Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
144edeee10
@ -1,7 +1,3 @@
|
|||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
36
krebs/1systems/news/config.nix
Normal file
36
krebs/1systems/news/config.nix
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/krebs>
|
||||||
|
<stockholm/krebs/2configs>
|
||||||
|
|
||||||
|
<stockholm/krebs/2configs/ircd.nix>
|
||||||
|
<stockholm/krebs/2configs/go.nix>
|
||||||
|
|
||||||
|
#### NEWS ####
|
||||||
|
<stockholm/krebs/2configs/ircd.nix>
|
||||||
|
<stockholm/krebs/2configs/news.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.news;
|
||||||
|
|
||||||
|
boot.isContainer = true;
|
||||||
|
networking.useDHCP = false;
|
||||||
|
krebs.bindfs = {
|
||||||
|
"/var/lib/htgen-go" = {
|
||||||
|
source = "/var/state/htgen-go";
|
||||||
|
options = [
|
||||||
|
"-m ${toString config.users.users.htgen-go.uid}"
|
||||||
|
];
|
||||||
|
clearTarget = true;
|
||||||
|
};
|
||||||
|
"/var/lib/brockman" = {
|
||||||
|
source = "/var/state/brockman";
|
||||||
|
options = [
|
||||||
|
"-m ${toString config.users.users.brockman.uid}:${toString config.users.users.nginx.uid}"
|
||||||
|
];
|
||||||
|
clearTarget = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -19,14 +19,6 @@
|
|||||||
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
||||||
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||||
|
|
||||||
### Krebs ###
|
|
||||||
<stockholm/krebs/2configs/go.nix>
|
|
||||||
|
|
||||||
#### NEWS ####
|
|
||||||
<stockholm/krebs/2configs/ircd.nix>
|
|
||||||
<stockholm/krebs/2configs/news.nix>
|
|
||||||
|
|
||||||
|
|
||||||
### shackspace ###
|
### shackspace ###
|
||||||
# handle the worlddomination map via coap
|
# handle the worlddomination map via coap
|
||||||
<stockholm/krebs/2configs/shack/worlddomination.nix>
|
<stockholm/krebs/2configs/shack/worlddomination.nix>
|
||||||
|
@ -2,9 +2,6 @@
|
|||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
environment.systemPackages = [
|
|
||||||
pkgs.go-shortener
|
|
||||||
];
|
|
||||||
krebs.go = {
|
krebs.go = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
@ -11,12 +11,12 @@
|
|||||||
hello
|
hello
|
||||||
'';
|
'';
|
||||||
config = ''
|
config = ''
|
||||||
|
loadmodule "extensions/m_omode";
|
||||||
serverinfo {
|
serverinfo {
|
||||||
name = "${config.krebs.build.host.name}.irc.r";
|
name = "${config.krebs.build.host.name}.irc.r";
|
||||||
sid = "1as";
|
sid = "1as";
|
||||||
description = "miep!";
|
description = "miep!";
|
||||||
network_name = "irc.r";
|
network_name = "irc.r";
|
||||||
hub = yes;
|
|
||||||
|
|
||||||
vhost = "0.0.0.0";
|
vhost = "0.0.0.0";
|
||||||
vhost6 = "::";
|
vhost6 = "::";
|
||||||
@ -26,7 +26,7 @@
|
|||||||
#ssl_dh_params = "etc/dh.pem";
|
#ssl_dh_params = "etc/dh.pem";
|
||||||
#ssld_count = 1;
|
#ssld_count = 1;
|
||||||
|
|
||||||
default_max_clients = 10000;
|
default_max_clients = 100000;
|
||||||
#nicklen = 30;
|
#nicklen = 30;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -43,19 +43,31 @@
|
|||||||
/* Listen on IPv6 (if you used host= above). */
|
/* Listen on IPv6 (if you used host= above). */
|
||||||
host = "::";
|
host = "::";
|
||||||
port = 6667;
|
port = 6667;
|
||||||
sslport = 9999;
|
sslport = 6697;
|
||||||
};
|
};
|
||||||
|
|
||||||
class "users" {
|
class "users" {
|
||||||
ping_time = 2 minutes;
|
ping_time = 2 minutes;
|
||||||
number_per_ident = 10;
|
number_per_ident = 10;
|
||||||
number_per_ip = 2048;
|
number_per_ip = 4096;
|
||||||
number_per_ip_global = 4096;
|
number_per_ip_global = 4096;
|
||||||
cidr_ipv4_bitlen = 24;
|
cidr_ipv4_bitlen = 24;
|
||||||
cidr_ipv6_bitlen = 64;
|
cidr_ipv6_bitlen = 64;
|
||||||
number_per_cidr = 65536;
|
number_per_cidr = 65536;
|
||||||
max_number = 3000;
|
max_number = 100000;
|
||||||
sendq = 1 megabyte;
|
sendq = 10 megabyte;
|
||||||
|
};
|
||||||
|
|
||||||
|
privset "op" {
|
||||||
|
privs = oper:admin;
|
||||||
|
};
|
||||||
|
|
||||||
|
operator "aids" {
|
||||||
|
user = "*@*";
|
||||||
|
password = "balls";
|
||||||
|
flags = ~encrypted;
|
||||||
|
snomask = "+s";
|
||||||
|
privset = "op";
|
||||||
};
|
};
|
||||||
|
|
||||||
exempt {
|
exempt {
|
||||||
@ -93,12 +105,13 @@
|
|||||||
channel_target_change = yes;
|
channel_target_change = yes;
|
||||||
disable_local_channels = no;
|
disable_local_channels = no;
|
||||||
};
|
};
|
||||||
|
|
||||||
general {
|
general {
|
||||||
#maybe we want ident someday?
|
#maybe we want ident someday?
|
||||||
default_floodcount = 1000;
|
default_floodcount = 10000;
|
||||||
disable_auth = yes;
|
disable_auth = yes;
|
||||||
throttle_duration = 1;
|
throttle_duration = 1;
|
||||||
throttle_count = 1000;
|
throttle_count = 10000;
|
||||||
};
|
};
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
12
krebs/2configs/news-host.nix
Normal file
12
krebs/2configs/news-host.nix
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
{
|
||||||
|
krebs.sync-containers.containers.news = {
|
||||||
|
peers = [
|
||||||
|
"shodan"
|
||||||
|
"mors"
|
||||||
|
"styx"
|
||||||
|
];
|
||||||
|
hostIp = "10.233.2.101";
|
||||||
|
localIp = "10.233.2.102";
|
||||||
|
format = "plain";
|
||||||
|
};
|
||||||
|
}
|
@ -1,168 +1,112 @@
|
|||||||
{ pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
services.rss-bridge = {
|
||||||
|
enable = true;
|
||||||
|
whitelist = [ "*" ];
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts = {
|
||||||
|
rss-bridge = {
|
||||||
|
serverAliases = [
|
||||||
|
"rss.r"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
"brockman.r" = {
|
||||||
|
serverAliases = [
|
||||||
|
"news.r"
|
||||||
|
];
|
||||||
|
locations."/".extraConfig = ''
|
||||||
|
root /var/lib/brockman;
|
||||||
|
index brockman.json;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d /var/lib/brockman 1750 brockman nginx -"
|
||||||
|
];
|
||||||
|
|
||||||
krebs.brockman = {
|
krebs.brockman = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
config = {
|
||||||
irc.host = "localhost";
|
irc.host = "localhost";
|
||||||
|
channel = "#all";
|
||||||
shortener = "http://go.r";
|
shortener = "http://go.r";
|
||||||
bots = {
|
controller = {
|
||||||
aje = { feed ="http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989"; channels = [ "#snews" ]; };
|
nick = "brockman";
|
||||||
allafrica = { feed ="http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf"; channels = [ "#snews" ]; };
|
channels = [ "#all" ];
|
||||||
antirez = { feed ="http://antirez.com/rss"; channels = [ "#snews" "#news" ]; };
|
|
||||||
archlinux = { feed ="http://www.archlinux.org/feeds/news/"; channels = [ "#snews" "#news" ]; };
|
|
||||||
ars = { feed ="http://feeds.arstechnica.com/arstechnica/index?format=xml"; channels = [ "#snews" ]; };
|
|
||||||
augustl = { feed ="http://augustl.com/atom.xml"; channels = [ "#snews" ]; };
|
|
||||||
bbc = { feed ="http://feeds.bbci.co.uk/news/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
bdt_aktuelle_themen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
bdt_drucksachen = { feed ="http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss"; channels = [ "#snews" ]; };
|
|
||||||
bdt_plenarproto = { feed ="http://www.bundestag.de/rss_feeds/plenarprotokolle.rss"; channels = [ "#snews" ]; };
|
|
||||||
bdt_pressemitteilungen = { feed ="http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
bitcoinpakistan = { feed ="https://bitcoinspakistan.com/feed/"; channels = [ "#snews" ]; };
|
|
||||||
cancer = { feed ="http://feeds.feedburner.com/ncinewsreleases?format=xml"; channels = [ "#snews" ]; };
|
|
||||||
carta = { feed ="http://feeds2.feedburner.com/carta-standard-rss"; channels = [ "#snews" ]; };
|
|
||||||
catholic_news = { feed ="http://feeds.feedburner.com/catholicnewsagency/dailynews"; channels = [ "#snews" ]; };
|
|
||||||
cbc_busi = { feed ="http://rss.cbc.ca/lineup/business.xml"; channels = [ "#snews" ]; };
|
|
||||||
cbc_offbeat = { feed ="http://www.cbc.ca/cmlink/rss-offbeat"; channels = [ "#snews" ]; };
|
|
||||||
cbc_pol = { feed ="http://rss.cbc.ca/lineup/politics.xml"; channels = [ "#snews" ]; };
|
|
||||||
cbc_tech = { feed ="http://rss.cbc.ca/lineup/technology.xml"; channels = [ "#snews" ]; };
|
|
||||||
cbc_top = { feed ="http://rss.cbc.ca/lineup/topstories.xml"; channels = [ "#snews" ]; };
|
|
||||||
ccc = { feed ="http://www.ccc.de/rss/updates.rdf"; channels = [ "#snews" ]; };
|
|
||||||
chan_biz = { feed ="http://boards.4chan.org/biz/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
chan_g = { feed ="http://boards.4chan.org/g/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
chan_int = { feed ="http://boards.4chan.org/int/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
chan_sci = { feed ="http://boards.4chan.org/sci/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
chan_x = { feed ="http://boards.4chan.org/x/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
c = { feed ="http://www.tempolimit-lichtgeschwindigkeit.de/news.xml"; channels = [ "#snews" ]; };
|
|
||||||
cryptogon = { feed ="http://www.cryptogon.com/?feed=rss2"; channels = [ "#snews" ]; };
|
|
||||||
csm = { feed ="http://rss.csmonitor.com/feeds/csm"; channels = [ "#snews" ]; };
|
|
||||||
csm_world = { feed ="http://rss.csmonitor.com/feeds/world"; channels = [ "#snews" ]; };
|
|
||||||
danisch = { feed ="http://www.danisch.de/blog/feed/"; channels = [ "#snews" ]; };
|
|
||||||
dod = { feed ="http://www.defense.gov/news/afps2.xml"; channels = [ "#snews" ]; };
|
|
||||||
dwn = { feed ="http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/"; channels = [ "#snews" ]; };
|
|
||||||
ecat = { feed ="http://ecat.com/feed"; channels = [ "#snews" ]; };
|
|
||||||
eia_press = { feed ="http://www.eia.gov/rss/press_rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
eia_today = { feed ="http://www.eia.gov/rss/todayinenergy.xml"; channels = [ "#snews" ]; };
|
|
||||||
embargowatch = { feed ="https://embargowatch.wordpress.com/feed/"; channels = [ "#snews" ]; };
|
|
||||||
ethereum-comments = { feed ="http://blog.ethereum.org/comments/feed"; channels = [ "#snews" ]; };
|
|
||||||
ethereum = { feed ="http://blog.ethereum.org/feed"; channels = [ "#snews" "#news" ]; };
|
|
||||||
europa_ric = { feed ="http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
eu_survei = { feed ="http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx"; channels = [ "#snews" ]; };
|
|
||||||
exploitdb = { feed ="http://www.exploit-db.com/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
fars = { feed ="http://www.farsnews.com/rss.php"; channels = [ "#snews #test" ]; };
|
|
||||||
faz_feui = { feed ="http://www.faz.net/rss/aktuell/feuilleton/"; channels = [ "#snews" ]; };
|
|
||||||
faz_politik = { feed ="http://www.faz.net/rss/aktuell/politik/"; channels = [ "#snews" ]; };
|
|
||||||
faz_wirtschaft = { feed ="http://www.faz.net/rss/aktuell/wirtschaft/"; channels = [ "#snews" ]; };
|
|
||||||
fbi = { feed ="https://www.fbi.gov/news/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
fedreserve = { feed ="http://www.federalreserve.gov/feeds/press_all.xml"; channels = [ "#snews" ]; };
|
|
||||||
fefe = { feed ="http://blog.fefe.de/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
forbes = { feed ="http://www.forbes.com/forbes/feed2/"; channels = [ "#snews" ]; };
|
|
||||||
forbes_realtime = { feed ="http://www.forbes.com/real-time/feed2/"; channels = [ "#snews" ]; };
|
|
||||||
fox = { feed ="http://feeds.foxnews.com/foxnews/latest"; channels = [ "#snews" ]; };
|
|
||||||
geheimorganisation = { feed ="http://geheimorganisation.org/feed/"; channels = [ "#snews" ]; };
|
|
||||||
GerForPol = { feed ="http://www.german-foreign-policy.com/de/news/rss-2.0"; channels = [ "#snews" ]; };
|
|
||||||
gmanet = { feed ="http://www.gmanetwork.com/news/rss/news"; channels = [ "#snews" ]; };
|
|
||||||
golem = { feed ="http://rss.golem.de/rss.php"; channels = [ "#snews" ]; };
|
|
||||||
google = { feed ="http://news.google.com/?output=rss"; channels = [ "#snews" ]; };
|
|
||||||
greenpeace = { feed ="http://feeds.feedburner.com/GreenpeaceNews"; channels = [ "#snews" ]; };
|
|
||||||
guardian_uk = { feed ="http://feeds.theguardian.com/theguardian/uk-news/rss"; channels = [ "#snews" ]; };
|
|
||||||
gulli = { feed ="http://ticker.gulli.com/rss/"; channels = [ "#snews" ]; };
|
|
||||||
hackernews = { feed ="https://news.ycombinator.com/rss"; channels = [ "#snews" ]; };
|
|
||||||
handelsblatt = { feed ="http://www.handelsblatt.com/contentexport/feed/schlagzeilen"; channels = [ "#snews" ]; };
|
|
||||||
heise = { feed ="https://www.heise.de/newsticker/heise-atom.xml"; channels = [ "#snews" ]; };
|
|
||||||
hindu_business = { feed ="http://www.thehindubusinessline.com/?service=rss"; channels = [ "#snews" ]; };
|
|
||||||
hindu = { feed ="http://www.thehindu.com/?service=rss"; channels = [ "#snews" ]; };
|
|
||||||
ign = { feed ="http://feeds.ign.com/ign/all"; channels = [ "#snews" ]; };
|
|
||||||
independent = { feed ="http://www.independent.com/rss/headlines/"; channels = [ "#snews" ]; };
|
|
||||||
indymedia = { feed ="https://de.indymedia.org/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
info_libera = { feed ="http://www.informationliberation.com/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
klagen-gegen-rundfuckbeitrag = { feed ="http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default"; channels = [ "#snews" ]; };
|
|
||||||
korea_herald = { feed ="http://www.koreaherald.com/rss_xml.php"; channels = [ "#snews" ]; };
|
|
||||||
linuxinsider = { feed ="http://www.linuxinsider.com/perl/syndication/rssfull.pl"; channels = [ "#snews" ]; };
|
|
||||||
lisp = { feed ="http://planet.lisp.org/rss20.xml"; channels = [ "#snews" ]; };
|
|
||||||
liveleak = { feed ="http://www.liveleak.com/rss"; channels = [ "#snews" ]; };
|
|
||||||
lolmythesis = { feed ="http://lolmythesis.com/rss"; channels = [ "#snews" ]; };
|
|
||||||
LtU = { feed ="http://lambda-the-ultimate.org/rss.xml"; channels = [ "#snews" "#news" ]; };
|
|
||||||
lukepalmer = { feed ="http://lukepalmer.wordpress.com/feed/"; channels = [ "#snews" ]; };
|
|
||||||
mit = { feed ="http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss"; channels = [ "#snews" ]; };
|
|
||||||
mongrel2_master = { feed ="https://github.com/zedshaw/mongrel2/commits/master.atom"; channels = [ "#snews" "#news" ]; };
|
|
||||||
nds = { feed ="http://www.nachdenkseiten.de/?feed=atom"; channels = [ "#snews" ]; };
|
|
||||||
netzpolitik = { feed ="https://netzpolitik.org/feed/"; channels = [ "#snews" ]; };
|
|
||||||
newsbtc = { feed ="http://newsbtc.com/feed/"; channels = [ "#snews" ]; };
|
|
||||||
nnewsg = { feed ="http://www.net-news-global.net/rss/rssfeed.xml"; channels = [ "#snews" ]; };
|
|
||||||
npr_busi = { feed ="http://www.npr.org/rss/rss.php?id=1006"; channels = [ "#snews" ]; };
|
|
||||||
npr_headlines = { feed ="http://www.npr.org/rss/rss.php?id=1001"; channels = [ "#snews" ]; };
|
|
||||||
npr_pol = { feed ="http://www.npr.org/rss/rss.php?id=1012"; channels = [ "#snews" ]; };
|
|
||||||
npr_world = { feed ="http://www.npr.org/rss/rss.php?id=1004"; channels = [ "#snews" ]; };
|
|
||||||
nsa = { feed ="https://www.nsa.gov/rss.xml"; channels = [ "#snews #bullerei" ]; };
|
|
||||||
nytimes = { feed ="http://rss.nytimes.com/services/xml/rss/nyt/World.xml"; channels = [ "#snews" ]; };
|
|
||||||
painload = { feed ="https://github.com/krebs/painload/commits/master.atom"; channels = [ "#snews" "#news" ]; };
|
|
||||||
phys = { feed ="http://phys.org/rss-feed/"; channels = [ "#snews" ]; };
|
|
||||||
piraten = { feed ="https://www.piratenpartei.de/feed/"; channels = [ "#snews" ]; };
|
|
||||||
polizei_berlin = { feed ="http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml"; channels = [ "#snews" ]; };
|
|
||||||
presse_polizei = { feed ="http://www.presseportal.de/rss/polizei.rss2"; channels = [ "#snews" ]; };
|
|
||||||
presseportal = { feed ="http://www.presseportal.de/rss/presseportal.rss2"; channels = [ "#snews" ]; };
|
|
||||||
prisonplanet = { feed ="http://prisonplanet.com/feed.rss"; channels = [ "#snews" ]; };
|
|
||||||
rawstory = { feed ="http://www.rawstory.com/rs/feed/"; channels = [ "#snews" ]; };
|
|
||||||
reddit_4chan = { feed ="http://www.reddit.com/r/4chan/new/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_anticonsum = { feed ="http://www.reddit.com/r/Anticonsumption/new/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_btc = { feed ="http://www.reddit.com/r/Bitcoin/new/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_consp = { feed ="http://reddit.com/r/conspiracy/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_haskell = { feed ="http://www.reddit.com/r/haskell/.rss"; channels = [ "#snews" "#news" ]; };
|
|
||||||
reddit_nix = { feed ="http://www.reddit.com/r/nixos/.rss"; channels = [ "#snews" "#news" ]; };
|
|
||||||
reddit_prog = { feed ="http://www.reddit.com/r/programming/new/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_sci = { feed ="http://www.reddit.com/r/science/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_tech = { feed ="http://www.reddit.com/r/technology/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_tpp = { feed ="http://www.reddit.com/r/twitchplayspokemon/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reddit_world = { feed ="http://www.reddit.com/r/worldnews/.rss"; channels = [ "#snews" ]; };
|
|
||||||
r-ethereum = { feed ="http://www.reddit.com/r/ethereum/.rss"; channels = [ "#snews" ]; };
|
|
||||||
reuters = { feed ="http://feeds.reuters.com/Reuters/worldNews"; channels = [ "#snews" ]; };
|
|
||||||
reuters-odd = { feed ="http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml"; channels = [ "#snews" ]; };
|
|
||||||
rt = { feed ="http://rt.com/rss/news/"; channels = [ "#snews" ]; };
|
|
||||||
schallurauch = { feed ="http://feeds.feedburner.com/SchallUndRauch"; channels = [ "#snews" ]; };
|
|
||||||
sciencemag = { feed ="http://news.sciencemag.org/rss/current.xml"; channels = [ "#snews" ]; };
|
|
||||||
scmp = { feed ="http://www.scmp.com/rss/91/feed"; channels = [ "#snews" ]; };
|
|
||||||
sec-db = { feed ="http://feeds.security-database.com/SecurityDatabaseToolsWatch"; channels = [ "#snews" ]; };
|
|
||||||
shackspace = { feed ="http://shackspace.de/atom.xml"; channels = [ "#snews" "#news" ]; };
|
|
||||||
shz_news = { feed ="http://www.shz.de/nachrichten/newsticker/rss"; channels = [ "#snews" ]; };
|
|
||||||
sky_busi = { feed ="http://feeds.skynews.com/feeds/rss/business.xml"; channels = [ "#snews" ]; };
|
|
||||||
sky_pol = { feed ="http://feeds.skynews.com/feeds/rss/politics.xml"; channels = [ "#snews" ]; };
|
|
||||||
sky_strange = { feed ="http://feeds.skynews.com/feeds/rss/strange.xml"; channels = [ "#snews" ]; };
|
|
||||||
sky_tech = { feed ="http://feeds.skynews.com/feeds/rss/technology.xml"; channels = [ "#snews" ]; };
|
|
||||||
sky_world = { feed ="http://feeds.skynews.com/feeds/rss/world.xml"; channels = [ "#snews" ]; };
|
|
||||||
slashdot = { feed ="http://rss.slashdot.org/Slashdot/slashdot"; channels = [ "#snews" ]; };
|
|
||||||
slate = { feed ="http://feeds.slate.com/slate"; channels = [ "#snews" ]; };
|
|
||||||
spiegel_eil = { feed ="http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
spiegel_top = { feed ="http://www.spiegel.de/schlagzeilen/tops/index.rss"; channels = [ "#snews" ]; };
|
|
||||||
standardmedia_ke = { feed ="http://www.standardmedia.co.ke/rss/headlines.php"; channels = [ "#snews" ]; };
|
|
||||||
stern = { feed ="http://www.stern.de/feed/standard/all/"; channels = [ "#snews" ]; };
|
|
||||||
stz = { feed ="http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed"; channels = [ "#snews" ]; };
|
|
||||||
sz_politik = { feed ="http://rss.sueddeutsche.de/rss/Politik"; channels = [ "#snews" ]; };
|
|
||||||
sz_wirtschaft = { feed ="http://rss.sueddeutsche.de/rss/Wirtschaft"; channels = [ "#snews" ]; };
