Merge branch '18.09'

This commit is contained in:
lassulus 2018-10-09 11:30:02 +02:00
commit 5ac5ee66bd
51 changed files with 396 additions and 1359 deletions

3
.gitmodules vendored
View File

@ -1,3 +1,6 @@
[submodule "submodules/nix-writers"] [submodule "submodules/nix-writers"]
path = submodules/nix-writers path = submodules/nix-writers
url = http://cgit.krebsco.de/nix-writers url = http://cgit.krebsco.de/nix-writers
[submodule "submodules/krops"]
path = submodules/krops
url = https://cgit.krebsco.de/krops

View File

@ -119,6 +119,8 @@
# Don't install feh into systemPackages # Don't install feh into systemPackages
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers> # refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
desktopManager.session = lib.mkForce []; desktopManager.session = lib.mkForce [];
displayManager.lightdm.enable = lib.mkForce false;
displayManager.job.execCmd = lib.mkForce "derp";
enable = true; enable = true;
display = lib.mkForce 11; display = lib.mkForce 11;
@ -147,6 +149,7 @@
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey config.krebs.users.lass.pubkey
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
]; ];
}; };

View File

@ -67,7 +67,6 @@ let
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [ emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
epkgs.melpaPackages.evil epkgs.melpaPackages.evil
epkgs.melpaStablePackages.magit epkgs.melpaStablePackages.magit
epkgs.melpaPackages.mmm-mode
epkgs.melpaPackages.nix-mode epkgs.melpaPackages.nix-mode
epkgs.melpaPackages.go-mode epkgs.melpaPackages.go-mode
epkgs.melpaPackages.google-this epkgs.melpaPackages.google-this

View File

@ -111,7 +111,6 @@ let
{ krebs = import ./krebs { inherit config; }; } { krebs = import ./krebs { inherit config; }; }
{ krebs = import ./lass { inherit config; }; } { krebs = import ./lass { inherit config; }; }
{ krebs = import ./makefu { inherit config; }; } { krebs = import ./makefu { inherit config; }; }
{ krebs = import ./nin { inherit config; }; }
{ krebs = import ./tv { inherit config; }; } { krebs = import ./tv { inherit config; }; }
{ {
krebs.dns.providers = { krebs.dns.providers = {

View File

@ -1,111 +0,0 @@
{ config, ... }:
with import <stockholm/lib>;
{
hosts = mapAttrs (_: recursiveUpdate {
owner = config.krebs.users.nin;
ci = true;
}) {
hiawatha = {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.132.96";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342";
aliases = [
"hiawatha.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o
Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB
iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E
UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr
lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ
yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
};
axon= {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.134.66";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
aliases = [
"axon.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
};
onondaga = {
cores = 1;
nets = {
retiolum = {
ip4.addr = "10.243.132.55";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357";
aliases = [
"onondaga.r"
"cgit.onondaga.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR
OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu
htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH
xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO
kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn
hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO";
};
};
users = {
nin = {
mail = "nin@axon.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
};
nin_h = {
mail = "nin@hiawatha.r";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
};
};
}

View File

@ -1,11 +1,24 @@
{ mkDerivation, base, fetchgit, stdenv }: with import <stockholm/lib>;
mkDerivation rec { { mkDerivation, base, fetchgit, stdenv }: let
pname = "blessings";
cfg = {
"18.03" = {
version = "1.1.0";
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
};
"18.09" = {
version = "1.2.0"; version = "1.2.0";
sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300";
};
}.${versions.majorMinor nixpkgsVersion};
in mkDerivation {
pname = "blessings";
version = cfg.version;
src = fetchgit { src = fetchgit {
url = http://cgit.ni.krebsco.de/blessings; url = http://cgit.ni.krebsco.de/blessings;
rev = "refs/tags/v${version}"; rev = "refs/tags/v${cfg.version}";
sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300"; sha256 = cfg.sha256;
}; };
libraryHaskellDepends = [ base ]; libraryHaskellDepends = [ base ];
doHaddock = false; doHaddock = false;

View File

@ -1,15 +1,30 @@
with import <stockholm/lib>;
{ mkDerivation, attoparsec, base, base64-bytestring, bytestring { mkDerivation, attoparsec, base, base64-bytestring, bytestring
, case-insensitive, containers, exceptions, fetchgit, QuickCheck , case-insensitive, containers, exceptions, fetchgit, QuickCheck
, stdenv, tasty, tasty-quickcheck, text, text-icu, time , stdenv, tasty, tasty-quickcheck, text, text-icu, time
}: }: let
mkDerivation {
pname = "email-header"; cfg = {
"18.03" = {
version = "0.3.0"; version = "0.3.0";
src = fetchgit {
url = "https://github.com/4z3/email-header";
rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8"; rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59"; sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59";
}; };
"18.09" = {
version = "0.4.1-tv1";
rev = "refs/tags/v${cfg.version}";
sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
};
}.${versions.majorMinor nixpkgsVersion};
in mkDerivation {
pname = "email-header";
version = cfg.version;
src = fetchgit {
url = "https://github.com/4z3/email-header";
rev = cfg.rev;
sha256 = cfg.sha256;
};
buildDepends = [ buildDepends = [
attoparsec base base64-bytestring bytestring case-insensitive attoparsec base base64-bytestring bytestring case-insensitive
containers exceptions text text-icu time containers exceptions text text-icu time

View File

@ -1,17 +0,0 @@
# Same as upstream but with doCheck = false because doctest has wrong version.
{ mkDerivation, base, bytestring, containers, directory
, filepath, unordered-containers, zlib, stdenv
}:
mkDerivation {
pname = "hyphenation";
version = "0.6";
sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7";
libraryHaskellDepends = [
base bytestring containers unordered-containers zlib
];
homepage = "http://github.com/ekmett/hyphenation";
description = "Configurable Knuth-Liang hyphenation";
license = stdenv.lib.licenses.bsd3;
hydraPlatforms = stdenv.lib.platforms.none;
doCheck = false;
}

