Merge branch 'staging/jeschli' of prism.r:stockholm into staging/jeschli
This commit is contained in:
commit
01358d3947
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,2 +1,3 @@
|
|||||||
/.graveyard
|
/.graveyard
|
||||||
/TODO
|
/TODO
|
||||||
|
result
|
||||||
|
@ -3,12 +3,13 @@
|
|||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
# bln config file
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
<stockholm/jeschli>
|
<stockholm/jeschli>
|
||||||
<stockholm/jeschli/2configs/virtualbox.nix>
|
<stockholm/jeschli/2configs/virtualbox.nix>
|
||||||
|
<stockholm/jeschli/2configs/urxvt.nix>
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
# ./dcso-vpn.nix
|
# ./dcso-vpn.nix
|
||||||
];
|
];
|
||||||
@ -16,10 +17,18 @@
|
|||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
jeschliFontSize = 20;
|
||||||
|
# Use the GRUB 2 boot loader.
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
boot.loader.grub.version = 2;
|
||||||
|
# boot.loader.grub.efiSupport = true;
|
||||||
|
# boot.loader.grub.efiInstallAsRemovable = true;
|
||||||
|
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||||
|
# Define on which hard drive you want to install Grub.
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
n = "nix-shell";
|
n = "nix-shell";
|
||||||
gd = "cd /home/jeschli/go/src/gitlab.dcso.lolcat";
|
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
|
||||||
gh = "cd /home/jeschli/go/src/github.com";
|
gh = "cd /home/markus/go/src/github.com";
|
||||||
stocki = pkgs.writeDash "deploy" ''
|
stocki = pkgs.writeDash "deploy" ''
|
||||||
cd ~/stockholm
|
cd ~/stockholm
|
||||||
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
|
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
|
||||||
@ -33,6 +42,7 @@
|
|||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
|
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
termite
|
||||||
# system helper
|
# system helper
|
||||||
ag
|
ag
|
||||||
copyq
|
copyq
|
||||||
@ -57,6 +67,7 @@
|
|||||||
chromium
|
chromium
|
||||||
google-chrome
|
google-chrome
|
||||||
# programming languages
|
# programming languages
|
||||||
|
elmPackages.elm
|
||||||
go
|
go
|
||||||
gcc
|
gcc
|
||||||
ghc
|
ghc
|
||||||
|
@ -79,6 +79,8 @@
|
|||||||
jetbrains.goland
|
jetbrains.goland
|
||||||
# document viewer
|
# document viewer
|
||||||
zathura
|
zathura
|
||||||
|
# xorg
|
||||||
|
xorg.xbacklight
|
||||||
];
|
];
|
||||||
|
|
||||||
# Some programs need SUID wrappers, can be configured further or are
|
# Some programs need SUID wrappers, can be configured further or are
|
||||||
|
@ -40,6 +40,16 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
services.taskserver = {
|
||||||
|
enable = true;
|
||||||
|
fqdn = "enklave.r";
|
||||||
|
listenHost = "::";
|
||||||
|
listenPort = 53589;
|
||||||
|
organisations.lass.users = [ "jeschli" ];
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ 53589 ];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.enklave;
|
krebs.build.host = config.krebs.hosts.enklave;
|
||||||
|
10
jeschli/1systems/enklave/taskserver.nix
Normal file
10
jeschli/1systems/enklave/taskserver.nix
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
{
|
||||||
|
services.taskserver = {
|
||||||
|
enable = true;
|
||||||
|
fqdn = "enklave.r";
|
||||||
|
listenHost = "::";
|
||||||
|
listenPort = 53589;
|
||||||
|
organisations.lass.users = [ "jeschli" ];
|
||||||
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ 53589 ];
|
||||||
|
}
|
@ -4,6 +4,7 @@ with import <stockholm/lib>;
|
|||||||
imports = [
|
imports = [
|
||||||
./vim.nix
|
./vim.nix
|
||||||
./retiolum.nix
|
./retiolum.nix
|
||||||
|
./zsh.nix
|
||||||
<stockholm/lass/2configs/security-workarounds.nix>
|
<stockholm/lass/2configs/security-workarounds.nix>
|
||||||
{
|
{
|
||||||
environment.variables = {
|
environment.variables = {
|
||||||
|
@ -1,19 +1,23 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
{
|
{
|
||||||
|
options.jeschliFontSize = mkOption {
|
||||||
|
type = types.int;
|
||||||
|
default = 12;
|
||||||
|
};
|
||||||
|
config = {
|
||||||
services.urxvtd.enable = true;
|
services.urxvtd.enable = true;
|
||||||
krebs.xresources.enable = true;
|
krebs.xresources.enable = true;
|
||||||
krebs.xresources.resources.urxvt = ''
|
krebs.xresources.resources.urxvt = ''
|
||||||
*foreground: rgb:a8/a8/a8
|
*foreground: rgb:a8/a8/a8
|
||||||
*background: rgb:00/00/00
|
*background: rgb:00/00/00
|
||||||
*faceName: DejaVu Sans Mono
|
*faceName: DejaVu Sans Mono
|
||||||
*faceSize: 12
|
*faceSize: ${toString config.jeschliFontSize}
|
||||||
*color0: rgb:00/00/00
|
*color0: rgb:00/00/00
|
||||||
*color1: rgb:a8/00/00
|
*color1: rgb:a8/00/00
|
||||||
*color2: rgb:00/a8/00
|
*color2: rgb:00/a8/00
|
||||||
*color3: rgb:a8/54/00
|
*color3: rgb:a8/54/00
|
||||||
*color4: rgb:00/00/a8
|
*color4: rgb:26/8b/d2
|
||||||
*color5: rgb:a8/00/a8
|
*color5: rgb:a8/00/a8
|
||||||
*color6: rgb:00/a8/a8
|
*color6: rgb:00/a8/a8
|
||||||
*color7: rgb:a8/a8/a8
|
*color7: rgb:a8/a8/a8
|
||||||
@ -28,7 +32,8 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
URxvt*scrollBar: false
|
URxvt*scrollBar: false
|
||||||
URxvt*urgentOnBell: true
|
URxvt*urgentOnBell: true
|
||||||
URxvt*font: xft:DejaVu Sans Mono:pixelsize=12
|
URxvt*font: xft:DejaVu Sans Mono:pixelsize=${toString config.jeschliFontSize}
|
||||||
URXvt*faceSize: 12
|
URXvt*faceSize: ${toString config.jeschliFontSize}
|
||||||
'';
|
'';
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -27,6 +27,9 @@ in {
|
|||||||
name = "vim";
|
name = "vim";
|
||||||
vimrcConfig.customRC = let
|
vimrcConfig.customRC = let
|
||||||
colorscheme = ''colorscheme molokai'';
|
colorscheme = ''colorscheme molokai'';
|
||||||
|
highlightTrailingWhiteSpaces = ''
|
||||||
|
au Syntax * syn match Garbage containedin=ALL /\s\+$/
|
||||||
|
'';
|
||||||
setStatements = ''
|
setStatements = ''
|
||||||
set autowrite
|
set autowrite
|
||||||
set clipboard=unnamedplus
|
set clipboard=unnamedplus
|
||||||
@ -42,6 +45,7 @@ in {
|
|||||||
remapStatements = ''
|
remapStatements = ''
|
||||||
imap jk <Esc>
|
imap jk <Esc>
|
||||||
map gr :GoRun<Enter> " Map gr to execute go run
|
map gr :GoRun<Enter> " Map gr to execute go run
|
||||||
|
map tt :GoTest<Enter> " Map tt to execute go test
|
||||||
map nf :NERDTreeToggle<CR>
|
map nf :NERDTreeToggle<CR>
|
||||||
nnoremap <C-TAB> <c-w><c-w>
|
nnoremap <C-TAB> <c-w><c-w>
|
||||||
nnoremap <S-TAB> :bnext<CR>
|
nnoremap <S-TAB> :bnext<CR>
|
||||||
@ -74,11 +78,12 @@ in {
|
|||||||
'';
|
'';
|
||||||
in ''
|
in ''
|
||||||
${colorscheme}
|
${colorscheme}
|
||||||
|
${highlightTrailingWhiteSpaces}
|
||||||
${remapStatements}
|
${remapStatements}
|
||||||
${setStatements}
|
${setStatements}
|
||||||
${settingsForElm}
|
${settingsForElm}
|
||||||
${settingsForGo}
|
${settingsForGo}
|
||||||
" I dont know what this line is about
|
" dont expand tabs in go files and show it with four whitespaces.
|
||||||
autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
|
autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
|
||||||
'';
|
'';
|
||||||
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
|
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
|
||||||
|
138
jeschli/2configs/zsh.nix
Normal file
138
jeschli/2configs/zsh.nix
Normal file
@ -0,0 +1,138 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
environment.systemPackages = [ pkgs.fzf ];
|
||||||
|
programs.zsh = {
|
||||||
|
enable = true;
|
||||||
|
shellInit = ''
|
||||||
|
#disable config wizard
|
||||||
|
zsh-newuser-install() { :; }
|
||||||
|
'';
|
||||||
|
interactiveShellInit = ''
|
||||||
|
setopt autocd extendedglob
|
||||||
|
bindkey -e
|
||||||
|
|
||||||
|
#history magic
|
||||||
|
bindkey "[A" up-line-or-local-history
|
||||||
|
bindkey "[B" down-line-or-local-history
|
||||||
|
|
||||||
|
up-line-or-local-history() {
|
||||||
|
zle set-local-history 1
|
||||||
|
zle up-line-or-history
|
||||||
|
zle set-local-history 0
|
||||||
|
}
|
||||||
|
zle -N up-line-or-local-history
|
||||||
|
down-line-or-local-history() {
|
||||||
|
zle set-local-history 1
|
||||||
|
zle down-line-or-history
|
||||||
|
zle set-local-history 0
|
||||||
|
}
|
||||||
|
zle -N down-line-or-local-history
|
||||||
|
|
||||||
|
setopt share_history
|
||||||
|
setopt hist_ignore_dups
|
||||||
|
# setopt inc_append_history
|
||||||
|
bindkey '^R' history-incremental-search-backward
|
||||||
|
|
||||||
|
#C-x C-e open line in editor
|
||||||
|
autoload -z edit-command-line
|
||||||
|
zle -N edit-command-line
|
||||||
|
bindkey "^X^E" edit-command-line
|
||||||
|
|
||||||
|
#fzf inclusion
|
||||||
|
source ${pkgs.fzf}/share/fzf/completion.zsh
|
||||||
|
source ${pkgs.fzf}/share/fzf/key-bindings.zsh
|
||||||
|
|
||||||
|
#completion magic
|
||||||
|
autoload -Uz compinit
|
||||||
|
compinit
|
||||||
|
zstyle ':completion:*' menu select
|
||||||
|
|
||||||
|
#enable automatic rehashing of $PATH
|
||||||
|
zstyle ':completion:*' rehash true
|
||||||
|
|
||||||
|
eval $(dircolors -b ${pkgs.fetchFromGitHub {
|
||||||
|
owner = "trapd00r";
|
||||||
|
repo = "LS_COLORS";
|
||||||
|
rev = "master";
|
||||||
|
sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp";
|
||||||
|
}}/LS_COLORS)
|
||||||
|
|
||||||
|
#beautiful colors
|
||||||
|
alias ls='ls --color'
|
||||||
|
# zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
|
||||||
|
|
||||||
|
#emacs bindings
|
||||||
|
bindkey "[7~" beginning-of-line
|
||||||
|
bindkey "[8~" end-of-line
|
||||||
|
bindkey "Oc" emacs-forward-word
|
||||||
|
bindkey "Od" emacs-backward-word
|
||||||
|
|
||||||
|
#aliases
|
||||||
|
alias ll='ls -l'
|
||||||
|
alias la='ls -la'
|
||||||
|
|
||||||
|
#fancy window title magic
|
||||||
|
'';
|
||||||
|
promptInit = ''
|
||||||
|
# TODO: figure out why we need to set this here
|
||||||
|
HISTSIZE=900001
|
||||||
|
HISTFILESIZE=$HISTSIZE
|
||||||
|
SAVEHIST=$HISTSIZE
|
||||||
|
|
||||||
|
autoload -U promptinit
|
||||||
|
promptinit
|
||||||
|
|
||||||
|
p_error='%(?..%F{red}%?%f )'
|
||||||
|
t_error='%(?..%? )'
|
||||||
|
|
||||||
|
case $UID in
|
||||||
|
0)
|
||||||
|
p_username='%F{red}root%f'
|
||||||
|
t_username='root'
|
||||||
|
;;
|
||||||
|
1337)
|
||||||
|
p_username=""
|
||||||
|
t_username=""
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
p_username='%F{blue}%n%f'
|
||||||
|
t_username='%n'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
if test -n "$SSH_CLIENT"; then
|
||||||
|
p_hostname='@%F{magenta}%M%f '
|
||||||
|
t_hostname='@%M '
|
||||||
|
else
|
||||||
|
p_hostname=""
|
||||||
|
t_hostname=""
|
||||||
|
fi
|
||||||
|
|
||||||
|
#check if in nix shell
|
||||||
|
if test -n "$buildInputs"; then
|
||||||
|
p_nixshell='%F{green}[s]%f '
|
||||||
|
t_nixshell='[s] '
|
||||||
|
else
|
||||||
|
p_nixshell=""
|
||||||
|
t_nixshell=""
|
||||||
|
fi
|
||||||
|
|
||||||
|
PROMPT="$p_error$p_username$p_hostname$p_nixshell%~ "
|
||||||
|
TITLE="$t_error$t_username$t_hostname$t_nixshell%~"
|
||||||
|
case $TERM in
|
||||||
|
(*xterm* | *rxvt*)
|
||||||
|
function precmd {
|
||||||
|
PROMPT_EVALED="$(print -P $TITLE)"
|
||||||
|
echo -ne "\033]0;$$ $PROMPT_EVALED\007"
|
||||||
|
}
|
||||||
|
# This is seen while the shell waits for a command to complete.
|
||||||
|
function preexec {
|
||||||
|
PROMPT_EVALED="$(print -P $TITLE)"
|
||||||
|
echo -ne "\033]0;$$ $PROMPT_EVALED $1\007"
|
||||||
|
}
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
users.defaultUserShell = "/run/current-system/sw/bin/zsh";
|
||||||
|
}
|
@ -4,6 +4,11 @@ host@{ name, secure ? false, override ? {} }: let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "jeschli";
|
else "jeschli";
|
||||||
_file = <stockholm> + "/jeschli/1systems/${name}/source.nix";
|
_file = <stockholm> + "/jeschli/1systems/${name}/source.nix";
|
||||||
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
in
|
in
|
||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
{
|
{
|
||||||
@ -17,6 +22,7 @@ in
|
|||||||
jeschli = "${getEnv "HOME"}/secrets/${name}";
|
jeschli = "${getEnv "HOME"}/secrets/${name}";
|
||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
}
|
}
|
||||||
override
|
override
|
||||||
]
|
]
|
||||||
|
@ -8,6 +8,7 @@ with import <stockholm/lib>;
|
|||||||
krebs.go = {
|
krebs.go = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts.go = {
|
virtualHosts.go = {
|
||||||
|
@ -14,7 +14,6 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
|
kernelModules = [ "kvm-intel" "acpi_call" "tpm-rng" ];
|
||||||
extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
|
|
||||||
kernelParams = [ "acpi_backlight=none" ];
|
kernelParams = [ "acpi_backlight=none" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -233,6 +233,7 @@ let
|
|||||||
"github.com"
|
"github.com"
|
||||||
# List generated with
|
# List generated with
|
||||||
# curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob
|
# curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob
|
||||||
|
"192.30.252.*"
|
||||||
"192.30.253.*"
|
"192.30.253.*"
|
||||||
"192.30.254.*"
|
"192.30.254.*"
|
||||||
"192.30.255.*"
|
"192.30.255.*"
|
||||||
@ -240,9 +241,12 @@ let
|
|||||||
"185.199.109.*"
|
"185.199.109.*"
|
||||||
"185.199.110.*"
|
"185.199.110.*"
|
||||||
"185.199.111.*"
|
"185.199.111.*"
|
||||||
"18.195.85.27"
|
"13.229.188.59"
|
||||||
|
"13.250.177.223"
|
||||||
"18.194.104.89"
|
"18.194.104.89"
|
||||||
|
"18.195.85.27"
|
||||||
"35.159.8.160"
|
"35.159.8.160"
|
||||||
|
"52.74.223.119"
|
||||||
];
|
];
|
||||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
|
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
|
||||||
};
|
};
|
||||||
|
@ -551,6 +551,32 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
dpdkm = {
|
||||||
|
ci = false;
|
||||||
|
external = true;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.173";
|
||||||
|
ip6.addr = "42:4992:6a6d:900::1";
|
||||||
|
aliases = [ "dpdkm.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
||||||
|
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
||||||
|
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
||||||
|
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
||||||
|
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
||||||
|
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
||||||
|
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
||||||
|
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
||||||
|
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
||||||
|
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
||||||
|
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
xerxes = {
|
xerxes = {
|
||||||
cores = 2;
|
cores = 2;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
@ -624,6 +650,10 @@ with import <stockholm/lib>;
|
|||||||
mail = "lass@xerxes.r";
|
mail = "lass@xerxes.r";
|
||||||
pubkey = builtins.readFile ./ssh/xerxes.rsa;
|
pubkey = builtins.readFile ./ssh/xerxes.rsa;
|
||||||
};
|
};
|
||||||
|
lass-daedalus = {
|
||||||
|
mail = "lass@daedalus.r";
|
||||||
|
pubkey = builtins.readFile ./ssh/daedalus.rsa;
|
||||||
|
};
|
||||||
fritz = {
|
fritz = {
|
||||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
|
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
|
||||||
};
|
};
|
||||||
|
1
krebs/3modules/lass/ssh/daedalus.rsa
Normal file
1
krebs/3modules/lass/ssh/daedalus.rsa