|
|
||||||
sz_wissen = { feed ="http://rss.sueddeutsche.de/rss/Wissen"; channels = [ "#snews" ]; };
|
|
||||||
tagesschau = { feed ="http://www.tagesschau.de/newsticker.rdf"; channels = [ "#snews" ]; };
|
|
||||||
taz = { feed ="http://taz.de/Themen-des-Tages/!p15;rss/"; channels = [ "#snews" ]; };
|
|
||||||
telegraph = { feed ="http://www.telegraph.co.uk/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
telepolis = { feed ="http://www.heise.de/tp/rss/news-atom.xml"; channels = [ "#snews" ]; };
|
|
||||||
the_insider = { feed ="http://www.theinsider.org/rss/news/headlines-xml.asp"; channels = [ "#snews" ]; };
|
|
||||||
tigsource = { feed ="http://www.tigsource.com/feed/"; channels = [ "#snews" ]; };
|
|
||||||
tinc = { feed ="http://tinc-vpn.org/news/index.rss"; channels = [ "#snews" "#news" ]; };
|
|
||||||
torr_bits = { feed ="http://feeds.feedburner.com/TorrentfreakBits"; channels = [ "#snews" ]; };
|
|
||||||
torrentfreak = { feed ="http://feeds.feedburner.com/Torrentfreak"; channels = [ "#snews" ]; };
|
|
||||||
torr_news = { feed ="http://feed.torrentfreak.com/Torrentfreak/"; channels = [ "#snews" ]; };
|
|
||||||
travel_warnings = { feed ="http://feeds.travel.state.gov/ca/travelwarnings-alerts"; channels = [ "#snews" ]; };
|
|
||||||
un_afr = { feed ="http://www.un.org/apps/news/rss/rss_africa.asp"; channels = [ "#snews" ]; };
|
|
||||||
un_am = { feed ="http://www.un.org/apps/news/rss/rss_americas.asp"; channels = [ "#snews" ]; };
|
|
||||||
un_eu = { feed ="http://www.un.org/apps/news/rss/rss_europe.asp"; channels = [ "#snews" ]; };
|
|
||||||
un_me = { feed ="http://www.un.org/apps/news/rss/rss_mideast.asp"; channels = [ "#snews" ]; };
|
|
||||||
un_pac = { feed ="http://www.un.org/apps/news/rss/rss_asiapac.asp"; channels = [ "#snews" ]; };
|
|
||||||
un_top = { feed ="http://www.un.org/apps/news/rss/rss_top.asp"; channels = [ "#snews" ]; };
|
|
||||||
us_math_society = { feed ="http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1"; channels = [ "#snews" ]; };
|
|
||||||
vimperator = { feed ="https://sites.google.com/a/vimperator.org/www/blog/posts.xml"; channels = [ "#snews" "#news" ]; };
|
|
||||||
weechat = { feed ="http://dev.weechat.org/feed/atom"; channels = [ "#snews" "#news" ]; };
|
|
||||||
xkcd = { feed ="https://xkcd.com/rss.xml"; channels = [ "#snews" "#news" ]; };
|
|
||||||
zdnet = { feed ="http://www.zdnet.com/news/rss.xml"; channels = [ "#snews" ]; };
|
|
||||||
};
|
};
|
||||||
|
bots = {};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
krebs.reaktor2.news = {
|
||||||
|
hostname = "localhost";
|
||||||
|
port = "6667";
|
||||||
|
nick = "brockman-helper";
|
||||||
|
plugins = [
|
||||||
|
{
|
||||||
|
plugin = "register";
|
||||||
|
config = {
|
||||||
|
channels = [
|
||||||
|
"#all"
|
||||||
|
"#aluhut"
|
||||||
|
"#news"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
plugin = "system";
|
||||||
|
config = {
|
||||||
|
hooks.PRIVMSG = [
|
||||||
|
{
|
||||||
|
activate = "match";
|
||||||
|
pattern = "^brockman-helper:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$";
|
||||||
|
command = 1;
|
||||||
|
arguments = [2];
|
||||||
|
commands = {
|
||||||
|
add-reddit.filename = pkgs.writeDash "add-reddit" ''
|
||||||
|
set -euf
|
||||||
|
if [ "$#" -ne 1 ]; then
|
||||||
|
echo 'usage: brockman-helper: add-reddit $reddit_channel'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
reddit_channel=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
|
||||||
|
echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Telegram&username=$reddit_channel&format=Mrss"
|
||||||
|
'';
|
||||||
|
add-telegram.filename = pkgs.writeDash "add-telegram" ''
|
||||||
|
set -euf
|
||||||
|
if [ "$#" -ne 1 ]; then
|
||||||
|
echo 'usage: brockman-helper: add-telegram $telegram_user'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
telegram_user=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
|
||||||
|
echo "brockman: add t_$telegram_user http://rss.r/?action=display&bridge=Telegram&username=$telegram_user&format=Mrss"
|
||||||
|
'';
|
||||||
|
add-youtube.filename = pkgs.writeDash "add-youtube" ''
|
||||||
|
set -euf
|
||||||
|
if [ "$#" -ne 1 ]; then
|
||||||
|
echo 'usage: brockman-helper: add-youtube $nick $channelid'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
youtube_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
|
||||||
|
youtube_id=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][1]')
|
||||||
|
echo "brockman: add yt_$youtube_nick http://rss.r/?action=display&bridge=Youtube&context=By+channel+id&c=$youtube_id&duration_min=&duration_max=&format=Mrss"
|
||||||
|
'';
|
||||||
|
search.filename = pkgs.writeDash "search" ''
|
||||||
|
set -euf
|
||||||
|
if [ "$#" -ne 1 ]; then
|
||||||
|
echo 'usage: brockman-helper: search $searchterm'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
searchterm=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]')
|
||||||
|
${pkgs.curl}/bin/curl -Ss "https://feedsearch.dev/api/v1/search?url=$searchterm&info=true&favicon=false" |
|
||||||
|
${pkgs.jq}/bin/jq '.[].url'
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
15
krebs/2configs/syncthing.nix
Normal file
15
krebs/2configs/syncthing.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ config, pkgs, ... }: with import <stockholm/lib>; let
|
||||||
|
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
|
||||||
|
|
||||||
|
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
|
||||||
|
used_peer_names = unique (flatten (mapAttrsToList (n: v: v.devices) config.services.syncthing.declarative.folders));
|
||||||
|
used_peers = filterAttrs (n: v: elem n used_peer_names) all_peers;
|
||||||
|
in {
|
||||||
|
services.syncthing = {
|
||||||
|
enable = true;
|
||||||
|
configDir = "/var/lib/syncthing";
|
||||||
|
declarative = {
|
||||||
|
devices = mk_peers used_peers;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,9 +1,9 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
let
|
let
|
||||||
cfg = config.lass.bindfs;
|
cfg = config.krebs.bindfs;
|
||||||
in {
|
in {
|
||||||
options.lass.bindfs = mkOption {
|
options.krebs.bindfs = mkOption {
|
||||||
type = types.attrsOf (types.submodule ({ config, ... }: {
|
type = types.attrsOf (types.submodule ({ config, ... }: {
|
||||||
options = {
|
options = {
|
||||||
target = mkOption {
|
target = mkOption {
|
||||||
@ -28,6 +28,13 @@ in {
|
|||||||
type = types.listOf types.str;
|
type = types.listOf types.str;
|
||||||
default = [];
|
default = [];
|
||||||
};
|
};
|
||||||
|
clearTarget = mkOption {
|
||||||
|
description = ''
|
||||||
|
whether to clear the target folder before mounting
|
||||||
|
'';
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}));
|
}));
|
||||||
default = {};
|
default = {};
|
||||||
@ -41,6 +48,9 @@ in {
|
|||||||
path = [ pkgs.coreutils ];
|
path = [ pkgs.coreutils ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStartPre = pkgs.writeDash "bindfs-init-${name}" ''
|
ExecStartPre = pkgs.writeDash "bindfs-init-${name}" ''
|
||||||
|
${optionalString mount.clearTarget ''
|
||||||
|
rm -rf '${mount.target}'
|
||||||
|
''}
|
||||||
mkdir -p '${mount.source}'
|
mkdir -p '${mount.source}'
|
||||||
mkdir -p '${mount.target}'
|
mkdir -p '${mount.target}'
|
||||||
'';
|
'';
|
@ -1,5 +1,5 @@
|
|||||||
{ pkgs, lib, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
with lib;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
cfg = config.krebs.brockman;
|
cfg = config.krebs.brockman;
|
||||||
in {
|
in {
|
||||||
@ -9,7 +9,12 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
users.extraUsers.brockman.isNormalUser = false;
|
users.extraUsers.brockman = {
|
||||||
|
home = "/var/lib/brockman";
|
||||||
|
createHome = true;
|
||||||
|
isNormalUser = false;
|
||||||
|
uid = genid_uint31 "brockman";
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services.brockman = {
|
systemd.services.brockman = {
|
||||||
description = "RSS to IRC broadcaster";
|
description = "RSS to IRC broadcaster";
|
||||||
|
@ -11,6 +11,7 @@ let
|
|||||||
./apt-cacher-ng.nix
|
./apt-cacher-ng.nix
|
||||||
./backup.nix
|
./backup.nix
|
||||||
./bepasty-server.nix
|
./bepasty-server.nix
|
||||||
|
./bindfs.nix
|
||||||
./brockman.nix
|
./brockman.nix
|
||||||
./buildbot/master.nix
|
./buildbot/master.nix
|
||||||
./buildbot/slave.nix
|
./buildbot/slave.nix
|
||||||
@ -37,7 +38,6 @@ let
|
|||||||
./kapacitor.nix
|
./kapacitor.nix
|
||||||
./konsens.nix
|
./konsens.nix
|
||||||
./monit.nix
|
./monit.nix
|
||||||
./newsbot-js.nix
|
|
||||||
./nixpkgs.nix
|
./nixpkgs.nix
|
||||||
./on-failure.nix
|
./on-failure.nix
|
||||||
./os-release.nix
|
./os-release.nix
|
||||||
@ -52,6 +52,7 @@ let
|
|||||||
./secret.nix
|
./secret.nix
|
||||||
./setuid.nix
|
./setuid.nix
|
||||||
./shadow.nix
|
./shadow.nix
|
||||||
|
./sync-containers.nix
|
||||||
./tinc.nix
|
./tinc.nix
|
||||||
./tinc_graphs.nix
|
./tinc_graphs.nix
|
||||||
./urlwatch.nix
|
./urlwatch.nix
|
||||||
@ -91,8 +92,10 @@ let
|
|||||||
@ IN SOA dns19.ovh.net. tech.ovh.net. (2015052000 86400 3600 3600000 86400)
|
@ IN SOA dns19.ovh.net. tech.ovh.net. (2015052000 86400 3600 3600000 86400)
|
||||||
IN NS ns19.ovh.net.
|
IN NS ns19.ovh.net.
|
||||||
IN NS dns19.ovh.net.
|
IN NS dns19.ovh.net.
|
||||||
IN A 192.30.252.154
|
IN A 185.199.108.153
|
||||||
IN A 192.30.252.153
|
IN A 185.199.109.153
|
||||||
|
IN A 185.199.110.153
|
||||||
|
IN A 185.199.111.153
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -13,52 +13,78 @@ let
|
|||||||
api = {
|
api = {
|
||||||
enable = mkEnableOption "Enable go url shortener";
|
enable = mkEnableOption "Enable go url shortener";
|
||||||
port = mkOption {
|
port = mkOption {
|
||||||
type = types.str;
|
type = types.int;
|
||||||
default = "1337";
|
default = 1337;
|
||||||
description = "on which port go should run on";
|
description = "on which port go should run on";
|
||||||
};
|
};
|
||||||
redisKeyPrefix = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "go:";
|
|
||||||
description = "change the Redis key prefix which defaults to `go:`";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
services.redis = {
|
krebs.htgen.go = {
|
||||||
enable = mkDefault true;
|
port = cfg.port;
|
||||||
bind = mkDefault "127.0.0.1";
|
script = ''. ${pkgs.writeDash "go" ''
|
||||||
};
|
find_item() {
|
||||||
|
if test ''${#1} -ge 7; then
|
||||||
|
set -- "$(find "$STATEDIR/items" -mindepth 1 -maxdepth 1 \
|
||||||
|
-regex "$STATEDIR/items/$1[0-9A-Za-z]*$")"
|
||||||
|
if test -n "$1" && test $(echo "$1" | wc -l) = 1; then
|
||||||
|
echo "$1"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
users.extraUsers.go = rec {
|
STATEDIR=$HOME
|
||||||
name = "go";
|
mkdir -p "$STATEDIR/items"
|
||||||
uid = genid name;
|
|
||||||
description = "go url shortener user";
|
|
||||||
home = "/var/lib/go";
|
|
||||||
createHome = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.go = {
|
case "$Method $Request_URI" in
|
||||||
description = "go url shortener";
|
"GET /"*)
|
||||||
after = [ "network.target" ];
|
if item=$(find_item "''${Request_URI#/}"); then
|
||||||
wantedBy = [ "multi-user.target" ];
|
uri=$(cat "$item")
|
||||||
|
printf 'HTTP/1.1 302 Found\r\n'
|
||||||
|
printf 'Content-Type: text/plain\r\n'
|
||||||
|
printf 'Connection: closed\r\n'
|
||||||
|
printf 'Location: %s\r\n' "$uri"
|
||||||
|
printf '\r\n'
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
"POST /")
|
||||||
|
uri=$(mktemp -t htgen.$$.content.XXXXXXXX)
|
||||||
|
trap 'rm $uri >&2' EXIT
|
||||||
|
|
||||||
path = with pkgs; [
|
head -c "$req_content_length" \
|
||||||
go-shortener
|
| sed 's/+/ /g;s/%\(..\)/\\x\1/g;' \
|
||||||
];
|
| xargs -0 echo -e \
|
||||||
|
| tee /tmp/tee.log \
|
||||||
|
| ${pkgs.urix}/bin/urix \
|
||||||
|
| head -1 \
|
||||||
|
> "$uri"
|
||||||
|
sha256=$(sha256sum -b "$uri" | cut -d\ -f1)
|
||||||
|
base32=$(${pkgs.nixStable}/bin/nix-hash --to-base32 --type sha256 "$sha256")
|
||||||
|
item="$STATEDIR/items/$base32"
|
||||||
|
ref="http://$req_host/$base32"
|
||||||
|
|
||||||
environment = {
|
if ! test -e "$item"; then
|
||||||
PORT = cfg.port;
|
mkdir -v -p "$STATEDIR/items" >&2
|
||||||
REDIS_KEY_PREFIX = cfg.redisKeyPrefix;
|
cp -v "$uri" "$item" >&2
|
||||||
};
|
fi
|
||||||
|
|
||||||
restartIfChanged = true;
|
base32short=$(echo "$base32" | cut -b-7)
|
||||||
|
if item=$(find_item "$base32short"); then
|
||||||
|
ref="http://$req_host/$base32short"
|
||||||
|
fi
|
||||||
|
|
||||||
serviceConfig = {
|
printf 'HTTP/1.1 200 OK\r\n'
|
||||||
User = "go";
|
printf 'Content-Type: text/plain; charset=UTF-8\r\n'
|
||||||
Restart = "always";
|
printf 'Connection: close\r\n'
|
||||||
ExecStart = "${pkgs.go-shortener}/bin/go";
|
printf '\r\n'
|
||||||
};
|
printf '%s\n' "$ref"
|
||||||
|
exit
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
''}'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -92,6 +92,38 @@ in {
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
|
||||||
};
|
};
|
||||||
|
news = {
|
||||||
|
ci = true;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.0.5";
|
||||||
|
aliases = [
|
||||||
|
"news.r"
|
||||||
|
"brockman.r"
|
||||||
|
"go.r"
|
||||||
|
"rss.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9PY6t6P1ytgo8qYL2QDc
|
||||||
|
cgPezX8yGmA0nuTyCUPtXbWyWee9HnzYqekzJYvBHwgBDvZ8UhLZTCXD15agDfaf
|
||||||
|
cbzd4uM5bCDgqI8sezzD95tqj7mzvIEurIShDXYSWC6YRat1h1Opp86JngBJRvHZ
|
||||||
|
Gb6NAyfnr4v2eyMrmH9/j+sECxjCAaC5QLpJWyoDPilFU8dXBarmiZNYYlXQt1pn
|
||||||
|
yxZSF5pElmrdiZ6vlKlnEHwFtExm1gv63ZjAlusrXM+bKMvdVKRnhahq76A5VXjc
|
||||||
|
kbOhQi+wYGaVK4jB2a1UilmKYh1wKLE7HULoHDRrqEe4jemNZg+JOBPTU+jM/JzM
|
||||||
|
XdPy0KAMxHOUZCe8IX0LgF1snVaMF05Qkoe3QKr0YJ3KTD7UdsJpa1Br216Z/w2f
|
||||||
|
koz+cRn/Z/8TO8SIRKvy5TfXeH+ra6rp/CvwryNlNL4FB+25LFDkJtLIZGqAsz3G
|
||||||
|
vRXUiGN4l1FR4TbX7XaK2rvIlA/+4isJ02bBdnZhe7kmuuBeECyPaR1+Ui6pElXe
|
||||||
|
ZamnxTAmj86Q8pDx6Wn2cg8YAJlVV3UCfhda34DZokJmmmKucGupg/6Xt0Bhm9d5
|
||||||
|
exNrTIDG3lXTxmg2mfiZJeg/fsnalvtN0j/VB+NmmKzie+ZohMK4nUfslq8o5CO9
|
||||||
|
j7ZLmZzm062GzX0RenxNkwUCAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHl5cDF9QheXyMlNYIX17ILbgd94K50fZy7w0fDLvZlo ";
|
||||||
|
};
|
||||||
onebutton = {
|
onebutton = {
|
||||||
cores = 1;
|
cores = 1;
|
||||||
nets = {
|
nets = {
|
||||||
@ -130,7 +162,6 @@ in {
|
|||||||
"puyak.r"
|
"puyak.r"
|
||||||
"build.puyak.r"
|
"build.puyak.r"
|
||||||
"cgit.puyak.r"
|
"cgit.puyak.r"
|
||||||
"go.r"
|
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
@ -44,6 +44,7 @@ in {
|
|||||||
matrix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
matrix 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
radio 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
|
jitsi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
streaming 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
@ -685,6 +686,7 @@ in {
|
|||||||
};
|
};
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU ";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU ";
|
||||||
|
syncthing.id = "JAVJ6ON-WLCWOA3-YB7EHPX-VGIN4XF-635NIVZ-WZ4HN4M-QRMLT4N-5PL5MQN";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
users = rec {
|
users = rec {
|
||||||
@ -699,6 +701,11 @@ in {
|
|||||||
pubkey = builtins.readFile ./ssh/blue.rsa;
|
pubkey = builtins.readFile ./ssh/blue.rsa;
|
||||||
pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp;
|
pgp.pubkeys.default = builtins.readFile ./pgp/blue.pgp;
|
||||||
};
|
};
|
||||||
|
lass-green = {
|
||||||
|
mail = "lass@green.r";
|
||||||
|
pubkey = builtins.readFile ./ssh/green.ed25519;
|
||||||
|
pgp.pubkeys.default = builtins.readFile ./pgp/green.pgp;
|
||||||
|
};
|
||||||
lass-mors = {
|
lass-mors = {
|
||||||
mail = "lass@mors.r";
|
mail = "lass@mors.r";
|
||||||
pubkey = builtins.readFile ./ssh/mors.rsa;
|
pubkey = builtins.readFile ./ssh/mors.rsa;
|
||||||
|
40
krebs/3modules/lass/pgp/green.pgp
Normal file
40
krebs/3modules/lass/pgp/green.pgp
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQGNBGAMS3EBDACzbsaP9nhJ8GrAk5JLlz+ruDbEGuvJXvh+spVq9i9TCCGAraPo
|
||||||
|
z8Tmgsw6SJhJMW/170OZJ+GMMEDRpRbvh8tLZ0jsTIwINasRjC68tF9dgjjPZdNN
|
||||||
|
cVOpFw4Wf4ueMmoEG/9Xyehm+YEJFTj5wul2uJtfj5NJB43daDn4e3ieGExd+zE0
|
||||||
|
FTP4yAmxVMbN4BiyZPX7CxeTzJS0g4aVnMq9RqtYbxd1Uv++LmPh1ZkEyNNKItfC
|
||||||
|
nRFeZzjhnmD7LvwsixE2ENnbiL9Ho7Mc4C7kRKSJ+LvXH6ChJJtDy9ApVA+u90i5
|
||||||
|
Rd7y9rdzFY+NCHusWg0/U/t2FoLc/hRa0eLE1KFtzWzH35TMl8R/7NrPztTwT/fH
|
||||||
|
xt3qSiwMUvH9X9TGvh5N0WwqgtEe6mpZvpq+4gyOiyA+EwE73rnxG2DzmM6CFHyo
|
||||||
|
Qm/OOfjuFH+l0PkAqti+f41SqlEOiOAAFzgz7gaTdJ8gXs8piOGxk4U5EK/p1OTW
|
||||||
|
4e6DrxqcxmHgoAUAEQEAAbQMbGFzc0BncmVlbi5yiQHUBBMBCAA+FiEE6Ed5jGI3
|
||||||
|
gop09K1NMwheLc2Sjz0FAmAMS3ECGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwEC
|
||||||
|
HgECF4AACgkQMwheLc2Sjz0otwv+I8Sw0ENqy6SsrZSGDtmhAouCeTIUseRQ66tp
|
||||||
|
UFnxDVPYhhdM2ubTtIqOfx20Xdy/7N/POyYMJ5VR+IaFcB9wUlrhdjwUlCtoUipx
|
||||||
|
EycZloccMPGySxAxR3Kcy/SFzUKWwQ10/mfSQg/4+vYayZNuSvEpviMEZn0prpmw
|
||||||
|
jwFJcHOu0NL+7eYULMdit1BDaZfBaAu/otKn18878+0hVimyjW27564uXtJYnbf1
|
||||||
|
hUVGvPLaSo74XBFra+kujcA3zIjWiPn6dRA5dzLrRRkb30Unl1+0a9QwY3wd3vCV
|
||||||
|
UHWSgDNaV+o7yPTuxoMsfrxHPAc3JlaKM6ka/EdK04tbgMH/N7FHXqDqCEIBWML4
|
||||||
|
1/+HxkP2UW59zLefQwvBqWcF6bA7kgHGhIDkg1yg7ygP0t2mH6ktuEAYYr24BFx7
|
||||||
|
b8nK/jhK+rp3LomLTLQ6e/6mikfoDr636sB1/Bc+pTdWsJnuQTzaWBDloVEr/2hz
|
||||||
|
/K5+wH2kgSKaWYUtaR6wiMbVKq3HuQGNBGAMS3EBDAC1xQNCJD3hlnihHBv7jxfH
|
||||||
|
CI5HdnUEh1eP8mUKjSE+Z0xGEMq8Z9sbTHQxtDdmC4ZOq1Kkt2LmtQQQAIH+Qnu6
|
||||||
|
RYFOAPRmegouIxg4S3eTPZhZRo1ZqCphqbL2mQ9ifNrG3VVvQGXNvjo3Cuwj0uzx
|
||||||
|
EDtOilKEtHZhG0cfehGV+nO1n/g50EQMC7JkFWnryxVL8i4l3KstOdj+LcIT6c27
|
||||||
|
EE2fzOUekeltBHGRFSM1Yzmn2lxruuK4I8zoiqak2St1788ay//F9tiZPfhWRb6+
|
||||||
|
DF+JgRLCXatqTJppPpkui1irw6jN5ZabjyS7GBtH+5wpnvuMEMr484OXEg17VnCd
|
||||||
|
Tx/RTLyjfffDtTkC4M7oiAr5SUbkJjVkEuwjxp1N19epD8gzrBQC2W7XKM3z+mtG
|
||||||
|
ZLJtiW5hM+QylMv7VWxbQ21ObJmUqBQUZLPlpl3dlGU/ILw3U4urBibD9oPT2QAX
|
||||||
|
J6Db/STyl6w0bzRbMJmaEM4P0FcdEKTuw7tOpl5zBUkAEQEAAYkBtgQYAQgAIBYh
|
||||||
|
BOhHeYxiN4KKdPStTTMIXi3Nko89BQJgDEtxAhsMAAoJEDMIXi3Nko89yc8MAJKg
|
||||||
|
M5lbA/PJYlIju/qWKWt7yZbsIGuDfmuKfYftjXDOqskEqDyYgr31Txd43bWM6Ec7
|
||||||
|
gb5JVmtzvLull0/KRwMcKAFNTXIYcb3jKpanwWRgHQlt/D6zlQula73WxwNUlZWl
|
||||||
|
Q8FCWjGa2hC8oKlTbtzm5osdcK+YhlpTpK5y4Mrg0f9Rcd297ygFQSDInpGq7ILY
|
||||||
|
sFat3HU7w9oPp9Q5RS8/EmrvAx1kFj9mZRs4L9inJJnHFpb1R6snojcKPwEyIWBi
|
||||||
|
+PFZ6ns296FjW9C+Ci7C+aaAzVDM7NAwU0/EhWeDKKHITU3Zaz4gnShesKBiVxhI
|
||||||
|
JQNFCjWlnc+o3RqbAhDQhlwFrCZWUxQi1qWy4U88IYqR9hxV0eNtGSRmwnGCT9RV
|
||||||
|
Nxb6CjtmHpgUmzyvwBpBJya8bLYu5tCKnUodtFiq/poxEfI5WrP6pu5l648AwuPa
|
||||||
|
ioovprweDWs38Q8wd/SuoaUtIoj378UDXq8acFvHHnOS/bBBfAE9tutY1ycJdg==
|
||||||
|
=Fg3f
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
1
krebs/3modules/lass/ssh/green.ed25519
Normal file
1
krebs/3modules/lass/ssh/green.ed25519
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIOJfTJ37hWYTYLWY6egshmvigPfRF0Sa4N11gmphMLm lass@green
|
@ -1,102 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
let
|
|
||||||
|
|
||||||
cfg = config.krebs.newsbot-js;
|
|
||||||
|
|
||||||
enable = cfg != {};
|
|
||||||
|
|
||||||
out = {
|
|
||||||
options.krebs.newsbot-js = api;
|
|
||||||
config = mkIf enable imp;
|
|
||||||
};
|
|
||||||
|
|
||||||
api = mkOption {
|
|
||||||
type = types.attrsOf (types.submodule ({ config, ... }: {
|
|
||||||
options = {
|
|
||||||
enable = mkEnableOption "Enable krebs newsbot" // { default = true; };
|
|
||||||
|
|
||||||
channel = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "#${config._module.args.name}";
|
|
||||||
description = "post the news in this channel";
|
|
||||||
};
|
|
||||||
feeds = mkOption {
|
|
||||||
type = types.path;
|
|
||||||
description = ''
|
|
||||||
file with feeds to post
