Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
1d3a3c8104
@ -4,161 +4,161 @@
|
|||||||
krebs.newsbot-js.news-spam = {
|
krebs.newsbot-js.news-spam = {
|
||||||
urlShortenerHost = "go.lassul.us";
|
urlShortenerHost = "go.lassul.us";
|
||||||
feeds = pkgs.writeText "feeds" ''
|
feeds = pkgs.writeText "feeds" ''
|
||||||
[SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
|
_aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
|
||||||
[SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
|
_allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
|
||||||
[SPAM]antirez|http://antirez.com/rss|#snews
|
_antirez|http://antirez.com/rss|#snews
|
||||||
[SPAM]archlinux|http://www.archlinux.org/feeds/news/|#snews
|
_archlinux|http://www.archlinux.org/feeds/news/|#snews
|
||||||
[SPAM]ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews
|
_ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#snews
|
||||||
[SPAM]augustl|http://augustl.com/atom.xml|#snews
|
_augustl|http://augustl.com/atom.xml|#snews
|
||||||
[SPAM]bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews
|
_bbc|http://feeds.bbci.co.uk/news/rss.xml|#snews
|
||||||
[SPAM]bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews
|
_bdt_aktuelle_themen|http://www.bundestag.de/blueprint/servlet/service/de/14154/asFeed/index.rss|#snews
|
||||||
[SPAM]bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews
|
_bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#snews
|
||||||
[SPAM]bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews
|
_bdt_plenarproto|http://www.bundestag.de/rss_feeds/plenarprotokolle.rss|#snews
|
||||||
[SPAM]bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews
|
_bdt_pressemitteilungen|http://www.bundestag.de/blueprint/servlet/service/de/273112/asFeed/index.rss|#snews
|
||||||
[SPAM]bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews
|
_bitcoinpakistan|https://bitcoinspakistan.com/feed/|#snews
|
||||||
[SPAM]cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews
|
_cancer|http://feeds.feedburner.com/ncinewsreleases?format=xml|#snews
|
||||||
[SPAM]carta|http://feeds2.feedburner.com/carta-standard-rss|#snews
|
_carta|http://feeds2.feedburner.com/carta-standard-rss|#snews
|
||||||
[SPAM]catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews
|
_catholic_news|http://feeds.feedburner.com/catholicnewsagency/dailynews|#snews
|
||||||
[SPAM]cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews
|
_cbc_busi|http://rss.cbc.ca/lineup/business.xml|#snews
|
||||||
[SPAM]cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews
|
_cbc_offbeat|http://www.cbc.ca/cmlink/rss-offbeat|#snews
|
||||||
[SPAM]cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews
|
_cbc_pol|http://rss.cbc.ca/lineup/politics.xml|#snews
|
||||||
[SPAM]cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews
|
_cbc_tech|http://rss.cbc.ca/lineup/technology.xml|#snews
|
||||||
[SPAM]cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews
|
_cbc_top|http://rss.cbc.ca/lineup/topstories.xml|#snews
|
||||||
[SPAM]ccc|http://www.ccc.de/rss/updates.rdf|#snews
|
_ccc|http://www.ccc.de/rss/updates.rdf|#snews
|
||||||
[SPAM]chan_biz|http://boards.4chan.org/biz/index.rss|#snews
|
_chan_biz|http://boards.4chan.org/biz/index.rss|#snews
|
||||||
[SPAM]chan_g|http://boards.4chan.org/g/index.rss|#snews
|
_chan_g|http://boards.4chan.org/g/index.rss|#snews
|
||||||
[SPAM]chan_int|http://boards.4chan.org/int/index.rss|#snews
|
_chan_int|http://boards.4chan.org/int/index.rss|#snews
|
||||||
[SPAM]chan_sci|http://boards.4chan.org/sci/index.rss|#snews
|
_chan_sci|http://boards.4chan.org/sci/index.rss|#snews
|
||||||
[SPAM]chan_x|http://boards.4chan.org/x/index.rss|#snews
|
_chan_x|http://boards.4chan.org/x/index.rss|#snews
|
||||||
[SPAM]c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews
|
_c|http://www.tempolimit-lichtgeschwindigkeit.de/news.xml|#snews
|
||||||
[SPAM]cryptogon|http://www.cryptogon.com/?feed=rss2|#snews
|
_cryptogon|http://www.cryptogon.com/?feed=rss2|#snews
|
||||||
[SPAM]csm|http://rss.csmonitor.com/feeds/csm|#snews
|
_csm|http://rss.csmonitor.com/feeds/csm|#snews
|
||||||
[SPAM]csm_world|http://rss.csmonitor.com/feeds/world|#snews
|
_csm_world|http://rss.csmonitor.com/feeds/world|#snews
|
||||||
[SPAM]danisch|http://www.danisch.de/blog/feed/|#snews
|
_danisch|http://www.danisch.de/blog/feed/|#snews
|
||||||
[SPAM]dod|http://www.defense.gov/news/afps2.xml|#snews
|
_dod|http://www.defense.gov/news/afps2.xml|#snews
|
||||||
[SPAM]dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews
|
_dwn|http://deutsche-wirtschafts-nachrichten.de/feed/customfeed/|#snews
|
||||||
[SPAM]ecat|http://ecat.com/feed|#snews
|
_ecat|http://ecat.com/feed|#snews
|
||||||
[SPAM]eia_press|http://www.eia.gov/rss/press_rss.xml|#snews
|
_eia_press|http://www.eia.gov/rss/press_rss.xml|#snews
|
||||||
[SPAM]eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews
|
_eia_today|http://www.eia.gov/rss/todayinenergy.xml|#snews
|
||||||
[SPAM]embargowatch|https://embargowatch.wordpress.com/feed/|#snews
|
_embargowatch|https://embargowatch.wordpress.com/feed/|#snews
|
||||||
[SPAM]ethereum-comments|http://blog.ethereum.org/comments/feed|#snews
|
_ethereum-comments|http://blog.ethereum.org/comments/feed|#snews
|
||||||
[SPAM]ethereum|http://blog.ethereum.org/feed|#snews
|
_ethereum|http://blog.ethereum.org/feed|#snews
|
||||||
[SPAM]europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews
|
_europa_ric|http://ec.europa.eu/research/infocentre/rss/infocentre-rss.xml|#snews
|
||||||
[SPAM]eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews
|
_eu_survei|http://www.eurosurveillance.org/public/RSSFeed/RSS.aspx|#snews
|
||||||
[SPAM]exploitdb|http://www.exploit-db.com/rss.xml|#snews
|
_exploitdb|http://www.exploit-db.com/rss.xml|#snews
|
||||||
[SPAM]fars|http://www.farsnews.com/rss.php|#snews #test
|
_fars|http://www.farsnews.com/rss.php|#snews #test
|
||||||
[SPAM]faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews
|
_faz_feui|http://www.faz.net/rss/aktuell/feuilleton/|#snews
|
||||||
[SPAM]faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews
|
_faz_politik|http://www.faz.net/rss/aktuell/politik/|#snews
|
||||||
[SPAM]faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews
|
_faz_wirtschaft|http://www.faz.net/rss/aktuell/wirtschaft/|#snews
|
||||||
[SPAM]fbi|https://www.fbi.gov/news/rss.xml|#snews
|
_fbi|https://www.fbi.gov/news/rss.xml|#snews
|
||||||
[SPAM]fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews
|
_fedreserve|http://www.federalreserve.gov/feeds/press_all.xml|#snews
|
||||||
[SPAM]fefe|http://blog.fefe.de/rss.xml|#snews
|
_fefe|http://blog.fefe.de/rss.xml|#snews
|
||||||
[SPAM]forbes|http://www.forbes.com/forbes/feed2/|#snews
|
_forbes|http://www.forbes.com/forbes/feed2/|#snews
|
||||||
[SPAM]forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews
|
_forbes_realtime|http://www.forbes.com/real-time/feed2/|#snews
|
||||||
[SPAM]fox|http://feeds.foxnews.com/foxnews/latest|#snews
|
_fox|http://feeds.foxnews.com/foxnews/latest|#snews
|
||||||
[SPAM]geheimorganisation|http://geheimorganisation.org/feed/|#snews
|
_geheimorganisation|http://geheimorganisation.org/feed/|#snews
|
||||||
[SPAM]GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews
|
_GerForPol|http://www.german-foreign-policy.com/de/news/rss-2.0|#snews
|
||||||
[SPAM]gmanet|http://www.gmanetwork.com/news/rss/news|#snews
|
_gmanet|http://www.gmanetwork.com/news/rss/news|#snews
|
||||||
[SPAM]golem|http://rss.golem.de/rss.php|#snews
|
_golem|http://rss.golem.de/rss.php|#snews
|
||||||
[SPAM]google|http://news.google.com/?output=rss|#snews
|
_google|http://news.google.com/?output=rss|#snews
|
||||||
[SPAM]greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews
|
_greenpeace|http://feeds.feedburner.com/GreenpeaceNews|#snews
|
||||||
[SPAM]guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews
|
_guardian_uk|http://feeds.theguardian.com/theguardian/uk-news/rss|#snews
|
||||||
[SPAM]gulli|http://ticker.gulli.com/rss/|#snews
|
_gulli|http://ticker.gulli.com/rss/|#snews
|
||||||
[SPAM]hackernews|https://news.ycombinator.com/rss|#snews
|
_hackernews|https://news.ycombinator.com/rss|#snews
|
||||||
[SPAM]handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews
|
_handelsblatt|http://www.handelsblatt.com/contentexport/feed/schlagzeilen|#snews
|
||||||
[SPAM]heise|https://www.heise.de/newsticker/heise-atom.xml|#snews
|
_heise|https://www.heise.de/newsticker/heise-atom.xml|#snews
|
||||||
[SPAM]hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews
|
_hindu_business|http://www.thehindubusinessline.com/?service=rss|#snews
|
||||||
[SPAM]hindu|http://www.thehindu.com/?service=rss|#snews
|
_hindu|http://www.thehindu.com/?service=rss|#snews
|
||||||
[SPAM]ign|http://feeds.ign.com/ign/all|#snews
|
_ign|http://feeds.ign.com/ign/all|#snews
|
||||||
[SPAM]independent|http://www.independent.com/rss/headlines/|#snews
|
_independent|http://www.independent.com/rss/headlines/|#snews
|
||||||
[SPAM]indymedia|https://de.indymedia.org/rss.xml|#snews
|
_indymedia|https://de.indymedia.org/rss.xml|#snews
|
||||||
[SPAM]info_libera|http://www.informationliberation.com/rss.xml|#snews
|
_info_libera|http://www.informationliberation.com/rss.xml|#snews
|
||||||
[SPAM]klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews
|
_klagen-gegen-rundfuckbeitrag|http://klagen-gegen-rundfunkbeitrag.blogspot.com/feeds/posts/default|#snews
|
||||||
[SPAM]korea_herald|http://www.koreaherald.com/rss_xml.php|#snews
|
_korea_herald|http://www.koreaherald.com/rss_xml.php|#snews
|
||||||
[SPAM]linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews
|
_linuxinsider|http://www.linuxinsider.com/perl/syndication/rssfull.pl|#snews
|
||||||
[SPAM]lisp|http://planet.lisp.org/rss20.xml|#snews
|
_lisp|http://planet.lisp.org/rss20.xml|#snews
|
||||||
[SPAM]liveleak|http://www.liveleak.com/rss|#snews
|
_liveleak|http://www.liveleak.com/rss|#snews
|
||||||
[SPAM]lolmythesis|http://lolmythesis.com/rss|#snews
|
_lolmythesis|http://lolmythesis.com/rss|#snews
|
||||||
[SPAM]LtU|http://lambda-the-ultimate.org/rss.xml|#snews
|
_LtU|http://lambda-the-ultimate.org/rss.xml|#snews
|
||||||
[SPAM]lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews
|
_lukepalmer|http://lukepalmer.wordpress.com/feed/|#snews
|
||||||
[SPAM]mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews
|
_mit|http://web.mit.edu/newsoffice/rss-feeds.feed?type=rss|#snews
|
||||||
[SPAM]mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews
|
_mongrel2_master|https://github.com/zedshaw/mongrel2/commits/master.atom|#snews
|
||||||
[SPAM]nds|http://www.nachdenkseiten.de/?feed=atom|#snews
|
_nds|http://www.nachdenkseiten.de/?feed=atom|#snews
|
||||||
[SPAM]netzpolitik|https://netzpolitik.org/feed/|#snews
|
_netzpolitik|https://netzpolitik.org/feed/|#snews
|
||||||
[SPAM]newsbtc|http://newsbtc.com/feed/|#snews
|
_newsbtc|http://newsbtc.com/feed/|#snews
|
||||||
[SPAM]nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews
|
_nnewsg|http://www.net-news-global.net/rss/rssfeed.xml|#snews
|
||||||
[SPAM]npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews
|
_npr_busi|http://www.npr.org/rss/rss.php?id=1006|#snews
|
||||||
[SPAM]npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews
|
_npr_headlines|http://www.npr.org/rss/rss.php?id=1001|#snews
|
||||||
[SPAM]npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews
|
_npr_pol|http://www.npr.org/rss/rss.php?id=1012|#snews
|
||||||
[SPAM]npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews
|
_npr_world|http://www.npr.org/rss/rss.php?id=1004|#snews
|
||||||
[SPAM]nsa|https://www.nsa.gov/rss.xml|#snews #bullerei
|
_nsa|https://www.nsa.gov/rss.xml|#snews #bullerei
|
||||||
[SPAM]nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews
|
_nytimes|http://rss.nytimes.com/services/xml/rss/nyt/World.xml|#snews
|
||||||
[SPAM]painload|https://github.com/krebs/painload/commits/master.atom|#snews
|
_painload|https://github.com/krebs/painload/commits/master.atom|#snews
|
||||||
[SPAM]phys|http://phys.org/rss-feed/|#snews
|
_phys|http://phys.org/rss-feed/|#snews
|
||||||
[SPAM]piraten|https://www.piratenpartei.de/feed/|#snews
|
_piraten|https://www.piratenpartei.de/feed/|#snews
|
||||||
[SPAM]polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews
|
_polizei_berlin|http://www.berlin.de/polizei/presse-fahndung/_rss_presse.xml|#snews
|
||||||
[SPAM]presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews
|
_presse_polizei|http://www.presseportal.de/rss/polizei.rss2|#snews
|
||||||
[SPAM]presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews
|
_presseportal|http://www.presseportal.de/rss/presseportal.rss2|#snews
|
||||||
[SPAM]prisonplanet|http://prisonplanet.com/feed.rss|#snews
|
_prisonplanet|http://prisonplanet.com/feed.rss|#snews
