From e38f61c7ff54031d5f48e57b96eff0062feb99b2 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 30 Jan 2020 08:12:24 +0100 Subject: ma: update omo pubkey --- krebs/3modules/makefu/sshd/omo.pub | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/sshd/omo.pub b/krebs/3modules/makefu/sshd/omo.pub index 63bbbc709..5b9435414 100644 --- a/krebs/3modules/makefu/sshd/omo.pub +++ b/krebs/3modules/makefu/sshd/omo.pub @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBGboU/P00yYiwYje53G0oqDFWmcSJ+hIpMsl4f/HH +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIujMZ3ZFxKpWeB/cjfKfYRr77+VRZk0Eik+92t03NoA -- cgit v1.3.1 From 160e9d1843b3e8c6d503a0ae023df31a27f7880c Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 12 Feb 2020 07:55:17 +0100 Subject: ma gum: add dns.euer.krebsco.de domain naim --- krebs/3modules/makefu/default.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index dcfee59b3..6c2fd6245 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -171,6 +171,7 @@ in { cgit.euer IN A ${nets.internet.ip4.addr} dl.euer IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} + dns.euer IN A ${nets.internet.ip4.addr} euer IN A ${nets.internet.ip4.addr} euer IN MX 1 aspmx.l.google.com. ghook IN A ${nets.internet.ip4.addr} -- cgit v1.3.1 From 0509f857414ef1ca9b84f6cec29985ea50ecf579 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 12 Feb 2020 07:55:39 +0100 Subject: ma gum: sort dnsnames --- krebs/3modules/makefu/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 6c2fd6245..56d313528 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -164,14 +164,15 @@ in { ci = true; extraZones = { "krebsco.de" = '' + bookmark.euer IN A ${nets.internet.ip4.addr} boot IN A ${nets.internet.ip4.addr} boot.euer IN A ${nets.internet.ip4.addr} cache.euer IN A ${nets.internet.ip4.addr} cache.gum IN A ${nets.internet.ip4.addr} cgit.euer IN A ${nets.internet.ip4.addr} dl.euer IN A ${nets.internet.ip4.addr} - dockerhub IN A ${nets.internet.ip4.addr} dns.euer IN A ${nets.internet.ip4.addr} + dockerhub IN A ${nets.internet.ip4.addr} euer IN A ${nets.internet.ip4.addr} euer IN MX 1 aspmx.l.google.com. ghook IN A ${nets.internet.ip4.addr} @@ -179,7 +180,9 @@ in { gold IN A ${nets.internet.ip4.addr} graph IN A ${nets.internet.ip4.addr} gum IN A ${nets.internet.ip4.addr} + io IN NS gum.krebsco.de. iso.euer IN A ${nets.internet.ip4.addr} + mediengewitter IN CNAME over.dose.io. mon.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr} nixos.unstable IN CNAME krebscode.github.io. @@ -190,9 +193,6 @@ in { wg.euer IN A ${nets.internet.ip4.addr} wiki.euer IN A ${nets.internet.ip4.addr} wikisearch IN A ${nets.internet.ip4.addr} - bookmark.euer IN A ${nets.internet.ip4.addr} - io IN NS gum.krebsco.de. - mediengewitter IN CNAME over.dose.io. ''; }; cores = 8; -- cgit v1.3.1 From 345fc92cbf1975da935909e3769935e733890e88 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 13 Mar 2020 10:51:34 +0100 Subject: ma gum.r: add board.euer, rss.euer --- krebs/3modules/makefu/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 56d313528..c76ed0ad1 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -182,6 +182,8 @@ in { gum IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. iso.euer IN A ${nets.internet.ip4.addr} + board.euer IN A ${nets.internet.ip4.addr} + rss.euer IN A ${nets.internet.ip4.addr} mediengewitter IN CNAME over.dose.io. mon.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr} @@ -202,7 +204,6 @@ in { ip6.addr = "2a01:4f8:191:12f6::2"; aliases = [ "gum.i" - "nextgum.i" ]; }; wiregrill = { @@ -238,6 +239,7 @@ in { "tracker.makefu.r" "wiki.gum.r" "wiki.makefu.r" + "warrior.gum.r" "sick.makefu.r" ]; }; -- cgit v1.3.1 From c76f1618940ff188258212a0988d3de7525f9e9e Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 25 Mar 2020 15:39:25 +0100 Subject: realwallpaper: redesign with new image sources --- krebs/3modules/realwallpaper.nix | 18 --- krebs/5pkgs/simple/realwallpaper/default.nix | 164 ++++++++++++--------------- 2 files changed, 73 insertions(+), 109 