summaryrefslogtreecommitdiffstats
path: root/lass
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-10-24 14:14:58 +0200
committermakefu <github@syntax-fehler.de>2016-10-24 14:14:58 +0200
commit36cbb3d300eb18330a62ba20e35f80d515f5bc5f (patch)
treededf23acdc5763b59b5853b07dd297b88fb15636 /lass
parent3fa63a4f312a885d353177db911f8a52ce7a1e1c (diff)
parent08c7671fc51270e582e16cbe49aa896f8bff7685 (diff)
Merge remote-tracking branch 'cd/master'
Diffstat (limited to 'lass')
-rw-r--r--lass/1systems/helios.nix2
-rw-r--r--lass/1systems/mors.nix5
-rw-r--r--lass/1systems/prism.nix2
-rw-r--r--lass/1systems/shodan.nix22
-rw-r--r--lass/1systems/uriel.nix2
-rw-r--r--lass/2configs/backups.nix2
-rw-r--r--lass/2configs/browsers.nix2
-rw-r--r--lass/2configs/buildbot-standalone.nix2
-rw-r--r--lass/2configs/c-base.nix6
-rw-r--r--lass/2configs/default.nix2
-rw-r--r--lass/2configs/downloading.nix2
-rw-r--r--lass/2configs/exim-retiolum.nix2
-rw-r--r--lass/2configs/exim-smarthost.nix2
-rw-r--r--lass/2configs/gc.nix2
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/go.nix2
-rw-r--r--lass/2configs/hw/tp-x220.nix2
-rw-r--r--lass/2configs/libvirt.nix2
-rw-r--r--lass/2configs/nixpkgs.nix2
-rw-r--r--lass/2configs/pulse.nix2
-rw-r--r--lass/2configs/radio.nix4
-rw-r--r--lass/2configs/repo-sync.nix2
-rw-r--r--lass/2configs/skype.nix2
-rw-r--r--lass/2configs/teamviewer.nix2
-rw-r--r--lass/2configs/vim.nix2
-rw-r--r--lass/2configs/websites/domsen.nix34
-rw-r--r--lass/2configs/websites/fritz.nix2
-rw-r--r--lass/2configs/websites/lassulus.nix2
-rw-r--r--lass/2configs/websites/wohnprojekt-rhh.de.nix2
-rw-r--r--lass/2configs/weechat.nix2
-rw-r--r--lass/2configs/xserver/Xresources.nix2
-rw-r--r--lass/2configs/xserver/default.nix2
-rw-r--r--lass/2configs/xserver/xserver.conf.nix2
-rw-r--r--lass/3modules/ejabberd/config.nix2
-rw-r--r--lass/3modules/ejabberd/default.nix2
-rw-r--r--lass/3modules/hosts.nix2
-rw-r--r--lass/3modules/owncloud_nginx.nix2
-rw-r--r--lass/3modules/static_nginx.nix2
-rw-r--r--lass/3modules/umts.nix2
-rw-r--r--lass/3modules/usershadow.nix2
-rw-r--r--lass/3modules/wordpress_nginx.nix2
41 files changed, 69 insertions, 74 deletions
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
index 8ce1d5748..c16080762 100644
--- a/lass/1systems/helios.nix
+++ b/lass/1systems/helios.nix
@@ -1,7 +1,7 @@
{ config, pkgs, ... }:
with builtins;
-with config.krebs.lib;
+with import <stockholm/lib>;
{
imports = [
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index 1028ca652..c3d027edc 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -1,6 +1,6 @@
{ config, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
imports = [
../.
@@ -77,6 +77,9 @@ with config.krebs.lib;
];
};
}
+ {
+ services.redis.enable = true;
+ }
];
krebs.build.host = config.krebs.hosts.mors;
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 8b4f1d7a2..76710ac9d 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
ip = config.krebs.build.host.nets.internet.ip4.addr;
diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix
index 5140591af..9d1df1d72 100644
--- a/lass/1systems/shodan.nix
+++ b/lass/1systems/shodan.nix
@@ -1,6 +1,6 @@
{ config, pkgs, ... }:
-with builtins;
+with import <stockholm/lib>;
{
imports = [
../.
