diff options
38 files changed, 123 insertions, 82 deletions
diff --git a/kartei/default.nix b/kartei/default.nix index 046efdd7b..7624807a0 100644 --- a/kartei/default.nix +++ b/kartei/default.nix @@ -1,15 +1,15 @@ -{ config, lib, ... }: let +{ lib, ... }@arg: let removeTemplate = # TODO don't remove during CI lib.flip builtins.removeAttrs ["template"]; in { - config = - lib.mkMerge + imports = (lib.mapAttrsToList (name: _type: let path = ./. + "/${name}"; in { - krebs = import path { inherit config lib; }; + _file = toString path; + krebs = import path arg; }) (removeTemplate (lib.filterAttrs diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index e81bdd32b..848646510 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -1,29 +1,22 @@ -{ config, lib, ... }@attrs: let - inherit (builtins) - getAttr head mapAttrs match pathExists readDir readFile typeOf; - inherit (lib) - const hasAttrByPath mapAttrs' mkDefault mkIf optionalAttrs removeSuffix - toList; - slib = import ../../lib/pure.nix { inherit lib; }; +{ config, lib, ... }: let + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); + + extend = x: f: { + lambda = lib.recursiveUpdate x (f x); + set = lib.recursiveUpdate x f; + }.${builtins.typeOf f}; in { dns.providers = { "viljetic.de" = "regfish"; }; hosts = - mapAttrs - (hostName: hostFile: let - hostSource = import hostFile; - hostConfig = getAttr (typeOf hostSource) { - lambda = hostSource attrs; - set = hostSource; - }; - in slib.evalSubmodule slib.types.host [ - hostConfig + builtins.mapAttrs + (hostName: lib.flip (builtins.foldl' extend) [ { name = hostName; owner = config.krebs.users.tv; } - (optionalAttrs (hasAttrByPath ["nets" "retiolum"] hostConfig) { + (hostConfig: lib.optionalAttrs (lib.hasAttrByPath ["nets" "retiolum"] hostConfig) { nets.retiolum = { ip6.addr = (slib.krebs.genipv6 "retiolum" "tv" { inherit hostName; }).address; @@ -31,29 +24,31 @@ in { }) (let pubkey-path = ./wiregrill + "/${hostName}.pub"; - in optionalAttrs (pathExists pubkey-path) { + in lib.optionalAttrs (builtins.pathExists pubkey-path) { nets.wiregrill = { aliases = [ "${hostName}.w" ]; ip6.addr = (slib.krebs.genipv6 "wiregrill" "tv" { inherit hostName; }).address; - wireguard.pubkey = readFile pubkey-path; + wireguard.pubkey = builtins.readFile pubkey-path; }; }) - (host: mkIf (host.config.ssh.pubkey != null) { - ssh.privkey = mapAttrs (const mkDefault) { - path = "${config.krebs.secret.directory}/ssh.id_${host.config.ssh.privkey.type}"; - type = head (toList (builtins.match "ssh-([^ ]+) .*" host.config.ssh.pubkey)); + (hostConfig: lib.optionalAttrs (hostConfig.ssh.pubkey or null != null) { + ssh.privkey = builtins.mapAttrs (lib.const lib.mkDefault) rec { + path = "${config.krebs.secret.directory}/ssh.id_${type}"; + type = builtins.head (lib.toList (builtins.match "ssh-([^ ]+) .