summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/shared/default.nix1
-rw-r--r--krebs/5pkgs/irc-announce/default.nix2
-rw-r--r--makefu/1systems/x.nix5
-rw-r--r--makefu/2configs/dnscrypt.nix1
-rw-r--r--makefu/2configs/fetchWallpaper.nix2
-rw-r--r--makefu/2configs/logging/central-stats-server.nix7
-rw-r--r--shared/1systems/wolf.nix1
-rw-r--r--shared/2configs/central-stats-client.nix68
-rw-r--r--shared/2configs/shared-buildbot.nix14
-rw-r--r--tv/2configs/default.nix2
-rw-r--r--tv/2configs/git.nix5
11 files changed, 99 insertions, 9 deletions
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix
index 5e4935e3a..17179a39f 100644
--- a/krebs/3modules/shared/default.nix
+++ b/krebs/3modules/shared/default.nix
@@ -47,6 +47,7 @@ in {
ip6.addr = "42:0:0:0:0:0:77:1";
aliases = [
"wolf.r"
+ "build.wolf.r"
"cgit.wolf.r"
];
tinc.pubkey = ''
diff --git a/krebs/5pkgs/irc-announce/default.nix b/krebs/5pkgs/irc-announce/default.nix
index e1f4919d5..6eb725b71 100644
--- a/krebs/5pkgs/irc-announce/default.nix
+++ b/krebs/5pkgs/irc-announce/default.nix
@@ -24,7 +24,7 @@ pkgs.writeDashBin "irc-announce" ''
# echo2 and cat2 are used output to both, stdout and stderr
# This is used to see what we send to the irc server. (debug output)
echo2() { echo "$*"; echo "$*" >&2; }
- cat2() { tee /dev/stderr; }
+ cat2() { awk '{print;print > "/dev/stderr"}'; }
# privmsg_cat transforms stdin to a privmsg
privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; }
diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix
index 51c9543ef..866aac3bd 100644
--- a/makefu/1systems/x.nix
+++ b/makefu/1systems/x.nix
@@ -72,11 +72,6 @@ with import <stockholm/lib>;
makefu.umts.apn = "web.vodafone.de";
nixpkgs.config.allowUnfree = true;
- krebs.nginx = {
- default404 = false;
- servers.default.listen = [ "80 default_server" ];
- servers.default.server-names = [ "_" ];
- };
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
environment.systemPackages = [ pkgs.passwdqc-utils ];
diff --git a/makefu/2configs/dnscrypt.nix b/makefu/2configs/dnscrypt.nix
index d810456f3..6e7ef0f82 100644
--- a/makefu/2configs/dnscrypt.nix
+++ b/makefu/2configs/dnscrypt.nix
@@ -1,5 +1,6 @@
{
services.dnscrypt-proxy.enable = true;
+ services.dnscrypt-proxy.resolverName = "cs-de";
networking.extraResolvconfConf = ''
name_servers='127.0.0.1'
'';
diff --git a/makefu/2configs/fetchWallpaper.nix b/makefu/2configs/fetchWallpaper.nix
index fb74919c4..16a7a13b2 100644
--- a/makefu/2configs/fetchWallpaper.nix
+++ b/makefu/2configs/fetchWallpaper.nix
@@ -8,7 +8,7 @@
timerConfig = {
OnCalendar = "*:0/30";
};
- url = "http://echelon/wallpaper.png";
+ url = "http://prism.r/realwallpaper-sat-krebs.png";
};
}
diff --git a/makefu/2configs/logging/central-stats-server.nix b/makefu/2configs/logging/central-stats-server.nix
index 30ad63879..4f7961f32 100644
--- a/makefu/2configs/logging/central-stats-server.nix
+++ b/makefu/2configs/logging/central-stats-server.nix
@@ -71,5 +71,12 @@ in {
iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
+
+ ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
+ ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
+ ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
+ ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
+ ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
+ ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
'';
}
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix
index 0b4448022..75307be12 100644
--- a/shared/1systems/wolf.nix
+++ b/shared/1systems/wolf.nix
@@ -14,6 +14,7 @@ in
../2configs/shack-nix-cacher.nix
../2configs/shared-buildbot.nix
../2configs/share-shack.nix
+ ../2configs/central-stats-client.nix
];
