Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'lassul.us/master'

Browse Source
This commit is contained in:
makefu 2023-04-23 16:26:01 +02:00
commit 60fb7a1aa1
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
21 changed files with 220 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
kartei/feliks/default.nix
View File

@ -1,12 +1,16 @@
with import ../../lib; with import ../../lib;
{ config, ... }: let { config, ... }: let
hostDefaults = hostName: host: flip recursiveUpdate host ({ hostDefaults = hostName: host: flip recursiveUpdate host ({
owner = config.krebs.users.feliks;
ci = false; ci = false;
external = true; external = true;
monitoring = false; monitoring = false;
} // optionalAttrs (host.nets?retiolum) { } // optionalAttrs (host.nets?retiolum) {
nets.retiolum.ip6.addr = nets.retiolum.ip6.addr =
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill.ip6.addr =
(krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
}); });
in { in {
users.feliks = { users.feliks = {
@ -14,11 +18,10 @@ in {
}; };
hosts = mapAttrs hostDefaults { hosts = mapAttrs hostDefaults {
papawhakaaro = { papawhakaaro = {
owner = config.krebs.users.feliks;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.10.243"; ip4.addr = "10.243.10.243";
aliases = [ "papawhakaaro.r" ]; aliases = [ "papawhakaaro.r" "tp.feliks.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw MIICCgKCAgEA4bd0lVUVlzFmM8TuH77C5VctcK4lkw02LbMVQDJ5U+Ww075nNahw
@ -39,11 +42,10 @@ in {
}; };
}; };
iti = { iti = {
owner = config.krebs.users.feliks;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.10.244"; ip4.addr = "10.243.10.244";
aliases = [ "iti.r" ]; aliases = [ "iti.r" "ltd.feliks.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL MIICCgKCAgEA5TXEmw3F3lCekITBPW8QYF1ciKHN8RSi47k1vW+jXb6gdWcVo5KL
@ -64,11 +66,10 @@ in {
}; };
}; };
tumaukainga = { tumaukainga = {
owner = config.krebs.users.feliks;
nets = { nets = {
retiolum = { retiolum = {
ip4.addr = "10.243.10.245"; ip4.addr = "10.243.10.245";
aliases = [ "tumaukainga.r" ]; aliases = [ "tumaukainga.r" "hs.feliks.r" ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAj1q28QzUlag0i+2ZEpZyQEbrtuODj6pCCt2IX1Uz1B83outO2l/n MIICCgKCAgEAj1q28QzUlag0i+2ZEpZyQEbrtuODj6pCCt2IX1Uz1B83outO2l/n
@ -88,5 +89,12 @@ in {
}; };
}; };
}; };
ahuatangata = {
nets.wiregrill = {
ip4.addr = "10.244.10.246";
aliases = [ "ahuatangata" "ndrd.feliks.r" ];
wireguard.pubkey = "QPDGBEYJ1znqUdjy6JWZJ+cqPMcU67dHlOX5beTM6TA=";
};
};
}; };
} }

30
kartei/mic92/default.nix
View File

@ -90,6 +90,7 @@ in {
"tts.r" "tts.r"
"flood.r" "flood.r"
"warez.r" "warez.r"
"bing-gpt.r"
"navidrome.r" "navidrome.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
@ -788,7 +789,7 @@ in {
aliases = [ aliases = [
"jack.r" "jack.r"
"stable-confusion.r" "stable-confusion.r"
"llama.r" "vicuna.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -910,6 +911,33 @@ in {
}; };
}; };
donna = {
owner = config.krebs.users.mic92;
nets = rec {
internet = {
# clara.dse.in.tum.de
ip4.addr = "131.159.38.222";
ip6.addr = "2a09:80c0:38::222";
aliases = [ "donna.i" ];
};
retiolum = {
via = internet;
aliases = [ "donna.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAs34lPq8SnVdzMdPkWQMfeM061Yh95wqqGOdGODiyoWdsP0ErRH3/
HjgmB7luMl7MdL3ZKIpZe/IR2OSAL+6HBE/JPIapO2e1DFFEg42AI58lgjrR0yEr
Q59ZeGu+V95l+jC08IUoS9K6SVTkDCVe2b4Akf5oMtHAAG+ELtzh2zrPH6lkrXYd
LvzIWcrmqu1AnmmUiHT1JleCDfSn2m/ev+LcY109lN7LCFA5VL12/EP2FhM3ELHq
j2gAdvD1LAKq4var2MnR0MnKg0k1vMGSgwK+hj0AoLNiYivo8bxoRBNbUb94o4jQ
8xfbYyAFxpxdi/bFDmT1UjkouJ1Y8I8GJwIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "8XlFDxQoGq6Fr40PTDyF8GUwP2+YSDp8By0vlKn1OlO";
};
};
};
clara = { clara = {
owner = config.krebs.users.mic92; owner = config.krebs.users.mic92;
nets = rec { nets = rec {

