Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'lass/master'

Browse Source
This commit is contained in:
makefu 2019-06-14 18:41:27 +02:00
commit 276ad5f9d5
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
44 changed files with 950 additions and 485 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
jeschli/1systems/bolide/config.nix
View File

@ -2,15 +2,15 @@
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{ config, pkgs, lib, ... }:
{
imports =
[
./hardware-configuration.nix
<stockholm/jeschli>
<home-manager/nixos>
<stockholm/jeschli/2configs/urxvt.nix>
<stockholm/jeschli/2configs/emacs.nix>
# <stockholm/jeschli/2configs/emacs.nix>
];
krebs.build.host = config.krebs.hosts.bolide;
@ -29,7 +29,8 @@
allowDiscards = true;
} ];
# networking.hostName = "bolide"; # Define your hostname.
networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true;
# Select internationalisation properties.
# i18n = {
@ -52,6 +53,8 @@
};
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
home-manager
wget vim
# system helper
ag
@ -92,6 +95,22 @@
zathura
];
home-manager.useUserPackages = true;
home-manager.users.jeschli = {
home.stateVersion = "19.03";
};
home-manager.users.jeschli.home.file = {
".emacs.d" = {
source = pkgs.fetchFromGitHub {
owner = "jeschli";
repo = "emacs.d";
rev = "8ed6c40";
sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0";
};
recursive = true;
};
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.bash.enableCompletion = true;
@ -103,36 +122,37 @@
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Enable CUPS to print documents.
# services.printing.enable = true;
services.xserver = {
# Enable the X11 windowing system.
services.xserver.enable = true;
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
enable = true;
services.xserver.displayManager.sddm.enable = true;
services.xserver.windowManager.xmonad.enable = true;
services.xserver.windowManager.xmonad.enableContribAndExtras = true;
# Enable touchpad support.
# services.xserver.libinput.enable = true;
desktopManager = {
xfce.enable = true;
gnome3.enable = true;
};
# # Don't install feh into systemPackages
# # refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
# desktopManager.session = lib.mkForce [];
#
# enable = true;
# display = 11;
# tty = 11;
#
# dpi = 96;
# Enable the KDE Desktop Environment.
# services.xserver.displayManager.sddm.enable = true;
# services.xserver.desktopManager.plasma5.enable = true;
videoDrivers = [ "nvidia" ];
};
services.xserver.windowManager.i3.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.extraUsers.jeschli = {
isNormalUser = true;
extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
hardware.pulseaudio.enable = true;
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you

1
jeschli/1systems/bolide/hardware-configuration.nix
View File

@ -29,4 +29,5 @@
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = "powersave";
hardware.pulseaudio.enable = true;
}

171
jeschli/1systems/bolide/home.nix Normal file
View File

@ -0,0 +1,171 @@
{ pkgs, ... }:
{
home.file = {
".emacs.d" = {
source = pkgs.fetchFromGitHub {
owner = "jeschli";
repo = "emacs.d";
rev = "8ed6c40";
sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0";
};
recursive = true;
};
".config/i3/config".text = ''
set $mod Mod4
font pango:monospace 8
floating_modifier $mod
bindsym $mod+Return exec i3-sensible-terminal
bindsym $mod+Shift+q kill
bindsym $mod+d exec rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
bindsym $mod+x exec rofi -modi window -show window -auto-select
# switch to last used window
bindsym $mod+Tab exec rofi -show window& sleep 0.15 && xdotool key Down
# change focus
bindsym $mod+j focus left
bindsym $mod+k focus down
bindsym $mod+l focus up
bindsym $mod+semicolon focus right
# alternatively, you can use the cursor keys:
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# Resizing windows by 10 in i3 using keyboard only
bindsym $mod+Ctrl+Shift+Right resize shrink width 10 px or 10 ppt
bindsym $mod+Ctrl+Shift+Up resize grow height 10 px or 10 ppt
bindsym $mod+Ctrl+Shift+Down resize shrink height 10 px or 10 ppt
bindsym $mod+Ctrl+Shift+Left resize grow width 10 px or 10 ppt
# move focused window
bindsym $mod+Shift+j move left
bindsym $mod+Shift+k move down
bindsym $mod+Shift+l move up
bindsym $mod+Shift+semicolon move right
# alternatively, you can use the cursor keys:
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# split in horizontal orientation
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
# focus the parent container
bindsym $mod+a focus parent
# focus the child container
#bindsym $mod+d focus child
# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
set $ws1 "1"
set $ws2 "2"
set $ws3 "3"
set $ws4 "4"
set $ws5 "5"
set $ws6 "6"
set $ws7 "7"
set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
# switch to workspace
bindsym $mod+1 workspace $ws1
bindsym $mod+2 workspace $ws2
bindsym $mod+3 workspace $ws3
bindsym $mod+4 workspace $ws4
bindsym $mod+5 workspace $ws5
bindsym $mod+6 workspace $ws6
bindsym $mod+7 workspace $ws7
bindsym $mod+8 workspace $ws8
bindsym $mod+9 workspace $ws9
bindsym $mod+0 workspace $ws10
# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
bindsym $mod+Shift+3 move container to workspace $ws3
bindsym $mod+Shift+4 move container to workspace $ws4
bindsym $mod+Shift+5 move container to workspace $ws5
bindsym $mod+Shift+6 move container to workspace $ws6
bindsym $mod+Shift+7 move container to workspace $ws7
bindsym $mod+Shift+8 move container to workspace $ws8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace $ws10
# reload the configuration file
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'"
bindsym $mod+p exec i3-sensible-pager
# resize window (you can also use the mouse for that)
mode "resize" {
# These bindings trigger as soon as you enter the resize mode
# Pressing left will shrink the windows width.
# Pressing right will grow the windows width.
# Pressing up will shrink the windows height.
# Pressing down will grow the windows height.
bindsym j resize shrink width 10 px or 10 ppt
bindsym k resize grow height 10 px or 10 ppt
bindsym l resize shrink height 10 px or 10 ppt
bindsym semicolon resize grow width 10 px or 10 ppt
# same bindings, but for the arrow keys
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
# back to normal: Enter or Escape or $mod+r
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
}
bindsym $mod+r mode "resize"
# Start i3bar to display a workspace bar (plus the system information i3status
# finds out, if available)
bar {
position top
status_command i3status
}
'';
};
}

