summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
Diffstat (limited to 'krebs')
-rw-r--r--krebs/3modules/makefu/default.nix6
-rw-r--r--krebs/3modules/makefu/retiolum/cake_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/crapi.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/crapi_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/fileleech_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/filepimp_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/firecracker_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/flap_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/gum_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/nukular_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/omo_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/sdev_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/senderechner_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/studio_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/tsp_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/vbob.pub8
-rw-r--r--krebs/3modules/makefu/retiolum/vbob_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/wbob_ed25519.pub1
-rw-r--r--krebs/3modules/makefu/retiolum/x_ed25519.pub1
-rw-r--r--krebs/3modules/systemd.nix22
-rw-r--r--krebs/5pkgs/simple/ircaids/default.nix4
-rw-r--r--krebs/nixpkgs-unstable.json8
-rw-r--r--krebs/nixpkgs.json8
23 files changed, 51 insertions, 22 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 7780863a3..51c38b899 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -22,6 +22,12 @@ with import <stockholm/lib>;
(krebs.genipv6 "retiolum" "makefu" { inherit hostName; }).address;
};
})
+ # Retiolum ed25519 keys
+ (let
+ pubkey-path = ./retiolum + "/${hostName}_ed25519.pub";
+ in optionalAttrs (pathExists pubkey-path) {
+ nets.retiolum.tinc.pubkey_ed25519 = builtins.trace "using ed25519 key for host ${hostName}" (readFile pubkey-path);
+ })
# Wiregrill defaults
(let
pubkey-path = ./wiregrill + "/${hostName}.pub";
diff --git a/krebs/3modules/makefu/retiolum/cake_ed25519.pub b/krebs/3modules/makefu/retiolum/cake_ed25519.pub
new file mode 100644
index 000000000..6c6bf2b33
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/cake_ed25519.pub
@@ -0,0 +1 @@
+zlfSyJdG7vJmvkk1Ul3ZXUix2YduFYUMhM89nRdy8aE
diff --git a/krebs/3modules/makefu/retiolum/crapi.pub b/krebs/3modules/makefu/retiolum/crapi.pub
index 2b6104468..c66f24882 100644
--- a/krebs/3modules/makefu/retiolum/crapi.pub
+++ b/krebs/3modules/makefu/retiolum/crapi.pub
@@ -1,4 +1,3 @@
-Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66
OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L
diff --git a/krebs/3modules/makefu/retiolum/crapi_ed25519.pub b/krebs/3modules/makefu/retiolum/crapi_ed25519.pub
new file mode 100644
index 000000000..ce5a6f05a
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/crapi_ed25519.pub
@@ -0,0 +1 @@
+Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F
diff --git a/krebs/3modules/makefu/retiolum/fileleech_ed25519.pub b/krebs/3modules/makefu/retiolum/fileleech_ed25519.pub
new file mode 100644
index 000000000..ea93cfddb
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/fileleech_ed25519.pub
@@ -0,0 +1 @@
+2YSzoLSQN3k4HC8uozPb/nMmbrTa9eKOD2Ka9Iq8iXM
diff --git a/krebs/3modules/makefu/retiolum/filepimp_ed25519.pub b/krebs/3modules/makefu/retiolum/filepimp_ed25519.pub
new file mode 100644
index 000000000..7a62ff46f
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/filepimp_ed25519.pub
@@ -0,0 +1 @@
+aQDHnUzOhf8zhMOB/ufTaP4rQLrizfN135PVgfTLkaC
diff --git a/krebs/3modules/makefu/retiolum/firecracker_ed25519.pub b/krebs/3modules/makefu/retiolum/firecracker_ed25519.pub
new file mode 100644
index 000000000..76e6def7c
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/firecracker_ed25519.pub
@@ -0,0 +1 @@
+3QIlv3vsykhMlsrsHUbU/vneVbYiE6G1U7HPzK2AbRI
diff --git a/krebs/3modules/makefu/retiolum/flap_ed25519.pub b/krebs/3modules/makefu/retiolum/flap_ed25519.pub
new file mode 100644
index 000000000..47da38477
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/flap_ed25519.pub
@@ -0,0 +1 @@
+1o7+d8jjitc1vJB1sYFY8qvbcePssD6c+sgfxqq+BXD
