diff --git a/default.nix b/default.nix index 52e8924cd..cab55d40a 100644 --- a/default.nix +++ b/default.nix @@ -3,3 +3,20 @@ import { (import "NIXOS_CONFIG" ) ]; } +// +{ + lib = import ./lib; + systems = with import ./lib; let + ns = getEnv "LOGNAME"; + in + genAttrs + (attrNames (filterAttrs (_: eq "directory") (readDir ( + "/${ns}/1systems")))) + (name: let + config = import ( + "/${ns}/1systems/${name}/config.nix"); + source = import ( + "/${ns}/1systems/${name}/source.nix"); + in import { + modules = [ config ]; + } // { + inherit source; + }); +} diff --git a/jeschli/1systems/bln/config.nix b/jeschli/1systems/bln/config.nix index 8a3090a49..c9a7a34e2 100644 --- a/jeschli/1systems/bln/config.nix +++ b/jeschli/1systems/bln/config.nix @@ -1,42 +1,19 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - { config, lib, pkgs, ... }: # bln config file { imports = - [ # Include the results of the hardware scan. - + [ + ./hardware-configuration.nix - # ./dcso-vpn.nix ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + jeschliFontSize = 20; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # boot.loader.grub.efiSupport = true; - # boot.loader.grub.efiInstallAsRemovable = true; - # boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only - boot.loader.grub.extraEntries = '' - menuentry "Debian GNU/Linux, kernel 4.9.0-4-amd64" { - search --set=drive1 --fs-uuid f169fd32-bf96-4da0-bc34-294249ffa606 - linux ($drive1)/vmlinuz-4.9.0-4-amd64 root=/dev/mapper/pool-debian ro - initrd ($drive1)/initrd.img-4.9.0-4-amd64 - } - ''; - boot.initrd.luks.devices = [ - { - name = "root"; - device = "/dev/disk/by-uuid/cba5d550-c3c8-423e-a913-14b5210bdd32"; - preLVM = true; - allowDiscards = true; - } - ]; + environment.shellAliases = { n = "nix-shell"; gd = "cd /home/markus/go/src/gitlab.dcso.lolcat"; @@ -46,23 +23,13 @@ LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"' ''; }; - networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname. + networking.hostName = lib.mkForce "BLN02NB0232"; networking.networkmanager.enable = true; - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - - # Select internationalisation properties. - # i18n = { - # consoleFont = "Lat2-Terminus16"; - # consoleKeyMap = "us"; - # defaultLocale = "en_US.UTF-8"; - # }; # Set your time zone. time.timeZone = "Europe/Berlin"; - - # List packages installed in system profile. To search by name, run: - # $ nix-env -qaP | grep wget + # Setup Packages nixpkgs.config.allowUnfree = true; environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; }; environment.systemPackages = with pkgs; [ @@ -85,7 +52,7 @@ emacs # databases sqlite - # internet + # internet thunderbird hipchat chromium @@ -114,79 +81,44 @@ ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. programs.bash.enableCompletion = true; programs.vim.defaultEditor = true; - # programs.mtr.enable = true; - # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - # List services that you want to enable: - - # Enable the OpenSSH daemon. services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # Enable CUPS to print documents. services.printing.enable = true; services.printing.drivers = [ pkgs.postscript-lexmark ]; + # Enable the X11 windowing system. services.xserver.enable = true; - # services.xserver.xrandrHeads = [ - # { output = "eDP1"; } - # { output = "DP-2-2-8"; primary = true; } - # { output = "DP-2-1-8"; monitorConfig = ''Option "Rotate" "left"''; } - # ]; - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; + services.xserver.videoDrivers = [ "nvidia" ]; - # Enable touchpad support. - # services.xserver.libinput.enable = true; - - # Enable the KDE Desktop Environment. -# services.xserver.displayManager.lightdm.enable = true; services.xserver.windowManager.xmonad.enable = true; services.xserver.windowManager.xmonad.enableContribAndExtras = true; -# services.xserver.desktopManager.gnome3.enable = true; - # services.xserver.displayManager.gdm.enable = true; services.xserver.displayManager.sddm.enable = true; - #services.xserver.desktopManager.plasma5.enable = true; -# services.xserver.displayManager.sessionCommands = '' -# (sleep 1 && ${pkgs.xorg.xrandr}/bin/xrandr --output VIRTUAL1 --off --output eDP1 --mode 1920x1080 --pos 5120x688 --rotate normal --output DP1 --off --output DP2-1 --mode 2560x1440 --pos 2560x328 --rotate normal --output DP2-2 --primary --mode 2560x1440 --pos 0x328 --rotate normal --output DP2-3 --off --output HDMI2 --off --output HDMI1 --off --output DP2 --off -#''; + services.xserver.dpi = 100; + fonts.fontconfig.dpi = 100; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.extraUsers.markus = { + users.extraUsers.jeschli = { isNormalUser = true; - extraGroups = ["docker"]; + extraGroups = ["docker" "vboxusers"]; uid = 1000; }; - # This value determines the NixOS release with which your system is to be - # compatible, in order to avoid breaking some software such as database - # servers. You should change this only after NixOS release notes say you - # should. - system.stateVersion = "17.09"; # Did you read the comment? - + system.stateVersion = "17.09"; # Gogland Debugger workaround -# nixpkgs.config.packageOverrides = super: { -# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: { -# postFixup = '' -# interp="$(cat $NIX_CC/nix-support/dynamic-linker)" -# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv -# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv -# ''; -# }); -# }; + # nixpkgs.config.packageOverrides = super: { + # idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: { + # postFixup = '' + # interp="$(cat $NIX_CC/nix-support/dynamic-linker)" + # patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv + # chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv + # ''; + # }); + # }; -# virtualisation.docker.enable = true; - + virtualisation.docker.enable = true; # DCSO Certificates security.pki.certificateFiles = [ @@ -197,7 +129,7 @@ (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "0w88qaqhwxzvdkx40kzj2gka1yi85ipppjdkxah4mscwfhlryrnk"; }) (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; }) (pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; }) - ]; + ]; hardware.bluetooth.enable = true; krebs.build.host = config.krebs.hosts.bln; diff --git a/jeschli/1systems/bln/hardware-configuration.nix b/jeschli/1systems/bln/hardware-configuration.nix index 714162271..b774bfc19 100644 --- a/jeschli/1systems/bln/hardware-configuration.nix +++ b/jeschli/1systems/bln/hardware-configuration.nix @@ -1,6 +1,3 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { config, lib, pkgs, ... }: { @@ -8,27 +5,29 @@ [ ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; + boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d"; + fileSystems."/" = - { device = "/dev/disk/by-uuid/02144ea4-947d-440e-bbf9-99cab0dccf05"; + { device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac"; + fsType = "ext4"; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea"; fsType = "ext4"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/f169fd32-bf96-4da0-bc34-294249ffa606"; - fsType = "ext2"; - }; - - fileSystems."/home" = - { device = "/dev/disk/by-uuid/68ef2163-7b3d-4dbb-add9-d3543ad7c738"; - fsType = "ext4"; + { device = "/dev/disk/by-uuid/927E-01A0"; + fsType = "vfat"; }; swapDevices = [ ]; - nix.maxJobs = lib.mkDefault 4; + nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = "powersave"; } diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix index 83640801f..699a85b58 100644 --- a/jeschli/1systems/bolide/config.nix +++ b/jeschli/1systems/bolide/config.nix @@ -10,6 +10,7 @@ ./hardware-configuration.nix + ]; krebs.build.host = config.krebs.hosts.bolide; diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index eb2bb11d2..49f439a06 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -5,6 +5,9 @@ ./hardware-configuration.nix + + + ]; krebs.build.host = config.krebs.hosts.brauerei; @@ -56,7 +59,6 @@ terminator tmux wget - # rxvt_unicode # editors emacs # internet @@ -64,6 +66,7 @@ chromium google-chrome # programming languages + exercism go gcc ghc @@ -72,6 +75,9 @@ # go tools golint gotools + # rust + cargo + rustc # dev tools gnumake jetbrains.pycharm-professional @@ -104,8 +110,8 @@ # services.printing.enable = true; # Enable the X11 windowing system. - services.xserver.enable = true; - services.xserver.layout = "us"; + # services.xserver.enable = true; + # services.xserver.layout = "us"; # services.xserver.xkbOptions = "eurosign:e"; # Enable touchpad support. @@ -114,18 +120,18 @@ # Enable the KDE Desktop Environment. # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.windowManager.xmonad.enable = true; - services.xserver.windowManager.xmonad.enableContribAndExtras = true; -# + # services.xserver.displayManager.sddm.enable = true; + # services.xserver.windowManager.xmonad.enable = true; + # services.xserver.windowManager.xmonad.enableContribAndExtras = true; + # # Define a user account. Don't forget to set a password with ‘passwd’. - users.extraUsers.jeschli = { + users.extraUsers.jeschli = { # TODO: define as krebs.users isNormalUser = true; uid = 1000; }; users.extraUsers.jamie = { isNormalUser = true; - uid = 1001; + uid = 1001; # TODO genid }; users.users.root.openssh.authorizedKeys.keys = [ @@ -138,4 +144,11 @@ # should. system.stateVersion = "17.09"; # Did you read the comment? + hardware.trackpoint = { + enable = true; + sensitivity = 220; + speed = 0; + emulateWheel = true; + }; + } diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix new file mode 100644 index 000000000..4c52432d3 --- /dev/null +++ b/jeschli/2configs/emacs.nix @@ -0,0 +1,74 @@ +{ config, pkgs, ... }: + +let + packageRepos = '' + (require 'package) ;; You might already have this line + (let* ((no-ssl (and (memq system-type '(windows-nt ms-dos)) + (not (gnutls-available-p)))) + (url (concat (if no-ssl "http" "https") "://melpa.org/packages/"))) + (add-to-list 'package-archives (cons "melpa" url) t) + (add-to-list 'package-archives + '("org" . "http://orgmode.org/elpa/") t) + ) + (when (< emacs-major-version 24) + ;; For important compatibility libraries like cl-lib + (add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/"))) + (package-initialize) + ''; + evilMode = '' + ;; Evil Mode + (add-to-list 'load-path "~/.emacs.d/evil") + (require 'evil) + (evil-mode 1) + (require 'evil-org) + (add-hook 'org-mode-hook 'evil-org-mode) + (evil-org-set-key-theme '(navigation insert textobjects additional calendar)) + (require 'evil-org-agenda) + (evil-org-agenda-set-keys) + ''; + windowCosmetics = '' + (tool-bar-mode -1) ; Disable the button bar atop screen + (scroll-bar-mode -1) ; Disable scroll bar + (setq inhibit-startup-screen t) ; Disable startup screen with graphics + (setq-default indent-tabs-mode nil) ; Use spaces instead of tabs + (setq default-tab-width 2) ; Two spaces is a tab + (setq tab-width 2) ; Four spaces is a tab + (setq visible-bell nil) ; Disable annoying visual bell graphic + (setq ring-bell-function 'ignore) ; Disable super annoying audio bell + ''; + orgMode = '' + (add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode)) + (global-set-key "\C-cl" 'org-store-link) + (global-set-key "\C-ca" 'org-agenda) + (global-set-key "\C-cb" 'org-iswitchb) + (if (boundp 'org-user-agenda-files) + (setq org-agenda-files org-user-agenda-files) + (setq org-agenda-files (quote ("~/projects/notes"))) + ) + ''; + recentFiles = '' + (recentf-mode 1) + (setq recentf-max-menu-items 25) + (global-set-key "\C-x\ \C-r" 'recentf-open-files) + ''; + dotEmacs = pkgs.writeText "dot-emacs" '' + ${packageRepos} + ${orgMode} + ${recentFiles} + ${windowCosmetics} + ''; + emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [ + epkgs.melpaStablePackages.magit + epkgs.melpaPackages.mmm-mode + epkgs.melpaPackages.nix-mode + epkgs.melpaPackages.go-mode + epkgs.melpaPackages.google-this + ]); + myEmacs = pkgs.writeDashBin "my-emacs" '' + exec ${emacsWithCustomPackages}/bin/emacs -q -l ${dotEmacs} "$@" + ''; +in { + environment.systemPackages = [ + myEmacs + ]; +} diff --git a/jeschli/2configs/virtualbox.nix b/jeschli/2configs/virtualbox.nix index b2cb851a1..c9bb8c41f 100644 --- a/jeschli/2configs/virtualbox.nix +++ b/jeschli/2configs/virtualbox.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: let - mainUser = config.users.extraUsers.markus; + mainUser = config.users.extraUsers.jeschli; in { #services.virtualboxHost.enable = true; diff --git a/jeschli/2configs/xdg.nix b/jeschli/2configs/xdg.nix new file mode 100644 index 000000000..18bac9b38 --- /dev/null +++ b/jeschli/2configs/xdg.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: + +with import ; + +{ + environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME"; + + systemd.tmpfiles.rules = let + forUsers = flip map users; + isUser = { name, group, ... }: + name == "root" || hasSuffix "users" group; + users = filter isUser (mapAttrsToList (_: id) config.users.users); + in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -"); +} diff --git a/jeschli/2configs/xserver/Xmodmap.nix b/jeschli/2configs/xserver/Xmodmap.nix new file mode 100644 index 000000000..d2b1b2604 --- /dev/null +++ b/jeschli/2configs/xserver/Xmodmap.