diff options
author | makefu <github@syntax-fehler.de> | 2016-01-23 00:29:55 +0100 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2016-01-23 00:29:55 +0100 |
commit | e91ee6132671d874c817d5569a618472b5a710ca (patch) | |
tree | 60422048d6d8a532a1c30cbeba3ebd6c35367ee8 | |
parent | 7cf54a1d791fff716968a145feb55f28b84aef76 (diff) | |
parent | ed4e0241d5aba830f31a7271435c93c7299b884b (diff) |
Merge branch 'master' of gum:stockholm
-rw-r--r-- | krebs/3modules/makefu/default.nix | 24 | ||||
-rw-r--r-- | krebs/5pkgs/apt-cacher-ng/default.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/fortclientsslvpn/default.nix | 2 | ||||
-rw-r--r-- | krebs/5pkgs/krebszones/default.nix | 5 | ||||
-rw-r--r-- | krebs/Zhosts/wbob | 10 | ||||
-rw-r--r-- | makefu/1systems/gum.nix | 5 | ||||
-rw-r--r-- | makefu/1systems/omo.nix | 1 | ||||
-rw-r--r-- | makefu/1systems/vbob.nix | 19 | ||||
-rw-r--r-- | makefu/1systems/wbob.nix | 19 | ||||
-rw-r--r-- | makefu/2configs/default.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/git/cgit-retiolum.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/smart-monitor.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/tinc-basic-retiolum.nix | 1 | ||||
-rw-r--r-- | makefu/2configs/vim.nix | 2 | ||||
-rw-r--r-- | makefu/5pkgs/awesomecfg/full.cfg | 3 | ||||
-rw-r--r-- | shared/2configs/base.nix | 2 | ||||
-rw-r--r-- | shared/2configs/buildbot-standalone.nix | 11 |
17 files changed, 87 insertions, 27 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 31516d591..38e773b53 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -297,6 +297,30 @@ with lib; ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA root@servarch"; }; + wbob = rec { + cores = 1; + dc = "none"; + nets = { + retiolm = { + addrs4 = ["10.243.214.15/32"]; + addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128"]; + aliases = [ + "wbob.retiolum" + ]; + tinc.pubkey = '' +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e +QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal +cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 +khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs +rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 +TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB +-----END RSA PUBLIC KEY----- +''; + }; + }; + }; + gum = rec { cores = 1; dc = "online.net"; #root-server diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix index f253cdba0..f71d17c54 100644 --- a/krebs/5pkgs/apt-cacher-ng/default.nix +++ b/krebs/5pkgs/apt-cacher-ng/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "apt-cacher-ng-${version}"; - version = "0.8.6"; + version = "0.8.8"; src = fetchurl { url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz"; - sha256 = "0044dfks8djl11fs28jj8894i4rq424xix3d3fkvzz2i6lnp8nr5"; + sha256 = "0n7yy4h8g7j0g94xngbywmfhrkg9xl3j2c4wzrjknfwvxmqgjivq"; }; NIX_LDFLAGS = "-lpthread"; diff --git a/krebs/5pkgs/fortclientsslvpn/default.nix b/krebs/5pkgs/fortclientsslvpn/default.nix index 720d4004f..e1c813479 100644 --- a/krebs/5pkgs/fortclientsslvpn/default.nix +++ b/krebs/5pkgs/fortclientsslvpn/default.nix @@ -81,7 +81,7 @@ stdenv.mkDerivation rec { meta = { homepage = http://www.fortinet.com; description = "Forticlient SSL-VPN client"; - license = lib.licenses.nonfree; + license = lib.licenses.unfree; maintainers = [ lib.maintainers.makefu ]; }; } diff --git a/krebs/5pkgs/krebszones/default.nix b/krebs/5pkgs/krebszones/default.nix index f6fd672dc..9230192bd 100644 --- a/krebs/5pkgs/krebszones/default.nix +++ b/krebs/5pkgs/krebszones/default.nix @@ -1,5 +1,10 @@ { lib, pkgs,python3Packages,fetchurl, ... }: +# TODO: Prepare a diff of future and current +## ovh-zone export krebsco.de --config ~/secrets/krebs/cfg.json |sed 's/[ ]\+/ /g' | sort