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgF3311cZ/JV7lOzo/Crmy6pi0oBYu5klbTb8lU/Yic55XVRyYFtm+KGrNvqkcFgOx803aS7jogJ1N6HCdUAaEl5MzlkOX++h97ihZ/NeQZKDjYEEQYl4ElmIbCRiddpDm0HVX1OGSCtUzhlyDHJ8ieMCb+QVNrpwovlQnp53c/+Z6rGSZWgBMrzP7stlw+XjC1Alhi1M5L+bJfroa7cEcF+J5ZN+J2mWSmkPiQ6+iuk9zRkc5ELO1Vz4MsLoeKwbJrz+uuNVsY7u070pHtsLwbAsYU5vOWJeN/vtEwy51SY/so30FowvivTD9jIJ0xcmAdC56XjWaxttKuqUVBjJqhwqsUI6+AxLESekFXzkfghmG+AJPPkb2pvpVF3k0Ivn14bFBuFv0T2qPHq68Fs19WLTZn+dK3V+RfVkI6bEZaMOUezyBv59yFEY42wMISPw53jkaWqKIxyGCBECi3XlbeQ61FkwE9TElSY+NmoeMu6jPWw7XGDY4Jt6mtKiYu3hVqI5pg4hq3bxB8r2W7LnkDiYfArbzwmrc2zAmgJtY60/Pcwq7hP3LSDEuDDc4gYgpkLNwHjs+CLWqpbQffCFv+oOZj8G92if+dMBOUSBCr6FDqH6wLxZp2cfhud0p/0kLz09nv/PcRohOHdaQSEW7OAhJ5kgg3DuxhwUwOf/3UX5iLvm4WwE/mb7Iki4U3AENKHUWQ7TOrXcQq9AJX57e9CTI+N4phtzp9qur8vjVl2OpYl2Qb/0yQSGM+4wQ/nM4acePMk80oXLb3OJBlPp0CswzoI7kFBD0TUOnFTCkrJWPaZhgjQXyvCzgFKAvXgqWy4riczqLhdBAhc1vT3a18HsqKXE3mhJa6Kjl6r/ZQaDl2zw7uLmWTHhGuUI9w487L36extGuC3Tv8zEvu2UHqhdEcaSDzRQYcv1kRobfhTWjzFHzdA97Kkc+HuFfJk3MzchsjCxqIuDP4r5YauMBMHAIsUlP7Ar/t29WreAGJbCCd2oulkFL+P+8Sp6SksMMhKQvuRcj74n6BETfailv64z2FjT+qzkCsr/gzvWD08EJRZUCpidX2WfMoL396nBf+EgwhFykqoFg2jlJJ7Vggod8CSHUSeBkslhNk/tkv4y+NnsAIgNluVZlxIeKj1UgazohSNQVRHozs2lkuK0Ytl4TsFrE0X3ar7LpwEVvCLj3eh2kg4kNKNN/vOwWxvMlF9uCBq5FUHaBCst/OXeigjfGZ0ZK5iHsZN+R/iIlG+3V3VN1Rm29aPJPSuAgwl/lfPUfUP5c8QiwnDgdHqMi7VcuCpEtcTLjqDHBssqosRTLodcIZY6qLepm5kQgJ2FfcTPi+ZwT3Z/IFH6p/H7NeVbb8rVYeF/zqDJiWbI+gDy0xFnGgOLpFSBdHq679FjtjZk7Exgz3rVD+QsoSB8VYVOSqpHB1LQyQ2qBry+33CNpxlX5GaaLx5sbEKEguaJ+9R7Mbf8zQMa8EAXhqoT96kIj66IEk= lass@daedalus
|
@ -1 +1 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDm4qnRU8/Zyb+7x/QxW1grN+i1qcN39Sr/TSkBdccAPyfPdk8ph/G+wZKgsyr9sl5CgbA4hOsqDBN97dp4dKghKARuk0GldHDgo+2odWwBTa4EOSmE4Bfj3z7r9tW33Y+ujy55L4w5Qw21lj51mbhc0qvC/03xypEeKsLM0RtNAf8TsdGMPGmbha7uCF75VjFJvrHysbjonh6ZQ+Or8N0MSNABZ9oawJQxxBUqtLFhnq20zCJmm281f9GS/EaGYwcpOjiHd4fj3XWyfEIJRK/LRBZXkidvVDN7mhOQY3G+qiGZfPeyged9CRDRFoc5QbZ43NtrmPS+yUtjHQZKynkjI0lA00fegRzb0FkEJmYSy1Vdqgj338CjNwcuTaKJTw2EotMqMuHyk1FllnphafJtgMTMLIGoZRTpJpC91gbP0MGTnRoCwD4McZcz1YD3cxng101QsLsDv/FPxzbyxr+P6rjBB6eP6IhP4k4ALjWzoMURdCo1BW4//zt+PXImUpcX2+urtAMmVBQ8BwZry1hsEcR+r6C1Yb+jzeWGnvtfjXSFv+ZjpA0eEnqeKeh3LDCxybjkok51zdTe97EZ0sDAnKcnrVzpXJwehY02E2N9Sw1HhvWIUUulr09a2bC2rYR7HWryOjaEzT2aKmUyrxPkflCawB8gn2iSbVMWK74VJw== lass@icarus
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgEuFS5MwYQRF+0MKAQvyv6O+0ky0QnOKGMVZgFXE4g2JrByTCXQAeQmyJquM1wl9IRD63res8ZguMoAz2PkHfNbRSSsR7pH/G3DaJRl0VGf14zO3bjBbogQ45j1Bwxi78h44SDmuBAkp0t76ca16kWGhwEVt03+8sqmbLV90RjHZlrFw2sDgTu35SDz1q/ZzkdyFP3xSIBUnsQD64qRLMx64yLcBp0uu2h7gBBCVyA1T+VR3Nc1yIOyv0nUaqEHz+CDATtFlgGTgT6cCXoIPN0QAuIa3pDxt7htD/POsWuFbpbqrBQVcgun5s3J5X0OmNyoqGqqubcycvuYipZUjBCxyTb7RxCqj2oR8alSaeGZm64I0VSGX/iSCtXKaEJqBbxwNUgDH6B2oUeZbRwgPl/SG8vBku1oKzt/36IBoY8HttcosqLkfTquyyO7KVtOBu04geCmmiqJpSV4j5iYMxvrD0AQ3JJmrcbzUYoCGxlYO19TPsa+Ybhn/E8suach75+DIPj5LacYAh9Wjirw67Kg5QyYEt8XGTR2xxF78CFi0JGBRcyorPfFPLznmVntqJLe6dGNL3njgdD0Ocz8V5ktk1pjY5D2nG8GXfd45NQl2QjTLYnYX4dGuudBXth0nEJMv/MRHZrXVViIqwazdq4mA5z1Yu4Tb3l17d2cAZobzdut6JuZbd7itXAPIiY0vEWXr8lpEuE8Uz9mz8aPxZlhmHSXvNcwhq+i2+cFO8OPwUGbnE2cAHpymlQ3aDRgpptAIMU2LjIAblqsvA72asJpuRqu7ZOoy0vVRCOhktIzZXWR9hF5/CM/7NZ5skvHzYlmgkvnuu4jDDGusF32Zyiip0WJg+Iijqe8VpOqCup5UEF5QG32yQwaZDrKd71hq7Z1xNe0vEPN8yCxpes8hWafYY9m8YRrUduDVlOon7SzmdU76RPn2oF6udCGP7A/hEeRiwrDaRuIwchh99Xw3LioxXNzLYB1aXd+yKuZyhW+witC20ISdyZz7JPIrb49JCGH8FtbcDzD1B8Xd1By34POfhxriSr9UG5Hj9LGbA3/aKMOajZdcbrKXorUrKdhAuZv1z4rjW5iwYgXF2G/nseeCOw+DPEcB3GexsyCTUzSjJ6fy3Aqlzppwttx5MfkbNhPZWRCfDX3i0g8e0aFlgvlj99aGgUQeEpYg8peZhe1lxl25Ftc0R7pYmXPDeCY1yWxZiXZ3YtVVr43c/FEaQHXfkZ2I+t5lG6CmgJhhYjUry5Sx4/NgfBvpmU22cIBWNmyTn9q3gDFmeoIiTwlF654K7NnsWrdKr2L2fGI10Xe/J/GYkkzX39e5bToQPXh23gUfIr7faYEPBsVU/SaEkWNHojzf/NKjPT0utvlFr0HqnFYSdk4wpWzcrhii7E/UhgKvpA/k2Vlj4ZhkejfZXQWxRbJzejkVSJcUGim+Dt1WUZJXVOgEkJ3WA6z+ha2FN2sBDdvRKlad55aelvRrbu3/vPzEuE= lass@icarus
|
||||||
|
@ -503,6 +503,7 @@ with import <stockholm/lib>;
|
|||||||
# ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732";
|
# ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732";
|
||||||
aliases = [
|
aliases = [
|
||||||
"wbob.r"
|
"wbob.r"
|
||||||
|
"hydra.wbob.r"
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
@ -1038,6 +1039,10 @@ with import <stockholm/lib>;
|
|||||||
inherit (makefu) mail pgp;
|
inherit (makefu) mail pgp;
|
||||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
|
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDoAtBa10AbiFXfYL4Za7e0CLeXJeH6FhMqVZFqElLkJBKmQ7c7WEMlnuRhEZWSFDXBpaS7p73s5MMOZA13uYv6fI2ipOOwE9Ej1EoMsrQGegBp2VDMo0wnr/sgTL1do+uGI85E/i0uFw0DYhXqlZQk1eK8SdgXYltiVL27IA3NG2kYuoTIvJgRnaPJjTbhLBWti3m586LuO+pBKtcTt1D9EV6wp+6Jum4owPtCgVPQaZfFGYWkEiINV83WX9HoIk4S3bTPLh8Kfp0je0xsioS4T9/cxSPgUie8MjSg0irvLJXRH0JOVuG5NvZTYhAAekwNkHll9CtypPrutjbrXPXf makefu@x";
|
||||||
};
|
};
|
||||||
|
makefu-remote-builder = {
|
||||||
|
inherit (makefu) mail pgp;
|
||||||
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPlhb0TIBW9RN9T8Is4YRIc1RjOg+cxbZCaDjbM4zxrX nixBuild";
|
||||||
|
};
|
||||||
makefu-bob = {
|
makefu-bob = {
|
||||||
inherit (makefu) mail pgp;
|
inherit (makefu) mail pgp;
|
||||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD";
|
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+fEK1bCB8cdDiBzXBXEWLFQyp/7xjNGQ5GyqHOtgxxe6Ypb0kAaWJaG3Ak/qI/nToGKwkQJLsuYNA3lZj2rFyBdoxnNO3kRFTc7NoaU5mC2BlHbpmn9dzvgiBoRAKAlzj/022u65SI19AFciKXtwqQfjuB3mPVOFOfCFB2SYjjWb8ffPnHp6PB5KKNLxaVPCbZgOdSju25/wB2lY00W8WIDOTqfbNClQnjkLsUZpTuRnvpHTemKtt1FH+WBZiMwMXRt19rm9LFSO7pvrZjdJz0l1TZVsODkbKZzQzSixoCPmdpPPAYaqrGUQpmukXk0xQtR3E2jEsk+FJv4AkIKqD";
|
||||||
|
@ -5,7 +5,11 @@ let
|
|||||||
nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})";
|
nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})";
|
||||||
nixos-pretty-name = "NixOS ${nixos-version}";
|
nixos-pretty-name = "NixOS ${nixos-version}";
|
||||||
|
|
||||||
stockholm-version-id = maybeEnv "STOCKHOLM_VERSION" "unknown";
|
stockholm-version-id = let
|
||||||
|
eval = tryEval (removeSuffix "\n" (readFile <stockholm-version>));
|
||||||
|
in
|
||||||
|
if eval.success then eval.value else "unknown";
|
||||||
|
|
||||||
stockholm-version = "${stockholm-version-id}";
|
stockholm-version = "${stockholm-version-id}";
|
||||||
stockholm-pretty-name = "stockholm ${stockholm-version}";
|
stockholm-pretty-name = "stockholm ${stockholm-version}";
|
||||||
|
|
||||||
|
@ -18,10 +18,10 @@ let
|
|||||||
type = types.attrsOf (types.submodule ({ config, ... }: {
|
type = types.attrsOf (types.submodule ({ config, ... }: {
|
||||||
options = {
|
options = {
|
||||||
origin = mkOption {
|
origin = mkOption {
|
||||||
type = types.git-source;
|
type = types.source-types.git;
|
||||||
};
|
};
|
||||||
mirror = mkOption {
|
mirror = mkOption {
|
||||||
type = types.git-source;
|
type = types.source-types.git;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
config = {
|
config = {
|
||||||
@ -31,7 +31,7 @@ let
|
|||||||
}));
|
}));
|
||||||
};
|
};
|
||||||
latest = mkOption {
|
latest = mkOption {
|
||||||
type = types.nullOr types.git-source;
|
type = types.nullOr types.source-types.git;
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
timerConfig = mkOption {
|
timerConfig = mkOption {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ stdenv, fetchurl, makeDesktopItem
|
{ stdenv, fetchurl
|
||||||
, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm
|
, jre, libX11, libXext, libXcursor, libXrandr, libXxf86vm
|
||||||
, openjdk
|
, openjdk
|
||||||
, mesa, openal
|
, mesa, openal
|
||||||
@ -7,23 +7,12 @@ with stdenv.lib;
|
|||||||
|
|
||||||
assert useAlsa -> alsaOss != null;
|
assert useAlsa -> alsaOss != null;
|
||||||
|
|
||||||
let
|
stdenv.mkDerivation {
|
||||||
desktopItem = makeDesktopItem {
|
|
||||||
name = "minecraft";
|
|
||||||
exec = "minecraft";
|
|
||||||
icon = "minecraft";
|
|
||||||
comment = "A sandbox-building game";
|
|
||||||
desktopName = "Minecraft";
|
|
||||||
genericName = "minecraft";
|
|
||||||
categories = "Game;";
|
|
||||||
};
|
|
||||||
|
|
||||||
in stdenv.mkDerivation {
|
|
||||||
name = "ftb";
|
name = "ftb";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "http://ftb.cursecdn.com/FTB2/launcher/FTB_Launcher.jar";
|
url = "http://ftb.cursecdn.com/FTB2/launcher/FTB_Launcher.jar";
|
||||||
sha256 = "10ga4jgyfsj5dy4rj2rla0fpnfpnxv8r3bmxpqpwn7fsry4il79v";
|
sha256 = "0pyh83hhni97ryvz6yy8lyiagjrlx67cwr780s2bja92rxc1sqpj";
|
||||||
};
|
};
|
||||||
|
|
||||||
phases = "installPhase";
|
phases = "installPhase";
|
||||||
@ -36,6 +25,7 @@ in stdenv.mkDerivation {
|
|||||||
cat > $out/bin/ftb << EOF
|
cat > $out/bin/ftb << EOF
|
||||||
#!${stdenv.shell}
|
#!${stdenv.shell}
|
||||||
|
|
||||||
|
export _JAVA_AWT_WM_NONREPARENTING=1
|
||||||
export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]}
|
export LD_LIBRARY_PATH=\$LD_LIBRARY_PATH:${makeLibraryPath [ libX11 libXext libXcursor libXrandr libXxf86vm mesa openal ]}
|
||||||
${if useAlsa then "${alsaOss}/bin/aoss" else "" } \
|
${if useAlsa then "${alsaOss}/bin/aoss" else "" } \
|
||||||
${jre}/bin/java -jar $out/ftb.jar
|
${jre}/bin/java -jar $out/ftb.jar
|
||||||
@ -43,9 +33,6 @@ in stdenv.mkDerivation {
|
|||||||
|
|
||||||
chmod +x $out/bin/ftb
|
chmod +x $out/bin/ftb
|
||||||
|
|
||||||
mkdir -p $out/share/applications
|
|
||||||
ln -s ${desktopItem}/share/applications/* $out/share/applications/
|
|
||||||
|
|
||||||
${openjdk}/bin/jar xf $out/ftb.jar favicon.png
|
${openjdk}/bin/jar xf $out/ftb.jar favicon.png
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
@ -16,12 +16,12 @@ in
|
|||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "populate";
|
name = "populate";
|
||||||
version = "2.1.0";
|
version = "2.3.0";
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = http://cgit.ni.krebsco.de/populate;
|
url = http://cgit.ni.krebsco.de/populate;
|
||||||
rev = "refs/tags/v${version}";
|
rev = "refs/tags/v${version}";
|
||||||
sha256 = "0cr50y6h6nps0qgpmi01h0z9wzpv2704y5zgx2salk1grkmvcfmh";
|
sha256 = "05zr132k1s3a1cc879lvhb83hax7dbfmsbrnxmh7dxjcdg3yhxd7";
|
||||||
};
|
};
|
||||||
|
|
||||||
phases = [
|
phases = [
|
||||||
|
@ -216,7 +216,6 @@
|
|||||||
init.env = pkgs.writeText "init.env" /* sh */ ''
|
init.env = pkgs.writeText "init.env" /* sh */ ''
|
||||||
|
|
||||||
export HOSTNAME="$(${pkgs.nettools}/bin/hostname)"
|
export HOSTNAME="$(${pkgs.nettools}/bin/hostname)"
|
||||||
export STOCKHOLM_VERSION="''${STOCKHOLM_VERSION-$(${cmds.get-version})}"
|
|
||||||
|
|
||||||
export quiet
|
export quiet
|
||||||
export system
|
export system
|
||||||
@ -251,7 +250,6 @@
|
|||||||
"$target_user@$target_host" -p "$target_port" \
|
"$target_user@$target_host" -p "$target_port" \
|
||||||
cd "$target_path/stockholm" \; \
|
cd "$target_path/stockholm" \; \
|
||||||
NIX_PATH=$(${pkgs.quote}/bin/quote "$target_path") \
|
NIX_PATH=$(${pkgs.quote}/bin/quote "$target_path") \
|
||||||
STOCKHOLM_VERSION=$(${pkgs.quote}/bin/quote "$STOCKHOLM_VERSION") \
|
|
||||||
nix-shell --run "$(${pkgs.quote}/bin/quote "
|
nix-shell --run "$(${pkgs.quote}/bin/quote "
|
||||||
${lib.concatStringsSep " " (lib.mapAttrsToList
|
${lib.concatStringsSep " " (lib.mapAttrsToList
|
||||||
(name: opt: /* sh */
|
(name: opt: /* sh */
|
||||||
|
@ -2,13 +2,13 @@
|
|||||||
|
|
||||||
python3Packages.buildPythonApplication rec {
|
python3Packages.buildPythonApplication rec {
|
||||||
name = "urlwatch-${version}";
|
name = "urlwatch-${version}";
|
||||||
version = "2.7";
|
version = "2.8";
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "thp";
|
owner = "thp";
|
||||||
repo = "urlwatch";
|
repo = "urlwatch";
|
||||||
rev = version;
|
rev = version;
|
||||||
sha256 = "0fx964z73yv08b1lpymmjsigf6929zx9ax5bp34rcf2c5gk11l5m";
|
sha256 = "1nja7n6pc45azd3l1xyvav89855lvcgwabrvf34rps81dbl8cnl4";
|
||||||
};
|
};
|
||||||
|
|
||||||
propagatedBuildInputs = with python3Packages; [
|
propagatedBuildInputs = with python3Packages; [
|
||||||
|
@ -4,6 +4,11 @@ host@{ name, secure ? false, override ? {} }: let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "krebs";
|
else "krebs";
|
||||||
_file = <stockholm> + "/krebs/1systems/${name}/source.nix";
|
_file = <stockholm> + "/krebs/1systems/${name}/source.nix";
|
||||||
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
in
|
in
|
||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
{
|
{
|
||||||
@ -16,9 +21,10 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
ref = "b222a0713f4a689519686421b3fbf5ca0c9bd3da"; # nixos-17.09 @ 2018-01-23
|
ref = "c5bc83b503dfb29eb27c1deb0268f15c1858e7ce"; # nixos-17.09 @ 2018-02-27
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
override
|
override
|
||||||
|
@ -16,6 +16,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/virtualbox.nix>
|
<stockholm/lass/2configs/virtualbox.nix>
|
||||||
<stockholm/lass/2configs/dcso-dev.nix>
|
<stockholm/lass/2configs/dcso-dev.nix>
|
||||||
<stockholm/lass/2configs/steam.nix>
|
<stockholm/lass/2configs/steam.nix>
|
||||||
|
<stockholm/lass/2configs/rtl-sdr.nix>
|
||||||
{ # automatic hardware detection
|
{ # automatic hardware detection
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
@ -144,16 +145,39 @@ with import <stockholm/lib>;
|
|||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
|
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; })
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
|
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
|
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
|
||||||
|
(pkgs.writeText "minio.cert" ''
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDFDCCAfygAwIBAgIQBEKYm9VmbR6T/XNLP2P5kDANBgkqhkiG9w0BAQsFADAS
|
||||||
|
MRAwDgYDVQQKEwdBY21lIENvMB4XDTE4MDIxNDEyNTk1OVoXDTE5MDIxNDEyNTk1
|
||||||
|
OVowEjEQMA4GA1UEChMHQWNtZSBDbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
|
||||||
|
AQoCggEBAMmRGUTMDxOaoEZ3osG1ZpGj4enHl6ToWaoCXvRXvI6RB/99QOFlwLdL
|
||||||
|
8lGjIbXyovNkH686pVsfgCTOLRGzftWHmWgfmaSUv0TToBW8F9DN4ww9YgiLZjvV
|
||||||
|
YZunRyp1n0x9OrBXMs7xEBBa4q0AG1IvlRJTrd7CW519FlVq7T95LLB7P6t6K54C
|
||||||
|
ksG4kEzXLRPD/FMdU7LWbhWnQSOxPMCq8erTv3kW3A3Y9hSAKOFQKQHH/3O2HDrM
|
||||||
|
CbK5ldNklswg2rIHxx7kg1fteLD1lVCNPfCMfuwlLUaMeoRZ03HDof8wFlRz3pzw
|
||||||
|
hQRWPvfLfRvFCZ0LFNvfgAqXtmG/ywUCAwEAAaNmMGQwDgYDVR0PAQH/BAQDAgKk
|
||||||
|
MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wLAYDVR0RBCUw
|
||||||
|
I4IJbG9jYWxob3N0ggZoZWxpb3OCCGhlbGlvcy5yhwR/AAABMA0GCSqGSIb3DQEB
|
||||||
|
CwUAA4IBAQBzrPb3NmAn60awoJG3d4BystaotaFKsO3iAnP4Lfve1bhKRELIjJ30
|
||||||
|
hX/mRYkEVRbfwKRgkkLab4zpJ/abjb3DjFNo8E4QPNeCqS+8xxeBOf7x61Kg/0Ox
|
||||||
|
jRQ95fTATyItiChwNkoxYjVIwosqxBVsbe3KxwhkmKPQ6wH/nvr6URX/IGUz2qWY
|
||||||
|
EqHdjsop83u4Rjn3C0u46U0P+W4U5IFiLfcE3RzFFYh67ko5YEhkyXP+tBNSgrTM
|
||||||
|
zFisVoQZdXpMCWWxBVWulB4FvvTx3jKUPRZVOrfexBfY4TA/PyhXLoz7FeEK9n2a
|
||||||
|
qFkrxy+GrHBXfSRZgCaHQFdKorg2fwwa
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
|
lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
|
||||||
|
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
users.users.mainUser.extraGroups = [ "adbusers" ];
|
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||||
|
|
||||||
services.printing.drivers = [ pkgs.postscript-lexmark ];
|
services.printing.drivers = [ pkgs.postscript-lexmark ];
|
||||||
|
|
||||||
services.logind.extraConfig = ''
|
services.logind.extraConfig = ''
|
||||||
HandleLidSwitch=ignore
|
HandleLidSwitch=ignore
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
virtualisation.docker.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -31,6 +31,8 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/c-base.nix>
|
<stockholm/lass/2configs/c-base.nix>
|
||||||
<stockholm/lass/2configs/br.nix>
|
<stockholm/lass/2configs/br.nix>
|
||||||
<stockholm/lass/2configs/ableton.nix>
|
<stockholm/lass/2configs/ableton.nix>
|
||||||
|
<stockholm/lass/2configs/dunst.nix>
|
||||||
|
<stockholm/lass/2configs/rtl-sdr.nix>
|
||||||
{
|
{
|
||||||
#risk of rain port
|
#risk of rain port
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
@ -89,6 +91,10 @@ with import <stockholm/lib>;
|
