From d29217c88bec4023736c77877fd778a13e78b3b3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Jun 2017 14:03:07 +0200
Subject: [PATCH 01/20] s nix-cacher: split to shack bincache/acng

---
 shared/2configs/shack/bincache.nix   | 6 ++++++
 shared/2configs/shack/nix-cacher.nix | 3 +++
 2 files changed, 9 insertions(+)
 create mode 100644 shared/2configs/shack/bincache.nix

diff --git a/shared/2configs/shack/bincache.nix b/shared/2configs/shack/bincache.nix
new file mode 100644
index 000000000..9cd7fae23
--- /dev/null
+++ b/shared/2configs/shack/bincache.nix
@@ -0,0 +1,6 @@
+{...}:
+{
+  nix.binaryCaches = [
+      "http://wolf.shack:3142/nixos"
+  ];
+}
diff --git a/shared/2configs/shack/nix-cacher.nix b/shared/2configs/shack/nix-cacher.nix
index 4fcbf3a4e..8feeca9af 100644
--- a/shared/2configs/shack/nix-cacher.nix
+++ b/shared/2configs/shack/nix-cacher.nix
@@ -4,6 +4,9 @@ let
   cfg = config.krebs.apt-cacher-ng;
 in
 {
+  imports = [
+    ./bincache.nix
+  ];
   krebs.apt-cacher-ng = {
     enable = true;
     port = 3142;

From 777adbb420c8b046b0c222d7f0b8480c32f9a8c0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Jun 2017 14:03:24 +0200
Subject: [PATCH 02/20] s 1 wolf: enable radioactive

---
 shared/1systems/wolf.nix              |  8 +++---
 shared/2configs/shack/radioactive.nix | 35 +++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 4 deletions(-)
 create mode 100644 shared/2configs/shack/radioactive.nix

diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index 9acc5894b..f50fc80c4 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -7,7 +7,6 @@ in
     ../.
     <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
     ../2configs/collectd-base.nix
-    ../2configs/shack/share.nix
     ../2configs/central-stats-client.nix
     ../2configs/save-diskspace.nix
 
@@ -15,11 +14,13 @@ in
     ../2configs/graphite.nix
     ../2configs/repo-sync.nix
     ../2configs/shared-buildbot.nix
-    ../2configs/shack/drivedroid.nix
-    ../2configs/shack/nix-cacher.nix
 
+    ../2configs/shack/drivedroid.nix
+    # ../2configs/shack/nix-cacher.nix
     ../2configs/shack/mqtt_sub.nix
     ../2configs/shack/muell_caller.nix
+    ../2configs/shack/radioactive.nix
+    ../2configs/shack/share.nix
 
   ];
   # use your own binary cache, fallback use cache.nixos.org (which is used by
@@ -42,7 +43,6 @@ in
 
   nix = {
     binaryCaches = [
-      "http://localhost:3142/nixos"
       "http://cache.prism.r"
       "https://cache.nixos.org/"
     ];
diff --git a/shared/2configs/shack/radioactive.nix b/shared/2configs/shack/radioactive.nix
new file mode 100644
index 000000000..378b54056
--- /dev/null
+++ b/shared/2configs/shack/radioactive.nix
@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+  pkg = pkgs.stdenv.mkDerivation {
+    name = "radioactive-2017-06-01";
+    src = pkgs.fetchgit {
+      url = "https://github.com/makefu/nagios-radioactiveathome-plugins/";
+      rev = "955f614";
+      sha256 = "0ql6npl3n6shvij0ly6a52yjmf7dc31c5x29y927k9lvp8ygin20";
+    };
+    buildInputs = [
+      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
+        docopt
+        requests2
+        python
+      ]))
+    ];
+    installPhase = ''
+      install -m755 -D add_many_points.py  $out/bin/radioactive-add-many
+    '';
+  };
+in {
+  systemd.services.radioactive = {
+    description = "radioactive";
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      User = "nobody"; # TODO separate user
+      ExecStart = "${pkg}/bin/radioactive-add-many loop 60";
+      Restart = "always";
+      PrivateTmp = true;
+      PermissionsStartOnly = true;
+    };
+  };
+}

