:08 +0200 Subject: [PATCH 17/40] install only texLive --- lass/2configs/texlive.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/texlive.nix b/lass/2configs/texlive.nix index 295df31cd..18d72297d 100644 --- a/lass/2configs/texlive.nix +++ b/lass/2configs/texlive.nix @@ -2,6 +2,6 @@ { environment.systemPackages = with pkgs; [ - (pkgs.texLiveAggregationFun { paths = [ pkgs.texLive pkgs.texLiveFull ]; }) + texLive ]; } From 36c79341f75bd13b78ce86383bec6c19b86fc25a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Aug 2015 15:51:45 +0200 Subject: [PATCH 18/40] lass 2 virtualbox: new api call --- lass/2configs/virtualbox.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/virtualbox.nix b/lass/2configs/virtualbox.nix index 026203124..ad7ac1429 100644 --- a/lass/2configs/virtualbox.nix +++ b/lass/2configs/virtualbox.nix @@ -4,7 +4,7 @@ let mainUser = config.users.extraUsers.mainUser; in { - services.virtualboxHost.enable = true; + virtualisation.virtualbox.host.enable = true; users.extraUsers = { virtual = { From e8da585cfaf78e060d62df0d0bc7dbd9720496c3 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Aug 2015 20:35:50 +0200 Subject: [PATCH 19/40] krebs pkgs nq: init at 0eae839cb1 --- krebs/5pkgs/default.nix | 1 + krebs/5pkgs/nq.nix | 16 ++++++++++++++++ tv/1systems/wu.nix | 1 + 3 files changed, 18 insertions(+) create mode 100644 krebs/5pkgs/nq.nix diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 89872f1eb..2149b6f10 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -12,5 +12,6 @@ pkgs // github-hosts-sync = callPackage ./github-hosts-sync.nix {}; github-known_hosts = callPackage ./github-known_hosts.nix {}; hashPassword = callPackage ./hashPassword.nix {}; + nq = callPackage ./nq.nix {}; posix-array = callPackage ./posix-array.nix {}; } diff --git a/krebs/5pkgs/nq.nix b/krebs/5pkgs/nq.nix new file mode 100644 index 000000000..0f397a43c --- /dev/null +++ b/krebs/5pkgs/nq.nix @@ -0,0 +1,16 @@ +{ fetchgit, stdenv }: + +stdenv.mkDerivation rec { + name = "nq-${rev}"; + rev = "0eae839cb1"; + + src = fetchgit { + url = https://github.com/chneukirchen/nq; + inherit rev; + sha256 = "1150274750cde934932d65bd6053d7a0ba2404a59eadfb87fc6bd8a4fb70febb"; + }; + + configurePhase = '' + sed -i "s:^PREFIX=.*:PREFIX=$out:" Makefile + ''; +} diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 2233b48d1..e48da90ad 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -92,6 +92,7 @@ in tmux tvpkgs.cac tvpkgs.dic + tvpkgs.nq zathura #ack From 0714ed3ea6c889c0576edd8075dc7c2b50d3e8b5 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 27 Aug 2015 20:40:39 +0200 Subject: [PATCH 20/40] tv charybdis: disable_auth = yes --- tv/2configs/charybdis.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/2configs/charybdis.nix b/tv/2configs/charybdis.nix index bf45bf294..a2952219d 100644 --- a/tv/2configs/charybdis.nix +++ b/tv/2configs/charybdis.nix @@ -590,6 +590,7 @@ let throttle_count = 4; max_ratelimit_tokens = 30; away_interval = 30; + disable_auth = yes; }; modules { From fb41fe76c6fb0b460498228032f1fdbd7290ae46 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Aug 2015 16:30:11 +0200 Subject: [PATCH 21/40] lass 3: add per-user --- lass/3modules/per-user.nix | 54 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 lass/3modules/per-user.nix diff --git a/lass/3modules/per-user.nix b/lass/3modules/per-user.nix new file mode 100644 index 000000000..98d6339db --- /dev/null +++ b/lass/3modules/per-user.nix @@ -0,0 +1,54 @@ +{ config, lib, pkgs, ... }: + +with builtins; +with lib; +let + cfg = config.lass.per-user; + + out = { + options.lass.per-user = api; + config = imp; + }; + + api = mkOption { + type = with types; attrsOf (submodule { + options = { + packages = mkOption { + type = listOf path; + default = []; + }; + }; + }); + default = {}; + }; + + imp = { + # + # TODO only shellInit and use well-known paths + # + environment.shellInit = '' + if test -e ${user-profiles}/"$LOGNAME"; then + . ${user-profiles}/"$LOGNAME" + fi + ''; + environment.interactiveShellInit = '' + if test -e ${user-profiles}/"$LOGNAME"; then + . ${user-profiles}/"$LOGNAME" + fi + ''; + environment.profileRelativeEnvVars.PATH = mkForce [ "/bin" ]; + }; + + user-profiles = pkgs.runCommand "user-profiles" {} '' + mkdir $out + ${concatStrings (mapAttrsToList (logname: { packages, ... }: '' + cat > $out/${logname} <<\EOF + ${optionalString (length packages > 0) ( + let path = makeSearchPath "bin" packages; in + ''export PATH="$PATH":${escapeShellArg path}'' + )} + EOF + '') cfg)} + ''; + +in out From bf69b0c03f1e380b127815c2263f1dac5c9d9165 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Aug 2015 16:30:36 +0200 Subject: [PATCH 22/40] lass 4: add simpleScript --- lass/4lib/default.nix | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 lass/4lib/default.nix diff --git a/lass/4lib/default.nix b/lass/4lib/default.nix new file mode 100644 index 000000000..21a083d1a --- /dev/null +++ b/lass/4lib/default.nix @@ -0,0 +1,20 @@ +{ lib, pkgs, ... }: + +let + krebs = import ../../krebs/4lib { inherit lib; }; +in + +with krebs; + +krebs // rec { + + simpleScript = name: content: + pkgs.stdenv.mkDerivation { + inherit name; + phases = [ "installPhase" ]; + installPhase = '' + mkdir -p $out/bin + ln -s ${pkgs.writeScript name content} $out/bin/${name} + ''; + }; +} From ecae9b59753c13ea5bff57a6f7c44086c77844d6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 28 Aug 2015 16:31:05 +0200 Subject: [PATCH 23/40] lass 2 browsers: refactor --- lass/2configs/browsers.nix | 93 ++++++++++++++++---------------------- 1 file changed, 38 insertions(+), 55 deletions(-) diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 8aecea925..9849c829a 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,67 +1,50 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: let + inherit (import ../4lib { inherit pkgs lib; }) simpleScript; + mainUser = config.users.extraUsers.mainUser; + createBrowserUser = name: extraGroups: packages: + { + users.extraUsers = { + ${name} = { + inherit name; + inherit extraGroups; + home = "/home/${name}"; + useDefaultShell = true; + createHome = true; + }; + }; + lass.per-user.${name}.packages = packages; + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(${name}) NOPASSWD: ALL + ''; + environment.systemPackages = [ + (simpleScript name '' + sudo -u ${name} -i chromium $@ + '') + ]; + }; in { + imports = [ + ../3modules/per-user.nix + ] ++ [ + ( createBrowserUser "ff" [ "audio" ] [ pkgs.firefox ] ) + ( createBrowserUser "cr" [ "audio" ] [ pkgs.chromium ] ) + ( createBrowserUser "fb" [ ] [ pkgs.chromium ] ) + ( createBrowserUser "gm" [ ] [ pkgs.chromium ] ) + ( createBrowserUser "flash" [ ] [ pkgs.flash ] ) + ]; + nixpkgs.config.packageOverrides = pkgs : { + flash = pkgs.chromium.override { + pulseSupport = true; + enablePepperFlash = true; + }; chromium = pkgs.chromium.override { pulseSupport = true; }; }; - - environment.systemPackages = with pkgs; [ - firefox - ]; - - users.extraUsers = { - firefox = { - name = "firefox"; - description = "user for running firefox"; - home = "/home/firefox"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - chromium = { - name = "chromium"; - description = "user for running chromium"; - home = "/home/chromium"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - facebook = { - name = "facebook"; - description = "user for running facebook in chromium"; - home = "/home/facebook"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - google = { - name = "google"; - description = "user for running google+/gmail in chromium"; - home = "/home/google"; - useDefaultShell = true; - createHome = true; - }; - flash = { - name = "flash"; - description = "user for running flash stuff"; - home = "/home/flash"; - useDefaultShell = true; - extraGroups = [ "audio" ]; - createHome = true; - }; - }; - - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(firefox) NOPASSWD: ALL - ${mainUser.name} ALL=(chromium) NOPASSWD: ALL - ${mainUser.name} ALL=(facebook) NOPASSWD: ALL - ${mainUser.name} ALL=(google) NOPASSWD: ALL - ${mainUser.name} ALL=(flash) NOPASSWD: ALL - ''; } From 015720ef89b81d3d17b3aa7dcaa1e1489c0f87a8 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 20:09:54 +0200 Subject: [PATCH 24/40] {tv/4lib shell-escape,krebs/4lib/shell.nix escape} --- krebs/4lib/default.nix | 1 + krebs/4lib/shell.nix | 15 +++++++++++++++ tv/4lib/default.nix | 9 +-------- 3 files changed, 17 insertions(+), 8 deletions(-) create mode 100644 krebs/4lib/shell.nix diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix index b67585335..8b587dfb2 100644 --- a/krebs/4lib/default.nix +++ b/krebs/4lib/default.nix @@ -14,5 +14,6 @@ builtins // lib // rec { dns = import ./dns.nix { inherit lib; }; listset = import ./listset.nix { inherit lib; }; + shell = import ./shell.nix { inherit lib; }; tree = import ./tree.nix { inherit lib; }; } diff --git a/krebs/4lib/shell.nix b/krebs/4lib/shell.nix new file mode 100644 index 000000000..48b220f87 --- /dev/null +++ b/krebs/4lib/shell.nix @@ -0,0 +1,15 @@ +{ lib, ... }: + +with builtins; +with lib; + +rec { + escape = + let + isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null; + in + stringAsChars (c: + if isSafeChar c then c + else if c == "\n" then "'\n'" + else "\\${c}"); +} diff --git a/tv/4lib/default.nix b/tv/4lib/default.nix index 352689af4..106535ba2 100644 --- a/tv/4lib/default.nix +++ b/tv/4lib/default.nix @@ -16,12 +16,5 @@ krebs // rec { # "7.4.335" -> "74" majmin = with lib; x : concatStrings (take 2 (splitString "." x)); - shell-escape = - let - isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null; - in - stringAsChars (c: - if isSafeChar c then c - else if c == "\n" then "'\n'" - else "\\${c}"); + shell-escape = krebs.shell.escape; } From f6997378c91be84432703183397f8675143030e9 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 20:11:03 +0200 Subject: [PATCH 25/40] krebs shell: add cat --- krebs/4lib/shell.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/krebs/4lib/shell.nix b/krebs/4lib/shell.nix index 48b220f87..2a6da5c16 100644 --- a/krebs/4lib/shell.nix +++ b/krebs/4lib/shell.nix @@ -12,4 +12,11 @@ rec { if isSafeChar c then c else if c == "\n" then "'\n'" else "\\${c}"); + + # + # shell script generators + # + + # example: "${cat (toJSON { foo = "bar"; })} | jq -r .foo" + cat = s: "printf '%s' ${escape s}"; } From c1aaaca7f7febe0c587342ae74e7045bb9a67c5a Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 21:31:59 +0200 Subject: [PATCH 26/40] krebs += pkgs.writeC lib.toC --- krebs/4lib/default.nix | 6 ++++++ krebs/5pkgs/default.nix | 13 ++++++++++++- tv/1systems/wu.nix | 2 +- tv/2configs/mail-client.nix | 4 ++-- tv/5pkgs/default.nix | 4 ++-- 5 files changed, 23 insertions(+), 6 deletions(-) diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix index 8b587dfb2..ca7219c7e 100644 --- a/krebs/4lib/default.nix +++ b/krebs/4lib/default.nix @@ -16,4 +16,10 @@ builtins // lib // rec { listset = import ./listset.nix { inherit lib; }; shell = import ./shell.nix { inherit lib; }; tree = import ./tree.nix { inherit lib; }; + + toC = x: { + list = "{ ${concatStringsSep ", " (map toC x)} }"; + null = "NULL"; + string = toJSON x; # close enough + }.${typeOf x}; } diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 2149b6f10..c8fb1d2d7 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ lib, pkgs, ... }: let inherit (pkgs) callPackage; @@ -14,4 +14,15 @@ pkgs // hashPassword = callPackage ./hashPassword.nix {}; nq = callPackage ./nq.nix {}; posix-array = callPackage ./posix-array.nix {}; + + writeC = name: {}: src: pkgs.runCommand name {} '' + PATH=${lib.makeSearchPath "bin" (with pkgs; [ + binutils + coreutils + gcc + ])} + in=${pkgs.writeText "${name}.c" src} + gcc -O -Wall -o $out $in + strip --strip-unneeded $out + ''; } diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index e48da90ad..6131897a7 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -3,7 +3,7 @@ with lib; let - tvpkgs = import ../5pkgs { inherit pkgs; }; + tvpkgs = import ../5pkgs { inherit lib pkgs; }; in { diff --git a/tv/2configs/mail-client.nix b/tv/2configs/mail-client.nix index a632cf7c4..1daacdb4c 100644 --- a/tv/2configs/mail-client.nix +++ b/tv/2configs/mail-client.nix @@ -1,6 +1,6 @@ -{ pkgs, ... }: +{ lib, pkgs, ... }: -with import ../5pkgs { inherit pkgs; }; +with import ../5pkgs { inherit lib pkgs; }; { environment.systemPackages = [ diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 7b5d10a60..a0a22df9f 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -1,8 +1,8 @@ -{ pkgs, ... }: +{ lib, pkgs, ... }: let inherit (pkgs) callPackage; - kpkgs = import ../../krebs/5pkgs { inherit pkgs; }; + kpkgs = import ../../krebs/5pkgs { inherit lib pkgs; }; in kpkgs // { From 8827469a35852a0623d8353c22b481a15328254a Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 21:43:16 +0200 Subject: [PATCH 27/40] krebs pkgs += execve --- krebs/5pkgs/default.nix | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index c8fb1d2d7..406bd15eb 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,11 +1,13 @@ { lib, pkgs, ... }: +with import ../4lib { inherit lib; }; + let inherit (pkgs) callPackage; in pkgs // -{ +rec { cac = callPackage ./cac.nix {}; dic = callPackage ./dic.nix {}; genid = callPackage ./genid.nix {}; @@ -15,6 +17,20 @@ pkgs // nq = callPackage ./nq.nix {}; posix-array = callPackage ./posix-array.nix {}; + execve = name: { filename, argv, envp }: + writeC name {} '' + #include + int main () { + const char *filename = ${toC filename}; + char *const argv[] = ${toC (argv ++ [null])}; + char *const envp[] = ${toC ( + mapAttrsToList (k: v: "${k}=${v}") envp ++ [null] + )}; + execve(filename, argv, envp); + return -1; + } + ''; + writeC = name: {}: src: pkgs.runCommand name {} '' PATH=${lib.makeSearchPath "bin" (with pkgs; [ binutils From 62865ae6ae46e006cea7ee80b931fc5be27d3449 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 21:48:29 +0200 Subject: [PATCH 28/40] tv configs test: init --- tv/1systems/wu.nix | 1 + tv/2configs/test.nix | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 tv/2configs/test.nix diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 6131897a7..34ba5651e 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -33,6 +33,7 @@ in ../2configs/mail-client.nix ../2configs/xserver.nix ../2configs/synaptics.nix # TODO w110er if xserver is enabled + ../2configs/test.nix ../2configs/urlwatch.nix { environment.systemPackages = with pkgs; [ diff --git a/tv/2configs/test.nix b/tv/2configs/test.nix new file mode 100644 index 000000000..f96b9e98e --- /dev/null +++ b/tv/2configs/test.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with import ../4lib { inherit lib pkgs; }; + +let + tvpkgs = import ../5pkgs { inherit lib pkgs; }; + + out = { + security.sudo.extraConfig = '' + tv ALL=(test) NOPASSWD: ALL + ''; + users.extraUsers.test = { + shell = "${test-shell}"; + }; + }; + + test-shell = tvpkgs.execve "test-shell" rec { + filename = "${pkgs.bash}/bin/bash"; + argv = ["sh" "--noprofile" "-l"]; + envp.ENV = pkgs.writeText "test-env" '' + ${shell.cat "Hello, `$(j0w\nd0g!)`!