Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'ni/master'

Browse Source
This commit is contained in:
lassulus 2016-11-25 00:19:17 +01:00
commit 8014aa6594
15 changed files with 81 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
krebs/3modules/tv/default.nix
View File

@ -78,7 +78,9 @@ with import <stockholm/lib>;
extraZones = { extraZones = {
# TODO generate krebsco.de zone from nets and don't use extraZones at all # TODO generate krebsco.de zone from nets and don't use extraZones at all
"krebsco.de" = '' "krebsco.de" = ''
krebsco.de. 60 IN MX 5 mx23
cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr} cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
mx23 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
''; '';
}; };
nets = { nets = {
@ -213,7 +215,6 @@ with import <stockholm/lib>;
ni = { ni = {
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
krebsco.de. 60 IN MX 5 ni
ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
@ -351,11 +352,17 @@ with import <stockholm/lib>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcJvu8JDVzObLUtlAQg9qVugthKSfitwCljuJ5liyHa";
}; };
xu = { xu = {
binary-cache = {
pubkey = "xu-1:pYRENvaxZqGeImwLA9qHmRwHV4jfKaYx4u1VcZ31x0s=";
};
cores = 4; cores = 4;
nets = { nets = {
gg23 = { gg23 = {
ip4.addr = "10.23.1.38"; ip4.addr = "10.23.1.38";
aliases = ["xu.gg23"]; aliases = [
"cache.xu.gg23"
"xu.gg23"
];
ssh.port = 11423; ssh.port = 11423;
}; };
retiolum = { retiolum = {

16
krebs/5pkgs/builders.nix
View File

@ -37,7 +37,17 @@ rec {
}; };
}; };
writeBash = makeScriptWriter "${pkgs.bash}/bin/bash"; writeBash = name: text:
assert (with types; either absolute-pathname filename).check name;
pkgs.writeOut (baseNameOf name) {
${optionalString (types.absolute-pathname.check name) name} = {
check = pkgs.writeDash "shellcheck.sh" ''
${pkgs.haskellPackages.ShellCheck}/bin/shellcheck "$1" || :
'';
executable = true;
text = "#! ${pkgs.bash}/bin/bash\n${text}";
};
};
writeBashBin = name: writeBashBin = name:
assert types.filename.check name; assert types.filename.check name;
@ -91,6 +101,7 @@ rec {
writers.text = writers.text =
{ path { path
, check ? null
, executable ? false , executable ? false
, mode ? if executable then "0755" else "0644" , mode ? if executable then "0755" else "0644"
, text , text
@ -102,6 +113,9 @@ rec {
var = "file_${hashString "sha1" path}"; var = "file_${hashString "sha1" path}";
val = text; val = text;
install = /* sh */ '' install = /* sh */ ''
${optionalString (check != null) /* sh */ ''
${check} ''$${var}Path
''}
${pkgs.coreutils}/bin/install -m ${mode} -D ''$${var}Path $out${path} ${pkgs.coreutils}/bin/install -m ${mode} -D ''$${var}Path $out${path}
''; '';
}; };

1
krebs/5pkgs/github-hosts-sync/default.nix
View File

@ -19,6 +19,7 @@ stdenv.mkDerivation {
git git
gnugrep gnugrep
gnused gnused
nettools
openssh openssh
socat socat
]); ]);

8
krebs/5pkgs/haskell-overrides/blessings.nix
View File

@ -1,11 +1,11 @@
{ mkDerivation, base, fetchgit, stdenv }: { mkDerivation, base, fetchgit, stdenv }:
mkDerivation { mkDerivation rec {
pname = "blessings"; pname = "blessings";
version = "1.0.0"; version = "1.1.0";
src = fetchgit { src = fetchgit {
url = http://cgit.ni.krebsco.de/blessings; url = http://cgit.ni.krebsco.de/blessings;
rev = "25a510dcb38ea9158e9969d56eb66cb1b860ab5f"; rev = "refs/tags/v${version}";
sha256 = "0xg329h1y68ndg4w3m1jp38pkg3gqg7r19q70gqqj4mswb6qcrqc"; sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
}; };
libraryHaskellDepends = [ base ]; libraryHaskellDepends = [ base ];
doHaddock = false; doHaddock = false;

4
krebs/5pkgs/painload/default.nix
View File

@ -2,6 +2,6 @@
fetchgit { fetchgit {
url = https://github.com/krebscode/painload; url = https://github.com/krebscode/painload;
rev = "8df031f810a2776d8c43b03a9793cb49398bd33b"; rev = "c113487f73713a03b1a139b22bb34b86234d0495";
sha256 = "03md5k6fmz0j1ny22iw96dzq7cvijbz24ii85i0h2dhcychdp650"; sha256 = "1irxklnmvm8wsa70ypjahkr8rfqq7357vcy8r0x1sfncs1hy6gr6";
} }

