Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'prism/lassulus'

Browse Source
This commit is contained in:
makefu 2016-11-11 13:44:55 +01:00
commit 4d7f0e6c5b
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
43 changed files with 503 additions and 313 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
krebs/3modules/default.nix
View File

@ -90,11 +90,11 @@ let
};
imp = lib.mkMerge [
{ krebs = import ./lass { inherit config lib; }; }
{ krebs = import ./makefu { inherit config lib; }; }
{ krebs = import ./mv { inherit config lib; }; }
{ krebs = import ./shared { inherit config lib; }; }
{ krebs = import ./tv { inherit config lib; }; }
{ krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; }
{ krebs = import ./mv { inherit config; }; }
{ krebs = import ./shared { inherit config; }; }
{ krebs = import ./tv { inherit config; }; }
{
krebs.dns.providers = {
"krebsco.de" = "zones";
@ -130,7 +130,9 @@ let
shorts = let s = ".${cfg.search-domain}"; in
map (removeSuffix s) (filter (hasSuffix s) longs);
in
map (addr: "${addr} ${toString aliases}") net.addrs
optionals
(aliases != [])
(map (addr: "${addr} ${toString aliases}") net.addrs)
) (filterAttrs (name: host: host.aliases != []) host.nets)
) cfg.hosts
));

2
krebs/3modules/lass/default.nix
View File

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, ... }:
with import <stockholm/lib>;

2
krebs/3modules/makefu/default.nix
View File

@ -1,4 +1,4 @@
{ config, lib, ... }:
{ config, ... }:
with import <stockholm/lib>;

2
krebs/3modules/os-release.nix
View File

@ -13,7 +13,7 @@ let
version-id = "${stockholm-version-id}/${nixos-version-id}";
pretty-name = "${stockholm-pretty-name} / ${nixos-pretty-name}";
home-url = http://cgit.cd.krebsco.de/stockholm;
home-url = http://cgit.ni.krebsco.de/stockholm;
in
{
# http://0pointer.de/public/systemd-man/os-release.html

15
krebs/3modules/retiolum.nix
View File

@ -79,6 +79,15 @@ let
'';
};
hostsArchive = mkOption {
type = types.package;
default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} ''
${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts
${pkgs.gnutar}/bin/tar -hcjf $out hosts
'';
readOnly = true;
};
hostsPackage = mkOption {
type = types.package;
default = pkgs.stdenv.mkDerivation {
@ -125,7 +134,11 @@ let
connectTo = mkOption {
type = types.listOf types.str;
default = [ "fastpoke" "cd" "prism" "gum" ];
${if tinc.config.netname == "retiolum" then "default" else null} = [
"gum"
"ni"
"prism"
];
description = ''
The list of hosts in the network which the client will try to connect
to. These hosts should have an 'Address' configured which points to a

55
krebs/3modules/tv/default.nix
View File

@ -78,11 +78,7 @@ with import <stockholm/lib>;
extraZones = {
# TODO generate krebsco.de zone from nets and don't use extraZones at all
"krebsco.de" = ''
krebsco.de. 60 IN MX 5 mx23
mx23 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
cgit 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
cgit.cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
'';
};
nets = {
@ -90,11 +86,7 @@ with import <stockholm/lib>;
ip4.addr = "45.62.237.203";
aliases = [
"cd.i"
"cd.internet"
"cd.krebsco.de"
"cgit.cd.krebsco.de"
"cd.viljetic.de"
"cgit.cd.viljetic.de"
];
ssh.port = 11423;
};
@ -218,6 +210,53 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1vJsAddvxMA84u9iJEOrIkKn7pQiemMbfW5cfK1d7g root@mu";
};
ni = {
extraZones = {
"krebsco.de" = ''
krebsco.de. 60 IN MX 5 ni
ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
'';
};
nets = {
internet = {
ip4.addr = "188.68.36.196";
aliases = [
"cgit.ni.i"
"ni.i"
];
ssh.port = 11423;
};
retiolum = {
via = config.krebs.hosts.ni.nets.internet;
ip4.addr = "10.243.113.223";
ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af4";
aliases = [
"ni.r"
"ni.retiolum"
"cgit.ni.r"
"cgit.ni.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA7NHuW8eLVhpBfL70WwcSGVmv4dijKLJs5cH/BmqK8zN2lpiLKt12
bhaE1YEhGoGma7Kef1Fa0V9xUkJy6C1+sVlfWp/LeY8VRSX5E3u36TEl6kl/4zu6
Ea/44BoGUSOC9ImxVEX51czA10PFjUSrGFyK0oaRlKNsTwwpNiBOY7/6i74bhn59
OIsySRUBd2QPjYhJkiuc7gltVfwt6wteZh8R4w2rluVGYLQPsmN/XEWgJbhzI4im
W+3/bdewHVF1soZWtdocPLeXTn5HETX5g8p2V3bwYL37oIwkCcYxOeQtT7W+lNJ2
NvIiVh4Phojl4dBUgUQGT0NApMnsaG/4LJpSC4AGiqbsznBdSPhepob7zJggPnWY
nfAs+YrUUZp1wovhSgWfYTRglRuyYvWkoGbq411H1efawyZ0gcMr+HQlSn2keQOv
lbcvdgOAxQiEcPVixPq3mTeKaSxWyIJGFceuqtnILGifRNvViX0uo9g5rLQ41PrJ
9F3azz3gD2Uh73j5pvLU72cge7p1a7epPYWTJYf8oc5JcI3nYTKpSqH8IYaWUjv9
q0NwOYFDhYtUcTwdbUNl/tUWKyBcovIe7f40723pHSijiPV2WDZC2M/mOc3dvWKF
Mf00uin+7uMuKtnG6+1z5nKb/AWrqN1RZu0rnG/IkZPKwa19HYsYcOkCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
};
nomic = {
cores = 2;
nets = {

