summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/makefu/default.nix7
-rw-r--r--makefu/1systems/cake/config.nix21
-rw-r--r--makefu/1systems/cake/source.nix3
-rw-r--r--makefu/1systems/gum/config.nix4
-rw-r--r--makefu/1systems/x/config.nix2
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix2
-rw-r--r--makefu/2configs/stats/telegraf/europastats.nix2
-rw-r--r--makefu/2configs/tools/sec-gui.nix15
-rw-r--r--makefu/2configs/tools/steam.nix4
-rw-r--r--makefu/2configs/urlwatch/default.nix1
-rw-r--r--makefu/3modules/server-config.nix15
-rw-r--r--makefu/5pkgs/custom/inkscape/dxf_fix.patch11
-rw-r--r--makefu/5pkgs/default.nix2
-rw-r--r--makefu/5pkgs/drozer/default.nix2
-rw-r--r--makefu/6tests/data/secrets/ssh_host_rsa_key0
-rw-r--r--makefu/source.nix10
16 files changed, 64 insertions, 37 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index d80935683..401cba97a 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -580,7 +580,8 @@ with import <stockholm/lib>;
'';
};
};
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ # configured manually
+ # ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
};
shoney = rec {
@@ -1031,6 +1032,10 @@ with import <stockholm/lib>;
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOXG6iwvm6zUVk+OE9ZviO+WNosAHSZw4ku0RxWbXSlSG0RfzvV4IfByF3Dw+4a8yZQmjwNkQalUURh2fEqhBLBI9XNEIL7qIu17zheguyXzpE3Smy4pbI+fjdsnfFrw+WE2n/IO8N6ojdH6sMmnWwfkFZYqqofWyLB3WUN9wy2b2z0w/jc56+HxxyTl3rD7CttTs9ak67HqIn3/pNeHoOM+JQ/te8t4ageIlPi8yJJpqZgww1RUWCgPPwZ9DP6gQjo85he76x0h9jvhnFd7m9N1aGdRDcK55QyoY/9x07R24GRutohAB/KDWSkDWQv5BW7M1LCawpJcF3DDslD1i7 makefu@gum";
};
+ makefu-android = {
+ inherit (makefu) mail pgp;
+ pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
+ };
makefu-bob = {
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD";
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 826af24e7..e8438e50d 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -1,7 +1,8 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/makefu>
+ <stockholm/makefu/2configs/tools/core.nix>
# configure your hw:
# <stockholm/makefu/2configs/save-diskspace.nix>
];
@@ -18,6 +19,24 @@
programs.info.enable = false;
programs.man.enable = false;
services.nixosManual.enable = false;
+ boot.tmpOnTmpfs = lib.mkForce false;
+
+ hardware.enableRedistributableFirmware = true;
+ hardware.firmware = [
+ (pkgs.stdenv.mkDerivation {
+ name = "broadcom-rpi3-rest";
+ src = pkgs.fetchurl {
+ url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
+ sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
+ };
+ phases = [ "installPhase" ];
+ installPhase = ''
+ mkdir -p $out/lib/firmware/brcm
+ cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
+ '';
+ })
+ ];
+ networking.wireless.enable = true;
# File systems configuration for using the installer's partition layout
fileSystems = {
diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix
index 797417a1d..cd97a7c62 100644
--- a/makefu/1systems/cake/source.nix
+++ b/makefu/1systems/cake/source.nix
@@ -1,3 +1,4 @@
import <stockholm/makefu/source.nix> {
name="cake";
-} \ No newline at end of file
+ full = true;
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e1357ff01..e769b1e22 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -81,7 +81,9 @@ in {
];
makefu.dl-dir = "/var/download";
-
+ services.openssh.hostKeys = [
+ { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
+ { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
###### stable
services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 443f912d8..f7db75564 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -57,7 +57,7 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/tor.nix>
<stockholm/makefu/2configs/vpn/vpngate.nix>
# <stockholm/makefu/2configs/buildbot-standalone.nix>
- <stockholm/makefu/2configs/remote-build/master.nix>
+ # <stockholm/makefu/2configs/remote-build/master.nix>
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index ed890fe40..da246f66a 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -68,7 +68,7 @@ let
# TODO: get the list of all krebsministers
krebsminister = with config.krebs.users; [ lass tv ];
- all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx ];
+ all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx makefu-android ];
all-exco = with config.krebs.users; [ exco ];
priv-rules = repo: set-owners repo all-makefu;
diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix
index 9249280c5..2ab62766a 100644
--- a/makefu/2configs/stats/telegraf/europastats.nix
+++ b/makefu/2configs/stats/telegraf/europastats.nix
@@ -4,7 +4,7 @@ let
rev = "be31da7";
