clerie/vcp-bula-nixfiles
1
0
Fork 0
Code Releases Activity

Compare commits

base: clerie:01560fbcadd3296cce1ea5d8b8167c338fcb9484
Branches Tags
clerie:main
..
compare: clerie:b9a581c63f898d95f4885a83141edc959c6cfdbd
Branches Tags
clerie:main

No commits in common. "01560fbcadd3296cce1ea5d8b8167c338fcb9484" and "b9a581c63f898d95f4885a83141edc959c6cfdbd" have entirely different histories.
01560fbcad ... b9a581c63f

25 changed files with 185 additions and 617 deletions
Show Stats Expand all files Collapse all files

17
README.md
View File

@ -1,18 +1 @@
# VCP Bundeslager 2022 Nixfiles # VCP Bundeslager 2022 Nixfiles
## How to deploy
```
./deploy.sh apply switch --on vpn7
```
or to deploy all gateways:
```
./deploy.sh apply switch --on gateway
```
There is a special case for the nixdeploy-host:
```
./deploy.sh apply-local switch --sudo --node nixdeploy
```

64
common/common/default.nix Normal file
View File

@ -0,0 +1,64 @@
{ config, pkgs, ... }:
{
imports =
[ #
];
# Set your time zone.
time.timeZone = "Europe/Berlin";
networking.useDHCP = false;
networking.firewall.allowedTCPPorts = [ 19999 ];
services.netdata.enable = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "de-latin1";
};
programs.zsh = {
enable = true;
histSize = 10000;
autosuggestions.enable = true;
enableBashCompletion = true;
syntaxHighlighting.enable = true;
promptInit = ''
source ~/.zkbd/$TERM-''${''${DISPLAY:t}:-''$VENDOR-''$OSTYPE}
[[ -n ''${key[Left]} ]] && bindkey "''${key[Left]}" backward-char
[[ -n ''${key[Right]} ]] && bindkey "''${key[Right]}" forward-char
bindkey "''${key[Up]}" up-line-or-search
bindkey "''${key[Home]}" beginning-of-line
bindkey "''${key[End]}" end-of-line
bindkey "''${key[Delete]}" delete-char
function command_not_found_handler() { command-not-found $1 }
alias cat='bat'
eval "$(direnv hook zsh)"
eval "$(starship init zsh)"
'';
};
programs.starship.enable = true;
programs.mtr.enable = true;
nix.settings = {
trusted-users = [ "@wheel" ];
auto-optimise-store = true;
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 14d";
};
nix.extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
services.openssh = {
enable = true;
passwordAuthentication = false;
kbdInteractiveAuthentication = false;
permitRootLogin = "yes";
};
}

76
common/default.nix
View File

@ -1,76 +0,0 @@
{ config, pkgs, ... }:
{
imports = [ ../users ];
# Set your time zone.
time.timeZone = "Europe/Berlin";
# networking.useDHCP = false; TODO: why was this globally disabled?
networking.firewall.allowedTCPPorts = [ 19999 ];
services.netdata.enable = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "de-latin1";
};
environment.systemPackages = with pkgs; [
wget
vim
tmux
screen
mtr
tcpdump
bat
direnv
starship
];
programs.zsh = {
enable = true;
histSize = 10000;
autosuggestions.enable = true;
enableBashCompletion = true;
syntaxHighlighting.enable = true;
promptInit = ''
source ~/.zkbd/$TERM-''${''${DISPLAY:t}:-$VENDOR-$OSTYPE}
[[ -n ''${key[Left]} ]] && bindkey "''${key[Left]}" backward-char
[[ -n ''${key[Right]} ]] && bindkey "''${key[Right]}" forward-char
bindkey "''${key[Up]}" up-line-or-search
bindkey "''${key[Home]}" beginning-of-line
bindkey "''${key[End]}" end-of-line
bindkey "''${key[Delete]}" delete-char
function command_not_found_handler() { command-not-found $1 }
alias cat='bat'
eval "$(direnv hook zsh)"
eval "$(starship init zsh)"
'';
};
programs.starship.enable = true;
programs.mtr.enable = true;
nix.settings = {
trusted-users = [ "@wheel" ];
auto-optimise-store = true;
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 14d";
};
nix.extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
services.openssh = {
enable = true;
passwordAuthentication = false;
kbdInteractiveAuthentication = false;
permitRootLogin = "yes";
};
security.sudo.wheelNeedsPassword = false;
}