|
|
||||||
format:
|
|
||||||
$nick|$feedURI
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
ircServer = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "localhost";
|
|
||||||
description = "to which server the bot should connect";
|
|
||||||
};
|
|
||||||
masterNick = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = config._module.args.name;
|
|
||||||
description = "nickname of the master bot";
|
|
||||||
};
|
|
||||||
package = mkOption {
|
|
||||||
type = types.package;
|
|
||||||
default = pkgs.newsbot-js;
|
|
||||||
description = "newsbot package to use";
|
|
||||||
};
|
|
||||||
urlShortenerHost = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "go.r";
|
|
||||||
description = "what server to use for url shortening, host";
|
|
||||||
};
|
|
||||||
urlShortenerPort = mkOption {
|
|
||||||
type = types.str;
|
|
||||||
default = "80";
|
|
||||||
description = "what server to use for url shortening, port";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}));
|
|
||||||
default = {};
|
|
||||||
};
|
|
||||||
|
|
||||||
imp = {
|
|
||||||
users.extraUsers.newsbot-js = {
|
|
||||||
name = "newsbot-js";
|
|
||||||
uid = genid "newsbot-js";
|
|
||||||
description = "newsbot-js user";
|
|
||||||
home = "/var/empty";
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services = mapAttrs' (name: newsbot:
|
|
||||||
nameValuePair "newsbot-${name}" {
|
|
||||||
after = [ "network.target" ];
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
|
|
||||||
path = with pkgs; [
|
|
||||||
newsbot-js
|
|
||||||
];
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
irc_server = newsbot.ircServer;
|
|
||||||
master_nick = newsbot.masterNick;
|
|
||||||
news_channel = newsbot.channel;
|
|
||||||
feeds_file = newsbot.feeds;
|
|
||||||
url_shortener_host = newsbot.urlShortenerHost;
|
|
||||||
url_shortener_port = newsbot.urlShortenerPort;
|
|
||||||
};
|
|
||||||
|
|
||||||
restartIfChanged = true;
|
|
||||||
|
|
||||||
serviceConfig = {
|
|
||||||
User = "newsbot-js";
|
|
||||||
Restart = "always";
|
|
||||||
ExecStart = "${newsbot.package}/bin/newsbot";
|
|
||||||
WatchdogSec = "86400";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
) cfg;
|
|
||||||
};
|
|
||||||
|
|
||||||
in out
|
|
@ -1,6 +1,6 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{ config, pkgs, ... }: let
|
{ config, pkgs, ... }: let
|
||||||
cfg = config.lass.sync-containers;
|
cfg = config.krebs.sync-containers;
|
||||||
paths = cname: {
|
paths = cname: {
|
||||||
plain = "/var/lib/containers/${cname}/var/state";
|
plain = "/var/lib/containers/${cname}/var/state";
|
||||||
ecryptfs = "${cfg.dataLocation}/${cname}/ecryptfs";
|
ecryptfs = "${cfg.dataLocation}/${cname}/ecryptfs";
|
||||||
@ -8,6 +8,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
start = cname: {
|
start = cname: {
|
||||||
plain = ''
|
plain = ''
|
||||||
|
:
|
||||||
'';
|
'';
|
||||||
ecryptfs = ''
|
ecryptfs = ''
|
||||||
if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then
|
if ! mount | grep -q '${cfg.dataLocation}/${cname}/ecryptfs on /var/lib/containers/${cname}/var/state type ecryptfs'; then
|
||||||
@ -28,6 +29,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
stop = cname: {
|
stop = cname: {
|
||||||
plain = ''
|
plain = ''
|
||||||
|
:
|
||||||
'';
|
'';
|
||||||
ecryptfs = ''
|
ecryptfs = ''
|
||||||
${pkgs.ecrypt}/bin/ecrypt unmount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state
|
${pkgs.ecrypt}/bin/ecrypt unmount ${cfg.dataLocation}/${cname}/ecryptfs /var/lib/containers/${cname}/var/state
|
||||||
@ -37,7 +39,7 @@ with import <stockholm/lib>;
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
options.lass.sync-containers = {
|
options.krebs.sync-containers = {
|
||||||
dataLocation = mkOption {
|
dataLocation = mkOption {
|
||||||
description = ''
|
description = ''
|
||||||
location where the encrypted sync-container lie around
|
location where the encrypted sync-container lie around
|
||||||
@ -90,6 +92,10 @@ in {
|
|||||||
|
|
||||||
config = mkIf (cfg.containers != {}) {
|
config = mkIf (cfg.containers != {}) {
|
||||||
programs.fuse.userAllowOther = true;
|
programs.fuse.userAllowOther = true;
|
||||||
|
# allow syncthing to enter /var/lib/containers
|
||||||
|
system.activationScripts.syncthing-home = ''
|
||||||
|
${pkgs.coreutils}/bin/chmod a+x /var/lib/containers
|
||||||
|
'';
|
||||||
|
|
||||||
services.syncthing.declarative.folders = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({
|
services.syncthing.declarative.folders = (mapAttrs' (_: ctr: nameValuePair "${(paths ctr.name).${ctr.format}}" ({
|
||||||
devices = ctr.peers;
|
devices = ctr.peers;
|
||||||
@ -153,6 +159,8 @@ in {
|
|||||||
|
|
||||||
if [ -h /var/lib/containers/${ctr.name}/var/src/nixos-config ] && (! ping -c1 -q -w5 ${ctr.name}.r); then
|
if [ -h /var/lib/containers/${ctr.name}/var/src/nixos-config ] && (! ping -c1 -q -w5 ${ctr.name}.r); then
|
||||||
${pkgs.nixos-container}/bin/nixos-container run ${ctr.name} -- nixos-rebuild -I /var/src switch
|
${pkgs.nixos-container}/bin/nixos-container run ${ctr.name} -- nixos-rebuild -I /var/src switch
|
||||||
|
else
|
||||||
|
${(stop ctr.name).${ctr.format}}
|
||||||
fi
|
fi
|
||||||
'')
|
'')
|
||||||
(pkgs.writeDashBin "stop-${ctr.name}" ''
|
(pkgs.writeDashBin "stop-${ctr.name}" ''
|
@ -1,23 +1,26 @@
|
|||||||
{ mkDerivation, aeson, async, base, bloomfilter, bytestring
|
{ mkDerivation, aeson, aeson-pretty, base, bloomfilter, bytestring
|
||||||
, conduit, containers, feed, hslogger, irc-conduit, microlens
|
, case-insensitive, conduit, containers, directory, feed, filepath
|
||||||
, network, optparse-applicative, stdenv, stm, text, wreq
|
, hslogger, html-entity, http-client, irc-conduit, lens, network
|
||||||
|
, optparse-applicative, random, safe, stdenv, text, time, timerep
|
||||||
|
, wreq
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
}:
|
}:
|
||||||
mkDerivation rec {
|
mkDerivation rec {
|
||||||
pname = "brockman";
|
pname = "brockman";
|
||||||
version = "1.4.5";
|
version = "3.2.3";
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "kmein";
|
owner = "kmein";
|
||||||
repo = "brockman";
|
repo = "brockman";
|
||||||
rev = version;
|
rev = version;
|
||||||
sha256 = "0fdvfj2fwwz8inj0h1q6msryj1xsxs1lfmgv5kynmxrqpdibb3fw";
|
sha256 = "1qbjbf0l1ikfzmvky4cnvv7nlcwi2in4afliifh618j0a4f7j427";
|
||||||
};
|
};
|
||||||
isLibrary = false;
|
isLibrary = false;
|
||||||
isExecutable = true;
|
isExecutable = true;
|
||||||
executableHaskellDepends = [
|
executableHaskellDepends = [
|
||||||
aeson async base bloomfilter bytestring conduit containers feed
|
aeson aeson-pretty base bloomfilter bytestring case-insensitive
|
||||||
hslogger irc-conduit microlens network optparse-applicative stm
|
conduit containers directory feed filepath hslogger html-entity
|
||||||
text wreq
|
http-client irc-conduit lens network optparse-applicative random
|
||||||
|
safe text time timerep wreq
|
||||||
];
|
];
|
||||||
license = stdenv.lib.licenses.mit;
|
license = stdenv.lib.licenses.mit;
|
||||||
}
|
}
|
||||||
|
@ -1,12 +1,13 @@
|
|||||||
{ mkDerivation, base, fetchgit, stdenv }:
|
{ mkDerivation, base, fetchgit, stdenv }:
|
||||||
mkDerivation {
|
mkDerivation {
|
||||||
pname = "scanner";
|
pname = "scanner";
|
||||||
version = "1.0.0";
|
version = "1.0.1";
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = http://cgit.ni.krebsco.de/scanner;
|
url = "http://cgit.ni.krebsco.de/scanner";
|
||||||
rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad";
|
|
||||||
sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn";
|
sha256 = "1lgl158axczsm4fx53fyq1d4116v91jsx4dbz66ka4k1ljqrmhgn";
|
||||||
|
rev = "7f091a3bc152ad3974a1873b460fa1759bf8dcad";
|
||||||
|
fetchSubmodules = true;
|
||||||
};
|
};
|
||||||
libraryHaskellDepends = [ base ];
|
libraryHaskellDepends = [ base ];
|
||||||
license = stdenv.lib.licenses.wtfpl;
|
license = stdenv.lib.licenses.mit;
|
||||||
}
|
}
|
||||||
|
@ -3,11 +3,7 @@
|
|||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
name = "TabFS";
|
name = "TabFS";
|
||||||
|
|
||||||
src = pkgs.fetchgit {
|
src = pkgs.fetchgit (lib.importJSON ./src.json);
|
||||||
url = https://cgit.krebsco.de/TabFS;
|
|
||||||
rev = "1fc4845283a0e6aa46a8d8978f356d5ccdcedd13";
|
|
||||||
sha256 = "0bsm5fhxrr6zwbnm9p10h9pwm85llr02g2ch97a62r62dhjjrc8h";
|
|
||||||
};
|
|
||||||
|
|
||||||
phases = [
|
phases = [
|
||||||
"unpackPhase"
|
"unpackPhase"
|
||||||
|
10
krebs/5pkgs/simple/TabFS/src.json
Normal file
10
krebs/5pkgs/simple/TabFS/src.json
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
{
|
||||||
|
"url": "https://cgit.krebsco.de/TabFS",
|
||||||
|
"rev": "a6045e0e29b85e3e66c468f3561009ded1db6ec5",
|
||||||
|
"date": "2021-01-14T23:56:09+01:00",
|
||||||
|
"path": "/nix/store/mbcywm1yq5vr7awxqb533faz34minfax-TabFS",
|
||||||
|
"sha256": "1z0kj95zh0jl8laa0whra1jys8pws3199sy29vmlv2nxrkz13blv",
|
||||||
|
"fetchSubmodules": false,
|
||||||
|
"deepClone": false,
|
||||||
|
"leaveDotGit": false
|
||||||
|
}
|
111
krebs/5pkgs/simple/ecrypt/default.nix
Normal file
111
krebs/5pkgs/simple/ecrypt/default.nix
Normal file
@ -0,0 +1,111 @@
|
|||||||
|
{ pkgs, lib }:
|
||||||
|
|
||||||
|
#usage: ecrypt mount /var/crypted /var/unencrypted
|
||||||
|
pkgs.writers.writeDashBin "ecrypt" ''
|
||||||
|
set -euf
|
||||||
|
|
||||||
|
PATH=${lib.makeBinPath (with pkgs; [
|
||||||
|
coreutils
|
||||||
|
ecryptfs
|
||||||
|
gnused
|
||||||
|
gnugrep
|
||||||
|
jq
|
||||||
|
mount
|
||||||
|
keyutils
|
||||||
|
umount
|
||||||
|
])}
|
||||||
|
|
||||||
|
# turn echo back on if killed
|
||||||
|
trap 'stty echo' INT
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
init)
|
||||||
|
shift
|
||||||
|
mkdir -p "$1" "$2"
|
||||||
|
|
||||||
|
# abort if src or dest are not empty
|
||||||
|
if [ -e "$1"/.cfg.json ]; then
|
||||||
|
echo 'source dir is already configured, aborting'
|
||||||
|
exit 1
|
||||||
|
elif ls -1qA "$2" | grep -q .; then
|
||||||
|
echo 'destination dir is not empty, aborting'
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
# we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
|
||||||
|
echo 4 | ecryptfs-manager
|
||||||
|
stty -echo
|
||||||
|
printf "passphrase: "
|
||||||
|
read passphrase
|
||||||
|
stty echo
|
||||||
|
sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
|
||||||
|
mount -t ecryptfs \
|
||||||
|
-o ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
|
||||||
|
"$1" "$2"
|
||||||
|
|
||||||
|
# add sig to json state file
|
||||||
|
jq -n --arg sig "$sig" '{ "sig": $sig }' > "$1"/.cfg.json
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
|
||||||
|
mount)
|
||||||
|
shift
|
||||||
|
if ! [ -e "$1"/.cfg.json ]; then
|
||||||
|
echo '.cfg.json missing in src'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
old_sig=$(cat "$1"/.cfg.json | jq -r .sig)
|
||||||
|
|
||||||
|
# check if key is already in keyring, otherwise add it
|
||||||
|
|
||||||
|
if keyctl list @u | grep -q "$old_sig"; then
|
||||||
|
echo 'pw already saved'
|
||||||
|
else
|
||||||
|
# we start and exit ecryptfs-manager again to circumvent a bug where mounting the ecryptfs fails
|
||||||
|
echo 4 | ecryptfs-manager
|
||||||
|
stty -echo
|
||||||
|
printf "passphrase: "
|
||||||
|
read passphrase
|
||||||
|
stty echo
|
||||||
|
new_sig=$(echo "$passphrase" | ecryptfs-add-passphrase | grep 'Inserted auth tok' | sed 's/.*\[\(.*\)\].*/\1/')
|
||||||
|
|
||||||
|
# check if passphrase matches sig
|
||||||
|
if [ "$old_sig" != "$new_sig" ]; then
|
||||||
|
echo 'passphrase does not match sig, bailing out'
|
||||||
|
new_keyid=$(keyctl list @u | grep "$new_sig" | sed 's/\([0-9]*\).*/\1/')
|
||||||
|
keyctl revoke "$new_keyid"
|
||||||
|
keyctl unlink "$new_keyid"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
sig=$old_sig
|
||||||
|
keyid=$(keyctl list @u | grep "$sig" | sed 's/\([0-9]*\).*/\1/')
|
||||||
|
if (ls -1qA "$2" | grep -q .); then
|
||||||
|
echo 'destination is not empty, bailing out'
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
mount -i -t ecryptfs \
|
||||||
|
-o ecryptfs_passthrough=no,verbose=no,ecryptfs_unlink_sigs,ecryptfs_fnek_sig="$sig",ecryptfs_key_bytes=16,ecryptfs_cipher=aes,ecryptfs_sig="$sig" \
|
||||||
|
"$1" "$2"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
|
||||||
|
unmount)
|
||||||
|
shift
|
||||||
|
|
||||||
|
sig=$(cat "$1"/.cfg.json | jq -r .sig)
|
||||||
|
keyid=$(keyctl list @u | grep "$sig" | sed 's/\s*\([0-9]*\).*/\1/')
|
||||||
|
|
||||||
|
umount "$2" || :
|
||||||
|
keyctl revoke "$keyid"
|
||||||
|
keyctl unlink "$keyid"
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo 'usage:
|
||||||
|
ecrypt init /tmp/src/ /tmp/dst/
|
||||||
|
ecrypt mount /tmp/src/ /tmp/dst/
|
||||||
|
ecrypt unmount /tmp/src/ /tmp/dst/
|
||||||
|
'
|
||||||
|
esac
|
||||||
|
''
|
@ -1,17 +0,0 @@
|
|||||||
{ coreutils, git, writeDashBin }:
|
|
||||||
|
|
||||||
writeDashBin "git-preview" ''
|
|
||||||
set -efu
|
|
||||||
head_commit=$(${git}/bin/git log -1 --format=%H)
|
|
||||||
merge_commit=$1; shift
|
|
||||||
merge_message='Merge for git-preview'
|
|
||||||
preview_dir=$(${coreutils}/bin/mktemp --tmpdir -d git-preview.XXXXXXXX)
|
|
||||||
preview_branch=$(${coreutils}/bin/basename "$preview_dir")
|
|
||||||
${git}/bin/git worktree add -b "$preview_branch" "$preview_dir" >/dev/null
|
|
||||||
${git}/bin/git -C "$preview_dir" checkout "$head_commit"
|
|
||||||
${git}/bin/git -C "$preview_dir" merge -m "$merge_message" "$merge_commit"
|
|
||||||
${git}/bin/git -C "$preview_dir" diff "$head_commit.." "$@" &
|
|
||||||
${git}/bin/git branch -fd "$preview_branch"
|
|
||||||
${coreutils}/bin/rm -fR "$preview_dir"
|
|
||||||
wait
|
|
||||||
''
|
|
@ -1,56 +0,0 @@
|
|||||||
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-12_x, pkgs }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
|
|
||||||
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
|
|
||||||
nodejs = nodejs-12_x;
|
|
||||||
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
|
|
||||||
};
|
|
||||||
|
|
||||||
node_env = pkgs.buildEnv {
|
|
||||||
name = "go-node_env";
|
|
||||||
paths = attrValues (import ./node-packages.nix {
|
|
||||||
inherit (pkgs) fetchurl fetchgit;
|
|
||||||
inherit nodeEnv;
|
|
||||||
});
|
|
||||||
};
|
|
||||||
|
|
||||||
in stdenv.mkDerivation {
|
|
||||||
packageName = "go";
|
|
||||||
name = "go-shortener";
|
|
||||||
version = "0.0.0";
|
|
||||||
|
|
||||||
src = fetchgit {
|
|
||||||
url = "http://cgit.lassul.us/go/";
|
|
||||||
rev = "05d02740e0adbb36cc461323647f0c1e7f493156";
|
|
||||||
sha256 = "6015c9a93317375ae8099c7ab982df0aa93a59ec2b48972e253887bb6ca0004f";
|
|
||||||
};
|
|
||||||
|
|
||||||
phases = [
|
|
||||||
"unpackPhase"
|
|
||||||
"installPhase"
|
|
||||||
];
|
|
||||||
|
|
||||||
buildInputs = [
|
|
||||||
nodejs-12_x
|
|
||||||
makeWrapper
|
|
||||||
];
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/bin
|
|
||||||
|
|
||||||
cp index.js $out/
|
|
||||||
cat > $out/go << EOF
|
|
||||||
${nodejs-12_x}/bin/node $out/index.js
|
|
||||||
EOF
|
|
||||||
chmod +x $out/go
|
|
||||||
|
|
||||||
wrapProgram $out/go \
|
|
||||||
--prefix NODE_PATH : ${node_env}/lib/node_modules
|
|
||||||
|
|
||||||
ln -s $out/go /$out/bin/go
|
|
||||||
'';
|
|
||||||
|
|
||||||
}
|
|
@ -1,88 +0,0 @@
|
|||||||
# This file has been generated by node2nix 1.7.0. Do not edit!
|
|
||||||
|
|
||||||
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
|
|
||||||
|
|
||||||
let
|
|
||||||
sources = {
|
|
||||||
"denque-1.4.1" = {
|
|
||||||
name = "denque";
|
|
||||||
packageName = "denque";
|
|
||||||
version = "1.4.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz";
|
|
||||||
sha512 = "OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"redis-commands-1.5.0" = {
|
|
||||||
name = "redis-commands";
|
|
||||||
packageName = "redis-commands";
|
|
||||||
version = "1.5.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz";
|
|
||||||
sha512 = "6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"redis-errors-1.2.0" = {
|
|
||||||
name = "redis-errors";
|
|
||||||
packageName = "redis-errors";
|
|
||||||
version = "1.2.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz";
|
|
||||||
sha1 = "eb62d2adb15e4eaf4610c04afe1529384250abad";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"redis-parser-3.0.0" = {
|
|
||||||
name = "redis-parser";
|
|
||||||
packageName = "redis-parser";
|
|
||||||
version = "3.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz";
|
|
||||||
sha1 = "b66d828cdcafe6b4b8a428a7def4c6bcac31c8b4";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
formidable = nodeEnv.buildNodePackage {
|
|
||||||
name = "formidable";
|
|
||||||
packageName = "formidable";
|
|
||||||
version = "1.2.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz";
|
|
||||||
sha512 = "V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q==";
|
|
||||||
};
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "A node.js module for parsing form data, especially file uploads.";
|
|
||||||
homepage = https://github.com/node-formidable/formidable;
|
|
||||||
license = "MIT";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
redis = nodeEnv.buildNodePackage {
|
|
||||||
name = "redis";
|
|
||||||
packageName = "redis";
|
|
||||||
version = "3.0.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz";
|
|
||||||
sha512 = "PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ==";
|
|
||||||
};
|
|
||||||
dependencies = [
|
|
||||||
sources."denque-1.4.1"
|
|
||||||
sources."redis-commands-1.5.0"
|
|
||||||
sources."redis-errors-1.2.0"
|
|
||||||
sources."redis-parser-3.0.0"
|
|
||||||
];
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "A high performance Redis client.";
|
|
||||||
homepage = https://github.com/NodeRedis/node-redis;
|
|
||||||
license = "MIT";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,4 +0,0 @@
|
|||||||
[
|
|
||||||
"formidable",
|
|
||||||
"redis"
|
|
||||||
]
|
|
@ -1,4 +0,0 @@
|
|||||||
#!/usr/bin/env nix-shell
|
|
||||||
#! nix-shell -i bash -p nodePackages_10_x.node2nix
|
|
||||||
node2nix -10 -i pkgs.json -c combine.nix
|
|
||||||
rm node-env.nix combine.nix
|
|
@ -1,58 +0,0 @@
|
|||||||
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs, pkgs, icu }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
let
|
|
||||||
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
|
|
||||||
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
|
|
||||||
nodejs = nodejs;
|
|
||||||
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
|
|
||||||
};
|
|
||||||
|
|
||||||
node_env = pkgs.buildEnv {
|
|
||||||
name = "go-node_env";
|
|
||||||
paths = attrValues (import ./node-packages.nix {
|
|
||||||
inherit (pkgs) fetchurl fetchgit;
|
|
||||||
inherit nodeEnv;
|
|
||||||
globalBuildInputs = [
|
|
||||||
icu.dev
|
|
||||||
];
|
|
||||||
});
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
in stdenv.mkDerivation {
|
|
||||||
name = "newsbot-js";
|
|
||||||
|
|
||||||
src = fetchgit {
|
|
||||||
url = "http://cgit.prism/newsbot-js/";
|
|
||||||
rev = "09e01639be4ea9691cf5b33f7d9057b68ac98079";
|
|
||||||
sha256 = "28ffbed66c2efcd194c47823c7d5d5533c80852fc0cf9d9d4ee609c71d50c142";
|
|
||||||
};
|
|
||||||
|
|
||||||
phases = [
|
|
||||||
"unpackPhase"
|
|
||||||
"installPhase"
|
|
||||||
];
|
|
||||||
|
|
||||||
buildInputs = [
|
|
||||||
nodejs
|
|
||||||
makeWrapper
|
|
||||||
];
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/bin
|
|
||||||
|
|
||||||
cp newsbot.js $out/
|
|
||||||
cat > $out/newsbot << EOF
|
|
||||||
${nodejs}/bin/node $out/newsbot.js
|
|
||||||
EOF
|
|
||||||
chmod +x $out/newsbot
|
|
||||||
|
|
||||||
wrapProgram $out/newsbot \
|
|
||||||
--prefix NODE_PATH : ${node_env}/lib/node_modules
|
|
||||||
|
|
||||||
ln -s $out/newsbot /$out/bin/newsbot
|
|
||||||
'';
