summaryrefslogtreecommitdiffstats
path: root/tv
diff options
context:
space:
mode:
Diffstat (limited to 'tv')
-rw-r--r--tv/1systems/cd.nix11
-rw-r--r--tv/1systems/nomic.nix3
-rw-r--r--tv/1systems/wu.nix20
-rw-r--r--tv/2configs/charybdis.nix6
-rw-r--r--tv/2configs/mail-client.nix3
-rw-r--r--tv/2configs/test.nix31
-rw-r--r--tv/4lib/default.nix9
-rw-r--r--tv/5pkgs/charybdis/default.nix34
-rw-r--r--tv/5pkgs/charybdis/remove-setenv.patch12
-rw-r--r--tv/5pkgs/default.nix6
-rw-r--r--tv/5pkgs/lentil/default.nix15
-rw-r--r--tv/5pkgs/lentil/syntaxes.patch11
-rw-r--r--tv/5pkgs/much.nix64
-rw-r--r--tv/Zcerts/charybdis_cd.crt.pem24
14 files changed, 74 insertions, 175 deletions
diff --git a/tv/1systems/cd.nix b/tv/1systems/cd.nix
index 9f412d9b8..b385848f1 100644
--- a/tv/1systems/cd.nix
+++ b/tv/1systems/cd.nix
@@ -2,10 +2,6 @@
with lib;
-let
- tvpkgs = import ../5pkgs { inherit pkgs; };
-in
-
{
krebs.build.host = config.krebs.hosts.cd;
krebs.build.user = config.krebs.users.tv;
@@ -29,13 +25,13 @@ in
../2configs/CAC-Developer-2.nix
../2configs/CAC-CentOS-7-64bit.nix
../2configs/base.nix
- ../2configs/consul-server.nix
+ #../2configs/consul-server.nix
../2configs/git.nix
{
imports = [ ../2configs/charybdis.nix ];
tv.charybdis = {
enable = true;
- sslCert = ../../Zcerts/charybdis_cd.crt.pem;
+ sslCert = ../Zcerts/charybdis_cd.crt.pem;
};
}
{
@@ -136,7 +132,7 @@ in
server-names = singleton "viljetic.de";
# TODO directly set root (instead via location)
locations = singleton (nameValuePair "/" ''
- root ${tvpkgs.viljetic-pages};
+ root ${pkgs.viljetic-pages};
'');
};
}
@@ -171,6 +167,7 @@ in
iptables
mutt # for mv
nethogs
+ ntp # ntpate
rxvt_unicode.terminfo
tcpdump
];
diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix
index 028e53539..f08e74bbe 100644
--- a/tv/1systems/nomic.nix
+++ b/tv/1systems/nomic.nix
@@ -24,7 +24,7 @@ with lib;
imports = [
../2configs/AO753.nix
../2configs/base.nix
- ../2configs/consul-server.nix
+ #../2configs/consul-server.nix
../2configs/git.nix
{
tv.iptables = {
@@ -112,6 +112,7 @@ with lib;
exit 23
esac
'')
+ ntp # ntpate
rxvt_unicode.terminfo
tmux
];
diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix
index e48da90ad..6cd1565f7 100644
--- a/tv/1systems/wu.nix
+++ b/tv/1systems/wu.nix
@@ -2,10 +2,6 @@
with lib;
-let
- tvpkgs = import ../5pkgs { inherit pkgs; };
-in
-
{
krebs.build.host = config.krebs.hosts.wu;
krebs.build.user = config.krebs.users.tv;
@@ -28,22 +24,23 @@ in
imports = [
../2configs/w110er.nix
../2configs/base.nix
- ../2configs/consul-client.nix
+ #../2configs/consul-client.nix
../2configs/git.nix
../2configs/mail-client.nix
../2configs/xserver.nix
../2configs/synaptics.nix # TODO w110er if xserver is enabled
+ ../2configs/test.nix
../2configs/urlwatch.nix
{
environment.systemPackages = with pkgs; [
# stockholm
+ genid
git
gnumake
+ hashPassword
+ lentil
parallel
- tvpkgs.genid
- tvpkgs.hashPassword
- tvpkgs.lentil
(pkgs.writeScriptBin "ff" ''
#! ${pkgs.bash}/bin/bash
exec sudo -u ff -i <<EOF
@@ -71,6 +68,8 @@ in
# tv
bc
bind # dig
+ cac
+ dic
file
gitAndTools.qgit
gnupg21
@@ -83,16 +82,15 @@ in
netcat
nix-repl
nmap
+ nq
p7zip
pavucontrol
posix_man_pages
+ pssh
qrencode
sxiv
texLive
tmux
