RIP jeschli

This commit is contained in:
lassulus 2022-12-12 19:10:52 +01:00
parent 691f8a1d46
commit 3884243448
55 changed files with 0 additions and 5175 deletions

3
.gitmodules vendored
View File

@ -7,6 +7,3 @@
[submodule "lass/5pkgs/autowifi"] [submodule "lass/5pkgs/autowifi"]
path = lass/5pkgs/autowifi path = lass/5pkgs/autowifi
url = https://github.com/Lassulus/autowifi url = https://github.com/Lassulus/autowifi
[submodule "jeschli/2configs/elisp"]
path = jeschli/2configs/elisp
url = https://github.com/Jeschli/misc-elisp-scripts.git

View File

@ -1,125 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
let
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
in
{
imports =
[
./hardware-configuration.nix
<stockholm/jeschli>
<stockholm/jeschli/2configs/urxvt.nix>
<stockholm/jeschli/2configs/i3.nix>
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/rust.nix>
];
krebs.build.host = config.krebs.hosts.bolide;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sdb"; # or "nodev" for efi only
boot.initrd.luks.devices = [ {
name = "bla";
device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0";
preLVM = true;
allowDiscards = true;
} ];
# networking.hostName = "bolide"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true;
networking.enableB43Firmware = true; #new
# Select internationalisation properties.
# i18n = {
# consoleFont = "Lat2-Terminus16";
# consoleKeyMap = "us";
# defaultLocale = "en_US.UTF-8";
# };
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
environment.shellAliases = {
n = "nix-shell";
stocki = pkgs.writeDash "deploy" ''
cd ~/stockholm
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bolide"'
'';
};
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
rofi
wget vim
# system helper
ag
curl
copyq
dmenu
git
i3lock
keepass
networkmanagerapplet
rsync
terminator
tmux
wget
# rxvt_unicode
# editors
emacs
# internet
thunderbird
chromium
google-chrome
# programming languages
vscode
go
gcc9
ccls
unstable.clang_8
ghc
python37
python37Packages.pip
# go tools
golint
gotools
# dev tools
elmPackages.elm
gnumake
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
# document viewer
zathura
];
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
users.extraUsers.jeschli = {
isNormalUser = true;
extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
hardware.pulseaudio.enable = true;
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "17.09"; # Did you read the comment?
}

View File

@ -1,33 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.kernelModules = [ "kvm-intel" "wl" ];
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
fileSystems."/" =
{ device = "/dev/bolide-pool/bolide-root";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/bolide-pool/bolide-home";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/3aeb67c4-5b6e-4df2-8013-607fe0fb8525";
fsType = "ext4";
};
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = "powersave";
hardware.pulseaudio.enable = true;
}

View File

@ -1,200 +0,0 @@
{ config, pkgs, lib, ... }:
let
mainUser = config.krebs.build.user.name;
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
in
{
imports = [
<stockholm/jeschli>
./hardware-configuration.nix
<home-manager/nixos>
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/urxvt.nix>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/virtualbox.nix>
];
krebs.build.host = config.krebs.hosts.brauerei;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.efiSupport = true;
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda";
# or "nodev" for efi only
boot.initrd.luks.devices = [ {
name = "root";
device = "/dev/sda2";
preLVM = true;
allowDiscards = true;
} ];
networking.networkmanager.enable = true;
time.timeZone = "Europe/Amsterdam";
nixpkgs.config.allowUnfree = true;
environment.shellAliases = {
# emacs aliases
ed = "emacsclient";
edc = "emacsclient --create-frame";
# nix aliases
ns = "nix-shell";
# krops
deploy = pkgs.writeDash "deploy" ''
set -eu
export SYSTEM="$1"
$(nix-build $HOME/stockholm/jeschli/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
'';
};
environment.systemPackages = with pkgs; [
# system helper
acpi
ag
copyq
curl
dmenu
aspell
ispell
rofi
xdotool
git
gnupg
i3lock
keepass
networkmanagerapplet
pavucontrol
rsync
terminator
tmux
wget
# editors
emacs
# internet
chromium
firefox
google-chrome
thunderbird
# programming languages
elixir
elmPackages.elm
exercism
gcc9
ccls
unstable.clang_8
ghc
go
python37
python37Packages.pip
pipenv
# dev tools
gnumake
jetbrains.clion
jetbrains.goland
jetbrains.pycharm-professional
jetbrains.webstorm
vscode
# document viewer
evince
zathura
# go tools
golint
gotools
# rust
cargo
rustracer
rustup
# orga tools
taskwarrior
# xorg
xorg.xbacklight
# tokei
tokei
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.bash.enableCompletion = true;
# programs.mtr.enable = true;
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
# home-manager.useUserPackages = true;
# home-manager.users.jeschli = {
# home.stateVersion = "19.03";
# };
# home-manager.enable = true;
# home-manager.users.jeschli.home.file = {
# ".emacs.d" = {
# source = pkgs.fetchFromGitHub {
# owner = "jeschli";
# repo = "emacs.d";
# rev = "8ed6c40";
# sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0";
# };
# recursive = true;
# };
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# services.emacs.enable = true;
virtualisation.docker.enable = true;
services.xserver = {
enable = true;
desktopManager = {
xfce.enable = true;
gnome3.enable = true;
};
};
services.xserver.windowManager.i3.enable = true;
users.extraUsers.jeschli = { # TODO: define as krebs.users
isNormalUser = true;
extraGroups = ["docker" "vboxusers" "audio"];
uid = 1000;
};
users.extraUsers.blafoo = {
isNormalUser = true;
extraGroups = ["audio"];
uid = 1002;
};
users.extraUsers.jamie = {
isNormalUser = true;
uid = 1001; # TODO genid
};
users.users.dev = {
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
"ssh-rsa AAAAB4NzaC1yc2EAAAADAQABAAACAQC1x9+OtNfwv6LxblnLHeBElxoxLfaYUyvqMrBgnrlkaPjylPv711bvPslnt+YgdPsZQLCoQ2t5f0x0j7ZOMYE9eyRrnr67ITO+Od05u3eCypWOZulekkDL0ZDeYdvoZKOWnbKWnQVRfYuLOEL/g5/9E7MLtIdID8e98b/qHzs/+wmuuDR3zHCNic0BKixgET/EgFvLWezWxJ6D/TTv/5sDAfrC+RUN8ad14sxjKIkS3nkAlm8bhrCxQKaHLUcCJWiweW0gPWYSlp64VHS5lchvqCJlPYQdx0XbwolvlLYru0w74ljLbi3eL35GFFyHSeEjQ73EtVwo53uVKTy7SAORU7JNg6xL9H3ChOLOknN9oHs1K7t/maMsATle0HAFcTuaOhELUmHM8dCJh3nPVWIkzHQ4o3fyaogrpt7/V5j6R1/Ozn7P9n4OdqrjiaWqHlz/XHeYNNWte+a0EW+NubC83yS0Cu3uhZ36C3RET2vNM25CyYOBn4ccClAozayQIb6Cif0tCafMRPgkSlogQd8+SqNZpTnmtllIT3VnT5smgrufy6HETDkrHjApDrsqLtMCFY83RFwt4QLv/L93O7IsGifzmEfD9qD7YBSMNs8ihBIUXPk9doHXvYS506YroxWOxe/C0rzzbaogxQT6JMd1ozfXitRD9v7iBIFAT4Kzjw== christopher.kilian@dcso.de"
];
};
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
];
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "17.09"; # Did you read the comment?
hardware.trackpoint = {
enable = true;
sensitivity = 220;
speed = 0;
emulateWheel = true;
};
}

View File

@ -1,34 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sdhci_pci" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/e264fc21-45bb-4224-93fc-b0e19c2c3478";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/bd0846ce-7d39-4329-bcb4-7c76becd6ab1";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/42BF-0795";
fsType = "vfat";
};
swapDevices = [ ];
hardware.pulseaudio.enable = true;
nix.maxJobs = lib.mkDefault 4;
}

View File

@ -1,57 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/jeschli>
<stockholm/jeschli/2configs/retiolum.nix>
<stockholm/jeschli/2configs/IM.nix>
<stockholm/jeschli/2configs/git.nix>
<stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix>
{
networking.dhcpcd.allowInterfaces = [
"enp*"
"eth*"
"ens*"
];
}
{
services.openssh.enable = true;
}
{
sound.enable = false;
}
{
users.extraUsers = {
root.initialPassword = "pfeife123";
root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
];
jeschli = {
name = "jeschli";
uid = 1000;
home = "/home/jeschli";
group = "users";
createHome = true;
useDefaultShell = true;
extraGroups = [
];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
];
};
};
}
{
services.taskserver = {
enable = true;
fqdn = "enklave.r";
listenHost = "::";
listenPort = 53589;
organisations.lass.users = [ "jeschli" ];
};
networking.firewall.allowedTCPPorts = [ 53589 8001 ];
}
];
krebs.build.host = config.krebs.hosts.enklave;
}

