Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
f3aac671f8
@ -10,8 +10,12 @@ before_script:
|
||||
- chmod 600 ~/.ssh/gitlab_deploy.key
|
||||
- echo "$ssh_git_shackspace_serverkey" >> ~/.ssh/known_hosts
|
||||
# import secret key for secrets
|
||||
- which gpg
|
||||
- which gpg2
|
||||
- echo "$secrets_gpg_key" | gpg --import
|
||||
deployment test:
|
||||
tags:
|
||||
- nix
|
||||
stage: test
|
||||
script:
|
||||
- GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlab_deploy.key" git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
||||
@ -21,6 +25,8 @@ deployment test:
|
||||
- $(nix-build krebs/krops.nix --no-out-link --argstr name puyak --argstr target /tmp -A test)
|
||||
nix-shell test:
|
||||
stage: test
|
||||
tags:
|
||||
- nix
|
||||
script:
|
||||
- nix-shell --pure --command 'true' -p stdenv && echo success
|
||||
- nix-shell --pure --command 'false' -p stdenv || echo success
|
||||
@ -29,6 +35,9 @@ nix-shell test:
|
||||
- gpg --version
|
||||
- curl --version
|
||||
wolf deployment:
|
||||
tags:
|
||||
- shacklan
|
||||
- nix
|
||||
stage: deploy
|
||||
script:
|
||||
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
||||
@ -44,6 +53,9 @@ wolf deployment:
|
||||
- .gitmodules
|
||||
puyak deployment:
|
||||
stage: deploy
|
||||
tags:
|
||||
- shacklan
|
||||
- nix
|
||||
script:
|
||||
- cp ~/.ssh/gitlab_deploy.key ~/.ssh/id_rsa
|
||||
- git clone git@ssh.git.shackspace.de:rz/secrets.git ~/brain
|
||||
@ -58,6 +70,8 @@ puyak deployment:
|
||||
- .gitmodules
|
||||
nur-packages makefu:
|
||||
stage: deploy
|
||||
tags:
|
||||
- nix
|
||||
script:
|
||||
- git reset --hard origin/master
|
||||
- git filter-branch -f --prune-empty --subdirectory-filter makefu/5pkgs HEAD
|
||||
|
0
krebs/0tests/data/secrets/gollum.id_ed25519
Normal file
0
krebs/0tests/data/secrets/gollum.id_ed25519
Normal file
@ -84,7 +84,7 @@
|
||||
'';
|
||||
|
||||
users.users.joerg = {
|
||||
openssh.authorizedKeys.keys = [ config.krebs.users.Mic92.pubkey ];
|
||||
openssh.authorizedKeys.keys = [ config.krebs.users.mic92.pubkey ];
|
||||
isNormalUser = true;
|
||||
shell = "/run/current-system/sw/bin/zsh";
|
||||
};
|
||||
|
@ -14,6 +14,8 @@ in
|
||||
## registrationConfigurationFile contains:
|
||||
# CI_SERVER_URL=<CI server URL>
|
||||
# REGISTRATION_TOKEN=<registration secret>
|
||||
# RUNNER_TAG_LIST=nix,shacklan
|
||||
# RUNNER_NAME=stockholm-runner-$name
|
||||
registrationConfigFile = <secrets/shackspace-gitlab-ci>;
|
||||
#gracefulTermination = true;
|
||||
};
|
||||
|
@ -2,7 +2,7 @@
|
||||
# switch.crafting_giesskanne_relay
|
||||
let
|
||||
glados = import ../lib;
|
||||
seconds = 5;
|
||||
seconds = 10;
|
||||
wasser = "switch.crafting_giesskanne_relay";
|
||||
in
|
||||
{
|
||||
|
@ -33,6 +33,10 @@
|
||||
printing = bsd
|
||||
printcap name = /dev/null
|
||||
disable spoolss = yes
|
||||
|
||||
# for legacy systems
|
||||
client min protocol = NT1
|
||||
server min protocol = NT1
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
@ -1,9 +1,41 @@
|
||||
{ config, ... }:
|
||||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
setupGit = ''
|
||||
export PATH=${makeBinPath [ pkgs.git ]}
|
||||
export GIT_SSH_COMMAND='${pkgs.openssh}/bin/ssh -i ${config.krebs.gollum.stateDir}/.ssh/id_ed25519'
|
||||
repo='git@localhost:wiki'
|
||||
cd ${config.krebs.gollum.stateDir}
|
||||
