From 463a8e01d4ad1fd4e09c7d3b1ef1904ea73327fc Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 22:28:41 +0200 Subject: m 1 p: add get system pkg --- makefu/1systems/pornocauster.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix index d43f89a03..d208e5112 100644 --- a/makefu/1systems/pornocauster.nix +++ b/makefu/1systems/pornocauster.nix @@ -42,7 +42,7 @@ krebs.build.user = config.krebs.users.makefu; krebs.build.target = "root@pornocauster"; - + environment.systemPackages = with pkgs;[ get]; networking.firewall.allowedTCPPorts = [ 25 ]; -- cgit v1.2.3 From ab48fbd9720508520c5c3f951ed3b10bef139212 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 4 Oct 2015 22:29:30 +0200 Subject: m {3,5} tinc_graphs: make everyting work, final --- makefu/1systems/wry.nix | 4 ++-- makefu/3modules/tinc_graphs.nix | 25 +++++++++++++++++++------ makefu/5pkgs/tinc_graphs/default.nix | 4 ++-- 3 files changed, 23 insertions(+), 10 deletions(-) diff --git a/makefu/1systems/wry.nix b/makefu/1systems/wry.nix index 9368f1ae5..819a208ac 100644 --- a/makefu/1systems/wry.nix +++ b/makefu/1systems/wry.nix @@ -32,8 +32,8 @@ in { makefu.tinc_graphs.enable = true; makefu.tinc_graphs.krebsNginx = { enable = true; - hostnames_complete = [ "graphs.wry" "graphs.wry.retiolum" ]; - # TODO: remove hard-coded path + # TODO: remove hard-coded hostname + hostnames_complete = [ "graphs.wry" ]; hostnames_anonymous = [ "graphs.krebsco.de" ]; }; networking.firewall.allowedTCPPorts = [80]; diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix index 10f1b23a0..06b3f6263 100644 --- a/makefu/3modules/tinc_graphs.nix +++ b/makefu/3modules/tinc_graphs.nix @@ -24,21 +24,22 @@ let # configure krebs nginx to serve the new graphs enable = mkEnableOption "tinc_graphs nginx"; - hostnames_complete = { + hostnames_complete = mkOption { #TODO: this is not a secure way to serve these graphs,better listen to # the correct interface, krebs.nginx does not support this yet type = with types; listOf str; description = "hostname which serves complete graphs"; - default = config.krebs.build.host.name; + default = [ "graphs.${config.krebs.build.host.name}" ]; }; - hostnames_anonymous = { + hostnames_anonymous = mkOption { type = with types; listOf str; description = '' hostname which serves anonymous graphs must be different from hostname_complete ''; + default = [ "anongraphs.${config.krebs.build.host.name}" ]; }; }; @@ -74,18 +75,29 @@ let EXTERNAL_FOLDER = external_dir; INTERNAL_FOLDER = internal_dir; GEODB = cfg.geodbPath; + TINC_HOSTPATH=config.krebs.retiolum.hosts; }; restartIfChanged = true; serviceConfig = { Type = "simple"; + ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' #!/bin/sh mkdir -p "${external_dir}" "${internal_dir}" ''; + ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; - User = "root"; # tinc cannot be queried as user, + + ExecStartPost = pkgs.writeScript "tinc_graphs-post" '' + #!/bin/sh + # TODO: this may break if workingDir is set to something stupid + # this is needed because homedir is created with 700 + chmod 755 "${cfg.workingDir}" + ''; + + User = "root"; # tinc cannot be queried as user, # seems to be a tinc-pre issue privateTmp = true; }; @@ -93,7 +105,7 @@ let users.extraUsers.tinc_graphs = { uid = 3925439960; #genid tinc_graphs - home = "/var/cache/tinc_graphs"; + home = "/var/spool/tinc_graphs"; createHome = true; }; @@ -102,15 +114,16 @@ let server-names = cfg.krebsNginx.hostnames_complete; locations = [ (nameValuePair "/" '' + autoindex on; root ${internal_dir}; '') ]; }; tinc_graphs_anonymous = { server-names = cfg.krebsNginx.hostnames_anonymous; - #server-names = [ "dick" ]; locations = [ (nameValuePair "/" '' + autoindex on; root ${external_dir}; '') ]; diff --git a/makefu/5pkgs/tinc_graphs/default.nix b/makefu/5pkgs/tinc_graphs/default.nix index 95f096a30..5bc974157 100644 --- a/makefu/5pkgs/tinc_graphs/default.nix +++ b/makefu/5pkgs/tinc_graphs/default.nix @@ -2,14 +2,14 @@ python3Packages.buildPythonPackage rec { name = "tinc_graphs-${version}"; - version = "0.2.9"; + version = "0.2.12"; propagatedBuildInputs = with pkgs;[ python3Packages.pygeoip ## ${geolite-legacy}/share/GeoIP/GeoIPCity.dat ]; src = fetchurl { url = "https://pypi.python.org/packages/source/t/tinc_graphs/tinc_graphs-${version}.tar.gz"; - sha256 = "0fm063qhjlb8g1xahwcqqrd2dxgd38wwi55rhl1k5chr7zajsqfz"; + sha256 = "03jxvxahpcbpnz4668x32b629dwaaz5jcjkyaijm0zzpgcn4cbgp"; }; preFixup = with pkgs;'' wrapProgram $out/bin/build-graphs --prefix PATH : "$out/bin" -- cgit v1.2.3 From c11ac8374832d5a01e0f8e8d25a723476944c9c2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 12:19:25 +0200 Subject: lass 2 desktop-base: add much --- lass/2configs/desktop-base.