View File

@ -17,7 +17,7 @@ python2Packages.buildPythonApplication rec {
propagatedBuildInputs = [ propagatedBuildInputs = [
python2Packages.jinja2 python2Packages.jinja2
python2Packages.twisted python2Packages.twisted
python2Packages.dateutil_1_5 python2Packages.dateutil
python2Packages.sqlalchemy_migrate python2Packages.sqlalchemy_migrate
python2Packages.pysqlite python2Packages.pysqlite
pkgs.coreutils pkgs.coreutils

View File

@ -3,7 +3,6 @@
with python3Packages; buildPythonPackage rec { with python3Packages; buildPythonPackage rec {
name = "repo-sync-${version}"; name = "repo-sync-${version}";
version = "0.2.7"; version = "0.2.7";
disabled = isPy26 || isPy27;
propagatedBuildInputs = [ propagatedBuildInputs = [
docopt docopt
GitPython GitPython

View File

@ -1,9 +1,6 @@
{ name }: rec { { name }: rec {
krops = builtins.fetchGit { krops = ../submodules/krops;
url = https://cgit.krebsco.de/krops/;
rev = "c46166d407c7d246112f13346621a3fbdb25889e";
};
lib = import "${krops}/lib"; lib = import "${krops}/lib";

View File

@ -1,7 +1,7 @@
{ {
"url": "https://github.com/NixOS/nixpkgs-channels", "url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "6a3f5bcb061e1822f50e299f5616a0731636e4e7", "rev": "21293d2576ac6c041b8c26cd05664e54038dfcf2",
"date": "2018-10-05T18:33:19-04:00", "date": "2018-10-08T17:04:13+02:00",
"sha256": "1ib96has10v5nr6bzf7v8kw7yzww8zanxgw2qi1ll1sbv6kj6zpd", "sha256": "0qx9kg11dp3v7mmbf23qrg9q4qnwd0v6ccq952armb11ykj7jzif",
"fetchSubmodules": true "fetchSubmodules": false
} }

View File

@ -3,7 +3,7 @@ dir=$(dirname $0)
oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \
--url https://github.com/NixOS/nixpkgs-channels \ --url https://github.com/NixOS/nixpkgs-channels \
--rev refs/heads/nixos-18.03' \ --rev refs/heads/nixos-18.09' \
> $dir/nixpkgs.json > $dir/nixpkgs.json
newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/')
git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev"

View File

@ -57,13 +57,6 @@ with import <stockholm/lib>;
config.krebs.users.makefu.pubkey config.krebs.users.makefu.pubkey
]; ];
}; };
users.users.nin = {
uid = genid "nin";
isNormalUser = true;
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
];
};
users.extraUsers.dritter = { users.extraUsers.dritter = {
uid = genid "dritter"; uid = genid "dritter";
isNormalUser = true; isNormalUser = true;
@ -119,7 +112,6 @@ with import <stockholm/lib>;
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey config.krebs.users.lass.pubkey
config.krebs.users.nin.pubkey
]; ];
}; };
autoStart = true; autoStart = true;

View File

@ -63,24 +63,6 @@ with import <stockholm/lib>;
-e "@kind $1" -e "@kind $1"
''; '';
}) })
(buildSimpleReaktorPlugin "random-unicorn-porn" {
pattern = "^!rup$$";
script = pkgs.writePython2 "rup" {} ''
t1 = """
_.
;=',_ ()
8===D~~ S" .--`||
sS \__ ||
__.' ( \-->||
_=/ _./-\/ ||
8===D~~ ((\( /-' -'l ||
) |/ \\ (_))
\\ \\
'~ '~
"""
print(t1)
'';
})
(buildSimpleReaktorPlugin "ping" { (buildSimpleReaktorPlugin "ping" {
pattern = "^!ping (?P<args>.*)$$"; pattern = "^!ping (?P<args>.*)$$";
script = pkgs.writeDash "ping" '' script = pkgs.writeDash "ping" ''

View File

@ -5,7 +5,6 @@ let
out = { out = {
environment.systemPackages = [ environment.systemPackages = [
(hiPrio vim) (hiPrio vim)
pkgs.python35Packages.flake8
(pkgs.writeDashBin "govet" '' (pkgs.writeDashBin "govet" ''
go vet "$@" go vet "$@"
'') '')

View File

@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS)
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace) import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
import XMonad.Actions.DynamicWorkspaces (withWorkspace) import XMonad.Actions.DynamicWorkspaces (withWorkspace)
import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch) import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized)
import XMonad.Hooks.EwmhDesktops (ewmh) import XMonad.Hooks.EwmhDesktops (ewmh)
import XMonad.Hooks.FloatNext (floatNext) import XMonad.Hooks.FloatNext (floatNext)
import XMonad.Hooks.FloatNext (floatNextHook) import XMonad.Hooks.FloatNext (floatNextHook)
@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart)
import XMonad.Hooks.UrgencyHook (focusUrgent) import XMonad.Hooks.UrgencyHook (focusUrgent)
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..)) import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
import XMonad.Layout.FixedColumn (FixedColumn(..)) import XMonad.Layout.FixedColumn (FixedColumn(..))
import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin)) import XMonad.Layout.Minimize (minimize)
import XMonad.Layout.NoBorders (smartBorders) import XMonad.Layout.NoBorders (smartBorders)
import XMonad.Layout.SimplestFloat (simplestFloat) import XMonad.Layout.SimplestFloat (simplestFloat)
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig) import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
@ -135,7 +136,7 @@ myKeyMap =
, ("M4-C-v", withWorkspace autoXPConfig (windows . copy)) , ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
, ("M4-m", withFocused minimizeWindow) , ("M4-m", withFocused minimizeWindow)
, ("M4-S-m", sendMessage RestoreNextMinimizedWin) , ("M4-S-m", withLastMinimized maximizeWindow)
, ("M4-q", windowPromptGoto infixAutoXPConfig) , ("M4-q", windowPromptGoto infixAutoXPConfig)
, ("M4-C-q", windowPromptBringCopy infixAutoXPConfig) , ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)

