Merge remote-tracking branch 'gum/master'
This commit is contained in:
tv
commit
1ceae8b0e3
|
|
@ -73,6 +73,13 @@
|
|||
system.activationScripts."disengage fancontrol" = ''
|
||||
echo level disengaged > /proc/acpi/ibm/fan
|
||||
'';
|
||||
|
||||
# to access vorstand vm
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.ulrich.pubkey
|
||||
config.krebs.users.raute.pubkey
|
||||
];
|
||||
|
||||
users.users.joerg = {
|
||||
openssh.authorizedKeys.keys = [ config.krebs.users.Mic92.pubkey ];
|
||||
isNormalUser = true;
|
||||
|
|
|
|||
14
krebs/3modules/external/default.nix
vendored
14
krebs/3modules/external/default.nix
vendored
|
|
@ -167,6 +167,20 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
horisa = {
|
||||
cores = 2;
|
||||
owner = config.krebs.users.ulrich; # main laptop
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.226.213";
|
||||
ip6.addr = "42:0:e644:9099:4f8:b9aa:3856:4e85";
|
||||
aliases = [
|
||||
"horisa.r"
|
||||
];
|
||||
tinc.pubkey = tinc-for "horisa";
|
||||
};
|
||||
};
|
||||
};
|
||||
idontcare = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = rec {
|
||||
|
|
|
|||
8
krebs/3modules/external/tinc/horisa.pub
vendored
Normal file
8
krebs/3modules/external/tinc/horisa.pub
vendored
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA1hhBqCku98gimv0yXr6DFwE2HUemigyqX8o7IsPOW5XT/K8o+V40
|
||||
Oxk3r0+c7IYREvug/raxoullf5TMJFzTzqzX4njgsiTs25V8D7hVT4jcRKTcXmBn
|
||||
XpjtD+tIeDW1E6dIMMDbxKCyfd/qaeg83G7gPobeFYr4JNqQLXrnotlWMO9S13UT
|
||||
+EgSP2pixv/dGIqX8WRg23YumO8jZKbso/sKKFMIEOJvnh/5EcWb24+q2sDRCitP
|
||||
sWJ5j/9M1Naec/Zl27Ac2HyMWRk39F9Oo+iSbc47QvjKTEmn37P4bBg3hY9FSSFo
|
||||
M90wG/NRbw1Voz6BgGlwOAoA+Ln0rVKqDQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
|
|
@ -196,4 +196,6 @@
|
|||
|
||||
services.syncthing.user = lib.mkForce "makefu";
|
||||
services.syncthing.dataDir = lib.mkForce "/home/makefu/.config/syncthing/";
|
||||
# latest kernel (5.0) has issues with wifi card
|
||||
boot.kernelPackages = pkgs.linuxPackages;
|
||||
}
|
||||
|
|
|
|||
1
makefu/2configs/backup/ssh/wbob.pub
Normal file
1
makefu/2configs/backup/ssh/wbob.pub
Normal file
|
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOUZcfi2SXxCo1if0oU3x9qPK8/O5FmiXy2HFZyTp/P1 makefu@x
|
||||
|
|
@ -146,6 +146,7 @@ in {
|
|||
"device_tracker.ecki_tablet"
|
||||
"device_tracker.daniel_phone"
|
||||
"device_tracker.carsten_phone"
|
||||
"device_tracker.thierry_phone"
|
||||
# "person.thorsten"
|
||||
# "person.felix"
|
||||
# "person.ecki"
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ in {
|
|||
vimrcConfig.vam.pluginDictionaries = [
|
||||
{ names = [ "undotree"
|
||||
# "YouCompleteMe"
|
||||
"LanguageClient-neovim"
|
||||
"vim-better-whitespace" ]; }
|
||||
# vim-nix handles indentation better but does not perform sanity
|
||||
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
|
||||
|
|
|
|||
|
|
@ -96,14 +96,3 @@ augroup Binary
|
|||
au BufWritePost *.bin if &bin | %!xxd
|
||||
au BufWritePost *.bin set nomod | endif
|
||||
augroup END
|
||||
|
||||
let g:LanguageClient_serverCommands = {
|
||||
\ 'python': ['pyls']
|
||||
\ }
|
||||
nnoremap <F6> :call LanguageClient_contextMenu()<CR>
|
||||
