diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix index 224a38ac3..82f8ec942 100644 --- a/krebs/2configs/exim-smarthost.nix +++ b/krebs/2configs/exim-smarthost.nix @@ -22,13 +22,11 @@ in { tv ]; in { - "anmeldung@eloop.org" = eloop-ml; "brain@krebsco.de" = brain-ml; - "cfp2019@eloop.org" = eloop-ml; - "eloop2019@krebsco.de" = eloop-ml; - "kontakt@eloop.org" = eloop-ml; - "root@eloop.org" = eloop-ml; - "youtube@eloop.org" = eloop-ml; + "eloop2022@krebsco.de" = eloop-ml; + "root@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead + "spam@eloop.org" = eloop-ml; + "youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead "postmaster@krebsco.de" = spam-ml; # RFC 822 "lass@krebsco.de" = lass; "makefu@krebsco.de" = makefu; diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix index 205cc96f4..2ed0b08fb 100644 --- a/krebs/2configs/reaktor2.nix +++ b/krebs/2configs/reaktor2.nix @@ -71,12 +71,12 @@ let ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \ | ${pkgs.coreutils}/bin/tail +2 \ | ${pkgs.miller}/bin/mlr --icsv --opprint cat \ - | ${pkgs.gnused}/bin/sed 's/^/the_/' + | ${pkgs.gnused}/bin/sed 's/^\(.\)/\1‍/' ''; }; } { - pattern = ''^([\H-]*):?\s+([+-][1-9][0-9]*)\s+(\S+)$''; + pattern = ''^([\H-]*?):?\s+([+-][1-9][0-9]*)\s+(\S+)$''; activate = "match"; arguments = [1 2 3]; command = { diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 2d73da884..8ea727dc7 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -102,6 +102,7 @@ let imp = lib.mkMerge [ { krebs = import ./external { inherit config; }; } + { krebs = import ./external/dbalan.nix { inherit config; }; } { krebs = import ./external/kmein.nix { inherit config; }; } { krebs = import ./external/mic92.nix { inherit config; }; } { krebs = import ./external/palo.nix { inherit config; }; } diff --git a/krebs/3modules/external/dbalan.nix b/krebs/3modules/external/dbalan.nix new file mode 100644 index 000000000..301f010d3 --- /dev/null +++ b/krebs/3modules/external/dbalan.nix @@ -0,0 +1,50 @@ +with import ; +{ config, ... }: +let + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + owner = config.krebs.users.dbalan; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum = { + ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }; + } // optionalAttrs (host.nets?wiregrill) { + nets.wiregrill = { + ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address; + }; + }); +in +{ + users = rec { + dbalan = { + mail = "dbalan@thaum.space"; + pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60"; + }; + }; + hosts = mapAttrs hostDefaults { + v60 = { + nets.retiolum = { + aliases = [ "v60.dbalan.r" ]; + ip4.addr = "10.243.42.12"; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6 + RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr + 1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU + uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz + p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm + bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy + I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD + mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA + OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy + AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds + 9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC"; + }; + }; + }; +} diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index d63a6b306..3bd2c1b7b 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -681,27 +681,6 @@ in { }; }; }; - jarvis = { - owner = config.krebs.users.mic92; - nets = rec { - internet.addrs = [ "jarvis.thalheim.io" ]; - retiolum = { - via = internet; - aliases = [ "jarvis.