Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
681042eedf
|
@ -16,4 +16,9 @@
|
|||
|
||||
boot.isContainer = true;
|
||||
networking.useDHCP = false;
|
||||
krebs.repo-sync.repos.stockholm.timerConfig = {
|
||||
OnBootSec = "5min";
|
||||
OnUnitInactiveSec = "2min";
|
||||
RandomizedDelaySec = "2min";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
|
||||
<stockholm/krebs/2configs/buildbot-krebs.nix>
|
||||
<stockholm/krebs/2configs/stats/puyak-client.nix>
|
||||
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.puyak;
|
||||
|
|
|
@ -13,6 +13,7 @@ in
|
|||
|
||||
<stockholm/krebs/2configs/graphite.nix>
|
||||
<stockholm/krebs/2configs/buildbot-krebs.nix>
|
||||
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||
|
||||
<stockholm/krebs/2configs/shack/worlddomination.nix>
|
||||
<stockholm/krebs/2configs/shack/drivedroid.nix>
|
||||
|
@ -44,11 +45,9 @@ in
|
|||
nix = {
|
||||
# use the up to date prism cache
|
||||
binaryCaches = [
|
||||
"http://cache.prism.r"
|
||||
"https://cache.nixos.org/"
|
||||
];
|
||||
binaryCachePublicKeys = [
|
||||
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
|
||||
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
|
||||
];
|
||||
};
|
||||
|
|
12
krebs/2configs/binary-cache/prism.nix
Normal file
12
krebs/2configs/binary-cache/prism.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
nix = {
|
||||
binaryCaches = [
|
||||
"http://cache.prism.r"
|
||||
];
|
||||
binaryCachePublicKeys = [
|
||||
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,8 +1,13 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
<stockholm/krebs/2configs/buildbot-krebs.nix>
|
||||
<stockholm/krebs/2configs/repo-sync.nix>
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
|
||||
krebs.ci.enable = true;
|
||||
krebs.ci.treeStableTimer = 1;
|
||||
krebs.ci.users.krebs.all = true;
|
||||
krebs.ci.users.lass.all = true;
|
||||
krebs.ci.users.makefu.all = true;
|
||||
krebs.ci.users.nin.all = true;
|
||||
|
|
|
@ -6,13 +6,8 @@
|
|||
|
||||
networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
|
||||
krebs.ci.enable = true;
|
||||
krebs.ci.users.krebs ={
|
||||
all = true;
|
||||
hosts = [
|
||||
"test-arch"
|
||||
"test-centos6"
|
||||
"test-centos7"
|
||||
"test-all-krebs-modules"
|
||||
];
|
||||
};
|
||||
krebs.ci.treeStableTimer = 120;
|
||||
krebs.ci.users.krebs.hosts = [
|
||||
config.networking.hostName
|
||||
];
|
||||
}
|
||||
|
|
|
@ -8,12 +8,17 @@ in
|
|||
{
|
||||
options.krebs.ci = {
|
||||
enable = mkEnableOption "krebs continous integration";
|
||||
treeStableTimer = mkOption {
|
||||
type = types.int;
|
||||
default = 10;
|
||||
description = "how long to wait until we test changes (in minutes)";
|
||||
};
|
||||
users = mkOption {
|
||||
type = with types; attrsOf (submodule {
|
||||
options = {
|
||||
all = mkOption {
|
||||
type = bool;
|
||||
default = true;
|
||||
default = false;
|
||||
};
|
||||
hosts = mkOption {
|
||||
type = listOf str;
|
||||
|
@ -48,9 +53,6 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
nix.gc.automatic = true;
|
||||
nix.gc.dates = "05:23";
|
||||
|
||||
krebs.buildbot.master = {
|
||||
slaves = {
|
||||
testslave = "lasspass";
|
||||
|
@ -72,7 +74,7 @@ in
|
|||
sched.append(
|
||||
schedulers.SingleBranchScheduler(
|
||||
change_filter=util.ChangeFilter(branch_re=".*"),
|
||||
treeStableTimer=10,
|
||||
treeStableTimer=${toString cfg.treeStableTimer}*60,
|
||||
name="build-all-branches",
|
||||
builderNames=[
|
||||
"build-hosts"
|
||||
|
@ -122,7 +124,8 @@ in
