diff options
author | makefu <github@syntax-fehler.de> | 2016-10-24 14:14:58 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2016-10-24 14:14:58 +0200 |
commit | 36cbb3d300eb18330a62ba20e35f80d515f5bc5f (patch) | |
tree | dedf23acdc5763b59b5853b07dd297b88fb15636 /lass | |
parent | 3fa63a4f312a885d353177db911f8a52ce7a1e1c (diff) | |
parent | 08c7671fc51270e582e16cbe49aa896f8bff7685 (diff) |
Merge remote-tracking branch 'cd/master'
Diffstat (limited to 'lass')
41 files changed, 69 insertions, 74 deletions
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix index 8ce1d5748..c16080762 100644 --- a/lass/1systems/helios.nix +++ b/lass/1systems/helios.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: with builtins; -with config.krebs.lib; +with import <stockholm/lib>; { imports = [ diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 1028ca652..c3d027edc 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { imports = [ ../. @@ -77,6 +77,9 @@ with config.krebs.lib; ]; }; } + { + services.redis.enable = true; + } ]; krebs.build.host = config.krebs.hosts.mors; diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index 8b4f1d7a2..76710ac9d 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let ip = config.krebs.build.host.nets.internet.ip4.addr; diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix index 5140591af..9d1df1d72 100644 --- a/lass/1systems/shodan.nix +++ b/lass/1systems/shodan.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: -with builtins; +with import <stockholm/lib>; { imports = [ ../. @@ -22,6 +22,26 @@ with builtins; # }; # }; #} + { + users.users.sokratess = { + uid = genid "sokratess"; + home = "/home/sokratess"; + group = "users"; + createHome = true; + extraGroups = [ + "audio" + "networkmanager" + ]; + useDefaultShell = true; + password = "aidsballs"; + }; + krebs.per-user.sokratess.packages = [ + pkgs.firefox + pkgs.python27Packages.virtualenv + pkgs.python27Packages.ipython + pkgs.python27Packages.python + ]; + } ]; krebs.build.host = config.krebs.hosts.shodan; diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix index e1417c83d..b84fec317 100644 --- a/lass/1systems/uriel.nix +++ b/lass/1systems/uriel.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: with builtins; -with config.krebs.lib; +with import <stockholm/lib>; { imports = [ ../. diff --git a/lass/2configs/backups.nix b/lass/2configs/backups.nix index 916e08219..22b48f6e8 100644 --- a/lass/2configs/backups.nix +++ b/lass/2configs/backups.nix @@ -1,5 +1,5 @@ { config, lib, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { krebs.backup.plans = { diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index 90f420674..88ee70802 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let mainUser = config.users.extraUsers.mainUser; diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 628fdf61f..df01a84c0 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -1,6 +1,6 @@ { lib, config, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let sshHostConfig = pkgs.writeText "ssh-config" '' diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix index 9d13bc30d..3e533fb74 100644 --- a/lass/2configs/c-base.nix +++ b/lass/2configs/c-base.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (config.krebs.lib) genid; + inherit (import <stockholm/lib>) genid; in { @@ -16,6 +16,10 @@ in { users.extraGroups.cbasevpn.gid = genid "cbasevpn"; + environment.systemPackages = [ + pkgs.cifs-utils + ]; + services.openvpn.servers = { c-base = { config = '' diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 0b7ca8eaa..43c4d5b0d 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { imports = [ ../2configs/audit.nix diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix index 1bba5b416..79a609e2b 100644 --- a/lass/2configs/downloading.nix +++ b/lass/2configs/downloading.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { users.extraUsers = { diff --git a/lass/2configs/exim-retiolum.nix b/lass/2configs/exim-retiolum.nix index c07b6c15a..1ee8d843e 100644 --- a/lass/2configs/exim-retiolum.nix +++ b/lass/2configs/exim-retiolum.