From 1ebd26d96de5714f35f31fcefc89cbb414c21093 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 6 Jun 2017 14:27:42 +0200
Subject: [PATCH 03/20] l 2 nixpkgs: f8dfdd7 -> 8804775

---
 lass/2configs/nixpkgs.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index a3916a2ea..60c942367 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
 {
   krebs.build.source.nixpkgs.git = {
     url = https://cgit.lassul.us/nixpkgs;
-    ref = "f8dfdd7";
+    ref = "8804775";
   };
 }

From 01555a629bfede04e33e15955ee9c2762bdaa301 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Jun 2017 14:42:58 +0200
Subject: [PATCH 04/20] m 2 mail-clients: mutt -> neomutt

---
 makefu/2configs/mail-client.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/makefu/2configs/mail-client.nix b/makefu/2configs/mail-client.nix
index 8319b89ce..e08aadc5e 100644
--- a/makefu/2configs/mail-client.nix
+++ b/makefu/2configs/mail-client.nix
@@ -7,10 +7,11 @@ with import <stockholm/lib>;
     gnupg
     imapfilter
     msmtp
-    mutt
     notmuch
+    neomutt
     offlineimap
     openssl
     w3m
   ];
+
 }

From b166fb32c080720fe18b145e27ae69b9d0e3ea90 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Jun 2017 18:52:10 +0200
Subject: [PATCH 05/20] s 2: add worlddomination

---
 shared/2configs/shack/worlddomination.nix | 67 +++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 shared/2configs/shack/worlddomination.nix

diff --git a/shared/2configs/shack/worlddomination.nix b/shared/2configs/shack/worlddomination.nix
new file mode 100644
index 000000000..634cd7d2e
--- /dev/null
+++ b/shared/2configs/shack/worlddomination.nix
@@ -0,0 +1,67 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+  pythonPackages = pkgs.python3Packages;
+  # https://github.com/chrysn/aiocoap
+  aiocoap = pythonPackages.buildPythonPackage {
+      name = "aiocoap-0.3";
+      src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
+      propagatedBuildInputs = [ ];
+      doCheck = false; # 2 errors, dunnolol
+      meta = with pkgs.stdenv.lib; {
+        homepage = "";
+        license = licenses.mit;
+        description = "Python CoAP library";
+      };
+    };
+  LinkHeader = pythonPackages.buildPythonPackage {
+    name = "LinkHeader-0.4.3";
+    src = pkgs.fetchurl { url = "https://pypi.python.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
+    propagatedBuildInputs = [ ];
+    meta = with pkgs.stdenv.lib; {
+      homepage = "";
+      license = licenses.bsdOriginal;
+      description = "Parse and format link headers according to RFC 5988 \"Web Linking\"";
+    };
+  };
+  pkg = pkgs.stdenv.mkDerivation {
+    name = "worlddomination-2017-06-01";
+    src = pkgs.fetchgit {
+      url = "https://github.com/shackspace/worlddomination/";
+      rev = "e6a2df4";
+      sha256 = "1zwv18v47lzj8yslip876n46f50822ycx0d6zbhp72h8hw0ar46f";
+    };
+    buildInputs = [
+      (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
+        docopt
+        LinkHeader
+        aiocoap
+        requests2
+        paramiko
+        python
+      ]))
+    ];
+    installPhase = ''
+      install -m755 -D backend/push_led.py  $out/bin/push-led
+      install -m755 -D backend/loop_single.py  $out/bin/loop-single
+      # copy the provided file to the package
+      install -m755 -D backend/wd.lst  $out/${wdpath}
+    '';
+  };
+  wdpath = "/usr/worlddomination/wd.lst";
+  esphost = "10.42.24.7"; # esp8266
+  timeout = 10; # minutes
+in {
+  systemd.services.worlddomination = {
+    description = "run worlddomination";
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      User = "nobody"; # TODO separate user
+      ExecStart = "${pkg}/bin/push-led ${esphost} ${pkg}/${wdpath} loop ${toString timeout}";
+      Restart = "always";
+      PrivateTmp = true;
+      PermissionsStartOnly = true;
+    };
+  };
+}