37
jeschli/1systems/brauerei/config.nix
View File

@ -1,19 +1,17 @@
{ config, pkgs, lib, ... }:
let
xmonad-jeschli = pkgs.callPackage <stockholm/jeschli/5pkgs/simple/xmonad-jeschli> { inherit config; };
mainUser = config.krebs.build.user.name;
in
{
imports = [
<stockholm/jeschli>
./hardware-configuration.nix
<home-manager/nixos>
<stockholm/jeschli/2configs/urxvt.nix>
# <stockholm/jeschli/2configs/emacs.nix>
# <stockholm/jeschli/2configs/xdg.nix>
# <stockholm/jeschli/2configs/xserver>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/virtualbox.nix>
];
];
krebs.build.host = config.krebs.hosts.brauerei;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
@ -54,7 +52,10 @@ in
copyq
curl
dmenu
rofi
xdotool
git
gnupg
i3lock
keepass
networkmanagerapplet
@ -92,9 +93,11 @@ in
})
# dev tools
gnumake
jetbrains.clion
jetbrains.goland
jetbrains.pycharm-professional
jetbrains.webstorm
vscode
# document viewer
evince
zathura
@ -105,7 +108,6 @@ in
cargo
rustracer
rustup
vscode
# orga tools
taskwarrior
# xorg
@ -120,6 +122,24 @@ in
# programs.mtr.enable = true;
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
home-manager.useUserPackages = true;
home-manager.users.jeschli = {
home.stateVersion = "19.03";
};
# home-manager.enable = true;
home-manager.users.jeschli.home.file = {
".emacs.d" = {
source = pkgs.fetchFromGitHub {
owner = "jeschli";
repo = "emacs.d";
rev = "8ed6c40";
sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0";
};
recursive = true;
};
};
# List services that you want to enable:
# Enable the OpenSSH daemon.
@ -155,6 +175,11 @@ in
extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
users.extraUsers.blafoo = {
isNormalUser = true;
extraGroups = ["audio"];
uid = 1002;
};
users.extraUsers.jamie = {
isNormalUser = true;
uid = 1001; # TODO genid

2
jeschli/1systems/enklave/config.nix
View File

@ -49,7 +49,7 @@
listenPort = 53589;
organisations.lass.users = [ "jeschli" ];
};
networking.firewall.allowedTCPPorts = [ 53589 ];
networking.firewall.allowedTCPPorts = [ 53589 8001 ];
}
];

4
jeschli/2configs/default.nix
View File

@ -2,7 +2,7 @@
with import <stockholm/lib>;
{
imports = [
./vim.nix
# ./vim.nix
./retiolum.nix
./zsh.nix
<stockholm/lass/2configs/security-workarounds.nix>
@ -56,7 +56,7 @@ with import <stockholm/lib>;
usbutils
# logify
goify
vim
#unpack stuff
p7zip
unzip

2
jeschli/2configs/git.nix
View File

@ -60,7 +60,7 @@ let
with git // config.krebs.users;
repo:
singleton {
user = [ jeschli jeschli-brauerei];
user = [ jeschli jeschli-brauerei jeschli-bolide];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++

9
jeschli/2configs/home-manager/default.nix Normal file
View File

@ -0,0 +1,9 @@
{
imports = [
<home-manager/nixos>
];
home-manager.useUserPackages = true;
home-manager.users.jeschli = {
home.stateVersion = "19.03";
};
}

6
jeschli/krops.nix
View File

@ -15,6 +15,12 @@
file = "${lib.getEnv "HOME"}/secrets/${name}";
};
}
{
home-manager.git = {
url = https://github.com/rycee/home-manager;
ref = "2ccbf43";
};
}
];
in {

0
krebs/0tests/data/secrets/github-hosts-sync.ssh.id_ed25519 Normal file
View File

1
krebs/1systems/hotdog/config.nix
View File

@ -18,6 +18,7 @@
];
krebs.build.host = config.krebs.hosts.hotdog;
krebs.github-hosts-sync.enable = true;
boot.isContainer = true;
networking.useDHCP = false;

6
krebs/3modules/external/palo.nix vendored
View File

@ -34,7 +34,10 @@ in {
retiolum = {
ip4.addr = "10.243.23.3";
tinc.port = 720;
aliases = [ "kruck.r" ];
aliases = [
"kruck.r"
"video.kruck.r"
];
tinc.pubkey = tinc-for "palo";
};
};
@ -49,6 +52,7 @@ in {
tinc.pubkey = tinc-for "palo";
};
};
syncthing.id = "FLY7DHI-TJLEQBJ-JZNC4YV-NBX53Z2-ZBRWADL-BKSFXYZ-L4FMDVH-MOSEVAQ";
};
workhorse = {
owner = config.krebs.users.palo;

