diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix index 3bf991433..ce4e83408 100644 --- a/krebs/2configs/news.nix +++ b/krebs/2configs/news.nix @@ -39,10 +39,12 @@ }; }; - krebs.reaktor2.news = { + krebs.reaktor2.news = let + name = "candyman"; + in { hostname = "localhost"; port = "6667"; - nick = "brockman-helper"; + nick = name; plugins = [ { plugin = "register"; @@ -60,23 +62,23 @@ hooks.PRIVMSG = [ { activate = "match"; - pattern = "^brockman-helper:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$"; + pattern = "^${name}:\\s*(\\S*)(?:\\s+(.*\\S))?\\s*$"; command = 1; arguments = [2]; commands = { add-reddit.filename = pkgs.writeDash "add-reddit" '' set -euf if [ "$#" -ne 1 ]; then - echo 'usage: brockman-helper: add-reddit $reddit_channel' + echo 'usage: ${name}: add-reddit $reddit_channel' exit 1 fi reddit_channel=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') - echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Telegram&username=$reddit_channel&format=Mrss" + echo "brockman: add r_$reddit_channel http://rss.r/?action=display&bridge=Reddit&context=single&r=$reddit_channel&format=Atom" ''; add-telegram.filename = pkgs.writeDash "add-telegram" '' set -euf if [ "$#" -ne 1 ]; then - echo 'usage: brockman-helper: add-telegram $telegram_user' + echo 'usage: ${name}: add-telegram $telegram_user' exit 1 fi telegram_user=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') @@ -85,7 +87,7 @@ add-youtube.filename = pkgs.writeDash "add-youtube" '' set -euf if [ "$#" -ne 1 ]; then - echo 'usage: brockman-helper: add-youtube $nick $channelid' + echo 'usage: ${name}: add-youtube $nick $channelid' exit 1 fi youtube_nick=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') @@ -95,7 +97,7 @@ search.filename = pkgs.writeDash "search" '' set -euf if [ "$#" -ne 1 ]; then - echo 'usage: brockman-helper: search $searchterm' + echo 'usage: ${name}: search $searchterm' exit 1 fi searchterm=$(echo "$1" | ${pkgs.jq}/bin/jq -Rr '[match("(\\S+)\\s*";"g").captures[].string][0]') diff --git a/krebs/3modules/backup.nix b/krebs/3modules/backup.nix index c0b218c15..910324f3c 100644 --- a/krebs/3modules/backup.nix +++ b/krebs/3modules/backup.nix @@ -226,10 +226,14 @@ let # XXX Is one ping enough to determine fastest address? fastest-address = host: '' - { ${pkgs.fping}/bin/fping ; -let - cfg = config.krebs.setuid; +{ config, pkgs, ... }: let out = { options.krebs.setuid = api; - config = mkIf (cfg != {}) imp; + config = mkIf (config.krebs.setuid != {}) imp; }; api = mkOption { default = {}; type = let - # TODO make wrapperDir configurable - inherit (config.security) wrapperDir; inherit (config.users) groups users; - in types.attrsOf (types.submodule ({ config, ... }: { + in types.attrsOf (types.submodule (self: let cfg = self.config; in { options = { name = mkOption { type = types.filename; - default = config._module.args.name; + default = cfg._module.args.name; }; envp = mkOption { type = types.nullOr (types.attrsOf types.str); @@ -51,6 +47,10 @@ let merge = mergeOneOption; }; }; + wrapperDir = mkOption { + default = config.security.wrapperDir; + type = types.absolute-pathname; + }; activate = mkOption { type = types.str; visible = false; @@ -58,21 +58,22 @@ let }; }; config.activate = let - src = pkgs.exec config.name { - inherit (config) envp filename; + src = pkgs.exec cfg.name { + inherit (cfg) envp filename; }; - dst = "${wrapperDir}/${config.name}"; + dst = "${cfg.wrapperDir}/${cfg.name}"; in '' + mkdir -p ${cfg.wrapperDir} cp ${src} ${dst} - chown ${config.owner}.${config.group} ${dst} - chmod ${config.mode} ${dst} + chown ${cfg.owner}.${cfg.group} ${dst} + chmod ${cfg.mode} ${dst} ''; })); }; imp = { system.activationScripts."krebs.setuid" = stringAfter [ "wrappers" ] - (concatMapStringsSep "\n" (getAttr "activate") (attrValues cfg)); + (concatMapStringsSep "\n" (getAttr "activate") (attrValues config.krebs.setuid)); }; in out diff --git a/krebs/3modules/shadow.nix b/krebs/3modules/shadow.nix index cff66492d..9505efb0c 100644 --- a/krebs/3modules/shadow.nix +++ b/krebs/3modules/shadow.nix @@ -4,19 +4,21 @@ with import ; cfg = config.krebs.shadow; mergeShadowsJq = pkgs.writeJq "merge-shadows.jq" '' - def fields_3_to_9: ["1", "", "", "", "", "", ""]; + def is_int: . == (. | floor); + def fields_4_to_9: ["", "", "", "", "", ""]; + def check_fields_3_to_9: (.