View File

@ -0,0 +1,52 @@
{ stdenv, lib, fetchFromGitHub, mbedtls, python2 }:
let
mymbedtls = lib.overrideDerivation mbedtls (old: rec {
name = "mbedtls-${version}";
version = "2.13.0";
src = fetchFromGitHub {
owner = "ARMmbed";
repo = "mbedtls";
rev = name;
sha256 = "1257kp7yxkwwbx5v14kmrmgk1f9zagiddg5alm4wbj0pmgbrm14j";
};
buildInputs = old.buildInputs ++ [ python2 ];
postConfigure = ''
perl scripts/config.pl set MBEDTLS_CMAC_C
'';
doCheck = false;
});
in stdenv.mkDerivation rec {
name = "4nxci-${version}";
version = "1.30";
src = fetchFromGitHub {
owner = "The-4n";
repo = "4NXCI";
rev = "v${version}";
sha256 = "0nrd19z88iahxcdx468lzgxlvkl65smwx8f9s19431cszyhvpxyh";
};
buildPhase = ''
cp config.mk.template config.mk
sed -i 's#\(INCLUDE =\).*#\1${mymbedtls}/include#' Makefile
sed -i 's#\(LIBDIR =\).*#\1${mymbedtls}/lib#' Makefile
make 4nxci
'';
installPhase = ''
install -m755 -D 4nxci $out/bin/4nxci
'';
#preInstall = ''
# mkdir -p $out/bin
#'';
buildInputs = [ mymbedtls ];
meta = {
description = "convert xci to nsp";
license = lib.licenses.isc;
};
}

View File

@ -1,8 +1,5 @@
{ config ? config, name, target ? name }: let { config ? config, name, target ? name }: let
krops = builtins.fetchGit { krops = ../submodules/krops;
url = https://cgit.krebsco.de/krops/;
rev = "4e466eaf05861b47365c5ef46a31a188b70f3615";
};
nixpkgs-src = lib.importJSON ./nixpkgs.json; nixpkgs-src = lib.importJSON ./nixpkgs.json;
lib = import "${krops}/lib"; lib = import "${krops}/lib";

View File

@ -1 +0,0 @@
{}

View File

@ -1,132 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
<stockholm/nin>
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
#../2configs/copyq.nix
<stockholm/nin/2configs/ableton.nix>
<stockholm/nin/2configs/games.nix>
<stockholm/nin/2configs/git.nix>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/termite.nix>
];
krebs.build.host = config.krebs.hosts.axon;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/pool/root";
fsType = "ext4";
};
fileSystems."/tmp" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/boot" =
{ device = "/dev/sda1";
fsType = "ext2";
};
boot.initrd.luks.devices.crypted.device = "/dev/sda2";
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 4;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda";
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Enable CUPS to print documents.
# services.printing.enable = true;
# nin config
time.timeZone = "Europe/Berlin";
services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
};
networking.networkmanager.enable = true;
#networking.wireless.enable = true;
hardware.pulseaudio = {
enable = true;
systemWide = true;
};
hardware.bluetooth.enable = true;
hardware.opengl.driSupport32Bit = true;
#nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
atom
chromium
firefox
git
htop
keepassx
lmms
networkmanagerapplet
openvpn
python
ruby
steam
taskwarrior
thunderbird
vim
virtmanager
];
nixpkgs.config = {
allowUnfree = true;
};
#services.logind.extraConfig = "HandleLidSwitch=ignore";
services.xserver.synaptics = {
enable = true;
};
services.xserver.displayManager.sessionCommands = ''
${pkgs.xorg.xhost}/bin/xhost + local:
'';
services.xserver.desktopManager.xfce = let
xbindConfig = pkgs.writeText "xbindkeysrc" ''
"${pkgs.pass}/bin/passmenu --type"
Control + p
'';
in {
enable = true;
extraSessionCommands = ''
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
'';
};
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.03";
}

View File

@ -1,126 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
<stockholm/nin>
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
#../2configs/copyq.nix
<stockholm/nin/2configs/games.nix>
<stockholm/nin/2configs/git.nix>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/termite.nix>
];
krebs.build.host = config.krebs.hosts.hiawatha;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e";
fsType = "ext4";
};
fileSystems."/tmp" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/home" =
{ device = "/dev/fam/home";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010";
fsType = "ext2";
};
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 4;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda";
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Enable CUPS to print documents.
# services.printing.enable = true;
fileSystems."/home/nin/.local/share/Steam" = {
device = "/dev/fam/steam";
};
# nin config
time.timeZone = "Europe/Berlin";
services.xserver.enable = true;
networking.networkmanager.enable = true;
#networking.wireless.enable = true;
hardware.pulseaudio = {
enable = true;
systemWide = true;
};
hardware.bluetooth.enable = true;
hardware.opengl.driSupport32Bit = true;
#nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
firefox
git
lmms
networkmanagerapplet
python
steam
thunderbird
vim
virtmanager
];
nixpkgs.config = {
allowUnfree = true;
};
#services.logind.extraConfig = "HandleLidSwitch=ignore";
services.xserver.synaptics = {
enable = true;
};
services.xserver.desktopManager.xfce = let
xbindConfig = pkgs.writeText "xbindkeysrc" ''
"${pkgs.pass}/bin/passmenu --type"
Control + p
'';
in {
enable = true;
extraSessionCommands = ''
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
'';
};
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.03";
}

View File

@ -1,23 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{
imports = [
<stockholm/nin>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/weechat.nix>
<stockholm/nin/2configs/git.nix>
];
krebs.build.host = config.krebs.hosts.onondaga;
boot.isContainer = true;
networking.useDHCP = false;
time.timeZone = "Europe/Amsterdam";
services.openssh.enable = true;
}

View File

@ -1,20 +0,0 @@
{ config, pkgs, ... }: let
mainUser = config.users.extraUsers.nin;
in {
users.users= {
ableton = {
isNormalUser = true;
extraGroups = [
"audio"
"video"
];
packages = [
pkgs.wine
pkgs.winetricks
];
};
};
security.sudo.extraConfig = ''
${mainUser.name} ALL=(ableton) NOPASSWD: ALL
'';
}