View File

@ -1,10 +0,0 @@
{
services.taskserver = {
enable = true;
fqdn = "enklave.r";
listenHost = "::";
listenPort = 53589;
organisations.lass.users = [ "jeschli" ];
};
networking.firewall.allowedTCPPorts = [ 53589 ];
}

View File

@ -1,91 +0,0 @@
{ config, pkgs, ... }:
{
imports =
[
<stockholm/jeschli>
<stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/firefox.nix>
<stockholm/jeschli/2configs/rust.nix>
<stockholm/jeschli/2configs/steam.nix>
<stockholm/jeschli/2configs/python.nix>
./desktop.nix
./i3-configuration.nix
./hardware-configuration.nix
];
# EFI systemd boot loader
boot.loader.systemd-boot.enable = true;
# Wireless network with network manager
krebs.build.host = config.krebs.hosts.reagenzglas;
# networking.hostName = "nixos"; # Define your hostname.
networking.networkmanager.enable = true;
# Allow unfree
nixpkgs.config.allowUnfree = true;
# Select internationalisation properties.
i18n = {
consoleKeyMap = "us";
defaultLocale = "en_US.UTF-8";
};
# Set your time zone.
time.timeZone = "Europe/Berlin";
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
ag
alacritty
google-chrome
chromium
copyq
direnv
go
git
gitAndTools.hub
sbcl
rofi
vim
wget
];
users.users.ombi = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
};
users.users.jeschli = {
isNormalUser = true;
extraGroups = [ "audio" ];
};
# services.xserver.synaptics.enable = true;
services.xserver.libinput.enable = true;
services.xserver.libinput.disableWhileTyping = true;
hardware.pulseaudio.enable = true;
#Enable ssh daemon
services.openssh.enable = true;
#Enable clight
services.clight.enable = true;
services.geoclue2.enable = true;
location.provider = "geoclue2";
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei"
];
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "19.03"; # Did you read the comment?
}

View File

@ -1,25 +0,0 @@
# Configuration for the desktop environment
{ config, lib, pkgs, ... }:
{
# Configure basic X-server stuff:
services.xserver = {
enable = true;
xkbOptions = "caps:super";
exportConfiguration = true;
displayManager.lightdm.enable = true;
};
# Configure fonts
fonts = {
fonts = with pkgs; [
corefonts
font-awesome-ttf
noto-fonts-cjk
noto-fonts-emoji
powerline-fonts
helvetica-neue-lt-std
];
};
}

View File

@ -1,37 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }:
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.initrd.luks.devices = [
{
name = "root";
device = "/dev/nvme0n1p8";
preLVM = true;
}
];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/4d01936e-c876-42c3-962a-d4a20ad0e2e0";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/D455-E4CC";
fsType = "vfat";
};
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}

View File

@ -1,181 +0,0 @@
{pkgs, environment, config, lib, ... }:
with pkgs;
let
i3_config_file = pkgs.writeText "config" ''
set $mod Mod4
font pango:monospace 8
#font pango:DejaVu Sans Mono 8
# Before i3 v4.8, we used to recommend this one as the default:
# font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
# The font above is very space-efficient, that is, it looks good, sharp and
# clear in small sizes. However, its unicode glyph coverage is limited, the old
# X core fonts rendering does not support right-to-left and this being a bitmap
# font, it doesnt scale on retina/hidpi displays.
# Use Mouse+$mod to drag floating windows to their wanted position
floating_modifier $mod
# start a terminal
bindsym $mod+Return exec alacritty
# kill focused window
bindsym $mod+Shift+q kill
# start dmenu (a program launcher)
# bindsym $mod+d exec dmenu_run
# start dmenu (a program launcher)
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable
bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable
# There also is the (new) i3-dmenu-desktop which only displays applications
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
# installed.
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop
# change focus
bindsym $mod+j focus left
bindsym $mod+k focus down
bindsym $mod+l focus up
bindsym $mod+semicolon focus right
# alternatively, you can use the cursor keys:
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# move focused window
bindsym $mod+Shift+j move left
bindsym $mod+Shift+k move down
bindsym $mod+Shift+l move up
bindsym $mod+Shift+colon move right
# alternatively, you can use the cursor keys:
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# split in horizontal orientation
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
# focus the parent container
bindsym $mod+a focus parent
# focus the child container
#bindsym $mod+d focus child
# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
set $ws1 "1"
set $ws2 "2"
set $ws3 "3"
set $ws4 "4"
set $ws5 "5"
set $ws6 "6"
set $ws7 "7"
set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
# switch to workspace
bindsym $mod+1 workspace $ws1
bindsym $mod+2 workspace $ws2
bindsym $mod+3 workspace $ws3
bindsym $mod+4 workspace $ws4
bindsym $mod+5 workspace $ws5
bindsym $mod+6 workspace $ws6
bindsym $mod+7 workspace $ws7
bindsym $mod+8 workspace $ws8
bindsym $mod+9 workspace $ws9
bindsym $mod+0 workspace $ws10
# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
bindsym $mod+Shift+3 move container to workspace $ws3
bindsym $mod+Shift+4 move container to workspace $ws4
bindsym $mod+Shift+5 move container to workspace $ws5
bindsym $mod+Shift+6 move container to workspace $ws6
bindsym $mod+Shift+7 move container to workspace $ws7
bindsym $mod+Shift+8 move container to workspace $ws8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace $ws10
# reload the configuration file
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
# resize window (you can also use the mouse for that)
mode "resize" {
# These bindings trigger as soon as you enter the resize mode
# Pressing left will shrink the windows width.
# Pressing right will grow the windows width.
# Pressing up will shrink the windows height.
# Pressing down will grow the windows height.
bindsym j resize shrink width 10 px or 10 ppt
bindsym k resize grow height 10 px or 10 ppt
bindsym l resize shrink height 10 px or 10 ppt
bindsym semicolon resize grow width 10 px or 10 ppt
# same bindings, but for the arrow keys
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
# back to normal: Enter or Escape or $mod+r
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
}
bindsym $mod+r mode "resize"
# Start i3bar to display a workspace bar (plus the system information i3status
# finds out, if available)
bar {
status_command i3status
}
'';
in {
services.xserver.windowManager.i3 = {
enable = true;
package = pkgs.i3;
configFile = i3_config_file;
};
}

View File

@ -1,57 +0,0 @@
with (import <stockholm/lib>);
{ config, lib, pkgs, ... }:
let
tmux = pkgs.writeDashBin "tmux" ''
export TERM=xterm-256color
exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
set-option -g default-terminal screen-256color
''} "$@"
'';
in {
services.bitlbee = {
enable = true;
portNumber = 6666;
plugins = [
pkgs.bitlbee-facebook
pkgs.bitlbee-steam
pkgs.bitlbee-discord
];
libpurple_plugins = [ pkgs.telegram-purple ];
};
users.extraUsers.chat = {
home = "/home/chat";
uid = genid "chat";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = with config.krebs.users; [
jeschli.pubkey
jeschli-bln.pubkey
jeschli-brauerei.pubkey
jeschli-bolide.pubkey
];
packages = [ tmux ];
};
systemd.services.chat = {
description = "chat environment setup";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
restartIfChanged = false;
path = [
pkgs.rxvt_unicode.terminfo
];
serviceConfig = {
User = "chat";
RemainAfterExit = true;
Type = "oneshot";
ExecStart = "${tmux}/bin/tmux -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat";
ExecStop = "${tmux}/bin/tmux kill-session -t IM";
};
};
}

View File

@ -1,72 +0,0 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
imports = [
# ./vim.nix
./retiolum.nix
./zsh.nix
<stockholm/lass/2configs/security-workarounds.nix>
{
environment.variables = {
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
};
}
];
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
#stockholm
git
gnumake
jq
parallel
proot
populate
# aliases
(writeDashBin "irc" "ssh chat@enklave -t tmux a")
#style
most
rxvt_unicode.terminfo
#monitoring tools
htop
iotop
#network
iptables
iftop
#stuff for dl
aria2
#neat utils
file
kpaste
krebspaste
mosh
pciutils
psmisc
# q
# rs
tmux
untilport
usbutils
# logify
goify
vim
#unpack stuff
p7zip
unzip
unrar
(pkgs.writeDashBin "sshn" ''
${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@"
'')
];
krebs.enable = true;
networking.hostName = config.krebs.build.host.name;
}