@@ -22,6 +22,26 @@ with builtins;
# };
# };
#}
+ {
+ users.users.sokratess = {
+ uid = genid "sokratess";
+ home = "/home/sokratess";
+ group = "users";
+ createHome = true;
+ extraGroups = [
+ "audio"
+ "networkmanager"
+ ];
+ useDefaultShell = true;
+ password = "aidsballs";
+ };
+ krebs.per-user.sokratess.packages = [
+ pkgs.firefox
+ pkgs.python27Packages.virtualenv
+ pkgs.python27Packages.ipython
+ pkgs.python27Packages.python
+ ];
+ }
];
krebs.build.host = config.krebs.hosts.shodan;
diff --git a/lass/1systems/uriel.nix b/lass/1systems/uriel.nix
index e1417c83d..b84fec317 100644
--- a/lass/1systems/uriel.nix
+++ b/lass/1systems/uriel.nix
@@ -1,7 +1,7 @@
{ config, pkgs, ... }:
with builtins;
-with config.krebs.lib;
+with import <stockholm/lib>;
{
imports = [
../.
diff --git a/lass/2configs/backups.nix b/lass/2configs/backups.nix
index 916e08219..22b48f6e8 100644
--- a/lass/2configs/backups.nix
+++ b/lass/2configs/backups.nix
@@ -1,5 +1,5 @@
{ config, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
krebs.backup.plans = {
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index 90f420674..88ee70802 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
mainUser = config.users.extraUsers.mainUser;
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 628fdf61f..df01a84c0 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -1,6 +1,6 @@
{ lib, config, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
sshHostConfig = pkgs.writeText "ssh-config" ''
diff --git a/lass/2configs/c-base.nix b/lass/2configs/c-base.nix
index 9d13bc30d..3e533fb74 100644
--- a/lass/2configs/c-base.nix
+++ b/lass/2configs/c-base.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
let
- inherit (config.krebs.lib) genid;
+ inherit (import <stockholm/lib>) genid;
in {
@@ -16,6 +16,10 @@ in {
users.extraGroups.cbasevpn.gid = genid "cbasevpn";
+ environment.systemPackages = [
+ pkgs.cifs-utils
+ ];
+
services.openvpn.servers = {
c-base = {
config = ''
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 0b7ca8eaa..43c4d5b0d 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
imports = [
../2configs/audit.nix
diff --git a/lass/2configs/downloading.nix b/lass/2configs/downloading.nix
index 1bba5b416..79a609e2b 100644
--- a/lass/2configs/downloading.nix
+++ b/lass/2configs/downloading.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
users.extraUsers = {
diff --git a/lass/2configs/exim-retiolum.nix b/lass/2configs/exim-retiolum.nix
index c07b6c15a..1ee8d843e 100644
--- a/lass/2configs/exim-retiolum.nix
+++ b/lass/2configs/exim-retiolum.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
krebs.exim-retiolum.enable = true;
diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index 3ed8be77f..3bf78d9f4 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
krebs.exim-smarthost = {
diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix
index 8762ad95e..00f318e51 100644
--- a/lass/2configs/gc.nix
+++ b/lass/2configs/gc.nix
@@ -1,6 +1,6 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
nix.gc = {
automatic = ! elem config.krebs.build.host.name [ "prism" "mors" ];
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index ab4450715..06cae734e 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix
index 795ad7a26..7d694c173 100644
--- a/lass/2configs/go.nix
+++ b/lass/2configs/go.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
environment.systemPackages = [
pkgs.go
diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix
index be1faccea..4a7d0bbcd 100644
--- a/lass/2configs/hw/tp-x220.nix
+++ b/lass/2configs/hw/tp-x220.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
networking.wireless.enable = lib.mkDefault true;
diff --git a/lass/2configs/libvirt.nix b/lass/2configs/libvirt.nix
index a51ccae58..e739d2f79 100644
--- a/lass/2configs/libvirt.nix
+++ b/lass/2configs/libvirt.nix
@@ -2,7 +2,7 @@
let
mainUser = config.users.extraUsers.mainUser;
- inherit (config.krebs.lib) genid;
+ inherit (import <stockholm/lib>) genid;