if ! url=$(git config remote.origin.url); then
|
||||
git remote add origin "$repo"
|
||||
elif test "$url" != "$repo"; then
|
||||
git remote set-url origin "$repo"
|
||||
fi
|
||||
'';
|
||||
|
||||
pushGollum = pkgs.writeDash "push_gollum" ''
|
||||
${setupGit}
|
||||
git fetch origin
|
||||
git merge --ff-only origin/master
|
||||
'';
|
||||
|
||||
pushCgit = pkgs.writeDash "push_cgit" ''
|
||||
${setupGit}
|
||||
git push origin master
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
services.gollum = {
|
||||
krebs.gollum = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
Gollum::Hook.register(:post_commit, :hook_id) do |committer, sha1|
|
||||
system('${pushCgit}')
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
@ -16,4 +48,51 @@
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
krebs.git = {
|
||||
enable = true;
|
||||
cgit.settings = {
|
||||
root-title = "krebs repos";
|
||||
};
|
||||
rules = with git; [
|
||||
{
|
||||
user = [
|
||||
{
|
||||
name = "gollum";
|
||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMXbjDnQWg8EECsNRZZWezocMIiuENhCSQFcFUXcsOQ6";
|
||||
}
|
||||
] ++ (attrValues config.krebs.users);
|
||||
repo = [ config.krebs.git.repos.wiki ];
|
||||
perm = push ''refs/heads/master'' [ create merge ];
|
||||
}
|
||||
];
|
||||
repos.wiki = {
|
||||
public = true;
|
||||
name = "wiki";
|
||||
hooks = {
|
||||
post-receive = ''
|
||||
${pkgs.git-hooks.irc-announce {
|
||||
channel = "#xxx";
|
||||
refs = [
|
||||
"refs/heads/master"
|
||||
];
|
||||
nick = config.networking.hostName;
|
||||
server = "irc.r";
|
||||
verbose = true;
|
||||
}}
|
||||
/run/wrappers/bin/sudo -S -u gollum ${pushGollum}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
krebs.secret.files.gollum = {
|
||||
path = "${config.krebs.gollum.stateDir}/.ssh/id_ed25519";
|
||||
owner = { name = "gollum"; };
|
||||
source-path = "${<secrets/gollum.id_ed25519>}";
|
||||
};
|
||||
|
||||
security.sudo.extraConfig = ''
|
||||
git ALL=(gollum) NOPASSWD: ${pushGollum}
|
||||
'';
|
||||
}
|
||||
|
@ -27,6 +27,7 @@ let
|
||||
./github-known-hosts.nix
|
||||
./git.nix
|
||||
./go.nix
|
||||
./gollum.nix
|
||||
./hidden-ssh.nix
|
||||
./hosts.nix
|
||||
./htgen.nix
|
||||
|
4
krebs/3modules/external/default.nix
vendored
4
krebs/3modules/external/default.nix
vendored
@ -465,9 +465,9 @@ in {
|
||||
mail = "kieran.meinhardt@gmail.com";
|
||||
pubkey = ssh-for "kmein";
|
||||
};
|
||||
Mic92 = {
|
||||
mic92 = {
|
||||
mail = "joerg@thalheim.io";
|
||||
pubkey = ssh-for "Mic92";
|
||||
pubkey = ssh-for "mic92";
|
||||
};
|
||||
qubasa = {
|
||||
mail = "luis.nixos@gmail.com";
|
||||
|
71
krebs/3modules/external/mic92.nix
vendored
71
krebs/3modules/external/mic92.nix
vendored
@ -11,7 +11,7 @@ with import <stockholm/lib>;
|
||||
in {
|
||||
hosts = mapAttrs hostDefaults {
|
||||
amy = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "129.215.165.57";
|
||||
@ -44,7 +44,7 @@ in {
|
||||
};
|
||||
};
|
||||
clara = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "129.215.165.58";
|
||||
@ -77,7 +77,7 @@ in {
|
||||
};
|
||||
};
|
||||
dimitrios = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.183";
|
||||
@ -98,7 +98,7 @@ in {
|
||||
};
|
||||
};
|
||||
donna = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "129.215.165.54";
|
||||
@ -132,7 +132,7 @@ in {
|
||||
};
|
||||
};
|
||||
