From 8b5a7fb02cb8fd76efa0e96fa6dc219fd35144b3 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 3 May 2018 18:41:08 +0200 Subject: tv gitrepos: kops -> krops --- tv/2configs/gitrepos.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index c3418e7ee..a4e3aafca 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -42,7 +42,7 @@ let { kirk = { cgit.desc = "IRC tools"; }; - kops = { + krops = { cgit.desc = "deployment tools"; }; load-env = {}; -- cgit v1.2.3 From 6e35be71f64dbb6d83bfd1d6fd8a2d8e1c9eb842 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 3 May 2018 18:49:46 +0200 Subject: kops 1.1.0 -> krops 1.0.0 --- krebs/5pkgs/simple/kops.nix | 7 ------- krebs/5pkgs/simple/krops.nix | 7 +++++++ 2 files changed, 7 insertions(+), 7 deletions(-) delete mode 100644 krebs/5pkgs/simple/kops.nix create mode 100644 krebs/5pkgs/simple/krops.nix diff --git a/krebs/5pkgs/simple/kops.nix b/krebs/5pkgs/simple/kops.nix deleted file mode 100644 index 8db4b8ddd..000000000 --- a/krebs/5pkgs/simple/kops.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ fetchgit, ... }: - -fetchgit { - url = https://cgit.krebsco.de/kops; - rev = "refs/tags/v1.1.0"; - sha256 = "0k3zhv2830z4bljcdvf6ciwjihk2zzcn9y23p49c6sba5hbsd6jb"; -} diff --git a/krebs/5pkgs/simple/krops.nix b/krebs/5pkgs/simple/krops.nix new file mode 100644 index 000000000..29bfb52f5 --- /dev/null +++ b/krebs/5pkgs/simple/krops.nix @@ -0,0 +1,7 @@ +{ fetchgit, ... }: + +fetchgit { + url = https://cgit.krebsco.de/krops; + rev = "refs/tags/v1.0.0"; + sha256 = "0ahp3fxb3l1vcjylxw0cd0f4hfp98bxskkf3z9d37hl3m7v4pcb4"; +} -- cgit v1.2.3 From b81fe57e3e137a2449fb8cc5e627e484d84bb00e Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 3 May 2018 22:49:27 +0200 Subject: all hope is lost. RIP --- krebs/1systems/hope/config.nix | 41 ---------------------------------------- krebs/1systems/hope/source.nix | 3 --- krebs/3modules/krebs/default.nix | 32 ------------------------------- 3 files changed, 76 deletions(-) delete mode 100644 krebs/1systems/hope/config.nix delete mode 100644 krebs/1systems/hope/source.nix diff --git a/krebs/1systems/hope/config.nix b/krebs/1systems/hope/config.nix deleted file mode 100644 index c19b210c5..000000000 --- a/krebs/1systems/hope/config.nix +++ /dev/null @@ -1,41 +0,0 @@ -with import ; -{ config, pkgs, ... }: let - - ip = config.krebs.build.host.nets.internet.ip4.addr; - bestGuessGateway = addr: elemAt (match "(.*)(\.[^.])" addr) 0 + ".1"; - -in { - imports = [ - - - - - - { - users.extraUsers = { - satan = { - name = "satan"; - uid = 1338; - home = "/home/satan"; - group = "users"; - createHome = true; - useDefaultShell = true; - initialPassword = "test"; - }; - }; - } - ]; - - krebs.build.host = config.krebs.hosts.hope; - - networking = let - address = config.krebs.build.host.nets.internet.ip4.addr; - in { - defaultGateway = bestGuessGateway address; - interfaces.enp2s1.ip4 = singleton { - inherit address; - prefixLength = 24; - }; - nameservers = ["8.8.8.8"]; - }; -} diff --git a/krebs/1systems/hope/source.nix b/krebs/1systems/hope/source.nix deleted file mode 100644 index 7121d1d9d..000000000 --- a/krebs/1systems/hope/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "hope"; -} diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index a916c1873..a938f8ec9 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -30,38 +30,6 @@ let }); in { hosts = { - hope = { - ci = true; - owner = config.krebs.users.krebs; - nets = { - internet = { - ip4.addr = "45.62.225.18"; - aliases = [ - "hope.i" - ]; - ssh.port = 45621; - }; - retiolum = { - ip4.addr = "10.243.77.4"; - ip6.addr = "42:0:0:0:0:0:77:4"; - aliases = [ - "hope.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAsQVWCoNZZd77tYw1qEDlUsfcF0ld+jVorq2uR5il1D8sqER644l5 - uaWxPQjSl27xdq5kvzIH24Ab6/xF2EDgE2fUTwpO5coBYafeiGyi5AwURQmYMp2a - 2CV7uUAagFQaSzD0Aj796r1BXPn1IeE+uRSBmmc/+/7L0hweRGLiha34NOMZkq+4 - A0pwI/CjnyRXdV4AqfORHXkelykJPATm+m3bC+KYogPBeNMP2AV2aYgY8a0UJPMK - fjAJCzxYJjiYxm8faJlm2U1bWytZODQa8pRZOrYQa4he2UoU6x78CNcrQkYLPOFC - K2Q7+B5WJNKV6CqYztXuU/6LTHJRmV0FiwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdLHRI29xJj1jmfSidE2Dh7EsDNszm+WH3Kj4zYBkP/"; - }; hotdog = { ci = true; owner = config.krebs.users.krebs; -- cgit v1.2.3 From 4f2bf83ff906b9ee0421dabba4ff7e9dab5b7802 Mon Sep 17 00:00:00 2001 From: jeschli Date: Fri, 4 May 2018 16:51:08 +0200 Subject: j conflicts resolve. dirty commit --- jeschli/1systems/bln/config.nix | 25 ++++++++++--------------- jeschli/1systems/bln/hardware-configuration.nix | 2 ++ jeschli/2configs/xserver/Xresources.nix | 4 ++++ jeschli/2configs/xserver/default.nix | 2 ++ 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index c9a7a34e2..ad397728d 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -1,13 +1,15 @@ { config, lib, pkgs, ... }: # bln config file { - imports = - [ - - - - ./hardware-configuration.nix - ]; + imports = [ + ./hardware-configuration.nix + + + + + + + ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -91,18 +93,11 @@ services.printing.drivers = [ pkgs.postscript-lexmark ]; # Enable the X11 windowing system. - services.xserver.enable = true; services.xserver.videoDrivers = [ "nvidia" ]; - services.xserver.windowManager.xmonad.enable = true; - services.xserver.windowManager.xmonad.enableContribAndExtras = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.dpi = 100; - fonts.fontconfig.dpi = 100; - users.extraUsers.jeschli = { isNormalUser = true; - extraGroups = ["docker" "vboxusers"]; + extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; diff --git a/jeschli/1systems/bln/hardware-configuration.nix b/jeschli/1systems/bln/hardware-configuration.nix index b774bfc19..35f0b3bca 100644 --- a/jeschli/1systems/bln/hardware-configuration.nix +++ b/jeschli/1systems/bln/hardware-configuration.nix @@ -30,4 +30,6 @@ nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = "powersave"; + + hardware.pulseaudio.enable = true; } diff --git a/jeschli/2configs/xserver/Xresources.nix b/jeschli/2configs/xserver/Xresources.nix index e433a855e..e8154912c 100644 --- a/jeschli/2configs/xserver/Xresources.nix +++ b/jeschli/2configs/xserver/Xresources.nix @@ -3,6 +3,10 @@ with import ; pkgs.writeText "Xresources" /* xdefaults */ '' + Xcursor.theme: aero-large-drop + Xcursor.size: 128 + Xft.dpi: 144 + URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’" URxvt*eightBitInput: false URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 diff --git a/jeschli/2configs/xserver/default.nix b/jeschli/2configs/xserver/default.nix index df06000f3..4e646811d 100644 --- a/jeschli/2configs/xserver/default.nix +++ b/jeschli/2configs/xserver/default.nix @@ -43,6 +43,8 @@ in { enable = true; display = 11; tty = 11; + + dpi = 200; synaptics = { enable = true; -- cgit v1.2.3 From 6cd3f1607b3c0e9b42fc41f5e3545e324d0fe43a Mon Sep 17 00:00:00 2001 From: jeschli Date: Fri, 4 May 2018 16:58:43 +0200 Subject: j: changed cert hashes --- jeschli/1systems/bln/config.