From e6c1b057f8fcf97c1809712f34169370c8ff567d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 3 Apr 2023 17:53:32 +0200 Subject: [PATCH 01/32] nixpkgs: e2c9779 -> 884e3b6 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 118415785..67580f2ea 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "e2c97799da5f5cd87adfa5017fba971771e123ef", - "date": "2023-03-20T14:29:52+01:00", - "path": "/nix/store/vxca9w313d1bzw9dx4yaw8c0vrqjxa0p-nixpkgs", - "sha256": "0qff1r8k0m19z1ppzb8gk5xrnlvabjdl3pqwpc3y5bm15qxzk25s", + "rev": "884e3b68be02ff9d61a042bc9bd9dd2a358f95da", + "date": "2023-04-01T09:31:50+02:00", + "path": "/nix/store/92sykpq1h25i4wzlp6k7prdbfnz6dg3k-nixpkgs", + "sha256": "1jgmanzmgbn9lxp0zc55lj1ml09zrkkwb00axx2iii06mbbv6991", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, From a3ddd4ec6a4ac040a771579d45b319c7ba7146f1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 3 Apr 2023 17:53:50 +0200 Subject: [PATCH 02/32] nixpkgs-unstable: 19cf008 -> e3652e0 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 885672736..6949ccefc 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e", - "date": "2023-03-21T23:16:58+01:00", - "path": "/nix/store/rg3f6v4f7mba0kqnhiarj7yg6066cc5v-nixpkgs", - "sha256": "0myq7fnykna5qazbk6hdgahy148yd7f5l8nrxhzllj67y86a5sxw", + "rev": "e3652e0735fbec227f342712f180f4f21f0594f2", + "date": "2023-03-31T00:05:00+02:00", + "path": "/nix/store/0faiv51kalx5iq4a7y9535wlqvhsqqqb-nixpkgs", + "sha256": "1h38yml73lxirxx6ynzmk3h4fw6wlgz8z8105cj733s8cvjyp03h", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, From 09ea83f427d51d8b98ffb762d5cd16a3fe1be80c Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 3 Apr 2023 18:59:13 +0200 Subject: [PATCH 03/32] l aergia.r: remove legacy hidpi --- lass/1systems/aergia/physical.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/1systems/aergia/physical.nix b/lass/1systems/aergia/physical.nix index 023639083..692f68dcc 100644 --- a/lass/1systems/aergia/physical.nix +++ b/lass/1systems/aergia/physical.nix @@ -87,7 +87,6 @@ # textsize services.xserver.dpi = 200; - hardware.video.hidpi.enable = lib.mkDefault true; # corectrl programs.corectrl = { From c1fc2a2902174ec582688dda6567784a8c15945f Mon Sep 17 00:00:00 2001 From: RTUnreal Date: Tue, 11 Apr 2023 20:38:09 +0200 Subject: [PATCH 04/32] kartei/rtunreal: init rtgraphene --- kartei/rtunreal/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/kartei/rtunreal/default.nix b/kartei/rtunreal/default.nix index faa593c63..03b4e192b 100644 --- a/kartei/rtunreal/default.nix +++ b/kartei/rtunreal/default.nix @@ -74,5 +74,11 @@ in tinc.pubkey_ed25519 = "YJE4KD9PhDjxucDAGrbec5Yqqf3A8/VU0J0NV8EPXuN"; }; }; + rtgraphene = { + nets.wiregrill = { + aliases = [ "graphene.rtunreal.w" ]; + wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU="; + }; + }; }; } From b3fc238c9d6ff91963f88c46fec72a1a7ac0a746 Mon Sep 17 00:00:00 2001 From: RTUnreal Date: Tue, 11 Apr 2023 22:15:42 +0200 Subject: [PATCH 05/32] kartei/rtunreal: add ip4 to rtgraphene --- kartei/rtunreal/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/rtunreal/default.nix b/kartei/rtunreal/default.nix index 03b4e192b..9d57c0fce 100644 --- a/kartei/rtunreal/default.nix +++ b/kartei/rtunreal/default.nix @@ -77,6 +77,7 @@ in rtgraphene = { nets.wiregrill = { aliases = [ "graphene.rtunreal.w" ]; + ip4.addr = "10.244.20.20"; wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU="; }; }; From e6ef361bb9b984ccee138c290244e925f97e2907 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 11 Apr 2023 22:35:48 +0200 Subject: [PATCH 06/32] hotdog.r: repo-sync stockholm, define krops --- krebs/1systems/hotdog/config.nix | 1 + krebs/2configs/repo-sync.nix | 110 +++++++------------------------ 2 files changed, 23 insertions(+), 88 deletions(-) diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index a20878487..683556081 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -12,6 +12,7 @@ + diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix index e2be477fd..9f129d81c 100644 --- a/krebs/2configs/repo-sync.nix +++ b/krebs/2configs/repo-sync.nix @@ -22,7 +22,6 @@ let post-receive = pkgs.git-hooks.irc-announce { channel = "#xxx"; refs = [ - "refs/heads/master" "refs/heads/newest" "refs/tags/*" ]; @@ -37,7 +36,6 @@ let { user = with config.krebs.users; [ config.krebs.users."