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: + +with import ; + +pkgs.writeText "Xmodmap" '' + !keycode 66 = Caps_Lock + !remove Lock = Caps_Lock + clear Lock + + ! caps lock + keycode 66 = Mode_switch + + keycode 13 = 4 dollar EuroSign cent + keycode 30 = u U udiaeresis Udiaeresis + keycode 32 = o O odiaeresis Odiaeresis + keycode 38 = a A adiaeresis Adiaeresis + keycode 39 = s S ssharp + + keycode 33 = p P Greek_pi Greek_PI + keycode 46 = l L Greek_lambda Greek_LAMBDA + + keycode 54 = c C cacute Cacute + + ! BULLET OPERATOR + keycode 17 = 8 asterisk U2219 + keycode 27 = r R r U211D +'' diff --git a/jeschli/2configs/xserver/Xresources.nix b/jeschli/2configs/xserver/Xresources.nix new file mode 100644 index 000000000..e433a855e --- /dev/null +++ b/jeschli/2configs/xserver/Xresources.nix @@ -0,0 +1,52 @@ +{ config, lib, pkgs, ... }: + +with import ; + +pkgs.writeText "Xresources" /* xdefaults */ '' + URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’" + URxvt*eightBitInput: false + URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 + URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 + URxvt*scrollBar: false + URxvt*background: #050505 + URxvt*foreground: #d0d7d0 + URxvt*cursorColor: #f042b0 + URxvt*cursorColor2: #f0b000 + URxvt*cursorBlink: off + URxvt*jumpScroll: true + URxvt*allowSendEvents: false + URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48 + URxvt*cutNewline: False + URxvt*cutToBeginningOfLine: False + + URxvt*color0: #232342 + URxvt*color3: #c07000 + URxvt*color4: #4040c0 + URxvt*color7: #c0c0c0 + URxvt*color8: #707070 + URxvt*color9: #ff6060 + URxvt*color10: #70ff70 + URxvt*color11: #ffff70 + URxvt*color12: #7070ff + URxvt*color13: #ff50ff + URxvt*color14: #70ffff + URxvt*color15: #ffffff + + URxvt*iso14755: False + + URxvt*urgentOnBell: True + URxvt*visualBell: True + + ! ref https://github.com/muennich/urxvt-perls + URxvt*perl-ext: default,url-select + URxvt*keysym.M-u: perl:url-select:select_next + URxvt*url-select.underline: true + URxvt*colorUL: #4682B4 + URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl + URxvt*saveLines: 10000 + + root-urxvt*background: #230000 + root-urxvt*foreground: #e0c0c0 + root-urxvt*BorderColor: #400000 + root-urxvt*color0: #800000 +'' diff --git a/jeschli/2configs/xserver/default.nix b/jeschli/2configs/xserver/default.nix new file mode 100644 index 000000000..df06000f3 --- /dev/null +++ b/jeschli/2configs/xserver/default.nix @@ -0,0 +1,141 @@ +{ config, pkgs, ... }@args: +with import ; +let + cfg = { + cacheDir = cfg.dataDir; + configDir = "/var/empty"; + dataDir = "/run/xdg/${cfg.user.name}/xmonad"; + user = config.krebs.users.jeschli; + }; +in { + + environment.systemPackages = [ + pkgs.font-size + pkgs.gitAndTools.qgit + pkgs.mpv + pkgs.sxiv + pkgs.xdotool + pkgs.xsel + pkgs.zathura + ]; + + fonts.fonts = [ + pkgs.xlibs.fontschumachermisc + ]; + + # TODO dedicated group, i.e. with a single user [per-user-setuid] + # TODO krebs.setuid.slock.path vs /run/wrappers/bin + krebs.setuid.slock = { + filename = "${pkgs.slock}/bin/slock"; + group = "wheel"; + envp = { + DISPLAY = ":${toString config.services.xserver.display}"; + USER = cfg.user.name; + }; + }; + + services.xserver = { + + # Don't install feh into systemPackages + # refs + desktopManager.session = mkForce []; + + enable = true; + display = 11; + tty = 11; + + synaptics = { + enable = true; + twoFingerScroll = true; + accelFactor = "0.035"; + }; + }; + + systemd.services.display-manager.enable = false; + + systemd.services.xmonad = { + wantedBy = [ "multi-user.target" ]; + requires = [ "xserver.service" ]; + environment = { + DISPLAY = ":${toString config.services.xserver.display}"; + + XMONAD_CACHE_DIR = cfg.cacheDir; + XMONAD_CONFIG_DIR = cfg.configDir; + XMONAD_DATA_DIR = cfg.dataDir; + + XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" '' + ${pkgs.xorg.xhost}/bin/xhost +LOCAL: & + ${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} & + ${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} & + ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' & + wait + ''; + + # XXX JSON is close enough :) + XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [ + "dashboard" # we start here + "stockholm" + "pycharm" + "chromium" + "iRC" + "git" + "hipbird" + ]); + }; + serviceConfig = { + SyslogIdentifier = "xmonad"; + ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${toString [ + "\${XMONAD_CACHE_DIR}" + "\${XMONAD_CONFIG_DIR}" + "\${XMONAD_DATA_DIR}" + ]}"; + ExecStart = "${pkgs.xmonad-jeschli}/bin/xmonad"; + ExecStop = "${pkgs.xmonad-jeschli}/bin/xmonad --shutdown"; + User = cfg.user.name; + WorkingDirectory = cfg.user.home; + }; + }; + + systemd.services.xserver = { + after = [ + "systemd-udev-settle.service" + "local-fs.target" + "acpid.service" + ]; + reloadIfChanged = true; + environment = { + XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. + XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. + LD_LIBRARY_PATH = concatStringsSep ":" ( + [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] + ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); + }; + serviceConfig = { + SyslogIdentifier = "xserver"; + ExecReload = "${pkgs.coreutils}/bin/echo NOP"; + ExecStart = toString [ + "${pkgs.xorg.xorgserver}/bin/X" + ":${toString config.services.xserver.display}" + "vt${toString config.services.xserver.tty}" + "-config ${import ./xserver.conf.nix args}" + "-logfile /dev/null -logverbose 0 -verbose 3" + "-nolisten tcp" + "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb" + ]; + }; + }; + + systemd.services.urxvtd = { + wantedBy = [ "multi-user.target" ]; + reloadIfChanged = true; + serviceConfig = { + SyslogIdentifier = "urxvtd"; + ExecReload = "${pkgs.coreutils}/bin/echo NOP"; + ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; + Restart = "always"; + RestartSec = "2s"; + StartLimitBurst = 0; + User = cfg.user.name; + }; + }; +} diff --git a/jeschli/2configs/xserver/xserver.conf.nix b/jeschli/2configs/xserver/xserver.conf.nix new file mode 100644 index 000000000..6f34e0150 --- /dev/null +++ b/jeschli/2configs/xserver/xserver.conf.nix @@ -0,0 +1,40 @@ +{ config, lib, pkgs, ... }: + +with import ; + +let + cfg = config.services.xserver; +in + +pkgs.stdenv.mkDerivation { + name = "xserver.conf"; + + xfs = optionalString (cfg.useXFS != false) + ''FontPath "${toString cfg.useXFS}"''; + + inherit (cfg) config; + + buildCommand = + '' + echo 'Section "Files"' >> $out + echo $xfs >> $out + + for i in ${toString config.fonts.fonts}; do + if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then + for j in $(find $i -name fonts.dir); do + echo " FontPath \"$(dirname $j)\"" >> $out + done + fi + done + + for i in $(find ${toString cfg.modules} -type d); do + if test $(echo $i/*.so* | wc -w) -ne 0; then + echo " ModulePath \"$i\"" >> $out + fi + done + + echo 'EndSection' >> $out + + echo "$config" >> $out + ''; +} diff --git a/jeschli/5pkgs/default.nix b/jeschli/5pkgs/default.nix new file mode 100644 index 000000000..3fa5b5e85 --- /dev/null +++ b/jeschli/5pkgs/default.nix @@ -0,0 +1,11 @@ +with import ; + +self: super: + +# Import files and subdirectories like they are overlays. +foldl' mergeAttrs {} + (map + (name: import (./. + "/${name}") self super) + (filter + (name: name != "default.nix" && !hasPrefix "." name) + (attrNames (readDir ./.)))) diff --git a/jeschli/5pkgs/simple/default.nix b/jeschli/5pkgs/simple/default.nix new file mode 100644 index 000000000..1b9d8c235 --- /dev/null +++ b/jeschli/5pkgs/simple/default.nix @@ -0,0 +1,24 @@ +with import ; + +self: super: + +let + # This callPackage will try to detect obsolete overrides. + callPackage = path: args: let + override = self.callPackage path args; + upstream = optionalAttrs (override ? "name") + (super.${(parseDrvName override.name).name} or {}); + in if upstream ? "name" && + override ? "name" && + compareVersions upstream.name override.name != -1 + then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override + else override; +in + + listToAttrs + (map + (name: nameValuePair (removeSuffix ".nix" name) + (callPackage (./. + "/${name}") {})) + (filter + (name: name != "default.nix" && !hasPrefix "." name) + (attrNames (readDir ./.)))) diff --git a/jeschli/5pkgs/simple/xmonad-jeschli/default.nix b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix new file mode 100644 index 000000000..5bb391f98 --- /dev/null +++ b/jeschli/5pkgs/simple/xmonad-jeschli/default.nix @@ -0,0 +1,294 @@ +{ pkgs, ... }: +pkgs.writeHaskell "xmonad-jeschli" { + executables.xmonad = { + extra-depends = [ + "containers" + "extra" + "unix" + "X11" + "xmonad" + "xmonad-contrib" + "xmonad-stockholm" + ]; + text = /* haskell */ '' +{-# LANGUAGE DeriveDataTypeable #-} -- for XS +{-# LANGUAGE FlexibleContexts #-} -- for xmonad' +{-# LANGUAGE LambdaCase #-} +{-# LANGUAGE ScopedTypeVariables #-} + + +module Main where + +import Control.Exception +import Control.Monad.Extra (whenJustM) +import Graphics.X11.ExtraTypes.XF86 +import Text.Read (readEither) +import XMonad +import System.IO (hPutStrLn, stderr) +import System.Environment (getArgs, withArgs, getEnv, getEnvironment, lookupEnv) +import System.Posix.Process (executeFile) +import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace + , removeEmptyWorkspace) +import XMonad.Actions.GridSelect +import XMonad.Actions.CycleWS (toggleWS) +--import XMonad.Actions.CopyWindow ( copy ) +import XMonad.Layout.NoBorders ( smartBorders ) +import qualified XMonad.StackSet as W +import Data.Map (Map) +import qualified Data.Map as Map +-- TODO import XMonad.Layout.WorkspaceDir +import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook) +-- import XMonad.Layout.Tabbed +--import XMonad.Layout.MouseResizableTile +import XMonad.Layout.Reflect (reflectVert) +import XMonad.Layout.FixedColumn (FixedColumn(..)) +import XMonad.Hooks.Place (placeHook, smart) +import XMonad.Hooks.FloatNext (floatNextHook) +import XMonad.Actions.PerWorkspaceKeys (chooseAction) +import XMonad.Layout.PerWorkspace (onWorkspace) +--import XMonad.Layout.BinarySpacePartition + +--import XMonad.Actions.Submap +import XMonad.Stockholm.Pager +import XMonad.Stockholm.Rhombus +import XMonad.Stockholm.Shutdown + + +amixerPath :: FilePath +amixerPath = "${pkgs.alsaUtils}/bin/amixer" + +urxvtcPath :: FilePath +urxvtcPath = "${pkgs.rxvt_unicode}/bin/urxvtc" + +myFont :: String +myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*" + +main :: IO () +main = getArgs >>= \case + ["--shutdown"] -> sendShutdownEvent + _ -> mainNoArgs + +mainNoArgs :: IO () +mainNoArgs = do + workspaces0 <- getWorkspaces0 + xmonad + -- $ withUrgencyHookC dzenUrgencyHook { args = ["-bg", "magenta", "-fg", "magenta", "-h", "2"], duration = 500000 } + -- urgencyConfig { remindWhen = Every 1 } + -- $ withUrgencyHook borderUrgencyHook "magenta" + -- $ withUrgencyHookC BorderUrgencyHook { urgencyBorderColor = "magenta" } urgencyConfig { suppressWhen = Never } + $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") + $ def + { terminal = urxvtcPath + , modMask = mod4Mask + , keys = myKeys + , workspaces = workspaces0 + , layoutHook = smartBorders $ FixedColumn 1 20 80 10 ||| Full + -- , handleEventHook = myHandleEventHooks <+> handleTimerEvent + --, handleEventHook = handleTimerEvent + , manageHook = placeHook (smart (1,0)) <+> floatNextHook + , startupHook = + whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK")) + (\path -> forkFile path [] Nothing) + , normalBorderColor = "#1c1c1c" + , focusedBorderColor = "#f000b0" + , handleEventHook = handleShutdownEvent + } + + +getWorkspaces0 :: IO [String] +getWorkspaces0 = + try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case + Left e -> warn (displaySomeException e) + Right p -> try (readFile p) >>= \case + Left e -> warn (displaySomeException e) + Right x -> case readEither x of + Left e -> warn e + Right y -> return y + where + warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return [] + +displaySomeException :: SomeException -> String +displaySomeException = displayException + + +forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X () +forkFile path args env = + xfork (executeFile path False args env) >> return () + +spawnRootTerm :: X () +spawnRootTerm = + forkFile + urxvtcPath + ["-name", "root-urxvt", "-e", "/run/wrappers/bin/su", "-"] + Nothing + +spawnTermAt :: String -> X () +spawnTermAt ws = do + env <- liftIO getEnvironment + let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env + forkFile urxvtcPath [] (Just env') + +myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ()) +myKeys conf = Map.fromList $ + [ ((_4 , xK_Escape ), forkFile "/run/wrappers/bin/slock" [] Nothing) + , ((_4S , xK_c ), kill) + + , ((_4 , xK_p ), forkFile "${pkgs.pass}/bin/passmenu" ["--type"] Nothing) + + , ((_4 , xK_x ), chooseAction spawnTermAt) + , ((_4C , xK_x ), spawnRootTerm) + + --, ((_4 , xK_F1 ), withFocused jojo) + --, ((_4 , xK_F1 ), printAllGeometries) + + , ((0 , xK_Print ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.view) ) + , ((_S , xK_Print ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.shift) ) + , ((_C , xK_Print ), toggleWS) + , ((_4 , xK_Print ), rhombus horseConfig (liftIO . hPutStrLn stderr) ["Correct", "Horse", "Battery", "Staple", "Stuhl", "Tisch"] ) + + -- %! Rotate through the available layout algorithms + , ((_4 , xK_space ), sendMessage NextLayout) + , ((_4S , xK_space ), setLayout $ XMonad.layoutHook conf) -- reset layout + + ---- BinarySpacePartition + --, ((_4 , xK_l), sendMessage $ ExpandTowards R) + --, ((_4 , xK_h), sendMessage $ ExpandTowards L) + --, ((_4 , xK_j), sendMessage $ ExpandTowards D) + --, ((_4 , xK_k), sendMessage $ ExpandTowards U) + --, ((_4S , xK_l), sendMessage $ ShrinkFrom R) + --, ((_4S , xK_h), sendMessage $ ShrinkFrom L) + --, ((_4S , xK_j), sendMessage $ ShrinkFrom D) + --, ((_4S , xK_k), sendMessage $ ShrinkFrom U) + --, ((_4 , xK_n), sendMessage Rotate) + --, ((_4S , xK_n), sendMessage Swap) + + ---- mouseResizableTile + --, ((_4 , xK_u), sendMessage ShrinkSlave) + --, ((_4 , xK_i), sendMessage ExpandSlave) + + -- move focus up or down the window stack + --, ((_4 , xK_m ), windows W.focusMaster) + , ((_4 , xK_j ), windows W.focusDown) + , ((_4 , xK_k ), windows W.focusUp) + + -- modifying the window order + , ((_4S , xK_m ), windows W.swapMaster) + , ((_4S , xK_j ), windows W.swapDown) + , ((_4S , xK_k ), windows W.swapUp) + + -- resizing the master/slave ratio + , ((_4 , xK_h ), sendMessage Shrink) -- %! Shrink the master area + , ((_4 , xK_l ), sendMessage Expand) -- %! Expand the master area + + -- floating layer support + , ((_4 , xK_t ), withFocused $ windows . W.sink) -- make tiling + + -- increase or decrease number of windows in the master area + , ((_4 , xK_comma ), sendMessage $ IncMasterN 1) + , ((_4 , xK_period ), sendMessage $ IncMasterN (-1)) + + , ((_4 , xK_a ), addWorkspacePrompt def) + , ((_4 , xK_r ), renameWorkspace def) + , ((_4 , xK_Delete ), removeEmptyWorkspace) + + , ((_4 , xK_Return ), toggleWS) + --, (0 , xK_Print ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.view) + --, (_4 , xK_v ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.view) + --, (_4S , xK_v ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.shift) + --, (_4 , xK_b ) & \k -> (k, goToSelected wGSConfig { gs_navigate = makeGSNav k }) + , ((noModMask, xF86XK_AudioLowerVolume), amixer ["sset", "Master", "5%-"]) + , ((noModMask, xF86XK_AudioRaiseVolume), amixer ["sset", "Master", "5%+"]) + , ((noModMask, xF86XK_AudioMute), amixer ["sset", "Master", "toggle"]) + ] + where + _4 = mod4Mask + _C = controlMask + _S = shiftMask + _M = mod1Mask + _4C = _4 .|. _C + _4S = _4 .|. _S + _4M = _4 .|. _M + _4CM = _4 .|. _C .|. _M + _4SM = _4 .|. _S .