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 190f6f539..c5f8101ea 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -123,15 +123,17 @@ # DCSO Certificates security.pki.certificateFiles = [ - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "14vz9c0fk6li0a26vx0s5ha6y3yivnshx9pjlh9vmnpkbph5a7rh"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "0r1dd48a850cv7whk4g2maik550rd0vsrsl73r6x0ivzz7ap1xz5"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "0b5cdchdkvllnr0kz35d8jrmrf9cjw0kd98mmvzr0x6nkc8hwpdy"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "0rn57zv1ry9vj4p2248mxmafmqqmdhbrfx1plszrxsphshbk2hfz"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; }) - (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; }) + + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; }) + (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; }) ]; + hardware.bluetooth.enable = true; krebs.build.host = config.krebs.hosts.bln; } -- cgit v1.2.3 From 3b6c1b0efcfb848a3e3c380664dcc5315169549a Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 17:15:50 +0200 Subject: j zsh: pin LS_COLORS rev --- jeschli/2configs/zsh.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jeschli/2configs/zsh.nix b/jeschli/2configs/zsh.nix index be5b661b4..0f6775efb 100644 --- a/jeschli/2configs/zsh.nix +++ b/jeschli/2configs/zsh.nix @@ -53,8 +53,8 @@ eval $(dircolors -b ${pkgs.fetchFromGitHub { owner = "trapd00r"; repo = "LS_COLORS"; - rev = "master"; - sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp"; + rev = "a75fca8545f91abb8a5f802981033ef54bf1eac0"; + sha256="1lzj0qnj89mzh76ha137mnz2hf86k278rh0y9x124ghxj9yqsnb4"; }}/LS_COLORS) #beautiful colors -- cgit v1.2.3 From c1e6915ccf9dbdd38c35f4849fd2a8a89c35a62d Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:28:15 +0200 Subject: l: add lol.lassul.us --- krebs/3modules/lass/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 48df04bcb..36fd5fc63 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -65,6 +65,7 @@ with import ; io 60 IN NS ions.lassul.us. ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + lol 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { -- cgit v1.2.3 From f4c7c3ebdce7c4a248140d20464fbdf65ea0c921 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:30:19 +0200 Subject: l mors: open chromecast ports --- lass/1systems/mors/config.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index f8a16ad2e..586a957cf 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -35,9 +35,11 @@ with import ; { - #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ + #risk of rain { predicate = "-p tcp --dport 11100"; target = "ACCEPT"; } + #chromecast + { predicate = "-p udp -m multiport --sports 32768:61000 -m multiport --dports 32768:61000"; target = "ACCEPT"; } ]; } { -- cgit v1.2.3 From 5fe30a149d649b24cb0c55e398064adfce51614c Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:30:51 +0200 Subject: l: init nichtparasoup --- lass/5pkgs/nichtparasoup/default.nix | 25 +++++++++++++++++++++++++ lass/5pkgs/nichtparasoup/exception.patch | 13 +++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 lass/5pkgs/nichtparasoup/default.nix create mode 100644 lass/5pkgs/nichtparasoup/exception.patch diff --git a/lass/5pkgs/nichtparasoup/default.nix b/lass/5pkgs/nichtparasoup/default.nix new file mode 100644 index 000000000..cf34c683f --- /dev/null +++ b/lass/5pkgs/nichtparasoup/default.nix @@ -0,0 +1,25 @@ +{ stdenv, pkgs, ... }: +let + py = pkgs.python3Packages.python.withPackages (p: [ + p.werkzeug + p.beautifulsoup4 + ]); + src = pkgs.fetchFromGitHub { + owner = "k4cg"; + repo = "nichtparasoup"; + rev = "cf164b5"; + sha256 = "09bwh76agp14j8rv7bp47jcwhffc1b0bak0ikvzxyphph5lyidk9"; + }; + patchedSrc = stdenv.mkDerivation { + name = "nichtparasoup"; + inherit src; + patches = [ ./exception.patch ]; + phases = [ "unpackPhase" "patchPhase" "installPhase" ]; + installPhase = '' + mkdir -p $out + cp -r * $out/ + ''; + }; +in pkgs.writeDashBin "nichtparasoup" '' + ${py}/bin/python ${patchedSrc}/nichtparasoup.py "$@" +'' diff --git a/lass/5pkgs/nichtparasoup/exception.patch b/lass/5pkgs/nichtparasoup/exception.patch new file mode 100644 index 000000000..34c177de0 --- /dev/null +++ b/lass/5pkgs/nichtparasoup/exception.patch @@ -0,0 +1,13 @@ +diff --git a/nichtparasoup.py b/nichtparasoup.py +index 9da9a2b..833ca71 100755 +--- a/nichtparasoup.py ++++ b/nichtparasoup.py +@@ -211,7 +211,7 @@ def cache_fill_loop(): + try: + sources[crawler][site].crawl() + info = Crawler.info() +- except Exception, e: ++ except Exception as e: + logger.error("Error in crawler %s - %s: %s" % (crawler, site, e)) + break + -- cgit v1.2.3 From 80cb62753405364cedb40f7591704dde56593de3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:31:12 +0200 Subject: l: add nichtparasoup module --- lass/3modules/default.nix | 1 + lass/3modules/nichtparasoup.nix | 48 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 lass/3modules/nichtparasoup.nix diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 5e7e6dff3..2cf6a66b9 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -7,6 +7,7 @@ _: ./hosts.nix ./mysql-backup.nix ./news.nix + ./nichtparasoup.nix ./pyload.nix ./restic.nix ./screenlock.nix diff --git a/lass/3modules/nichtparasoup.nix b/lass/3modules/nichtparasoup.nix new file mode 100644 index 000000000..dd1419f24 --- /dev/null +++ b/lass/3modules/nichtparasoup.nix @@ -0,0 +1,48 @@ +{ config, lib, pkgs, ... }: + +with import ; + +{ + options.lass.nichtparasoup = { + enable = mkEnableOption "nichtparasoup funny image page"; + config = mkOption { + type = types.str; + default = '' + [General] + Port: 5001 + IP: 0.0.0.0 + Useragent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25 + + [Cache] + Images_min_limit: 15 + + [Logging] + ;; possible destinations: file syslog + Destination: syslog + Verbosity: ERROR + + [Sites] + SoupIO: everyone + Pr0gramm: new,top + Reddit: gifs,pics,aww,aww_gifs,reactiongifs,wtf,FoodPorn,cats,StarWars,ANormalDayInRussia,perfectloops,reallifedoodles + NineGag: geeky,wtf,hot,trending + Instagram: cats,animals,nerdy_gaming_art,nature,wtf + Fourchan: sci + ''; + }; + }; + + config = mkIf config.lass.nichtparasoup.enable { + systemd.services.nichtparasoup = { + description = "nichtparasoup"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + restartIfChanged = true; + serviceConfig = { + Restart = "always"; + ExecStart = "${pkgs.nichtparasoup}/bin/nichtparasoup -c ${pkgs.writeText "config.ini"config.lass.nichtparasoup.config}"; + }; + }; + }; +} -- cgit v1.2.3 From 67047f9e8dc18e43ce37927b19a6aae62c2ab4a1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:32:23 +0200 Subject: l prism.r: add pubkey to download --- lass/1systems/prism/config.