diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/2configs/binary-cache/prism.nix | 2 | ||||
-rw-r--r-- | krebs/2configs/cache.nsupdate.info.nix | 8 | ||||
-rw-r--r-- | krebs/2configs/news-spam.nix | 310 | ||||
-rw-r--r-- | krebs/3modules/Reaktor.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/bepasty-server.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/cachecache.nix | 20 | ||||
-rw-r--r-- | krebs/3modules/default.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/external/default.nix | 306 | ||||
-rw-r--r-- | krebs/3modules/fetchWallpaper.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/git.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/jeschli/default.nix | 19 | ||||
-rw-r--r-- | krebs/3modules/krebs/default.nix | 26 | ||||
-rw-r--r-- | krebs/3modules/lass/default.nix | 464 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 102 | ||||
-rw-r--r-- | krebs/3modules/makefu/ssh/ulrich.pub | 2 | ||||
-rw-r--r-- | krebs/3modules/tinc_graphs.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/tv/default.nix | 22 | ||||
-rw-r--r-- | krebs/5pkgs/simple/cabal-read.nix | 35 |
18 files changed, 713 insertions, 617 deletions
diff --git a/krebs/2configs/binary-cache/prism.nix b/krebs/2configs/binary-cache/prism.nix index 46b386e14..51b4a1afc 100644 --- a/krebs/2configs/binary-cache/prism.nix +++ b/krebs/2configs/binary-cache/prism.nix @@ -3,7 +3,7 @@ { nix = { binaryCaches = [ - "http://cache.prism.r" + "https://cache.krebsco.de" ]; binaryCachePublicKeys = [ "cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU=" diff --git a/krebs/2configs/cache.nsupdate.info.nix b/krebs/2configs/cache.nsupdate.info.nix index 056667d8c..74f345614 100644 --- a/krebs/2configs/cache.nsupdate.info.nix +++ b/krebs/2configs/cache.nsupdate.info.nix @@ -1,4 +1,4 @@ -{lib, ... }: +{ pkgs, lib, ... }: with lib; let domain = "cache.nsupdate.info"; @@ -17,9 +17,13 @@ in { }; krebs.cachecache = { enable = true; - enableSSL = false; # disable letsencrypt for testing + enableSSL = true; # disable letsencrypt for testing cacheDir = "/var/cache/nix-cache-cache"; maxSize = "10g"; + indexFile = pkgs.fetchurl { + url = "https://raw.githubusercontent.com/krebs/35c3-nixos-cache/master/index.html"; + sha256 = "1vlngzbn0jipigspccgikd7xgixksimdl4wf8ix7d30ljx47p9n0"; + }; # assumes that the domain is reachable from the internet virtualHost = domain; diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix index 88b7e1072..a8c658858 100644 --- a/krebs/2configs/news-spam.nix +++ b/krebs/2configs/news-spam.nix @@ -4,161 +4,161 @@ krebs.newsbot-js.news-spam = { urlShortenerHost = "go.lassul.us"; feeds = pkgs.writeText "feeds" '' - [SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews - [SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews - [SPAM]antirez|http://antirez.com/rss|#snews - [SPAM]archlinux|http://www.archlinux.org/feeds/news/|#snews - [SPAM]ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews - [SPAM]augustl|http://augustl.com/atom.xml|#snews - [SPAM]bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews - [SPAM]bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews - [SPAM]bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews - [SPAM]bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews - [SPAM]bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews - [SPAM]bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews - [SPAM]cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews - [SPAM]carta|http://feeds2.feedburner.com/carta-standard-rss|#snews - [SPAM]catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews - [SPAM]cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews - [SPAM]cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews - [SPAM]cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews - [SPAM]cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews - [SPAM]cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews - [SPAM]ccc|http://www.ccc.de/rss/updates.rdf|#snews - [SPAM]chan_biz|http://boards.4chan.org/biz/index.rss|#snews - [SPAM]chan_g|http://boards.4chan.org/g/index.rss|#snews - [SPAM]chan_int|http://boards.4chan.org/int/index.rss|#snews - [SPAM]chan_sci|http://boards.4chan.org/sci/index.rss|#snews - [SPAM]chan_x|http://boards.4chan.org/x/index.rss|#snews - [SPAM]c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews - [SPAM]cryptogon|http://www.cryptogon.com/?feed=rss2|#snews - [SPAM]csm|http://rss.csmonitor.com/feeds/csm|#snews - [SPAM]csm_world|http://rss.csmonitor.com/feeds/world|#snews - [SPAM]danisch|http://www.danisch.de/blog/feed/|#snews - [SPAM]dod|http://www.defense.gov/news/afps2.xml|#snews - [SPAM]dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews - [SPAM]ecat|http://ecat.com/feed|#snews - [SPAM]eia_press|http://www.eia.gov/rss/press_rss.xml|#snews - [SPAM]eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews - [SPAM]embargowatch|https://embargowatch.wordpress.com/feed/|#snews - [SPAM]ethereum-comments|http://blog.ethereum.org/comments/feed|#snews - [SPAM]ethereum|http://blog.ethereum.org/feed|#snews - [SPAM]europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews - [SPAM]eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews - [SPAM]exploitdb|http://www.exploit-db.com/rss.xml|#snews - [SPAM]fars|http://www.farsnews.com/rss.php|#snews #test - [SPAM]faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews - [SPAM]faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews - [SPAM]faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews - [SPAM]fbi|https://www.fbi.gov/news/rss.xml|#snews - [SPAM]fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews - [SPAM]fefe|http://blog.fefe.de/rss.xml|#snews - [SPAM]forbes|http://www.forbes.com/forbes/feed2/|#snews - [SPAM]forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews - [SPAM]fox|http://feeds.foxnews.com/foxnews/latest|#snews - [SPAM]geheimorganisation|http://geheimorganisation.org/feed/|#snews - [SPAM]GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews - [SPAM]gmanet|http://www.gmanetwork.com/news/rss/news|#snews - [SPAM]golem|http://rss.golem.de/rss.php|#snews - [SPAM]google|http://news.google.com/?output=rss|#snews - [SPAM]greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews - [SPAM]guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews - [SPAM]gulli|http://ticker.gulli.com/rss/|#snews - [SPAM]hackernews|https://news.ycombinator.com/rss|#snews - [SPAM]handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews - [SPAM]heise|https://www.heise.de/newsticker/heise-atom.xml|#snews - [SPAM]hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews - [SPAM]hindu|http://www.thehindu.com/?service=rss|#snews - [SPAM]ign|http://feeds.ign.com/ign/all|#snews - [SPAM]independent|http://www.independent.com/rss/headlines/|#snews - [SPAM]indymedia|https://de.indymedia.org/rss.xml|#snews - [SPAM]info_libera|http://www.informationliberation.com/rss.xml|#snews - [SPAM]klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews - [SPAM]korea_herald|http://www.koreaherald.com/rss_xml.php|#snews - [SPAM]linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews - [SPAM]lisp|http://planet.lisp.org/rss20.xml|#snews - [SPAM]liveleak|http://www.liveleak.com/rss|#snews - [SPAM]lolmythesis|http://lolmythesis.com/rss|#snews - [SPAM]LtU|http://lambda-the-ultimate.org/rss.xml|#snews - [SPAM]lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews - [SPAM]mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews - [SPAM]mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews - [SPAM]nds|http://www.nachdenkseiten.de/?feed=atom|#snews - [SPAM]netzpolitik|https://netzpolitik.org/feed/|#snews - [SPAM]newsbtc|http://newsbtc.com/feed/|#snews - [SPAM]nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews - [SPAM]npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews - [SPAM]npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews - [SPAM]npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews - [SPAM]npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews - [SPAM]nsa|https://www.nsa.gov/rss.xml|#snews #bullerei - [SPAM]nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews - [SPAM]painload|https://github.com/krebs/painload/commits/master.atom|#snews - [SPAM]phys|http://phys.org/rss-feed/|#snews - [SPAM]piraten|https://www.piratenpartei.de/feed/|#snews - [SPAM]polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews - [SPAM]presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews - [SPAM]presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews - [SPAM]prisonplanet|http://prisonplanet.com/feed.rss|#snews - [SPAM]rawstory|http://www.rawstory.com/rs/feed/|#snews - [SPAM]reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews - [SPAM]reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews - [SPAM]reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews - [SPAM]reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews - [SPAM]reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews - [SPAM]reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews - [SPAM]reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews - [SPAM]reddit_sci|http://www.reddit.com/r/science/.rss|#snews - [SPAM]reddit_tech|http://www.reddit.com/r/technology/.rss|#snews - [SPAM]reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews - [SPAM]reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews - [SPAM]r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews - [SPAM]reuters|http://feeds.reuters.com/Reuters/worldNews|#snews - [SPAM]reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews - [SPAM]rt|http://rt.com/rss/news/|#snews - [SPAM]schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews - [SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews - [SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews - [SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews - [SPAM]shackspace|http://shackspace.de/atom.xml|#snews - [SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews - [SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews - [SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews - [SPAM]sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews - [SPAM]sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews - [SPAM]sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews - [SPAM]slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews - [SPAM]slate|http://feeds.slate.com/slate|#snews - [SPAM]spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews - [SPAM]spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews - [SPAM]standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews - [SPAM]stern|http://www.stern.de/feed/standard/all/|#snews - [SPAM]stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews - [SPAM]sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews - [SPAM]sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews - [SPAM]sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews - [SPAM]tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews - [SPAM]taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews - [SPAM]telegraph|http://www.telegraph.co.uk/rss.xml|#snews - [SPAM]telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews - [SPAM]the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews - [SPAM]tigsource|http://www.tigsource.com/feed/|#snews - [SPAM]tinc|http://tinc-vpn.org/news/index.rss|#snews - [SPAM]torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews - [SPAM]torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews - [SPAM]torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews - [SPAM]travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews - [SPAM]un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews - [SPAM]un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews - [SPAM]un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews - [SPAM]un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews - [SPAM]un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews - [SPAM]un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews - [SPAM]us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews - [SPAM]vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews - [SPAM]weechat|http://dev.weechat.org/feed/atom|#snews - [SPAM]xkcd|https://xkcd.com/rss.xml|#snews - [SPAM]zdnet|http://www.zdnet.com/news/rss.xml|#snews + _aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews + _allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews + _antirez|http://antirez.com/rss|#snews + _archlinux|http://www.archlinux.org/feeds/news/|#snews + _ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews + _augustl|http://augustl.com/atom.xml|#snews + _bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews + _bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews + _bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews + _bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews + _bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews + _bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews + _cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews + _carta|http://feeds2.feedburner.com/carta-standard-rss|#snews + _catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews + _cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews + _cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews + _cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews + _cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews + _cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews + _ccc|http://www.ccc.de/rss/updates.rdf|#snews + _chan_biz|http://boards.4chan.org/biz/index.rss|#snews + _chan_g|http://boards.4chan.org/g/index.rss|#snews + _chan_int|http://boards.4chan.org/int/index.rss|#snews + _chan_sci|http://boards.4chan.org/sci/index.rss|#snews + _chan_x|http://boards.4chan.org/x/index.rss|#snews + _c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews + _cryptogon|http://www.cryptogon.com/?feed=rss2|#snews + _csm|http://rss.csmonitor.com/feeds/csm|#snews + _csm_world|http://rss.csmonitor.com/feeds/world|#snews + _danisch|http://www.danisch.de/blog/feed/|#snews + _dod|http://www.defense.gov/news/afps2.xml|#snews + _dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews + _ecat|http://ecat.com/feed|#snews + _eia_press|http://www.eia.gov/rss/press_rss.xml|#snews + _eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews + _embargowatch|https://embargowatch.wordpress.com/feed/|#snews + _ethereum-comments|http://blog.ethereum.org/comments/feed|#snews + _ethereum|http://blog.ethereum.org/feed|#snews + _europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews + _eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews + _exploitdb|http://www.exploit-db.com/rss.xml|#snews + _fars|http://www.farsnews.com/rss.php|#snews #test + _faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews + _faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews + _faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews + _fbi|https://www.fbi.gov/news/rss.xml|#snews + _fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews + _fefe|http://blog.fefe.de/rss.xml|#snews + _forbes|http://www.forbes.com/forbes/feed2/|#snews + _forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews + _fox|http://feeds.foxnews.com/foxnews/latest|#snews + _geheimorganisation|http://geheimorganisation.org/feed/|#snews + _GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews + _gmanet|http://www.gmanetwork.com/news/rss/news|#snews + _golem|http://rss.golem.de/rss.php|#snews + _google|http://news.google.com/?output=rss|#snews + _greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews + _guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews + _gulli|http://ticker.gulli.com/rss/|#snews + _hackernews|https://news.ycombinator.com/rss|#snews + _handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews + _heise|https://www.heise.de/newsticker/heise-atom.xml|#snews + _hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews + _hindu|http://www.thehindu.com/?service=rss|#snews + _ign|http://feeds.ign.com/ign/all|#snews + _independent|http://www.independent.com/rss/headlines/|#snews + _indymedia|https://de.indymedia.org/rss.xml|#snews + _info_libera|http://www.informationliberation.com/rss.xml|#snews + _klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews + _korea_herald|http://www.koreaherald.com/rss_xml.php|#snews + _linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews + _lisp|http://planet.lisp.org/rss20.xml|#snews + _liveleak|http://www.liveleak.com/rss|#snews + _lolmythesis|http://lolmythesis.com/rss|#snews + _LtU|http://lambda-the-ultimate.org/rss.xml|#snews + _lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews + _mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews + _mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews + _nds|http://www.nachdenkseiten.de/?feed=atom|#snews + _netzpolitik|https://netzpolitik.org/feed/|#snews + _newsbtc|http://newsbtc.com/feed/|#snews + _nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews + _npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews + _npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews + _npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews + _npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews + _nsa|https://www.nsa.gov/rss.xml|#snews #bullerei + _nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews + _painload|https://github.com/krebs/painload/commits/master.atom|#snews + _phys|http://phys.org/rss-feed/|#snews + _piraten|https://www.piratenpartei.de/feed/|#snews + _polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews + _presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews + _presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews + _prisonplanet|http://prisonplanet.com/feed.rss|#snews + _rawstory|http://www.rawstory.com/rs/feed/|#snews + _reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews + _reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews + _reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews + _reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews + _reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews + _reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews + _reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews + _reddit_sci|http://www.reddit.com/r/science/.rss|#snews + _reddit_tech|http://www.reddit.com/r/technology/.rss|#snews + _reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews + _reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews + _r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews + _reuters|http://feeds.reuters.com/Reuters/worldNews|#snews + _reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews + _rt|http://rt.com/rss/news/|#snews + _schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews + _sciencemag|http://news.sciencemag.org/rss/current.xml|#snews + _scmp|http://www.scmp.com/rss/91/feed|#snews + _sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews + _shackspace|http://shackspace.de/atom.xml|#snews + _shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews + _sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews + _sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews + _sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews + _sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews + _sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews + _slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews + _slate|http://feeds.slate.com/slate|#snews + _spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews + _spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews + _standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews + _stern|http://www.stern.de/feed/standard/all/|#snews + _stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews + _sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews + _sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews + _sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews + _tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews + _taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews + _telegraph|http://www.telegraph.co.uk/rss.xml|#snews + _telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews + _the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews + _tigsource|http://www.tigsource.com/feed/|#snews + _tinc|http://tinc-vpn.org/news/index.rss|#snews + _torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews + _torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews + _torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews + _travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews + _un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews + _un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews + _un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews + _un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews + _un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews + _un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews + _us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews + _vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews + _weechat|http://dev.weechat.org/feed/atom|#snews + _xkcd|https://xkcd.com/rss.xml|#snews + _zdnet|http://www.zdnet.com/news/rss.xml|#snews ''; }; } diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index 677b6f7b8..669483f3c 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -8,7 +8,7 @@ let out = { options.krebs.Reaktor = api; - config = imp; + config = mkIf (cfg != {}) imp; }; api = mkOption { diff --git a/krebs/3modules/bepasty-server.nix b/krebs/3modules/bepasty-server.nix index dd29a4e17..e12367b7c 100644 --- a/krebs/3modules/bepasty-server.nix +++ b/krebs/3modules/bepasty-server.nix @@ -143,12 +143,12 @@ let ) cfg.servers; users.extraUsers.bepasty = { - uid = genid "bepasty"; + uid = genid_uint31 "bepasty"; group = "bepasty"; home = "/var/lib/bepasty-server"; }; users.extraGroups.bepasty = { - gid = genid "bepasty"; + gid = genid_uint31 "bepasty"; }; }; diff --git a/krebs/3modules/cachecache.nix b/krebs/3modules/cachecache.nix index 989320480..2c2d07ff5 100644 --- a/krebs/3modules/cachecache.nix +++ b/krebs/3modules/cachecache.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ pkgs, config, lib, ... }: # fork of https://gist.github.com/rycee/f495fc6cc4130f155e8b670609a1e57b @@ -59,15 +59,6 @@ in ''; }; - # webRoot = mkOption { - # type = types.str; - # default = "/"; - # description = '' - # Directory on virtual host that serves the cache. Must end in - # <literal>/</literal>. - # ''; - # }; - resolver = mkOption { type = types.str; description = "Address of DNS resolver."; @@ -82,6 +73,13 @@ in Where nginx should store cached data. ''; }; + indexFile = mkOption { + type = types.path; + default = pkgs.writeText "myindex" "<html>hello world</html>"; + description = '' + Path to index.html file. + ''; + }; maxSize = mkOption { type = types.str; @@ -98,6 +96,7 @@ in systemd.services.nginx.preStart = '' mkdir -p ${cfg.cacheDir} /srv/www/nix-cache-cache chmod 700 ${cfg.cacheDir} /srv/www/nix-cache-cache + ln -fs ${cfg.indexFile} /srv/www/nix-cache-cache/index.html chown ${nginxCfg.user}:${nginxCfg.group} \ ${cfg.cacheDir} /srv/www/nix-cache-cache ''; @@ -143,6 +142,7 @@ in locations."