Merge remote-tracking branch 'prism/newest'
This commit is contained in:
commit
2edd8ca37b
|
@ -55,7 +55,7 @@ let
|
||||||
|
|
||||||
local_domains = mkOption {
|
local_domains = mkOption {
|
||||||
type = with types; listOf hostname;
|
type = with types; listOf hostname;
|
||||||
default = ["localhost"] ++ config.krebs.build.host.nets.retiolum.aliases;
|
default = unique (["localhost" cfg.primary_hostname] ++ config.krebs.build.host.nets.retiolum.aliases);
|
||||||
};
|
};
|
||||||
|
|
||||||
relay_from_hosts = mkOption {
|
relay_from_hosts = mkOption {
|
||||||
|
|
|
@ -40,7 +40,7 @@ in {
|
||||||
etc."exim.conf".source = pkgs.writeEximConfig "exim.conf" ''
|
etc."exim.conf".source = pkgs.writeEximConfig "exim.conf" ''
|
||||||
exim_user = ${cfg.user.name}
|
exim_user = ${cfg.user.name}
|
||||||
exim_group = ${cfg.group.name}
|
exim_group = ${cfg.group.name}
|
||||||
exim_path = /var/setuid-wrappers/exim
|
exim_path = /run/wrappers/bin/exim
|
||||||
spool_directory = ${cfg.user.home}
|
spool_directory = ${cfg.user.home}
|
||||||
${cfg.config}
|
${cfg.config}
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -58,7 +58,7 @@
|
||||||
};
|
};
|
||||||
sendmail = mkOption {
|
sendmail = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "/var/setuid-wrappers/sendmail";
|
default = "/run/wrappers/bin/sendmail";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -73,7 +73,7 @@ let
|
||||||
};
|
};
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
system.activationScripts."krebs.setuid" = stringAfter [ "setuid" ]
|
system.activationScripts."krebs.setuid" = stringAfter [ "wrappers" ]
|
||||||
(concatMapStringsSep "\n" (getAttr "activate") (attrValues cfg));
|
(concatMapStringsSep "\n" (getAttr "activate") (attrValues cfg));
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -85,7 +85,7 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
nets = {
|
nets = {
|
||||||
internet = {
|
internet = {
|
||||||
ip4.addr = "64.137.177.226";
|
ip4.addr = "45.62.237.203";
|
||||||
aliases = [
|
aliases = [
|
||||||
"cd.i"
|
"cd.i"
|
||||||
"cd.krebsco.de"
|
"cd.krebsco.de"
|
||||||
|
|
|
@ -178,7 +178,7 @@ let
|
||||||
echo To: ${shell.escape cfg.mailto}
|
echo To: ${shell.escape cfg.mailto}
|
||||||
echo
|
echo
|
||||||
cat changes
|
cat changes
|
||||||
} | /var/setuid-wrappers/sendmail -t
|
} | /run/wrappers/bin/sendmail -t
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,13 +1,10 @@
|
||||||
{ lib, pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
with lib;
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
let
|
|
||||||
out = {
|
|
||||||
inherit irc-announce;
|
|
||||||
};
|
|
||||||
|
|
||||||
|
{
|
||||||
# TODO irc-announce should return a derivation
|
# TODO irc-announce should return a derivation
|
||||||
|
# but it cannot because krebs.git.repos.*.hooks :: attrsOf str
|
||||||
irc-announce = { nick, channel, server, port ? 6667, verbose ? false, branches ? [] }: ''
|
irc-announce = { nick, channel, server, port ? 6667, verbose ? false, branches ? [] }: ''
|
||||||
#! /bin/sh
|
#! /bin/sh
|
||||||
set -euf
|
set -euf
|
||||||
|
@ -37,7 +34,7 @@ let
|
||||||
port=${toString port}
|
port=${toString port}
|
||||||
|
|
||||||
host=$nick
|
host=$nick
|
||||||
cgit_endpoint=http://cgit.$host
|
cgit_endpoint=http://cgit.$host.r
|
||||||
|
|
||||||
empty=0000000000000000000000000000000000000000
|
empty=0000000000000000000000000000000000000000
|
||||||
|
|
||||||
|
@ -99,7 +96,7 @@ let
|
||||||
done
|
done
|
||||||
|
|
||||||
if test -n "''${message-}"; then
|
if test -n "''${message-}"; then
|
||||||
exec ${irc-announce-script} \
|
exec ${pkgs.irc-announce}/bin/irc-announce \
|
||||||
"$server" \
|
"$server" \
|
||||||
"$port" \
|
"$port" \
|
||||||
"$nick" \
|
"$nick" \
|
||||||
|
@ -107,6 +104,4 @@ let
|
||||||
"$message"
|
"$message"
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
}
|
||||||
irc-announce-script = "${pkgs.irc-announce}/bin/irc-announce";
|
|
||||||
in out
|
|
||||||
|
|
|
@ -215,6 +215,7 @@ in {
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
krebs.repo-sync.timerConfig = {
|
krebs.repo-sync.timerConfig = {
|
||||||
|
OnBootSec = "5min";
|
||||||
OnUnitInactiveSec = "3min";
|
OnUnitInactiveSec = "3min";
|
||||||
RandomizedDelaySec = "2min";
|
RandomizedDelaySec = "2min";
|
||||||
};
|
};
|
||||||
|
@ -247,7 +248,13 @@ in {
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
krebs.Reaktor.coders = {
|
krebs.Reaktor.coders = let
|
||||||
|
lambdabot = (import (pkgs.fetchFromGitHub {
|
||||||
|
owner = "NixOS"; repo = "nixpkgs";
|
||||||
|
rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
|
||||||
|
sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
|
||||||
|
}) {}).lambdabot;
|
||||||
|
in {
|
||||||
nickname = "reaktor-lass";
|
nickname = "reaktor-lass";
|
||||||
channels = [ "#coders" ];
|
channels = [ "#coders" ];
|
||||||
extraEnviron = {
|
extraEnviron = {
|
||||||
|
@ -263,7 +270,7 @@ in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-pl" {
|
(buildSimpleReaktorPlugin "lambdabot-pl" {
|
||||||
pattern = "^@pl (?P<args>.*)$$";
|
pattern = "^@pl (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "lambda-pl" ''
|
script = pkgs.writeDash "lambda-pl" ''
|
||||||
exec ${pkgs.lambdabot}/bin/lambdabot \
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
${indent lambdabotflags}
|
${indent lambdabotflags}
|
||||||
-e "@pl $1"
|
-e "@pl $1"
|
||||||
'';
|
'';
|
||||||
|
@ -271,7 +278,7 @@ in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-type" {
|
(buildSimpleReaktorPlugin "lambdabot-type" {
|
||||||
pattern = "^@type (?P<args>.*)$$";
|
pattern = "^@type (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "lambda-type" ''
|
script = pkgs.writeDash "lambda-type" ''
|
||||||
exec ${pkgs.lambdabot}/bin/lambdabot \
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
${indent lambdabotflags}
|
${indent lambdabotflags}
|
||||||
-e "@type $1"
|
-e "@type $1"
|
||||||
'';
|
'';
|
||||||
|
@ -279,7 +286,7 @@ in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-let" {
|
(buildSimpleReaktorPlugin "lambdabot-let" {
|
||||||
pattern = "^@let (?P<args>.*)$$";
|
pattern = "^@let (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "lambda-let" ''
|
script = pkgs.writeDash "lambda-let" ''
|
||||||
exec ${pkgs.lambdabot}/bin/lambdabot \
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
${indent lambdabotflags}
|
${indent lambdabotflags}
|
||||||
-e "@let $1"
|
-e "@let $1"
|
||||||
'';
|
'';
|
||||||
|
@ -287,7 +294,7 @@ in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-run" {
|
(buildSimpleReaktorPlugin "lambdabot-run" {
|
||||||
pattern = "^@run (?P<args>.*)$$";
|
pattern = "^@run (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "lambda-run" ''
|
script = pkgs.writeDash "lambda-run" ''
|
||||||