28
krebs/3modules/github-hosts-sync.nix
View File

@ -11,17 +11,25 @@ let
api = {
enable = mkEnableOption "krebs.github-hosts-sync";
port = mkOption {
type = types.int; # TODO port type
default = 1028;
};
dataDir = mkOption {
type = types.str; # TODO path (but not just into store)
default = "/var/lib/github-hosts-sync";
};
srcDir = mkOption {
type = types.str;
default = "${config.krebs.tinc.retiolum.confDir}/hosts";
};
ssh-identity-file = mkOption {
type = types.suffixed-str [".ssh.id_ed25519" ".ssh.id_rsa"];
default = toString <secrets/github-hosts-sync.ssh.id_rsa>;
default = toString <secrets/github-hosts-sync.ssh.id_ed25519>;
};
url = mkOption {
type = types.str;
default = "git@github.com:krebs/hosts.git";
};
workTree = mkOption {
type = types.absolute-pathname;
default = "${cfg.dataDir}/cache";
};
};
@ -30,13 +38,18 @@ let
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
port = toString cfg.port;
GITHUB_HOST_SYNC_USER_MAIL = user.mail;
GITHUB_HOST_SYNC_USER_NAME = user.name;
GITHUB_HOST_SYNC_SRCDIR = cfg.srcDir;
GITHUB_HOST_SYNC_WORKTREE = cfg.workTree;
GITHUB_HOST_SYNC_URL = cfg.url;
};
serviceConfig = {
PermissionsStartOnly = "true";
SyslogIdentifier = "github-hosts-sync";
User = user.name;
Restart = "always";
Type = "oneshot";
RemainAfterExit = true;
ExecStartPre = pkgs.writeDash "github-hosts-sync-init" ''
set -euf
install -m 0711 -o ${user.name} -d ${cfg.dataDir}
@ -56,6 +69,7 @@ let
};
user = rec {
mail = "${name}@${config.krebs.build.host.name}";
name = "github-hosts-sync";
uid = genid_uint31 name;
};

10
krebs/3modules/github-known-hosts.nix
View File

@ -28,12 +28,22 @@
"140.82.125.*"
"140.82.126.*"
"140.82.127.*"
"13.114.40.48"
"13.229.188.59"
"13.234.176.102"
"13.234.210.38"
"13.236.229.21"
"13.237.44.5"
"13.250.177.223"
"15.164.81.167"
"18.194.104.89"
"18.195.85.27"
"35.159.8.160"
"52.192.72.89"
"52.64.108.95"
"52.69.186.44"
"52.74.223.119"
"52.78.231.108"
];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
};

1
krebs/3modules/lass/default.nix
View File

@ -35,6 +35,7 @@ in {
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"
cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
codi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
io 60 IN NS ions.lassul.us.
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}

39
krebs/3modules/syncthing.nix
View File

@ -22,7 +22,7 @@ let
getApiKey = pkgs.writeDash "getAPIKey" ''
${pkgs.libxml2}/bin/xmllint \
--xpath 'string(configuration/gui/apikey)'\
${config.services.syncthing.dataDir}/config.xml
${config.services.syncthing.configDir}/config.xml
'';
updateConfig = pkgs.writeDash "merge-syncthing-config" ''
@ -31,9 +31,9 @@ let
${pkgs.untilport}/bin/untilport localhost 8384
API_KEY=$(${getApiKey})
CFG=$(${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config)
echo "$CFG" | ${pkgs.jq}/bin/jq -s '.[] * {
"devices": ${builtins.toJSON devices},
"folders": ${builtins.toJSON folders}
echo "$CFG" | ${pkgs.jq}/bin/jq -s '.[] as $in | $in * {
"devices": (${builtins.toJSON devices}${optionalString (! cfg.overridePeers) " + $in.devices"}),
"folders": (${builtins.toJSON folders}${optionalString (! cfg.overrideFolders) " + $in.folders"})
}' | ${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config -d @-
${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/restart -X POST
'';
@ -45,11 +45,6 @@ in
enable = mkEnableOption "syncthing-init";
id = mkOption {
type = types.str;
default = config.krebs.build.host.name;
};
cert = mkOption {
type = types.nullOr types.absolute-pathname;
default = null;
@ -60,6 +55,13 @@ in
default = null;
};
overridePeers = mkOption {
type = types.bool;
default = true;
description = ''
Whether to delete the peers which are not configured via the peers option
'';
};
peers = mkOption {
default = {};
type = types.attrsOf (types.submodule ({
@ -80,6 +82,13 @@ in
}));
};
overrideFolders = mkOption {
type = types.bool;
default = true;
description = ''
Whether to delete the folders which are not configured via the peers option
'';
};
folders = mkOption {
default = {};
type = types.attrsOf (types.submodule ({ config, ... }: {
@ -135,14 +144,14 @@ in
systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) {
preStart = ''
${optionalString (cfg.cert != null) ''
cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/cert.pem
chmod 400 ${config.services.syncthing.dataDir}/cert.pem
cp ${toString cfg.cert} ${config.services.syncthing.configDir}/cert.pem
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.configDir}/cert.pem
chmod 400 ${config.services.syncthing.configDir}/cert.pem
''}
${optionalString (cfg.key != null) ''
cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/key.pem
chmod 400 ${config.services.syncthing.dataDir}/key.pem
cp ${toString cfg.key} ${config.services.syncthing.configDir}/key.pem
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.configDir}/key.pem
chmod 400 ${config.services.syncthing.configDir}/key.pem
''}
'';
};

3
krebs/5pkgs/haskell/xmonad-stockholm.nix
View File

@ -1,5 +1,4 @@
{ mkDerivation, base, containers, fetchgit, filepath, stdenv, unix, X11, X11-xft
, X11-xshape, xmonad, xmonad-contrib
{ mkDerivation, base, containers, fetchgit, filepath, stdenv, unix, X11, X11-xft , X11-xshape, xmonad, xmonad-contrib
}:
mkDerivation rec {
pname = "xmonad-stockholm";