From ca77ad48ee0046a330d1902a4c12464c7b928bb0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 6 Jun 2017 18:56:02 +0200
Subject: [PATCH 06/20] m 2 led-fader: trying to fix mosquitto deps

---
 makefu/1systems/wry.nix                  | 4 ++--
 makefu/2configs/deployment/led-fader.nix | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
index 62ca171a9..f5097bf40 100644
--- a/makefu/1systems/wry.nix
+++ b/makefu/1systems/wry.nix
@@ -22,8 +22,8 @@ in {
       # ../2configs/nginx/euer.test.nix
 
       # collectd
-      ../2configs/logging/central-stats-client.nix
-      ../2configs/logging/central-logging-client.nix
+      ../2configs/stats/client.nix
+      ../2configs/logging/client.nix
 
       ../2configs/tinc/retiolum.nix
       # ../2configs/torrent.nix
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix
index e4d62ae77..50023693d 100644
--- a/makefu/2configs/deployment/led-fader.nix
+++ b/makefu/2configs/deployment/led-fader.nix
@@ -29,7 +29,7 @@ in {
     environment = {
       NIX_PATH = "/var/src";
     };
-    after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ];
+    # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ];
     wantedBy = [ "multi-user.target"  ];
     serviceConfig = {
       # User = "nobody"; # need a user with permissions to run nix-shell

From 87e54205e06383c9ccc54e2cdd1ba7baf49adca2 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 9 Jun 2017 13:53:30 +0200
Subject: [PATCH 07/20] s 2 graphite: make less verbose, restart on crash

---
 shared/2configs/graphite.nix | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix
index 689aedd04..64222e43a 100644
--- a/shared/2configs/graphite.nix
+++ b/shared/2configs/graphite.nix
@@ -10,7 +10,7 @@ with import <stockholm/lib>;
   imports = [ ];
 
   services.graphite = {
-    web = {
+    api = {
       enable = true;
       listenAddress = "0.0.0.0";
     };
@@ -23,7 +23,15 @@ with import <stockholm/lib>;
         MAX_UPDATES_PER_SECOND = 1
         MAX_CREATES_PER_MINUTE = 50
         MAX_UPDATES_PER_SECOND_ONSHUTDOWN = 9001
+
+        LOG_CACHE_HITS = False
+        LOG_CACHE_QUEUE_SORTS = False
+        LOG_UPDATES = False
+        LOG_LISTENER_CONNECTIONS = False
+        LOG_CREATES = True
         '';
+      storageAggregation = ''
+      '';
       storageSchemas = ''
         [carbon]
         pattern = ^carbon\.
@@ -66,10 +74,20 @@ with import <stockholm/lib>;
         pattern = ^elchos\.
         retentions = 10s:14d,1m:90d,10m:5y
 
+        [icinga_default]
+        pattern = ^icinga
+        retentions = 10s:14d,5m:90d,10m:5y
+
+        [icinga_internals]
+        pattern = ^icinga.*\.(max_check_attempts|reachable|current_attempt|execution_time|latency|state|state_type)
+        retentions = 5m:7d
+
         [default]
         pattern = .*
         retentions = 60s:30d,300s:1y
         '';
     };
   };
+  systemd.services.carbonCache.serviceConfig.Restart="always";
+  systemd.services.graphiteApi.serviceConfig.Restart="always";
 }

