Merge branch 'master' of pnp:stockholm

This commit is contained in:
makefu 2015-11-06 22:23:46 +01:00
commit 736e1426d5
19 changed files with 255 additions and 40 deletions

View File

@ -164,6 +164,7 @@ with lib;
dc = "makefu"; #dc = "cac"; dc = "makefu"; #dc = "cac";
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
euer IN A ${head nets.internet.addrs4}
wiki.euer IN A ${head nets.internet.addrs4} wiki.euer IN A ${head nets.internet.addrs4}
wry IN A ${head nets.internet.addrs4} wry IN A ${head nets.internet.addrs4}
io IN NS wry.krebsco.de. io IN NS wry.krebsco.de.
@ -191,6 +192,9 @@ with lib;
"paste.retiolum" "paste.retiolum"
"wry.retiolum" "wry.retiolum"
"wiki.makefu.retiolum" "wiki.makefu.retiolum"
"wiki.wry.retiolum"
"blog.makefu.retiolum"
"blog.wry.retiolum"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
@ -240,7 +244,6 @@ with lib;
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
euer IN A ${head nets.internet.addrs4}
share.euer IN A ${head nets.internet.addrs4} share.euer IN A ${head nets.internet.addrs4}
gum IN A ${head nets.internet.addrs4} gum IN A ${head nets.internet.addrs4}
''; '';

View File

@ -158,7 +158,8 @@ with lib;
}; };
}; };
secure = true; secure = true;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILn7C3LxAs9kUynENdRNgQs4qjrhNDfXzlHTpVJt6e09"; ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILMPMh3nHxVcPqM+LrkK7eYxNJY1ShBXOTg1vlSR45wx";
}; };
ok = { ok = {
nets = { nets = {

View File

@ -0,0 +1,22 @@
{ lib, pkgs, pythonPackages, fetchurl, ... }:
with pythonPackages; buildPythonPackage rec {
name = "bepasty-client-cli-${version}";
version = "0.3.0";
propagatedBuildInputs = [
python_magic
click
requests2
];
src = fetchurl {
url = "https://pypi.python.org/packages/source/b/bepasty-client-cli/bepasty-client-cli-${version}.tar.gz";
sha256 = "002kcplyfnmr5pn2ywdfilss0rmbm8wcdzz8hzp03ksy2zr4sdbw";
};
meta = {
homepage = https://github.com/bepasty/bepasty-client-cli;
description = "CLI client for bepasty-server";
license = lib.licenses.bsd2;
};
}

View File

@ -0,0 +1,7 @@
{ writeScriptBin, pkgs }:
# TODO: use `wrapProgram --add-flags` instead?
writeScriptBin "krebspaste" ''
#! /bin/sh
exec ${pkgs.bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
''

View File

@ -0,0 +1,43 @@
{stdenv, fetchurl,pkgs,... }:
let
s =
rec {
baseName="translate-shell";
version="0.9.0.9";
name="${baseName}-${version}";
url=https://github.com/soimort/translate-shell/archive/v0.9.0.9.tar.gz;
sha256="1269j4yr9dr1d8c5kmysbzfplbgdg8apqnzs5w57d29sd7gz2i34";
};
searchpath = with pkgs; stdenv.lib.makeSearchPath "bin" [
fribidi
gawk
bash
curl
less
];
buildInputs = [
pkgs.makeWrapper
];
in
stdenv.mkDerivation {
inherit (s) name version;
inherit buildInputs;
src = fetchurl {
inherit (s) url sha256;
};
# TODO: maybe mplayer
installPhase = ''
mkdir -p $out/bin
make PREFIX=$out install
wrapProgram $out/bin/trans --suffix PATH : "${searchpath}"
'';
meta = {
inherit (s) version;
description = ''translate using google api'';
license = stdenv.lib.licenses.free;
maintainers = [stdenv.lib.maintainers.makefu];
platforms = stdenv.lib.platforms.linux ;
};
}