39
krebs/5pkgs/simple/github-hosts-sync/default.nix
View File

@ -1,37 +1,32 @@
{ pkgs, stdenv, ... }:
stdenv.mkDerivation {
name = "github-hosts-sync";
stdenv.mkDerivation rec {
name = "github-hosts-sync-${version}";
version = "2.0.0";
src = pkgs.painload;
src = ./src;
phases = [
"unpackPhase"
"installPhase"
];
installPhase =
let
ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
path = stdenv.lib.makeBinPath (with pkgs; [
coreutils
findutils
git
gnugrep
gnused
nettools
openssh
socat
]);
in
installPhase = let
ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
path = stdenv.lib.makeBinPath [
pkgs.git
pkgs.nettools
pkgs.openssh
pkgs.rsync
];
in
''
mkdir -p $out/bin
sed \
's,^main() {$,&\n export PATH=${path} GIT_SSL_CAINFO=${ca-bundle},' \
< ./retiolum/scripts/github_hosts_sync/hosts-sync \
> $out/bin/github-hosts-sync
cp hosts-sync $out/bin/github-hosts-sync
chmod +x $out/bin/github-hosts-sync
sed -i \
'1s,$,\nPATH=${path}''${PATH+:$PATH} GIT_SSL_CAINFO=${ca-bundle},' \
$out/bin/github-hosts-sync
'';
}

33
krebs/5pkgs/simple/github-hosts-sync/src/hosts-sync Executable file
View File

@ -0,0 +1,33 @@
#! /bin/sh
set -efu
exec >&2
hosts_srcdir=$GITHUB_HOST_SYNC_SRCDIR
hosts_worktree=${GITHUB_HOST_SYNC_WORKTREE-/tmp/hosts}
hosts_url=${GITHUB_HOST_SYNC_URL-git@github.com:krebs/hosts.git}
user_mail=${GITHUB_HOST_SYNC_USER_MAIL-$LOGNAME@$(hostname)}
user_name=${GITHUB_HOST_SYNC_USER_NAME-$LOGNAME}
test -d "$hosts_worktree" || git clone "$hosts_url" "$hosts_worktree"
cd "$hosts_worktree"
git pull
rsync \
--chmod D755,F644 \
--delete-excluded \
--filter 'protect .git' \
--recursive \
--verbose \
"$hosts_srcdir/" \
.
git add .
if test -n "$(git status --porcelain)"; then
git config user.email "$user_mail"
git config user.name "$user_name"
git commit -m bump
git push
fi

2
krebs/krops.nix
View File

@ -50,7 +50,7 @@
{
nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
secrets = if test then {
file = toString <stockholm/krebs/0tests/data/secrets>;
file = toString ./0tests/data/secrets;
} else {
pass = {
dir = "${lib.getEnv "HOME"}/brain";

2
lass/1systems/daedalus/config.nix
View File

@ -57,6 +57,8 @@ with import <stockholm/lib>;
{
krebs.per-user.bitcoin.packages = [
pkgs.electrum
pkgs.electron-cash
pkgs.altcoins.litecoin
];
users.extraUsers = {
bitcoin = {

31
lass/1systems/mors/config.nix
View File

@ -49,14 +49,31 @@ with import <stockholm/lib>;
];
}
{
krebs.syncthing.folders."the_playlist" = {
path = "/home/lass/tmp/the_playlist";
peers = [ "mors" "phone" "prism" ];
krebs.syncthing = {
peers.schasch.addresses = [ "schasch.r:22000" ];
folders = {
the_playlist = {
path = "/home/lass/tmp/the_playlist";
peers = [ "mors" "phone" "prism" ];
};
free_music = {
id = "mu9mn-zgvsw";
path = "/home/lass/tmp/free_music";
peers = [ "mors" "schasch" ];
};
};
};
krebs.permown."/home/lass/tmp/the_playlist" = {
owner = "lass";
group = "syncthing";
umask = "0007";
krebs.permown = {
"/home/lass/tmp/free_music" = {
owner = "lass";
group = "syncthing";
umask = "0007";
};
"/home/lass/tmp/the_playlist" = {
owner = "lass";
group = "syncthing";
umask = "0007";
};
};
}
{

2
lass/1systems/mors/physical.nix
View File

@ -22,7 +22,7 @@
};
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="10:0b:a9:72:f4:88", NAME="wl0"
SUBSYSTEM=="net", DEVPATH=="/devices/pci*/*1c.1/*/net/*", NAME="wl0"
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:c4:7a:f1", NAME="et0"
'';

15
lass/1systems/prism/config.nix
View File

@ -195,6 +195,7 @@ with import <stockholm/lib>;
};
}
<stockholm/lass/2configs/minecraft.nix>
<stockholm/lass/2configs/codimd.nix>
{
services.taskserver = {
enable = true;
@ -382,7 +383,7 @@ with import <stockholm/lib>;
'';
fileSystems."/export/download" = {
device = "/var/lib/containers/yellow/var/download";
device = "/var/lib/containers/yellow/var/download/finished";
options = [ "bind" ];
};
services.nfs.server = {
@ -395,6 +396,12 @@ with import <stockholm/lib>;
statdPort = 4000;
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; }
{ predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; }
{ predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
{ predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }
@ -456,4 +463,10 @@ with import <stockholm/lib>;
enable = true;
freeMemThreshold = 5;
};
# prism rsa hack
services.openssh.hostKeys = [{
path = toString <secrets> + "ssh.id_rsa";
type = "rsa";
}];
}

1
lass/2configs/browsers.nix
View File

@ -66,7 +66,6 @@ in {
extensions = [
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
"dbepggeogbaibhgnhhndojpepiihcmeb" # vimium
"liloimnbhkghhdhlamdjipkmadhpcjmn" # krebsgold
];
};

28
lass/2configs/codimd.nix Normal file
View File

@ -0,0 +1,28 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
services.nginx.virtualHosts.codimd = {
enableACME = true;
addSSL = true;
serverName = "codi.lassul.us";
locations."/".extraConfig = ''
client_max_body_size 4G;
proxy_set_header Host $host;
proxy_pass http://localhost:3091;
'';
};
services.codimd = {
enable = true;
configuration = {
db = {
dialect = "sqlite";
storage = "/var/lib/codimd/db.codimd.sqlite";
useCDN = false;
};
port = 3091;
};
};
}

