diff options
-rw-r--r-- | krebs/3modules/airdcpp.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/urlwatch.nix | 2 | ||||
-rw-r--r-- | krebs/nixpkgs.json | 1 | ||||
-rw-r--r-- | makefu/1systems/gum/config.nix | 2 | ||||
-rw-r--r-- | makefu/1systems/omo/config.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/bureautomation/zigbee2mqtt/default.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/dcpp/hub.nix | 47 | ||||
-rw-r--r-- | makefu/2configs/deployment/gecloudpad/gecloudpad.nix | 4 | ||||
-rw-r--r-- | makefu/2configs/gui/wbob-kiosk.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/home/ham/mqtt.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/nsupdate-data.nix | 6 | ||||
-rw-r--r-- | makefu/2configs/share/omo.nix | 2 | ||||
-rw-r--r-- | makefu/2configs/tools/android-pentest.nix | 2 | ||||
-rw-r--r-- | makefu/5pkgs/drozer/default.nix | 1 | ||||
-rw-r--r-- | makefu/5pkgs/uhub/default.nix | 48 | ||||
-rw-r--r-- | makefu/krops.nix | 2 |
16 files changed, 44 insertions, 83 deletions
diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index 4ac6e30ee..259f613cc 100644 --- a/krebs/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -269,6 +269,7 @@ let home = cfg.stateDir; createHome = true; isSystemUser = true; + group = "airdcpp"; inherit (cfg) extraGroups; }; groups.airdcpp.gid = genid "airdcpp"; diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index 6a159a5b2..2e336de21 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -194,7 +194,9 @@ let home = cfg.dataDir; createHome = true; isSystemUser = true; + group = user.name; }; + users.groups.${user.name} = {}; }; user = rec { diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index e219581a1..126c0a326 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -4,7 +4,6 @@ "date": "2021-12-01T16:06:54+01:00", "path": "/nix/store/88zw2qrbzaq3bnnsmz9qc4lvkwg0168g-nixpkgs", "sha256": "1dyyzgcmlhpsdb4ngiy8m0x10qmh0r56ky75r8ppvvh730m3lhfj", - "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 1cd569947..39c0554e0 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -159,7 +159,7 @@ in { <stockholm/makefu/2configs/bgt/etherpad.euer.krebsco.de.nix> # <stockholm/makefu/2configs/deployment/systemdultras-rss.nix> - <stockholm/makefu/2configs/shiori.nix> + # <stockholm/makefu/2configs/shiori.nix> # <stockholm/makefu/2configs/workadventure> <stockholm/makefu/2configs/bgt/download.binaergewitter.de.nix> diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 6afe792ec..0b4aaacb3 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -75,7 +75,7 @@ in { # Logging #influx + grafana <stockholm/makefu/2configs/stats/server.nix> - <stockholm/makefu/2configs/stats/nodisk-client.nix> + # <stockholm/makefu/2configs/stats/nodisk-client.nix> # logs to influx <stockholm/makefu/2configs/stats/external/aralast.nix> <stockholm/makefu/2configs/stats/telegraf> diff --git a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix index ba10ae74b..b35019793 100644 --- a/makefu/2configs/bureautomation/zigbee2mqtt/default.nix +++ b/makefu/2configs/bureautomation/zigbee2mqtt/default.nix @@ -12,7 +12,7 @@ in services.zigbee2mqtt = { enable = true; inherit dataDir; - config = { + settings = { permit_join = true; serial.port = "/dev/cc2531"; homeassistant = true; diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix index 8b43b2fcf..b8ca49b74 100644 --- a/makefu/2configs/dcpp/hub.nix +++ b/makefu/2configs/dcpp/hub.nix @@ -39,7 +39,9 @@ in { home = stateDir; isSystemUser = true; createHome = true; + group = ddclientUser; }; + users.groups.