2
krebs/5pkgs/cac-api/default.nix
View File

@ -4,7 +4,7 @@ stdenv.mkDerivation {
name = "cac-api-1.1.2";
src = fetchgit {
url = http://cgit.cd.krebsco.de/cac-api;
url = http://cgit.ni.krebsco.de/cac-api;
rev = "67e93510e7742acae44db30275abbfe671aa9b7b";
sha256 = "1vxh57j7vrq5sg9j1sam0538kkkhqpgf230vvdz2ifzgkj01z27l";
};

2
krebs/5pkgs/get/default.nix
View File

@ -4,7 +4,7 @@ stdenv.mkDerivation {
name = "get-1.4.1";
src = fetchgit {
url = http://cgit.cd.krebsco.de/get;
url = http://cgit.ni.krebsco.de/get;
rev = "41c0c35805ec1708729f73d14650d8ebc94a405b";
sha256 = "0rx1qsbb4py14795yhhqwlvaibj2569fqm7x2671l868xi59h9f9";
};

8
krebs/5pkgs/github-hosts-sync/default.nix
View File

@ -1,13 +1,9 @@
{ stdenv, fetchgit, pkgs, ... }:
{ pkgs, stdenv, ... }:
stdenv.mkDerivation {
name = "github-hosts-sync";
src = fetchgit {
url = https://github.com/krebscode/painload;
rev = "35ccac73d563ad30d2851b9aeed4cfef69ff74e3";
sha256 = "1y1fs2p3xj2yrqpw0h5kd0f3c5p1y70xk1hjnw99sr33r67s9c35";
};
src = pkgs.painload;
phases = [
"unpackPhase"

2
krebs/5pkgs/haskell-overrides/blessings.nix
View File

@ -3,7 +3,7 @@ mkDerivation {
pname = "blessings";
version = "1.0.0";
src = fetchgit {
url = http://cgit.cd.krebsco.de/blessings;
url = http://cgit.ni.krebsco.de/blessings;
rev = "25a510dcb38ea9158e9969d56eb66cb1b860ab5f";
sha256 = "0xg329h1y68ndg4w3m1jp38pkg3gqg7r19q70gqqj4mswb6qcrqc";
};

17
krebs/5pkgs/haskell-overrides/hyphenation.nix Normal file
View File

@ -0,0 +1,17 @@
# Same as upstream but with doCheck = false because doctest has wrong version.
{ mkDerivation, base, bytestring, containers, directory
, filepath, unordered-containers, zlib, stdenv
}:
mkDerivation {
pname = "hyphenation";
version = "0.6";
sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7";
libraryHaskellDepends = [
base bytestring containers unordered-containers zlib
];
homepage = "http://github.com/ekmett/hyphenation";
description = "Configurable Knuth-Liang hyphenation";
license = stdenv.lib.licenses.bsd3;
hydraPlatforms = stdenv.lib.platforms.none;
doCheck = false;
}

2
krebs/5pkgs/haskell-overrides/scanner.nix
View File

@ -3,7 +3,7 @@ mkDerivation {
pname = "scanner";
version = "1.0.0";
src = fetchgit {
url = http://cgit.cd.krebsco.de/scanner;
url = http://cgit.ni.krebsco.de/scanner;
rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad";
sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn";
};

2
krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix
View File

@ -5,7 +5,7 @@ mkDerivation {
pname = "xmonad-stockholm";
version = "1.1.0";
src = fetchgit {
url = http://cgit.cd.krebsco.de/xmonad-stockholm;
url = http://cgit.ni.krebsco.de/xmonad-stockholm;
rev = "179d29fd4c765dee698058ef63295331ac603639";
sha256 = "0c6mj68xsxxr4j8adkzhjszi7bg6cpisrsmqn587a16sblpbrnkj";
};

2
krebs/5pkgs/much/default.nix
View File

@ -12,7 +12,7 @@ mkDerivation {
pname = "much";
version = "1.0.0";
src = fetchgit {
url = "http://cgit.cd.krebsco.de/much";
url = "http://cgit.ni.krebsco.de/much";
rev = "045dc986b4de225a927175f81c8ccfdab450202c";
sha256 = "17jbw7x82a3bgn1qv5k764f103knrf865dmx48h7192vdh8gz766";
};

7
krebs/5pkgs/painload/default.nix Normal file
View File

@ -0,0 +1,7 @@
{ fetchgit, ... }:
fetchgit {
url = https://github.com/krebscode/painload;
rev = "8df031f810a2776d8c43b03a9793cb49398bd33b";
sha256 = "03md5k6fmz0j1ny22iw96dzq7cvijbz24ii85i0h2dhcychdp650";
}