|||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
||||||
};
|
};
|
||||||
|
"/home/virtual" = {
|
||||||
|
device = "/dev/mapper/pool-virtual";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
@ -176,7 +182,7 @@ with import <stockholm/lib>;
|
|||||||
echo 'secrets are crypted' >&2
|
echo 'secrets are crypted' >&2
|
||||||
exit 23
|
exit 23
|
||||||
else
|
else
|
||||||
exec nix-shell -I stockholm="$PWD" --run 'deploy --diff --system="$SYSTEM"'
|
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"'
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
predeploy = pkgs.writeDash "predeploy" ''
|
predeploy = pkgs.writeDash "predeploy" ''
|
||||||
@ -194,5 +200,6 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
nix.package = pkgs.nixUnstable;
|
nix.package = pkgs.nixUnstable;
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
users.users.mainUser.extraGroups = [ "adbusers" ];
|
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||||
|
virtualisation.docker.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -292,11 +292,22 @@ in {
|
|||||||
<stockholm/krebs/2configs/reaktor-krebs.nix>
|
<stockholm/krebs/2configs/reaktor-krebs.nix>
|
||||||
<stockholm/lass/2configs/dcso-dev.nix>
|
<stockholm/lass/2configs/dcso-dev.nix>
|
||||||
{
|
{
|
||||||
|
users.users.jeschli = {
|
||||||
|
uid = genid "jeschli";
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||||
|
jeschli.pubkey
|
||||||
|
jeschli-bln.pubkey
|
||||||
|
jeschli-bolide.pubkey
|
||||||
|
jeschli-brauerei.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
krebs.git.rules = [
|
krebs.git.rules = [
|
||||||
{
|
{
|
||||||
user = with config.krebs.users; [
|
user = with config.krebs.users; [
|
||||||
jeschli
|
jeschli
|
||||||
jeschli-bln
|
jeschli-bln
|
||||||
|
jeschli-bolide
|
||||||
jeschli-brauerei
|
jeschli-brauerei
|
||||||
];
|
];
|
||||||
repo = [ config.krebs.git.repos.stockholm ];
|
repo = [ config.krebs.git.repos.stockholm ];
|
||||||
@ -313,6 +324,18 @@ in {
|
|||||||
}
|
}
|
||||||
<stockholm/lass/2configs/downloading.nix>
|
<stockholm/lass/2configs/downloading.nix>
|
||||||
<stockholm/lass/2configs/minecraft.nix>
|
<stockholm/lass/2configs/minecraft.nix>
|
||||||
|
{
|
||||||
|
services.taskserver = {
|
||||||
|
enable = true;
|
||||||
|
fqdn = "lassul.us";
|
||||||
|
listenHost = "::";
|
||||||
|
listenPort = 53589;
|
||||||
|
organisations.lass.users = [ "lass" "android" ];
|
||||||
|
};
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
|
||||||
|
];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.prism;
|
krebs.build.host = config.krebs.hosts.prism;
|
||||||
|
@ -61,4 +61,8 @@ with import <stockholm/lib>;
|
|||||||
SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0"
|
SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:29:26:bc", NAME="wl0"
|
||||||
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0"
|
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:0c:a7:63", NAME="et0"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
services.logind.extraConfig = ''
|
||||||
|
HandleLidSwitch=ignore
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
@ -41,6 +41,7 @@ in {
|
|||||||
lass-shodan.pubkey
|
lass-shodan.pubkey
|
||||||
lass-icarus.pubkey
|
lass-icarus.pubkey
|
||||||
lass-android.pubkey
|
lass-android.pubkey
|
||||||
|
lass-helios.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
user = config.krebs.build.user;
|
user = config.krebs.build.user;
|
||||||
|
xmonad-lass = pkgs.callPackage <stockholm/lass/5pkgs/custom/xmonad-lass> { inherit config; };
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
./mpv.nix
|
./mpv.nix
|
||||||
@ -10,6 +11,7 @@ in {
|
|||||||
./livestream.nix
|
./livestream.nix
|
||||||
./dns-stuff.nix
|
./dns-stuff.nix
|
||||||
./urxvt.nix
|
./urxvt.nix
|
||||||
|
./network-manager.nix
|
||||||
{
|
{
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -83,7 +85,6 @@ in {
|
|||||||
powertop
|
powertop
|
||||||
push
|
push
|
||||||
rxvt_unicode_with-plugins
|
rxvt_unicode_with-plugins
|
||||||
screengrab
|
|
||||||
slock
|
slock
|
||||||
sxiv
|
sxiv
|
||||||
timewarrior
|
timewarrior
|
||||||
@ -98,6 +99,7 @@ in {
|
|||||||
zathura
|
zathura
|
||||||
|
|
||||||
cabal2nix
|
cabal2nix
|
||||||
|
xephyrify
|
||||||
];
|
];
|
||||||
|
|
||||||
fonts.fonts = with pkgs; [
|
fonts.fonts = with pkgs; [
|
||||||
@ -121,13 +123,13 @@ in {
|
|||||||
name = "xmonad";
|
name = "xmonad";
|
||||||
start = ''
|
start = ''
|
||||||
${pkgs.xorg.xhost}/bin/xhost +LOCAL:
|
${pkgs.xorg.xhost}/bin/xhost +LOCAL:
|
||||||
${pkgs.coreutils}/bin/sleep infinity
|
${pkgs.systemd}/bin/systemctl --user start xmonad
|
||||||
|
exec ${pkgs.coreutils}/bin/sleep infinity
|
||||||
'';
|
'';
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.user.services.xmonad = {
|
systemd.user.services.xmonad = {
|
||||||
wantedBy = [ "graphical-session.target" ];
|
|
||||||
environment = {
|
environment = {
|
||||||
DISPLAY = ":${toString config.services.xserver.display}";
|
DISPLAY = ":${toString config.services.xserver.display}";
|
||||||
RXVT_SOCKET = "%t/urxvtd-socket";
|
RXVT_SOCKET = "%t/urxvtd-socket";
|
||||||
@ -135,8 +137,8 @@ in {
|
|||||||
};
|
};
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
SyslogIdentifier = "xmonad";
|
SyslogIdentifier = "xmonad";
|
||||||
ExecStart = "${pkgs.xmonad-lass}/bin/xmonad";
|
ExecStart = "${xmonad-lass}/bin/xmonad";
|
||||||
ExecStop = "${pkgs.xmonad-lass}/bin/xmonad --shutdown";
|
ExecStop = "${xmonad-lass}/bin/xmonad --shutdown";
|
||||||
};
|
};
|
||||||
restartIfChanged = false;
|
restartIfChanged = false;
|
||||||
};
|
};
|
||||||
|
@ -17,6 +17,7 @@ in {
|
|||||||
config.krebs.users.lass.pubkey
|
config.krebs.users.lass.pubkey
|
||||||
config.krebs.users.lass-android.pubkey
|
config.krebs.users.lass-android.pubkey
|
||||||
config.krebs.users.jeschli-bln.pubkey
|
config.krebs.users.jeschli-bln.pubkey
|
||||||
|
config.krebs.users.jeschli-brauerei.pubkey
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1T5+2epslFARSnETdr4wdolA6ocJaD4H9tmz6BZFQKXlwIq+OMp+sSEdwYwW3Lu9+mNbBHPxVVJDWg/We9DXB0ezXPM5Bs1+FcehmkoGwkmgKaFCDt0sL+CfSnog/3wEkN21O/rQxVFqMmiJ7WUDGci6IKCFZ5ZjOsmmfHg5p3LYxU9xv33fNr2v+XauhrGbFtQ7eDz4kSywxN/aw73LN4d8em0V0UV8VPI3Qkw7MamDFwefA+K1TfK8pBzMeruU6N7HLuNkpkAp7kS+K4Zzd72aQtR37a5qMiFUbOxQ9B7iFypuPx0iu6ZwY1s/sM8t3kLmcDJ9O4FOTzlbpneet3as6iJ+Ckr/TlfKor2Tl5pWcXh2FXHoG8VUu5bYmIViJBrKihAlAQfQN0mJ9fdFTnCXVTtbYTy11s4eEVHgUlb7oSpgBnx5bnBONgApbsOX9zyoo8wz8KkZBcf1SQpkV5br8uUAHCcZtHuY6I3kKlv+8lJmgUipiYzMdTi7+dHa49gVEcEKL4ZnJ0msQkl4XT7JjKETLvumC4/TIqVuRu48wuYalkCR9OzxCsTXQ/msBJBztPdYLrEOXVb2HfzuCT+43UuMQ5rP/EoPy0TWQO9BaqfEXqvbOvWjVxj/GMvglQ2ChZTwHxwwTKB8qRVvJLnbZQwizQiSrkzjb6hRJfQ== u0_a165@localhost"
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjtdqRxD0+UU7O8xogSqAQYd/Hrc79CTTKnvbhKy7jp2TVfxQpl81ndSH6DN6Cz90mu65C+DFGq43YtKTPqXmTn1+2wru71C2UOl6ZR0tmU7UELkRt4SJuFQLEgQCt3BWvXJPye6cKRRIlb+XZHWyVyCDxHo9EYO2GWI1wIP8mHMltKj65mobHY+R0CJNhhwlFURzTto8C30ejfVg2OW81qkNWqYtpdC9txLUlQ9/LBVKrafHGprmcBEp9qtecVgx8kxHpS7cuQNYoFcfljug4IyFO+uBfdbKqnGM5mra3huNhX3+AcQxKbLMlRgZD+jc47Xs+s5qSvWBou2ygd5T413k/SDOTCxDjidA+dcwzRo0qUWcGL201a5g+F0EvWv8rjre9m0lii6QKEoPyj60y3yfaIHeafels1Ia1FItjkBe8XydiXf7rKq8nmVRlpo8vl+vKwVuJY783tObHjUgBtXJdmnyYGiXxkxSrXa2mQhPz3KodK/QrnqCP27dURcMlp1hFF3LxFz7WtMCLW0yvDuUsuI2pdq0+zdt702wuwXVNIvbq/ssvX/CL8ryBLAogaxN9DN0vpjk+aXQLn11Zt99MgmnnqUgvOKQi1Quog/SxnSBiloKqB6aA10a28Uxoxkr0KAfhWhX3XPpfGMlbVj4GJuevLp0sGDVQT2biUQ== rhaist@RH-NB"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjtdqRxD0+UU7O8xogSqAQYd/Hrc79CTTKnvbhKy7jp2TVfxQpl81ndSH6DN6Cz90mu65C+DFGq43YtKTPqXmTn1+2wru71C2UOl6ZR0tmU7UELkRt4SJuFQLEgQCt3BWvXJPye6cKRRIlb+XZHWyVyCDxHo9EYO2GWI1wIP8mHMltKj65mobHY+R0CJNhhwlFURzTto8C30ejfVg2OW81qkNWqYtpdC9txLUlQ9/LBVKrafHGprmcBEp9qtecVgx8kxHpS7cuQNYoFcfljug4IyFO+uBfdbKqnGM5mra3huNhX3+AcQxKbLMlRgZD+jc47Xs+s5qSvWBou2ygd5T413k/SDOTCxDjidA+dcwzRo0qUWcGL201a5g+F0EvWv8rjre9m0lii6QKEoPyj60y3yfaIHeafels1Ia1FItjkBe8XydiXf7rKq8nmVRlpo8vl+vKwVuJY783tObHjUgBtXJdmnyYGiXxkxSrXa2mQhPz3KodK/QrnqCP27dURcMlp1hFF3LxFz7WtMCLW0yvDuUsuI2pdq0+zdt702wuwXVNIvbq/ssvX/CL8ryBLAogaxN9DN0vpjk+aXQLn11Zt99MgmnnqUgvOKQi1Quog/SxnSBiloKqB6aA10a28Uxoxkr0KAfhWhX3XPpfGMlbVj4GJuevLp0sGDVQT2biUQ== rhaist@RH-NB"
|
||||||
];
|
];
|
||||||
@ -44,6 +45,11 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT";}
|
||||||
|
{ predicate = "-p tcp --dport 9000"; target = "ACCEPT";}
|
||||||
|
];
|
||||||
|
|
||||||
krebs.per-user.dev.packages = [
|
krebs.per-user.dev.packages = [
|
||||||
pkgs.go
|
pkgs.go
|
||||||
];
|
];
|
||||||
@ -51,4 +57,6 @@ in {
|
|||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
${mainUser.name} ALL=(dev) NOPASSWD: ALL
|
${mainUser.name} ALL=(dev) NOPASSWD: ALL
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
services.minio.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -16,6 +16,8 @@ with import <stockholm/lib>;
|
|||||||
lass.pubkey
|
lass.pubkey
|
||||||
lass-shodan.pubkey
|
lass-shodan.pubkey
|
||||||
lass-icarus.pubkey
|
lass-icarus.pubkey
|
||||||
|
lass-daedalus.pubkey
|
||||||
|
lass-helios.pubkey
|
||||||
makefu.pubkey
|
makefu.pubkey
|
||||||
wine-mors.pubkey
|
wine-mors.pubkey
|
||||||
];
|
];
|
||||||
|
277
lass/2configs/dunst.nix
Normal file
277
lass/2configs/dunst.nix
Normal file
@ -0,0 +1,277 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
dunstConfig = pkgs.writeText "dunst-config" ''
|
||||||
|
[global]
|
||||||
|
font = Iosevka Term 11
|
||||||
|
|
||||||
|
# Allow a small subset of html markup:
|
||||||
|
# <b>bold</b>
|
||||||
|
# <i>italic</i>
|
||||||
|
# <s>strikethrough</s>
|
||||||
|
# <u>underline</u>
|
||||||
|
#
|
||||||
|
# For a complete reference see
|
||||||
|
# <http://developer.gnome.org/pango/stable/PangoMarkupFormat.html>.
|
||||||
|
# If markup is not allowed, those tags will be stripped out of the
|
||||||
|
# message.
|
||||||
|
markup = yes
|
||||||
|
plain_text = no
|
||||||
|
|
||||||
|
# The format of the message. Possible variables are:
|
||||||
|
# %a appname
|
||||||
|
# %s summary
|
||||||
|
# %b body
|
||||||
|
# %i iconname (including its path)
|
||||||
|
# %I iconname (without its path)
|
||||||
|
# %p progress value if set ([ 0%] to [100%]) or nothing
|
||||||
|
# Markup is allowed
|
||||||
|
format = "%a\n<b>%s</b>\n%b"
|
||||||
|
|
||||||
|
# Sort messages by urgency.
|
||||||
|
sort = yes
|
||||||
|
|
||||||
|
# Show how many messages are currently hidden (because of geometry).
|
||||||
|
indicate_hidden = yes
|
||||||
|
|
||||||
|
# Alignment of message text.
|
||||||
|
# Possible values are "left", "center" and "right".
|
||||||
|
alignment = center
|
||||||
|
|
||||||
|
# The frequency with wich text that is longer than the notification
|
||||||
|
# window allows bounces back and forth.
|
||||||
|
# This option conflicts with "word_wrap".
|
||||||
|
# Set to 0 to disable.
|
||||||
|
bounce_freq = 0
|
||||||
|
|
||||||
|
# Show age of message if message is older than show_age_threshold
|
||||||
|
# seconds.
|
||||||
|
# Set to -1 to disable.
|
||||||
|
show_age_threshold = 1
|
||||||
|
|
||||||
|
# Split notifications into multiple lines if they don't fit into
|
||||||
|
# geometry.
|
||||||
|
word_wrap = yes
|
||||||
|
|
||||||
|
# Ignore newlines '\n' in notifications.
|
||||||
|
ignore_newline = no
|
||||||
|
|
||||||
|
# Hide duplicate's count and stack them
|
||||||
|
stack_duplicates = yes
|
||||||
|
hide_duplicates_count = no
|
||||||
|
|
||||||
|
|
||||||
|
# The geometry of the window:
|
||||||
|
# [{width}]x{height}[+/-{x}+/-{y}]
|
||||||
|
# The geometry of the message window.
|
||||||
|
# The height is measured in number of notifications everything else
|
||||||
|
# in pixels. If the width is omitted but the height is given
|
||||||
|
# ("-geometry x2"), the message window expands over the whole screen
|
||||||
|
# (dmenu-like). If width is 0, the window expands to the longest
|
||||||
|
# message displayed. A positive x is measured from the left, a
|
||||||
|
# negative from the right side of the screen. Y is measured from
|
||||||
|
# the top and down respectevly.
|
||||||
|
# The width can be negative. In this case the actual width is the
|
||||||
|
# screen width minus the width defined in within the geometry option.
|
||||||
|
geometry = "500x10-0+0"
|
||||||
|
|
||||||
|
# Shrink window if it's smaller than the width. Will be ignored if
|
||||||
|
# width is 0.
|
||||||
|
shrink = no
|
||||||
|
|
||||||
|
# The transparency of the window. Range: [0; 100].
|
||||||
|
# This option will only work if a compositing windowmanager is
|
||||||
|
# present (e.g. xcompmgr, compiz, etc.).
|
||||||
|
# transparency = 5
|
||||||
|
|
||||||
|
# Don't remove messages, if the user is idle (no mouse or keyboard input)
|
||||||
|
# for longer than idle_threshold seconds.
|
||||||
|
# Set to 0 to disable.
|
||||||
|
idle_threshold = 0
|
||||||
|
|
||||||
|
# Which monitor should the notifications be displayed on.
|
||||||
|
monitor = keyboard
|
||||||
|
|
||||||
|
# Display notification on focused monitor. Possible modes are:
|
||||||
|
# mouse: follow mouse pointer
|
||||||
|
# keyboard: follow window with keyboard focus
|
||||||
|
# none: don't follow anything
|
||||||
|
#
|
||||||
|
# "keyboard" needs a windowmanager that exports the
|
||||||
|
# _NET_ACTIVE_WINDOW property.
|
||||||
|
# This should be the case for almost all modern windowmanagers.
|
||||||
|
#
|
||||||
|
# If this option is set to mouse or keyboard, the monitor option
|
||||||
|
# will be ignored.
|
||||||
|
follow = none
|
||||||
|
|
||||||
|
# Should a notification popped up from history be sticky or timeout
|
||||||
|
# as if it would normally do.
|
||||||
|
sticky_history = yes
|
||||||
|
|
||||||
|
# Maximum amount of notifications kept in history
|
||||||
|
history_length = 15
|
||||||
|
|
||||||
|
# Display indicators for URLs (U) and actions (A).
|
||||||
|
show_indicators = no
|
||||||
|
|
||||||
|
# The height of a single line. If the height is smaller than the
|
||||||
|
# font height, it will get raised to the font height.
|
||||||
|
# This adds empty space above and under the text.
|
||||||
|
line_height = 3
|
||||||
|
|
||||||
|
# Draw a line of "separatpr_height" pixel height between two
|
||||||
|
# notifications.
|
||||||
|
# Set to 0 to disable.
|
||||||
|
separator_height = 1
|
||||||
|
|
||||||
|
# Padding between text and separator.
|
||||||
|
padding = 1
|
||||||
|
|
||||||
|
# Horizontal padding.
|
||||||
|
horizontal_padding = 1
|
||||||
|
|
||||||
|
# Define a color for the separator.
|
||||||
|
# possible values are:
|
||||||
|
# * auto: dunst tries to find a color fitting to the background;
|
||||||
|
# * foreground: use the same color as the foreground;
|
||||||
|
# * frame: use the same color as the frame;
|
||||||
|
# * anything else will be interpreted as a X color.
|
||||||
|
separator_color = frame
|
||||||
|
|
||||||
|
# Print a notification on startup.
|
||||||
|
# This is mainly for error detection, since dbus (re-)starts dunst
|
||||||
|
# automatically after a crash.
|
||||||
|
startup_notification = true
|
||||||
|
|
||||||
|
# dmenu path.
|
||||||
|
dmenu = ${pkgs.dmenu}/bin/dmenu -p dunst:
|
||||||
|
|
||||||
|
# Browser for opening urls in context menu.
|
||||||
|
browser = /usr/bin/firefox -new-tab
|
||||||
|
|
||||||
|
# Align icons left/right/off
|
||||||
|
icon_position = off
|
||||||
|
max_icon_size = 80
|
||||||
|
|
||||||
|
# Paths to default icons.
|
||||||
|
icon_folders = /usr/share/icons/Paper/16x16/mimetypes/:/usr/share/icons/Paper/48x48/status/:/usr/share/icons/Paper/16x16/devices/:/usr/share/icons/Paper/48x48/notifications/:/usr/share/icons/Paper/48x48/emblems/
|
||||||
|
|
||||||
|
frame_width = 2
|
||||||
|
frame_color = "#8EC07C"
|
||||||
|
|
||||||
|
[shortcuts]