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA7PtJlYBpBr2TK5CAvAukkGvj+esC+sMPKd3mO9iDwdViBrqKdf+D - yEy8SI80Y02dpkL97NjvnzepKpyGQWpG1ZQflJLhCTj7oFyVpWd4XsbIuzYp5ES6 - r8qKWs2xcItc1pbW0ZmrCBzdWsC1B0VAHlYkiz+7vM6pCTvg6hNQugP4c1TRCtJC - Sr+n+EjTXN/NTaKl+f7eoHJGnT5liDO3/xZVxm8AuLnron1xPPDghXClVHfDj5mt - f66f+CLwZhq3BrZuptwXp7TerMfrNtPyTx96b+EyuLPjrYxKeKL/+Nbr3VmmiDIV - tsraNc+0a8OBpVsYh4MQLp55NYwqxAoetQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - tinc.pubkey_ed25519 = "RRkMnGSg+nMkz4L2iqmdFf2fIf4wIfcTM0TlTWLLNCE"; - }; - }; - }; bernie = { owner = config.krebs.users.mic92; nets = rec { diff --git a/krebs/3modules/github-known-hosts.nix b/krebs/3modules/github-known-hosts.nix index 7bdf5bb7c..eec719f27 100644 --- a/krebs/3modules/github-known-hosts.nix +++ b/krebs/3modules/github-known-hosts.nix @@ -57,6 +57,7 @@ "20.201.28.151" "20.205.243.166" "102.133.202.242" + "20.248.137.48" "18.181.13.223" "54.238.117.237" "54.168.17.15" @@ -70,6 +71,7 @@ "20.201.28.152" "20.205.243.160" "102.133.202.246" + "20.248.137.50" ]; publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; }; diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix index e8037128d..9ed5f29c5 100644 --- a/krebs/3modules/iana-etc.nix +++ b/krebs/3modules/iana-etc.nix @@ -34,7 +34,7 @@ with import ; '') (filter (proto: entry.${proto} != null) ["tcp" "udp"])} '') (attrValues config.krebs.iana-etc.services)} - cat ${pkgs.iana_etc}/etc/services + cat ${pkgs.iana-etc}/etc/services } | sort -b -k 2,2 -u > $out ''); diff --git a/krebs/5pkgs/haskell/reaktor2/default.nix b/krebs/5pkgs/haskell/reaktor2/default.nix index 9ff2bd883..7f89c0b1f 100644 --- a/krebs/5pkgs/haskell/reaktor2/default.nix +++ b/krebs/5pkgs/haskell/reaktor2/default.nix @@ -1,18 +1,18 @@ { mkDerivation, aeson, async, attoparsec, base, blessings -, bytestring, containers, data-default, fetchgit, filepath -, hashable, lens, lens-aeson, network, network-simple -, network-simple-tls, network-uri, pcre-light, process, random -, servant-server, lib, string-conversions, stringsearch, text -, time, transformers, unagi-chan, unix, unordered-containers -, vector, wai, warp +, bytestring, containers, data-default, filepath, hashable, lens +, lens-aeson, lib, network, network-simple, network-simple-tls +, network-uri, pcre-light, process, random, servant-server +, string-conversions, stringsearch, text, time, transformers +, unagi-chan, unix, unordered-containers, vector, wai, warp +, fetchgit }: -mkDerivation rec { +mkDerivation { pname = "reaktor2"; - version = "0.4.0a"; + version = "0.4.2"; src = fetchgit { - url = "https://cgit.lassul.us/reaktor2"; - sha256 = "sha256-x1i2TWcycYVFij6832xaBiQa1RQ1VmSfu5Qt1QrUtds="; - rev = "6d3eb6de5e770ee26874bb7449934f0c55bd1efa"; + url = "https://cgit.krebsco.de/reaktor2"; + hash = "sha256-JPQyy0hDSH5JqQGjwoO5BNsD4qk+GKP1VH+j4/2cqes"; + rev = "53a11f421fb18e8687fa06e5511cea8bd9defc36"; fetchSubmodules = true; }; isLibrary = false; diff --git a/krebs/5pkgs/override/default.nix b/krebs/5pkgs/override/default.nix index fe13b4309..ae42bc1a3 100644 --- a/krebs/5pkgs/override/default.nix +++ b/krebs/5pkgs/override/default.nix @@ -10,20 +10,17 @@ self: super: { }); flameshot = super.flameshot.overrideAttrs (old: rec { - patches = old.patches or [] ++ { - "0.6.0" = [ - ./flameshot/flameshot_imgur_0.6.0.patch - ]; - "0.9.0" = [ - ./flameshot/flameshot_imgur_0.9.0.patch - ]; - "0.10.1" = [ - ./flameshot/flameshot_imgur_0.9.0.patch - ]; - "0.10.2" = [ - ./flameshot/flameshot_imgur_0.9.0.patch - ]; - }.