Merge remote-tracking branch 'lass/master'

This commit is contained in:
makefu 2021-04-20 09:01:54 +02:00
commit 610a81d723
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
28 changed files with 212 additions and 99 deletions

View File

View File

View File

@ -18,13 +18,6 @@
boot.isContainer = true; boot.isContainer = true;
networking.useDHCP = false; networking.useDHCP = false;
krebs.bindfs = { krebs.bindfs = {
"/var/lib/htgen-go" = {
source = "/var/state/htgen-go";
options = [
"-m ${toString config.users.users.htgen-go.uid}"
];
clearTarget = true;
};
"/var/lib/brockman" = { "/var/lib/brockman" = {
source = "/var/state/brockman"; source = "/var/state/brockman";
options = [ options = [

View File

@ -19,6 +19,12 @@
<stockholm/krebs/2configs/binary-cache/nixos.nix> <stockholm/krebs/2configs/binary-cache/nixos.nix>
<stockholm/krebs/2configs/binary-cache/prism.nix> <stockholm/krebs/2configs/binary-cache/prism.nix>
## news host
<stockholm/krebs/2configs/container-networking.nix>
<stockholm/krebs/2configs/syncthing.nix>
<stockholm/krebs/2configs/news-host.nix>
### shackspace ### ### shackspace ###
# handle the worlddomination map via coap # handle the worlddomination map via coap
<stockholm/krebs/2configs/shack/worlddomination.nix> <stockholm/krebs/2configs/shack/worlddomination.nix>

View File

@ -8,8 +8,8 @@ in {
SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}" SUBSYSTEM=="net", ATTR{address}=="3c:97:0e:07:b9:14", NAME="${ext-if}"
''; '';
networking = { networking = {
firewall.enable = false; firewall.enable = true;
firewall.allowedTCPPorts = [ 8088 8086 8083 5901 ]; firewall.allowedTCPPorts = [ 80 443 8088 8086 8083 5901 ];
interfaces."${ext-if}".ipv4.addresses = [ interfaces."${ext-if}".ipv4.addresses = [
{ {
address = shack-ip; address = shack-ip;

View File

@ -0,0 +1,7 @@
{ lib, ... }:
{
networking.nat.enable = true;
networking.nat.internalInterfaces = ["ve-+"];
networking.nat.externalInterface = lib.mkDefault "et0";
networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
}

View File

@ -87,6 +87,7 @@
}; };
channel { channel {
autochanmodes = "+t";
use_invex = yes; use_invex = yes;
use_except = yes; use_except = yes;
use_forward = yes; use_forward = yes;

View File

@ -4,6 +4,7 @@
"shodan" "shodan"
"mors" "mors"
"styx" "styx"
"puyak"
]; ];
hostIp = "10.233.2.101"; hostIp = "10.233.2.101";
localIp = "10.233.2.102"; localIp = "10.233.2.102";

View File

@ -15,6 +15,16 @@
serverAliases = [ serverAliases = [
"news.r" "news.r"
]; ];
locations."/api".extraConfig = ''
proxy_pass http://127.0.0.1:7777/;
proxy_pass_header Server;
'';
locations."= /graph.html".extraConfig = ''
alias ${pkgs.fetchurl {
url = "https://raw.githubusercontent.com/kmein/brockman/05d33c8caaaf6255752f9600981974bb58390851/tools/graph.html";
sha256 = "0iw2vdzj6kzkix1c447ybmc953lns6z4ap6sr9pcib8bany4g43w";
}};
'';
locations."/".extraConfig = '' locations."/".extraConfig = ''
root /var/lib/brockman; root /var/lib/brockman;
index brockman.json; index brockman.json;
@ -27,6 +37,7 @@
}; };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /var/lib/brockman 1750 brockman nginx -" "d /var/lib/brockman 1750 brockman nginx -"
"d /run/irc-api 1750 brockman nginx -"
]; ];
systemd.services.brockman-graph = { systemd.services.brockman-graph = {
@ -67,12 +78,28 @@
shortener = "http://go.r"; shortener = "http://go.r";
controller = { controller = {
nick = "brockman"; nick = "brockman";
channels = [ "#all" ]; extraChannels = [ "#all" ];
}; };
bots = {}; bots = {};
}; };
}; };
krebs.reaktor2.api = {
hostname = "localhost";
port = "6667";
nick = "api";
API.listen = "inet://127.0.0.1:7777";
plugins = [
{
plugin = "register";
config = {
channels = [
"#all"
];
};
}
];
};
krebs.reaktor2.news = let krebs.reaktor2.news = let
name = "candyman"; name = "candyman";
in { in {