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 564315e8f..76aaf0cdc 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -358,6 +358,11 @@ in { }; }); } + { + users.users.download.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" + ]; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From 24a3d64301ccbc39bdc6e46d5b6201b48311ed80 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:37:21 +0200 Subject: l prism.r: enable nichtparasoup --- lass/1systems/prism/config.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 76aaf0cdc..90decc35e 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -363,6 +363,22 @@ in { "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" ]; } + { + lass.nichtparasoup.enable = true; + services.nginx = { + enable = true; + virtualHosts.lol = { + forceSSL = true; + enableACME = true; + locations."/".extraConfig = '' + proxy_pass http://localhost:5001; + ''; + serverAliases = [ + "lol.lassul.us" + ]; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; -- cgit v1.2.3 From e1a0d9409d7f7e1c60f98ef2ee69cfecc445aa08 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 4 May 2018 20:59:08 +0200 Subject: l nichtparasoup: cf164b5 -> c6dcd0d --- lass/5pkgs/nichtparasoup/default.nix | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/lass/5pkgs/nichtparasoup/default.nix b/lass/5pkgs/nichtparasoup/default.nix index cf34c683f..fcff7ad54 100644 --- a/lass/5pkgs/nichtparasoup/default.nix +++ b/lass/5pkgs/nichtparasoup/default.nix @@ -7,19 +7,9 @@ let src = pkgs.fetchFromGitHub { owner = "k4cg"; repo = "nichtparasoup"; - rev = "cf164b5"; - sha256 = "09bwh76agp14j8rv7bp47jcwhffc1b0bak0ikvzxyphph5lyidk9"; - }; - patchedSrc = stdenv.mkDerivation { - name = "nichtparasoup"; - inherit src; - patches = [ ./exception.patch ]; - phases = [ "unpackPhase" "patchPhase" "installPhase" ]; - installPhase = '' - mkdir -p $out - cp -r * $out/ - ''; + rev = "c6dcd0d"; + sha256 = "10xy20bjdnd5bjv2hf6v5y5wi0mc9555awxkjqf57rk6ngc5w6ss"; }; in pkgs.writeDashBin "nichtparasoup" '' - ${py}/bin/python ${patchedSrc}/nichtparasoup.py "$@" + ${py}/bin/python ${src}/nichtparasoup.py "$@" '' -- cgit v1.2.3 From 8d6ab1e0bb0be7f779b721c797b937be8e452e02 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 7 May 2018 00:35:28 +0200 Subject: l: add icarus.pgp --- krebs/3modules/lass/default.nix | 1 + krebs/3modules/lass/pgp/icarus.pgp | 51 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 krebs/3modules/lass/pgp/icarus.pgp diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 36fd5fc63..aa0b43f9a 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -698,6 +698,7 @@ with import ; lass-icarus = { mail = "lass@icarus.r"; pubkey = builtins.readFile ./ssh/icarus.rsa; + pgp.pubkeys.default = builtins.readFile ./pgp/icarus.pgp; }; lass-xerxes = { mail = "lass@xerxes.r"; diff --git a/krebs/3modules/lass/pgp/icarus.pgp b/krebs/3modules/lass/pgp/icarus.pgp new file mode 100644 index 000000000..f41478a09 --- /dev/null +++ b/krebs/3modules/lass/pgp/icarus.pgp @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFpqAGEBEADWiwVYVFXuK9kM7Y1XFL70jb2ZAZBRIpcZF81URMDFhm6ulvHq +fEhXTpiKKmfnv5Mz6r6wAWLJFKOKZuEvg8NwplRrlBHMkR3iEx4+7sP/dVey7U6f ++gI61ytFHTOKr52gstPVdXO3xhNmdrAI1hFuF2DxoXKloz8tPP92dZcCdm7+5C+2 +KSYEBrIp/Zv1cjkbAFwek5y4ut65sBh/VM+RhSLbqwzyCxwfBE9QAJdIEiSmChql +Lcz6CToYrdXhOY0ykx+QhT092k/6Xh66JeZ63WVHGrF+SSabq5NNcbWi7EISioHd +N6JXZmbXMpS/BxgMe145e3mWnd3KOSeOxaiORqev8VOycjRQJfSm8Ky+GtWIyxp7 +rwEHbY8vlG2X9RMW5UxVmSRPWLykZoX0Xvmnrpwcohb5WdkuCp9NjqF0gDswU8do +bCqASfeWBvJAQkoAlMLU7YH+ymmeQcSVdLy4Jpv1fk5FocQBihTBnC1+ztt7Rm8m +8VGEpH1h174/z4Xn+bCkRZqopl9GlvpilLT8m8N8jdL7QLZJlQwrHVtima8Rg3XZ +TriW1Ha/NxHZ8nN7pbisqXHCrJB0szzu++yVeQ7Ebr7HA0tIHqDhqVR0s6a1g5AX +JYI8vCErowhvPf+BVCUYfmh5dJAY6tt9zrvCneaZ7ogPzOH9kRnZXYi7ZQARAQAB +tBZpY2FydXMgPGxhc3NAaWNhcnVzLnI+iQJOBBMBCAA4FiEEbimq9dgDayT9DrQy +FSODpr2bDFMFAlpqAGECGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQFSOD +pr2bDFNVohAAiY6Pp4whrAIKwNkzqLkUl2SyQCVSGOce906jthKSixdfaUORZPdD +AnyYUmPyVpWxKYjZl7IfmDDo7D6m21tP8FxCRK8/oYAtz3uRK5b5sb0/5YR77O9+ +s65sNhU8jiHetUEHQ0Z9UJKfm1DpanJ37uIhVcye8BC8OuSD0v0s+hZ+2ZaN1qdn +qqCkujAILxOWo1ZDqpXfHaV11AotzlgyYmxlXzClsLB0SGhU7HUZesKETn3JUmrV +88kkpug8gn9MpTSPDIWsTeNUWpNhqdDRA+2TUygtpQSKzJC8sdkFaWkMrH3cF6wA +BZ+4tS2mRMQWq9BNMK+xnkWPvYO9e6v4ddXtlcVgGTUhSo+opCXza3dcXE5Xbv8x +a1T5HJSV0HQPTrlAUoXZveu7ZgYVO5SOTCm1jBNKX8WCmvO6yJRalxo9N/d6gswq +tKAGm9tlXpTXnG6tvebmSxjzjVwjbQMDJGy4Cj4bw0GGCdapDFrPidUDY/INmU7D +TWtNsAJlJRuu7ddxIVTspZ7rmDBAOhYzXxGuU3ntZFTiFm9BpCmHYWpeQ5EKuxhJ +mgxzC9wKDoS8NRKwt5ak/mX0vpXkJjF2Lrza0wCAZ1ZYWFNaehEwhNT51s9kZIi3 +w1v2z8xmu7VDq/n2sMRtMe7MVIOh1Nu7l/5Uqeb+EYnEc1NGZsFxcYK5Ag0EWmoA +YQEQALMaaF9HeDpeqDjDpxanjjIz4YXMZoMkXwrLS/Rn2mobG5lJzxU+1AkwXxTD +K45A0YHWsnAH1S8V9Gx+NlUMS/S/m9BruSXNohUKARIJLbltEM/EufOThjgfhW0Y +cLorZ1kOSZvORR9+Ctuq/RcvGFwyLB/4OpcGHUezTIcAkLUo0lKPS4HtT2ogSUIx +UstAMwEOSQIDR6sDDiS0BXNdlkKK6daLpH+snQMGP+ILAyRHGu1MlYkACDQZa5aP +9vpany7zC9Ls7vaewCevZCUJfs00VF72pdCRdBV8oPQqwPfhS+uSCV58WwWCqHTq +8PtxCVVzQdngOvScRvjrijtzlseyyTW3w9DPoDsQ16oM3y0kcnnv2hdfTVuv4+YK +9fVRIrWEAlU3cxud7iws9+vUO9GwyWy+epFLiCgNgJR/RVIIjcHUExn/XAcFStjw +QtW+3BxjYmdJpsh5wvmMJSMZDJFMEdKYPm4RI7ZfKVwl6yFeJt3hNkLxxF7k2fXB +84pIvl03hXA3tRQ5t46wS7L2EPlWT00+MCraczvbIS+SX1nCp4ZXLBs0YmicioBS +Os0zEtVs+80eWMf86MTT7YLwre4t+QRbM/RyIvJFTqBT3ad7/7ZMyEuVJBwDJlpx +LGwZGa6zwnbzcf8Us4kAIRzQoK8VOg/xC/ymJYCk3oJCKD9RABEBAAGJAjYEGAEI +ACAWIQRuKar12ANrJP0OtDIVI4OmvZsMUwUCWmoAYQIbDAAKCRAVI4OmvZsMU1vw +EACDJDmZR5BIPxwr9+1Z5ZgT7XcBUbu4F2w84J3xqCUYqcti6I4lSMtxfw94crMp +HoexOVOhvoTneIliv0a4ZSu84u4CGoFn4M7RA0Ka1SVvbuasXf57sVwRptXjr3LL +f/0olra5rkIyZbsvKm0g2N/bfmCfmtOClFDst2yK/FovW5PJBRx2mT38qBhHG8j2 +P7zG0/vO846FxjAGvOMGlEVGmN+R9BeecomOKsKgvUbsycAwzZi/2vWAUGbJBYjx +Yd+K8wjPE8g5CumxaLSH/dlY/0BOZygjank+aHLrwMtNnplYVJmmqDhdbgwN6DDk +cCQNLQyk61IdhtZ7UzJyFTkXnXiirrO4WzL6GJjunNzvcTUAU5vNiG+2he1GdxZF +WiLRrcC+oIMWVST8fNRwJZU+Ibw/UIfEV/rHau0fJlxZatks7Qd8gjxSHIyElUVj +CYrizbFPZ85IhkCirX2tvhycK/nseAYjDuJkJIp3Io0sl3cQ9M8Kx790LUbYzNC4 +bZn8vA1YwTr1ny3+vEhMhaaVSTeVrWYV8023kwzcLRWra7F1hJcc9+LNmqHvXR67 +uBW2KPIrXKrjJmGkMVBSrf9PJu5jNfvCWOntck7C7xOWoUcgyt3uTpP7FkHVdolh +HFNPouS3w0HoB20zdCpmyFNs6Rjhey2r5JIttd6ATVRVYA== +=gJia +-----END PGP PUBLIC KEY BLOCK----- -- cgit v1.2.3 From 4b9ad61e03c18ae2687d49a365fb4e95ac2dbeec Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 7 May 2018 19:51:21 +0200 Subject: l icarus.r: add dpass & macchanger --- lass/1systems/icarus/config.