|
|||
"--force-populate",
|
||||
"--target=$LOGNAME@${config.krebs.build.host.name}$HOME/{}".format(user),
|
||||
])
|
||||
]
|
||||
],
|
||||
timeout=90001
|
||||
)
|
||||
|
||||
${let
|
||||
|
|
|
@ -301,6 +301,32 @@ with import <stockholm/lib>;
|
|||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g";
|
||||
};
|
||||
skynet = {
|
||||
cores = 2;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.133.116";
|
||||
ip6.addr = "42:0:0:0:0:0:0:1101";
|
||||
aliases = [
|
||||
"skynet.r"
|
||||
"cgit.skynet.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEArNpBoTs7MoaZq2edGJLYUjmoLa5ZtXhOFBHjS1KtQ3hMtWkcqpYX
|
||||
Ic457utOSGxTE+90yXXez2DD9llJMMyd+O06lHJ7CxtbJGBNr3jwoUZVCdBuuo5B
|
||||
p9XfhXU9l9fUsbc1+a/cDjPBhQv8Uqmc6tOX+52H1aqZsa4W50c9Dv5vjsHgxCB0
|
||||
yiUd2MrKptCQTdmMM9Mf0XWKPPOuwpHpxaomlrpUz07LisFVGGHCflOvj5PAy8Da
|
||||
NC+AfNgR/76yfuYWcv4NPo9acjD9AIftS2c0tD3szyHBCGaYK/atKzIoBbFbOtMb
|
||||
mwG3B0X3UdphkqGDGsvT+66Kcv2jnKwL0wIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
secure = true;
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEB/MmASvx3i09DY1xFVM5jOhZRZA8rMRqtf8bCIkC+t";
|
||||
};
|
||||
iso = {
|
||||
cores = 1;
|
||||
managed = false;
|
||||
|
|
|
@ -9,6 +9,7 @@ with import <stockholm/lib>;
|
|||
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.tv) {
|
||||
alnus = {
|
||||
cores = 2;
|
||||
managed = true;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.21.1";
|
||||
|
@ -31,47 +32,6 @@ with import <stockholm/lib>;
|
|||
ssh.privkey.path = <secrets/ssh.id_rsa>;
|
||||
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP9JS2Nyjx4Pn+/4MrFi1EvBBYVKkGm2Q4lhgaAiSuiGLol53OSsL2KIo01mbcSSBWow9QpQpn8KDoRnT2aMLDrdTFqL20ztDLOXmtrSsz3flgCjmW4f6uOaoZF0RNjAybd1coqwSJ7EINugwoqOsg1zzN2qeIGKYFvqFIKibYFAnQ8hcksmkvPdIO5O8CbdIiP9sZSrSDp0ZyLK2T0PML2jensVZOeqSPulQDFqLsbmavpVLkpDjdzzPRwbZWNB4++YeipbYNOkX4GR1EB4wMZ93IbBV7kpJtib2Zb2AnUf7UW37hxWBjILdstj9ClwNOQggn8kD9ub7YxBzH1dz0Xd8a0mPOAWIDJz9MypXgFRc3vdvPB/W1I4Se0CLbgOkORun9CkgijKr9oEY8JNt8HFd6viZcAaQxOyIm6PNHZTnHfdSc7bIBS2n3e3IZBv0fTd77knGLXg402aTuu2bm/kxsKivxsILXIaGbeXe4ceN3Fynr3FzSM2bUkzHb0mAHu1BQ9YaX0xzCwjVueA5nzGls7ODSFkXsiBfg2FvMN/sTLFca6tnwyqcnD6nujoiS5+BxjDWPgnZYqCaW3B/IkpTsRMsX6QrfhOFcsP8qlJ2Cp82orWoDK/D0vZ9pdzAc6PFGga0RofuJKY2yiq+SRZ7/e9E6VncIVCYZ1OfN0Q==";
|
||||
};
|
||||
caxi = {
|
||||
cores = 2;
|
||||
extraZones = {
|
||||
"krebsco.de" = ''
|
||||
caxi 60 IN A ${config.krebs.hosts.caxi.nets.internet.ip4.addr}
|
||||
'';
|
||||
};
|
||||
nets = {
|
||||
internet = {
|
||||
ip4 = {
|
||||
addr = "104.233.124.70";
|
||||
prefix = "104.233.124.0/24";
|
||||
};
|
||||
aliases = [
|
||||
"caxi.i"
|
||||
"caxi.krebsco.de"
|
||||
];
|
||||
ssh.port = 11423;
|
||||
};
|
||||
retiolum = {
|
||||
via = config.krebs.hosts.caxi.nets.internet;
|
||||
ip4.addr = "10.243.113.226";
|
||||
ip6.addr = "42:4522:25f8:36bb:8ccb:150:231a:2af6";
|
||||
aliases = [
|
||||
"caxi.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAxNh1xhvCFzjUOmBq+F6NjUdntKh/7qo7LrsXjPVn92r1hGTVHJO1
|
||||
E+XP5dabZ/mFWySY8GvG7XlZ27wsjkvHEyb16IhOqYrnaONf9LifAWQ3qBlHtp1T
|
||||
eZeP6wcXLhR/pOPy0pT6EABmDHbOzErjYv4pdrXHuxlM10Ljtpp3mClNeXY9eby+
|
||||
HekEE8LY8/zWqJ90lMaxPhLh1VqEvTVTnem5e1F8HDzNvRWa0kWUYG33zPQMyKgR
|
||||
BCvp1DR7Y2LwDmGKnhzBm4JTcP+fcs+z/eGie/CEIgFM0BFJaTBAYZOtUlhBSe0y
|
||||
UYE2W9CJkPN2Uepf53nPnshjKC64fgTr7wIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdJ4xGi+qn4IfMZJ3Kv7AGZGbhlR+GrkD87z2tcyRZy";
|
||||
};
|
||||
cd = {
|
||||
cores = 2;
|
||||
extraZones = {
|
||||
|