[2] | tonumber | is_int) and .[3:] == fields_4_to_9; def read_value: split(":") | if length == 9 then - if .[2:] == fields_3_to_9 then + if check_fields_3_to_9 then . else error("unrecognized field contents") end elif length == 2 then if .[1] | test("^\\$6\\$") then - . + fields_3_to_9 + . + ["1"] + fields_4_to_9 else error("unrecognized hashed password") end diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index 6a09cc834..92f1a5bcd 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -82,6 +82,31 @@ in { ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsqDuhGJpjpqNv4QmjoOhcODObrPyY3GHLvtVkgXV0g root@au"; }; + hu = { + nets = { + retiolum = { + ip4.addr = "10.243.13.41"; + aliases = [ + "hu.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAwj5T9Rejp8zGVrHjqA+OeMvcVpax4VazssnRPSUznUEOdVEeSJL5 + 8gDBJPtIfxF8iunXr5K7CW036tKvYaGMDwYMOPJZXhFCmU2yUF2g4BcqEhuDdIfO + +D2Pfr4lc9xO90SKOgwJ53qhf5yqeU/WQ3dpCF/n8k4SUmdafTsvh00UrxYpHuTU + C22BRXIKR4r/sCJUitWQSWNdSQUxh3lu7sUPr+6sZyJov+eu8oBVlPgYOv6u9nZe + YhrbCPDKMGPfnQTAtWfHIxNt70Ec5AG6ddQzLeVcM2gP5qi957Fert+C2RNtbz5s + Brbw1bqZ3P+CGzvxVJZtirvR2f3HkidGPQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + tinc.pubkey_ed25519 = + "Ed25519PublicKey = PV8Dz9ni2cPXyJGiG5oU0XWdJkUPgrMzDuzHj7kpMzO"; + }; + }; + secure = true; + ssh.privkey.path = config.krebs.secret.file "ssh.id_ed25519"; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO+Rrf9tvuusYlnSZwUiHS4O+AhrpVZ/6n7peSRKojTc root@hu"; + }; mu = { ci = true; cores = 2; diff --git a/krebs/3modules/upstream/default.nix b/krebs/3modules/upstream/default.nix new file mode 100644 index 000000000..ce7bd1644 --- /dev/null +++ b/krebs/3modules/upstream/default.nix @@ -0,0 +1,10 @@ +with import ; + +{ + imports = + map + (name: ./. + "/${name}") + (filter + (name: name != "default.nix" && !hasPrefix "." name) + (attrNames (readDir ./.))); +} diff --git a/krebs/3modules/upstream/desktop-managers/coma.nix b/krebs/3modules/upstream/desktop-managers/coma.nix new file mode 100644 index 000000000..95db7fb5c --- /dev/null +++ b/krebs/3modules/upstream/desktop-managers/coma.nix @@ -0,0 +1,21 @@ +with import ; +{ config, pkgs, ... }: { + options = { + services.xserver.desktopManager.coma = { + enable = mkEnableOption "sleep as a desktop manager"; + }; + }; + config = mkIf config.services.xserver.desktopManager.coma.enable { + services.xserver.desktopManager.session = singleton { + name = "coma"; + bgSupport = true; + start = /* sh */ '' + if test -n "$waitPID"; then + ${pkgs.uutils-coreutils}/bin/uutils-sleep 1s && kill $waitPID & + wait $waitPID + fi + exec -a sleep ${pkgs.uutils-coreutils}/bin/uutils-sleep infinity + ''; + }; + }; +} diff --git a/krebs/3modules/upstream/desktop-managers/default.nix b/krebs/3modules/upstream/desktop-managers/default.nix new file mode 100644 index 000000000..22e75439d --- /dev/null +++ b/krebs/3modules/upstream/desktop-managers/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./coma.nix + ./none.nix + ]; +} diff --git a/krebs/3modules/upstream/desktop-managers/none.nix b/krebs/3modules/upstream/desktop-managers/none.nix new file mode 100644 index 000000000..892def985 --- /dev/null +++ b/krebs/3modules/upstream/desktop-managers/none.nix @@ -0,0 +1,11 @@ +# Replace upstream none desktop-manager by a real none, that doesn't pull in +# any dependencies. +with import ; +{ + disabledModules = singleton "services/x11/desktop-managers/none.nix"; + config.services.xserver.desktopManager.session = singleton { + name = "none"; + bgSupport = true; + start = ""; + }; +} diff --git a/krebs/3modules/upstream/window-managers/default.nix b/krebs/3modules/upstream/window-managers/default.nix