From db5921f163c59673ae0307088cd14bdda836c6d8 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 6 Sep 2018 22:34:33 +0200 Subject: [PATCH 01/31] repo-sync: announcemnaster --- krebs/2configs/repo-sync.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix index 7c3b2c90e..0f3d3326f 100644 --- a/krebs/2configs/repo-sync.nix +++ b/krebs/2configs/repo-sync.nix @@ -20,7 +20,10 @@ let verbose = false; channel = "#xxx"; server = "irc.r"; - branches = [ "newest" ]; + branches = [ + "master" + "newest" + ]; }; }; }; From aa04423e3a313271fca4d951d8717459e7969d60 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 6 Sep 2018 23:02:56 +0200 Subject: [PATCH 02/31] irc-announce: whitelist refs instead of branches --- krebs/2configs/repo-sync.nix | 12 ++++++------ krebs/5pkgs/simple/git-hooks/default.nix | 15 ++++++++------- lass/2configs/git.nix | 13 +++++++++---- lass/2configs/repo-sync.nix | 6 ++++-- 4 files changed, 27 insertions(+), 19 deletions(-) diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix index 0f3d3326f..1ae6d6c11 100644 --- a/krebs/2configs/repo-sync.nix +++ b/krebs/2configs/repo-sync.nix @@ -16,14 +16,14 @@ let cgit.section = section; hooks = mkDefault { post-receive = pkgs.git-hooks.irc-announce { - nick = config.networking.hostName; - verbose = false; channel = "#xxx"; - server = "irc.r"; - branches = [ - "master" - "newest" + refs = [ + "refs/heads/master" + "refs/heads/newest" ]; + nick = config.networking.hostName; + server = "irc.r"; + verbose = false; }; }; }; diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix index 1930c7f14..0a2c84410 100644 --- a/krebs/5pkgs/simple/git-hooks/default.nix +++ b/krebs/5pkgs/simple/git-hooks/default.nix @@ -6,11 +6,11 @@ with import ; # TODO irc-announce should return a derivation # but it cannot because krebs.git.repos.*.hooks :: attrsOf str irc-announce = - { branches ? [] - , cgit_endpoint ? "http://cgit.${nick}.r" + { cgit_endpoint ? "http://cgit.${nick}.r" , channel , nick , port ? 6667 + , refs ? [] , server , verbose ? false }: /* sh */ '' @@ -57,14 +57,15 @@ with import ; receive_mode=non-fast-forward fi - h=$(echo $ref | sed 's:^refs/heads/::') - - ${optionalString (branches != []) '' - if ! (echo "$h" | grep -qE "${concatStringsSep "|" branches}"); then - echo "we are not serving this branch: $h" + ${optionalString (refs != []) '' + if ! { echo "$ref" | grep -qE "${concatStringsSep "|" refs}"; }; then + echo "we are not announcing this ref: $h" exit 0 fi ''} + + h=$(echo $ref | sed 's:^refs/heads/::') + # empty_tree=$(git hash-object -t tree /dev/null) empty_tree=4b825dc6 diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 829e62269..011c6022c 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -100,10 +100,12 @@ let # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#xxx"; + # TODO define refs in some kind of option per repo + refs = [ + "refs/heads/master" + ]; server = "irc.r"; verbose = config.krebs.build.host.name == "prism"; - # TODO define branches in some kind of option per repo - branches = [ "master" ]; }; }; }; @@ -121,10 +123,13 @@ let # TODO make nick = config.krebs.build.host.name the default nick = config.krebs.build.host.name; channel = "#xxx"; + # TODO define refs in some kind of option per repo + refs = [ + "refs/heads/master" + "refs/heads/staging*" + ]; server = "irc.r"; verbose = false; - # TODO define branches in some kind of option per repo - branches = [ "master" "staging*" ]; }; } // hooks; }; diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 6a07172fe..8b7d0db71 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -14,10 +14,12 @@ let hooks = mkIf announce (mkDefault { post-receive = pkgs.git-hooks.irc-announce { nick = config.networking.hostName; - verbose = false; channel = "#xxx"; + refs = [ + "refs/heads/newest" + ]; server = "irc.r"; - branches = [ "newest" ]; + verbose = false; }; }); }; From 86466154f11748365cdab50b6ac113bdfd5542be Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 6 Sep 2018 23:04:24 +0200 Subject: [PATCH 03/31] repo-sync: announce tags --- krebs/2configs/repo-sync.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix index 1ae6d6c11..13e1217a4 100644 --- a/krebs/2configs/repo-sync.nix +++ b/krebs/2configs/repo-sync.nix @@ -20,6 +20,7 @@ let refs = [ "refs/heads/master" "refs/heads/newest" + "refs/tags/*" ]; nick = config.networking.hostName; server = "irc.r"; From 29e5989265bf2f1f8df3dd83706abf791fc63712 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 7 Sep 2018 00:04:24 +0200 Subject: [PATCH 04/31] jeschli git: fix irc-announce call --- jeschli/2configs/git.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/jeschli/2configs/git.nix b/jeschli/2configs/git.nix index 77602e0f1..181ad8dc1 100644 --- a/jeschli/2configs/git.nix +++ b/jeschli/2configs/git.nix @@ -42,11 +42,13 @@ let public = true; hooks = { post-receive = pkgs.git-hooks.irc-announce { - nick = config.krebs.build.host.name; channel = "#xxx"; + nick = config.krebs.build.host.name; + refs = [ + "refs/heads/master" + ]; server = "irc.r"; - verbose = true; - branches = [ "master" ]; + verbose = true; }; }; }; From ddc30bfbfda39f37a0b139d89b992c5c1f4ffc70 Mon Sep 17 00:00:00 2001 From: jeschli Date: Fri, 7 Sep 2018 14:16:40 +0200 Subject: [PATCH 05/31] enklave git: add xmonad-stockholm repo --- jeschli/2configs/git.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/jeschli/2configs/git.nix b/jeschli/2configs/git.nix index 77602e0f1..e07af1bc0 100644 --- a/jeschli/2configs/git.nix +++ b/jeschli/2configs/git.nix @@ -35,6 +35,9 @@ let krebs-page = { cgit.desc = "Die Krebs Page"; }; + xmonad-stockholm = { + cgit.desc = "XMonad Stockholm"; + }; }; make-public-repo = name: { cgit ? {}, ... }: { From 136d7c2f41815eaa51221bfd13c7ff514a39ed73 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 8 Sep 2018 21:26:03 +0200 Subject: [PATCH 06/31] konsens: handle >2 commits --- krebs/3modules/konsens.