- tvpkgs.cac
- tvpkgs.dic
- tvpkgs.nq
zathura
#ack
diff --git a/tv/2configs/charybdis.nix b/tv/2configs/charybdis.nix
index a2952219d..a949026de 100644
--- a/tv/2configs/charybdis.nix
+++ b/tv/2configs/charybdis.nix
@@ -1,9 +1,5 @@
{ config, lib, pkgs, ... }:
-let
- tvpkgs = import ../5pkgs { inherit pkgs; };
-in
-
with builtins;
with lib;
let
@@ -63,7 +59,7 @@ let
ExecStart = pkgs.writeScript "charybdis-service" ''
#! /bin/sh
set -euf
- exec ${tvpkgs.charybdis}/bin/charybdis-ircd \
+ exec ${pkgs.charybdis}/bin/charybdis-ircd \
-foreground \
-logfile /dev/stderr \
-configfile ${configFile}
diff --git a/tv/2configs/mail-client.nix b/tv/2configs/mail-client.nix
index a632cf7c4..8b6f8bbcd 100644
--- a/tv/2configs/mail-client.nix
+++ b/tv/2configs/mail-client.nix
@@ -1,7 +1,6 @@
{ pkgs, ... }:
-with import ../5pkgs { inherit pkgs; };
-
+with pkgs;
{
environment.systemPackages = [
much
diff --git a/tv/2configs/test.nix b/tv/2configs/test.nix
new file mode 100644
index 000000000..409b4e9b4
--- /dev/null
+++ b/tv/2configs/test.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, ... }:
+
+with import ../4lib { inherit lib pkgs; };
+
+let
+ out = {
+ environment.systemPackages = [
+ su-test
+ ];
+ security.sudo.extraConfig = ''
+ tv ALL=(test) NOPASSWD: ALL
+ '';
+ users.extraUsers.test = {
+ shell = "${test-shell}";
+ };
+ };
+
+ su-test = pkgs.execveBin "su-test" rec {
+ filename = "/var/setuid-wrappers/sudo";
+ argv = ["sudo" "-u" "test" "-i"];
+ };
+
+ test-shell = pkgs.execve "test-shell" rec {
+ filename = "${pkgs.bash}/bin/bash";
+ argv = ["sh" "--noprofile" "-l"];
+ envp.ENV = pkgs.writeText "test-env" ''
+ ${shell.cat "Hello, `$(j0w\nd0g!)`!\\o/\n"} >&2
+ '';
+ };
+
+in out
diff --git a/tv/4lib/default.nix b/tv/4lib/default.nix
index 352689af4..106535ba2 100644
--- a/tv/4lib/default.nix
+++ b/tv/4lib/default.nix
@@ -16,12 +16,5 @@ krebs // rec {
# "7.4.335" -> "74"
majmin = with lib; x : concatStrings (take 2 (splitString "." x));
- shell-escape =
- let
- isSafeChar = c: match "[-./0-9_a-zA-Z]" c != null;
- in
- stringAsChars (c:
- if isSafeChar c then c
- else if c == "\n" then "'\n'"
- else "\\${c}");
+ shell-escape = krebs.shell.escape;
}
diff --git a/tv/5pkgs/charybdis/default.nix b/tv/5pkgs/charybdis/default.nix
deleted file mode 100644
index f3e6be40e..000000000
--- a/tv/5pkgs/charybdis/default.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-{ stdenv, fetchgit, bison, flex, openssl }:
-
-stdenv.mkDerivation rec {
- name = "charybdis-3.5.0-rc1";
-
- src = fetchgit {
- url = "https://github.com/atheme/charybdis.git";
- rev = "61815bf9324e872f51255e09fe37a8c595f94a60";
- sha256 = "0zsd6xk2cnspc1cvryy2296p3ix4hwjd9k24wmgbh5wzks0wahwy";
- };
-
- patches = [
- ./remove-setenv.patch
- ];
-
- configureFlags = [
- "--enable-epoll"
- "--enable-ipv6"
- "--enable-openssl=${openssl}"
- "--enable-small-net"
- "--with-program-prefix=charybdis-"
- "--sysconfdir=/tmp"
- ];
-
- buildInputs = [ bison flex openssl ];
-
- meta = {
- description = "An extremely scalable ircd with some cooperation with the ratbox and ircu guys";
- homepage = https://github.com/atheme/charybdis;
- license = stdenv.lib.licenses.gpl2;
- maintainers = [ stdenv.lib.maintainers.lassulus ];