*" hostConfig.ssh.pubkey)); }; }) ]) - (mapAttrs' + (lib.mapAttrs' (name: type: { - name = removeSuffix ".nix" name; - value = ./hosts + "/${name}"; + name = lib.removeSuffix ".nix" name; + value = lib.toFunction (import (./hosts + "/${name}")) { + inherit config lib slib; + }; }) - (readDir ./hosts)); + (builtins.readDir ./hosts)); sitemap = { "http://cgit.krebsco.de" = { desc = "Git repositories"; @@ -70,21 +65,21 @@ in { }; mv-ni = { mail = "mv@ni.r"; - pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod"; + pubkey = builtins.readFile (./ssh + "/mv@vod.id_ed25519.pub"); }; tv = { mail = "tv@nomic.r"; - pgp.pubkeys.default = readFile ./pgp/CBF89B0B.asc; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDFR//RnCvEZAt0F6ExDsatKZ/DDdifanuSL360mqOhaFieKI34RoOwfQT9T+Ga52Vh5V2La6esvlph686EdgzeKLvDoxEwFM9ZYFBcMrNzu4bMTlgE7YUYw5JiORyXNfznBGnme6qpuvx9ibYhUyiZo99kM8ys5YrUHrP2JXQJMezDFZHxT4GFMOuSdh/1daGoKKD6hYL/jEHX8CI4E3BSmKK6ygYr1fVX0K0Tv77lIi5mLXucjR7CytWYWYnhM6DC3Hxpv2zRkPgf3k0x/Y1hrw3V/r0Me5h90pd2C8pFaWA2ZoUT/fmyVqvx1tZPYToU/O2dMItY0zgx2kR0yD+6g7Aahz3R+KlXkV8k5c8bbTbfGnZWDR1ZlbLRM9Yt5vosfwapUD90MmVkpmR3wUkO2sUKi80QfC7b4KvSDXQ+MImbGxMaU5Bnsq1PqLN95q+uat3nlAVBAELkcx51FlE9CaIS65y4J7FEDg8BE5JeuCNshh62VSYRXVSFt8bk3f/TFGgzC8OIo14BhVmiRQQ503Z1sROyf5xLX2a/EJavMm1i2Bs2TH6ROKY9z5Pz8hT5US0r381V8oG7TZyLF9HTtoy3wCYsgWA5EmLanjAsVU2YEeAA0rxzdtYP8Y2okFiJ6u+M4HQZ3Wg3peSodyp3vxdYce2vk4EKeqEFuuS82850DYb7Et7fmp+wQQUT8Q/bMO0DreWjHoMM5lE4LJ4ME6AxksmMiFtfo/4Fe2q9D+LAqZ+ANOcv9M+8Rn6ngiYmuRNd0l/a02q1PEvO6vTfXgcl4f7Z1IULHPEaDNZHCJS1K5RXYFqYQ6OHsTmOm7hnwaRAS97+VFMo1i5uvTx9nYaAcY7yzq3Ckfb67dMBKApGOpJpkvPgfrP7bgBO5rOZXM1opXqVPb09nljAhhAhyCTh1e/8+mJrBo0cLQ/LupQzVxGDgm3awSMPxsZAN45PSWz76zzxdDa1MMo51do+VJHfs7Wl0NcXAQrniOBYL9Wqt0qNkn1gY5smkkISGeQ/vxNap4MmzeZE7b5fpOy+2fpcRVQLpc4nooQzJvSVTFz+25lgZ6iHf45K87gQFMIAri1Pf/EDDpL87az+bRWvWi+BA2kMe1kf+Ay1LyMz8r+g51H0ma0bNFh6+fbWMfUiD9JCepIObclnUJ4NlWfcgHxTf17d/4tl6z4DTcLpCCk8Da77JouSHgvtcRbRlFV1OfhWZLXUsrlfpaQTiItv6TGIr3k7+7b66o3Qw/GQVs5GmYifaIZIz8n8my4XjkaMBd0SZfBzzvFjHMq6YUP9+SbjvReqofuoO+5tW1wTYZXitFFBfwuHlXm6w77K5QDBW6olT7pat41/F5eGxLcz tv@wu"; + pgp.pubkeys.default = builtins.readFile ./pgp/CBF89B0B.asc; + pubkey = builtins.readFile (./ssh + "/tv@wu.id_rsa.pub"); uid = 1337; # TODO use default and document what has to be done (for vv) }; tv-nomic = { inherit (config.krebs.users.tv) mail; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3dYR/n4Yw8OsYmfR2rSUG7o10G6AqOlSJHuHSEmANbMkqjiWl1TnpORtt5bAktyAGI4vWf9vhNEnxuIqGXWSV+3yCd7yfBHR1m0Y9QSw6blQ0xc1venl3JU0kpEyJfUn8a9cdXlnRiS0MP1gcsN7Zk8cqBELJYJajkSEnsT4eVaU5/wdnyzUO1fk8D8tFBJbF/tsWDLJPu4P18rpxq4wZgA2qmyHoVDEVlrz2OYcziXT6gpG0JGnToteaNg9ok5QavEYFpp8P+k1AacrBjc1PAb4MaMX1nfkSyaZwSqLdH35XkNRgPhVVmqZ5PlG3VeNpPSwpdcKi8P3zH1xG9g6Usx1SAyvcoAyGHdOwmFuA2tc1HgYEiQ+OsPrHZHujBOOZsKTN9+IZHScCAe+UmUcK413WEZKPs8PeFjf1gQAoDXb55JpksxLAnC/SQOl4FhkctIAXxr12ALlyt9UFPzIoj/Nj2MpFzGSlf653fTFmnMbQ8+GICc4TUpqx5GELZhfQuprBTv/55a9zKvM4B8XT3Bn9olQzMQIXEjXb3WUVFDDNWeNydToorYn1wG3ZWQ+3f0IlqRicWO7Q9BRj1Lp5rcUCb+naJ48tGY6HFUZ1Kz/0x458GDFvUd8mCJjqqmeSkUEeZd0xet5tVFg/bYoSslEqPF6pz7V3ruJMSdYxnQ== tv@nomic #2"; + pubkey = builtins.readFile (./ssh + "/tv@nomic.id_rsa.pub"); }; tv-xu = { inherit (config.krebs.users.tv) mail; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/3nkqxe8YrDVt615n96A7iC3vvwsiqgpsBYC/bhwfBHu1bAtBmTWVqSKDIdwg7p8TQpIKtAgZ3IJT3BlrnVTeR4RIviLjHjYWW1NBhm+nXi+heThgi5fLciE3lVLVsy5X9Kc1ZPLgLa1In0REOanwbueOD0ESN1yKIDwUUdczw/o3dLDMzanqFHKuSSN4o9Ex2x+MRj9eLsb706s4VSYMo3lirRCJeAOGv1C7Xg1cuepdhIeJsq9aF7vSy15c0nCkWwr8zdY7pbMPYCe5zvIEymZ0UowZ5HQ3NmIZnYDxa4E1PFjDczHdQbVmmGMI80grNwMsHzQ6bynHSPXDoLf4WodXlhS0+9Ju5QavDT6uqZ9uhDBuWC8QNgWUMIJnEaTBFyA0OI1akl8Q2RLC+qnNf5IwItSq+GDwEsB2ZJNW3kOk1kNiCUrBafRYpPaFeP97wzzP4uYlBKAr2SOLrrkf7NFEdw2ihxhDMNnps/ErRJ8U0zdpmalw8mItGyqRULpHjk/wN00rYOdBIhW3G3QJuVgtGnWtGCBG5x70EfMiSEXPD3YSsVVsgKD+v8qr+YiilRRD+N3gaHhiOWA6HgxRNul/P4llk0ktTpb9LoHk2+oooTH5ZuuT/8yF8J4stZt7EIOH+mSOAXG1z0BwnEkQu7pVKwu/oOZpGJTvBrGwww== tv@xu"; + pubkey = builtins.readFile (./ssh + "/tv@xu.id_rsa.pub"); }; vv = { mail = "vv@mu.r"; diff --git a/kartei/tv/hosts/ne.nix b/kartei/tv/hosts/ne.nix new file mode 100644 index 000000000..584d7c433 --- /dev/null +++ b/kartei/tv/hosts/ne.nix @@ -0,0 +1,39 @@ +{ config, ... }: { + extraZones = { + "krebsco.de" = '' + @ 60 IN MX 5 ne + ne 60 IN A ${config.krebs.hosts.ne.nets.internet.ip4.addr} + ne 60 IN AAAA ${config.krebs.hosts.ne.nets.internet.ip6.addr} + tv 300 IN NS ne + ''; + }; + nets = { + internet = { + aliases = [ + "ne.i" + ]; + ip4 = { + addr = "159.195.31.38"; + }; + ip6 = { + addr = "2a0a:4cc0:c1:5eb0::1"; + prefixLength = 64; + }; + ssh.port = 11423; + }; + mycelium = { + aliases = [ + "ne.m" + ]; + ip6.addr = "45f:fa21:4bdd:a758:8091:947d:fe84:fac3"; + }; + retiolum = { + aliases = [ + "ne.r" + ]; + }; + wiregrill = { + ip4.addr = "10.244.3.2"; + }; + }; +} diff --git a/kartei/tv/hosts/ni.nix b/kartei/tv/hosts/ni.nix index d64874d9c..3e3d81c37 100644 --- a/kartei/tv/hosts/ni.nix +++ b/kartei/tv/hosts/ni.nix @@ -1,6 +1,4 @@ -{ config, lib, ... }: let - slib = import ../../../lib/pure.nix { inherit lib; }; -in { +{ config, lib, slib, ... }: { extraZones = { "krebsco.de" = '' ni 60 IN A ${config.krebs.hosts.ni.nets.internet.ip4.addr} @@ -18,13 +16,12 @@ in { }; nets = { internet = { - ip4 = rec { + ip4 = { addr = "185.162.251.237"; - prefix = "${addr}/32"; }; - ip6 = rec { + ip6 = { addr = "2a03:4000:1a:cf::1"; - prefix = "${addr}/64"; + prefixLength = 64; }; aliases = [ "ni.i" diff --git a/kartei/tv/ssh/mv@vod.id_ed25519.pub b/kartei/tv/ssh/mv@vod.id_ed25519.pub new file mode 100644 index 000000000..7b7d2e260 --- /dev/null +++ b/kartei/tv/ssh/mv@vod.id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGer9e2+Lew7vnisgBbsFNECEIkpNJgEaqQqgb9inWkQ mv@vod diff --git a/kartei/tv/ssh/tv@nomic.id_rsa.pub b/kartei/tv/ssh/tv@nomic.id_rsa.pub new file mode 100644 index 000000000..519beb0e6 --- /dev/null +++ b/kartei/tv/ssh/tv@nomic.id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3dYR/n4Yw8OsYmfR2rSUG7o10G6AqOlSJHuHSEmANbMkqjiWl1TnpORtt5bAktyAGI4vWf9vhNEnxuIqGXWSV+3yCd7yfBHR1m0Y9QSw6blQ0xc1venl3JU0kpEyJfUn8a9cdXlnRiS0MP1gcsN7Zk8cqBELJYJajkSEnsT4eVaU5/wdnyzUO1fk8D8tFBJbF/tsWDLJPu4P18rpxq4wZgA2qmyHoVDEVlrz2OYcziXT6gpG0JGnToteaNg9ok5QavEYFpp8P+k1AacrBjc1PAb4MaMX1nfkSyaZwSqLdH35XkNRgPhVVmqZ5PlG3VeNpPSwpdcKi8P3zH1xG9g6Usx1SAyvcoAyGHdOwmFuA2tc1HgYEiQ+OsPrHZHujBOOZsKTN9+IZHScCAe+UmUcK413WEZKPs8PeFjf1gQAoDXb55JpksxLAnC/SQOl4FhkctIAXxr12ALlyt9UFPzIoj/Nj2MpFzGSlf653fTFmnMbQ8+GICc4TUpqx5GELZhfQuprBTv/55a9zKvM4B8XT3Bn9olQzMQIXEjXb3WUVFDDNWeNydToorYn1wG3ZWQ+3f0IlqRicWO7Q9BRj1Lp5rcUCb+naJ48tGY6HFUZ1Kz/0x458GDFvUd8mCJjqqmeSkUEeZd0xet5tVFg/bYoSslEqPF6pz7V3ruJMSdYxnQ== tv@nomic #2 diff --git a/kartei/tv/ssh/tv@wu.id_rsa.pub b/kartei/tv/ssh/tv@wu.id_rsa.pub new file mode 100644 index 000000000..b6e2634e8 --- /dev/null +++ b/kartei/tv/ssh/tv@wu.id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDFR//RnCvEZAt0F6ExDsatKZ/DDdifanuSL360mqOhaFieKI34RoOwfQT9T+Ga52Vh5V2La6esvlph686EdgzeKLvDoxEwFM9ZYFBcMrNzu4bMTlgE7YUYw5JiORyXNfznBGnme6qpuvx9ibYhUyiZo99kM8ys5YrUHrP2JXQJMezDFZHxT4GFMOuSdh/1daGoKKD6hYL/jEHX8CI4E3BSmKK6ygYr1fVX0K0Tv77lIi5mLXucjR7CytWYWYnhM6DC3Hxpv2zRkPgf3k0x/Y1hrw3V/r0Me5h90pd2C8pFaWA2ZoUT/fmyVqvx1tZPYToU/O2dMItY0zgx2kR0yD+6g7Aahz3R+KlXkV8k5c8bbTbfGnZWDR1ZlbLRM9Yt5vosfwapUD90MmVkpmR3wUkO2sUKi80QfC7b4KvSDXQ+MImbGxMaU5Bnsq1PqLN95q+uat3nlAVBAELkcx51FlE9CaIS65y4J7FEDg8BE5JeuCNshh62VSYRXVSFt8bk3f/TFGgzC8OIo14BhVmiRQQ503Z1sROyf5xLX2a/EJavMm1i2Bs2TH6ROKY9z5Pz8hT5US0r381V8oG7TZyLF9HTtoy3wCYsgWA5EmLanjAsVU2YEeAA0rxzdtYP8Y2okFiJ6u+M4HQZ3Wg3peSodyp3vxdYce2vk4EKeqEFuuS82850DYb7Et7fmp+wQQUT8Q/bMO0DreWjHoMM5lE4LJ4ME6AxksmMiFtfo/4Fe2q9D+LAqZ+ANOcv9M+8Rn6ngiYmuRNd0l/a02q1PEvO6vTfXgcl4f7Z1IULHPEaDNZHCJS1K5RXYFqYQ6OHsTmOm7hnwaRAS97+VFMo1i5uvTx9nYaAcY7yzq3Ckfb67dMBKApGOpJpkvPgfrP7bgBO5rOZXM1opXqVPb09nljAhhAhyCTh1e/8+mJrBo0cLQ/LupQzVxGDgm3awSMPxsZAN45PSWz76zzxdDa1MMo51do+VJHfs7Wl0NcXAQrniOBYL9Wqt0qNkn1gY5smkkISGeQ/vxNap4MmzeZE7b5fpOy+2fpcRVQLpc4nooQzJvSVTFz+25lgZ6iHf45K87gQFMIAri1Pf/EDDpL87az+bRWvWi+BA2kMe1kf+Ay1LyMz8r+g51H0ma0bNFh6+fbWMfUiD9JCepIObclnUJ4NlWfcgHxTf17d/4tl6z4DTcLpCCk8Da77JouSHgvtcRbRlFV1OfhWZLXUsrlfpaQTiItv6TGIr3k7+7b66o3Qw/GQVs5GmYifaIZIz8n8my4XjkaMBd0SZfBzzvFjHMq6YUP9+SbjvReqofuoO+5tW1wTYZXitFFBfwuHlXm6w77K5QDBW6olT7pat41/F5eGxLcz tv@wu diff --git a/kartei/tv/ssh/tv@xu.id_rsa.pub b/kartei/tv/ssh/tv@xu.id_rsa.pub new file mode 100644 index 000000000..76d4f6962 --- /dev/null +++ b/kartei/tv/ssh/tv@xu.id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/3nkqxe8YrDVt615n96A7iC3vvwsiqgpsBYC/bhwfBHu1bAtBmTWVqSKDIdwg7p8TQpIKtAgZ3IJT3BlrnVTeR4RIviLjHjYWW1NBhm+nXi+heThgi5fLciE3lVLVsy5X9Kc1ZPLgLa1In0REOanwbueOD0ESN1yKIDwUUdczw/o3dLDMzanqFHKuSSN4o9Ex2x+MRj9eLsb706s4VSYMo3lirRCJeAOGv1C7Xg1cuepdhIeJsq9aF7vSy15c0nCkWwr8zdY7pbMPYCe5zvIEymZ0UowZ5HQ3NmIZnYDxa4E1PFjDczHdQbVmmGMI80grNwMsHzQ6bynHSPXDoLf4WodXlhS0+9Ju5QavDT6uqZ9uhDBuWC8QNgWUMIJnEaTBFyA0OI1akl8Q2RLC+qnNf5IwItSq+GDwEsB2ZJNW3kOk1kNiCUrBafRYpPaFeP97wzzP4uYlBKAr2SOLrrkf7NFEdw2ihxhDMNnps/ErRJ8U0zdpmalw8mItGyqRULpHjk/wN00rYOdBIhW3G3QJuVgtGnWtGCBG5x70EfMiSEXPD3YSsVVsgKD+v8qr+YiilRRD+N3gaHhiOWA6HgxRNul/P4llk0ktTpb9LoHk2+oooTH5ZuuT/8yF8J4stZt7EIOH+mSOAXG1z0BwnEkQu7pVKwu/oOZpGJTvBrGwww== tv@xu