in {
virtualisation.libvirtd.enable = true;
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 73c96e876..4ef4c6ce7 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "b8ede35d2efa96490857c22c751e75d600bea44f";
+ ref = "686bc9c5ccafbec2b6d2db61bd0803c2b7bc2b7d";
};
}
diff --git a/lass/2configs/pulse.nix b/lass/2configs/pulse.nix
index 3be482191..373207461 100644
--- a/lass/2configs/pulse.nix
+++ b/lass/2configs/pulse.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
pkg = pkgs.pulseaudioLight;
runDir = "/run/pulse";
diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 59678dbff..88e826683 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -1,11 +1,11 @@
{ config, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
name = "radio";
mainUser = config.users.extraUsers.mainUser;
- inherit (config.krebs.lib) genid;
+ inherit (import <stockholm/lib>) genid;
admin-password = import <secrets/icecast-admin-pw>;
source-password = import <secrets/icecast-source-pw>;
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index eae583a84..f88149730 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
mirror = "git@${config.networking.hostName}:";
diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix
index 5b6da4a95..a803df15b 100644
--- a/lass/2configs/skype.nix
+++ b/lass/2configs/skype.nix
@@ -2,7 +2,7 @@
let
mainUser = config.users.extraUsers.mainUser;
- inherit (config.krebs.lib) genid;
+ inherit (import <stockholm/lib>) genid;
in {
users.extraUsers = {
diff --git a/lass/2configs/teamviewer.nix b/lass/2configs/teamviewer.nix
index 22bfb18d8..87b6fbac3 100644
--- a/lass/2configs/teamviewer.nix
+++ b/lass/2configs/teamviewer.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
services.teamviewer.enable = true;
}
diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix
index 2bbec6ab1..aac2b96d4 100644
--- a/lass/2configs/vim.nix
+++ b/lass/2configs/vim.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
out = {
environment.systemPackages = [
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 3a3e60d39..18c771fad 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -2,7 +2,7 @@
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
genid_signed
;
@@ -22,25 +22,6 @@ let
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
'';
- check-password = pkgs.writeDash "check-password" ''
- read pw
-
- file="/home/$PAM_USER/.shadow"
-
- #check if shadow file exists
- test -e "$file" || exit 123
-
- hash="$(${pkgs.coreutils}/bin/head -1 $file)"
- salt="$(echo $hash | ${pkgs.gnused}/bin/sed 's/.*\$\(.*\)\$.*/\1/')"
-
- calc_hash="$(echo "$pw" | ${pkgs.mkpasswd}/bin/mkpasswd -m sha-512 -S $salt)"
- if [ "$calc_hash" == $hash ]; then
- exit 0
- else
- exit 1
- fi
- '';
-
in {
imports = [
./sqlBackup.nix
@@ -164,19 +145,6 @@ in {
{ predicate = "-p tcp --dport 465"; target = "ACCEPT"; }
];
- security.pam.services.exim.text = ''
- auth required pam_env.so
- auth sufficient pam_exec.so debug expose_authtok ${check-password}
- auth sufficient pam_unix.so likeauth nullok
- auth required pam_deny.so
- account required pam_unix.so
- password required pam_cracklib.so retry=3 type=
- password sufficient pam_unix.so nullok use_authtok md5shadow
- password required pam_deny.so
- session required pam_limits.so
- session required pam_unix.so
- '';
-
krebs.exim-smarthost = {
authenticators.PLAIN = ''
driver = plaintext
diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix
index 48d96b1bf..d93d310da 100644
--- a/lass/2configs/websites/fritz.nix
+++ b/lass/2configs/websites/fritz.nix
@@ -2,7 +2,7 @@
with lib;
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
head
;
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 04c19fad0..b8342e148 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -2,7 +2,7 @@
with lib;
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
;
diff --git a/lass/2configs/websites/wohnprojekt-rhh.de.nix b/lass/2configs/websites/wohnprojekt-rhh.de.nix
index fb1a58109..0c409ca87 100644