@ -80,6 +40,7 @@ with import <stockholm/lib>;
|
|||
cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
|
||||
'';
|
||||
};
|
||||
managed = true;
|
||||
nets = {
|
||||
internet = {
|
||||
ip4.addr = "45.62.237.203";
|
||||
|
@ -182,6 +143,7 @@ with import <stockholm/lib>;
|
|||
};
|
||||
mu = {
|
||||
cores = 2;
|
||||
managed = true;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.20.1";
|
||||
|
@ -251,6 +213,7 @@ with import <stockholm/lib>;
|
|||
};
|
||||
nomic = {
|
||||
cores = 2;
|
||||
managed = true;
|
||||
nets = {
|
||||
gg23 = {
|
||||
ip4.addr = "10.23.1.110";
|
||||
|
@ -306,6 +269,7 @@ with import <stockholm/lib>;
|
|||
};
|
||||
wu = {
|
||||
cores = 4;
|
||||
managed = true;
|
||||
nets = {
|
||||
gg23 = {
|
||||
ip4.addr = "10.23.1.37";
|
||||
|
@ -343,6 +307,7 @@ with import <stockholm/lib>;
|
|||
pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s=";
|
||||
};
|
||||
cores = 4;
|
||||
managed = true;
|
||||
nets = {
|
||||
gg23 = {
|
||||
ip4.addr = "10.23.1.38";
|
||||
|
@ -377,6 +342,7 @@ with import <stockholm/lib>;
|
|||
};
|
||||
zu = {
|
||||
cores = 4;
|
||||
managed = true;
|
||||
nets = {
|
||||
gg23 = {
|
||||
ip4.addr = "10.23.1.39";
|
||||
|
|
|
@ -15,11 +15,6 @@ foldl' mergeAttrs {}
|
|||
{
|
||||
ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {};
|
||||
|
||||
buildbot-full = self.callPackage ./simple/buildbot {
|
||||
plugins = with self.buildbot-plugins; [ www console-view waterfall-view ];
|
||||
};
|
||||
buildbot-worker = self.callPackage ./simple/buildbot/worker.nix {};
|
||||
|
||||
# https://github.com/proot-me/PRoot/issues/106
|
||||
proot = self.writeDashBin "proot" ''
|
||||
export PROOT_NO_SECCOMP=1
|
||||
|
|
|
@ -14,6 +14,6 @@ in
|
|||
stockholm.file = toString <stockholm>;
|
||||
nixpkgs.git = {
|
||||
url = https://github.com/NixOS/nixpkgs;
|
||||
ref = "72c9ed78d0b1d9d5f531805ddf5bf06bfd447614"; # nixos-17.03 @ 2017-06-17
|
||||
ref = "0590ecbe9e6b9a076065be29370701da758c61f1"; # nixos-17.03 @ 2017-07-30
|
||||
};
|
||||
}
|
||||
|
|
|
@ -88,6 +88,7 @@ with import <stockholm/lib>;
|
|||
aria2
|
||||
|
||||
#neat utils
|
||||
hashPassword
|
||||
krebspaste
|
||||
pciutils
|
||||
pop
|
||||
|
|
59
lass/1systems/skynet/config.nix
Normal file
59
lass/1systems/skynet/config.nix
Normal file
|
@ -0,0 +1,59 @@
|
|||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
imports = [
|
||||
<stockholm/lass>
|
||||
<stockholm/lass/2configs/hw/x220.nix>
|
||||
<stockholm/lass/2configs/boot/stock-x220.nix>
|
||||
|
||||
<stockholm/lass/2configs/retiolum.nix>
|
||||
#<stockholm/lass/2configs/exim-retiolum.nix>
|
||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||
<stockholm/lass/2configs/backups.nix>
|
||||
{
|
||||
# discordius config
|
||||
services.xserver.enable = true;
|
||||
users.users.discordius = {
|
||||
uid = genid "discordius";
|
||||
home = "/home/discordius";
|
||||
group = "users";
|
||||
createHome = true;
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"networkmanager"
|
||||
];
|
||||
useDefaultShell = true;
|
||||
};
|
||||
networking.networkmanager.enable = true;
|
||||
networking.wireless.enable = mkForce false;
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
systemWide = true;
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
pavucontrol
|
||||
firefox
|
||||
hexchat
|
||||
networkmanagerapplet
|
||||
];
|
||||
services.xserver.desktopManager.gnome3 = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.daedalus;
|
||||
|
||||
#fileSystems = {
|
||||
# "/bku" = {
|