diff --git a/krebs/2configs/nameserver.nix b/krebs/2configs/nameserver.nix index 633f6f5d5..fb22dc6f9 100644 --- a/krebs/2configs/nameserver.nix +++ b/krebs/2configs/nameserver.nix @@ -66,6 +66,10 @@ in { - id: hostingde_ns1 address: 134.0.30.178 + - id: krebscode_ne + address: ${config.krebs.hosts.ne.nets.internet.ip4.addr} + key: krebs_transfer_notify_key + - id: krebscode_ni address: ${config.krebs.hosts.ni.nets.internet.ip4.addr} key: krebs_transfer_notify_key @@ -119,6 +123,7 @@ in { dnssec-policy: rsa2k notify: henet_ns1 notify: hostingde_ns1 + notify: krebscode_ne notify: krebscode_ni acl: transfer_to_henet_secondary acl: transfer_to_hostingde_secondary diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix index acd007cb8..901b1eb87 100644 --- a/krebs/3modules/airdcpp.nix +++ b/krebs/3modules/airdcpp.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: with lib; let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); cfg = config.krebs.airdcpp; out = { diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix index fa0f1530c..1c4067e7a 100644 --- a/krebs/3modules/announce-activation.nix +++ b/krebs/3modules/announce-activation.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); cfg = config.krebs.announce-activation; announce-activation = pkgs.writeDash "announce-activation" '' set -efu diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 900be5139..2be3a1422 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let out = { options.krebs.backup = api; diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index a3acf83cf..e7847aa09 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -1,7 +1,7 @@ { pkgs, config, lib, ... }: with lib; let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); cfg = config.krebs.brockman; in { options.krebs.brockman = { diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix index bf20cb099..6480c300f 100644 --- a/krebs/3modules/build.nix +++ b/krebs/3modules/build.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options.krebs.build = { diff --git a/krebs/3modules/ci/default.nix b/krebs/3modules/ci/default.nix index 5035a11a8..899db45c5 100644 --- a/krebs/3modules/ci/default.nix +++ b/krebs/3modules/ci/default.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.ci; diff --git a/krebs/3modules/dns.nix b/krebs/3modules/dns.nix index a268b931c..fd672a890 100644 --- a/krebs/3modules/dns.nix +++ b/krebs/3modules/dns.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; { +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options = { krebs.dns.providers = mkOption { type = types.attrsOf types.str; diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix index f78f1746c..b5f8d187a 100644 --- a/krebs/3modules/exim-retiolum.nix +++ b/krebs/3modules/exim-retiolum.