From b4fb85aa44a7094a8adb9fd60ffde75d13841ae9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 11 Dec 2017 20:24:24 +0100 Subject: l: add xerxes.r --- krebs/3modules/lass/default.nix | 45 ++++++++++++++++++++++++++++++++++++++ krebs/3modules/lass/ssh/xerxes.rsa | 1 + 2 files changed, 46 insertions(+) create mode 100644 krebs/3modules/lass/ssh/xerxes.rsa (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ff6ba474f..ecf549df9 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -574,6 +574,47 @@ with import ; }; }; }; + xerxes = { + cores = 2; + nets = rec { + retiolum = { + ip4.addr = "10.243.1.3"; + ip6.addr = "42::1:3"; + aliases = [ + "xerxes.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U + MZyAqNjLuKq3CKzJLo02ZmdFs4CT1Hj28p5IC0wLUWn53hrqdy8cCJDvIiKIv+Jk + gItsxJyMnRtsdDbB6IFJ08D5ReGdAFJT5lqpN0DZuNC6UQRxzUK5fwKYVVzVX2+W + /EZzEPe5XbE69V/Op2XJ2G6byg9KjOzNJyJxyjwVco7OXn1OBNp94NXoFrUO7kxb + mTNnh3D+iB4c3qv8woLhmb+Uh/9MbXS14QrSf85ou4kfUjb5gdhjIlzz+jfA/6XO + X4t86uv8L5IzrhSGb0TmhrIh5HhUmSKT4RdHJom0LB7EASMR2ZY9AqIG11XmXuhj + +2b5INBZSj8Cotv5aoRXiPSaOd7bw7lklYe4ZxAU+avXot9K3/4XVLmi6Wa6Okim + hz+MEYjW5gXY+YSUWXOR4o24jTmDjQJpdL83eKwLVAtbrE7TcVszHX6zfMoQZ5M9 + 3EtOkDMxhC+WfkL+DLQAURhgcPTZoaj0cAlvpb0TELZESwTBI09jh/IBMXHBZwI4 + H1gOD5YENpf0yUbLjVu4p82Qly10y58XFnUmYay0EnEgdPOOVViovGEqTiAHMmm5 + JixtwJDz7a6Prb+owIg27/eE1/E6hpfXpU8U83qDYGkIJazLnufy32MTFE4T9fI4 + hS8icFcNlsobZp+1pB3YK4GV5BnvMwOIVXVlP8yMCRTDRWZ4oYmAZ5apD7OXyNwe + SUP2mCNNlQCqyjRsxj5S1lZQRy1sLQztU5Sff4xYNK+5aPgJACmvSi3uaJAxBloo + 4xCCYzxhaBlvwVISJXZTq76VSPybeQ+pmSZFMleNnWOstvevLFeOoH2Is0Ioi1Fe + vnu5r0D0VYsb746wyRooiEuOAjBmni8X/je6Vwr1gb/WZfZ23EwYpGyakJdxLNv3 + Li+LD9vUfOR80WL608sUU45tAx1RAy6QcH/YDtdClbOdK53+cQVTsYnCvDW8uGlO + scQWgk+od3qvo6yCPO7pRlEd3nedcPSGh/KjBHao6eP+bsVERp733Vb9qrEVwmxv + jlZ1m12V63wHVu9uMAGi9MhK+2Q/l7uLTj03OYpi4NYKL2Bu01VXfoxuauuZLdIJ + Z3ZV+qUcjzZI0PBlGxubq6CqVFoSB7nhHUbcdPQ66WUnwoKq0cKmE7VOlJQvJ07u + /Wsl8BIsxODVt0rTzEAx0hTd5mJCX7sCawRt+NF+1DZizl9ouebNMkNlsEAg4Ps0 + bQerZLcOmpYjGa5+lWDwJIMXVIcxwTmQR86stlP/KQm0vdOvH2ZUWTXcYvCYlHkQ + sgVnnA2wt+7UpZnEBHy04ry+jYaSsPdYgwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; + }; }; users = { lass = { @@ -602,6 +643,10 @@ with import ; mail = "lass@icarus.r"; pubkey = builtins.readFile ./ssh/icarus.rsa; }; + lass-xerxes = { + mail = "lass@xerxes.r"; + pubkey = builtins.readFile ./ssh/xerxes.rsa; + }; fritz = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540"; }; diff --git a/krebs/3modules/lass/ssh/xerxes.rsa b/krebs/3modules/lass/ssh/xerxes.rsa new file mode 100644 index 000000000..2b5da7b25 --- /dev/null +++ b/krebs/3modules/lass/ssh/xerxes.rsa @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGjBN0aFs6GxNwMjCvlddbN6+vb6LZuWiWWe+wbAynaGuGbae0TXCLp0/eMNy7fH8poDjpdW9M4mKbBFKOqyG8WJLCPFoQw761tjKl1hccJn0hFSkQAEGKxtfzHlAl/Mz+59yvqNg7/WNSivv41hE7btYltzRy238VQDYFv2eLM7acyxrgGo7tWOtkbpfELj5cM8Qw1j3TF9bGV5pK6IOEtaHbmalS8Iiz77syAu+6E/y6zKBTtGMHI15l6RNJ/Y7A1LM/WwuNL+9dJMYWJFVHy3/4dpaxiioHREiSawUbz9wNHknCrT6vaPCIVVcujhz9Oee1C5UiYUyyfJrFYdlzaTg7FuLNIt2hKMY6NYx1D8/Pwpq1JOsaEfK/K5ytCgaJb115mRevcaUA5s7KYNWHmmZvy08JzCgSM6ZPRtfkQIcha77wVq6DugJ+KgBz+oADQRKiaMrumOMldd0B3q4Oxb71gDTE1XLAbWJnd/0Up1H5GAtZZUUrMUslZiU/23R6SOkyEMLWQTx/KgkWcz8DZLtib5o03uZpfJDVqp2CR+sjmy4x9aa+lSaOzuZP0KRyg+mOKl0o3zL7TNAzrzSCORVBg7nOh+0SPJkDxVRkc6dVY1L3ZOfdm2P/19fhWEr5ECgVrmYYKnDPwWY1iWJlZsiEc3Mj7KB1m44ov0FJg2hiNnydImqcXTCoszp515MBmeHnpqJsqEZuWS8dAnaEiOwZaSKIO1E7lQ7CoP86+eD4yAwLq6fb2tgjHT69LgDMaIha4hMfrO2o4UDVw9OZMfnPtyatI4pxplaQDoQM1p0dej0rZ7uxL1tfoKAyT0UCdtjhxfnNs0x1gOQbML4eGbqyKuyF82eOQRgKRDqH/tParoE4SRBVi7o3s0kILRmXA3ng3n1uhEiGwPTH8JsQ9huM+XOhH8+CzQeg4yb/jCrhsDzvLaW654+ouq9G+kjwqmO4vLNs5eZxfae84rppbS2MJqK1x8rkJixvKBKEfvYJOuDNV+hXyMbToaq8qtGy7cCSq4+UDio3DsSHY0Tpt9e+yEzoOOqFQLQyq6uHv/+u9MY+VADoa4N64U3S2SXul9tE3g6hOAY0F5BYMbxQSuj59kzwghlAmbsyWN2FCmWdsfCQkkZX7wCTj20DtZB/GdVSGNgHGAoU5JZrXKca3A2Yc9hzbYjyNYr0NmQ9NUbkbaOkcYJRIUXtS2OBOHP+FoUkkqL3ieKXR07l5xJbWLzbyVUxN9Zii4Baj5xnDO/RLZPDvTUxbER/0d1orMZztL2EKmfSn4j4uhWqpi04Rg9sWH+WVLAq22EKhAuqcFEOUimjcyZWYKxcAq5Z51NJNBQB7euz55eCJUZkBUYEpNuYr0UDlmBxKB2r6ZWDeNXT7eLxBdwDHCHSqXV7qOG1vMhHtjbbxmQMnkQ4InhO9TdpaN3tj67nGmc6hhgYO4b7NvyL1/pvDPrHrR/3GzkDkwqvt3uESdVdqAJSCk6gFh9V1aGs= lass@xerxes -- cgit v1.2.3 From 7838e709d149b9bf33c542a7451e235a61a29a21 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Dec 2017 18:50:36 +0100 Subject: krebs.backup: restartIfChanged = false --- krebs/3modules/backup.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index 6f015d66b..c0b218c15 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -83,6 +83,7 @@ let rsync utillinux ]; + restartIfChanged = false; serviceConfig = rec { ExecStart = start plan; SyslogIdentifier = ExecStart.name; -- cgit v1.2.3 From 47f3d044e4d8e45168d54dc69368a598330b76ae Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 12 Dec 2017 18:53:07 +0100 Subject: krebs.repo-sync: restartIfChanged = false --- krebs/3modules/repo-sync.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs') diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 0211b31ba..b2e3aa7c5 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -173,6 +173,7 @@ let REPONAME = "${name}.git"; }; + restartIfChanged = false; serviceConfig = { Type = "simple"; PermissionsStartOnly = true; -- cgit v1.2.3 From 2a3a3248def505c64c3f596acefa894959d4a20d Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Dec 2017 21:06:21 +0100 Subject: cidr2glob: init Based on https://gist.github.com/speshak/b62fa28b49377cda8047cb227837244c --- krebs/5pkgs/simple/cidr2glob.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 krebs/5pkgs/simple/cidr2glob.nix (limited to 'krebs') diff --git a/krebs/5pkgs/simple/cidr2glob.nix b/krebs/5pkgs/simple/cidr2glob.nix new file mode 100644 index 000000000..9b0b3f86b --- /dev/null +++ b/krebs/5pkgs/simple/cidr2glob.nix @@ -0,0 +1,30 @@ +{ python, writeScriptBin, ... }: + +let + pythonEnv = python.withPackages (ps: [ ps.netaddr ]); +in + writeScriptBin "cidr2glob" '' + #! ${pythonEnv}/bin/python + + import netaddr + import re + import sys + + def cidr2glob(cidr): + net = netaddr.IPNetwork(cidr) + + if net.prefixlen <= 8: + return map(lambda subnet: re.sub(r'\.0\.0\.0$', '.*', str(subnet.ip)), net.subnet(8)) + elif net.prefixlen <= 16: + return map(lambda subnet: re.sub(r'\.0\.0$', '.*', str(subnet.ip)), net.subnet(16)) + elif net.prefixlen <= 24: + return map(lambda subnet: re.sub(r'\.0$', '.*', str(subnet.ip)), net.subnet(24)) + else: + return map(lambda ip: str(ip), list(net)) + + if __name__ == "__main__": + for cidr in sys.stdin: + for glob in cidr2glob(cidr): + print glob + + '' -- cgit v1.2.3 From 19fcba24f1ef050a8f8d553f09348adb2a007041 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 12 Dec 2017 21:08:50 +0100 Subject: github: generate ssh_config from API --- krebs/3modules/default.nix | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index a8933e719..5bedbcf25 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -224,21 +224,26 @@ let }; }) // - # GitHub's IPv4 address range is 192.30.252.0/22 - # Refs https://help.github.com/articles/github-s-ip-addresses/ - # 192.30.252.0/22 = 192.30.252.0-192.30.255.255 (1024 addresses) - # Because line length is limited by OPENSSH_LINE_MAX (= 8192), - # we split each /24 into its own entry. - listToAttrs (map - (c: { - name = "github${toString c}"; - value = { - hostNames = ["github.com"] ++ - map (d: "192.30.${toString c}.${toString d}") (range 0 255); - publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; - }; - }) - (range 252 255)) + { + github = { + hostNames = [ + "github.com" + # List generated with + # curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob + "192.30.253.