Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
16a023af18
3
.gitmodules
vendored
3
.gitmodules
vendored
@ -4,3 +4,6 @@
|
||||
[submodule "submodules/krops"]
|
||||
path = submodules/krops
|
||||
url = https://cgit.krebsco.de/krops
|
||||
[submodule "lass/5pkgs/autowifi"]
|
||||
path = lass/5pkgs/autowifi
|
||||
url = https://github.com/Lassulus/autowifi
|
||||
|
@ -103,7 +103,6 @@ let
|
||||
{ krebs = import ./krebs { inherit config; }; }
|
||||
{ krebs = import ./lass { inherit config; }; }
|
||||
{ krebs = import ./makefu { inherit config; }; }
|
||||
{ krebs = import ./mb { inherit config; }; }
|
||||
{ krebs = import ./nin { inherit config; }; }
|
||||
{ krebs = import ./external/palo.nix { inherit config; }; }
|
||||
{ krebs = import ./tv { inherit config; }; }
|
||||
|
@ -1,151 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
{ config, ... }: let
|
||||
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host {
|
||||
ci = true;
|
||||
owner = config.krebs.users.mb;
|
||||
};
|
||||
|
||||
in {
|
||||
hosts = mapAttrs hostDefaults {
|
||||
orange = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.23";
|
||||
aliases = [
|
||||
"orange.r"
|
||||
"or4ng3.r"
|
||||
"0r4n93.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7P0CkmC5HWnTdgGFzmA
|
||||
zQuJzHSkSjcGgSkIt0pvqU6xi8P/d4eJlmeXeGTpH62JfM1xhEMpxMVd/4NOON2u
|
||||
IlWnfu5bB763145IJwE0HmZziWjQXWRPAZMqYdQ5f2Pvmxv1yr3uBNzr8UlV6BjD
|
||||
FXn8sCvikXttYzts9szlz5+pkY09qfiz48+DMzRBNO6JzXYQ9kPyS+TIXlGpN4Jp
|
||||
C1TRF38eF2DTEZ58Yx8Z99dGrXVuqlSe77fehTQGxCckTpaZ0HS3XfZNa/cas8JY
|
||||
/0RzH2n2AndnPirISDZ7r4ZIFuKAaivqaEkM8v7llI77URVB9ZJb/IqCrBzueAbt
|
||||
V/5ts2HpfBAUhw0RoiH8ql+IQZsuSOpRUC2gUN8460V4SQkVtDcsVTENiD+NM5Mg
|
||||
ImBv041CsW/rSJOilT2r/rWDN8RFnz/RrAQn+L31KXr81kg1TOLxO0ybs/eMJM3r
|
||||
RnHFZPiiKdqPlA60g0AnzKXPR2JTszHIgHHoRUW16I1WJeuAJNjg0JDQ0JM7pZ27
|
||||
JEaCc7uR12TPiuExKaNEaxKZVY1J0hzxOzF2MFIbAMVz/3K2ycvvuLxKojqIAXxA
|
||||
D+UtcOfJ62k2WnLXOEIZqFU0J2bvhxYUZOFS55wIn1UJF7hemD/LUFHBiWnuhwHk
|
||||
TAEl8M851t+Zp3hZeJzgx2kCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
rofl = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.43";
|
||||
aliases = [
|
||||
"rofl.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnysdVVwxkmSroNUleYZm
|
||||
xdaIB9EdZYCo2xj3WyhsD2lWMpj51FzSH6Y052Vy1V1TCuIXIwjidpmMohBvflG8
|
||||
txKCaBGQOZbVqRgzyCDXsNisbr05ayYuHcRrXTpn5ask4HN0Vtx2uJOn8YmOxA0D
|
||||
VhyEnf8xWu+vi8dwDqRVR17QnPBYqgenzIBmAuRngvNqg6WZg+E9X2e1Dco/PMzb
|
||||
VW0AgC2+zFCl4+G7dEW7uhsI6IJLy4LsJuEN4TlvWAf7tfdFEnBzTfODW8quGdts
|
||||
1Yzah4svPNNt9F1ZhOR/1bDsfVoOjI76BgB0G+ZZPQAGV1zxgn8DXSKi/tJTLNu1
|
||||
vj/n9sUJfXMYQdTAOkABghCyEDFUspPKCffQqUXUcJbLKY9fNssGGBeanMsobUQC
|
||||
Ch9z7kIJ52JDcP/D58z9Yf62P5ENqXzeVPCcodIOey1EizOu/FH3jVo52we1M5sp
|
||||
1iM4hMc3ZINUBI9AA1nLWWlB3lBnErAXrhmMMHjcO4nO7/M0YU+EalkDB5eIhqiH
|
||||
QJx7VnOE2UZYU9Y0vVNSWfYocU12aABK98T7lr5Tde4dI1J81sk2MUZcbNHger3f
|
||||
NxpvNzOBpeC5xvq/ENCRR7MDf/59xWW5P5N7PbGprLQAi8cfdSoIEhSPz17Taq1f
|
||||
3aAAePgBsZvRQozxXZfqp58CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
p1nk = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.42";
|
||||
aliases = [
|
||||
"p1nk.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5YVML71oW3iJrzZKuX48
|
||||
AKrGitO5zNvsAHOI8BVsGfZTyxAAZgG4OaDX45kr27K39NcBU43LdDD0I1yjNvGe
|
||||
zAoL5MIiCPD/QR1kAvLmgpMUSqOVvrk+uoGLVt6dOGvxlOiG1AAaN0gA8Q0B/jZV
|
||||
4tZlBpZ7MX9xeK10wqVT56msN69P3EzKQn1uoVRrBxEnNvI1iqmmkgMLcrFVJFBQ
|
||||
888Uuw9Hx5MO7ES/ATe8mt0zReUGvn91jYVVsPpmAopWnjCol271gflY0RomFXKy
|
||||
XaIuvbeF+3otF0+MNqJfm4IsAKJjvl92pjVX0f0eBCSPCYR7D1EtgQrqflLkZKZ8
|
||||
jBGDlgpsFWt/Omz1BYcuGZU/djM4+SNxr4YRYMi3lMix3s2PmHvm304I7eEEBlC9
|
||||
qy1jq/sLaf8mHJrF6Htl7W5WS/Famkwv/VreI92iHrhsmIDiX7OIbXzYDCxT/PQa
|
||||
6uCm/3jIbcHG/ZHZ12H6thkafK0Aoe009+p1n+5Y7V2oNvYe3KzZTnCN5t6z1QHZ
|
||||
V5iypsd6lNDzlodjleTgGK8FmHGRPRdq1wb3eOLE8mWZj7ygDT50FwaC8FzAcHgC
|
||||
bLN/zlHvCbYmk9IJhktO3B6wtMrZl60+XCpb5rTulM94RirifFYsnTIDJApI11yb
|
||||
3AYi5dQXHjab/lvj6917xa0CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
gr33n = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.123";
|
||||
aliases = [
|
||||
"gr33n.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqecLfk8TlGFF7JJpv8
|
||||
kjLFNgoNfu9FYRMNG4GSxWL5w+49n6b+GC5ciOC+RJ+N56jfB9JYE0MtbuOmkY5M
|
||||
JUphuvgOCNhTbBJsjnmG9n02evpxZn9HWypNC3oQCvY2K7vHpIxGKR5PyTVKPO0P
|
||||
OOYKAbCLD9F2bmuLaBQ/dFXFQxfu3tjvJI9mYDWBpSkh1mYeMZLw2xxnRZLs0bEO
|
||||
ZWdzxCh9UM/mgb4WYuNED9+sz7MSsaMPAqquarFCguUxhjp6rElGFcNWjXaxA5zt
|
||||
JGS6VompUViVSHjSaQ5/3VRKoIQjr4NOFYQqLpmB5S2OpiggV6I9OpB7QUGlvcYd
|
||||
I3j+1AeK11HuEyPqSwxjNCCrI12bSIo3685BPHbl+AMhWGhzrCkAGcOCbAefreXQ
|
||||
5v4SaKUIDlCYhN+vyNdlu2jvqQlxfJrPAfBt+jJBK6gMcAEKc7P/Oj4B9Fsl331X
|
||||
s0kWH5G9t6OhO/Of8/kb2/P+YEbM6zi1QQdZAOr6Cg0y4cMt9zxLWknaM4yEDAXH
|
||||
oSM33PTv9DOvBjfxRXqOHqOHRq5ayqZdIFgfLUlPTdbWRkhNzjG8f7k7p32m20A6
|
||||
Kal+OF//I2c9E9vKFzyepyTcnwi3B8+cFJ74+XYaNApdwHSb1BU/+c3O9RJExZGV
|
||||
jtTSbSJHU5esECtAuXy1XH8CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
sunsh1n3 = {
|
||||
ci = false;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.42.142";
|
||||
aliases = [
|
||||
"sunsh1n3.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo2VCqp6mUbyo3n+1XpKf
|
||||
QavpgRYQyv9wAZzYSYHjxThuLmNb/wERPbWJFMZfAGuku0blKWJISSgFWd9YL7dU
|
||||
pZQZxfqo/9xnS/r0xIKrKSsBiTZt7JZmTQzj1ri11TIO0S1QPjIP5HsxlZZAw0nz
|
||||
idEDlKmgWs74FPdezlXqvJyEUKDqL/ZQBtdhZZIDMkSJnCdBzXxKwv+uLVE46ZBf
|
||||
4HrtQjcj+dyVMogMIoseAgf5lS6V3pyCM7/NHZFxrIxoIAxSsUoB59i2EbK6aUK5
|
||||
yuiWHI6ZHToxN2K/0SX96hzxcwrUmdk49tTHBY0Zhn2ku6NjQPU3LuxgIwrSaSJD
|
||||
/KWh6XkqR7EsCVN0AIsLvFelI2ckSyNyAlnYbMAHDt7GwHlNp4Lsy+x4ZQ6m0xTY
|
||||
Z+/jt6sfoMiulPcwWEpqNCCf5A65lF77DldQhH3qYrdQ756n/kOqSfQtPCnVNYXy
|
||||
LlN5rKCOgxKxxtKkwMUif2OM9RPHpM7wS09Rvek6zpL9ymhU5THF7UylLKxKGjYj
|
||||
6dTooyRVQRJdrwIYLrJIy0MfGyYiGAJxf/C0KOOZnJPCW2b51+bo5Zh+BhKZYN8H
|
||||
C2DEGc8+4h5hX1TAaUfTpfVm3mMTh8H2m9N8Pdl5ji+A0m0IwHDLQyaoskcxSjvU
|
||||
9IxYLfkSD6AJqasnHlz0L08CAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
users = {
|
||||
mb = {
|
||||
mail = "mb0@codemonkey.cc";
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCHAdKGHP/De/GLEsPo5RBfbaiiitMw4Y/akOekJbImswT6Np2lzqno/WBJcfVs3D39wgPKNld4P/QZc5IwxC26q/PnBFu93KES0GqnlAqUNE63IOJ8UzNdyEqWggnRiLrBU+ZgyFZvmqp6NoSO4YEGEK4RZRMJM/GcAuQMj/nGjx2AHwPGZCkIRgz8/ctBOzX1/knZd3cOnNowH1wlqUKX6UcEzJdAVDQijHF1wl0Ri8tJKq9u8s/fw+1PSOpOHaeF1BALsXSKgeJDqUCTnZW5mAVUWJ86LvvyfCP4In9lhhLisbDm2cD96QaVvJyV6HfmegdSxZ1Phh+9Qz+3WhDJRedBTSKWfK/9j7VWSb+z/KV37q72W25ZfFMSay58LmCqn3v5fGt9qj4nlPw0By4baGLiGlA7xyvkJfdt8ZVPps5d2g6UprTbSA79lYN4qtWKq2Z9t317xch7Lix6EunQcoTkJ6QXEbDrAIk3zvkWr/CtpwEhNcSdWvQsua42dkD2oOI2F2IgFyYgOx9Iba2yj8A0TD2iqfYVhsJIYuk12QfeaR7ovQ6DhHlUxyQzeF6h0Y+I4AN6Sq/Mmj/cxfQoIaAEybUQMX+7KjFceIszT3JbGlz7DCxi7DMmNYuc7LELMRG3jNAOk+fW8u42Bhgc44tzvAondojerUGqCbUDw== mb0@codemonkey.cc";
|
||||
};
|
||||
};
|
||||
}
|
@ -1,11 +1,11 @@
|
||||
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-12_x, pkgs, icu }:
|
||||
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs, pkgs, icu }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
|
||||
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
|
||||
nodejs = nodejs-12_x;
|
||||
nodejs = nodejs;
|
||||
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
|
||||
};
|
||||
|
||||
@ -36,7 +36,7 @@ in stdenv.mkDerivation {
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
nodejs-12_x
|
||||
nodejs
|
||||
makeWrapper
|
||||
];