|
||||||
|
|
||||||
|
# Shortcuts are specified as [modifier+][modifier+]...key
|
||||||
|
# Available modifiers are "ctrl", "mod1" (the alt-key), "mod2",
|
||||||
|
# "mod3" and "mod4" (windows-key).
|
||||||
|
# Xev might be helpful to find names for keys.
|
||||||
|
|
||||||
|
# Close notification.
|
||||||
|
close = ctrl+space
|
||||||
|
|
||||||
|
# Close all notifications.
|
||||||
|
close_all = ctrl+shift+space
|
||||||
|
|
||||||
|
# Redisplay last message(s).
|
||||||
|
# On the US keyboard layout "grave" is normally above TAB and left
|
||||||
|
# of "1".
|
||||||
|
history = ctrl+grave
|
||||||
|
|
||||||
|
# Context menu.
|
||||||
|
context = mod4+u
|
||||||
|
|
||||||
|
[urgency_low]
|
||||||
|
# IMPORTANT: colors have to be defined in quotation marks.
|
||||||
|
# Otherwise the "#" and following would be interpreted as a comment.
|
||||||
|
frame_color = "#3B7C87"
|
||||||
|
foreground = "#3B7C87"
|
||||||
|
background = "#191311"
|
||||||
|
#background = "#2B313C"
|
||||||
|
timeout = 0
|
||||||
|
|
||||||
|
[urgency_normal]
|
||||||
|
frame_color = "#5B8234"
|
||||||
|
foreground = "#5B8234"
|
||||||
|
background = "#191311"
|
||||||
|
#background = "#2B313C"
|
||||||
|
timeout = 0
|
||||||
|
|
||||||
|
[urgency_critical]
|
||||||
|
frame_color = "#B7472A"
|
||||||
|
foreground = "#B7472A"
|
||||||
|
background = "#191311"
|
||||||
|
#background = "#2B313C"
|
||||||
|
timeout = 0
|
||||||
|
|
||||||
|
|
||||||
|
# Every section that isn't one of the above is interpreted as a rules to
|
||||||
|
# override settings for certain messages.
|
||||||
|
# Messages can be matched by "appname", "summary", "body", "icon", "category",
|
||||||
|
# "msg_urgency" and you can override the "timeout", "urgency", "foreground",
|
||||||
|
# "background", "new_icon" and "format".
|
||||||
|
# Shell-like globbing will get expanded.
|
||||||
|
#
|
||||||
|
# SCRIPTING
|
||||||
|
# You can specify a script that gets run when the rule matches by
|
||||||
|
# setting the "script" option.
|
||||||
|
# The script will be called as follows:
|
||||||
|
# script appname summary body icon urgency
|
||||||
|
# where urgency can be "LOW", "NORMAL" or "CRITICAL".
|
||||||
|
#
|
||||||
|
# NOTE: if you don't want a notification to be displayed, set the format
|
||||||
|
# to "".
|
||||||
|
# NOTE: It might be helpful to run dunst -print in a terminal in order
|
||||||
|
# to find fitting options for rules.
|
||||||
|
|
||||||
|
#[espeak]
|
||||||
|
# summary = "*"
|
||||||
|
# script = dunst_espeak.sh
|
||||||
|
|
||||||
|
#[script-test]
|
||||||
|
# summary = "*script*"
|
||||||
|
# script = dunst_test.sh
|
||||||
|
|
||||||
|
#[ignore]
|
||||||
|
# # This notification will not be displayed
|
||||||
|
# summary = "foobar"
|
||||||
|
# format = ""
|
||||||
|
|
||||||
|
#[signed_on]
|
||||||
|
# appname = Pidgin
|
||||||
|
# summary = "*signed on*"
|
||||||
|
# urgency = low
|
||||||
|
#
|
||||||
|
#[signed_off]
|
||||||
|
# appname = Pidgin
|
||||||
|
# summary = *signed off*
|
||||||
|
# urgency = low
|
||||||
|
#
|
||||||
|
#[says]
|
||||||
|
# appname = Pidgin
|
||||||
|
# summary = *says*
|
||||||
|
# urgency = critical
|
||||||
|
#
|
||||||
|
#[twitter]
|
||||||
|
# appname = Pidgin
|
||||||
|
# summary = *twitter.com*
|
||||||
|
# urgency = normal
|
||||||
|
#
|
||||||
|
# vim: ft=cfg
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
systemd.user.services.dunst = {
|
||||||
|
wantedBy = [ "graphical-session.target" ];
|
||||||
|
requires = [ "xmonad.service" ];
|
||||||
|
environment = {
|
||||||
|
DISPLAY = ":${toString config.services.xserver.display}";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "dunst";
|
||||||
|
ExecStart = "${pkgs.dunst}/bin/dunst -conf ${dunstConfig}";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "15s";
|
||||||
|
StartLimitBurst = 0;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -11,7 +11,6 @@ with import <stockholm/lib>;
|
|||||||
primary_hostname = "lassul.us";
|
primary_hostname = "lassul.us";
|
||||||
sender_domains = [
|
sender_domains = [
|
||||||
"lassul.us"
|
"lassul.us"
|
||||||
"aidsballs.de"
|
|
||||||
];
|
];
|
||||||
relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [
|
relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [
|
||||||
config.krebs.hosts.mors
|
config.krebs.hosts.mors
|
||||||
@ -59,6 +58,26 @@ with import <stockholm/lib>;
|
|||||||
{ from = "coinexchange@lassul.us"; to = lass.mail; }
|
{ from = "coinexchange@lassul.us"; to = lass.mail; }
|
||||||
{ from = "verwaltung@lassul.us"; to = lass.mail; }
|
{ from = "verwaltung@lassul.us"; to = lass.mail; }
|
||||||
{ from = "gearbest@lassul.us"; to = lass.mail; }
|
{ from = "gearbest@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "binance@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "bitfinex@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "alternate@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "redacted@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "mytaxi@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "pizza@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "robinhood@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "drivenow@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "aws@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "reddit@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "banggood@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "immoscout@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "gmail@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "amazon@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "humblebundle@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "meetup@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "gebfrei@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "github@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "ovh@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "hetzner@lassul.us"; to = lass.mail; }
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
@ -10,9 +10,13 @@ let
|
|||||||
echelon = "197";
|
echelon = "197";
|
||||||
cloudkrebs = "119";
|
cloudkrebs = "119";
|
||||||
};
|
};
|
||||||
|
urgent = [
|
||||||
|
"\\blass@mors\\b"
|
||||||
|
];
|
||||||
in {
|
in {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
(pkgs.writeDashBin "logf" ''
|
(pkgs.writeDashBin "logf" ''
|
||||||
|
export LOGF_URGENT=${pkgs.writeJSON "urgent" urgent}
|
||||||
export LOGF_HOST_COLORS=${pkgs.writeJSON "host-colors" host-colors}
|
export LOGF_HOST_COLORS=${pkgs.writeJSON "host-colors" host-colors}
|
||||||
${pkgs.logf}/bin/logf ${concatMapStringsSep " " (name: "root@${name}") (attrNames config.lass.hosts)}
|
${pkgs.logf}/bin/logf ${concatMapStringsSep " " (name: "root@${name}") (attrNames config.lass.hosts)}
|
||||||
'')
|
'')
|
||||||
|
@ -21,13 +21,46 @@ let
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
mailboxes = {
|
mailboxes = {
|
||||||
wireguard = [ "wireguard@lists.zx2c4" ];
|
c-base = [ "to:c-base.org" ];
|
||||||
c-base = [ "c-base.org" ];
|
coins = [
|
||||||
security = [ "seclists.org" "security" "bugtraq" ];
|
"to:btce@lassul.us"
|
||||||
nix-devel = [ "nix-devel@googlegroups.com" ];
|
"to:coinbase@lassul.us"
|
||||||
shack = [ "shackspace.de" ];
|
"to:polo@lassul.us"
|
||||||
|
"to:bitwala@lassul.us"
|
||||||
|
"to:payeer@lassul.us"
|
||||||
|
"to:gatehub@lassul.us"
|
||||||
|
"to:bitfinex@lassul.us"
|
||||||
|
"to:binance@lassul.us"
|
||||||
|
"to:bitcoin.de@lassul.us"
|
||||||
|
"to:robinhood@lassul.us"
|
||||||
|
];
|
||||||
|
dezentrale = [ "to:dezentrale.space" ];
|
||||||
|
dhl = [ "to:dhl@lassul.us" ];
|
||||||
|
github = [ "to:github@lassul.us" ];
|
||||||
|
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
|
||||||
|
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
|
||||||
|
nix-devel = [ "to:nix-devel@googlegroups.com" ];
|
||||||
|
patreon = [ "to:patreon@lassul.us" ];
|
||||||
|
paypal = [ "to:paypal@lassul.us" ];
|
||||||
|
ptl = [ "to:ptl@posttenebraslab.ch" ];
|
||||||
|
retiolum = [ "to:lass@mors.r" ];
|
||||||
|
security = [ "to:seclists.org" "to:bugtraq" "to:securityfocus@lassul.us" ];
|
||||||
|
shack = [ "to:shackspace.de" ];
|
||||||
|
steam = [ "to:steam@lassul.us" ];
|
||||||
|
tinc = [ "to:tinc@tinc-vpn.org" "to:tinc-devel@tinc-vpn.org" ];
|
||||||
|
wireguard = [ "to:wireguard@lists.zx2c4" ];
|
||||||
|
zzz = [ "to:pizza@lassul.us" "to:spam@krebsco.de" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
tag-new-mails = pkgs.writeDashBin "nm-tag-init" ''
|
||||||
|
${pkgs.notmuch}/bin/notmuch new
|
||||||
|
${concatMapStringsSep "\n" (i: ''${pkgs.notmuch}/bin/notmuch tag -inbox +${i.name} -- tag:inbox ${concatMapStringsSep " or " (f: "${f}") i.value}'') (mapAttrsToList nameValuePair mailboxes)}
|
||||||
|
'';
|
||||||
|
|
||||||
|
tag-old-mails = pkgs.writeDashBin "nm-tag-old" ''
|
||||||
|
${concatMapStringsSep "\n" (i: ''${pkgs.notmuch}/bin/notmuch tag -inbox -archive +${i.name} -- ${concatMapStringsSep " or " (f: "${f}") i.value}'') (mapAttrsToList nameValuePair mailboxes)}
|
||||||
|
'';
|
||||||
|
|
||||||
muttrc = pkgs.writeText "muttrc" ''
|
muttrc = pkgs.writeText "muttrc" ''
|
||||||
# gpg
|
# gpg
|
||||||
source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
|
source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
|
||||||
@ -80,16 +113,15 @@ let
|
|||||||
# V
|
# V
|
||||||
''} %r |"
|
''} %r |"
|
||||||
|
|
||||||
virtual-mailboxes \
|
virtual-mailboxes "INBOX" "notmuch://?query=tag:inbox"
|
||||||
"Unread" "notmuch://?query=tag:unread"\
|
virtual-mailboxes "Unread" "notmuch://?query=tag:unread"
|
||||||
"INBOX" "notmuch://?query=tag:inbox ${concatMapStringsSep " " (f: "and NOT to:${f}") (flatten (attrValues mailboxes))}"\
|
${concatMapStringsSep "\n" (i: ''${" "}virtual-mailboxes "${i.name}" "notmuch://?query=tag:${i.name}"'') (mapAttrsToList nameValuePair mailboxes)}
|
||||||
${concatMapStringsSep "\n" (i: ''${" "}"${i.name}" "notmuch://?query=${concatMapStringsSep " or " (f: "to:${f}") i.value}"\'') (mapAttrsToList nameValuePair mailboxes)}
|
virtual-mailboxes "TODO" "notmuch://?query=tag:TODO"
|
||||||
"BOX" "notmuch://?query=${concatMapStringsSep " and " (f: "NOT to:${f}") (flatten (attrValues mailboxes))}"\
|
virtual-mailboxes "Starred" "notmuch://?query=tag:*"
|
||||||
"TODO" "notmuch://?query=tag:TODO"\
|
virtual-mailboxes "Archive" "notmuch://?query=tag:archive"
|
||||||
"Starred" "notmuch://?query=tag:*"\
|
virtual-mailboxes "Sent" "notmuch://?query=tag:sent"
|
||||||
"Archive" "notmuch://?query=tag:archive"\
|
virtual-mailboxes "Junk" "notmuch://?query=tag:junk"
|
||||||
"Sent" "notmuch://?query=tag:sent"\
|
virtual-mailboxes "All" "notmuch://?query=*"
|
||||||
"Junk" "notmuch://?query=tag:junk"
|
|
||||||
|
|
||||||
tag-transforms "junk" "k" \
|
tag-transforms "junk" "k" \
|
||||||
"unread" "u" \
|
"unread" "u" \
|
||||||
@ -163,5 +195,7 @@ in {
|
|||||||
mutt
|
mutt
|
||||||
pkgs.much
|
pkgs.much
|
||||||
pkgs.notmuch
|
pkgs.notmuch
|
||||||
|
tag-new-mails
|
||||||
|
tag-old-mails
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -17,5 +17,6 @@
|
|||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport 25565"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport 25565"; target = "ACCEPT"; }
|
||||||
{ predicate = "-p udp --dport 25565"; target = "ACCEPT"; }
|
{ predicate = "-p udp --dport 25565"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p tcp --dport 8123"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
24
lass/2configs/network-manager.nix
Normal file
24
lass/2configs/network-manager.nix
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
networking.wireless.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
systemd.services.modemmanager = {
|
||||||
|
description = "ModemManager";
|
||||||
|
after = [ "network-manager.service" ];
|
||||||
|
bindsTo = [ "network-manager.service" ];
|
||||||
|
wantedBy = [ "network-manager.service" ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
|
||||||
|
PrivateTmp = true;
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "5";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
users.users.mainUser = {
|
||||||
|
extraGroups = [ "networkmanager" ];
|
||||||
|
packages = with pkgs; [
|
||||||
|
gnome3.gnome_keyring gnome3.dconf
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
6
lass/2configs/rtl-sdr.nix
Normal file
6
lass/2configs/rtl-sdr.nix
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{
|
||||||
|
boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" ];
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", GROUP="adm", MODE="0666", SYMLINK+="rtl_sdr"
|
||||||
|
'';
|
||||||
|
}
|
@ -6,6 +6,9 @@ let
|
|||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
(hiPrio vim)
|
(hiPrio vim)
|
||||||
pkgs.python35Packages.flake8
|
pkgs.python35Packages.flake8
|
||||||
|
(pkgs.writeDashBin "govet" ''
|
||||||
|
go vet "$@"
|
||||||
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.etc.vimrc.source = vimrc;
|
environment.etc.vimrc.source = vimrc;
|
||||||
@ -68,6 +71,9 @@ let
|
|||||||
let g:syntastic_python_checkers=['flake8']
|
let g:syntastic_python_checkers=['flake8']
|
||||||
let g:syntastic_python_flake8_post_args='--ignore=E501'
|
let g:syntastic_python_flake8_post_args='--ignore=E501'
|
||||||
|
|
||||||
|
let g:go_metalinter_autosave = 1
|
||||||
|
let g:go_metalinter_deadline = "10s"
|
||||||
|
|
||||||
nmap <esc>q :buffer
|
nmap <esc>q :buffer
|
||||||
nmap <M-q> :buffer
|
nmap <M-q> :buffer
|
||||||
|
|
||||||
|
@ -32,7 +32,6 @@ rec {
|
|||||||
let
|
let
|
||||||
domain = head domains;
|
domain = head domains;
|
||||||
in {
|
in {
|
||||||
services.phpfpm.phpPackage = pkgs.php56;
|
|
||||||
services.nginx.virtualHosts."${domain}" = {
|
services.nginx.virtualHosts."${domain}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
enableSSL = true;
|
enableSSL = true;
|
||||||
|
@ -19,23 +19,8 @@ in {
|
|||||||
pkgs.wine
|
pkgs.wine
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
wine64 = {
|
|
||||||
name = "wine64";
|
|
||||||
description = "user for running wine in 64bit";
|
|
||||||
home = "/home/wine64";
|
|
||||||
useDefaultShell = true;
|
|
||||||
extraGroups = [
|
|
||||||
"audio"
|
|
||||||
"video"
|
|
||||||
];
|
|
||||||
createHome = true;
|
|
||||||
packages = [
|
|
||||||
(pkgs.wine.override { wineBuild = "wineWow"; })
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
${mainUser.name} ALL=(wine) NOPASSWD: ALL
|
${mainUser.name} ALL=(wine) NOPASSWD: ALL
|
||||||
${mainUser.name} ALL=(wine64) NOPASSWD: ALL
|
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
@ -50,16 +50,15 @@
|
|||||||
#enable automatic rehashing of $PATH
|
#enable automatic rehashing of $PATH
|
||||||
zstyle ':completion:*' rehash true
|
zstyle ':completion:*' rehash true
|
||||||
|
|
||||||
|
#beautiful colors
|
||||||
eval $(dircolors -b ${pkgs.fetchFromGitHub {
|
eval $(dircolors -b ${pkgs.fetchFromGitHub {
|
||||||
owner = "trapd00r";
|
owner = "trapd00r";
|
||||||
repo = "LS_COLORS";
|
repo = "LS_COLORS";
|
||||||
rev = "master";
|
rev = "master";
|
||||||
sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp";
|
sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp";
|
||||||
}}/LS_COLORS)
|
}}/LS_COLORS)
|
||||||
|
|
||||||
#beautiful colors
|
|
||||||
alias ls='ls --color'
|
alias ls='ls --color'
|
||||||
# zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
|
zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
|
||||||
|
|
||||||
#emacs bindings
|
#emacs bindings
|
||||||
bindkey "[7~" beginning-of-line
|
bindkey "[7~" beginning-of-line
|
||||||
@ -109,7 +108,7 @@
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
#check if in nix shell
|
#check if in nix shell
|
||||||
if test -n "$buildInputs"; then
|
if test -n "$IN_NIX_SHELL"; then
|
||||||
p_nixshell='%F{green}[s]%f '
|
p_nixshell='%F{green}[s]%f '
|
||||||
t_nixshell='[s] '
|
t_nixshell='[s] '
|
||||||
else
|
else
|
||||||
|
@ -33,6 +33,11 @@ let
|
|||||||
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
|
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
|
||||||
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
|
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
|
||||||
${xcfg.displayManager.sessionCommands}
|
${xcfg.displayManager.sessionCommands}
|
||||||
|
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
|
||||||
|
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
|
||||||
|
fi
|
||||||
|
export DBUS_SESSION_BUS_ADDRESS
|
||||||
|
${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
|
||||||
wait
|
wait
|
||||||
'';
|
'';
|
||||||
|
|
||||||
@ -74,6 +79,7 @@ let
|
|||||||
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
||||||
(optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}")
|
(optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}")
|
||||||
];
|
];
|
||||||
|
User = user.name;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
krebs.xresources.resources.dpi = ''
|
krebs.xresources.resources.dpi = ''
|
||||||
|
@ -23,6 +23,7 @@ import XMonad
|
|||||||
import qualified XMonad.StackSet as W
|
import qualified XMonad.StackSet as W
|
||||||
import Control.Monad.Extra (whenJustM)
|
import Control.Monad.Extra (whenJustM)
|
||||||
import Data.List (isInfixOf)
|
import Data.List (isInfixOf)
|
||||||
|
import Data.Monoid (Endo)
|
||||||
import System.Environment (getArgs, lookupEnv)
|
import System.Environment (getArgs, lookupEnv)
|
||||||
import System.Posix.Process (executeFile)
|
import System.Posix.Process (executeFile)
|
||||||
import XMonad.Actions.CopyWindow (copy, kill1)
|
import XMonad.Actions.CopyWindow (copy, kill1)
|
||||||
@ -36,7 +37,7 @@ import XMonad.Hooks.FloatNext (floatNextHook)
|
|||||||
import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts))
|
import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts))
|
||||||
import XMonad.Hooks.Place (placeHook, smart)
|
import XMonad.Hooks.Place (placeHook, smart)
|
||||||
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
||||||
import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook)
|
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
||||||
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
||||||
import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
|
import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
|
||||||
import XMonad.Layout.NoBorders (smartBorders)
|
import XMonad.Layout.NoBorders (smartBorders)
|
||||||
@ -44,9 +45,20 @@ import XMonad.Layout.SimplestFloat (simplestFloat)
|
|||||||
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
||||||
import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
|
import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
|
||||||
import XMonad.Util.EZConfig (additionalKeysP)
|
import XMonad.Util.EZConfig (additionalKeysP)
|
||||||
|
import XMonad.Util.NamedWindows (getName)
|
||||||
|
import XMonad.Util.Run (safeSpawn)
|
||||||
|
|
||||||
import XMonad.Stockholm.Shutdown
|
import XMonad.Stockholm.Shutdown
|
||||||
|
|
||||||
|
data LibNotifyUrgencyHook = LibNotifyUrgencyHook deriving (Read, Show)
|
||||||
|
|
||||||
|
instance UrgencyHook LibNotifyUrgencyHook where
|
||||||
|
urgencyHook LibNotifyUrgencyHook w = do
|
||||||
|
name <- getName w
|
||||||
|
Just idx <- fmap (W.findTag w) $ gets windowset
|
||||||
|
|
||||||
|
safeSpawn "${pkgs.libnotify}/bin/notify-send" [show name, "workspace " ++ idx]
|
||||||
|
|
||||||
myTerm :: FilePath
|
myTerm :: FilePath
|
||||||
myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
|
myTerm = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtc"
|
||||||
|
|
||||||
@ -61,7 +73,7 @@ main = getArgs >>= \case
|
|||||||
main' :: IO ()
|
main' :: IO ()
|
||||||
main' = do
|
main' = do
|
||||||
xmonad $ ewmh
|
xmonad $ ewmh
|
||||||
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
|
$ withUrgencyHook LibNotifyUrgencyHook
|
||||||
$ def
|
$ def
|
||||||
{ terminal = myTerm
|
{ terminal = myTerm
|
||||||
, modMask = mod4Mask
|
, modMask = mod4Mask
|
||||||
@ -80,11 +92,12 @@ myLayoutHook = defLayout
|
|||||||
where
|
where
|
||||||
defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1 ||| simplestFloat)
|
defLayout = minimize $ ((avoidStruts $ Tall 1 (3/100) (1/2) ||| Full ||| Mirror (Tall 1 (3/100) (1/2))) ||| FixedColumn 2 80 80 1 ||| simplestFloat)
|
||||||
|
|
||||||
|
floatHooks :: Query (Endo WindowSet)
|
||||||
floatHooks = composeAll . concat $
|
floatHooks = composeAll . concat $
|
||||||
[ [ title =? t --> doFloat | t <- myTitleFloats]
|
[ [ title =? t --> doFloat | t <- myTitleFloats]
|
||||||
, [ className =? c --> doFloat | c <- myClassFloats ] ]
|
, [ className =? c --> doFloat | c <- myClassFloats ] ]
|
||||||
where
|
where
|
||||||
myTitleFloats = [] -- for the KDE "open link" popup from konsole
|
myTitleFloats = []
|
||||||
myClassFloats = ["Pinentry"] -- for gpg passphrase entry
|
myClassFloats = ["Pinentry"] -- for gpg passphrase entry
|
||||||
|
|
||||||
|
|
||||||
@ -130,12 +143,21 @@ myKeyMap =
|
|||||||
|
|
||||||
, ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show")
|
, ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show")
|
||||||
|
|
||||||
|
, ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" ''
|
||||||
|
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
|
||||||
|
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
|
||||||
|
''}")
|
||||||
|
|
||||||
, ("M4-<F5>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 1")
|
, ("M4-<F5>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 1")
|
||||||
, ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10")
|
, ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10")
|
||||||
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
|
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
|
||||||
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
|
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
|
||||||
|
|
||||||
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
|
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
|
||||||
|
|
||||||
|
--, ("M4-w", screenWorkspace 0 >>= (windows . W.greedyView))
|
||||||
|
--, ("M4-e", screenWorkspace 1 >>= (windows . W.greedyView))
|
||||||
|
--, ("M4-r", screenWorkspace 2 >>= (windows . W.greedyView))
|
||||||
]
|
]
|
||||||
|
|
||||||
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
|
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
|
@ -1,40 +1,39 @@
|
|||||||
{ config, pkgs, ... }@args:
|
with import <stockholm/lib>;
