summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/external/default.nix47
-rw-r--r--krebs/3modules/external/mic92.nix68
-rw-r--r--krebs/nixpkgs.json6
-rw-r--r--lass/1systems/hilum/config.nix9
-rw-r--r--lass/1systems/wizard/config.nix (renamed from lass/1systems/iso/default.nix)155
-rwxr-xr-xlass/1systems/wizard/generate-iso.sh (renamed from lass/1systems/iso/generate-iso.sh)2
-rw-r--r--lass/1systems/wizard/test.nix10
7 files changed, 205 insertions, 92 deletions
diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 059e22866..1d73fade2 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -109,29 +109,6 @@ in {
};
};
};
- idontcare = {
- owner = config.krebs.users.Mic92;
- nets = rec {
- retiolum = {
- addrs = [
- config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
- config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
- ];
- ip4.addr = "10.243.29.177";
- aliases = [ "idontcare.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
- qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
- OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
- lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
- O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
- jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
jongepad = {
owner = config.krebs.users.jonge;
nets = {
@@ -201,30 +178,6 @@ in {
wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ=";
};
};
- rock = {
- owner = config.krebs.users.Mic92;
- nets = {
- retiolum = {
- ip4.addr = "10.243.29.171";
- aliases = [ "rock.r" ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
- DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
- HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
- mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
- Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
- Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
- 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
- fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
- 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
- ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
- cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- };
scardanelli = {
owner = config.krebs.users.kmein;
nets = {
diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix
index 6b409aa7b..a748b1454 100644
--- a/krebs/3modules/external/mic92.nix
+++ b/krebs/3modules/external/mic92.nix
@@ -66,6 +66,27 @@ in {
};
};
};
+ dimitrios = {
+ owner = config.krebs.users.Mic92;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.29.183";
+ aliases = [
+ "dimitrios.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAutdjBACUieeP6hPqLazSo/MG5HiueUu3WZ1qPwpiPfJpPT59GckD
+ SI+TfCzaaZrifh1sRP30QhOH9+ca5DPPNQuk3ZPVAS2dqSmea0RBnYgq1J9EJ2Ty
+ EMzAYWjKIT8sJiEh4znnq7DDsd/JF5nIbhwgpkytxqAH8us5ABB940RkRMwDUS9M
+ tWB1NCbS7q1JWEoCHguAbh4B5qv4gxwDqzj3UwTR1Fd+SO3o9/giKhvpk0iQfsDO
+ DGXgxnpXybr7HGdRH2u3uAKXlwzwOpLHlohdLRC5txK8Osl0zVNqiiiV9SpuS0W1
+ OrHcbfEuPbuuI4pOXKMoZxbaehQ4SmEVBwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
donna = {
owner = config.krebs.users.Mic92;
nets = rec {
@@ -123,6 +144,29 @@ in {
};
};
};
+ idontcare = {
+ owner = config.krebs.users.Mic92;
+ nets = rec {
+ retiolum = {
+ addrs = [
+ config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
+ config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
+ ];
+ ip4.addr = "10.243.29.177";
+ aliases = [ "idontcare.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
+ qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
+ OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
+ lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
+ O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
+ jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
inspector = {
owner = config.krebs.users.Mic92;
nets = rec {
@@ -282,6 +326,30 @@ in {
};
};
};
+ rock = {
+ owner = config.krebs.users.Mic92;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.29.171";
+ aliases = [ "rock.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
+ DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
+ HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
+ mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
+ Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
+ Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
+ 91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
+ fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
+ 3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
+ ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
+ cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
rose = {
owner = config.krebs.users.Mic92;
nets = rec {
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 4ab0e86d4..769bacbe0 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
{
"url": "https://github.com/NixOS/nixpkgs-channels",
- "rev": "eb65d1dae626f4b149566c4cbccdad7ec24af189",
- "date": "2020-01-13T10:34:45+00:00",
- "sha256": "0zl4zakmw2s7gnkc2bmnjl71xg55n0kqrcm834kjq49lwwmdk225",
+ "rev": "c49da6435f314e04fc58ca29807221817ac2ac6b",
+ "date": "2020-02-07T12:52:16+01:00",
+ "sha256": "17zsqhaf098bvcfarnq0h9601z6smkfd1kz1px6xfg6xqfmr80r7",
"fetchSubmodules": false
}
diff --git a/lass/1systems/hilum/config.nix b/lass/1systems/hilum/config.nix
index 470dd3aff..7a506591b 100644
--- a/lass/1systems/hilum/config.nix
+++ b/lass/1systems/hilum/config.nix
@@ -21,7 +21,14 @@
source /grub/autoiso.cfg
}
'';
- extraFiles."/grub/autoiso.cfg" = "${pkgs.grub2.src}/docs/autoiso.cfg";
+ extraFiles."/grub/autoiso.cfg" = (pkgs.stdenv.mkDerivation {
+ name = "autoiso.cfg";
+ src = pkgs.grub2.src;
+ phases = [ "unpackPhase" "installPhase" ];
+ installPhase = ''
+ cp docs/autoiso.cfg $out
+ '';
+ });
};
services.logind.lidSwitch = "ignore";
diff --git a/lass/1systems/iso/default.nix b/lass/1systems/wizard/config.nix
index a77a74fbe..8f9db7d3c 100644
--- a/lass/1systems/iso/default.nix
+++ b/lass/1systems/wizard/config.nix
@@ -1,42 +1,118 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
- wizard = pkgs.writers.writeBash "wizard" ''
- shopt -s extglob
+ icon = pkgs.writeText "icon" ''
+ //
+ //
+ _ //
+ .' . // '.
+ '_ '_\/_' `_
+ . . \\ . .
+ .==. ` \\' .'
+ .\| //bd\\ \,
+ \_'`._\\__//_.'`.;
+ `.__ __,' \\
+ | | \\
+ | | `
+ | |
+ | |
+ |____|
+ l42 ==' '==
+ '';
+
+ messenger = pkgs.writeText "message" ''
+ .
+ | \/|
+ (\ _ ) )|/|
+ (/ _----. /.'.'
+ .-._________.. .' @ _\ .'
+ '.._______. '. / (_| .')
+ '._____. / '-/ | _.'
+ '.______ ( ) ) \
+ '..____ '._ ) )
+ .' __.--\ , , // ((
+ '.' mrf| \/ (_.'(
+ ' \ .'
+ \ (
+ \ '.
+ \ \ '.)
+ '-'-'
+ '';
- echo -n '
+ waiting = pkgs.writeText "waiting" ''
+ Z
+ Z
+ z
+ z
+ * '
+ / \
+ /___\
+ ( - - )
+ ) L ( .--------------.
+ __()(-)()__ | \ |
+ .~~ )()()() ~. | . :
+ / )()() ` | `-.__________)
+ | )() ~ | : :
+ | ) | : |
+ | _ | | [ ## :
+ \ ~~-. | , oo_______.'
+ `_ ( \) _____/~~~~ `--___
+ | ~`-) ) `-. `--- ( - a:f -
+ | '///` | `-.
+ | | | | `-.
+ | | | | `-.
