diff options
Diffstat (limited to 'tv')
-rw-r--r-- | tv/1systems/cd.nix | 11 | ||||
-rw-r--r-- | tv/1systems/nomic.nix | 3 | ||||
-rw-r--r-- | tv/1systems/wu.nix | 20 | ||||
-rw-r--r-- | tv/2configs/charybdis.nix | 6 | ||||
-rw-r--r-- | tv/2configs/mail-client.nix | 3 | ||||
-rw-r--r-- | tv/2configs/test.nix | 31 | ||||
-rw-r--r-- | tv/4lib/default.nix | 9 | ||||
-rw-r--r-- | tv/5pkgs/charybdis/default.nix | 34 | ||||
-rw-r--r-- | tv/5pkgs/charybdis/remove-setenv.patch | 12 | ||||
-rw-r--r-- | tv/5pkgs/default.nix | 6 | ||||
-rw-r--r-- | tv/5pkgs/lentil/default.nix | 15 | ||||
-rw-r--r-- | tv/5pkgs/lentil/syntaxes.patch | 11 | ||||
-rw-r--r-- | tv/5pkgs/much.nix | 64 | ||||
-rw-r--r-- | tv/Zcerts/charybdis_cd.crt.pem | 24 |
14 files changed, 74 insertions, 175 deletions
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix index 9f412d9b8..b385848f1 100644 --- a/tv/1systems/cd.nix +++ b/tv/1systems/cd.nix @@ -2,10 +2,6 @@ with lib; -let - tvpkgs = import ../5pkgs { inherit pkgs; }; -in - { krebs.build.host = config.krebs.hosts.cd; krebs.build.user = config.krebs.users.tv; @@ -29,13 +25,13 @@ in ../2configs/CAC-Developer-2.nix ../2configs/CAC-CentOS-7-64bit.nix ../2configs/base.nix - ../2configs/consul-server.nix + #../2configs/consul-server.nix ../2configs/git.nix { imports = [ ../2configs/charybdis.nix ]; tv.charybdis = { enable = true; - sslCert = ../../Zcerts/charybdis_cd.crt.pem; + sslCert = ../Zcerts/charybdis_cd.crt.pem; }; } { @@ -136,7 +132,7 @@ in server-names = singleton "viljetic.de"; # TODO directly set root (instead via location) locations = singleton (nameValuePair "/" '' - root ${tvpkgs.viljetic-pages}; + root ${pkgs.viljetic-pages}; ''); }; } @@ -171,6 +167,7 @@ in iptables mutt # for mv nethogs + ntp # ntpate rxvt_unicode.terminfo tcpdump ]; diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index 028e53539..f08e74bbe 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -24,7 +24,7 @@ with lib; imports = [ ../2configs/AO753.nix ../2configs/base.nix - ../2configs/consul-server.nix + #../2configs/consul-server.nix ../2configs/git.nix { tv.iptables = { @@ -112,6 +112,7 @@ with lib; exit 23 esac '') + ntp # ntpate rxvt_unicode.terminfo tmux ]; diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index e48da90ad..6cd1565f7 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -2,10 +2,6 @@ with lib; -let - tvpkgs = import ../5pkgs { inherit pkgs; }; -in - { krebs.build.host = config.krebs.hosts.wu; krebs.build.user = config.krebs.users.tv; @@ -28,22 +24,23 @@ in imports = [ ../2configs/w110er.nix ../2configs/base.nix - ../2configs/consul-client.nix + #../2configs/consul-client.nix ../2configs/git.nix ../2configs/mail-client.nix ../2configs/xserver.nix ../2configs/synaptics.nix # TODO w110er if xserver is enabled + ../2configs/test.nix ../2configs/urlwatch.nix { environment.systemPackages = with pkgs; [ # stockholm + genid git gnumake + hashPassword + lentil parallel - tvpkgs.genid - tvpkgs.hashPassword - tvpkgs.lentil (pkgs.writeScriptBin "ff" '' #! ${pkgs.bash}/bin/bash exec sudo -u ff -i <<EOF @@ -71,6 +68,8 @@ in # tv bc bind # dig + cac + dic file gitAndTools.qgit gnupg21 @@ -83,16 +82,15 @@ in netcat nix-repl nmap + nq p7zip