Merge remote-tracking branch 'gum/master'

This commit is contained in:
lassulus 2015-12-30 17:16:05 +01:00
commit 9b890750e2
6 changed files with 62 additions and 21 deletions

View File

@ -70,12 +70,17 @@ let
REAKTOR_HOST REAKTOR_HOST
REAKTOR_PORT REAKTOR_PORT
REAKTOR_STATEDIR REAKTOR_STATEDIR
REAKTOR_CHANNELS
debug and nickname can be set separately via the Reaktor api debug and nickname can be set separately via the Reaktor api
''; '';
}; };
channels = mkOption {
default = [ "#krebs" ];
type = types.listOf types.str;
description = ''
Channels the Reaktor should connect to at startup.
'';
};
debug = mkOption { debug = mkOption {
default = false; default = false;
description = '' description = ''
@ -112,7 +117,9 @@ let
GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
REAKTOR_NICKNAME = cfg.nickname; REAKTOR_NICKNAME = cfg.nickname;
REAKTOR_DEBUG = (if cfg.debug then "True" else "False"); REAKTOR_DEBUG = (if cfg.debug then "True" else "False");
REAKTOR_CHANNELS = lib.concatStringsSep "," cfg.channels;
state_dir = cfg.workdir; state_dir = cfg.workdir;
} // cfg.extraEnviron; } // cfg.extraEnviron;
serviceConfig= { serviceConfig= {
ExecStartPre = pkgs.writeScript "Reaktor-init" '' ExecStartPre = pkgs.writeScript "Reaktor-init" ''

View File

@ -1,14 +1,12 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
with builtins;
with lib; with lib;
let let
cfg = config.krebs.exim-retiolum; cfg = config.krebs.exim-retiolum;
out = { out = {
options.krebs.exim-retiolum = api; options.krebs.exim-retiolum = api;
config = config = mkIf cfg.enable imp;
mkIf cfg.enable imp;
}; };
api = { api = {
@ -16,13 +14,13 @@ let
}; };
imp = { imp = {
services.exim = services.exim = {
# This configuration makes only sense for retiolum-enabled hosts. enable = true;
# TODO modular configuration config =
assert config.krebs.retiolum.enable; # This configuration makes only sense for retiolum-enabled hosts.
{ # TODO modular configuration
enable = true; assert config.krebs.retiolum.enable;
config = '' ''
primary_hostname = ${retiolumHostname} primary_hostname = ${retiolumHostname}
domainlist local_domains = @ : localhost domainlist local_domains = @ : localhost
domainlist relay_to_domains = *.retiolum domainlist relay_to_domains = *.retiolum
@ -134,7 +132,7 @@ let
begin authenticators begin authenticators
''; '';
}; };
}; };
# TODO get the hostname from somewhere else. # TODO get the hostname from somewhere else.

View File

@ -14,6 +14,7 @@ rec {
buildSimpleReaktorPlugin = name: { script buildSimpleReaktorPlugin = name: { script
, path ? [] , path ? []
, env ? {} , env ? {}
, append_rule ? false # append the rule instead of insert
, pattern ? "" , pattern ? ""
, ... } @ attrs: , ... } @ attrs:
let let
@ -26,7 +27,7 @@ rec {
}); });
src_file = "${src_dir}/bin/${name}"; src_file = "${src_dir}/bin/${name}";
config = '' config = ''
public_commands.insert(0,{ public_commands.${if append_rule then "append(" else "insert(0," }{
'capname' : "${name}", 'capname' : "${name}",
'pattern' : ${if pattern == "" then 'pattern' : ${if pattern == "" then
''indirect_pattern.format("${name}")'' else ''indirect_pattern.format("${name}")'' else
@ -58,9 +59,10 @@ rec {
}; };
sed-plugin = buildSimpleReaktorPlugin "sed-plugin" { sed-plugin = buildSimpleReaktorPlugin "sed-plugin" {
path = [ pkgs.gnused ]; path = [ pkgs.gnused pkgs.python3 ];
# only support s///gi the plugin needs to see every msg # only support s///gi the plugin needs to see every msg
# TODO: this will eat up the last regex, fix Reaktor to support fallthru # TODO: this will eat up the last regex, fix Reaktor to support fallthru
append_rule = true;
pattern = "^(?P<args>.*)$$"; pattern = "^(?P<args>.*)$$";
script = ./scripts/sed-plugin.py; script = ./scripts/sed-plugin.py;
}; };
@ -105,7 +107,7 @@ rec {
config = '' config = ''
def titlebot_cmd(cmd): def titlebot_cmd(cmd):
from os import environ from os import environ
return { 'capname': cmd, return { 'capname': None,
'env': { 'TITLEDB': 'env': { 'TITLEDB':
environ['state_dir']+'/suggestions.json' }, environ['state_dir']+'/suggestions.json' },
'pattern': '^\\.' + cmd + '\\s*(?:\\s+(?P<args>.*))?$$', 'pattern': '^\\.' + cmd + '\\s*(?:\\s+(?P<args>.*))?$$',