\\o/\n"} >&2 + ''; + }; + +in out From 642c761bd015f5766a75cf5688b50d42efdb96c3 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 22:13:17 +0200 Subject: [PATCH 29/40] krebs pkgs += execveBin --- krebs/5pkgs/default.nix | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 3658c43e0..54604382f 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -18,8 +18,8 @@ rec { posix-array = callPackage ./posix-array.nix {}; youtube-tools = callPackage ./youtube-tools.nix {}; - execve = name: { filename, argv, envp }: - writeC name {} '' + execve = name: { filename, argv, envp ? {}, destination ? "" }: + writeC name { inherit destination; } '' #include int main () { const char *filename = ${toC filename}; @@ -32,14 +32,18 @@ rec { } ''; - writeC = name: {}: src: pkgs.runCommand name {} '' + execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; }); + + writeC = name: { destination ? "" }: src: pkgs.runCommand name {} '' PATH=${lib.makeSearchPath "bin" (with pkgs; [ binutils coreutils gcc ])} - in=${pkgs.writeText "${name}.c" src} - gcc -O -Wall -o $out $in - strip --strip-unneeded $out + src=${pkgs.writeText "${name}.c" src} + exe=$out${destination} + mkdir -p "$(dirname "$exe")" + gcc -O -Wall -o "$exe" $src + strip --strip-unneeded "$exe" ''; } From 8e5137481852df6fb5488296a7081b5180e6954f Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 22:14:34 +0200 Subject: [PATCH 30/40] tv configs test: systemPackages += su-test --- tv/2configs/test.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tv/2configs/test.nix b/tv/2configs/test.nix index f96b9e98e..fa556ec78 100644 --- a/tv/2configs/test.nix +++ b/tv/2configs/test.nix @@ -6,6 +6,9 @@ let tvpkgs = import ../5pkgs { inherit lib pkgs; }; out = { + environment.systemPackages = [ + su-test + ]; security.sudo.extraConfig = '' tv ALL=(test) NOPASSWD: ALL ''; @@ -14,6 +17,11 @@ let }; }; + su-test = tvpkgs.execveBin "su-test" rec { + filename = "/var/setuid-wrappers/sudo"; + argv = ["sudo" "-u" "test" "-i"]; + }; + test-shell = tvpkgs.execve "test-shell" rec { filename = "${pkgs.bash}/bin/bash"; argv = ["sh" "--noprofile" "-l"]; From 144fcda288eb050153620c386511c7722e031029 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 28 Aug 2015 22:27:23 +0200 Subject: [PATCH 31/40] {tv,krebs}: import krebs pkgs with lib --- krebs/3modules/github-hosts-sync.nix | 2 +- tv/1systems/cd.nix | 2 +- tv/2configs/charybdis.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 0274b9d15..207b937de 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -78,6 +78,6 @@ let uid = 3220554646; # genid github-hosts-sync }; - kpkgs = import ../../krebs/5pkgs { inherit pkgs; }; + kpkgs = import ../../krebs/5pkgs { inherit lib pkgs; }; in out diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 9f412d9b8..8d6ac957a 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -3,7 +3,7 @@ with lib; let - tvpkgs = import ../5pkgs { inherit pkgs; }; + tvpkgs = import ../5pkgs { inherit lib pkgs; }; in { diff --git a/tv/2configs/charybdis.nix b/tv/2configs/charybdis.nix index a2952219d..6be6c02c6 100644 --- a/tv/2configs/charybdis.nix +++ b/tv/2configs/charybdis.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - tvpkgs = import ../5pkgs { inherit pkgs; }; + tvpkgs = import ../5pkgs { inherit lib pkgs; }; in with builtins; From 81eaf7a9e7b083c169828590d0d848cf933b32e0 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 00:17:25 +0200 Subject: [PATCH 32/40] one pkgs to rule them all --- default.nix | 6 ++++++ krebs/3modules/github-hosts-sync.nix | 6 ++---- krebs/5pkgs/default.nix | 1 - 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/default.nix b/default.nix index 59a76f81b..875f0d5b4 100644 --- a/default.nix +++ b/default.nix @@ -8,6 +8,12 @@ let "${user-name}/1systems/${system-name}.nix" "${user-name}/3modules" "krebs/3modules" + ] ++ [ + ({ lib, pkgs, ... }: { + _module.args.pkgs = + (import ./krebs/5pkgs { inherit lib pkgs; }) // + (import (./. + "/${user-name}/5pkgs") { inherit lib pkgs; }); + }) ]; }; diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 207b937de..dbc0cc1de 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -61,9 +61,9 @@ let ${cfg.ssh-identity-file} \ "$ssh_identity_file_target" - ln -snf ${kpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts + ln -snf ${pkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts ''; - ExecStart = "${kpkgs.github-hosts-sync}/bin/github-hosts-sync"; + ExecStart = "${pkgs.github-hosts-sync}/bin/github-hosts-sync"; }; }; @@ -77,7 +77,5 @@ let name = "github-hosts-sync"; uid = 3220554646; # genid github-hosts-sync }; - - kpkgs = import ../../krebs/5pkgs { inherit lib pkgs; }; in out diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 54604382f..2f7a24ed2 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -6,7 +6,6 @@ let inherit (pkgs) callPackage; in -pkgs // rec { cac = callPackage ./cac.nix {}; dic = callPackage ./dic.nix {}; From 09257f97823e9a57cda749c2d5a69b18ef484cec Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 00:19:52 +0200 Subject: [PATCH 33/40] tv: use only pkgs --- tv/1systems/cd.nix | 6 +----- tv/1systems/wu.nix | 16 ++++++---------- tv/2configs/charybdis.nix | 6 +----- tv/2configs/mail-client.nix | 5 ++--- tv/2configs/test.nix | 6 ++---- tv/5pkgs/default.nix | 5 ++--- 6 files changed, 14 insertions(+), 30 deletions(-) diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 8d6ac957a..0049387be 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -2,10 +2,6 @@ with lib; -let - tvpkgs = import ../5pkgs { inherit lib pkgs; }; -in - { krebs.build.host = config.krebs.hosts.cd; krebs.build.user = config.krebs.users.tv; @@ -136,7 +132,7 @@ in server-names = singleton "viljetic.de"; # TODO directly set root (instead via location) locations = singleton (nameValuePair "/" '' - root ${tvpkgs.viljetic-pages}; + root ${pkgs.viljetic-pages}; ''); }; } diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 34ba5651e..622fd721a 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -2,10 +2,6 @@ with lib; -let - tvpkgs = import ../5pkgs { inherit lib pkgs; }; -in - { krebs.build.host = config.krebs.hosts.wu; krebs.build.user = config.krebs.users.tv; @@ -39,12 +35,12 @@ in environment.systemPackages = with pkgs; [ # stockholm + genid git gnumake + hashPassword + lentil parallel - tvpkgs.genid - tvpkgs.hashPassword - tvpkgs.lentil (pkgs.writeScriptBin "ff" '' #! ${pkgs.bash}/bin/bash exec sudo -u ff -i < Date: Sat, 29 Aug 2015 00:36:50 +0200 Subject: [PATCH 34/40] krebs pkgs += charybdis lentil much While there, put everything into subdirectories. --- krebs/5pkgs/{cac.nix => cac/default.nix} | 0 {tv => krebs}/5pkgs/charybdis/default.nix | 0 .../5pkgs/charybdis/remove-setenv.patch | 0 krebs/5pkgs/default.nix | 21 +++++++++++-------- krebs/5pkgs/{dic.nix => dic/default.nix} | 0 krebs/5pkgs/{genid.nix => genid/default.nix} | 0 .../default.nix} | 0 .../default.nix} | 0 .../default.nix} | 0 {tv => krebs}/5pkgs/lentil/default.nix | 0 {tv => krebs}/5pkgs/lentil/syntaxes.patch | 0 .../much.nix => krebs/5pkgs/much/default.nix | 0 krebs/5pkgs/{nq.nix => nq/default.nix} | 0 .../default.nix} | 0 .../default.nix} | 0 tv/5pkgs/default.nix | 3 --- 16 files changed, 12 insertions(+), 12 deletions(-) rename krebs/5pkgs/{cac.nix => cac/default.nix} (100%) rename {tv => krebs}/5pkgs/charybdis/default.nix (100%) rename {tv => krebs}/5pkgs/charybdis/remove-setenv.patch (100%) rename krebs/5pkgs/{dic.nix => dic/default.nix} (100%) rename krebs/5pkgs/{genid.nix => genid/default.nix} (100%) rename krebs/5pkgs/{github-hosts-sync.nix => github-hosts-sync/default.nix} (100%) rename krebs/5pkgs/{github-known_hosts.nix => github-known_hosts/default.nix} (100%) rename krebs/5pkgs/{hashPassword.nix => hashPassword/default.nix} (100%) rename {tv => krebs}/5pkgs/lentil/default.nix (100%) rename {tv => krebs}/5pkgs/lentil/syntaxes.patch (100%) rename tv/5pkgs/much.nix => krebs/5pkgs/much/default.nix (100%) rename krebs/5pkgs/{nq.nix => nq/default.nix} (100%) rename krebs/5pkgs/{posix-array.nix => posix-array/default.nix} (100%) rename krebs/5pkgs/{youtube-tools.nix => youtube-tools/default.nix} (100%) diff --git a/krebs/5pkgs/cac.nix b/krebs/5pkgs/cac/default.nix similarity index 100% rename from krebs/5pkgs/cac.nix rename to krebs/5pkgs/cac/default.nix diff --git a/tv/5pkgs/charybdis/default.nix b/krebs/5pkgs/charybdis/default.nix similarity index 100% rename