${old.version} or []; + name = "flameshot-${version}"; + version = "0.10.2"; + src = self.fetchFromGitHub { + owner = "flameshot-org"; + repo = "flameshot"; + rev = "v${version}"; + sha256 = "sha256-rZUiaS32C77tFJmEkw/9MGbVTVscb6LOCyWaWO5FyR4="; + }; + patches = old.patches or [] ++ [ + ./flameshot/flameshot_imgur_0.10.2.patch + ]; }); # https://github.com/proot-me/PRoot/issues/106 diff --git a/krebs/5pkgs/override/flameshot/flameshot_imgur_0.9.0.patch b/krebs/5pkgs/override/flameshot/flameshot_imgur_0.10.2.patch similarity index 100% rename from krebs/5pkgs/override/flameshot/flameshot_imgur_0.9.0.patch rename to krebs/5pkgs/override/flameshot/flameshot_imgur_0.10.2.patch diff --git a/krebs/5pkgs/override/flameshot/flameshot_imgur_0.6.0.patch b/krebs/5pkgs/override/flameshot/flameshot_imgur_0.6.0.patch deleted file mode 100644 index 92023554a..000000000 --- a/krebs/5pkgs/override/flameshot/flameshot_imgur_0.6.0.patch +++ /dev/null @@ -1,34 +0,0 @@ ---- a/src/tools/imgur/imguruploader.cpp -+++ b/src/tools/imgur/imguruploader.cpp -@@ -40,6 +40,7 @@ - #include - #include - #include -+#include - - ImgurUploader::ImgurUploader(const QPixmap &capture, QWidget *parent) : - QWidget(parent), m_pixmap(capture) -@@ -74,7 +75,10 @@ void ImgurUploader::handleReply(QNetworkReply *reply) { - QJsonObject json = response.object(); - QJsonObject data = json["data"].toObject(); - m_imageURL.setUrl(data["link"].toString()); -- m_deleteImageURL.setUrl(QString("https://imgur.com/delete/%1").arg( -+ char *deleteImageURLPattern = secure_getenv("IMGUR_DELETE_URL"); -+ if (deleteImageURLPattern == NULL) -+ deleteImageURLPattern = "https://imgur.com/delete/%1"; -+ m_deleteImageURL.setUrl(QString(deleteImageURLPattern).arg( - data["deletehash"].toString())); - onUploadOk(); - } else { -@@ -105,7 +109,10 @@ void ImgurUploader::upload() { - QString description = FileNameHandler().parsedPattern(); - urlQuery.addQueryItem("description", description); - -- QUrl url("https://api.imgur.com/3/image"); -+ char *createImageURLPattern = secure_getenv("IMGUR_CREATE_URL"); -+ if (createImageURLPattern == NULL) -+ createImageURLPattern = "https://api.imgur.com/3/image"; -+ QUrl url(createImageURLPattern); - url.setQuery(urlQuery); - QNetworkRequest request(url); - request.setHeader(QNetworkRequest::ContentTypeHeader, diff --git a/krebs/5pkgs/simple/cidr2glob.nix b/krebs/5pkgs/simple/cidr2glob.nix index 9b0b3f86b..47a75ea41 100644 --- a/krebs/5pkgs/simple/cidr2glob.nix +++ b/krebs/5pkgs/simple/cidr2glob.nix @@ -1,6 +1,7 @@ -{ python, writeScriptBin, ... }: +{ python3, writeScriptBin, ... }: let + python = python3; pythonEnv = python.withPackages (ps: [ ps.netaddr ]); in writeScriptBin "cidr2glob" '' @@ -25,6 +26,6 @@ in if __name__ == "__main__": for cidr in sys.stdin: for glob in cidr2glob(cidr): - print glob + print(glob) '' diff --git a/krebs/5pkgs/simple/veroroute.nix b/krebs/5pkgs/simple/veroroute.nix new file mode 100644 index 000000000..e40c98e75 --- /dev/null +++ b/krebs/5pkgs/simple/veroroute.nix @@ -0,0 +1,28 @@ +{ pkgs }: + +pkgs.stdenv.mkDerivation rec { + pname = "veroroute"; + version = "2.28"; + + src = pkgs.fetchurl { + url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz"; + sha256 = "04dig0g4v1rz50mjj1k6jk99rqbg24hdx8kzrlwv0dlxm567lvc7"; + }; + + buildInputs = [ + pkgs.qt5.qtbase + ]; + nativeBuildInputs = [ + pkgs.qt5.wrapQtAppsHook + ]; + + buildPhase = '' + qmake Src/veroroute.pro + make + ''; + + installPhase = '' + sed -i 's;/usr;;g' veroroute-install.sh + pkgdir=$out bash ./veroroute-install.sh + ''; +} diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 49d65160d..9c50f9709 