${config.networking.hostName}-repo-sync" - jeschli lass makefu tv @@ -50,7 +48,7 @@ let konsens-user ]; repo = [ repo ]; - perm = push ''refs/heads/master'' [ create merge ]; + perm = push "refs/heads/common" [ create merge ]; } { user = attrValues config.krebs.users; @@ -61,31 +59,18 @@ let repos."${name}" = repo; }; - sync-retiolum = { + sync-repo = { name, + remotes, desc ? "mirror for ${name}", section ? "mirror" }: { krebs.repo-sync.repos.${name} = { - branches = { - lassulus = { - origin.url = "http://cgit.lassul.us/${name}"; - mirror.url = "${mirror}${name}"; - }; - makefu = { - origin.url = "http://cgit.gum/${name}"; - mirror.url = "${mirror}${name}"; - }; - nin = { - origin.url = "http://cgit.onondaga.r/${name}"; - mirror.url = "${mirror}${name}"; - }; - tv = { - origin.url = "http://cgit.ni.r/${name}"; - mirror.url = "${mirror}${name}"; - }; - }; + branches = (lib.mapAttrs' (user: url: lib.nameValuePair user { + origin.url = url; + mirror.url = "${mirror}${name}"; + }) remotes); latest = { url = "${mirror}${name}"; ref = "heads/newest"; @@ -94,24 +79,6 @@ let krebs.git = defineRepo { inherit name desc section; }; }; - sync-remote = { - name, - url, - desc ? "mirror for ${name}", - section ? "mirror" - }: - { - krebs.repo-sync.repos.${name} = { - branches = { - remote = { - origin.url = url; - mirror.url = "${mirror}${name}"; - }; - }; - }; - krebs.git = defineRepo { inherit name desc section; }; - }; - in { krebs.git = { enable = true; @@ -126,7 +93,6 @@ in { krebs.konsens = { enable = true; repos = { - krops = { branchesToCheck = [ "lassulus" "tv" ]; }; stockholm = {}; }; }; @@ -137,52 +103,20 @@ in { }; imports = [ - (sync-retiolum { name = "the_playlist"; desc = "Good Music collection + tools"; section = "art"; }) - - (sync-retiolum { name = "stockholm"; desc = "take all computers hostage, they love it"; section = "configuration"; }) - - (sync-retiolum { name = "cholerab"; desc = "krebs thesauron & enterprise-patterns"; section = "documentation"; }) - - (sync-retiolum { name = "buildbot-classic"; desc = "fork of buildbot"; section = "software"; }) - (sync-retiolum { name = "disko"; desc = "take a description of your disk layout and produce a format script"; section = "software"; }) - (sync-retiolum { name = "news"; desc = "take a rss feed and a timeout and print it to stdout"; section = "software"; }) - (sync-retiolum { name = "krops"; desc = "krebs ops"; section = "software"; }) - (sync-retiolum { name = "go"; desc = "url shortener"; section = "software"; }) - (sync-retiolum { name = "much"; desc = "curses email client"; section = "software"; }) - (sync-retiolum { name = "newsbot-js"; desc = "irc rss/atom bot"; section = "software"; }) - (sync-retiolum { name = "nix-writers"; desc = "high level writers for nix"; section = "software"; }) - - (sync-retiolum { name = "cac-api"; desc = "CloudAtCost API command line interface"; section = "miscellaneous"; }) - (sync-retiolum { name = "dic"; desc = "dict.leo.org command line interface"; section = "miscellaneous"; }) - (sync-retiolum { name = "get"; section = "miscellaneous"; }) - (sync-retiolum { name = "hstool"; desc = "Haskell Development Environment ^_^"; section = "miscellaneous"; }) - (sync-retiolum { name = "htgen"; desc = "toy HTTP server"; section = "miscellaneous"; }) - (sync-retiolum { name = "kirk"; desc = "IRC tools"; section = "miscellaneous"; }) - (sync-retiolum { name = "load-env"; section = "miscellaneous"; }) - (sync-retiolum { name = "loldns"; desc = "toy DNS server"; section = "miscellaneous"; }) - (sync-retiolum { name = "netcup"; desc = "netcup command line interface"; section = "miscellaneous"; }) - (sync-retiolum { name = "populate"; desc = "source code installer"; section = "miscellaneous"; }) - (sync-retiolum { name = "q"; section = "miscellaneous"; }) - (sync-retiolum { name = "regfish"; section = "miscellaneous"; }) - (sync-retiolum { name = "soundcloud"; desc = "SoundCloud command line interface"; section = "miscellaneous"; }) - - (sync-retiolum { name = "blessings"; section = "Haskell