summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lass@lassul.us>2017-05-12 19:30:07 +0200
committerlassulus <lass@lassul.us>2017-05-12 19:30:07 +0200
commit58a7a56eeffe3f95beaab6d19d37c58a81b022f5 (patch)
tree385104ae2e65956c5529bac9213d066070d9d3cf
parentd04f5af71e0861210a6a307aa8d3289abed2ada8 (diff)
parent39c264108329a412446c091852dd5a655da38b27 (diff)
Merge remote-tracking branch 'gum/master'
-rw-r--r--krebs/3modules/makefu/default.nix26
-rw-r--r--makefu/1systems/gum.nix11
-rw-r--r--makefu/1systems/studio.nix75
-rw-r--r--makefu/1systems/tsp.nix2
-rw-r--r--makefu/1systems/wbob.nix31
-rw-r--r--makefu/1systems/x.nix2
-rw-r--r--makefu/2configs/audio/jack-on-pulse.nix45
-rw-r--r--makefu/2configs/audio/realtime-audio.nix12
-rw-r--r--makefu/2configs/avahi.nix8
-rw-r--r--makefu/2configs/backup.nix5
-rw-r--r--makefu/2configs/default.nix2
-rw-r--r--makefu/2configs/deployment/led-fader.nix39
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix1
-rw-r--r--makefu/2configs/gui/base.nix (renamed from makefu/2configs/base-gui.nix)4
-rw-r--r--makefu/2configs/gui/studio.nix22
-rw-r--r--makefu/2configs/gui/urxvtd.nix (renamed from makefu/2configs/urxvtd.nix)0
-rw-r--r--makefu/2configs/gui/wbob-kiosk.nix23
-rw-r--r--makefu/2configs/main-laptop.nix2
-rw-r--r--makefu/2configs/sources/default.nix7
-rw-r--r--makefu/2configs/sources/musnix.nix6
-rw-r--r--makefu/2configs/vncserver.nix62
-rw-r--r--makefu/3modules/server-config.nix5
-rw-r--r--makefu/3modules/taskserver.nix4
-rw-r--r--makefu/5pkgs/alsa-tools/default.nix4
-rw-r--r--makefu/5pkgs/novnc/default.nix41
-rw-r--r--makefu/5pkgs/shackie/default.nix33
26 files changed, 441 insertions, 31 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 650344981..33202d0ab 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -26,6 +26,31 @@ with import <stockholm/lib>;
};
};
};
+ studio = rec {
+ cores = 4;
+ ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqBR5gjJkR1TEIs2yx6JRoIOA7+/LJA6kjju8yCauFa studio";
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.227.163";
+ ip6.addr = "42:e23f:ae0e:ea25:72ff:4ab8:9bd9:38a6";
+ aliases = [
+ "studio.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAwAdSac8Oy5tPu7ejwojY5YqaNOfd7i0NToE+oaRJ1yxzmUpj8Fti
+ cGpcgBYhFXMVYoYfzLdkAlSYjWKAoShCq/ZEfIM67okXegXvL68zGksfXrmpdUuk
+ GCCy2/Ul5urvYEis9UeUpbe6tUxU0zXUWCkhMQgHeO2xQEizfIfWsUn5sYtFFoKI
+ jYbAcLbRtw+Islfih8G7ydPBh78WPGz6Xx79A5nmfI1VZDAToEqpqUoaqfzsTGd1
+ 78GZssE3o4veTmBFvLV3Fm/ltfXpzhAIcsi89V3RjrzFM7UMD8aV153OAzhddxIu
+ 8x6FibmMSzBXQDFuAac2+kp9mU0F0W4G1wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+
fileleech = rec {
cores = 4;
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
@@ -449,6 +474,7 @@ with import <stockholm/lib>;
nets = rec {
internet = {
ip4.addr = "188.68.40.19";
+ ip6.addr = "2a03:4000:17:2df::1";
aliases = [
"gum.i"
];
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 93ca8f643..92c446212 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -4,8 +4,11 @@ with import <stockholm/lib>;
