summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ci.nix8
-rw-r--r--default.nix2
-rw-r--r--flake.lock52
-rw-r--r--flake.nix24
-rw-r--r--kartei/lass/xerxes.nix48
-rw-r--r--kartei/makefu/default.nix2
-rw-r--r--kartei/tv/hosts/fu.nix1
-rw-r--r--kartei/tv/hosts/leg.nix1
-rw-r--r--kartei/tv/hosts/pi.nix1
-rw-r--r--kartei/tv/hosts/zoppo.nix1
-rw-r--r--krebs/1systems/hotdog/config.nix11
-rw-r--r--krebs/1systems/ponte/config.nix12
-rw-r--r--krebs/1systems/puyak/config.nix4
-rw-r--r--krebs/2configs/buildbot-stockholm.nix2
-rw-r--r--krebs/2configs/hw/x220.nix4
-rw-r--r--krebs/2configs/nameserver.nix4
-rw-r--r--krebs/2configs/reaktor2.nix14
-rw-r--r--krebs/2configs/repo-sync.nix7
-rw-r--r--krebs/2configs/shack/worlddomination.nix15
-rw-r--r--krebs/3modules/ci/default.nix4
-rw-r--r--krebs/3modules/github/known-hosts.nix1
-rw-r--r--krebs/3modules/hosts.nix1
-rw-r--r--krebs/3modules/iptables.nix8
-rw-r--r--krebs/3modules/per-user.nix7
-rw-r--r--krebs/3modules/permown.nix6
-rw-r--r--krebs/3modules/reaktor2.nix6
-rw-r--r--krebs/3modules/secret.nix2
-rw-r--r--krebs/3modules/setuid.nix7
-rw-r--r--krebs/3modules/ssh.nix38
-rw-r--r--krebs/3modules/sync-containers3.nix4
-rw-r--r--krebs/3modules/tinc.nix22
-rw-r--r--krebs/3modules/urlwatch.nix1
-rw-r--r--krebs/3modules/zones.nix3
-rw-r--r--krebs/5pkgs/default.nix27
-rw-r--r--krebs/5pkgs/haskell/blessings/default.nix16
-rw-r--r--krebs/5pkgs/haskell/reaktor2/default.nix27
-rw-r--r--krebs/5pkgs/simple/K_belwagen.nix38
-rw-r--r--krebs/5pkgs/simple/TabFS/src.json2
-rw-r--r--krebs/5pkgs/simple/airdcpp-webclient/default.nix2
-rw-r--r--krebs/5pkgs/simple/bepasty-client-cli/default.nix23
-rw-r--r--krebs/5pkgs/simple/bling/default.nix5
-rw-r--r--krebs/5pkgs/simple/brain/default.nix35
-rw-r--r--krebs/5pkgs/simple/buildbot-classic-slave/default.nix18
-rw-r--r--krebs/5pkgs/simple/cac-panel/default.nix18
-rw-r--r--krebs/5pkgs/simple/certaids.nix109
-rw-r--r--krebs/5pkgs/simple/cgit-clear-cache.nix6
-rw-r--r--krebs/5pkgs/simple/collectd-connect-time/default.nix6
-rw-r--r--krebs/5pkgs/simple/cunicu.nix2
-rw-r--r--krebs/5pkgs/simple/default.nix13
-rw-r--r--krebs/5pkgs/simple/dic/default.nix39
-rw-r--r--krebs/5pkgs/simple/drivedroid-gen-repo/default.nix22
-rw-r--r--krebs/5pkgs/simple/ecrypt/default.nix111
-rw-r--r--krebs/5pkgs/simple/eximlog.nix28
-rw-r--r--krebs/5pkgs/simple/font-size.nix1
-rw-r--r--krebs/5pkgs/simple/fortclientsslvpn/default.nix14
-rw-r--r--krebs/5pkgs/simple/ftb/default.nix6
-rw-r--r--krebs/5pkgs/simple/games-user-env/default.nix34
-rw-r--r--krebs/5pkgs/simple/generate-secrets/default.nix49
-rw-r--r--krebs/5pkgs/simple/git-hooks/default.nix7
-rw-r--r--krebs/5pkgs/simple/gitignore.nix46
-rw-r--r--krebs/5pkgs/simple/gnokii/default.nix4
-rw-r--r--krebs/5pkgs/simple/goify/default.nix4
-rw-r--r--krebs/5pkgs/simple/hashPassword/default.nix15
-rw-r--r--krebs/5pkgs/simple/htgen-imgur/src/htgen-imgur36
-rw-r--r--krebs/5pkgs/simple/htgen/default.nix2
-rw-r--r--krebs/5pkgs/simple/internetarchive/default.nix39
-rw-r--r--krebs/5pkgs/simple/irc-announce/default.nix4
-rw-r--r--krebs/5pkgs/simple/krebspaste/default.nix12
-rw-r--r--krebs/5pkgs/simple/logf/default.nix112
-rw-r--r--krebs/5pkgs/simple/netcup/default.nix33
-rw-r--r--krebs/5pkgs/simple/nixos-format-error.nix107
-rw-r--r--krebs/5pkgs/simple/ovh-zone/default.nix6
-rw-r--r--krebs/5pkgs/simple/python-dnsstamps.nix2