libraries"; }) - (sync-retiolum { name = "mime"; section = "Haskell libraries"; }) - (sync-retiolum { name = "quipper"; section = "Haskell libraries"; }) - (sync-retiolum { name = "scanner"; section = "Haskell libraries"; }) - (sync-retiolum { name = "wai-middleware-time"; section = "Haskell libraries"; }) - (sync-retiolum { name = "web-routes-wai-custom"; section = "Haskell libraries"; }) - (sync-retiolum { name = "xintmap"; section = "Haskell libraries"; }) - (sync-retiolum { name = "xmonad-stockholm"; desc = "krebs xmonad modules"; section = "Haskell libraries"; }) - - (sync-remote { name = "array"; url = "https://github.com/makefu/array"; }) - (sync-remote { name = "email-header"; url = "https://github.com/4z3/email-header"; }) - (sync-remote { name = "mycube-flask"; url = "https://github.com/makefu/mycube-flask"; }) - (sync-remote { name = "reaktor-titlebot"; url = "https://github.com/makefu/reaktor-titlebot"; }) - (sync-remote { name = "repo-sync"; url = "https://github.com/makefu/repo-sync"; }) - (sync-remote { name = "skytraq-datalogger"; url = "https://github.com/makefu/skytraq-datalogger"; }) - (sync-remote { name = "realwallpaper"; url = "https://github.com/lassulus/realwallpaper"; }) - (sync-remote { name = "painload"; url = "https://github.com/krebs/painload"; }) - (sync-remote { name = "nixos-wiki"; url = "https://github.com/Mic92/nixos-wiki.wiki.git"; }) + (sync-repo { + name = "stockholm"; + desc = "take all computers hostage, they love it"; + section = "configuration"; + remotes = { + makefu = "http://cgit.gum.r/stockholm"; + tv = "http://cgit.ni.r/stockholm"; + lassulus = "http://cgit.orange.r/stockholm"; + }; + }) + ({ krebs.git = defineRepo { + name = "krops"; + desc = "deployment tools"; + section = "deployment"; + };}) ]; } From 7214a7658fb343f29622fc0b89ba8aaad8b51bf8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Apr 2023 16:03:51 +0200 Subject: [PATCH 07/32] kartei: add trust-gpg script --- kartei/trust-gpg.sh | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100755 kartei/trust-gpg.sh diff --git a/kartei/trust-gpg.sh b/kartei/trust-gpg.sh new file mode 100755 index 000000000..84b67aeb4 --- /dev/null +++ b/kartei/trust-gpg.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# usage: $0 +set -eu +WD=$(dirname "$(realpath "$0")") +PUBKEYS= +for key in "$WD"/kmein/kmein.gpg "$WD"/lass/pgp/* "$WD"/makefu/pgp/* "$WD"/tv/pgp/*; do + echo "$key" >&2 + keyid=$(gpg --with-colons --fingerprint --import-options show-only --import "$key" | grep fpr | cut -d : -f 10 | head -1) + gpg --import "$key" >&2 + printf '5\ny\n' | gpg --command-fd 0 --expert --edit-key "$keyid" trust >&2 + PUBKEYS="${PUBKEYS}${keyid}\n" +done +printf "$PUBKEYS" From e5639658b03e647121ee15e3c84b1d4dd7b90cd6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Apr 2023 16:26:59 +0200 Subject: [PATCH 08/32] konsens: define isSystemUser & group --- krebs/3modules/konsens.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 81486810b..439bcc7f4 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -39,10 +39,13 @@ let }; imp = { + users.groups.konsens.gid = genid "konsens"; users.users.konsens = rec { name = "konsens"; + group = "konsens"; uid = genid name; home = "/var/lib/konsens"; + isSystemUser = true; createHome = true; }; From c3a05871bd6423dda1db299746d4fc493868a788 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 16 Apr 2023 21:09:04 +0200 Subject: [PATCH 09/32] add bing-gpt gateway --- kartei/mic92/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 78206a241..0030133c2 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -90,6 +90,7 @@ in { "tts.r" "flood.r" "warez.r" + "bing-gpt.r" "navidrome.r" ]; tinc.pubkey = '' From d8ca1ceb9d9f91b34312ca7f6645c97560907949 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Apr 2023 14:30:48 +0200 Subject: [PATCH 10/32] reaktor2: add !bing command --- krebs/2configs/reaktor2.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 39039cc11..032932013 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -51,6 +51,27 @@ let }; }; + bing = { + pattern = "!bing (.