||||
# device = "/dev/mapper/pool-bku";
|
||||
# fsType = "btrfs";
|
||||
# options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
||||
# };
|
||||
#};
|
||||
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEM=="net", ATTR{address}=="10:0b:a9:a6:44:04", NAME="wl0"
|
||||
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:d1:90:fc", NAME="et0"
|
||||
'';
|
||||
}
|
4
lass/1systems/skynet/source.nix
Normal file
4
lass/1systems/skynet/source.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
import <stockholm/lass/source.nix> {
|
||||
name = "skynet";
|
||||
secure = true;
|
||||
}
|
|
@ -36,6 +36,9 @@ with import <stockholm/lib>;
|
|||
{ from = "shack@lassul.us"; to = lass.mail; }
|
||||
{ from = "nix@lassul.us"; to = lass.mail; }
|
||||
{ from = "c-base@lassul.us"; to = lass.mail; }
|
||||
{ from = "paypal@lassul.us"; to = lass.mail; }
|
||||
{ from = "patreon@lassul.us"; to = lass.mail; }
|
||||
{ from = "steam@lassul.us"; to = lass.mail; }
|
||||
];
|
||||
system-aliases = [
|
||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||
|
|
|
@ -65,8 +65,15 @@ let
|
|||
''} %r |"
|
||||
|
||||
virtual-mailboxes \
|
||||
"INBOX" "notmuch://?query=tag:inbox and NOT tag:killed"\
|
||||
"INBOX" "notmuch://?query=tag:inbox \
|
||||
and NOT tag:killed \
|
||||
and NOT to:shackspace \
|
||||
and NOT to:c-base \
|
||||
and NOT to:nix-devel"\
|
||||
"Unread" "notmuch://?query=tag:unread"\
|
||||
"shack" "notmuch://?query=to:shackspace"\
|
||||
"c-base" "notmuch://?query=to:c-base"\
|
||||
"nix" "notmuch://?query=to:nix-devel"\
|
||||
"TODO" "notmuch://?query=tag:TODO"\
|
||||
"Starred" "notmuch://?query=tag:*"\
|
||||
"Archive" "notmuch://?query=tag:archive"\
|
||||
|
|
|
@ -125,6 +125,7 @@ in {
|
|||
{ from = "dominik@apanowicz.de"; to = "dominik_a@gmx.de"; }
|
||||
{ from = "dma@ubikmedia.de"; to = "domsen"; }
|
||||
{ from = "dma@ubikmedia.eu"; to = "domsen"; }
|
||||
{ from = "bruno@apanowicz.de"; to = "bruno"; }
|
||||
{ from = "mail@jla-trading.com"; to = "jla-trading"; }
|
||||
{ from = "jms@ubikmedia.eu"; to = "jms"; }
|
||||
{ from = "ms@ubikmedia.eu"; to = "ms"; }
|
||||
|
@ -151,6 +152,13 @@ in {
|
|||
createHome = true;
|
||||
};
|
||||
|
||||
users.users.bruno = {
|
||||
uid = genid_signed "bruno";
|
||||
home = "/home/bruno";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.users.jla-trading = {
|
||||
uid = genid_signed "jla-trading";
|
||||
home = "/home/jla-trading";
|
||||
|
|
|
@ -19,6 +19,6 @@ in
|
|||
# 87a4615 & 334ac4f
|
||||
# + acme permissions for groups
|
||||
# fd7a8f1
|
||||
ref = "d486531";
|
||||
ref = "a732dcf";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
{ config, pkgs, ... }: let
|
||||
|
||||
{
|
||||
bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1";
|
||||
|
||||
in {
|
||||
krebs.build.host = config.krebs.hosts.cd;
|
||||
|
||||
imports = [
|
||||
|
@ -13,14 +14,14 @@ with import <stockholm/lib>;
|
|||
<stockholm/tv/2configs/retiolum.nix>
|
||||
];
|
||||
|
||||
networking = {
|
||||
networking = let
|
||||
address = config.krebs.build.host.nets.internet.ip4.addr;
|
||||
in {
|
||||
defaultGateway = bestGuessGateway address;
|
||||
interfaces.enp2s1.ip4 = singleton {
|
||||
address = let
|
||||
addr = "45.62.237.203";
|
||||
in assert config.krebs.build.host.nets.internet.ip4.addr == addr; addr;
|
||||
inherit address;
|
||||
prefixLength = 24;
|
||||
};
|
||||
defaultGateway = "45.62.237.1";
|
||||
nameservers = ["8.8.8.8"];
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user