*" + "192.30.254.*" + "192.30.255.*" + "185.199.108.*" + "185.199.109.*" + "185.199.110.*" + "185.199.111.*" + "18.195.85.27" + "18.194.104.89" + "35.159.8.160" + ]; + publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; + }; + } // mapAttrs (name: host: { -- cgit v1.2.3 From f3f61c85fd66f496bbaa850a6a01db2a79914ae6 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 13 Dec 2017 15:19:19 +0100 Subject: haskellPackages.nix-diff: 1.0.0 -> 1.0.0-krebs1 --- krebs/5pkgs/haskell/nix-diff.nix | 22 ---------------------- krebs/5pkgs/haskell/nix-diff/default.nix | 25 +++++++++++++++++++++++++ krebs/5pkgs/haskell/nix-diff/nixos-system.patch | 18 ++++++++++++++++++ 3 files changed, 43 insertions(+), 22 deletions(-) delete mode 100644 krebs/5pkgs/haskell/nix-diff.nix create mode 100644 krebs/5pkgs/haskell/nix-diff/default.nix create mode 100644 krebs/5pkgs/haskell/nix-diff/nixos-system.patch (limited to 'krebs') diff --git a/krebs/5pkgs/haskell/nix-diff.nix b/krebs/5pkgs/haskell/nix-diff.nix deleted file mode 100644 index 2070dbd2e..000000000 --- a/krebs/5pkgs/haskell/nix-diff.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl -, nix-derivation, optparse-generic, stdenv, system-filepath, text -, unix, vector -}: -mkDerivation { - pname = "nix-diff"; - version = "1.0.0"; - src = fetchgit { - url = "https://github.com/Gabriel439/nix-diff"; - sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k"; - rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d"; - }; - isLibrary = false; - isExecutable = true; - executableHaskellDepends = [ - attoparsec base containers Diff mtl nix-derivation optparse-generic - system-filepath text unix vector - ]; - homepage = "https://github.com/Gabriel439/nix-diff"; - description = "Explain why two Nix derivations differ"; - license = stdenv.lib.licenses.bsd3; -} diff --git a/krebs/5pkgs/haskell/nix-diff/default.nix b/krebs/5pkgs/haskell/nix-diff/default.nix new file mode 100644 index 000000000..df0315048 --- /dev/null +++ b/krebs/5pkgs/haskell/nix-diff/default.nix @@ -0,0 +1,25 @@ +{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl +, nix-derivation, optparse-generic, stdenv, system-filepath, text +, unix, vector +}: +mkDerivation { + pname = "nix-diff"; + version = "1.0.0-krebs1"; + src = fetchgit { + url = "https://github.com/Gabriel439/nix-diff"; + sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k"; + rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d"; + }; + patches = [ + ./nixos-system.patch + ]; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + attoparsec base containers Diff mtl nix-derivation optparse-generic + system-filepath text unix vector + ]; + homepage = "https://github.com/Gabriel439/nix-diff"; + description = "Explain why two Nix derivations differ"; + license = stdenv.lib.licenses.bsd3; +} diff --git a/krebs/5pkgs/haskell/nix-diff/nixos-system.patch b/krebs/5pkgs/haskell/nix-diff/nixos-system.patch new file mode 100644 index 000000000..03e186aa9 --- /dev/null +++ b/krebs/5pkgs/haskell/nix-diff/nixos-system.patch @@ -0,0 +1,18 @@ +diff --git a/src/Main.hs b/src/Main.hs +index 959ab8e..d3b6077 100644 +--- a/src/Main.hs ++++ b/src/Main.hs +@@ -95,7 +95,12 @@ pathToText path = + underneath `/nix/store`, but this is the overwhelmingly common use case + -} + derivationName :: FilePath -> Text +-derivationName = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText ++derivationName p = ++ if Data.Text.isPrefixOf "nixos-system" s ++ then "nixos-system" ++ else s ++ where ++ s = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText $ p + + -- | Group input derivations by their name + groupByName :: Map FilePath (Set Text) -> Map Text (Map FilePath (Set Text)) -- cgit v1.2.3 From 04f7ae22d6d0720d06f78c712eb9cd245cefce82 