new file mode 100644 index 000000000..eecadca7e --- /dev/null +++ b/krebs/3modules/upstream/window-managers/default.nix @@ -0,0 +1,22 @@ +{ + imports = [ + # Replace upstream xmonad module with one that will be reloaded if changed. + # + # This module is intended to be upstreamed once fully tested. + # The patch to be committed can be obtained using: + # + # diff -u \ + # + # + { + disabledModules = [ "services/x11/window-managers/xmonad.nix" ]; + imports = [ ./xmonad.nix ]; + nixpkgs.overlays = [(self: super: { + writers = super.writers // { + writeHaskellBin = name: spec: with import ; + super.writers.writeHaskellBin name (removeAttrs spec ["ghcArgs"]); + }; + })]; + } + ]; +} diff --git a/krebs/3modules/upstream/window-managers/xmonad.nix b/krebs/3modules/upstream/window-managers/xmonad.nix new file mode 100644 index 000000000..356fa46bf --- /dev/null +++ b/krebs/3modules/upstream/window-managers/xmonad.nix @@ -0,0 +1,189 @@ +{pkgs, lib, config, ...}: + +with lib; +let + inherit (lib) mkOption mkIf optionals literalExample; + cfg = config.services.xserver.windowManager.xmonad; + + ghcWithPackages = cfg.haskellPackages.ghcWithPackages; + packages = self: cfg.extraPackages self ++ + optionals cfg.enableContribAndExtras + [ self.xmonad-contrib self.xmonad-extras ]; + + xmonad-vanilla = pkgs.xmonad-with-packages.override { + inherit ghcWithPackages packages; + }; + + xmonad-config = + let + xmonadAndPackages = self: [ self.xmonad ] ++ packages self; + xmonadEnv = ghcWithPackages xmonadAndPackages; + configured = pkgs.writers.writeHaskellBin "xmonad" { + ghc = cfg.haskellPackages.ghc; + libraries = xmonadAndPackages cfg.haskellPackages; + inherit (cfg) ghcArgs; + } cfg.config; + in + pkgs.runCommandLocal "xmonad" { + nativeBuildInputs = [ pkgs.makeWrapper ]; + } '' + install -D ${xmonadEnv}/share/man/man1/xmonad.1.gz $out/share/man/man1/xmonad.1.gz + makeWrapper ${configured}/bin/xmonad $out/bin/xmonad \ + --set NIX_GHC "${xmonadEnv}/bin/ghc" \ + --set XMONAD_XMESSAGE "${pkgs.xorg.xmessage}/bin/xmessage" + ''; + + xmonad = if (cfg.config != null) then xmonad-config else xmonad-vanilla; +in { + meta.maintainers = with maintainers; [ lassulus xaverdh ivanbrennan ]; + + options = { + services.xserver.windowManager.xmonad = { + enable = mkEnableOption "xmonad"; + haskellPackages = mkOption { + default = pkgs.haskellPackages; + defaultText = "pkgs.haskellPackages"; + example = literalExample "pkgs.haskell.packages.ghc784"; + description = '' + haskellPackages used to build Xmonad and other packages. + This can be used to change the GHC version used to build + Xmonad and the packages listed in + extraPackages. + ''; + }; + + extraPackages = mkOption { + default = self: []; + defaultText = "self: []"; + example = literalExample '' + haskellPackages: [ + haskellPackages.xmonad-contrib + haskellPackages.monad-logger + ] + ''; + description = '' + Extra packages available to ghc when rebuilding Xmonad. The + value must be a function which receives the attrset defined + in haskellPackages as the sole argument. + ''; + }; + + enableContribAndExtras = mkOption { + default = false; + type = lib.types.bool; + description = "Enable xmonad-{contrib,extras} in Xmonad."; + }; + + config = mkOption { + default = null; + type = with lib.types; nullOr (either path str); + description = '' + Configuration from which XMonad gets compiled. If no value is + specified, a vanilla xmonad binary is put in PATH, which will + attempt to recompile and exec your xmonad config from $HOME/.xmonad. + This setup is then analogous to other (non-NixOS) linux distributions. + + If you do set this option, you likely want to use "launch" as your + entry point for xmonad (as in the example), to avoid xmonad's + recompilation logic on startup. Doing so will render the default + "mod+q" restart key binding dysfunctional though, because that attempts + to call your binary with the "--restart" command line option, unless + you implement that yourself. You way mant