View File

@ -10,6 +10,10 @@ in {
configDir = "/var/lib/syncthing"; configDir = "/var/lib/syncthing";
declarative = { declarative = {
devices = mk_peers used_peers; devices = mk_peers used_peers;
key = toString <secrets/syncthing.key>;
cert = toString <secrets/syncthing.cert>;
}; };
}; };
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
} }

View File

@ -77,6 +77,7 @@ in {
"wiki.r" "wiki.r"
"wiki.hotdog.r" "wiki.hotdog.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAs9+Au3oj29C5ol/YnkG9GjfCH5z53wxjH2iy8UPike8C7GASZKqc MIIBCgKCAQEAs9+Au3oj29C5ol/YnkG9GjfCH5z53wxjH2iy8UPike8C7GASZKqc
@ -177,6 +178,7 @@ in {
}; };
ssh.privkey.path = <secrets/ssh.id_ed25519>; ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY";
syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR";
}; };
wolf = { wolf = {
ci = true; ci = true;

View File

@ -67,7 +67,9 @@ in {
"cgit.prism.r" "cgit.prism.r"
"paste.r" "paste.r"
"p.r" "p.r"
"search.r"
]; ];
tinc.port = 655;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEAtpI0+jz2deUiH18T/+JcRshQi7lq8zlRvaXpvyuxJlYCz+o5cLje MIIECgKCBAEAtpI0+jz2deUiH18T/+JcRshQi7lq8zlRvaXpvyuxJlYCz+o5cLje
@ -126,6 +128,7 @@ in {
aliases = [ aliases = [
"uriel.r" "uriel.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAzw0pvoEmqeqiZrzSOPH0IT99gr1rrvMZbvabXoU4MAiVgGoGrkmR MIIBCgKCAQEAzw0pvoEmqeqiZrzSOPH0IT99gr1rrvMZbvabXoU4MAiVgGoGrkmR
@ -151,6 +154,7 @@ in {
aliases = [ aliases = [
"mors.r" "mors.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAsj1PCibKOfF68gmFQ+wwyfhUWpqKqpznrJX1dZ+daae7l7nBHvsE MIIBCgKCAQEAsj1PCibKOfF68gmFQ+wwyfhUWpqKqpznrJX1dZ+daae7l7nBHvsE
@ -184,6 +188,7 @@ in {
aliases = [ aliases = [
"shodan.r" "shodan.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA9bUSItw8rEu2Cm2+3IGHyRxopre9lqpFjZNG2QTnjXkZ97QlDesT MIIBCgKCAQEA9bUSItw8rEu2Cm2+3IGHyRxopre9lqpFjZNG2QTnjXkZ97QlDesT
@ -218,6 +223,7 @@ in {
aliases = [ aliases = [
"icarus.r" "icarus.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAydCY+IWzF8DocCNzPiUM+xccbiDTWS/+r2le812+O4r+sUojXuzr MIIBCgKCAQEAydCY+IWzF8DocCNzPiUM+xccbiDTWS/+r2le812+O4r+sUojXuzr
@ -251,6 +257,7 @@ in {
aliases = [ aliases = [
"daedalus.r" "daedalus.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAzlIJfYIoQGXishIQGFNOcaVoeelqy7a731FJ+VfrqeR8WURQ6D+8 MIIBCgKCAQEAzlIJfYIoQGXishIQGFNOcaVoeelqy7a731FJ+VfrqeR8WURQ6D+8
@ -282,6 +289,7 @@ in {
aliases = [ aliases = [
"skynet.r" "skynet.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEArNpBoTs7MoaZq2edGJLYUjmoLa5ZtXhOFBHjS1KtQ3hMtWkcqpYX MIIBCgKCAQEArNpBoTs7MoaZq2edGJLYUjmoLa5ZtXhOFBHjS1KtQ3hMtWkcqpYX
@ -315,6 +323,7 @@ in {
aliases = [ aliases = [
"littleT.r" "littleT.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA2nPi6ui8nJhEL3lFzDoPelFbEwFWqPnQa0uVxLAhf2WnmT/vximF MIIECgKCBAEA2nPi6ui8nJhEL3lFzDoPelFbEwFWqPnQa0uVxLAhf2WnmT/vximF
@ -364,6 +373,7 @@ in {
aliases = [ aliases = [
"xerxes.r" "xerxes.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U
@ -414,6 +424,7 @@ in {
aliases = [ aliases = [
"red.r" "red.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArAN/62V2MV18wsZ9VMTG MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArAN/62V2MV18wsZ9VMTG
@ -444,6 +455,7 @@ in {
aliases = [ aliases = [
"yellow.r" "yellow.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6lHmzq8+04h3zivJmIbP MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6lHmzq8+04h3zivJmIbP
@ -481,6 +493,7 @@ in {
aliases = [ aliases = [
"blue.r" "blue.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA28b+WMiQaWbwUPcJlacd MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA28b+WMiQaWbwUPcJlacd
@ -520,6 +533,7 @@ in {
aliases = [ aliases = [
"green.r" "green.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwpgFxMxWQ0Cp3I82bLWk MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwpgFxMxWQ0Cp3I82bLWk
@ -574,6 +588,7 @@ in {
aliases = [ aliases = [
"morpheus.r" "morpheus.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY MIICCgKCAgEAptrlSKQKsBH2QMQxllZR94S/fXneajpJifRjXR5bi+7ME2ThdQXY
@ -611,6 +626,7 @@ in {
aliases = [ aliases = [
"hilum.r" "hilum.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAul1zLdJ76kIqVWjxT2bb MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAul1zLdJ76kIqVWjxT2bb
@ -651,6 +667,7 @@ in {
aliases = [ aliases = [
"styx.r" "styx.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuMJFklzpbxoDGD8LQ3tn MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuMJFklzpbxoDGD8LQ3tn
@ -692,6 +709,7 @@ in {
aliases = [ aliases = [
"coaxmetal.r" "coaxmetal.r"
]; ];
tinc.port = 0;
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwcuMl/W6DZ7UMK4RHrxA MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwcuMl/W6DZ7UMK4RHrxA