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060", - "date": "2022-05-24T17:55:48+02:00", - "path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs", - "sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3", + "rev": "e4d49de45a3b5dbcb881656b4e3986e666141ea9", + "date": "2022-07-18T18:21:45+02:00", + "path": "/nix/store/665hb1ysmaadwh4axp7f9inhczq08xay-nixpkgs", + "sha256": "0y0c9ybkcfmjgrl93wzzlk7ii95kh2fb4v5ac5w6rmcsq2ff3yaz", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index e6dbcf37b..799399ea7 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "8b538fcb329a7bc3d153962f17c509ee49166973", - "date": "2022-06-15T15:30:32+08:00", - "path": "/nix/store/7r9xwvy1qc2m88cpx8sz494ad08whgqg-nixpkgs", - "sha256": "08797zlq57i8bi8f89j38ymi8nwp5hp0vh62162k526qf6v3paqz", + "rev": "e732e1fdbf79bec59f7ade4a3675b091b4a9f6d6", + "date": "2022-07-19T15:32:15+02:00", + "path": "/nix/store/4dcxnk4xplx79xrwxg2m6pqh8b5k6ya0-nixpkgs", + "sha256": "1j73j17g852zfc75b7ll4avp30pnyvm37pgm66cz844phkv5ywfg", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/lass/2configs/fysiirc.nix b/lass/2configs/fysiirc.nix index e12eda42e..809298df4 100644 --- a/lass/2configs/fysiirc.nix +++ b/lass/2configs/fysiirc.nix @@ -10,8 +10,7 @@ ${write_to_irc} "$(echo "$INPUT" | jq -r ' "\(.action): " + "[\(.issue.title // .pull_request.title)] " + - "\(.comment.html_url // .issue.html_url // .pull_request.html_url) " + - "by \(.comment.user.login // .issue.user.login // .pull_request.user.login)" + "\(.comment.html_url // .issue.html_url // .pull_request.html_url) " ')" fi ''; @@ -58,16 +57,16 @@ in { case "$Method $Request_URI" in "POST /") payload=$(head -c "$req_content_length") - echo "$payload" >&2 + raw=$(printf '%s' "$payload" | ${pkgs.curl}/bin/curl --data-binary @- http://p.krebsco.de | tail -1) payload2=$payload - payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r') + payload2=$(printf '%s' "$payload" | tr '\n' ' ' | tr -d '\r') if [ "$payload" != "$payload2" ]; then echo "payload has been mangled" >&2 else echo "payload not mangled" >&2 fi - echo "$payload2" > /tmp/last_fysi_payload echo "$payload2" | ${format-github-message}/bin/format-github-message + ${write_to_irc} "$raw" printf 'HTTP/1.1 200 OK\r\n' printf 'Connection: close\r\n' printf '\r\n' diff --git a/lass/2configs/radio/default.nix b/lass/2configs/radio/default.nix index b8d958865..2f503eae9 100644 --- a/lass/2configs/radio/default.nix +++ b/lass/2configs/radio/default.nix @@ -168,7 +168,7 @@ in { output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source) output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 96), source) - extra_input = audio_to_stereo(input.harbor("live", port=1338)) + extra_input = amplify(1.4, audio_to_stereo(input.harbor("live", port=1338))) o = smooth_add(normal = source, special = extra_input) output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o) diff --git a/lass/2configs/radio/weather_for_ips.py b/lass/2configs/radio/weather_for_ips.py index f7cc2dace..587cc1f28 100644 --- a/lass/2configs/radio/weather_for_ips.py +++ b/lass/2configs/radio/weather_for_ips.py @@ -25,9 +25,9 @@ for ip in fileinput.input(): output.append( f'Weather report for {location.city.name}, {location.country.name}. ' f'Currently it is {weather["current"]["weather"][0]["description"]} outside ' - f'with a temperature of {weather["current"]["temp"]} degrees, ' - f'and a wind speed of {weather["current"]["wind_speed"]} meters per second. ' - f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100} percent. ' + f'with a temperature of {weather["current"]["temp"]:.1f} degrees, ' + f'and a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second. ' + f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. ' ) print('\n'.join(output)) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index