Merge remote-tracking branch 'ni/master'
This commit is contained in:
commit
1775e86752
@ -82,6 +82,8 @@ in
|
||||
"makanek.r"
|
||||
"makanek.kmein.r"
|
||||
"grafana.kmein.r"
|
||||
"alertmanager.kmein.r"
|
||||
"prometheus.kmein.r"
|
||||
"names.kmein.r"
|
||||
"graph.r"
|
||||
"rrm.r"
|
||||
|
@ -165,12 +165,20 @@ in {
|
||||
ponte = {
|
||||
cores = 1;
|
||||
owner = config.krebs.users.krebs;
|
||||
extraZones = {
|
||||
"krebsco.de" = /* bindzone */ ''
|
||||
krebsco.de. 60 IN A ${config.krebs.hosts.ponte.nets.internet.ip4.addr}
|
||||
'';
|
||||
};
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4 = {
|
||||
ip4 = rec {
|
||||
addr = "141.147.36.79";
|
||||
prefix = "0.0.0.0/0";
|
||||
prefix = "${addr}/32";
|
||||
};
|
||||
aliases = [
|
||||
"ponte.i"
|
||||
];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
||||
|
@ -198,6 +198,7 @@ in {
|
||||
aliases = [
|
||||
"ni.r"
|
||||
"cgit.ni.r"
|
||||
"krebs.ni.r"
|
||||
"search.ni.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -319,7 +320,6 @@ in {
|
||||
aliases = [
|
||||
"xu.r"
|
||||
"cgit.xu.r"
|
||||
"krebs.xu.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
@ -369,7 +369,7 @@ in {
|
||||
"http://cgit.krebsco.de" = {
|
||||
desc = "Git repositories";
|
||||
};
|
||||
"http://krebs.xu.r" = {
|
||||
"http://krebs.ni.r" = {
|
||||
desc = "krebs-pages mirror";
|
||||
};
|
||||
};
|
||||
|
@ -22,6 +22,7 @@
|
||||
|
||||
krebs.build.host = config.krebs.hosts.hotdog;
|
||||
krebs.github-hosts-sync.enable = true;
|
||||
krebs.pages.enable = true;
|
||||
|
||||
boot.isContainer = true;
|
||||
networking.useDHCP = false;
|
||||
|
@ -7,5 +7,31 @@
|
||||
<stockholm/krebs/2configs/matterbridge.nix>
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.logRefusedConnections = false;
|
||||
networking.firewall.logRefusedUnicastsOnly = false;
|
||||
|
||||
# Move Internet-facing SSH port to reduce logspam.
|
||||
networking.firewall.extraCommands = let
|
||||
host = config.krebs.build.host;
|
||||
in /* sh */ ''
|
||||
iptables -t nat -A OUTPUT -o lo -p tcp --dport 11423 -j REDIRECT --to-ports 22
|
||||
iptables -t nat -A PREROUTING -p tcp --dport 11423 -j REDIRECT --to-ports 22
|
||||
iptables -t nat -A PREROUTING -d ${host.nets.retiolum.ip4.addr} -p tcp --dport 22 -j ACCEPT
|
||||
iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 0
|
||||
|
||||
ip6tables -t nat -A OUTPUT -o lo -p tcp --dport 11423 -j REDIRECT --to-ports 22
|
||||
ip6tables -t nat -A PREROUTING -p tcp --dport 11423 -j REDIRECT --to-ports 22
|
||||
ip6tables -t nat -A PREROUTING -d ${host.nets.retiolum.ip6.addr} -p tcp --dport 22 -j ACCEPT
|
||||
ip6tables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 0
|
||||
'';
|
||||
|
||||
krebs.build.host = config.krebs.hosts.ponte;
|
||||
|
||||
krebs.pages.enable = true;
|
||||
krebs.pages.nginx.addSSL = true;
|
||||
krebs.pages.nginx.enableACME = true;
|
||||
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.certs.${config.krebs.pages.domain}.email = "spam@krebsco.de";
|
||||
}
|
||||
|
@ -34,6 +34,7 @@ let
|
||||
./iptables.nix
|
||||
./kapacitor.nix
|
||||
./konsens.nix
|
||||
./krebs-pages.nix
|
||||
./monit.nix
|
||||
./nixpkgs.nix
|
||||
./on-failure.nix
|
||||
@ -83,10 +84,6 @@ let
|
||||
@ IN SOA dns19.ovh.net. tech.ovh.net. (2015052000 86400 3600 3600000 86400)
|
||||
IN NS ns19.ovh.net.
