Merge remote-tracking branch 'lass/master'

10 files changed, 38 insertions, 19 deletions

diff --git a/lass/1systems/blue/config.nix b/lass/1systems/blue/config.nix
index aef055cf0..a84bb37f6 100644
--- a/lass/1systems/blue/config.nix
+++ b/lass/1systems/blue/config.nix
@@ -12,6 +12,14 @@ with import <stockholm/lib>;
 
   krebs.build.host = config.krebs.hosts.blue;
 
+  environment.shellAliases = {
+    deploy = pkgs.writeDash "deploy" ''
+      set -eu
+      export SYSTEM="$1"
+      $(nix-build $HOME/stockholm/lass/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
+    '';
+  };
+
   networking.nameservers = [ "1.1.1.1" ];
 
   lass.restic = genAttrs [
diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index de6963eb5..97e69146e 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -140,14 +140,6 @@ with import <stockholm/lib>;
     OnCalendar = "00:37";
   };
 
-  environment.shellAliases = {
-    deploy = pkgs.writeDash "deploy" ''
-      set -eu
-      export SYSTEM="$1"
-      $(nix-build $HOME/stockholm/lass/kops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
-    '';
-  };
-
   nix.package = pkgs.nixUnstable;
   programs.adb.enable = true;
   users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index 7a9537b64..9a0bb49e9 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -175,7 +175,6 @@ with import <stockholm/lib>;
         alias /var/realwallpaper/realwallpaper.png;
       '';
     }
-    <stockholm/krebs/2configs/reaktor-krebs.nix>
     <stockholm/lass/2configs/dcso-dev.nix>
     {
       users.users.jeschli = {
@@ -337,6 +336,11 @@ with import <stockholm/lib>;
         ];
       };
     }
+    {
+      krebs.iptables.tables.filter.INPUT.rules = [
+        { predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
+      ];
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index a387f2c5d..afdefaa45 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -68,6 +68,7 @@ in {
 
   environment.systemPackages = with pkgs; [
     acpi
+    ag
     bank
     cabal2nix
     dic
diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix
index c0417b865..363705edc 100644
--- a/lass/2configs/blue.nix
+++ b/lass/2configs/blue.nix
@@ -9,6 +9,11 @@ with (import <stockholm/lib>);
     ./pass.nix
   ];
 
+  environment.systemPackages = with pkgs; [
+    ag
+    nmap
+  ];
+
   services.tor.enable = true;
 
   krebs.iptables.tables.filter.INPUT.rules = [
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index ed97b4897..a43113177 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -23,7 +23,6 @@ with import <stockholm/lib>;
             config.krebs.users.lass-blue.pubkey
             config.krebs.users.lass-shodan.pubkey
             config.krebs.users.lass-icarus.pubkey
-            config.krebs.users.lass-xerxes.pubkey
           ];
         };
         mainUser = {
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index e41ff606f..72cfd5e75 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -54,7 +54,7 @@ let
       cgit.section  = "art";
     };
     nix-user-chroot = {
-      cgit.desc = "Fork of nix-user-chroot my lethalman";
+      cgit.desc = "Fork of nix-user-chroot by lethalman";
       cgit.section = "software";
     };
     krops = {
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index 1cf22552c..615f5a728 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -126,8 +126,8 @@ in {
     (sync-remote "xintmap" "https://github.com/4z3/xintmap")
     (sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper")
     (sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog")
-    (sync-remote "painload" "https://github.com/krebscode/painload")
-    (sync-remote "Reaktor" "https://github.com/krebscode/Reaktor")
+    (sync-remote "painload" "https://github.com/krebs/painload")
+    (sync-remote "Reaktor" "https://github.com/krebs/Reaktor")
     (sync-remote "nixos-wiki" "https://github.com/Mic92/nixos-wiki.wiki.git")
     (sync-retiolum "go")
     (sync-retiolum "much")
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 4e8361a17..e4f50e2d1 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -26,7 +26,10 @@ in {
     ./default.nix
     ./sqlBackup.nix
     (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
-    (servePage [ "freemonkey.art" ])
+    (servePage [
+      "freemonkey.art"
+      "www.freemonkey.art"
+    ])
     (serveOwncloud [ "o.ubikmedia.de" ])
     (serveWordpress [
       "ubikmedia.de"
diff --git a/lass/kops.nix b/lass/krops.nix
index 2dda0e8fb..776a3a55d 100644
--- a/lass/kops.nix
+++ b/lass/krops.nix
@@ -1,5 +1,5 @@
-{ name }: let
-  inherit (import ../krebs/kops.nix { inherit name; })
+{ config ? config, name }: let
+  inherit (import ../krebs/krops.nix { inherit name; })
     krebs-source
     lib
     pkgs
@@ -22,14 +22,21 @@
 
 in {
   # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
-  deploy = pkgs.kops.writeDeploy "${name}-deploy" {
+  deploy = pkgs.krops.writeDeploy "${name}-deploy" {
     source = source { test = false; };
     target = "root@${name}/var/src";
   };
 
   # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test)
-  test = pkgs.kops.writeTest "${name}-test" {
+  test = pkgs.krops.writeTest "${name}-test" {
     source = source { test = true; };
-    target = "${lib.getEnv "HOME"}/tmp/${name}-kops-test-src";
+    target = "${lib.getEnv "HOME"}/tmp/${name}-krops-test-src";
   };
+
+  ci = map (host:
+    pkgs.krops.writeTest "${host.name}-test" {
+      source = source { test = true; };
+      target = "${lib.getEnv "TMPDIR"}/lass/${host.name}";
+    }
+  ) (lib.filter (host: lib.getAttr "ci" host && host.owner == "lass") (lib.attrValues config.krebs.hosts));
 }