# use your own binary cache, fallback use cache.nixos.org (which is used by
# apt-cacher-ng in first place)
diff --git a/shared/2configs/central-stats-client.nix b/shared/2configs/central-stats-client.nix
new file mode 100644
index 000000000..0412eba9a
--- /dev/null
+++ b/shared/2configs/central-stats-client.nix
@@ -0,0 +1,68 @@
+{pkgs, config, ...}:
+{
+ services.collectd = {
+ enable = true;
+ autoLoadPlugin = true;
+ extraConfig = ''
+ Hostname ${config.krebs.build.host.name}
+ LoadPlugin load
+ LoadPlugin disk
+ LoadPlugin memory
+ LoadPlugin df
+ Interval 30.0
+
+ LoadPlugin interface
+ <Plugin "interface">
+ Interface "*Link"
+ Interface "lo"
+ Interface "vboxnet*"
+ Interface "virbr*"
+ IgnoreSelected true
+ </Plugin>
+
+ LoadPlugin df
+ <Plugin "df">
+ MountPoint "/nix/store"
+ # MountPoint "/run*"
+ # MountPoint "/sys*"
+ # MountPoint "/dev"
+ # MountPoint "/dev/shm"
+ # MountPoint "/tmp"
+ FSType "tmpfs"
+ FSType "binfmt_misc"
+ FSType "debugfs"
+ FSType "mqueue"
+ FSType "hugetlbfs"
+ FSType "systemd-1"
+ FSType "cgroup"
+ FSType "securityfs"
+ FSType "ramfs"
+ FSType "proc"
+ FSType "devpts"
+ FSType "devtmpfs"
+ MountPoint "/var/lib/docker/devicemapper"
+ IgnoreSelected true
+ </Plugin>
+
+ LoadPlugin cpu
+ <Plugin cpu>
+ ReportByCpu true
+ ReportByState true
+ ValuesPercentage true
+ </Plugin>
+
+ LoadPlugin network
+ <Plugin "network">
+ Server "stats.makefu.r" "25826"
+ </Plugin>
+
+ LoadPlugin curl
+ <Plugin curl>
+ <Page "smarthome">
+ URL "http://smarthome.shack/";
+ MeasureResponseTime true
+ </Page>
+ </Plugin>
+ '';
+ };
+}
diff --git a/shared/2configs/shared-buildbot.nix b/shared/2configs/shared-buildbot.nix
index cf08882a9..1d6883afe 100644
--- a/shared/2configs/shared-buildbot.nix
+++ b/shared/2configs/shared-buildbot.nix
@@ -9,11 +9,20 @@
{
# due to the fact that we actually build stuff on the box via the daemon,
# /nix/store should be cleaned up automatically as well
+ services.nginx.virtualHosts.build = {
+ serverAliases = [ "build.wolf.r" ];
+ locations."/".extraConfig = ''
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_pass http://localhost:${toString config.krebs.buildbot.master.web.port};
+ '';
+ };
+
nix.gc.automatic = true;
nix.gc.dates = "05:23";
networking.firewall.allowedTCPPorts = [ 8010 9989 ];
krebs.buildbot.master = let
- stockholm-mirror-url = http://cgit.wolf/stockholm-mirror ;
+ stockholm-mirror-url = http://cgit.wolf.r/stockholm-mirror ;
in {
secrets = [ "retiolum-ci.rsa_key.priv" "cac.json" ];
workers = {
@@ -151,6 +160,9 @@
channels = [ { channel = "retiolum"; } ];
allowForce = true;
};
+ extraConfig = ''
+ c['buildbotURL'] = "http://build.wolf.r/"
+ '';
};
krebs.buildbot.worker = {
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index ede73f4e5..fd8bafe05 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -14,7 +14,7 @@ with import <stockholm/lib>;
stockholm.file = "/home/tv/stockholm";
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
- ref = "b647a67dfee066b75d2f54b789f7646016662071"; # nixos-17.03
+ ref = "67c6638b089a5766435e07057ff73b35c82440cc"; # nixos-17.03
};
} // optionalAttrs host.secure {
secrets-master.file = "/home/tv/secrets/master";
diff --git a/tv/2configs/git.nix b/tv/2configs/git.nix
index 1f7b6b00b..d45321cd8 100644
--- a/tv/2configs/git.nix
+++ b/tv/2configs/git.nix
@@ -33,6 +33,9 @@ let {
cgit.desc = "dict.leo.org command line interface";
};
get = {};
+ htgen = {
+ cgit.desc = "toy HTTP server";
+ };
irc = {
cgit.desc = "toy IRC client";
};
@@ -48,6 +51,7 @@ let {
populate = {
cgit.desc = "source code installer";
};
+ q = {};
regfish = {};
soundcloud = {
cgit.desc = "SoundCloud command line interface";
@@ -71,6 +75,7 @@ let {
cgserver = {};
crude-mail-setup = {};
dot-xmonad = {};
+ hirc = {};
make-snapshot = {};
nixos-infest = {};
painload = {};