|
||||
IN NS dns19.ovh.net.
|
||||
IN A 185.199.108.153
|
||||
IN A 185.199.109.153
|
||||
IN A 185.199.110.153
|
||||
IN A 185.199.111.153
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
44
krebs/3modules/krebs-pages.nix
Normal file
44
krebs/3modules/krebs-pages.nix
Normal file
@ -0,0 +1,44 @@
|
||||
{ config, modulesPath, pkgs, ... }: let
|
||||
cfg = config.krebs.pages;
|
||||
lib = import ../../lib;
|
||||
extraTypes.nginx-vhost = lib.types.submodule (
|
||||
lib.recursiveUpdate
|
||||
(import (modulesPath + "/services/web-servers/nginx/vhost-options.nix")
|
||||
{ inherit config lib; })
|
||||
{}
|
||||
);
|
||||
in {
|
||||
options.krebs.pages = {
|
||||
enable = lib.mkEnableOption "krebs-pages";
|
||||
domain = lib.mkOption {
|
||||
type = lib.types.hostname;
|
||||
default = "krebsco.de";
|
||||
};
|
||||
nginx = lib.mkOption {
|
||||
type = extraTypes.nginx-vhost;
|
||||
default = {};
|
||||
example = lib.literalExpression /* nix */ ''
|
||||
{
|
||||
# To enable encryption and let let's encrypt take care of certificate
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
}
|
||||
'';
|
||||
description = lib.mkDoc ''
|
||||
With this option, you can customize the nginx virtualHost settings.
|
||||
'';
|
||||
};
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.krebs-pages;
|
||||
};
|
||||
};
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.nginx = {
|
||||
enable = lib.mkDefault true;
|
||||
virtualHosts.${cfg.domain} = lib.mkMerge [ cfg.nginx {
|
||||
root = lib.mkForce cfg.package;
|
||||
}];
|
||||
};
|
||||
};
|
||||
}
|
@ -24,19 +24,10 @@
|
||||
}
|
||||
</script>
|
||||
<body>
|
||||
<p>
|
||||
<a href="http://krebscode.github.io/minikrebs/linuxtag">
|
||||
Linuxtag Heckenkrebs Presentation
|
||||
</a>
|
||||
</p>
|
||||
<p>
|
||||
<a href="http://krebscode.github.io/writeups">
|
||||
CTF Writeups
|
||||
</a>
|
||||
</p>
|
||||
<p>
|
||||
<a href="thesauron.html">
|
||||
Thesauron
|
||||
</a>
|
||||
</p>
|
||||
<p><a href='https://cgit.krebsco.de/krops/about/'>krops</a></p>
|
||||
<p><a href='https://github.com/krebs/cholerab/blob/master/thesauron.adoc'>Thesauron</a></p>
|
||||
<p><a href='https://nixos.wiki/'>Project: The new NixOS wiki</a></p>
|
||||
<p><a target="_blank" href="https://www.amazon.de/?&_encoding=UTF8&tag=krebscode06-21&linkCode=ur2&linkId=d4430b368b8aceeca92101cd4a4cdd1d&camp=1638&creative=6742">Go through this amazon affiliate link and generate krebsgold</a><img src="//ir-de.amazon-adsystem.com/e/ir?t=krebscode06-21&l=ur2&o=3" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>
|
||||
<p> <a href="https://s.click.aliexpress.com/e/_A5luNt" target="_parent">Go through this aliexpress affiliate link and generate krebsgold</a></p>
|
||||
|
||||
</body>
|
||||
|
@ -1,133 +0,0 @@
|
||||
<p>Cholerab n.
|
||||
[de]
|
||||
- Kunstwort aus Kollaboration und Cholera. Beschreibt den Zustand, dass
|
||||
Zusammenarbeit niemals gut, einfach und ohne Schmerzen funktioniert.
|
||||
- Teamwork-Plattform für Krebscode.</p>
|
||||
|
||||
<p>eigentlich adv.
|
||||
[de]
|
||||
- Hinweis darauf, dass der Inhalt eines Satzes eine Soll-Realität beschreibt,
|
||||
die nicht der Fall ist.
|
||||
Antonym: tatsaechlich</p>
|
||||
|
||||
<p>ghost n.
|
||||
[de]
|
||||
- Host im Darknet welcher evtl. irgendwie noch da ist (als dd image auf anderen
|
||||
Festplatten) aber wohl nie wieder kommen wird.