exec ${pkgs.lambdabot}/bin/lambdabot \
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
${indent lambdabotflags}
|
${indent lambdabotflags}
|
||||||
-e "@run $1"
|
-e "@run $1"
|
||||||
'';
|
'';
|
||||||
|
@ -295,7 +302,7 @@ in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-kind" {
|
(buildSimpleReaktorPlugin "lambdabot-kind" {
|
||||||
pattern = "^@kind (?P<args>.*)$$";
|
pattern = "^@kind (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "lambda-kind" ''
|
script = pkgs.writeDash "lambda-kind" ''
|
||||||
exec ${pkgs.lambdabot}/bin/lambdabot \
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
${indent lambdabotflags}
|
${indent lambdabotflags}
|
||||||
-e "@kind $1"
|
-e "@kind $1"
|
||||||
'';
|
'';
|
||||||
|
@ -303,7 +310,7 @@ in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-kind" {
|
(buildSimpleReaktorPlugin "lambdabot-kind" {
|
||||||
pattern = "^@kind (?P<args>.*)$$";
|
pattern = "^@kind (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "lambda-kind" ''
|
script = pkgs.writeDash "lambda-kind" ''
|
||||||
exec ${pkgs.lambdabot}/bin/lambdabot \
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
${indent lambdabotflags}
|
${indent lambdabotflags}
|
||||||
-e "@kind $1"
|
-e "@kind $1"
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -8,6 +8,8 @@ in {
|
||||||
./power-action.nix
|
./power-action.nix
|
||||||
./screenlock.nix
|
./screenlock.nix
|
||||||
./copyq.nix
|
./copyq.nix
|
||||||
|
./xresources.nix
|
||||||
|
./livestream.nix
|
||||||
{
|
{
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -32,15 +34,15 @@ in {
|
||||||
|
|
||||||
programs.ssh.startAgent = false;
|
programs.ssh.startAgent = false;
|
||||||
|
|
||||||
security.setuidPrograms = [ "slock" ];
|
|
||||||
|
|
||||||
services.printing = {
|
services.printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
drivers = [ pkgs.foomatic_filters ];
|
drivers = [
|
||||||
|
pkgs.foomatic_filters
|
||||||
|
pkgs.gutenprint
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
||||||
acpi
|
acpi
|
||||||
dic
|
dic
|
||||||
dmenu
|
dmenu
|
||||||
|
@ -76,7 +78,13 @@ in {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
desktopManager.xterm.enable = false;
|
desktopManager.xterm.enable = false;
|
||||||
displayManager.slim.enable = true;
|
desktopManager.default = "none";
|
||||||
|
displayManager.lightdm.enable = true;
|
||||||
|
displayManager.lightdm.autoLogin = {
|
||||||
|
enable = true;
|
||||||
|
user = "lass";
|
||||||
|
};
|
||||||
|
windowManager.default = "xmonad";
|
||||||
windowManager.session = [{
|
windowManager.session = [{
|
||||||
name = "xmonad";
|
name = "xmonad";
|
||||||
start = ''
|
start = ''
|
||||||
|
|
|
@ -2,8 +2,14 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
nix = {
|
nix = {
|
||||||
binaryCaches = ["http://cache.prism.r"];
|
binaryCaches = [
|
||||||
binaryCachePublicKeys = ["cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="];
|
"http://cache.prism.r"
|
||||||
|
"https://cache.nixos.org/"
|
||||||
|
];
|
||||||
|
binaryCachePublicKeys = [
|
||||||
|
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
|
||||||
|
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
|
||||||
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ let
|
||||||
createChromiumUser = name: extraGroups:
|
createChromiumUser = name: extraGroups:
|
||||||
let
|
let
|
||||||
bin = pkgs.writeScriptBin name ''
|
bin = pkgs.writeScriptBin name ''
|
||||||
/var/setuid-wrappers/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@
|
/var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
users.extraUsers.${name} = {
|
users.extraUsers.${name} = {
|
||||||
|
@ -43,7 +43,7 @@ let
|
||||||
createFirefoxUser = name: extraGroups:
|
createFirefoxUser = name: extraGroups:
|
||||||
let
|
let
|
||||||
bin = pkgs.writeScriptBin name ''
|
bin = pkgs.writeScriptBin name ''
|
||||||
/var/setuid-wrappers/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@
|
/var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox}/bin/firefox $@
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
users.extraUsers.${name} = {
|
users.extraUsers.${name} = {
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -11,6 +10,7 @@ with import <stockholm/lib>;
|
||||||
../2configs/vim.nix
|
../2configs/vim.nix
|
||||||
../2configs/monitoring/client.nix
|
../2configs/monitoring/client.nix
|
||||||
./backups.nix
|
./backups.nix
|
||||||
|
./security-workarounds.nix
|
||||||
{
|
{
|
||||||
users.extraUsers =
|
users.extraUsers =
|
||||||
mapAttrs (_: h: { hashedPassword = h; })
|
mapAttrs (_: h: { hashedPassword = h; })
|
||||||
|
@ -135,6 +135,7 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
#neat utils
|
#neat utils
|
||||||
krebspaste
|
krebspaste
|
||||||
|
mosh
|
||||||
pciutils
|
pciutils
|
||||||
pop
|
pop
|
||||||
psmisc
|
psmisc
|
||||||
|
|
|
@ -8,11 +8,12 @@ with import <stockholm/lib>;
|
||||||
dkim = [
|
dkim = [
|
||||||
{ domain = "lassul.us"; }
|
{ domain = "lassul.us"; }
|
||||||
];
|
];
|
||||||
|
primary_hostname = "lassul.us";
|
||||||
sender_domains = [
|
sender_domains = [
|
||||||
"lassul.us"
|
"lassul.us"
|
||||||
"aidsballs.de"
|
"aidsballs.de"
|
||||||
];
|
];
|
||||||
relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
|
relay_from_hosts = map (host: host.nets.retiolum.ip6.addr) [
|
||||||
config.krebs.hosts.mors
|
config.krebs.hosts.mors
|
||||||
config.krebs.hosts.uriel
|
config.krebs.hosts.uriel
|
||||||
config.krebs.hosts.helios
|
config.krebs.hosts.helios
|
||||||
|
|
|
@ -84,5 +84,6 @@ in {
|
||||||
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
{ predicate = "-p tcp --dport 10666"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport 10666"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-p udp --dport 10666"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,6 +5,7 @@ with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
|
|
||||||
out = {
|
out = {
|
||||||
|
services.nginx.enable = true;
|
||||||
krebs.git = {
|
krebs.git = {
|
||||||
enable = true;
|
enable = true;
|
||||||
cgit = {
|
cgit = {
|
||||||
|
|
|
@ -8,7 +8,6 @@ with import <stockholm/lib>;
|
||||||
extraGroups = [ "libvirtd" ];
|
extraGroups = [ "libvirtd" ];
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkyCwdwBrsbs3qrNQcy/SqQpex4aaQoAMuT+NDefFc8KVHOMfmkDccEyAggDTgQhUrEVIvo/fFUmGBd9sm1vN1IthO2Qh5nX+qiK/A2R7sxci0Ry6piU03R27JfpZqi6g8TSPNi1C9rC8eBqOfO3OB8oQOkFmM48Q9cmS8AV3ERLR0LaHoEqUbs86JELbtHrMdKk4Hzo8zTM/isP3GO8iDHRt4dBS/03Ve7+WVxgNwWU2HW3a3jJd3tWHrqGmS/ZfCEC/47eIj4WSW+JiH9Q0BarNEbkkMV1Mvm32MX52stGPd5FaIIUtFqD4745iVSiw8esUGFUxJ1RjWgUHr99h riot@vortex"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMkyCwdwBrsbs3qrNQcy/SqQpex4aaQoAMuT+NDefFc8KVHOMfmkDccEyAggDTgQhUrEVIvo/fFUmGBd9sm1vN1IthO2Qh5nX+qiK/A2R7sxci0Ry6piU03R27JfpZqi6g8TSPNi1C9rC8eBqOfO3OB8oQOkFmM48Q9cmS8AV3ERLR0LaHoEqUbs86JELbtHrMdKk4Hzo8zTM/isP3GO8iDHRt4dBS/03Ve7+WVxgNwWU2HW3a3jJd3tWHrqGmS/ZfCEC/47eIj4WSW+JiH9Q0BarNEbkkMV1Mvm32MX52stGPd5FaIIUtFqD4745iVSiw8esUGFUxJ1RjWgUHr99h riot@vortex"