nnoremap <silent> gh :call LanguageClient_textDocument_hover()<CR>
|
||||
nnoremap <silent> gd :call LanguageClient_textDocument_definition()<CR>
|
||||
nnoremap <silent> gr :call LanguageClient_textDocument_references()<CR>
|
||||
nnoremap <silent> gs :call LanguageClient_textDocument_documentSymbol()<CR>
|
||||
nnoremap <silent> <F2> :call LanguageClient_textDocument_rename()<CR>
|
||||
nnoremap <silent> gf :call LanguageClient_textDocument_formatting()<CR>
|
||||
|
|
|
|||
|
|
@ -8,7 +8,31 @@
|
|||
# / (main-root)
|
||||
# /home (main-home)
|
||||
|
||||
with import <stockholm/lib>;
|
||||
# clean the boot sector:
|
||||
# dd if=/dev/zero of=/dev/sda count=2048
|
||||
# Installation Instruction on ISO:
|
||||
# fdisk /dev/sda
|
||||
# boot 500M
|
||||
# rest rest
|
||||
# cryptsetup luksFormat /dev/sda2
|
||||
# mkfs.ext4 -L nixboot /dev/sda1
|
||||
# cryptsetup luksOpen /dev/sda2 cryptoluks
|
||||
# pvcreate /dev/mapper/cryptoluks
|
||||
# vgcreate main /dev/mapper/cryptoluks
|
||||
# lvcreate -L 200Gib main -n root
|
||||
# lvcreate -L 800Gib main -n home
|
||||
# mkfs.ext4 /dev/main/root
|
||||
# mkfs.ext4 /dev/main/home
|
||||
# mount /dev/mapper/main-root /mnt
|
||||
# mkdir -p /mnt/{boot,home,var/src} /var/src
|
||||
# mount /dev/sda1 /mnt/boot
|
||||
# mount /dev/mapper/main-home /mnt/home
|
||||
# touch /mnt/var/src/.populate
|
||||
# mount -o bind /mnt/var/src /var/src
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.03 nixpkgs && # nix-channel --update
|
||||
# nix-env -iA nixpkgs.gitMinimal
|
||||
# (on deploy-host) $(nix-build ~/stockholm/makefu/krops.nix --no-out-link --argstr name x --argstr target 10.42.22.91 -A deploy --show-trace)
|
||||
# NIXOS_CONFIG=/var/src/nixos-config nixos-install -I /var/src --no-root-passwd --no-channel-copy
|
||||
{
|
||||
|
||||
imports = [
|
||||
|
|
|
|||
|
|
@ -9,8 +9,7 @@
|
|||
# boot 500M
|
||||
# rest rest
|
||||
# cryptsetup luksFormat /dev/sda2
|
||||
#
|
||||
with import <stockholm/lib>;
|
||||
# mkfs.ext4 -L nixboot /dev/sda1
|
||||
{
|
||||
boot = {
|
||||
loader.grub.enable = true;
|
||||
|
|
|
|||
|
|
@ -25,12 +25,12 @@
|
|||
then
|
||||
[ -d .direnv ] || mkdir .direnv
|
||||
local tmp=$(nix-shell --show-trace "$@" \
|
||||
--run "\"$direnv\" dump bash")
|
||||
--run "\"$direnv\" dump zsh")
|
||||
echo "$tmp" > "$cache"
|
||||
fi
|
||||
|
||||
local path_backup=$PATH term_backup=$TERM
|
||||
direnv_load cat "$cache"
|
||||
. "$cache"
|
||||
|
||||
export PATH=$PATH:$path_backup TERM=$term_backup
|
||||
|
||||
|
|
|
|||
|
|
@ -30,4 +30,7 @@
|
|||
state = [
|
||||
"/etc/NetworkManager/system-connections" #NM stateful config files
|
||||
];
|
||||
networking.networkmanager.dispatcherScripts = [
|
||||
{ source = "${pkgs.prison-break}/bin/prison-break"; }
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
(builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.0/nixos-mailserver-v2.2.0.tar.gz")
|
||||
(builtins.fetchTarball "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz")
|
||||
];
|
||||
|
||||
mailserver = {
|
||||
|
|
@ -32,8 +32,12 @@
|
|||
};
|
||||
|
||||
services.dovecot2.extraConfig = ''
|
||||
ssl_dh = </var/lib/dhparams/dovecot.pem
|
||||