|. _M + + amixer args = forkFile amixerPath args Nothing + + +pagerConfig :: PagerConfig +pagerConfig = def + { pc_font = myFont + , pc_cellwidth = 64 + --, pc_cellheight = 36 -- TODO automatically keep screen aspect + --, pc_borderwidth = 1 + --, pc_matchcolor = "#f0b000" + , pc_matchmethod = MatchPrefix + --, pc_colors = pagerWorkspaceColors + , pc_windowColors = windowColors + } + where + windowColors _ _ _ True _ = ("#ef4242","#ff2323") + windowColors wsf m c u wf = do + let y = defaultWindowColors wsf m c u wf + if m == False && wf == True + then ("#402020", snd y) + else y + +horseConfig :: RhombusConfig +horseConfig = def + { rc_font = myFont + , rc_cellwidth = 64 + --, rc_cellheight = 36 -- TODO automatically keep screen aspect + --, rc_borderwidth = 1 + --, rc_matchcolor = "#f0b000" + , rc_matchmethod = MatchPrefix + --, rc_colors = pagerWorkspaceColors + --, rc_paint = myPaint + } + +wGSConfig :: GSConfig Window +wGSConfig = def + { gs_cellheight = 20 + , gs_cellwidth = 192 + , gs_cellpadding = 5 + , gs_font = myFont + , gs_navigate = navNSearch + } + +-- wsGSConfig = def +-- { gs_cellheight = 20 +-- , gs_cellwidth = 64 +-- , gs_cellpadding = 5 +-- , gs_font = myFont +-- , gs_navigate = navNSearch +-- } + +-- custom navNSearch +--makeGSNav :: (KeyMask, KeySym) -> TwoD a (Maybe a) +--makeGSNav esc = nav +-- where +-- nav = makeXEventhandler $ shadowWithKeymap keyMap navNSearchDefaultHandler +-- keyMap = Map.fromList +-- [ (esc , cancel) +-- , ((0,xK_Escape) , cancel) +-- , ((0,xK_Return) , select) +-- , ((0,xK_Left) , move (-1, 0) >> nav) +-- , ((0,xK_Right) , move ( 1, 0) >> nav) +-- , ((0,xK_Down) , move ( 0, 1) >> nav) +-- , ((0,xK_Up) , move ( 0,-1) >> nav) +-- , ((0,xK_BackSpace) , transformSearchString (\s -> if (s == "") then "" else init s) >> nav) +-- ] +-- -- The navigation handler ignores unknown key symbols, therefore we const +-- navNSearchDefaultHandler (_,s,_) = do +-- transformSearchString (++ s) +-- nav + + +(&) :: a -> (a -> c) -> c +(&) = flip ($) + +allWorkspaceNames :: W.StackSet i l a sid sd -> X [i] +allWorkspaceNames ws = + return $ map W.tag (W.hidden ws) ++ [W.tag $ W.workspace $ W.current ws] + ''; + }; +} diff --git a/jeschli/default.nix b/jeschli/default.nix index 7886fef49..b57932719 100644 --- a/jeschli/default.nix +++ b/jeschli/default.nix @@ -1,9 +1,9 @@ -_: +{ pkgs, ... }: { imports = [ ../krebs ./2configs -# ./3modules -# ./5pkgs ]; + + nixpkgs.config.packageOverrides = import ./5pkgs pkgs; } diff --git a/jeschli/source.nix b/jeschli/source.nix index fe1de8fd1..29cf9d818 100644 --- a/jeschli/source.nix +++ b/jeschli/source.nix @@ -13,10 +13,7 @@ in evalSource (toString _file) [ { nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix"; - nixpkgs.git = { - url = https://github.com/nixos/nixpkgs; - ref = "0653b73"; - }; + nixpkgs = (import host).nixpkgs; secrets.file = getAttr builder { buildbot = toString ; jeschli = "${getEnv "HOME"}/secrets/${name}"; diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix index 98fb88702..662e094d1 100644 --- a/krebs/1systems/hotdog/config.nix +++ b/krebs/1systems/hotdog/config.nix @@ -21,4 +21,5 @@ boot.isContainer = true; networking.useDHCP = false; krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm"; + environment.variables.NIX_REMOTE = "daemon"; } diff --git a/krebs/1systems/onebutton/config.nix b/krebs/1systems/onebutton/config.nix new file mode 100644 index 000000000..c634d73ce --- /dev/null +++ b/krebs/1systems/onebutton/config.nix @@ -0,0 +1,44 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ + + + { # minimal disk usage + environment.noXlibs = true; + nix.gc.automatic = true; + nix.gc.dates = "03:10"; + programs.info.enable = false; + programs.man.enable = false; + services.journald.extraConfig = "SystemMaxUse=50M"; + services.nixosManual.enable = false; + } + ]; + krebs.build.host = config.krebs.hosts.onebutton; + # NixOS wants to enable GRUB by default + boot.loader.grub.enable = false; + # Enables the generation of /boot/extlinux/extlinux.conf + boot.loader.generic-extlinux-compatible.enable = true; + + # !!! If your board is a Raspberry Pi 1, select this: + boot.kernelPackages = pkgs.linuxPackages_rpi; + + nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ]; + nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ]; + + # !!! Needed for the virtual console to work on the RPi 3, as the default of 16M doesn't seem to be enough. + # boot.kernelParams = ["cma=32M"]; + + fileSystems = { + "/boot" = { + device = "/dev/disk/by-label/NIXOS_BOOT"; + fsType = "vfat"; + }; + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; + + swapDevices = [ { device = "/swapfile"; size = 1024; } ]; + services.openssh.enable = true; +} diff --git a/krebs/1systems/onebutton/source.nix b/krebs/1systems/onebutton/source.nix new file mode 100644 index 000000000..8f25881c9 --- /dev/null +++ b/krebs/1systems/onebutton/source.nix @@ -0,0 +1,16 @@ +with import ; +let + pkgs = import {}; + nixpkgs = pkgs.fetchFromGitHub { + owner = "nixos"; + repo = "nixpkgs-channels"; + rev = "6c064e6b"; # only binary cache for unstable arm6 + sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd"; + }; +in import { + name = "onebutton"; + override.nixpkgs = mkForce { + file = toString nixpkgs; + }; + +} diff --git a/krebs/2configs/buildbot-all.nix b/krebs/2configs/buildbot-all.nix index 5ea78f227..d85cde175 100644 --- a/krebs/2configs/buildbot-all.nix +++ b/krebs/2configs/buildbot-all.nix @@ -5,6 +5,5 @@ with import ; krebs.ci.enable = true; krebs.ci.treeStableTimer = 1; krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts); - krebs.ci.tests = [ "deploy" ]; } diff --git a/krebs/2configs/news-spam.nix b/krebs/2configs/news-spam.nix index 63848c234..69c503bf9 100644 --- a/krebs/2configs/news-spam.nix +++ b/krebs/2configs/news-spam.nix @@ -2,6 +2,7 @@ { krebs.newsbot-js.news-spam = { + urlShortenerHost = "go.lassul.us"; feeds = pkgs.writeText "feeds" '' [SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews [SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews @@ -120,7 +121,7 @@ [SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews [SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews [SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews - [SPAM]shackspace|http://blog.shackspace.de/?feed=rss2|#snews + [SPAM]shackspace|http://shackspace.de/atom.xml|#snews [SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews [SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews [SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews diff --git a/krebs/2configs/news.nix b/krebs/2configs/news.nix index 2628c7986..49a5e3459 100644 --- a/krebs/2configs/news.nix +++ b/krebs/2configs/news.nix @@ -11,7 +11,7 @@ painload|https://github.com/krebscode/painload/commits/master.atom|#news reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news reddit_nix|http://www.reddit.com/r/nixos/.rss|#news - shackspace|http://blog.shackspace.de/?feed=rss2|#news + shackspace|http://shackspace.de/atom.xml|#news tinc|http://tinc-vpn.org/news/index.rss|#news vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news weechat|http://dev.weechat.org/feed/atom|#news diff --git a/krebs/2configs/shack/worlddomination.nix b/krebs/2configs/shack/worlddomination.nix index 828b6cd70..838c1958e 100644 --- a/krebs/2configs/shack/worlddomination.nix +++ b/krebs/2configs/shack/worlddomination.nix @@ -2,8 +2,56 @@ with import ; let + pkg = pkgs.stdenv.mkDerivation { + name = "worlddomination-2018-04-21"; + src = pkgs.fetchgit { + url = "https://github.com/shackspace/worlddomination/"; + rev = "1b32403b9"; + sha256 = "10x7aiil13k3x9wqy95mi1ys999d6fxg5sys3jwv7a1p930gkl1i"; + }; + buildInputs = [ + (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ + docopt + LinkHeader + aiocoap + grequests + paramiko + python + ])) + ]; + installPhase = '' + install -m755 -D backend/push_led.py $out/bin/push-led + install -m755 -D backend/loop_single.py $out/bin/loop-single + # copy the provided file to the package + install -m755 -D backend/wd.lst $out/${wdpath} + ''; + }; pythonPackages = pkgs.python3Packages; # https://github.com/chrysn/aiocoap + grequests = pythonPackages.buildPythonPackage rec { + pname = "grequests"; + version = "0.3.1"; + name = "${pname}-${version}"; + + src = pkgs.fetchFromGitHub { + owner = "kennethreitz"; + repo = "grequests"; + rev = "d1e70eb"; + sha256 = "0drfx4fx65k0g5sj0pw8z3q1s0sp7idn2yz8xfb45nd6v82i37hc"; + }; + + doCheck = false; + + propagatedBuildInputs = with pythonPackages; [ requests gevent ]; + + meta = with lib;{ + description = "Asynchronous HTTP requests"; + homepage = https://github.com/kennethreitz/grequests; + license = with licenses; [ bsd2 ]; + maintainers = with maintainers; [ matejc ]; + }; + }; + aiocoap = pythonPackages.buildPythonPackage { name = "aiocoap-0.3"; src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; }; @@ -25,30 +73,6 @@ let description = "Parse and format link headers according to RFC 5988 \"Web Linking\""; }; }; - pkg = pkgs.stdenv.mkDerivation { - name = "worlddomination-2017-06-10"; - src = pkgs.fetchgit { - url = "https://github.com/shackspace/worlddomination/"; - rev = "72fc9b5"; - sha256 = "05h500rswzypcxy4i22qc1vkc8izbzfqa9m86xg289hjxh133xyf"; - }; - buildInputs = [ - (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ - docopt - LinkHeader - aiocoap - requests - paramiko - python - ])) - ]; - installPhase = '' - install -m755 -D backend/push_led.py $out/bin/push-led - install -m755 -D backend/loop_single.py $out/bin/loop-single - # copy the provided file to the package - install -m755 -D backend/wd.lst $out/${wdpath} - ''; - }; wdpath = "/usr/worlddomination/wd.lst"; esphost = "10.42.24.7"; # esp8266 timeout = 10; # minutes diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 1e626f0a0..a916c1873 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -91,6 +91,37 @@ in { ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp"; }; + onebutton = { + cores = 1; + owner = config.krebs.users.krebs; + nets = { + retiolum = { + ip4.addr = "10.243.0.101"; + ip6.addr = "42:0:0:0:0:0:0:101"; + aliases = [ + "onebutton.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA11w6votRExwE0ZEiQmPa + 9WGNsMfNAZEd14iHaHCZH7UPQEH+cH/T6isGPpaysindroMnqFe9mUf/cdYChb6N + aaFreApwGBQaJPUcdy4cfphrFpzmOClpOFuFbnV7ZvAk/wefBad3kUzsq/lK4HvB + 7nPKeOB9kljphLrkzuLL/h2yOenMpO2ZdvwxyWN8HKmUNgvpBQjIr+Hka6cgy7Gp + pBVFHfSnad/eHeEvq91O/bHxrAxzH5N5DVagPDpkbiWYGl+0XVGP/h0CApr15Ael + +j2pJYc0ZlaXIp4KmNRqbd/fLe52JLrWbnFX4rRuY/DhoMqK8kjECEZ7gLiNSpCC + KlnlJ2LXX9c+d79ubzl5yLAJ3d6T4IJqkbAWJDuCrj821M9ZDk/qZwerayhrrvkF + tMYkQoGSe8MvSOU0rTEoH5iSRwDC7M0XzUe4l8/yZLFyD4Prz/dq6coqANfk/tlE + DnH3vDu9lmFvYrLcd6yDWzFfI3mWDJoUa6AKKoScCOaCkRfIM4Aew0i73+h1nJLO + 59AAbZIkDYyWs53QniIG4EQteI9y/9j/628nPAVj68V5oIN76RDXfFHWDWq4DxmU + PpGVmoIKcKZmnl7RrDomRVpuGMdyQ+kCzIGH3XYe12v8Y5beHZBrd3OajgHZ/Tfp + jP873cT6h0hsGm9glgOYho8CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe "; + }; puyak = { ci = true; owner = config.krebs.users.krebs; diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index e269d1fa1..48df04bcb 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -9,6 +9,7 @@ with import ; hosts = mapAttrs (_: recursiveUpdate { owner = config.krebs.users.lass; ci = true; + monitoring = true; }) { dishfire = { cores = 4; @@ -43,39 +44,6 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy"; }; - echelon = { - cores = 2; - nets = rec { - internet = { - ip4.addr = "64.137.242.41"; - aliases = [ - "echelon.i" - ]; - ssh.port = 45621; - }; - retiolum = { - via = internet; - ip4.addr = "10.243.206.103"; - ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f763"; - aliases = [ - "echelon.r" - "cgit.echelon.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAuscWOYdHu0bpWacvwTNd6bcmrAQ0YFxJWHZF8kPZr+bMKIhnXLkJ - oJheENIM6CA9lQQQFUxh2P2pxZavW5rgVlJxIKeiB+MB4v6ZO60LmZgpCsWGD/dX - MipM2tLtQxYhvLJIJxEBWn3rxIgeEnCtZsH1KLWyLczb+QpvTjMJ4TNh1nEBPE/f - 4LUH1JHaGhcaHl2dLemR9wnnDIjmSj0ENJp2al+hWnIggcA/Zp0e4b86Oqbbs5wA - n++n5j971cTrBdA89nJDYOEtepisglScVRbgLqJG81lDA+n24RWFynn+U3oD/L8p - do+kxlwZUEDRbPU4AO5L+UeIbimsuIfXiQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = ; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK"; - }; prism = rec { cores = 4; extraZones = { @@ -86,14 +54,17 @@ with import ; "lassul.us" = '' $TTL 3600 @ IN SOA dns16.ovh.net. tech.ovh.net. (2017093001 86400 3600 3600000 300) - 60 IN NS ns16.ovh.net. - 60 IN NS dns16.ovh.net. - 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - 60 IN TXT v=spf1 mx -all - cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - io 60 IN NS ions.lassul.us. - ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} - paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + 60 IN NS ns16.ovh.net. + 60 IN NS dns16.ovh.net. + 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + 60 IN TXT v=spf1 mx a:lassul.us -all + 60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" ) + default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" + cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + io 60 IN NS ions.lassul.us. + ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} ''; }; nets = rec { @@ -149,6 +120,7 @@ with import ; }; domsen-nas = { ci = false; + monitoring = false; external = true; nets = rec { internet = { @@ -161,6 +133,7 @@ with import ; }; }; uriel = { + monitoring = false; cores = 1; nets = { gg23 = { @@ -399,10 +372,12 @@ with import ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX"; }; iso = { + monitoring = false; ci = false; cores = 1; }; sokrateslaptop = { + monitoring = false; ci = false; external = true; nets = { @@ -426,6 +401,7 @@ with import ; }; }; turingmachine = { + monitoring = false; ci = false; external = true; nets = { @@ -454,6 +430,7 @@ with import ; }; }; eddie = { + monitoring = false; ci = false; external = true; nets = rec { @@ -494,6 +471,7 @@ with import ; }; }; borg = { + monitoring = false; ci = false; external = true; nets = { @@ -521,6 +499,7 @@ with import ; }; }; inspector = { + monitoring = false; ci = false; external = true; nets = rec { @@ -552,6 +531,7 @@ with import ; }; }; dpdkm = { + monitoring = false; ci = false; external = true; nets = rec { @@ -618,6 +598,78 @@ with import ; ssh.privkey.path = ; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n"; }; + cabal = { + cores = 2; + nets = rec { + retiolum = { + ip4.addr = "10.243.1.4"; + ip6.addr = "42::1:4"; + aliases = [ + "cabal.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIECgKCBAEAukXm8xPpC6/F+wssYqQbqt1QDwsPrF3TJ9ToLFcN1WgDlhDhjM3A + SuRDMNjRT1fvVTuXyplH5g16eokW/yLOpNnznMS3/VR372pLPEOqfuRf7wAy18jj + rZkW3EO7nyZ8KMb+SXA8Q0KIpHY50Ezh+tqGoTZDICwoK6N5dKLgAZShS55JXwwK + qRG3vyzV3mDjgVyT0FNfyL1/BN1qvJ+tQQ40lEbkcQauMunMzNbH058kAd6H2/0e + LK4JkxI9XpZHE6Pf1epXyClHW7vT7APFRp9gL9tZS/XMC18+aEMFfQrNW9jb3FIq + rU5MfJ7aubboe7dT6CRaRSWpduiKLVzY/JCoGvUziyvmR7qHsQWTEjtNuQX9joc3 + 6iq1o+gmLV0G8Xwq8cEcg5USlLxNsGBQPwYnTG6iTPPHqOv7BKucekE/opnVZseE + fSNCGl1+tGwa3soSMI97LkpQTZxdeqf+jWZve0RbSa2Ihyod91ldFCqi1+PZx68v + yBI0PJamlt+dBx6WQKbPngWYeD8hXo7tg0XVRVa3ZQyX+Mq6uCCb2GM8ewMUPl+A + kcY1osFt6+sdkFGdiv3FMyijAiZumPoPprXC/4SGIsMnkoI4JfSAbTpHi2QuesqR + KMeairdB7XGUYlMvWpDLKN2dbMdRc+l3kDUKT7hALjKeyWS/27WYeK/STxvZXEXi + TZGHopvOFv6wcrb6nI49vIJo5mDLFamAPN3ZjeR20wP95UP7cUUSaTYX49M4lX6U + oL5BaFrcLn2PTvS84pUxcXKAp70FgTpvGJbaWwETgDjW+H+qlGmI/BTejpL7flVs + TOtaP/uCMxhVZSFv9bzo0ih10o+4gtU8lqxfJsVxlf2K7LVZ++LQba/u+XxRY+xw + 3IFBfg34tnO6zYlV8XgAiJ6IUOHUZANsuBD4iMoFSVOig6t5eIOkgXR6GEkP8FBD + rkroRMmxcu4lTCOzWIuAVOxCd4XXguoGQ4HAzpGd5ccdcb8Ev4RYEvNJY7B5tIQZ + 4J0F9ECzJuSu1HvWTL+T6a36d2MDTkXU2IJ2tSHciXqiP+QMMF7p9Ux0tiAq4mtf + luA94uKWg3cSyTyEM/jF66CgO6Ts3AivNE0MRNupV6AbUdr+TjzotGn9rxi168py + w/49OVbpR9EIGC2wxx7qcSEk5chFOcgvNQMRqgIx51bbOL7JYb0f4XuA38GUqLkG + 09PXmPeyqGzR9HsV2XZDprZdD3Dy4ojdexw0+YILg9bHaAxLHYs6WFZvzfaLLsf1 + K2I39vvrEEOy8tHi4jvMk7oVX6RWG+DOZMeXTvyUCaBHyYkA0eDlC6NeKOHxnW/g + ZtN1W93UdklEqc5okM0/ZIke1HDRt3ZLdQIDAQAB + -----END RSA PUBLIC KEY----- + ''; + }; + }; + secure = true; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsTeSAedrbp7/KmZX8Mvka702fIUy77Mvqo9HwzCbym"; + }; + red = { + monitoring = false; + cores = 1; + nets = { + retiolum = { + ip4.addr = "10.243.0.13"; + ip6.addr = "42:0:0:0:0:0:0:12ed"; + aliases = [ + "red.