Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
4b29caff26
@ -20,6 +20,7 @@ let
|
|||||||
./github-hosts-sync.nix
|
./github-hosts-sync.nix
|
||||||
./git.nix
|
./git.nix
|
||||||
./go.nix
|
./go.nix
|
||||||
|
./htgen.nix
|
||||||
./iptables.nix
|
./iptables.nix
|
||||||
./kapacitor.nix
|
./kapacitor.nix
|
||||||
./monit.nix
|
./monit.nix
|
||||||
|
@ -21,10 +21,9 @@ let
|
|||||||
OnCalendar = "*:00,10,20,30,40,50";
|
OnCalendar = "*:00,10,20,30,40,50";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
# TODO find a better default stateDir
|
|
||||||
stateDir = mkOption {
|
stateDir = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "$HOME/wallpaper";
|
default = "/var/lib/wallpaper";
|
||||||
};
|
};
|
||||||
display = mkOption {
|
display = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
@ -52,27 +51,35 @@ let
|
|||||||
mkdir -p ${cfg.stateDir}
|
mkdir -p ${cfg.stateDir}
|
||||||
cd ${cfg.stateDir}
|
cd ${cfg.stateDir}
|
||||||
(curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || :
|
(curl --max-time ${toString cfg.maxTime} -s -o wallpaper.tmp -z wallpaper ${shell.escape cfg.url} && mv wallpaper.tmp wallpaper) || :
|
||||||
feh --no-fehbg --bg-scale wallpaper
|
feh --no-fehbg --bg-scale ${shell.escape cfg.stateDir}/wallpaper
|
||||||
'';
|
'';
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
systemd.user.timers.fetchWallpaper = {
|
users.users.fetchWallpaper = {
|
||||||
|
name = "fetchWallpaper";
|
||||||
|
uid = genid "fetchWallpaper";
|
||||||
|
description = "fetchWallpaper user";
|
||||||
|
home = cfg.stateDir;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.timers.fetchWallpaper = {
|
||||||
description = "fetch wallpaper timer";
|
description = "fetch wallpaper timer";
|
||||||
wantedBy = [ "timers.target" ];
|
wantedBy = [ "timers.target" ];
|
||||||
|
|
||||||
timerConfig = cfg.timerConfig;
|
timerConfig = cfg.timerConfig;
|
||||||
};
|
};
|
||||||
systemd.user.services.fetchWallpaper = {
|
systemd.services.fetchWallpaper = {
|
||||||
description = "fetch wallpaper";
|
description = "fetch wallpaper";
|
||||||
wantedBy = [ "default.target" ];
|
after = [ "network.target" ];
|
||||||
|
|
||||||
path = with pkgs; [
|
path = with pkgs; [
|
||||||
curl
|
curl
|
||||||
feh
|
feh
|
||||||
coreutils
|
|
||||||
];
|
];
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
|
URL = cfg.url;
|
||||||
DISPLAY = cfg.display;
|
DISPLAY = cfg.display;
|
||||||
};
|
};
|
||||||
restartIfChanged = true;
|
restartIfChanged = true;
|
||||||
@ -80,6 +87,7 @@ let
|
|||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = fetchWallpaperScript;
|
ExecStart = fetchWallpaperScript;
|
||||||
|
User = "fetchWallpaper";
|
||||||
};
|
};
|
||||||
|
|
||||||
unitConfig = cfg.unitConfig;
|
unitConfig = cfg.unitConfig;
|
||||||
|
68
krebs/3modules/htgen.nix
Normal file
68
krebs/3modules/htgen.nix
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
cfg = config.krebs.htgen;
|
||||||
|
|
||||||
|
out = {
|
||||||
|
options.krebs.htgen = api;
|
||||||
|
config = imp;
|
||||||
|
};
|
||||||
|
|
||||||
|
api = mkOption {
|
||||||
|
default = {};
|
||||||
|
type = types.attrsOf (types.submodule ({ config, ... }: {
|
||||||
|
options = {
|
||||||
|
enable = mkEnableOption "krebs.htgen-${config.name}";
|
||||||
|
|
||||||
|
name = mkOption {
|
||||||
|
type = types.username;
|
||||||
|
default = config._module.args.name;
|
||||||
|
};
|
||||||
|
|
||||||
|
port = mkOption {
|
||||||
|
type = types.uint;
|
||||||
|
};
|
||||||
|
|
||||||
|
script = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