|
|
||||||
|
|
||||||
}
|
|
@ -1,777 +0,0 @@
|
|||||||
# This file has been generated by node2nix 1.7.0. Do not edit!
|
|
||||||
|
|
||||||
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
|
|
||||||
|
|
||||||
let
|
|
||||||
sources = {
|
|
||||||
"addressparser-1.0.1" = {
|
|
||||||
name = "addressparser";
|
|
||||||
packageName = "addressparser";
|
|
||||||
version = "1.0.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/addressparser/-/addressparser-1.0.1.tgz";
|
|
||||||
sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"ajv-6.10.2" = {
|
|
||||||
name = "ajv";
|
|
||||||
packageName = "ajv";
|
|
||||||
version = "6.10.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz";
|
|
||||||
sha512 = "TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"array-indexofobject-0.0.1" = {
|
|
||||||
name = "array-indexofobject";
|
|
||||||
packageName = "array-indexofobject";
|
|
||||||
version = "0.0.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/array-indexofobject/-/array-indexofobject-0.0.1.tgz";
|
|
||||||
sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"asn1-0.2.4" = {
|
|
||||||
name = "asn1";
|
|
||||||
packageName = "asn1";
|
|
||||||
version = "0.2.4";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz";
|
|
||||||
sha512 = "jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"assert-plus-1.0.0" = {
|
|
||||||
name = "assert-plus";
|
|
||||||
packageName = "assert-plus";
|
|
||||||
version = "1.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz";
|
|
||||||
sha1 = "f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"asynckit-0.4.0" = {
|
|
||||||
name = "asynckit";
|
|
||||||
packageName = "asynckit";
|
|
||||||
version = "0.4.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz";
|
|
||||||
sha1 = "c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"aws-sign2-0.7.0" = {
|
|
||||||
name = "aws-sign2";
|
|
||||||
packageName = "aws-sign2";
|
|
||||||
version = "0.7.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz";
|
|
||||||
sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"aws4-1.8.0" = {
|
|
||||||
name = "aws4";
|
|
||||||
packageName = "aws4";
|
|
||||||
version = "1.8.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz";
|
|
||||||
sha512 = "ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"bcrypt-pbkdf-1.0.2" = {
|
|
||||||
name = "bcrypt-pbkdf";
|
|
||||||
packageName = "bcrypt-pbkdf";
|
|
||||||
version = "1.0.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz";
|
|
||||||
sha1 = "a4301d389b6a43f9b67ff3ca11a3f6637e360e9e";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"caseless-0.12.0" = {
|
|
||||||
name = "caseless";
|
|
||||||
packageName = "caseless";
|
|
||||||
version = "0.12.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz";
|
|
||||||
sha1 = "1b681c21ff84033c826543090689420d187151dc";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"combined-stream-1.0.8" = {
|
|
||||||
name = "combined-stream";
|
|
||||||
packageName = "combined-stream";
|
|
||||||
version = "1.0.8";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz";
|
|
||||||
sha512 = "FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"core-util-is-1.0.2" = {
|
|
||||||
name = "core-util-is";
|
|
||||||
packageName = "core-util-is";
|
|
||||||
version = "1.0.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz";
|
|
||||||
sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"dashdash-1.14.1" = {
|
|
||||||
name = "dashdash";
|
|
||||||
packageName = "dashdash";
|
|
||||||
version = "1.14.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz";
|
|
||||||
sha1 = "853cfa0f7cbe2fed5de20326b8dd581035f6e2f0";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"delayed-stream-1.0.0" = {
|
|
||||||
name = "delayed-stream";
|
|
||||||
packageName = "delayed-stream";
|
|
||||||
version = "1.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz";
|
|
||||||
sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"ecc-jsbn-0.1.2" = {
|
|
||||||
name = "ecc-jsbn";
|
|
||||||
packageName = "ecc-jsbn";
|
|
||||||
version = "0.1.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz";
|
|
||||||
sha1 = "3a83a904e54353287874c564b7549386849a98c9";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"extend-3.0.2" = {
|
|
||||||
name = "extend";
|
|
||||||
packageName = "extend";
|
|
||||||
version = "3.0.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz";
|
|
||||||
sha512 = "fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"extsprintf-1.3.0" = {
|
|
||||||
name = "extsprintf";
|
|
||||||
packageName = "extsprintf";
|
|
||||||
version = "1.3.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz";
|
|
||||||
sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"fast-deep-equal-2.0.1" = {
|
|
||||||
name = "fast-deep-equal";
|
|
||||||
packageName = "fast-deep-equal";
|
|
||||||
version = "2.0.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz";
|
|
||||||
sha1 = "7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"fast-json-stable-stringify-2.0.0" = {
|
|
||||||
name = "fast-json-stable-stringify";
|
|
||||||
packageName = "fast-json-stable-stringify";
|
|
||||||
version = "2.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz";
|
|
||||||
sha1 = "d5142c0caee6b1189f87d3a76111064f86c8bbf2";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"forever-agent-0.6.1" = {
|
|
||||||
name = "forever-agent";
|
|
||||||
packageName = "forever-agent";
|
|
||||||
version = "0.6.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz";
|
|
||||||
sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"form-data-2.3.3" = {
|
|
||||||
name = "form-data";
|
|
||||||
packageName = "form-data";
|
|
||||||
version = "2.3.3";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz";
|
|
||||||
sha512 = "1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"getpass-0.1.7" = {
|
|
||||||
name = "getpass";
|
|
||||||
packageName = "getpass";
|
|
||||||
version = "0.1.7";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz";
|
|
||||||
sha1 = "5eff8e3e684d569ae4cb2b1282604e8ba62149fa";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"har-schema-2.0.0" = {
|
|
||||||
name = "har-schema";
|
|
||||||
packageName = "har-schema";
|
|
||||||
version = "2.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz";
|
|
||||||
sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"har-validator-5.1.3" = {
|
|
||||||
name = "har-validator";
|
|
||||||
packageName = "har-validator";
|
|
||||||
version = "5.1.3";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz";
|
|
||||||
sha512 = "sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"http-signature-1.2.0" = {
|
|
||||||
name = "http-signature";
|
|
||||||
packageName = "http-signature";
|
|
||||||
version = "1.2.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz";
|
|
||||||
sha1 = "9aecd925114772f3d95b65a60abb8f7c18fbace1";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"iconv-2.2.3" = {
|
|
||||||
name = "iconv";
|
|
||||||
packageName = "iconv";
|
|
||||||
version = "2.2.3";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/iconv/-/iconv-2.2.3.tgz";
|
|
||||||
sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"inherits-2.0.4" = {
|
|
||||||
name = "inherits";
|
|
||||||
packageName = "inherits";
|
|
||||||
version = "2.0.4";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz";
|
|
||||||
sha512 = "k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"irc-colors-1.5.0" = {
|
|
||||||
name = "irc-colors";
|
|
||||||
packageName = "irc-colors";
|
|
||||||
version = "1.5.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.5.0.tgz";
|
|
||||||
sha512 = "HtszKchBQTcqw1DC09uD7i7vvMayHGM1OCo6AHt5pkgZEyo99ClhHTMJdf+Ezc9ovuNNxcH89QfyclGthjZJOw==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"is-typedarray-1.0.0" = {
|
|
||||||
name = "is-typedarray";
|
|
||||||
packageName = "is-typedarray";
|
|
||||||
version = "1.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz";
|
|
||||||
sha1 = "e479c80858df0c1b11ddda6940f96011fcda4a9a";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"isarray-1.0.0" = {
|
|
||||||
name = "isarray";
|
|
||||||
packageName = "isarray";
|
|
||||||
version = "1.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz";
|
|
||||||
sha1 = "bb935d48582cba168c06834957a54a3e07124f11";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"isstream-0.1.2" = {
|
|
||||||
name = "isstream";
|
|
||||||
packageName = "isstream";
|
|
||||||
version = "0.1.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz";
|
|
||||||
sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"jsbn-0.1.1" = {
|
|
||||||
name = "jsbn";
|
|
||||||
packageName = "jsbn";
|
|
||||||
version = "0.1.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz";
|
|
||||||
sha1 = "a5e654c2e5a2deb5f201d96cefbca80c0ef2f513";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"json-schema-0.2.3" = {
|
|
||||||
name = "json-schema";
|
|
||||||
packageName = "json-schema";
|
|
||||||
version = "0.2.3";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz";
|
|
||||||
sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"json-schema-traverse-0.4.1" = {
|
|
||||||
name = "json-schema-traverse";
|
|
||||||
packageName = "json-schema-traverse";
|
|
||||||
version = "0.4.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz";
|
|
||||||
sha512 = "xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"json-stringify-safe-5.0.1" = {
|
|
||||||
name = "json-stringify-safe";
|
|
||||||
packageName = "json-stringify-safe";
|
|
||||||
version = "5.0.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz";
|
|
||||||
sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"jsprim-1.4.1" = {
|
|
||||||
name = "jsprim";
|
|
||||||
packageName = "jsprim";
|
|
||||||
version = "1.4.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz";
|
|
||||||
sha1 = "313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"lodash.assign-4.2.0" = {
|
|
||||||
name = "lodash.assign";
|
|
||||||
packageName = "lodash.assign";
|
|
||||||
version = "4.2.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz";
|
|
||||||
sha1 = "0d99f3ccd7a6d261d19bdaeb9245005d285808e7";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"lodash.get-4.4.2" = {
|
|
||||||
name = "lodash.get";
|
|
||||||
packageName = "lodash.get";
|
|
||||||
version = "4.4.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz";
|
|
||||||
sha1 = "2d177f652fa31e939b4438d5341499dfa3825e99";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"lodash.has-4.5.2" = {
|
|
||||||
name = "lodash.has";
|
|
||||||
packageName = "lodash.has";
|
|
||||||
version = "4.5.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz";
|
|
||||||
sha1 = "d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"lodash.uniq-4.5.0" = {
|
|
||||||
name = "lodash.uniq";
|
|
||||||
packageName = "lodash.uniq";
|
|
||||||
version = "4.5.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz";
|
|
||||||
sha1 = "d0225373aeb652adc1bc82e4945339a842754773";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"mime-db-1.42.0" = {
|
|
||||||
name = "mime-db";
|
|
||||||
packageName = "mime-db";
|
|
||||||
version = "1.42.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/mime-db/-/mime-db-1.42.0.tgz";
|
|
||||||
sha512 = "UbfJCR4UAVRNgMpfImz05smAXK7+c+ZntjaA26ANtkXLlOe947Aag5zdIcKQULAiF9Cq4WxBi9jUs5zkA84bYQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"mime-types-2.1.25" = {
|
|
||||||
name = "mime-types";
|
|
||||||
packageName = "mime-types";
|
|
||||||
version = "2.1.25";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.25.tgz";
|
|
||||||
sha512 = "5KhStqB5xpTAeGqKBAMgwaYMnQik7teQN4IAzC7npDv6kzeU6prfkR67bc87J1kWMPGkoaZSq1npmexMgkmEVg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"mri-1.1.4" = {
|
|
||||||
name = "mri";
|
|
||||||
packageName = "mri";
|
|
||||||
version = "1.1.4";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/mri/-/mri-1.1.4.tgz";
|
|
||||||
sha512 = "6y7IjGPm8AzlvoUrwAaw1tLnUBudaS3752vcd8JtrpGGQn+rXIe63LFVHm/YMwtqAuh+LJPCFdlLYPWM1nYn6w==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"nan-2.14.0" = {
|
|
||||||
name = "nan";
|
|
||||||
packageName = "nan";
|
|
||||||
version = "2.14.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/nan/-/nan-2.14.0.tgz";
|
|
||||||
sha512 = "INOFj37C7k3AfaNTtX8RhsTw7qRy7eLET14cROi9+5HAVbbHuIWUHEauBv5qT4Av2tWasiTY1Jw6puUNqRJXQg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"node-icu-charset-detector-0.2.0" = {
|
|
||||||
name = "node-icu-charset-detector";
|
|
||||||
packageName = "node-icu-charset-detector";
|
|
||||||
version = "0.2.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/node-icu-charset-detector/-/node-icu-charset-detector-0.2.0.tgz";
|
|
||||||
sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"oauth-sign-0.9.0" = {
|
|
||||||
name = "oauth-sign";
|
|
||||||
packageName = "oauth-sign";
|
|
||||||
version = "0.9.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz";
|
|
||||||
sha512 = "fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"performance-now-2.1.0" = {
|
|
||||||
name = "performance-now";
|
|
||||||
packageName = "performance-now";
|
|
||||||
version = "2.1.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz";
|
|
||||||
sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"process-nextick-args-2.0.1" = {
|
|
||||||
name = "process-nextick-args";
|
|
||||||
packageName = "process-nextick-args";
|
|
||||||
version = "2.0.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz";
|
|
||||||
sha512 = "3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"psl-1.4.0" = {
|
|
||||||
name = "psl";
|
|
||||||
packageName = "psl";
|
|
||||||
version = "1.4.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz";
|
|
||||||
sha512 = "HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"punycode-1.4.1" = {
|
|
||||||
name = "punycode";
|
|
||||||
packageName = "punycode";
|
|
||||||
version = "1.4.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz";
|
|
||||||
sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"punycode-2.1.1" = {
|
|
||||||
name = "punycode";
|
|
||||||
packageName = "punycode";
|
|
||||||
version = "2.1.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz";
|
|
||||||
sha512 = "XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"qs-6.5.2" = {
|
|
||||||
name = "qs";
|
|
||||||
packageName = "qs";
|
|
||||||
version = "6.5.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz";
|
|
||||||
sha512 = "N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"readable-stream-2.3.6" = {
|
|
||||||
name = "readable-stream";
|
|
||||||
packageName = "readable-stream";
|
|
||||||
version = "2.3.6";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz";
|
|
||||||
sha512 = "tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"safe-buffer-5.1.2" = {
|
|
||||||
name = "safe-buffer";
|
|
||||||
packageName = "safe-buffer";
|
|
||||||
version = "5.1.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz";
|
|
||||||
sha512 = "Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"safe-buffer-5.2.0" = {
|
|
||||||
name = "safe-buffer";
|
|
||||||
packageName = "safe-buffer";
|
|
||||||
version = "5.2.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz";
|
|
||||||
sha512 = "fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"safer-buffer-2.1.2" = {
|
|
||||||
name = "safer-buffer";
|
|
||||||
packageName = "safer-buffer";
|
|
||||||
version = "2.1.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz";
|
|
||||||
sha512 = "YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"sax-1.2.4" = {
|
|
||||||
name = "sax";
|
|
||||||
packageName = "sax";
|
|
||||||
version = "1.2.4";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz";
|
|
||||||
sha512 = "NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"sshpk-1.16.1" = {
|
|
||||||
name = "sshpk";
|
|
||||||
packageName = "sshpk";
|
|
||||||
version = "1.16.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz";
|
|
||||||
sha512 = "HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"string_decoder-1.1.1" = {
|
|
||||||
name = "string_decoder";
|
|
||||||
packageName = "string_decoder";
|
|
||||||
version = "1.1.1";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz";
|
|
||||||
sha512 = "n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"tough-cookie-2.4.3" = {
|
|
||||||
name = "tough-cookie";
|
|
||||||
packageName = "tough-cookie";
|
|
||||||
version = "2.4.3";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz";
|
|
||||||
sha512 = "Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"tunnel-agent-0.6.0" = {
|
|
||||||
name = "tunnel-agent";
|
|
||||||
packageName = "tunnel-agent";
|
|
||||||
version = "0.6.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz";
|
|
||||||
sha1 = "27a5dea06b36b04a0a9966774b290868f0fc40fd";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"tweetnacl-0.14.5" = {
|
|
||||||
name = "tweetnacl";
|
|
||||||
packageName = "tweetnacl";
|
|
||||||
version = "0.14.5";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz";
|
|
||||||
sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"uri-js-4.2.2" = {
|
|
||||||
name = "uri-js";
|
|
||||||
packageName = "uri-js";
|
|
||||||
version = "4.2.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz";
|
|
||||||
sha512 = "KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"util-deprecate-1.0.2" = {
|
|
||||||
name = "util-deprecate";
|
|
||||||
packageName = "util-deprecate";
|
|
||||||
version = "1.0.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz";
|
|
||||||
sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"uuid-3.3.3" = {
|
|
||||||
name = "uuid";
|
|
||||||
packageName = "uuid";
|
|
||||||
version = "3.3.3";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz";
|
|
||||||
sha512 = "pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ==";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"verror-1.10.0" = {
|
|
||||||
name = "verror";
|
|
||||||
packageName = "verror";
|
|
||||||
version = "1.10.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz";
|
|
||||||
sha1 = "3a105ca17053af55d6e270c1f8288682e18da400";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
feedparser = nodeEnv.buildNodePackage {
|
|
||||||
name = "feedparser";
|
|
||||||
packageName = "feedparser";
|
|
||||||
version = "2.2.9";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/feedparser/-/feedparser-2.2.9.tgz";
|
|
||||||
sha1 = "9138197dafdae05fcadde0036beeaf6066c2c5e9";
|
|
||||||
};
|
|
||||||
dependencies = [
|
|
||||||
sources."addressparser-1.0.1"
|
|
||||||
sources."array-indexofobject-0.0.1"
|
|
||||||
sources."core-util-is-1.0.2"
|
|
||||||
sources."inherits-2.0.4"
|
|
||||||
sources."isarray-1.0.0"
|
|
||||||
sources."lodash.assign-4.2.0"
|
|
||||||
sources."lodash.get-4.4.2"
|
|
||||||
sources."lodash.has-4.5.2"
|
|
||||||
sources."lodash.uniq-4.5.0"
|
|
||||||
sources."mri-1.1.4"
|
|
||||||
sources."process-nextick-args-2.0.1"
|
|
||||||
sources."readable-stream-2.3.6"
|
|
||||||
sources."safe-buffer-5.1.2"
|
|
||||||
sources."sax-1.2.4"
|
|
||||||
sources."string_decoder-1.1.1"
|
|
||||||
sources."util-deprecate-1.0.2"
|
|
||||||
];
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "Robust RSS Atom and RDF feed parsing using sax js";
|
|
||||||
homepage = http://github.com/danmactough/node-feedparser;
|
|
||||||
license = "MIT";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
form-data = nodeEnv.buildNodePackage {
|
|
||||||
name = "form-data";
|
|
||||||
packageName = "form-data";
|
|
||||||
version = "3.0.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/form-data/-/form-data-3.0.0.tgz";
|
|
||||||
sha512 = "CKMFDglpbMi6PyN+brwB9Q/GOw0eAnsrEZDgcsH5Krhz5Od/haKHAX0NmQfha2zPPz0JpWzA7GJHGSnvCRLWsg==";
|
|
||||||
};
|
|
||||||
dependencies = [
|
|
||||||
sources."asynckit-0.4.0"
|
|
||||||
sources."combined-stream-1.0.8"
|
|
||||||
sources."delayed-stream-1.0.0"
|
|
||||||
sources."mime-db-1.42.0"
|
|
||||||
sources."mime-types-2.1.25"
|
|
||||||
];
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.";
|
|
||||||
homepage = "https://github.com/form-data/form-data#readme";
|
|
||||||
license = "MIT";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
irc = nodeEnv.buildNodePackage {
|
|
||||||
name = "irc";
|
|
||||||
packageName = "irc";
|
|
||||||
version = "0.5.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/irc/-/irc-0.5.2.tgz";
|
|
||||||
sha1 = "3714f4768365a96d0b2f776bc91166beb2464bbc";
|
|
||||||
};
|
|
||||||
dependencies = [
|
|
||||||
sources."iconv-2.2.3"
|
|
||||||
sources."irc-colors-1.5.0"
|
|
||||||
sources."nan-2.14.0"
|
|
||||||
sources."node-icu-charset-detector-0.2.0"
|
|
||||||
];
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "An IRC client library for node";
|
|
||||||
homepage = "https://github.com/martynsmith/node-irc#readme";
|
|
||||||
license = "GPL-3.0";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
request = nodeEnv.buildNodePackage {
|
|
||||||
name = "request";
|
|
||||||
packageName = "request";
|
|
||||||
version = "2.88.0";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/request/-/request-2.88.0.tgz";
|
|
||||||
sha512 = "NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==";
|
|
||||||
};
|
|
||||||
dependencies = [
|
|
||||||
sources."ajv-6.10.2"
|
|
||||||
sources."asn1-0.2.4"
|
|
||||||
sources."assert-plus-1.0.0"
|
|
||||||
sources."asynckit-0.4.0"
|
|
||||||
sources."aws-sign2-0.7.0"
|
|
||||||
sources."aws4-1.8.0"
|
|
||||||
sources."bcrypt-pbkdf-1.0.2"
|
|
||||||
sources."caseless-0.12.0"
|
|
||||||
sources."combined-stream-1.0.8"
|
|
||||||
sources."core-util-is-1.0.2"
|
|
||||||
sources."dashdash-1.14.1"
|
|
||||||
sources."delayed-stream-1.0.0"
|
|
||||||
sources."ecc-jsbn-0.1.2"
|
|
||||||
sources."extend-3.0.2"
|
|
||||||
sources."extsprintf-1.3.0"
|
|
||||||
sources."fast-deep-equal-2.0.1"
|
|
||||||
sources."fast-json-stable-stringify-2.0.0"
|
|
||||||
sources."forever-agent-0.6.1"
|
|
||||||
sources."form-data-2.3.3"
|
|
||||||
sources."getpass-0.1.7"
|
|
||||||
sources."har-schema-2.0.0"
|
|
||||||
sources."har-validator-5.1.3"
|
|
||||||
sources."http-signature-1.2.0"
|
|
||||||
sources."is-typedarray-1.0.0"
|
|
||||||
sources."isstream-0.1.2"
|
|
||||||
sources."jsbn-0.1.1"
|
|
||||||
sources."json-schema-0.2.3"
|
|
||||||
sources."json-schema-traverse-0.4.1"
|
|
||||||
sources."json-stringify-safe-5.0.1"
|
|
||||||
sources."jsprim-1.4.1"
|
|
||||||
sources."mime-db-1.42.0"
|
|
||||||
sources."mime-types-2.1.25"
|
|
||||||
sources."oauth-sign-0.9.0"
|
|
||||||
sources."performance-now-2.1.0"
|
|
||||||
sources."psl-1.4.0"
|
|
||||||
sources."punycode-2.1.1"
|
|
||||||
sources."qs-6.5.2"
|
|
||||||
sources."safe-buffer-5.2.0"
|
|
||||||
sources."safer-buffer-2.1.2"
|
|
||||||
sources."sshpk-1.16.1"
|
|
||||||
(sources."tough-cookie-2.4.3" // {
|
|
||||||
dependencies = [
|
|
||||||
sources."punycode-1.4.1"
|
|
||||||
];
|
|
||||||
})
|
|
||||||
sources."tunnel-agent-0.6.0"
|
|
||||||
sources."tweetnacl-0.14.5"
|
|
||||||
sources."uri-js-4.2.2"
|
|
||||||
sources."uuid-3.3.3"
|
|
||||||
sources."verror-1.10.0"
|
|
||||||
];
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "Simplified HTTP request client.";
|
|
||||||
homepage = "https://github.com/request/request#readme";
|
|
||||||
license = "Apache-2.0";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
shell-quote = nodeEnv.buildNodePackage {
|
|
||||||
name = "shell-quote";
|
|
||||||
packageName = "shell-quote";
|
|
||||||
version = "1.7.2";
|
|
||||||
src = fetchurl {
|
|
||||||
url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz";
|
|
||||||
sha512 = "mRz/m/JVscCrkMyPqHc/bczi3OQHkLTqXHEFu0zDhK/qfv3UcOA4SVmRCLmos4bhjr9ekVQubj/R7waKapmiQg==";
|
|
||||||
};
|
|
||||||
buildInputs = globalBuildInputs;
|
|
||||||
meta = {
|
|
||||||
description = "quote and parse shell commands";
|
|
||||||
homepage = https://github.com/substack/node-shell-quote;
|
|
||||||
license = "MIT";
|
|
||||||
};
|
|
||||||
production = true;
|
|
||||||
bypassCache = true;
|
|
||||||
reconstructLock = true;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,7 +0,0 @@
|
|||||||
[
|
|
||||||
"feedparser",
|
|
||||||
"form-data",
|
|
||||||
"irc",
|
|
||||||
"request",
|
|
||||||
"shell-quote"
|
|
||||||
]
|
|
@ -1,4 +0,0 @@
|
|||||||
#! /usr/bin/env nix-shell
|
|
||||||
#! nix-shell -i bash -p nodePackages.node2nix
|
|
||||||
node2nix -12 -i pkgs.json -c combine.nix
|
|
||||||
rm node-env.nix combine.nix
|
|
@ -192,18 +192,15 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# create marker file from json
|
# create marker file from json
|
||||||
if [ -s marker.json ]; then
|
echo 'position=sun image=sun.png' > marker_file
|
||||||
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json > marker_file
|
echo 'position=moon image=moon.png' >> marker_file
|
||||||
echo 'position=sun image=sun.png' >> marker_file
|
echo 'position=mercury image=mercury.png' >> marker_file
|
||||||
echo 'position=moon image=moon.png' >> marker_file
|
echo 'position=venus image=venus.png' >> marker_file
|
||||||
echo 'position=mercury image=mercury.png' >> marker_file
|
echo 'position=mars image=mars.png' >> marker_file
|
||||||
echo 'position=venus image=venus.png' >> marker_file
|
echo 'position=jupiter image=jupiter.png' >> marker_file
|
||||||
echo 'position=mars image=mars.png' >> marker_file
|
echo 'position=saturn image=saturn.png' >> marker_file
|
||||||
echo 'position=jupiter image=jupiter.png' >> marker_file
|
echo 'position=uranus image=uranus.png' >> marker_file
|
||||||
echo 'position=saturn image=saturn.png' >> marker_file
|
echo 'position=neptune image=neptune.png' >> marker_file
|
||||||
echo 'position=uranus image=uranus.png' >> marker_file
|
|
||||||
echo 'position=neptune image=neptune.png' >> marker_file
|
|
||||||
fi
|
|
||||||
|
|
||||||
# generate moon
|
# generate moon
|
||||||
xplanet -body moon --num_times 1 -origin earth \
|
xplanet -body moon --num_times 1 -origin earth \
|
||||||
@ -227,6 +224,24 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
|
|||||||
shade=15
|
shade=15
|
||||||
''}
|
''}
|
||||||
|
|
||||||
|
xplanet --num_times 1 --geometry $xplanet_out_size \
|
||||||
|
--output xplanet-marker-output.png --projection merc \
|
||||||
|
-config ${pkgs.writeText "xplanet-marker.config" ''
|
||||||
|
[earth]
|
||||||
|
"Earth"
|
||||||
|
map=daymap-final.png
|
||||||
|
night_map=nightmap-final.png
|
||||||
|
cloud_map=clouds.png
|
||||||
|
cloud_threshold=1
|
||||||
|
cloud_gamma=10
|
||||||
|
marker_file=marker_file
|
||||||
|
shade=15
|
||||||
|
''}
|
||||||
|
|
||||||
|
if [ -s marker.json ]; then
|
||||||
|
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude) image=krebs.png"' marker.json >> marker_file
|
||||||
|
fi
|
||||||
|
|
||||||
xplanet --num_times 1 --geometry $xplanet_out_size \
|
xplanet --num_times 1 --geometry $xplanet_out_size \
|
||||||
--output xplanet-krebs-output.png --projection merc \
|
--output xplanet-krebs-output.png --projection merc \
|
||||||
-config ${pkgs.writeText "xplanet-krebs.config" ''
|
-config ${pkgs.writeText "xplanet-krebs.config" ''
|
||||||
@ -248,6 +263,13 @@ pkgs.writers.writeDashBin "generate-wallpaper" ''
|
|||||||
mv realwallpaper-tmp.png realwallpaper.png
|
mv realwallpaper-tmp.png realwallpaper.png
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# trim xplanet output
|
||||||
|
if needs_rebuild realwallpaper-marker.png xplanet-marker-output.png; then
|
||||||
|
convert xplanet-marker-output.png -crop $out_geometry \
|
||||||
|
realwallpaper-marker-tmp.png
|
||||||
|
mv realwallpaper-marker-tmp.png realwallpaper-marker.png
|
||||||
|
fi
|
||||||
|
|
||||||
if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
|
if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
|
||||||
convert xplanet-krebs-output.png -crop $out_geometry \
|
convert xplanet-krebs-output.png -crop $out_geometry \
|
||||||
realwallpaper-krebs-tmp.png
|
realwallpaper-krebs-tmp.png
|
||||||
|
33
krebs/5pkgs/simple/rss-bridge/default.nix
Normal file
33
krebs/5pkgs/simple/rss-bridge/default.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ config, lib, pkgs, fetchFromGitHub, stdenv, ... }:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "rss-bridge";
|
||||||
|
version = "2020-11-10";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "RSS-Bridge";
|
||||||
|
repo = "rss-bridge";
|
||||||
|
rev = version;
|
||||||
|
sha256 = "00cp61lqvhi7b7j0rglsqg3l7cg8s9b8vq098bgvg5dygyi44hyv";
|
||||||
|
};
|
||||||
|
|
||||||
|
patchPhase = ''
|
||||||
|
substituteInPlace lib/rssbridge.php \
|
||||||
|
--replace "define('PATH_CACHE', PATH_ROOT . 'cache/');" "define('PATH_CACHE', getenv('RSSBRIDGE_DATA') . '/cache/');" \
|
||||||
|
--replace "define('FILE_CONFIG', PATH_ROOT . 'config.ini.php');" "define('FILE_CONFIG', getenv('RSSBRIDGE_DATA') . '/config.ini.php');" \
|
||||||
|
--replace "define('WHITELIST', PATH_ROOT . 'whitelist.txt');" "define('WHITELIST', getenv('RSSBRIDGE_DATA') . '/whitelist.txt');"
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir $out/
|
||||||
|
cp -R ./* $out
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
description = "The RSS feed for websites missing it";
|
||||||
|
homepage = "https://github.com/RSS-Bridge/rss-bridge";
|
||||||
|
license = licenses.unlicense;
|
||||||
|
maintainers = with maintainers; [ dawidsowa ];
|
||||||
|
platforms = platforms.all;
|
||||||
|
};
|
||||||
|
}
|
15
krebs/5pkgs/simple/urix.nix
Normal file
15
krebs/5pkgs/simple/urix.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
let lib = import <stockholm/lib>; in
|
||||||
|
{ pkgs }:
|
||||||
|
|
||||||
|
# urix - URI eXtractor
|
||||||
|
# Extract all the URIs from standard input and write them to standard output!
|
||||||
|
# usage: urix < SOMEFILE
|
||||||
|
|
||||||
|
pkgs.execBin "urix" {
|
||||||
|
filename = "${pkgs.gnugrep}/bin/grep";
|
||||||
|
argv = [
|
||||||
|
"urix"
|
||||||
|
"-Eo"
|
||||||
|
"\\b${lib.uri.posix-extended-regex}\\b"
|
||||||
|
];
|
||||||
|
}
|
@ -28,6 +28,7 @@
|
|||||||
git = {
|
git = {
|
||||||
ref = (lib.importJSON ./nixpkgs.json).rev;
|
ref = (lib.importJSON ./nixpkgs.json).rev;
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
|
shallow = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
stockholm.file = toString ../.;
|
stockholm.file = toString ../.;
|
||||||
@ -67,6 +68,13 @@
|
|||||||
target = "root@${target}/var/src";
|
target = "root@${target}/var/src";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A populate)
|
||||||
|
populate = { target, force ? false }: pkgs.populate {
|
||||||
|
inherit force;
|
||||||
|
source = source { test = false; };
|
||||||
|
target = lib.mkTarget target;
|
||||||
|
};
|
||||||
|
|
||||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
||||||
test = { target }: pkgs.krops.writeTest "${name}-test" {
|
test = { target }: pkgs.krops.writeTest "${name}-test" {
|
||||||
force = true;
|
force = true;
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs",
|
"url": "https://github.com/NixOS/nixpkgs",
|
||||||
"rev": "e9158eca70ae59e73fae23be5d13d3fa0cfc78b4",
|
"rev": "f217c0ea7c148ddc0103347051555c7c252dcafb",
|
||||||
"date": "2020-12-09T15:09:49+01:00",
|
"date": "2021-01-21T09:50:34+01:00",
|
||||||
"path": "/nix/store/cx4wf6pi1l2p01sz7png891m65kinfz3-nixpkgs",
|
"path": "/nix/store/8srlzkkvbvlg4g585g9iyzd3ryiilm8a-nixpkgs",
|
||||||
"sha256": "0cnmvnvin9ixzl98fmlm3g17l6w95gifqfb3rfxs55c0wj2ddy53",
|
"sha256": "0cyksxg2lnzxd0pss09rmmk2c2axz0lf9wvgvfng59nwf8dpq2kf",
|
||||||
"fetchSubmodules": false,
|
"fetchSubmodules": false,
|
||||||
"deepClone": false,
|
"deepClone": false,
|
||||||
"leaveDotGit": false
|
"leaveDotGit": false
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs",
|
"url": "https://github.com/NixOS/nixpkgs",
|
||||||
"rev": "3d2d8f281a27d466fa54b469b5993f7dde198375",
|
"rev": "a058d005b3cbb370bf171ebce01839dd6ff52222",
|
||||||
"date": "2020-12-20T14:17:36+01:00",
|
"date": "2021-01-23T17:41:51-05:00",
|
||||||
"path": "/nix/store/mqn37480fj6x9xbq3igz4haw3m2lc7fm-nixpkgs",
|
"path": "/nix/store/6ps307ghgrp10q3mwgw4lq143pmz0h25-nixpkgs",
|
||||||
"sha256": "1hfis53xyzy6hfdivlwkwdy7irbhk7c500a4lf7x43cfkijx5ks1",
|
"sha256": "154mpqw0ya31hzgz9hggg1rb26yx8d00rsj9l90ndsdldrssgvbb",
|
||||||
"fetchSubmodules": false,
|
"fetchSubmodules": false,
|
||||||
"deepClone": false,
|
"deepClone": false,
|
||||||
"leaveDotGit": false
|
"leaveDotGit": false
|
||||||
|
@ -1,54 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<stockholm/lass>
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/libvirt.nix>
|
|
||||||
{ # TODO make new hfos.nix out of this vv
|
|
||||||
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
|
||||||
users.users.riot = {
|
|
||||||
uid = genid_uint31 "riot";
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [ "libvirtd" ];
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6o6sdTu/CX1LW2Ff5bNDqGEAGwAsjf0iIe5DCdC7YikCct+7x4LTXxY+nDlPMeGcOF88X9/qFwdyh+9E4g0nUAZaeL14Uc14QDqDt/aiKjIXXTepxE/i4JD9YbTqStAnA/HYAExU15yqgUdj2dnHu7OZcGxk0ZR1OY18yclXq7Rq0Fd3pN3lPP1T4QHM9w66r83yJdFV9szvu5ral3/QuxQnCNohTkR6LoJ4Ny2RbMPTRtb+jPbTQYTWUWwV69mB8ot5nRTP4MRM9pu7vnoPF4I2S5DvSnx4C5zdKzsb7zmIvD4AmptZLrXj4UXUf00Xf7Js5W100Ne2yhYyhq+35 riot@lagrange"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# TODO write function for proxy_pass (ssl/nonssl)
|
|
||||||
|
|
||||||
krebs.iptables.tables.filter.FORWARD.rules = [
|
|
||||||
{ v6 = false; precedence = 1000; predicate = "-d 192.168.122.179"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
krebs.iptables.tables.nat.PREROUTING.rules = [
|
|
||||||
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
<stockholm/lass/2configs/container-networking.nix>
|
|
||||||
{
|
|
||||||
services.taskserver = {
|
|
||||||
enable = true;
|
|
||||||
fqdn = "lassul.us";
|
|
||||||
listenHost = "::";
|
|
||||||
listenPort = 53589;
|
|
||||||
organisations.lass.users = [ "lass" "android" ];
|
|
||||||
};
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.archprism;
|
|
||||||
services.earlyoom = {
|
|
||||||
enable = true;
|
|
||||||
freeMemThreshold = 5;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,77 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./config.nix
|
|
||||||
{
|
|
||||||
boot.kernelParams = [ "net.ifnames=0" ];
|
|
||||||
networking = {
|
|
||||||
defaultGateway = "46.4.114.225";
|
|
||||||
# Use google's public DNS server
|
|
||||||
nameservers = [ "8.8.8.8" ];
|
|
||||||
interfaces.eth0 = {
|
|
||||||
ipAddress = "46.4.114.247";
|
|
||||||
prefixLength = 27;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# TODO use this network config
|
|
||||||
networking.interfaces.eth0.ipv4.addresses = [
|
|
||||||
{
|
|
||||||
address = config.krebs.build.host.nets.internet.ip4.addr;
|
|
||||||
prefixLength = 27;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
address = "46.4.114.243";
|
|
||||||
prefixLength = 27;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
#networking.defaultGateway = "46.4.114.225";
|
|
||||||
#networking.nameservers = [
|
|
||||||
# "8.8.8.8"
|
|
||||||
#];
|
|
||||||
#services.udev.extraRules = ''
|
|
||||||
# SUBSYSTEM=="net", ATTR{address}=="08:60:6e:e7:87:04", NAME="et0"
|
|
||||||
#'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
|
|
||||||
|
|
||||||
networking.hostId = "fb4173ea";
|
|
||||||
boot.loader.grub = {
|
|
||||||
devices = [
|
|
||||||
"/dev/sda"
|
|
||||||
"/dev/sdb"
|
|
||||||
];
|
|
||||||
splashImage = null;
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [
|
|
||||||
"ata_piix"
|
|
||||||
"vmw_pvscsi"
|
|
||||||
"ahci" "sd_mod"
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
|
|
||||||
sound.enable = false;
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
time.timeZone = "Europe/Berlin";
|
|
||||||
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "rpool/root/nixos";
|
|
||||||
fsType = "zfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/home" = {
|
|
||||||
device = "rpool/home";
|
|
||||||
fsType = "zfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/b67c3370-1597-4ce8-8a46-e257ca32150d";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
@ -9,8 +9,8 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
<stockholm/lass/2configs/blue.nix>
|
<stockholm/lass/2configs/blue.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
<stockholm/lass/2configs/sync/decsync.nix>
|
<stockholm/lass/2configs/sync/decsync.nix>
|
||||||
<stockholm/lass/2configs/sync/weechat.nix>
|
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.blue;
|
krebs.build.host = config.krebs.hosts.blue;
|
||||||
|
@ -6,7 +6,6 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass>
|
<stockholm/lass>
|
||||||
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/backup.nix>
|
|
||||||
<stockholm/lass/2configs/nfs-dl.nix>
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
{
|
{
|
||||||
# bubsy config
|
# bubsy config
|
||||||
|
@ -9,13 +9,80 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/mail.nix>
|
<stockholm/lass/2configs/mail.nix>
|
||||||
|
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
<stockholm/lass/2configs/sync/decsync.nix>
|
<stockholm/lass/2configs/sync/decsync.nix>
|
||||||
<stockholm/lass/2configs/sync/weechat.nix>
|
<stockholm/lass/2configs/sync/weechat.nix>
|
||||||
|
|
||||||
|
<stockholm/lass/2configs/bitlbee.nix>
|
||||||
|
<stockholm/lass/2configs/IM.nix>
|
||||||
|
<stockholm/lass/2configs/muchsync.nix>
|
||||||
|
<stockholm/lass/2configs/pass.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.green;
|
krebs.build.host = config.krebs.hosts.green;
|
||||||
|
|
||||||
#networking.nameservers = [ "1.1.1.1" ];
|
users.users.mainUser.openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.lass-android.pubkey
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMe23IAHn4Ow4J4i8M9GJshqvY80U11NKPLum6b1XLn" # weechat ssh tunnel
|
||||||
|
];
|
||||||
|
|
||||||
#time.timeZone = "Europe/Berlin";
|
krebs.bindfs = {
|
||||||
|
"/home/lass/.weechat" = {
|
||||||
|
source = "/var/state/lass_weechat";
|
||||||
|
options = [
|
||||||
|
"-M ${concatMapStringsSep ":" (u: toString config.users.users.${u}.uid) [ "syncthing" "mainUser" ]}"
|
||||||
|
"--create-for-user=${toString config.users.users.syncthing.uid}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
"/home/lass/Maildir" = {
|
||||||
|
source = "/var/state/lass_mail";
|
||||||
|
options = [
|
||||||
|
"-M ${toString config.users.users.mainUser.uid}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
"/home/lass/sync" = {
|
||||||
|
source = "/var/state/lass_sync";
|
||||||
|
options = [
|
||||||
|
"-M ${concatMapStringsSep ":" (u: toString config.users.users.${u}.uid) [ "syncthing" "mainUser" ]}"
|
||||||
|
"--create-for-user=${toString config.users.users.syncthing.uid}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
"/var/lib/bitlbee" = {
|
||||||
|
source = "/var/state/bitlbee";
|
||||||
|
options = [
|
||||||
|
"-M ${toString config.users.users.bitlbee.uid}"
|
||||||
|
];
|
||||||
|
clearTarget = true;
|
||||||
|
};
|
||||||
|
"/home/lass/.ssh" = {
|
||||||
|
source = "/var/state/lass_ssh";
|
||||||
|
options = [
|
||||||
|
"-M ${toString config.users.users.mainUser.uid}"
|
||||||
|
];
|
||||||
|
clearTarget = true;
|
||||||
|
};
|
||||||
|
"/home/lass/.gnupg" = {
|
||||||
|
source = "/var/state/lass_gnupg";
|
||||||
|
options = [
|
||||||
|
"-M ${toString config.users.users.mainUser.uid}"
|
||||||
|
];
|
||||||
|
clearTarget = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services."bindfs-_home_lass_Maildir".serviceConfig.ExecStartPost = pkgs.writeDash "symlink-notmuch" ''
|
||||||
|
sleep 1
|
||||||
|
mkdir -p /home/lass/notmuch
|
||||||
|
chown lass: /home/lass/notmuch
|
||||||
|
ln -sfTr /home/lass/notmuch /home/lass/Maildir/.notmuch
|
||||||
|
|
||||||
|
mkdir -p /home/lass/notmuch/muchsync
|
||||||
|
chown lass: /home/lass/notmuch/muchsync
|
||||||
|
mkdir -p /home/lass/Maildir/.muchsync
|
||||||
|
ln -sfTr /home/lass/Maildir/.muchsync /home/lass/notmuch/muchsync/tmp
|
||||||
|
'';
|
||||||
|
|
||||||
|
krebs.iptables.tables.nat.PREROUTING.rules = [
|
||||||
|
{ predicate = "-i eth0 -p tcp -m tcp --dport 22"; target = "ACCEPT"; precedence = 101; }
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
@ -51,12 +51,10 @@
|
|||||||
(1, 48, 60)
|
(1, 48, 60)
|
||||||
(2, 50, 61)
|
(2, 50, 61)
|
||||||
(3, 52, 63)
|
(3, 52, 63)
|
||||||
(6, 60, 65)
|
(6, 60, 85)
|
||||||
(7, 80, 85)
|
(7, 80, 90)
|
||||||
(127, 90, 32767)
|
(127, 89, 32767)
|
||||||
'';
|
'';
|
||||||
|
|
||||||
services.logind.lidSwitch = "ignore";
|
services.logind.lidSwitch = "ignore";
|
||||||
services.logind.lidSwitchDocked = "ignore";
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -7,6 +7,7 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -4,6 +4,9 @@ with import <stockholm/lib>;
|
|||||||
imports = [
|
imports = [
|
||||||
<stockholm/lass>
|
<stockholm/lass>
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
|
|
||||||
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.morpheus;
|
krebs.build.host = config.krebs.hosts.morpheus;
|
||||||
|
@ -18,28 +18,28 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/steam.nix>
|
<stockholm/lass/2configs/steam.nix>
|
||||||
<stockholm/lass/2configs/wine.nix>
|
<stockholm/lass/2configs/wine.nix>
|
||||||
<stockholm/lass/2configs/git.nix>
|
<stockholm/lass/2configs/git.nix>
|
||||||
<stockholm/lass/2configs/virtualbox.nix>
|
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/mail.nix>
|
<stockholm/lass/2configs/mail.nix>
|
||||||
<stockholm/krebs/2configs/ircd.nix>
|
<stockholm/krebs/2configs/ircd.nix>
|
||||||
<stockholm/lass/2configs/logf.nix>
|
<stockholm/lass/2configs/logf.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
<stockholm/lass/2configs/otp-ssh.nix>
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
<stockholm/lass/2configs/c-base.nix>
|
|
||||||
<stockholm/lass/2configs/sync/decsync.nix>
|
<stockholm/lass/2configs/sync/decsync.nix>
|
||||||
<stockholm/lass/2configs/sync/weechat.nix>
|
<stockholm/lass/2configs/sync/weechat.nix>
|
||||||
|
#<stockholm/lass/2configs/c-base.nix>
|
||||||
<stockholm/lass/2configs/br.nix>
|
<stockholm/lass/2configs/br.nix>
|
||||||
<stockholm/lass/2configs/ableton.nix>
|
<stockholm/lass/2configs/ableton.nix>
|
||||||
<stockholm/lass/2configs/starcraft.nix>
|
|
||||||
<stockholm/lass/2configs/dunst.nix>
|
<stockholm/lass/2configs/dunst.nix>
|
||||||
<stockholm/lass/2configs/rtl-sdr.nix>
|
<stockholm/lass/2configs/rtl-sdr.nix>
|
||||||
<stockholm/lass/2configs/backup.nix>
|
|
||||||
<stockholm/lass/2configs/print.nix>
|
<stockholm/lass/2configs/print.nix>
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
|
||||||
<stockholm/lass/2configs/network-manager.nix>
|
<stockholm/lass/2configs/network-manager.nix>
|
||||||
<stockholm/lass/2configs/nfs-dl.nix>
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
#<stockholm/lass/2configs/hardening.nix>
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
<stockholm/lass/2configs/ppp.nix>
|
<stockholm/krebs/2configs/news-host.nix>
|
||||||
|
<stockholm/lass/2configs/ppp/x220-modem.nix>
|
||||||
|
<stockholm/lass/2configs/ppp/umts-stick.nix>
|
||||||
|
# <stockholm/lass/2configs/remote-builder/morpheus.nix>
|
||||||
|
# <stockholm/lass/2configs/remote-builder/prism.nix>
|
||||||
{
|
{
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
#risk of rain
|
#risk of rain
|
||||||
|
@ -118,6 +118,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/iodined.nix>
|
<stockholm/lass/2configs/iodined.nix>
|
||||||
<stockholm/lass/2configs/paste.nix>
|
<stockholm/lass/2configs/paste.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
<stockholm/lass/2configs/reaktor-coders.nix>
|
<stockholm/lass/2configs/reaktor-coders.nix>
|
||||||
<stockholm/lass/2configs/ciko.nix>
|
<stockholm/lass/2configs/ciko.nix>
|
||||||
<stockholm/lass/2configs/container-networking.nix>
|
<stockholm/lass/2configs/container-networking.nix>
|
||||||
@ -137,23 +138,18 @@ with import <stockholm/lib>;
|
|||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
|
||||||
lass.ejabberd = {
|
|
||||||
enable = true;
|
|
||||||
hosts = [ "lassul.us" ];
|
|
||||||
};
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p tcp --dport xmpp-server"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
<stockholm/lass/2configs/realwallpaper.nix>
|
<stockholm/lass/2configs/realwallpaper.nix>
|
||||||
];
|
];
|
||||||
services.nginx.virtualHosts."lassul.us".locations."= /wallpaper.png".extraConfig = ''
|
services.nginx.virtualHosts."lassul.us".locations = {
|
||||||
alias /var/realwallpaper/realwallpaper.png;
|
"= /wallpaper-marker.png".extraConfig = ''
|
||||||
'';
|
alias /var/realwallpaper/realwallpaper-marker.png;
|
||||||
|
'';
|
||||||
|
"= /wallpaper.png".extraConfig = ''
|
||||||
|
alias /var/realwallpaper/realwallpaper.png;
|
||||||
|
'';
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
users.users.jeschli = {
|
users.users.jeschli = {
|
||||||
@ -282,8 +278,9 @@ with import <stockholm/lib>;
|
|||||||
services.murmur = {
|
services.murmur = {
|
||||||
enable = true;
|
enable = true;
|
||||||
bandwidth = 10000000;
|
bandwidth = 10000000;
|
||||||
|
registerName = "lassul.us";
|
||||||
|
autobanTime = 30;
|
||||||
};
|
};
|
||||||
services.murmur.registerName = "lassul.us";
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
|
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
|
||||||
{ predicate = "-p udp --dport 64738"; target = "ACCEPT";}
|
{ predicate = "-p udp --dport 64738"; target = "ACCEPT";}
|
||||||
@ -354,6 +351,8 @@ with import <stockholm/lib>;
|
|||||||
palo.pubkey
|
palo.pubkey
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
|
||||||
"AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki"
|
"AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki11:15 <Profpatsch> AAAAB3NzaC1yc2EAAAADAQABAAABgQC4ECL9NSCWqs4KVe+FF+2BPtl5Bv5aQPHqnXllCyiESZykwRKLx6/AbF5SbUAUMVZtp9oDSdp28m3BvVeWJ/q7hAbIxUtfd/jp+JBRZ8Kj6K5GzUO7Bhgl/o0A7xEjAeOKHiYuLjdPMcFUyl6Ah4ey/mcQYf6AdU0+hYUDeUlKe/YxxYD6202W0GJq2xGdIqs/TbopT9iaX+sv0wdXDVfFY72nFqOUwJW3u6O2viKKRugrz/eo50Eo3ts7pYz/FpDXExrUvV9Vu/bQ34pa8nKgF3/AKQHgmzljNQSVZKyAV8OY0UFonjBMXCBg2tXtwfnlzdx2SyuQVv55x+0AuRKsi85G2xLpXu1A3921pseBTW6Q6kbYK9eqxAay2c/kNbwNqFnO+nCvQ6Ier/hvGddOtItMu96IuU2E7mPN6WgvM8/3fjJRFWnZxFxqu/k7iH+yYT8qwRgdiSqZc76qvkYEuabdk2itstTRY0A3SpI3hFMZDw/7bxgMZtqpfyoRk5s= philip@shiki"
|
||||||
|
mic92.pubkey
|
||||||
|
qubasa.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -412,42 +411,6 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{ #macos mounting of yellow
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-i wiregrill -p tcp --dport 139"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-i wiregrill -p tcp --dport 445"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-i wiregrill -p udp --dport 137"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-i wiregrill -p udp --dport 138"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
users.users.smbguest = {
|
|
||||||
name = "smbguest";
|
|
||||||
uid = config.ids.uids.smbguest;
|
|
||||||
description = "smb guest user";
|
|
||||||
home = "/home/share";
|
|
||||||
createHome = true;
|
|
||||||
};
|
|
||||||
services.samba = {
|
|
||||||
enable = true;
|
|
||||||
enableNmbd = true;
|
|
||||||
shares = {
|
|
||||||
download = {
|
|
||||||
path = "/var/download/finished";
|
|
||||||
"read only" = "yes";
|
|
||||||
browseable = "yes";
|
|
||||||
"guest ok" = "yes";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
extraConfig = ''
|
|
||||||
guest account = smbguest
|
|
||||||
map to guest = bad user
|
|
||||||
# disable printing
|
|
||||||
load printers = no
|
|
||||||
printing = bsd
|
|
||||||
printcap name = /dev/null
|
|
||||||
disable spoolss = yes
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.prism;
|
krebs.build.host = config.krebs.hosts.prism;
|
||||||
|
@ -13,19 +13,18 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/programs.nix>
|
<stockholm/lass/2configs/programs.nix>
|
||||||
<stockholm/lass/2configs/wine.nix>
|
<stockholm/lass/2configs/wine.nix>
|
||||||
<stockholm/lass/2configs/bitcoin.nix>
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
<stockholm/lass/2configs/backup.nix>
|
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
|
<stockholm/krebs/2configs/news-host.nix>
|
||||||
<stockholm/lass/2configs/nfs-dl.nix>
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
<stockholm/lass/2configs/gg23.nix>
|
|
||||||
<stockholm/lass/2configs/hass>
|
|
||||||
<stockholm/lass/2configs/br.nix>
|
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/home-media.nix>
|
<stockholm/lass/2configs/home-media.nix>
|
||||||
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.shodan;
|
krebs.build.host = config.krebs.hosts.shodan;
|
||||||
|
|
||||||
services.logind.lidSwitch = "ignore";
|
services.logind.lidSwitch = "ignore";
|
||||||
services.logind.lidSwitchDocked = "ignore";
|
services.logind.lidSwitchDocked = "ignore";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -6,6 +6,7 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
<stockholm/lass/2configs/power-action.nix>
|
<stockholm/lass/2configs/power-action.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
{
|
{
|
||||||
|
@ -12,14 +12,17 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/browsers.nix>
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
<stockholm/lass/2configs/programs.nix>
|
<stockholm/lass/2configs/programs.nix>
|
||||||
<stockholm/lass/2configs/nfs-dl.nix>
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
# <stockholm/lass/2configs/gg23.nix>
|
<stockholm/lass/2configs/gg23.nix>
|
||||||
# <stockholm/lass/2configs/hass>
|
<stockholm/lass/2configs/hass>
|
||||||
|
<stockholm/lass/2configs/green-host.nix>
|
||||||
|
<stockholm/krebs/2configs/news-host.nix>
|
||||||
# <stockholm/lass/2configs/br.nix>
|
# <stockholm/lass/2configs/br.nix>
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/home-media.nix>
|
<stockholm/lass/2configs/home-media.nix>
