Merge remote-tracking branch 'ni/master'

This commit is contained in:
lassulus 2022-12-12 16:45:39 +01:00
commit 1775e86752
119 changed files with 531 additions and 366 deletions

View File

@ -82,6 +82,8 @@ in
"makanek.r"
"makanek.kmein.r"
"grafana.kmein.r"
"alertmanager.kmein.r"
"prometheus.kmein.r"
"names.kmein.r"
"graph.r"
"rrm.r"

View File

@ -165,12 +165,20 @@ in {
ponte = {
cores = 1;
owner = config.krebs.users.krebs;
extraZones = {
"krebsco.de" = /* bindzone */ ''
krebsco.de. 60 IN A ${config.krebs.hosts.ponte.nets.internet.ip4.addr}
'';
};
nets = rec {
internet = {
ip4 = {
ip4 = rec {
addr = "141.147.36.79";
prefix = "0.0.0.0/0";
prefix = "${addr}/32";
};
aliases = [
"ponte.i"
];
};
retiolum = {
via = internet;

View File

@ -198,6 +198,7 @@ in {
aliases = [
"ni.r"
"cgit.ni.r"
"krebs.ni.r"
"search.ni.r"
];
tinc.pubkey = ''
@ -319,7 +320,6 @@ in {
aliases = [
"xu.r"
"cgit.xu.r"
"krebs.xu.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
@ -369,7 +369,7 @@ in {
"http://cgit.krebsco.de" = {
desc = "Git repositories";
};
"http://krebs.xu.r" = {
"http://krebs.ni.r" = {
desc = "krebs-pages mirror";
};
};

View File

@ -22,6 +22,7 @@
krebs.build.host = config.krebs.hosts.hotdog;
krebs.github-hosts-sync.enable = true;
krebs.pages.enable = true;
boot.isContainer = true;
networking.useDHCP = false;

View File

@ -7,5 +7,31 @@
<stockholm/krebs/2configs/matterbridge.nix>
];
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.logRefusedConnections = false;
networking.firewall.logRefusedUnicastsOnly = false;
# Move Internet-facing SSH port to reduce logspam.
networking.firewall.extraCommands = let
host = config.krebs.build.host;
in /* sh */ ''
iptables -t nat -A OUTPUT -o lo -p tcp --dport 11423 -j REDIRECT --to-ports 22
iptables -t nat -A PREROUTING -p tcp --dport 11423 -j REDIRECT --to-ports 22
iptables -t nat -A PREROUTING -d ${host.nets.retiolum.ip4.addr} -p tcp --dport 22 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 0
ip6tables -t nat -A OUTPUT -o lo -p tcp --dport 11423 -j REDIRECT --to-ports 22
ip6tables -t nat -A PREROUTING -p tcp --dport 11423 -j REDIRECT --to-ports 22
ip6tables -t nat -A PREROUTING -d ${host.nets.retiolum.ip6.addr} -p tcp --dport 22 -j ACCEPT
ip6tables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 0
'';
krebs.build.host = config.krebs.hosts.ponte;
krebs.pages.enable = true;
krebs.pages.nginx.addSSL = true;
krebs.pages.nginx.enableACME = true;
security.acme.acceptTerms = true;
security.acme.certs.${config.krebs.pages.domain}.email = "spam@krebsco.de";
}

View File

@ -34,6 +34,7 @@ let
./iptables.nix
./kapacitor.nix
./konsens.nix
./krebs-pages.nix
./monit.nix
./nixpkgs.nix
./on-failure.nix
@ -83,10 +84,6 @@ let
@ IN SOA dns19.ovh.net. tech.ovh.net. (2015052000 86400 3600 3600000 86400)
IN NS ns19.ovh.net.
IN NS dns19.ovh.net.
IN A 185.199.108.153
IN A 185.199.109.153
IN A 185.199.110.153
IN A 185.199.111.153
'';
};
};