6
deploy.sh
View File

@ -1,6 +0,0 @@
#!/usr/bin/env bash
DEPLOY_HOST="nixdeploy.bula22.de"
rsync -r . ${DEPLOY_HOST}:bula-nixfiles/
ssh -tA ${DEPLOY_HOST} "cd bula-nixfiles && colmena $@"

27
flake.lock
View File

@ -1,27 +0,0 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1657114324,
"narHash": "sha256-fWuaUNXrHcz/ciHRHlcSO92dvV3EVS0GJQUSBO5JIB4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a5c867d9fe9e4380452628e8f171c26b69fa9d3d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

62
flake.nix
View File

@ -1,41 +1,25 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs = { nixpkgs, ... }: {
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [ (final: prev: import ./packages final prev) ];
};
};
defaults = { config, lib, name, ... }: {
imports = [
(./. + "/hosts/${name}/configuration.nix")
./modules
./common
];
deployment.targetUser = null;
};
nixdeploy = {...}: {
deployment.targetHost = "nixdeploy.bula22.de";
deployment.allowLocalDeployment = true;
};
pre-router = { config, pkgs, ... }: {
deployment.targetHost = "lightbuffet.entr0py.cloud";
deployment.keys = {
};
};
pre-yate-n0emis = { config, pkgs, ... }: {
deployment.targetHost = "2001:470:7694::5e5";
};
}; };
}; outputs = { nixpkgs, ... }: {
} colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
};
};
pre-router = { config, pkgs, ... }:{
imports = [./hosts/pre-router/configuration.nix];
deployment.targetHost = "lightbuffet.entr0py.cloud";
deployment.keys = {
};
};
};
};
}

40
hosts/nixdeploy/configuration.nix
View File

@ -1,40 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "nixdeploy";
networking.useNetworkd = true;
systemd.network = {
links."10-eth0" = {
matchConfig.MACAddress = "5e:1b:ed:a2:91:d1";
linkConfig.Name = "eth0";
};
networks."10-eth0" = {
matchConfig = {
Name = "eth0";
};
DHCP = "yes";
address = [ "2a01:4f8:1c0c:8221:1337:42:10:1/64" ];
};
};
environment.systemPackages = with pkgs; [ colmena ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}

37
hosts/nixdeploy/hardware-configuration.nix
View File

@ -1,37 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/ab8ef984-07ee-47a4-a92d-59f57aee1018";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/73F5-5E82";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

86
hosts/pre-router/configuration.nix
View File

@ -9,7 +9,7 @@
./dns.nix ./dns.nix
./ipv6.nix ./ipv6.nix
./nginx.nix ./nginx.nix
]; ];
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
@ -17,12 +17,94 @@
networking.hostName = "pre-router"; # Define your hostname. networking.hostName = "pre-router"; # Define your hostname.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# The global useDHCP flag is deprecated, therefore explicitly set to false here. # The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config # Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour. # replicates the default behaviour.
networking.useDHCP = false; networking.useDHCP = false;
#networking.interfaces.ens18.useDHCP = false; #networking.interfaces.ens18.useDHCP = false;
#networking.interfaces.ens19.useDHCP = false; #networking.interfaces.ens19.useDHCP = false;
networking.firewall.allowedTCPPorts = [ 19999 ];
services.netdata.enable = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "de-latin1";
};
users.users.garionion = {
isNormalUser = true;
shell = pkgs.zsh;
packages = with pkgs; [
wget vim screen mtr iperf
htop dstat dnsutils nettools tcpdump
git bat starship direnv
];
hashedPassword = "$6$NMzXsfARs2HVA4iq$55uxWCANME/HsjIg9HmZyxqGwlr7RpJfCcMad2OhbmUiHhdnOh/v9TDwT3Vt0mu9HE37Fh3b1g2yyEa3Dxxg80";
extraGroups = [ "wheel" ]; # Enable sudo for the user.
openssh.authorizedKeys.keys = ["ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGw3Yuee8oSXSEqmoMzrqQrUizKV9sJbJMxAUC01wxvbxevAqFEpiGrznnu3K0HN3sfKItjqGkNDPDQ+mIlQwdwJAE0GyJIx9CMvo1RPugKSJ5rFh/vEgJTNMPaeYUb/L2rn3WEZHrZI5wwf+z4ljSHCVetAnaMKjk/+QQWgBHdvNImmA== gari@darwin"];
};
programs.zsh = {
enable = true;
histSize = 10000;
autosuggestions.enable = true;
enableBashCompletion = true;
syntaxHighlighting.enable = true;
promptInit = ''
source ~/.zkbd/$TERM-''${''${DISPLAY:t}:-''$VENDOR-''$OSTYPE}
[[ -n ''${key[Left]} ]] && bindkey "''${key[Left]}" backward-char
[[ -n ''${key[Right]} ]] && bindkey "''${key[Right]}" forward-char
bindkey "''${key[Up]}" up-line-or-search
bindkey "''${key[Home]}" beginning-of-line
bindkey "''${key[End]}" end-of-line
bindkey "''${key[Delete]}" delete-char
function command_not_found_handler() { command-not-found $1 }
alias cat='bat'
eval "$(direnv hook zsh)"
eval "$(starship init zsh)"
'';
};
programs.starship = {
enable = true;
settings = {
# add_newline = false;
# character = {
# success_symbol = "[➜](bold green)";
# error_symbol = "[➜](bold red)";
# };
# package.disabled = true;
};
};
programs.mtr.enable = true;
nix.settings = {
trusted-users = [ "@wheel" ];
auto-optimise-store = true;
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 14d";
};
nix.extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
# List services that you want to enable:
services.openssh = {
enable = true;
passwordAuthentication = false;
kbdInteractiveAuthentication = false;
permitRootLogin = "yes";
};
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
@ -32,4 +114,4 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
} }