7
kartei/rtunreal/default.nix
View File

@ -74,5 +74,12 @@ in
tinc.pubkey_ed25519 = "YJE4KD9PhDjxucDAGrbec5Yqqf3A8/VU0J0NV8EPXuN"; tinc.pubkey_ed25519 = "YJE4KD9PhDjxucDAGrbec5Yqqf3A8/VU0J0NV8EPXuN";
}; };
}; };
rtgraphene = {
nets.wiregrill = {
aliases = [ "graphene.rtunreal.w" ];
ip4.addr = "10.244.20.20";
wireguard.pubkey = "IZ7tnD5ZVqO886hFzk6k92R70p1J6jYvyIEAWUccehU=";
};
};
}; };
} }

13
kartei/trust-gpg.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
# usage: $0
set -eu
WD=$(dirname "$(realpath "$0")")
PUBKEYS=
for key in "$WD"/kmein/kmein.gpg "$WD"/lass/pgp/* "$WD"/makefu/pgp/* "$WD"/tv/pgp/*; do
echo "$key" >&2
keyid=$(gpg --with-colons --fingerprint --import-options show-only --import "$key" | grep fpr | cut -d : -f 10 | head -1)
gpg --import "$key" >&2
printf '5\ny\n' | gpg --command-fd 0 --expert --edit-key "$keyid" trust >&2
PUBKEYS="${PUBKEYS}${keyid}\n"
done
printf "$PUBKEYS"

4
kartei/tv/hosts/ni.nix
View File

@ -17,11 +17,11 @@
nets = { nets = {
internet = { internet = {
ip4 = rec { ip4 = rec {
addr = "188.68.36.196"; addr = "185.162.251.237";
prefix = "${addr}/32"; prefix = "${addr}/32";
}; };
ip6 = rec { ip6 = rec {
addr = "2a03:4000:13:4c::1"; addr = "2a03:4000:1a:cf::1";
prefix = "${addr}/64"; prefix = "${addr}/64";
}; };
aliases = [ aliases = [

