From ea9fcce6944eb71ebb03862ced66cf280dad55a2 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 11 Sep 2018 18:49:19 +0200 Subject: shell.nix: RIP --- krebs/0tests/deploy.nix | 5 - krebs/1systems/hotdog/source.nix | 3 - krebs/1systems/onebutton/source.nix | 13 -- krebs/1systems/puyak/source.nix | 3 - krebs/1systems/test-all-krebs-modules/source.nix | 3 - krebs/1systems/test-arch/source.nix | 3 - krebs/1systems/test-centos6/source.nix | 3 - krebs/1systems/test-centos7/source.nix | 3 - krebs/1systems/test-failing/source.nix | 3 - krebs/1systems/test-minimal-deploy/source.nix | 3 - krebs/1systems/wolf/source.nix | 3 - krebs/5pkgs/simple/stockholm/default.nix | 230 ----------------------- krebs/source.nix | 29 --- 13 files changed, 304 deletions(-) delete mode 100644 krebs/1systems/hotdog/source.nix delete mode 100644 krebs/1systems/onebutton/source.nix delete mode 100644 krebs/1systems/puyak/source.nix delete mode 100644 krebs/1systems/test-all-krebs-modules/source.nix delete mode 100644 krebs/1systems/test-arch/source.nix delete mode 100644 krebs/1systems/test-centos6/source.nix delete mode 100644 krebs/1systems/test-centos7/source.nix delete mode 100644 krebs/1systems/test-failing/source.nix delete mode 100644 krebs/1systems/test-minimal-deploy/source.nix delete mode 100644 krebs/1systems/wolf/source.nix delete mode 100644 krebs/5pkgs/simple/stockholm/default.nix delete mode 100644 krebs/source.nix (limited to 'krebs') diff --git a/krebs/0tests/deploy.nix b/krebs/0tests/deploy.nix index d96963500..5fae60ecc 100644 --- a/krebs/0tests/deploy.nix +++ b/krebs/0tests/deploy.nix @@ -44,11 +44,6 @@ let exec >&2 source=${pkgs.writeJSON "source.json" populate-source} LOGNAME=krebs ${pkgs.populate}/bin/populate --force root@server:22/var/src/ < "$source" - # TODO: make deploy work - #LOGNAME=krebs ${pkgs.stockholm}/bin/deploy \ - # --force-populate \ - # --source=${./data/test-source.nix} \ - # --system=server \ ''; minimalSystem = (import { modules = [ diff --git a/krebs/1systems/hotdog/source.nix b/krebs/1systems/hotdog/source.nix deleted file mode 100644 index 0fa61b20f..000000000 --- a/krebs/1systems/hotdog/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "hotdog"; -} diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix deleted file mode 100644 index 91a998de7..000000000 --- a/krebs/1systems/onebutton/source.nix +++ /dev/null @@ -1,13 +0,0 @@ -with import ; -let - pkgs = import {}; - nixpkgs = builtins.fetchTarball { - url = https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz; - }; -in import { - name = "onebutton"; - override.nixpkgs = mkForce { - file = toString nixpkgs; - }; - -} diff --git a/krebs/1systems/puyak/source.nix b/krebs/1systems/puyak/source.nix deleted file mode 100644 index a21651899..000000000 --- a/krebs/1systems/puyak/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "puyak"; -} diff --git a/krebs/1systems/test-all-krebs-modules/source.nix b/krebs/1systems/test-all-krebs-modules/source.nix deleted file mode 100644 index 66fdaa773..000000000 --- a/krebs/1systems/test-all-krebs-modules/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "test-all-krebs-modules"; -} diff --git a/krebs/1systems/test-arch/source.nix b/krebs/1systems/test-arch/source.nix deleted file mode 100644 index bff9d4325..000000000 --- a/krebs/1systems/test-arch/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "test-arch"; -} diff --git a/krebs/1systems/test-centos6/source.nix b/krebs/1systems/test-centos6/source.nix deleted file mode 100644 index 3693bbb29..000000000 --- a/krebs/1systems/test-centos6/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "test-centos6"; -} diff --git a/krebs/1systems/test-centos7/source.nix b/krebs/1systems/test-centos7/source.nix deleted file mode 100644 index 44230f08d..000000000 --- a/krebs/1systems/test-centos7/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "test-centos7"; -} diff --git a/krebs/1systems/test-failing/source.nix b/krebs/1systems/test-failing/source.nix deleted file mode 100644 index 60b77a0a0..000000000 --- a/krebs/1systems/test-failing/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "test-failing"; -} diff --git a/krebs/1systems/test-minimal-deploy/source.nix b/krebs/1systems/test-minimal-deploy/source.nix deleted file mode 100644 index 032ab12bb..000000000 --- a/krebs/1systems/test-minimal-deploy/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "test-minimal-deploy"; -} diff --git a/krebs/1systems/wolf/source.nix b/krebs/1systems/wolf/source.nix deleted file mode 100644 index c292bfa62..000000000 --- a/krebs/1systems/wolf/source.nix +++ /dev/null @@ -1,3 +0,0 @@ -import { - name = "wolf"; -} diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix deleted file mode 100644 index c973386d6..000000000 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ /dev/null @@ -1,230 +0,0 @@ -{ pkgs }: let - - stockholm-dir = ../../../..; - - lib = import (stockholm-dir + "/lib"); - - # - # high level commands - # - - cmds.deploy = pkgs.withGetopt { - force-populate = { default = /* sh */ "false"; switch = true; }; - quiet = { default = /* sh */ "false"; switch = true; }; - source_file = { - default = /* sh */ "$user/1systems/$system/source.nix"; - long = "source"; - }; - system = {}; - target.default = /* sh */ "$system"; - user.default = /* sh */ "$LOGNAME"; - } (opts: pkgs.writeDash "stockholm.deploy" '' - set -efu - - . ${init.env} - . ${init.proxy "deploy" opts} - - # Use system's nixos-rebuild, which is not self-contained - export PATH=/run/current-system/sw/bin - exec ${utils.with-whatsupnix} \ - nixos-rebuild switch \ - --show-trace \ - -I "$target_path" - ''); - - cmds.get-version = pkgs.writeDash "get-version" '' - set -efu - hostname=''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)} - version=git.$(${pkgs.git}/bin/git describe --always --dirty) - case $version in (*-dirty) - version=$version@$hostname - esac - date=$(${pkgs.coreutils}/bin/date +%y.%m) - echo "$date.$version" - ''; - - cmds.install = pkgs.withGetopt { - force-populate = { default = /* sh */ "false"; switch = true; }; - quiet = { default = /* sh */ "false"; switch = true; }; - source_file = { - default = /* sh */ "$user/1systems/$system/source.nix"; - long = "source"; - }; - system = {}; - target = {}; - user.default = /* sh */ "$LOGNAME"; - } (opts: pkgs.writeBash "stockholm.install" '' - set -efu - - . ${init.env} - - if \test "''${using_proxy-}" != true; then - ${pkgs.openssh}/bin/ssh \ - -o StrictHostKeyChecking=no \ - -o UserKnownHostsFile=/dev/null \ - "$target_user@$target_host" -p "$target_port" \ - env target_path=$(${pkgs.quote}/bin/quote "$target_path") \ - sh -s prepare \ - < ${stockholm-dir + "/krebs/4lib/infest/prepare.sh"} - # TODO inline prepare.sh? - fi - - . ${init.proxy "install" opts} - - # these variables get defined by nix-shell (i.e. nix-build) from - # XDG_RUNTIME_DIR and reference the wrong directory (/run/user/0), - # which only exists on / and not at /mnt. - export NIX_BUILD_TOP=/tmp - export TEMPDIR=/tmp - export TEMP=/tmp - export TMPDIR=/tmp - export TMP=/tmp - export XDG_RUNTIME_DIR=/tmp - - export NIXOS_CONFIG="$target_path/nixos-config" - - cd - exec nixos-install - ''); - - cmds.test = pkgs.withGetopt { - force-populate = { default = /* sh */ "false"; switch = true; }; - quiet = { default = /* sh */ "false"; switch = true; }; - source_file = { - default = /* sh */ "$user/1systems/$system/source.nix"; - long = "source"; - }; - system = {}; - target = {}; - user.default = /* sh */ "$LOGNAME"; - } (opts: pkgs.writeDash "stockholm.test" /* sh */ '' - set -efu - - export dummy_secrets=true - - . ${init.env} - . ${init.proxy "test" opts} - - exec ${utils.build} config.system.build.toplevel - ''); - - # - # low level commands - # - - # usage: get-source SOURCE_FILE - cmds.get-source = pkgs.writeDash "stockholm.get-source" '' - set -efu - exec ${pkgs.nix}/bin/nix-instantiate \ - --eval \ - --json \ - --readonly-mode \ - --show-trace \ - --strict \ - "$1" - ''; - - # usage: parse-target [--default=TARGET] TARGET - # TARGET = [USER@]HOST[:PORT][/PATH] - cmds.parse-target = pkgs.withGetopt { - default_target = { - long = "default"; - short = "d"; - }; - } (opts: pkgs.writeDash "stockholm.parse-target" '' - set -efu - target=$1; shift - for arg; do echo "$0: bad argument: $arg" >&2; done - if \test $# != 0; then exit 2; fi - exec ${pkgs.jq}/bin/jq \ - -enr \ - --arg default_target "$default_target" \ - --arg target "$target" \ - -f ${pkgs.writeText "stockholm.parse-target.jq" '' - def parse: match("^(?:([^@]+)@)?([^:/]+)?(?::([0-9]+))?(/.*)?$") | { - user: .captures[0].string, - host: .captures[1].string, - port: .captures[2].string, - path: .captures[3].string, - }; - def sanitize: with_entries(select(.value != null)); - ($default_target | parse) + ($target | parse | sanitize) | - . + { local: (.user == env.LOGNAME and .host == env.HOSTNAME) } - ''} - ''); - - init.env = pkgs.writeText "init.env" /* sh */ '' - - export HOSTNAME="$(${pkgs.nettools}/bin/hostname)" - - export quiet - export system - export target - export user - - default_target=root@$system:22/var/src - - export target_object="$( - ${cmds.parse-target} "$target" -d "$default_target" - )" - export target_user="$(echo $target_object | ${pkgs.jq}/bin/jq -r .user)" - export target_host="$(echo $target_object | ${pkgs.jq}/bin/jq -r .host)" - export target_port="$(echo $target_object | ${pkgs.jq}/bin/jq -r .port)" - export target_path="$(echo $target_object | ${pkgs.jq}/bin/jq -r .path)" - export target_local="$(echo $target_object | ${pkgs.jq}/bin/jq -r .local)" - ''; - - init.proxy = command: opts: pkgs.writeText "init.proxy" /* sh */ '' - if \test "''${using_proxy-}" != true; then - - source=$(${cmds.get-source} "$source_file") - qualified_target=$target_user@$target_host:$target_port$target_path - if \test "$force_populate" = true; then - echo "$source" | ${pkgs.populate}/bin/populate --force "$qualified_target" - else - echo "$source" | ${pkgs.populate}/bin/populate "$qualified_target" - fi - - if \test "$target_local" != true; then - exec ${pkgs.openssh}/bin/ssh \ - "$target_user@$target_host" -p "$target_port" \ - cd "$target_path/stockholm" \; \ - NIX_PATH=$(${pkgs.quote}/bin/quote "$target_path") \ - nix-shell --run "$(${pkgs.quote}/bin/quote " - ${lib.concatStringsSep " " (lib.mapAttrsToList - (name: opt: /* sh */ - "${opt.varname}=\$(${pkgs.quote}/bin/quote ${opt.ref})") - opts - )} \ - using_proxy=true \ - ${lib.shell.escape command} \ - $WITHGETOPT_ORIG_ARGS \ - ")" - fi - fi - ''; - - utils.build = pkgs.writeDash "utils.build" '' - set -efu - ${utils.with-whatsupnix} \ - ${pkgs.nix}/bin/nix-build \ - --no-out-link \ - --show-trace \ - -E "with import ; $1" \ - -I "$target_path" \ - ''; - - utils.with-whatsupnix = pkgs.writeDash "utils.with-whatsupnix" '' - set -efu - if \test "$quiet" = true; then - "$@" -Q 2>&1 | ${pkgs.whatsupnix}/bin/whatsupnix - else - exec "$@" - fi - ''; - -in - - pkgs.write "stockholm" (lib.mapAttrs' (name: link: - lib.nameValuePair "/bin/${name}" { inherit link; } - ) cmds) diff --git a/krebs/source.nix b/krebs/source.nix deleted file mode 100644 index 5b86e89c6..000000000 --- a/krebs/source.nix +++ /dev/null @@ -1,29 +0,0 @@ -with import ; -host@{ name, secure ? false, override ? {} }: let - builder = if getEnv "dummy_secrets" == "true" - then "buildbot" - else "krebs"; - _file = + "/krebs/1systems/${name}/source.nix"; - pkgs = import { - overlays = map import [ - - - ]; - }; -in - evalSource (toString _file) [ - { - nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; - secrets = getAttr builder { - buildbot.file = toString ; - krebs.pass = { - dir = "${getEnv "HOME"}/brain"; - name = "krebs-secrets/${name}"; - }; - }; - stockholm.file = toString ; - stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; - nixpkgs = (import ./krops.nix { name = ""; }).krebs-source.nixpkgs; - } - override - ] -- cgit v1.2.3 From ca2477ab3a4dbe392e8b9e6614540c4b089ade82 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 11 Sep 2018 20:18:01 +0200 Subject: krebs krops: cd to proper stockholm directory --- krebs/krops.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/krops.nix b/krebs/krops.nix index 5378d6fb0..e5013ad08 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -18,7 +18,7 @@ stockholm.file = toString ../.; stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" '' set -efu - cd $HOME/stockholm + cd ${lib.escapeShellArg krebs-source.stockholm.file} V=$(${pkgs.coreutils}/bin/date +%y.%m) if test -d .git; then V=$V.git.$(${pkgs.git}/bin/git describe --always --dirty) -- cgit v1.2.3 From 97b44fde9ceda01b7503a00cd4a0f4d49dc375cf Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 11 Sep 2018 21:58:13 +0200 Subject: syncthing-device-id: init Source: https://gist.github.com/spectras/b3a6f0093ddb1635b39279e9a539ca21 --- krebs/5pkgs/simple/syncthing-device-id.nix | 36 ++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 krebs/5pkgs/simple/syncthing-device-id.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/syncthing-device-id.nix b/krebs/5pkgs/simple/syncthing-device-id.nix new file mode 100644 index 000000000..f7d167fdf --- /dev/null +++ b/krebs/5pkgs/simple/syncthing-device-id.nix @@ -0,0 +1,36 @@ +{ writePython2Bin }: + +writePython2Bin "syncthing-device-id" {} /* python */ '' + import base64 + import hashlib + import subprocess + import sys + + B32ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567' + + def luhn_checksum(data, alphabet=B32ALPHABET): + n = len(alphabet) + number = tuple(alphabet.index(i) for i in reversed(data)) + result = (sum(number[::2]) + + sum(sum(divmod(i * 2, n)) for i in number[1::2])) % n + return alphabet[-result] + + def main(incert): + der_data = subprocess.check_output(['openssl', 'x509', '-outform', 'DER'], stdin=incert) + data_hash = hashlib.sha256(der_data) + b32_hash = base64.b32encode(data_hash.digest()).decode('ascii') + + result = b32_hash.upper().rstrip('=') + blocks = [result[pos:pos+13] for pos in range(0, len(result), 13)] + result = '''.join(block + luhn_checksum(block) for block in blocks) + + blocks = [result[pos:pos+7] for pos in range(0, len(result), 7)] + print('-'.join(blocks)) + + if __name__ == '__main__': + import argparse + parser = argparse.ArgumentParser(description='Generate syncthing ID from certificate') + parser.add_argument('incert', type=argparse.FileType('rb'), help='Certificate path') + args = parser.parse_args() + main(**vars(args)) +'' -- cgit v1.2.3 From 4fc5cf354f386d495918aec22df9b482e8676555 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 11 Sep 2018 22:10:50 +0200 Subject: syncthing-device-id: satisfy flake8 --- krebs/5pkgs/simple/syncthing-device-id.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/syncthing-device-id.nix b/krebs/5pkgs/simple/syncthing-device-id.nix index f7d167fdf..9fe2b8ffb 100644 --- a/krebs/5pkgs/simple/syncthing-device-id.nix +++ b/krebs/5pkgs/simple/syncthing-device-id.nix @@ -1,6 +1,14 @@ { writePython2Bin }: -writePython2Bin "syncthing-device-id" {} /* python */ '' +writePython2Bin "syncthing-device-id" { + flakeIgnore = [ + "E226" + "E302" + "E305" + "E501" + "F401" + ]; +} /* python */ '' import base64 import hashlib import subprocess -- cgit v1.2.3 From 312eb6e569a3b61325fcf15112500fbf0face65a Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 11 Sep 2018 22:11:20 +0200 Subject: syncthing-device-id: use openssl --- krebs/5pkgs/simple/syncthing-device-id.