fe4d78a3b..90a0a5a72 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -104,7 +104,7 @@ in { services.nextcloud = { enable = true; hostName = "o.xanf.org"; - package = pkgs.nextcloud23; + package = pkgs.nextcloud24; config = { adminpassFile = "/run/nextcloud.pw"; overwriteProtocol = "https"; diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 570bb45be..3a0b1306c 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -2,6 +2,7 @@ _: { imports = [ ./dnsmasq.nix + ./drbd.nix ./folderPerms.nix ./hosts.nix ./klem.nix diff --git a/lass/3modules/drbd.nix b/lass/3modules/drbd.nix new file mode 100644 index 000000000..816e58f0a --- /dev/null +++ b/lass/3modules/drbd.nix @@ -0,0 +1,118 @@ +{ config, lib, pkgs, ... }: let + cfg = config.lass.drbd; + slib = import ; +in { + options = { + lass.drbd = lib.mkOption { + default = {}; + type = lib.types.attrsOf (lib.types.submodule ({ config, ... }: { + options = { + name = lib.mkOption { + type = lib.types.str; + default = config._module.args.name; + }; + blockMinor = lib.mkOption { + type = lib.types.int; + default = lib.mod (slib.genid config.name) 16000; # TODO get max_id fron drbd + }; + port = lib.mkOption { + type = lib.types.int; + default = 20000 + config.blockMinor; + }; + peers = lib.mkOption { + type = lib.types.listOf slib.types.host; + }; + disk = lib.mkOption { + type = lib.types.str; + default = "/dev/loop${toString config.blockMinor}"; + }; + drbdConfig = lib.mkOption { + type = lib.types.path; + internal = true; + default = pkgs.writeText "drbd-${config.name}.conf" '' + resource ${config.name} { + net { + protocol a; + ping-int 10; + } + device minor ${toString config.blockMinor}; + disk ${config.disk}; + meta-disk internal; + ${slib.indent (lib.concatStrings (lib.imap1 (i: peer: /* shell */ '' + on ${peer.name} { + address ${peer.nets.retiolum.ip4.addr}:${toString config.port}; + node-id ${toString i}; + } + '') config.peers))} + connection-mesh { + hosts ${lib.concatMapStringsSep " " (peer: peer.name) config.peers}; + } + } + ''; + }; + }; + })); + }; + }; + config = lib.mkIf (cfg != {}) { + boot.extraModulePackages = [ + (pkgs.linuxPackages.callPackage ../5pkgs/drbd9/default.nix {}) + ]; + boot.extraModprobeConfig = '' + options drbd usermode_helper=/run/current-system/sw/bin/drbdadm + ''; + services.udev.packages = [ pkgs.drbd ]; + boot.kernelModules = [ "drbd" ]; + + environment.systemPackages = [ pkgs.drbd ]; + + + networking.firewall.allowedTCPPorts = map (device: device.port) (lib.attrValues cfg); + systemd.services = lib.mapAttrs' (_: device: + lib.nameValuePair "drbd-${device.name}" { + after = [ "systemd-udev.settle.service" "network.target" ]; + wants = [ "systemd-udev.settle.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + RemainAfterExit = true; + ExecStart = pkgs.writers.writeDash "start-drbd-${device.name}" '' + set -efux + mkdir -p /var/lib/sync-containers2 + ${lib.optionalString (device.disk == "/dev/loop${toString device.blockMinor}") '' + if ! test -e /var/lib/sync-containers2/${device.name}.disk; then + truncate -s 10G /var/lib/sync-containers2/${device.name}.disk + fi + if ! ${pkgs.util-linux}/bin/losetup /dev/loop${toString device.blockMinor}; then + ${pkgs.util-linux}/bin/losetup /dev/loop${toString device.blockMinor} /var/lib/sync-containers2/${device.name}.disk + fi + ''} + if ! ${pkgs.drbd}/bin/drbdadm adjust ${device.name}; then + ${pkgs.drbd}/bin/drbdadm down ${device.name} + ${pkgs.drbd}/bin/drbdadm create-md ${device.name} + ${pkgs.drbd}/bin/drbdadm up ${device.name} + fi + ''; + ExecStop = pkgs.writers.writeDash "stop-drbd-${device.name}" '' + set -efux + ${pkgs.drbd}/bin/drbdadm -c ${device.drbdConfig} down ${device.name} + ${lib.optionalString (device.disk == "/dev/loop${toString device.blockMinor}") '' + ${pkgs.util-linux}/bin/losetup -d /dev/loop${toString device.blockMinor} + ''} + ''; + }; + } + ) cfg; + + + environment.etc."drbd.conf".text = '' + global { + usage-count yes; + } + + ${lib.concatMapStrings (device: /* shell */ '' + include ${device.drbdConfig}; + '') (lib.attrValues cfg)} + ''; + }; +} + diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index e4208f1c1..6fa93e146 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -1,24 +1,24 @@ -with import ; self: super: let + lib = super.lib; # This callPackage will try to detect obsolete overrides. callPackage = path: args: let override = super.callPackage path args; - upstream = optionalAttrs (override ? "name") - (super.${(parseDrvName override.name).name} or {}); + upstream = lib.optionalAttrs (override ? "name") + (super.${(builtins.parseDrvName override.name).name} or {}); in if upstream ? "name" && override ? "name" && - compareVersions upstream.name override.name != -1 + builtins.compareVersions upstream.name override.name != -1 then - trace + builtins.trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override else override; subdirsOf = path: - mapAttrs (name: _: path + "/${name}") - (filterAttrs (_: eq "directory") (readDir path)); + lib.mapAttrs (name: _: path + "/${name}") + (lib.filterAttrs (_: x: x == "directory") (builtins.readDir path)); -in mapAttrs (_: flip callPackage {}) - (filterAttrs (_: dir: pathExists (dir + "/default.nix")) +in lib.mapAttrs (_: lib.flip callPackage {}) + (lib.filterAttrs (_: dir: lib.pathExists (dir + "/default.nix")) (subdirsOf ./.)) diff --git a/lass/krops.nix b/lass/krops.nix index ace37888f..c8a5b94b7 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -37,18 +37,22 @@ in { - deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" { + deploy = { target ? "root@${name}/var/src", offline ? false }: pkgs.krops.writeCommand "deploy" { command = targetPath: '' - set -fu + set -xfu outDir=$(mktemp -d) trap "rm -rf $outDir;" INT TERM EXIT - nix build \ + build=$(command -v nom-build || echo "nix-build") + + $build \ -I "${targetPath}" \ - -f '' config.system.build.toplevel \ - -o "$outDir/out" + '' -A config.system.build.toplevel \ + -o "$outDir/out" \ + ${lib.optionalString offline "--option substitute false"} \ + # -vvvvv --show-trace nix-env -p /nix/var/nix/profiles/system --set "$outDir/out" diff --git a/submodules/krops b/submodules/krops index 89e5e6765..3aa04be96 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 89e5e67659bbbf0da53cc2cc5dea644b9a2301f6 +Subproject commit 3aa04be96f19cc5f4866b2b36a351f88f6667bd2 diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix index 54f845ec2..bddd69efa 100644 --- a/tv/1systems/alnus/config.nix +++ b/tv/1systems/alnus/config.nix @@ -15,11 +15,11 @@ with import ; }; }; - environment.systemPackages = with pkgs; [ - firefoxWrapper - networkmanagerapplet - (pkgs.pidgin-with-plugins.override { - plugins = [ pkgs.pidginotr ]; + environment.systemPackages = [ + pkgs.firefox + pkgs.networkmanagerapplet + (pkgs.pidgin.override { + plugins = [ pkgs.pidgin-otr ]; }) ]; diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix index 7c3f8cfdb..00bd5da15 100644 --- a/tv/1systems/mu/config.nix +++ b/tv/1systems/mu/config.nix @@ -56,26 +56,26 @@ with import ; ${pkgs.kmod}/bin/modprobe -v iwlwifi ''; - environment.systemPackages = with pkgs; [ - chromium - firefoxWrapper - gimp - iptables - libreoffice - plasma-pa - (pkgs.pidgin-with-plugins.override { - plugins = [ pkgs.pidginotr ]; + environment.systemPackages = [ + pkgs.chromium + pkgs.firefox + pkgs.gimp + pkgs.iptables + pkgs.libreoffice + pkgs.plasma-pa + (pkgs.pidgin.override { + plugins = [ pkgs.pidgin-otr ]; }) - skype - slock - tinc_pre - vim - xsane + pkgs.skypeforlinux + pkgs.slock + pkgs.tinc_pre + pkgs.vim + pkgs.xsane - #foomatic_filters - #gutenprint - #cups_pdf_filter - #ghostscript + #pkgs.foomatic_filters + #pkgs.gutenprint + #pkgs.cups_pdf_filter + #pkgs.ghostscript ]; @@ -97,7 +97,7 @@ with import ; ]; fonts.fonts = [ - pkgs.xlibs.fontschumachermisc + pkgs.xorg.fontschumachermisc ]; services.xserver.enable = true; diff --git a/tv/1systems/querel/config.nix b/tv/1systems/querel/config.nix index 41253cfb3..44c7685e8 100644 --- a/tv/1systems/querel/config.nix +++ b/tv/1systems/querel/config.nix @@ -21,19 +21,19 @@ with import ; systemd-boot.enable = true; }; - environment.systemPackages = with pkgs; [ - firefoxWrapper - gimp - kate - libreoffice - (pkgs.pidgin-with-plugins.override { - plugins = [ pkgs.pidginotr ]; + environment.systemPackages = [ + pkgs.firefox + pkgs.gimp + pkgs.kate + pkgs.libreoffice + (pkgs.pidgin.override { + plugins = [ pkgs.pidgin-otr ]; }) - sxiv - texlive.combined.scheme-full - vim - xsane - zathura + pkgs.sxiv + pkgs.texlive.combined.scheme-full + pkgs.vim + pkgs.xsane + pkgs.zathura ]; fileSystems = { diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index 05c5c11b0..8a86e209b 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -45,7 +45,9 @@ with import ; netcup nmap p7zip - pass-otp + (pkgs.pass.withExtensions (ext: [ + ext.pass-otp + ])) q qrencode texlive.combined.scheme-full diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 8add07ff6..f3ce2da40 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -15,6 +15,7 @@ with import ; ./bash ./htop.nix ./nets/hkw.nix + ./networkd.nix ./nginx ./pki ./ssh.nix @@ -46,7 +47,7 @@ with import ; { # TODO check if both are required: - nix.sandboxPaths = [ "/etc/protocols" pkgs.iana_etc.outPath ]; + nix.sandboxPaths = [ "/etc/protocols" pkgs.iana-etc.outPath ]; nix.requireSignedBinaryCaches = true; diff --git a/tv/2configs/man.nix b/tv/2configs/man.nix index 0a72dce2a..c723138f1 100644 --- a/tv/2configs/man.nix +++ b/tv/2configs/man.nix @@ -5,9 +5,9 @@ # s:^NROFF\t.*:& -Wbreak: # ' #''; - environment.systemPackages = with pkgs; [ - manpages - posix_man_pages - xorg.xorgdocs + environment.systemPackages = [ + pkgs.man-pages + pkgs.posix_man_pages + pkgs.xorg.xorgdocs ]; } diff --git a/tv/2configs/networkd.nix b/tv/2configs/networkd.nix new file mode 100644 index 000000000..da0d9ce43 --- /dev/null +++ b/tv/2configs/networkd.nix @@ -0,0 +1,4 @@ +{ + # often hangs + systemd.services.systemd-networkd-wait-online.enable = false; +} diff --git a/tv/2configs/pulse.nix b/tv/2configs/pulse.nix index f720ad473..513a0eb17 100644 --- a/tv/2configs/pulse.nix +++ b/tv/2configs/pulse.nix @@ -2,7 +2,7 @@ with import ; let - pkg = pkgs.pulseaudioLight; + pkg = pkgs.pulseaudio; runDir = "/run/pulse"; pkgs_i686 = pkgs.pkgsi686Linux; diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index be155af53..8bedb0e81 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -38,7 +38,7 @@ in { ]; fonts.fonts = [ - pkgs.xlibs.fontschumachermisc + pkgs.xorg.fontschumachermisc ]; services.xserver = { @@ -128,7 +128,7 @@ in { config.imgur.xdg-open.browser = "/etc/profiles/per-user/tv/bin/cr"; config.timeout = 200; }) - pkgs.pulseaudioLight.out + pkgs.pulseaudio.out pkgs.rxvt_unicode pkgs.xcalib "/run/wrappers" # for su diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 