From e97a29678c097a9ea43bac340bec3fd3226001b5 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 31 Aug 2021 19:48:19 +0200 Subject: tv elm-package-proxy: add search.json --- tv/2configs/elm-packages-proxy.nix | 75 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix index 097d706c6..265289bbf 100644 --- a/tv/2configs/elm-packages-proxy.nix +++ b/tv/2configs/elm-packages-proxy.nix @@ -60,6 +60,11 @@ in { proxy_pass $new_uri; ''; + + locations."/search.json".extraConfig = '' + proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port}; + proxy_pass_header Server; + ''; }; krebs.htgen.elm-packages-proxy = { @@ -245,6 +250,76 @@ in { } | jq -cs add > $response + file_response 200 OK "$response" 'application/json; charset=UTF-8' + exit + ;; + 'GET /search.json') + + searchjson=$HOME/cache/search.json + mkdir -p "$HOME/cache" + + # update cached search.json + ( + last_modified=$( + if test -f "$searchjson"; then + date -Rr "$searchjson" + else + date -R -d @0 + fi + ) + tempsearchjson=$(mktemp "$searchjson.XXXXXXXX") + trap 'rm "$tempsearchjson" >&2' EXIT + curl -fsS --compressed https://package.elm-lang.org/search.json \ + -H "If-Modified-Since: $last_modified" \ + -o "$tempsearchjson" + if test -s "$tempsearchjson"; then + mv "$tempsearchjson" "$searchjson" + trap - EXIT + fi + ) + + response=$(mktemp -t htgen.$$.elm-packages-proxy.search.XXXXXXXX) + trap 'rm "$response" >&2' EXIT + + { + printf '{"upstream":'; cat "$searchjson" + printf ',"private":'; (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) | + jq -Rs ' + split("\n") | + map( + select(.!="") | + match("^\\./(?[^/]+)/(?[^/]+)/(?[^/]+)$").captures | + map({key:.name,value:.string}) | + from_entries + ) | + map({ + key: "\(.author)/\(.pname)", + value: .version, + }) | + from_entries + ' + printf '}' + } | + jq -c ' + reduce .upstream[] as $upstreamItem ({ private, output: [] }; + .private[$upstreamItem.name] as $privateItem | + if $privateItem then + .output += [$upstreamItem * { version: $privateItem.version }] | + .private |= del(.[$upstreamItem.name]) + else + .output += [$upstreamItem] + end + ) | + + .output + (.private | to_entries | sort_by(.key) | map({ + name: .key, + version: .value, + summary: "dummy summary", + license: "dummy license", + })) + ' \ + > $response + file_response 200 OK "$response" 'application/json; charset=UTF-8' exit ;; -- cgit v1.2.3 From 20e358043546482acfa8c6134f095c1a64ef144d Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 31 Aug 2021 20:06:03 +0200 Subject: tv elm-package-proxy: add DELETE --- tv/2configs/elm-packages-proxy.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix index 265289bbf..1df8c7b70 100644 --- a/tv/2configs/elm-packages-proxy.nix +++ b/tv/2configs/elm-packages-proxy.nix @@ -197,6 +197,36 @@ in { exit ;; + 'DELETE /packages/'*) + + author=$req_x_author + pname=$req_x_package + user=$req_x_user + version=$req_x_version + + zipball=${cfg.packageDir}/$author/$pname/$version/zipball + elmjson=$HOME/cache/$author%2F$pname%2F$version%2Felm.json + endpointjson=$HOME/cache/$author%2F$pname%2F$version%2Fendpoint.json + + if test -e "$zipball"; then + zipball_owner=$(attr -q -g X-User "$zipball" || :) + if test "$zipball_owner" = "$req_x_user"; then + echo "user $user is deleting package $author/$pname@$version" >&2 + rm -f "$elmjson" + rm -f "$endpointjson" + rm "$zipball" + string_response 200 OK \ + "package deleted: $author/$pname@$version" \ + text/plain + exit + else + string_response 403 Forbidden \ + "package already exists: $author/$pname@$version" \ + text/plain + exit + fi + fi + ;; 'GET /all-packages'|'POST /all-packages') response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX) -- cgit v1.2.3 From 63b933cfbe3ab48c2ba89b13e436a1a667b533c7 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 28 Sep 2021 23:07:37 +0200 Subject: tv gitrepos: add ircaids --- tv/2configs/gitrepos.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix index 1586f3b33..2b8457e40 100644 --- a/tv/2configs/gitrepos.nix +++ b/tv/2configs/gitrepos.nix @@ -83,6 +83,9 @@ let { htgen = { cgit.desc = "toy HTTP server"; }; + ircaids = { + cgit.desc = "Assortment of aids for working with Internet relay chat"; + }; krops = { cgit.desc = "deployment tools"; }; -- cgit v1.2.3 From 72d5a050e11ee59604ae8d165b3a284d2799e7e2 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Oct 2021 22:59:35 +0200 Subject: ircaids: init at 1.0.0 --- krebs/5pkgs/simple/ircaids.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 krebs/5pkgs/simple/ircaids.nix diff --git a/krebs/5pkgs/simple/ircaids.nix b/krebs/5pkgs/simple/ircaids.nix new file mode 100644 index 000000000..566346cc9 --- /dev/null +++ b/krebs/5pkgs/simple/ircaids.nix @@ -0,0 +1,32 @@ +{ lib, pkgs, stdenv }: + +stdenv.mkDerivation rec { + pname = "ircaids"; + version = "1.0.0"; + + src = pkgs.fetchgit { + url = "https://cgit.krebsco.de/ircaids"; + rev = "refs/tags/${version}"; + sha256 = "13z9pc9vq2xq2qpavwmh7fvzvvjkc495ssxsh8cs044qflvj54b2"; + }; + + buildPhase = null; + + installPhase = '' + mkdir -p $out/bin + + cp $src/bin/ircsink $out/bin/ircsink + sed -i ' + s;^#! /bin/sh;#! ${pkgs.dash}/bin/dash; + s;^#!.*;&\nexport PATH=${lib.makeBinPath [ + pkgs.coreutils + pkgs.gawk + pkgs.gnused + pkgs.netcat + pkgs.nettools + pkgs.openssl + pkgs.utillinux + ]}; + ' $out/bin/ircsink + ''; +} -- cgit v1.2.3 From 1b65517b444daa190a9cb80ea85a85d49bd0d394 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 5 Oct 2021 23:09:44 +0200 Subject: irc-announce: use ircaids --- krebs/5pkgs/simple/irc-announce/default.nix | 74 +++++------------------------ 1 file changed, 11 insertions(+), 63 deletions(-) diff --git a/krebs/5pkgs/simple/irc-announce/default.nix b/krebs/5pkgs/simple/irc-announce/default.nix index 5797b3667..7b2af0307 100644 --- a/krebs/5pkgs/simple/irc-announce/default.nix +++ b/krebs/5pkgs/simple/irc-announce/default.nix @@ -1,18 +1,8 @@ { pkgs, lib, ... }: -with lib; - pkgs.writeDashBin "irc-announce" '' set -euf - export PATH=${makeSearchPath "bin" (with pkgs; [ - coreutils - gawk - gnused - netcat - nettools - ])} - IRC_SERVER=$1 IRC_PORT=$2 IRC_NICK=$3_$$ @@ -20,57 +10,15 @@ pkgs.writeDashBin "irc-announce" '' IRC_TLS=$5 message=$6 - export IRC_CHANNEL # for privmsg_cat - - # echo2 and cat2 are used output to both, stdout and stderr - # This is used to see what we send to the irc server. (debug output) - echo2() { echo "$*"; echo "$*" >&2; } - cat2() { - awk '{ - print $0 - print $0 > "/dev/stderr" - }' - } - - # privmsg_cat transforms stdin to a privmsg - privmsg_cat() { awk '{ print "PRIVMSG "ENVIRON["IRC_CHANNEL"]" :"$0 }'; } - - tls_flag() { if [ "$IRC_TLS" -eq 1 ]; then echo "-c"; fi } - - # ircin is used to feed the output of netcat back to the "irc client" - # so we can implement expect-like behavior with sed^_^ - # XXX mkselfdestructingtmpfifo would be nice instead of this cruft - tmpdir=$(mktemp --tmpdir -d irc-announce_XXXXXXXX) - cd "$tmpdir" - mkfifo ircin - trap " - rm ircin - cd '$OLDPWD' - rmdir '$tmpdir' - trap - EXIT INT QUIT - " EXIT INT QUIT - - { - echo2 "USER $LOGNAME 0 * :$LOGNAME@$(hostname)" - echo2 "NICK $IRC_NICK" - - awk 'match($0, /PING(.*)/, m) {print "PONG", m[1]; exit}' - - # wait for MODE message - sed -n '/^:[^ ]* MODE /q' - - echo2 "JOIN $IRC_CHANNEL" - - printf '%s' "$message" \ - | privmsg_cat \ - | cat2 - - echo2 "PART $IRC_CHANNEL" - - # wait for PART confirmation - sed -n '/:'"$IRC_NICK"'![^ ]* PART /q' - - echo2 'QUIT :Gone to have lunch' - } < ircin \ - | nc $(tls_flag) "$IRC_SERVER" "$IRC_PORT" | tee -a ircin + if test "$IRC_TLS" != 1; then + unset IRC_TLS + fi + + printf %s "$message" | + ${pkgs.ircaids}/bin/ircsink \ + --nick="$IRC_NICK" \ + --port="$IRC_PORT" \ + --server="$IRC_SERVER" \ + --target="$IRC_CHANNEL" \ + ''${IRC_TLS:+--secure} '' -- cgit v1.2.3 From f05c7cb7fffe4cdc9d5d4af260770fcdaba6ba61 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 9 Oct 2021 18:47:32 +0200 Subject: nixpkgs: 6120ac5 -> ce7a119 --- krebs/nixpkgs.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index d0a011869..bf2808dce 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "6120ac5cd201f6cb593d1b80e861be0342495be9", - "date": "2021-09-18T21:31:09+02:00", - "path": "/nix/store/g1a0swq7h7b24g4vkn3wr3d8rwjazfmv-nixpkgs", - "sha256": "04mrjxr1qsdcgcryx7yy72cgcw14c0770gfcgzrdfpnvmjdgbi9i", + "rev": "ce7a1190a0fa4ba3465b5f5471b08567060ca14c", + "date": "2021-10-08T11:14:43-05:00", + "path": "/nix/store/y01vzcdhna8pjvy3w2bz7nc9zqyylxg3-nixpkgs", + "sha256": "1zr1s9gp0h5g4arlba1bpb9yqfaaby5195ydm6a2psaxhm748li9", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From bc8acddc12dc409836d45bd1d1847f51ffd06ff9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 9 Oct 2021 18:47:49 +0200 Subject: nixpkgs-unstable: 09cd65b -> 70088dc --- krebs/nixpkgs-unstable.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 6b5f8ec8f..e464cb568 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "09cd65b33c5653d7d2954fef4b9f0e718c899743", - "date": "2021-09-08T11:21:07-05:00", - "path": "/nix/store/h4hgs0aiaszmgqcwwhw7q10vqgvgbimf-nixpkgs", - "sha256": "1h696xv2wdl1859jcr0bmv0m0rfsq4vpc1vc0hg3msfsdnz0aixl", + "rev": "70088dc29994c32f8520150e34c6e57e8453f895", + "date": "2021-10-07T22:46:35+08:00", + "path": "/nix/store/f0i4rdi62kkwa95v7ap8fzxybrikqi01-nixpkgs", + "sha256": "08ldqfh2cmbvf930yq9pv220sv83k9shq183935l5d8p61fxh5zr", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From e4793149c011da50a4ff2b44fbe80aef83936d47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Sun, 10 Oct 2021 12:45:52 +0200 Subject: external: add bvg.kmein.r alias --- krebs/3modules/external/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index eff2967e0..025fb986a 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -263,6 +263,7 @@ in { "zaatar.r" "zaatar.kmein.r" "radio.kmein.r" + "bvg.kmein.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From 55bdc0f653b398d49c5c95d98da797b2b8d5393e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Oct 2021 15:35:52 +0200 Subject: l codimd: set domain and serve via ssl --- lass/2configs/codimd.nix | 39 ++++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix index d29a65210..070781a31 100644 --- a/lass/2configs/codimd.nix +++ b/lass/2configs/codimd.nix @@ -1,27 +1,44 @@ { config, pkgs, lib, ... }: with import ; -{ - services.nginx.virtualHosts.codimd = { +let + domain = "codi.lassul.us"; +in { + services.nginx.virtualHosts.${domain} = { enableACME = true; - addSSL = true; - serverName = "codi.lassul.us"; - locations."/".extraConfig = '' - client_max_body_size 4G; - proxy_set_header Host $host; - proxy_pass http://localhost:3091; - ''; + forceSSL = true; + locations."/" = { + proxyPass = "https://localhost:3091"; + proxyWebsockets = true; + }; + }; + + security.acme.certs.${domain}.group = "hedgecert"; + users.groups.hedgecert.members = [ "codimd" "nginx" ]; + + security.dhparams = { + enable = true; + params.hedgedoc = {}; }; services.hedgedoc = { enable = true; - configuration.allowOrigin = [ "*" ]; + configuration.allowOrigin = [ domain ]; configuration = { db = { dialect = "sqlite"; storage = "/var/lib/codimd/db.codimd.sqlite"; - useCDN = false; }; + useCDN = false; port = 3091; + domain = domain; + allowFreeURL = true; + + useSSL = true; + protocolUseSSL = true; + sslCAPath = [ "/etc/ssl/certs/ca-certificates.crt" ]; + sslCertPath = "/var/lib/acme/${domain}/cert.pem"; + sslKeyPath = "/var/lib/acme/${domain}/key.pem"; + dhParamPath = config.security.dhparams.params.hedgedoc.path; }; }; } -- cgit v1.2.3 From 780a04e991c46a111c38281fced75f9c38e972f8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Oct 2021 20:07:54 +0200 Subject: ircaids: move to dir --- krebs/5pkgs/simple/ircaids.nix | 32 -------------------------------- krebs/5pkgs/simple/ircaids/default.nix | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 32 deletions(-) delete mode 100644 krebs/5pkgs/simple/ircaids.nix create mode 100644 krebs/5pkgs/simple/ircaids/default.nix diff --git a/krebs/5pkgs/simple/ircaids.nix b/krebs/5pkgs/simple/ircaids.nix deleted file mode 100644 index 566346cc9..000000000 --- a/krebs/5pkgs/simple/ircaids.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ lib, pkgs, stdenv }: - -stdenv.mkDerivation rec { - pname = "ircaids"; - version = "1.0.0"; - - src = pkgs.fetchgit { - url = "https://cgit.krebsco.de/ircaids"; - rev = "refs/tags/${version}"; - sha256 = "13z9pc9vq2xq2qpavwmh7fvzvvjkc495ssxsh8cs044qflvj54b2"; - }; - - buildPhase = null; - - installPhase = '' - mkdir -p $out/bin - - cp $src/bin/ircsink $out/bin/ircsink - sed -i ' - s;^#! /bin/sh;#! ${pkgs.dash}/bin/dash; - s;^#!.*;&\nexport PATH=${lib.makeBinPath [ - pkgs.coreutils - pkgs.gawk - pkgs.gnused - pkgs.netcat - pkgs.nettools - pkgs.openssl - pkgs.utillinux - ]}; - ' $out/bin/ircsink - ''; -} diff --git a/krebs/5pkgs/simple/ircaids/default.nix b/krebs/5pkgs/simple/ircaids/default.nix new file mode 100644 index 000000000..566346cc9 --- /dev/null +++ b/krebs/5pkgs/simple/ircaids/default.nix @@ -0,0 +1,32 @@ +{ lib, pkgs, stdenv }: + +stdenv.mkDerivation rec { + pname = "ircaids"; + version = "1.0.0"; + + src = pkgs.fetchgit { + url = "https://cgit.krebsco.de/ircaids"; + rev = "refs/tags/${version}"; + sha256 = "13z9pc9vq2xq2qpavwmh7fvzvvjkc495ssxsh8cs044qflvj54b2"; + }; + + buildPhase = null; + + installPhase = '' + mkdir -p $out/bin + + cp $src/bin/ircsink $out/bin/ircsink + sed -i ' + s;^#! /bin/sh;#! ${pkgs.dash}/bin/dash; + s;^#!.