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 13 Dec 2017 19:45:07 +0100 Subject: nixpkgs: 0c5a587 -> cb751f9 --- krebs/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/source.nix b/krebs/source.nix index 39a388e03..73e216900 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -14,6 +14,6 @@ in stockholm.file = toString ; nixpkgs.git = { url = https://github.com/NixOS/nixpkgs; - ref = "0c5a587eeba5302ff87e494baefd2f14f4e19bee"; # nixos-17.09 @ 2017-11-10 + ref = "cb751f9b1c3fe6885f3257e69ce328f77523ad77"; # nixos-17.09 @ 2017-12-13 }; } -- cgit v1.2.3 From 7210ae20082c98a9c13b388507dee7a44fe08086 Mon Sep 17 00:00:00 2001 From: tv Date: Thu, 14 Dec 2017 13:25:09 +0100 Subject: krebs save-diskspace: noXlibs? no thanks! --- krebs/2configs/save-diskspace.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'krebs') diff --git a/krebs/2configs/save-diskspace.nix b/krebs/2configs/save-diskspace.nix index ab074c750..b1416a97a 100644 --- a/krebs/2configs/save-diskspace.nix +++ b/krebs/2configs/save-diskspace.nix @@ -1,7 +1,6 @@ {lib, ... }: # TODO: do not check out nixpkgs master but fetch revision from github { - environment.noXlibs = true; nix.gc.automatic = true; nix.gc.dates = lib.mkDefault "03:10"; programs.info.enable = false; -- cgit v1.2.3 From 939976b0cc1166f0a212b283cc1c8022a784b648 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 15 Dec 2017 00:14:30 +0100 Subject: populate: 1.2.5 -> 2.0.0 --- krebs/5pkgs/simple/populate/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/populate/default.nix b/krebs/5pkgs/simple/populate/default.nix index 78ee2f042..0880b1d38 100644 --- a/krebs/5pkgs/simple/populate/default.nix +++ b/krebs/5pkgs/simple/populate/default.nix @@ -1,24 +1,24 @@ -{ coreutils, fetchgit, git, jq, openssh, proot, rsync, stdenv, ... }: +{ coreutils, fetchgit, git, gnused, jq, openssh, rsync, stdenv, ... }: let PATH = stdenv.lib.makeBinPath [ coreutils git + gnused jq openssh - proot rsync ]; in stdenv.mkDerivation rec { name = "populate"; - version = "1.2.5"; + version = "2.0.0"; src = fetchgit { url = http://cgit.ni.krebsco.de/populate; rev = "refs/tags/v${version}"; - sha256 = "10s4x117zp5whqq991xzw1i2jc1xhl580kx8hhzv8f1b4c9carx1"; + sha256 = "01cvrg3m2ypg59in1qlr3rd8yzpf002k6pzjls2qb68jwkyf0h2n"; }; phases = [ -- cgit v1.2.3 From 92a34559eebb73cd71e9aa8e11565f1a8f2cb437 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 15 Dec 2017 03:29:00 +0100 Subject: populate: 2.0.0 -> 2.1.0 --- krebs/5pkgs/simple/populate/default.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/5pkgs/simple/populate/default.nix b/krebs/5pkgs/simple/populate/default.nix index 0880b1d38..62e3ab216 100644 --- a/krebs/5pkgs/simple/populate/default.nix +++ b/krebs/5pkgs/simple/populate/default.nix @@ -1,24 +1,27 @@ -{ coreutils, fetchgit, git, gnused, jq, openssh, rsync, stdenv, ... }: +{ coreutils, fetchgit, findutils, git, gnused, jq, openssh, pass, rsync, stdenv +}: let PATH = stdenv.lib.makeBinPath [ coreutils + findutils git gnused jq openssh + pass rsync ]; in stdenv.mkDerivation rec { name = "populate"; - version = "2.0.0"; + version = "2.1.0"; src = fetchgit { url = http://cgit.ni.krebsco.de/populate; rev = "refs/tags/v${version}"; - sha256 = "01cvrg3m2ypg59in1qlr3rd8yzpf002k6pzjls2qb68jwkyf0h2n"; + sha256 = "0cr50y6h6nps0qgpmi01h0z9wzpv2704y5zgx2salk1grkmvcfmh"; }; phases = [ -- cgit v1.2.3 From 7f10d9526c3418197e198578eb5c4d8e7eadfc2e Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 15 Dec 2017 03:36:30 +0100 Subject: krebs secrets: use brain --- krebs/source.