diff options
62 files changed, 410 insertions, 80 deletions
@@ -4,14 +4,16 @@ endif export target_host ?= $(system) export target_user ?= root +export target_port ?= 22 export target_path ?= /var/src evaluate = \ nix-instantiate \ - --arg configuration ./$(LOGNAME)/1systems/$(system).nix \ --eval \ --readonly-mode \ --show-trace \ + -I nixos-config=./$(LOGNAME)/1systems/$(system).nix \ + -I stockholm=. \ $(1) execute = \ @@ -22,19 +24,20 @@ execute = \ # usage: make deploy system=foo [target_host=bar] deploy: $(call execute,populate) - ssh $(target_user)@$(target_host) nixos-rebuild switch -I $(target_path) + ssh $(target_user)@$(target_host) -p $(target_port) \ + nixos-rebuild switch --show-trace -I $(target_path) # usage: make LOGNAME=shared system=wolf eval.config.krebs.build.host.name eval eval.:;@$(call evaluate) eval.%:;@$(call evaluate,-A $*) # usage: make install system=foo [target_host=bar] -install: ssh = ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null +install: ssh ?= ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null install: - $(ssh) $(target_user)@$(target_host) \ + $(ssh) $(target_user)@$(target_host) -p $(target_port) \ env target_path=$(target_path) \ sh -s prepare < krebs/4lib/infest/prepare.sh target_path=/mnt$(target_path) $(call execute,populate) - $(ssh) $(target_user)@$(target_host) \ + $(ssh) $(target_user)@$(target_host) -p $(target_port) \ env NIXOS_CONFIG=$(target_path)/nixos-config \ nixos-install diff --git a/miefda/1systems/bobby.nix b/miefda/1systems/bobby.nix index d245952..b85e686 100644 --- a/miefda/1systems/bobby.nix +++ b/miefda/1systems/bobby.nix @@ -7,7 +7,7 @@ { imports = [ # Include the results of the hardware scan. - + ../. ../2configs/miefda.nix ../2configs/tlp.nix ../2configs/x220t.nix diff --git a/miefda/2configs/git.nix b/miefda/2configs/git.nix index fec828f..052cc4a 100644 --- a/miefda/2configs/git.nix +++ b/miefda/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let diff --git a/miefda/2configs/miefda.nix b/miefda/2configs/miefda.nix index 545987a..f17e8aa 100644 --- a/miefda/2configs/miefda.nix +++ b/miefda/2configs/miefda.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { #networking.wicd.enable = true; diff --git a/miefda/2configs/tinc-basic-retiolum.nix b/miefda/2configs/tinc-basic-retiolum.nix index b31fe15..f82fd6b 100644 --- a/miefda/2configs/tinc-basic-retiolum.nix +++ b/miefda/2configs/tinc-basic-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.retiolum = { enable = true; diff --git a/miefda/2configs/tlp.nix b/miefda/2configs/tlp.nix index 0e1bb0d..32f4f2e 100644 --- a/miefda/2configs/tlp.nix +++ b/miefda/2configs/tlp.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { hardware.enableAllFirmware = true; nixpkgs.config.allowUnfree = true; diff --git a/miefda/2configs/x220t.nix b/miefda/2configs/x220t.nix index bea84f7..2d128e5 100644 --- a/miefda/2configs/x220t.nix +++ b/miefda/2configs/x220t.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { services.xserver = { diff --git a/miefda/default.nix b/miefda/default.nix new file mode 100644 index 0000000..7f275c2 --- /dev/null +++ b/miefda/default.nix @@ -0,0 +1,6 @@ +_: +{ + imports = [ + ../krebs + ]; +} diff --git a/mv/1systems/stro.nix b/mv/1systems/stro.nix index 3915219..f251cb0 100644 --- a/mv/1systems/stro.nix +++ b/mv/1systems/stro.