dpdkm = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.173";
|
||||
@ -156,7 +156,7 @@ in {
|
||||
};
|
||||
};
|
||||
herbert = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
addrs = [
|
||||
@ -179,7 +179,7 @@ in {
|
||||
};
|
||||
};
|
||||
inspector = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "141.76.44.154";
|
||||
@ -208,7 +208,7 @@ in {
|
||||
};
|
||||
};
|
||||
eddie = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# eddie.thalheim.io
|
||||
@ -242,7 +242,7 @@ in {
|
||||
};
|
||||
};
|
||||
eve = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# eve.thalheim.io
|
||||
@ -273,13 +273,17 @@ in {
|
||||
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
# ohorn lan
|
||||
tinc.subnets = [ "fd42:4492:6a6d:500:8526:2adf:7451:8bbb" ];
|
||||
tinc.subnets = [
|
||||
# ohorn lan
|
||||
"fd42:4492:6a6d:500:8526:2adf:7451:8bbb"
|
||||
# docker network
|
||||
"42:0000:002b:1605:3::/80"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
martha = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "129.215.165.53";
|
||||
@ -313,7 +317,7 @@ in {
|
||||
};
|
||||
};
|
||||
matchbox = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.176";
|
||||
@ -339,7 +343,7 @@ in {
|
||||
};
|
||||
};
|
||||
rock = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.171";
|
||||
@ -363,7 +367,7 @@ in {
|
||||
};
|
||||
};
|
||||
rose = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4.addr = "129.215.165.52";
|
||||
@ -397,7 +401,7 @@ in {
|
||||
};
|
||||
};
|
||||
turingmachine = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.168";
|
||||
@ -425,7 +429,7 @@ in {
|
||||
};
|
||||
};
|
||||
harsha = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.184";
|
||||
@ -446,22 +450,35 @@ in {
|
||||
};
|
||||
};
|
||||
eva = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet = {
|
||||
# eva.thalheim.io
|
||||
ip4.addr = "52.59.172.193";
|
||||
ip6.addr = "2a05:d014:301:a601:ef0e:5434:d814:b8ed";
|
||||
aliases = [ "eva.i" ];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
ip4.addr = "10.243.29.185";
|
||||
aliases = [
|
||||
"eva.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAqIc+ozq3hKHMe/X3v4j+6or8LMjEV7MtQ8/+n00xpG4NkI4G38Bv
|
||||
3nmAcV7OhN6of0fr0psbBmym+2VxCZbpl8E3g1GWSKpAvlmP/9v4wDVdrADaTvXC
|
||||
pzCxejtCwEhKLisnMwCMJCuUPbIsSBU+IQDPKP7NP0yY5VapgW3Xl3qXpnehCW1r
|
||||
NBZjZASnhSXcJRLJayEDN6uBviYrnnfbrHOx4fPcjQPTHX5RYr3EbgGZQO9xki44
|
||||
9dKT4EA95lupTqC3wzuQbaNpvIuVzmggiDY/NsBIVh0/2XjGnO54wtCEPudaLnWd
|
||||
WNtc1wfVFB6gzgG1N7msOuFUReOIfyF/ywIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyHptaExEcSUjEJ+RH33h
|
||||
uRK0Ttq8mJLDosWFYcoQkcL9S54aO9kF1gRJAKPBHoOt/IGeOxg2LNYWK6UjWfUy
|
||||
LB9c42EQ1wWZ2jSJ0LJgYzjR9cp3dlo9aHSa//O6p6eLpXRo9QLf8+aIWhNW5+BG
|
||||
sLIMR5b6Ngc2l8xQS+wvMmvTWJt3LyfQ6AKiKwCjeyrUFiuw0VWSn1I6n7H+CZBZ
|
||||
f/UvSxLucy1e0rvbHoTITOflIAfA84iCHsHsZjVqrx1iyOMdPtY2sBPmWhtVemDo
|
||||
duwzUpIuaJnWS7JOB4jsYWm672/KfzK7yAivqxD19OwqfZ3nNQ7sEDb3p4udw2Lf
|
||||
0dqHwZ5Hoj21vs3XiXX/SHcSf5QLzpj1MWBkV3r1D8I8v3P5qUbLunCofp3d9GxE
|
||||
N0gK06gqbLNonJvC/WD7lxeY32Rh1wYXbzbD/X6aWe/oD8WMIl312hH4cHQHOnVT
|
||||
t76NISlYTPxwX5mfFsBm8t0GjnnWY2jLwaefk7N/CwoDaKhkhmw1oeAZMuRcDRvE
|
||||
0ecpO4CZ6CcYERLxoYHgEAj3cMkSrQ8dT6XS4b9EO4hW4zCQ3RK9xDz71+uaihuB
|
||||
6uuTTsn7s0PYBJDNdccOf1Qt8fqPPgzqUKqeUciHojYDDPTC5KQh5m2PBv4I4iIR
|
||||
LnKOqNUX7UCqbdaE/tfFRG0CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