-rw-r--r--krebs/5pkgs/simple/qrscan.nix7
-rw-r--r--krebs/5pkgs/simple/reaktor2-plugins/default.nix (renamed from krebs/5pkgs/simple/reaktor2-plugins.nix)10
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/random-emoji.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/random-issue.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/sed-plugin.py (renamed from krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/shack-correct.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_join.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/tell-on_join.sh)0
-rwxr-xr-xkrebs/5pkgs/simple/reaktor2-plugins/scripts/tell-on_privmsg.sh (renamed from krebs/5pkgs/simple/Reaktor/scripts/tell-on_privmsg.sh)0
-rw-r--r--krebs/5pkgs/simple/realwallpaper/default.nix9
-rw-r--r--krebs/5pkgs/simple/repo-sync/default.nix2
-rw-r--r--krebs/5pkgs/simple/ssh-audit.nix2
-rw-r--r--krebs/5pkgs/simple/tinc_graphs/default.nix6
-rw-r--r--krebs/5pkgs/simple/treq/default.nix8
-rw-r--r--krebs/5pkgs/simple/ukrepl.nix6
-rw-r--r--krebs/5pkgs/simple/untilport/default.nix6
-rw-r--r--krebs/5pkgs/simple/urix.nix17
-rw-r--r--krebs/5pkgs/simple/with-tmpdir/default.nix29
-rw-r--r--lib/default.nix1
-rw-r--r--lib/eval-source.nix3
-rw-r--r--lib/impure.nix3
-rw-r--r--lib/pure.nix4
-rw-r--r--lib/types.nix24
95 files changed, 371 insertions, 1169 deletions
diff --git a/ci.nix b/ci.nix
index 212114538..1aecc8e70 100644
--- a/ci.nix
+++ b/ci.nix
@@ -1,6 +1,6 @@
# usage: nix-instantiate --eval --json --read-write-mode --strict ci.nix | jq .
-with import ./lib;
let
+ lib = pkgs.lib;
pkgs = import <nixpkgs> { overlays = [ (import ./submodules/nix-writers/pkgs) ]; };
system =
import <nixpkgs/nixos/lib/eval-config.nix> {
@@ -16,9 +16,9 @@ let
}
;
- ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts;
+ ci-systems = lib.filterAttrs (_: v: v.ci) system.config.krebs.hosts;
build = host: owner:
- ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";});
+ ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${builtins.getEnv "HOME"}/stockholm-build";});
-in mapAttrs (n: h: build n h.owner.name) ci-systems
+in lib.mapAttrs (n: h: build n h.owner.name) ci-systems
diff --git a/default.nix b/default.nix
index 9368dcd9e..45b4f03f6 100644
--- a/default.nix
+++ b/default.nix
@@ -1,7 +1,7 @@
import <nixpkgs/nixos> {} // rec {
lib = import ./lib;
systems = with lib; let
- namespace = getEnv "LOGNAME";
+ namespace = krebs;
systemsDir = <stockholm> + "/${namespace}/1systems";
in
genAttrs
diff --git a/flake.lock b/flake.lock
index 1f99b2828..c7b051683 100644
--- a/flake.lock
+++ b/flake.lock
@@ -10,11 +10,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
- "lastModified": 1751515480,
- "narHash": "sha256-vCYcc/b8WizF6vnjuRVxSiU8hy9L3vOTWDVKpWM7xRE=",
+ "lastModified": 1768927382,
+ "narHash": "sha256-qdmb8Pm73PADLgO8Q06QfyPbEQS6el9Si+dGQc3TB1I=",
"owner": "Mic92",
"repo": "buildbot-nix",
- "rev": "47ad4c7afb169df6f9d48d0df3d7e2f71d9ddd8f",
+ "rev": "eb4e904a8dc1aa12a964752e4fd9977c6aead724",
"type": "github"
},
"original": {
@@ -31,11 +31,11 @@
]
},
"locked": {
- "lastModified": 1751413152,
- "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
+ "lastModified": 1768135262,
+ "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=",
"owner": "hercules-ci",
"repo": "flake-parts",
