summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix14
-rw-r--r--krebs/3modules/lass/default.nix2
-rw-r--r--krebs/3modules/makefu/default.nix2
-rw-r--r--krebs/3modules/os-release.nix2
-rw-r--r--krebs/3modules/retiolum.nix15
-rw-r--r--krebs/3modules/tv/default.nix55
-rw-r--r--krebs/5pkgs/cac-api/default.nix2
-rw-r--r--krebs/5pkgs/get/default.nix2
-rw-r--r--krebs/5pkgs/github-hosts-sync/default.nix8
-rw-r--r--krebs/5pkgs/haskell-overrides/blessings.nix2
-rw-r--r--krebs/5pkgs/haskell-overrides/hyphenation.nix17
-rw-r--r--krebs/5pkgs/haskell-overrides/scanner.nix2
-rw-r--r--krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix2
-rw-r--r--krebs/5pkgs/much/default.nix2
-rw-r--r--krebs/5pkgs/painload/default.nix7
-rw-r--r--krebs/5pkgs/populate/default.nix2
-rw-r--r--krebs/5pkgs/push/default.nix2
-rw-r--r--krebs/5pkgs/with-tmpdir/default.nix2
-rw-r--r--lass/1systems/prism.nix3
-rw-r--r--lass/1systems/shodan.nix4
-rw-r--r--lass/2configs/buildbot-standalone.nix53
-rw-r--r--lass/2configs/git.nix2
-rw-r--r--lass/2configs/repo-sync.nix4
-rw-r--r--lass/2configs/websites/domsen.nix21
-rw-r--r--lass/2configs/websites/lassulus.nix47
-rw-r--r--lass/2configs/websites/util.nix2
-rw-r--r--lass/5pkgs/q/default.nix183
-rw-r--r--lass/5pkgs/xmonad-lass.nix4
-rw-r--r--makefu/1systems/gum.nix2
-rw-r--r--makefu/1systems/pnp.nix2
-rw-r--r--makefu/2configs/git/brain-retiolum.nix2
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix2
-rw-r--r--shared/2configs/cgit-mirror.nix2
-rw-r--r--shared/2configs/repo-sync.nix2
-rw-r--r--shared/2configs/shared-buildbot.nix2
-rw-r--r--tv/1systems/cd.nix78
-rw-r--r--tv/1systems/xu.nix1
-rw-r--r--tv/2configs/default.nix17
-rw-r--r--tv/2configs/git.nix7
-rw-r--r--tv/2configs/retiolum.nix3
-rw-r--r--tv/5pkgs/netcup/default.nix32
-rw-r--r--tv/5pkgs/q/default.nix177
-rw-r--r--tv/Zcerts/charybdis_cd.crt.pem24
43 files changed, 503 insertions, 313 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index ec85464df..82ede952d 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -90,11 +90,11 @@ let
};
imp = lib.mkMerge [
- { krebs = import ./lass { inherit config lib; }; }
- { krebs = import ./makefu { inherit config lib; }; }
- { krebs = import ./mv { inherit config lib; }; }
- { krebs = import ./shared { inherit config lib; }; }
- { krebs = import ./tv { inherit config lib; }; }
+ { krebs = import ./lass { inherit config; }; }
+ { krebs = import ./makefu { inherit config; }; }
+ { krebs = import ./mv { inherit config; }; }
+ { krebs = import ./shared { inherit config; }; }
+ { krebs = import ./tv { inherit config; }; }
{
krebs.dns.providers = {
"krebsco.de" = "zones";
@@ -130,7 +130,9 @@ let
shorts = let s = ".${cfg.search-domain}"; in
map (removeSuffix s) (filter (hasSuffix s) longs);
in
- map (addr: "${addr} ${toString aliases}") net.addrs
+ optionals
+ (aliases != [])
+ (map (addr: "${addr} ${toString aliases}") net.addrs)
) (filterAttrs (name: host: host.aliases != []) host.nets)
) cfg.hosts
));
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index ad1221e8e..5af1e37cd 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, ... }:
with import <stockholm/lib>;