*)$"; + activate = "match"; + arguments = [1]; + timeoutSec = 42; + command = { + filename = pkgs.writeDash "bing" '' + set -efu + export PATH=${makeBinPath [ + pkgs.coreutils + pkgs.curl + pkgs.jq + ]} + printf '%s' "$*" | + curl -SsG http://bing-gpt.r/api/chat --data-urlencode 'prompt@-' | + jq -r '.item.messages[1].text' | + echo "$_from: $(cat)" + ''; + }; + }; + confuse = { pattern = "!confuse (.*)$"; activate = "match"; @@ -526,6 +547,7 @@ in { (systemPlugin { extra_privmsg_hooks = [ confuse + bing ]; }) ]; From 01c1fffe0ac51ad7a0ade29c4c4f6fed4394dd44 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Apr 2023 15:59:58 +0200 Subject: [PATCH 11/32] reaktor2 bing: more timeout, footnotes --- krebs/2configs/reaktor2.nix | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 032932013..8e2e5d9b8 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -55,7 +55,7 @@ let pattern = "!bing (.*)$"; activate = "match"; arguments = [1]; - timeoutSec = 42; + timeoutSec = 1337; command = { filename = pkgs.writeDash "bing" '' set -efu @@ -64,10 +64,21 @@ let pkgs.curl pkgs.jq ]} - printf '%s' "$*" | - curl -SsG http://bing-gpt.r/api/chat --data-urlencode 'prompt@-' | - jq -r '.item.messages[1].text' | - echo "$_from: $(cat)" + response=$(printf '%s' "$*" | + curl -SsG http://bing-gpt.r/api/chat --data-urlencode 'prompt@-' + ) + if [ "$?" -ne 0 ]; then + printf '%s' "$response" | + curl -Ss http://p.r --data-binary @- | + tail -1 + else + printf '%s' "$response" | + jq -r '.item.messages[1].text' | + echo "$_from: $(cat)" + + printf '%s' "$response" | + jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key)]: \(.value)"' + fi ''; }; }; From fef664e785cf7ae234abd540406fb894c784322b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Apr 2023 16:06:58 +0200 Subject: [PATCH 12/32] reaktor2 bing: start counting at 1 --- krebs/2configs/reaktor2.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 8e2e5d9b8..114c08713 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -77,7 +77,7 @@ let echo "$_from: $(cat)" printf '%s' "$response" | - jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key)]: \(.value)"' + jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"' fi ''; }; From 4ca30a227ba7728a0190b0d5ea0fa4d424142ee5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Apr 2023 16:07:14 +0200 Subject: [PATCH 13/32] reaktor2: use bing plugin on all bots --- krebs/2configs/reaktor2.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 114c08713..502dd4a9f 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -354,6 +354,7 @@ let } bedger-add bedger-balance + bing hooks.sed interrogate say @@ -558,7 +559,6 @@ in { (systemPlugin { extra_privmsg_hooks = [ confuse - bing ]; }) ]; From ac5e8cc3f4905d4e0e3beedb2ea67e749fccb80a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Apr 2023 16:43:31 +0200 Subject: [PATCH 14/32] reaktor2 bing: add error reporting --- krebs/2configs/reaktor2.nix | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 502dd4a9f..0a5031415 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -59,6 +59,13 @@ let command = { filename = pkgs.writeDash "bing" '' set -efu + report_error() { + printf '%s' "$*" | + curl -Ss http://p.r --data-binary @- | + tail -1 | + echo "error $(cat)" + exit 0 + } export PATH=${makeBinPath [ pkgs.coreutils pkgs.curl @@ -68,13 +75,13 @@ let curl -SsG http://bing-gpt.r/api/chat --data-urlencode 'prompt@-' ) if [ "$?" -ne 0 ]; then - printf '%s' "$response" | - curl -Ss http://p.r --data-binary @- | - tail -1 + report_error "$response" else - printf '%s' "$response" | - jq -r '.item.messages[1].text' | - echo "$_from: $(cat)" + if ! text=$(printf '%s' "$response" | jq -er '.item.messages[1].text'); then + echo "$_from: $(report_error "$response")" + exit 0 + fi + printf '%s' "$text" | echo "$_from: $(cat)" printf '%s' "$response" | jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"' From 6ae9b8d8ed3440ffc634e468491b0da5d777379d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 17 Apr 2023 17:24:31 +0200 Subject: [PATCH 15/32] ircd: more lines & hostnames --- krebs/2configs/ircd.