summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/cake/config.nix66
-rw-r--r--makefu/1systems/cake/source.nix3
-rw-r--r--makefu/1systems/gum/config.nix4
-rw-r--r--makefu/1systems/x/config.nix2
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix2
-rw-r--r--makefu/2configs/stats/telegraf/europastats.nix2
-rw-r--r--makefu/2configs/tools/sec-gui.nix15
-rw-r--r--makefu/2configs/tools/steam.nix4
-rw-r--r--makefu/2configs/urlwatch/default.nix1
-rw-r--r--makefu/3modules/server-config.nix15
-rw-r--r--makefu/5pkgs/custom/inkscape/dxf_fix.patch11
-rw-r--r--makefu/5pkgs/default.nix2
-rw-r--r--makefu/5pkgs/drozer/default.nix2
-rw-r--r--makefu/6tests/data/secrets/ssh_host_rsa_key0
-rw-r--r--makefu/source.nix9
15 files changed, 87 insertions, 51 deletions
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 0630d19ad..e8438e50d 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -1,20 +1,52 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
{
- imports = [
- <stockholm/makefu>
- # configure your hw:
- # <stockholm/makefu/2configs/hw/CAC.nix>
- # <stockholm/makefu/2configs/fs/CAC-CentOS-7-64bit.nix>
- # <stockholm/makefu/2configs/save-diskspace.nix
- ];
- krebs = {
- enable = true;
- tinc.retiolum.enable = true;
- build.host = config.krebs.hosts.cake;
+ imports = [
+ <stockholm/makefu>
+ <stockholm/makefu/2configs/tools/core.nix>
+# configure your hw:
+# <stockholm/makefu/2configs/save-diskspace.nix>
+ ];
+ krebs = {
+ enable = true;
+ tinc.retiolum.enable = true;
+ build.host = config.krebs.hosts.cake;
+ };
+ boot.loader.grub.enable = false;
+ boot.loader.generic-extlinux-compatible.enable = true;
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+ boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
+
+ programs.info.enable = false;
+ programs.man.enable = false;
+ services.nixosManual.enable = false;
+ boot.tmpOnTmpfs = lib.mkForce false;
+
+ hardware.enableRedistributableFirmware = true;
+ hardware.firmware = [
+ (pkgs.stdenv.mkDerivation {
+ name = "broadcom-rpi3-rest";
+ src = pkgs.fetchurl {
+ url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
+ sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
+ };
+ phases = [ "installPhase" ];
+ installPhase = ''
+ mkdir -p $out/lib/firmware/brcm
+ cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
+ '';
+ })
+ ];
+ networking.wireless.enable = true;
+
+# File systems configuration for using the installer's partition layout
+ fileSystems = {
+ "/boot" = {
+ device = "/dev/disk/by-label/NIXOS_BOOT";
+ fsType = "vfat";
};
- # You want to change these :)
- boot.loader.grub.device = "/dev/sda";
- fileSystems."/" = {
- device = "/dev/sda1";
+ "/" = {
+ device = "/dev/disk/by-label/NIXOS_SD";
+ fsType = "ext4";
};
-} \ No newline at end of file
+ };
+}
diff --git a/makefu/1systems/cake/source.nix b/makefu/1systems/cake/source.nix
index 797417a1d..cd97a7c62 100644
--- a/makefu/1systems/cake/source.nix
+++ b/makefu/1systems/cake/source.nix
@@ -1,3 +1,4 @@
import <stockholm/makefu/source.nix> {
name="cake";
-} \ No newline at end of file
+ full = true;
+}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e1357ff01..e769b1e22 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -81,7 +81,9 @@ in {
];
makefu.dl-dir = "/var/download";
-
+ services.openssh.hostKeys = [
+ { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
+ { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
###### stable
services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 443f912d8..f7db75564 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -57,7 +57,7 @@ with import <stockholm/lib>;
<stockholm/makefu/2configs/tor.nix>
<stockholm/makefu/2configs/vpn/vpngate.nix>
# <stockholm/makefu/2configs/buildbot-standalone.nix>
- <stockholm/makefu/2configs/remote-build/master.nix>
+ # <stockholm/makefu/2configs/remote-build/master.nix>
# Hardware
<stockholm/makefu/2configs/hw/tp-x230.nix>
diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix
index ed890fe40..da246f66a 100644
--- a/makefu/2configs/git/cgit-retiolum.nix
+++ b/makefu/2configs/git/cgit-retiolum.nix
@@ -68,7 +68,7 @@ let
# TODO: get the list of all krebsministers
krebsminister = with config.krebs.users; [ lass tv ];
- all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx ];
+ all-makefu = with config.krebs.users; [ makefu makefu-omo makefu-tsp makefu-vbob makefu-tempx makefu-android ];
all-exco = with config.krebs.users; [ exco ];
priv-rules = repo: set-owners repo all-makefu;
diff --git a/makefu/2configs/stats/telegraf/europastats.nix b/makefu/2configs/stats/telegraf/europastats.nix
index 9249280c5..2ab62766a 100644
--- a/makefu/2configs/stats/telegraf/europastats.nix
+++ b/makefu/2configs/stats/telegraf/europastats.nix
@@ -4,7 +4,7 @@ let