|
||||||
[SPAM]rawstory|http://www.rawstory.com/rs/feed/|#snews
|
_rawstory|http://www.rawstory.com/rs/feed/|#snews
|
||||||
[SPAM]reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews
|
_reddit_4chan|http://www.reddit.com/r/4chan/new/.rss|#snews
|
||||||
[SPAM]reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews
|
_reddit_anticonsum|http://www.reddit.com/r/Anticonsumption/new/.rss|#snews
|
||||||
[SPAM]reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews
|
_reddit_btc|http://www.reddit.com/r/Bitcoin/new/.rss|#snews
|
||||||
[SPAM]reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews
|
_reddit_consp|http://reddit.com/r/conspiracy/.rss|#snews
|
||||||
[SPAM]reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews
|
_reddit_haskell|http://www.reddit.com/r/haskell/.rss|#snews
|
||||||
[SPAM]reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews
|
_reddit_nix|http://www.reddit.com/r/nixos/.rss|#snews
|
||||||
[SPAM]reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews
|
_reddit_prog|http://www.reddit.com/r/programming/new/.rss|#snews
|
||||||
[SPAM]reddit_sci|http://www.reddit.com/r/science/.rss|#snews
|
_reddit_sci|http://www.reddit.com/r/science/.rss|#snews
|
||||||
[SPAM]reddit_tech|http://www.reddit.com/r/technology/.rss|#snews
|
_reddit_tech|http://www.reddit.com/r/technology/.rss|#snews
|
||||||
[SPAM]reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews
|
_reddit_tpp|http://www.reddit.com/r/twitchplayspokemon/.rss|#snews
|
||||||
[SPAM]reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews
|
_reddit_world|http://www.reddit.com/r/worldnews/.rss|#snews
|
||||||
[SPAM]r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews
|
_r-ethereum|http://www.reddit.com/r/ethereum/.rss|#snews
|
||||||
[SPAM]reuters|http://feeds.reuters.com/Reuters/worldNews|#snews
|
_reuters|http://feeds.reuters.com/Reuters/worldNews|#snews
|
||||||
[SPAM]reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews
|
_reuters-odd|http://feeds.reuters.com/reuters/oddlyEnoughNews?format=xml|#snews
|
||||||
[SPAM]rt|http://rt.com/rss/news/|#snews
|
_rt|http://rt.com/rss/news/|#snews
|
||||||
[SPAM]schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews
|
_schallurauch|http://feeds.feedburner.com/SchallUndRauch|#snews
|
||||||
[SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
|
_sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
|
||||||
[SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews
|
_scmp|http://www.scmp.com/rss/91/feed|#snews
|
||||||
[SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
|
_sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
|
||||||
[SPAM]shackspace|http://shackspace.de/atom.xml|#snews
|
_shackspace|http://shackspace.de/atom.xml|#snews
|
||||||
[SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
|
_shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
|
||||||
[SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
|
_sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
|
||||||
[SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
|
_sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
|
||||||
[SPAM]sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews
|
_sky_strange|http://feeds.skynews.com/feeds/rss/strange.xml|#snews
|
||||||
[SPAM]sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews
|
_sky_tech|http://feeds.skynews.com/feeds/rss/technology.xml|#snews
|
||||||
[SPAM]sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews
|
_sky_world|http://feeds.skynews.com/feeds/rss/world.xml|#snews
|
||||||
[SPAM]slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews
|
_slashdot|http://rss.slashdot.org/Slashdot/slashdot|#snews
|
||||||
[SPAM]slate|http://feeds.slate.com/slate|#snews
|
_slate|http://feeds.slate.com/slate|#snews
|
||||||
[SPAM]spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews
|
_spiegel_eil|http://www.spiegel.de/schlagzeilen/eilmeldungen/index.rss|#snews
|
||||||
[SPAM]spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews
|
_spiegel_top|http://www.spiegel.de/schlagzeilen/tops/index.rss|#snews
|
||||||
[SPAM]standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews
|
_standardmedia_ke|http://www.standardmedia.co.ke/rss/headlines.php|#snews
|
||||||
[SPAM]stern|http://www.stern.de/feed/standard/all/|#snews
|
_stern|http://www.stern.de/feed/standard/all/|#snews
|
||||||
[SPAM]stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews
|
_stz|http://www.stuttgarter-zeitung.de/rss/topthemen.rss.feed|#snews
|
||||||
[SPAM]sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews
|
_sz_politik|http://rss.sueddeutsche.de/rss/Politik|#snews
|
||||||
[SPAM]sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews
|
_sz_wirtschaft|http://rss.sueddeutsche.de/rss/Wirtschaft|#snews
|
||||||
[SPAM]sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews
|
_sz_wissen|http://rss.sueddeutsche.de/rss/Wissen|#snews
|
||||||
[SPAM]tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews
|
_tagesschau|http://www.tagesschau.de/newsticker.rdf|#snews
|
||||||
[SPAM]taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews
|
_taz|http://taz.de/Themen-des-Tages/!p15;rss/|#snews
|
||||||
[SPAM]telegraph|http://www.telegraph.co.uk/rss.xml|#snews
|
_telegraph|http://www.telegraph.co.uk/rss.xml|#snews
|
||||||
[SPAM]telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews
|
_telepolis|http://www.heise.de/tp/rss/news-atom.xml|#snews
|
||||||
[SPAM]the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews
|
_the_insider|http://www.theinsider.org/rss/news/headlines-xml.asp|#snews
|
||||||
[SPAM]tigsource|http://www.tigsource.com/feed/|#snews
|
_tigsource|http://www.tigsource.com/feed/|#snews
|
||||||
[SPAM]tinc|http://tinc-vpn.org/news/index.rss|#snews
|
_tinc|http://tinc-vpn.org/news/index.rss|#snews
|
||||||
[SPAM]torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews
|
_torr_bits|http://feeds.feedburner.com/TorrentfreakBits|#snews
|
||||||
[SPAM]torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews
|
_torrentfreak|http://feeds.feedburner.com/Torrentfreak|#snews
|
||||||
[SPAM]torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews
|
_torr_news|http://feed.torrentfreak.com/Torrentfreak/|#snews
|
||||||
[SPAM]travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews
|
_travel_warnings|http://feeds.travel.state.gov/ca/travelwarnings-alerts|#snews
|
||||||
[SPAM]un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews
|
_un_afr|http://www.un.org/apps/news/rss/rss_africa.asp|#snews
|
||||||
[SPAM]un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews
|
_un_am|http://www.un.org/apps/news/rss/rss_americas.asp|#snews
|
||||||
[SPAM]un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews
|
_un_eu|http://www.un.org/apps/news/rss/rss_europe.asp|#snews
|
||||||
[SPAM]un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews
|
_un_me|http://www.un.org/apps/news/rss/rss_mideast.asp|#snews
|
||||||
[SPAM]un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews
|
_un_pac|http://www.un.org/apps/news/rss/rss_asiapac.asp|#snews
|
||||||
[SPAM]un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews
|
_un_top|http://www.un.org/apps/news/rss/rss_top.asp|#snews
|
||||||
[SPAM]us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews
|
_us_math_society|http://www.ams.org/cgi-bin/content/news_items.cgi?rss=1|#snews
|
||||||
[SPAM]vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews
|
_vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#snews
|
||||||
[SPAM]weechat|http://dev.weechat.org/feed/atom|#snews
|
_weechat|http://dev.weechat.org/feed/atom|#snews
|
||||||
[SPAM]xkcd|https://xkcd.com/rss.xml|#snews
|
_xkcd|https://xkcd.com/rss.xml|#snews
|
||||||
[SPAM]zdnet|http://www.zdnet.com/news/rss.xml|#snews
|
_zdnet|http://www.zdnet.com/news/rss.xml|#snews
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -8,7 +8,7 @@ let
|
|||||||
|
|
||||||
out = {
|
out = {
|
||||||
options.krebs.Reaktor = api;
|
options.krebs.Reaktor = api;
|
||||||
config = imp;
|
config = mkIf (cfg != {}) imp;
|
||||||
};
|
};
|
||||||
|
|
||||||
api = mkOption {
|
api = mkOption {
|
||||||
|
@ -143,12 +143,12 @@ let
|
|||||||
) cfg.servers;
|
) cfg.servers;
|
||||||
|
|
||||||
users.extraUsers.bepasty = {
|
users.extraUsers.bepasty = {
|
||||||
uid = genid "bepasty";
|
uid = genid_uint31 "bepasty";
|
||||||
group = "bepasty";
|
group = "bepasty";
|
||||||
home = "/var/lib/bepasty-server";
|
home = "/var/lib/bepasty-server";
|
||||||
};
|
};
|
||||||
users.extraGroups.bepasty = {
|
users.extraGroups.bepasty = {
|
||||||
gid = genid "bepasty";
|
gid = genid_uint31 "bepasty";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -109,6 +109,7 @@ let
|
|||||||
};
|
};
|
||||||
|
|
||||||
imp = lib.mkMerge [
|
imp = lib.mkMerge [
|
||||||
|
{ krebs = import ./external { inherit config; }; }
|
||||||
{ krebs = import ./jeschli { inherit config; }; }
|
{ krebs = import ./jeschli { inherit config; }; }
|
||||||
{ krebs = import ./krebs { inherit config; }; }
|
{ krebs = import ./krebs { inherit config; }; }
|
||||||
{ krebs = import ./lass { inherit config; }; }
|
{ krebs = import ./lass { inherit config; }; }
|
||||||
|
312
krebs/3modules/external/default.nix
vendored
Normal file
312
krebs/3modules/external/default.nix
vendored
Normal file
@ -0,0 +1,312 @@
|
|||||||
|
{ config, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
{
|
||||||
|
hosts = mapAttrs (_: recursiveUpdate {
|
||||||
|
ci = false;
|
||||||
|
external = true;
|
||||||
|
monitoring = false;
|
||||||
|
}) {
|
||||||
|
sokrateslaptop = {
|
||||||
|
owner = config.krebs.users.sokratess;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.142.104";
|
||||||
|
ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc";
|
||||||
|
aliases = [
|
||||||
|
"sokrateslaptop.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
|
||||||
|
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
|
||||||
|
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
|
||||||
|
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
|
||||||
|
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
|
||||||
|
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
kruck = {
|
||||||
|
owner = config.krebs.users.palo;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.201";
|
||||||
|
ip6.addr = "42:4234:6a6d:600::1";
|
||||||
|
aliases = [
|
||||||
|
"kruck.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
|
||||||
|
QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
|
||||||
|
EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
|
||||||
|
uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
|
||||||
|
/RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
|
||||||
|
9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
|
||||||
|
qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
|
||||||
|
gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
|
||||||
|
jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
|
||||||
|
fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
|
||||||
|
TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
scardanelli = {
|
||||||
|
owner = config.krebs.users.kmein;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.2.2";
|
||||||
|
ip6.addr = "42:2:5ca:da:3111::1";
|
||||||
|
aliases = [
|
||||||
|
"scardanelli.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxM93+YgGhk5PtcOrE7E/
|
||||||
|
MAOMF/c9c4Ps6m8xd4VZat3ru07yH8Yfox1yM6jwZBwIwK2AC9DK0/k3WIvZQUge
|
||||||
|
UKSTiXpE4z/0ceaesugLQ9KTjUty1e/2vQ78bOqmd7EG3aPV2QsjlgpjJ6qQxeFi
|
||||||
|
kjlHoFi9NNBLVkIyaAdlAhwvZuYFmAY/FQEmm6+XOb+Nmo+fccQlG6+NinA2GOg0
|
||||||
|
gdY/dKYxa04Ns/yu7TK3sBQIt6cg/YUk9VpyC4yIIRPMdyVcAPz3Kd2mp23fhSvx
|
||||||
|
we80prWXYtdct4vXaBZm9FUY5y4SL3c0TEScuM73VXtr2tPAxjD5W4XMWhrjnIiY
|
||||||
|
QzoyAquVS9rR4fCaoP+hw3Tjy7Att3voa/YlHEDaendxjZ3nuO0m0vcgOa+SfCNm
|
||||||
|
SqLsqb8to1y8yJ8LnR2og4MbtasxqSe1L9VLTsb4k/AGfmAdlqyG4Q1h5pCBh0GL
|
||||||
|
2F6FbYHzwrwqBvVCz4DTPygPtta5o7THpP50PgojtzNLm1yKWpfdcWeMgGQJSI0f
|
||||||
|
m3yenytM1u0jjw7KbBG79Z3etFNIYZy4Uq/dryEJnwpTFls+zZn9Q3tDEnO4a38Q
|
||||||
|
FgzV0VLQpRM/uf1powSDzoWp+/JYgB9464OKcTsSlVJpi3crxF86xFqqc39U2/u5
|
||||||
|
lM61fOMcVW1KREdWypiDtu8CAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
homeros = {
|
||||||
|
owner = config.krebs.users.kmein;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.2.1";
|
||||||
|
ip6.addr = "42:2::0:3:05::1";
|
||||||
|
aliases = [
|
||||||
|
"homeros.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoZq6BwB6rV6EfTf8PWOd
|
||||||
|
ZhEWig5VcK1FcH0qi7KgojAhGSHhWmtFlvRSoGpQrSFRN0g5eTnrrguuTiIs6djc
|
||||||
|
6Al9HMqwSD1IOkqFm8jM4aG5NqjYg3in6blOFarBEOglfnsYHiUPt6T4fERxRZ9v
|
||||||
|
RguEWrishNMSv+D4vclKwctTB/6dQNsTAfnplcyDZ9un/ql9BG2cgU9yqeYLDdXd
|
||||||
|
vRvrWX9eZKGJvTrQmAiKONlSvspr1d28FxcUrUnCsdRLvP3Cc4JZiUhSA7ixFxn3
|
||||||