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/2configs/desktop-base.nix b/lass/2configs/desktop-base.nix index ed84edefa..4e693997d 100644 --- a/lass/2configs/desktop-base.nix +++ b/lass/2configs/desktop-base.nix @@ -28,14 +28,14 @@ in { environment.systemPackages = with pkgs; [ powertop + sxiv + much #window manager stuff haskellPackages.xmobar haskellPackages.yeganesh dmenu2 xlibs.fontschumachermisc - - sxiv ]; fonts.fonts = [ -- cgit v1.2.3 From 7c8ea4a87b50c2ffe982a1ba0c70579bea7cb4dd Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 14:48:42 +0200 Subject: move realwallpaper to krebs 5 --- krebs/5pkgs/default.nix | 1 + krebs/5pkgs/realwallpaper.nix | 28 ++++++++++++++++++++++++++++ lass/5pkgs/default.nix | 1 - lass/5pkgs/realwallpaper.nix | 28 ---------------------------- 4 files changed, 29 insertions(+), 29 deletions(-) create mode 100644 krebs/5pkgs/realwallpaper.nix delete mode 100644 lass/5pkgs/realwallpaper.nix diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 7e136d96f..25ba83d8f 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -23,6 +23,7 @@ rec { posix-array = callPackage ./posix-array {}; pssh = callPackage ./pssh {}; Reaktor = callPackage ./Reaktor {}; + realwallpaper = callPackage ./realwallpaper.nix {}; youtube-tools = callPackage ./youtube-tools {}; execve = name: { filename, argv, envp ? {}, destination ? "" }: diff --git a/krebs/5pkgs/realwallpaper.nix b/krebs/5pkgs/realwallpaper.nix new file mode 100644 index 000000000..4fea977ec --- /dev/null +++ b/krebs/5pkgs/realwallpaper.nix @@ -0,0 +1,28 @@ +{ stdenv, fetchgit, xplanet, imagemagick, curl, file }: + +stdenv.mkDerivation { + name = "realwallpaper"; + + src = fetchgit { + url = https://github.com/Lassulus/realwallpaper; + rev = "c2778c3c235fc32edc8115d533a0d0853ab101c5"; + sha256 = "0yhbjz19zk8sj5dsvccm6skkqq2vardn1yi70qmd5li7qvp17mvs"; + }; + + phases = [ + "unpackPhase" + "installPhase" + ]; + + buildInputs = [ + xplanet + imagemagick + curl + file + ]; + + installPhase = '' + mkdir -p $out + cp realwallpaper.sh $out/realwallpaper.sh + ''; +} diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 6954c6a2c..7427cb620 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -13,5 +13,4 @@ rec { ublock = callPackage ./firefoxPlugins/ublock.nix {}; vimperator = callPackage ./firefoxPlugins/vimperator.nix {}; }; - realwallpaper = callPackage ./realwallpaper.nix {}; } diff --git a/lass/5pkgs/realwallpaper.nix b/lass/5pkgs/realwallpaper.nix deleted file mode 100644 index 4fea977ec..000000000 --- a/lass/5pkgs/realwallpaper.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ stdenv, fetchgit, xplanet, imagemagick, curl, file }: - -stdenv.mkDerivation { - name = "realwallpaper"; - - src = fetchgit { - url = https://github.com/Lassulus/realwallpaper; - rev = "c2778c3c235fc32edc8115d533a0d0853ab101c5"; - sha256 = "0yhbjz19zk8sj5dsvccm6skkqq2vardn1yi70qmd5li7qvp17mvs"; - }; - - phases = [ - "unpackPhase" - "installPhase" - ]; - - buildInputs = [ - xplanet - imagemagick - curl - file - ]; - - installPhase = '' - mkdir -p $out - cp realwallpaper.sh $out/realwallpaper.sh - ''; -} -- cgit v1.2.3 From cf28831057d95a73bbc2326f43b9d29a79fca12b Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 14:49:36 +0200 Subject: move realwallpaper to krebs 3 --- krebs/3modules/default.nix | 1 + krebs/3modules/realwallpaper.nix | 100 ++++++++++++++++++++++++++++++++++++++ lass/3modules/default.nix | 1 - lass/3modules/realwallpaper.nix | 102 --------------------------------------- 4 files changed, 101 insertions(+), 103 deletions(-) create mode 100644 krebs/3modules/realwallpaper.nix delete mode 100644 lass/3modules/realwallpaper.nix diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 430194405..edfbde9ba 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -14,6 +14,7 @@ let ./iptables.nix ./nginx.nix ./Reaktor.nix + ./realwallpaper.nix ./retiolum.nix ./urlwatch.nix ]; diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix new file mode 100644 