2
krebs/5pkgs/populate/default.nix
View File

@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
version = "1.2.0";
src = fetchgit {
url = http://cgit.cd.krebsco.de/populate;
url = http://cgit.ni.krebsco.de/populate;
rev = "refs/tags/v${version}";
sha256 = "0q3110hkkxn9bc3a63xbx1hyd1fpzz4wrck4lng3j5a9i1y1jm07";
};

2
krebs/5pkgs/push/default.nix
View File

@ -13,7 +13,7 @@ stdenv.mkDerivation {
name = "push-1.1.2";
src = fetchgit {
url = http://cgit.cd.krebsco.de/push;
url = http://cgit.ni.krebsco.de/push;
rev = "da5b3a4b05ef822cc41d36b6cc2071a2e78506d4";
sha256 = "0gfxz207lm11g77rw02jcqpvzhx07j9hzgjgscbmslzl5r8icd6g";
};

2
krebs/5pkgs/with-tmpdir/default.nix
View File

@ -4,7 +4,7 @@ stdenv.mkDerivation {
name = "with-tmpdir-1";
src = fetchgit {
url = http://cgit.cd.krebsco.de/with-tmpdir;
url = http://cgit.ni.krebsco.de/with-tmpdir;
rev = "3243c02ed8cd27a04c080bd39560204980f6c16a";
sha256 = "80ee6cafb2c337999ddcd1e41747d6256b7cfcea605358c2046eb7e3729555c6";
};

3
lass/1systems/prism.nix
View File

@ -229,6 +229,9 @@ in {
enable = true;
};
}
{
virtualisation.libvirtd.enable = true;
}
];
krebs.build.host = config.krebs.hosts.prism;

4
lass/1systems/shodan.nix
View File

@ -75,6 +75,10 @@ with import <stockholm/lib>;
fsType = "tmpfs";
options = ["nosuid" "nodev" "noatime"];
};
"/bku" = {
device = "/dev/pool/bku";
fsType = "ext4";
};
};
services.udev.extraRules = ''

53
lass/2configs/buildbot-standalone.nix
View File

@ -25,20 +25,6 @@ in {
pollinterval=120))
'';
scheduler = {
force-scheduler = ''
sched.append(schedulers.ForceScheduler(
name="force",
builderNames=["fast-tests"]))
'';
fast-tests-scheduler = ''
# test everything real quick
sched.append(schedulers.SingleBranchScheduler(
## all branches
change_filter=util.ChangeFilter(branch_re=".*"),
treeStableTimer=10,
name="fast-all-branches",
builderNames=["fast-tests"]))
'';
build-scheduler = ''
# build all hosts
sched.append(schedulers.SingleBranchScheduler(
@ -113,43 +99,6 @@ in {
'';
fast-tests = ''
f = util.BuildFactory()
f.addStep(grab_repo)
for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]:
addShell(f,name="build-{}".format(i),env=env_lass,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=eval \
system={}".format(i)])
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
addShell(f,name="build-{}".format(i),env=env_makefu,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=eval \
system={}".format(i)])
for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf" ]:
addShell(f,name="build-{}".format(i),env=env_shared,
command=nixshell + \
["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
make \
test \
target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
method=eval \
system={}".format(i)])
bu.append(util.BuilderConfig(name="fast-tests",
slavenames=slavenames,
factory=f))
'';
build-pkgs = ''
f = util.BuildFactory()
f.addStep(grab_repo)
@ -212,7 +161,7 @@ in {
irc = {
enable = true;
nick = "buildbot-lass";
server = "cd.retiolum";
server = "ni.r";
channels = [ { channels = "retiolum"; } ];
allowForce = true;
};

2
lass/2configs/git.nix
View File

@ -54,7 +54,7 @@ let
# TODO make nick = config.krebs.build.host.name the default
nick = config.krebs.build.host.name;
channel = "#retiolum";
server = "cd.retiolum";
server = "ni.r";
verbose = config.krebs.build.host.name == "prism";
branches = [ "master" ];
};

4
lass/2configs/repo-sync.nix
View File

@ -15,7 +15,7 @@ let
nick = config.networking.hostName;
verbose = false;
channel = "#retiolum";
server = "cd.retiolum";
server = "ni.r";
branches = [ "newest" ];
};
});
@ -41,7 +41,7 @@ let
mirror.url = "${mirror}${name}";
};
tv = {
origin.url = "http://cgit.cd/${name}";
origin.url = "http://cgit.ni.i/${name}";
mirror.url = "${mirror}${name}";
};
lassulus = {

21
lass/2configs/websites/domsen.nix
View File

@ -103,27 +103,6 @@ in {
"o_ubikmedia_de"
];
krebs.backup.plans = {
prism-sql-domsen = {
method = "push";
src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-sql"; };
startAt = "00:01";
};
prism-http-domsen = {
method = "push";
src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-http"; };
startAt = "00:10";
};
prism-o-ubikmedia-domsen = {
method = "push";
src = { host = config.krebs.hosts.prism; path = "/srv/o.ubikmedia.de-data"; };
dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-owncloud"; };
startAt = "00:30";
};
};
services.phpfpm.phpOptions = ''
sendmail_path = ${sendmail} -t
upload_max_filesize = 100M