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index a83758ccd..7a0052a4f 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -17,21 +17,6 @@ let default = "/var/realwallpaper/"; }; - nightmap = mkOption { - type = types.str; - default = "http://eoimages.gsfc.nasa.gov/images/imagerecords/55000/55167/earth_lights_lrg.jpg"; - }; - - daymap = mkOption { - type = types.str; - default = "https://www.nnvl.noaa.gov/images/globaldata/SnowIceCover_Daily.png"; - }; - - cloudmap = mkOption { - type = types.str; - default = "http://home.megapass.co.kr/~holywatr/cloud_data/clouds_2048.jpg"; - }; - marker = mkOption { type = types.str; default = "http://graph.r/marker.json"; @@ -67,9 +52,6 @@ let environment = { working_dir = cfg.workingDir; - nightmap_url = cfg.nightmap; - daymap_url = cfg.daymap; - cloudmap_url = cfg.cloudmap; marker_url = cfg.marker; }; diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index 9be8f7c7c..dfe03ff35 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -17,24 +17,28 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' fi } - # usage: image_size FILENAME - image_size() { - identify "$1" | awk '{print$3}' + # check if file exists and fetch only if missing + fetch_once() { + name=$1 + url=$2 + test -e "$name" || fetch "$name" "$url" } - # usage: make_mask DST SRC MASK - make_layer() { - if needs_rebuild "$@"; then - echo "make $1 (apply mask)" >&2 - convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1" + fetch_older_min() { + min=$1 + name=$2 + url=$3 + if ! test "$(find $name -mmin -$min)"; then + fetch "$name" "$url" fi } - # usage: flatten DST HILAYER LOLAYER - flatten() { - if needs_rebuild "$@"; then - echo "make $1 (flatten)" >&2 - composite "$2" "$3" "$1" + fetch_older_days() { + days=$1 + name=$2 + url=$3 + if ! test "$(find $name -mmin -$days)"; then + fetch "$name" "$url" fi } @@ -60,35 +64,36 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' return $result } + get_neo_url() { + url=$1 + curl -Ss "$url" | grep '3600 x 1800' | sed 's/.*href="\([^"]*\)".*/\1/' + } + main() { cd "$working_dir" # fetch source images in parallel - # fetch basic images which should not change - test -e nightmap-raw.jpg || fetch nightmap-raw.jpg "$nightmap_url" & - test -e sun-raw.png || fetch sun-raw.png \ - "http://simpleicon.com/wp-content/uploads/sun-64x64.png" & - - test -e moon-raw.png || fetch moon-raw.png \ - "http://simpleicon.com/wp-content/uploads/moon__star-64x64.png" & + fetch_once sun-raw.png \ + 'http://simpleicon.com/wp-content/uploads/sun-64x64.png' & + fetch_once moon-raw.png \ + 'http://simpleicon.com/wp-content/uploads/moon__star-64x64.png' & + fetch_once nightmap-raw.jpg \ + 'https://eoimages.gsfc.nasa.gov/images/imagerecords/144000/144898/BlackMarble_2016_3km.jpg' & + fetch_once daymap-raw.tif \ + 'https://eoimages.gsfc.nasa.gov/images/imagerecords/57000/57752/land_shallow_topo_8192.tif' & + + fetch_older_min 720 ice-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=NISE_D') & + fetch_older_days 3 snow-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD10C1_E_SNOW') & + fetch_older_days 7 chlora-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MY1DMM_CHLORA') & + fetch_older_days 3 fire-raw.jpg $(get_neo_url \ + 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MOD14A1_E_FIRE') & # regular fetches fetch marker.json "$marker_url" & - # fetch daymap twice daily - if ! test "$(find daymap-raw.png -mmin -720)"; then - fetch daymap-raw.png "$daymap_url" & - fi - - # fetch cholrophyl once every week - chlora_url=$(curl -Ss \ - 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=MY1DMM_CHLORA&date=2999-12-31' \ - | grep '3600 x 1800' | sed 's/.*href="\([^"]*\)".