Merge remote-tracking branch 'lass/master'
This commit is contained in:
makefu
commit
4715e28304
2
ci.nix
2
ci.nix
|
|
@ -16,6 +16,6 @@ let
|
|||
ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts;
|
||||
|
||||
build = host: owner:
|
||||
((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-tmp";});
|
||||
((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";});
|
||||
|
||||
in mapAttrs (n: h: build n h.owner.name) ci-systems
|
||||
|
|
|
|||
42
krebs/3modules/external/default.nix
vendored
42
krebs/3modules/external/default.nix
vendored
|
|
@ -8,6 +8,9 @@ with import <stockholm/lib>;
|
|||
} // optionalAttrs (host.nets?retiolum) {
|
||||
nets.retiolum.ip6.addr =
|
||||
(krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
|
||||
} // optionalAttrs (host.nets?wiregrill) {
|
||||
nets.wiregrill.ip6.addr =
|
||||
(krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
|
||||
});
|
||||
ssh-for = name: builtins.readFile (./ssh + "/${name}.pub");
|
||||
tinc-for = name: builtins.readFile (./tinc + "/${name}.pub");
|
||||
|
|
@ -341,6 +344,41 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
matchbox = {
|
||||
owner = config.krebs.users.Mic92;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.29.172";
|
||||
aliases = [ "matchbox.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m
|
||||
VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w
|
||||
nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u
|
||||
TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE
|
||||
TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1
|
||||
yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO
|
||||
4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4
|
||||
Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/
|
||||
bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4
|
||||
nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR
|
||||
/vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
miaoski = {
|
||||
owner = config.krebs.users.miaoski;
|
||||
nets = {
|
||||
wiregrill = {
|
||||
aliases = [ "miaoski.w" ];
|
||||
wireguard = {
|
||||
pubkey = "8haz9JX5nAMORzNy89VdHC1Z9XA94ogaZsY3d2Rfkl4=";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
users = {
|
||||
ciko = {
|
||||
|
|
@ -351,6 +389,8 @@ in {
|
|||
pubkey = ssh-for "exco";
|
||||
};
|
||||
kmein = {
|
||||
mail = "kieran.meinhardt@gmail.com";
|
||||
pubkey = ssh-for "kmein";
|
||||
};
|
||||
Mic92 = {
|
||||
mail = "joerg@higgsboson.tk";
|
||||
|
|
@ -371,6 +411,8 @@ in {
|
|||
mail = "shackspace.de@myvdr.de";
|
||||
pubkey = ssh-for "ulrich";
|
||||
};
|
||||
miaoski = {
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
|||
1
krebs/3modules/external/ssh/kmein.pub
vendored
Normal file
1
krebs/3modules/external/ssh/kmein.pub
vendored
Normal file
|
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC19H0FhSNWcfBRPKzbTVSMJikIWZl0CoM8zCm+/3fdMgoaLRpeZWe/AfDK6b4qOjk/sez/J0JUFCGr+JbMwjsduoazsuQowu9L9DLP9Q5UkJje4BD7MHznaeu9/XfVng/MvyaEWArA/VUJeKQesHe76tR511/+n3+bdzlIh8Zw/3wfFxmg1OTNA99/vLkXrQzHDTuV/yj1pxykL4xFtN0OIssW1IKncJeKtkO/OHGT55ypz52Daj6bNKqvxiTuzeEhv5M+5ppyIPcRf1uj/7IaPKttCgZAntEqBTIR9MbyXFeAZVayzaFnLl2okeam5XreeZbj+Y1h2ZjxiIuWoab3MLndSekVfLtfa63gtcWIf8CIvZO2wJoH8v73y0U78JsfWVaTM09ZCfFlHHA/bWqZ6laAjW+mWLO/c77DcYkB3IBzaMVNfc6mfTcGFIC+biWeYpKgA0zC6rByUPbmbIoMueP9zqJwqUaM90Nwd6559inBB107/BK3Ktb3b+37mMCstetIPB9e4EFpGMjhmnL/G81jS53ACWLXJYzt7mKU/fEsiW93MtaB+Le46OEC18y/4G8F7p/nnH7i0kO74ukxbnc4PlpiM7iWT6ra2Cyy+nzEgdXCNXywIxr05TbCQDwX6/NY8k7Hokgdfyz+1Pq3sX0yCcWRPaoB26YF12KYFQ== kieran.meinhardt@gmail.com
|
||||
|
|
@ -91,7 +91,6 @@ in {
|
|||
};
|
||||
wiregrill = {
|
||||
via = internet;
|
||||
ip4.addr = "10.244.1.1";