let
external-mac = "3a:66:48:8e:82:b2";
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
external-gw = "188.68.40.1";
+ external-gw6 = "fe80::1";
external-netmask = 22;
+ external-netmask6 = 64;
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
in {
@@ -14,7 +17,7 @@ in {
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
../2configs/headless.nix
../2configs/fs/single-partition-ext4.nix
- ../2configs/smart-monitor.nix
+ # ../2configs/smart-monitor.nix
../2configs/git/cgit-retiolum.nix
../2configs/backup.nix
# ../2configs/mattermost-docker.nix
@@ -55,7 +58,6 @@ in {
# ../2configs/logging/central-logging-client.nix
];
- services.smartd.devices = [ { device = main-disk;} ];
makefu.dl-dir = "/var/download";
@@ -134,6 +136,11 @@ in {
address = external-ip;
prefixLength = external-netmask;
}];
+ interfaces.et0.ip6 = [{
+ address = external-ip6;
+ prefixLength = external-netmask6;
+ }];
+ defaultGateway6 = external-gw6;
defaultGateway = external-gw;
nameservers = [ "8.8.8.8" ];
};
diff --git a/makefu/1systems/studio.nix b/makefu/1systems/studio.nix
new file mode 100644
index 000000000..400d9f883
--- /dev/null
+++ b/makefu/1systems/studio.nix
@@ -0,0 +1,75 @@
+{ config, pkgs, ... }:
+{
+ imports = [
+ ../.
+ ../2configs/vncserver.nix
+ ../2configs/vim.nix
+ ../2configs/disable_v6.nix
+ ../2configs/jack-on-pulse.nix
+ ../2configs/gui/studio.nix
+
+ ];
+ makefu.gui.user = "user"; # we use an extra user
+ krebs = {
+ enable = true;
+ tinc.retiolum.enable = true;
+ build.host = config.krebs.hosts.studio;
+ };
+ networking.firewall.allowedTCPPorts = [ 655 ];
+ networking.firewall.allowedUDPPorts = [ 655 ];
+
+
+ environment.systemPackages = with pkgs;[
+ # audio foo
+ ## pulseaudio
+ pavucontrol
+ paprefs
+ pamixer
+
+ # extra alsa tools
+ alsa-hdspconf
+ alsa-hdspmixer
+ alsa-hdsploader
+
+ # recording
+ darkice
+ (mumble.override { jackSupport = true; })
+
+ # browsing
+ firefox
+ chromium
+ ];
+
+
+ nixpkgs.config.allowUnfree = true;
+ fonts = {
+ enableCoreFonts = true;
+ enableFontDir = true;
+ enableGhostscriptFonts = true;
+ fonts = [ ];
+ };
+ # ingos favorite display manager
+
+
+ # hardware
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.device = "/dev/sda";
+
+ boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ata_piix" "usb_storage" "sd_mod" ];
+ boot.kernelModules = [ ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" = {
+ device = "/dev/disk/by-uuid/0aeda516-230e-4c54-9e27-13515c2f3f21";
+ fsType = "ext4";
+ };
+
+ swapDevices = [ { device = "/dev/disk/by-uuid/1914af67-5a8f-41d3-a1c2-211c39605da9"; } ];
+ users.users.user = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" "audio" ];
+ uid = 1000;
+ openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
+ };
+}
diff --git a/makefu/1systems/tsp.nix b/makefu/1systems/tsp.nix
index 9809abf4c..25fc2b49b 100644
--- a/makefu/1systems/tsp.nix
+++ b/makefu/1systems/tsp.nix
@@ -7,7 +7,7 @@
imports =
[ # Include the results of the hardware scan.
../.