View File

@ -1,38 +0,0 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
let
copyqConfig = pkgs.writeDash "copyq-config" ''
${pkgs.copyq}/bin/copyq config check_clipboard true
${pkgs.copyq}/bin/copyq config check_selection true
${pkgs.copyq}/bin/copyq config copy_clipboard true
${pkgs.copyq}/bin/copyq config copy_selection true
${pkgs.copyq}/bin/copyq config activate_closes true
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
${pkgs.copyq}/bin/copyq config clipboard_tab clipboard
${pkgs.copyq}/bin/copyq config disable_tray true
${pkgs.copyq}/bin/copyq config hide_tabs true
${pkgs.copyq}/bin/copyq config hide_toolbar true
${pkgs.copyq}/bin/copyq config item_popup_interval true
${pkgs.copyq}/bin/copyq config maxitems 1000
${pkgs.copyq}/bin/copyq config move true
${pkgs.copyq}/bin/copyq config text_wrap true
'';
in {
systemd.user.services.copyq = {
after = [ "graphical.target" ];
wants = [ "graphical.target" ];
wantedBy = [ "default.target" ];
environment = {
DISPLAY = ":0";
};
serviceConfig = {
SyslogIdentifier = "copyq";
ExecStart = "${pkgs.copyq}/bin/copyq";
ExecStartPost = copyqConfig;
Restart = "always";
RestartSec = "2s";
StartLimitBurst = 0;
};
};
}

View File

@ -1,173 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
imports = [
../2configs/vim.nix
<stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/binary-cache/prism.nix>
{
users.extraUsers =
mapAttrs (_: h: { hashedPassword = h; })
(import <secrets/hashedPasswords.nix>);
}
{
users.users = {
root = {
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
config.krebs.users.nin_h.pubkey
];
};
nin = {
name = "nin";
uid = 1337;
home = "/home/nin";
group = "users";
createHome = true;
useDefaultShell = true;
extraGroups = [
"audio"
"fuse"
];
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
config.krebs.users.nin_h.pubkey
];
};
};
}
{
environment.variables = {
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
};
}
(let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
environment.variables = {
CURL_CA_BUNDLE = ca-bundle;
GIT_SSL_CAINFO = ca-bundle;
SSL_CERT_FILE = ca-bundle;
};
})
];
networking.hostName = config.krebs.build.host.name;
nix.maxJobs = config.krebs.build.host.cores;
krebs = {
enable = true;
search-domain = "r";
build = {
user = config.krebs.users.nin;
};
};
nix.useSandbox = true;
users.mutableUsers = false;
services.timesyncd.enable = true;
#why is this on in the first place?
services.nscd.enable = false;
boot.tmpOnTmpfs = true;
# see tmpfiles.d(5)
systemd.tmpfiles.rules = [
"d /tmp 1777 root root - -"
];
# multiple-definition-problem when defining environment.variables.EDITOR
environment.extraInit = ''
EDITOR=vim
'';
nixpkgs.config.allowUnfree = true;
environment.shellAliases = {
gs = "git status";
};
environment.systemPackages = with pkgs; [
#stockholm
git
gnumake
jq
proot
pavucontrol
populate
p7zip
termite
unzip
unrar
hashPassword
];
programs.bash = {
enableCompletion = true;
interactiveShellInit = ''
HISTCONTROL='erasedups:ignorespace'
HISTSIZE=65536
HISTFILESIZE=$HISTSIZE
shopt -s checkhash
shopt -s histappend histreedit histverify
shopt -s no_empty_cmd_completion
complete -d cd
'';
promptInit = ''
if test $UID = 0; then
PS1='\[\033[1;31m\]$PWD\[\033[0m\] '
elif test $UID = 1337; then
PS1='\[\033[1;32m\]$PWD\[\033[0m\] '
else
PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] '
fi
if test -n "$SSH_CLIENT"; then
PS1='\[\033[35m\]\h'" $PS1"
fi
'';
};
services.openssh = {
enable = true;
hostKeys = [
# XXX bits here make no science
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
];
};
services.journald.extraConfig = ''
SystemMaxUse=1G
RuntimeMaxUse=128M
'';
krebs.iptables = {
enable = true;
tables = {
nat.PREROUTING.rules = [
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
];
nat.OUTPUT.rules = [
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
];
filter.INPUT.policy = "DROP";
filter.FORWARD.policy = "DROP";
filter.INPUT.rules = [
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
{ predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
{ predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
];
};
};
networking.dhcpcd.extraConfig = ''
noipv4ll
'';
}

View File

@ -1,70 +0,0 @@
{ config, pkgs, ... }:
let
mainUser = config.users.extraUsers.mainUser;
vdoom = pkgs.writeDash "vdoom" ''
${pkgs.zandronum}/bin/zandronum \
-fov 120 \
"$@"
'';
doom = pkgs.writeDash "doom" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${vdoom} \
-file $DOOM_DIR/lib/brutalv20.pk3 \
"$@"
'';
doom1 = pkgs.writeDashBin "doom1" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
'';
doom2 = pkgs.writeDashBin "doom2" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
'';
vdoom1 = pkgs.writeDashBin "vdoom1" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
'';
vdoom2 = pkgs.writeDashBin "vdoom2" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
'';
doomservercfg = pkgs.writeText "doomserver.cfg" ''
skill 7
#survival true
#sv_maxlives 4
#sv_norespawn true
#sv_weapondrop true
no_jump true
#sv_noweaponspawn true
sv_sharekeys true
sv_survivalcountdowntime 1
sv_noteamselect true
sv_updatemaster false
#sv_coop_loseinventory true
#cl_startasspectator false
#lms_spectatorview false
'';
vdoomserver = pkgs.writeDashBin "vdoomserver" ''
DOOM_DIR=''${DOOM_DIR:-~/doom/}
${pkgs.zandronum}/bin/zandronum-server \
+exec ${doomservercfg} \
"$@"
'';
in {
environment.systemPackages = with pkgs; [
dwarf_fortress
doom1
doom2
vdoom1
vdoom2
vdoomserver
];
hardware.pulseaudio.support32Bit = true;
}

