Merge branch 'makefu'
This commit is contained in:
commit
f54a0a9ea7
@ -8,6 +8,12 @@ let
|
||||
"${user-name}/1systems/${system-name}.nix"
|
||||
"${user-name}/3modules"
|
||||
"krebs/3modules"
|
||||
] ++ [
|
||||
({ lib, pkgs, ... }: {
|
||||
_module.args.pkgs =
|
||||
(import ./krebs/5pkgs { inherit lib pkgs; }) //
|
||||
(import (./. + "/${user-name}/5pkgs") { inherit lib pkgs; });
|
||||
})
|
||||
];
|
||||
};
|
||||
|
||||
|
132
krebs/3modules/Reaktor.nix
Normal file
132
krebs/3modules/Reaktor.nix
Normal file
@ -0,0 +1,132 @@
|
||||
{ config, pkgs,lib, ... }:
|
||||
|
||||
|
||||
let
|
||||
kpkgs = import ../5pkgs { inherit pkgs; inherit lib; };
|
||||
|
||||
inherit (lib)
|
||||
mkIf
|
||||
mkOption
|
||||
types
|
||||
singleton
|
||||
isString
|
||||
optionalString
|
||||
concatStrings
|
||||
escapeShellArg
|
||||
;
|
||||
|
||||
ReaktorConfig = pkgs.writeText "config.py" ''
|
||||
${if (isString cfg.overrideConfig ) then ''
|
||||
# Overriden Config
|
||||
${cfg.overrideConfig}
|
||||
'' else ""}
|
||||
## Extra Config
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
cfg = config.krebs.Reaktor;
|
||||
|
||||
out = {
|
||||
options.krebs.Reaktor = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
};
|
||||
|
||||
api = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Start Reaktor at system boot
|
||||
'';
|
||||
};
|
||||
|
||||
nickname = mkOption {
|
||||
default = config.krebs.build.host.name + "|r";
|
||||
type = types.string;
|
||||
description = ''
|
||||
The nick name of the irc bot.
|
||||
Defaults to {hostname}|r
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
overrideConfig = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
configuration to be used instead of default ones.
|
||||
Reaktor default cfg can be retrieved via `reaktor get-config`
|
||||
'';
|
||||
};
|
||||
extraConfig = mkOption {
|
||||
default = "";
|
||||
type = types.string;
|
||||
description = ''
|
||||
configuration appended to the default or overridden configuration
|
||||
'';
|
||||
};
|
||||
|
||||
ReaktorPkg = mkOption {
|
||||
default = kpkgs.Reaktor;
|
||||
description = ''
|
||||
the Reaktor pkg to use.
|
||||
'';
|
||||
};
|
||||
debug = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Reaktor debug output
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
imp = {
|
||||
# for reaktor get-config
|
||||
environment.systemPackages = [ cfg.ReaktorPkg ];
|
||||
users.extraUsers = singleton {
|
||||
name = "Reaktor";
|
||||
# uid = config.ids.uids.Reaktor;
|
||||
uid = 2066439104; #genid Reaktor
|
||||
description = "Reaktor user";
|
||||
home = "/var/lib/Reaktor";
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
#users.extraGroups = singleton {
|
||||
# name = "Reaktor";
|
||||
# gid = config.ids.gids.Reaktor;
|
||||
#};
|
||||
|
||||
systemd.services.Reaktor = {
|
||||
path = with pkgs; [
|
||||
utillinux #flock for tell_on-join
|
||||
# git # for nag
|
||||
python # for caps
|
||||
];
|
||||
description = "Reaktor IRC Bot";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment = {
|
||||
GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
REAKTOR_NICKNAME = cfg.nickname;
|
||||
REAKTOR_DEBUG = (if cfg.debug then "True" else "False");