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.build.host = config.krebs.hosts.stro; @@ -9,6 +9,7 @@ with lib; "7ae05edcdd14f6ace83ead9bf0d114e97c89a83a"; imports = [ + ../. ../2configs/hw/x220.nix ../2configs/git.nix ../2configs/mail-client.nix diff --git a/mv/2configs/default.nix b/mv/2configs/default.nix index 9c41209..d93218a 100644 --- a/mv/2configs/default.nix +++ b/mv/2configs/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let HOME = getEnv "HOME"; in diff --git a/mv/2configs/git.nix b/mv/2configs/git.nix index c182d0d..933649f 100644 --- a/mv/2configs/git.nix +++ b/mv/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let diff --git a/mv/2configs/vim.nix b/mv/2configs/vim.nix index a961b6b..adf1da9 100644 --- a/mv/2configs/vim.nix +++ b/mv/2configs/vim.nix @@ -1,6 +1,6 @@ -{ lib, pkgs, ... }: +{ config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let out = { environment.systemPackages = [ diff --git a/mv/2configs/xserver/Xresources.nix b/mv/2configs/xserver/Xresources.nix index f287bf2..9235727 100644 --- a/mv/2configs/xserver/Xresources.nix +++ b/mv/2configs/xserver/Xresources.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; pkgs.writeText "Xresources" '' !URxvt*background: #050505 diff --git a/mv/2configs/xserver/default.nix b/mv/2configs/xserver/default.nix index 44539c5..3d4aa88 100644 --- a/mv/2configs/xserver/default.nix +++ b/mv/2configs/xserver/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }@args: -with lib; +with config.krebs.lib; let # TODO krebs.build.user diff --git a/mv/2configs/xserver/xserver.conf.nix b/mv/2configs/xserver/xserver.conf.nix index e8a997a..c452b42 100644 --- a/mv/2configs/xserver/xserver.conf.nix +++ b/mv/2configs/xserver/xserver.conf.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let cfg = config.services.xserver; diff --git a/mv/3modules/iptables.nix b/mv/3modules/iptables.nix index cbf49f5..b2b41bf 100644 --- a/mv/3modules/iptables.nix +++ b/mv/3modules/iptables.nix @@ -1,13 +1,12 @@ { config, lib, pkgs, ... }: -with builtins; -with lib; +with config.krebs.lib; let cfg = config.tv.iptables; out = { options.tv.iptables = api; - config = mkIf cfg.enable imp; + config = lib.mkIf cfg.enable imp; }; api = { diff --git a/nixpkgs/default.nix b/nixpkgs/default.nix deleted file mode 100644 index 1fe99b0..0000000 --- a/nixpkgs/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -_: - -(import <stockholm> { - configuration = {}; -}).pkgs diff --git a/nixpkgs/krebs b/nixpkgs/krebs deleted file mode 100644 index e69de29..0000000 --- a/nixpkgs/krebs +++ /dev/null diff --git a/nixpkgs/lib b/nixpkgs/lib deleted file mode 120000 index 7b13c80..0000000 --- a/nixpkgs/lib +++ /dev/null @@ -1 +0,0 @@ -../../upstream-nixpkgs/lib
\ No newline at end of file diff --git a/nixpkgs/nixos/default.nix b/nixpkgs/nixos/default.nix deleted file mode 100644 index 4fe08ef..0000000 --- a/nixpkgs/nixos/default.nix +++ /dev/null @@ -1 +0,0 @@ -import <stockholm> diff --git a/nixpkgs/nixos/lib b/nixpkgs/nixos/lib deleted file mode 120000 index 9e69d1a..0000000 --- a/nixpkgs/nixos/lib +++ /dev/null @@ -1 +0,0 @@ -../../../upstream-nixpkgs/nixos/lib
\ No newline at end of file diff --git a/nixpkgs/nixos/modules b/nixpkgs/nixos/modules deleted file mode 120000 index 8aa2488..0000000 --- a/nixpkgs/nixos/modules +++ /dev/null @@ -1 +0,0 @@ -../../../upstream-nixpkgs/nixos/modules
\ No newline at end of file @@ -1 +0,0 @@ -../stockholm-user
