Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
87ca8682ce
@ -102,6 +102,7 @@ let
|
||||
|
||||
imp = lib.mkMerge [
|
||||
{ krebs = import ./external { inherit config; }; }
|
||||
{ krebs = import ./external/dbalan.nix { inherit config; }; }
|
||||
{ krebs = import ./external/kmein.nix { inherit config; }; }
|
||||
{ krebs = import ./external/mic92.nix { inherit config; }; }
|
||||
{ krebs = import ./external/palo.nix { inherit config; }; }
|
||||
|
50
krebs/3modules/external/dbalan.nix
vendored
Normal file
50
krebs/3modules/external/dbalan.nix
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
with import <stockholm/lib>;
|
||||
{ config, ... }:
|
||||
let
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
||||
ci = false;
|
||||
external = true;
|
||||
monitoring = false;
|
||||
owner = config.krebs.users.dbalan;
|
||||
} // optionalAttrs (host.nets?retiolum) {
|
||||
nets.retiolum = {
|
||||
ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
|
||||
};
|
||||
} // optionalAttrs (host.nets?wiregrill) {
|
||||
nets.wiregrill = {
|
||||
ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
|
||||
};
|
||||
});
|
||||
in
|
||||
{
|
||||
users = rec {
|
||||
dbalan = {
|
||||
mail = "dbalan@thaum.space";
|
||||
pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
|
||||
};
|
||||
};
|
||||
hosts = mapAttrs hostDefaults {
|
||||
v60 = {
|
||||
nets.retiolum = {
|
||||
aliases = [ "v60.dbalan.r" ];
|
||||
ip4.addr = "10.243.42.12";
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
|
||||
RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
|
||||
1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
|
||||
uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
|
||||
p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
|
||||
bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
|
||||
I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
|
||||
mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
|
||||
OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
|
||||
AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
|
||||
9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -1,9 +1,9 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs",
|
||||
"rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060",
|
||||
"date": "2022-05-24T17:55:48+02:00",
|
||||
"path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs",
|
||||
"sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3",
|
||||
"rev": "f2537a505d45c31fe5d9c27ea9829b6f4c4e6ac5",
|
||||
"date": "2022-06-26T12:26:21+02:00",
|
||||
"path": "/nix/store/d7wgj3chybniji4l6z73a0gh67hxym3b-nixpkgs",
|
||||
"sha256": "1z28a3gqbv62sxahlssc5a722kh46f26f5ss3arbxpv7a1272vf1",
|
||||
"fetchLFS": false,
|
||||
"fetchSubmodules": false,
|
||||
"deepClone": false,
|
||||
|
@ -1,9 +1,9 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs",
|
||||
"rev": "d1086907f56c5a6c33c0c2e8dc9f42ef6988294f",
|
||||
"date": "2022-05-28T12:29:49+02:00",
|
||||
"path": "/nix/store/56gsa390lyiik6jdapnj98a2ww8af8ig-nixpkgs",
|
||||
"sha256": "009dc0njvdn5pzcyd8bp4sc9byf70w4msdkv6q2zfdlnh36im1jl",
|
||||
"rev": "cd90e773eae83ba7733d2377b6cdf84d45558780",
|
||||
"date": "2022-06-26T19:49:46+02:00",
|
||||
"path": "/nix/store/bmaf6x4yxcsvs5wp4rayvai4lw7g6snr-nixpkgs",
|
||||
"sha256": "1b2wn1ncx9x4651vfcgyqrm93pd7ghnrgqjbkf6ckkpidah69m03",
|
||||
"fetchLFS": false,
|
||||
"fetchSubmodules": false,
|
||||
"deepClone": false,
|
||||
|
@ -10,8 +10,7 @@
|
||||
${write_to_irc} "$(echo "$INPUT" | jq -r '
|
||||
"\(.action): " +
|
||||
"[\(.issue.title // .pull_request.title)] " +
|
||||
"\(.comment.html_url // .issue.html_url // .pull_request.html_url) " +
|
||||
"by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
|
||||
"\(.comment.html_url // .issue.html_url // .pull_request.html_url) "
|
||||
')"
|
||||
fi
|
||||
'';
|
||||
@ -58,16 +57,16 @@ in {
|
||||
case "$Method $Request_URI" in
|
||||
"POST /")
|
||||
payload=$(head -c "$req_content_length")
|
||||
echo "$payload" >&2
|
||||
raw=$(printf '%s' "$payload" | ${pkgs.curl}/bin/curl --data-binary @- http://p.krebsco.de | tail -1)
|
||||
payload2=$payload
|
||||
payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r')
|
||||
payload2=$(printf '%s' "$payload" | tr '\n' ' ' | tr -d '\r')
|
||||
if [ "$payload" != "$payload2" ]; then
|
||||
echo "payload has been mangled" >&2
|
||||
else
|
||||
echo "payload not mangled" >&2
|
||||
fi
|
||||
echo "$payload2" > /tmp/last_fysi_payload
|
||||
echo "$payload2" | ${format-github-message}/bin/format-github-message
|
||||
${write_to_irc} "$raw"
|
||||
printf 'HTTP/1.1 200 OK\r\n'
|
||||
printf 'Connection: close\r\n'
|
||||
printf '\r\n'
|
||||
|
@ -37,18 +37,22 @@
|
||||
|
||||
in {
|
||||
|
||||
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" {
|
||||
deploy = { target ? "root@${name}/var/src", offline ? false }: pkgs.krops.writeCommand "deploy" {
|
||||
command = targetPath: ''
|
||||
|
||||
set -fu
|
||||
set -xfu
|
||||
|
||||
outDir=$(mktemp -d)
|
||||
trap "rm -rf $outDir;" INT TERM EXIT
|
||||
|
||||
nix build \
|
||||
build=$(command -v nom-build || echo "nix-build")
|
||||
|
||||
$build \
|
||||
-I "${targetPath}" \
|
||||
-f '<nixpkgs/nixos>' config.system.build.toplevel \
|
||||
-o "$outDir/out"
|
||||
'<nixpkgs/nixos>' -A config.system.build.toplevel \
|
||||
-o "$outDir/out" \
|
||||
${lib.optionalString offline "--option substitute false"} \
|
||||
# -vvvvv --show-trace
|
||||
|
||||
nix-env -p /nix/var/nix/profiles/system --set "$outDir/out"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user