|
||||
};
|
||||
serviceConfig= {
|
||||
ExecStartPre = pkgs.writeScript "Reaktor-init" ''
|
||||
#! /bin/sh
|
||||
${if (isString cfg.overrideConfig) then
|
||||
''cp ${ReaktorConfig} /tmp/config.py''
|
||||
else
|
||||
''(${cfg.ReaktorPkg}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/config.py''
|
||||
}
|
||||
'';
|
||||
ExecStart = "${cfg.ReaktorPkg}/bin/reaktor run /tmp/config.py";
|
||||
PrivateTmp = "true";
|
||||
User = "Reaktor";
|
||||
Restart = "on-abort";
|
||||
StartLimitInterval = "1m";
|
||||
StartLimitBurst = "1";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
in
|
||||
out
|
@ -11,6 +11,7 @@ let
|
||||
./github-hosts-sync.nix
|
||||
./git.nix
|
||||
./nginx.nix
|
||||
./Reaktor.nix
|
||||
./retiolum.nix
|
||||
./urlwatch.nix
|
||||
];
|
||||
@ -332,11 +333,11 @@ let
|
||||
};
|
||||
users = addNames {
|
||||
lass = {
|
||||
pubkey = readFile ../../Zpubkeys/lass.ssh.pub;
|
||||
pubkey = readFile ../Zpubkeys/lass.ssh.pub;
|
||||
mail = "lass@mors.retiolum";
|
||||
};
|
||||
uriel = {
|
||||
pubkey = readFile ../../Zpubkeys/uriel.ssh.pub;
|
||||
pubkey = readFile ../Zpubkeys/uriel.ssh.pub;
|
||||
mail = "lass@uriel.retiolum";
|
||||
};
|
||||
};
|
||||
@ -468,6 +469,7 @@ let
|
||||
IN MX 10 mx42
|
||||
euer IN MX 1 aspmx.l.google.com.
|
||||
io IN NS pigstarter.krebsco.de.
|
||||
euer IN A ${elemAt nets.internet.addrs4 0}
|
||||
pigstarter IN A ${elemAt nets.internet.addrs4 0}
|
||||
conf IN A ${elemAt nets.internet.addrs4 0}
|
||||
gold IN A ${elemAt nets.internet.addrs4 0}
|
||||
@ -543,7 +545,7 @@ let
|
||||
users = addNames {
|
||||
makefu = {
|
||||
mail = "makefu@pornocauster.retiolum";
|
||||
pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub;
|
||||
pubkey = readFile ../Zpubkeys/makefu_arch.ssh.pub;
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -714,11 +716,11 @@ let
|
||||
users = addNames {
|
||||
mv = {
|
||||
mail = "mv@cd.retiolum";
|
||||
pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub;
|
||||
pubkey = readFile ../Zpubkeys/mv_vod.ssh.pub;
|
||||
};
|
||||
tv = {
|
||||
mail = "tv@wu.retiolum";
|
||||
pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub;
|
||||
pubkey = readFile ../Zpubkeys/tv_wu.ssh.pub;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -61,9 +61,9 @@ let
|
||||
${cfg.ssh-identity-file} \
|
||||
"$ssh_identity_file_target"
|
||||
|
||||
ln -snf ${kpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts
|
||||
ln -snf ${pkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts
|
||||
'';
|
||||
ExecStart = "${kpkgs.github-hosts-sync}/bin/github-hosts-sync";
|
||||
ExecStart = "${pkgs.github-hosts-sync}/bin/github-hosts-sync";
|
||||
};
|
||||
};
|
||||
|
||||
@ -77,7 +77,5 @@ let
|
||||
name = "github-hosts-sync";
|
||||
uid = 3220554646; # genid github-hosts-sync
|
||||
};
|
||||
|
||||
kpkgs = import ../../krebs/5pkgs { inherit pkgs; };
|
||||
in
|
||||
out
|
||||
|
@ -58,7 +58,7 @@ let
|
||||
|
||||
hosts = mkOption {
|
||||
type = with types; either package path;
|
||||
default = ../../Zhosts;
|
||||
default = ../Zhosts;
|
||||
description = ''
|
||||
If a path is given, then it will be used to generate an ad-hoc package.
