diff options
Diffstat (limited to 'krebs')
38 files changed, 811 insertions, 1376 deletions
diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index c0fa38284..a100e414d 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - { config, lib, pkgs, ... }: { diff --git a/krebs/1systems/news/config.nix b/krebs/1systems/news/config.nix new file mode 100644 index 000000000..5c4b37aef --- /dev/null +++ b/krebs/1systems/news/config.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + <stockholm/krebs> + <stockholm/krebs/2configs> + + <stockholm/krebs/2configs/ircd.nix> + <stockholm/krebs/2configs/go.nix> + + #### NEWS #### + <stockholm/krebs/2configs/ircd.nix> + <stockholm/krebs/2configs/news.nix> + ]; + + krebs.build.host = config.krebs.hosts.news; + + boot.isContainer = true; + networking.useDHCP = false; + krebs.bindfs = { + "/var/lib/htgen-go" = { + source = "/var/state/htgen-go"; + options = [ + "-m ${toString config.users.users.htgen-go.uid}" + ]; + clearTarget = true; + }; + "/var/lib/brockman" = { + source = "/var/state/brockman"; + options = [ + "-m ${toString config.users.users.brockman.uid}:${toString config.users.users.nginx.uid}" + ]; + clearTarget = true; + }; + }; +} diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix index 19cf22280..1e0687ba7 100644 --- a/krebs/1systems/puyak/config.nix +++ b/krebs/1systems/puyak/config.nix @@ -19,14 +19,6 @@ <stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/binary-cache/prism.nix> - ### Krebs ### - <stockholm/krebs/2configs/go.nix> - - #### NEWS #### - <stockholm/krebs/2configs/ircd.nix> - <stockholm/krebs/2configs/news.nix> - - ### shackspace ### # handle the worlddomination map via coap <stockholm/krebs/2configs/shack/worlddomination.nix> diff --git a/krebs/2configs/go.nix b/krebs/2configs/go.nix index c39b08a8e..ce5db62d4 100644 --- a/krebs/2configs/go.nix +++ b/krebs/2configs/go.nix @@ -2,9 +2,6 @@ with import <stockholm/lib>; { - environment.systemPackages = [ - pkgs.go-shortener - ]; krebs.go = { enable = true; }; diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index 65972aacc..789fc2f2f 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -11,12 +11,12 @@ hello ''; config = '' + loadmodule "extensions/m_omode"; serverinfo { name = "${config.krebs.build.host.name}.irc.r"; sid = "1as"; description = "miep!"; network_name = "irc.r"; - hub = yes; vhost = "0.0.0.0"; vhost6 = "::"; @@ -26,7 +26,7 @@ #ssl_dh_params = "etc/dh.pem"; #ssld_count = 1; - default_max_clients = 10000; + default_max_clients = 100000; #nicklen = 30; }; @@ -43,19 +43,31 @@ /* Listen on IPv6 (if you used host= above). */ host = "::"; port = 6667; - sslport = 9999; + sslport = 6697; }; class "users" { ping_time = 2 minutes; number_per_ident = 10; - number_per_ip = 2048; + number_per_ip = 4096; number_per_ip_global = 4096; cidr_ipv4_bitlen = 24; cidr_ipv6_bitlen = 64; number_per_cidr = 65536; - max_number = 3000; - sendq = 1 megabyte; + max_number = 100000; + sendq = 10 megabyte; + }; + + privset "op" { + privs = oper:admin; + }; + + operator "aids" { + user = "*@*"; + password = "balls"; + flags = ~encrypted; + snomask = "+s"; + privset = "op"; }; exempt { @@ -93,12 +105,13 @@ channel_target_change = yes; disable_local_channels = no; }; + general { #maybe we want ident someday? - default_floodcount = 1000; + default_floodcount = 10000; disable_auth = yes; throttle_duration = 1; - throttle_count = 1000; + throttle_count = 10000; }; ''; }; diff --git a/krebs/2configs/news-host.nix b/krebs/2configs/news-host.nix new file mode 100644 index 000000000..82360a670 --- /dev/null +++ b/krebs/2configs/news-host.nix @@ -0,0 +1,12 @@ +{ + krebs.sync-containers.containers.news = { + peers = [ + "shodan" + "mors" + "styx" + ]; + hostIp = "10.233.2.101"; + localIp = "10.233.2.102"; + format = "plain"; + }; +} diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix index 11c136f85..3bf991433 100644 --- a/krebs/2configs/news.nix +++ b/krebs/2configs/news.nix @@ -1,168 +1,112 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: { + services.rss-bridge = { + enable = true; + whitelist = [ "*" ]; + }; + services.nginx.virtualHosts = { + rss-bridge = { + serverAliases = [ + "rss.r" + ]; + }; + "brockman.r" = { + serverAliases = [ + "news.r" + ]; + locations."/".extraConfig = '' + root /var/lib/brockman; + index brockman.json; + ''; + }; + }; + systemd.tmpfiles.rules = [ + "d /var/lib/brockman 1750 brockman nginx -" + ]; + krebs.brockman = { enable = true; config = { irc.host = "localhost"; + channel = "#all"; shortener = "http://go.r"; - bots = { - aje = { feed ="http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989"; channels = [ "#snews" ]; }; - allafrica = { feed ="http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf"; channels = [ "#snews" ]; }; - antirez = { feed ="http://antirez.com/rss"; channels = [ "#snews" "#news" ]; }; - archlinux = { feed ="http://www.archlinux.org/feeds/news/"; channels = [ "#snews" "#news" ]; }; - ars = { feed ="http://feeds.arstechnica.com/arstechnica/index?format=xml"; channels = [ "#snews" ]; }; - augustl = { feed ="http://augustl.com/atom.xml"; channels = [ "#snews" ]; }; - bbc = { feed ="http://feeds.bbci.co.uk/news/rss.xml"; channels = [ "#snews" ]; }; - bdt_aktuelle_themen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss"; channels = [ "#snews" ]; }; - bdt_drucksachen = { feed ="http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss"; channels = [ "#snews" ]; }; - bdt_plenarproto = { feed ="http://www.bundestag.de/rss_feeds/plenarprotokolle.rss"; channels = [ "#snews" ]; }; - bdt_pressemitteilungen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss"; channels = [ "#snews" ]; }; - bitcoinpakistan = { feed ="https://bitcoinspakistan.com/feed/"; channels = [ "#snews" ]; }; - cancer = { feed ="http://feeds.feedburner.com/ncinewsreleases?format=xml"; channels = [ "#snews" ]; }; - carta = { feed ="http://feeds2.feedburner.com/carta-standard-rss"; channels = [ "#snews" ]; }; - catholic_news = { feed ="http://feeds.feedburner.com/catholicnewsagency/dailynews"; channels = [ "#snews" ]; }; - cbc_busi = { feed ="http://rss.cbc.ca/lineup/business.xml"; channels = [ "#snews" ]; }; - cbc_offbeat = { feed ="http://www.cbc.ca/cmlink/rss-offbeat"; channels = [ "#snews" ]; }; - cbc_pol = { feed ="http://rss.cbc.ca/lineup/politics.xml"; channels = [ "#snews" ]; }; - cbc_tech = { feed ="http://rss.cbc.ca/lineup/technology.xml"; channels = [ "#snews" ]; }; - cbc_top = { feed ="http://rss.cbc.ca/lineup/topstories.xml"; channels = [ "#snews" ]; }; - ccc = { feed ="http://www.ccc.de/rss/updates.rdf"; channels = [ "#snews" ]; }; - chan_biz = { feed ="http://boards.4chan.org/biz/index.rss"; channels = [ "#snews" ]; }; - chan_g = { feed ="http://boards.4chan.org/g/index.rss"; channels = [ "#snews" ]; }; - chan_int = { feed ="http://boards.4chan.org/int/index.rss"; channels = [ "#snews" ]; }; - chan_sci = { feed ="http://boards.4chan.org/sci/index.rss"; channels = [ "#snews" ]; }; - chan_x = { feed ="http://boards.4chan.org/x/index.rss"; channels = [ "#snews" ]; }; - c = { feed ="http://www.tempolimit-lichtgeschwindigkeit.de/news.xml"; channels = [ "#snews" ]; }; - cryptogon = { feed ="http://www.cryptogon.com/?feed=rss2"; channels = [ "#snews" ]; }; - csm = { feed ="http://rss.csmonitor.com/feeds/csm"; channels = [ "#snews" ]; }; - csm_world = { feed ="http://rss.csmonitor.com/feeds/world"; channels = [ "#snews" ]; }; - danisch = { feed ="http://www.danisch.de/blog/feed/"; channels = [ "#snews" ]; }; - dod = { feed ="http://www.defense.gov/news/afps2.xml"; channels = [ "#snews" ]; }; - dwn = { feed ="http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/"; channels = [ "#snews" ]; }; - ecat = { feed ="http://ecat.com/feed"; channels = [ "#snews" ]; }; - eia_press = { feed ="http://www.eia.gov/rss/press_rss.xml"; channels = [ "#snews" ]; }; - eia_today = { feed ="http://www.eia.gov/rss/todayinenergy.xml"; channels = [ "#snews" ]; }; - embargowatch = { feed ="https://embargowatch.wordpress.com/feed/"; channels = [ "#snews" ]; }; - ethereum-comments = { feed ="http://blog.ethereum.org/comments/feed"; channels = [ "#snews" ]; }; - ethereum = { feed ="http://blog.ethereum.org/feed"; channels = [ "#snews" "#news" ]; }; - europa_ric = { feed ="http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml"; channels = [ "#snews" ]; }; - eu_survei = { feed ="http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx"; channels = [ "#snews" ]; }; - exploitdb = { feed ="http://www.exploit-db.com/rss.xml"; channels = [ "#snews" ]; }; - fars = { feed ="http://www.farsnews.com/rss.php"; channels = [ "#snews #test" ]; }; - faz_feui = { feed ="http://www.faz.net/rss/aktuell/feuilleton/"; channels = [ "#snews" ]; }; - faz_politik = { feed ="http://www.faz.net/rss/aktuell/politik/"; channels = [ "#snews" ]; }; - faz_wirtschaft = { feed ="http://www.faz.net/rss/aktuell/wirtschaft/"; channels = [ "#snews" ]; }; - fbi = { feed ="https://www.fbi.gov/news/rss.xml"; channels = [ "#snews" ]; }; - fedreserve = { feed ="http://www.federalreserve.gov/feeds/press_all.xml"; channels = [ "#snews" ]; }; - fefe = { feed ="http://blog.fefe.de/rss.xml"; channels = [ "#snews" ]; }; - forbes = { feed ="http://www.forbes.com/forbes/feed2/"; channels = [ "#snews" ]; }; - forbes_realtime = { feed ="http://www.forbes.com/real-time/feed2/"; channels = [ "#snews" ]; }; - fox = { feed ="http://feeds.foxnews.com/foxnews/latest"; channels = [ "#snews" ]; }; - geheimorganisation = { feed ="http://geheimorganisation.org/feed/"; channels = [ "#snews" ]; }; - GerForPol = { feed ="http://www.german-foreign-policy.com/de/news/rss-2.0"; channels = [ "#snews" ]; }; - gmanet = { feed ="http://www.gmanetwork.com/news/rss/news"; channels = [ "#snews" ]; }; - golem = { feed ="http://rss.golem.de/rss.php"; channels = [ "#snews" ]; }; - google = { feed ="http://news.google.com/?output=rss"; channels = [ "#snews" ]; }; - greenpeace = { feed ="http://feeds.feedburner.com/GreenpeaceNews"; channels = [ "#snews" ]; }; - guardian_uk = { feed ="http://feeds.theguardian.com/theguardian/uk-news/rss"; channels = [ "#snews" ]; }; - gulli = { feed ="http://ticker.gulli.com/rss/"; channels = [ "#snews" ]; }; - hackernews = { feed ="https://news.ycombinator.com/rss"; channels = [ "#snews" ]; }; - handelsblatt = { feed ="http://www.handelsblatt.com/contentexport/feed/schlagzeilen"; channels = [ "#snews" ]; }; - heise = { feed ="https://www.heise.de/newsticker/heise-atom.xml"; channels = [ "#snews" ]; }; - hindu_business = { feed ="http://www.thehindubusinessline.com/?service=rss"; channels = [ "#snews" ]; }; - hindu = { feed ="http://www.thehindu.com/?service=rss"; channels = [ "#snews" ]; }; - ign = { feed ="http://feeds.ign.com/ign/all"; channels = [ "#snews" ]; }; - independent = { feed ="http://www.independent.com/rss/headlines/"; channels = [ "#snews" ]; }; - indymedia = { feed ="https://de.indymedia.org/rss.xml"; channels = [ "#snews" ]; }; - info_libera = { feed ="http://www.informationliberation.com/rss.xml"; channels = [ "#snews" ]; }; - klagen-gegen-rundfuckbeitrag = { feed ="http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default"; channels = [ "#snews" ]; }; - korea_herald = { feed ="http://www.koreaherald.com/rss_xml.php"; channels = [ "#snews" ]; }; - linuxinsider = { feed ="http://www.linuxinsider.com/perl/syndication/rssfull.pl"; channels = [ "#snews" ]; }; - lisp = { feed ="http://planet.lisp.org/rss20.xml"; channels = [ "#snews" ]; }; - liveleak = { feed ="http://www.liveleak.com/rss"; channels = [ "#snews" ]; }; - lolmythesis = { feed ="http://lolmythesis.com/rss"; channels = [ "#snews" ]; }; - LtU = { feed ="http://lambda-the-ultimate.org/rss.xml"; channels = [ "#snews" "#news" ]; }; - lukepalmer = { feed ="http://lukepalmer.wordpress.com/feed/"; channels = [ "#snews" ]; }; - mit = { feed ="http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss"; channels = [ "#snews" ]; }; - mongrel2_master = { feed ="https://github.com/zedshaw/mongrel2/commits/master.atom"; channels = [ "#snews" "#news" ]; }; - nds = { feed ="http://www.nachdenkseiten.de/?feed=atom"; channels = [ "#snews" ]; }; - netzpolitik = { feed ="https://netzpolitik.org/feed/"; channels = [ "#snews" ]; }; - newsbtc = { feed ="http://newsbtc.com/feed/"; channels = [ "#snews" ]; }; - nnewsg = { feed ="http://www.net-news-global.net/rss/rssfeed.xml"; channels = [ "#snews" ]; }; - npr_busi = { feed ="http://www.npr.org/rss/rss.php?id=1006"; channels = [ "#snews" ]; }; - npr_headlines = { feed ="http://www.npr.org/rss/rss.php?id=1001"; channels = [ "#snews" ]; }; - npr_pol = { feed ="http://www.npr.org/rss/rss.php?id=1012"; channels = [ "#snews" ]; }; - npr_world = { feed ="http://www.npr.org/rss/rss.php?id=1004"; channels = [ "#snews" ]; }; - nsa = { feed ="https://www.nsa.gov/rss.xml"; channels = [ "#snews #bullerei" ]; }; - nytimes = { feed ="http://rss.nytimes.com/services/xml/rss/nyt/World.xml"; channels = [ "#snews" ]; }; - painload = { feed ="https://github.com/krebs/painload/commits/master.atom"; channels = [ "#snews" "#news" ]; }; - phys = { feed ="http://phys.org/rss-feed/"; channels = [ "#snews" ]; }; - piraten = { feed ="https://www.piratenpartei.de/feed/"; channels = [ "#snews" ]; }; - polizei_berlin = { feed ="http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml"; channels = [ "#snews" ]; }; - presse_polizei = { feed ="http://www.presseportal.de/rss/polizei.rss2"; channels = [ "#snews" ]; }; - presseportal = { feed ="http://www.presseportal.de/rss/presseportal.rss2"; channels = [ "#snews" ]; }; - prisonplanet = { feed ="http://prisonplanet.com/feed.rss"; channels = [ "#snews" ]; }; - rawstory = { feed ="http://www.rawstory.com/rs/feed/"; channels = [ "#snews" ]; }; - reddit_4chan = { feed ="http://www.reddit.com/r/4chan/new/.rss"; channels = [ "#snews" ]; }; - reddit_anticonsum = { feed ="http://www.reddit.com/r/Anticonsumption/new/.rss"; channels = [ "#snews" ]; }; - reddit_btc = { feed ="http://www.reddit.com/r/Bitcoin/new/.rss"; channels = [ "#snews" ]; }; - reddit_consp = { feed ="http://reddit.com/r/conspiracy/.rss"; channels = [ "#snews" ]; }; - reddit_haskell = { feed ="http://www.reddit.com/r/haskell/.rss"; channels = [ "#snews" "#news" ]; }; - reddit_nix = { feed ="http://www.reddit.com/r/nixos/.rss"; channels = [ "#snews" "#news" ]; }; - reddit_prog = { feed ="http://www.reddit.com/r/programming/new/.rss"; channels = [ "#snews" ]; }; - reddit_sci = { feed ="http://www.reddit.com/r/science/.rss"; channels = [ "#snews" ]; }; - reddit_tech = { feed ="http://www.reddit.com/r/technology/.rss"; channels = [ "#snews" ]; }; - reddit_tpp = { feed ="http://www.reddit.com/r/twitchplayspokemon/.rss"; channels = [ "#snews" ]; }; - reddit_world = { feed ="http://www.reddit.com/r/worldnews/.rss"; channels = [ "#snews" ]; }; - r-ethereum = { feed ="http://www.reddit.com/r/ethereum/.rss"; channels = [ "#snews" ]; }; - reuters = { feed ="http://feeds.reuters.com/Reuters/worldNews"; channels = [ "#snews" ]; }; - reuters-odd = { feed ="http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml"; channels = [ "#snews" ]; }; - rt = { feed ="http://rt.com/rss/news/"; channels = [ "#snews" ]; }; - schallurauch = { feed ="http://feeds.feedburner.com/SchallUndRauch"; channels = [ "#snews" ]; }; - sciencemag = { feed ="http://news.sciencemag.org/rss/current.xml"; channels = [ "#snews" ]; }; - scmp = { feed ="http://www.scmp.com/rss/91/feed"; channels = [ "#snews" ]; }; - sec-db = { feed ="http://feeds.security-database.com/SecurityDatabaseToolsWatch"; channels = [ "#snews" ]; }; - shackspace = { feed ="http://shackspace.de/atom.xml"; channels = [ "#snews" "#news" ]; }; - shz_news = { feed ="http://www.shz.de/nachrichten/newsticker/rss"; channels = [ "#snews" ]; }; - sky_busi = { feed ="http://feeds.skynews.com/feeds/rss/business.xml"; channels = [ "#snews" ]; }; - sky_pol = { feed ="http://feeds.skynews.com/feeds/rss/politics.xml"; channels = [ "#snews" ]; }; - sky_strange = { feed ="http://feeds.skynews.com/feeds/rss/strange.xml"; channels = [ "#snews" ]; }; - sky_tech = { feed ="http://feeds.skynews.com/feeds/rss/technology.xml"; channels = [ "#snews" ]; }; - sky_world = { feed ="http://feeds.skynews.com/feeds/rss/world.xml"; channels = [ "#snews" ]; }; - slashdot = { feed ="http://rss.slashdot.org/Slashdot/slashdot"; channels = [ "#snews" ]; }; - slate = { feed ="http://feeds.slate.com/slate"; channels = [ "#snews" ]; }; - spiegel_eil = { feed ="http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss"; channels = [ "#snews" ]; }; - spiegel_top = { feed ="http://www.spiegel.de/schlagzeilen/tops/index.rss"; channels = [ "#snews" ]; }; - standardmedia_ke = { feed ="http://www.standardmedia.co.ke/rss/headlines.php"; channels = [ "#snews" ]; }; - stern = { feed ="http://www.stern.de/feed/standard/all/"; channels = [ "#snews" ]; }; - stz = { feed ="http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed"; channels = [ "#snews" ]; }; - sz_politik = { feed ="http://rss.sueddeutsche.de/rss/Politik"; channels = [ "#snews" ]; }; - sz_wirtschaft = { feed ="http://rss.sueddeutsche.de/rss/Wirtschaft"; channels = [ "#snews" ]; }; - sz_wissen = { feed ="http://rss.sueddeutsche.de/rss/Wissen"; channels = [ "#snews" ]; }; - tagesschau = { feed ="http://www.tagesschau.de/newsticker.rdf"; channels = [ "#snews" ]; }; - taz = { feed ="http://taz.de/Themen-des-Tages/!p15;rss/"; channels = [ "#snews" ]; }; - telegraph = { feed ="http://www.telegraph.co.uk/rss.xml"; channels = [ "#snews" ]; }; - telepolis = { feed ="http://www.heise.de/tp/rss/news-atom.xml"; channels = [ "#snews" ]; }; - the_insider = { feed ="http://www.theinsider.org/rss/news/headlines-xml.asp"; channels = [ "#snews" ]; }; - tigsource = { feed ="http://www.tigsource.com/feed/"; channels = [ "#snews" ]; }; - tinc = { feed ="http://tinc-vpn.org/news/index.rss"; channels = [ "#snews" "#news" ]; }; - torr_bits = { feed ="http://feeds.feedburner.com/TorrentfreakBits"; channels = [ "#snews" ]; }; - torrentfreak = { feed ="http://feeds.feedburner.com/Torrentfreak"; channels = [ "#snews" ]; }; - torr_news = { feed ="http://feed.torrentfreak.com/Torrentfreak/"; channels = [ "#snews" ]; }; - travel_warnings = { feed ="http://feeds.travel.state.gov/ca/travelwarnings-alerts"; channels = [ "#snews" ]; }; - un_afr = { feed ="http://www.un.org/apps/news/rss/rss_africa.asp"; channels = [ "#snews" ]; }; - un_am = { feed ="http://www.un.org/apps/news/rss/rss_americas.asp"; channels = [ "#snews" ]; }; - un_eu = { feed ="http://www.un.org/apps/news/rss/rss_europe.asp"; channels = [ "#snews" ]; }; - un_me = { feed ="http://www.un.org/apps/news/rss/rss_mideast.asp"; channels = [ "#snews" ]; }; - un_pac = { feed ="http://www.un.org/apps/news/rss/rss_asiapac.asp"; channels = [ "#snews" ]; }; - un_top = { feed ="http://www.un.org/apps/news/rss/rss_top.asp"; channels = [ "#snews" ]; }; - us_math_society = { feed ="http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1"; channels = [ "#snews" ]; }; - vimperator = { feed ="https://sites.google.com/a/vimperator.org/www/blog/posts.xml"; channels = [ "#snews" "#news" ]; }; - weechat = { feed ="http://dev.weechat.org/feed/atom"; channels = [ "#snews" "#news" ]; }; - xkcd = { feed ="https://xkcd.com/rss.xml"; channels = [ "#snews" "#news" ]; }; - zdnet = { feed ="http://www.zdnet.com/news/rss.xml"; channels = [ "#snews" ]; }; + controller = { + nick = "brockman"; + channels = [ "#all" ]; }; + bots = {}; }; }; + + krebs.reaktor2.news = { + hostname = "localhost"; + port = "6667"; + nick = "brockman-helper"; + plugins = [ + { + plugin = "register"; + config = { + channels = [ + "#all" + "#aluhut" + "#news" + ]; + }; + } + { + plugin = "system"; + config = { + hooks.PRIVMSG = [ + { + activate = "match"; + pattern = "^brockman-helper:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$"; + command = 1; + arguments = [2]; + commands = { + add-reddit.filename = pkgs.writeDash "add-reddit" '' + set -euf + if [ "$#" -ne 1 ]; then + echo 'usage: brockman-helper: add-reddit $reddit_channel' + exit 1 + fi + reddit_channel=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') + echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Telegram&username=$reddit_channel&format=Mrss" + ''; + add-telegram.filename = pkgs.writeDash "add-telegram" '' + set -euf + if [ "$#" -ne 1 ]; then + echo 'usage: brockman-helper: add-telegram $telegram_user' + exit 1 + fi + telegram_user=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') + echo "brockman: add t_$telegram_user http://rss.r/?action=display&bridge=Telegram&username=$telegram_user&format=Mrss" + ''; + add-youtube.filename = pkgs.writeDash "add-youtube" '' + set -euf + if [ "$#" -ne 1 ]; then + echo 'usage: brockman-helper: add-youtube $nick $channelid' + exit 1 + fi + youtube_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') + youtube_id=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][1]') + echo "brockman: add yt_$youtube_nick http://rss.r/?action=display&bridge=Youtube&context=By+channel+id&c=$youtube_id&duration_min=&duration_max=&format=Mrss" + ''; + search.filename = pkgs.writeDash "search" '' + set -euf + if [ "$#" -ne 1 ]; then + echo 'usage: brockman-helper: search $searchterm' + exit 1 + fi + searchterm=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') + ${pkgs.curl}/bin/curl -Ss "https://feedsearch.dev/api/v1/search?url=$searchterm&info=true&favicon=false" | + ${pkgs.jq}/bin/jq '.