ssl_dh = </var/lib/dhparams/dovecot2.pem
|
||||
'';
|
||||
state = [ # https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/wikis/A-Complete-Backup-Guide
|
||||
config.mailserver.mailDirectory
|
||||
config.mailserver.dkimKeyDirectory
|
||||
];
|
||||
# workaround for DH creation
|
||||
# security.dhparams = {
|
||||
# enable = true;
|
||||
|
|
|
|||
|
|
@ -5,6 +5,9 @@
|
|||
host = "0.0.0.0";
|
||||
users = {};
|
||||
# TODO: secure that shit
|
||||
aclExtraConf = ''
|
||||
pattern readwrite /#
|
||||
'';
|
||||
allowAnonymous = true;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{ pkgs, ... }:{
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
nur = pkgs.callPackage (import (builtins.fetchGit {
|
||||
url = "https://github.com/nix-community/NUR";
|
||||
})) {};
|
||||
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||||
inherit pkgs;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,4 +32,5 @@ in {
|
|||
tcp 192.168.1.5
|
||||
''; #home printer SCX-3205W
|
||||
};
|
||||
state = [ "/var/lib/cups" ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
with import <stockholm/lib>;
|
||||
let
|
||||
pkg = with pkgs.python3Packages;buildPythonPackage rec {
|
||||
rev = "762d747";
|
||||
rev = "775d0c2";
|
||||
name = "arafetch-${rev}";
|
||||
propagatedBuildInputs = [
|
||||
requests
|
||||
|
|
@ -13,7 +13,7 @@ let
|
|||
src = pkgs.fetchgit {
|
||||
url = "http://cgit.euer.krebsco.de/arafetch";
|
||||
inherit rev;
|
||||
sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws";
|
||||
sha256 = "0z35avn7vmbd1661ca1zkc9i4lwcm03kpwgiqxddpkp1yxhl548p";
|
||||
};
|
||||
};
|
||||
home = "/var/lib/arafetch";
|
||||
|
|
@ -34,7 +34,7 @@ in {
|
|||
path = [ pkg pkgs.git pkgs.wget ];
|
||||
serviceConfig = {
|
||||
User = "arafetch";
|
||||
Restart = "always";
|
||||
# Restart = "always";
|
||||
WorkingDirectory = home;
|
||||
PrivateTmp = true;
|
||||
ExecStart = pkgs.writeDash "start-weekrun" ''
|
||||
|
|
|
|||
|
|
@ -4,11 +4,4 @@
|
|||
pkgs.taskwarrior
|
||||
];
|
||||
|
||||
environment.shellAliases = {
|
||||
tshack = "task project:shack";
|
||||
twork = "task project:soc";
|
||||
tpki = "task project:pki";
|
||||
tkrebs = "task project:krebs";
|
||||
t = "task project: ";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{config, ... }:
|
||||
{
|
||||
state = [ config.services.taskserver.dataDir ];
|
||||
services.taskserver.enable = true;
|
||||
services.taskserver.fqdn = config.krebs.build.host.name;
|
||||
services.taskserver.listenHost = "::";
|
||||
|
|
|
|||
|
|
@ -40,6 +40,7 @@ in {
|
|||
qcma = super.pkgs.libsForQt5.callPackage ./custom/qcma { };
|
||||
inherit (callPackage ./devpi {}) devpi-web ;
|
||||
nodemcu-uploader = super.pkgs.callPackage ./nodemcu-uploader {};
|
||||
prison-break = abort "`prison-break` moved from this namespace to `nur.repos.krebs.prison-break`";
|
||||
}
|
||||
|
||||
// (mapAttrs (_: flip callPackage {})
|
||||
|
|
|
|||
44
makefu/5pkgs/pico2wave/default.nix
Normal file
44
makefu/5pkgs/pico2wave/default.nix
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
{ stdenv, lib, fetchurl
|
||||
, popt
|
||||
, libredirect
|
||||
, dpkg
|
||||
, makeWrapper
|
||||
, autoPatchelfHook
|
||||
, ...