|
||||||
config.krebs.users.lass.pubkey
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
12
lass/2configs/livestream.nix
Normal file
12
lass/2configs/livestream.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
stream = pkgs.writeDashBin "stream" ''
|
||||||
|
${pkgs.python27Packages.livestreamer}/bin/livestreamer --http-header Client-ID=jzkbprff40iqj646a697cyrvl0zt2m6 -p mpv "$@"
|
||||||
|
'';
|
||||||
|
|
||||||
|
in {
|
||||||
|
environment.systemPackages = [ stream ];
|
||||||
|
}
|
|
@ -3,6 +3,6 @@
|
||||||
{
|
{
|
||||||
krebs.build.source.nixpkgs.git = {
|
krebs.build.source.nixpkgs.git = {
|
||||||
url = https://github.com/nixos/nixpkgs;
|
url = https://github.com/nixos/nixpkgs;
|
||||||
ref = "6651c72";
|
ref = "5b0c9d4";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,6 @@
|
||||||
pavucontrol
|
pavucontrol
|
||||||
pv
|
pv
|
||||||
pwgen
|
pwgen
|
||||||
python34Packages.livestreamer
|
|
||||||
remmina
|
remmina
|
||||||
silver-searcher
|
silver-searcher
|
||||||
wget
|
wget
|
||||||
|
|
8
lass/2configs/security-workarounds.nix
Normal file
8
lass/2configs/security-workarounds.nix
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
{
|
||||||
|
# http://seclists.org/oss-sec/2017/q1/471
|
||||||
|
boot.extraModprobeConfig = ''
|
||||||
|
install dccp /run/current-system/sw/bin/false
|
||||||
|
'';
|
||||||
|
}
|
22
lass/2configs/termite.nix
Normal file
22
lass/2configs/termite.nix
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
{
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.termite
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.per-user.lass.packages = let
|
||||||
|
termitecfg = pkgs.writeTextFile {
|
||||||
|
name = "termite-config";
|
||||||
|
destination = "/etc/xdg/termite/config";
|
||||||
|
text = ''
|
||||||
|
[colors]
|
||||||
|
foreground = #d0d7d0
|
||||||
|
background = #000000
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in [
|
||||||
|
termitecfg
|
||||||
|
];
|
||||||
|
}
|
|
@ -66,6 +66,7 @@ let
|
||||||
|
|
||||||
"Syntastic config
|
"Syntastic config
|
||||||
let g:syntastic_python_checkers=['flake8']
|
let g:syntastic_python_checkers=['flake8']
|
||||||
|
let g:syntastic_python_flake8_post_args='--ignore=E501'
|
||||||
|
|
||||||
nmap <esc>q :buffer
|
nmap <esc>q :buffer
|
||||||
nmap <M-q> :buffer
|
nmap <M-q> :buffer
|
||||||
|
|
|
@ -32,6 +32,7 @@ rec {
|
||||||
let
|
let
|
||||||
domain = head domains;
|
domain = head domains;
|
||||||
in {
|
in {
|
||||||
|
services.phpfpm.phpPackage = pkgs.php56;
|
||||||
services.nginx.virtualHosts."${domain}" = {
|
services.nginx.virtualHosts."${domain}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
enableSSL = true;
|
enableSSL = true;
|
||||||
|
@ -181,10 +182,10 @@ rec {
|
||||||
user = nginx
|
user = nginx
|
||||||
group = nginx
|
group = nginx
|
||||||
pm = dynamic
|
pm = dynamic
|
||||||
pm.max_children = 5
|
pm.max_children = 15
|
||||||
pm.start_servers = 2
|
pm.start_servers = 3
|
||||||
pm.min_spare_servers = 1
|
pm.min_spare_servers = 1
|
||||||
pm.max_spare_servers = 3
|
pm.max_spare_servers = 10
|
||||||
listen.owner = nginx
|
listen.owner = nginx
|
||||||
listen.group = nginx
|
listen.group = nginx
|
||||||
php_admin_value[error_log] = 'stderr'
|
php_admin_value[error_log] = 'stderr'
|
||||||
|
|
55
lass/2configs/xresources.nix
Normal file
55
lass/2configs/xresources.nix
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
xresources = pkgs.writeText "Xresources" ''
|
||||||
|
URxvt*scrollBar: false
|
||||||
|
URxvt*urgentOnBell: true
|
||||||
|
URxvt*SaveLines: 4096
|
||||||
|
URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
||||||
|
URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
||||||
|
|
||||||
|
! ref https://github.com/muennich/urxvt-perls
|
||||||
|
URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
|
||||||
|
URxvt.perl-ext-common: default,clipboard,url-select,keyboard-select
|
||||||
|
URxvt.url-select.launcher: ${config.lass.browser.select}/bin/browser-select
|
||||||
|
URxvt.url-select.underline: true
|
||||||
|
URxvt.keysym.M-u: perl:url-select:select_next
|
||||||
|
URxvt.keysym.M-Escape: perl:keyboard-select:activate
|
||||||
|
URxvt.keysym.M-s: perl:keyboard-select:search
|
||||||
|
|
||||||
|
URxvt.intensityStyles: false
|
||||||
|
|
||||||
|
URxvt*background: #000000
|
||||||
|
URxvt*foreground: #d0d7d0
|
||||||
|
|
||||||
|
URxvt*cursorColor: #f042b0
|
||||||
|
URxvt*cursorColor2: #f0b000
|
||||||
|
URxvt*cursorBlink: off
|
||||||
|
|
||||||
|
URxvt*.pointerBlank: true
|
||||||
|
URxvt*.pointerBlankDelay: 987654321
|
||||||
|
URxvt*.pointerColor: #f042b0
|
||||||
|
URxvt*.pointerColor2: #050505
|
||||||
|
'';
|
||||||
|
|
||||||
|
in {
|
||||||
|
systemd.user.services.xresources = {
|
||||||
|
description = "xresources";
|
||||||
|
wantedBy = [ "default.target" ];
|
||||||
|
|
||||||
|
environment = {
|
||||||
|
DISPLAY = ":0";
|
||||||
|
};
|
||||||
|
|
||||||
|
restartIfChanged = true;
|
||||||
|
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "simple";
|
||||||
|
ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}";
|
||||||
|
Restart = "on-failure";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -95,7 +95,7 @@ displaySomeException = displayException
|
||||||
|
|
||||||
myKeyMap :: [([Char], X ())]
|
myKeyMap :: [([Char], X ())]
|
||||||
myKeyMap =
|
myKeyMap =
|
||||||
[ ("M4-<F11>", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f")
|
[ ("M4-<F11>", spawn "${pkgs.i3lock}/bin/i3lock -i $HOME/wallpaper -f")
|
||||||
, ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png")
|
, ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png")
|
||||||
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
|
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
|
||||||
, ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
|
, ("<XF86AudioRaiseVolume>", spawn "${pkgs.pulseaudioLight.out}/bin/pactl -- set-sink-volume @DEFAULT_SINK@ +4%")
|
||||||
|
|
|
@ -3,7 +3,7 @@ let
|
||||||
byid = dev: "/dev/disk/by-id/" + dev;
|
byid = dev: "/dev/disk/by-id/" + dev;
|
||||||
part1 = disk: disk + "-part1";
|
part1 = disk: disk + "-part1";
|
||||||
rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890";
|
rootDisk = byid "ata-SanDisk_SDSSDP064G_140237402890";
|
||||||
primary-interface = "enp2s0"; # c8:cb:b8:cf:e4:dc
|
primary-interface = "enp3s0"; # c8:cb:b8:cf:e4:dc
|
||||||
# N54L Chassis:
|
# N54L Chassis:
|
||||||
# ____________________
|
# ____________________
|
||||||
# |______FRONT_______|
|
# |______FRONT_______|
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
[ # base
|
[ # base
|
||||||
../.