current +## sed 's/[ ]\+/ /g'/etc/zones/krebsco.de | sort > future +## diff future.sorted current.sorted + python3Packages.buildPythonPackage rec { name = "krebszones-${version}"; version = "0.4.4"; diff --git a/krebs/Zhosts/wbob b/krebs/Zhosts/wbob new file mode 100644 index 000000000..829a59110 --- /dev/null +++ b/krebs/Zhosts/wbob @@ -0,0 +1,10 @@ +Subnet = 10.243.214.15/32 +Subnet = 42:5a02:2c30:c1b1:3f2e:7c19:2496:a732/128 +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAqLTJx91OdR0FlJAc2JGh+AJde95oMzzh8o36JBFpsaN7styNfD3e +QGM/bDXFjk4ieIe5At0Z63P2KWxRp3cz8LWKJsn5cGsX2074YWMAGmKX+ZZJNlal +cJ994xX+8MJ6L2tVKpY7Ace7gqDN+l650PrEzV2SLisIqOdxoBlbAupdwHieUBt8 +khm4NLNUCxPYUx2RtHn4iGdgSgUD/SnyHEFdyDA17lWAGfEi4yFFjFMYQce/TFrs +rQV9t5hGaofu483Epo6mEfcBcsR4GIHI4a4WKYANsIyvFvzyGFEHOMusG6nRRqE9 +TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 1907424ec..ac7524506 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -21,7 +21,7 @@ in { ]; - + services.smartd.devices = [ { device = "/dev/sda";} ]; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; ###### stable @@ -32,6 +32,9 @@ in { ListenAddress = ${external-ip} 655 ListenAddress = ${external-ip} 21031 ''; + krebs.nginx.servers.cgit.server-names = [ + "cgit.euer.krebsco.de" + ]; # Chat environment.systemPackages = with pkgs;[ diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix index e11665fbc..552af4e4f 100644 --- a/makefu/1systems/omo.nix +++ b/makefu/1systems/omo.nix @@ -33,6 +33,7 @@ in { ]; # services.openssh.allowSFTP = false; krebs.build.host = config.krebs.hosts.omo; + krebs.build.source.git.nixpkgs.rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce"; # copy config from <secrets/sabnzbd.ini> to /var/lib/sabnzbd/ services.sabnzbd.enable = true; diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index b8c02cb67..d95362919 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -2,9 +2,7 @@ # # { lib, config, pkgs, ... }: -let - pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {}; -in { +{ krebs.build.host = config.krebs.hosts.vbob; krebs.build.target = "root@10.10.10.220"; imports = @@ -15,14 +13,13 @@ in { # environment ]; + nixpkgs.config.allowUnfree = true; nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; - buildbot = pkgs-unst.buildbot; - buildbot-slave = pkgs-unst.buildbot-slave; }; makefu.buildbot.master = { - enable = true; + enable = false; irc = { enable = true; server = "cd.retiolum"; @@ -30,8 +27,9 @@ in { allowForce = true; }; }; + # services.logstash.enable = true; makefu.buildbot.slave = { - enable = true; + enable = false; masterhost = "localhost"; username = "testslave"; password = "krebspass"; @@ -41,8 +39,8 @@ in { krebs.build.source.git.nixpkgs = { #url = https://github.com/nixos/nixpkgs; - # HTTP Everywhere - rev = "a3974e"; + # HTTP Everywhere + libredir + rev = "8239ac6"; }; fileSystems."/nix" = { device ="/dev/disk/by-label/nixstore"; @@ -56,9 +54,12 @@ in { }; }; environment.systemPackages = with pkgs;[ + fortclientsslvpn buildbot buildbot-slave get + genid + logstash ]; networking.firewall.allowedTCPPorts = [ diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix new file mode 100644 index 000000000..d6916f006 --- /dev/null +++ b/makefu/1systems/wbob.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ... }: +{ + imports = + [ # Include the results of the hardware scan. + ../2configs/main-laptop.nix + ]; + krebs = { + enable = true; + retiolum.enable = true; + build.host = config.krebs.hosts.wbob; + }; + boot.loader.grub.device = "/dev/sda"; + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" ]; + boot.kernelModules = [ "kvm-intel" ]; + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; +} diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7771e24d4..ec1100582 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -13,7 +13,7 @@ with lib; ./vim.nix ]; - + nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { enable = true; search-domain = "retiolum"; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 35bb169cf..7d85eb8d1 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -16,6 +16,9 @@ let desc = "Tinc Advanced Graph Generation"; }; cac = { }; + init-stockholm = { + desc = "Init stuff for stockholm"; + }; }; priv-repos = mapAttrs make-priv-repo { diff --git a/makefu/2configs/smart-monitor.nix b/makefu/2configs/smart-monitor.nix index a37969d3d..daf3aad01 100644 --- a/makefu/2configs/smart-monitor.nix +++ b/makefu/2configs/smart-monitor.nix @@ -3,6 +3,7 @@ krebs.exim-retiolum.enable = lib.mkDefault true; services.smartd = { enable = true; + autodetect = false; notifications = { mail = { enable = true; diff --git a/makefu/2configs/tinc-basic-retiolum.nix b/makefu/2configs/tinc-basic-retiolum.nix index 2abf4f188..f49c596fc 100644 --- a/makefu/2configs/tinc-basic-retiolum.nix +++ b/makefu/2configs/tinc-basic-retiolum.nix @@ -4,7 +4,6 @@ with lib; { krebs.retiolum = { enable = true; - hosts = ../../krebs/Zhosts; connectTo = [ "gum" "pigstarter" diff --git a/makefu/2configs/vim.nix b/makefu/2configs/vim.nix index 02a46d22a..227d73c81 100644 --- a/makefu/2configs/vim.nix +++ b/makefu/2configs/vim.nix @@ -122,7 +122,7 @@ in { vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins; vimrcConfig.vam.pluginDictionaries = [ { names = [ "undotree" - "YouCompleteMe" + # "YouCompleteMe" "vim-better-whitespace" ]; } { names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; } ]; diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index 15711a5d5..c1b58aa90 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -38,8 +38,6 @@ do end) end -- }}} -volwidget = wibox.widget.textbox() -vicious.register(volwidget, vicious.widgets.volume, " $1% ", 2, "Master") -- {{{ Mails widget type local function worker(format,warg) @@ -258,7 +256,6 @@ for s = 1, screen.count() do local right_layout = wibox.layout.fixed.horizontal() right_layout:add(mailwidget) if s == 1 then right_layout:add(wibox.widget.systray()) end - right_layout:add(volwidget) right_layout:add(cpuwidget) right_layout:add(batwidget) right_layout:add(mytextclock) diff --git a/shared/2configs/base.nix b/shared/2configs/base.nix index 4d509d7a6..5e6072661 100644 --- a/shared/2configs/base.nix +++ b/shared/2configs/base.nix @@ -18,7 +18,7 @@ with lib; krebs.build.source = { git.nixpkgs = { url = https://github.com/NixOS/nixpkgs; - rev = "6d31e9b81dcd4ab927bb3dc91b612dd5abfa2f80"; + rev = "d0e3cca"; target-path = "/var/src/nixpkgs"; }; dir.secrets = { diff --git a/shared/2configs/buildbot-standalone.nix b/shared/2configs/buildbot-standalone.nix index 3275189a5..c614bd3c1 100644 --- a/shared/2configs/buildbot-standalone.nix +++ b/shared/2configs/buildbot-standalone.nix @@ -1,11 +1,6 @@ { lib, config, pkgs, ... }: -let - pkgs-unst = import (fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz) {}; -in { - nixpkgs.config.packageOverrides = pkgs: { - buildbot = pkgs-unst.buildbot; - buildbot-slave = pkgs-unst.buildbot-slave; - }; + +{ networking.firewall.allowedTCPPorts = [ 8010 9989 ]; krebs.buildbot.master = { secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ]; @@ -89,6 +84,7 @@ in { nix-instantiate --eval -A \ users.shared.test-all-krebs-modules.system \ -I stockholm=. \ + --show-trace \ -I secrets=. '<stockholm>' \ --argstr current-date lol \ --argstr current-user-name shared \ @@ -101,6 +97,7 @@ in { users.shared.test-minimal-deploy.system \ -I stockholm=. \ -I secrets=. '<stockholm>' \ + --show-trace \ --argstr current-date lol \ --argstr current-user-name shared \ --argstr current-host-name lol \ |