summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/Reaktor.nix2
-rw-r--r--krebs/3modules/apt-cacher-ng.nix2
-rw-r--r--krebs/3modules/backup.nix2
-rw-r--r--krebs/3modules/bepasty-server.nix2
-rw-r--r--krebs/3modules/build.nix2
-rw-r--r--krebs/3modules/buildbot/master.nix2
-rw-r--r--krebs/3modules/buildbot/slave.nix2
-rw-r--r--krebs/3modules/current.nix2
-rw-r--r--krebs/3modules/default.nix3
-rw-r--r--krebs/3modules/exim-retiolum.nix2
-rw-r--r--krebs/3modules/exim-smarthost.nix2
-rw-r--r--krebs/3modules/exim.nix2
-rw-r--r--krebs/3modules/fetchWallpaper.nix2
-rw-r--r--krebs/3modules/git.nix10
-rw-r--r--krebs/3modules/github-hosts-sync.nix2
-rw-r--r--krebs/3modules/go.nix2
-rw-r--r--krebs/3modules/lass/default.nix4
-rw-r--r--krebs/3modules/lib.nix15
-rw-r--r--krebs/3modules/makefu/default.nix2
-rw-r--r--krebs/3modules/mv/default.nix2
-rw-r--r--krebs/3modules/newsbot-js.nix4
-rw-r--r--krebs/3modules/nginx.nix2
-rw-r--r--krebs/3modules/nixpkgs.nix2
-rw-r--r--krebs/3modules/on-failure.nix2
-rw-r--r--krebs/3modules/os-release.nix2
-rw-r--r--krebs/3modules/per-user.nix2
-rw-r--r--krebs/3modules/power-action.nix2
-rw-r--r--krebs/3modules/realwallpaper.nix2
-rw-r--r--krebs/3modules/repo-sync.nix2
-rw-r--r--krebs/3modules/retiolum-bootstrap.nix2
-rw-r--r--krebs/3modules/retiolum.nix2
-rw-r--r--krebs/3modules/rtorrent.nix2
-rw-r--r--krebs/3modules/secret.nix2
-rw-r--r--krebs/3modules/setuid.nix2
-rw-r--r--krebs/3modules/shared/default.nix2
-rw-r--r--krebs/3modules/tinc_graphs.nix2
-rw-r--r--krebs/3modules/tv/default.nix42
-rw-r--r--krebs/3modules/urlwatch.nix2
-rw-r--r--krebs/4lib/default.nix59
-rw-r--r--krebs/4lib/genid.nix37
-rw-r--r--krebs/4lib/git.nix47
-rw-r--r--krebs/4lib/tree.nix13
-rw-r--r--krebs/4lib/types.nix446
-rw-r--r--krebs/5pkgs/builders.nix2
-rw-r--r--krebs/5pkgs/default.nix2
-rw-r--r--krebs/5pkgs/populate/default.nix4
-rw-r--r--krebs/default.nix2
47 files changed, 51 insertions, 703 deletions
diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
index d58661a28..d87003ac2 100644
--- a/krebs/3modules/Reaktor.nix
+++ b/krebs/3modules/Reaktor.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
ReaktorConfig = pkgs.writeText "config.py" ''
diff --git a/krebs/3modules/apt-cacher-ng.nix b/krebs/3modules/apt-cacher-ng.nix
index e80d383f8..f3c8ff0cd 100644
--- a/krebs/3modules/apt-cacher-ng.nix
+++ b/krebs/3modules/apt-cacher-ng.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
acng-config = pkgs.writeTextFile {
name = "acng-configuration";
diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix
index 4569d400f..96b283002 100644
--- a/krebs/3modules/backup.nix
+++ b/krebs/3modules/backup.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
out = {
options.krebs.backup = api;
diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix
index 080d2188d..50e04cf80 100644
--- a/krebs/3modules/bepasty-server.nix
+++ b/krebs/3modules/bepasty-server.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
gunicorn = pkgs.pythonPackages.gunicorn;
bepasty = pkgs.pythonPackages.bepasty-server;
diff --git a/krebs/3modules/build.nix b/krebs/3modules/build.nix
index 4848748cd..51f192703 100644
--- a/krebs/3modules/build.nix
+++ b/krebs/3modules/build.nix
@@ -1,6 +1,6 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
options.krebs.build = {
diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix
index bd17c3765..9e144ee0e 100644
--- a/krebs/3modules/buildbot/master.nix
+++ b/krebs/3modules/buildbot/master.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
# https://github.com/NixOS/nixpkgs/issues/14026
diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix
index 02331ee12..650594a6c 100644
--- a/krebs/3modules/buildbot/slave.nix
+++ b/krebs/3modules/buildbot/slave.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
buildbot-slave-init = pkgs.writeText "buildbot-slave.tac" ''
import os
diff --git a/krebs/3modules/current.nix b/krebs/3modules/current.nix
index 9f63e33ac..e97e53479 100644
--- a/krebs/3modules/current.nix
+++ b/krebs/3modules/current.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.current;
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index a4a5f9cad..ec85464df 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -1,6 +1,6 @@
{ config, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs;
@@ -21,7 +21,6 @@ let
./git.nix
./go.nix
./iptables.nix
- ./lib.nix
./newsbot-js.nix
./nginx.nix
./nixpkgs.nix
diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix
index a18f1c979..05840e80a 100644
--- a/krebs/3modules/exim-retiolum.nix
+++ b/krebs/3modules/exim-retiolum.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.exim-retiolum;
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix
index cfe2e5f04..2ed5607f1 100644
--- a/krebs/3modules/exim-smarthost.nix
+++ b/krebs/3modules/exim-smarthost.nix
@@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
indent = replaceChars ["\n"] ["\n "];
cfg = config.krebs.exim-smarthost;
diff --git a/krebs/3modules/exim.nix b/krebs/3modules/exim.nix
index 7b18c72c1..1127c0a50 100644
--- a/krebs/3modules/exim.nix
+++ b/krebs/3modules/exim.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: with config.krebs.lib; let
+{ config, lib, pkgs, ... }: with import <stockholm/lib>; let
cfg = config.krebs.exim;
in {
options.krebs.exim = {
diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix
index 0adcec3d8..94bcbed9d 100644
--- a/krebs/3modules/fetchWallpaper.nix
+++ b/krebs/3modules/fetchWallpaper.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.fetchWallpaper;
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index 6a03b4638..20907a3ed 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -6,7 +6,7 @@
# TODO when authorized_keys changes, then restart ssh
# (or kill already connected users somehow)
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.git;
@@ -97,7 +97,7 @@ let
singleton {
user = [ config.krebs.users.tv ];
repo = [ testing ]; # see literal example of repos
- perm = push "refs/*" (with config.krebs.lib.git; [
+ perm = push "refs/*" (with git; [
non-fast-forward create delete merge
]);
}
@@ -389,6 +389,12 @@ let
mapAttrsToList repo-to-cgitrc cfg.repos
));
+ environment.systemPackages = [
+ (pkgs.writeDashBin "cgit-clear-cache" ''
+ ${pkgs.coreutils}/bin/rm -f ${cfg.cgit.settings.cache-root}/*
+ '')
+ ];
+
system.activationScripts.cgit = ''
mkdir -m 0700 -p ${cfg.cgit.settings.cache-root}
chown ${toString cfg.cgit.fcgiwrap.user.uid}:${toString cfg.cgit.fcgiwrap.group.gid} ${cfg.cgit.settings.cache-root}
diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix
index 3646d35d6..e6db3aa42 100644
--- a/krebs/3modules/github-hosts-sync.nix
+++ b/krebs/3modules/github-hosts-sync.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.github-hosts-sync;
diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix
index 52a104bb9..a86f444dc 100644
--- a/krebs/3modules/go.nix
+++ b/krebs/3modules/go.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.go;
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 08e8995fa..ad1221e8e 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -1,6 +1,6 @@
{ config, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.lass) {
@@ -305,5 +305,7 @@ with config.krebs.lib;
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h";