- ../2configs/base-gui.nix
+ ../2configs/gui/base.nix
../2configs/fs/sda-crypto-root.nix
# hardware specifics are in here
../2configs/hw/tp-x200.nix #< imports tp-x2x0.nix
diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix
index 43fbd6d2b..7f465ec72 100644
--- a/makefu/1systems/wbob.nix
+++ b/makefu/1systems/wbob.nix
@@ -1,20 +1,28 @@
{ config, pkgs, lib, ... }:
-let
+let
rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
+ user = config.makefu.gui.user;
in {
imports =
[ # Include the results of the hardware scan.
../.
../2configs/zsh-user.nix
- ../2configs/base-gui.nix
../2configs/tools/core.nix
../2configs/tools/core-gui.nix
../2configs/tools/extra-gui.nix
../2configs/tools/media.nix
../2configs/virtualization.nix
../2configs/tinc/retiolum.nix
+ ../2configs/mqtt.nix
+ ../2configs/deployment/led-fader.nix
+ # ../2configs/gui/wbob-kiosk.nix
+
+ ../2configs/gui/studio.nix
+ ../2configs/audio/jack-on-pulse.nix
+ ../2configs/audio/realtime-audio.nix
+ ../2configs/vncserver.nix
];
krebs = {
@@ -24,25 +32,10 @@ in {
swapDevices = [ { device = "/var/swap"; } ];
- services.xserver = {
- layout = lib.mkForce "de";
-
- windowManager = lib.mkForce {
- awesome.enable = false;
- default = "none";
- };
- desktopManager.xfce.enable = true;
-
- # xrandrHeads = [ "HDMI1" "HDMI2" ];
- # prevent screen from turning off, disable dpms
- displayManager.sessionCommands = ''
- xset s off -dpms
- xrandr --output HDMI2 --right-of HDMI1
- '';
- };
networking.firewall.allowedUDPPorts = [ 655 ];
networking.firewall.allowedTCPPorts = [ 655 49152 ];
+ networking.firewall.trustedInterfaces = [ "enp0s25" ];
#services.tinc.networks.siem = {
# name = "display";
# extraConfig = ''
@@ -85,7 +78,7 @@ in {
# TODO: add crypto layer
systemd.services."synergy-client" = {
environment.DISPLAY = ":0";
- serviceConfig.User = "makefu";
+ serviceConfig.User = user;
};
services.synergy = {
diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix
index 65df426e5..d1503c8d7 100644
--- a/makefu/1systems/x.nix
+++ b/makefu/1systems/x.nix
@@ -38,6 +38,8 @@ with import <stockholm/lib>;
# ../2configs/temp/sabnzbd.nix
+ # development
+ ../2configs/sources
# Krebs
# ../2configs/disable_v6.nix
diff --git a/makefu/2configs/audio/jack-on-pulse.nix b/makefu/2configs/audio/jack-on-pulse.nix
new file mode 100644
index 000000000..09d03ea9f
--- /dev/null
+++ b/makefu/2configs/audio/jack-on-pulse.nix
@@ -0,0 +1,45 @@
+{ config, pkgs, ... }:
+let
+ pulse = pkgs.pulseaudioFull;
+ user = config.makefu.gui.user;
+in
+{
+ sound.enable = true;
+ hardware.pulseaudio = {
+ enable = true;
+ package = pulse;
+ };
+
+ environment.systemPackages = with pkgs; [ jack2Full ];
+ # from http://anderspapitto.com/posts/2015-11-26-overtone-on-nixos-with-jack-and-pulseaudio.html
+
+ systemd.services = {
+ jackdbus = {
+ description = "Runs jack, and points pulseaudio at it";
+ serviceConfig = {
+ User = user;
+ Type = "oneshot";
+ ExecStart = pkgs.writeScript "start_jack.sh" ''
+ #! ${pkgs.bash}/bin/bash
+ . ${config.system.build.setEnvironment}
+ sleep 5 # wait for the gui to load
+
