From b836a43a395e0f2860b3243702caf53c53a6664a Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 18 Jun 2017 23:23:28 +0200 Subject: m 2 dirctator: bump to latest logstash5 --- makefu/2configs/deployment/dirctator.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/deployment/dirctator.nix b/makefu/2configs/deployment/dirctator.nix index b8e61955d..4f2f8818d 100644 --- a/makefu/2configs/deployment/dirctator.nix +++ b/makefu/2configs/deployment/dirctator.nix @@ -25,6 +25,10 @@ in { stdout { codec => rubydebug } exec { command => "${runit} '%{message}" } ''; - plugins = [ ]; + extraSettings = '' + path.plugins: [ "${pkgs.logstash-output-exec}" ] + ''; + ## NameError: `@path.plugins' is not allowable as an instance variable name + # plugins = [ pkgs.logstash-output-exec ]; }; } -- cgit v1.2.3 From d8f6c52b76feaeac9240a9749f2b38c19f155b9e Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:00:37 +0200 Subject: ma hw: refactor --- makefu/2configs/hw/exfat-nofuse.nix | 4 ++++ makefu/2configs/hw/stk1160.nix | 3 +-- makefu/2configs/hw/wwan.nix | 8 ++++++++ makefu/2configs/wwan.nix | 8 -------- 4 files changed, 13 insertions(+), 10 deletions(-) create mode 100644 makefu/2configs/hw/exfat-nofuse.nix create mode 100644 makefu/2configs/hw/wwan.nix delete mode 100644 makefu/2configs/wwan.nix (limited to 'makefu') diff --git a/makefu/2configs/hw/exfat-nofuse.nix b/makefu/2configs/hw/exfat-nofuse.nix new file mode 100644 index 000000000..ca3485e9f --- /dev/null +++ b/makefu/2configs/hw/exfat-nofuse.nix @@ -0,0 +1,4 @@ +{ config, ... }: +{ + boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; +} diff --git a/makefu/2configs/hw/stk1160.nix b/makefu/2configs/hw/stk1160.nix index b4d033d76..e73741e26 100644 --- a/makefu/2configs/hw/stk1160.nix +++ b/makefu/2configs/hw/stk1160.nix @@ -1,9 +1,8 @@ { pkgs, ... }: { # TODO: un-pin linuxPackages somehow - boot.kernelPackages = builtins.trace "Warning: overriding kernel Packages with 4.9" pkgs.linuxPackages_4_9; nixpkgs.config.packageOverrides = pkgs: { - linux_4_9 = pkgs.linux_4_9.override { + linux_latest = pkgs.linux_latest.override { extraConfig = '' MEDIA_ANALOG_TV_SUPPORT y VIDEO_STK1160_COMMON m diff --git a/makefu/2configs/hw/wwan.nix b/makefu/2configs/hw/wwan.nix new file mode 100644 index 000000000..0eb0c97d7 --- /dev/null +++ b/makefu/2configs/hw/wwan.nix @@ -0,0 +1,8 @@ +_: + +{ + makefu.umts = { + enable = true; + modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; + }; +} diff --git a/makefu/2configs/wwan.nix b/makefu/2configs/wwan.nix deleted file mode 100644 index 0eb0c97d7..000000000 --- a/makefu/2configs/wwan.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: - -{ - makefu.umts = { - enable = true; - modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01"; - }; -} -- cgit v1.2.3 From 0b88f7d2fee456eb0a5c8ec426e5d6f5d7d2e1f3 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:00:54 +0200 Subject: ma x.r: cleanup imports --- makefu/1systems/x.nix | 49 ++++++++++++++++++------------------------------- 1 file changed, 18 insertions(+), 31 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index ee3a7bb1b..77b9915ae 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -13,59 +13,48 @@ with import ; ../2configs/tools/all.nix ../2configs/laptop-backup.nix ../2configs/dnscrypt.nix + ../2configs/avahi.nix - # testing - # ../2configs/openvpn/vpngate.nix - #../2configs/temp/share-samba.nix - # ../2configs/mediawiki.nix - # ../2configs/wordpress.nix - # ../2configs/nginx/public_html.nix - # ../2configs/nginx/icecult.nix - - # ../2configs/elchos/irc-token.nix - # ../2configs/elchos/log.nix - - #../2configs/elchos/search.nix - #../2configs/elchos/stats.nix - #../2configs/elchos/test/ftpservers.nix - - # ../2configs/tinc/siem.nix - #../2configs/torrent.nix - # temporary modules - - # ../2configs/torrent.nix - #../2configs/temp/elkstack.nix - # ../2configs/temp/sabnzbd.nix + # Debugging + # ../2configs/disable_v6.nix + # Testing + # ../2configs/deployment/dirctator.nix + # ../2configs/vncserver.nix + # ../2configs/deployment/led-fader + # ../2configs/deployment/hound # development ../2configs/sources # Krebs - # ../2configs/disable_v6.nix ../2configs/tinc/retiolum.nix # applications ../2configs/exim-retiolum.nix ../2configs/mail-client.nix ../2configs/printer.nix + + # Virtualization ../2configs/virtualization.nix + ../2configs/docker.nix ../2configs/virtualization-virtualbox.nix - ../2configs/wwan.nix - ../2configs/rad1o.nix - # services + # Services ../2configs/git/brain-retiolum.nix ../2configs/tor.nix ../2configs/steam.nix # ../2configs/buildbot-standalone.nix - # hardware specifics are in here + # Hardware ../2configs/hw/tp-x230.nix ../2configs/hw/rtl8812au.nix - ../2configs/hw/stk1160.nix + ../2configs/hw/exfat-nofuse.nix + ../2configs/hw/wwan.nix + # ../2configs/hw/stk1160.nix + # ../2configs/rad1o.nix - # mount points + # Filesystem ../2configs/fs/sda-crypto-root-home.nix ]; @@ -76,10 +65,8 @@ with import ; nixpkgs.config.allowUnfree = true; - boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; environment.systemPackages = [ pkgs.passwdqc-utils ]; - virtualisation.docker.enable = true; # configure pulseAudio to provide a HDMI sink as well networking.firewall.enable = true; -- cgit v1.2.3 From 02eeb5a550728213c0777ccb1a5b2392f8fef18a Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:01:36 +0200 Subject: ma tools: add more software --- makefu/2configs/tools/dev.nix | 2 ++ makefu/2configs/tools/extra-gui.nix | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 4fe7f8bf4..e40f5b36f 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -12,5 +12,7 @@ cac-api cac-panel ovh-zone + whatsupnix + brain ]; } diff --git a/makefu/2configs/tools/extra-gui.nix b/makefu/2configs/tools/extra-gui.nix index 56cdccd1f..1e68e935c 100644 --- a/makefu/2configs/tools/extra-gui.nix +++ b/makefu/2configs/tools/extra-gui.nix @@ -2,13 +2,16 @@ { krebs.per-user.makefu.packages = with pkgs;[ + # media gimp inkscape libreoffice - saleae-logic skype synergy tdesktop virtmanager + # Dev + saleae-logic + arduino-user-env ]; } -- cgit v1.2.3 From 4221210d5a495f9033d9e566b6f926d3fcc9aec5 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:01:50 +0200 Subject: ma docker: init config --- makefu/2configs/docker.nix | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 makefu/2configs/docker.nix (limited to 'makefu') diff --git a/makefu/2configs/docker.nix b/makefu/2configs/docker.nix new file mode 100644 index 000000000..98fd980cc --- /dev/null +++ b/makefu/2configs/docker.nix @@ -0,0 +1,4 @@ +{...}: +{ + virtualisation.docker.enable = true; +} -- cgit v1.2.3 From 622d0dc0f266f94cfd5e6a5eec0ae254fec60ba3 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 16:22:47 +0200 Subject: ma task-client: systemPackages -> per-user --- makefu/2configs/task-client.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 makefu/2configs/task-client.nix (limited to 'makefu') diff --git a/makefu/2configs/task-client.nix b/makefu/2configs/task-client.nix new file mode 100644 index 000000000..330616f4a --- /dev/null +++ b/makefu/2configs/task-client.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: +{ + krebs.per-user.makefu.packages = [ + pkgs.taskwarrior + ]; + + environment.shellAliases = { + tshack = "task project:shack"; + twork = "task project:soc"; + tpki = "task project:pki"; + tkrebs = "task project:krebs"; + t = "task project: "; + }; +} -- cgit v1.2.3 From 1f72a5d66bbbc9f213e3fa5de071d06a1818d930 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 26 Jun 2017 17:06:22 +0200 Subject: ma arduino-user-env: init --- makefu/5pkgs/arduino-user-env/default.nix | 35 +++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 makefu/5pkgs/arduino-user-env/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/arduino-user-env/default.nix b/makefu/5pkgs/arduino-user-env/default.nix new file mode 100644 index 000000000..7339c50a2 --- /dev/null +++ b/makefu/5pkgs/arduino-user-env/default.nix @@ -0,0 +1,35 @@ +{ lib, pkgs, ... }: let + +#TODO: make sure env exists prior to running +env_nix = pkgs.writeText "env.nix" '' + { pkgs ? import {} }: + + (pkgs.buildFHSUserEnv { + name = "arduino-user-env"; + targetPkgs = pkgs: with pkgs; [ + coreutils + ]; + multiPkgs = pkgs: with pkgs; [ + arduino + alsaLib + zlib + xorg.libXxf86vm + curl + openal + openssl_1_0_2 + xorg.libXext + xorg.libX11 + xorg.libXrandr + xorg.libXcursor + xorg.libXinerama + xorg.libXi + mesa_glu + ]; + runScript = "zsh"; + }).env +''; + + +in pkgs.writeDashBin "arduino-user-env" '' + nix-shell ${env_nix} +'' -- cgit v1.2.3 From b28b68250d13bfa15b6cc58e597873737e616e93 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 27 Jun 2017 21:01:40 +0200 Subject: make x.r: init lancache prepare deployment of lan party steam cache --- makefu/1systems/x.nix | 1 + makefu/2configs/lancache.nix | 79 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 makefu/2configs/lancache.nix (limited to 'makefu') diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index 77b9915ae..b37c32944 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -34,6 +34,7 @@ with import ; ../2configs/exim-retiolum.nix ../2configs/mail-client.nix ../2configs/printer.nix + ../2configs/task-client.nix # Virtualization ../2configs/virtualization.nix diff --git a/makefu/2configs/lancache.nix b/makefu/2configs/lancache.nix new file mode 100644 index 000000000..8ec401361 --- /dev/null +++ b/makefu/2configs/lancache.nix @@ -0,0 +1,79 @@ +{ pkgs, lib, config, ... }: +with import ; +let + # see https://github.com/zeropingheroes/lancache for full docs + cachedir = "/var/lancache/cache"; + logdir = "/var/lancache/log"; + + lancache= pkgs.stdenv.mkDerivation rec { + name = "lancache-2017-06-26"; + src = pkgs.fetchFromGitHub { + # origin: https://github.com/multiplay/lancache + # forked: https://github.com/zeropingheroes/lancache + repo = "lancache"; + owner = "zeropingheroes"; + rev = "143f7bb"; + sha256 = "1ra4l7qz3k231j5wabr89s5hh80n1kk8vgd3dsh0xx5mdpjhvdl6"; + }; + phases = [ "unpackPhase" "installPhase" ]; + # here we can chance to edit `includes/proxy-cache-paths.conf` + installPhase = '' + mkdir -p $out + cp -r * $out/ + sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ + -e 's/^\(error_log\).