summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2016-05-09 11:27:06 +0200
committerlassulus <lass@aidsballs.de>2016-05-09 11:27:06 +0200
commite7528ccc2f366df381d6436ae2ad6781a9a0ace3 (patch)
tree59d65c08da8fdd297fe02ab8bb1486f420b4a17f
parentfb87c76112b1c4c8d48de8df78b5f46f2b750bdf (diff)
parent56ca7859fab1ad3c1a0a7b5ebf10140b218a60be (diff)
Merge remote-tracking branch 'gum/master'
-rw-r--r--krebs/3modules/fetchWallpaper.nix5
-rw-r--r--krebs/3modules/makefu/default.nix12
-rw-r--r--krebs/3modules/retiolum.nix4
-rw-r--r--krebs/5pkgs/fortclientsslvpn/default.nix4
-rw-r--r--krebs/5pkgs/repo-sync/default.nix4
-rw-r--r--makefu/1systems/vbob.nix26
-rw-r--r--makefu/2configs/base-gui.nix10
-rw-r--r--makefu/2configs/default.nix3
-rw-r--r--makefu/2configs/hw/tp-x220.nix8
-rw-r--r--makefu/2configs/omo-share.nix26
-rw-r--r--makefu/3modules/awesome-extra.nix40
-rw-r--r--makefu/3modules/default.nix1
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg10
-rw-r--r--makefu/5pkgs/default.nix1
-rw-r--r--makefu/5pkgs/devpi/default.nix70
15 files changed, 187 insertions, 37 deletions
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index e6bb06a95..0adcec3d8 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -41,8 +41,11 @@ let
};
fetchWallpaperScript = pkgs.writeDash "fetchWallpaper" ''
+ set -euf
+
mkdir -p ${shell.escape cfg.stateDir}
- curl -s -o ${shell.escape cfg.stateDir}/wallpaper -z ${shell.escape cfg.stateDir}/wallpaper ${shell.escape cfg.url}
+ cd ${shell.escape cfg.stateDir}
+ curl -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper
feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper
'';
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 814e6929b..a6d4597f7 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -479,12 +479,12 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA961eCQE562VPYjuZtd0+FNRfUghvD2ccjUlihMjzg46GAK+duqK+
- 4peWklGOL4eRYQBg6G2VDzWiU2MxXVbXUZaMrxh7fTc3G3LdbqTxzAv3GQKR/6iA
- 9bGUf6u4ztVNAcj2mrY3mfs4gMlBQyQ2wcM0ZUpiAMaRB4cdq7I4GVHbYTFYfQuI
- 2zdnr0w8AjlMpFFcD0ExsWeppiJsE7iiME/S2VVfh2NrEpAKQbLH9fKrfkiJA/+9
- 0VIH9wLLIYngUtQKbvEQ5xgx6ybrg0vO8ZqZ1ZGXYxOQZzWzPP0tvDU0QHSKYSWb
- FjcOf1lWSWjsjHxMl/Gh57hjNJFCbs8yjQIDAQAB
+ MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d
+ fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs
+ e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1
+ KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99
+ oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf
+ wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix
index 5aaeb5a30..5a035fa50 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/retiolum.nix
@@ -102,6 +102,10 @@ let
The list of hosts in the network which the client will try to connect
to. These hosts should have an 'Address' configured which points to a
routeable IPv4 or IPv6 address.