*;&\nexport PATH=${lib.makeBinPath [ + pkgs.coreutils + pkgs.gawk + pkgs.gnused + pkgs.netcat + pkgs.nettools + pkgs.openssl + pkgs.utillinux + ]}; + ' $out/bin/ircsink + ''; +} -- cgit v1.2.3 From 77c3aab5b860a952e9d83db56aefe23ee04ccebc Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Oct 2021 19:36:09 +0200 Subject: pkgs: use relative stockholm.lib --- krebs/5pkgs/default.nix | 3 +-- krebs/5pkgs/haskell/blessings.nix | 5 +++-- krebs/5pkgs/haskell/default.nix | 5 +++-- krebs/5pkgs/haskell/email-header.nix | 8 +++++--- krebs/5pkgs/override/default.nix | 1 - krebs/5pkgs/simple/bling/default.nix | 5 ++--- krebs/5pkgs/simple/cgit-clear-cache.nix | 6 ++---- krebs/5pkgs/simple/default.nix | 15 +++++++-------- krebs/5pkgs/simple/eximlog.nix | 4 ++-- krebs/5pkgs/simple/flameshot-once/default.nix | 4 ++-- krebs/5pkgs/simple/flameshot-once/profile.nix | 2 +- krebs/5pkgs/simple/fzfmenu/default.nix | 4 ++-- krebs/5pkgs/simple/git-hooks/default.nix | 4 ++-- krebs/5pkgs/simple/htgen-cyberlocker/default.nix | 5 +++-- krebs/5pkgs/simple/htgen-imgur/default.nix | 7 +++---- krebs/5pkgs/simple/logf/default.nix | 2 -- krebs/5pkgs/simple/netcup/default.nix | 5 +++-- krebs/5pkgs/simple/reaktor2-plugins.nix | 4 ++-- krebs/5pkgs/simple/urix.nix | 5 ++--- krebs/5pkgs/simple/withGetopt.nix | 4 ++-- krebs/5pkgs/test/default.nix | 2 -- 21 files changed, 47 insertions(+), 53 deletions(-) diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index c077bf4d7..f302bb76b 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,5 +1,4 @@ -with import ; - +with import ../../lib; self: super: # Import files and subdirectories like they are overlays. diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix index b0e81fdc1..00299ca68 100644 --- a/krebs/5pkgs/haskell/blessings.nix +++ b/krebs/5pkgs/haskell/blessings.nix @@ -1,6 +1,7 @@ -with import ; -{ mkDerivation, base, fetchgit, hspec, QuickCheck, stdenv, text }: let +{ mkDerivation, base, fetchgit, hspec, QuickCheck, stdenv, stockholm, text }: +with stockholm.lib; +let cfg = { "18.03" = { version = "1.1.0"; diff --git a/krebs/5pkgs/haskell/default.nix b/krebs/5pkgs/haskell/default.nix index e824699f9..98cbcb3b9 100644 --- a/krebs/5pkgs/haskell/default.nix +++ b/krebs/5pkgs/haskell/default.nix @@ -1,8 +1,9 @@ -with import ; +self: super: +with self.stockholm.lib; + let overrides = self: super: mapNixDir (path: self.callPackage path {}) ./.; in -self: super: { haskell = super.haskell // { packages = mapAttrs (name: value: diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix index 94b33e28b..ccc32c09b 100644 --- a/krebs/5pkgs/haskell/email-header.nix +++ b/krebs/5pkgs/haskell/email-header.nix @@ -1,8 +1,10 @@ -with import ; { mkDerivation, attoparsec, base, base64-bytestring, bytestring , case-insensitive, containers, exceptions, fetchgit, QuickCheck -, stdenv, tasty, tasty-quickcheck, text, text-icu, time -}: let +, stdenv, stockholm, tasty, tasty-quickcheck, text, text-icu, time +}: +with stockholm.lib; + +let cfg = { "18.03" = { diff --git a/krebs/5pkgs/override/default.nix b/krebs/5pkgs/override/default.nix index c2149ae55..2291132ba 100644 --- a/krebs/5pkgs/override/default.nix +++ b/krebs/5pkgs/override/default.nix @@ -1,4 +1,3 @@ -with import ; self: super: { bitlbee-facebook = super.bitlbee-facebook.overrideAttrs (old: { diff --git a/krebs/5pkgs/simple/bling/default.nix b/krebs/5pkgs/simple/bling/default.nix index 8d6207f65..1c8610325 100644 --- a/krebs/5pkgs/simple/bling/default.nix +++ b/krebs/5pkgs/simple/bling/default.nix @@ -1,6 +1,5 @@ -{ imagemagick, runCommand, ... }: - -with import ; +{ imagemagick, runCommand, stockholm, ... }: +with stockholm.lib; let krebs-v2 = [ diff --git a/krebs/5pkgs/simple/cgit-clear-cache.nix b/krebs/5pkgs/simple/cgit-clear-cache.nix index 28402c39c..31a2eccb3 100644 --- a/krebs/5pkgs/simple/cgit-clear-cache.nix +++ b/krebs/5pkgs/simple/cgit-clear-cache.nix @@ -1,8 +1,6 @@ -with import ; - -{ cache-root ? "/tmp/cgit", findutils, writeDashBin }: +{ cache-root ? "/tmp/cgit", findutils, stockholm, writeDashBin }: writeDashBin "cgit-clear-cache" '' set -efu - ${findutils}/bin/find ${shell.escape cache-root} -type f -delete + ${findutils}/bin/find ${stockholm.lib.shell.escape cache-root} -type f -delete '' diff --git a/krebs/5pkgs/simple/default.nix b/krebs/5pkgs/simple/default.nix index 6ba4fec83..10458001e 100644 --- a/krebs/5pkgs/simple/default.nix +++ b/krebs/5pkgs/simple/default.nix @@ -1,18 +1,17 @@ -with import ; - self: super: let # This callPackage will try to detect obsolete overrides. + lib = import ../../../lib; callPackage = path: args: let override = self.callPackage path args; - upstream = optionalAttrs (override ? "name") - (super.${(parseDrvName override.name).name} or {}); + upstream = lib.optionalAttrs (override ? "name") + (super.${(lib.parseDrvName override.name).name} or {}); in if upstream ? "name" && override ? "name" && - compareVersions upstream.name override.name != -1 - then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override + lib.compareVersions upstream.name override.name != -1 + then lib.trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override else override; in - - mapNixDir (path: callPackage path {}) ./. + { stockholm.lib = lib; } // + lib.mapNixDir (path: callPackage path {}) ./. diff --git a/krebs/5pkgs/simple/eximlog.nix b/krebs/5pkgs/simple/eximlog.nix index 2d64e13e9..9e5ae8d63 100644 --- a/krebs/5pkgs/simple/eximlog.nix +++ b/krebs/5pkgs/simple/eximlog.nix @@ -1,7 +1,7 @@ -{ jq, systemd, writeDashBin }: +{ jq, stockholm, systemd, writeDashBin }: let - lib = import ; + lib = stockholm.lib; user = "exim"; # TODO make this configurable in diff --git a/krebs/5pkgs/simple/flameshot-once/default.nix b/krebs/5pkgs/simple/flameshot-once/default.nix index 20c709fb5..0524c2cfa 100644 --- a/krebs/5pkgs/simple/flameshot-once/default.nix +++ b/krebs/5pkgs/simple/flameshot-once/default.nix @@ -1,5 +1,5 @@ -with import ; -{ pkgs, ... }@args: +{ pkgs, stockholm, ... }@args: +with stockholm.lib; let # config cannot be declared in the input attribute set because that would diff --git a/krebs/5pkgs/simple/flameshot-once/profile.nix b/krebs/5pkgs/simple/flameshot-once/profile.nix index 8aacbfa42..991b46118 100644 --- a/krebs/5pkgs/simple/flameshot-once/profile.nix +++ b/krebs/5pkgs/simple/flameshot-once/profile.nix @@ -1,5 +1,5 @@ -with import ; { config, pkgs }: +with pkgs.stockholm.lib; let # Refs https://github.com/lupoDharkael/flameshot/blob/master/src/widgets/capture/capturebutton.h diff --git a/krebs/5pkgs/simple/fzfmenu/default.nix b/krebs/5pkgs/simple/fzfmenu/default.nix index 537b90f42..f208f6a3e 100644 --- a/krebs/5pkgs/simple/fzfmenu/default.nix +++ b/krebs/5pkgs/simple/fzfmenu/default.nix @@ -1,5 +1,5 @@ -with import ; -{ pkgs, ... }@args: +{ pkgs, stockholm, ... }@args: +with stockholm.lib; let # config cannot be declared in the input attribute set because that would diff --git a/krebs/5pkgs/simple/git-hooks/default.nix b/krebs/5pkgs/simple/git-hooks/default.nix index acf34ad69..00a593be3 100644 --- a/krebs/5pkgs/simple/git-hooks/default.nix +++ b/krebs/5pkgs/simple/git-hooks/default.nix @@ -1,6 +1,6 @@ -{ pkgs, ... }: +{ pkgs, stockholm, ... }: -with import ; +with stockholm.lib; { # TODO irc-announce should return a derivation diff --git a/krebs/5pkgs/simple/htgen-cyberlocker/default.nix b/krebs/5pkgs/simple/htgen-cyberlocker/default.nix index 515ea3cf9..c7d7ebfd8 100644 --- a/krebs/5pkgs/simple/htgen-cyberlocker/default.nix +++ b/krebs/5pkgs/simple/htgen-cyberlocker/default.nix @@ -1,5 +1,6 @@ -with import ; -{ pkgs, stdenv }: +{ pkgs, stockholm, stdenv }: +with stockholm.lib; + stdenv.mkDerivation rec { pname = "htgen-cyberlocker"; version = "1.0.0"; diff --git a/krebs/5pkgs/simple/htgen-imgur/default.nix b/krebs/5pkgs/simple/htgen-imgur/default.nix index fe0b2ab04..f429ff7a6 100644 --- a/krebs/5pkgs/simple/htgen-imgur/default.nix +++ b/krebs/5pkgs/simple/htgen-imgur/default.nix @@ -1,5 +1,4 @@ -with import ; -{ attr, coreutils, exiv2, findutils, gnugrep, jq, nix, utillinux, stdenv }: +{ attr, coreutils, exiv2, findutils, gnugrep, jq, nix, stockholm, utillinux, stdenv }: stdenv.mkDerivation rec { pname = "htgen-imgur"; version = "1.0.0"; @@ -9,7 +8,7 @@ stdenv.mkDerivation rec { buildPhase = '' ( exec > htgen-imgur - echo PATH=${makeBinPath [ + echo PATH=${stockholm.lib.makeBinPath [ attr coreutils exiv2 @@ -18,7 +17,7 @@ stdenv.mkDerivation rec { jq nix utillinux ]} - echo STATEDIR=${shell.escape "\${STATEDIR-$HOME}"} + echo STATEDIR=${stockholm.lib.shell.escape "\${STATEDIR-$HOME}"} cat $src/htgen-imgur ) ''; diff --git a/krebs/5pkgs/simple/logf/default.nix b/krebs/5pkgs/simple/logf/default.nix index ac95acb33..36a7fed2f 100644 --- a/krebs/5pkgs/simple/logf/default.nix +++ b/krebs/5pkgs/simple/logf/default.nix @@ -1,7 +1,5 @@ { lib, pkgs, ... }: -with import ; - let default-host-colors = pkgs.writeJSON "logf.default-host-colors.json" { }; diff --git a/krebs/5pkgs/simple/netcup/default.nix b/krebs/5pkgs/simple/netcup/default.nix index d1f46299d..408672eff 100644 --- a/krebs/5pkgs/simple/netcup/default.nix +++ b/krebs/5pkgs/simple/netcup/default.nix @@ -1,5 +1,6 @@ -{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, w3m, ... }: -with import ; +{ coreutils, curl, fetchgit, gawk, gnugrep, gnused, jq, stdenv, stockholm, w3m, ... }: +with stockholm.lib; + let readJSON = path: fromJSON (readFile path); sed.escape = replaceChars ["/"] ["\\/"]; # close enough diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix index 4cd9e7d89..e23b14a23 100644 --- a/krebs/5pkgs/simple/reaktor2-plugins.nix +++ b/krebs/5pkgs/simple/reaktor2-plugins.nix @@ -1,5 +1,5 @@ -with import ; -{ lib, pkgs, ... }: +{ lib, pkgs, stockholm, ... }: +with stockholm.lib; rec { generators = { diff --git a/krebs/5pkgs/simple/urix.nix b/krebs/5pkgs/simple/urix.nix index c0db8c975..73ea3e665 100644 --- a/krebs/5pkgs/simple/urix.nix +++ b/krebs/5pkgs/simple/urix.nix @@ -1,5 +1,4 @@ -let lib = import ; in -{ pkgs }: +{ pkgs, stockholm }: # urix - URI eXtractor # Extract all the URIs from standard input and write them to standard output! @@ -10,6 +9,6 @@ pkgs.execBin "urix" { argv = [ "urix" "-Eo" - "\\b${lib.uri.posix-extended-regex}\\b" + "\\b${stockholm.lib.uri.posix-extended-regex}\\b" ]; } diff --git a/krebs/5pkgs/simple/withGetopt.nix b/krebs/5pkgs/simple/withGetopt.nix index d20802fb2..7f17a5934 100644 --- a/krebs/5pkgs/simple/withGetopt.nix +++ b/krebs/5pkgs/simple/withGetopt.nix @@ -1,5 +1,5 @@ -with import ; -{ coreutils, quote, utillinux, writeDash }: +{ coreutils, quote, stockholm, utillinux, writeDash }: +with stockholm.lib; opt-spec: cmd-spec: let diff --git a/krebs/5pkgs/test/default.nix b/krebs/5pkgs/test/default.nix index 5ee8f913b..713d4673c 100644 --- a/krebs/5pkgs/test/default.nix +++ b/krebs/5pkgs/test/default.nix @@ -1,5 +1,3 @@ -with import ; - self: super: { -- cgit v1.2.3 From be5f4833fe1dc3ec4acb24eeb5a6670c2aaef2e0 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Oct 2021 22:08:07 +0200 Subject: pkgs: import relative stockholm lib only once New overlay code in inspired by . --- krebs/5pkgs/default.nix | 30 ++++++++++++++++++------------ krebs/5pkgs/simple/default.nix | 5 ++--- krebs/default.nix | 2 +- 3 files changed, 21 insertions(+), 16 deletions(-) diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index f302bb76b..f9ed6439c 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -1,17 +1,23 @@ -with import ../../lib; +let + stockholm.lib = import ../../lib; +in +with stockholm.lib; self: super: - -# Import files and subdirectories like they are overlays. -foldl' mergeAttrs {} +fix (foldl' (flip extends) (self: super) ( + [ + (self: super: { inherit stockholm; }) + ] + ++ (map - (name: import (./. + "/${name}") self super) + (name: import (./. + "/${name}")) (filter (name: name != "default.nix" && !hasPrefix "." name) (attrNames (readDir ./.)))) - -// - -{ - brockman = self.haskellPackages.brockman; - reaktor2 = self.haskellPackages.reaktor2; -} + ++ + [ + (self: super: { + brockman = self.haskellPackages.brockman; + reaktor2 = self.haskellPackages.reaktor2; + }) + ] +)) diff --git a/krebs/5pkgs/simple/default.nix b/krebs/5pkgs/simple/default.nix index 10458001e..76ad6ff10 100644 --- a/krebs/5pkgs/simple/default.nix +++ b/krebs/5pkgs/simple/default.nix @@ -2,7 +2,7 @@ self: super: let # This callPackage will try to detect obsolete overrides. - lib = import ../../../lib; + lib = super.stockholm.lib; callPackage = path: args: let override = self.callPackage path args; upstream = lib.optionalAttrs (override ? "name") @@ -13,5 +13,4 @@ let then lib.trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override else override; in - { stockholm.lib = lib; } // - lib.mapNixDir (path: callPackage path {}) ./. + lib.mapNixDir (path: callPackage path {}) ./. diff --git a/krebs/default.nix b/krebs/default.nix index 7ec791529..577cc269e 100644 --- a/krebs/default.nix +++ b/krebs/default.nix @@ -6,8 +6,8 @@ nixpkgs = { overlays = [ - (import ./5pkgs) (import ../submodules/nix-writers/pkgs) + (import ./5pkgs) ]; }; -- cgit v1.2.3 From 411cb36608f1e408b18ffff33ad30fc55775e2c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Tue, 12 Oct 2021 22:08:43 +0200 Subject: external: add names.kmein.r alias --- krebs/3modules/external/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 025fb986a..982516e5d 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -150,6 +150,7 @@ in { "makanek.r" "makanek.kmein.r" "grafana.kmein.r" + "names.kmein.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From a9bba92e0e2e63af4ef470327d30d1e873af53eb Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Oct 2021 22:51:26 +0200 Subject: krebs: stdenv.lib -> lib --- krebs/5pkgs/haskell/X11-aeson.nix | 4 ++-- krebs/5pkgs/haskell/blessings.nix | 4 ++-- krebs/5pkgs/haskell/brockman/default.nix | 4 ++-- krebs/5pkgs/haskell/email-header.nix | 4 ++-- krebs/5pkgs/haskell/hack.nix | 5 ++--- krebs/5pkgs/haskell/kirk.nix | 7 ++++--- krebs/5pkgs/haskell/much.nix | 8 ++++---- krebs/5pkgs/haskell/news.nix | 4 ++-- krebs/5pkgs/haskell/reaktor2/default.nix | 4 ++-- krebs/5pkgs/haskell/recht.nix | 4 ++-- krebs/5pkgs/haskell/scanner.nix | 4 ++-- krebs/5pkgs/haskell/xmonad-aeson.nix | 4 ++-- krebs/5pkgs/haskell/xmonad-stockholm.nix | 4 ++-- krebs/5pkgs/simple/buildbot-classic/sqlparse.nix | 4 ++-- 14 files changed, 32 insertions(+), 32 deletions(-) diff --git a/krebs/5pkgs/haskell/X11-aeson.nix b/krebs/5pkgs/haskell/X11-aeson.nix index 7db6c28a8..103d87faa 100644 --- a/krebs/5pkgs/haskell/X11-aeson.nix +++ b/krebs/5pkgs/haskell/X11-aeson.nix @@ -1,4 +1,4 @@ -{ mkDerivation, aeson, base, fetchgit, stdenv, X11 }: +{ mkDerivation, aeson, base, fetchgit, lib, X11 }: mkDerivation { pname = "X11-aeson"; version = "1.0.0"; @@ -9,5 +9,5 @@ mkDerivation { fetchSubmodules = true; }; libraryHaskellDepends = [ aeson base X11 ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix index 00299ca68..2176db2ff 100644 --- a/krebs/5pkgs/haskell/blessings.nix +++ b/krebs/5pkgs/haskell/blessings.nix @@ -1,4 +1,4 @@ -{ mkDerivation, base, fetchgit, hspec, QuickCheck, stdenv, stockholm, text }: +{ mkDerivation, base, fetchgit, hspec, QuickCheck, lib, stockholm, text }: with stockholm.lib; let @@ -24,5 +24,5 @@ in mkDerivation { testHaskellDepends = [ base hspec QuickCheck ]; doHaddock = false; # WTFPL is the true license, which is unknown to cabal. - license = stdenv.lib.licenses.wtfpl; + license = lib.licenses.wtfpl; } diff --git a/krebs/5pkgs/haskell/brockman/default.nix b/krebs/5pkgs/haskell/brockman/default.nix index d3dbcd89c..de41d1886 100644 --- a/krebs/5pkgs/haskell/brockman/default.nix +++ b/krebs/5pkgs/haskell/brockman/default.nix @@ -2,7 +2,7 @@ , case-insensitive, conduit, containers, directory, feed, filepath , hashable, hslogger, html-entity, http-client, irc-conduit, lens , lrucache, lrucaching, network, optparse-applicative, random, safe -, stdenv, text, time, timerep, wreq +, lib, text, time, timerep, wreq , fetchFromGitHub }: mkDerivation rec { @@ -22,5 +22,5 @@ mkDerivation rec { http-client irc-conduit lens lrucache lrucaching network optparse-applicative random safe text time timerep wreq ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix index ccc32c09b..e1e9d423f 100644 --- a/krebs/5pkgs/haskell/email-header.nix +++ b/krebs/5pkgs/haskell/email-header.nix @@ -1,6 +1,6 @@ { mkDerivation, attoparsec, base, base64-bytestring, bytestring , case-insensitive, containers, exceptions, fetchgit, QuickCheck -, stdenv, stockholm, tasty, tasty-quickcheck, text, text-icu, time +, lib, stockholm, tasty, tasty-quickcheck, text, text-icu, time }: with stockholm.lib; @@ -42,5 +42,5 @@ in mkDerivation { jailbreak = true; homepage = "http://github.com/knrafto/email-header"; description = "Parsing and rendering of email and MIME headers"; - license = stdenv.lib.licenses.bsd3; + license = lib.licenses.bsd3; } diff --git a/krebs/5pkgs/haskell/hack.nix b/krebs/5pkgs/haskell/hack.nix index 4e157107e..37ef94e46 100644 --- a/krebs/5pkgs/haskell/hack.nix +++ b/krebs/5pkgs/haskell/hack.nix @@ -1,6 +1,5 @@ { mkDerivation, base, blessings, containers, data-default, fetchgit -, lens, mtl, old-locale, process, scanner, stdenv, time, unix -, zippers +, lens, lib, mtl, old-locale, process, scanner, time, unix, zippers }: mkDerivation { pname = "hack"; @@ -18,5 +17,5 @@ mkDerivation { base blessings containers data-default lens mtl old-locale process scanner time unix zippers ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/kirk.nix b/krebs/5pkgs/haskell/kirk.nix index 073e5d505..d6fdec4c9 100644 --- a/krebs/5pkgs/haskell/kirk.nix +++ b/krebs/5pkgs/haskell/kirk.nix @@ -1,5 +1,5 @@ -{ mkDerivation, async, base, bytestring, fetchgit, network -, optparse-applicative, stdenv, text +{ mkDerivation, async, base, bytestring, fetchgit, lib, network +, optparse-applicative, text }: mkDerivation { pname = "kirk"; @@ -8,6 +8,7 @@ mkDerivation { url = "http://cgit.krebsco.de/kirk"; sha256 = "1acsmmc485c54axpy9bd0320j18hs261vl1vdxns4n04sxzqd7k0"; rev = "cdf3cb373af8f9b03a9487a63eb32e0226913589"; + fetchSubmodules = true; }; isLibrary = true; isExecutable = true; @@ -17,5 +18,5 @@ mkDerivation { executableHaskellDepends = [ async base network optparse-applicative text ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/much.nix b/krebs/5pkgs/haskell/much.nix index 0a5453c0c..f3aad2ee6 100644 --- a/krebs/5pkgs/haskell/much.nix +++ b/krebs/5pkgs/haskell/much.nix @@ -2,9 +2,9 @@ , blaze-builder, blessings, bytestring, case-insensitive , containers, data-default, deepseq, directory, either , email-header, fetchgit, filepath, friendly-time, http-types -, hyphenation, linebreak, network, old-locale, optparse-applicative -, process, random, rosezipper, safe, scanner, servant-server, split -, stdenv, terminal-size, text, time, transformers +, hyphenation, lib, linebreak, network, old-locale +, optparse-applicative, process, random, rosezipper, safe, scanner +, servant-server, split, terminal-size, text, time, transformers , transformers-compat, unix, vector, wai, warp }: mkDerivation { @@ -32,5 +32,5 @@ mkDerivation { data-default deepseq directory filepath hyphenation linebreak process rosezipper safe scanner text time transformers unix ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/news.nix b/krebs/5pkgs/haskell/news.nix index ba5e7a5e1..0274ac8d5 100644 --- a/krebs/5pkgs/haskell/news.nix +++ b/krebs/5pkgs/haskell/news.nix @@ -1,5 +1,5 @@ { mkDerivation, base, bloomfilter, bytestring, feed, fetchgit, lens -, stdenv, wreq +, lib, wreq }: mkDerivation { pname = "news"; @@ -14,5 +14,5 @@ mkDerivation { executableHaskellDepends = [ base bloomfilter bytestring feed lens wreq ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/reaktor2/default.nix b/krebs/5pkgs/haskell/reaktor2/default.nix index 6a48f865c..d41d8d818 100644 --- a/krebs/5pkgs/haskell/reaktor2/default.nix +++ b/krebs/5pkgs/haskell/reaktor2/default.nix @@ -2,7 +2,7 @@ , bytestring, containers, data-default, fetchgit, filepath , hashable, lens, lens-aeson, network, network-simple , network-simple-tls, network-uri, pcre-light, process, random -, servant-server, stdenv, string-conversions, stringsearch, text +, servant-server, lib, string-conversions, stringsearch, text , time, transformers, unagi-chan, unix, unordered-containers , vector, wai, warp }: @@ -24,5 +24,5 @@ mkDerivation rec { random servant-server string-conversions stringsearch text time transformers unagi-chan unix unordered-containers vector wai warp ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/recht.nix b/krebs/5pkgs/haskell/recht.nix index 7d884a9fa..bf62d3697 100644 --- a/krebs/5pkgs/haskell/recht.nix +++ b/krebs/5pkgs/haskell/recht.nix @@ -1,6 +1,6 @@ { mkDerivation, ansi-terminal, async, base, binary, bytestring , data-default, directory, filepath, megaparsec -, optparse-applicative, pandoc, random, safe, scalpel, stdenv, text +, optparse-applicative, pandoc, random, safe, scalpel, lib, text , time , fetchFromGitHub }: @@ -21,5 +21,5 @@ mkDerivation rec { filepath megaparsec optparse-applicative pandoc random safe scalpel text time ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/scanner.nix b/krebs/5pkgs/haskell/scanner.nix index 28f89b069..a317e575e 100644 --- a/krebs/5pkgs/haskell/scanner.nix +++ b/krebs/5pkgs/haskell/scanner.nix @@ -1,4 +1,4 @@ -{ mkDerivation, base, fetchgit, stdenv }: +{ mkDerivation, base, fetchgit, lib }: mkDerivation { pname = "scanner"; version = "1.0.1"; @@ -9,5 +9,5 @@ mkDerivation { fetchSubmodules = true; }; libraryHaskellDepends = [ base ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/xmonad-aeson.nix b/krebs/5pkgs/haskell/xmonad-aeson.nix index 3fccab469..d27f9c783 100644 --- a/krebs/5pkgs/haskell/xmonad-aeson.nix +++ b/krebs/5pkgs/haskell/xmonad-aeson.nix @@ -1,4 +1,4 @@ -{ mkDerivation, aeson, base, fetchgit, stdenv, X11-aeson, xmonad }: +{ mkDerivation, aeson, base, fetchgit, lib, X11-aeson, xmonad }: mkDerivation { pname = "xmonad-aeson"; version = "1.0.0"; @@ -9,5 +9,5 @@ mkDerivation { fetchSubmodules = true; }; libraryHaskellDepends = [ aeson base X11-aeson xmonad ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix index 1b197b914..751f26749 100644 --- a/krebs/5pkgs/haskell/xmonad-stockholm.nix +++ b/krebs/5pkgs/haskell/xmonad-stockholm.nix @@ -1,4 +1,4 @@ -{ mkDerivation, base, containers, fetchgit, filepath, stdenv, unix, X11, X11-xft , X11-xshape, xmonad, xmonad-contrib +{ mkDerivation, base, containers, fetchgit, filepath, lib, unix, X11, X11-xft , X11-xshape, xmonad, xmonad-contrib }: mkDerivation rec { pname = "xmonad-stockholm"; @@ -11,5 +11,5 @@ mkDerivation rec { libraryHaskellDepends = [ base containers filepath unix X11 X11-xft X11-xshape xmonad xmonad-contrib ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix b/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix index b6aee633e..2cbb51845 100644 --- a/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix +++ b/krebs/5pkgs/simple/buildbot-classic/sqlparse.nix @@ -1,4 +1,4 @@ -{ stdenv +{ lib , buildPythonPackage , fetchPypi , pytest @@ -22,7 +22,7 @@ buildPythonPackage rec { # Package supports 3.x, but tests are clearly 2.x only. doCheck = !isPy3k; - meta = with stdenv.lib; { + meta = with lib; { description = "Non-validating SQL parser for Python"; longDescription = '' Provides support for parsing, splitting and formatting SQL statements. -- cgit v1.2.3 From 1630aafe6d64f56df49c0259962d78b5913e96af Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 19 Oct 2021 22:53:15 +0200 Subject: tv: stdenv.lib -> lib --- tv/5pkgs/haskell/mailaids.nix | 4 ++-- tv/5pkgs/haskell/th-env/default.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tv/5pkgs/haskell/mailaids.nix b/tv/5pkgs/haskell/mailaids.nix index b705c7c69..f152a76f4 100644 --- a/tv/5pkgs/haskell/mailaids.nix +++ b/tv/5pkgs/haskell/mailaids.nix @@ -1,6 +1,6 @@ { mkDerivation, aeson, aeson-pretty, base, bytestring , case-insensitive, fetchgit, lens, optparse-applicative -, purebred-email, stdenv, text, vector, word8 +, purebred-email, lib, text, vector, word8 }: mkDerivation { pname = "mailaids"; @@ -17,5 +17,5 @@ mkDerivation { aeson aeson-pretty base bytestring case-insensitive lens optparse-applicative purebred-email text vector word8 ]; - license = stdenv.lib.licenses.mit; + license = lib.licenses.mit; } diff --git a/tv/5pkgs/haskell/th-env/default.nix b/tv/5pkgs/haskell/th-env/default.nix index 474a63b85..158fb165a 100644 --- a/tv/5pkgs/haskell/th-env/default.nix +++ b/tv/5pkgs/haskell/th-env/default.nix @@ -1,4 +1,4 @@ -{ mkDerivation, base, stdenv, template-haskell, text }: +{ mkDerivation, base, lib, template-haskell, text }: mkDerivation { pname = "th-env"; version = "1.0.0"; @@ -6,5 +6,5 @@ mkDerivation { libraryHaskellDepends = [ base template-haskell text ]; homepage = "https://stackoverflow.com/q/57635686"; license = "unknown"; - hydraPlatforms = stdenv.lib.platforms.none; + hydraPlatforms = lib.platforms.none; } -- cgit v1.2.3 From c5bab88a9e2b9a30ea148e5938a2110f44f18a5e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 12:07:40 +0200 Subject: tinc module: add group for user --- krebs/3modules/tinc.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index a8a78a43e..2c19aefdb 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -237,9 +237,14 @@ let inherit (cfg.user) home name uid; createHome = true; isSystemUser = true; + group = netname; } ) config.krebs.tinc; + users.groups = mapAttrs' (netname: cfg: + nameValuePair netname {} + ) config.krebs.tinc; + environment.etc = mapAttrs' (netname: cfg: nameValuePair "tinc/${netname}" (mkIf cfg.enableLegacy { source = cfg.confDir; -- cgit v1.2.3 From 1ea95b68f4cfeb85f4539a87797b120fca19e9d4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 12:08:58 +0200 Subject: fetchWallpaper module: add group --- krebs/3modules/fetchWallpaper.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 852c8f630..dc0133a63 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -55,10 +55,12 @@ let name = "fetchWallpaper"; uid = genid_uint31 "fetchWallpaper"; description = "fetchWallpaper user"; + group = "fetchWallpaper"; home = cfg.stateDir; createHome = true; isSystemUser = true; }; + users.groups.fetchWallpaper = {}; systemd.timers.fetchWallpaper = { description = "fetch wallpaper timer"; -- cgit v1.2.3 From 9ea664b63c348a5855299250ec45f622c1404c5d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 12:13:53 +0200 Subject: l coaxmetal.r: use nixos-unstable --- lass/1systems/coaxmetal/source.nix | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 lass/1systems/coaxmetal/source.nix diff --git a/lass/1systems/coaxmetal/source.nix b/lass/1systems/coaxmetal/source.nix new file mode 100644 index 000000000..0e2628b5b --- /dev/null +++ b/lass/1systems/coaxmetal/source.nix @@ -0,0 +1,4 @@ +{ lib, pkgs, ... }: +{ + nixpkgs.git.ref = lib.mkForce (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev; +} -- cgit v1.2.3 From 55b137ba525f075f4619de4676d3e66f782b1a12 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 Sep 2021 18:52:54 +0200 Subject: rip Reaktor --- krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh | 6 --- krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh | 20 -------- krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py | 58 ---------------------- .../5pkgs/simple/Reaktor/scripts/shack-correct.sh | 6 --- 4 files changed, 90 deletions(-) delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py delete mode 100755 krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh deleted file mode 100755 index 6f3dd4a3f..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -curl -sS http://emojicons.com/random | \ - grep data-text | \ - sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ - head -n 1 | \ - xmlstarlet unesc diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh deleted file mode 100755 index 5c47c6156..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh +++ /dev/null @@ -1,20 +0,0 @@ -#! /bin/sh -set -eu -# requires env: -# $state_dir -# $origin - -# in PATH: git,lentil,coreutils -subdir=`echo "$1" | tr -dc "[:alnum:]"` -name=`echo "$origin" | tr -dc "[:alnum:]"` -track="$state_dir/$name-checkout" -(if test -e "$track" ;then - cd "$track" - git fetch origin master - git reset --hard origin/master -else - git clone "$origin" "$track" -fi) >&2 - -cd "$track" -lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1 diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py deleted file mode 100755 index 4925b25bb..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env python3 - -# Usage: -# _from=krebs state_dir=. python sed-plugin.py 'dick butt' -# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' -# > dick bull -import shelve -from os import environ -from os.path import join -from sys import argv -from time import sleep -import re - -# try to open the shelve file until it succeeds -while True: - try: - d = shelve.open( - join(environ['state_dir'], 'sed-plugin.shelve'), - writeback=True - ) - break - except: # noqa: E722 - sleep(0.2) -usr = environ['_from'] - - -def is_regex(line): - myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') - return myre.match(line) - - -line = argv[1] - -if is_regex(line): - last = d.get(usr, None) - if last: - from subprocess import Popen, PIPE - p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE) - so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) - if p.returncode: - print("something went wrong when trying to process your regex: {}".format(line.strip())) - ret = so.decode() - if len(ret) > 512: - print('message to long, skipped') - elif len(ret.split('\n')) > 5: - print('to many lines, skipped') - else: - if last.strip() != ret.strip(): - print("\x02{}\x02 meant: {}".format(usr, ret.strip())) - if ret: - d[usr] = ret - - else: - print("no last message") -else: - d[usr] = line - -d.close() diff --git a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh deleted file mode 100755 index d500b3cb3..000000000 --- a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh +++ /dev/null @@ -1,6 +0,0 @@ -#! /bin/sh -set -eu -printf "Sie meinten wohl \"" -echo -n $@ | sed 's/Shack/shack/g' -echo "\" check out https://wiki.shackspace.de/project/logo_and_ci#name_ci" -echo "${_from}--" -- cgit v1.2.3 From fd37549f825fb042cf091b25cd665155b7f80716 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 13 Oct 2021 16:01:43 +0200 Subject: mic92: add ryan & graham --- krebs/3modules/external/mic92.nix | 50 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 3ef693290..c3a0d42df 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -761,5 +761,55 @@ in { }; }; }; + + graham = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.graham.nets.retiolum.ip4.addr + config.krebs.hosts.graham.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.196"; + aliases = [ "graham.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAtnM8VqFlEPLPYfKOZvN4kKklrVEyX4WewlqHO8vtxML9ND5BHCdn + UeRsThvbKVRqEvZLTAXKClZRYVr2IroHqfx0euTq3FYTUbNNQ4KgcFAfLKWoxGfK + HsQbYpS93/sUtmhRBGcgXPnEkE6yqvFBXxcmB1QqdmgYKdY2Gtikwrv/5hb4AlNe + /gyzKGtAKYogspLI6EpEwlD9CGDNIUPJ4uQ56gDhV/qtyMSE6X0igSSVZayDc+x1 + InPkH90xsa0/uXjYDnXNdMguLArGkRzMhd6DzK4vEaPFIX59yMX+tEj46rGY7xAI + gUZUI2codqY5Z93W5GC+ws34y0bpfeMMWwIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = xMJNMMXZRCbWkN9CzLFohkGUK54dPcrrosFD7xgIFXA + ''; + }; + }; + }; + + ryan = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.ryan.nets.retiolum.ip4.addr + config.krebs.hosts.ryan.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.198"; + aliases = [ "ryan.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEA0RE5jmBiEGmaYLVFmpCyVvlb6K3Zh2uxh7sVm44k31d9PEHHm4Wz + HQH+ueaefGVu19xLRJQGu4ZMl7oRbb5awiqKdSGgInhQaNzxUIHW4cCCdOVkgZSy + NjI9LMcc8tQtkoFGt6OhAzaViuGMo+aJAkLuXNf8hz5uR2flqQEeKfG5Kc7Z1DAQ + QNoBRtY0pltyK2y/Ip8cZ9cdxR5oLww67ykhY+eLy9tZLfKs6uWSq+2CV0cpNNQ9 + Sh8fSbkjb4+JkxWAHDOyAnwFxnxstMcW0cscOW7nXYDi5IpvvesJlk698un7bLhm + vCkAd+WiNuTGfs9t0r6FDDVDREBhNk1sLwIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = sOD149OLZ2yUEjRpwbGdwHULKF2qNY3F+9AsEi1G0ZM + ''; + }; + }; + }; }; } -- cgit v1.2.3 From 6d51da9202791651b98d3139260884b24ed6b8ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 13 Oct 2021 19:51:31 +0200 Subject: mic92: non-colliding ip address for graham --- krebs/3modules/external/mic92.nix | 49 ++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index c3a0d42df..36f476db1 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -762,30 +762,6 @@ in { }; }; - graham = { - owner = config.krebs.users.mic92; - nets = rec { - retiolum = { - addrs = [ - config.krebs.hosts.graham.nets.retiolum.ip4.addr - config.krebs.hosts.graham.nets.retiolum.ip6.addr - ]; - ip4.addr = "10.243.29.196"; - aliases = [ "graham.r" ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAtnM8VqFlEPLPYfKOZvN4kKklrVEyX4WewlqHO8vtxML9ND5BHCdn - UeRsThvbKVRqEvZLTAXKClZRYVr2IroHqfx0euTq3FYTUbNNQ4KgcFAfLKWoxGfK - HsQbYpS93/sUtmhRBGcgXPnEkE6yqvFBXxcmB1QqdmgYKdY2Gtikwrv/5hb4AlNe - /gyzKGtAKYogspLI6EpEwlD9CGDNIUPJ4uQ56gDhV/qtyMSE6X0igSSVZayDc+x1 - InPkH90xsa0/uXjYDnXNdMguLArGkRzMhd6DzK4vEaPFIX59yMX+tEj46rGY7xAI - gUZUI2codqY5Z93W5GC+ws34y0bpfeMMWwIDAQAB - -----END RSA PUBLIC KEY----- - Ed25519PublicKey = xMJNMMXZRCbWkN9CzLFohkGUK54dPcrrosFD7xgIFXA - ''; - }; - }; - }; ryan = { owner = config.krebs.users.mic92; @@ -811,5 +787,30 @@ in { }; }; }; + + graham = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.graham.nets.retiolum.ip4.addr + config.krebs.hosts.graham.