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/source.nix b/krebs/source.nix index 73e216900..8fbdce284 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -7,9 +7,12 @@ host@{ name, secure ? false }: let in evalSource (toString _file) { nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; - secrets.file = getAttr builder { - buildbot = toString ; - krebs = "${getEnv "HOME"}/secrets/krebs/${host.name}"; + secrets = getAttr builder { + buildbot.file = toString ; + krebs.pass = { + dir = "${getEnv "HOME"}/brain"; + name = "krebs-secrets/${name}"; + }; }; stockholm.file = toString ; nixpkgs.git = { -- cgit v1.2.3 From b0da81e28a87a9a58ad576f2fa5615cb646ae0e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 15 Dec 2017 13:32:32 +0100 Subject: add jeschli/default.nix (and move stuff from lass/) --- krebs/3modules/default.nix | 3 +- krebs/3modules/jeschli/default.nix | 99 ++++++++++++++++++++++++++++++++++++++ krebs/3modules/lass/default.nix | 42 ---------------- 3 files changed, 101 insertions(+), 43 deletions(-) create mode 100644 krebs/3modules/jeschli/default.nix (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index caeef2885..7a3c8ba4a 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -104,8 +104,9 @@ let }; imp = lib.mkMerge [ - { krebs = import ./lass { inherit config; }; } + { krebs = import ./jeschli { inherit config; }; } { krebs = import ./krebs { inherit config; }; } + { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } { krebs = import ./mv { inherit config; }; } { krebs = import ./nin { inherit config; }; } diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix new file mode 100644 index 000000000..be2af88c1 --- /dev/null +++ b/krebs/3modules/jeschli/default.nix @@ -0,0 +1,99 @@ +{ config, ... }: + +with import ; + +{ + hosts = mapAttrs (_: recursiveUpdate { + owner = config.krebs.users.jeschli; + ci = true; + }) { + + bln = { + ci = false; + external = true; + nets = { + retiolum = { + ip4.addr = "10.243.27.28"; + ip6.addr = "42::28"; + aliases = [ + "bln.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAwoN2f6iyQ1Wnk4rZVqhovny8VpwWvC9buE+NoedRaxmWmA5QIP02 + BLwTWFKnbiKOQiYN+a4m/JKs0fFOjYCa2EKhqWWKwdEIN4wJTq8zrjzIaa2rdz+8 + tamE+8rSYDE+RbJ6Gs3SUDfwcxJT6FXCi3JYoirdhAssLSwTf9d5IsfXvkKMabky + FpY9Im51utmIR8UmYL4Ti7dEaOxif+5Hgl1LuitC8e2IIZJhXJprK9tJk9J0LRWt + PUM31IG1+A2hNBzs5hferLmmwFvYF1sJ22NtFepxVyOLaLcLEFKWHyU+14qEMSgL + acsu0lgVZ4A1TY6vVBmawfVCzUzRfalNIty1x+qDA4MB1RQ4W7ivWCjd/+wirSyc + BLxCvriXRdUwPIRoHy0kNMmS83HGm2iv2IrHUrcH8lyJvMys216J2lCF2arRVnBn + lArObfR3mXgd/YoANmZ4cinLAjLCjCjXfOe39+pvTFph6WnDt4gOO+tQlnCk19Fa + NoiK1THcuZiFVE+4CAXVmstNqYKSMgw+Upw7/t6iUzur98iwKpcicomhJjGVVtbg + 2iDf4lYVrUyb7iPns2T4EzAuHk7iESktEASU5creSbWYRu/4uyhuNlUoiCpVOEKg + H9jkrLlCpQGv/GmgdH9oj35Dsv5TINauCT2jjWV65wcKAlvyafy5UtLyF4HBRHaM + 2xyxC9gxr8bmeOFyOnHVJQvpkeLxyaRp/VppjCTzr82TQvpZd5a+tISIbDGfqX1o + cEyPsowb3KHNtW9DqRBp+80fPGnQHsNjVXbJb37wjpnR/ePg/XyENbZF/OQEsjqt + bki8hZQXKJAFyx1bq/2A1q4ocx7JlJKynL4szG1unHbSPKNH2OOVvoezuP7e+lXU + gnzrSbe9lPIOp4Vu1HjWOi6tNWZFoZrSHVIK+VGxm+wm/HoS+Enj4Yq+vRvU3luv + UllR5KHHK2970RbFEUE0zaVMZjQn5KgJjFXfqfrCztp0wZ5CQo+tRFPq35llaIQ2 + 0WyT2IZlxt1Xr2IpOM0DpO4SJnivZT/wdZN7upzsUPf4a9suztpA3KcKAKqH0OM5 + fv2/LXspc73vACAOZ9qDJnwp8bFrMOaQdAL1oPpOLB3yYTDA3E20IAQ6OKoSy1Nl + B4coqo1gBCcMrWwVFYAuc5J4itXJ0SSj67+WUnuDzPm88LI3g+AO0r1m6k6YdA58 + SeNxYPMLYNLRg86rsjKjXu+QyvBsd04O/QvIxpTFCtdjbUXNS1H4++/inYZSwWPp + U0lN9erLJbwr4WqU/Mn6J+jKijXwmCSiF5if5baszMsOL/0u9yFt6OcaLyehE3sJ + eAo00n9phSna0lxtbtRnh/Gd4D7rFcX33wIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + reagenzglas = { + ci = false; + external = true; + nets = { + retiolum = { + ip4.addr = "10.243.27.27"; + ip6.addr = "42::27"; + aliases = [ + "reagenzglas.