pavucontrol posix_man_pages + pssh qrencode sxiv texLive tmux - tvpkgs.cac - tvpkgs.dic - tvpkgs.nq zathura #ack diff --git a/tv/2configs/charybdis.nix b/tv/2configs/charybdis.nix index a2952219d..a949026de 100644 --- a/tv/2configs/charybdis.nix +++ b/tv/2configs/charybdis.nix @@ -1,9 +1,5 @@ { config, lib, pkgs, ... }: -let - tvpkgs = import ../5pkgs { inherit pkgs; }; -in - with builtins; with lib; let @@ -63,7 +59,7 @@ let ExecStart = pkgs.writeScript "charybdis-service" '' #! /bin/sh set -euf - exec ${tvpkgs.charybdis}/bin/charybdis-ircd \ + exec ${pkgs.charybdis}/bin/charybdis-ircd \ -foreground \ -logfile /dev/stderr \ -configfile ${configFile} diff --git a/tv/2configs/mail-client.nix b/tv/2configs/mail-client.nix index a632cf7c4..8b6f8bbcd 100644 --- a/tv/2configs/mail-client.nix +++ b/tv/2configs/mail-client.nix @@ -1,7 +1,6 @@ { pkgs, ... }: -with import ../5pkgs { inherit pkgs; }; - +with pkgs; { environment.systemPackages = [ much diff --git a/tv/2configs/test.nix b/tv/2configs/test.nix new file mode 100644 index 000000000..409b4e9b4 --- /dev/null +++ b/tv/2configs/test.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with import ../4lib { inherit lib pkgs; }; + +let + out = { + environment.systemPackages = [ + su-test + ]; + security.sudo.extraConfig = '' + tv ALL=(test) NOPASSWD: ALL + ''; + users.extraUsers.test = { + shell = "${test-shell}"; + }; + }; + + su-test = pkgs.execveBin "su-test" rec { + filename = "/var/setuid-wrappers/sudo"; + argv = ["sudo" "-u" "test" "-i"]; + }; + + test-shell = pkgs.execve "test-shell" rec { + filename = "${pkgs.bash}/bin/bash"; + argv = ["sh" "--noprofile" "-l"]; + envp.ENV = pkgs.writeText "test-env" '' + ${shell.cat "Hello, `$(j0w\nd0g!)`!\\o/\n"} >&2 + ''; + }; + +in out diff --git a/tv/4lib/default.nix b/tv/4lib/default.nix index 352689af4..106535ba2 100644 --- a/tv/4lib/default.nix +++ b/tv/4lib/default.nix @@ -16,12 +16,5 @@ krebs // rec { # "7.4.335" -> "74" majmin = with lib; x : concatStrings (take 2 (splitString "." x)); - shell-escape = - let - isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null; - in - stringAsChars (c: - if isSafeChar c then c - else if c == "\n" then "'\n'" - else "\\${c}"); + shell-escape = krebs.shell.escape; } diff --git a/tv/5pkgs/charybdis/default.nix b/tv/5pkgs/charybdis/default.nix deleted file mode 100644 index f3e6be40e..000000000 --- a/tv/5pkgs/charybdis/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ stdenv, fetchgit, bison, flex, openssl }: - -stdenv.mkDerivation rec { - name = "charybdis-3.5.0-rc1"; - - src = fetchgit { - url = "https://github.com/atheme/charybdis.git"; - rev = "61815bf9324e872f51255e09fe37a8c595f94a60"; - sha256 = "0zsd6xk2cnspc1cvryy2296p3ix4hwjd9k24wmgbh5wzks0wahwy"; - }; - - patches = [ - ./remove-setenv.patch - ]; - - configureFlags = [ - "--enable-epoll" - "--enable-ipv6" - "--enable-openssl=${openssl}" - "--enable-small-net" - "--with-program-prefix=charybdis-" - "--sysconfdir=/tmp" - ]; - - buildInputs = [ bison flex openssl ]; - - meta = { - description = "An extremely scalable ircd with some cooperation with the ratbox and ircu guys"; - homepage = https://github.com/atheme/charybdis; - license = stdenv.lib.licenses.gpl2; - maintainers = [ stdenv.lib.maintainers.lassulus ]; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/tv/5pkgs/charybdis/remove-setenv.patch b/tv/5pkgs/charybdis/remove-setenv.patch deleted file mode 100644 index bbaf95e19..000000000 --- a/tv/5pkgs/charybdis/remove-setenv.