summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/default.nix1
-rw-r--r--krebs/3modules/go.nix66
-rw-r--r--krebs/3modules/lass/default.nix34
-rw-r--r--krebs/3modules/shared/default.nix32
-rw-r--r--krebs/4lib/infest/prepare.sh1
-rw-r--r--krebs/5pkgs/go/default.nix57
-rw-r--r--krebs/5pkgs/go/packages.nix44
-rw-r--r--krebs/default.nix1
8 files changed, 203 insertions, 33 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index a908d437b..0ca6c8033 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -13,6 +13,7 @@ let
./exim-smarthost.nix
./github-hosts-sync.nix
./git.nix
+ ./go.nix
./iptables.nix
./nginx.nix
./per-user.nix
diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix
new file mode 100644
index 000000000..793d1f60d
--- /dev/null
+++ b/krebs/3modules/go.nix
@@ -0,0 +1,66 @@
+{ config, lib, pkgs, ... }:
+
+with builtins;
+with lib;
+
+let
+ cfg = config.krebs.go;
+
+ out = {
+ options.krebs.go = api;
+ config = mkIf cfg.enable imp;
+ };
+
+ api = {
+ enable = mkEnableOption "Enable go url shortener";
+ port = mkOption {
+ type = types.str;
+ default = "1337";
+ description = "on which port go should run on";
+ };
+ redisKeyPrefix = mkOption {
+ type = types.str;
+ default = "go:";
+ description = "change the Redis key prefix which defaults to `go:`";
+ };
+ };
+
+ imp = {
+ services.redis = {
+ enable = mkDefault true;
+ bind = mkDefault "127.0.0.1";
+ };
+
+ users.extraUsers.go = {
+ name = "go";
+ uid = 42774411; #genid go
+ description = "go url shortener user";
+ home = "/var/lib/go";
+ createHome = true;
+ };
+
+ systemd.services.go = {
+ description = "go url shortener";
+ after = [ "network.target" ];
+ wantedBy = [ "multi-user.target" ];
+
+ path = with pkgs; [
+ go
+ ];
+
+ environment = {
+ PORT = cfg.port;
+ REDIS_KEY_PREFIX = cfg.redisKeyPrefix;
+ };
+
+ restartIfChanged = true;
+
+ serviceConfig = {
+ User = "go";
+ Restart = "always";
+ ExecStart = "${pkgs.go}/bin/go";
+ };
+ };
+ };
+
+in out
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index 2ad4353bd..26b0947bb 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -2,42 +2,14 @@
with lib;
-let
- testHosts = lib.genAttrs [
- "test-arch"
- "test-centos6"
- "test-centos7"
- ] (name: {
- inherit name;
- cores = 1;
- nets = {
- retiolum = {
- addrs4 = ["10.243.111.111"];
- addrs6 = ["42:0:0:0:0:0:0:7357"];
- aliases = [
- "test.retiolum"
- ];
- tinc.pubkey = ''
- -----BEGIN RSA PUBLIC KEY-----
- MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
- mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
- TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
- K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
- QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
- VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
- -----END RSA PUBLIC KEY-----
- '';
- };
- };
- });
-in {
+{
hosts = addNames {
echelon = {
cores = 2;
dc = "lass"; #dc = "cac";
nets = rec {
internet = {
- addrs4 = ["167.88.34.158"];
+ addrs4 = ["162.252.241.33"];
aliases = [
"echelon.internet"
];
@@ -241,7 +213,7 @@ in {
};
};
- } // testHosts;
+ };
users = addNames {
lass = {
pubkey = readFile ../../Zpubkeys/lass.ssh.pub;
diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix
index 24dd7b782..13aae886b 100644
--- a/krebs/3modules/shared/default.nix
+++ b/krebs/3modules/shared/default.nix
@@ -2,7 +2,35 @@
with lib;
-{
+let
+ testHosts = lib.genAttrs [
+ "test-arch"
+ "test-centos6"
+ "test-centos7"
+ ] (name: {
+ inherit name;
+ cores = 1;
+ nets = {
+ retiolum = {
+ addrs4 = ["10.243.111.111"];
+ addrs6 = ["42:0:0:0:0:0:0:7357"];
+ aliases = [
+ "test.retiolum"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAy41YKF/wpHLnN370MSdnAo63QUW30aw+6O79cnaJyxoL6ZQkk4Nd