\ No newline at end of file diff --git a/shared/1systems/test-all-krebs-modules.nix b/shared/1systems/test-all-krebs-modules.nix index b98004d..e1021c7 100644 --- a/shared/1systems/test-all-krebs-modules.nix +++ b/shared/1systems/test-all-krebs-modules.nix @@ -2,6 +2,9 @@ let en = { enable = true;}; in { + imports = [ + ../. + ]; krebs = { enable = true; build.user = config.krebs.users.shared; diff --git a/shared/1systems/test-arch.nix b/shared/1systems/test-arch.nix index ece2094..14fc038 100644 --- a/shared/1systems/test-arch.nix +++ b/shared/1systems/test-arch.nix @@ -2,6 +2,7 @@ { imports = [ + ../. ../2configs/base.nix { boot.loader.grub = { diff --git a/shared/1systems/test-centos6.nix b/shared/1systems/test-centos6.nix index a8b5f9b..8add0b7 100644 --- a/shared/1systems/test-centos6.nix +++ b/shared/1systems/test-centos6.nix @@ -7,6 +7,7 @@ let gw = "168.235.148.1"; in { imports = [ + ../. ../2configs/base.nix ../2configs/os-templates/CAC-CentOS-6.5-64bit.nix { diff --git a/shared/1systems/test-centos7.nix b/shared/1systems/test-centos7.nix index 48cecc8..65daff5 100644 --- a/shared/1systems/test-centos7.nix +++ b/shared/1systems/test-centos7.nix @@ -5,6 +5,7 @@ let in { imports = [ + ../. ../2configs/base.nix ../2configs/os-templates/CAC-CentOS-7-64bit.nix ../2configs/temp/networking.nix diff --git a/shared/1systems/test-failing.nix b/shared/1systems/test-failing.nix index 81a9e48..fe1c2cb 100644 --- a/shared/1systems/test-failing.nix +++ b/shared/1systems/test-failing.nix @@ -1,6 +1,9 @@ { config, pkgs, ... }: { + imports = [ + ../. + ]; programs.ssh.startAgent = true; programs.ssh.startAgent = false; } diff --git a/shared/1systems/test-minimal-deploy.nix b/shared/1systems/test-minimal-deploy.nix index 309e289..bec2b38 100644 --- a/shared/1systems/test-minimal-deploy.nix +++ b/shared/1systems/test-minimal-deploy.nix @@ -1,5 +1,8 @@ { config, pkgs, lib, ... }: { + imports = [ + ../. + ]; krebs = { enable = true; build.user = config.krebs.users.shared; diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 588ec1b..96691ae 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -6,6 +6,7 @@ let in { imports = [ + ../. ../2configs/base.nix <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ../2configs/collectd-base.nix diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix index 715397e..9f998b5 100644 --- a/shared/2configs/base.nix +++ b/shared/2configs/base.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.enable = true; krebs.retiolum = { @@ -16,7 +16,7 @@ with lib; # TODO rename shared user to "krebs" krebs.build.user = mkDefault config.krebs.users.shared; krebs.build.source = { - upstream-nixpkgs = mkDefault { + nixpkgs = mkDefault { url = https://github.com/NixOS/nixpkgs; rev = "77f8f35d57618c1ba456d968524f2fb2c3448295"; # for urlwatch-minidb }; @@ -24,8 +24,6 @@ with lib; stockholm = mkDefault "${getEnv "HOME"}/stockholm"; nixos-config = "symlink:stockholm/${config.krebs.build.user.name}/1systems/${config.krebs.build.host.name}.nix"; - nixpkgs = symlink:stockholm/nixpkgs; - stockholm-user = "symlink:stockholm/${config.krebs.build.user.name}"; }; networking.hostName = config.krebs.build.host.name; diff --git a/shared/2configs/cgit-mirror.nix b/shared/2configs/cgit-mirror.nix index 0794ee4..b984535 100644 --- a/shared/2configs/cgit-mirror.nix +++ b/shared/2configs/cgit-mirror.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let rules = with git; singleton { user = [ wolf-repo-sync ]; diff --git a/shared/2configs/collectd-base.nix b/shared/2configs/collectd-base.nix index 3b792bf..9c63dcd 100644 --- a/shared/2configs/collectd-base.nix +++ b/shared/2configs/collectd-base.