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/src/bandbi.c b/src/bandbi.c -index 03dd907..3698e85 100644 ---- a/src/bandbi.c -+++ b/src/bandbi.c -@@ -82,7 +82,6 @@ start_bandb(void) - const char *suffix = ""; - #endif - -- rb_setenv("BANDB_DBPATH", PKGLOCALSTATEDIR "/ban.db", 1); - if(bandb_path == NULL) - { - rb_snprintf(fullpath, sizeof(fullpath), "%s/bandb%s", PKGLIBEXECDIR, suffix); diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 7b5d10a60..4175292f2 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -2,12 +2,8 @@ let inherit (pkgs) callPackage; - kpkgs = import ../../krebs/5pkgs { inherit pkgs; }; in -kpkgs // { - charybdis = callPackage ./charybdis {}; - lentil = callPackage ./lentil {}; - much = callPackage ./much.nix {}; +{ viljetic-pages = callPackage ./viljetic-pages {}; } diff --git a/tv/5pkgs/lentil/default.nix b/tv/5pkgs/lentil/default.nix deleted file mode 100644 index fc9b4fd31..000000000 --- a/tv/5pkgs/lentil/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ pkgs, ... }: - -(pkgs.haskellngPackages.override { - overrides = self: super: { - lentil = super.lentil.override { - mkDerivation = (attrs: self.mkDerivation (attrs // { - version = "0.1.3.0"; - sha256 = "0xa59avh0bvfg69xh9p5b8dppfhx29mvfq8v41sk9j7qbcnzjivg"; - patches = [ - ./syntaxes.patch - ]; - })); - }; - }; -}).lentil diff --git a/tv/5pkgs/lentil/syntaxes.patch b/tv/5pkgs/lentil/syntaxes.patch deleted file mode 100644 index a9390ae51..000000000 --- a/tv/5pkgs/lentil/syntaxes.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -rN -u old-lentil/src/Lentil/Parse/Syntaxes.hs new-lentil/src/Lentil/Parse/Syntaxes.hs ---- old-lentil/src/Lentil/Parse/Syntaxes.hs 2015-07-20 23:15:38.600539779 +0200 -+++ new-lentil/src/Lentil/Parse/Syntaxes.hs 2015-07-20 23:15:38.600539779 +0200 -@@ -30,6 +30,7 @@ - | ext `elem` [".pas", ".pp", ".inc"] = Just pascal - | ext `elem` [".py"] = Just python - | ext `elem` [".rb"] = Just ruby -+ | ext `elem` [".nix"] = Just perl -- Nix - | ext `elem` [".pl", ".pm", ".t"] = Just perl - | ext `elem` [".sh"] = Just perl -- shell - | ext `elem` [".txt"] = Just text diff --git a/tv/5pkgs/much.nix b/tv/5pkgs/much.nix deleted file mode 100644 index 82586b422..000000000 --- a/tv/5pkgs/much.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ pkgs, ... }: - -let - hspkgs = pkgs.haskellngPackages.override { - overrides = self: super: { - email-header = self.callPackage ( -{ mkDerivation, attoparsec, base, base64-bytestring, bytestring -, case-insensitive, containers, exceptions, fetchgit, QuickCheck -, stdenv, tasty, tasty-quickcheck, text, text-icu, time -}: -mkDerivation { - pname = "email-header"; - version = "0.3.0"; - src = fetchgit { - url = "https://github.com/4z3/email-header"; - sha256 = "f33fba567a39b1f2448869b269c26c40d8007599c23ab83bde5b4dfd9fd76ebc"; - rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8"; - }; - buildDepends = [ - attoparsec base