*/\1 stderr;\ndaemon off;/' $out/nginx.conf + ''; + }; + cfg = { + group = "nginx-lancache"; + user = "nginx-lancache"; + stateDir = "/var/lancache"; + package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ + configureFlags = old.configureFlags ++ [ + "--with-http_slice_module" + "--with-stream" + "--with-pcre" + ]; + }); + }; +in { + systemd.services.nginx-lancache = { + description = "Nginx lancache Server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + restartIfChanged = true; + + preStart = '' + PATH_CACHE="/var/lancache/cache" + PATH_LOGS="/var/lancache/logs" + WWW_USER="${cfg.user}" + WWW_GROUP="${cfg.group}" + + mkdir -p $PATH_CACHE + cd $PATH_CACHE + mkdir -p installers tmp + mkdir -p $PATH_LOGS + + chown -R $WWW_USER:$WWW_USER $PATH_CACHE + chown -R $WWW_USER:$WWW_USER $PATH_LOGS + ''; + serviceConfig = { + ExecStart = "${cfg.package}/bin/nginx -c ${lancache}/nginx.conf -p ${lancache}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + Restart = "always"; + RestartSec = "10s"; + StartLimitInterval = "1min"; + }; + }; + users.extraUsers = (singleton + { name = cfg.user; + group = cfg.group; + uid = genid cfg.group; + }); + + users.extraGroups = (singleton + { name = "${cfg.group}"; + gid = genid cfg.group; + }); + +} -- cgit v1.2.3 From dca58fbc212468cb97e15ac1fc2f47a1693c7ff3 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 27 Jun 2017 21:02:36 +0200 Subject: make led-fader: after networ-online.target --- makefu/2configs/deployment/led-fader.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/deployment/led-fader.nix b/makefu/2configs/deployment/led-fader.nix index 50023693d..678370c69 100644 --- a/makefu/2configs/deployment/led-fader.nix +++ b/makefu/2configs/deployment/led-fader.nix @@ -31,6 +31,7 @@ in { }; # after = [ (lib.optional config.services.mosqitto.enable "mosquitto.service") ]; wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; serviceConfig = { # User = "nobody"; # need a user with permissions to run nix-shell ExecStart = "${pkg}/bin/ampel 4 ${pkg}/share/times.json"; -- cgit v1.2.3 From 9bd7f9ebf4055534ace98002a1a9ddbb243805d1 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Jun 2017 08:46:55 +0200 Subject: ma lancache: fix nginx prefix issues nginx is unable to have a config with relativ paths and a statedir somewhere else. this is why i now prepare the 'prefix' with everything in it. --- makefu/2configs/lancache.nix | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/lancache.nix b/makefu/2configs/lancache.nix index 8ec401361..ff5b0d788 100644 --- a/makefu/2configs/lancache.nix +++ b/makefu/2configs/lancache.nix @@ -2,9 +2,6 @@ with import ; let # see https://github.com/zeropingheroes/lancache for full docs - cachedir = "/var/lancache/cache"; - logdir = "/var/lancache/log"; - lancache= pkgs.stdenv.mkDerivation rec { name = "lancache-2017-06-26"; src = pkgs.fetchFromGitHub { @@ -21,13 +18,14 @@ let mkdir -p $out cp -r * $out/ sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ - -e 's/^\(error_log\).*/\1 stderr;\ndaemon off;/' $out/nginx.conf + -e '1 idaemon off;' \ + $out/nginx.conf ''; }; cfg = { group = "nginx-lancache"; user = "nginx-lancache"; - stateDir = "/var/lancache"; + statedir = "/var/lancache"; package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ configureFlags = old.configureFlags ++ [ "--with-http_slice_module" @@ -44,27 +42,23 @@ in { restartIfChanged = true; preStart = '' - PATH_CACHE="/var/lancache/cache" - PATH_LOGS="/var/lancache/logs" - WWW_USER="${cfg.user}" - WWW_GROUP="${cfg.group}" - - mkdir -p $PATH_CACHE - cd $PATH_CACHE - mkdir -p installers tmp - mkdir -p $PATH_LOGS + mkdir -p ${cfg.statedir} && cd ${cfg.statedir} + PATH_CACHE=$PATH_BASE/cache + PATH_LOGS=$PATH_BASE/logs - chown -R $WWW_USER:$WWW_USER $PATH_CACHE - chown -R $WWW_USER:$WWW_USER $PATH_LOGS + mkdir -p cache/{installers,tmp} logs + rm -f conf; ln -s ${lancache} conf + chown -R ${cfg.user}:${cfg.group} . ''; serviceConfig = { - ExecStart = "${cfg.package}/bin/nginx -c ${lancache}/nginx.conf -p ${lancache}"; + ExecStart = "${cfg.package}/bin/nginx -p ${cfg.statedir}"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Restart = "always"; RestartSec = "10s"; StartLimitInterval = "1min"; }; }; + environment.etc.nginx.source = lancache; users.extraUsers = (singleton { name = cfg.user; group = cfg.group; -- cgit v1.2.3 From 984b7fd31b47bfbbee0e8adf8a1e6caa69376c2e Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Jun 2017 12:00:18 +0200 Subject: ma: mv {,lanparty}/lancache --- makefu/2configs/lancache.nix | 73 ----------------------------------- makefu/2configs/lanparty/lancache.nix | 73 +++++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+), 73 deletions(-) delete mode 100644 makefu/2configs/lancache.nix create mode 100644 makefu/2configs/lanparty/lancache.nix (limited to 'makefu') diff --git a/makefu/2configs/lancache.nix b/makefu/2configs/lancache.nix deleted file mode 100644 index ff5b0d788..000000000 --- a/makefu/2configs/lancache.