diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/1systems/onebutton/config.nix | 30 | ||||
-rw-r--r-- | krebs/1systems/onebutton/source.nix | 2 | ||||
-rw-r--r-- | krebs/2configs/buildbot-stockholm.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/git.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/lass/default.nix | 1 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 32 | ||||
-rw-r--r-- | krebs/5pkgs/simple/Reaktor/plugins.nix | 2 | ||||
-rw-r--r-- | krebs/5pkgs/simple/brain/default.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/simple/cholerab/default.nix | 7 | ||||
-rw-r--r-- | krebs/5pkgs/simple/ftb/default.nix | 4 | ||||
-rw-r--r-- | krebs/5pkgs/simple/stockholm/default.nix | 2 | ||||
-rw-r--r-- | krebs/5pkgs/simple/thesauron/default.nix | 7 | ||||
-rw-r--r-- | krebs/5pkgs/writers.nix | 318 | ||||
-rw-r--r-- | krebs/default.nix | 4 | ||||
-rw-r--r-- | krebs/krops.nix | 2 | ||||
-rw-r--r-- | krebs/source.nix | 1 |
16 files changed, 85 insertions, 334 deletions
diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix index dca00a206..b87aef5a3 100644 --- a/krebs/1systems/onebutton/config.nix +++ b/krebs/1systems/onebutton/config.nix @@ -16,6 +16,36 @@ services.nixosManual.enable = false; services.journald.extraConfig = "SystemMaxUse=50M"; } + { + systemd.services.mpc-booter = let + mpc = "${pkgs.mpc_cli}/bin/mpc -h mpd.shack -p 6600"; + url = "http://lassul.us:8000/radio.ogg"; + say = pkgs.writeDash "say" '' + tmpfile=$(${pkgs.coreutils}/bin/mktemp) + echo "$@" > $tmpfile + ${pkgs.curl}/bin/curl -i -H "content-type: text/plain" -X POST -d "@$tmpfile" gobbelz.shack/say/ + rm "$tmpfile" + ''; + in { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + serviceConfig = { + RemainAfterExit = "yes"; + Type = "oneshot"; + ExecStart = pkgs.writeDash "mpc-boot" '' + until ${mpc} stats;do + echo "waiting for mpd.shack to appear" + sleep 1 + done + ${say} "Willkommen im Shack wertes Mitglied" + + ${say} "Lassulus Super Radio wurde gestartet" + ${mpc} add ${url} + ${mpc} play + ''; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.onebutton; # NixOS wants to enable GRUB by default diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix index 8f25881c9..6842bfaab 100644 --- a/krebs/1systems/onebutton/source.nix +++ b/krebs/1systems/onebutton/source.nix @@ -4,7 +4,7 @@ let nixpkgs = pkgs.fetchFromGitHub { owner = "nixos"; repo = "nixpkgs-channels"; - rev = "6c064e6b"; # only binary cache for unstable arm6 + rev = "nixos-unstable"; # only binary cache for unstable arm6 sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; }; in import <stockholm/krebs/source.nix> { diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 04b1c999f..62a5f9ab5 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -63,6 +63,7 @@ in grab_repo = steps.Git( repourl=stockholm_repo, mode='full', + submodules=True, ) ''; builder = { diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index ba0924681..5ae24b40b 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -484,7 +484,7 @@ let reponames = rules: sort lessThan (unique (map (x: x.repo.name) rules)); - # TODO use `writeOut` + # TODO use pkgs.write (from nix-writers) scriptFarm = farm-name: scripts: let diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index fd74983fa..e2322e171 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -66,6 +66,7 @@ with import <stockholm/lib>; ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index d7a750c6e..c5404f96d 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -520,6 +520,38 @@ with import <stockholm/lib>; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN5ZmJSypW3LXIJ67DdbxMxCfLtORFkl5jEuD131S5Tr"; }; + nextgum = rec { + ci = true; + cores = 8; + nets = rec { + internet = { + ip4.addr = "144.76.26.247"; + ip6.addr = "2a01:4f8:191:12f6::2"; + aliases = [ + "nextgum.i" + ]; + }; + retiolum = { + via = internet; + ip4.addr = "10.243.0.213"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; + aliases = [ + "nextgum.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAucCebFmS96WorD+Br4UQudmAhMlLpacErjwA/u2argBTT2nGHTR8 + aN4e0xf3IYLA+iogLIW/JuQfKLe8evEK21iZ3jleW8N7mbCulhasi/0lqWlirrpO + npJAiSNF1m7ijoylkEKxtmehze+8ojprUT2hx1ImMlHMWGxvs+TmBbZBMgxAGMJh + 6cMMDJQi+4d9XrJQ3+XUVK3MkviLA91oIAXsLdFptL6b12siUaz4StQXDJUHemBF + 3ZwlO+W2Es69ifEhmV6NaDDRcSRdChGbHTz1OU8wYaFNaxWla/iprQQ+jEUldpcN + VC18QGYRUAgZ0PCIpKurjWNehJFB3zXt+wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; + }; gum = rec { ci = true; diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index c39e39799..2df76fb2f 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -120,7 +120,7 @@ rec { url-title = (buildSimpleReaktorPlugin "url-title" { pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; - script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" '' + script = pkgs.writePython3 "url-title" [ "beautifulsoup4" "lxml" ] '' import sys import urllib.request from bs4 import BeautifulSoup diff --git a/krebs/5pkgs/simple/brain/default.nix b/krebs/5pkgs/simple/brain/default.nix index e69b44f0f..9b125862b 100644 --- a/krebs/5pkgs/simple/brain/default.nix +++ b/krebs/5pkgs/simple/brain/default.nix @@ -1,6 +1,6 @@ -{ pass, writeOut, writeDash, ... }: +{ pass, write, writeDash, ... }: -writeOut "brain" { +write "brain" { "/bin/brain".link = writeDash "brain" '' PASSWORD_STORE_DIR=$HOME/brain \ exec ${pass}/bin/pass $@ diff --git a/krebs/5pkgs/simple/cholerab/default.nix b/krebs/5pkgs/simple/cholerab/default.nix new file mode 100644 index 000000000..c9ea8faef --- /dev/null +++ b/krebs/5pkgs/simple/cholerab/default.nix @@ -0,0 +1,7 @@ +{ fetchgit, callPackage }: let + src = fetchgit { + url = "https://github.com/krebs/cholerab"; + rev = "403107219ba9f3b6881f2cdae57ac373a13d98f0"; + sha256 = "076giaha52zxkvkr2f471g2rl9c5m8r5g03wncgh46qmdfcb5idb"; + }; +in callPackage src {} diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix index c2e83c9f4..ab7d6e651 100644 --- a/krebs/5pkgs/simple/ftb/default.nix +++ b/krebs/5pkgs/simple/ftb/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl , jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm , openjdk -, mesa, openal +, mesa_glu, openal , useAlsa ? false, alsaOss ? null }: with stdenv.lib; @@ -26,7 +26,7 @@ stdenv.mkDerivation { #!${stdenv.shell} export _JAVA_AWT_WM_NONREPARENTING=1 - export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]} + export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa_glu openal ]} ${if useAlsa then "${alsaOss}/bin/aoss" else "" } \ ${jre}/bin/java -jar $out/ftb.jar EOF diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 9afe79510..c973386d6 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -225,6 +225,6 @@ in - pkgs.writeOut "stockholm" (lib.mapAttrs' (name: link: + pkgs.write "stockholm" (lib.mapAttrs' (name: link: lib.nameValuePair "/bin/${name}" { inherit link; } ) cmds) diff --git a/krebs/5pkgs/simple/thesauron/default.nix b/krebs/5pkgs/simple/thesauron/default.nix deleted file mode 100644 index d543319f2..000000000 --- a/krebs/5pkgs/simple/thesauron/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ fetchgit, callPackage }: let - src = fetchgit { - url = "https://github.com/krebs/thesauron"; - rev = "8ac22588cf2c20465e3c9348e7ce04885599c2a5"; - "sha256"= "1ivkjl235dnm5aaqqvarnxkz7zh0gvah22b0fqwlsflrcd5wmgva"; - }; -in callPackage src {} diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix deleted file mode 100644 index 1939bf854..000000000 --- a/krebs/5pkgs/writers.nix +++ /dev/null @@ -1,318 +0,0 @@ -pkgs: oldpkgs: -with import <stockholm/lib>; - { - execve = name: { filename, argv ? null, envp ? {}, destination ? "" }: let - in pkgs.writeC name { inherit destination; } /* c */ '' - #include <unistd.h> - - static char *const filename = ${toC filename}; - - ${if argv == null - then /* Propagate arguments */ /* c */ '' - #define MAIN_ARGS int argc, char **argv - '' - else /* Provide fixed arguments */ /* c */ '' - #define MAIN_ARGS void - static char *const argv[] = ${toC (argv ++ [null])}; - ''} - - static char *const envp[] = ${toC ( - mapAttrsToList (k: v: "${k}=${v}") envp ++ [null] - )}; - - int main (MAIN_ARGS) { - execve(filename, argv, envp); - return -1; - } - ''; - - execveBin = name: cfg: - pkgs.execve name (cfg // { destination = "/bin/${name}"; }); - - makeScriptWriter = { interpreter, check ? null }: name: text: - assert (with types; either absolute-pathname filename).check name; - pkgs.writeOut (baseNameOf name) { - ${optionalString (types.absolute-pathname.check name) name} = { - inherit check; - executable = true; - text = "#! ${interpreter}\n${text}"; - }; - }; - - writeBash = name: text: - assert (with types; either absolute-pathname filename).check name; - pkgs.writeOut (baseNameOf name) { - ${optionalString (types.absolute-pathname.check name) name} = { - executable = true; - text = "#! ${pkgs.bash}/bin/bash\n${text}"; - }; - }; - - writeBashBin = name: - assert types.filename.check name; - pkgs.writeBash "/bin/${name}"; - - writeC = name: { destination ? "" }: text: pkgs.runCommand name { - inherit text; - passAsFile = [ "text" ]; - } /* sh */ '' - PATH=${makeBinPath (with pkgs; [ - # TODO remove if everyone migrated to 18.03 - (if hasAttr "binutils-unwrapped" pkgs then binutils-unwrapped else binutils) - coreutils - gcc - ])} - exe=$out${destination} - mkdir -p "$(dirname "$exe")" - gcc -O -Wall -o "$exe" -x c "$textPath" - strip --strip-unneeded "$exe" - ''; - - writeDash = pkgs.makeScriptWriter { - interpreter = "${pkgs.dash}/bin/dash"; - }; - - writeDashBin = name: - assert types.filename.check name; - pkgs.writeDash "/bin/${name}"; - - writeEximConfig = name: text: pkgs.runCommand name { - inherit text; - passAsFile = [ "text" ]; - } /* sh */ '' - # TODO validate exim config even with config.nix.useChroot == true - # currently doing so will fail because "user exim was not found" - #${pkgs.exim}/bin/exim -C "$textPath" -bV >/dev/null - mv "$textPath" $out - ''; - - writeOut = name: specs0: - let - writers.link = - { path - , link - }: - assert path == "" || types.absolute-pathname.check path; - assert types.package.check link; - { - install = /* sh */ '' - ${optionalString (path != "") /* sh */ '' - ${pkgs.coreutils}/bin/mkdir -p $out${dirOf path} - ''} - ${pkgs.coreutils}/bin/ln -s ${link} $out${path} - ''; - }; - - writers.text = - { path - , check ? null - , executable ? false - , mode ? if executable then "0755" else "0644" - , text - }: - assert path == "" || types.absolute-pathname.check path; - assert types.bool.check executable; - assert types.file-mode.check mode; - rec { - var = "file_${hashString "sha1" path}"; - val = text; - install = /* sh */ '' - ${optionalString (check != null) /* sh */ '' - ${check} ''$${var}Path - ''} - ${pkgs.coreutils}/bin/install \ - -m ${mode} \ - -D \ - ''$${var}Path $out${path} - ''; - }; - - write = spec: writers.${spec.type} (removeAttrs spec ["type"]); - - specs = - mapAttrsToList - (path: spec: let - known-types = [ "link" "text" ]; - found-types = attrNames (getAttrs known-types spec); - type = assert length found-types == 1; head found-types; - in spec // { inherit path type; }) - specs0; - - files = map write specs; - - filevars = genAttrs' (filter (hasAttr "var") files) - (spec: nameValuePair spec.var spec.val); - - env = filevars // { passAsFile = attrNames filevars; }; - in - # Use a subshell because <nixpkgs/stdenv/generic/setup.sh>'s genericBuild - # sources (or evaluates) the buildCommand and we don't want to modify its - # shell. In particular, exitHandler breaks in multiple ways with set -u. - pkgs.runCommand name env /* sh */ '' - ( - set -efu - ${concatMapStringsSep "\n" (getAttr "install") files} - ) - ''; - - writeHaskell = - k: - let - k' = parseDrvName k; - name = k'.name; - version = if k'.version != "" then k'.version else "0"; - in - { base-depends ? ["base"] - , executables ? {} - , ghc-options ? ["-Wall" "-O3" "-threaded" "-rtsopts"] - , haskellPackages ? pkgs.haskellPackages - , library ? null - , license ? "WTFPL" - }: - let - isExecutable = executables != {}; - isLibrary = library != null; - - cabal-file = pkgs.writeText "${name}-${version}.cabal" /* cabal */ '' - build-type: Simple - cabal-version: >= 1.2 - name: ${name} - version: ${version} - ${concatStringsSep "\n" (mapAttrsToList exe-section executables)} - ${optionalString isLibrary (lib-section library)} - ''; - - exe-install = - exe-name: - { file ? pkgs.writeText "${name}-${exe-name}.hs" text - , relpath ? "${exe-name}.hs" - , text - , ... }: - if types.filename.check exe-name - then /* sh */ "install -D ${file} $out/${relpath}" - else throw "argument ‘exe-name’ is not a ${types.filename.name}"; - - exe-section = - exe-name: - { build-depends ? base-depends ++ extra-depends - , extra-depends ? [] - , file ? pkgs.writeText "${name}-${exe-name}.hs" text - , relpath ? "${exe-name}.hs" - , text - , ... }: /* cabal */ '' - executable ${exe-name} - build-depends: ${concatStringsSep "," build-depends} - ghc-options: ${toString ghc-options} - main-is: ${relpath} - ''; - - get-depends = - { build-depends ? base-depends ++ extra-depends - , extra-depends ? [] - , ... - }: - build-depends; - - lib-install = - { exposed-modules - , ... }: - concatStringsSep "\n" (mapAttrsToList mod-install exposed-modules); - - lib-section = - { build-depends ? base-depends ++ extra-depends - , extra-depends ? [] - , exposed-modules - , ... }: /* cabal */ '' - library - build-depends: ${concatStringsSep "," build-depends} - ghc-options: ${toString ghc-options} - exposed-modules: ${concatStringsSep "," (attrNames exposed-modules)} - ''; - - mod-install = - mod-name: - { file ? pkgs.writeText "${name}-${mod-name}.hs" text - , relpath ? "${replaceStrings ["."] ["/"] mod-name}.hs" - , text - , ... }: - if types.haskell.modid.check mod-name - then /* sh */ "install -D ${file} $out/${relpath}" - else throw "argument ‘mod-name’ is not a ${types.haskell.modid.name}"; - in - haskellPackages.mkDerivation { - inherit isExecutable isLibrary license version; - executableHaskellDepends = - attrVals - (concatMap get-depends (attrValues executables)) - haskellPackages; - libraryHaskellDepends = - attrVals - (optionals isLibrary (get-depends library)) - haskellPackages; - pname = name; - src = pkgs.runCommand "${name}-${version}-src" {} /* sh */ '' - install -D ${cabal-file} $out/${cabal-file.name} - ${optionalString isLibrary (lib-install library)} - ${concatStringsSep "\n" (mapAttrsToList exe-install executables)} - ''; - }; - - writeJq = name: text: - assert (with types; either absolute-pathname filename).check name; - pkgs.writeOut (baseNameOf name) { - ${optionalString (types.absolute-pathname.check name) name} = { - check = pkgs.writeDash "jqcheck.sh" '' - exec ${pkgs.jq}/bin/jq -f "$1" < /dev/null - ''; - inherit text; - }; - }; - - writeJSON = name: value: pkgs.runCommand name { - json = toJSON value; - passAsFile = [ "json" ]; - } /* sh */ '' - ${pkgs.jq}/bin/jq . "$jsonPath" > "$out" - ''; - - writeNixFromCabal = - trace (toString [ - "The function `writeNixFromCabal` has been deprecated in favour of" - "`writeHaskell`." - ]) - (name: path: pkgs.runCommand name {} /* sh */ '' - ${pkgs.cabal2nix}/bin/cabal2nix ${path} > $out - ''); - - writePython2 = deps: - let - py = pkgs.python2.withPackages(ps: attrVals deps ps); - in - pkgs.makeScriptWriter { - interpreter = "${py}/bin/python"; - check = pkgs.writeDash "python2check.sh" '' - exec ${pkgs.python2Packages.flake8}/bin/flake8 --show-source "$1" - ''; - }; - - writePython2Bin = d: name: - pkgs.writePython2 d "/bin/${name}"; - - writePython3 = deps: - let - py = pkgs.python3.withPackages(ps: attrVals deps ps); - in - pkgs.makeScriptWriter { - interpreter = "${py}/bin/python"; - check = pkgs.writeDash "python3check.sh" '' - exec ${pkgs.python3Packages.flake8}/bin/flake8 --show-source "$1" - ''; - }; - - writePython3Bin = d: name: - pkgs.writePython3 d "/bin/${name}"; - - writeSed = pkgs.makeScriptWriter { - interpreter = "${pkgs.gnused}/bin/sed -f"; - }; - } diff --git a/krebs/default.nix b/krebs/default.nix index 55bf66f77..d99f60aaa 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -3,6 +3,10 @@ with import <stockholm/lib>; { imports = [ ./3modules + { + nixpkgs.config.packageOverrides = + import ../submodules/nix-writers/pkgs pkgs; + } ]; nixpkgs.config.packageOverrides = import ./5pkgs pkgs; } diff --git a/krebs/krops.nix b/krebs/krops.nix index 97cd6a939..6a8a05726 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -12,7 +12,7 @@ krebs-source = { nixpkgs.git = { - ref = "7295e175bf6c6e8aa54f1b4d99256ee95d13d385"; + ref = "91b286c8935b8c5df4a99302715200d3bd561977"; url = https://github.com/NixOS/nixpkgs; }; stockholm.file = toString ../.; diff --git a/krebs/source.nix b/krebs/source.nix index 2aaa27b2b..5b86e89c6 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -7,6 +7,7 @@ host@{ name, secure ? false, override ? {} }: let pkgs = import <nixpkgs> { overlays = map import [ <stockholm/krebs/5pkgs> + <stockholm/submodules/nix-writers/pkgs> ]; }; in |