Merge remote-tracking branch 'gum/master'
This commit is contained in:
commit
2bf24eae61
@ -336,7 +336,6 @@ with import <stockholm/lib>;
|
|||||||
"krebsco.de" = ''
|
"krebsco.de" = ''
|
||||||
euer IN MX 1 aspmx.l.google.com.
|
euer IN MX 1 aspmx.l.google.com.
|
||||||
nixos.unstable IN CNAME krebscode.github.io.
|
nixos.unstable IN CNAME krebscode.github.io.
|
||||||
gold IN A ${nets.internet.ip4.addr}
|
|
||||||
boot IN A ${nets.internet.ip4.addr}
|
boot IN A ${nets.internet.ip4.addr}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
@ -522,6 +521,13 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
nextgum = rec {
|
nextgum = rec {
|
||||||
ci = true;
|
ci = true;
|
||||||
|
extraZones = {
|
||||||
|
"krebsco.de" = ''
|
||||||
|
cache.euer IN A ${nets.internet.ip4.addr}
|
||||||
|
cache.gum IN A ${nets.internet.ip4.addr}
|
||||||
|
gold IN A ${nets.internet.ip4.addr}
|
||||||
|
'';
|
||||||
|
};
|
||||||
cores = 8;
|
cores = 8;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
internet = {
|
internet = {
|
||||||
@ -537,6 +543,7 @@ with import <stockholm/lib>;
|
|||||||
ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
|
ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d3";
|
||||||
aliases = [
|
aliases = [
|
||||||
"nextgum.r"
|
"nextgum.r"
|
||||||
|
"cache.gum.r"
|
||||||
];
|
];
|
||||||
tinc.pubkey = ''
|
tinc.pubkey = ''
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
@ -29,7 +29,7 @@ let
|
|||||||
''}
|
''}
|
||||||
|
|
||||||
${optionalString (cfg.watchDir != null) ''
|
${optionalString (cfg.watchDir != null) ''
|
||||||
schedule = watch_directory,5,5,load_start=${cfg.watchDir}/*.torrent
|
directory.watch.added = "${cfg.watchDir}", load.start_verbose
|
||||||
''}
|
''}
|
||||||
|
|
||||||
directory = ${cfg.downloadDir}
|
directory = ${cfg.downloadDir}
|
||||||
|
@ -49,6 +49,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
|
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
|
||||||
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
|
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
|
||||||
<stockholm/makefu/2configs/dnscrypt/server.nix>
|
<stockholm/makefu/2configs/dnscrypt/server.nix>
|
||||||
|
<stockholm/makefu/2configs/binary-cache/server.nix>
|
||||||
<stockholm/makefu/2configs/iodined.nix>
|
<stockholm/makefu/2configs/iodined.nix>
|
||||||
|
|
||||||
## buildbot
|
## buildbot
|
||||||
@ -69,6 +70,8 @@ in {
|
|||||||
#<stockholm/makefu/2configs/nginx/public_html.nix>
|
#<stockholm/makefu/2configs/nginx/public_html.nix>
|
||||||
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
|
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
|
||||||
#<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
|
#<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
|
||||||
|
<stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
|
||||||
|
<stockholm/makefu/2configs/deployment/events-publisher>
|
||||||
|
|
||||||
#<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
|
#<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
|
||||||
#<stockholm/makefu/2configs/deployment/graphs.nix>
|
#<stockholm/makefu/2configs/deployment/graphs.nix>
|
||||||
|
@ -45,12 +45,20 @@ in {
|
|||||||
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
|
"ata_piix" "vmw_pvscsi" "virtio_pci" "sd_mod" "ahci"
|
||||||
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
|
"xhci_pci" "ehci_pci" "ahci" "sd_mod"
|
||||||
];
|
];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" "dm-raid" "dm_thin_pool" ];
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/mapper/nixos-root";
|