+ ${pkgs.jack2Full}/bin/jack_control start
+ sleep 3 # give some time for sources/sinks to be created
+
+ ${pulse}/bin/pacmd set-default-sink jack_out
+ ${pulse}/bin/pacmd set-default-source jack_in
+ '';
+ ExecStop = pkgs.writeScript "stop_jack.sh" ''
+ #! ${pkgs.bash}/bin/bash
+ . ${config.system.build.setEnvironment}
+
+ ${pkgs.jack2Full}/bin/jack_control stop
+ '';
+ RemainAfterExit = true;
+ };
+ after = [ "display-manager.service" "sound.target" ];
+ wantedBy = [ "multi-user.target" ];
+ };
+ };
+}
diff --git a/makefu/2configs/audio/realtime-audio.nix b/makefu/2configs/audio/realtime-audio.nix
new file mode 100644
index 000000000..d9709e4b7
--- /dev/null
+++ b/makefu/2configs/audio/realtime-audio.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+let
+ user = config.makefu.gui.user;
+in
+{
+ imports = [
+ ../sources/musnix.nix # populate musnix
+ <musnix>
+ ];
+ musnix.enable = true;
+ users.users."${user}".extraGroups = [ "audio" ];
+}
diff --git a/makefu/2configs/avahi.nix b/makefu/2configs/avahi.nix
new file mode 100644
index 000000000..59f59fd80
--- /dev/null
+++ b/makefu/2configs/avahi.nix
@@ -0,0 +1,8 @@
+{ pkgs, ...}:
+{
+ services.avahi = {
+ enable = true;
+ wideArea = false;
+ };
+ environment.systemPackages = [ pkgs.avahi ];
+}
diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix
index 9ed890326..1cc78bfc1 100644
--- a/makefu/2configs/backup.nix
+++ b/makefu/2configs/backup.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
# preparation:
@@ -32,4 +32,7 @@ in {
# wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
};
+ environment.systemPackages = [
+ pkgs.borgbackup
+ ];
}
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 6cc891047..7d0faae94 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
user = config.krebs.users.makefu;
source = let
inherit (config.krebs.build) host user;
- ref = "4fac473"; # unstable @ 2017-03-31 + command-not-found
+ ref = "0afb6d7"; # unstable @ 2017-05-09
in {
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{
diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix
new file mode 100644
index 000000000..a18416497
--- /dev/null
+++ b/makefu/2configs/deployment/led-fader.nix
@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ mq = "192.168.8.11";
+
+ pkg = pkgs.stdenv.mkDerivation {
+ name = "ampel-master";
+ src = pkgs.fetchgit {
+ url = "http://cgit.euer.krebsco.de/ampel";
+ rev = "07a6791de368e16cc0864d2676fd255eba522cee";
+ sha256 = "1jxjapvkfglvgapy7gjbr1nra3ay418nvz70bvypcmv7wc8d4h8q";
+ };
+ buildInputs = [
+ (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [
+ docopt
+ paho-mqtt
+ ]))
+ ];
+ installPhase = ''
+ install -m755 -D fade.py $out/bin/fade.py
+ install -m755 -D ampel.py $out/bin/ampel
+ install -m755 -D times.json $out/share/times.json
+ '';
+ };
+in {
+ systemd.services.led-fader = {
+ description = "Send led change to message queue";
+ environment = {
+ NIX_PATH = "/var/src";
+ };
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ # User = "nobody"; # need a user with permissions to run nix-shell
+ ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json";
