Merge remote-tracking branch 'gum/master' into HEAD
This commit is contained in:
commit
5ff77c7c64
@ -12,6 +12,7 @@
|
|||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.puyak;
|
krebs.build.host = config.krebs.hosts.puyak;
|
||||||
|
sound.enable = false;
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
loader.systemd-boot.enable = true;
|
loader.systemd-boot.enable = true;
|
||||||
|
@ -4,8 +4,7 @@ with import <stockholm/lib>;
|
|||||||
let
|
let
|
||||||
|
|
||||||
cfg = config.krebs.Reaktor;
|
cfg = config.krebs.Reaktor;
|
||||||
|
homedir = "/var/lib/Reaktor";
|
||||||
workdir = "/var/lib/Reaktor";
|
|
||||||
|
|
||||||
out = {
|
out = {
|
||||||
options.krebs.Reaktor = api;
|
options.krebs.Reaktor = api;
|
||||||
@ -38,6 +37,14 @@ let
|
|||||||
default = [pkgs.ReaktorPlugins.nixos-version];
|
default = [pkgs.ReaktorPlugins.nixos-version];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
workdir = mkOption {
|
||||||
|
default = "/var/lib/Reaktor";
|
||||||
|
type = types.path;
|
||||||
|
description = ''
|
||||||
|
path to be used as workdir (home dir is still /var/lib/Reaktor)
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
extraConfig = mkOption {
|
extraConfig = mkOption {
|
||||||
default = "";
|
default = "";
|
||||||
type = types.string;
|
type = types.string;
|
||||||
@ -84,7 +91,7 @@ let
|
|||||||
name = "Reaktor";
|
name = "Reaktor";
|
||||||
uid = genid name;
|
uid = genid name;
|
||||||
description = "Reaktor user";
|
description = "Reaktor user";
|
||||||
home = workdir;
|
home = homedir;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -118,7 +125,7 @@ let
|
|||||||
REAKTOR_NICKNAME = botcfg.nickname;
|
REAKTOR_NICKNAME = botcfg.nickname;
|
||||||
REAKTOR_DEBUG = (if botcfg.debug then "True" else "False");
|
REAKTOR_DEBUG = (if botcfg.debug then "True" else "False");
|
||||||
REAKTOR_CHANNELS = lib.concatStringsSep "," botcfg.channels;
|
REAKTOR_CHANNELS = lib.concatStringsSep "," botcfg.channels;
|
||||||
state_dir = workdir;
|
state_dir = botcfg.workdir;
|
||||||
|
|
||||||
} // botcfg.extraEnviron;
|
} // botcfg.extraEnviron;
|
||||||
serviceConfig= {
|
serviceConfig= {
|
||||||
@ -129,6 +136,7 @@ let
|
|||||||
else
|
else
|
||||||
''(${pkgs.Reaktor}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/reaktor-${name}-config.py''
|
''(${pkgs.Reaktor}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/reaktor-${name}-config.py''
|
||||||
}
|
}
|
||||||
|
mkdir -p ${botcfg.workdir}
|
||||||
'';
|
'';
|
||||||
ExecStart = "${pkgs.Reaktor}/bin/reaktor run /tmp/reaktor-${name}-config.py";
|
ExecStart = "${pkgs.Reaktor}/bin/reaktor run /tmp/reaktor-${name}-config.py";
|
||||||
PrivateTmp = "true";
|
PrivateTmp = "true";
|
||||||
|
@ -1,16 +1,15 @@
|
|||||||
{ coreutils, fetchgit, fetchFromGitHub, buildbot-classic, python2Packages, ... }:
|
{ coreutils, fetchgit, git, buildbot-classic, python2Packages, ... }:
|
||||||
|
|
||||||
python2Packages.buildPythonApplication {
|
python2Packages.buildPythonApplication {
|
||||||
name = "buildbot-classic-slave-0.8.12";
|
name = "buildbot-classic-slave-0.8.13";
|
||||||
namePrefix = "";
|
namePrefix = "";
|
||||||
|
|
||||||
src = buildbot-classic.src;
|
src = buildbot-classic.src;
|
||||||
postUnpack = "sourceRoot=\${sourceRoot}/slave";
|