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ pkgs, lib, config, ... }: -with import ; -let - # see https://github.com/zeropingheroes/lancache for full docs - lancache= pkgs.stdenv.mkDerivation rec { - name = "lancache-2017-06-26"; - src = pkgs.fetchFromGitHub { - # origin: https://github.com/multiplay/lancache - # forked: https://github.com/zeropingheroes/lancache - repo = "lancache"; - owner = "zeropingheroes"; - rev = "143f7bb"; - sha256 = "1ra4l7qz3k231j5wabr89s5hh80n1kk8vgd3dsh0xx5mdpjhvdl6"; - }; - phases = [ "unpackPhase" "installPhase" ]; - # here we can chance to edit `includes/proxy-cache-paths.conf` - installPhase = '' - mkdir -p $out - cp -r * $out/ - sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ - -e '1 idaemon off;' \ - $out/nginx.conf - ''; - }; - cfg = { - group = "nginx-lancache"; - user = "nginx-lancache"; - statedir = "/var/lancache"; - package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ - configureFlags = old.configureFlags ++ [ - "--with-http_slice_module" - "--with-stream" - "--with-pcre" - ]; - }); - }; -in { - systemd.services.nginx-lancache = { - description = "Nginx lancache Server"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; - - preStart = '' - mkdir -p ${cfg.statedir} && cd ${cfg.statedir} - PATH_CACHE=$PATH_BASE/cache - PATH_LOGS=$PATH_BASE/logs - - mkdir -p cache/{installers,tmp} logs - rm -f conf; ln -s ${lancache} conf - chown -R ${cfg.user}:${cfg.group} . - ''; - serviceConfig = { - ExecStart = "${cfg.package}/bin/nginx -p ${cfg.statedir}"; - ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; - Restart = "always"; - RestartSec = "10s"; - StartLimitInterval = "1min"; - }; - }; - environment.etc.nginx.source = lancache; - users.extraUsers = (singleton - { name = cfg.user; - group = cfg.group; - uid = genid cfg.group; - }); - - users.extraGroups = (singleton - { name = "${cfg.group}"; - gid = genid cfg.group; - }); - -} diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix new file mode 100644 index 000000000..ff5b0d788 --- /dev/null +++ b/makefu/2configs/lanparty/lancache.nix @@ -0,0 +1,73 @@ +{ pkgs, lib, config, ... }: +with import ; +let + # see https://github.com/zeropingheroes/lancache for full docs + lancache= pkgs.stdenv.mkDerivation rec { + name = "lancache-2017-06-26"; + src = pkgs.fetchFromGitHub { + # origin: https://github.com/multiplay/lancache + # forked: https://github.com/zeropingheroes/lancache + repo = "lancache"; + owner = "zeropingheroes"; + rev = "143f7bb"; + sha256 = "1ra4l7qz3k231j5wabr89s5hh80n1kk8vgd3dsh0xx5mdpjhvdl6"; + }; + phases = [ "unpackPhase" "installPhase" ]; + # here we can chance to edit `includes/proxy-cache-paths.conf` + installPhase = '' + mkdir -p $out + cp -r * $out/ + sed -i -e 's/^\(user\).*/\1 ${cfg.user} ${cfg.group};/' \ + -e '1 idaemon off;' \ + $out/nginx.conf + ''; + }; + cfg = { + group = "nginx-lancache"; + user = "nginx-lancache"; + statedir = "/var/lancache"; + package = pkgs.stdenv.lib.overrideDerivation pkgs.nginx (old:{ + configureFlags = old.configureFlags ++ [ + "--with-http_slice_module" + "--with-stream" + "--with-pcre" + ]; + }); + }; +in { + systemd.services.nginx-lancache = { + description = "Nginx lancache Server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + restartIfChanged = true; + + preStart = '' + mkdir -p ${cfg.statedir} && cd ${cfg.statedir} + PATH_CACHE=$PATH_BASE/cache + PATH_LOGS=$PATH_BASE/logs + + mkdir -p cache/{installers,tmp} logs + rm -f conf; ln -s ${lancache} conf + chown -R ${cfg.user}:${cfg.group} . + ''; + serviceConfig = { + ExecStart = "${cfg.package}/bin/nginx -p ${cfg.statedir}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + Restart = "always"; + RestartSec = "10s"; + StartLimitInterval = "1min"; + }; + }; + environment.etc.nginx.source = lancache; + users.extraUsers = (singleton + { name = cfg.user; + group = cfg.group; + uid = genid cfg.group; + }); + + users.extraGroups = (singleton + { name = "${cfg.group}"; + gid = genid cfg.group; + }); + +} -- cgit v1.2.3 From 2dd0b055588ee5bf3262ec138265a881df4c01a5 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Jun 2017 12:00:28 +0200 Subject: ma lancache-dns: init --- makefu/2configs/lanparty/lancache-dns.nix | 55 +++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 makefu/2configs/lanparty/lancache-dns.nix (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache-dns.nix b/makefu/2configs/lanparty/lancache-dns.nix new file mode 100644 index 000000000..4b4ebf0a0 --- /dev/null +++ b/makefu/2configs/lanparty/lancache-dns.nix @@ -0,0 +1,55 @@ +{ pkgs, lib, config, ... }: +with import ; +let + # see https://github.com/zeropingheroes/lancache for full docs + lancache-dns = pkgs.stdenv.mkDerivation rec { + name = "lancache-dns-2017-06-28"; + src = pkgs.fetchFromGitHub { + # forked: https://github.com/zeropingheroes/lancache-dns + repo = "lancache-dns"; + owner = "zeropingheroes"; + rev = "420aa62"; + sha256 = "0ik7by7ripdv2avyy5kk9jp1i7rz9ksc8xmg7n9iik365q9pv94m"; + }; + phases = [ "unpackPhase" "installPhase" ]; + # here we can chance to edit `includes/proxy-cache-paths.conf` + installPhase = '' + mkdir -p $out + cp -r * $out/ + ''; + }; + stateDir = "/var/lib/unbound"; + user = "unbound"; + upstream-server = "8.8.8.8"; +in { + services.unbound = { + enable = true; + allowedAccess = [ "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16" ]; + interfaces = ["0.0.0.0" "::" ]; + forwardAddresses = [ upstream-server ]; + extraConfig = '' + include: "${stateDir}/lancache/*.conf" + ''; + }; + services.dnscrypt-proxy.enable = lib.mkForce false; + virtualisation.libvirtd.enable = lib.mkForce false; + systemd.services.dns-lancache-prepare = { + wantedBy = [ "unbound.service" ]; + before = [ "unbound.service" ]; + after = [ "network-online.target" ]; + partOf= [ "unbound.service" ]; + + path = [ pkgs.gawk pkgs.iproute pkgs.gnused ]; + script = '' + set -xeu + current_ip=$(ip route get 8.8.8.8 | awk '/8.8.8.8/ {print $NF}') + old_ip=10.1.1.250 + mkdir -p ${stateDir} + rm -rvf ${stateDir}/lancache + cp -r ${lancache-dns}/upstreams-available ${stateDir}/lancache + sed -i "s/$old_ip/$current_ip/g" ${stateDir}/lancache/*.conf + chown -R unbound ${stateDir} + ''; + }; + networking.firewall.allowedUDPPorts = [ 53 ]; +} -- cgit v1.2.3 From 890e20f59ca67c612ce29dd356497062b935e81b Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Jun 2017 23:46:27 +0200 Subject: ma vbob: remove videodrivers workaround --- makefu/1systems/vbob.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index 7421125e4..53ee11474 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -14,8 +14,6 @@ ]; networking.extraHosts = import (toString ); - # workaround for https://github.com/NixOS/nixpkgs/issues/16641 - services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ]; nixpkgs.config.allowUnfree = true; fileSystems."/nix" = { -- cgit v1.2.3 From 89fd62c21a65fc129c9f6dd59513a55a6298d921 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 29 Jun 2017 00:14:54 +0200 Subject: ma vbob: realtime kernel with jack-audio --- makefu/1systems/vbob.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'makefu') diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index 53ee11474..b79ec64c0 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -9,9 +9,19 @@ (toString ) ../2configs/main-laptop.nix #< base-gui + # Tools + ../2configs/tools/core.nix + ../2configs/tools/core-gui.nix + ../2configs/tools/dev.nix + ../2configs/tools/extra-gui.nix + ../2configs/tools/sec.nix + # environment ../2configs/tinc/retiolum.nix + ../2configs/audio/jack-on-pulse.nix + ../2configs/audio/realtime-audio.nix + ]; networking.extraHosts = import (toString ); -- cgit v1.2.3 From f8c534dc0e93e781563ce230b521dde49a361293 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 29 Jun 2017 00:15:21 +0200 Subject: ma jack-on-pulse: include jack_capture --- makefu/2configs/audio/jack-on-pulse.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/audio/jack-on-pulse.nix b/makefu/2configs/audio/jack-on-pulse.nix index 49b61d5a2..a8ee05c7d 100644 --- a/makefu/2configs/audio/jack-on-pulse.nix +++ b/makefu/2configs/audio/jack-on-pulse.nix @@ -11,7 +11,10 @@ in package = pulse; }; - environment.systemPackages = with pkgs; [ jack2Full ]; + environment.systemPackages = with pkgs; [ + jack2Full + jack_capture + ]; # from http://anderspapitto.com/posts/2015-11-26-overtone-on-nixos-with-jack-and-pulseaudio.html systemd.user.services = { -- cgit v1.2.3 From 47e4bafae5e183a1dfbcd5224b29d752b0103033 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 29 Jun 2017 00:15:56 +0200 Subject: ma audio: use latest kernel for musnix --- makefu/2configs/audio/realtime-audio.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/audio/realtime-audio.nix b/makefu/2configs/audio/realtime-audio.nix index fbeacd025..6cb18c45c 100644 --- a/makefu/2configs/audio/realtime-audio.nix +++ b/makefu/2configs/audio/realtime-audio.nix @@ -10,7 +10,7 @@ in musnix.enable = true; musnix.kernel.optimize = true; musnix.kernel.realtime = true; - # TODO: musnix.kernel.packages = pkgs.linuxPackages_latest_rt; + musnix.kernel.packages = pkgs.linuxPackages_latest_rt; users.users."${user}".extraGroups = [ "audio" ]; } -- cgit v1.2.3 From 51e091c7c3fb52579bc9ed59d1c7db633cd24e5b Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 29 Jun 2017 00:16:15 +0200 Subject: ma sources: bump musnix --- makefu/2configs/sources/musnix.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/sources/musnix.nix b/makefu/2configs/sources/musnix.nix index d02dd4a48..a5be303e9 100644 --- a/makefu/2configs/sources/musnix.nix +++ b/makefu/2configs/sources/musnix.nix @@ -1,6 +1,6 @@ { krebs.build.source.musnix.git = { url = https://github.com/musnix/musnix.git; - ref = "37a8378"; + ref = "f0ec1f3"; }; } -- cgit v1.2.3 From d9cc50653d0c7998052284cfb66b2229e0ce849b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 30 Jun 2017 22:36:25 +0200 Subject: ma gen-oath-safe: init --- makefu/5pkgs/gen-oath-safe/default.nix | 37 ++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 makefu/5pkgs/gen-oath-safe/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/gen-oath-safe/default.nix b/makefu/5pkgs/gen-oath-safe/default.nix new file mode 100644 index 000000000..245e65174 --- /dev/null +++ b/makefu/5pkgs/gen-oath-safe/default.nix @@ -0,0 +1,37 @@ +{ coreutils, makeWrapper, openssl, libcaca, qrencode, fetchFromGitHub, yubikey-manager, python, stdenv, ... }: + +stdenv.mkDerivation { + name = "geno-oath-safe-2017-06-30"; + src = fetchFromGitHub { + owner = "mcepl"; + repo = "gen-oath-safe"; + rev = "fb53841"; + sha256 = "0018kqmhg0861r5xkbis2a1rx49gyn0dxcyj05wap5ms7zz69m0m"; + }; + + phases = [ + "unpackPhase" + "installPhase" + "fixupPhase" + ]; + + buildInputs = [ makeWrapper ]; + + installPhase = + let + path = stdenv.lib.makeBinPath [ + coreutils + openssl + qrencode + yubikey-manager + libcaca + python + ]; + in + '' + mkdir -p $out/bin + cp gen-oath-safe $out/bin/ + wrapProgram $out/bin/gen-oath-safe \ + --prefix PATH : ${path} + ''; +} -- cgit v1.2.3 From 7cd2ff2679b688e8fa0c98bc9ecf1d99602c0421 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 30 Jun 2017 23:49:05 +0200 Subject: ma 2fa: init and enable for gum --- makefu/1systems/gum.nix | 3 +++ makefu/2configs/sshd-totp.nix | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 makefu/2configs/sshd-totp.nix (limited to 'makefu') diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 519313f57..6e57d1404 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -26,6 +26,9 @@ in { ../2configs/tinc/retiolum.nix ../2configs/urlwatch.nix + # Security + ../2configs/sshd-totp.nix + # Tools ../2configs/tools/core.nix ../2configs/tools/dev.nix diff --git a/makefu/2configs/sshd-totp.nix b/makefu/2configs/sshd-totp.nix new file mode 100644 index 000000000..f9984e245 --- /dev/null +++ b/makefu/2configs/sshd-totp.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: +# Enables second factor for ssh password login + +## Usage: +# gen-oath-safe totp +## scan the qrcode with google authenticator (or FreeOTP) +## copy last line into secrets//users.oath (chmod 700) +{ + security.pam.oath = { + # enabling it will make it a requisite of `all` services + # enable = true; + digits = 6; + # TODO assert existing + usersFile = (toString ) + "/users.oath"; + }; + # I want TFA only active for sshd with password-auth + security.pam.services.sshd.oathAuth = true; +} -- cgit v1.2.3 From 09e31fb8a27d1f9f7acfc1f40f0b2ae598a22e34 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 1 Jul 2017 01:10:31 +0200 Subject: ma lancache: retab --- makefu/2configs/lanparty/lancache.nix | 59 ++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 29 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/lanparty/lancache.nix b/makefu/2configs/lanparty/lancache.nix index ff5b0d788..3df2e3f59 100644 --- a/makefu/2configs/lanparty/lancache.nix +++ b/makefu/2configs/lanparty/lancache.nix @@ -36,38 +36,39 @@ let }; in { systemd.services.nginx-lancache = { - description = "Nginx lancache Server"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - restartIfChanged = true; + description = "Nginx lancache Server"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + restartIfChanged = true; - preStart = '' - mkdir -p ${cfg.statedir} && cd ${cfg.statedir} - PATH_CACHE=$PATH_BASE/cache - PATH_LOGS=$PATH_BASE/logs + preStart = '' + mkdir -p ${cfg.statedir} && cd ${cfg.statedir} + PATH_CACHE=$PATH_BASE/cache + PATH_LOGS=$PATH_BASE/logs - mkdir -p cache/{installers,tmp} logs - rm -f conf; ln -s ${lancache} conf - chown -R ${cfg.user}:${cfg.group} . - ''; - serviceConfig = { - ExecStart = "${cfg.package}/bin/nginx -p ${cfg.statedir}"; - ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; - Restart = "always"; - RestartSec = "10s"; - StartLimitInterval = "1min"; - }; + mkdir -p cache/{installers,tmp} logs + rm -f conf; ln -s ${lancache} conf + chown -R ${cfg.user}:${cfg.group} . + ''; + serviceConfig = { + ExecStart = "${cfg.package}/bin/nginx -p ${cfg.statedir}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + Restart = "always"; + RestartSec = "10s"; + StartLimitInterval = "1min"; }; - environment.etc.nginx.source = lancache; - users.extraUsers = (singleton - { name = cfg.user; - group = cfg.group; - uid = genid cfg.group; - }); + }; - users.extraGroups = (singleton - { name = "${cfg.group}"; - gid = genid cfg.group; - }); + environment.etc.nginx.source = lancache; + users.extraUsers = (singleton + { name = cfg.user; + group = cfg.group; + uid = genid cfg.group; + }); + users.extraGroups = (singleton + { name = "${cfg.group}"; + gid = genid cfg.group; + }); + networking.firewall.allowedTCPPorts = [ 80 443 ]; } -- cgit v1.2.3 From 4d9d70c6cc7c47cf62a83e838d70134c33594065 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 1 Jul 2017 01:11:31 +0200 Subject: ma: add gen-oath-safe to dev tools --- makefu/2configs/tools/dev.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index e40f5b36f..42006eb22 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -14,5 +14,6 @@ ovh-zone whatsupnix brain + gen-oath-safe ]; } -- cgit v1.2.3 From d95039620550368bcee37f74d9828db97d38722f Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 1 Jul 2017 01:12:52 +0200 Subject: ma vbob: enable totp --- makefu/1systems/vbob.