[].url' + ''; + }; + } + ]; + }; + } + ]; + }; } diff --git a/krebs/2configs/syncthing.nix b/krebs/2configs/syncthing.nix new file mode 100644 index 000000000..31e33ad5e --- /dev/null +++ b/krebs/2configs/syncthing.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: with import <stockholm/lib>; let + mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); + + all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; + used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders)); + used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers; +in { + services.syncthing = { + enable = true; + configDir = "/var/lib/syncthing"; + declarative = { + devices = mk_peers used_peers; + }; + }; +} diff --git a/krebs/3modules/bindfs.nix b/krebs/3modules/bindfs.nix new file mode 100644 index 000000000..7e3730e86 --- /dev/null +++ b/krebs/3modules/bindfs.nix @@ -0,0 +1,61 @@ +with import <stockholm/lib>; +{ config, pkgs, ... }: +let + cfg = config.krebs.bindfs; +in { + options.krebs.bindfs = mkOption { + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + target = mkOption { + description = '' + destination where bindfs mounts to. + second positional argument to bindfs. + ''; + default = config._module.args.name; + type = types.absolute-pathname; + }; + source = mkOption { + description = '' + source folder where the mounted directory is originally. + first positional argument to bindfs. + ''; + type = types.absolute-pathname; + }; + options = mkOption { + description = '' + additional arguments to bindfs + ''; + type = types.listOf types.str; + default = []; + }; + clearTarget = mkOption { + description = '' + whether to clear the target folder before mounting + ''; + type = types.bool; + default = false; + }; + }; + })); + default = {}; + }; + + config = mkIf (cfg != {}) { + systemd.services = mapAttrs' (n: mount: let + name = replaceStrings [ "/" ] [ "_" ] n; + in nameValuePair "bindfs-${name}" { + wantedBy = [ "local-fs.target" ]; + path = [ pkgs.coreutils ]; + serviceConfig = { + ExecStartPre = pkgs.writeDash "bindfs-init-${name}" '' + ${optionalString mount.clearTarget '' + rm -rf '${mount.target}' + ''} + mkdir -p '${mount.source}' + mkdir -p '${mount.target}' + ''; + ExecStart = "${pkgs.bindfs}/bin/bindfs -f ${concatStringsSep " " mount.options} ${mount.source} ${mount.target}"; + }; + }) cfg; + }; +} diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index 21cc14202..32aa3489b 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -1,5 +1,5 @@ -{ pkgs, lib, config, ... }: -with lib; +{ pkgs, config, ... }: +with import <stockholm/lib>; let cfg = config.krebs.brockman; in { @@ -9,7 +9,12 @@ in { }; config = mkIf cfg.enable { - users.extraUsers.brockman.isNormalUser = false; + users.extraUsers.brockman = { + home = "/var/lib/brockman"; + createHome = true; + isNormalUser = false; + uid = genid_uint31 "brockman"; + }; systemd.services.brockman = { description = "RSS to IRC broadcaster"; diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 2a74adac3..e7d04ead8 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -11,6 +11,7 @@ let ./apt-cacher-ng.nix ./backup.nix ./bepasty-server.nix + ./bindfs.nix ./brockman.nix ./buildbot/master.nix ./buildbot/slave.nix @@ -37,7 +38,6 @@ let ./kapacitor.nix ./konsens.nix ./monit.nix - ./newsbot-js.nix ./nixpkgs.nix ./on-failure.nix ./os-release.nix @@ -52,6 +52,7 @@ let ./secret.nix ./setuid.nix ./shadow.nix + ./sync-containers.nix ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix @@ -91,8 +92,10 @@ let @ IN SOA dns19.ovh.net. tech.ovh.net. (2015052000 86400 3600 3600000 86400) IN NS ns19.ovh.net. IN NS dns19.ovh.net. - IN A 192.30.252.154 - IN A 192.30.252.153 + IN A 185.199.108.153 + IN A 185.199.109.153 + IN A 185.199.110.153 + IN A 185.199.111.153 ''; }; }; diff --git a/krebs/3modules/go.nix b/krebs/3modules/go.nix index 218ac9221..4df73509c 100644 --- a/krebs/3modules/go.nix +++ b/krebs/3modules/go.nix @@ -13,52 +13,78 @@ let api = { enable = mkEnableOption "Enable go url shortener"; port = mkOption { - type = types.str; - default = "1337"; + type = types.int; + default = 1337; description = "on which port go should run on"; }; - redisKeyPrefix = mkOption { - type = types.str; - default = "go:"; - description = "change the Redis key prefix which defaults to `go:`"; - }; }; imp = { - services.redis = { - enable = mkDefault true; - bind = mkDefault "127.0.0.1"; - }; + krebs.htgen.go = { + port = cfg.port; + script = ''. ${pkgs.writeDash "go" '' + find_item() { + if test ''${#1} -ge 7; then + set -- "$(find "$STATEDIR/items" -mindepth 1 -maxdepth 1 \ + -regex "$STATEDIR/items/$1[0-9A-Za-z]*$")" + if test -n "$1" && test $(echo "$1" | wc -l) = 1; then + echo "$1" + return 0 + fi + fi + return 1 + } - users.extraUsers.go = rec { - name = "go"; - uid = genid name; - description = "go url shortener user"; - home = "/var/lib/go"; - createHome = true; - }; + STATEDIR=$HOME + mkdir -p "$STATEDIR/items" - systemd.services.go = { - description = "go url shortener"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + case "$Method $Request_URI" in + "GET /"*) + if item=$(find_item "''${Request_URI#/}"); then + uri=$(cat "$item") + printf 'HTTP/1.1 302 Found\r\n' + printf 'Content-Type: text/plain\r\n' + printf 'Connection: closed\r\n' + printf 'Location: %s\r\n' "$uri" + printf '\r\n' + exit + fi + ;; + "POST /") + uri=$(mktemp -t htgen.$$.content.XXXXXXXX) + trap 'rm $uri >&2' EXIT - path = with pkgs; [ - go-shortener - ]; + head -c "$req_content_length" \ + | sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \ + | xargs -0 echo -e \ + | tee /tmp/tee.log \ + | ${pkgs.urix}/bin/urix \ + | head -1 \ + > "$uri" + sha256=$(sha256sum -b "$uri" | cut -d\ -f1) + base32=$(${pkgs.nixStable}/bin/nix-hash --to-base32 --type sha256 "$sha256") + item="$STATEDIR/items/$base32" + ref="http://$req_host/$base32" - environment = { - PORT = cfg.port; - REDIS_KEY_PREFIX = cfg.redisKeyPrefix; - }; + if ! test -e "$item"; then + mkdir -v -p "$STATEDIR/items" >&2 + cp -v "$uri" "$item" >&2 + fi - restartIfChanged = true; + base32short=$(echo "$base32" | cut -b-7) + if item=$(find_item "$base32short"); then + ref="http://$req_host/$base32short" + fi - serviceConfig = { - User = "go"; - Restart = "always"; - ExecStart = "${pkgs.go-shortener}/bin/go"; - }; + printf 'HTTP/1.1 200 OK\r\n' + printf 'Content-Type: text/plain; charset=UTF-8\r\n' + printf 'Connection: close\r\n' + printf '\r\n' + printf '%s\n' "$ref" + exit + ;; + esac + ''}''; }; }; diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 5e3ddcb2d..8c164cfe3 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -92,6 +92,38 @@ in { ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; + news = { + ci = true; + nets = { + retiolum = { + ip4.addr = "10.243.0.5"; + aliases = [ + "news.r" + "brockman.r" + "go.r" + "rss.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc + cgPezX8yGmA0nuTyCUPtXbWyWee9HnzYqekzJYvBHwgBDvZ8UhLZTCXD15agDfaf + cbzd4uM5bCDgqI8sezzD95tqj7mzvIEurIShDXYSWC6YRat1h1Opp86JngBJRvHZ + Gb6NAyfnr4v2eyMrmH9/j+sECxjCAaC5QLpJWyoDPilFU8dXBarmiZNYYlXQt1pn + yxZSF5pElmrdiZ6vlKlnEHwFtExm1gv63ZjAlusrXM+bKMvdVKRnhahq76A5VXjc + kbOhQi+wYGaVK4jB2a1UilmKYh1wKLE7HULoHDRrqEe4jemNZg+JOBPTU+jM/JzM + XdPy0KAMxHOUZCe8IX0LgF1snVaMF05Qkoe3QKr0YJ3KTD7UdsJpa1Br216Z/w2f + koz+cRn/Z/8TO8SIRKvy5TfXeH+ra6rp/CvwryNlNL4FB+25LFDkJtLIZGqAsz3G + vRXUiGN4l1FR4TbX7XaK2rvIlA/+4isJ02bBdnZhe7kmuuBeECyPaR1+Ui6pElXe + ZamnxTAmj86Q8pDx6Wn2cg8YAJlVV3UCfhda34DZokJmmmKucGupg/6Xt0Bhm9d5 + exNrTIDG3lXTxmg2mfiZJeg/fsnalvtN0j/VB+NmmKzie+ZohMK4nUfslq8o5CO9 + j7ZLmZzm062GzX0RenxNkwUCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo "; + }; onebutton = { cores = 1; nets = { @@ -130,7 +162,6 @@ in { "puyak.r" "build.puyak.r" "cgit.puyak.r" - "go.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index a4586bed4..c5cf5cb15 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -44,6 +44,7 @@ in { matrix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + jitsi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; @@ -685,6 +686,7 @@ in { }; ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU "; + syncthing.id = "JAVJ6ON-WLCWOA3-YB7EHPX-VGIN4XF-635NIVZ-WZ4HN4M-QRMLT4N-5PL5MQN"; }; }; users = rec { @@ -699,6 +701,11 @@ in { pubkey = builtins.readFile ./ssh/blue.