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 7317e0b60..ff187b878 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, ... }:
with import <stockholm/lib>;
diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix
index 50cf72ef9..0779feede 100644
--- a/krebs/3modules/os-release.nix
+++ b/krebs/3modules/os-release.nix
@@ -13,7 +13,7 @@ let
version-id = "${stockholm-version-id}/${nixos-version-id}";
pretty-name = "${stockholm-pretty-name} / ${nixos-pretty-name}";
- home-url = http://cgit.cd.krebsco.de/stockholm;
+ home-url = http://cgit.ni.krebsco.de/stockholm;
in
{
# http://0pointer.de/public/systemd-man/os-release.html
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix
index fddaed9e3..0a3d7ed2f 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/retiolum.nix
@@ -79,6 +79,15 @@ let
'';
};
+ hostsArchive = mkOption {
+ type = types.package;
+ default = pkgs.runCommand "retiolum-hosts.tar.bz2" {} ''
+ ${pkgs.coreutils}/bin/ln -s ${tinc.config.hostsPackage} hosts
+ ${pkgs.gnutar}/bin/tar -hcjf $out hosts
+ '';
+ readOnly = true;
+ };
+
hostsPackage = mkOption {
type = types.package;
default = pkgs.stdenv.mkDerivation {
@@ -125,7 +134,11 @@ let
connectTo = mkOption {
type = types.listOf types.str;
- default = [ "fastpoke" "cd" "prism" "gum" ];
+ ${if tinc.config.netname == "retiolum" then "default" else null} = [
+ "gum"
+ "ni"
+ "prism"
+ ];
description = ''
The list of hosts in the network which the client will try to connect
to. These hosts should have an 'Address' configured which points to a
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index 0e7535e6c..8e266e1b3 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -78,11 +78,7 @@ with import <stockholm/lib>;
extraZones = {
# TODO generate krebsco.de zone from nets and don't use extraZones at all
"krebsco.de" = ''
- krebsco.de. 60 IN MX 5 mx23
- mx23 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
- cgit 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
- cgit.cd 60 IN A ${config.krebs.hosts.cd.nets.internet.ip4.addr}
'';
};
nets = {
@@ -90,11 +86,7 @@ with import <stockholm/lib>;
ip4.addr = "45.62.237.203";
aliases = [
"cd.i"
- "cd.internet"
"cd.krebsco.de"
- "cgit.cd.krebsco.de"
- "cd.viljetic.de"
- "cgit.cd.viljetic.de"
];
ssh.port = 11423;
};
@@ -218,6 +210,53 @@ with import <stockholm/lib>;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1vJsAddvxMA84u9iJEOrIkKn7pQiemMbfW5cfK1d7g root@mu";
};
+ ni = {
+ extraZones = {
+ "krebsco.de" = ''
+ krebsco.de. 60 IN MX 5 ni
+ ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
+ cgit 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
+ cgit.ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr}
+ '';
+ };
+ nets = {
+ internet = {
+ ip4.addr = "188.68.36.196";
+ aliases = [
+ "cgit.ni.i"
+ "ni.i"
+ ];
+ ssh.port = 11423;
+ };
+ retiolum = {
+ via = config.krebs.hosts.ni.nets.internet;
+ ip4.addr = "10.243.113.223";
+ ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af4";
+ aliases = [
+ "ni.r"
+ "ni.retiolum"
+ "cgit.ni.r"
+ "cgit.ni.retiolum"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEA7NHuW8eLVhpBfL70WwcSGVmv4dijKLJs5cH/BmqK8zN2lpiLKt12