device = "/dev/mapper/nixos-root";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
fileSystems."/var/lib" = {
|
||||||
|
device = "/dev/mapper/nixos-lib";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
fileSystems."/var/download" = {
|
||||||
|
device = "/dev/mapper/nixos-download";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
fileSystems."/boot" = {
|
fileSystems."/boot" = {
|
||||||
device = "/dev/sda2";
|
device = "/dev/sda2";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
@ -69,7 +77,9 @@ in {
|
|||||||
#pvcreate /dev/sda3
|
#pvcreate /dev/sda3
|
||||||
#pvcreate /dev/sdb1
|
#pvcreate /dev/sdb1
|
||||||
#vgcreate nixos /dev/sda3 /dev/sdb1
|
#vgcreate nixos /dev/sda3 /dev/sdb1
|
||||||
#lvcreate -L 120G -n root nixos
|
#lvcreate -L 120G -m 1 -n root nixos
|
||||||
|
#lvcreate -L 50G -m 1 -n lib nixos
|
||||||
|
#lvcreate -L 50G -n download nixos
|
||||||
#mkfs.ext4 /dev/mapper/nixos-root
|
#mkfs.ext4 /dev/mapper/nixos-root
|
||||||
#mount /dev/mapper/nixos-root /mnt
|
#mount /dev/mapper/nixos-root /mnt
|
||||||
#mkdir /mnt/boot
|
#mkdir /mnt/boot
|
||||||
|
@ -39,11 +39,15 @@ in {
|
|||||||
|
|
||||||
# Sensors
|
# Sensors
|
||||||
<stockholm/makefu/2configs/stats/telegraf>
|
<stockholm/makefu/2configs/stats/telegraf>
|
||||||
<stockholm/makefu/2configs/deployment/led-fader.nix>
|
|
||||||
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
|
||||||
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
<stockholm/makefu/2configs/stats/telegraf/airsensor.nix>
|
||||||
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
|
<stockholm/makefu/2configs/stats/telegraf/europastats.nix>
|
||||||
|
<stockholm/makefu/2configs/stats/external/aralast.nix>
|
||||||
|
<stockholm/makefu/2configs/stats/arafetch.nix>
|
||||||
|
<stockholm/makefu/2configs/deployment/led-fader.nix>
|
||||||
<stockholm/makefu/2configs/hw/mceusb.nix>
|
<stockholm/makefu/2configs/hw/mceusb.nix>
|
||||||
|
# <stockholm/makefu/2configs/stats/telegraf/bamstats.nix>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<stockholm/makefu/2configs/deployment/bureautomation>
|
<stockholm/makefu/2configs/deployment/bureautomation>
|
||||||
(let
|
(let
|
||||||
|
@ -8,6 +8,7 @@ with import <stockholm/lib>;
|
|||||||
imports =
|
imports =
|
||||||
[ # base
|
[ # base
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
<stockholm/makefu/2configs/nur.nix>
|
||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
<stockholm/makefu/2configs/extra-fonts.nix>
|
<stockholm/makefu/2configs/extra-fonts.nix>
|
||||||
<stockholm/makefu/2configs/tools/all.nix>
|
<stockholm/makefu/2configs/tools/all.nix>
|
||||||
@ -54,7 +55,6 @@ with import <stockholm/lib>;
|
|||||||
internalInterfaces = [ "vboxnet0" ];
|
internalInterfaces = [ "vboxnet0" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
# Services
|
# Services
|
||||||
<stockholm/makefu/2configs/git/brain-retiolum.nix>
|
<stockholm/makefu/2configs/git/brain-retiolum.nix>
|
||||||
<stockholm/makefu/2configs/tor.nix>
|
<stockholm/makefu/2configs/tor.nix>
|
||||||
@ -64,6 +64,7 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
# Hardware
|
# Hardware
|
||||||
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
||||||
|
<stockholm/makefu/2configs/hw/mceusb.nix>
|
||||||
# <stockholm/makefu/2configs/hw/tpm.nix>
|
# <stockholm/makefu/2configs/hw/tpm.nix>
|
||||||
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
||||||
<stockholm/makefu/2configs/hw/network-manager.nix>
|
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||||
@ -125,7 +126,7 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.x;
|
krebs.build.host = config.krebs.hosts.x;
|
||||||
|
|
||||||
krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" ];
|
krebs.tinc.retiolum.connectTo = [ "omo" "gum" "prism" "nextgum" ];
|
||||||
|
|
||||||
networking.extraHosts = ''
|
networking.extraHosts = ''
|
||||||
192.168.1.11 omo.local
|
192.168.1.11 omo.local
|
||||||
@ -133,6 +134,8 @@ with import <stockholm/lib>;
|
|||||||
'';
|
'';
|
||||||
# hard dependency because otherwise the device will not be unlocked
|
# hard dependency because otherwise the device will not be unlocked
|
||||||
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||||
|
# avoid full boot dir
|
||||||
|
boot.loader.grub.configurationLimit = 3;
|
||||||
|
|
||||||
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
|
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
|
||||||
nixpkgs.overlays = [ (import <python/overlay.nix>) ];
|
nixpkgs.overlays = [ (import <python/overlay.nix>) ];
|
||||||
|
31
makefu/2configs/binary-cache/server.nix
Normal file
31
makefu/2configs/binary-cache/server.nix
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
{ config, lib, pkgs, ...}:
|
||||||
|
|
||||||
|
{
|
||||||
|
# generate private key with:
|
||||||
|
# nix-store --generate-binary-cache-key gum nix-serve.key nix-serve.pub
|
||||||
|
services.nix-serve = {
|
||||||
|
enable = true;
|
||||||
|
secretKeyFile = config.krebs.secret.files.nix-serve-key.path;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.nix-serve = {
|
||||||
|
requires = ["secret.service"];
|
||||||
|
after = ["secret.service"];
|
||||||
|
};
|
||||||
|
krebs.secret.files.nix-serve-key = {
|
||||||
|
path = "/run/secret/nix-serve.key";
|
||||||
|
owner.name = "nix-serve";
|
||||||
|
source-path = toString <secrets> + "/nix-serve.key";
|
||||||
|
};
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts.nix-serve = {
|
||||||
|
serverAliases = [ "cache.gum.r"
|
||||||
|
"cache.euer.krebsco.de"
|
||||||
|
"cache.gum.krebsco.de"
|
||||||
|
];
|
||||||
|
locations."/".proxyPass= "http://localhost:${toString config.services.nix-serve.port}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
48
makefu/2configs/deployment/events-publisher/default.nix
Normal file
48
makefu/2configs/deployment/events-publisher/default.nix
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
shack-announce = pkgs.callPackage (builtins.fetchTarball {
|
||||||
|
url = "https://github.com/makefu/events-publisher/archive/15fbe5cc6ac9617a08a042870795f9e879d9952a.tar.gz";
|
||||||
|
sha256 = "1bqp1qdnwx5q1w468zbm57hmpjz3x8if3j29qrqcia0vzks1s37a";
|
||||||
|
}) {} ;
|
||||||
|
home = "/var/lib/shackannounce";
|
||||||
|
user = "shackannounce";
|
||||||
|
creds = (toString <secrets>) + "/shack-announce.json";
|
||||||
|
in
|
||||||
|
{
|
||||||
|
users.users.${user}= {
|
||||||
|
uid = genid user;
|
||||||
|
inherit home;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
systemd.services.shack-announce = {
|
||||||
|
description = "Announce shack events";
|
||||||
|
startAt = "*:0/30";
|
||||||
|
path = [ shack-announce ];
|
||||||
|
serviceConfig = {
|
||||||
|
WorkingDirectory = home;
|
||||||
|
User = user;
|
||||||
|
PermissionsStartOnly = true;
|
||||||
|
ExecStartPre = pkgs.writeDash "shack-announce-pre" ''
|
||||||
|
set -eu
|
||||||
|
cp ${creds} creds.json
|
||||||
|
chown ${user} creds.json
|
||||||
|
'';
|
||||||
|
ExecStart = pkgs.writeDash "shack-announce" ''
|
||||||
|
if test ! -e announce.state; then
|
||||||
|
echo "initializing state"
|
||||||
|
announce-daemon \
|
||||||
|
--lol INFO \
|
||||||
|
--creds creds.json \
|
||||||
|
--state announce.state \
|
||||||
|
--clean --init
|
||||||
|
fi
|
||||||
|
echo "Running announce"