mail = "lass@mors.r";
};
+ sokratess = {
+ };
};
}
diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix
deleted file mode 100644
index ccd6a6afa..000000000
--- a/krebs/3modules/lib.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ config, pkgs, lib, ... }:
-with lib;
-let
- out = {
- options.krebs.lib = api;
- config = imp;
- };
- api = mkOption {
- default = {};
- type = types.attrs;
- };
- imp = {
- krebs.lib = lib // import ../4lib { inherit config lib; } // builtins;
- };
-in out
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index e79e54aa6..7317e0b60 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -1,6 +1,6 @@
{ config, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) {
diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix
index dc47d8983..a95536122 100644
--- a/krebs/3modules/mv/default.nix
+++ b/krebs/3modules/mv/default.nix
@@ -1,6 +1,6 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
hosts = mapAttrs (_: setAttr "owner" config.krebs.users.mv) {
diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix
index b58c555e7..2ff9a5ebb 100644
--- a/krebs/3modules/newsbot-js.nix
+++ b/krebs/3modules/newsbot-js.nix
@@ -1,10 +1,8 @@
{ config, lib, pkgs, ... }:
-with builtins;
-with lib;
+with import <stockholm/lib>;
let
- inherit (config.krebs.lib) genid;
cfg = config.krebs.newsbot-js;
diff --git a/krebs/3modules/nginx.nix b/krebs/3modules/nginx.nix
index 214f55018..1577c5b64 100644
--- a/krebs/3modules/nginx.nix
+++ b/krebs/3modules/nginx.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.nginx;
diff --git a/krebs/3modules/nixpkgs.nix b/krebs/3modules/nixpkgs.nix
index 5816b8a30..796ee537e 100644
--- a/krebs/3modules/nixpkgs.nix
+++ b/krebs/3modules/nixpkgs.nix
@@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.nixpkgs;
diff --git a/krebs/3modules/on-failure.nix b/krebs/3modules/on-failure.nix
index a471a4bc2..8bb022442 100644
--- a/krebs/3modules/on-failure.nix
+++ b/krebs/3modules/on-failure.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: with config.krebs.lib; let
+{ config, lib, pkgs, ... }: with import <stockholm/lib>; let
out = {
options.krebs.on-failure = api;
config = lib.mkIf cfg.enable imp;
diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix
index 4c803fff8..50cf72ef9 100644
--- a/krebs/3modules/os-release.nix
+++ b/krebs/3modules/os-release.nix
@@ -1,5 +1,5 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
nixos-version-id = "${config.system.nixosVersion}";
nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})";
diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix
index 93a7d2293..1b8d092bb 100644
--- a/krebs/3modules/per-user.nix
+++ b/krebs/3modules/per-user.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.per-user;
diff --git a/krebs/3modules/power-action.nix b/krebs/3modules/power-action.nix
index bb5b3e521..f405482de 100644
--- a/krebs/3modules/power-action.nix
+++ b/krebs/3modules/power-action.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.power-action;
diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix
index df374e184..1564bd94a 100644
--- a/krebs/3modules/realwallpaper.nix
+++ b/krebs/3modules/realwallpaper.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.realwallpaper;
diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix
index bcd9da5ea..7705635f0 100644
--- a/krebs/3modules/repo-sync.nix
+++ b/krebs/3modules/repo-sync.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.repo-sync;
diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix
index 9d393c90b..4bcd596d4 100644
--- a/krebs/3modules/retiolum-bootstrap.nix