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index 5435ea166..c56883d3e 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -38,6 +38,8 @@ hidden = false; password = "$2a$04$0AtVycWQJ07ymrDdKyAm2un3UVSVIzpzL3wsWbWb3PF95d1CZMcMO"; }; + server.max-line-length = 1024; + server.lookup-hostnames = true; }; }; } From e115e29cec3882a8c30c4f244139ae16e4fc39d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Mon, 17 Apr 2023 16:03:11 +0200 Subject: [PATCH 16/32] kartei/mic92: add donna --- kartei/mic92/default.nix | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 0030133c2..9dd96dc0b 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -911,6 +911,33 @@ in { }; }; + donna = { + owner = config.krebs.users.mic92; + nets = rec { + internet = { + # clara.dse.in.tum.de + ip4.addr = "131.159.38.222"; + ip6.addr = "2a09:80c0:38::222"; + aliases = [ "donna.i" ]; + }; + retiolum = { + via = internet; + aliases = [ "donna.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAs34lPq8SnVdzMdPkWQMfeM061Yh95wqqGOdGODiyoWdsP0ErRH3/ + HjgmB7luMl7MdL3ZKIpZe/IR2OSAL+6HBE/JPIapO2e1DFFEg42AI58lgjrR0yEr + Q59ZeGu+V95l+jC08IUoS9K6SVTkDCVe2b4Akf5oMtHAAG+ELtzh2zrPH6lkrXYd + LvzIWcrmqu1AnmmUiHT1JleCDfSn2m/ev+LcY109lN7LCFA5VL12/EP2FhM3ELHq + j2gAdvD1LAKq4var2MnR0MnKg0k1vMGSgwK+hj0AoLNiYivo8bxoRBNbUb94o4jQ + 8xfbYyAFxpxdi/bFDmT1UjkouJ1Y8I8GJwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "8XlFDxQoGq6Fr40PTDyF8GUwP2+YSDp8By0vlKn1OlO"; + }; + }; + }; + clara = { owner = config.krebs.users.mic92; nets = rec { From 0e62d650cf7f1f0ba50eda6f493db6d02d671b08 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Apr 2023 20:11:38 +0200 Subject: [PATCH 17/32] kartei/feliks: init ahuatangata --- kartei/feliks/default.nix | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 33f7f9663..88b37cbd5 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -7,6 +7,9 @@ with import ../../lib; } // optionalAttrs (host.nets?retiolum) { nets.retiolum.ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill.ip6.addr = + (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; }); in { users.feliks = { @@ -18,7 +21,7 @@ in { nets = { retiolum = { ip4.addr = "10.243.10.243"; - aliases = [ "papawhakaaro.r" ]; + aliases = [ "papawhakaaro.r" "tp.feliks.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw @@ -43,7 +46,7 @@ in { nets = { retiolum = { ip4.addr = "10.243.10.244"; - aliases = [ "iti.r" ]; + aliases = [ "iti.r" "ltd.feliks.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL @@ -68,7 +71,7 @@ in { nets = { retiolum = { ip4.addr = "10.243.10.245"; - aliases = [ "tumaukainga.r" ]; + aliases = [ "tumaukainga.r" "hs.feliks.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAj1q28QzUlag0i+2ZEpZyQEbrtuODj6pCCt2IX1Uz1B83outO2l/n @@ -88,5 +91,11 @@ in { }; }; }; + ahuatangata = { + nets.wiregrill = { + aliases = [ "ahuatangata" "ndrd.feliks.r" ]; + wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU="; + }; + }; }; } From 600a8abc8a862ae0aa1554164e5dc48979a4684a Mon Sep 17 00:00:00 2001 From: lenny Date: Tue, 18 Apr 2023 20:28:08 +0200 Subject: [PATCH 18/32] kartei: init mokemoke --- kartei/ynnel/default.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 kartei/ynnel/default.nix diff --git a/kartei/ynnel/default.nix b/kartei/ynnel/default.nix new file mode 100644 index 000000000..e7d985278 --- /dev/null +++ b/kartei/ynnel/default.nix @@ -0,0 +1,32 @@ +{ config, ... }: +let + lib = import ../../lib; +in +{ + users.ynnel = { + mail = "retiolum@lenny.ninja"; + }; + hosts.mokemoke = { + owner = config.krebs.users.ynnel; + nets.retiolum = { + aliases = [ "mokemoke.ynnel.r" ]; + ip6.addr = (lib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEA7rS560SZEPcSekW30dRF6ZTHOnb8WvuVgt3BFLRWhTgV5DqLqFa8 + fxT2TJci8ogYZtlnSCNKEhxup3wlIrAPLLzu5jL6hx4okfmyARGQqeUn9kD+jmGL + 9N9wjGXDp/CVyMIb5mcK2l0mvElvs7ae700GScq+2ASsFTHC/w2w2KoeDtt/UED9 + Cjy+kxP7SuzksigIuuA8gncf9FmfRgG31XGctX1H6hUywtq05oVRd5qMHeiI/l4v + jHJSadtlR1FuExMT9l7nRZ98yOLKWhDUym4qmi/3zsnDl38f9gcqlp040McUqfZl + 6mclphcthOv6xp7nCbEd58djBU1hrPHJJrk5qL0CGcTwaTBzZFvrV4lklfBFPhVv + dwiagzZDsTvQfXe7UJTSHOKhw+i7a7ok2n+IFhyd+GnQYeOvaBropjYgYDHbZ/u7 + d6E1xUVjANLtt2oOYfaH/LlERgucEcQY2qRyMBQXYTwp+d3ThTc+Vs0Lbo08rvFN + y76KXPsH8ptVVFK4DclK0GxI64JpnSmG/BHcU114K7LPNONQBSvE8UyZlMVkuZfc + qwBzyM70tKPoWmoxjBkQcXsK6JgclXohZ0jbMhRV5K4oDocAhEuUtOC5qG4IZo+R + BWc0bxueCaOQFqB6UKcZLgCj6ZhXHpqTSk/8MBevxrbH44I+4oYwQOkCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "um4yKCJkkBX9pISAa78SttNSqyEPhpCDGfL6FJA0wzK"; + }; + }; +} From cc46eddcd82227dbc1080005efbd79ac24cf8dab Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Apr 2023 22:34:45 +0200 Subject: [PATCH 19/32] kartei/feliks: add ip4 to ahuatangata --- kartei/feliks/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 88b37cbd5..97fc27fad 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -93,6 +93,7 @@ in { }; ahuatangata = { nets.wiregrill = { + ip4.addr = "10.243.10.246"; aliases = [ "ahuatangata" "ndrd.feliks.r" ]; wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU="; }; From 48469cc891e2e621bcce6fbd529124d5a93f7cf7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Apr 2023 22:46:39 +0200 Subject: [PATCH 20/32] kartei/feliks: fix wiregrill pubkey --- kartei/feliks/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 97fc27fad..58a3e2498 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -95,7 +95,7 @@ in { nets.wiregrill = { ip4.addr = "10.243.10.246"; aliases = [ "ahuatangata" "ndrd.feliks.r" ]; - wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU="; + wireguard.pubkey = "QPDGBEYJ1znqUdjy6JWZJ+cqPMcU67dHlOX5beTM6TA="; }; }; }; From 84ccb812a3c76b6f56e7173bcab7bed7907a0ddf Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Apr 2023 23:07:48 +0200 Subject: [PATCH 21/32] ahuatangata.r: fix ipv4 range --- kartei/feliks/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 58a3e2498..0e68d3980 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -93,7 +93,7 @@ in { }; ahuatangata = { nets.wiregrill = { - ip4.addr = "10.243.10.246"; + ip4.addr = "10.244.10.246"; aliases = [ "ahuatangata" "ndrd.feliks.r" ]; wireguard.pubkey = "QPDGBEYJ1znqUdjy6JWZJ+cqPMcU67dHlOX5beTM6TA="; }; From 4a57bde3df423bc1d8317690d56bbd60286c45b3 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Apr 2023 15:04:00 +0200 Subject: [PATCH 22/32] kartei tv ni: update internet addresses --- kartei/tv/hosts/ni.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix index c45321656..aae5c5cd4 100644 --- a/kartei/tv/hosts/ni.nix +++ b/kartei/tv/hosts/ni.nix @@ -17,11 +17,11 @@ nets = { internet = { ip4 = rec { - addr = "188.68.36.196"; + addr = "185.162.251.237"; prefix = "${addr}/32"; }; ip6 = rec { - addr = "2a03:4000:13:4c::1"; + addr = "2a03:4000:1a:cf::1"; prefix = "${addr}/64"; }; aliases = [ From 6cb7fb16a1e4b9a70fc4668dd1c9db19a3ea1c5c Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Apr 2023 17:49:09 +0200 Subject: [PATCH 23/32] l binary-cache: split into server & proxy, add neoprism --- lass/1systems/prism/config.nix | 1 + lass/2configs/binary-cache/client.nix | 1 + lass/2configs/binary-cache/server.nix | 10 +--------- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 2e82fae6f..e1f92c51e 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -127,6 +127,7 @@ with import ; + diff --git a/lass/2configs/binary-cache/client.nix b/lass/2configs/binary-cache/client.nix index b0e0a8b88..de15aff92 100644 --- a/lass/2configs/binary-cache/client.nix +++ b/lass/2configs/binary-cache/client.nix @@ -4,6 +4,7 @@ nix = { binaryCaches = [ "http://cache.prism.r" + "http://cache.neoprism.r" "https://cache.nixos.org/" ]; binaryCachePublicKeys = [ diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index 30bef5137..bdd568c15 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -14,7 +14,7 @@ services.nginx = { enable = true; virtualHosts.nix-serve = { - serverAliases = [ "cache.prism.r" ]; + serverAliases = [ "cache.${config.networking.hostName}.r" ]; locations."/".extraConfig = '' proxy_pass http://localhost:${toString config.services.nix-serve.port}; ''; @@ -26,14 +26,6 @@ ''}; ''; }; - virtualHosts."cache.krebsco.de" = { - forceSSL = true; - serverAliases = [ "cache.lassul.us" ]; - enableACME = true; - locations."/".extraConfig = '' - proxy_pass http://localhost:${toString config.services.nix-serve.port}; - ''; - }; }; } From 37069e577094ca29516ba8945bda2ed202c0a32c Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Apr 2023 19:46:41 +0200 Subject: [PATCH 24/32] l mumble-reminder: move to wednesday --- lass/2configs/mumble-reminder.