index 000000000..d5c1aeabd --- /dev/null +++ b/krebs/3modules/realwallpaper.nix @@ -0,0 +1,100 @@ +arg@{ config, lib, pkgs, ... }: + +let + inherit (lib) + mkEnableOption + mkOption + types + mkIf + ; + + cfg = config.krebs.realwallpaper; + + out = { + options.krebs.realwallpaper = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "realwallpaper"; + + workingDir = mkOption { + type = types.str; + default = "/var/realwallpaper/"; + }; + + nightmap = mkOption { + type = types.str; + default = "http://eoimages.gsfc.nasa.gov/images/imagerecords/55000/55167/earth_lights_lrg.jpg"; + }; + + daymap = mkOption { + type = types.str; + default = "http://www.nnvl.noaa.gov/images/globaldata/SnowIceCover_Daily.png"; + }; + + cloudmap = mkOption { + type = types.str; + default = "http://xplanetclouds.com/free/local/clouds_2048.jpg"; + }; + + outFile = mkOption { + type = types.str; + default = "/tmp/wallpaper.png"; + }; + + timerConfig = mkOption { + type = types.unspecified; + default = { + OnCalendar = "*:0/15"; + }; + }; + + }; + + imp = { + systemd.timers.realwallpaper = { + description = "real wallpaper generator timer"; + + timerConfig = cfg.timerConfig; + }; + + systemd.services.realwallpaper = { + description = "real wallpaper generator"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + path = with pkgs; [ + xplanet + imagemagick + curl + file + ]; + + environment = { + working_dir = cfg.workingDir; + nightmap_url = cfg.nightmap; + daymap_url = cfg.daymap; + cloudmap_url = cfg.cloudmap; + out_file = cfg.outFile; + }; + + restartIfChanged = true; + + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.realwallpaper}/realwallpaper.sh"; + User = "realwallpaper"; + }; + }; + + users.extraUsers.realwallpaper = { + uid = 2009435407; #genid realwallpaper + home = cfg.workingDir; + createHome = true; + }; + }; + +in +out + diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index 9b6211278..9de987bf3 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -3,6 +3,5 @@ _: { imports = [ ./xresources.nix - ./realwallpaper.nix ]; } diff --git a/lass/3modules/realwallpaper.nix b/lass/3modules/realwallpaper.nix deleted file mode 100644 index 85dd35233..000000000 --- a/lass/3modules/realwallpaper.nix +++ /dev/null @@ -1,102 +0,0 @@ -arg@{ config, lib, pkgs, ... }: - -let - inherit (lib) - mkEnableOption - mkOption - types - mkIf - ; - - lpkgs = import ../5pkgs { inherit pkgs; }; - - cfg = config.lass.realwallpaper; - - out = { - options.lass.realwallpaper = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "realwallpaper"; - - workingDir = mkOption { - type = types.str; - default = "/var/realwallpaper/"; - }; - - nightmap = mkOption { - type = types.str; - default = "http://eoimages.gsfc.nasa.gov/images/imagerecords/55000/55167/earth_lights_lrg.jpg"; - }; - - daymap = mkOption { - type = types.str; - default = "http://www.nnvl.noaa.gov/images/globaldata/SnowIceCover_Daily.png"; - }; - - cloudmap = mkOption { - type = types.str; - default = "http://xplanetclouds.com/free/local/clouds_2048.jpg"; - }; - - outFile = mkOption { - type = types.str; - default = "/tmp/wallpaper.png"; - }; - - timerConfig = mkOption { - type = types.unspecified; - default = { - OnCalendar = "*:0/15"; - }; - }; - - }; - - imp = { - systemd.timers.realwallpaper = { - description = "real wallpaper generator timer"; - - timerConfig = cfg.timerConfig; - }; - - systemd.services.realwallpaper = { - description = "real wallpaper generator"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - - path = with pkgs; [ - xplanet - imagemagick - curl - file - ]; - - environment = { - working_dir = cfg.workingDir; - nightmap_url = cfg.nightmap; - daymap_url = cfg.daymap; - cloudmap_url = cfg.cloudmap; - out_file = cfg.outFile; - }; - - restartIfChanged = true; - - serviceConfig = { - Type = "simple"; - ExecStart = "${lpkgs.realwallpaper}/realwallpaper.sh"; - User = "realwallpaper"; - }; - }; - - users.extraUsers.realwallpaper = { - uid = 2009435407; #genid realwallpaper - home = cfg.workingDir; - createHome = true; - }; - }; - -in -out - -- cgit v1.2.3 From 7820eae9b6f9a91927caf646074d5d2b79093489 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 14:50:07 +0200 Subject: lass 2 realwallpaper: update due to file move --- lass/2configs/realwallpaper.