|
||||
ip6.addr = w6 "1";
|
||||
aliases = [
|
||||
"prism.w"
|
||||
|
|
@ -99,7 +98,6 @@ in {
|
|||
wireguard = {
|
||||
pubkey = "oKJotppdEJqQBjrqrommEUPw+VFryvEvNJr/WikXohk=";
|
||||
subnets = [
|
||||
"10.244.1.0/24"
|
||||
(krebs.genipv6 "wiregrill" "external" 0).subnetCIDR
|
||||
(krebs.genipv6 "wiregrill" "lass" 0).subnetCIDR
|
||||
];
|
||||
|
|
@ -278,7 +276,7 @@ in {
|
|||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.133.115";
|
||||
ip6.addr = r6 "dead";
|
||||
ip6.addr = r6 "daed";
|
||||
aliases = [
|
||||
"daedalus.r"
|
||||
"cgit.daedalus.r"
|
||||
|
|
@ -294,8 +292,14 @@ in {
|
|||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
wiregrill = {
|
||||
ip6.addr = w6 "daed";
|
||||
aliases = [
|
||||
"daedalus.w"
|
||||
];
|
||||
wireguard.pubkey = "ZVTTWbJfe8Oq6E6QW1qgXU91FnkuKDGJO3MF3I3gDFI=";
|
||||
};
|
||||
};
|
||||
secure = true;
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5Ovdcsljr5dOl7+2sQNKpGpdX0SlOIuCZKEiWEp8g";
|
||||
};
|
||||
|
|
@ -474,7 +478,6 @@ in {
|
|||
phone = {
|
||||
nets = {
|
||||
wiregrill = {
|
||||
ip4.addr = "10.244.1.2";
|
||||
ip6.addr = w6 "a";
|
||||
aliases = [
|
||||
"phone.w"
|
||||
|
|
|
|||
|
|
@ -9,15 +9,15 @@
|
|||
|
||||
krebs-source = { test ? false }: rec {
|
||||
nixpkgs = if test then {
|
||||
file = {
|
||||
path = toString (pkgs.fetchFromGitHub {
|
||||
derivation = ''
|
||||
with import <nixpkgs> {};
|
||||
pkgs.fetchFromGitHub {
|
||||
owner = "nixos";
|
||||
repo = "nixpkgs";
|
||||
rev = (lib.importJSON ./nixpkgs.json).rev;
|
||||
sha256 = (lib.importJSON ./nixpkgs.json).sha256;
|
||||
});
|
||||
useChecksum = true;
|
||||
};
|
||||
rev = "${(lib.importJSON ./nixpkgs.json).rev}";
|
||||
sha256 = "${(lib.importJSON ./nixpkgs.json).sha256}";
|
||||
}
|
||||
'';
|
||||
} else {
|
||||
git = {
|
||||
ref = (lib.importJSON ./nixpkgs.json).rev;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "5d4a1a3897e2d674522bcb3aa0026c9e32d8fd7c",
|
||||
"date": "2018-11-24T00:40:22-05:00",
|
||||
"sha256": "19kryzx9a6x68mpyxks3dajraf92hkbnw1zf952k73s2k4qw9jlq",
|
||||
"rev": "0396345b79436f54920f7eb651ab42acf2eb7973",
|
||||
"date": "2018-12-30T21:22:33-05:00",
|
||||
"sha256": "10wd0wsair6dlilgaviqw2p9spgcf8qg736bzs08jha0f4zfqjs4",
|
||||
"fetchSubmodules": false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,11 +1,14 @@
|
|||
{ lib, pkgs, ... }:
|
||||
{
|
||||
nixpkgs = lib.mkForce {
|
||||
file = toString (pkgs.fetchFromGitHub {
|
||||
owner = "nixos";
|
||||
repo = "nixpkgs";
|
||||
rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
|
||||
sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
|
||||
});
|
||||
derivation = ''
|
||||
with import <nixpkgs> {};
|
||||
pkgs.fetchFromGitHub {
|
||||
owner = "nixos";
|
||||
repo = "nixpkgs";
|
||||
rev = "${(lib.importJSON ../../../krebs/nixpkgs.json).rev}";
|
||||
sha256 = "${(lib.importJSON ../../../krebs/nixpkgs.json).sha256}";
|
||||
}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,9 +6,8 @@ with import <stockholm/lib>;
|
|||
<stockholm/lass>
|
||||
|
||||
<stockholm/lass/2configs/retiolum.nix>
|
||||
<stockholm/lass/2configs/games.nix>
|
||||
<stockholm/lass/2configs/steam.nix>
|
||||
<stockholm/lass/2configs/backup.nix>
|
||||
<stockholm/lass/2configs/nfs-dl.nix>
|
||||
{
|
||||
# bubsy config
|
||||
users.users.bubsy = {
|
||||
|
|
@ -72,6 +71,7 @@ with import <stockholm/lib>;
|
|||
#remote control
|
||||
environment.systemPackages = with pkgs; [
|
||||
x11vnc
|
||||
torbrowser
|
||||
];
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp -i retiolum --dport 5900"; target = "ACCEPT"; }
|
||||
|
|
|
|||
|
|
@ -35,6 +35,7 @@ with import <stockholm/lib>;
|