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 47316d5d6..74895a971 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -68,7 +68,7 @@ let fi cd ${name} git fetch origin - git push origin $(git merge-base ${concatMapStringsSep " " (branch: "origin/${branch}") repo.branchesToCheck}):refs/heads/master + git push origin $(git merge-base --octopus ${concatMapStringsSep " " (branch: "origin/${branch}") repo.branchesToCheck}):refs/heads/master ''; WorkingDirectory = /var/lib/konsens; User = "konsens"; From b3bb832f49bb73620e60f337c99692f6354da16d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 8 Sep 2018 22:36:20 +0200 Subject: [PATCH 07/31] l reaktor-coders: add !flip --- lass/2configs/reaktor-coders.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 86877df7a..9365582b8 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -106,6 +106,12 @@ with import ; exec echo '¯\_(ツ)_/¯' ''; }) + (buildSimpleReaktorPlugin "flip" { + pattern = "^!flip$"; + script = pkgs.writeDash "shrug" '' + exec echo '(╯°□°)╯ ┻━┻' + ''; + }) ]; }; } From 9c78fb6039ef12c0582e4d562ef4e11b4f6e47ff Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 8 Sep 2018 22:54:29 +0200 Subject: [PATCH 08/31] l mors: open quake3 ports --- lass/1systems/mors/config.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 90e04cad1..5a9c26b9d 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -40,6 +40,9 @@ with import ; { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } #chromecast { predicate = "-p udp -m multiport --sports 32768:61000 -m multiport --dports 32768:61000"; target = "ACCEPT"; } + #quake3 + { predicate = "-p tcp --dport 27950:27965"; target = "ACCEPT"; } + { predicate = "-p udp --dport 27950:27965"; target = "ACCEPT"; } ]; } { From 52017e173e4b037f7d31fa140e336d5e70a83d99 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 8 Sep 2018 23:20:09 +0200 Subject: [PATCH 09/31] buildbot-stockholm: add more changesources --- krebs/2configs/buildbot-stockholm.nix | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 13d4c6729..8537ce40c 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -4,6 +4,14 @@ let hostname = config.networking.hostName; + sourceRepos = [ + "http://cgit.enklave.r/stockholm" + "http://cgit.gum.r/stockholm" + "http://cgit.hotdog.r/stockholm" + "http://cgit.ni.r/stockholm" + "http://cgit.prism.r/stockholm" + ]; + build = pkgs.writeDash "build" '' set -eu export USER="$1" @@ -31,17 +39,16 @@ in slaves = { testslave = "lasspass"; }; - change_source.stockholm = '' - stockholm_repo = 'http://cgit.hotdog.r/stockholm' + change_source.stockholm = concatMapStrings (repo: '' cs.append( changes.GitPoller( - stockholm_repo, - workdir='stockholm-poller', branches=True, + "${repo}", + workdir='stockholm${elemAt(splitString "." repo) 1}', branches=True, project='stockholm', pollinterval=10 ) ) - ''; + '') sourceRepos; scheduler = { auto-scheduler = '' sched.append( @@ -69,7 +76,7 @@ in builder_pre = '' # prepare grab_repo step for stockholm grab_repo = steps.Git( - repourl=stockholm_repo, + repourl=util.Property('repository', 'http://cgit.hotdog.r/stockholm'), mode='full', submodules=True, ) From dc45b085b6a10a3097e1c4c6bc96c439c5af57cd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 8 Sep 2018 23:38:56 +0200 Subject: [PATCH 10/31] l git: add krebspage --- lass/2configs/git.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 829e62269..923de683e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -38,6 +38,10 @@ let cgit.desc = "take a description of your disk layout and produce a format script"; cgit.section = "software"; }; + krebspage = { + cgit.desc = "homepage of krebs"; + cgit.section = "configuration"; + }; news = { cgit.desc = "take a rss feed and a timeout and print it to stdout"; cgit.section = "software"; From ee74ba6b405a09fbfa718b0308cb49a984b8b0ef Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 00:17:26 +0200 Subject: [PATCH 11/31] buildbot-classic: 0.8.16 -> 0.8.17 --- krebs/5pkgs/simple/buildbot-classic/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index e6bafbd25..4fae6256d 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -2,7 +2,7 @@ python2Packages.buildPythonApplication rec { name = "buildbot-classic-${version}"; - version = "0.8.16"; + version = "0.8.17"; namePrefix = ""; patches = []; @@ -10,7 +10,7 @@ python2Packages.buildPythonApplication rec { owner = "krebs"; repo = "buildbot-classic"; rev = version; - sha256 = "0g686n6m0cjfyympl0ksansllx503gby3hx9gmc8hiyx6x5fkjha"; + sha256 = "0yn0n37rs2bhz9q0simnvyzz5sfrpqhbdm6pdj6qk7sab4y6xbq8"; }; postUnpack = "sourceRoot=\${sourceRoot}/master"; From b7d5dbd74be88e0d26dce173b523bf5019de548b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 00:55:57 +0200 Subject: [PATCH 12/31] buildbot-stockholm: add more packages to slave --- krebs/2configs/buildbot-stockholm.