32
kartei/ynnel/default.nix Normal file
View File

@ -0,0 +1,32 @@
{ config, ... }:
let
lib = import ../../lib;
in
{
users.ynnel = {
mail = "retiolum@lenny.ninja";
};
hosts.mokemoke = {
owner = config.krebs.users.ynnel;
nets.retiolum = {
aliases = [ "mokemoke.ynnel.r" ];
ip6.addr = (lib.krebs.genipv6 "retiolum" "ynnel" { hostName = "mokemoke"; }).address;
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA7rS560SZEPcSekW30dRF6ZTHOnb8WvuVgt3BFLRWhTgV5DqLqFa8
fxT2TJci8ogYZtlnSCNKEhxup3wlIrAPLLzu5jL6hx4okfmyARGQqeUn9kD+jmGL
9N9wjGXDp/CVyMIb5mcK2l0mvElvs7ae700GScq+2ASsFTHC/w2w2KoeDtt/UED9
Cjy+kxP7SuzksigIuuA8gncf9FmfRgG31XGctX1H6hUywtq05oVRd5qMHeiI/l4v
jHJSadtlR1FuExMT9l7nRZ98yOLKWhDUym4qmi/3zsnDl38f9gcqlp040McUqfZl
6mclphcthOv6xp7nCbEd58djBU1hrPHJJrk5qL0CGcTwaTBzZFvrV4lklfBFPhVv
dwiagzZDsTvQfXe7UJTSHOKhw+i7a7ok2n+IFhyd+GnQYeOvaBropjYgYDHbZ/u7
d6E1xUVjANLtt2oOYfaH/LlERgucEcQY2qRyMBQXYTwp+d3ThTc+Vs0Lbo08rvFN
y76KXPsH8ptVVFK4DclK0GxI64JpnSmG/BHcU114K7LPNONQBSvE8UyZlMVkuZfc
qwBzyM70tKPoWmoxjBkQcXsK6JgclXohZ0jbMhRV5K4oDocAhEuUtOC5qG4IZo+R
BWc0bxueCaOQFqB6UKcZLgCj6ZhXHpqTSk/8MBevxrbH44I+4oYwQOkCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "um4yKCJkkBX9pISAa78SttNSqyEPhpCDGfL6FJA0wzK";
};
};
}

1
krebs/1systems/hotdog/config.nix
View File

@ -12,6 +12,7 @@
<stockholm/krebs/2configs/wiki.nix> <stockholm/krebs/2configs/wiki.nix>
<stockholm/krebs/2configs/acme.nix> <stockholm/krebs/2configs/acme.nix>
<stockholm/krebs/2configs/mud.nix> <stockholm/krebs/2configs/mud.nix>
<stockholm/krebs/2configs/repo-sync.nix>
<stockholm/krebs/2configs/cal.nix> <stockholm/krebs/2configs/cal.nix>
<stockholm/krebs/2configs/mastodon.nix> <stockholm/krebs/2configs/mastodon.nix>

2
krebs/2configs/ircd.nix
View File

@ -38,6 +38,8 @@
hidden = false; hidden = false;
password = "$2a$04$0AtVycWQJ07ymrDdKyAm2un3UVSVIzpzL3wsWbWb3PF95d1CZMcMO"; password = "$2a$04$0AtVycWQJ07ymrDdKyAm2un3UVSVIzpzL3wsWbWb3PF95d1CZMcMO";
}; };
server.max-line-length = 1024;
server.lookup-hostnames = true;
}; };
}; };
} }

40
krebs/2configs/reaktor2.nix
View File

@ -51,6 +51,45 @@ let
}; };
}; };
bing = {
pattern = "!bing (.*)$";
activate = "match";
arguments = [1];
timeoutSec = 1337;
command = {
filename = pkgs.writeDash "bing" ''
set -efu
report_error() {
printf '%s' "$*" |
curl -Ss http://p.r --data-binary @- |
tail -1 |
echo "error $(cat)"
exit 0
}
export PATH=${makeBinPath [
pkgs.coreutils
pkgs.curl
pkgs.jq
]}
response=$(printf '%s' "$*" |
curl -SsG http://bing-gpt.r/api/chat --data-urlencode 'prompt@-'
)
if [ "$?" -ne 0 ]; then
report_error "$response"
else
if ! text=$(printf '%s' "$response" | jq -er '.item.messages[1].text'); then
echo "$_from: $(report_error "$response")"
exit 0
fi
printf '%s' "$text" | echo "$_from: $(cat)"
printf '%s' "$response" |
jq -r '[.item.messages[1].sourceAttributions[].seeMoreUrl] | to_entries[] | "[\(.key + 1)]: \(.value)"'
fi
'';
};
};
confuse = { confuse = {
pattern = "!confuse (.*)$"; pattern = "!confuse (.*)$";
activate = "match"; activate = "match";
@ -322,6 +361,7 @@ let
} }
bedger-add bedger-add
bedger-balance bedger-balance
bing
hooks.sed hooks.sed
interrogate interrogate
say say