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lass/2configs/realwallpaper.nix b/lass/2configs/realwallpaper.nix index f1c8861e1..c69cb1660 100644 --- a/lass/2configs/realwallpaper.nix +++ b/lass/2configs/realwallpaper.nix @@ -1,9 +1,5 @@ { config, ... }: { - imports = [ - ../3modules/realwallpaper.nix - ]; - - lass.realwallpaper.enable = true; + krebs.realwallpaper.enable = true; } -- cgit v1.2.3 From b4d2814e31b860199de1fd927c5f53609ef162c9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 14:51:37 +0200 Subject: lass 1 echelon: activate git --- lass/1systems/echelon.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index 45f7ebd70..b301b504a 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -13,6 +13,7 @@ in { ../2configs/retiolum.nix ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix + ../2configs/git.nix { networking.interfaces.enp2s1.ip4 = [ { -- cgit v1.2.3 From f4f5633b0e0ec711202d2d56735b6b55c8c69138 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 14:52:24 +0200 Subject: lass 2 git: make echelon main git host --- lass/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 78e6f0baa..595936da5 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -51,7 +51,7 @@ let nick = config.krebs.build.host.name; channel = "#retiolum"; server = "cd.retiolum"; - verbose = config.krebs.build.host.name == "cloudkrebs"; + verbose = config.krebs.build.host.name == "echelon"; }; }; }; -- cgit v1.2.3 From eabf194460f695044d32713900419583986a9bd5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 5 Oct 2015 16:33:16 +0200 Subject: krebs 3 lass: add ssh pubkeys --- krebs/3modules/lass/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index aa071270c..9dbc597ed 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -34,9 +34,11 @@ with import ../../4lib { inherit lib; }; ''; }; }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK"; }; fastpoke = { - dc = "lass"; #dc = "cac"; + dc = "lass"; nets = rec { internet = { addrs4 = ["193.22.164.36"]; @@ -95,6 +97,8 @@ with import ../../4lib { inherit lib; }; ''; }; }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7oYx7Lbkc0wPYNp92LQF93DCtxsGzOkVD91FJQzVZl"; }; uriel = { cores = 1; @@ -119,6 +123,8 @@ with import ../../4lib { inherit lib; }; ''; }; }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBryIo/Waw8SWvlQ0+5I+Bd/dJgcMd6iPXtELS6gQXoc"; secure = true; }; mors = { @@ -145,6 +151,8 @@ with import ../../4lib { inherit lib; }; }; }; secure = true; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD"; }; }; -- cgit v1.2.3 From e7779d8016cc06c5b7383e25a2e0608666495ca2 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 5 Oct 2015 17:51:14 +0200 Subject: makefu {1,2} Reaktor: add random-emoji plugin to Reaktor to pnp" --- makefu/1systems/pnp.nix | 1 + makefu/2configs/Reaktor/random-emoji.nix | 25 +++++++++++++++++++++++++ makefu/2configs/Reaktor/random-emoji.sh | 5 +++++ 3 files changed, 31 insertions(+) create mode 100644 makefu/2configs/Reaktor/random-emoji.nix create mode 100644 makefu/2configs/Reaktor/random-emoji.sh diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index 7698ea14d..fdc2f0135 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -23,6 +23,7 @@ ## \/ are only plugins, must enable Reaktor explicitly ../2configs/Reaktor/stockholmLentil.nix ../2configs/Reaktor/simpleExtend.nix + ../2configs/Reaktor/random-emoji.nix ../2configs/Reaktor/titlebot.nix ../2configs/exim-retiolum.nix diff --git a/makefu/2configs/Reaktor/random-emoji.nix b/makefu/2configs/Reaktor/random-emoji.nix new file mode 100644 index 000000000..b2d99b36b --- /dev/null +++ b/makefu/2configs/Reaktor/random-emoji.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with pkgs; +let + rpkg = pkgs.substituteAll( { + name="random-emoji"; + dir= "bin"; + isExecutable=true; + src= ./random-emoji.sh; + }); + rpkg-path = lib.makeSearchPath "bin" (with pkgs; [ + coreutils + gnused + gnugrep + curl]); +in { + # TODO: make origin a variable, <- module is generic enough to handle different origins, not only stockholm + krebs.Reaktor.extraConfig = '' + public_commands.insert(0,{ + 'capname' : "emoji", + 'pattern' : indirect_pattern.format("emoji"), + 'argv' : ["${rpkg}/bin/random-emoji"], + 'env' : { 'PATH':'${rpkg-path}' } }) + ''; +} diff --git a/makefu/2configs/Reaktor/random-emoji.sh b/makefu/2configs/Reaktor/random-emoji.sh new file mode 100644 index 000000000..913d615be --- /dev/null +++ b/makefu/2configs/Reaktor/random-emoji.sh @@ -0,0 +1,5 @@ +#!