};
|
||||||
|
user = mkOption {
|
||||||
|
type = types.user;
|
||||||
|
default = {
|
||||||
|
name = "htgen-${config.name}";
|
||||||
|
home = "/var/lib/htgen-${config.name}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}));
|
||||||
|
};
|
||||||
|
imp = {
|
||||||
|
|
||||||
|
systemd.services = mapAttrs' (name: htgen:
|
||||||
|
nameValuePair "htgen-${name}" {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "network.target" ];
|
||||||
|
environment = {
|
||||||
|
HTGEN_PORT = toString htgen.port;
|
||||||
|
HTGEN_SCRIPT = htgen.script;
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "htgen";
|
||||||
|
User = htgen.user.name;
|
||||||
|
PrivateTmp = true;
|
||||||
|
Restart = "always";
|
||||||
|
ExecStart = "${pkgs.htgen}/bin/htgen --serve";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
) cfg;
|
||||||
|
|
||||||
|
users.users = mapAttrs' (name: htgen:
|
||||||
|
nameValuePair htgen.user.name {
|
||||||
|
inherit (htgen.user) home name uid;
|
||||||
|
createHome = true;
|
||||||
|
}
|
||||||
|
) cfg;
|
||||||
|
|
||||||
|
};
|
||||||
|
in out
|
@ -68,8 +68,8 @@ let
|
|||||||
networking.firewall.enable = false;
|
networking.firewall.enable = false;
|
||||||
|
|
||||||
systemd.services.krebs-iptables = {
|
systemd.services.krebs-iptables = {
|
||||||
description = "krebs-iptables";
|
wantedBy = [ "sysinit.target" ];
|
||||||
wantedBy = [ "network-pre.target" ];
|
wants = [ "network-pre.target" ];
|
||||||
before = [ "network-pre.target" ];
|
before = [ "network-pre.target" ];
|
||||||
after = [ "systemd-modules-load.service" ];
|
after = [ "systemd-modules-load.service" ];
|
||||||
|
|
||||||
@ -85,6 +85,8 @@ let
|
|||||||
Restart = "always";
|
Restart = "always";
|
||||||
ExecStart = startScript;
|
ExecStart = startScript;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
unitConfig.DefaultDependencies = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -224,8 +224,8 @@ with import <stockholm/lib>;
|
|||||||
internet = {
|
internet = {
|
||||||
ip4.addr = "188.68.36.196";
|
ip4.addr = "188.68.36.196";
|
||||||
aliases = [
|
aliases = [
|
||||||
"cgit.ni.i"
|
|
||||||
"ni.i"
|
"ni.i"
|
||||||
|
"cgit.ni.i"
|
||||||
];
|
];
|
||||||
ssh.port = 11423;
|
ssh.port = 11423;
|
||||||
};
|
};
|
||||||
@ -360,8 +360,8 @@ with import <stockholm/lib>;
|
|||||||
gg23 = {
|
gg23 = {
|
||||||
ip4.addr = "10.23.1.38";
|
ip4.addr = "10.23.1.38";
|
||||||
aliases = [
|
aliases = [
|
||||||
"cache.xu.gg23"
|
|
||||||
"xu.gg23"
|
"xu.gg23"
|
||||||
|
"cache.xu.gg23"
|
||||||
];
|
];
|
||||||
ssh.port = 11423;
|
ssh.port = 11423;
|
||||||
};
|
};
|
||||||
|
28
krebs/5pkgs/htgen/default.nix
Normal file
28
krebs/5pkgs/htgen/default.nix
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
{ bash, coreutils, gnused, stdenv, fetchgit, ucspi-tcp }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
version = "1.1";
|
||||||
|
in stdenv.mkDerivation {
|
||||||
|
name = "htgen-${version}";
|
||||||
|
|
||||||
|
src = fetchgit {
|
||||||
|
url = "http://cgit.krebsco.de/htgen";
|
||||||
|
rev = "refs/tags/v${version}";
|
||||||
|
sha256 = "1zxj0fv9vdrqyl3x2hgq7a6xdlzpclf93akygysrzsqk9wjapp4z";
|
||||||
|
};
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
{
|
||||||
|
echo '#! ${bash}/bin/bash'
|
||||||
|
echo 'export PATH=${makeBinPath [
|
||||||
|
ucspi-tcp
|
||||||
|
coreutils
|
||||||
|
gnused
|
||||||
|
]}''${PATH+":$PATH"}'
|
||||||
|
cat htgen
|
||||||
|
} > $out/bin/htgen
|
||||||
|
chmod +x $out/bin/htgen
|
||||||
|
cp -r examples $out
|
||||||
|
'';