110
krebs/2configs/repo-sync.nix
View File

@ -22,7 +22,6 @@ let
post-receive = pkgs.git-hooks.irc-announce { post-receive = pkgs.git-hooks.irc-announce {
channel = "#xxx"; channel = "#xxx";
refs = [ refs = [
"refs/heads/master"
"refs/heads/newest" "refs/heads/newest"
"refs/tags/*" "refs/tags/*"
]; ];
@ -37,7 +36,6 @@ let
{ {
user = with config.krebs.users; [ user = with config.krebs.users; [
config.krebs.users."${config.networking.hostName}-repo-sync" config.krebs.users."${config.networking.hostName}-repo-sync"
jeschli
lass lass
makefu makefu
tv tv
@ -50,7 +48,7 @@ let
konsens-user konsens-user
]; ];
repo = [ repo ]; repo = [ repo ];
perm = push ''refs/heads/master'' [ create merge ]; perm = push "refs/heads/common" [ create merge ];
} }
{ {
user = attrValues config.krebs.users; user = attrValues config.krebs.users;
@ -61,31 +59,18 @@ let
repos."${name}" = repo; repos."${name}" = repo;
}; };
sync-retiolum = { sync-repo = {
name, name,
remotes,
desc ? "mirror for ${name}", desc ? "mirror for ${name}",
section ? "mirror" section ? "mirror"
}: }:
{ {
krebs.repo-sync.repos.${name} = { krebs.repo-sync.repos.${name} = {
branches = { branches = (lib.mapAttrs' (user: url: lib.nameValuePair user {
lassulus = { origin.url = url;
origin.url = "http://cgit.lassul.us/${name}"; mirror.url = "${mirror}${name}";
mirror.url = "${mirror}${name}"; }) remotes);
};
makefu = {
origin.url = "http://cgit.gum/${name}";
mirror.url = "${mirror}${name}";
};
nin = {
origin.url = "http://cgit.onondaga.r/${name}";
mirror.url = "${mirror}${name}";
};
tv = {
origin.url = "http://cgit.ni.r/${name}";
mirror.url = "${mirror}${name}";
};
};
latest = { latest = {
url = "${mirror}${name}"; url = "${mirror}${name}";
ref = "heads/newest"; ref = "heads/newest";
@ -94,24 +79,6 @@ let
krebs.git = defineRepo { inherit name desc section; }; krebs.git = defineRepo { inherit name desc section; };
}; };
sync-remote = {
name,
url,
desc ? "mirror for ${name}",
section ? "mirror"
}:
{
krebs.repo-sync.repos.${name} = {
branches = {
remote = {
origin.url = url;
mirror.url = "${mirror}${name}";
};
};
};
krebs.git = defineRepo { inherit name desc section; };
};
in { in {
krebs.git = { krebs.git = {
enable = true; enable = true;
@ -126,7 +93,6 @@ in {
krebs.konsens = { krebs.konsens = {
enable = true; enable = true;
repos = { repos = {
krops = { branchesToCheck = [ "lassulus" "tv" ]; };
stockholm = {}; stockholm = {};
}; };
}; };
@ -137,52 +103,20 @@ in {
}; };
imports = [ imports = [
(sync-retiolum { name = "the_playlist"; desc = "Good Music collection + tools"; section = "art"; }) (sync-repo {
name = "stockholm";
(sync-retiolum { name = "stockholm"; desc = "take all computers hostage, they love it"; section = "configuration"; }) desc = "take all computers hostage, they love it";
section = "configuration";
(sync-retiolum { name = "cholerab"; desc = "krebs thesauron & enterprise-patterns"; section = "documentation"; }) remotes = {
makefu = "http://cgit.gum.r/stockholm";
(sync-retiolum { name = "buildbot-classic"; desc = "fork of buildbot"; section = "software"; }) tv = "http://cgit.ni.r/stockholm";
(sync-retiolum { name = "disko"; desc = "take a description of your disk layout and produce a format script"; section = "software"; }) lassulus = "http://cgit.orange.r/stockholm";