View File

@ -84,6 +84,7 @@ let out = {
cat<<EOF cat<<EOF
# put following into config.krebs.hosts.$system: # put following into config.krebs.hosts.$system:
ssh.privkey.path = <secrets/ssh.$key_type>;
ssh.pubkey = $(echo $pubkey | jq -R .); ssh.pubkey = $(echo $pubkey | jq -R .);
EOF EOF
''; '';
@ -178,7 +179,7 @@ let out = {
nix-path = nix-path =
lib.concatStringsSep ":" lib.concatStringsSep ":"
(lib.mapAttrsToList (name: _: "${name}=/root/${name}") (lib.mapAttrsToList (name: src: "${name}=${src.target-path}")
(config.krebs.build.source.dir // (config.krebs.build.source.dir //
config.krebs.build.source.git)); config.krebs.build.source.git));
in '' in ''

View File

@ -8,7 +8,8 @@ let
in { in {
imports = [ imports = [
# TODO: copy this config or move to krebs # TODO: copy this config or move to krebs
../../tv/2configs/CAC-CentOS-7-64bit.nix ../../tv/2configs/hw/CAC.nix
../../tv/2configs/fs/CAC-CentOS-7-64bit.nix
../2configs/base.nix ../2configs/base.nix
../2configs/unstable-sources.nix ../2configs/unstable-sources.nix
../2configs/headless.nix ../2configs/headless.nix
@ -23,6 +24,8 @@ in {
# other nginx # other nginx
../2configs/nginx/euer.wiki.nix ../2configs/nginx/euer.wiki.nix
../2configs/nginx/euer.blog.nix
# collectd # collectd
../2configs/collectd/collectd-base.nix ../2configs/collectd/collectd-base.nix
]; ];
@ -71,5 +74,5 @@ in {
nameservers = [ "8.8.8.8" ]; nameservers = [ "8.8.8.8" ];
}; };
environment.systemPackages = [ pkgs.translate-shell ];
} }

View File

@ -1,4 +1,4 @@
_: {lib,... }:
{ {
sound.enable = false; sound.enable = lib.mkForce false;
} }

View File

@ -5,14 +5,40 @@ let
sec = toString <secrets>; sec = toString <secrets>;
ssl_cert = "${sec}/wildcard.krebsco.de.crt"; ssl_cert = "${sec}/wildcard.krebsco.de.crt";
ssl_key = "${sec}/wildcard.krebsco.de.key"; ssl_key = "${sec}/wildcard.krebsco.de.key";
hostname = krebs.build.host.name; hostname = config.krebs.build.host.name;
user = config.services.nginx.user;
group = config.services.nginx.group;
external-ip = head config.krebs.build.host.nets.internet.addrs4;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4;
base-dir = "/var/www/blog.euer";
in { in {
# Prepare Blog directory
systemd.services.prepare-euer-blog = {
wantedBy = [ "local-fs.target" ];
before = [ "nginx.service" ];
serviceConfig = {
# do nothing if the base dir already exists
ExecStart = pkgs.writeScript "prepare-euer-blog-service" ''
#!/bin/sh
if ! test -d "${base-dir}" ;then
mkdir -p "${base-dir}"
chown ${user}:${group} "${base-dir}"
chmod 700 "${base-dir}"
fi
'';
Type = "oneshot";
RemainAfterExit = "yes";
TimeoutSec = "0";
};
};
krebs.nginx = { krebs.nginx = {
enable = mkDefault true; enable = mkDefault true;
servers = { servers = {
euer-blog = { euer-blog = {
listen = [ "80" "443 ssl" ]; listen = [ "${external-ip}:80" "${external-ip}:443 ssl"
server-names = [ "euer.krebsco.de" "euer.blog.krebsco.de" "blog.${hostname}" ]; "${internal-ip}:80" "${internal-ip}:443 ssl" ];
server-names = [ "euer.krebsco.de" "blog.euer.krebsco.de" "blog.${hostname}" ];
extraConfig = '' extraConfig = ''
gzip on; gzip on;
gzip_buffers 4 32k; gzip_buffers 4 32k;
@ -22,7 +48,7 @@ in {
default_type text/plain; default_type text/plain;
''; '';
locations = singleton (nameValuePair "/" '' locations = singleton (nameValuePair "/" ''
root /var/www/euer.blog/; root ${base-dir};
''); '');
}; };
}; };