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/1systems/vbob.nix b/makefu/1systems/vbob.nix index b79ec64c0..d8e275bf6 100644 --- a/makefu/1systems/vbob.nix +++ b/makefu/1systems/vbob.nix @@ -8,6 +8,7 @@ (toString ) (toString ) ../2configs/main-laptop.nix #< base-gui + ../2configs/sshd-totp.nix # Tools ../2configs/tools/core.nix -- cgit v1.2.3 From 38a9f8f6d51bbaa83c7bbd50525844a3039f53fc Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 1 Jul 2017 01:13:28 +0200 Subject: ma x.r: enable 2fa for sshd --- makefu/1systems/x.nix | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'makefu') diff --git a/makefu/1systems/x.nix b/makefu/1systems/x.nix index b37c32944..235862e85 100644 --- a/makefu/1systems/x.nix +++ b/makefu/1systems/x.nix @@ -19,6 +19,8 @@ with import ; # ../2configs/disable_v6.nix # Testing + # ../2configs/lanparty/lancache.nix + # ../2configs/lanparty/lancache-dns.nix # ../2configs/deployment/dirctator.nix # ../2configs/vncserver.nix # ../2configs/deployment/led-fader @@ -58,6 +60,9 @@ with import ; # Filesystem ../2configs/fs/sda-crypto-root-home.nix + # Security + ../2configs/sshd-totp.nix + ]; makefu.server.primary-itf = "wlp3s0"; -- cgit v1.2.3 From b4bcf2b0a4dd5fbc69a4b539b32f82fb3eccc4a2 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 2 Jul 2017 23:06:36 +0200 Subject: ma urlwatch: use hook for json api --- makefu/2configs/urlwatch.nix | 27 --------------------------- makefu/2configs/urlwatch/default.nix | 35 +++++++++++++++++++++++++++++++++++ makefu/2configs/urlwatch/hook.py | 12 ++++++++++++ 3 files changed, 47 insertions(+), 27 deletions(-) delete mode 100644 makefu/2configs/urlwatch.nix create mode 100644 makefu/2configs/urlwatch/default.nix create mode 100644 makefu/2configs/urlwatch/hook.py (limited to 'makefu') diff --git a/makefu/2configs/urlwatch.nix b/makefu/2configs/urlwatch.nix deleted file mode 100644 index 9493b2b7b..000000000 --- a/makefu/2configs/urlwatch.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, ... }: - -{ - krebs.urlwatch = { - enable = true; - mailto = config.krebs.users.makefu.mail; - onCalendar = "*-*-* 05:00:00"; - urls = [ - ## nixpkgs maintenance - https://api.github.com/repos/ovh/python-ovh/tags - https://api.github.com/repos/embray/d2to1/tags - https://api.github.com/repos/Mic92/vicious/tags - https://pypi.python.org/simple/bepasty/ - https://pypi.python.org/simple/xstatic/ - http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ - http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ - https://github.com/amadvance/snapraid/releases.atom - https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack - https://api.github.com/repos/embray/d2to1/tags - https://api.github.com/repos/dorimanx/exfat-nofuse/commits - https://api.github.com/repos/dorimanx/exfat-nofuse/tags - https://api.github.com/repos/radare/radare2/tags - https://api.github.com/repos/rapid7/metasploit-framework/tags - ]; - }; -} - diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix new file mode 100644 index 000000000..54c8ee924 --- /dev/null +++ b/makefu/2configs/urlwatch/default.nix @@ -0,0 +1,35 @@ +{ config, lib, ... }: + +{ + krebs.urlwatch = { + enable = true; + mailto = config.krebs.users.makefu.mail; + onCalendar = "*-*-* 05:00:00"; + hooksFile = ./hook.py; + urls = [ + ## nixpkgs maintenance + https://api.github.com/repos/ovh/python-ovh/tags + https://api.github.com/repos/embray/d2to1/tags + https://api.github.com/repos/Mic92/vicious/tags + https://pypi.python.org/simple/bepasty/ + https://pypi.python.org/simple/xstatic/ + https://pypi.python.org/simple/devpi-client/ + http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ + http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ + https://github.com/amadvance/snapraid/releases.atom + https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack + https://api.github.com/repos/embray/d2to1/tags + https://api.github.com/repos/dorimanx/exfat-nofuse/commits + https://api.github.com/repos/dorimanx/exfat-nofuse/tags + https://api.github.com/repos/radare/radare2/tags + https://api.github.com/repos/rapid7/metasploit-framework/tags + https://api.github.com/repos/mcepl/gen-oath-safe/commits + https://api.github.com/repos/naim94a/udpt/commits + https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack + https://api.github.com/repos/dirkvdb/ps3netsrv--/commits + # TODO: dymo cups + + ]; + }; +} + diff --git a/makefu/2configs/urlwatch/hook.py b/makefu/2configs/urlwatch/hook.py new file mode 100644 index 000000000..fc598423f --- /dev/null +++ b/makefu/2configs/urlwatch/hook.py @@ -0,0 +1,12 @@ +import logging +logging.basicConfig(level=logging.INFO) +log = logging.getLogger() +# log.setLevel(level=logging.INFO) +def filter(url, data): + log.info("handling url '{}'".format(url)) + if "api.github.com" in url: + import json + log.info("url is a github api link, assuming json") + return json.dumps(json.loads(data),indent=2) + + return data -- cgit v1.2.3 From 2eb910183a92bd6e8d3796d821c783d878ae956b Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 2 Jul 2017 23:09:12 +0200 Subject: ma urlwatch: refactor --- makefu/2configs/urlwatch/default.nix | 36 +++++++++++++++++++++++------------- makefu/2configs/urlwatch/hook.py | 22 +++++++++++++--------- 2 files changed, 36 insertions(+), 22 