summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/fetchWallpaper.nix4
-rw-r--r--krebs/3modules/makefu/default.nix44
-rw-r--r--krebs/3modules/retiolum.nix4
-rw-r--r--krebs/5pkgs/fortclientsslvpn/default.nix4
-rw-r--r--krebs/5pkgs/repo-sync/default.nix4
5 files changed, 48 insertions, 12 deletions
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index 53fe0839d..bd3d6d3b2 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -42,9 +42,11 @@ let
fetchWallpaperScript = pkgs.writeScript "fetchWallpaper" ''
#! ${pkgs.bash}/bin/bash
+ set -euf
mkdir -p ${shell.escape cfg.stateDir}
- curl -s -o ${shell.escape cfg.stateDir}/wallpaper -z ${shell.escape cfg.stateDir}/wallpaper ${shell.escape cfg.url}
+ cd ${shell.escape cfg.stateDir}
+ curl -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper
feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper
'';
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 814e6929b..79d9a59b4 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -270,8 +270,8 @@ with config.krebs.lib;
'';
};
};
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA root@servarch";
+ #ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ #ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA root@servarch";
};
wbob = rec {
cores = 1;
@@ -409,6 +409,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
ip6.addr = "42:9898:a8be:ce56:0ee3:b99c:42c5:109e";
aliases = [
"heidi.r"
+ "heidi.retiolum"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@@ -424,6 +425,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
};
};
+
soundflower = rec {
cores = 1;
nets = {
@@ -479,12 +481,12 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEA961eCQE562VPYjuZtd0+FNRfUghvD2ccjUlihMjzg46GAK+duqK+
- 4peWklGOL4eRYQBg6G2VDzWiU2MxXVbXUZaMrxh7fTc3G3LdbqTxzAv3GQKR/6iA
- 9bGUf6u4ztVNAcj2mrY3mfs4gMlBQyQ2wcM0ZUpiAMaRB4cdq7I4GVHbYTFYfQuI
- 2zdnr0w8AjlMpFFcD0ExsWeppiJsE7iiME/S2VVfh2NrEpAKQbLH9fKrfkiJA/+9
- 0VIH9wLLIYngUtQKbvEQ5xgx6ybrg0vO8ZqZ1ZGXYxOQZzWzPP0tvDU0QHSKYSWb
- FjcOf1lWSWjsjHxMl/Gh57hjNJFCbs8yjQIDAQAB
+ MIIBCgKCAQEA2VjW30A3uQoo5QwbFTnl5fuGg81DZVu8HXmDwgEkhZYr5Xf3V5/d
+ fmPlX1igzatWYX0OylFAY69r0V4dqeTubIf83sz1eqtpXjK4czG8A3wMHEXj5Pzs
+ e1Qh8K4rHMEATc7Y/cwpQBi2THn2bhufqgaz94m8HrStCZcKCin3fDMbE01WHWX1
+ KFqeBtUd7b9pWbXKlLBNpHTZoGxVQk0Hto9pxYzHecRsbQXykYk3Rw2tSuf0aH99
+ oY0i3LjOb+f2oq2S4qVHqHZsMJfDVr+x2/LP1SIcc1lVTztWSSAzZEokE0/ejvXf
+ wkquBVHXdl6LuzH+/V1I7OsaMhHShYu1LwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
@@ -594,7 +596,28 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
};
};
};
-
+ } // { # hosts only maintained in stockholm, not owned by me
+ tpsw = {
+ cores = 2;
+ owner = config.krebs.users.ciko; # main laptop
+ nets = {
+ retiolum = {
+ addrs4 = ["10.243.183.236"];
+ addrs6 = ["42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"];
+ aliases = [ "tpsw.r" "tpsw.retiolum" ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ
+ Poczl57j2Z+4bonkTrJmsNtSaQLPKYH4H1qfo/lwz7nqEpPi3Xp4Fgts23w36eML
+ WBvbw0fQO9R8zZJIIdRkJ2qqlhZiTlor1Gtlm8Z1RmpKkhL9O6Yzj94VhGLhABVl
+ OsaF2M3PgXJMiLry67jzbAs3+mVaT3iBTzWOaOyREjKQEUg9B9IDxrmZMSWqdXZM
+ 0wfzaCjS40jD73m7tqi7W3tXzAUP4mEeUqkC+NC2Zgm/lJ5B1KPx7AyNqtRLsBLd
+ pIdJs6ng63WV1fyHYUWMYqZk9zB/tQ0b0wIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ };
};
users = rec {
makefu = {
@@ -615,6 +638,9 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