47
lass/2configs/websites/lassulus.nix
View File

@ -37,6 +37,31 @@ in {
};
};
krebs.tinc_graphs.enable = true;
users.users.lass-stuff = {
uid = genid "lass-stuff";
description = "lassul.us blog cgi stuff";
home = "/var/empty";
};
services.phpfpm.poolConfigs."lass-stuff" = ''
listen = /var/run/lass-stuff.socket
user = lass-stuff
group = nginx
pm = dynamic
pm.max_children = 5
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 1
listen.owner = lass-stuff
listen.group = nginx
php_admin_value[error_log] = 'stderr'
php_admin_flag[log_errors] = on
catch_workers_output = yes
security.limit_extensions =
'';
users.groups.lasscert.members = [
"dovecot2"
"ejabberd"
@ -53,6 +78,28 @@ in {
(nameValuePair "/.well-known/acme-challenge" ''
root /var/lib/acme/challenges/lassul.us/;
'')
(nameValuePair "= /retiolum-hosts.tar.bz2" ''
alias ${config.krebs.tinc.retiolum.hostsArchive};
'')
(nameValuePair "/tinc" ''
alias ${config.krebs.tinc_graphs.workingDir}/external;
'')
(let
script = pkgs.writeBash "test" ''
echo "hello world"
'';
#script = pkgs.execve "ddate-wrapper" {
# filename = "${pkgs.ddate}/bin/ddate";
# argv = [];
#};
in nameValuePair "= /ddate" ''
gzip off;
fastcgi_pass unix:/var/run/lass-stuff.socket;
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param DOCUMENT_ROOT /var/empty;
fastcgi_param SCRIPT_FILENAME ${script};
fastcgi_param SCRIPT_NAME ${script};
'')
];
ssl = {
enable = true;

2
lass/2configs/websites/util.nix
View File

@ -79,6 +79,8 @@ rec {
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /srv/http/${domain}/;