|
||||||
|
self: super: let
|
||||||
|
|
||||||
{
|
# This callPackage will try to detect obsolete overrides.
|
||||||
nixpkgs.config.packageOverrides = rec {
|
callPackage = path: args: let
|
||||||
acronym = pkgs.callPackage ./acronym/default.nix {};
|
override = super.callPackage path args;
|
||||||
dpass = pkgs.callPackage ./dpass {};
|
upstream = optionalAttrs (override ? "name")
|
||||||
firefoxPlugins = {
|
(super.${(parseDrvName override.name).name} or {});
|
||||||
noscript = pkgs.callPackage ./firefoxPlugins/noscript.nix {};
|
in if upstream ? "name" &&
|
||||||
ublock = pkgs.callPackage ./firefoxPlugins/ublock.nix {};
|
override ? "name" &&
|
||||||
vimperator = pkgs.callPackage ./firefoxPlugins/vimperator.nix {};
|
compareVersions upstream.name override.name != -1
|
||||||
};
|
then
|
||||||
init = pkgs.callPackage ./init/default.nix args;
|
trace
|
||||||
logify = pkgs.callPackage ./logify/default.nix {};
|
"Upstream `${upstream.name}' gets overridden by `${override.name}'."
|
||||||
mk_sql_pair = pkgs.callPackage ./mk_sql_pair/default.nix {};
|
override
|
||||||
mpv-poll = pkgs.callPackage ./mpv-poll/default.nix {};
|
else override;
|
||||||
pop = pkgs.callPackage ./pop/default.nix {};
|
|
||||||
q = pkgs.callPackage ./q {};
|
|
||||||
rs = pkgs.callPackage ./rs/default.nix {};
|
|
||||||
urban = pkgs.callPackage ./urban/default.nix {};
|
|
||||||
xml2json = pkgs.callPackage ./xml2json/default.nix {};
|
|
||||||
xmonad-lass = import ./xmonad-lass.nix { inherit config pkgs; };
|
|
||||||
yt-next = pkgs.callPackage ./yt-next/default.nix {};
|
|
||||||
|
|
||||||
bank = pkgs.writeDashBin "bank" ''
|
subdirsOf = path:
|
||||||
|
mapAttrs (name: _: path + "/${name}")
|
||||||
|
(filterAttrs (_: eq "directory") (readDir path));
|
||||||
|
|
||||||
|
in {
|
||||||
|
bank = self.writeDashBin "bank" ''
|
||||||
tmp=$(mktemp)
|
tmp=$(mktemp)
|
||||||
${pkgs.pass}/bin/pass show hledger > $tmp
|
${self.pass}/bin/pass show hledger > $tmp
|
||||||
${pkgs.hledger}/bin/hledger --file=$tmp "$@"
|
${self.hledger}/bin/hledger --file=$tmp "$@"
|
||||||
${pkgs.pass}/bin/pass show hledger | if ${pkgs.diffutils}/bin/diff $tmp -; then
|
${self.pass}/bin/pass show hledger | if ${self.diffutils}/bin/diff $tmp -; then
|
||||||
exit 0
|
exit 0
|
||||||
else
|
else
|
||||||
${pkgs.coreutils}/bin/cat $tmp | ${pkgs.pass}/bin/pass insert -m hledger
|
${self.coreutils}/bin/cat $tmp | ${self.pass}/bin/pass insert -m hledger
|
||||||
fi
|
fi
|
||||||
${pkgs.coreutils}/bin/rm $tmp
|
${self.coreutils}/bin/rm $tmp
|
||||||
'';
|
'';
|
||||||
screengrab = pkgs.writeDashBin "screengrab" ''
|
rtl8814au = callPackage ./custom/rtl8814au { kernel = self.linux; };
|
||||||
resolution="$(${pkgs.xorg.xrandr}/bin/xrandr | ${pkgs.gnugrep}/bin/grep '*' | ${pkgs.gawk}/bin/awk '{print $1}')"
|
|
||||||
${pkgs.ffmpeg}/bin/ffmpeg -f x11grab -r 25 -i :${toString config.services.xserver.display} -s $resolution -c:v huffyuv $1
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// mapAttrs (_: flip callPackage {})
|
||||||
|
(filterAttrs (_: dir: pathExists (dir + "/default.nix"))
|
||||||
|
(subdirsOf ./.))
|
||||||
|
42
lass/5pkgs/xephyrify/default.nix
Normal file
42
lass/5pkgs/xephyrify/default.nix
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
{ writeDashBin, writeHaskell, coreutils, xorg, virtualgl, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
minimalXmonad = writeHaskell "minimalXmonad" {
|
||||||
|
executables.xmonad = {
|
||||||
|
extra-depends = [
|
||||||
|
"containers"
|
||||||
|
"xmonad"
|
||||||
|
];
|
||||||
|
text = /* haskell */ ''
|
||||||
|
module Main where
|
||||||
|
import XMonad
|
||||||
|
import qualified Data.Map as Map
|
||||||
|
|
||||||
|
main :: IO ()
|
||||||
|
main = do
|
||||||
|
xmonad def
|
||||||
|
{ workspaces = [ "1" ]
|
||||||
|
, layoutHook = myLayoutHook
|
||||||
|
, keys = myKeys
|
||||||
|
, normalBorderColor = "#000000"
|
||||||
|
, focusedBorderColor = "#000000"
|
||||||
|
}
|
||||||
|
|
||||||
|
myLayoutHook = Full
|
||||||
|
myKeys _ = Map.fromList []
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
in writeDashBin "xephyrify" ''
|
||||||
|
NDISPLAY=:$(${coreutils}/bin/shuf -i 100-65536 -n 1)
|
||||||
|
echo "using DISPLAY $NDISPLAY"
|
||||||
|
${xorg.xorgserver}/bin/Xephyr -br -ac -reset -terminate -resizeable $NDISPLAY &
|
||||||
|
XEPHYR_PID=$!
|
||||||
|
DISPLAY=$NDISPLAY ${minimalXmonad}/bin/xmonad &
|
||||||
|
XMONAD_PID=$!
|
||||||
|
DISPLAY=$NDISPLAY ${virtualgl}/bin/vglrun "$@"
|
||||||
|
kill $XMONAD_PID
|
||||||
|
kill $XEPHYR_PID
|
||||||
|
''
|
@ -1,9 +1,9 @@
|
|||||||
_:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../krebs
|
../krebs
|
||||||
./2configs
|
./2configs
|
||||||
./3modules
|
./3modules
|
||||||
./5pkgs
|
|
||||||
];
|
];
|
||||||
|
nixpkgs.config.packageOverrides = import ./5pkgs pkgs;
|
||||||
}
|
}
|
||||||
|
@ -4,6 +4,11 @@ host@{ name, secure ? false, override ? {} }: let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "lass";
|
else "lass";
|
||||||
_file = <stockholm> + "/lass/1systems/${name}/source.nix";
|
_file = <stockholm> + "/lass/1systems/${name}/source.nix";
|
||||||
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
in
|
in
|
||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
{
|
{
|
||||||
@ -17,6 +22,7 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
}
|
}
|
||||||
override
|
override
|
||||||
]
|
]
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
let
|
let
|
||||||
inherit (lib)
|
inherit (lib)
|
||||||
all any concatMapStringsSep concatStringsSep const filter flip
|
all any attrNames concatMapStringsSep concatStringsSep const filter flip
|
||||||
genid hasSuffix head isInt isString length mergeOneOption mkOption
|
genid hasSuffix head isInt isString length mergeOneOption mkOption
|
||||||
mkOptionType optional optionalAttrs optionals range splitString
|
mkOptionType optional optionalAttrs optionals range splitString
|
||||||
stringLength substring test testString typeOf;
|
stringLength substring test testString typeOf;
|
||||||
@ -231,61 +231,58 @@ rec {
|
|||||||
source = submodule ({ config, ... }: {
|
source = submodule ({ config, ... }: {
|
||||||
options = {
|
options = {
|
||||||
type = let
|
type = let
|
||||||
types = [
|
known-types = attrNames source-types;
|
||||||
"file"
|
type-candidates = filter (k: config.${k} != null) known-types;
|
||||||
"git"
|
|
||||||
"pass"
|
|
||||||
"symlink"
|
|
||||||
];
|
|
||||||
in mkOption {
|
in mkOption {
|
||||||
type = enum types;
|
default = if length type-candidates == 1
|
||||||
default = let
|
then head type-candidates
|
||||||
cands = filter (k: config.${k} != null) types;
|
|
||||||
in
|
|
||||||
if length cands == 1
|
|
||||||
then head cands
|
|
||||||
else throw "cannot determine type";
|
else throw "cannot determine type";
|
||||||
|
type = enum known-types;
|
||||||
};
|
};
|
||||||
file = let
|
file = mkOption {
|
||||||
file-path = (file-source.getSubOptions "FIXME").path.type;
|
|
||||||
in mkOption {
|
|
||||||
type = nullOr (either file-source file-path);
|
|
||||||
default = null;
|
|
||||||
apply = x:
|
apply = x:
|
||||||
if file-path.check x
|
if absolute-pathname.check x
|
||||||
then { path = x; }
|
then { path = x; }
|
||||||
else x;
|
else x;
|
||||||
|
default = null;
|
||||||
|
type = nullOr (either absolute-pathname source-types.file);
|
||||||
};
|
};
|
||||||
git = mkOption {
|
git = mkOption {
|
||||||
type = nullOr git-source;
|
|
||||||
default = null;
|
default = null;
|
||||||
|
type = nullOr source-types.git;
|
||||||
};
|
};
|
||||||
pass = mkOption {
|
pass = mkOption {
|
||||||
type = nullOr pass-source;
|
|
||||||
default = null;
|
default = null;
|
||||||
|
type = nullOr source-types.pass;
|
||||||
};
|
};
|
||||||
symlink = let
|
pipe = mkOption {
|
||||||
symlink-target = (symlink-source.getSubOptions "FIXME").target.type;
|
apply = x:
|
||||||
in mkOption {
|
if absolute-pathname.check x
|
||||||
type = nullOr (either symlink-source symlink-target);
|
then { command = x; }
|
||||||
|
else x;
|
||||||
|
default = null;
|
||||||
|
type = nullOr (either absolute-pathname source-types.pipe);
|
||||||
|
};
|
||||||
|
symlink = mkOption {
|
||||||
|
type = nullOr (either pathname source-types.symlink);
|
||||||
default = null;
|
default = null;
|
||||||
apply = x:
|
apply = x:
|
||||||
if symlink-target.check x
|
if pathname.check x
|
||||||
then { target = x; }
|
then { target = x; }
|
||||||
else x;
|
else x;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
file-source = submodule {
|
source-types = {
|
||||||
|
file = submodule {
|
||||||
options = {
|
options = {
|
||||||
path = mkOption {
|
path = mkOption {
|
||||||
type = absolute-pathname;
|
type = absolute-pathname;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
git = submodule {
|
||||||
git-source = submodule {
|
|
||||||
options = {
|
options = {
|
||||||
ref = mkOption {
|
ref = mkOption {
|
||||||
type = str; # TODO types.git.ref
|
type = str; # TODO types.git.ref
|
||||||
@ -295,8 +292,7 @@ rec {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
pass = submodule {
|
||||||
pass-source = submodule {
|
|
||||||
options = {
|
options = {
|
||||||
dir = mkOption {
|
dir = mkOption {
|
||||||
type = absolute-pathname;
|
type = absolute-pathname;
|
||||||
@ -306,8 +302,14 @@ rec {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
pipe = submodule {
|
||||||
symlink-source = submodule {
|
options = {
|
||||||
|
command = mkOption {
|
||||||
|
type = absolute-pathname;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
symlink = submodule {
|
||||||
options = {
|
options = {
|
||||||
target = mkOption {
|
target = mkOption {
|
||||||
type = pathname; # TODO relative-pathname
|
type = pathname; # TODO relative-pathname
|
||||||
@ -315,6 +317,7 @@ rec {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
suffixed-str = suffs:
|
suffixed-str = suffs:
|
||||||
mkOptionType {
|
mkOptionType {
|
||||||
|
@ -148,6 +148,11 @@ in {
|
|||||||
allowedIPs = [ "10.244.0.5/32" ];
|
allowedIPs = [ "10.244.0.5/32" ];
|
||||||
publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
|
publicKey = "QJMwwYu/92koCASbHnR/vqe/rN00EV6/o7BGwLockDw=";
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
# workr
|
||||||
|
allowedIPs = [ "10.244.0.6/32" ];
|
||||||
|
publicKey = "OFhCF56BrV9tjqW1sxqXEKH/GdqamUT1SqZYSADl5GA=";
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -19,22 +19,24 @@ let
|
|||||||
# __FRONT_
|
# __FRONT_
|
||||||
# |* d0 |
|
# |* d0 |
|
||||||
# | |
|
# | |
|
||||||
# |* d3 |
|
# |* d1 |
|
||||||
# | |
|
# | |
|
||||||
# |* d3 |
|
# |* d3 |
|
||||||
# | |
|
# | |
|
||||||
# |* |
|
# |* |
|
||||||
# |* d2 |
|
# |* d2 |
|
||||||
# | * r0 |
|
# | * |
|
||||||
|
# | * |
|
||||||
# |_______|
|
# |_______|
|
||||||
cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6";
|
cryptDisk0 = byid "ata-ST2000DM001-1CH164_Z240XTT6";
|
||||||
cryptDisk1 = byid "ata-TP02000GB_TPW151006050068";
|
cryptDisk1 = byid "ata-TP02000GB_TPW151006050068";
|
||||||
cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
|
cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
|
||||||
|
cryptDisk3 = byid "ata-ST8000DM004-2CX188_ZCT01SG4";
|
||||||
# cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907";
|
# cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907";
|
||||||
# all physical disks
|
# all physical disks
|
||||||
|
|
||||||
# TODO callPackage ../3modules/MonitorDisks { disks = allDisks }
|
# TODO callPackage ../3modules/MonitorDisks { disks = allDisks }
|
||||||
dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 ];
|
dataDisks = [ cryptDisk0 cryptDisk1 cryptDisk2 cryptDisk3 ];
|
||||||
allDisks = [ rootDisk ] ++ dataDisks;
|
allDisks = [ rootDisk ] ++ dataDisks;
|
||||||
in {
|
in {
|
||||||
imports =
|
imports =
|
||||||
@ -68,6 +70,8 @@ in {
|
|||||||
<stockholm/makefu/2configs/syncthing.nix>
|
<stockholm/makefu/2configs/syncthing.nix>
|
||||||
<stockholm/makefu/2configs/mqtt.nix>
|
<stockholm/makefu/2configs/mqtt.nix>
|
||||||
<stockholm/makefu/2configs/remote-build/slave.nix>
|
<stockholm/makefu/2configs/remote-build/slave.nix>
|
||||||
|
<stockholm/makefu/2configs/deployment/google-muell.nix>
|
||||||
|
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
|
|
||||||
|
|
||||||
# security
|
# security
|
||||||
@ -116,7 +120,6 @@ in {
|
|||||||
services.sabnzbd.enable = true;
|
services.sabnzbd.enable = true;
|
||||||
systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
systemd.services.sabnzbd.environment.SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
|
||||||
makefu.ps3netsrv = {
|
makefu.ps3netsrv = {
|
||||||
enable = true;
|
enable = true;
|
||||||
servedir = "/media/cryptX/emu/ps3";
|
servedir = "/media/cryptX/emu/ps3";
|
||||||
@ -126,6 +129,7 @@ in {
|
|||||||
|
|
||||||
makefu.snapraid = {
|
makefu.snapraid = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
# TODO: 3 is not protected
|
||||||
disks = map toMapper [ 0 1 ];
|
disks = map toMapper [ 0 1 ];
|
||||||
parity = toMapper 2;
|
parity = toMapper 2;
|
||||||
};
|
};
|
||||||
@ -150,6 +154,7 @@ in {
|
|||||||
in cryptMount "crypt0"
|
in cryptMount "crypt0"
|
||||||
// cryptMount "crypt1"
|
// cryptMount "crypt1"
|
||||||
// cryptMount "crypt2"
|
// cryptMount "crypt2"
|
||||||
|
// cryptMount "crypt3"
|
||||||
// { "/media/cryptX" = {
|
// { "/media/cryptX" = {
|
||||||
device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 ]);
|
device = (lib.concatMapStringsSep ":" (d: (toMapper d)) [ 0 1 2 ]);
|
||||||
fsType = "mergerfs";
|
fsType = "mergerfs";
|
||||||
@ -178,6 +183,7 @@ in {
|
|||||||
(usbkey "crypt0" cryptDisk0)
|
(usbkey "crypt0" cryptDisk0)
|
||||||
(usbkey "crypt1" cryptDisk1)
|
(usbkey "crypt1" cryptDisk1)
|
||||||
(usbkey "crypt2" cryptDisk2)
|
(usbkey "crypt2" cryptDisk2)
|
||||||
|
(usbkey "crypt3" cryptDisk3)
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
loader.grub.device = lib.mkForce rootDisk;
|
loader.grub.device = lib.mkForce rootDisk;
|
||||||
|
@ -5,32 +5,35 @@
|
|||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
(toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
|
|
||||||
(toString <nixpkgs/nixos/modules/virtualisation/virtualbox-guest.nix>)
|
# <stockholm/makefu/2configs/hw/vbox-guest.nix>
|
||||||
|
{ # until virtualbox-image is fixed
|
||||||
|
imports = [
|
||||||
|
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
|
||||||
|
];
|
||||||
|
boot.loader.grub.device = "/dev/sda";
|
||||||
|
}
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
# <secrets/extra-hosts.nix>
|
# <secrets/extra-hosts.nix>
|
||||||
|
|
||||||
# environment
|
# environment
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
|
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
|
|
||||||
];
|
];
|
||||||
# workaround for https://github.com/NixOS/nixpkgs/issues/16641
|
|
||||||
services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
|
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
# allow sdev to deploy self
|
# allow sdev to deploy self
|
||||||
users.extraUsers = {
|
users.extraUsers = {
|
||||||
root = {
|
root = {
|
||||||
openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ];
|
openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
# corefonts
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs;[
|
environment.systemPackages = with pkgs;[
|
||||||
ppp xclip
|
ppp xclip
|
||||||
get
|
get
|
||||||
passwdqc-utils
|
passwdqc-utils
|
||||||
docker
|
|
||||||
gnupg
|
gnupg
|
||||||
populate
|
populate
|
||||||
(pkgs.writeScriptBin "tor-browser" ''
|
(pkgs.writeScriptBin "tor-browser" ''
|
||||||
@ -39,18 +42,11 @@
|
|||||||
'')
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
25
|
25
|
||||||
80
|
80
|
||||||
8010
|
8010
|
||||||
];
|
];
|
||||||
|
|
||||||
fileSystems."/media/share" = {
|
|
||||||
fsType = "vboxsf";
|
|
||||||
device = "share";
|
|
||||||
options = [ "rw" "uid=9001" "gid=9001" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -8,30 +8,9 @@
|
|||||||
{
|
{
|
||||||
imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
|
imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
|
||||||
boot.loader.grub.device = "/dev/sda";
|
boot.loader.grub.device = "/dev/sda";
|
||||||
virtualisation.virtualbox.guest.enable = true;
|
|
||||||
}
|
}
|
||||||
# {
|
# <stockholm/makefu/2configs/hw/vbox-guest.nix>
|
||||||
# imports = [
|
|
||||||
# <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>
|
|
||||||
# ];
|
|
||||||
# virtualbox.baseImageSize = 35 * 1024;
|
|
||||||
# fileSystems."/media/share" = {
|
|
||||||
# fsType = "vboxsf";
|
|
||||||
# device = "share";
|
|
||||||
# options = [ "rw" "uid=9001" "gid=9001" ];
|
|
||||||
# };
|
|
||||||
# }
|
|
||||||
|
|
||||||
# {
|
|
||||||
# imports = [
|
|
||||||
# <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
|
# <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
|
||||||
