Merge remote-tracking branch 'ni/master'
This commit is contained in:
commit
ef128bdd0f
@ -70,6 +70,12 @@ let
|
|||||||
type = types.hostname;
|
type = types.hostname;
|
||||||
default = "r";
|
default = "r";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sitemap = mkOption {
|
||||||
|
default = {};
|
||||||
|
type = types.attrsOf types.sitemap.entry;
|
||||||
|
};
|
||||||
|
|
||||||
zone-head-config = mkOption {
|
zone-head-config = mkOption {
|
||||||
type = with types; attrsOf str;
|
type = with types; attrsOf str;
|
||||||
description = ''
|
description = ''
|
||||||
|
@ -323,6 +323,7 @@ with import <stockholm/lib>;
|
|||||||
aliases = [
|
aliases = [
|
||||||
"xu.r"
|
"xu.r"
|
||||||
"cgit.xu.r"
|
"cgit.xu.r"
|
||||||
|
"krebs.xu.r"
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
@ -374,6 +375,14 @@ with import <stockholm/lib>;
|
|||||||
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
|
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNjHxyUC7afNGSwfwBfQizmDnHTNLWDRHE8SY9W4oiw2lPhCFGTN8Jz84CKtnABbZhbNY1E8T58emF2h45WzDg/OGi8DPAk4VsXSkIhyvAto+nkTy2L4atjqfvXDvqxTDC9sui+t8p5OqOK+sghe4kiy+Vx1jhnjSnkQsx9Kocu24BYTkNqYxG7uwOz6t262XYNwMn13Y2K/yygDR3Uw3wTnEjpaYnObRxxJS3iTECDzgixiQ6ewXwYNggpzO/+EfW1BTz5vmuEVf4GbQ9iEc7IsVXHhR+N0boCscvSgae9KW9MBun0A2veRFXNkkfBEMfzelz+S63oeVfelkBq6N5aLsHYYGC4VQjimScelHYVwxR7O4fV+NttJaFF7H06FJeFzPt3NYZeoPKealD5y2Muh1UnewpmkMgza9hQ9EmI4/G1fMowqeMq0U6Hu0QMDUAagyalizN97AfsllY2cs0qLNg7+zHMPwc5RgLzs73oPUsF3umz0O42I5p5733vveUlWi5IZeI8CA1ZKdpwyMXXNhIOHs8u+yGsOLfSy3RgjVKp2GjN4lfnFd0LI+p7iEsEWDRkIAvGCOFepsebyVpBjGP+Kqs10bPGpk5dMcyn9iBJejoz9ka+H9+JAG04LnXwt6Rf1CRV3VRCRX1ayZEjRv9czV7U9ZpuFQcIlVRJQ== root@zu";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
sitemap = {
|
||||||
|
"http://cgit.krebsco.de" = {
|
||||||
|
desc = "Git repositories";
|
||||||
|
};
|
||||||
|
"http://krebs.xu.r" = {
|
||||||
|
desc = "krebs-pages mirror";
|
||||||
|
};
|
||||||
|
};
|
||||||
users = {
|
users = {
|
||||||
dv = {
|
dv = {
|
||||||
mail = "dv@alnus.r";
|
mail = "dv@alnus.r";
|
||||||
|
@ -29,10 +29,11 @@ with import <stockholm/lib>;
|
|||||||
execveBin = name: cfg:
|
execveBin = name: cfg:
|
||||||
pkgs.execve name (cfg // { destination = "/bin/${name}"; });
|
pkgs.execve name (cfg // { destination = "/bin/${name}"; });
|
||||||
|
|
||||||
makeScriptWriter = interpreter: name: text:
|
makeScriptWriter = { interpreter, check ? null }: name: text:
|
||||||
assert (with types; either absolute-pathname filename).check name;
|
assert (with types; either absolute-pathname filename).check name;
|
||||||
pkgs.writeOut (baseNameOf name) {
|
pkgs.writeOut (baseNameOf name) {
|
||||||
${optionalString (types.absolute-pathname.check name) name} = {
|
${optionalString (types.absolute-pathname.check name) name} = {
|
||||||
|
inherit check;
|
||||||
executable = true;
|
executable = true;
|
||||||
text = "#! ${interpreter}\n${text}";
|
text = "#! ${interpreter}\n${text}";
|
||||||
};
|
};
|
||||||
@ -69,7 +70,9 @@ with import <stockholm/lib>;
|
|||||||
strip --strip-unneeded "$exe"
|
strip --strip-unneeded "$exe"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
writeDash = pkgs.makeScriptWriter "${pkgs.dash}/bin/dash";
|
writeDash = pkgs.makeScriptWriter {
|
||||||
|
interpreter = "${pkgs.dash}/bin/dash";
|
||||||
|
};
|
||||||
|
|
||||||
writeDashBin = name:
|
writeDashBin = name:
|
||||||
assert types.filename.check name;
|
assert types.filename.check name;
|
||||||
@ -305,5 +308,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
writeSed = pkgs.makeScriptWriter "${pkgs.gnused}/bin/sed -f";
|
writeSed = pkgs.makeScriptWriter {
|
||||||
|
interpreter = "${pkgs.gnused}/bin/sed -f";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -5,7 +5,7 @@ let
|
|||||||