+
+ In stockholm this can be done by configuring:
+ krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.addrs4 =
+ [ "${external-ip} ${external-port}" ]
'';
};
diff --git a/krebs/5pkgs/fortclientsslvpn/default.nix b/krebs/5pkgs/fortclientsslvpn/default.nix
index 602766f46..11d567408 100644
--- a/krebs/5pkgs/fortclientsslvpn/default.nix
+++ b/krebs/5pkgs/fortclientsslvpn/default.nix
@@ -5,6 +5,10 @@ stdenv.mkDerivation rec {
# forticlient will be copied into /tmp before execution. this is necessary as
# the software demands $base to be writeable
+ # mkdir /etc/ppp ; touch /etc/ppp/options
+ ## i still have not found which tool uses tail ... i tried redirecting it in forticlientsslvpn and subproc
+ # ln -s /run/current-system/sw/bin/tail /usr/bin/tail
+
src = fetchurl {
# archive.org mirror:
# https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz
diff --git a/krebs/5pkgs/repo-sync/default.nix b/krebs/5pkgs/repo-sync/default.nix
index 789c03f36..7cba87b09 100644
--- a/krebs/5pkgs/repo-sync/default.nix
+++ b/krebs/5pkgs/repo-sync/default.nix
@@ -2,7 +2,7 @@
with python3Packages; buildPythonPackage rec {
name = "repo-sync-${version}";
- version = "0.2.5";
+ version = "0.2.6";
disabled = isPy26 || isPy27;
propagatedBuildInputs = [
docopt
@@ -11,7 +11,7 @@ with python3Packages; buildPythonPackage rec {
];
src = fetchurl {
url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz";
- sha256 = "1a59bj0vc5ajq8indkvkdk022yzvvv5mjb57hk3xf1j3wpr85p84";
+ sha256 = "1hqa9qw9qg7mxgniqzys9szycs05llg4yik8a9wz94a437zzarsk";
};
meta = {
homepage = http://github.com/makefu/repo-sync;
diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix
index 5e2382f37..8b71b1393 100644
--- a/makefu/1systems/vbob.nix
+++ b/makefu/1systems/vbob.nix
@@ -1,9 +1,7 @@
-#
-#
-#
{ lib, config, pkgs, ... }:
{
krebs.build.host = config.krebs.hosts.vbob;
+ makefu.awesome.modkey = "Mod1";
imports =
[ # Include the results of the hardware scan.
../.
@@ -19,6 +17,10 @@
device ="/dev/disk/by-label/nixstore";
fsType = "ext4";
};
+ fileSystems."/var/lib/docker" = {
+ device ="/dev/disk/by-label/nix-docker";
+ fsType = "ext4";
+ };
#makefu.buildbot.master.enable = true;
# allow vbob to deploy self
users.extraUsers = {
@@ -28,11 +30,14 @@
};
environment.systemPackages = with pkgs;[
fortclientsslvpn
- buildbot
- buildbot-slave
get
logstash
+ docker
+ devpi-web
+ devpi-client
];
+ # virtualisation.docker.enable = true;
+
networking.firewall.allowedTCPPorts = [
25
@@ -42,18 +47,21 @@
krebs.retiolum = {
enable = true;
- extraConfig = "Proxy = http global.proxy.alcatel-lucent.com 8000";
connectTo = [
+ "omo"
"gum"
];
};
- networking.proxy.default = "http://global.proxy.alcatel-lucent.com:8000";
+ networking.extraHosts = ''
+ 172.17.20.190 gitlab
+ 172.17.62.27 svbittool01 tool
+ '';
+
fileSystems."/media/share" = {
fsType = "vboxsf";
device = "share";
- options = "rw,uid=9001,gid=9001";
+ options = [ "rw" "uid=9001" "gid=9001" ];
};
}
-
diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix
index b807957ba..f7d6991c5 100644
--- a/makefu/2configs/base-gui.nix
+++ b/makefu/2configs/base-gui.nix
@@ -14,7 +14,6 @@
with config.krebs.lib;
let
mainUser = config.krebs.build.user.name;
- awesomecfg = pkgs.awesomecfg.full;
in
{
imports = [ ];
@@ -36,14 +35,7 @@ in
};
# lid switch is handled via button presses
services.logind.extraConfig = mkDefault "HandleLidSwitch=ignore";
- nixpkgs.config.packageOverrides = pkgs: rec {
- awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : {
- postFixup = ''
- cp ${awesomecfg} $out/etc/xdg/awesome/rc.lua
- '';
- });
- };
-
+ makefu.awesome.enable = true;
i18n.consoleFont = "Lat2-Terminus16";
fonts = {
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 20faf7896..afdeec40e 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -138,6 +138,9 @@ with config.krebs.lib;
"time.apple.com"
"time.nist.gov"
];
+ nix.extraOptions = ''
+ auto-optimise-store = true
+ '';
security.setuidPrograms = [ "sendmail" ];
services.journald.extraConfig = ''
diff --git a/makefu/2configs/hw/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix
index 0a471bde0..be3d1eb70 100644
--- a/makefu/2configs/hw/tp-x220.nix
+++ b/makefu/2configs/hw/tp-x220.nix
@@ -4,8 +4,10 @@ with config.krebs.lib;
{
imports = [ ./tp-x2x0.nix ];
-
- boot.kernelModules = [ "kvm-intel" ];
+ boot = {
+ kernelModules = [ "kvm-intel" "acpi_call" ];
+ extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
+ };
services.xserver = {
videoDriver = "intel";
@@ -15,6 +17,8 @@ with config.krebs.lib;
'';
};
+ security.rngd.enable = true;
+
services.xserver.displayManager.sessionCommands =''
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix
index c943e3d9a..08bdd4a40 100644
--- a/makefu/2configs/omo-share.nix
+++ b/makefu/2configs/omo-share.nix
@@ -13,6 +13,16 @@ in {
omo-share = {
listen = [ "${local-ip}:80" ];
locations = singleton (nameValuePair "/" ''
+
+ access_log off;
+ # sendfile off;
+ # tcp_nopush on;
+ # aio on;
+ sendfile on;
+ sendfile_max_chunk 512k;
+ directio 512;
+ aio threads;
+ mp4;
autoindex on;
root /media;
limit_rate_after 100m;
@@ -24,7 +34,6 @@ in {
keepalive_timeout 65;
keepalive_requests 200;
reset_timedout_connection on;
- sendfile on;
tcp_nopush on;
gzip off;
'');
@@ -48,7 +57,6 @@ in {
browseable = "yes";
"guest ok" = "yes";
};
-
emu = {
path = "/media/crypt1/emu";
"read only" = "yes";
@@ -61,6 +69,20 @@ in {
browseable = "yes";
"guest ok" = "yes";
};
+ usenet-rw = {
+ path = "/media/crypt0/usenet";
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "no";
+ "valid users" = "makefu";
+ };
+ emu-rw = {
+ path = "/media/crypt1/emu";
+ "read only" = "no";
+ browseable = "yes";
+ "guest ok" = "no";
+ "valid users" = "makefu";
+ };
};
extraConfig = ''
guest account = smbguest
diff --git a/makefu/3modules/awesome-extra.nix b/makefu/3modules/awesome-extra.nix
new file mode 100644
index 000000000..b12556486
--- /dev/null
+++ b/makefu/3modules/awesome-extra.nix
@@ -0,0 +1,40 @@
+{config, lib, pkgs, ... }:
+
+with config.krebs.lib;
+let
+ cfg = config.makefu.awesome;
+ out = {
+ options.makefu.awesome = api;
+ config = lib.mkIf cfg.enable imp;
+ };
+ api = {
+ enable = mkEnableOption "awesome custom config";
+ modkey = mkOption {
+ type = types.str;
+ description = "Modkey to be used";
+ default = "Mod4";
+ };
+ baseConfig = mkOption {
+ type = types.path;
+ description = ''
+ rc.lua file to be used as default
+ This module will use substituteAll to replace strings before writing to
+ /etc/xdg/awesome/rc.lua
+ '';
+ default = pkgs.awesomecfg.full;
+ };
+ };
+ imp = {
+ # TODO: configure display manager as well
+ nixpkgs.config.packageOverrides = pkgs: rec {
+ awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : {
+ postFixup = let
+ rclua = pkgs.substituteAll {
+ src = cfg.baseConfig;
+ inherit (cfg) modkey;
+ };
+ in "cp ${rclua} $out/etc/xdg/awesome/rc.lua";
+ });
+ };
+ };
+in out
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 0a10b1532..853bdca04 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -5,6 +5,7 @@ _:
./snapraid.nix
./umts.nix
./taskserver.nix
+ ./awesome-extra.nix
];
}
diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg
index c1b58aa90..f42aea003 100644
--- a/makefu/5pkgs/awesomecfg/full.cfg
+++ b/makefu/5pkgs/awesomecfg/full.cfg
@@ -83,13 +83,11 @@ vicious.register(batwidget, vicious.widgets.bat, "$2%", 61, "BAT0")
-- {{{ Variable definitions
-- Themes define colours, icons, and wallpapers
-- beautiful.init("/usr/share/awesome/themes/default/theme.lua")
--- ./qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/lib/beautiful.lua
---
--- Find the default theme
---
--- beautiful.init("/nix/store/qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/themes/default/theme.lua")
+-- @awesome@/share/awesome/lib/beautiful.lua
+-- beautiful.init("@awesome@/share/awesome/themes/default/theme.lua")
+-- Find the default theme
function find_default_theme()
-- find the default lua theme in the package path
for path in package.path:gmatch('([^;]+);') do
@@ -115,7 +113,7 @@ browser = "firefox"
-- If you do not like this or do not have such a key,
-- I suggest you to remap Mod4 to another key using xmodmap or other tools.
