From f703a41a36485a2eb95be6c7886d1999b344371c Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 13:57:43 +0100 Subject: shared 2 base: add makefu_omo to allowed pubkeys --- shared/2configs/base.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix index c9f4ffa..df41eae 100644 --- a/shared/2configs/base.nix +++ b/shared/2configs/base.nix @@ -64,6 +64,8 @@ with lib; # TODO config.krebs.users.lass.pubkey config.krebs.users.makefu.pubkey + # TODO HARDER: + (readFile ../../krebs/Zpubkeys/makefu_omo.ssh.pub) config.krebs.users.tv.pubkey ]; -- cgit v1.2.3 From 371e7446f1f7407ed66599dfbab9703793ae9dda Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 22:15:07 +0100 Subject: shared wolf: static ip, fix todo --- shared/1systems/wolf.nix | 21 ++++++++++++++++++++- shared/2configs/shack-drivedroid.nix | 18 ++++++++++++++++++ shared/2configs/shack-nix-cacher.nix | 25 +++++++++++++++++++++++++ 3 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 shared/2configs/shack-drivedroid.nix create mode 100644 shared/2configs/shack-nix-cacher.nix diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 4fe3388..30e6e1d 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -1,12 +1,31 @@ { config, lib, pkgs, ... }: +let + shack-ip = lib.head config.krebs.build.host.nets.shack.addrs4; + internal-ip = lib.head config.krebs.build.host.nets.retiolum.addrs4; +in { imports = [ ../2configs/base.nix ../2configs/collectd-base.nix + ../2configs/shack-nix-cacher.nix + ../2configs/shack-drivedroid.nix ]; + networking = { + interfaces.eth0.ip4 = [{ + address = shack-ip; + prefixLength = 20; + }]; + + defaultGateway = "10.42.0.1"; + nameservers = [ "8.8.8.8" ]; + }; + + ##################### + # uninteresting stuff + ##################### krebs.build.host = config.krebs.hosts.wolf; # TODO rename shared user to "krebs" krebs.build.user = config.krebs.users.shared; @@ -31,7 +50,7 @@ fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; swapDevices = [ - { device = "/dev/disk/by-label/swap"; } + { device = "/dev/disk/by-label/swap"; } ]; time.timeZone = "Europe/Berlin"; diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix new file mode 100644 index 0000000..294f3a3 --- /dev/null +++ b/shared/2configs/shack-drivedroid.nix @@ -0,0 +1,18 @@ +{ pkgs, lib, ... }: + +{ + krebs.nginx = { + enable = lib.mkDefault true; + servers = { + drivedroid-repo = { + server-names = [ "drivedroid.shack" ]; + # TODO: prepare this somehow + locations = lib.singleton (lib.nameValuePair "/" '' + root /var/srv/drivedroid + index main.json + ''); + }; + }; + }; + +} diff --git a/shared/2configs/shack-nix-cacher.nix b/shared/2configs/shack-nix-cacher.nix new file mode 100644 index 0000000..7519bb3 --- /dev/null +++ b/shared/2configs/shack-nix-cacher.nix @@ -0,0 +1,25 @@ +{ pkgs, lib, ... }: + +{ + krebs.nginx = { + enable = lib.mkDefault true; + servers = { + apt-cacher-ng = { + server-names = [ "acng.shack" ]; + locations = lib.singleton (lib.nameValuePair "/" '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://localhost:3142/; + ''); + }; + }; + }; + + krebs.apt-cacher-ng = { + enable = true; + port = 3142; + bindAddress = "localhost"; + cacheExpiration = 30; + }; +} -- cgit v1.2.3 From fd4964ea206844a4e52e9fa436fd737c003c2569 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 23:11:55 +0100 Subject: s 2 drivedroid: fix syntax error --- shared/2configs/shack-drivedroid.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix index 294f3a3..44b62a8 100644 --- a/shared/2configs/shack-drivedroid.nix +++ b/shared/2configs/shack-drivedroid.nix @@ -8,8 +8,8 @@ server-names = [ "drivedroid.shack" ]; # TODO: prepare this somehow locations = lib.singleton (lib.nameValuePair "/" '' - root /var/srv/drivedroid - index main.json + root /var/srv/drivedroid; + index main.json; ''); }; }; -- cgit v1.2.3 From 4223f2ba00589e07c40ba612dd3e0a8d70363519 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 17 Nov 2015 23:13:09 +0100 Subject: shared 1 wolf: add self to binaryCache --- shared/1systems/wolf.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 30e6e1d..8c5295b 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -12,8 +12,12 @@ in ../2configs/shack-nix-cacher.nix ../2configs/shack-drivedroid.nix ]; + # use your own binary cache, fallback use cache.nixos.org (which is used by + # apt-cacher-ng in first place) + nix.binaryCaches = [ "http://localhost:3142/nixos" "https://cache.nixos.org" ]; networking = { + firewall.enable = false; interfaces.eth0.ip4 = [{ address = shack-ip; prefixLength = 20; -- cgit v1.2.3 From 92749b0f50b812d28cb4664dbb04ca0f17231936 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 18 Nov 2015 14:05:54 +0100 Subject: unstable -> s 2 shack-drivedroid --- shared/2configs/shack-drivedroid.nix | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/shared/2configs/shack-drivedroid.nix b/shared/2configs/shack-drivedroid.nix index 44b62a8..66940bc 100644 --- a/shared/2configs/shack-drivedroid.nix +++ b/shared/2configs/shack-drivedroid.nix @@ -1,6 +1,30 @@ -{ pkgs, lib, ... }: - +{ pkgs, lib, config, ... }: +let + repodir = "/var/srv/drivedroid"; + srepodir = lib.shell.escape repodir; +in { + systemd.paths.drivedroid = { + wantedBy = [ "multi-user.target" ]; + Description = "triggers for changes in drivedroid dir"; + pathConfig = { + PathModified = repodir; + }; + }; + + systemd.services.drivedroid = { + ServiceConfig = { + ExecStartPre = pkgs.writeScript "prepare-drivedroid-repo-gen" '' + #!/bin/sh + mkdir -p ${srepodir}/repos + ''; + ExecStart = pkgs.writeScript "start-drivedroid-repo-gen" '' + #!/bin/sh + {pkgs.drivedroid-gen-repo}/bin/drivedroid-gen-repo --chdir "${srepodir}" repos/ > "${srepodir}/main.json" + ''; + }; + }; + krebs.nginx = { enable = lib.mkDefault true; servers = { @@ -8,7 +32,7 @@ server-names = [ "drivedroid.shack" ]; # TODO: prepare this somehow locations = lib.singleton (lib.nameValuePair "/" '' - root /var/srv/drivedroid; + root ${repodir}; index main.json; ''); }; -- cgit v1.2.3