@ -1 +0,0 @@
Subproject commit 279d6a01f5abbab5d28d3a57549b7fec800a510e

File diff suppressed because it is too large Load Diff

View File

@ -1,119 +0,0 @@
{ config, pkgs, ... }:
let
pkgsWithOverlay = import <nixpkgs-unstable> {
overlays = [
(import (builtins.fetchTarball {
url = https://github.com/nix-community/emacs-overlay/archive/403c14c23be188b58c0b1bc197b428041d8a0cea.tar.gz;
}))
];
};
# The emacs packages that I use
# I differ between
# - stable (Packages that I use for some time - happy with it)
# - unstable (Packages that I use for some time - but may drop)
# - testing (Packages that I try out - the new stuff)
emacsPkgs = epkgs:
(with epkgs.melpaPackages ;
## windows-purpose (testing)
[ window-purpose ] ++
## helm (stable)
# emacs completion engine
[ helm helm-ag ] ++
## deft (testing)
# text search for a directory
[ deft ] ++
## lsp mode (unstable)
# Language Server Protocol mode
# Used for rust
[ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++
## emacs convenience (stable)
# Mixed and general purpose
[ ag company direnv evil google-this spacemacs-theme ] ++
## common lisp (testing)
[ slime ] ++
## magit (stable)
[ magit ] ++
## bunch of programming languages (unstable)
[ go-mode haskell-mode nix-mode ] ++
## rust (unstable)
[ racer rust-mode ] ++
## python (stable)
# Python IDE for emacs
[ elpy ]) ++
## org-mode
# Org-Mode has several extensions
# and can be seen as an application of its own.
(with epkgs.melpaPackages ;
# testing
[ org-super-agenda org-bullets org-ql ] ++
# unstable
[ smex org-mime orgit ]
) ++
# stable
(with epkgs.orgPackages ;
[ org-plus-contrib ]) ++
# stable
(with epkgs.elpaPackages ;
[ bbdb which-key ]);
# ## EXWM related (unstable)
# epkgs.exwm
# epkgs.melpaPackages.desktop-environment
# epkgs.melpaPackages.helm-exwm
# ];
emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage {
config = builtins.readFile ./elisp/init.el;
# Package is optional, defaults to pkgs.emacs
package = pkgsWithOverlay.emacsGit;
# Optionally provide extra packages not in the configuration file
extraEmacsPackages = emacsPkgs;
};
myEmacs = pkgs.writeDashBin "my-emacs" ''
exec ${emacsWithOverlay}/bin/emacs -q "$@"
'';
myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" ''
exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el}
'';
myEmacsClient = pkgs.writeDashBin "meclient" ''
exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@"
'';
in {
environment.systemPackages = [
myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay
];
## EXWM Config
# services.xserver = {
# enable = true;
# xkbOptions = "caps:super";
# exportConfiguration = true;
#
# displayManager.slim.enable = true;
# windowManager.default = "exwm";
#
# # Set up the login session
# windowManager.session = [{
# name = "exwm";
# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el;
# }];
# };
}

View File

@ -1,44 +0,0 @@
{ config, pkgs, ... }:
let
wrapper = pkgs.callPackage ../5pkgs/firefox/firefox-with-config.nix { };
myFirefox = wrapper pkgs.firefox-unwrapped {
# these plugins are defined in 5pkgs/firefox
extraExtensions = with pkgs ; [
dark-reader
https-everywhere
ublock-origin
audio-fingerprint-defender
canvas-fingerprint-defender
webgl-fingerprint-defender
font-fingerprint-defender
user-agent-switcher
];
extraPolicies = {
CaptivePortal = false;
};
disablePocket = true;
disableFirefoxSync = true;
allowNonSigned = true;
clearDataOnShutdown = true;
disableDrmPlugin = true;
};
in {
environment.variables = {
BROWSER = ["firefox"];
};
environment.systemPackages = with pkgs; [
myFirefox
];
}

View File

@ -1,78 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
services.nginx.enable = true;
krebs.git = {
enable = true;
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
};
enable = true;
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
];
};
repos = public-repos;
rules = concatMap make-rules (attrValues repos);
public-repos = mapAttrs make-public-repo {
stockholm = {
cgit.desc = "Bonbon aus Git - die ganze Nacht";
};
krebs-page = {
cgit.desc = "Die Krebs Page";
};
xmonad-stockholm = {
cgit.desc = "XMonad Stockholm";
};
};
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
hooks = {
post-receive = pkgs.git-hooks.irc-announce {
channel = "#xxx";
nick = config.krebs.build.host.name;
refs = [
"refs/heads/master"
];
server = "irc.r";
verbose = true;
};
};
};
make-rules =
with git // config.krebs.users;
repo:
singleton {
user = [ jeschli jeschli-brauerei jeschli-bolide];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++
optional repo.public {
user = attrValues config.krebs.users;
repo = [ repo ];
perm = fetch;
} ++
optional (length (repo.collaborators or []) > 0) {
user = repo.collaborators;
repo = [ repo ];
perm = fetch;
};
in out

View File

@ -1,18 +0,0 @@
{ config, pkgs, ... }:
let
all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {};
in
{
environment.systemPackages = with pkgs; [
cabal2nix
gcc
ghc
haskellPackages.cabal-install
haskellPackages.ghcid
haskellPackages.hindent
haskellPackages.hlint
haskellPackages.hoogle
haskellPackages.stack
(all-hies.selection { selector = p: {inherit (p) ghc864; }; })
];
}

View File

@ -1,9 +0,0 @@
{
imports = [
<home-manager/nixos>
];
home-manager.useUserPackages = true;
home-manager.users.jeschli = {
home.stateVersion = "19.03";
};
}

