diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/1systems/puyak/config.nix | 1 | ||||
| -rw-r--r-- | krebs/1systems/wolf/config.nix | 9 | ||||
| -rw-r--r-- | krebs/2configs/go.nix | 1 | ||||
| -rw-r--r-- | krebs/2configs/hw/x220.nix | 1 | ||||
| -rw-r--r-- | krebs/3modules/jeschli/default.nix | 40 | ||||
| -rw-r--r-- | krebs/3modules/lass/default.nix | 3 | ||||
| -rw-r--r-- | krebs/4lib/infest/prepare.sh | 3 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/Reaktor/plugins.nix | 2 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/ftb/default.nix | 37 | ||||
| -rw-r--r-- | krebs/source.nix | 33 |
10 files changed, 109 insertions, 21 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index d2664ef84..67257eacd 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -7,7 +7,6 @@ <stockholm/krebs/2configs/secret-passwords.nix> <stockholm/krebs/2configs/hw/x220.nix> - <stockholm/krebs/2configs/buildbot-krebs.nix> <stockholm/krebs/2configs/stats/puyak-client.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/binary-cache/prism.nix> diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 9d6955e7e..6addb0818 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -2,6 +2,9 @@ let shack-ip = config.krebs.build.host.nets.shack.ip4.addr; influx-host = "127.0.0.1"; + ext-if = "et0"; + external-mac = "52:54:b0:0b:af:fe"; + in { imports = [ @@ -12,7 +15,6 @@ in <stockholm/krebs/2configs/stats/wolf-client.nix> <stockholm/krebs/2configs/graphite.nix> - <stockholm/krebs/2configs/buildbot-krebs.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/binary-cache/prism.nix> @@ -112,7 +114,7 @@ in networking = { firewall.enable = false; firewall.allowedTCPPorts = [ 8088 8086 8083 ]; - interfaces.enp0s3.ip4 = [{ + interfaces."${ext-if}".ip4 = [{ address = shack-ip; prefixLength = 20; }]; @@ -161,6 +163,9 @@ in config.krebs.users.makefu-omo.pubkey "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup ]; + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" + ''; time.timeZone = "Europe/Berlin"; sound.enable = false; diff --git a/krebs/2configs/go.nix b/krebs/2configs/go.nix index b75233871..f4c1290c2 100644 --- a/krebs/2configs/go.nix +++ b/krebs/2configs/go.nix @@ -8,6 +8,7 @@ with import <stockholm/lib>; krebs.go = { enable = true; }; + networking.firewall.allowedTCPPorts = [ 80 ]; services.nginx = { enable = true; virtualHosts.go = { diff --git a/krebs/2configs/hw/x220.nix b/krebs/2configs/hw/x220.nix index 90a1a111f..3780e0d7d 100644 --- a/krebs/2configs/hw/x220.nix +++ b/krebs/2configs/hw/x220.nix @@ -14,7 +14,6 @@ with import <stockholm/lib>; boot = { kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ]; - extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; kernelParams = [ "acpi_backlight=none" ]; }; diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index c7e882742..ed9bfad29 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -163,6 +163,43 @@ with import <stockholm/lib>; }; }; + bolide = { + nets = { + retiolum = { + ip4.addr = "10.243.27.31"; + ip6.addr = "42::31"; + aliases = [ + "bolide.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAn9mkcX4WvyClMxiHgpvM7nNFbGuUVIxM71luzhfroTxMxcWBcik+ + m7ensF256uQeUw4+y/d3wVj06ARnJubdGa1zrM54ghLp6dDTULnUhPfgIbCeP+Zz + A9hlZsD+yx9ZkPmSMhaakz5dKVlx9KFy4IrS42uGCquXIZ979loZ0372MxYxmPEY + sIiuZXQcLOiJa5ajJMHS2UEkr4rCvpa/nOJ3AcEl0QbCjX1WALjPZEw9Ogrwergy + tv0d8dkXHB80DZ4sEjA7+BxB/sVrI4YpT9diTqEHNlkhjYjk6x9o0aBAIfJoyFYK + Yo2eb8SYN4qwoNbtXr5JLvT0i6thT2R+jXm9h11NIGS91x4cJc2P7eIZI2J33gsV + VOfcZ4BfJSQSbd1G12EpgzM6UlorNGMqG2DfH3XPbQ0Ez19tNlEUqlbT3dnvVA5y + kpwWDEJrZB3SDvwtHQf9/4j/jXFlMNu4GE1kcwm+a4LvGFne37atY3irv3xZ9ih4 + ygRbKfFFmxTqK3Cl2Vwxf/dsUm/P+hVF5nzROu7v7wkyU90nYp/AnpXywc4rEAVj + M8/7H6OlY59yqElJkSdsMum7HtytpsvvenQWW85Ycz+/Ti3nmYuaILgme2Q6JfA3 + c6aNRv8A31m4GIuacHNGJOi2WfJab076bYw82HnX4bVoft9i2SxjZrXr75euz/4k + jGC4A4YQnrUi4wTBiSc3jm69wb3NXHYoKHjDIwDUUI91vUOKaTO/09RlAYr5EWT3 + nekSaOu9nCrpTR6dq+yc4MktFjHBKPs2ReFKfDHkYzKiNSn5Ei9g3QhpCMF1LE19 + RDvBbFawXtH3M8JHofalwsek44eso0tWA3RzFmiH2WzSLD2UV8a2la9vIfJbMvw3 + LqunwCgC0QWtSTjh+X6H0MBKcGcie5bisKfkXQExx0cnNERDoXpe1E8g5EmJBt2B + 8anRC6thNhpAuMTB8hZy+RP9AsRBxUE9lr9oKDH3JrHRBk1S4LktuNL3Zf8UqnRO + s7hGPzr8nw5yXV61xXFmXwA0snBsNfo83XpuiWJgz2qrz6/EWLZBgnLNyq22udxl + O9EGExulbija5rmrSp1MGi7K2K2qAx06KP3C1TerpSY0BW6ZhX/4MK/WIRihDBG4 + JLg/gxX/4FES2qGmjCkW74TQDHq6B8xFuJQ3y5nD1cZBN4+VDNb1+mQbR06Zn0Sc + pDASYWimJzqxR+s/cr0a8PwoE/RdjwOYlXIOW4tDcK12Am6XRRf87cycG9ueNzhy + RwrvUJ4JMyUA5sbo2sbumAMqiytNZ7ReRVK6S5IiMpysr4/lHb2OQSPhQArDCprg + KXNgncRZsrL9VgVueVmOp45qkAkapeQ8wQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { @@ -176,5 +213,8 @@ with import <stockholm/lib>; jeschli-brauerei = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"; }; + jeschli-bolide = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGnLjnFw3OYJJy/ID9RCWHTtnVcKRfROIj1tJdJZoOWzGMY+kgyCN/WNBg7JJtCW22yU5O3ftSdN851URCBZ6FgYmcvURBxUOKPlyX5EoxUrrnbmtxJM9+OIT3Dt2RWfrqX6aEQ57nwe/qIFKo9UaoedB/FOzsw1f3U5zBxVuWVRQrsnPxkbPWHmPAGB4CvL897tb83uecDexmGZpLe/0dN4768i2nYaSwrNL+HtqZCvkEqEmnfHlmqqXhiuq83q8su/WSXAtDbUVucG3frgOir14YCbrWKf59+MugxhYOEYBqp+KME5+niFGoulg+NBW/HzH6U+DiH4RFBJhCu1Gr jeschli@bolide"; + }; }; } diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 37bb31563..1634a62ac 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -458,7 +458,8 @@ with import <stockholm/lib>; external = true; nets = rec { internet = { - ip4.addr = "129.215.90.4"; + # eddie.thalheim.io + ip4.addr = "129.215.197.11"; aliases = [ "eddie.i" ]; }; retiolum = rec { diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh index 78c1c6ec1..cbc62102c 100644 --- a/krebs/4lib/infest/prepare.sh +++ b/krebs/4lib/infest/prepare.sh @@ -81,6 +81,9 @@ prepare_debian() { } prepare_nixos_iso() { + _which() ( + type -p "$1" + ) mountpoint /mnt type git 2>/dev/null || nix-env -iA nixos.git diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 518e80d0e..bcfcbf76b 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -123,7 +123,7 @@ rec { script = pkgs.writeDash "lambda-pl" '' if [ "$#" -gt 0 ]; then curl -SsL --max-time 5 "$1" | - perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)(?: - youtube)?\s*<\/title/si' + perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)\s*<\/title/si' fi ''; }); diff --git a/krebs/5pkgs/simple/ftb/default.nix b/krebs/5pkgs/simple/ftb/default.nix new file mode 100644 index 000000000..841e2ea00 --- /dev/null +++ b/krebs/5pkgs/simple/ftb/default.nix @@ -0,0 +1,37 @@ +{ stdenv, fetchurl +, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm +, openjdk +, mesa, openal +, useAlsa ? false, alsaOss ? null }: +with stdenv.lib; + +assert useAlsa -> alsaOss != null; + +stdenv.mkDerivation { + name = "ftb"; + + src = fetchurl { + url = "http://ftb.cursecdn.com/FTB2/launcher/FTB_Launcher.jar"; + sha256 = "0pyh83hhni97ryvz6yy8lyiagjrlx67cwr780s2bja92rxc1sqpj"; + }; + + phases = "installPhase"; + + installPhase = '' + set -x + mkdir -pv $out/bin + cp -v $src $out/ftb.jar + + cat > $out/bin/ftb << EOF + #!${stdenv.shell} + + export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]} + ${if useAlsa then "${alsaOss}/bin/aoss" else "" } \ + ${jre}/bin/java -jar $out/ftb.jar + EOF + + chmod +x $out/bin/ftb + + ${openjdk}/bin/jar xf $out/ftb.jar favicon.png + ''; +} diff --git a/krebs/source.nix b/krebs/source.nix index b952aa2a2..27450c2a3 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -1,22 +1,25 @@ with import <stockholm/lib>; -host@{ name, secure ? false }: let +host@{ name, secure ? false, override ? {} }: let builder = if getEnv "dummy_secrets" == "true" then "buildbot" else "krebs"; _file = <stockholm> + "/krebs/1systems/${name}/source.nix"; in - evalSource (toString _file) { - nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; - secrets = getAttr builder { - buildbot.file = toString <stockholm/krebs/6tests/data/secrets>; - krebs.pass = { - dir = "${getEnv "HOME"}/brain"; - name = "krebs-secrets/${name}"; + evalSource (toString _file) [ + { + nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; + secrets = getAttr builder { + buildbot.file = toString <stockholm/krebs/6tests/data/secrets>; + krebs.pass = { + dir = "${getEnv "HOME"}/brain"; + name = "krebs-secrets/${name}"; + }; }; - }; - stockholm.file = toString <stockholm>; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - ref = "0b30c1dd4c638e318957fc6a9198cf2429e38cb5"; # nixos-17.09 @ 2018-01-04 - }; - } + stockholm.file = toString <stockholm>; + nixpkgs.git = { + url = https://github.com/NixOS/nixpkgs; + ref = "2062ac5aa2dc0770322272e3d2b647cf431dd893"; # nixos-17.09 @ 2018-02-09 + }; + } + override + ] |