From 7e1516cc0de48c169a27a07f43930b940d6a9004 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 May 2017 14:14:38 +0200 Subject: l 2 nixpkgs: aa03833 -> ce00ce2 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 4f1347b82..bbded5fae 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "aa03833"; + ref = "ce00ce2"; }; } -- cgit v1.2.3 From 2b7b0ca955a4051fbd2761c71a4c180c61c09ff0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 May 2017 20:12:17 +0200 Subject: l 2 git: add news repo --- lass/2configs/git.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 72866c067..5f686e26e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -30,6 +30,10 @@ let rules = concatMap make-rules (attrValues repos); public-repos = mapAttrs make-public-repo { + news = { + cgit.desc = "take a rss feed and a timeout and print it to stdout"; + cgit.section = "software"; + }; stockholm = { cgit.desc = "take all the computers hostage, they'll love you!"; cgit.section = "configuration"; -- cgit v1.2.3 From e050a2b19d2730a050d8ac6dbf64588689cf7a7c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 2 May 2017 20:13:07 +0200 Subject: l 2: add goify to pkgs --- lass/2configs/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index e33514ee0..ffed5bb70 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -150,6 +150,7 @@ with import ; untilport usbutils logify + goify #unpack stuff p7zip -- cgit v1.2.3 From a2963c5bc25a8d1320fe87865005a0533aa22fe0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 3 May 2017 15:11:35 +0200 Subject: l 2 newsbot-js: update newsfeeds --- lass/2configs/newsbot-js.nix | 35 ++++++++++++++--------------------- 1 file changed, 14 insertions(+), 21 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/newsbot-js.nix b/lass/2configs/newsbot-js.nix index d38af211f..070795d14 100644 --- a/lass/2configs/newsbot-js.nix +++ b/lass/2configs/newsbot-js.nix @@ -3,19 +3,17 @@ let newsfile = pkgs.writeText "feeds" '' aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#news - aktuelle_themen|http://bundestag.de/service/rss/Bundestag_Aktuelle_Themen.rss|#news #bundestag allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#news - anon|http://anoninsiders.net/feed/|#news antirez|http://antirez.com/rss|#news arbor|http://feeds2.feedburner.com/asert/|#news archlinux|http://www.archlinux.org/feeds/news/|#news ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#news augustl|http://augustl.com/atom.xml|#news bbc|http://feeds.bbci.co.uk/news/rss.xml|#news + bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#news bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#news #bundestag bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#news #bundestag - bdt_pressemitteilungen|http://bundestag.de/service/rss/Bundestag_Presse.rss|#news #bundestag - bdt_wd|http://bundestag.de/service/rss/Bundestag_WD.rss|#news #bundestag + bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#news bitcoinpakistan|https://bitcoinspakistan.com/feed/|#news #financial c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#news cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#news @@ -30,9 +28,7 @@ let chan_b|https://boards.4chan.org/b/index.rss|#brainfuck chan_biz|https://boards.4chan.org/biz/index.rss|#news #brainfuck chan_int|https://boards.4chan.org/int/index.rss|#news #brainfuck - cna|http://www.channelnewsasia.com/starterkit/servlet/cna/rss/home.xml|#news coinspotting|http://coinspotting.com/rss|#news #financial - cryptanalysis|https://cryptanalys.is/rss.php|#news cryptocoinsnews|http://www.cryptocoinsnews.com/feed/|#news #financial cryptogon|http://www.cryptogon.com/?feed=rss2|#news csm|http://rss.csmonitor.com/feeds/csm|#news @@ -52,12 +48,9 @@ let fars|http://www.farsnews.com/rss.php|#news #test faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#news faz_politik|http://www.faz.net/rss/aktuell/politik/|#news - faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news #financial - fbi|http://www.fbi.gov/homepage/RSS|#news #bullerei - fbi_news|http://www.fbi.gov/news/news_blog/rss.xml|#news - fbi_press|http://www.fbi.gov/news/current/rss.xml|#news #bullerei - fbi_stories|http://www.fbi.gov/news/stories/all-stories/rss.xml|#news #bullerei - fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news #financial + faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#news + fbi|https://www.fbi.gov/news/rss.xml|#news + fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#news fefe|http://blog.fefe.de/rss.xml|#news forbes|http://www.forbes.com/forbes/feed2/|#news forbes_realtime|http://www.forbes.com/real-time/feed2/|#news @@ -65,18 +58,18 @@ let geheimorganisation|http://geheimorganisation.org/feed/|#news GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#news gmanet|http://www.gmanetwork.com/news/rss/news|#news - golem|http://www.golem.de/rss.php?feed=RSS1.0|#news + golem|https://rss.golem.de/rss.php|#news google|http://news.google.com/?output=rss|#news greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#news guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#news gulli|http://ticker.gulli.com/rss/|#news handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#news #financial - heise|http://heise.de.feedsportal.com/c/35207/f/653902/index.rss|#news + heise|https://www.heise.de/newsticker/heise-atom.xml|#news hindu_business|http://www.thehindubusinessline.com/?service=rss|#news #financial hindu|http://www.thehindu.com/?service=rss|#news ign|http://feeds.ign.com/ign/all|#news independent|http://www.independent.com/rss/headlines/|#news - indymedia|http://de.indymedia.org/RSS/newswire.xml|#news + indymedia|https://de.indymedia.org/rss.xml|#news info_libera|http://www.informationliberation.com/rss.xml|#news klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#news korea_herald|http://www.koreaherald.com/rss_xml.php|#news @@ -123,11 +116,11 @@ let sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#news shackspace|http://shackspace.de/?feed=rss2|#news shz_news|http://www.shz.de/nachrichten/newsticker/rss|#news - sky_busi|http://news.sky.com/feeds/rss/business.xml|#news - sky_pol|http://news.sky.com/feeds/rss/politics.xml|#news - sky_strange|http://news.sky.com/feeds/rss/strange.xml|#news - sky_tech|http://news.sky.com/feeds/rss/technology.xml|#news - sky_world|http://news.sky.com/feeds/rss/world.xml|#news + sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#news + sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#news + sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#news + sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#news + sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#news slashdot|http://rss.slashdot.org/Slashdot/slashdot|#news slate|http://feeds.slate.com/slate|#news spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#news @@ -138,7 +131,7 @@ let stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#news sz_politik|http://rss.sueddeutsche.de/rss/Politik|#news sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#news #financial - sz_wissen|http://suche.sueddeutsche.de/rss/Wissen|#news + sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#news tagesschau|http://www.tagesschau.de/newsticker.rdf|#news taz|http://taz.de/Themen-des-Tages/!p15;rss/|#news telegraph_finance|http://www.telegraph.co.uk/finance/rss|#news #financial -- cgit v1.2.3 From b9f38d2d7665cf34bed1c064a23d58ac259f19f3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 8 May 2017 15:44:06 +0200 Subject: l 2 nixpkgs: ce00ce2 -> 11b82a9 --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index bbded5fae..86b7d6d2a 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "ce00ce2"; + ref = "11b82a9"; }; } -- cgit v1.2.3 From 45fdcfa841c34b794640e863d7c613ce5bed8274 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 20:40:11 +0200 Subject: l 2 ircd: relax throttle --- lass/2configs/ircd.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/ircd.nix b/lass/2configs/ircd.nix index 4d2c134b6..b72e2b087 100644 --- a/lass/2configs/ircd.nix +++ b/lass/2configs/ircd.nix @@ -94,6 +94,8 @@ general { #maybe we want ident someday? disable_auth = yes; + throttle_duration = 1; + throttle_count = 1000; }; ''; }; -- cgit v1.2.3 From b297822294329f83f6a3ef6c93709ab369da6ffc Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 20:40:58 +0200 Subject: l 2 radio: add suggest plugin --- lass/2configs/radio.