38
hosts/pre-yate-n0emis/configuration.nix
View File

@ -1,38 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
networking.hostName = "pre-yate-n0emis";
networking.useNetworkd = true;
systemd.network = {
links."10-eth0" = {
matchConfig.MACAddress = "4a:a6:0d:b9:3b:82";
linkConfig.Name = "eth0";
};
networks."10-eth0" = {
matchConfig = {
Name = "eth0";
};
DHCP = "yes";
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}

31
hosts/pre-yate-n0emis/hardware-configuration.nix
View File

@ -1,31 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/d3e87ae2-fb17-44f0-b113-14b185a2c845";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

7
modules/default.nix
View File

@ -1,7 +0,0 @@
{ ... }:
{
imports = [
./yate
];
}

61
modules/yate/default.nix
View File

@ -1,61 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.services.yate;
in {
options = {
services.yate = {
enable = mkEnableOption "yate";
config = mkOption {
type = with types; attrsOf anything;
default = { };
};
};
};
config = let
mkCfgFile = name: config:
let
content =
if (isString config) then config else generators.toINI { } config;
in { "yate/${name}.conf".text = content; };
environmentFiles = mkMerge
(map (key: mkCfgFile key (getAttr key cfg.config))
(attrNames cfg.config));
in mkIf cfg.enable {
environment.etc = environmentFiles;
systemd.services.yate = {
description = "YATE Telephony Server";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" "postgresql.service" ];
environment = { PWLIB_ASSERT_ACTION = "C"; };
serviceConfig = {
Type = "forking";
ExecStart =
"${pkgs.yate}/bin/yate -d -p /run/yate/yate.pid -c /etc/yate -F -s -q -DF -r -l /var/lib/yate/yate.log";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
User = "yate";
Group = "yate";
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
RuntimeDirectory = "yate";
RuntimeDirectoryMode = "0755";
StateDirectory = "yate";
StateDirectoryMode = "0700";
PIDFile = "/run/yate/yate.pid";
TimeoutSec = 30;
};
reloadTriggers =
map (name: config.environment.etc."yate/${name}.conf".source)
(attrNames cfg.config);
};
users.users.yate = {
isSystemUser = true;
group = "yate";
};
users.groups.yate = { };
};
}

18
packages/default.nix
View File

@ -1,18 +0,0 @@
self: super: {
freeradius = super.freeradius.override {
withJson = true;
withRest = true;
};
python3 = let packageOverrides = final: prev: import ./python final prev;
in super.python3.override { inherit packageOverrides; };
yate = super.yate.overrideAttrs (old: {
configureFlags =
[ "--with-libpq=${self.postgresql.withPackages (ps: [ ])}" ];
});
t38modem = self.callPackage ./t38modem.nix { };
ptlib = self.callPackage ./ptlib.nix { };
opal = self.callPackage ./opal.nix { };
}

19
packages/opal.nix
View File

@ -1,19 +0,0 @@
{ stdenv, fetchurl, pkg-config, ptlib, openssl, libopus, spandsp }:
let
pname = "opal";
version = "3.18.6";
hash = "sha256-L/0784mYza2p866Fal5pvvQ4IJjC9b5VSFwQ89jSYUw=";
in stdenv.mkDerivation {
inherit pname version;
src = fetchurl {
url =
"mirror://sourceforge/project/opalvoip/v3.18%20Cygni/Stable%206/opal-${version}.tar.bz2";
inherit hash;
};
buildInputs = [ pkg-config ];
nativeBuildInputs = [ ptlib openssl libopus spandsp ];
}