+++ b/krebs/3modules/retiolum-bootstrap.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.retiolum-bootstrap;
diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix
index 2b181a556..fddaed9e3 100644
--- a/krebs/3modules/retiolum.nix
+++ b/krebs/3modules/retiolum.nix
@@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
out = {
options.krebs.tinc = api;
diff --git a/krebs/3modules/rtorrent.nix b/krebs/3modules/rtorrent.nix
index d53482339..bcc52fb6e 100644
--- a/krebs/3modules/rtorrent.nix
+++ b/krebs/3modules/rtorrent.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.rtorrent;
webcfg = config.krebs.rtorrent.web;
diff --git a/krebs/3modules/secret.nix b/krebs/3modules/secret.nix
index 579f375f3..672c503b0 100644
--- a/krebs/3modules/secret.nix
+++ b/krebs/3modules/secret.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }@args: with config.krebs.lib; let
+{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
cfg = config.krebs.secret;
in {
options.krebs.secret = {
diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix
index 65a4abe1c..13f981437 100644
--- a/krebs/3modules/setuid.nix
+++ b/krebs/3modules/setuid.nix
@@ -1,5 +1,5 @@
{ config, pkgs, lib, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.setuid;
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix
index a9868954e..a05889632 100644
--- a/krebs/3modules/shared/default.nix
+++ b/krebs/3modules/shared/default.nix
@@ -1,6 +1,6 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
testHosts = genAttrs [
"test-arch"
diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix
index d783ba03b..26a51de00 100644
--- a/krebs/3modules/tinc_graphs.nix
+++ b/krebs/3modules/tinc_graphs.nix
@@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
let
cfg = config.krebs.tinc_graphs;
internal_dir = "${cfg.workingDir}/internal";
diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix
index a933cbddb..0e7535e6c 100644
--- a/krebs/3modules/tv/default.nix
+++ b/krebs/3modules/tv/default.nix
@@ -1,6 +1,6 @@
{ config, ... }:
-with config.krebs.lib;
+with import <stockholm/lib>;
{
dns.providers = {
@@ -162,46 +162,6 @@ with config.krebs.lib;
};
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM6dL0fQ8Bd0hER0Xa3I2pAWVHdnwOBaAZhbDlLJmUu";
};
- ire = {
- extraZones = {
- # TODO generate krebsco.de zone from nets and don't use extraZones at all
- "krebsco.de" = ''
- ire 60 IN A ${config.krebs.hosts.ire.nets.internet.ip4.addr}
- '';
- };
- nets = {
- internet = {
- ip4.addr = "198.147.22.115";
- aliases = [
- "ire.i"
- "ire.internet"
- "ire.krebsco.de"
- ];
- ssh.port = 11423;
- };
- retiolum = {
- via = config.krebs.hosts.ire.nets.internet;
- ip4.addr = "10.243.231.66";
- ip6.addr = "42:b912:0f42:a82d:0d27:8610:e89b:490c";
- aliases = [
- "ire.r"
- "ire.retiolum"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAwofjmP/XBf5pwsJlWklkSzI+Bo0I0B9ONc7/j+zpbmMRkwbWk4X7
- rVLt1cWvTY15ujg2u8l0o6OgEbIkc6rslkD603fv1sEAd0KOv7iKLgRpE9qfSvAt
- 6YpiSv+mxEMTpH0g36OmBfOJ10uT+iHDB/FfxmgGJx//jdJADzLjjWC6ID+iGkGU
- 1Sf+yHXF7HRmQ29Yak8LYVCJpGC5bQfWIMSL5lujLq4NchY2d+NZDkuvh42Ayr0K
- LPflnPBQ3XnKHKtSsnFR2vaP6q+d3Opsq/kzBnAkjL26jEuFK1v7P/HhNhJoPzwu
- nKKWj/W/k448ce374k5ycjvKm0c6baAC/wIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- ssh.port = 11423;
- };
- };
- ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaMjBJ/BfYlHjyn5CO0xzFNaQ0LPvMP3W9UlOs1OxGY";
- };
kaepsele = {
nets = {
internet = {
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index ed1a21260..e43f8de4a 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -4,7 +4,7 @@
# TODO inform about unused caches
# cache = url: "${cfg.dataDir}/.urlwatch/cache/${hashString "sha1" url}"