--- a/lass/2configs/websites/wohnprojekt-rhh.de.nix
+++ b/lass/2configs/websites/wohnprojekt-rhh.de.nix
@@ -1,7 +1,7 @@
{ config, pkgs, lib, ... }:
let
- inherit (import <stockholm/krebs/4lib> { config = {}; inherit lib; })
+ inherit (import <stockholm/lib>)
genid
;
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
diff --git a/lass/2configs/weechat.nix b/lass/2configs/weechat.nix
index 0bfd9fe6b..ae07b9a2e 100644
--- a/lass/2configs/weechat.nix
+++ b/lass/2configs/weechat.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
let
- inherit (config.krebs.lib) genid;
+ inherit (import <stockholm/lib>) genid;
in {
krebs.per-user.chat.packages = with pkgs; [
mosh
diff --git a/lass/2configs/xserver/Xresources.nix b/lass/2configs/xserver/Xresources.nix
index 0f04540c3..3049774f8 100644
--- a/lass/2configs/xserver/Xresources.nix
+++ b/lass/2configs/xserver/Xresources.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
pkgs.writeText "Xresources" ''
URxvt*scrollBar: false
diff --git a/lass/2configs/xserver/default.nix b/lass/2configs/xserver/default.nix
index 0f9b1f84a..53c8f9444 100644
--- a/lass/2configs/xserver/default.nix
+++ b/lass/2configs/xserver/default.nix
@@ -1,5 +1,5 @@
{ config, pkgs, ... }@args:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
user = config.krebs.build.user;
in {
diff --git a/lass/2configs/xserver/xserver.conf.nix b/lass/2configs/xserver/xserver.conf.nix
index c452b4226..6f34e0150 100644
--- a/lass/2configs/xserver/xserver.conf.nix
+++ b/lass/2configs/xserver/xserver.conf.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.services.xserver;
diff --git a/lass/3modules/ejabberd/config.nix b/lass/3modules/ejabberd/config.nix
index 83ca5dc2a..b1fca08d3 100644
--- a/lass/3modules/ejabberd/config.nix
+++ b/lass/3modules/ejabberd/config.nix
@@ -1,4 +1,4 @@
-{ config, ... }: with config.krebs.lib; let
+{ config, ... }: with import <stockholm/lib>; let
cfg = config.lass.ejabberd;
# XXX this is a placeholder that happens to work the default strings.
diff --git a/lass/3modules/ejabberd/default.nix b/lass/3modules/ejabberd/default.nix
index 18c7cd656..e2fba5ff5 100644
--- a/lass/3modules/ejabberd/default.nix
+++ b/lass/3modules/ejabberd/default.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }@args: with config.krebs.lib; let
+{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
cfg = config.lass.ejabberd;
in {
options.lass.ejabberd = {
diff --git a/lass/3modules/hosts.nix b/lass/3modules/hosts.nix
index f2ff10c06..125819bb0 100644
--- a/lass/3modules/hosts.nix
+++ b/lass/3modules/hosts.nix
@@ -1,6 +1,6 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
options.lass.hosts = mkOption {
diff --git a/lass/3modules/owncloud_nginx.nix b/lass/3modules/owncloud_nginx.nix
index 4a79311a4..01e07ae66 100644
--- a/lass/3modules/owncloud_nginx.nix
+++ b/lass/3modules/owncloud_nginx.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.lass.owncloud;
diff --git a/lass/3modules/static_nginx.nix b/lass/3modules/static_nginx.nix
index 6b5d19615..cd33a2cf1 100644
--- a/lass/3modules/static_nginx.nix
+++ b/lass/3modules/static_nginx.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.lass.staticPage;
diff --git a/lass/3modules/umts.nix b/lass/3modules/umts.nix
index 7daaba89e..83de4d403 100644
--- a/lass/3modules/umts.nix
+++ b/lass/3modules/umts.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.lass.umts;
diff --git a/lass/3modules/usershadow.nix b/lass/3modules/usershadow.nix
index 0e7e718a4..1ee01e8d9 100644
--- a/lass/3modules/usershadow.nix
+++ b/lass/3modules/usershadow.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }@args: with config.krebs.lib; let
+{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
cfg = config.lass.usershadow;
diff --git a/lass/3modules/wordpress_nginx.nix b/lass/3modules/wordpress_nginx.nix
index 4305a121b..5d88e3fde 100644
--- a/lass/3modules/wordpress_nginx.nix
+++ b/lass/3modules/wordpress_nginx.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.lass.wordpress;