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 6e96f8845..1e14e31bb 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -145,6 +145,12 @@ in { script = "${print_current}/bin/print_current"; pattern = "^current$"; }) + (buildSimpleReaktorPlugin "suggest" { + script = "${pkgs.writeDash "suggest" '' + echo "$@" >> $HOME/playlist_suggest + ''}"; + pattern = "^suggest: (?P.*)$"; + }) ]; }; services.nginx.virtualHosts."lassul.us".locations."/the_playlist".extraConfig = let -- cgit v1.2.3 From e84124d6c0a175be907f8dad1c37647e163978a9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 22:45:49 +0200 Subject: l 2 websites lass: serve /etc/hosts --- lass/2configs/websites/lassulus.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 3a8979427..9d5f2645d 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -80,6 +80,9 @@ in { locations."= /retiolum-hosts.tar.bz2".extraConfig = '' alias ${config.krebs.tinc.retiolum.hostsArchive}; ''; + locations."= /retiolum.hosts".extraConfig = '' + alias /etc/hosts; + ''; locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; ''; -- cgit v1.2.3 From 7587f91b743d120de8191a1af2245686d361d83a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 22:49:54 +0200 Subject: l 2 wine: users.extraUsers -> users.users --- lass/2configs/wine.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 8d55da7fd..8674559c6 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -7,7 +7,7 @@ in { environment.systemPackages = with pkgs; [ wineUnstable ]; - users.extraUsers = { + users.users= { wine = { name = "wine"; description = "user for running wine"; -- cgit v1.2.3 From 689399546d38b6dc5a643cc2efad9c1d0ae76058 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 9 May 2017 22:50:16 +0200 Subject: l 2 wine: systemPackages -> per-user --- lass/2configs/wine.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/wine.nix b/lass/2configs/wine.nix index 8674559c6..ee688e18c 100644 --- a/lass/2configs/wine.nix +++ b/lass/2configs/wine.nix @@ -4,7 +4,7 @@ let mainUser = config.users.extraUsers.mainUser; in { - environment.systemPackages = with pkgs; [ + krebs.per-user.wine.packages = with pkgs; [ wineUnstable ]; users.users= { -- cgit v1.2.3 From a6abeed21da488e8997c4ee8bdc0344119317bac Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 11 May 2017 18:02:24 +0200 Subject: l 2 w lass: /etc/hosts -> pkgs.retiolum-hosts --- lass/2configs/websites/lassulus.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 9d5f2645d..0771570ca 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -81,7 +81,7 @@ in { alias ${config.krebs.tinc.retiolum.hostsArchive}; ''; locations."= /retiolum.hosts".extraConfig = '' - alias /etc/hosts; + alias ${pkgs.retiolum-hosts}; ''; locations."/tinc".extraConfig = '' alias ${config.krebs.tinc_graphs.workingDir}/external; -- cgit v1.2.3 From b51c69dbde19a6b7a5f04b790e038208cbc4a6b6 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 11 May 2017 18:03:51 +0200 Subject: l 2 mpv: install mpv for all users --- lass/2configs/mpv.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index d9c6274db..bb068e7a1 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -34,7 +34,7 @@ let down = moveToDir "Y" "./down"; in { - krebs.per-user.lass.packages = [ + environment.systemPackages = [ mpv ]; } -- cgit v1.2.3 From a5b18f7d696a1ec628dc2a59cc2c6fe6b685c2f9 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 15 May 2017 18:02:04 +0200 Subject: l 2 nixpkgs: 11b82a9 -> 2bb9c1c --- lass/2configs/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 86b7d6d2a..49c44aa88 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "11b82a9"; + ref = "2bb9c1c"; }; } -- cgit v1.2.3 From 5aba81b12a6ebef1f2da11364fc8239c23cf7e33 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 09:38:33 +0200 Subject: l 2 buildbot: use correct NIX_PATH --- lass/2configs/buildbot-standalone.nix | 35 +++++++++++++---------------------- 1 file changed, 13 insertions(+), 22 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 7b38e44c6..151eec9c4 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -92,7 +92,6 @@ in { nixshell = [ "nix-shell", "-I", "stockholm=.", - "-I", "nixpkgs=/var/src/nixpkgs", "-p" ] + deps + [ "--run" ] @@ -107,11 +106,9 @@ in { for i in [ "test-minimal-deploy", "test-all-krebs-modules", "wolf", "test-centos7" ]: addShell(f,name="build-{}".format(i),env=env_shared, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -119,11 +116,9 @@ in { for i in [ "mors", "uriel", "shodan", "helios", "icarus", "cloudkrebs", "echelon", "dishfire", "prism" ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -131,11 +126,9 @@ in { for i in [ "x", "wry", "vbob", "wbob", "shoney" ]: addShell(f,name="build-{}".format(i),env=env_makefu, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -143,11 +136,9 @@ in { for i in [ "hiawatha", "onondaga" ]: addShell(f,name="build-{}".format(i),env=env_nin, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ - make \ - test \ - target=$LOGNAME@${config.krebs.build.host.name}/tmp/testbuild/$LOGNAME \ - method=build \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ + make NIX_PATH=$HOME/$LOGNAME test method=build \ + target=buildbotworker@${config.krebs.build.host.name}$HOME/$LOGNAME \ system={}".format(i) ] ) @@ -211,7 +202,7 @@ in { ]: addShell(f,name="build-{}".format(i),env=env_lass, command=nixshell + \ - ["mkdir -p /tmp/testbuild/$LOGNAME && touch /tmp/testbuild/$LOGNAME/.populate; \ + ["mkdir -p $HOME/$LOGNAME && touch $HOME/$LOGNAME/.populate; \ make system=prism pkgs.{}".format(i)]) bu.append(util.BuilderConfig(name="build-pkgs", -- cgit v1.2.3 From 7c77e866e745b607bfd0cc553df05179cca87328 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 09:42:06 +0200 Subject: l 2 buildbot: use buildbotworker as user --- lass/2configs/buildbot-standalone.nix | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix index 151eec9c4..62b823c3f 100644 --- a/lass/2configs/buildbot-standalone.nix +++ b/lass/2configs/buildbot-standalone.nix @@ -246,7 +246,7 @@ in { options.lass.build-ssh-privkey = mkOption { type = types.secret-file; default = { - path = "${config.users.users.buildbotworker.home}/ssh.privkey"; + path = "${config.users.users.buildbotworker.home}/.ssh/id_rsa"; owner = { inherit (config.users.users.buildbotworker ) name uid;}; source-path = toString + "/build.ssh.key"; }; @@ -254,16 +254,10 @@ in { config.krebs.secret.files = { build-ssh-privkey = config.lass.build-ssh-privkey; }; - config.users.users = { - build = { - name = "build"; - uid = genid "build"; - home = "/home/build"; - useDefaultShell = true; - createHome = true; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP lass@mors" - ]; - }; + config.users.users.buildbotworker = { + useDefaultShell = true; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDiV0Xn60aVLHC/jGJknlrcxSvKd/MVeh2tjBpxSBT3II9XQGZhID2Gdh84eAtoWyxGVFQx96zCHSuc7tfE2YP2LhXnwaxHTeDc8nlMsdww53lRkxihZIEV7QHc/3LRcFMkFyxdszeUfhWz8PbJGL2GYT+s6CqoPwwa68zF33U1wrMOAPsf/NdpSN4alsqmjFc2STBjnOd9dXNQn1VEJQqGLG3kR3WkCuwMcTLS5eu0KLwG4i89Twjy+TGp2QsF5K6pNE+ZepwaycRgfYzGcPTn5d6YQXBgcKgHMoSJsK8wqpr0+eFPCDiEA3HDnf76E4mX4t6/9QkMXCLmvs0IO/WP" + ]; }; } -- cgit v1.2.3 From e1350904390ca40e9ab8186c0ff27d088431a430 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 23:18:28 +0200 Subject: l 2 retiolum: don't open smtp --- lass/2configs/retiolum.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass/2configs') diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 7a7bf95be..647327de5 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -5,7 +5,6 @@ krebs.iptables = { tables = { filter.INPUT.rules = [ - { predicate = "-p tcp --dport smtp"; target = "ACCEPT"; } { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } ]; -- cgit v1.2.3 From f27676c5ea34a8d400988027e326c7022914bcf0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 16 May 2017 23:18:50 +0200 Subject: l 2 retiolum: enable legacy /etc/tinc --- lass/2configs/retiolum.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 647327de5..7f1b36c96 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -12,6 +12,7 @@ }; krebs.tinc.retiolum = { + enableLegacy = true; enable = true; connectTo = [ "prism" -- cgit v1.2.3