From 67def2c04a8ce910033c5d4d22dda25b6fa85b7b Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 10:47:44 +0200 Subject: [PATCH 1/7] tv: add krebs-pages mirror at krebs.xu.r --- krebs/3modules/tv/default.nix | 1 + tv/1systems/xu/config.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 60827d589..26e8e2f34 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -323,6 +323,7 @@ with import ; aliases = [ "xu.r" "cgit.xu.r" + "krebs.xu.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index 2bffdddb3..e7516a455 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -13,6 +13,7 @@ with import ; + From bcc1a72d6a604533e025ad579e0dfca0a83c2716 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 10:57:36 +0200 Subject: [PATCH 2/7] makeScriptWriter: forward check parameter to writeOut --- krebs/5pkgs/writers.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix index f1626078e..850ee6f1a 100644 --- a/krebs/5pkgs/writers.nix +++ b/krebs/5pkgs/writers.nix @@ -29,10 +29,11 @@ with import ; execveBin = name: cfg: pkgs.execve name (cfg // { destination = "/bin/${name}"; }); - makeScriptWriter = interpreter: name: text: + makeScriptWriter = { interpreter, check ? null }: name: text: assert (with types; either absolute-pathname filename).check name; pkgs.writeOut (baseNameOf name) { ${optionalString (types.absolute-pathname.check name) name} = { + inherit check; executable = true; text = "#! ${interpreter}\n${text}"; }; @@ -69,7 +70,9 @@ with import ; strip --strip-unneeded "$exe" ''; - writeDash = pkgs.makeScriptWriter "${pkgs.dash}/bin/dash"; + writeDash = pkgs.makeScriptWriter { + interpreter = "${pkgs.dash}/bin/dash"; + }; writeDashBin = name: assert types.filename.check name; @@ -305,5 +308,7 @@ with import ; }; }; - writeSed = pkgs.makeScriptWriter "${pkgs.gnused}/bin/sed -f"; + writeSed = pkgs.makeScriptWriter { + interpreter = "${pkgs.gnused}/bin/sed -f"; + }; } From 5742f322891d380b15b6570bf523e50c17c45212 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 11:27:03 +0200 Subject: [PATCH 3/7] krebs.sitemap: init --- krebs/3modules/default.nix | 6 ++++++ lib/types.nix | 16 +++++++++++++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index b0ad2baf5..abb3d37eb 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -70,6 +70,12 @@ let type = types.hostname; default = "r"; }; + + sitemap = mkOption { + default = {}; + type = types.attrsOf types.sitemap.entry; + }; + zone-head-config = mkOption { type = with types; attrsOf str; description = '' diff --git a/lib/types.nix b/lib/types.nix index 236190ccd..8c6846887 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -5,7 +5,7 @@ let all any concatMapStringsSep concatStringsSep const filter flip genid hasSuffix head isInt isString length mergeOneOption mkOption mkOptionType optional optionalAttrs optionals range splitString - stringLength substring test typeOf; + stringLength substring test testString typeOf; inherit (lib.types) attrsOf bool either enum int listOf nullOr path str string submodule; in @@ -357,6 +357,20 @@ rec { pgp-pubkey = str; + sitemap.entry = submodule ({ config, ... }: { + options = { + desc = mkOption { + default = null; + type = nullOr str; + }; + href = mkOption { + ${if testString "https?://.*" config._module.args.name + then "default" else null} = config._module.args.name; + type = nullOr str; # TODO nullOr uri? + }; + }; + }); + ssh-pubkey = str; ssh-privkey = submodule { options = { From 3d53636ab2ee3835f3cc823761843e22347d892d Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 11:27:27 +0200 Subject: [PATCH 4/7] tv: add cgit.krebsco.de and krebs.xu.r to sitemap --- krebs/3modules/tv/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 26e8e2f34..81db2d411 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -375,6 +375,14 @@ with import ; ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu"; }; }; + sitemap = { + "http://cgit.krebsco.de" = { + desc = "Git repositories"; + }; + "http://krebs.xu.r" = { + desc = "krebs-pages mirror"; + }; + }; users = { dv = { mail = "dv@alnus.r"; From 8f5fc9bc4fff53936e8bba5b2a4de3d362b94f09 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 11:28:25 +0200 Subject: [PATCH 5/7] tv sudo: env_keep += XMONAD_SPAWN_WORKSPACE --- tv/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index b59311092..420548bce 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -47,7 +47,7 @@ in { { security.hideProcessInformation = true; security.sudo.extraConfig = '' - Defaults env_keep+="SSH_CLIENT" + Defaults env_keep+="SSH_CLIENT XMONAD_SPAWN_WORKSPACE" Defaults mailto="${config.krebs.users.tv.mail}" Defaults !lecture ''; From 2f52158dec91a87cddd3e643f29870a6acc233f6 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 11:30:16 +0200 Subject: [PATCH 6/7] tv: drop explicit stockholm deps --- tv/2configs/default.nix | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 420548bce..834a89083 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -21,16 +21,6 @@ in { ./sshd.nix ./vim.nix ./xdg.nix - { - # stockholm dependencies - environment.systemPackages = with pkgs; [ - git - gnumake - hashPassword - populate - whatsupnix - ]; - } { users = { defaultUserShell = "/run/current-system/sw/bin/bash"; @@ -142,6 +132,8 @@ in { { environment.systemPackages = [ pkgs.get + pkgs.git + pkgs.hashPassword pkgs.htop pkgs.kpaste pkgs.krebspaste From e19b506f36c8848ece02d7796a91ff0634191609 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 1 Aug 2017 12:15:45 +0200 Subject: [PATCH 7/7] tv retiolum: LocalDiscovery = yes --- tv/2configs/retiolum.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tv/2configs/retiolum.nix b/tv/2configs/retiolum.nix index a914dad43..9940b1026 100644 --- a/tv/2configs/retiolum.nix +++ b/tv/2configs/retiolum.nix @@ -10,6 +10,9 @@ with import ; "ni" "prism" ]; + extraConfig = '' + LocalDiscovery = yes + ''; tincPackage = pkgs.tinc_pre; }; tv.iptables.input-internet-accept-tcp = singleton "tinc";