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArAN/62V2MV18wsZ9VMTG + 4/cqsjvHlffAN8jYDq+GImgREvbiLlFhhHgxwKh0gcDTR8P1xX/00P3/fx/g5bRF + Te7LZT2AFmVFFFfx1n9NBweN/gG2/hzB9J8epbWLNT+RzpzHuAoREvDZ+jweSXaI + phdmQY2s36yrR3TAShqq0q4cwlXuHT00J+InDutM0mTftBQG/fvYkBhHOfq4WSY0 + FeMK7DTKNbsqQiKKQ/kvWi7KfTW0F0c7SDpi7BLwbQzP2WbogtGy9MIrw9ZhE6Ox + TVdAksPKw0TlYdb16X/MkbzBqTYbxFlmWzpMJABMxIVwAfQx3ZGYvJDdDXmQS2qa + mDN2xBb/5pj3fbfp4wbwWlRVSd/AJQtRvaNY24F+UsRJb0WinIguDI6oRZx7Xt8w + oYirKqqq1leb3EYUt8TMIXQsOw0/Iq+JJCwB+ZyLLGVNB19XOxdR3RN1JYeZANpE + cMSS3SdFGgZ//ZAdhIN5kw9yMeKo6Rnt+Vdz3vZWTuSVp/xYO3IMGXNGAdIWIwrJ + 7fwSl/rfXGG816h0sD46U0mxd+i68YOtHlzOKe+vMZ4/FJZYd/E5/IDQluV8HLwa + 5lODfZXUmfStdV+GDA9KVEGUP5xSkC3rMnir66NgHzKpIL002/g/HfGu7O3MrvpW + ng7AMvRv5vbsYcJBj2HUhKUCAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + ssh.privkey.path = ; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp"; + }; }; users = { lass = { diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index e137da7ca..d7a750c6e 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -539,6 +539,7 @@ with import ; dl.euer IN A ${nets.internet.ip4.addr} boot.euer IN A ${nets.internet.ip4.addr} wiki.euer IN A ${nets.internet.ip4.addr} + mon.euer IN A ${nets.internet.ip4.addr} graph IN A ${nets.internet.ip4.addr} ghook IN A ${nets.internet.ip4.addr} dockerhub IN A ${nets.internet.ip4.addr} diff --git a/krebs/3modules/newsbot-js.nix b/krebs/3modules/newsbot-js.nix index d372081ee..00e346f8e 100644 --- a/krebs/3modules/newsbot-js.nix +++ b/krebs/3modules/newsbot-js.nix @@ -93,6 +93,7 @@ let User = "newsbot-js"; Restart = "always"; ExecStart = "${newsbot.package}/bin/newsbot"; + WatchdogSec = "86400"; }; } ) cfg; diff --git a/krebs/3modules/os-release.nix b/krebs/3modules/os-release.nix index 8f71a357f..5fbfe6614 100644 --- a/krebs/3modules/os-release.nix +++ b/krebs/3modules/os-release.nix @@ -1,8 +1,11 @@ { config, ... }: with import ; let - nixos-version-id = "${config.system.nixosVersion}"; - nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})"; + nixos-version-id = if (hasAttr "nixos" config.system) then + "${config.system.nixos.version}" else "${config.system.nixosVersion}"; + nixos-codeName = if (hasAttr "nixos" config.system) then + "${config.system.nixos.codeName}" else "${config.system.nixosCodeName}"; + nixos-version = "${nixos-version-id} (${nixos-codeName})"; nixos-pretty-name = "NixOS ${nixos-version}"; stockholm-version-id = let diff --git a/krebs/5pkgs/haskell/nix-diff/default.nix b/krebs/5pkgs/haskell/nix-diff/default.nix deleted file mode 100644 index df0315048..000000000 --- a/krebs/5pkgs/haskell/nix-diff/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl -, nix-derivation, optparse-generic, stdenv, system-filepath, text -, unix, vector -}: -mkDerivation { - pname = "nix-diff"; - version = "1.0.0-krebs1"; - src = fetchgit { - url = "https://github.com/Gabriel439/nix-diff"; - sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k"; - rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d"; - }; - patches = [ - ./nixos-system.patch - ]; - isLibrary = false; - isExecutable = true; - executableHaskellDepends = [ - attoparsec base containers Diff mtl nix-derivation optparse-generic - system-filepath text unix vector - ]; - homepage = "https://github.com/Gabriel439/nix-diff"; - description = "Explain why two Nix derivations differ"; - license = stdenv.lib.licenses.bsd3; -} diff --git a/krebs/5pkgs/haskell/nix-diff/nixos-system.patch b/krebs/5pkgs/haskell/nix-diff/nixos-system.patch deleted file mode 100644 index 03e186aa9..000000000 --- a/krebs/5pkgs/haskell/nix-diff/nixos-system.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff --git a/src/Main.hs b/src/Main.hs -index 959ab8e..d3b6077 100644 ---- a/src/Main.hs -+++ b/src/Main.hs -@@ -95,7 +95,12 @@ pathToText path = - underneath `/nix/store`, but this is the overwhelmingly common use case - -} - derivationName :: FilePath -> Text --derivationName = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText -+derivationName p = -+ if Data.Text.isPrefixOf "nixos-system" s -+ then "nixos-system" -+ else s -+ where -+ s = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText $ p - - -- | Group input derivations by their name - groupByName :: Map FilePath (Set Text) -> Map Text (Map FilePath (Set Text)) diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix index bcfcbf76b..f3b771190 100644 --- a/krebs/5pkgs/simple/Reaktor/plugins.nix +++ b/krebs/5pkgs/simple/Reaktor/plugins.nix @@ -120,11 +120,24 @@ rec { url-title = (buildSimpleReaktorPlugin "url-title" { pattern = "^.*(?Phttp[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$"; path = with pkgs; [ curl perl ]; - script = pkgs.writeDash "lambda-pl" '' - if [ "$#" -gt 0 ]; then - curl -SsL --max-time 5 "$1" | - perl -l -0777 -ne 'print $1 if /\s*(.*?)\s*<\/title/si' - fi + script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" '' + import sys + import urllib.request + from bs4 import BeautifulSoup + + try: + soup = BeautifulSoup(urllib.request.urlopen(sys.argv[1]), "lxml") + title = soup.find('title').string + + if title: + if len(title) > 512: + print('message to long, skipped') + elif len(title.split('\n')) > 5: + print('to many lines, skipped') + else: + print(title) + except: # noqa: E722 + pass ''; }); diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py index da8e2f726..51ac7a071 100644 --- a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py +++ b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py @@ -18,20 +18,27 @@ def is_regex(line): myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$') return myre.match(line) + line = argv[1] if is_regex(line): last = d.get(usr, None) if last: from subprocess import Popen, PIPE - p = Popen(['sed', line], stdin=PIPE, stdout=PIPE) + p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE) so, se = p.communicate(bytes("{}\n".format(last), "UTF-8")) if p.returncode: - print("something went wrong when trying to process your regex: {}".format(se.decode())) + print("something went wrong when trying to process your regex: {}".format(line.strip())) ret = so.decode() - print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) - if ret: - d[usr] = ret + if len(ret) > 512: + print('message to long, skipped') + elif len(ret.split('\n')) > 5: + print('to many lines, skipped') + else: + if last.strip() != ret.strip(): + print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip())) + if ret: + d[usr] = ret else: print("no last message") diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index 9eeccee64..3cb691f53 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -2,16 +2,15 @@ python2Packages.buildPythonApplication rec { name = "buildbot-classic-${version}"; - version = "0.8.14"; + version = "0.8.16"; namePrefix = ""; patches = []; src = fetchFromGitHub { owner = "krebscode"; repo = "buildbot-classic"; - # rev = "v${version}"; - rev = "843463911"; - sha256 = "1ybl52ybjw5p09yik6bck9i1pvnvg94i0d32zqrwy67s77yx1mfd"; + rev = version; + sha256 = "0g686n6m0cjfyympl0ksansllx503gby3hx9gmc8hiyx6x5fkjha"; }; postUnpack = "sourceRoot=\${sourceRoot}/master"; diff --git a/krebs/5pkgs/simple/ejabberd/default.nix b/krebs/5pkgs/simple/ejabberd/default.nix new file mode 100644 index 000000000..9e4ed3df5 --- /dev/null +++ b/krebs/5pkgs/simple/ejabberd/default.nix @@ -0,0 +1,123 @@ +{ stdenv, writeScriptBin, lib, fetchurl, git, cacert +, erlang, openssl, expat, libyaml, bash, gnused, gnugrep, coreutils, utillinux, procps, gd +, flock +, withMysql ? false +, withPgsql ? false +, withSqlite ? false, sqlite +, withPam ? false, pam +, withZlib ? true, zlib +, withRiak ? false +, withElixir ? false, elixir +, withIconv ? true +, withTools ? false +, withRedis ? false +}: + +let + fakegit = writeScriptBin "git" '' + #! ${stdenv.shell} -e + if [ "$1" = "describe" ]; then + [ -r .rev ] && cat .rev || true + fi + ''; + + ctlpath = lib.makeBinPath [ bash gnused gnugrep coreutils utillinux procps ]; + +in stdenv.mkDerivation rec { + version = "18.01"; + name = "ejabberd-${version}"; + + src = fetchurl { + url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz"; + sha256 = "01i2n8mlgw293jdf4172f9q8ca8m35vysjws791p7nynpfdb4cn6"; + }; + + nativeBuildInputs = [ fakegit ]; + + buildInputs = [ erlang openssl expat libyaml gd ] + ++ lib.optional withSqlite sqlite + ++ lib.optional withPam pam + ++ lib.optional withZlib zlib + ++ lib.optional withElixir elixir + ; + + # Apparently needed for Elixir + LANG = "en_US.UTF-8"; + + deps = stdenv.mkDerivation { + name = "ejabberd-deps-${version}"; + + inherit src; + + configureFlags = [ "--enable-all" "--with-sqlite3=${sqlite.dev}" ]; + + nativeBuildInputs = [ git erlang openssl expat libyaml sqlite pam zlib elixir ]; + + GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt"; + + makeFlags = [ "deps" ]; + + phases = [ "unpackPhase" "configurePhase" "buildPhase" "installPhase" ]; + + installPhase = '' + for i in deps/*; do + ( cd $i + git reset --hard + git clean -ffdx + git describe --always --tags > .rev + rm -rf .git + ) + done + rm deps/.got + + cp -r deps $out + ''; + + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + outputHash = "1v3h0c7kfifb6wsfxyv5j1wc7rlxbb7r0pgd4s340wiyxnllzzhk"; + }; + + configureFlags = + [ (lib.enableFeature withMysql "mysql") + (lib.enableFeature withPgsql "pgsql") + (lib.enableFeature withSqlite "sqlite") + (lib.enableFeature withPam "pam") + (lib.enableFeature withZlib "zlib") + (lib.enableFeature withRiak "riak") + (lib.enableFeature withElixir "elixir") + (lib.enableFeature withIconv "iconv") + (lib.enableFeature withTools "tools") + (lib.enableFeature withRedis "redis") + ] ++ lib.optional withSqlite "--with-sqlite3=${sqlite.dev}"; + + enableParallelBuilding = true; + + patches = [ + ./ejabberdctl.patch + ]; + + preBuild = '' + cp -r $deps deps + chmod -R +w deps + patchShebangs deps + ''; + + postInstall = '' + sed -i \ + -e '2iexport PATH=${ctlpath}:$PATH' \ + -e 's,\(^ *FLOCK=\).*,\1${flock}/bin/flock,' \ + -e 's,\(^ *JOT=\).*,\1,' \ + -e 's,\(^ *CONNLOCKDIR=\).*,\1/var/lock/ejabberdctl,' \ + $out/sbin/ejabberdctl + ''; + + meta = with stdenv.lib; { + description = "Open-source XMPP application server written in Erlang"; + license = licenses.gpl2; + homepage = http://www.ejabberd.im; + platforms = platforms.linux; + maintainers = with maintainers; [ sander abbradar ]; + broken = withElixir; + }; +} diff --git a/krebs/5pkgs/simple/ejabberd/ejabberdctl.patch b/krebs/5pkgs/simple/ejabberd/ejabberdctl.patch new file mode 100644 index 000000000..f7c842b7b --- /dev/null +++ b/krebs/5pkgs/simple/ejabberd/ejabberdctl.patch @@ -0,0 +1,32 @@ +--- a/ejabberdctl.template 1970-01-01 01:00:01.000000000 +0100 ++++ b/ejabberdctl.template 2018-04-24 23:06:54.127715441 +0200 +@@ -42,19 +42,18 @@ + esac + + # parse command line parameters +-for arg; do +- case $arg in +- -n|--node) ERLANG_NODE_ARG=$2; shift;; +- -s|--spool) SPOOL_DIR=$2; shift;; +- -l|--logs) LOGS_DIR=$2; shift;; +- -f|--config) EJABBERD_CONFIG_PATH=$2; shift;; +- -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift;; +- -d|--config-dir) ETC_DIR=$2; shift;; +- -t|--no-timeout) NO_TIMEOUT="--no-timeout";; +- --) :;; ++while test $# -gt 0; do ++ case $1 in ++ -n|--node) ERLANG_NODE_ARG=$2; shift 2;; ++ -s|--spool) SPOOL_DIR=$2; shift 2;; ++ -l|--logs) LOGS_DIR=$2; shift 2;; ++ -f|--config) EJABBERD_CONFIG_PATH=$2; shift 2;; ++ -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift 2;; ++ -d|--config-dir) ETC_DIR=$2; shift 2;; ++ -t|--no-timeout) NO_TIMEOUT="--no-timeout"; shift 1;; ++ # --) :;; what is this for? + *) break;; + esac +- shift + done + + # define ejabberd variables if not already defined from the command line diff --git a/krebs/5pkgs/simple/electron-cash/default.nix b/krebs/5pkgs/simple/electron-cash/default.nix deleted file mode 100644 index e51136c60..000000000 --- a/krebs/5pkgs/simple/electron-cash/default.nix +++ /dev/null @@ -1,64 +0,0 @@ -{ stdenv, fetchFromGitHub, python2Packages }: - -python2Packages.buildPythonApplication rec { - name = "electron-cash-${src.rev}"; - - src = fetchFromGitHub { - owner = "fyookball"; - repo = "electrum"; - rev = "a2245ea"; - sha256 = "1a0ym94azfd1yn97n2jcky344ajbj2amr9l6jpx30pqxndffpbgv"; - }; - - propagatedBuildInputs = with python2Packages; [ - dns - ecdsa - jsonrpclib - pbkdf2 - pyaes - pycrypto - pyqt4 - pysocks - qrcode - requests - tlslite - - # plugins - keepkey - trezor - ]; - - preBuild = '' - sed -i 's,usr_share = .*,usr_share = "'$out'/share",g' setup.py - pyrcc4 icons.qrc -o gui/qt/icons_rc.py - # Recording the creation timestamps introduces indeterminism to the build - sed -i '/Created: .