View File

@ -51,6 +51,7 @@ in {
serviceConfig = { serviceConfig = {
ExecStart = pkgs.writeScript "prepare-tw-service" '' ExecStart = pkgs.writeScript "prepare-tw-service" ''
#!/bin/sh #!/bin/sh
if ! test -d "${base-dir}" ;then
mkdir -p "${wiki-dir}" "${backup-dir}" mkdir -p "${wiki-dir}" "${backup-dir}"
# write the base configuration # write the base configuration
@ -61,8 +62,10 @@ in {
backupdir = ${backup-dir} backupdir = ${backup-dir}
savedir = ${wiki-dir} savedir = ${wiki-dir}
EOF EOF
chown -R ${user}:${group} "${base-dir}" chown -R ${user}:${group} "${base-dir}"
chmod 700 -R "${base-dir}" chmod 700 -R "${base-dir}"
fi
''; '';
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = "yes"; RemainAfterExit = "yes";

View File

@ -10,8 +10,8 @@ with lib;
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/4z3/nixpkgs; url = https://github.com/NixOS/nixpkgs;
rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692 rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
}; };
dir.secrets = { dir.secrets = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;

View File

@ -24,7 +24,7 @@ in
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs; url = https://github.com/NixOS/nixpkgs;
rev = "e57024f821c94caf5684964474073649b8b6356b"; rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
}; };
dir.secrets = { dir.secrets = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;

View File

@ -10,8 +10,8 @@ with lib;
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/4z3/nixpkgs; url = https://github.com/NixOS/nixpkgs;
rev = "03130ec91356cd250b80f144022ee2f4d665ca36"; # 1357692 rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
}; };
dir.secrets = { dir.secrets = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;

View File

@ -24,7 +24,7 @@ in
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs; url = https://github.com/NixOS/nixpkgs;
rev = "68bd8e4a9dc247726ae89cc8739574261718e328"; rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
}; };
dir.secrets = { dir.secrets = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;

View File

@ -11,7 +11,8 @@ with lib;
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs; url = https://github.com/NixOS/nixpkgs;
rev = "e916273209560b302ab231606babf5ce1c481f08"; rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
target-path = "/var/src/nixpkgs";
}; };
dir.secrets = { dir.secrets = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;
@ -20,6 +21,7 @@ with lib;
dir.stockholm = { dir.stockholm = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;
path = "/home/tv/stockholm"; path = "/home/tv/stockholm";
target-path = "/var/src/stockholm";
}; };
}; };

View File

@ -11,7 +11,7 @@ with lib;
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs; url = https://github.com/NixOS/nixpkgs;
rev = "e57024f821c94caf5684964474073649b8b6356b"; rev = "c44a593aa43bba6a0708f6f36065a514a5110613";
}; };
dir.secrets = { dir.secrets = {
host = config.krebs.hosts.wu; host = config.krebs.hosts.wu;
@ -110,7 +110,6 @@ with lib;
#minicom #minicom
#mtools #mtools
#ncmpc #ncmpc
#neovim
#nethogs #nethogs
#nix-prefetch-scripts #cvs bug #nix-prefetch-scripts #cvs bug
#openssl #openssl

