From 535478c1605bd6db6aa924cdb591ee01bd45c92c Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Fri, 26 Feb 2021 20:22:15 +0100 Subject: [PATCH] Flakify freifunk container --- flake.nix | 17 +++++++++- .../{configuration.nix => default.nix} | 34 +++++++++---------- hosts/containers/freifunk/sysinfo-json.nix | 7 ++-- krops.nix | 1 - lib/pkgs/bmxd.nix => nixpkgs-overlay/bmdx.nix | 13 ++++--- nixpkgs-overlay/default.nix | 9 +++++ nixpkgs-overlay/pile.nix | 25 ++++++++++++++ overlay/bmdx.nix | 31 +++++++++++++++++ overlay/default.nix | 9 +++++ overlay/pile.nix | 25 ++++++++++++++ 10 files changed, 144 insertions(+), 27 deletions(-) rename hosts/containers/freifunk/{configuration.nix => default.nix} (90%) rename lib/pkgs/bmxd.nix => nixpkgs-overlay/bmdx.nix (65%) create mode 100644 nixpkgs-overlay/default.nix create mode 100644 nixpkgs-overlay/pile.nix create mode 100644 overlay/bmdx.nix create mode 100644 overlay/default.nix create mode 100644 overlay/pile.nix diff --git a/flake.nix b/flake.nix index 0f5a0304..bf0c73a2 100644 --- a/flake.nix +++ b/flake.nix @@ -15,7 +15,13 @@ hostRegistry = import ./host-registry.nix; in { - inherit (nixpkgs) legacyPackages; + overlay = import ./overlay; + + legacyPackages = forAllSystems (system: + import nixpkgs { + inherit system; + overlays = [ self.overlay ]; + }); packages = forAllSystems (system: let @@ -40,6 +46,8 @@ # TODO: check if the ethernet address is reachable and if not, # execute wol on a machine in HQ. in { + inherit (pkgs) bmxd; + dhcp-nixos-rebuild = mkDeploy "dhcp" hostRegistry.hosts.dhcp.ip4; glotzbert-nixos-rebuild = mkDeploy "glotzbert" "glotzbert.hq.c3d2.de"; @@ -62,6 +70,7 @@ package = pkgs.nixFlakes; extraOptions = "experimental-features = nix-command flakes"; }; + nixpkgs.overlays = [ self.overlay ]; }) ]; }); @@ -76,6 +85,12 @@ system = "x86_64-linux"; }; + freifunk = nixosSystem' { + modules = + [ (import ./hosts/containers/freifunk { inherit secrets; }) ]; + system = "x86_64-linux"; + }; + glotzbert = nixosSystem' { modules = [ ./hosts/glotzbert diff --git a/hosts/containers/freifunk/configuration.nix b/hosts/containers/freifunk/default.nix similarity index 90% rename from hosts/containers/freifunk/configuration.nix rename to hosts/containers/freifunk/default.nix index c640fef8..6a6ce16c 100644 --- a/hosts/containers/freifunk/configuration.nix +++ b/hosts/containers/freifunk/default.nix @@ -1,4 +1,5 @@ -{ config, pkgs, lib, ... }: +{ secrets }: +{ config, pkgs, lib, modulesPath, ... }: let coreAddress = "172.20.72.40"; @@ -6,20 +7,17 @@ let meshInterface = "bmx"; meshLoopback = "bmx_prime"; ddmeshRegisterUrl = "https://register.freifunk-dresden.de/bot.php"; - secrets = import ; - ddmeshRegisterKey = secrets.ddmeshRegisterKey; + secrets' = import "${secrets}/hosts/freifunk"; + ddmeshRegisterKey = secrets'.ddmeshRegisterKey; ddmeshNode = 51073; ddmeshAddrPart = "200.74"; rt_table = 7; - bmxd = import (toString ) { inherit pkgs; }; - sysinfo-json = - import { inherit pkgs bmxd ddmeshNode; }; + sysinfo-json = import ./sysinfo-json.nix { inherit pkgs ddmeshNode; }; in { imports = [ - - - - + "${modulesPath}/profiles/minimal.nix" + ../../../lib/lxc-container.nix + ../../../lib/shared.nix ]; boot.tmpOnTmpfs = true; @@ -118,7 +116,7 @@ in { wantedBy = [ "network.target" ]; serviceConfig = { ExecStart = '' - ${bmxd}/sbin/bmxd \ + ${pkgs.bmxd}/sbin/bmxd \ --rt_table_offset=${toString rt_table} \ --no_fork 1 \ --throw-rules 0 \ @@ -193,7 +191,9 @@ in { stubnet 10.200.0.0/15; interface "core" { authentication cryptographic; - password "${import }"; + password "${ + import "${secrets}/shared/ospf/message-digest-key.nix" + }"; }; }; } @@ -207,7 +207,9 @@ in { }; interface "core" { #authentication cryptographic; - #password "${import }"; + #password "${ + import "${secrets}/shared/ospf/message-digest-key.nix" + }"; }; }; } @@ -228,7 +230,7 @@ in { virtualHosts = { "c3d2.ffdd" = { default = true; - root = ; + root = ./assets; locations = let sysinfo-json = { alias = "/run/nginx/sysinfo.json"; @@ -241,9 +243,7 @@ in { index = "index.html"; extraConfig = '' etag off; - add_header etag "\"${ - builtins.substring 11 32 ( + "/assets") - }\""; + add_header etag "\"${builtins.substring 11 32 (./assets)}\""; ''; }; "=/sysinfo-json.cgi" = sysinfo-json; diff --git a/hosts/containers/freifunk/sysinfo-json.nix b/hosts/containers/freifunk/sysinfo-json.nix index 9b3bf94e..2bf4bd50 100644 --- a/hosts/containers/freifunk/sysinfo-json.nix +++ b/hosts/containers/freifunk/sysinfo-json.nix @@ -1,6 +1,7 @@ -{ pkgs ? import { }, ffdd-server ? - builtins.fetchGit "https://github.com/Freifunk-Dresden/ffdd-server.git", bmxd -, ddmeshNode, ... }: +{ pkgs ? import { }, ffdd-server ? pkgs.fetchgit { + url = "https://github.com/Freifunk-Dresden/ffdd-server.git"; + sha256 = "15iijpywfp0zd785na5ry0g8z41x3zg238piih5rp8khc5xis09c"; +}, ddmeshNode, ... }: with pkgs; let diff --git a/krops.nix b/krops.nix index 90732cdc..21f49492 100644 --- a/krops.nix +++ b/krops.nix @@ -24,6 +24,5 @@ let in { scrape = deployContainer "scrape" "172.20.73.32"; ledstripes = deployContainer "ledstripes" "172.22.99.168"; - freifunk = deployContainer "freifunk" "172.20.72.40"; kibana = deployContainer "kibana" "172.20.73.44"; } diff --git a/lib/pkgs/bmxd.nix b/nixpkgs-overlay/bmdx.nix similarity index 65% rename from lib/pkgs/bmxd.nix rename to nixpkgs-overlay/bmdx.nix index 1308ac26..890661bc 100644 --- a/lib/pkgs/bmxd.nix +++ b/nixpkgs-overlay/bmdx.nix @@ -1,8 +1,10 @@ -{ pkgs ? import { }, src ? builtins.fetchGit - "https://gitlab.freifunk-dresden.de/firmware-developer/firmware.git", }: +{ stdenv, fetchgit, fetchpatch, }: -with pkgs; let + src = fetchgit { + url = "https://gitlab.freifunk-dresden.de/firmware-developer/firmware.git"; + sha256 = "sha256-3sV59uqFp+TZKrDf7kmksLvz+5ZKriwFyXZMBH2Sdws="; + }; path = "feeds/19.07/feeds-own/bmxd"; makefile = builtins.readFile "${src}/${path}/Makefile"; makeDef = name: @@ -12,10 +14,11 @@ let name = makeDef "PKG_NAME"; version = makeDef "PKG_VERSION"; release = makeDef "PKG_RELEASE"; - patch = fetchurl { + patch = fetchpatch { + name = "timercpy.patch"; url = "https://gitlab.freifunk-dresden.de/firmware-developer/firmware/merge_requests/36.patch"; - sha256 = "10gm1fqg2s8c261i0j1py3sfyyzr0h5b6wwdsgg3icn7lfjd6k75"; + sha256 = "sha256-40BbcCZ10cQzvkfsAi8ApCgmC4hGMh2J8xU6gjD3cng="; }; in