183
lass/5pkgs/q/default.nix
View File

@ -55,47 +55,143 @@ let
fi
'';
q-power_supply = ''
q-intel_backlight = ''
cd /sys/class/backlight/intel_backlight
</dev/null exec ${pkgs.gawk}/bin/awk '
END {
getline actual_brightness < "actual_brightness"
getline max_brightness < "max_brightness"
getline brightness < "brightness"
printf "intel_backlight %d%% %d/%d\n" \
, actual_brightness / max_brightness * 100 \
, actual_brightness \
, max_brightness
}
'
'';
q-power_supply = let
power_supply = pkgs.writeBash "power_supply" ''
set -efu
uevent=$1
eval "$(${pkgs.gnused}/bin/sed -n '
s/^\([A-Z_]\+=[0-9A-Za-z_-]*\)$/export \1/p
' $uevent)"
case $POWER_SUPPLY_NAME in
AC)
exit # not battery
;;
esac
exec </dev/null
exec ${pkgs.gawk}/bin/awk '
function die(s) {
printf "%s: %s\n", name, s
exit 1
}
function print_hm(h, m) {
m = (h - int(h)) * 60
return sprintf("%dh%dm", h, m)
}
function print_bar(n, r, t1, t2, t_col) {
t1 = int(r * n)
t2 = n - t1
if (r >= .42) t_col = "1;32"
else if (r >= 23) t_col = "1;33"
else if (r >= 11) t_col = "1;31"
else t_col = "5;1;31"
return sgr(t_col) strdup("", t1) sgr(";30") strdup("", t2) sgr()
}
function sgr(p) {
return "\x1b[" p "m"
}
function strdup(s,n,t) {
t = sprintf("%"n"s","")
gsub(/ /,s,t)
return t
}
END {
name = ENVIRON["POWER_SUPPLY_NAME"]
charge_unit = "Ah"
charge_now = ENVIRON["POWER_SUPPLY_CHARGE_NOW"] / 10^6
charge_full = ENVIRON["POWER_SUPPLY_CHARGE_FULL"] / 10^6
current_unit = "A"
current_now = ENVIRON["POWER_SUPPLY_CURRENT_NOW"] / 10^6
energy_unit = "Wh"
energy_now = ENVIRON["POWER_SUPPLY_ENERGY_NOW"] / 10^6
energy_full = ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6
power_unit = "W"
power_now = ENVIRON["POWER_SUPPLY_POWER_NOW"] / 10^6
voltage_unit = "V"
voltage_now = ENVIRON["POWER_SUPPLY_VOLTAGE_NOW"] / 10^6
voltage_min_design = ENVIRON["POWER_SUPPLY_VOLTAGE_MIN_DESIGN"] / 10^6
#printf "charge_now: %s\n", charge_now
#printf "charge_full: %s\n", charge_full
#printf "current_now: %s\n", current_now
#printf "energy_now: %s\n", energy_now
#printf "energy_full: %s\n", energy_full
#printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"]
#printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6
#printf "power_now: %s\n", power_now
#printf "voltage_now: %s\n", voltage_now
if (current_now == 0 && voltage_now != 0) {
current_now = power_now / voltage_now
}
if (power_now == 0) {
power_now = current_now * voltage_now
}
if (charge_now == 0 && voltage_min_design != 0) {
charge_now = energy_now / voltage_min_design
}
if (energy_now == 0) {
energy_now = charge_now * voltage_min_design
}
if (charge_full == 0 && voltage_min_design != 0) {
charge_full = energy_full / voltage_min_design
}
if (energy_full == 0) {
energy_full = charge_full * voltage_min_design
}
if (charge_now == 0 || charge_full == 0) {
die("unknown charge")
}
charge_ratio = charge_now / charge_full
out = out name
out = out sprintf(" %s", print_bar(10, charge_ratio))
out = out sprintf(" %d%", charge_ratio * 100)
out = out sprintf(" %.2f%s", charge_now, charge_unit)
if (current_now != 0) {
out = out sprintf("/%.1f%s", current_now, current_unit)
}
out = out sprintf(" %d%s", energy_full, energy_unit)
if (power_now != 0) {
out = out sprintf("/%.1f%s", power_now, power_unit)
}
if (current_now != 0) {
out = out sprintf(" %s", print_hm(charge_now / current_now))
}
print out
}
'
'';
in ''
for uevent in /sys/class/power_supply/*/uevent; do
if test -f $uevent; then
eval "$(${pkgs.gnused}/bin/sed -n '
s/^\([A-Z_]\+=\)\(.*\)/\1'\'''\2'\'''/p
' $uevent)"
if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then
continue
fi
charge_percentage=$(echo "
scale=2
$POWER_SUPPLY_CHARGE_NOW / $POWER_SUPPLY_CHARGE_FULL
" | ${pkgs.bc}/bin/bc)
lfc=$POWER_SUPPLY_CHARGE_FULL
rc=$POWER_SUPPLY_CHARGE_NOW
#rc=2800
N=78; N=76
N=10
n=$(echo $N-1 | ${pkgs.bc}/bin/bc)
centi=$(echo "$rc*100/$lfc" | ${pkgs.bc}/bin/bc)
deci=$(echo "$rc*$N/$lfc" | ${pkgs.bc}/bin/bc)
energy_evel=$(
echo -n ' ' # TRIGRAM FOR THUNDER
if test $centi -ge 42; then echo -n ''
elif test $centi -ge 23; then echo -n ''
elif test $centi -ge 11; then echo -n ''
else echo -n ''; fi
for i in $(${pkgs.coreutils}/bin/seq 1 $deci); do
echo -n
done
echo -n ''
for i in $(${pkgs.coreutils}/bin/seq $deci $n); do
echo -n
done
echo '' $rc #/ $lfc
)
echo "$energy_evel $charge_percentage"
fi
${power_supply} "$uevent" || :
done
'';
@ -171,15 +267,20 @@ in
pkgs.writeBashBin "q" ''
set -eu
export PATH=/var/empty
(${q-todo}) || :
if [ "$PWD" != "$HOME" ]; then
(HOME=$PWD; ${q-todo}) || :
fi
echo
${q-cal}
echo
${q-isodate}
(${q-gitdir}) &
(${q-intel_backlight}) &
(${q-power_supply}) &
(${q-virtualization}) &
(${q-wireless}) &
(${q-online}) &
(${q-thermal_zone}) &
wait
${q-todo}
''

4
lass/5pkgs/xmonad-lass.nix
View File

@ -112,14 +112,14 @@ displaySomeException = displayException
myKeyMap :: [([Char], X ())]
myKeyMap =
[ ("M4-<F11>", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f")
, ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png")
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
, ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume 0 +4%")
, ("<XF86AudioLowerVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume 0 -4%")
, ("<XF86AudioMute>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute 0 toggle")
, ("<XF86AudioMicMute>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-source-mute 1 toggle")
, ("<XF86Launch1>", gridselectWorkspace gridConfig W.view)
, ("<XF86MonBrightnessUp>", spawn "xbacklight -steps 1 -time 1 -inc 10")
, ("<XF86MonBrightnessDown>", spawn "xbacklight -steps 1 -time 1 -dec 10")
, ("M4-C-k", spawn "${pkgs.xorg.xkill}/bin/xkill")
, ("M4-a", focusUrgent)
, ("M4-S-r", renameWorkspace def)

2
makefu/1systems/gum.nix
View File

@ -41,7 +41,7 @@ in {
'';
connectTo = [
"muhbaasu" "tahoe" "flap" "wry"
"cd"
"ni"
"fastpoke" "prism" "dishfire" "echelon" "cloudkrebs"
];
};

2
makefu/1systems/pnp.nix
View File

@ -36,7 +36,7 @@
enable = true;
debug = true;
extraEnviron = {
REAKTOR_HOST = "cd.retiolum";
REAKTOR_HOST = "ni.r";
};
plugins = with pkgs.ReaktorPlugins; [ stockholm-issue nixos-version sed-plugin ];
channels = [ "#retiolum" ];

2
makefu/2configs/git/brain-retiolum.nix
View File

@ -29,7 +29,7 @@ let
nick = config.networking.hostName;
channel = "#retiolum";
# TODO remove the hardcoded hostname
server = "cd.retiolum";
server = "ni.r";
};
};
};