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { krebs.exim-retiolum.enable = true; diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 3ed8be77f..3bf78d9f4 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { krebs.exim-smarthost = { diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index 8762ad95e..00f318e51 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { nix.gc = { automatic = ! elem config.krebs.build.host.name [ "prism" "mors" ]; diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index ab4450715..06cae734e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 795ad7a26..7d694c173 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { environment.systemPackages = [ pkgs.go diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix index be1faccea..4a7d0bbcd 100644 --- a/lass/2configs/hw/tp-x220.nix +++ b/lass/2configs/hw/tp-x220.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { networking.wireless.enable = lib.mkDefault true; diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix index a51ccae58..e739d2f79 100644 --- a/lass/2configs/libvirt.nix +++ b/lass/2configs/libvirt.nix @@ -2,7 +2,7 @@ let mainUser = config.users.extraUsers.mainUser; - inherit (config.krebs.lib) genid; + inherit (import <stockholm/lib>) genid; in { virtualisation.libvirtd.enable = true; diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 73c96e876..4ef4c6ce7 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://github.com/nixos/nixpkgs; - ref = "b8ede35d2efa96490857c22c751e75d600bea44f"; + ref = "686bc9c5ccafbec2b6d2db61bd0803c2b7bc2b7d"; }; } diff --git a/lass/2configs/pulse.nix b/lass/2configs/pulse.nix index 3be482191..373207461 100644 --- a/lass/2configs/pulse.nix +++ b/lass/2configs/pulse.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let pkg = pkgs.pulseaudioLight; runDir = "/run/pulse"; diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 59678dbff..88e826683 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -1,11 +1,11 @@ { config, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let name = "radio"; mainUser = config.users.extraUsers.mainUser; - inherit (config.krebs.lib) genid; + inherit (import <stockholm/lib>) genid; admin-password = import <secrets/icecast-admin-pw>; source-password = import <secrets/icecast-source-pw>; diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index eae583a84..f88149730 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let mirror = "git@${config.networking.hostName}:"; diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix index 5b6da4a95..a803df15b 100644 --- a/lass/2configs/skype.nix +++ b/lass/2configs/skype.nix @@ -2,7 +2,7 @@ let mainUser = config.users.extraUsers.mainUser; - inherit (config.krebs.lib) genid; + inherit (import <stockholm/lib>) genid; in { users.extraUsers = { diff --git a/lass/2configs/teamviewer.nix b/lass/2configs/teamviewer.nix index 22bfb18d8..87b6fbac3 100644 --- a/lass/2configs/teamviewer.nix +++ b/lass/2configs/teamviewer.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { services.teamviewer.enable = true; } diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 2bbec6ab1..aac2b96d4 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let out = { environment.systemPackages = [ diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 3a3e60d39..18c771fad 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -2,7 +2,7 @@ let - inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; }) + inherit (import <stockholm/lib>) genid genid_signed ; @@ -22,25 +22,6 @@ let exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@" ''; - check-password = pkgs.writeDash "check-password" '' - read pw - - file="/home/$PAM_USER/.shadow" - - #check if shadow file exists - test -e "$file" || exit 123 - - hash="$(${pkgs.coreutils}/bin/head -1 $file)" - salt="$(echo $hash | ${pkgs.gnused}/bin/sed 's/.*\$\(.*\)\$.*/\1/')" - - calc_hash="$(echo "$pw" | ${pkgs.mkpasswd}/bin/mkpasswd -m sha-512 -S $salt)" - if [ "$calc_hash" == $hash ]; then - exit 0 - else - exit 1 - fi - ''; - in { imports = [ ./sqlBackup.nix @@ -164,19 +145,6 @@ in { { predicate = "-p tcp --dport 465"; target = "ACCEPT"; } ]; - security.pam.services.exim.text = '' - auth required pam_env.so - auth sufficient pam_exec.so debug expose_authtok ${check-password} - auth sufficient pam_unix.so likeauth nullok - auth required pam_deny.so - account required pam_unix.so - password required pam_cracklib.so retry=3 type= - password sufficient pam_unix.so nullok use_authtok md5shadow - password required pam_deny.so - session required pam_limits.so - session required pam_unix.so - ''; - krebs.exim-smarthost = { authenticators.PLAIN = '' driver = plaintext diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index 48d96b1bf..d93d310da 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -2,7 +2,7 @@ with lib; let - inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; }) + inherit (import <stockholm/lib>) genid head ; diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 04c19fad0..b8342e148 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -2,7 +2,7 @@ with lib; let - inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; }) + inherit (import <stockholm/lib>) genid ; diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix index fb1a58109..0c409ca87 100644 --- a/lass/2configs/websites/wohnprojekt-rhh.de.nix +++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, ... }: let - inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; }) + inherit (import <stockholm/lib>) genid ; inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;}) diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix index 0bfd9fe6b..ae07b9a2e 100644 --- a/lass/2configs/weechat.nix +++ b/lass/2configs/weechat.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (config.krebs.lib) genid; + inherit (import <stockholm/lib>) genid; in { krebs.per-user.chat.packages = with pkgs; [ mosh diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix index 0f04540c3..3049774f8 100644 --- a/lass/2configs/xserver/Xresources.nix +++ b/lass/2configs/xserver/Xresources.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; pkgs.writeText "Xresources" '' URxvt*scrollBar: false diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix index 0f9b1f84a..53c8f9444 100644 --- a/lass/2configs/xserver/default.nix +++ b/lass/2configs/xserver/default.nix @@ -1,5 +1,5 @@ { config, pkgs, ... }@args: -with config.krebs.lib; +with import <stockholm/lib>; let user = config.krebs.build.user; in { diff --git a/lass/2configs/xserver/xserver.conf.nix b/lass/2configs/xserver/xserver.conf.nix index c452b4226..6f34e0150 100644 --- a/lass/2configs/xserver/xserver.conf.nix +++ b/lass/2configs/xserver/xserver.conf.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let cfg = config.services.xserver; diff --git a/lass/3modules/ejabberd/config.nix b/lass/3modules/ejabberd/config.nix index 83ca5dc2a..b1fca08d3 100644 --- a/lass/3modules/ejabberd/config.nix +++ b/lass/3modules/ejabberd/config.nix @@ -1,4 +1,4 @@ -{ config, ... }: with config.krebs.lib; let +{ config, ... }: with import <stockholm/lib>; let cfg = config.lass.ejabberd; # XXX this is a placeholder that happens to work the default strings. diff --git a/lass/3modules/ejabberd/default.nix b/lass/3modules/ejabberd/default.nix index 18c7cd656..e2fba5ff5 100644 --- a/lass/3modules/ejabberd/default.nix +++ b/lass/3modules/ejabberd/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }@args: with config.krebs.lib; let +{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let cfg = config.lass.ejabberd; in { options.lass.ejabberd = { diff --git a/lass/3modules/hosts.nix b/lass/3modules/hosts.nix index f2ff10c06..125819bb0 100644 --- a/lass/3modules/hosts.nix +++ b/lass/3modules/hosts.nix @@ -1,6 +1,6 @@ { config, ... }: -with config.krebs.lib; +with import <stockholm/lib>; { options.lass.hosts = mkOption { diff --git a/lass/3modules/owncloud_nginx.nix b/lass/3modules/owncloud_nginx.nix index 4a79311a4..01e07ae66 100644 --- a/lass/3modules/owncloud_nginx.nix +++ b/lass/3modules/owncloud_nginx.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let cfg = config.lass.owncloud; diff --git a/lass/3modules/static_nginx.nix b/lass/3modules/static_nginx.nix index 6b5d19615..cd33a2cf1 100644 --- a/lass/3modules/static_nginx.nix +++ b/lass/3modules/static_nginx.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let cfg = config.lass.staticPage; diff --git a/lass/3modules/umts.nix b/lass/3modules/umts.nix index 7daaba89e..83de4d403 100644 --- a/lass/3modules/umts.nix +++ b/lass/3modules/umts.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let cfg = config.lass.umts; diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix index 0e7e718a4..1ee01e8d9 100644 --- a/lass/3modules/usershadow.nix +++ b/lass/3modules/usershadow.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }@args: with config.krebs.lib; let +{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let cfg = config.lass.usershadow; diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix index 4305a121b..5d88e3fde 100644 --- a/lass/3modules/wordpress_nginx.nix +++ b/lass/3modules/wordpress_nginx.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with config.krebs.lib; +with import <stockholm/lib>; let cfg = config.lass.wordpress; |