Merge remote-tracking branch 'gum/master'

2017-07-17 08:02:01 +02:00 · 2017-07-17 08:02:01 +02:00 · ae5fef979d
commit ae5fef979d
parent 2d6447d966 a3f6c2e49d
15 changed files with 50 additions and 26 deletions
--- a/makefu/1systems/gum/source.nix
+++ b/makefu/1systems/gum/source.nix
@ -1,3 +1,4 @@
 import <stockholm/makefu/source.nix> {
  name="gum";
  torrent = true;
 }
--- a/makefu/1systems/sdev/config.nix
+++ b/makefu/1systems/sdev/config.nix
@ -7,7 +7,7 @@
      <stockholm/makefu>
      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
-      <stockholm/makefu/2configs/main-laptop.nix #< base-gui>
+      <stockholm/makefu/2configs/main-laptop.nix>
      # <secrets/extra-hosts.nix>
      # environment
--- a/makefu/1systems/studio/source.nix
+++ b/makefu/1systems/studio/source.nix
@ -2,6 +2,6 @@ import <stockholm/makefu/source.nix> {
  name="studio";
  override.musnix.git = {
    url = https://github.com/musnix/musnix.git;
-    ref = "f0ec1f3";
+    ref = "d8b989f";
  };
 }
--- a/makefu/1systems/vbob/config.nix
+++ b/makefu/1systems/vbob/config.nix
@ -7,7 +7,10 @@
      <stockholm/makefu>
      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
      (toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
-      <stockholm/makefu/2configs/main-laptop.nix #< base-gui>
+      # base gui
      <stockholm/makefu/2configs/main-laptop.nix>
      # security
      <stockholm/makefu/2configs/sshd-totp.nix>
      # Tools
--- a/makefu/1systems/vbob/source.nix
+++ b/makefu/1systems/vbob/source.nix
@ -1,3 +1,7 @@
 import <stockholm/makefu/source.nix> {
-  name="vbob";
+  name="studio";
  override.musnix.git = {
    url = https://github.com/musnix/musnix.git;
    ref = "d8b989f";
  };
 }
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@ -20,7 +20,7 @@ in {
      # <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
      <stockholm/makefu/2configs/stats/client.nix>
-      <stockholm/makefu/2configs/gui/studio.nix>
+      <stockholm/makefu/2configs/gui/studio-virtual.nix>
      <stockholm/makefu/2configs/audio/jack-on-pulse.nix>
      <stockholm/makefu/2configs/audio/realtime-audio.nix>
      <stockholm/makefu/2configs/vncserver.nix>
--- a/makefu/1systems/wbob/source.nix
+++ b/makefu/1systems/wbob/source.nix
@ -1,3 +1,7 @@
 import <stockholm/makefu/source.nix> {
-  name="wbob";
+  name="studio";
  override.musnix.git = {
    url = https://github.com/musnix/musnix.git;
    ref = "d8b989f";
  };
 }
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@ -19,6 +19,7 @@ with import <stockholm/lib>;
      # <stockholm/makefu/2configs/disable_v6.nix>
      # Testing
      # <stockholm/makefu/2configs/torrent.nix>
      # <stockholm/makefu/2configs/lanparty/lancache.nix>
      # <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
      # <stockholm/makefu/2configs/deployment/dirctator.nix>
--- a/makefu/1systems/x/source.nix
+++ b/makefu/1systems/x/source.nix
@ -1,4 +1,5 @@
 import <stockholm/makefu/source.nix> {
  name="x";
  full = true;
  # torrent = true;
 }
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@ -109,6 +109,7 @@ with import <stockholm/lib>;
  environment.shellAliases = {
    # TODO: see .aliases
    lsl = "ls -lAtr";
    dmesg = "journalctl -kb | cat";
    psg = "ps -ef | grep";
    nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
    grep = "grep --color=auto";