View File

@ -1,60 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
services.nginx.enable = true;
krebs.git = {
enable = true;
cgit = {
settings = {
root-title = "public repositories at ${config.krebs.build.host.name}";
root-desc = "keep calm and engage";
};
};
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
rules = rules;
};
krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
];
};
repos = public-repos;
rules = concatMap make-rules (attrValues repos);
public-repos = mapAttrs make-public-repo {
stockholm = {
cgit.desc = "take all the computers hostage, they'll love you!";
};
};
make-public-repo = name: { cgit ? {}, ... }: {
inherit cgit name;
public = true;
};
make-rules =
with git // config.krebs.users;
repo:
singleton {
user = [ nin nin_h ];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++
optional repo.public {
user = attrValues config.krebs.users;
repo = [ repo ];
perm = fetch;
} ++
optional (length (repo.collaborators or []) > 0) {
user = repo.collaborators;
repo = [ repo ];
perm = fetch;
};
in out

View File

@ -1,19 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
{
environment.systemPackages = with pkgs; [
(pkgs.writeDashBin "im" ''
export PATH=${makeSearchPath "bin" (with pkgs; [
tmux
gnugrep
weechat
])}
ssh chat@onondaga
if tmux list-sessions -F\#S | grep -q '^im''$'; then
exec tmux attach -t im
else
exec tmux new -s im weechat
fi
'')
];
}

View File

@ -1,28 +0,0 @@
{ ... }:
{
krebs.iptables = {
tables = {
filter.INPUT.rules = [
{ predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
{ predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
{ predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
];
};
};
krebs.tinc.retiolum = {
enable = true;
connectTo = [
"prism"
"pigstarter"
"gum"
"flap"
];
};
nixpkgs.config.packageOverrides = pkgs: {
tinc = pkgs.tinc_pre;
};
}

View File

@ -1,27 +0,0 @@
{ config, lib, pkgs, ... }:
let
mainUser = config.users.extraUsers.nin;
inherit (import <stockholm/lib>) genid;
in {
users.extraUsers = {
skype = {
name = "skype";
uid = genid "skype";
description = "user for running skype";
home = "/home/skype";
useDefaultShell = true;
extraGroups = [ "audio" "video" ];
createHome = true;
};
};
krebs.per-user.skype.packages = [
pkgs.skype
];
security.sudo.extraConfig = ''
${mainUser.name} ALL=(skype) NOPASSWD: ALL
'';
}

View File

@ -1,22 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = [
pkgs.termite
];
krebs.per-user.nin.packages = let
termitecfg = pkgs.writeTextFile {
name = "termite-config";
destination = "/etc/xdg/termite/config";
text = ''
[colors]
foreground = #d0d7d0
background = #000000
'';
};
in [
termitecfg
];
}