2
makefu/2configs/git/cgit-retiolum.nix
View File

@ -52,7 +52,7 @@ let
verbose = config.krebs.build.host.name == "gum";
channel = "#retiolum";
# TODO remove the hardcoded hostname
server = "cd.retiolum";
server = "ni.r";
};
};
};

2
shared/2configs/cgit-mirror.nix
View File

@ -17,7 +17,7 @@ let
nick = config.networking.hostName;
verbose = false;
channel = "#retiolum";
server = "cd.retiolum";
server = "ni.r";
};
};
};

2
shared/2configs/repo-sync.nix
View File

@ -13,7 +13,7 @@ with lib;
mirror.url = mirror;
};
tv = {
origin.url = http://cgit.cd/stockholm ;
origin.url = http://cgit.ni.r/stockholm;
mirror.url = mirror;
};
lassulus = {

2
shared/2configs/shared-buildbot.nix
View File

@ -158,7 +158,7 @@
irc = {
enable = true;
nick = "wolfbot";
server = "cd.retiolum";
server = "ni.r";
channels = [ { channel = "retiolum"; } ];
allowForce = true;
};

78
tv/1systems/cd.nix
View File

@ -10,85 +10,7 @@ with import <stockholm/lib>;
../2configs/hw/CAC-Developer-2.nix
../2configs/fs/CAC-CentOS-7-64bit.nix
../2configs/exim-smarthost.nix
../2configs/git.nix
../2configs/retiolum.nix
../2configs/urlwatch.nix
{
tv.charybdis = {
enable = true;
ssl_cert = ../Zcerts/charybdis_cd.crt.pem;
};
tv.iptables.input-retiolum-accept-tcp = [
config.tv.charybdis.port
config.tv.charybdis.sslport
];
}
{
tv.ejabberd = {
enable = true;
hosts = [ "jabber.viljetic.de" ];
};
tv.iptables.input-internet-accept-tcp = [
"xmpp-client"
"xmpp-server"
];
}
{
krebs.github-hosts-sync.enable = true;
tv.iptables.input-internet-accept-tcp =
singleton config.krebs.github-hosts-sync.port;
}
{
krebs.nginx.servers.cgit.server-names = [
"cgit.cd.krebsco.de"
"cgit.cd.viljetic.de"
];
# TODO make public_html also available to cd, cd.retiolum (AKA default)
krebs.nginx.servers."https://viljetic.de" = {
server-names = singleton "viljetic.de";
listen = mkForce []; # disable default
ssl = {
enable = true;
certificate = "/var/lib/acme/viljetic.de/fullchain.pem";
certificate_key = "/var/lib/acme/viljetic.de/key.pem";
};
locations = [
(nameValuePair "/" ''
root ${pkgs.viljetic-pages};
'')
(nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
alias /home/$1/public_html$2;
'')
];
};
krebs.nginx.servers."http://viljetic.de" = {
server-names = singleton "viljetic.de";
locations = [
(nameValuePair "/.well-known/acme-challenge/" ''
root /var/lib/acme/challenges/viljetic.de/;
'')
(nameValuePair "/" ''
return 301 https://viljetic.de$request_uri;
'')
];
};
security.acme = {
certs."viljetic.de" = {
email = "tomislav@viljetic.de";
webroot = "/var/lib/acme/challenges/viljetic.de";
plugins = [
"account_key.json"
"key.pem"
"fullchain.pem"
];
user = "nginx";
};
};
tv.iptables.input-internet-accept-tcp = [
"http"
"https"
];
}
];
networking = {

1
tv/1systems/xu.nix
View File

@ -54,6 +54,7 @@ with import <stockholm/lib>;
jq
mkpasswd
netcat
netcup
nix-repl
nmap
p7zip

17
tv/2configs/default.nix
View File

@ -14,7 +14,7 @@ with import <stockholm/lib>;
stockholm.file = "/home/tv/stockholm";
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
ref = "e4fb65a3627f8c17a2f92c08bf302dc30f0a8db9";
ref = "1e1112edc57e93046f35707b874d2a4f3ff321e6";
};
} // optionalAttrs host.secure {
secrets-master.file = "/home/tv/secrets/master";
@ -112,13 +112,14 @@ with import <stockholm/lib>;
};
}
(let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
environment.variables = {
CURL_CA_BUNDLE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
})
{
environment.variables =
flip genAttrs (_: "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt") [
"CURL_CA_BUNDLE"
"GIT_SSL_CAINFO"
"SSL_CERT_FILE"
];
}
{
services.cron.enable = false;

7
tv/2configs/git.nix
View File

@ -32,6 +32,9 @@ let
get = {};
hack = {};
load-env = {};
loldns = {
cgit.desc = "toy DNS server";
};
make-snapshot = {};
much = {};
netcup = {
@ -81,12 +84,12 @@ let
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = optionalAttrs (config.krebs.build.host.name == "cd") {
hooks = optionalAttrs (config.krebs.build.host.name == "ni") {
post-receive = pkgs.git-hooks.irc-announce {
# TODO make nick = config.krebs.build.host.name the default
nick = config.krebs.build.host.name;
channel = "#retiolum";
server = "cd.retiolum";
server = "ni.r";
verbose = true;
};
};