-- However, you can use another modifier like Mod1, but it may interact with others.
-modkey = "Mod4"
+modkey = "@modkey@"
-- Table of layouts to cover with awful.layout.inc, order matters.
local layouts =
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index fff92725e..9cd2629de 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -12,6 +12,7 @@ in
mycube-flask = callPackage ./mycube-flask {};
nodemcu-uploader = callPackage ./nodemcu-uploader {};
tw-upload-plugin = callPackage ./tw-upload-plugin {};
+ inherit (callPackage ./devpi {}) devpi-web devpi-server;
taskserver = callPackage ./taskserver {};
};
}
diff --git a/makefu/5pkgs/devpi/default.nix b/makefu/5pkgs/devpi/default.nix
new file mode 100644
index 000000000..0df8ecd2c
--- /dev/null
+++ b/makefu/5pkgs/devpi/default.nix
@@ -0,0 +1,70 @@
+{ pkgs ? import <nixpkgs> {} }:
+with pkgs.stdenv.lib;
+let
+ execnet14 = pkgs.python3Packages.buildPythonPackage rec {
+ name = "execnet-1.4.1";
+
+ src = pkgs.fetchurl {
+ url = "https://pypi.python.org/packages/source/e/execnet/${name}.tar.gz";
+ sha256 = "1rpk1vyclhg911p3hql0m0nrpq7q7mysxnaaw6vs29cpa6kx8vgn";
+ };
+
+ propagatedBuildInputs = with pkgs.python3Packages;
+ [ setuptools_scm apipkg ];
+ meta = {
+ description = "rapid multi-Python deployment";
+ license = licenses.gpl2;
+ };
+ };
+
+ devpi-web = pkgs.python3Packages.buildPythonPackage rec {
+ name = "devpi-web";
+ version = "3.0.0";
+
+ src = pkgs.fetchurl {
+ url = "https://pypi.python.org/packages/source/d/devpi-web/devpi-web-${version}.tar.gz";
+ sha256 = "156abxyhj17a8cg38hpyr31qkjb61mb2kggsxij4p4xvy9jwkbwi";
+ };
+
+ propagatedBuildInputs = with pkgs.python3Packages;
+ [ devpi-server pyramid_chameleon beautifulsoup4 Whoosh defusedxml ];
+
+ meta = {
+ homepage = https://bitbucket.org/hpk42/devpi;
+ description = "a web view for devpi-server";
+ license = licenses.mit;
+ maintainers = with maintainers; [ makefu ];
+ };
+ };
+ devpi-server = pkgs.python3Packages.buildPythonPackage rec {
+ name = "devpi-server";
+ version = "3.0.2";
+
+ # original postFixup adds "import sys; sys.argv[0] = 'devpi-server'" to
+ # `.devpi-server-wrapped` which
+ # results in "not existing devpi-server: 'devpi-server'"
+ postFixup = "";
+
+ src = pkgs.fetchurl {
+ url = "https://pypi.python.org/packages/source/d/devpi-server/devpi-server-${version}.tar.gz";
+ sha256 = "14r1024i3x2pb72khyzvi56sh9smpdswmrbc88xvjxnalmzfn99d";
+ };
+
+ propagatedBuildInputs = with pkgs.python3Packages;
+ [ devpi-common execnet14 itsdangerous pluggy waitress pyramid ];
+ buildInputs = with pkgs.python3Packages; [ pytest beautifulsoup4 webtest ];
+
+ meta = {
+ homepage = https://bitbucket.org/hpk42/devpi;
+ description = "Devpi Server";
+ license = licenses.mit;
+ maintainers = with maintainers; [ makefu ];
+ };
+ };
+
+in {
+ inherit devpi-server;
+ devpi-web = pkgs.python3.buildEnv.override {
+ extraLibs = [ devpi-web devpi-server ];
+ };
+}