+ PrivateTmp = true;
+ };
+ };
+}
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index 81a5cde81..96b6c303d 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -19,6 +19,7 @@ let
cgit.desc = "Build new Stockholm hosts";
};
cac-api = { };
+ ampel = { };
init-stockholm = {
cgit.desc = "Init stuff for stockholm";
};
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/gui/base.nix
index 1a19ab36b..bf6bef29d 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/gui/base.nix
@@ -65,7 +65,7 @@ in
cat |derp <<EOF
XTerm*background: black
XTerm*foreground: white
- XTerm*FaceName : xft:xos4 Terminus:pixelsize=14
+ XTerm*FaceName : xft:xos4 Terminus:pixelsize=11
URxvt*termName: rxvt
URxvt*saveLines: 10000
@@ -77,7 +77,7 @@ in
URxvt.background: black
URxvt.urgentOnBell: true
URxvt.visualBell: false
- URxvt.font : xft:xos4 Terminus:size=12
+ URxvt.font : xft:xos4 Terminus:size=11
! blue
diff --git a/makefu/2configs/gui/studio.nix b/makefu/2configs/gui/studio.nix
new file mode 100644
index 000000000..08157fda4
--- /dev/null
+++ b/makefu/2configs/gui/studio.nix
@@ -0,0 +1,22 @@
+{ config, lib, ... }:
+let
+ user = config.makefu.gui.user;
+in
+{
+ services.xserver.enable = true;
+ services.xserver.displayManager.sddm = {
+ enable = true;
+ autoLogin.enable = true;
+ autoLogin.user = user;
+ };
+ # services.xserver.windowMananger.default = "plasma5";
+ services.xserver.desktopManager = {
+ default = "plasma5";
+ plasma5.enable = true;
+ };
+
+ services.xserver.layout = "us";
+ services.xserver.xkbVariant = "altgr-intl";
+ services.xserver.xkbOptions = "ctrl:nocaps";
+
+}
diff --git a/makefu/2configs/urxvtd.nix b/makefu/2configs/gui/urxvtd.nix
index 286b87ab3..286b87ab3 100644
--- a/makefu/2configs/urxvtd.nix
+++ b/makefu/2configs/gui/urxvtd.nix
diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix
new file mode 100644
index 000000000..4b7a0c333
--- /dev/null
+++ b/makefu/2configs/gui/wbob-kiosk.nix
@@ -0,0 +1,23 @@
+{ lib, ... }:
+{
+
+ imports = [
+ ./base.nix
+ ];
+ services.xserver = {
+ layout = lib.mkForce "de";
+
+ windowManager = lib.mkForce {
+ awesome.enable = false;
+ default = "none";
+ };
+ desktopManager.xfce.enable = true;
+
+ # xrandrHeads = [ "HDMI1" "HDMI2" ];
+ # prevent screen from turning off, disable dpms
+ displayManager.sessionCommands = ''
+ xset s off -dpms
+ xrandr --output HDMI2 --right-of HDMI1
+ '';
+ };
+}
diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix
index eaf6dec97..827da0c8d 100644
--- a/makefu/2configs/main-laptop.nix
+++ b/makefu/2configs/main-laptop.nix
@@ -11,7 +11,7 @@ let
user = config.krebs.build.user.name;
in {
imports = [
- ./base-gui.nix
+ ./gui/base.nix
./fetchWallpaper.nix
./zsh-user.nix
./tools/core.nix
diff --git a/makefu/2configs/sources/default.nix b/makefu/2configs/sources/default.nix
new file mode 100644
index 000000000..232117aec
--- /dev/null
+++ b/makefu/2configs/sources/default.nix
@@ -0,0 +1,7 @@
+# the builder pc (my laptop) will also require the sources i use to deploy
+# other boxes
+{
+ imports = [
+ ./musnix.nix
+ ];
+}