to bind "mod+q" to + (restart "xmonad" True) instead, which will just restart + xmonad from PATH. This allows e.g. switching to the new xmonad binary + after rebuilding your system with nixos-rebuild. + + If you actually want to run xmonad with a config specified here, but + also be able to recompile and restart it from a copy of that source in + $HOME/.xmonad on the fly, you will have to implement that yourself + using something like "compileRestart" from the example. + This should allow you to switch at will between the local xmonad and + the one NixOS puts in your PATH. + ''; + example = '' + import XMonad + import XMonad.Util.EZConfig (additionalKeys) + import Control.Monad (when) + import Text.Printf (printf) + import System.Posix.Process (executeFile) + import System.Info (arch,os) + import System.Environment (getArgs) + import System.FilePath (()) + + compiledConfig = printf "xmonad-%s-%s" arch os + + compileRestart resume = + whenX (recompile True) $ + when resume writeStateToFile + *> catchIO + ( do + dir <- getXMonadDataDir + args <- getArgs + executeFile (dir compiledConfig) False args Nothing + ) + + main = launch defaultConfig + { modMask = mod4Mask -- Use Super instead of Alt + , terminal = "urxvt" } + `additionalKeys` + [ ( (mod4Mask,xK_r), compileRestart True) + , ( (mod4Mask,xK_q), restart "xmonad" True ) ] + ''; + }; + + xmonadCliArgs = mkOption { + default = []; + type = with lib.types; listOf str; + description = '' + Command line arguments passed to the xmonad binary. + ''; + }; + + ghcArgs = mkOption { + default = []; + type = with lib.types; listOf str; + description = '' + Command line arguments passed to the compiler (ghc) + invocation when xmonad.config is set. + ''; + }; + + }; + }; + config = mkIf cfg.enable { + services.xserver.windowManager = { + session = [{ + name = "xmonad"; + start = '' + systemctl --user start --wait xmonad.service & + waitPID=$! + ''; + }]; + }; + + system.userActivationScripts.xmonad-reload = /* sh */ '' + if ${pkgs.systemd}/bin/systemctl --user is-active --quiet xmonad.service; then + if [ "$(readlink -f "$XDG_RUNTIME_DIR"/xmonad/xmonad)" != ${xmonad}/bin/xmonad ]; then + ${pkgs.systemd}/bin/systemctl --user reload xmonad.service + fi + fi + ''; + + systemd.user.services.xmonad = { + requisite = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + environment.PATH = mkForce "%t/xmonad"; + environment.XMONAD_DATA_DIR = "%t/xmonad"; + serviceConfig = rec { + ExecStartPre = [ + "${pkgs.coreutils}/bin/mkdir -p %t/xmonad" + "${pkgs.coreutils}/bin/ln -fns ${xmonad}/bin/xmonad %t/xmonad/xmonad" + ]; + ExecStart = "%t/xmonad/xmonad ${lib.escapeShellArgs cfg.xmonadCliArgs}"; + ExecReload = ExecStartPre ++ [ "${xmonad-vanilla}/bin/xmonad --restart" ]; + }; + }; + + environment.systemPackages = [ xmonad ]; + }; +} diff --git a/krebs/5pkgs/haskell/brockman.nix b/krebs/5pkgs/haskell/brockman.nix deleted file mode 100644 index 5f1166a25..000000000 --- a/krebs/5pkgs/haskell/brockman.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ mkDerivation, aeson, aeson-pretty, base, bloomfilter, bytestring -, case-insensitive, conduit, containers, directory, feed, filepath -, hslogger, html-entity, http-client, irc-conduit, lens, network -, optparse-applicative, random, safe, stdenv, text, time, timerep -, wreq -, fetchFromGitHub -}: -mkDerivation rec { - pname = "brockman"; - version = "3.2.3"; - src = fetchFromGitHub { - owner = "kmein"; - repo = "brockman"; - rev = version; - sha256 = "1qbjbf0l1ikfzmvky4cnvv7nlcwi2in4afliifh618j0a4f7j427"; - }; - isLibrary = false; - isExecutable = true; - executableHaskellDepends = [ - aeson aeson-pretty base bloomfilter bytestring case-insensitive - conduit containers directory feed filepath hslogger html-entity - http-client irc-conduit lens network optparse-applicative random - safe text time timerep wreq - ]; - license = stdenv.lib.licenses.mit; -} diff --git a/krebs/5pkgs/haskell/brockman/default.nix b/krebs/5pkgs/haskell/brockman/default.nix new file