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp; }; + lass-green = { + mail = "lass@green.r"; + pubkey = builtins.readFile ./ssh/green.ed25519; + pgp.pubkeys.default = builtins.readFile ./pgp/green.pgp; + }; lass-mors = { mail = "lass@mors.r"; pubkey = builtins.readFile ./ssh/mors.rsa; diff --git a/krebs/3modules/lass/pgp/green.pgp b/krebs/3modules/lass/pgp/green.pgp new file mode 100644 index 000000000..96b2b38e4 --- /dev/null +++ b/krebs/3modules/lass/pgp/green.pgp @@ -0,0 +1,40 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGAMS3EBDACzbsaP9nhJ8GrAk5JLlz+ruDbEGuvJXvh+spVq9i9TCCGAraPo +z8Tmgsw6SJhJMW/170OZJ+GMMEDRpRbvh8tLZ0jsTIwINasRjC68tF9dgjjPZdNN +cVOpFw4Wf4ueMmoEG/9Xyehm+YEJFTj5wul2uJtfj5NJB43daDn4e3ieGExd+zE0 +FTP4yAmxVMbN4BiyZPX7CxeTzJS0g4aVnMq9RqtYbxd1Uv++LmPh1ZkEyNNKItfC +nRFeZzjhnmD7LvwsixE2ENnbiL9Ho7Mc4C7kRKSJ+LvXH6ChJJtDy9ApVA+u90i5 +Rd7y9rdzFY+NCHusWg0/U/t2FoLc/hRa0eLE1KFtzWzH35TMl8R/7NrPztTwT/fH +xt3qSiwMUvH9X9TGvh5N0WwqgtEe6mpZvpq+4gyOiyA+EwE73rnxG2DzmM6CFHyo +Qm/OOfjuFH+l0PkAqti+f41SqlEOiOAAFzgz7gaTdJ8gXs8piOGxk4U5EK/p1OTW +4e6DrxqcxmHgoAUAEQEAAbQMbGFzc0BncmVlbi5yiQHUBBMBCAA+FiEE6Ed5jGI3 +gop09K1NMwheLc2Sjz0FAmAMS3ECGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwEC +HgECF4AACgkQMwheLc2Sjz0otwv+I8Sw0ENqy6SsrZSGDtmhAouCeTIUseRQ66tp +UFnxDVPYhhdM2ubTtIqOfx20Xdy/7N/POyYMJ5VR+IaFcB9wUlrhdjwUlCtoUipx +EycZloccMPGySxAxR3Kcy/SFzUKWwQ10/mfSQg/4+vYayZNuSvEpviMEZn0prpmw +jwFJcHOu0NL+7eYULMdit1BDaZfBaAu/otKn18878+0hVimyjW27564uXtJYnbf1 +hUVGvPLaSo74XBFra+kujcA3zIjWiPn6dRA5dzLrRRkb30Unl1+0a9QwY3wd3vCV +UHWSgDNaV+o7yPTuxoMsfrxHPAc3JlaKM6ka/EdK04tbgMH/N7FHXqDqCEIBWML4 +1/+HxkP2UW59zLefQwvBqWcF6bA7kgHGhIDkg1yg7ygP0t2mH6ktuEAYYr24BFx7 +b8nK/jhK+rp3LomLTLQ6e/6mikfoDr636sB1/Bc+pTdWsJnuQTzaWBDloVEr/2hz +/K5+wH2kgSKaWYUtaR6wiMbVKq3HuQGNBGAMS3EBDAC1xQNCJD3hlnihHBv7jxfH +CI5HdnUEh1eP8mUKjSE+Z0xGEMq8Z9sbTHQxtDdmC4ZOq1Kkt2LmtQQQAIH+Qnu6 +RYFOAPRmegouIxg4S3eTPZhZRo1ZqCphqbL2mQ9ifNrG3VVvQGXNvjo3Cuwj0uzx +EDtOilKEtHZhG0cfehGV+nO1n/g50EQMC7JkFWnryxVL8i4l3KstOdj+LcIT6c27 +EE2fzOUekeltBHGRFSM1Yzmn2lxruuK4I8zoiqak2St1788ay//F9tiZPfhWRb6+ +DF+JgRLCXatqTJppPpkui1irw6jN5ZabjyS7GBtH+5wpnvuMEMr484OXEg17VnCd +Tx/RTLyjfffDtTkC4M7oiAr5SUbkJjVkEuwjxp1N19epD8gzrBQC2W7XKM3z+mtG +ZLJtiW5hM+QylMv7VWxbQ21ObJmUqBQUZLPlpl3dlGU/ILw3U4urBibD9oPT2QAX +J6Db/STyl6w0bzRbMJmaEM4P0FcdEKTuw7tOpl5zBUkAEQEAAYkBtgQYAQgAIBYh +BOhHeYxiN4KKdPStTTMIXi3Nko89BQJgDEtxAhsMAAoJEDMIXi3Nko89yc8MAJKg +M5lbA/PJYlIju/qWKWt7yZbsIGuDfmuKfYftjXDOqskEqDyYgr31Txd43bWM6Ec7 +gb5JVmtzvLull0/KRwMcKAFNTXIYcb3jKpanwWRgHQlt/D6zlQula73WxwNUlZWl +Q8FCWjGa2hC8oKlTbtzm5osdcK+YhlpTpK5y4Mrg0f9Rcd297ygFQSDInpGq7ILY +sFat3HU7w9oPp9Q5RS8/EmrvAx1kFj9mZRs4L9inJJnHFpb1R6snojcKPwEyIWBi ++PFZ6ns296FjW9C+Ci7C+aaAzVDM7NAwU0/EhWeDKKHITU3Zaz4gnShesKBiVxhI +JQNFCjWlnc+o3RqbAhDQhlwFrCZWUxQi1qWy4U88IYqR9hxV0eNtGSRmwnGCT9RV +Nxb6CjtmHpgUmzyvwBpBJya8bLYu5tCKnUodtFiq/poxEfI5WrP6pu5l648AwuPa +ioovprweDWs38Q8wd/SuoaUtIoj378UDXq8acFvHHnOS/bBBfAE9tutY1ycJdg== +=Fg3f +-----END PGP PUBLIC KEY BLOCK----- diff --git a/krebs/3modules/lass/ssh/green.ed25519 b/krebs/3modules/lass/ssh/green.ed25519 new file mode 100644 index 000000000..1aa7b1801 --- /dev/null +++ b/krebs/3modules/lass/ssh/green.ed25519 @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOJfTJ37hWYTYLWY6egshmvigPfRF0Sa4N11gmphMLm lass@green diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix deleted file mode 100644 index a3640caa5..000000000 --- a/krebs/3modules/newsbot-js.nix +++ /dev/null @@ -1,102 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - - cfg = config.krebs.newsbot-js; - - enable = cfg != {}; - - out = { - options.krebs.newsbot-js = api; - config = mkIf enable imp; - }; - - api = mkOption { - type = types.attrsOf (types.submodule ({ config, ... }: { - options = { - enable = mkEnableOption "Enable krebs newsbot" // { default = true; }; - - channel = mkOption { - type = types.str; - default = "#${config._module.args.name}"; - description = "post the news in this channel"; - }; - feeds = mkOption { - type = types.path; - description = '' - file with feeds to post - format: - $nick|$feedURI - ''; - }; - ircServer = mkOption { - type = types.str; - default = "localhost"; - description = "to which server the bot should connect"; - }; - masterNick = mkOption { - type = types.str; - default = config._module.args.name; - description = "nickname of the master bot"; - }; - package = mkOption { - type = types.package; - default = pkgs.newsbot-js; - description = "newsbot package to use"; - }; - urlShortenerHost = mkOption { - type = types.str; - default = "go.r"; - description = "what server to use for url shortening, host"; - }; - urlShortenerPort = mkOption { - type = types.str; - default = "80"; - description = "what server to use for url shortening, port"; - }; - }; - })); - default = {}; - }; - - imp = { - users.extraUsers.newsbot-js = { - name = "newsbot-js"; - uid = genid "newsbot-js"; - description = "newsbot-js user"; - home = "/var/empty"; - }; - - systemd.services = mapAttrs' (name: newsbot: - nameValuePair "newsbot-${name}" { - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - - path = with pkgs; [ - newsbot-js - ]; - - environment = { - irc_server = newsbot.ircServer; - master_nick = newsbot.masterNick; - news_channel = newsbot.channel; - feeds_file = newsbot.feeds; - url_shortener_host = newsbot.urlShortenerHost; - url_shortener_port = newsbot.urlShortenerPort; - }; - - restartIfChanged = true; - - serviceConfig = { - User = "newsbot-js"; - Restart = "always"; - ExecStart = "${newsbot.package}/bin/newsbot"; - WatchdogSec = "86400"; - }; - } - ) cfg; - }; - -in out diff --git a/krebs/3modules/sync-containers.nix b/krebs/3modules/sync-containers.nix new file mode 100644 index 000000000..d31022d3a --- /dev/null +++ b/krebs/3modules/sync-containers.nix @@ -0,0 +1,174 @@ +with import <stockholm/lib>; +{ config, pkgs, ... }: let + cfg = config.krebs.sync-containers; + paths = cname: { + plain = "/var/lib/containers/${cname}/var/state"; + ecryptfs = "${cfg.dataLocation}/${cname}/ecryptfs"; + securefs = "${cfg.dataLocation}/${cname}/securefs"; + }; + start = cname: { + plain = '' + : + ''; + ecryptfs = '' + if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then + if [ -e ${cfg.dataLocation}/${cname}/ecryptfs/.cfg.json ]; then + ${pkgs.ecrypt}/bin/ecrypt mount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state + else + ${pkgs.ecrypt}/bin/ecrypt init ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state + fi + fi + ''; + securefs = '' + ## TODO init file systems if it does not exist + # ${pkgs.securefs}/bin/securefs create --format 3 ${cfg.dataLocation}/${cname}/securefs + if ! ${pkgs.mount}/bin/mount | grep -q '^securefs on /var/lib/containers/${cname}/var/state type fuse.securefs'; then + ${pkgs.securefs}/bin/securefs mount ${cfg.dataLocation}/${cname}/securefs /var/lib/containers/${cname}/var/state -b -o allow_other -o default_permissions + fi + ''; + }; + stop = cname: { + plain = '' + : + ''; + ecryptfs = '' + ${pkgs.ecrypt}/bin/ecrypt unmount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state + ''; + securefs = '' + umount /var/lib/containers/${cname}/var/state + ''; + }; +in { + options.krebs.sync-containers = { + dataLocation = mkOption { + description = '' + location where the encrypted sync-container lie around + ''; + default = "/var/lib/sync-containers"; + type = types.absolute-pathname; + }; + containers = mkOption { + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + name = mkOption { + description = '' + name of the container + ''; + default = config._module.args.name; + type = types.str; + }; + peers = mkOption { + description = '' + syncthing peers to share this container with + ''; + default = []; + type = types.listOf types.str; + }; + hostIp = mkOption { # TODO find this automatically + description = '' + hostAddress of the privateNetwork + ''; + example = "10.233.2.15"; + type = types.str; + }; + localIp = mkOption { # TODO find this automatically + description = '' + localAddress of the privateNetwork + ''; + example = "10.233.2.16"; + type = types.str; + }; + format = mkOption { + description = '' + file system encrption format of the container + ''; + type = types.enum [ "plain" "ecryptfs" "securefs" ]; + }; + }; + })); + default = {}; + }; + }; + + config = mkIf (cfg.containers != {}) { + programs.fuse.userAllowOther = true; + # allow syncthing to enter /var/lib/containers + system.activationScripts.syncthing-home = '' + ${pkgs.coreutils}/bin/chmod a+x /var/lib/containers + ''; + + services.syncthing.declarative.folders = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({ + devices = ctr.peers; + ignorePerms = false; + })) cfg.containers); + + krebs.permown = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({ + file-mode = "u+rw"; + directory-mode = "u+rwx"; + owner = "syncthing"; + keepGoing = false; + })) cfg.containers); + + systemd.services = mapAttrs' (n: ctr: nameValuePair "containers@${ctr.name}" ({ + reloadIfChanged = mkForce false; + })) cfg.containers; + + containers = mapAttrs' (n: ctr: nameValuePair ctr.name ({ + config = { ... }: { + environment.systemPackages = [ + pkgs.git + ]; + system.activationScripts.fuse = { + text = '' + ${pkgs.coreutils}/bin/mknod /dev/fuse c 10 229 + ''; + deps = []; + }; + }; + allowedDevices = [ + { modifier = "rwm"; node = "/dev/fuse"; } + ]; + autoStart = false; + enableTun = true; + privateNetwork = true; + hostAddress = ctr.hostIp; + localAddress = ctr.localIp; + })) cfg.containers; + + environment.systemPackages = flatten (mapAttrsToList (n: ctr: [ + (pkgs.writeDashBin "start-${ctr.name}" '' + set -euf + set -x + + mkdir -p /var/lib/containers/${ctr.name}/var/state + + ${(start ctr.name).${ctr.format}} + + STATE=$(${pkgs.nixos-container}/bin/nixos-container status ${ctr.name}) + if [ "$STATE" = 'down' ]; then + ${pkgs.nixos-container}/bin/nixos-container start ${ctr.name} + fi + + ${pkgs.nixos-container}/bin/nixos-container run ${ctr.name} -- ${pkgs.writeDash "deploy-${ctr.name}" '' + set -x + + mkdir -p /var/state/var_src + ln -sfTr /var/state/var_src /var/src + touch /etc/NIXOS + ''} + + if [ -h /var/lib/containers/${ctr.name}/var/src/nixos-config ] && (! ping -c1 -q -w5 ${ctr.name}.r); then + ${pkgs.nixos-container}/bin/nixos-container run ${ctr.name} -- nixos-rebuild -I /var/src switch + else + ${(stop ctr.name).${ctr.format}} + fi + '') + (pkgs.writeDashBin "stop-${ctr.name}" '' + set -euf + + ${pkgs.nixos-container}/bin/nixos-container stop ${ctr.name} + ${(stop ctr.name).