View File

@ -18,8 +18,6 @@ in {
../2configs/iodined.nix ../2configs/iodined.nix
# Reaktor
../2configs/Reaktor/simpleExtend.nix
# other nginx # other nginx
../2configs/nginx/euer.wiki.nix ../2configs/nginx/euer.wiki.nix
@ -29,9 +27,21 @@ in {
# collectd # collectd
../2configs/collectd/collectd-base.nix ../2configs/collectd/collectd-base.nix
]; ];
krebs.build.host = config.krebs.hosts.wry; krebs.build.host = config.krebs.hosts.wry;
krebs.Reaktor.enable = true; krebs.Reaktor = {
nickname = "Reaktor|bot";
channels = [ "#krebs" "#shackspace" "#binaergewitter" ];
enable = true;
plugins = with pkgs.ReaktorPlugins;[
titlebot
# stockholm-issue
nixos-version
shack-correct
sed-plugin
random-emoji ];
};
# bepasty to listen only on the correct interfaces # bepasty to listen only on the correct interfaces
krebs.bepasty.servers.internal.nginx.listen = [ "${internal-ip}:80" ]; krebs.bepasty.servers.internal.nginx.listen = [ "${internal-ip}:80" ];
@ -59,11 +69,11 @@ in {
}; };
networking = { networking = {
firewall = { firewall = {
allowPing = true; allowPing = true;
logRefusedConnections = false; logRefusedConnections = false;
allowedTCPPorts = [ 53 80 443 ]; allowedTCPPorts = [ 53 80 443 ];
allowedUDPPorts = [ 655 ]; allowedUDPPorts = [ 655 53 ];
}; };
interfaces.enp2s1.ip4 = [{ interfaces.enp2s1.ip4 = [{
address = external-ip; address = external-ip;

View File

@ -0,0 +1,13 @@
{ config, pkgs, lib, ... }:
{
krebs = {
enable = true;
build.user = config.krebs.users.shared;
build.host = config.krebs.hosts.test-all-krebs-modules;
};
# just get the system running
boot.loader.grub.devices = ["/dev/sda"];
fileSystems."/" = {
device = "/dev/lol";
};
}

View File

@ -94,6 +94,17 @@ in {
--argstr current-host-name lol \ --argstr current-host-name lol \
--strict --json"]) --strict --json"])
addShell(f,name="instantiate-test-minimal-deploy",env=env,
command=nixshell + \
["nix-instantiate --eval -A \
users.shared.test-minimal-deploy.system \
-I stockholm=. \
-I secrets=. '<stockholm>' \
--argstr current-date lol \
--argstr current-user-name shared \
--argstr current-host-name lol \
--strict --json"])
bu.append(util.BuilderConfig(name="fast-tests", bu.append(util.BuilderConfig(name="fast-tests",
slavenames=slavenames, slavenames=slavenames,
factory=f)) factory=f))