Merge branch 'master' of gum:stockholm

2016-01-23 00:29:55 +01:00 · 2016-01-23 00:29:55 +01:00 · e91ee61326
commit e91ee61326
parent 7cf54a1d79 ed4e0241d5
17 changed files with 87 additions and 27 deletions
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@ -297,6 +297,30 @@ with lib;
      ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
      ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA root@servarch";
    };
    wbob = rec {
      cores = 1;
      dc = "none";
      nets = {
        retiolm = {
          addrs4 = ["10.243.214.15/32"];
          addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128"];
          aliases = [
              "wbob.retiolum"
          ];
          tinc.pubkey = ''
 -----BEGIN RSA PUBLIC KEY-----
 MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e
 QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal
 cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8
 khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs
 rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9
 TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
 -----END RSA PUBLIC KEY-----
 '';
        };
      };
    };
    gum = rec {
      cores = 1;
      dc = "online.net"; #root-server
--- a/krebs/5pkgs/apt-cacher-ng/default.nix
+++ b/krebs/5pkgs/apt-cacher-ng/default.nix
@ -2,11 +2,11 @@
 stdenv.mkDerivation rec {
  name = "apt-cacher-ng-${version}";
-  version = "0.8.6";
+  version = "0.8.8";
  src = fetchurl {
    url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz";
-    sha256 = "0044dfks8djl11fs28jj8894i4rq424xix3d3fkvzz2i6lnp8nr5";
+    sha256 = "0n7yy4h8g7j0g94xngbywmfhrkg9xl3j2c4wzrjknfwvxmqgjivq";
  };
  NIX_LDFLAGS = "-lpthread";
--- a/krebs/5pkgs/fortclientsslvpn/default.nix
+++ b/krebs/5pkgs/fortclientsslvpn/default.nix
@ -81,7 +81,7 @@ stdenv.mkDerivation rec {
  meta = {
    homepage = http://www.fortinet.com;
    description = "Forticlient SSL-VPN client";
-    license = lib.licenses.nonfree;
+    license = lib.licenses.unfree;
    maintainers = [ lib.maintainers.makefu ];
  };
 }
--- a/krebs/5pkgs/krebszones/default.nix
+++ b/krebs/5pkgs/krebszones/default.nix
@ -1,5 +1,10 @@
 { lib, pkgs,python3Packages,fetchurl, ... }:
 # TODO: Prepare a diff of future and current
 ## ovh-zone export krebsco.de --config ~/secrets/krebs/cfg.json |sed 's/[ ]\+/ /g' | sort current
 ## sed 's/[ ]\+/ /g'/etc/zones/krebsco.de | sort > future
 ## diff future.sorted current.sorted
 python3Packages.buildPythonPackage rec {
  name = "krebszones-${version}";
  version = "0.4.4";
--- a/krebs/Zhosts/wbob
+++ b/krebs/Zhosts/wbob
@ -0,0 +1,10 @@
 Subnet = 10.243.214.15/32
 Subnet = 42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128
 -----BEGIN RSA PUBLIC KEY-----
 MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e
 QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal
 cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8
 khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs
 rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9
 TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
 -----END RSA PUBLIC KEY-----
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@ -21,7 +21,7 @@ in {
  ];
-
+  services.smartd.devices = [ { device = "/dev/sda";} ];
  nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; };
  ###### stable
@ -32,6 +32,9 @@ in {
    ListenAddress = ${external-ip} 655
    ListenAddress = ${external-ip} 21031
  '';
  krebs.nginx.servers.cgit.server-names = [
    "cgit.euer.krebsco.de"
  ];
  # Chat
  environment.systemPackages = with pkgs;[
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@ -33,6 +33,7 @@ in {
    ];
  # services.openssh.allowSFTP = false;
  krebs.build.host = config.krebs.hosts.omo;
  krebs.build.source.git.nixpkgs.rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce";
  # copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/
  services.sabnzbd.enable = true;
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@ -2,9 +2,7 @@
 #
 #
 { lib, config, pkgs, ... }:
-let
+{
    pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {};
 in {
  krebs.build.host = config.krebs.hosts.vbob;
  krebs.build.target = "root@10.10.10.220";
  imports =
@ -15,14 +13,13 @@ in {
      # environment
    ];
  nixpkgs.config.allowUnfree = true;
  nixpkgs.config.packageOverrides = pkgs: {
    tinc = pkgs.tinc_pre;
    buildbot = pkgs-unst.buildbot;
    buildbot-slave = pkgs-unst.buildbot-slave;
  };
  makefu.buildbot.master = {
-    enable = true;
+    enable = false;
    irc = {
      enable = true;
      server = "cd.retiolum";
@ -30,8 +27,9 @@ in {
      allowForce = true;
    };
  };
  # services.logstash.enable = true;
  makefu.buildbot.slave = {
-    enable = true;
+    enable = false;
    masterhost = "localhost";
    username = "testslave";
    password = "krebspass";
@ -41,8 +39,8 @@ in {
  krebs.build.source.git.nixpkgs = {
    #url = https://github.com/nixos/nixpkgs;
-    # HTTP Everywhere
+    # HTTP Everywhere + libredir
-    rev = "a3974e";
+    rev = "8239ac6";
  };
  fileSystems."/nix" = {
    device ="/dev/disk/by-label/nixstore";
@ -56,9 +54,12 @@ in {
    };
  };
  environment.systemPackages = with pkgs;[
    fortclientsslvpn
    buildbot
    buildbot-slave
    get
    genid
    logstash
  ];
  networking.firewall.allowedTCPPorts = [
--- a/makefu/1systems/wbob.nix
+++ b/makefu/1systems/wbob.nix
@ -0,0 +1,19 @@
 { config, pkgs, ... }:
 {
  imports =
    [ # Include the results of the hardware scan.