3
lass/2configs/exim-smarthost.nix
View File

@ -103,6 +103,9 @@ with import <stockholm/lib>;
{ from = "lobsters@lassul.us"; to = lass.mail; }
{ from = "fysitech@lassul.us"; to = lass.mail; }
{ from = "threema@lassul.us"; to = lass.mail; }
{ from = "ubisoft@lassul.us"; to = lass.mail; }
{ from = "kottezeller@lassul.us"; to = lass.mail; }
{ from = "pie@lassul.us"; to = lass.mail; }
];
system-aliases = [
{ from = "mailer-daemon"; to = "postmaster"; }

2
lass/2configs/network-manager.nix
View File

@ -15,6 +15,8 @@
};
};
networking.networkmanager = {
ethernet.macAddress = "random";
wifi.macAddress = "random";
enable = true;
unmanaged = [
"docker*"

22
lass/2configs/radio.nix
View File

@ -97,12 +97,17 @@ in {
services.icecast = {
enable = true;
hostname = "config.krebs.build.host.name";
hostname = "radio.lassul.us";
admin.password = admin-password;
extraConf = ''
<authentication>
<source-password>${source-password}</source-password>
</authentication>
<mount>
<mount-name>/radio.mp3</mount-name>
<password>${source-password}</password>
</mount>
<mount>
<mount-name>/radio.ogg</mount-name>
<password>${source-password}</password>
</mount>
'';
};
@ -194,8 +199,8 @@ in {
workdir = config.krebs.reaktor2.the_playlist.stateDir;
hooks.PRIVMSG = [
{
activate = "match";
pattern = ''!([^ ]+)(?:\s*(.*))?'';
#activate = "match";
pattern = "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$";
command = 1;
arguments = [2];
commands = {
@ -218,6 +223,11 @@ in {
forceSSL = true;
enableACME = true;
locations."/".extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:8000;
'';
locations."/recent".extraConfig = ''

4
lass/2configs/retiolum.nix
View File

@ -20,8 +20,10 @@
"prism"
"gum"
"ni"
"dishfire"
];
extraConfig = ''
LocalDiscovery = yes
'';
};
nixpkgs.config.packageOverrides = pkgs: {

11
lass/2configs/syncthing.nix
View File

@ -1,5 +1,7 @@
{ config, pkgs, ... }: with import <stockholm/lib>; let
peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts);
all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts;
own_peers = filterAttrs (n: v: v.owner.name == "lass") all_peers;
mk_peers = mapAttrs (n: v: { id = v.syncthing.id; });
in {
services.syncthing = {
enable = true;
@ -14,8 +16,8 @@ in {
enable = true;
cert = toString <secrets/syncthing.cert>;
key = toString <secrets/syncthing.key>;
peers = peers;
folders."/home/lass/sync".peers = attrNames peers;
peers = mk_peers all_peers;
folders."/home/lass/sync".peers = attrNames (filterAttrs (n: v: n != "phone") own_peers);
};
system.activationScripts.syncthing-home = ''
@ -23,8 +25,9 @@ in {
'';
krebs.permown."/home/lass/sync" = {
file-mode = "u+rw,g+rw";
owner = "lass";
group = "syncthing";
umask = "0007";
umask = "0002";
};
}

47
lass/2configs/websites/domsen.nix
View File

@ -26,6 +26,7 @@ in {
./default.nix
./sqlBackup.nix
(servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ])
(servePage [ "jarugadesign.de" "www.jarugadesign.de" ])
(servePage [
"freemonkey.art"
"www.freemonkey.art"
@ -93,6 +94,7 @@ in {
hostName = "o.xanf.org";
config = {
adminpassFile = toString <secrets> + "/nextcloud_pw";
overwriteProtocol = "https";
};
https = true;
nginx.enable = true;
@ -141,6 +143,7 @@ in {
{ from = "akayguen@freemonkey.art"; to ="akayguen"; }
{ from = "bui@freemonkey.art"; to ="bui"; }
{ from = "kontakt@alewis.de"; to ="klabusterbeere"; }
{ from = "hallo@jarugadesign.de"; to ="kasia"; }
{ from = "testuser@lassul.us"; to = "testuser"; }
{ from = "testuser@ubikmedia.eu"; to = "testuser"; }
@ -150,6 +153,7 @@ in {
"ubikmedia.eu"
"ubikmedia.de"
"alewis.de"
"jarugadesign.de"
];
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
ssl_key = "/var/lib/acme/lassul.us/key.pem";
@ -234,7 +238,18 @@ in {
createHome = true;
};
krebs.on-failure.plans.restic-backups-domsen = {};
users.users.kasia = {
uid = genid_uint31 "kasia";
home = "/home/kasia";
useDefaultShell = true;
createHome = true;
};
krebs.on-failure.plans.restic-backups-domsen = {
journalctl = {
lines = 1000;
};
};
services.restic.backups.domsen = {
initialize = true;
extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString <secrets> + "/ssh.id_ed25519"} -s sftp'" ];
@ -247,11 +262,41 @@ in {
"/home/ms/Mail"
"/home/klabusterbeere/Mail"
"/home/jms/Mail"
"/home/kasia/Mail"
"/home/bruno/Mail"
"/home/akayguen/Mail"
"/backups/sql_dumps"
];
};
boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576";
krebs.permown = {
"/srv/http/ubikmedia.de" = {
owner = "domsen";
group = "nginx";
umask = "0007";
};
"/srv/http/o.ubikmedia.de" = {
owner = "domsen";
group = "nginx";
umask = "0007";
};
"/srv/http/freemonkey.art" = {
owner = "domsen";
group = "nginx";
umask = "0002";
};
"/srv/http/jarugadesign.de" = {
owner = "domsen";
group = "nginx";
umask = "0002";
};
"/srv/http/reich-gebaeudereinigung.de" = {
owner = "domsen";
group = "nginx";
umask = "0002";
};
};
}