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lass/2configs/mumble-reminder.nix b/lass/2configs/mumble-reminder.nix index c4cc60dc5..0067d64eb 100644 --- a/lass/2configs/mumble-reminder.nix +++ b/lass/2configs/mumble-reminder.nix @@ -80,26 +80,26 @@ in { }; systemd.services.mumble-reminder-nixos = { description = "weekly reminder for nixos mumble"; - startAt = "Thu *-*-* 17:00:00 Europe/Berlin"; + startAt = "Wed *-*-* 19:00:00 Europe/Berlin"; serviceConfig = { ExecStart = pkgs.writers.writeDash "mumble_reminder" '' animals=' ${animals} ' - ${write_to_irc "#nixos"} "Es ist Donnerstag meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!" + ${write_to_irc "#nixos"} "Es ist Mittwoch meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!" ${write_to_irc "#nixos"} "kommt auf mumble://lassul.us" ''; }; }; systemd.services.mumble-reminder-krebs = { description = "weekly reminder for nixos mumble"; - startAt = "Thu *-*-* 19:00:00 Europe/Berlin"; + startAt = "Wed *-*-* 19:00:00 Europe/Berlin"; serviceConfig = { ExecStart = pkgs.writers.writeDash "mumble_reminder" '' animals=' ${animals} ' - ${write_to_irc "#krebs"} "Es ist Donnerstag meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!" + ${write_to_irc "#krebs"} "Es ist Mittwoch meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!" ${write_to_irc "#krebs"} "$(cat /var/lib/reaktor2-mumble-reminder/users | ${pkgs.findutils}/bin/xargs echo) : mumble?" ''; }; From 72b9acd91dc4bd857c258396cc6dc6109988ff55 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Apr 2023 10:14:52 +0200 Subject: [PATCH 25/32] nixpkgs: 884e3b6 -> cd749f5 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 67580f2ea..8100f7ce9 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "884e3b68be02ff9d61a042bc9bd9dd2a358f95da", - "date": "2023-04-01T09:31:50+02:00", - "path": "/nix/store/92sykpq1h25i4wzlp6k7prdbfnz6dg3k-nixpkgs", - "sha256": "1jgmanzmgbn9lxp0zc55lj1ml09zrkkwb00axx2iii06mbbv6991", + "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", + "date": "2023-04-17T21:23:15+02:00", + "path": "/nix/store/fx4y582k55nd4qm9r7cl8gd5pzwx704k-nixpkgs", + "sha256": "02q34c1x6b1dmbshxfbk6nf3kr07lnmxn02j2lm2y0sbpjs939pd", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, From e30c8df7424a67b0c5bac13d06a70c6215429d5c Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 20 Apr 2023 19:51:04 +0200 Subject: [PATCH 26/32] nixpkgs-unstable: e3652e0 -> 555daa9 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 6949ccefc..e9dd5bf82 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "e3652e0735fbec227f342712f180f4f21f0594f2", - "date": "2023-03-31T00:05:00+02:00", - "path": "/nix/store/0faiv51kalx5iq4a7y9535wlqvhsqqqb-nixpkgs", - "sha256": "1h38yml73lxirxx6ynzmk3h4fw6wlgz8z8105cj733s8cvjyp03h", + "rev": "555daa9d339b3df75e58ee558a4fec98ea92521e", + "date": "2023-04-18T16:34:17+02:00", + "path": "/nix/store/yfr0653m8j22871x11d363iz6wwsznsd-nixpkgs", + "sha256": "0m361xqnx1d1nwahichvg8l1qy3ambra0rg56mmyh71xgnrnz1m3", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, From bc63f4e56b617fad9027ed74403cd34ba00b5a02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 23 Apr 2023 11:46:34 +0200 Subject: [PATCH 27/32] kartei/mic92: replace llama.r with vicuna.r --- kartei/mic92/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kartei/mic92/default.nix b/kartei/mic92/default.nix index 9dd96dc0b..952b5fd40 100644 --- a/kartei/mic92/default.nix +++ b/kartei/mic92/default.nix @@ -789,7 +789,7 @@ in { aliases = [ "jack.r" "stable-confusion.r" - "llama.r" + "vicuna.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- From 685a59210a4dd2f254d9c6d98267d1fb8c9a2333 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Apr 2023 12:36:04 +0200 Subject: [PATCH 28/32] l neoprism.r: add gsm-wiki --- lass/1systems/neoprism/config.nix | 1 + lass/2configs/gsm-wiki.nix | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 lass/2configs/gsm-wiki.nix diff --git a/lass/1systems/neoprism/config.nix b/lass/1systems/neoprism/config.nix index cc08070af..7b402f8a6 100644 --- a/lass/1systems/neoprism/config.nix +++ b/lass/1systems/neoprism/config.nix @@ -4,6 +4,7 @@ imports = [ + # sync-containers diff --git a/lass/2configs/gsm-wiki.nix b/lass/2configs/gsm-wiki.nix new file mode 100644 index 000000000..69508a155 --- /dev/null +++ b/lass/2configs/gsm-wiki.