*/\1/') - - if ! test "$(find chlora-raw.jpg -mtime -7)"; then - fetch chlora-raw.jpg "$chlora_url" & - fi - wait # fetch clouds if they are older than 3h @@ -96,21 +101,26 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' ${pkgs.nomads-cloud}/bin/nomads-cloud clouds-raw.png fi + check_type sun-raw.png image + check_type moon-raw.png image check_type nightmap-raw.jpg image - check_type daymap-raw.png image + check_type daymap-raw.tif image + check_type ice-raw.jpg image + check_type snow-raw.jpg image + check_type chlora-raw.jpg image + check_type fire-raw.jpg image check_type clouds-raw.png image - in_size=2048x1024 + in_size=3600x1800 xplanet_out_size=1466x1200 out_geometry=1366x768+100+160 - nightsnow_color='#0c1a49' # nightmap - for raw in \ nightmap-raw.jpg \ - daymap-raw.png \ - clouds-raw.png \ + daymap-raw.tif \ + snow-raw.jpg \ chlora-raw.jpg \ + clouds-raw.png \ ; do normal=''${raw%-raw.*}.png @@ -120,6 +130,16 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' fi done + # remove snow from ice map + if needs_rebuild ice.png ice-raw.jpg; then + convert ice-raw.jpg -fuzz 20% -fill black -opaque white -scale "$in_size" ice.png + fi + + # make fire more red + if needs_rebuild fire.png fire-raw.jpg; then + convert fire-raw.jpg -fuzz 20% -fill '#ef840c' -opaque white -scale "$in_size" fire.png + fi + if needs_rebuild sun.png sun-raw.png; then convert sun-raw.png -fill gold -opaque black -resize 50% PNG64:sun.png fi @@ -131,60 +151,22 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' # -- Daymap -- # merge with water chlora layer - convert daymap.png chlora.png -compose lighten -composite daymap-final.png - - # -- Nightmap -- - - # merge with water chlora layer - convert nightmap.png \( -fill black -colorize 70% chlora.png \) \ - -compose lighten -composite nightmap-chlora.png - - # create nightmap-fullsnow, a big blue picture - if needs_rebuild nightmap-fullsnow.png; then - convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png - fi - - # extract daymap-snowmask from daymap-final - if needs_rebuild daymap-snowmask.png daymap.png; then - convert daymap.png -threshold 95% daymap-snowmask.png - fi - - # extract nightmap-lightmask from nightmap - if needs_rebuild nightmap-lightmask.png nightmap.png; then - convert nightmap.png -threshold 25% nightmap-lightmask.png + if needs_rebuild daymap-final.png daymap.png fire.png snow.png ice.png chlora.png; then + convert daymap.png fire.png -compose lighten -composite daymap-1.png + convert daymap-1.png ice.png -compose lighten -composite daymap-2.png + convert daymap-2.png snow.png -compose lighten -composite daymap-3.png + convert daymap-3.png chlora.png -compose lighten -composite daymap-final.png fi - # create layers - make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png - make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png - - # apply layers - flatten nightmap-lightsnowlayer.png \ - nightmap-lightlayer.png \ - nightmap-snowlayer.png - - flatten nightmap-final.png \ - nightmap-lightsnowlayer.png \ - nightmap-chlora.png - + # -- Nightmap -- - # create marker file from json - if [ -s marker.json ]; then - jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file - echo 'position=sun image=sun.png' >> marker_file - echo 'position=moon image=moon.png' >> marker_file + if needs_rebuild nightmap-final.png nightmap.png fire.png snow.png ice.png chlora.png; then + convert nightmap.png fire.png -compose lighten -composite nightmap-1.png + convert nightmap-1.png \( -fill black -colorize 70% ice.png \) -compose lighten -composite nightmap-2.png + convert nightmap-2.png \( -fill black -colorize 70% snow.png \) -compose lighten -composite nightmap-3.png + convert nightmap-3.png \( -fill black -colorize 70% chlora.png \) -compose lighten -composite nightmap-final.png fi - # make all unmodified files as final - for normal in \ - clouds.png \ - ; - do - final=''${normal%.png}-final.png - needs_rebuild $final && - ln $normal $final - done - # rebuild every time to update shadow xplanet --num_times 1 --geometry $xplanet_out_size \ --output xplanet-output.png --projection merc \ @@ -193,7 +175,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' "Earth" map=daymap-final.png night_map=nightmap-final.png - cloud_map=clouds-final.png + cloud_map=clouds.png cloud_threshold=1 cloud_gamma=2.5 shade=15 @@ -206,7 +188,7 