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/syncthing-device-id.nix b/krebs/5pkgs/simple/syncthing-device-id.nix index 9fe2b8ffb..9533800fd 100644 --- a/krebs/5pkgs/simple/syncthing-device-id.nix +++ b/krebs/5pkgs/simple/syncthing-device-id.nix @@ -1,4 +1,4 @@ -{ writePython2Bin }: +{ openssl, writePython2Bin }: writePython2Bin "syncthing-device-id" { flakeIgnore = [ @@ -24,7 +24,12 @@ writePython2Bin "syncthing-device-id" { return alphabet[-result] def main(incert): - der_data = subprocess.check_output(['openssl', 'x509', '-outform', 'DER'], stdin=incert) + der_data = subprocess.check_output([ + '${openssl}/bin/openssl', + 'x509', + '-outform', + 'DER', + ], stdin=incert) data_hash = hashlib.sha256(der_data) b32_hash = base64.b32encode(data_hash.digest()).decode('ascii') -- cgit v1.2.3 From 0d907539cb0a4473dbc54fe09bb661cb55a5917d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 11 Sep 2018 19:54:20 +0200 Subject: add the real jeschli to root's authorizedKeys --- krebs/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/2configs/default.nix b/krebs/2configs/default.nix index 7b970923d..fafcd72c3 100644 --- a/krebs/2configs/default.nix +++ b/krebs/2configs/default.nix @@ -49,6 +49,7 @@ with import ; users.mutableUsers = false; users.extraUsers.root.openssh.authorizedKeys.keys = [ # TODO + config.krebs.users.jeschli-brauerei.pubkey config.krebs.users.lass.pubkey config.krebs.users.lass-mors.pubkey config.krebs.users.makefu.pubkey -- cgit v1.2.3 From c39f89ed98133bd1ccfc3380eca08374a39d3d72 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 12 Sep 2018 14:33:59 +0200 Subject: buildbot-stockholm: use krebs.ci --- krebs/2configs/buildbot-stockholm.nix | 197 ++-------------------------------- 1 file changed, 11 insertions(+), 186 deletions(-) (limited to 'krebs') diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 0aa9288ec..0ee91ae34 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -1,47 +1,11 @@ -{ config, pkgs, ... }: with import ; +{ config, ... }: with import ; -let - - hostname = config.networking.hostName; - - sourceRepos = [ - "http://cgit.enklave.r/stockholm" - "http://cgit.gum.r/stockholm" - "http://cgit.hotdog.r/stockholm" - "http://cgit.ni.r/stockholm" - "http://cgit.prism.r/stockholm" - ]; - - # usage: build USER HOST - # This executable is meant to be run with as working directory. - # USER is expected to be a subdirectory of the working directory. - build = pkgs.writeDash "build" '' - set -efu - - user=$1 - host=$2 - - result=$(nix-build \ - --argstr name "$host" \ - --argstr target "$HOME"/stockholm-build \ - --attr test \ - --no-build-output \ - --no-out-link \ - --show-trace \ - "$user"/krops.nix \ - ) - - exec "$result" - ''; - - -in { networking.firewall.allowedTCPPorts = [ 80 ]; services.nginx = { enable = true; virtualHosts.build = { - serverAliases = [ "build.${hostname}.r" ]; + serverAliases = [ "build.${config.networking.hostName}.r" ]; locations."/".extraConfig = '' proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; @@ -49,155 +13,16 @@ in ''; }; }; - - krebs.buildbot.master = { - slaves = { - testslave = "lasspass"; - }; - change_source.stockholm = concatMapStrings (repo: '' - cs.append( - changes.GitPoller( - "${repo}", - workdir='stockholm${elemAt(splitString "." repo) 1}', branches=True, - project='stockholm', - pollinterval=10 - ) - ) - '') sourceRepos; - scheduler = { - auto-scheduler = '' - sched.append( - schedulers.SingleBranchScheduler( - change_filter=util.ChangeFilter(branch_re=".*"), - treeStableTimer=60, - name="build-all-branches", - builderNames=[ - "hosts", - ] - ) - ) - ''; - force-scheduler = '' - sched.append( - schedulers.ForceScheduler( - name="hosts", - builderNames=[ - "hosts", - ] - ) - ) - ''; - }; - builder_pre = '' - # prepare grab_repo step for stockholm - grab_repo = steps.Git( - repourl=util.Property('repository', 'http://cgit.hotdog.r/stockholm'), - mode='full', - submodules=True, - ) - ''; - builder = { - hosts = '' - from buildbot import interfaces - from buildbot.steps.shell import ShellCommand - - class StepToStartMoreSteps(ShellCommand): - def __init__(self, **kwargs): - ShellCommand.__init__(self, **kwargs) - - def addBuildSteps(self, steps_factories): - for sf in steps_factories: - step = interfaces.IBuildStepFactory(sf).buildStep() - step.setBuild(self.build) - step.setBuildSlave(self.build.slavebuilder.slave) - step_status = self.build.build_status.addStepWithName(step.name) - step.setStepStatus(step_status) - self.build.steps.append(step) - - def start(self): - props = self.build.getProperties() - hosts = json.loads(props.getProperty('hosts_json')) - for host in hosts: - user = hosts[host]['owner'] - - self.addBuildSteps([steps.ShellCommand( - name=str(host), - env={ - "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src", - "NIX_REMOTE": "daemon", - }, - command=[ - "${build}", user, host - ], - timeout=90001, - workdir='build', # TODO figure out why we need this? - )]) - - ShellCommand.start(self) - - - f = util.BuildFactory() - f.addStep(grab_repo) - - f.addStep(steps.SetPropertyFromCommand( - env={ - "NIX_PATH": "secrets=/var/src/stockholm/null:stockholm=./:/var/src", - "NIX_REMOTE": "daemon", - }, - name="get_hosts", - command=["nix-instantiate", "--json", "--strict", "--eval", "-E", """ - with import {}; - let - eval-config = cfg: - import { - modules = [ - (import cfg) - ]; - } - ; - - system = eval-config ./krebs/1systems/hotdog/config.nix; # TODO put a better config here - - ci-systems = lib.filterAttrs (_: v: v.ci) system.config.krebs.hosts; - - filtered-attrs = lib.mapAttrs ( n: v: { - owner = v.owner.name; - }) ci-systems; - - in filtered-attrs - """], - property="hosts_json" - )) - f.addStep(StepToStartMoreSteps(command=["echo"])) # TODO remove dummy command from here - - bu.append( - util.BuilderConfig( - name="hosts", - slavenames=slavenames, - factory=f - ) - ) - ''; - }; + krebs.ci = { enable = true; - web.enable = true; - irc = { - enable = true; - nick = "build|${hostname}"; - server = "irc.r"; - channels = [ "noise" "xxx" ]; - allowForce = true; + repos = { + stockholm.urls = [ + "http://cgit.enklave.r/stockholm" + "http://cgit.gum.r/stockholm" + "http://cgit.hotdog.r/stockholm" + "http://cgit.ni.r/stockholm" + "http://cgit.prism.r/stockholm" + ]; }; - extraConfig = '' - c['buildbotURL'] = "http://build.${hostname}.r/" - ''; - }; - - krebs.buildbot.slave = { - enable = true; - masterhost = "localhost"; - username = "testslave"; - password = "lasspass"; - packages = with pkgs; [ gnumake jq nix populate gnutar lzma gzip ]; }; } -- cgit v1.2.3 From d580af7fd9c210f584603aa32318761b4eb3a877 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 12 Sep 2018 15:21:45 +0200 Subject: ci: join #xxx again --- krebs/3modules/ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index cf82401d3..33afb2c0a 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -141,7 +141,7 @@ let enable = true; nick = "build|${hostname}"; server = "irc.r"; - channels = [ "noise" ]; + channels = [ "xxx" "noise" ]; allowForce = true; }; extraConfig = '' -- cgit v1.2.3 From f2c8723bb8ad12abb6b9ec6d562acf7d64cc5fff Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 13 Sep 2018 14:41:26 +0200 Subject: ci: silence nix-build/nix-instantiate --- krebs/3modules/ci.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 33afb2c0a..37aef74ef 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -26,8 +26,8 @@ let hostname = config.networking.hostName; getJobs = pkgs.writeDash "get_jobs" '' - nix-build --no-out-link ./ci.nix 2>&1 > /dev/null - nix-instantiate --eval --strict --json ./ci.nix + nix-build --no-out-link --quiet -Q ./ci.nix > /dev/null + nix-instantiate --quiet -Q --eval --strict --json ./ci.nix ''; imp = { -- cgit v1.2.3 From 244d31c7611e26e9cac91af2e945910b38acee96 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 13 Sep 2018 14:41:58 +0200 Subject: ci: split schedulers by repo --- krebs/3modules/ci.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 37aef74ef..fdc8b9dc4 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -53,9 +53,12 @@ let nameValuePair name '' sched.append( schedulers.SingleBranchScheduler( - change_filter=util.ChangeFilter(branch_re=".*"), + change_filter=util.ChangeFilter( + branch_re=".*", + project='${name}', + ), treeStableTimer=60, - name="build-all-branches", + name="${name}-all-branches", builderNames=[ "${name}", ] -- cgit v1.2.3 From 45750d32ed73af19d9b1116c20ac655e9aa34f20 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 13 Sep 2018 21:51:58 +0200 Subject: krebs krops: 1.3.1 -> 1.3.2 --- krebs/krops.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/krops.nix b/krebs/krops.nix index e5013ad08..864cc8066 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -2,7 +2,7 @@ krops = builtins.fetchGit { url = https://cgit.krebsco.de/krops/; - rev = "4e466eaf05861b47365c5ef46a31a188b70f3615"; + rev = "c46166d407c7d246112f13346621a3fbdb25889e"; }; lib = import "${krops}/lib"; -- cgit v1.2.3 From 96ea1311d698ec30ab14af0f0169367fc1e6260b Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 14 Sep 2018 09:57:09 +0200 Subject: buildbot: test nix-writers --- krebs/2configs/buildbot-stockholm.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'krebs') diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 0ee91ae34..8284ff3b3 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -16,6 +16,12 @@ krebs.ci = { enable = true; repos = { + nix_writers.urls = [ + "http://cgit.hotdog.r/nix-writers" + "http://cgit.ni.r/nix-writers" + "http://cgit.prism.r/nix-writers" + "https://git.ingolf-wagner.de/krebs/nix-writers.git" + ]; stockholm.urls = [ "http://cgit.enklave.r/stockholm" "http://cgit.gum.r/stockholm" -- cgit v1.2.3 From da41d8b4738083d5ad2263d5ed657ddb9f941cb4 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 14 Sep 2018 11:40:48 +0200 Subject: buildbot: test disko --- krebs/2configs/buildbot-stockholm.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'krebs') diff --git a/krebs/2configs/buildbot-stockholm.nix b/krebs/2configs/buildbot-stockholm.nix index 8284ff3b3..d10fb7203 100644 --- a/krebs/2configs/buildbot-stockholm.nix +++ b/krebs/2configs/buildbot-stockholm.nix @@ -16,6 +16,12 @@ krebs.ci = { enable = true; repos = { + disko.urls = [ + "http://cgit.gum.r/disko" + "http://cgit.hotdog.r/disko" + "http://cgit.ni.r/disko" + "http://cgit.prism.r/disko" + ]; nix_writers.urls = [ "http://cgit.hotdog.r/nix-writers" "http://cgit.ni.r/nix-writers" -- cgit v1.2.3 From 3b5f868a5bfefd80a09345f169f0fa963eca0293 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 14 Sep 2018 11:41:12 +0200 Subject: ci: set env for test-runners --- krebs/3modules/ci.