|
||||
|
||||
@ -45,7 +45,7 @@ in stdenv.mkDerivation {
|
||||
|
||||
cp newsbot.js $out/
|
||||
cat > $out/newsbot << EOF
|
||||
${nodejs-12_x}/bin/node $out/newsbot.js
|
||||
${nodejs}/bin/node $out/newsbot.js
|
||||
EOF
|
||||
chmod +x $out/newsbot
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
# This file has been generated by node2nix 1.5.3. Do not edit!
|
||||
# This file has been generated by node2nix 1.7.0. Do not edit!
|
||||
|
||||
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
|
||||
|
||||
@ -13,22 +13,13 @@ let
|
||||
sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746";
|
||||
};
|
||||
};
|
||||
"ajv-5.5.2" = {
|
||||
"ajv-6.10.2" = {
|
||||
name = "ajv";
|
||||
packageName = "ajv";
|
||||
version = "5.5.2";
|
||||
version = "6.10.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz";
|
||||
sha1 = "73b5eeca3fab653e3d3f9422b341ad42205dc965";
|
||||
};
|
||||
};
|
||||
"array-filter-0.0.1" = {
|
||||
name = "array-filter";
|
||||
packageName = "array-filter";
|
||||
version = "0.0.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/array-filter/-/array-filter-0.0.1.tgz";
|
||||
sha1 = "7da8cf2e26628ed732803581fd21f67cacd2eeec";
|
||||
url = "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz";
|
||||
sha512 = "TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==";
|
||||
};
|
||||
};
|
||||
"array-indexofobject-0.0.1" = {
|
||||
@ -40,31 +31,13 @@ let
|
||||
sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a";
|
||||
};
|
||||
};
|
||||
"array-map-0.0.0" = {
|
||||
name = "array-map";
|
||||
packageName = "array-map";
|
||||
version = "0.0.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/array-map/-/array-map-0.0.0.tgz";
|
||||
sha1 = "88a2bab73d1cf7bcd5c1b118a003f66f665fa662";
|
||||
};
|
||||
};
|
||||
"array-reduce-0.0.0" = {
|
||||
name = "array-reduce";
|
||||
packageName = "array-reduce";
|
||||
version = "0.0.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/array-reduce/-/array-reduce-0.0.0.tgz";
|
||||
sha1 = "173899d3ffd1c7d9383e4479525dbe278cab5f2b";
|
||||
};
|
||||
};
|
||||
"asn1-0.2.3" = {
|
||||
"asn1-0.2.4" = {
|
||||
name = "asn1";
|
||||
packageName = "asn1";
|
||||
version = "0.2.3";
|
||||
version = "0.2.4";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz";
|
||||
sha1 = "dac8787713c9966849fc8180777ebe9c1ddf3b86";
|
||||
url = "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz";
|
||||
sha512 = "jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==";
|
||||
};
|
||||
};
|
||||
"assert-plus-1.0.0" = {
|
||||
@ -94,40 +67,22 @@ let
|
||||
sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8";
|
||||
};
|
||||
};
|
||||
"aws4-1.6.0" = {
|
||||
"aws4-1.8.0" = {
|
||||
name = "aws4";
|
||||
packageName = "aws4";
|
||||
version = "1.6.0";
|
||||
version = "1.8.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/aws4/-/aws4-1.6.0.tgz";
|
||||
sha1 = "83ef5ca860b2b32e4a0deedee8c771b9db57471e";
|
||||
url = "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz";
|
||||
sha512 = "ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ==";
|
||||
};
|
||||
};
|
||||
"bcrypt-pbkdf-1.0.1" = {
|
||||
"bcrypt-pbkdf-1.0.2" = {
|
||||
name = "bcrypt-pbkdf";
|
||||
packageName = "bcrypt-pbkdf";
|
||||
version = "1.0.1";
|
||||
version = "1.0.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz";
|
||||
sha1 = "63bc5dcb61331b92bc05fd528953c33462a06f8d";
|
||||
};
|
||||
};
|
||||
"boom-4.3.1" = {
|
||||
name = "boom";
|
||||
packageName = "boom";
|
||||
version = "4.3.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/boom/-/boom-4.3.1.tgz";
|
||||
sha1 = "4f8a3005cb4a7e3889f749030fd25b96e01d2e31";
|
||||
};
|
||||
};
|
||||
"boom-5.2.0" = {
|
||||
name = "boom";
|
||||
packageName = "boom";
|
||||
version = "5.2.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/boom/-/boom-5.2.0.tgz";
|
||||
sha512 = "19h20yqpvca08dns1rs4f057f10w63v0snxfml4h5khsk266x3x1im0w72bza4k2xn0kfz6jlv001dhcvxsjr09bmbqnysils9m7437";
|
||||
url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz";
|
||||
sha1 = "a4301d389b6a43f9b67ff3ca11a3f6637e360e9e";
|
||||
};
|
||||
};
|
||||
"caseless-0.12.0" = {
|
||||
@ -139,22 +94,13 @@ let
|
||||
sha1 = "1b681c21ff84033c826543090689420d187151dc";
|
||||
};
|
||||
};
|
||||
"co-4.6.0" = {
|
||||
name = "co";
|
||||
packageName = "co";
|
||||
version = "4.6.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/co/-/co-4.6.0.tgz";
|
||||
sha1 = "6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184";
|
||||
};
|
||||
};
|
||||
"combined-stream-1.0.6" = {
|
||||
"combined-stream-1.0.8" = {
|
||||
name = "combined-stream";
|
||||
packageName = "combined-stream";
|
||||
version = "1.0.6";
|
||||
version = "1.0.8";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.6.tgz";
|
||||
sha1 = "723e7df6e801ac5613113a7e445a9b69cb632818";
|
||||
url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz";
|
||||
sha512 = "FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==";
|
||||
};
|
||||
};
|
||||
"core-util-is-1.0.2" = {
|
||||
@ -166,15 +112,6 @@ let
|
||||
sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7";
|
||||
};
|
||||
};
|
||||
"cryptiles-3.1.2" = {
|
||||
name = "cryptiles";
|
||||
packageName = "cryptiles";
|
||||
version = "3.1.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/cryptiles/-/cryptiles-3.1.2.tgz";
|
||||
sha1 = "a89fbb220f5ce25ec56e8c4aa8a4fd7b5b0d29fe";
|
||||
};
|
||||
};
|
||||
"dashdash-1.14.1" = {
|
||||
name = "dashdash";
|
||||
packageName = "dashdash";
|
||||
@ -193,22 +130,22 @@ let
|
||||
sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619";
|
||||
};
|
||||
};
|
||||
"ecc-jsbn-0.1.1" = {
|
||||
"ecc-jsbn-0.1.2" = {
|
||||
name = "ecc-jsbn";
|
||||
packageName = "ecc-jsbn";
|
||||
version = "0.1.1";
|
||||
version = "0.1.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz";
|
||||
sha1 = "0fc73a9ed5f0d53c38193398523ef7e543777505";
|
||||
url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz";
|
||||
sha1 = "3a83a904e54353287874c564b7549386849a98c9";
|
||||
};
|
||||
};
|
||||
"extend-3.0.1" = {
|
||||
"extend-3.0.2" = {
|
||||
name = "extend";
|
||||
packageName = "extend";
|
||||
version = "3.0.1";
|
||||
version = "3.0.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz";
|
||||
sha1 = "a755ea7bc1adfcc5a31ce7e762dbaadc5e636444";
|
||||
url = "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz";
|
||||
sha512 = "fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==";
|
||||
};
|
||||
};
|
||||
"extsprintf-1.3.0" = {
|
||||
@ -220,13 +157,13 @@ let
|
||||
sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05";
|
||||
};
|
||||
};
|
||||
"fast-deep-equal-1.1.0" = {
|
||||
"fast-deep-equal-2.0.1" = {
|
||||
name = "fast-deep-equal";
|
||||
packageName = "fast-deep-equal";
|
||||
version = "1.1.0";
|
||||
version = "2.0.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz";
|
||||
sha1 = "c053477817c86b51daa853c81e059b733d023614";
|
||||
url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz";
|
||||
sha1 = "7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49";
|
||||
};
|
||||
};
|
||||
"fast-json-stable-stringify-2.0.0" = {
|
||||
@ -247,13 +184,13 @@ let
|
||||
sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91";
|
||||
};
|
||||
};
|
||||
"form-data-2.3.2" = {
|
||||
"form-data-2.3.3" = {
|
||||
name = "form-data";
|
||||
packageName = "form-data";
|
||||
version = "2.3.2";
|
||||
version = "2.3.3";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz";
|
||||
sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099";
|
||||
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz";
|
||||
sha512 = "1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==";
|
||||
};
|
||||
};
|
||||
"getpass-0.1.7" = {
|
||||
@ -274,31 +211,13 @@ let
|
||||
sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92";
|
||||
};
|
||||
};
|
||||
"har-validator-5.0.3" = {
|
||||
"har-validator-5.1.3" = {
|
||||
name = "har-validator";
|
||||
packageName = "har-validator";
|
||||
version = "5.0.3";
|
||||
version = "5.1.3";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/har-validator/-/har-validator-5.0.3.tgz";
|
||||
sha1 = "ba402c266194f15956ef15e0fcf242993f6a7dfd";
|
||||
};
|
||||
};
|
||||
"hawk-6.0.2" = {
|
||||
name = "hawk";
|
||||
packageName = "hawk";
|
||||
version = "6.0.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz";
|
||||
sha512 = "1nl2hjr2mnhj5jlaz8mh54z7acwz5j5idkch04qgjk78756gw5d0fjk4a2immil5ij9ijdssb9ndpryvnh2xpcbgcjv8lxybn330als";
|
||||
};
|
||||
};
|
||||
"hoek-4.2.1" = {
|
||||
name = "hoek";
|
||||
packageName = "hoek";
|
||||
version = "4.2.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/hoek/-/hoek-4.2.1.tgz";
|
||||
sha512 = "1y8kprb3qldxqj31zai5n8dvhydsl9nn5w4rskhnbzzhldn6pm6n5lcyam3sfkb61a62d5m58k8im7z6ngwbd9cw9zp4zm4y7ckrf20";
|
||||
url = "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz";
|
||||
sha512 = "sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==";
|
||||
};
|
||||
};
|
||||
"http-signature-1.2.0" = {
|
||||
@ -319,22 +238,22 @@ let
|
||||
sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed";
|
||||
};
|
||||
};
|
||||
"inherits-2.0.3" = {
|
||||
"inherits-2.0.4" = {
|
||||
name = "inherits";
|
||||
packageName = "inherits";
|
||||
version = "2.0.3";
|
||||
version = "2.0.4";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz";
|
||||
sha1 = "633c2c83e3da42a502f52466022480f4208261de";
|
||||
url = "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz";
|
||||
sha512 = "k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==";
|
||||
};
|
||||
};
|
||||
"irc-colors-1.4.2" = {
|
||||
"irc-colors-1.5.0" = {
|
||||
name = "irc-colors";
|
||||
packageName = "irc-colors";
|
||||
version = "1.4.2";
|
||||
version = "1.5.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.4.2.tgz";
|
||||
sha512 = "0f75yhavbhr8lbh3lh83rvyfrrrcxjawnd2rz7sacjd3zxj5524xr28j66f2l11vlngdkbplxz5xsq9dnwrcyqa0jh64k2pvzhn17a1";
|
||||
url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.5.0.tgz";
|
||||
sha512 = "HtszKchBQTcqw1DC09uD7i7vvMayHGM1OCo6AHt5pkgZEyo99ClhHTMJdf+Ezc9ovuNNxcH89QfyclGthjZJOw==";
|
||||
};
|
||||
};
|
||||
"is-typedarray-1.0.0" = {
|
||||
@ -382,13 +301,13 @@ let
|
||||
sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13";
|
||||
};
|
||||
};
|
||||
"json-schema-traverse-0.3.1" = {
|
||||
"json-schema-traverse-0.4.1" = {
|
||||
name = "json-schema-traverse";
|
||||
packageName = "json-schema-traverse";
|
||||
version = "0.3.1";
|
||||
version = "0.4.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz";
|
||||
sha1 = "349a6d44c53a51de89b40805c5d5e59b417d3340";
|
||||
url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz";
|
||||
sha512 = "xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==";
|
||||
};
|
||||
};
|
||||
"json-stringify-safe-5.0.1" = {
|
||||
@ -400,15 +319,6 @@ let
|
||||
sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb";
|
||||
};
|
||||
};
|
||||
"jsonify-0.0.0" = {
|
||||
name = "jsonify";
|
||||
packageName = "jsonify";
|
||||
version = "0.0.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz";
|
||||
sha1 = "2c74b6ee41d93ca51b7b5aaee8f503631d252a73";
|
||||
};
|
||||
};
|
||||
"jsprim-1.4.1" = {
|
||||
name = "jsprim";
|
||||
packageName = "jsprim";
|
||||
@ -454,40 +364,40 @@ let
|
||||
sha1 = "d0225373aeb652adc1bc82e4945339a842754773";
|
||||
};
|
||||
};
|
||||
"mime-db-1.33.0" = {
|
||||
"mime-db-1.42.0" = {
|
||||
name = "mime-db";
|
||||
packageName = "mime-db";
|
||||
version = "1.33.0";
|
||||
version = "1.42.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz";
|
||||
sha512 = "36xnw59ik9fqym00cmwb5nyzg0l03k70cp413f7639j93wgmzk1mh0xjc7i6zz3r6k9xnwh0g5cm5a1f3y8c6plgy4qld7fm887ywh4";
|
||||
url = "https://registry.npmjs.org/mime-db/-/mime-db-1.42.0.tgz";
|
||||
sha512 = "UbfJCR4UAVRNgMpfImz05smAXK7+c+ZntjaA26ANtkXLlOe947Aag5zdIcKQULAiF9Cq4WxBi9jUs5zkA84bYQ==";
|
||||
};
|
||||
};
|
||||
"mime-types-2.1.18" = {
|
||||
"mime-types-2.1.25" = {
|
||||
name = "mime-types";
|
||||
packageName = "mime-types";
|
||||
version = "2.1.18";
|
||||
version = "2.1.25";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.18.tgz";
