From 9f9a53723bd79b029d398c0542a686bd8ed56151 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 00:59:40 +0100 Subject: l blue-host: fix permissions --- lass/2configs/blue-host.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lass') diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix index be9f68c08..e80ce326a 100644 --- a/lass/2configs/blue-host.nix +++ b/lass/2configs/blue-host.nix @@ -23,6 +23,12 @@ in { ''; } ]; + + system.activationScripts.containerPermissions = '' + mkdir -p /var/lib/containers + chmod 711 /var/lib/containers + ''; + containers.blue = { config = { ... }: { environment.systemPackages = [ -- cgit v1.3.1 From 304059b1da4ac256d1487e83a7280d0db6615c2d Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 01:00:14 +0100 Subject: l blue-host: sync also owner and group --- lass/2configs/blue-host.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lass') diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix index e80ce326a..6d46cb8c1 100644 --- a/lass/2configs/blue-host.nix +++ b/lass/2configs/blue-host.nix @@ -80,6 +80,10 @@ in { source = "/var/lib/containers/.blue", host = "${host}.r", targetdir = "/var/lib/containers/.blue", + rsync = { + owner = true, + group = true, + }; ssh = { binary = "${pkgs.openssh}/bin/ssh"; identityFile = "/var/lib/containers/blue/home/lass/.ssh/id_rsa", -- cgit v1.3.1 From a1c261d61b243549bb2525da57bf3fada805f7f5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 01:00:59 +0100 Subject: l blue-host: dry-build blue first --- lass/2configs/blue-host.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lass') diff --git a/lass/2configs/blue-host.nix b/lass/2configs/blue-host.nix index 6d46cb8c1..fba996743 100644 --- a/lass/2configs/blue-host.nix +++ b/lass/2configs/blue-host.nix @@ -99,14 +99,15 @@ in { environment.systemPackages = [ (pkgs.writeDashBin "start-blue" '' set -ef - if ping -c1 blue.r >/dev/null; then - echo 'blue is already running. bailing out' - exit 23 - fi if ! $(mount | ${pkgs.gnugrep}/bin/grep -qi '^encfs on /var/lib/containers/blue'); then ${pkgs.encfs}/bin/encfs --public /var/lib/containers/.blue /var/lib/containers/blue fi nixos-container start blue + nixos-container run blue -- nixos-rebuild -I /var/src dry-build + if ping -c1 blue.r >/dev/null; then + echo 'blue is already running. bailing out' + exit 23 + fi nixos-container run blue -- nixos-rebuild -I /var/src switch '') ]; -- cgit v1.3.1 From f19b35b7ab0a272724d39b8cfd65181e220c727a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 01:01:16 +0100 Subject: l fetchWallpaper: remove maxTime --- lass/2configs/fetchWallpaper.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/fetchWallpaper.nix b/lass/2configs/fetchWallpaper.nix index e756c3424..065ee9c42 100644 --- a/lass/2configs/fetchWallpaper.nix +++ b/lass/2configs/fetchWallpaper.nix @@ -7,7 +7,6 @@ in { enable = true; unitConfig.ConditionPathExists = "!/var/run/ppp0.pid"; url = "prism/realwallpaper-krebs.png"; - maxTime = 10; }; } -- cgit v1.3.1 From 8a6fd4d0044259574fec1b16d3ea441aee5eedda Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 01:01:56 +0100 Subject: l radio: add mp3 stream --- lass/2configs/radio.nix | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index bf6855804..85faded14 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -60,10 +60,25 @@ in { group = "radio"; musicDirectory = "/home/radio/the_playlist/music"; extraConfig = '' + audio_output { + type "shout" + encoding "lame" + name "the_playlist_mp3" + host "localhost" + port "8000" + mount "/radio.mp3" + password "${source-password}" + bitrate "128" + + format "44100:16:2" + + user "source" + genre "good music" + } audio_output { type "shout" encoding "ogg" - name "the_playlist" + name "the_playlist_ogg" host "localhost" port "8000" mount "/radio.ogg" -- cgit v1.3.1 From d1020af2b3aac2d823240627980f846e6dc9797c Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 04:01:13 +0100 Subject: l: add ssl for cache.{krebsco.de,lassul.us} --- lass/2configs/binary-cache/server.