|
||||||
|
announce-daemon \
|
||||||
|
--lol INFO \
|
||||||
|
--creds creds.json \
|
||||||
|
--state announce.state
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
{pkgs,...}:{
|
{pkgs, lib, ...}:{
|
||||||
# Disable the MCE remote from acting like a keyboard. (We use lirc instead.)
|
# Disable the MCE remote from acting like a keyboard. (We use lirc instead.)
|
||||||
services.xserver.inputClassSections = [''
|
services.xserver.inputClassSections = [''
|
||||||
Identifier "MCE USB Keyboard mimic blacklist"
|
Identifier "MCE USB Keyboard mimic blacklist"
|
||||||
@ -6,13 +6,12 @@
|
|||||||
MatchProduct "Media Center Ed. eHome Infrared Remote Transceiver (1934:5168)"
|
MatchProduct "Media Center Ed. eHome Infrared Remote Transceiver (1934:5168)"
|
||||||
Option "Ignore" "on"
|
Option "Ignore" "on"
|
||||||
''];
|
''];
|
||||||
boot.kernelPackages = builtins.trace "Using linux kernel 4.16, not latest" pkgs.linuxPackages_4_16;
|
boot.kernelPatches = lib.singleton {
|
||||||
nixpkgs.config.packageOverrides = pkgs: {
|
name = "enable-lirc";
|
||||||
linux_4_16 = pkgs.linux_4_16.override {
|
patch = null;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
LIRC y
|
LIRC y
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -22,15 +22,9 @@
|
|||||||
};
|
};
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
# TODO: put somewhere else
|
|
||||||
services.xserver.displayManager.sessionCommands = ''
|
|
||||||
${pkgs.clipit}/bin/clipit &
|
|
||||||
${pkgs.networkmanagerapplet}/bin/nm-applet &
|
|
||||||
'';
|
|
||||||
|
|
||||||
# nixOSUnstable
|
# nixOSUnstable
|
||||||
# networking.networkmanager.wifi = {
|
networking.networkmanager.wifi = {
|
||||||
# powersave = true;
|
powersave = true;
|
||||||
# scanRandMacAddress = true;
|
scanRandMacAddress = true;
|
||||||
# };
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,13 +1,12 @@
|
|||||||
{ pkgs, lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
# TODO: un-pin linuxPackages somehow
|
boot.kernelPatches = lib.singleton {
|
||||||
nixpkgs.config.packageOverrides = pkgs: {
|
name = "enable-stk1160";
|
||||||
linux_4_14 = pkgs.linux_4_14.override {
|
patch = null;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
MEDIA_ANALOG_TV_SUPPORT y
|
MEDIA_ANALOG_TV_SUPPORT y
|
||||||
VIDEO_STK1160_COMMON m
|
VIDEO_STK1160_COMMON m
|
||||||
VIDEO_STK1160 m
|
VIDEO_STK1160 m
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
24
makefu/2configs/nginx/gold.krebsco.de.nix
Normal file
24
makefu/2configs/nginx/gold.krebsco.de.nix
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
gold = pkgs.fetchFromGitHub {
|
||||||
|
owner = "krebs";
|
||||||
|
repo = "krebsgold";
|
||||||
|
rev = "15f7a74";
|
||||||
|
sha256= "1ya9xgg640k3hbl63022sfm44c1si2mxch8jkxindmwg4pa1y4ly";
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
|
||||||
|
services.nginx = {
|
||||||
|
enable = mkDefault true;
|
||||||
|
virtualHosts = {
|
||||||
|
"gold.krebsco.de" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
root = toString gold + "/html";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
7
makefu/2configs/nur.nix
Normal file
7
makefu/2configs/nur.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ pkgs, ... }:{
|
||||||
|
nixpkgs.config.packageOverrides = pkgs: {
|
||||||
|
nur = pkgs.callPackage (import (builtins.fetchGit {
|
||||||
|
url = "https://github.com/nix-community/NUR";
|
||||||
|
})) {};
|
||||||
|
};
|
||||||
|
}
|
@ -1,6 +1,6 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = [
|
users.users.makefu.packages = [
|
||||||
pkgs.taskwarrior
|
pkgs.taskwarrior
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = with pkgs; [
|
users.users.makefu.packages = with pkgs; [
|
||||||
chromium
|
chromium
|
||||||
clipit
|
|
||||||
feh
|
feh
|
||||||
|
clipit
|
||||||
firefox
|
firefox
|
||||||
keepassx
|
keepassx
|
||||||
pcmanfm
|
pcmanfm
|
||||||
|
@ -4,8 +4,10 @@
|
|||||||
users.users.makefu.packages = with pkgs; [
|
users.users.makefu.packages = with pkgs; [
|
||||||
taskwarrior
|
taskwarrior
|
||||||
pass
|
pass
|
||||||
|
gopass
|
||||||
mutt
|
mutt
|
||||||
weechat
|
weechat
|
||||||
tmux
|
tmux
|
||||||
];
|
];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = with pkgs;[