|
../.
|
||||||
../2configs/main-laptop.nix
|
../2configs/main-laptop.nix
|
||||||
../2configs/laptop-utils.nix
|
../2configs/tools/all.nix
|
||||||
../2configs/laptop-backup.nix
|
../2configs/laptop-backup.nix
|
||||||
../2configs/dnscrypt.nix
|
../2configs/dnscrypt.nix
|
||||||
|
|
||||||
|
@ -46,7 +46,7 @@
|
||||||
../2configs/mail-client.nix
|
../2configs/mail-client.nix
|
||||||
../2configs/printer.nix
|
../2configs/printer.nix
|
||||||
../2configs/virtualization.nix
|
../2configs/virtualization.nix
|
||||||
../2configs/virtualization-virtualbox.nix
|
# ../2configs/virtualization-virtualbox.nix
|
||||||
../2configs/wwan.nix
|
../2configs/wwan.nix
|
||||||
../2configs/rad1o.nix
|
../2configs/rad1o.nix
|
||||||
|
|
||||||
|
@ -64,8 +64,10 @@
|
||||||
../2configs/fs/sda-crypto-root-home.nix
|
../2configs/fs/sda-crypto-root-home.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
makefu.server.primary-itf = "wlp2s0";
|
|
||||||
|
makefu.server.primary-itf = "wlp3s0";
|
||||||
makefu.full-populate = true;
|
makefu.full-populate = true;
|
||||||
|
makefu.umts.apn = "web.vodafone.de";
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
krebs.nginx = {
|
krebs.nginx = {
|
||||||
|
@ -74,6 +76,7 @@
|
||||||
servers.default.server-names = [ "_" ];
|
servers.default.server-names = [ "_" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
||||||
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.bintray-upload ];
|
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.bintray-upload ];
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
|
|
|
@ -82,7 +82,7 @@ in
|
||||||
|
|
||||||
URxvt.perl-ext: default,url-select
|
URxvt.perl-ext: default,url-select
|
||||||
URxvt.keysym.M-u: perl:url-select:select_next
|
URxvt.keysym.M-u: perl:url-select:select_next
|
||||||
URxvt.url-select.launcher: chromium
|
URxvt.url-select.launcher: firefox -new-tab
|
||||||
URxvt.url-select.underline: true
|
URxvt.url-select.underline: true
|
||||||
URxvt.searchable-scrollback: CM-s
|
URxvt.searchable-scrollback: CM-s
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -22,7 +22,7 @@ with import <stockholm/lib>;
|
||||||
user = config.krebs.users.makefu;
|
user = config.krebs.users.makefu;
|
||||||
source = let
|
source = let
|
||||||
inherit (config.krebs.build) host user;
|
inherit (config.krebs.build) host user;
|
||||||
ref = "f66d782"; # unstable @ 2017-02-04
|
ref = "53a2baa"; # unstable @ 2017-02-28
|
||||||
in {
|
in {
|
||||||
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
|
nixpkgs = if config.makefu.full-populate || (getEnv "dummy_secrets" == "true") then
|
||||||
{
|
{
|
||||||
|
@ -145,21 +145,21 @@ with import <stockholm/lib>;
|
||||||
tinc = pkgs.tinc_pre;
|
tinc = pkgs.tinc_pre;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.cron.enable = false;
|
networking.timeServers = [
|
||||||
services.nscd.enable = false;
|
|
||||||
services.ntp.enable = false;
|
|
||||||
services.timesyncd.enable = true;
|
|
||||||
services.ntp.servers = [
|
|
||||||
"pool.ntp.org"
|
"pool.ntp.org"
|
||||||
"time.windows.com"
|
"time.windows.com"
|
||||||
"time.apple.com"
|
"time.apple.com"
|
||||||
"time.nist.gov"
|
"time.nist.gov"
|
||||||
];
|
];
|
||||||
|
|
||||||
nix.extraOptions = ''
|
nix.extraOptions = ''
|
||||||
auto-optimise-store = true
|
auto-optimise-store = true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
security.setuidPrograms = [ "sendmail" ];
|
security.wrappers.sendmail = {
|
||||||
|
source = "${pkgs.exim}/bin/sendmail";
|
||||||
|
setuid = true;
|
||||||
|
};
|
||||||
services.journald.extraConfig = ''
|
services.journald.extraConfig = ''
|
||||||
SystemMaxUse=1G
|
SystemMaxUse=1G
|
||||||
RuntimeMaxUse=128M
|
RuntimeMaxUse=128M
|
||||||
|
|
|
@ -131,11 +131,15 @@ in {
|
||||||
( serveCloud [ "o.euer.krebsco.de" ] )
|
( serveCloud [ "o.euer.krebsco.de" ] )
|
||||||
];
|
];
|
||||||
|
|
||||||
services.mysql = {
|
services.mysql = { # TODO: currently nextcloud uses sqlite
|
||||||
enable = true;
|
enable = false;
|
||||||
package = pkgs.mariadb;
|
package = pkgs.mariadb;
|
||||||
rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
|
rootPassword = config.krebs.secret.files.mysql_rootPassword.path;
|
||||||
};
|
};
|
||||||
|
services.mysqlBackup = {
|
||||||
|
enable = false;
|
||||||
|
databases = [ "nextcloud" ];
|
||||||
|
};
|
||||||
|
|
||||||
krebs.secret.files.mysql_rootPassword = {
|
krebs.secret.files.mysql_rootPassword = {
|
||||||
path = "${config.services.mysql.dataDir}/mysql_rootPassword";
|
path = "${config.services.mysql.dataDir}/mysql_rootPassword";
|
||||||
|
|
|
@ -9,20 +9,28 @@ with import <stockholm/lib>;
|
||||||
kernelModules = [
|
kernelModules = [
|
||||||
"kvm-intel"
|
"kvm-intel"
|
||||||
"thinkpad_ec"
|
"thinkpad_ec"
|
||||||
# "acpi_call"
|
"acpi_call"
|
||||||
# "thinkpad_acpi"
|
# "thinkpad_acpi"
|
||||||
# "tpm-rng"
|
# "tpm-rng"
|
||||||
];
|
];
|
||||||
extraModulePackages = [
|
extraModulePackages = [
|
||||||
# config.boot.kernelPackages.acpi_call
|
config.boot.kernelPackages.acpi_call
|
||||||
];
|
];
|
||||||
|
# support backlight adjustment
|
||||||
|
kernelParams = [ "acpi_osi=Linux" "acpi_backlight=vendor" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# configured media keys inside awesomerc
|
||||||
|
# sound.mediaKeys.enable = true;
|
||||||
|
hardware.bluetooth.enable = true;
|
||||||
|
|
||||||
services.acpid.enable = true;
|
services.acpid.enable = true;
|
||||||
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
|
hardware.opengl.extraPackages = [ pkgs.vaapiIntel pkgs.vaapiVdpau ];
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
videoDriver = "intel";
|
videoDriver = "intel";
|
||||||
deviceSection = ''
|
deviceSection = ''
|
||||||
Option "AccelMethod" "sna"
|
Option "AccelMethod" "sna"
|
||||||
|
Option "Backlight" "intel_backlight"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
# no entropy source working
|
# no entropy source working
|
||||||
|
|
|
@ -1,65 +0,0 @@
|
||||||
{ pkgs, ... }:
|
|
||||||
|
|
||||||
# tools i use when actually working with the host.
|
|
||||||
# package version will now be maintained by nix-rebuild
|
|
||||||
#
|
|
||||||
# essentially `nix-env -q` of the main user
|
|
||||||
# TODO: split gui and non-gui
|
|
||||||
{
|
|
||||||
nixpkgs.config.firefox = {
|
|
||||||
enableAdobeFlash = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.per-user.makefu.packages = with pkgs; [
|
|
||||||
# core
|
|
||||||
at_spi2_core
|
|
||||||
acpi
|
|
||||||
bc
|
|
||||||
exif
|
|
||||||
file
|
|
||||||
ntfs3g
|
|
||||||
pv
|
|
||||||
proot
|
|
||||||
sshpass
|
|
||||||
unzip
|
|
||||||
unrar
|
|
||||||
usbutils
|
|
||||||
zip
|
|
||||||
|
|
||||||
# dev
|
|
||||||
python35Packages.virtualenv
|
|
||||||
|
|
||||||
|
|
||||||
# gui
|
|
||||||
chromium
|
|
||||||
clipit
|
|
||||||
feh
|
|
||||||
firefox
|
|
||||||
keepassx
|
|
||||||
pcmanfm
|
|
||||||
skype
|
|
||||||
mirage
|
|
||||||
tightvnc
|
|
||||||
gnome3.dconf
|
|
||||||
vlc
|
|
||||||
virtmanager
|
|
||||||
wireshark
|
|
||||||
xdotool
|
|
||||||
|
|
||||||
# sectools
|
|
||||||
aria2
|
|
||||||
pythonPackages.binwalk-full
|
|
||||||
dnsmasq
|
|
||||||
iodine
|
|
||||||
mtr
|
|
||||||
nmap
|
|
||||||
|
|
||||||
|
|
||||||
# stuff
|
|
||||||
cac-api
|
|
||||||
cac-panel
|
|
||||||
krebspaste
|
|
||||||
ledger
|
|
||||||
pass
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -5,10 +5,9 @@ let
|
||||||
collectd-port = 25826;
|
collectd-port = 25826;
|
||||||
influx-port = 8086;
|
influx-port = 8086;
|
||||||
grafana-port = 3000; # TODO nginx forward
|
grafana-port = 3000; # TODO nginx forward
|
||||||
|
db = "collectd_db";
|
||||||
|
logging-interface = config.makefu.server.primary-itf;
|
||||||
in {
|
in {
|
||||||
imports = [
|
|
||||||
../../../lass/3modules/kapacitor.nix
|
|
||||||
];
|
|
||||||
services.grafana.enable = true;
|
services.grafana.enable = true;
|
||||||
services.grafana.addr = "0.0.0.0";
|
services.grafana.addr = "0.0.0.0";
|
||||||
|
|
||||||
|
@ -27,11 +26,11 @@ in {
|
||||||
collectd = [{
|
collectd = [{
|
||||||
enabled = true;
|
enabled = true;
|
||||||
typesdb = "${pkgs.collectd}/share/collectd/types.db";
|
typesdb = "${pkgs.collectd}/share/collectd/types.db";
|
||||||
database = "collectd_db";
|
database = db;
|
||||||
port = collectd-port;
|
port = collectd-port;
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
lass.kapacitor =
|
krebs.kapacitor =
|
||||||
let
|
let
|
||||||
echoToIrc = pkgs.writeDash "echo_irc" ''
|
echoToIrc = pkgs.writeDash "echo_irc" ''
|
||||||
set -euf
|
set -euf
|
||||||
|
@ -43,7 +42,8 @@ in {
|
||||||
in {
|
in {
|
||||||
enable = true;
|
enable = true;
|
||||||
alarms = {
|
alarms = {
|
||||||
cpu_deadman = ''
|
cpu_deadman.database = db;
|
||||||
|
cpu_deadman.text = ''
|
||||||
var data = batch
|
var data = batch
|
||||||
|query(${"'''"}
|
|query(${"'''"}
|
||||||
SELECT mean("value") AS mean
|
SELECT mean("value") AS mean
|
||||||
|
@ -68,5 +68,8 @@ in {
|
||||||
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||||
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||||
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
|
iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
||||||
|
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
||||||
|
iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,7 +14,8 @@ in {
|
||||||
./base-gui.nix
|
./base-gui.nix
|
||||||
./fetchWallpaper.nix
|
./fetchWallpaper.nix
|
||||||
./zsh-user.nix
|
./zsh-user.nix
|
||||||
./laptop-utils.nix
|
./tools/core.nix
|
||||||
|
./tools/core-gui.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ];
|
users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ];
|
||||||
|
@ -60,7 +61,7 @@ in {
|
||||||
sleep 1
|
sleep 1
|
||||||
'')
|
'')
|
||||||
[ 5 4 3 2 1 ]}
|
[ 5 4 3 2 1 ]}
|
||||||
/var/setuid-wrappers/sudo ${pkgs.systemd}/bin/systemctl suspend
|
/var/run/wrappers/bin/sudo ${pkgs.systemd}/bin/systemctl suspend
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -48,15 +48,8 @@ in {
|
||||||
browseable = "yes";
|
browseable = "yes";
|
||||||
"guest ok" = "yes";
|
"guest ok" = "yes";
|
||||||
};
|
};
|
||||||
crypt0-rw = {
|
media-rw = {
|
||||||
path = "/media/crypt0/";
|
path = "/media/";
|
||||||
"read only" = "no";
|
|
||||||
browseable = "yes";
|
|
||||||
"guest ok" = "no";
|
|
||||||
"valid users" = "makefu";
|
|
||||||
};
|
|
||||||
crypt1-rw = {
|
|
||||||
path = "/media/crypt1/";
|
|
||||||
"read only" = "no";
|
"read only" = "no";
|
||||||
browseable = "yes";
|
browseable = "yes";
|
||||||
"guest ok" = "no";
|
"guest ok" = "no";
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
drivers = [
|
drivers = [
|
||||||
pkgs.samsungUnifiedLinuxDriver
|
pkgs.samsungUnifiedLinuxDriver
|
||||||
|
pkgs.dymo-cups-drivers
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
11
makefu/2configs/tools/all.nix
Normal file
11
makefu/2configs/tools/all.nix
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./core.nix
|
||||||
|
./core-gui.nix
|
||||||
|
./dev.nix
|
||||||
|
./extra-gui.nix
|
||||||
|
./games.nix
|
||||||
|
./media.nix
|
||||||
|
./sec.nix
|
||||||
|
];
|
||||||
|
}
|
24
makefu/2configs/tools/core-gui.nix
Normal file
24
makefu/2configs/tools/core-gui.nix
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
nixpkgs.config.firefox = {
|
||||||
|
enableAdobeFlash = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
krebs.per-user.makefu.packages = with pkgs; [
|
||||||
|
chromium
|
||||||
|
clipit
|
||||||
|
feh
|
||||||
|
firefox
|
||||||
|
keepassx
|
||||||
|
pcmanfm
|
||||||
|
skype
|
||||||
|
mirage
|
||||||
|
tightvnc
|
||||||
|
gnome3.dconf
|
||||||
|
wireshark
|
||||||
|
xdotool
|
||||||
|
xorg.xbacklight
|
||||||
|
scrot
|
||||||
|
];