2b9bdeeba..5a018a166 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -1,10 +1,10 @@ -with import ; +with import ../../lib; let pushBack = x: xs: if elem x xs then remove x xs ++ [ x ] else - names; + xs; in self: super: diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs index cf0c0f538..81373f410 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs +++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs @@ -7,7 +7,7 @@ module Main (main) where import System.Exit (exitFailure) import Control.Exception -import Control.Monad.Extra (ifM, whenJustM) +import Control.Monad.Extra (whenJustM) import qualified Data.List import Graphics.X11.ExtraTypes.XF86 import Text.Read (readEither) @@ -68,7 +68,9 @@ mainNoArgs :: IO () mainNoArgs = do workspaces0 <- getWorkspaces0 handleShutdownEvent <- newShutdownEventHandler - launch + let + config = + id $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") $ def { terminal = {-pkg:rxvt_unicode-}"urxvtc" @@ -100,6 +102,8 @@ mainNoArgs = do , focusedBorderColor = "#f000b0" , handleEventHook = handleShutdownEvent } + directories <- getDirectories + launch config directories getWorkspaces0 :: IO [String] diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix index 4cc4749d0..f719a9f69 100644 --- a/tv/5pkgs/override/default.nix +++ b/tv/5pkgs/override/default.nix @@ -1,4 +1,4 @@ -with import ; +with import ../../../lib; self: super: mapNixDir (path: import path self super) ./. diff --git a/tv/5pkgs/override/dhcpcd.nix b/tv/5pkgs/override/dhcpcd.nix deleted file mode 100644 index 202b8e5da..000000000 --- a/tv/5pkgs/override/dhcpcd.nix +++ /dev/null @@ -1,7 +0,0 @@ -self: super: - -self.lib.overrideDerivation super.dhcpcd (old: { - configureFlags = old.configureFlags ++ [ - "--dbdir=/var/lib/dhcpcd" - ]; -}) diff --git a/tv/5pkgs/simple/default.nix b/tv/5pkgs/simple/default.nix index 6ba4fec83..9fb45dd1a 100644 --- a/tv/5pkgs/simple/default.nix +++ b/tv/5pkgs/simple/default.nix @@ -1,4 +1,4 @@ -with import ; +with import ../../../lib; self: super: diff --git a/tv/5pkgs/simple/ff.nix b/tv/5pkgs/simple/ff.nix index ec20c4a2f..4ce9c3c75 100644 --- a/tv/5pkgs/simple/ff.nix +++ b/tv/5pkgs/simple/ff.nix @@ -1,5 +1,5 @@ { pkgs }: pkgs.writeDashBin "ff" '' - exec ${pkgs.firefoxWrapper}/bin/firefox "$@" + exec ${pkgs.firefox}/bin/firefox "$@" '' diff --git a/tv/5pkgs/simple/fzmenu/default.nix b/tv/5pkgs/simple/fzmenu/default.nix index 1f1b82848..634d8338b 100644 --- a/tv/5pkgs/simple/fzmenu/default.nix +++ b/tv/5pkgs/simple/fzmenu/default.nix @@ -1,37 +1,38 @@ -{ lib, stdenv -, runCommand -, coreutils, dash, gnused, fzf, pass-otp, rxvt_unicode, utillinux, xdotool -}: +{ lib, pkgs, stdenv }: -runCommand "fzmenu" { +pkgs.runCommand "fzmenu" { } /* sh */ '' mkdir $out cp -r ${./bin} $out/bin substituteInPlace $out/bin/otpmenu \ - --replace '#! /bin/sh' '#! ${dash}/bin/dash' \ + --replace '#! /bin/sh' '#! ${pkgs.dash}/bin/dash' \ --replace '#PATH=' PATH=${lib.makeBinPath [ - coreutils - dash - fzf - gnused - pass-otp - rxvt_unicode - utillinux - xdotool + pkgs.coreutils + pkgs.dash + pkgs.fzf + pkgs.gnused + (pkgs.pass.withExtensions (ext: [ + ext.pass-otp + ])) + pkgs.rxvt_unicode + pkgs.utillinux + pkgs.xdotool ]} substituteInPlace $out/bin/passmenu \ - --replace '#! /bin/sh' '#! ${dash}/bin/dash' \ + --replace '#! /bin/sh' '#! ${pkgs.dash}/bin/dash' \ --replace '#PATH=' PATH=${lib.makeBinPath [ - coreutils - dash - fzf - gnused - pass-otp - rxvt_unicode - utillinux - xdotool + pkgs.coreutils + pkgs.dash + pkgs.fzf + pkgs.gnused + (pkgs.pass.withExtensions (ext: [ + ext.pass-otp + ])) + pkgs.rxvt_unicode + pkgs.utillinux + pkgs.xdotool ]} ''