|
||||||
|
}
|
@ -2,5 +2,5 @@
|
|||||||
|
|
||||||
# TODO use `execve` instead?
|
# TODO use `execve` instead?
|
||||||
writeDashBin "krebspaste" ''
|
writeDashBin "krebspaste" ''
|
||||||
exec ${bepasty-client-cli}/bin/bepasty-cli --url http://paste.retiolum "$@"
|
exec ${bepasty-client-cli}/bin/bepasty-cli -L 1m --url http://paste.r "$@"
|
||||||
''
|
''
|
||||||
|
@ -86,6 +86,10 @@ with import <stockholm/lib>;
|
|||||||
pkgs.krebszones
|
pkgs.krebszones
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
#ps vita stuff
|
||||||
|
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.mors;
|
krebs.build.host = config.krebs.hosts.mors;
|
||||||
@ -180,8 +184,6 @@ with import <stockholm/lib>;
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
exfat
|
|
||||||
|
|
||||||
acronym
|
acronym
|
||||||
cac-api
|
cac-api
|
||||||
sshpass
|
sshpass
|
||||||
|
@ -9,7 +9,10 @@ with import <stockholm/lib>;
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
secKey = import <secrets/bepasty-secret.nix>;
|
secKey = import <secrets/bepasty-secret.nix>;
|
||||||
ext-dom = "paste.lassul.us" ;
|
ext-doms = [
|
||||||
|
"paste.lassul.us"
|
||||||
|
"paste.krebsco.de"
|
||||||
|
];
|
||||||
in {
|
in {
|
||||||
|
|
||||||
services.nginx.enable = mkDefault true;
|
services.nginx.enable = mkDefault true;
|
||||||
@ -25,8 +28,8 @@ in {
|
|||||||
defaultPermissions = "admin,list,create,read,delete";
|
defaultPermissions = "admin,list,create,read,delete";
|
||||||
secretKey = secKey;
|
secretKey = secKey;
|
||||||
};
|
};
|
||||||
|
} //
|
||||||
"${ext-dom}" = {
|
genAttrs ext-doms (ext-dom: {
|
||||||
nginx = {
|
nginx = {
|
||||||
enableSSL = true;
|
enableSSL = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
@ -34,7 +37,6 @@ in {
|
|||||||
};
|
};
|
||||||
defaultPermissions = "read";
|
defaultPermissions = "read";
|
||||||
secretKey = secKey;
|
secretKey = secKey;
|
||||||
};
|
});
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -9,7 +9,7 @@ let
|
|||||||
|
|
||||||
${pkgs.copyq}/bin/copyq config activate_closes true
|
${pkgs.copyq}/bin/copyq config activate_closes true
|
||||||
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
|
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
|
||||||
${pkgs.copyq}/bin/copyq config clipboard_tab clipboard
|
${pkgs.copyq}/bin/copyq config clipboard_tab \&clipboard
|
||||||
${pkgs.copyq}/bin/copyq config disable_tray true
|
${pkgs.copyq}/bin/copyq config disable_tray true
|
||||||
${pkgs.copyq}/bin/copyq config hide_tabs true
|
${pkgs.copyq}/bin/copyq config hide_tabs true
|
||||||
${pkgs.copyq}/bin/copyq config hide_toolbar true
|
${pkgs.copyq}/bin/copyq config hide_toolbar true
|
||||||
@ -19,10 +19,9 @@ let
|
|||||||
${pkgs.copyq}/bin/copyq config text_wrap true
|
${pkgs.copyq}/bin/copyq config text_wrap true
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
systemd.user.services.copyq = {
|
systemd.services.copyq = {
|
||||||
after = [ "graphical.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
wants = [ "graphical.target" ];
|
requires = [ "display-manager.service" ];
|
||||||
wantedBy = [ "default.target" ];
|
|
||||||
environment = {
|
environment = {
|
||||||
DISPLAY = ":0";
|
DISPLAY = ":0";
|
||||||
};
|
};
|
||||||
@ -33,6 +32,7 @@ in {
|
|||||||
Restart = "always";
|
Restart = "always";
|
||||||