|
||||
'';
|
||||
|
@ -78,7 +78,7 @@ let
|
||||
HOME = cfg.dataDir;
|
||||
LC_ALL = "en_US.UTF-8";
|
||||
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||
SSL_CERT_FILE = "${pkgs.cacert}/etc/ca-bundle.crt";
|
||||
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
};
|
||||
serviceConfig = {
|
||||
User = user.name;
|
||||
|
@ -14,5 +14,12 @@ builtins // lib // rec {
|
||||
|
||||
dns = import ./dns.nix { inherit lib; };
|
||||
listset = import ./listset.nix { inherit lib; };
|
||||
shell = import ./shell.nix { inherit lib; };
|
||||
tree = import ./tree.nix { inherit lib; };
|
||||
|
||||
toC = x: {
|
||||
list = "{ ${concatStringsSep ", " (map toC x)} }";
|
||||
null = "NULL";
|
||||
string = toJSON x; # close enough
|
||||
}.${typeOf x};
|
||||
}
|
||||
|
22
krebs/4lib/shell.nix
Normal file
22
krebs/4lib/shell.nix
Normal file
@ -0,0 +1,22 @@
|
||||
{ lib, ... }:
|
||||
|
||||
with builtins;
|
||||
with lib;
|
||||
|
||||
rec {
|
||||
escape =
|
||||
let
|
||||
isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null;
|
||||
in
|
||||
stringAsChars (c:
|
||||
if isSafeChar c then c
|
||||
else if c == "\n" then "'\n'"
|
||||
else "\\${c}");
|
||||
|
||||
#
|
||||
# shell script generators
|
||||
#
|
||||
|
||||
# example: "${cat (toJSON { foo = "bar"; })} | jq -r .foo"
|
||||
cat = s: "printf '%s' ${escape s}";
|
||||
}
|
19
krebs/5pkgs/Reaktor/default.nix
Normal file
19
krebs/5pkgs/Reaktor/default.nix
Normal file
@ -0,0 +1,19 @@
|
||||
{ lib, pkgs,python3Packages,fetchurl, ... }:
|
||||
|
||||
python3Packages.buildPythonPackage rec {
|
||||
name = "Reaktor-${version}";
|
||||
version = "0.4.3";
|
||||
propagatedBuildInputs = with pkgs;[
|
||||
python3Packages.docopt
|
||||
python3Packages.requests2
|
||||
];
|
||||
src = fetchurl {
|
||||
url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz";
|
||||
sha256 = "1rvfw9vg7i7z2ah7m5k3zik2b92d3xdaqa8am62qw6vgvmxcmfp4";
|
||||
};
|
||||
meta = {
|
||||
homepage = http://krebsco.de/;
|
||||
description = "An IRC bot based on asynchat";
|
||||
license = lib.licenses.wtfpl;
|
||||
};
|
||||
}
|
@ -1,18 +1,54 @@
|
||||
{ pkgs, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
|
||||
with import ../4lib { inherit lib; };
|
||||
|
||||
let
|
||||
inherit (pkgs) callPackage;
|
||||
in
|
||||
|
||||
pkgs //
|
||||
{
|
||||
cac = callPackage ./cac.nix {};
|
||||
dic = callPackage ./dic.nix {};
|
||||
genid = callPackage ./genid.nix {};
|
||||
github-hosts-sync = callPackage ./github-hosts-sync.nix {};
|
||||
github-known_hosts = callPackage ./github-known_hosts.nix {};
|
||||
hashPassword = callPackage ./hashPassword.nix {};
|
||||
nq = callPackage ./nq.nix {};
|
||||
posix-array = callPackage ./posix-array.nix {};
|
||||
youtube-tools = callPackage ./youtube-tools.nix {};
|
||||
rec {
|
||||
cac = callPackage ./cac {};
|
||||
charybdis = callPackage ./charybdis {};
|
||||
dic = callPackage ./dic {};
|
||||
genid = callPackage ./genid {};
|
||||
github-hosts-sync = callPackage ./github-hosts-sync {};
|
||||
github-known_hosts = callPackage ./github-known_hosts {};
|
||||
hashPassword = callPackage ./hashPassword {};
|
||||
krebszones = callPackage ./krebszones {};
|
||||
lentil = callPackage ./lentil {};
|
||||