*/d' gui/qt/icons_rc.py - ''; - - postInstall = '' - # Despite setting usr_share above, these files are installed under - # $out/nix ... - mv $out/lib/python2.7/site-packages/nix/store"/"*/share $out - rm -rf $out/lib/python2.7/site-packages/nix - - substituteInPlace $out/share/applications/electron.desktop \ - --replace "Exec=electrum %u" "Exec=$out/bin/electrum %u" - ''; - - doInstallCheck = true; - installCheckPhase = '' - $out/bin/electrum help >/dev/null - ''; - - meta = with stdenv.lib; { - description = "A lightweight Bitcoin wallet"; - longDescription = '' - An easy-to-use Bitcoin client featuring wallets generated from - mnemonic seeds (in addition to other, more advanced, wallet options) - and the ability to perform transactions without downloading a copy - of the blockchain. - ''; - homepage = https://electrum.org/; - license = licenses.mit; - }; -} diff --git a/krebs/5pkgs/simple/font-size.nix b/krebs/5pkgs/simple/font-size.nix new file mode 100644 index 000000000..21097ed6a --- /dev/null +++ b/krebs/5pkgs/simple/font-size.nix @@ -0,0 +1,26 @@ +{ writeDashBin }: +writeDashBin "font-size" '' + set -efu + + # set_font NORMAL_FONT BOLD_FONT + set_font() { + printf '\033]710;%s\007' "$1" + printf '\033]711;%s\007' "$2" + } + + case ''${1-} in + '''|0|--reset) + set_font \ + -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 \ + -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 \ + ;; + [1-9]|[1-9][0-9]|[1-9][0-9][0-9]) + set_font \ + xft:Monospace:size=$1 \ + xft:Monospace:size=$1:bold \ + ;; + *) + echo "$0: bad argument: $1" >&2 + exit 1 + esac +'' diff --git a/krebs/5pkgs/simple/generate-secrets/default.nix b/krebs/5pkgs/simple/generate-secrets/default.nix new file mode 100644 index 000000000..a800ff543 --- /dev/null +++ b/krebs/5pkgs/simple/generate-secrets/default.nix @@ -0,0 +1,46 @@ +{ pkgs }: +pkgs.writeDashBin "generate-secrets" '' + HOSTNAME="$1" + TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d) + PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1) + HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null + + ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null + ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null + ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null + cat < $TMPDIR/hashedPasswords.nix + { + root = "$HASHED_PASSWORD"; + } + EOF + + cd $TMPDIR + for x in *; do + ${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null + done + echo $PASSWORD | ${pkgs.brain}/bin/brain insert -m hosts/$HOSTNAME/root > /dev/null + + cat <; + ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)"; + }; + EOF + + rm -rf $TMPDIR +'' + diff --git a/krebs/5pkgs/simple/go-shortener/default.nix b/krebs/5pkgs/simple/go-shortener/default.nix index 996f7072a..4d1bef2be 100644 --- a/krebs/5pkgs/simple/go-shortener/default.nix +++ b/krebs/5pkgs/simple/go-shortener/default.nix @@ -1,25 +1,26 @@ -{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }: +{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-8_x, pkgs }: with lib; let - np = (callPackage ) { - generated = ./packages.nix; - self = np; + nodeEnv = import { + inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile; + nodejs = nodejs-8_x; + libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null; }; - node_env = buildEnv { - name = "node_env"; - paths = [ - np.redis - np."formidable" - ]; - pathsToLink = [ "/lib" ]; - ignoreCollisions = true; + node_env = pkgs.buildEnv { + name = "go-node_env"; + paths = attrValues (import ./node-packages.nix { + inherit (pkgs) fetchurl fetchgit; + inherit nodeEnv; + }); }; -in np.buildNodePackage { +in stdenv.mkDerivation { + packageName = "go"; name = "go-shortener"; + version = "0.0.0"; src = fetchgit { url = "http://cgit.lassul.us/go/"; @@ -32,10 +33,8 @@ in np.buildNodePackage { "installPhase" ]; - deps = (filter (v: nixType v == "derivation") (attrValues np)); - buildInputs = [ - nodejs + nodejs-8_x makeWrapper ]; @@ -44,14 +43,14 @@ in np.buildNodePackage { cp index.js $out/ cat > $out/go << EOF - ${nodejs}/bin/node $out/index.js + ${nodejs-8_x}/bin/node $out/index.js EOF chmod +x $out/go wrapProgram $out/go \ --prefix NODE_PATH : ${node_env}/lib/node_modules - ln -s $out/go /$out/bin/go + ln -s $out/go /$out/bin/go ''; } diff --git a/krebs/5pkgs/simple/go-shortener/node-packages.nix b/krebs/5pkgs/simple/go-shortener/node-packages.nix new file mode 100644 index 000000000..526cd5a11 --- /dev/null +++ b/krebs/5pkgs/simple/go-shortener/node-packages.nix @@ -0,0 +1,76 @@ +# This file has been generated by node2nix 1.5.3. Do not edit! + +{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: + +let + sources = { + "double-ended-queue-2.1.0-0" = { + name = "double-ended-queue"; + packageName = "double-ended-queue"; + version = "2.1.0-0"; + src = fetchurl { + url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz"; + sha1 = "103d3527fd31528f40188130c841efdd78264e5c"; + }; + }; + "redis-commands-1.3.5" = { + name = "redis-commands"; + packageName = "redis-commands"; + version = "1.3.5"; + src = fetchurl { + url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz"; + sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by"; + }; + }; + "redis-parser-2.6.0" = { + name = "redis-parser"; + packageName = "redis-parser"; + version = "2.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz"; + sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b"; + }; + }; + }; +in +{ + formidable = nodeEnv.buildNodePackage { + name = "formidable"; + packageName = "formidable"; + version = "1.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz"; + sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn"; + }; + buildInputs = globalBuildInputs; + meta = { + description = "A node.js module for parsing form data, especially file uploads."; + homepage = https://github.com/felixge/node-formidable; + license = "MIT"; + }; + production = true; + bypassCache = true; + }; + redis = nodeEnv.buildNodePackage { + name = "redis"; + packageName = "redis"; + version = "2.8.0"; + src = fetchurl { + url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz"; + sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk"; + }; + dependencies = [ + sources."double-ended-queue-2.1.0-0" + sources."redis-commands-1.3.5" + sources."redis-parser-2.6.0" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "Redis client library"; + homepage = https://github.com/NodeRedis/node_redis; + license = "MIT"; + }; + production = true; + bypassCache = true; + }; +} \ No newline at end of file diff --git a/krebs/5pkgs/simple/go-shortener/packages.nix b/krebs/5pkgs/simple/go-shortener/packages.nix deleted file mode 100644 index 9acfd7658..000000000 --- a/krebs/5pkgs/simple/go-shortener/packages.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ self, fetchurl, fetchgit ? null, lib }: - -{ - by-spec."formidable"."*" = - self.by-version."formidable"."1.0.17"; - by-version."formidable"."1.0.17" = self.buildNodePackage { - name = "formidable-1.0.17"; - version = "1.0.17"; - bin = false; - src = fetchurl { - url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz"; - name = "formidable-1.0.17.tgz"; - sha1 = "ef5491490f9433b705faa77249c99029ae348559"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "formidable" = self.by-version."formidable"."1.0.17"; - by-spec."redis"."*" = - self.by-version."redis"."2.1.0"; - by-version."redis"."2.1.0" = self.buildNodePackage { - name = "redis-2.1.0"; - version = "2.1.0"; - bin = false; - src = fetchurl { - url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz"; - name = "redis-2.1.0.tgz"; - sha1 = "38acb208f90750250f9451219b73ff08ae907f94"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "redis" = self.by-version."redis"."2.1.0"; -} diff --git a/krebs/5pkgs/simple/go-shortener/pkgs.json b/krebs/5pkgs/simple/go-shortener/pkgs.json new file mode 100644 index 000000000..f53ce3745 --- /dev/null +++ b/krebs/5pkgs/simple/go-shortener/pkgs.json @@ -0,0 +1,4 @@ +[ + "formidable", + "redis" +] diff --git a/krebs/5pkgs/simple/go-shortener/update.sh b/krebs/5pkgs/simple/go-shortener/update.sh new file mode 100755 index 000000000..0c1ecc58c --- /dev/null +++ b/krebs/5pkgs/simple/go-shortener/update.sh @@ -0,0 +1,2 @@ +node2nix -8 -i pkgs.json -c combine.nix +rm node-env.nix combine.nix diff --git a/krebs/5pkgs/simple/hashPassword/default.nix b/krebs/5pkgs/simple/hashPassword/default.nix index 3da65ad79..3c604be80 100644 --- a/krebs/5pkgs/simple/hashPassword/default.nix +++ b/krebs/5pkgs/simple/hashPassword/default.nix @@ -1,7 +1,7 @@ { lib, pkgs, ... }: pkgs.writeDashBin "hashPassword" '' - # usage: hashPassword + # usage: hashPassword [...] set -euf export PATH=${lib.makeBinPath (with pkgs; [ @@ -11,5 +11,5 @@ pkgs.writeDashBin "hashPassword" '' ])} salt=$(openssl rand -base64 16 | tr -d '+=' | head -c 16) - exec mkpasswd -m sha-512 -S "$salt" + exec mkpasswd -m sha-512 -S "$salt" "$@" '' diff --git a/krebs/5pkgs/simple/kops.nix b/krebs/5pkgs/simple/kops.nix new file mode 100644 index 000000000..8db4b8ddd --- /dev/null +++ b/krebs/5pkgs/simple/kops.nix @@ -0,0 +1,7 @@ +{ fetchgit, ... }: + +fetchgit { + url = https://cgit.krebsco.de/kops; + rev = "refs/tags/v1.1.0"; + sha256 = "0k3zhv2830z4bljcdvf6ciwjihk2zzcn9y23p49c6sba5hbsd6jb"; +} diff --git a/krebs/5pkgs/simple/newsbot-js/default.nix b/krebs/5pkgs/simple/newsbot-js/default.nix index fa39823d3..cc362b86a 100644 --- a/krebs/5pkgs/simple/newsbot-js/default.nix +++ b/krebs/5pkgs/simple/newsbot-js/default.nix @@ -1,27 +1,27 @@ -{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }: +{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-8_x, pkgs, icu }: with lib; let - np = (callPackage ) { - generated = ./packages.nix; - self = np; + nodeEnv = import { + inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile; + nodejs = nodejs-8_x; + libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null; }; - node_env = buildEnv { - name = "node_env"; - paths = [ - np.feedparser - np.form-data - np.irc - np.request - np.shell-quote - ]; - pathsToLink = [ "/lib" ]; - ignoreCollisions = true; + node_env = pkgs.buildEnv { + name = "go-node_env"; + paths = attrValues (import ./node-packages.nix { + inherit (pkgs) fetchurl fetchgit; + inherit nodeEnv; + globalBuildInputs = [ + icu.dev + ]; + }); }; -in np.buildNodePackage { + +in stdenv.mkDerivation { name = "newsbot-js"; src = fetchgit { @@ -32,14 +32,11 @@ in np.buildNodePackage { phases = [ "unpackPhase" - "patchPhase" "installPhase" ]; - deps = (filter (v: nixType v == "derivation") (attrValues np)); - buildInputs = [ - nodejs + nodejs-8_x makeWrapper ]; @@ -48,7 +45,7 @@ in np.buildNodePackage { cp newsbot.js $out/ cat > $out/newsbot << EOF - ${nodejs}/bin/node $out/newsbot.js + ${nodejs-8_x}/bin/node $out/newsbot.js EOF chmod +x $out/newsbot diff --git a/krebs/5pkgs/simple/newsbot-js/node-packages.nix b/krebs/5pkgs/simple/newsbot-js/node-packages.nix new file mode 100644 index 000000000..d6b2a06dd --- /dev/null +++ b/krebs/5pkgs/simple/newsbot-js/node-packages.nix @@ -0,0 +1,844 @@ +# This file has been generated by node2nix 1.5.3. Do not edit! + +{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}: + +let + sources = { + "addressparser-1.0.1" = { + name = "addressparser"; + packageName = "addressparser"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/addressparser/-/addressparser-1.0.1.tgz"; + sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746"; + }; + }; + "ajv-5.5.2" = { + name = "ajv"; + packageName = "ajv"; + version = "5.5.2"; + src = fetchurl { + url = "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz"; + sha1 = "73b5eeca3fab653e3d3f9422b341ad42205dc965"; + }; + }; + "array-filter-0.0.1" = { + name = "array-filter"; + packageName = "array-filter"; + version = "0.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/array-filter/-/array-filter-0.0.1.tgz"; + sha1 = "7da8cf2e26628ed732803581fd21f67cacd2eeec"; + }; + }; + "array-indexofobject-0.0.1" = { + name = "array-indexofobject"; + packageName = "array-indexofobject"; + version = "0.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/array-indexofobject/-/array-indexofobject-0.0.1.tgz"; + sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a"; + }; + }; + "array-map-0.0.0" = { + name = "array-map"; + packageName = "array-map"; + version = "0.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/array-map/-/array-map-0.0.0.tgz"; + sha1 = "88a2bab73d1cf7bcd5c1b118a003f66f665fa662"; + }; + }; + "array-reduce-0.0.0" = { + name = "array-reduce"; + packageName = "array-reduce"; + version = "0.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/array-reduce/-/array-reduce-0.0.0.tgz"; + sha1 = "173899d3ffd1c7d9383e4479525dbe278cab5f2b"; + }; + }; + "asn1-0.2.3" = { + name = "asn1"; + packageName = "asn1"; + version = "0.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz"; + sha1 = "dac8787713c9966849fc8180777ebe9c1ddf3b86"; + }; + }; + "assert-plus-1.0.0" = { + name = "assert-plus"; + packageName = "assert-plus"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz"; + sha1 = "f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"; + }; + }; + "asynckit-0.4.0" = { + name = "asynckit"; + packageName = "asynckit"; + version = "0.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"; + sha1 = "c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"; + }; + }; + "aws-sign2-0.7.0" = { + name = "aws-sign2"; + packageName = "aws-sign2"; + version = "0.7.0"; + src = fetchurl { + url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz"; + sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8"; + }; + }; + "aws4-1.6.0" = { + name = "aws4"; + packageName = "aws4"; + version = "1.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/aws4/-/aws4-1.6.0.tgz"; + sha1 = "83ef5ca860b2b32e4a0deedee8c771b9db57471e"; + }; + }; + "bcrypt-pbkdf-1.0.1" = { + name = "bcrypt-pbkdf"; + packageName = "bcrypt-pbkdf"; + version = "1.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz"; + sha1 = "63bc5dcb61331b92bc05fd528953c33462a06f8d"; + }; + }; + "boom-4.3.1" = { + name = "boom"; + packageName = "boom"; + version = "4.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/boom/-/boom-4.3.1.tgz"; + sha1 = "4f8a3005cb4a7e3889f749030fd25b96e01d2e31"; + }; + }; + "boom-5.2.0" = { + name = "boom"; + packageName = "boom"; + version = "5.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/boom/-/boom-5.2.0.tgz"; + sha512 = "19h20yqpvca08dns1rs4f057f10w63v0snxfml4h5khsk266x3x1im0w72bza4k2xn0kfz6jlv001dhcvxsjr09bmbqnysils9m7437"; + }; + }; + "caseless-0.12.0" = { + name = "caseless"; + packageName = "caseless"; + version = "0.12.0"; + src = fetchurl { + url = "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz"; + sha1 = "1b681c21ff84033c826543090689420d187151dc"; + }; + }; + "co-4.6.0" = { + name = "co"; + packageName = "co"; + version = "4.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/co/-/co-4.6.0.tgz"; + sha1 = "6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184"; + }; + }; + "combined-stream-1.0.6" = { + name = "combined-stream"; + packageName = "combined-stream"; + version = "1.0.6"; + src = fetchurl { + url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.6.tgz"; + sha1 = "723e7df6e801ac5613113a7e445a9b69cb632818"; + }; + }; + "core-util-is-1.0.2" = { + name = "core-util-is"; + packageName = "core-util-is"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz"; + sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7"; + }; + }; + "cryptiles-3.1.2" = { + name = "cryptiles"; + packageName = "cryptiles"; + version = "3.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/cryptiles/-/cryptiles-3.1.2.tgz"; + sha1 = "a89fbb220f5ce25ec56e8c4aa8a4fd7b5b0d29fe"; + }; + }; + "dashdash-1.14.1" = { + name = "dashdash"; + packageName = "dashdash"; + version = "1.14.1"; + src = fetchurl { + url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz"; + sha1 = "853cfa0f7cbe2fed5de20326b8dd581035f6e2f0"; + }; + }; + "delayed-stream-1.0.0" = { + name = "delayed-stream"; + packageName = "delayed-stream"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz"; + sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619"; + }; + }; + "ecc-jsbn-0.1.1" = { + name = "ecc-jsbn"; + packageName = "ecc-jsbn"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz"; + sha1 = "0fc73a9ed5f0d53c38193398523ef7e543777505"; + }; + }; + "extend-3.0.1" = { + name = "extend"; + packageName = "extend"; + version = "3.