From 125f9d7fd9336d59f66166f3efc6811c3ad881dd Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 10 Nov 2018 19:27:17 +0100 Subject: [PATCH 01/11] airdcpp module: after local-fs.target --- krebs/3modules/airdcpp.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index 1633840f7..56fb31795 100644 --- a/krebs/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -243,7 +243,7 @@ let in { systemd.services.airdcpp = { description = "airdcpp webui"; - after = [ "network.target" ]; + after = [ "network.target" "local-fs.target" ]; wantedBy = [ "multi-user.target" ]; restartIfChanged = true; serviceConfig = { From 140bfc4557f7da8122ef8f1682ca6c381957d9cd Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 10 Nov 2018 20:03:05 +0100 Subject: [PATCH 02/11] ma secrets: add hass/darksy.apikey --- makefu/0tests/data/secrets/hass/darksky.apikey | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 makefu/0tests/data/secrets/hass/darksky.apikey diff --git a/makefu/0tests/data/secrets/hass/darksky.apikey b/makefu/0tests/data/secrets/hass/darksky.apikey new file mode 100644 index 000000000..e69de29bb From cd720e1a9ed12413504ddae2d381279ec30ce24a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Nov 2018 20:18:41 +0100 Subject: [PATCH 03/11] l: add cache.krebsco.de & cache.lassul.us --- krebs/3modules/lass/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 9b9f052a5..08fd85737 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -17,6 +17,7 @@ with import ; "krebsco.de" = '' prism IN A ${nets.internet.ip4.addr} paste IN A ${nets.internet.ip4.addr} + cache IN A ${nets.internet.ip4.addr} ''; "lassul.us" = '' $TTL 3600 @@ -34,6 +35,7 @@ with import ; paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { From f2dd2793cd1dad28a65d78d307e59b74fb63f23c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Nov 2018 20:29:39 +0100 Subject: [PATCH 04/11] l dns-stuff: sort --- krebs/3modules/lass/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 08fd85737..836ecb3f6 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -15,9 +15,9 @@ with import ; cores = 4; extraZones = { "krebsco.de" = '' - prism IN A ${nets.internet.ip4.addr} - paste IN A ${nets.internet.ip4.addr} cache IN A ${nets.internet.ip4.addr} + paste IN A ${nets.internet.ip4.addr} + prism IN A ${nets.internet.ip4.addr} ''; "lassul.us" = '' $TTL 3600 @@ -28,14 +28,14 @@ with import ; 60 IN TXT v=spf1 mx a:lassul.us -all 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" + cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} io 60 IN NS ions.lassul.us. ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { From 0c235a88a8391a6c3b67573f85fc03931e5402a2 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 10 Nov 2018 21:11:23 +0100 Subject: [PATCH 05/11] ma: disable some host ci --- krebs/3modules/makefu/default.nix | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 94af67fc7..bea0f1c0e 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -60,7 +60,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi"; }; drop = rec { - ci = true; + ci = false; cores = 1; nets = { retiolum = { @@ -83,7 +83,7 @@ in { }; }; studio = rec { - ci = true; + ci = false; cores = 4; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio"; @@ -109,7 +109,7 @@ in { }; fileleech = rec { - ci = true; + ci = false; cores = 4; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+jB5QdPsAJc90alYDhAEP3sPDJb6eIj9bebj+rTBEJ fileleech"; @@ -134,7 +134,7 @@ in { }; }; latte = rec { - ci = true; + ci = false; cores = 1; ssh.privkey.path = ; # ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIrkK1mWfPvfZ9ALC1irGLuzOtMefaGAmGY1VD4dj7K1 latte"; @@ -166,7 +166,7 @@ in { }; pnp = { - ci = true; + ci = false; cores = 1; nets = { retiolum = { @@ -190,7 +190,7 @@ in { }; }; darth = { - ci = true; + ci = false; cores = 4; nets = { retiolum = { @@ -404,7 +404,7 @@ in { }; }; wry = rec { - ci = true; + ci = false; cores = 1; extraZones = { "krebsco.de" = '' @@ -449,7 +449,7 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH4Tjx9qK6uWtxT1HCpeC0XvDZKO/kaPygyKatpAqU6I root@wry"; }; filepimp = rec { - ci = true; + ci = false; cores = 1; nets = { lan = { @@ -639,9 +639,9 @@ in { }; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; }; - + shoney = rec { - ci = true; + ci = false; cores = 1; nets = rec { siem = { From 96a3e3c35d305699b7f279c3ea2fd0a18c8d6e97 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Nov 2018 21:46:35 +0100 Subject: [PATCH 06/11] l realwallpaper: serve realwallpaper-krebs.png --- lass/2configs/realwallpaper.