|
||||
Siehe: Wiederbelebung</p>
|
||||
|
||||
<p>KD;RP abbr. (pronounciation: kah-derp)
|
||||
[en]
|
||||
- Short for Krebs Darknet / Retiolum Prefix.</p>
|
||||
|
||||
<p>krebs
|
||||
[de]
|
||||
- krebs ist ein soziales Experiment, eine Organisation, das zweit aelteste
|
||||
Softwareprojekt im Shack und viel verteilte infrastruktur.</p>
|
||||
|
||||
<p>kremium
|
||||
[en]
|
||||
- coinage derived from the words premium and krebs
|
||||
see: broken
|
||||
usage: Reaktor ircbot has unfixed broken behavior since ever->“Kremium Software”</p>
|
||||
|
||||
<p>KRI abbr. (pronounciation: [en] cry)
|
||||
[en]
|
||||
- Short for Krebs Request for Implementation.
|
||||
Derived from Scheme Requests for Implementation (SRFI).</p>
|
||||
|
||||
<p>litterate programming n.
|
||||
[en]
|
||||
- any code that has not been proved mathematically.</p>
|
||||
|
||||
<p>Nahziel n.
|
||||
[de]
|
||||
- Ziel mit höchst möglicher Priorität.</p>
|
||||
|
||||
<p>Nahzielerfahrung n.
|
||||
[de]
|
||||
- das Erlebnis der (endgültigen) Nichterreichung eines Nahziels (obwohl
|
||||
nur noch wenig ((quasi-) infinitesimal viel) nötig gewesen wäre).</p>
|
||||
|
||||
<p>parentheses of fear
|
||||
[en]
|
||||
- unnecessary parentheses, usually used when order of precedence is unknown.
|
||||
- Examples: 1 + (2 * 3)</p>
|
||||
|
||||
<p>Protip n.
|
||||
[en]
|
||||
- (Probably vague) description how a task can be solved.
|
||||
- Antonym: Spoiler
|
||||
- Example:
|
||||
- To defeat the Cyberdaemon, shoot at it until it dies.
|
||||
- RTFM</p>
|
||||
|
||||
<p>Punching Lemma n.
|
||||
[de]
|
||||
- Sozialer Druck zur Aufrechterhaltung der Ordnung in dem sozialen Geflaecht
|
||||
von Krebs</p>
|
||||
|
||||
<p>ref, n.
|
||||
[en]
|
||||
- A reference like an URI, ISBN, name of a person, etc.</p>
|
||||
|
||||
<p>reftrace, n.
|
||||
[en]
|
||||
- A stacktrace-like representation of refs that lead to some (any kind of)
|
||||
conclusion. Usually generated by a human. The conclusion can be either on
|
||||
the top or on the bottom of the stack. If the order is ambiguous, then it
|
||||
should be communicated explicitly.
|
||||
- Example: (conclusion first)
|
||||
- http://en.wikipedia.org/wiki/Stack_trace
|
||||
- google “stacktrace” (first entry / 2014–12–05T12:13:58Z)
|
||||
- think about some example [this could be omitted, as it’s obvious…]</p>
|
||||
|
||||
<p>Retiolum n.
|
||||
[en]
|
||||
- The official darknet of Krebs which utilizes the Retiolum Prefix to
|
||||
address individual nodes.</p>
|
||||
|
||||
<p>Retiolum Prefix n.
|
||||
[en]
|
||||
- The universally accepted IPv6-prefix, 42::/16. Anyone can has a
|
||||
/128-subnet and, if require, anything larger.</p>
|
||||
|
||||
<p>Retiolum Realtime Map n.
|
||||
[en]
|
||||
- The network map of the public visible part of Retiolum.</p>
|
||||
|
||||
<p>RRM [abbr.][en]
|
||||
- Short for Retiolum Retiolum Map.</p>
|
||||
|
||||
<p>Sanatorium n.
|
||||
[en]
|
||||
- The Krebs Control and Command Center.
|
||||
- An Retiolum-based IRC-channel where all Reaktor-enabled nodes gather
|
||||
and lurk for relevant input.</p>
|
||||
|
||||
<p>Spoiler n.
|
||||
[en]
|
||||
- A subset of walkthrough, i.e. any individual steps may be omitted.
|
||||
- Antonym: Protip</p>
|
||||
|
||||
<p>tatsaechlich, adv.
|
||||
[de]
|
||||
- Hinweis darauf, dass der Inhalt eines Satzes exakt der Realität entspricht.
|
||||
Antonym: eigentlich</p>
|
||||
|
||||
<p>Verkrebsung n.
