diff options
author | tv <tv@krebsco.de> | 2017-04-12 09:24:46 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-04-12 09:24:46 +0200 |
commit | 0248fce6be6705de4a6beab0f2a9336550df9d18 (patch) | |
tree | 6865e194d5df1f9f77a03da06192d5034f97cacf /krebs/3modules | |
parent | 75f43655d379a7aeed58b9cb423759b8a3696a9a (diff) | |
parent | 9224e9c4c8432ce8d7788592b9d25cfc29440ee6 (diff) |
Merge remote-tracking branch 'prism/makefu'
Diffstat (limited to 'krebs/3modules')
-rw-r--r-- | krebs/3modules/default.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/htgen.nix | 68 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 25 |
3 files changed, 82 insertions, 12 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index f336c966f..d24cea1a2 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -20,6 +20,7 @@ let ./github-hosts-sync.nix ./git.nix ./go.nix + ./htgen.nix ./iptables.nix ./kapacitor.nix ./monit.nix diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix new file mode 100644 index 000000000..0dddca6c8 --- /dev/null +++ b/krebs/3modules/htgen.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + cfg = config.krebs.htgen; + + out = { + options.krebs.htgen = api; + config = imp; + }; + + api = mkOption { + default = {}; + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + enable = mkEnableOption "krebs.htgen-${config.name}"; + + name = mkOption { + type = types.username; + default = config._module.args.name; + }; + + port = mkOption { + type = types.uint; + }; + + script = mkOption { + type = types.str; + }; + user = mkOption { + type = types.user; + default = { + name = "htgen-${config.name}"; + home = "/var/lib/htgen-${config.name}"; + }; + }; + }; + })); + }; + imp = { + + systemd.services = mapAttrs' (name: htgen: + nameValuePair "htgen-${name}" { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + environment = { + HTGEN_PORT = toString htgen.port; + HTGEN_SCRIPT = htgen.script; + }; + serviceConfig = { + SyslogIdentifier = "htgen"; + User = htgen.user.name; + PrivateTmp = true; + Restart = "always"; + ExecStart = "${pkgs.htgen}/bin/htgen --serve"; + }; + } + ) cfg; + + users.users = mapAttrs' (name: htgen: + nameValuePair htgen.user.name { + inherit (htgen.user) home name uid; + createHome = true; + } + ) cfg; + + }; +in out diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 489f62b65..8e5927f9d 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -285,12 +285,9 @@ with import <stockholm/lib>; cores = 1; extraZones = { "krebsco.de" = '' - euer IN A ${nets.internet.ip4.addr} - wiki.euer IN A ${nets.internet.ip4.addr} - wry IN A ${nets.internet.ip4.addr} - io IN NS wry.krebsco.de. - graphs IN A ${nets.internet.ip4.addr} - tinc IN A ${nets.internet.ip4.addr} + wry IN A ${nets.internet.ip4.addr} + io IN NS wry.krebsco.de. + tinc IN A ${nets.internet.ip4.addr} ''; }; nets = rec { @@ -307,13 +304,8 @@ with import <stockholm/lib>; ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad"; aliases = [ "graphs.wry.retiolum" - "graphs.r" "graphs.retiolum" "paste.wry.retiolum" "wry.r" "wry.retiolum" - "wiki.makefu.retiolum" - "wiki.wry.retiolum" - "blog.makefu.retiolum" - "blog.wry.retiolum" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -452,6 +444,9 @@ with import <stockholm/lib>; cgit.euer IN A ${nets.internet.ip4.addr} o.euer IN A ${nets.internet.ip4.addr} dl.euer IN A ${nets.internet.ip4.addr} + euer IN A ${nets.internet.ip4.addr} + wiki.euer IN A ${nets.internet.ip4.addr} + graphs IN A ${nets.internet.ip4.addr} ''; }; nets = rec { @@ -464,7 +459,7 @@ with import <stockholm/lib>; retiolum = { via = internet; ip4.addr = "10.243.0.211"; - ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; + # ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; aliases = [ "gum.r" "gum.retiolum" @@ -473,6 +468,12 @@ with import <stockholm/lib>; "o.gum.retiolum" "tracker.makefu.r" "tracker.makefu.retiolum" + + "graphs.r" "graphs.retiolum" + "wiki.makefu.retiolum" + "wiki.wry.retiolum" + "blog.makefu.retiolum" + "blog.wry.retiolum" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- |