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 8537ce40c..6555b73f4 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -183,6 +183,6 @@ in masterhost = "localhost"; username = "testslave"; password = "lasspass"; - packages = with pkgs; [ gnumake jq nix populate ]; + packages = with pkgs; [ gnumake jq nix populate gnutar lzma gzip ]; }; } From d3c84b0d2981f46574046e19d8e3d618065b92a0 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 9 Sep 2018 10:04:13 +0200 Subject: [PATCH 13/31] buildbot-stockholm: build quietly and show trace --- krebs/2configs/buildbot-stockholm.nix | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 6555b73f4..add27f395 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -12,11 +12,26 @@ let "http://cgit.prism.r/stockholm" ]; + # usage: build USER HOST + # This executable is meant to be run with as working directory. + # USER is expected to be a subdirectory of the working directory. build = pkgs.writeDash "build" '' - set -eu - export USER="$1" - export SYSTEM="$2" - $(nix-build $USER/krops.nix --no-out-link --argstr name "$SYSTEM" --argstr target "$HOME/stockholm-build" -A ci) + set -efu + + user=$1 + host=$2 + + result=$(nix-build \ + --argstr name "$host" \ + --argstr target "$HOME"/stockholm-build \ + --attr ci \ + --no-build-output \ + --no-out-link \ + --show-trace \ + "$user"/krops.nix \ + ) + + exec "$result" ''; From df809dca51b2a4037449d626e14a75aa91be7b3a Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 9 Sep 2018 10:23:20 +0200 Subject: [PATCH 14/31] buildbot-stockholm: build using the test attribute While at it, fix */krops.nix to actually use the target attribute. --- jeschli/krops.nix | 11 +++-------- krebs/2configs/buildbot-stockholm.nix | 2 +- krebs/krops.nix | 11 +++-------- lass/krops.nix | 11 +++-------- makefu/krops.nix | 9 ++------- nin/krops.nix | 11 +++-------- 6 files changed, 15 insertions(+), 40 deletions(-) diff --git a/jeschli/krops.nix b/jeschli/krops.nix index e55f207d3..34f3aaa53 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -27,14 +27,9 @@ in { target = "root@${name}/var/src"; }; - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) - test = pkgs.krops.writeTest "${name}-test" { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) + test = { target }: pkgs.krops.writeTest "${name}-test" { + inherit target; source = source { test = true; }; - target = "${lib.getEnv "HOME"}/tmp/${name}-stockholm-test"; - }; - - ci = pkgs.krops.writeTest "${name}-test" { - source = source { test = true; }; - target = "${lib.getEnv "HOME"}/stockholm-build"; }; } diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index add27f395..0aa9288ec 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -24,7 +24,7 @@ let result=$(nix-build \ --argstr name "$host" \ --argstr target "$HOME"/stockholm-build \ - --attr ci \ + --attr test \ --no-build-output \ --no-out-link \ --show-trace \ diff --git a/krebs/krops.nix b/krebs/krops.nix index c71e60571..5378d6fb0 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -55,14 +55,9 @@ target = "root@${name}/var/src"; }; - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) - test = pkgs.krops.writeTest "${name}-test" { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) + test = { target }: pkgs.krops.writeTest "${name}-test" { + inherit target; source = source { test = true; }; - target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src"; - }; - - ci = pkgs.krops.writeTest "${name}-test" { - source = source { test = true; }; - target = "${lib.getEnv "HOME"}/stockholm-build"; }; } diff --git a/lass/krops.nix b/lass/krops.nix index c5a932206..4e045c6db 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -27,14 +27,9 @@ in { target = "root@${name}/var/src"; }; - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) - test = pkgs.krops.writeTest "${name}-test" { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) + test = { target }: pkgs.krops.writeTest "${name}-test" { + inherit target; source = source { test = true; }; - target = "${lib.getEnv "HOME"}/tmp/${name}-stockholm-test"; - }; - - ci = pkgs.krops.writeTest "${name}-test" { - source = source { test = true; }; - target = "${lib.getEnv "HOME"}/stockholm-build"; }; } diff --git a/makefu/krops.nix b/makefu/krops.nix index 9a701dcac..30385c10e 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -75,14 +75,9 @@ in { target = "root@${target}/var/src"; }; - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) test = pkgs.krops.writeTest "${name}-test" { + inherit target; source = source { test = true; }; - target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src"; - }; - - ci = pkgs.krops.writeTest "${name}-test" { - source = source { test = true; }; - target = "${lib.getEnv "HOME"}/stockholm-build"; }; } diff --git a/nin/krops.nix b/nin/krops.nix index 2ba896419..d0074840a 100644 --- a/nin/krops.nix +++ b/nin/krops.nix @@ -27,14 +27,9 @@ in { target = "root@${name}/var/src"; }; - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) - test = pkgs.krops.writeTest "${name}-test" { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) + test = { target }: pkgs.krops.writeTest "${name}-test" { + inherit target; source = source { test = true; }; - target = "${lib.getEnv "HOME"}/tmp/${name}-stockholm-test"; - }; - - ci = pkgs.krops.writeTest "${name}-test" { - source = source { test = true; }; - target = "${lib.getEnv "HOME"}/stockholm-build"; }; } From 66df776c746ff5385c415f06eafdecbb8f51ae0b Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 9 Sep 2018 10:24:13 +0200 Subject: [PATCH 15/31] tv: add krops config --- tv/krops.