5
tv/2configs/hw/x220.nix
View File

@ -57,6 +57,11 @@
HandleSuspendKey=ignore
'';
# because extraConfig is not extra enough:
services.logind.lidSwitch = "ignore";
services.logind.lidSwitchDocked = "ignore";
services.logind.lidSwitchExternalPower = "ignore";
services.xserver = {
videoDriver = "intel";
};

390
tv/2configs/vim.nix
View File

@ -14,389 +14,17 @@ let {
};
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
# cannot use pkgs.vimPlugins.fzf-vim as it's missing :Rg
(pkgs.vimUtils.buildVimPlugin {
name = "fzf-2018-11-14";
src = pkgs.fetchgit {
url = https://github.com/junegunn/fzf.vim;
rev = "ad1833ecbc9153b6e34a4292dc089a58c4bcb8dc";
sha256 = "1z2q71q6l9hq9fqfqpj1svhyk4yk1bzw1ljhksx4bnpz8gkfbx2m";
};
})
pkgs.tv.vimPlugins.elixir
pkgs.tv.vimPlugins.file-line
pkgs.tv.vimPlugins.fzf
pkgs.tv.vimPlugins.hack
pkgs.tv.vimPlugins.jq
pkgs.tv.vimPlugins.nix
pkgs.tv.vimPlugins.showsyntax
pkgs.tv.vimPlugins.tv
pkgs.tv.vimPlugins.vim
pkgs.vimPlugins.fzfWrapper
pkgs.vimPlugins.undotree
(pkgs.vimUtils.buildVimPlugin {
name = "vim-elixir-2018-08-17";
src = pkgs.fetchgit {
url = https://github.com/elixir-editors/vim-elixir;
rev = "0a847f0faed5ba2d94bb3d51f355c50f37ba025b";
sha256 = "1jl85wpgywhcvhgw02y8zpvqf0glr4i8522kxpvhsiacb1v1xh04";
};
})
(pkgs.vimUtils.buildVimPlugin {
name = "vim-syntax-jq";
src = pkgs.fetchgit {
url = https://github.com/vito-c/jq.vim;
rev = "99d55a300047946a82ecdd7617323a751199ad2d";
sha256 = "09c94nah47wx0cr556w61h6pfznxld18pfblc3nv51ivbw7cjqyx";
};
})
(pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchgit {
url = git://github.com/bogado/file-line;
rev = "refs/tags/1.0";
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
};
})
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "hack";
in {
name = "vim-color-${name}-1.0.2";
destination = "/colors/${name}.vim";
text = /* vim */ ''
set background=dark
hi clear
if exists("syntax_on")
syntax clear
endif
let colors_name = ${toJSON name}
hi Normal ctermbg=235
hi Comment ctermfg=242
hi Constant ctermfg=255
hi Identifier ctermfg=253
hi Function ctermfg=253
hi Statement ctermfg=253
hi PreProc ctermfg=251
hi Type ctermfg=251
hi Delimiter ctermfg=251
hi Special ctermfg=255
hi Garbage ctermbg=088
hi TabStop ctermbg=016
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=040
hi NixData ctermfg=046
hi NixQuote ctermfg=071
hi diffNewFile ctermfg=207
hi diffFile ctermfg=207
hi diffLine ctermfg=207
hi diffSubname ctermfg=207
hi diffAdded ctermfg=010
hi diffRemoved ctermfg=009
hi Search cterm=NONE ctermbg=216
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "vim";
in {
name = "vim-syntax-${name}-1.0.0";
destination = "/syntax/${name}.vim";
text = /* vim */ ''
${concatMapStringsSep "\n" (s: /* vim */ ''
syn keyword vimColor${s} ${s}
\ containedin=ALLBUT,vimComment,vimLineComment
hi vimColor${s} ctermfg=${s}
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "showsyntax";
in {
name = "vim-plugin-${name}-1.0.0";
destination = "/plugin/${name}.vim";
text = /* vim */ ''
if exists('g:loaded_showsyntax')
finish
endif
let g:loaded_showsyntax = 0
fu! ShowSyntax()
let id = synID(line("."), col("."), 1)
let name = synIDattr(id, "name")
let transName = synIDattr(synIDtrans(id),"name")
if name != transName
let name .= " (" . transName . ")"
endif
echo "Syntax: " . name
endfu
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-tv" {
#
# Haskell
#
"/ftplugin/haskell.vim".text = ''
if exists("g:vim_tv_ftplugin_haskell_loaded")
finish
endif
let g:vim_tv_ftplugin_haskell_loaded = 1
setlocal iskeyword+='
'';
#
# TODO
#
"/ftdetect/todo.vim".text = ''
au BufRead,BufNewFile TODO set ft=todo
'';
"/ftplugin/todo.vim".text = ''
setlocal foldmethod=syntax
'';
"/syntax/todo.vim".text = ''
syn match todoComment /#.*/
syn match todoDate /^[1-9]\S*/
\ nextgroup=todoSummary
syn region todoSummary
\ contained
\ contains=todoTag
\ start="." end="$\n"
\ nextgroup=todoBlock
syn match todoTag /\[[A-Za-z]\+\]/hs=s+1,he=e-1
\ contained
syn region todoBlock
\ contained
\ contains=Comment
\ fold
\ start="^[^1-9]" end="^[1-9 ]"re=s-1,he=s-1,me=s-1
syn sync minlines=1000
hi link todoComment Comment
hi todoDate ctermfg=255
hi todoSummary ctermfg=229
hi todoBlock ctermfg=248
hi todoTag ctermfg=217
'';
}))
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
"/syntax/haskell.vim".text = ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
"/syntax/nix.vim".text = ''
"" Quit when a (custom) syntax file was already loaded
"if exists("b:current_syntax")
" finish
"endif
"setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
syn region NixSTRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
syn region NixIND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
syn match NixOther /[-!+&<>|():/;=.,?\[\]*@]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (name: {
extraStart ? null,
lang ? name
}:
let
startAlts = filter isString [
''/\* ${name} \*/''
extraStart
];
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
in /* vim */ ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
if exists("b:current_syntax")
unlet b:current_syntax
endif
syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn cluster nix_ind_strings
\ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
" This is required because containedin isn't transitive.
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') (let
capitalize = s: let
xs = stringToCharacters s;
in
toUpper (head xs) + concatStrings (tail xs);
alts = xs: ''\(${concatStringsSep ''\|'' xs}\)'';
def = k: ''${k}[ \t\r\n]*='';
writer = k: ''write${k}[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)'';
writerExt = k: writerName ''[^"]*\.${k}'';
writerName = k: ''write[^ \t\r\n]*[ \t\r\n]*"${k}"'';
in {
c = {};
cabal = {};
diff = {};
haskell = {};
jq.extraStart = alts [
(writer "Jq")
(writerExt "jq")
];
javascript.extraStart = ''/\* js \*/'';
lua = {};
python.extraStart = ''/\* py \*/'';
sed.extraStart = writer "Sed";
sh.extraStart = let
phases = [
"unpack"
"patch"
"configure"
"build"
"check"
"install"
"fixup"
"installCheck"
"dist"
];
shells = [
"ash"
"bash"
"dash"
];
in alts [
(def "shellHook")
(def "${alts phases}Phase")
(def "${alts ["pre" "post"]}${alts (map capitalize phases)}")
(writer (alts (map capitalize shells)))
];
yaml = {};
vim.extraStart = alts [
(def ''"[^"]*\.vim"\.text'')
(writerExt "vim")
(writerName ''\([^"]*\.\)\?vimrc'')
];
xdefaults = {};
xmodmap = {};
}))}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
syn clear shVarAssign
syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent
syn region nix_inside_curly
\ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote /'''\(''$\|\\.\)/he=s+2
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /'''\('\|\\.\)/he=s+1
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /\\./he=s+1
\ containedin=@nix_strings
\ contained
syn sync fromstart
let b:current_syntax = "nix"
set isk=@,48-57,_,192-255,-,'
'';
"/syntax/sed.vim".text = ''
syn region sedBranch
\ matchgroup=sedFunction start="T"
\ matchgroup=sedSemicolon end=";\|$"
\ contains=sedWhitespace
'';
"/syntax/xmodmap.vim".text = ''
syn match xmodmapComment /^\s*!.*/
'';
}))
];
dirs = {