+ bhaE1YEhGoGma7Kef1Fa0V9xUkJy6C1+sVlfWp/LeY8VRSX5E3u36TEl6kl/4zu6
+ Ea/44BoGUSOC9ImxVEX51czA10PFjUSrGFyK0oaRlKNsTwwpNiBOY7/6i74bhn59
+ OIsySRUBd2QPjYhJkiuc7gltVfwt6wteZh8R4w2rluVGYLQPsmN/XEWgJbhzI4im
+ W+3/bdewHVF1soZWtdocPLeXTn5HETX5g8p2V3bwYL37oIwkCcYxOeQtT7W+lNJ2
+ NvIiVh4Phojl4dBUgUQGT0NApMnsaG/4LJpSC4AGiqbsznBdSPhepob7zJggPnWY
+ nfAs+YrUUZp1wovhSgWfYTRglRuyYvWkoGbq411H1efawyZ0gcMr+HQlSn2keQOv
+ lbcvdgOAxQiEcPVixPq3mTeKaSxWyIJGFceuqtnILGifRNvViX0uo9g5rLQ41PrJ
+ 9F3azz3gD2Uh73j5pvLU72cge7p1a7epPYWTJYf8oc5JcI3nYTKpSqH8IYaWUjv9
+ q0NwOYFDhYtUcTwdbUNl/tUWKyBcovIe7f40723pHSijiPV2WDZC2M/mOc3dvWKF
+ Mf00uin+7uMuKtnG6+1z5nKb/AWrqN1RZu0rnG/IkZPKwa19HYsYcOkCAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGDdcKwFm6udU0/x6XGGb87k9py0VlrxF54HeYu9Izb";
+ };
nomic = {
cores = 2;
nets = {
diff --git a/krebs/5pkgs/cac-api/default.nix b/krebs/5pkgs/cac-api/default.nix
index 85a906e1d..e2bd8c148 100644
--- a/krebs/5pkgs/cac-api/default.nix
+++ b/krebs/5pkgs/cac-api/default.nix
@@ -4,7 +4,7 @@ stdenv.mkDerivation {
name = "cac-api-1.1.2";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/cac-api;
+ url = http://cgit.ni.krebsco.de/cac-api;
rev = "67e93510e7742acae44db30275abbfe671aa9b7b";
sha256 = "1vxh57j7vrq5sg9j1sam0538kkkhqpgf230vvdz2ifzgkj01z27l";
};
diff --git a/krebs/5pkgs/get/default.nix b/krebs/5pkgs/get/default.nix
index 7dda86601..83f6b0228 100644
--- a/krebs/5pkgs/get/default.nix
+++ b/krebs/5pkgs/get/default.nix
@@ -4,7 +4,7 @@ stdenv.mkDerivation {
name = "get-1.4.1";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/get;
+ url = http://cgit.ni.krebsco.de/get;
rev = "41c0c35805ec1708729f73d14650d8ebc94a405b";
sha256 = "0rx1qsbb4py14795yhhqwlvaibj2569fqm7x2671l868xi59h9f9";
};
diff --git a/krebs/5pkgs/github-hosts-sync/default.nix b/krebs/5pkgs/github-hosts-sync/default.nix
index 0dcbe7fd8..bc4c58bb0 100644
--- a/krebs/5pkgs/github-hosts-sync/default.nix
+++ b/krebs/5pkgs/github-hosts-sync/default.nix
@@ -1,13 +1,9 @@
-{ stdenv, fetchgit, pkgs, ... }:
+{ pkgs, stdenv, ... }:
stdenv.mkDerivation {
name = "github-hosts-sync";
- src = fetchgit {
- url = https://github.com/krebscode/painload;
- rev = "35ccac73d563ad30d2851b9aeed4cfef69ff74e3";
- sha256 = "1y1fs2p3xj2yrqpw0h5kd0f3c5p1y70xk1hjnw99sr33r67s9c35";
- };
+ src = pkgs.painload;
phases = [
"unpackPhase"
diff --git a/krebs/5pkgs/haskell-overrides/blessings.nix b/krebs/5pkgs/haskell-overrides/blessings.nix
index ba776b352..5fb57a332 100644
--- a/krebs/5pkgs/haskell-overrides/blessings.nix
+++ b/krebs/5pkgs/haskell-overrides/blessings.nix
@@ -3,7 +3,7 @@ mkDerivation {
pname = "blessings";
version = "1.0.0";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/blessings;
+ url = http://cgit.ni.krebsco.de/blessings;
rev = "25a510dcb38ea9158e9969d56eb66cb1b860ab5f";
sha256 = "0xg329h1y68ndg4w3m1jp38pkg3gqg7r19q70gqqj4mswb6qcrqc";
};
diff --git a/krebs/5pkgs/haskell-overrides/hyphenation.nix b/krebs/5pkgs/haskell-overrides/hyphenation.nix
new file mode 100644
index 000000000..6e5fe9455
--- /dev/null
+++ b/krebs/5pkgs/haskell-overrides/hyphenation.nix
@@ -0,0 +1,17 @@
+# Same as upstream but with doCheck = false because doctest has wrong version.