View File

@ -1,355 +0,0 @@
{ config, lib, pkgs, ... }:
with import <stockholm/lib>;
let
out = {
environment.systemPackages = [
vim
pkgs.pythonPackages.flake8
];
environment.etc.vimrc.source = vimrc;
environment.variables.EDITOR = mkForce "vim";
environment.variables.VIMINIT = ":so /etc/vimrc";
};
vimrc = pkgs.writeText "vimrc" ''
set nocompatible
set autoindent
set backspace=indent,eol,start
set backup
set backupdir=${dirs.backupdir}/
set directory=${dirs.swapdir}//
set hlsearch
set incsearch
set laststatus=2
set mouse=a
set noruler
set pastetoggle=<INS>
set runtimepath=${extra-runtimepath},$VIMRUNTIME
set shortmess+=I
set showcmd
set showmatch
set ttimeoutlen=0
set undodir=${dirs.undodir}
set undofile
set undolevels=1000000
set undoreload=1000000
set viminfo='20,<1000,s100,h,n${files.viminfo}
set visualbell
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
set wildmenu
set wildmode=longest,full
set et ts=2 sts=2 sw=2
filetype plugin indent on
set t_Co=256
colorscheme hack
syntax on
au Syntax * syn match Garbage containedin=ALL /\s\+$/
\ | syn match TabStop containedin=ALL /\t\+/
\ | syn keyword Todo containedin=ALL TODO
au BufRead,BufNewFile *.hs so ${hs.vim}
au BufRead,BufNewFile *.nix so ${nix.vim}
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
"Syntastic config
let g:syntastic_python_checkers=['flake8']
nmap <esc>q :buffer
nmap <M-q> :buffer
cnoremap <C-A> <Home>
noremap <C-c> :q<cr>
vnoremap < <gv
vnoremap > >gv
nnoremap <esc>[5^ :tabp<cr>
nnoremap <esc>[6^ :tabn<cr>
nnoremap <esc>[5@ :tabm -1<cr>
nnoremap <esc>[6@ :tabm +1<cr>
nnoremap <f1> :tabp<cr>
nnoremap <f2> :tabn<cr>
inoremap <f1> <esc>:tabp<cr>
inoremap <f2> <esc>:tabn<cr>
" <C-{Up,Down,Right,Left>
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
" <[C]S-{Up,Down,Right,Left>
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
vnoremap u <nop>
'';
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
pkgs.vimPlugins.Syntastic
pkgs.vimPlugins.undotree
pkgs.vimPlugins.airline
(pkgs.vimUtils.buildVimPlugin {
name = "file-line-1.0";
src = pkgs.fetchgit {
url = git://github.com/bogado/file-line;
rev = "refs/tags/1.0";
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
};
})
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "hack";
in {
name = "vim-color-${name}-1.0.2";
destination = "/colors/${name}.vim";
text = /* vim */ ''
set background=dark
hi clear
if exists("syntax_on")
syntax clear
endif
let colors_name = ${toJSON name}
hi Normal ctermbg=235
hi Comment ctermfg=242
hi Constant ctermfg=062
hi Identifier ctermfg=068
hi Function ctermfg=041
hi Statement ctermfg=167
hi PreProc ctermfg=167
hi Type ctermfg=041
hi Delimiter ctermfg=251
hi Special ctermfg=062
hi Garbage ctermbg=088
hi TabStop ctermbg=016
hi Todo ctermfg=174 ctermbg=NONE
hi NixCode ctermfg=148
hi NixData ctermfg=149
hi NixQuote ctermfg=150
hi diffNewFile ctermfg=207
hi diffFile ctermfg=207
hi diffLine ctermfg=207
hi diffSubname ctermfg=207
hi diffAdded ctermfg=010
hi diffRemoved ctermfg=009
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "vim";
in {
name = "vim-syntax-${name}-1.0.0";
destination = "/syntax/${name}.vim";
text = /* vim */ ''
${concatMapStringsSep "\n" (s: /* vim */ ''
syn keyword vimColor${s} ${s}
\ containedin=ALLBUT,vimComment,vimLineComment
hi vimColor${s} ctermfg=${s}
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
'';
})))
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
name = "showsyntax";
in {
name = "vim-plugin-${name}-1.0.0";
destination = "/plugin/${name}.vim";
text = /* vim */ ''
if exists('g:loaded_showsyntax')
finish
endif
let g:loaded_showsyntax = 0
fu! ShowSyntax()
let id = synID(line("."), col("."), 1)
let name = synIDattr(id, "name")
let transName = synIDattr(synIDtrans(id),"name")
if name != transName
let name .= " (" . transName . ")"
endif
echo "Syntax: " . name
endfu
command! -n=0 -bar ShowSyntax :call ShowSyntax()
'';
})))
];
dirs = {
backupdir = "$HOME/.cache/vim/backup";
swapdir = "$HOME/.cache/vim/swap";
undodir = "$HOME/.cache/vim/undo";
};
files = {
viminfo = "$HOME/.cache/vim/info";
};
mkdirs = let
dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
in assert out != ""; out;
alldirs = attrValues dirs ++ map dirOf (attrValues files);
in unique (sort lessThan alldirs);
vim = pkgs.writeDashBin "vim" ''
set -efu
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
exec ${pkgs.vim}/bin/vim "$@"
'';
hs.vim = pkgs.writeText "hs.vim" ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier
hi link VarId Identifier
hi link hsDelimiter Delimiter
'';
nix.vim = pkgs.writeText "nix.vim" ''
setf nix
" Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
syn region NixSTRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
syn region NixIND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
syn match NixOther /[():/;=.,?\[\]]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
startAlts = filter isString [
''/\* ${lang} \*/''
extraStart
];
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
in /* vim */ ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
unlet b:current_syntax
syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn cluster nix_ind_strings
\ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') {
c = {};
cabal = {};
haskell = {};
sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
vim.extraStart =
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
})}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
syn clear shVarAssign
syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent
syn region nix_inside_curly
\ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
\ containedin=@nix_ind_strings
\ contained
syn match NixQuote /\\./he=s+1
\ containedin=@nix_strings
\ contained
syn sync fromstart
let b:current_syntax = "nix"
set isk=@,48-57,_,192-255,-,'
set bg=dark
'';
in
out

View File

@ -1,21 +0,0 @@
{ config, lib, pkgs, ... }:
let
inherit (import <stockholm/lib>) genid;
in {
krebs.per-user.chat.packages = with pkgs; [
mosh
weechat
tmux
];
users.extraUsers.chat = {
home = "/home/chat";
uid = genid "chat";
useDefaultShell = true;
createHome = true;
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
];
};
}

View File

@ -1,7 +0,0 @@
_:
{
imports = [
../krebs
./2configs
];
}

View File

@ -1,35 +0,0 @@
{ name }: let
inherit (import ../krebs/krops.nix { inherit name; })
krebs-source
lib
pkgs
;
source = { test }: lib.evalSource [
krebs-source
{
nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix";
secrets = if test then {
file = toString ./0tests/dummysecrets;
} else {
pass = {
dir = "${lib.getEnv "HOME"}/.password-store";
name = "hosts/${name}";
};
};
}
];
in {
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
source = source { test = false; };
target = "root@${name}/var/src";
};
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
test = { target }: pkgs.krops.writeTest "${name}-test" {
inherit target;
source = source { test = true; };
};
}

1
submodules/krops Submodule

@ -0,0 +1 @@
Subproject commit e2b29654251367545700154ffbac806705dd04c0

View File

@ -18,6 +18,7 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/retiolum.nix> <stockholm/tv/2configs/retiolum.nix>
<stockholm/tv/2configs/binary-cache> <stockholm/tv/2configs/binary-cache>
<stockholm/tv/2configs/br.nix> <stockholm/tv/2configs/br.nix>
<stockholm/tv/2configs/xp-332.nix>
<stockholm/tv/2configs/xserver> <stockholm/tv/2configs/xserver>
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -40,7 +41,6 @@ with import <stockholm/lib>;
mkpasswd mkpasswd
netcat netcat
netcup netcup
nix-repl
nmap nmap
p7zip p7zip
pass pass
@ -147,8 +147,6 @@ with import <stockholm/lib>;
gptfdisk gptfdisk
]; ];
services.printing.enable = true;
#services.bitlbee.enable = true; #services.bitlbee.enable = true;
#services.tor.client.enable = true; #services.tor.client.enable = true;
#services.tor.enable = true; #services.tor.enable = true;

View File

@ -26,7 +26,7 @@ with import <stockholm/lib>;
method = "pull"; method = "pull";
src = { host = config.krebs.hosts.querel; path = "/home"; }; src = { host = config.krebs.hosts.querel; path = "/home"; };
dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; }; dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; };
startAt = "00:00"; startAt = "22:00";
}; };
wu-home-xu = { wu-home-xu = {
method = "push"; method = "push";

