summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authornin <nineinchnade@gmail.com>2017-07-06 20:36:05 +0200
committernin <nineinchnade@gmail.com>2017-07-06 20:36:05 +0200
commitde8baa21bf122242c4ad6a4c17405259037149c8 (patch)
tree85e34f8040799313fa73a23eddb41ab5eec1d9e9 /lass
parent060ae725c32e6490d47bc3153de076ace26b59fd (diff)
parent438fdd2bd8e363567f544966e49d00f728921301 (diff)
Merge branch 'master' of prism:stockholm
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/icarus.nix17
-rw-r--r--lass/1systems/mors.nix47
-rw-r--r--lass/1systems/prism.nix4
-rw-r--r--lass/1systems/shodan.nix1
-rw-r--r--lass/2configs/buildbot-standalone.nix80
-rw-r--r--lass/2configs/default.nix1
-rw-r--r--lass/2configs/exim-smarthost.nix2
-rw-r--r--lass/2configs/mail.nix2
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/websites/domsen.nix5
-rw-r--r--lass/5pkgs/init/default.nix30
11 files changed, 75 insertions, 116 deletions
diff --git a/lass/1systems/icarus.nix b/lass/1systems/icarus.nix
index b869a67a7..13c517e3b 100644
--- a/lass/1systems/icarus.nix
+++ b/lass/1systems/icarus.nix
@@ -6,9 +6,9 @@ with import <stockholm/lib>;
../.
../2configs/retiolum.nix
../2configs/hw/tp-x220.nix
- ../2configs/baseX.nix
../2configs/git.nix
../2configs/exim-retiolum.nix
+ ../2configs/baseX.nix
../2configs/browsers.nix
../2configs/programs.nix
../2configs/fetchWallpaper.nix
@@ -22,9 +22,9 @@ with import <stockholm/lib>;
loader.grub.enable = true;
loader.grub.version = 2;
loader.grub.device = "/dev/sda";
- loader.grub.enableCryptodisk = true;
+ loader.grub.efiSupport = true;
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
+ initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
};
@@ -34,11 +34,14 @@ with import <stockholm/lib>;
fsType = "btrfs";
options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
- "/bku" = {
- device = "/dev/mapper/pool-bku";
- fsType = "btrfs";
- options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ "/boot" = {
+ device = "/dev/sda2";
};
+ #"/bku" = {
+ # device = "/dev/mapper/pool-bku";
+ # fsType = "btrfs";
+ # options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ #};
"/home" = {
device = "/dev/mapper/pool-home";
fsType = "btrfs";
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index b9ab54503..0bfd54515 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -96,49 +96,30 @@ with import <stockholm/lib>;
loader.grub.enable = true;
loader.grub.version = 2;
loader.grub.device = "/dev/sda";
+ loader.grub.efiSupport = true;
- initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
+ initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda3"; } ];
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
};
fileSystems = {
"/" = {
- device = "/dev/big/nix";
- fsType = "ext4";
+ device = "/dev/mapper/pool-root";
+ fsType = "btrfs";
+ options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
-
"/boot" = {
- device = "/dev/sda1";
- };
-
- "/mnt/loot" = {
- device = "/dev/big/loot";
- fsType = "ext4";
+ device = "/dev/sda2";
};
-
+ #"/bku" = {
+ # device = "/dev/mapper/pool-bku";
+ # fsType = "btrfs";
+ # options = ["defaults" "noatime" "ssd" "compress=lzo"];
+ #};
"/home" = {
- device = "/dev/big/home";
- fsType = "ext4";
- };
-
- "/home/lass" = {
- device = "/dev/big/home-lass";
- fsType = "ext4";
- };
-
- "/home/games/.local/share/Steam" = {
- device = "/dev/big/steam";
- fsType = "ext4";
- };
-
- "/home/virtual/virtual" = {
- device = "/dev/big/virtual";
- fsType = "ext4";
- };
-
- "/mnt/conf" = {
- device = "/dev/big/conf";
- fsType = "ext4";
+ device = "/dev/mapper/pool-home";
+ fsType = "btrfs";
+ options = ["defaults" "noatime" "ssd" "compress=lzo"];
};
"/tmp" = {
device = "tmpfs";
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index af847333d..531dec9df 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -229,6 +229,10 @@ in {
OnUnitInactiveSec = "2min";
RandomizedDelaySec = "2min";
};
+ krebs.repo-sync.repos.nixpkgs.timerConfig = {
+ OnBootSec = "90min";
+ OnUnitInactiveSec = "24h";
+ };
}
{
lass.usershadow = {
diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix
index dca616936..044e2ccf8 100644
--- a/lass/1systems/shodan.nix
+++ b/lass/1systems/shodan.nix
@@ -13,6 +13,7 @@ with import <stockholm/lib>;
../2configs/programs.nix
../2configs/fetchWallpaper.nix
../2configs/backups.nix
+ ../2configs/wine.nix
#{
# users.extraUsers = {
# root = {
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index e765ddbb4..6c2a92c08 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -56,51 +56,6 @@ in {
mode='full'
)
- # TODO: get nixpkgs/stockholm paths from krebs
- env_lass = {
- "LOGNAME": "lass",
- "NIX_REMOTE": "daemon",
- "dummy_secrets": "true",
- }
- env_makefu = {
- "LOGNAME": "makefu",
- "NIX_REMOTE": "daemon",
- "dummy_secrets": "true",
- }
- env_nin = {
- "LOGNAME": "nin",
- "NIX_REMOTE": "daemon",
- "dummy_secrets": "true",
- }
- env_shared = {
- "LOGNAME": "shared",
- "NIX_REMOTE": "daemon",
- "dummy_secrets": "true",
- }
- env_tv = {
- "LOGNAME": "tv",
- "NIX_REMOTE": "daemon",
- "dummy_secrets": "true",
- }
-
- # prepare nix-shell
- # the dependencies which are used by the test script
- deps = [
- "gnumake",
- "jq",
- "nix",
- "(import <stockholm>).pkgs.populate",
- "openssh"
- ]
- # TODO: --pure , prepare ENV in nix-shell command:
- # SSL_CERT_FILE,LOGNAME,NIX_REMOTE
- nixshell = [
- "nix-shell",
- "-I", "/var/src",
- "-I", "stockholm=.",
- "-p"
- ] + deps + [ "--run" ]
-
# prepare addShell function
def addShell(factory,**kwargs):
factory.addStep(steps.ShellCommand(**kwargs))
@@ -110,30 +65,35 @@ in {
f = util.BuildFactory()
f.addStep(grab_repo)
- def build_host(env, host):
- addShell(f,name="build-{}".format(i),env=env,
- command=nixshell + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \
- echo $HOME; echo $LOGNAME; \
- test -e $HOME/$LOGNAME/nixpkgs || cp -r /var/src/nixpkgs $HOME/$LOGNAME/; \
- make NIX_PATH=$HOME/$LOGNAME:secrets=/var/src/stockholm/null test method=build \
- target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \
- system={}".format(host)]
+ def build_host(user, host):
+ addShell(f,
+ name="{}".format(i),
+ env={
+ "LOGNAME": user,
+ "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src",
+ "NIX_REMOTE": "daemon",
+ "dummy_secrets": "true",
+ },
+ command=[
+ "nix-shell", "--run",
+ "test --system={} --target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME".format(host)
+ ]
)
- for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]:
- build_host(env_tv, i)
-
for i in [ "mors", "uriel", "shodan", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]:
- build_host(env_lass, i)
+ build_host("lass", i)
for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
- build_host(env_makefu, i)
+ build_host("makefu", i)
for i in [ "hiawatha", "onondaga" ]:
- build_host(env_nin, i)
+ build_host("nin", i)
for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]:
- build_host(env_shared, i)
+ build_host("shared", i)
+
+ for i in [ "alnus", "mu", "nomic", "wu", "xu", "zu" ]:
+ build_host("tv", i)
bu.append(
util.BuilderConfig(
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index d7deb3165..27b74a30b 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -79,7 +79,6 @@ with import <stockholm/lib>;
if getEnv "dummy_secrets" == "true"
then toString <stockholm/lass/2configs/tests/dummy-secrets>
else "/home/lass/secrets/${host.name}";
- stockholm.file = getEnv "PWD";
};
};
};
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index b8d00e7d4..fd2f1f765 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -32,6 +32,8 @@ with import <stockholm/lib>;
{ from = "feed@lassul.us"; to = lass.mail; }
{ from = "art@lassul.us"; to = lass.mail; }
{ from = "irgendwas@lassul.us"; to = lass.mail; }
+ { from = "polo@lassul.us"; to = lass.mail; }
+ { from = "shack@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index feb532709..e39c09b84 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -48,6 +48,8 @@ let
set use_from=yes
set envelope_from=yes
+ set sort=threads
+
set index_format="%4C %Z %?GI?%GI& ? %[%d/%b] %-16.15F %?M?(%3M)& ? %s %> %?g?%g?"