|
+LgGIZiMKTnl8syrsHk5nvLi5EUER7xkVX8iBlKA4JD4XTZVyBxPB1mJnOCUShQc
|
||||||
|
QK6nVr6auvJbRn7DHHKxDflSBgYt4qaf92+5A4xEsZtgMpmIFH5t6ifGQsQwgYsm
|
||||||
|
fOexviy9gMyZrHjQDUs4smQxxYq3AJLdfOg2jQXeAbgZpCVw5l8YHk3ECoAk7Fvh
|
||||||
|
VMJVPwukErGuVn2LpCHeVyFBXNft4bem1g0gtaf2SuGFEnl7ABetQ0bRwClRSLd7
|
||||||
|
k7PGDbdcCImsWhqyuLpkNcm95DfBrXa12GETm48Wv9jV52C5tfWFmOnJ0mOnvtxX
|
||||||
|
gpizJjFzHz275TVnJHhmIr2DkiGpaIVUL4FRkTslejSJQoUTZfDAvKF2gRyk+n6N
|
||||||
|
mJ/hywVtvLxNkNimyztoKKMCAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
turingmachine = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.168";
|
||||||
|
ip6.addr = "42:4992:6a6d:600::1";
|
||||||
|
aliases = [
|
||||||
|
"turingmachine.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
|
||||||
|
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
|
||||||
|
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
|
||||||
|
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
|
||||||
|
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
|
||||||
|
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
|
||||||
|
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
|
||||||
|
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
|
||||||
|
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
|
||||||
|
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
|
||||||
|
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
eddie = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
# eddie.thalheim.io
|
||||||
|
ip4.addr = "129.215.197.11";
|
||||||
|
aliases = [ "eddie.i" ];
|
||||||
|
};
|
||||||
|
retiolum = rec {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
ip4.addr
|
||||||
|
ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.170";
|
||||||
|
ip6.addr = "42:4992:6a6d:700::1";
|
||||||
|
aliases = [ "eddie.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
|
||||||
|
j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
|
||||||
|
3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
|
||||||
|
2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
|
||||||
|
KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
|
||||||
|
iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
|
||||||
|
6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
|
||||||
|
kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
|
||||||
|
hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
|
||||||
|
pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
|
||||||
|
lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
tinc.subnets = [
|
||||||
|
# edinburgh university
|
||||||
|
"129.215.0.0/16"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
rock = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.171";
|
||||||
|
ip6.addr = "42:4992:6a6d:700::2";
|
||||||
|
aliases = [ "rock.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
|
||||||
|
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
|
||||||
|
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
|
||||||
|
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
|
||||||
|
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
|
||||||
|
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
|
||||||
|
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
|
||||||
|
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
|
||||||
|
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
|
||||||
|
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
|
||||||
|
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
inspector = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
ip4.addr = "141.76.44.154";
|
||||||
|
aliases = [ "inspector.i" ];
|
||||||
|
};
|
||||||
|
retiolum = {
|
||||||
|
via = internet;
|
||||||
|
ip4.addr = "10.243.29.172";
|
||||||
|
ip6.addr = "42:4992:6a6d:800::1";
|
||||||
|
aliases = [ "inspector.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
|
||||||
|
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
|
||||||
|
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
|
||||||
|
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
|
||||||
|
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
|
||||||
|
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
|
||||||
|
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
|
||||||
|
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
|
||||||
|
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
|
||||||
|
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
|
||||||
|
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
dpdkm = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.173";
|
||||||
|
ip6.addr = "42:4992:6a6d:900::1";
|
||||||
|
aliases = [ "dpdkm.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
||||||
|
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
||||||
|
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
||||||
|
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
||||||
|
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
||||||
|
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
||||||
|
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
||||||
|
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
||||||
|
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
||||||
|
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
||||||
|
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
eve = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
internet = {
|
||||||
|
# eve.thalheim.io
|
||||||
|
ip4.addr = "188.68.39.17";
|
||||||
|
ip6.addr = "2a03:4000:13:31e::1";
|
||||||
|
aliases = [ "eve.i" ];
|
||||||
|
};
|
||||||
|
retiolum = rec {
|
||||||
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
ip4.addr
|
||||||
|
ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.174";
|
||||||
|
ip6.addr = "42:4992:6a6d:a00::1";
|
||||||
|
aliases = [ "eve.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
|
||||||
|
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
|
||||||
|
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
|
||||||
|
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
|
||||||
|
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
|
||||||
|
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
|
||||||
|
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
|
||||||
|
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
|
||||||
|
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
|
||||||
|
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
|
||||||
|
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
users = {
|
||||||
|
Mic92 = {
|
||||||
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE";
|
||||||
|
mail = "joerg@higgsboson.tk";
|
||||||
|
};
|
||||||
|
kmein = {
|
||||||
|
};
|
||||||
|
palo = {
|
||||||
|
};
|
||||||
|
sokratess = {
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -53,7 +53,7 @@ let
|
|||||||
imp = {
|
imp = {
|
||||||
users.users.fetchWallpaper = {
|
users.users.fetchWallpaper = {
|
||||||
name = "fetchWallpaper";
|
name = "fetchWallpaper";
|
||||||
uid = genid "fetchWallpaper";
|
uid = genid_uint31 "fetchWallpaper";
|
||||||
description = "fetchWallpaper user";
|
description = "fetchWallpaper user";
|
||||||
home = cfg.stateDir;
|
home = cfg.stateDir;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
|
@ -427,7 +427,7 @@ let
|
|||||||
system.activationScripts.cgit = ''
|
system.activationScripts.cgit = ''
|
||||||
mkdir -m 0770 -p ${cfg.cgit.settings.cache-root}
|
mkdir -m 0770 -p ${cfg.cgit.settings.cache-root}
|
||||||
chmod 0770 ${cfg.cgit.settings.cache-root}
|
chmod 0770 ${cfg.cgit.settings.cache-root}
|
||||||
chown ${toString cfg.cgit.fcgiwrap.user.uid}:${toString cfg.cgit.fcgiwrap.group.gid} ${cfg.cgit.settings.cache-root}
|
chown ${toString cfg.cgit.fcgiwrap.user.name}:${toString cfg.cgit.fcgiwrap.group.name} ${cfg.cgit.settings.cache-root}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
services.nginx.virtualHosts.cgit = {
|
services.nginx.virtualHosts.cgit = {
|
||||||
|
@ -129,29 +129,10 @@ with import <stockholm/lib>;
|
|||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
|
||||||
};
|
};
|
||||||
|
|
||||||
domsen-nas = {
|
|
||||||
ci = false;
|
|
||||||
monitoring = false;
|
|
||||||
external = true;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
aliases = [
|
|
||||||
"domsen-nas.internet"
|
|
||||||
];
|
|
||||||
ip4.addr = "87.138.180.167";
|
|
||||||
ssh.port = 2223;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
uriel = {
|
uriel = {
|
||||||
monitoring = false;
|
monitoring = false;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
nets = {
|
nets = {
|
||||||
gg23 = {
|
|
||||||
ip4.addr = "10.23.1.12";
|
|
||||||
aliases = ["uriel.gg23"];
|
|
||||||
ssh.port = 45621;
|
|
||||||
};
|
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.81.176";
|
ip4.addr = "10.243.81.176";
|
||||||
ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56";
|
ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56";
|
||||||
@ -178,11 +159,6 @@ with import <stockholm/lib>;
|
|||||||
mors = {
|
mors = {
|
||||||
cores = 2;
|
cores = 2;
|
||||||
nets = {
|
nets = {
|
||||||
gg23 = {
|
|
||||||
ip4.addr = "10.23.1.11";
|
|
||||||
aliases = ["mors.gg23"];
|
|
||||||
ssh.port = 45621;
|
|
||||||
};
|
|
||||||
retiolum = {
|
retiolum = {
|
||||||
ip4.addr = "10.243.0.2";
|
ip4.addr = "10.243.0.2";
|
||||||
ip6.addr = "42:0:0:0:0:0:0:dea7";
|
ip6.addr = "42:0:0:0:0:0:0:dea7";
|
||||||
@ -351,258 +327,6 @@ with import <stockholm/lib>;
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
||||||
};
|
};
|
||||||
iso = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
cores = 1;
|
|
||||||
};
|
|
||||||
sokrateslaptop = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.142.104";
|
|
||||||
ip6.addr = "42:f8a1:044d:0f75:9d73:56d8:f432:c6cc";
|
|
||||||
aliases = [
|
|
||||||
"sokrateslaptop.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEA0EMbBv5NCSns4V/VR/NJHhwe2qNLUYjWWtCDY4zDuoiJdm3JNZJ2
|
|
||||||
t0iKNxFwd6Mmg3ahAlndsH4FOjOBGBQCgBG25VRnQgli1sypI/gYTsSgIWHVIRoZ
|
|
||||||
rgrng0K3oyJ6FuTP+nH1rd7UAYkrOQolXQBY+LqAbxOVjiJl+DpbAXIxCIs5TBeW
|
|
||||||
egtBiXZ1S53Lv5EGFXug716XlgZLHjw7PzRLJXSlvUAIRZj0Sjq4UD9VrhazM9s5
|
|
||||||
aDuxJIdknccEEXm6NK7a51hU/o8L+T0IUpZxhaXOdi6fvO/y3TbffKb1yRTbN0/V
|
|
||||||
VBjBh18Le7h0SmAEED5tz7NOCrAjMZQtJQIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
kruck = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.201";
|
|
||||||
ip6.addr = "42:4234:6a6d:600::1";
|
|
||||||
aliases = [
|
|
||||||
"kruck.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAxcui2sirT5YY9HrSauj9nSF3AxUnfd2CCEGyzmzbi5+qw8T9jdNh
|
|
||||||
QcIG3s+eC3uEy6leL/eeR4NjVtQRt8CDmhGul95Vs3I1jx9gdvYR+HOatPgK0YQA
|
|
||||||
EFwk0jv8Z8tOc87X1qwA00Gb+25+kAzsf+8+4HQuh/szSGje3RBmBFkUyNHh8R0U
|
|
||||||
uzs8NSTRdN+edvYtzjnYcE1sq59HFBPkVcJNp5I3qYTp6m9SxGHMvsq6vRpNnjq/
|
|
||||||
/RZVBhnPDBlgxia/aVfVQKeEOHZV3svLvsJzGDrUWsJCEvF0YwW4bvohY19myTNR
|
|
||||||
9lXo/VFx86qAkY09il2OloE7iu5cA2RV+FWwLeajE9vIDA06AD7nECVgthNoZd1s
|
|
||||||
qsDfuu3WqlpyBmr6XhRkYOFFE4xVLrZ0vItGYlgR2UPp9TjHrzfsedoyJoJAbhMH
|
|
||||||
gDlFgiHlAy1fhG1sCX5883XmSjWn0eJwmZ2O9sZNBP5dxfGUXg/x8NWfQj7E1lqj
|
|
||||||
jQ59UC6yiz7bFtObKvpdn1D4tPbqBvndZzn19U/3wKo+cCBRjtLmUD7HQHC65dCs
|
|
||||||
fAiCFvUTVMM3SNDvYChm0U/KGjZZFwQ+cCLj1JNVPet2C+CJ0qI2muXOnCuv/0o5
|
|
||||||
TBZrrHMpj6Th8AiOgeMVuxzjX1FsmAThWj9Qp/jQu6O0qvnkUNaU7I8CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
turingmachine = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.168";
|
|
||||||
ip6.addr = "42:4992:6a6d:600::1";
|
|
||||||
aliases = [
|
|
||||||
"turingmachine.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAxh+5HD1oAFTvMWEra2pYrA3HF8T4EnkP917lIUiuN7xUj7sawu0C
|
|
||||||
t1/1IfIlH9dbxgFe5CD/gXvokxHdovPTGVH11L+thZgq6hg/xbYvZAl76yLxj7t9
|
|
||||||
6+Ocac08TQZYMqWKShz5jqTVE/DLz4Cdy0Qk9sMJ1++OmH8jsWgK5BkogF99Gwf8
|
|
||||||
ZiI0t3n3lCZsm3v592lveDcVIh6hjuCIvFVxc+7cOj0MKm1LxLWbCHZlUIE3he4g
|
|
||||||
nZu4XiYaE4Y2LicMs8zKehnQkkXrP1amT56SqUfbSnWR+HZc2+KjwRDI5BPeTS06
|
|
||||||
5WHwkQs0ScOn7vFZci3rElIc7vilu2eKGF1VLce9kXw9SU2RFciqavaEUXbwPnwT
|
|
||||||
1WF35Ct+qIOP0rXoObm6mrsj7hJnlBPlVpb58/kTxLHMSHPzqQRbFZ35f6tZodJ1
|
|
||||||
gRMKKEnMX8/VWm6TqLUIpFCCTZ5PH1fxaAnulHCxksK03UyfUOvExCTU4x8KS9fl
|
|
||||||
DIoLlV9PFBlAW8mTuIgRKYtHacsc31/5Tehcx0If09NuMFT9Qfl2/Q3p6QJomRFL
|
|
||||||
W5SCP9wx2ONhvZUkRbeihBiTN5/h3DepjOeNWd1DvE6K0Ag8SXMyBGtyKfer4ykW
|
|
||||||
OR0iCiRQQ5QBmNuJrBLRUyfoPqFUXBATT1SrRj8vzXO1TjTmANEMFD0CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
eddie = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
# eddie.thalheim.io
|
|
||||||
ip4.addr = "129.215.197.11";
|
|
||||||
aliases = [ "eddie.i" ];
|
|
||||||
};
|
|
||||||
retiolum = rec {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
ip4.addr
|
|
||||||
ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.170";
|
|
||||||
ip6.addr = "42:4992:6a6d:700::1";
|
|
||||||
aliases = [ "eddie.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAuRQphRlSIC/aqRTfvStPdJOJCx1ACeFIDEjRdgoxuu32qoBl7i6d
|
|
||||||
j7Voh+Msditf2a5+f0fVsNDaPnjPGfk0NkZBjmn+RZQDRXk0krpTNj2Vb6W5quTm
|
|
||||||
3yrjJMFJR9CU5khfppc47X+ir8bjn7RusWTFNEuDvUswHmRmnJHLS3Y+utOaRbCF
|
|
||||||
2hxpyxCn423gpsaBfORPEK8X90nPbuNpFDugWPnC+R45TpNmIf4qyKvfhd9OKrua
|
|
||||||
KNanGHG30xhBW/DclUwwWi8D44d94xFnIRVcG1O+Uto93WoUWZn90lI1qywSj5Aq
|
|
||||||
iWstBK4tc7VwvAj0UzPlaRYYPfFjOEkPQzj8xC6l/leJcgxkup252uo6m1njMx3t
|
|
||||||
6QWMgevjqosY22OZReZfIwb14aDWFKLTWs30J+zmWK4TjlRITdsOEKxlpODMbJAD
|
|
||||||
kfSoPwuwkWIzFhNOrFiD/NtKaRYmV8bTBCT3a9cvvObshJx13BP+IUFzBS1N1n/u
|
|
||||||
hJWYH5WFsQZn/8rHDwZGkS1zKPEaNoydjqCZNyJpJ5nhggyl6gpuD7wpXM/8tFay
|
|
||||||
pAjRP40+qRQLUWXmswV0hsZTOX1tvZs4f68y3WJ+GwCWw9HvvwmzYes5ayJrPsbJ
|
|
||||||
lyK301Jb42wGEsVWxu3Eo/PLtp8OdD+Wdh6o/ELcc0k/YCUGFMujUM8CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
tinc.subnets = [
|
|
||||||
# edinburgh university
|
|
||||||
"129.215.0.0/16"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
rock = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.171";
|
|
||||||
ip6.addr = "42:4992:6a6d:700::2";
|
|
||||||
aliases = [ "rock.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAsMJbXDhkaLZcEzCIe8G+rHyLulWIqrUAmDT4Vbtv4r0QhPBsqwjM
|
|
||||||
DuvRtX5SNHdjfZWnUZoOlmXrmIo07exPFQvyrnppm6DNx+IZ5mNMNVIFUoojRhF7
|
|
||||||
HS2jubcjTEib56XEYWKly0olrVMbsJk5THJqRQyOQuTPCFToxXVRcT5t/UK6Dzgh
|
|
||||||
mp+suJ7IcmmO80IwfZrQrQslkQ6TdOy1Vs908GacSQJyRxdRxLraU/98iMhFbAQf
|
|
||||||
Ap+qVSUU88iCi+tcoSYzKhqU2N0AhRGcsE073B3Px8CAgPK/juwTrFElKEc17X9M
|
|
||||||
Rh41DvUjrtG4ERPmbwKPtsLagmnZUlU8A5YC8wtV08RI5QBsbbOsKInareV1aLeD
|
|
||||||
91ZVCBPFTz8IM6Mc6H435eMCMC2ynFCDyRGdcue3tBQoaTGe1dbduIZkPGn+7cg4
|
|
||||||
fef1db6SQD4HCwDLv8CTFLACR/jmAapwZEgvJ3u3bpgMGzt+QNvL1cxUr3TBUWRv
|
|
||||||
3f0R+Dj8DCUWTJUE7K5LO7bL4p9Ht0yIsVH+/DucyoMQqRwCwWSr7+H2MAsWviav
|
|
||||||
ZRRfH0RqZPEzCxyLDBtkVrx+GRAUZxy1xlqmN16O/sRHiqq3bv8Jk3dwuRZlFu6q
|
|
||||||
cOFu4g9XsamHkmCuVkvTGjnC2h21MjUUr3PGHzOMtiM/18LcfX730f8CAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
inspector = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
ip4.addr = "141.76.44.154";
|
|
||||||
aliases = [ "inspector.i" ];
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
ip4.addr = "10.243.29.172";
|
|
||||||
ip6.addr = "42:4992:6a6d:800::1";
|
|
||||||
aliases = [ "inspector.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAr3l/u7qcxmFa2hUICU3oPDhB2ij2R3lKHyjSsVFVLNfl6TpOdppG
|
|
||||||
EDXOapeXL0s+PfBRHdRI3v/dibj4PG9eyKmFxsUJ2gRz4ghb1UE23aQ3pkr3x8sZ
|
|
||||||
7GR+nJYATYf+jolFF9O1x+f0Uo5xaYWkGOMH8wVVzm6+kcsZOYuTEbJAsbTRZywF
|
|
||||||
m1MdRfk54hLiDsj2rjGRZIR+ZfUKVs2MTWOLCpBAHLJK+r3HfUiR2nAgeNkJCFLw
|
|
||||||
WIir1ftDIViT3Ly6b7enaOkVZ695FNYdPWFZCE4AJI0s9wsbMClzUqCl+0mUkumd
|
|
||||||
eRXgWXkmvBsxR4GECnxUhxs6U8Wh3kbQavvemt4vcIKNhkw32+toYc1AFK/n4G03
|
|
||||||
OUJBbRqgJYx9wIvo8PEu4DTTdsPlQZnMwiaKsn+Gi4Ap6JAnG/iLN8sChoQf7Dau
|
|
||||||
ARZA3sf9CkKx5sZ+9dVrLbzGynKE18Z/ysvf1BLd/rVVOps1B/YRBxDwPj8MZJ0x
|
|
||||||
B7b0j+hRVV5palp3RRdcExuWaBrMQQGsXwLUZOFHJJaZUHF9XRdy+5XVJdNOArkG
|
|
||||||
q1+yGhosL1DLTQE/VwCxmBHyYTr3L7yZ2lSaeWdIeYvcRvouDROUjREVFrQjdqwj
|
|
||||||
7vIP1cvDxSSqA07h/xEC4YZKACBYc/PI2mqYK5dvAUG3mGrEsjHktPUCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
dpdkm = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = rec {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.29.173";
|
|
||||||
ip6.addr = "42:4992:6a6d:900::1";
|
|
||||||
aliases = [ "dpdkm.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAuW31xGBdPMSS45KmsCX81yuTcDZv1z7wSpsGQiAw7RsApG0fbBDj
|
|
||||||
NvzWZaZpTTUueG7gtt7U9Gk8DhWYR1hNt8bLXxE5QlY+gxVjU8+caRvlv10Y9XYp
|
|
||||||
qZEr1n1O5R7jS1srvutPt74uiA8I3hBoeP5TXndu8tVcehjRWXPqJj4VCy9pT2gP
|
|
||||||
X880Z30cXm0jUIu9XKhzQU2UNaxbqRzhJTvFUG04M+0a9olsUoN7PnDV6MC5Dxzn
|
|
||||||
f0ZZZDgHkcx6vsSkN/C8Tik/UCXr3tS/VX6/3+PREz6Z3bPd2QfaWdowrlFQPeYa
|
|
||||||
bELPvuqYiq7zR/jw3vVsWX2e91goAfKH5LYKNmzJCj5yYq+knB7Wil3HgBn86zvL
|
|
||||||
Joj56VsuB8fQrrUxjrDetNgtdwci+yFeXkJouQRLM0r0W24liyCuBX4B6nqbj71T
|
|
||||||
B6rAMzhBbl1yixgf31EgiCYFSusk+jiT+hye5lAhes4gBW9GAWxGNU9zE4QeAc1w
|
|
||||||
tkPH/CxRIAeuPYNwmjvYI2eQH9UQkgSBa3/Kz7/KT9scbykbs8nhDHCXwT6oAp+n
|
|
||||||
dR5aHkuBrTQOCU3Xx5ZwU5A0T83oLExIeH8jR1h2mW1JoJDdO85dAOrIBHWnjLls
|
|
||||||
mqrJusBh2gbgvNqIrDaQ9J+o1vefw1QeSvcF71JjF1CEBUmTbUAp8KMCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
eve = {
|
|
||||||
monitoring = false;
|
|
||||||
ci = false;
|
|
||||||
external = true;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
# eve.thalheim.io
|
|
||||||
ip4.addr = "188.68.39.17";
|
|
||||||
ip6.addr = "2a03:4000:13:31e::1";
|
|
||||||
aliases = [ "eve.i" ];
|
|
||||||
};
|
|
||||||
retiolum = rec {
|
|
||||||
via = internet;
|
|
||||||
addrs = [
|
|
||||||
ip4.addr
|
|
||||||
ip6.addr
|
|
||||||
];
|
|
||||||
ip4.addr = "10.243.29.174";
|
|
||||||
ip6.addr = "42:4992:6a6d:a00::1";
|
|
||||||
aliases = [ "eve.r" ];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIICCgKCAgEAw5cxGjnWCG8dcuhTddvGHzH0/VjxHA5V8qJXH2R5k8ki8dsM5FRH
|
|
||||||
XRcH/aYg+IL03cyx4wU7oJKxiOTNGbysglnbTVthfYhqeQY+NRTzR1Thb2Fo+P82
|
|
||||||
08Eovwlgb0uwCjaiH8ZoH3BKjXyMn/Ezrni7hc5zyyRb88XJLosTykO2USlrsoIk
|
|
||||||
6OCA3A34HyJH0/G6GbNYCPrB/a/r1ji7OWDlg3Ft9c3ViVOkcNV1d9FV0RULX9EI
|
|
||||||
+xRDbAs1fkK5wMkC2BpkJRHTpImPbYlwQvDrL2sp+JNAEVni84xGxWn9Wjd9WVv3
|
|
||||||
dn+iPUD7HF9bFVDsj0rbVL78c63MEgr0pVyONDBK+XxogMTOqjgicmkLRxlhaSPW
|
|
||||||
pnfZHJzJ727crBbwosORY+lTq6MNIMjEjNcJnzAEVS5uTJikLYL9Y5EfIztGp7LP
|
|
||||||
c298AtKjEYOftiyMcohTGnHhio6zteuW/i2sv4rCBxHyH5sWulaHB7X1ej0eepJi
|
|
||||||
YX6/Ff+y9vDLCuDxb6mvPGT1xpnNmt1jxAUJhiRNuAvbtvjtPwYfWjQXOf7xa2xI
|
|
||||||
61Oahtwy/szBj9mWIAymMfnvFGpeiIcww3ZGzYNyKBCjp1TkkgFRV3Y6eoq1sJ13
|
|
||||||
Pxol8FwH5+Q72bLtvg5Zva8D0Vx2U1jYSHEkRDDzaS5Z6Fus+zeZVMsCAwEAAQ==
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
xerxes = {
|
xerxes = {
|
||||||
cores = 2;
|
cores = 2;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
@ -644,47 +368,6 @@ with import <stockholm/lib>;
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
|
||||||
};
|
};
|
||||||
cabal = {
|
|
||||||
cores = 2;
|
|
||||||
nets = rec {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.1.4";
|
|
||||||
ip6.addr = "42::1:4";
|
|
||||||
aliases = [
|
|
||||||
"cabal.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIECgKCBAEAukXm8xPpC6/F+wssYqQbqt1QDwsPrF3TJ9ToLFcN1WgDlhDhjM3A
|
|
||||||
SuRDMNjRT1fvVTuXyplH5g16eokW/yLOpNnznMS3/VR372pLPEOqfuRf7wAy18jj
|
|
||||||
rZkW3EO7nyZ8KMb+SXA8Q0KIpHY50Ezh+tqGoTZDICwoK6N5dKLgAZShS55JXwwK
|
|
||||||
qRG3vyzV3mDjgVyT0FNfyL1/BN1qvJ+tQQ40lEbkcQauMunMzNbH058kAd6H2/0e
|
|
||||||
LK4JkxI9XpZHE6Pf1epXyClHW7vT7APFRp9gL9tZS/XMC18+aEMFfQrNW9jb3FIq
|
|
||||||
rU5MfJ7aubboe7dT6CRaRSWpduiKLVzY/JCoGvUziyvmR7qHsQWTEjtNuQX9joc3
|
|
||||||
6iq1o+gmLV0G8Xwq8cEcg5USlLxNsGBQPwYnTG6iTPPHqOv7BKucekE/opnVZseE
|
|
||||||
fSNCGl1+tGwa3soSMI97LkpQTZxdeqf+jWZve0RbSa2Ihyod91ldFCqi1+PZx68v
|
|
||||||
yBI0PJamlt+dBx6WQKbPngWYeD8hXo7tg0XVRVa3ZQyX+Mq6uCCb2GM8ewMUPl+A
|
|
||||||
kcY1osFt6+sdkFGdiv3FMyijAiZumPoPprXC/4SGIsMnkoI4JfSAbTpHi2QuesqR
|
|
||||||
KMeairdB7XGUYlMvWpDLKN2dbMdRc+l3kDUKT7hALjKeyWS/27WYeK/STxvZXEXi
|
|
||||||
TZGHopvOFv6wcrb6nI49vIJo5mDLFamAPN3ZjeR20wP95UP7cUUSaTYX49M4lX6U
|
|
||||||
oL5BaFrcLn2PTvS84pUxcXKAp70FgTpvGJbaWwETgDjW+H+qlGmI/BTejpL7flVs
|
|
||||||
TOtaP/uCMxhVZSFv9bzo0ih10o+4gtU8lqxfJsVxlf2K7LVZ++LQba/u+XxRY+xw
|
|
||||||
3IFBfg34tnO6zYlV8XgAiJ6IUOHUZANsuBD4iMoFSVOig6t5eIOkgXR6GEkP8FBD
|
|
||||||
rkroRMmxcu4lTCOzWIuAVOxCd4XXguoGQ4HAzpGd5ccdcb8Ev4RYEvNJY7B5tIQZ
|
|
||||||
4J0F9ECzJuSu1HvWTL+T6a36d2MDTkXU2IJ2tSHciXqiP+QMMF7p9Ux0tiAq4mtf
|
|
||||||
luA94uKWg3cSyTyEM/jF66CgO6Ts3AivNE0MRNupV6AbUdr+TjzotGn9rxi168py
|
|
||||||
w/49OVbpR9EIGC2wxx7qcSEk5chFOcgvNQMRqgIx51bbOL7JYb0f4XuA38GUqLkG
|
|
||||||
09PXmPeyqGzR9HsV2XZDprZdD3Dy4ojdexw0+YILg9bHaAxLHYs6WFZvzfaLLsf1
|
|
||||||
K2I39vvrEEOy8tHi4jvMk7oVX6RWG+DOZMeXTvyUCaBHyYkA0eDlC6NeKOHxnW/g
|
|
||||||
ZtN1W93UdklEqc5okM0/ZIke1HDRt3ZLdQIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
secure = true;
|
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsTeSAedrbp7/KmZX8Mvka702fIUy77Mvqo9HwzCbym";
|
|
||||||
};
|
|
||||||
red = {
|
red = {
|
||||||
monitoring = false;
|
monitoring = false;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
@ -716,6 +399,36 @@ with import <stockholm/lib>;
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp";
|
||||||
};
|
};
|
||||||
|
yellow = {
|
||||||
|
cores = 1;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.0.14";
|
||||||
|
ip6.addr = "42:0:0:0:0:0:0:14";
|
||||||
|
aliases = [
|
||||||
|
"yellow.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6lHmzq8+04h3zivJmIbP
|
||||||
|
MkYiW7KflcTWQrl/4jJ7DVFbrtS6BSSI0wIibW5ygtLrp2nYgWv1jhg7K9q8tWMY
|
||||||
|
b6tDv/ze02ywCwStbjytW3ymSZUJlRkK2DQ4Ld7JEyKmLQIjxXYah+2P3QeUxLfU
|
||||||
|
Uwk6vSRuTlcb94rLFOrCUDRy1cZC73ZmtdbEP2UZz3ey6beo3l/K5O4OOz+lNXgd
|
||||||
|
OXPls4CeNm6NYhSGTBomS/zZBzGqb+4sOtLSPraNQuc75ZVpT8nFa/7tLVytWCOP
|
||||||
|
vWglPTJOyQSygSoVwGU9I8pq8xF1aTE72hLGHprIJAGgQE9rmS9/3mbiGLVZpny6
|
||||||
|
C6Q9t6vkYBRb+jg3WozIXdUvPP19qTEFaeb08kAuf1xhjZhirfDQjI7K6SFaDOUp
|
||||||
|
Y/ZmCrCuaevifaXYza/lM+4qhPXmh82WD5ONOhX0Di98HBtij2lybIRUG/io4DAU
|
||||||
|
52rrNAhRvMkUTBRlGG6LPC4q6khjuYgo9uley5BbyWWbCB1A9DUfbc6KfLUuxSwg
|
||||||
|
zLybZs/SHgXw+pJSXNgFJTYGv1i/1YQdpnbTgW4QsEp05gb+gA9/6+IjSIJdJE3p
|
||||||
|
DSZGcJz3gNSR1vETk8I2sSC/N8wlYXYV7wxQvSlQsehfEPrFtXM65k3RWzAAbNIJ
|
||||||
|
Akz4E3+xLVIMqKmHaGWi0usCAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC03TCO73NQZHo7NKZiVJp2iiUbe6PQP14Kg3Bnlkqje ";
|
||||||
|
};
|
||||||
blue = {
|
blue = {
|
||||||
cores = 1;
|
cores = 1;
|
||||||
nets = {
|
nets = {
|
||||||
@ -789,9 +502,6 @@ with import <stockholm/lib>;
|
|||||||
mail = "lass@daedalus.r";
|
mail = "lass@daedalus.r";
|
||||||
pubkey = builtins.readFile ./ssh/daedalus.rsa;
|
pubkey = builtins.readFile ./ssh/daedalus.rsa;
|
||||||
};
|
};
|
||||||
fritz = {
|
|
||||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCz34435NSXgj72YAOL4cIlRq/4yInKEyL9no+gymURoW5x1nkYpP0EK331e7UyQQSOdWOogRo6d7YHcFqNlYWv5xlYcHucIhgJwC4Zda1liVA+v7tSOJz2BjmFvOT3/qlcPS69f3zdLHZooz2C33uHX1FgGRXlxiA8dpqGnSr8o76QLZjuQkuDqr8reOspjO/RHCo2Moq0Xm5q9OgN1WLAZzupqt9A5lx567mRzYsRAr23pUxVN8T/tSCgDlPe4ktEjYX9CXLKfMyh9WuBVi+AuH4GFEWBT+AMpsHeF45w+w956x56mz0F5nYOQNK87gFr+Jr+mh2AF1ot2CxzrfTb fritz@scriptkiddiT540";
|
|
||||||
};
|
|
||||||
prism-repo-sync = {
|
prism-repo-sync = {
|
||||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe";
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhpCKTnSq6VDJPB+0NiHu2ZxSKEIxHN6uPAPnbXYNCe";
|
||||||
mail = "lass@prism.r";
|
mail = "lass@prism.r";
|
||||||
@ -800,14 +510,8 @@ with import <stockholm/lib>;
|
|||||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h";
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv6N/UjFnX5vUicT9Sw0+3x4mR0760iaVWZ/JDtdV4h";
|
||||||
mail = "lass@mors.r";
|
mail = "lass@mors.r";
|
||||||
};
|
};
|
||||||
sokratess = {
|
|
||||||
};
|
|
||||||
wine-mors = {
|
wine-mors = {
|
||||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKfTIKmbe1RjX1fjAn//08363zAsI0CijWnaYyAC842";
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEKfTIKmbe1RjX1fjAn//08363zAsI0CijWnaYyAC842";
|
||||||
};
|
};
|
||||||
Mic92 = {
|
|
||||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE";
|
|
||||||
mail = "joerg@higgsboson.tk";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -77,7 +77,190 @@ let
|
|||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = "${pkgs.realwallpaper}/realwallpaper.sh";
|
ExecStart = pkgs.writeDash "generate-wallpaper" ''
|
||||||
|
set -xeuf
|
||||||
|
|
||||||
|
# usage: getimg FILENAME URL
|
||||||
|
fetch() {
|
||||||
|
echo "fetch $1"
|
||||||
|
curl -LsS -z "$1" -o "$1" "$2"
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: check_type FILENAME TYPE
|
||||||
|
check_type() {
|
||||||
|
if ! file -ib "$1" | grep -q "^$2/"; then
|
||||||
|
echo "$1 is not of type $2" >&2
|
||||||
|
rm "$1"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: image_size FILENAME
|
||||||
|
image_size() {
|
||||||
|
identify "$1" | awk '{print$3}'
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: make_mask DST SRC MASK
|
||||||
|
make_layer() {
|
||||||
|
if needs_rebuild "$@"; then
|
||||||
|
echo "make $1 (apply mask)" >&2
|
||||||
|
convert "$2" "$3" -alpha off -compose copy_opacity -composite "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: flatten DST HILAYER LOLAYER
|
||||||
|
flatten() {
|
||||||
|
if needs_rebuild "$@"; then
|
||||||
|
echo "make $1 (flatten)" >&2
|
||||||
|
composite "$2" "$3" "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: needs_rebuild DST SRC...