|
||||
[de]
|
||||
- Synonym fuer die Installation von Krebs (oder eine einzelnen Krebs
|
||||
Komponente) auf einem beliebigem System.</p>
|
||||
|
||||
<p>Walkthrough n.
|
||||
[en]
|
||||
- Description of the individual steps to complete a task.
|
||||
- Examples:
|
||||
- program code
|
||||
- small-step semantics</p>
|
||||
|
||||
<p>Wiederbelebung n.
|
||||
[de]
|
||||
- Ein ghost wird im Darknet wieder erreichbar
|
||||
Siehe: ghost</p>
|
11
krebs/5pkgs/simple/ukrepl.nix
Normal file
11
krebs/5pkgs/simple/ukrepl.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{ lib, pkgs,stdenv }:
|
||||
let
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "makefu";
|
||||
repo = "ukrepl";
|
||||
rev = "0baa5cc4d5c3c17af704b69a800dd1f520ded8e3";
|
||||
hash = "sha256:1lnhkf02f18fvf3l2fcszvs4x115lql17akabd5ph9ff9z33k8rv";
|
||||
};
|
||||
in
|
||||
pkgs.writers.writePython3Bin "ukrepl" {} (builtins.readFile (src + "/ukrepl"))
|
||||
|
@ -95,9 +95,12 @@ let
|
||||
path = dirPath + "/${relPath}";
|
||||
in
|
||||
nameValuePair (toPackageName name) (f path))
|
||||
(filter
|
||||
(name: name != "default.nix" && !hasPrefix "." name)
|
||||
(attrNames (readDir dirPath))));
|
||||
(attrNames
|
||||
(filterAttrs isNixDirEntry (readDir dirPath))));
|
||||
|
||||
isNixDirEntry = name: type:
|
||||
(type == "regular" && hasSuffix ".nix" name && name != "default.nix") ||
|
||||
(type == "directory" && !hasPrefix "." name);
|
||||
|
||||
# https://tools.ietf.org/html/rfc5952
|
||||
normalize-ip6-addr =
|
||||
@ -191,3 +194,4 @@ let
|
||||
in
|
||||
|
||||
lib
|
||||
// { inherit lib; }
|
||||
|
13
makefu/2configs/gui/look-up.nix
Normal file
13
makefu/2configs/gui/look-up.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{
|
||||
systemd.services.look-up = {
|
||||
startAt = "*:30";
|
||||
serviceConfig = {
|
||||
ExecStart= pkgs.writeDash "look-up" ''
|
||||
set -x
|
||||
eval "export '$(egrep -z DBUS_SESSION_BUS_ADDRESS /proc/$(${pkgs.procps}/bin/pgrep -u ${user} ${window-manager})/environ)'"
|
||||
${pkgs.libnotify}/bin/notify-send -u critical -t 9999999 'look up once in a while'
|
||||
'';
|
||||
User = user;
|
||||
};
|
||||
};
|
||||
}
|
@ -88,7 +88,7 @@ in {
|
||||
duschfenster_lang_offen.name = "Duschfenster lange offen";
|
||||
ist_sommer = {
|
||||
name = "Es ist Sommer";
|
||||
initial = true; # TODO
|
||||
initial = false; # TODO
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -47,6 +47,9 @@ in {
|
||||
{ service = "media_player.media_stop";
|
||||
target.entity_id = all_media_player;
|
||||
}
|
||||
{ service = "script.turn_on";
|
||||
target.entity_id = "script.alle_heizungen_aus";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
@ -18,6 +18,7 @@ in {
|
||||
# ./multi/flurlicht.nix
|
||||
./multi/kurzzeitwecker.nix
|
||||
./multi/the_playlist.nix
|
||||
./multi/heizung.nix
|
||||
# ./multi/fliegen-couter.nix
|
||||
|
||||
./device_tracker/openwrt.nix
|
||||
@ -192,5 +193,10 @@ in {
|
||||
configDir = hassdir;
|
||||
};
|
||||
|
||||
krebs.secret.files."hass-secrets" = {
|
||||
source-path = toString <secrets> + "/hass/secrets.yaml";
|
||||
path = "/var/lib/hass/secrets.yaml";
|
||||
owner.name = "hass";
|
||||
};
|
||||
state = [ "/var/lib/hass/known_devices.yaml" ];
|
||||
}
|
||||
|
11
makefu/2configs/home/ham/multi/heizung.nix
Normal file
11
makefu/2configs/home/ham/multi/heizung.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{
|
||||
services.home-assistant.config =
|
||||
{
|
||||
# 18 Grad
|
||||
script.alle_heizungen_aus.sequence = [{
|
||||
service = "climate.set_temperature";
|
||||
target.entity_id = [ "climate.wohnzimmer_heizung" ];
|
||||
data.temperature = "18.0";
|
||||
}];
|
||||
};
|
||||
}
|
@ -4,5 +4,7 @@
|
||||
{ platform = "dwd_weather_warnings";
|
||||
region_name = "Stadt Stuttgart";
|
||||
}
|
||||