/bin/sh +curl http://emojicons.com/random -s | \ + grep data-text | \ + sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \ + head -n 1 -- cgit v1.2.3 From a986b13d633c872e1586799ea1337f362c562c94 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 5 Oct 2015 17:57:00 +0200 Subject: makefu 2 cgit: primary git server is pnp --- makefu/2configs/git/cgit-retiolum.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 40b51e601..1277a014e 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -29,6 +29,7 @@ let hooks = { post-receive = git.irc-announce { nick = config.networking.hostName; + verbose = config.krebs.build.host.name == "pnp"; channel = "#retiolum"; # TODO remove the hardcoded hostname server = "cd.retiolum"; -- cgit v1.2.3 From 973e7adab745c7493c592e6bc0e3f8367b32dfbc Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 Oct 2015 12:15:20 +0200 Subject: krebs 5 passwdqc-utils: init at 1.3.0 --- krebs/5pkgs/default.nix | 1 + krebs/5pkgs/passwdqc-utils/default.nix | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 krebs/5pkgs/passwdqc-utils/default.nix diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix index 7e136d96f..72c113b90 100644 --- a/krebs/5pkgs/default.nix +++ b/krebs/5pkgs/default.nix @@ -22,6 +22,7 @@ rec { nq = callPackage ./nq {}; posix-array = callPackage ./posix-array {}; pssh = callPackage ./pssh {}; + passwdqc-utils = callPackage ./passwdqc-utils {}; Reaktor = callPackage ./Reaktor {}; youtube-tools = callPackage ./youtube-tools {}; diff --git a/krebs/5pkgs/passwdqc-utils/default.nix b/krebs/5pkgs/passwdqc-utils/default.nix new file mode 100644 index 000000000..0299715ba --- /dev/null +++ b/krebs/5pkgs/passwdqc-utils/default.nix @@ -0,0 +1,27 @@ +{stdenv,pam,fetchurl,...}: + +stdenv.mkDerivation rec { + name = "passwdqc-utils-${version}"; + version = "1.3.0"; + buildInputs = [ pam ]; + src = fetchurl { + url = "http://www.openwall.com/passwdqc/passwdqc-${version}.tar.gz"; + sha256 = "0l3zbrp4pvah0dz33m48aqlz9nx663cc1fqhnlwr0p853b10la93"; + }; + buildTargets = "utils"; + installFlags= [ "BINDIR=$(out)/bin" + "CONFDIR=$(out)/etc" + "SHARED_LIBDIR=$(out)/lib" + "DEVEL_LIBDIR=$(out)/lib" + "SECUREDIR=$(out)/lib/security" + "INCLUDEDIR=$(out)/include" + "MANDIR=$(out)/man"]; + installTargets = "install_lib install_utils"; + + meta = { + description = "passwdqc utils (pwqgen,pwqcheck) and library"; + license = stdenv.lib.licenses.bsd3; + maintainers = [ stdenv.lib.maintainers.makefu ]; + patforms = stdenv.lib.platforms.linux; # more installFlags must be set for Darwin,Solaris + }; +} -- cgit v1.2.3 From 2460a6c226ab3a1b462ca04ca0cb52f12e6a0be3 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 7 Oct 2015 15:20:12 +0200 Subject: krebs 3 realwallpaper: actually start realwallpaper as timer --- krebs/3modules/realwallpaper.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index d5c1aeabd..7e02538f5 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -55,13 +55,13 @@ let imp = { systemd.timers.realwallpaper = { description = "real wallpaper generator timer"; + wantedBy = [ "timers.target" ]; timerConfig = cfg.timerConfig; }; systemd.services.realwallpaper = { description = "real wallpaper generator"; - wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; path = with pkgs; [ -- cgit v1.2.3 From 36d43bf73f498228ff540e86e6dd6596a353a0da Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 7 Oct 2015 15:21:24 +0200 Subject: makefu 3 tinc_graphs: actually start the timer --- makefu/3modules/tinc_graphs.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix index 06b3f6263..62d607527 100644 --- a/makefu/3modules/tinc_graphs.nix +++ b/makefu/3modules/tinc_graphs.nix @@ -64,13 +64,11 @@ let environment.systemPackages = [ pkgs.tinc_graphs]; systemd.timers.tinc_graphs = { description = "Build Tinc Graphs via via timer"; - + wantedBy = [ "timers.target"]; timerConfig = cfg.timerConfig; }; systemd.services.tinc_graphs = { description = "Build Tinc Graphs"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; environment = { EXTERNAL_FOLDER = external_dir; INTERNAL_FOLDER = internal_dir; -- cgit v1.2.3 From 892c99706a1c997ae064e443c2162a5659b8a05e Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 8 Oct 2015 12:05:32 +0200 Subject: lass 2: add skype.nix --- lass/1systems/mors.nix | 