|||
<stockholm/lass/2configs/print.nix>
|
||||
<stockholm/lass/2configs/blue-host.nix>
|
||||
<stockholm/lass/2configs/network-manager.nix>
|
||||
<stockholm/lass/2configs/nfs-dl.nix>
|
||||
{
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
#risk of rain
|
||||
|
|
@ -147,6 +148,7 @@ with import <stockholm/lib>;
|
|||
OnCalendar = "00:37";
|
||||
};
|
||||
|
||||
nixpkgs.config.android_sdk.accept_license = true;
|
||||
programs.adb.enable = true;
|
||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||
virtualisation.docker.enable = true;
|
||||
|
|
|
|||
|
|
@ -82,6 +82,13 @@ with import <stockholm/lib>;
|
|||
];
|
||||
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ];
|
||||
};
|
||||
users.users.kmein = {
|
||||
uid = genid_uint31 "kmein";
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.kmein.pubkey
|
||||
];
|
||||
};
|
||||
}
|
||||
{
|
||||
#hotdog
|
||||
|
|
@ -309,7 +316,7 @@ with import <stockholm/lib>;
|
|||
{ precedence = 1000; predicate = "-i retiolum -o wiregrill"; target = "ACCEPT"; }
|
||||
];
|
||||
krebs.iptables.tables.nat.POSTROUTING.rules = [
|
||||
{ v4 = false; predicate = "-s 42:1:ce16::/48 ! -d 42:1:ce16::48"; target = "MASQUERADE"; }
|
||||
{ v4 = false; predicate = "-s 42:1::/32 ! -d 42:1::/48"; target = "MASQUERADE"; }
|
||||
{ v6 = false; predicate = "-s 10.244.1.0/24 ! -d 10.244.1.0/24"; target = "MASQUERADE"; }
|
||||
];
|
||||
services.dnsmasq = {
|
||||
|
|
@ -390,6 +397,28 @@ with import <stockholm/lib>;
|
|||
ln -fnsT /var/lib/containers/yellow/var/download/finished /var/download/finished || :
|
||||
chown download: /var/download/finished
|
||||
'';
|
||||
|
||||
fileSystems."/export/download" = {
|
||||
device = "/var/lib/containers/yellow/var/download";
|
||||
options = [ "bind" ];
|
||||
};
|
||||
services.nfs.server = {
|
||||
enable = true;
|
||||
exports = ''
|
||||
/export 42::/16(insecure,ro,crossmnt)
|
||||
'';
|
||||
lockdPort = 4001;
|
||||
mountdPort = 4002;
|
||||
statdPort = 4000;
|
||||
};
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p udp --dport 2049"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p tcp --dport 4000:4002"; target = "ACCEPT"; }
|
||||
{ predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
|
|
|
|||
|
|
@ -79,7 +79,6 @@ in {
|
|||
taskwarrior
|
||||
termite
|
||||
xclip
|
||||
xephyrify
|
||||
xorg.xbacklight
|
||||
xorg.xhost
|
||||
xsel
|
||||
|
|
|
|||
|
|
@ -95,6 +95,7 @@ with import <stockholm/lib>;
|
|||
{ from = "lesswrong@lassul.us"; to = lass.mail; }
|
||||
{ from = "nordvpn@lassul.us"; to = lass.mail; }
|
||||
{ from = "csv-direct@lassul.us"; to = lass.mail; }
|
||||
{ from = "nintendo@lassul.us"; to = lass.mail; }
|
||||
];
|
||||
system-aliases = [
|
||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||
|
|
|
|||
7
lass/2configs/nfs-dl.nix
Normal file
7
lass/2configs/nfs-dl.nix
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
{
|
||||
fileSystems."/mnt/prism" = {
|
||||
device = "prism.w:/export";
|
||||
fsType = "nfs";
|
||||
};
|
||||
}
|
||||
|
||||
|
|
@ -63,6 +63,9 @@ in {
|
|||
locations."= /retiolum.hosts".extraConfig = ''
|
||||
alias ${pkgs.retiolum-hosts};
|
||||
'';
|
||||
locations."= /wireguard-key".extraConfig = ''
|
||||
alias ${pkgs.writeText "prism.wg" config.krebs.hosts.prism.nets.wiregrill.wireguard.pubkey};
|
||||
'';
|
||||
locations."/tinc".extraConfig = ''
|
||||
alias ${config.krebs.tinc_graphs.workingDir}/external;
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -20,9 +20,7 @@
|
|||
|
||||
lass.mysqlBackup = {
|
||||
enable = true;
|
||||
config.all = {
|
||||
password = toString (<secrets/mysql_rootPassword>);
|
||||
};
|
||||