|
||||||
# <stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
# <stockholm/lass/2configs/sync/sync.nix>
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
# <stockholm/lass/2configs/idc.nix>
|
# <stockholm/lass/2configs/idc.nix>
|
||||||
|
<stockholm/lass/2configs/ppp/umts-stick.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.styx;
|
krebs.build.host = config.krebs.hosts.styx;
|
||||||
@ -27,6 +30,8 @@ with import <stockholm/lib>;
|
|||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport ${toString config.services.smokeping.port}"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport ${toString config.services.smokeping.port}"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
|
krebs.power-action.enable = mkForce false;
|
||||||
|
|
||||||
services.smokeping = {
|
services.smokeping = {
|
||||||
enable = true;
|
enable = true;
|
||||||
targetConfig = ''
|
targetConfig = ''
|
||||||
|
@ -31,4 +31,9 @@
|
|||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 4;
|
nix.maxJobs = lib.mkDefault 4;
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="net", ATTR{address}=="3c:7c:3f:7e:e2:39", NAME="et0"
|
||||||
|
SUBSYSTEM=="net", ATTR{address}=="00:e0:4c:78:91:50", NAME="int0"
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
<stockholm/lass/2configs/programs.nix>
|
<stockholm/lass/2configs/programs.nix>
|
||||||
<stockholm/lass/2configs/network-manager.nix>
|
<stockholm/lass/2configs/network-manager.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/sync/sync.nix>
|
||||||
<stockholm/lass/2configs/games.nix>
|
<stockholm/lass/2configs/games.nix>
|
||||||
<stockholm/lass/2configs/steam.nix>
|
<stockholm/lass/2configs/steam.nix>
|
||||||
<stockholm/lass/2configs/wine.nix>
|
<stockholm/lass/2configs/wine.nix>
|
||||||
|
@ -9,30 +9,21 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.yellow;
|
krebs.build.host = config.krebs.hosts.yellow;
|
||||||
|
|
||||||
system.activationScripts.downloadFolder = ''
|
|
||||||
mkdir -p /var/download
|
|
||||||
chown transmission:download /var/download
|
|
||||||
chown transmission:download /var/download/finished
|
|
||||||
chmod 775 /var/download
|
|
||||||
'';
|
|
||||||
|
|
||||||
users.users.download = { uid = genid "download"; };
|
|
||||||
users.groups.download.members = [ "transmission" ];
|
users.groups.download.members = [ "transmission" ];
|
||||||
users.users.transmission.group = mkForce "download";
|
|
||||||
|
|
||||||
systemd.services.transmission.bindsTo = [ "openvpn-nordvpn.service" ];
|
systemd.services.transmission.bindsTo = [ "openvpn-nordvpn.service" ];
|
||||||
systemd.services.transmission.after = [ "openvpn-nordvpn.service" ];
|
systemd.services.transmission.after = [ "openvpn-nordvpn.service" ];
|
||||||
systemd.services.transmission.postStart = ''
|
|
||||||
chmod 775 /var/download/finished
|
|
||||||
'';
|
|
||||||
services.transmission = {
|
services.transmission = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
group = "download";
|
||||||
|
downloadDirPermissions = "775";
|
||||||
settings = {
|
settings = {
|
||||||
download-dir = "/var/download/finished";
|
download-dir = "/var/download/finished";
|
||||||
incomplete-dir = "/var/download/incoming";
|
incomplete-dir = "/var/download/incoming";
|
||||||
incomplete-dir-enable = true;
|
incomplete-dir-enable = true;
|
||||||
|
rpc-bind-address = "0.0.0.0";
|
||||||
message-level = 1;
|
message-level = 1;
|
||||||
umask = "002";
|
umask = 18;
|
||||||
rpc-whitelist-enabled = false;
|
rpc-whitelist-enabled = false;
|
||||||
rpc-host-whitelist-enabled = false;
|
rpc-host-whitelist-enabled = false;
|
||||||
};
|
};
|
||||||
@ -172,7 +163,7 @@ with import <stockholm/lib>;
|
|||||||
client
|
client
|
||||||
dev tun
|
dev tun
|
||||||
proto udp
|
proto udp
|
||||||
remote 185.230.127.27 1194
|
remote 91.207.172.77 1194
|
||||||
resolv-retry infinite
|
resolv-retry infinite
|
||||||
remote-random
|
remote-random
|
||||||
nobind
|
nobind
|
||||||
@ -195,6 +186,7 @@ with import <stockholm/lib>;
|
|||||||
fast-io
|
fast-io
|
||||||
cipher AES-256-CBC
|
cipher AES-256-CBC
|
||||||
auth SHA512
|
auth SHA512
|
||||||
|
|
||||||
<ca>
|
<ca>
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
|
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
|
||||||
|
45
lass/2configs/IM.nix
Normal file
45
lass/2configs/IM.nix
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
with (import <stockholm/lib>);
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./bitlbee.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
systemd.services.chat = let
|
||||||
|
tmux = pkgs.writeDash "tmux" ''
|
||||||
|
exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
|
||||||
|
set-option -g prefix `
|
||||||
|
unbind-key C-b
|
||||||
|
bind ` send-prefix
|
||||||
|
|
||||||
|
set-option -g status off
|
||||||
|
set-option -g default-terminal screen-256color
|
||||||
|
|
||||||
|
#use session instead of windows
|
||||||
|
bind-key c new-session
|
||||||
|
bind-key p switch-client -p
|
||||||
|
bind-key n switch-client -n
|
||||||
|
bind-key C-s switch-client -l
|
||||||
|
''} "$@"
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
description = "chat environment setup";
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
|
restartIfChanged = false;
|
||||||
|
|
||||||
|
path = [
|
||||||
|
pkgs.rxvt_unicode.terminfo
|
||||||
|
];
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
User = "lass";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
Type = "oneshot";
|
||||||
|
ExecStart = "${tmux} -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat";
|
||||||
|
ExecStop = "${tmux} kill-session -t IM";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,14 +0,0 @@
|
|||||||
{ config, lib, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
users.users.backup = {
|
|
||||||
useDefaultShell = true;
|
|
||||||
home = "/backups";
|
|
||||||
createHome = true;
|
|
||||||
group = "syncthing";
|
|
||||||
openssh.authorizedKeys.keys = with config.krebs.hosts; [
|
|
||||||
blue.ssh.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
@ -6,6 +6,7 @@
|
|||||||
services.nix-serve = {
|
services.nix-serve = {
|
||||||
enable = true;
|
enable = true;
|
||||||
secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
|
secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
|
||||||
|
port = 5005;
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.nix-serve = {
|
systemd.services.nix-serve = {
|
||||||
|
@ -10,6 +10,10 @@ with (import <stockholm/lib>);
|
|||||||
pkgs.bitlbee-steam
|
pkgs.bitlbee-steam
|
||||||
pkgs.bitlbee-discord
|
pkgs.bitlbee-discord
|
||||||
];
|
];
|
||||||
libpurple_plugins = [ pkgs.telegram-purple ];
|
libpurple_plugins = [
|
||||||
|
# pkgs.telegram-purple
|
||||||
|
pkgs.tdlib-purple
|
||||||
|
# pkgs.purple-gowhatsapp
|
||||||
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -7,7 +7,6 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
extensions = [
|
extensions = [
|
||||||
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
|
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
|
||||||
"ihlenndgcmojhcghmfjfneahoeklbjjh" #cVim
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -12,8 +12,9 @@ with import <stockholm/lib>;
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.codimd = {
|
services.hedgedoc = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
configuration.allowOrigin = [ "*" ];
|
||||||
configuration = {
|
configuration = {
|
||||||
db = {
|
db = {
|
||||||
dialect = "sqlite";
|
dialect = "sqlite";
|
||||||
|
@ -3,7 +3,6 @@ with import <stockholm/lib>;
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./binary-cache/client.nix
|
./binary-cache/client.nix
|
||||||
./backup.nix
|
|
||||||
./gc.nix
|
./gc.nix
|
||||||
./mc.nix
|
./mc.nix
|
||||||
./vim.nix
|
./vim.nix
|
||||||
@ -22,6 +21,7 @@ with import <stockholm/lib>;
|
|||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.lass-mors.pubkey
|
config.krebs.users.lass-mors.pubkey
|
||||||
config.krebs.users.lass-blue.pubkey
|
config.krebs.users.lass-blue.pubkey
|
||||||
|
config.krebs.users.lass-green.pubkey
|
||||||
config.krebs.users.lass-yubikey.pubkey
|
config.krebs.users.lass-yubikey.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
@ -40,6 +40,7 @@ with import <stockholm/lib>;
|
|||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.lass-mors.pubkey
|
config.krebs.users.lass-mors.pubkey
|
||||||
config.krebs.users.lass-blue.pubkey
|
config.krebs.users.lass-blue.pubkey
|
||||||
|
config.krebs.users.lass-green.pubkey
|
||||||
config.krebs.users.lass-yubikey.pubkey
|
config.krebs.users.lass-yubikey.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
@ -3,7 +3,12 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
{
|
{
|
||||||
krebs.exim-retiolum.enable = true;
|
krebs.exim-retiolum = {
|
||||||
|
enable = true;
|
||||||
|
system-aliases = [
|
||||||
|
{ from = "root"; to = "lass"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
|
{ predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
|
@ -1,120 +1,10 @@
|
|||||||
{ config, lib, pkgs, ... }: with import <stockholm/lib>; let
|
{ config, lib, pkgs, ... }: with import <stockholm/lib>; let
|
||||||
|
|
||||||
to = concatStringsSep "," [
|
to = concatStringsSep "," [
|
||||||
"lass@blue.r"
|
"lass@green.r"
|
||||||
];
|
];
|
||||||
|
|
||||||
mails = [
|
mails = import <secrets/mails.nix>;
|
||||||
"postmaster@lassul.us"
|
|
||||||
"lass@lassul.us"
|
|
||||||
"lassulus@lassul.us"
|
|
||||||
"test@lassul.us"
|
|
||||||
"outlook@lassul.us"
|
|
||||||
"steuer@aidsballs.de"
|
|
||||||
"lass@aidsballs.de"
|
|
||||||
"wordpress@ubikmedia.de"
|
|
||||||
"finanzamt@lassul.us"
|
|
||||||
"netzclub@lassul.us"
|
|
||||||
"nebenan@lassul.us"
|
|
||||||
"feed@lassul.us"
|
|
||||||
"art@lassul.us"
|
|
||||||
"irgendwas@lassul.us"
|
|
||||||
"polo@lassul.us"
|
|
||||||
"shack@lassul.us"
|
|
||||||
"nix@lassul.us"
|
|
||||||
"c-base@lassul.us"
|
|
||||||
"paypal@lassul.us"
|
|
||||||
"patreon@lassul.us"
|
|
||||||
"steam@lassul.us"
|
|
||||||
"securityfocus@lassul.us"
|
|
||||||
"radio@lassul.us"
|
|
||||||
"btce@lassul.us"
|
|
||||||
"raf@lassul.us"
|
|
||||||
"apple@lassul.us"
|
|
||||||
"coinbase@lassul.us"
|
|
||||||
"tomtop@lassul.us"
|
|
||||||
"aliexpress@lassul.us"
|
|
||||||
"business@lassul.us"
|
|
||||||
"payeer@lassul.us"
|
|
||||||
"github@lassul.us"
|
|
||||||
"bitwala@lassul.us"
|
|
||||||
"bitstamp@lassul.us"
|
|
||||||
"bitcoin.de@lassul.us"
|
|
||||||
"ableton@lassul.us"
|
|
||||||
"dhl@lassul.us"
|
|
||||||
"sipgate@lassul.us"
|
|
||||||
"coinexchange@lassul.us"
|
|
||||||
"verwaltung@lassul.us"
|
|
||||||
"gearbest@lassul.us"
|
|
||||||
"binance@lassul.us"
|
|
||||||
"bitfinex@lassul.us"
|
|
||||||
"alternate@lassul.us"
|
|
||||||
"redacted@lassul.us"
|
|
||||||
"mytaxi@lassul.us"
|
|
||||||
"pizza@lassul.us"
|
|
||||||
"robinhood@lassul.us"
|
|
||||||
"drivenow@lassul.us"
|
|
||||||
"aws@lassul.us"
|
|
||||||
"reddit@lassul.us"
|
|
||||||
"banggood@lassul.us"
|
|
||||||
"immoscout@lassul.us"
|
|
||||||
"gmail@lassul.us"
|
|
||||||
"amazon@lassul.us"
|
|
||||||
"humblebundle@lassul.us"
|
|
||||||
"meetup@lassul.us"
|
|
||||||
"gebfrei@lassul.us"
|
|
||||||
"github@lassul.us"
|
|
||||||
"ovh@lassul.us"
|
|
||||||
"hetzner@lassul.us"
|
|
||||||
"allygator@lassul.us"
|
|
||||||
"immoscout@lassul.us"
|
|
||||||
"elitedangerous@lassul.us"
|
|
||||||
"boardgamegeek@lassul.us"
|
|
||||||
"qwertee@lassul.us"
|
|
||||||
"zazzle@lassul.us"
|
|
||||||
"hackbeach@lassul.us"
|
|
||||||
"transferwise@lassul.us"
|
|
||||||
"cis@lassul.us"
|
|
||||||
"afra@lassul.us"
|
|
||||||
"ksp@lassul.us"
|
|
||||||
"ccc@lassul.us"
|
|
||||||
"neocron@lassul.us"
|
|
||||||
"osmocom@lassul.us"
|
|
||||||
"lesswrong@lassul.us"
|
|
||||||
"nordvpn@lassul.us"
|
|
||||||
"csv-direct@lassul.us"
|
|
||||||
"nintendo@lassul.us"
|
|
||||||
"overleaf@lassul.us"
|
|
||||||
"box@lassul.us"
|
|
||||||
"paloalto@lassul.us"
|
|
||||||
"subtitles@lassul.us"
|
|
||||||
"lobsters@lassul.us"
|
|
||||||
"fysitech@lassul.us"
|
|
||||||
"threema@lassul.us"
|
|
||||||
"ubisoft@lassul.us"
|
|
||||||
"kottezeller@lassul.us"
|
|
||||||
"pie@lassul.us"
|
|
||||||
"vebit@lassul.us"
|
|
||||||
"vcvrack@lassul.us"
|
|
||||||
"epic@lassul.us"
|
|
||||||
"microsoft@lassul.us"
|
|
||||||
"stickers@lassul.us"
|
|
||||||
"nextbike@lassul.us"
|
|
||||||
"mytello@lassul.us"
|
|
||||||
"camp@lassul.us"
|
|
||||||
"urlwatch@lassul.us"
|
|
||||||
"lidl@lassul.us"
|
|
||||||
"geizhals@lassul.us"
|
|
||||||
"auschein@lassul.us"
|
|
||||||
"tleech@lassul.us"
|
|
||||||
"durstexpress@lassul.us"
|
|
||||||
"acme@lassul.us"
|
|
||||||
"antstore@lassul.us"
|
|
||||||
"openweather@lassul.us"
|
|
||||||
"lobsters@lassul.us"
|
|
||||||
"rewe@lassul.us"
|
|
||||||
"spotify@lassul.us"
|
|
||||||
];
|
|
||||||
|
|
||||||
in {
|
in {
|
||||||
environment.systemPackages = [ pkgs.review-mail-queue ];
|
environment.systemPackages = [ pkgs.review-mail-queue ];
|
||||||
|
@ -97,6 +97,10 @@ let
|
|||||||
populate = {
|
populate = {
|
||||||
cgit.section = "software";
|
cgit.section = "software";
|
||||||
};
|
};
|
||||||
|
reaktor2 = {
|
||||||
|
cgit.desc = "irc bot";
|
||||||
|
cgit.section = "software";
|
||||||
|
};
|
||||||
stockholm = {
|
stockholm = {
|
||||||
cgit.desc = "take all the computers hostage, they'll love you!";
|
cgit.desc = "take all the computers hostage, they'll love you!";
|
||||||
cgit.section = "configuration";
|
cgit.section = "configuration";
|
||||||
@ -109,6 +113,10 @@ let
|
|||||||
cgit.desc = "Good Music collection + tools";
|
cgit.desc = "Good Music collection + tools";
|
||||||
cgit.section = "art";
|
cgit.section = "art";
|
||||||
};
|
};
|
||||||
|
workadventure-nix = {
|
||||||
|
cgit.desc = "Nix packaging for workadventure";
|
||||||
|
cgit.section = "deployment";
|
||||||
|
};
|
||||||
xmonad-stockholm = {
|
xmonad-stockholm = {
|
||||||
cgit.desc = "krebs xmonad modules";
|
cgit.desc = "krebs xmonad modules";
|
||||||
cgit.section = "configuration";
|
cgit.section = "configuration";
|
||||||
@ -142,9 +150,6 @@ let
|
|||||||
nick = config.krebs.build.host.name;
|
nick = config.krebs.build.host.name;
|
||||||
channel = "#xxx";
|
channel = "#xxx";
|
||||||
# TODO define refs in some kind of option per repo
|
# TODO define refs in some kind of option per repo
|
||||||
refs = [
|
|
||||||
"refs/heads/master"
|
|
||||||
];
|
|
||||||
server = "irc.r";
|
server = "irc.r";
|
||||||
verbose = config.krebs.build.host.name == "prism";
|
verbose = config.krebs.build.host.name == "prism";
|
||||||
}}
|
}}
|
||||||
|
@ -4,16 +4,26 @@
|
|||||||
<stockholm/lass/2configs/container-networking.nix>
|
<stockholm/lass/2configs/container-networking.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
];
|
];
|
||||||
lass.sync-containers.containers.green = {
|
krebs.sync-containers.containers.green = {
|
||||||
peers = [
|
peers = [
|
||||||
"icarus"
|
"icarus"
|
||||||
"shodan"
|
"shodan"
|
||||||
"skynet"
|
"skynet"
|
||||||
"mors"
|
"mors"
|
||||||
|
"morpheus"
|
||||||
"littleT"
|
"littleT"
|
||||||
|
"styx"
|
||||||
];
|
];
|
||||||
hostIp = "10.233.2.15";
|
hostIp = "10.233.2.15";
|
||||||
localIp = "10.233.2.16";
|
localIp = "10.233.2.16";
|
||||||
format = "ecryptfs";
|
format = "ecryptfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.borgbackup.jobs.sync-green = {
|
||||||
|
encryption.mode = "none";
|
||||||
|
paths = "/var/lib/sync-containers/green/ecryptfs";
|
||||||
|
repo = "/var/lib/sync-containers/green/backup";
|
||||||
|
compression = "auto,lzma";
|
||||||
|
startAt = "daily";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -13,7 +13,9 @@ with import ./lib.nix { inherit lib; };
|
|||||||
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
|
{ predicate = "-i int0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
|
||||||
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
|
{ predicate = "-i docker0 -p tcp --dport 1883"; target = "ACCEPT"; } # mosquitto
|
||||||
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
|
{ predicate = "-i int0 -p tcp --dport 8123"; target = "ACCEPT"; } # hass
|
||||||
|
{ predicate = "-i int0 -p tcp --dport 1337"; target = "ACCEPT"; } # hass
|
||||||
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
|
{ predicate = "-i retiolum -p tcp --dport 8123"; target = "ACCEPT"; } # hass
|
||||||
|
{ predicate = "-i retiolum -p tcp --dport 1337"; target = "ACCEPT"; } # hass frontend
|
||||||
{ predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass
|
{ predicate = "-i wiregrill -p tcp --dport 8123"; target = "ACCEPT"; } # hass
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -47,6 +49,7 @@ with import ./lib.nix { inherit lib; };
|
|||||||
};
|
};
|
||||||
config = {};
|
config = {};
|
||||||
sun.elevation = 66;
|
sun.elevation = 66;
|
||||||
|
shopping_list = {};
|
||||||
discovery = {};
|
discovery = {};
|
||||||
frontend = {};
|
frontend = {};
|
||||||
mqtt = {
|
mqtt = {
|
||||||
@ -81,7 +84,6 @@ with import ./lib.nix { inherit lib; };
|
|||||||
(tasmota_s20 "Stereo Anlage" "stereo")
|
(tasmota_s20 "Stereo Anlage" "stereo")
|
||||||
];
|
];
|
||||||
mobile_app = {};
|
mobile_app = {};
|
||||||
hue = {};
|
|
||||||
weather = [
|
weather = [
|
||||||
{
|
{
|
||||||
platform = "openweathermap";
|
platform = "openweathermap";
|
||||||
|
@ -23,7 +23,7 @@ rec {
|
|||||||
};
|
};
|
||||||
|
|
||||||
friendly_names =
|
friendly_names =
|
||||||
lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}_light" { friendly_name = "l.${n}"; }) lights //
|
lib.mapAttrs' (n: v: lib.nameValuePair "light.${v}" { friendly_name = "l.${n}"; }) lights //
|
||||||
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "s.${n}_up"; }) switches.dimmer //
|
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "s.${n}_up"; }) switches.dimmer //
|
||||||
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "i.${n}_up"; }) sensors.movement //
|
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "i.${n}_up"; }) sensors.movement //
|
||||||
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "l.${n}_up"; }) lights //
|
lib.mapAttrs' (n: v: lib.nameValuePair "binary_sensor.${v}_update_available" { friendly_name = "l.${n}_up"; }) lights //
|
||||||
@ -41,11 +41,11 @@ rec {
|
|||||||
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement //
|
lib.mapAttrs' (n: v: lib.nameValuePair "sensor.${v}_illuminance" { friendly_name = "i.${n}_lux"; }) sensors.movement //
|
||||||
{};
|
{};
|
||||||
|
|
||||||
detect_movement = sensor: light: delay:
|
detect_movement = name: sensor: light: delay:
|
||||||
let
|
let
|
||||||
id = "${sensor}_${light}";
|
id = name;
|
||||||
sensor_ = "binary_sensor.${sensor}_occupancy";
|
sensor_ = "binary_sensor.${sensor}_occupancy";
|
||||||
light_ = "light.${light}_light";
|
light_ = "light.${light}";
|
||||||
in {
|
in {
|
||||||
input_boolean."${id}" = {
|
input_boolean."${id}" = {
|
||||||
};
|
};
|
||||||
@ -71,7 +71,6 @@ rec {
|
|||||||
# }
|
# }
|
||||||
{
|
{
|
||||||
alias = "movement reset timer ${id}";
|
alias = "movement reset timer ${id}";
|
||||||
hide_entity = true;
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "state";
|
platform = "state";
|
||||||
entity_id = sensor_;
|
entity_id = sensor_;
|
||||||
@ -87,7 +86,6 @@ rec {
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
alias = "movement on ${id}";
|
alias = "movement on ${id}";
|
||||||
# hide_entity = true;
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "state";
|
platform = "state";
|
||||||
entity_id = "binary_sensor.${sensor}_occupancy";
|
entity_id = "binary_sensor.${sensor}_occupancy";
|
||||||
@ -124,7 +122,6 @@ rec {
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
alias = "movement off ${id}";
|
alias = "movement off ${id}";
|
||||||
hide_entity = true;
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "state";
|
platform = "state";
|
||||||
entity_id = sensor_;
|
entity_id = sensor_;
|
||||||
@ -144,7 +141,6 @@ rec {
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
alias = "movement override ${id}";
|
alias = "movement override ${id}";
|
||||||
hide_entity = true;
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "state";
|
platform = "state";
|
||||||
entity_id = light_;
|
entity_id = light_;
|
||||||
@ -164,7 +160,6 @@ rec {
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
alias = "movement expired ${id}";
|
alias = "movement expired ${id}";
|
||||||
hide_entity = true;
