diff options
author | lassulus <lass@aidsballs.de> | 2016-02-01 15:17:16 +0100 |
---|---|---|
committer | lassulus <lass@aidsballs.de> | 2016-02-01 15:17:16 +0100 |
commit | c5441d30682e0dbe31ebc09bfff6fc0bd0056677 (patch) | |
tree | 9201c304bbe936b0e40b8526959ba519db52e154 | |
parent | 7675c4ca52b4e34b9e411b6aee3b31fc129e7b50 (diff) | |
parent | a2f2f15c5ac0e4d37f8c8e3dcbacab696c832404 (diff) |
Merge remote-tracking branch 'cd/master'
-rw-r--r-- | Makefile | 22 | ||||
-rw-r--r-- | nixpkgs/default.nix | 1 | ||||
-rw-r--r-- | nixpkgs/nixos/default.nix | 65 | ||||
l--------- | nixpkgs/nixos/modules | 1 | ||||
-rw-r--r-- | tv/1systems/cd.nix | 5 | ||||
-rw-r--r-- | tv/1systems/wu.nix | 2 | ||||
-rw-r--r-- | tv/1systems/xu.nix | 2 | ||||
-rw-r--r-- | tv/2configs/default.nix | 39 | ||||
-rw-r--r-- | tv/5pkgs/default.nix | 3 | ||||
-rw-r--r-- | tv/5pkgs/ejabberd/default.nix | 28 |
10 files changed, 145 insertions, 23 deletions
@@ -24,7 +24,27 @@ else ifdef system deploy infest:;@ export get=krebs.$@ export filter=json - make -s eval | sh + script=$$(make -s eval) + echo "$$script" | sh + +.PHONY: deploy2 +ifdef target +deploy2: export target-host = $(target) +else +deploy2: export target-host = $(system) +endif +deploy2:;@ + target=$${target-$$system} + result=$$(nix-instantiate \ + --json \ + --eval \ + krebs/populate.nix \ + --arg source 'with (import ~/stockholm {}).users.$(LOGNAME).$(system).config.krebs.build; assert source-version == 2; source' \ + --argstr target-host "$$target" \ + --argstr target-path /var/src) + script=$$(echo "$$result" | jq -r .) + echo "$$script" | sh + ssh root@$$target nixos-rebuild switch -I /var/src .PHONY: eval eval: diff --git a/nixpkgs/default.nix b/nixpkgs/default.nix new file mode 100644 index 0000000..92da82c --- /dev/null +++ b/nixpkgs/default.nix @@ -0,0 +1 @@ +import <upstream-nixpkgs> diff --git a/nixpkgs/nixos/default.nix b/nixpkgs/nixos/default.nix new file mode 100644 index 0000000..6c5adf3 --- /dev/null +++ b/nixpkgs/nixos/default.nix @@ -0,0 +1,65 @@ +{ configuration ? import <upstream-nixpkgs/nixos/lib/from-env.nix> "NIXOS_CONFIG" <nixos-config> +, system ? builtins.currentSystem +}: + +let + eval-config = modules: import <upstream-nixpkgs/nixos/lib/eval-config.nix> { + inherit system; + modules = modules ++ [({ config, lib, ... }: with lib; { + imports = filter dir.has-default-nix (concatLists [ + (map (p: p + "/2configs") [ <stockholm-private> ]) + (map (p: p + "/3modules") [ <stockholm-krebs> <stockholm-private> ]) + ]); + + krebs.current = { + enable = true; + host = config.krebs.hosts.${readFile /proc/sys/kernel/hostname}; + user = config.krebs.users.${getEnv "LOGNAME"}; + }; + + nixpkgs.config.packageOverrides = pkgs: let + kpkgs = import <stockholm-krebs/5pkgs> { inherit lib pkgs; }; + upkgs = import <stockholm-private/5pkgs> { inherit lib; pkgs = pkgs // kpkgs; }; + in kpkgs // upkgs; + })]; + specialArgs = { + lib = let + nlib = import <upstream-nixpkgs/lib> // builtins; + klib = nlib // import <stockholm-krebs/4lib> { lib = nlib; }; + ulib = klib // (with klib; let p = <stockholm-private> + "/4lib"; in + optionalAttrs (dir.has-default-nix p) + (import p { lib = klib; })); + in ulib; + }; + }; + + eval = eval-config [ + configuration + ]; + + # This is for `nixos-rebuild build-vm'. + vm = eval-config [ + configuration + <upstream-nixpkgs/nixos/modules/virtualisation/qemu-vm.nix> + ]; + + # This is for `nixos-rebuild build-vm-with-bootloader'. + vm-with-bootloader = eval-config [ + configuration + <upstream-nixpkgs/nixos/modules/virtualisation/qemu-vm.nix> + { virtualisation.useBootLoader = true; } + ]; +in + +{ + inherit (eval) config options; + + system = eval.config.system.build.toplevel; + + vm = vm.config.system.build.vm; + + vmWithBootLoader = vm-with-bootloader.config.system.build.vm; + + # The following are used by nixos-rebuild. + nixFallback = eval.pkgs.nixUnstable; +} diff --git a/nixpkgs/nixos/modules b/nixpkgs/nixos/modules new file mode 120000 index 0000000..8fbc437 --- /dev/null +++ b/nixpkgs/nixos/modules @@ -0,0 +1 @@ +../../upstream-nixpkgs/nixos/modules