|
||||||
|
}
|
46
makefu/2configs/tools/core.nix
Normal file
46
makefu/2configs/tools/core.nix
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
# tools i use when actually working with the host.
|
||||||
|
# package version will now be maintained by nix-rebuild
|
||||||
|
#
|
||||||
|
# essentially `nix-env -q` of the main user
|
||||||
|
{
|
||||||
|
krebs.per-user.makefu.packages = with pkgs; [
|
||||||
|
at_spi2_core
|
||||||
|
acpi
|
||||||
|
bc
|
||||||
|
rsync
|
||||||
|
exif
|
||||||
|
file
|
||||||
|
ntfs3g
|
||||||
|
pv
|
||||||
|
proot
|
||||||
|
sshpass
|
||||||
|
populate
|
||||||
|
usbutils
|
||||||
|
p7zip
|
||||||
|
hdparm
|
||||||
|
inetutils
|
||||||
|
ncftp
|
||||||
|
mutt
|
||||||
|
tcpdump
|
||||||
|
sysstat
|
||||||
|
which
|
||||||
|
weechat
|
||||||
|
curl
|
||||||
|
wget
|
||||||
|
wol
|
||||||
|
tmux
|
||||||
|
smartmontools
|
||||||
|
cifs-utils
|
||||||
|
iftop
|
||||||
|
taskwarrior
|
||||||
|
mplayer
|
||||||
|
|
||||||
|
cac-api
|
||||||
|
cac-panel
|
||||||
|
krebspaste
|
||||||
|
ledger
|
||||||
|
pass
|
||||||
|
];
|
||||||
|
}
|
10
makefu/2configs/tools/dev.nix
Normal file
10
makefu/2configs/tools/dev.nix
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
krebs.per-user.makefu.packages = with pkgs;[
|
||||||
|
nodemcu-uploader
|
||||||
|
esptool
|
||||||
|
python35Packages.virtualenv
|
||||||
|
flashrom
|
||||||
|
];
|
||||||
|
}
|
12
makefu/2configs/tools/extra-gui.nix
Normal file
12
makefu/2configs/tools/extra-gui.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
krebs.per-user.makefu.packages = with pkgs;[
|
||||||
|
inkscape
|
||||||
|
gimp
|
||||||
|
skype
|
||||||
|
virtmanager
|
||||||
|
synergy
|
||||||
|
saleae-logic
|
||||||
|
];
|
||||||
|
}
|
7
makefu/2configs/tools/games.nix
Normal file
7
makefu/2configs/tools/games.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
krebs.per-user.makefu.packages = with pkgs; [
|
||||||
|
steam
|
||||||
|
];
|
||||||
|
}
|
12
makefu/2configs/tools/media.nix
Normal file
12
makefu/2configs/tools/media.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
krebs.per-user.makefu.packages = with pkgs; [
|
||||||
|
kodi
|
||||||
|
streamripper
|
||||||
|
youtube-dl
|
||||||
|
calibre
|
||||||
|
vlc
|
||||||
|
mumble
|
||||||
|
];
|
||||||
|
}
|
15
makefu/2configs/tools/sec.nix
Normal file
15
makefu/2configs/tools/sec.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
krebs.per-user.makefu.packages = with pkgs; [
|
||||||
|
aria2
|
||||||
|
# mitmproxy
|
||||||
|
pythonPackages.binwalk-full
|
||||||
|
dnsmasq
|
||||||
|
iodine
|
||||||
|
mtr
|
||||||
|
nmap
|
||||||
|
msf
|
||||||
|
thc-hydra
|
||||||
|
];
|
||||||
|
}
|
|
@ -16,6 +16,9 @@
|
||||||
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
|
http://ftp.debian.org/debian/pool/main/a/apt-cacher-ng/
|
||||||
https://github.com/amadvance/snapraid/releases.atom
|
https://github.com/amadvance/snapraid/releases.atom
|
||||||
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
|
https://erdgeist.org/gitweb/opentracker/info/refs?service=git-upload-pack
|
||||||
|
https://api.github.com/repos/embray/d2to1/tags
|
||||||
|
https://api.github.com/repos/dorimanx/exfat-nofuse/commits
|
||||||
|
https://api.github.com/repos/dorimanx/exfat-nofuse/tags
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,7 +26,7 @@ let
|
||||||
Dial Command = ATDT
|
Dial Command = ATDT
|
||||||
Modem = ${cfg.modem-device}
|
Modem = ${cfg.modem-device}
|
||||||
Baud = 460800
|
Baud = 460800
|
||||||
Init1 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
|
Init1 = AT+CGDCONT=1,"IP","${config.makefu.umts.apn}","",0,0
|
||||||
Init2 = ATZ
|
Init2 = ATZ
|
||||||
Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
|
Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
|
||||||
ISDN = 0
|
ISDN = 0
|
||||||
|
@ -54,6 +54,13 @@ let
|
||||||
to avoid race conditions.
|
to avoid race conditions.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
apn = mkOption {
|
||||||
|
default = "pinternet.interkom.de";
|
||||||
|
type = types.str;
|
||||||
|
description = ''
|
||||||
|
apn to use for dailing
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
|
|
|
@ -364,6 +364,10 @@ globalkeys = awful.util.table.join(
|
||||||
end,
|
end,
|
||||||
{description = "restore minimized", group = "client"}),
|
{description = "restore minimized", group = "client"}),
|
||||||
|
|
||||||
|
awful.key({ }, "XF86MonBrightnessUp", function ()
|
||||||
|
awful.util.spawn("xbacklight -inc 5", false) end),
|
||||||
|
awful.key({ }, "XF86MonBrightnessDown", function ()
|
||||||
|
awful.util.spawn("xbacklight -dec 5", false) end),
|
||||||
|
|
||||||
awful.key({ }, "XF86AudioRaiseVolume", function ()
|
awful.key({ }, "XF86AudioRaiseVolume", function ()
|
||||||
awful.util.spawn("amixer set Master 5%+", false) end),
|
awful.util.spawn("amixer set Master 5%+", false) end),
|
||||||
|
|
|
@ -1,38 +1,35 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
let
|
with import <stockholm/lib>;
|
||||||
inherit (pkgs) callPackage;
|
|
||||||
in
|
|
||||||
{
|
{
|
||||||
nixpkgs.config.packageOverrides = rec {
|
nixpkgs.config.packageOverrides = oldpkgs: let
|
||||||
acdcli = callPackage ./acdcli {};
|
|
||||||
|
# This callPackage will try to detect obsolete overrides.
|
||||||
|
callPackage = path: args: let
|
||||||
|
override = pkgs.callPackage path args;
|
||||||
|
upstream = optionalAttrs (override ? "name")
|
||||||
|
(oldpkgs.${(parseDrvName override.name).name} or {});
|
||||||
|
in if upstream ? "name" &&
|
||||||
|
override ? "name" &&
|
||||||
|
compareVersions upstream.name override.name != -1
|
||||||
|
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
|
||||||
|
else override;
|
||||||
|
|
||||||
|
in {}
|
||||||
|
// mapAttrs (_: flip callPackage {})
|
||||||
|
(filterAttrs (_: dir: pathExists (dir + "/default.nix"))
|
||||||
|
(subdirsOf ./.))