|
||||
sha512 = "22krj1kw7n9z10zdyx7smcaim4bzwqsqzhspwha06q58gcrxfp93hw2cd0vk5crhq5p2dwzqlpacg32lrmp5sjzb798zdzy35mdmkwm";
|
||||
url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.25.tgz";
|
||||
sha512 = "5KhStqB5xpTAeGqKBAMgwaYMnQik7teQN4IAzC7npDv6kzeU6prfkR67bc87J1kWMPGkoaZSq1npmexMgkmEVg==";
|
||||
};
|
||||
};
|
||||
"mri-1.1.0" = {
|
||||
"mri-1.1.4" = {
|
||||
name = "mri";
|
||||
packageName = "mri";
|
||||
version = "1.1.0";
|
||||
version = "1.1.4";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/mri/-/mri-1.1.0.tgz";
|
||||
sha1 = "5c0a3f29c8ccffbbb1ec941dcec09d71fa32f36a";
|
||||
url = "https://registry.npmjs.org/mri/-/mri-1.1.4.tgz";
|
||||
sha512 = "6y7IjGPm8AzlvoUrwAaw1tLnUBudaS3752vcd8JtrpGGQn+rXIe63LFVHm/YMwtqAuh+LJPCFdlLYPWM1nYn6w==";
|
||||
};
|
||||
};
|
||||
"nan-2.10.0" = {
|
||||
"nan-2.14.0" = {
|
||||
name = "nan";
|
||||
packageName = "nan";
|
||||
version = "2.10.0";
|
||||
version = "2.14.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz";
|
||||
sha512 = "349rr7x0djrlkav4gbhkg355852ingn965r0kkch8rr4cwp7qki9676zpq8cq988yszzd2hld6szsbbnd1v6rghzf11abn1nyzlj1vc";
|
||||
url = "https://registry.npmjs.org/nan/-/nan-2.14.0.tgz";
|
||||
sha512 = "INOFj37C7k3AfaNTtX8RhsTw7qRy7eLET14cROi9+5HAVbbHuIWUHEauBv5qT4Av2tWasiTY1Jw6puUNqRJXQg==";
|
||||
};
|
||||
};
|
||||
"node-icu-charset-detector-0.2.0" = {
|
||||
@ -499,13 +409,13 @@ let
|
||||
sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639";
|
||||
};
|
||||
};
|
||||
"oauth-sign-0.8.2" = {
|
||||
"oauth-sign-0.9.0" = {
|
||||
name = "oauth-sign";
|
||||
packageName = "oauth-sign";
|
||||
version = "0.8.2";
|
||||
version = "0.9.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz";
|
||||
sha1 = "46a6ab7f0aead8deae9ec0565780b7d4efeb9d43";
|
||||
url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz";
|
||||
sha512 = "fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==";
|
||||
};
|
||||
};
|
||||
"performance-now-2.1.0" = {
|
||||
@ -517,13 +427,22 @@ let
|
||||
sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b";
|
||||
};
|
||||
};
|
||||
"process-nextick-args-2.0.0" = {
|
||||
"process-nextick-args-2.0.1" = {
|
||||
name = "process-nextick-args";
|
||||
packageName = "process-nextick-args";
|
||||
version = "2.0.0";
|
||||
version = "2.0.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz";
|
||||
sha512 = "0rw8xpqqkhs91722slvzf8icxfaimqp4w8zb3840jxr7r8n8035byl6dhdi5bm0yr6x7sdws0gf3m025fg6hqgaklwlbl4d7bah5l9j";
|
||||
url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz";
|
||||
sha512 = "3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==";
|
||||
};
|
||||
};
|
||||
"psl-1.4.0" = {
|
||||
name = "psl";
|
||||
packageName = "psl";
|
||||
version = "1.4.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz";
|
||||
sha512 = "HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw==";
|
||||
};
|
||||
};
|
||||
"punycode-1.4.1" = {
|
||||
@ -535,13 +454,22 @@ let
|
||||
sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e";
|
||||
};
|
||||
};
|
||||
"qs-6.5.1" = {
|
||||
"punycode-2.1.1" = {
|
||||
name = "punycode";
|
||||
packageName = "punycode";
|
||||
version = "2.1.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz";
|
||||
sha512 = "XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==";
|
||||
};
|
||||
};
|
||||
"qs-6.5.2" = {
|
||||
name = "qs";
|
||||
packageName = "qs";
|
||||
version = "6.5.1";
|
||||
version = "6.5.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz";
|
||||
sha512 = "3waqapyj1k4g135sgj636rmswiaixq19is1rw0rpv4qp6k7dl0a9nwy06m7yl5lbdk9p6xpwwngnggbzlzaz6rh11c86j2nvnnf273r";
|
||||
url = "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz";
|
||||
sha512 = "N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==";
|
||||
};
|
||||
};
|
||||
"readable-stream-2.3.6" = {
|
||||
@ -550,16 +478,34 @@ let
|
||||
version = "2.3.6";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz";
|
||||
sha512 = "0mj9b6190amln9rg89x5pq2n195s3v0gzicpdamv1kbabg69aw5m71l34jsjn7bqil7405l6l35x9ijnb3h4jz5vx2i00l8sl1ll2xm";
|
||||
sha512 = "tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==";
|
||||
};
|
||||
};
|
||||
"safe-buffer-5.1.1" = {
|
||||
"safe-buffer-5.1.2" = {
|
||||
name = "safe-buffer";
|
||||
packageName = "safe-buffer";
|
||||
version = "5.1.1";
|
||||
version = "5.1.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz";
|
||||
sha512 = "1p28rllll1w65yzq5azi4izx962399xdsdlfbaynn7vmp981hiss05jhiy9hm7sbbfk3b4dhlcv0zy07fc59mnc07hdv6wcgqkcvawh";
|
||||
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz";
|
||||
sha512 = "Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==";
|
||||
};
|
||||
};
|
||||
"safe-buffer-5.2.0" = {
|
||||
name = "safe-buffer";
|
||||
packageName = "safe-buffer";
|
||||
version = "5.2.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz";
|
||||
sha512 = "fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==";
|
||||
};
|
||||
};
|
||||
"safer-buffer-2.1.2" = {
|
||||
name = "safer-buffer";
|
||||
packageName = "safer-buffer";
|
||||
version = "2.1.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz";
|
||||
sha512 = "YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==";
|
||||
};
|
||||
};
|
||||
"sax-1.2.4" = {
|
||||
@ -568,25 +514,16 @@ let
|
||||
version = "1.2.4";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz";
|
||||
sha512 = "1dn291mjsda42w8kldlbmngk6dhjxfbvvd5lckyqmwbjaj6069iq3wx0nvcfglwnpddz2qa93lzf4hv77iz43bd2qixa079sjzl799n";
|
||||
sha512 = "NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==";
|
||||
};
|
||||
};
|
||||
"sntp-2.1.0" = {
|
||||
name = "sntp";
|
||||
packageName = "sntp";
|
||||
version = "2.1.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/sntp/-/sntp-2.1.0.tgz";
|
||||
sha512 = "0k2smmr24w5hb1cpql6vcgh58vzp4pmh9anf0bgz3arlsgq1mapnlq9fjqr6xs10aq1cmxaw987fwknqi62frax0fvs9bj3q3kmpg8l";
|
||||
};
|
||||
};
|
||||
"sshpk-1.14.1" = {
|
||||
"sshpk-1.16.1" = {
|
||||
name = "sshpk";
|
||||
packageName = "sshpk";
|
||||
version = "1.14.1";
|
||||
version = "1.16.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/sshpk/-/sshpk-1.14.1.tgz";
|
||||
sha1 = "130f5975eddad963f1d56f92b9ac6c51fa9f83eb";
|
||||
url = "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz";
|
||||
sha512 = "HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==";
|
||||
};
|
||||
};
|
||||
"string_decoder-1.1.1" = {
|
||||
@ -595,25 +532,16 @@ let
|
||||
version = "1.1.1";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz";
|
||||
sha512 = "315yd4vzwrwk3vwj1klf46y1cj2jbvf88066y2rnwhksb98phj46jkxixbwsp3h607w7czy7cby522s7sx8mvspdpdm3s72y2ga3x4z";
|
||||
sha512 = "n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==";
|
||||
};
|
||||
};
|
||||
"stringstream-0.0.5" = {
|
||||
name = "stringstream";
|
||||
packageName = "stringstream";
|
||||
version = "0.0.5";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz";
|
||||
sha1 = "4e484cd4de5a0bbbee18e46307710a8a81621878";
|
||||
};
|
||||
};
|
||||
"tough-cookie-2.3.4" = {
|
||||
"tough-cookie-2.4.3" = {
|
||||
name = "tough-cookie";
|
||||
packageName = "tough-cookie";
|
||||
version = "2.3.4";
|
||||
version = "2.4.3";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.4.tgz";
|
||||
sha512 = "0ncm6j3cjq1f26mzjf04k9bkw1b08w53s4qa3a11c1bdj4pgnqv1422c1xs5jyy6y1psppjx52fhagq5zkjkgrcpdkxcdiry96r77jd";
|
||||
url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz";
|
||||
sha512 = "Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==";
|
||||
};
|
||||
};
|
||||
"tunnel-agent-0.6.0" = {
|
||||
@ -634,6 +562,15 @@ let
|
||||
sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64";
|
||||
};
|
||||
};
|
||||
"uri-js-4.2.2" = {
|
||||
name = "uri-js";
|
||||
packageName = "uri-js";
|
||||
version = "4.2.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz";
|
||||
sha512 = "KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==";
|
||||
};
|
||||
};
|
||||
"util-deprecate-1.0.2" = {
|
||||
name = "util-deprecate";
|
||||
packageName = "util-deprecate";
|
||||
@ -643,13 +580,13 @@ let
|
||||
sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf";
|
||||
};
|
||||
};
|
||||
"uuid-3.2.1" = {
|
||||
"uuid-3.3.3" = {
|
||||
name = "uuid";
|
||||
packageName = "uuid";
|
||||
version = "3.2.1";
|
||||
version = "3.3.3";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/uuid/-/uuid-3.2.1.tgz";
|
||||
sha512 = "0843vl1c974n8kw5kn0kvhvhwk8y8jydr0xkwwl2963xxmkw4ingk6xj9c8m48jw2i95giglxzq5aw5v5mij9kv7fzln8pxav1cr6cd";
|
||||
url = "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz";
|
||||
sha512 = "pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ==";
|
||||
};
|
||||
};
|
||||
"verror-1.10.0" = {
|
||||
@ -676,16 +613,16 @@ in
|
||||
sources."addressparser-1.0.1"
|
||||
sources."array-indexofobject-0.0.1"
|
||||
sources."core-util-is-1.0.2"
|
||||
sources."inherits-2.0.3"
|
||||
sources."inherits-2.0.4"
|
||||
sources."isarray-1.0.0"
|
||||
sources."lodash.assign-4.2.0"
|
||||
sources."lodash.get-4.4.2"
|
||||
sources."lodash.has-4.5.2"
|
||||
sources."lodash.uniq-4.5.0"
|
||||
sources."mri-1.1.0"
|
||||
sources."process-nextick-args-2.0.0"
|
||||
sources."mri-1.1.4"
|
||||
sources."process-nextick-args-2.0.1"
|
||||
sources."readable-stream-2.3.6"
|
||||
sources."safe-buffer-5.1.1"
|
||||
sources."safe-buffer-5.1.2"
|
||||
sources."sax-1.2.4"
|
||||
sources."string_decoder-1.1.1"
|
||||
sources."util-deprecate-1.0.2"
|
||||
@ -698,29 +635,32 @@ in
|
||||
};
|
||||
production = true;
|
||||
bypassCache = true;
|
||||
reconstructLock = true;
|
||||
};
|
||||
form-data = nodeEnv.buildNodePackage {
|
||||
name = "form-data";
|
||||
packageName = "form-data";
|
||||
version = "2.3.2";
|
||||
version = "3.0.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz";
|
||||
sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099";
|
||||
url = "https://registry.npmjs.org/form-data/-/form-data-3.0.0.tgz";
|
||||
sha512 = "CKMFDglpbMi6PyN+brwB9Q/GOw0eAnsrEZDgcsH5Krhz5Od/haKHAX0NmQfha2zPPz0JpWzA7GJHGSnvCRLWsg==";
|
||||
};
|
||||
dependencies = [
|
||||
sources."asynckit-0.4.0"
|
||||
sources."combined-stream-1.0.6"
|
||||
sources."combined-stream-1.0.8"
|
||||
sources."delayed-stream-1.0.0"
|
||||
sources."mime-db-1.33.0"
|
||||
sources."mime-types-2.1.18"
|
||||
sources."mime-db-1.42.0"
|
||||
sources."mime-types-2.1.25"
|
||||
];
|
||||
buildInputs = globalBuildInputs;
|
||||
meta = {
|
||||
description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.";
|
||||
homepage = "https://github.com/form-data/form-data#readme";
|
||||
license = "MIT";
|
||||
};
|
||||
production = true;
|
||||
bypassCache = true;
|
||||
reconstructLock = true;
|
||||
};
|
||||
irc = nodeEnv.buildNodePackage {
|
||||
name = "irc";
|
||||
@ -732,8 +672,8 @@ in
|
||||
};
|
||||
dependencies = [
|
||||
sources."iconv-2.2.3"
|
||||
sources."irc-colors-1.4.2"
|
||||
sources."nan-2.10.0"
|
||||
sources."irc-colors-1.5.0"
|
||||
sources."nan-2.14.0"
|
||||
sources."node-icu-charset-detector-0.2.0"
|
||||
];
|
||||
buildInputs = globalBuildInputs;
|
||||
@ -744,69 +684,66 @@ in
|
||||
};
|
||||
production = true;
|
||||
bypassCache = true;
|
||||
reconstructLock = true;
|
||||
};
|
||||
request = nodeEnv.buildNodePackage {
|
||||
name = "request";
|
||||
packageName = "request";
|
||||
version = "2.85.0";
|
||||
version = "2.88.0";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/request/-/request-2.85.0.tgz";
|
||||
sha512 = "2d3hg10zs5ycnr8prmiwdhacf88fl0x0bi6szs0z2r07zcbk419laixwpjp8sqapbc2ifyyih7p3r60wgr58bmcncz3pqnx523c8zph";
|
||||
url = "https://registry.npmjs.org/request/-/request-2.88.0.tgz";
|
||||
sha512 = "NAqBSrijGLZdM0WZNsInLJpkJokL72XYjUpnB0iwsRgxh7dB6COrHnTBNwN0E+lHDAJzu7kLAkDeY08z2/A0hg==";
|
||||
};
|
||||
dependencies = [
|
||||
sources."ajv-5.5.2"
|
||||
sources."asn1-0.2.3"
|
||||
sources."ajv-6.10.2"
|
||||
sources."asn1-0.2.4"
|
||||
sources."assert-plus-1.0.0"
|
||||
sources."asynckit-0.4.0"
|
||||
sources."aws-sign2-0.7.0"
|
||||
sources."aws4-1.6.0"
|
||||
sources."bcrypt-pbkdf-1.0.1"
|
||||
sources."boom-4.3.1"
|
||||
sources."aws4-1.8.0"
|
||||
sources."bcrypt-pbkdf-1.0.2"