rev = "be31da7";
name = "europastats-${rev}";
propagatedBuildInputs = [
- requests2
+ requests
docopt
];
src = pkgs.fetchgit {
diff --git a/makefu/2configs/tools/sec-gui.nix b/makefu/2configs/tools/sec-gui.nix
index 2db3e4391..95f130ae8 100644
--- a/makefu/2configs/tools/sec-gui.nix
+++ b/makefu/2configs/tools/sec-gui.nix
@@ -1,8 +1,15 @@
{ pkgs, ... }:
{
- krebs.per-user.makefu.packages = with pkgs; [
- tpmmanager
- wireshark
- ];
+ users.users.makefu = {
+ extraGroups = [ "wireshark" ];
+ packages = with pkgs; [
+ tpmmanager
+ ];
+ };
+
+ programs.wireshark = {
+ enable = true;
+ package = pkgs.wireshark;
+ };
}
diff --git a/makefu/2configs/tools/steam.nix b/makefu/2configs/tools/steam.nix
index 200ea4719..048c1d1a3 100644
--- a/makefu/2configs/tools/steam.nix
+++ b/makefu/2configs/tools/steam.nix
@@ -1,9 +1,7 @@
{pkgs, ...}:
{
users.users.makefu.packages = [
- (pkgs.steam.override {
- newStdcpp = true;
- })
+ pkgs.steam
];
hardware.opengl.driSupport32Bit = true;
hardware.pulseaudio.support32Bit = true;
diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix
index 2eecd6428..677950f43 100644
--- a/makefu/2configs/urlwatch/default.nix
+++ b/makefu/2configs/urlwatch/default.nix
@@ -35,6 +35,7 @@ in {
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack
+ http://www.iozone.org/src/current/
{
url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ;
diff --git a/makefu/3modules/server-config.nix b/makefu/3modules/server-config.nix
index 846642580..9cac59205 100644
--- a/makefu/3modules/server-config.nix
+++ b/makefu/3modules/server-config.nix
@@ -1,15 +1,14 @@
{config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-{
+with lib;{
options.makefu.server.primary-itf = lib.mkOption {
- type = types.str;
- description = "Primary interface of the server";
- };
+ type = types.str;
+ description = "Primary interface of the server";
+ };
options.makefu.gui.user = lib.mkOption {
- type = types.str;
- description = "GUI user";
+ type = types.str;
+ description = "GUI user";
default = config.krebs.build.user.name;
- };
+ };
}
diff --git a/makefu/5pkgs/custom/inkscape/dxf_fix.patch b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
index 5ea0a073e..b7b491d4e 100644
--- a/makefu/5pkgs/custom/inkscape/dxf_fix.patch
+++ b/makefu/5pkgs/custom/inkscape/dxf_fix.patch
@@ -1,13 +1,12 @@
---- ./share/extensions/dxf_outlines.py 2017-02-14 00:46:57.000000000 +0100
-+++ ./share/extensions/dxf_outlines.py.new 2017-05-10 04:15:03.000000000 +0200
-@@ -340,7 +340,7 @@
- scale = eval(self.options.units)
+--- ./share/extensions/dxf_outlines.py 2017-10-08 17:28:45.553368917 +0200
++++ ./share/extensions/dxf_outlines.py.new 2017-10-08 17:29:20.172554152 +0200
+@@ -341,7 +341,7 @@
if not scale:
scale = 25.4/96 # if no scale is specified, assume inch as baseunit
+ scale /= self.unittouu('1px')
- h = self.unittouu(self.document.getroot().xpath('@height', namespaces=inkex.NSS)[0])
-+ h = self.unittouu(self.getDocumentHeight())
++ h = self.unittouu(self.documentHeight())
self.groupmat = [[[scale, 0.0, 0.0], [0.0, -scale, h*scale]]]
doc = self.document.getroot()
self.process_group(doc)
-
diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 96975e54f..e99aa696b 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -24,7 +24,7 @@ in {
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { };
- inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
+ inherit (callPackage ./devpi {}) devpi-web devpi-server;
nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {};
inkscape = super.pkgs.stdenv.lib.overrideDerivation super.inkscape (old: {
patches = [ ./custom/inkscape/dxf_fix.patch ];
diff --git a/makefu/5pkgs/drozer/default.nix b/makefu/5pkgs/drozer/default.nix
index 885777be4..3df67d07e 100644
--- a/makefu/5pkgs/drozer/default.nix
+++ b/makefu/5pkgs/drozer/default.nix
@@ -5,7 +5,7 @@ pythonPackages.buildPythonApplication rec {
version = "2.4.3";
buildInputs = [ jdk7 ];
propagatedBuildInputs = with pythonPackages; [
- protobuf3_2
+ protobuf
pyopenssl
pyyaml
] ++ [
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/makefu/6tests/data/secrets/ssh_host_rsa_key
diff --git a/makefu/source.nix b/makefu/source.nix
index 1a5d4a5d7..013426195 100644
--- a/makefu/source.nix
+++ b/makefu/source.nix
@@ -11,13 +11,10 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
- ref = "46cfb36"; # unstable @ 2017-09-04
- # + graceful requests2 (a772c3a)
- # + mitmproxy fix (eee2d17)
- # + tpm-tools fix (5cb9987)
- # + dnscrypt-wrapper (25703c3)
- # + lass wvstream fix (76f4910,37cc2bc,0d48837)
+ ref = "727a3a3"; # unstable @ 2017-10-07
+ # + revert wvdial (76f4910)
# + ruby stuff (2f0b17e4be9,55a952be5b5)
+ # + mitmproxy fix (360a5efd,ef52c95b)
in
evalSource (toString _file) [