diff options
Diffstat (limited to 'krebs')
| -rw-r--r-- | krebs/5pkgs/simple/Reaktor/plugins.nix | 23 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/generate-secrets/default.nix | 46 | ||||
| -rw-r--r-- | krebs/5pkgs/simple/zandronum-bin/default.nix | 83 | ||||
| -rw-r--r-- | krebs/kops.nix | 4 | ||||
| -rw-r--r-- | krebs/source.nix | 5 |
5 files changed, 67 insertions, 94 deletions
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index bcfcbf76b..f3b771190 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -120,11 +120,24 @@ rec { url-title = (buildSimpleReaktorPlugin "url-title" { pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; - script = pkgs.writeDash "lambda-pl" '' - if [ "$#" -gt 0 ]; then - curl -SsL --max-time 5 "$1" | - perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)\s*<\/title/si' - fi + script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" '' + import sys + import urllib.request + from bs4 import BeautifulSoup + + try: + soup = BeautifulSoup(urllib.request.urlopen(sys.argv[1]), "lxml") + title = soup.find('title').string + + if title: + if len(title) > 512: + print('message to long, skipped') + elif len(title.split('\n')) > 5: + print('to many lines, skipped') + else: + print(title) + except: # noqa: E722 + pass ''; }); diff --git a/krebs/5pkgs/simple/generate-secrets/default.nix b/krebs/5pkgs/simple/generate-secrets/default.nix new file mode 100644 index 000000000..a800ff543 --- /dev/null +++ b/krebs/5pkgs/simple/generate-secrets/default.nix @@ -0,0 +1,46 @@ +{ pkgs }: +pkgs.writeDashBin "generate-secrets" '' + HOSTNAME="$1" + TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d) + PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1) + HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null + + ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null + ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null + ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null + cat <<EOF > $TMPDIR/hashedPasswords.nix + { + root = "$HASHED_PASSWORD"; + } + EOF + + cd $TMPDIR + for x in *; do + ${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null + done + echo $PASSWORD | ${pkgs.brain}/bin/brain insert -m hosts/$HOSTNAME/root > /dev/null + + cat <<EOF + $HOSTNAME = { + cores = 1; + owner = config.krebs.users.krebs; + nets = { + retiolum = { + ip4.addr = "10.243.0.changeme"; + ip6.addr = "42:0:0:0:0:0:0:changeme"; + aliases = [ + "$HOSTNAME.r" + ]; + tinc.pubkey = ${"''"} + $(cat $TMPDIR/retiolum.rsa_key.pub) + ${"''"}; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)"; + }; + EOF + + rm -rf $TMPDIR +'' + diff --git a/krebs/5pkgs/simple/zandronum-bin/default.nix b/krebs/5pkgs/simple/zandronum-bin/default.nix deleted file mode 100644 index e97f46add..000000000 --- a/krebs/5pkgs/simple/zandronum-bin/default.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ stdenv -, atk -, bzip2 -, cairo -, fetchurl -, fluidsynth -, fontconfig -, freetype -, gdk_pixbuf -, glib -, gtk2 -, libjpeg_turbo -, mesa_glu -, mesa_noglu -, openssl -, pango -, SDL -, zlib -, makeWrapper -}: - -stdenv.mkDerivation rec { - name = "zandronum-3.0"; - - src = fetchurl { - url = "http://zandronum.com/downloads/testing/3.0/ZandroDev3.0-170205-2117linux-x86_64.tar.bz2"; - sha256 = "17vrzk0m5b17sp3sqcg57r7812ma97lp3qxn9hmd39fwl1z40fz3"; - }; - - libPath = stdenv.lib.makeLibraryPath [ - atk - bzip2 - cairo - fluidsynth - fontconfig - freetype - gdk_pixbuf - glib - gtk2 - libjpeg_turbo - mesa_glu - mesa_noglu - openssl - pango - SDL - stdenv.cc.cc - zlib - ]; - - nativeBuildInputs = [ makeWrapper ]; - - phases = [ "unpackPhase" "installPhase" ]; - - sourceRoot = "."; - - installPhase = '' - mkdir -p $out/bin - mkdir -p $out/share/zandronum - cp *.so *.pk3 zandronum zandronum-server $out/share/zandronum - - patchelf \ - --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \ - --set-rpath $libPath:$out/share/zandronum \ - $out/share/zandronum/zandronum - patchelf \ - --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \ - --set-rpath $libPath \ - $out/share/zandronum/zandronum-server - - # If we don't set absolute argv0, zandronum.wad file is not found. - makeWrapper $out/share/zandronum/zandronum $out/bin/zandronum - makeWrapper $out/share/zandronum/zandronum-server $out/bin/zandronum-server - ''; - - meta = { - homepage = http://zandronum.com/; - description = "Multiplayer oriented port, based off Skulltag, for Doom and Doom II by id Software. Binary version for online play"; - maintainers = [ stdenv.lib.maintainers.lassulus ]; - # Binary version has different version string than source code version. - license = stdenv.lib.licenses.unfreeRedistributable; - platforms = [ "x86_64-linux" ]; - }; -} diff --git a/krebs/kops.nix b/krebs/kops.nix index 9774b5cab..f544b93d2 100644 --- a/krebs/kops.nix +++ b/krebs/kops.nix @@ -13,10 +13,10 @@ krebs-source = { nixpkgs.git = { - ref = "09bca91e3b5a18d7f37f7632175ac71f2bf369ff"; + ref = "4b4bbce199d3b3a8001ee93495604289b01aaad3"; url = https://github.com/NixOS/nixpkgs; }; - stockholm.file = toString ~/stockholm; + stockholm.file = toString ../.; stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" '' set -efu cd $HOME/stockholm diff --git a/krebs/source.nix b/krebs/source.nix index 1f83d29f7..3ee12b37f 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -22,10 +22,7 @@ in }; stockholm.file = toString <stockholm>; stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - ref = "09bca91e3b5a18d7f37f7632175ac71f2bf369ff"; # nixos-18.03 # 2018-04-02 - }; + nixpkgs = (import ./kops.nix { name = ""; }).krebs-source.nixpkgs; } override ] |