virtual-mailboxes \
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 2adba34bb..151242e45 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://cgit.lassul.us/nixpkgs;
- ref = "4847963";
+ ref = "2e983f1";
};
}
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index aaf311576..36ded3b30 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -61,6 +61,11 @@ in {
"karlaskop.ubikmedia.de"
"nb.ubikmedia.de"
"youthtube.ubikmedia.de"
+ "weirdwednesday.ubikmedia.de"
+ "weirdwednesday.de"
+ "www.weirdwednesday.de"
+ "freemonkey.ubikmedia.de"
+ "jarugadesign.ubikmedia.de"
])
];
diff --git a/lass/5pkgs/init/default.nix b/lass/5pkgs/init/default.nix
index b484d2c38..679187531 100644
--- a/lass/5pkgs/init/default.nix
+++ b/lass/5pkgs/init/default.nix
@@ -19,14 +19,15 @@ pkgs.writeText "init" ''
disk=${disk}
- luksdev=${disk}2
+ luksdev=${disk}3
luksmap=/dev/mapper/${luksmap}
vgname=${vgname}
+ bootdev=/dev/sda2
+
rootdev=/dev/mapper/${vgname}-root
homedev=/dev/mapper/${vgname}-home
- bkudev=/dev/mapper/${vgname}-bku
#
#generate keyfile
@@ -49,7 +50,8 @@ pkgs.writeText "init" ''
mklabel gpt \
mkpart no-fs 0 1024KiB \
set 1 bios_grub on \
- mkpart primary 1025KiB 100%
+ mkpart ESP fat32 1025KiB 1024MiB set 2 boot on \
+ mkpart primary 1025MiB 100%
fi
if ! test "$(blkid -o value -s PARTLABEL "$luksdev")" = primary; then
@@ -78,9 +80,8 @@ pkgs.writeText "init" ''
lvchange -a y /dev/mapper/"$vgname"
- if ! test -e "$rootdev"; then lvcreate -L 100G -n root "$vgname"; fi
- if ! test -e "$homedev"; then lvcreate -L 100G -n home "$vgname"; fi
- if ! test -e "$bkudev"; then lvcreate -L 200G -n bku "$vgname"; fi
+ if ! test -e "$rootdev"; then lvcreate -L 7G -n root "$vgname"; fi
+ if ! test -e "$homedev"; then lvcreate -L 100M -n home "$vgname"; fi
# lvchange -a n "$vgname"
@@ -89,6 +90,10 @@ pkgs.writeText "init" ''
# formatting
#
+ if ! test "$(blkid -o value -s TYPE "$bootdev")" = vfat; then
+ mkfs.vfat "$bootdev"
+ fi
+
if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then
mkfs.btrfs "$rootdev"
fi
@@ -97,22 +102,18 @@ pkgs.writeText "init" ''
mkfs.btrfs "$homedev"
fi
- if ! test "$(blkid -o value -s TYPE "$bkudev")" = btrfs; then
- mkfs.btrfs "$bkudev"
- fi
-
if ! test "$(lsblk -n -o MOUNTPOINT "$rootdev")" = /mnt; then
mount "$rootdev" /mnt
fi
+ if ! test "$(lsblk -n -o MOUNTPOINT "$bootdev")" = /mnt/boot; then
+ mkdir -m 0000 -p /mnt/boot
+ mount "$bootdev" /mnt/boot
+ fi
if ! test "$(lsblk -n -o MOUNTPOINT "$homedev")" = /mnt/home; then
mkdir -m 0000 -p /mnt/home
mount "$homedev" /mnt/home
fi
- if ! test "$(lsblk -n -o MOUNTPOINT "$bkudev")" = /mnt/bku; then
- mkdir -m 0000 -p /mnt/bku
- mount "$bkudev" /mnt/bku
- fi
# umount -R /mnt
@@ -122,6 +123,7 @@ pkgs.writeText "init" ''
nix-env -iA nixos.git
+ # TODO: get sentinal file from target_path
mkdir -p /mnt/var/src
touch /mnt/var/src/.populate