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; let +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.exim-retiolum; # Due to improvements to the JSON notation, braces around top-level objects diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 4e42ce72e..14963f472 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.exim-smarthost; diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix index 583fd07b1..bb749b273 100644 --- a/krebs/3modules/exim.nix +++ b/krebs/3modules/exim.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let +{ config, lib, pkgs, ... }: with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.exim; in { options.krebs.exim = { diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 6d666b6d6..8b8f205dc 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -6,7 +6,7 @@ # TODO when authorized_keys changes, then restart ssh # (or kill already connected users somehow) -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.git; diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix index 2333d0a8d..51aeefb9f 100644 --- a/krebs/3modules/hosts.nix +++ b/krebs/3modules/hosts.nix @@ -3,7 +3,7 @@ with lib; let check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains; domains = attrNames (filterAttrs (_: slib.eq "hosts") config.krebs.dns.providers); # we need this import because we have infinite recursion otherwise - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in { options = { diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix index 334a83cb3..020b3eaea 100644 --- a/krebs/3modules/htgen.nix +++ b/krebs/3modules/htgen.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let optionalAttr = name: value: if name != null then diff --git a/krebs/3modules/iana-etc.nix b/krebs/3modules/iana-etc.nix index dabe2f8aa..8858c6ed5 100644 --- a/krebs/3modules/iana-etc.nix +++ b/krebs/3modules/iana-etc.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in with lib; { options.krebs.iana-etc.services = mkOption { diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 0463de53f..b71cb2ba9 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.konsens; diff --git a/krebs/3modules/on-failure.nix b/krebs/3modules/on-failure.nix index 11d2b4194..d87b279a0 100644 --- a/krebs/3modules/on-failure.nix +++ b/krebs/3modules/on-failure.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: with import ../../lib/pure.nix { inherit lib; }; let +{ config, lib, pkgs, ... }: with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let out = { options.krebs.on-failure = api; config = lib.mkIf cfg.enable imp; diff --git a/krebs/3modules/permown.nix b/krebs/3modules/permown.nix index ae8702978..d65ce2a31 100644 --- a/krebs/3modules/permown.nix +++ b/krebs/3modules/permown.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: let - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in with lib; { diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix index aa6254786..b977df99a 100644 --- a/krebs/3modules/reaktor2.nix +++ b/krebs/3modules/reaktor2.