View File

@ -1,247 +0,0 @@
{pkgs, environment, config, lib, ... }:
with pkgs;
let
i3_conf_file = pkgs.writeText "config" ''
# i3 config file (v4)
# doc: https://i3wm.org/docs/userguide.html
set $mod Mod4
# Font for window titles. Will also be used by the bar unless a different font
# is used in the bar {} block below.
font pango:monospace 8
# Use Mouse+$mod to drag floating windows to their wanted position
floating_modifier $mod
# start a terminal
bindsym $mod+Return exec i3-sensible-terminal
# kill focused window
bindsym $mod+Shift+q kill
# start rofi program launcher
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
# Switch windows with rofi
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
# There also is the (new) i3-dmenu-desktop which only displays applications
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
# installed.
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop
# change focus
bindsym $mod+j focus left
bindsym $mod+k focus down
bindsym $mod+l focus up
bindsym $mod+semicolon focus right
# alternatively, you can use the cursor keys:
bindsym $mod+Left focus left
bindsym $mod+Down focus down
bindsym $mod+Up focus up
bindsym $mod+Right focus right
# move focused window
bindsym $mod+Shift+j move left
bindsym $mod+Shift+k move down
bindsym $mod+Shift+l move up
bindsym $mod+Shift+semicolon move right
# alternatively, you can use the cursor keys:
bindsym $mod+Shift+Left move left
bindsym $mod+Shift+Down move down
bindsym $mod+Shift+Up move up
bindsym $mod+Shift+Right move right
# split in horizontal orientation
bindsym $mod+h split h
# split in vertical orientation
bindsym $mod+v split v
# enter fullscreen mode for the focused container
bindsym $mod+f fullscreen toggle
# change container layout (stacked, tabbed, toggle split)
bindsym $mod+s layout stacking
bindsym $mod+w layout tabbed
bindsym $mod+e layout toggle split
# toggle tiling / floating
bindsym $mod+Shift+space floating toggle
# change focus between tiling / floating windows
bindsym $mod+space focus mode_toggle
# focus the parent container
bindsym $mod+a focus parent
# focus the child container
#bindsym $mod+d focus child
# Define names for default workspaces for which we configure key bindings later on.
# We use variables to avoid repeating the names in multiple places.
set $ws1 "1"
set $ws2 "2"
set $ws3 "3: Emacs"
set $ws4 "4"
set $ws5 "5"
set $ws6 "6"
set $ws7 "7"
set $ws8 "8"
set $ws9 "9"
set $ws10 "10"
assign [class="emacs"] $ws3
# switch to workspace
bindsym $mod+1 workspace $ws1
bindsym $mod+2 workspace $ws2
bindsym $mod+3 workspace $ws3
bindsym $mod+4 workspace $ws4
bindsym $mod+5 workspace $ws5
bindsym $mod+6 workspace $ws6
bindsym $mod+7 workspace $ws7
bindsym $mod+8 workspace $ws8
bindsym $mod+9 workspace $ws9
bindsym $mod+0 workspace $ws10
# move focused container to workspace
bindsym $mod+Shift+1 move container to workspace $ws1
bindsym $mod+Shift+2 move container to workspace $ws2
bindsym $mod+Shift+3 move container to workspace $ws3
bindsym $mod+Shift+4 move container to workspace $ws4
bindsym $mod+Shift+5 move container to workspace $ws5
bindsym $mod+Shift+6 move container to workspace $ws6
bindsym $mod+Shift+7 move container to workspace $ws7
bindsym $mod+Shift+8 move container to workspace $ws8
bindsym $mod+Shift+9 move container to workspace $ws9
bindsym $mod+Shift+0 move container to workspace $ws10
# reload the configuration file
bindsym $mod+Shift+c reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
bindsym $mod+Shift+r restart
# exit i3 (logs you out of your X session)
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
# resize window (you can also use the mouse for that)
mode "resize" {
# These bindings trigger as soon as you enter the resize mode
# Pressing left will shrink the windows width.
# Pressing right will grow the windows width.
# Pressing up will shrink the windows height.
# Pressing down will grow the windows height.
bindsym j resize shrink width 10 px or 10 ppt
bindsym k resize grow height 10 px or 10 ppt
bindsym l resize shrink height 10 px or 10 ppt
bindsym semicolon resize grow width 10 px or 10 ppt
# same bindings, but for the arrow keys
bindsym Left resize shrink width 10 px or 10 ppt
bindsym Down resize grow height 10 px or 10 ppt
bindsym Up resize shrink height 10 px or 10 ppt
bindsym Right resize grow width 10 px or 10 ppt
# back to normal: Enter or Escape or $mod+r
bindsym Return mode "default"
bindsym Escape mode "default"
bindsym $mod+r mode "default"
}
bindsym $mod+r mode "resize"
bar {
status_command i3status
position top
}
#######################
# #
# AUTORUNS #
# #
#######################
# Start firefox
exec --no-startup-id ${pkgs.firefox}/bin/firefox --new-instance --setDefaultBrowser
# Start my-emacs server
exec --no-startup-id my-emacs-daemon
'';
in {
#######################
# #
# AUTORANDR #
# #
#######################
# Start autorandr on display change
services.autorandr = {
enable = true;
defaultTarget = "mobile";
};
# What to execute after resolution has been changed
environment.etc."xdg/autorandr/postswitch" = {
text = '' sleep 4 && i3-msg "restart" '';
};
# Start autorandr once on startup
systemd.user.services.boot-autorandr = {
description = "Autorandr service";
partOf = [ "graphical-session.target" ];
wantedBy = [ "graphical-session.target" ];
serviceConfig = {
ExecStart = "${pkgs.autorandr}/bin/autorandr -c";
Type = "oneshot";
};
};
#######################
# #
# XSERVER #
# #
#######################
services.xserver.enable = true;
# Enable i3 Window Manager
services.xserver.windowManager.i3 = {
enable = true;
package = pkgs.i3;
configFile = i3_conf_file;
};
# ${pkgs.xorg.xhost}/bin/xhost +SI:localuser:${cfg.user.name}
# ${pkgs.xorg.xhost}/bin/xhost -LOCAL:
services.xserver.windowManager.default = "i3";
services.xserver.desktopManager.xterm.enable = false;
# Enable the X11 windowing system.
services.xserver.displayManager.lightdm.enable = true;
# Allow users in video group to change brightness
environment.systemPackages = with pkgs; [
rofi # Dmenu replacement
acpilight # Replacement for xbacklight
brightnessctl
arandr # Xrandr gui
feh
wirelesstools # To get wireless statistics
acpi
xorg.xhost
xorg.xauth
];
}

View File

@ -1,19 +0,0 @@
{ config, pkgs, ... }:
{
nixpkgs.config.packageOverrides = pkgs: {
openvpn = pkgs.openvpn.override { pkcs11Support = true; useSystemd = false;};
};
environment.systemPackages = with pkgs; [
opensc
openvpn
yubikey-manager
];
services.pcscd.enable = true;
# To start the vpn manually execute
# $ openvpn --config clien.ovpn
}

View File

@ -1,16 +0,0 @@
_:
{
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
boot.loader.grub = {
device = "/dev/sda";
splashImage = null;
};
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
fileSystems."/" = {
device = "/dev/sda1";
fsType = "ext4";
};
}

View File

@ -1,9 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
python37
python37Packages.pip
pipenv
];
}

View File

@ -1,26 +0,0 @@
{ config, pkgs, ... }:
{
krebs.tinc.retiolum = {
enable = true;
connectTo = [
"prism"
"gum"
"ni"
"dishfire"
"enklave"
];
};
nixpkgs.config.packageOverrides = pkgs: {
tinc = pkgs.tinc_pre;
};
networking.firewall.allowedTCPPorts = [ 80 655 ];
networking.firewall.allowedUDPPorts = [ 655 ];
environment.systemPackages = [
pkgs.tinc
];
}

View File

@ -1,8 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
rustup
gcc
];
}

View File

@ -1,12 +0,0 @@
{ config, pkgs, ... }:
{
nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
steam
];
hardware.opengl.driSupport32Bit = true;
#ports for inhome streaming
}

View File

@ -1,39 +0,0 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
options.jeschliFontSize = mkOption {
type = types.int;
default = 12;
};
config = {
services.urxvtd.enable = true;
krebs.xresources.enable = true;
krebs.xresources.resources.urxvt = ''
*foreground: rgb:a8/a8/a8
*background: rgb:00/00/00
*faceName: DejaVu Sans Mono
*faceSize: ${toString config.jeschliFontSize}
*color0: rgb:00/00/00
*color1: rgb:a8/00/00
*color2: rgb:00/a8/00
*color3: rgb:a8/54/00
*color4: rgb:26/8b/d2
*color5: rgb:a8/00/a8
*color6: rgb:00/a8/a8
*color7: rgb:a8/a8/a8
*color8: rgb:54/54/54
*color9: rgb:fc/54/54
*color10: rgb:54/fc/54
*color11: rgb:fc/fc/54
*color12: rgb:54/54/fc
*color13: rgb:fc/54/fc
*color14: rgb:54/fc/fc
*color15: rgb:fc/fc/fc
URxvt*scrollBar: false
URxvt*urgentOnBell: true
URxvt*font: xft:DejaVu Sans Mono:pixelsize=${toString config.jeschliFontSize}
URXvt*faceSize: ${toString config.jeschliFontSize}
'';
};
}