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index b6a0822b9..f9754ee92 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -33,4 +33,9 @@ SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" ''; + + environment.systemPackages = with pkgs; [ + macchanger + dpass + ]; } -- cgit v1.2.3 From 2dc18fb83a0c8fcd9c4cb04de9470e73c29fcedd Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 7 May 2018 19:55:38 +0200 Subject: l prism.r: simplify lol.lassul.us nginx --- lass/1systems/prism/config.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 90decc35e..d4be2faaf 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -367,15 +367,12 @@ in { lass.nichtparasoup.enable = true; services.nginx = { enable = true; - virtualHosts.lol = { + virtualHosts."lol.lassul.us" = { forceSSL = true; enableACME = true; locations."/".extraConfig = '' proxy_pass http://localhost:5001; ''; - serverAliases = [ - "lol.lassul.us" - ]; }; }; } -- cgit v1.2.3 From c0f7f7bab5447ebf95f4873f7ff9679938ff6d27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 7 May 2018 19:56:26 +0200 Subject: l baseX: add dconf --- lass/2configs/baseX.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index e2e44b6fc..809297655 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -74,6 +74,7 @@ in { gi git-preview gitAndTools.qgit + gnome3.dconf lm_sensors mpv-poll much -- cgit v1.2.3 From e8c4f7c0e40a1612731ad9f68ef7f5bb1ec7ce1c Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 7 May 2018 19:57:44 +0200 Subject: l websites utils: forceSSL --- lass/2configs/websites/util.nix | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 61b5543ce..a11e8e692 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -16,11 +16,7 @@ rec { in { services.nginx.virtualHosts.${domain} = { enableACME = true; - onlySSL = true; - extraConfig = '' - listen 80; - listen [::]:80; - ''; + forceSSL = true; serverAliases = domains; locations."/".extraConfig = '' root /srv/http/${domain}; @@ -87,12 +83,9 @@ rec { in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - onlySSL = true; + forceSSL = true; serverAliases = domains; extraConfig = '' - listen 80; - listen [::]:80; - # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; @@ -201,12 +194,9 @@ rec { in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - onlySSL = true; + forceSSL = true; serverAliases = domains; extraConfig = '' - listen 80; - listen [::]:80; - root /srv/http/${domain}/; index index.php; access_log /tmp/nginx_acc.log; -- cgit v1.2.3 From 06402dba84c42396a911ceff56c15a26b9f5ee9c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 8 May 2018 08:28:21 +0200 Subject: l icarus.r: import wine.nix --- lass/1systems/icarus/config.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index f9754ee92..eb2be5869 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -17,6 +17,7 @@ + ]; krebs.build.host = config.krebs.hosts.icarus; @@ -38,4 +39,8 @@ macchanger dpass ]; + services.redshift = { + enable = true; + provider = "geoclue2"; + }; } -- cgit v1.2.3 From 603db72c0d4bb98ca0b56aa94fa69299123d784c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 8 May 2018 08:30:10 +0200 Subject: l nichtparasoup: update default feeds --- lass/3modules/nichtparasoup.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/3modules/nichtparasoup.nix b/lass/3modules/nichtparasoup.nix index dd1419f24..14f4fffc8 100644 --- a/lass/3modules/nichtparasoup.nix +++ b/lass/3modules/nichtparasoup.nix @@ -24,9 +24,9 @@ with import ; [Sites] SoupIO: everyone Pr0gramm: new,top - Reddit: gifs,pics,aww,aww_gifs,reactiongifs,wtf,FoodPorn,cats,StarWars,ANormalDayInRussia,perfectloops,reallifedoodles + Reddit: gifs,reactiongifs,ANormalDayInRussia,perfectloops,reallifedoodles,bizarrebuildings,cablefail,cableporn,cableporn,cableporn,educationalgifs,EngineeringPorn,forbiddensnacks,holdmybeer,itsaunixsystem,loadingicon,michaelbaygifs,nononoyesno,oddlysatisfying,ofcoursethatsathing,OSHA,PeopleFuckingDying,PerfectTiming,PixelArt,RetroFuturism,robotsbeingjerks,scriptedasiangifs,shittyrobots,startrekstabilized,ThingsCutInHalfPorn,totallynotrobots,Unexpected NineGag: geeky,wtf,hot,trending - Instagram: cats,animals,nerdy_gaming_art,nature,wtf + Instagram: nature,wtf Fourchan: sci ''; }; -- cgit v1.2.3 From af75b96fbe412527c4bf9129de850bcab3e7c7cb Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 8 May 2018 08:31:53 +0200 Subject: l xmonad: change default layout order --- lass/5pkgs/custom/xmonad-lass/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 18cb25b5b..868c1072a 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -90,7 +90,7 @@ main' = do myLayoutHook = defLayout where - defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1 ||| simplestFloat) + defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat) floatHooks :: Query (Endo WindowSet) floatHooks = composeAll . concat $ -- cgit v1.2.3 From edafe24e94252e2be936a760ce47485c8e4fa0af Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 8 May 2018 19:25:59 +0200 Subject: tv nixpkgs: 53e6d67 -> 7cbf6ca --- tv/source.