RestartSec = "2s";
|
RestartSec = "2s";
|
||||||
StartLimitBurst = 0;
|
StartLimitBurst = 0;
|
||||||
|
User = "lass";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -64,7 +64,10 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
services.dnscrypt-proxy.enable = true;
|
services.dnscrypt-proxy = {
|
||||||
|
enable = true;
|
||||||
|
resolverName = "d0wn-nl-ns3";
|
||||||
|
};
|
||||||
networking.extraResolvconfConf = ''
|
networking.extraResolvconfConf = ''
|
||||||
name_servers='127.0.0.1'
|
name_servers='127.0.0.1'
|
||||||
'';
|
'';
|
||||||
|
@ -32,10 +32,13 @@ let
|
|||||||
public-repos = mapAttrs make-public-repo {
|
public-repos = mapAttrs make-public-repo {
|
||||||
stockholm = {
|
stockholm = {
|
||||||
cgit.desc = "take all the computers hostage, they'll love you!";
|
cgit.desc = "take all the computers hostage, they'll love you!";
|
||||||
|
cgit.section = "configuration";
|
||||||
};
|
};
|
||||||
kimsufi-check = {};
|
|
||||||
} // mapAttrs make-public-repo-silent {
|
} // mapAttrs make-public-repo-silent {
|
||||||
the_playlist = {};
|
the_playlist = {
|
||||||
|
cgit.desc = "Good Music collection + tools";
|
||||||
|
cgit.section = "art";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
restricted-repos = mapAttrs make-restricted-repo (
|
restricted-repos = mapAttrs make-restricted-repo (
|
||||||
@ -58,7 +61,7 @@ let
|
|||||||
server = "ni.r";
|
server = "ni.r";
|
||||||
verbose = config.krebs.build.host.name == "prism";
|
verbose = config.krebs.build.host.name == "prism";
|
||||||
# TODO define branches in some kind of option per repo
|
# TODO define branches in some kind of option per repo
|
||||||
branches = [ "master" "newest" ];
|
branches = [ "master" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -36,5 +36,12 @@ with import <stockholm/lib>;
|
|||||||
{ v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; }
|
{ v6 = false; precedence = 1000; predicate = "-d 213.239.205.246 -p tcp --dport 443"; target = "DNAT --to-destination 192.168.122.208:1443"; }
|
||||||
];
|
];
|
||||||
|
|
||||||
systemd.services.krebs-iptables.after = [ "libvirtd.service" ];
|
# TODO use bridge interfaces instead of this crap
|
||||||
|
systemd.services.libvirtd.serviceConfig.ExecStartPost = let
|
||||||
|
restart-iptables = pkgs.writeDash "restart-iptables" ''
|
||||||
|
#soo hacky
|
||||||
|
${pkgs.coreutils}/bin/sleep 1s
|
||||||
|
${pkgs.systemd}/bin/systemctl restart krebs-iptables.service
|
||||||
|
'';
|
||||||
|
in restart-iptables;
|
||||||
}
|
}
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
{
|
{
|
||||||
|
security.hideProcessInformation = true;
|
||||||
nixpkgs.config.packageOverrides = super: {
|
nixpkgs.config.packageOverrides = super: {
|
||||||
htop = pkgs.concat "htop" [
|
htop = pkgs.concat "htop" [
|
||||||
super.htop
|
super.htop
|
||||||
|
@ -66,7 +66,6 @@ let
|
|||||||
|
|
||||||
# notmuch bindings
|
# notmuch bindings
|
||||||
macro index \\\\ "<vfolder-from-query>" # looks up a hand made query
|
macro index \\\\ "<vfolder-from-query>" # looks up a hand made query
|
||||||
macro index A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
|
|
||||||
macro index + "<modify-labels>+*\n<sync-mailbox>" # tag as starred
|
macro index + "<modify-labels>+*\n<sync-mailbox>" # tag as starred
|
||||||