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' "Earth" map=daymap-final.png night_map=nightmap-final.png - cloud_map=clouds-final.png + cloud_map=clouds.png cloud_threshold=1 cloud_gamma=2.5 marker_file=marker_file -- cgit v1.3.1 From a0347a6443ac07bbb986080dafe44af4a25e0f98 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 25 Mar 2020 18:14:04 +0100 Subject: realwallpaper: add HD version with planets and krebs --- krebs/3modules/realwallpaper.nix | 1 + krebs/5pkgs/simple/realwallpaper/default.nix | 90 ++++++++++++++++++++++++++-- 2 files changed, 87 insertions(+), 4 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index 7a0052a4f..cfa8a65ba 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -45,6 +45,7 @@ let path = with pkgs; [ xplanet imagemagick + inkscape curl file jq diff --git a/krebs/5pkgs/simple/realwallpaper/default.nix b/krebs/5pkgs/simple/realwallpaper/default.nix index dfe03ff35..1dd5e00e8 100644 --- a/krebs/5pkgs/simple/realwallpaper/default.nix +++ b/krebs/5pkgs/simple/realwallpaper/default.nix @@ -82,6 +82,24 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' fetch_once daymap-raw.tif \ 'https://eoimages.gsfc.nasa.gov/images/imagerecords/57000/57752/land_shallow_topo_8192.tif' & + fetch_once mercury-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/2/2e/Mercury_symbol.svg' & + fetch_once venus-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/6/66/Venus_symbol.svg' & + fetch_once mars-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/b/b7/Mars_symbol.svg' & + fetch_once jupiter-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/2/26/Jupiter_symbol.svg' & + fetch_once saturn-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/7/74/Saturn_symbol.svg' & + fetch_once uranus-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/f/f1/Uranus_symbol.svg' & + fetch_once neptune-raw.svg \ + 'https://upload.wikimedia.org/wikipedia/commons/4/47/Neptune_symbol.svg' & + + fetch_once krebs-raw.svg \ + 'https://raw.githubusercontent.com/krebs/painload/master/cholerab/bling/krebs_aquarium.svg' & + fetch_older_min 720 ice-raw.jpg $(get_neo_url \ 'https://neo.sci.gsfc.nasa.gov/view.php?datasetId=NISE_D') & fetch_older_days 3 snow-raw.jpg $(get_neo_url \ @@ -111,9 +129,19 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' check_type fire-raw.jpg image check_type clouds-raw.png image + check_type mercury-raw.svg image + check_type venus-raw.svg image + check_type mars-raw.svg image + check_type jupiter-raw.svg image + check_type saturn-raw.svg image + check_type uranus-raw.svg image + check_type neptune-raw.svg image + + check_type krebs-raw.svg image + in_size=3600x1800 - xplanet_out_size=1466x1200 - out_geometry=1366x768+100+160 + xplanet_out_size=3600x2950 + out_geometry=3200x1800+300+400 for raw in \ nightmap-raw.jpg \ @@ -141,11 +169,52 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' fi if needs_rebuild sun.png sun-raw.png; then - convert sun-raw.png -fill gold -opaque black -resize 50% PNG64:sun.png + convert sun-raw.png -fill gold -opaque black PNG64:sun.png fi if needs_rebuild moon.png moon-raw.png; then - convert moon-raw.png -fill royalblue -opaque black -resize 50% PNG64:moon.png + convert moon-raw.png -fill royalblue -opaque black PNG64:moon.png + fi + + # -- Planets -- + + if needs_rebuild mercury.png mercury-raw.svg; then + sed -i 's/#000/#A6A6A6/g' mercury-raw.svg + inkscape -z -e mercury.png -w 40 -h 40 mercury-raw.svg + fi + + if needs_rebuild venus.png venus-raw.svg; then + sed -i 's/#000/#C40B98/g' venus-raw.svg + inkscape -z -e venus.png -w 40 -h 40 venus-raw.svg + fi + + if needs_rebuild mars.png mars-raw.svg; then + sed -i 's/#000/#E35A5C/g' mars-raw.svg + inkscape -z -e mars.png -w 40 -h 40 mars-raw.svg + fi + + if needs_rebuild jupiter.png jupiter-raw.svg; then + sed -i 's/#000/#DEA182/g' jupiter-raw.svg + inkscape -z -e jupiter.png -w 40 -h 40 jupiter-raw.svg + fi + + if needs_rebuild saturn.png saturn-raw.svg; then + sed -i 's/#000/#E4C282/g' saturn-raw.svg + inkscape -z -e saturn.png -w 40 -h 40 