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 tv/krops.nix diff --git a/tv/krops.nix b/tv/krops.nix new file mode 100644 index 000000000..231486ab7 --- /dev/null +++ b/tv/krops.nix @@ -0,0 +1,22 @@ +{ name }: rec { + + inherit (import ../krebs/krops.nix { inherit name; }) + krebs-source + lib + pkgs + ; + + source = lib.evalSource [ + krebs-source + { + nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; + secrets.file = toString ./dummy_secrets; + } + ]; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) + test = { target }: pkgs.krops.writeTest "tv-krops-${name}-ci" { + inherit source target; + }; + +} From 1fde1cf78a337d305c9d696cb3d12589fd26ccb3 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 9 Sep 2018 10:54:08 +0200 Subject: [PATCH 16/31] mv: RIP --- krebs/3modules/default.nix | 1 - krebs/3modules/mv/default.nix | 40 --------- mv/1systems/stro/config.nix | 155 ---------------------------------- mv/1systems/stro/source.nix | 3 - mv/dummy_secrets/default.nix | 8 -- mv/dummy_secrets/ssh.ed25519 | 3 - mv/source.nix | 30 ------- 7 files changed, 240 deletions(-) delete mode 100644 krebs/3modules/mv/default.nix delete mode 100644 mv/1systems/stro/config.nix delete mode 100644 mv/1systems/stro/source.nix delete mode 100644 mv/dummy_secrets/default.nix delete mode 100644 mv/dummy_secrets/ssh.ed25519 delete mode 100644 mv/source.nix diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 833349769..6328fe8f1 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -109,7 +109,6 @@ let { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } - { krebs = import ./mv { inherit config; }; } { krebs = import ./nin { inherit config; }; } { krebs = import ./tv { inherit config; }; } { diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix deleted file mode 100644 index c8d138a44..000000000 --- a/krebs/3modules/mv/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ config, ... }: - -with import ; - -{ - hosts = mapAttrs (_: setAttr "owner" config.krebs.users.mv) { - stro = { - ci = true; - cores = 4; - nets = { - retiolum = { - ip4.addr = "10.243.111.111"; - ip6.addr = "42:0:0:0:0:0:111:111"; - aliases = [ - "stro.r" - "cgit.stro.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA0vIzLyoetOyi3R7qOh3gjSvUVjPEdqCvd0NEevDCIhhFy0nIbZ/b - vnuk3EUeTb6e384J8fKB4agig0JeR3JjtDvtjy5g9Cdy2nrU71w8wqU0etmv2PTb - FjbCFfeBXn0N3U7gXwjZGCvjAXa1a4jGb4R2iYBYGG3aY4reCN8B8Ah81h+S0oLg - ZJJfaBmWM5vNRFEI5X4CLaVnwtsoZuXIjYStgNn/9Mg/Y6NQS0H0H+HFeyhigAqG - oYGqNar/2QqPU176V/FwrD30F3qJV1uyzuPta7hmdfOxqYjZ/jqdPSRYtlunYYcq - XbH5oYmzO9NEeVWzjdac/DiV2OP8HufoYwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+7Qa51l0NSkBiaK2s8vQEoeObV3UPZyEzMxfUK/ZAO root@stro"; - }; - }; - users = { - mv = { - mail = "mv@stro.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDfMqkfXsGRaXJ86Pi5svAx4508ij5kc4cMLGwr1CLvFI5G7EHggiHMZYooibmkZimBF1PvLM1lOdoptJ4nSmc3UGuQaeV9BpZ1dNXexc8wOmVPKzAHYZG/2upcV/xVZQ9lk3UOmDym6fDUXThMx4nXdhOjScgWpKp7+0N3JRCf2UHusZjWFGlhE9l4irLFHCwlZeBQ16DNF4fc03vsfZBB1ZrGGZlaVpkcY+FTC3sm8R0iF5QGaq8PgltJoCNnp3L1g3Yn7Elva7kCHjZfJC1pu5icV8vZMNptPn1b10gPsNwb302FCjvZohzRcMo39L2gwdNWQmflYfYk+NPY9EgqkLtSvZJywYu8oTVLeYBAp0ZGzJR4+uIH9at/WQF499HFMxpF4uwYiQweUcPiHrrOqI5zLQoOvqh9Jv0UMsnFynNrszbCTgwzeW8bcvv8ILcjE9of8GXRCrlIMvt7Z9q8xrb5j1RhKscvusyyNOAL+HMZl6jgSxUBDtzRqPZ62QHJsBEBdRXdJRQLGeHNW9kGPrh/tiKGucuT3/HZC+2Rcemxt3RVT60+lHkghrMLi0/VOWBUKL9J94UK5xIE4Gb3RTW9DcNK53U4ql+N4ORSSEuhk3Rqzx3Bzv7AXpLKQCFKdB7tjxzGN7sCQM3PBUUo6Tk0VG2cIKOjzTRnDJlb7Q== mv@stro"; - }; - }; -} diff --git a/mv/1systems/stro/config.nix b/mv/1systems/stro/config.nix deleted file mode 100644 index 941b3f69e..000000000 --- a/mv/1systems/stro/config.nix +++ /dev/null @@ -1,155 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -{ - krebs = { - enable = true; - build = { - user = config.krebs.users.mv; - host = config.krebs.hosts.stro; - }; - }; - - imports = [ - - - - - - - - - - - - - - - - ]; - - boot.kernel.sysctl = { - # Enable IPv6 Privacy Extensions - "net.ipv6.conf.all.use_tempaddr" = 2; - "net.ipv6.conf.default.use_tempaddr" = 2; - }; - - boot.initrd.luks = { - cryptoModules = [ "aes" "sha512" "xts" ]; - devices = [ - { - name = "luks1"; - device = "/dev/disk/by-id/ata-TOSHIBA-TR150_467B50JXK8WU-part2"; - } - ]; - }; - - environment = { - profileRelativeEnvVars.PATH = mkForce [ "/bin" ]; - shellAliases = mkForce { - gp = "${pkgs.pari}/bin/gp -q"; - df = "df -h"; - du = "du -h"; - ls = "ls -h --color=auto --group-directories-first"; - dmesg = "dmesg -L --reltime"; - view = "vim -R"; - - reload = "systemctl reload"; - restart = "systemctl restart"; - start = "systemctl start"; - status = "systemctl status"; - stop = "systemctl stop"; - }; - systemPackages = with pkgs; [ - dic - htop - p7zip - q - - pavucontrol - rxvt_unicode.terminfo - - # stockholm - git - gnumake - populate - ]; - variables = { - NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; - }; - }; - - fileSystems = { - "/boot" = { - device = "/dev/disk/by-id/ata-TOSHIBA-TR150_467B50JXK8WU-part1"; - }; - "/" = { - device = "/dev/mapper/vg1-root"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - "/home" = { - device = "/dev/mapper/vg1-home"; - fsType = "btrfs"; - options = ["defaults" "noatime" "ssd" "compress=lzo"]; - }; - "/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["nosuid" "nodev" "noatime"]; - }; - }; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - networking.hostName = config.krebs.build.host.name; - - nix = { - binaryCaches = ["https://cache.nixos.org"]; - requireSignedBinaryCaches = true; - # TODO check if both are required: - sandboxPaths = [ "/etc/protocols" pkgs.iana_etc.outPath ]; - useSandbox = true; - }; - - nixpkgs.config.packageOverrides = import pkgs; - - users = { - defaultUserShell = "/run/current-system/sw/bin/bash"; - mutableUsers = false; - users = { - mv = { - inherit (config.krebs.users.mv) home uid; - isNormalUser = true; - }; - }; - }; - - security.sudo.extraConfig = '' - Defaults env_keep+="SSH_CLIENT" - Defaults mailto="${config.krebs.users.mv.mail}" - Defaults !lecture - ''; - - services.cron.enable = false; - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - services.nscd.enable = false; - services.ntp.enable = false; - services.timesyncd.enable = true; - - time.timeZone = "Europe/Berlin"; - - tv.iptables = { - enable = true; - accept-echo-request = "internet"; - }; - - system.stateVersion = "16.03"; -} diff --git a/mv/1systems/stro/source.nix b/mv/1systems/stro/source.nix deleted file mode 100644 index 888d616c8..000000000 --- a/mv/1systems/stro/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "stro"; -} diff --git a/mv/dummy_secrets/default.nix b/mv/dummy_secrets/default.nix deleted file mode 100644 index 84a5e1186..000000000 --- a/mv/dummy_secrets/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, ... }: -{ - users.users.root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.mv.pubkey - ]; - }; -} diff --git a/mv/dummy_secrets/ssh.ed25519 b/mv/dummy_secrets/ssh.ed25519 deleted file mode 100644 index a7d2adab4..000000000 --- a/mv/dummy_secrets/ssh.ed25519 +++ /dev/null @@ -1,3 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -dummy ------END OPENSSH PRIVATE KEY----- diff --git a/mv/source.nix b/mv/source.nix deleted file mode 100644 index 29dfe9723..000000000 --- a/mv/source.nix +++ /dev/null @@ -1,30 +0,0 @@ -with import ; -host@{ name, override ? {} }: let - builder = if getEnv "dummy_secrets" == "true" - then "buildbot" - else "mv"; - _file = + "/mv/1systems/${name}/source.nix"; - pkgs = import { - overlays = map import [ - - - ]; - }; -in - evalSource (toString _file) [ - { - nixos-config.symlink = "stockholm/mv/1systems/${name}/config.nix"; - nixpkgs.git = { - # nixos-17.09 - ref = mkDefault "0653b73bf61f3a23d28c38ab7e9c69a318d433de"; - url = https://github.com/NixOS/nixpkgs; - }; - secrets.file = getAttr builder { - buildbot = toString ; - mv = "/home/mv/secrets/${name}"; - }; - stockholm.file = toString ; - stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; - } - override - ] From 237eeef524a7d6ce750ae6dd6aff6ee34ac583dd Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 9 Sep 2018 10:57:44 +0200 Subject: [PATCH 17/31] tv querel: kill exfat-nofuse as it doesn't build --- tv/1systems/querel/config.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/tv/1systems/querel/config.nix b/tv/1systems/querel/config.nix index 07ec8e403..5f981c64c 100644 --- a/tv/1systems/querel/config.nix +++ b/tv/1systems/querel/config.nix @@ -11,9 +11,6 @@ with import ; krebs.build.host = config.krebs.hosts.querel; krebs.build.user = mkForce config.krebs.users.itak; - boot.extraModulePackages = [ - config.boot.kernelPackages.exfat-nofuse - ]; boot.initrd.availableKernelModules = [ "ahci" ]; boot.initrd.luks = { cryptoModules = [ "aes" "sha512" "xts" ]; From 669dd0b1f9731ad6dec89cf8eb88eb87c9c5354d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 10:53:10 +0200 Subject: [PATCH 18/31] l: RIP repo-sync --- lass/1systems/mors/config.nix | 1 - lass/1systems/prism/config.nix | 1 - lass/2configs/repo-sync.nix | 144 --------------------------------- 3 files changed, 146 deletions(-) delete mode 100644 lass/2configs/repo-sync.nix diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 5a9c26b9d..aa10ed46e 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -21,7 +21,6 @@ with import ; - diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 0f20d1c4e..f83721070 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -133,7 +133,6 @@ with import ; - diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix deleted file mode 100644 index 8b7d0db71..000000000 --- a/lass/2configs/repo-sync.nix +++ /dev/null @@ -1,144 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; - -let - mirror = "git@${config.networking.hostName}:"; - - defineRepo = name: announce: let - repo = { - public = true; - name = mkDefault "${name}"; - cgit.desc = mkDefault "mirror for ${name}"; - cgit.section = mkDefault "mirror"; - hooks = mkIf announce (mkDefault { - post-receive = pkgs.git-hooks.irc-announce { - nick = config.networking.hostName; - channel = "#xxx"; - refs = [ - "refs/heads/newest" - ]; - server = "irc.r"; - verbose = false; - }; - }); - }; - in { - rules = with git; [ - { - user = with config.krebs.users; [ - config.krebs.users."${config.networking.hostName}-repo-sync" - lass - lass-mors - lass-shodan - ]; - repo = [ repo ]; - perm = push ''refs/*'' [ non-fast-forward create delete merge ]; - } - { - user = attrValues config.krebs.users; - repo = [ repo ]; - perm = fetch; - } - ]; - repos."${name}" = repo; - }; - - sync-retiolum = name: - { - krebs.repo-sync.repos.${name} = { - branches = { - makefu = { - origin.url = "http://cgit.gum/${name}"; - mirror.url = "${mirror}${name}"; - }; - tv = { - origin.url = "http://cgit.ni.r/${name}"; - mirror.url = "${mirror}${name}"; - }; - nin = { - origin.url = "http://cgit.onondaga.r/${name}"; - mirror.url = "${mirror}${name}"; - }; - lassulus = { - origin.url = "http://cgit.lassul.us/${name}"; - mirror.url = "${mirror}${name}"; - }; - makefu-staging = { - origin.url = "http://cgit.gum/${name}"; - origin.ref = "heads/staging"; - mirror.url = "${mirror}${name}"; - }; - tv-staging = { - origin.url = "http://cgit.ni.r/${name}"; - origin.ref = "heads/staging"; - mirror.url = "${mirror}${name}"; - }; - nin-staging = { - origin.url = "http://cgit.onondaga.r/${name}"; - origin.ref = "heads/staging"; - mirror.url = "${mirror}${name}"; - }; - }; - latest = { - url = "${mirror}${name}"; - ref = "heads/newest"; - }; - }; - krebs.git = defineRepo name (config.networking.hostName == "prism"); - }; - - sync-remote = name: url: - { - krebs.repo-sync.repos.${name} = { - branches = { - remote = { - origin.url = url; - mirror.url = "${mirror}${name}"; - }; - }; - }; - krebs.git = defineRepo name (config.networking.hostName == "prism"); - }; - - sync-remote-silent = name: url: - { - krebs.repo-sync.repos.