From f0c7ef456ffbf8081082a21f67a57ba4ff1d7958 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 9 Jun 2017 13:53:48 +0200
Subject: [PATCH 08/20] s 2 mqtt_sub: bump version

---
 shared/2configs/shack/mqtt_sub.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/shared/2configs/shack/mqtt_sub.nix b/shared/2configs/shack/mqtt_sub.nix
index dafa06ba9..a8427dde4 100644
--- a/shared/2configs/shack/mqtt_sub.nix
+++ b/shared/2configs/shack/mqtt_sub.nix
@@ -6,8 +6,8 @@ let
     name = "mqtt2graphite-2017-05-29";
     src = pkgs.fetchgit {
       url = "https://github.com/shackspace/mqtt2graphite/";
-      rev = "8c060e6";
-      sha256 = "06x7a1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg";
+      rev = "117179d";
+      sha256 = "1334jbbzlqizyp7zcn4hdswhhrnkj1p4p435n5nph82lzffrsi44";
     };
     buildInputs = [
       (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [

From ec65fabcb43c813f1977496eab47e5aaa44ff5cf Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 9 Jun 2017 13:54:05 +0200
Subject: [PATCH 09/20] s 2 worlddomination: bump version

---
 shared/2configs/shack/worlddomination.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/shared/2configs/shack/worlddomination.nix b/shared/2configs/shack/worlddomination.nix
index 634cd7d2e..ee461b51c 100644
--- a/shared/2configs/shack/worlddomination.nix
+++ b/shared/2configs/shack/worlddomination.nix
@@ -26,11 +26,11 @@ let
     };
   };
   pkg = pkgs.stdenv.mkDerivation {
-    name = "worlddomination-2017-06-01";
+    name = "worlddomination-2017-06-08";
     src = pkgs.fetchgit {
       url = "https://github.com/shackspace/worlddomination/";
-      rev = "e6a2df4";
-      sha256 = "1zwv18v47lzj8yslip876n46f50822ycx0d6zbhp72h8hw0ar46f";
+      rev = "39344a4";
+      sha256 = "07alvdgz1vyww6nlay4qx4l7hnfqw0sqcdd9syhsjhqv3ciigwcp";
     };
     buildInputs = [
       (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [

From a3a19729d061984c9901944db706f747ae4790fa Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 13 Jun 2017 21:19:33 +0200
Subject: [PATCH 10/20] k 3 m: adopt horisa

---
 krebs/3modules/makefu/default.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index c95e1761c..7f8907c5b 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -782,6 +782,29 @@ with import <stockholm/lib>;
       };
     };
 
+    horisa = rec {
+      cores = 2;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.226.213";
+          ip6.addr = "42:432e:2379:0cd2:8486:f3b5:335a:5d83";
+          aliases = [
+            "horisa.r"
+          ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEA1hhBqCku98gimv0yXr6DFwE2HUemigyqX8o7IsPOW5XT/K8o+V40
+            Oxk3r0+c7IYREvug/raxoullf5TMJFzTzqzX4njgsiTs25V8D7hVT4jcRKTcXmBn
+            XpjtD+tIeDW1E6dIMMDbxKCyfd/qaeg83G7gPobeFYr4JNqQLXrnotlWMO9S13UT
+            +EgSP2pixv/dGIqX8WRg23YumO8jZKbso/sKKFMIEOJvnh/5EcWb24+q2sDRCitP
+            sWJ5j/9M1Naec/Zl27Ac2HyMWRk39F9Oo+iSbc47QvjKTEmn37P4bBg3hY9FSSFo
+            M90wG/NRbw1Voz6BgGlwOAoA+Ln0rVKqDQIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
+
     tahoe = rec {
       cores = 1;
       nets = {

From 70260c70943cfcad80c268920566c1a858870b28 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 15 Jun 2017 13:01:16 +0200
Subject: [PATCH 11/20] m 5 studio-link: init