|
||||||
|
needs_rebuild() {
|
||||||
|
a="$1"
|
||||||
|
shift
|
||||||
|
if ! test -e "$a"; then
|
||||||
|
#echo " $a does not exist" >&2
|
||||||
|
result=0
|
||||||
|
else
|
||||||
|
result=1
|
||||||
|
for b; do
|
||||||
|
if test "$b" -nt "$a"; then
|
||||||
|
#echo " $b is newer than $a" >&2
|
||||||
|
result=0
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
#case $result in
|
||||||
|
# 0) echo "$a needs rebuild" >&2;;
|
||||||
|
#esac
|
||||||
|
return $result
|
||||||
|
}
|
||||||
|
|
||||||
|
main() {
|
||||||
|
cd ${cfg.workingDir}
|
||||||
|
|
||||||
|
# fetch source images in parallel
|
||||||
|
fetch nightmap-raw.jpg \
|
||||||
|
${cfg.nightmap} &
|
||||||
|
fetch daymap-raw.png \
|
||||||
|
${cfg.daymap} &
|
||||||
|
fetch clouds-raw.jpg \
|
||||||
|
${cfg.cloudmap} &
|
||||||
|
fetch marker.json \
|
||||||
|
${cfg.marker} &
|
||||||
|
wait
|
||||||
|
|
||||||
|
check_type nightmap-raw.jpg image
|
||||||
|
check_type daymap-raw.png image
|
||||||
|
check_type clouds-raw.jpg image
|
||||||
|
|
||||||
|
in_size=2048x1024
|
||||||
|
xplanet_out_size=1466x1200
|
||||||
|
out_geometry=1366x768+100+160
|
||||||
|
|
||||||
|
nightsnow_color='#0c1a49' # nightmap
|
||||||
|
|
||||||
|
for raw in \
|
||||||
|
nightmap-raw.jpg \
|
||||||
|
daymap-raw.png \
|
||||||
|
clouds-raw.jpg \
|
||||||
|
;
|
||||||
|
do
|
||||||
|
normal=''${raw%-raw.*}.png
|
||||||
|
if needs_rebuild $normal $raw; then
|
||||||
|
echo "make $normal; normalize $raw" >&2
|
||||||
|
convert $raw -scale $in_size $normal
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# create nightmap-fullsnow
|
||||||
|
if needs_rebuild nightmap-fullsnow.png; then
|
||||||
|
convert -size $in_size xc:$nightsnow_color nightmap-fullsnow.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
# extract daymap-snowmask from daymap-final
|
||||||
|
if needs_rebuild daymap-snowmask.png daymap.png; then
|
||||||
|
convert daymap.png -threshold 95% daymap-snowmask.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
# extract nightmap-lightmask from nightmap
|
||||||
|
if needs_rebuild nightmap-lightmask.png nightmap.png; then
|
||||||
|
convert nightmap.png -threshold 25% nightmap-lightmask.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
# create layers
|
||||||
|
make_layer nightmap-snowlayer.png nightmap-fullsnow.png daymap-snowmask.png
|
||||||
|
make_layer nightmap-lightlayer.png nightmap.png nightmap-lightmask.png
|
||||||
|
|
||||||
|
# apply layers
|
||||||
|
flatten nightmap-lightsnowlayer.png \
|
||||||
|
nightmap-lightlayer.png \
|
||||||
|
nightmap-snowlayer.png
|
||||||
|
|
||||||
|
flatten nightmap-final.png \
|
||||||
|
nightmap-lightsnowlayer.png \
|
||||||
|
nightmap.png
|
||||||
|
|
||||||
|
# create marker file from json
|
||||||
|
if [ -s marker.json ]; then
|
||||||
|
jq -r 'to_entries[] | @json "\(.value.latitude) \(.value.longitude)"' marker.json > marker_file
|
||||||
|
fi
|
||||||
|
|
||||||
|
# make all unmodified files as final
|
||||||
|
for normal in \
|
||||||
|
daymap.png \
|
||||||
|
clouds.png \
|
||||||
|
;
|
||||||
|
do
|
||||||
|
final=''${normal%.png}-final.png
|
||||||
|
needs_rebuild $final &&
|
||||||
|
ln $normal $final
|
||||||
|
done
|
||||||
|
|
||||||
|
# rebuild every time to update shadow
|
||||||
|
xplanet --num_times 1 --geometry $xplanet_out_size \
|
||||||
|
--output xplanet-output.png --projection merc \
|
||||||
|
-config ${pkgs.writeText "xplanet.config" ''
|
||||||
|
[earth]
|
||||||
|
"Earth"
|
||||||
|
map=daymap-final.png
|
||||||
|
night_map=nightmap-final.png
|
||||||
|
cloud_map=clouds-final.png
|
||||||
|
cloud_threshold=10
|
||||||
|
shade=15
|
||||||
|
''}
|
||||||
|
|
||||||
|
xplanet --num_times 1 --geometry $xplanet_out_size \
|
||||||
|
--output xplanet-krebs-output.png --projection merc \
|
||||||
|
-config ${pkgs.writeText "xplanet-krebs.config" ''
|
||||||
|
[earth]
|
||||||
|
"Earth"
|
||||||
|
map=daymap-final.png
|
||||||
|
night_map=nightmap-final.png
|
||||||
|
cloud_map=clouds-final.png
|
||||||
|
cloud_threshold=10
|
||||||
|
marker_file=marker_file
|
||||||
|
shade=15
|
||||||
|
''}
|
||||||
|
|
||||||
|
# trim xplanet output
|
||||||
|
if needs_rebuild realwallpaper.png xplanet-output.png; then
|
||||||
|
convert xplanet-output.png -crop $out_geometry \
|
||||||
|
realwallpaper-tmp.png
|
||||||
|
mv realwallpaper-tmp.png realwallpaper.png
|
||||||
|
fi
|
||||||
|
|
||||||
|
if needs_rebuild realwallpaper-krebs.png xplanet-krebs-output.png; then
|
||||||
|
convert xplanet-krebs-output.png -crop $out_geometry \
|
||||||
|
realwallpaper-krebs-tmp.png
|
||||||
|
mv realwallpaper-krebs-tmp.png realwallpaper-krebs.png
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
main "$@"
|
||||||
|
'';
|
||||||
User = "realwallpaper";
|
User = "realwallpaper";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -124,7 +124,7 @@ let
|
|||||||
};
|
};
|
||||||
|
|
||||||
users.extraUsers.tinc_graphs = {
|
users.extraUsers.tinc_graphs = {
|
||||||
uid = genid "tinc_graphs";
|
uid = genid_uint31 "tinc_graphs";
|
||||||
home = "/var/spool/tinc_graphs";
|
home = "/var/spool/tinc_graphs";
|
||||||
};
|
};
|
||||||
services.nginx = mkIf cfg.nginx.enable {
|
services.nginx = mkIf cfg.nginx.enable {
|
||||||
|
@ -1,24 +0,0 @@
|
|||||||
{ stdenv, fetchgit, xplanet, imagemagick, curl, file }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
|
||||||
name = "realwallpaper";
|
|
||||||
|
|
||||||
src = fetchgit {
|
|
||||||
url = https://github.com/Lassulus/realwallpaper;
|
|
||||||
rev = "847faebc9b7e87e4bea078e3a2304ec00b4cdfc0";
|
|
||||||
sha256 = "10zihkwj9vpshlxw2jk67zbsy8g4i8b1y4jzna9fdcsgn7s12jrr";
|
|
||||||
};
|
|
||||||
|
|
||||||
phases = [
|
|
||||||
"unpackPhase"
|
|
||||||
"installPhase"
|
|
||||||
];
|
|
||||||
|
|
||||||
buildInputs = [
|
|
||||||
];
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out
|
|
||||||
cp realwallpaper.sh $out/realwallpaper.sh
|
|
||||||
'';
|
|
||||||
}
|
|
@ -6,26 +6,10 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass>
|
<stockholm/lass>
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/libvirt.nix>
|
<stockholm/lass/2configs/libvirt.nix>
|
||||||
{
|
|
||||||
services.nginx.enable = true;
|
|
||||||
imports = [
|
|
||||||
<stockholm/lass/2configs/websites/domsen.nix>
|
|
||||||
<stockholm/lass/2configs/websites/lassulus.nix>
|
|
||||||
];
|
|
||||||
# needed by domsen.nix ^^
|
|
||||||
lass.usershadow = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport http"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p tcp --dport https"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{ # TODO make new hfos.nix out of this vv
|
{ # TODO make new hfos.nix out of this vv
|
||||||
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||||||
users.users.riot = {
|
users.users.riot = {
|
||||||
uid = genid "riot";
|
uid = genid_uint31 "riot";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "libvirtd" ];
|
extraGroups = [ "libvirtd" ];
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
@ -42,153 +26,7 @@ with import <stockholm/lib>;
|
|||||||
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; }
|
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.179"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
|
||||||
users.users.tv = {
|
|
||||||
uid = genid "tv";
|
|
||||||
isNormalUser = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.tv.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
users.users.makefu = {
|
|
||||||
uid = genid "makefu";
|
|
||||||
isNormalUser = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.makefu.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
users.extraUsers.dritter = {
|
|
||||||
uid = genid "dritter";
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [
|
|
||||||
"download"
|
|
||||||
];
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnqOWDDk7QkSAvrSLkEoz7dY22+xPyv5JDn2zlfUndfavmTMfZvPx9REMjgULbcCSM4m3Ncf40yUjciDpVleGoEz82+p/ObHAkVWPQyXRS3ZRM2IJJultBHEFc61+61Pi8k3p5pBhPPaig6VncJ4uUuuNqen9jqLesSTVXNtdntU2IvnC8B8k1Kq6fu9q1T2yEOMxkD31D5hVHlqAly0LdRiYvtsRIoCSmRvlpGl70uvPprhQxhtoiEUeDqmIL7BG9x7gU0Swdl7R0/HtFXlFuOwSlNYDmOf/Zrb1jhOpj4AlCliGUkM0iKIJhgH0tnJna6kfkGKHDwuzITGIh6SpZ dritter@Janeway"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
users.extraUsers.juhulian = {
|
|
||||||
uid = 1339;
|
|
||||||
isNormalUser = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
users.users.hellrazor = {
|
|
||||||
uid = genid "hellrazor";
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [
|
|
||||||
"download"
|
|
||||||
];
|
|
||||||
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
#hotdog
|
|
||||||
systemd.services."container@hotdog".reloadIfChanged = mkForce false;
|
|
||||||
containers.hotdog = {
|
|
||||||
config = { ... }: {
|
|
||||||
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
|
|
||||||
environment.systemPackages = [ pkgs.git ];
|
|
||||||
services.openssh.enable = true;
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.lass.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
autoStart = true;
|
|
||||||
enableTun = true;
|
|
||||||
privateNetwork = true;
|
|
||||||
hostAddress = "10.233.2.1";
|
|
||||||
localAddress = "10.233.2.2";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
<stockholm/lass/2configs/exim-smarthost.nix>
|
|
||||||
<stockholm/lass/2configs/ts3.nix>
|
|
||||||
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/radio.nix>
|
|
||||||
<stockholm/lass/2configs/binary-cache/server.nix>
|
|
||||||
<stockholm/lass/2configs/iodined.nix>
|
|
||||||
<stockholm/lass/2configs/paste.nix>
|
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
|
||||||
<stockholm/lass/2configs/ciko.nix>
|
|
||||||
<stockholm/lass/2configs/container-networking.nix>
|
<stockholm/lass/2configs/container-networking.nix>
|
||||||
<stockholm/lass/2configs/monitoring/prometheus-server.nix>
|
|
||||||
{ # quasi bepasty.nix
|
|
||||||
imports = [
|
|
||||||
<stockholm/lass/2configs/bepasty.nix>
|
|
||||||
];
|
|
||||||
krebs.bepasty.servers."paste.r".nginx.extraConfig = ''
|
|
||||||
if ( $server_addr = "${config.krebs.build.host.nets.internet.ip4.addr}" ) {
|
|
||||||
return 403;
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
services.tor = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
lass.ejabberd = {
|
|
||||||
enable = true;
|
|
||||||
hosts = [ "lassul.us" ];
|
|
||||||
};
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport xmpp-client"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p tcp --dport xmpp-server"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<stockholm/lass/2configs/realwallpaper.nix>
|
|
||||||
];
|
|
||||||
services.nginx.virtualHosts."lassul.us".locations."/wallpaper.png".extraConfig = ''
|
|
||||||
alias /var/realwallpaper/realwallpaper.png;
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
users.users.jeschli = {
|
|
||||||
uid = genid "jeschli";
|
|
||||||
isNormalUser = true;
|
|
||||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
|
||||||
jeschli.pubkey
|
|
||||||
jeschli-bln.pubkey
|
|
||||||
jeschli-bolide.pubkey
|
|
||||||
jeschli-brauerei.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
krebs.git.rules = [
|
|
||||||
{
|
|
||||||
user = with config.krebs.users; [
|
|
||||||
jeschli
|
|
||||||
jeschli-bln
|
|
||||||
jeschli-bolide
|
|
||||||
jeschli-brauerei
|
|
||||||
];
|
|
||||||
repo = [ config.krebs.git.repos.xmonad-stockholm ];
|
|
||||||
perm = with git; push "refs/heads/jeschli*" [ fast-forward non-fast-forward create delete merge ];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
user = with config.krebs.users; [
|
|
||||||
jeschli
|
|
||||||
jeschli-bln
|
|
||||||
jeschli-bolide
|
|
||||||
jeschli-brauerei
|
|
||||||
];
|
|
||||||
repo = [ config.krebs.git.repos.stockholm ];
|
|
||||||
perm = with git; push "refs/heads/staging/jeschli*" [ fast-forward non-fast-forward create delete merge ];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
krebs.repo-sync.repos.stockholm.timerConfig = {
|
|
||||||
OnBootSec = "5min";
|
|
||||||
OnUnitInactiveSec = "2min";
|
|
||||||
RandomizedDelaySec = "2min";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
<stockholm/lass/2configs/downloading.nix>
|
|
||||||
<stockholm/lass/2configs/minecraft.nix>
|
|
||||||
{
|
{
|
||||||
services.taskserver = {
|