name = "europastats-${rev}";
propagatedBuildInputs = [
- requests2
+ requests
docopt
];
src = pkgs.fetchgit {
diff --git a/makefu/2configs/tools/sec-gui.nix b/makefu/2configs/tools/sec-gui.nix
index 2db3e4391..95f130ae8 100644
--- a/makefu/2configs/tools/sec-gui.nix
+++ b/makefu/2configs/tools/sec-gui.nix
@@ -1,8 +1,15 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = with pkgs; [
- tpmmanager
- wireshark
- ];
+ users.users.makefu = {
+ extraGroups = [ "wireshark" ];
+ packages = with pkgs; [
+ tpmmanager
+ ];
+ };
+
+ programs.wireshark = {
+ enable = true;
+ package = pkgs.wireshark;
+ };
}
diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix
index 200ea4719..048c1d1a3 100644
--- a/makefu/2configs/tools/steam.nix
+++ b/makefu/2configs/tools/steam.nix
@@ -1,9 +1,7 @@
{pkgs, ...}:
{
users.users.makefu.packages = [
- (pkgs.steam.override {
- newStdcpp = true;
- })
+ pkgs.steam
];
hardware.opengl.driSupport32Bit = true;
hardware.pulseaudio.support32Bit = true;
diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index 2eecd6428..677950f43 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -35,6 +35,7 @@ in {
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack
+ http://www.iozone.org/src/current/
{
url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ;
diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix
index 846642580..9cac59205 100644
--- a/makefu/3modules/server-config.nix
+++ b/makefu/3modules/server-config.nix
@@ -1,15 +1,14 @@
{config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-{
+with lib;{
options.makefu.server.primary-itf = lib.mkOption {
- type = types.str;
- description = "Primary interface of the server";
- };
+ type = types.str;
+ description = "Primary interface of the server";
+ };
options.makefu.gui.user = lib.mkOption {
- type = types.str;
- description = "GUI user";
+ type = types.str;
+ description = "GUI user";
default = config.krebs.build.user.name;
- };
+ };
}
diff --git a/makefu/5pkgs/custom/inkscape/dxf_fix.patch b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
index 5ea0a073e..b7b491d4e 100644
--- a/makefu/5pkgs/custom/inkscape/dxf_fix.patch
+++ b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
@@ -1,13 +1,12 @@
---- ./share/extensions/dxf_outlines.py 2017-02-14 00:46:57.000000000 +0100
-+++ ./share/extensions/dxf_outlines.py.new 2017-05-10 04:15:03.000000000 +0200
-@@ -340,7 +340,7 @@
- scale = eval(self.options.units)
+--- ./share/extensions/dxf_outlines.py 2017-10-08 17:28:45.553368917 +0200
++++ ./share/extensions/dxf_outlines.py.new 2017-10-08 17:29:20.172554152 +0200
+@@ -341,7 +341,7 @@
if not scale:
scale = 25.4/96 # if no scale is specified, assume inch as baseunit
+ scale /= self.unittouu('1px')
- h = self.unittouu(self.document.getroot().xpath('@height', namespaces=inkex.NSS)[0])
-+ h = self.unittouu(self.getDocumentHeight())
++ h = self.unittouu(self.documentHeight())
self.groupmat = [[[scale, 0.0, 0.0], [0.0, -scale, h*scale]]]
doc = self.document.getroot()
self.process_group(doc)
-
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 96975e54f..e99aa696b 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -24,7 +24,7 @@ in {
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { };
- inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
+ inherit (callPackage ./devpi {}) devpi-web devpi-server;
nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {};
inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
patches = [ ./custom/inkscape/dxf_fix.patch ];
diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix
index 885777be4..3df67d07e 100644
--- a/makefu/5pkgs/drozer/default.nix
+++ b/makefu/5pkgs/drozer/default.nix
@@ -5,7 +5,7 @@ pythonPackages.buildPythonApplication rec {
version = "2.4.3";
buildInputs = [ jdk7 ];
propagatedBuildInputs = with pythonPackages; [
- protobuf3_2
+ protobuf
pyopenssl
pyyaml
] ++ [
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/makefu/6tests/data/secrets/ssh_host_rsa_key
diff --git a/makefu/source.nix b/makefu/source.nix
index a29d09008..013426195 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -11,14 +11,10 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
- ref = "59e7765"; # unstable @ 2017-09-04
- # + graceful requests2 (a772c3a)
- # + mitmproxy fix (eee2d17)
- # + tpm-tools fix (5cb9987)
- # + dnscrypt-wrapper (25703c3)
- # + lass wvstream fix (76f4910,37cc2bc,0d48837)
+ ref = "727a3a3"; # unstable @ 2017-10-07
+ # + revert wvdial (76f4910)
# + ruby stuff (2f0b17e4be9,55a952be5b5)
- # + proot aarch64 fix (05d2603173d)
+ # + mitmproxy fix (360a5efd,ef52c95b)
in
evalSource (toString _file) [