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "event";
|
platform = "event";
|
||||||
event_type = "timer.finished";
|
event_type = "timer.finished";
|
||||||
@ -186,11 +181,10 @@ rec {
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
lightswitch = switch: light: {
|
lightswitch = name: switch: light: {
|
||||||
automation = [
|
automation = [
|
||||||
{
|
{
|
||||||
alias = "lightswitch ${switch} turn on light ${light}";
|
alias = "lightswitch ${name} turn on";
|
||||||
hide_entity = "true";
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "mqtt";
|
platform = "mqtt";
|
||||||
topic = "zigbee/${switch}";
|
topic = "zigbee/${switch}";
|
||||||
@ -225,15 +219,14 @@ rec {
|
|||||||
{
|
{
|
||||||
service = "light.turn_on";
|
service = "light.turn_on";
|
||||||
data_template = {
|
data_template = {
|
||||||
entity_id = "light.${light}_light";
|
entity_id = "light.${light}";
|
||||||
brightness = "{{ trigger.payload_json.brightness }}";
|
brightness = "{{ trigger.payload_json.brightness }}";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
alias = "lightswitch ${switch} turn off light ${light}";
|
alias = "lightswitch ${name} turn off";
|
||||||
hide_entity = "true";
|
|
||||||
trigger = {
|
trigger = {
|
||||||
platform = "mqtt";
|
platform = "mqtt";
|
||||||
topic = "zigbee/${switch}";
|
topic = "zigbee/${switch}";
|
||||||
@ -254,7 +247,7 @@ rec {
|
|||||||
action = {
|
action = {
|
||||||
service = "light.turn_off";
|
service = "light.turn_off";
|
||||||
data_template = {
|
data_template = {
|
||||||
entity_id = "light.${light}_light";
|
entity_id = "light.${light}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -3,7 +3,7 @@ with import ../lib.nix { inherit lib; };
|
|||||||
|
|
||||||
{
|
{
|
||||||
services.home-assistant.config = lib.mkMerge [
|
services.home-assistant.config = lib.mkMerge [
|
||||||
(lightswitch switches.dimmer.bett lights.bett)
|
(lightswitch "bett" switches.dimmer.bett lights.bett)
|
||||||
];
|
];
|
||||||
|
|
||||||
# lass.hass.love = {
|
# lass.hass.love = {
|
||||||
|
@ -3,7 +3,7 @@ with import ../lib.nix { inherit lib; };
|
|||||||
|
|
||||||
{
|
{
|
||||||
services.home-assistant.config = lib.mkMerge [
|
services.home-assistant.config = lib.mkMerge [
|
||||||
(detect_movement sensors.movement.essen lights.essen 10)
|
(detect_movement "essen" sensors.movement.essen lights.essen 70)
|
||||||
(lightswitch switches.dimmer.essen lights.essen)
|
(lightswitch "essen" switches.dimmer.essen lights.essen)
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -3,8 +3,8 @@ with import ../lib.nix { inherit lib; };
|
|||||||
|
|
||||||
{
|
{
|
||||||
services.home-assistant.config = lib.mkMerge [
|
services.home-assistant.config = lib.mkMerge [
|
||||||
(detect_movement sensors.movement.nass lights.nass 100)
|
(detect_movement "nass" sensors.movement.nass lights.nass 100)
|
||||||
(lightswitch switches.dimmer.nass lights.nass)
|
(lightswitch "nass" switches.dimmer.nass lights.nass)
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -21,6 +21,26 @@ let
|
|||||||
account default: prism
|
account default: prism
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
notmuch-config = pkgs.writeText "notmuch-config" ''
|
||||||
|
[database]
|
||||||
|
path=/home/lass/Maildir
|
||||||
|
|
||||||
|
[user]
|
||||||
|
name=lassulus
|
||||||
|
primary_email=lassulus@lassul.us
|
||||||
|
other_email=lass@mors.r;${concatStringsSep ";" (flatten (attrValues mailboxes))}
|
||||||
|
|
||||||
|
[new]
|
||||||
|
tags=unread;inbox;
|
||||||
|
ignore=
|
||||||
|
|
||||||
|
[search]
|
||||||
|
exclude_tags=deleted;spam;
|
||||||
|
|
||||||
|
[maildir]
|
||||||
|
synchronize_flags=true
|
||||||
|
'';
|
||||||
|
|
||||||
msmtp = pkgs.writeBashBin "msmtp" ''
|
msmtp = pkgs.writeBashBin "msmtp" ''
|
||||||
${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert +sent) | \
|
${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert +sent) | \
|
||||||
${pkgs.msmtp}/bin/msmtp -C ${msmtprc} "$@"
|
${pkgs.msmtp}/bin/msmtp -C ${msmtprc} "$@"
|
||||||
@ -207,7 +227,7 @@ let
|
|||||||
set sidebar_short_path
|
set sidebar_short_path
|
||||||
set sidebar_folder_indent
|
set sidebar_folder_indent
|
||||||
set sidebar_visible = yes
|
set sidebar_visible = yes
|
||||||
set sidebar_format = '%B%?F? [%F]?%* %?N?%N/? %?S?%S?'
|
set sidebar_format = '%D%?F? [%F]?%* %?N?%N/? %?S?%S?'
|
||||||
set sidebar_width = 20
|
set sidebar_width = 20
|
||||||
color sidebar_new yellow red
|
color sidebar_new yellow red
|
||||||
|
|
||||||
@ -232,6 +252,7 @@ let
|
|||||||
};
|
};
|
||||||
|
|
||||||
in {
|
in {
|
||||||
|
environment.variables.NOTMUCH_CONFIG = toString notmuch-config;
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
msmtp
|
msmtp
|
||||||
mutt
|
mutt
|
||||||
|
40
lass/2configs/muchsync.nix
Normal file
40
lass/2configs/muchsync.nix
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
with (import <stockholm/lib>);
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
systemd.services.muchsync = let
|
||||||
|
hosts = [
|
||||||
|
"mors.r"
|
||||||
|
"green.r"
|
||||||
|
"blue.r"
|
||||||
|
];
|
||||||
|
in {
|
||||||
|
description = "sync mails";
|
||||||
|
environment = {
|
||||||
|
NOTMUCH_CONFIG = config.environment.variables.NOTMUCH_CONFIG;
|
||||||
|
};
|
||||||
|
after = [ "network.target" ];
|
||||||
|
|
||||||
|
restartIfChanged = false;
|
||||||
|
|
||||||
|
path = [
|
||||||
|
pkgs.notmuch
|
||||||
|
pkgs.openssh
|
||||||
|
];
|
||||||
|
|
||||||
|
startAt = "*:*"; # run every minute
|
||||||
|
serviceConfig = {
|
||||||
|
User = "lass";
|
||||||
|
Type = "oneshot";
|
||||||
|
ExecStart = pkgs.writeDash "sync-mails" ''
|
||||||
|
set -euf
|
||||||
|
|
||||||
|
/run/current-system/sw/bin/nm-tag-init 2>/dev/null
|
||||||
|
${concatMapStringsSep "\n" (host: ''
|
||||||
|
echo syncing ${host}:
|
||||||
|
${pkgs.muchsync}/bin/muchsync -s 'ssh -CTaxq -o ConnectTimeout=4' --nonew lass@${host} || :
|
||||||
|
'') hosts}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -13,9 +13,9 @@
|
|||||||
"x-systemd.device-timeout=1"
|
"x-systemd.device-timeout=1"
|
||||||
"x-systemd.idle-timeout=1min"
|
"x-systemd.idle-timeout=1min"
|
||||||
"x-systemd.requires=retiolum.service"
|
"x-systemd.requires=retiolum.service"
|
||||||
"x-systemd.requires=wpa_supplicant.service"
|
|
||||||
"user"
|
"user"
|
||||||
"_netdev"
|
"_netdev"
|
||||||
|
"soft"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
33
lass/2configs/ppp/umts-stick.nix
Normal file
33
lass/2configs/ppp/umts-stick.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ pkgs, ... }: {
|
||||||
|
|
||||||
|
# usage: pppd call stick
|
||||||
|
|
||||||
|
environment.etc."ppp/peers/stick".text = ''
|
||||||
|
/dev/ttyUSB0
|
||||||
|
460800
|
||||||
|
crtscts
|
||||||
|
defaultroute
|
||||||
|
holdoff 10
|
||||||
|
lock
|
||||||
|
maxfail 0
|
||||||
|
noauth
|
||||||
|
nodetach
|
||||||
|
noipdefault
|
||||||
|
passive
|
||||||
|
persist
|
||||||
|
usepeerdns
|
||||||
|
connect "${pkgs.ppp}/bin/chat -f ${pkgs.writeText "default.chat" ''
|
||||||
|
ABORT "BUSY"
|
||||||
|
ABORT "NO CARRIER"
|
||||||
|
REPORT CONNECT
|
||||||
|
"" "ATDT*99#"
|
||||||
|
CONNECT
|
||||||
|
''}"
|
||||||
|
'';
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.ppp
|
||||||
|
];
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -1,8 +1,8 @@
|
|||||||
{ pkgs, ... }: {
|
{ pkgs, ... }: {
|
||||||
|
|
||||||
# usage: pppd call default
|
# usage: pppd call x220
|
||||||
|
|
||||||
environment.etc."ppp/peers/default".text = ''
|
environment.etc."ppp/peers/x220".text = ''
|
||||||
/dev/ttyACM2
|
/dev/ttyACM2
|
||||||
921600
|
921600
|
||||||
crtscts
|
crtscts
|
@ -200,7 +200,7 @@ in {
|
|||||||
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
|
${pkgs.mpc_cli}/bin/mpc idle player > /dev/null
|
||||||
${pkgs.mpc_cli}/bin/mpc current -f %file%
|
${pkgs.mpc_cli}/bin/mpc current -f %file%
|
||||||
done | while read track; do
|
done | while read track; do
|
||||||
listeners=$(${pkgs.iproute}/bin/ss -Hno state established '( sport = :8000 )' | wc -l)
|
listeners=$(${pkgs.iproute}/bin/ss -Hno state established 'sport = :8000' | wc -l)
|
||||||
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
|
echo "$(date -Is)" "$track" | tee -a "$HISTORY_FILE"
|
||||||
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
|
echo "$(tail -$LIMIT "$HISTORY_FILE")" > "$HISTORY_FILE"
|
||||||
${write_to_irc} "playing: $track listeners: $listeners"
|
${write_to_irc} "playing: $track listeners: $listeners"
|
||||||
@ -275,7 +275,7 @@ in {
|
|||||||
user = {
|
user = {
|
||||||
name = "radio";
|
name = "radio";
|
||||||
};
|
};
|
||||||
script = ''
|
script = ''. ${pkgs.writeDash "radio" ''
|
||||||
case "$Method $Request_URI" in
|
case "$Method $Request_URI" in
|
||||||
"GET /current")
|
"GET /current")
|
||||||
printf 'HTTP/1.1 200 OK\r\n'
|
printf 'HTTP/1.1 200 OK\r\n'
|
||||||
@ -303,7 +303,7 @@ in {
|
|||||||
exit
|
exit
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
'';
|
''}'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
|
@ -28,6 +28,9 @@ in {
|
|||||||
locations."/realwallpaper-krebs.png".extraConfig = ''
|
locations."/realwallpaper-krebs.png".extraConfig = ''
|
||||||
root /var/realwallpaper/;
|
root /var/realwallpaper/;
|
||||||
'';
|
'';
|
||||||
|
locations."/realwallpaper-video.mp4".extraConfig = ''
|
||||||
|
root /var/realwallpaper/archive;
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
krebs.iptables = {
|
krebs.iptables = {
|
||||||
|
13
lass/2configs/sync/sync.nix
Normal file
13
lass/2configs/sync/sync.nix
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
{
|
||||||
|
services.syncthing.declarative.folders."/home/lass/sync" = {
|
||||||
|
devices = [ "mors" "icarus" "xerxes" "shodan" "green" "blue" ];
|
||||||
|
};
|
||||||
|
krebs.permown."/home/lass/sync" = {
|
||||||
|
file-mode = "u+rw,g+rw";
|
||||||
|
owner = "lass";
|
||||||
|
group = "syncthing";
|
||||||
|
umask = "0002";
|
||||||
|
keepGoing = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "blue" "green" "mors" ];
|
services.syncthing.declarative.folders."/home/lass/.weechat".devices = [ "green" "mors" ];
|
||||||
krebs.permown."/home/lass/.weechat" = {
|
krebs.permown."/home/lass/.weechat" = {
|
||||||
owner = "lass";
|
owner = "lass";
|
||||||
group = "syncthing";
|
group = "syncthing";
|
||||||
|
@ -1,20 +1,11 @@
|
|||||||
{ config, pkgs, ... }: with import <stockholm/lib>; let
|
{ config, pkgs, ... }: with import <stockholm/lib>;
|
||||||
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
|
{
|
||||||
own_peers = filterAttrs (n: v: v.owner.name == "lass") all_peers;
|
imports = [ <stockholm/krebs/2configs/syncthing.nix> ];
|
||||||
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
|
|
||||||
in {
|
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
|
||||||
group = "syncthing";
|
group = "syncthing";
|
||||||
configDir = "/var/lib/syncthing";
|
|
||||||
declarative = {
|
declarative = {
|
||||||
key = toString <secrets/syncthing.key>;
|
key = toString <secrets/syncthing.key>;
|
||||||
cert = toString <secrets/syncthing.cert>;
|
cert = toString <secrets/syncthing.cert>;
|
||||||
devices = mk_peers all_peers;
|
|
||||||
folders."/home/lass/sync" = {
|
|
||||||
devices = attrNames (filterAttrs (n: v: n != "phone") own_peers);
|
|
||||||
# ignorePerms = false;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
@ -26,11 +17,5 @@ in {
|
|||||||
${pkgs.coreutils}/bin/chmod a+x /home/lass
|
${pkgs.coreutils}/bin/chmod a+x /home/lass
|
||||||
'';
|
'';
|
||||||
|
|
||||||
krebs.permown."/home/lass/sync" = {
|
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
|
||||||
file-mode = "u+rw,g+rw";
|
|
||||||
owner = "lass";
|
|
||||||
group = "syncthing";
|
|
||||||
umask = "0002";
|
|
||||||
keepGoing = true;
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
1
lass/2configs/tests/dummy-secrets/mails.nix
Normal file
1
lass/2configs/tests/dummy-secrets/mails.nix
Normal file
@ -0,0 +1 @@
|
|||||||
|
[]
|
@ -8,6 +8,7 @@ nginxCfg = pkgs.writeText "nginx.conf" ''
|
|||||||
worker_connections 128;
|
worker_connections 128;
|
||||||
}
|
}
|
||||||
error_log stderr info;
|
error_log stderr info;
|
||||||
|
|
||||||
http {
|
http {
|
||||||
client_body_temp_path /var/lib/rtmp/nginx_cache_client_body;
|
client_body_temp_path /var/lib/rtmp/nginx_cache_client_body;
|
||||||
proxy_temp_path /var/lib/rtmp/nginx_cache_proxy;
|
proxy_temp_path /var/lib/rtmp/nginx_cache_proxy;
|
||||||
@ -25,92 +26,6 @@ nginxCfg = pkgs.writeText "nginx.conf" ''
|
|||||||
location /stat {
|
location /stat {
|
||||||
rtmp_stat all;
|
rtmp_stat all;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /hls {
|
|
||||||
# Serve HLS fragments
|
|
||||||
types {
|
|
||||||
application/vnd.apple.mpegurl m3u8;
|
|
||||||
video/mp2t ts;
|
|
||||||
}
|
|
||||||
root /var/lib/rtmp/tmp;
|
|
||||||
add_header Cache-Control no-cache;
|
|
||||||
|
|
||||||
# CORS setup
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*' always;
|
|
||||||
add_header 'Access-Control-Expose-Headers' 'Content-Length';
|
|
||||||
|
|
||||||
# Allow CORS preflight requests
|
|
||||||
if ($request_method = 'OPTIONS') {
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Max-Age' 1728000;
|
|
||||||
add_header 'Content-Type' 'text/plain charset=UTF-8';
|
|
||||||
add_header 'Content-Length' 0;
|
|
||||||
return 204;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
location /dash {
|
|
||||||
# Serve DASH fragments
|
|
||||||
types {
|
|
||||||
application/dash+xml mpd;
|
|
||||||
video/mp4 mp4;
|
|
||||||
}
|
|
||||||
root /tmp;
|
|
||||||
add_header Cache-Control no-cache;
|
|
||||||
|
|
||||||
# CORS setup
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*' always;
|
|
||||||
add_header 'Access-Control-Expose-Headers' 'Content-Length';
|
|
||||||
|
|
||||||
# Allow CORS preflight requests
|
|
||||||
if ($request_method = 'OPTIONS') {
|
|
||||||
add_header 'Access-Control-Allow-Origin' '*';
|
|
||||||
add_header 'Access-Control-Max-Age' 1728000;
|
|
||||||
add_header 'Content-Type' 'text/plain charset=UTF-8';
|
|
||||||
add_header 'Content-Length' 0;
|
|
||||||
return 204;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
location "/dash.all.min.js" {
|
|
||||||
default_type "text/javascript";
|
|
||||||
alias ${pkgs.fetchurl {
|
|
||||||
url = "http://cdn.dashjs.org/v3.2.0/dash.all.min.js";
|
|
||||||
sha256 = "16f0b40gdqsnwqi01s5sz9f1q86dwzscgc3m701jd1sczygi481c";
|
|
||||||
}};
|
|
||||||
}
|
|
||||||
|
|
||||||
location /player {
|
|
||||||
default_type "text/html";
|
|
||||||
alias ${pkgs.writeText "player.html" ''
|
|
||||||
<!DOCTYPE html>
|
|
||||||
<html lang="en">
|
|
||||||
<head>
|
|
||||||
<meta charset="utf-8">
|
|
||||||
<title>lassulus livestream</title>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<div>
|
|
||||||
<video id="player" controls></video>
|
|
||||||
</video>
|
|
||||||
</div>
|
|
||||||
<script src="/dash.all.min.js"></script>
|
|
||||||
<script>
|
|
||||||
(function(){
|
|
||||||
var url = "http://lassul.us:8080/dash/nixos.mpd";
|
|
||||||
var player = dashjs.MediaPlayer().create();
|
|
||||||
player.initialize(document.querySelector("#player"), url, true);
|
|
||||||
})();
|
|
||||||
</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
''};
|
|
||||||
}
|
|
||||||
|
|
||||||
location /records {
|
|
||||||
autoindex on;
|
|
||||||
root /var/lib/rtmp;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -275,6 +190,5 @@ in {
|
|||||||
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport 1935"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport 1935"; target = "ACCEPT"; }
|
||||||
{ predicate = "-p tcp --dport 8080"; target = "ACCEPT"; }
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -285,7 +285,6 @@ in {
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576";
|
|
||||||
services.syncthing.declarative.folders = {
|
services.syncthing.declarative.folders = {
|
||||||
domsen-backups = {
|
domsen-backups = {
|
||||||
path = "/backups/domsen";
|
path = "/backups/domsen";
|
||||||
|
@ -1,9 +1,7 @@
|
|||||||
_:
|
_:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./bindfs.nix
|
|
||||||
./dnsmasq.nix
|
./dnsmasq.nix
|
||||||
./ejabberd
|
|
||||||
./folderPerms.nix
|
./folderPerms.nix
|
||||||
./hosts.nix
|
./hosts.nix
|
||||||
./klem.nix
|
./klem.nix
|
||||||
@ -13,7 +11,6 @@ _:
|
|||||||
./pyload.nix
|
./pyload.nix
|
||||||
./restic.nix
|
./restic.nix
|
||||||
./screenlock.nix
|
./screenlock.nix
|
||||||
./sync-containers.nix
|
|
||||||
./usershadow.nix
|
./usershadow.nix
|
||||||
./xjail.nix
|
./xjail.nix
|
||||||
./autowifi.nix
|
./autowifi.nix
|
||||||
|
@ -1,128 +0,0 @@
|
|||||||
with import <stockholm/lib>;
|
|
||||||
{ config, ... }: let
|
|
||||||
|
|
||||||
# See https://github.com/processone/ejabberd/blob/master/ejabberd.yml.example
|
|
||||||
|
|
||||||
ciphers = concatStringsSep ":" [
|
|
||||||
"ECDHE-ECDSA-AES256-GCM-SHA384"
|
|
||||||
"ECDHE-RSA-AES256-GCM-SHA384"
|
|
||||||
"ECDHE-ECDSA-CHACHA20-POLY1305"
|
|
||||||
"ECDHE-RSA-CHACHA20-POLY1305"
|
|
||||||
"ECDHE-ECDSA-AES128-GCM-SHA256"
|
|
||||||
"ECDHE-RSA-AES128-GCM-SHA256"
|
|
||||||
"ECDHE-ECDSA-AES256-SHA384"
|
|
||||||
"ECDHE-RSA-AES256-SHA384"
|
|
||||||
"ECDHE-ECDSA-AES128-SHA256"
|
|
||||||
"ECDHE-RSA-AES128-SHA256"
|
|
||||||
];
|
|
||||||
|
|
||||||
protocol_options = [
|
|
||||||
"no_sslv2"
|
|
||||||
"no_sslv3"
|
|
||||||
"no_tlsv1"
|
|
||||||
"no_tlsv1_10"
|
|
||||||
];
|
|
||||||
|
|
||||||
in /* yaml */ ''
|
|
||||||
|
|
||||||
access_rules:
|
|
||||||
announce:
|
|
||||||
- allow: admin
|
|
||||||
local:
|
|
||||||
- allow: local
|
|
||||||
configure:
|
|
||||||
- allow: admin
|
|
||||||
register:
|
|
||||||
- allow
|
|
||||||
s2s:
|
|
||||||
- allow
|
|
||||||
trusted_network:
|
|
||||||
- allow: loopback
|
|
||||||
|
|
||||||
acl:
|
|
||||||
local:
|
|
||||||
user_regexp: ""
|
|
||||||
loopback:
|
|
||||||
ip:
|
|
||||||
- "127.0.0.0/8"
|
|
||||||
- "::1/128"
|
|
||||||
- "::FFFF:127.0.0.1/128"
|
|
||||||
|
|
||||||
hosts: ${toJSON config.hosts}
|
|
||||||
|
|
||||||
language: "en"
|
|
||||||
|
|
||||||
listen:
|
|
||||||
-
|
|
||||||
port: 5222
|
|
||||||
ip: "::"
|
|
||||||
module: ejabberd_c2s
|
|
||||||
shaper: c2s_shaper
|
|
||||||
certfile: ${toJSON config.certfile.path}
|
|
||||||
ciphers: ${toJSON ciphers}
|
|
||||||
dhfile: ${toJSON config.dhfile.path}
|
|
||||||
protocol_options: ${toJSON protocol_options}
|
|
||||||
starttls: true
|
|
||||||
starttls_required: true
|
|
||||||
tls: false
|
|
||||||
tls_compression: false
|
|
||||||
max_stanza_size: 65536
|
|
||||||
-
|
|
||||||
port: 5269
|
|
||||||
ip: "::"
|
|
||||||
module: ejabberd_s2s_in
|
|
||||||
shaper: s2s_shaper
|
|
||||||
max_stanza_size: 131072
|
|
||||||
|
|
||||||
loglevel: 4
|
|
||||||
|
|
||||||
modules:
|
|
||||||
mod_adhoc: {}
|
|
||||||
mod_admin_extra: {}
|
|
||||||
mod_announce:
|
|
||||||
access: announce
|
|
||||||
mod_caps: {}
|
|
||||||
mod_carboncopy: {}
|
|
||||||
mod_client_state: {}
|
|
||||||
mod_configure: {}
|
|
||||||
mod_disco: {}
|
|
||||||
mod_echo: {}
|
|
||||||
mod_bosh: {}
|
|
||||||
mod_last: {}
|
|
||||||
mod_offline:
|
|
||||||
access_max_user_messages: max_user_offline_messages
|
|
||||||
mod_ping: {}
|
|
||||||
mod_privacy: {}
|
|
||||||
mod_private: {}
|
|
||||||
mod_register:
|
|
||||||
access_from: allow
|
|
||||||
access: register
|
|
||||||
# ip_access: trusted_network
|
|
||||||
registration_watchers: ${toJSON config.registration_watchers}
|
|
||||||
mod_roster: {}
|
|
||||||
mod_shared_roster: {}
|
|
||||||
mod_stats: {}
|
|
||||||
mod_time: {}
|
|
||||||
mod_vcard:
|
|
||||||
search: false
|
|
||||||
mod_version: {}
|
|
||||||
mod_http_api: {}
|
|
||||||
|
|
||||||
s2s_access: s2s
|
|
||||||
s2s_certfile: ${toJSON config.s2s_certfile.path}
|
|
||||||
s2s_ciphers: ${toJSON ciphers}
|
|
||||||
s2s_dhfile: ${toJSON config.dhfile.path}
|
|
||||||
s2s_protocol_options: ${toJSON protocol_options}
|
|
||||||
s2s_tls_compression: false
|
|
||||||
s2s_use_starttls: required
|
|
||||||
|
|
||||||
shaper_rules:
|
|
||||||
max_user_offline_messages:
|
|
||||||
- 5000: admin
|
|
||||||
- 100
|
|
||||||
max_user_sessions: 10
|
|
||||||
c2s_shaper:
|
|
||||||
- none: admin
|
|
||||||
- normal
|
|
||||||
s2s_shaper: fast
|
|
||||||
''
|
|
@ -1,103 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
|
|
||||||
cfg = config.lass.ejabberd;
|
|
||||||
|
|
||||||
gen-dhparam = pkgs.writeDash "gen-dhparam" ''