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'lass') diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index 220e41d0a..86158c468 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -20,7 +20,14 @@ services.nginx = { enable = true; virtualHosts.nix-serve = { - serverAliases = [ "cache.prism.r" "cache.krebsco.de" "cache.lassul.us" ]; + serverAliases = [ "cache.prism.r" ]; + locations."/".extraConfig = '' + proxy_pass http://localhost:${toString config.services.nix-serve.port}; + ''; + }; + virtualHosts."cache.krebsco.de" = { + serverAliases = [ "cache.lassul.us" ]; + enableACME = true; locations."/".extraConfig = '' proxy_pass http://localhost:${toString config.services.nix-serve.port}; ''; -- cgit v1.3.1 From 42405d18cffbf9ef42ea5e29f0c3ae9ab607471a Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 04:01:58 +0100 Subject: l: add lesswrong@lassul.us --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index bf43ee7d1..9bb70d1c2 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -92,6 +92,7 @@ with import ; { from = "ccc@lassul.us"; to = lass.mail; } { from = "neocron@lassul.us"; to = lass.mail; } { from = "osmocom@lassul.us"; to = lass.mail; } + { from = "lesswrong@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.3.1 From eef1d7877defd7c310dc20f62bf96c7b8f408044 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 04:02:22 +0100 Subject: l mails: add dn42 vbox --- lass/2configs/mail.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass') diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index b5bbea750..9ea91ae19 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -47,6 +47,7 @@ let ]; dezentrale = [ "to:dezentrale.space" ]; dhl = [ "to:dhl@lassul.us" ]; + dn42 = [ "to:dn42@lists.nox.tf" ]; eloop = [ "to:eloop.org" ]; github = [ "to:github@lassul.us" ]; gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ]; -- cgit v1.3.1 From 61f1aba8bc69dc522710d5871545cf4b4ec8645b Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 27 Nov 2018 21:06:20 +0100 Subject: * krops: get nixpkgs from store for ci --- jeschli/krops.nix | 2 ++ krebs/krops.nix | 16 +++++++++++++++- lass/krops.nix | 2 ++ makefu/krops.nix | 12 +++++++++++- tv/krops.nix | 2 ++ 5 files changed, 32 insertions(+), 2 deletions(-) (limited to 'lass') diff --git a/jeschli/krops.nix b/jeschli/krops.nix index d45d57c63..fff014377 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -1,11 +1,13 @@ { name }: let inherit (import ../krebs/krops.nix { inherit name; }) + krebs-nixpkgs krebs-source lib pkgs ; source = { test }: lib.evalSource [ + (krebs-nixpkgs { test = test; }) krebs-source { nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; diff --git a/krebs/krops.nix b/krebs/krops.nix index 763e76b83..425fba8f5 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -7,11 +7,24 @@ # TODO document why pkgs should be used like this pkgs = import "${krops}/pkgs" {}; - krebs-source = { + krebs-nixpkgs = { test ? false }: if test then { + nixpkgs.file = { + path = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ./nixpkgs.json).rev; + sha256 = (lib.importJSON ./nixpkgs.json).sha256; + }); + useChecksum = true; + }; + } else { nixpkgs.git = { ref = (lib.importJSON ./nixpkgs.json).rev; url = https://github.com/NixOS/nixpkgs; }; + }; + + krebs-source = { stockholm.file = toString ../.; stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" '' set -efu @@ -28,6 +41,7 @@ }; source ={ test }: lib.evalSource [ + (krebs-nixpkgs { test = test; }) krebs-source { nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; diff --git a/lass/krops.nix b/lass/krops.nix index c2669c8f2..26668de65 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -1,5 +1,6 @@ { name }: let inherit (import ../krebs/krops.nix { inherit name; }) + krebs-nixpkgs krebs-source lib pkgs @@ -12,6 +13,7 @@ ; source = { test }: lib.evalSource [ + (krebs-nixpkgs { test = test; }) krebs-source { nixos-config.symlink = "stockholm/lass/1systems/${name}/physical.nix"; diff --git a/makefu/krops.nix b/makefu/krops.nix index 2b43d541d..6c510eba3 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -23,7 +23,17 @@ { # nixos-18.09 @ 2018-09-18 # + uhub/sqlite: 5dd7610401747 - nixpkgs = if test || host-src.full then { + nixpkgs = if test then { + file = { + path = toString (pkgs.fetchFromGitHub { + owner = "makefu"; + repo = "nixpkgs"; + rev = nixpkgs-src.rev; + sha256 = nixpkgs-src.sha256; + }); + useChecksum = true; + }; + } else if host-src.full then { git.ref = nixpkgs-src.rev; git.url = nixpkgs-src.url; } else if host-src.arm6 then { diff --git a/tv/krops.nix b/tv/krops.nix index e922630f7..3b60d3208 100644 --- a/tv/krops.nix +++ b/tv/krops.nix @@ -1,12 +1,14 @@ { name }: rec { inherit (import ../krebs/krops.nix { inherit name; }) + krebs-nixpkgs krebs-source lib pkgs ; source = lib.evalSource [ + (krebs-nixpkgs { test = true; }) krebs-source { nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; -- cgit v1.3.1 From 95f6255f586e93e096d56de75add76d7560b9df1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 28 Nov 2018 21:30:46 +0100 Subject: * krops: merge krebs-nixpkgs into krebs-source --- jeschli/krops.nix | 4 +--- krebs/krops.nix | 38 ++++++++++++++++++-------------------- lass/krops.nix | 4 +--- tv/krops.nix | 4 +--- 4 files changed, 21 insertions(+), 29 deletions(-) (limited to 'lass') diff --git a/jeschli/krops.nix b/jeschli/krops.nix index fff014377..989abcdd0 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -1,14 +1,12 @@ { name }: let inherit (import ../krebs/krops.nix { inherit name; }) - krebs-nixpkgs krebs-source lib pkgs ; source = { test }: lib.evalSource [ - (krebs-nixpkgs { test = test; }) - krebs-source + (krebs-source { test = test; }) { nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; secrets = if test then { diff --git a/krebs/krops.nix b/krebs/krops.nix index 1058e73c0..ab7524941 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -7,28 +7,27 @@ # TODO document why pkgs should be used like this pkgs = import "${krops}/pkgs" {}; - krebs-nixpkgs = { test ? false }: if test then { - nixpkgs.file = { - path = toString (pkgs.fetchFromGitHub { - owner = "nixos"; - repo = "nixpkgs"; - rev = (lib.importJSON ./nixpkgs.json).rev; - sha256 = (lib.importJSON ./nixpkgs.json).sha256; - }); - useChecksum = true; - }; - } else { - nixpkgs.git = { - ref = (lib.importJSON ./nixpkgs.json).rev; - url = https://github.com/NixOS/nixpkgs; + krebs-source = { test ? false }: rec { + nixpkgs = if test then { + file = { + path = toString (pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ./nixpkgs.json).rev; + sha256 = (lib.importJSON ./nixpkgs.json).sha256; + }); + useChecksum = true; + }; + } else { + git = { + ref = (lib.importJSON ./nixpkgs.json).rev; + url = https://github.com/NixOS/nixpkgs; + }; }; - }; - - krebs-source = { stockholm.file = toString ../.; stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" '' set -efu - cd ${lib.escapeShellArg krebs-source.stockholm.file} + cd ${lib.escapeShellArg stockholm.file} V=$(${pkgs.coreutils}/bin/date +%y.%m) if test -d .git; then V=$V.git.$(${pkgs.git}/bin/git describe --always --dirty) @@ -41,8 +40,7 @@ }; source ={ test }: lib.evalSource [ - (krebs-nixpkgs { test = test; }) - krebs-source + (krebs-source { test = test; }) { nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; secrets = if test then { diff --git a/lass/krops.nix b/lass/krops.nix index 26668de65..d64454ea5 100644 --- a/lass/krops.nix +++ b/lass/krops.nix @@ -1,6 +1,5 @@ { name }: let inherit (import ../krebs/krops.nix { inherit name; }) - krebs-nixpkgs krebs-source lib pkgs @@ -13,8 +12,7 @@ ; source = { test }: lib.evalSource [ - (krebs-nixpkgs { test = test; }) - krebs-source + (krebs-source { test = test; }) { nixos-config.symlink = "stockholm/lass/1systems/${name}/physical.nix"; secrets = if test then { diff --git a/tv/krops.nix b/tv/krops.nix index 3b60d3208..af0e8616a 100644 --- a/tv/krops.nix +++ b/tv/krops.nix @@ -1,15 +1,13 @@ { name }: rec { inherit (import ../krebs/krops.nix { inherit name; }) - krebs-nixpkgs krebs-source lib pkgs ; source = lib.evalSource [ - (krebs-nixpkgs { test = true; }) - krebs-source + (krebs-source { test = true; }) { nixos-config.symlink = "stockholm/tv/1systems/${name}/config.nix"; secrets.file = toString ./dummy_secrets; -- cgit v1.3.1 [cgit] Unable to lock slot /tmp/cgit/b9000000.lock: No such file or directory (2)