mode 100644 index 000000000..92051a025 --- /dev/null +++ b/krebs/5pkgs/haskell/brockman/default.nix @@ -0,0 +1,26 @@ +{ mkDerivation, aeson, aeson-pretty, base, bytestring +, case-insensitive, conduit, containers, directory, feed, filepath +, hashable, hslogger, html-entity, http-client, irc-conduit, lens +, lrucache, lrucaching, network, optparse-applicative, random, safe +, stdenv, text, time, timerep, wreq +, fetchFromGitHub +}: +mkDerivation rec { + pname = "brockman"; + version = "3.4.0"; + src = fetchFromGitHub { + owner = "kmein"; + repo = "brockman"; + rev = version; + sha256 = "02nval6a9xcddj6znzxvcb8g6klzjydj1lb4ych64i9mr4a8jvic"; + }; + isLibrary = false; + isExecutable = true; + executableHaskellDepends = [ + aeson aeson-pretty base bytestring case-insensitive conduit + containers directory feed filepath hashable hslogger html-entity + http-client irc-conduit lens lrucache lrucaching network + optparse-applicative random safe text time timerep wreq + ]; + license = stdenv.lib.licenses.mit; +} diff --git a/krebs/5pkgs/override/default.nix b/krebs/5pkgs/override/default.nix index 7a7b979c4..926e9dccd 100644 --- a/krebs/5pkgs/override/default.nix +++ b/krebs/5pkgs/override/default.nix @@ -1,6 +1,15 @@ with import ; self: super: { + bitlbee-facebook = super.bitlbee-facebook.overrideAttrs (old: { + src = self.fetchFromGitHub { + owner = "bitlbee"; + repo = "bitlbee-facebook"; + rev = "49ea312d98b0578b9b2c1ff759e2cfa820a41f4d"; + sha256 = "0zg1p9pyfsdbfqac2qmyzcr6zjibwdn2907qgc808gljfx8bfnmk"; + }; + }); + flameshot = super.flameshot.overrideAttrs (old: rec { patches = old.patches or [] ++ [ (self.writeText "flameshot-imgur.patch" /* diff */ '' diff --git a/krebs/5pkgs/simple/home-assistant.nix b/krebs/5pkgs/simple/home-assistant.nix new file mode 100644 index 000000000..58a6edf33 --- /dev/null +++ b/krebs/5pkgs/simple/home-assistant.nix @@ -0,0 +1,8 @@ +{ pkgs, lib, ... }: let + unstable = pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs"; + rev = (lib.importJSON ../../nixpkgs-unstable.json).rev; + sha256 = (lib.importJSON ../../nixpkgs-unstable.json).sha256; + }; +in (import unstable {}).home-assistant diff --git a/krebs/5pkgs/simple/rss-bridge/default.nix b/krebs/5pkgs/simple/rss-bridge/default.nix index 13ad9d69a..bbe5c1bdb 100644 --- a/krebs/5pkgs/simple/rss-bridge/default.nix +++ b/krebs/5pkgs/simple/rss-bridge/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rss-bridge"; - version = "2020-11-10"; + version = "unstable-2021-01-10"; src = fetchFromGitHub { owner = "RSS-Bridge"; repo = "rss-bridge"; - rev = version; - sha256 = "00cp61lqvhi7b7j0rglsqg3l7cg8s9b8vq098bgvg5dygyi44hyv"; + rev = "98352845a14b9f2eb8925ad7a04a5f6cc6a5af06"; + sha256 = "1nv1f6f17cn057k9mydd3a0bmj2xa5k410fdq7nhw5b7msyxy2qv"; }; patchPhase = '' diff --git a/krebs/nixpkgs-unstable.json b/krebs/nixpkgs-unstable.json index 321fafac6..57d30799b 100644 --- a/krebs/nixpkgs-unstable.json +++ b/krebs/nixpkgs-unstable.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "f217c0ea7c148ddc0103347051555c7c252dcafb", - "date": "2021-01-21T09:50:34+01:00", - "path": "/nix/store/8srlzkkvbvlg4g585g9iyzd3ryiilm8a-nixpkgs", - "sha256": "0cyksxg2lnzxd0pss09rmmk2c2axz0lf9wvgvfng59nwf8dpq2kf", + "rev": "8c8731330b53ba0061686f36f10f101e662a4717", + "date": "2021-02-08T20:46:59+01:00", + "path": "/nix/store/agilvsqqdsqx36wf4zkq5gnhnab47qpd-nixpkgs", + "sha256": "0ak4d254myq6cl3d7jkq6n0apxabvwjz62zdw9habnrqg8asl8gk", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index b404cb6c9..8670999e0 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,9 +1,9 @@ { "url": "https://github.com/NixOS/nixpkgs", - "rev": "85abeab48b5feda4b163e5bb32f50aad1164e415", - "date": "2021-01-27T09:52:47+01:00", - "path": "/nix/store/la9l82nbilyhjjl2x294qpf7ki9lzkc3-nixpkgs", - "sha256": "1nslb5p6cf5z691pf52j8bf880sdgav1fcf7bxjk3rad92bniq5g", + "rev": "2394284537b89471c87065b040d3dedd8b5907fe", + "date": "2021-02-10T23:24:22+01:00", + "path": "/nix/store/rqgraycidchn5wc5mki5sqj8bl5cpx78-nixpkgs", + "sha256": "1j7vp735is5d32mbrgavpxi3fbnsm6d99a01ap8gn30n5ysd14sl", "fetchSubmodules": false, "deepClone": false, "leaveDotGit": false diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix index 1afad003c..178a5adf1 100644 --- a/lass/1systems/yellow/config.nix +++ b/lass/1systems/yellow/config.nix @@ -152,10 +152,11 @@ with import ; krebs.iptables = { enable = true; tables.filter.INPUT.rules = [ - { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; } - { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; } - { predicate = "-p udp --dport 51413"; target = "ACCEPT"; } + { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } # nginx web dir + { predicate = "-p tcp --dport 9091"; target = "ACCEPT"; } # transmission-web + { predicate = "-p tcp --dport 51413"; target = "ACCEPT"; } # transmission-traffic + { predicate = "-p udp --dport 51413"; target = "ACCEPT"; } # transmission-traffic + { predicate = "-p tcp --dport 8096"; target = "ACCEPT"; } # jellyfin ]; }; @@ -265,4 +266,9 @@ with import ; ''; }; }; + + services.jellyfin = { + enable = true; + group = "download"; + }; } diff --git a/lass/5pkgs/tdlib-purple/default.nix b/lass/5pkgs/tdlib-purple/default.nix index 445839a4b..54841588e 100644 --- a/lass/5pkgs/tdlib-purple/default.nix +++ b/lass/5pkgs/tdlib-purple/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "tdlib-purple"; - version = "0.7.6"; + version = "0.7.8"; src = fetchFromGitHub { owner = "ars3niy"; repo = pname; rev = "v${version}"; - sha256 = "1inamfzbrz0sy4y431jgwjfg6lz14a7c71khrg02481raxchhzzf"; + sha256 = "17g54mcxsidcx37l6m4p8i06ln1hvq3347dhdl9xkkn7pqpwvv1c"; }; cmakeFlags = [ diff --git a/tv/2configs/hw/AO753.nix b/tv/2configs/hw/AO753.nix index d5b755cef..a91a5e518 100644 --- a/tv/2configs/hw/AO753.nix +++ b/tv/2configs/hw/AO753.nix @@ -21,6 +21,10 @@ with import ; "wl" ]; + # broadcom_sta is marked as broken for 5.9+ + # pkgs.linuxPackages_latest ist 5.9 + boot.kernelPackages = pkgs.linuxPackages_5_8; + boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; diff --git a/tv/2configs/ppp.nix b/tv/2configs/ppp.nix index ff61f943f..c801401b2 100644 --- a/tv/2configs/ppp.nix +++ b/tv/2configs/ppp.nix @@ -8,8 +8,10 @@ in { assertions = [ { - assertion = config.networking.resolvconf.enable; - message = "ppp configuration needs resolvconf"; + assertion = + config.networking.resolvconf.enable || + config.networking.useNetworkd; + message = "ppp configuration needs resolvconf or networkd"; } ]; environment.etc."ppp/ip-up".source = pkgs.writeDash "ppp.ip-up" '' diff --git a/tv/2configs/repo-sync/wiki.nix b/tv/2configs/repo-sync/wiki.nix new file mode 100644 index 000000000..913439906 --- /dev/null +++ b/tv/2configs/repo-sync/wiki.nix @@ -0,0 +1,41 @@ +{ config, pkgs, ... }: let + lib = import ; +in { + krebs.repo-sync.enable = true; + krebs.repo-sync.repos.wiki.branches.hotdog = { + origin.url = "http://cgit.hotdog.r/wiki"; + mirror.url = "git@${config.krebs.build.host.name}.r:wiki"; + }; + krebs.git.repos.wiki = { + public = true; + name = "wiki"; + cgit.desc = toString [ + "mirror of" + config.krebs.repo-sync.repos.wiki.branches.hotdog.origin.url + ]; + cgit.section = "7. mirrors"; + hooks.post-receive = /* sh */ '' + ${pkgs.git-hooks.irc-announce { + channel = "#xxx"; + nick = config.krebs.build.host.name; + server = "irc.r"; + }} + ${pkgs.cgit-clear-cache.override { + inherit (config.krebs.git.cgit.settings) cache-root; + }}/bin/cgit-clear-cache + ''; + }; + krebs.git.rules = lib.singleton { + user = lib.singleton config.krebs.users.repo-sync; + repo = lib.singleton config.krebs.git.repos.wiki; + perm = lib.git.push "refs/*" [ + lib.git.create + lib.git.delete + lib.git.merge + lib.git.non-fast-forward + ]; + }; + krebs.users.${config.krebs.repo-sync.user.name}.pubkey = { + ni = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINK9U0Ob9/O0kxg3trhZY/vDnbqfN+R5cASGiClRr4IM"; + }.