${ddclientUser} = {}; systemd.services = { ddclient-nsupdate-uhub = { @@ -83,32 +85,33 @@ in { isSystemUser = true; group = "uhub"; }; - users.group.uhub = {}; + users.groups.uhub = {}; services.uhub.home = { enable = true; - port = 1511; enableTLS = true; - hubConfig = '' - hub_name = "krebshub" - tls_certificate = ${uhubDir}/uhub.crt - tls_private_key = ${uhubDir}/uhub.key - registered_users_only = true - ''; - plugins = { - welcome = { - enable = true; - motd = "shareit"; - rules = "1. Don't be an asshole"; - }; - history = { - enable = true; - }; - authSqlite = { - enable = true; - file = "${uhubDir}/uhub.sql"; - }; - + settings = { + server_port = 1511; + hub_name = "krebshub"; + tls_certificate = "${uhubDir}/uhub.crt"; + tls_private_key = "${uhubDir}/uhub.key"; + registered_users_only = true; }; + plugins = [ + { + plugin = "${pkgs.uhub}/plugins/mod_auth_sqlite.so"; + settings.file = "${uhubDir}/uhub.sql"; + } + { + plugin = "${pkgs.uhub}/plugins/mod_welcome.so"; + settings.motd = "shareit"; + settings.rules = "1. Don't be an asshole"; + } + { + plugin = "${pkgs.uhub}/plugins/mod_history.so"; + settings.motd = "shareit"; + settings.rules = "1. Don't be an asshole"; + } + ]; }; networking.firewall.allowedTCPPorts = [ 411 1511 ]; } diff --git a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix index 7d51dfa0d..6f20ff579 100644 --- a/makefu/2configs/deployment/gecloudpad/gecloudpad.nix +++ b/makefu/2configs/deployment/gecloudpad/gecloudpad.nix @@ -11,8 +11,8 @@ with pkgs.python3Packages;buildPythonPackage rec { src = fetchFromGitHub { owner = "binaergewitter"; repo = "gecloudpad"; - rev = "master"; - sha256 = "0p9lcphp3r7hyypxadzw4x9ix6d0anmspxnjnj0v2jjll8gxqlhf"; + rev = "1399ede4e609f63fbf1c4560979a6b22b924e0c5"; + sha256 = "1w74j5ks7naalzrib87r0adq20ik5x3x5l520apagb7baszn17lb"; }; meta = { diff --git a/makefu/2configs/gui/wbob-kiosk.nix b/makefu/2configs/gui/wbob-kiosk.nix index 2f6a26d82..dc28cf4d2 100644 --- a/makefu/2configs/gui/wbob-kiosk.nix +++ b/makefu/2configs/gui/wbob-kiosk.nix @@ -17,7 +17,7 @@ user = "makefu"; }; displayManager.defaultSession = "gnome"; - desktopManager.gnome3.enable = true; + desktopManager.gnome.enable = true; displayManager.sessionCommands = '' ${pkgs.xlibs.xset}/bin/xset -display :0 s off -dpms ${pkgs.xlibs.xrandr}/bin/xrandr --output HDMI2 --right-of HDMI1 diff --git a/makefu/2configs/home/ham/mqtt.nix b/makefu/2configs/home/ham/mqtt.nix index 0eca15741..c90afff4a 100644 --- a/makefu/2configs/home/ham/mqtt.nix +++ b/makefu/2configs/home/ham/mqtt.nix @@ -9,8 +9,7 @@ listeners = [ { port = 1883; - omitPasswordAuth = true; - checkPasswords = true; + omitPasswordAuth = false; users.sensor = { hashedPassword = "$6$2DXU7W1bvqXPqxkF$vtdz5KTd/T09hmoc9LjgEGFjvpwQbQth6vlVcr5hJNLgcBHv4U03YCKC8TKXbmQAa8xiJ76xJIg25kcL+KI3tg=="; acl = [ "topic readwrite #" ]; diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix index 2f8f4acc4..3b6518f60 100644 --- a/makefu/2configs/nsupdate-data.nix +++ b/makefu/2configs/nsupdate-data.nix @@ -28,14 +28,16 @@ let ''; in { - users.extraUsers = singleton { + users.users.