View File

@ -0,0 +1,44 @@
{ config, modulesPath, pkgs, ... }: let
cfg = config.krebs.pages;
lib = import ../../lib;
extraTypes.nginx-vhost = lib.types.submodule (
lib.recursiveUpdate
(import (modulesPath + "/services/web-servers/nginx/vhost-options.nix")
{ inherit config lib; })
{}
);
in {
options.krebs.pages = {
enable = lib.mkEnableOption "krebs-pages";
domain = lib.mkOption {
type = lib.types.hostname;
default = "krebsco.de";
};
nginx = lib.mkOption {
type = extraTypes.nginx-vhost;
default = {};
example = lib.literalExpression /* nix */ ''
{
# To enable encryption and let let's encrypt take care of certificate
enableACME = true;
forceSSL = true;
}
'';
description = lib.mkDoc ''
With this option, you can customize the nginx virtualHost settings.
'';
};
package = lib.mkOption {
type = lib.types.package;
default = pkgs.krebs-pages;
};
};
config = lib.mkIf cfg.enable {
services.nginx = {
enable = lib.mkDefault true;
virtualHosts.${cfg.domain} = lib.mkMerge [ cfg.nginx {
root = lib.mkForce cfg.package;
}];
};
};
}

View File

@ -24,19 +24,10 @@
}
</script>
<body>
<p>
<a href="http://krebscode.github.io/minikrebs/linuxtag">
Linuxtag Heckenkrebs Presentation
</a>
</p>
<p>
<a href="http://krebscode.github.io/writeups">
CTF Writeups
</a>
</p>
<p>
<a href="thesauron.html">
Thesauron
</a>
</p>
<p><a href='https://cgit.krebsco.de/krops/about/'>krops</a></p>
<p><a href='https://github.com/krebs/cholerab/blob/master/thesauron.adoc'>Thesauron</a></p>
<p><a href='https://nixos.wiki/'>Project: The new NixOS wiki</a></p>
<p><a target="_blank" href="https://www.amazon.de/?&_encoding=UTF8&tag=krebscode06-21&linkCode=ur2&linkId=d4430b368b8aceeca92101cd4a4cdd1d&camp=1638&creative=6742">Go through this amazon affiliate link and generate krebsgold</a><img src="//ir-de.amazon-adsystem.com/e/ir?t=krebscode06-21&l=ur2&o=3" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
<p> <a href="https://s.click.aliexpress.com/e/_A5luNt" target="_parent">Go through this aliexpress affiliate link and generate krebsgold</a></p>
</body>