43
packages/ptlib-pidfile.patch
View File

@ -1,43 +0,0 @@
diff --git a/src/ptlib/unix/channel.cxx b/src/ptlib/unix/channel.cxx
index 2935644..80c8d09 100644
--- a/src/ptlib/unix/channel.cxx
+++ b/src/ptlib/unix/channel.cxx
@@ -34,6 +34,7 @@
#pragma implementation "channel.h"
#pragma implementation "indchan.h"
+#include <sys/uio.h>
#include <ptlib.h>
#include <sys/ioctl.h>
diff --git a/src/ptlib/unix/svcproc.cxx b/src/ptlib/unix/svcproc.cxx
index 4f21025..2c957ef 100644
--- a/src/ptlib/unix/svcproc.cxx
+++ b/src/ptlib/unix/svcproc.cxx
@@ -217,7 +217,7 @@ int PServiceProcess::InitialiseService()
pid_t pid;
{
- ifstream pidfile(pidfilename);
+ ifstream pidfile((const char *)pidfilename);
if (!pidfile.is_open()) {
cout << "Could not open pid file: \"" << pidfilename << "\""
" - " << strerror(errno) << endl;
@@ -384,7 +384,7 @@ int PServiceProcess::InitialiseService()
// Run as a daemon, ie fork
if (!pidfilename) {
- ifstream pidfile(pidfilename);
+ ifstream pidfile((const char *)pidfilename);
if (pidfile.is_open()) {
pid_t pid;
pidfile >> pid;
@@ -412,7 +412,7 @@ int PServiceProcess::InitialiseService()
cout << "Daemon started with pid " << pid << endl;
if (!pidfilename) {
// Write out the child pid to magic file in /var/run (at least for linux)
- ofstream pidfile(pidfilename);
+ ofstream pidfile((const char *)pidfilename);
if (pidfile.is_open())
pidfile << pid;
else

26
packages/ptlib.nix
View File

@ -1,26 +0,0 @@
{ stdenv, fetchurl, pkg-config, flex, bison }:
let
pname = "ptlib";
version = "2.18.6";
hash = "sha256-31HndbsCS73uU0yvJW7/YA7s56+9V2itafuLPqllE2Y=";
in stdenv.mkDerivation {
inherit pname version;
src = fetchurl {
url =
"mirror://sourceforge/project/opalvoip/v3.18%20Cygni/Stable%206/ptlib-${version}.tar.bz2";
inherit hash;
};
#patches = [
# ./ptlib-pidfile.patch
#];
buildInputs = [ pkg-config ];
nativeBuildInputs = [ flex bison ];
#NIX_CFLAGS_COMPILE = [ "-fpermissive" ];
#CXXFLAGS = "-std=gnu++98";
}

4
packages/python/default.nix
View File

@ -1,4 +0,0 @@
self: super: {
python-yate = self.callPackage ./python-yate { };
ywsd = self.callPackage ./ywsd { };
}

15
packages/python/python-yate/default.nix
View File

@ -1,15 +0,0 @@
{ lib, buildPythonPackage, fetchPypi, async-timeout }:
buildPythonPackage rec {
pname = "python-yate";
version = "0.3.1";
src = fetchPypi {
inherit pname version;
sha256 = "5e806802dc47a35c855b60cd459a2c98fb0109c7fc099f3e9f83a1a38abf9f90";
};
propagatedBuildInputs = [ async-timeout ];
pythonImportsCheck = [ "yate" ];
}

14
packages/python/ywsd/count.patch
View File

@ -1,14 +0,0 @@
diff --git a/ywsd/objects.py b/ywsd/objects.py
index 4ce29fb..a535e76 100644
--- a/ywsd/objects.py
+++ b/ywsd/objects.py
@@ -178,7 +178,8 @@ class ActiveCall:
async def is_active_call(cls, username, x_eventphone_id, db_connection):
return (
await db_connection.scalar(
- cls.table.count()
+ sa.select(sa.func.count('*'))
+ .select_from(cls.table)
.where(cls.table.c.username == username)
.where(cls.table.c.x_eventphone_id == x_eventphone_id)
)

