summaryrefslogtreecommitdiffstats
path: root/krebs/3modules
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2021-01-18 15:24:18 +0100
committertv <tv@krebsco.de>2021-01-18 15:24:18 +0100
commitff6f5ef5e1cdbd27b2211c54643fa2754f888cbb (patch)
treeb33763a7ac8040efe988f8bed2fe1c649cc155dd /krebs/3modules
parent7b7ebd8708885633c926c21a4b71d5d4ce8931cf (diff)
parent2a32b7731496615e43a06ec1049f6716c49a1999 (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'krebs/3modules')
-rw-r--r--krebs/3modules/brockman.nix34
-rw-r--r--krebs/3modules/default.nix2
-rw-r--r--krebs/3modules/external/default.nix25
-rw-r--r--krebs/3modules/go.nix96
-rw-r--r--krebs/3modules/krebs/default.nix2
-rw-r--r--krebs/3modules/lass/default.nix2
-rw-r--r--krebs/3modules/makefu/default.nix2
-rw-r--r--krebs/3modules/newsbot-js.nix102
8 files changed, 127 insertions, 138 deletions
diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix
new file mode 100644
index 000000000..55e8255b4
--- /dev/null
+++ b/krebs/3modules/brockman.nix
@@ -0,0 +1,34 @@
+{ pkgs, lib, config, ... }:
+with lib;
+let
+ cfg = config.krebs.brockman;
+in {
+ options.krebs.brockman = {
+ enable = mkEnableOption "brockman";
+ config = mkOption { type = types.attrs; }; # TODO make real config here
+ };
+
+ config = mkIf cfg.enable {
+ users.extraUsers.brockman = {
+ home = "/var/lib/brockman";
+ createHome = true;
+ isNormalUser = false;
+ };
+
+ systemd.services.brockman = {
+ description = "RSS to IRC broadcaster";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network-online.target" ];
+ serviceConfig = {
+ Restart = "always";
+ ExecStart = ''
+ ${pkgs.brockman}/bin/brockman ${pkgs.writeText "brockman.json" (builtins.toJSON cfg.config)}
+ '';
+ User = config.users.extraUsers.brockman.name;
+ PrivateTmp = true;
+ RuntimeDirectory = "brockman";
+ WorkingDirectory = "%t/brockman";
+ };
+ };
+ };
+}
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index bd6bab376..8c620a4e2 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -11,6 +11,7 @@ let
./apt-cacher-ng.nix
./backup.nix
./bepasty-server.nix
+ ./brockman.nix
./buildbot/master.nix
./buildbot/slave.nix
./build.nix
@@ -36,7 +37,6 @@ let
./kapacitor.nix
./konsens.nix
./monit.nix
- ./newsbot-js.nix
./nixpkgs.nix
./on-failure.nix
./os-release.nix
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 277169e11..efe3ace0f 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -579,6 +579,31 @@ in {
};
};
};
+ karakalpakstan = {
+ owner = config.krebs.users.xkey;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.161.1";
+ aliases = [ "karakalpakstan.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEA45kRCvWIaVteKQiz31AOjkEwHwOns/6SGXYzL5IswoEOT/i/8Ihl
+ l+ydTMTE28zs1nQp8MUBEdsJF02U8aEjPCyyMtZflZ+uaUAeJ0zAWTcb4AwdSjp+
+ RKApp+LmVNDyx3W6rIgK7WYLfKhge4nRAlnshpekzaS2j7ccKhZMBIqyntYDJb6K
+ lE4poAgemMlE0apFV54d3ohWCZurfJ/K6BpsX7h+uwqFPOHi+pD7D/e2dHhSLXtS
+ 0cuFseQwqDF+xd5MAmApHO8w/BEdKWeU19TZmzkC5TlIO1HcknMq4Y8QkzCc5PXb
+ 5WeEdi1CyIGePldFv91LoHepsMV3nrIF7n6ZmdTuxj5GH0A0Zg0z4hrWJuXk64JM
+ bTpe/rDXWOG0IK0HN4z14ySD8yafLTV4gvH9Mg6jUqyqGfLpIK+o/N7ZavOeVKq5
+ 3Hf9c246v1vhHjnbat5GyY79PmimEvxR51mOItpRoyJYfdSa3KrvUki0MboCiYAU