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.199"; + aliases = [ "graham.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAtnM8VqFlEPLPYfKOZvN4kKklrVEyX4WewlqHO8vtxML9ND5BHCdn + UeRsThvbKVRqEvZLTAXKClZRYVr2IroHqfx0euTq3FYTUbNNQ4KgcFAfLKWoxGfK + HsQbYpS93/sUtmhRBGcgXPnEkE6yqvFBXxcmB1QqdmgYKdY2Gtikwrv/5hb4AlNe + /gyzKGtAKYogspLI6EpEwlD9CGDNIUPJ4uQ56gDhV/qtyMSE6X0igSSVZayDc+x1 + InPkH90xsa0/uXjYDnXNdMguLArGkRzMhd6DzK4vEaPFIX59yMX+tEj46rGY7xAI + gUZUI2codqY5Z93W5GC+ws34y0bpfeMMWwIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = xMJNMMXZRCbWkN9CzLFohkGUK54dPcrrosFD7xgIFXA + ''; + }; + }; + }; }; } -- cgit v1.2.3 From b13aaa3e6539a3b9c968e694d624baccf95157c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 14 Oct 2021 15:45:58 +0200 Subject: mic92: add maurice --- krebs/3modules/external/mic92.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 36f476db1..ec76273a6 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -812,5 +812,29 @@ in { }; }; }; + + maurice = { + owner = config.krebs.users.mic92; + nets = rec { + retiolum = { + addrs = [ + config.krebs.hosts.graham.nets.retiolum.ip4.addr + config.krebs.hosts.graham.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.200"; + aliases = [ "maurice.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAsLKBfPtZkjWGu6uitCV+4c5aQox2t4N8XNhY2mqE806XsYrqAC+y + d0oLOxRMUjfh9stDnEW/YRoLEKz9oZdRYd4eenP0Q3c3HdRFDBNCs27M5a8ysqZD + 5w9+B+9OfUmMv61NyKiaR6WtoGbE849cj1UNk1z04elshfU7h829D8QnD4j1A1gf + bOaNG+RzOP6qP/6Q30rxAiTxRPi+FhcHvxa33y1ZVobvnfGcJa+AzsTbgH9T9Yob + GuXFZvuQVSyWOLOgY/vVml904q8gScMpBesAsZJ7DEXxSTga0Rt99Ti3d9ABwBI5 + 1YabQlGLaAkrj3PMgrDyayzGBDDDva9fEQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; } -- cgit v1.2.3 From db9f0d97ec35cc4673bdb9b0fb8b922891400357 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 14 Oct 2021 15:49:08 +0200 Subject: mic92: fix ips of maurice --- krebs/3modules/external/mic92.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index ec76273a6..c477eb6f1 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -818,8 +818,8 @@ in { nets = rec { retiolum = { addrs = [ - config.krebs.hosts.graham.nets.retiolum.ip4.addr - config.krebs.hosts.graham.nets.retiolum.ip6.addr + config.krebs.hosts.maurice.nets.retiolum.ip4.addr + config.krebs.hosts.maurice.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.200"; aliases = [ "maurice.r" ]; -- cgit v1.2.3 From 04ec7f8e7deeed58ff687d609d5e24d56bb82645 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 14 Oct 2021 16:08:20 +0200 Subject: mic92: add ed25519 for maurice --- krebs/3modules/external/mic92.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index c477eb6f1..1f67bdfa6 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -832,6 +832,7 @@ in { GuXFZvuQVSyWOLOgY/vVml904q8gScMpBesAsZJ7DEXxSTga0Rt99Ti3d9ABwBI5 1YabQlGLaAkrj3PMgrDyayzGBDDDva9fEQIDAQAB -----END RSA PUBLIC KEY----- + Ed25519PublicKey = pkMuJ4kbyleQAdau+sfmLtzTuUy7uL+wwcgV/GWC7/N ''; }; }; -- cgit v1.2.3 From 0564414a3184960555a8146f78b36120e6ef0c21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Thu, 14 Oct 2021 17:32:22 +0200 Subject: mic92: add aenderpad --- krebs/3modules/external/mic92.nix | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index 1f67bdfa6..b4e046303 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -256,6 +256,10 @@ in { okelmann = { owner = config.krebs.users.mic92; nets.retiolum = { + addrs = [ + config.krebs.hosts.okelmann.nets.retiolum.ip4.addr + config.krebs.hosts.okelmann.nets.retiolum.ip6.addr + ]; ip4.addr = "10.243.29.190"; aliases = [ "okelmann.r" @@ -275,6 +279,10 @@ in { aendernix = { owner = config.krebs.users.mic92; nets.retiolum = { + addrs = [ + config.krebs.hosts.aendernix.nets.retiolum.ip4.addr + config.krebs.hosts.aendernix.nets.retiolum.ip6.addr + ]; ip4.addr = "10.243.29.172"; aliases = [ "aendernix.r" @@ -296,6 +304,30 @@ in { ''; }; }; + aenderpad = { + owner = config.krebs.users.mic92; + nets.retiolum = { + addrs = [ + config.krebs.hosts.aenderpad.nets.retiolum.ip4.addr + config.krebs.hosts.aenderpad.nets.retiolum.ip6.addr + ]; + ip4.addr = "10.243.29.201"; + aliases = [ + "aendernix.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAvHSVUd6/5P2rK3s9iQhVrxkjufDIi0Kn04iVB4Z0TpUvnmFAP+Hv + d7umo95lNkAPL9c3byv4ooQjOskrp7GmgQRijLUvJSAZ9FBVWPAjMXs+gk9oJnQj + 6bovXJ3DurmW3h1ZRmkWn256j7g8lEMtf5LGFxs9Bwi4wqZTbI6DzTQhmNm76Spb + 2UMSzr9kDcNj5r6LDhDKEDtx4P1Opshgsf9AusV81N5nqDcvAYsvEqYoPvjKIPwF + 5jtfHY7hM7SdYoVgdAY8RFH7xuRkLQW4LBxPKjP3pEQPCgXcuEELm33PGr+w/vhC + jxeyKP+uSeuBBMSatTWG3kU8W2LxVML65QIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = jC2UzKiUtWUlZF2ET88qM+Ot+GpoWxFFfpi8TCCr0uM + ''; + }; + }; dimitra = { owner = config.krebs.users.mic92; nets.retiolum = { -- cgit v1.2.3 From 679922a7831176089fe9e3ad62346b0e0bd4dcdd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 15:15:54 +0200 Subject: Revert "rip Reaktor" This reverts commit 55b137ba525f075f4619de4676d3e66f782b1a12. --- krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh | 6 +++ krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh | 20 ++++++++ krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py | 58 ++++++++++++++++++++++ .../5pkgs/simple/Reaktor/scripts/shack-correct.sh | 6 +++ 4 files changed, 90 insertions(+) create mode 100755 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh create mode 100755 krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh create mode 100755 krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py create mode 100755 krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh new file mode 100755 index 000000000..6f3dd4a3f --- /dev/null +++ b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh @@ -0,0 +1,6 @@ +#!/bin/sh +curl -sS http://emojicons.com/random | \ + grep data-text | \ + sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ + head -n 1 | \ + xmlstarlet unesc diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh new file mode 100755 index 000000000..5c47c6156 --- /dev/null +++ b/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh @@ -0,0 +1,20 @@ +#! /bin/sh +set -eu +# requires env: +# $state_dir +# $origin + +# in PATH: git,lentil,coreutils +subdir=`echo "$1" | tr -dc "[:alnum:]"` +name=`echo "$origin" | tr -dc "[:alnum:]"` +track="$state_dir/$name-checkout" +(if test -e "$track" ;then + cd "$track" + git fetch origin master + git reset --hard origin/master +else + git clone "$origin" "$track" +fi) >&2 + +cd "$track" +lentil "${subdir:-.}" -f csv | sed 1d | shuf | head -1 diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py new file mode 100755 index 000000000..4925b25bb --- /dev/null +++ b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py @@ -0,0 +1,58 @@ +#!/usr/bin/env python3 + +# Usage: +# _from=krebs state_dir=. python sed-plugin.py 'dick butt' +# _from=krebs state_dir=. python sed-plugin.py 's/t/l/g' +# > dick bull +import shelve +from os import environ +from os.path import join +from sys import argv +from time import sleep +import re + +# try to open the shelve file until it succeeds +while True: + try: + d = shelve.open( + join(environ['state_dir'], 'sed-plugin.shelve'), + writeback=True + ) + break + except: # noqa: E722 + sleep(0.2) +usr = environ['_from'] + + +def is_regex(line): + myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') + return myre.match(line) + + +line = argv[1] + +if is_regex(line): + last = d.get(usr, None) + if last: + from subprocess import Popen, PIPE + p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE) + so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) + if p.returncode: + print("something went wrong when trying to process your regex: {}".format(line.strip())) + ret = so.decode() + if len(ret) > 512: + print('message to long, skipped') + elif len(ret.split('\n')) > 5: + print('to many lines, skipped') + else: + if last.strip() != ret.strip(): + print("\x02{}\x02 meant: {}".format(usr, ret.strip())) + if ret: + d[usr] = ret + + else: + print("no last message") +else: + d[usr] = line + +d.close() diff --git a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh new file mode 100755 index 000000000..d500b3cb3 --- /dev/null +++ b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh @@ -0,0 +1,6 @@ +#! /bin/sh +set -eu +printf "Sie meinten wohl \"" +echo -n $@ | sed 's/Shack/shack/g' +echo "\" check out https://wiki.shackspace.de/project/logo_and_ci#name_ci" +echo "${_from}--" -- cgit v1.2.3 From 4467830663663f0310968c00d0f191d22ad7f690 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 23 Oct 2021 15:37:22 +0200 Subject: ircaids: 1.0.0 -> 1.0.1 --- krebs/5pkgs/simple/ircaids/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/5pkgs/simple/ircaids/default.nix b/krebs/5pkgs/simple/ircaids/default.nix index 566346cc9..61d3ee31c 100644 --- a/krebs/5pkgs/simple/ircaids/default.nix +++ b/krebs/5pkgs/simple/ircaids/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "ircaids"; - version = "1.0.0"; + version = "1.0.1"; src = pkgs.fetchgit { url = "https://cgit.krebsco.de/ircaids"; rev = "refs/tags/${version}"; - sha256 = "13z9pc9vq2xq2qpavwmh7fvzvvjkc495ssxsh8cs044qflvj54b2"; + sha256 = "0wp01pag58c72rmx8j3i1vlq60na8lc91743832f0h27cik8yqvh"; }; buildPhase = null; -- cgit v1.2.3 From 0c15f3b6a7a216eec1fb1ba368da5c3ea4b43c5e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 16:12:58 +0200 Subject: l: disable tmpfs on /tmp --- lass/2configs/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index eb38d0e97..1bcfb162c 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -89,8 +89,6 @@ with import ; services.timesyncd.enable = mkForce true; - boot.tmpOnTmpfs = true; - # multiple-definition-problem when defining environment.variables.EDITOR environment.extraInit = '' EDITOR=vim -- cgit v1.2.3 From d1a55f88766b72769e5f756f8b4724e13e1c6981 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 19:03:02 +0200 Subject: l coaxmetal.r: build with unstable --- lass/1systems/coaxmetal/source.nix | 23 ++++++++++++++++++++--- lass/krops.nix | 2 +- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/lass/1systems/coaxmetal/source.nix b/lass/1systems/coaxmetal/source.nix index 0e2628b5b..7f335ec05 100644 --- a/lass/1systems/coaxmetal/source.nix +++ b/lass/1systems/coaxmetal/source.nix @@ -1,4 +1,21 @@ -{ lib, pkgs, ... }: -{ - nixpkgs.git.ref = lib.mkForce (lib.importJSON ../../../krebs/nixpkgs-unstable.json).rev; +{ lib, pkgs, test, ... }: let + npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json; +in { + nixpkgs = lib.mkForce (if test then { derivation = let + rev = npkgs.rev; + sha256 = npkgs.sha256; + in '' + with import (builtins.fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz"; + sha256 = "${sha256}"; + }) {}; + pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = "${rev}"; + sha256 = "${sha256}"; + } + ''; } else { + git.ref = npkgs.rev; + }); } diff --git a/lass/krops.nix b/lass/krops.nix index 128c9ee04..fe5c00f3d 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -24,7 +24,7 @@ }; }; } - (if (lib.pathExists (./. + "/1systems/${name}/source.nix")) && (! test) then + (if lib.pathExists (./. + "/1systems/${name}/source.nix") then import (./. + "/1systems/${name}/source.nix") { inherit lib pkgs test; } else {} -- cgit v1.2.3 From ddac84e9e6eb49805ad244829ea5add7370a7829 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 21:53:26 +0200 Subject: l green.r: make source.nix ci compatible --- lass/1systems/green/source.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/lass/1systems/green/source.nix b/lass/1systems/green/source.nix index 48499c9db..cc7617f92 100644 --- a/lass/1systems/green/source.nix +++ b/lass/1systems/green/source.nix @@ -1,5 +1,4 @@ -{ lib, pkgs, ... }: -{ +{ lib, pkgs, test, ... }: +if test then { nixpkgs-unstable = lib.mkForce { file = "/var/empty"; }; - nixpkgs.git.shallow = true; -} +} else {} -- cgit v1.2.3 From bd8baec395d258cf9201ef243d4237f64aaef26b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 22:02:15 +0200 Subject: l blue.r: don't delete nixpkgs-unstable in ci --- lass/1systems/blue/source.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index 2b4158211..2a4e1336b 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,5 +1,5 @@ { lib, pkgs, test, ... }: -{ +if test then { nixpkgs = lib.mkIf (! test) (lib.mkForce { file = { path = toString (pkgs.fetchFromGitHub { @@ -14,4 +14,4 @@ nixpkgs-unstable = lib.mkForce { file.path = "/var/empty"; }; -} +} else {} -- cgit v1.2.3 From 3ea4c8f5735cd99d8ede55d67deb51d44795db59 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 23 Oct 2021 22:22:38 +0200 Subject: l: fix test sources --- lass/1systems/blue/source.nix | 4 ++-- lass/1systems/green/source.