From ce10f57b3be0042ccf01ed2605ef9911537552cf Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 17 Jan 2016 00:30:00 +0100 Subject: [PATCH 01/14] k 5 krebszones: add todo/doc --- krebs/5pkgs/krebszones/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/krebs/5pkgs/krebszones/default.nix b/krebs/5pkgs/krebszones/default.nix index f6fd672dc..9230192bd 100644 --- a/krebs/5pkgs/krebszones/default.nix +++ b/krebs/5pkgs/krebszones/default.nix @@ -1,5 +1,10 @@ { lib, pkgs,python3Packages,fetchurl, ... }: +# TODO: Prepare a diff of future and current +## ovh-zone export krebsco.de --config ~/secrets/krebs/cfg.json |sed 's/[ ]\+/ /g' | sort current +## sed 's/[ ]\+/ /g'/etc/zones/krebsco.de | sort > future +## diff future.sorted current.sorted + python3Packages.buildPythonPackage rec { name = "krebszones-${version}"; version = "0.4.4"; From f42d23f69bb84186b5218cfa49e1321a80acc293 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 17 Jan 2016 00:40:06 +0100 Subject: [PATCH 02/14] ma 2 smart-monitor: disable autodetection --- makefu/1systems/gum.nix | 5 ++++- makefu/2configs/smart-monitor.nix | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 1907424ec..ac7524506 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -21,7 +21,7 @@ in { ]; - + services.smartd.devices = [ { device = "/dev/sda";} ]; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; ###### stable @@ -32,6 +32,9 @@ in { ListenAddress = ${external-ip} 655 ListenAddress = ${external-ip} 21031 ''; + krebs.nginx.servers.cgit.server-names = [ + "cgit.euer.krebsco.de" + ]; # Chat environment.systemPackages = with pkgs;[ diff --git a/makefu/2configs/smart-monitor.nix b/makefu/2configs/smart-monitor.nix index a37969d3d..daf3aad01 100644 --- a/makefu/2configs/smart-monitor.nix +++ b/makefu/2configs/smart-monitor.nix @@ -3,6 +3,7 @@ krebs.exim-retiolum.enable = lib.mkDefault true; services.smartd = { enable = true; + autodetect = false; notifications = { mail = { enable = true; From 908149206b4680c951487d9ddded6636b35cd4d9 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 17 Jan 2016 00:40:26 +0100 Subject: [PATCH 03/14] ma 1 omo: bump to unstable@2016-01-13 --- makefu/1systems/omo.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index e11665fbc..552af4e4f 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -33,6 +33,7 @@ in { ]; # services.openssh.allowSFTP = false; krebs.build.host = config.krebs.hosts.omo; + krebs.build.source.git.nixpkgs.rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce"; # copy config from to /var/lib/sabnzbd/ services.sabnzbd.enable = true; From 769b939e8d74ad3d6358ccebc1ed356c3ba3f219 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 17 Jan 2016 00:41:02 +0100 Subject: [PATCH 04/14] ma 2 vim: disable youcompleteme, install breaks --- makefu/2configs/vim.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/vim.nix b/makefu/2configs/vim.nix index 02a46d22a..227d73c81 100644 --- a/makefu/2configs/vim.nix +++ b/makefu/2configs/vim.nix @@ -122,7 +122,7 @@ in { vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" - "YouCompleteMe" + # "YouCompleteMe" "vim-better-whitespace" ]; } { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } ]; From de891cf43181d28cbc9526993df4e55022d230da Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 17 Jan 2016 00:46:28 +0100 Subject: [PATCH 05/14] ma 2 default: whitelist unrar from unfree --- makefu/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7771e24d4..ec1100582 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -13,7 +13,7 @@ with lib; ./vim.nix ]; - + nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { enable = true; search-domain = "retiolum"; From 818ea249f08846a1b5efdf4cb09ba94e07e44e74 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Jan 2016 20:04:29 +0100 Subject: [PATCH 06/14] ma 2 git/cgit: add init-stockholm repo --- makefu/2configs/git/cgit-retiolum.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 35bb169cf..7d85eb8d1 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -16,6 +16,9 @@ let desc = "Tinc Advanced Graph Generation"; }; cac = { }; + init-stockholm = { + desc = "Init stuff for stockholm"; + }; }; priv-repos = mapAttrs make-priv-repo { From 1b39a26933966c5da8316f81ae67ff88e56d348d Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Jan 2016 20:37:46 +0100 Subject: [PATCH 07/14] ma 2 tinc-basic-retiolum: remove obsolete hosts path - corresponds with defaults --- makefu/2configs/tinc-basic-retiolum.