Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'lass/master'

Browse Source
This commit is contained in:
makefu 2020-02-19 14:43:00 +01:00
commit e5bf98defe
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
7 changed files with 203 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
krebs/3modules/external/default.nix vendored
View File

@ -109,29 +109,6 @@ in {
};
};
};
idontcare = {
owner = config.krebs.users.Mic92;
nets = rec {
retiolum = {
addrs = [
config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
];
ip4.addr = "10.243.29.177";
aliases = [ "idontcare.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
jongepad = {
owner = config.krebs.users.jonge;
nets = {
@ -201,30 +178,6 @@ in {
wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ=";
};
};
rock = {
owner = config.krebs.users.Mic92;
nets = {
retiolum = {
ip4.addr = "10.243.29.171";
aliases = [ "rock.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
scardanelli = {
owner = config.krebs.users.kmein;
nets = {

68
krebs/3modules/external/mic92.nix vendored
View File

@ -66,6 +66,27 @@ in {
};
};
};
dimitrios = {
owner = config.krebs.users.Mic92;
nets = {
retiolum = {
ip4.addr = "10.243.29.183";
aliases = [
"dimitrios.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAutdjBACUieeP6hPqLazSo/MG5HiueUu3WZ1qPwpiPfJpPT59GckD
SI+TfCzaaZrifh1sRP30QhOH9+ca5DPPNQuk3ZPVAS2dqSmea0RBnYgq1J9EJ2Ty
EMzAYWjKIT8sJiEh4znnq7DDsd/JF5nIbhwgpkytxqAH8us5ABB940RkRMwDUS9M
tWB1NCbS7q1JWEoCHguAbh4B5qv4gxwDqzj3UwTR1Fd+SO3o9/giKhvpk0iQfsDO
DGXgxnpXybr7HGdRH2u3uAKXlwzwOpLHlohdLRC5txK8Osl0zVNqiiiV9SpuS0W1
OrHcbfEuPbuuI4pOXKMoZxbaehQ4SmEVBwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
donna = {
owner = config.krebs.users.Mic92;
nets = rec {
@ -123,6 +144,29 @@ in {
};
};
};
idontcare = {
owner = config.krebs.users.Mic92;
nets = rec {
retiolum = {
addrs = [
config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
];
ip4.addr = "10.243.29.177";
aliases = [ "idontcare.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
};
inspector = {
owner = config.krebs.users.Mic92;
nets = rec {
@ -282,6 +326,30 @@ in {
};
};
};
rock = {
owner = config.krebs.users.Mic92;
nets = {
retiolum = {
ip4.addr = "10.243.29.171";
aliases = [ "rock.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
rose = {
owner = config.krebs.users.Mic92;
nets = rec {

6
krebs/nixpkgs.json
View File

@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "eb65d1dae626f4b149566c4cbccdad7ec24af189",
"date": "2020-01-13T10:34:45+00:00",
"sha256": "0zl4zakmw2s7gnkc2bmnjl71xg55n0kqrcm834kjq49lwwmdk225",
"rev": "c49da6435f314e04fc58ca29807221817ac2ac6b",
"date": "2020-02-07T12:52:16+01:00",
"sha256": "17zsqhaf098bvcfarnq0h9601z6smkfd1kz1px6xfg6xqfmr80r7",
"fetchSubmodules": false
}

9
lass/1systems/hilum/config.nix
View File

@ -21,7 +21,14 @@
source /grub/autoiso.cfg
}
'';
extraFiles."/grub/autoiso.cfg" = "${pkgs.grub2.src}/docs/autoiso.cfg";
extraFiles."/grub/autoiso.cfg" = (pkgs.stdenv.mkDerivation {
name = "autoiso.cfg";
src = pkgs.grub2.src;
phases = [ "unpackPhase" "installPhase" ];
installPhase = ''
cp docs/autoiso.cfg $out
'';
});
};
services.logind.lidSwitch = "ignore";