|
||||
sources."caseless-0.12.0"
|
||||
sources."co-4.6.0"
|
||||
sources."combined-stream-1.0.6"
|
||||
sources."combined-stream-1.0.8"
|
||||
sources."core-util-is-1.0.2"
|
||||
(sources."cryptiles-3.1.2" // {
|
||||
dependencies = [
|
||||
sources."boom-5.2.0"
|
||||
];
|
||||
})
|
||||
sources."dashdash-1.14.1"
|
||||
sources."delayed-stream-1.0.0"
|
||||
sources."ecc-jsbn-0.1.1"
|
||||
sources."extend-3.0.1"
|
||||
sources."ecc-jsbn-0.1.2"
|
||||
sources."extend-3.0.2"
|
||||
sources."extsprintf-1.3.0"
|
||||
sources."fast-deep-equal-1.1.0"
|
||||
sources."fast-deep-equal-2.0.1"
|
||||
sources."fast-json-stable-stringify-2.0.0"
|
||||
sources."forever-agent-0.6.1"
|
||||
sources."form-data-2.3.2"
|
||||
sources."form-data-2.3.3"
|
||||
sources."getpass-0.1.7"
|
||||
sources."har-schema-2.0.0"
|
||||
sources."har-validator-5.0.3"
|
||||
sources."hawk-6.0.2"
|
||||
sources."hoek-4.2.1"
|
||||
sources."har-validator-5.1.3"
|
||||
sources."http-signature-1.2.0"
|
||||
sources."is-typedarray-1.0.0"
|
||||
sources."isstream-0.1.2"
|
||||
sources."jsbn-0.1.1"
|
||||
sources."json-schema-0.2.3"
|
||||
sources."json-schema-traverse-0.3.1"
|
||||
sources."json-schema-traverse-0.4.1"
|
||||
sources."json-stringify-safe-5.0.1"
|
||||
sources."jsprim-1.4.1"
|
||||
sources."mime-db-1.33.0"
|
||||
sources."mime-types-2.1.18"
|
||||
sources."oauth-sign-0.8.2"
|
||||
sources."mime-db-1.42.0"
|
||||
sources."mime-types-2.1.25"
|
||||
sources."oauth-sign-0.9.0"
|
||||
sources."performance-now-2.1.0"
|
||||
sources."punycode-1.4.1"
|
||||
sources."qs-6.5.1"
|
||||
sources."safe-buffer-5.1.1"
|
||||
sources."sntp-2.1.0"
|
||||
sources."sshpk-1.14.1"
|
||||
sources."stringstream-0.0.5"
|
||||
sources."tough-cookie-2.3.4"
|
||||
sources."psl-1.4.0"
|
||||
sources."punycode-2.1.1"
|
||||
sources."qs-6.5.2"
|
||||
sources."safe-buffer-5.2.0"
|
||||
sources."safer-buffer-2.1.2"
|
||||
sources."sshpk-1.16.1"
|
||||
(sources."tough-cookie-2.4.3" // {
|
||||
dependencies = [
|
||||
sources."punycode-1.4.1"
|
||||
];
|
||||
})
|
||||
sources."tunnel-agent-0.6.0"
|
||||
sources."tweetnacl-0.14.5"
|
||||
sources."uuid-3.2.1"
|
||||
sources."uri-js-4.2.2"
|
||||
sources."uuid-3.3.3"
|
||||
sources."verror-1.10.0"
|
||||
];
|
||||
buildInputs = globalBuildInputs;
|
||||
@ -817,28 +754,24 @@ in
|
||||
};
|
||||
production = true;
|
||||
bypassCache = true;
|
||||
reconstructLock = true;
|
||||
};
|
||||
shell-quote = nodeEnv.buildNodePackage {
|
||||
name = "shell-quote";
|
||||
packageName = "shell-quote";
|
||||
version = "1.6.1";
|
||||
version = "1.7.2";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.6.1.tgz";
|
||||
sha1 = "f4781949cce402697127430ea3b3c5476f481767";
|
||||
url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.7.2.tgz";
|
||||
sha512 = "mRz/m/JVscCrkMyPqHc/bczi3OQHkLTqXHEFu0zDhK/qfv3UcOA4SVmRCLmos4bhjr9ekVQubj/R7waKapmiQg==";
|
||||
};
|
||||
dependencies = [
|
||||
sources."array-filter-0.0.1"
|
||||
sources."array-map-0.0.0"
|
||||
sources."array-reduce-0.0.0"
|
||||
sources."jsonify-0.0.0"
|
||||
];
|
||||
buildInputs = globalBuildInputs;
|
||||
meta = {
|
||||
description = "quote and parse shell commands";
|
||||
homepage = "https://github.com/substack/node-shell-quote#readme";
|
||||
homepage = https://github.com/substack/node-shell-quote;
|
||||
license = "MIT";
|
||||
};
|
||||
production = true;
|
||||
bypassCache = true;
|
||||
reconstructLock = true;
|
||||
};
|
||||
}
|
@ -1,2 +1,4 @@
|
||||
node2nix -8 -i pkgs.json -c combine.nix
|
||||
#! /usr/bin/env nix-shell
|
||||
#! nix-shell -i bash -p nodePackages.node2nix
|
||||
node2nix -12 -i pkgs.json -c combine.nix
|
||||
rm node-env.nix combine.nix
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "c1966522d7d5fa54db068140d212cba18731dd98",
|
||||
"date": "2019-11-15T22:50:52+00:00",
|
||||
"sha256": "104481nxv0hi1rk3g0fjzyki1668p4b46bz0j3lsqv5gv1nm43vm",
|
||||
"rev": "e89b21504f3e61e535229afa0b121defb52d2a50",
|
||||
"date": "2019-11-19T07:59:43-05:00",
|
||||
"sha256": "0jqcv3rfki3mwda00g66d27k6q2y7ca5mslrnshfpbdm7j8ya0kj",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "07e66484e679d0e28533543f762be20d6d425b66",
|
||||
"date": "2019-11-16T11:23:08+00:00",
|
||||
"sha256": "1d3n1yfp9xhl7nh377sp2wwnh0gscislg6gzj8sgdq169d18lgsg",
|
||||
"rev": "4ad6f1404a8cd69a11f16edba09cc569e5012e42",
|
||||
"date": "2019-11-23T00:42:36+01:00",
|
||||
"sha256": "1pclh0hvma66g3yxrrh9rlzpscqk5ylypnmiczz1bwwrl8n21q3h",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
@ -1,18 +1,6 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
nixpkgs_pre_node_10_17 = import (pkgs.fetchFromGitHub {
|
||||
owner = "nixos";
|
||||
repo = "nixpkgs";
|
||||
rev = "81f4c491afbc8f0fe994ef946b1ac61cf1261577";
|
||||
sha256 = "0xvawrd9nq3ybvq2pdp5gyi8gygf0yimgp0bx1xggq6l8mvgrj71";
|
||||
}) {};
|
||||
in {
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
codimd = nixpkgs_pre_node_10_17.codimd;
|
||||
};
|
||||
|
||||
{
|
||||
services.nginx.virtualHosts.codimd = {
|
||||
enableACME = true;
|
||||
addSSL = true;
|
||||
|
1
lass/5pkgs/autowifi
Submodule
1
lass/5pkgs/autowifi
Submodule
@ -0,0 +1 @@
|
||||
Subproject commit cf3ae8f6fe285eab67db4f36f9a3da3762c35317
|
@ -1,228 +0,0 @@
|
||||
import subprocess
|
||||
import time
|
||||
import urllib.request
|
||||
import logging
|
||||
import argparse
|
||||
import socket
|
||||
import struct
|
||||
import signal
|
||||
import os
|
||||
|
||||
wifiDB = ''
|
||||
logger = logging.getLogger()
|
||||
got_signal = False
|
||||
|
||||
|
||||
def signal_handler(signum, frame):
|
||||
global got_signal
|
||||
got_signal = True
|
||||
|
||||
|
||||
def get_default_gateway() -> str:
|
||||
"""Read the default gateway directly from /proc."""
|
||||
with open("/proc/net/route") as fh:
|
||||
for line in fh:
|
||||
fields = line.strip().split()
|
||||
if fields[1] != '00000000' or not int(fields[3], 16) & 2:
|
||||
continue
|
||||
|
||||
return socket.inet_ntoa(struct.pack("<L", int(fields[2], 16)))
|
||||
|
||||
|
||||
def connect(ssid, psk=None):
|
||||
subprocess.run(
|
||||
["nmcli", "connection", "delete", "autowifi"],
|
||||
stdout=subprocess.PIPE,
|
||||
)
|
||||
logging.info('connecting to %s', ssid)
|
||||
if psk is None:
|
||||
subprocess.run(
|
||||
[
|
||||
"nmcli",
|
||||
"device",
|
||||
"wifi",
|
||||
"connect",
|
||||
ssid,
|
||||
"name",
|
||||
"autowifi",
|
||||
],
|
||||
stdout=subprocess.PIPE,
|
||||
)
|
||||
else:
|
||||
subprocess.run(
|
||||
[
|
||||
"nmcli",
|
||||
"device",
|
||||
"wifi",
|
||||
"connect",
|
||||
ssid,
|
||||
"name",
|
||||
"autowifi",
|
||||
"password",
|
||||
psk,
|
||||
],
|
||||
stdout=subprocess.PIPE,
|
||||
)
|
||||
time.sleep(5)
|
||||
|
||||
|
||||
def scan():
|
||||
logging.debug('scanning wifis')
|
||||
wifis_raw = subprocess.check_output([
|
||||
"nmcli",
|
||||
"-t",
|
||||
"device",
|
||||
"wifi",
|
||||
"list",
|
||||
"--rescan",
|
||||
"yes",
|
||||
])
|
||||
wifis_list = wifis_raw.split(b'\n')
|
||||
logging.debug('scanning wifis finished')
|
||||
wifis = []
|
||||
for line in wifis_list:
|
||||
logging.debug(line)
|
||||
ls = line.split(b':')
|
||||
if len(ls) == 8:
|
||||
wifis.append({
|
||||
"ssid": ls[1],
|
||||
"signal": int(ls[5]),
|
||||
"crypto": ls[7]
|
||||
})
|
||||
return wifis
|
||||
|
||||
|
||||
def get_known_wifis():
|
||||
wifis_lines = []
|
||||
with open(wifiDB) as f:
|
||||
wifis_lines = f.read().splitlines()
|
||||
wifis = []
|
||||
for line in wifis_lines:
|
||||
ls = line.split('/')
|
||||
wifis.append({"ssid": ls[0].encode(), "psk": ls[1].encode()})
|
||||
return wifis
|
||||
|
||||
|
||||
def check_network():
|
||||
logging.debug('checking network')
|
||||
|
||||
global got_signal
|
||||
if got_signal:
|
||||
logging.info('got disconnect signal')
|
||||
got_signal = False
|
||||
return False
|
||||
else:
|
||||
gateway = get_default_gateway()
|
||||
if gateway:
|
||||
response = subprocess.run(
|
||||
[
|
||||
'ping',
|
||||
'-q',
|
||||
'-c',
|
||||
'1',
|
||||
gateway,
|
||||
],
|
||||
stdout=subprocess.PIPE,
|
||||
)
|
||||
if response.returncode == 0:
|
||||
logging.debug('host %s is up', gateway)
|
||||
return True
|
||||
else:
|
||||
logging.debug('host %s is down', gateway)
|
||||
return False
|
||||
else:
|
||||
logging.debug('no gateway')
|
||||
return False
|
||||
|
||||
|
||||
def check_internet():
|
||||
logging.debug('checking internet')
|
||||
|
||||
try:
|
||||
with open('./dummy_internet') as f:
|
||||
dummy_content = f.read()
|
||||
if dummy_content == 'xxx\n':
|
||||
return True
|
||||
beacon = urllib.request.urlopen('http://krebsco.de/secret')
|
||||
except Exception as e: # noqa
|
||||
logging.debug(e)
|
||||
logging.info('no internet exc')
|
||||
return False
|
||||
if beacon.read() == b'1337\n':
|
||||
return True
|
||||
logging.info('no internet oh')
|
||||
return False
|
||||
|
||||
|
||||
def is_wifi_open(wifi):
|
||||
if wifi['crypto'] == b'':
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
|
||||
def is_wifi_seen(wifi, seen_wifis):
|
||||
for seen_wifi in seen_wifis:
|
||||
if seen_wifi["ssid"] == wifi["ssid"]:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
def main():
|
||||
parser = argparse.ArgumentParser()
|
||||
|
||||
parser.add_argument(
|
||||
'-c', '--config',
|
||||
dest='config',
|
||||
help='wifi config file to use',
|
||||
default='/etc/wifis',
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'-l', '--loglevel',
|
||||
dest='loglevel',
|
||||
help='loglevel to use',
|
||||
default=logging.INFO,
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'-p', '--pidfile',
|
||||
dest='pidfile',
|
||||
help='file to write the pid to',
|
||||
default=None,
|
||||
)
|
||||
|
||||
args = parser.parse_args()
|
||||
|
||||
global wifiDB
|
||||
wifiDB = args.config
|
||||
logger.setLevel(args.loglevel)
|
||||
|
||||
signal.signal(signal.SIGUSR1, signal_handler)
|
||||
|
||||
if args.pidfile:
|
||||
with open(args.pidfile, 'w+') as f:
|
||||
f.write(str(os.getpid()))
|
||||
|
||||
while True:
|
||||
if not check_network():
|
||||
wifis = scan()
|
||||
known_wifis = get_known_wifis()
|
||||
known_seen_wifis = [
|
||||
wifi for wifi in known_wifis if is_wifi_seen(wifi, wifis)
|
||||
]
|
||||
for wifi in known_seen_wifis:
|
||||
connect(wifi['ssid'], wifi['psk'])
|
||||
if check_network():
|
||||
break
|
||||
open_wifis = filter(is_wifi_open, wifis)
|
||||
for wifi in open_wifis:
|
||||
connect(wifi['ssid'])
|
||||
|
||||
if check_network():
|
||||
break
|
||||
time.sleep(10)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
@ -1 +0,0 @@
|
||||
pkgs.writers.writePython3Bin "autowifi" {} ./autowifi.py
|
@ -1,144 +0,0 @@
|
||||
{ config, pkgs, callPackage, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.gr33n;
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [ wireguard ];
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||
fileSystems."/mnt/public" = {
|
||||
device = "//192.168.0.4/public";
|
||||
fsType = "cifs";
|
||||
options = let
|
||||
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
|
||||
in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ];
|
||||
};
|
||||
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
nixpkgs.config.packageOverrides = super: {
|
||||
openvpn = super.openvpn.override {
|
||||
pkcs11Support = true;
|
||||
useSystemd = false;
|
||||
};
|
||||
};
|
||||
|
||||
environment.shellAliases = {
|
||||
ll = "ls -alh";
|
||||
ls = "ls --color=tty";
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
fish
|
||||
git
|
||||
htop
|
||||
nmap
|
||||
ranger
|
||||
tcpdump
|
||||
tmux
|
||||
traceroute
|
||||
tree
|
||||
vim
|
||||
wcalc
|
||||
wget
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||
|
||||
sound.enable = false;
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
services.codimd = {
|
||||
enable = true;
|
||||
workDir = "/storage/codimd";
|
||||
configuration = {
|
||||
port = 1337;
|
||||
host = "0.0.0.0";
|
||||
db = {
|
||||
dialect = "sqlite";
|
||||
storage = "/storage/codimd/db.codimd.sqlite";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.wireless.enable = false;
|
||||
networking.networkmanager.enable = false;
|