View File

@ -1,151 +0,0 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
let
customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin {
name = "vim-javascript";
src = pkgs.fetchFromGitHub {
owner = "pangloss";
repo = "vim-javascript";
rev = "1.2.5.1";
sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7";
};
};
customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin {
name = "vim-jsx";
src = pkgs.fetchFromGitHub {
owner = "mxw";
repo = "vim-jsx";
rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
};
};
customPlugins.vim-fileline = pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchFromGitHub {
owner = "bogado";
repo = "file-line";
rev = "1.0";
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
};
};
in {
environment.systemPackages = [
(pkgs.vim_configurable.customize {
name = "vim";
vimrcConfig.customRC = let
colorscheme = ''colorscheme molokai'';
highlightTrailingWhiteSpaces = ''
au Syntax * syn match Garbage containedin=ALL /\s\+$/
'';
setStatements = ''
set autowrite
set clipboard=unnamedplus
set listchars=trail:
set mouse=a
set nocompatible
set path+=**
set ruler
set undodir=$HOME/.vim/undo "directory where the undo files will be stored
set undofile "turn on the feature
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
'';
remapStatements = ''
imap jk <Esc>
map gr :GoRun<Enter> " Map gr to execute go run
map tt :GoTest<Enter> " Map tt to execute go test
map nf :NERDTreeToggle<CR>
nnoremap <C-TAB> <c-w><c-w>
nnoremap <S-TAB> :bnext<CR>
noremap x "_x
vmap v v
'';
settingsForGo = ''
let g:go_decls_includes = "func,type"
let g:go_def_mode = 'godef'
let g:go_fmt_command = "goimports"
let g:go_highlight_extra_types = 1
let g:go_highlight_fields = 1
let g:go_highlight_functions = 1
let g:go_highlight_methods = 1
let g:go_highlight_types = 1
let g:go_list_type = "quickfix"
let g:go_metalinter_autosave = 1
let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
let g:go_snippet_case_type = "camelcase"
let g:go_test_timeout = '10s'
let g:jsx_ext_required = 0
let g:molokai_original = 1
let g:rehash256 = 1
'';
settingsForElm = ''
let g:polyglot_disabled = ['elm']
let g:elm_detailed_complete = 1
let g:elm_format_autosave = 1
let g:elm_syntastic_show_warnings = 1
'';
in ''
${colorscheme}
${highlightTrailingWhiteSpaces}
${remapStatements}
${setStatements}
${settingsForElm}
${settingsForGo}
" dont expand tabs in go files and show it with four whitespaces.
autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
'';
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
vimrcConfig.vam.pluginDictionaries = [
{ names = [
"ctrlp"
"easymotion"
"elm-vim"
"vim-fileline"
"molokai"
"nerdtree"
"snipmate"
"surround"
"Syntastic"
"undotree"
];
}
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
{ names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode
{ names = [ "vim-javascript" ]; ft_regex = "^js\$"; }
{ names = [ "vim-jsx" ]; ft_regex = "^js\$"; }
];
})
];
# set up the directories up if they are not there.
# Needs to be changed.
# vim = let
# dirs = {
# backupdir = "$HOME/.cache/vim/backup";
# swapdir = "$HOME/.cache/vim/swap";
# undodir = "$HOME/.cache/vim/undo";
# };
# files = {
# viminfo = "$HOME/.cache/vim/info";
# };
#
# mkdirs = let
# dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
# in assert out != ""; out;
# alldirs = attrValues dirs ++ map dirOf (attrValues files);
# in unique (sort lessThan alldirs);
# in
# pkgs.symlinkJoin {
# name = "vim";
# paths = [
# (pkgs.writeDashBin "vim" ''
# set -efu
# (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
# exec ${pkgs.vim}/bin/vim "$@"
# '')
# pkgs.vim
# ];
# };
}

View File

@ -1,23 +0,0 @@
{ config, pkgs, ... }:
let
mainUser = config.users.extraUsers.jeschli;
in {
#services.virtualboxHost.enable = true;
virtualisation.virtualbox.host.enable = true;
users.extraUsers = {
virtual = {
name = "virtual";
description = "user for running VirtualBox";
home = "/home/virtual";
useDefaultShell = true;
extraGroups = [ "vboxusers" "audio" ];
createHome = true;
};
};
security.sudo.extraConfig = ''
${mainUser.name} ALL=(virtual) NOPASSWD: ALL
'';
}

View File

@ -1,14 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
systemd.tmpfiles.rules = let
forUsers = flip map users;
isUser = { name, group, ... }:
name == "root" || hasSuffix "users" group;
users = filter isUser (mapAttrsToList (_: id) config.users.users);
in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -");
}

View File

@ -1,27 +0,0 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
pkgs.writeText "Xmodmap" ''
!keycode 66 = Caps_Lock
!remove Lock = Caps_Lock
clear Lock
! caps lock
keycode 66 = Mode_switch
keycode 13 = 4 dollar EuroSign cent
keycode 30 = u U udiaeresis Udiaeresis
keycode 32 = o O odiaeresis Odiaeresis
keycode 38 = a A adiaeresis Adiaeresis
keycode 39 = s S ssharp
keycode 33 = p P Greek_pi Greek_PI
keycode 46 = l L Greek_lambda Greek_LAMBDA
keycode 54 = c C cacute Cacute
! BULLET OPERATOR
keycode 17 = 8 asterisk U2219
keycode 27 = r R r U211D
''

View File

@ -1,56 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
pkgs.writeText "Xresources" /* xdefaults */ ''
Xcursor.theme: aero-large-drop
Xcursor.size: 128
URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}"
URxvt*eightBitInput: false
URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
URxvt*scrollBar: false
URxvt*background: #050505
URxvt*foreground: #d0d7d0
URxvt*cursorColor: #f042b0
URxvt*cursorColor2: #f0b000
URxvt*cursorBlink: off
URxvt*jumpScroll: true
URxvt*allowSendEvents: false
URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
URxvt*cutNewline: False
URxvt*cutToBeginningOfLine: False
URxvt*font: xft:Monospace:size=12
URxvt*font: xft:Monospace:size=12:bold
URxvt*color0: #232342
URxvt*color3: #c07000
URxvt*color4: #4040c0
URxvt*color7: #c0c0c0
URxvt*color8: #707070
URxvt*color9: #ff6060
URxvt*color10: #70ff70
URxvt*color11: #ffff70
URxvt*color12: #7070ff
URxvt*color13: #ff50ff
URxvt*color14: #70ffff
URxvt*color15: #ffffff
URxvt*iso14755: False
URxvt*urgentOnBell: True
URxvt*visualBell: True
! ref https://github.com/muennich/urxvt-perls
URxvt*perl-ext: default,url-select
URxvt*keysym.M-u: perl:url-select:select_next
URxvt*url-select.underline: true
URxvt*colorUL: #4682B4
URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
URxvt*saveLines: 10000
root-urxvt*background: #230000
root-urxvt*foreground: #e0c0c0
root-urxvt*BorderColor: #400000
root-urxvt*color0: #800000
''

View File

@ -1,130 +0,0 @@
{ config, pkgs, ... }@args:
with import <stockholm/lib>;
let
cfg = {
cacheDir = cfg.dataDir;
configDir = "/var/empty";
dataDir = "/run/xdg/${cfg.user.name}/xmonad";
user = config.krebs.users.jeschli;
};
in {
environment.systemPackages = [
pkgs.font-size
pkgs.gitAndTools.qgit
pkgs.mpv
pkgs.sxiv
pkgs.xdotool
pkgs.xsel
pkgs.zathura
];
fonts.fonts = [
pkgs.xlibs.fontschumachermisc
];
# TODO dedicated group, i.e. with a single user [per-user-setuid]
# TODO krebs.setuid.slock.path vs /run/wrappers/bin
krebs.setuid.slock = {
filename = "${pkgs.slock}/bin/slock";
group = "wheel";
envp = {
DISPLAY = ":${toString config.services.xserver.display}";
USER = cfg.user.name;
};
};
systemd.services.display-manager.enable = false;
systemd.services.xmonad = {
wantedBy = [ "multi-user.target" ];
requires = [ "xserver.service" ];
environment = {
DISPLAY = ":${toString config.services.xserver.display}";
XMONAD_CACHE_DIR = cfg.cacheDir;
XMONAD_CONFIG_DIR = cfg.configDir;
XMONAD_DATA_DIR = cfg.dataDir;
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} &
${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} &
${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' &
${config.services.xserver.displayManager.sessionCommands}
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
fi
export DBUS_SESSION_BUS_ADDRESS
${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
wait
'';
# XXX JSON is close enough :)
XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [
"dashboard" # we start here
"stockholm"
"pycharm"
"chromium"
"iRC"
"git"
"hipbird"
]);
};
serviceConfig = {
SyslogIdentifier = "xmonad";
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${toString [
"\${XMONAD_CACHE_DIR}"
"\${XMONAD_CONFIG_DIR}"
"\${XMONAD_DATA_DIR}"
]}";
ExecStart = "${pkgs.xmonad-jeschli}/bin/xmonad";
ExecStop = "${pkgs.xmonad-jeschli}/bin/xmonad --shutdown";
User = cfg.user.name;
WorkingDirectory = cfg.user.home;
};
};
systemd.services.xserver = {
after = [
"systemd-udev-settle.service"
"local-fs.target"
"acpid.service"
];
reloadIfChanged = true;
environment = {
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
LD_LIBRARY_PATH = concatStringsSep ":" (
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
};
serviceConfig = {
SyslogIdentifier = "xserver";
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
ExecStart = toString [
"${pkgs.xorg.xorgserver}/bin/X"
":${toString config.services.xserver.display}"
"vt${toString config.services.xserver.tty}"
"-config ${import ./xserver.conf.nix args}"
"-logfile /dev/null -logverbose 0 -verbose 3"
"-nolisten tcp"
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
];
};
};
systemd.services.urxvtd = {
wantedBy = [ "multi-user.target" ];
reloadIfChanged = true;
serviceConfig = {
SyslogIdentifier = "urxvtd";
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
Restart = "always";
RestartSec = "2s";
StartLimitBurst = 0;
User = cfg.user.name;
};
};
}