View File

@ -1,133 +0,0 @@
<p>Cholerab n.
[de]
- Kunstwort aus Kollaboration und Cholera. Beschreibt den Zustand, dass
Zusammenarbeit niemals gut, einfach und ohne Schmerzen funktioniert.
- Teamwork-Plattform für Krebscode.</p>
<p>eigentlich adv.
[de]
- Hinweis darauf, dass der Inhalt eines Satzes eine Soll-Realität beschreibt,
die nicht der Fall ist.
Antonym: tatsaechlich</p>
<p>ghost n.
[de]
- Host im Darknet welcher evtl. irgendwie noch da ist (als dd image auf anderen
Festplatten) aber wohl nie wieder kommen wird.
Siehe: Wiederbelebung</p>
<p>KD;RP abbr. (pronounciation: kah-derp)
[en]
- Short for Krebs Darknet / Retiolum Prefix.</p>
<p>krebs
[de]
- krebs ist ein soziales Experiment, eine Organisation, das zweit aelteste
Softwareprojekt im Shack und viel verteilte infrastruktur.</p>
<p>kremium
[en]
- coinage derived from the words premium and krebs
see: broken
usage: Reaktor ircbot has unfixed broken behavior since ever-&gt;&#8220;Kremium Software&#8221;</p>
<p>KRI abbr. (pronounciation: [en] cry)
[en]
- Short for Krebs Request for Implementation.
Derived from Scheme Requests for Implementation (SRFI).</p>
<p>litterate programming n.
[en]
- any code that has not been proved mathematically.</p>
<p>Nahziel n.
[de]
- Ziel mit höchst möglicher Priorität.</p>
<p>Nahzielerfahrung n.
[de]
- das Erlebnis der (endgültigen) Nichterreichung eines Nahziels (obwohl
nur noch wenig ((quasi-) infinitesimal viel) nötig gewesen wäre).</p>
<p>parentheses of fear
[en]
- unnecessary parentheses, usually used when order of precedence is unknown.
- Examples: 1 + (2 * 3)</p>
<p>Protip n.
[en]
- (Probably vague) description how a task can be solved.
- Antonym: Spoiler
- Example:
- To defeat the Cyberdaemon, shoot at it until it dies.
- RTFM</p>
<p>Punching Lemma n.
[de]
- Sozialer Druck zur Aufrechterhaltung der Ordnung in dem sozialen Geflaecht
von Krebs</p>
<p>ref, n.
[en]
- A reference like an URI, ISBN, name of a person, etc.</p>
<p>reftrace, n.
[en]
- A stacktrace-like representation of refs that lead to some (any kind of)
conclusion. Usually generated by a human. The conclusion can be either on
the top or on the bottom of the stack. If the order is ambiguous, then it
should be communicated explicitly.
- Example: (conclusion first)
- http://en.wikipedia.org/wiki/Stack_trace
- google &#8220;stacktrace&#8221; (first entry / 2014&#8211;12&#8211;05T12:13:58Z)
- think about some example [this could be omitted, as it&#8217;s obvious&#8230;]</p>
<p>Retiolum n.
[en]
- The official darknet of Krebs which utilizes the Retiolum Prefix to
address individual nodes.</p>
<p>Retiolum Prefix n.
[en]
- The universally accepted IPv6-prefix, 42::/16. Anyone can has a
/128-subnet and, if require, anything larger.</p>
<p>Retiolum Realtime Map n.
[en]
- The network map of the public visible part of Retiolum.</p>
<p>RRM [abbr.][en]
- Short for Retiolum Retiolum Map.</p>
<p>Sanatorium n.
[en]
- The Krebs Control and Command Center.
- An Retiolum-based IRC-channel where all Reaktor-enabled nodes gather
and lurk for relevant input.</p>
<p>Spoiler n.
[en]
- A subset of walkthrough, i.e. any individual steps may be omitted.
- Antonym: Protip</p>
<p>tatsaechlich, adv.
[de]
- Hinweis darauf, dass der Inhalt eines Satzes exakt der Realität entspricht.
Antonym: eigentlich</p>
<p>Verkrebsung n.
[de]
- Synonym fuer die Installation von Krebs (oder eine einzelnen Krebs
Komponente) auf einem beliebigem System.</p>
<p>Walkthrough n.
[en]
- Description of the individual steps to complete a task.
- Examples:
- program code
- small-step semantics</p>
<p>Wiederbelebung n.
[de]
- Ein ghost wird im Darknet wieder erreichbar
Siehe: ghost</p>

View File

@ -0,0 +1,11 @@
{ lib, pkgs,stdenv }:
let
src = pkgs.fetchFromGitHub {
owner = "makefu";
repo = "ukrepl";
rev = "0baa5cc4d5c3c17af704b69a800dd1f520ded8e3";
hash = "sha256:1lnhkf02f18fvf3l2fcszvs4x115lql17akabd5ph9ff9z33k8rv";
};
in
pkgs.writers.writePython3Bin "ukrepl" {} (builtins.readFile (src + "/ukrepl"))

View File

@ -95,9 +95,12 @@ let
path = dirPath + "/${relPath}";
in
nameValuePair (toPackageName name) (f path))
(filter
(name: name != "default.nix" && !hasPrefix "." name)
(attrNames (readDir dirPath))));
(attrNames
(filterAttrs isNixDirEntry (readDir dirPath))));
isNixDirEntry = name: type:
(type == "regular" && hasSuffix ".nix" name && name != "default.nix") ||
(type == "directory" && !hasPrefix "." name);
# https://tools.ietf.org/html/rfc5952
normalize-ip6-addr =
@ -191,3 +194,4 @@ let
in
lib
// { inherit lib; }