${name} = { - branches = { - remote = { - origin.url = url; - mirror.url = "${mirror}${name}"; - }; - }; - }; - krebs.git = defineRepo name false; - }; - -in { - krebs.repo-sync = { - enable = true; - unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; - }; - imports = [ - (sync-remote "array" "https://github.com/makefu/array") - (sync-remote "email-header" "https://github.com/4z3/email-header") - (sync-remote "mycube-flask" "https://github.com/makefu/mycube-flask") - (sync-remote "reaktor-titlebot" "https://github.com/makefu/reaktor-titlebot") - (sync-remote "repo-sync" "https://github.com/makefu/repo-sync") - (sync-remote "skytraq-datalogger" "https://github.com/makefu/skytraq-datalogger") - (sync-remote "xintmap" "https://github.com/4z3/xintmap") - (sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper") - (sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog") - (sync-remote "painload" "https://github.com/krebs/painload") - (sync-remote "Reaktor" "https://github.com/krebs/Reaktor") - (sync-remote "nixos-wiki" "https://github.com/Mic92/nixos-wiki.wiki.git") - (sync-retiolum "go") - (sync-retiolum "much") - (sync-retiolum "newsbot-js") - (sync-retiolum "populate") - (sync-retiolum "stockholm") - (sync-retiolum "wai-middleware-time") - (sync-retiolum "xmonad-stockholm") - (sync-retiolum "nix-writers") - ]; -} From 2dccd7d8d30f7e5dc7eed4e9114f5c14fb255e69 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:07:13 +0200 Subject: [PATCH 19/31] krebspage: init --- krebs/5pkgs/simple/krebspage/default.nix | 6 ++++++ lass/2configs/websites/lassulus.nix | 4 ++++ 2 files changed, 10 insertions(+) create mode 100644 krebs/5pkgs/simple/krebspage/default.nix diff --git a/krebs/5pkgs/simple/krebspage/default.nix b/krebs/5pkgs/simple/krebspage/default.nix new file mode 100644 index 000000000..f9a446f43 --- /dev/null +++ b/krebs/5pkgs/simple/krebspage/default.nix @@ -0,0 +1,6 @@ +{ fetchgit }: +fetchgit { + url = "https://cgit.lassul.us/krebspage"; + rev = "8711780cef004e19a273a5149677869751cd06dc"; + sha256 = "0131vqrkcw140d7j94bvajkhlwi99kpikb8sy2bi1hgh8ziqplsm"; +} diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index f60a66952..8f24fb212 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -82,6 +82,10 @@ in { c-base:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0 ''}; ''; + locations."/krebspage".extraConfig = '' + default_type "text/html"; + alias ${pkgs.krebspage}/index.html; + ''; # TODO make this work! locations."= /ddate".extraConfig = let script = pkgs.writeBash "test" '' From 4016855f419802292387c10a794797fac3525f53 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:07:33 +0200 Subject: [PATCH 20/31] l git: add buildbot-classic --- lass/2configs/git.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index caa7c3065..f102a2b33 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -30,6 +30,10 @@ let rules = concatMap make-rules (attrValues repos); public-repos = mapAttrs make-public-repo { + buildbot-classic = { + cgit.desc = "fork of buildbot"; + cgit.section = "software"; + }; cholerab = { cgit.desc = "krebs thesauron & enterprise-patterns"; cgit.section = "documentation"; From a5e484e98438ebae5af2be9223becf67d1eed17f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:07:52 +0200 Subject: [PATCH 21/31] repo-sync: add buildbot-classic --- krebs/2configs/repo-sync.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/2configs/repo-sync.nix b/krebs/2configs/repo-sync.nix index 3ca94fc1b..392e6bed3 100644 --- a/krebs/2configs/repo-sync.nix +++ b/krebs/2configs/repo-sync.nix @@ -143,6 +143,7 @@ in { (sync-retiolum { name = "cholerab"; desc = "krebs thesauron & enterprise-patterns"; section = "documentation"; }) + (sync-retiolum { name = "buildbot-classic"; desc = "fork of buildbot"; section = "software"; }) (sync-retiolum { name = "disko"; desc = "take a description of your disk layout and produce a format script"; section = "software"; }) (sync-retiolum { name = "news"; desc = "take a rss feed and a timeout and print it to stdout"; section = "software"; }) (sync-retiolum { name = "krops"; desc = "krebs ops"; section = "software"; }) From 887956bf2b7d9432197e216cd5d1cfa6afaa6185 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:10:03 +0200 Subject: [PATCH 22/31] reaktor: add task-done --- krebs/2configs/reaktor-krebs.nix | 1 + krebs/2configs/reaktor-retiolum.nix | 1 + krebs/5pkgs/simple/Reaktor/plugins.nix | 7 +++++++ 3 files changed, 9 insertions(+) diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix index 2e63f1385..ba3715161 100644 --- a/krebs/2configs/reaktor-krebs.nix +++ b/krebs/2configs/reaktor-krebs.nix @@ -15,6 +15,7 @@ with import ; sed-plugin task-add task-delete + task-done task-list ] ++ (attrValues (todo "agenda")) diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix index d5f1851e3..90573ca1c 100644 --- a/krebs/2configs/reaktor-retiolum.nix +++ b/krebs/2configs/reaktor-retiolum.nix @@ -12,6 +12,7 @@ with import ; sed-plugin task-add task-delete + task-done task-list ] ++ (attrValues (todo "agenda")) diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index c6e601475..50b07391c 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -171,6 +171,13 @@ rec { ''; }; + task-done = buildSimpleReaktorPlugin "task-done" { + pattern = "^task-done: (?P.*)$$"; + script = pkgs.writeDash "task-done" '' + ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} done "$*" + ''; + }; + todo = name: { add = buildSimpleReaktorPlugin "${name}-add" { pattern = "^${name}-add: (?P.*)$$"; From 2762b34abd440c802eb76cefbd3d5a6c4c7a4e80 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:10:44 +0200 Subject: [PATCH 23/31] l: add some mail addresses --- lass/2configs/exim-smarthost.