View File

@ -93,7 +93,7 @@ in {
config = mkIf (cfg.containers != {}) { config = mkIf (cfg.containers != {}) {
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
# allow syncthing to enter /var/lib/containers # allow syncthing to enter /var/lib/containers
system.activationScripts.syncthing-home = '' system.activationScripts.containers-enter = mkDefault ''
${pkgs.coreutils}/bin/chmod a+x /var/lib/containers ${pkgs.coreutils}/bin/chmod a+x /var/lib/containers
''; '';

View File

@ -0,0 +1,25 @@
{ mkDerivation, ansi-terminal, async, base, binary, bytestring
, data-default, directory, filepath, megaparsec
, optparse-applicative, pandoc, random, safe, scalpel, stdenv, text
, time
, fetchFromGitHub
}:
mkDerivation rec {
pname = "recht";
version = "0.3.0";
src = fetchFromGitHub {
owner = "kmein";
repo = "recht";
rev = version;
sha256 = "07cyd06wbnzcp33v0nq8cxyggvqrnbni0v2g8cpxar6idn1wlz85";
};
isLibrary = false;
isExecutable = true;
executableHaskellDepends = [
ansi-terminal async base binary bytestring data-default directory
filepath megaparsec optparse-applicative pandoc random safe scalpel
text time
];
license = stdenv.lib.licenses.mit;
}

View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "266dc8c3d052f549826ba246d06787a219533b8f", "rev": "04a2b269d8921505a2969fc9ec25c1f517f2b307",
"date": "2021-03-15T09:37:03+01:00", "date": "2021-03-30T01:32:47-04:00",
"path": "/nix/store/dkim3k1b5bdga370xpw0r52w0ac5y3fn-nixpkgs", "path": "/nix/store/wb6m2d6p3kadk6pbqdjq3ydswbvmb0lq-nixpkgs",
"sha256": "09ydqx2lznixmw8z4cfz1j3k137mh8n3cdpygwqymknhfdjq7lg4", "sha256": "15hgx2i71pqgvzv56jwzfs8rkhjbm35wk1i6mxrqbq6wd0y10isv",
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,
"leaveDotGit": false "leaveDotGit": false

