diff options
-rw-r--r-- | krebs/3modules/fetchWallpaper.nix | 5 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 12 | ||||
-rw-r--r-- | krebs/3modules/retiolum.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/fortclientsslvpn/default.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/repo-sync/default.nix | 4 | ||||
-rw-r--r-- | makefu/1systems/vbob.nix | 26 | ||||
-rw-r--r-- | makefu/2configs/base-gui.nix | 10 | ||||
-rw-r--r-- | makefu/2configs/default.nix | 3 | ||||
-rw-r--r-- | makefu/2configs/hw/tp-x220.nix | 8 | ||||
-rw-r--r-- | makefu/2configs/omo-share.nix | 26 | ||||
-rw-r--r-- | makefu/3modules/awesome-extra.nix | 40 | ||||
-rw-r--r-- | makefu/3modules/default.nix | 1 | ||||
-rw-r--r-- | makefu/5pkgs/awesomecfg/full.cfg | 10 | ||||
-rw-r--r-- | makefu/5pkgs/default.nix | 1 | ||||
-rw-r--r-- | makefu/5pkgs/devpi/default.nix | 70 |
15 files changed, 187 insertions, 37 deletions
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index e6bb06a95..0adcec3d8 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -41,8 +41,11 @@ let }; fetchWallpaperScript = pkgs.writeDash "fetchWallpaper" '' + set -euf + mkdir -p ${shell.escape cfg.stateDir} - curl -s -o ${shell.escape cfg.stateDir}/wallpaper -z ${shell.escape cfg.stateDir}/wallpaper ${shell.escape cfg.url} + cd ${shell.escape cfg.stateDir} + curl -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper ''; diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 814e6929b..a6d4597f7 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -479,12 +479,12 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEA961eCQE562VPYjuZtd0+FNRfUghvD2ccjUlihMjzg46GAK+duqK+ - 4peWklGOL4eRYQBg6G2VDzWiU2MxXVbXUZaMrxh7fTc3G3LdbqTxzAv3GQKR/6iA - 9bGUf6u4ztVNAcj2mrY3mfs4gMlBQyQ2wcM0ZUpiAMaRB4cdq7I4GVHbYTFYfQuI - 2zdnr0w8AjlMpFFcD0ExsWeppiJsE7iiME/S2VVfh2NrEpAKQbLH9fKrfkiJA/+9 - 0VIH9wLLIYngUtQKbvEQ5xgx6ybrg0vO8ZqZ1ZGXYxOQZzWzPP0tvDU0QHSKYSWb - FjcOf1lWSWjsjHxMl/Gh57hjNJFCbs8yjQIDAQAB + MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d + fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs + e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1 + KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99 + oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf + wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB -----END RSA PUBLIC KEY----- ''; }; diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 5aaeb5a30..5a035fa50 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -102,6 +102,10 @@ let The list of hosts in the network which the client will try to connect to. These hosts should have an 'Address' configured which points to a routeable IPv4 or IPv6 address. + + In stockholm this can be done by configuring: + krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.addrs4 = + [ "${external-ip} ${external-port}" ] ''; }; diff --git a/krebs/5pkgs/fortclientsslvpn/default.nix b/krebs/5pkgs/fortclientsslvpn/default.nix index 602766f46..11d567408 100644 --- a/krebs/5pkgs/fortclientsslvpn/default.nix +++ b/krebs/5pkgs/fortclientsslvpn/default.nix @@ -5,6 +5,10 @@ stdenv.mkDerivation rec { # forticlient will be copied into /tmp before execution. this is necessary as # the software demands $base to be writeable + # mkdir /etc/ppp ; touch /etc/ppp/options + ## i still have not found which tool uses tail ... i tried redirecting it in forticlientsslvpn and subproc + # ln -s /run/current-system/sw/bin/tail /usr/bin/tail + src = fetchurl { # archive.org mirror: # https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz diff --git a/krebs/5pkgs/repo-sync/default.nix b/krebs/5pkgs/repo-sync/default.nix index 789c03f36..7cba87b09 100644 --- a/krebs/5pkgs/repo-sync/default.nix +++ b/krebs/5pkgs/repo-sync/default.nix @@ -2,7 +2,7 @@ with python3Packages; buildPythonPackage rec { name = "repo-sync-${version}"; - version = "0.2.5"; + version = "0.2.6"; disabled = isPy26 || isPy27; propagatedBuildInputs = [ docopt @@ -11,7 +11,7 @@ with python3Packages; buildPythonPackage rec { ]; src = fetchurl { url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz"; - sha256 = "1a59bj0vc5ajq8indkvkdk022yzvvv5mjb57hk3xf1j3wpr85p84"; + sha256 = "1hqa9qw9qg7mxgniqzys9szycs05llg4yik8a9wz94a437zzarsk"; }; meta = { homepage = http://github.com/makefu/repo-sync; diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index 5e2382f37..8b71b1393 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -1,9 +1,7 @@ -# -# -# { lib, config, pkgs, ... }: { krebs.build.host = config.krebs.hosts.vbob; + makefu.awesome.modkey = "Mod1"; imports = [ # Include the results of the hardware scan. ../. @@ -19,6 +17,10 @@ device ="/dev/disk/by-label/nixstore"; fsType = "ext4"; }; + fileSystems."/var/lib/docker" = { + device ="/dev/disk/by-label/nix-docker"; + fsType = "ext4"; + }; #makefu.buildbot.master.enable = true; # allow vbob to deploy self users.extraUsers = { @@ -28,11 +30,14 @@ }; environment.systemPackages = with pkgs;[ fortclientsslvpn - buildbot - buildbot-slave get logstash + docker + devpi-web + devpi-client ]; + # virtualisation.docker.enable = true; + networking.firewall.allowedTCPPorts = [ 25 @@ -42,18 +47,21 @@ krebs.retiolum = { enable = true; - extraConfig = "Proxy = http global.proxy.alcatel-lucent.com 8000"; connectTo = [ + "omo" "gum" ]; }; - networking.proxy.default = "http://global.proxy.alcatel-lucent.com:8000"; + networking.extraHosts = '' + 172.17.20.190 gitlab + 172.17.62.27 svbittool01 tool + ''; + fileSystems."/media/share" = { fsType = "vboxsf"; device = "share"; - options = "rw,uid=9001,gid=9001"; + options = [ "rw" "uid=9001" "gid=9001" ]; }; } - diff --git a/makefu/2configs/base-gui.nix b/makefu/2configs/base-gui.nix index b807957ba..f7d6991c5 100644 --- a/makefu/2configs/base-gui.nix +++ b/makefu/2configs/base-gui.nix @@ -14,7 +14,6 @@ with config.krebs.lib; let mainUser = config.krebs.build.user.name; - awesomecfg = pkgs.awesomecfg.full; in { imports = [ ]; @@ -36,14 +35,7 @@ in }; # lid switch is handled via button presses services.logind.extraConfig = mkDefault "HandleLidSwitch=ignore"; - nixpkgs.config.packageOverrides = pkgs: rec { - awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : { - postFixup = '' - cp ${awesomecfg} $out/etc/xdg/awesome/rc.lua - ''; - }); - }; - + makefu.awesome.enable = true; i18n.consoleFont = "Lat2-Terminus16"; fonts = { diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 20faf7896..afdeec40e 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -138,6 +138,9 @@ with config.krebs.lib; "time.apple.com" "time.nist.gov" ]; + nix.extraOptions = '' + auto-optimise-store = true + ''; security.setuidPrograms = [ "sendmail" ]; services.journald.extraConfig = '' diff --git a/makefu/2configs/hw/tp-x220.nix b/makefu/2configs/hw/tp-x220.nix index 0a471bde0..be3d1eb70 100644 --- a/makefu/2configs/hw/tp-x220.nix +++ b/makefu/2configs/hw/tp-x220.nix @@ -4,8 +4,10 @@ with config.krebs.lib; { imports = [ ./tp-x2x0.nix ]; - - boot.kernelModules = [ "kvm-intel" ]; + boot = { + kernelModules = [ "kvm-intel" "acpi_call" ]; + extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; + }; services.xserver = { videoDriver = "intel"; @@ -15,6 +17,8 @@ with config.krebs.lib; ''; }; + security.rngd.enable = true; + services.xserver.displayManager.sessionCommands ='' xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1 xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2 diff --git a/makefu/2configs/omo-share.nix b/makefu/2configs/omo-share.nix index c943e3d9a..08bdd4a40 100644 --- a/makefu/2configs/omo-share.nix +++ b/makefu/2configs/omo-share.nix @@ -13,6 +13,16 @@ in { omo-share = { listen = [ "${local-ip}:80" ]; locations = singleton (nameValuePair "/" '' + + access_log off; + # sendfile off; + # tcp_nopush on; + # aio on; + sendfile on; + sendfile_max_chunk 512k; + directio 512; + aio threads; + mp4; autoindex on; root /media; limit_rate_after 100m; @@ -24,7 +34,6 @@ in { keepalive_timeout 65; keepalive_requests 200; reset_timedout_connection on; - sendfile on; tcp_nopush on; gzip off; ''); @@ -48,7 +57,6 @@ in { browseable = "yes"; "guest ok" = "yes"; }; - emu = { path = "/media/crypt1/emu"; "read only" = "yes"; @@ -61,6 +69,20 @@ in { browseable = "yes"; "guest ok" = "yes"; }; + usenet-rw = { + path = "/media/crypt0/usenet"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "no"; + "valid users" = "makefu"; + }; + emu-rw = { + path = "/media/crypt1/emu"; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "no"; + "valid users" = "makefu"; + }; }; extraConfig = '' guest account = smbguest diff --git a/makefu/3modules/awesome-extra.nix b/makefu/3modules/awesome-extra.nix new file mode 100644 index 000000000..b12556486 --- /dev/null +++ b/makefu/3modules/awesome-extra.nix @@ -0,0 +1,40 @@ +{config, lib, pkgs, ... }: + +with config.krebs.lib; +let + cfg = config.makefu.awesome; + out = { + options.makefu.awesome = api; + config = lib.mkIf cfg.enable imp; + }; + api = { + enable = mkEnableOption "awesome custom config"; + modkey = mkOption { + type = types.str; + description = "Modkey to be used"; + default = "Mod4"; + }; + baseConfig = mkOption { + type = types.path; + description = '' + rc.lua file to be used as default + This module will use substituteAll to replace strings before writing to + /etc/xdg/awesome/rc.lua + ''; + default = pkgs.awesomecfg.full; + }; + }; + imp = { + # TODO: configure display manager as well + nixpkgs.config.packageOverrides = pkgs: rec { + awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : { + postFixup = let + rclua = pkgs.substituteAll { + src = cfg.baseConfig; + inherit (cfg) modkey; + }; + in "cp ${rclua} $out/etc/xdg/awesome/rc.lua"; + }); + }; + }; +in out diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix index 0a10b1532..853bdca04 100644 --- a/makefu/3modules/default.nix +++ b/makefu/3modules/default.nix @@ -5,6 +5,7 @@ _: ./snapraid.nix ./umts.nix ./taskserver.nix + ./awesome-extra.nix ]; } diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index c1b58aa90..f42aea003 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -83,13 +83,11 @@ vicious.register(batwidget, vicious.widgets.bat, "$2%", 61, "BAT0") -- {{{ Variable definitions -- Themes define colours, icons, and wallpapers -- beautiful.init("/usr/share/awesome/themes/default/theme.lua") --- ./qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/lib/beautiful.lua --- --- Find the default theme --- --- beautiful.init("/nix/store/qbx8r72yzaxpz41zq00902zwajl31b5h-awesome-3.5.6/share/awesome/themes/default/theme.lua") +-- @awesome@/share/awesome/lib/beautiful.lua +-- beautiful.init("@awesome@/share/awesome/themes/default/theme.lua") +-- Find the default theme function find_default_theme() -- find the default lua theme in the package path for path in package.path:gmatch('([^;]+);') do @@ -115,7 +113,7 @@ browser = "firefox" -- If you do not like this or do not have such a key, -- I suggest you to remap Mod4 to another key using xmodmap or other tools. -- However, you can use another modifier like Mod1, but it may interact with others. -modkey = "Mod4" +modkey = "@modkey@" -- Table of layouts to cover with awful.layout.inc, order matters. local layouts = diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix index fff92725e..9cd2629de 100644 --- a/makefu/5pkgs/default.nix +++ b/makefu/5pkgs/default.nix @@ -12,6 +12,7 @@ in mycube-flask = callPackage ./mycube-flask {}; nodemcu-uploader = callPackage ./nodemcu-uploader {}; tw-upload-plugin = callPackage ./tw-upload-plugin {}; + inherit (callPackage ./devpi {}) devpi-web devpi-server; taskserver = callPackage ./taskserver {}; }; } diff --git a/makefu/5pkgs/devpi/default.nix b/makefu/5pkgs/devpi/default.nix new file mode 100644 index 000000000..0df8ecd2c --- /dev/null +++ b/makefu/5pkgs/devpi/default.nix @@ -0,0 +1,70 @@ +{ pkgs ? import <nixpkgs> {} }: +with pkgs.stdenv.lib; +let + execnet14 = pkgs.python3Packages.buildPythonPackage rec { + name = "execnet-1.4.1"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/source/e/execnet/${name}.tar.gz"; + sha256 = "1rpk1vyclhg911p3hql0m0nrpq7q7mysxnaaw6vs29cpa6kx8vgn"; + }; + + propagatedBuildInputs = with pkgs.python3Packages; + [ setuptools_scm apipkg ]; + meta = { + description = "rapid multi-Python deployment"; + license = licenses.gpl2; + }; + }; + + devpi-web = pkgs.python3Packages.buildPythonPackage rec { + name = "devpi-web"; + version = "3.0.0"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/source/d/devpi-web/devpi-web-${version}.tar.gz"; + sha256 = "156abxyhj17a8cg38hpyr31qkjb61mb2kggsxij4p4xvy9jwkbwi"; + }; + + propagatedBuildInputs = with pkgs.python3Packages; + [ devpi-server pyramid_chameleon beautifulsoup4 Whoosh defusedxml ]; + + meta = { + homepage = https://bitbucket.org/hpk42/devpi; + description = "a web view for devpi-server"; + license = licenses.mit; + maintainers = with maintainers; [ makefu ]; + }; + }; + devpi-server = pkgs.python3Packages.buildPythonPackage rec { + name = "devpi-server"; + version = "3.0.2"; + + # original postFixup adds "import sys; sys.argv[0] = 'devpi-server'" to + # `.devpi-server-wrapped` which + # results in "not existing devpi-server: 'devpi-server'" + postFixup = ""; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/source/d/devpi-server/devpi-server-${version}.tar.gz"; + sha256 = "14r1024i3x2pb72khyzvi56sh9smpdswmrbc88xvjxnalmzfn99d"; + }; + + propagatedBuildInputs = with pkgs.python3Packages; + [ devpi-common execnet14 itsdangerous pluggy waitress pyramid ]; + buildInputs = with pkgs.python3Packages; [ pytest beautifulsoup4 webtest ]; + + meta = { + homepage = https://bitbucket.org/hpk42/devpi; + description = "Devpi Server"; + license = licenses.mit; + maintainers = with maintainers; [ makefu ]; + }; + }; + +in { + inherit devpi-server; + devpi-web = pkgs.python3.buildEnv.override { + extraLibs = [ devpi-web devpi-server ]; + }; +} |