|
||||||
|
// {
|
||||||
alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
|
alsa-hdspconf = callPackage ./alsa-tools { alsaToolTarget="hdspconf";};
|
||||||
alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
|
alsa-hdspmixer = callPackage ./alsa-tools { alsaToolTarget="hdspmixer";};
|
||||||
alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
|
alsa-hdsploader = callPackage ./alsa-tools { alsaToolTarget="hdsploader";};
|
||||||
awesomecfg = callPackage ./awesomecfg {};
|
|
||||||
bintray-upload = callPackage ./bintray-upload {};
|
|
||||||
debmirror = callPackage ./debmirror {};
|
|
||||||
inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
|
inherit (callPackage ./devpi {}) devpi-web devpi-server devpi-client;
|
||||||
elchhub = callPackage ./elchhub {};
|
|
||||||
f3 = callPackage ./f3 {};
|
|
||||||
farpd = callPackage ./farpd {};
|
|
||||||
git-xlsx-textconv = callPackage ./git-xlsx-textconv {};
|
|
||||||
mergerfs = callPackage ./mergerfs {};
|
|
||||||
mycube-flask = callPackage ./mycube-flask {};
|
|
||||||
nodemcu-uploader = callPackage ./nodemcu-uploader {};
|
nodemcu-uploader = callPackage ./nodemcu-uploader {};
|
||||||
ps3netsrv = callPackage ./ps3netsrv {};
|
|
||||||
pwqgen-ger = callPackage ../../krebs/5pkgs/passwdqc-utils {
|
pwqgen-ger = callPackage ../../krebs/5pkgs/passwdqc-utils {
|
||||||
wordset-file = pkgs.fetchurl {
|
wordset-file = pkgs.fetchurl {
|
||||||
url = https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c ;
|
url = https://gist.githubusercontent.com/makefu/b56f5554c9ef03fe6e09878962e6fd8d/raw/1f147efec51325bc9f80c823bad8381d5b7252f6/wordset_4k.c ;
|
||||||
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
|
sha256 = "18ddzyh11bywrhzdkzvrl7nvgp5gdb4k1s0zxbz2bkhd14vi72bb";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
qcma = pkgs.qt5.callPackage ./qcma {};
|
|
||||||
tw-upload-plugin = callPackage ./tw-upload-plugin {};
|
|
||||||
skytraq-logger = callPackage ./skytraq-logger {};
|
|
||||||
taskserver = callPackage ./taskserver {};
|
|
||||||
udpt = callPackage ./udpt {};
|
|
||||||
wol = callPackage ./wol {};
|
|
||||||
snapraid = callPackage ./snapraid {};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
17
makefu/5pkgs/dymo-cups-drivers/default.nix
Normal file
17
makefu/5pkgs/dymo-cups-drivers/default.nix
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
{ stdenv, lib, pkgs, fetchurl, cups, ... }:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "dymo-cups-drivers-${version}";
|
||||||
|
version = "1.4.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "http://download.dymo.com/dymo/Software/Download%20Drivers/Linux/Download/${name}.tar.gz";
|
||||||
|
sha256 = "0wagsrz3q7yrkzb5ws0m5faq68rqnqfap9p98sgk5jl6x7krf1y6";
|
||||||
|
};
|
||||||
|
buildInputs = [ cups ];
|
||||||
|
makeFlags = [ "cupsfilterdir=$(out)/lib/cups/filter" "cupsmodeldir=$(out)/share/cups/model" ];
|
||||||
|
|
||||||
|
# acd_cli gets dumped in bin and gets overwritten by fixupPhase
|
||||||
|
meta = {
|
||||||
|
description = "Dymo printer drivers";
|
||||||
|
};
|
||||||
|
}
|
32
makefu/5pkgs/esptool/default.nix
Normal file
32
makefu/5pkgs/esptool/default.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
{ pkgs, fetchFromGitHub, ... }:
|
||||||
|
with pkgs.python2Packages;
|
||||||
|
let
|
||||||
|
pyaes = buildPythonPackage rec {
|
||||||
|
name = "pyaes-${version}";
|
||||||
|
version = "1.6.0";
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "ricmoo";
|
||||||
|
repo = "pyaes";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "04934a9zgwc8g3qhfrkcfv0bs557paigllnkrnfhp9m1azr3bfqb";
|
||||||
|
};
|
||||||
|
doCheck = false;
|
||||||
|
};
|
||||||
|
in
|
||||||
|
buildPythonPackage rec {
|
||||||
|
name = "esptool-${version}";
|
||||||
|
version = "2.0beta2";
|
||||||
|
propagatedBuildInputs = [
|
||||||
|
pyserial
|
||||||
|
flake8
|
||||||
|
ecdsa
|
||||||
|
pyaes
|
||||||
|
];
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "themadinventor";
|
||||||
|
repo = "esptool";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "0n96pyi1k4qlyfqk5k7xpgq8726wz74qvd3gqjg0bpsl3wr7l94i";
|
||||||
|
};
|
||||||
|
doCheck = false;
|
||||||
|
}
|
|
@ -1,22 +0,0 @@
|
||||||
{ stdenv, fetchurl }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
proj = "wake-on-lan";
|
|
||||||
name = "wol-${version}";
|
|
||||||
version = "0.7.1";
|
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "mirror://sourceforge/${proj}/${name}.tar.gz";
|
|
||||||
sha256 = "08i6l5lr14mh4n3qbmx6kyx7vjqvzdnh3j9yfvgjppqik2dnq270";
|
|
||||||
};
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
description = "simple wake-on-lan client";
|
|
||||||
homepage = https://sourceforge.net/projects/wake-on-lan/;
|
|
||||||
license = stdenv.lib.licenses.gpl2;
|
|
||||||
platforms = stdenv.lib.platforms.linux;
|
|
||||||
maintainers = with stdenv.lib.maintainers; [ makefu ];
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -143,9 +143,9 @@ with import <stockholm/lib>;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
security.setuidPrograms = [
|
security.wrappers = {
|
||||||
"sendmail"
|
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
|
||||||
];
|
};
|
||||||
|
|
||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
Defaults env_keep+="SSH_CLIENT"
|
Defaults env_keep+="SSH_CLIENT"
|
||||||
|
|
|
@ -11,7 +11,7 @@ with import <stockholm/lib>;
|
||||||
nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix";
|
nixos-config.symlink = "stockholm/${user.name}/1systems/${host.name}.nix";
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
ref = "b8ede35d2efa96490857c22c751e75d600bea44f"; # nixos-16.09 @ 2016-10-19
|
ref = "5b0c9d4f92f15f171afa65caf13a29ac1c068a10"; # nixos-17.03 @ 2017-03-03
|
||||||
};
|
};
|
||||||
secrets.file =
|
secrets.file =
|
||||||
if getEnv "dummy_secrets" == "true"
|
if getEnv "dummy_secrets" == "true"
|
||||||
|
@ -30,10 +30,6 @@ with import <stockholm/lib>;
|
||||||
];
|
];
|
||||||
nix.useSandbox = true;
|
nix.useSandbox = true;
|
||||||
|
|
||||||
nixpkgs.config.packageOverrides = pkgs: {
|
|
||||||
nano = pkgs.vim;
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
git
|
git
|
||||||
rxvt_unicode.terminfo
|
rxvt_unicode.terminfo
|
||||||
|
|
|
@ -16,11 +16,11 @@ with import <stockholm/lib>;
|
||||||
networking = {
|
networking = {
|
||||||
interfaces.enp2s1.ip4 = singleton {
|
interfaces.enp2s1.ip4 = singleton {
|
||||||
address = let
|
address = let
|
||||||
addr = "64.137.177.226";
|
addr = "45.62.237.203";
|
||||||
in assert config.krebs.build.host.nets.internet.ip4.addr == addr; addr;
|
in assert config.krebs.build.host.nets.internet.ip4.addr == addr; addr;
|
||||||
prefixLength = 24;
|
prefixLength = 24;
|
||||||
};
|
};
|
||||||
defaultGateway = "64.137.177.1";
|
defaultGateway = "45.62.237.1";
|
||||||
nameservers = ["8.8.8.8"];
|
nameservers = ["8.8.8.8"];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -99,10 +99,10 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
programs.ssh.startAgent = false;
|
programs.ssh.startAgent = false;
|
||||||
|
|
||||||
security.setuidPrograms = [
|
security.wrappers = {
|
||||||
"sendmail" # for cron
|
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
|
||||||
"slock"
|
slock.slock = "${pkgs.slock}/bin/slock";
|
||||||
];
|
};
|
||||||
|
|
||||||
security.pam.loginLimits = [
|
security.pam.loginLimits = [
|
||||||
# for jack
|
# for jack
|
||||||
|
|
|
@ -157,9 +157,9 @@ with import <stockholm/lib>;
|
||||||
#jack2
|
#jack2
|
||||||
];
|
];
|
||||||
|
|
||||||
security.setuidPrograms = [
|
security.wrappers = {
|
||||||
"sendmail" # for cron
|
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
|
||||||
];
|
};
|
||||||
|
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
|
|
||||||
|
|
|
@ -167,9 +167,9 @@ with import <stockholm/lib>;
|
||||||
gptfdisk
|
gptfdisk
|
||||||
];
|
];
|
||||||
|
|
||||||
security.setuidPrograms = [
|
security.wrappers = {
|
||||||
"sendmail" # for cron
|
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
|
||||||
];
|
};
|
||||||
|
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
|
|
||||||
|
|
|
@ -167,9 +167,9 @@ with import <stockholm/lib>;
|
||||||
gptfdisk
|
gptfdisk
|
||||||
];
|
];
|
||||||
|
|
||||||
security.setuidPrograms = [
|
security.wrappers = {
|
||||||
"sendmail" # for cron
|
sendmail.source = "${pkgs.exim}/bin/sendmail"; # for cron
|
||||||
];
|
};
|
||||||
|
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ with import <stockholm/lib>;
|
||||||
stockholm.file = "/home/tv/stockholm";
|
stockholm.file = "/home/tv/stockholm";
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
ref = "5d03aab044970e72a9c6cb07dab734c9c2a391e4";
|
ref = "5b0c9d4f92f15f171afa65caf13a29ac1c068a10"; # nixos-17.03
|
||||||
};
|
};
|
||||||
} // optionalAttrs host.secure {
|
} // optionalAttrs host.secure {
|
||||||
secrets-master.file = "/home/tv/secrets/master";
|
secrets-master.file = "/home/tv/secrets/master";
|
||||||
|
|
|
@ -76,6 +76,9 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# TODO assert that pulse is the only user with "audio" in group/extraGroups