|
||||
}:
|
||||
# https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=svox-pico-bin
|
||||
let
|
||||
pkgrel="8";
|
||||
_arch = "amd64";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
name = "pico2wave"; # svox-pico-bin
|
||||
version = "1.0+git20130326";
|
||||
srcs = [
|
||||
(fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico0_${version}-${pkgrel}_${_arch}.deb"; sha256 = "0b8r7r8by5kamnm960bsicimnj1a40ghy3475nzy1jvwj5xgqhrj"; })
|
||||
(fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico-dev_${version}-${pkgrel}_${_arch}.deb"; sha256 = "1knjiwi117h02nbf7k6ll080vl65gxwx3rpj0fq5xkvxbqpjjbvz"; })
|
||||
(fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico-data_${version}-${pkgrel}_all.deb"; sha256 = "0k0x5jh5qzzasrg766pfmls3ksj18wwdbssysvpxkq98aqg4fgmx"; })
|
||||
(fetchurl { url = "http://mirrors.kernel.org/ubuntu/pool/multiverse/s/svox/libttspico-utils_${version}-${pkgrel}_${_arch}.deb"; sha256 = "11yk25fh4n7qz4xjg0dri68ygc3aapj1bk9cvhcwkfvm46j5lrjv"; })
|
||||
] ;
|
||||
|
||||
nativeBuildInputs = [ dpkg makeWrapper autoPatchelfHook ];
|
||||
|
||||
dontBuild = true;
|
||||
|
||||
buildInputs = [ popt ];
|
||||
|
||||
unpackPhase = lib.concatMapStringsSep ";" (src: "dpkg-deb -x ${src} .") srcs;
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r usr/. $out/
|
||||
|
||||
mv $out/lib/*-linux-gnu/* $out/lib/
|
||||
rmdir $out/lib/*-linux-gnu
|
||||
|
||||
wrapProgram "$out/bin/pico2wave" \
|
||||
--set LD_PRELOAD "${libredirect}/lib/libredirect.so" \
|
||||
--set NIX_REDIRECTS /usr/share/pico/lang=$out/share/pico/lang
|
||||
'';
|
||||
|
||||
}
|
||||
|
|
@ -3,12 +3,12 @@ with pkgs.python3.pkgs;
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "prison-break";
|
||||
version = "1.0.0";
|
||||
version = "1.2.0";
|
||||
src = fetchFromGitHub {
|
||||
owner = "makefu";
|
||||
repo = pname;
|
||||
rev = "1.0.0";
|
||||
sha256 = "0ab42z6qr42vz4fc077irn9ykrrylagx1dzlw8dqcanf49dxd961";
|
||||
rev = version;
|
||||
sha256 = "07wy6f06vj9s131c16gw1xl1jf9gq5xiqia8awfb26s99gxlv7l9";
|
||||
};
|
||||
propagatedBuildInputs = [
|
||||
docopt
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user