diff --git a/krebs/3modules/makefu/retiolum/gum_ed25519.pub b/krebs/3modules/makefu/retiolum/gum_ed25519.pub
new file mode 100644
index 000000000..5b6f2426e
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/gum_ed25519.pub
@@ -0,0 +1 @@
+6M/fxVpfUCpbWvOXR9eHjt3o7sgjAEoIT/hXcDN970E
diff --git a/krebs/3modules/makefu/retiolum/nukular_ed25519.pub b/krebs/3modules/makefu/retiolum/nukular_ed25519.pub
new file mode 100644
index 000000000..0cae03b83
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/nukular_ed25519.pub
@@ -0,0 +1 @@
+nL4hL0aJvufqdSvTafAnc/g0wjznIwuHlEq/h/OxEsF
diff --git a/krebs/3modules/makefu/retiolum/omo_ed25519.pub b/krebs/3modules/makefu/retiolum/omo_ed25519.pub
new file mode 100644
index 000000000..dd11ab7dd
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/omo_ed25519.pub
@@ -0,0 +1 @@
+SVuxrF4CQGRl3evQurw0wh44g72/0qwRACF+/n2i2rE
diff --git a/krebs/3modules/makefu/retiolum/sdev_ed25519.pub b/krebs/3modules/makefu/retiolum/sdev_ed25519.pub
new file mode 100644
index 000000000..fef79aa68
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/sdev_ed25519.pub
@@ -0,0 +1 @@
+OxXCkjs3OzIsMXcSVcr7dJD55iRFRjUc0eERPdU1OjO
diff --git a/krebs/3modules/makefu/retiolum/senderechner_ed25519.pub b/krebs/3modules/makefu/retiolum/senderechner_ed25519.pub
new file mode 100644
index 000000000..f0968aa12
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/senderechner_ed25519.pub
@@ -0,0 +1 @@
+LegGLszL9hZXoanCQnv0VxuoLviT2K/yvQGYuCsloUH
diff --git a/krebs/3modules/makefu/retiolum/studio_ed25519.pub b/krebs/3modules/makefu/retiolum/studio_ed25519.pub
new file mode 100644
index 000000000..13a09ad1b
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/studio_ed25519.pub
@@ -0,0 +1 @@
+WLUvBME38jEpXIEFniyVIjyvMw7JTNJBQb/NIXcxmzL
diff --git a/krebs/3modules/makefu/retiolum/tsp_ed25519.pub b/krebs/3modules/makefu/retiolum/tsp_ed25519.pub
new file mode 100644
index 000000000..c7baf9067
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/tsp_ed25519.pub
@@ -0,0 +1 @@
+gzMYJY6/6sgG4ZgYWzeDs6svTvsDIeJEAGxPbrJUFVN
diff --git a/krebs/3modules/makefu/retiolum/vbob.pub b/krebs/3modules/makefu/retiolum/vbob.pub
new file mode 100644
index 000000000..168437e78
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/vbob.pub
@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA+0TIo0dS9LtSdrmH0ClPHLO7dHtV9Dj7gaBAsbyuwxAI5cQgYKwr
+4G6t7IcJW+Gu2bh+LKtPP91+zYXq4Qr1nAaKw4ajsify6kpxsCBzknmwi6ibIJMI
+AK114dr/XSk/Pc6hOSA8kqDP4c0MZXwitRBiNjrWbTrQh6GJ3CXhmpZ2lJkoAyNP
+hjdPerbTUrhQlNW8FanyQQzOgN5I7/PXsZShmb3iNKz1Ban5yWKFCVpn8fjWQs5o
+Un2AKowH4Y+/g8faGemL8uy/k5xrHSrn05L92TPDUpAXrcZXzo6ao1OBiwJJVl7s
+AVduOY18FU82GUw7edR0e/b2UC6hUONflwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/krebs/3modules/makefu/retiolum/vbob_ed25519.pub b/krebs/3modules/makefu/retiolum/vbob_ed25519.pub
new file mode 100644
index 000000000..5e287f36b
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/vbob_ed25519.pub
@@ -0,0 +1 @@
+fRPhdsYqwPuYgL2p/CmAUCVykU9GbiRfHQ8SULPQNGE
diff --git a/krebs/3modules/makefu/retiolum/wbob_ed25519.pub b/krebs/3modules/makefu/retiolum/wbob_ed25519.pub
new file mode 100644
index 000000000..eeef652e2
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/wbob_ed25519.pub
@@ -0,0 +1 @@
+b3uia4Sns0ljQrccLE0QxzeAB4APTiJEB98neQQosdF
diff --git a/krebs/3modules/makefu/retiolum/x_ed25519.pub b/krebs/3modules/makefu/retiolum/x_ed25519.pub
new file mode 100644
index 000000000..fbf63d08e
--- /dev/null
+++ b/krebs/3modules/makefu/retiolum/x_ed25519.pub
@@ -0,0 +1 @@
+81FOjlXXS22WWZzLnL4sDCuXmvMoYkbhy0wlBlr60zM
diff --git a/krebs/3modules/systemd.nix b/krebs/3modules/systemd.nix
index 294f80a3c..194e8b24a 100644
--- a/krebs/3modules/systemd.nix
+++ b/krebs/3modules/systemd.nix
@@ -5,18 +5,18 @@
default = {};
type = lib.types.attrsOf (lib.types.submodule {
options = {
- ifCredentialsChange = lib.mkOption {
- default = "restart";
+ restartIfCredentialsChange = lib.mkOption {
+ # Enabling this by default only makes sense here as the user already
+ # bothered to write down krebs.systemd.services.* = {}. If this
+ # functionality gets upstreamed to systemd.services, restarting
+ # should be disabled by default.