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: # TODO: krebs.collectd.plugins -with lib; +with config.krebs.lib; let connect-time-cfg = with pkgs; writeText "collectd-connect-time.conf" '' LoadPlugin python diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix index 707ec6e..37c6b09 100644 --- a/shared/2configs/graphite.nix +++ b/shared/2configs/graphite.nix @@ -5,7 +5,7 @@ # TODO: krebs.graphite.minimal.enable # TODO: configure firewall -with lib; +with config.krebs.lib; { imports = [ ]; diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix index 19724ac..ebf5f4a 100644 --- a/shared/2configs/shared-buildbot.nix +++ b/shared/2configs/shared-buildbot.nix @@ -64,7 +64,7 @@ # prepare nix-shell # the dependencies which are used by the test script deps = [ "gnumake", "jq","nix","rsync", - "(import <stockholm> {}).pkgs.test.infest-cac-centos7" ] + "(import <stockholm>).pkgs.test.infest-cac-centos7" ] # TODO: --pure , prepare ENV in nix-shell command: # SSL_CERT_FILE,LOGNAME,NIX_REMOTE nixshell = ["nix-shell", diff --git a/shared/default.nix b/shared/default.nix new file mode 100644 index 0000000..69b4aba --- /dev/null +++ b/shared/default.nix @@ -0,0 +1,7 @@ +_: +{ + imports = [ + ../krebs + ./3modules + ]; +} diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index b96548d..9b63826 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -1,11 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.build.host = config.krebs.hosts.cd; imports = [ + ../. ../2configs/hw/CAC-Developer-2.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix diff --git a/tv/1systems/mkdir.nix b/tv/1systems/mkdir.nix index 2010dcd..58a8fdc 100644 --- a/tv/1systems/mkdir.nix +++ b/tv/1systems/mkdir.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let # TODO merge with lass @@ -19,6 +19,7 @@ in krebs.build.host = config.krebs.hosts.mkdir; imports = [ + ../. ../2configs/hw/CAC-Developer-1.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index 37ef204..2c9775d 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -1,11 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.build.host = config.krebs.hosts.nomic; imports = [ + ../. ../2configs/hw/AO753.nix ../2configs/exim-retiolum.nix ../2configs/git.nix diff --git a/tv/1systems/rmdir.nix b/tv/1systems/rmdir.nix index 4005b5e..c54caa6 100644 --- a/tv/1systems/rmdir.nix +++ b/tv/1systems/rmdir.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; let # TODO merge with lass @@ -19,6 +19,7 @@ in krebs.build.host = config.krebs.hosts.rmdir; imports = [ + ../. ../2configs/hw/CAC-Developer-1.nix ../2configs/fs/CAC-CentOS-7-64bit.nix ../2configs/exim-smarthost.nix diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index 4ed13a0..6154e4d 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -1,11 +1,12 @@ { config, lib, pkgs, ... }: -with lib; +with config.krebs.lib; { krebs.build.host = config.krebs.hosts.wu; imports = [ + ../. ../2configs/hw/w110er.nix ../2configs/exim-retiolum.nix ../2configs/git.nix @@ -191,8 +192,6 @@ with lib; "d /tmp 1777 root root - -" # does this work with mounted /tmp? ]; - virtualisation.libvirtd.enable = true; - services.udev.extraRules = '' SUBSYSTEM=="net", ATTR{address}=="00:90:f5:da:aa:c3", NAME="en0" SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:1b:ae:6c", NAME="wl0" @@ -211,5 +210,4 @@ with lib; services.tor.client.enable = true; services.tor.enable = true; services.virtualboxHost.enable = true; - } diff --git a/tv/1systems/xu-qemu0.nix b/tv/1systems/xu-qemu0.nix new file mode 100644 index 0000000..8945c19 --- / |