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix index 54c8ee924..f17bcdc3a 100644 --- a/makefu/2configs/urlwatch/default.nix +++ b/makefu/2configs/urlwatch/default.nix @@ -8,27 +8,37 @@ hooksFile = ./hook.py; urls = [ ## nixpkgs maintenance - https://api.github.com/repos/ovh/python-ovh/tags - https://api.github.com/repos/embray/d2to1/tags - https://api.github.com/repos/Mic92/vicious/tags + # github + ## No rate limit + https://github.com/amadvance/snapraid/releases.atom + https://github.com/radare/radare2/releases.atom + https://github.com/ovh/python-ovh/releases.atom + https://github.com/embray/d2to1/releases.atom + https://github.com/Mic92/vicious/releases.atom + https://github.com/embray/d2to1/releases.atom + https://github.com/dorimanx/exfat-nofuse/releases.atom + https://github.com/rapid7/metasploit-framework/releases.atom + ## rate limited + # https://api.github.com/repos/dorimanx/exfat-nofuse/commits + # https://api.github.com/repos/mcepl/gen-oath-safe/commits + https://api.github.com/repos/naim94a/udpt/commits + https://api.github.com/repos/dirkvdb/ps3netsrv--/commits + + # pypi https://pypi.python.org/simple/bepasty/ https://pypi.python.org/simple/xstatic/ https://pypi.python.org/simple/devpi-client/ + # weird shit http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/ http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/ - https://github.com/amadvance/snapraid/releases.atom https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack - https://api.github.com/repos/embray/d2to1/tags - https://api.github.com/repos/dorimanx/exfat-nofuse/commits - https://api.github.com/repos/dorimanx/exfat-nofuse/tags - https://api.github.com/repos/radare/radare2/tags - https://api.github.com/repos/rapid7/metasploit-framework/tags - https://api.github.com/repos/mcepl/gen-oath-safe/commits - https://api.github.com/repos/naim94a/udpt/commits https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack - https://api.github.com/repos/dirkvdb/ps3netsrv--/commits - # TODO: dymo cups + { + url = https://newellrubbermaid.secure.force.com/dymopkb/articles/en_US/FAQ/Dymo-Drivers-and-Downloads/?l=en_US&c=Segment:Dymo&fs=Search&pn=1 ; + filter = "grep:Software/Linux/dymo-cups-drivers"; + } + # TODO: dymo cups ]; }; } diff --git a/makefu/2configs/urlwatch/hook.py b/makefu/2configs/urlwatch/hook.py index fc598423f..7d9282c7e 100644 --- a/makefu/2configs/urlwatch/hook.py +++ b/makefu/2configs/urlwatch/hook.py @@ -1,12 +1,16 @@ import logging logging.basicConfig(level=logging.INFO) log = logging.getLogger() -# log.setLevel(level=logging.INFO) -def filter(url, data): - log.info("handling url '{}'".format(url)) - if "api.github.com" in url: - import json - log.info("url is a github api link, assuming json") - return json.dumps(json.loads(data),indent=2) - - return data +log.setLevel(level=logging.INFO) + +import re +import json + +from urlwatch import filters + + +class JsonFilter(filters.RegexMatchFilter): + MATCH = {'url': re.compile('https?://api.github.com/.*')} + + def filter(self, data): + return json.dumps(json.loads(data),indent=2,sort_keys=True) -- cgit v1.2.3 From 5f3bece0d647f65c2354ae0944a50d775a3b488e Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 2 Jul 2017 23:09:30 +0200 Subject: ma gum: use urlwatch folder --- makefu/1systems/gum.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix index 6e57d1404..51761d3fd 100644 --- a/makefu/1systems/gum.nix +++ b/makefu/1systems/gum.nix @@ -24,7 +24,7 @@ in { # ../2configs/disable_v6.nix ../2configs/exim-retiolum.nix ../2configs/tinc/retiolum.nix - ../2configs/urlwatch.nix + ../2configs/urlwatch # Security ../2configs/sshd-totp.nix -- cgit v1.2.3 From ed257db34c2225c26912ad05e31493f94b6897d7 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 3 Jul 2017 08:26:33 +0200 Subject: ma: nixpkgs -> 06734d --- makefu/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index bcd998826..0b4ef8909 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -22,7 +22,7 @@ with import ; user = config.krebs.users.makefu; source = let inherit (config.krebs.build) host user; - ref = "7a7c39c"; # unstable @ 2017-05-09 + graceful requests2 + logstash5 + ref = "06734d1"; # unstable @ 2017-07-03 + graceful requests2 (a772c3aa) in { nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then { -- cgit v1.2.3 From d3af8d37f8e3d806ca3744b7086f8d5e30f72875 Mon Sep 17 00:00:00 2001 From: makefu Date: Mon, 3 Jul 2017 11:44:47 +0200 Subject: ma x230/pulseaudio: use extraConfig --- makefu/2configs/hw/tp-x230.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/2configs/hw/tp-x230.nix b/makefu/2configs/hw/tp-x230.nix index 2de32dd94..c705b52a7 100644 --- a/makefu/2configs/hw/tp-x230.nix +++ b/makefu/2configs/hw/tp-x230.nix @@ -44,8 +44,7 @@ with import ; ''; # enable HDMI output switching with pulseaudio - hardware.pulseaudio.configFile = pkgs.writeText "pulse-default-pa" '' - ${builtins.readFile "${config.hardware.pulseaudio.package.out}/etc/pulse/default.pa"} + hardware.pulseaudio.extraConfig = '' load-module module-alsa-sink device=hw:0,3 sink_properties=device.description="HDMIOutput" sink_name="HDMI" ''; -- cgit v1.2.3