1
tv/1systems/nomic.nix
View File

@ -15,7 +15,6 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix ../2configs/nginx/public_html.nix
../2configs/pulse.nix ../2configs/pulse.nix
../2configs/retiolum.nix ../2configs/retiolum.nix
../2configs/wu-binary-cache/client.nix
../2configs/xserver ../2configs/xserver
]; ];

1
tv/1systems/wu.nix
View File

@ -16,7 +16,6 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix ../2configs/nginx/public_html.nix
../2configs/pulse.nix ../2configs/pulse.nix
../2configs/retiolum.nix ../2configs/retiolum.nix
../2configs/wu-binary-cache
../2configs/xserver ../2configs/xserver
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

2
tv/1systems/xu.nix
View File

@ -15,7 +15,7 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix ../2configs/nginx/public_html.nix
../2configs/pulse.nix ../2configs/pulse.nix
../2configs/retiolum.nix ../2configs/retiolum.nix
../2configs/wu-binary-cache/client.nix ../2configs/binary-cache
../2configs/xserver ../2configs/xserver
../2configs/xu-qemu0.nix ../2configs/xu-qemu0.nix
{ {

1
tv/1systems/zu.nix
View File

@ -21,7 +21,6 @@ with import <stockholm/lib>;
../2configs/nginx/public_html.nix ../2configs/nginx/public_html.nix
../2configs/pulse.nix ../2configs/pulse.nix
../2configs/retiolum.nix ../2configs/retiolum.nix
../2configs/wu-binary-cache/client.nix
../2configs/xserver ../2configs/xserver
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

24
tv/2configs/backup.nix
View File

@ -58,6 +58,18 @@ with import <stockholm/lib>;
dst = { host = config.krebs.hosts.xu; path = "/bku/cd-home"; }; dst = { host = config.krebs.hosts.xu; path = "/bku/cd-home"; };
startAt = "07:00"; startAt = "07:00";
}; };
xu-pull-ni-ejabberd = {
method = "pull";
src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; };
startAt = "07:00";
};
xu-pull-ni-home = {
method = "pull";
src = { host = config.krebs.hosts.ni; path = "/home"; };
dst = { host = config.krebs.hosts.xu; path = "/bku/ni-home"; };
startAt = "07:00";
};
zu-home-xu = { zu-home-xu = {
method = "push"; method = "push";
src = { host = config.krebs.hosts.zu; path = "/home"; }; src = { host = config.krebs.hosts.zu; path = "/home"; };
@ -76,6 +88,18 @@ with import <stockholm/lib>;
dst = { host = config.krebs.hosts.zu; path = "/bku/cd-home"; }; dst = { host = config.krebs.hosts.zu; path = "/bku/cd-home"; };
startAt = "06:30"; startAt = "06:30";
}; };
zu-pull-ni-ejabberd = {
method = "pull";
src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; };
startAt = "06:00";
};
zu-pull-ni-home = {
method = "pull";
src = { host = config.krebs.hosts.ni; path = "/home"; };
dst = { host = config.krebs.hosts.zu; path = "/bku/ni-home"; };
startAt = "06:30";
};
} // mapAttrs (_: recursiveUpdate { } // mapAttrs (_: recursiveUpdate {
snapshots = { snapshots = {
minutely = { format = "%Y-%m-%dT%H:%M"; retain = 3; }; minutely = { format = "%Y-%m-%dT%H:%M"; retain = 3; };

16
tv/2configs/wu-binary-cache/default.nix → tv/2configs/binary-cache/default.nix
View File

@ -1,22 +1,30 @@
{ config, lib, pkgs, ... }: with import <stockholm/lib>; { config, lib, pkgs, ... }: with import <stockholm/lib>;
{ {
services.nix-serve = assert config.krebs.build.host.name == "wu"; { environment.etc."binary-cache.pubkey".text =
config.krebs.build.host.binary-cache.pubkey;
services.nix-serve = {
enable = true; enable = true;
secretKeyFile = config.krebs.secret.files.nix-serve-key.path; secretKeyFile = config.krebs.secret.files.binary-cache-seckey.path;
}; };
systemd.services.nix-serve = { systemd.services.nix-serve = {
requires = ["secret.service"]; requires = ["secret.service"];
after = ["secret.service"]; after = ["secret.service"];
}; };
krebs.secret.files.nix-serve-key = {
krebs.secret.files.binary-cache-seckey = {
path = "/run/secret/nix-serve.key"; path = "/run/secret/nix-serve.key";
owner.name = "nix-serve"; owner.name = "nix-serve";
source-path = toString <secrets> + "/nix-serve.key"; source-path = toString <secrets> + "/nix-serve.key";
}; };
krebs.nginx = { krebs.nginx = {
enable = true; enable = true;
servers.nix-serve = { servers.nix-serve = {
server-names = [ "cache.wu.gg23" ]; server-names = [
"cache.${config.krebs.build.host.name}.gg23"
];
locations = singleton (nameValuePair "/" '' locations = singleton (nameValuePair "/" ''
proxy_pass http://localhost:${toString config.services.nix-serve.port}; proxy_pass http://localhost:${toString config.services.nix-serve.port};
''); '');