|
|
||||||
set -efu
|
|
||||||
path=$1
|
|
||||||
bits=2048
|
|
||||||
# TODO regenerate dhfile after some time?
|
|
||||||
if ! test -e "$path"; then
|
|
||||||
${pkgs.openssl}/bin/openssl dhparam "$bits" > "$path"
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
|
|
||||||
in {
|
|
||||||
options.lass.ejabberd = {
|
|
||||||
enable = mkEnableOption "lass.ejabberd";
|
|
||||||
certfile = mkOption {
|
|
||||||
type = types.secret-file;
|
|
||||||
default = {
|
|
||||||
name = "ejabberd-certfile";
|
|
||||||
path = "${cfg.user.home}/ejabberd.pem";
|
|
||||||
owner = cfg.user;
|
|
||||||
source-path = "/var/lib/acme/lassul.us/full.pem";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
dhfile = mkOption {
|
|
||||||
type = types.secret-file;
|
|
||||||
default = {
|
|
||||||
name = "ejabberd-dhfile";
|
|
||||||
path = "${cfg.user.home}/dhparams.pem";
|
|
||||||
owner = cfg.user;
|
|
||||||
source-path = "/dev/null";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
hosts = mkOption {
|
|
||||||
type = with types; listOf str;
|
|
||||||
};
|
|
||||||
pkgs.ejabberdctl = mkOption {
|
|
||||||
type = types.package;
|
|
||||||
default = pkgs.writeDashBin "ejabberdctl" ''
|
|
||||||
exec ${pkgs.ejabberd}/bin/ejabberdctl \
|
|
||||||
--config ${toFile "ejabberd.yaml" (import ./config.nix {
|
|
||||||
inherit pkgs;
|
|
||||||
config = cfg;
|
|
||||||
})} \
|
|
||||||
--logs ${shell.escape cfg.user.home} \
|
|
||||||
--spool ${shell.escape cfg.user.home} \
|
|
||||||
"$@"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
registration_watchers = mkOption {
|
|
||||||
type = types.listOf types.str;
|
|
||||||
default = [
|
|
||||||
config.krebs.users.tv.mail
|
|
||||||
];
|
|
||||||
};
|
|
||||||
s2s_certfile = mkOption {
|
|
||||||
type = types.secret-file;
|
|
||||||
default = cfg.certfile;
|
|
||||||
};
|
|
||||||
user = mkOption {
|
|
||||||
type = types.user;
|
|
||||||
default = {
|
|
||||||
name = "ejabberd";
|
|
||||||
home = "/var/ejabberd";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
environment.systemPackages = [ cfg.pkgs.ejabberdctl ];
|
|
||||||
|
|
||||||
krebs.secret.files = {
|
|
||||||
ejabberd-certfile = cfg.certfile;
|
|
||||||
ejabberd-s2s_certfile = cfg.s2s_certfile;
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.ejabberd = {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
after = [
|
|
||||||
config.krebs.secret.files.ejabberd-certfile.service
|
|
||||||
config.krebs.secret.files.ejabberd-s2s_certfile.service
|
|
||||||
"network.target"
|
|
||||||
];
|
|
||||||
partOf = [
|
|
||||||
config.krebs.secret.files.ejabberd-certfile.service
|
|
||||||
config.krebs.secret.files.ejabberd-s2s_certfile.service
|
|
||||||
];
|
|
||||||
serviceConfig = {
|
|
||||||
ExecStartPre = "${gen-dhparam} ${cfg.dhfile.path}";
|
|
||||||
ExecStart = "${cfg.pkgs.ejabberdctl}/bin/ejabberdctl foreground";
|
|
||||||
PermissionsStartOnly = true;
|
|
||||||
SyslogIdentifier = "ejabberd";
|
|
||||||
User = cfg.user.name;
|
|
||||||
TimeoutStartSec = 60;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
users.users.${cfg.user.name} = {
|
|
||||||
inherit (cfg.user) home name uid;
|
|
||||||
createHome = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -29,7 +29,7 @@ pkgs.writeDashBin "l-gen-secrets" ''
|
|||||||
nets = {
|
nets = {
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.0.changeme";
|
ip4.addr = "10.243.0.changeme";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:changeme";
|
ip6.addr = r6 "changeme";
|
||||||
aliases = [
|
aliases = [
|
||||||
"$HOSTNAME.r"
|
"$HOSTNAME.r"
|
||||||
];
|
];
|
||||||
@ -38,7 +38,7 @@ pkgs.writeDashBin "l-gen-secrets" ''
|
|||||||
${"''"};
|
${"''"};
|
||||||
};
|
};
|
||||||
wiregrill = {
|
wiregrill = {
|
||||||
ip6.addr = (wip6 "changeme").address;
|
ip6.addr = w6 "changeme";
|
||||||
aliases = [
|
aliases = [
|
||||||
"$HOSTNAME.w"
|
"$HOSTNAME.w"
|
||||||
];
|
];
|
||||||
|
33
lass/5pkgs/tdlib-purple/default.nix
Normal file
33
lass/5pkgs/tdlib-purple/default.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ stdenv, fetchFromGitHub, cmake, tdlib, pidgin, libwebp, libtgvoip } :
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "tdlib-purple";
|
||||||
|
version = "0.7.6";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "ars3niy";
|
||||||
|
repo = pname;
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "1inamfzbrz0sy4y431jgwjfg6lz14a7c71khrg02481raxchhzzf";
|
||||||
|
};
|
||||||
|
|
||||||
|
cmakeFlags = [
|
||||||
|
"-Dtgvoip_INCLUDE_DIRS=${libtgvoip.dev}/include/tgvoip"
|
||||||
|
];
|
||||||
|
|
||||||
|
nativeBuildInputs = [ cmake ];
|
||||||
|
buildInputs = [ pidgin tdlib libwebp libtgvoip ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/lib/purple-2/
|
||||||
|
cp *.so $out/lib/purple-2/
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
homepage = "https://github.com/ars3niy/tdlib-purple";
|
||||||
|
description = "New libpurple plugin for Telegram";
|
||||||
|
license = licenses.gpl2;
|
||||||
|
maintainers = [ maintainers.lassulus ];
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
}
|
@ -12,6 +12,7 @@ let
|
|||||||
encodeName = replaceChars ["/"] ["\\x2f"];
|
encodeName = replaceChars ["/"] ["\\x2f"];
|
||||||
};
|
};
|
||||||
types = nixpkgs-lib.types // import ./types.nix { inherit lib; };
|
types = nixpkgs-lib.types // import ./types.nix { inherit lib; };
|
||||||
|
uri = import ./uri.nix { inherit lib; };
|
||||||
xml = import ./xml.nix { inherit lib; };
|
xml = import ./xml.nix { inherit lib; };
|
||||||
|
|
||||||
eq = x: y: x == y;
|
eq = x: y: x == y;
|
||||||
|
77
lib/uri.nix
Normal file
77
lib/uri.nix
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
{ lib }:
|
||||||
|
with lib;
|
||||||
|
with builtins;
|
||||||
|
rec {
|
||||||
|
# Regular expression to match URIs per RFC3986
|
||||||
|
# From: # http://jmrware.com/articles/2009/uri_regexp/URI_regex.html#uri-40
|
||||||
|
native-regex = ''
|
||||||
|
# RFC-3986 URI component: URI
|
||||||
|
[A-Za-z][A-Za-z0-9+\-.]* : # scheme ":"
|
||||||
|
(?: // # hier-part
|
||||||
|
(?: (?:[A-Za-z0-9\-._~!$&'()*+,;=:]|%[0-9A-Fa-f]{2})* @)?
|
||||||
|
(?:
|
||||||
|
\[
|
||||||
|
(?:
|
||||||
|
(?:
|
||||||
|
(?: (?:[0-9A-Fa-f]{1,4}:){6}
|
||||||
|
| :: (?:[0-9A-Fa-f]{1,4}:){5}
|
||||||
|
| (?: [0-9A-Fa-f]{1,4})? :: (?:[0-9A-Fa-f]{1,4}:){4}
|
||||||
|
| (?: (?:[0-9A-Fa-f]{1,4}:){0,1} [0-9A-Fa-f]{1,4})? :: (?:[0-9A-Fa-f]{1,4}:){3}
|
||||||
|
| (?: (?:[0-9A-Fa-f]{1,4}:){0,2} [0-9A-Fa-f]{1,4})? :: (?:[0-9A-Fa-f]{1,4}:){2}
|
||||||
|
| (?: (?:[0-9A-Fa-f]{1,4}:){0,3} [0-9A-Fa-f]{1,4})? :: [0-9A-Fa-f]{1,4}:
|
||||||
|
| (?: (?:[0-9A-Fa-f]{1,4}:){0,4} [0-9A-Fa-f]{1,4})? ::
|
||||||
|
) (?:
|
||||||
|
[0-9A-Fa-f]{1,4} : [0-9A-Fa-f]{1,4}
|
||||||
|
| (?: (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?) \.){3}
|
||||||
|
(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)
|
||||||
|
)
|
||||||
|
| (?: (?:[0-9A-Fa-f]{1,4}:){0,5} [0-9A-Fa-f]{1,4})? :: [0-9A-Fa-f]{1,4}
|
||||||
|
| (?: (?:[0-9A-Fa-f]{1,4}:){0,6} [0-9A-Fa-f]{1,4})? ::
|
||||||
|
)
|
||||||
|
| [Vv][0-9A-Fa-f]+\.[A-Za-z0-9\-._~!$&'()*+,;=:]+
|
||||||
|
)
|
||||||
|
\]
|
||||||
|
| (?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}
|
||||||
|
(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)
|
||||||
|
| (?:[A-Za-z0-9\-._~!$&'()*+,;=]|%[0-9A-Fa-f]{2})*
|
||||||
|
)
|
||||||
|
(?: : [0-9]* )?
|
||||||
|
(?:/ (?:[A-Za-z0-9\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})* )*
|
||||||
|
| /
|
||||||
|
(?: (?:[A-Za-z0-9\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+
|
||||||
|
(?:/ (?:[A-Za-z0-9\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})* )*
|
||||||
|
)?
|
||||||
|
| (?:[A-Za-z0-9\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+
|
||||||
|
(?:/ (?:[A-Za-z0-9\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})* )*
|
||||||
|
|
|
||||||
|
)
|
||||||
|
(?:\? (?:[A-Za-z0-9\-._~!$&'()*+,;=:@/?]|%[0-9A-Fa-f]{2})* )? # [ "?" query ]
|
||||||
|
(?:\# (?:[A-Za-z0-9\-._~!$&'()*+,;=:@/?]|%[0-9A-Fa-f]{2})* )? # [ "#" fragment ]
|
||||||
|
'';
|
||||||
|
|
||||||
|
posix-extended-regex =
|
||||||
|
let
|
||||||
|
removeComment = s:
|
||||||
|
elemAt (match "^((\\\\#|[^#])*)(#.*)?$" s) 0;
|
||||||
|
|
||||||
|
removeWhitespace =
|
||||||
|
replaceStrings [" "] [""];
|
||||||
|
|
||||||
|
moveDashToEndOfCharacterClass = s:
|
||||||
|
let
|
||||||
|
result = match "(.*)\\\\-([^]]+)(].*)" s;
|
||||||
|
s' = elemAt result 0 + elemAt result 1 + "-" + elemAt result 2;
|
||||||
|
in
|
||||||
|
if result != null then
|
||||||
|
moveDashToEndOfCharacterClass s'
|
||||||
|
else
|
||||||
|
s;
|
||||||
|
in
|
||||||
|
concatStrings
|
||||||
|
(foldl' (a: f: map f a) (splitString "\n" native-regex) [
|
||||||
|
removeComment
|
||||||
|
moveDashToEndOfCharacterClass
|
||||||
|
(replaceStrings ["(?:"] ["("])
|
||||||
|
removeWhitespace
|
||||||
|
]);
|
||||||
|
}
|
@ -1 +1 @@
|
|||||||
Subproject commit 5ea125514e48c630120fbb6a44e9ae0c7932a123
|
Subproject commit c2fa48550f2bb46009b9cecdb9ac838dc402ce19
|
@ -17,6 +17,7 @@ with import <stockholm/lib>;
|
|||||||
boot.initrd.luks.devices.muca.device = "/dev/sda2";
|
boot.initrd.luks.devices.muca.device = "/dev/sda2";
|
||||||
boot.initrd.availableKernelModules = [ "ahci" ];
|
boot.initrd.availableKernelModules = [ "ahci" ];
|
||||||
boot.kernelModules = [ "fbcon" "kvm-intel" ];
|
boot.kernelModules = [ "fbcon" "kvm-intel" ];
|
||||||
|
boot.kernelParams = [ "fsck.repair=yes" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
@ -109,9 +110,8 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
services.xserver.desktopManager.plasma5.enable = true;
|
services.xserver.desktopManager.plasma5.enable = true;
|
||||||
|
|
||||||
services.xserver.displayManager.lightdm.autoLogin.enable = true;
|
services.xserver.displayManager.autoLogin.enable = true;
|
||||||
services.xserver.displayManager.lightdm.autoLogin.user = "vv";
|
services.xserver.displayManager.autoLogin.user = "vv";
|
||||||
services.xserver.displayManager.lightdm.enable = true;
|
|
||||||
|
|
||||||
users.users.vv = {
|
users.users.vv = {
|
||||||
inherit (config.krebs.users.vv) home uid;
|
inherit (config.krebs.users.vv) home uid;
|
||||||
|
@ -28,6 +28,9 @@ in {
|
|||||||
});
|
});
|
||||||
'';
|
'';
|
||||||
systemd.services."slock-${cfg.user.name}@" = {
|
systemd.services."slock-${cfg.user.name}@" = {
|
||||||
|
conflicts = [
|
||||||
|
"picom@%i.target"
|
||||||
|
];
|
||||||
environment = {
|
environment = {
|
||||||
DISPLAY = ":%I";
|
DISPLAY = ":%I";
|
||||||
LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
|
LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
|
||||||
@ -61,6 +64,8 @@ in {
|
|||||||
restartIfChanged = false;
|
restartIfChanged = false;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
ExecStart = "${pkgs.slock}/bin/slock";
|
ExecStart = "${pkgs.slock}/bin/slock";
|
||||||
|
ExecStopPost =
|
||||||
|
"+${pkgs.systemd}/bin/systemctl start xsession@%i.target";
|
||||||
OOMScoreAdjust = -1000;
|
OOMScoreAdjust = -1000;
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
RestartSec = "100ms";
|
RestartSec = "100ms";
|
||||||
|
@ -8,6 +8,7 @@ import System.Exit (exitFailure)
|
|||||||
|
|
||||||
import Control.Exception
|
import Control.Exception
|
||||||
import Control.Monad.Extra (whenJustM)
|
import Control.Monad.Extra (whenJustM)
|
||||||
|
import qualified Data.List
|
||||||
import Graphics.X11.ExtraTypes.XF86
|
import Graphics.X11.ExtraTypes.XF86
|
||||||
import Text.Read (readEither)
|
import Text.Read (readEither)
|
||||||
import XMonad
|
import XMonad
|
||||||
@ -59,6 +60,11 @@ main = getArgs >>= \case
|
|||||||
args -> hPutStrLn stderr ("bad arguments: " <> show args) >> exitFailure
|
args -> hPutStrLn stderr ("bad arguments: " <> show args) >> exitFailure
|
||||||
|
|
||||||
|
|
||||||
|
queryPrefix :: Query String -> String -> Query Bool
|
||||||
|
queryPrefix query prefix =
|
||||||
|
fmap (Data.List.isPrefixOf prefix) query
|
||||||
|
|
||||||
|
|
||||||
mainNoArgs :: IO ()
|
mainNoArgs :: IO ()
|
||||||
mainNoArgs = do
|
mainNoArgs = do
|
||||||
workspaces0 <- getWorkspaces0
|
workspaces0 <- getWorkspaces0
|
||||||
@ -82,7 +88,7 @@ mainNoArgs = do
|
|||||||
, manageHook =
|
, manageHook =
|
||||||
composeAll
|
composeAll
|
||||||
[ appName =? "fzmenu-urxvt" --> doCenterFloat
|
[ appName =? "fzmenu-urxvt" --> doCenterFloat
|
||||||
, appName =? "pinentry" --> doCenterFloat
|
, appName `queryPrefix` "pinentry" --> doCenterFloat
|
||||||
, title =? "Upload to Imgur" -->
|
, title =? "Upload to Imgur" -->
|
||||||
doRectFloat (W.RationalRect 0 0 (1 % 8) (1 % 8))
|
doRectFloat (W.RationalRect 0 0 (1 % 8) (1 % 8))
|
||||||
, placeHook (smart (1,0))
|
, placeHook (smart (1,0))
|
||||||
|
56
tv/5pkgs/simple/pinentry-urxvt/default.nix
Normal file
56
tv/5pkgs/simple/pinentry-urxvt/default.nix
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
{ pkgs, ... }@args:
|
||||||
|
|
||||||
|
let
|
||||||
|
lib = import <stockholm/lib>;
|
||||||
|
|
||||||
|
# config cannot be declared in the input attribute set because that would
|
||||||
|
# cause callPackage to inject the wrong config. Instead, get it from ...
|
||||||
|
# via args.
|
||||||
|
config = args.config or {};
|
||||||
|
|
||||||
|
cfg = eval.config;
|
||||||
|
|
||||||
|
eval = lib.evalModules {
|
||||||
|
modules = lib.singleton {
|
||||||
|
_file = toString ./default.nix;
|
||||||
|
imports = lib.singleton config;
|
||||||
|
options = {
|
||||||
|
appName = lib.mkOption {
|
||||||
|
default = "pinentry-urxvt";
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
display = lib.mkOption {
|
||||||
|
default = ":0";
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
in
|
||||||
|
|
||||||
|
pkgs.write "pinentry-urxvt" {
|
||||||
|
"/bin/pinentry".link = pkgs.writeDash "pinentry-urxvt-wrapper" ''
|
||||||
|
set -efu
|
||||||
|
exec 3<&0 4>&1 5>&2
|
||||||
|
export DISPLAY=${lib.shell.escape cfg.display}
|
||||||
|
exec ${pkgs.rxvt_unicode}/bin/urxvt \
|
||||||
|
-name ${lib.shell.escape cfg.appName} \
|
||||||
|
-e ${pkgs.writeDash "pinentry-urxvt-tty" ''
|
||||||
|
set -efu
|
||||||
|
exec 2>&5
|
||||||
|
TTY=$(${pkgs.coreutils}/bin/tty)
|
||||||
|
while read -r line <&3; do
|
||||||
|
case $line in
|
||||||
|
'OPTION ttyname='*)
|
||||||
|
echo "OPTION ttyname=$TTY"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "$line"
|
||||||
|
esac
|
||||||
|
done | ${pkgs.pinentry.tty}/bin/pinentry-tty "$@" >&4
|
||||||
|
''} \
|
||||||
|
"$@"
|
||||||
|
'';
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user