\ No newline at end of file diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 8c2a9ae..b69d765 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -6,6 +6,11 @@ with lib; krebs.build.host = config.krebs.hosts.cd; krebs.build.target = "root@cd.internet"; + krebs.build.source.upstream-nixpkgs = { + url = https://github.com/NixOS/nixpkgs; + rev = "b7ff030"; + }; + imports = [ ../2configs/hw/CAC-Developer-2.nix ../2configs/fs/CAC-CentOS-7-64bit.nix diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 54ceb77..3bdf8d3 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -18,7 +18,7 @@ with lib; # stockholm gnumake hashPassword - lentil + haskellPackages.lentil parallel (pkgs.writeScriptBin "im" '' #! ${pkgs.bash}/bin/bash diff --git a/tv/1systems/xu.nix b/tv/1systems/xu.nix index 1f3e010..e6894b5 100644 --- a/tv/1systems/xu.nix +++ b/tv/1systems/xu.nix @@ -21,7 +21,7 @@ with lib; # stockholm gnumake hashPassword - lentil + haskellPackages.lentil parallel (pkgs.writeScriptBin "im" '' #! ${pkgs.bash}/bin/bash diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index d3a1778..3100770 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -8,20 +8,23 @@ with lib; krebs.build = { user = config.krebs.users.tv; target = mkDefault "root@${config.krebs.build.host.name}"; - source = { - git.nixpkgs = { - url = mkDefault https://github.com/NixOS/nixpkgs; - rev = mkDefault "b7ff0301d6f26bd8419e888fd0e129f3dc8bd328"; - target-path = mkDefault "/var/src/nixpkgs"; + source-version = 2; + source = mapAttrs (_: mkDefault) ({ + nixos-config = "symlink:stockholm-private/1systems/${config.krebs.build.host.name}.nix"; + nixpkgs = symlink:stockholm-nixpkgs; + secrets = "/home/tv/secrets/${config.krebs.build.host.name}"; + secrets-common = "/home/tv/secrets/common"; + stockholm-krebs = "/home/tv/stockholm/krebs"; + stockholm-nixpkgs = "/home/tv/stockholm/nixpkgs"; + stockholm-private = "/home/tv/stockholm/tv"; + upstream-nixpkgs = { + url = https://github.com/NixOS/nixpkgs; + rev = "77f8f35d57618c1ba456d968524f2fb2c3448295"; + dev = "/home/tv/nixpkgs"; }; - dir.secrets = { - path = mkDefault "/home/tv/secrets/${config.krebs.build.host.name}"; - }; - dir.stockholm = { - path = mkDefault "/home/tv/stockholm"; - target-path = mkDefault "/var/src/stockholm"; - }; - }; + } // optionalAttrs config.krebs.build.host.secure { + secrets-master = "/home/tv/secrets/master"; + }); }; networking.hostName = config.krebs.build.host.name; @@ -98,12 +101,7 @@ with lib; }; environment.variables = { - NIX_PATH = - with config.krebs.build.source; with dir; with git; - mkForce (concatStringsSep ":" [ - "nixpkgs=${nixpkgs.target-path}" - "secrets=${stockholm.target-path}/null" - ]); + NIX_PATH = mkForce "/var/src"; }; programs.bash = { @@ -182,7 +180,8 @@ with lib; { systemd.tmpfiles.rules = let forUsers = flip map users; - isUser = { group, ... }: hasSuffix "users" group; + isUser = { name, group, ... }: + name == "root" || hasSuffix "users" group; users = filter isUser (mapAttrsToList (_: id) config.users.users); in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -"); environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME"; diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 2108d97..be10e91 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -11,6 +11,9 @@ --disk-cache-size=50000000 \ "%@" ''; + ejabberd = pkgs.callPackage ./ejabberd { + erlang = pkgs.erlangR16; + }; ff = pkgs.callPackage ./ff {}; viljetic-pages = pkgs.callPackage ./viljetic-pages {}; xmonad-tv = diff --git a/tv/5pkgs/ejabberd/default.nix b/tv/5pkgs/ejabberd/default.nix new file mode 100644 index 0000000..3a77c5c --- /dev/null +++ b/tv/5pkgs/ejabberd/default.nix @@ -0,0 +1,28 @@ +{stdenv, fetchurl, expat, erlang, zlib, openssl, pam, lib}: + +stdenv.mkDerivation rec { + version = "2.1.13"; + name = "ejabberd-${version}"; + src = fetchurl { + url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz"; + sha256 = "0vf8mfrx7vr3c5h3nfp3qcgwf2kmzq20rjv1h9sk3nimwir1q3d8"; + }; + buildInputs = [ expat erlang zlib openssl pam ]; + patchPhase = '' + sed -i \ + -e "s|erl \\\|${erlang}/bin/erl \\\|" \ + -e 's|EXEC_CMD=\"sh -c\"|EXEC_CMD=\"${stdenv.shell} -c\"|' \ + src/ejabberdctl.template + ''; + preConfigure = '' + cd src + ''; + configureFlags = ["--enable-pam"]; + + meta = { + description = "Open-source XMPP application server written in Erlang"; + license = stdenv.lib.licenses.gpl2; + homepage = http://www.ejabberd.im; + maintainers = [ lib.maintainers.sander ]; + }; +} |