# ];
|
|
||||||
# fileSystems."/nix" = {
|
|
||||||
# device ="/dev/disk/by-label/nixstore";
|
|
||||||
# fsType = "ext4";
|
|
||||||
# };
|
|
||||||
# }
|
|
||||||
|
|
||||||
|
|
||||||
# base gui
|
# base gui
|
||||||
# <stockholm/makefu/2configs/main-laptop.nix>
|
# <stockholm/makefu/2configs/main-laptop.nix>
|
||||||
@ -75,14 +54,8 @@
|
|||||||
];
|
];
|
||||||
networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
|
networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
# allow vbob to deploy self
|
# allow vbob to deploy self
|
||||||
users.extraUsers = {
|
users.extraUsers.root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ];
|
||||||
root = {
|
|
||||||
openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
forti = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn";
|
forti = "cat ~/vpn/pw.txt | xclip; sudo forticlientsslvpn";
|
||||||
@ -94,16 +67,18 @@
|
|||||||
ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd
|
ln -fs ${pkgs.ppp}/bin/pppd /usr/sbin/pppd
|
||||||
ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail
|
ln -fs ${pkgs.coreutils}/bin/tail /usr/bin/tail
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
# for forticlient
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs;[
|
environment.systemPackages = with pkgs;[
|
||||||
fortclientsslvpn ppp xclip
|
fortclientsslvpn ppp xclip
|
||||||
get
|
get
|
||||||
logstash
|
logstash
|
||||||
# docker
|
|
||||||
#devpi-web
|
#devpi-web
|
||||||
#devpi-client
|
#devpi-client
|
||||||
ansible
|
ansible
|
||||||
];
|
];
|
||||||
# virtualisation.docker.enable = true;
|
|
||||||
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
@ -111,6 +86,6 @@
|
|||||||
80
|
80
|
||||||
8010
|
8010
|
||||||
];
|
];
|
||||||
|
# required for qemu
|
||||||
systemd.services."serial-getty@ttyS0".enable = true;
|
systemd.services."serial-getty@ttyS0".enable = true;
|
||||||
}
|
}
|
||||||
|
@ -18,7 +18,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
<stockholm/makefu/2configs/mqtt.nix>
|
<stockholm/makefu/2configs/mqtt.nix>
|
||||||
# <stockholm/makefu/2configs/gui/wbob-kiosk.nix>
|
<stockholm/makefu/2configs/gui/wbob-kiosk.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/stats/client.nix>
|
<stockholm/makefu/2configs/stats/client.nix>
|
||||||
|
|
||||||
@ -29,8 +29,69 @@ in {
|
|||||||
# <stockholm/makefu/2configs/vncserver.nix>
|
# <stockholm/makefu/2configs/vncserver.nix>
|
||||||
|
|
||||||
# Services
|
# Services
|
||||||
<stockholm/makefu/2configs/remote-build/slave.nix>
|
<stockholm/makefu/2configs/hydra/stockholm.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/share/wbob.nix>
|
<stockholm/makefu/2configs/share/wbob.nix>
|
||||||
|
(let
|
||||||
|
musicDirectory = "/data/music";
|
||||||
|
in {
|
||||||
|
services.mpd = {
|
||||||
|
enable = true;
|
||||||
|
inherit musicDirectory;
|
||||||
|
# dataDir = "/home/anders/.mpd";
|
||||||
|
network.listenAddress = "any";
|
||||||
|
extraConfig = ''
|
||||||
|
audio_output {
|
||||||
|
type "pulse"
|
||||||
|
name "Local MPD"
|
||||||
|
server "127.0.0.1"
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
# open because of truestedInterfaces
|
||||||
|
# networking.firewall.allowedTCPPorts = [ 6600 4713 ];
|
||||||
|
services.samba.shares.music = {
|
||||||
|
path = musicDirectory;
|
||||||
|
"read only" = "no";
|
||||||
|
browseable = "yes";
|
||||||
|
"guest ok" = "yes";
|
||||||
|
};
|
||||||
|
|
||||||
|
sound.enable = true;
|
||||||
|
hardware.pulseaudio = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.pulseaudioFull;
|
||||||
|
# systemWide = true;
|
||||||
|
support32Bit = true;
|
||||||
|
zeroconf.discovery.enable = true;
|
||||||
|
zeroconf.publish.enable = true;
|
||||||
|
tcp = {
|
||||||
|
enable = true;
|
||||||
|
anonymousClients.allowAll = true;
|
||||||
|
anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ];
|
||||||
|
};
|
||||||
|
configFile = pkgs.writeText "default.pa" ''
|
||||||
|
load-module module-udev-detect
|
||||||
|
load-module module-bluetooth-policy
|
||||||
|
load-module module-bluetooth-discover
|
||||||
|
load-module module-native-protocol-unix
|
||||||
|
load-module module-always-sink
|
||||||
|
load-module module-console-kit
|
||||||
|
load-module module-systemd-login
|
||||||
|
load-module module-intended-roles
|
||||||
|
load-module module-position-event-sounds
|
||||||
|
load-module module-filter-heuristics
|
||||||
|
load-module module-filter-apply
|
||||||
|
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
|
||||||
|
load-module module-switch-on-connect
|
||||||
|
# may be required for "system-wide" pulse to connect to bluetooth
|
||||||
|
#module-bluez5-device
|
||||||
|
#module-bluez5-discover
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
|
||||||
|
hardware.bluetooth.enable = true;
|
||||||
|
})
|
||||||
|
|
||||||
# Sensors
|
# Sensors
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
@ -147,7 +208,10 @@ in {
|
|||||||
boot.loader.grub.device = rootdisk;
|
boot.loader.grub.device = rootdisk;
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
|
boot.kernelModules = [ "kvm-intel"
|
||||||
|
"snd-seq" "snd-rawmidi"
|
||||||
|
];
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
"/" = {
|
"/" = {
|
||||||
device = rootdisk + "-part1";
|
device = rootdisk + "-part1";
|
||||||
@ -174,66 +238,4 @@ in {
|
|||||||
serverAddress = "x.r";
|
serverAddress = "x.r";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
security.wrappers.fping = {
|
|
||||||
source = "${pkgs.fping}/bin/fping";
|
|
||||||
setuid = true;
|
|
||||||
};
|
|
||||||
services.smokeping = {
|
|
||||||
enable = true;
|
|
||||||
targetConfig = ''
|
|
||||||
probe = FPing
|
|
||||||
menu = Top
|
|
||||||
title = Network Latency Grapher
|
|
||||||
remark = Welcome to this SmokePing website.
|
|
||||||
|
|
||||||
+ network
|
|
||||||
menu = Net latency
|
|
||||||
title = Network latency (ICMP pings)
|
|
||||||
|
|
||||||
++ google
|
|
||||||
probe = FPing
|
|
||||||
host = google.de
|
|
||||||
++ webde
|
|
||||||
probe = FPing
|
|
||||||
host = web.de
|
|
||||||
|
|
||||||
+ services
|
|
||||||
menu = Service latency
|
|
||||||
title = Service latency (DNS, HTTP)
|
|
||||||
|
|
||||||
++ HTTP
|
|
||||||
menu = HTTP latency
|
|
||||||
title = Service latency (HTTP)
|
|
||||||
|
|
||||||
+++ webdeping
|
|
||||||
probe = EchoPingHttp
|
|
||||||
host = web.de
|
|
||||||
|
|
||||||
+++ googwebping
|
|
||||||
probe = EchoPingHttp
|
|
||||||
host = google.de
|
|
||||||
|
|
||||||
#+++ webwww
|
|
||||||
#probe = Curl
|
|
||||||
#host = web.de
|
|
||||||
|
|
||||||
#+++ googwebwww
|
|
||||||
#probe = Curl
|
|
||||||
#host = google.de
|
|
||||||
'';
|
|
||||||
probeConfig = ''
|
|
||||||
+ FPing
|
|
||||||
binary = /run/wrappers/bin/fping
|
|
||||||
+ EchoPingHttp
|
|
||||||
pings = 5
|
|
||||||
url = /
|
|
||||||
|
|
||||||
#+ Curl
|
|
||||||
## probe-specific variables
|
|
||||||
#binary = ${pkgs.curl}/bin/curl
|
|
||||||
#step = 60
|
|
||||||
## a default for this target-specific variable
|
|
||||||
#urlformat = http://%host%/
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
@ -40,7 +40,7 @@ with import <stockholm/lib>;
|
|||||||
# Virtualization
|
# Virtualization
|
||||||
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
<stockholm/makefu/2configs/virtualisation/libvirt.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
<stockholm/makefu/2configs/virtualisation/docker.nix>
|
||||||
<stockholm/makefu/2configs/virtualisation/virtualbox.nix>
|
# <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
|
||||||
{
|
{
|
||||||
networking.firewall.allowedTCPPorts = [ 8080 ];
|
networking.firewall.allowedTCPPorts = [ 8080 ];
|
||||||
networking.nat = {
|
networking.nat = {
|
||||||
@ -59,8 +59,9 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
# Hardware
|
# Hardware
|
||||||
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
||||||
<stockholm/makefu/2configs/hw/rtl8812au.nix>
|
# <stockholm/makefu/2configs/hw/tpm.nix>
|
||||||
<stockholm/makefu/2configs/hw/wwan.nix>
|
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
||||||
|
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||||
<stockholm/makefu/2configs/hw/stk1160.nix>
|
<stockholm/makefu/2configs/hw/stk1160.nix>
|
||||||
# <stockholm/makefu/2configs/rad1o.nix>
|
# <stockholm/makefu/2configs/rad1o.nix>
|
||||||
|
|
||||||
@ -77,18 +78,82 @@ with import <stockholm/lib>;
|
|||||||
# <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
|
# <stockholm/makefu/2configs/lanparty/lancache-dns.nix>
|
||||||
# <stockholm/makefu/2configs/lanparty/samba.nix>
|
# <stockholm/makefu/2configs/lanparty/samba.nix>
|
||||||
# <stockholm/makefu/2configs/lanparty/mumble-server.nix>
|
# <stockholm/makefu/2configs/lanparty/mumble-server.nix>
|
||||||
|
# <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
|
||||||
|
|
||||||
|
{
|
||||||
|
networking.wireguard.interfaces.wg0 = {
|
||||||
|
ips = [ "10.244.0.2/24" ];
|
||||||
|
privateKeyFile = (toString <secrets>) + "/wireguard.key";
|
||||||
|
allowedIPsAsRoutes = true;
|
||||||
|
peers = [
|
||||||
|
{
|
||||||
|
# gum
|
||||||
|
endpoint = "${config.krebs.hosts.gum.nets.internet.ip4.addr}:51820";
|
||||||
|
allowedIPs = [ "10.244.0.0/24" ];
|
||||||
|
publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
|
||||||
|
}
|
||||||
|
#{
|
||||||
|
# # vbob
|
||||||
|
# allowedIPs = [ "10.244.0.3/32" ];
|
||||||
|
# publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
|
||||||
|
#}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{ # bluetooth+pulse config
|
||||||
|
# for blueman-applet
|
||||||
|
users.users.makefu.packages = [
|
||||||
|
pkgs.blueman
|
||||||
|
];
|
||||||
|
hardware.pulseaudio = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.pulseaudioFull;
|
||||||
|
# systemWide = true;
|
||||||
|
support32Bit = true;
|
||||||
|
configFile = pkgs.writeText "default.pa" ''
|
||||||
|
load-module module-udev-detect
|
||||||
|
load-module module-bluetooth-policy
|
||||||
|
load-module module-bluetooth-discover
|
||||||
|
load-module module-native-protocol-unix
|
||||||
|
load-module module-always-sink
|
||||||
|
load-module module-console-kit
|
||||||
|
load-module module-systemd-login
|
||||||
|
load-module module-intended-roles
|
||||||
|
load-module module-position-event-sounds
|
||||||
|
load-module module-filter-heuristics
|
||||||
|
load-module module-filter-apply
|
||||||
|
load-module module-switch-on-connect
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# presumably a2dp Sink
|
||||||
|
# Enable profile:
|
||||||
|
## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
|
||||||
|
hardware.bluetooth.extraConfig = '';
|
||||||
|
[general]
|
||||||
|
Enable=Source,Sink,Media,Socket
|
||||||
|
'';
|
||||||
|
|
||||||
|
# connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
|
||||||
|
hardware.bluetooth.enable = true;
|
||||||
|
}
|
||||||
|
{ # auto-mounting
|
||||||
|
services.udisks2.enable = true;
|
||||||
|
services.devmon.enable = true;
|
||||||
|
# services.gnome3.gvfs.enable = true;
|
||||||
|
users.users.makefu.packages = with pkgs;[
|
||||||
|
gvfs pcmanfm lxmenu-data
|
||||||
|
];
|
||||||
|
environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ];
|
||||||
|
}
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
makefu.server.primary-itf = "wlp3s0";
|
makefu.server.primary-itf = "wlp3s0";
|
||||||
makefu.full-populate = true;
|
makefu.full-populate = true;
|
||||||
makefu.umts.apn = "web.vodafone.de";
|
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
environment.systemPackages = [ pkgs.passwdqc-utils ];
|
|
||||||
|
|
||||||
|
|
||||||
# configure pulseAudio to provide a HDMI sink as well
|
# configure pulseAudio to provide a HDMI sink as well
|
||||||
networking.firewall.enable = true;
|
networking.firewall.enable = true;
|
||||||
networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ];
|
networking.firewall.allowedTCPPorts = [ 80 24800 26061 8000 3000 ];
|
||||||
@ -104,4 +169,11 @@ with import <stockholm/lib>;
|
|||||||
'';
|
'';
|
||||||
# hard dependency because otherwise the device will not be unlocked
|
# hard dependency because otherwise the device will not be unlocked
|
||||||
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||||
|
|
||||||
|
nix.package = pkgs.nixUnstable;
|
||||||
|
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
|
||||||
|
nixpkgs.overlays = [ (import <python/overlay.nix>) ];
|
||||||
|
|
||||||
|
# environment.variables = { GOROOT = [ "${pkgs.go.out}/share/go" ]; };
|
||||||
|
|
||||||
}
|
}
|
||||||
|
34
makefu/2configs/deployment/google-muell.nix
Normal file
34
makefu/2configs/deployment/google-muell.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{ config, lib, pkgs, buildPythonPackage, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
pkg = pkgs.ampel;
|
||||||
|
home = "/var/lib/ampel";
|
||||||
|
sec = "${toString <secrets>}/google-muell.json";
|
||||||
|
ampelsec = "${home}/google-muell.json";
|
||||||
|
esp = "192.168.1.23";
|
||||||
|
sleepval = "1800";
|
||||||
|
in {
|
||||||
|
users.users.ampel = {
|
||||||
|
uid = genid "ampel";
|
||||||
|
createHome = true;
|
||||||
|
isSystemUser = true;
|
||||||
|
inherit home;
|
||||||
|
};
|
||||||
|
systemd.services.google-muell-ampel = {
|
||||||
|
description = "Send led change to rgb cubes";
|
||||||
|
after = [ "network-online.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
User = "ampel";
|
||||||
|
ExecStartPre = pkgs.writeDash "copy-ampel-secrets" ''
|
||||||
|
cp ${sec} ${ampelsec}
|
||||||
|
chown ampel ${ampelsec}
|
||||||
|
'';
|
||||||
|
ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}";
|
||||||
|
PermissionsStartOnly = true;
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = 10;
|
||||||
|
PrivateTmp = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -2,25 +2,7 @@
|
|||||||
|
|
||||||
let
|
let
|
||||||
mq = "192.168.8.11";
|
mq = "192.168.8.11";
|
||||||
|
pkg = pkgs.ampel;
|
||||||
pkg = pkgs.python3Packages.buildPythonPackage {
|
|
||||||
name = "ampel-master";
|
|
||||||
|
|
||||||
src = pkgs.fetchgit {
|
|
||||||
url = "http://cgit.euer.krebsco.de/ampel";
|
|
||||||
rev = "531741b";
|
|
||||||
sha256 = "110yij53jz074zbswylbzcd8jy7z49r9fg6i3j1gk2y3vl91g81c";
|
|
||||||
};
|
|
||||||
propagatedBuildInputs = with pkgs.python3Packages; [
|
|
||||||
docopt
|
|
||||||
paho-mqtt
|
|
||||||
requests
|
|
||||||
pytz
|
|
||||||
influxdb
|
|
||||||
httplib2
|
|
||||||
google_api_python_client
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in {
|
in {
|
||||||
systemd.services.led-fader = {
|
systemd.services.led-fader = {
|
||||||
description = "Send led change to message queue";
|
description = "Send led change to message queue";
|
||||||
|
@ -1,6 +1,18 @@
|
|||||||
{ lib, pkgs, config, ... }:
|
{ lib, pkgs, config, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
|
# imperative in config.php:
|
||||||
|
# #local memcache:
|
||||||
|
# 'memcache.local' => '\\OC\\Memcache\\APCu',
|
||||||
|
# #local locking:
|
||||||
|
# 'memcache.locking' => '\\OC\\Memcache\\Redis',
|
||||||
|
# 'redis' =>
|
||||||
|
# array (
|
||||||
|
# 'host' => 'localhost',
|
||||||
|
# 'port' => 6379,
|
||||||
|
# ),
|
||||||
|
|
||||||
|
|
||||||
let
|
let
|
||||||
# TODO: copy-paste from lass/2/websites/util.nix
|
# TODO: copy-paste from lass/2/websites/util.nix
|
||||||
serveCloud = domains:
|
serveCloud = domains:
|
||||||
@ -124,20 +136,48 @@ let
|
|||||||
env[PATH] = ${lib.makeBinPath [ pkgs.php ]}
|
env[PATH] = ${lib.makeBinPath [ pkgs.php ]}
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
'';
|
'';
|
||||||
|
services.phpfpm.phpOptions = ''
|
||||||
|
opcache.enable=1
|
||||||
|
opcache.enable_cli=1
|
||||||
|
opcache.interned_strings_buffer=8
|
||||||
|
opcache.max_accelerated_files=10000
|
||||||
|
opcache.memory_consumption=128
|
||||||
|
opcache.save_comments=1
|
||||||
|
opcache.revalidate_freq=1
|
||||||
|
|
||||||
|
display_errors = on
|
||||||
|
display_startup_errors = on
|
||||||
|
always_populate_raw_post_data = -1
|
||||||
|
error_reporting = E_ALL | E_STRICT
|
||||||
|
html_errors = On
|
||||||
|
date.timezone = "Europe/Berlin"
|
||||||
|
# extension=${pkgs.phpPackages.memcached}/lib/php/extensions/memcached.so
|
||||||
|
extension=${pkgs.phpPackages.redis}/lib/php/extensions/redis.so
|
||||||
|
extension=${pkgs.phpPackages.apcu}/lib/php/extensions/apcu.so
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
( serveCloud [ "o.euer.krebsco.de" ] )
|
( serveCloud [ "o.euer.krebsco.de" ] )
|
||||||
];
|
];
|
||||||
|
|
||||||
services.mysql = { # TODO: currently nextcloud uses sqlite
|
services.redis.enable = true;
|
||||||
|
services.mysql = {
|
||||||
enable = false;
|
enable = false;
|
||||||
package = pkgs.mariadb;
|
package = pkgs.mariadb;
|
||||||
rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
|
rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
|
||||||
};