services.taskserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -201,123 +39,11 @@ with import <stockholm/lib>;
|
|||||||
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
#<stockholm/lass/2configs/go.nix>
|
|
||||||
{
|
|
||||||
environment.systemPackages = [ pkgs.cryptsetup ];
|
|
||||||
systemd.services."container@red".reloadIfChanged = mkForce false;
|
|
||||||
containers.red = {
|
|
||||||
config = { ... }: {
|
|
||||||
environment.systemPackages = [ pkgs.git ];
|
|
||||||
services.openssh.enable = true;
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.lass.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
autoStart = false;
|
|
||||||
enableTun = true;
|
|
||||||
privateNetwork = true;
|
|
||||||
hostAddress = "10.233.2.3";
|
|
||||||
localAddress = "10.233.2.4";
|
|
||||||
};
|
|
||||||
services.nginx.virtualHosts."rote-allez-fraktion.de" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
locations."/" = {
|
|
||||||
extraConfig = ''
|
|
||||||
proxy_set_header Host rote-allez-fraktion.de;
|
|
||||||
proxy_pass http://10.233.2.4;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
#{
|
|
||||||
# imports = [ <stockholm/lass/2configs/backup.nix> ];
|
|
||||||
# lass.restic = genAttrs [
|
|
||||||
# "daedalus"
|
|
||||||
# "icarus"
|
|
||||||
# "littleT"
|
|
||||||
# "mors"
|
|
||||||
# "shodan"
|
|
||||||
# "skynet"
|
|
||||||
# ] (dest: {
|
|
||||||
# dirs = [
|
|
||||||
# "/home/chat/.weechat"
|
|
||||||
# "/bku/sql_dumps"
|
|
||||||
# ];
|
|
||||||
# passwordFile = (toString <secrets>) + "/restic/${dest}";
|
|
||||||
# repo = "sftp:backup@${dest}.r:/backups/prism";
|
|
||||||
# extraArguments = [
|
|
||||||
# "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
|
|
||||||
# ];
|
|
||||||
# timerConfig = {
|
|
||||||
# OnCalendar = "00:05";
|
|
||||||
# RandomizedDelaySec = "5h";
|
|
||||||
# };
|
|
||||||
# });
|
|
||||||
#}
|
|
||||||
{
|
|
||||||
users.users.download.openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACADLPxtB2f2tocXHxD3ul9D1537hTht6/un87JYZNnoYABveasyIcdFIfp5lPJmj3PjwqXNTA4M/3V+ufrpZ91dxFeXWI5mOI4YB3xRu+Elja8g7nfvCz1HrH3sD1equos/7ltQ1GZYvHGw40qD1/ZtOODwRwrYJ7l/DUBrjk/tzXRjm0+ZgyQsb3G9a80cA8d3fiuQDxbAzdoJF46wt36ZfuSMpJ/Td8CbCoLlV/uL9QZemOglyxNxR607qGfRNXF1An+P+fFq24GmdHpMJ00DfjZ/dJRL9QSs7vd07uyB4Qty4VHwRhc46XH6KL7VTF1D3INF/BeBZx90GBxOvpgEji7Zrf7O5eSAjM2Do1+t+Ev2IIuiltB+QqTir4rZcrCBrJ2+zD3DDymKffVi8sz15AvdrFkIplzZxpOcgm9Ns2w/uh8sxeV6J58aoLEVmd2KRUfJFYiS1EuEjYo2OHlj8ltIh3VlfYdWksGpQc71IT0iEWvzvjYcfCda9uzFLKdLfBy4GB8+s4zR2CX9aGDyJaIY1kt/xqDeztnYwW1owG+fLMrDJlq3Mu+KmJljb30jzrOPhFYVZgWenmMFgH2RBzVEmnsR0f2LFVLj6N/a9fpEJ3WhxMOc5Ybdpgg/l9KUdgvWLk6KOtba+z9fuYT1YgwtZBoMgHAdZLmZ/DGtff palo@pepe"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGMjbYFmmvpF60YBShyFISbjN+O3e4GPkfsre6xFqz20joi8YqpD/5PtrMsGrPd1ZoZ9qSwXJtbb1WBomFg0xzRSNa1/FliKiE1ilcaB3aUZRtP0OWHIvWD3/YL/0h+/YXDGTfb8FNvpgJmnbN3Q0gw8cwWw+eve5BMyqDhzFvycxO4qDuP2JXkGpdhJqjaYZhP5rPH2mgv1oU1RnOA3A7APZVGf1m6JSmV7FZR514aGlFV+NpsvS29Mib8fcswgpoGhMN6jeh/nf49tp01LUAOmXSqdHIWNOTt3Mt7S4rU7RZwEhswdSRbKdKFRMj+uRkhJ4CPcNuuGtSY3id0Ja7IvrvxNaQUk1L8nBcza709jvSBYWSY5/aGL1ocA/PNWXDpOTp2PWwxkh39aPMqZXPTH3KC4IkRp5SiKibEhdmjnToV7nUAJe4IWn1b7QdoqS03ib0X87DnHWIbvi8UZlImM7pn0rs+rwnOo4lQwrTz7kbBHPaa6XOZAuDYND2728vtcrhwzVrKgiXWbyF6VzvwxPeeStmn1gENvozbj1hl9gbQ1cH/a4pZFBV/OFl/ryzDnB2ghM4acNJazXx/6/us9hX+np1YxIzJaxENj677MLc6HitM2g6XJGaixBQ0U2NNjcjIuQT0ZaeKXsSLnu1Y7+uslbVAwsQ4pJmSxxMMQ== palo@workhorse"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
{
|
|
||||||
}
|
|
||||||
{
|
|
||||||
lass.nichtparasoup.enable = true;
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
virtualHosts."lol.lassul.us" = {
|
|
||||||
forceSSL = true;
|
|
||||||
enableACME = true;
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
proxy_pass http://localhost:5001;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p udp --dport 51820"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
krebs.iptables.tables.nat.PREROUTING.rules = [
|
|
||||||
{ v6 = false; precedence = 1000; predicate = "-s 10.244.1.0/24"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
krebs.iptables.tables.filter.FORWARD.rules = [
|
|
||||||
{ v6 = false; precedence = 1000; predicate = "-s 10.244.1.0/24"; target = "ACCEPT"; }
|
|
||||||
{ v6 = false; precedence = 1000; predicate = "-s 10.243.0.0/16 -d 10.244.1.0/24"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
krebs.iptables.tables.nat.POSTROUTING.rules = [
|
|
||||||
{ v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; }
|
|
||||||
];
|
|
||||||
networking.wireguard.interfaces.wg0 = {
|
|
||||||
ips = [ "10.244.1.1/24" ];
|
|
||||||
listenPort = 51820;
|
|
||||||
privateKeyFile = (toString <secrets>) + "/wireguard.key";
|
|
||||||
allowedIPsAsRoutes = true;
|
|
||||||
peers = [
|
|
||||||
{
|
|
||||||
# lass-android
|
|
||||||
allowedIPs = [ "10.244.1.2/32" ];
|
|
||||||
publicKey = "zVunBVOxsMETlnHkgjfH71HaZjjNUOeYNveAVv5z3jw=";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
|
{ predicate = "-p udp --dport 60000:61000"; target = "ACCEPT";}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
|
||||||
services.murmur.enable = true;
|
|
||||||
services.murmur.registerName = "lassul.us";
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport 64738"; target = "ACCEPT";}
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.archprism;
|
krebs.build.host = config.krebs.hosts.archprism;
|
||||||
|
@ -1,16 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<stockholm/lass>
|
|
||||||
|
|
||||||
<stockholm/lass/2configs/mouse.nix>
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/exim-retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/baseX.nix>
|
|
||||||
<stockholm/lass/2configs/AP.nix>
|
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.cabal;
|
|
||||||
}
|
|
@ -1,12 +0,0 @@
|
|||||||
{
|
|
||||||
imports = [
|
|
||||||
./config.nix
|
|
||||||
<stockholm/lass/2configs/hw/x220.nix>
|
|
||||||
<stockholm/lass/2configs/boot/stock-x220.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
services.udev.extraRules = ''
|
|
||||||
SUBSYSTEM=="net", ATTR{address}=="a0:88:b4:45:85:ac", NAME="wl0"
|
|
||||||
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:62:2b:1b", NAME="et0"
|
|
||||||
'';
|
|
||||||
}
|
|
@ -25,9 +25,5 @@
|
|||||||
macchanger
|
macchanger
|
||||||
dpass
|
dpass
|
||||||
];
|
];
|
||||||
services.redshift = {
|
|
||||||
enable = true;
|
|
||||||
provider = "geoclue2";
|
|
||||||
};
|
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -102,6 +102,7 @@ with import <stockholm/lib>;
|
|||||||
urban
|
urban
|
||||||
mk_sql_pair
|
mk_sql_pair
|
||||||
remmina
|
remmina
|
||||||
|
transmission
|
||||||
|
|
||||||
iodine
|
iodine
|
||||||
|
|
||||||
@ -148,10 +149,6 @@ with import <stockholm/lib>;
|
|||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
services.redshift = {
|
|
||||||
enable = true;
|
|
||||||
provider = "geoclue2";
|
|
||||||
};
|
|
||||||
|
|
||||||
lass.restic = genAttrs [
|
lass.restic = genAttrs [
|
||||||
"daedalus"
|
"daedalus"
|
||||||
|
@ -25,7 +25,7 @@ with import <stockholm/lib>;
|
|||||||
{ # TODO make new hfos.nix out of this vv
|
{ # TODO make new hfos.nix out of this vv
|
||||||
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||||||
users.users.riot = {
|
users.users.riot = {
|
||||||
uid = genid "riot";
|
uid = genid_uint31 "riot";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "libvirtd" ];
|
extraGroups = [ "libvirtd" ];
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
@ -44,21 +44,21 @@ with import <stockholm/lib>;
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
users.users.tv = {
|
users.users.tv = {
|
||||||
uid = genid "tv";
|
uid = genid_uint31 "tv";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.tv.pubkey
|
config.krebs.users.tv.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
users.users.makefu = {
|
users.users.makefu = {
|
||||||
uid = genid "makefu";
|
uid = genid_uint31 "makefu";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.makefu.pubkey
|
config.krebs.users.makefu.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
users.extraUsers.dritter = {
|
users.extraUsers.dritter = {
|
||||||
uid = genid "dritter";
|
uid = genid_uint31 "dritter";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"download"
|
"download"
|
||||||
@ -75,7 +75,7 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
users.users.hellrazor = {
|
users.users.hellrazor = {
|
||||||
uid = genid "hellrazor";
|
uid = genid_uint31 "hellrazor";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"download"
|
"download"
|
||||||
@ -168,7 +168,7 @@ with import <stockholm/lib>;
|
|||||||
}
|
}
|
||||||
{
|
{
|
||||||
users.users.jeschli = {
|
users.users.jeschli = {
|
||||||
uid = genid "jeschli";
|
uid = genid_uint31 "jeschli";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||||
jeschli.pubkey
|
jeschli.pubkey
|
||||||
@ -207,7 +207,6 @@ with import <stockholm/lib>;
|
|||||||
RandomizedDelaySec = "2min";
|
RandomizedDelaySec = "2min";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
<stockholm/lass/2configs/downloading.nix>
|
|
||||||
<stockholm/lass/2configs/minecraft.nix>
|
<stockholm/lass/2configs/minecraft.nix>
|
||||||
{
|
{
|
||||||
services.taskserver = {
|
services.taskserver = {
|
||||||
@ -324,6 +323,15 @@ with import <stockholm/lib>;
|
|||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
services.dnsmasq = {
|
||||||
|
enable = true;
|
||||||
|
resolveLocalQueries = false;
|
||||||
|
|
||||||
|
extraConfig= ''
|
||||||
|
except-interface=lo
|
||||||
|
interface=wg0
|
||||||
|
'';
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
@ -338,6 +346,61 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
systemd.services."container@yellow".reloadIfChanged = mkForce false;
|
||||||
|
containers.yellow = {
|
||||||
|
config = { ... }: {
|
||||||
|
environment.systemPackages = [ pkgs.git ];
|
||||||
|
services.openssh.enable = true;
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.lass.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
autoStart = false;
|
||||||
|
enableTun = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostAddress = "10.233.2.13";
|
||||||
|
localAddress = "10.233.2.14";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."lassul.us".locations."^~ /transmission".extraConfig = ''
|
||||||
|
if ($scheme != "https") {
|
||||||
|
rewrite ^ https://$host$uri permanent;
|
||||||
|
}
|
||||||
|
auth_basic "Restricted Content";
|
||||||
|
auth_basic_user_file ${pkgs.writeText "transmission-user-pass" ''
|
||||||
|
krebs:$apr1$1Fwt/4T0$YwcUn3OBmtmsGiEPlYWyq0
|
||||||
|
''};
|
||||||
|
proxy_pass http://10.233.2.14:9091;
|
||||||
|
'';
|
||||||
|
|
||||||
|
users.groups.download = {};
|
||||||
|
users.users = {
|
||||||
|
download = {
|
||||||
|
createHome = true;
|
||||||
|
group = "download";
|
||||||
|
name = "download";
|
||||||
|
home = "/var/download";
|
||||||
|
useDefaultShell = true;
|
||||||
|
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||||
|
lass.pubkey
|
||||||
|
lass-shodan.pubkey
|
||||||
|
lass-icarus.pubkey
|
||||||
|
lass-daedalus.pubkey
|
||||||
|
lass-helios.pubkey
|
||||||
|
makefu.pubkey
|
||||||
|
wine-mors.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
system.activationScripts.downloadFolder = ''
|
||||||
|
mkdir -p /var/download
|
||||||
|
chmod 775 /var/download
|
||||||
|
ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || :
|
||||||
|
chown download: /var/download/finished
|
||||||
|
'';
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.prism;
|
krebs.build.host = config.krebs.hosts.prism;
|
||||||
|
@ -25,6 +25,11 @@
|
|||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
fileSystems."/var/download" = {
|
||||||
|
device = "tank/download";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
fileSystems."/var/lib/containers" = {
|
fileSystems."/var/lib/containers" = {
|
||||||
device = "tank/containers";
|
device = "tank/containers";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
|
@ -8,14 +8,13 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/mouse.nix>
|
<stockholm/lass/2configs/mouse.nix>
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/baseX.nix>
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
<stockholm/lass/2configs/git.nix>
|
|
||||||
<stockholm/lass/2configs/exim-retiolum.nix>
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