View File

@ -1,40 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
cfg = config.services.xserver;
in
pkgs.stdenv.mkDerivation {
name = "xserver.conf";
xfs = optionalString (cfg.useXFS != false)
''FontPath "${toString cfg.useXFS}"'';
inherit (cfg) config;
buildCommand =
''
echo 'Section "Files"' >> $out
echo $xfs >> $out
for i in ${toString config.fonts.fonts}; do
if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
for j in $(find $i -name fonts.dir); do
echo " FontPath \"$(dirname $j)\"" >> $out
done
fi
done
for i in $(find ${toString cfg.modules} -type d); do
if test $(echo $i/*.so* | wc -w) -ne 0; then
echo " ModulePath \"$i\"" >> $out
fi
done
echo 'EndSection' >> $out
echo "$config" >> $out
'';
}

View File

@ -1,138 +0,0 @@
{ config, lib, pkgs, ... }:
{
environment.systemPackages = [ pkgs.fzf ];
programs.zsh = {
enable = true;
shellInit = ''
#disable config wizard
zsh-newuser-install() { :; }
'';
interactiveShellInit = ''
setopt autocd extendedglob
bindkey -e
#history magic
bindkey "" up-line-or-local-history
bindkey "" down-line-or-local-history
up-line-or-local-history() {
zle set-local-history 1
zle up-line-or-history
zle set-local-history 0
}
zle -N up-line-or-local-history
down-line-or-local-history() {
zle set-local-history 1
zle down-line-or-history
zle set-local-history 0
}
zle -N down-line-or-local-history
setopt share_history
setopt hist_ignore_dups
# setopt inc_append_history
bindkey '^R' history-incremental-search-backward
#C-x C-e open line in editor
autoload -z edit-command-line
zle -N edit-command-line
bindkey "^X^E" edit-command-line
#fzf inclusion
source ${pkgs.fzf}/share/fzf/completion.zsh
source ${pkgs.fzf}/share/fzf/key-bindings.zsh
#completion magic
autoload -Uz compinit
compinit
zstyle ':completion:*' menu select
#enable automatic rehashing of $PATH
zstyle ':completion:*' rehash true
eval $(dircolors -b ${pkgs.fetchFromGitHub {
owner = "trapd00r";
repo = "LS_COLORS";
rev = "a75fca8545f91abb8a5f802981033ef54bf1eac0";
sha256="1lzj0qnj89mzh76ha137mnz2hf86k278rh0y9x124ghxj9yqsnb4";
}}/LS_COLORS)
#beautiful colors
alias ls='ls --color'
# zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
#emacs bindings
bindkey "[7~" beginning-of-line
bindkey "[8~" end-of-line
bindkey "Oc" emacs-forward-word
bindkey "Od" emacs-backward-word
#aliases
alias ll='ls -l'
alias la='ls -la'
#fancy window title magic
'';
promptInit = ''
# TODO: figure out why we need to set this here
HISTSIZE=900001
HISTFILESIZE=$HISTSIZE
SAVEHIST=$HISTSIZE
autoload -U promptinit
promptinit
p_error='%(?..%F{red}%?%f )'
t_error='%(?..%? )'
case $UID in
0)
p_username='%F{red}root%f'
t_username='root'
;;
1337)
p_username=""
t_username=""
;;
*)
p_username='%F{blue}%n%f'
t_username='%n'
;;
esac
if test -n "$SSH_CLIENT"; then
p_hostname='@%F{magenta}%M%f '
t_hostname='@%M '
else
p_hostname=""
t_hostname=""
fi
#check if in nix shell
if test -n "$buildInputs"; then
p_nixshell='%F{green}[s]%f '
t_nixshell='[s] '
else
p_nixshell=""
t_nixshell=""
fi
PROMPT="$p_error$p_username$p_hostname$p_nixshell%~ "
TITLE="$t_error$t_username$t_hostname$t_nixshell%~"
case $TERM in
(*xterm* | *rxvt*)
function precmd {
PROMPT_EVALED="$(print -P $TITLE)"
echo -ne "\033]0;$$ $PROMPT_EVALED\007"
}
# This is seen while the shell waits for a command to complete.
function preexec {
PROMPT_EVALED="$(print -P $TITLE)"
echo -ne "\033]0;$$ $PROMPT_EVALED $1\007"
}
;;
esac
'';
};
users.defaultUserShell = "/run/current-system/sw/bin/zsh";
}

View File

@ -1,11 +0,0 @@
with import <stockholm/lib>;
self: super:
# Import files and subdirectories like they are overlays.
foldl' mergeAttrs {}
(map
(name: import (./. + "/${name}") self super)
(filter
(name: name != "default.nix" && !hasPrefix "." name)
(attrNames (readDir ./.))))

View File

@ -1,40 +0,0 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "audio-fingerprint-defender-${version}";
version = "0.1.3";
extid = "@audio-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi";
sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Audio context fingerprint defender firefox browser addon";
homepage = https://mybrowseraddon.com/audiocontext-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,40 +0,0 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "canvas-fingerprint-defender-${version}";
version = "0.1.5";
extid = "@canvas-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended";
sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Canvas fingerprint defender firefox browser addon";
homepage = https://mybrowseraddon.com/webgl-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,28 +0,0 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "dark-reader-${version}";
version = "4.8.1";
extid = "addon@darkreader.org";
signed = true;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi";
sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb";
};
phases = [ "installPhase" ];
installPhase = ''
install -D ${src} "$out/${extid}.xpi"
'';
meta = with stdenv.lib; {
description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing.";
homepage = https://github.com/darkreader/darkreader;
license = licenses.mit;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,18 +0,0 @@
with import <stockholm/lib>;
self: super:
let
# This callPackage will try to detect obsolete overrides.
callPackage = path: args: let
override = self.callPackage path args;
upstream = optionalAttrs (override ? "name")
(super.${(parseDrvName override.name).name} or {});
in if upstream ? "name" &&
override ? "name" &&
compareVersions upstream.name override.name != -1
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
else override;
in
mapNixDir (path: callPackage path {}) ./.