(sync-retiolum { name = "news"; desc = "take a rss feed and a timeout and print it to stdout"; section = "software"; }) };
(sync-retiolum { name = "krops"; desc = "krebs ops"; section = "software"; }) })
(sync-retiolum { name = "go"; desc = "url shortener"; section = "software"; }) ({ krebs.git = defineRepo {
(sync-retiolum { name = "much"; desc = "curses email client"; section = "software"; }) name = "krops";
(sync-retiolum { name = "newsbot-js"; desc = "irc rss/atom bot"; section = "software"; }) desc = "deployment tools";
(sync-retiolum { name = "nix-writers"; desc = "high level writers for nix"; section = "software"; }) section = "deployment";
};})
(sync-retiolum { name = "cac-api"; desc = "CloudAtCost API command line interface"; section = "miscellaneous"; })
(sync-retiolum { name = "dic"; desc = "dict.leo.org command line interface"; section = "miscellaneous"; })
(sync-retiolum { name = "get"; section = "miscellaneous"; })
(sync-retiolum { name = "hstool"; desc = "Haskell Development Environment ^_^"; section = "miscellaneous"; })
(sync-retiolum { name = "htgen"; desc = "toy HTTP server"; section = "miscellaneous"; })
(sync-retiolum { name = "kirk"; desc = "IRC tools"; section = "miscellaneous"; })
(sync-retiolum { name = "load-env"; section = "miscellaneous"; })
(sync-retiolum { name = "loldns"; desc = "toy DNS server"; section = "miscellaneous"; })
(sync-retiolum { name = "netcup"; desc = "netcup command line interface"; section = "miscellaneous"; })
(sync-retiolum { name = "populate"; desc = "source code installer"; section = "miscellaneous"; })
(sync-retiolum { name = "q"; section = "miscellaneous"; })
(sync-retiolum { name = "regfish"; section = "miscellaneous"; })
(sync-retiolum { name = "soundcloud"; desc = "SoundCloud command line interface"; section = "miscellaneous"; })
(sync-retiolum { name = "blessings"; section = "Haskell libraries"; })
(sync-retiolum { name = "mime"; section = "Haskell libraries"; })
(sync-retiolum { name = "quipper"; section = "Haskell libraries"; })
(sync-retiolum { name = "scanner"; section = "Haskell libraries"; })
(sync-retiolum { name = "wai-middleware-time"; section = "Haskell libraries"; })
(sync-retiolum { name = "web-routes-wai-custom"; section = "Haskell libraries"; })
(sync-retiolum { name = "xintmap"; section = "Haskell libraries"; })
(sync-retiolum { name = "xmonad-stockholm"; desc = "krebs xmonad modules"; section = "Haskell libraries"; })
(sync-remote { name = "array"; url = "https://github.com/makefu/array"; })
(sync-remote { name = "email-header"; url = "https://github.com/4z3/email-header"; })
(sync-remote { name = "mycube-flask"; url = "https://github.com/makefu/mycube-flask"; })
(sync-remote { name = "reaktor-titlebot"; url = "https://github.com/makefu/reaktor-titlebot"; })
(sync-remote { name = "repo-sync"; url = "https://github.com/makefu/repo-sync"; })
(sync-remote { name = "skytraq-datalogger"; url = "https://github.com/makefu/skytraq-datalogger"; })
(sync-remote { name = "realwallpaper"; url = "https://github.com/lassulus/realwallpaper"; })
(sync-remote { name = "painload"; url = "https://github.com/krebs/painload"; })
(sync-remote { name = "nixos-wiki"; url = "https://github.com/Mic92/nixos-wiki.wiki.git"; })
]; ];
} }