<stockholm/lass/2configs/browsers.nix>
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
<stockholm/lass/2configs/programs.nix>
|
<stockholm/lass/2configs/programs.nix>
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
|
||||||
<stockholm/lass/2configs/wine.nix>
|
<stockholm/lass/2configs/wine.nix>
|
||||||
<stockholm/lass/2configs/bitcoin.nix>
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
<stockholm/lass/2configs/backup.nix>
|
<stockholm/lass/2configs/backup.nix>
|
||||||
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.shodan;
|
krebs.build.host = config.krebs.hosts.shodan;
|
||||||
|
@ -7,6 +7,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
|
<stockholm/lass/2configs/power-action.nix>
|
||||||
{
|
{
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
services.xserver.desktopManager.xfce.enable = true;
|
services.xserver.desktopManager.xfce.enable = true;
|
||||||
|
167
lass/1systems/yellow/config.nix
Normal file
167
lass/1systems/yellow/config.nix
Normal file
@ -0,0 +1,167 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/lass>
|
||||||
|
<stockholm/lass/2configs>
|
||||||
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.yellow;
|
||||||
|
|
||||||
|
system.activationScripts.downloadFolder = ''
|
||||||
|
mkdir -p /var/download
|
||||||
|
chown download:download /var/download
|
||||||
|
chmod 775 /var/download
|
||||||
|
'';
|
||||||
|
|
||||||
|
users.users.download = { uid = genid "download"; };
|
||||||
|
users.groups.download.members = [ "transmission" ];
|
||||||
|
users.users.transmission.group = mkForce "download";
|
||||||
|
|
||||||
|
systemd.services.transmission.serviceConfig.bindsTo = [ "openvpn-nordvpn.service" ];
|
||||||
|
services.transmission = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
download-dir = "/var/download/finished";
|
||||||
|
incomplete-dir = "/var/download/incoming";
|
||||||
|
incomplete-dir-enable = true;
|
||||||
|
umask = "002";
|
||||||
|
rpc-whitelist-enabled = false;
|
||||||
|
rpc-host-whitelist-enabled = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.nginx.override {
|
||||||
|
modules = with pkgs.nginxModules; [
|
||||||
|
fancyindex
|
||||||
|
];
|
||||||
|
};
|
||||||
|
virtualHosts."dl" = {
|
||||||
|
default = true;
|
||||||
|
locations."/Nginx-Fancyindex-Theme-dark" = {
|
||||||
|
extraConfig = ''
|
||||||
|
alias ${pkgs.fetchFromGitHub {
|
||||||
|
owner = "Naereen";
|
||||||
|
repo = "Nginx-Fancyindex-Theme";
|
||||||
|
rev = "e84f7d6a32085c2b6238f85f5fdebe9ceb710fc4";
|
||||||
|
sha256 = "0wzl4ws2w8f0749vxfd1c8c21p3jw463wishgfcmaljbh4dwplg6";
|
||||||
|
}}/Nginx-Fancyindex-Theme-dark;
|
||||||
|
autoindex on;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
locations."/" = {
|
||||||
|
root = "/var/download/finished";
|
||||||
|
extraConfig = ''
|
||||||
|
fancyindex on;
|
||||||
|
fancyindex_header "/Nginx-Fancyindex-Theme-dark/header.html";
|
||||||
|
fancyindex_footer "/Nginx-Fancyindex-Theme-dark/footer.html";
|
||||||
|
dav_methods PUT DELETE MKCOL COPY MOVE;
|
||||||
|
|
||||||
|
create_full_put_path on;
|
||||||
|
dav_access all:r;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
krebs.iptables = {
|
||||||
|
enable = true;
|
||||||
|
tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p tcp --dport 51413"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openvpn.servers.nordvpn.config = ''
|
||||||
|
client
|
||||||
|
dev tun
|
||||||
|
proto udp
|
||||||
|
remote 82.102.16.229 1194
|
||||||
|
resolv-retry infinite
|
||||||
|
remote-random
|
||||||
|
nobind
|
||||||
|
tun-mtu 1500
|
||||||
|
tun-mtu-extra 32
|
||||||
|
mssfix 1450
|
||||||
|
persist-key
|
||||||
|
persist-tun
|
||||||
|
ping 15
|
||||||
|
ping-restart 0
|
||||||
|
ping-timer-rem
|
||||||
|
reneg-sec 0
|
||||||
|
comp-lzo no
|
||||||
|
|
||||||
|
explicit-exit-notify 3
|
||||||
|
|
||||||
|
remote-cert-tls server
|
||||||
|
|
||||||
|
#mute 10000
|
||||||
|
auth-user-pass ${toString <secrets/nordvpn.txt>}
|
||||||
|
|
||||||
|
verb 3
|
||||||
|
pull
|
||||||
|
fast-io
|
||||||
|
cipher AES-256-CBC
|
||||||
|
auth SHA512
|
||||||
|
|
||||||
|
<ca>
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
|
||||||
|
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
|
||||||
|
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw
|
||||||
|
bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y
|
||||||
|
ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG
|
||||||
|
A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT
|
||||||
|
B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2
|
||||||
|
cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
|
||||||
|
cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG
|
||||||
|
UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny
|
||||||
|
mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X
|
||||||
|
+D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT
|
||||||
|
ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI
|
||||||
|
583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA
|
||||||
|
VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT
|
||||||
|
Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh
|
||||||
|
MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ
|
||||||
|
MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy
|
||||||
|
Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW
|
||||||
|
EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG
|
||||||
|
SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ
|
||||||
|
e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW
|
||||||
|
//DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB
|
||||||
|
wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB
|
||||||
|
KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p
|
||||||
|
lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
</ca>
|
||||||
|
key-direction 1
|
||||||
|
<tls-auth>
|
||||||
|
#
|
||||||
|
# 2048 bit OpenVPN static key
|
||||||
|
#
|
||||||
|
-----BEGIN OpenVPN Static key V1-----
|
||||||
|
49b2f54c6ee58d2d97331681bb577d55
|
||||||
|
054f56d92b743c31e80b684de0388702
|
||||||
|
ad3bf51088cd88f3fac7eb0729f2263c
|
||||||
|
51d82a6eb7e2ed4ae6dfa65b1ac764d0
|
||||||
|
b9dedf1379c1b29b36396d64cb6fd6b2
|
||||||
|
e61f869f9a13001dadc02db171f04c4d
|
||||||
|
c46d1132c1f31709e7b54a6eabae3ea8
|
||||||
|
fbd2681363c185f4cb1be5aa42a27c31
|
||||||
|
21db7b2187fd11c1acf224a0d5a44466
|
||||||
|
b4b5a3cc34ec0227fe40007e8b379654
|
||||||
|
f1e8e2b63c6b46ee7ab6f1bd82f57837
|
||||||
|
92c209e8f25bc9ed493cb5c1d891ae72
|
||||||
|
7f54f4693c5b20f136ca23e639fd8ea0
|
||||||
|
865b4e22dd2af43e13e6b075f12427b2
|
||||||
|
08af9ffd09c56baa694165f57fe2697a
|
||||||
|
3377fa34aebcba587c79941d83deaf45
|
||||||
|
-----END OpenVPN Static key V1-----
|
||||||
|
</tls-auth>
|
||||||
|
'';
|
||||||
|
}
|
8
lass/1systems/yellow/physical.nix
Normal file
8
lass/1systems/yellow/physical.nix
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./config.nix
|
||||||
|
];
|
||||||
|
boot.isContainer = true;
|
||||||
|
networking.useDHCP = false;
|
||||||
|
environment.variables.NIX_REMOTE = "daemon";
|
||||||
|
}
|
@ -126,6 +126,12 @@ in {
|
|||||||
restartIfChanged = false;
|
restartIfChanged = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixpkgs.config.packageOverrides = super: {
|
||||||
|
dmenu = pkgs.writeDashBin "dmenu" ''
|
||||||
|
${pkgs.fzfmenu}/bin/fzfmenu "$@"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
krebs.xresources.enable = true;
|
krebs.xresources.enable = true;
|
||||||
lass.screenlock.enable = true;
|
lass.screenlock.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -26,6 +26,7 @@
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
virtualHosts."cache.krebsco.de" = {
|
virtualHosts."cache.krebsco.de" = {
|
||||||
|
forceSSL = true;
|
||||||
serverAliases = [ "cache.lassul.us" ];
|
serverAliases = [ "cache.lassul.us" ];
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
locations."/".extraConfig = ''
|
locations."/".extraConfig = ''
|
||||||
|
@ -81,6 +81,7 @@ in {
|
|||||||
host = "${host}.r",
|
host = "${host}.r",
|
||||||
targetdir = "/var/lib/containers/.blue",
|
targetdir = "/var/lib/containers/.blue",
|
||||||
rsync = {
|
rsync = {
|
||||||
|
archive = true,
|
||||||
owner = true,
|
owner = true,
|
||||||
group = true,
|
group = true,
|
||||||
};
|
};
|
||||||
|
@ -1,65 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
users.extraUsers = {
|
|
||||||
download = {
|
|
||||||
name = "download";
|
|
||||||
home = "/var/download";
|
|
||||||
createHome = true;
|
|
||||||
useDefaultShell = true;
|
|
||||||
extraGroups = [
|
|
||||||
"download"
|
|
||||||
];
|
|
||||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
|
||||||
lass.pubkey
|
|
||||||
lass-shodan.pubkey
|
|
||||||
lass-icarus.pubkey
|
|
||||||
lass-daedalus.pubkey
|
|
||||||
lass-helios.pubkey
|
|
||||||
makefu.pubkey
|
|
||||||
wine-mors.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
transmission = {
|
|
||||||
extraGroups = [
|
|
||||||
"download"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
users.extraGroups = {
|
|
||||||
download = {
|
|
||||||
members = [
|
|
||||||
"download"
|
|
||||||
"transmission"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.rtorrent = {
|
|
||||||
enable = true;
|
|
||||||
web = {
|
|
||||||
enable = true;
|
|
||||||
port = 9091;
|
|
||||||
basicAuth = import <secrets/torrent-auth>;
|
|
||||||
};
|
|
||||||
rutorrent.enable = true;
|
|
||||||
enableXMLRPC = true;
|
|
||||||
listenPort = 51413;
|
|
||||||
downloadDir = "/var/download/finished";
|
|
||||||
# dump old torrents into watch folder to have them re-added
|
|
||||||
watchDir = "/var/download/watch";
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.iptables = {
|
|
||||||
enable = true;
|
|
||||||
tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp --dport 9091"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p tcp --dport 51413"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p udp --dport 51413"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
@ -93,6 +93,7 @@ with import <stockholm/lib>;
|
|||||||
{ from = "neocron@lassul.us"; to = lass.mail; }
|
{ from = "neocron@lassul.us"; to = lass.mail; }
|
||||||
{ from = "osmocom@lassul.us"; to = lass.mail; }
|
{ from = "osmocom@lassul.us"; to = lass.mail; }
|
||||||
{ from = "lesswrong@lassul.us"; to = lass.mail; }
|
{ from = "lesswrong@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "nordvpn@lassul.us"; to = lass.mail; }
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
@ -174,6 +174,16 @@ let
|
|||||||
macro pager a "<modify-labels>-archive\n" # tag as Archived
|
macro pager a "<modify-labels>-archive\n" # tag as Archived
|
||||||
|
|
||||||
|
|
||||||
|
bind index U noop
|
||||||
|
bind index u noop
|
||||||
|
bind pager U noop
|
||||||
|
bind pager u noop
|
||||||
|
macro index U "<modify-labels>+unread\n"
|
||||||
|
macro index u "<modify-labels>-unread\n"
|
||||||
|
macro pager U "<modify-labels>+unread\n"
|
||||||
|
macro pager u "<modify-labels>-unread\n"
|
||||||
|
|
||||||
|
|
||||||
bind index t noop
|
bind index t noop
|
||||||
bind pager t noop
|
bind pager t noop
|
||||||
macro index t "<modify-labels>" # tag as Archived
|
macro index t "<modify-labels>" # tag as Archived
|
||||||
|
@ -5,7 +5,6 @@ with import <stockholm/lib>;
|
|||||||
let
|
let
|
||||||
name = "radio";
|
name = "radio";
|
||||||
mainUser = config.users.extraUsers.mainUser;
|
mainUser = config.users.extraUsers.mainUser;
|
||||||
inherit (import <stockholm/lib>) genid;
|
|
||||||
|
|
||||||
admin-password = import <secrets/icecast-admin-pw>;
|
admin-password = import <secrets/icecast-admin-pw>;
|
||||||
source-password = import <secrets/icecast-source-pw>;
|
source-password = import <secrets/icecast-source-pw>;
|
||||||
@ -31,7 +30,7 @@ in {
|
|||||||
"${name}" = rec {
|
"${name}" = rec {
|
||||||
inherit name;
|
inherit name;
|
||||||
group = name;
|
group = name;
|
||||||
uid = genid name;
|
uid = genid_uint31 name;
|
||||||
description = "radio manager";
|
description = "radio manager";
|
||||||
home = "/home/${name}";
|
home = "/home/${name}";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
0
lass/2configs/tests/dummy-secrets/nordvpn.txt
Normal file
0
lass/2configs/tests/dummy-secrets/nordvpn.txt
Normal file