---
 makefu/5pkgs/studio-link/default.nix | 69 ++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 makefu/5pkgs/studio-link/default.nix

diff --git a/makefu/5pkgs/studio-link/default.nix b/makefu/5pkgs/studio-link/default.nix
new file mode 100644
index 000000000..6fa40139b
--- /dev/null
+++ b/makefu/5pkgs/studio-link/default.nix
@@ -0,0 +1,69 @@
+{ stdenv, fetchurl, buildFHSUserEnv, writeTextFile, alsaLib, atk, cairo, cups
+, dbus, expat, fontconfig, freetype, gcc, gdk_pixbuf, glib, gnome2, gtk2, nspr
+, nss, pango, systemd, xorg, utillinuxMinimal, unzip, openssl, zlib, libjack2 }:
+
+let
+  libPath = stdenv.lib.makeLibraryPath [
+    alsaLib
+    atk
+    cairo
+    cups
+    dbus
+    expat
+    fontconfig
+    freetype
+    gcc.cc
+    gdk_pixbuf
+    glib
+    gnome2.GConf
+    gtk2
+    nspr
+    nss
+    pango
+
+    openssl
+    zlib
+    libjack2
+
+    systemd
+    xorg.libX11
+    xorg.libXScrnSaver
+    xorg.libXcomposite
+    xorg.libXcursor
+    xorg.libXdamage
+    xorg.libXext
+    xorg.libXfixes
+    xorg.libXi
+    xorg.libXrandr
+    xorg.libXrender
+    xorg.libXtst
+  ];
+in
+stdenv.mkDerivation rec {
+  name = "studio-link-${version}";
+  version = "17.03.1-beta";
+  src = fetchurl {
+    url = "https://github.com/Studio-Link-v2/backend/releases/download/v${version}/studio-link-standalone-linux.zip";
+    sha256 = "1y21nymin7iy64hcffc8g37fv305b1nvmh944hkf7ipb06kcx6r9";
+  };
+  buildInputs = [ unzip ];
+  phases = ["unpackPhase" "installPhase" "fixupPhase"];
+  unpackPhase = ''
+    unzip $src
+  '';
+  installPhase = ''
+    mkdir -p $out/bin
+    cp studio-link-standalone $out/bin/studio-link
+    chmod +x $out/bin/studio-link
+  '';
+  postFixup = ''
+    patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) --set-rpath "${libPath}:\$ORIGIN" "$out/bin/studio-link"
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = https://studio-link.com;
+    description = "Voip transfer";
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ makefu ];
+  };
+}

From e0f2449d526ba0f6a5bb8feebb8ca67bbc822554 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Thu, 15 Jun 2017 19:15:50 +0200
Subject: [PATCH 12/20] l 2 nixpkgs: 8804775 -> 0a4db15

---
 lass/2configs/nixpkgs.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 60c942367..1c68d58d5 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
 {
   krebs.build.source.nixpkgs.git = {
     url = https://cgit.lassul.us/nixpkgs;
-    ref = "8804775";
+    ref = "0a4db15";
   };
 }

From 1ec7dabe6233ecec74a0b387f1e7851f55c72ad5 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 18 Jun 2017 14:00:05 +0200
Subject: [PATCH 13/20] krebszones -> ovh-zone

---
 krebs/5pkgs/simple/{krebszones => ovh-zone}/default.nix | 2 +-
 lass/1systems/mors.nix                                  | 2 +-
 lass/2configs/buildbot-standalone.nix                   | 2 +-
 makefu/2configs/tools/dev.nix                           | 2 +-
 tv/2configs/default.nix                                 | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)
 rename krebs/5pkgs/simple/{krebszones => ovh-zone}/default.nix (95%)

