5 files changed, 143 insertions, 11 deletions

diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
new file mode 100644
index 000000000..fce24fa63
--- /dev/null
+++ b/krebs/3modules/Reaktor.nix
@@ -0,0 +1,132 @@
+{ config, pkgs,lib, ... }:
+
+
+let
+  kpkgs = import ../5pkgs { inherit pkgs; inherit lib; };
+
+  inherit (lib)
+    mkIf
+    mkOption
+    types
+    singleton
+    isString
+    optionalString
+    concatStrings
+    escapeShellArg
+  ;
+
+  ReaktorConfig = pkgs.writeText "config.py" ''
+      ${if (isString cfg.overrideConfig ) then ''
+      # Overriden Config
+      ${cfg.overrideConfig}
+      '' else ""}
+      ## Extra Config
+      ${cfg.extraConfig}
+    '';
+  cfg = config.krebs.Reaktor;
+
+  out = {
+    options.krebs.Reaktor = api;
+    config = mkIf cfg.enable imp;
+  };
+
+  api = {
+    enable = mkOption {
+      default = false;
+      description = ''
+        Start Reaktor at system boot
+      '';
+    };
+
+    nickname = mkOption {
+      default = config.krebs.build.host.name + "|r";
+      type = types.string;
+      description = ''
+        The nick name of the irc bot.
+        Defaults to {hostname}|r
+      '';
+    };
+
+
+    overrideConfig = mkOption {
+      default = null;
+      type = types.nullOr types.str;
+      description = ''
+        configuration to be used instead of default ones.
+        Reaktor default cfg can be retrieved via `reaktor get-config`
+      '';
+    };
+    extraConfig = mkOption {
+      default = "";
+      type = types.string;
+      description = ''
+        configuration appended to the default or overridden configuration
+      '';
+    };
+
+    ReaktorPkg = mkOption {
+      default = kpkgs.Reaktor;
+      description = ''
+        the Reaktor pkg to use.
+      '';
+    };
+    debug = mkOption {
+      default = false;
+      description = ''
+        Reaktor debug output
+      '';
+    };
+  };
+
+  imp = {
+    # for reaktor get-config
+    environment.systemPackages = [ cfg.ReaktorPkg ];
+    users.extraUsers = singleton {
+      name = "Reaktor";
+      # uid = config.ids.uids.Reaktor;
+      uid = 2066439104; #genid Reaktor
+      description = "Reaktor user";
+      home = "/var/lib/Reaktor";
+      createHome = true;
+    };
+
+    #users.extraGroups = singleton {
+    #  name = "Reaktor";
+    #  gid = config.ids.gids.Reaktor;
+    #};
+
+    systemd.services.Reaktor = {
+      path = with pkgs; [
+        utillinux #flock for tell_on-join
+        # git # for nag
+        python # for caps
+        ];
+      description = "Reaktor IRC Bot";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      environment = {
+        GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+        REAKTOR_NICKNAME = cfg.nickname;
+        REAKTOR_DEBUG = (if cfg.debug  then "True" else "False");
+        };
+      serviceConfig= {
+        ExecStartPre = pkgs.writeScript "Reaktor-init" ''
+          #! /bin/sh
+          ${if (isString cfg.overrideConfig) then
+            ''cp ${ReaktorConfig} /tmp/config.py''
+          else
+            ''(${cfg.ReaktorPkg}/bin/reaktor get-config;cat "${ReaktorConfig}" ) > /tmp/config.py''
+          }
+        '';
+        ExecStart = "${cfg.ReaktorPkg}/bin/reaktor run /tmp/config.py";
+        PrivateTmp = "true";
+        User = "Reaktor";
+        Restart = "on-abort";
+        StartLimitInterval = "1m";
+        StartLimitBurst = "1";
+        };
+    };
+  };
+
+in
+out
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 78907960b..c683d406c 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -11,6 +11,7 @@ let
       ./github-hosts-sync.nix
       ./git.nix
       ./nginx.nix
+      ./Reaktor.nix
       ./retiolum.nix
       ./urlwatch.nix
     ];
@@ -332,11 +333,11 @@ let
     };
     users = addNames {
       lass = {
-        pubkey = readFile ../../Zpubkeys/lass.ssh.pub;
+        pubkey = readFile ../Zpubkeys/lass.ssh.pub;
         mail = "lass@mors.retiolum";
       };
       uriel = {
-        pubkey = readFile ../../Zpubkeys/uriel.ssh.pub;
+        pubkey = readFile ../Zpubkeys/uriel.ssh.pub;
         mail = "lass@uriel.retiolum";
       };
     };
@@ -468,6 +469,7 @@ let
                               IN MX 10  mx42
             euer              IN MX 1   aspmx.l.google.com.
             io                IN NS     pigstarter.krebsco.de.
+            euer              IN A      ${elemAt nets.internet.addrs4 0}
             pigstarter        IN A      ${elemAt nets.internet.addrs4 0}
             conf              IN A      ${elemAt nets.internet.addrs4 0}
             gold              IN A      ${elemAt nets.internet.addrs4 0}
@@ -543,7 +545,7 @@ let
     users = addNames {
       makefu = {
         mail = "makefu@pornocauster.retiolum";
-        pubkey = readFile ../../Zpubkeys/makefu_arch.ssh.pub;
+        pubkey = readFile ../Zpubkeys/makefu_arch.ssh.pub;
       };
     };
   };
@@ -714,11 +716,11 @@ let
     users = addNames {
       mv = {
         mail = "mv@cd.retiolum";
-        pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub;
+        pubkey = readFile ../Zpubkeys/mv_vod.ssh.pub;
       };
       tv = {
         mail = "tv@wu.retiolum";
-        pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub;
+        pubkey = readFile ../Zpubkeys/tv_wu.ssh.pub;
       };
     };
   };
diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix
index 0274b9d15..dbc0cc1de 100644
--- a/krebs/3modules/github-hosts-sync.nix
+++ b/krebs/3modules/github-hosts-sync.nix
@@ -61,9 +61,9 @@ let
             ${cfg.ssh-identity-file} \
             "$ssh_identity_file_target"
 
-          ln -snf ${kpkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts
+          ln -snf ${pkgs.github-known_hosts} ${cfg.dataDir}/.ssh/known_hosts
         '';
-        ExecStart = "${kpkgs.github-hosts-sync}/bin/github-hosts-sync";
+        ExecStart = "${pkgs.github-hosts-sync}/bin/github-hosts-sync";
       };
     };
 
@@ -77,7 +77,5 @@ let
     name = "github-hosts-sync";
     uid = 3220554646; # genid github-hosts-sync
   };
-
-  kpkgs = import ../../krebs/5pkgs { inherit pkgs; };
 in
 out
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix
index 481d6565c..4e70b78aa 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/retiolum.nix
@@ -58,7 +58,7 @@ let
 
     hosts = mkOption {
       type = with types; either package path;
-      default = ../../Zhosts;
+      default = ../Zhosts;
       description = ''
         If a path is given, then it will be used to generate an ad-hoc package.
       '';
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index 531e6c87b..80d9f5e93 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -78,7 +78,7 @@ let
         HOME = cfg.dataDir;
         LC_ALL = "en_US.UTF-8";
         LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
-        SSL_CERT_FILE = "${pkgs.cacert}/etc/ca-bundle.crt";
+        SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
       };
       serviceConfig = {
         User = user.name;