{ platform = "nina";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
@ -4,8 +4,7 @@
|
||||
services.home-assistant.config.sensor =
|
||||
[
|
||||
{ platform = "darksky";
|
||||
api_key = lib.removeSuffix "\n"
|
||||
(builtins.readFile <secrets/hass/darksky.apikey>);
|
||||
api_key = "!secret darksky";
|
||||
language = "de";
|
||||
monitored_conditions = [
|
||||
"summary" "icon"
|
||||
@ -21,5 +20,11 @@
|
||||
units = "si" ;
|
||||
scan_interval = "00:30:00";
|
||||
}
|
||||
{
|
||||
platform = "open_meteo";
|
||||
}
|
||||
{
|
||||
platform = "met";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
@ -12,6 +12,7 @@ let
|
||||
in {
|
||||
imports = [
|
||||
./gui/base.nix
|
||||
./gui/look-up.nix
|
||||
./fetchWallpaper.nix
|
||||
./zsh-user.nix
|
||||
./tools/core.nix
|
||||
@ -72,15 +73,4 @@ in {
|
||||
location.latitude = 48.7;
|
||||
location.longitude = 9.1;
|
||||
|
||||
systemd.services.look-up = {
|
||||
startAt = "*:30";
|
||||
serviceConfig = {
|
||||
ExecStart= pkgs.writeDash "look-up" ''
|
||||
set -x
|
||||
eval "export '$(egrep -z DBUS_SESSION_BUS_ADDRESS /proc/$(${pkgs.procps}/bin/pgrep -u ${user} ${window-manager})/environ)'"
|
||||
${pkgs.libnotify}/bin/notify-send -u critical -t 9999999 'look up once in a while'
|
||||
'';
|
||||
User = user;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -2,7 +2,7 @@
|
||||
with pkgs.python3Packages;
|
||||
buildPythonApplication rec {
|
||||
name = "airsensor-py-${version}";
|
||||
version = "2017-12-05";
|
||||
version = "1.0.0";
|
||||
propagatedBuildInputs = [
|
||||
pyusb
|
||||
click
|
||||
@ -11,7 +11,7 @@ buildPythonApplication rec {
|
||||
src = fetchFromGitHub {
|
||||
owner = "makefu";
|
||||
repo = "airsensor-py";
|
||||
rev = "7ac5f185dc848fca1b556e4c0396dd73f6a93995";
|
||||
sha256 = "0387b025y8kb0zml7916p70hmzc3y18kqh46b9xv5qayljxymq2w";
|
||||
rev = "1.0.0";
|
||||
sha256 = "1jpvvl965bg3ymvr58c433jyy0smczn65fnqsskxn7basznii5g8";
|
||||
};
|
||||
}
|
||||
|
@ -1 +1 @@
|
||||
Subproject commit f65c77bdcc58be2081a0ffbda849289c5191b5e8
|
||||
Subproject commit 0c8de150426476b5287cf2787bbd85263691a802
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/hw/x220.nix>
|
||||
|
1
tv/1systems/alnus/lib
Symbolic link
1
tv/1systems/alnus/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
1
tv/1systems/au/lib
Symbolic link
1
tv/1systems/au/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,7 +1,5 @@
|
||||
{ config, pkgs, ... }: let
|
||||
lib = import ../../../lib;
|
||||
in {
|
||||
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
imports = [
|
||||
./disks.nix
|
||||
<stockholm/tv>
|
||||
|
1
tv/1systems/bu/lib
Symbolic link
1
tv/1systems/bu/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
1
tv/1systems/lib
Symbolic link
1
tv/1systems/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/br.nix>
|
||||
|
1
tv/1systems/mu/lib
Symbolic link
1
tv/1systems/mu/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
krebs.build.host = config.krebs.hosts.nomic;
|
||||
|
||||
imports = [
|
||||
|
1
tv/1systems/nomic/lib
Symbolic link
1
tv/1systems/nomic/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/retiolum.nix>
|
||||
|
1
tv/1systems/querel/lib
Symbolic link
1
tv/1systems/querel/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
krebs.build.host = config.krebs.hosts.wu;
|
||||
|
||||
imports = [
|
||||
|
1
tv/1systems/wu/lib
Symbolic link
1
tv/1systems/wu/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
krebs.build.host = config.krebs.hosts.xu;
|
||||
|
||||
imports = [
|
||||
|
1
tv/1systems/xu/lib
Symbolic link
1
tv/1systems/xu/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
krebs.build.host = config.krebs.hosts.zu;
|
||||
|
||||
imports = [
|
||||
|
@ -1,6 +1,5 @@
|
||||
{ config, lib, ... }:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
krebs.backup.plans = {
|
||||