      ../2configs/main-laptop.nix
    ];
    krebs = {
        enable = true;
        retiolum.enable = true;
        build.host = config.krebs.hosts.wbob;
    };
    boot.loader.grub.device = "/dev/sda";
    boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" ];
    boot.kernelModules = [ "kvm-intel" ];
    fileSystems."/" = {
        device = "/dev/sda1";
        fsType = "ext4";
    };
 }
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@ -13,7 +13,7 @@ with lib;
    ./vim.nix
  ];
-
+  nixpkgs.config.allowUnfreePredicate =  (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
  krebs = {
    enable = true;
    search-domain = "retiolum";
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@ -16,6 +16,9 @@ let
      desc = "Tinc Advanced Graph Generation";
    };
    cac = { };
    init-stockholm = {
      desc = "Init stuff for stockholm";
    };
  };
  priv-repos = mapAttrs make-priv-repo {
--- a/makefu/2configs/smart-monitor.nix
+++ b/makefu/2configs/smart-monitor.nix
@ -3,6 +3,7 @@
  krebs.exim-retiolum.enable = lib.mkDefault true;
  services.smartd = {
    enable = true;
    autodetect = false;
    notifications = {
      mail = {
        enable = true;
--- a/makefu/2configs/tinc-basic-retiolum.nix
+++ b/makefu/2configs/tinc-basic-retiolum.nix
@ -4,7 +4,6 @@ with lib;
 {
  krebs.retiolum = {
    enable = true;
    hosts = ../../krebs/Zhosts;
    connectTo = [
      "gum"
      "pigstarter"
--- a/makefu/2configs/vim.nix
+++ b/makefu/2configs/vim.nix
@ -122,7 +122,7 @@ in {
      vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
      vimrcConfig.vam.pluginDictionaries = [
        { names = [ "undotree"
-          "YouCompleteMe"
+          # "YouCompleteMe"
          "vim-better-whitespace" ]; }
        { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
      ];
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@ -38,8 +38,6 @@ do
    end)
 end
 -- }}}
 volwidget = wibox.widget.textbox()
 vicious.register(volwidget, vicious.widgets.volume, " $1% ", 2, "Master")
 -- {{{ Mails widget type
 local function worker(format,warg)
@ -258,7 +256,6 @@ for s = 1, screen.count() do
    local right_layout = wibox.layout.fixed.horizontal()
    right_layout:add(mailwidget)
    if s == 1 then right_layout:add(wibox.widget.systray()) end
    right_layout:add(volwidget)
    right_layout:add(cpuwidget)
    right_layout:add(batwidget)
    right_layout:add(mytextclock)
--- a/shared/2configs/base.nix
+++ b/shared/2configs/base.nix
@ -18,7 +18,7 @@ with lib;
  krebs.build.source = {
    git.nixpkgs = {
      url = https://github.com/NixOS/nixpkgs;
-      rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80";
+      rev = "d0e3cca";
      target-path = "/var/src/nixpkgs";
    };
    dir.secrets = {
--- a/shared/2configs/buildbot-standalone.nix
+++ b/shared/2configs/buildbot-standalone.nix
@ -1,11 +1,6 @@
 { lib, config, pkgs, ... }:
-let
+
-    pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {};
+{
 in {
  nixpkgs.config.packageOverrides = pkgs: {
    buildbot = pkgs-unst.buildbot;
    buildbot-slave = pkgs-unst.buildbot-slave;
  };
  networking.firewall.allowedTCPPorts = [ 8010 9989 ];
  krebs.buildbot.master = {
    secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
@ -89,6 +84,7 @@ in {
                        nix-instantiate --eval -A \
                            users.shared.test-all-krebs-modules.system \
                            -I stockholm=. \
                            --show-trace \
                            -I secrets=. '<stockholm>' \
                            --argstr current-date lol \
                            --argstr current-user-name shared \
@ -101,6 +97,7 @@ in {
                            users.shared.test-minimal-deploy.system \
                            -I stockholm=. \
                            -I secrets=. '<stockholm>' \
                            --show-trace \
                            --argstr current-date lol \
                            --argstr current-user-name shared \
                            --argstr current-host-name lol \