${ddclientUser} = { name = ddclientUser; - uid = genid "ddclient"; + uid = genid ddclientUser; description = "ddclient daemon user"; home = stateDir; createHome = true; isSystemUser = true; + group = ddclientUser; }; + users.groups.${ddclientUser} = {}; systemd.services = { ddclient-nsupdate-elchos = { diff --git a/makefu/2configs/share/omo.nix b/makefu/2configs/share/omo.nix index 308142f03..93536b63d 100644 --- a/makefu/2configs/share/omo.nix +++ b/makefu/2configs/share/omo.nix @@ -14,7 +14,9 @@ in { uid = config.ids.uids.smbguest; description = "smb guest user"; home = "/var/empty"; + group = "share"; }; + users.groups.share = {}; services.samba = { enable = true; shares = { diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix index 766aacb9e..1f622a8e0 100644 --- a/makefu/2configs/tools/android-pentest.nix +++ b/makefu/2configs/tools/android-pentest.nix @@ -6,7 +6,7 @@ # mitmproxy nmap msf - drozer + #drozer #dex2jar apktool jd-gui diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix index 1f353e477..22d720f33 100644 --- a/makefu/5pkgs/drozer/default.nix +++ b/makefu/5pkgs/drozer/default.nix @@ -30,5 +30,6 @@ pythonPackages.buildPythonApplication rec { homepage = https://github.com/mwrlabs/drozer/; description = "The Leading Security Assessment Framework for Android"; license = lib.licenses.bsd2; + broken = true; }; } diff --git a/makefu/5pkgs/uhub/default.nix b/makefu/5pkgs/uhub/default.nix deleted file mode 100644 index e0ee035e4..000000000 --- a/makefu/5pkgs/uhub/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ stdenv, lib, fetchpatch, fetchFromGitHub, cmake, openssl, sqlite, pkgconfig, systemd -, tlsSupport ? false }: - -assert tlsSupport -> openssl != null; - -stdenv.mkDerivation rec { - pname = "uhub"; - version = "2019-06-18"; - - src = fetchFromGitHub { - owner = "janvidar"; - repo = "uhub"; - rev = "78a703924064a92cedeb0a5aab5a80d8f77db73e"; - sha256 = "1dqmj08salhbcdlkglbi03hn9jzgmhjqlb0iysafpzrrwi0mca1z"; - }; - - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ cmake sqlite systemd ] ++ lib.optional tlsSupport openssl; - - outputs = [ "out" - "mod_example" - "mod_welcome" - "mod_logging" - "mod_auth_simple" - "mod_auth_sqlite" - "mod_chat_history" - "mod_chat_only" - "mod_topic" - "mod_no_guest_downloads" - ]; - - patches = [ - <nixpkgs/pkgs/servers/uhub/plugin-dir.patch> - ]; - - cmakeFlags = '' - -DSYSTEMD_SUPPORT=ON - ${if tlsSupport then "-DSSL_SUPPORT=ON" else "-DSSL_SUPPORT=OFF"} - ''; - - meta = with lib; { - description = "High performance peer-to-peer hub for the ADC network"; - homepage = https://www.uhub.org/; - license = licenses.gpl3; - maintainers = [ maintainers.ehmry ]; - platforms = platforms.unix; - }; -} diff --git a/makefu/krops.nix b/makefu/krops.nix index fd53f004e..1db4401a4 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -77,7 +77,7 @@ (lib.mkIf ( host-src.home-manager ) { home-manager.git = { url = https://github.com/rycee/home-manager; - ref = "fd5fbb0a241f644908cdf01ccd1821d0606fb4fd"; + ref = "6ce1d64073f48b9bc9425218803b1b607454c1e7"; }; }) ]; |