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; { +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options.krebs.reaktor2 = mkOption { default = {}; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index a65a22b29..21603d94c 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.realwallpaper; diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 5208d91ae..7b2be4057 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.repo-sync; diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix index c35dceba3..13c4ecaec 100644 --- a/krebs/3modules/secret.nix +++ b/krebs/3modules/secret.nix @@ -1,5 +1,5 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; let +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.secret; in { options.krebs.secret = { diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index e3108d88e..ce41548ae 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let out = { diff --git a/krebs/3modules/sync-containers3.nix b/krebs/3modules/sync-containers3.nix index 12a5ee4e7..872f04db2 100644 --- a/krebs/3modules/sync-containers3.nix +++ b/krebs/3modules/sync-containers3.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: let cfg = config.krebs.sync-containers3; - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); in { options.krebs.sync-containers3 = { inContainer = { diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix index 754b25675..c0bd4768b 100644 --- a/krebs/3modules/systemd.nix +++ b/krebs/3modules/systemd.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, ... }: let { - slib = import ../../lib/pure.nix { inherit lib; }; + slib = lib.slib or (import ../../lib/pure.nix { inherit lib; }); body.options.krebs.systemd.services = lib.mkOption { default = {}; diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index d73d5ca61..debbb184b 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -1,5 +1,5 @@ { config, pkgs, lib, ... }: -with import ../../lib/pure.nix { inherit lib; }; { +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); { options.krebs.tinc = mkOption { default = {}; description = '' diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index dd132a2de..c8c75f919 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.tinc_graphs; internal_dir = "${cfg.workingDir}/internal"; diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix index b811b6fa6..8d3bdfbe0 100644 --- a/krebs/3modules/urlwatch.nix +++ b/krebs/3modules/urlwatch.nix @@ -4,7 +4,7 @@ # TODO inform about unused caches # cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}" -with import ../../lib/pure.nix { inherit lib; }; +with lib.slib or (import ../../lib/pure.nix { inherit lib; }); let cfg = config.krebs.urlwatch; diff --git a/krebs/3modules/users.nix b/krebs/3modules/users.nix index 614e6ab42..d41b34f7d 100644 --- a/krebs/ |