- "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
+ "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac",
"type": "github"
},
"original": {
@@ -44,6 +44,21 @@
"type": "github"
}
},
+ "flake-utils": {
+ "locked": {
+ "lastModified": 1676283394,
+ "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
+ "type": "github"
+ },
+ "original": {
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "type": "github"
+ }
+ },
"hercules-ci-effects": {
"inputs": {
"flake-parts": [
@@ -56,11 +71,11 @@
]
},
"locked": {
- "lastModified": 1748000383,
- "narHash": "sha256-EaAJhwfJGBncgIV/0NlJviid2DP93cTMc9h0q6P6xXk=",
+ "lastModified": 1768476106,
+ "narHash": "sha256-V0YOJRum50gtKgwavsAfwXc9+XAsJCC7386YZx1sWGQ=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
- "rev": "231726642197817d20310b9d39dd4afb9e899489",
+ "rev": "c19e263e6e22ec7379d972f19e6a322f943c73fb",
"type": "github"
},
"original": {
@@ -70,7 +85,12 @@
}
},
"nix-writers": {
- "flake": false,
+ "inputs": {
+ "flake-utils": "flake-utils",
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
"locked": {
"lastModified": 1677612737,
"narHash": "sha256-UaCKZ4PbMZU6UZH7XNFcjRtd5jheswl66rjZDBfQgp8=",
@@ -87,11 +107,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1751792365,
- "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
+ "lastModified": 1768886240,
+ "narHash": "sha256-C2TjvwYZ2VDxYWeqvvJ5XPPp6U7H66zeJlRaErJKoEM=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
+ "rev": "80e4adbcf8992d3fd27ad4964fbb84907f9478b0",
"type": "github"
},
"original": {
@@ -116,11 +136,11 @@
]
},
"locked": {
- "lastModified": 1750931469,
- "narHash": "sha256-0IEdQB1nS+uViQw4k3VGUXntjkDp7aAlqcxdewb/hAc=",
+ "lastModified": 1768158989,
+ "narHash": "sha256-67vyT1+xClLldnumAzCTBvU0jLZ1YBcf4vANRWP3+Ak=",
"owner": "numtide",
"repo": "treefmt-nix",
- "rev": "ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1",
+ "rev": "e96d59dff5c0d7fddb9d113ba108f03c3ef99eca",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index 0b8d875c7..527e4c8ef 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,10 +1,8 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
- nix-writers = {
- url = "git+https://cgit.krebsco.de/nix-writers";
- flake = false;
- };
+ nix-writers.url = "git+https://cgit.krebsco.de/nix-writers";
+ nix-writers.inputs.nixpkgs.follows = "nixpkgs";
# disko.url = "github:nix-community/disko";
# disko.inputs.nixpkgs.follows = "nixpkgs";
buildbot-nix.url = "github:Mic92/buildbot-nix";
@@ -43,9 +41,21 @@
};
overlays.default = import ./krebs/5pkgs/default.nix;
packages = let
- packageNames = self.lib.attrNames (self.lib.mapNixDir (x: null) ./krebs/5pkgs/simple);
- appliedOverlay = (system: self.overlays.default {} (self.inputs.nixpkgs.legacyPackages.${system} // { lib = self.lib; }));
- in nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ] (system: self.lib.getAttrs packageNames (appliedOverlay system));
+ allNames = self.lib.attrNames (self.lib.mapNixDir (x: null) ./krebs/5pkgs/simple);
+ appliedOverlay = (system:
+ let
+ base = self.inputs.nixpkgs.legacyPackages.${system};
+ # Apply nix-writers overlay with fixpoint so its functions can find each other
+ withWriters = nixpkgs.lib.fix (final: base // nix-writers.overlays.default final base);
+ in self.overlays.default {} (withWriters // { lib = self.lib; }));
+ # Only include derivations in packages output