View File

@ -0,0 +1,13 @@
{
systemd.services.look-up = {
startAt = "*:30";
serviceConfig = {
ExecStart= pkgs.writeDash "look-up" ''
set -x
eval "export '$(egrep -z DBUS_SESSION_BUS_ADDRESS /proc/$(${pkgs.procps}/bin/pgrep -u ${user} ${window-manager})/environ)'"
${pkgs.libnotify}/bin/notify-send -u critical -t 9999999 'look up once in a while'
'';
User = user;
};
};
}

View File

@ -88,7 +88,7 @@ in {
duschfenster_lang_offen.name = "Duschfenster lange offen";
ist_sommer = {
name = "Es ist Sommer";
initial = true; # TODO
initial = false; # TODO
};
};

View File

@ -47,6 +47,9 @@ in {
{ service = "media_player.media_stop";
target.entity_id = all_media_player;
}
{ service = "script.turn_on";
target.entity_id = "script.alle_heizungen_aus";
}
];
}
];

View File

@ -18,6 +18,7 @@ in {
# ./multi/flurlicht.nix
./multi/kurzzeitwecker.nix
./multi/the_playlist.nix
./multi/heizung.nix
# ./multi/fliegen-couter.nix
./device_tracker/openwrt.nix
@ -192,5 +193,10 @@ in {
configDir = hassdir;
};
krebs.secret.files."hass-secrets" = {
source-path = toString <secrets> + "/hass/secrets.yaml";
path = "/var/lib/hass/secrets.yaml";
owner.name = "hass";
};
state = [ "/var/lib/hass/known_devices.yaml" ];
}

View File

@ -0,0 +1,11 @@
{
services.home-assistant.config =
{
# 18 Grad
script.alle_heizungen_aus.sequence = [{
service = "climate.set_temperature";
target.entity_id = [ "climate.wohnzimmer_heizung" ];
data.temperature = "18.0";
}];
};
}

View File

@ -4,5 +4,7 @@
{ platform = "dwd_weather_warnings";
region_name = "Stadt Stuttgart";
}
{ platform = "nina";
}
];
}

View File

@ -4,8 +4,7 @@
services.home-assistant.config.sensor =
[
{ platform = "darksky";
api_key = lib.removeSuffix "\n"
(builtins.readFile <secrets/hass/darksky.apikey>);
api_key = "!secret darksky";
language = "de";
monitored_conditions = [
"summary" "icon"
@ -21,5 +20,11 @@
units = "si" ;
scan_interval = "00:30:00";
}
{
platform = "open_meteo";
}
{
platform = "met";
}
];
}

View File

@ -12,6 +12,7 @@ let
in {
imports = [
./gui/base.nix
./gui/look-up.nix
./fetchWallpaper.nix
./zsh-user.nix
./tools/core.nix
@ -72,15 +73,4 @@ in {
location.latitude = 48.7;
location.longitude = 9.1;
systemd.services.look-up = {
startAt = "*:30";
serviceConfig = {
ExecStart= pkgs.writeDash "look-up" ''
set -x
eval "export '$(egrep -z DBUS_SESSION_BUS_ADDRESS /proc/$(${pkgs.procps}/bin/pgrep -u ${user} ${window-manager})/environ)'"
${pkgs.libnotify}/bin/notify-send -u critical -t 9999999 'look up once in a while'
'';
User = user;
};
};
}

View File

@ -2,7 +2,7 @@
with pkgs.python3Packages;
buildPythonApplication rec {
name = "airsensor-py-${version}";
version = "2017-12-05";
version = "1.0.0";
propagatedBuildInputs = [
pyusb
click
@ -11,7 +11,7 @@ buildPythonApplication rec {
src = fetchFromGitHub {
owner = "makefu";
repo = "airsensor-py";
rev = "7ac5f185dc848fca1b556e4c0396dd73f6a93995";
sha256 = "0387b025y8kb0zml7916p70hmzc3y18kqh46b9xv5qayljxymq2w";
rev = "1.0.0";
sha256 = "1jpvvl965bg3ymvr58c433jyy0smczn65fnqsskxn7basznii5g8";
};
}