macro index - "<modify-labels>-*\n<sync-mailbox>" # tag as unstarred
|
macro index - "<modify-labels>-*\n<sync-mailbox>" # tag as unstarred
|
||||||
|
|
||||||
@ -75,9 +74,25 @@ let
|
|||||||
bind index d noop
|
bind index d noop
|
||||||
bind pager d noop
|
bind pager d noop
|
||||||
|
|
||||||
|
bind index S noop
|
||||||
|
bind index s noop
|
||||||
bind pager S noop
|
bind pager S noop
|
||||||
|
bind pager s noop
|
||||||
macro index S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as Junk mail
|
macro index S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as Junk mail
|
||||||
|
macro index s "<modify-labels>-junk\n" # tag as Junk mail
|
||||||
macro pager S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as Junk mail
|
macro pager S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as Junk mail
|
||||||
|
macro pager s "<modify-labels>-junk\n" # tag as Junk mail
|
||||||
|
|
||||||
|
|
||||||
|
bind index A noop
|
||||||
|
bind index a noop
|
||||||
|
bind pager A noop
|
||||||
|
bind pager a noop
|
||||||
|
macro index A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
|
||||||
|
macro index a "<modify-labels>-archive\n" # tag as Archived
|
||||||
|
macro pager A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
|
||||||
|
macro pager a "<modify-labels>-archive\n" # tag as Archived
|
||||||
|
|
||||||
|
|
||||||
bind index t noop
|
bind index t noop
|
||||||
bind pager t noop
|
bind pager t noop
|
||||||
|
@ -325,12 +325,10 @@ in {
|
|||||||
(pkgs.concat "mc" [
|
(pkgs.concat "mc" [
|
||||||
pkgs.mc
|
pkgs.mc
|
||||||
(pkgs.writeDashBin "mc" ''
|
(pkgs.writeDashBin "mc" ''
|
||||||
export MC_DATADIR=${pkgs.concat "mc-datadir" [
|
export MC_DATADIR=${pkgs.writeOut "mc-ext" {
|
||||||
(pkgs.writeOut "mc-ext" {
|
|
||||||
"/mc.ext".link = mcExt;
|
"/mc.ext".link = mcExt;
|
||||||
"/sfs.ini".text = "";
|
"/sfs.ini".text = "";
|
||||||
})
|
}};
|
||||||
]}
|
|
||||||
export TERM=xterm-256color
|
export TERM=xterm-256color
|
||||||
exec ${pkgs.mc}/bin/mc -S xoria256 "$@"
|
exec ${pkgs.mc}/bin/mc -S xoria256 "$@"
|
||||||
'')
|
'')
|
||||||
|
@ -3,6 +3,6 @@
|
|||||||
{
|
{
|
||||||
krebs.build.source.nixpkgs.git = {
|
krebs.build.source.nixpkgs.git = {
|
||||||
url = https://cgit.lassul.us/nixpkgs;
|
url = https://cgit.lassul.us/nixpkgs;
|
||||||
ref = "c0ecd31";
|
ref = "ade5837";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -26,7 +26,7 @@ in {
|
|||||||
lowerLimit = 0;
|
lowerLimit = 0;
|
||||||
charging = false;
|
charging = false;
|
||||||
action = pkgs.writeDash "suspend-wrapper" ''
|
action = pkgs.writeDash "suspend-wrapper" ''
|
||||||
/var/setuid-wrappers/sudo ${suspend}
|
/run/wrappers/bin/sudo ${suspend}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
user = "lass";
|
user = "lass";
|
||||||
|
@ -10,6 +10,7 @@ let
|
|||||||
public = true;
|
public = true;
|
||||||
name = mkDefault "${name}";
|
name = mkDefault "${name}";
|
||||||
cgit.desc = mkDefault "mirror for ${name}";
|
cgit.desc = mkDefault "mirror for ${name}";
|
||||||
|
cgit.section = mkDefault "mirror";
|
||||||
hooks = mkIf announce (mkDefault {
|
hooks = mkIf announce (mkDefault {
|
||||||
post-receive = pkgs.git-hooks.irc-announce {
|
post-receive = pkgs.git-hooks.irc-announce {
|
||||||
nick = config.networking.hostName;
|
nick = config.networking.hostName;