+ GKBmEw2BR3eybnejHqvAFov30MkmkOTz3mV/UPKELqhGCQf6UJAKG0GoxGpK3m8k
+ epNSAKUpj8B7+JM3Ybgl+CoAm/+qu7Ojp5j4Onn0kgB2yXryHJaNOdgraCXI2yzt
+ /n/eHElmKWoMCXhkV/mee1Cl2Y74XKivM6ov3lLvIDRxdXl46PvBFVkCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
+
};
users = {
ajs124 = {
diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix
index 218ac9221..4df73509c 100644
--- a/krebs/3modules/go.nix
+++ b/krebs/3modules/go.nix
@@ -13,52 +13,78 @@ let
api = {
enable = mkEnableOption "Enable go url shortener";
port = mkOption {
- type = types.str;
- default = "1337";
+ type = types.int;
+ default = 1337;
description = "on which port go should run on";
};
- redisKeyPrefix = mkOption {
- type = types.str;
- default = "go:";
- description = "change the Redis key prefix which defaults to `go:`";
- };
};
imp = {
- services.redis = {
- enable = mkDefault true;
- bind = mkDefault "127.0.0.1";
- };
+ krebs.htgen.go = {
+ port = cfg.port;
+ script = ''. ${pkgs.writeDash "go" ''
+ find_item() {
+ if test ''${#1} -ge 7; then
+ set -- "$(find "$STATEDIR/items" -mindepth 1 -maxdepth 1 \
+ -regex "$STATEDIR/items/$1[0-9A-Za-z]*$")"
+ if test -n "$1" && test $(echo "$1" | wc -l) = 1; then
+ echo "$1"
+ return 0
+ fi
+ fi
+ return 1
+ }
- users.extraUsers.go = rec {
- name = "go";
- uid = genid name;
- description = "go url shortener user";
- home = "/var/lib/go";
- createHome = true;
- };
+ STATEDIR=$HOME
+ mkdir -p "$STATEDIR/items"
- systemd.services.go = {
- description = "go url shortener";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
+ case "$Method $Request_URI" in
+ "GET /"*)
+ if item=$(find_item "''${Request_URI#/}"); then
+ uri=$(cat "$item")
+ printf 'HTTP/1.1 302 Found\r\n'
+ printf 'Content-Type: text/plain\r\n'
+ printf 'Connection: closed\r\n'
+ printf 'Location: %s\r\n' "$uri"
+ printf '\r\n'
+ exit
+ fi
+ ;;
+ "POST /")
+ uri=$(mktemp -t htgen.$$.content.XXXXXXXX)
+ trap 'rm $uri >&2' EXIT
- path = with pkgs; [
- go-shortener
- ];
+ head -c "$req_content_length" \
+ | sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
+ | xargs -0 echo -e \
+ | tee /tmp/tee.log \
+ | ${pkgs.urix}/bin/urix \
+ | head -1 \
+ > "$uri"
+ sha256=$(sha256sum -b "$uri" | cut -d\ -f1)
+ base32=$(${pkgs.nixStable}/bin/nix-hash --to-base32 --type sha256 "$sha256")
+ item="$STATEDIR/items/$base32"
+ ref="http://$req_host/$base32"
- environment = {
- PORT = cfg.port;
- REDIS_KEY_PREFIX = cfg.redisKeyPrefix;
- };
+ if ! test -e "$item"; then
+ mkdir -v -p "$STATEDIR/items" >&2
+ cp -v "$uri" "$item" >&2
+ fi
- restartIfChanged = true;
+ base32short=$(echo "$base32" | cut -b-7)
+ if item=$(find_item "$base32short"); then
+ ref="http://$req_host/$base32short"
+ fi
- serviceConfig = {
- User = "go";
- Restart = "always";
- ExecStart = "${pkgs.go-shortener}/bin/go";
- };
+ printf 'HTTP/1.1 200 OK\r\n'
+ printf 'Content-Type: text/plain; charset=UTF-8\r\n'
+ printf 'Connection: close\r\n'
+ printf '\r\n'
+ printf '%s\n' "$ref"
+ exit
+ ;;
+ esac
+ ''}'';
};
};
diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix
index 5e3ddcb2d..d0648418f 100644
--- a/krebs/3modules/krebs/default.nix
+++ b/krebs/3modules/krebs/default.nix