${ctr.format}} + '') + ]) cfg.containers); + }; +} diff --git a/krebs/5pkgs/haskell/brockman.nix b/krebs/5pkgs/haskell/brockman.nix index 20af4b707..5f1166a25 100644 --- a/krebs/5pkgs/haskell/brockman.nix +++ b/krebs/5pkgs/haskell/brockman.nix @@ -1,23 +1,26 @@ -{ mkDerivation, aeson, async, base, bloomfilter, bytestring -, conduit, containers, feed, hslogger, irc-conduit, microlens -, network, optparse-applicative, stdenv, stm, text, wreq +{ mkDerivation, aeson, aeson-pretty, base, bloomfilter, bytestring +, case-insensitive, conduit, containers, directory, feed, filepath +, hslogger, html-entity, http-client, irc-conduit, lens, network +, optparse-applicative, random, safe, stdenv, text, time, timerep +, wreq , fetchFromGitHub }: mkDerivation rec { pname = "brockman"; - version = "1.4.5"; + version = "3.2.3"; src = fetchFromGitHub { owner = "kmein"; repo = "brockman"; rev = version; - sha256 = "0fdvfj2fwwz8inj0h1q6msryj1xsxs1lfmgv5kynmxrqpdibb3fw"; + sha256 = "1qbjbf0l1ikfzmvky4cnvv7nlcwi2in4afliifh618j0a4f7j427"; }; isLibrary = false; isExecutable = true; executableHaskellDepends = [ - aeson async base bloomfilter bytestring conduit containers feed - hslogger irc-conduit microlens network optparse-applicative stm - text wreq + aeson aeson-pretty base bloomfilter bytestring case-insensitive + conduit containers directory feed filepath hslogger html-entity + http-client irc-conduit lens network optparse-applicative random + safe text time timerep wreq ]; license = stdenv.lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/scanner.nix b/krebs/5pkgs/haskell/scanner.nix index 071fd757f..28f89b069 100644 --- a/krebs/5pkgs/haskell/scanner.nix +++ b/krebs/5pkgs/haskell/scanner.nix @@ -1,12 +1,13 @@ { mkDerivation, base, fetchgit, stdenv }: mkDerivation { pname = "scanner"; - version = "1.0.0"; + version = "1.0.1"; src = fetchgit { - url = http://cgit.ni.krebsco.de/scanner; - rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad"; + url = "http://cgit.ni.krebsco.de/scanner"; sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn"; + rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad"; + fetchSubmodules = true; }; libraryHaskellDepends = [ base ]; - license = stdenv.lib.licenses.wtfpl; + license = stdenv.lib.licenses.mit; } diff --git a/krebs/5pkgs/simple/TabFS/default.nix b/krebs/5pkgs/simple/TabFS/default.nix index 23fdf519d..69de919eb 100644 --- a/krebs/5pkgs/simple/TabFS/default.nix +++ b/krebs/5pkgs/simple/TabFS/default.nix @@ -3,11 +3,7 @@ stdenv.mkDerivation rec { name = "TabFS"; - src = pkgs.fetchgit { - url = https://cgit.krebsco.de/TabFS; - rev = "1fc4845283a0e6aa46a8d8978f356d5ccdcedd13"; - sha256 = "0bsm5fhxrr6zwbnm9p10h9pwm85llr02g2ch97a62r62dhjjrc8h"; - }; + src = pkgs.fetchgit (lib.importJSON ./src.json); phases = [ "unpackPhase" diff --git a/krebs/5pkgs/simple/TabFS/src.json b/krebs/5pkgs/simple/TabFS/src.json new file mode 100644 index 000000000..24e36aef3 --- /dev/null +++ b/krebs/5pkgs/simple/TabFS/src.json @@ -0,0 +1,10 @@ +{ + "url": "https://cgit.krebsco.de/TabFS", + "rev": "a6045e0e29b85e3e66c468f3561009ded1db6ec5", + "date": "2021-01-14T23:56:09+01:00", + "path": "/nix/store/mbcywm1yq5vr7awxqb533faz34minfax-TabFS", + "sha256": "1z0kj95zh0jl8laa0whra1jys8pws3199sy29vmlv2nxrkz13blv", + "fetchSubmodules": false, + "deepClone": false, + "leaveDotGit": false +} diff --git a/krebs/5pkgs/simple/ecrypt/default.nix b/krebs/5pkgs/simple/ecrypt/default.nix new file mode 100644 index 000000000..f83f8cfe7 --- /dev/null +++ b/krebs/5pkgs/simple/ecrypt/default.nix @@ -0,0 +1,111 @@ +{ pkgs, lib }: + +#usage: ecrypt mount /var/crypted /var/unencrypted +pkgs.writers.writeDashBin "ecrypt" '' + set -euf + + PATH=${lib.makeBinPath (with pkgs; [ + coreutils + ecryptfs + gnused + gnugrep + jq + mount + keyutils + umount + ])} + + # turn echo back on if killed + trap 'stty echo' INT + + case "$1" in + init) + shift + mkdir -p "$1" "$2" + + # abort if src or dest are not empty + if [ -e "$1"/.cfg.json ]; then + echo 'source dir is already configured, aborting' + exit 1 + elif ls -1qA "$2" | grep -q .; then + echo 'destination dir is not empty, aborting' + exit 1 + else + # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails + echo 4 | ecryptfs-manager + stty -echo + printf "passphrase: " + read passphrase + stty echo + sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/') + mount -t ecryptfs \ + -o ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \ + "$1" "$2" + + # add sig to json state file + jq -n --arg sig "$sig" '{ "sig": $sig }' > "$1"/.cfg.json + fi + ;; + + mount) + shift + if ! [ -e "$1"/.cfg.json ]; then + echo '.cfg.json missing in src' + exit 1 + fi + old_sig=$(cat "$1"/.cfg.json | jq -r .sig) + + # check if key is already in keyring, otherwise add it + + if keyctl list @u | grep -q "$old_sig"; then + echo 'pw already saved' + else + # we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails + echo 4 | ecryptfs-manager + stty -echo + printf "passphrase: " + read passphrase + stty echo + new_sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/') + + # check if passphrase matches sig + if [ "$old_sig" != "$new_sig" ]; then + echo 'passphrase does not match sig, bailing out' + new_keyid=$(keyctl list @u | grep "$new_sig" | sed 's/\([0-9]*\).*/\1/') + keyctl revoke "$new_keyid" + keyctl unlink "$new_keyid" + exit 1 + fi + fi + + sig=$old_sig + keyid=$(keyctl list @u | grep "$sig" | sed 's/\([0-9]*\).*/\1/') + if (ls -1qA "$2" | grep -q .); then + echo 'destination is not empty, bailing out' + exit 1 + else + mount -i -t ecryptfs \ + -o ecryptfs_passthrough=no,verbose=no,ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \ + "$1" "$2" + fi + ;; + + unmount) + shift + + sig=$(cat "$1"/.cfg.json | jq -r .sig) + keyid=$(keyctl list @u | grep "$sig" | sed 's/\s*\([0-9]*\).*/\1/') + + umount "$2" || : + keyctl revoke "$keyid" + keyctl unlink "$keyid" + ;; + + *) + echo 'usage: + ecrypt init /tmp/src/ /tmp/dst/ + ecrypt mount /tmp/src/ /tmp/dst/ + ecrypt unmount /tmp/src/ /tmp/dst/ + ' + esac +'' diff --git a/krebs/5pkgs/simple/git-preview.nix b/krebs/5pkgs/simple/git-preview.nix deleted file mode 100644 index d6c9579a7..000000000 --- a/krebs/5pkgs/simple/git-preview.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ coreutils, git, writeDashBin }: - -writeDashBin "git-preview" '' - set -efu - head_commit=$(${git}/bin/git log -1 --format=%H) - merge_commit=$1; shift - merge_message='Merge for git-preview' - preview_dir=$(${coreutils}/bin/mktemp --tmpdir -d git-preview.XXXXXXXX) - preview_branch=$(${coreutils}/bin/basename "$preview_dir") - ${git}/bin/git worktree add -b "$preview_branch" "$preview_dir" >/dev/null - ${git}/bin/git -C "$preview_dir" checkout "$head_commit" - ${git}/bin/git -C "$preview_dir" merge -m "$merge_message" "$merge_commit" - ${git}/bin/git -C "$preview_dir" diff "$head_commit.." "$@" & - ${git}/bin/git branch -fd "$preview_branch" - ${coreutils}/bin/rm -fR "$preview_dir" - wait -'' diff --git a/krebs/5pkgs/simple/go-shortener/default.nix b/krebs/5pkgs/simple/go-shortener/default.nix deleted file mode 100644 index 5e734553b..000000000 --- a/krebs/5pkgs/simple/go-shortener/default.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-12_x, pkgs }: - -with lib; - -let - nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> { - inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile; - nodejs = nodejs-12_x; - libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null; - }; - - node_env = pkgs.buildEnv { - name = "go-node_env"; - paths = attrValues (import ./node-packages.nix { - inherit (pkgs) fetchurl fetchgit; - inherit nodeEnv; - }); - }; - -in stdenv.mkDerivation { - packageName = "go"; - name = "go-shortener"; - version = "0.0.0"; - - src = fetchgit { - url = "http://cgit.lassul.us/go/"; - rev = "05d02740e0adbb36cc461323647f0c1e7f493156"; - sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f"; - }; - - phases = [ - "unpackPhase" - "installPhase" - ]; - - buildInputs = [ - nodejs-12_x - makeWrapper - ]; - - installPhase = '' - mkdir -p $out/bin - - cp index.js $out/ - cat > $out/go << EOF - ${nodejs-12_x}/bin/node $out/index.js - EOF - chmod +x $out/go - - wrapProgram $out/go \ - --prefix NODE_PATH : ${node_env}/lib/node_modules - - ln -s $out/go /$out/bin/go - ''; - -} diff --git a/krebs/5pkgs/simple/go-shortener/node-packages.nix b/krebs/5pkgs/simple/go-shortener/node-packages.nix deleted file mode 100644 index 613e31ba0..000000000 --- a/krebs/5pkgs/simple/go-shortener/node-packages.nix +++ /dev/null @@ -1,88 +0,0 @@ -# This file has been generated by node2nix 1.7.0. Do not edit! - -{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: - -let - sources = { - "denque-1.4.1" = { - name = "denque"; - packageName = "denque"; - version = "1.4.1"; - src = fetchurl { - url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz"; - sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ=="; - }; - }; - "redis-commands-1.5.0" = { - name = "redis-commands"; - packageName = "redis-commands"; - version = "1.5.0"; - src = fetchurl { - url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz"; - sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg=="; - }; - }; - "redis-errors-1.2.0" = { - name = "redis-errors"; - packageName = "redis-errors"; - version = "1.2.0"; - src = fetchurl { - url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz"; - sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad"; - }; - }; - "redis-parser-3.0.0" = { - name = "redis-parser"; - packageName = "redis-parser"; - version = "3.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz"; - sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4"; - }; - }; - }; -in -{ - formidable = nodeEnv.buildNodePackage { - name = "formidable"; - packageName = "formidable"; - version = "1.2.2"; - src = fetchurl { - url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz"; - sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q=="; - }; - buildInputs = globalBuildInputs; - meta = { - description = "A node.js module for parsing form data, especially file uploads."; - homepage = https://github.com/node-formidable/formidable; - license = "MIT"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; - redis = nodeEnv.buildNodePackage { - name = "redis"; - packageName = "redis"; - version = "3.0.2"; - src = fetchurl { - url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz"; - sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ=="; - }; - dependencies = [ - sources."denque-1.4.1" - sources."redis-commands-1.5.0" - sources."redis-errors-1.2.0" - sources."redis-parser-3.0.0" - ]; - buildInputs = globalBuildInputs; - meta = { - description = "A high performance Redis client."; - homepage = https://github.com/NodeRedis/node-redis; - license = "MIT"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; -}