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 191e25831..846000a3a 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -87,6 +87,8 @@ with import ; { from = "hackbeach@lassul.us"; to = lass.mail; } { from = "transferwise@lassul.us"; to = lass.mail; } { from = "cis@lassul.us"; to = lass.mail; } + { from = "afra@lassul.us"; to = lass.mail; } + { from = "ksp@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } From e5b5fffa32f942d4471b0c21be76ba4b70116af0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:12:58 +0200 Subject: [PATCH 24/31] l mail: change keybinding for show/mide of bars --- lass/2configs/mail.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 2bb51b50a..9246abfed 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -176,6 +176,11 @@ let # top index bar in email view set pager_index_lines=7 + # top_index_bar toggle + macro pager ,@1 " set pager_index_lines=0; macro pager ] ,@2 'Toggle indexbar" + macro pager ,@2 " set pager_index_lines=3; macro pager ] ,@3 'Toggle indexbar" + macro pager ,@3 " set pager_index_lines=7; macro pager ] ,@1 'Toggle indexbar" + macro pager ] ,@1 'Toggle indexbar # sidebar set sidebar_width = 20 @@ -186,9 +191,9 @@ let bind index sidebar-next # got to next folder in sidebar bind index sidebar-open # open selected folder from sidebar # sidebar toggle - macro index ,@) " set sidebar_visible=no; macro index ~ ,@( 'Toggle sidebar'" - macro index ,@( " set sidebar_visible=yes; macro index ~ ,@) 'Toggle sidebar'" - macro index ~ ,@( 'Toggle sidebar' # toggle the sidebar + macro index,pager ,@) " set sidebar_visible=no; macro index,pager [ ,@( 'Toggle sidebar'" + macro index,pager ,@( " set sidebar_visible=yes; macro index,pager [ ,@) 'Toggle sidebar'" + macro index,pager [ ,@( 'Toggle sidebar' # toggle the sidebar ''; mutt = pkgs.symlinkJoin { From 511e84d24fd4891515b51a557e8d4f298956f89f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 12:10:16 +0200 Subject: [PATCH 25/31] reaktor task-list: use task minimal --- krebs/5pkgs/simple/Reaktor/plugins.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 50b07391c..700f9b40d 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -160,7 +160,7 @@ rec { task-list = buildSimpleReaktorPlugin "task-list" { pattern = "^task-list"; script = pkgs.writeDash "task-list" '' - ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} list + ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} minimal ''; }; From 516a425edad3a86c95fdadf9d777d43c79dd6d08 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 19:16:57 +0200 Subject: [PATCH 26/31] m krops.nix: unify interface for ci.nix --- makefu/krops.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/krops.nix b/makefu/krops.nix index 30385c10e..3838db635 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -76,7 +76,7 @@ in { }; # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) - test = pkgs.krops.writeTest "${name}-test" { + test = { target ? target }: pkgs.krops.writeTest "${name}-test" { inherit target; source = source { test = true; }; }; From 10135cbeacd74a36971582d421742f576528606d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 19:17:11 +0200 Subject: [PATCH 27/31] add ci.nix --- ci.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 ci.nix diff --git a/ci.nix b/ci.nix new file mode 100644 index 000000000..6d2378759 --- /dev/null +++ b/ci.nix @@ -0,0 +1,21 @@ +# usage: nix-instantiate --eval --strict --json ./ci.nix +with import ./lib; +let + pkgs = import { overlays = [ (import ./submodules/nix-writers/pkgs) ]; }; + system = + import { + modules = [{ + imports = [ + ./krebs + ./krebs/2configs + ]; + }]; + } + ; + + ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts; + + build = host: owner: + ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";}); + +in mapAttrs (n: h: build n h.owner.name) ci-systems From 9bd3dd54c3a119aa1e900e43c08f5d79b1a7dcfc Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 20:01:51 +0200 Subject: [PATCH 28/31] add ci module --- krebs/3modules/ci.nix | 162 +++++++++++++++++++++++++++++++++++++ krebs/3modules/default.nix | 1 + 2 files changed, 163 insertions(+) create mode 100644 krebs/3modules/ci.nix diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix new file mode 100644 index 000000000..cf82401d3 --- /dev/null +++ b/krebs/3modules/ci.nix @@ -0,0 +1,162 @@ +{ config, lib, pkgs, ... }: + +with import ; + +let + cfg = config.krebs.ci; + + out = { + options.krebs.ci = api; + config = lib.mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "Enable krebs ci service"; + repos = mkOption { + type = types.attrsOf (types.submodule ({ config, ...}: { + options = { + urls = mkOption { + type = types.listOf types.str; + default = [ "git@localhost:${config._module.args.name}" ]; + }; + }; + })); + }; + }; + + hostname = config.networking.hostName; + getJobs = pkgs.writeDash "get_jobs" '' + nix-build --no-out-link ./ci.nix 2>&1 > /dev/null + nix-instantiate --eval --strict --json ./ci.nix + ''; + + imp = { + krebs.buildbot.master = { + slaves = { + testslave = "lasspass"; + }; + + change_source = mapAttrs' (name: repo: + nameValuePair name (concatMapStrings (url: '' + cs.append( + changes.GitPoller( + "${url}", + workdir='${name}-${elemAt(splitString "." url) 1}', branches=True, + project='${name}', + pollinterval=10 + ) + ) + '') repo.urls) + ) cfg.repos; + + scheduler = mapAttrs' (name: repo: + nameValuePair name '' + sched.append( + schedulers.SingleBranchScheduler( + change_filter=util.ChangeFilter(branch_re=".*"), + treeStableTimer=60, + name="build-all-branches", + builderNames=[ + "${name}", + ] + ) + ) + sched.append( + schedulers.ForceScheduler( + name="${name}", + builderNames=[ + "${name}", + ] + ) + ) + '' + ) cfg.repos; + builder_pre = '' + from buildbot import interfaces + from buildbot.steps.shell import ShellCommand + + class StepToStartMoreSteps(ShellCommand): + def __init__(self, **kwargs): + ShellCommand.