||||
krebs.iptables.enable = true;
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
nix.buildCores = 4;
|
||||
system.autoUpgrade.enable = false;
|
||||
system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03";
|
||||
system.stateVersion = "19.03";
|
||||
|
||||
}
|
@ -1,37 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
boot.initrd.mdadmConf = ''
|
||||
ARRAY /dev/md0 level=raid6 num-devices=4 metadata=1.2 name=gr33n:0 UUID=5b715fd9:0be6bfa6:19f07db4:c16836d6
|
||||
devices=/dev/sda1,/dev/sdb1,/dev/sdc1,/dev/sdd1
|
||||
'';
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/a9f2c19b-f60f-450c-87f1-146a54c4198b";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/storage" =
|
||||
{ device = "/dev/disk/by-label/storage";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/93EB-BCA3";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
@ -1,238 +0,0 @@
|
||||
{ config, pkgs, callPackage, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
<stockholm/mb/2configs/nvim.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.orange;
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [ wireguard ];
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.initrd.luks.devices = [
|
||||
{
|
||||
name = "root";
|
||||
device = "/dev/disk/by-uuid/09a36f91-a713-4b82-8b41-4e7a6acc4acf";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
}
|
||||
];
|
||||
|
||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||
fileSystems."/mnt/public" = {
|
||||
device = "//192.168.0.4/public";
|
||||
fsType = "cifs";
|
||||
options = let
|
||||
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
|
||||
in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ];
|
||||
};
|
||||
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
nixpkgs.config.packageOverrides = super: {
|
||||
openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = false; };
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
fonts = {
|
||||
enableCoreFonts = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
anonymousPro
|
||||
corefonts
|
||||
dejavu_fonts
|
||||
envypn-font
|
||||
fira
|
||||
gentium
|
||||
gohufont
|
||||
inconsolata
|
||||
liberation_ttf
|
||||
powerline-fonts
|
||||
source-code-pro
|
||||
terminus_font
|
||||
ttf_bitstream_vera
|
||||
ubuntu_font_family
|
||||
unifont
|
||||
unstable.cherry
|
||||
xorg.fontbitstream100dpi
|
||||
xorg.fontbitstream75dpi
|
||||
xorg.fontbitstreamtype1
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
adapta-gtk-theme
|
||||
aircrackng
|
||||
ag
|
||||
arandr
|
||||
binutils
|
||||
chromium
|
||||
cifs-utils
|
||||
curl
|
||||
evince
|
||||
exfat
|
||||
feh
|
||||
file
|
||||
firefox
|
||||
freetype
|
||||
gimp
|
||||
git
|
||||
gnupg
|
||||
graphite2
|
||||
hicolor_icon_theme
|
||||
htop
|
||||
i3lock
|
||||
jq
|
||||
keepassx2
|
||||
kvm
|
||||
lxappearance
|
||||
man-pages
|
||||
moc
|
||||
mpv
|
||||
mpvc
|
||||
mupdf
|
||||
ncdu
|
||||
nmap
|
||||
openvpn
|
||||
pass
|
||||
p7zip
|
||||
powertop
|
||||
ranger
|
||||
rofi
|
||||
sshfs
|
||||
tcpdump
|
||||
tmux
|
||||
traceroute
|
||||
tree
|
||||
unstable.alacritty
|
||||
unstable.ponyc
|
||||
unstable.sublime3
|
||||
unstable.youtube-dl
|
||||
virt-viewer
|
||||
virtmanager
|
||||
vulnix
|
||||
wcalc
|
||||
wget
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
EDITOR = ["nvim"];
|
||||
};
|
||||
|
||||
environment.shellAliases = {
|
||||
ll = "ls -alh";
|
||||
ls = "ls --color=tty";
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.enable = true;
|
||||
#virtualisation.kvmgt.enable = true;
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = true;
|
||||
hardware.pulseaudio.support32Bit = true;
|
||||
nixpkgs.config.pulseaudio = true;
|
||||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
layout = "de";
|
||||
xkbVariant = "nodeadkeys";
|
||||
libinput.enable = true;
|
||||
desktopManager = {
|
||||
default = "xfce";
|
||||
xterm.enable = false;
|
||||
xfce = {
|
||||
enable = true;
|
||||
noDesktop = true;
|
||||
enableXfwm = false;
|
||||
};
|
||||
};
|
||||
windowManager.ratpoison.enable = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
#services.openssh.permitRootLogin = "yes";
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
networking.wireless.enable = false;
|
||||
networking.networkmanager.enable = false;
|
||||
krebs.iptables.enable = true;
|
||||
#networking.nameservers = [ "8.8.8.8" "141.1.1.1" ];
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
nix.maxJobs = 4;
|
||||
nix.buildCores = 4;
|
||||
system.autoUpgrade.enable = false;
|
||||
system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03";
|
||||
system.stateVersion = "19.03";
|
||||
|
||||
}
|
@ -1,28 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ohci_pci" "ehci_pci" "pata_atiixp" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/b1d32c54-35f8-4bf1-9fd2-82adc760af01";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/BF9B-03A2";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
}
|
@ -1,227 +0,0 @@
|
||||
{ config, pkgs, callPackage, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
<stockholm/mb/2configs/nvim.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.p1nk;
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
boot.initrd.luks.devices = [
|
||||
{
|
||||
name = "root";
|
||||
device = "/dev/disk/by-uuid/0392257b-f6cf-484d-8c46-e20aab4fddb7";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
}
|
||||
];
|
||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||
fileSystems."/mnt/public" = {
|
||||
device = "//192.168.0.4/public";
|
||||
fsType = "cifs";
|
||||
options = let
|
||||
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
|
||||
in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ];
|
||||
};
|
||||
|
||||
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
fonts = {
|
||||
enableCoreFonts = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
anonymousPro
|
||||
corefonts
|
||||
dejavu_fonts
|
||||
envypn-font
|
||||
fira
|
||||
gentium
|
||||
gohufont
|
||||
inconsolata
|
||||
liberation_ttf
|
||||
powerline-fonts
|
||||
source-code-pro
|
||||
terminus_font
|
||||
ttf_bitstream_vera
|
||||
ubuntu_font_family
|
||||
unifont
|
||||
unstable.cherry
|
||||
xorg.fontbitstream100dpi
|
||||
xorg.fontbitstream75dpi
|
||||
xorg.fontbitstreamtype1
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = super: {
|
||||
openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = false; };
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
adapta-gtk-theme
|
||||
aircrackng
|
||||
ag
|
||||
arandr
|
||||
binutils
|
||||
chromium
|
||||
cifs-utils
|
||||
curl
|
||||
evince
|
||||
exfat
|
||||
feh
|
||||
file
|
||||
firefox
|
||||
freetype
|
||||
gimp
|
||||
git
|
||||
gnupg
|
||||
graphite2
|
||||
hicolor_icon_theme
|
||||
htop
|
||||
i3lock
|
||||
jq
|
||||
keepassx2
|
||||
kvm
|
||||
lxappearance
|
||||
man-pages
|
||||
moc
|
||||
mpv
|
||||
mpvc
|
||||
mupdf
|
||||
ncdu
|
||||
nmap
|
||||
openvpn
|
||||
pass
|
||||
p7zip
|
||||
powertop
|
||||
ranger
|
||||
rofi
|
||||
sshfs
|
||||
tcpdump
|
||||
tmux
|
||||
traceroute
|
||||
tree
|
||||
unstable.alacritty
|
||||
unstable.ponyc
|
||||
unstable.sublime3
|
||||
youtube-dl
|
||||
virt-viewer
|
||||
virtmanager
|
||||
vulnix
|
||||
wcalc
|
||||
wget
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
environment.shellAliases = {
|
||||
ll = "ls -alh";
|
||||
ls = "ls --color=tty";
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.enable = true;
|
||||
virtualisation.kvmgt.enable = true;
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = true;
|
||||
hardware.pulseaudio.support32Bit = true;
|
||||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
layout = "de";
|
||||
xkbOptions = "nodeadkeys";
|
||||
libinput.enable = true;
|
||||
desktopManager = {
|
||||
default = "xfce";
|
||||
xterm.enable = false;
|
||||
xfce = {
|
||||
enable = true;
|
||||
noDesktop = true;
|
||||
enableXfwm = false;
|
||||
};
|
||||
};
|
||||
windowManager.ratpoison.enable = true;
|
||||
windowManager.pekwm.enable = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
krebs.iptables.enable = true;
|
||||
networking.networkmanager.enable = false;
|
||||
networking.wireless.enable = true;
|
||||
networking.nameservers = [ "8.8.8.8" "141.1.1.1" ];
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color magenta) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
nix.maxJobs = 4;
|
||||
nix.buildCores = 4;
|
||||
system.autoUpgrade.enable = false;
|
||||
system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03";
|
||||
system.stateVersion = "19.03";
|
||||
|
||||
}
|
@ -1,29 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/4cc2add6-ed19-4685-bbd9-b992bd8d51fb";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/9F87-AEAA";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
@ -1,103 +0,0 @@
|
||||
{ config, pkgs, callPackage, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
<stockholm/mb/2configs/google-compute-config.nix>
|
||||
<stockholm/mb>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.rofl;
|
||||
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.shellAliases = {
|
||||
ll = "ls -alh";
|
||||
ls = "ls --color=tty";
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
fish
|
||||
git
|
||||
htop
|
||||
nmap
|
||||
ranger
|
||||
tcpdump
|
||||
tmux
|
||||
traceroute
|
||||
tree
|
||||
vim
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
sound.enable = false;
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
networking.wireless.enable = false;
|
||||
networking.networkmanager.enable = false;
|
||||
krebs.iptables.enable = true;
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
system.autoUpgrade.enable = false;
|
||||
system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03";
|
||||
system.stateVersion = "19.03";
|
||||
|
||||
}
|
@ -1,181 +0,0 @@
|
||||
|
||||
{ config, pkgs, ... }: let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in {
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
<stockholm/mb>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.sunsh1n3;
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||
|
||||
boot.initrd.luks.devices = [
|
||||
{
|
||||
name = "root";
|
||||
device = "/dev/disk/by-uuid/5354ba31-c7de-4b55-8f86-a2a437dfbb21";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
}
|
||||
];
|
||||
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "de";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
nixpkgs.config.packageOverrides = super : {
|
||||
openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = true ; };
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
fonts = {
|
||||
enableCoreFonts = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = with pkgs; [
|
||||
anonymousPro
|
||||
corefonts
|
||||
dejavu_fonts
|
||||
envypn-font
|
||||
fira
|
||||
gentium
|
||||
gohufont
|
||||
inconsolata
|
||||
liberation_ttf
|
||||
powerline-fonts
|
||||
source-code-pro
|
||||
terminus_font
|
||||
ttf_bitstream_vera
|
||||
ubuntu_font_family
|
||||
unifont
|
||||
unstable.cherry
|
||||
xorg.fontbitstream100dpi
|
||||
xorg.fontbitstream75dpi
|
||||
xorg.fontbitstreamtype1
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget vim git curl fish
|
||||
ag
|
||||
chromium
|
||||
firefox
|
||||
gimp
|
||||
p7zip
|
||||
htop
|
||||
mpv
|
||||
mpvc
|
||||
nmap
|
||||
ntfs3g
|
||||
keepassx2
|
||||
sshfs
|
||||
#unstable.skrooge
|
||||
skrooge
|
||||
unstable.alacritty
|
||||
tmux
|
||||
tree
|
||||
wcalc
|
||||
virtmanager
|
||||
virt-viewer
|
||||
(wine.override { wineBuild = "wineWow"; })
|
||||
xz
|
||||
zbackup
|
||||
];
|
||||
|
||||
virtualisation.libvirtd.enable = true;
|
||||
virtualisation.kvmgt.enable = true;
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
|
||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||
programs.dconf.enable = true;
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
services.openssh.passwordAuthentication = false;
|
||||
|
||||
krebs.iptables.enable = true;
|
||||
#networking.wireless.enable = true;
|
||||
networking.networkmanager.enable = true;
|
||||
networking.enableIPv6 = false;