2
tv/2configs/default.nix
View File

@ -14,7 +14,7 @@ with import <stockholm/lib>;
stockholm.file = "/home/tv/stockholm"; stockholm.file = "/home/tv/stockholm";
nixpkgs.git = { nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs; url = https://github.com/NixOS/nixpkgs;
ref = "a6728e15cbca1d11553f01d7c3c477ae2debfd8e"; ref = "728a9578e31a0f78f6ad07a3a2ec706ec5290f10";
}; };
} // optionalAttrs host.secure { } // optionalAttrs host.secure {
secrets-master.file = "/home/tv/secrets/master"; secrets-master.file = "/home/tv/secrets/master";

18
tv/2configs/git.nix
View File

@ -29,8 +29,10 @@ let
cac-api = { cac-api = {
cgit.desc = "CloudAtCost API command line interface"; cgit.desc = "CloudAtCost API command line interface";
}; };
dic = {
cgit.desc = "dict.leo.org command line interface";
};
get = {}; get = {};
hack = {};
load-env = {}; load-env = {};
loldns = { loldns = {
cgit.desc = "toy DNS server"; cgit.desc = "toy DNS server";
@ -40,12 +42,9 @@ let
netcup = { netcup = {
cgit.desc = "netcup command line interface"; cgit.desc = "netcup command line interface";
}; };
newsbot-js = {};
nixpkgs = {};
populate = { populate = {
cgit.desc = "source code installer"; cgit.desc = "source code installer";
}; };
push = {};
regfish = {}; regfish = {};
soundcloud = { soundcloud = {
cgit.desc = "SoundCloud command line interface"; cgit.desc = "SoundCloud command line interface";
@ -53,8 +52,10 @@ let
stockholm = { stockholm = {
cgit.desc = "NixOS configuration"; cgit.desc = "NixOS configuration";
}; };
with-tmpdir = {}; } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
} // mapAttrs (_: recursiveUpdate { cgit.section = "2. Haskell libraries"; }) { ni = {
};
} // mapAttrs (_: recursiveUpdate { cgit.section = "3. Haskell libraries"; }) {
blessings = {}; blessings = {};
mime = {}; mime = {};
quipper = {}; quipper = {};
@ -63,12 +64,15 @@ let
web-routes-wai-custom = {}; web-routes-wai-custom = {};
xintmap = {}; xintmap = {};
xmonad-stockholm = {}; xmonad-stockholm = {};
} // mapAttrs (_: recursiveUpdate { cgit.section = "3. museum"; }) { } // mapAttrs (_: recursiveUpdate { cgit.section = "4. museum"; }) {
cgserver = {}; cgserver = {};
crude-mail-setup = {}; crude-mail-setup = {};
dot-xmonad = {}; dot-xmonad = {};
make-snapshot = {};
nixos-infest = {}; nixos-infest = {};
painload = {}; painload = {};
push = {};
with-tmpdir = {};
}); });
restricted-repos = mapAttrs make-restricted-repo ( restricted-repos = mapAttrs make-restricted-repo (

7
tv/2configs/wu-binary-cache/client.nix
View File

@ -1,7 +0,0 @@
_:
{
nix = {
binaryCaches = ["http://cache.wu.gg23"];
binaryCachePublicKeys = ["cache.wu-1:cdhA201O2R2Ect463vhJFmhpMaNyT/tOvzYvtceT9q8="];
};
}

5
tv/5pkgs/default.nix
View File

@ -35,9 +35,6 @@ with import <stockholm/lib>;
ff = pkgs.writeDashBin "ff" '' ff = pkgs.writeDashBin "ff" ''
exec ${pkgs.firefoxWrapper}/bin/firefox "$@" exec ${pkgs.firefoxWrapper}/bin/firefox "$@"
''; '';
gnupg = gnupg = pkgs.gnupg21;
if elem config.krebs.build.host.name ["xu" "wu"]
then super.gnupg21
else super.gnupg;
}; };
} }