3
krebs/3modules/konsens.nix
View File

@ -39,10 +39,13 @@ let
}; };
imp = { imp = {
users.groups.konsens.gid = genid "konsens";
users.users.konsens = rec { users.users.konsens = rec {
name = "konsens"; name = "konsens";
group = "konsens";
uid = genid name; uid = genid name;
home = "/var/lib/konsens"; home = "/var/lib/konsens";
isSystemUser = true;
createHome = true; createHome = true;
}; };

8
krebs/nixpkgs-unstable.json
View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "19cf008bb18e47b6e3b4e16e32a9a4bdd4b45f7e", "rev": "645bc49f34fa8eff95479f0345ff57e55b53437e",
"date": "2023-03-21T23:16:58+01:00", "date": "2023-04-19T18:04:47+02:00",
"path": "/nix/store/rg3f6v4f7mba0kqnhiarj7yg6066cc5v-nixpkgs", "path": "/nix/store/jh86824939585dinrs1zlkh6cvz8l8l7-nixpkgs",
"sha256": "0myq7fnykna5qazbk6hdgahy148yd7f5l8nrxhzllj67y86a5sxw", "sha256": "0kfndc7xdkm89yl0f27wdnwd6gdad3i49jx7gvaib1hz0ifpmxzv",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

8
krebs/nixpkgs.json
View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "e2c97799da5f5cd87adfa5017fba971771e123ef", "rev": "fd901ef4bf93499374c5af385b2943f5801c0833",
"date": "2023-03-20T14:29:52+01:00", "date": "2023-04-22T11:27:49+08:00",
"path": "/nix/store/vxca9w313d1bzw9dx4yaw8c0vrqjxa0p-nixpkgs", "path": "/nix/store/gpfv5hbki6g1b63nqw7md5bjlcpzsz1w-nixpkgs",
"sha256": "0qff1r8k0m19z1ppzb8gk5xrnlvabjdl3pqwpc3y5bm15qxzk25s", "sha256": "1fd7xyfna0klfbv37qq1ms2j4gzjpy14a8vbnw1i8ix6fijkywjf",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

1
lass/1systems/aergia/physical.nix
View File

@ -87,7 +87,6 @@
# textsize # textsize
services.xserver.dpi = 200; services.xserver.dpi = 200;
hardware.video.hidpi.enable = lib.mkDefault true;
# corectrl # corectrl
programs.corectrl = { programs.corectrl = {

1
lass/1systems/neoprism/config.nix
View File

@ -4,6 +4,7 @@
imports = [ imports = [
<stockholm/lass> <stockholm/lass>
<stockholm/lass/2configs/retiolum.nix> <stockholm/lass/2configs/retiolum.nix>
<stockholm/lass/2configs/gsm-wiki.nix>
# sync-containers # sync-containers
<stockholm/lass/2configs/consul.nix> <stockholm/lass/2configs/consul.nix>

1
lass/1systems/prism/config.nix
View File

@ -127,6 +127,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/exim-smarthost.nix> <stockholm/lass/2configs/exim-smarthost.nix>
<stockholm/lass/2configs/privoxy-retiolum.nix> <stockholm/lass/2configs/privoxy-retiolum.nix>
<stockholm/lass/2configs/binary-cache/server.nix> <stockholm/lass/2configs/binary-cache/server.nix>
<stockholm/lass/2configs/binary-cache/proxy.nix>
<stockholm/lass/2configs/iodined.nix> <stockholm/lass/2configs/iodined.nix>
<stockholm/lass/2configs/paste.nix> <stockholm/lass/2configs/paste.nix>
<stockholm/lass/2configs/syncthing.nix> <stockholm/lass/2configs/syncthing.nix>

1
lass/2configs/binary-cache/client.nix
View File

@ -4,6 +4,7 @@
nix = { nix = {
binaryCaches = [ binaryCaches = [
"http://cache.prism.r" "http://cache.prism.r"
"http://cache.neoprism.r"
"https://cache.nixos.org/" "https://cache.nixos.org/"
]; ];
binaryCachePublicKeys = [ binaryCachePublicKeys = [

13
lass/2configs/binary-cache/proxy.nix Normal file
View File

@ -0,0 +1,13 @@
{ config, lib, pkgs, ...}:
{
services.nginx = {
enable = true;
virtualHosts."cache.krebsco.de" = {
enableACME = true;
forceSSL = true;
locations."/".extraConfig = ''
proxy_pass http://cache.neoprism.r/;
'';
};
};
}