112
krebs/3modules/gollum.nix
Normal file
112
krebs/3modules/gollum.nix
Normal file
@ -0,0 +1,112 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.krebs.gollum;
|
||||
in
|
||||
|
||||
{
|
||||
options.krebs.gollum = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Enable the Gollum service.";
|
||||
};
|
||||
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
default = "0.0.0.0";
|
||||
description = "IP address on which the web server will listen.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 4567;
|
||||
description = "Port on which the web server will run.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = "Content of the configuration file";
|
||||
};
|
||||
|
||||
mathjax = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Enable support for math rendering using MathJax";
|
||||
};
|
||||
|
||||
allowUploads = mkOption {
|
||||
type = types.nullOr (types.enum [ "dir" "page" ]);
|
||||
default = null;
|
||||
description = "Enable uploads of external files";
|
||||
};
|
||||
|
||||
emoji = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Parse and interpret emoji tags";
|
||||
};
|
||||
|
||||
branch = mkOption {
|
||||
type = types.str;
|
||||
default = "master";
|
||||
example = "develop";
|
||||
description = "Git branch to serve";
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/gollum";
|
||||
description = "Specifies the path of the repository directory. If it does not exist, Gollum will create it on startup.";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.users.gollum = {
|
||||
group = config.users.users.gollum.name;
|
||||
description = "Gollum user";
|
||||
home = cfg.stateDir;
|
||||
createHome = false;
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups.gollum = { };
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.stateDir}' - ${config.users.users.gollum.name} ${config.users.groups.gollum.name} - -"
|
||||
];
|
||||
|
||||
systemd.services.gollum = {
|
||||
description = "Gollum wiki";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.git ];
|
||||
|
||||
preStart = ''
|
||||
# This is safe to be run on an existing repo
|
||||
git init ${cfg.stateDir}
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
User = config.users.users.gollum.name;
|
||||
Group = config.users.groups.gollum.name;
|
||||
ExecStart = ''
|
||||
${pkgs.gollum}/bin/gollum \
|
||||
--port ${toString cfg.port} \
|
||||
--host ${cfg.address} \
|
||||
--config ${pkgs.writeText "gollum-config.rb" cfg.extraConfig} \
|
||||
--ref ${cfg.branch} \
|
||||
${optionalString cfg.mathjax "--mathjax"} \
|
||||
${optionalString cfg.emoji "--emoji"} \
|
||||
${optionalString (cfg.allowUploads != null) "--allow-uploads ${cfg.allowUploads}"} \
|
||||
${cfg.stateDir}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "8e2b14aceb1d40c7e8b84c03a7c78955359872bb",
|
||||
"date": "2020-08-05T09:17:35+01:00",
|
||||
"sha256": "0zzjpd9smr7rxzrdf6raw9kbj42fbvafxb5bz36lcxgv290pgsm8",
|
||||
"rev": "c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38",
|
||||
"date": "2020-08-20T19:08:02+02:00",
|
||||
"sha256": "1ak7jqx94fjhc68xh1lh35kh3w3ndbadprrb762qgvcfb8351x8v",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "e23e05452c67ce406debffa831290fb3abaabf0e",
|
||||
"date": "2020-08-06T15:33:30+02:00",
|
||||
"sha256": "10wlcm20bvak8cxjhfvmn0vm4n9da3zl19026h66zc1wfmcqgrkp",