all any concatMapStringsSep concatStringsSep const filter flip
|
all any concatMapStringsSep concatStringsSep const filter flip
|
||||||
genid hasSuffix head isInt isString length mergeOneOption mkOption
|
genid hasSuffix head isInt isString length mergeOneOption mkOption
|
||||||
mkOptionType optional optionalAttrs optionals range splitString
|
mkOptionType optional optionalAttrs optionals range splitString
|
||||||
stringLength substring test typeOf;
|
stringLength substring test testString typeOf;
|
||||||
inherit (lib.types)
|
inherit (lib.types)
|
||||||
attrsOf bool either enum int listOf nullOr path str string submodule;
|
attrsOf bool either enum int listOf nullOr path str string submodule;
|
||||||
in
|
in
|
||||||
@ -357,6 +357,20 @@ rec {
|
|||||||
|
|
||||||
pgp-pubkey = str;
|
pgp-pubkey = str;
|
||||||
|
|
||||||
|
sitemap.entry = submodule ({ config, ... }: {
|
||||||
|
options = {
|
||||||
|
desc = mkOption {
|
||||||
|
default = null;
|
||||||
|
type = nullOr str;
|
||||||
|
};
|
||||||
|
href = mkOption {
|
||||||
|
${if testString "https?://.*" config._module.args.name
|
||||||
|
then "default" else null} = config._module.args.name;
|
||||||
|
type = nullOr str; # TODO nullOr uri?
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
ssh-pubkey = str;
|
ssh-pubkey = str;
|
||||||
ssh-privkey = submodule {
|
ssh-privkey = submodule {
|
||||||
options = {
|
options = {
|
||||||
|
@ -13,6 +13,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/tv/2configs/gitrepos.nix>
|
<stockholm/tv/2configs/gitrepos.nix>
|
||||||
<stockholm/tv/2configs/mail-client.nix>
|
<stockholm/tv/2configs/mail-client.nix>
|
||||||
<stockholm/tv/2configs/man.nix>
|
<stockholm/tv/2configs/man.nix>
|
||||||
|
<stockholm/tv/2configs/nginx/krebs-pages.nix>
|
||||||
<stockholm/tv/2configs/nginx/public_html.nix>
|
<stockholm/tv/2configs/nginx/public_html.nix>
|
||||||
<stockholm/tv/2configs/pulse.nix>
|
<stockholm/tv/2configs/pulse.nix>
|
||||||
<stockholm/tv/2configs/retiolum.nix>
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
|
@ -21,16 +21,6 @@ in {
|
|||||||
./sshd.nix
|
./sshd.nix
|
||||||
./vim.nix
|
./vim.nix
|
||||||
./xdg.nix
|
./xdg.nix
|
||||||
{
|
|
||||||
# stockholm dependencies
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
git
|
|
||||||
gnumake
|
|
||||||
hashPassword
|
|
||||||
populate
|
|
||||||
whatsupnix
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
users = {
|
users = {
|
||||||
defaultUserShell = "/run/current-system/sw/bin/bash";
|
defaultUserShell = "/run/current-system/sw/bin/bash";
|
||||||
@ -47,7 +37,7 @@ in {
|
|||||||
{
|
{
|
||||||
security.hideProcessInformation = true;
|
security.hideProcessInformation = true;
|
||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
Defaults env_keep+="SSH_CLIENT"
|
Defaults env_keep+="SSH_CLIENT XMONAD_SPAWN_WORKSPACE"
|
||||||
Defaults mailto="${config.krebs.users.tv.mail}"
|
Defaults mailto="${config.krebs.users.tv.mail}"
|
||||||
Defaults !lecture
|
Defaults !lecture
|
||||||
'';
|
'';
|
||||||
@ -142,6 +132,8 @@ in {
|
|||||||
{
|
{
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.get
|
pkgs.get
|
||||||
|
pkgs.git
|
||||||
|
pkgs.hashPassword
|
||||||
pkgs.htop
|
pkgs.htop
|
||||||
pkgs.kpaste
|
pkgs.kpaste
|
||||||
pkgs.krebspaste
|
pkgs.krebspaste
|
||||||
|
@ -10,6 +10,9 @@ with import <stockholm/lib>;
|
|||||||
"ni"
|
"ni"
|
||||||
"prism"
|
"prism"
|
||||||
];
|
];
|
||||||
|
extraConfig = ''
|
||||||
|
LocalDiscovery = yes
|
||||||
|
'';
|
||||||
tincPackage = pkgs.tinc_pre;
|
tincPackage = pkgs.tinc_pre;
|
||||||
};
|
};
|
||||||
tv.iptables.input-internet-accept-tcp = singleton "tinc";
|
tv.iptables.input-internet-accept-tcp = singleton "tinc";
|
||||||
|
Loading…
Reference in New Issue
Block a user