much = callPackage ./much {};
|
||||
nq = callPackage ./nq {};
|
||||
posix-array = callPackage ./posix-array {};
|
||||
pssh = callPackage ./pssh {};
|
||||
Reaktor = callPackage ./Reaktor {};
|
||||
youtube-tools = callPackage ./youtube-tools {};
|
||||
|
||||
execve = name: { filename, argv, envp ? {}, destination ? "" }:
|
||||
writeC name { inherit destination; } ''
|
||||
#include <unistd.h>
|
||||
int main () {
|
||||
const char *filename = ${toC filename};
|
||||
char *const argv[] = ${toC (argv ++ [null])};
|
||||
char *const envp[] = ${toC (
|
||||
mapAttrsToList (k: v: "${k}=${v}") envp ++ [null]
|
||||
)};
|
||||
execve(filename, argv, envp);
|
||||
return -1;
|
||||
}
|
||||
'';
|
||||
|
||||
execveBin = name: cfg: execve name (cfg // { destination = "/bin/${name}"; });
|
||||
|
||||
writeC = name: { destination ? "" }: src: pkgs.runCommand name {} ''
|
||||
PATH=${lib.makeSearchPath "bin" (with pkgs; [
|
||||
binutils
|
||||
coreutils
|
||||
gcc
|
||||
])}
|
||||
src=${pkgs.writeText "${name}.c" src}
|
||||
exe=$out${destination}
|
||||
mkdir -p "$(dirname "$exe")"
|
||||
gcc -O -Wall -o "$exe" $src
|
||||
strip --strip-unneeded "$exe"
|
||||
'';
|
||||
}
|
||||
|
@ -4,7 +4,7 @@ with builtins;
|
||||
with lib;
|
||||
|
||||
let
|
||||
github-pubkey = removeSuffix "\n" (readFile ../../Zpubkeys/github.ssh.pub);
|
||||
github-pubkey = removeSuffix "\n" (readFile ./github.ssh.pub);
|
||||
in
|
||||
|
||||
toFile "github-known_hosts"
|
20
krebs/5pkgs/krebszones/default.nix
Normal file
20
krebs/5pkgs/krebszones/default.nix
Normal file
@ -0,0 +1,20 @@
|
||||
{ lib, pkgs,python3Packages,fetchurl, ... }:
|
||||
|
||||
python3Packages.buildPythonPackage rec {
|
||||
name = "krebszones-${version}";
|
||||
version = "0.4.3";
|
||||
propagatedBuildInputs = with pkgs.python3Packages;[
|
||||
d2to1 # for setup to work
|
||||
ovh
|
||||
docopt
|
||||
];
|
||||
src = fetchurl {
|
||||
url = "https://pypi.python.org/packages/source/k/krebszones/krebszones-${version}.tar.gz";
|
||||
sha256 = "1i6aqy27bikypc4mq7ymfnvf42rr5sxiy6l7gnyk6ifhlp1jq8z5";
|
||||
};
|
||||
meta = {
|
||||
homepage = http://krebsco.de/;
|
||||
description = "OVH Zone Upload";
|
||||
license = lib.licenses.wtfpl;
|
||||
};
|
||||
}
|
37
krebs/5pkgs/pssh/default.nix
Normal file
37
krebs/5pkgs/pssh/default.nix
Normal file
@ -0,0 +1,37 @@
|
||||
{ writeScriptBin }:
|
||||
|
||||
writeScriptBin "pssh" ''
|
||||
#! /bin/sh
|
||||
set -efu
|
||||
case ''${1-} in
|
||||
|
||||
# TODO create plog with -o json | jq ... | map date
|
||||
|
||||
# usage: pssh {-j,--journal} host...
|
||||
# Follow journal at each host.
|
||||
-j|--journal)
|
||||
shift
|
||||
"$0" journalctl -n0 -ocat --follow --all ::: "$@" \
|
||||
| while read line; do
|
||||
printf '%s %s\n' "$(date --rfc-3339=s)" "$line"
|
||||
done
|
||||
;;
|
||||
|
||||
-*)
|
||||
echo $0: unknown option: $1 >&2
|
||||
exit 1
|
||||
;;
|
||||
|
||||
# usage: pssh command [arg...] ::: host...
|
||||
# Run command at each host.
|
||||
*)
|
||||
exec parallel \
|
||||
--line-buffer \
|
||||
-j0 \
|
||||
--no-notice \
|
||||
--tagstring {} \
|
||||
ssh -T {} "$@"
|
||||
;;
|
||||
|
||||
esac
|
||||
''
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user