|
||||
"rev": "42674051d12540d4a996504990c6ea3619505953",
|
||||
"date": "2020-09-06T21:21:08-04:00",
|
||||
"sha256": "1hz1n1hghilgzk4zlya498xm5lvhsf0r5b49yii7q86h3616fhwy",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
@ -15,14 +15,6 @@ with import <stockholm/lib>;
|
||||
|
||||
krebs.build.host = config.krebs.hosts.blue;
|
||||
|
||||
environment.shellAliases = {
|
||||
deploy = pkgs.writeDash "deploy" ''
|
||||
set -eu
|
||||
export SYSTEM="$1"
|
||||
$(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
|
||||
'';
|
||||
};
|
||||
|
||||
networking.nameservers = [ "1.1.1.1" ];
|
||||
|
||||
services.restic.backups = genAttrs [
|
||||
|
@ -396,12 +396,12 @@ with import <stockholm/lib>;
|
||||
];
|
||||
}
|
||||
{
|
||||
nix.trustedUsers = [ "Mic92" ];
|
||||
users.users.Mic92 = {
|
||||
uid = genid_uint31 "Mic92";
|
||||
nix.trustedUsers = [ "mic92" ];
|
||||
users.users.mic92 = {
|
||||
uid = genid_uint31 "mic92";
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.Mic92.pubkey
|
||||
config.krebs.users.mic92.pubkey
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -93,6 +93,7 @@ with import <stockholm/lib>;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
#stockholm
|
||||
deploy
|
||||
git
|
||||
gnumake
|
||||
jq
|
||||
|
6
lass/5pkgs/deploy/default.nix
Normal file
6
lass/5pkgs/deploy/default.nix
Normal file
@ -0,0 +1,6 @@
|
||||
{ writers }:
|
||||
writers.writeDashBin "deploy" ''
|
||||
set -eu
|
||||
export SYSTEM="$1"
|
||||
$(nix-build $HOME/sync/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
|
||||
''
|
4
makefu/0tests/data/secrets/bureautomation/citadel.nix
Normal file
4
makefu/0tests/data/secrets/bureautomation/citadel.nix
Normal file
@ -0,0 +1,4 @@
|
||||
{
|
||||
MATRIX_TOKEN="a";
|
||||
MATRIX_ID="b";
|
||||
}
|
@ -3,4 +3,8 @@
|
||||
platform = "generic";
|
||||
still_image_url = http://127.0.0.1:8123/local/lines.png ;
|
||||
}
|
||||
{ name = "XKCD";
|
||||
platform = "generic";
|
||||
still_image_url = http://127.0.0.1:8123/local/xkcd.png ;
|
||||
}
|
||||
]
|
||||
|
@ -6,21 +6,29 @@ let
|
||||
in {
|
||||
systemd.services.comic-updater = {
|
||||
startAt = "daily";
|
||||
description = "Send led change to message queue";
|
||||
description = "update our comics";
|
||||
after = [ "network-online.target" ] ++ (lib.optional config.services.mosquitto.enable "mosquitto.service");
|
||||
path = with pkgs; [ wget xmlstarlet ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = "hass";
|
||||
WorkingDirectory = config.services.home-assistant.configDir;
|
||||
ExecStart = pkgs.writeDash "update-poorly-drawn-lines" ''
|
||||
ExecStart = pkgs.writeDash "update-comics" ''
|
||||
set -euf
|
||||
mkdir -p www/
|
||||
cd www/
|
||||
# poorly drawn lines
|
||||
pic=$(wget -O- http://www.poorlydrawnlines.com/feed/ \
|
||||
| xml sel -t -v '/rss/channel/item/content:encoded' \
|
||||
| head -n 2 | sed -n 's/.*src="\([^"]\+\)".*/\1/p' )
|
||||
wget "$pic" -nc && cp -v "$(basename "$pic")" lines.png
|
||||
|
||||
#pic=$(curl -L xkcd.com 2>/dev/null | grep imgs.xkcd.com | grep title | sed -n 's/.*src="\([^"]\+\)" .*/https:\1/p')
|
||||
# xkcd
|
||||
pic=$(wget -O- https://xkcd.com/rss.xml \
|
||||
| xml sel -t -v '/rss/channel/item/description' \
|
||||
| head -n 1 | sed -n 's/.*src="\([^"]\+\)".*/\1/p' )
|
||||
wget "$pic" -nc && cp -v "$(basename "$pic")" xkcd.png
|
||||