+ default = true;
description = ''
- Whether to reload or restart the service whenever any its
- credentials change. Only credentials with an absolute path in
- LoadCredential= are supported.
+ Whether to restart the service whenever any of its credentials
+ change. Only credentials with an absolute path in LoadCredential=
+ are supported.
'';
- type = lib.types.enum [
- "reload"
- "restart"
- null
- ];
+ type = lib.types.bool;
};
};
});
@@ -40,7 +40,7 @@
lib.nameValuePair "trigger-${lib.systemd.encodeName serviceName}" {
serviceConfig = {
Type = "oneshot";
- ExecStart = "${pkgs.systemd}/bin/systemctl ${cfg.ifCredentialsChange} ${lib.shell.escape serviceName}";
+ ExecStart = "${pkgs.systemd}/bin/systemctl restart ${lib.shell.escape serviceName}";
};
}
) config.krebs.systemd.services;
diff --git a/krebs/5pkgs/simple/ircaids/default.nix b/krebs/5pkgs/simple/ircaids/default.nix
index cffd4aa76..22281161d 100644
--- a/krebs/5pkgs/simple/ircaids/default.nix
+++ b/krebs/5pkgs/simple/ircaids/default.nix
@@ -2,12 +2,12 @@
stdenv.mkDerivation rec {
pname = "ircaids";
- version = "1.2.0";
+ version = "1.3.0";
src = pkgs.fetchgit {
url = "https://cgit.krebsco.de/ircaids";
rev = "refs/tags/${version}";
- sha256 = "049ln54llfrn99q0pzwlb7iaz4igd4f3n4rb6mpc9irsy32bv3qg";
+ sha256 = "128ryfl0prpc1789hhqw2mq16zy3jd82a24k6hkw7nj71hifzr3a";
};
buildPhase = null;
diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json
index babaad004..cab3ab115 100644
--- a/krebs/nixpkgs-unstable.json
+++ b/krebs/nixpkgs-unstable.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "ac169ec6371f0d835542db654a65e0f2feb07838",
- "date": "2021-12-26T18:43:05+01:00",
- "path": "/nix/store/l1qmvpx4pj24ijsm44n64vw2fnl9dpc7-nixpkgs",
- "sha256": "0bwjyz15sr5f7z0niwls9127hikp2b6fggisysk0cnk3l6fa8abh",
+ "rev": "59bfda72480496f32787cec8c557182738b1bd3f",
+ "date": "2021-12-31T15:09:52+01:00",
+ "path": "/nix/store/wy2iidg15nwgmn8xir8fbr1lfz1hqphb-nixpkgs",
+ "sha256": "18akd1chfvniq1q774rigfxgmxwi0wyjljpa1j9ls59szpzr316d",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index f90e6b08c..43f298973 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,9 +1,9 @@
{
"url": "https://github.com/NixOS/nixpkgs",
- "rev": "573095944e7c1d58d30fc679c81af63668b54056",
- "date": "2021-12-10T10:33:46-08:00",
- "path": "/nix/store/c0bvhzf1xsjrmzrda8jasa1da76x0zyk-nixpkgs",
- "sha256": "07s5cwhskqvy82b4rld9b14ljc0013pig23i3jx3l3f957rk95pg",
+ "rev": "d1e59cfc49961e121583abe32e2f3db1550fbcff",
+ "date": "2022-01-01T22:20:39+08:00",
+ "path": "/nix/store/azrxsxpszjwgg75jk1pkzlzjcj0qnw8d-nixpkgs",
+ "sha256": "03ldf1dlxqf3g8qh9x5vp6vd9zvvr481fyjds111imll69y60wpm",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,