config.all = {};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -14,6 +14,5 @@ _:
|
|||
./umts.nix
|
||||
./usershadow.nix
|
||||
./xjail.nix
|
||||
./xserver
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ let
|
|||
};
|
||||
location = mkOption {
|
||||
type = str;
|
||||
default = "/bku/sql_dumps";
|
||||
default = "/backups/sql_dumps";
|
||||
};
|
||||
};
|
||||
}));
|
||||
|
|
@ -51,11 +51,9 @@ let
|
|||
|
||||
imp = {
|
||||
|
||||
#systemd.timers =
|
||||
# mapAttrs (_: plan: {
|
||||
# wantedBy = [ "timers.target" ];
|
||||
# timerConfig = plan.timerConfig;
|
||||
#}) cfg.config;
|
||||
services.mysql.ensureUsers = [
|
||||
{ ensurePermissions = { "*.*" = "ALL"; }; name = "root"; }
|
||||
];
|
||||
|
||||
systemd.services =
|
||||
mapAttrs' (_: plan: nameValuePair "mysqlBackup-${plan.name}" {
|
||||
|
|
@ -75,8 +73,10 @@ let
|
|||
|
||||
|
||||
start = plan: let
|
||||
backupScript = plan: db:
|
||||
"mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz";
|
||||
backupScript = plan: db: ''
|
||||
mkdir -p ${plan.location}
|
||||
mysqldump -u ${plan.user} ${optionalString (plan.password != null) "-p$(cat ${plan.password})"} ${db} | gzip -c > ${plan.location}/${db}.gz
|
||||
'';
|
||||
|
||||
in pkgs.pkgs.writeDash "mysqlBackup.${plan.name}" ''
|
||||
${concatMapStringsSep "\n" (backupScript plan) plan.databases}
|
||||
|
|
|
|||
|
|
@ -1,103 +0,0 @@
|
|||
{ config, pkgs, ... }@args:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
|
||||
out = {
|
||||
options.lass.xserver = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
};
|
||||
|
||||
user = config.krebs.build.user;
|
||||
|
||||
cfg = config.lass.xserver;
|
||||
xcfg = config.services.xserver;
|
||||
api = {
|
||||
enable = mkEnableOption "lass xserver";
|
||||
};
|
||||
imp = {
|
||||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
display = 11;
|
||||
tty = 11;
|
||||
};
|
||||
|
||||
systemd.services.display-manager.enable = false;
|
||||
|
||||
systemd.services.xmonad = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
requires = [ "xserver.service" ];
|
||||
environment = {
|
||||
DISPLAY = ":${toString xcfg.display}";
|
||||
|
||||
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
|
||||
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
|
||||
${xcfg.displayManager.sessionCommands}
|
||||
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
|
||||
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
|
||||
fi
|
||||
export DBUS_SESSION_BUS_ADDRESS
|
||||
${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
|
||||
wait
|
||||
'';
|
||||
|
||||
XMONAD_DATA_DIR = "/tmp";
|
||||
};
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "xmonad";
|
||||
ExecStart = "${pkgs.xmonad-lass}/bin/xmonad";
|
||||
ExecStop = "${pkgs.xmonad-lass}/bin/xmonad --shutdown";
|
||||
User = user.name;
|
||||
WorkingDirectory = user.home;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.xserver = {
|
||||
after = [
|
||||
"systemd-udev-settle.service"
|
||||
"local-fs.target"
|
||||
"acpid.service"
|
||||
];
|
||||
reloadIfChanged = true;
|
||||
environment = {
|
||||
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
||||
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
||||
LD_LIBRARY_PATH = concatStringsSep ":" (
|
||||
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
|
||||
++ concatLists (catAttrs "libPath" xcfg.drivers));
|
||||
};
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "xserver";
|
||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||
ExecStart = toString [
|
||||
"${pkgs.xorg.xorgserver}/bin/X"
|
||||
":${toString xcfg.display}"
|
||||
"vt${toString xcfg.tty}"
|
||||
"-config ${import ./xserver.conf.nix args}"