10
lass/2configs/binary-cache/server.nix
View File

@ -14,7 +14,7 @@
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts.nix-serve = { virtualHosts.nix-serve = {
serverAliases = [ "cache.prism.r" ]; serverAliases = [ "cache.${config.networking.hostName}.r" ];
locations."/".extraConfig = '' locations."/".extraConfig = ''
proxy_pass http://localhost:${toString config.services.nix-serve.port}; proxy_pass http://localhost:${toString config.services.nix-serve.port};
''; '';
@ -26,14 +26,6 @@
''}; ''};
''; '';
}; };
virtualHosts."cache.krebsco.de" = {
forceSSL = true;
serverAliases = [ "cache.lassul.us" ];
enableACME = true;
locations."/".extraConfig = ''
proxy_pass http://localhost:${toString config.services.nix-serve.port};
'';
};
}; };
} }

26
lass/2configs/gsm-wiki.nix Normal file
View File

@ -0,0 +1,26 @@
{ config, lib, pkgs, ... }:
{
services.nginx.virtualHosts."docs.c3gsm.de" = {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = ''
auth_basic "Restricted Content";
auth_basic_user_file ${pkgs.writeText "flix-user-pass" ''
c3gsm:$apr1$q9OrPI4C$7AY4EIp3J2Xc4eLMbPGE21
''};
root /srv/http/docs.c3gsm.de;
'';
};
users.users.c3gsm-docs = {
isNormalUser = true;
home = "/srv/http/docs.c3gsm.de";
createHome = true;
homeMode = "750";
useDefaultShell = true;
group = "nginx";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAlW1fvCrVXhVH/z76fXBWYR/qyecYTE9VOOkFLJ6OwG user@osmocom-dev"
];
};
}

8
lass/2configs/mumble-reminder.nix
View File

@ -80,26 +80,26 @@ in {
}; };
systemd.services.mumble-reminder-nixos = { systemd.services.mumble-reminder-nixos = {
description = "weekly reminder for nixos mumble"; description = "weekly reminder for nixos mumble";
startAt = "Thu *-*-* 17:00:00 Europe/Berlin"; startAt = "Wed *-*-* 19:00:00 Europe/Berlin";
serviceConfig = { serviceConfig = {
ExecStart = pkgs.writers.writeDash "mumble_reminder" '' ExecStart = pkgs.writers.writeDash "mumble_reminder" ''
animals=' animals='
${animals} ${animals}
' '
${write_to_irc "#nixos"} "Es ist Donnerstag meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!" ${write_to_irc "#nixos"} "Es ist Mittwoch meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!"
${write_to_irc "#nixos"} "kommt auf mumble://lassul.us" ${write_to_irc "#nixos"} "kommt auf mumble://lassul.us"
''; '';
}; };
}; };
systemd.services.mumble-reminder-krebs = { systemd.services.mumble-reminder-krebs = {
description = "weekly reminder for nixos mumble"; description = "weekly reminder for nixos mumble";
startAt = "Thu *-*-* 19:00:00 Europe/Berlin"; startAt = "Wed *-*-* 19:00:00 Europe/Berlin";
serviceConfig = { serviceConfig = {
ExecStart = pkgs.writers.writeDash "mumble_reminder" '' ExecStart = pkgs.writers.writeDash "mumble_reminder" ''
animals=' animals='
${animals} ${animals}
' '
${write_to_irc "#krebs"} "Es ist Donnerstag meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!" ${write_to_irc "#krebs"} "Es ist Mittwoch meine $(echo "$animals" | grep -v '^$' | shuf -n1 )!"
${write_to_irc "#krebs"} "$(cat /var/lib/reaktor2-mumble-reminder/users | ${pkgs.findutils}/bin/xargs echo) : mumble?" ${write_to_irc "#krebs"} "$(cat /var/lib/reaktor2-mumble-reminder/users | ${pkgs.findutils}/bin/xargs echo) : mumble?"
''; '';
}; };