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index fdc8b9dc4..817539645 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -100,6 +100,10 @@ let command=[ new_steps[new_step] ], + env={ + "NIX_REMOTE": "daemon", + "NIX_PATH": "secrets=/var/src/stockholm/null:/var/src", + }, timeout=90001, workdir='build', # TODO figure out why we need this? )]) -- cgit v1.2.3 From 0b3497384e7e67e734f5f771fcb5aa649ad964d2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 14 Sep 2018 13:57:58 +0200 Subject: ci: ignore stderr from getJobs --- krebs/3modules/ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 817539645..16c6d4315 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -128,7 +128,7 @@ let }, name="get_steps", command=["${getJobs}"], - property="steps_json" + extract_fn=lambda rc, stdout, stderr: { 'steps_json': stdout }, )) f_${name}.addStep(StepToStartMoreSteps(command=["echo"])) # TODO remove dummy command from here -- cgit v1.2.3 From fd6ee0d79b3b58eb15857667cdd47e48a7b40a57 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 16 Sep 2018 00:32:35 +0200 Subject: ma crapi.r: init --- krebs/3modules/makefu/default.nix | 54 +++++++++++++++++++++++++++++++++++---- 1 file changed, 49 insertions(+), 5 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 9630d7a7f..454f9bc65 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -1,7 +1,9 @@ { config, ... }: with import ; - +## generate keys with: +# tinc generate-keys +# ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host { hosts = mapAttrs (_: setAttr "owner" config.krebs.users.makefu) { cake = rec { @@ -29,6 +31,32 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGyJlI0YpIh/LiiPMseD2IBHg+uVGrkSy0MPNeD+Jv8Y cake"; }; + crapi = rec { # raspi1 + cores = 1; + ci = false; + nets = { + retiolum = { + ip4.addr = "10.243.136.237"; + ip6.addr = "42:b3b2:9552:eef0:ee67:f3b3:8d33:eee2"; + aliases = [ + "crapi.r" + ]; + tinc.pubkey = '' + Ed25519PublicKey = Zkh6vtSNBvKYUjCPsMyAFJmxzueglCDoawVPCezKy4F + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAloXLBfZQEVW9mJ7uwOoa+DfV4ek/SG+JQuexJMugei/iNy0NjY66 + OVIkzFmED32c3D7S1+Q+5Mc3eR02k1o7XERpZeZhCtJOBlS4xMzCKH62E4USvH5L + R4O8XX1o/tpeOuZvpnpY1oPmFFc/B5G2jWWQR4Slpbw7kODwYYm5o+B7n+MkVNrk + OEOHLaaO6I5QB3GJvDH2JbwzDKLVClQM20L/EvIwnB+Xg0q3veKFj0WTXEK+tuME + di++RV4thhZ9IOgRTJOeT94j7ulloh15gqYaIqRqgtzfWE2TnUxvl+upB+yQHNtl + bJFLHkE34cQGxEv9dMjRe8i14+Onhb3B6wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGaV5Ga5R8RTrA+nclxw6uy5Z+hPBLitQTfuXdsmbVW6 crapi"; + }; drop = rec { ci = true; cores = 1; @@ -298,6 +326,13 @@ with import ; -----END RSA PUBLIC KEY----- ''; }; + #wiregrill = { + # ip6.addr = "42:4200:0000:0000:0000:0000:0000:a4db"; + # aliases = [ + # "x.w" + # ]; + # wireguard.pubkey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; + #}; }; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDM0E608d/6rGzXqGbNSuMb2RlCojCJSiiz6QcPOC2G root@x"; @@ -457,8 +492,6 @@ with import ; ip6.addr = "42:f9f0::10"; aliases = [ "omo.r" - "logs.makefu.r" - "stats.makefu.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -525,7 +558,9 @@ with import ; "krebsco.de" = '' cache.euer IN A ${nets.internet.ip4.addr} cache.gum IN A ${nets.internet.ip4.addr} + graph IN A ${nets.internet.ip4.addr} gold IN A ${nets.internet.ip4.addr} + iso.euer IN A ${nets.internet.ip4.addr} ''; }; cores = 8; @@ -537,13 +572,24 @@ with import ; "nextgum.i" ]; }; + #wiregrill = { + # via = internet; + # ip6.addr = "42:4200:0000:0000:0000:0000:0000:70d3"; + # aliases = [ + # "gum.w" + # ]; + # wireguard.pubkey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + #}; retiolum = { via = internet; ip4.addr = "10.243.0.213"; ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3"; aliases = [ "nextgum.r" + "graph.r" "cache.gum.r" + "logs.makefu.r" + "stats.makefu.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -579,7 +625,6 @@ with import ; boot.euer IN A ${nets.internet.ip4.addr} wiki.euer IN A ${nets.internet.ip4.addr} mon.euer IN A ${nets.internet.ip4.addr} - graph IN A ${nets.internet.ip4.addr} ghook IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} photostore IN A ${nets.internet.ip4.addr} @@ -604,7 +649,6 @@ with import ; "o.gum.r" "tracker.makefu.r" - "graph.r" "search.makefu.r" "wiki.makefu.r" "wiki.gum.r" -- cgit v1.2.3 From 5487d466d0d9b596b054c545b499aecbbe56b5aa Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 16 Sep 2018 01:46:46 +0200 Subject: nix-writers: 5d79992 -> 3.0.0 --- krebs/3modules/setuid.nix | 2 +- krebs/5pkgs/simple/krebspaste/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/setuid.nix b/krebs/3modules/setuid.nix index 02176ec4a..3ba598a45 100644 --- a/krebs/3modules/setuid.nix +++ b/krebs/3modules/setuid.nix @@ -58,7 +58,7 @@ let }; }; config.activate = let - src = pkgs.execve config.name { + src = pkgs.exec config.name { inherit (config) envp filename; }; dst = "${wrapperDir}/${config.name}"; diff --git a/krebs/5pkgs/simple/krebspaste/default.nix b/krebs/5pkgs/simple/krebspaste/default.nix index 31ad12780..a11c8c90a 100644 --- a/krebs/5pkgs/simple/krebspaste/default.nix +++ b/krebs/5pkgs/simple/krebspaste/default.nix @@ -1,6 +1,6 @@ { writeDashBin, bepasty-client-cli }: -# TODO use `execve` instead? +# TODO use `pkgs.exec` instead? writeDashBin "krebspaste" '' exec ${bepasty-client-cli}/bin/bepasty-cli -L 1m --url http://paste.r "$@" | sed '$ s/$/\/+inline/g' '' -- cgit v1.2.3 From f6893b0cd08552e8f9cec9c8cc526470f49e6848 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 16 Sep 2018 18:23:00 +0200 Subject: wolf.r: more aliases --- krebs/3modules/krebs/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index e6eb3d287..889ee2817 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -129,6 +129,8 @@ in { "graphite.shack" "acng.shack" "drivedroid.shack" + "mobile.lounge.mpd.shack" + "lounge.mpd.wolf.shack" ]; }; retiolum = { @@ -138,6 +140,7 @@ in { "wolf.r" "build.wolf.r" "cgit.wolf.r" + "lounge.mpd.wolf.