diff --git a/makefu/2configs/sources/musnix.nix b/makefu/2configs/sources/musnix.nix
new file mode 100644
index 000000000..d02dd4a48
--- /dev/null
+++ b/makefu/2configs/sources/musnix.nix
@@ -0,0 +1,6 @@
+{
+ krebs.build.source.musnix.git = {
+ url = https://github.com/musnix/musnix.git;
+ ref = "37a8378";
+ };
+}
diff --git a/makefu/2configs/vncserver.nix b/makefu/2configs/vncserver.nix
new file mode 100644
index 000000000..c56b3e294
--- /dev/null
+++ b/makefu/2configs/vncserver.nix
@@ -0,0 +1,62 @@
+{config,lib,pkgs, ...}:
+with lib;
+let
+ pwfile = (toString <secrets>)+ "/vnc-password"; # create with `vncpasswd`
+ pwtmp = "/tmp/vnc-password";
+ # nixos-unstable tigervnc is currently broken :\
+ package = (import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-17.03.tar.gz) {}).pkgs.tigervnc;
+ user = config.makefu.gui.user;
+ vnc_port = 5900;
+ web_port = 6080;
+in {
+ networking.firewall.allowedTCPPorts = [ 80 vnc_port web_port ];
+ systemd.services = {
+ terminal-server = {
+ description = "VNC Terminal Server";
+ after = [ "display-manager.service" "graphical.target" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = user;
+ Restart = "always";
+ ExecStartPre = pkgs.writeDash "terminal-pre" ''
+ sleep 5
+ install -m0700 -o ${user} ${pwfile} ${pwtmp}
+ '';
+ ExecStart = "${package}/bin/x0vncserver -display :0 -rfbport ${toString vnc_port} -passwordfile ${pwtmp}";
+ PermissionsStartOnly = true;
+ PrivateTmp = true;
+ };
+ };
+ terminal-web = {
+ description = "noVNC Web Server";
+ after = [ "terminal-server.service" "graphical.target" "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+ serviceConfig = {
+ User = "nobody";
+ ExecStart = "${pkgs.novnc}/bin/launch-novnc.sh --listen ${toString web_port} --vnc localhost:${toString vnc_port}";
+ PrivateTmp = true;
+ };
+ };
+ };
+ services.nginx.enable = true;
+ services.nginx.virtualHosts._.locations = {
+ "/" = {
+ root = "${pkgs.novnc}";
+ index = "vnc_auto.html";
+ };
+ "/websockify" = {
+ proxyPass = "http://127.0.0.1:6080/";
+ extraConfig = ''
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+
+ # VNC connection timeout
+ proxy_read_timeout 61s;
+
+ # Disable cache
+ proxy_buffering off;
+ '';
+ };
+ };
+}
diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix
index dbd29d748..846642580 100644
--- a/makefu/3modules/server-config.nix
+++ b/makefu/3modules/server-config.nix
@@ -6,5 +6,10 @@ with import <stockholm/lib>;
type = types.str;
description = "Primary interface of the server";
};
+ options.makefu.gui.user = lib.mkOption {
+ type = types.str;
+ description = "GUI user";
+ default = config.krebs.build.user.name;
+ };
}
diff --git a/makefu/3modules/taskserver.nix b/makefu/3modules/taskserver.nix
index 808e70425..40a18fe05 100644
--- a/makefu/3modules/taskserver.nix
+++ b/makefu/3modules/taskserver.nix
@@ -41,8 +41,8 @@ let
Type = "simple";
ExecStart = "${cfg.package}/bin/taskd server --data ${cfg.workingDir}";
WorkingDirectory = cfg.workingDir;
- PrivateTmp = true;
- InaccessibleDirectories = "/home /boot /opt /mnt /media";
+ # PrivateTmp = true;