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix index 2a4e1336b..0b2bf5f5b 100644 --- a/lass/1systems/blue/source.nix +++ b/lass/1systems/blue/source.nix @@ -1,5 +1,5 @@ { lib, pkgs, test, ... }: -if test then { +if test then {} else { nixpkgs = lib.mkIf (! test) (lib.mkForce { file = { path = toString (pkgs.fetchFromGitHub { @@ -14,4 +14,4 @@ if test then { nixpkgs-unstable = lib.mkForce { file.path = "/var/empty"; }; -} else {} +} diff --git a/lass/1systems/green/source.nix b/lass/1systems/green/source.nix index cc7617f92..da137e064 100644 --- a/lass/1systems/green/source.nix +++ b/lass/1systems/green/source.nix @@ -1,4 +1,4 @@ { lib, pkgs, test, ... }: -if test then { +if test then {} else { nixpkgs-unstable = lib.mkForce { file = "/var/empty"; }; -} else {} +} -- cgit v1.2.3 From 89b0f98b42c4258fbde902325bd5ba79034f98bd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 00:01:17 +0200 Subject: l vim: make more minimal --- lass/2configs/vim.nix | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 0e4ac5394..6c730efdd 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -5,16 +5,6 @@ let out = { environment.systemPackages = [ (hiPrio vim) - (pkgs.writeDashBin "govet" '' - go vet "$@" - '') - (hiPrio (pkgs.python3.withPackages (ps: [ - ps.python-language-server - ps.pyls-isort - ps.pyflakes - ps.flake8 - ps.yapf - ]))) ]; environment.etc.vimrc.source = vimrc; @@ -126,11 +116,7 @@ let ''; extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ - pkgs.vimPlugins.ack-vim pkgs.vimPlugins.undotree - pkgs.vimPlugins.vim-go - pkgs.vimPlugins.fzf-vim - pkgs.vimPlugins.LanguageClient-neovim (pkgs.vimUtils.buildVimPlugin { name = "file-line-1.0"; src = pkgs.fetchFromGitHub { -- cgit v1.2.3 From e8aa5eb87e28f4b0c5b048b95abfea0bd9a927a0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 09:53:11 +0200 Subject: nixpkgs: ce7a119 -> 95eed9b --- krebs/nixpkgs.json | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index bf2808dce..5be907d21 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,10 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "ce7a1190a0fa4ba3465b5f5471b08567060ca14c", - "date": "2021-10-08T11:14:43-05:00", - "path": "/nix/store/y01vzcdhna8pjvy3w2bz7nc9zqyylxg3-nixpkgs", - "sha256": "1zr1s9gp0h5g4arlba1bpb9yqfaaby5195ydm6a2psaxhm748li9", + "rev": "95eed9b64eee24975b880308065654fd059f22c3", + "date": "2021-10-23T23:27:41+02:00", + "path": "/nix/store/05rxgy84zni4bminfyyk4nkc4ccw91sz-nixpkgs", + "sha256": "1x59xdxh2vrnhh4j29nyq7npq70v178j5acdm2zsgamcagm3qif9", + "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From 1c98e211ffcfad92e0d1bac835f3d6715756f957 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 09:54:04 +0200 Subject: nixpkgs-unstable: 70088dc -> 34ad3ff --- krebs/nixpkgs-unstable.json | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index e464cb568..9a5c5386f 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,10 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "70088dc29994c32f8520150e34c6e57e8453f895", - "date": "2021-10-07T22:46:35+08:00", - "path": "/nix/store/f0i4rdi62kkwa95v7ap8fzxybrikqi01-nixpkgs", - "sha256": "08ldqfh2cmbvf930yq9pv220sv83k9shq183935l5d8p61fxh5zr", + "rev": "34ad3ffe08adfca17fcb4e4a47bb5f3b113687be", + "date": "2021-10-21T10:14:45+08:00", + "path": "/nix/store/ga9jr8sgxlay545v6j6q2nfj7gih4ix3-nixpkgs", + "sha256": "02li241rz5668nfyp88zfjilxf0mr9yansa93fbl38hjwkhf3ix6", + "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From f455668ff33d7555f8fe8d02ae9cf1b72cab596c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 11:06:43 +0200 Subject: l: remove red.r morpheus.r uriel.r --- krebs/3modules/lass/default.nix | 97 ------------------------------------- lass/1systems/morpheus/config.nix | 29 ----------- lass/1systems/morpheus/physical.nix | 44 ----------------- lass/1systems/red/config.nix | 28 ----------- lass/1systems/red/physical.nix | 7 --- lass/1systems/uriel/config.nix | 47 ------------------ lass/1systems/uriel/physical.nix | 59 ---------------------- 7 files changed, 311 deletions(-) delete mode 100644 lass/1systems/morpheus/config.nix delete mode 100644 lass/1systems/morpheus/physical.nix delete mode 100644 lass/1systems/red/config.nix delete mode 100644 lass/1systems/red/physical.nix delete mode 100644 lass/1systems/uriel/config.nix delete mode 100644 lass/1systems/uriel/physical.nix diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 3419d806c..428691841 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -122,33 +122,6 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD"; syncthing.id = "QITFKYQ-VEPIPL2-AZIXHMD-BBT62ML-YHSB35A-BSUIBXS-QYMPFHW-M7XN2QU"; }; - uriel = { - monitoring = false; - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.81.176"; - ip6.addr = r6 "1e1"; - aliases = [ - "uriel.r" - ]; - tinc.port = 0; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAzw0pvoEmqeqiZrzSOPH0IT99gr1rrvMZbvabXoU4MAiVgGoGrkmR - duJkk8Fj12ftMc+Of1gnwDkFhRcfAKOeH1RSc4CTircWVq99WyecTwEZoaR/goQb - MND022kIBoG6NQNxv1Y5I1B/h7hfloMFEPym9oFtOAXoGhBY2vVl4g64NNz+RLME - m1RipLXKANAh6LRNPGPQCUYX4TVY2ZJVxM3CM1XdomUAdOYXJmWFyUg9NcIKaacx - uRrmuy7J9yFBcihZX5Y7NV361kINrpRmZYxJRf9cr0hb5EkJJ7bMIKQMEFQ5RnYo - u7MPGKD7aNHa6hLLCeIfJ5u0igVmSLh3pwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBryIo/Waw8SWvlQ0+5I+Bd/dJgcMd6iPXtELS6gQXoc"; - secure = true; - }; mors = { cores = 2; nets = { @@ -418,38 +391,6 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM"; }; - red = { - monitoring = false; - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.0.13"; - ip6.addr = r6 "12ed"; - aliases = [ - "red.r" - ]; - tinc.port = 0; - tinc.pubkey = '' - -----BEGIN PUBLIC KEY----- - MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArAN/62V2MV18wsZ9VMTG - 4/cqsjvHlffAN8jYDq+GImgREvbiLlFhhHgxwKh0gcDTR8P1xX/00P3/fx/g5bRF - Te7LZT2AFmVFFFfx1n9NBweN/gG2/hzB9J8epbWLNT+RzpzHuAoREvDZ+jweSXaI - phdmQY2s36yrR3TAShqq0q4cwlXuHT00J+InDutM0mTftBQG/fvYkBhHOfq4WSY0 - FeMK7DTKNbsqQiKKQ/kvWi7KfTW0F0c7SDpi7BLwbQzP2WbogtGy9MIrw9ZhE6Ox - TVdAksPKw0TlYdb16X/MkbzBqTYbxFlmWzpMJABMxIVwAfQx3ZGYvJDdDXmQS2qa - mDN2xBb/5pj3fbfp4wbwWlRVSd/AJQtRvaNY24F+UsRJb0WinIguDI6oRZx7Xt8w - oYirKqqq1leb3EYUt8TMIXQsOw0/Iq+JJCwB+ZyLLGVNB19XOxdR3RN1JYeZANpE - cMSS3SdFGgZ//ZAdhIN5kw9yMeKo6Rnt+Vdz3vZWTuSVp/xYO3IMGXNGAdIWIwrJ - 7fwSl/rfXGG816h0sD46U0mxd+i68YOtHlzOKe+vMZ4/FJZYd/E5/IDQluV8HLwa - 5lODfZXUmfStdV+GDA9KVEGUP5xSkC3rMnir66NgHzKpIL002/g/HfGu7O3MrvpW - ng7AMvRv5vbsYcJBj2HUhKUCAwEAAQ== - -----END PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp"; - }; yellow = { cores = 1; nets = { @@ -583,44 +524,6 @@ in { ci = false; syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ"; }; - morpheus = { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.0.19"; - ip6.addr = r6 "012f"; - aliases = [ - "morpheus.r" - ]; - tinc.port = 0; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY - T7yWiKaUuBJThWged9PdPltLUEMmv+ubQqpWHZq442VWSS36r1yMSGpUeKK+oYMN - /Sfu+1yC4m2uXno95wpJZIcDfbbn26jT6ldJ4Yd97zyrXKljvcdrz3wZzQq0tojh - S5Q59x/aQMJbnQpnlFnMIEVgULuFPW16+vPGsXIPdYNggaF1avcBaFl8i3M0EZVz - Swn4hArDynDJhR7M0QdlwOpOh7O+1iOnmXqqei3LxMVHb+YtzfHgxOPxggUsy7CR - bj9uBR9loGwgmZwaxXd1Vfbw8kn/feOb9FcW73u+SZyzwEA9HFRV0jGQe3P9mGfI - Bwe02DOTVXEB8jTAGCw5T3bXLIOX8kqdlCECuAWFfrt8H+GjZDuGUWRcMn32orMz - sMvkab95ZOHK6Q31mrhILOIOdyZWKPZIabL3HF6CZtu52h6MDHbmGS0w0OJYhj2+ - VnT9ZBoaeooVg8QOE43rCXvmL5vzhLKrj4s/53wTGG5SpzLs9Q9rrJVgAnz4YQ7j - 3Ov5q3Zxyr+vO6O7Pb5X49vCQw/jzK41S0/15GEmKcoxXemzeZCpX1mbeeTUtLvA - U7OJwldrElzictBJ1gT94L4BDvoGZVqAkXJCJPamfsWaiw6SsMqtTfECAwEAAQ== - -----END RSA PUBLIC KEY----- - ''; - }; - wiregrill = { - ip6.addr = w6 "012f"; - aliases = [ - "morpheus.w" - ]; - wireguard.pubkey = "BdiIHJjJQThmZD8DehxPGA+bboBHjljedwaRaV5yyDY="; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXS60mmNWMdMRvaPxGn91Cm/hm7zY8xn5rkI4n2KG/f "; - syncthing.id = "JS4RFIL-MJP2SMJ-EOQXCPQ-MC3NB4V-BQ77GN5-LPKGLWY-GHDP732-G22OJQQ"; - }; hilum = { cores = 1; nets = { diff --git a/lass/1systems/morpheus/config.nix b/lass/1systems/morpheus/config.nix deleted file mode 100644 index 79d4f528d..000000000 --- a/lass/1systems/morpheus/config.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, pkgs, ... }: -with import ; -{ - imports = [ - - - - - - ]; - - krebs.build.host = config.krebs.hosts.morpheus; - - networking.wireless.enable = false; - networking.networkmanager.enable = true; - - services.logind.lidSwitch = "ignore"; - services.logind.lidSwitchDocked = "ignore"; - - environment.systemPackages = with pkgs; [ - gitAndTools.hub - nix-review - firefox - ag - ]; - - services.openssh.forwardX11 = true; - programs.x2goserver.enable = true; -} diff --git a/lass/1systems/morpheus/physical.nix b/lass/1systems/morpheus/physical.nix deleted file mode 100644 index 6e59a2273..000000000 --- a/lass/1systems/morpheus/physical.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ - imports = [ - ./config.nix - - ]; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.efiSupport = true; - boot.loader.grub.efiInstallAsRemovable = true; - boot.loader.grub.device = "nodev"; - - networking.hostId = "06442b9a"; - - fileSystems."/" = { - device = "/dev/pool/root"; - fsType = "btrfs"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/1F60-17C6"; - fsType = "vfat"; - }; - - fileSystems."/home" = { - device = "/dev/pool/home"; - fsType = "btrfs"; - }; - - fileSystems."/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["nosuid" "nodev" "noatime"]; - }; - boot.initrd.luks = { - cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - devices.luksroot.device = "/dev/nvme0n1p3"; - }; - - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="f8:59:71:a9:05:65", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="54:e1:ad:4f:06:83", NAME="et0" - ''; -} diff --git a/lass/1systems/red/config.nix b/lass/1systems/red/config.nix deleted file mode 100644 index 3139e94a2..000000000 --- a/lass/1systems/red/config.nix +++ /dev/null @@ -1,28 +0,0 @@ -with import ; -{ config, lib, pkgs, ... }: -let - inherit (import {inherit lib pkgs;}) - servephpBB - ; -in -{ - imports = [ - - - - - - (servephpBB [ "rote-allez-fraktion.de" ]) - ]; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } - ]; - - krebs.build.host = config.krebs.hosts.red; - - services.nginx.enable = true; - environment.systemPackages = [ - pkgs.mk_sql_pair - ]; -} diff --git a/lass/1systems/red/physical.nix b/lass/1systems/red/physical.nix deleted file mode 100644 index b6aa3a894..000000000 --- a/lass/1systems/red/physical.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - imports = [ - ./config.nix - ]; - boot.isContainer = true; - networking.useDHCP = false; -} diff --git a/lass/1systems/uriel/config.nix b/lass/1systems/uriel/config.nix deleted file mode 100644 index c3ce8fced..000000000 --- a/lass/1systems/uriel/config.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ config, pkgs, ... }: - -with builtins; -with import ; -{ - imports = [ - - - - { - # locke config - i18n.defaultLocale ="de_DE.UTF-8"; - time.timeZone = "Europe/Berlin"; - services.xserver.enable = true; - services.xserver.libinput.enable = false; - users.users.locke = { - uid = genid "locke"; - home = "/home/locke"; - group = "users"; - createHome = true; - extraGroups = [ - "audio" - "networkmanager" - ]; - useDefaultShell = true; - isNormalUser = true; - }; - networking.networkmanager.enable = true; - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - environment.systemPackages = with pkgs; [ - pavucontrol - firefox - hexchat - networkmanagerapplet - ]; - services.xserver.desktopManager.xfce = { - enable = true; - }; - } - ]; - - krebs.build.host = config.krebs.hosts.uriel; - nixpkgs.config.allowUnfree = true; -} diff --git a/lass/1systems/uriel/physical.nix b/lass/1systems/uriel/physical.nix deleted file mode 100644 index 82a088643..000000000 --- a/lass/1systems/uriel/physical.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - imports = [ - ./config.nix - ]; - - hardware.enableRedistributableFirmware = true; - boot = { - #kernelParams = [ - # "acpi.brightness_switch_enabled=0" - #]; - #loader.grub.enable = true; - #loader.grub.version = 2; - #loader.grub.device = "/dev/sda"; - - loader.systemd-boot.enable = true; - loader.timeout = 5; - - initrd.luks.devices.luksroot.device = "/dev/sda2"; - initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; - #kernelModules = [ "kvm-intel" "msr" ]; - kernelModules = [ "msr" ]; - }; - fileSystems = { - "/" = { - device = "/dev/pool/root"; - fsType = "ext4"; - }; - - "/bku" = { - device = "/dev/pool/bku"; - fsType = "ext4"; - }; - - "/boot" = { - device = "/dev/sda1"; - }; - "/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["nosuid" "nodev" "noatime"]; - }; - }; - - services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="64:27:37:7d:d8:ae", NAME="wl0" - SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:b8:c8:2e", NAME="et0" - ''; - - services.xserver.synaptics = { - enable = true; - twoFingerScroll = true; - accelFactor = "0.035"; - additionalOptions = '' - Option "FingerHigh" "60" - Option "FingerLow" "60" - ''; - }; -} -- cgit v1.2.3 From 0bd6a8878d6e5c56a8905a709687f04735886c55 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 12:33:33 +0200 Subject: l green-host: use echelon.r instead of morpheus.r --- lass/2configs/green-host.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 355daba9c..4d2a219ec 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -6,12 +6,12 @@ ]; krebs.sync-containers.containers.green = { peers = [ + "echelon" "icarus" + "littleT" + "mors" "shodan" "skynet" - "mors" - "morpheus" - "littleT" "styx" ]; hostIp = "10.233.2.15"; -- cgit v1.2.3 From 2b0d7851048b208fdbcdd2d854beb2ab9d68155f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 12:33:48 +0200 Subject: l green-host: prune backups --- lass/2configs/green-host.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 4d2a219ec..a83ed0544 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -25,5 +25,9 @@ repo = "/var/lib/sync-containers/green/backup"; compression = "auto,lzma"; startAt = "daily"; + prune.keep = { + daily = 7; + weekly = 4; + }; }; } -- cgit v1.2.3 From a1855823dec36034ba3eb7e6350dbd7496d2b93b Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 12:53:02 +0200 Subject: l murmur: pin version, use new nginx options --- lass/2configs/murmur.nix | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/lass/2configs/murmur.nix b/lass/2configs/murmur.nix index 9f325d0af..7cc4051a8 100644 --- a/lass/2configs/murmur.nix +++ b/lass/2configs/murmur.nix @@ -16,7 +16,7 @@ StandardError = lib.mkForce "journal"; }; virtualisation.oci-containers.containers.mumble-web = { - image = "rankenstein/mumble-web"; + image = "rankenstein/mumble-web:0.5"; environment = { MUMBLE_SERVER = "lassul.us:64738"; }; @@ -28,12 +28,9 @@ services.nginx.virtualHosts."mumble.lassul.us" = { enableACME = true; forceSSL = true; - locations."/".extraConfig = '' - proxy_pass http://localhost:64739/; - proxy_set_header Accept-Encoding ""; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - ''; + locations."/" = { + proxyPass = "http://localhost:64739"; + proxyWebsockets = true; + }; }; } -- cgit v1.2.3 From 60fe1fed15a1759b9bc7c14ea9d39c9cb13b7855 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 13:24:04 +0200 Subject: l klem module: reference grep directly --- lass/3modules/klem.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/3modules/klem.nix b/lass/3modules/klem.nix index a297adcd1..8536d967d 100644 --- a/lass/3modules/klem.nix +++ b/lass/3modules/klem.nix @@ -38,7 +38,7 @@ in { # match filetype against patterns ${concatMapStringsSep "\n" (script: '' ${pkgs.xclip}/bin/xclip -selection clipboard -target TARGETS -out \ - | grep -q '${script.target}' + | ${pkgs.gnugrep}/bin/grep -q '${script.target}' if [ $? -eq 0 ]; then labels="$labels:${script.label}" fi -- cgit v1.2.3 From 4c15270e18861dd84036d776dd3143a74f7ea9b2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 16:54:23 +0200 Subject: l prism.r: remove ts3 server --- lass/1systems/prism/config.nix | 1 - lass/2configs/ts3.nix | 19 ------------------- 2 files changed, 20 deletions(-) delete mode 100644 lass/2configs/ts3.nix diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index d43fb804a..356b8d182 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -112,7 +112,6 @@ with import ; }; } - diff --git a/lass/2configs/ts3.nix b/lass/2configs/ts3.nix deleted file mode 100644 index d0cfdf478..000000000 --- a/lass/2configs/ts3.