postUnpack = "sourceRoot=\${sourceRoot}/slave";
|
||||||
|
|
||||||
patchPhase = ''
|
patchPhase = ":";
|
||||||
substituteInPlace buildslave/scripts/logwatcher.py --replace /usr/bin/tail ${coreutils}/bin/tail
|
|
||||||
'';
|
|
||||||
|
|
||||||
|
nativeBuildInputs = [ git ];
|
||||||
propagatedBuildInputs = [ python2Packages.twisted ];
|
propagatedBuildInputs = [ python2Packages.twisted ];
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ fetchgit, fetchFromGitHub, python2Packages, ... }:
|
{ fetchgit, fetchFromGitHub, python2Packages, git, ... }:
|
||||||
let
|
let
|
||||||
# https://github.com/NixOS/nixpkgs/issues/14026
|
# https://github.com/NixOS/nixpkgs/issues/14026
|
||||||
nixpkgs-fix = import (fetchgit {
|
nixpkgs-fix = import (fetchgit {
|
||||||
@ -8,18 +8,19 @@ let
|
|||||||
}) {};
|
}) {};
|
||||||
|
|
||||||
in nixpkgs-fix.buildPythonApplication {
|
in nixpkgs-fix.buildPythonApplication {
|
||||||
name = "buildbot-classic-0.8.12";
|
name = "buildbot-classic-0.8.13";
|
||||||
namePrefix = "";
|
namePrefix = "";
|
||||||
patches = [];
|
patches = [];
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchgit {
|
||||||
owner = "krebscode";
|
url = "https://github.com/krebscode/buildbot-classic";
|
||||||
repo = "buildbot-classic";
|
rev = "211ec7815";
|
||||||
rev = "5b4f5f6f1";
|
sha256 = "0cyn406r31qdqhpsih7w83x47b443svpgfhxqd6w3iryv0y1z95i";
|
||||||
sha256 = "1j3xn1gjzvsf90jvfmyln71fzlhjx642ivrqf47zfxpkacljja93";
|
leaveDotGit = true;
|
||||||
|
|
||||||
};
|
};
|
||||||
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
||||||
|
buildInputs = [ git ];
|
||||||
patchPhase =
|
patchPhase =
|
||||||
# The code insists on /usr/bin/tail, /usr/bin/make, etc.
|
# The code insists on /usr/bin/tail, /usr/bin/make, etc.
|
||||||
'' echo "patching erroneous absolute path references..."
|
'' echo "patching erroneous absolute path references..."
|
||||||
@ -32,11 +33,11 @@ in nixpkgs-fix.buildPythonApplication {
|
|||||||
sed -i 's/==/>=/' setup.py
|
sed -i 's/==/>=/' setup.py
|
||||||
'';
|
'';
|
||||||
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = with nixpkgs-fix.pythonPackages; [
|
||||||
python2Packages.jinja2
|
jinja2
|
||||||
python2Packages.twisted
|
twisted
|
||||||
nixpkgs-fix.pythonPackages.dateutil_1_5
|
dateutil_1_5
|
||||||
nixpkgs-fix.pythonPackages.sqlalchemy_migrate_0_7
|
sqlalchemy_migrate_0_7
|
||||||
];
|
];
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
postInstall = ''
|
postInstall = ''
|
||||||
|
@ -18,7 +18,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/virtualization.nix>
|
<stockholm/makefu/2configs/virtualization.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
<stockholm/makefu/2configs/temp-share-samba.nix>
|
<stockholm/makefu/2configs/share/temp-share-samba.nix>
|
||||||
];
|
];
|
||||||
services.samba.shares = {
|
services.samba.shares = {
|
||||||
isos = {
|
isos = {
|
||||||
|
@ -44,7 +44,7 @@ in {
|
|||||||
kernelModules = [ "kvm-amd" ];
|
kernelModules = [ "kvm-amd" ];
|
||||||
extraModulePackages = [ ];
|
extraModulePackages = [ ];
|
||||||
};
|
};
|
||||||
hardware.enableAllFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
hardware.cpu.amd.updateMicrocode = true;
|
hardware.cpu.amd.updateMicrocode = true;
|
||||||
|
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
