From b5fbca3a365b1188c1274e3288ba39a88ecad2e3 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 05:27:37 +0100 Subject: krebs.secret: init --- krebs/3modules/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index c06f3754e..df1c7db63 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -28,6 +28,7 @@ let ./realwallpaper.nix ./retiolum-bootstrap.nix ./retiolum.nix + ./secret.nix ./setuid.nix ./tinc_graphs.nix ./urlwatch.nix -- cgit v1.2.3 From e3ddf995e92985ee14dab5735ac55045c166aaaf Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 07:18:13 +0100 Subject: krebs types.secret-file: owner-name -> owner :: user --- krebs/3modules/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index df1c7db63..7a343d333 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -104,6 +104,13 @@ let retiolum = "hosts"; }; + krebs.users.root = { + home = "/root"; + name = "root"; + pubkey = config.krebs.build.host.ssh.pubkey; + uid = 0; + }; + networking.extraHosts = concatStringsSep "\n" (flatten ( mapAttrsToList (hostname: host: mapAttrsToList (netname: net: -- cgit v1.2.3 From 67e5fddc0bfe624c6b53b673582e92a28cf530f9 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 07:39:24 +0100 Subject: krebs.users.krebs: init --- krebs/3modules/default.nix | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 7a343d333..aeeabfe53 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -104,11 +104,16 @@ let retiolum = "hosts"; }; - krebs.users.root = { - home = "/root"; - name = "root"; - pubkey = config.krebs.build.host.ssh.pubkey; - uid = 0; + krebs.users = { + krebs = { + home = "/krebs"; + mail = "spam@krebsco.de"; + }; + root = { + home = "/root"; + pubkey = config.krebs.build.host.ssh.pubkey; + uid = 0; + }; }; networking.extraHosts = concatStringsSep "\n" (flatten ( -- cgit v1.2.3 From de5de37a12771db395f7bc1954be52f51f54b9e2 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 20:04:45 +0100 Subject: krebs.dns.providers: attrsOf unspecified -> attrsOf str --- krebs/3modules/default.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index aeeabfe53..662fd6489 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -43,9 +43,7 @@ let dns = { providers = mkOption { - # TODO with types; tree dns.label dns.provider, so we can merge. - # Currently providers can only be merged if aliases occur just once. - type = with types; attrsOf unspecified; + type = with types; attrsOf str; }; }; @@ -95,7 +93,7 @@ let { krebs = import ./tv { inherit config lib; }; } { krebs.dns.providers = { - de.krebsco = "zones"; + "krebsco.de" = "zones"; gg23 = "hosts"; shack = "hosts"; i = "hosts"; @@ -116,13 +114,15 @@ let }; }; - networking.extraHosts = concatStringsSep "\n" (flatten ( + networking.extraHosts = let + domains = attrNames (filterAttrs (_: eq "hosts") cfg.dns.providers); + check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains; + in concatStringsSep "\n" (flatten ( mapAttrsToList (hostname: host: mapAttrsToList (netname: net: let aliases = longs ++ shorts; - providers = dns.split-by-provider net.aliases cfg.dns.providers; - longs = providers.hosts; + longs = filter check net.aliases; shorts = let s = ".${cfg.search-domain}"; in map (removeSuffix s) (filter (hasSuffix s) longs); in -- cgit v1.2.3 From a73eaae18c3e873c09c313590a0ab8dad1fbc5d9 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 21 Feb 2016 21:51:11 +0100 Subject: krebs.exim*: admit *.r --- krebs/3modules/default.nix | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'krebs/3modules/default.nix') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 662fd6489..186469e97 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -143,12 +143,11 @@ let { text=(stripEmptyLines value); }) all-zones; krebs.exim-smarthost.internet-aliases = let - format = from: to: + format = from: to: { + inherit from; # TODO assert is-retiolum-mail-address to; - { inherit from; - to = if typeOf to == "list" - then concatMapStringsSep "," (getAttr "mail") to - else to.mail; }; + to = concatMapStringsSep "," (getAttr "mail") (toList to); + }; in mapAttrsToList format (with config.krebs.users; let spam-ml = [ lass @@ -167,6 +166,10 @@ let "makefu@retiolum" = makefu; "spam@retiolum" = spam-ml; "tv@retiolum" = tv; + "lass@r" = lass; + "makefu@r" = makefu; + "spam@r" = spam-ml; + "tv@r" = tv; }); services.openssh.hostKeys = -- cgit v1.2.3