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, ... }: - -{ - services.teamspeak3 = { - enable = true; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - #voice port - { predicate = "-p tcp --dport 9987"; target = "ACCEPT"; } - { predicate = "-p udp --dport 9987"; target = "ACCEPT"; } - ##file transfer port - { predicate = "-p tcp --dport 30033"; target = "ACCEPT"; } - { predicate = "-p udp --dport 30033"; target = "ACCEPT"; } - ##query port - #{ predicate = "-p tcp --dport 10011"; target = "ACCEPT"; } - #{ predicate = "-p udp --dport 10011"; target = "ACCEPT"; } - ]; -} -- cgit v1.2.3 From 566951d3f0aa9fcc64df3ef5d7bf1fcf0eff04ab Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 16:58:08 +0200 Subject: l prism.r: fix mdmonitor service error --- lass/1systems/prism/config.nix | 10 --------- lass/1systems/prism/physical.nix | 6 ++++++ lass/2configs/bepasty.nix | 44 ---------------------------------------- 3 files changed, 6 insertions(+), 54 deletions(-) delete mode 100644 lass/2configs/bepasty.nix diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 356b8d182..45f9ae00e 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -123,16 +123,6 @@ with import ; - { # quasi bepasty.nix - imports = [ - - ]; - krebs.bepasty.servers."paste.r".nginx.extraConfig = '' - if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) { - return 403; - } - ''; - } { services.tor = { enable = true; diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix index 1a3bee850..26ecd1cda 100644 --- a/lass/1systems/prism/physical.nix +++ b/lass/1systems/prism/physical.nix @@ -65,6 +65,12 @@ fsType = "ext4"; }; + # silence mdmonitor.service failures + # https://github.com/NixOS/nixpkgs/issues/72394 + environment.etc."mdadm.conf".text = '' + MAILADDR root + ''; + nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; diff --git a/lass/2configs/bepasty.nix b/lass/2configs/bepasty.nix deleted file mode 100644 index 9bd416c05..000000000 --- a/lass/2configs/bepasty.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, pkgs, ... }: -with import ; - -# secrets used: -# wildcard.krebsco.de.crt -# wildcard.krebsco.de.key -# bepasty-secret.nix <- contains single string - -with import ; -let - secKey = import ; - ext-doms = [ - "paste.lassul.us" - "paste.krebsco.de" - ]; -in { - - services.nginx.enable = mkDefault true; - krebs.bepasty = { - enable = true; - serveNginx= true; - - servers = { - "paste.r" = { - nginx = { - serverAliases = [ - "paste.${config.krebs.build.host.name}" - "paste.r" - ]; - }; - defaultPermissions = "admin,list,create,read,delete"; - secretKey = secKey; - }; - } // - genAttrs ext-doms (ext-dom: { - nginx = { - forceSSL = true; - enableACME = true; - }; - defaultPermissions = "read,create"; - secretKey = secKey; - }); - }; -} -- cgit v1.2.3 From 4fa8f74fc049e6856cb0f9cedbba3ca26ca1e695 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 18:25:11 +0200 Subject: solanum: use upstream service --- krebs/2configs/ircd.nix | 6 +-- krebs/3modules/default.nix | 1 - krebs/3modules/solanum.nix | 104 --------------------------------------------- 3 files changed, 3 insertions(+), 108 deletions(-) delete mode 100644 krebs/3modules/solanum.nix diff --git a/krebs/2configs/ircd.nix b/krebs/2configs/ircd.nix index d26aa5962..904878731 100644 --- a/krebs/2configs/ircd.nix +++ b/krebs/2configs/ircd.nix @@ -1,13 +1,13 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: { networking.firewall.allowedTCPPorts = [ 6667 6669 ]; - systemd.services.solanum.serviceConfig.LimitNOFILE = 16384; + systemd.services.solanum.serviceConfig.LimitNOFILE = lib.mkForce 16384; - krebs.solanum = { + services.solanum = { enable = true; motd = '' hello diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 149995a23..24b17487b 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -50,7 +50,6 @@ let ./secret.nix ./setuid.nix ./shadow.nix - ./solanum.nix ./sync-containers.nix ./tinc.nix ./tinc_graphs.nix diff --git a/krebs/3modules/solanum.nix b/krebs/3modules/solanum.nix deleted file mode 100644 index 9094d1003..000000000 --- a/krebs/3modules/solanum.nix +++ /dev/null @@ -1,104 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkEnableOption mkIf mkOption singleton types; - inherit (pkgs) coreutils solanum; - cfg = config.krebs.solanum; - - configFile = pkgs.writeText "solanum.conf" '' - ${cfg.config} - ''; -in - -{ - - ###### interface - - options = { - - krebs.solanum = { - - enable = mkEnableOption "Solanum IRC daemon"; - - config = mkOption { - type = types.str; - description = '' - Solanum IRC daemon configuration file. - ''; - }; - - statedir = mkOption { - type = types.path; - default = "/var/lib/solanum"; - description = '' - Location of the state directory of solanum. - ''; - }; - - user = mkOption { - type = types.str; - default = "ircd"; - description = '' - Solanum IRC daemon user. - ''; - }; - - group = mkOption { - type = types.str; - default = "ircd"; - description = '' - Solanum IRC daemon group. - ''; - }; - - motd = mkOption { - type = types.nullOr types.lines; - default = null; - description = '' - Solanum MOTD text. - - Solanum will read its MOTD from /etc/solanum/ircd.motd . - If set, the value of this option will be written to this path. - ''; - }; - - }; - - }; - - - ###### implementation - - config = mkIf cfg.enable (lib.mkMerge [ - { - users.users.${cfg.user} = { - description = "Solanum IRC daemon user"; - uid = config.ids.uids.ircd; - group = cfg.group; - }; - - users.groups.${cfg.group} = { - gid = config.ids.gids.ircd; - }; - - systemd.tmpfiles.rules = [ - "d ${cfg.statedir} - ${cfg.user} ${cfg.group} - -" - ]; - - systemd.services.solanum = { - description = "Solanum IRC daemon"; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${solanum}/bin/solanum -foreground -logfile /dev/stdout -configfile ${configFile} -pidfile ${cfg.statedir}/ircd.pid"; - Group = cfg.group; - User = cfg.user; - }; - }; - - } - - (mkIf (cfg.motd != null) { - environment.etc."solanum/ircd.motd".text = cfg.motd; - }) - ]); -} -- cgit v1.2.3 From 6e61a2d9fca6cf8d13f5e9be9345dfe861b9022e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 18:27:58 +0200 Subject: sync-containers module: make chmod failsafe --- krebs/3modules/sync-containers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/sync-containers.nix b/krebs/3modules/sync-containers.nix index fcfaf1dd0..e47f9a3a7 100644 --- a/krebs/3modules/sync-containers.nix +++ b/krebs/3modules/sync-containers.nix @@ -94,7 +94,7 @@ in { programs.fuse.userAllowOther = true; # allow syncthing to enter /var/lib/containers system.activationScripts.containers-enter = mkDefault '' - ${pkgs.coreutils}/bin/chmod a+x /var/lib/containers + ${pkgs.coreutils}/bin/chmod a+x /var/lib/containers || : ''; services.syncthing.declarative.folders = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({ -- cgit v1.2.3 From 9a74f25e56b940748950eab0d8b1e0bc95d5f95d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 19:53:43 +0200 Subject: l mpv: use yt-dlp --- lass/2configs/mpv.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index 210551a62..854af3eb5 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -80,7 +80,12 @@ let name = "mpv"; paths = [ (pkgs.writeDashBin "mpv" '' - exec ${pkgs.mpv}/bin/mpv -vo=gpu --no-config --script=${autosub} "$@" + exec ${pkgs.mpv}/bin/mpv \ + -vo=gpu \ + --no-config \ + --script=${autosub} \ + --script-opts=ytdl_hook-ytdl_path=${pkgs.yt-dlp}/bin/yt-dlp \ + "$@" '') pkgs.mpv ]; -- cgit v1.2.3 From d8f72378dcbc925b0256e103828baa9ee186cce7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 19:58:34 +0200 Subject: l domsen: add roundcube at mail.lassul.us --- krebs/3modules/lass/default.nix | 1 + lass/2configs/websites/domsen.nix | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 428691841..95669c243 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -48,6 +48,7 @@ in { jitsi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} mumble 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + mail 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 40f67537e..c67451eac 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -117,6 +117,13 @@ in { # workaround for android 7 security.acme.certs."lassul.us".keyType = "rsa4096"; + services.roundcube = { + enable = true; + hostName = "mail.lassul.us"; + extraConfig = '' + $config['smtp_port'] = 25; + ''; + }; services.dovecot2 = { enable = true; mailLocation = "maildir:~/Mail"; -- cgit v1.2.3 From 2e9b241e868c17a3b29d782960d24437fd9bee2a Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:05:08 +0200 Subject: l domsen: use default php --- lass/2configs/websites/domsen.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index c67451eac..c434955b8 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -82,7 +82,6 @@ in { "o_ubikmedia_de" ]; - services.phpfpm.phpPackage = pkgs.php73; services.phpfpm.phpOptions = '' sendmail_path = ${sendmail} -t upload_max_filesize = 100M -- cgit v1.2.3 From 6300cb0166a87311fbe6683cd840daa8f2ad3a8e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:08:16 +0200 Subject: l domsen: fix exim authenticator permissions --- lass/2configs/websites/domsen.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index c434955b8..3bb9ad4f8 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -144,7 +144,7 @@ in { driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" - server_condition = ''${run{${config.lass.usershadow.path}/bin/verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}} + server_condition = ''${run{/run/wrappers/bin/shadow_verify_arg ${config.lass.usershadow.pattern} $auth1 $auth2}{yes}{no}} ''; internet-aliases = [ { from = "dma@ubikmedia.de"; to = "domsen"; } -- cgit v1.2.3 From 3bde0ed639ed6661f1e4e7fba07a172c8db855dd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:09:20 +0200 Subject: l domsen: add line user --- lass/2configs/websites/domsen.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 3bb9ad4f8..3f055e370 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -323,6 +323,15 @@ in { isNormalUser = true; }; + users.users.line = { + uid = genid_uint31 "line"; + home = "/home/line"; + useDefaultShell = true; + # extraGroups = [ "xanf" ]; + createHome = true; + isNormalUser = true; + }; + users.groups.xanf = {}; krebs.on-failure.plans.restic-backups-domsen = { -- cgit v1.2.3 From 0f9c6ee7383c52922b9f7ce06b2360806d9de045 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:09:51 +0200 Subject: news.r, puyak.r: use dynamic tinc port --- krebs/3modules/krebs/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index c05409fe9..ec499d63d 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -105,6 +105,7 @@ in { "go.r" "rss.r" ]; + tinc.port = 0; tinc.pubkey = '' -----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc @@ -165,6 +166,7 @@ in { "build.puyak.r" "cgit.puyak.r" ]; + tinc.port = 0; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAwwDvaVKSJmAi1fpbsmjLz1DQVTgqnx56GkHKbz5sHwAfPVQej955 -- cgit v1.2.3 From 9fc5849786a82c4cd5bec695d6f9086237a597df Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:15:45 +0200 Subject: pkgs.htgen-cyberlocker: fix erronous response --- krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker b/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker index ab9c4e8e3..5ca0ddd3e 100644 --- a/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker +++ b/krebs/5pkgs/simple/htgen-cyberlocker/src/htgen-cyberlocker @@ -1,3 +1,10 @@ +emptyok_response() {( + printf "HTTP/1.1 204 OK\r\n" + printf 'Connection: close\r\n' + printf 'Server: %s\r\n' "$Server" + printf '\r\n' +)} + delete_response() { jq -n -r \ --arg server "$Server" \ @@ -44,7 +51,10 @@ read_uri() { } uri=$(read_uri "$Request_URI") -path=$(jq -nr --argjson uri "$uri" '$uri.path') +path=$(jq -nr --argjson uri "$uri" ' + $uri.path | + gsub("/+"; "/") +') case "$Method $path" in 'POST /'*|'PUT /'*) @@ -57,6 +67,8 @@ case "$Method $path" in mkdir -v -p $STATEDIR/items >&2 cp -v $content $item >&2 + + emptyok_response exit ;; 'GET /'*) -- cgit v1.2.3 From 6ad567a18ed27b8c07bd79e045ac082f1dfe148e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:17:32 +0200 Subject: pkgs.nomads-cloud: put tmpfiles into tmpdir --- krebs/5pkgs/simple/nomads-cloud/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/krebs/5pkgs/simple/nomads-cloud/default.nix b/krebs/5pkgs/simple/nomads-cloud/default.nix index 97cf10d1f..cc9e7a964 100644 --- a/krebs/5pkgs/simple/nomads-cloud/default.nix +++ b/krebs/5pkgs/simple/nomads-cloud/default.nix @@ -1,10 +1,10 @@ { writers, coreutils, grib2json, curl, jq, findutils, imagemagick }: writers.writeDashBin "nomads-cloud" '' prefix=$(mktemp -d) - grib_path=$prefix.grib - json_path=$prefix.json - pgm_path=$prefix.pgm - png_path="$1" + grib_path=$prefix/clouds.grib + json_path=$prefix/clouds.json + pgm_path=$prefix/clouds.pgm + png_path=$1 mkdir -p "$prefix" -- cgit v1.2.3 From ee50871bd10676e26b280084417bcbc9963ffe70 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 20:34:17 +0200 Subject: l coaxmetal.r: force only git.ref --- lass/1systems/coaxmetal/source.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lass/1systems/coaxmetal/source.nix b/lass/1systems/coaxmetal/source.nix index 7f335ec05..abbf26c75 100644 --- a/lass/1systems/coaxmetal/source.nix +++ b/lass/1systems/coaxmetal/source.nix @@ -1,7 +1,7 @@ { lib, pkgs, test, ... }: let npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json; in { - nixpkgs = lib.mkForce (if test then { derivation = let + nixpkgs = (if test then lib.mkForce ({ derivation = let rev = npkgs.rev; sha256 = npkgs.sha256; in '' @@ -15,7 +15,7 @@ in { rev = "${rev}"; sha256 = "${sha256}"; } - ''; } else { - git.ref = npkgs.rev; + ''; }) else { + git.ref = lib.mkForce npkgs.rev; }); } -- cgit v1.2.3 From ff39fb0d1f436e1587c71ffa1feb462fd4d784e6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 21:35:54 +0200 Subject: l echelon.r: import green-host --- lass/1systems/coaxmetal/config.nix | 2 +- lass/1systems/echelon/config.nix | 3 +++ lass/2configs/prism-mounts/samba.nix | 15 +++++++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 lass/2configs/prism-mounts/samba.nix diff --git a/lass/1systems/coaxmetal/config.nix b/lass/1systems/coaxmetal/config.nix index 227c5e1e9..0e6bddf5e 100644 --- a/lass/1systems/coaxmetal/config.nix +++ b/lass/1systems/coaxmetal/config.nix @@ -16,7 +16,7 @@ - # + diff --git a/lass/1systems/echelon/config.nix b/lass/1systems/echelon/config.nix index 9e72916b3..eacdff782 100644 --- a/lass/1systems/echelon/config.nix +++ b/lass/1systems/echelon/config.nix @@ -5,10 +5,13 @@ + + ]; krebs.build.host = config.krebs.hosts.echelon; boot.tmpOnTmpfs = true; + } diff --git a/lass/2configs/prism-mounts/samba.nix b/lass/2configs/prism-mounts/samba.nix new file mode 100644 index 000000000..4b1475ef3 --- /dev/null +++ b/lass/2configs/prism-mounts/samba.nix @@ -0,0 +1,15 @@ +{ + fileSystems."/mnt/prism" = { + device = "//prism.r/public"; + fsType = "cifs"; + options = [ + "guest" + "nofail" + "noauto" + "ro" + "x-systemd.automount" + "x-systemd.device-timeout=1" + "x-systemd.idle-timeout=1min" + ]; + }; + } -- cgit v1.2.3 From 4596a2840b6a5c04acd4c2aa05280e425074c34e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 24 Oct 2021 22:15:02 +0200 Subject: l pass: add remote unlock command --- lass/2configs/pass.