@ -1 +1 @@
Subproject commit f65c77bdcc58be2081a0ffbda849289c5191b5e8
Subproject commit 0c8de150426476b5287cf2787bbd85263691a802

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
imports = [
<stockholm/tv>
<stockholm/tv/2configs/hw/x220.nix>

1
tv/1systems/alnus/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

1
tv/1systems/au/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,7 +1,5 @@
{ config, pkgs, ... }: let
lib = import ../../../lib;
in {
with import ./lib;
{ config, pkgs, ... }: {
imports = [
./disks.nix
<stockholm/tv>

1
tv/1systems/bu/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

1
tv/1systems/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
imports = [
<stockholm/tv>
<stockholm/tv/2configs/br.nix>

1
tv/1systems/mu/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
krebs.build.host = config.krebs.hosts.nomic;
imports = [

1
tv/1systems/nomic/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
imports = [
<stockholm/tv>
<stockholm/tv/2configs/retiolum.nix>

1
tv/1systems/querel/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ../lib;
{ config, pkgs, ... }: {
krebs.build.host = config.krebs.hosts.wu;
imports = [

1
tv/1systems/wu/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
krebs.build.host = config.krebs.hosts.xu;
imports = [

1
tv/1systems/xu/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
krebs.build.host = config.krebs.hosts.zu;
imports = [

View File

@ -1,6 +1,5 @@
{ config, lib, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
krebs.backup.plans = {
} // mapAttrs (_: recursiveUpdate {
snapshots = {

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
programs.bash = {
interactiveShellInit = /* sh */ ''
HISTCONTROL='erasedups:ignorespace'
@ -17,8 +14,20 @@ with import <stockholm/lib>;
case $UID in
${shell.escape (toString config.krebs.users.tv.uid)})
if test ''${SHLVL-1} = 1; then
case ''${XMONAD_SPAWN_WORKSPACE-} in
if test ''${SHLVL-1} = 1 && test -n "''${DISPLAY-}"; then
_CURRENT_DESKTOP_NAME=''${_CURRENT_DESKTOP_NAME-$(
${pkgs.xorg.xprop}/bin/xprop -notype -root \
32i _NET_CURRENT_DESKTOP \
8s _NET_DESKTOP_NAMES \
|
${pkgs.gnused}/bin/sed -r 's/.* = //;s/"//g;s/, /\a/g' |
{
read -r _NET_CURRENT_DESKTOP
IFS=$'\a' read -ra _NET_DESKTOP_NAMES
echo "''${_NET_DESKTOP_NAMES[$_NET_CURRENT_DESKTOP]}"
}
)}
case $_CURRENT_DESKTOP_NAME in
stockholm)
cd ~/stockholm
;;

1
tv/2configs/bash/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: with import <stockholm/lib>;
{ config, lib, pkgs, ... }: with import ./lib;
{
environment.etc."binary-cache.pubkey".text =
config.krebs.build.host.binary-cache.pubkey;

View File

@ -0,0 +1 @@
../lib

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
imports = [

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
boot.tmpOnTmpfs = true;
krebs.enable = true;
@ -38,7 +37,7 @@ with import <stockholm/lib>;
{
i18n.defaultLocale = mkDefault "C.UTF-8";
security.sudo.extraConfig = ''
Defaults env_keep+="SSH_CLIENT XMONAD_SPAWN_WORKSPACE"
Defaults env_keep+="SSH_CLIENT _CURRENT_DESKTOP_NAME"
Defaults mailto="${config.krebs.users.tv.mail}"
Defaults !lecture
'';

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
environment.systemPackages = [
pkgs.eximlog
];

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
environment.systemPackages = [
pkgs.eximlog
];

View File

@ -1,8 +1,5 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
environment.etc.gitconfig.text = ''
[alias]
patch = !${pkgs.git}/bin/git --no-pager diff --no-color

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let {
with import ./lib;
{ config, pkgs, ... }: let {
body = {