} // mapAttrs (_: recursiveUpdate {
|
||||
snapshots = {
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
programs.bash = {
|
||||
interactiveShellInit = /* sh */ ''
|
||||
HISTCONTROL='erasedups:ignorespace'
|
||||
@ -17,8 +14,20 @@ with import <stockholm/lib>;
|
||||
|
||||
case $UID in
|
||||
${shell.escape (toString config.krebs.users.tv.uid)})
|
||||
if test ''${SHLVL-1} = 1; then
|
||||
case ''${XMONAD_SPAWN_WORKSPACE-} in
|
||||
if test ''${SHLVL-1} = 1 && test -n "''${DISPLAY-}"; then
|
||||
_CURRENT_DESKTOP_NAME=''${_CURRENT_DESKTOP_NAME-$(
|
||||
${pkgs.xorg.xprop}/bin/xprop -notype -root \
|
||||
32i _NET_CURRENT_DESKTOP \
|
||||
8s _NET_DESKTOP_NAMES \
|
||||
|
|
||||
${pkgs.gnused}/bin/sed -r 's/.* = //;s/"//g;s/, /\a/g' |
|
||||
{
|
||||
read -r _NET_CURRENT_DESKTOP
|
||||
IFS=$'\a' read -ra _NET_DESKTOP_NAMES
|
||||
echo "''${_NET_DESKTOP_NAMES[$_NET_CURRENT_DESKTOP]}"
|
||||
}
|
||||
)}
|
||||
case $_CURRENT_DESKTOP_NAME in
|
||||
stockholm)
|
||||
cd ~/stockholm
|
||||
;;
|
||||
|
1
tv/2configs/bash/lib
Symbolic link
1
tv/2configs/bash/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,4 +1,4 @@
|
||||
{ config, lib, pkgs, ... }: with import <stockholm/lib>;
|
||||
{ config, lib, pkgs, ... }: with import ./lib;
|
||||
{
|
||||
environment.etc."binary-cache.pubkey".text =
|
||||
config.krebs.build.host.binary-cache.pubkey;
|
||||
|
1
tv/2configs/binary-cache/lib
Symbolic link
1
tv/2configs/binary-cache/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
||||
krebs.enable = true;
|
||||
@ -38,7 +37,7 @@ with import <stockholm/lib>;
|
||||
{
|
||||
i18n.defaultLocale = mkDefault "C.UTF-8";
|
||||
security.sudo.extraConfig = ''
|
||||
Defaults env_keep+="SSH_CLIENT XMONAD_SPAWN_WORKSPACE"
|
||||
Defaults env_keep+="SSH_CLIENT _CURRENT_DESKTOP_NAME"
|
||||
Defaults mailto="${config.krebs.users.tv.mail}"
|
||||
Defaults !lecture
|
||||
'';
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
environment.systemPackages = [
|
||||
pkgs.eximlog
|
||||
];
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
environment.systemPackages = [
|
||||
pkgs.eximlog
|
||||
];
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
environment.etc.gitconfig.text = ''
|
||||
[alias]
|
||||
patch = !${pkgs.git}/bin/git --no-pager diff --no-color
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let {
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let {
|
||||
|
||||
body = {
|
||||
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ pkgs, ... }: {
|
||||
nixpkgs.config.packageOverrides = super: {
|
||||
htop = pkgs.symlinkJoin {
|
||||
name = "htop";
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
imports = [
|
||||
../smartd.nix
|
||||
|
||||
|
1
tv/2configs/hw/lib
Symbolic link
1
tv/2configs/hw/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
{ pkgs, ... }: let
|
||||
lib = import <stockholm/lib>;
|
||||
in {
|
||||
with import ./lib;
|
||||
{ pkgs, ... }: {
|
||||
imports = [
|
||||
../smartd.nix
|
||||
{
|
||||
|
@ -1,7 +1,5 @@
|
||||
{ config, pkgs, ... }: let
|
||||
lib = import <stockholm/lib>;
|
||||
in
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
imports = [
|
||||
../smartd.nix
|
||||
{
|
||||
|
@ -1,6 +1,5 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
services.nginx.virtualHosts."ni.r" = {
|
||||
locations."/image" = {
|
||||
extraConfig = /* nginx */ ''
|
||||
|
1
tv/2configs/lib
Symbolic link
1
tv/2configs/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, ... }: {
|
||||
services.nginx = {
|
||||
enableReload = true;
|
||||
|
||||
|
@ -1,13 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
services.nginx = {
|
||||
virtualHosts.krebs-pages = {
|
||||
serverAliases = [
|
||||
"krebs.${config.krebs.build.host.name}.r"
|
||||
];
|
||||
extraConfig = ''
|
||||
root ${pkgs.krebs-pages};
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