/" = { root = "/srv/www/nix-cache-cache"; + index = "index.html"; extraConfig = '' expires max; add_header Cache-Control $nix_cache_cache_header always; diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 24cbd9cc9..2e7c61fb5 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -109,6 +109,7 @@ let }; imp = lib.mkMerge [ + { krebs = import ./external { inherit config; }; } { krebs = import ./jeschli { inherit config; }; } { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } @@ -121,6 +122,7 @@ let shack = "hosts"; i = "hosts"; r = "hosts"; + w = "hosts"; }; krebs.users = { diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix new file mode 100644 index 000000000..02d28ddc8 --- /dev/null +++ b/krebs/3modules/external/default.nix @@ -0,0 +1,306 @@ +with import <stockholm/lib>; +{ config, ... }: let + + hostDefaults = hostName: host: flip recursiveUpdate host ({ + ci = false; + external = true; + monitoring = false; + } // optionalAttrs (host.nets?retiolum) { + nets.retiolum.ip6.addr = + (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address; + }); + +in { + hosts = mapAttrs hostDefaults { + sokrateslaptop = { + owner = config.krebs.users.sokratess; + nets = { + retiolum = { + ip4.addr = "10.243.142.104"; + aliases = [ + "sokrateslaptop.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2 + t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ + rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW + egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5 + aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V + VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + kruck = { + owner = config.krebs.users.palo; + nets = { + retiolum = { + ip4.addr = "10.243.29.201"; + aliases = [ + "kruck.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh + QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA + EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U + uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/ + /RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR + 9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s + qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH + gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj + jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs + fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5 + TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + scardanelli = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.2"; + aliases = [ + "scardanelli.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/ + MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge + UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi + kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0 + gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx + we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY + QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm + SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL + 2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f + m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q + FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5 + lM61fOMcVW1KREdWypiDtu8CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + homeros = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.1"; + aliases = [ + "homeros.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd + ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc + 6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v + RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd + vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3 + +LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc + QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm + fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh + VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7 + k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX + gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N + mJ/hywVtvLxNkNimyztoKKMCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + turingmachine = { + owner = config.krebs.users.Mic92; + nets = { + retiolum = { + ip4.addr = "10.243.29.168"; + aliases = [ + "turingmachine.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C + t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9 + 6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8 + ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g + nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06 + 5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT + 1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1 + gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl + DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL + W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW + OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + eddie = { + owner = config.krebs.users.Mic92; + nets = rec { + internet = { + # eddie.thalheim.io + ip4.addr = "129.215.197.11"; + aliases = [ "eddie.i" ]; + }; + retiolum = { + via = internet; + addrs = [ + config.krebs.hosts.eddie.nets.retiolum.ip4.addr + config.krebs.hosts.eddie.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.170"; + aliases = [ "eddie.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d + j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm + 3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF + 2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua + KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq + iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t + 6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD + kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u + hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay + pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ + lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + tinc.subnets = [ + # edinburgh university + "129.215.0.0/16" + ]; + }; + }; + }; + rock = { + owner = config. |