summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--kartei/palo/default.nix81
-rw-r--r--krebs/3modules/git.nix10
-rw-r--r--krebs/3modules/zones.nix3
-rw-r--r--krebs/5pkgs/haskell/hack.nix21
-rw-r--r--krebs/5pkgs/simple/brain/default.nix20
-rw-r--r--krebs/5pkgs/simple/cabal-read.nix39
6 files changed, 79 insertions, 95 deletions
diff --git a/kartei/palo/default.nix b/kartei/palo/default.nix
index 6004c42ce..bdb61ec5d 100644
--- a/kartei/palo/default.nix
+++ b/kartei/palo/default.nix
@@ -18,53 +18,78 @@ let
in
{
hosts = mapAttrs hostDefaults {
- sol = {
+ chungus = {
owner = config.krebs.users.palo;
nets = {
retiolum = {
tinc.port = 720;
- aliases = [ "sol.r" ];
+ aliases = [ "chungus.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxrvdMSAcOJXM1TbIIDZ+zPojrcRG3RVMfPC2/0DasRpBFSuS+L60
- mQEs0l0ptAL6Sbr4+9gfaHkdETfYpeKB4Q4lCPahMq88YfTyB1f3tEOqW3vP22nC
- Z+Yf+W/sTLWVRoDoS/Eok6wS95R1IQ74vr37YXdbJTD/eeX6sAJkn2I2RV5PD6Bu
- lHsMuunAj+PyhAgqb2P393h7FN4exL0xM6UbHbgsd9OSp5qKTjZE3jeOyWmounK1
- 7n+8pyRjI0VE47ontnj/GANwpsxRFFtRGmG/S5KhUBXMv7wZr/vaVETRphAu+KhT
- NqdclmGkQlB/YBodzJID7C21Zz4b33kcn12TU3nc6AL5u9j3sU2sEu/22fAZBWLV
- yOZ9l/Qe4aJkIbdL70Gvp9G8m7+M4vkdM+e/nA5cZT0N9ArI2D5ltJRd7VLVzxef
- Y0t/bS9bVOcNt2Sgd81Ubg0OmF2paHGGboAAMqXhf3afwCMyXcDsP6sgPXOIEu7Q
- hjuo5rg6Fu8eK9edAAQ2afl52GiFUawzjHbjGANwVyea1JTQ3uR6eBtxGOEaYpkr
- vbl75CxLwE0YA0L3VwhJTNLMVldTrUi2M76QedjzyePkJHMijHT5+0nqTlsmjcNg
- uv89Mh9shNKdqulfGjTAFyKjTCuUe/rCprJ5CeZWBaEuQKYkcZuMkJsCAwEAAQ==
+ MIICCgKCAgEAv/6TryKLg/fy14ZRnJht9fQIrzwJW5UikQGjd0Au9ITau1AtoAhO
+ 6/xgdR4ME8EFckVrmjLoFuZNjVQUOyUJcX6OEX+Fl8veyUn+osgLA9jw4TVpi/DM
+ JIb7tNd+OkBbthLu5CiLiBwc+BX1dfSYhUxzxshSIrZ8jln6hUH6hWwi6C0GNfg0
+ CBEBjUft31pTGyr/bQUIBsCWDb7+R6UD2wLxXbo1zSAlitNiXoKSA2NvXTbFC4J2
+ HpxnhTLlJx8dkwjHn00RGUUrfh8Io/qFdjBEfCmynE+Q6v7a/eJdKxIyAtrzLFBz
+ 07cG9kM+/H+ldIF1PMqMI/QMbc12HG96/saVfCkTA8Xh+H+9abWfsvrYrQngdahX