1
tv/2configs/nginx/lib
Symbolic link
1
tv/2configs/nginx/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, ... }: {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts.default = {
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
|
||||
certFile = config.environment.etc."ssl/certs/ca-certificates.crt".source;
|
||||
|
1
tv/2configs/pki/lib
Symbolic link
1
tv/2configs/pki/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,5 +1,5 @@
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
lib = import <stockholm/lib>;
|
||||
cfg = {
|
||||
pin = "@${toString <secrets/o2.pin>}";
|
||||
ttys.ppp = "/dev/ttyACM0";
|
||||
|
@ -1,7 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
pkg = pkgs.pulseaudio;
|
||||
runDir = "/run/pulse";
|
||||
|
||||
|
1
tv/2configs/repo-sync/lib
Symbolic link
1
tv/2configs/repo-sync/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,6 +1,5 @@
|
||||
{ config, pkgs, ... }: let
|
||||
lib = import <stockholm/lib>;
|
||||
in {
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
krebs.repo-sync.enable = true;
|
||||
krebs.repo-sync.repos.wiki.branches.hotdog = {
|
||||
origin.url = "http://cgit.hotdog.r/wiki";
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
krebs.tinc.retiolum = {
|
||||
enable = true;
|
||||
connectTo = filter (ne config.krebs.build.host.name) [
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
# Override NixOS's "Allow DSA keys for now."
|
||||
environment.etc."ssh/ssh_config".text = mkForce ''
|
||||
AddressFamily ${if config.networking.enableIPv6 then "any" else "inet"}
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, ... }: let
|
||||
cfg.host = config.krebs.build.host;
|
||||
in {
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
exec = filename: args: url: {
|
||||
inherit url;
|
||||
|
@ -1,7 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let {
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let {
|
||||
body = {
|
||||
environment.systemPackages = [
|
||||
vim-wrapper
|
||||
@ -79,6 +77,7 @@ let {
|
||||
set showmatch
|
||||
set timeoutlen=0
|
||||
set ttimeoutlen=0
|
||||
set ttymouse=sgr
|
||||
set undodir=${dirs.undodir}
|
||||
set undofile
|
||||
set undolevels=1000000
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
|
||||
|
||||
systemd.tmpfiles.rules = let
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
environment.etc."utsushi.conf".text = ''
|
||||
|
@ -1,6 +1,6 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
|
||||
pkgs.writeText "Xmodmap" ''
|
||||
!keycode 66 = Caps_Lock
|
||||
|
@ -1,6 +1,5 @@
|
||||
{ config, pkgs, ... }@args:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }@args: let
|
||||
cfg = {
|
||||
cacheDir = cfg.dataDir;
|
||||
configDir = "/var/empty";
|
||||
|
1
tv/2configs/xserver/lib
Symbolic link
1
tv/2configs/xserver/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
cfg.user = config.krebs.build.user;
|
||||
in {
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
cfg.user = config.krebs.build.user;
|
||||
in {
|
||||
|
@ -1,6 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.xserver;
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
cfg = {
|
||||
enable = config.services.xserver.enable && config.tv.Xresources != {};
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ config, ... }: with import <stockholm/lib>; let
|
||||
{ config, ... }: with import ./lib; let
|
||||
cfg = config.tv.charybdis;
|
||||
in toFile "charybdis.conf" ''
|
||||
/* doc/example.conf - brief example configuration file
|
||||
|
@ -1,4 +1,5 @@
|
||||
{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }@args: let
|
||||
cfg = config.tv.charybdis;
|
||||
in {
|
||||
options.tv.charybdis = {
|
||||
|
1
tv/3modules/charybdis/lib
Symbolic link
1
tv/3modules/charybdis/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, ... }: let