|
||||||
|
@ -120,6 +120,7 @@ in {
|
|||||||
sender_domains = [
|
sender_domains = [
|
||||||
"jla-trading.com"
|
"jla-trading.com"
|
||||||
"ubikmedia.eu"
|
"ubikmedia.eu"
|
||||||
|
"ubikmedia.de"
|
||||||
];
|
];
|
||||||
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
|
ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem";
|
||||||
ssl_key = "/var/lib/acme/lassul.us/key.pem";
|
ssl_key = "/var/lib/acme/lassul.us/key.pem";
|
||||||
|
@ -36,9 +36,10 @@ let
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
in {
|
in {
|
||||||
systemd.user.services.xresources = {
|
systemd.services.xresources = {
|
||||||
description = "xresources";
|
description = "xresources";
|
||||||
wantedBy = [ "default.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
after = [ "display-manager.service" ];
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
DISPLAY = ":0";
|
DISPLAY = ":0";
|
||||||
@ -50,6 +51,7 @@ in {
|
|||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}";
|
ExecStart = "${pkgs.xorg.xrdb}/bin/xrdb -merge ${xresources}";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
|
User = "lass";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -32,7 +32,17 @@ in
|
|||||||
security = import <secrets/grafana_security.nix>;
|
security = import <secrets/grafana_security.nix>;
|
||||||
};
|
};
|
||||||
|
|
||||||
nix.binaryCaches = [ "http://localhost:3142/nixos" "https://cache.nixos.org" ];
|
nix = {
|
||||||
|
binaryCaches = [
|
||||||
|
"http://localhost:3142/nixos"
|
||||||
|
"http://cache.prism.r"
|
||||||
|
"https://cache.nixos.org/"
|
||||||
|
];
|
||||||
|
binaryCachePublicKeys = [
|
||||||
|
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
|
||||||
|
"hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
firewall.enable = false;
|
firewall.enable = false;
|
||||||
|
@ -23,7 +23,8 @@ with lib;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
latest = {
|
latest = {
|
||||||
mirror.url = mirror;
|
url = mirror;
|
||||||
|
ref = "heads/master";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -19,12 +19,6 @@ with import <stockholm/lib>;
|
|||||||
../2configs/xserver
|
../2configs/xserver
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
||||||
# stockholm
|
|
||||||
gnumake
|
|
||||||
hashPassword
|
|
||||||
parallel
|
|
||||||
|
|
||||||
# root
|
# root
|
||||||
cryptsetup
|
cryptsetup
|
||||||
|
|
||||||
|
@ -20,23 +20,6 @@ with import <stockholm/lib>;
|
|||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
||||||
# stockholm
|
|
||||||
gnumake
|
|
||||||
hashPassword
|
|
||||||
#haskellPackages.lentil
|
|
||||||
parallel
|
|
||||||
(pkgs.writeBashBin "im" ''
|
|
||||||
export PATH=${makeSearchPath "bin" (with pkgs; [
|
|
||||||
tmux
|
|
||||||
gnugrep
|
|
||||||
weechat
|
|
||||||
])}
|
|
||||||
if tmux list-sessions -F\#S | grep -q '^im''$'; then
|
|
||||||
exec tmux attach -t im
|
|
||||||
else
|
|
||||||
exec tmux new -s im weechat
|
|
||||||
fi
|
|
||||||
'')
|
|
||||||
|
|
||||||
# root
|
# root
|
||||||
cryptsetup
|
cryptsetup
|
||||||
|
@ -25,24 +25,6 @@ with import <stockholm/lib>;
|
|||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
||||||
# stockholm
|
|
||||||
gnumake
|
|
||||||
hashPassword
|
|
||||||
haskellPackages.lentil
|
|
||||||
parallel
|
|
||||||
(pkgs.writeBashBin "im" ''
|
|
||||||