View File

@ -3,17 +3,13 @@
with builtins; with builtins;
with lib; with lib;
let
# "7.4.335" -> "74"
majmin = x: concatStrings (take 2 (splitString "." x));
in
{ {
krebs.enable = true; krebs.enable = true;
networking.hostName = config.krebs.build.host.name; networking.hostName = config.krebs.build.host.name;
imports = [ imports = [
./vim.nix
{ {
# stockholm dependencies # stockholm dependencies
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -107,10 +103,8 @@ in
lAtr = "ls -lAtr"; lAtr = "ls -lAtr";
# alias ll='ls -l' # alias ll='ls -l'
ls = "ls -h --color=auto --group-directories-first"; ls = "ls -h --color=auto --group-directories-first";
# alias vim='vim -p'
# alias vi='vim'
# alias view='vim -R'
dmesg = "dmesg -L --reltime"; dmesg = "dmesg -L --reltime";
view = "vim -R";
}; };
programs.bash = { programs.bash = {
@ -153,10 +147,6 @@ in
} }
{ {
nixpkgs.config.packageOverrides = pkgs: {
nano = pkgs.vim;
};
services.cron.enable = false; services.cron.enable = false;
services.nscd.enable = false; services.nscd.enable = false;
services.ntp.enable = false; services.ntp.enable = false;

118
tv/2configs/vim.nix Normal file
View File

@ -0,0 +1,118 @@
{ lib, pkgs, ... }:
with lib;
let
out = {
environment.systemPackages = [
pkgs.vim
];
# Nano really is just a stupid name for Vim.
nixpkgs.config.packageOverrides = pkgs: {
nano = pkgs.vim;
};
environment.etc.vimrc.source = vimrc;
environment.variables.EDITOR = mkForce "vim";
environment.variables.VIMINIT = ":so /etc/vimrc";
};
extra-runtimepath = concatStringsSep "," [
"${pkgs.vimPlugins.undotree}/share/vim-plugins/undotree"
];
vimrc = pkgs.writeText "vimrc" ''
set nocompatible
set autoindent
set backspace=indent,eol,start
set backup
set backupdir=$HOME/.vim/backup/
set directory=$HOME/.vim/cache//
set hlsearch
set incsearch
set mouse=a
set noruler
set pastetoggle=<INS>
set runtimepath=${extra-runtimepath},$VIMRUNTIME
set shortmess+=I
set showcmd
set showmatch
set ttimeoutlen=0
set undodir=$HOME/.vim/undo
set undofile
set undolevels=1000000
set undoreload=1000000
set viminfo='20,<1000,s100,h,n$HOME/.vim/cache/info
set visualbell
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
set wildmode=longest,full
set et ts=2 sts=2 sw=2
filetype plugin indent on
set t_Co=256
colorscheme industry
syntax on
au Syntax * syn match Tabstop containedin=ALL /\t\+/
\ | hi Tabstop ctermbg=16
\ | syn match TrailingSpace containedin=ALL /\s\+$/
\ | hi TrailingSpace ctermbg=88
\ | hi Normal ctermfg=White
au BufRead,BufNewFile *.nix so ${pkgs.writeText "nix.vim" ''
setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match INT /[0-9]\+/
syn match PATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match HPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match SPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match URI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
hi link INT Constant
hi link PATH Constant
hi link HPATH Constant
hi link SPATH Constant
hi link URI Constant
syn match String /"\([^"]\|\\\"\)*"/
syn match Comment /\s#.*/
''}
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
nmap <esc>q :buffer
nmap <M-q> :buffer
cnoremap <C-A> <Home>
noremap <C-c> :q<cr>
nnoremap <esc>[5^ :tabp<cr>
nnoremap <esc>[6^ :tabn<cr>
nnoremap <esc>[5@ :tabm -1<cr>
nnoremap <esc>[6@ :tabm +1<cr>
nnoremap <f1> :tabp<cr>
nnoremap <f2> :tabn<cr>
inoremap <f1> <esc>:tabp<cr>
inoremap <f2> <esc>:tabn<cr>
" <C-{Up,Down,Right,Left>
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
" <[C]S-{Up,Down,Right,Left>
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
vnoremap u <nop>
'';
in
out

View File

@ -6,9 +6,6 @@ lib // rec {
inherit lib pkgs; inherit lib pkgs;
}; };
# "7.4.335" -> "74"
majmin = with lib; x : concatStrings (take 2 (splitString "." x));
# TODO deprecate shell-escape for lass # TODO deprecate shell-escape for lass
shell-escape = lib.shell.escape; shell-escape = lib.shell.escape;
} }