|
||||
cfg = config.tv.dnsmasq;
|
||||
in {
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ config, lib, pkgs, ... }@args: with import <stockholm/lib>; let
|
||||
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
cfg = config.tv.ejabberd;
|
||||
|
||||
gen-dhparam = pkgs.writeDash "gen-dhparam" ''
|
||||
|
1
tv/3modules/ejabberd/lib
Symbolic link
1
tv/3modules/ejabberd/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{
|
||||
options.tv.focus.enable = mkEnableOption "tv.focus";
|
||||
}
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
with import ./lib;
|
||||
{ config, ... }: {
|
||||
options.tv.hosts = mkOption {
|
||||
type = types.attrsOf types.host;
|
||||
default =
|
||||
|
@ -1,5 +1,5 @@
|
||||
with import ./lib;
|
||||
let
|
||||
lib = import <stockholm/lib>;
|
||||
local.types.screen = lib.types.submodule {
|
||||
options.width = lib.mkOption {
|
||||
type = lib.types.uint;
|
||||
|
@ -1,6 +1,6 @@
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
im = config.tv.im;
|
||||
lib = import <stockholm/lib>;
|
||||
in {
|
||||
options = {
|
||||
tv.im.client.enable = lib.mkEnableOption "tv.im.client" // {
|
||||
|
@ -1,7 +1,5 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let {
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let {
|
||||
cfg = config.tv.iptables;
|
||||
|
||||
body = {
|
||||
|
1
tv/3modules/lib
Symbolic link
1
tv/3modules/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -1,4 +1,5 @@
|
||||
{ config, ... }: let lib = import ../../lib; in {
|
||||
with import ./lib;
|
||||
{ config, ... }: {
|
||||
options.org.freedesktop.machine1.host-shell.access = lib.mkOption {
|
||||
default = {};
|
||||
type =
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
cfg = config.tv.slock;
|
||||
in {
|
||||
|
@ -1,8 +1,6 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
{ config, pkgs, ... }: let
|
||||
|
||||
cfg = config.tv.x0vncserver;
|
||||
|
||||
in {
|
||||
options.tv.x0vncserver = {
|
||||
display = mkOption {
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import ../../lib;
|
||||
with import ./lib;
|
||||
let
|
||||
pushBack = x: xs:
|
||||
if elem x xs then
|
||||
@ -14,7 +14,6 @@ fix
|
||||
(foldl' (flip extends) (_: super)
|
||||
(map
|
||||
(name: import (./. + "/${name}"))
|
||||
(filter
|
||||
(name: name != "default.nix" && !hasPrefix "." name)
|
||||
(pushBack "override"
|
||||
(attrNames (readDir ./.))))))
|
||||
(pushBack "override"
|
||||
(attrNames
|
||||
(filterAttrs isNixDirEntry (readDir ./.))))))
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ./lib;
|
||||
let
|
||||
overrides = self: super:
|
||||
mapNixDir (path: self.callPackage path {}) [
|
||||
|
1
tv/5pkgs/haskell/lib
Symbolic link
1
tv/5pkgs/haskell/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
@ -118,13 +118,6 @@ spawnRootTerm =
|
||||
Nothing
|
||||
|
||||
|
||||
spawnTermAt :: String -> X ()
|
||||
spawnTermAt ws = do
|
||||
env <- io getEnvironment
|
||||
let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env
|
||||
forkFile {-pkg:rxvt_unicode-}"urxvtc" [] (Just env')
|
||||
|
||||
|
||||
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
|
||||
myKeys conf = Map.fromList $
|
||||
[ ((_4 , xK_Escape ), forkFile {-pkg-}"slock" [] Nothing)
|
||||
@ -133,7 +126,7 @@ myKeys conf = Map.fromList $
|
||||
, ((_4 , xK_o ), forkFile {-pkg:fzmenu-}"otpmenu" [] Nothing)
|
||||
, ((_4 , xK_p ), forkFile {-pkg:fzmenu-}"passmenu" [] Nothing)
|
||||
|
||||
, ((_4 , xK_x ), chooseAction spawnTermAt)
|
||||
, ((_4 , xK_x ), forkFile {-pkg:rxvt_unicode-}"urxvtc" [] Nothing)
|
||||
, ((_4C , xK_x ), spawnRootTerm)
|
||||
|
||||
, ((_C , xK_Menu ), toggleWS)
|
||||
|
1
tv/5pkgs/lib
Symbolic link
1
tv/5pkgs/lib
Symbolic link
@ -0,0 +1 @@
|
||||
../lib
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user