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEA4Tbq6aiMhPz55Of/WDEmESGmScRJedQSJoyRuDEDabEktdbP/m7P + bwpLp0lGYphx42+lutFcYOGoH/Lglfj39yhDcrpkYfTnzcGOWutXGuZ+iR5vmGj0 + utJRf/4+a4sB5NboBVZ9Ke/RTjDNSov00C2hFCYTXz89Gd2ap1nDPQpnejOS+9aO + 2W6P/WIKhRH7TfW6M7mUCrjVxWXZgdfSCQYxAXU/+1uAGmJ9qlGlQUIGUGv9Znv5 + hurqwAHzSgEkKc2iUumosz6a8W9Oo3TAEC+jMEO2l/+GJ/8VysG1wtLWDX03GU3u + mBAtrJppEw4QNPTeFg6XSFIwV8Z0fWZ4lGsPJLbAkLUMxtKVWKbdrdpnmiQpLfBW + 8BRbT1pjwEdw0hefA6NwCO3/Y5piEaUEz/gYz9xHFMDXUj9stHtaF0HaqonWyb06 + aX3EEqRBxVsj6/Sgd33b77xqY4WBoOlbhfWj+EAD1Ova26lHELpAg0Z4AncpyOzw + pJcX81U8GgQp899YAc3EAldFfiu094CvM2NKd110K90VlTpos+sqFfNE87vpprMu + 3d1NsYzf+FUM/aXASlqTNL+i8qBDAlODkLdj4+VZ2BjkSH+p2BLZouizSzu4X3I/ + lfy554Dbb/98zlwmX9JrWzBRs2GxxFdIDZ1jK+Ci5qM7oTfujBwiE4jZA6wlK8u5 + +IenSBdaJb0J8nS0Bziz/BLkuBCrl/YFelpZlY0pw6WYlraKbf/nsOpumOYh6zdz + 9jiIPElGvso9FhwigX7xWCiYMK3ryAqm8CL0cTscQW3Yy2JKm1tNIQtAacwnNVli + PqdnPJSo942I+Fl6ZPjZ19ivJIqC+2TjGEY2Et8DkiL6YZfy4bM1zhoWMlXBIil0 + ynnKR/h/CC67cq94JCbtRWKiYXIYtfHPQkS7S1Lk6aSYbIch/wROyh7XJ7EGE7nn + GAVMqI/P/qbW3rwEJGXzI4eJAHa2hwpP2Slimf6uUD/6L2bAnduhYoTsnNSjJmNE + hCC+MHohzk7+isZl0jwIEcMpsohMAwoa5BEhbuYJWeUesT/4PeddLIGYubTZAXp2 + ZdYRepSNUEhSZV0H99MhlqeooDJxnWpsiba5Gb0s6p4gTReGy0jMtWnxI2P5RUFX + vEGt77v4MGrWYTzAL/ZRmESsOj7TXqpSK5YcMC2nr8PcV66LuMjOkRrGoVOV3fBe + G/9pNVb68SRwfPoGa5nGe6C7GPcgko9rgGLLcU1r/4L2bqFhdIQdSfaUX2Hscm44 + 5GdN2UvuwwVxOyU1uPqJcBNnr2yt3x3kw5+zDQ00z/pFntTXWm19m6BUtbkdwN2x + Bn1P3P/mRTEaHxQr9RGg8Zjnix/Q6G7I5QIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; + }; + users = { + jeschli = { + mail = "jeschli@gmail.com"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01"; + }; + jeschli-bln = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de"; + }; + }; +} diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ecf549df9..ba6d85e7a 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -535,45 +535,6 @@ with import ; }; }; }; - reagenzglas = { - ci = false; - external = true; - nets = { - retiolum = { - ip4.addr = "10.243.27.27"; - ip6.addr = "42::27"; - aliases = [ - "reagenzglas.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIECgKCBAEA4Tbq6aiMhPz55Of/WDEmESGmScRJedQSJoyRuDEDabEktdbP/m7P - bwpLp0lGYphx42+lutFcYOGoH/Lglfj39yhDcrpkYfTnzcGOWutXGuZ+iR5vmGj0 - utJRf/4+a4sB5NboBVZ9Ke/RTjDNSov00C2hFCYTXz89Gd2ap1nDPQpnejOS+9aO - 2W6P/WIKhRH7TfW6M7mUCrjVxWXZgdfSCQYxAXU/+1uAGmJ9qlGlQUIGUGv9Znv5 - hurqwAHzSgEkKc2iUumosz6a8W9Oo3TAEC+jMEO2l/+GJ/8VysG1wtLWDX03GU3u - mBAtrJppEw4QNPTeFg6XSFIwV8Z0fWZ4lGsPJLbAkLUMxtKVWKbdrdpnmiQpLfBW - 8BRbT1pjwEdw0hefA6NwCO3/Y5piEaUEz/gYz9xHFMDXUj9stHtaF0HaqonWyb06 - aX3EEqRBxVsj6/Sgd33b77xqY4WBoOlbhfWj+EAD1Ova26lHELpAg0Z4AncpyOzw - pJcX81U8GgQp899YAc3EAldFfiu094CvM2NKd110K90VlTpos+sqFfNE87vpprMu - 3d1NsYzf+FUM/aXASlqTNL+i8qBDAlODkLdj4+VZ2BjkSH+p2BLZouizSzu4X3I/ - lfy554Dbb/98zlwmX9JrWzBRs2GxxFdIDZ1jK+Ci5qM7oTfujBwiE4jZA6wlK8u5 - +IenSBdaJb0J8nS0Bziz/BLkuBCrl/YFelpZlY0pw6WYlraKbf/nsOpumOYh6zdz - 9jiIPElGvso9FhwigX7xWCiYMK3ryAqm8CL0cTscQW3Yy2JKm1tNIQtAacwnNVli - PqdnPJSo942I+Fl6ZPjZ19ivJIqC+2TjGEY2Et8DkiL6YZfy4bM1zhoWMlXBIil0 - ynnKR/h/CC67cq94JCbtRWKiYXIYtfHPQkS7S1Lk6aSYbIch/wROyh7XJ7EGE7nn - GAVMqI/P/qbW3rwEJGXzI4eJAHa2hwpP2Slimf6uUD/6L2bAnduhYoTsnNSjJmNE - hCC+MHohzk7+isZl0jwIEcMpsohMAwoa5BEhbuYJWeUesT/4PeddLIGYubTZAXp2 - ZdYRepSNUEhSZV0H99MhlqeooDJxnWpsiba5Gb0s6p4gTReGy0jMtWnxI2P5RUFX - vEGt77v4MGrWYTzAL/ZRmESsOj7TXqpSK5YcMC2nr8PcV66LuMjOkRrGoVOV3fBe - G/9pNVb68SRwfPoGa5nGe6C7GPcgko9rgGLLcU1r/4L2bqFhdIQdSfaUX2Hscm44 - 5GdN2UvuwwVxOyU1uPqJcBNnr2yt3x3kw5+zDQ00z/pFntTXWm19m6BUtbkdwN2x - Bn1P3P/mRTEaHxQr9RGg8Zjnix/Q6G7I5QIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - }; xerxes = { cores = 2; nets = rec { @@ -667,8 +628,5 @@ with import ; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE"; mail = "joerg@higgsboson.tk"; }; - jeschli = { - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMPuFzd6p3zZETIjoV5mRxCTQgeZk9s/P374mEDbj58wDTT0uGWu2JRf7cL1QRTvd5238tYl0eSHXH65+oaFB/mIvmiRnuw6qQODOMHlSbJN5/J2hEw/3v5gveiP1xNLfKlFhj6mmMRF7Etvzns/kLGLCSjj1UTlfo4iHmtinPmU+iQ8J4foS4cZj4oZesF8gndkc2EFMfL6en7EuU8GK6U9GtwKNL9N4UoUZXu8Nf00pkn/jrpmsDdI4zdVVAxWeu/Lo4li43EVixLcfwQiwzf6S9FvYIv30xPdy92GJSJwxm/QkYuc48VZWUoE+qThf3IEPETtX+MRZrM8RTtY01"; - }; }; } -- cgit