|
||||||
|
# otherwise the audio device can be hijacked while the pulse service restarts
|
||||||
|
# (e.g. when mpv is running) and then the service will fail.
|
||||||
users = {
|
users = {
|
||||||
groups.pulse.gid = config.users.users.pulse.uid;
|
groups.pulse.gid = config.users.users.pulse.uid;
|
||||||
users.pulse = {
|
users.pulse = {
|
||||||
|
|
|
@ -31,7 +31,7 @@ with import <stockholm/lib>;
|
||||||
|
|
||||||
## other
|
## other
|
||||||
|
|
||||||
https://nixos.org/channels/nixos-16.09/git-revision
|
https://nixos.org/channels/nixos-17.03/git-revision
|
||||||
https://nixos.org/channels/nixos-unstable/git-revision
|
https://nixos.org/channels/nixos-unstable/git-revision
|
||||||
|
|
||||||
## 2014-10-17
|
## 2014-10-17
|
||||||
|
|
|
@ -18,7 +18,7 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
# TODO dedicated group, i.e. with a single user [per-user-setuid]
|
# TODO dedicated group, i.e. with a single user [per-user-setuid]
|
||||||
# TODO krebs.setuid.slock.path vs /var/setuid-wrappers
|
# TODO krebs.setuid.slock.path vs /run/wrappers/bin
|
||||||
krebs.setuid.slock = {
|
krebs.setuid.slock = {
|
||||||
filename = "${pkgs.slock}/bin/slock";
|
filename = "${pkgs.slock}/bin/slock";
|
||||||
group = "wheel";
|
group = "wheel";
|
||||||
|
|
|
@ -1,7 +1,19 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
q-cal = let
|
q-cal = let
|
||||||
# XXX 23 is the longest line of cal's output
|
|
||||||
|
# Maximum width of cal's output.
|
||||||
|
calwidth = 23;
|
||||||
|
|
||||||
|
# Number of space characters between two calendars.
|
||||||
|
hspace = 2;
|
||||||
|
|
||||||
|
# Return number of columns required to print n calenders side by side.
|
||||||
|
need_width = n:
|
||||||
|
assert n >= 1;
|
||||||
|
n * calwidth + (n - 1) * hspace;
|
||||||
|
|
||||||
pad = ''{
|
pad = ''{
|
||||||
${pkgs.gnused}/bin/sed '
|
${pkgs.gnused}/bin/sed '
|
||||||
# rtrim
|
# rtrim
|
||||||
|
@ -10,7 +22,7 @@ let
|
||||||
# delete last empty line
|
# delete last empty line
|
||||||
''${/^$/d}
|
''${/^$/d}
|
||||||
' \
|
' \
|
||||||
| ${pkgs.gawk}/bin/awk '{printf "%-23s\n", $0}' \
|
| ${pkgs.gawk}/bin/awk '{printf "%-${toString calwidth}s\n", $0}' \
|
||||||
| ${pkgs.gnused}/bin/sed '
|
| ${pkgs.gnused}/bin/sed '
|
||||||
# colorize header
|
# colorize header
|
||||||
1,2s/.*/[38;5;238;1m&[39;22m/
|
1,2s/.*/[38;5;238;1m&[39;22m/
|
||||||
|
@ -20,23 +32,31 @@ let
|
||||||
'
|
'
|
||||||
}'';
|
}'';
|
||||||
in ''
|
in ''
|
||||||
|
cols=$(${pkgs.ncurses}/bin/tput cols)
|
||||||
${pkgs.coreutils}/bin/paste \
|
${pkgs.coreutils}/bin/paste \
|
||||||
<(${pkgs.utillinux}/bin/cal -mw \
|
<(if test $cols -ge ${toString (need_width 3)}; then
|
||||||
|
${pkgs.utillinux}/bin/cal -mw \
|
||||||
$(${pkgs.coreutils}/bin/date +'%m %Y' -d 'last month') \
|
$(${pkgs.coreutils}/bin/date +'%m %Y' -d 'last month') \
|
||||||
| ${pad}
|
| ${pad}
|
||||||
) \
|
fi) \
|
||||||
<(${pkgs.utillinux}/bin/cal -mw \
|
<(if test $cols -ge ${toString (need_width 1)}; then
|
||||||
|
${pkgs.utillinux}/bin/cal -mw \
|
||||||
| ${pkgs.gnused}/bin/sed '
|
| ${pkgs.gnused}/bin/sed '
|
||||||
# colorize day of month
|
# colorize day of month
|
||||||
s/\(^\| \)'"$(${pkgs.coreutils}/bin/date +%e)"'\>/[31;1m&[39;22m/
|
s/\(^\| \)'"$(${pkgs.coreutils}/bin/date +%e)"'\>/[31;1m&[39;22m/
|
||||||
' \
|
' \
|
||||||
| ${pad}
|
| ${pad}
|
||||||
) \
|
fi) \
|
||||||
<(${pkgs.utillinux}/bin/cal -mw \
|
<(if test $cols -ge ${toString (need_width 2)}; then
|
||||||
|
${pkgs.utillinux}/bin/cal -mw \
|
||||||
$(${pkgs.coreutils}/bin/date +'%m %Y' -d 'next month') \
|
$(${pkgs.coreutils}/bin/date +'%m %Y' -d 'next month') \
|
||||||
| ${pad}
|
| ${pad}
|
||||||
) \
|
fi) \
|
||||||
| ${pkgs.gnused}/bin/sed 's/\t/ /g'
|
| ${pkgs.gnused}/bin/sed '
|
||||||
|
s/^\t//
|
||||||
|
s/\t$//
|
||||||
|
s/\t/${lpad hspace " " ""}/g
|
||||||
|
'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-isodate = ''
|
q-isodate = ''
|
||||||
|
|
|
@ -132,7 +132,7 @@ spawnRootTerm :: X ()
|
||||||
spawnRootTerm =
|
spawnRootTerm =
|
||||||
forkFile
|
forkFile
|
||||||
urxvtcPath
|
urxvtcPath
|
||||||
["-name", "root-urxvt", "-e", "/var/setuid-wrappers/su", "-"]
|
["-name", "root-urxvt", "-e", "/run/wrappers/bin/su", "-"]
|
||||||
Nothing
|
Nothing
|
||||||
|
|
||||||
spawnTermAt :: String -> X ()
|
spawnTermAt :: String -> X ()
|
||||||
|
@ -143,7 +143,7 @@ spawnTermAt ws = do
|
||||||
|
|
||||||
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
|
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
|
||||||
myKeys conf = Map.fromList $
|
myKeys conf = Map.fromList $
|
||||||
[ ((_4 , xK_Escape ), forkFile "/var/setuid-wrappers/slock" [] Nothing)
|
[ ((_4 , xK_Escape ), forkFile "/run/wrappers/bin/slock" [] Nothing)
|
||||||
, ((_4S , xK_c ), kill)
|
, ((_4S , xK_c ), kill)
|
||||||
|
|
||||||
, ((_4 , xK_x ), chooseAction spawnTermAt)
|
, ((_4 , xK_x ), chooseAction spawnTermAt)
|
||||||
|
|
Loading…
Reference in New Issue
Block a user