+ mrX2tBIfb2hhhgm4Jecy33WVymoEL7EiRZ6gshJaYwte51Jnrac6IFQyiRGMqHY5
+ TG/6IzzTOkeQrT1fw3Yfh0NRfqLBZLr0nAFoqgzIVRxvy+QO1gCU2UDKkQ/y5df1
+ K+YsMipxU08dsOkPkmLdC/+vDaZiEdYljIS3Omd+ED5JmLM3MSs/ZPQ8xjkjEAy8
+ QqD9/67bDoeXyg1ZxED2n0+aRKtU/CK/66Li//yev6yv38OQSEM4t/V0dr9sjLcY
+ VIdkxKf96F9r3vcDf/9xw2HrqVoy+D5XYQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ });
+in {
hosts = addNames {
wolf = {
#dc = "shack";
@@ -32,7 +60,7 @@ with lib;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKYMXMWZIK0jjnZDM9INiYAKcwjXs2241vew54K8veCR";
};
- };
+ } // testHosts;
users = addNames {
shared = {
mail = "spam@krebsco.de";
diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh
index 182a068ef..0bfc49380 100644
--- a/krebs/4lib/infest/prepare.sh
+++ b/krebs/4lib/infest/prepare.sh
@@ -66,6 +66,7 @@ prepare_debian() {
type bzip2 2>/dev/null || apt-get install bzip2
type git 2>/dev/null || apt-get install git
type rsync 2>/dev/null || apt-get install rsync
+ type curl 2>/dev/null || apt-get install curl
prepare_common
}
diff --git a/krebs/5pkgs/go/default.nix b/krebs/5pkgs/go/default.nix
new file mode 100644
index 000000000..9dd166adc
--- /dev/null
+++ b/krebs/5pkgs/go/default.nix
@@ -0,0 +1,57 @@
+{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodePackages, nodejs }:
+
+with lib;
+
+let
+ np = nodePackages.override {
+ generated = ./packages.nix;
+ self = np;
+ };
+
+ node_env = buildEnv {
+ name = "node_env";
+ paths = [
+ np.redis
+ np."formidable"
+ ];
+ pathsToLink = [ "/lib" ];
+ ignoreCollisions = true;
+ };
+
+in nodePackages.buildNodePackage {
+ name = "go";
+
+ src = fetchgit {
+ url = "http://cgit.echelon/go/";
+ rev = "05d02740e0adbb36cc461323647f0c1e7f493156";
+ sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f";
+ };
+
+ phases = [
+ "unpackPhase"
+ "installPhase"
+ ];
+
+ deps = (filter (v: nixType v == "derivation") (attrValues np));
+
+ buildInputs = [
+ nodejs
+ makeWrapper
+ ];
+
+ installPhase = ''
+ mkdir -p $out/bin
+
+ cp index.js $out/
+ cat > $out/go << EOF
+ ${nodejs}/bin/node $out/index.js
+ EOF
+ chmod +x $out/go
+
+ wrapProgram $out/go \
+ --prefix NODE_PATH : ${node_env}/lib/node_modules
+
+ ln -s $out/go /$out/bin/go
+ '';
+
+}
diff --git a/krebs/5pkgs/go/packages.nix b/krebs/5pkgs/go/packages.nix
new file mode 100644
index 000000000..9acfd7658
--- /dev/null
+++ b/krebs/5pkgs/go/packages.nix
@@ -0,0 +1,44 @@
+{ self, fetchurl, fetchgit ? null, lib }:
+
+{
+ by-spec."formidable"."*" =
+ self.by-version."formidable"."1.0.17";
+ by-version."formidable"."1.0.17" = self.buildNodePackage {
+ name = "formidable-1.0.17";
+ version = "1.0.17";
+ bin = false;
+ src = fetchurl {
+ url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz";
+ name = "formidable-1.0.17.tgz";
+ sha1 = "ef5491490f9433b705faa77249c99029ae348559";
+ };
+ deps = {
+ };
+ optionalDependencies = {
+ };
+ peerDependencies = [];
+ os = [ ];
+ cpu = [ ];
+ };
+ "formidable" = self.by-version."formidable"."1.0.17";
+ by-spec."redis"."*" =
+ self.by-version."redis"."2.1.0";
+ by-version."redis"."2.1.0" = self.buildNodePackage {
+ name = "redis-2.1.0";
+ version = "2.1.0";
+ bin = false;
+ src = fetchurl {
+ url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz";
+ name = "redis-2.1.0.tgz";
+ sha1 = "38acb208f90750250f9451219b73ff08ae907f94";
+ };
+ deps = {
+ };
+ optionalDependencies = {
+ };
+ peerDependencies = [];
+ os = [ ];
+ cpu = [ ];
+ };
+ "redis" = self.by-version."redis"."2.1.0";
+}
diff --git a/krebs/default.nix b/krebs/default.nix
index bfd6175d9..ad0205426 100644
--- a/krebs/default.nix
+++ b/krebs/default.nix
@@ -11,6 +11,7 @@ let out = {
inherit infest;
inherit init;
inherit nixos-install;
+ inherit populate;
};
deploy =