${config.krebs.build.host.name}; +} diff --git a/tv/2configs/vim.nix b/tv/2configs/vim.nix index f8d599f7e..c0125ecfa 100644 --- a/tv/2configs/vim.nix +++ b/tv/2configs/vim.nix @@ -72,7 +72,7 @@ let { set mouse=a set noruler set pastetoggle= - set runtimepath=$VIMRUNTIME,${extra-runtimepath} + set runtimepath=${extra-runtimepath},$VIMRUNTIME set shortmess+=I set showcmd set showmatch @@ -133,7 +133,8 @@ let { vnoremap u " fzf - nnoremap q :Files + nnoremap q :Buffers + nnoremap f :Files nnoremap w :Rg " edit alternate buffer diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index fd3d2f32a..cae5da112 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -13,13 +13,17 @@ foldl' mergeAttrs {} // { - # TODO use XDG_RUNTIME_DIR? cr = self.writeDashBin "cr" '' set -efu + if test -n "''${XDG_RUNTIME_DIR-}"; then + cache_dir=$XDG_RUNTIME_DIR/chromium-disk-cache + else + cache_dir=/tmp/chromium-disk-cache_$LOGNAME + fi export LC_TIME=de_DE.utf8 exec ${self.chromium}/bin/chromium \ --ssl-version-min=tls1 \ - --disk-cache-dir=/tmp/chromium-disk-cache_"$LOGNAME" \ + --disk-cache-dir="$cache_dir" \ --disk-cache-size=50000000 \ "$@" ''; diff --git a/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs b/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs index 6b7235530..b2ad01ae7 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs +++ b/tv/5pkgs/haskell/xmonad-tv/src/Paths.hs @@ -29,3 +29,6 @@ urxvtc = findExecutable "urxvtc" xcalib :: FilePath xcalib = findExecutable "xcalib" + +xdpychvt :: FilePath +xdpychvt = findExecutable "xdpychvt" diff --git a/tv/5pkgs/haskell/xmonad-tv/src/main.hs b/tv/5pkgs/haskell/xmonad-tv/src/main.hs index 50b03d81c..e5a4473fe 100644 --- a/tv/5pkgs/haskell/xmonad-tv/src/main.hs +++ b/tv/5pkgs/haskell/xmonad-tv/src/main.hs @@ -190,6 +190,9 @@ myKeys conf = Map.fromList $ , ((_4, xK_Prior), forkFile Paths.xcalib ["-invert", "-alter"] Nothing) , ((0, xK_Print), forkFile Paths.flameshot [] Nothing) + + , ((_C, xF86XK_Forward), forkFile Paths.xdpychvt ["next"] Nothing) + , ((_C, xF86XK_Back), forkFile Paths.xdpychvt ["prev"] Nothing) ] where _4 = mod4Mask diff --git a/tv/5pkgs/override/default.nix b/tv/5pkgs/override/default.nix index d18d66506..cf99e0377 100644 --- a/tv/5pkgs/override/default.nix +++ b/tv/5pkgs/override/default.nix @@ -1,5 +1,12 @@ with import ; self: super: { + fzf = super.fzf.overrideAttrs (old: { + # XXX cannot use `patches` because fzf has a custom patchPhase + patchPhase = '' + patch -Np1 < ${./fzf.complete1.patch} + ${old.patchPhase} + ''; + }); input-fonts = super.input-fonts.overrideAttrs (old: rec { src = self.fetchurl { url = "http://xu.r/~tv/mirrors/input-fonts/Input-Font-2.zip"; diff --git a/tv/5pkgs/override/fzf.complete1.patch b/tv/5pkgs/override/fzf.complete1.patch new file mode 100644 index 000000000..4b2126a2c --- /dev/null +++ b/tv/5pkgs/override/fzf.complete1.patch @@ -0,0 +1,55 @@ +diff --git a/src/core.go b/src/core.go +index a18c3a1..a3d92a4 100644 +--- a/src/core.go ++++ b/src/core.go +@@ -331,6 +331,13 @@ func Run(opts *Options, version string, revision string) { + } + } + terminal.UpdateList(val, clearSelection()) ++ if (opts.Complete1) { ++ count := val.Length() ++ if count == 1 { ++ opts.Printer(val.Get(0).item.AsString(opts.Ansi)) ++ terminal.reqBox.Set(reqClose, nil) ++ } ++ } + } + } + } +diff --git a/src/options.go b/src/options.go +index a55dc34..7f121cd 100644 +--- a/src/options.go ++++ b/src/options.go +@@ -92,6 +92,7 @@ const usage = `usage: fzf [options] + -1, --select-1 Automatically select the only match + -0, --exit-0 Exit immediately when there's no match + -f, --filter=STR Filter mode. Do not start interactive finder. ++ --complete-1 Exit interactive finder when there's exactly one match + --print-query Print query as the first line + --expect=KEYS Comma-separated list of keys to complete fzf + --read0 Read input delimited by ASCII NUL characters +@@ -208,6 +209,7 @@ type Options struct { + Query string + Select1 bool + Exit0 bool ++ Complete1 bool + Filter *string + ToggleSort bool + Expect map[tui.Event]string +@@ -269,6 +271,7 @@ func