v1.2.3 From 42ed99d28a49ddfd64e2c862a79275852425b030 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 15 Dec 2017 13:59:49 +0100 Subject: jeschli: enable ci & disable external --- krebs/3modules/jeschli/default.nix | 4 ---- 1 file changed, 4 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index be2af88c1..191bd2b04 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -9,8 +9,6 @@ with import ; }) { bln = { - ci = false; - external = true; nets = { retiolum = { ip4.addr = "10.243.27.28"; @@ -48,8 +46,6 @@ with import ; }; }; reagenzglas = { - ci = false; - external = true; nets = { retiolum = { ip4.addr = "10.243.27.27"; -- cgit v1.2.3 From ccf5161e7b6481c2eecccdafca07bd3640a2a3d9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 15 Dec 2017 18:27:00 +0100 Subject: jeschli: add brauerei.r --- krebs/3modules/jeschli/default.nix | 38 +++++++++++++++++++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index 191bd2b04..bc821f296 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -7,7 +7,6 @@ with import ; owner = config.krebs.users.jeschli; ci = true; }) { - bln = { nets = { retiolum = { @@ -45,6 +44,43 @@ with import ; }; }; }; + brauerei = { + nets = { + retiolum = { + ip4.addr = "10.243.27.29"; + ip6.addr = "42::29"; + aliases = [ + "brauerei.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAvC4AjkAoH01sKDXE3xVM2YUpPQ9iewIPQCCCSWYZQh2BWOfl+FFs + pW3ix5FjAzTxzkIf5NxW0usff8UTkFHB+sGZLZ9DPqvb8AM4GJsvXR06LORHtBlo + Vt/g1sndD3i3NXn5IJ2G4mZDImQjI3vuTkPyFQsR5LRAaPQgIORHBtN/X1UEVMRq + gThUeMb1kZ/y4AmUx0pepQYmAcYf0cN/7r9n68dWJCZ7DWX3q49bIz4TPG519IQp + KzoCtdXImKl6cFDepa2pRmIW4SPaDXztHDmXoJA1NBfdDOMOW67FUjzhcwZS9usM + q9x/1Tph63PJy4Vc0jsJnY29WrInx/nVAb22QuTOXQ9SfBNoOATYoFoVmY+yw1FX + 67y3bRbq8lQk1y3F2vZVYxQ52WiYLmtNtuzUMZHErL7VgFIEfQKoO2Oa/WZXdgSJ + Asmn67NSicc5QNI4rBUthju1JDuM/3ja0yCXh7trDCmPxKd94KzxMlq9VA6S2f/Q + uke3VnXEDqOWOZdcon5DnRTT1y4xjk1XHuO/9tVDcrL7x1unkdGL9BNMU6opJiLm + batAtKQ/7EJrlgIxYpEQyCNAjj0dEn0BgNZNqQSKkeGe6giVMuHtnXeTYMEraDas + DWxHmGOvYWrs3tZdELkB/h/y7DdijOabS4AlLOljKHiacw8e0D7p9qeIU2EwRaXD + ebPYaAIIWn1FU1aCYpvF4YJYbdNJZg6aKpoWNz86ZjO9t3GBkf612xB7fRO9mbTg + Ww2Hl6lir0rnlo7P9M1xhQqmZ0phaUjkqYRCaTOW1kC5ACpJJ/Jrq0oyplHVBY8Y + IvzPDA4nu/YOpyhQjlQwcVt62NgW0CZdwp3ZnMMoy7akgEo71bjoHbRxAeWy5oRB + 5CgGvQAB+qdf97XjZ5RggWQ2rglkCn49X4fXN6r4zuaIji1VVFTEZGRNsi0vt1YC + Eedz68auu1ZDO1qwNcX00n94E09B05DQBjE/6SAX6wBCY/BwUtzdQ9JnyfHNSl8i + dmHBPLssB9Dku4U0mo+LLer+bf6fiR7r5gp/KRuY/tMGFahprZRfWFtyO2Pg1cYI + HCdmDmSlbFq3EJmBl0egbU8Ym1m6t4EvPcoTxwy3ljZWybHlhm4wvhGcA/2bDRZA + jcXSL3G7buBOf8WJNYnMXCtPEyIYUdRyNvz3EUfvmbzZDhHd/bc0pJRrrtI7HqoF + +g67gCrtXx6i9PD0LSDJ1jExMZcmU1+DPg0dzDEmLHvW+HW538/HXGJ8FsunWBwD + /8wsQfoqAwlBSucLHDDrYVvfSp0+TLzg/HDMhNkcN7d5hm3syrI+IN4gEEjYeZIO + g7fjR1X7g5FGCDQnRA/dzNsZVnk6UFpCRwIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; reagenzglas = { nets = { retiolum = { -- cgit v1.2.3 From 5b86fe1cd63a5c4cf5a83b7afabe5be34016e8a7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 15 Dec 2017 19:55:02 +0100 Subject: services.xresources -> krebs.xresources --- krebs/3modules/default.nix | 1 + krebs/3modules/xresources.nix | 58 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 krebs/3modules/xresources.nix (limited to 'krebs') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 7a3c8ba4a..9c343309a 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -44,6 +44,7 @@ let ./tinc_graphs.nix ./urlwatch.nix ./repo-sync.nix + ./xresources.nix ./zones.nix ]; options.krebs = api; diff --git a/krebs/3modules/xresources.nix b/krebs/3modules/xresources.nix new file mode 100644 index 000000000..017dbff2b --- /dev/null +++ b/krebs/3modules/xresources.