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: +{ + services.nginx.virtualHosts."docs.c3gsm.de" = { + forceSSL = true; + enableACME = true; + locations."/".extraConfig = '' + auth_basic "Restricted Content"; + auth_basic_user_file ${pkgs.writeText "flix-user-pass" '' + c3gsm:$apr1$q9OrPI4C$7AY4EIp3J2Xc4eLMbPGE21 + ''}; + root /srv/http/docs.c3gsm.de; + ''; + }; + + users.users.c3gsm-docs = { + isNormalUser = true; + home = "/srv/http/docs.c3gsm.de"; + createHome = true; + homeMode = "750"; + useDefaultShell = true; + group = "nginx"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlW1fvCrVXhVH/z76fXBWYR/qyecYTE9VOOkFLJ6OwG user@osmocom-dev" + ]; + }; +} From 800768ebb754d9c37e022ef127d5b4f6c5379464 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Apr 2023 13:01:27 +0200 Subject: [PATCH 29/32] nixpkgs: cd749f5 -> fd901ef --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 8100f7ce9..7e478e9cf 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "cd749f58ba83f7155b7062dd49d08e5e47e44d50", - "date": "2023-04-17T21:23:15+02:00", - "path": "/nix/store/fx4y582k55nd4qm9r7cl8gd5pzwx704k-nixpkgs", - "sha256": "02q34c1x6b1dmbshxfbk6nf3kr07lnmxn02j2lm2y0sbpjs939pd", + "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", + "date": "2023-04-22T11:27:49+08:00", + "path": "/nix/store/gpfv5hbki6g1b63nqw7md5bjlcpzsz1w-nixpkgs", + "sha256": "1fd7xyfna0klfbv37qq1ms2j4gzjpy14a8vbnw1i8ix6fijkywjf", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, From f90e1bb9a9650fb18458b217d9056cf8ce917254 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Apr 2023 13:02:29 +0200 Subject: [PATCH 30/32] nixpkgs-unstable: 555daa9 -> 645bc49 --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index e9dd5bf82..bd1ab98c0 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "555daa9d339b3df75e58ee558a4fec98ea92521e", - "date": "2023-04-18T16:34:17+02:00", - "path": "/nix/store/yfr0653m8j22871x11d363iz6wwsznsd-nixpkgs", - "sha256": "0m361xqnx1d1nwahichvg8l1qy3ambra0rg56mmyh71xgnrnz1m3", + "rev": "645bc49f34fa8eff95479f0345ff57e55b53437e", + "date": "2023-04-19T18:04:47+02:00", + "path": "/nix/store/jh86824939585dinrs1zlkh6cvz8l8l7-nixpkgs", + "sha256": "0kfndc7xdkm89yl0f27wdnwd6gdad3i49jx7gvaib1hz0ifpmxzv", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, From d55505a076d94581bec16afb61a7e6fbedb7bd6e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Apr 2023 14:07:00 +0200 Subject: [PATCH 31/32] l binary-cache: add missing proxy.nix --- lass/2configs/binary-cache/proxy.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 lass/2configs/binary-cache/proxy.nix diff --git a/lass/2configs/binary-cache/proxy.nix b/lass/2configs/binary-cache/proxy.nix new file mode 100644 index 000000000..a6ecb044d --- /dev/null +++ b/lass/2configs/binary-cache/proxy.nix @@ -0,0 +1,13 @@ +{ config, lib, pkgs, ...}: +{ + services.nginx = { + enable = true; + virtualHosts."cache.krebsco.de" = { + enableACME = true; + forceSSL = true; + locations."/".extraConfig = '' + proxy_pass http://cache.neoprism.r/; + ''; + }; + }; +} From 4bf2909be3afb5e834cacdb4d6f949e4dd78400e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Apr 2023 14:07:55 +0200 Subject: [PATCH 32/32] kartei feliks: define owner for all hosts --- kartei/feliks/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/kartei/feliks/default.nix b/kartei/feliks/default.nix index 0e68d3980..e98da7bc6 100644 --- a/kartei/feliks/default.nix +++ b/kartei/feliks/default.nix @@ -1,6 +1,7 @@ with import ../../lib; { config, ... }: let hostDefaults = hostName: host: flip recursiveUpdate host ({ + owner = config.krebs.users.feliks; ci = false; external = true; monitoring = false; @@ -17,7 +18,6 @@ in { }; hosts = mapAttrs hostDefaults { papawhakaaro = { - owner = config.krebs.users.feliks; nets = { retiolum = { ip4.addr = "10.243.10.243"; @@ -42,7 +42,6 @@ in { }; }; iti = { - owner = config.krebs.users.feliks; nets = { retiolum = { ip4.addr = "10.243.10.244"; @@ -67,7 +66,6 @@ in { }; }; tumaukainga = { - owner = config.krebs.users.feliks; nets = { retiolum = { ip4.addr = "10.243.10.245";