diff --git a/krebs/5pkgs/simple/krebszones/default.nix b/krebs/5pkgs/simple/ovh-zone/default.nix
similarity index 95%
rename from krebs/5pkgs/simple/krebszones/default.nix
rename to krebs/5pkgs/simple/ovh-zone/default.nix
index 9230192bd..051a14e8d 100644
--- a/krebs/5pkgs/simple/krebszones/default.nix
+++ b/krebs/5pkgs/simple/ovh-zone/default.nix
@@ -6,7 +6,7 @@
 ## diff future.sorted current.sorted
 
 python3Packages.buildPythonPackage rec {
-  name = "krebszones-${version}";
+  name = "ovh-zone-${version}";
   version = "0.4.4";
   propagatedBuildInputs = with pkgs.python3Packages;[
     d2to1 # for setup to work
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index dd3777c64..a5305c07c 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -76,7 +76,7 @@ with import <stockholm/lib>;
     }
     {
       environment.systemPackages = [
-        pkgs.krebszones
+        pkgs.ovh-zone
       ];
     }
     {
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 227152482..5edd1075d 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -178,11 +178,11 @@ in {
           "haskellPackages.scanner",
           "haskellPackages.xmonad-stockholm",
           "krebspaste",
-          "krebszones",
           "logf",
           "much",
           "newsbot-js",
           "noVNC",
+          "ovh-zone",
           "passwdqc-utils",
           "populate",
           "posix-array",
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 8e4e3270d..4fe7f8bf4 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -11,6 +11,6 @@
     esptool
     cac-api
     cac-panel
-    krebszones
+    ovh-zone
   ];
 }
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index b2560084d..b1d739ef3 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -155,7 +155,7 @@ with import <stockholm/lib>;
       environment.systemPackages = [
         pkgs.get
         pkgs.krebspaste
-        pkgs.krebszones
+        pkgs.ovh-zone
         pkgs.nix-prefetch-scripts
         pkgs.push
       ];

From 78ba83b1ee770f08d09556364dc888396a5380c2 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 18 Jun 2017 14:03:43 +0200
Subject: [PATCH 14/20] k 3 tinc_graphs: graph.krebsco.de is the new default

---
 krebs/3modules/tinc_graphs.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index 197835e73..8390eccbb 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -48,7 +48,7 @@ let
           external domainname to be used for anonymous graphs
           it will be used if you want to enable ACME
         '';
-        default = "graphs.krebsco.de";
+        default = "graph.krebsco.de";
       };
 
       complete = mkOption {

From 11595014eefe6f495511a7ed470bc08286469907 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 18 Jun 2017 14:08:43 +0200
Subject: [PATCH 15/20] pkgs: init krebszones

---
 krebs/5pkgs/simple/krebszones/default.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 krebs/5pkgs/simple/krebszones/default.nix

diff --git a/krebs/5pkgs/simple/krebszones/default.nix b/krebs/5pkgs/simple/krebszones/default.nix
new file mode 100644
index 000000000..b54c95d88
--- /dev/null
+++ b/krebs/5pkgs/simple/krebszones/default.nix
@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+pkgs.writeDashBin "krebszones" ''
+  set -efu
+  export OVH_ZONE_CONFIG=$HOME/.secrets/krebs/ovh-zone.conf
+  case $* in
+    import)
+      set -- import /etc/zones/krebsco.de krebsco.de
+      echo "+ krebszones $*" >&2
+      ;;
+  esac
+  exec ${pkgs.ovh-zone}/bin/ovh-zone "$@"
+''

From 2cb779a54972197e69aeb53f14a6b3e391844d34 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 18 Jun 2017 14:09:02 +0200
Subject: [PATCH 16/20] s 1 wolf: bump worlddomination

---
 shared/1systems/wolf.nix                  | 10 ++++++++++
 shared/2configs/shack/worlddomination.nix |  6 +++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index f50fc80c4..584ee0373 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -15,6 +15,7 @@ in
     ../2configs/repo-sync.nix
     ../2configs/shared-buildbot.nix
 