inherit (makefu) mail pgp;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiKvLKaRQPL/Y/4EWx3rNhrY5YGKK4AeqDOFTLgJ7djwJnMo7FP+OIH/4pFxS6Ri2TZwS9QsR3hsycA4n8Z15jXAOXuK52kP65Ei3lLyz9mF+/s1mJsV0Ui/UKF3jE7PEAVky7zXuyYirJpMK8LhXydpFvH95aGrL1Dk30R9/vNkE9rc1XylBfNpT0X0GXmldI+r5OPOtiKLA5BHJdlV8qDYhQsU2fH8S0tmAHF/ir2bh7+PtLE2hmRT+b8I7y1ZagkJsC0sn9GT1AS8ys5s65V2xTTIfQO1zQ4sUH0LczuRuY8MLaO33GAzhyoSQdbdRAmwZQpY/JRJ3C/UROgHYt makefu@vbob";
};
+ ciko = {
+ mail = "wieczorek.stefan@googlemail.com";
+ };
exco = {
mail = "dickbutt@excogitation.de";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7HCK+TzelJp7atCbvCbvZZnXFr3cE35ioactgpIJL7BOyQM6lJ/7y24WbbrstClTuV7n0rWolDgfjx/8kVQExP3HXEAgCwV6tIcX/Ep84EXSok7QguN0ozZMCwX9CYXOEyLmqpe2KAx3ggXDyyDUr2mWs04J95CFjiR/YgOhIfM4+gVBxGtLSTyegyR3Fk7O0KFwYDjBRLi7a5TIub3UYuOvw3Dxo7bUkdhtf38Kff8LEK8PKtIku/AyDlwZ0mZT4Z7gnihSG2ezR5mLD6QXVuGhG6gW/gsqfPVRF4aZbrtJWZCp2G21wBRafpEZJ8KFHtR18JNcvsuWA1HJmFOj2K0mAY5hBvzCbXGhSzBtcGxKOmTBDTRlZ7FIFgukP/ckSgDduydFUpsv07ZRj+qY07zKp3Nhh3RuN7ZcveCo2WpaAzTuWCMPB0BMhEQvsO8I/p5YtTaw2T1poOPorBbURQwEgNrZ92kB1lL5t1t1ZB4oNeDJX5fddKLkgnLqQZWOZBTKtoq0EAVXojTDLZaA+5z20h8DU7sicDQ/VG4LWtqm9fh8iDpvt/3IHUn/HJEEnlfE1Gd+F2Q+R80yu4e1PClmuzfWjCtkPc4aY7oDxfcJqyeuRW6husAufPqNs31W6X9qXwoaBh9vRQ1erZUo46iicxbzujXIy/Hwg67X8dw== dickbutt@excogitation.de";
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix
index 5aaeb5a30..5a035fa50 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/retiolum.nix
@@ -102,6 +102,10 @@ let
The list of hosts in the network which the client will try to connect
to. These hosts should have an 'Address' configured which points to a
routeable IPv4 or IPv6 address.
+
+ In stockholm this can be done by configuring:
+ krebs.hosts.${connect-host}.nets.${netname?"retiolum"}.via.addrs4 =
+ [ "${external-ip} ${external-port}" ]
'';
};
diff --git a/krebs/5pkgs/fortclientsslvpn/default.nix b/krebs/5pkgs/fortclientsslvpn/default.nix
index 602766f46..11d567408 100644
--- a/krebs/5pkgs/fortclientsslvpn/default.nix
+++ b/krebs/5pkgs/fortclientsslvpn/default.nix
@@ -5,6 +5,10 @@ stdenv.mkDerivation rec {
# forticlient will be copied into /tmp before execution. this is necessary as
# the software demands $base to be writeable
+ # mkdir /etc/ppp ; touch /etc/ppp/options
+ ## i still have not found which tool uses tail ... i tried redirecting it in forticlientsslvpn and subproc
+ # ln -s /run/current-system/sw/bin/tail /usr/bin/tail
+
src = fetchurl {
# archive.org mirror:
# https://archive.org/download/ForticlientsslvpnLinux4.4.23171.tar/forticlientsslvpn_linux_4.4.2317.tar.gz
diff --git a/krebs/5pkgs/repo-sync/default.nix b/krebs/5pkgs/repo-sync/default.nix
index 789c03f36..7cba87b09 100644
--- a/krebs/5pkgs/repo-sync/default.nix
+++ b/krebs/5pkgs/repo-sync/default.nix
@@ -2,7 +2,7 @@
with python3Packages; buildPythonPackage rec {
name = "repo-sync-${version}";
- version = "0.2.5";
+ version = "0.2.6";
disabled = isPy26 || isPy27;
propagatedBuildInputs = [
docopt
@@ -11,7 +11,7 @@ with python3Packages; buildPythonPackage rec {
];
src = fetchurl {
url = "https://pypi.python.org/packages/source/r/repo-sync/repo-sync-${version}.tar.gz";
- sha256 = "1a59bj0vc5ajq8indkvkdk022yzvvv5mjb57hk3xf1j3wpr85p84";
+ sha256 = "1hqa9qw9qg7mxgniqzys9szycs05llg4yik8a9wz94a437zzarsk";
};
meta = {
homepage = http://github.com/makefu/repo-sync;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-02 17:49:58 +0000