|
users.users.makefu.packages = with pkgs;[
|
||||||
# media
|
# media
|
||||||
gimp
|
gimp
|
||||||
inkscape
|
inkscape
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = with pkgs; [
|
users.users.makefu.packages = with pkgs; [
|
||||||
kodi
|
kodi
|
||||||
streamripper
|
streamripper
|
||||||
youtube-dl
|
youtube-dl
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
krebs.per-user.makefu.packages = with pkgs; [
|
users.users.makefu.packages = with pkgs; [
|
||||||
aria2
|
aria2
|
||||||
# mitmproxy
|
# mitmproxy
|
||||||
pythonPackages.binwalk-full
|
pythonPackages.binwalk-full
|
||||||
|
@ -8,13 +8,13 @@ let
|
|||||||
peer-port = 51412;
|
peer-port = 51412;
|
||||||
web-port = 8112;
|
web-port = 8112;
|
||||||
daemon-port = 58846;
|
daemon-port = 58846;
|
||||||
torrent-dir = config.makefu.dl-dir;
|
base-dir = config.makefu.dl-dir;
|
||||||
in {
|
in {
|
||||||
|
|
||||||
users.users = {
|
users.users = {
|
||||||
download = {
|
download = {
|
||||||
name = "download";
|
name = "download";
|
||||||
home = torrent-dir;
|
home = base-dir;
|
||||||
uid = mkDefault (genid "download");
|
uid = mkDefault (genid "download");
|
||||||
createHome = true;
|
createHome = true;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
@ -25,10 +25,12 @@ in {
|
|||||||
|
|
||||||
# todo: race condition, do this after download user has been created
|
# todo: race condition, do this after download user has been created
|
||||||
system.activationScripts."download-dir-chmod" = ''
|
system.activationScripts."download-dir-chmod" = ''
|
||||||
for i in finished watch torrents; do
|
for i in finished watch; do
|
||||||
mkdir -p "${torrent-dir}/$i"
|
if test ! -d $i;then
|
||||||
chown download:download "${torrent-dir}/$i"
|
mkdir -p "${base-dir}/$i"
|
||||||
chmod 770 "${torrent-dir}/$i"
|
chown rtorrent:download "${base-dir}/$i"
|
||||||
|
chmod 775 "${base-dir}/$i"
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
|
|
||||||
@ -42,6 +44,7 @@ in {
|
|||||||
"nginx"
|
"nginx"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
rtorrent.members = [ "download" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
krebs.rtorrent = {
|
krebs.rtorrent = {
|
||||||
@ -54,7 +57,8 @@ in {
|
|||||||
rutorrent.enable = true;
|
rutorrent.enable = true;
|
||||||
enableXMLRPC = true;
|
enableXMLRPC = true;
|
||||||
listenPort = peer-port;
|
listenPort = peer-port;
|
||||||
workDir = torrent-dir;
|
downloadDir = base-dir + "/finished";
|
||||||
|
watchDir = base-dir + "/watch";
|
||||||
# dump old torrents into watch folder to have them re-added
|
# dump old torrents into watch folder to have them re-added
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2,7 +2,10 @@
|
|||||||
, lib
|
, lib
|
||||||
, alsaUtils
|
, alsaUtils
|
||||||
, xbacklight
|
, xbacklight
|
||||||
, modkey?"Mod4"
|
, networkmanagerapplet
|
||||||
|
, blueman
|
||||||
|
, clipit
|
||||||
|
, modkey ? "Mod4"
|
||||||
, locker? "${pkgs.xlock}/bin/xlock -mode blank"
|
, locker? "${pkgs.xlock}/bin/xlock -mode blank"
|
||||||
, ... }:
|
, ... }:
|
||||||
|
|
||||||
@ -10,7 +13,7 @@
|
|||||||
# replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@
|
# replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@
|
||||||
full = lib.makeOverridable pkgs.substituteAll {
|
full = lib.makeOverridable pkgs.substituteAll {
|
||||||
name = "awesome_full_config";
|
name = "awesome_full_config";
|
||||||
inherit alsaUtils locker xbacklight modkey;
|
inherit alsaUtils locker xbacklight modkey networkmanagerapplet blueman clipit;
|
||||||
isExecutable = false;
|
isExecutable = false;
|
||||||
src = ./full.cfg;
|
src = ./full.cfg;
|
||||||
};
|
};
|
||||||
|
@ -568,6 +568,18 @@ local os = {
|
|||||||
|
|
||||||
-- }}}
|
-- }}}
|
||||||
|
|
||||||
|
-- {{{ autostart
|
||||||
|
do
|
||||||
|
local cmds =
|
||||||
|
{
|
||||||
|
"@networkmanagerapplet@/bin/nm-applet",
|
||||||
|
"@blueman@/bin/blueman-applet",
|
||||||
|
"@clipit@/bin/clipit"
|
||||||
|
}
|
||||||
|
|
||||||
|
for _,i in pairs(cmds) do
|
||||||
|
awful.util.spawn(i)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
-- }}}
|
-- }}}
|
||||||
|
Loading…
Reference in New Issue
Block a user