+    ../2configs/shack/worlddomination.nix
     ../2configs/shack/drivedroid.nix
     # ../2configs/shack/nix-cacher.nix
     ../2configs/shack/mqtt_sub.nix
@@ -90,6 +91,15 @@ in
   swapDevices = [
     { device = "/dev/disk/by-label/swap";  }
   ];
+  # fallout of ipv6calypse
+  networking.extraHosts = ''
+    hass.shack    10.42.2.191
+    heidi.shack   10.42.2.135
+  '';
+
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+    config.krebs.users.ulrich.pubkey
+  ];
 
   time.timeZone = "Europe/Berlin";
   sound.enable = false;
diff --git a/shared/2configs/shack/worlddomination.nix b/shared/2configs/shack/worlddomination.nix
index ee461b51c..d0f9f5fa6 100644
--- a/shared/2configs/shack/worlddomination.nix
+++ b/shared/2configs/shack/worlddomination.nix
@@ -26,11 +26,11 @@ let
     };
   };
   pkg = pkgs.stdenv.mkDerivation {
-    name = "worlddomination-2017-06-08";
+    name = "worlddomination-2017-06-10";
     src = pkgs.fetchgit {
       url = "https://github.com/shackspace/worlddomination/";
-      rev = "39344a4";
-      sha256 = "07alvdgz1vyww6nlay4qx4l7hnfqw0sqcdd9syhsjhqv3ciigwcp";
+      rev = "72fc9b5";
+      sha256 = "05h500rswzypcxy4i22qc1vkc8izbzfqa9m86xg289hjxh133xyf";
     };
     buildInputs = [
       (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [

From 2c54c126644c8280be73d1cd45fc4215fe064eb1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 18 Jun 2017 14:47:07 +0200
Subject: [PATCH 17/20] k 3 m: add ulrich

---
 krebs/3modules/makefu/default.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 7f8907c5b..4c0ce0fe3 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -965,6 +965,10 @@ with import <stockholm/lib>;
     ciko = {
       mail = "wieczorek.stefan@googlemail.com";
     };
+    ulrich = {
+      pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1sobyfvUu/G2Ms+T0cI4CSgtjCoO2qEYVK1jkqC2A9mLJfNoPsToLowfGszpOAM9S4Rtn+OJ+vPMvs2E4pkZmXcmJZFAKKPNadmzwqCQyskBdoyszkj7DXngX56ZQ+ZEf+vPp2tu/IN0CFNVUllUcWP2TD2ECH5qkBODBHLyGf4PvV35yGpuYNFhFSWkTxwXZ7d5eat2kmwTfryX91Z+M901t6MK0ADyUwBkbotwSn/B6xUEZzExlGhRziRlIM0MrmSMvUA1mcmMJWVfHbb5Sw8yVstUuaU98C3EzDPNlVTbu5al2sDk4+jjireMMMVHC0j8aj7DlhvcF2t7ZpAKy+HN/PFuV7+RgN3DmIMLwbSRfykH3ATVdBzoL0/XmGBRXht6M22igAMFt9o/oHtwWt2JYcNX5poS8kLcjPzGHcx7KOslZ7VZev4BTpFAZIeMYhlzsNCI88bxUqdFxIcofNIQMy4Ep4qJXlgMduQbYtPDRpclDe82yiblhz48+HF/j8+0ZBx4w3jb4XBtgeTfwM2nARsD7MRzokfMfbGf6cZ8AU0/h69ECdsy2KYCKzgFxV/SHN2fDk6SZWLHmxDZ8N02VqgXMTvkYHvDBiaNxM0/iNMKqYCfuxjQPSusBENSgwhUnBGgoGYZuz0r2oMdtzqrkC/VbDxi5gSKl+ZoaMQ== shackspace.de@myvdr.de";
+      mail = "shackspace.de@myvdr.de";
+    };
     exco = {
       mail = "dickbutt@excogitation.de";
       pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== dickbutt@excogitation.de";