\ No newline at end of file diff --git a/krebs/5pkgs/simple/go-shortener/pkgs.json b/krebs/5pkgs/simple/go-shortener/pkgs.json deleted file mode 100644 index f53ce3745..000000000 --- a/krebs/5pkgs/simple/go-shortener/pkgs.json +++ /dev/null @@ -1,4 +0,0 @@ -[ - "formidable", - "redis" -] diff --git a/krebs/5pkgs/simple/go-shortener/update.sh b/krebs/5pkgs/simple/go-shortener/update.sh deleted file mode 100755 index 1a58d0367..000000000 --- a/krebs/5pkgs/simple/go-shortener/update.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/env nix-shell -#! nix-shell -i bash -p nodePackages_10_x.node2nix -node2nix -10 -i pkgs.json -c combine.nix -rm node-env.nix combine.nix diff --git a/krebs/5pkgs/simple/newsbot-js/default.nix b/krebs/5pkgs/simple/newsbot-js/default.nix deleted file mode 100644 index 0ac66f433..000000000 --- a/krebs/5pkgs/simple/newsbot-js/default.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs, pkgs, icu }: - -with lib; - -let - nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> { - inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile; - nodejs = nodejs; - libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null; - }; - - node_env = pkgs.buildEnv { - name = "go-node_env"; - paths = attrValues (import ./node-packages.nix { - inherit (pkgs) fetchurl fetchgit; - inherit nodeEnv; - globalBuildInputs = [ - icu.dev - ]; - }); - }; - - -in stdenv.mkDerivation { - name = "newsbot-js"; - - src = fetchgit { - url = "http://cgit.prism/newsbot-js/"; - rev = "09e01639be4ea9691cf5b33f7d9057b68ac98079"; - sha256 = "28ffbed66c2efcd194c47823c7d5d5533c80852fc0cf9d9d4ee609c71d50c142"; - }; - - phases = [ - "unpackPhase" - "installPhase" - ]; - - buildInputs = [ - nodejs - makeWrapper - ]; - - installPhase = '' - mkdir -p $out/bin - - cp newsbot.js $out/ - cat > $out/newsbot << EOF - ${nodejs}/bin/node $out/newsbot.js - EOF - chmod +x $out/newsbot - - wrapProgram $out/newsbot \ - --prefix NODE_PATH : ${node_env}/lib/node_modules - - ln -s $out/newsbot /$out/bin/newsbot - ''; - -} diff --git a/krebs/5pkgs/simple/newsbot-js/node-packages.nix b/krebs/5pkgs/simple/newsbot-js/node-packages.nix deleted file mode 100644 index ea45b93f3..000000000 --- a/krebs/5pkgs/simple/newsbot-js/node-packages.nix +++ /dev/null @@ -1,777 +0,0 @@ -# This file has been generated by node2nix 1.7.0. Do not edit! - -{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: - -let - sources = { - "addressparser-1.0.1" = { - name = "addressparser"; - packageName = "addressparser"; - version = "1.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/addressparser/-/addressparser-1.0.1.tgz"; - sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746"; - }; - }; - "ajv-6.10.2" = { - name = "ajv"; - packageName = "ajv"; - version = "6.10.2"; - src = fetchurl { - url = "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz"; - sha512 = "TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw=="; - }; - }; - "array-indexofobject-0.0.1" = { - name = "array-indexofobject"; - packageName = "array-indexofobject"; - version = "0.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/array-indexofobject/-/array-indexofobject-0.0.1.tgz"; - sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a"; - }; - }; - "asn1-0.2.4" = { - name = "asn1"; - packageName = "asn1"; - version = "0.2.4"; - src = fetchurl { - url = "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz"; - sha512 = "jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg=="; - }; - }; - "assert-plus-1.0.0" = { - name = "assert-plus"; - packageName = "assert-plus"; - version = "1.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz"; - sha1 = "f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"; - }; - }; - "asynckit-0.4.0" = { - name = "asynckit"; - packageName = "asynckit"; - version = "0.4.0"; - src = fetchurl { - url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"; - sha1 = "c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"; - }; - }; - "aws-sign2-0.7.0" = { - name = "aws-sign2"; - packageName = "aws-sign2"; - version = "0.7.0"; - src = fetchurl { - url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz"; - sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8"; - }; - }; - "aws4-1.8.0" = { - name = "aws4"; - packageName = "aws4"; - version = "1.8.0"; - src = fetchurl { - url = "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz"; - sha512 = "ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ=="; - }; - }; - "bcrypt-pbkdf-1.0.2" = { - name = "bcrypt-pbkdf"; - packageName = "bcrypt-pbkdf"; - version = "1.0.2"; - src = fetchurl { - url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz"; - sha1 = "a4301d389b6a43f9b67ff3ca11a3f6637e360e9e"; - }; - }; - "caseless-0.12.0" = { - name = "caseless"; - packageName = "caseless"; - version = "0.12.0"; - src = fetchurl { - url = "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz"; - sha1 = "1b681c21ff84033c826543090689420d187151dc"; - }; - }; - "combined-stream-1.0.8" = { - name = "combined-stream"; - packageName = "combined-stream"; - version = "1.0.8"; - src = fetchurl { - url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz"; - sha512 = "FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg=="; - }; - }; - "core-util-is-1.0.2" = { - name = "core-util-is"; - packageName = "core-util-is"; - version = "1.0.2"; - src = fetchurl { - url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz"; - sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7"; - }; - }; - "dashdash-1.14.1" = { - name = "dashdash"; - packageName = "dashdash"; - version = "1.14.1"; - src = fetchurl { - url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz"; - sha1 = "853cfa0f7cbe2fed5de20326b8dd581035f6e2f0"; - }; - }; - "delayed-stream-1.0.0" = { - name = "delayed-stream"; - packageName = "delayed-stream"; - version = "1.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz"; - sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619"; - }; - }; - "ecc-jsbn-0.1.2" = { - name = "ecc-jsbn"; - packageName = "ecc-jsbn"; - version = "0.1.2"; - src = fetchurl { - url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz"; - sha1 = "3a83a904e54353287874c564b7549386849a98c9"; - }; - }; - "extend-3.0.2" = { - name = "extend"; - packageName = "extend"; - version = "3.0.2"; - src = fetchurl { - url = "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz"; - sha512 = "fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g=="; - }; - }; - "extsprintf-1.3.0" = { - name = "extsprintf"; - packageName = "extsprintf"; - version = "1.3.0"; - src = fetchurl { - url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz"; - sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05"; - }; - }; - "fast-deep-equal-2.0.1" = { - name = "fast-deep-equal"; - packageName = "fast-deep-equal"; - version = "2.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz"; - sha1 = "7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49"; - }; - }; - "fast-json-stable-stringify-2.0.0" = { - name = "fast-json-stable-stringify"; - packageName = "fast-json-stable-stringify"; - version = "2.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz"; - sha1 = "d5142c0caee6b1189f87d3a76111064f86c8bbf2"; - }; - }; - "forever-agent-0.6.1" = { - name = "forever-agent"; - packageName = "forever-agent"; - version = "0.6.1"; - src = fetchurl { - url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz"; - sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91"; - }; - }; - "form-data-2.3.3" = { - name = "form-data"; - packageName = "form-data"; - version = "2.3.3"; - src = fetchurl { - url = "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz"; - sha512 = "1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ=="; - }; - }; - "getpass-0.1.7" = { - name = "getpass"; - packageName = "getpass"; - version = "0.1.7"; - src = fetchurl { - url = "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz"; - sha1 = "5eff8e3e684d569ae4cb2b1282604e8ba62149fa"; - }; - }; - "har-schema-2.0.0" = { - name = "har-schema"; - packageName = "har-schema"; - version = "2.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz"; - sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92"; - }; - }; - "har-validator-5.1.3" = { - name = "har-validator"; - packageName = "har-validator"; - version = "5.1.3"; - src = fetchurl { - url = "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz"; - sha512 = "sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g=="; - }; - }; - "http-signature-1.2.0" = { - name = "http-signature"; - packageName = "http-signature"; - version = "1.2.0"; - src = fetchurl { - url = "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz"; - sha1 = "9aecd925114772f3d95b65a60abb8f7c18fbace1"; - }; - }; - "iconv-2.2.3" = { - name = "iconv"; - packageName = "iconv"; - version = "2.2.3"; - src = fetchurl { - url = "https://registry.npmjs.org/iconv/-/iconv-2.2.3.tgz"; - sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed"; - }; - }; - "inherits-2.0.4" = { - name = "inherits"; - packageName = "inherits"; - version = "2.0.4"; - src = fetchurl { - url = "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz"; - sha512 = "k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="; - }; - }; - "irc-colors-1.5.0" = { - name = "irc-colors"; - packageName = "irc-colors"; - version = "1.5.0"; - src = fetchurl { - url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.5.0.tgz"; - sha512 = "HtszKchBQTcqw1DC09uD7i7vvMayHGM1OCo6AHt5pkgZEyo99ClhHTMJdf+Ezc9ovuNNxcH89QfyclGthjZJOw=="; - }; - }; - "is-typedarray-1.0.0" = { - name = "is-typedarray"; - packageName = "is-typedarray"; - version = "1.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz"; - sha1 = "e479c80858df0c1b11ddda6940f96011fcda4a9a"; - }; - }; - "isarray-1.0.0" = { - name = "isarray"; - packageName = "isarray"; - version = "1.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz"; - sha1 = "bb935d48582cba168c06834957a54a3e07124f11"; - }; - }; - "isstream-0.1.2" = { - name = "isstream"; - packageName = "isstream"; - version = "0.1.2"; - src = fetchurl { - url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz"; - sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a"; - }; - }; - "jsbn-0.1.1" = { - name = "jsbn"; - packageName = "jsbn"; - version = "0.1.1"; - src = fetchurl { - url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz"; - sha1 = "a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"; - }; - }; - "json-schema-0.2.3" = { - name = "json-schema"; - packageName = "json-schema"; - version = "0.2.3"; - src = fetchurl { - url = "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz"; - sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13"; - }; - }; - "json-schema-traverse-0.4.1" = { - name = "json-schema-traverse"; - packageName = "json-schema-traverse"; - version = "0.4.1"; - src = fetchurl { - url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz"; - sha512 = "xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="; - }; - }; - "json-stringify-safe-5.0.1" = { - name = "json-stringify-safe"; - packageName = "json-stringify-safe"; - version = "5.