|
||||
|
||||
# Enable sound.
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = true;
|
||||
hardware.pulseaudio.support32Bit = true;
|
||||
nixpkgs.config.pulseaudio = true;
|
||||
|
||||
services.xserver.enable = true;
|
||||
services.xserver.layout = "de";
|
||||
services.xserver.xkbOptions = "nodeadkeys";
|
||||
services.xserver.libinput.enable = true;
|
||||
|
||||
# Enable the KDE Desktop Environment.
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
nix.buildCores = 4;
|
||||
|
||||
system.stateVersion = "19.09";
|
||||
|
||||
}
|
@ -1,29 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/a3257922-d2d4-45ae-87cc-cc38d32e0774";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/60A6-4DAB";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
@ -1,222 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
{
|
||||
users.users = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.mb.pubkey
|
||||
];
|
||||
};
|
||||
mb = {
|
||||
name = "mb";
|
||||
uid = 1337;
|
||||
home = "/home/mb";
|
||||
group = "users";
|
||||
createHome = true;
|
||||
shell = "/run/current-system/sw/bin/fish";
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"video"
|
||||
"fuse"
|
||||
"wheel"
|
||||
"kvm"
|
||||
"qemu-libvirtd"
|
||||
"libvirtd"
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.mb.pubkey
|
||||
];
|
||||
};
|
||||
xo = {
|
||||
name = "xo";
|
||||
uid = 2323;
|
||||
home = "/home/xo";
|
||||
group = "users";
|
||||
createHome = true;
|
||||
shell = "/run/current-system/sw/bin/fish";
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"video"
|
||||
"fuse"
|
||||
"wheel"
|
||||
"kvm"
|
||||
"qemu-libvirtd"
|
||||
"libvirtd"
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.mb.pubkey
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
environment.variables = {
|
||||
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
|
||||
};
|
||||
}
|
||||
(let ca-bundle = "/etc/ssl/certs/ca-bundle.crt"; in {
|
||||
environment.variables = {
|
||||
CURL_CA_BUNDLE = ca-bundle;
|
||||
GIT_SSL_CAINFO = ca-bundle;
|
||||
SSL_CERT_FILE = ca-bundle;
|
||||
};
|
||||
})
|
||||
];
|
||||
|
||||
networking.hostName = config.krebs.build.host.name;
|
||||
|
||||
krebs = {
|
||||
enable = true;
|
||||
build.user = config.krebs.users.mb;
|
||||
};
|
||||
|
||||
users.mutableUsers = true;
|
||||
|
||||
services.timesyncd.enable = mkForce true;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /tmp 1777 root root - -"
|
||||
];
|
||||
|
||||
# multiple-definition-problem when defining environment.variables.EDITOR
|
||||
environment.extraInit = ''
|
||||
EDITOR=vim
|
||||
'';
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
#stockholm
|
||||
git
|
||||
git-preview
|
||||
gnumake
|
||||
jq
|
||||
parallel
|
||||
proot
|
||||
populate
|
||||
|
||||
#style
|
||||
most
|
||||
rxvt_unicode.terminfo
|
||||
|
||||
#monitoring tools
|
||||
htop
|
||||
iotop
|
||||
|
||||
#network
|
||||
iptables
|
||||
iftop
|
||||
tcpdump
|
||||
|
||||
#stuff for dl
|
||||
aria2
|
||||
|
||||
#neat utils
|
||||
fish
|
||||
file
|
||||
kpaste
|
||||
krebspaste
|
||||
mosh
|
||||
pciutils
|
||||
psmisc
|
||||
tmux
|
||||
untilport
|
||||
usbutils
|
||||
|
||||
#unpack stuff
|
||||
p7zip
|
||||
|
||||
(pkgs.writeDashBin "sshn" ''
|
||||
${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@"
|
||||
'')
|
||||
];
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
permitRootLogin = "yes";
|
||||
passwordAuthentication = false;
|
||||
hostKeys = [
|
||||
# XXX bits here make no science
|
||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||
];
|
||||
};
|
||||
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||
if begin
|
||||
set -q SSH_AGENT_PID
|
||||
and kill -0 $SSH_AGENT_PID
|
||||
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||
end
|
||||
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||
else
|
||||
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||
end
|
||||
set -l identity $HOME/.ssh/id_rsa
|
||||
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||
ssh-add -l | grep -q $fingerprint
|
||||
or ssh-add $identity
|
||||
end
|
||||
'';
|
||||
promptInit = ''
|
||||
function fish_prompt --description 'Write out the prompt'
|
||||
set -l color_cwd
|
||||
set -l suffix
|
||||
set -l nix_shell_info (
|
||||
if test "$IN_NIX_SHELL" != ""
|
||||
echo -n " <nix-shell>"
|
||||
end
|
||||
)
|
||||
switch "$USER"
|
||||
case root toor
|
||||
if set -q fish_color_cwd_root
|
||||
set color_cwd $fish_color_cwd_root
|
||||
else
|
||||
set color_cwd $fish_color_cwd
|
||||
end
|
||||
set suffix '#'
|
||||
case '*'
|
||||
set color_cwd $fish_color_cwd
|
||||
set suffix '>'
|
||||
end
|
||||
|
||||
echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||
end
|
||||
'';
|
||||
};
|
||||
|
||||
services.journald.extraConfig = ''
|
||||
SystemMaxUse=1G
|
||||
RuntimeMaxUse=128M
|
||||
'';
|
||||
|
||||
krebs.iptables = {
|
||||
enable = true;
|
||||
tables = {
|
||||
nat.PREROUTING.rules = [
|
||||
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
|
||||
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
|
||||
];
|
||||
nat.OUTPUT.rules = [
|
||||
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
|
||||
];
|
||||
filter.INPUT.policy = "DROP";
|
||||
filter.FORWARD.policy = "DROP";
|
||||
filter.INPUT.rules = [
|
||||
{ predicate = "-i retiolum -p udp --dport 60000:61000"; target = "ACCEPT";}
|
||||
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
||||
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
||||
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
|
||||
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
||||
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
||||
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
||||
{ predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
|
||||
{ predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
@ -1,231 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let
|
||||
gce = pkgs.google-compute-engine;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
./headless.nix
|
||||
./qemu-guest.nix
|
||||
];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-label/nixos";
|
||||
autoResize = true;
|
||||
};
|
||||
|
||||
boot.growPartition = true;
|
||||
boot.kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
|
||||
boot.initrd.kernelModules = [ "virtio_scsi" ];
|
||||
boot.kernelModules = [ "virtio_pci" "virtio_net" ];
|
||||
|
||||
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
# Don't put old configurations in the GRUB menu. The user has no
|
||||
# way to select them anyway.
|
||||
boot.loader.grub.configurationLimit = 0;
|
||||
|
||||
# Allow root logins only using the SSH key that the user specified
|
||||
# at instance creation time.
|
||||
#services.openssh.enable = true;
|
||||
#services.openssh.permitRootLogin = "prohibit-password";
|
||||
#services.openssh.passwordAuthentication = mkDefault false;
|
||||
|
||||
# Use GCE udev rules for dynamic disk volumes
|
||||
services.udev.packages = [ gce ];
|
||||
|
||||
# Force getting the hostname from Google Compute.
|
||||
networking.hostName = mkDefault "";
|
||||
|
||||
# Always include cryptsetup so that NixOps can use it.
|
||||
environment.systemPackages = [ pkgs.cryptsetup ];
|
||||
|
||||
# Make sure GCE image does not replace host key that NixOps sets
|
||||
environment.etc."default/instance_configs.cfg".text = lib.mkDefault ''
|
||||
[InstanceSetup]
|
||||
set_host_keys = false
|
||||
'';
|
||||
|
||||
# Rely on GCP's firewall instead
|
||||
networking.firewall.enable = mkDefault false;
|
||||
|
||||
# Configure default metadata hostnames
|
||||
networking.extraHosts = ''
|
||||
169.254.169.254 metadata.google.internal metadata
|
||||
'';
|
||||
|
||||
networking.timeServers = [ "metadata.google.internal" ];
|
||||
|
||||
networking.usePredictableInterfaceNames = false;
|
||||
|
||||
# GC has 1460 MTU
|
||||
networking.interfaces.eth0.mtu = 1460;
|
||||
|
||||
security.googleOsLogin.enable = true;
|
||||
|
||||
systemd.services.google-clock-skew-daemon = {
|
||||
description = "Google Compute Engine Clock Skew Daemon";
|
||||
after = [
|
||||
"network.target"
|
||||
"google-instance-setup.service"
|
||||
"google-network-setup.service"
|
||||
];
|
||||
requires = ["network.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${gce}/bin/google_clock_skew_daemon --debug";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-instance-setup = {
|
||||
description = "Google Compute Engine Instance Setup";
|
||||
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service"];
|
||||
before = ["sshd.service"];
|
||||
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||
wantedBy = [ "sshd.service" "multi-user.target" ];
|
||||
path = with pkgs; [ ethtool openssh ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${gce}/bin/google_instance_setup --debug";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-network-daemon = {
|
||||
description = "Google Compute Engine Network Daemon";
|
||||
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service" "google-instance-setup.service"];
|
||||
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||
requires = ["network.target"];
|
||||
partOf = ["network.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = with pkgs; [ iproute ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${gce}/bin/google_network_daemon --debug";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-shutdown-scripts = {
|
||||
description = "Google Compute Engine Shutdown Scripts";
|
||||
after = [
|
||||
"local-fs.target"
|
||||
"network-online.target"
|
||||
"network.target"
|
||||
"rsyslog.service"
|
||||
"systemd-resolved.service"
|
||||
"google-instance-setup.service"
|
||||
"google-network-daemon.service"
|
||||
];
|
||||
wants = [ "local-fs.target" "network-online.target" "network.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.coreutils}/bin/true";
|
||||
ExecStop = "${gce}/bin/google_metadata_script_runner --debug --script-type shutdown";
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
TimeoutStopSec = "infinity";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.google-startup-scripts = {
|
||||
description = "Google Compute Engine Startup Scripts";
|
||||
after = [
|
||||
"local-fs.target"
|
||||
"network-online.target"
|
||||
"network.target"
|
||||
"rsyslog.service"
|
||||
"google-instance-setup.service"
|
||||
"google-network-daemon.service"
|
||||
];
|
||||
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${gce}/bin/google_metadata_script_runner --debug --script-type startup";
|
||||
KillMode = "process";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
# Settings taken from https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
|
||||
boot.kernel.sysctl = {
|
||||
# Turn on SYN-flood protections. Starting with 2.6.26, there is no loss
|
||||
# of TCP functionality/features under normal conditions. When flood
|
||||
# protections kick in under high unanswered-SYN load, the system
|
||||
# should remain more stable, with a trade off of some loss of TCP
|
||||
# functionality/features (e.g. TCP Window scaling).
|
||||
"net.ipv4.tcp_syncookies" = mkDefault "1";
|
||||
|
||||
# ignores source-routed packets
|
||||
"net.ipv4.conf.all.accept_source_route" = mkDefault "0";
|
||||
|
||||
# ignores source-routed packets
|
||||
"net.ipv4.conf.default.accept_source_route" = mkDefault "0";
|
||||
|
||||
# ignores ICMP redirects
|
||||
"net.ipv4.conf.all.accept_redirects" = mkDefault "0";
|
||||
|
||||
# ignores ICMP redirects
|
||||
"net.ipv4.conf.default.accept_redirects" = mkDefault "0";
|
||||
|
||||
# ignores ICMP redirects from non-GW hosts
|
||||
"net.ipv4.conf.all.secure_redirects" = mkDefault "1";
|
||||
|
||||
# ignores ICMP redirects from non-GW hosts
|
||||
"net.ipv4.conf.default.secure_redirects" = mkDefault "1";
|
||||
|
||||
# don't allow traffic between networks or act as a router
|
||||
"net.ipv4.ip_forward" = mkDefault "0";
|
||||
|
||||
# don't allow traffic between networks or act as a router
|
||||
"net.ipv4.conf.all.send_redirects" = mkDefault "0";
|
||||
|
||||
# don't allow traffic between networks or act as a router
|
||||
"net.ipv4.conf.default.send_redirects" = mkDefault "0";
|
||||
|
||||
# reverse path filtering - IP spoofing protection
|
||||
"net.ipv4.conf.all.rp_filter" = mkDefault "1";
|
||||
|
||||
# reverse path filtering - IP spoofing protection
|
||||
"net.ipv4.conf.default.rp_filter" = mkDefault "1";
|
||||
|
||||
# ignores ICMP broadcasts to avoid participating in Smurf attacks
|
||||
"net.ipv4.icmp_echo_ignore_broadcasts" = mkDefault "1";
|
||||
|
||||
# ignores bad ICMP errors
|
||||
"net.ipv4.icmp_ignore_bogus_error_responses" = mkDefault "1";
|
||||
|
||||
# logs spoofed, source-routed, and redirect packets
|
||||
"net.ipv4.conf.all.log_martians" = mkDefault "1";
|
||||
|
||||
# log spoofed, source-routed, and redirect packets
|
||||
"net.ipv4.conf.default.log_martians" = mkDefault "1";
|
||||
|
||||
# implements RFC 1337 fix
|
||||
"net.ipv4.tcp_rfc1337" = mkDefault "1";
|
||||
|
||||
# randomizes addresses of mmap base, heap, stack and VDSO page
|
||||
"kernel.randomize_va_space" = mkDefault "2";