saturn-raw.svg + fi + + if needs_rebuild uranus.png uranus-raw.svg; then + sed -i 's/#000/#97BCC2/g' uranus-raw.svg + inkscape -z -e uranus.png -w 40 -h 40 uranus-raw.svg + fi + + if needs_rebuild neptune.png neptune-raw.svg; then + sed -i 's/#000/#274687/g' neptune-raw.svg + inkscape -z -e neptune.png -w 40 -h 40 neptune-raw.svg + fi + + if needs_rebuild krebs.png krebs-raw.svg; then + inkscape -z -e krebs.png -w 16 -h 16 krebs-raw.svg fi # -- Daymap -- @@ -167,6 +236,19 @@ pkgs.writers.writeDashBin "generate-wallpaper" '' convert nightmap-3.png \( -fill black -colorize 70% chlora.png \) -compose lighten -composite nightmap-final.png fi + # create marker file from json + if [ -s marker.json ]; then + jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json > marker_file + echo 'position=sun image=sun.png' >> marker_file + echo 'position=moon image=moon.png' >> marker_file + echo 'position=mercury image=mercury.png' >> marker_file + echo 'position=venus image=venus.png' >> marker_file + echo 'position=mars image=mars.png' >> marker_file + echo 'position=jupiter image=jupiter.png' >> marker_file + echo 'position=uranus image=uranus.png' >> marker_file + echo 'position=neptune image=neptune.png' >> marker_file + fi + # rebuild every time to update shadow xplanet --num_times 1 --geometry $xplanet_out_size \ --output xplanet-output.png --projection merc \ -- cgit v1.3.1 From a29d406c681dcc95230db76cc6f0038b98b8adbd Mon Sep 17 00:00:00 2001 From: Jörg Thalheim Date: Sun, 2 Feb 2020 12:48:15 +0000 Subject: m: drop idontcare, add herbert --- krebs/3modules/external/mic92.nix | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/mic92.nix b/krebs/3modules/external/mic92.nix index a748b1454..23ab4f684 100644 --- a/krebs/3modules/external/mic92.nix +++ b/krebs/3modules/external/mic92.nix @@ -144,24 +144,24 @@ in { }; }; }; - idontcare = { + herbert = { owner = config.krebs.users.Mic92; nets = rec { retiolum = { addrs = [ - config.krebs.hosts.idontcare.nets.retiolum.ip4.addr - config.krebs.hosts.idontcare.nets.retiolum.ip6.addr + config.krebs.hosts.herbert.nets.retiolum.ip4.addr + config.krebs.hosts.herbert.nets.retiolum.ip6.addr ]; ip4.addr = "10.243.29.177"; - aliases = [ "idontcare.r" ]; + aliases = [ "herbert.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O - qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A - OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An - lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb - O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw - jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB + MIIBCgKCAQEA7ZINr8YxVwHtcOR+ySpc9UjnJWsFXlOyu3CnrJ8IrY+mPA25UmNZ + stXd8QbJuxpad9HyPs294uW8UmXttEZzIwAlikVHasM5IQHVltudTTFvv7s3YFWd + /lgpHbo8zOA2mafx+Sr02Fy/lHjk6BTf8IOzdJIpUHZL/P+FUl9baBwGLmtbEvPh + fbvtf5QryBjJ9nRnb+wsPVpeFE/LncIMK/bYQsyE01T5QDu/muAaeYPbgm6FqaQH + OJ4oEHsarWBvU1qzgz/IRz0BHHeTrbbP3AG/glTwL02Z1mtTXSjME7cfk7ZRM5Cj + jXAqnqu2m1B08Kii+zYp4BPZDmPLT5gq+QIDAQAB -----END RSA PUBLIC KEY----- ''; }; -- cgit v1.3.1 From 0578d851885e59b317d653982b7b74f10739b9f3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 8 Apr 2020 12:33:08 +0200 Subject: syncthing: use upstream module --- krebs/3modules/default.nix | 1 - krebs/3modules/syncthing.nix | 206 -------------------------------------- lass/1systems/mors/config.nix | 8 +- lass/1systems/xerxes/config.nix | 4 +- lass/2configs/green-host.nix | 2 +- lass/2configs/radio.nix | 4 +- lass/2configs/sync/decsync.nix | 4 +- lass/2configs/sync/weechat.nix | 2 +- lass/2configs/syncthing.nix | 16 +-- lass/2configs/websites/domsen.nix | 6 +- 10 files changed, 24 insertions(+), 229 deletions(-) delete mode 100644 krebs/3modules/syncthing.nix (limited to 'krebs/3modules') diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 6f06f4510..aa06a883d 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -50,7 +50,6 @@ let ./secret.nix ./setuid.nix ./shadow.nix - ./syncthing.nix ./tinc.nix ./tinc_graphs.nix ./urlwatch.nix diff --git a/krebs/3modules/syncthing.nix b/krebs/3modules/syncthing.nix deleted file mode 100644 index 799ed7eda..000000000 --- a/krebs/3modules/syncthing.nix +++ /dev/null @@ -1,206 +0,0 @@ -{ config, pkgs, ... }: with import ; - -let - - kcfg = config.krebs.syncthing; - scfg = config.services.syncthing; - - devices = mapAttrsToList (name: peer: { - name = name; - deviceID = peer.id; - addresses = peer.addresses; - }) kcfg.peers; - - folders = mapAttrsToList ( _: folder: { - inherit (folder) path id type; - devices = map (peer: { deviceId = kcfg.peers.