from tv/5pkgs/charybdis/default.nix rename to krebs/5pkgs/charybdis/default.nix diff --git a/tv/5pkgs/charybdis/remove-setenv.patch b/krebs/5pkgs/charybdis/remove-setenv.patch similarity index 100% rename from tv/5pkgs/charybdis/remove-setenv.patch rename to krebs/5pkgs/charybdis/remove-setenv.patch diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 2f7a24ed2..71bee3fa2 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -7,15 +7,18 @@ let in rec { - cac = callPackage ./cac.nix {}; - dic = callPackage ./dic.nix {}; - genid = callPackage ./genid.nix {}; - github-hosts-sync = callPackage ./github-hosts-sync.nix {}; - github-known_hosts = callPackage ./github-known_hosts.nix {}; - hashPassword = callPackage ./hashPassword.nix {}; - nq = callPackage ./nq.nix {}; - posix-array = callPackage ./posix-array.nix {}; - youtube-tools = callPackage ./youtube-tools.nix {}; + cac = callPackage ./cac {}; + charybdis = callPackage ./charybdis {}; + dic = callPackage ./dic {}; + genid = callPackage ./genid {}; + github-hosts-sync = callPackage ./github-hosts-sync {}; + github-known_hosts = callPackage ./github-known_hosts {}; + hashPassword = callPackage ./hashPassword {}; + lentil = callPackage ./lentil {}; + much = callPackage ./much {}; + nq = callPackage ./nq {}; + posix-array = callPackage ./posix-array {}; + youtube-tools = callPackage ./youtube-tools {}; execve = name: { filename, argv, envp ? {}, destination ? "" }: writeC name { inherit destination; } '' diff --git a/krebs/5pkgs/dic.nix b/krebs/5pkgs/dic/default.nix similarity index 100% rename from krebs/5pkgs/dic.nix rename to krebs/5pkgs/dic/default.nix diff --git a/krebs/5pkgs/genid.nix b/krebs/5pkgs/genid/default.nix similarity index 100% rename from krebs/5pkgs/genid.nix rename to krebs/5pkgs/genid/default.nix diff --git a/krebs/5pkgs/github-hosts-sync.nix b/krebs/5pkgs/github-hosts-sync/default.nix similarity index 100% rename from krebs/5pkgs/github-hosts-sync.nix rename to krebs/5pkgs/github-hosts-sync/default.nix diff --git a/krebs/5pkgs/github-known_hosts.nix b/krebs/5pkgs/github-known_hosts/default.nix similarity index 100% rename from krebs/5pkgs/github-known_hosts.nix rename to krebs/5pkgs/github-known_hosts/default.nix diff --git a/krebs/5pkgs/hashPassword.nix b/krebs/5pkgs/hashPassword/default.nix similarity index 100% rename from krebs/5pkgs/hashPassword.nix rename to krebs/5pkgs/hashPassword/default.nix diff --git a/tv/5pkgs/lentil/default.nix b/krebs/5pkgs/lentil/default.nix similarity index 100% rename from tv/5pkgs/lentil/default.nix rename to krebs/5pkgs/lentil/default.nix diff --git a/tv/5pkgs/lentil/syntaxes.patch b/krebs/5pkgs/lentil/syntaxes.patch similarity index 100% rename from tv/5pkgs/lentil/syntaxes.patch rename to krebs/5pkgs/lentil/syntaxes.patch diff --git a/tv/5pkgs/much.nix b/krebs/5pkgs/much/default.nix similarity index 100% rename from tv/5pkgs/much.nix rename to krebs/5pkgs/much/default.nix diff --git a/krebs/5pkgs/nq.nix b/krebs/5pkgs/nq/default.nix similarity index 100% rename from krebs/5pkgs/nq.nix rename to krebs/5pkgs/nq/default.nix diff --git a/krebs/5pkgs/posix-array.nix b/krebs/5pkgs/posix-array/default.nix similarity index 100% rename from krebs/5pkgs/posix-array.nix rename to krebs/5pkgs/posix-array/default.nix diff --git a/krebs/5pkgs/youtube-tools.nix b/krebs/5pkgs/youtube-tools/default.nix similarity index 100% rename from krebs/5pkgs/youtube-tools.nix rename to krebs/5pkgs/youtube-tools/default.nix diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index ce137d961..4175292f2 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -5,8 +5,5 @@ let in { - charybdis = callPackage ./charybdis {}; - lentil = callPackage ./lentil {}; - much = callPackage ./much.nix {}; viljetic-pages = callPackage ./viljetic-pages {}; } From cb6bede2f65bdcaafe547fdffd8c99f671c54ee9 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 00:48:37 +0200 Subject: [PATCH 35/40] Zpubkeys github -> krebs pkgs github-known_hosts --- krebs/5pkgs/github-known_hosts/default.nix | 2 +- {Zpubkeys => krebs/5pkgs/github-known_hosts}/github.ssh.pub | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename {Zpubkeys => krebs/5pkgs/github-known_hosts}/github.ssh.pub (100%) diff --git a/krebs/5pkgs/github-known_hosts/default.nix b/krebs/5pkgs/github-known_hosts/default.nix index 302fdd8d5..fe5efe413 100644 --- a/krebs/5pkgs/github-known_hosts/default.nix +++ b/krebs/5pkgs/github-known_hosts/default.nix @@ -4,7 +4,7 @@ with builtins; with lib; let - github-pubkey = removeSuffix "\n" (readFile ../../Zpubkeys/github.ssh.pub); + github-pubkey = removeSuffix "\n" (readFile ./github.ssh.pub); in toFile "github-known_hosts" diff --git a/Zpubkeys/github.ssh.pub b/krebs/5pkgs/github-known_hosts/github.ssh.pub similarity index 100% rename from Zpubkeys/github.ssh.pub rename to krebs/5pkgs/github-known_hosts/github.ssh.pub From 5591b1dd120dac7cc52098eaacb1476da7b9cb84 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 00:58:41 +0200 Subject: [PATCH 36/40] Z* -> */Z* --- krebs/3modules/default.nix | 10 +++++----- krebs/3modules/retiolum.nix | 2 +- {Zhosts => krebs/Zhosts}/Styx | 0 {Zhosts => krebs/Zhosts}/ThinkArmageddon | 0 {Zhosts => krebs/Zhosts}/TriBot | 0 {Zhosts => krebs/Zhosts}/ach | 0 {Zhosts => krebs/Zhosts}/air | 0 {Zhosts => krebs/Zhosts}/alarmpi | 0 {Zhosts => krebs/Zhosts}/albi10 | 0 {Zhosts => krebs/Zhosts}/albi7 | 0 {Zhosts => krebs/Zhosts}/almoehi | 0 {Zhosts => krebs/Zhosts}/alphalabs | 0 {Zhosts => krebs/Zhosts}/apfull | 0 {Zhosts => krebs/Zhosts}/bitchctl | 0 {Zhosts => krebs/Zhosts}/bitchextend | 0 {Zhosts => krebs/Zhosts}/bitchtop | 0 {Zhosts => krebs/Zhosts}/box | 0 {Zhosts => krebs/Zhosts}/bridge | 0 {Zhosts => krebs/Zhosts}/c2ft | 0 {Zhosts => krebs/Zhosts}/c2fthome | 0 {Zhosts => krebs/Zhosts}/casino | 0 {Zhosts => krebs/Zhosts}/cat1 | 0 {Zhosts => krebs/Zhosts}/cband | 0 {Zhosts => krebs/Zhosts}/cd | 0 {Zhosts => krebs/Zhosts}/cloudkrebs | 0 {Zhosts => krebs/Zhosts}/darth | 0 {Zhosts => krebs/Zhosts}/dei | 0 {Zhosts => krebs/Zhosts}/destroy | 0 {Zhosts => krebs/Zhosts}/devstar | 0 {Zhosts => krebs/Zhosts}/eigenserv | 0 {Zhosts => krebs/Zhosts}/elvis | 0 {Zhosts => krebs/Zhosts}/eulerwalk | 0 {Zhosts => krebs/Zhosts}/exile | 0 {Zhosts => krebs/Zhosts}/exitium_mobilis | 0 {Zhosts => krebs/Zhosts}/falk | 0 {Zhosts => krebs/Zhosts}/fastpoke | 0 {Zhosts => krebs/Zhosts}/filebitch | 0 {Zhosts => krebs/Zhosts}/filepimp | 0 {Zhosts => krebs/Zhosts}/flap | 0 {Zhosts => krebs/Zhosts}/foobar | 0 {Zhosts => krebs/Zhosts}/fuerkrebs | 0 {Zhosts => krebs/Zhosts}/go | 0 {Zhosts => krebs/Zhosts}/gum | 0 {Zhosts => krebs/Zhosts}/heidi | 0 {Zhosts => krebs/Zhosts}/horisa | 0 {Zhosts => krebs/Zhosts}/horreum_magnus | 0 {Zhosts => krebs/Zhosts}/incept | 0 {Zhosts => krebs/Zhosts}/ire | 0 {Zhosts => krebs/Zhosts}/ire2 | 0 {Zhosts => krebs/Zhosts}/irkel | 0 {Zhosts => krebs/Zhosts}/juhulian | 0 {Zhosts => krebs/Zhosts}/k2 | 0 {Zhosts => krebs/Zhosts}/kabinett | 0 {Zhosts => krebs/Zhosts}/kaepsele | 0 {Zhosts => krebs/Zhosts}/kalle | 0 {Zhosts => krebs/Zhosts}/karthus | 0 {Zhosts => krebs/Zhosts}/khackplug | 0 {Zhosts => krebs/Zhosts}/kheurop | 0 {Zhosts => krebs/Zhosts}/kiosk | 0 {Zhosts => krebs/Zhosts}/krebsplug | 0 {Zhosts => krebs/Zhosts}/kvasir | 0 {Zhosts => krebs/Zhosts}/laqueus | 0 {Zhosts => krebs/Zhosts}/linuxatom | 0 {Zhosts => krebs/Zhosts}/luminos | 0 {Zhosts => krebs/Zhosts}/machine | 0 {Zhosts => krebs/Zhosts}/makalu | 0 {Zhosts => krebs/Zhosts}/mako | 0 {Zhosts => krebs/Zhosts}/miefda0 | 0 {Zhosts => krebs/Zhosts}/minikrebs | 0 {Zhosts => krebs/Zhosts}/mkdir | 0 {Zhosts => krebs/Zhosts}/monitor | 0 {Zhosts => krebs/Zhosts}/mors | 0 {Zhosts => krebs/Zhosts}/motor | 0 {Zhosts => krebs/Zhosts}/mu | 0 {Zhosts => krebs/Zhosts}/muhbaasu | 0 {Zhosts => krebs/Zhosts}/nomic | 0 {Zhosts => krebs/Zhosts}/nomic2 | 0 {Zhosts => krebs/Zhosts}/nukular | 0 {Zhosts => krebs/Zhosts}/omo | 0 {Zhosts => krebs/Zhosts}/pic | 0 {Zhosts => krebs/Zhosts}/pigstarter | 0 {Zhosts => krebs/Zhosts}/pike | 0 {Zhosts => krebs/Zhosts}/pnp | 0 {Zhosts => krebs/Zhosts}/pornocauster | 0 {Zhosts => krebs/Zhosts}/radiotuxmini | 0 {Zhosts => krebs/Zhosts}/random | 0 {Zhosts => krebs/Zhosts}/raspafari | 0 {Zhosts => krebs/Zhosts}/reimae | 0 {Zhosts => krebs/Zhosts}/rmdir | 0 {Zhosts => krebs/Zhosts}/robchina | 0 {Zhosts => krebs/Zhosts}/rockit | 0 {Zhosts => krebs/Zhosts}/rtjure_debian_oder_so | 0 {Zhosts => krebs/Zhosts}/rtjure_ras | 0 {Zhosts => krebs/Zhosts}/rtjure_rdrlab_linkstation | 0 {Zhosts => krebs/Zhosts}/rubus | 0 {Zhosts => krebs/Zhosts}/senderechner | 0 {Zhosts => krebs/Zhosts}/serenity | 0 {Zhosts => krebs/Zhosts}/seruundroid | 0 {Zhosts => krebs/Zhosts}/sir_krebs_a_lot | 0 {Zhosts => krebs/Zhosts}/skirfir | 0 {Zhosts => krebs/Zhosts}/sleipnir | 0 {Zhosts => krebs/Zhosts}/smove | 0 {Zhosts => krebs/Zhosts}/sokrates | 0 {Zhosts => krebs/Zhosts}/sokrateslaptop | 0 {Zhosts => krebs/Zhosts}/soundflower | 0 {Zhosts => krebs/Zhosts}/steve | 0 {Zhosts => krebs/Zhosts}/tahoe | 0 {Zhosts => krebs/Zhosts}/taschenkrebs | 0 {Zhosts => krebs/Zhosts}/terrapi | 0 {Zhosts => krebs/Zhosts}/thomasDOTde | 0 {Zhosts => krebs/Zhosts}/tincdroid | 0 {Zhosts => krebs/Zhosts}/tmpd | 0 {Zhosts => krebs/Zhosts}/tpsw | 0 {Zhosts => krebs/Zhosts}/tsp | 0 {Zhosts => krebs/Zhosts}/ufo | 0 {Zhosts => krebs/Zhosts}/uriel | 0 {Zhosts => krebs/Zhosts}/vault | 0 {Zhosts => krebs/Zhosts}/voyager | 0 {Zhosts => krebs/Zhosts}/wooktop | 0 {Zhosts => krebs/Zhosts}/wu | 0 {Zhosts => krebs/Zhosts}/ytart | 0 {Zhosts => krebs/Zhosts}/zombiecancer | 0 {Zpubkeys => krebs/Zpubkeys}/deploy_wu.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/lass.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/makefu_arch.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/makefu_omo.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/makefu_tsp.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/mv_vod.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/tv_wu.ssh.pub | 0 {Zpubkeys => krebs/Zpubkeys}/uriel.ssh.pub | 0 tv/1systems/cd.nix | 2 +- {Zcerts => tv/Zcerts}/charybdis_cd.crt.pem | 0 132 files changed, 7 insertions(+), 7 deletions(-) rename {Zhosts => krebs/Zhosts}/Styx (100%) rename {Zhosts => krebs/Zhosts}/ThinkArmageddon (100%) rename {Zhosts => krebs/Zhosts}/TriBot (100%) rename {Zhosts => krebs/Zhosts}/ach (100%) rename {Zhosts => krebs/Zhosts}/air (100%) rename {Zhosts => krebs/Zhosts}/alarmpi (100%) rename {Zhosts => krebs/Zhosts}/albi10 (100%) rename {Zhosts => krebs/Zhosts}/albi7 (100%) rename {Zhosts => krebs/Zhosts}/almoehi (100%) rename {Zhosts => krebs/Zhosts}/alphalabs (100%) rename {Zhosts => krebs/Zhosts}/apfull (100%) rename {Zhosts => krebs/Zhosts}/bitchctl (100%) rename {Zhosts => krebs/Zhosts}/bitchextend (100%) rename {Zhosts => krebs/Zhosts}/bitchtop (100%) rename {Zhosts => krebs/Zhosts}/box (100%) rename {Zhosts => krebs/Zhosts}/bridge (100%) rename {Zhosts => krebs/Zhosts}/c2ft (100%) rename {Zhosts => krebs/Zhosts}/c2fthome (100%) rename {Zhosts => krebs/Zhosts}/casino (100%) rename {Zhosts => krebs/Zhosts}/cat1 (100%) rename {Zhosts => krebs/Zhosts}/cband (100%) rename {Zhosts => krebs/Zhosts}/cd (100%) rename {Zhosts => krebs/Zhosts}/cloudkrebs (100%) rename {Zhosts => krebs/Zhosts}/darth (100%) rename {Zhosts => krebs/Zhosts}/dei (100%) rename {Zhosts => krebs/Zhosts}/destroy (100%) rename {Zhosts => krebs/Zhosts}/devstar (100%) rename {Zhosts => krebs/Zhosts}/eigenserv (100%) rename {Zhosts => krebs/Zhosts}/elvis (100%) rename {Zhosts => krebs/Zhosts}/eulerwalk (100%) rename {Zhosts => krebs/Zhosts}/exile (100%) rename {Zhosts => krebs/Zhosts}/exitium_mobilis (100%) rename {Zhosts => krebs/Zhosts}/falk (100%) rename {Zhosts => krebs/Zhosts}/fastpoke (100%) rename {Zhosts => krebs/Zhosts}/filebitch (100%) rename {Zhosts => krebs/Zhosts}/filepimp (100%) rename {Zhosts => krebs/Zhosts}/flap (100%) rename {Zhosts => krebs/Zhosts}/foobar (100%) rename {Zhosts => krebs/Zhosts}/fuerkrebs (100%) rename {Zhosts => krebs/Zhosts}/go (100%) rename {Zhosts => krebs/Zhosts}/gum (100%) rename {Zhosts => krebs/Zhosts}/heidi (100%) rename {Zhosts => krebs/Zhosts}/horisa (100%) rename {Zhosts => krebs/Zhosts}/horreum_magnus (100%) rename {Zhosts => krebs/Zhosts}/incept (100%) rename {Zhosts => krebs/Zhosts}/ire (100%) rename {Zhosts => krebs/Zhosts}/ire2 (100%) rename {Zhosts => krebs/Zhosts}/irkel (100%) rename {Zhosts => krebs/Zhosts}/juhulian (100%) rename {Zhosts => krebs/Zhosts}/k2 (100%) rename {Zhosts => krebs/Zhosts}/kabinett (100%) rename {Zhosts => krebs/Zhosts}/kaepsele (100%) rename {Zhosts => krebs/Zhosts}/kalle (100%) rename {Zhosts => krebs/Zhosts}/karthus (100%) rename {Zhosts => krebs/Zhosts}/khackplug (100%) rename {Zhosts => krebs/Zhosts}/kheurop (100%) rename {Zhosts => krebs/Zhosts}/kiosk (100%) rename {Zhosts => krebs/Zhosts}/krebsplug (100%) rename {Zhosts => krebs/Zhosts}/kvasir (100%) rename {Zhosts => krebs/Zhosts}/laqueus (100%) rename {Zhosts => krebs/Zhosts}/linuxatom (100%) rename {Zhosts => krebs/Zhosts}/luminos (100%) rename {Zhosts => krebs/Zhosts}/machine (100%) rename {Zhosts => krebs/Zhosts}/makalu (100%) rename {Zhosts => krebs/Zhosts}/mako (100%) rename {Zhosts => krebs/Zhosts}/miefda0 (100%) rename {Zhosts => krebs/Zhosts}/minikrebs (100%) rename {Zhosts => krebs/Zhosts}/mkdir (100%) rename {Zhosts => krebs/Zhosts}/monitor (100%) rename {Zhosts => krebs/Zhosts}/mors (100%) rename {Zhosts => krebs/Zhosts}/motor (100%) rename {Zhosts => krebs/Zhosts}/mu (100%) rename {Zhosts => krebs/Zhosts}/muhbaasu (100%) rename {Zhosts => krebs/Zhosts}/nomic (100%) rename {Zhosts => krebs/Zhosts}/nomic2 (100%) rename {Zhosts => krebs/Zhosts}/nukular (100%) rename {Zhosts => krebs/Zhosts}/omo (100%) rename {Zhosts => krebs/Zhosts}/pic (100%) rename {Zhosts => krebs/Zhosts}/pigstarter (100%) rename {Zhosts => krebs/Zhosts}/pike (100%) rename {Zhosts => krebs/Zhosts}/pnp (100%) rename {Zhosts => krebs/Zhosts}/pornocauster (100%) rename {Zhosts => krebs/Zhosts}/radiotuxmini (100%) rename {Zhosts => krebs/Zhosts}/random (100%) rename {Zhosts => krebs/Zhosts}/raspafari (100%) rename {Zhosts => krebs/Zhosts}/reimae (100%) rename {Zhosts => krebs/Zhosts}/rmdir (100%) rename {Zhosts => krebs/Zhosts}/robchina (100%) rename {Zhosts => krebs/Zhosts}/rockit (100%) rename {Zhosts => krebs/Zhosts}/rtjure_debian_oder_so (100%) rename {Zhosts => krebs/Zhosts}/rtjure_ras (100%) rename {Zhosts => krebs/Zhosts}/rtjure_rdrlab_linkstation (100%) rename {Zhosts => krebs/Zhosts}/rubus (100%) rename {Zhosts => krebs/Zhosts}/senderechner (100%) rename {Zhosts => krebs/Zhosts}/serenity (100%) rename {Zhosts => krebs/Zhosts}/seruundroid (100%) rename {Zhosts => krebs/Zhosts}/sir_krebs_a_lot (100%) rename {Zhosts => krebs/Zhosts}/skirfir (100%) rename {Zhosts => krebs/Zhosts}/sleipnir (100%) rename {Zhosts => krebs/Zhosts}/smove (100%) rename {Zhosts => krebs/Zhosts}/sokrates (100%) rename {Zhosts => krebs/Zhosts}/sokrateslaptop (100%) rename {Zhosts => krebs/Zhosts}/soundflower (100%) rename {Zhosts => krebs/Zhosts}/steve (100%) rename {Zhosts => krebs/Zhosts}/tahoe (100%) rename {Zhosts => krebs/Zhosts}/taschenkrebs (100%) rename {Zhosts => krebs/Zhosts}/terrapi (100%) rename {Zhosts => krebs/Zhosts}/thomasDOTde (100%) rename {Zhosts => krebs/Zhosts}/tincdroid (100%) rename {Zhosts => krebs/Zhosts}/tmpd (100%) rename {Zhosts => krebs/Zhosts}/tpsw (100%) rename {Zhosts => krebs/Zhosts}/tsp (100%) rename {Zhosts => krebs/Zhosts}/ufo (100%) rename {Zhosts => krebs/Zhosts}/uriel (100%) rename {Zhosts => krebs/Zhosts}/vault (100%) rename {Zhosts => krebs/Zhosts}/voyager (100%) rename {Zhosts => krebs/Zhosts}/wooktop (100%) rename {Zhosts => krebs/Zhosts}/wu (100%) rename {Zhosts => krebs/Zhosts}/ytart (100%) rename {Zhosts => krebs/Zhosts}/zombiecancer (100%) rename {Zpubkeys => krebs/Zpubkeys}/deploy_wu.