From 129829cacfee9bc5b7fda99e50b70bc3ffe8a9bc Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 25 Jul 2015 00:04:04 +0200 Subject: tv.identity -> krebs.build + extraHosts hack --- 3modules/krebs/default.nix | 72 +++++++++++++++++++++++++++++++++++++++++++ 3modules/tv/default.nix | 1 - 3modules/tv/identity.nix | 77 ---------------------------------------------- 3 files changed, 72 insertions(+), 78 deletions(-) delete mode 100644 3modules/tv/identity.nix (limited to '3modules') diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix index 999e68d..601ecf0 100644 --- a/3modules/krebs/default.nix +++ b/3modules/krebs/default.nix @@ -19,6 +19,21 @@ let api = { enable = mkEnableOption "krebs"; + build = mkOption { + type = types.submodule { + options = { + host = mkOption { + type = types.host; + }; + user = mkOption { + type = types.user; + }; + }; + }; + # Define defaul value, so unset values of the submodule get reported. + default = {}; + }; + hosts = mkOption { type = with types; attrsOf host; }; @@ -26,12 +41,69 @@ let users = mkOption { type = with types; attrsOf user; }; + + # XXX is there a better place to define search-domain? + # TODO search-domains :: listOf hostname + search-domain = mkOption { + type = types.hostname; + default = ""; + example = "retiolum"; + }; }; imp = mkMerge [ { krebs = lass-imp; } { krebs = makefu-imp; } { krebs = tv-imp; } + { + # XXX This overlaps with krebs.retiolum + networking.extraHosts = + let + # TODO move domain name providers to a dedicated module + # providers : tree label providername + providers = { + internet = "hosts"; + retiolum = "hosts"; + de.viljetic = "regfish"; + de.krebsco = "ovh"; + }; + + # splitByProvider : [alias] -> set providername [alias] + splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {}; + + # providerOf : alias -> providername + providerOf = alias: + tree-get (splitString "." alias) providers; + + # insert : k -> v -> set k [v] -> set k [v] + insert = name: value: set: + set // { ${name} = set.${name} or [] ++ [value]; }; + + # tree k v = set k (either v (tree k v)) + + # tree-get : [k] -> tree k v -> v + tree-get = path: x: + let + y = x.${last path}; + in + if typeOf y != "set" + then y + else tree-get (init path) y; + in + concatStringsSep "\n" (flatten ( + # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net: + mapAttrsToList (hostname: host: + mapAttrsToList (netname: net: + let + aliases = toString (unique (longs ++ shorts)); + longs = (splitByProvider net.aliases).hosts; + shorts = map (removeSuffix ".${cfg.search-domain}") longs; + in + map (addr: "${addr} ${aliases}") net.addrs + ) host.nets + ) config.krebs.hosts + )); + } ]; lass-imp = { diff --git a/3modules/tv/default.nix b/3modules/tv/default.nix index e267d0b..bb10d82 100644 --- a/3modules/tv/default.nix +++ b/3modules/tv/default.nix @@ -4,7 +4,6 @@ _: imports = [ ./consul.nix ./ejabberd.nix - ./identity.nix ./iptables.nix ]; } diff --git a/3modules/tv/identity.nix b/3modules/tv/identity.nix deleted file mode 100644 index 9de4322..0000000 --- a/3modules/tv/identity.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ../../4lib/tv { inherit lib pkgs; }; -let - cfg = config.tv.identity; - - out = { - options.tv.identity = api; - config = mkIf cfg.enable imp; - }; - - api = { - enable = mkEnableOption "tv.identity"; - - self = mkOption { - type = types.host; - }; - - #others = mkOption { - # type = types.host; - # default = filterAttrs (name: _host: name != cfg.self.name) cfg.hosts; - #}; - - search = mkOption { - type = types.hostname; - }; - }; - - imp = { - networking.extraHosts = - concatStringsSep "\n" (flatten ( - # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net: - mapAttrsToList (hostname: host: - mapAttrsToList (netname: net: - let - aliases = toString (unique (longs ++ shorts)); - longs = (splitByProvider net.aliases).hosts; - shorts = map (removeSuffix ".