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tv/source.nix b/tv/source.nix index e5e5e0413..14527d956 100644 --- a/tv/source.nix +++ b/tv/source.nix @@ -16,8 +16,7 @@ in { nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; nixpkgs.git = { - # nixos-17.09 - ref = mkDefault "53e6d671a9662922080635482b7e1c418d2cdc72"; + ref = mkDefault "7cbf6ca1c84dfc917c1a99524e082fb677501844"; url = https://github.com/NixOS/nixpkgs; }; secrets.file = getAttr builder { -- cgit v1.2.3 From 47c0b0261eabdf230bfc7a375a3a008a04b61c4a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 9 May 2018 11:11:50 +0200 Subject: krebs: 6tests -> 0tests --- krebs/0tests/data/secrets/grafana_security.nix | 1 + krebs/0tests/data/secrets/hashedPasswords.nix | 1 + krebs/0tests/data/secrets/retiolum.rsa_key.priv | 0 .../data/secrets/shackspace-gitlab-ci-token.nix | 1 + krebs/0tests/data/secrets/ssh.id_ed25519 | 0 krebs/0tests/data/test-config.nix | 22 +++++ krebs/0tests/data/test-source.nix | 12 +++ krebs/0tests/default.nix | 6 ++ krebs/0tests/deploy.nix | 106 +++++++++++++++++++++ krebs/3modules/ci.nix | 2 +- krebs/6tests/data/secrets/grafana_security.nix | 1 - krebs/6tests/data/secrets/hashedPasswords.nix | 1 - krebs/6tests/data/secrets/retiolum.rsa_key.priv | 0 .../data/secrets/shackspace-gitlab-ci-token.nix | 1 - krebs/6tests/data/secrets/ssh.id_ed25519 | 0 krebs/6tests/data/test-config.nix | 22 ----- krebs/6tests/data/test-source.nix | 12 --- krebs/6tests/default.nix | 6 -- krebs/6tests/deploy.nix | 106 --------------------- krebs/kops.nix | 2 +- krebs/source.nix | 2 +- makefu/0tests/data/secrets/auth.nix | 3 + makefu/0tests/data/secrets/bepasty-secret.nix | 1 + .../secrets/bgt_cyberwar_hidden_service/hostname | 1 + makefu/0tests/data/secrets/daemon-pw | 1 + .../data/secrets/dl.euer.krebsco.de-auth.nix | 1 + makefu/0tests/data/secrets/extra-hosts.nix | 1 + makefu/0tests/data/secrets/grafana_security.nix | 5 + makefu/0tests/data/secrets/hashedPasswords.nix | 1 + makefu/0tests/data/secrets/iodinepw.nix | 1 + makefu/0tests/data/secrets/kibana-auth.nix | 4 + makefu/0tests/data/secrets/nsupdate-data.nix | 1 + makefu/0tests/data/secrets/nsupdate-search.nix | 3 + .../0tests/data/secrets/retiolum-ci.rsa_key.priv | 0 makefu/0tests/data/secrets/retiolum.rsa_key.priv | 0 makefu/0tests/data/secrets/retiolum.rsa_key.pub | 0 makefu/0tests/data/secrets/sambacred | 0 .../data/secrets/shackspace-gitlab-ci-token.nix | 1 + makefu/0tests/data/secrets/ssh.id_ed25519 | 0 makefu/0tests/data/secrets/ssh.makefu.id_rsa | 0 makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub | 0 makefu/0tests/data/secrets/ssh_host_ed25519_key | 0 makefu/0tests/data/secrets/ssh_host_rsa_key | 0 makefu/0tests/data/secrets/tinc.krebsco.de.crt | 0 makefu/0tests/data/secrets/tinc.krebsco.de.key | 0 makefu/0tests/data/secrets/tw-pass.ini | 0 makefu/0tests/data/secrets/wildcard.krebsco.de.crt | 0 makefu/0tests/data/secrets/wildcard.krebsco.de.key | 0 makefu/6tests/data/secrets/auth.nix | 3 - makefu/6tests/data/secrets/bepasty-secret.nix | 1 - .../secrets/bgt_cyberwar_hidden_service/hostname | 1 - makefu/6tests/data/secrets/daemon-pw | 1 - .../data/secrets/dl.euer.krebsco.de-auth.nix | 1 - makefu/6tests/data/secrets/extra-hosts.nix | 1 - makefu/6tests/data/secrets/grafana_security.nix | 5 - makefu/6tests/data/secrets/hashedPasswords.nix | 1 - makefu/6tests/data/secrets/iodinepw.nix | 1 - makefu/6tests/data/secrets/kibana-auth.nix | 4 - makefu/6tests/data/secrets/nsupdate-data.nix | 1 - makefu/6tests/data/secrets/nsupdate-search.nix | 3 - .../6tests/data/secrets/retiolum-ci.rsa_key.priv | 0 makefu/6tests/data/secrets/retiolum.rsa_key.priv | 0 makefu/6tests/data/secrets/retiolum.rsa_key.pub | 0 makefu/6tests/data/secrets/sambacred | 0 .../data/secrets/shackspace-gitlab-ci-token.nix | 1 - makefu/6tests/data/secrets/ssh.id_ed25519 | 0 makefu/6tests/data/secrets/ssh.makefu.id_rsa | 0 makefu/6tests/data/secrets/ssh.makefu.id_rsa.pub | 0 makefu/6tests/data/secrets/ssh_host_ed25519_key | 0 makefu/6tests/data/secrets/ssh_host_rsa_key | 0 makefu/6tests/data/secrets/tinc.krebsco.de.crt | 0 makefu/6tests/data/secrets/tinc.krebsco.de.key | 0 makefu/6tests/data/secrets/tw-pass.ini | 0 makefu/6tests/data/secrets/wildcard.krebsco.de.crt | 0 makefu/6tests/data/secrets/wildcard.krebsco.de.key | 0 makefu/source.nix | 4 +- nin/0tests/dummysecrets/hashedPasswords.nix | 1 + nin/0tests/dummysecrets/ssh.id_ed25519 | 0 nin/6tests/dummysecrets/hashedPasswords.nix | 1 - nin/6tests/dummysecrets/ssh.id_ed25519 | 0 nin/source.nix | 2 +- 81 files changed, 180 insertions(+), 180 deletions(-) create mode 100644 krebs/0tests/data/secrets/grafana_security.nix create mode 100644 krebs/0tests/data/secrets/hashedPasswords.nix create mode 100644 krebs/0tests/data/secrets/retiolum.rsa_key.priv create mode 100644 krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix create mode 100644 krebs/0tests/data/secrets/ssh.id_ed25519 create mode 100644 krebs/0tests/data/test-config.nix create mode 100644 krebs/0tests/data/test-source.nix create mode 100644 krebs/0tests/default.nix create mode 100644 krebs/0tests/deploy.nix delete mode 100644 krebs/6tests/data/secrets/grafana_security.nix delete mode 100644 krebs/6tests/data/secrets/hashedPasswords.nix delete mode 100644 krebs/6tests/data/secrets/retiolum.rsa_key.priv delete mode 100644 krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix delete mode 100644 krebs/6tests/data/secrets/ssh.id_ed25519 delete mode 100644 krebs/6tests/data/test-config.nix delete mode 100644 krebs/6tests/data/test-source.nix delete mode 100644 krebs/6tests/default.nix delete mode 100644 krebs/6tests/deploy.nix create mode 100644 makefu/0tests/data/secrets/auth.nix create mode 100644 makefu/0tests/data/secrets/bepasty-secret.nix create mode 100644 makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname create mode 100644 makefu/0tests/data/secrets/daemon-pw create mode 100644 makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix create mode 100644 makefu/0tests/data/secrets/extra-hosts.nix create mode 100644 makefu/0tests/data/secrets/grafana_security.nix create mode 100644 makefu/0tests/data/secrets/hashedPasswords.nix create mode 100644 makefu/0tests/data/secrets/iodinepw.nix create mode 100644 makefu/0tests/data/secrets/kibana-auth.nix create mode 100644 makefu/0tests/data/secrets/nsupdate-data.nix create mode 100644 makefu/0tests/data/secrets/nsupdate-search.nix create mode 100644 makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv create mode 100644 makefu/0tests/data/secrets/retiolum.rsa_key.priv create mode 100644 makefu/0tests/data/secrets/retiolum.rsa_key.pub create mode 100644 makefu/0tests/data/secrets/sambacred create mode 100644 makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix create mode 100644 makefu/0tests/data/secrets/ssh.id_ed25519 create mode 100644 makefu/0tests/data/secrets/ssh.makefu.id_rsa create mode 100644 makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub create mode 100644 makefu/0tests/data/secrets/ssh_host_ed25519_key create mode 100644 makefu/0tests/data/secrets/ssh_host_rsa_key create mode 100644 makefu/0tests/data/secrets/tinc.krebsco.de.crt create mode 100644 makefu/0tests/data/secrets/tinc.krebsco.de.key create mode 100644 makefu/0tests/data/secrets/tw-pass.ini create mode 100644 makefu/0tests/data/secrets/wildcard.krebsco.de.crt