3
tv/2configs/retiolum.nix
View File

@ -7,9 +7,8 @@ with import <stockholm/lib>;
enable = true;
connectTo = filter (ne config.krebs.build.host.name) [
"gum"
"ni"
"prism"
"echelon"
"cd"
];
tincPackage = pkgs.tinc_pre;
};

32
tv/5pkgs/netcup/default.nix Normal file
View File

@ -0,0 +1,32 @@
{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, w3m, ... }:
with import <stockholm/lib>;
let
readJSON = path: fromJSON (readFile path);
sed.escape = replaceChars ["/"] ["\\/"]; # close enough
PATH = makeBinPath [
coreutils
curl
gawk
gnugrep
gnused
jq
w3m
];
in
stdenv.mkDerivation {
name = "netcup-1.0.0";
src = fetchgit {
url = "http://cgit.ni.krebsco.de/netcup";
rev = "tags/v1.0.0";
sha256 = "0m6mk16pblvnapxykxdccvphslbv1gjfziyr86bnqin1xb1g99bq";
};
phases = [ "unpackPhase" "patchPhase" "installPhase" ];
patchPhase = ''
path=${shell.escape (sed.escape PATH)}
sed -i "1s/.*/&\nPATH=$path/" vcp
'';
installPhase = ''
mkdir -p $out/bin
cp vcp $out/bin
'';
}

177
tv/5pkgs/q/default.nix
View File

@ -62,47 +62,143 @@ let
fi
'';
q-power_supply = ''
q-intel_backlight = ''
cd /sys/class/backlight/intel_backlight
</dev/null exec ${pkgs.gawk}/bin/awk '
END {
getline actual_brightness < "actual_brightness"
getline max_brightness < "max_brightness"
getline brightness < "brightness"
printf "intel_backlight %d%% %d/%d\n" \
, actual_brightness / max_brightness * 100 \
, actual_brightness \
, max_brightness
}
'
'';
q-power_supply = let
power_supply = pkgs.writeBash "power_supply" ''
set -efu
uevent=$1
eval "$(${pkgs.gnused}/bin/sed -n '
s/^\([A-Z_]\+=[0-9A-Za-z_-]*\)$/export \1/p
' $uevent)"
case $POWER_SUPPLY_NAME in
AC)
exit # not battery
;;
esac
exec </dev/null
exec ${pkgs.gawk}/bin/awk '
function die(s) {
printf "%s: %s\n", name, s
exit 1
}
function print_hm(h, m) {
m = (h - int(h)) * 60
return sprintf("%dh%dm", h, m)
}
function print_bar(n, r, t1, t2, t_col) {
t1 = int(r * n)
t2 = n - t1
if (r >= .42) t_col = "1;32"
else if (r >= 23) t_col = "1;33"
else if (r >= 11) t_col = "1;31"
else t_col = "5;1;31"
return sgr(t_col) strdup("", t1) sgr(";30") strdup("", t2) sgr()
}
function sgr(p) {
return "\x1b[" p "m"
}
function strdup(s,n,t) {
t = sprintf("%"n"s","")
gsub(/ /,s,t)
return t
}
END {
name = ENVIRON["POWER_SUPPLY_NAME"]
charge_unit = "Ah"
charge_now = ENVIRON["POWER_SUPPLY_CHARGE_NOW"] / 10^6
charge_full = ENVIRON["POWER_SUPPLY_CHARGE_FULL"] / 10^6
current_unit = "A"
current_now = ENVIRON["POWER_SUPPLY_CURRENT_NOW"] / 10^6
energy_unit = "Wh"
energy_now = ENVIRON["POWER_SUPPLY_ENERGY_NOW"] / 10^6
energy_full = ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6
power_unit = "W"
power_now = ENVIRON["POWER_SUPPLY_POWER_NOW"] / 10^6
voltage_unit = "V"
voltage_now = ENVIRON["POWER_SUPPLY_VOLTAGE_NOW"] / 10^6
voltage_min_design = ENVIRON["POWER_SUPPLY_VOLTAGE_MIN_DESIGN"] / 10^6
#printf "charge_now: %s\n", charge_now
#printf "charge_full: %s\n", charge_full
#printf "current_now: %s\n", current_now
#printf "energy_now: %s\n", energy_now
#printf "energy_full: %s\n", energy_full
#printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"]
#printf "energy_full: %s\n", ENVIRON["POWER_SUPPLY_ENERGY_FULL"] / 10^6
#printf "power_now: %s\n", power_now
#printf "voltage_now: %s\n", voltage_now
if (current_now == 0 && voltage_now != 0) {
current_now = power_now / voltage_now
}
if (power_now == 0) {
power_now = current_now * voltage_now
}
if (charge_now == 0 && voltage_min_design != 0) {
charge_now = energy_now / voltage_min_design
}
if (energy_now == 0) {
energy_now = charge_now * voltage_min_design
}
if (charge_full == 0 && voltage_min_design != 0) {
charge_full = energy_full / voltage_min_design
}
if (energy_full == 0) {
energy_full = charge_full * voltage_min_design
}
if (charge_now == 0 || charge_full == 0) {
die("unknown charge")
}
charge_ratio = charge_now / charge_full
out = out name
out = out sprintf(" %s", print_bar(10, charge_ratio))
out = out sprintf(" %d%", charge_ratio * 100)
out = out sprintf(" %.2f%s", charge_now, charge_unit)
if (current_now != 0) {
out = out sprintf("/%.1f%s", current_now, current_unit)
}
out = out sprintf(" %d%s", energy_full, energy_unit)
if (power_now != 0) {
out = out sprintf("/%.1f%s", power_now, power_unit)
}
if (current_now != 0) {
out = out sprintf(" %s", print_hm(charge_now / current_now))
}
print out
}
'
'';
in ''
for uevent in /sys/class/power_supply/*/uevent; do
if test -f $uevent; then
eval "$(${pkgs.gnused}/bin/sed -n '
s/^\([A-Z_]\+=\)\(.*\)/\1'\'''\2'\'''/p
' $uevent)"
if test "x''${POWER_SUPPLY_CHARGE_NOW-}" = x; then
continue
fi
charge_percentage=$(echo "
scale=2
$POWER_SUPPLY_CHARGE_NOW / $POWER_SUPPLY_CHARGE_FULL
" | ${pkgs.bc}/bin/bc)
lfc=$POWER_SUPPLY_CHARGE_FULL
rc=$POWER_SUPPLY_CHARGE_NOW
#rc=2800
N=78; N=76
N=10
n=$(echo $N-1 | ${pkgs.bc}/bin/bc)
centi=$(echo "$rc*100/$lfc" | ${pkgs.bc}/bin/bc)
deci=$(echo "$rc*$N/$lfc" | ${pkgs.bc}/bin/bc)
energy_evel=$(
echo -n ' ' # TRIGRAM FOR THUNDER
if test $centi -ge 42; then echo -n ''
elif test $centi -ge 23; then echo -n ''
elif test $centi -ge 11; then echo -n ''
else echo -n ''; fi
for i in $(${pkgs.coreutils}/bin/seq 1 $deci); do
echo -n
done
echo -n ''
for i in $(${pkgs.coreutils}/bin/seq $deci $n); do
echo -n
done
echo '' $rc #/ $lfc
)
echo "$energy_evel $charge_percentage"
fi
${power_supply} "$uevent" || :
done
'';
@ -188,6 +284,7 @@ pkgs.writeBashBin "q" ''
${q-isodate}
${q-sgtdate}
(${q-gitdir}) &
(${q-intel_backlight}) &
(${q-power_supply}) &
(${q-virtualization}) &
(${q-wireless}) &