'';
|
||||
PrivateTmp = true;
|
||||
};
|
||||
|
@ -137,9 +137,9 @@ in {
|
||||
++ frosch.binary_sensor
|
||||
++ aramark.binary_sensor;
|
||||
|
||||
sensor =
|
||||
# [{ platform = "version"; }] ++ # pyhaversion
|
||||
(import ./sensor/pollen.nix)
|
||||
sensor = []
|
||||
++ [{ platform = "version"; }] # pyhaversion
|
||||
++ (import ./sensor/pollen.nix)
|
||||
++ (import ./sensor/espeasy.nix)
|
||||
++ (import ./sensor/airquality.nix)
|
||||
++ ((import ./sensor/outside.nix) {inherit lib;})
|
||||
@ -238,6 +238,7 @@ in {
|
||||
"camera.Autobahn_Singen"
|
||||
"camera.puppies"
|
||||
"camera.poorly_drawn_lines"
|
||||
"camera.xkcd"
|
||||
];
|
||||
nachtlicht = [
|
||||
"switch.nachtlicht_a"
|
||||
|
@ -19,6 +19,7 @@ let
|
||||
cgit.desc = "Yet Another Check-Out System";
|
||||
};
|
||||
ebk-notify.cgit.desc = "Ebay Kleinanzeigen Notify";
|
||||
kalauerbot.cgit.desc = "Kalauer König";
|
||||
};
|
||||
|
||||
krebs-repos = mapAttrs make-krebs-repo {
|
||||
|
@ -5,5 +5,7 @@
|
||||
hdl-dump
|
||||
bin2iso
|
||||
cue2pops
|
||||
nx_game_info
|
||||
hactool
|
||||
];
|
||||
}
|
||||
|
@ -7,6 +7,7 @@
|
||||
vlc
|
||||
mumble
|
||||
mplayer
|
||||
mpv
|
||||
# quodlibet # exfalso
|
||||
tinymediamanager
|
||||
|
||||
|
30
makefu/5pkgs/hactool/default.nix
Normal file
30
makefu/5pkgs/hactool/default.nix
Normal file
@ -0,0 +1,30 @@
|
||||
{ lib, stdenv, fetchFromGitHub
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "hactool";
|
||||
name = "${pname}-${version}";
|
||||
version = "1.4.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "SciresM";
|
||||
repo = "hactool";
|
||||
rev = version;
|
||||
sha256 = "0305ngsnwm8npzgyhyifasi4l802xnfz19r0kbzzniirmcn4082d";
|
||||
};
|
||||
preBuild = ''
|
||||
cp config.mk.template config.mk
|
||||
'';
|
||||
installPhase = ''
|
||||
install -D hactool $out/bin/hactool
|
||||
'';
|
||||
buildInputs = [ ];
|
||||
nativeBuildInputs = [ ];
|
||||
|
||||
meta = {
|
||||
description = "tool to view information about, decrypt, and extract common file formats for the Nintendo Switch, especially Nintendo Content Archives";
|
||||
homepage = https://github.com/SciresM/hactool;
|
||||
license = stdenv.lib.licenses.isc;
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
||||
};
|
||||
}
|
32
makefu/5pkgs/nx_game_info/default.nix
Normal file
32
makefu/5pkgs/nx_game_info/default.nix
Normal file
@ -0,0 +1,32 @@
|
||||
{ lib, stdenv, fetchurl , mono , unzip
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "NX_Game_Info";
|
||||
name = "${pname}-${version}";
|
||||
version = "0.7.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/garoxas/NX_Game_Info/releases/download/v${version}/NX.Game.Info_${version}_cli.zip";
|
||||
sha256 = "179hkgraydm5hg5fcs1xwh07cx7rbcfwklfak83f0sl1pbya542h";
|
||||
};
|
||||
|
||||
sourceRoot = ".";
|
||||
buildInputs = [ unzip ];
|
||||
buildPhase = ":";
|
||||
installPhase = ''
|
||||
mkdir -p $out/{bin,lib}
|
||||
cp * $out/lib/
|
||||
cat > $out/bin/nxgameinfo_cli <<EOF
|
||||
${mono}/bin/mono $out/lib/nxgameinfo_cli.exe "\$@"
|
||||
EOF
|
||||
chmod +x $out/bin/nxgameinfo_cli
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "Tool to read information from Nintendo Switch game files";
|
||||
homepage = https://github.com/garoxas/NX_Game_Info;
|
||||
license = stdenv.lib.licenses.gpl3;
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user