View File

@ -1,487 +0,0 @@
{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config
## various stuff that can be plugged in
, flashplayer, hal-flash
, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2
, jrePlugin, icedtea_web
, bluejeans, djview4, adobe-reader
, fribid, gnome3/*.gnome-shell*/
, esteidfirefoxplugin ? ""
, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow
, udev
, kerberos
}:
## configurability of the wrapper itself
browser:
let
wrapper =
{ browserName ? browser.browserName or (builtins.parseDrvName browser.name).name
, name ? (browserName + "-" + (builtins.parseDrvName browser.name).version)
, desktopName ? # browserName with first letter capitalized
(lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName)
, nameSuffix ? ""
, icon ? browserName
, extraPlugins ? []
, extraPrefs ? ""
, extraExtensions ? [ ]
, allowNonSigned ? false
, disablePocket ? false
, disableTelemetry ? true
, disableDrmPlugin ? false
, showPunycodeUrls ? true
, disableFirefoxStudies ? true
, disableFirefoxSync ? false
, useSystemCertificates ? true
, dontCheckDefaultBrowser ? false
# For more information about anti tracking
# vist https://wiki.kairaven.de/open/app/firefox
, activateAntiTracking ? true
, disableFeedbackCommands ? true
, disableDNSOverHTTPS ? true
, disableGoogleSafebrowsing ? false
, clearDataOnShutdown ? false
, homepage ? "about:blank"
# For more information about policies visit
# https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
, extraPolicies ? {}
, extraNativeMessagingHosts ? []
, gdkWayland ? false
}:
assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
let
# If extraExtensions has been set disable manual extensions
disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false;
cfg = config.${browserName} or {};
enableAdobeFlash = cfg.enableAdobeFlash or false;
ffmpegSupport = browser.ffmpegSupport or false;
gssSupport = browser.gssSupport or false;
jre = cfg.jre or false;
icedtea = cfg.icedtea or false;
supportsJDK =
stdenv.hostPlatform.system == "i686-linux" ||
stdenv.hostPlatform.system == "x86_64-linux" ||
stdenv.hostPlatform.system == "armv7l-linux" ||
stdenv.hostPlatform.system == "aarch64-linux";
plugins =
assert !(jre && icedtea);
if builtins.hasAttr "enableVLC" cfg
then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins"
else
([ ]
++ lib.optional enableAdobeFlash flashplayer
++ lib.optional (cfg.enableDjvu or false) (djview4)
++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser)
++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin
++ lib.optional icedtea icedtea_web
++ lib.optional (cfg.enableFriBIDPlugin or false) fribid
++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell
++ lib.optional (cfg.enableBluejeans or false) bluejeans
++ lib.optional (cfg.enableAdobeReader or false) adobe-reader
++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin
++ extraPlugins
);
nativeMessagingHosts =
([ ]
++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass)
++ lib.optional (cfg.enableBukubrow or false) bukubrow
++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell
++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator
++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration
++ extraNativeMessagingHosts
);
libs = lib.optional stdenv.isLinux udev
++ lib.optional ffmpegSupport ffmpeg
++ lib.optional gssSupport kerberos
++ lib.optionals (cfg.enableQuakeLive or false)
(with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ])
++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash
++ lib.optional (config.pulseaudio or true) libpulseaudio;
gtk_modules = [ libcanberra-gtk2 ];
enterprisePolicies =
{
policies = {
DisableAppUpdate = true;
} // lib.optionalAttrs disableManualExtensions (
{
ExtensionSettings = {
"*" = {
blocked_install_message = "You can't have manual extension mixed with nix extensions";
installation_mode = "blocked";
};
} // lib.foldr (e: ret:
ret // {
"${e.extid}" = {
installation_mode = "allowed";
};
}
) {} extraExtensions;
}
) // lib.optionalAttrs disablePocket (
{
DisablePocket = true;
}
) // lib.optionalAttrs disableTelemetry (
{
DisableTelemetry = true;
}
) // lib.optionalAttrs disableFirefoxStudies (
{
DisableFirefoxStudies = true;
}
) // lib.optionalAttrs disableFirefoxSync (
{
DisableFirefoxAccounts = true;
}
) // lib.optionalAttrs useSystemCertificates (
{
# Disable useless firefox certificate store
Certificates = {
ImportEnterpriseRoots = true;
};
}
) // lib.optionalAttrs (
if lib.count (x: true) extraExtensions > 0 then true else false) (
{
# Don't try to update nix installed addons
DisableSystemAddonUpdate = true;
# But update manually installed addons
ExtensionUpdate = false;
}
) // lib.optionalAttrs dontCheckDefaultBrowser (
{
DontCheckDefaultBrowser = true;
}
)// lib.optionalAttrs disableDNSOverHTTPS (
{
DNSOverHTTPS = {
Enabled = false;
};
}
) // lib.optionalAttrs clearDataOnShutdown (
{
SanitizeOnShutdown = true;
}
) // lib.optionalAttrs disableFeedbackCommands (
{
DisableFeedbackCommands = true;
}
) // lib.optionalAttrs ( if homepage == "" then false else true) (
{
Homepage = {
URL = homepage;
Locked = true;
};
}
) // extraPolicies ;} ;
extensions = builtins.map (a:
if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then
throw "Addon ${a.pname} needs boolean attribute 'signed' "
else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then
throw "Addon ${a.pname} needs a string attribute 'extid'"
else if a.signed == false && !allowNonSigned then
throw "Disable signature checking in firefox if you want ${a.pname} addon"
else a
) extraExtensions;
policiesJson = builtins.toFile "policies.json"
(builtins.toJSON enterprisePolicies);
mozillaCfg = builtins.toFile "mozilla.cfg" ''
// First line must be a comment
// Remove default top sites
lockPref("browser.newtabpage.pinned", "");
lockPref("browser.newtabpage.activity-stream.default.sites", "");
// Deactivate first run homepage
lockPref("browser.startup.firstrunSkipsHomepage", false);
// If true, don't show the privacy policy tab on first run
lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
${
if allowNonSigned == true then
''lockPref("xpinstall.signatures.required", false)''
else
""
}
${
if showPunycodeUrls == true then
''
lockPref("network.IDN_show_punycode", true);
''
else
""
}
${
if disableManualExtensions == true then
''
lockPref("extensions.getAddons.showPane", false);
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
lockPref("app.update.auto", false);
''
else
""
}
${
if disableDrmPlugin == true then
''
lockPref("media.gmp-gmpopenh264.enabled", false);
lockPref("media.gmp-widevinecdm.enabled", false);
''
else
""
}
${
if activateAntiTracking == true then
''
// Tracking
lockPref("browser.send_pings", false);
lockPref("browser.send_pings.require_same_host", true);
lockPref("network.dns.disablePrefetch", true);
lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false);
lockPref("browser.search.geoip.url", "");
lockPref("privacy.firstparty.isolate", true);
lockPref("privacy.userContext.enabled", true);
lockPref("privacy.userContext.ui.enabled", true);
lockPref("privacy.firstparty.isolate.restrict_opener_access", false);
lockPref("network.http.referer.XOriginPolicy", 1);
lockPref("network.http.referer.hideOnionSource", true);
lockPref(" privacy.spoof_english", true);
// This option is currently not usable because of bug:
// https://bugzilla.mozilla.org/show_bug.cgi?id=1557620
// lockPref("privacy.resistFingerprinting", true);
''
else ""
}
${
if disableTelemetry == true then
''
// Telemetry
lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
lockPref("browser.ping-centre.telemetry", false);
lockPref("devtools.onboarding.telemetry.logged", false);
lockPref("toolkit.telemetry.archive.enabled", false);
lockPref("toolkit.telemetry.bhrPing.enabled", false);
lockPref("toolkit.telemetry.enabled", false);
lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
lockPref("toolkit.telemetry.hybridContent.enabled", false);
lockPref("toolkit.telemetry.newProfilePing.enabled", false);
lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
lockPref("dom.push.enabled", false);
lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
lockPref("security.ssl.errorReporting.enabled", false);
''
else ""
}
${
if disableGoogleSafebrowsing == true then
''
// Google data sharing
lockPref("browser.safebrowsing.blockedURIs.enabled", false);
lockPref("browser.safebrowsing.downloads.enabled", false);
lockPref("browser.safebrowsing.malware.enabled", false);
lockPref("browser.safebrowsing.passwords.enabled", false);
lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
lockPref("browser.safebrowsing.malware.enabled", false);
lockPref("browser.safebrowsing.phishing.enabled", false);
lockPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
lockPref("browser.safebrowsing.provider.mozilla.updateURL", "");
''
else ""
}
// User customization
${extraPrefs}
'';
in stdenv.mkDerivation {
inherit name;
desktopItem = makeDesktopItem {
name = browserName;
exec = "${browserName}${nameSuffix} %U";
inherit icon;
comment = "";
desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}";
genericName = "Web Browser";
categories = "Application;Network;WebBrowser;";
mimeType = stdenv.lib.concatStringsSep ";" [
"text/html"
"text/xml"
"application/xhtml+xml"
"application/vnd.mozilla.xul+xml"
"x-scheme-handler/http"
"x-scheme-handler/https"
"x-scheme-handler/ftp"
];
};
nativeBuildInputs = [ makeWrapper lndir ];
buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
buildCommand = lib.optionalString stdenv.isDarwin ''
mkdir -p $out/Applications
cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
rm -f $out${browser.execdir or "/bin"}/${browserName}
'' + ''
# Link the runtime. The executable itself has to be copied,
# because it will resolve paths relative to its true location.
# Any symbolic links have to be replicated as well.
cd "${browser}"
find . -type d -exec mkdir -p "$out"/{} \;
find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
chmod a+rwx "$out/$f"
done
# fix links and absolute references
cd "${browser}"
find . -type l -print0 | while read -d $'\0' l; do
target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
ln -sfT "$target" "$out/$l"
done
# This will not patch binaries, only "text" files.
# Its there for the wrapper mostly.
cd "$out"
${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
# create the wrapper
executablePrefix="$out${browser.execdir or "/bin"}"
executablePath="$executablePrefix/${browserName}"
if [ ! -x "$executablePath" ]
then
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
exit 1
fi
if [ ! -L "$executablePath" ]
then
# Careful here, the file at executablePath may already be
# a wrapper. That is why we postfix it with -old instead
# of -wrapped.
oldExe="$executablePrefix"/".${browserName}"-old
mv "$executablePath" "$oldExe"
else
oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
fi
makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
--suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
--suffix LD_LIBRARY_PATH ':' "$libs" \
--suffix-each GTK_PATH ':' "$gtk_modules" \
--suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \
--prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \
--suffix PATH ':' "$out${browser.execdir or "/bin"}" \
--set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \
--set MOZ_SYSTEM_DIR "$out/lib/mozilla" \
${lib.optionalString gdkWayland ''
--set GDK_BACKEND "wayland" \
''}${lib.optionalString (browser ? gtk3)
''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \
--suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
''
}
if [ -e "${browser}/share/icons" ]; then
mkdir -p "$out/share"
ln -s "${browser}/share/icons" "$out/share/icons"
else
for res in 16 32 48 64 128; do
mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps"
icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" )
if [ -e "$icon" ]; then ln -s "$icon" \
"$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png"
fi
done
fi
install -D -t $out/share/applications $desktopItem/share/applications/*
mkdir -p $out/lib/mozilla
for ext in ${toString nativeMessagingHosts}; do
lndir -silent $ext/lib/mozilla $out/lib/mozilla
done
# For manpages, in case the program supplies them
mkdir -p $out/nix-support
echo ${browser} > $out/nix-support/propagated-user-env-packages
# user customization
mkdir -p $out/lib/firefox
# creating policies.json
mkdir -p "$out/lib/firefox/distribution"
cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson}
# preparing for autoconfig
mkdir -p "$out/lib/firefox/defaults/pref"
cat > "$out/lib/firefox/defaults/pref/autoconfig.js" <<EOF
pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0);
EOF
cat > "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg}
mkdir -p $out/lib/firefox/distribution/extensions
for i in ${toString extensions}; do
ln -s -t $out/lib/firefox/distribution/extensions $i/*
done
'';
preferLocalBuild = true;
# Let each plugin tell us (through its `mozillaPlugin') attribute
# where to find the plugin in its tree.
plugins = map (x: x + x.mozillaPlugin) plugins;
libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs;
gtk_modules = map (x: x + x.gtkModule) gtk_modules;
passthru = { unwrapped = browser; };
disallowedRequisites = [ stdenv.cc ];
meta = browser.meta // {
description =
browser.meta.description
+ " (with plugins: "
+ lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins))
+ ")";
hydraPlatforms = [];
priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package
};
};
in
lib.makeOverridable wrapper