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +#TODO: +#prefix with Attribute Name +#ex: urxvt + +with builtins; +with lib; + + +let + + inherit (pkgs) writeScript writeText; + +in + +{ + + options = { + services.xresources.enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable the automatic loading of Xresources definitions at display-manager start; + ''; + }; + + services.xresources.resources = mkOption { + default = {}; + type = types.attrsOf types.str; + example = { + urxvt = '' + URxvt*scrollBar: false + URxvt*urgentOnBell: true + ''; + }; + description = '' + Xresources definitions. + ''; + }; + }; + + config = + let + cfg = config.services.xresources; + xres = writeText "xresources" (concatStringsSep "\n" (attrValues cfg.resources)); + + in mkIf cfg.enable { + services.xserver.displayManager.sessionCommands = '' + ${pkgs.xorg.xrdb}/bin/xrdb -merge ${xres} + ''; + environment.systemPackages = [ + (pkgs.writeDashBin "updateXresources" '' + ${pkgs.xorg.xrdb}/bin/xrdb -merge ${xres} + '') + ]; + }; +} -- cgit v1.2.3 From ac9755964e096779b96aee9b00e1fb25aedff38f Mon Sep 17 00:00:00 2001 From: lassulus Date: Fri, 15 Dec 2017 20:05:06 +0100 Subject: xresources: fix api name --- krebs/3modules/xresources.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'krebs') diff --git a/krebs/3modules/xresources.nix b/krebs/3modules/xresources.nix index 017dbff2b..b2d38b972 100644 --- a/krebs/3modules/xresources.nix +++ b/krebs/3modules/xresources.nix @@ -17,7 +17,7 @@ in { options = { - services.xresources.enable = mkOption { + krebs.xresources.enable = mkOption { type = types.bool; default = false; description = '' @@ -25,7 +25,7 @@ in ''; }; - services.xresources.resources = mkOption { + krebs.xresources.resources = mkOption { default = {}; type = types.attrsOf types.str; example = { @@ -42,7 +42,7 @@ in config = let - cfg = config.services.xresources; + cfg = config.krebs.xresources; xres = writeText "xresources" (concatStringsSep "\n" (attrValues cfg.resources)); in mkIf cfg.enable { -- cgit v1.2.3 From 2ada22a8b258e8f373d587dcceffac7c956e36ac Mon Sep 17 00:00:00 2001 From: jeschli Date: Fri, 15 Dec 2017 20:44:26 +0100 Subject: jeschli: add jeschli-brauerei user --- krebs/3modules/jeschli/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs') diff --git a/krebs/3modules/jeschli/default.nix b/krebs/3modules/jeschli/default.nix index bc821f296..0d161e1c8 100644 --- a/krebs/3modules/jeschli/default.nix +++ b/krebs/3modules/jeschli/default.nix @@ -127,5 +127,8 @@ with import ; jeschli-bln = { pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhQdDQFMxXOjbC+Avx3mlcFHqQpFUk/q9sO6ATA65jCV3YzN11vhZDDv54hABVS2h8TPXs7Lu3PCvK9qouASd2h4Ie9cExUmn50G/iwgFIODsCugVYBzVt1iwaAdwz1Hb9DKYXbVXanzVJjimmrrlQNvsyZg85lcnfyedpPX5ad+4FdSP68LHqEHC18LTitldR6V4P1omaKHlOtVpDgR/72tDgbtNZDBn3EU+TPk9OLTzjc6PinPw4iIvjEfiu14APwXpFDIqT7P7SjOEFpa0v/1z7dhxIy/Z9XbqyEdUfhv3PjZR5K2C+VzR7g6jVEVR2xFId51MpLv/Un4/lalbphBEw3I90Rr8tatOJiFhyrXbaKTcLqp1sIu05OxdPkm3hzfmLIhoKxhaIlXH7WQ9sAqxL1NAQ7O+J6yT4DMnwKzvpkkJjBaGtV84Pp1cccfNRH8XXID3FkWkrUpdgXWBpyLnRq4ilUJTajkU0GSdXkq8kLL3mWg9LPRTg3dmDj61ZB/qhjM61ppwHJvDRN9WI5HruXIU6nOQjh5yE2C/JZfLcsZD4Y1UDBy5/JSZrCVT2sQjFopkkYEkRCbX7oITHOH4iyRdxZkKWLUPboFrcmBpXO+owCEhO4JZrtfFWMC6qM++nrmiZWOrdIOIvdYHWluhKR2shlkisEKQP5pUqkw== markus.hihn@dcso.de"; }; + jeschli-brauerei = { + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"; + }; }; } -- cgit v1.2.3 From 2500fb454b12782792cdd5945278bdcae1b0805d Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 18 Dec 2017 18:52:35 +0100 Subject: l helios.r: ignore lidswitch --- krebs/3modules/lass/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs') diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index ba6d85e7a..0567d58ba 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -44,7 +44,7 @@ with import ; cores = 2; nets = rec { internet = { - ip4.addr = "45.62.226.163"; + ip4.addr = "64.137.242.41"; aliases = [ "echelon.i" ]; -- cgit v1.2.3