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/makefu/2configs/tinc-basic-retiolum.nix b/makefu/2configs/tinc-basic-retiolum.nix index 2abf4f188..f49c596fc 100644 --- a/makefu/2configs/tinc-basic-retiolum.nix +++ b/makefu/2configs/tinc-basic-retiolum.nix @@ -4,7 +4,6 @@ with lib; { krebs.retiolum = { enable = true; - hosts = ../../krebs/Zhosts; connectTo = [ "gum" "pigstarter" From 93c217475155f4a7770607b854da9c95ff7b336c Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 13 Jan 2016 12:20:01 +0100 Subject: [PATCH 08/14] ma 5 awesomecfg/full: remove volume field --- makefu/5pkgs/awesomecfg/full.cfg | 3 --- 1 file changed, 3 deletions(-) diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index 15711a5d5..c1b58aa90 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -38,8 +38,6 @@ do end) end -- }}} -volwidget = wibox.widget.textbox() -vicious.register(volwidget, vicious.widgets.volume, " $1% ", 2, "Master") -- {{{ Mails widget type local function worker(format,warg) @@ -258,7 +256,6 @@ for s = 1, screen.count() do local right_layout = wibox.layout.fixed.horizontal() right_layout:add(mailwidget) if s == 1 then right_layout:add(wibox.widget.systray()) end - right_layout:add(volwidget) right_layout:add(cpuwidget) right_layout:add(batwidget) right_layout:add(mytextclock) From 0c290c98f00b11c8239fea6450667323137c6321 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 18 Jan 2016 12:53:07 +0100 Subject: [PATCH 09/14] k 5 forticlientsslvpn: fix license --- krebs/5pkgs/fortclientsslvpn/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/5pkgs/fortclientsslvpn/default.nix b/krebs/5pkgs/fortclientsslvpn/default.nix index 720d4004f..e1c813479 100644 --- a/krebs/5pkgs/fortclientsslvpn/default.nix +++ b/krebs/5pkgs/fortclientsslvpn/default.nix @@ -81,7 +81,7 @@ stdenv.mkDerivation rec { meta = { homepage = http://www.fortinet.com; description = "Forticlient SSL-VPN client"; - license = lib.licenses.nonfree; + license = lib.licenses.unfree; maintainers = [ lib.maintainers.makefu ]; }; } From fbe826ba2ae916b8f8fab1293e302e22a5d0b579 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 18 Jan 2016 12:54:03 +0100 Subject: [PATCH 10/14] ma 1 vbob: remove unstable --- makefu/1systems/vbob.nix | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index b8c02cb67..d95362919 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -2,9 +2,7 @@ # # { lib, config, pkgs, ... }: -let - pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {}; -in { +{ krebs.build.host = config.krebs.hosts.vbob; krebs.build.target = "root@10.10.10.220"; imports = @@ -15,14 +13,13 @@ in { # environment ]; + nixpkgs.config.allowUnfree = true; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; - buildbot = pkgs-unst.buildbot; - buildbot-slave = pkgs-unst.buildbot-slave; }; makefu.buildbot.master = { - enable = true; + enable = false; irc = { enable = true; server = "cd.retiolum"; @@ -30,8 +27,9 @@ in { allowForce = true; }; }; + # services.logstash.enable = true; makefu.buildbot.slave = { - enable = true; + enable = false; masterhost = "localhost"; username = "testslave"; password = "krebspass"; @@ -41,8 +39,8 @@ in { krebs.build.source.git.nixpkgs = { #url = https://github.com/nixos/nixpkgs; - # HTTP Everywhere - rev = "a3974e"; + # HTTP Everywhere + libredir + rev = "8239ac6"; }; fileSystems."/nix" = { device ="/dev/disk/by-label/nixstore"; @@ -56,9 +54,12 @@ in { }; }; environment.systemPackages = with pkgs;[ + fortclientsslvpn buildbot buildbot-slave get + genid + logstash ]; networking.firewall.allowedTCPPorts = [ From 64a69bd1537a2000208bd3bbb5f1be6be08220f6 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 18 Jan 2016 16:59:44 +0100 Subject: [PATCH 11/14] s 2 base: use current unstable --- shared/2configs/base.nix | 2 +- shared/2configs/buildbot-standalone.nix | 9 ++------- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix index 4d509d7a6..5e6072661 100644 --- a/shared/2configs/base.nix +++ b/shared/2configs/base.nix @@ -18,7 +18,7 @@ with lib; krebs.build.source = { git.nixpkgs = { url = https://github.com/NixOS/nixpkgs; - rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; + rev = "d0e3cca"; target-path = "/var/src/nixpkgs"; }; dir.secrets = { diff --git a/shared/2configs/buildbot-standalone.nix b/shared/2configs/buildbot-standalone.nix index 3275189a5..2ea19e8aa 100644 --- a/shared/2configs/buildbot-standalone.nix +++ b/shared/2configs/buildbot-standalone.nix @@ -1,11 +1,6 @@ { lib, config, pkgs, ... }: -let - pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {}; -in { - nixpkgs.config.packageOverrides = pkgs: { - buildbot = pkgs-unst.buildbot; - buildbot-slave = pkgs-unst.buildbot-slave; - }; + +{ networking.firewall.allowedTCPPorts = [ 8010 9989 ]; krebs.buildbot.master = { secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ]; From 440e78fc9946d3abf74ae1eeeea1532e84fddec6 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Jan 2016 20:26:38 +0100 Subject: [PATCH 12/14] makefu: init wbob --- krebs/3modules/makefu/default.nix | 24 ++++++++++++++++++++++++ krebs/Zhosts/wbob | 10 ++++++++++ makefu/1systems/wbob.nix | 19 +++++++++++++++++++ 3 files changed, 53 insertions(+) create mode 100644 krebs/Zhosts/wbob create mode 100644 makefu/1systems/wbob.nix diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 31516d591..38e773b53 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -297,6 +297,30 @@ with lib; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA root@servarch"; }; + wbob = rec { + cores = 1; + dc = "none"; + nets = { + retiolm = { + addrs4 = ["10.243.214.15/32"]; + addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128"]; + aliases = [ + "wbob.retiolum" + ]; + tinc.pubkey = '' +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e +QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal +cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 +khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs +rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 +TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB +-----END RSA PUBLIC KEY----- +''; + }; + }; + }; + gum = rec { cores = 1; dc = "online.net"; #root-server diff --git a/krebs/Zhosts/wbob b/krebs/Zhosts/wbob new file mode 100644 index 000000000..829a59110 --- /dev/null +++ b/krebs/Zhosts/wbob @@ -0,0 +1,10 @@ +Subnet = 10.243.214.15/32 +Subnet = 42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128 +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e +QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal +cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 +khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs +rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 +TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix new file mode 100644 index 000000000..d6916f006 --- /dev/null +++ b/makefu/1systems/wbob.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: +{ + imports = + [ # Include the results of the hardware scan. + ../2configs/main-laptop.nix + ]; + krebs = { + enable = true; + retiolum.enable = true; + build.host = config.krebs.hosts.wbob; + }; + boot.loader.grub.device = "/dev/sda"; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" ]; + boot.kernelModules = [ "kvm-intel" ]; + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; +} From 462921984914029b87a2c3dc7b7a9f6a658eb8fe Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Jan 2016 22:39:43 +0100 Subject: [PATCH 13/14] s 2 buildbot: add show-trace --- shared/2configs/buildbot-standalone.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/shared/2configs/buildbot-standalone.nix b/shared/2configs/buildbot-standalone.nix index 2ea19e8aa..c614bd3c1 100644 --- a/shared/2configs/buildbot-standalone.nix +++ b/shared/2configs/buildbot-standalone.nix @@ -84,6 +84,7 @@ nix-instantiate --eval -A \ users.shared.test-all-krebs-modules.system \ -I stockholm=. \ + --show-trace \ -I secrets=. '' \ --argstr current-date lol \ --argstr current-user-name shared \ @@ -96,6 +97,7 @@ users.shared.test-minimal-deploy.system \ -I stockholm=. \ -I secrets=. '' \ + --show-trace \ --argstr current-date lol \ --argstr current-user-name shared \ --argstr current-host-name lol \ From ed4e0241d5aba830f31a7271435c93c7299b884b Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 19 Jan 2016 23:45:12 +0100 Subject: [PATCH 14/14] k 5 acng: bump to 0.8.8 --- krebs/5pkgs/apt-cacher-ng/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix index f253cdba0..f71d17c54 100644 --- a/krebs/5pkgs/apt-cacher-ng/default.nix +++ b/krebs/5pkgs/apt-cacher-ng/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "apt-cacher-ng-${version}"; - version = "0.8.6"; + version = "0.8.8"; src = fetchurl { url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz"; - sha256 = "0044dfks8djl11fs28jj8894i4rq424xix3d3fkvzz2i6lnp8nr5"; + sha256 = "0n7yy4h8g7j0g94xngbywmfhrkg9xl3j2c4wzrjknfwvxmqgjivq"; }; NIX_LDFLAGS = "-lpthread";