create mode 100644 makefu/0tests/data/secrets/wildcard.krebsco.de.key delete mode 100644 makefu/6tests/data/secrets/auth.nix delete mode 100644 makefu/6tests/data/secrets/bepasty-secret.nix delete mode 100644 makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname delete mode 100644 makefu/6tests/data/secrets/daemon-pw delete mode 100644 makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix delete mode 100644 makefu/6tests/data/secrets/extra-hosts.nix delete mode 100644 makefu/6tests/data/secrets/grafana_security.nix delete mode 100644 makefu/6tests/data/secrets/hashedPasswords.nix delete mode 100644 makefu/6tests/data/secrets/iodinepw.nix delete mode 100644 makefu/6tests/data/secrets/kibana-auth.nix delete mode 100644 makefu/6tests/data/secrets/nsupdate-data.nix delete mode 100644 makefu/6tests/data/secrets/nsupdate-search.nix delete mode 100644 makefu/6tests/data/secrets/retiolum-ci.rsa_key.priv delete mode 100644 makefu/6tests/data/secrets/retiolum.rsa_key.priv delete mode 100644 makefu/6tests/data/secrets/retiolum.rsa_key.pub delete mode 100644 makefu/6tests/data/secrets/sambacred delete mode 100644 makefu/6tests/data/secrets/shackspace-gitlab-ci-token.nix delete mode 100644 makefu/6tests/data/secrets/ssh.id_ed25519 delete mode 100644 makefu/6tests/data/secrets/ssh.makefu.id_rsa delete mode 100644 makefu/6tests/data/secrets/ssh.makefu.id_rsa.pub delete mode 100644 makefu/6tests/data/secrets/ssh_host_ed25519_key delete mode 100644 makefu/6tests/data/secrets/ssh_host_rsa_key delete mode 100644 makefu/6tests/data/secrets/tinc.krebsco.de.crt delete mode 100644 makefu/6tests/data/secrets/tinc.krebsco.de.key delete mode 100644 makefu/6tests/data/secrets/tw-pass.ini delete mode 100644 makefu/6tests/data/secrets/wildcard.krebsco.de.crt delete mode 100644 makefu/6tests/data/secrets/wildcard.krebsco.de.key create mode 100644 nin/0tests/dummysecrets/hashedPasswords.nix create mode 100644 nin/0tests/dummysecrets/ssh.id_ed25519 delete mode 100644 nin/6tests/dummysecrets/hashedPasswords.nix delete mode 100644 nin/6tests/dummysecrets/ssh.id_ed25519 diff --git a/krebs/0tests/data/secrets/grafana_security.nix b/krebs/0tests/data/secrets/grafana_security.nix new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/krebs/0tests/data/secrets/grafana_security.nix @@ -0,0 +1 @@ +{} diff --git a/krebs/0tests/data/secrets/hashedPasswords.nix b/krebs/0tests/data/secrets/hashedPasswords.nix new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/krebs/0tests/data/secrets/hashedPasswords.nix @@ -0,0 +1 @@ +{} diff --git a/krebs/0tests/data/secrets/retiolum.rsa_key.priv b/krebs/0tests/data/secrets/retiolum.rsa_key.priv new file mode 100644 index 000000000..e69de29bb diff --git a/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix new file mode 100644 index 000000000..963e6db8b --- /dev/null +++ b/krebs/0tests/data/secrets/shackspace-gitlab-ci-token.nix @@ -0,0 +1 @@ +"lol" diff --git a/krebs/0tests/data/secrets/ssh.id_ed25519 b/krebs/0tests/data/secrets/ssh.id_ed25519 new file mode 100644 index 000000000..e69de29bb diff --git a/krebs/0tests/data/test-config.nix b/krebs/0tests/data/test-config.nix new file mode 100644 index 000000000..f0927ddd9 --- /dev/null +++ b/krebs/0tests/data/test-config.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + + + + ]; + + krebs.hosts.minimal = { + cores = 1; + secure = false; + }; + + boot.loader.grub.enable = false; + boot.loader.systemd-boot.enable = true; + + krebs.build = { + host = config.krebs.hosts.minimal; + user = config.krebs.users.krebs; + }; +} diff --git a/krebs/0tests/data/test-source.nix b/krebs/0tests/data/test-source.nix new file mode 100644 index 000000000..dfc6b3297 --- /dev/null +++ b/krebs/0tests/data/test-source.nix @@ -0,0 +1,12 @@ +with import ; +evalSource "" [{ + nixos-config = { + symlink.target = toString ./test-config; + }; + nixpkgs = { + symlink.target = toString ; + }; + stockholm = { + symlink.target = toString ; + }; +}] diff --git a/krebs/0tests/default.nix b/krebs/0tests/default.nix new file mode 100644 index 000000000..c0ca00296 --- /dev/null +++ b/krebs/0tests/default.nix @@ -0,0 +1,6 @@ +with import ; +{ ... }: + +{ + deploy = import ./deploy.nix; +} diff --git a/krebs/0tests/deploy.nix b/krebs/0tests/deploy.nix new file mode 100644 index 000000000..d96963500 --- /dev/null +++ b/krebs/0tests/deploy.nix @@ -0,0 +1,106 @@ +with import ; +import ({ ... }: + +let + pkgs = import { overlays = [(import ../5pkgs)]; }; + test-config = ; + privKey = '' + -----BEGIN OPENSSH PRIVATE KEY----- + b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW + QyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQAAAJBTNHK6UzRy + ugAAAAtzc2gtZWQyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQ + AAAECK2ZlEIofZyGbh7rXlUq5lUsUyotamtp9QrlvoS3qgePW1gPyvoVx3turdnSe+jnjz + eddDxzgsWHR9zDys4JC1AAAACWxhc3NAbW9ycwECAwQ= + -----END OPENSSH PRIVATE KEY----- + ''; + pubKey = '' + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPW1gPyvoVx3turdnSe+jnjzeddDxzgsWHR9zDys4JC1 + ''; + + ssh-config = pkgs.writeText "ssh-config" '' + Host server + StrictHostKeyChecking no + UserKnownHostsFile=/dev/null + ''; + + populate-source = { + nixos-config = { + symlink.target = test-config; + type = "symlink"; + }; + nixpkgs = { + symlink.target = ; + type = "symlink"; + }; + stockholm = { + symlink.target = ; + type = "symlink"; + }; + }; + + test-deploy = pkgs.writeDash "test-deploy" '' + cd ${} + export NIX_PATH=stockholm=${}:nixpkgs=${}:$NIX_PATH + exec >&2 + source=${pkgs.writeJSON "source.json" populate-source} + LOGNAME=krebs ${pkgs.populate}/bin/populate --force root@server:22/var/src/ < "$source" + # TODO: make deploy work + #LOGNAME=krebs ${pkgs.stockholm}/bin/deploy \ + # --force-populate \ + # --source=${./data/test-source.nix} \ + # --system=server \ + ''; + minimalSystem = (import { + modules = [ + test-config + ]; + }).config.system.build.toplevel; + +in { + name = "deploy"; + + nodes = { + + server = + { config, pkgs, ... }: + + { + imports = [ test-config ]; + environment.variables = { + NIX_PATH = mkForce "nixpkgs=${}"; + }; + services.openssh.enable = true; + users.extraUsers.root.openssh.authorizedKeys.keys = [ + pubKey + ]; + virtualisation.pathsInNixDB = [ + minimalSystem + ]; + environment.systemPackages = [ pkgs.git ]; + }; + + client = + { config, pkgs, ... }: + { }; + }; + + testScript = '' + startAll; + + $server->waitForUnit("sshd"); + + $client->succeed("mkdir -p -m 700 /root/.ssh"); + $client->succeed("echo '${privKey}' > /root/.ssh/id_ed25519"); + $client->succeed("cp ${ssh-config} /root/.ssh/config"); + $client->succeed("chmod 600 /root/.ssh/id_ed25519"); + + $server->waitForUnit("network.target"); + $server->succeed("ip route show 1>&2"); + $client->waitForUnit("network.target"); + $client->succeed("${test-deploy}"); + $server->succeed("nixos-rebuild -I /var/src switch"); + + $client->shutdown; + $server->shutdown; + ''; +}) diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index bb19f0602..e97aa16eb 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -147,7 +147,7 @@ in "dummy_secrets": "true", }, command=[ - "nix-build", "-I", "stockholm=.", "krebs/6tests", + "nix-build", "-I", "stockholm=.", "krebs/0tests", "-A", "{}".format(test) ], timeout=90001 diff --git a/krebs/6tests/data/secrets/grafana_security.nix b/krebs/6tests/data/secrets/grafana_security.nix deleted file mode 100644 index 0967ef424..000000000 --- a/krebs/6tests/data/secrets/grafana_security.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/krebs/6tests/data/secrets/hashedPasswords.nix b/krebs/6tests/data/secrets/hashedPasswords.nix deleted file mode 100644 index 0967ef424..000000000 --- a/krebs/6tests/data/secrets/hashedPasswords.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/krebs/6tests/data/secrets/retiolum.rsa_key.priv b/krebs/6tests/data/secrets/retiolum.rsa_key.priv deleted file mode 100644 index e69de29bb..000000000 diff --git a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix b/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix deleted file mode 100644 index 963e6db8b..000000000 --- a/krebs/6tests/data/secrets/shackspace-gitlab-ci-token.nix +++ /dev/null @@ -1 +0,0 @@ -"lol" diff --git a/krebs/6tests/data/secrets/ssh.id_ed25519 b/krebs/6tests/data/secrets/ssh.id_ed25519 deleted file mode 100644 index e69de29bb..000000000 diff --git a/krebs/6tests/data/test-config.nix b/krebs/6tests/data/test-config.nix deleted file mode 100644 index f0927ddd9..000000000 --- a/krebs/6tests/data/test-config.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - - - - ]; - - krebs.hosts.minimal = { - cores = 1; - secure = false; - }; - - boot.loader.grub.enable = false; - boot.loader.systemd-boot.enable = true; - - krebs.build = { - host = config.krebs.hosts.minimal; - user = config.krebs.users.krebs; - }; -} diff --git a/krebs/6tests/data/test-source.nix b/krebs/6tests/data/test-source.nix deleted file mode 100644 index dfc6b3297..000000000 --- a/krebs/6tests/data/test-source.nix +++ /dev/null @@ -1,12 +0,0 @@ -with import ; -evalSource "" [{ - nixos-config = { - symlink.target = toString ./test-config; - }; - nixpkgs = { - symlink.target = toString ; - }; - stockholm = { - symlink.target = toString ; - }; -}] diff --git a/krebs/6tests/default.nix b/krebs/6tests/default.nix deleted file mode 100644 index c0ca00296..000000000 --- a/krebs/6tests/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -with import ; -{ ... }: - -{ - deploy = import ./deploy.nix; -} diff --git a/krebs/6tests/deploy.nix b/krebs/6tests/deploy.nix deleted file mode 100644 index 156e9239f..000000000 --- a/krebs/6tests/deploy.nix +++ /dev/null @@ -1,106 +0,0 @@ -with import ; -import ({ ... }: - -let - pkgs = import { overlays = [(import ../5pkgs)]; }; - test-config = ; - privKey = '' - -----BEGIN OPENSSH PRIVATE KEY----- - b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW - QyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQAAAJBTNHK6UzRy - ugAAAAtzc2gtZWQyNTUxOQAAACD1tYD8r6Fcd7bq3Z0nvo5483nXQ8c4LFh0fcw8rOCQtQ - AAAECK2ZlEIofZyGbh7rXlUq5lUsUyotamtp9QrlvoS3qgePW1gPyvoVx3turdnSe+jnjz - eddDxzgsWHR9zDys4JC1AAAACWxhc3NAbW9ycwECAwQ= - -----END OPENSSH PRIVATE KEY----- - ''; - pubKey = '' - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPW1gPyvoVx3turdnSe+jnjzeddDxzgsWHR9zDys4JC1 - ''; - - ssh-config = pkgs.writeText "ssh-config" '' - Host server - StrictHostKeyChecking no - UserKnownHostsFile=/dev/null - ''; - - populate-source = { - nixos-config = { - symlink.target = test-config; - type = "symlink"; - }; - nixpkgs = { - symlink.target = ; - type = "symlink"; - }; - stockholm = { - symlink.target = ; - type = "symlink"; - }; - }; - - test-deploy = pkgs.writeDash "test-deploy" '' - cd ${} - export NIX_PATH=stockholm=${}:nixpkgs=${}:$NIX_PATH - exec >&2 - source=${pkgs.writeJSON "source.json" populate-source} - LOGNAME=krebs ${pkgs.populate}/bin/populate --force root@server:22/var/src/ < "$source" - # TODO: make deploy work - #LOGNAME=krebs ${pkgs.stockholm}/bin/deploy \ - # --force-populate \ - # --source=${./data/test-source.nix} \ - # --system=server \ - ''; - minimalSystem = (import { - modules = [ - test-config - ]; - }).config.system.build.toplevel; - -in { - name = "deploy"; - - nodes = { - - server = - { config, pkgs, ... }: - - { - imports = [ test-config ]; - environment.variables = { - NIX_PATH = mkForce "nixpkgs=${}"; - }; - services.openssh.enable = true; - users.extraUsers.root.openssh.authorizedKeys.keys = [ - pubKey - ]; - virtualisation.pathsInNixDB = [ - minimalSystem - ]; - environment.systemPackages = [ pkgs.git ]; - }; - - client = - { config, pkgs, ... }: - { }; - }; - - testScript = '' - startAll; - - $server->waitForUnit("sshd"); - - $client->succeed("mkdir -p -m 700 /root/.ssh"); - $client->succeed("echo '${privKey}' > /root/.ssh/id_ed25519"); - $client->succeed("cp ${ssh-config} /root/.ssh/config"); - $client->succeed("chmod 600 /root/.ssh/id_ed25519"); - - $server->waitForUnit("network.target"); - $server->succeed("ip route show 1>&2"); - $client->waitForUnit("network.target"); - $client->succeed("${test-deploy}"); - $server->succeed("nixos-rebuild -I /var/src switch"); - - $client->shutdown; - $server->shutdown; - ''; -}) diff --git a/krebs/kops.nix b/krebs/kops.nix index abd60ee5a..561b017b9 100644 --- a/krebs/kops.nix +++ b/krebs/kops.nix @@ -38,7 +38,7 @@ secrets = if test then { - file = toString ; + file = toString ; } else { pass = { diff --git a/krebs/source.nix b/krebs/source.nix index 3ee12b37f..49f464f61 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -14,7 +14,7 @@ in { nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; secrets = getAttr builder { - buildbot.file = toString ; + buildbot.file = toString ; krebs.pass = { dir = "${getEnv "HOME"}/brain"; name = "krebs-secrets/${name}"; diff --git a/makefu/0tests/data/secrets/auth.nix b/makefu/0tests/data/secrets/auth.nix new file mode 100644 index 000000000..92d5c34a8 --- /dev/null +++ b/makefu/0tests/data/secrets/auth.nix @@ -0,0 +1,3 @@ +{ + user = "password"; +} diff --git a/makefu/0tests/data/secrets/bepasty-secret.nix b/makefu/0tests/data/secrets/bepasty-secret.nix new file mode 100644 index 000000000..f5e704702 --- /dev/null +++ b/makefu/0tests/data/secrets/bepasty-secret.nix @@ -0,0 +1 @@ +"derp" diff --git a/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname b/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname new file mode 100644 index 000000000..2ae3807f1 --- /dev/null +++ b/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname @@ -0,0 +1 @@ +dickbutt2342.onion diff --git a/makefu/0tests/data/secrets/daemon-pw b/makefu/0tests/data/secrets/daemon-pw new file mode 100644 index 000000000..e16c76dff --- /dev/null +++ b/makefu/0tests/data/secrets/daemon-pw @@ -0,0 +1 @@ +"" diff --git a/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix b/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix @@ -0,0 +1 @@ +{} diff --git a/makefu/0tests/data/secrets/extra-hosts.nix b/makefu/0tests/data/secrets/extra-hosts.nix new file mode 100644 index 000000000..e16c76dff --- /dev/null +++ b/makefu/0tests/data/secrets/extra-hosts.nix @@ -0,0 +1 @@ +"" diff --git a/makefu/0tests/data/secrets/grafana_security.nix b/makefu/0tests/data/secrets/grafana_security.nix new file mode 100644 index 000000000..f9096b7cf --- /dev/null +++ b/makefu/0tests/data/secrets/grafana_security.nix @@ -0,0 +1,5 @@ +{ + adminUser = "dick"; + adminPassword = "butt"; +} + diff --git a/makefu/0tests/data/secrets/hashedPasswords.nix b/makefu/0tests/data/secrets/hashedPasswords.nix new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/makefu/0tests/data/secrets/hashedPasswords.nix @@ -0,0 +1 @@ +{} diff --git a/makefu/0tests/data/secrets/iodinepw.nix b/makefu/0tests/data/secrets/iodinepw.nix new file mode 100644 index 000000000..f5e704702 --- /dev/null +++ b/makefu/0tests/data/secrets/iodinepw.nix @@ -0,0 +1 @@ +"derp" diff --git a/makefu/0tests/data/secrets/kibana-auth.nix b/makefu/0tests/data/secrets/kibana-auth.nix new file mode 100644 index 000000000..80e8f44c1 --- /dev/null +++ b/makefu/0tests/data/secrets/kibana-auth.nix @@ -0,0 +1,4 @@ +{ + "dick" = "butt"; +} + diff --git a/makefu/0tests/data/secrets/nsupdate-data.nix b/makefu/0tests/data/secrets/nsupdate-data.nix new file mode 100644 index 000000000..e76c0e87e --- /dev/null +++ b/makefu/0tests/data/secrets/nsupdate-data.nix @@ -0,0 +1 @@ +{ "lol" = "wut"; } diff --git a/makefu/0tests/data/secrets/nsupdate-search.nix b/makefu/0tests/data/secrets/nsupdate-search.nix new file mode 100644 index 000000000..a9646aeb7 --- /dev/null +++ b/makefu/0tests/data/secrets/nsupdate-search.nix @@ -0,0 +1,3 @@ +{ + "dick.nsupdate.info" = "butt"; +} diff --git a/makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv b/makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/retiolum.rsa_key.priv b/makefu/0tests/data/secrets/retiolum.rsa_key.priv new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/retiolum.rsa_key.pub b/makefu/0tests/data/secrets/retiolum.rsa_key.pub new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/sambacred b/makefu/0tests/data/secrets/sambacred new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix b/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix new file mode 100644 index 000000000..963e6db8b --- /dev/null +++ b/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix @@ -0,0 +1 @@ +"lol" diff --git a/makefu/0tests/data/secrets/ssh.id_ed25519 b/makefu/0tests/data/secrets/ssh.id_ed25519 new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/ssh.makefu.id_rsa b/makefu/0tests/data/secrets/ssh.makefu.id_rsa new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub b/makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/ssh_host_ed25519_key b/makefu/0tests/data/secrets/ssh_host_ed25519_key new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/ssh_host_rsa_key b/makefu/0tests/data/secrets/ssh_host_rsa_key new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/tinc.krebsco.de.crt b/makefu/0tests/data/secrets/tinc.krebsco.de.crt new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/tinc.krebsco.de.key b/makefu/0tests/data/secrets/tinc.krebsco.de.key new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/tw-pass.ini b/makefu/0tests/data/secrets/tw-pass.ini new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/wildcard.krebsco.de.crt b/makefu/0tests/data/secrets/wildcard.krebsco.de.crt new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/0tests/data/secrets/wildcard.krebsco.de.key b/makefu/0tests/data/secrets/wildcard.krebsco.de.key new file mode 100644 index 000000000..e69de29bb diff --git a/makefu/6tests/data/secrets/auth.nix b/makefu/6tests/data/secrets/auth.nix deleted file mode 100644 index 92d5c34a8..000000000 --- a/makefu/6tests/data/secrets/auth.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - user = "password"; -} diff --git a/makefu/6tests/data/secrets/bepasty-secret.nix b/makefu/6tests/data/secrets/bepasty-secret.nix deleted file mode 100644 index f5e704702..000000000 --- a/makefu/6tests/data/secrets/bepasty-secret.nix +++ /dev/null @@ -1 +0,0 @@ -"derp" diff --git a/makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname b/makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname deleted file mode 100644 index 2ae3807f1..000000000 --- a/makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname +++ /dev/null @@ -1 +0,0 @@ -dickbutt2342.onion diff --git a/makefu/6tests/data/secrets/daemon-pw b/makefu/6tests/data/secrets/daemon-pw deleted file mode 100644 index e16c76dff..000000000 --- a/makefu/6tests/data/secrets/daemon-pw +++ /dev/null @@ -1 +0,0 @@ -"" diff --git a/makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix b/makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/6tests/data/secrets/extra-hosts.nix b/makefu/6tests/data/secrets/extra-hosts.nix deleted file mode 100644 index e16c76dff..000000000 --- a/makefu/6tests/data/secrets/extra-hosts.nix +++ /dev/null @@ -1 +0,0 @@ -"" diff --git a/makefu/6tests/data/secrets/grafana_security.nix b/makefu/6tests/data/secrets/grafana_security.nix deleted file mode 100644 index f9096b7cf..000000000 --- a/makefu/6tests/data/secrets/grafana_security.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - adminUser = "dick"; - adminPassword = "butt"; -} - diff --git a/makefu/6tests/data/secrets/hashedPasswords.nix b/makefu/6tests/data/secrets/hashedPasswords.nix deleted file mode 100644 index 0967ef424..000000000 ---