${peer}.id; }) folder.peers; - rescanIntervalS = folder.rescanInterval; - fsWatcherEnabled = folder.watch; - fsWatcherDelayS = folder.watchDelay; - ignoreDelete = folder.ignoreDelete; - ignorePerms = folder.ignorePerms; - }) kcfg.folders; - - getApiKey = pkgs.writeDash "getAPIKey" '' - ${pkgs.libxml2}/bin/xmllint \ - --xpath 'string(configuration/gui/apikey)'\ - ${scfg.configDir}/config.xml - ''; - - updateConfig = pkgs.writeDash "merge-syncthing-config" '' - set -efu - - # XXX this assumes the GUI address to be "IPv4 address and port" - host=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 0)} - port=${shell.escape (elemAt (splitString ":" scfg.guiAddress) 1)} - - # wait for service to restart - ${pkgs.untilport}/bin/untilport "$host" "$port" - - API_KEY=$(${getApiKey}) - - _curl() { - ${pkgs.curl}/bin/curl \ - -Ss \ - -H "X-API-Key: $API_KEY" \ - "http://$host:$port/rest""$@" - } - - old_config=$(_curl /system/config) - new_config=${shell.escape (toJSON { - inherit devices folders; - })} - new_config=$(${pkgs.jq}/bin/jq -en \ - --argjson old_config "$old_config" \ - --argjson new_config "$new_config" \ - ' - $old_config * $new_config - ${optionalString (!kcfg.overridePeers) '' - * { devices: $old_config.devices } - ''} - ${optionalString (!kcfg.overrideFolders) '' - * { folders: $old_config.folders } - ''} - ' - ) - echo $new_config | _curl /system/config -d @- - _curl /system/restart -X POST - ''; - -in - -{ - options.krebs.syncthing = { - - enable = mkEnableOption "syncthing-init"; - - cert = mkOption { - type = types.nullOr types.absolute-pathname; - default = null; - }; - - key = mkOption { - type = types.nullOr types.absolute-pathname; - default = null; - }; - - overridePeers = mkOption { - type = types.bool; - default = true; - description = '' - Whether to delete the peers which are not configured via the peers option - ''; - }; - peers = mkOption { - default = {}; - type = types.attrsOf (types.submodule ({ - options = { - - # TODO make into addr + port submodule - addresses = mkOption { - type = types.listOf types.str; - default = []; - }; - - #TODO check - id = mkOption { - type = types.str; - }; - - }; - })); - }; - - overrideFolders = mkOption { - type = types.bool; - default = true; - description = '' - Whether to delete the folders which are not configured via the peers option - ''; - }; - folders = mkOption { - default = {}; - type = types.attrsOf (types.submodule ({ config, ... }: { - options = { - - path = mkOption { - type = types.absolute-pathname; - default = config._module.args.name; - }; - - id = mkOption { - type = types.str; - default = config._module.args.name; - }; - - peers = mkOption { - type = types.listOf types.str; - default = []; - }; - - rescanInterval = mkOption { - type = types.int; - default = 3600; - }; - - type = mkOption { - type = types.enum [ "sendreceive" "sendonly" "receiveonly" ]; - default = "sendreceive"; - }; - - watch = mkOption { - type = types.bool; - default = true; - }; - - watchDelay = mkOption { - type = types.int; - default = 10; - }; - - ignoreDelete = mkOption { - type = types.bool; - default = false; - }; - - ignorePerms = mkOption { - type = types.bool; - default = true; - }; - - }; - })); - }; - }; - - config = mkIf kcfg.enable { - - systemd.services.syncthing = mkIf (kcfg.cert != null || kcfg.key != null) { - serviceConfig.PermissionsStartOnly = mkDefault true; - preStart = '' - ${optionalString (kcfg.cert != null) '' - cp ${toString kcfg.cert} ${scfg.configDir}/cert.pem - chown ${scfg.user}:${scfg.group} ${scfg.configDir}/cert.pem - chmod 400 ${scfg.configDir}/cert.pem - ''} - ${optionalString (kcfg.key != null) '' - cp ${toString kcfg.key} ${scfg.configDir}/key.pem - chown ${scfg.user}:${scfg.group} ${scfg.configDir}/key.pem - chmod 400 ${scfg.configDir}/key.pem - ''} - ''; - }; - - systemd.services.syncthing-init = { - after = [ "syncthing.service" ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - User = scfg.user; - RemainAfterExit = true; - Type = "oneshot"; - ExecStart = updateConfig; - }; - }; - }; -} diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index 03ff42132..fe0b6d85b 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -49,17 +49,17 @@ with import ; ]; } { - krebs.syncthing = { - peers.schasch.addresses = [ "schasch.r:22000" ]; + services.syncthing.declarative = { + devices.schasch.addresses = [ "schasch.r:22000" ]; folders = { the_playlist = { path = "/home/lass/tmp/the_playlist"; - peers = [ "mors" "phone" "prism" "xerxes" ]; + devices = [ "mors" "phone" "prism" "xerxes" ]; }; free_music = { id = "mu9mn-zgvsw"; path = "/home/lass/tmp/free_music"; - peers = [ "mors" "schasch" ]; + devices = [ "mors" "schasch" ]; }; }; }; diff --git a/lass/1systems/xerxes/config.nix b/lass/1systems/xerxes/config.nix index 8630d0f4b..e4a4fb505 100644 --- a/lass/1systems/xerxes/config.nix +++ b/lass/1systems/xerxes/config.nix @@ -41,11 +41,11 @@ displayManager.lightdm.autoLogin.user = "lass"; }; - krebs.syncthing = { + services.syncthing.declarative = { folders = { the_playlist = { path = "/home/lass/tmp/the_playlist"; - peers = [ "mors" "phone" "prism" "xerxes" ]; + devices = [ "mors" "phone" "prism" "xerxes" ]; }; }; }; diff --git a/lass/2configs/green-host.nix b/lass/2configs/green-host.nix index 1421eede7..0cccbc30e 100644 --- a/lass/2configs/green-host.nix +++ b/lass/2configs/green-host.nix @@ -20,7 +20,7 @@ with import ; } ]; - krebs.syncthing.folders."/var/lib/sync-containers".peers = [ "icarus" "skynet" "littleT" "shodan" ]; + services.syncthing.declarative.folders."/var/lib/sync-containers".devices = [ "icarus" "skynet" "littleT" "shodan" ]; krebs.permown."/var/lib/sync-containers" = { owner = "root"; group = "syncthing"; diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 1a5aadeba..74b15a0ab 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -277,9 +277,9 @@ in { alias ${html}; ''; }; - krebs.syncthing.folders."the_playlist" = { + services.syncthing.declarative.folders."the_playlist" = { path = "/home/radio/music/the_playlist"; - peers = [ "mors" "phone" "prism" "xerxes" ]; + devices = [ "mors" "phone" "prism" "xerxes" ]; }; krebs.permown."/home/radio/music/the_playlist" = { owner = "radio"; diff --git a/lass/2configs/sync/decsync.nix b/lass/2configs/sync/decsync.nix index c3f6511c2..9caefdd2d 100644 --- a/lass/2configs/sync/decsync.nix +++ b/lass/2configs/sync/decsync.nix @@ -1,7 +1,7 @@ { - krebs.syncthing.folders.decsync = { + services.syncthing.declarative.folders.decsync = { path = "/home/lass/decsync"; - peers = [ "mors" "blue" "green" "phone" ]; + devices = [ "mors" "blue" "green" "phone" ]; }; krebs.permown."/home/lass/decsync" = { owner = "lass"; diff --git a/lass/2configs/sync/weechat.nix b/lass/2configs/sync/weechat.nix index 30c7b262b..ccbfc75a1 100644 --- a/lass/2configs/sync/weechat.nix +++ b/lass/2configs/sync/weechat.nix @@ -1,5 +1,5 @@ { - krebs.syncthing.folders."/home/lass/.weechat".peers = [ "blue" "green" "mors" ]; + services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "blue" "green" "mors" ]; krebs.permown."/home/lass/.weechat" = { owner = "lass"; group = "syncthing"; diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index d4df17b9a..5397c2ca6 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -7,18 +7,20 @@ in { enable = true; group = "syncthing"; configDir = "/var/lib/syncthing"; + declarative = { + key = toString ; + cert = toString ; + devices = mk_peers all_peers; + folders."