|
initialDatabases = [
|
||||||
services.mysqlBackup = {
|
# Or use writeText instead of literalExample?
|
||||||
enable = false;
|
#{ name = "nextcloud"; schema = literalExample "./nextcloud.sql"; }
|
||||||
databases = [ "nextcloud" ];
|
{
|
||||||
|
name = "nextcloud";
|
||||||
|
schema = pkgs.writeText "nextcloud.sql"
|
||||||
|
''
|
||||||
|
create user if not exists 'nextcloud'@'localhost' identified by 'password';
|
||||||
|
grant all privileges on nextcloud.* to 'nextcloud'@'localhost' identified by 'password';
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
# dataDir is only defined after mysql is enabled
|
# dataDir is only defined after mysql is enabled
|
||||||
# krebs.secret.files.mysql_rootPassword = {
|
# krebs.secret.files.mysql_rootPassword = {
|
||||||
|
@ -28,6 +28,7 @@ let
|
|||||||
init-stockholm = {
|
init-stockholm = {
|
||||||
cgit.desc = "Init stuff for stockholm";
|
cgit.desc = "Init stuff for stockholm";
|
||||||
};
|
};
|
||||||
|
hydra-stockholm = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
priv-repos = mapAttrs make-priv-repo {
|
priv-repos = mapAttrs make-priv-repo {
|
||||||
|
@ -48,13 +48,14 @@ in
|
|||||||
fonts = [ pkgs.terminus_font ];
|
fonts = [ pkgs.terminus_font ];
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs;[
|
users.users.${mainUser} = {
|
||||||
|
extraGroups = [ "audio" ];
|
||||||
|
packages = with pkgs;[
|
||||||
pavucontrol
|
pavucontrol
|
||||||
xlockmore
|
xlockmore
|
||||||
rxvt_unicode-with-plugins
|
rxvt_unicode-with-plugins
|
||||||
firefox
|
|
||||||
];
|
];
|
||||||
users.extraUsers.${mainUser}.extraGroups = [ "audio" ];
|
};
|
||||||
|
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -1,11 +1,13 @@
|
|||||||
{ lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
./base.nix
|
./base.nix
|
||||||
];
|
];
|
||||||
|
users.users.makefu.packages = [ pkgs.chromium ];
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
layout = lib.mkForce "de";
|
layout = lib.mkForce "de";
|
||||||
|
xkbVariant = lib.mkForce "";
|
||||||
|
|
||||||
windowManager = lib.mkForce {
|
windowManager = lib.mkForce {
|
||||||
awesome.enable = false;
|
awesome.enable = false;
|
||||||
@ -16,7 +18,7 @@
|
|||||||
# xrandrHeads = [ "HDMI1" "HDMI2" ];
|
# xrandrHeads = [ "HDMI1" "HDMI2" ];
|
||||||
# prevent screen from turning off, disable dpms
|
# prevent screen from turning off, disable dpms
|
||||||
displayManager.sessionCommands = ''
|
displayManager.sessionCommands = ''
|
||||||
xset s off -dpms
|
xset -display :0 s off -dpms
|
||||||
xrandr --output HDMI2 --right-of HDMI1
|
xrandr --output HDMI2 --right-of HDMI1
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
37
makefu/2configs/hw/network-manager.nix
Normal file
37
makefu/2configs/hw/network-manager.nix
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
users.users.makefu = {
|
||||||
|
extraGroups = [ "networkmanager" ];
|
||||||
|
packages = with pkgs;[
|
||||||
|
networkmanagerapplet
|
||||||
|
gnome3.gnome_keyring gnome3.dconf
|
||||||
|
];
|
||||||
|
};
|
||||||
|
networking.wireless.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
systemd.services.modemmanager = {
|
||||||
|
description = "ModemManager";
|
||||||
|
after = [ "network-manager.service" ];
|
||||||
|
bindsTo = [ "network-manager.service" ];
|
||||||
|
wantedBy = [ "network-manager.service" ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${pkgs.modemmanager}/bin/ModemManager";
|
||||||
|
PrivateTmp = true;
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "5";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
# TODO: put somewhere else
|
||||||
|
services.xserver.displayManager.sessionCommands = ''
|
||||||
|
${pkgs.clipit}/bin/clipit &
|
||||||
|
${pkgs.networkmanagerapplet}/bin/nm-applet &
|
||||||
|
'';
|
||||||
|
|
||||||
|
# nixOSUnstable
|
||||||
|
# networking.networkmanager.wifi = {
|
||||||
|
# powersave = true;
|
||||||
|
# scanRandMacAddress = true;
|
||||||
|
# };
|
||||||
|
}
|
16
makefu/2configs/hw/vbox-guest.nix
Normal file
16
makefu/2configs/hw/vbox-guest.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
{ lib, ...}:
|
||||||
|
{
|
||||||
|
## Guest Extensions are currently broken
|
||||||
|
imports = [
|
||||||
|
(toString <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix>)
|
||||||
|
];
|
||||||
|
virtualisation.virtualbox.guest.enable = true;
|
||||||
|
services.xserver.videoDrivers = lib.mkOverride 45 [ "virtualbox" "modesetting" ];
|
||||||
|
|
||||||
|
fileSystems."/media/share" = {
|
||||||
|
fsType = "vboxsf";
|
||||||
|
device = "share";
|
||||||
|
options = [ "rw" "uid=9001" "gid=9001" "nofail" ];
|
||||||
|
};
|
||||||
|
# virtualbox.baseImageSize = 35 * 1024;
|
||||||
|
}
|
@ -1,8 +0,0 @@
|
|||||||
_:
|
|
||||||
|
|
||||||
{
|
|
||||||
makefu.umts = {
|
|
||||||
enable = true;
|
|
||||||
modem-device = "/dev/serial/by-id/usb-Lenovo_H5321_gw_2D5A51BA0D3C3A90-if01";
|
|
||||||
};
|
|
||||||
}
|
|
34
makefu/2configs/hydra/stockholm.nix
Normal file
34
makefu/2configs/hydra/stockholm.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
# iterative:
|
||||||
|
# $ hydra-create-user krebs --password derp --role admin
|
||||||
|
# curl 'http://hydra.wbob.r/project/.new' -X PUT -H 'Host: hydra.wbob.r' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'X-Requested-With: XMLHttpRequest' -H 'Cookie: redirect_to=%252F; hydra_session=abcdefghijklmnopqrstuvwxyz' -H 'Connection: keep-alive' --data 'enabled=on&visible=on&name=stockholm&displayname=Stockholm&description=make+all+systems+into+1systems&homepage=https%3A%2F%2Fkrebsco.de&owner=krebs&declfile=spec.json&decltype=git&declvalue=http%3A%2F%2Fcgit.euer.krebsco.de%2Fhydra-stockholm'
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
# TODO postgres backup
|
||||||
|
services.postgresql.enable = true;
|
||||||
|
|
||||||
|
services.hydra = {
|
||||||
|
enable = true;
|
||||||
|
hydraURL = "http://hydra.wbob.r"; # externally visible URL
|
||||||
|
notificationSender = "hydra@wbob.r";
|
||||||
|
# you will probably also want, otherwise *everything* will be built from scratch
|
||||||
|
useSubstitutes = true;
|
||||||
|
port = 3030;
|
||||||
|
buildMachinesFiles = [];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts."hydra.wbob.r" = {
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:3030/";
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -5,5 +5,5 @@
|
|||||||
mosh
|
mosh
|
||||||
];
|
];
|
||||||
|
|
||||||
# boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
||||||
}
|
}
|
||||||
|
@ -9,8 +9,8 @@
|
|||||||
# owncloudclient
|
# owncloudclient
|
||||||
(pkgs.writeScriptBin "prepare-pulseaudio" ''
|
(pkgs.writeScriptBin "prepare-pulseaudio" ''
|
||||||
pactl load-module module-null-sink sink_name=stream sink_properties=device.description="Streaming"
|
pactl load-module module-null-sink sink_name=stream sink_properties=device.description="Streaming"
|
||||||
pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream latency_msec=1
|
pactl load-module module-loopback source=alsa_output.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo.monitor sink=stream
|
||||||
pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream latency_msec=1
|
pactl load-module module-loopback source=alsa_input.usb-Burr-Brown_from_TI_USB_Audio_CODEC-00.analog-stereo sink=stream
|
||||||
darkice -c ~/lol.conf
|
darkice -c ~/lol.conf
|
||||||
'')
|
'')
|
||||||
];
|
];
|
||||||
|
@ -34,7 +34,7 @@ in {
|
|||||||
http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
|
http://guest:derpi@cvs2svn.tigris.org/svn/cvs2svn/tags/
|
||||||
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
|
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
|
||||||
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
|
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
|
||||||
https://git.tasktools.org/TM/taskd/info/refs?service=git-upload-pack
|
|
||||||
http://www.iozone.org/src/current/
|
http://www.iozone.org/src/current/
|
||||||
|
|
||||||
{
|
{
|
||||||
@ -51,6 +51,8 @@ in {
|
|||||||
"embray/d2to1"
|
"embray/d2to1"
|
||||||
"dorimanx/exfat-nofuse"
|
"dorimanx/exfat-nofuse"
|
||||||
"rapid7/metasploit-framework"
|
"rapid7/metasploit-framework"
|
||||||
|
"GothenburgBitFactory/taskserver"
|
||||||
|
"GothenburgBitFactory/taskwarrior"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -29,15 +29,7 @@ let
|
|||||||
nixpkgs.config.packageOverrides = pkgs: rec {
|
nixpkgs.config.packageOverrides = pkgs: rec {
|
||||||
awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : {
|
awesome = pkgs.stdenv.lib.overrideDerivation pkgs.awesome (oldAttrs : {
|
||||||
postFixup = let
|
postFixup = let
|
||||||
rclua = pkgs.substituteAll {
|
rclua = cfg.baseConfig.override { inherit (cfg) modkey; };
|
||||||
src = cfg.baseConfig;
|
|
||||||
modkey = cfg.modkey;
|
|
||||||
# inherit (cfg) modkey;
|
|
||||||
amixer = "${pkgs.alsaUtils}/bin/amixer";
|
|
||||||
xlock = "${pkgs.xlockmore}/bin/xlock";
|
|
||||||
xbacklight = "${pkgs.xorg.xbacklight}/bin/xbacklight";
|
|
||||||
|
|
||||||
};
|
|
||||||
in "cp ${rclua} $out/etc/xdg/awesome/rc.lua";
|
in "cp ${rclua} $out/etc/xdg/awesome/rc.lua";
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
@ -14,8 +14,6 @@ _:
|
|||||||
./snapraid.nix
|
./snapraid.nix
|
||||||
./torrent.nix
|
./torrent.nix
|
||||||
./udpt.nix
|
./udpt.nix
|
||||||
./umts.nix
|
|
||||||
./wvdial.nix
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,84 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
let
|
|
||||||
nixpkgs-1509 = import (pkgs.fetchFromGitHub {
|
|
||||||
owner = "NixOS"; repo = "nixpkgs-channels";
|
|
||||||
rev = "91371c2bb6e20fc0df7a812332d99c38b21a2bda";
|
|
||||||
sha256 = "1as1i0j9d2n3iap9b471y4x01561r2s3vmjc5281qinirlr4al73";
|
|
||||||
}) {};
|
|
||||||
|
|
||||||
wvdial = nixpkgs-1509.wvdial; # https://github.com/NixOS/nixpkgs/issues/16113
|
|
||||||
|
|
||||||
# TODO: currently it is only netzclub
|
|
||||||
umts-bin = pkgs.writeScriptBin "umts" ''
|
|
||||||
#!/bin/sh
|
|
||||||
set -euf
|
|
||||||
systemctl start umts
|
|
||||||
trap "systemctl stop umts;trap - INT TERM EXIT;exit" INT TERM EXIT
|
|
||||||
echo nameserver 8.8.8.8 | tee -a /etc/resolv.conf
|
|
||||||
journalctl -xfu umts
|
|
||||||
'';
|
|
||||||
|
|
||||||
wvdial-defaults = ''
|
|
||||||
Phone = *99***1#
|
|
||||||
Dial Command = ATDT
|
|
||||||
Modem = ${cfg.modem-device}
|
|
||||||
Baud = 460800
|
|
||||||
Init1 = AT+CGDCONT=1,"IP","${config.makefu.umts.apn}","",0,0
|
|
||||||
Init2 = ATZ
|
|
||||||
Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
|
|
||||||
ISDN = 0
|
|
||||||
Modem Type = Analog Modem
|
|
||||||
Username = netzclub
|
|
||||||
Password = netzclub
|
|
||||||
Stupid Mode = 1
|
|
||||||
Idle Seconds = 0'';
|
|
||||||
|
|
||||||
cfg = config.makefu.umts;
|
|
||||||
|
|
||||||
out = {
|
|
||||||
options.makefu.umts = api;
|
|
||||||
config = lib.mkIf cfg.enable imp;
|
|
||||||
};
|
|
||||||
|
|
||||||
api = {
|
|
||||||
enable = mkEnableOption "umts";
|
|
||||||
|
|
||||||
modem-device = mkOption {
|
|
||||||
default = "/dev/ttyUSB0";
|
|
||||||
type = types.str;
|
|
||||||
description = ''
|
|
||||||
path to modem device, use <filename>/dev/serial/by-id/...</filename>
|
|
||||||
to avoid race conditions.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
apn = mkOption {
|
|
||||||
default = "pinternet.interkom.de";
|
|
||||||
type = types.str;
|
|
||||||
description = ''
|
|
||||||
apn to use for dailing
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
imp = {
|
|
||||||
environment.shellAliases = {
|
|
||||||
umts = "sudo ${umts-bin}/bin/umts";
|
|
||||||
};
|
|
||||||
environment.systemPackages = [ ];
|
|
||||||
|
|
||||||
environment.wvdial.dialerDefaults = wvdial-defaults;
|
|
||||||
|
|
||||||
systemd.services.umts = {
|
|
||||||
description = "UMTS wvdial Service";
|
|
||||||
serviceConfig = {
|
|
||||||
Type = "simple";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "10s";
|
|
||||||
ExecStart = "${wvdial}/bin/wvdial -n";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in out
|
|
@ -1,71 +0,0 @@
|
|||||||
# Global configuration for wvdial.
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
|
|
||||||
configFile = ''
|
|
||||||
[Dialer Defaults]
|
|
||||||
PPPD PATH = ${pkgs.ppp}/sbin/pppd
|
|
||||||
${config.environment.wvdial.dialerDefaults}
|
|
||||||
'';
|
|
||||||
|
|
||||||
cfg = config.environment.wvdial;
|
|
||||||
|
|
||||||
in
|
|
||||||
{
|
|
||||||
###### interface
|
|
||||||
|
|
||||||
options = {
|
|
||||||
|
|
||||||
environment.wvdial = {
|
|
||||||
|
|
||||||
dialerDefaults = mkOption {
|
|
||||||
default = "";
|
|
||||||
type = types.str;
|
|
||||||
example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"'';
|
|
||||||
description = ''
|
|
||||||
Contents of the "Dialer Defaults" section of
|
|
||||||
<filename>/etc/wvdial.conf</filename>.
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
pppDefaults = mkOption {
|
|
||||||
default = ''
|
|
||||||
noipdefault
|
|
||||||
usepeerdns
|
|
||||||
defaultroute
|
|
||||||
persist
|
|
||||||
noauth
|
|
||||||
'';
|
|
||||||
type = types.str;
|
|
||||||
description = "Default ppp settings for wvdial.";
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
###### implementation
|
|
||||||
|
|
||||||
config = mkIf (cfg.dialerDefaults != "") {
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
|
|
||||||
etc =
|
|
||||||
[
|
|
||||||
{ source = pkgs.writeText "wvdial.conf" configFile;
|
|
||||||
target = "wvdial.conf";
|
|
||||||
}
|
|
||||||
{ source = pkgs.writeText "wvdial" cfg.pppDefaults;
|
|
||||||
target = "ppp/peers/wvdial";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
27
makefu/5pkgs/ampel/default.nix
Normal file
27
makefu/5pkgs/ampel/default.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ lib, pkgs, fetchFromGitHub, ... }:
|
||||||
|
|
||||||
|
with pkgs.python3Packages;buildPythonPackage rec {
|
||||||
|
name = "ampel-${version}";
|
||||||
|
version = "0.2";
|
||||||
|
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
docopt
|
||||||
|
paho-mqtt
|
||||||
|
requests
|
||||||
|
pytz
|
||||||
|
influxdb
|
||||||
|
httplib2
|
||||||
|
google_api_python_client
|
||||||
|
];
|
||||||
|
|
||||||
|
src = pkgs.fetchgit {
|
||||||
|
url = "http://cgit.euer.krebsco.de/ampel";
|
||||||
|
rev = "d8a0250";
|
||||||
|
sha256 = "0n36lc17ca5db6pl6dswdqd5w9f881rfqck9yc4w33a5qpsxj85f";
|
||||||
|
};
|
||||||
|
meta = {
|
||||||
|
homepage = http://cgit.euer.krebsco.de/ampel;
|
||||||
|
description = "change colors of rgb cubes";
|
||||||
|
license = lib.licenses.asl20;
|
||||||
|
};
|
||||||
|
}
|
@ -1,7 +1,24 @@
|
|||||||
_:
|
{ pkgs
|
||||||
|
, lib
|
||||||
|
, alsaUtils
|
||||||
|
, xlockmore
|
||||||
|
, xbacklight
|
||||||
|
, modkey?"Mod4"
|
||||||
|
, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
# replace: @amixer@ @xlock@ @xbacklight@
|
# replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@
|
||||||
full = ./full.cfg;
|
full = lib.makeOverridable pkgs.substituteAll {
|
||||||
kiosk = ./kiosk.lua;
|
name = "awesome_full_config";
|
||||||
|
inherit alsaUtils xlockmore xbacklight modkey;
|
||||||
|
isExecutable = false;
|
||||||
|
src = ./full.cfg;
|
||||||
|
};
|
||||||
|
|
||||||
|
kiosk = lib.makeOverridable pkgs.substituteAll {
|
||||||
|
name = "awesome_kiosk_config";
|
||||||
|
inherit alsaUtils xlockmore xbacklight modkey;
|
||||||
|
isExecutable = false;
|
||||||
|
src = ./kiosk.lua;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -365,22 +365,22 @@ globalkeys = awful.util.table.join(
|
|||||||
{description = "restore minimized", group = "client"}),
|
{description = "restore minimized", group = "client"}),
|
||||||
|
|
||||||
awful.key({ }, "XF86MonBrightnessUp", function ()
|
awful.key({ }, "XF86MonBrightnessUp", function ()
|
||||||
awful.util.spawn("@xbacklight@ -inc 5", false) end),
|
awful.util.spawn("@xbacklight@/bin/xbacklight -inc 5", false) end),
|
||||||
awful.key({ }, "XF86MonBrightnessDown", function ()
|
awful.key({ }, "XF86MonBrightnessDown", function ()
|
||||||
awful.util.spawn("@xbacklight@ -dec 5", false) end),
|
awful.util.spawn("@xbacklight@/bin/xbacklight -dec 5", false) end),
|
||||||
|
|
||||||
awful.key({ }, "XF86AudioRaiseVolume", function ()
|
awful.key({ }, "XF86AudioRaiseVolume", function ()
|
||||||
awful.util.spawn("@amixer@ set Master 5%+", false) end),
|
awful.util.spawn("@alsaUtils@/bin/amixer set Master 5%+", false) end),
|
||||||
awful.key({ }, "XF86AudioLowerVolume", function ()
|
awful.key({ }, "XF86AudioLowerVolume", function ()
|
||||||
awful.util.spawn("@amixer@ set Master 5%-", false) end),
|
awful.util.spawn("@alsaUtils@/bin/amixer set Master 5%-", false) end),
|
||||||
awful.key({ }, "XF86AudioMute", function ()
|
awful.key({ }, "XF86AudioMute", function ()
|
||||||
awful.util.spawn("@amixer@ -q -D default sset Master toggle", false) end),
|
awful.util.spawn("@alsaUtils@/bin/amixer -q -D default sset Master toggle", false) end),
|
||||||
|
|
||||||
-- Prompt
|
-- Prompt
|
||||||
awful.key({ modkey }, "r", function () awful.screen.focused().mypromptbox:run() end,
|
awful.key({ modkey }, "r", function () awful.screen.focused().mypromptbox:run() end,
|
||||||
{description = "run prompt", group = "launcher"}),
|
{description = "run prompt", group = "launcher"}),
|
||||||
awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@xlock@ -mode blank") end),
|
awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@xlockmore@/bin/xlock -mode blank") end),
|
||||||
awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@xlock@ -mode blank") end),
|
awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@xlockmore@/bin/xlock -mode blank") end),
|
||||||
|
|
||||||
awful.key({ modkey }, "x",
|
awful.key({ modkey }, "x",
|
||||||
function ()
|
function ()
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
{}:
|
|
||||||
{
|
|
||||||
}
|
|
@ -1,6 +1,9 @@
|
|||||||
{ lib, stdenv, fetchFromGitHub, fetchgit, libusb, libtool, autoconf, pkgconfig, git,
|
{ lib, stdenv, fetchFromGitHub, fetchgit, libusb, libtool, autoconf, pkgconfig, git,
|
||||||
gettext, automake, libxml2 , qmake,
|
gettext, automake, libxml2
|
||||||
qtbase, qttools, qtmultimedia, libnotify, ffmpeg, gdk_pixbuf }:
|
, autoreconfHook
|
||||||
|
, qmake4Hook
|
||||||
|
, qmake
|
||||||
|
, qtbase, qttools, qtmultimedia, libnotify, ffmpeg, gdk_pixbuf }:
|
||||||
let
|
let
|
||||||
libvitamtp = stdenv.mkDerivation rec {
|
libvitamtp = stdenv.mkDerivation rec {
|
||||||
name = "libvitamtp-${version}";
|
name = "libvitamtp-${version}";
|
||||||
@ -13,8 +16,8 @@ let
|
|||||||
sha256 = "09c9f7gqpyicfpnhrfb4r67s2hci6hh31bzmqlpds4fywv5mzaf8";
|
sha256 = "09c9f7gqpyicfpnhrfb4r67s2hci6hh31bzmqlpds4fywv5mzaf8";
|
||||||
};
|
};
|
||||||
|
|
||||||
buildInputs = [ libusb libxml2 libtool autoconf automake gettext pkgconfig ];
|
buildInputs = [ libusb libxml2 libtool autoconf automake gettext pkgconfig
|
||||||
preConfigure = "sh ./autogen.sh";
|
autoreconfHook ];
|
||||||
|
|
||||||
meta = {
|
meta = {
|
||||||
description = "Content Manager Assistant for the PS Vita";
|
description = "Content Manager Assistant for the PS Vita";
|
||||||
@ -26,40 +29,29 @@ let
|
|||||||
};
|
};
|
||||||
in stdenv.mkDerivation rec {
|
in stdenv.mkDerivation rec {
|
||||||
name = "qcma-${version}";
|
name = "qcma-${version}";
|
||||||
version = "0.3.13";
|
version = "8e6cafedc0f47733f33323f829624e3fc847a176";
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchFromGitHub {
|
||||||
url = "git://github.com/codestation/qcma.git";
|
owner = "codestation";
|
||||||
rev = "refs/tags/v"+version;
|
repo = "qcma";
|
||||||
leaveDotGit = true;
|
rev = version;
|
||||||
sha256 = "164abjwlw2nw2i30wlwpsavz1zjkp6a14yprvinma5hflkw4yj6i";
|
sha256 = "1l95kx3x4pf5iwmwigbch5c6n2h27lls5qiy4xh15v59p5442yw5";
|
||||||
};
|
};
|
||||||
|
|
||||||
preConfigure = ''
|
preConfigure = ''
|
||||||
lrelease common/resources/translations/*.ts
|
lrelease common/resources/translations/*.ts
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# TODO: manually adding qtbase and qtmultimedia to the library path is shit,