__init__(self, **kwargs) + + def addBuildSteps(self, steps_factories): + for sf in steps_factories: + step = interfaces.IBuildStepFactory(sf).buildStep() + step.setBuild(self.build) + step.setBuildSlave(self.build.slavebuilder.slave) + step_status = self.build.build_status.addStepWithName(step.name) + step.setStepStatus(step_status) + self.build.steps.append(step) + + def start(self): + props = self.build.getProperties() + new_steps = json.loads(props.getProperty('steps_json')) + for new_step in new_steps: + self.addBuildSteps([steps.ShellCommand( + name=str(new_step), + command=[ + new_steps[new_step] + ], + timeout=90001, + workdir='build', # TODO figure out why we need this? + )]) + + ShellCommand.start(self) + + ''; + + builder = mapAttrs' (name: repo: + nameValuePair name '' + f_${name} = util.BuildFactory() + f_${name}.addStep(steps.Git( + repourl=util.Property('repository', '${head repo.urls}'), + mode='full', + submodules=True, + )) + + f_${name}.addStep(steps.SetPropertyFromCommand( + env={ + "NIX_REMOTE": "daemon", + "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", + }, + name="get_steps", + command=["${getJobs}"], + property="steps_json" + )) + f_${name}.addStep(StepToStartMoreSteps(command=["echo"])) # TODO remove dummy command from here + + bu.append( + util.BuilderConfig( + name="${name}", + slavenames=slavenames, + factory=f_${name} + ) + ) + '' + ) cfg.repos; + + enable = true; + web.enable = true; + irc = { + enable = true; + nick = "build|${hostname}"; + server = "irc.r"; + channels = [ "noise" ]; + allowForce = true; + }; + extraConfig = '' + c['buildbotURL'] = "http://build.${hostname}.r/" + ''; + }; + + krebs.buildbot.slave = { + enable = true; + masterhost = "localhost"; + username = "testslave"; + password = "lasspass"; + packages = with pkgs; [ gnumake jq nix populate gnutar lzma gzip ]; + }; + }; + +in out + diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 6328fe8f1..82ae3b02e 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -13,6 +13,7 @@ let ./buildbot/master.nix ./buildbot/slave.nix ./build.nix + ./ci.nix ./current.nix ./exim.nix ./exim-retiolum.nix From ee0a456722241a5b52700f7be1ab0e30132c0133 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 20:49:22 +0200 Subject: [PATCH 29/31] l mors.r: add bank to pkgs --- lass/1systems/mors/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index aa10ed46e..69954a3e9 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -76,6 +76,7 @@ with import ; { environment.systemPackages = [ pkgs.ovh-zone + pkgs.bank ]; } { From a8d78528fcb039cd454f92047536ed81f756e774 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 21:24:57 +0200 Subject: [PATCH 30/31] l git: add cgit-clear-cache as hook --- lass/2configs/git.nix | 58 +++++++++++++++++++++++++------------------ 1 file changed, 34 insertions(+), 24 deletions(-) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index f102a2b33..d5203deda 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -23,6 +23,10 @@ let ]; }; + cgit-clear-cache = pkgs.cgit-clear-cache.override { + inherit (config.krebs.git.cgit.settings) cache-root; + }; + repos = public-repos // optionalAttrs config.krebs.build.host.secure restricted-repos; @@ -104,17 +108,20 @@ let inherit cgit collaborators name; public = true; hooks = { - post-receive = pkgs.git-hooks.irc-announce { - # TODO make nick = config.krebs.build.host.name the default - nick = config.krebs.build.host.name; - channel = "#xxx"; - # TODO define refs in some kind of option per repo - refs = [ - "refs/heads/master" - ]; - server = "irc.r"; - verbose = config.krebs.build.host.name == "prism"; - }; + post-receive = '' + ${pkgs.git-hooks.irc-announce { + # TODO make nick = config.krebs.build.host.name the default + nick = config.krebs.build.host.name; + channel = "#xxx"; + # TODO define refs in some kind of option per repo + refs = [ + "refs/heads/master" + ]; + server = "irc.r"; + verbose = config.krebs.build.host.name == "prism"; + }} + ${cgit-clear-cache}/bin/cgit-clear-cache + ''; }; }; @@ -126,19 +133,22 @@ let make-restricted-repo = name: { admins ? [], collaborators ? [], announce ? false, hooks ? {}, ... }: { inherit admins collaborators name; public = false; - hooks = optionalAttrs announce { - post-receive = pkgs.git-hooks.irc-announce { - # TODO make nick = config.krebs.build.host.name the default - nick = config.krebs.build.host.name; - channel = "#xxx"; - # TODO define refs in some kind of option per repo - refs = [ - "refs/heads/master" - "refs/heads/staging*" - ]; - server = "irc.r"; - verbose = false; - }; + hooks = { + post-receive = '' + ${optionalString announce (pkgs.git-hooks.irc-announce { + # TODO make nick = config.krebs.build.host.name the default + nick = config.krebs.build.host.name; + channel = "#xxx"; + # TODO define refs in some kind of option per repo + refs = [ + "refs/heads/master" + "refs/heads/staging*" + ]; + server = "irc.r"; + verbose = false; + })} + ${cgit-clear-cache}/bin/cgit-clear-cache + ''; } // hooks; }; From f6e69c6ecb25fc96655ec1749747d9ccb7880365 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Sep 2018 21:25:09 +0200 Subject: [PATCH 31/31] l git: add lass as admin --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index d5203deda..300637ff8 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -156,7 +156,7 @@ let with git // config.krebs.users; repo: singleton { - user = [ lass-mors lass-shodan lass-icarus lass-blue ]; + user = [ lass lass-mors lass-shodan lass-icarus lass-blue ]; repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++