3 files changed, 0 insertions, 311 deletions

diff --git a/makefu/3modules/bepasty-server.nix b/makefu/3modules/bepasty-server.nix
deleted file mode 100644
index ff32eea60..000000000
--- a/makefu/3modules/bepasty-server.nix
+++ /dev/null
@@ -1,164 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-let
-  gunicorn = pkgs.pythonPackages.gunicorn;
-  bepasty = pkgs.pythonPackages.bepasty-server;
-  gevent = pkgs.pythonPackages.gevent;
-  python = pkgs.pythonPackages.python;
-  cfg = config.krebs.bepasty;
-
-  out = {
-    options.krebs.bepasty = api;
-    config = mkIf cfg.enable (mkMerge [(mkIf cfg.serveNginx nginx-imp) imp ]) ;
-  };
-
-  api = {
-    enable = mkEnableOption "Bepasty Servers";
-    serveNginx = mkEnableOption "Serve Bepasty Servers with Nginx";
-
-    servers = mkOption {
-      type = with types; attrsOf optionSet;
-      options = singleton {
-        nginx = mkOption {
-          # TODO use the correct type
-          type = with types; attrsOf unspecified;
-          description = ''
-            additional nginx configuration. see krebs.nginx for all options
-          '' ;
-        };
-
-        secretKey = mkOption {
-          type = types.str;
-          description = ''
-            server secret for safe session cookies, must be set.
-          '';
-          default = "";
-        };
-
-        # we create a wsgi socket in $workDir/gunicorn-${name}.wsgi
-        workDir = mkOption {
-          type = types.str;
-          description = ''
-            Path to the working directory (used for sockets and pidfile).
-            Defaults to the users home directory. Must be accessible to nginx,
-            permissions will be set to 755
-          '';
-          default = config.users.extraUsers.bepasty.home;
-        };
-
-        dataDir = mkOption {
-          type = types.str;
-          description = ''
-            Defaults to the new users home dir which defaults to
-            /var/lib/bepasty-server/data
-            '';
-          default = "${config.users.extraUsers.bepasty.home}/data";
-        };
-
-        extraConfig = mkOption {
-          type = types.str;
-          default = "";
-          # TODO configure permissions in separate
-          example = ''
-            PERMISSIONS = {
-              'myadminsecret': 'admin,list,create,read,delete',
-            }
-            MAX_ALLOWED_FILE_SIZE = 5 * 1000 * 1000
-            '';
-        };
-
-        defaultPermissions = mkOption {
-          # TODO: listOf str
-          type = types.str;
-          description = ''
-          default permissions for all unauthenticated users.
-          '';
-          example = "read,create,delete";
-          default = "read";
-        };
-
-      };
-      default = {};
-    };
-
-  };
-
-  imp = {
-    # Configures systemd services for each configured server
-    # environment.systemPackages = [ bepasty gunicorn gevent ];
-    systemd.services = mapAttrs' (name: server:
-      nameValuePair ("bepasty-server-${name}")
-        ({
-          description = "Bepasty Server ${name}";
-          wantedBy = [ "multi-user.target" ];
-          after = [ "network.target" ];
-          restartIfChanged = true;
-          environment = {
-            BEPASTY_CONFIG = "${server.workDir}/bepasty-${name}.conf";
-            PYTHONPATH= "${bepasty}/lib/${python.libPrefix}/site-packages:${gevent}/lib/${python.libPrefix}/site-packages";
-          };
-          serviceConfig = {
-            Type = "simple";
-            PrivateTmp = true;
-
-            ExecStartPre = assert server.secretKey != ""; pkgs.writeScript "bepasty-server.${name}-init" ''
-              #!/bin/sh
-              mkdir -p "${server.dataDir}" "${server.workDir}"
-              chown bepasty:bepasty "${server.workDir}" "${server.dataDir}"
-              cat > "${server.workDir}/bepasty-${name}.conf" <<EOF
-              SITENAME="${name}"
-              STORAGE_FILESYSTEM_DIRECTORY="${server.dataDir}"
-              SECRET_KEY="${server.secretKey}"
-              DEFAULT_PERMISSIONS="${server.defaultPermissions}"
-              ${server.extraConfig}
-              EOF
-            '';
-            ExecStart = ''${gunicorn}/bin/gunicorn bepasty.wsgi --name ${name} \
-              -u bepasty \
-              -g bepasty \
-              --workers 3 --log-level=info \
-              --bind=unix:${server.workDir}/gunicorn-${name}.sock \
-              --pid ${server.workDir}/gunicorn-${name}.pid \
-              -k gevent
-            '';
-          };
-        })
-    ) cfg.servers;
-
-    users.extraUsers.bepasty = {
-      uid = 2796546855; #genid bepasty
-      group = "bepasty";
-      home = "/var/lib/bepasty-server";
-    };
-    users.extraGroups.bepasty = {
-      gid = 2796546855; #genid bepasty
-    };
-  };
-
-  nginx-imp = {
-    assertions = [ { assertion = config.krebs.nginx.enable;
-                      message = "krebs.nginx.enable must be true"; }];
-
-    krebs.nginx.servers = mapAttrs' (name: server:
-      nameValuePair("bepasty-server-${name}")
-      (mkMerge [ server.nginx  {
-        extraConfig = ''
-          client_max_body_size 32M;
-          '';
-        locations = [
-          (nameValuePair ("/")
-          (''
-            proxy_set_header Host $http_host;
-            proxy_pass http://unix:${server.workDir}/gunicorn-${name}.sock;
-          ''))
-          (nameValuePair ("/static/")
-          (''
-            alias ${bepasty}/lib/${python.libPrefix}/site-packages/bepasty/static/;
-          ''))
-          ];
-      }])
-    ) cfg.servers ;
-  };
-in
-out
diff --git a/makefu/3modules/default.nix b/makefu/3modules/default.nix
index 3ac325b29..a8a1f69d0 100644
--- a/makefu/3modules/default.nix
+++ b/makefu/3modules/default.nix
@@ -2,8 +2,6 @@ _:
 
