diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 4c25bc963..369b750b7 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -45,6 +45,13 @@ with import ; services.cron.enable = false; services.ntp.enable = false; + # limit journald size + services.journald.extraConfig = '' + SystemMaxUse=1G + RuntimeMaxUse=128M + Storage=persistent + ''; + users.mutableUsers = false; users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.jeschli-brauerei.pubkey diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 24b17487b..7b6639212 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -80,9 +80,9 @@ let description = '' The zone configuration head which is being used to create the zone files. The string for each key is pre-pended to the zone file. - ''; - # TODO: configure the default somewhere else, - # maybe use krebs.dns.providers + ''; + # TODO: configure the default somewhere else, + # maybe use krebs.dns.providers default = { # github.io -> 192.30.252.154 @@ -96,7 +96,7 @@ let IN A 185.199.110.153 IN A 185.199.111.153 ''; - }; + }; }; }; diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 6fe71e31b..d919c8129 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -151,6 +151,7 @@ in { "makanek.kmein.r" "grafana.kmein.r" "names.kmein.r" + "graph.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 1f118b8b0..280021347 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -71,6 +71,7 @@ in { 60 IN NS ns16.ovh.net. 60 IN NS dns16.ovh.net. 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + 60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr} IN MX 5 lassul.us. 60 IN TXT v=spf1 mx a:lassul.us -all 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) @@ -98,6 +99,10 @@ in { addr = "95.216.1.150"; prefix = "0.0.0.0/0"; }; + ip6 = { + addr = "2a01:4f9:2a:1e9::1"; + prefix = "2a01:4f9:2a:1e9::/64"; + }; aliases = [ "prism.i" "paste.i" @@ -113,6 +118,7 @@ in { "cache.prism.r" "cgit.prism.r" "flix.r" + "jelly.r" "paste.r" "c.r" "p.r" @@ -569,6 +575,20 @@ in { ci = false; syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; + tablet = { + nets = { + wiregrill = { + ip4.addr = "10.244.1.14"; + ip6.addr = w6 "b"; + aliases = [ + "tablet.w" + ]; + wireguard.pubkey = "eIafsxYEFCqmWNFon6ZsYXeDrK4X1UJ9KD0zmNZjgEI="; + }; + }; + external = true; + ci = false; + }; hilum = { cores = 1; nets = { @@ -817,5 +837,8 @@ in { mail = "lassulus@gmail.com"; pubkey = builtins.readFile ./ssh/android.ed25519; }; + lass-tablet = { + pubkey = builtins.readFile ./ssh/tablet.ed25519; + }; }; } diff --git a/krebs/3modules/lass/ssh/tablet.ed25519 b/krebs/3modules/lass/ssh/tablet.ed25519 new file mode 100644 index 000000000..250be53f7 --- /dev/null +++ b/krebs/3modules/lass/ssh/tablet.ed25519 @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMaulRARjJt6gQ4q5DCj3ySAf4juHvVaIcXDRhWZ5mM u0_a234@localhost \ No newline at end of file diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 03431ce5f..7780863a3 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -221,7 +221,7 @@ in { "cgit.gum.r" "dcpp.gum.r" "dcpp.nextgum.r" - "graph.r" + "graph.makefu.r" "logs.makefu.r" "netdata.makefu.r" "nextgum.r" diff --git a/tv/5pkgs/haskell/mailaids.nix b/krebs/5pkgs/haskell/mailaids.nix similarity index 100% rename from tv/5pkgs/haskell/mailaids.nix rename to krebs/5pkgs/haskell/mailaids.nix diff --git a/krebs/5pkgs/haskell/purebred-email/default.nix b/krebs/5pkgs/haskell/purebred-email/default.nix new file mode 100644 index 000000000..ebf315388 --- /dev/null +++ b/krebs/5pkgs/haskell/purebred-email/default.nix @@ -0,0 +1,34 @@ +{ mkDerivation, attoparsec, base, base64-bytestring, bytestring +, case-insensitive, concise, deepseq, fetchgit, hedgehog, lens, lib +, QuickCheck, quickcheck-instances, semigroupoids, semigroups +, stringsearch, tasty, tasty-golden, tasty-hedgehog, tasty-hunit +, tasty-quickcheck, text, time +}: +mkDerivation { + pname = "purebred-email"; + version = "0.4.3"; + src = fetchgit { + url = "https://github.com/purebred-mua/purebred-email"; + sha256 = "06xhccavrdzfsvg65mzdnp0a7b1ilk2rqpnyvkr171ir6mqdpb19"; + rev = "769b360643f699c0a8cd6f1c3a3de36cf0479834"; + fetchSubmodules = true; + }; + patches = [ + ./untweak-mime-version-header.patch + ]; + isLibrary = true; + isExecutable = true; + libraryHaskellDepends = [ + attoparsec base base64-bytestring bytestring case-insensitive + concise deepseq lens semigroupoids semigroups stringsearch text + time + ]; + testHaskellDepends = [ + attoparsec base bytestring case-insensitive hedgehog lens + QuickCheck quickcheck-instances semigroups tasty tasty-golden + tasty-hedgehog tasty-hunit tasty-quickcheck text time + ]; + homepage = "https://github.com/purebred-mua/purebred-email"; + description = "types and parser for email messages (including MIME)"; + license = lib.licenses.agpl3Plus; +} diff --git a/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch new file mode 100644 index 000000000..97baf7ac1 --- /dev/null +++ b/krebs/5pkgs/haskell/purebred-email/untweak-mime-version-header.patch @@ -0,0 +1,65 @@ +diff --git a/src/Data/MIME.hs b/src/Data/MIME.hs +index 19af53e..be8cbd4 100644 +--- a/src/Data/MIME.hs ++++ b/src/Data/MIME.hs +@@ -810,7 +810,6 @@ multipart takeTillEnd boundary = + -- | Sets the @MIME-Version: 1.0@ header. + -- + instance RenderMessage MIME where +- tweakHeaders = set (headers . at "MIME-Version") (Just "1.0") + buildBody h z = Just $ case z of + Part partbody -> Builder.byteString partbody + Encapsulated msg -> buildMessage msg +diff --git a/tests/Generator.hs b/tests/Generator.hs +index 9e1f166..23bd122 100644 +--- a/tests/Generator.hs ++++ b/tests/Generator.hs +@@ -64,7 +64,7 @@ exampleMailsParseSuccessfully = + textPlain7bit :: MIMEMessage + textPlain7bit = + let m = createTextPlainMessage "This is a simple mail." +- in over headers (\(Headers xs) -> Headers $ (CI.mk "Subject", "Hello there") : xs) m ++ in over headers (\(Headers xs) -> Headers $ (CI.mk "MIME-Version", "1.0") : (CI.mk "Subject", "Hello there") : xs) m + + multiPartMail :: MIMEMessage + multiPartMail = +@@ -72,13 +72,16 @@ multiPartMail = + to' = Single $ Mailbox Nothing (AddrSpec "bar" (DomainDotAtom $ pure "bar.com")) + subject = "Hello there" + p = createTextPlainMessage "This is a simple mail." ++ & set (headers . at "MIME-Version") (Just "1.0") + a = createAttachment + contentTypeApplicationOctetStream + (Just "foo.bin") + "fileContentsASDF" ++ & set (headers . at "MIME-Version") (Just "1.0") + now = UTCTime (ModifiedJulianDay 123) (secondsToDiffTime 123) + in createMultipartMixedMessage "asdf" (fromList [p, a]) +- & set (headers . at "From") (Just $ renderMailboxes [from']) ++ & set (headers . at "MIME-Version") (Just "1.0") ++ . set (headers . at "From") (Just $ renderMailboxes [from']) + . set (headers . at "To") (Just $ renderAddresses [to']) + . set (headers . at "Date") (Just $ renderRFC5422Date now) + . set (headers . at "Subject") (Just $ T.encodeUtf8 subject) +diff --git a/tests/Message.hs b/tests/Message.hs +index 6711519..3e40397 100644 +--- a/tests/Message.hs ++++ b/tests/Message.hs +@@ -29,7 +29,7 @@ import Data.Char (isPrint) + import Data.Foldable (fold) + import Data.List.NonEmpty (NonEmpty(..), intersperse) + +-import Control.Lens (set, view) ++import Control.Lens ((&), at, set, view) + import qualified Data.ByteString as B + import qualified Data.Text as T + +@@ -99,7 +99,7 @@ genMessage = Gen.choice [ genTextPlain, genMultipart, encapsulate <$> genMessage + prop_messageRoundTrip :: Property + prop_messageRoundTrip = property $ do + msg <- forAll genMessage +- parse (message mime) (renderMessage msg) === Right msg ++ parse (message mime) (renderMessage $ msg & set (headers . at "MIME-Version") (Just "1.0")) === Right msg + + prop_messageFromRoundTrip :: Property + prop_messageFromRoundTrip = property $ do diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 45f9ae00e..c92a239f9 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -284,6 +284,12 @@ with import ; localAddress = "10.233.2.14"; }; + services.nginx.virtualHosts."jelly.r" = { + locations."/".extraConfig = '' + proxy_pass http://10.233.2.14:8096/; + proxy_set_header Accept-Encoding ""; + ''; + }; services.nginx.virtualHosts."flix.r" = { locations."/".extraConfig = '' proxy_pass http://10.233.2.14:80/; diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix index e7dc54dd0..1f6deb1bf 100644 --- a/makefu/2configs/deployment/graphs.nix +++ b/makefu/2configs/deployment/graphs.nix @@ -18,7 +18,7 @@ in { } ''; serverAliases = [ - "graph.r" + "graph.makefu.r" "graph.${hn}" "graph.${hn}.r" ]; }; diff --git a/submodules/krops b/submodules/krops index 05f0d3b5c..13ae434b1 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 05f0d3b5c1d38fbbd53142362a7821cc8bc1150a +Subproject commit 13ae434b140035e7e2664bd5a8ef4c475413b2e0 diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix index f0ef6f9b0..bf250cefa 100644 --- a/tv/1systems/wu/config.nix +++ b/tv/1systems/wu/config.nix @@ -33,5 +33,11 @@ with import ; }; networking.wireless.enable = true; + networking.wireless.interfaces = [ + "wlp3s0" + ]; + networking.interfaces.enp4s0f2.useDHCP = true; + networking.interfaces.wlp3s0.useDHCP = true; + networking.useDHCP = false; } diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 8e8d0a468..de298e162 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -1,8 +1,6 @@ with import ; { config, pkgs, ... }: { - boot.kernelPackages = mkDefault pkgs.linuxPackages_latest; - boot.tmpOnTmpfs = true; krebs.enable = true; diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index 2b8457e40..6f4dedad6 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -65,6 +65,9 @@ let { public-repos = mapAttrs make-public-repo ({ } // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) { + couchfs = { + cgit.desc = "filesystem (in userspace) on top of CouchDB"; + }; crx = { cgit.desc = "utilities for working with Chrome extensions"; };