From e2d2b68cbbc7e92ca7632ffc96c899aaeb8bd7e2 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 28 Jul 2015 20:19:54 +0200 Subject: makefu:rename to user-toplevel structure --- 2configs/makefu/base.nix | 99 --------------------------------------- 2configs/makefu/cgit-retiolum.nix | 70 --------------------------- 2 files changed, 169 deletions(-) delete mode 100644 2configs/makefu/base.nix delete mode 100644 2configs/makefu/cgit-retiolum.nix (limited to '2configs') diff --git a/2configs/makefu/base.nix b/2configs/makefu/base.nix deleted file mode 100644 index b052b13..0000000 --- a/2configs/makefu/base.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -{ - imports = [ ]; - krebs.enable = true; - krebs.search-domain = "retiolum"; - - networking.hostName = config.krebs.build.host.name; - users.extraUsers = { - root = { - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; - makefu = { - uid = 9001; - group = "users"; - home = "/home/makefu"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - "wheel" - ]; - openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ]; - }; - }; - - services.openssh.enable = true; - nix.useChroot = true; - - users.mutableUsers = true; - - boot.tmpOnTmpfs = true; - systemd.tmpfiles.rules = [ - "d /tmp 1777 root root - -" - ]; - - environment.extraInit = '' - EDITOR=vim - ''; - - environment.systemPackages = with pkgs; [ - git - vim - gnumake - rxvt_unicode.terminfo - ]; - - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=900001 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - ''; - - promptInit = '' - case $UID in - 0) PS1='\[\e[1;31m\]\w\[\e[0m\] ' ;; - 9001) PS1='\[\e[1;32m\]\w\[\e[0m\] ' ;; - *) PS1='\[\e[1;35m\]\u \[\e[1;32m\]\w\[\e[0m\] ' ;; - esac - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - fi - ''; - }; - - environment.shellAliases = { - lsl = "ls -lAtr"; - }; - - nixpkgs.config.packageOverrides = pkgs: { - nano = pkgs.runCommand "empty" {} "mkdir -p $out"; - }; - - services.cron.enable = false; - services.nscd.enable = false; - - security.setuidPrograms = [ "sendmail" ]; - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - # Enable IPv6 Privacy Extensions - boot.kernel.sysctl = { - "net.ipv6.conf.all.use_tempaddr" = 2; - "net.ipv6.conf.default.use_tempaddr" = 2; - }; - - i18n = { - consoleKeyMap = "us"; - defaultLocale = "en_US.UTF-8"; - }; -} diff --git a/2configs/makefu/cgit-retiolum.nix b/2configs/makefu/cgit-retiolum.nix deleted file mode 100644 index 7b8e3bc..0000000 --- a/2configs/makefu/cgit-retiolum.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config, lib, pkgs, ... }: -# TODO: remove tv lib :) -with import ../../4lib/tv { inherit lib pkgs; }; -let - - out = { - imports = [ ../../3modules/krebs/git.nix ]; - krebs.git = { - enable = true; - root-title = "public repositories "; - root-desc = "keep on krebsing"; - inherit repos rules; - }; - }; - repos = priv-repos // krebs-repos ; - rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos); - - krebs-repos = mapAttrs make-krebs-repo { - stockholm = { - desc = "take all the computers hostage, they'll love you!"; - }; - }; - - priv-repos = mapAttrs make-priv-repo { - autosync = { }; - }; - - - # TODO move users to separate module - make-priv-repo = name: { desc ? null, ... }: { - inherit name desc; - public = false; - }; - - make-krebs-repo = with git; name: { desc ? null, ... }: { - inherit name desc; - public = true; - hooks = { - post-receive = git.irc-announce { - nick = config.networking.hostName; - channel = "#retiolum"; - server = "cd.retiolum"; - }; - }; - }; - - set-owners = with git; repo: user: - singleton { - inherit user; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - }; - - set-ro-access = with git; repo: user: - optional repo.public { - inherit user; - repo = [ repo ]; - perm = fetch; - }; - - # TODO: get the list of all krebsministers - krebsminister = with config.krebs.users; [ lass tv uriel ]; - - priv-rules = with config.krebs.users; repo: - set-owners repo [ makefu ]; - - krebs-rules = with config.krebs.users; repo: - set-owners repo [ makefu ] ++ set-ro-access repo krebsminister ; - -in out -- cgit v1.2.3