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- -- cgit v1.2.3 From eb0087649d7174763cc790313994f2d9f2f62c19 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 16 Sep 2018 19:46:08 +0200 Subject: Reaktor: 0.5.1 -> 0.6.0 --- krebs/5pkgs/simple/Reaktor/default.nix | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/Reaktor/default.nix b/krebs/5pkgs/simple/Reaktor/default.nix index 6989bb02b..a9566087f 100644 --- a/krebs/5pkgs/simple/Reaktor/default.nix +++ b/krebs/5pkgs/simple/Reaktor/default.nix @@ -1,8 +1,8 @@ -{ lib, pkgs,python3Packages,fetchurl, ... }: +{ lib, pkgs, python3Packages, fetchFromGitHub, ... }: python3Packages.buildPythonPackage rec { name = "Reaktor-${version}"; - version = "0.5.1"; + version = "0.6.0"; doCheck = false; @@ -10,9 +10,11 @@ python3Packages.buildPythonPackage rec { python3Packages.docopt python3Packages.requests ]; - src = fetchurl { - url = "https://pypi.python.org/packages/source/R/Reaktor/Reaktor-${version}.tar.gz"; - sha256 = "0dn9r0cyxi1sji2pnybsrc4hhaaq7hmf235nlgkrxqlsdb7y6n6n"; + src = fetchFromGitHub { + owner = "krebs"; + repo = "Reaktor"; + rev = version; + sha256 = "0nsnv1rixmlg5wkb74b4f5bycb42b9rp4b14hijh558hbsa1b9am"; }; meta = { homepage = http://krebsco.de/; -- cgit v1.2.3 From 4bcb98a3c4c29a20289b7706667d24c514edd62c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 16 Sep 2018 19:49:54 +0200 Subject: reaktor-krebs: configure nickserv password --- krebs/2configs/reaktor-krebs.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'krebs') diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix index ba3715161..dc2838cae 100644 --- a/krebs/2configs/reaktor-krebs.nix +++ b/krebs/2configs/reaktor-krebs.nix @@ -10,6 +10,7 @@ with import ; ]; extraEnviron = { REAKTOR_HOST = "irc.freenode.org"; + REAKTOR_NICKSERV_PASSWORD = "/var/lib/Reaktor/reaktor_nickserv_password"; }; plugins = with pkgs.ReaktorPlugins; [ sed-plugin @@ -21,4 +22,9 @@ with import ; (attrValues (todo "agenda")) ; }; + krebs.secret.files.nix-serve-key = { + path = "/var/lib/Reaktor/reaktor_nickserv_password"; + owner.name = "Reaktor"; + source-path = toString + "/reaktor_nickserv_password"; + }; } -- cgit v1.2.3 From 934d8878158e640c8b5b0f5cc9501f6e10eb1260 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 16 Sep 2018 22:19:36 +0200 Subject: reaktor plugins: fix writePython usage --- krebs/5pkgs/simple/Reaktor/plugins.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 92a270ef3..2ccc1c8e9 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -120,7 +120,7 @@ rec { url-title = (buildSimpleReaktorPlugin "url-title" { pattern = "^.*(?Phttp[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; - script = pkgs.writePython3 "url-title" [ "beautifulsoup4" "lxml" ] '' + script = pkgs.writePython3 "url-title" { deps = [ "beautifulsoup4" "lxml" ]; } '' import cgi import sys import urllib.request -- cgit v1.2.3 From 6e2a93f9aba19a96038f858132b09607eb2f4619 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Sep 2018 16:13:55 +0200 Subject: Reaktor sed-plugin: add until open shelve file --- krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py index 51ac7a071..ecb03917b 100644 --- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py @@ -8,9 +8,19 @@ import shelve from os import environ from os.path import join from sys import argv +from time import sleep import re -d = shelve.open(join(environ['state_dir'], 'sed-plugin.shelve'), writeback=True) +# try to open the shelve file until it succeeds +while True: + try: + d = shelve.open( + join(environ['state_dir'], 'sed-plugin.shelve'), + writeback=True + ) + break + except: # noqa: E722 + sleep(0.2) usr = environ['_from'] -- cgit v1.2.3 From d349e0a03e42b23dd37141b892f645c157255724 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Sep 2018 16:14:52 +0200 Subject: reaktor-retiolum: join #noise --- krebs/2configs/reaktor-retiolum.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix index 90573ca1c..824f59d09 100644 --- a/krebs/2configs/reaktor-retiolum.nix +++ b/krebs/2configs/reaktor-retiolum.nix @@ -4,7 +4,7 @@ with import ; { krebs.Reaktor.retiolum = { nickname = "Reaktor|lass"; - channels = [ "#xxx" ]; + channels = [ "#noise" "#xxx" ]; extraEnviron = { REAKTOR_HOST = "irc.r"; }; -- cgit v1.2.3 From 6501dffc5ba7b53c838b5d64fae152631d510907 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Sep 2018 18:55:14 +0200 Subject: Reaktor: set PYTHONPATH (to fix caps) --- krebs/3modules/Reaktor.