summaryrefslogtreecommitdiffstats
path: root/3modules
diff options
context:
space:
mode:
Diffstat (limited to '3modules')
-rw-r--r--3modules/krebs/default.nix43
-rw-r--r--3modules/krebs/git.nix11
-rw-r--r--3modules/krebs/retiolum.nix40
-rw-r--r--3modules/tv/consul.nix1
-rw-r--r--3modules/tv/default.nix10
-rw-r--r--3modules/tv/retiolum.nix29
6 files changed, 75 insertions, 59 deletions
diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix
new file mode 100644
index 000000000..b8722d18f
--- /dev/null
+++ b/3modules/krebs/default.nix
@@ -0,0 +1,43 @@
+{ config, lib, ... }:
+
+with import ../../4lib/krebs { inherit lib; };
+let
+ cfg = config.krebs;
+
+ out = {
+ imports = [
+ ./github-hosts-sync.nix
+ ./git.nix
+ ./nginx.nix
+ ./retiolum.nix
+ ./urlwatch.nix
+ ];
+ options.krebs = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ users = mkOption {
+ type = with types; attrsOf user;
+ default = addNames {
+ lass = {
+ pubkey = readFile ../../Zpubkeys/lass.ssh.pub;
+ };
+ makefu = {
+ pubkey = readFile ../../Zpubkeys/makefu.ssh.pub;
+ };
+ tv = {
+ pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub;
+ };
+ uriel = {
+ pubkey = readFile ../../Zpubkeys/uriel.ssh.pub;
+ };
+ };
+ };
+ };
+
+ imp = {
+ };
+
+in
+out
diff --git a/3modules/krebs/git.nix b/3modules/krebs/git.nix
index 2d747cc1a..499d33095 100644
--- a/3modules/krebs/git.nix
+++ b/3modules/krebs/git.nix
@@ -6,8 +6,7 @@
# TODO when authorized_keys changes, then restart ssh
# (or kill already connected users somehow)
-with builtins;
-with lib;
+with import ../../4lib/krebs { inherit lib; };
let
cfg = config.krebs.git;
@@ -127,9 +126,6 @@ let
rules = mkOption {
type = types.unspecified;
};
- users = mkOption {
- type = types.unspecified;
- };
};
git-imp = {
@@ -157,7 +153,8 @@ let
name = "git";
shell = "/bin/sh";
openssh.authorizedKeys.keys =
- mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users;
+ mapAttrsToList (_: makeAuthorizedKey git-ssh-command)
+ config.krebs.users;
uid = 129318403; # genid git
};
};
@@ -263,7 +260,7 @@ let
isPublicRepo = getAttr "public"; # TODO this is also in ./cgit.nix
- makeAuthorizedKey = git-ssh-command: user@{ name, pubkey }:
+ makeAuthorizedKey = git-ssh-command: user@{ name, pubkey, ... }:
# TODO assert name
# TODO assert pubkey
let
diff --git a/3modules/krebs/retiolum.nix b/3modules/krebs/retiolum.nix
index 5c26dff18..481d6565c 100644
--- a/3modules/krebs/retiolum.nix
+++ b/3modules/krebs/retiolum.nix
@@ -57,9 +57,9 @@ let
};
hosts = mkOption {
- default = null;
+ type = with types; either package path;
+ default = ../../Zhosts;
description = ''
- Hosts package or path to use.
If a path is given, then it will be used to generate an ad-hoc package.
'';
};
@@ -131,24 +131,20 @@ let
};
tinc = cfg.tincPackage;
- hostsType = builtins.typeOf cfg.hosts;
- hosts =
- if hostsType == "package" then
- # use package as is
- cfg.hosts
- else if hostsType == "path" then
- # use path to generate a package
- pkgs.stdenv.mkDerivation {
- name = "custom-retiolum-hosts";
- src = cfg.hosts;
- installPhase = ''
- mkdir $out
- find . -name .git -prune -o -type f -print0 | xargs -0 cp --target-directory $out
- '';
- }
- else
- abort "The option `services.retiolum.hosts' must be set to a package or a path"
- ;
+
+ hosts = getAttr (typeOf cfg.hosts) {
+ package = cfg.hosts;
+ path = pkgs.stdenv.mkDerivation {
+ name = "custom-retiolum-hosts";
+ src = cfg.hosts;
+ installPhase = ''
+ mkdir $out
+ find . -name .git -prune -o -type f -print0 \
+ | xargs -0 cp --target-directory $out
+ '';
+ };
+ };
+
iproute = cfg.iproutePackage;
retiolumExtraHosts = import (pkgs.runCommand "retiolum-etc-hosts"
@@ -226,5 +222,5 @@ let
chmod +x $out/tinc-up
'';
-in
-out
+
+in out
diff --git a/3modules/tv/consul.nix b/3modules/tv/consul.nix
index 312faa02f..4e54c2ab0 100644
--- a/3modules/tv/consul.nix
+++ b/3modules/tv/consul.nix
@@ -10,7 +10,6 @@ let
cfg = config.tv.consul;
out = {
- imports = [ ../../3modules/tv/iptables.nix ];
options.tv.consul = api;
config = mkIf cfg.enable (mkMerge [
imp
diff --git a/3modules/tv/default.nix b/3modules/tv/default.nix
new file mode 100644
index 000000000..e267d0b9f
--- /dev/null
+++ b/3modules/tv/default.nix
@@ -0,0 +1,10 @@
+_:
+
+{
+ imports = [
+ ./consul.nix
+ ./ejabberd.nix
+ ./identity.nix
+ ./iptables.nix
+ ];
+}
diff --git a/3modules/tv/retiolum.nix b/3modules/tv/retiolum.nix
deleted file mode 100644
index d00377446..000000000
--- a/3modules/tv/retiolum.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, lib, ... }:
-
-with lib;
-let
- cfg = config.tv.retiolum;
-
- out = {
- imports = [ ../../3modules/krebs/retiolum.nix ];
- options.tv.retiolum = api;
- config = mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "tv.retiolum";
-
- connectTo = mkOption {
- type = with types; listOf str;
- };
-
- hosts = mkOption {
- type = types.path;
- };
- };
-
- imp = {
- krebs.retiolum = cfg;
- };
-
-in out