Merge remote-tracking branch 'pnp/master'

6 files changed, 1 insertions, 238 deletions

diff --git a/0make/makefu/pnp.makefile b/0make/makefu/pnp.makefile
deleted file mode 100644
index a18efe0..0000000
--- a/0make/makefu/pnp.makefile
+++ /dev/null
@@ -1,4 +0,0 @@
-deploy_host := root@pnp
-nixpkgs_url := https://github.com/nixos/nixpkgs
-nixpkgs_rev := 4c01e6d91993b6de128795f4fbdd25f6227fb870
-secrets_dir := /home/makefu/secrets/pnp
diff --git a/1systems/makefu/pnp.nix b/1systems/makefu/pnp.nix
deleted file mode 100644
index 1019c4d..0000000
--- a/1systems/makefu/pnp.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-  imports =
-    [ # Include the results of the hardware scan.
-      <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
-      ../../2configs/makefu/base.nix
-      ../../2configs/makefu/cgit-retiolum.nix
-    ];
-  krebs.build.host = config.krebs.hosts.pnp;
-
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-  boot.loader.grub.device = "/dev/vda";
-
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-  hardware.enableAllFirmware = true;
-  hardware.cpu.amd.updateMicrocode = true;
-
-# networking.firewall is enabled by default
-  networking.firewall.allowedTCPPorts = [ 80 ];
-
-  fileSystems."/" =
-  { device = "/dev/disk/by-label/nixos";
-    fsType = "ext4";
-  };
-  krebs.retiolum = {
-    enable = true;
-    hosts = ../../Zhosts;
-    connectTo = [
-      "gum"
-      "pigstarter"
-      "fastpoke"
-    ];
-  };
-
-# $ nix-env -qaP | grep wget
-    environment.systemPackages = with pkgs; [
-      jq
-    ];
-}
diff --git a/2configs/makefu/base.nix b/2configs/makefu/base.nix
deleted file mode 100644
index b052b13..0000000
--- a/2configs/makefu/base.nix
+++ /dev/null
@@ -1,99 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-{
-  imports = [ ];
-  krebs.enable = true;
-  krebs.search-domain = "retiolum";
-
-  networking.hostName = config.krebs.build.host.name;
-  users.extraUsers = {
-    root = {
-        openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
-    };
-    makefu = {
-      uid = 9001;
-      group = "users";
-      home = "/home/makefu";
-      createHome = true;
-      useDefaultShell = true;
-      extraGroups = [
-        "wheel"
-      ];
-        openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
-    };
-  };
-
-  services.openssh.enable = true;
-  nix.useChroot = true;
-
-  users.mutableUsers = true;
-
-  boot.tmpOnTmpfs = true;
-  systemd.tmpfiles.rules = [
-    "d /tmp 1777 root root - -"
-  ];
-
-  environment.extraInit = ''
-    EDITOR=vim
-    '';
-
-  environment.systemPackages = with pkgs; [
-      git
-      vim
-      gnumake
-      rxvt_unicode.terminfo
-  ];
-
-  programs.bash = {
-    enableCompletion = true;
-    interactiveShellInit = ''
-      HISTCONTROL='erasedups:ignorespace'
-      HISTSIZE=900001
-      HISTFILESIZE=$HISTSIZE
-
-      shopt -s checkhash
-      shopt -s histappend histreedit histverify
-      shopt -s no_empty_cmd_completion
-      complete -d cd
-      '';
-
-    promptInit = ''
-      case $UID in
-         0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;;
-      9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;;
-         *) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;;
-      esac
-      if test -n "$SSH_CLIENT"; then
-        PS1='\[\033[35m\]\h'" $PS1"
-      fi
-      '';
-  };
-
-  environment.shellAliases = {
-    lsl = "ls -lAtr";
-  };
-
-  nixpkgs.config.packageOverrides = pkgs: {
-    nano = pkgs.runCommand "empty" {} "mkdir -p $out";
-  };
-
-  services.cron.enable = false;
-  services.nscd.enable = false;
-
-  security.setuidPrograms = [ "sendmail" ];
-  services.journald.extraConfig = ''
-    SystemMaxUse=1G
-    RuntimeMaxUse=128M
-    '';
-  # Enable IPv6 Privacy Extensions
-  boot.kernel.sysctl = {
-    "net.ipv6.conf.all.use_tempaddr" = 2;
-    "net.ipv6.conf.default.use_tempaddr" = 2;
-  };
-
-  i18n = {
-    consoleKeyMap = "us";
-    defaultLocale = "en_US.UTF-8";
-  };
-}
diff --git a/2configs/makefu/cgit-retiolum.nix b/2configs/makefu/cgit-retiolum.nix
deleted file mode 100644
index d0351a9..0000000
--- a/2configs/makefu/cgit-retiolum.nix
+++ /dev/null
@@ -1,69 +0,0 @@
-{ config, lib, pkgs, ... }:
-# TODO: remove tv lib :)
-with import ../../4lib/tv { inherit lib pkgs; };
-let
-
-  repos = priv-repos // krebs-repos ;
-  rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos);
-
-  krebs-repos = mapAttrs make-krebs-repo {
-    stockholm = {
-      desc = "take all the computers hostage, they'll love you!";
-    };
-  };
-
-  priv-repos = mapAttrs make-priv-repo {
-    autosync = { };
-  };
-
-
-  # TODO move users to separate module
-  make-priv-repo = name: { desc ? null, ... }: {
-    inherit name desc;
-    public = false;
-  };
-
-  make-krebs-repo = with git; name: { desc ? null, ... }: {
-    inherit name desc;
-    public = true;
-    hooks = {
-      post-receive = git.irc-announce {
-        nick = config.networking.hostName;
-        channel = "#retiolum";
-        server = "cd.retiolum";
-      };
-    };
-  };
-
-  set-owners = with git; repo: user:
-      singleton {
-        inherit user;
-        repo = [ repo ];
-        perm = push "refs/*" [ non-fast-forward create delete merge ];
-      };
-
-  set-ro-access = with git; repo: user:
-      optional repo.public {
-        inherit user;
-        repo = [ repo ];
-        perm = fetch;
-      };
-
-  # TODO: get the list of all krebsministers
-  krebsminister = with config.krebs.users; [ lass tv uriel ];
-
-  priv-rules = with config.krebs.users; repo:
-    set-owners repo [ makefu ];
-
-  krebs-rules = with config.krebs.users; repo:
-    set-owners repo [ makefu ] ++ set-ro-access repo krebsminister ;
-
-in {
-  imports = [ ../../3modules/krebs/git.nix ];
-  krebs.git = {
-    enable = true;
-    root-title = "public repositories ";
-    root-desc = "keep on krebsing";
-    inherit repos rules;
-  };
-}
diff --git a/3modules/makefu/default.nix b/3modules/makefu/default.nix
deleted file mode 100644
index 45ca8c3..0000000
--- a/3modules/makefu/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{ config, lib, ... }:
-
-with import ../../4lib/krebs { inherit lib; };
-let
-  cfg = config.krebs;
-
-  out = {
-    imports = [
-    ];
-    options.krebs = api;
-    config = mkIf cfg.enable imp;
-  };
-
-  api = { };
-
-  imp = { };
-
-in
-out
diff --git a/Zpubkeys/makefu_omo.ssh.pub b/Zpubkeys/makefu_omo.ssh.pub
new file mode 100644
index 0000000..5567040
--- /dev/null
+++ b/Zpubkeys/makefu_omo.ssh.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch