summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-04-12 09:24:46 +0200
committertv <tv@krebsco.de>2017-04-12 09:24:46 +0200
commit0248fce6be6705de4a6beab0f2a9336550df9d18 (patch)
tree6865e194d5df1f9f77a03da06192d5034f97cacf
parent75f43655d379a7aeed58b9cb423759b8a3696a9a (diff)
parent9224e9c4c8432ce8d7788592b9d25cfc29440ee6 (diff)
Merge remote-tracking branch 'prism/makefu'
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/htgen.nix68
-rw-r--r--krebs/3modules/makefu/default.nix25
-rw-r--r--krebs/5pkgs/apt-cacher-ng/default.nix4
-rw-r--r--krebs/5pkgs/htgen/default.nix28
-rw-r--r--lass/2configs/git.nix7
-rw-r--r--lass/2configs/repo-sync.nix1
-rw-r--r--lass/2configs/websites/domsen.nix1
-rw-r--r--makefu/1systems/gum.nix3
-rw-r--r--makefu/1systems/omo.nix13
-rw-r--r--makefu/1systems/wry.nix39
-rw-r--r--makefu/1systems/x.nix3
-rw-r--r--makefu/2configs/backup.nix2
-rw-r--r--makefu/2configs/base-gui.nix7
-rw-r--r--makefu/2configs/bepasty-dual.nix6
-rw-r--r--makefu/2configs/default.nix2
-rw-r--r--makefu/2configs/deployment/graphs.nix37
-rw-r--r--makefu/2configs/extra-fonts.nix14
-rw-r--r--makefu/2configs/printer.nix2
-rw-r--r--makefu/2configs/urlwatch.nix3
-rw-r--r--makefu/5pkgs/awesomecfg/default.nix1
-rw-r--r--makefu/5pkgs/dymo-cups-drivers/default.nix17
-rw-r--r--makefu/5pkgs/taskserver/default.nix43
-rw-r--r--shared/1systems/wolf.nix1
-rw-r--r--shared/2configs/share-shack.nix38
25 files changed, 239 insertions, 127 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index f336c966f..d24cea1a2 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -20,6 +20,7 @@ let
./github-hosts-sync.nix
./git.nix
./go.nix
+ ./htgen.nix
./iptables.nix
./kapacitor.nix
./monit.nix
diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix
new file mode 100644
index 000000000..0dddca6c8
--- /dev/null
+++ b/krebs/3modules/htgen.nix
@@ -0,0 +1,68 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ cfg = config.krebs.htgen;
+
+ out = {
+ options.krebs.htgen = api;
+ config = imp;
+ };
+
+ api = mkOption {
+ default = {};
+ type = types.attrsOf (types.submodule ({ config, ... }: {
+ options = {
+ enable = mkEnableOption "krebs.htgen-${config.name}";
+
+ name = mkOption {
+ type = types.username;
+ default = config._module.args.name;
+ };
+
+ port = mkOption {
+ type = types.uint;
+ };
+
+ script = mkOption {
+ type = types.str;
+ };
+ user = mkOption {
+ type = types.user;
+ default = {
+ name = "htgen-${config.name}";
+ home = "/var/lib/htgen-${config.name}";
+ };
+ };
+ };
+ }));
+ };
+ imp = {
+
+ systemd.services = mapAttrs' (name: htgen:
+ nameValuePair "htgen-${name}" {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+ environment = {
+ HTGEN_PORT = toString htgen.port;
+ HTGEN_SCRIPT = htgen.script;
+ };
+ serviceConfig = {
+ SyslogIdentifier = "htgen";
+ User = htgen.user.name;
+ PrivateTmp = true;
+ Restart = "always";
+ ExecStart = "${pkgs.htgen}/bin/htgen --serve";
+ };
+ }
+ ) cfg;
+
+ users.users = mapAttrs' (name: htgen:
+ nameValuePair htgen.user.name {
+ inherit (htgen.user) home name uid;
+ createHome = true;
+ }
+ ) cfg;
+
+ };
+in out
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 489f62b65..8e5927f9d 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -285,12 +285,9 @@ with import <stockholm/lib>;
cores = 1;
extraZones = {
"krebsco.de" = ''
- euer IN A ${nets.internet.ip4.addr}
- wiki.euer IN A ${nets.internet.ip4.addr}
- wry IN A ${nets.internet.ip4.addr}
- io IN NS wry.krebsco.de.
- graphs IN A ${nets.internet.ip4.addr}
- tinc IN A ${nets.internet.ip4.addr}
+ wry IN A ${nets.internet.ip4.addr}
+ io IN NS wry.krebsco.de.
+ tinc IN A ${nets.internet.ip4.addr}
'';
};
nets = rec {
@@ -307,13 +304,8 @@ with import <stockholm/lib>;
ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad";
aliases = [
"graphs.wry.retiolum"
- "graphs.r" "graphs.retiolum"
"paste.wry.retiolum"
"wry.r" "wry.retiolum"
- "wiki.makefu.retiolum"
- "wiki.wry.retiolum"
- "blog.makefu.retiolum"
- "blog.wry.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -452,6 +444,9 @@ with import <stockholm/lib>;
cgit.euer IN A ${nets.internet.ip4.addr}
o.euer IN A ${nets.internet.ip4.addr}
dl.euer IN A ${nets.internet.ip4.addr}
+ euer IN A ${nets.internet.ip4.addr}
+ wiki.euer IN A ${nets.internet.ip4.addr}
+ graphs IN A ${nets.internet.ip4.addr}
'';
};
nets = rec {
@@ -464,7 +459,7 @@ with import <stockholm/lib>;
retiolum = {
via = internet;
ip4.addr = "10.243.0.211";
- ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
+ # ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
aliases = [
"gum.r"
"gum.retiolum"
@@ -473,6 +468,12 @@ with import <stockholm/lib>;
"o.gum.retiolum"
"tracker.makefu.r"
"tracker.makefu.retiolum"
+
+ "graphs.r" "graphs.retiolum"
+ "wiki.makefu.retiolum"
+ "wiki.wry.retiolum"
+ "blog.makefu.retiolum"
+ "blog.wry.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/krebs/5pkgs/apt-cacher-ng/default.nix b/krebs/5pkgs/apt-cacher-ng/default.nix
index 53736dcfb..e3986713b 100644
--- a/krebs/5pkgs/apt-cacher-ng/default.nix
+++ b/krebs/5pkgs/apt-cacher-ng/default.nix
@@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "apt-cacher-ng-${version}";
- version = "0.9.3.2";
+ version = "2";
src = fetchurl {
url = "http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/apt-cacher-ng_${version}.orig.tar.xz";
- sha256 = "1bvng9mwrggvc93q2alj0x72i56wifnjs2dsycr17mapsv0f2gnc";
+ sha256 = "0bkc3012vinridl5ch46pwnxjalymx4wf6nxax64nm7bdkcj9azf";
};
NIX_LDFLAGS = "-lpthread";
diff --git a/krebs/5pkgs/htgen/default.nix b/krebs/5pkgs/htgen/default.nix
new file mode 100644
index 000000000..f9dfeb3d1
--- /dev/null
+++ b/krebs/5pkgs/htgen/default.nix
@@ -0,0 +1,28 @@
+{ bash, coreutils, gnused, stdenv, fetchgit, ucspi-tcp }:
+with import <stockholm/lib>;
+let
+ version = "1.1";
+in stdenv.mkDerivation {
+ name = "htgen-${version}";
+
+ src = fetchgit {
+ url = "http://cgit.krebsco.de/htgen";
+ rev = "refs/tags/v${version}";
+ sha256 = "1zxj0fv9vdrqyl3x2hgq7a6xdlzpclf93akygysrzsqk9wjapp4z";
+ };
+
+ installPhase = ''
+ mkdir -p $out/bin
+ {
+ echo '#! ${bash}/bin/bash'
+ echo 'export PATH=${makeBinPath [
+ ucspi-tcp
+ coreutils
+ gnused
+ ]}''${PATH+":$PATH"}'
+ cat htgen
+ } > $out/bin/htgen
+ chmod +x $out/bin/htgen
+ cp -r examples $out
+ '';
+}
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 710eb9461..be08d0ec1 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -32,10 +32,13 @@ let
public-repos = mapAttrs make-public-repo {
stockholm = {
cgit.desc = "take all the computers hostage, they'll love you!";
+ cgit.section = "configuration";
};
- kimsufi-check = {};
} // mapAttrs make-public-repo-silent {
- the_playlist = {};
+ the_playlist = {
+ cgit.desc = "Good Music collection + tools";
+ cgit.section = "art";
+ };
};
restricted-repos = mapAttrs make-restricted-repo (
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index dfea637ed..74e508549 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -10,6 +10,7 @@ let
public = true;
name = mkDefault "${name}";
cgit.desc = mkDefault "mirror for ${name}";
+ cgit.section = mkDefault "mirror";
hooks = mkIf announce (mkDefault {
post-receive = pkgs.git-hooks.irc-announce {
nick = config.networking.hostName;
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index daecdcd2f..fde3f7c2b 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -120,6 +120,7 @@ in {
sender_domains = [
"jla-trading.com"
"ubikmedia.eu"
+ "ubikmedia.de"
];
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
ssl_key = "/var/lib/acme/lassul.us/key.pem";
diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix
index 910493026..c39997ebf 100644
--- a/makefu/1systems/gum.nix
+++ b/makefu/1systems/gum.nix
@@ -29,9 +29,12 @@ in {
../2configs/deployment/owncloud.nix
../2configs/nginx/share-download.nix
../2configs/nginx/euer.test.nix
+ ../2configs/nginx/euer.wiki.nix
+ ../2configs/nginx/euer.blog.nix
../2configs/nginx/public_html.nix
../2configs/nginx/update.connector.one.nix
../2configs/deployment/mycube.connector.one.nix
+ ../2configs/deployment/graphs.nix
# ../2configs/opentracker.nix
../2configs/logging/central-stats-client.nix
diff --git a/makefu/1systems/omo.nix b/makefu/1systems/omo.nix
index a6a336fed..99303b604 100644
--- a/makefu/1systems/omo.nix
+++ b/makefu/1systems/omo.nix
@@ -43,7 +43,6 @@ in {
# TODO: unlock home partition via ssh
../2configs/fs/sda-crypto-root.nix
../2configs/zsh-user.nix
- ../2configs/urlwatch.nix
../2configs/backup.nix
../2configs/exim-retiolum.nix
../2configs/smart-monitor.nix
@@ -182,5 +181,17 @@ in {
zramSwap.enable = true;
+ krebs.Reaktor.reaktor = {
+ nickname = "Reaktor|bot";
+ channels = [ "#krebs" "#shackspace" "#binaergewitter" ];
+ plugins = with pkgs.ReaktorPlugins;[
+ titlebot
+ # stockholm-issue
+ nixos-version
+ shack-correct
+ sed-plugin
+ random-emoji ];
+ };
+
krebs.build.host = config.krebs.hosts.omo;
}
diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix
index 2457ab92e..a5c4d3cca 100644
--- a/makefu/1systems/wry.nix
+++ b/makefu/1systems/wry.nix
@@ -19,8 +19,6 @@ in {
../2configs/backup.nix
# other nginx
- ../2configs/nginx/euer.wiki.nix
- ../2configs/nginx/euer.blog.nix
# ../2configs/nginx/euer.test.nix
# collectd
@@ -33,46 +31,9 @@ in {
krebs.build.host = config.krebs.hosts.wry;
- krebs.Reaktor.reaktor = {
- nickname = "Reaktor|bot";
- channels = [ "#krebs" "#shackspace" "#binaergewitter" ];
- plugins = with pkgs.ReaktorPlugins;[
- titlebot
- # stockholm-issue
- nixos-version
- shack-correct
- sed-plugin
- random-emoji ];
- };
-
# prepare graphs
services.nginx.enable = true;
krebs.retiolum-bootstrap.enable = true;
- krebs.bepasty.servers."paste.r".nginx.extraConfig = ''
- if ( $server_addr = "${external-ip}" ) {
- return 403;
- }
- '';
- krebs.tinc_graphs = {
- enable = true;
- nginx = {
- enable = true;
- # TODO: remove hard-coded hostname
- complete = {
- extraConfig = ''
- if ( $server_addr = "${external-ip}" ) {
- return 403;
- }
- '';
- serverAliases = [ "graphs.retiolum" "graphs.wry" "graphs.retiolum" "graphs.wry.retiolum" ];
- };
- anonymous = {
- enableSSL = true;
- forceSSL = true;
- enableACME = true;
- };
- };
- };
networking = {
firewall = {
diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix
index 9666f50ff..9cedc04a8 100644
--- a/makefu/1systems/x.nix
+++ b/makefu/1systems/x.nix
@@ -8,6 +8,7 @@
[ # base
../.
../2configs/main-laptop.nix
+ ../2configs/extra-fonts.nix
../2configs/tools/all.nix
../2configs/laptop-backup.nix
../2configs/dnscrypt.nix
@@ -46,7 +47,7 @@
../2configs/mail-client.nix
../2configs/printer.nix
../2configs/virtualization.nix
- # ../2configs/virtualization-virtualbox.nix
+ ../2configs/virtualization-virtualbox.nix
../2configs/wwan.nix
../2configs/rad1o.nix
diff --git a/makefu/2configs/backup.nix b/makefu/2configs/backup.nix
index 280dc1df4..9ed890326 100644
--- a/makefu/2configs/backup.nix
+++ b/makefu/2configs/backup.nix
@@ -29,7 +29,7 @@ let
};
in {
krebs.backup.plans = {
- wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
+ # wry-to-omo_root = defaultPull config.krebs.hosts.wry "/";
gum-to-omo_root = defaultPull config.krebs.hosts.gum "/";
};
}
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index 43b37cd8c..ba4c551b3 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -41,7 +41,7 @@ in
fonts = {
enableCoreFonts = true;
enableFontDir = true;
- enableGhostscriptFonts = false;
+ enableGhostscriptFonts = true;
fonts = [ pkgs.terminus_font ];
};
@@ -62,7 +62,7 @@ in
cat |derp <<EOF
XTerm*background: black
XTerm*foreground: white
- XTerm*FaceName : Terminus:pixelsize=14
+ XTerm*FaceName : xft:xos4 Terminus:pixelsize=14
URxvt*termName: rxvt
URxvt*saveLines: 10000
@@ -74,7 +74,8 @@ in
URxvt.background: black
URxvt.urgentOnBell: true
URxvt.visualBell: false
- URxvt.font : xft:Terminus
+ URxvt.font : xft:xos4 Terminus:size=12
+
! blue
URxvt*color4: #268bd2
diff --git a/makefu/2configs/bepasty-dual.nix b/makefu/2configs/bepasty-dual.nix
index 936aaf004..ecf5f8a38 100644
--- a/makefu/2configs/bepasty-dual.nix
+++ b/makefu/2configs/bepasty-dual.nix
@@ -14,7 +14,7 @@ with import <stockholm/lib>;
let
sec = toString <secrets>;
# secKey is nothing worth protecting on a local machine
- secKey = import <secrets/bepasty-secret.nix>;
+ secKey = "${secrets}/bepasty-secret";
acmepath = "/var/lib/acme/";
acmechall = acmepath + "/challenges/";
ext-dom = "paste.krebsco.de" ;
@@ -31,7 +31,7 @@ in {
serverAliases = [ "paste.retiolum" "paste.${config.krebs.build.host.name}" ];
};
defaultPermissions = "admin,list,create,read,delete";
- secretKey = secKey;
+ secretKeyFile = secKey;
};
"${ext-dom}" = {
@@ -41,7 +41,7 @@ in {
enableACME = true;
};
defaultPermissions = "read";
- secretKey = secKey;
+ secretKeyFile = secKey;
};
};
};
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 1ad7f0710..7b2e6b617 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
user = config.krebs.users.makefu;
source = let
inherit (config.krebs.build) host user;
- ref = "53a2baa"; # unstable @ 2017-02-28
+ ref = "2982661"; # unstable @ 2017-03-31 + cups-dymo + snapraid-11.1
in {
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
{
diff --git a/makefu/2configs/deployment/graphs.nix b/makefu/2configs/deployment/graphs.nix
new file mode 100644
index 000000000..35a724f6a
--- /dev/null
+++ b/makefu/2configs/deployment/graphs.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+with import <stockholm/lib>;
+let
+ external-ip = config.krebs.build.host.nets.internet.ip4.addr;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
+ hn = config.krebs.build.host.name;
+in {
+ krebs.bepasty.servers."paste.r".nginx.extraConfig = ''
+ if ( $server_addr = "${external-ip}" ) {
+ return 403;
+ }
+ '';
+ krebs.tinc_graphs = {
+ enable = true;
+ nginx = {
+ enable = true;
+ # TODO: remove hard-coded hostname
+ complete = {
+ extraConfig = ''
+ if ( $server_addr = "${external-ip}" ) {
+ return 403;
+ }
+ '';
+ serverAliases = [
+ "graphs.r" "graphs.retiolum"
+ "graphs.${hn}" "graphs.${hn}.retiolum"
+ ];
+ };
+ anonymous = {
+ enableSSL = true;
+ forceSSL = true;
+ enableACME = true;
+ };
+ };
+ };
+}
diff --git a/makefu/2configs/extra-fonts.nix b/makefu/2configs/extra-fonts.nix
new file mode 100644
index 000000000..7b3a5f197
--- /dev/null
+++ b/makefu/2configs/extra-fonts.nix
@@ -0,0 +1,14 @@
+ { pkgs, ... }:
+ {
+ fonts = {
+ enableFontDir = true;
+ enableGhostscriptFonts = true;
+ fonts = with pkgs; [
+ inconsolata # monospaced
+ ubuntu_font_family # Ubuntu fonts
+ unifont # some international languages
+ dejavu_fonts
+ terminus_font
+ ];
+ };
+ }
diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index 7c7b00abc..509ed512d 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -5,7 +5,7 @@
enable = true;
drivers = [
pkgs.samsungUnifiedLinuxDriver
- pkgs.dymo-cups-drivers
+ pkgs.cups-dymo
];
};
diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix
index 20eb031a1..d1dcec657 100644
--- a/makefu/2configs/urlwatch.nix
+++ b/makefu/2configs/urlwatch.nix
@@ -9,7 +9,7 @@
## nixpkgs maintenance
https://api.github.com/repos/ovh/python-ovh/tags
https://api.github.com/repos/embray/d2to1/tags
- http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release
+ https://api.github.com/repos/Mic92/vicious/tags
https://pypi.python.org/simple/bepasty/
https://pypi.python.org/simple/xstatic/
http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
@@ -19,6 +19,7 @@
https://api.github.com/repos/embray/d2to1/tags
https://api.github.com/repos/dorimanx/exfat-nofuse/commits
https://api.github.com/repos/dorimanx/exfat-nofuse/tags
+ https://api.github.com/repos/radare/radare2/tags
];
};
}
diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix
index c2276887e..b94b6fa54 100644
--- a/makefu/5pkgs/awesomecfg/default.nix
+++ b/makefu/5pkgs/awesomecfg/default.nix
@@ -1,6 +1,7 @@
_:
{
+ # TODO: requires in path: amixer, xlock, xbacklight
full = ./full.cfg;
kiosk = ./kiosk.lua;
}
diff --git a/makefu/5pkgs/dymo-cups-drivers/default.nix b/makefu/5pkgs/dymo-cups-drivers/default.nix
deleted file mode 100644
index d47bae6dd..000000000
--- a/makefu/5pkgs/dymo-cups-drivers/default.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ stdenv, lib, pkgs, fetchurl, cups, ... }:
-
-stdenv.mkDerivation rec {
- name = "dymo-cups-drivers-${version}";
- version = "1.4.0";
- src = fetchurl {
- url = "http://download.dymo.com/dymo/Software/Download%20Drivers/Linux/Download/${name}.tar.gz";
- sha256 = "0wagsrz3q7yrkzb5ws0m5faq68rqnqfap9p98sgk5jl6x7krf1y6";
- };
- buildInputs = [ cups ];
- makeFlags = [ "cupsfilterdir=$(out)/lib/cups/filter" "cupsmodeldir=$(out)/share/cups/model" ];
-
- # acd_cli gets dumped in bin and gets overwritten by fixupPhase
- meta = {
- description = "Dymo printer drivers";
- };
-}
diff --git a/makefu/5pkgs/taskserver/default.nix b/makefu/5pkgs/taskserver/default.nix
deleted file mode 100644
index a1502b4d6..000000000
--- a/makefu/5pkgs/taskserver/default.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ stdenv, fetchurl, cmake, libuuid, gnutls, makeWrapper }:
-
-stdenv.mkDerivation rec {
- name = "taskserver-${version}";
- version = "1.1.0";
-
- enableParallelBuilding = true;
-
- src = fetchurl {
- url = "http://www.taskwarrior.org/download/taskd-${version}.tar.gz";
- sha256 = "1d110q9vw8g5syzihxymik7hd27z1592wkpz55kya6lphzk8i13v";
- };
-
- patchPhase = ''
- pkipath=$out/share/taskd/pki
- mkdir -p $pkipath
- cp -r pki/* $pkipath
- echo "patching paths in pki/generate"
- sed -i "s#^\.#$pkipath#" $pkipath/generate
- for f in $pkipath/generate* ;do
- i=$(basename $f)
- echo patching $i
- sed -i \
- -e 's/which/type -p/g' \
- -e 's#^\. ./vars#if test -e ./vars;then . ./vars; else echo "cannot find ./vars - copy the template from '$pkipath'/vars into the working directory";exit 1; fi#' $f
-
- echo wrapping $i
- makeWrapper $pkipath/$i $out/bin/taskd-pki-$i \
- --prefix PATH : ${gnutls}/bin/
- done
- '';
-
- buildInputs = [ makeWrapper ];
- nativeBuildInputs = [ cmake libuuid gnutls ];
-
- meta = {
- description = "Server for synchronising Taskwarrior clients";
- homepage = http://taskwarrior.org;
- license = stdenv.lib.licenses.mit;
- platforms = stdenv.lib.platforms.linux;
- maintainers = with stdenv.lib.maintainers; [ matthiasbeyer makefu ];
- };
-}
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index b0b822780..722a08812 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -15,6 +15,7 @@ in
../2configs/cgit-mirror.nix
../2configs/repo-sync.nix
../2configs/graphite.nix
+ ../2configs/share-shack.nix
];
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
diff --git a/shared/2configs/share-shack.nix b/shared/2configs/share-shack.nix
new file mode 100644
index 000000000..247b9ee7d
--- /dev/null
+++ b/shared/2configs/share-shack.nix
@@ -0,0 +1,38 @@
+{config, ... }:{
+ users.users.smbguest = {
+ name = "smbguest";
+ uid = config.ids.uids.smbguest;
+ group = "share";
+ description = "smb guest user";
+ home = "/home/share";
+ createHome = true;
+ };
+
+ networking.firewall.allowedTCPPorts = [
+ 139 445 # samba
+ ];
+
+ networking.firewall.allowedUDPPorts = [
+ 137 138
+ ];
+ services.samba = {
+ enable = true;
+ shares = {
+ share-home = {
+ path = "/home/share/";
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "yes";
+ };
+ };
+ extraConfig = ''
+ guest account = smbguest
+ map to guest = bad user
+ # disable printing
+ load printers = no
+ printing = bsd
+ printcap name = /dev/null
+ disable spoolss = yes
+ '';
+ };
+}