View File

@ -143,6 +143,7 @@ with import <stockholm/lib>;
environment.systemPackages = [ environment.systemPackages = [
pkgs.get pkgs.get
pkgs.git pkgs.git
pkgs.git-crypt
pkgs.git-preview pkgs.git-preview
pkgs.hashPassword pkgs.hashPassword
pkgs.htop pkgs.htop

View File

@ -41,6 +41,9 @@ in {
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers> # refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
desktopManager.session = mkForce []; desktopManager.session = mkForce [];
displayManager.lightdm.enable = mkForce false;
displayManager.job.execCmd = mkForce "derp";
enable = true; enable = true;
display = mkForce 11; display = mkForce 11;
tty = mkForce 11; tty = mkForce 11;
@ -55,7 +58,7 @@ in {
systemd.services.display-manager.enable = false; systemd.services.display-manager.enable = false;
systemd.services.xmonad = { systemd.services.xmonad = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "graphical.target" ];
requires = [ "xserver.service" ]; requires = [ "xserver.service" ];
environment = { environment = {
DISPLAY = ":${toString config.services.xserver.display}"; DISPLAY = ":${toString config.services.xserver.display}";
@ -101,21 +104,20 @@ in {
systemd.services.xserver = { systemd.services.xserver = {
after = [ after = [
"systemd-udev-settle.service"
"local-fs.target"
"acpid.service" "acpid.service"
"local-fs.target"
"systemd-udev-settle.service"
]; ];
reloadIfChanged = true; wants = [
"systemd-udev-settle.service"
];
restartIfChanged = false;
environment = { environment = {
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. LD_LIBRARY_PATH = concatStringsSep ":" ([ "/run/opengl-driver/lib" ]
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
LD_LIBRARY_PATH = concatStringsSep ":" (
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); ++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
}; };
serviceConfig = { serviceConfig = {
SyslogIdentifier = "xserver"; SyslogIdentifier = "xserver";
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
ExecStart = toString [ ExecStart = toString [
"${pkgs.xorg.xorgserver}/bin/X" "${pkgs.xorg.xorgserver}/bin/X"
":${toString config.services.xserver.display}" ":${toString config.services.xserver.display}"
@ -123,17 +125,16 @@ in {
"-config ${import ./xserver.conf.nix args}" "-config ${import ./xserver.conf.nix args}"
"-logfile /dev/null -logverbose 0 -verbose 3" "-logfile /dev/null -logverbose 0 -verbose 3"
"-nolisten tcp" "-nolisten tcp"
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb" "-xkbdir ${config.services.xserver.xkbDir}"
]; ];
}; };
}; };
systemd.services.urxvtd = { systemd.services.urxvtd = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "graphical.target" ];
reloadIfChanged = true; restartIfChanged = false;
serviceConfig = { serviceConfig = {
SyslogIdentifier = "urxvtd"; SyslogIdentifier = "urxvtd";
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
Restart = "always"; Restart = "always";
RestartSec = "2s"; RestartSec = "2s";

View File

@ -64,7 +64,7 @@ in {
ExecStartPre = ExecStartPre =
"${pkgs.coreutils}/bin/ln -s /etc/charybdis-ircd.motd /tmp/ircd.motd"; "${pkgs.coreutils}/bin/ln -s /etc/charybdis-ircd.motd /tmp/ircd.motd";
ExecStart = toString [ ExecStart = toString [
"${pkgs.charybdis}/bin/charybdis-ircd" "${pkgs.charybdis}/bin/charybdis"
"-configfile ${import ./config.nix args}" "-configfile ${import ./config.nix args}"
"-foreground" "-foreground"
"-logfile /dev/stderr" "-logfile /dev/stderr"

View File

@ -0,0 +1,121 @@
{ stdenv, lib, fetchurl, fetchFromGitHub
, coreutils, gnused, getopt, git, tree, gnupg, which, procps, qrencode
, makeWrapper
, pass-otp
, xclip ? null, xdotool ? null, dmenu ? null
, x11Support ? !stdenv.isDarwin
, tombPluginSupport ? false, tomb
}:
with lib;
assert x11Support -> xclip != null
&& xdotool != null
&& dmenu != null;
let
plugins = map (p: (fetchFromGitHub {
owner = "roddhjav";
repo = "pass-${p.name}";
inherit (p) rev sha256;
}))
([
{ name = "import";
rev = "491935bd275f29ceac2b876b3a288011d1ce31e7";
sha256 = "02mbh05ab8h7kc30hz718d1d1vkjz43b96c7p0xnd92610d2q66q"; }
{ name = "update";
rev = "cf576c9036fd18efb9ed29e0e9f811207b556fde";
sha256 = "1hhbrg6a2walrvla6q4cd3pgrqbcrf9brzjkb748735shxfn52hd"; }
] ++ stdenv.lib.optional tombPluginSupport {
name = "tomb";
rev = "3368134898a42c1b758fabac625ec240e125c6be";
sha256 = "0qqmxfg4w3r088qhlkhs44036mya82vjflsjjhw2hk8y0wd2i6ds"; }
);
in stdenv.mkDerivation rec {
version = "1.7.2";
name = "password-store-${version}";
src = fetchurl {
url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz";
sha256 = "1sl0d7nc85c6c2bmmmyb8rpmn47vhkj831l153mjlkawjvhwas27";
};
patches = [ ./set-correct-program-name-for-sleep.patch
] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch;
nativeBuildInputs = [ makeWrapper ];
installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ];
postInstall = ''
# plugins
${stdenv.lib.concatStringsSep "\n" (map (plugin: ''
pushd ${plugin}
PREFIX=$out make install
popd
'') plugins)}
ln -s \
${pass-otp}/lib/password-store/extensions/otp.bash \
$out/lib/password-store/extensions/
ln -s \
${pass-otp}/share/man/man1/pass-otp.1.gz \
$out/share/man/man1/
# Install Emacs Mode. NOTE: We can't install the necessary
# dependencies (s.el and f.el) here. The user has to do this
# himself.
mkdir -p "$out/share/emacs/site-lisp"
cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/"
'' + optionalString x11Support ''
cp "contrib/dmenu/passmenu" "$out/bin/"
'';
wrapperPath = with stdenv.lib; makeBinPath ([
coreutils
getopt
git
gnupg
gnused
tree
which
qrencode
] ++ optional tombPluginSupport tomb
++ optional stdenv.isLinux procps
++ ifEnable x11Support [ dmenu xclip xdotool ]);
postFixup = ''
# Fix program name in --help
substituteInPlace $out/bin/pass \
--replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass"
# Ensure all dependencies are in PATH
wrapProgram $out/bin/pass \
--prefix PATH : "${wrapperPath}"
'' + stdenv.lib.optionalString x11Support ''
# We just wrap passmenu with the same PATH as pass. It doesn't
# need all the tools in there but it doesn't hurt either.
wrapProgram $out/bin/passmenu \
--prefix PATH : "$out/bin:${wrapperPath}"
'';
meta = with stdenv.lib; {
description = "Stores, retrieves, generates, and synchronizes passwords securely";
homepage = https://www.passwordstore.org/;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ lovek323 the-kenny fpletz ];
platforms = platforms.unix;
longDescription = ''
pass is a very simple password store that keeps passwords inside gpg2
encrypted files inside a simple directory tree residing at
~/.password-store. The pass utility provides a series of commands for
manipulating the password store, allowing the user to add, remove, edit,
synchronize, generate, and manipulate passwords.
'';
};
}