+ getDerivations = overlay: builtins.listToAttrs (builtins.filter (x: x != null) (map (name:
+ let val = overlay.${name} or null;
+ in if val != null && (val.type or null) == "derivation"
+ then { inherit name; value = val; }
+ else null
+ ) allNames));
+ in nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: getDerivations (appliedOverlay system));
lib = import (self.outPath + "/lib/pure.nix") { lib = nixpkgs.lib; };
};
}
diff --git a/kartei/lass/xerxes.nix b/kartei/lass/xerxes.nix
index 96f619a70..985bba5f5 100644
--- a/kartei/lass/xerxes.nix
+++ b/kartei/lass/xerxes.nix
@@ -1,52 +1,6 @@
{ r6, w6, ... }:
{
consul = false;
- nets = rec {
- retiolum = {
- ip4.addr = "10.243.1.3";
- ip6.addr = r6 "3";
- aliases = [
- "xerxes.r"
- ];
- tinc = {
- pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U
- MZyAqNjLuKq3CKzJLo02ZmdFs4CT1Hj28p5IC0wLUWn53hrqdy8cCJDvIiKIv+Jk
- gItsxJyMnRtsdDbB6IFJ08D5ReGdAFJT5lqpN0DZuNC6UQRxzUK5fwKYVVzVX2+W
- /EZzEPe5XbE69V/Op2XJ2G6byg9KjOzNJyJxyjwVco7OXn1OBNp94NXoFrUO7kxb
- mTNnh3D+iB4c3qv8woLhmb+Uh/9MbXS14QrSf85ou4kfUjb5gdhjIlzz+jfA/6XO
- X4t86uv8L5IzrhSGb0TmhrIh5HhUmSKT4RdHJom0LB7EASMR2ZY9AqIG11XmXuhj
- +2b5INBZSj8Cotv5aoRXiPSaOd7bw7lklYe4ZxAU+avXot9K3/4XVLmi6Wa6Okim
- hz+MEYjW5gXY+YSUWXOR4o24jTmDjQJpdL83eKwLVAtbrE7TcVszHX6zfMoQZ5M9
- 3EtOkDMxhC+WfkL+DLQAURhgcPTZoaj0cAlvpb0TELZESwTBI09jh/IBMXHBZwI4
- H1gOD5YENpf0yUbLjVu4p82Qly10y58XFnUmYay0EnEgdPOOVViovGEqTiAHMmm5
- JixtwJDz7a6Prb+owIg27/eE1/E6hpfXpU8U83qDYGkIJazLnufy32MTFE4T9fI4
- hS8icFcNlsobZp+1pB3YK4GV5BnvMwOIVXVlP8yMCRTDRWZ4oYmAZ5apD7OXyNwe
- SUP2mCNNlQCqyjRsxj5S1lZQRy1sLQztU5Sff4xYNK+5aPgJACmvSi3uaJAxBloo
- 4xCCYzxhaBlvwVISJXZTq76VSPybeQ+pmSZFMleNnWOstvevLFeOoH2Is0Ioi1Fe
- vnu5r0D0VYsb746wyRooiEuOAjBmni8X/je6Vwr1gb/WZfZ23EwYpGyakJdxLNv3
- Li+LD9vUfOR80WL608sUU45tAx1RAy6QcH/YDtdClbOdK53+cQVTsYnCvDW8uGlO
- scQWgk+od3qvo6yCPO7pRlEd3nedcPSGh/KjBHao6eP+bsVERp733Vb9qrEVwmxv
- jlZ1m12V63wHVu9uMAGi9MhK+2Q/l7uLTj03OYpi4NYKL2Bu01VXfoxuauuZLdIJ
- Z3ZV+qUcjzZI0PBlGxubq6CqVFoSB7nhHUbcdPQ66WUnwoKq0cKmE7VOlJQvJ07u
- /Wsl8BIsxODVt0rTzEAx0hTd5mJCX7sCawRt+NF+1DZizl9ouebNMkNlsEAg4Ps0
- bQerZLcOmpYjGa5+lWDwJIMXVIcxwTmQR86stlP/KQm0vdOvH2ZUWTXcYvCYlHkQ
- sgVnnA2wt+7UpZnEBHy04ry+jYaSsPdYgwIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- pubkey_ed25519 = "PRtxFg/zw8dmwEGEM+u28N5GWuGNiHSNlaieplVSqQK";
- };
- };
- wiregrill = {
- ip6.addr = w6 "3";
- aliases = [
- "xerxes.w"
- ];
- wireguard.pubkey = "UTm8B8YUVvBGqwwxAUMVFsVQFQGQ6jbcXAavZ8LxYT8=";
- };
- };
secure = true;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
- syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM";
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP017KDMPZgXeb5pwo8sOD9R16vEaHFp523HGyeWPIIa";
}
diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix
index 9df79afbf..e92aeec93 100644
--- a/kartei/makefu/default.nix
+++ b/kartei/makefu/default.nix
@@ -251,6 +251,8 @@ in {
wikisearch IN A ${nets.internet.ip4.addr}
work.euer IN A ${nets.internet.ip4.addr}
shop.euer IN A ${nets.internet.ip4.addr}
+ matrix.euer IN A ${nets.internet.ip4.addr}
+ element.euer IN A ${nets.internet.ip4.addr}
mediengewitter IN CNAME over.dose.io.
nixos.unstable IN CNAME krebscode.github.io.
diff --git a/kartei/tv/hosts/fu.nix b/kartei/tv/hosts/fu.nix
index f33da59c9..c3f2f9297 100644
--- a/kartei/tv/hosts/fu.nix
+++ b/