defaultOptions() *Options { + Query: "", + Select1: false, + Exit0: false, ++ Complete1: false, + Filter: nil, + ToggleSort: false, + Expect: make(map[tui.Event]string), +@@ -1311,6 +1314,8 @@ func parseOptions(opts *Options, allArgs []string) { + opts.Exit0 = true + case "+0", "--no-exit-0": + opts.Exit0 = false ++ case "--complete-1": ++ opts.Complete1 = true + case "--read0": + opts.ReadZero = true + case "--no-read0": diff --git a/tv/5pkgs/override/rxvt_unicode.nix b/tv/5pkgs/override/rxvt_unicode.nix index 4d9c3abc3..53aaf0658 100644 --- a/tv/5pkgs/override/rxvt_unicode.nix +++ b/tv/5pkgs/override/rxvt_unicode.nix @@ -3,15 +3,15 @@ rxvt_unicode.overrideAttrs (old: { patches = old.patches ++ [ (fetchurl { name = "rxvt-unicode.cancel-running-selection-request.patch"; - url = https://cgit.krebsco.de/rxvt-unicode/patch/?id=15f3f94; - sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymlkz2p"; + url = "https://cgit.krebsco.de/rxvt-unicode/rawdiff/?id=15f3f94&id2=15f3f94^"; + sha256 = "1c7jq8phl85d2f581b4mc6fkmr2nv9n44qjjs4idi51sd2hs7sxw"; }) # Fix segfault when calling editor-input from XMonad. (fetchurl { name = "rxvt-unicode.no-perl_destruct.patch"; - url = "https://cgit.krebsco.de/rxvt-unicode/patch/?id=d63f96a"; - sha256 = "0i8nqrqgprv7cygflkrdp5zx75dv9bv84vrr2yc3vnfpqxamc43n"; + url = "https://cgit.krebsco.de/rxvt-unicode/rawdiff/?id=d63f96a&id2=d63f96a^"; + sha256 = "0fq9w4fq8mw05jk9bblzlh1x51m2cmk62xbc4c1mbiqagjmsi9f8"; }) ]; }) diff --git a/tv/5pkgs/simple/xdpytools/default.nix b/tv/5pkgs/simple/xdpytools/default.nix new file mode 100644 index 000000000..7d1ee071e --- /dev/null +++ b/tv/5pkgs/simple/xdpytools/default.nix @@ -0,0 +1,31 @@ +{ lib, pkgs }: + +let + install = name: { path }: /* sh */ '' + ( + mkdir -p $out/bin + touch $out/bin/${name} + chmod +x $out/bin/${name} + exec >$out/bin/${name} + + echo '#! ${pkgs.dash}/bin/dash' + echo export PATH=${lib.makeBinPath path} + sed 1d ${./src + "/${name}"} + ) + ''; +in + +pkgs.runCommand "xdpytools" {} + (toString + (lib.mapAttrsToList install { + xdpychvt.path = [ + "$out" + "/run/wrappers/'$LOGNAME'" + "/run/wrappers" + ]; + xdpysel.path = [ + "$out" + pkgs.findutils + pkgs.jq + ]; + })) diff --git a/tv/5pkgs/simple/xdpytools/src/xdpychvt b/tv/5pkgs/simple/xdpytools/src/xdpychvt new file mode 100755 index 000000000..84c1907b9 --- /dev/null +++ b/tv/5pkgs/simple/xdpytools/src/xdpychvt @@ -0,0 +1,11 @@ +#! /bin/sh +# usage: xdpychvt {prev,next} +# Changes to the VT based on the selected X display. +# +# This allows switching between X servers when display names and VT numbers +# correlate. A more sophisticated tool would try to determine the correct VT +# by e.g. looking at /proc, but this might not possible when e.g. using +# security.hideProcessInformation. +# + +chvt "$(xdpysel "$1")" diff --git a/tv/5pkgs/simple/xdpytools/src/xdpysel b/tv/5pkgs/simple/xdpytools/src/xdpysel new file mode 100755 index 000000000..e08015576 --- /dev/null +++ b/tv/5pkgs/simple/xdpytools/src/xdpysel @@ -0,0 +1,49 @@ +#! /bin/sh +# usage: xdpysel {prev,next} +# Print the number of the selected X display. + +find /tmp/.X11-unix -mindepth 1 -maxdepth 1 | +jq -Rrs --arg command "$1" ' + ( + split("\n") | + map( + select(.!="") | + match("^.*/X([0-9]+)$").captures[0].string | + tonumber + ) + ) + as $all_displays | + + ( + env.DISPLAY | + match("^:([0-9]+)(?:[.][0-9]+)?$").captures[0].string | + tonumber + ) + as $current_display | + + ($all_displays | length) as $all_displays_count | + + ($all_displays|index($current_display)) + as $current_index | + + (($current_index + 1) % $all_displays_count) + as $next_index | + + (($all_displays_count + $current_index - 1) % $all_displays_count) + as $prev_index | + + $all_displays[$prev_index] as $prev_display | + $all_displays[$next_index] as $next_display | + + { + prev: $prev_display, + next: $next_display, + }[$command] + as $result | + + if $result | type == "number" then + $result + else + "xdpysel: bad argument: \($command)\n" | halt_error(-1) + end +'