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/lass.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/makefu_arch.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/makefu_omo.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/makefu_tsp.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/mv_vod.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/tv_wu.ssh.pub (100%) rename {Zpubkeys => krebs/Zpubkeys}/uriel.ssh.pub (100%) rename {Zcerts => tv/Zcerts}/charybdis_cd.crt.pem (100%) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 65ebad7b8..5f338df62 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -303,11 +303,11 @@ let }; users = addNames { lass = { - pubkey = readFile ../../Zpubkeys/lass.ssh.pub; + pubkey = readFile ../Zpubkeys/lass.ssh.pub; mail = "lass@mors.retiolum"; }; uriel = { - pubkey = readFile ../../Zpubkeys/uriel.ssh.pub; + pubkey = readFile ../Zpubkeys/uriel.ssh.pub; mail = "lass@uriel.retiolum"; }; }; @@ -514,7 +514,7 @@ let users = addNames { makefu = { mail = "makefu@pornocauster.retiolum"; - pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub; + pubkey = readFile ../Zpubkeys/makefu_arch.ssh.pub; }; }; }; @@ -685,11 +685,11 @@ let users = addNames { mv = { mail = "mv@cd.retiolum"; - pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub; + pubkey = readFile ../Zpubkeys/mv_vod.ssh.pub; }; tv = { mail = "tv@wu.retiolum"; - pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; + pubkey = readFile ../Zpubkeys/tv_wu.ssh.pub; }; }; }; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 481d6565c..4e70b78aa 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -58,7 +58,7 @@ let hosts = mkOption { type = with types; either package path; - default = ../../Zhosts; + default = ../Zhosts; description = '' If a path is given, then it will be used to generate an ad-hoc package. ''; diff --git a/Zhosts/Styx b/krebs/Zhosts/Styx similarity index 100% rename from Zhosts/Styx rename to krebs/Zhosts/Styx diff --git a/Zhosts/ThinkArmageddon b/krebs/Zhosts/ThinkArmageddon similarity index 100% rename from Zhosts/ThinkArmageddon rename to krebs/Zhosts/ThinkArmageddon diff --git a/Zhosts/TriBot b/krebs/Zhosts/TriBot similarity index 100% rename from Zhosts/TriBot rename to krebs/Zhosts/TriBot diff --git a/Zhosts/ach b/krebs/Zhosts/ach similarity index 100% rename from Zhosts/ach rename to krebs/Zhosts/ach diff --git a/Zhosts/air b/krebs/Zhosts/air similarity index 100% rename from Zhosts/air rename to krebs/Zhosts/air diff --git a/Zhosts/alarmpi b/krebs/Zhosts/alarmpi similarity index 100% rename from Zhosts/alarmpi rename to krebs/Zhosts/alarmpi diff --git a/Zhosts/albi10 b/krebs/Zhosts/albi10 similarity index 100% rename from Zhosts/albi10 rename to krebs/Zhosts/albi10 diff --git a/Zhosts/albi7 b/krebs/Zhosts/albi7 similarity index 100% rename from Zhosts/albi7 rename to krebs/Zhosts/albi7 diff --git a/Zhosts/almoehi b/krebs/Zhosts/almoehi similarity index 100% rename from Zhosts/almoehi rename to krebs/Zhosts/almoehi diff --git a/Zhosts/alphalabs b/krebs/Zhosts/alphalabs similarity index 100% rename from Zhosts/alphalabs rename to krebs/Zhosts/alphalabs diff --git a/Zhosts/apfull b/krebs/Zhosts/apfull similarity index 100% rename from Zhosts/apfull rename to krebs/Zhosts/apfull diff --git a/Zhosts/bitchctl b/krebs/Zhosts/bitchctl similarity index 100% rename from Zhosts/bitchctl rename to krebs/Zhosts/bitchctl diff --git a/Zhosts/bitchextend b/krebs/Zhosts/bitchextend similarity index 100% rename from Zhosts/bitchextend rename to krebs/Zhosts/bitchextend diff --git a/Zhosts/bitchtop b/krebs/Zhosts/bitchtop similarity index 100% rename from Zhosts/bitchtop rename to krebs/Zhosts/bitchtop diff --git a/Zhosts/box b/krebs/Zhosts/box similarity index 100% rename from Zhosts/box rename to krebs/Zhosts/box diff --git a/Zhosts/bridge b/krebs/Zhosts/bridge similarity index 100% rename from Zhosts/bridge rename to krebs/Zhosts/bridge diff --git a/Zhosts/c2ft b/krebs/Zhosts/c2ft similarity index 100% rename from Zhosts/c2ft rename to krebs/Zhosts/c2ft diff --git a/Zhosts/c2fthome b/krebs/Zhosts/c2fthome similarity index 100% rename from Zhosts/c2fthome rename to krebs/Zhosts/c2fthome diff --git a/Zhosts/casino b/krebs/Zhosts/casino similarity index 100% rename from Zhosts/casino rename to krebs/Zhosts/casino diff --git a/Zhosts/cat1 b/krebs/Zhosts/cat1 similarity index 100% rename from Zhosts/cat1 rename to krebs/Zhosts/cat1 diff --git a/Zhosts/cband b/krebs/Zhosts/cband similarity index 100% rename from Zhosts/cband rename to krebs/Zhosts/cband diff --git a/Zhosts/cd b/krebs/Zhosts/cd similarity index 100% rename from Zhosts/cd rename to krebs/Zhosts/cd diff --git a/Zhosts/cloudkrebs b/krebs/Zhosts/cloudkrebs similarity index 100% rename from Zhosts/cloudkrebs rename to krebs/Zhosts/cloudkrebs diff --git a/Zhosts/darth b/krebs/Zhosts/darth similarity index 100% rename from Zhosts/darth rename to krebs/Zhosts/darth diff --git a/Zhosts/dei b/krebs/Zhosts/dei similarity index 100% rename from Zhosts/dei rename to krebs/Zhosts/dei diff --git a/Zhosts/destroy b/krebs/Zhosts/destroy similarity index 100% rename from Zhosts/destroy rename to krebs/Zhosts/destroy diff --git a/Zhosts/devstar b/krebs/Zhosts/devstar similarity index 100% rename from Zhosts/devstar rename to krebs/Zhosts/devstar diff --git a/Zhosts/eigenserv b/krebs/Zhosts/eigenserv similarity index 100% rename from Zhosts/eigenserv rename to krebs/Zhosts/eigenserv diff --git a/Zhosts/elvis b/krebs/Zhosts/elvis similarity index 100% rename from Zhosts/elvis rename to krebs/Zhosts/elvis diff --git a/Zhosts/eulerwalk b/krebs/Zhosts/eulerwalk similarity index 100% rename from Zhosts/eulerwalk rename to krebs/Zhosts/eulerwalk diff --git a/Zhosts/exile b/krebs/Zhosts/exile similarity index 100% rename from Zhosts/exile rename to krebs/Zhosts/exile diff --git a/Zhosts/exitium_mobilis b/krebs/Zhosts/exitium_mobilis similarity index 100% rename from Zhosts/exitium_mobilis rename to krebs/Zhosts/exitium_mobilis diff --git a/Zhosts/falk b/krebs/Zhosts/falk similarity index 100% rename from Zhosts/falk rename to krebs/Zhosts/falk diff --git a/Zhosts/fastpoke b/krebs/Zhosts/fastpoke similarity index 100% rename from Zhosts/fastpoke rename to krebs/Zhosts/fastpoke diff --git a/Zhosts/filebitch b/krebs/Zhosts/filebitch similarity index 100% rename from Zhosts/filebitch rename to krebs/Zhosts/filebitch diff --git a/Zhosts/filepimp b/krebs/Zhosts/filepimp similarity index 100% rename from Zhosts/filepimp rename to krebs/Zhosts/filepimp diff --git a/Zhosts/flap b/krebs/Zhosts/flap similarity index 100% rename from Zhosts/flap rename to krebs/Zhosts/flap diff --git a/Zhosts/foobar b/krebs/Zhosts/foobar similarity index 100% rename from Zhosts/foobar rename to krebs/Zhosts/foobar diff --git a/Zhosts/fuerkrebs b/krebs/Zhosts/fuerkrebs similarity index 100% rename from Zhosts/fuerkrebs rename to krebs/Zhosts/fuerkrebs diff --git a/Zhosts/go b/krebs/Zhosts/go similarity index 100% rename from Zhosts/go rename to krebs/Zhosts/go diff --git a/Zhosts/gum b/krebs/Zhosts/gum similarity index 100% rename from Zhosts/gum rename to krebs/Zhosts/gum diff --git a/Zhosts/heidi b/krebs/Zhosts/heidi similarity index 100% rename from Zhosts/heidi rename to krebs/Zhosts/heidi diff --git a/Zhosts/horisa b/krebs/Zhosts/horisa similarity index 100% rename from Zhosts/horisa rename to krebs/Zhosts/horisa diff --git a/Zhosts/horreum_magnus b/krebs/Zhosts/horreum_magnus similarity index 100% rename from Zhosts/horreum_magnus rename to krebs/Zhosts/horreum_magnus diff --git a/Zhosts/incept b/krebs/Zhosts/incept similarity index 100% rename from Zhosts/incept rename to krebs/Zhosts/incept diff --git a/Zhosts/ire