${cfg.search}") longs; - in - map (addr: "${addr} ${aliases}") net.addrs - ) host.nets - ) config.krebs.hosts - )); - }; - - # TODO move domain name providers to a dedicated module - # providers : tree label providername - providers = { - internet = "hosts"; - retiolum = "hosts"; - de.viljetic = "regfish"; - de.krebsco = "ovh"; - }; - - # splitByProvider : [alias] -> set providername [alias] - splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {}; - - # providerOf : alias -> providername - providerOf = alias: - tree-get (splitString "." alias) providers; - - # insert : k -> v -> set k [v] -> set k [v] - insert = name: value: set: - set // { ${name} = set.${name} or [] ++ [value]; }; - - # tree k v = set k (either v (tree k v)) - - # tree-get : [k] -> tree k v -> v - tree-get = path: x: - let - y = x.${last path}; - in - if typeOf y != "set" - then y - else tree-get (init path) y; -in -out -- cgit v1.3.1 From 070d813ec2fe8bf164ccfb8ee26163f6f4b3784e Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 25 Jul 2015 00:44:24 +0200 Subject: krebs.users += mv --- 3modules/krebs/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to '3modules') diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix index 601ecf0..23b3ab7 100644 --- a/3modules/krebs/default.nix +++ b/3modules/krebs/default.nix @@ -308,6 +308,9 @@ let }; }; users = addNames { + mv = { + pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub; + }; tv = { pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; }; -- cgit v1.3.1 From 1a753d75642f8dc4c45f4c74fa5213d7e1da01c0 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 25 Jul 2015 01:06:13 +0200 Subject: krebs.users.[mt]v: set mail --- 1systems/tv/wu.nix | 2 +- 2configs/tv/base.nix | 2 +- 2configs/tv/charybdis.nix | 2 +- 2configs/tv/exim-smarthost.nix | 15 ++++++++------- 2configs/tv/smartd.nix | 2 +- 3modules/krebs/default.nix | 2 ++ 6 files changed, 14 insertions(+), 11 deletions(-) (limited to '3modules') diff --git a/1systems/tv/wu.nix b/1systems/tv/wu.nix index 0b2dab9..ccb2dd1 100644 --- a/1systems/tv/wu.nix +++ b/1systems/tv/wu.nix @@ -152,7 +152,7 @@ in { krebs.urlwatch = { enable = true; - mailto = "tv@wu.retiolum"; # TODO + mailto = config.krebs.users.tv.mail; onCalendar = "*-*-* 05:00:00"; urls = [ ## nixpkgs maintenance diff --git a/2configs/tv/base.nix b/2configs/tv/base.nix index c7d3e0d..ab6d247 100644 --- a/2configs/tv/base.nix +++ b/2configs/tv/base.nix @@ -47,7 +47,7 @@ in } { security.sudo.extraConfig = '' - Defaults mailto="tv@wu.retiolum" + Defaults mailto="${config.krebs.users.tv.mail}" ''; time.timeZone = "Europe/Berlin"; } diff --git a/2configs/tv/charybdis.nix b/2configs/tv/charybdis.nix index 265f851..d78e162 100644 --- a/2configs/tv/charybdis.nix +++ b/2configs/tv/charybdis.nix @@ -170,7 +170,7 @@ let admin { name = "tv"; description = "peer"; - email = "tv@wu.retiolum"; + mail = "${config.krebs.users.tv.mail}"; }; log { diff --git a/2configs/tv/exim-smarthost.nix b/2configs/tv/exim-smarthost.nix index a4c47b3..c93189b 100644 --- a/2configs/tv/exim-smarthost.nix +++ b/2configs/tv/exim-smarthost.nix @@ -11,20 +11,21 @@ in let retiolumHostname = "${config.networking.hostName}.retiolum"; - internet-aliases = [ - { from = "tomislav@viljetic.de"; to = "tv@wu.retiolum"; } + internet-aliases = with config.krebs.users; [ + { from = "tomislav@viljetic.de"; to = tv.mail; } # (mindestens) lisp-stammtisch und elli haben die: - { from = "tv@viljetic.de"; to = "tv@wu.retiolum"; } + { from = "tv@viljetic.de"; to = tv.mail; } - { from = "tv@destroy.dyn.shackspace.de"; to = "tv@wu.retiolum"; } + { from = "tv@destroy.dyn.shackspace.de"; to = tv.mail; } - { from = "mirko@viljetic.de"; to = "mv@cd.retiolum"; } + { from = "mirko@viljetic.de"; to = mv.mail; } # TODO killme (wo wird die benutzt?) - { from = "tv@cd.retiolum"; to = "tv@wu.retiolum"; } + { from = "tv@cd.retiolum"; to = tv.mail; } - { from = "postmaster@krebsco.de"; to = "tv@wu.retiolum"; } + # TODO lists@smtp.retiolum [consul] + { from = "postmaster@krebsco.de"; to = tv.mail; } ]; system-aliases = [ diff --git a/2configs/tv/smartd.nix b/2configs/tv/smartd.nix index 2e9d955..9c4d8b2 100644 --- a/2configs/tv/smartd.nix +++ b/2configs/tv/smartd.nix @@ -8,7 +8,7 @@ device = "DEVICESCAN"; options = toString [ "-a" - "-m tv@wu.retiolum" + "-m ${config.krebs.users.tv.mail}" "-s (O/../.././09|S/../.././04|L/../../6/05)" ]; } diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix index 23b3ab7..43e7e4c 100644 --- a/3modules/krebs/default.nix +++ b/3modules/krebs/default.nix @@ -309,9 +309,11 @@ let }; users = addNames { mv = { + mail = "mv@cd.retiolum"; pubkey = readFile ../../Zpubkeys/mv_vod.ssh.pub; }; tv = { + mail = "tv@wu.retiolum"; pubkey = readFile ../../Zpubkeys/tv_wu.ssh.pub; }; }; -- cgit v1.3.1 From 3921175424b6a842cdf2235324e1ed76b978ed23 Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 25 Jul 2015 01:29:37 +0200 Subject: krebs.git.repos.*.hooks: default = {} --- 2configs/tv/git.nix | 1 - 3modules/krebs/git.nix | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) (limited to '3modules') diff --git a/2configs/tv/git.nix b/2configs/tv/git.nix index f884ea4..2c0cc6b 100644 --- a/2configs/tv/git.nix +++ b/2configs/tv/git.nix @@ -66,7 +66,6 @@ let make-restricted-repo = name: { desc ? null, ... }: { inherit name desc; public = false; - hooks = {}; # TODO default }; make-rules = diff --git a/3modules/krebs/git.nix b/3modules/krebs/git.nix index 499d330..6046451 100644 --- a/3modules/krebs/git.nix +++ b/3modules/krebs/git.nix @@ -72,6 +72,7 @@ let }; hooks = mkOption { type = types.attrsOf types.str; + default = {}; description = '' Repository-specific hooks. ''; -- cgit v1.3.1 From 0906cdb433fe5b8c67c2956c475a9b6d340a260f Mon Sep 17 00:00:00 2001 From: tv Date: Sat, 25 Jul 2015 02:14:44 +0200 Subject: {3 -> 4} krebs {listset,tree} --- 3modules/krebs/default.nix | 19 ++----------------- 4lib/krebs/default.nix | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+), 17 deletions(-) (limited to '3modules') diff --git a/3modules/krebs/default.nix b/3modules/krebs/default.nix index 43e7e4c..33c1088 100644 --- a/3modules/krebs/default.nix +++ b/3modules/krebs/default.nix @@ -68,27 +68,12 @@ let de.krebsco = "ovh"; }; - # splitByProvider : [alias] -> set providername [alias] - splitByProvider = foldl (acc: alias: insert (providerOf alias) alias acc) {}; + # splitByProvider : [alias] -> listset providername alias + splitByProvider = foldl (acc: alias: listset-insert (providerOf alias) alias acc) {}; # providerOf : alias -> providername providerOf = alias: tree-get (splitString "." alias) providers; - - # insert : k -> v -> set k [v] -> set k [v] - insert = name: value: set: - set // { ${name} = set.${name} or [] ++ [value]; }; - - # tree k v = set k (either v (tree k v)) - - # tree-get : [k] -> tree k v -> v - tree-get = path: x: - let - y = x.${last path}; - in - if typeOf y != "set" - then y - else tree-get (init path) y; in concatStringsSep "\n" (flatten ( # TODO deepMap ["hosts" "nets"] (hostname: host: netname: net: diff --git a/4lib/krebs/default.nix b/4lib/krebs/default.nix index 0c59076..0c42a5d 100644 --- a/4lib/krebs/default.nix +++ b/4lib/krebs/default.nix @@ -12,4 +12,22 @@ builtins // lib // rec { types = import ./types.nix { inherit lib; }; + + # listset k v = set k [v] + + # listset-insert : k -> v -> listset k v -> listset k v + listset-insert = name: value: set: + set // { ${name} = set.${name} or [] ++ [value]; }; + + # tree k v = set k (either v (tree k v)) + + # tree-get : [k] -> tree k v -> v + tree-get = path: x: + let + y = x.${last path}; + in + if typeOf y != "set" + then y + else tree-get (init path) y; + } -- cgit v1.3.1 [cgit] Unable to lock slot /tmp/cgit/6c300000.lock: No such file or directory (2)