View File

@ -1,8 +1,5 @@
{ pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ pkgs, ... }: {
nixpkgs.config.packageOverrides = super: {
htop = pkgs.symlinkJoin {
name = "htop";

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
imports = [
../smartd.nix

1
tv/2configs/hw/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
{ pkgs, ... }: let
lib = import <stockholm/lib>;
in {
with import ./lib;
{ pkgs, ... }: {
imports = [
../smartd.nix
{

View File

@ -1,7 +1,5 @@
{ config, pkgs, ... }: let
lib = import <stockholm/lib>;
in
{
with import ./lib;
{ config, pkgs, ... }: {
imports = [
../smartd.nix
{

View File

@ -1,6 +1,5 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
services.nginx.virtualHosts."ni.r" = {
locations."/image" = {
extraConfig = /* nginx */ ''

1
tv/2configs/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,8 +1,5 @@
{ config, lib, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, ... }: {
services.nginx = {
enableReload = true;

View File

@ -1,13 +0,0 @@
{ config, pkgs, ... }:
{
services.nginx = {
virtualHosts.krebs-pages = {
serverAliases = [
"krebs.${config.krebs.build.host.name}.r"
];
extraConfig = ''
root ${pkgs.krebs-pages};
'';
};
};
}

1
tv/2configs/nginx/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,8 +1,5 @@
{ config, lib, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, ... }: {
services.nginx = {
enable = true;
virtualHosts.default = {

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
certFile = config.environment.etc."ssl/certs/ca-certificates.crt".source;

1
tv/2configs/pki/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,5 +1,5 @@
with import ./lib;
{ config, pkgs, ... }: let
lib = import <stockholm/lib>;
cfg = {
pin = "@${toString <secrets/o2.pin>}";
ttys.ppp = "/dev/ttyACM0";

View File

@ -1,7 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
with import ./lib;
{ config, pkgs, ... }: let
pkg = pkgs.pulseaudio;
runDir = "/run/pulse";

1
tv/2configs/repo-sync/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,6 +1,5 @@
{ config, pkgs, ... }: let
lib = import <stockholm/lib>;
in {
with import ./lib;
{ config, pkgs, ... }: {
krebs.repo-sync.enable = true;
krebs.repo-sync.repos.wiki.branches.hotdog = {
origin.url = "http://cgit.hotdog.r/wiki";

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
krebs.tinc.retiolum = {
enable = true;
connectTo = filter (ne config.krebs.build.host.name) [

View File

@ -1,8 +1,5 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
# Override NixOS's "Allow DSA keys for now."
environment.etc."ssh/ssh_config".text = mkForce ''
AddressFamily ${if config.networking.enableIPv6 then "any" else "inet"}

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, ... }: let
cfg.host = config.krebs.build.host;
in {

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
exec = filename: args: url: {
inherit url;

View File

@ -1,7 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let {
with import ./lib;
{ config, pkgs, ... }: let {
body = {
environment.systemPackages = [
vim-wrapper
@ -79,6 +77,7 @@ let {
set showmatch
set timeoutlen=0
set ttimeoutlen=0
set ttymouse=sgr
set undodir=${dirs.undodir}
set undofile
set undolevels=1000000

View File

@ -1,8 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, pkgs, ... }: {
environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
systemd.tmpfiles.rules = let

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: {
environment.etc."utsushi.conf".text = ''

View File

@ -1,6 +1,6 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
with import ./lib;
pkgs.writeText "Xmodmap" ''
!keycode 66 = Caps_Lock

View File

@ -1,6 +1,5 @@
{ config, pkgs, ... }@args:
with import <stockholm/lib>;
let
with import ./lib;
{ config, pkgs, ... }@args: let
cfg = {
cacheDir = cfg.dataDir;
configDir = "/var/empty";

1
tv/2configs/xserver/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
cfg.user = config.krebs.build.user;
in {

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
cfg.user = config.krebs.build.user;
in {

View File

@ -1,6 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }:
let
cfg = config.services.xserver;

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
cfg = {
enable = config.services.xserver.enable && config.tv.Xresources != {};