+ # InaccessibleDirectories = "/home /boot /opt /mnt /media";
User = "taskd";
};
};
diff --git a/makefu/5pkgs/alsa-tools/default.nix b/makefu/5pkgs/alsa-tools/default.nix
index 9a672f048..5134c10ec 100644
--- a/makefu/5pkgs/alsa-tools/default.nix
+++ b/makefu/5pkgs/alsa-tools/default.nix
@@ -1,4 +1,4 @@
-{stdenv,alsaToolTarget,fetchurl, alsaLib, ncurses, fltk13, gtk}:
+{stdenv,alsaToolTarget,fetchurl, alsaLib, ncurses, fltk13, gtk3}:
stdenv.mkDerivation rec {
name = "alsa-${alsaToolTarget}-${version}";
@@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
sha256 = "1lgvyb81md25s9ciswpdsbibmx9s030kvyylf0673w3kbamz1awl";
};
sourceRoot = "${alsaToolsName}/${alsaToolTarget}/";
- buildInputs = [ alsaLib fltk13 gtk ncurses ];
+ buildInputs = [ alsaLib fltk13 gtk3 ncurses ];
meta = {
homepage = http://www.alsa-project.org/;
diff --git a/makefu/5pkgs/novnc/default.nix b/makefu/5pkgs/novnc/default.nix
new file mode 100644
index 000000000..b1d62248d
--- /dev/null
+++ b/makefu/5pkgs/novnc/default.nix
@@ -0,0 +1,41 @@
+{ stdenv, fetchurl, pkgs }:
+# source: https://github.com/hyphon81/Nixtack/blob/master/noVNC/noVNC.nix
+let
+in
+
+stdenv.mkDerivation rec {
+ name = "novnc-${version}";
+ version = "0.6.2";
+
+ src = fetchurl {
+ url = "https://github.com/novnc/noVNC/archive/v${version}.tar.gz";
+ sha256 = "16ygbdzdmnfg9a26d9il4a6fr16qmq0ix9imfbpzl0drfbj7z8kh";
+ };
+ p = stdenv.lib.makeBinPath [ pkgs.nettools pkgs.python27Packages.websockify
+ pkgs.coreutils pkgs.which pkgs.procps ];
+ # TODO: propagatedBuildInputs does not seem to work with shell scripts
+ patchPhase = ''
+ sed -i '1aset -efu\nexport PATH=${p}\n' utils/launch.sh
+ '';
+ installPhase = ''
+ mkdir -p $out/bin
+ cp utils/launch.sh $out/bin/launch-novnc.sh
+ chmod +x $out/bin/launch-novnc.sh
+ mkdir -p $out/images
+ cp -r images/* $out/images/
+ mkdir -p $out/include
+ cp -r include/* $out/include/
+ cp favicon.ico $out
+ cp vnc.html $out
+ cp vnc_auto.html $out
+ '';
+
+ meta = with stdenv.lib; {
+ homepage = http://novnc.com/info.html;
+ repositories.git = git://github.com/novnc/noVNC.git;
+ description = ''
+ A HTML5 VNC Client
+ '';
+ license = licenses.mpl20;
+ };
+}
diff --git a/makefu/5pkgs/shackie/default.nix b/makefu/5pkgs/shackie/default.nix
new file mode 100644
index 000000000..ce926fcd6
--- /dev/null
+++ b/makefu/5pkgs/shackie/default.nix
@@ -0,0 +1,33 @@
+{ pkgs, fetchFromGitHub, ... }:
+with pkgs.python3Packages;
+let
+ asyncio-irc = buildPythonPackage rec {
+ name = "asyncio-irc-${version}";
+ version = "2016-09-02";
+ src = fetchFromGitHub {
+ owner = "watchtower";
+ repo = "asyncirc";
+ rev = "5384d19";
+ sha256 = "0xgzdvp0ig0im7r3vbqd3a9rzac0lkk2mvf7y4fw56p8k61df8nv";
+ };
+ propagatedBuildInputs = [ blinker ];
+ };
+in
+buildPythonPackage rec {
+ name = "shackie-${version}";
+ version = "2017-04-24";
+ propagatedBuildInputs = [
+ asyncio-irc
+ beautifulsoup4
+ lxml
+ pytz
+ redis
+ requests2
+ ];
+ src = fetchFromGitHub {
+ owner = "shackspace";
+ repo = "shackie";
+ rev = "e717ec7";
+ sha256 = "1ffbjm3x2xcyxl42hfsjs5xg1pm0xsprdi5if9zxa5ycqydmiw3l";
+ };
+}