20
packages/python/ywsd/default.nix
View File

@ -1,20 +0,0 @@
{ lib, buildPythonApplication, fetchFromGitHub, aiopg, aiohttp, python-yate
, pyyaml, sqlalchemy }:
buildPythonApplication rec {
pname = "ywsd";
version = "0.11.0";
src = fetchFromGitHub {
owner = "eventphone";
repo = pname;
rev = "v${version}";
sha256 = "sha256-9DloJSKR3Ck4Bsc0ICcAAD6LHIMeOHTe2rCx6nPINT4=";
};
patches = [ ./count.patch ];
propagatedBuildInputs = [ aiopg aiohttp python-yate pyyaml sqlalchemy ];
doCheck = false;
}

33
packages/t38modem.nix
View File

@ -1,33 +0,0 @@
{ stdenv, fetchFromGitHub, pkg-config, opal, ptlib }:
let
pname = "t38modem";
version = "4.6.0";
hash = "sha256-631xF1Q9Nd0sMBEHtqgqn1SEUEZweneqLJMNVEO2DJo=";
in stdenv.mkDerivation {
inherit pname version;
src = fetchFromGitHub {
owner = "T38modem";
repo = pname;
rev = "v${version}";
inherit hash;
};
buildInputs = [ pkg-config ];
nativeBuildInputs = [ ptlib opal ];
buildFlags = [
"PTLIBDIR=${ptlib}/share/ptlib"
"USE_OPAL=1"
"OPALDIR=${opal}/share/opal"
];
installPhase = ''
mkdir -p $out/bin
cp t38modem $out/bin
'';
NIX_CFLAGS_COMPILE = [ "-Wno-narrowing" ];
}

8
users/default.nix
View File

@ -1,8 +0,0 @@
{ ... }:
{
imports = [
./garionion
./n0emis
];
}

34
users/garionion/default.nix
View File

@ -1,21 +1,15 @@
{ config, pkgs, ... }: { { config, pkgs, ... }:
{
users.users.garionion = { users.users.garionion = {
isNormalUser = true; isNormalUser = true;
shell = pkgs.zsh; shell = pkgs.zsh;
packages = with pkgs; [ packages = with pkgs; [
iperf wget vim screen mtr iperf
htop htop dstat dnsutils nettools tcpdump
dstat git bat starship direnv
dnsutils ];
nettools hashedPassword = "$6$NMzXsfARs2HVA4iq$55uxWCANME/HsjIg9HmZyxqGwlr7RpJfCcMad2OhbmUiHhdnOh/v9TDwT3Vt0mu9HE37Fh3b1g2yyEa3Dxxg80";
tcpdump extraGroups = [ "wheel" ]; # Enable sudo for the user.
git openssh.authorizedKeys.keys = ["ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGw3Yuee8oSXSEqmoMzrqQrUizKV9sJbJMxAUC01wxvbxevAqFEpiGrznnu3K0HN3sfKItjqGkNDPDQ+mIlQwdwJAE0GyJIx9CMvo1RPugKSJ5rFh/vEgJTNMPaeYUb/L2rn3WEZHrZI5wwf+z4ljSHCVetAnaMKjk/+QQWgBHdvNImmA== gari@darwin"];
]; };
hashedPassword = }
"$6$NMzXsfARs2HVA4iq$55uxWCANME/HsjIg9HmZyxqGwlr7RpJfCcMad2OhbmUiHhdnOh/v9TDwT3Vt0mu9HE37Fh3b1g2yyEa3Dxxg80";
extraGroups = [ "wheel" ]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGw3Yuee8oSXSEqmoMzrqQrUizKV9sJbJMxAUC01wxvbxevAqFEpiGrznnu3K0HN3sfKItjqGkNDPDQ+mIlQwdwJAE0GyJIx9CMvo1RPugKSJ5rFh/vEgJTNMPaeYUb/L2rn3WEZHrZI5wwf+z4ljSHCVetAnaMKjk/+QQWgBHdvNImmA== gari@darwin"
];
};
}

16
users/n0emis/default.nix
View File

@ -1,16 +0,0 @@
{ config, pkgs, ... }:
{
users.users.n0emis = {
isNormalUser = true;
shell = pkgs.zsh;
packages = with pkgs; [ htop dnsutils nettools tcpdump git jq tree ];
hashedPassword =
"$6$ZvdWexF9y28IrjyW$lxz27/eFjDZWUPY7Lox0aDXO0.TgMBzygZqNSp1HU7itaMI0KbtAOX2H3uZ9hlEo21z.K.JEE.V/b.HpmN.4y1";
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"
];
};
}