@ -1,70 +0,0 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
let
|
|
||||||
inherit (import <stockholm/lib>)
|
|
||||||
genid
|
|
||||||
head
|
|
||||||
;
|
|
||||||
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
|
|
||||||
servePage
|
|
||||||
serveWordpress
|
|
||||||
;
|
|
||||||
|
|
||||||
msmtprc = pkgs.writeText "msmtprc" ''
|
|
||||||
account default
|
|
||||||
host localhost
|
|
||||||
'';
|
|
||||||
|
|
||||||
sendmail = pkgs.writeDash "msmtp" ''
|
|
||||||
exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
in {
|
|
||||||
|
|
||||||
services.nginx.enable = true;
|
|
||||||
|
|
||||||
imports = [
|
|
||||||
./default.nix
|
|
||||||
./sqlBackup.nix
|
|
||||||
|
|
||||||
(serveWordpress [ "radical-dreamers.de" "www.radical-dreamers.de" ])
|
|
||||||
|
|
||||||
(serveWordpress [ "gs-maubach.de" "www.gs-maubach.de" ])
|
|
||||||
|
|
||||||
(serveWordpress [ "spielwaren-kern.de" "www.spielwaren-kern.de" ])
|
|
||||||
|
|
||||||
(servePage [ "familienpraxis-korntal.de" "www.familienpraxis-korntal.de" ])
|
|
||||||
|
|
||||||
(serveWordpress [ "ttf-kleinaspach.de" "www.ttf-kleinaspach.de" ])
|
|
||||||
|
|
||||||
(serveWordpress [ "eastuttgart.de" "www.eastuttgart.de" ])
|
|
||||||
|
|
||||||
(serveWordpress [ "goldbarrendiebstahl.radical-dreamers.de" ])
|
|
||||||
];
|
|
||||||
|
|
||||||
lass.mysqlBackup.config.all.databases = [
|
|
||||||
"eastuttgart_de"
|
|
||||||
"radical_dreamers_de"
|
|
||||||
"spielwaren_kern_de"
|
|
||||||
"ttf_kleinaspach_de"
|
|
||||||
];
|
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.fritz.pubkey
|
|
||||||
];
|
|
||||||
|
|
||||||
users.users.goldbarrendiebstahl = {
|
|
||||||
home = "/srv/http/goldbarrendiebstahl.radical-dreamers.de";
|
|
||||||
uid = genid "goldbarrendiebstahl";
|
|
||||||
createHome = true;
|
|
||||||
useDefaultShell = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.fritz.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.phpfpm.phpOptions = ''
|
|
||||||
sendmail_path = ${sendmail} -t
|
|
||||||
'';
|
|
||||||
}
|
|
@ -3,7 +3,7 @@
|
|||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
inherit (import <stockholm/lib>)
|
inherit (import <stockholm/lib>)
|
||||||
genid
|
genid_uint31
|
||||||
;
|
;
|
||||||
|
|
||||||
in {
|
in {
|
||||||
@ -22,7 +22,7 @@ in {
|
|||||||
krebs.tinc_graphs.enable = true;
|
krebs.tinc_graphs.enable = true;
|
||||||
|
|
||||||
users.users.lass-stuff = {
|
users.users.lass-stuff = {
|
||||||
uid = genid "lass-stuff";
|
uid = genid_uint31 "lass-stuff";
|
||||||
description = "lassul.us blog cgi stuff";
|
description = "lassul.us blog cgi stuff";
|
||||||
home = "/var/empty";
|
home = "/var/empty";
|
||||||
};
|
};
|
||||||
@ -66,22 +66,6 @@ in {
|
|||||||
locations."/tinc".extraConfig = ''
|
locations."/tinc".extraConfig = ''
|
||||||
alias ${config.krebs.tinc_graphs.workingDir}/external;
|
alias ${config.krebs.tinc_graphs.workingDir}/external;
|
||||||
'';
|
'';
|
||||||
locations."/urlaubyay2018".extraConfig = ''
|
|
||||||
autoindex on;
|
|
||||||
alias /srv/http/lassul.us-media/india2018;
|
|
||||||
auth_basic "Restricted Content";
|
|
||||||
auth_basic_user_file ${pkgs.writeText "pics-user-pass" ''
|
|
||||||
paolo:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0
|
|
||||||
''};
|
|
||||||
'';
|
|
||||||
locations."/heilstadt".extraConfig = ''
|
|
||||||
autoindex on;
|
|
||||||
alias /srv/http/lassul.us-media/grabowsee2018;
|
|
||||||
auth_basic "Restricted Content";
|
|
||||||
auth_basic_user_file ${pkgs.writeText "pics-user-pass" ''
|
|
||||||
c-base:$apr1$aQ6mYNR3$ho.aJ7icqSO.y.xKo3GQf0
|
|
||||||
''};
|
|
||||||
'';
|
|
||||||
locations."/krebspage".extraConfig = ''
|
locations."/krebspage".extraConfig = ''
|
||||||
default_type "text/html";
|
default_type "text/html";
|
||||||
alias ${pkgs.krebspage}/index.html;
|
alias ${pkgs.krebspage}/index.html;
|
||||||
@ -140,7 +124,7 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
users.users.blog = {
|
users.users.blog = {
|
||||||
uid = genid "blog";
|
uid = genid_uint31 "blog";
|
||||||
description = "lassul.us blog deployment";
|
description = "lassul.us blog deployment";
|
||||||
home = "/srv/http/lassul.us";
|
home = "/srv/http/lassul.us";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
@ -142,7 +142,7 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
users.users = mapAttrs' (_: cfg:
|
users.users = mapAttrs' (_: cfg:
|
||||||
nameValuePair cfg.name {
|
nameValuePair cfg.name {
|
||||||
uid = genid cfg.name;
|
uid = genid_uint31 cfg.name;
|
||||||
home = "/home/${cfg.name}";
|
home = "/home/${cfg.name}";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
|
@ -38,7 +38,7 @@ import XMonad.Hooks.EwmhDesktops (ewmh)
|
|||||||
import XMonad.Hooks.FloatNext (floatNext)
|
import XMonad.Hooks.FloatNext (floatNext)
|
||||||
import XMonad.Hooks.FloatNext (floatNextHook)
|
import XMonad.Hooks.FloatNext (floatNextHook)
|
||||||
import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts))
|
import XMonad.Hooks.ManageDocks (avoidStruts, ToggleStruts(ToggleStruts))
|
||||||
import XMonad.Hooks.Place (placeHook, smart)
|
import XMonad.Hooks.ManageHelpers (composeOne, doCenterFloat, (-?>))
|
||||||
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
||||||
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
||||||
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
||||||
@ -84,7 +84,7 @@ main' = do
|
|||||||
{ terminal = myTerm
|
{ terminal = myTerm
|
||||||
, modMask = mod4Mask
|
, modMask = mod4Mask
|
||||||
, layoutHook = smartBorders $ myLayoutHook
|
, layoutHook = smartBorders $ myLayoutHook
|
||||||
, manageHook = placeHook (smart (1,0)) <+> floatNextHook <+> floatHooks
|
, manageHook = floatHooks <+> floatNextHook
|
||||||
, startupHook =
|
, startupHook =
|
||||||
whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
|
whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
|
||||||
(\path -> forkFile path [] Nothing)
|
(\path -> forkFile path [] Nothing)
|
||||||
@ -99,13 +99,12 @@ myLayoutHook = defLayout
|
|||||||
defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat)
|
defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat)
|
||||||
|
|
||||||
floatHooks :: Query (Endo WindowSet)
|
floatHooks :: Query (Endo WindowSet)
|
||||||
floatHooks = composeAll . concat $
|
floatHooks = composeOne
|
||||||
[ [ title =? t --> doFloat | t <- myTitleFloats]
|
[ className =? "Pinentry" -?> doCenterFloat
|
||||||
, [ className =? c --> doFloat | c <- myClassFloats ] ]
|
, title =? "fzfmenu" -?> doCenterFloat
|
||||||
where
|
, title =? "glxgears" -?> doCenterFloat
|
||||||
myTitleFloats = []
|
, resource =? "Dialog" -?> doFloat
|
||||||
myClassFloats = ["Pinentry"] -- for gpg passphrase entry
|
]
|
||||||
|
|
||||||
|
|
||||||
myKeyMap :: [([Char], X ())]
|
myKeyMap :: [([Char], X ())]
|
||||||
myKeyMap =
|
myKeyMap =
|
||||||
@ -114,6 +113,7 @@ myKeyMap =
|
|||||||
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
|
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
|
||||||
, ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type")
|
, ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type")
|
||||||
, ("M4-i", spawn "${pkgs.dpass}/bin/dpassmenu --type")
|
, ("M4-i", spawn "${pkgs.dpass}/bin/dpassmenu --type")
|
||||||
|
, ("M4-z", spawn "${pkgs.emot-menu}/bin/emoticons")
|
||||||
|
|
||||||
, ("<XF86AudioMute>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute @DEFAULT_SINK@ toggle")
|
, ("<XF86AudioMute>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-mute @DEFAULT_SINK@ toggle")
|
||||||
, ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
|
, ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
|
||||||
@ -163,6 +163,9 @@ myKeyMap =
|
|||||||
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
|
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
|
||||||
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
|
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
|
||||||
|
|
||||||
|
, ("M4-<F9>", spawn "${pkgs.redshift}/bin/redshift -O 4000 -g 0.9:0.8:0.8")
|
||||||
|
, ("M4-<F10>", spawn "${pkgs.redshift}/bin/redshift -x")
|
||||||
|
|
||||||
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
|
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
|
||||||
|
|
||||||
, ("M4-s", spawn "${pkgs.knav}/bin/knav")
|
, ("M4-s", spawn "${pkgs.knav}/bin/knav")
|
||||||
|
31
lass/5pkgs/emot-menu/default.nix
Normal file
31
lass/5pkgs/emot-menu/default.nix
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
{ coreutils, dmenu, gnused, writeDashBin, writeText, xdotool }: let
|
||||||
|
|
||||||
|
emoticons = writeText "emoticons" ''
|
||||||
|
¯\(°_o)/¯ | dunno lol shrug dlol
|
||||||
|
¯\_(ツ)_/¯ | dunno lol shrug dlol
|
||||||
|
( ͡° ͜ʖ ͡°) | lenny
|
||||||
|
¯\_( ͡° ͜ʖ ͡°)_/¯ | lenny shrug dlol
|
||||||
|
( ゚д゚) | aaah sad noo
|
||||||
|
ヽ(^o^)丿 | hi yay hello
|
||||||
|
(^o^; | ups hehe
|
||||||
|
(^∇^) | yay
|
||||||
|
┗(`皿´)┛ | angry argh
|
||||||
|
ヾ(^_^) byebye!! | bye
|
||||||
|
<(^.^<) <(^.^)> (>^.^)> (7^.^)7 (>^.^<) | dance
|
||||||
|
(-.-)Zzz... | sleep
|
||||||
|
(∩╹□╹∩) | oh noes woot
|
||||||
|
™ | tm
|
||||||
|
ζ | zeta
|
||||||
|
(╯°□°)╯ ┻━┻ | table flip
|
||||||
|
(」゜ロ゜)」 | why woot
|
||||||
|
'';
|
||||||
|
|
||||||
|
in
|
||||||
|
writeDashBin "emoticons" ''
|
||||||
|
set -efu
|
||||||
|
|
||||||
|
data=$(${coreutils}/bin/cat ${emoticons})
|
||||||
|
emoticon=$(echo "$data" | ${dmenu}/bin/dmenu | ${gnused}/bin/sed 's/ | .*//')
|
||||||
|
${xdotool}/bin/xdotool type -- "$emoticon"
|
||||||
|
exit 0
|
||||||
|
''
|
45
lass/5pkgs/fzfmenu/default.nix
Normal file
45
lass/5pkgs/fzfmenu/default.nix
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
pkgs.writeDashBin "fzfmenu" ''
|
||||||
|
set -efu
|
||||||
|
PROMPT=">"
|
||||||
|
for i in "$@"
|
||||||
|
do
|
||||||
|
case $i in
|
||||||
|
-p)
|
||||||
|
PROMPT="$2"
|
||||||
|
shift
|
||||||
|
shift
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
-l)
|
||||||
|
# no reason to filter number of lines
|
||||||
|
LINES="$2"
|
||||||
|
shift
|
||||||
|
shift
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
-i)
|
||||||
|
# we do this anyway
|
||||||
|
shift
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Unknown option $1" >&2
|
||||||
|
shift
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
INPUT=$(${pkgs.coreutils}/bin/cat)
|
||||||
|
OUTPUT="$(${pkgs.coreutils}/bin/mktemp)"
|
||||||
|
${pkgs.rxvt_unicode}/bin/urxvt \
|
||||||
|
-name fzfmenu -title fzfmenu \
|
||||||
|
-e ${pkgs.dash}/bin/dash -c \
|
||||||
|
"echo \"$INPUT\" | ${pkgs.fzf}/bin/fzf \
|
||||||
|
--history=/dev/null \
|
||||||
|
--no-sort \
|
||||||
|
--prompt=\"$PROMPT\" \
|
||||||
|
> \"$OUTPUT\"" 2>/dev/null
|
||||||
|
${pkgs.coreutils}/bin/cat "$OUTPUT"
|
||||||
|
${pkgs.coreutils}/bin/rm "$OUTPUT"
|
||||||
|
''
|
@ -13,8 +13,9 @@ let
|
|||||||
ne = x: y: x != y;
|
ne = x: y: x != y;
|
||||||
mod = x: y: x - y * (x / y);
|
mod = x: y: x - y * (x / y);
|
||||||
|
|
||||||
genid = import ./genid.nix { inherit lib; };
|
genid = lib.genid_uint32; # TODO remove
|
||||||
genid_uint31 = x: ((lib.genid x) + 16777216) / 2;
|
genid_uint31 = x: ((lib.genid_uint32 x) + 16777216) / 2;
|
||||||
|
genid_uint32 = import ./genid.nix { inherit lib; };
|
||||||
|
|
||||||
lpad = n: c: s:
|
lpad = n: c: s:
|
||||||
if lib.stringLength s < n
|
if lib.stringLength s < n
|
||||||
|
@ -19,7 +19,7 @@ rec {
|
|||||||
default = config._module.args.name;
|
default = config._module.args.name;
|
||||||
};
|
};
|
||||||
cores = mkOption {
|
cores = mkOption {
|
||||||
type = positive;
|
type = uint;
|
||||||
};
|
};
|
||||||
nets = mkOption {
|
nets = mkOption {
|
||||||
type = attrsOf net;
|
type = attrsOf net;
|
||||||
|
@ -10,7 +10,7 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
|
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
|
||||||
# cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
|
# cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
|
||||||
krebs.build.host = config.krebs.hosts.iso;
|
krebs.build.host = { cores = 0; };
|
||||||
isoImage.isoBaseName = lib.mkForce "stockholm";
|
isoImage.isoBaseName = lib.mkForce "stockholm";
|
||||||
krebs.hidden-ssh.enable = true;
|
krebs.hidden-ssh.enable = true;
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
Loading…
Reference in New Issue
Block a user