151
lass/1systems/iso/default.nix → lass/1systems/wizard/config.nix
View File

@ -1,42 +1,118 @@
{ config, pkgs, ... }:
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
wizard = pkgs.writers.writeBash "wizard" ''
shopt -s extglob
icon = pkgs.writeText "icon" ''
//
//
_ //
.' . // '.
'_ '_\/_' `_
. . \\ . .
.==. ` \\' .'
.\| //bd\\ \,
\_'`._\\__//_.'`.;
`.__ __,' \\
| | \\
| | `
| |
| |
|____|
l42 ==' '==
'';
echo -n '
messenger = pkgs.writeText "message" ''
.
| \/|
(\ _ ) )|/|
(/ _----. /.'.'
.-._________.. .' @ _\ .'
'.._______. '. / (_| .')
'._____. / '-/ | _.'
'.______ ( ) ) \
'..____ '._ ) )
.' __.--\ , , // ((
'.' mrf| \/ (_.'(
' \ .'
\ (
\ '.
\ \ '.)
'-'-'
'';
waiting = pkgs.writeText "waiting" ''
Z
Z
z
z
* '
/ \
/___\
( - - )
) L ( .--------------.
__()(-)()__ | \ |
.~~ )()()() ~. | . :
/ )()() ` | `-.__________)
| )() ~ | : :
| ) | : |
| _ | | [ ## :
\ ~~-. | , oo_______.'
`_ ( \) _____/~~~~ `--___
| ~`-) ) `-. `--- ( - a:f -
| '///` | `-.
| | | | `-.
| | | | `-.
| | |\ |
| | | \|
`-. | | |
`-| '
'';
wizard = pkgs.writers.writeDash "wizard" ''
cat ${icon}
echo -n '${''
welcome to the computer wizard
first we will check for internet connectivity
(press enter to continue)
'
read -n 1 -s
if ! ping -c1 lassul.us; then
echo 'no internet detectio, you will have to provide credentials'
read -n 1 -s
nmtui
fi
# ping -c1 lassuls.us || ${pkgs.writeDash "nm-dmenu" ''
# set -x
# export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
# exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
# ''}
''}'
mode=$(echo -n '
1. help of the wizard
2. let the wizard watch and help if needed
3. I will do it alone
' | ${pkgs.fzf}/bin/fzf --reverse)
read -p '(press enter to continue...)' key
until ping -c1 8.8.8.8; do
${pkgs.nm-dmenu}/bin/nm-dmenu
done
mode=$(echo -n '${''
1. Help of the wizard
2. Install NixOS
3. I know what I need to do
''}' | ${pkgs.fzf}/bin/fzf --reverse)
case "$mode" in
1*)
echo 'mode_1' > /tmp/mode
clear
echo 'waiting for the messenger to reach the wizard'
cat ${messenger}
# get pubkeys
mkdir -p /root/.ssh/
touch /root/.ssh/authorized_keys
curl -Ss 'https://lassul.us/mors.pub' >> /root/.ssh/authorized_keys
curl -Ss 'https://lassul.us/blue.pub' >> /root/.ssh/authorized_keys
curl -Ss 'https://lassul.us/yubi.pub' >> /root/.ssh/authorized_keys
# write via irc
systemctl start hidden-ssh-announce.service
tmux new -s help
tmux new-session -s help ${pkgs.writers.writeDash "waiting" ''
cat ${waiting}
read -p 'waiting for the wizard to wake up' key
${pkgs.bashInteractive}/bin/bash
''}
;;
2*)
echo 'mode_2' > /tmp/mode
${pkgs.nixos-installer}/bin/nixos-installer
;;
3*)
echo 'mode_3' > /tmp/mode
@ -52,6 +128,7 @@ in {
<stockholm/krebs>
<stockholm/lass/3modules>
<stockholm/lass/2configs/vim.nix>
# <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-base.nix>
{
nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs;
krebs.enable = true;
@ -86,14 +163,14 @@ in {
networking.hostName = "wizard";
nixpkgs.config.allowUnfree = true;
users.extraUsers = {
root = {
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
config.krebs.users.lass-mors.pubkey
];
};
};
# users.extraUsers = {
# root = {
# openssh.authorizedKeys.keys = [
# config.krebs.users.lass.pubkey
# config.krebs.users.lass-mors.pubkey
# ];
# };
# };
environment.systemPackages = with pkgs; [
#stockholm
@ -120,16 +197,12 @@ in {
aria2
#neat utils
dmenu
chntpw
hashPassword
krebspaste
pciutils
pop
psmisc
q
rs
tmux
untilport
usbutils
#unpack stuff
@ -141,6 +214,8 @@ in {
ddrescue
ntfs3g
dosfstools
nixos-installer
];
environment.extraInit = ''
@ -193,10 +268,10 @@ in {
krebs.hidden-ssh = {
enable = true;
channel = "##lassulus-wizard";
message = "lassulus: torify sshn root@";
};
systemd.services.hidden-ssh-announce.wantedBy = mkForce [];
services.mingetty.autologinUser = "root";
services.mingetty.autologinUser = lib.mkForce "root";
nixpkgs.config.packageOverrides = super: {
dmenu = pkgs.writeDashBin "dmenu" ''

2
lass/1systems/iso/generate-iso.sh → lass/1systems/wizard/generate-iso.sh
View File

@ -4,4 +4,4 @@
set -xefu
WD=$(dirname "$0")
nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/default.nix -f install-iso
nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/config.nix -f install-iso

10
lass/1systems/wizard/test.nix Normal file
View File

@ -0,0 +1,10 @@
{ config, lib, pkgs, ... }:
{
imports = [
./default.nix
];
virtualisation.emptyDiskImages = [
8000
];
virtualisation.memorySize = 1024;
}