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz"; + sha1 = "a755ea7bc1adfcc5a31ce7e762dbaadc5e636444"; + }; + }; + "extsprintf-1.3.0" = { + name = "extsprintf"; + packageName = "extsprintf"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz"; + sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05"; + }; + }; + "fast-deep-equal-1.1.0" = { + name = "fast-deep-equal"; + packageName = "fast-deep-equal"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz"; + sha1 = "c053477817c86b51daa853c81e059b733d023614"; + }; + }; + "fast-json-stable-stringify-2.0.0" = { + name = "fast-json-stable-stringify"; + packageName = "fast-json-stable-stringify"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz"; + sha1 = "d5142c0caee6b1189f87d3a76111064f86c8bbf2"; + }; + }; + "forever-agent-0.6.1" = { + name = "forever-agent"; + packageName = "forever-agent"; + version = "0.6.1"; + src = fetchurl { + url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz"; + sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91"; + }; + }; + "form-data-2.3.2" = { + name = "form-data"; + packageName = "form-data"; + version = "2.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz"; + sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099"; + }; + }; + "getpass-0.1.7" = { + name = "getpass"; + packageName = "getpass"; + version = "0.1.7"; + src = fetchurl { + url = "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz"; + sha1 = "5eff8e3e684d569ae4cb2b1282604e8ba62149fa"; + }; + }; + "har-schema-2.0.0" = { + name = "har-schema"; + packageName = "har-schema"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz"; + sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92"; + }; + }; + "har-validator-5.0.3" = { + name = "har-validator"; + packageName = "har-validator"; + version = "5.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/har-validator/-/har-validator-5.0.3.tgz"; + sha1 = "ba402c266194f15956ef15e0fcf242993f6a7dfd"; + }; + }; + "hawk-6.0.2" = { + name = "hawk"; + packageName = "hawk"; + version = "6.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz"; + sha512 = "1nl2hjr2mnhj5jlaz8mh54z7acwz5j5idkch04qgjk78756gw5d0fjk4a2immil5ij9ijdssb9ndpryvnh2xpcbgcjv8lxybn330als"; + }; + }; + "hoek-4.2.1" = { + name = "hoek"; + packageName = "hoek"; + version = "4.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/hoek/-/hoek-4.2.1.tgz"; + sha512 = "1y8kprb3qldxqj31zai5n8dvhydsl9nn5w4rskhnbzzhldn6pm6n5lcyam3sfkb61a62d5m58k8im7z6ngwbd9cw9zp4zm4y7ckrf20"; + }; + }; + "http-signature-1.2.0" = { + name = "http-signature"; + packageName = "http-signature"; + version = "1.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz"; + sha1 = "9aecd925114772f3d95b65a60abb8f7c18fbace1"; + }; + }; + "iconv-2.2.3" = { + name = "iconv"; + packageName = "iconv"; + version = "2.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/iconv/-/iconv-2.2.3.tgz"; + sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed"; + }; + }; + "inherits-2.0.3" = { + name = "inherits"; + packageName = "inherits"; + version = "2.0.3"; + src = fetchurl { + url = "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz"; + sha1 = "633c2c83e3da42a502f52466022480f4208261de"; + }; + }; + "irc-colors-1.4.2" = { + name = "irc-colors"; + packageName = "irc-colors"; + version = "1.4.2"; + src = fetchurl { + url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.4.2.tgz"; + sha512 = "0f75yhavbhr8lbh3lh83rvyfrrrcxjawnd2rz7sacjd3zxj5524xr28j66f2l11vlngdkbplxz5xsq9dnwrcyqa0jh64k2pvzhn17a1"; + }; + }; + "is-typedarray-1.0.0" = { + name = "is-typedarray"; + packageName = "is-typedarray"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz"; + sha1 = "e479c80858df0c1b11ddda6940f96011fcda4a9a"; + }; + }; + "isarray-1.0.0" = { + name = "isarray"; + packageName = "isarray"; + version = "1.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz"; + sha1 = "bb935d48582cba168c06834957a54a3e07124f11"; + }; + }; + "isstream-0.1.2" = { + name = "isstream"; + packageName = "isstream"; + version = "0.1.2"; + src = fetchurl { + url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz"; + sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a"; + }; + }; + "jsbn-0.1.1" = { + name = "jsbn"; + packageName = "jsbn"; + version = "0.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz"; + sha1 = "a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"; + }; + }; + "json-schema-0.2.3" = { + name = "json-schema"; + packageName = "json-schema"; + version = "0.2.3"; + src = fetchurl { + url = "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz"; + sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13"; + }; + }; + "json-schema-traverse-0.3.1" = { + name = "json-schema-traverse"; + packageName = "json-schema-traverse"; + version = "0.3.1"; + src = fetchurl { + url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz"; + sha1 = "349a6d44c53a51de89b40805c5d5e59b417d3340"; + }; + }; + "json-stringify-safe-5.0.1" = { + name = "json-stringify-safe"; + packageName = "json-stringify-safe"; + version = "5.0.1"; + src = fetchurl { + url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz"; + sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb"; + }; + }; + "jsonify-0.0.0" = { + name = "jsonify"; + packageName = "jsonify"; + version = "0.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz"; + sha1 = "2c74b6ee41d93ca51b7b5aaee8f503631d252a73"; + }; + }; + "jsprim-1.4.1" = { + name = "jsprim"; + packageName = "jsprim"; + version = "1.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz"; + sha1 = "313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"; + }; + }; + "lodash.assign-4.2.0" = { + name = "lodash.assign"; + packageName = "lodash.assign"; + version = "4.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz"; + sha1 = "0d99f3ccd7a6d261d19bdaeb9245005d285808e7"; + }; + }; + "lodash.get-4.4.2" = { + name = "lodash.get"; + packageName = "lodash.get"; + version = "4.4.2"; + src = fetchurl { + url = "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz"; + sha1 = "2d177f652fa31e939b4438d5341499dfa3825e99"; + }; + }; + "lodash.has-4.5.2" = { + name = "lodash.has"; + packageName = "lodash.has"; + version = "4.5.2"; + src = fetchurl { + url = "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz"; + sha1 = "d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862"; + }; + }; + "lodash.uniq-4.5.0" = { + name = "lodash.uniq"; + packageName = "lodash.uniq"; + version = "4.5.0"; + src = fetchurl { + url = "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz"; + sha1 = "d0225373aeb652adc1bc82e4945339a842754773"; + }; + }; + "mime-db-1.33.0" = { + name = "mime-db"; + packageName = "mime-db"; + version = "1.33.0"; + src = fetchurl { + url = "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz"; + sha512 = "36xnw59ik9fqym00cmwb5nyzg0l03k70cp413f7639j93wgmzk1mh0xjc7i6zz3r6k9xnwh0g5cm5a1f3y8c6plgy4qld7fm887ywh4"; + }; + }; + "mime-types-2.1.18" = { + name = "mime-types"; + packageName = "mime-types"; + version = "2.1.18"; + src = fetchurl { + url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.18.tgz"; + sha512 = "22krj1kw7n9z10zdyx7smcaim4bzwqsqzhspwha06q58gcrxfp93hw2cd0vk5crhq5p2dwzqlpacg32lrmp5sjzb798zdzy35mdmkwm"; + }; + }; + "mri-1.1.0" = { + name = "mri"; + packageName = "mri"; + version = "1.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/mri/-/mri-1.1.0.tgz"; + sha1 = "5c0a3f29c8ccffbbb1ec941dcec09d71fa32f36a"; + }; + }; + "nan-2.10.0" = { + name = "nan"; + packageName = "nan"; + version = "2.10.0"; + src = fetchurl { + url = "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz"; + sha512 = "349rr7x0djrlkav4gbhkg355852ingn965r0kkch8rr4cwp7qki9676zpq8cq988yszzd2hld6szsbbnd1v6rghzf11abn1nyzlj1vc"; + }; + }; + "node-icu-charset-detector-0.2.0" = { + name = "node-icu-charset-detector"; + packageName = "node-icu-charset-detector"; + version = "0.2.0"; + src = fetchurl { + url = "https://registry.npmjs.org/node-icu-charset-detector/-/node-icu-charset-detector-0.2.0.tgz"; + sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639"; + }; + }; + "oauth-sign-0.8.2" = { + name = "oauth-sign"; + packageName = "oauth-sign"; + version = "0.8.2"; + src = fetchurl { + url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz"; + sha1 = "46a6ab7f0aead8deae9ec0565780b7d4efeb9d43"; + }; + }; + "performance-now-2.1.0" = { + name = "performance-now"; + packageName = "performance-now"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz"; + sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"; + }; + }; + "process-nextick-args-2.0.0" = { + name = "process-nextick-args"; + packageName = "process-nextick-args"; + version = "2.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz"; + sha512 = "0rw8xpqqkhs91722slvzf8icxfaimqp4w8zb3840jxr7r8n8035byl6dhdi5bm0yr6x7sdws0gf3m025fg6hqgaklwlbl4d7bah5l9j"; + }; + }; + "punycode-1.4.1" = { + name = "punycode"; + packageName = "punycode"; + version = "1.4.1"; + src = fetchurl { + url = "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz"; + sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"; + }; + }; + "qs-6.5.1" = { + name = "qs"; + packageName = "qs"; + version = "6.5.1"; + src = fetchurl { + url = "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz"; + sha512 = "3waqapyj1k4g135sgj636rmswiaixq19is1rw0rpv4qp6k7dl0a9nwy06m7yl5lbdk9p6xpwwngnggbzlzaz6rh11c86j2nvnnf273r"; + }; + }; + "readable-stream-2.3.6" = { + name = "readable-stream"; + packageName = "readable-stream"; + version = "2.3.6"; + src = fetchurl { + url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz"; + sha512 = "0mj9b6190amln9rg89x5pq2n195s3v0gzicpdamv1kbabg69aw5m71l34jsjn7bqil7405l6l35x9ijnb3h4jz5vx2i00l8sl1ll2xm"; + }; + }; + "safe-buffer-5.1.1" = { + name = "safe-buffer"; + packageName = "safe-buffer"; + version = "5.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz"; + sha512 = "1p28rllll1w65yzq5azi4izx962399xdsdlfbaynn7vmp981hiss05jhiy9hm7sbbfk3b4dhlcv0zy07fc59mnc07hdv6wcgqkcvawh"; + }; + }; + "sax-1.2.4" = { + name = "sax"; + packageName = "sax"; + version = "1.2.4"; + src = fetchurl { + url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz"; + sha512 = "1dn291mjsda42w8kldlbmngk6dhjxfbvvd5lckyqmwbjaj6069iq3wx0nvcfglwnpddz2qa93lzf4hv77iz43bd2qixa079sjzl799n"; + }; + }; + "sntp-2.1.0" = { + name = "sntp"; + packageName = "sntp"; + version = "2.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/sntp/-/sntp-2.1.0.tgz"; + sha512 = "0k2smmr24w5hb1cpql6vcgh58vzp4pmh9anf0bgz3arlsgq1mapnlq9fjqr6xs10aq1cmxaw987fwknqi62frax0fvs9bj3q3kmpg8l"; + }; + }; + "sshpk-1.14.1" = { + name = "sshpk"; + packageName = "sshpk"; + version = "1.14.1"; + src = fetchurl { + url = "https://registry.npmjs.org/sshpk/-/sshpk-1.14.1.tgz"; + sha1 = "130f5975eddad963f1d56f92b9ac6c51fa9f83eb"; + }; + }; + "string_decoder-1.1.1" = { + name = "string_decoder"; + packageName = "string_decoder"; + version = "1.1.1"; + src = fetchurl { + url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz"; + sha512 = "315yd4vzwrwk3vwj1klf46y1cj2jbvf88066y2rnwhksb98phj46jkxixbwsp3h607w7czy7cby522s7sx8mvspdpdm3s72y2ga3x4z"; + }; + }; + "stringstream-0.0.5" = { + name = "stringstream"; + packageName = "stringstream"; + version = "0.0.5"; + src = fetchurl { + url = "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz"; + sha1 = "4e484cd4de5a0bbbee18e46307710a8a81621878"; + }; + }; + "tough-cookie-2.3.4" = { + name = "tough-cookie"; + packageName = "tough-cookie"; + version = "2.3.4"; + src = fetchurl { + url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.4.tgz"; + sha512 = "0ncm6j3cjq1f26mzjf04k9bkw1b08w53s4qa3a11c1bdj4pgnqv1422c1xs5jyy6y1psppjx52fhagq5zkjkgrcpdkxcdiry96r77jd"; + }; + }; + "tunnel-agent-0.6.0" = { + name = "tunnel-agent"; + packageName = "tunnel-agent"; + version = "0.6.0"; + src = fetchurl { + url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz"; + sha1 = "27a5dea06b36b04a0a9966774b290868f0fc40fd"; + }; + }; + "tweetnacl-0.14.5" = { + name = "tweetnacl"; + packageName = "tweetnacl"; + version = "0.14.5"; + src = fetchurl { + url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz"; + sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64"; + }; + }; + "util-deprecate-1.0.2" = { + name = "util-deprecate"; + packageName = "util-deprecate"; + version = "1.0.2"; + src = fetchurl { + url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz"; + sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf"; + }; + }; + "uuid-3.2.1" = { + name = "uuid"; + packageName = "uuid"; + version = "3.2.1"; + src = fetchurl { + url = "https://registry.npmjs.org/uuid/-/uuid-3.2.1.tgz"; + sha512 = "0843vl1c974n8kw5kn0kvhvhwk8y8jydr0xkwwl2963xxmkw4ingk6xj9c8m48jw2i95giglxzq5aw5v5mij9kv7fzln8pxav1cr6cd"; + }; + }; + "verror-1.10.0" = { + name = "verror"; + packageName = "verror"; + version = "1.10.0"; + src = fetchurl { + url = "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz"; + sha1 = "3a105ca17053af55d6e270c1f8288682e18da400"; + }; + }; + }; +in +{ + feedparser = nodeEnv.buildNodePackage { + name = "feedparser"; + packageName = "feedparser"; + version = "2.2.9"; + src = fetchurl { + url = "https://registry.npmjs.org/feedparser/-/feedparser-2.2.9.tgz"; + sha1 = "9138197dafdae05fcadde0036beeaf6066c2c5e9"; + }; + dependencies = [ + sources."addressparser-1.0.1" + sources."array-indexofobject-0.0.1" + sources."core-util-is-1.0.2" + sources."inherits-2.0.3" + sources."isarray-1.0.0" + sources."lodash.assign-4.2.0" + sources."lodash.get-4.4.2" + sources."lodash.has-4.5.2" + sources."lodash.uniq-4.5.0" + sources."mri-1.1.0" + sources."process-nextick-args-2.0.0" + sources."readable-stream-2.3.6" + sources."safe-buffer-5.1.1" + sources."sax-1.2.4" + sources."string_decoder-1.1.1" + sources."util-deprecate-1.0.2" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "Robust RSS Atom and RDF feed parsing using sax js"; + homepage = http://github.com/danmactough/node-feedparser; + license = "MIT"; + }; + production = true; + bypassCache = true; + }; + form-data = nodeEnv.buildNodePackage { + name = "form-data"; + packageName = "form-data"; + version = "2.3.2"; + src = fetchurl { + url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz"; + sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099"; + }; + dependencies = [ + sources."asynckit-0.4.0" + sources."combined-stream-1.0.6" + sources."delayed-stream-1.0.0" + sources."mime-db-1.33.0" + sources."mime-types-2.1.18" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications."; + license = "MIT"; + }; + production = true; + bypassCache = true; + }; + irc = nodeEnv.buildNodePackage { + name = "irc"; + packageName = "irc"; + version = "0.5.2"; + src = fetchurl { + url = "https://registry.npmjs.org/irc/-/irc-0.5.2.tgz"; + sha1 = "3714f4768365a96d0b2f776bc91166beb2464bbc"; + }; + dependencies = [ + sources."iconv-2.2.3" + sources."irc-colors-1.4.2" + sources."nan-2.10.0" + sources."node-icu-charset-detector-0.2.0" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "An IRC client library for node"; + homepage = "https://github.com/martynsmith/node-irc#readme"; + license = "GPL-3.0"; + }; + production = true; + bypassCache = true; + }; + request = nodeEnv.buildNodePackage { + name = "request"; + packageName = "request"; + version = "2.85.0"; + src = fetchurl { + url = "https://registry.npmjs.org/request/-/request-2.85.0.tgz"; + sha512 = "2d3hg10zs5ycnr8prmiwdhacf88fl0x0bi6szs0z2r07zcbk419laixwpjp8sqapbc2ifyyih7p3r60wgr58bmcncz3pqnx523c8zph"; + }; + dependencies = [ + sources."ajv-5.5.2" + sources."asn1-0.2.3" + sources."assert-plus-1.0.0" + sources."asynckit-0.4.0" + sources."aws-sign2-0.7.0" + sources."aws4-1.6.0" + sources."bcrypt-pbkdf-1.0.1" + sources."boom-4.3.1" + sources."caseless-0.12.0" + sources."co-4.6.0" + sources."combined-stream-1.0.6" + sources."core-util-is-1.0.2" + (sources."cryptiles-3.1.2" // { + dependencies = [ + sources."boom-5.2.0" + ]; + }) + sources."dashdash-1.14.1" + sources."delayed-stream-1.0.0" + sources."ecc-jsbn-0.1.1" + sources."extend-3.0.1" + sources."extsprintf-1.3.0" + sources."fast-deep-equal-1.1.0" + sources."fast-json-stable-stringify-2.0.0" + sources."forever-agent-0.6.1" + sources."form-data-2.3.2" + sources."getpass-0.1.7" + sources."har-schema-2.0.0" + sources."har-validator-5.0.3" + sources."hawk-6.0.2" + sources."hoek-4.2.1" + sources."http-signature-1.2.0" + sources."is-typedarray-1.0.0" + sources."isstream-0.1.2" + sources."jsbn-0.1.1" + sources."json-schema-0.2.3" + sources."json-schema-traverse-0.3.1" + sources."json-stringify-safe-5.0.1" + sources."jsprim-1.4.1" + sources."mime-db-1.33.0" + sources."mime-types-2.1.18" + sources."oauth-sign-0.8.2" + sources."performance-now-2.1.0" + sources."punycode-1.4.1" + sources."qs-6.5.1" + sources."safe-buffer-5.1.1" + sources."sntp-2.1.0" + sources."sshpk-1.14.1" + sources."stringstream-0.0.5" + sources."tough-cookie-2.3.4" + sources."tunnel-agent-0.6.0" + sources."tweetnacl-0.14.5" + sources."uuid-3.2.1" + sources."verror-1.10.0" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "Simplified HTTP request client."; + homepage = "https://github.com/request/request#readme"; + license = "Apache-2.0"; + }; + production = true; + bypassCache = true; + }; + shell-quote = nodeEnv.buildNodePackage { + name = "shell-quote"; + packageName = "shell-quote"; + version = "1.6.1"; + src = fetchurl { + url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.6.1.tgz"; + sha1 = "f4781949cce402697127430ea3b3c5476f481767"; + }; + dependencies = [ + sources."array-filter-0.0.1" + sources."array-map-0.0.0" + sources."array-reduce-0.0.0" + sources."jsonify-0.0.0" + ]; + buildInputs = globalBuildInputs; + meta = { + description = "quote and parse shell commands"; + homepage = "https://github.com/substack/node-shell-quote#readme"; + license = "MIT"; + }; + production = true; + bypassCache = true; + }; +} \ No newline at end of file diff --git a/krebs/5pkgs/simple/newsbot-js/packages.nix b/krebs/5pkgs/simple/newsbot-js/packages.nix deleted file mode 100644 index 62921cb8f..000000000 --- a/krebs/5pkgs/simple/newsbot-js/packages.nix +++ /dev/null @@ -1,1747 +0,0 @@ -{ self, fetchurl, fetchgit ? null, lib }: - -{ - by-spec."addressparser"."^1.0.1" = - self.by-version."addressparser"."1.0.1"; - by-version."addressparser"."1.0.1" = self.buildNodePackage { - name = "addressparser-1.0.1"; - version = "1.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/addressparser/-/addressparser-1.0.1.tgz"; - name = "addressparser-1.0.1.tgz"; - sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."ansi-regex"."^2.0.0" = - self.by-version."ansi-regex"."2.1.1"; - by-version."ansi-regex"."2.1.1" = self.buildNodePackage { - name = "ansi-regex-2.1.1"; - version = "2.1.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz"; - name = "ansi-regex-2.1.1.tgz"; - sha1 = "c3b33ab5ee360d86e0e628f0468ae7ef27d654df"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."ansi-styles"."^2.2.1" = - self.by-version."ansi-styles"."2.2.1"; - by-version."ansi-styles"."2.2.1" = self.buildNodePackage { - name = "ansi-styles-2.2.1"; - version = "2.2.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz"; - name = "ansi-styles-2.2.1.tgz"; - sha1 = "b432dd3358b634cf75e1e4664368240533c1ddbe"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."array-filter"."~0.0.0" = - self.by-version."array-filter"."0.0.1"; - by-version."array-filter"."0.0.1" = self.buildNodePackage { - name = "array-filter-0.0.1"; - version = "0.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/array-filter/-/array-filter-0.0.1.tgz"; - name = "array-filter-0.0.1.tgz"; - sha1 = "7da8cf2e26628ed732803581fd21f67cacd2eeec"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."array-indexofobject"."~0.0.1" = - self.by-version."array-indexofobject"."0.0.1"; - by-version."array-indexofobject"."0.0.1" = self.buildNodePackage { - name = "array-indexofobject-0.0.1"; - version = "0.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/array-indexofobject/-/array-indexofobject-0.0.1.tgz"; - name = "array-indexofobject-0.0.1.tgz"; - sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."array-map"."~0.0.0" = - self.by-version."array-map"."0.0.0"; - by-version."array-map"."0.0.0" = self.buildNodePackage { - name = "array-map-0.0.0"; - version = "0.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/array-map/-/array-map-0.0.0.tgz"; - name = "array-map-0.0.0.tgz"; - sha1 = "88a2bab73d1cf7bcd5c1b118a003f66f665fa662"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."array-reduce"."~0.0.0" = - self.by-version."array-reduce"."0.0.0"; - by-version."array-reduce"."0.0.0" = self.buildNodePackage { - name = "array-reduce-0.0.0"; - version = "0.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/array-reduce/-/array-reduce-0.0.0.tgz"; - name = "array-reduce-0.0.0.tgz"; - sha1 = "173899d3ffd1c7d9383e4479525dbe278cab5f2b"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."asn1"."~0.2.3" = - self.by-version."asn1"."0.2.3"; - by-version."asn1"."0.2.3" = self.buildNodePackage { - name = "asn1-0.2.3"; - version = "0.2.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz"; - name = "asn1-0.2.3.tgz"; - sha1 = "dac8787713c9966849fc8180777ebe9c1ddf3b86"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."assert-plus"."^0.2.0" = - self.by-version."assert-plus"."0.2.0"; - by-version."assert-plus"."0.2.0" = self.buildNodePackage { - name = "assert-plus-0.2.0"; - version = "0.2.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/assert-plus/-/assert-plus-0.2.0.tgz"; - name = "assert-plus-0.2.0.tgz"; - sha1 = "d74e1b87e7affc0db8aadb7021f3fe48101ab234"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."assert-plus"."^1.0.0" = - self.by-version."assert-plus"."1.0.0"; - by-version."assert-plus"."1.0.0" = self.buildNodePackage { - name = "assert-plus-1.0.0"; - version = "1.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz"; - name = "assert-plus-1.0.0.tgz"; - sha1 = "f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."asynckit"."^0.4.0" = - self.by-version."asynckit"."0.4.0"; - by-version."asynckit"."0.4.0" = self.buildNodePackage { - name = "asynckit-0.4.0"; - version = "0.4.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"; - name = "asynckit-0.4.0.tgz"; - sha1 = "c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."aws-sign2"."~0.6.0" = - self.by-version."aws-sign2"."0.6.0"; - by-version."aws-sign2"."0.6.0" = self.buildNodePackage { - name = "aws-sign2-0.6.0"; - version = "0.6.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.6.0.tgz"; - name = "aws-sign2-0.6.0.tgz"; - sha1 = "14342dd38dbcc94d0e5b87d763cd63612c0e794f"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."aws4"."^1.2.1" = - self.by-version."aws4"."1.5.0"; - by-version."aws4"."1.5.0" = self.buildNodePackage { - name = "aws4-1.5.0"; - version = "1.5.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/aws4/-/aws4-1.5.0.tgz"; - name = "aws4-1.5.0.tgz"; - sha1 = "0a29ffb79c31c9e712eeb087e8e7a64b4a56d755"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."bcrypt-pbkdf"."^1.0.0" = - self.by-version."bcrypt-pbkdf"."1.0.1"; - by-version."bcrypt-pbkdf"."1.0.1" = self.buildNodePackage { - name = "bcrypt-pbkdf-1.0.1"; - version = "1.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz"; - name = "bcrypt-pbkdf-1.0.1.tgz"; - sha1 = "63bc5dcb61331b92bc05fd528953c33462a06f8d"; - }; - deps = { - "tweetnacl-0.14.5" = self.by-version."tweetnacl"."0.14.5"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."boom"."2.x.x" = - self.by-version."boom"."2.10.1"; - by-version."boom"."2.10.1" = self.buildNodePackage { - name = "boom-2.10.1"; - version = "2.10.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/boom/-/boom-2.10.1.tgz"; - name = "boom-2.10.1.tgz"; - sha1 = "39c8918ceff5799f83f9492a848f625add0c766f"; - }; - deps = { - "hoek-2.16.3" = self.by-version."hoek"."2.16.3"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."buffer-shims"."^1.0.0" = - self.by-version."buffer-shims"."1.0.0"; - by-version."buffer-shims"."1.0.0" = self.buildNodePackage { - name = "buffer-shims-1.0.0"; - version = "1.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/buffer-shims/-/buffer-shims-1.0.0.tgz"; - name = "buffer-shims-1.0.0.tgz"; - sha1 = "9978ce317388c649ad8793028c3477ef044a8b51"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."caseless"."~0.11.0" = - self.by-version."caseless"."0.11.0"; - by-version."caseless"."0.11.0" = self.buildNodePackage { - name = "caseless-0.11.0"; - version = "0.11.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/caseless/-/caseless-0.11.0.tgz"; - name = "caseless-0.11.0.tgz"; - sha1 = "715b96ea9841593cc33067923f5ec60ebda4f7d7"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."chalk"."^1.1.1" = - self.by-version."chalk"."1.1.3"; - by-version."chalk"."1.1.3" = self.buildNodePackage { - name = "chalk-1.1.3"; - version = "1.1.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz"; - name = "chalk-1.1.3.tgz"; - sha1 = "a8115c55e4a702fe4d150abd3872822a7e09fc98"; - }; - deps = { - "ansi-styles-2.2.1" = self.by-version."ansi-styles"."2.2.1"; - "escape-string-regexp-1.0.5" = self.by-version."escape-string-regexp"."1.0.5"; - "has-ansi-2.0.0" = self.by-version."has-ansi"."2.0.0"; - "strip-ansi-3.0.1" = self.by-version."strip-ansi"."3.0.1"; - "supports-color-2.0.0" = self.by-version."supports-color"."2.0.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."combined-stream"."^1.0.5" = - self.by-version."combined-stream"."1.0.5"; - by-version."combined-stream"."1.0.5" = self.buildNodePackage { - name = "combined-stream-1.0.5"; - version = "1.0.5"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.5.tgz"; - name = "combined-stream-1.0.5.tgz"; - sha1 = "938370a57b4a51dea2c77c15d5c5fdf895164009"; - }; - deps = { - "delayed-stream-1.0.0" = self.by-version."delayed-stream"."1.0.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."combined-stream"."~1.0.5" = - self.by-version."combined-stream"."1.0.5"; - by-spec."commander"."^2.9.0" = - self.by-version."commander"."2.9.0"; - by-version."commander"."2.9.0" = self.buildNodePackage { - name = "commander-2.9.0"; - version = "2.9.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/commander/-/commander-2.9.0.tgz"; - name = "commander-2.9.0.tgz"; - sha1 = "9c99094176e12240cb22d6c5146098400fe0f7d4"; - }; - deps = { - "graceful-readlink-1.0.1" = self.by-version."graceful-readlink"."1.0.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."core-util-is"."~1.0.0" = - self.by-version."core-util-is"."1.0.2"; - by-version."core-util-is"."1.0.2" = self.buildNodePackage { - name = "core-util-is-1.0.2"; - version = "1.0.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz"; - name = "core-util-is-1.0.2.tgz"; - sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."cryptiles"."2.x.x" = - self.by-version."cryptiles"."2.0.5"; - by-version."cryptiles"."2.0.5" = self.buildNodePackage { - name = "cryptiles-2.0.5"; - version = "2.0.5"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/cryptiles/-/cryptiles-2.0.5.tgz"; - name = "cryptiles-2.0.5.tgz"; - sha1 = "3bdfecdc608147c1c67202fa291e7dca59eaa3b8"; - }; - deps = { - "boom-2.10.1" = self.by-version."boom"."2.10.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."dashdash"."^1.12.0" = - self.by-version."dashdash"."1.14.1"; - by-version."dashdash"."1.14.1" = self.buildNodePackage { - name = "dashdash-1.14.1"; - version = "1.14.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz"; - name = "dashdash-1.14.1.tgz"; - sha1 = "853cfa0f7cbe2fed5de20326b8dd581035f6e2f0"; - }; - deps = { - "assert-plus-1.0.0" = self.by-version."assert-plus"."1.0.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."delayed-stream"."~1.0.0" = - self.by-version."delayed-stream"."1.0.0"; - by-version."delayed-stream"."1.0.0" = self.buildNodePackage { - name = "delayed-stream-1.0.0"; - version = "1.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz"; - name = "delayed-stream-1.0.0.tgz"; - sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."ecc-jsbn"."~0.1.1" = - self.by-version."ecc-jsbn"."0.1.1"; - by-version."ecc-jsbn"."0.1.1" = self.buildNodePackage { - name = "ecc-jsbn-0.1.1"; - version = "0.1.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz"; - name = "ecc-jsbn-0.1.1.tgz"; - sha1 = "0fc73a9ed5f0d53c38193398523ef7e543777505"; - }; - deps = { - "jsbn-0.1.0" = self.by-version."jsbn"."0.1.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."escape-string-regexp"."^1.0.2" = - self.by-version."escape-string-regexp"."1.0.5"; - by-version."escape-string-regexp"."1.0.5" = self.buildNodePackage { - name = "escape-string-regexp-1.0.5"; - version = "1.0.5"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz"; - name = "escape-string-regexp-1.0.5.tgz"; - sha1 = "1b61c0562190a8dff6ae3bb2cf0200ca130b86d4"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."extend"."~3.0.0" = - self.by-version."extend"."3.0.0"; - by-version."extend"."3.0.0" = self.buildNodePackage { - name = "extend-3.0.0"; - version = "3.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/extend/-/extend-3.0.0.tgz"; - name = "extend-3.0.0.tgz"; - sha1 = "5a474353b9f3353ddd8176dfd37b91c83a46f1d4"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."extsprintf"."1.0.2" = - self.by-version."extsprintf"."1.0.2"; - by-version."extsprintf"."1.0.2" = self.buildNodePackage { - name = "extsprintf-1.0.2"; - version = "1.0.