View File

@ -0,0 +1,9 @@
diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh
--- password-store-1.6.5-orig/src/platform/darwin.sh 2015-01-28 16:43:02.000000000 +0000
+++ password-store-1.6.5/src/platform/darwin.sh 2015-02-15 16:09:02.000000000 +0000
@@ -31,5 +31,4 @@
mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk."
}
-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt"
SHRED="srm -f -z"

View File

@ -0,0 +1,57 @@
{ stdenv, fetchFromGitHub, pass, rofi, coreutils, utillinux, xdotool, gnugrep
, libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper
}:
stdenv.mkDerivation rec {
name = "rofi-pass-${version}";
version = "1.5.3";
src = fetchFromGitHub {
owner = "carnager";
repo = "rofi-pass";
rev = version;
sha256 = "1fn1j2rf3abc5qb44zfc8z8ffw6rva4xfp7597hwr1g3szacazpq";
};
buildInputs = [ makeWrapper ];
dontBuild = true;
installPhase = ''
mkdir -p $out/bin
cp -a rofi-pass $out/bin/rofi-pass
mkdir -p $out/share/doc/rofi-pass/
cp -a config.example $out/share/doc/rofi-pass/config.example
'';
wrapperPath = with stdenv.lib; makeBinPath [
coreutils
findutils
gawk
gnugrep
gnused
libnotify
pass
pwgen
rofi
utillinux
xclip
xdotool
];
fixupPhase = ''
patchShebangs $out/bin
wrapProgram $out/bin/rofi-pass \
--prefix PATH : "${wrapperPath}"
'';
meta = {
description = "A script to make rofi work with password-store";
homepage = https://github.com/carnager/rofi-pass;
maintainers = with stdenv.lib.maintainers; [ the-kenny garbas ];
license = stdenv.lib.licenses.gpl3;
platforms = with stdenv.lib.platforms; linux;
};
}

View File

@ -0,0 +1,69 @@
From 25b44e00ed5df8ffe2782d38ad5cd9f514379599 Mon Sep 17 00:00:00 2001
From: "Andrew R. M" <andrewmiller237@gmail.com>
Date: Sat, 8 Apr 2017 13:50:01 -0400
Subject: [PATCH] Patch the clip() function to work even when using
single-binary coreutils
---
src/password-store.sh | 4 ++--
src/platform/cygwin.sh | 4 ++--
src/platform/darwin.sh | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/password-store.sh b/src/password-store.sh
index 6a4172d..4dbd6b8 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -155,11 +155,11 @@ clip() {
# variable. Specifically, it cannot store nulls nor (non-trivally) store
# trailing new lines.
local sleep_argv0="password store sleep on display $DISPLAY"
- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)"
echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard"
(
- ( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" )
+ ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") )
local now="$(xclip -o -selection "$X_SELECTION" | base64)"
[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh
index 6e5dd86..f3574c4 100644
--- a/src/platform/cygwin.sh
+++ b/src/platform/cygwin.sh
@@ -3,11 +3,11 @@
clip() {
local sleep_argv0="password store sleep on display $DISPLAY"
- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
local before="$(base64 < /dev/clipboard)"
echo -n "$1" > /dev/clipboard
(
- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
+ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
local now="$(base64 < /dev/clipboard)"
[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
echo "$before" | base64 -d > /dev/clipboard
diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh
index 86eb325..deb04c4 100644
--- a/src/platform/darwin.sh
+++ b/src/platform/darwin.sh
@@ -3,11 +3,11 @@
clip() {
local sleep_argv0="password store sleep for user $(id -u)"
- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
local before="$(pbpaste | openssl base64)"
echo -n "$1" | pbcopy
(
- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
+ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
local now="$(pbpaste | openssl base64)"
[[ $now != $(echo -n "$1" | openssl base64) ]] && before="$now"
echo "$before" | openssl base64 -d | pbcopy
--
2.12.2

View File

@ -0,0 +1 @@
self: super: {}

View File

@ -33,4 +33,16 @@ foldl' mergeAttrs {}
''; '';
gnupg = self.gnupg22; gnupg = self.gnupg22;
pass = {
"18.03" =
self.callPackage ./compat/18.03/pass {
pass-otp = self.callPackage ./compat/18.03/pass-otp {};
};
"18.09" =
super.pass.withExtensions (ext: [
ext.pass-otp
]);
}.${versions.majorMinor nixpkgsVersion};
} }

View File

@ -164,6 +164,7 @@ stdenv.mkDerivation rec {
; ;
NIX_CFLAGS_COMPILE = [ NIX_CFLAGS_COMPILE = [
"-Wno-error=deprecated-declarations"
"-Wno-error=unused-variable" "-Wno-error=unused-variable"
]; ];