+ | | |\ |
+ | | | \|
+ `-. | | |
+ `-| '
+ '';
+
+ wizard = pkgs.writers.writeDash "wizard" ''
+ cat ${icon}
+
+ echo -n '${''
welcome to the computer wizard
first we will check for internet connectivity
- (press enter to continue)
- '
- read -n 1 -s
- if ! ping -c1 lassul.us; then
- echo 'no internet detectio, you will have to provide credentials'
- read -n 1 -s
- nmtui
- fi
-
- # ping -c1 lassuls.us || ${pkgs.writeDash "nm-dmenu" ''
- # set -x
- # export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
- # exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
- # ''}
-
- mode=$(echo -n '
- 1. help of the wizard
- 2. let the wizard watch and help if needed
- 3. I will do it alone
- ' | ${pkgs.fzf}/bin/fzf --reverse)
+
+ ''}'
+
+ read -p '(press enter to continue...)' key
+ until ping -c1 8.8.8.8; do
+ ${pkgs.nm-dmenu}/bin/nm-dmenu
+ done
+
+ mode=$(echo -n '${''
+ 1. Help of the wizard
+ 2. Install NixOS
+ 3. I know what I need to do
+ ''}' | ${pkgs.fzf}/bin/fzf --reverse)
case "$mode" in
1*)
echo 'mode_1' > /tmp/mode
+ clear
+ echo 'waiting for the messenger to reach the wizard'
+ cat ${messenger}
+
+ # get pubkeys
+ mkdir -p /root/.ssh/
+ touch /root/.ssh/authorized_keys
+ curl -Ss 'https://lassul.us/mors.pub' >> /root/.ssh/authorized_keys
+ curl -Ss 'https://lassul.us/blue.pub' >> /root/.ssh/authorized_keys
+ curl -Ss 'https://lassul.us/yubi.pub' >> /root/.ssh/authorized_keys
+
+ # write via irc
systemctl start hidden-ssh-announce.service
- tmux new -s help
+ tmux new-session -s help ${pkgs.writers.writeDash "waiting" ''
+ cat ${waiting}
+ read -p 'waiting for the wizard to wake up' key
+ ${pkgs.bashInteractive}/bin/bash
+ ''}
;;
2*)
echo 'mode_2' > /tmp/mode
+ ${pkgs.nixos-installer}/bin/nixos-installer
;;
3*)
echo 'mode_3' > /tmp/mode
@@ -52,6 +128,7 @@ in {
<stockholm/krebs>
<stockholm/lass/3modules>
<stockholm/lass/2configs/vim.nix>
+ # <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-base.nix>
{
nixpkgs.config.packageOverrides = import <stockholm/lass/5pkgs> pkgs;
krebs.enable = true;
@@ -86,14 +163,14 @@ in {
networking.hostName = "wizard";
nixpkgs.config.allowUnfree = true;
- users.extraUsers = {
- root = {
- openssh.authorizedKeys.keys = [
- config.krebs.users.lass.pubkey
- config.krebs.users.lass-mors.pubkey
- ];
- };
- };
+ # users.extraUsers = {
+ # root = {
+ # openssh.authorizedKeys.keys = [
+ # config.krebs.users.lass.pubkey
+ # config.krebs.users.lass-mors.pubkey
+ # ];
+ # };
+ # };
environment.systemPackages = with pkgs; [
#stockholm
@@ -120,16 +197,12 @@ in {
aria2
#neat utils
- dmenu
+ chntpw
hashPassword
krebspaste
pciutils
- pop
psmisc
- q
- rs
tmux
- untilport
usbutils
#unpack stuff
@@ -141,6 +214,8 @@ in {
ddrescue
ntfs3g
dosfstools
+
+ nixos-installer
];
environment.extraInit = ''
@@ -193,10 +268,10 @@ in {
krebs.hidden-ssh = {
enable = true;
channel = "##lassulus-wizard";
-
+ message = "lassulus: torify sshn root@";
};
systemd.services.hidden-ssh-announce.wantedBy = mkForce [];
- services.mingetty.autologinUser = "root";
+ services.mingetty.autologinUser = lib.mkForce "root";
nixpkgs.config.packageOverrides = super: {
dmenu = pkgs.writeDashBin "dmenu" ''
diff --git a/lass/1systems/iso/generate-iso.sh b/lass/1systems/wizard/generate-iso.sh
index 3179b31c1..6c8f1532e 100755
--- a/lass/1systems/iso/generate-iso.sh
+++ b/lass/1systems/wizard/generate-iso.sh
@@ -4,4 +4,4 @@
set -xefu
WD=$(dirname "$0")
-nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/default.nix -f install-iso
+nixos-generate -I stockholm="$WD"/../../.. -c "$WD"/config.nix -f install-iso
diff --git a/lass/1systems/wizard/test.nix b/lass/1systems/wizard/test.nix
new file mode 100644
index 000000000..c7a27102a
--- /dev/null
+++ b/lass/1systems/wizard/test.nix
@@ -0,0 +1,10 @@
+{ config, lib, pkgs, ... }:
+{
+ imports = [
+ ./default.nix
+ ];
+ virtualisation.emptyDiskImages = [
+ 8000
+ ];
+ virtualisation.memorySize = 1024;
+}