+{ mkDerivation, base, bytestring, containers, directory
+, filepath, unordered-containers, zlib, stdenv
+}:
+mkDerivation {
+ pname = "hyphenation";
+ version = "0.6";
+ sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7";
+ libraryHaskellDepends = [
+ base bytestring containers unordered-containers zlib
+ ];
+ homepage = "http://github.com/ekmett/hyphenation";
+ description = "Configurable Knuth-Liang hyphenation";
+ license = stdenv.lib.licenses.bsd3;
+ hydraPlatforms = stdenv.lib.platforms.none;
+ doCheck = false;
+}
diff --git a/krebs/5pkgs/haskell-overrides/scanner.nix b/krebs/5pkgs/haskell-overrides/scanner.nix
index 5146fa41d..071fd757f 100644
--- a/krebs/5pkgs/haskell-overrides/scanner.nix
+++ b/krebs/5pkgs/haskell-overrides/scanner.nix
@@ -3,7 +3,7 @@ mkDerivation {
pname = "scanner";
version = "1.0.0";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/scanner;
+ url = http://cgit.ni.krebsco.de/scanner;
rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad";
sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn";
};
diff --git a/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix b/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix
index 12eab943d..bf19e7d66 100644
--- a/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix
+++ b/krebs/5pkgs/haskell-overrides/xmonad-stockholm.nix
@@ -5,7 +5,7 @@ mkDerivation {
pname = "xmonad-stockholm";
version = "1.1.0";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/xmonad-stockholm;
+ url = http://cgit.ni.krebsco.de/xmonad-stockholm;
rev = "179d29fd4c765dee698058ef63295331ac603639";
sha256 = "0c6mj68xsxxr4j8adkzhjszi7bg6cpisrsmqn587a16sblpbrnkj";
};
diff --git a/krebs/5pkgs/much/default.nix b/krebs/5pkgs/much/default.nix
index 61a58b01b..aa3c56fe0 100644
--- a/krebs/5pkgs/much/default.nix
+++ b/krebs/5pkgs/much/default.nix
@@ -12,7 +12,7 @@ mkDerivation {
pname = "much";
version = "1.0.0";
src = fetchgit {
- url = "http://cgit.cd.krebsco.de/much";
+ url = "http://cgit.ni.krebsco.de/much";
rev = "045dc986b4de225a927175f81c8ccfdab450202c";
sha256 = "17jbw7x82a3bgn1qv5k764f103knrf865dmx48h7192vdh8gz766";
};
diff --git a/krebs/5pkgs/painload/default.nix b/krebs/5pkgs/painload/default.nix
new file mode 100644
index 000000000..10fd379c0
--- /dev/null
+++ b/krebs/5pkgs/painload/default.nix
@@ -0,0 +1,7 @@
+{ fetchgit, ... }:
+
+fetchgit {
+ url = https://github.com/krebscode/painload;
+ rev = "8df031f810a2776d8c43b03a9793cb49398bd33b";
+ sha256 = "03md5k6fmz0j1ny22iw96dzq7cvijbz24ii85i0h2dhcychdp650";
+}
diff --git a/krebs/5pkgs/populate/default.nix b/krebs/5pkgs/populate/default.nix
index dc5750bda..3ec432229 100644
--- a/krebs/5pkgs/populate/default.nix
+++ b/krebs/5pkgs/populate/default.nix
@@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
version = "1.2.0";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/populate;
+ url = http://cgit.ni.krebsco.de/populate;
rev = "refs/tags/v${version}";
sha256 = "0q3110hkkxn9bc3a63xbx1hyd1fpzz4wrck4lng3j5a9i1y1jm07";
};
diff --git a/krebs/5pkgs/push/default.nix b/krebs/5pkgs/push/default.nix