7
tv/5pkgs/vim/default.nix Normal file
View File

@ -0,0 +1,7 @@
with import <stockholm/lib>;
self: super: {
tv = super.tv // {
vimPlugins = mapNixDir (path: self.callPackage path {}) ./.;
};
}

9
tv/5pkgs/vim/elixir.nix Normal file
View File

@ -0,0 +1,9 @@
{ pkgs }:
pkgs.vimUtils.buildVimPlugin {
name = "vim-elixir-2018-08-17";
src = pkgs.fetchgit {
url = https://github.com/elixir-editors/vim-elixir;
rev = "0a847f0faed5ba2d94bb3d51f355c50f37ba025b";
sha256 = "1jl85wpgywhcvhgw02y8zpvqf0glr4i8522kxpvhsiacb1v1xh04";
};
}

10
tv/5pkgs/vim/file-line.nix Normal file
View File

@ -0,0 +1,10 @@
{ pkgs }:
pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchgit {
url = git://github.com/bogado/file-line;
rev = "refs/tags/1.0";
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
};
}

11
tv/5pkgs/vim/fzf.nix Normal file
View File

@ -0,0 +1,11 @@
{ pkgs }:
# cannot use pkgs.vimPlugins.fzf-vim as it's missing :Rg
pkgs.vimUtils.buildVimPlugin {
name = "fzf-2018-11-14";
src = pkgs.fetchgit {
url = https://github.com/junegunn/fzf.vim;
rev = "ad1833ecbc9153b6e34a4292dc089a58c4bcb8dc";
sha256 = "1z2q71q6l9hq9fqfqpj1svhyk4yk1bzw1ljhksx4bnpz8gkfbx2m";
};
}

46
tv/5pkgs/vim/hack.nix Normal file
View File

@ -0,0 +1,46 @@
with import <stockholm/lib>;
{ pkgs }:
(rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "hack";
in {
name = "vim-color-${name}-1.0.2";
destination = "/colors/${name}.vim";
text = /* vim */ ''
set background=dark
hi clear
if exists("syntax_on")
syntax clear
endif
let colors_name = ${toJSON name}
hi Normal ctermbg=235
hi Comment ctermfg=242
hi Constant ctermfg=255
hi Identifier ctermfg=253
hi Function ctermfg=253
hi Statement ctermfg=253
hi PreProc ctermfg=251
hi Type ctermfg=251
hi Delimiter ctermfg=251
hi Special ctermfg=255
hi Garbage ctermbg=088
hi TabStop ctermbg=016
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=040
hi NixData ctermfg=046
hi NixQuote ctermfg=071
hi diffNewFile ctermfg=207
hi diffFile ctermfg=207
hi diffLine ctermfg=207
hi diffSubname ctermfg=207
hi diffAdded ctermfg=010
hi diffRemoved ctermfg=009
hi Search cterm=NONE ctermbg=216
'';
}))

10
tv/5pkgs/vim/jq.nix Normal file
View File

@ -0,0 +1,10 @@
{ pkgs }:
pkgs.vimUtils.buildVimPlugin {
name = "vim-syntax-jq";
src = pkgs.fetchgit {
url = https://github.com/vito-c/jq.vim;
rev = "99d55a300047946a82ecdd7617323a751199ad2d";
sha256 = "09c94nah47wx0cr556w61h6pfznxld18pfblc3nv51ivbw7cjqyx";
};
}