+ Ubw52yV1lRA+grlzRFmjHyE6iaxlwzJ90Aq5BnnlxpK/P/FKCtd36x1RbhE+rBZO
+ VR3ENQRmNowakXdgc+0uS8N5naZIrmO+ficMyBI+Z+CrR0GuDPn++gN833D6KOrs
+ NeCHN5C9zi56nDBcS6KLtYWj/Amo5ZEokWqTAB/zCJu+rVACoS7fi3/6pj9fyNaz
+ BPEOPKGwROFNq+Bn9jh2jdVmZlO/h+wL8FuxyxaduxWzrZTDo+Pj2iHr1l8cr2VU
+ i7zdL3jS4LqE693FHCQE8DufSowa0soYe2+dbalVmKsnt5u9mKuAoj0CAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
- tinc.pubkey_ed25519 = "qCJvjlNz5YNOz5IEiwGaoK3InSVCL76uNl+xVBUa/AP";
+ tinc.pubkey_ed25519 = "iOJzv56xCoUaqbIe3DfjIqB7In6ZWFbr2DT2jvdLYsM";
};
};
};
- centauri = {
+ cream = {
owner = config.krebs.users.palo;
nets = {
retiolum = {
tinc.port = 720;
- aliases = [ "centauri.r" ];
+ aliases = [ "cream.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIICCgKCAgEAxrvdMSAcOJXM1TbIIDZ+zPojrcRG3RVMfPC2/0DasRpBFSuS+L60
- mQEs0l0ptAL6Sbr4+9gfaHkdETfYpeKB4Q4lCPahMq88YfTyB1f3tEOqW3vP22nC
- Z+Yf+W/sTLWVRoDoS/Eok6wS95R1IQ74vr37YXdbJTD/eeX6sAJkn2I2RV5PD6Bu
- lHsMuunAj+PyhAgqb2P393h7FN4exL0xM6UbHbgsd9OSp5qKTjZE3jeOyWmounK1
- 7n+8pyRjI0VE47ontnj/GANwpsxRFFtRGmG/S5KhUBXMv7wZr/vaVETRphAu+KhT
- NqdclmGkQlB/YBodzJID7C21Zz4b33kcn12TU3nc6AL5u9j3sU2sEu/22fAZBWLV
- yOZ9l/Qe4aJkIbdL70Gvp9G8m7+M4vkdM+e/nA5cZT0N9ArI2D5ltJRd7VLVzxef
- Y0t/bS9bVOcNt2Sgd81Ubg0OmF2paHGGboAAMqXhf3afwCMyXcDsP6sgPXOIEu7Q
- hjuo5rg6Fu8eK9edAAQ2afl52GiFUawzjHbjGANwVyea1JTQ3uR6eBtxGOEaYpkr
- vbl75CxLwE0YA0L3VwhJTNLMVldTrUi2M76QedjzyePkJHMijHT5+0nqTlsmjcNg
- uv89Mh9shNKdqulfGjTAFyKjTCuUe/rCprJ5CeZWBaEuQKYkcZuMkJsCAwEAAQ==
+ MIICCgKCAgEAxqrCGJriL5L1ehBf7CrdpL6Ao/ssyj5ZoPdlTP47WtBRahQcp8e0
+ xWkAACyiSW2rdvK9hBE4Z7cXHenm8obABl69Q6rLdkxIOM7GBK08cX7ZZrRAdyA1
+ Bp9FQWoeHZFq4zBayp889HjPgauglguVlPiXaxh5NhqQkKX4Bkcp4f+OtBMvV0Uf
+ kf80J5pknliV/I85VDt0Ofyuuvot9p4GAegeaGaTgIpMrbGvqdpnB+ZiI9lFylCf
+ tubRvrX1TsaqrWzFu8B2XL6ZXGCY0IrJXs7P0RsG9OysCK7N9WPVrpX+zGFSCCk+
+ 3UuKan9AFVOWA72Jj+glIU2i2d3D+Re8kvNmLCQ9GCM2c8Gy+r38UPN1/WTEe7az