stdenv.mkDerivation { name = "${name}-${version}-${release}"; diff --git a/nixpkgs-overlay/default.nix b/nixpkgs-overlay/default.nix new file mode 100644 index 00000000..4499c2e1 --- /dev/null +++ b/nixpkgs-overlay/default.nix @@ -0,0 +1,9 @@ +final: prev: + +{ + + bmxd = prev.callPackage ./bmdx.nix { }; + + pile = prev.callPackage ./pile.nix { }; + +} diff --git a/nixpkgs-overlay/pile.nix b/nixpkgs-overlay/pile.nix new file mode 100644 index 00000000..2dab5b06 --- /dev/null +++ b/nixpkgs-overlay/pile.nix @@ -0,0 +1,25 @@ +{ fetchgit, rustPlatform }: + +let + pile = fetchgit { + url = "https://github.com/astro/pile.git"; + sha256 = "sha256-z4xNUGmP35ZBZUpgozQHANZniADfmwEoclnEwNlvAC4="; + }; +in { + ledball = rustPlatform.buildRustPackage { + name = "ledball"; + version = "0.0.0"; + src = "${pile}/ledball"; + cargoSha256 = "0zyfbf3gph8gqab07fmm5a7x5slapsqn8ck6isp53fsa7ljnagjy"; + cargoBuildFlags = [ "--examples" ]; + postInstall = '' + mkdir -p $out/bin + + for f in target/*/release/examples/*; do + if [ -f $f ] && [ -x $f ]; then + cp $f $out/bin/ + fi + done + ''; + }; +} diff --git a/overlay/bmdx.nix b/overlay/bmdx.nix new file mode 100644 index 00000000..890661bc --- /dev/null +++ b/overlay/bmdx.nix @@ -0,0 +1,31 @@ +{ stdenv, fetchgit, fetchpatch, }: + +let + src = fetchgit { + url = "https://gitlab.freifunk-dresden.de/firmware-developer/firmware.git"; + sha256 = "sha256-3sV59uqFp+TZKrDf7kmksLvz+5ZKriwFyXZMBH2Sdws="; + }; + path = "feeds/19.07/feeds-own/bmxd"; + makefile = builtins.readFile "${src}/${path}/Makefile"; + makeDef = name: + builtins.elemAt (builtins.match '' + .*?${name}:=([^ + ]+).*?'' makefile) 0; + name = makeDef "PKG_NAME"; + version = makeDef "PKG_VERSION"; + release = makeDef "PKG_RELEASE"; + patch = fetchpatch { + name = "timercpy.patch"; + url = + "https://gitlab.freifunk-dresden.de/firmware-developer/firmware/merge_requests/36.patch"; + sha256 = "sha256-40BbcCZ10cQzvkfsAi8ApCgmC4hGMh2J8xU6gjD3cng="; + }; +in stdenv.mkDerivation { + name = "${name}-${version}-${release}"; + inherit src; + patches = [ patch ]; + buildPhase = "cd ${path}/sources"; + installPhase = '' + make install SBINDIR=$out/sbin + ''; +} diff --git a/overlay/default.nix b/overlay/default.nix new file mode 100644 index 00000000..4499c2e1 --- /dev/null +++ b/overlay/default.nix @@ -0,0 +1,9 @@ +final: prev: + +{ + + bmxd = prev.callPackage ./bmdx.nix { }; + + pile = prev.callPackage ./pile.nix { }; + +} diff --git a/overlay/pile.nix b/overlay/pile.nix new file mode 100644 index 00000000..2dab5b06 --- /dev/null +++ b/overlay/pile.nix @@ -0,0 +1,25 @@ +{ fetchgit, rustPlatform }: + +let + pile = fetchgit { + url = "https://github.com/astro/pile.git"; + sha256 = "sha256-z4xNUGmP35ZBZUpgozQHANZniADfmwEoclnEwNlvAC4="; + }; +in { + ledball = rustPlatform.buildRustPackage { + name = "ledball"; + version = "0.0.0"; + src = "${pile}/ledball"; + cargoSha256 = "0zyfbf3gph8gqab07fmm5a7x5slapsqn8ck6isp53fsa7ljnagjy"; + cargoBuildFlags = [ "--examples" ]; + postInstall = '' + mkdir -p $out/bin + + for f in target/*/release/examples/*; do + if [ -f $f ] && [ -x $f ]; then + cp $f $out/bin/ + fi + done + ''; + }; +}