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lass/2configs/pass.nix b/lass/2configs/pass.nix index 48070ea06..8ec3ac092 100644 --- a/lass/2configs/pass.nix +++ b/lass/2configs/pass.nix @@ -4,7 +4,15 @@ users.users.mainUser.packages = with pkgs; [ (pass.withExtensions (ext: [ ext.pass-otp ])) gnupg + (pkgs.writers.writeDashBin "unlock" '' + set -efu + HOST=$1 + + pw=$(pass show "admin/$HOST/luks") + torify sshn root@$(pass "hosts/$HOST/initrd/hostname") "echo $pw > /crypt-ramfs/passphrase" + '') ]; programs.gnupg.agent.enable = true; + } -- cgit v1.2.3 From 703cdd24b2680f7ea3204cc3bed6bfe68ed006ce Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:03:15 +0200 Subject: l blue: remove chat stuff --- lass/2configs/blue.nix | 37 ------------------------------------- 1 file changed, 37 deletions(-) diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix index 15408a200..7890743bf 100644 --- a/lass/2configs/blue.nix +++ b/lass/2configs/blue.nix @@ -30,43 +30,6 @@ with (import ); { predicate = "-i wiregrill -p tcp --dport imap"; target = "ACCEPT";} ]; - systemd.services.chat = let - tmux = pkgs.writeDash "tmux" '' - exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" '' - set-option -g prefix ` - unbind-key C-b - bind ` send-prefix - - set-option -g status off - set-option -g default-terminal screen-256color - - #use session instead of windows - bind-key c new-session - bind-key p switch-client -p - bind-key n switch-client -n - bind-key C-s switch-client -l - ''} "$@" - ''; - in { - description = "chat environment setup"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - - restartIfChanged = false; - - path = [ - pkgs.rxvt_unicode.terminfo - ]; - - serviceConfig = { - User = "lass"; - RemainAfterExit = true; - Type = "oneshot"; - ExecStart = "${tmux} -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat"; - ExecStop = "${tmux} kill-session -t IM"; - }; - }; - services.dovecot2 = { enable = true; mailLocation = "maildir:~/Maildir"; -- cgit v1.2.3 From 128b2a228479de5cf8c1c2f8f9c0a5a662f85db1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:20:51 +0200 Subject: l IM: add weechat to system PATH --- lass/2configs/IM.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/IM.nix b/lass/2configs/IM.nix index 5108f6bc1..5b8cebf5c 100644 --- a/lass/2configs/IM.nix +++ b/lass/2configs/IM.nix @@ -30,7 +30,7 @@ in { imports = [ ./bitlbee.nix ]; - environment.systemPackages = [ tmux ]; + environment.systemPackages = [ tmux weechat ]; systemd.services.chat = { description = "chat environment setup"; after = [ "network.target" ]; -- cgit v1.2.3 From 64387bbb9a3f41b5b0c0951c9e70b2d57227e1b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:21:41 +0200 Subject: l binary-cache: set priority behind cache.nixos.org --- lass/2configs/binary-cache/server.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index 101dd045f..baa891821 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -29,6 +29,13 @@ locations."/".extraConfig = '' proxy_pass http://localhost:${toString config.services.nix-serve.port}; ''; + locations."= /nix-cache-info".extraConfig = '' + alias ${pkgs.writeText "cache-info" '' + StoreDir: /nix/store + WantMassQuery: 1 + Priority: 42 + ''}; + ''; }; virtualHosts."cache.krebsco.de" = { forceSSL = true; -- cgit v1.2.3 From 11d70bd4bf722beb805a3bbdff92a358b1d29898 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:22:12 +0200 Subject: l blue: remove more legacy stuff --- lass/2configs/blue.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/lass/2configs/blue.nix b/lass/2configs/blue.nix index 7890743bf..28c7d640d 100644 --- a/lass/2configs/blue.nix +++ b/lass/2configs/blue.nix @@ -2,16 +2,13 @@ with (import ); { config, lib, pkgs, ... }: { - imports = [ - ./bitlbee.nix ./mail.nix ./pass.nix ]; environment.systemPackages = with pkgs; [ ag - brain dic nmap git-preview -- cgit v1.2.3 From 0442dacdb75099c639191521f926d349aea16a45 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:23:03 +0200 Subject: l: deprecate mors key --- lass/2configs/default.nix | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 1bcfb162c..5a9428322 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -19,10 +19,9 @@ with import ; users.extraUsers = { root = { openssh.authorizedKeys.keys = [ - config.krebs.users.lass-mors.pubkey + config.krebs.users.lass.pubkey config.krebs.users.lass-blue.pubkey config.krebs.users.lass-green.pubkey - config.krebs.users.lass-yubikey.pubkey ]; }; mainUser = { @@ -35,25 +34,17 @@ with import ; isNormalUser = true; extraGroups = [ "audio" + "video" "fuse" "wheel" ]; openssh.authorizedKeys.keys = [ - config.krebs.users.lass-mors.pubkey + config.krebs.users.lass.pubkey config.krebs.users.lass-blue.pubkey config.krebs.users.lass-green.pubkey - config.krebs.users.lass-yubikey.pubkey - ]; - }; - nix = { - isNormalUser = true; - uid = genid_uint31 "nix"; - openssh.authorizedKeys.keys = [ - config.krebs.hosts.mors.ssh.pubkey ]; }; }; - nix.trustedUsers = ["nix"]; } { environment.variables = { -- cgit v1.2.3 From e99594d695e905eddc658fdd1b36c5e9efd578c8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:25:40 +0200 Subject: l: use python3 for sshuttle --- lass/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 5a9428322..bfade92c4 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -61,7 +61,7 @@ with import ; { #for sshuttle environment.systemPackages = [ - pkgs.pythonPackages.python + pkgs.python3Packages.python ]; } ]; -- cgit v1.2.3 From 693af05562003ba154accba30b989615fe13e68d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:26:05 +0200 Subject: l: add some pkgs --- lass/2configs/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index bfade92c4..c4cedc086 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -91,6 +91,7 @@ with import ; #stockholm deploy git + git-preview gnumake jq @@ -115,6 +116,7 @@ with import ; file hashPassword kpaste + cyberlocker-tools pciutils pop q -- cgit v1.2.3 From e3740cb6b4ae61c7bbbc151fedb9e5aa8edd1acd Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:26:22 +0200 Subject: l: make journald storage persistent --- lass/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index c4cedc086..f3eb774cd 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -178,6 +178,7 @@ with import ; services.journald.extraConfig = '' SystemMaxUse=1G RuntimeMaxUse=128M + Storage=persistent ''; krebs.iptables = { -- cgit v1.2.3 From 12046d150162bf1c111a0ea858cd67a5017221e6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 16:26:30 +0200 Subject: l: set default timezone --- lass/2configs/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index f3eb774cd..91922e5c9 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -217,5 +217,7 @@ with import ; # use 24:00 time format, the default got sneakily changed around 20.03 i18n.defaultLocale = mkDefault "C.UTF-8"; + time.timeZone = mkDefault"Europe/Berlin"; + system.stateVersion = mkDefault "20.03"; } -- cgit v1.2.3 From 3a7c33394328108cc9159de89367a90701fcbc80 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 19:52:54 +0200 Subject: l green.r: add brain repo --- lass/1systems/green/config.nix | 9 +++++++ lass/2configs/git-brain.nix | 57 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 lass/2configs/git-brain.nix diff --git a/lass/1systems/green/config.nix b/lass/1systems/green/config.nix index d7bf62b40..b41e396c9 100644 --- a/lass/1systems/green/config.nix +++ b/lass/1systems/green/config.nix @@ -17,6 +17,8 @@ with import ; + + ]; krebs.build.host = config.krebs.hosts.green; @@ -68,6 +70,13 @@ with import ; ]; clearTarget = true; }; + "/var/lib/git" = { + source = "/var/state/git"; + options = [ + "-M ${toString config.users.users.git.uid}" + ]; + clearTarget = true; + }; }; systemd.services."bindfs-_home_lass_Maildir".serviceConfig.ExecStartPost = pkgs.writeDash "symlink-notmuch" '' diff --git a/lass/2configs/git-brain.nix b/lass/2configs/git-brain.nix new file mode 100644 index 000000000..1c6f92fcd --- /dev/null +++ b/lass/2configs/git-brain.nix @@ -0,0 +1,57 @@ +{ config, lib, pkgs, ... }: +with import ; +let + + repos = krebs-repos; + rules = concatMap krebs-rules (attrValues krebs-repos); + + krebs-repos = mapAttrs make-krebs-repo { + brain = { }; + krebs-secrets = { }; + }; + + + make-krebs-repo = with git; name: { cgit ? {}, ... }: { + inherit cgit name; + public = false; + hooks = { + post-receive = pkgs.git-hooks.irc-announce { + nick = config.networking.hostName; + verbose = true; + channel = "#xxx"; + # TODO remove the hardcoded hostname + server = "irc.r"; + }; + }; + }; + + + + # TODO: get the list of all krebsministers + krebsminister = with config.krebs.users; [ makefu tv ]; + krebs-rules = repo: + set-owners repo [ config.krebs.users.lass ] ++ set-ro-access repo krebsminister; + + set-ro-access = with git; repo: user: + singleton { + inherit user; + repo = [ repo ]; + perm = fetch; + }; + + set-owners = with git;repo: user: + singleton { + inherit user; + repo = [ repo ]; + perm = push "refs/*" [ non-fast-forward create delete merge ]; + }; + +in { + krebs.git = { + enable = true; + cgit = { + enable = false; + }; + inherit repos rules; + }; +} -- cgit v1.2.3 From ae9b7488fa5af6233a38a52bf53fc3c0e2da6532 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 19:56:30 +0200 Subject: l radio: add controls page --- lass/2configs/radio.nix | 83 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index b1e1ed4d9..4a061244d 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -356,6 +356,89 @@ in { locations."= /good".extraConfig = '' proxy_pass http://localhost:8001; ''; + locations."= /controls".extraConfig = '' + default_type "text/html"; + alias ${pkgs.writeText "controls.html" '' + + + + + + + + The_Playlist Voting! + + + + + +
+ + + +
+ Currently Running:
+ +
+
+
+ +
+ + + + + ''}; + ''; extraConfig = '' add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; -- cgit v1.2.3 From 9bc7f5d7d537e86ec5ea1a89be23a9614fb47caf Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:02:09 +0200 Subject: l radio: use hackint irc server --- lass/2configs/radio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 4a061244d..501251d13 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -454,7 +454,7 @@ in {
- +
-- cgit v1.2.3 From c6cfd582ec1c3ef21ddc63a1edef6d6b9d4cdcbe Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:03:42 +0200 Subject: l exim-smarthost: add green & coaxmetal to sender hosts --- lass/2configs/exim-smarthost.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index b677fe455..cb9abd43a 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -19,8 +19,10 @@ in { "lassul.us" ]; relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [ - config.krebs.hosts.mors config.krebs.hosts.blue + config.krebs.hosts.coaxmetal + config.krebs.hosts.green + config.krebs.hosts.mors config.krebs.hosts.xerxes ]; internet-aliases = map (from: { inherit from to; }) mails; -- cgit v1.2.3 From dd9dc0e71a6a252a7dd2827bba253865b9948447 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:04:06 +0200 Subject: l: add tmux config --- lass/2configs/baseX.nix | 1 + lass/2configs/tmux.nix | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 lass/2configs/tmux.nix diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index 23eaa2802..e4d397efc 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -11,6 +11,7 @@ in { ./xdg-open.nix ./yubikey.nix ./pipewire.nix + ./tmux.nix ./xmonad.nix { krebs.per-user.lass.packages = [ diff --git a/lass/2configs/tmux.nix b/lass/2configs/tmux.nix new file mode 100644 index 000000000..c977a1105 --- /dev/null +++ b/lass/2configs/tmux.nix @@ -0,0 +1,46 @@ +with import ; +{ config, pkgs, ... }: + +{ + nixpkgs.config.packageOverrides = super: { + tmux = pkgs.symlinkJoin { + name = "tmux"; + paths = [ + (pkgs.writeDashBin "tmux" '' + exec ${super.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" '' + #change prefix key to ` + set-option -g prefix ` + unbind-key C-b + bind ` send-prefix + + set-option -g default-terminal screen-256color + + #use session instead of windows + bind-key c new-session + bind-key p switch-client -p + bind-key n switch-client -n + bind-key C-s switch-client -l + ''} "$@" + '') + super.tmux + ]; + }; + }; + environment.systemPackages = with pkgs; [ + tmux + ]; + + # programs.bash.interactiveShellInit = '' + # if [[ "$TERM" != "linux" && -z "$TMUX" ]]; then + # if [[ -n "$SSH_AUTH_SOCK" ]]; then + # tmux set-environment -g SSH_AUTH_SOCK "$SSH_AUTH_SOCK" 2>/dev/null + # fi + + # exec tmux -u + # fi + # if [[ "$__host__" != "$HOST" ]]; then + # tmux set -g status-bg colour$(string_hash $HOST 255) + # export __host__=$HOST + # fi + # ''; +} -- cgit v1.2.3 From 88d707576f1e944cedda7e8d7e51e76804982199 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:05:17 +0200 Subject: l fetchWallpaper: use stars-berlin --- lass/2configs/fetchWallpaper.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index 251f886a9..381df494d 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -5,7 +5,7 @@ let in { krebs.fetchWallpaper = { enable = true; - url = "prism/realwallpaper-krebs-stars.png"; + url = "prism/realwallpaper-krebs-stars-berlin.png"; }; } -- cgit v1.2.3 From f25fb4ae80e19e7e5c8a1c54c44da5e598b8bbb4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:15:34 +0200 Subject: l baseX: add some pkgs --- lass/2configs/baseX.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index e4d397efc..124eef2cf 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -62,7 +62,8 @@ in { font-size fzfmenu gimp - gitAndTools.qgit + gitAndTools.hub + git-crypt git-preview gnome3.dconf iodine @@ -86,6 +87,7 @@ in { xorg.xhost xsel zathura + flameshot-once (pkgs.writeDashBin "screenshot" '' set -efu -- cgit v1.2.3 From 300f71ded68ac01b9286b52d813811f417c83280 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:16:00 +0200 Subject: l gc: don't gc in containers --- lass/2configs/gc.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index f9c61c461..224a6cbb9 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -3,7 +3,7 @@ with import ; { nix.gc = { - automatic = ! (elem config.krebs.build.host.name [ "mors" "xerxes" ] || config.boot.isContainer); + automatic = ! (elem config.krebs.build.host.name [ "mors" "xerxes" "coaxmetal" ] || config.boot.isContainer); options = "--delete-older-than 15d"; }; } -- cgit v1.2.3 From 22838aee86af1880f444c582d14e65e12ac31ae3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:22:43 +0200 Subject: l hw x220: remove deprecated cryptoModules --- lass/2configs/hw/x220.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix index 31f9787e0..b2e8892b1 100644 --- a/lass/2configs/hw/x220.nix +++ b/lass/2configs/hw/x220.nix @@ -6,7 +6,6 @@ boot = { initrd.luks.devices.luksroot.device = "/dev/sda3"; - initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ]; extraModulePackages = [ config.boot.kernelPackages.tp_smapi -- cgit v1.2.3 From ff013c82ac83055f3b5460fb67048e3182e938e9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:23:02 +0200 Subject: l hw x220: remove tmpfs on /tmp --- lass/2configs/hw/x220.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/lass/2configs/hw/x220.nix b/lass/2configs/hw/x220.nix index b2e8892b1..cbb5b168d 100644 --- a/lass/2configs/hw/x220.nix +++ b/lass/2configs/hw/x220.nix @@ -35,11 +35,6 @@ fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; - "/tmp" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = ["nosuid" "nodev" "noatime"]; - }; }; services.logind.lidSwitch = "ignore"; -- cgit v1.2.3 From 21a73205b72615156232eb84a4028eeb7dd5220a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:24:13 +0200 Subject: l git: allow pushing via yubi and green only --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index e6aeca5d1..e6c77f64b 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -189,7 +189,7 @@ let with git // config.krebs.users; repo: singleton { - user = [ lass lass-mors lass-blue lass-yubikey ]; + user = [ lass lass-green ]; repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ -- cgit v1.2.3 From 43b2c9368e63d79a1305002515d00d6ef12651bd Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:24:50 +0200 Subject: l muchsync: add coaxmetal.r to synced hosts --- lass/2configs/muchsync.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/muchsync.nix b/lass/2configs/muchsync.nix index b09bf579b..392970dbd 100644 --- a/lass/2configs/muchsync.nix +++ b/lass/2configs/muchsync.nix @@ -4,6 +4,7 @@ with (import ); { systemd.services.muchsync = let hosts = [ + "coaxmetal.r" "mors.r" "green.r" "blue.r" -- cgit v1.2.3 From 25fcc33c61d52297b83940943113123a46f1d1e7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:25:19 +0200 Subject: l pipewire: add pkgs.ponymix to PATH --- lass/2configs/pipewire.