/home/lass/sync" = { + devices = attrNames (filterAttrs (n: v: n != "phone") own_peers); + # ignorePerms = false; + }; + }; }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 22000"; target = "ACCEPT";} { predicate = "-p udp --dport 21027"; target = "ACCEPT";} ]; - krebs.syncthing = { - enable = true; - cert = toString ; - key = toString ; - peers = mk_peers all_peers; - folders."/home/lass/sync".peers = attrNames (filterAttrs (n: v: n != "phone") own_peers); - }; system.activationScripts.syncthing-home = '' ${pkgs.coreutils}/bin/chmod a+x /home/lass diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 80ed12edc..bd113567f 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -270,14 +270,14 @@ in { }; boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576"; - krebs.syncthing.folders = { + services.syncthing.declarative.folders = { domsen-backups = { path = "/backups/domsen"; - peers = [ "domsen-backup" ]; + devices = [ "domsen-backup" ]; }; domsen-backup-srv-http = { path = "/srv/http"; - peers = [ "domsen-backup" ]; + devices = [ "domsen-backup" ]; }; }; -- cgit v1.3.1 From 7b72fc3de26431c0b739b9572984f5be768030b3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Apr 2020 10:34:27 +0200 Subject: ci: fetch every 100s --- krebs/3modules/ci.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/ci.nix b/krebs/3modules/ci.nix index 7695667fd..50db0b971 100644 --- a/krebs/3modules/ci.nix +++ b/krebs/3modules/ci.nix @@ -52,7 +52,7 @@ let "${url}", workdir='${name}-${elemAt(splitString "." url) 1}', branches=True, project='${name}', - pollinterval=10 + pollinterval=100 ) ) '') repo.urls) -- cgit v1.3.1 From 0cb8ab061a8aa5691e6fc78c8552c18ab035fe53 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 11 Apr 2020 17:06:24 +0200 Subject: hidden-ssh: add message option --- krebs/3modules/hidden-ssh.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'krebs/3modules') diff --git a/krebs/3modules/hidden-ssh.nix b/krebs/3modules/hidden-ssh.nix index 2d697e497..f497de451 100644 --- a/krebs/3modules/hidden-ssh.nix +++ b/krebs/3modules/hidden-ssh.nix @@ -19,6 +19,10 @@ let type = types.str; default = "irc.freenode.org"; }; + message = mkOption { + type = types.str; + default = "SSH Hidden Service at "; + }; }; imp = let @@ -50,7 +54,7 @@ let ${pkgs.irc-announce}/bin/irc-announce \ ${cfg.server} 6667 ${config.krebs.build.host.name}-ssh \ \${cfg.channel} \ - "SSH Hidden Service at $(cat ${hiddenServiceDir}/hostname)" + "${cfg.message}$(cat ${hiddenServiceDir}/hostname)" ''; PrivateTmp = "true"; User = "tor"; -- cgit v1.3.1 From fd178641b03886b1b732330f60226903011ccdc4 Mon Sep 17 00:00:00 2001 From: xkey <(xkey@freenode)> Date: Tue, 14 Apr 2020 20:43:39 +0200 Subject: external: add catalonia --- krebs/3modules/external/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 1d73fade2..b437456ec 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -373,6 +373,30 @@ in { syncthing.id = "22NLFY5-QMRM3BH-76QIBYI-OPMKVGM-DU4FNZI-3KN2POF-V4WIC6M-2SFFUAC"; nets = {}; }; + catalonia = { + owner = config.krebs.users.xkey; + nets = { + retiolum = { + ip4.addr = "10.243.13.12"; + aliases = [ "catalonia.r" ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIICCgKCAgEAug+nej8/spuRHdzcfBYAuzUVoiq4YufmJqXSshvgf4aqjeVEt91Y + gT6iBN8IKnMjYk3bAS7MxmgiyVE17MQlaQi0RSYY47M8I9TvCYtWX/FcXuP9e6CA + VcalDUNpy2qNB+yEE8gMa8vDA3smKk/iK47jTtpWoPtvejLK/SCi8RdlYjKlOErE + Yl9mCniGD1WEYgdrjf6Nl7av6uuGYNibivIMkB2JyGwGGmzvP+oBFi2Cwarw8K2e + FK2VGrAfkgiP5rTPACHseoeCsJtRLozgzYzmS5M9XhP5ZoPkbtR/pL5btCwoCTlZ + HotmLVg4DezbPjNOBB9gtJF4UuzQjSPNY6K1VvvLOhDwXdyln82LuNcm9l+cy9y3 + mGeSvqOouBugDqie6OpkF0KrRwlGQVwzwtnDohGd/5f7TbiPf1QjC+JP/m4mxZl3 + zE0BCOct9b4hUc/CFto71CPlytSbTsMhfJAn8JxttGvsWIAj+dQ0iuLXfLDflWt6 + sImmnOo28YInvFx6pKoxTwcV1AVrPWn5TSePhZM50dmzs0exltOISFECDhpPabU3 + ZymRCze8fH9Z3SHxfxTlTZV7IaW2kpyyBe1KsWpM46gLPk5icX+Xc6mdGwbdGBpf + vDZ+BoHCjq9FfQrAu1+E83yCYyu+3fWrLSgYyrqjg0gPcCcnb1g6hqECAwEAAQ== + -----END RSA PUBLIC KEY----- + ''; + }; + }; + }; }; users = { ciko = { @@ -421,6 +445,7 @@ in { mail = "xq@shackspace.de"; pubkey = ssh-for "xq"; }; + xkey = {}; miaoski = { }; filly = { -- cgit v1.3.1