+ 94ivkczOgg4tIzMCN2JuAYLtoy3JK46Bbexk3i9KgtX5acNrKilQBDKHktqr0oJ8
+ Bz53kFP/X7oY+0RIPePL9OPQu8LRyFXeWeuQQUBgqDmttoWBtHEO6vicKFgwN0bl
+ 5J6urUJQYC7aabfYO4aDfgVSRr7cELZkbIsx6Lkj5bOrraaJ2pS5H3QGSBUFifAq
+ mUdKKkBsYltKe8BsqKvQEysT3cGaGlkeP5OaKHN4qG7hGvLk71YjrYlWlIswdMAp
+ D2UgJ5/fcDswSAnFBlLYIqQwC7vMLoqTZPkQ0AN/DxHJCuXfRoU2vhkCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
- tinc.pubkey_ed25519 = "qCJvjlNz5YNOz5IEiwGaoK3InSVCL76uNl+xVBUa/AP";
+ tinc.pubkey_ed25519 = "lkvs1E4lCXt+Q7lvg/vU2JQyDfqseYo68Ecbb/Hg8YA";
+ };
+ };
+ };
+ cherry = {
+ owner = config.krebs.users.palo;
+ nets = {
+ retiolum = {
+ tinc.port = 720;
+ aliases = [ "cherry.r" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIICCgKCAgEAuDU2RZX+Hwa0sI/ZjnPd/gBLFs/KsS8SE18GEB8X/EH5D11qvRGi
+ myAYbHdx5hWbFuJ6GyUL/k99y0vV3VI+IGLyZ3FmVUdPF5fK495+qas68GzBMwhw
+ FilessbI1UvBjUITIpVibDW4jSt5ex5SeGSm7ZGpamVFNe442SYgL48V5B3nDRrf
+ jdfwxXuBW5iYi7wxuUncfVkFHrh/HNhOQhqHDhWIlgckymsGMszz0sPNfZZOVw8g
+ 7OA0c4Pduc140icyTaNQzNQZ4KipeZpjUXWn2oGP9ZIb3AiB07BZv3b2x6NrHucW
+ vWKtRkpBOMtYrIhVSuGE3MYHSCxrCR+e4moeeTUjpI5hPe9qtRwagKgchq3sxwWq
+ p1FfT3zEjZKT2tYRu3w/DWgOize+HvF8GDFTNAcp6APUsyE3mTJkpgsAfG8Lkq+f
+ RbrtEOqqqwKCz7IgJDnRSVHlaLP8v3LarhTVIqCkgveyd7wd9bh8fvpWc8fdnWXw
+ +WnIOj+KFxLIGr2xReRPbfi9SRnwTtt0E+oXEPC2tUrcWXGNMeiBmVUGH66pRnFP
+ wzMBn1q4GzqlG2TVsbXL6Nbzw8caDKH3MGPUUxikJXUODk7PtnQ9TThlsg8xdMGr
+ JCrPwL32VNXwXhxJ9vgxaXIfxIanye45j8lxwdnMkx5laULGWVq53bECAwEAAQ==
+ -----END RSA PUBLIC KEY-----
+ '';
+ tinc.pubkey_ed25519 = "QvtcXLmAviX/uv0FPrFak1WV+U2WwyO5dGciRlPB2lG";
};
};
};
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index 347a2c32b..961b217e1 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -468,6 +468,16 @@ let
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT ${cfg.dataDir};
+ fastcgi_param HOME ${pkgs.write "git-http-backend.home" {
+ "/.gitconfig".text = /* ini */ ''
+ [safe]
+ directory = .