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/pipewire.nix b/lass/2configs/pipewire.nix index 8fdcff4e3..c21ab5d9c 100644 --- a/lass/2configs/pipewire.nix +++ b/lass/2configs/pipewire.nix @@ -16,6 +16,7 @@ environment.systemPackages = with pkgs; [ alsaUtils pulseaudioLight + ponymix ]; environment.variables.PULSE_SERVER = "localhost:4713"; @@ -26,6 +27,7 @@ alsa.support32Bit = true; pulse.enable = true; jack.enable = true; + # https://gitlab.freedesktop.org/pipewire/pipewire/-/wikis/Migrate-PulseAudio#module-native-protocol-tcp config.pipewire-pulse = { "context.properties" = { -- cgit v1.2.3 From 42202f6bb4bf2b1640e8f7c3c3e242b32704ffde Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:27:26 +0200 Subject: l vim: fix mouse in alacritty --- lass/2configs/vim.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 6c730efdd..36ce3d74c 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -23,6 +23,7 @@ let set directory=${dirs.swapdir}// set hlsearch set incsearch + set ttymouse=sgr set mouse=a set ruler set pastetoggle= -- cgit v1.2.3 From 2dcbc9027ee66d5d0324cddd8c396704c74e8e9a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:28:06 +0200 Subject: l zsh: remove default aliases --- lass/2configs/zsh.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix index e65cdd97d..6571461ca 100644 --- a/lass/2configs/zsh.nix +++ b/lass/2configs/zsh.nix @@ -58,7 +58,6 @@ rev = "a75fca8545f91abb8a5f802981033ef54bf1eac0"; sha256="1lzj0qnj89mzh76ha137mnz2hf86k278rh0y9x124ghxj9yqsnb4"; }}/LS_COLORS) - alias ls='ls --color' zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS} #emacs bindings @@ -66,12 +65,6 @@ bindkey "[8~" end-of-line bindkey "Oc" emacs-forward-word bindkey "Od" emacs-backward-word - - #aliases - alias ll='ls -l' - alias la='ls -la' - - #fancy window title magic ''; promptInit = '' # TODO: figure out why we need to set this here -- cgit v1.2.3 From 64b3606044c17815636213813777b139d3fedde7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 20:37:08 +0200 Subject: l reaktor-coders: remove lambdabot stuff --- lass/2configs/reaktor-coders.nix | 37 ------------------------------------- 1 file changed, 37 deletions(-) diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 7fd6a2a29..457d5b6c7 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -27,43 +27,6 @@ in { hooks.PRIVMSG = [ hooks.sed hooks.url-title - { - activate = "match"; - pattern = ''^@([^ ]+) (.*)$''; - command = 1; - arguments = [2]; - env.HOME = config.krebs.reaktor2.coders.stateDir; - commands = let - lambdabot = (import (pkgs.fetchFromGitHub { - owner = "NixOS"; repo = "nixpkgs"; - rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac"; - sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy"; - }) {}).lambdabot; - lambdabotWrapper = pkgs.writeDash "lambdabot.wrapper" '' - exec ${lambdabot}/bin/lambdabot \ - -XStandaloneDeriving -XGADTs -XFlexibleContexts \ - -XFlexibleInstances -XMultiParamTypeClasses \ - -XOverloadedStrings -XFunctionalDependencies \ - -e "$@" - ''; - in { - pl.filename = pkgs.writeDash "lambdabot-pl" '' - ${lambdabotWrapper} "@pl $1" - ''; - type.filename = pkgs.writeDash "lambdabot-type" '' - ${lambdabotWrapper} "@type $1" - ''; - "let".filename = pkgs.writeDash "lambdabot-let" '' - ${lambdabotWrapper} "@let $1" - ''; - run.filename = pkgs.writeDash "lambdabot-run" '' - ${lambdabotWrapper} "@run $1" - ''; - kind.filename = pkgs.writeDash "lambdabot-kind" '' - ${lambdabotWrapper} "@kind $1" - ''; - }; - } { activate = "match"; pattern = ''^!([^ ]+)(?:\s*(.*))?''; -- cgit v1.2.3 From a04eb31e7b59d992eb006453a88698346337f897 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 25 Oct 2021 23:13:08 +0200 Subject: l sshify: add usage --- lass/5pkgs/sshify/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/5pkgs/sshify/default.nix b/lass/5pkgs/sshify/default.nix index aba0ab6bb..445b9b4aa 100644 --- a/lass/5pkgs/sshify/default.nix +++ b/lass/5pkgs/sshify/default.nix @@ -1,4 +1,5 @@ { pkgs }: +# usage: sshify prism.r -- curl ifconfig.me pkgs.writers.writeBashBin "sshify" '' set -efu -- cgit v1.2.3 From e35b2c6fc4881f5ce30843f614b74ffb3c1bd9c7 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 26 Oct 2021 13:54:47 +0200 Subject: krops: 1.25.0 -> 1.26.0 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index cccebf3ff..6ef8900af 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit cccebf3ff7a53336b3f106cb96dddd5892d427ed +Subproject commit 6ef8900af4bca2901f00c718e3ac8ba457348451 -- cgit v1.2.3 From 2245c818a4d8086c302c73360f948e226678a640 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 26 Oct 2021 14:51:42 +0200 Subject: tv elm-package-proxy /all-packages/since/*: order! --- tv/2configs/elm-packages-proxy.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix index 1df8c7b70..caea18802 100644 --- a/tv/2configs/elm-packages-proxy.nix +++ b/tv/2configs/elm-packages-proxy.nix @@ -274,7 +274,7 @@ in { select(.!="") | sub("^\\./(?[^/]+)/(?[^/]+)/(?[^/]+)$";"\(.author)/\(.pname)@\(.version)") ) | - sort_by(split("@") | [.[0]]+(.[1]|split("."))) | + sort_by(split("@") | [.[0]]+(.[1]|split(".")|map(tonumber))) | reverse ' } | -- cgit v1.2.3 From 689de0502288f5e675e8408f3432a1b0d8a61b8c Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 26 Oct 2021 19:38:22 +0200 Subject: krops: 1.26.0 -> 1.26.1 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 6ef8900af..05f0d3b5c 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 6ef8900af4bca2901f00c718e3ac8ba457348451 +Subproject commit 05f0d3b5c1d38fbbd53142362a7821cc8bc1150a -- cgit v1.2.3 From fdbfd2d4eca520ddee23fe76c702a4d38021d00b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Oct 2021 21:00:22 +0200 Subject: l krops: use fancy deploy --- lass/krops.nix | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/lass/krops.nix b/lass/krops.nix index fe5c00f3d..769112706 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -33,9 +33,23 @@ in { - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) - deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" { + deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" { + command = targetPath: '' + + set -fu + + outDir=$(mktemp -d) + trap "rm -rf $outDir;" INT TERM EXIT + + nix build \ + -I "${targetPath}" \ + -f '' config.system.build.toplevel \ + -o "$outDir/out" + + $outDir/out/bin/switch-to-configuration switch + ''; source = source { test = false; }; + allocateTTY = true; inherit target; }; -- cgit v1.2.3 From 98cc766ab53b29d34867023bd7d8855c325c43e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Oct 2021 21:01:00 +0200 Subject: l: add some helper tools --- lass/2configs/programs.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/lass/2configs/programs.nix b/lass/2configs/programs.nix index 241d263f8..0a4b4fd9b 100644 --- a/lass/2configs/programs.nix +++ b/lass/2configs/programs.nix @@ -13,9 +13,23 @@ pv pwgen remmina + ripgrep silver-searcher + transmission wget xsel youtube-dl + (pkgs.writeDashBin "tether-on" '' + adb shell svc usb setFunctions rndis + '') + (pkgs.writeDashBin "tether-off" '' + adb shell svc usb setFunctions + '') + (pkgs.writeDashBin "dl-movie" '' + ${pkgs.transmission}/bin/transmission-remote yellow.r -w /var/download/finished/sorted/movies -a "$@" + '') + (pkgs.writeDashBin "dl-series" '' + ${pkgs.transmission}/bin/transmission-remote yellow.r -w /var/download/finished/sorted/series -a "$@" + '') ]; } -- cgit v1.2.3 From 71ded757b3c8fb6066966b9e646d7f846d9aee4b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Oct 2021 21:01:32 +0200 Subject: l sync: add coaxmetal.r --- lass/2configs/sync/sync.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/sync/sync.nix b/lass/2configs/sync/sync.nix index bee1d03ac..7c0f2e030 100644 --- a/lass/2configs/sync/sync.nix +++ b/lass/2configs/sync/sync.nix @@ -1,6 +1,6 @@ { services.syncthing.declarative.folders."/home/lass/sync" = { - devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" ]; + devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" "coaxmetal" ]; }; krebs.permown."/home/lass/sync" = { file-mode = "u+rw,g+rw"; -- cgit v1.2.3 From 82e49f156a525a6966af3056dcf2ceeb16ffa889 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Oct 2021 21:01:59 +0200 Subject: l steam: run as mainUser cause pipewire audio --- lass/2configs/steam.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/steam.nix b/lass/2configs/steam.nix index 2b9811959..d814a2499 100644 --- a/lass/2configs/steam.nix +++ b/lass/2configs/steam.nix @@ -13,7 +13,7 @@ nixpkgs.config.steam.java = true; hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; - users.users.games.packages = [ (pkgs.steam.override { + users.users.mainUser.packages = [ (pkgs.steam.override { extraPkgs = p: with p; [ gnutls # needed for Halo MCC ]; -- cgit v1.2.3 From 15539bebabaecda0abd49173bb2461149cbf0041 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 26 Oct 2021 21:03:07 +0200 Subject: l nginx: reload instead of restart, remove old default --- lass/2configs/websites/default.nix | 7 +------ lass/2configs/websites/lassulus.nix | 1 + 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/lass/2configs/websites/default.nix b/lass/2configs/websites/default.nix index 1ffa105a7..bfd86ad7e 100644 --- a/lass/2configs/websites/default.nix +++ b/lass/2configs/websites/default.nix @@ -8,12 +8,7 @@ with import ; recommendedOptimisation = true; recommendedTlsSettings = true; - virtualHosts._http = { - default = true; - extraConfig = '' - return 404; - ''; - }; + enableReload = true; virtualHosts.default = { locations."= /etc/os-release".extraConfig = '' diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index bb983b78e..5bf8de013 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -32,6 +32,7 @@ in { services.nginx.virtualHosts."lassul.us" = { addSSL = true; enableACME = true; + default = true; locations."/".extraConfig = '' root /srv/http/lassul.us; ''; -- cgit v1.2.3 From e1fdb4728c2a886435c16dd4323a26d9f4c5ab16 Mon Sep 17 00:00:00 2001 From: xkey Date: Sat, 30 Oct 2021 15:27:58 +0200 Subject: external: modify catalonia.r --- krebs/3modules/external/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 982516e5d..28d58b525 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -587,7 +587,7 @@ in { nets = { retiolum = { ip4.addr = "10.243.13.12"; - aliases = [ "catalonia.r" "aleph.r" ]; + aliases = [ "catalonia.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y -- cgit v1.2.3 From 9fd58eb16278aa098422b9e28299b374f98e0a9e Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 31 Oct 2021 12:35:16 +0100 Subject: l codimd: move to pad.lassul.us --- krebs/3modules/lass/default.nix | 1 + lass/2configs/codimd.nix | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 95669c243..e96b4d8be 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -37,6 +37,7 @@ in { default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + pad 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} codi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} io 60 IN NS ions.lassul.us. diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix index 070781a31..271dcfca4 100644 --- a/lass/2configs/codimd.nix +++ b/lass/2configs/codimd.nix @@ -1,8 +1,16 @@ { config, pkgs, lib, ... }: with import ; let - domain = "codi.lassul.us"; + domain = "pad.lassul.us"; in { + + # redirect legacy domain to new one + services.nginx.virtualHosts."codi.lassul.us" = { + enableACME = true; + addSSL = true; + locations."/".return = "301 https://${domain}\$request_uri"; + }; + services.nginx.virtualHosts.${domain} = { enableACME = true; forceSSL = true; -- cgit v1.2.3 From 192ea80b77e13640704d7025aaa37de2fd394eae Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 Nov 2021 10:11:29 +0100 Subject: nixpkgs: 95eed9b -> f0869b1 --- krebs/nixpkgs.json | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 5be907d21..8bfd16523 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,10 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "95eed9b64eee24975b880308065654fd059f22c3", - "date": "2021-10-23T23:27:41+02:00", - "path": "/nix/store/05rxgy84zni4bminfyyk4nkc4ccw91sz-nixpkgs", - "sha256": "1x59xdxh2vrnhh4j29nyq7npq70v178j5acdm2zsgamcagm3qif9", - "fetchLFS": false, + "rev": "f0869b1a2c0b150aac26e10bb5c2364ffb2e804f", + "date": "2021-10-31T15:33:08-07:00", + "path": "/nix/store/60dqlv3rf8dyf041qwx2bblmpd7mp7q6-nixpkgs", + "sha256": "150rrksrjf6w9m3c1ll04xilpglysklfpi636rxwyy318g5xss55", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From 1e90bd460a7bc96460871ad16aff99f2bf7e301c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 Nov 2021 10:20:27 +0100 Subject: nixpkgs-unstable: 34ad3ff -> b165ce0 --- krebs/nixpkgs-unstable.json | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 9a5c5386f..594147405 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,10 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "34ad3ffe08adfca17fcb4e4a47bb5f3b113687be", - "date": "2021-10-21T10:14:45+08:00", - "path": "/nix/store/ga9jr8sgxlay545v6j6q2nfj7gih4ix3-nixpkgs", - "sha256": "02li241rz5668nfyp88zfjilxf0mr9yansa93fbl38hjwkhf3ix6", - "fetchLFS": false, + "rev": "b165ce0c4efbb74246714b5c66b6bcdce8cde175", + "date": "2021-11-01T19:42:18+01:00", + "path": "/nix/store/ccfd4ijkp4rn018sjghkhn4a7gkdq84l-nixpkgs", + "sha256": "1q7n9rk4i8ky2xxiymm72cfq1xra3ss3vkhbwf60rhiblslldgqg", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false -- cgit v1.2.3 From 4dea6681b4726a749e4cfc56c45f289a9cfdcf37 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Nov 2021 14:07:22 +0100 Subject: l mors.r: use unstable --- lass/1systems/mors/source.nix | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 lass/1systems/mors/source.nix diff --git a/lass/1systems/mors/source.nix b/lass/1systems/mors/source.nix new file mode 100644 index 000000000..abbf26c75 --- /dev/null +++ b/lass/1systems/mors/source.nix @@ -0,0 +1,21 @@ +{ lib, pkgs, test, ... }: let + npkgs = lib.importJSON ../../../krebs/nixpkgs-unstable.json; +in { + nixpkgs = (if test then lib.mkForce ({ derivation = let + rev = npkgs.rev; + sha256 = npkgs.sha256; + in '' + with import (builtins.fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz"; + sha256 = "${sha256}"; + }) {}; + pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = "${rev}"; + sha256 = "${sha256}"; + } + ''; }) else { + git.ref = lib.mkForce npkgs.rev; + }); +} -- cgit v1.2.3 From 0e668121a1388914f33a6546c2f63adc212a38c4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 5 Nov 2021 14:31:07 +0100 Subject: git: set fcgiwrap group as maingroup --- krebs/3modules/git.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index d31d91b7c..0aa1ae0f2 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -362,10 +362,8 @@ let users.users.${cfg.user.name} = { inherit (cfg.user) home name uid; description = "Git repository hosting user"; - extraGroups = [ - # To allow running cgit-clear-cache via hooks. - cfg.cgit.fcgiwrap.group.name - ]; + # To allow running cgit-clear-cache via hooks. + group = cfg.cgit.fcgiwrap.group.name; isSystemUser = true; shell = "/bin/sh"; openssh.authorizedKeys.keys = -- cgit v1.2.3 [cgit] Unable to lock slot /tmp/cgit/f8100000.lock: No such file or directory (2)