|
||||
"-logfile /dev/null -logverbose 0 -verbose 3"
|
||||
"-nolisten tcp"
|
||||
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
||||
(optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}")
|
||||
];
|
||||
User = user.name;
|
||||
};
|
||||
};
|
||||
krebs.xresources.resources.dpi = ''
|
||||
${optionalString (xcfg.dpi != null) "Xft.dpi: ${toString xcfg.dpi}"}
|
||||
'';
|
||||
systemd.services.urxvtd = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
reloadIfChanged = true;
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "urxvtd";
|
||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||
ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd";
|
||||
Restart = "always";
|
||||
RestartSec = "2s";
|
||||
StartLimitBurst = 0;
|
||||
User = user.name;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
in out
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
cfg = config.services.xserver;
|
||||
in
|
||||
|
||||
pkgs.stdenv.mkDerivation {
|
||||
name = "xserver.conf";
|
||||
|
||||
xfs = optionalString (cfg.useXFS != false)
|
||||
''FontPath "${toString cfg.useXFS}"'';
|
||||
|
||||
inherit (cfg) config;
|
||||
|
||||
buildCommand =
|
||||
''
|
||||
echo 'Section "Files"' >> $out
|
||||
echo $xfs >> $out
|
||||
|
||||
for i in ${toString config.fonts.fonts}; do
|
||||
if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
|
||||
for j in $(find $i -name fonts.dir); do
|
||||
echo " FontPath \"$(dirname $j)\"" >> $out
|
||||
done
|
||||
fi
|
||||
done
|
||||
|
||||
for i in $(find ${toString cfg.modules} -type d); do
|
||||
if test $(echo $i/*.so* | wc -w) -ne 0; then
|
||||
echo " ModulePath \"$i\"" >> $out
|
||||
fi
|
||||
done
|
||||
|
||||
echo 'EndSection' >> $out
|
||||
|
||||
echo "$config" >> $out
|
||||
'';
|
||||
}
|
||||
|
|
@ -11,10 +11,7 @@ pkgs.writeHaskellPackage "xmonad-lass" {
|
|||
"xmonad-stockholm"
|
||||
];
|
||||
text = /* haskell */ ''
|
||||
{-# LANGUAGE DeriveDataTypeable #-} -- for XS
|
||||
{-# LANGUAGE FlexibleContexts #-} -- for xmonad'
|
||||
{-# LANGUAGE LambdaCase #-}
|
||||
{-# LANGUAGE ScopedTypeVariables #-}
|
||||
|
||||
|
||||
module Main where
|
||||
|
|
@ -28,7 +25,7 @@ import System.Environment (getArgs, lookupEnv)
|
|||
import System.Exit (exitFailure)
|
||||
import System.IO (hPutStrLn, stderr)
|
||||
import System.Posix.Process (executeFile)
|
||||
import XMonad.Actions.CopyWindow (copy, kill1)
|
||||
import XMonad.Actions.CopyWindow (copy, copyToAll, kill1)
|
||||
import XMonad.Actions.CycleWS (toggleWS)
|
||||
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
|
||||
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
|
||||
|
|
@ -149,6 +146,8 @@ myKeyMap =
|
|||
|
||||
, ("M4-d", floatNext True >> spawn "${pkgs.copyq}/bin/copyq show")
|
||||
|
||||
, ("M4-<F2>", windows copyToAll)
|
||||
|
||||
, ("M4-<F4>", spawn "${pkgs.writeDash "nm-dmenu" ''
|
||||
export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin
|
||||
exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@"
|
||||
|
|
|
|||
|
|
@ -27,15 +27,15 @@
|
|||
# TODO: we want to track the unstable channel
|
||||
symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/";
|
||||
} else {
|
||||
file = {
|
||||
path = toString (pkgs.fetchFromGitHub {
|
||||
derivation = ''
|
||||
with import <nixpkgs> {};
|
||||
pkgs.fetchFromGitHub {
|
||||
owner = "makefu";
|
||||
repo = "nixpkgs";
|
||||
rev = nixpkgs-src.rev;
|
||||
sha256 = nixpkgs-src.sha256;
|
||||
});
|
||||
useChecksum = true;
|
||||
};
|
||||
rev = "${nixpkgs-src.rev}";
|
||||
sha256 = "${nixpkgs-src.sha256}";
|
||||
}
|
||||
'';
|
||||
};
|
||||
nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user