@@ -128,9 +128,11 @@ in {
ip4.addr = "10.243.77.2";
aliases = [
"puyak.r"
+ "brockman.r"
"build.puyak.r"
"cgit.puyak.r"
"go.r"
+ "rss.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 3466ef8eb..a4586bed4 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -44,6 +44,7 @@ in {
matrix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
+ streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
'';
};
nets = rec {
@@ -604,6 +605,7 @@ in {
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f ";
+ syncthing.id = "JS4RFIL-MJP2SMJ-EOQXCPQ-MC3NB4V-BQ77GN5-LPKGLWY-GHDP732-G22OJQQ";
};
hilum = {
cores = 1;
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index e204b4f31..2cb70eec4 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -243,6 +243,8 @@ in {
"wiki.makefu.r"
"warrior.gum.r"
"sick.makefu.r"
+ "dl.gum.r"
+ "dl.makefu.r"
];
};
};
diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix
deleted file mode 100644
index a3640caa5..000000000
--- a/krebs/3modules/newsbot-js.nix
+++ /dev/null
@@ -1,102 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-let
-
- cfg = config.krebs.newsbot-js;
-
- enable = cfg != {};
-
- out = {
- options.krebs.newsbot-js = api;
- config = mkIf enable imp;
- };
-
- api = mkOption {
- type = types.attrsOf (types.submodule ({ config, ... }: {
- options = {
- enable = mkEnableOption "Enable krebs newsbot" // { default = true; };
-
- channel = mkOption {
- type = types.str;
- default = "#${config._module.args.name}";
- description = "post the news in this channel";
- };
- feeds = mkOption {
- type = types.path;
- description = ''
- file with feeds to post
- format:
- $nick|$feedURI
- '';
- };
- ircServer = mkOption {
- type = types.str;
- default = "localhost";
- description = "to which server the bot should connect";
- };
- masterNick = mkOption {
- type = types.str;
- default = config._module.args.name;
- description = "nickname of the master bot";
- };
- package = mkOption {
- type = types.package;
- default = pkgs.newsbot-js;
- description = "newsbot package to use";
- };
- urlShortenerHost = mkOption {
- type = types.str;
- default = "go.r";
- description = "what server to use for url shortening, host";
- };
- urlShortenerPort = mkOption {
- type = types.str;
- default = "80";
- description = "what server to use for url shortening, port";
- };
- };
- }));
- default = {};
- };
-
- imp = {
- users.extraUsers.newsbot-js = {
- name = "newsbot-js";
- uid = genid "newsbot-js";
- description = "newsbot-js user";
- home = "/var/empty";
- };
-
- systemd.services = mapAttrs' (name: newsbot:
- nameValuePair "newsbot-${name}" {
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
-
- path = with pkgs; [
- newsbot-js
- ];
-
- environment = {
- irc_server = newsbot.ircServer;
- master_nick = newsbot.masterNick;
- news_channel = newsbot.channel;
- feeds_file = newsbot.feeds;
- url_shortener_host = newsbot.urlShortenerHost;
- url_shortener_port = newsbot.urlShortenerPort;
- };
-
- restartIfChanged = true;
-
- serviceConfig = {
- User = "newsbot-js";
- Restart = "always";
- ExecStart = "${newsbot.package}/bin/newsbot";
- WatchdogSec = "86400";
- };
- }
- ) cfg;
- };
-
-in out