export PATH=${makeSearchPath "bin" (with pkgs; [
|
|
||||||
tmux
|
|
||||||
gnugrep
|
|
||||||
weechat
|
|
||||||
])}
|
|
||||||
if tmux list-sessions -F\#S | grep -q '^im''$'; then
|
|
||||||
exec tmux attach -t im
|
|
||||||
else
|
|
||||||
exec tmux new -s im weechat
|
|
||||||
fi
|
|
||||||
'')
|
|
||||||
|
|
||||||
# root
|
# root
|
||||||
cryptsetup
|
cryptsetup
|
||||||
|
|
||||||
|
@ -38,6 +38,8 @@ with import <stockholm/lib>;
|
|||||||
# stockholm dependencies
|
# stockholm dependencies
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
git
|
git
|
||||||
|
gnumake
|
||||||
|
hashPassword
|
||||||
populate
|
populate
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
@ -152,6 +154,7 @@ with import <stockholm/lib>;
|
|||||||
{
|
{
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.get
|
pkgs.get
|
||||||
|
pkgs.krebspaste
|
||||||
pkgs.krebszones
|
pkgs.krebszones
|
||||||
pkgs.nix-prefetch-scripts
|
pkgs.nix-prefetch-scripts
|
||||||
pkgs.push
|
pkgs.push
|
||||||
|
@ -13,7 +13,7 @@ with import <stockholm/lib>;
|
|||||||
"shackspace.de"
|
"shackspace.de"
|
||||||
"viljetic.de"
|
"viljetic.de"
|
||||||
];
|
];
|
||||||
relay_from_hosts = map (host: host.nets.retiolum.ip4.addr) [
|
relay_from_hosts = concatMap (host: host.nets.retiolum.addrs) [
|
||||||
config.krebs.hosts.nomic
|
config.krebs.hosts.nomic
|
||||||
config.krebs.hosts.wu
|
config.krebs.hosts.wu
|
||||||
config.krebs.hosts.xu
|
config.krebs.hosts.xu
|
||||||
|
@ -297,14 +297,18 @@ let {
|
|||||||
alldirs = attrValues dirs ++ map dirOf (attrValues files);
|
alldirs = attrValues dirs ++ map dirOf (attrValues files);
|
||||||
in unique (sort lessThan alldirs);
|
in unique (sort lessThan alldirs);
|
||||||
|
|
||||||
vim = pkgs.writeDashBin "vim" ''
|
vim = pkgs.concat "vim" [
|
||||||
|
pkgs.vim_configurable
|
||||||
|
(pkgs.writeDashBin "vim" ''
|
||||||
set -efu
|
set -efu
|
||||||
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
|
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
|
||||||
if test $# = 0 && test -e "$PWD/.ctrlpignore"; then
|
if test $# = 0 && test -e "$PWD/.ctrlpignore"; then
|
||||||
set -- +CtrlP
|
set -- +CtrlP
|
||||||
fi
|
fi
|
||||||
exec ${pkgs.vim}/bin/vim "$@"
|
# vim-orgmode needs Python, thus vim_configurable instead of just vim
|
||||||
'';
|
exec ${pkgs.vim_configurable}/bin/vim "$@"
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
|
||||||
vimrc = pkgs.writeText "vimrc" ''
|
vimrc = pkgs.writeText "vimrc" ''
|
||||||
set nocompatible
|
set nocompatible
|
||||||
|
@ -57,8 +57,8 @@ let {
|
|||||||
networking.firewall.enable = false;
|
networking.firewall.enable = false;
|
||||||
|
|
||||||
systemd.services.tv-iptables = {
|
systemd.services.tv-iptables = {
|
||||||
description = "tv-iptables";
|
wantedBy = [ "sysinit.target" ];
|
||||||
wantedBy = [ "network-pre.target" ];
|
wants = [ "network-pre.target" ];
|
||||||
before = [ "network-pre.target" ];
|
before = [ "network-pre.target" ];
|
||||||
after = [ "systemd-modules-load.service" ];
|
after = [ "systemd-modules-load.service" ];
|
||||||
|
|
||||||
@ -79,6 +79,8 @@ let {
|
|||||||
ip6tables-restore < ${rules 6}
|
ip6tables-restore < ${rules 6}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
unitConfig.DefaultDependencies = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user