View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "36e15cd6e7d55ba143caf3dc930467ace573d85c", "rev": "dec334fa196a4aeedb1b60d8f7d61aa00d327499",
"date": "2021-03-16T08:18:29+01:00", "date": "2021-04-14T01:54:42+02:00",
"path": "/nix/store/rsh8kmy9jiwdhsm390zw0mq1p256xzrk-nixpkgs", "path": "/nix/store/x1dkzxknsrf0060pz1vwa7ibmq7899wb-nixpkgs",
"sha256": "15dwscz9s71n6hn1wml95il8hl8aza16jj9qwywps8bsdamgymfq", "sha256": "1sm1p2qliz11qw6va01knm0rikhpq2h4c70ci98vi4q26y4q9z72",
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,
"leaveDotGit": false "leaveDotGit": false

View File

@ -194,6 +194,7 @@ with import <stockholm/lib>;
} }
<stockholm/lass/2configs/minecraft.nix> <stockholm/lass/2configs/minecraft.nix>
<stockholm/lass/2configs/codimd.nix> <stockholm/lass/2configs/codimd.nix>
<stockholm/lass/2configs/searx.nix>
{ {
services.taskserver = { services.taskserver = {
enable = true; enable = true;

View File

@ -43,11 +43,9 @@ in {
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;
package = (unstable.home-assistant.overrideAttrs (old: { package = unstable.home-assistant.overrideAttrs (old: {
doInstallCheck = false; doInstallCheck = false;
})).override { });
extraPackages = _: [ dwdwfsapi ];
};
configWritable = true; configWritable = true;
lovelaceConfigWritable = true; lovelaceConfigWritable = true;
config = let config = let

23
lass/2configs/searx.nix Normal file
View File

@ -0,0 +1,23 @@
{ pkgs, ... }:
let
port = 8889;
in {
services.nginx.virtualHosts.search = {
serverAliases = [ "search.r" ];
locations."/".extraConfig = ''
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:${builtins.toString port};
'';
};
services.searx = {
enable = true;
configFile = pkgs.writeText "searx.cfg" (builtins.toJSON {
use_default_settings = true;
server = {
port = port;
secret_key = builtins.readFile <secrets/searx.key>;
};
});
};
}

View File

@ -3,10 +3,6 @@
imports = [ <stockholm/krebs/2configs/syncthing.nix> ]; imports = [ <stockholm/krebs/2configs/syncthing.nix> ];
services.syncthing = { services.syncthing = {
group = "syncthing"; group = "syncthing";
declarative = {
key = toString <secrets/syncthing.key>;
cert = toString <secrets/syncthing.cert>;
};
}; };
krebs.iptables.tables.filter.INPUT.rules = [ krebs.iptables.tables.filter.INPUT.rules = [
{ predicate = "-p tcp --dport 22000"; target = "ACCEPT";} { predicate = "-p tcp --dport 22000"; target = "ACCEPT";}
@ -16,6 +12,4 @@
system.activationScripts.syncthing-home = mkDefault '' system.activationScripts.syncthing-home = mkDefault ''
${pkgs.coreutils}/bin/chmod a+x /home/lass ${pkgs.coreutils}/bin/chmod a+x /home/lass
''; '';
boot.kernel.sysctl."fs.inotify.max_user_watches" = 524288;
} }

View File

@ -0,0 +1 @@
yolo

View File

@ -5,6 +5,7 @@ let
evalSource = import ./eval-source.nix; evalSource = import ./eval-source.nix;
git = import ./git.nix { inherit lib; }; git = import ./git.nix { inherit lib; };
haskell = import ./haskell.nix { inherit lib; };
krebs = import ./krebs lib; krebs = import ./krebs lib;
krops = import ../submodules/krops/lib; krops = import ../submodules/krops/lib;
shell = import ./shell.nix { inherit lib; }; shell = import ./shell.nix { inherit lib; };