|
||||
|
||||
# Reboot the machine soon after a kernel panic.
|
||||
"kernel.panic" = mkDefault "10";
|
||||
|
||||
## Not part of the original config
|
||||
|
||||
# provides protection from ToCToU races
|
||||
"fs.protected_hardlinks" = mkDefault "1";
|
||||
|
||||
# provides protection from ToCToU races
|
||||
"fs.protected_symlinks" = mkDefault "1";
|
||||
|
||||
# makes locating kernel addresses more difficult
|
||||
"kernel.kptr_restrict" = mkDefault "1";
|
||||
|
||||
# set ptrace protections
|
||||
"kernel.yama.ptrace_scope" = mkOverride 500 "1";
|
||||
|
||||
# set perf only available to root
|
||||
"kernel.perf_event_paranoid" = mkDefault "2";
|
||||
};
|
||||
}
|
@ -1,25 +0,0 @@
|
||||
# Common configuration for headless machines (e.g., Amazon EC2
|
||||
# instances).
|
||||
|
||||
{ lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
boot.vesa = false;
|
||||
|
||||
# Don't start a tty on the serial consoles.
|
||||
systemd.services."serial-getty@ttyS0".enable = false;
|
||||
systemd.services."serial-getty@hvc0".enable = false;
|
||||
systemd.services."getty@tty1".enable = false;
|
||||
systemd.services."autovt@".enable = false;
|
||||
|
||||
# Since we can't manually respond to a panic, just reboot.
|
||||
boot.kernelParams = [ "panic=1" "boot.panic_on_fail" ];
|
||||
|
||||
# Don't allow emergency mode, because we don't have a console.
|
||||
systemd.enableEmergencyMode = false;
|
||||
|
||||
# Being headless, we don't need a GRUB splash image.
|
||||
boot.loader.grub.splashImage = null;
|
||||
}
|
@ -1,446 +0,0 @@
|
||||
|
||||
"*****************************************************************************
|
||||
"" Functions
|
||||
"*****************************************************************************
|
||||
|
||||
function! GetBufferList()
|
||||
redir =>buflist
|
||||
silent! ls!
|
||||
redir END
|
||||
return buflist
|
||||
endfunction
|
||||
|
||||
function! ToggleList(bufname, pfx)
|
||||
let buflist = GetBufferList()
|
||||
for bufnum in map(filter(split(buflist, '\n'), 'v:val =~ "'.a:bufname.'"'), 'str2nr(matchstr(v:val, "\\d\\+"))')
|
||||
if bufwinnr(bufnum) != -1
|
||||
exec(a:pfx.'close')
|
||||
return
|
||||
endif
|
||||
endfor
|
||||
if a:pfx == 'l' && len(getloclist(0)) == 0
|
||||
echohl ErrorMsg
|
||||
echo "Location List is Empty."
|
||||
return
|
||||
endif
|
||||
let winnr = winnr()
|
||||
exec(a:pfx.'open')
|
||||
if winnr() != winnr
|
||||
wincmd p
|
||||
endif
|
||||
endfunction
|
||||
|
||||
|
||||
"*****************************************************************************
|
||||
"" Basic Setup
|
||||
"*****************************************************************************"
|
||||
" General
|
||||
let no_buffers_menu=1
|
||||
syntax on
|
||||
set ruler
|
||||
set number
|
||||
set mousemodel=popup
|
||||
set t_Co=256
|
||||
set guioptions=egmrti
|
||||
set gfn=Monospace\ 10
|
||||
|
||||
" TODO: Testing if this works against automatically setting paste mode
|
||||
" Issue: https://github.com/neovim/neovim/issues/7994
|
||||
au InsertLeave * set nopaste
|
||||
|
||||
|
||||
" undofile - This allows you to use undos after exiting and restarting
|
||||
" This, like swap and backups, uses .vim-undo first, then ~/.vim/undo
|
||||
" :help undo-persistence
|
||||
if exists("+undofile")
|
||||
if isdirectory($HOME . '/.vim/undo') == 0
|
||||
:silent !mkdir -p ~/.vim/undo > /dev/null 2>&1
|
||||
endif
|
||||
set undodir=./.vim-undo//
|
||||
set undodir+=~/.vim/undo//
|
||||
set undofile
|
||||
endif
|
||||
|
||||
" Encoding
|
||||
set encoding=utf-8
|
||||
set fileencoding=utf-8
|
||||
set fileencodings=utf-8
|
||||
set bomb
|
||||
set binary
|
||||
|
||||
" Fix backspace indent
|
||||
set backspace=indent,eol,start
|
||||
|
||||
" Tabs. May be overriten by autocmd rules
|
||||
set tabstop=4
|
||||
set softtabstop=0
|
||||
set shiftwidth=4
|
||||
set expandtab
|
||||
|
||||
" Map leader to ,
|
||||
let mapleader=','
|
||||
|
||||
" Enable hidden buffers
|
||||
set hidden
|
||||
|
||||
" Searching
|
||||
set hlsearch
|
||||
set incsearch
|
||||
set ignorecase
|
||||
set smartcase
|
||||
|
||||
" Directories for swp files
|
||||
set nobackup
|
||||
set noswapfile
|
||||
|
||||
set fileformats=unix,dos,mac
|
||||
|
||||
" File overview
|
||||
set wildmode=list:longest,list:full
|
||||
set wildignore+=*.o,*.obj,.git,*.rbc,*.pyc,__pycache__
|
||||
|
||||
" Shell to emulate
|
||||
if exists('$SHELL')
|
||||
set shell=$SHELL
|
||||
else
|
||||
set shell=/bin/bash
|
||||
endif
|
||||
|
||||
" Set color scheme
|
||||
colorscheme molokai
|
||||
|
||||
"Show always Status bar
|
||||
set laststatus=2
|
||||
|
||||
" Use modeline overrides
|
||||
set modeline
|
||||
set modelines=10
|
||||
|
||||
" Set terminal title
|
||||
set title
|
||||
set titleold="Terminal"
|
||||
set titlestring=%F
|
||||
|
||||
" search will center on the line it's found in.
|
||||
nnoremap n nzzzv
|
||||
nnoremap N Nzzzv
|
||||
|
||||
|
||||
|
||||
"*****************************************************************************
|
||||
"" Abbreviations
|
||||
"*****************************************************************************
|
||||
" no one is really happy until you have this shortcuts
|
||||
cnoreabbrev W! w!
|
||||
cnoreabbrev Q! q!
|
||||
cnoreabbrev Qall! qall!
|
||||
cnoreabbrev Wq wq
|
||||
cnoreabbrev Wa wa
|
||||
cnoreabbrev wQ wq
|
||||
cnoreabbrev WQ wq
|
||||
cnoreabbrev W w
|
||||
cnoreabbrev Q q
|
||||
cnoreabbrev Qall qall
|
||||
|
||||
" NERDTree configuration
|
||||
let g:NERDTreeChDirMode=2
|
||||
let g:NERDTreeIgnore=['\.rbc$', '\~$', '\.pyc$', '\.db$', '\.sqlite$', '__pycache__']
|
||||
let g:NERDTreeSortOrder=['^__\.py$', '\/$', '*', '\.swp$', '\.bak$', '\~$']
|
||||
let g:NERDTreeShowBookmarks=1
|
||||
let g:nerdtree_tabs_focus_on_files=1
|
||||
let g:NERDTreeMapOpenInTabSilent = '<RightMouse>'
|
||||
let g:NERDTreeWinSize = 50
|
||||
set wildignore+=*/tmp/*,*.so,*.swp,*.zip,*.pyc,*.db,*.sqlite
|
||||
nnoremap <silent> <F1> :NERDTreeFind<CR>
|
||||
nnoremap <silent> <F2> :NERDTreeToggle<CR>
|
||||
|
||||
" open terminal emulation
|
||||
nnoremap <silent> <leader>sh :terminal<CR>:startinsert<CR>
|
||||
|
||||
"*****************************************************************************
|
||||
"" Autocmd Rules
|
||||
"*****************************************************************************
|
||||
"" The PC is fast enough, do syntax highlight syncing from start unless 200 lines
|
||||
augroup vimrc-sync-fromstart
|
||||
autocmd!
|
||||
autocmd BufEnter * :syntax sync maxlines=200
|
||||
augroup END
|
||||
|
||||
" Nasm filetype
|
||||
augroup nasm
|
||||
autocmd!
|
||||
autocmd BufRead,BufNewFile *.nasm set ft=nasm
|
||||
augroup END
|
||||
|
||||
" Binary filetype
|
||||
augroup Binary
|
||||
au!
|
||||
au BufReadPre *.bin,*.exe,*.elf let &bin=1
|
||||
au BufReadPost *.bin,*.exe,*.elf if &bin | %!xxd
|
||||
au BufReadPost *.bin,*.exe,*.elf set ft=xxd | endif
|
||||
au BufWritePre *.bin,*.exe,*.elf if &bin | %!xxd -r
|
||||
au BufWritePre *.bin,*.exe,*.elf endif
|
||||
au BufWritePost *.bin,*.exe,*.elf if &bin | %!xxd
|
||||
au BufWritePost *.bin,*.exe,*.elf set nomod | endif
|
||||
augroup END
|
||||
|
||||
" Binary filetype
|
||||
augroup fasm
|
||||
au!
|
||||
au BufReadPost *.fasm set ft=fasm
|
||||
augroup END
|
||||
|
||||
augroup deoplete-update
|
||||
autocmd!
|
||||
autocmd VimEnter * UpdateRemotePlugin
|
||||
augroup END
|
||||
|
||||
"" Remember cursor position
|
||||
augroup vimrc-remember-cursor-position
|
||||
autocmd!
|
||||
autocmd BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
|
||||
augroup END
|
||||
|
||||
"" txt
|
||||
" augroup vimrc-wrapping
|
||||
" autocmd!
|
||||
" autocmd BufRead,BufNewFile *.txt call s:setupWrapping()
|
||||
" augroup END
|
||||
|
||||
"" make/cmake
|
||||
augroup vimrc-make-cmake
|
||||
autocmd!