index 9a627fe36..2e0291aac 100644
--- a/krebs/5pkgs/push/default.nix
+++ b/krebs/5pkgs/push/default.nix
@@ -13,7 +13,7 @@ stdenv.mkDerivation {
name = "push-1.1.2";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/push;
+ url = http://cgit.ni.krebsco.de/push;
rev = "da5b3a4b05ef822cc41d36b6cc2071a2e78506d4";
sha256 = "0gfxz207lm11g77rw02jcqpvzhx07j9hzgjgscbmslzl5r8icd6g";
};
diff --git a/krebs/5pkgs/with-tmpdir/default.nix b/krebs/5pkgs/with-tmpdir/default.nix
index 517e46310..9862671f8 100644
--- a/krebs/5pkgs/with-tmpdir/default.nix
+++ b/krebs/5pkgs/with-tmpdir/default.nix
@@ -4,7 +4,7 @@ stdenv.mkDerivation {
name = "with-tmpdir-1";
src = fetchgit {
- url = http://cgit.cd.krebsco.de/with-tmpdir;
+ url = http://cgit.ni.krebsco.de/with-tmpdir;
rev = "3243c02ed8cd27a04c080bd39560204980f6c16a";
sha256 = "80ee6cafb2c337999ddcd1e41747d6256b7cfcea605358c2046eb7e3729555c6";
};
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 5da66d265..555e7fe1a 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -229,6 +229,9 @@ in {
enable = true;
};
}
+ {
+ virtualisation.libvirtd.enable = true;
+ }
];
krebs.build.host = config.krebs.hosts.prism;
diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix
index 9d1df1d72..095898380 100644
--- a/lass/1systems/shodan.nix
+++ b/lass/1systems/shodan.nix
@@ -75,6 +75,10 @@ with import <stockholm/lib>;
fsType = "tmpfs";
options = ["nosuid" "nodev" "noatime"];
};
+ "/bku" = {
+ device = "/dev/pool/bku";
+ fsType = "ext4";
+ };
};
services.udev.extraRules = ''
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index 00911cf9e..cf3354fd7 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -25,20 +25,6 @@ in {
pollinterval=120))
'';
scheduler = {
- force-scheduler = ''
- sched.append(schedulers.ForceScheduler(
- name="force",
- builderNames=["fast-tests"]))
- '';
- fast-tests-scheduler = ''
- # test everything real quick
- sched.append(schedulers.SingleBranchScheduler(
- ## all branches
- change_filter=util.ChangeFilter(branch_re=".*"),
- treeStableTimer=10,
- name="fast-all-branches",
- builderNames=["fast-tests"]))
- '';
build-scheduler = ''
# build all hosts
sched.append(schedulers.SingleBranchScheduler(
@@ -113,43 +99,6 @@ in {
'';
- fast-tests = ''
- f = util.BuildFactory()
- f.addStep(grab_repo)
- for i in [ "mors", "uriel", "shodan", "helios", "cloudkrebs", "echelon", "dishfire", "prism" ]:
- addShell(f,name="build-{}".format(i),env=env_lass,
- command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=eval \
- system={}".format(i)])
-
- for i in [ "x", "wry", "vbob", "wbob", "shoney" ]:
- addShell(f,name="build-{}".format(i),env=env_makefu,
- command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=eval \
- system={}".format(i)])
-
- for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf" ]:
- addShell(f,name="build-{}".format(i),env=env_shared,
- command=nixshell + \
- ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \
- make \
- test \
- target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \
- method=eval \
- system={}".format(i)])
-
- bu.append(util.BuilderConfig(name="fast-tests",