@ -73,9 +73,9 @@ in {
|
|||||||
xfsmount = name: dev:
|
xfsmount = name: dev:
|
||||||
{ "/media/${name}" = { device = dev; fsType = "xfs"; }; };
|
{ "/media/${name}" = { device = dev; fsType = "xfs"; }; };
|
||||||
in
|
in
|
||||||
# (xfsmount "j0" (part1 jDisk0)) <stockholm/makefu>
|
# (xfsmount "j0" (part1 jDisk0)) //
|
||||||
(xfsmount "j1" (part1 jDisk1)) <stockholm/makefu>
|
(xfsmount "j1" (part1 jDisk1)) //
|
||||||
(xfsmount "j2" (part1 jDisk2)) <stockholm/makefu>
|
(xfsmount "j2" (part1 jDisk2)) //
|
||||||
(xfsmount "par0" (part1 jDisk3))
|
(xfsmount "par0" (part1 jDisk3))
|
||||||
;
|
;
|
||||||
|
|
||||||
|
@ -8,7 +8,6 @@
|
|||||||
[
|
[
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
<stockholm/makefu/2configs/headless.nix>
|
<stockholm/makefu/2configs/headless.nix>
|
||||||
../../krebs/3modules/Reaktor.nix
|
|
||||||
|
|
||||||
# these will be overwritten by qemu-vm.nix but will be used if the system
|
# these will be overwritten by qemu-vm.nix but will be used if the system
|
||||||
# is directly deployed
|
# is directly deployed
|
||||||
|
@ -10,7 +10,8 @@
|
|||||||
<stockholm/makefu/2configs/gui/base.nix>
|
<stockholm/makefu/2configs/gui/base.nix>
|
||||||
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
|
<stockholm/makefu/2configs/fs/sda-crypto-root.nix>
|
||||||
# hardware specifics are in here
|
# hardware specifics are in here
|
||||||
<stockholm/makefu/2configs/hw/tp-x200.nix #< imports tp-x2x0.nix>
|
# imports tp-x2x0.nix
|
||||||
|
<stockholm/makefu/2configs/hw/tp-x200.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/disable_v6.nix>
|
<stockholm/makefu/2configs/disable_v6.nix>
|
||||||
<stockholm/makefu/2configs/rad1o.nix>
|
<stockholm/makefu/2configs/rad1o.nix>
|
||||||
|
@ -140,10 +140,10 @@ in {
|
|||||||
enable = false;
|
enable = false;
|
||||||
databases = [ "nextcloud" ];
|
databases = [ "nextcloud" ];
|
||||||
};
|
};
|
||||||
|
# dataDir is only defined after mysql is enabled
|
||||||
krebs.secret.files.mysql_rootPassword = {
|
# krebs.secret.files.mysql_rootPassword = {
|
||||||
path = "${config.services.mysql.dataDir}/mysql_rootPassword";
|
# path = "${config.services.mysql.dataDir}/mysql_rootPassword";
|
||||||
owner.name = "root";
|
# owner.name = "root";
|
||||||
source-path = toString <secrets> + "/mysql_rootPassword";
|
# source-path = toString <secrets> + "/mysql_rootPassword";
|
||||||
};
|
# };
|
||||||
}
|
}
|
||||||
|
5
makefu/6tests/data/secrets/grafana_security.nix
Normal file
5
makefu/6tests/data/secrets/grafana_security.nix
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
{
|
||||||
|
adminUser = "dick";
|
||||||
|
adminPassword = "butt";
|
||||||
|
}
|
||||||
|
|
4
makefu/6tests/data/secrets/kibana-auth.nix
Normal file
4
makefu/6tests/data/secrets/kibana-auth.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{
|
||||||
|
"dick" = "butt";
|
||||||
|
}
|
||||||
|
|
3
makefu/6tests/data/secrets/nsupdate-search.nix
Normal file
3
makefu/6tests/data/secrets/nsupdate-search.nix
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
{
|
||||||
|
"dick.nsupdate.info" = "butt";
|
||||||
|
}
|
0
makefu/6tests/data/secrets/ssh.id_ed25519
Normal file
0
makefu/6tests/data/secrets/ssh.id_ed25519
Normal file
Loading…
Reference in New Issue
Block a user