24
tv/Zcerts/charybdis_cd.crt.pem
View File

@ -1,24 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIEGzCCAwOgAwIBAgIJAJJiphQRTzFPMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYD
VQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQHDBlCZW50
bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8GA1UECwwI
cmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcNAQkBFg50
dkB3dS5yZXRpb2x1bTAeFw0xNTA3MTkxODQ2MjhaFw0xNjA3MDkxODQ2MjhaMIGj
MQswCQYDVQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQH
DBlCZW50bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8G
A1UECwwIcmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcN
AQkBFg50dkB3dS5yZXRpb2x1bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyPb37kchbjZi6WsvpQeGOVEBTU8B4E24GkfetbfYtsFqW6pIKN7DlTFKzJ
3WKSLIf/cZuBQJucKuc8QXc5ZEXQ66QyCiX6al0j4C0AnHN17OhgH3yvmioWI4kI
ycD4N5TnaD2V0OK/HlhKCrIEly6+Nczeo+k5vrcgkkSYJivFpgK1r5+taBYiU4cc
Pgke2p3mRpZFfK61Ft6DlAg2rL2NVt7Qk0pp6BgCrtVIl968SmVKAEQBHnSYd9z2
bNE2PH3qI+FLIfioOfXazmogxoQWR9LbKPUQ5nFRDXEJZg1hKDzseUkwV/oU8W3K
a37lOovqy+qwjYELrWP346/OF5UCAwEAAaNQME4wHQYDVR0OBBYEFI7WWP+tabb5
CH5aY5mJcMdKGeaXMB8GA1UdIwQYMBaAFI7WWP+tabb5CH5aY5mJcMdKGeaXMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKAF8hSu7Cgp2jei3GPVOE+R
TtZUePjFJw7iUSYaG1loGfY23IgEzS/jPd/m4jueRTDbtDl7cFTUmKKsF1WWH84l
s49J2HktiHTiHyZphgWFfbjUZO4nbH11Pac64WPfoeTzm9LnM0xXNd/7VCDXRess
a6pXtAQXAZri9HOsAeNO0WFivu4oug2pyUoLE64o3UemSwBi0JW2W1KvuYGnQXEa
HqrFGLBSEQuD4wTePdK0USjhNC8ceMx04b1hUQzuMf8pcXdpkLN6bIOaA/FRxmX9
3L+6CZPVfQvvw10eLjWv3UYgIjOQFCUR4LsvkVxTaEav0KwmyCC4GUr9Vd+n3eQ=
-----END CERTIFICATE-----