|
|
||||||
# this should be done somewhere before when building the project, idk.
|
|
||||||
installPhase = ''
|
|
||||||
make INSTALL_ROOT="$(out)" install
|
|
||||||
for i in qcma qcma_cli; do
|
|
||||||
wrapQtProgram $out/bin/$i --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [
|
|
||||||
qtbase qtmultimedia ]}
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
buildInputs = [ gdk_pixbuf ffmpeg libnotify libvitamtp git qtmultimedia qtbase ];
|
buildInputs = [ gdk_pixbuf ffmpeg libnotify libvitamtp git qtmultimedia qtbase ];
|
||||||
nativeBuildInputs = [ qmake qttools pkgconfig ];
|
nativeBuildInputs = [ qttools pkgconfig qmake ];
|
||||||
|
|
||||||
meta = {
|
meta = {
|
||||||
description = "Content Manager Assistant for the PS Vita";
|
description = "Content Manager Assistant for the PS Vita";
|
||||||
homepage = https://github.com/codestation/qcma;
|
homepage = https://github.com/codestation/qcma;
|
||||||
license = stdenv.lib.licenses.gpl2;
|
license = stdenv.lib.licenses.gpl2;
|
||||||
platforms = stdenv.lib.platforms.linux;
|
platforms = stdenv.lib.platforms.linux;
|
||||||
broken = true;
|
|
||||||
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,50 +0,0 @@
|
|||||||
{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub,
|
|
||||||
libpcap, libdnet, libevent, readline, autoconf, automake, libtool, zlib, pcre,
|
|
||||||
libev,
|
|
||||||
... }:
|
|
||||||
let
|
|
||||||
liblcfg = stdenv.mkDerivation rec {
|
|
||||||
name = "liblcfg-${version}";
|
|
||||||
version = "750bc90";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "ThomasAdam";
|
|
||||||
repo = "liblcfg";
|
|
||||||
rev = version;
|
|
||||||
sha256 = "1k3r47p81paw5802jklx9xqbjrxr26pahipxn9nq3177qhxxibkr";
|
|
||||||
};
|
|
||||||
buildInputs = with pkgs;[ autoconf automake ];
|
|
||||||
preConfigure = ''autoreconf -fi'';
|
|
||||||
sourceRoot = "${name}-src/code";
|
|
||||||
};
|
|
||||||
in stdenv.mkDerivation rec {
|
|
||||||
name = "liblcfg-${version}";
|
|
||||||
|
|
||||||
#version = "1.5c"; #original, does not compile due to libc errors
|
|
||||||
#src = fetchurl {
|
|
||||||
# url = "http://www.honeyd.org/uploads/honeyd-${version}.tar.gz";
|
|
||||||
# sha256 = "0vcih16fk5pir5ssfil8x79nvi62faw0xvk8s5klnysv111db1ii";
|
|
||||||
#};
|
|
||||||
|
|
||||||
#version = "64d087c"; # honeyd-1.6.7
|
|
||||||
# sha256 = "0zhnn13r24y1q494xcfx64vyp84zqk8qmsl41fq2674230bn0p31";
|
|
||||||
|
|
||||||
version = "6756787f94c4f1ac53d1e5545d052774a0446c04";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "rep";
|
|
||||||
repo = "dionaea";
|
|
||||||
rev = version;
|
|
||||||
sha256 = "04zjr9b7x0rqwzgb9gfxq6pclb817gz4qaghdl8xa79bqf9vv2p7";
|
|
||||||
};
|
|
||||||
|
|
||||||
buildInputs = with pkgs;[ libtool automake autoconf ];
|
|
||||||
configureFlags = [
|
|
||||||
"--with-liblcfg=${liblcfg}"
|
|
||||||
"--with-libpcap=${libpcap}"
|
|
||||||
];
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
homepage = http://www.honeyd.org/;
|
|
||||||
description = "virtual Honeypots";
|
|
||||||
license = lib.licenses.gpl2;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,63 +0,0 @@
|
|||||||
{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub,
|
|
||||||
libpcap, libdnet, libevent, readline, autoconf, automake, libtool, zlib, pcre,
|
|
||||||
... }:
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "farpd-${version}";
|
|
||||||
|
|
||||||
|
|
||||||
version = "0.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = https://launchpad.net/ubuntu/+archive/primary/+files/farpd_0.2.orig.tar.gz ;
|
|
||||||
sha256 = "1m3pynvynr4vgkwh7z5i0yqlang2y0ph32cys3vbi2hx2apk9abd";
|
|
||||||
};
|
|
||||||
|
|
||||||
buildInputs = with pkgs;[
|
|
||||||
automake
|
|
||||||
gnugrep
|
|
||||||
libpcap
|
|
||||||
libdnet
|
|
||||||
pcre
|
|
||||||
libevent.out # requires .so and .h
|
|
||||||
readline
|
|
||||||
autoconf
|
|
||||||
libtool
|
|
||||||
zlib
|
|
||||||
coreutils
|
|
||||||
python
|
|
||||||
pythonPackages.pysqlite
|
|
||||||
];
|
|
||||||
patches = [
|
|
||||||
( fetchurl {
|
|
||||||
url = https://launchpad.net/ubuntu/+archive/primary/+files/farpd_0.2-11.diff.gz;
|
|
||||||
sha256 = "2c246b37de8aab9c73f955fb77101adefd90637d03f582b9f8ffae2903af2f94";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
# removes user install script from Makefile before automake
|
|
||||||
#patches = [ ./autoconf.patch ];
|
|
||||||
preConfigure = ''
|
|
||||||
autoreconf -fi
|
|
||||||
|
|
||||||
substituteInPlace configure \
|
|
||||||
--replace "dumbnet" "dnet" \
|
|
||||||
--replace "libpcap.a" "libpcap.so" \
|
|
||||||
--replace "libevent.a" "libevent.so" \
|
|
||||||
--replace "net/bpf.h" "pcap/bpf.h"
|
|
||||||
'';
|
|
||||||
|
|
||||||
makeFlags = [ "LIBS=-lz" ];
|
|
||||||
configureFlags = [
|
|
||||||
"--with-libpcap=${libpcap}"
|
|
||||||
"--with-libevent=${libevent}"
|
|
||||||
"--with-libdnet=${libdnet}"
|
|
||||||
];
|
|
||||||
postInstall = ''
|
|
||||||
mv $out/sbin/arpd $out/sbin/farpd
|
|
||||||
mv $out/share/man/man8/arpd.8 $out/share/man/man8/farpd.8
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
homepage = https://launchpad.net/ubuntu/+source/farpd/ ;
|
|
||||||
description = "fake arp";
|
|
||||||
license = lib.licenses.gpl2;
|
|
||||||
};
|
|
||||||
}
|
|
@ -11,6 +11,10 @@ python2Packages.buildPythonPackage rec {
|
|||||||
propagatedBuildInputs = with python2Packages;
|
propagatedBuildInputs = with python2Packages;
|
||||||
[ python2Packages.pygtk gtk3 python2Packages.pillow ];
|
[ python2Packages.pygtk gtk3 python2Packages.pillow ];
|
||||||
|
|
||||||
|
# for module in sys.modules.itervalues():
|
||||||
|
# RuntimeError: dictionary changed size during iteration
|
||||||
|
doCheck = false;
|
||||||
|
|
||||||
meta = {
|
meta = {
|
||||||
homepage = https://github.com/pyload/pyload;
|
homepage = https://github.com/pyload/pyload;
|
||||||
description = "Free and Open Source download manager written in Python";
|
description = "Free and Open Source download manager written in Python";
|
||||||
|
@ -22,6 +22,7 @@ stdenv.mkDerivation rec {
|
|||||||
meta = {
|
meta = {
|
||||||
homepage = https://github.com/ifcaro/Open-PS2-Loader;
|
homepage = https://github.com/ifcaro/Open-PS2-Loader;
|
||||||
description = "open-ps2-loader utils (opl2iso,iso2opl,genvmc)";
|
description = "open-ps2-loader utils (opl2iso,iso2opl,genvmc)";
|
||||||
license = lib.licenses.afl3;
|
## not yet in stable
|
||||||
|
# license = lib.licenses.afl3;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
27
makefu/5pkgs/pfsshell/default.nix
Normal file
27
makefu/5pkgs/pfsshell/default.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "pfsshell";
|
||||||
|
version = "64f8c2";
|
||||||
|
name = "${pname}-${version}";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "makefu";
|
||||||
|
repo = "pfsshell";
|
||||||
|
rev = version;
|
||||||
|
sha256 = "01lbqf8s91p8id58xa16fp555i03vfycqvhv7qzpnrjy6yvp9dm8";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [ ];
|
||||||
|
|
||||||
|
makeFlags = [ ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp pfsshell $out/bin
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
homepage = https://github.com/uyjulian/pfsshell ;
|
||||||
|
description = "browse and transfer files to/from PFS filesystems";
|
||||||
|
};
|
||||||
|
}
|
@ -1,12 +0,0 @@
|
|||||||
{ stdenv }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "programs-db";
|
|
||||||
src = builtins.fetchTarball https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz ;
|
|
||||||
|
|
||||||
phases = [ "unpackPhase" "installPhase" ];
|
|
||||||
installPhase = ''
|
|
||||||
cp programs.sqlite $out
|
|
||||||
'';
|
|
||||||
|
|
||||||
}
|
|
@ -1,33 +0,0 @@
|
|||||||
{ pkgs, fetchFromGitHub, ... }:
|
|
||||||
with pkgs.python3Packages;
|
|
||||||
let
|
|
||||||
asyncio-irc = buildPythonPackage rec {
|
|
||||||
name = "asyncio-irc-${version}";
|
|
||||||
version = "2016-09-02";
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "watchtower";
|
|
||||||
repo = "asyncirc";
|
|
||||||
rev = "5384d19";
|
|
||||||
sha256 = "0xgzdvp0ig0im7r3vbqd3a9rzac0lkk2mvf7y4fw56p8k61df8nv";
|
|
||||||
};
|
|
||||||
propagatedBuildInputs = [ blinker ];
|
|
||||||
};
|
|
||||||
in
|
|
||||||
buildPythonPackage rec {
|
|
||||||
name = "shackie-${version}";
|
|
||||||
version = "2017-04-24";
|
|
||||||
propagatedBuildInputs = [
|
|
||||||
asyncio-irc
|
|
||||||
beautifulsoup4
|
|
||||||
lxml
|
|
||||||
pytz
|
|
||||||
redis
|
|
||||||
requests
|
|
||||||
];
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "shackspace";
|
|
||||||
repo = "shackie";
|
|
||||||
rev = "e717ec7";
|
|
||||||
sha256 = "1ffbjm3x2xcyxl42hfsjs5xg1pm0xsprdi5if9zxa5ycqydmiw3l";
|
|
||||||
};
|
|
||||||
}
|
|
1
makefu/6tests/data/secrets/torrent-secrets/auth.nix
Normal file
1
makefu/6tests/data/secrets/torrent-secrets/auth.nix
Normal file
@ -0,0 +1 @@
|
|||||||
|
{}
|
@ -13,7 +13,13 @@ let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "makefu";
|
else "makefu";
|
||||||
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
|
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
|
||||||
ref = "0f19bee"; # nixos-17.09 @ 2018-01-05
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
|
# TODO: automate updating of this ref + cherry-picks
|
||||||
|
ref = "51810e0"; # nixos-17.09 @ 2018-02-14
|
||||||
# + do_sqlite3 ruby: 55a952be5b5
|
# + do_sqlite3 ruby: 55a952be5b5
|
||||||
# + signal: 0f19beef3
|
# + signal: 0f19beef3
|
||||||
|
|
||||||
@ -41,6 +47,7 @@ in
|
|||||||
};
|
};
|
||||||
|
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
}
|
}
|
||||||
(mkIf ( musnix ) {
|
(mkIf ( musnix ) {
|
||||||
musnix.git = {
|
musnix.git = {
|
||||||
|
@ -4,6 +4,11 @@ host@{ name, override ? {} }: let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "mv";
|
else "mv";
|
||||||
_file = <stockholm> + "/mv/1systems/${name}/source.nix";
|
_file = <stockholm> + "/mv/1systems/${name}/source.nix";
|
||||||
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
in
|
in
|
||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
{
|
{
|
||||||
@ -18,6 +23,7 @@ in
|
|||||||
mv = "/home/mv/secrets/${name}";
|
mv = "/home/mv/secrets/${name}";
|
||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
}
|
}
|
||||||
override
|
override
|
||||||
]
|
]
|
||||||
|
@ -11,6 +11,7 @@ with lib;
|
|||||||
<stockholm/nin>
|
<stockholm/nin>
|
||||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
#../2configs/copyq.nix
|
#../2configs/copyq.nix
|
||||||
|
<stockholm/nin/2configs/ableton.nix>
|
||||||
<stockholm/nin/2configs/games.nix>
|
<stockholm/nin/2configs/games.nix>
|
||||||
<stockholm/nin/2configs/git.nix>
|
<stockholm/nin/2configs/git.nix>
|
||||||
<stockholm/nin/2configs/retiolum.nix>
|
<stockholm/nin/2configs/retiolum.nix>
|
||||||
@ -98,6 +99,9 @@ with lib;
|
|||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.xserver.displayManager.sessionCommands = ''
|
||||||
|
${pkgs.xorg.xhost}/bin/xhost + local:
|
||||||
|
'';
|
||||||
|
|
||||||
services.xserver.desktopManager.xfce = let
|
services.xserver.desktopManager.xfce = let
|
||||||
xbindConfig = pkgs.writeText "xbindkeysrc" ''
|
xbindConfig = pkgs.writeText "xbindkeysrc" ''
|
||||||
|
20
nin/2configs/ableton.nix
Normal file
20
nin/2configs/ableton.nix
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
{ config, pkgs, ... }: let
|
||||||
|
mainUser = config.users.extraUsers.nin;
|
||||||
|
in {
|
||||||
|
users.users= {
|
||||||
|
ableton = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [
|
||||||
|
"audio"
|
||||||
|
"video"
|
||||||
|
];
|
||||||
|
packages = [
|
||||||
|
pkgs.wine
|
||||||
|
pkgs.winetricks
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
security.sudo.extraConfig = ''
|
||||||
|
${mainUser.name} ALL=(ableton) NOPASSWD: ALL
|
||||||
|
'';
|
||||||
|
}
|
@ -36,17 +36,6 @@ let
|
|||||||
make-public-repo = name: { cgit ? {}, ... }: {
|
make-public-repo = name: { cgit ? {}, ... }: {
|
||||||
inherit cgit name;
|
inherit cgit name;
|
||||||
public = true;
|
public = true;
|
||||||
hooks = {
|
|
||||||
post-receive = pkgs.git-hooks.irc-announce {
|
|
||||||
# TODO make nick = config.krebs.build.host.name the default
|
|
||||||
nick = config.krebs.build.host.name;
|
|
||||||
channel = "#xxx";
|
|
||||||
server = "irc.r";
|
|
||||||
verbose = config.krebs.build.host.name == "onondaga";
|
|
||||||
# TODO define branches in some kind of option per repo
|
|
||||||
branches = [ "master" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
make-rules =
|
make-rules =
|
||||||
|
19
nin/2configs/im.nix
Normal file
19
nin/2configs/im.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
{
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
(pkgs.writeDashBin "im" ''
|
||||||
|
export PATH=${makeSearchPath "bin" (with pkgs; [
|
||||||
|
tmux
|
||||||
|
gnugrep
|
||||||
|
weechat
|
||||||
|
])}
|
||||||
|
ssh chat@onondaga
|
||||||
|
if tmux list-sessions -F\#S | grep -q '^im''$'; then
|
||||||
|
exec tmux attach -t im
|
||||||
|
else
|
||||||
|
exec tmux new -s im weechat
|
||||||
|
fi
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
@ -4,6 +4,11 @@ host@{ name, secure ? false }: let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "nin";
|
else "nin";
|
||||||
_file = <stockholm> + "/nin/1systems/${name}/source.nix";
|
_file = <stockholm> + "/nin/1systems/${name}/source.nix";
|
||||||
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
in
|
in
|
||||||
evalSource (toString _file) {
|
evalSource (toString _file) {
|
||||||
nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix";
|
nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix";
|
||||||
@ -12,8 +17,6 @@ in
|
|||||||
nin = "/home/nin/secrets/${name}";
|
nin = "/home/nin/secrets/${name}";
|
||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
nixpkgs.git = {
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
url = https://github.com/nixos/nixpkgs;
|
nixpkgs = (import <stockholm/krebs/source.nix> host).nixpkgs;
|
||||||
ref = "afe9649";
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
@ -42,6 +42,9 @@ let {
|
|||||||
kirk = {
|
kirk = {
|
||||||
cgit.desc = "IRC tools";
|
cgit.desc = "IRC tools";
|
||||||
};
|
};
|
||||||
|
kops = {
|
||||||
|
cgit.desc = "deployment tools";
|
||||||
|
};
|
||||||
load-env = {};
|
load-env = {};
|
||||||
loldns = {
|
loldns = {
|
||||||
cgit.desc = "toy DNS server";
|
cgit.desc = "toy DNS server";
|
||||||
@ -128,11 +131,6 @@ let {
|
|||||||
repo = [ repo ];
|
repo = [ repo ];
|
||||||
perm = push "refs/*" [ non-fast-forward create delete merge ];
|
perm = push "refs/*" [ non-fast-forward create delete merge ];
|
||||||
} ++
|
} ++
|
||||||
optional repo.public {
|
|
||||||
user = attrValues config.krebs.users;
|
|
||||||
repo = [ repo ];
|
|
||||||
perm = fetch;
|
|
||||||
} ++
|
|
||||||
optional (repo.collaborators or [] != []) {
|
optional (repo.collaborators or [] != []) {
|
||||||
user = repo.collaborators;
|
user = repo.collaborators;
|
||||||
repo = [ repo ];
|
repo = [ repo ];
|
||||||
|
@ -6,6 +6,11 @@ with import <stockholm/lib>;
|
|||||||
}@host: let
|
}@host: let
|
||||||
builder = if dummy_secrets then "buildbot" else "tv";
|
builder = if dummy_secrets then "buildbot" else "tv";
|
||||||
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
|
_file = <stockholm> + "/tv/1systems/${name}/source.nix";
|
||||||
|
pkgs = import <nixpkgs> {
|
||||||
|
overlays = map import [
|
||||||
|
<stockholm/krebs/5pkgs>
|
||||||
|
];
|
||||||
|
};
|
||||||
in
|
in
|
||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
{
|
{
|
||||||
@ -20,6 +25,7 @@ in
|
|||||||
tv = "/home/tv/secrets/${name}";
|
tv = "/home/tv/secrets/${name}";
|
||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
}
|
}
|
||||||
(mkIf (builder == "tv") {
|
(mkIf (builder == "tv") {
|
||||||
secrets-common.file = "/home/tv/secrets/common";
|
secrets-common.file = "/home/tv/secrets/common";
|
||||||
|
Loading…
Reference in New Issue
Block a user