222
tv/5pkgs/vim/nix.nix Normal file
View File

@ -0,0 +1,222 @@
with import <stockholm/lib>;
{ pkgs }:
(rtp: rtp // { inherit rtp; }) (pkgs.write "vim-syntax-nix-nested" {
"/syntax/haskell.vim".text = ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
"/syntax/nix.vim".text = ''
"" Quit when a (custom) syntax file was already loaded
"if exists("b:current_syntax")
" finish
"endif
"setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
syn region NixSTRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
syn region NixIND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
syn match NixOther /[-!+&<>|():/;=.,?\[\]*@]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (name: {
extraStart ? null,
lang ? name
}:
let
startAlts = filter isString [
''/\* ${name} \*/''
extraStart
];
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
in /* vim */ ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
if exists("b:current_syntax")
unlet b:current_syntax
endif
syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn cluster nix_ind_strings
\ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
" This is required because containedin isn't transitive.
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') (let
# TODO move this higher
capitalize = s: let
xs = stringToCharacters s;
in
toUpper (head xs) + concatStrings (tail xs);
alts = xs: ''\(${concatStringsSep ''\|'' xs}\)'';
def = k: ''${k}[ \t\r\n]*='';
writer = k: ''write${k}[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)'';
writerExt = k: writerName ''[^"]*\.${k}'';
writerName = k: ''write[^ \t\r\n]*[ \t\r\n]*"${k}"'';
in {
c = {};
cabal = {};
diff = {};
haskell = {};
jq.extraStart = alts [
(writer "Jq")
(writerExt "jq")
];
javascript.extraStart = ''/\* js \*/'';
lua = {};
#nginx = {};
python.extraStart = ''/\* py \*/'';
sed.extraStart = writer "Sed";
sh.extraStart = let
phases = [
"unpack"
"patch"
"configure"
"build"
"check"
"install"
"fixup"
"installCheck"
"dist"
];
shells = [
"ash"
"bash"
"dash"
];
in alts [
(def "shellHook")
(def "${alts phases}Phase")
(def "${alts ["pre" "post"]}${alts (map capitalize phases)}")
(writer (alts (map capitalize shells)))
];
yaml = {};
vim.extraStart = alts [
(def ''"[^"]*\.vim"\.text'')
(writerExt "vim")
(writerName ''\([^"]*\.\)\?vimrc'')
];
xdefaults = {};
xmodmap = {};
}))}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
syn clear shVarAssign
syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent
syn region nix_inside_curly
\ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote /'''\(''$\|\\.\)/he=s+2
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /'''\('\|\\.\)/he=s+1
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /\\./he=s+1
\ containedin=@nix_strings
\ contained
syn sync fromstart
let b:current_syntax = "nix"
set isk=@,48-57,_,192-255,-,'
'';
"/syntax/sed.vim".text = ''
syn region sedBranch
\ matchgroup=sedFunction start="T"
\ matchgroup=sedSemicolon end=";\|$"
\ contains=sedWhitespace
'';
"/syntax/xmodmap.vim".text = ''
syn match xmodmapComment /^\s*!.*/
'';
})

26
tv/5pkgs/vim/showsyntax.nix Normal file
View File

@ -0,0 +1,26 @@
{ pkgs }:
(rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "showsyntax";
in {
name = "vim-plugin-${name}-1.0.0";
destination = "/plugin/${name}.vim";
text = /* vim */ ''
if exists('g:loaded_showsyntax')
finish
endif
let g:loaded_showsyntax = 0
fu! ShowSyntax()
let id = synID(line("."), col("."), 1)
let name = synIDattr(id, "name")
let transName = synIDattr(synIDtrans(id),"name")
if name != transName
let name .= " (" . transName . ")"
endif
echo "Syntax: " . name
endfu
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
}))

53
tv/5pkgs/vim/tv.nix Normal file
View File

@ -0,0 +1,53 @@
{ pkgs }:
(rtp: rtp // { inherit rtp; }) (pkgs.write "vim-tv" {
#
# Haskell
#
"/ftplugin/haskell.vim".text = ''
if exists("g:vim_tv_ftplugin_haskell_loaded")
finish
endif
let g:vim_tv_ftplugin_haskell_loaded = 1
setlocal iskeyword+='
'';
#
# TODO
#
"/ftdetect/todo.vim".text = ''
au BufRead,BufNewFile TODO set ft=todo
'';
"/ftplugin/todo.vim".text = ''
setlocal foldmethod=syntax
'';
"/syntax/todo.vim".text = ''
syn match todoComment /#.*/
syn match todoDate /^[1-9]\S*/
\ nextgroup=todoSummary
syn region todoSummary
\ contained
\ contains=todoTag
\ start="." end="$\n"
\ nextgroup=todoBlock
syn match todoTag /\[[A-Za-z]\+\]/hs=s+1,he=e-1
\ contained
syn region todoBlock
\ contained
\ contains=Comment
\ fold
\ start="^[^1-9]" end="^[1-9 ]"re=s-1,he=s-1,me=s-1
syn sync minlines=1000
hi link todoComment Comment
hi todoDate ctermfg=255
hi todoSummary ctermfg=229
hi todoBlock ctermfg=248
hi todoTag ctermfg=217
'';
})

16
tv/5pkgs/vim/vim.nix Normal file
View File

@ -0,0 +1,16 @@
with import <stockholm/lib>;
{ pkgs }:
(rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "vim";
in {
name = "vim-syntax-${name}-1.0.0";
destination = "/syntax/${name}.vim";
text = /* vim */ ''
${concatMapStringsSep "\n" (s: /* vim */ ''
syn keyword vimColor${s} ${s}
\ containedin=ALLBUT,vimComment,vimLineComment
hi vimColor${s} ctermfg=${s}
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
'';
}))