1 + lass/2configs/skype.nix | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 lass/2configs/skype.nix diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 5cc03501f..c0c33828b 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -24,6 +24,7 @@ ../2configs/bitlbee.nix ../2configs/firefoxPatched.nix ../2configs/realwallpaper.nix + ../2configs/skype.nix ]; krebs.build = { diff --git a/lass/2configs/skype.nix b/lass/2configs/skype.nix new file mode 100644 index 000000000..7e4618a7b --- /dev/null +++ b/lass/2configs/skype.nix @@ -0,0 +1,30 @@ +{ config, pkgs, ... }: + +let + mainUser = config.users.extraUsers.mainUser; + +in { + imports = [ + ../3modules/per-user.nix + ]; + + users.extraUsers = { + skype = { + name = "skype"; + uid = 2259819492; #genid skype + description = "user for running skype"; + home = "/home/skype"; + useDefaultShell = true; + extraGroups = [ "audio" "video" ]; + createHome = true; + }; + }; + + lass.per-user.skype.packages = [ + pkgs.skype + ]; + + security.sudo.extraConfig = '' + ${mainUser.name} ALL=(skype) NOPASSWD: ALL + ''; +} -- cgit v1.2.3 From 5f5c1f5f661a2c4236fb62bc4c0ec7d43ae7a5b1 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 8 Oct 2015 16:51:57 +0200 Subject: m 2 Reaktor: add shack-correct, update pnp Reaktor Channels --- makefu/1systems/pnp.nix | 3 ++- makefu/2configs/Reaktor/shack-correct.nix | 20 ++++++++++++++++++++ makefu/2configs/Reaktor/shack-correct.sh | 6 ++++++ 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 makefu/2configs/Reaktor/shack-correct.nix create mode 100644 makefu/2configs/Reaktor/shack-correct.sh diff --git a/makefu/1systems/pnp.nix b/makefu/1systems/pnp.nix index fdc2f0135..e7ceca60d 100644 --- a/makefu/1systems/pnp.nix +++ b/makefu/1systems/pnp.nix @@ -25,6 +25,7 @@ ../2configs/Reaktor/simpleExtend.nix ../2configs/Reaktor/random-emoji.nix ../2configs/Reaktor/titlebot.nix + ../2configs/Reaktor/shack-correct.nix ../2configs/exim-retiolum.nix ../2configs/urlwatch.nix @@ -35,7 +36,7 @@ krebs.Reaktor.debug = true; krebs.Reaktor.nickname = "Reaktor|bot"; krebs.Reaktor.extraEnviron = { - REAKTOR_CHANNELS = "#krebs,#binaergewitter"; + REAKTOR_CHANNELS = "#krebs,#binaergewitter,#shackspace"; }; krebs.build.host = config.krebs.hosts.pnp; diff --git a/makefu/2configs/Reaktor/shack-correct.nix b/makefu/2configs/Reaktor/shack-correct.nix new file mode 100644 index 000000000..8f30807f1 --- /dev/null +++ b/makefu/2configs/Reaktor/shack-correct.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +with pkgs; +let + script = pkgs.substituteAll ( { + name="shack-correct"; + isExecutable=true; + dir = ""; + src = ./shack-correct.sh; + }); +in { + krebs.Reaktor.extraConfig = '' + public_commands.insert(0,{ + 'capname' : "shack-correct", + 'pattern' : '^(?P.*Shack.*)$$', + 'argv' : ["${script}"], + 'env' : { }}) + ''; +} + diff --git a/makefu/2configs/Reaktor/shack-correct.sh b/makefu/2configs/Reaktor/shack-correct.sh new file mode 100644 index 000000000..3b4d04f80 --- /dev/null +++ b/makefu/2configs/Reaktor/shack-correct.sh @@ -0,0 +1,6 @@ +#! /bin/sh +set -eu +printf "Sie meinten wohl \"" +echo -n $@ | sed 's/Shack/shack/g' +echo "\"" +echo "${_from}--" -- cgit v1.2.3 From d2720415ac5404f3261a4dafbd97092c282dd169 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:06:22 +0200 Subject: lass 5: add go url shortener --- lass/5pkgs/default.nix | 1 + lass/5pkgs/go/default.nix | 61 ++++++++++++++++++++++++++++++++++++++++++++++ lass/5pkgs/go/packages.nix | 44 +++++++++++++++++++++++++++++++++ lass/5pkgs/go/result | 1 + 4 files changed, 107 insertions(+) create mode 100644 lass/5pkgs/go/default.nix create mode 100644 lass/5pkgs/go/packages.nix create mode 120000 lass/5pkgs/go/result diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 7427cb620..e3e49e37e 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -13,4 +13,5 @@ rec { ublock = callPackage ./firefoxPlugins/ublock.nix {}; vimperator = callPackage ./firefoxPlugins/vimperator.nix {}; }; + go = callPackage ./go/default.nix {}; } diff --git a/lass/5pkgs/go/default.nix b/lass/5pkgs/go/default.nix new file mode 100644 index 000000000..2ac809c33 --- /dev/null +++ b/lass/5pkgs/go/default.nix @@ -0,0 +1,61 @@ +{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodePackages, nodejs }: + +with lib; + +let + np = nodePackages.override { + generated = ./packages.nix; + self = np; + }; + + node_env = buildEnv { + name = "node_env"; + paths = [ + np.redis + np."formidable" + ]; + pathsToLink = [ "/lib" ]; + ignoreCollisions = true; + }; + +in nodePackages.buildNodePackage { + name = "go"; + + src = fetchgit { + url = "http://cgit.echelon/go/"; + rev = "05d02740e0adbb36cc461323647f0c1e7f493156"; + sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f"; + }; + + phases = [ + "unpackPhase" + "installPhase" + ]; + + deps = (filter (v: nixType v == "derivation") (attrValues np)); + + buildInputs = [ + nodejs + nodePackages.redis + np.formidable + makeWrapper + ]; + + installPhase = '' + mkdir -p $out/bin + + find ${node_env} + + cp index.js $out/ + cat > $out/go << EOF + ${nodejs}/bin/node $out/index.js + EOF + chmod +x $out/go + + wrapProgram $out/go \ + --prefix NODE_PATH : ${node_env}/lib/node_modules + + ln -s $out/go /$out/bin/go + ''; + +} diff --git a/lass/5pkgs/go/packages.nix b/lass/5pkgs/go/packages.nix new file mode 100644 index 000000000..9acfd7658 --- /dev/null +++ b/lass/5pkgs/go/packages.nix @@ -0,0 +1,44 @@ +{ self, fetchurl, fetchgit ? null, lib }: + +{ + by-spec."formidable"."*" = + self.by-version."formidable"."1.0.17"; + by-version."formidable"."1.0.17" = self.buildNodePackage { + name = "formidable-1.0.17"; + version = "1.0.17"; + bin = false; + src = fetchurl { + url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz"; + name = "formidable-1.0.17.tgz"; + sha1 = "ef5491490f9433b705faa77249c99029ae348559"; + }; + deps = { + }; + optionalDependencies = { + }; + peerDependencies = []; + os = [ ]; + cpu = [ ]; + }; + "formidable" = self.by-version."formidable"."1.0.17"; + by-spec."redis"."*" = + self.by-version."redis"."2.1.0"; + by-version."redis"."2.1.0" = self.buildNodePackage { + name = "redis-2.1.0"; + version = "2.1.0"; + bin = false; + src = fetchurl { + url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz"; + name = "redis-2.1.0.tgz"; + sha1 = "38acb208f90750250f9451219b73ff08ae907f94"; + }; + deps = { + }; + optionalDependencies = { + }; + peerDependencies = []; + os = [ ]; + cpu = [ ]; + }; + "redis" = self.by-version."redis"."2.1.0"; +} diff --git a/lass/5pkgs/go/result b/lass/5pkgs/go/result new file mode 120000 index 000000000..14893ca34 --- /dev/null +++ b/lass/5pkgs/go/result @@ -0,0 +1 @@ +/nix/store/nizallgwxcx4fz9awyfp9i17avfymlvx-nodejs-go \ No newline at end of file -- cgit v1.2.3 From 45acff36265352e168928399957241abf4eb0dc1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:07:44 +0200 Subject: lass 2 git: add go repo --- lass/2configs/git.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 595936da5..d63705ab6 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -31,6 +31,7 @@ let }; wai-middleware-time = {}; web-routes-wai-custom = {}; + go = {}; }; restricted-repos = mapAttrs make-restricted-repo ( -- cgit v1.2.3 From e4b27b52864cd40367b28c9967f1e375988a5445 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:08:27 +0200 Subject: lass 1 echelon: get hostName from build.host.name --- lass/1systems/echelon.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index b301b504a..bf3ca8723 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -44,6 +44,6 @@ in { }; }; - networking.hostName = "echelon"; + networking.hostName = config.krebs.build.host.name; } -- cgit v1.2.3 From d478ed4e06dbf84688bb99aa00b95e1d8b09f3b1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:09:13 +0200 Subject: lass 2 ircd: change sid and hostname --- lass/2configs/ircd.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/2configs/ircd.nix b/lass/2configs/ircd.nix index f71b769fd..fc0aeb84b 100644 --- a/lass/2configs/ircd.nix +++ b/lass/2configs/ircd.nix @@ -5,8 +5,8 @@ enable = true; config = '' serverinfo { - name = "ire.irc.retiolum"; - sid = "4z3"; + name = "${config.krebs.build.host.name}.irc.retiolum"; + sid = "1as"; description = "miep!"; network_name = "irc.retiolum"; network_desc = "Retiolum IRC Network"; -- cgit v1.2.3 From 20724bfcf7cb10a6e8ebf153e46ffac3d9ebbf67 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:10:15 +0200 Subject: lass 2: add redix.nix --- lass/2configs/redis.nix | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 lass/2configs/redis.nix diff --git a/lass/2configs/redis.nix b/lass/2configs/redis.nix new file mode 100644 index 000000000..8dd8df5c3 --- /dev/null +++ b/lass/2configs/redis.nix @@ -0,0 +1,8 @@ +{ config, ... }: + +{ + config.services.redis = { + enable = true; + bind = "127.0.0.1"; + }; +} -- cgit v1.2.3 From 4752e4a75765faeea6a2d8aa26c78c106d266a1c Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:11:29 +0200 Subject: lass 3: add go.nix --- lass/3modules/go.nix | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 lass/3modules/go.nix diff --git a/lass/3modules/go.nix b/lass/3modules/go.nix new file mode 100644 index 000000000..aa900f118 --- /dev/null +++ b/lass/3modules/go.nix @@ -0,0 +1,61 @@ +{ config, lib, pkgs, ... }: + +with builtins; +with lib; + +let + cfg = config.lass.go; + + out = { + options.lass.go = api; + config = mkIf cfg.enable imp; + }; + + api = { + enable = mkEnableOption "Enable go url shortener"; + port = mkOption { + type = types.str; + default = "1337"; + description = "on which port go should run on"; + }; + redisKeyPrefix = mkOption { + type = types.str; + default = "go:"; + description = "change the Redis key prefix which defaults to `go:`"; + }; + }; + + imp = { + users.extraUsers.go = { + name = "go"; + uid = 42774411; #genid go + description = "go url shortener user"; + home = "/var/lib/go"; + createHome = true; + }; + + systemd.services.go = { + description = "go url shortener"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + path = with pkgs; [ + go + ]; + + environment = { + PORT = cfg.port; + REDIS_KEY_PREFIX = cfg.redisKeyPrefix; + }; + + restartIfChanged = true; + + serviceConfig = { + User = "go"; + Restart = "always"; + ExecStart = "${pkgs.go}/bin/go"; + }; + }; + }; + +in out -- cgit v1.2.3 From 8b42c0631e86da5e05a4659887d9c7958bf27636 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:23:45 +0200 Subject: lass 2 ircd: open port 6667 to retiolum --- lass/2configs/ircd.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/2configs/ircd.nix b/lass/2configs/ircd.nix index fc0aeb84b..de96ad9d6 100644 --- a/lass/2configs/ircd.nix +++ b/lass/2configs/ircd.nix @@ -1,6 +1,9 @@ { config, pkgs, ... }: { + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 6667"; target = "ACCEPT"; } + ]; config.services.charybdis = { enable = true; config = '' -- cgit v1.2.3 From c8c2b254e5f633618b43be6b348c747e903f7577 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:24:13 +0200 Subject: lass 2: add go.nix --- lass/2configs/go.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 lass/2configs/go.nix diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix new file mode 100644 index 000000000..30d3e6ae5 --- /dev/null +++ b/lass/2configs/go.nix @@ -0,0 +1,16 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../3modules/go.nix + ]; + environment.systemPackages = [ + pkgs.go + ]; + lass.go = { + enable = true; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } + ]; +} -- cgit v1.2.3 From e21fdefcf1cec589db1aec4226bc52a65991b218 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:24:50 +0200 Subject: lass 1 echelon: import new stuff --- lass/1systems/echelon.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/1systems/echelon.nix b/lass/1systems/echelon.nix index bf3ca8723..1320e0782 100644 --- a/lass/1systems/echelon.nix +++ b/lass/1systems/echelon.nix @@ -14,6 +14,9 @@ in { ../2configs/realwallpaper-server.nix ../2configs/privoxy-retiolum.nix ../2configs/git.nix + ../2configs/redis.nix + ../2configs/go.nix + ../2configs/ircd.nix { networking.interfaces.enp2s1.ip4 = [ { -- cgit v1.2.3 From 4072a32f89b9cc1c1e7c3583ac5b9ce5dcb004af Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 9 Oct 2015 01:31:42 +0200 Subject: lass 5 go: remove debug stuff --- lass/5pkgs/go/default.nix | 2 -- lass/5pkgs/go/result | 1 - 2 files changed, 3 deletions(-) delete mode 120000 lass/5pkgs/go/result diff --git a/lass/5pkgs/go/default.nix b/lass/5pkgs/go/default.nix index 2ac809c33..3b4468d18 100644 --- a/lass/5pkgs/go/default.nix +++ b/lass/5pkgs/go/default.nix @@ -44,8 +44,6 @@ in nodePackages.buildNodePackage { installPhase = '' mkdir -p $out/bin - find ${node_env} - cp index.js $out/ cat > $out/go << EOF ${nodejs}/bin/node $out/index.js diff --git a/lass/5pkgs/go/result b/lass/5pkgs/go/result deleted file mode 120000 index 14893ca34..000000000 --- a/lass/5pkgs/go/result +++ /dev/null @@ -1 +0,0 @@ -/nix/store/nizallgwxcx4fz9awyfp9i17avfymlvx-nodejs-go \ No newline at end of file -- cgit v1.2.3