View File

@ -1,40 +0,0 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "font-fingerprint-defender-${version}";
version = "0.1.0";
extid = "@font-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi";
sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Font fingerprint defender firefox browser addon";
homepage = https://mybrowseraddon.com/font-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,45 +0,0 @@
{ stdenv, fetchurl, pkgs, makeWrapper, lib }:
stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "hopper";
version = "4.5.16";
rev = "v${lib.versions.major version}";
src = fetchurl {
url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz";
sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584";
};
sourceRoot = ".";
ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [
libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib
];
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/lib
mkdir -p $out/share
cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper
cp -r $sourceRoot/opt/hopper-${rev}/lib $out
cp -r $sourceRoot/usr/share $out/share
patchelf \
--set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \
$out/bin/hopper
# Details: https://nixos.wiki/wiki/Qt
wrapProgram $out/bin/hopper \
--suffix LD_LIBRARY_PATH : ${ldLibraryPath} \
--suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins
'';
meta = {
homepage = "https://www.hopperapp.com/index.html";
description = "A macOS and Linux Disassembler";
license = stdenv.lib.licenses.unfree;
maintainers = [ stdenv.lib.maintainers.luis ];
platforms = stdenv.lib.platforms.linux;
};
}

View File

@ -1,29 +0,0 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "https-everywhere-${version}";
version = "2019.6.27";
extid = "https-everywhere@eff.org";
signed = true;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi";
sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp";
};
phases = [ "installPhase" ];
installPhase = ''
install -D ${src} "$out/${extid}.xpi"
'';
meta = {
description = "Https everywhere browser addon";
homepage = https://www.eff.org/https-everywhere;
license = stdenv.lib.licenses.gpl2Plus;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,26 +0,0 @@
{ lib, python37Packages }:
python37Packages.buildPythonPackage rec {
pname = "pyocclient";
version = "0.4";
src = python37Packages.fetchPypi {
inherit pname version;
sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q";
};
doCheck = false;
propagatedBuildInputs = with python37Packages; [
requests
six
];
meta = with lib; {
homepage = https://github.com/owncloud/pyocclient/;
description = "Nextcloud / Owncloud library for python";
license = licenses.mit;
maintainers = with maintainers; [ ];
};
}

View File

@ -1,34 +0,0 @@
{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import <nixpkgs> {} }:
with pkgs;
stdenv.mkDerivation rec {
name = "rmount-${version}";
version = "1.0.1";
rev = "v${version}";
src = fetchgit {
rev = "9df124780d2e66f01c70afaecf92090669c5ffb6";
url = "https://github.com/Luis-Hebendanz/rmount";
sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2";
};
buildInputs = [ stdenv makeWrapper ];
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/share/man/man1
cp ${src}/rmount.man $out/share/man/man1/rmount.1
cp ${src}/rmount.bash $out/bin/rmount-noenv
cp ${src}/config.json $out/share/config.json
chmod +x $out/bin/rmount-noenv
makeWrapper $out/bin/rmount-noenv $out/bin/rmount \
--prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]}
'';
meta = {
homepage = "https://github.com/Luis-Hebendanz/rmount";
description = "Remote mount utility which parses a json file";
license = stdenv.lib.licenses.mit;
};
}

View File

@ -1,28 +0,0 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "ublock-origin-${version}";
version = "1.21.2";
extid = "uBlock0@raymondhill.net";
signed = true;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3361355/ublock_origin-${version}-an+fx.xpi";
sha256 = "0ypdq3z61mrymknl37qlq6379bx9f2fsgbgr0czbhqs9f2vwszkc";
};
phases = [ "installPhase" ];
installPhase = ''
install -D ${src} "$out/${extid}.xpi"
'';
meta = with stdenv.lib; {
description = "ublock origin firefox browser addon";
homepage = https://github.com/gorhill/uBlock;
license = licenses.gpl3;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,40 +0,0 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "user-agent-switcher-${version}";
version = "0.3.2";
extid = "@user-agent-switcher";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3370255/user_agent_switcher_and_manager-${version}-an+fx.xpi";
sha256 = "0lrw1xf6fsxr47bifkayfxpysv8s2p9ghmbmw2s7ymhrgy42i6v5";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "User agent switcher";
homepage = https://add0n.com/useragent-switcher.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,40 +0,0 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "webgl-fingerprint-defender-${version}";
version = "0.1.2";
extid = "@webgl-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3362869/webgl_fingerprint_defender-${version}-an+fx.xpi";
sha256 = "06hfr5hxr4qw0jx6i9fi9gdk5211z08brnvqj2jlmpyc3dwl4pif";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Canvas defender firefox browser addon";
homepage = https://mybrowseraddon.com/webgl-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -1,25 +0,0 @@
{ stdenv, fetchFromGitHub, meson, ninja, pkgconfig
, wayland, wayland-protocols }:
stdenv.mkDerivation rec {
pname = "wl-clipboard";
version = "2.0.0";
src = fetchFromGitHub {
owner = "bugaevc";
repo = "wl-clipboard";
rev = "v${version}";
sha256 = "0c4w87ipsw09aii34szj9p0xfy0m00wyjpll0gb0aqmwa60p0c5d";
};
nativeBuildInputs = [ meson ninja pkgconfig wayland-protocols ];
buildInputs = [ wayland ];
meta = with stdenv.lib; {
description = "Command-line copy/paste utilities for Wayland";
homepage = https://github.com/bugaevc/wl-clipboard;
license = licenses.gpl3;
maintainers = with maintainers; [ dywedir ];
platforms = platforms.linux;
};
}

View File

@ -1,18 +0,0 @@
with import <stockholm/lib>;
self: super:
let
# This callPackage will try to detect obsolete overrides.
callPackage = path: args: let
override = self.callPackage path args;
upstream = optionalAttrs (override ? "name")
(super.${(parseDrvName override.name).name} or {});
in if upstream ? "name" &&
override ? "name" &&
compareVersions upstream.name override.name != -1
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
else override;
in
mapNixDir (path: callPackage path {}) ./.

View File

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
imports = [
../krebs
./2configs
];
nixpkgs.config.packageOverrides = import ./5pkgs pkgs;
}

View File

@ -1,43 +0,0 @@
{ name }: let
inherit (import ../krebs/krops.nix { inherit name; })
krebs-source
lib
pkgs
;
source = { test }: lib.evalSource [
(krebs-source { test = test; })
{
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
nixpkgs-unstable.git = {
url = "https://github.com/nixos/nixpkgs";
ref = (lib.importJSON ../krebs/nixpkgs-unstable.json).rev;
};
secrets = if test then {
file = toString ./2configs/tests/dummy-secrets;
} else {
file = "${lib.getEnv "HOME"}/secrets/${name}";
};
}
{
home-manager.git = {
url = https://github.com/rycee/home-manager;
ref = "2ccbf43";
};
}
];
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
inherit target;
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
force = true;
inherit target;
source = source { test = true; };
};
}