+ ${concatMapStrings
+ (repo: "directory = ${cfg.dataDir}/${repo.name}\n")
+ (attrValues cfg.repos)
+ }
+ '';
+ }};
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME ${pkgs.git}/bin/git-http-backend;
fastcgi_pass unix:${config.services.fcgiwrap.socketAddress};
diff --git a/krebs/3modules/zones.nix b/krebs/3modules/zones.nix
index 7a9cf5be1..51e559d88 100644
--- a/krebs/3modules/zones.nix
+++ b/krebs/3modules/zones.nix
@@ -21,6 +21,9 @@ with lib; {
panda NS panda
panda A 130.61.237.100
+
+ xkey A 217.197.83.17
+ xkey AAAA 2a0a:4580:5011::1
'';
};
};
diff --git a/krebs/5pkgs/haskell/hack.nix b/krebs/5pkgs/haskell/hack.nix
deleted file mode 100644
index df3343818..000000000
--- a/krebs/5pkgs/haskell/hack.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ mkDerivation, base, blessings, containers, data-default, fetchgit
-, lens, lib, mtl, old-locale, process, scanner, time, unix, zippers
-}:
-mkDerivation {
- pname = "hack";
- version = "1.0.1";
- src = fetchgit {
- url = "https://cgit.krebsco.de/hack";
- sha256 = "0ry5ikn89ij512qvk1xhdhfz4s8a6b9yawgx6lxgnw5jkiyjd7ka";
- rev = "f3ea150aca5cc86878fa10bc5b1f0918fc154e2a";
- fetchSubmodules = true;
- };
- isLibrary = true;
- isExecutable = true;
- libraryHaskellDepends = [ base ];
- executableHaskellDepends = [
- base blessings containers data-default lens mtl old-locale process
- scanner time unix zippers
- ];
- license = lib.licenses.mit;
-}
diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix
index bf52da75f..d7e36a527 100644
--- a/krebs/5pkgs/simple/brain/default.nix
+++ b/krebs/5pkgs/simple/brain/default.nix
@@ -1,16 +1,22 @@
-{ pass, runCommand, write, writeDash, ... }:
+{ pkgs }:
-write "brain" {
- "/bin/brain".link = writeDash "brain" ''
+let
+ pass = pkgs.pass.withExtensions (ext: [
+ ext.pass-otp
+ ]);
+in
+
+pkgs.write "brain" {
+ "/bin/brain".link = pkgs.writeDash "brain" ''
PASSWORD_STORE_DIR=$HOME/brain \
- exec ${pass}/bin/pass $@
+ exec ${pass}/bin/pass "$@"
'';
- "/bin/brainmenu".link = writeDash "brainmenu" ''
+ "/bin/brainmenu".link = pkgs.writeDash "brainmenu" ''
PASSWORD_STORE_DIR=$HOME/brain \
- exec ${pass}/bin/passmenu $@
+ exec ${pass}/bin/passmenu "$@"
'';
"/share/bash-completion/completions/brain".link =
- runCommand "brain-completions" {
+ pkgs.runCommand "brain-completions" {
} /* sh */ ''
sed -r '
s/\<_pass?(_|\>)/_brain\1/g
diff --git a/krebs/5pkgs/simple/cabal-read.nix b/krebs/5pkgs/simple/cabal-read.nix
deleted file mode 100644
index 03b42ef2c..000000000
--- a/krebs/5pkgs/simple/cabal-read.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ writeHaskellPackage }:
-
-# Because `sed -n 's/.*\<ghc-options:\s\+\(.*\)/\1/p'` is too simple.
-writeHaskellPackage "cabal-read" {
- executables.ghc-options = {
- extra-depends = ["Cabal"];
- text = /* haskell */ ''
- {-# LANGUAGE CPP #-}
- module Main (main) where
- import Data.List
- import Data.Maybe
- import Distribution.Compiler
- import Distribution.PackageDescription.Parsec
- import Distribution.Types.BuildInfo
- import Distribution.Types.CondTree
- import Distribution.Types.Executable
- import Distribution.Types.GenericPackageDescription
- import Distribution.Types.UnqualComponentName
- import Distribution.Verbosity
- import System.Environment
- main :: IO ()
- main = do
- [path, name] <- getArgs
-
- desc <- readGenericPackageDescription normal path
-
- case lookup (mkUnqualComponentName name) (condExecutables desc) of
- Just exe ->
- putStrLn . intercalate " " . fromMaybe [] . lookup GHC
- #if MIN_VERSION_Cabal(3,0,0)
- . perCompilerFlavorToList
- #endif
- . options . buildInfo . condTreeData $ exe
-
- Nothing ->
- error ("executable " <> name <> " not found in " <> path)
- '';
- };
-}