--- a/makefu/2configs/gui/studio-virtual.nix
+++ b/makefu/2configs/gui/studio-virtual.nix
@ -0,0 +1,19 @@
 { config, lib, ... }:
 let
  user = config.makefu.gui.user;
 in
 {
  imports = [
    <nixpkgs/nixos/modules/services/x11/terminal-server.nix>
  ];
  services.xserver.displayManager.sddm.enable = lib.mkForce false;
  services.xserver.desktopManager = {
    default = "plasma5";
    plasma5.enable = true;
  };
  services.xserver.layout = "us";
  services.xserver.xkbVariant = "altgr-intl";
  services.xserver.xkbOptions = "ctrl:nocaps";
 }
--- a/makefu/2configs/torrent.nix
+++ b/makefu/2configs/torrent.nix
@ -10,11 +10,6 @@ let
  daemon-port = 58846;
  dl-dir = config.makefu.dl-dir;
 in {
  # prepare secrets
  krebs.build.source.torrent-secrets.file =
    if getEnv "dummy_secrets" == "true"
    then toString <stockholm/makefu/6tests/data/secrets>
    else config.makefu.torrent-secrets ;
  users.users = {
    download = {
--- a/makefu/2configs/unstable-sources.nix
+++ b/makefu/2configs/unstable-sources.nix
@ -1,8 +0,0 @@
 _:
 {
  krebs.build.source.nixpkgs = {
      url = https://github.com/makefu/nixpkgs;
      rev = "15b5bbfbd1c8a55e7d9e05dd9058dc102fac04fe"; # cherry-picked collectd
    };
 }
--- a/makefu/2configs/vncserver.nix
+++ b/makefu/2configs/vncserver.nix
@ -3,14 +3,13 @@ with lib;
 let
  pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
  pwtmp = "/tmp/vnc-password";
  # nixos-unstable tigervnc is currently broken :\
  package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
  user = config.makefu.gui.user;
  vnc_port = 5900;
  web_port = 6080;
 in {
  networking.firewall.allowedTCPPorts = [ 80 vnc_port web_port ];
  systemd.services = {
    # TODO: terminal-server without a real gui and virtual display manager
    terminal-server = {
      description = "VNC Terminal Server";
      after = [ "display-manager.service"  "graphical.target" ];
@ -22,7 +21,7 @@ in {
          sleep 5
          install -m0700 -o ${user} ${pwfile} ${pwtmp}
        '';
-        ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}";
+        ExecStart = "${pkgs.tigervnc}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}";
        PermissionsStartOnly = true;
        PrivateTmp = true;
      };
--- a/makefu/source.nix
+++ b/makefu/source.nix
@ -1,10 +1,10 @@
 with import <stockholm/lib>;
-host@{ name, secure ? false, override ? {}, full ? false }: let
+host@{ name, secure ? false, override ? {}, full ? false, torrent ? false }: let
  builder = if getEnv "dummy_secrets" == "true"
              then "buildbot"
              else "makefu";
  _file = <stockholm> + "/makefu/1systems/${name}/source.nix";
-  ref = "06734d1"; # unstable @ 2017-07-03 + graceful requests2 (a772c3aa)
+  ref = "0751450"; # unstable @ 2017-07-16 + graceful requests2 (a772c3aa)
 in
  evalSource (toString _file) [
@ -29,10 +29,14 @@ in
        buildbot = toString <stockholm/makefu/6tests/data/secrets>;
        makefu = "/home/makefu/secrets/${name}";
      };
      stockholm.file = toString <stockholm>;
    }
-    (mkIf (builder == "makefu") {
+    (mkIf ( torrent ) {
-      secrets-common.file = "/home/makefu/secrets/common";
+      torrent-secrets.file = getAttr builder {
        buildbot = toString <stockholm/makefu/6tests/data/secrets>;
        makefu = "/home/makefu/secrets/torrent" ;
      };
    })
    override
  ]