51
lib/haskell.nix Normal file
View File

@ -0,0 +1,51 @@
{ lib }:
with builtins;
rec {
# Derive a file by substituting
# "${pkgs.foo}/bin/foo" for each {-pkg-}"foo", and
# "${pkgs.bar}/bin/foo" for each {-pkg:bar-}"foo".
# If a package doesn't exist, a warning gets printed.
substitutePkgs = name: { callsite ? null, pkgs, path }:
pkgs.writeText name (substitutePkgs' {
inherit pkgs;
sourceDescription =
if callsite != null then
"${name} in ${toString callsite}"
else
"${name} from ${toString path}";
text = readFile path;
});
substitutePkgs' = { pkgs, sourceDescription, text }:
let
f = s:
let
parse = match "(.*)([{]-pkg(:([^}]+))?-[}]\"([^\"]+)\")(.*)" s;
prefix = elemAt parse 0;
pname = if elemAt parse 3 != null then elemAt parse 3 else exename;
exename = elemAt parse 4;
suffix = elemAt parse 5;
pkg = pkgs.${pname} or null;
substitute =
if pkg != null then
"${pkg}/bin/${exename}"
else
trace (toString [
"lib.haskell.replacePkg:"
"warning:"
"while deriving ${sourceDescription}:"
"no substitute found for ${elemAt parse 1}"
])
exename;
in
if parse == null then
s
else
f (prefix + toJSON substitute + suffix);
in
f text;
}

View File

@ -43,6 +43,21 @@ let
"auth-anonymous=1" "auth-anonymous=1"
"socket=${runDir}/socket" "socket=${runDir}/socket"
]} ]}
${lib.optionalString (config.krebs.build.host.name == "au") ''
load-module ${toString [
"module-native-protocol-tcp"
"auth-ip-acl=127.0.0.1;10.23.1.0/24"
]}
''}
${lib.optionalString (config.krebs.build.host.name != "au") ''
load-module ${toString [
"module-tunnel-sink-new"
"server=au.hkw"
"sink_name=au"
"channels=2"
"rate=44100"
]}
''}
''; '';
in in

View File

@ -1,15 +0,0 @@
module Helpers.Path where
import qualified Data.List
import qualified System.Directory
import qualified System.IO.Unsafe
findExecutable :: String -> FilePath
findExecutable =
System.IO.Unsafe.unsafePerformIO . find
where
find name =
maybe failure id <$> System.Directory.findExecutable name
where
failure = error (Data.List.intercalate " " [name, "not found"])

View File

@ -1,37 +0,0 @@
module Paths where
import Helpers.Path
flameshot :: FilePath
flameshot = findExecutable "flameshot-once"
otpmenu :: FilePath
otpmenu = findExecutable "otpmenu"
pactl :: FilePath
pactl = findExecutable "pactl"
passmenu :: FilePath
passmenu = findExecutable "passmenu"
pavucontrol :: FilePath
pavucontrol = findExecutable "pavucontrol"
slock :: FilePath
slock = findExecutable "slock"
su :: FilePath
su = findExecutable "su"
urxvtc :: FilePath
urxvtc = findExecutable "urxvtc"
xcalib :: FilePath
xcalib = findExecutable "xcalib"
xdpychvt :: FilePath
xdpychvt = findExecutable "xdpychvt"
xterm :: FilePath
xterm = findExecutable "xterm"