- platforms = stdenv.lib.platforms.linux;
- };
-}
diff --git a/tv/5pkgs/charybdis/remove-setenv.patch b/tv/5pkgs/charybdis/remove-setenv.patch
deleted file mode 100644
index bbaf95e19..000000000
--- a/tv/5pkgs/charybdis/remove-setenv.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/src/bandbi.c b/src/bandbi.c
-index 03dd907..3698e85 100644
---- a/src/bandbi.c
-+++ b/src/bandbi.c
-@@ -82,7 +82,6 @@ start_bandb(void)
- const char *suffix = "";
- #endif
-
-- rb_setenv("BANDB_DBPATH", PKGLOCALSTATEDIR "/ban.db", 1);
- if(bandb_path == NULL)
- {
- rb_snprintf(fullpath, sizeof(fullpath), "%s/bandb%s", PKGLIBEXECDIR, suffix);
diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index 7b5d10a60..4175292f2 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -2,12 +2,8 @@
let
inherit (pkgs) callPackage;
- kpkgs = import ../../krebs/5pkgs { inherit pkgs; };
in
-kpkgs // {
- charybdis = callPackage ./charybdis {};
- lentil = callPackage ./lentil {};
- much = callPackage ./much.nix {};
+{
viljetic-pages = callPackage ./viljetic-pages {};
}
diff --git a/tv/5pkgs/lentil/default.nix b/tv/5pkgs/lentil/default.nix
deleted file mode 100644
index fc9b4fd31..000000000
--- a/tv/5pkgs/lentil/default.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ pkgs, ... }:
-
-(pkgs.haskellngPackages.override {
- overrides = self: super: {
- lentil = super.lentil.override {
- mkDerivation = (attrs: self.mkDerivation (attrs // {
- version = "0.1.3.0";
- sha256 = "0xa59avh0bvfg69xh9p5b8dppfhx29mvfq8v41sk9j7qbcnzjivg";
- patches = [
- ./syntaxes.patch
- ];
- }));
- };
- };
-}).lentil
diff --git a/tv/5pkgs/lentil/syntaxes.patch b/tv/5pkgs/lentil/syntaxes.patch
deleted file mode 100644
index a9390ae51..000000000
--- a/tv/5pkgs/lentil/syntaxes.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -rN -u old-lentil/src/Lentil/Parse/Syntaxes.hs new-lentil/src/Lentil/Parse/Syntaxes.hs
---- old-lentil/src/Lentil/Parse/Syntaxes.hs 2015-07-20 23:15:38.600539779 +0200
-+++ new-lentil/src/Lentil/Parse/Syntaxes.hs 2015-07-20 23:15:38.600539779 +0200
-@@ -30,6 +30,7 @@
- | ext `elem` [".pas", ".pp", ".inc"] = Just pascal
- | ext `elem` [".py"] = Just python
- | ext `elem` [".rb"] = Just ruby
-+ | ext `elem` [".nix"] = Just perl -- Nix
- | ext `elem` [".pl", ".pm", ".t"] = Just perl
- | ext `elem` [".sh"] = Just perl -- shell
- | ext `elem` [".txt"] = Just text
diff --git a/tv/5pkgs/much.nix b/tv/5pkgs/much.nix
deleted file mode 100644
index 82586b422..000000000
--- a/tv/5pkgs/much.nix
+++ /dev/null
@@ -1,64 +0,0 @@
-{ pkgs, ... }:
-
-let
- hspkgs = pkgs.haskellngPackages.override {
- overrides = self: super: {
- email-header = self.callPackage (
-{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
-, case-insensitive, containers, exceptions, fetchgit, QuickCheck
-, stdenv, tasty, tasty-quickcheck, text, text-icu, time
-}:
-mkDerivation {
- pname = "email-header";
- version = "0.3.0";
- src = fetchgit {
- url = "https://github.com/4z3/email-header";
- sha256 = "f33fba567a39b1f2448869b269c26c40d8007599c23ab83bde5b4dfd9fd76ebc";
- rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
- };
- buildDepends = [
- attoparsec base base64-bytestring bytestring case-insensitive