- slavenames=slavenames,
- factory=f))
- '';
build-pkgs = ''
f = util.BuildFactory()
f.addStep(grab_repo)
@@ -212,7 +161,7 @@ in {
irc = {
enable = true;
nick = "buildbot-lass";
- server = "cd.retiolum";
+ server = "ni.r";
channels = [ { channels = "retiolum"; } ];
allowForce = true;
};
diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix
index 06cae734e..57950e1b7 100644
--- a/lass/2configs/git.nix
+++ b/lass/2configs/git.nix
@@ -54,7 +54,7 @@ let
# TODO make nick = config.krebs.build.host.name the default
nick = config.krebs.build.host.name;
channel = "#retiolum";
- server = "cd.retiolum";
+ server = "ni.r";
verbose = config.krebs.build.host.name == "prism";
branches = [ "master" ];
};
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index f2e4de6a7..baa4bb380 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -15,7 +15,7 @@ let
nick = config.networking.hostName;
verbose = false;
channel = "#retiolum";
- server = "cd.retiolum";
+ server = "ni.r";
branches = [ "newest" ];
};
});
@@ -41,7 +41,7 @@ let
mirror.url = "${mirror}${name}";
};
tv = {
- origin.url = "http://cgit.cd/${name}";
+ origin.url = "http://cgit.ni.i/${name}";
mirror.url = "${mirror}${name}";
};
lassulus = {
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index fa56d0e12..2a6df06ff 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -103,27 +103,6 @@ in {
"o_ubikmedia_de"
];
- krebs.backup.plans = {
- prism-sql-domsen = {
- method = "push";
- src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
- dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-sql"; };
- startAt = "00:01";
- };
- prism-http-domsen = {
- method = "push";
- src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
- dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-http"; };
- startAt = "00:10";
- };
- prism-o-ubikmedia-domsen = {
- method = "push";
- src = { host = config.krebs.hosts.prism; path = "/srv/o.ubikmedia.de-data"; };
- dst = { host = config.krebs.hosts.domsen-nas; path = "/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES/prism-owncloud"; };
- startAt = "00:30";
- };
- };
-
services.phpfpm.phpOptions = ''
sendmail_path = ${sendmail} -t
upload_max_filesize = 100M
diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index b8342e148..29374e97d 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -37,6 +37,31 @@ in {
};
};
+ krebs.tinc_graphs.enable = true;
+
+ users.users.lass-stuff = {
+ uid = genid "lass-stuff";
+ description = "lassul.us blog cgi stuff";
+ home = "/var/empty";
+ };
+
+ services.phpfpm.poolConfigs."lass-stuff" = ''
+ listen = /var/run/lass-stuff.socket
+ user = lass-stuff
+ group = nginx
+ pm = dynamic
+ pm.max_children = 5
+ pm.start_servers = 1
+ pm.min_spare_servers = 1
+ pm.max_spare_servers = 1
+ listen.owner = lass-stuff
+ listen.group = nginx
+ php_admin_value[error_log] = 'stderr'
+ php_admin_flag[log_errors] = on
+ catch_workers_output = yes
+ security.limit_extensions =
+ '';
+
users.groups.lasscert.members = [
"dovecot2"
"ejabberd"
@@ -53,6 +78,28 @@ in {
(nameValuePair "/.well-known/acme-challenge" ''</