base64-bytestring bytestring case-insensitive - containers exceptions text text-icu time - ]; - testDepends = [ - base bytestring case-insensitive containers QuickCheck tasty - tasty-quickcheck text time - ]; - jailbreak = true; - homepage = "http://github.com/knrafto/email-header"; - description = "Parsing and rendering of email and MIME headers"; - license = stdenv.lib.licenses.bsd3; -} -) {}; - }; - }; -in - -hspkgs.callPackage ( -{ mkDerivation, aeson, attoparsec, base, base64-bytestring -, blaze-builder, bytestring, case-insensitive, containers, deepseq -, directory, docopt, email-header, fetchgit, filepath -, friendly-time, hyphenation, linebreak, old-locale, process -, random, rosezipper, safe, split, stdenv, terminal-size, text -, time, transformers, transformers-compat, unix, vector -}: -mkDerivation { - pname = "much"; - version = "0.0.0.0"; - src = fetchgit { - url = "http://cgit.nomic/much"; - sha256 = "f0bcc34456cb876d3439694d1e16db414a540e13f476fa3ff1ad70d1d3caccb2"; - rev = "bfd854e05207a073eaa983c49f27c37555ccfce5"; - }; - isLibrary = false; - isExecutable = true; - buildDepends = [ - aeson attoparsec base base64-bytestring blaze-builder bytestring - case-insensitive containers deepseq directory docopt email-header - filepath friendly-time hyphenation linebreak old-locale process - random rosezipper safe split terminal-size text time transformers - transformers-compat unix vector - ]; - license = stdenv.lib.licenses.mit; -} -) {} diff --git a/tv/Zcerts/charybdis_cd.crt.pem b/tv/Zcerts/charybdis_cd.crt.pem new file mode 100644 index 000000000..c613ff380 --- /dev/null +++ b/tv/Zcerts/charybdis_cd.crt.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEGzCCAwOgAwIBAgIJAJJiphQRTzFPMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYD +VQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQHDBlCZW50 +bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8GA1UECwwI +cmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcNAQkBFg50 +dkB3dS5yZXRpb2x1bTAeFw0xNTA3MTkxODQ2MjhaFw0xNjA3MDkxODQ2MjhaMIGj +MQswCQYDVQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQH +DBlCZW50bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8G +A1UECwwIcmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcN +AQkBFg50dkB3dS5yZXRpb2x1bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMyPb37kchbjZi6WsvpQeGOVEBTU8B4E24GkfetbfYtsFqW6pIKN7DlTFKzJ +3WKSLIf/cZuBQJucKuc8QXc5ZEXQ66QyCiX6al0j4C0AnHN17OhgH3yvmioWI4kI +ycD4N5TnaD2V0OK/HlhKCrIEly6+Nczeo+k5vrcgkkSYJivFpgK1r5+taBYiU4cc +Pgke2p3mRpZFfK61Ft6DlAg2rL2NVt7Qk0pp6BgCrtVIl968SmVKAEQBHnSYd9z2 +bNE2PH3qI+FLIfioOfXazmogxoQWR9LbKPUQ5nFRDXEJZg1hKDzseUkwV/oU8W3K +a37lOovqy+qwjYELrWP346/OF5UCAwEAAaNQME4wHQYDVR0OBBYEFI7WWP+tabb5 +CH5aY5mJcMdKGeaXMB8GA1UdIwQYMBaAFI7WWP+tabb5CH5aY5mJcMdKGeaXMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKAF8hSu7Cgp2jei3GPVOE+R +TtZUePjFJw7iUSYaG1loGfY23IgEzS/jPd/m4jueRTDbtDl7cFTUmKKsF1WWH84l +s49J2HktiHTiHyZphgWFfbjUZO4nbH11Pac64WPfoeTzm9LnM0xXNd/7VCDXRess +a6pXtAQXAZri9HOsAeNO0WFivu4oug2pyUoLE64o3UemSwBi0JW2W1KvuYGnQXEa +HqrFGLBSEQuD4wTePdK0USjhNC8ceMx04b1hUQzuMf8pcXdpkLN6bIOaA/FRxmX9 +3L+6CZPVfQvvw10eLjWv3UYgIjOQFCUR4LsvkVxTaEav0KwmyCC4GUr9Vd+n3eQ= +-----END CERTIFICATE----- |