- containers exceptions text text-icu time
- ];
- testDepends = [
- base bytestring case-insensitive containers QuickCheck tasty
- tasty-quickcheck text time
- ];
- jailbreak = true;
- homepage = "http://github.com/knrafto/email-header";
- description = "Parsing and rendering of email and MIME headers";
- license = stdenv.lib.licenses.bsd3;
-}
-) {};
- };
- };
-in
-
-hspkgs.callPackage (
-{ mkDerivation, aeson, attoparsec, base, base64-bytestring
-, blaze-builder, bytestring, case-insensitive, containers, deepseq
-, directory, docopt, email-header, fetchgit, filepath
-, friendly-time, hyphenation, linebreak, old-locale, process
-, random, rosezipper, safe, split, stdenv, terminal-size, text
-, time, transformers, transformers-compat, unix, vector
-}:
-mkDerivation {
- pname = "much";
- version = "0.0.0.0";
- src = fetchgit {
- url = "http://cgit.nomic/much";
- sha256 = "f0bcc34456cb876d3439694d1e16db414a540e13f476fa3ff1ad70d1d3caccb2";
- rev = "bfd854e05207a073eaa983c49f27c37555ccfce5";
- };
- isLibrary = false;
- isExecutable = true;
- buildDepends = [
- aeson attoparsec base base64-bytestring blaze-builder bytestring
- case-insensitive containers deepseq directory docopt email-header
- filepath friendly-time hyphenation linebreak old-locale process
- random rosezipper safe split terminal-size text time transformers
- transformers-compat unix vector
- ];
- license = stdenv.lib.licenses.mit;
-}
-) {}
diff --git a/tv/Zcerts/charybdis_cd.crt.pem b/tv/Zcerts/charybdis_cd.crt.pem
new file mode 100644
index 000000000..c613ff380
--- /dev/null
+++ b/tv/Zcerts/charybdis_cd.crt.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEGzCCAwOgAwIBAgIJAJJiphQRTzFPMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYD
+VQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQHDBlCZW50
+bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8GA1UECwwI
+cmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcNAQkBFg50
+dkB3dS5yZXRpb2x1bTAeFw0xNTA3MTkxODQ2MjhaFw0xNjA3MDkxODQ2MjhaMIGj
+MQswCQYDVQQGEwJhcTEYMBYGA1UECAwPTWFyaWUgQnlyZCBMYW5kMSIwIAYDVQQH
+DBlCZW50bGV5IFN1YmdsYWNpYWwgVHJlbmNoMQ4wDAYDVQQKDAVrcmViczERMA8G
+A1UECwwIcmV0aW9sdW0xFDASBgNVBAMMC2NkLnJldGlvbHVtMR0wGwYJKoZIhvcN
+AQkBFg50dkB3dS5yZXRpb2x1bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMyPb37kchbjZi6WsvpQeGOVEBTU8B4E24GkfetbfYtsFqW6pIKN7DlTFKzJ
+3WKSLIf/cZuBQJucKuc8QXc5ZEXQ66QyCiX6al0j4C0AnHN17OhgH3yvmioWI4kI
+ycD4N5TnaD2V0OK/HlhKCrIEly6+Nczeo+k5vrcgkkSYJivFpgK1r5+taBYiU4cc
+Pgke2p3mRpZFfK61Ft6DlAg2rL2NVt7Qk0pp6BgCrtVIl968SmVKAEQBHnSYd9z2
+bNE2PH3qI+FLIfioOfXazmogxoQWR9LbKPUQ5nFRDXEJZg1hKDzseUkwV/oU8W3K
+a37lOovqy+qwjYELrWP346/OF5UCAwEAAaNQME4wHQYDVR0OBBYEFI7WWP+tabb5
+CH5aY5mJcMdKGeaXMB8GA1UdIwQYMBaAFI7WWP+tabb5CH5aY5mJcMdKGeaXMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKAF8hSu7Cgp2jei3GPVOE+R
+TtZUePjFJw7iUSYaG1loGfY23IgEzS/jPd/m4jueRTDbtDl7cFTUmKKsF1WWH84l
+s49J2HktiHTiHyZphgWFfbjUZO4nbH11Pac64WPfoeTzm9LnM0xXNd/7VCDXRess
+a6pXtAQXAZri9HOsAeNO0WFivu4oug2pyUoLE64o3UemSwBi0JW2W1KvuYGnQXEa
+HqrFGLBSEQuD4wTePdK0USjhNC8ceMx04b1hUQzuMf8pcXdpkLN6bIOaA/FRxmX9
+3L+6CZPVfQvvw10eLjWv3UYgIjOQFCUR4LsvkVxTaEav0KwmyCC4GUr9Vd+n3eQ=
+-----END CERTIFICATE-----