From 501726d3841f365a0c339ef0aa8edc455f1c6d7e Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 18 Jun 2017 14:56:52 +0200
Subject: [PATCH 18/20] pkgs: init urlencode

---
 krebs/5pkgs/simple/urlencode/default.nix | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 krebs/5pkgs/simple/urlencode/default.nix

diff --git a/krebs/5pkgs/simple/urlencode/default.nix b/krebs/5pkgs/simple/urlencode/default.nix
new file mode 100644
index 000000000..afa42b83f
--- /dev/null
+++ b/krebs/5pkgs/simple/urlencode/default.nix
@@ -0,0 +1,22 @@
+{ jq, gnused, writeBashBin, ... }:
+
+writeBashBin "urlencode" ''
+  set -efu
+
+  decode() {
+    printf %b "$(${gnused}/bin/sed 's/ /+/g; s/%/\\x/g')"
+  }
+
+  encode() {
+    ${jq}/bin/jq -Rr '@uri "\(.)"'
+  }
+
+  # shellcheck disable=SC2048
+  case $* in
+    -d) decode;;
+    "") encode;;
+    *)
+      echo "$0: error: your argument is invalid" >&2
+      exit 1
+  esac
+''

From 5adfde5e0d1fd9e31b2adf7af0590e3e2fff1656 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 18 Jun 2017 16:06:37 +0200
Subject: [PATCH 19/20] pkgs: init brain

---
 krebs/5pkgs/simple/brain/default.nix | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 krebs/5pkgs/simple/brain/default.nix

diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix
new file mode 100644
index 000000000..079db825f
--- /dev/null
+++ b/krebs/5pkgs/simple/brain/default.nix
@@ -0,0 +1,12 @@
+{ pass, writeOut, writeDash, ... }:
+
+writeOut "brain" {
+  "/bin/brain-pass".link = writeDash "brain-pass" ''
+    PASSWORD_STORE_DIR=$HOME/brain \
+    exec ${pass}/bin/pass $@
+  '';
+  "/bin/brain-passmenu".link = writeDash "brain-passmenu" ''
+    PASSWORD_STORE_DIR=$HOME/brain \
+    exec ${pass}/bin/passmenu $@
+  '';
+}

From bf62457ec2655ba4d6ef24c1eb801a80cb7b96bf Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 18 Jun 2017 16:07:15 +0200
Subject: [PATCH 20/20] l: RIP krebs-pass

---
 lass/1systems/mors.nix       |  1 -
 lass/2configs/krebs-pass.nix | 21 ---------------------
 2 files changed, 22 deletions(-)
 delete mode 100644 lass/2configs/krebs-pass.nix

diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index a5305c07c..6790c0aea 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -21,7 +21,6 @@ with import <stockholm/lib>;
     ../2configs/fetchWallpaper.nix
     #../2configs/c-base.nix
     ../2configs/mail.nix
-    ../2configs/krebs-pass.nix
     ../2configs/repo-sync.nix
     ../2configs/ircd.nix
     ../2configs/logf.nix
diff --git a/lass/2configs/krebs-pass.nix b/lass/2configs/krebs-pass.nix
deleted file mode 100644
index a605bc84b..000000000
--- a/lass/2configs/krebs-pass.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ pkgs, ... }:
-
-let
-
-  #TODO: tab-completion
-  krebs-pass = pkgs.writeDashBin "krebs-pass" ''
-    PASSWORD_STORE_DIR=$HOME/.krebs-pass \
-    exec ${pkgs.pass}/bin/pass $@
-  '';
-
-  krebs-passmenu = pkgs.writeDashBin "krebs-passmenu" ''
-    PASSWORD_STORE_DIR=$HOME/.krebs-pass \
-    exec ${pkgs.pass}/bin/passmenu $@
-  '';
-
-in {
-  krebs.per-user.lass.packages = [
-    krebs-pass
-    krebs-passmenu
-  ];
-}