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix index 99a7a55ef..677b6f7b8 100644 --- a/krebs/3modules/Reaktor.nix +++ b/krebs/3modules/Reaktor.nix @@ -122,6 +122,7 @@ let wantedBy = [ "multi-user.target" ]; environment = { GIT_SSL_CAINFO = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + PYTHONPATH = "${pkgs.Reaktor}/lib/python3.6/site-packages"; REAKTOR_NICKNAME = botcfg.nickname; REAKTOR_DEBUG = (if botcfg.debug then "True" else "False"); REAKTOR_CHANNELS = lib.concatStringsSep "," botcfg.channels; -- cgit v1.2.3 From 61bddc8d224cf956f1f34cbbefea779bf4c77359 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 18 Sep 2018 22:06:01 +0200 Subject: Reaktor url-title: fix writePython usage --- krebs/5pkgs/simple/Reaktor/plugins.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index 2ccc1c8e9..6f59ad1de 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -120,7 +120,7 @@ rec { url-title = (buildSimpleReaktorPlugin "url-title" { pattern = "^.*(?Phttp[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; - script = pkgs.writePython3 "url-title" { deps = [ "beautifulsoup4" "lxml" ]; } '' + script = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } '' import cgi import sys import urllib.request -- cgit v1.2.3 From 3d17f8bbe5ed8c08db00cffc4979631f8be6a178 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 18 Sep 2018 22:15:54 +0200 Subject: krebs: add brain@krebsco.de ML --- krebs/3modules/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 82ae3b02e..41b701cd0 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -182,6 +182,11 @@ let to = concatMapStringsSep "," (getAttr "mail") (toList to); }; in mapAttrsToList format (with config.krebs.users; let + brain-ml = [ + lass + makefu + tv + ]; eloop-ml = spam-ml ++ [ ciko ]; spam-ml = [ lass @@ -191,6 +196,7 @@ let ciko.mail = "ciko@slash16.net"; in { "anmeldung@eloop.org" = eloop-ml; + "brain@krebsco.de" = brain-ml; "cfp@eloop.org" = eloop-ml; "kontakt@eloop.org" = eloop-ml; "root@eloop.org" = eloop-ml; -- cgit v1.2.3 From 998bea0b074f93f3380a10ef1d42e64cfc564a1f Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 18 Sep 2018 22:39:53 +0200 Subject: krebs.announce-activation: run after etc --- krebs/3modules/announce-activation.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/announce-activation.nix b/krebs/3modules/announce-activation.nix index 8f8440eb7..76eb4b136 100644 --- a/krebs/3modules/announce-activation.nix +++ b/krebs/3modules/announce-activation.nix @@ -53,7 +53,7 @@ in { }; }; config = mkIf cfg.enable { - system.activationScripts.announce-activation = '' + system.activationScripts.announce-activation = stringAfter [ "etc" ] '' ${announce-activation} ''; }; -- cgit v1.2.3 From 0cea8b73ca86ec0ffc3b97cd08724d38c809a659 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 21 Sep 2018 17:00:29 +0200 Subject: nixpkgs: a37638d -> d16a7ab --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index a9a0f6634..a3612fa7a 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "a37638d46706610d12c9747614fd1b8f8d35ad48", - "date": "2018-08-30T21:03:26+02:00", - "sha256": "0rsdkk4z7pkqr2mw0pq7i6fkqs7gbi5kral3c8smm9bw104sn8v7", + "rev": "d16a7abceb72aac85e0deb8c45fbcb7127baf628", + "date": "2018-09-20T18:31:51-05:00", + "sha256": "0byf6rlwwy70v2sdfmv7mnwd0kvxmlq0pi8ijghg0mcfhcqibgh7", "fetchSubmodules": true } -- cgit v1.2.3 From d6345a8b05f6882f8349edddf29c103926c134bd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Sep 2018 23:31:47 +0200 Subject: ci: notify on build start --- krebs/3modules/buildbot/master.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index a02f3645d..209dbe980 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -82,6 +82,7 @@ let irc = words.IRC("${cfg.irc.server}", "${cfg.irc.nick}", channels=${builtins.toJSON cfg.irc.channels}, notify_events={ + 'started': 1, 'success': 1, 'failure': 1, 'exception': 1, -- cgit v1.2.3 From f23f483a8f282445aa2558ae1a820b43863e8a70 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 23 Sep 2018 23:49:43 +0200 Subject: buildbot slave: remove obsolete garbage deletion --- krebs/3modules/buildbot/slave.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index fba585448..544f9c4e0 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -160,8 +160,6 @@ let # TODO: maybe also prepare buildbot.tac? ExecStartPre = pkgs.writeDash "buildbot-master-init" '' set -efux - #remove garbage from old versions - rm -rf ${workdir} mkdir -p ${workdir}/info cp ${buildbot-slave-init} ${workdir}/buildbot.tac echo ${contact} > ${workdir}/info/admin -- cgit v1.2.3 From f473c1f7893abb4d7f299d5cf7d0f382086cba9e Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 Sep 2018 09:05:53 +0200 Subject: buildbot-classic: 0.8.17 -> 0.8.18 --- krebs/5pkgs/simple/buildbot-classic/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index 4fae6256d..665b36ab4 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -2,7 +2,7 @@ python2Packages.buildPythonApplication rec { name = "buildbot-classic-${version}"; - version = "0.8.17"; + version = "0.8.18"; namePrefix = ""; patches = []; @@ -10,7 +10,7 @@ python2Packages.buildPythonApplication rec { owner = "krebs"; repo = "buildbot-classic"; rev = version; - sha256 = "0yn0n37rs2bhz9q0simnvyzz5sfrpqhbdm6pdj6qk7sab4y6xbq8"; + sha256 = "0b4y3n9zd2gdy8xwk1vpvs4n9fbg72vi8mx4ydgijwngcmdqkjmq"; }; postUnpack = "sourceRoot=\${sourceRoot}/master"; -- cgit v1.2.3