|
||||
autocmd FileType make setlocal noexpandtab
|
||||
autocmd BufNewFile,BufRead CMakeLists.txt setlocal filetype=cmake
|
||||
augroup END
|
||||
|
||||
set autoread
|
||||
|
||||
"*****************************************************************************
|
||||
"" Mappings
|
||||
"*****************************************************************************
|
||||
|
||||
" Split
|
||||
noremap <Leader>h :<C-u>split<CR>
|
||||
noremap <Leader>v :<C-u>vsplit<CR>
|
||||
|
||||
" Git
|
||||
noremap <Leader>ga :Gwrite<CR>
|
||||
noremap <Leader>gc :Gcommit<CR>
|
||||
noremap <Leader>gsh :Gpush<CR>
|
||||
noremap <Leader>gll :Gpull<CR>
|
||||
noremap <Leader>gs :Gstatus<CR>
|
||||
noremap <Leader>gb :Gblame<CR>
|
||||
noremap <Leader>gd :Gvdiff<CR>
|
||||
noremap <Leader>gr :Gremove<CR>
|
||||
|
||||
" Tabs
|
||||
nnoremap <Tab> gt
|
||||
nnoremap <S-Tab> gT
|
||||
nnoremap <silent> <S-t> :tabnew<CR>
|
||||
|
||||
" Set working directory
|
||||
nnoremap <leader>. :lcd %:p:h<CR>
|
||||
|
||||
" Opens an edit command with the path of the currently edited file filled in
|
||||
noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR>
|
||||
|
||||
" Opens a tab edit command with the path of the currently edited file filled
|
||||
noremap <Leader>te :tabe <C-R>=expand("%:p:h") . "/" <CR>
|
||||
|
||||
" Tagbar
|
||||
nmap <silent> <F3> :TagbarToggle<CR>
|
||||
let g:tagbar_autofocus = 1
|
||||
|
||||
" Copy/Paste/Cut
|
||||
set clipboard^=unnamed,unnamedplus
|
||||
|
||||
noremap YY "+y<CR>
|
||||
noremap <leader>p "+gP<CR>
|
||||
noremap XX "+x<CR>
|
||||
|
||||
" Enable mouse for vim
|
||||
set mouse=a
|
||||
|
||||
" Buffer nav
|
||||
noremap <leader>z :bp<CR>
|
||||
noremap <leader>q :bp<CR>
|
||||
noremap <leader>x :bn<CR>
|
||||
noremap <leader>w :bn<CR>
|
||||
|
||||
" Close buffer
|
||||
noremap <leader>c :bd<CR>
|
||||
|
||||
" Clean search (highlight)
|
||||
nnoremap <silent> <leader><space> :noh<cr>
|
||||
|
||||
" Switching windows
|
||||
noremap <C-j> <C-w>j
|
||||
noremap <C-k> <C-w>k
|
||||
noremap <C-l> <C-w>l
|
||||
noremap <C-h> <C-w>h
|
||||
|
||||
" Vmap for maintain Visual Mode after shifting > and <
|
||||
vmap < <gv
|
||||
vmap > >gv
|
||||
|
||||
" Move visual block
|
||||
vnoremap J :m '>+1<CR>gv=gv
|
||||
vnoremap K :m '<-2<CR>gv=gv
|
||||
|
||||
" Open current line on GitHub
|
||||
nnoremap <Leader>o :.Gbrowse<CR>
|
||||
|
||||
|
||||
" Save on strg+s if not in paste mode
|
||||
nmap <c-s> :w<CR>
|
||||
vmap <c-s> <Esc><c-s>gv
|
||||
imap <c-s> <Esc><c-s>
|
||||
|
||||
" Quit on strg+q in normal mode
|
||||
nnoremap <c-q> :q<cr>
|
||||
|
||||
" Strg+d to replace word under cursor
|
||||
nnoremap <c-d> :%s/\<<C-r><C-w>\>//g<Left><Left>
|
||||
|
||||
" Strg+f ro find word under cursor
|
||||
nnoremap <c-f> :/<C-r><C-w><Left><Left>
|
||||
|
||||
" Remove unneccessary spaces
|
||||
nnoremap <silent> <F5> :let _s=@/ <Bar> :%s/\s\+$//e <Bar> :let @/=_s <Bar> :nohl <Bar> :unlet _s <CR>
|
||||
|
||||
" Reindent whole file with F6
|
||||
map <F6> mzgg=G`z
|
||||
|
||||
" Toggle location list
|
||||
nmap <silent> <F4> :call ToggleList("Quickfix List", 'c')<CR>
|
||||
|
||||
" Replacing text in visual mode doesn't copy it anymore
|
||||
xmap p <Plug>ReplaceWithRegisterVisual
|
||||
xmap <MiddleMouse> <Plug>ReplaceWithRegisterVisual
|
||||
|
||||
" ALE mappings
|
||||
nmap <Leader>i <Plug>(ale_hover)
|
||||
nmap <Leader>d <Plug>(ale_go_to_definition_in_tab)
|
||||
nmap <Leader>rf <Plug>(ale_find_references)
|
||||
nmap <silent><F7> <Plug>(ale_fix)
|
||||
|
||||
" Vim-Go mappings
|
||||
au FileType go nmap <Leader>i :GoDoc<cr>
|
||||
au FileType go nmap <Leader>d :GoDef<cr>
|
||||
au FileType go nmap <Leader>rf :GoReferrers<cr>
|
||||
|
||||
|
||||
"" Opens an edit command with the path of the currently edited file filled in
|
||||
noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR>
|
||||
|
||||
" Use tab for navigatin in autocompletion window
|
||||
inoremap <expr> <Tab> pumvisible() ? "\<C-n>" : "\<Tab>"
|
||||
inoremap <expr> <S-Tab> pumvisible() ? "\<C-p>" : "\<S-Tab>"
|
||||
|
||||
|
||||
"*****************************************************************************
|
||||
"" Plugin settings
|
||||
"*****************************************************************************
|
||||
|
||||
" vim-airline
|
||||
set statusline+=%{fugitive#statusline()}
|
||||
let g:airline_theme = 'powerlineish'
|
||||
let g:airline#extensions#syntastic#enabled = 1
|
||||
let g:airline#extensions#branch#enabled = 1
|
||||
let g:airline#extensions#tabline#enabled = 1
|
||||
let g:airline#extensions#tagbar#enabled = 1
|
||||
let g:airline_skip_empty_sections = 1
|
||||
let g:airline#extensions#ale#enabled = 1
|
||||
|
||||
" show indent lines
|
||||
let g:indent_guides_enable_on_vim_startup = 1
|
||||
let g:indent_guides_auto_colors = 0
|
||||
hi IndentGuidesOdd ctermbg=235
|
||||
hi IndentGuidesEven ctermbg=235
|
||||
let g:indent_guides_guide_size = 1
|
||||
let g:indent_guides_start_level = 2
|
||||
|
||||
" Enable autocompletion
|
||||
let g:deoplete#enable_at_startup = 1
|
||||
set completeopt-=preview
|
||||
|
||||
" Ale no preview on hover
|
||||
let g:ale_close_preview_on_insert = 0
|
||||
let g:ale_cursor_detail = 0
|
||||
|
||||
" Ale skip if file size over 2G
|
||||
let g:ale_maximum_file_size = "2147483648"
|
||||
|
||||
" Ale to loclist and quickfix
|
||||
let g:ale_set_quickfix = 1
|
||||
" let g:ale_set_loclist = 1
|
||||
|
||||
|
||||
" Ale language server
|
||||
let g:ale_linters = {
|
||||
\ 'python': ['pyls'],
|
||||
\ 'c': ['cquery'],
|
||||
\ 'cpp': ['cquery'],
|
||||
\ 'xml': ['xmllint']
|
||||
\ }
|
||||
|
||||
|
||||
" ALE fixers
|
||||
let g:ale_fixers = { '*': ['remove_trailing_lines', 'trim_whitespace'] }
|
||||
let g:ale_fixers.python = ['black']
|
||||
let g:ale_fixers.go = ['gofmt']
|
||||
let g:ale_fixers.c = ['clang-format']
|
||||
let g:ale_fixers.cpp = ['clang-format']
|
||||
let g:ale_fixers.json = ['jq']
|
||||
let g:ale_fixers.xml = ['xmllint']
|
||||
|
||||
let g:ale_completion_enabled = 1
|
||||
let g:ale_sign_error = '⤫'
|
||||
let g:ale_sign_warning = '⚠'
|
||||
let g:ale_lint_on_insert_leave = 1
|
||||
|
||||
" Vim-Go Settings
|
||||
let g:go_auto_sameids = 1
|
||||
let g:go_fmt_command = "goimports"
|
||||
let g:go_auto_type_info = 1
|
||||
|
||||
" Disable syntastic for langserver supported languages
|
||||
let g:syntastic_mode_map = {
|
||||
\ "mode": "active",
|
||||
\ "passive_filetypes": ["go", "python", "c", "cpp", "xml" ]
|
||||
\ }
|
||||
let g:syntastic_always_populate_loc_list = 1
|
||||
let g:syntastic_auto_loc_list = 2
|
||||
let g:syntastic_aggregate_errors = 1
|
||||
let g:syntastic_check_on_open = 1
|
||||
let g:syntastic_check_on_wq = 0
|
||||
let g:syntastic_error_symbol='✗'
|
||||
let g:syntastic_warning_symbol='⚠'
|
||||
let g:syntastic_style_error_symbol = '✗'
|
||||
let g:syntastic_style_warning_symbol = '⚠'
|
||||
|
||||
"*****************************************************************************
|
||||
"" Shortcuts overview
|
||||
"*****************************************************************************
|
||||
" Shortcuts overview
|
||||
" F1 --> Filetree find
|
||||
" F2 --> Filetree toggle
|
||||
" F3 --> Function overview
|
||||
" F4 --> Toggle error bar
|
||||
|
||||
" F5 --> Remove trailing whitespaces
|
||||
" F6 --> Reindent whole file
|
||||
" F7 --> Format and lint file
|
||||
" ,i --> Information about function
|
||||
" ,d --> Jump to definition
|
||||
" ,r --> Rename in all occurences
|
||||
" ,rf --> Find references of function/variable
|
||||
" ,e --> Change current file
|
||||
" ,te --> Open file in new tab
|
||||
" strg+f --> Find current selected word
|
||||
" strg+d --> Replace current selected word
|
||||
" strg+s --> Save file
|
||||
" strg+q --> Close current file
|
||||
" space+, --> Stop highlighting words after search
|
||||
|
@ -1,70 +0,0 @@
|
||||
{ pkgs, config, ... }: let
|
||||
#unstable = import <nixos-unstable> { };
|
||||
in
|
||||
|
||||
{
|
||||
environment.variables = {
|
||||
EDITOR = ["nvim"];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: with pkgs;{
|
||||
neovim_custom = neovim.override {
|
||||
configure = {
|
||||
customRC = builtins.readFile ./neovimrc;
|
||||
|
||||
packages.myVimPackage = with pkgs.vimPlugins;
|
||||
{
|
||||
# loaded on launch
|
||||
start = [
|
||||
nerdtree # file manager
|
||||
commentary # comment stuff out based on language
|
||||
fugitive # full git integration
|
||||
vim-airline-themes # lean & mean status/tabline
|
||||
vim-airline # status bar
|
||||
gitgutter # git diff in the gutter (sign column)
|
||||
vim-trailing-whitespace # trailing whitspaces in red
|
||||
tagbar # F3 function overview
|
||||
syntastic # Fallback to singlethreaded but huge syntax support
|
||||
ReplaceWithRegister # For better copying/replacing
|
||||
polyglot # Language pack
|
||||
vim-indent-guides # for displaying indent levels
|
||||
ale # threaded language client
|
||||
vim-go # go linting
|
||||
deoplete-go # go autocompletion completion
|
||||
deoplete-nvim # general autocompletion
|
||||
molokai # color scheme
|
||||
];
|
||||
|
||||
# manually loadable by calling `:packadd $plugin-name`
|
||||
opt = [];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
ctags
|
||||
neovim_custom
|
||||
jq # For fixing json files
|
||||
xxd # .bin files will be displayed with xxd
|
||||
shellcheck # Shell linting
|
||||
ansible-lint # Ansible linting
|
||||
unzip # To vim into unzipped files
|
||||
nodePackages.jsonlint # json linting
|
||||
#python36Packages.python-language-server # python linting
|
||||
#python36Packages.pyls-mypy # Python static type checker
|
||||
#python36Packages.black # Python code formatter
|
||||
#python37Packages.yamllint # For linting yaml files
|
||||
#python37Packages.libxml2 # For fixing yaml files
|
||||
cquery # C/C++ support
|
||||
clang-tools # C++ fixer
|
||||
];
|
||||
|
||||
fonts = {
|
||||
fonts = with pkgs; [
|
||||
font-awesome_5
|
||||
];
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -1,19 +0,0 @@
|
||||
# Common configuration for virtual machines running under QEMU (using
|
||||
# virtio).
|
||||
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_mmio" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" ];
|
||||
boot.initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ];
|
||||
|
||||
boot.initrd.postDeviceCommands =
|
||||
''
|
||||
# Set the system time from the hardware clock to work around a
|
||||
# bug in qemu-kvm > 1.5.2 (where the VM clock is initialised
|
||||
# to the *boot time* of the host).
|
||||
hwclock -s
|
||||
'';
|
||||
|
||||
security.rngd.enable = false;
|
||||
}
|
@ -1,33 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
|
||||
krebs.iptables = {
|
||||
tables = {
|
||||
filter.INPUT.rules = let
|
||||
tincport = toString config.krebs.build.host.nets.retiolum.tinc.port;
|
||||
in [
|
||||
{ predicate = "-p tcp --dport ${tincport}"; target = "ACCEPT"; }
|
||||
{ predicate = "-p udp --dport ${tincport}"; target = "ACCEPT"; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
krebs.tinc.retiolum = {
|
||||
enableLegacy = true;
|
||||
enable = true;
|
||||
connectTo = [
|
||||
"prism"
|
||||
"gum"
|
||||
"ni"
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
tinc = pkgs.tinc_pre;
|
||||
};
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.tinc
|
||||
];
|
||||
}
|
@ -1,4 +0,0 @@
|
||||
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
this is a private key
|
||||
-----END RSA PRIVATE KEY-----
|
@ -1,6 +0,0 @@
|
||||
_:
|
||||
{
|
||||
imports = [
|
||||
./hosts.nix
|
||||
];
|
||||
}
|
@ -1,12 +0,0 @@
|
||||
{ config, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
options.mb.hosts = mkOption {
|
||||
type = types.attrsOf types.host;
|
||||
default =
|
||||
filterAttrs (_: host: host.owner.name == "mb" && host.ci)
|
||||
config.krebs.hosts;
|
||||
};
|
||||
}
|
@ -1,11 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
|
||||
self: super:
|
||||
|
||||
# Import files and subdirectories like they are overlays.
|
||||
foldl' mergeAttrs {}
|
||||
(map
|
||||
(name: import (./. + "/${name}") self super)
|
||||
(filter
|
||||
(name: name != "default.nix" && !hasPrefix "." name)
|
||||
(attrNames (readDir ./.))))
|
@ -1,14 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
../krebs
|
||||
./2configs
|
||||
./3modules
|
||||
];
|
||||
nixpkgs.config.packageOverrides = import ./5pkgs pkgs;
|
||||
krebs.tinc.retiolum.privkey = {
|
||||
source-path = toString <secrets> + "/${config.krebs.tinc.retiolum.netname}.rsa";
|
||||
path = "${config.krebs.tinc.retiolum.user.home}/tinc.rsa_key.priv";
|
||||
owner = config.krebs.tinc.retiolum.user;
|
||||
};
|
||||
}
|
54
mb/krops.nix
54
mb/krops.nix
@ -1,54 +0,0 @@
|
||||
{ name }: let
|
||||
inherit (import ../krebs/krops.nix { inherit name; })
|
||||
krebs-source
|
||||
lib
|
||||
pkgs
|
||||
;
|
||||
|
||||
host-source = if lib.pathExists (./. + "/1systems/${name}/source.nix") then
|
||||
import (./. + "/1systems/${name}/source.nix") { inherit lib pkgs; }
|
||||
else
|
||||
{}
|
||||
;
|
||||
|
||||
source = { test }: lib.evalSource ([
|
||||
(krebs-source { test = test; })
|
||||
{
|
||||
nixos-config.symlink = "stockholm/mb/1systems/${name}/configuration.nix";
|
||||
nixpkgs-unstable.git = {
|
||||
url = "https://github.com/nixos/nixpkgs-channels";
|
||||
ref = "nixos-unstable";
|
||||
};
|
||||
secrets = if test then {
|
||||
file = toString ./2configs/tests/dummy-secrets;
|
||||
} else {
|
||||
pass = {
|
||||
dir = "${lib.getEnv "HOME"}/.password-store";
|
||||
name = "hosts/${name}";
|
||||
};
|
||||
};
|
||||
}
|
||||
] ++ (lib.optional (! test) host-source));
|
||||
|
||||
in {
|
||||
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
||||
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" {
|
||||
source = source { test = false; };
|
||||
inherit target;
|
||||
};
|
||||
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A populate)
|
||||
populate = { target, force ? false }: pkgs.populate {
|
||||
inherit force;
|
||||
source = source { test = false; };
|
||||
target = lib.mkTarget target;
|
||||
};
|
||||
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
||||
test = { target }: pkgs.krops.writeTest "${name}-test" {
|
||||
force = true;
|
||||
inherit target;
|
||||
source = source { test = true; };
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user