View File

@ -1,4 +1,4 @@
{ config, ... }: with import <stockholm/lib>; let
{ config, ... }: with import ./lib; let
cfg = config.tv.charybdis;
in toFile "charybdis.conf" ''
/* doc/example.conf - brief example configuration file

View File

@ -1,4 +1,5 @@
{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
with import ./lib;
{ config, pkgs, ... }@args: let
cfg = config.tv.charybdis;
in {
options.tv.charybdis = {

1
tv/3modules/charybdis/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, ... }: let
cfg = config.tv.dnsmasq;
in {

View File

@ -1,5 +1,5 @@
{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
with import ./lib;
{ config, pkgs, ... }: let
cfg = config.tv.ejabberd;
gen-dhparam = pkgs.writeDash "gen-dhparam" ''

1
tv/3modules/ejabberd/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{
options.tv.focus.enable = mkEnableOption "tv.focus";
}

View File

@ -1,8 +1,5 @@
{ config, ... }:
with import <stockholm/lib>;
{
with import ./lib;
{ config, ... }: {
options.tv.hosts = mkOption {
type = types.attrsOf types.host;
default =

View File

@ -1,5 +1,5 @@
with import ./lib;
let
lib = import <stockholm/lib>;
local.types.screen = lib.types.submodule {
options.width = lib.mkOption {
type = lib.types.uint;

View File

@ -1,6 +1,6 @@
with import ./lib;
{ config, pkgs, ... }: let
im = config.tv.im;
lib = import <stockholm/lib>;
in {
options = {
tv.im.client.enable = lib.mkEnableOption "tv.im.client" // {

View File

@ -1,7 +1,5 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let {
with import ./lib;
{ config, pkgs, ... }: let {
cfg = config.tv.iptables;
body = {

1
tv/3modules/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -1,4 +1,5 @@
{ config, ... }: let lib = import ../../lib; in {
with import ./lib;
{ config, ... }: {
options.org.freedesktop.machine1.host-shell.access = lib.mkOption {
default = {};
type =

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
cfg = config.tv.slock;
in {

View File

@ -1,8 +1,6 @@
with import <stockholm/lib>;
with import ./lib;
{ config, pkgs, ... }: let
cfg = config.tv.x0vncserver;
in {
options.tv.x0vncserver = {
display = mkOption {

View File

@ -1,4 +1,4 @@
with import ../../lib;
with import ./lib;
let
pushBack = x: xs:
if elem x xs then
@ -14,7 +14,6 @@ fix
(foldl' (flip extends) (_: super)
(map
(name: import (./. + "/${name}"))
(filter
(name: name != "default.nix" && !hasPrefix "." name)
(pushBack "override"
(attrNames (readDir ./.))))))
(attrNames
(filterAttrs isNixDirEntry (readDir ./.))))))

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>;
with import ./lib;
let
overrides = self: super:
mapNixDir (path: self.callPackage path {}) [

1
tv/5pkgs/haskell/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

View File

@ -118,13 +118,6 @@ spawnRootTerm =
Nothing
spawnTermAt :: String -> X ()
spawnTermAt ws = do
env <- io getEnvironment
let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env
forkFile {-pkg:rxvt_unicode-}"urxvtc" [] (Just env')
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
myKeys conf = Map.fromList $
[ ((_4 , xK_Escape ), forkFile {-pkg-}"slock" [] Nothing)
@ -133,7 +126,7 @@ myKeys conf = Map.fromList $
, ((_4 , xK_o ), forkFile {-pkg:fzmenu-}"otpmenu" [] Nothing)
, ((_4 , xK_p ), forkFile {-pkg:fzmenu-}"passmenu" [] Nothing)
, ((_4 , xK_x ), chooseAction spawnTermAt)
, ((_4 , xK_x ), forkFile {-pkg:rxvt_unicode-}"urxvtc" [] Nothing)
, ((_4C , xK_x ), spawnRootTerm)
, ((_C , xK_Menu ), toggleWS)

1
tv/5pkgs/lib Symbolic link
View File

@ -0,0 +1 @@
../lib

Some files were not shown because too many files have changed in this diff Show More