b/krebs/Zhosts/ire similarity index 100% rename from Zhosts/ire rename to krebs/Zhosts/ire diff --git a/Zhosts/ire2 b/krebs/Zhosts/ire2 similarity index 100% rename from Zhosts/ire2 rename to krebs/Zhosts/ire2 diff --git a/Zhosts/irkel b/krebs/Zhosts/irkel similarity index 100% rename from Zhosts/irkel rename to krebs/Zhosts/irkel diff --git a/Zhosts/juhulian b/krebs/Zhosts/juhulian similarity index 100% rename from Zhosts/juhulian rename to krebs/Zhosts/juhulian diff --git a/Zhosts/k2 b/krebs/Zhosts/k2 similarity index 100% rename from Zhosts/k2 rename to krebs/Zhosts/k2 diff --git a/Zhosts/kabinett b/krebs/Zhosts/kabinett similarity index 100% rename from Zhosts/kabinett rename to krebs/Zhosts/kabinett diff --git a/Zhosts/kaepsele b/krebs/Zhosts/kaepsele similarity index 100% rename from Zhosts/kaepsele rename to krebs/Zhosts/kaepsele diff --git a/Zhosts/kalle b/krebs/Zhosts/kalle similarity index 100% rename from Zhosts/kalle rename to krebs/Zhosts/kalle diff --git a/Zhosts/karthus b/krebs/Zhosts/karthus similarity index 100% rename from Zhosts/karthus rename to krebs/Zhosts/karthus diff --git a/Zhosts/khackplug b/krebs/Zhosts/khackplug similarity index 100% rename from Zhosts/khackplug rename to krebs/Zhosts/khackplug diff --git a/Zhosts/kheurop b/krebs/Zhosts/kheurop similarity index 100% rename from Zhosts/kheurop rename to krebs/Zhosts/kheurop diff --git a/Zhosts/kiosk b/krebs/Zhosts/kiosk similarity index 100% rename from Zhosts/kiosk rename to krebs/Zhosts/kiosk diff --git a/Zhosts/krebsplug b/krebs/Zhosts/krebsplug similarity index 100% rename from Zhosts/krebsplug rename to krebs/Zhosts/krebsplug diff --git a/Zhosts/kvasir b/krebs/Zhosts/kvasir similarity index 100% rename from Zhosts/kvasir rename to krebs/Zhosts/kvasir diff --git a/Zhosts/laqueus b/krebs/Zhosts/laqueus similarity index 100% rename from Zhosts/laqueus rename to krebs/Zhosts/laqueus diff --git a/Zhosts/linuxatom b/krebs/Zhosts/linuxatom similarity index 100% rename from Zhosts/linuxatom rename to krebs/Zhosts/linuxatom diff --git a/Zhosts/luminos b/krebs/Zhosts/luminos similarity index 100% rename from Zhosts/luminos rename to krebs/Zhosts/luminos diff --git a/Zhosts/machine b/krebs/Zhosts/machine similarity index 100% rename from Zhosts/machine rename to krebs/Zhosts/machine diff --git a/Zhosts/makalu b/krebs/Zhosts/makalu similarity index 100% rename from Zhosts/makalu rename to krebs/Zhosts/makalu diff --git a/Zhosts/mako b/krebs/Zhosts/mako similarity index 100% rename from Zhosts/mako rename to krebs/Zhosts/mako diff --git a/Zhosts/miefda0 b/krebs/Zhosts/miefda0 similarity index 100% rename from Zhosts/miefda0 rename to krebs/Zhosts/miefda0 diff --git a/Zhosts/minikrebs b/krebs/Zhosts/minikrebs similarity index 100% rename from Zhosts/minikrebs rename to krebs/Zhosts/minikrebs diff --git a/Zhosts/mkdir b/krebs/Zhosts/mkdir similarity index 100% rename from Zhosts/mkdir rename to krebs/Zhosts/mkdir diff --git a/Zhosts/monitor b/krebs/Zhosts/monitor similarity index 100% rename from Zhosts/monitor rename to krebs/Zhosts/monitor diff --git a/Zhosts/mors b/krebs/Zhosts/mors similarity index 100% rename from Zhosts/mors rename to krebs/Zhosts/mors diff --git a/Zhosts/motor b/krebs/Zhosts/motor similarity index 100% rename from Zhosts/motor rename to krebs/Zhosts/motor diff --git a/Zhosts/mu b/krebs/Zhosts/mu similarity index 100% rename from Zhosts/mu rename to krebs/Zhosts/mu diff --git a/Zhosts/muhbaasu b/krebs/Zhosts/muhbaasu similarity index 100% rename from Zhosts/muhbaasu rename to krebs/Zhosts/muhbaasu diff --git a/Zhosts/nomic b/krebs/Zhosts/nomic similarity index 100% rename from Zhosts/nomic rename to krebs/Zhosts/nomic diff --git a/Zhosts/nomic2 b/krebs/Zhosts/nomic2 similarity index 100% rename from Zhosts/nomic2 rename to krebs/Zhosts/nomic2 diff --git a/Zhosts/nukular b/krebs/Zhosts/nukular similarity index 100% rename from Zhosts/nukular rename to krebs/Zhosts/nukular diff --git a/Zhosts/omo b/krebs/Zhosts/omo similarity index 100% rename from Zhosts/omo rename to krebs/Zhosts/omo diff --git a/Zhosts/pic b/krebs/Zhosts/pic similarity index 100% rename from Zhosts/pic rename to krebs/Zhosts/pic diff --git a/Zhosts/pigstarter b/krebs/Zhosts/pigstarter similarity index 100% rename from Zhosts/pigstarter rename to krebs/Zhosts/pigstarter diff --git a/Zhosts/pike b/krebs/Zhosts/pike similarity index 100% rename from Zhosts/pike rename to krebs/Zhosts/pike diff --git a/Zhosts/pnp b/krebs/Zhosts/pnp similarity index 100% rename from Zhosts/pnp rename to krebs/Zhosts/pnp diff --git a/Zhosts/pornocauster b/krebs/Zhosts/pornocauster similarity index 100% rename from Zhosts/pornocauster rename to krebs/Zhosts/pornocauster diff --git a/Zhosts/radiotuxmini b/krebs/Zhosts/radiotuxmini similarity index 100% rename from Zhosts/radiotuxmini rename to krebs/Zhosts/radiotuxmini diff --git a/Zhosts/random b/krebs/Zhosts/random similarity index 100% rename from Zhosts/random rename to krebs/Zhosts/random diff --git a/Zhosts/raspafari b/krebs/Zhosts/raspafari similarity index 100% rename from Zhosts/raspafari rename to krebs/Zhosts/raspafari diff --git a/Zhosts/reimae b/krebs/Zhosts/reimae similarity index 100% rename from Zhosts/reimae rename to krebs/Zhosts/reimae diff --git a/Zhosts/rmdir b/krebs/Zhosts/rmdir similarity index 100% rename from Zhosts/rmdir rename to krebs/Zhosts/rmdir diff --git a/Zhosts/robchina b/krebs/Zhosts/robchina similarity index 100% rename from Zhosts/robchina rename to krebs/Zhosts/robchina diff --git a/Zhosts/rockit b/krebs/Zhosts/rockit similarity index 100% rename from Zhosts/rockit rename to krebs/Zhosts/rockit diff --git a/Zhosts/rtjure_debian_oder_so b/krebs/Zhosts/rtjure_debian_oder_so similarity index 100% rename from Zhosts/rtjure_debian_oder_so rename to krebs/Zhosts/rtjure_debian_oder_so diff --git a/Zhosts/rtjure_ras b/krebs/Zhosts/rtjure_ras similarity index 100% rename from Zhosts/rtjure_ras rename to krebs/Zhosts/rtjure_ras diff --git a/Zhosts/rtjure_rdrlab_linkstation b/krebs/Zhosts/rtjure_rdrlab_linkstation similarity index 100% rename from Zhosts/rtjure_rdrlab_linkstation rename to krebs/Zhosts/rtjure_rdrlab_linkstation diff --git a/Zhosts/rubus b/krebs/Zhosts/rubus similarity index 100% rename from Zhosts/rubus rename to krebs/Zhosts/rubus diff --git a/Zhosts/senderechner b/krebs/Zhosts/senderechner similarity index 100% rename from Zhosts/senderechner rename to krebs/Zhosts/senderechner diff --git a/Zhosts/serenity b/krebs/Zhosts/serenity similarity index 100% rename from Zhosts/serenity rename to krebs/Zhosts/serenity diff --git a/Zhosts/seruundroid b/krebs/Zhosts/seruundroid similarity index 100% rename from Zhosts/seruundroid rename to krebs/Zhosts/seruundroid diff --git a/Zhosts/sir_krebs_a_lot b/krebs/Zhosts/sir_krebs_a_lot similarity index 100% rename from Zhosts/sir_krebs_a_lot rename to krebs/Zhosts/sir_krebs_a_lot diff --git a/Zhosts/skirfir b/krebs/Zhosts/skirfir similarity index 100% rename from Zhosts/skirfir rename to krebs/Zhosts/skirfir diff --git a/Zhosts/sleipnir b/krebs/Zhosts/sleipnir similarity index 100% rename from Zhosts/sleipnir rename to krebs/Zhosts/sleipnir diff --git a/Zhosts/smove b/krebs/Zhosts/smove similarity index 100% rename from Zhosts/smove rename to krebs/Zhosts/smove diff --git a/Zhosts/sokrates b/krebs/Zhosts/sokrates similarity index 100% rename from Zhosts/sokrates rename to krebs/Zhosts/sokrates diff --git a/Zhosts/sokrateslaptop b/krebs/Zhosts/sokrateslaptop similarity index 100% rename from Zhosts/sokrateslaptop rename to krebs/Zhosts/sokrateslaptop diff --git a/Zhosts/soundflower b/krebs/Zhosts/soundflower similarity index 100% rename from Zhosts/soundflower rename to krebs/Zhosts/soundflower diff --git a/Zhosts/steve b/krebs/Zhosts/steve similarity index 100% rename from Zhosts/steve rename to krebs/Zhosts/steve diff --git a/Zhosts/tahoe b/krebs/Zhosts/tahoe similarity index 100% rename from Zhosts/tahoe rename to krebs/Zhosts/tahoe diff --git a/Zhosts/taschenkrebs b/krebs/Zhosts/taschenkrebs similarity index 100% rename from Zhosts/taschenkrebs rename to krebs/Zhosts/taschenkrebs diff --git a/Zhosts/terrapi b/krebs/Zhosts/terrapi similarity index 100% rename from Zhosts/terrapi rename to krebs/Zhosts/terrapi diff --git a/Zhosts/thomasDOTde b/krebs/Zhosts/thomasDOTde similarity index 100% rename from Zhosts/thomasDOTde rename to krebs/Zhosts/thomasDOTde diff --git a/Zhosts/tincdroid b/krebs/Zhosts/tincdroid similarity index 100% rename from Zhosts/tincdroid rename to krebs/Zhosts/tincdroid diff --git a/Zhosts/tmpd b/krebs/Zhosts/tmpd similarity index 100% rename from Zhosts/tmpd rename to krebs/Zhosts/tmpd diff --git a/Zhosts/tpsw b/krebs/Zhosts/tpsw similarity index 100% rename from Zhosts/tpsw rename to krebs/Zhosts/tpsw diff --git a/Zhosts/tsp b/krebs/Zhosts/tsp similarity index 100% rename from Zhosts/tsp rename to krebs/Zhosts/tsp diff --git a/Zhosts/ufo b/krebs/Zhosts/ufo similarity index 100% rename from Zhosts/ufo rename to krebs/Zhosts/ufo diff --git a/Zhosts/uriel b/krebs/Zhosts/uriel similarity index 100% rename from Zhosts/uriel rename to krebs/Zhosts/uriel diff --git a/Zhosts/vault b/krebs/Zhosts/vault similarity index 100% rename from Zhosts/vault rename to krebs/Zhosts/vault diff --git a/Zhosts/voyager b/krebs/Zhosts/voyager similarity index 100% rename from Zhosts/voyager rename to krebs/Zhosts/voyager diff --git a/Zhosts/wooktop b/krebs/Zhosts/wooktop similarity index 100% rename from Zhosts/wooktop rename to krebs/Zhosts/wooktop diff --git a/Zhosts/wu b/krebs/Zhosts/wu similarity index 100% rename from Zhosts/wu rename to krebs/Zhosts/wu diff --git a/Zhosts/ytart b/krebs/Zhosts/ytart similarity index 100% rename from Zhosts/ytart rename to krebs/Zhosts/ytart diff --git a/Zhosts/zombiecancer b/krebs/Zhosts/zombiecancer similarity index 100% rename from Zhosts/zombiecancer rename to krebs/Zhosts/zombiecancer diff --git a/Zpubkeys/deploy_wu.ssh.pub b/krebs/Zpubkeys/deploy_wu.ssh.pub similarity index 100% rename from Zpubkeys/deploy_wu.ssh.pub rename to krebs/Zpubkeys/deploy_wu.ssh.pub diff --git a/Zpubkeys/lass.ssh.pub b/krebs/Zpubkeys/lass.ssh.pub similarity index 100% rename from Zpubkeys/lass.ssh.pub rename to krebs/Zpubkeys/lass.ssh.pub diff --git a/Zpubkeys/makefu_arch.ssh.pub b/krebs/Zpubkeys/makefu_arch.ssh.pub similarity index 100% rename from Zpubkeys/makefu_arch.ssh.pub rename to krebs/Zpubkeys/makefu_arch.ssh.pub diff --git a/Zpubkeys/makefu_omo.ssh.pub b/krebs/Zpubkeys/makefu_omo.ssh.pub similarity index 100% rename from Zpubkeys/makefu_omo.ssh.pub rename to krebs/Zpubkeys/makefu_omo.ssh.pub diff --git a/Zpubkeys/makefu_tsp.ssh.pub b/krebs/Zpubkeys/makefu_tsp.ssh.pub similarity index 100% rename from Zpubkeys/makefu_tsp.ssh.pub rename to krebs/Zpubkeys/makefu_tsp.ssh.pub diff --git a/Zpubkeys/mv_vod.ssh.pub b/krebs/Zpubkeys/mv_vod.ssh.pub similarity index 100% rename from Zpubkeys/mv_vod.ssh.pub rename to krebs/Zpubkeys/mv_vod.ssh.pub diff --git a/Zpubkeys/tv_wu.ssh.pub b/krebs/Zpubkeys/tv_wu.ssh.pub similarity index 100% rename from Zpubkeys/tv_wu.ssh.pub rename to krebs/Zpubkeys/tv_wu.ssh.pub diff --git a/Zpubkeys/uriel.ssh.pub b/krebs/Zpubkeys/uriel.ssh.pub similarity index 100% rename from Zpubkeys/uriel.ssh.pub rename to krebs/Zpubkeys/uriel.ssh.pub diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 0049387be..03c375b9b 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -31,7 +31,7 @@ with lib; imports = [ ../2configs/charybdis.nix ]; tv.charybdis = { enable = true; - sslCert = ../../Zcerts/charybdis_cd.crt.pem; + sslCert = ../Zcerts/charybdis_cd.crt.pem; }; } { diff --git a/Zcerts/charybdis_cd.crt.pem b/tv/Zcerts/charybdis_cd.crt.pem similarity index 100% rename from Zcerts/charybdis_cd.crt.pem rename to tv/Zcerts/charybdis_cd.crt.pem From 6def9f2d6ba957d068f0d1f0f267247b8e9a89f8 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 08:29:35 +0200 Subject: [PATCH 37/40] krebs pkgs pssh: init --- krebs/5pkgs/default.nix | 1 + krebs/5pkgs/pssh/default.nix | 37 ++++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 krebs/5pkgs/pssh/default.nix diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 71bee3fa2..500d5fe25 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -18,6 +18,7 @@ rec { much = callPackage ./much {}; nq = callPackage ./nq {}; posix-array = callPackage ./posix-array {}; + pssh = callPackage ./pssh {}; youtube-tools = callPackage ./youtube-tools {}; execve = name: { filename, argv, envp ? {}, destination ? "" }: diff --git a/krebs/5pkgs/pssh/default.nix b/krebs/5pkgs/pssh/default.nix new file mode 100644 index 000000000..fd48d3e7c --- /dev/null +++ b/krebs/5pkgs/pssh/default.nix @@ -0,0 +1,37 @@ +{ writeScriptBin }: + +writeScriptBin "pssh" '' + #! /bin/sh + set -efu + case ''${1-} in + + # TODO create plog with -o json | jq ... | map date + + # usage: pssh {-j,--journal} host... + # Follow journal at each host. + -j|--journal) + shift + "$0" journalctl -n0 -ocat --follow --all ::: "$@" \ + | while read line; do + printf '%s %s\n' "$(date --rfc-3339=s)" "$line" + done + ;; + + -*) + echo $0: unknown option: $1 >&2 + exit 1 + ;; + + # usage: pssh command [arg...] ::: host... + # Run command at each host. + *) + exec parallel \ + --line-buffer \ + -j0 \ + --no-notice \ + --tagstring {} \ + ssh -T {} "$@" + ;; + + esac +'' From 0c09572004675aa8ac4a3aab252dc373f045ce76 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 08:30:16 +0200 Subject: [PATCH 38/40] tv wu systemPackages += pssh --- tv/1systems/wu.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 622fd721a..da60738e6 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -86,6 +86,7 @@ with lib; p7zip pavucontrol posix_man_pages + pssh qrencode sxiv texLive From bf2ef5c76ba3ee84a067b26da40334a4dd192be4 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 08:57:53 +0200 Subject: [PATCH 39/40] tv {cd,nomic} += ntp --- tv/1systems/cd.nix | 1 + tv/1systems/nomic.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 03c375b9b..bb8124576 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -167,6 +167,7 @@ with lib; iptables mutt # for mv nethogs + ntp # ntpate rxvt_unicode.terminfo tcpdump ]; diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index 028e53539..7010e68b4 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -112,6 +112,7 @@ with lib; exit 23 esac '') + ntp # ntpate rxvt_unicode.terminfo tmux ]; From 83f06535de527c7470f8ff9c8b5e3a4632cf7cb9 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 29 Aug 2015 09:02:00 +0200 Subject: [PATCH 40/40] tv {cd,nomic,wu}: disable consul --- tv/1systems/cd.nix | 2 +- tv/1systems/nomic.nix | 2 +- tv/1systems/wu.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index bb8124576..b385848f1 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -25,7 +25,7 @@ with lib; ../2configs/CAC-Developer-2.nix ../2configs/CAC-CentOS-7-64bit.nix ../2configs/base.nix - ../2configs/consul-server.nix + #../2configs/consul-server.nix ../2configs/git.nix { imports = [ ../2configs/charybdis.nix ]; diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index 7010e68b4..f08e74bbe 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -24,7 +24,7 @@ with lib; imports = [ ../2configs/AO753.nix ../2configs/base.nix - ../2configs/consul-server.nix + #../2configs/consul-server.nix ../2configs/git.nix { tv.iptables = { diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index da60738e6..6cd1565f7 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -24,7 +24,7 @@ with lib; imports = [ ../2configs/w110er.nix ../2configs/base.nix - ../2configs/consul-client.nix + #../2configs/consul-client.nix ../2configs/git.nix ../2configs/mail-client.nix ../2configs/xserver.nix