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index 116d66276..16b999817 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -22,10 +22,7 @@ in { locations."/realwallpaper.png".extraConfig = '' root /var/realwallpaper/; ''; - locations."/realwallpaper-sat.png".extraConfig = '' - root /var/realwallpaper/; - ''; - locations."/realwallpaper-sat-krebs.png".extraConfig = '' + locations."/realwallpaper-krebs.png".extraConfig = '' root /var/realwallpaper/; ''; }; From 271871090289d166ea34ae41df63eaa1cf26da19 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Nov 2018 21:45:27 +0100 Subject: [PATCH 07/11] l & m: fetchWallpaper: fetch realwallpaper-krebs.png --- lass/2configs/fetchWallpaper.nix | 2 +- makefu/2configs/fetchWallpaper.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index 31a01c754..e756c3424 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -6,7 +6,7 @@ in { krebs.fetchWallpaper = { enable = true; unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; - url = "prism/realwallpaper-sat-krebs.png"; + url = "prism/realwallpaper-krebs.png"; maxTime = 10; }; } diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix index 16a7a13b2..f63417e8f 100644 --- a/makefu/2configs/fetchWallpaper.nix +++ b/makefu/2configs/fetchWallpaper.nix @@ -8,7 +8,7 @@ timerConfig = { OnCalendar = "*:0/30"; }; - url = "http://prism.r/realwallpaper-sat-krebs.png"; + url = "http://prism.r/realwallpaper-krebs.png"; }; } From d41f85b671433be0576f03554e92d4756e608c75 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Nov 2018 21:45:52 +0100 Subject: [PATCH 08/11] l binary-cache: serve under cache.{krebsco.de,lassul.us} --- lass/2configs/binary-cache/server.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index 991bbeb54..220e41d0a 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -20,7 +20,7 @@ services.nginx = { enable = true; virtualHosts.nix-serve = { - serverAliases = [ "cache.prism.r" ]; + serverAliases = [ "cache.prism.r" "cache.krebsco.de" "cache.lassul.us" ]; locations."/".extraConfig = '' proxy_pass http://localhost:${toString config.services.nix-serve.port}; ''; From 30a6c5219a120b7323e46c621a21da7ab8fc1d29 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 10 Nov 2018 21:46:12 +0100 Subject: [PATCH 09/11] l realwallpaper: chmod +x --- lass/2configs/realwallpaper.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index 16b999817..e0cb37f67 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ config, lib, pkgs, ... }: let hostname = config.krebs.build.host.name; @@ -9,6 +9,9 @@ let in { krebs.realwallpaper.enable = true; + system.activationScripts.user-shadow = '' + ${pkgs.coreutils}/bin/chmod +x /var/realwallpaper + ''; services.nginx.virtualHosts.wallpaper = { extraConfig = '' if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) { From c823192f10a5977bb2f13a15cdf29a3cdf2be5ed Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 10 Nov 2018 22:28:24 +0100 Subject: [PATCH 10/11] Revert "Revert "ma nixpkgs: 86fb1e9 -> bf46294" ... for now" This reverts commit 51fe1cf77b1d66a75c8ad86bec231a889f11ed86. --- makefu/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json index c5cd0ac30..73798f44d 100644 --- a/makefu/nixpkgs.json +++ b/makefu/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/makefu/nixpkgs", - "rev": "86fb1e9ae6ba6dfedc814b82abd8db5cfa4f4687", - "date": "2018-10-07T23:33:42+02:00", - "sha256": "015yxs3qj299mgqfmz5vgszj2gxqwazifsdsjw6xadris3ri41d3", - "fetchSubmodules": true + "rev": "bf46294e4cf20649182f76fc9200a48436f5874a", + "date": "2018-09-18T02:20:45+02:00", + "sha256": "13900gack7pgf5a7c11x30rzb3s0kjpbm2z2g8fw4720cr9lkd94", + "fetchSubmodules": false } From 424e6d50af975c929d09f35d434295a823168db0 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 11 Nov 2018 18:23:46 +0100 Subject: [PATCH 11/11] ma hw/smartcard: disable ifdnfc for now until package becomes part of stable channel --- makefu/2configs/hw/smartcard.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/makefu/2configs/hw/smartcard.nix b/makefu/2configs/hw/smartcard.nix index 1e9bca53b..b66b70098 100644 --- a/makefu/2configs/hw/smartcard.nix +++ b/makefu/2configs/hw/smartcard.nix @@ -2,12 +2,15 @@ { services.pcscd = { enable = true; - plugins = with pkgs; [ ifdnfc ccid ]; + plugins = with pkgs; + [ #ifdnfc + ccid + ]; }; environment.systemPackages = with pkgs; [ # need to run ifdnfc-activate before usage - ifdnfc + # ifdnfc # pcsc_scan pcsctools ];