View File

@ -34,7 +34,6 @@ import XMonad.Actions.PerWorkspaceKeys (chooseAction)
import XMonad.Stockholm.Pager import XMonad.Stockholm.Pager
import XMonad.Stockholm.Shutdown import XMonad.Stockholm.Shutdown
import qualified Paths
import THEnv.JSON (getCompileEnvJSONExp) import THEnv.JSON (getCompileEnvJSONExp)
@ -72,7 +71,7 @@ mainNoArgs = do
launch launch
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
$ def $ def
{ terminal = Paths.urxvtc { terminal = {-pkg:rxvt_unicode-}"urxvtc"
, modMask = mod4Mask , modMask = mod4Mask
, keys = myKeys , keys = myKeys
, workspaces = workspaces0 , workspaces = workspaces0
@ -122,14 +121,14 @@ displaySomeException = displayException
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X () forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
forkFile path args env = forkFile path args env =
xfork (executeFile path False args env) >> return () xfork (executeFile path True args env) >> return ()
spawnRootTerm :: X () spawnRootTerm :: X ()
spawnRootTerm = spawnRootTerm =
forkFile forkFile
Paths.urxvtc {-pkg:rxvt_unicode-}"urxvtc"
["-name", "root-urxvt", "-e", Paths.su, "-"] ["-name", "root-urxvt", "-e", "/run/wrappers/bin/su", "-"]
Nothing Nothing
@ -137,16 +136,16 @@ spawnTermAt :: String -> X ()
spawnTermAt ws = do spawnTermAt ws = do
env <- io getEnvironment env <- io getEnvironment
let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env
forkFile Paths.urxvtc [] (Just env') forkFile {-pkg:rxvt_unicode-}"urxvtc" [] (Just env')
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ()) myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
myKeys conf = Map.fromList $ myKeys conf = Map.fromList $
[ ((_4 , xK_Escape ), forkFile Paths.slock [] Nothing) [ ((_4 , xK_Escape ), forkFile {-pkg-}"slock" [] Nothing)
, ((_4S , xK_c ), kill) , ((_4S , xK_c ), kill)
, ((_4 , xK_o ), forkFile Paths.otpmenu [] Nothing) , ((_4 , xK_o ), forkFile {-pkg:fzmenu-}"otpmenu" [] Nothing)
, ((_4 , xK_p ), forkFile Paths.passmenu [] Nothing) , ((_4 , xK_p ), forkFile {-pkg:fzmenu-}"passmenu" [] Nothing)
, ((_4 , xK_x ), chooseAction spawnTermAt) , ((_4 , xK_x ), chooseAction spawnTermAt)
, ((_4C , xK_x ), spawnRootTerm) , ((_4C , xK_x ), spawnRootTerm)
@ -188,12 +187,12 @@ myKeys conf = Map.fromList $
, ((0, xF86XK_AudioMute), audioMute) , ((0, xF86XK_AudioMute), audioMute)
, ((_4, xF86XK_AudioMute), pavucontrol []) , ((_4, xF86XK_AudioMute), pavucontrol [])
, ((_4, xK_Prior), forkFile Paths.xcalib ["-invert", "-alter"] Nothing) , ((_4, xK_Prior), forkFile {-pkg-}"xcalib" ["-invert", "-alter"] Nothing)
, ((0, xK_Print), forkFile Paths.flameshot [] Nothing) , ((0, xK_Print), forkFile {-pkg-}"flameshot" [] Nothing)
, ((_C, xF86XK_Forward), forkFile Paths.xdpychvt ["next"] Nothing) , ((_C, xF86XK_Forward), forkFile {-pkg:xdpytools-}"xdpychvt" ["next"] Nothing)
, ((_C, xF86XK_Back), forkFile Paths.xdpychvt ["prev"] Nothing) , ((_C, xF86XK_Back), forkFile {-pkg:xdpytools-}"xdpychvt" ["prev"] Nothing)
] ]
where where
_4 = mod4Mask _4 = mod4Mask
@ -206,8 +205,8 @@ myKeys conf = Map.fromList $
_4CM = _4 .|. _C .|. _M _4CM = _4 .|. _C .|. _M
_4SM = _4 .|. _S .|. _M _4SM = _4 .|. _S .|. _M
pactl args = forkFile Paths.pactl args Nothing pactl args = forkFile {-pkg:pulseaudio-}"pactl" args Nothing
pavucontrol args = forkFile Paths.pavucontrol args Nothing pavucontrol args = forkFile {-pkg-}"pavucontrol" args Nothing
audioLowerVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "-5%"] audioLowerVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "-5%"]
audioRaiseVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "+5%"] audioRaiseVolume = pactl ["--", "set-sink-volume", "@DEFAULT_SINK@", "+5%"]
@ -222,7 +221,7 @@ myKeys conf = Map.fromList $
xdeny :: X () xdeny :: X ()
xdeny = xdeny =
forkFile forkFile
Paths.xterm {-pkg-}"xterm"
[ "-fn", myFont [ "-fn", myFont
, "-geometry", "300x100" , "-geometry", "300x100"
, "-name", "AlertFloat" , "-name", "AlertFloat"

View File

@ -23,8 +23,6 @@ executable xmonad
xmonad-contrib, xmonad-contrib,
xmonad-stockholm xmonad-stockholm
other-modules: other-modules:
Helpers.Path,
Paths,
THEnv.JSON THEnv.JSON
default-language: Haskell2010 default-language: Haskell2010
ghc-options: -O2 -Wall -threaded ghc-options: -O2 -Wall -threaded