 {
   imports = [
-    ./tinc_graphs.nix
-    ./bepasty-server.nix
   ];
 }
 
diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix
deleted file mode 100644
index 1f87f00cc..000000000
--- a/makefu/3modules/tinc_graphs.nix
+++ /dev/null
@@ -1,145 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-let
-  cfg = config.makefu.tinc_graphs;
-  internal_dir = "${cfg.workingDir}/internal";
-  external_dir = "${cfg.workingDir}/external";
-
-  out = {
-    options.makefu.tinc_graphs = api;
-    config = mkIf cfg.enable imp ;
-  };
-
-  api = {
-    enable = mkEnableOption "tinc graphs";
-
-    geodbPath = mkOption {
-      type = types.str;
-      description = "Path to geocitydb, defaults to geolite-legacy";
-      default = "${pkgs.geolite-legacy}/share/GeoIP/GeoIPCity.dat";
-    };
-
-    nginx = {
-      enable = mkEnableOption "enable tinc_graphs to be served with nginx";
-
-      anonymous = {
-        server-names = mkOption {
-          type = with types; listOf str;
-          description = "hostnames which serve anonymous graphs";
-          default = [ "graphs.${config.krebs.build.host.name}" ];
-        };
-
-        listen = mkOption {
-          # use the type of the nginx listen option
-          type = with types; listOf str;
-          description = "listen address for anonymous graphs";
-          default = [ "80" ];
-        };
-
-      };
-
-      complete = {
-        server-names = mkOption {
-          type = with types; listOf str;
-          description = "hostname which serves complete graphs";
-          default = [ "graphs.${config.krebs.build.host.name}" ];
-        };
-
-        listen = mkOption {
-          type = with types; listOf str;
-          description = "listen address for complete graphs";
-          default = [ "127.0.0.1:80" ];
-        };
-
-      };
-    };
-
-    workingDir = mkOption {
-      type = types.str;
-      description = ''
-        Path to working dir, will create interal and external/.
-        Defaults to the new users home dir which defaults to
-        /var/cache/tinc_graphs'';
-      default = config.users.extraUsers.tinc_graphs.home;
-    };
-
-    timerConfig = mkOption {
-      type = with types; attrsOf str;
-      default = {
-        OnCalendar = "*:0/15";
-      };
-    };
-  };
-
-  imp = {
-    environment.systemPackages = [ pkgs.tinc_graphs];
-    systemd.timers.tinc_graphs = {
-      description = "Build Tinc Graphs via via timer";
-      wantedBy = [ "timers.target"];
-      timerConfig = cfg.timerConfig;
-    };
-    systemd.services.tinc_graphs = {
-      description = "Build Tinc Graphs";
-      environment = {
-        EXTERNAL_FOLDER = external_dir;
-        INTERNAL_FOLDER = internal_dir;
-        GEODB = cfg.geodbPath;
-        TINC_HOSTPATH=config.krebs.retiolum.hosts;
-      };
-
-      restartIfChanged = true;
-
-      serviceConfig = {
-        Type = "simple";
-
-        ExecStartPre = pkgs.writeScript "tinc_graphs-init" ''
-          #!/bin/sh
-          if ! test -e "${cfg.workingDir}/internal/index.html"; then
-            cp -fr "$(${pkgs.tinc_graphs}/bin/tincstats-static-dir)/internal/" "${internal_dir}"
-          fi
-        '';
-
-        ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs";
-
-        ExecStartPost = pkgs.writeScript "tinc_graphs-post" ''
-          #!/bin/sh
-          # TODO: this may break if workingDir is set to something stupid
-          # this is needed because homedir is created with 700
-          chmod 755  "${cfg.workingDir}"
-        '';
-        PrivateTmp = "yes";
-
-        User = "root"; # tinc cannot be queried as user,
-                       #  seems to be a tinc-pre issue
-      };
-    };
-
-    users.extraUsers.tinc_graphs = {
-      uid = 3925439960; #genid tinc_graphs
-      home = "/var/spool/tinc_graphs";
-      createHome = true;
-    };
-
-    krebs.nginx.servers = mkIf cfg.nginx.enable {
-      tinc_graphs_complete = mkMerge [ cfg.nginx.complete  {
-        locations = [
-          (nameValuePair "/" ''
-            autoindex on;
-            root ${internal_dir};
-          '')
-        ];
-      }] ;
-      tinc_graphs_anonymous = mkMerge [ cfg.nginx.anonymous {
-        locations = [
-          (nameValuePair "/" ''
-            autoindex on;
-            root ${external_dir};
-          '')
-        ];
-      }];
-    };
-  };
-
-in
-out