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz"; - sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb"; - }; - }; - "jsprim-1.4.1" = { - name = "jsprim"; - packageName = "jsprim"; - version = "1.4.1"; - src = fetchurl { - url = "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz"; - sha1 = "313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"; - }; - }; - "lodash.assign-4.2.0" = { - name = "lodash.assign"; - packageName = "lodash.assign"; - version = "4.2.0"; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz"; - sha1 = "0d99f3ccd7a6d261d19bdaeb9245005d285808e7"; - }; - }; - "lodash.get-4.4.2" = { - name = "lodash.get"; - packageName = "lodash.get"; - version = "4.4.2"; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz"; - sha1 = "2d177f652fa31e939b4438d5341499dfa3825e99"; - }; - }; - "lodash.has-4.5.2" = { - name = "lodash.has"; - packageName = "lodash.has"; - version = "4.5.2"; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz"; - sha1 = "d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862"; - }; - }; - "lodash.uniq-4.5.0" = { - name = "lodash.uniq"; - packageName = "lodash.uniq"; - version = "4.5.0"; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz"; - sha1 = "d0225373aeb652adc1bc82e4945339a842754773"; - }; - }; - "mime-db-1.42.0" = { - name = "mime-db"; - packageName = "mime-db"; - version = "1.42.0"; - src = fetchurl { - url = "https://registry.npmjs.org/mime-db/-/mime-db-1.42.0.tgz"; - sha512 = "UbfJCR4UAVRNgMpfImz05smAXK7+c+ZntjaA26ANtkXLlOe947Aag5zdIcKQULAiF9Cq4WxBi9jUs5zkA84bYQ=="; - }; - }; - "mime-types-2.1.25" = { - name = "mime-types"; - packageName = "mime-types"; - version = "2.1.25"; - src = fetchurl { - url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.25.tgz"; - sha512 = "5KhStqB5xpTAeGqKBAMgwaYMnQik7teQN4IAzC7npDv6kzeU6prfkR67bc87J1kWMPGkoaZSq1npmexMgkmEVg=="; - }; - }; - "mri-1.1.4" = { - name = "mri"; - packageName = "mri"; - version = "1.1.4"; - src = fetchurl { - url = "https://registry.npmjs.org/mri/-/mri-1.1.4.tgz"; - sha512 = "6y7IjGPm8AzlvoUrwAaw1tLnUBudaS3752vcd8JtrpGGQn+rXIe63LFVHm/YMwtqAuh+LJPCFdlLYPWM1nYn6w=="; - }; - }; - "nan-2.14.0" = { - name = "nan"; - packageName = "nan"; - version = "2.14.0"; - src = fetchurl { - url = "https://registry.npmjs.org/nan/-/nan-2.14.0.tgz"; - sha512 = "INOFj37C7k3AfaNTtX8RhsTw7qRy7eLET14cROi9+5HAVbbHuIWUHEauBv5qT4Av2tWasiTY1Jw6puUNqRJXQg=="; - }; - }; - "node-icu-charset-detector-0.2.0" = { - name = "node-icu-charset-detector"; - packageName = "node-icu-charset-detector"; - version = "0.2.0"; - src = fetchurl { - url = "https://registry.npmjs.org/node-icu-charset-detector/-/node-icu-charset-detector-0.2.0.tgz"; - sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639"; - }; - }; - "oauth-sign-0.9.0" = { - name = "oauth-sign"; - packageName = "oauth-sign"; - version = "0.9.0"; - src = fetchurl { - url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz"; - sha512 = "fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="; - }; - }; - "performance-now-2.1.0" = { - name = "performance-now"; - packageName = "performance-now"; - version = "2.1.0"; - src = fetchurl { - url = "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz"; - sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"; - }; - }; - "process-nextick-args-2.0.1" = { - name = "process-nextick-args"; - packageName = "process-nextick-args"; - version = "2.0.1"; - src = fetchurl { - url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz"; - sha512 = "3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="; - }; - }; - "psl-1.4.0" = { - name = "psl"; - packageName = "psl"; - version = "1.4.0"; - src = fetchurl { - url = "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz"; - sha512 = "HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw=="; - }; - }; - "punycode-1.4.1" = { - name = "punycode"; - packageName = "punycode"; - version = "1.4.1"; - src = fetchurl { - url = "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz"; - sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"; - }; - }; - "punycode-2.1.1" = { - name = "punycode"; - packageName = "punycode"; - version = "2.1.1"; - src = fetchurl { - url = "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz"; - sha512 = "XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A=="; - }; - }; - "qs-6.5.2" = { - name = "qs"; - packageName = "qs"; - version = "6.5.2"; - src = fetchurl { - url = "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz"; - sha512 = "N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA=="; - }; - }; - "readable-stream-2.3.6" = { - name = "readable-stream"; - packageName = "readable-stream"; - version = "2.3.6"; - src = fetchurl { - url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz"; - sha512 = "tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw=="; - }; - }; - "safe-buffer-5.1.2" = { - name = "safe-buffer"; - packageName = "safe-buffer"; - version = "5.1.2"; - src = fetchurl { - url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz"; - sha512 = "Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="; - }; - }; - "safe-buffer-5.2.0" = { - name = "safe-buffer"; - packageName = "safe-buffer"; - version = "5.2.0"; - src = fetchurl { - url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz"; - sha512 = "fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="; - }; - }; - "safer-buffer-2.1.2" = { - name = "safer-buffer"; - packageName = "safer-buffer"; - version = "2.1.2"; - src = fetchurl { - url = "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz"; - sha512 = "YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="; - }; - }; - "sax-1.2.4" = { - name = "sax"; - packageName = "sax"; - version = "1.2.4"; - src = fetchurl { - url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz"; - sha512 = "NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="; - }; - }; - "sshpk-1.16.1" = { - name = "sshpk"; - packageName = "sshpk"; - version = "1.16.1"; - src = fetchurl { - url = "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz"; - sha512 = "HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg=="; - }; - }; - "string_decoder-1.1.1" = { - name = "string_decoder"; - packageName = "string_decoder"; - version = "1.1.1"; - src = fetchurl { - url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz"; - sha512 = "n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg=="; - }; - }; - "tough-cookie-2.4.3" = { - name = "tough-cookie"; - packageName = "tough-cookie"; - version = "2.4.3"; - src = fetchurl { - url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz"; - sha512 = "Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ=="; - }; - }; - "tunnel-agent-0.6.0" = { - name = "tunnel-agent"; - packageName = "tunnel-agent"; - version = "0.6.0"; - src = fetchurl { - url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz"; - sha1 = "27a5dea06b36b04a0a9966774b290868f0fc40fd"; - }; - }; - "tweetnacl-0.14.5" = { - name = "tweetnacl"; - packageName = "tweetnacl"; - version = "0.14.5"; - src = fetchurl { - url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz"; - sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64"; - }; - }; - "uri-js-4.2.2" = { - name = "uri-js"; - packageName = "uri-js"; - version = "4.2.2"; - src = fetchurl { - url = "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz"; - sha512 = "KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ=="; - }; - }; - "util-deprecate-1.0.2" = { - name = "util-deprecate"; - packageName = "util-deprecate"; - version = "1.0.2"; - src = fetchurl { - url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz"; - sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf"; - }; - }; - "uuid-3.3.3" = { - name = "uuid"; - packageName = "uuid"; - version = "3.3.3"; - src = fetchurl { - url = "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz"; - sha512 = "pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ=="; - }; - }; - "verror-1.10.0" = { - name = "verror"; - packageName = "verror"; - version = "1.10.0"; - src = fetchurl { - url = "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz"; - sha1 = "3a105ca17053af55d6e270c1f8288682e18da400"; - }; - }; - }; -in -{ - feedparser = nodeEnv.buildNodePackage { - name = "feedparser"; - packageName = "feedparser"; - version = "2.2.9"; - src = fetchurl { - url = "https://registry.npmjs.org/feedparser/-/feedparser-2.2.9.tgz"; - sha1 = "9138197dafdae05fcadde0036beeaf6066c2c5e9"; - }; - dependencies = [ - sources."addressparser-1.0.1" - sources."array-indexofobject-0.0.1" - sources."core-util-is-1.0.2" - sources."inherits-2.0.4" - sources."isarray-1.0.0" - sources."lodash.assign-4.2.0" - sources."lodash.get-4.4.2" - sources."lodash.has-4.5.2" - sources."lodash.uniq-4.5.0" - sources."mri-1.1.4" - sources."process-nextick-args-2.0.1" - sources."readable-stream-2.3.6" - sources."safe-buffer-5.1.2" - sources."sax-1.2.4" - sources."string_decoder-1.1.1" - sources."util-deprecate-1.0.2" - ]; - buildInputs = globalBuildInputs; - meta = { - description = "Robust RSS Atom and RDF feed parsing using sax js"; - homepage = http://github.com/danmactough/node-feedparser; - license = "MIT"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; - form-data = nodeEnv.buildNodePackage { - name = "form-data"; - packageName = "form-data"; - version = "3.0.0"; - src = fetchurl { - url = "https://registry.npmjs.org/form-data/-/form-data-3.0.0.tgz"; - sha512 = "CKMFDglpbMi6PyN+brwB9Q/GOw0eAnsrEZDgcsH5Krhz5Od/haKHAX0NmQfha2zPPz0JpWzA7GJHGSnvCRLWsg=="; - }; - dependencies = [ - sources."asynckit-0.4.0" - sources."combined-stream-1.0.8" - sources."delayed-stream-1.0.0" - sources."mime-db-1.42.0" - sources."mime-types-2.1.25" - ]; - buildInputs = globalBuildInputs; - meta = { - description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications."; - homepage = "https://github.com/form-data/form-data#readme"; - license = "MIT"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; - irc = nodeEnv.buildNodePackage { - name = "irc"; - packageName = "irc"; - version = "0.5.2"; - src = fetchurl { - url = "https://registry.npmjs.org/irc/-/irc-0.5.2.tgz"; - sha1 = "3714f4768365a96d0b2f776bc91166beb2464bbc"; - }; - dependencies = [ - sources."iconv-2.2.3" - sources."irc-colors-1.5.0" - sources."nan-2.14.0" - sources."node-icu-charset-detector-0.2.0" - ]; - buildInputs = globalBuildInputs; - meta = { - description = "An IRC client library for node"; - homepage = "https://github.com/martynsmith/node-irc#readme"; - license = "GPL-3.0"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; - request = nodeEnv.buildNodePackage { - name = "request"; - packageName = "request"; - version = "2.88.0"; - src = fetchurl { - url = "https://registry.npmjs.org/request/-/request-2.88.0.tgz"; - sha512 = "NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg=="; - }; - dependencies = [ - sources."ajv-6.10.2" - sources."asn1-0.2.4" - sources."assert-plus-1.0.0" - sources."asynckit-0.4.0" - sources."aws-sign2-0.7.0" - sources."aws4-1.8.0" - sources."bcrypt-pbkdf-1.0.2" - sources."caseless-0.12.0" - sources."combined-stream-1.0.8" - sources."core-util-is-1.0.2" - sources."dashdash-1.14.1" - sources."delayed-stream-1.0.0" - sources."ecc-jsbn-0.1.2" - sources."extend-3.0.2" - sources."extsprintf-1.3.0" - sources."fast-deep-equal-2.0.1" - sources."fast-json-stable-stringify-2.0.0" - sources."forever-agent-0.6.1" - sources."form-data-2.3.3" - sources."getpass-0.1.7" - sources."har-schema-2.0.0" - sources."har-validator-5.1.3" - sources."http-signature-1.2.0" - sources."is-typedarray-1.0.0" - sources."isstream-0.1.2" - sources."jsbn-0.1.1" - sources."json-schema-0.2.3" - sources."json-schema-traverse-0.4.1" - sources."json-stringify-safe-5.0.1" - sources."jsprim-1.4.1" - sources."mime-db-1.42.0" - sources."mime-types-2.1.25" - sources."oauth-sign-0.9.0" - sources."performance-now-2.1.0" - sources."psl-1.4.0" - sources."punycode-2.1.1" - sources."qs-6.5.2" - sources."safe-buffer-5.2.0" - sources."safer-buffer-2.1.2" - sources."sshpk-1.16.1" - (sources."tough-cookie-2.4.3" // { - dependencies = [ - sources."punycode-1.4.1" - ]; - }) - sources."tunnel-agent-0.6.0" - sources."tweetnacl-0.14.5" - sources."uri-js-4.2.2" - sources."uuid-3.3.3" - sources."verror-1.10.0" - ]; - buildInputs = globalBuildInputs; - meta = { - description = "Simplified HTTP request client."; - homepage = "https://github.com/request/request#readme"; - license = "Apache-2.0"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; - shell-quote = nodeEnv.buildNodePackage { - name = "shell-quote"; - packageName = "shell-quote"; - version = "1.7.2"; - src = fetchurl { - url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz"; - sha512 = "mRz/m/JVscCrkMyPqHc/bczi3OQHkLTqXHEFu0zDhK/qfv3UcOA4SVmRCLmos4bhjr9ekVQubj/R7waKapmiQg=="; - }; - buildInputs = globalBuildInputs; - meta = { - description = "quote and parse shell commands"; - homepage = https://github.com/substack/node-shell-quote; - license = "MIT"; - }; - production = true; - bypassCache = true; - reconstructLock = true; - }; -}
\ No newline at end of file diff --git a/krebs/5pkgs/simple/newsbot-js/pkgs.json b/krebs/5pkgs/simple/newsbot-js/pkgs.json deleted file mode 100644 index 95b60854d..000000000 --- a/krebs/5pkgs/simple/newsbot-js/pkgs.json +++ /dev/null @@ -1,7 +0,0 @@ -[ - "feedparser", - "form-data", - "irc", - "request", - "shell-quote" -] diff --git a/krebs/5pkgs/simple/newsbot-js/update.sh b/krebs/5pkgs/simple/newsbot-js/update.sh deleted file mode 100755 index ee7e43f1a..000000000 --- a/krebs/5pkgs/simple/newsbot-js/update.sh +++ /dev/null @@ -1,4 +0,0 @@ -#! /usr/bin/env nix-shell -#! nix-shell -i bash -p nodePackages.node2nix -node2nix -12 -i pkgs.json -c combine.nix -rm node-env.nix combine.nix diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index 56a7dfb98..e55454a08 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -192,18 +192,15 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' fi # create marker file from json - if [ -s marker.json ]; then - jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json > marker_file - echo 'position=sun image=sun.png' >> marker_file - echo 'position=moon image=moon.png' >> marker_file - echo 'position=mercury image=mercury.png' >> marker_file - echo 'position=venus image=venus.png' >> marker_file - echo 'position=mars image=mars.png' >> marker_file - echo 'position=jupiter image=jupiter.png' >> marker_file - echo 'position=saturn image=saturn.png' >> marker_file - echo 'position=uranus image=uranus.png' >> marker_file - echo 'position=neptune image=neptune.png' >> marker_file - fi + echo 'position=sun image=sun.png' > marker_file + echo 'position=moon image=moon.png' >> marker_file + echo 'position=mercury image=mercury.png' >> marker_file + echo 'position=venus image=venus.png' >> marker_file + echo 'position=mars image=mars.png' >> marker_file + echo 'position=jupiter image=jupiter.png' >> marker_file + echo 'position=saturn image=saturn.png' >> marker_file + echo 'position=uranus image=uranus.png' >> marker_file + echo 'position=neptune image=neptune.png' >> marker_file # generate moon xplanet -body moon --num_times 1 -origin earth \ @@ -228,6 +225,24 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' ''} xplanet --num_times 1 --geometry $xplanet_out_size \ + --output xplanet-marker-output.png --projection merc \ + -config ${pkgs.writeText "xplanet-marker.config" '' + [earth] + "Earth" + map=daymap-final.png + night_map=nightmap-final.png + cloud_map=clouds.png + cloud_threshold=1 + cloud_gamma=10 + marker_file=marker_file + shade=15 + ''} + + if [ -s marker.json ]; then + jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json >> marker_file + fi + + xplanet --num_times 1 --geometry $xplanet_out_size \ --output xplanet-krebs-output.png --projection merc \ -config ${pkgs.writeText "xplanet-krebs.config" '' [earth] @@ -248,6 +263,13 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' mv realwallpaper-tmp.png realwallpaper.png fi + # trim xplanet output + if needs_rebuild realwallpaper-marker.png xplanet-marker-output.png; then + convert xplanet-marker-output.png -crop $out_geometry \ + realwallpaper-marker-tmp.png + mv realwallpaper-marker-tmp.png realwallpaper-marker.png + fi + if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then convert xplanet-krebs-output.png -crop $out_geometry \ realwallpaper-krebs-tmp.png diff --git a/krebs/5pkgs/simple/rss-bridge/default.nix b/krebs/5pkgs/simple/rss-bridge/default.nix new file mode 100644 index 000000000..13ad9d69a --- /dev/null +++ b/krebs/5pkgs/simple/rss-bridge/default.nix @@ -0,0 +1,33 @@ +{ config, lib, pkgs, fetchFromGitHub, stdenv, ... }: + +stdenv.mkDerivation rec { + pname = "rss-bridge"; + version = "2020-11-10"; + + src = fetchFromGitHub { + owner = "RSS-Bridge"; + repo = "rss-bridge"; + rev = version; + sha256 = "00cp61lqvhi7b7j0rglsqg3l7cg8s9b8vq098bgvg5dygyi44hyv"; + }; + + patchPhase = '' + substituteInPlace lib/rssbridge.php \ + --replace "define('PATH_CACHE', PATH_ROOT . 'cache/');" "define('PATH_CACHE', getenv('RSSBRIDGE_DATA') . '/cache/');" \ + --replace "define('FILE_CONFIG', PATH_ROOT . 'config.ini.php');" "define('FILE_CONFIG', getenv('RSSBRIDGE_DATA') . '/config.ini.php');" \ + --replace "define('WHITELIST', PATH_ROOT . 'whitelist.txt');" "define('WHITELIST', getenv('RSSBRIDGE_DATA') . '/whitelist.txt');" + ''; + + installPhase = '' + mkdir $out/ + cp -R ./* $out + ''; + + meta = with lib; { + description = "The RSS feed for websites missing it"; + homepage = "https://github.com/RSS-Bridge/rss-bridge"; + license = licenses.unlicense; + maintainers = with maintainers; [ dawidsowa ]; + platforms = platforms.all; + }; +} diff --git a/krebs/5pkgs/simple/urix.nix b/krebs/5pkgs/simple/urix.nix new file mode 100644 index 000000000..c0db8c975 --- /dev/null +++ b/krebs/5pkgs/simple/urix.nix @@ -0,0 +1,15 @@ +let lib = import <stockholm/lib>; in +{ pkgs }: + +# urix - URI eXtractor +# Extract all the URIs from standard input and write them to standard output! +# usage: urix < SOMEFILE + +pkgs.execBin "urix" { + filename = "${pkgs.gnugrep}/bin/grep"; + argv = [ + "urix" + "-Eo" + "\\b${lib.uri.posix-extended-regex}\\b" + ]; +} diff --git a/krebs/krops.nix b/krebs/krops.nix index 608e46df1..aeb2413a4 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -28,6 +28,7 @@ git = { ref = (lib.importJSON ./nixpkgs.json).rev; url = https://github.com/NixOS/nixpkgs; + shallow = true; }; }; stockholm.file = toString ../.; @@ -67,6 +68,13 @@ target = "root@${target}/var/src"; }; + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A populate) + populate = { target, force ? false }: pkgs.populate { + inherit force; + source = source { test = false; }; + target = lib.mkTarget target; + }; + # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) test = { target }: pkgs.krops.writeTest "${name}-test" { force = true; diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 4f07b0e88..321fafac6 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "e9158eca70ae59e73fae23be5d13d3fa0cfc78b4", - "date": "2020-12-09T15:09:49+01:00", - "path": "/nix/store/cx4wf6pi1l2p01sz7png891m65kinfz3-nixpkgs", - "sha256": "0cnmvnvin9ixzl98fmlm3g17l6w95gifqfb3rfxs55c0wj2ddy53", + "rev": "f217c0ea7c148ddc0103347051555c7c252dcafb", + "date": "2021-01-21T09:50:34+01:00", + "path": "/nix/store/8srlzkkvbvlg4g585g9iyzd3ryiilm8a-nixpkgs", + "sha256": "0cyksxg2lnzxd0pss09rmmk2c2axz0lf9wvgvfng59nwf8dpq2kf", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 44e373b81..97afb10f8 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "3d2d8f281a27d466fa54b469b5993f7dde198375", - "date": "2020-12-20T14:17:36+01:00", - "path": "/nix/store/mqn37480fj6x9xbq3igz4haw3m2lc7fm-nixpkgs", - "sha256": "1hfis53xyzy6hfdivlwkwdy7irbhk7c500a4lf7x43cfkijx5ks1", + "rev": "a058d005b3cbb370bf171ebce01839dd6ff52222", + "date": "2021-01-23T17:41:51-05:00", + "path": "/nix/store/6ps307ghgrp10q3mwgw4lq143pmz0h25-nixpkgs", + "sha256": "154mpqw0ya31hzgz9hggg1rb26yx8d00rsj9l90ndsdldrssgvbb", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false |