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.0.2.tgz"; - name = "extsprintf-1.0.2.tgz"; - sha1 = "e1080e0658e300b06294990cc70e1502235fd550"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."feedparser"."*" = - self.by-version."feedparser"."2.1.0"; - by-version."feedparser"."2.1.0" = self.buildNodePackage { - name = "feedparser-2.1.0"; - version = "2.1.0"; - bin = true; - src = fetchurl { - url = "https://registry.npmjs.org/feedparser/-/feedparser-2.1.0.tgz"; - name = "feedparser-2.1.0.tgz"; - sha1 = "4cd98bf04e18db5b8644f91e98da89dd179f1fe7"; - }; - deps = { - "addressparser-1.0.1" = self.by-version."addressparser"."1.0.1"; - "array-indexofobject-0.0.1" = self.by-version."array-indexofobject"."0.0.1"; - "lodash.assign-4.2.0" = self.by-version."lodash.assign"."4.2.0"; - "lodash.get-4.4.2" = self.by-version."lodash.get"."4.4.2"; - "lodash.has-4.5.2" = self.by-version."lodash.has"."4.5.2"; - "lodash.uniq-4.5.0" = self.by-version."lodash.uniq"."4.5.0"; - "readable-stream-2.2.2" = self.by-version."readable-stream"."2.2.2"; - "sax-1.2.1" = self.by-version."sax"."1.2.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "feedparser" = self.by-version."feedparser"."2.1.0"; - by-spec."forever-agent"."~0.6.1" = - self.by-version."forever-agent"."0.6.1"; - by-version."forever-agent"."0.6.1" = self.buildNodePackage { - name = "forever-agent-0.6.1"; - version = "0.6.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz"; - name = "forever-agent-0.6.1.tgz"; - sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."form-data"."*" = - self.by-version."form-data"."2.1.2"; - by-version."form-data"."2.1.2" = self.buildNodePackage { - name = "form-data-2.1.2"; - version = "2.1.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/form-data/-/form-data-2.1.2.tgz"; - name = "form-data-2.1.2.tgz"; - sha1 = "89c3534008b97eada4cbb157d58f6f5df025eae4"; - }; - deps = { - "asynckit-0.4.0" = self.by-version."asynckit"."0.4.0"; - "combined-stream-1.0.5" = self.by-version."combined-stream"."1.0.5"; - "mime-types-2.1.14" = self.by-version."mime-types"."2.1.14"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "form-data" = self.by-version."form-data"."2.1.2"; - by-spec."form-data"."~2.1.1" = - self.by-version."form-data"."2.1.2"; - by-spec."generate-function"."^2.0.0" = - self.by-version."generate-function"."2.0.0"; - by-version."generate-function"."2.0.0" = self.buildNodePackage { - name = "generate-function-2.0.0"; - version = "2.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/generate-function/-/generate-function-2.0.0.tgz"; - name = "generate-function-2.0.0.tgz"; - sha1 = "6858fe7c0969b7d4e9093337647ac79f60dfbe74"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."generate-object-property"."^1.1.0" = - self.by-version."generate-object-property"."1.2.0"; - by-version."generate-object-property"."1.2.0" = self.buildNodePackage { - name = "generate-object-property-1.2.0"; - version = "1.2.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/generate-object-property/-/generate-object-property-1.2.0.tgz"; - name = "generate-object-property-1.2.0.tgz"; - sha1 = "9c0e1c40308ce804f4783618b937fa88f99d50d0"; - }; - deps = { - "is-property-1.0.2" = self.by-version."is-property"."1.0.2"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."getpass"."^0.1.1" = - self.by-version."getpass"."0.1.6"; - by-version."getpass"."0.1.6" = self.buildNodePackage { - name = "getpass-0.1.6"; - version = "0.1.6"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/getpass/-/getpass-0.1.6.tgz"; - name = "getpass-0.1.6.tgz"; - sha1 = "283ffd9fc1256840875311c1b60e8c40187110e6"; - }; - deps = { - "assert-plus-1.0.0" = self.by-version."assert-plus"."1.0.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."graceful-readlink".">= 1.0.0" = - self.by-version."graceful-readlink"."1.0.1"; - by-version."graceful-readlink"."1.0.1" = self.buildNodePackage { - name = "graceful-readlink-1.0.1"; - version = "1.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/graceful-readlink/-/graceful-readlink-1.0.1.tgz"; - name = "graceful-readlink-1.0.1.tgz"; - sha1 = "4cafad76bc62f02fa039b2f94e9a3dd3a391a725"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."har-validator"."~2.0.6" = - self.by-version."har-validator"."2.0.6"; - by-version."har-validator"."2.0.6" = self.buildNodePackage { - name = "har-validator-2.0.6"; - version = "2.0.6"; - bin = true; - src = fetchurl { - url = "https://registry.npmjs.org/har-validator/-/har-validator-2.0.6.tgz"; - name = "har-validator-2.0.6.tgz"; - sha1 = "cdcbc08188265ad119b6a5a7c8ab70eecfb5d27d"; - }; - deps = { - "chalk-1.1.3" = self.by-version."chalk"."1.1.3"; - "commander-2.9.0" = self.by-version."commander"."2.9.0"; - "is-my-json-valid-2.15.0" = self.by-version."is-my-json-valid"."2.15.0"; - "pinkie-promise-2.0.1" = self.by-version."pinkie-promise"."2.0.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."has-ansi"."^2.0.0" = - self.by-version."has-ansi"."2.0.0"; - by-version."has-ansi"."2.0.0" = self.buildNodePackage { - name = "has-ansi-2.0.0"; - version = "2.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz"; - name = "has-ansi-2.0.0.tgz"; - sha1 = "34f5049ce1ecdf2b0649af3ef24e45ed35416d91"; - }; - deps = { - "ansi-regex-2.1.1" = self.by-version."ansi-regex"."2.1.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."hawk"."~3.1.3" = - self.by-version."hawk"."3.1.3"; - by-version."hawk"."3.1.3" = self.buildNodePackage { - name = "hawk-3.1.3"; - version = "3.1.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/hawk/-/hawk-3.1.3.tgz"; - name = "hawk-3.1.3.tgz"; - sha1 = "078444bd7c1640b0fe540d2c9b73d59678e8e1c4"; - }; - deps = { - "hoek-2.16.3" = self.by-version."hoek"."2.16.3"; - "boom-2.10.1" = self.by-version."boom"."2.10.1"; - "cryptiles-2.0.5" = self.by-version."cryptiles"."2.0.5"; - "sntp-1.0.9" = self.by-version."sntp"."1.0.9"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."hoek"."2.x.x" = - self.by-version."hoek"."2.16.3"; - by-version."hoek"."2.16.3" = self.buildNodePackage { - name = "hoek-2.16.3"; - version = "2.16.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/hoek/-/hoek-2.16.3.tgz"; - name = "hoek-2.16.3.tgz"; - sha1 = "20bb7403d3cea398e91dc4710a8ff1b8274a25ed"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."http-signature"."~1.1.0" = - self.by-version."http-signature"."1.1.1"; - by-version."http-signature"."1.1.1" = self.buildNodePackage { - name = "http-signature-1.1.1"; - version = "1.1.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/http-signature/-/http-signature-1.1.1.tgz"; - name = "http-signature-1.1.1.tgz"; - sha1 = "df72e267066cd0ac67fb76adf8e134a8fbcf91bf"; - }; - deps = { - "assert-plus-0.2.0" = self.by-version."assert-plus"."0.2.0"; - "jsprim-1.3.1" = self.by-version."jsprim"."1.3.1"; - "sshpk-1.10.2" = self.by-version."sshpk"."1.10.2"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."iconv"."~2.2.1" = - self.by-version."iconv"."2.2.1"; - by-version."iconv"."2.2.1" = self.buildNodePackage { - name = "iconv-2.2.1"; - version = "2.2.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/iconv/-/iconv-2.2.1.tgz"; - name = "iconv-2.2.1.tgz"; - sha1 = "39b13fdd98987d26aef26c0a2f2a900911fa4584"; - }; - deps = { - "nan-2.5.1" = self.by-version."nan"."2.5.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."inherits"."~2.0.1" = - self.by-version."inherits"."2.0.3"; - by-version."inherits"."2.0.3" = self.buildNodePackage { - name = "inherits-2.0.3"; - version = "2.0.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz"; - name = "inherits-2.0.3.tgz"; - sha1 = "633c2c83e3da42a502f52466022480f4208261de"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."irc"."*" = - self.by-version."irc"."0.5.2"; - by-version."irc"."0.5.2" = self.buildNodePackage { - name = "irc-0.5.2"; - version = "0.5.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/irc/-/irc-0.5.2.tgz"; - name = "irc-0.5.2.tgz"; - sha1 = "3714f4768365a96d0b2f776bc91166beb2464bbc"; - }; - deps = { - "irc-colors-1.3.1" = self.by-version."irc-colors"."1.3.1"; - }; - optionalDependencies = { - "iconv-2.2.1" = self.by-version."iconv"."2.2.1"; - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "irc" = self.by-version."irc"."0.5.2"; - by-spec."irc-colors"."^1.1.0" = - self.by-version."irc-colors"."1.3.1"; - by-version."irc-colors"."1.3.1" = self.buildNodePackage { - name = "irc-colors-1.3.1"; - version = "1.3.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.3.1.tgz"; - name = "irc-colors-1.3.1.tgz"; - sha1 = "a6fccee5d9ecdc010c2b1cde3fbdff1f7134aff6"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."is-my-json-valid"."^2.12.4" = - self.by-version."is-my-json-valid"."2.15.0"; - by-version."is-my-json-valid"."2.15.0" = self.buildNodePackage { - name = "is-my-json-valid-2.15.0"; - version = "2.15.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/is-my-json-valid/-/is-my-json-valid-2.15.0.tgz"; - name = "is-my-json-valid-2.15.0.tgz"; - sha1 = "936edda3ca3c211fd98f3b2d3e08da43f7b2915b"; - }; - deps = { - "generate-function-2.0.0" = self.by-version."generate-function"."2.0.0"; - "generate-object-property-1.2.0" = self.by-version."generate-object-property"."1.2.0"; - "jsonpointer-4.0.1" = self.by-version."jsonpointer"."4.0.1"; - "xtend-4.0.1" = self.by-version."xtend"."4.0.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."is-property"."^1.0.0" = - self.by-version."is-property"."1.0.2"; - by-version."is-property"."1.0.2" = self.buildNodePackage { - name = "is-property-1.0.2"; - version = "1.0.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/is-property/-/is-property-1.0.2.tgz"; - name = "is-property-1.0.2.tgz"; - sha1 = "57fe1c4e48474edd65b09911f26b1cd4095dda84"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."is-typedarray"."~1.0.0" = - self.by-version."is-typedarray"."1.0.0"; - by-version."is-typedarray"."1.0.0" = self.buildNodePackage { - name = "is-typedarray-1.0.0"; - version = "1.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz"; - name = "is-typedarray-1.0.0.tgz"; - sha1 = "e479c80858df0c1b11ddda6940f96011fcda4a9a"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."isarray"."~1.0.0" = - self.by-version."isarray"."1.0.0"; - by-version."isarray"."1.0.0" = self.buildNodePackage { - name = "isarray-1.0.0"; - version = "1.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz"; - name = "isarray-1.0.0.tgz"; - sha1 = "bb935d48582cba168c06834957a54a3e07124f11"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."isstream"."~0.1.2" = - self.by-version."isstream"."0.1.2"; - by-version."isstream"."0.1.2" = self.buildNodePackage { - name = "isstream-0.1.2"; - version = "0.1.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz"; - name = "isstream-0.1.2.tgz"; - sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."jodid25519"."^1.0.0" = - self.by-version."jodid25519"."1.0.2"; - by-version."jodid25519"."1.0.2" = self.buildNodePackage { - name = "jodid25519-1.0.2"; - version = "1.0.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/jodid25519/-/jodid25519-1.0.2.tgz"; - name = "jodid25519-1.0.2.tgz"; - sha1 = "06d4912255093419477d425633606e0e90782967"; - }; - deps = { - "jsbn-0.1.0" = self.by-version."jsbn"."0.1.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."jsbn"."~0.1.0" = - self.by-version."jsbn"."0.1.0"; - by-version."jsbn"."0.1.0" = self.buildNodePackage { - name = "jsbn-0.1.0"; - version = "0.1.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.0.tgz"; - name = "jsbn-0.1.0.tgz"; - sha1 = "650987da0dd74f4ebf5a11377a2aa2d273e97dfd"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."json-schema"."0.2.3" = - self.by-version."json-schema"."0.2.3"; - by-version."json-schema"."0.2.3" = self.buildNodePackage { - name = "json-schema-0.2.3"; - version = "0.2.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz"; - name = "json-schema-0.2.3.tgz"; - sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."json-stringify-safe"."~5.0.1" = - self.by-version."json-stringify-safe"."5.0.1"; - by-version."json-stringify-safe"."5.0.1" = self.buildNodePackage { - name = "json-stringify-safe-5.0.1"; - version = "5.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz"; - name = "json-stringify-safe-5.0.1.tgz"; - sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."jsonify"."~0.0.0" = - self.by-version."jsonify"."0.0.0"; - by-version."jsonify"."0.0.0" = self.buildNodePackage { - name = "jsonify-0.0.0"; - version = "0.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz"; - name = "jsonify-0.0.0.tgz"; - sha1 = "2c74b6ee41d93ca51b7b5aaee8f503631d252a73"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."jsonpointer"."^4.0.0" = - self.by-version."jsonpointer"."4.0.1"; - by-version."jsonpointer"."4.0.1" = self.buildNodePackage { - name = "jsonpointer-4.0.1"; - version = "4.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/jsonpointer/-/jsonpointer-4.0.1.tgz"; - name = "jsonpointer-4.0.1.tgz"; - sha1 = "4fd92cb34e0e9db3c89c8622ecf51f9b978c6cb9"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."jsprim"."^1.2.2" = - self.by-version."jsprim"."1.3.1"; - by-version."jsprim"."1.3.1" = self.buildNodePackage { - name = "jsprim-1.3.1"; - version = "1.3.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/jsprim/-/jsprim-1.3.1.tgz"; - name = "jsprim-1.3.1.tgz"; - sha1 = "2a7256f70412a29ee3670aaca625994c4dcff252"; - }; - deps = { - "extsprintf-1.0.2" = self.by-version."extsprintf"."1.0.2"; - "json-schema-0.2.3" = self.by-version."json-schema"."0.2.3"; - "verror-1.3.6" = self.by-version."verror"."1.3.6"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."lodash.assign"."^4.2.0" = - self.by-version."lodash.assign"."4.2.0"; - by-version."lodash.assign"."4.2.0" = self.buildNodePackage { - name = "lodash.assign-4.2.0"; - version = "4.2.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz"; - name = "lodash.assign-4.2.0.tgz"; - sha1 = "0d99f3ccd7a6d261d19bdaeb9245005d285808e7"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."lodash.get"."^4.4.2" = - self.by-version."lodash.get"."4.4.2"; - by-version."lodash.get"."4.4.2" = self.buildNodePackage { - name = "lodash.get-4.4.2"; - version = "4.4.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz"; - name = "lodash.get-4.4.2.tgz"; - sha1 = "2d177f652fa31e939b4438d5341499dfa3825e99"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."lodash.has"."^4.5.2" = - self.by-version."lodash.has"."4.5.2"; - by-version."lodash.has"."4.5.2" = self.buildNodePackage { - name = "lodash.has-4.5.2"; - version = "4.5.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz"; - name = "lodash.has-4.5.2.tgz"; - sha1 = "d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."lodash.uniq"."^4.5.0" = - self.by-version."lodash.uniq"."4.5.0"; - by-version."lodash.uniq"."4.5.0" = self.buildNodePackage { - name = "lodash.uniq-4.5.0"; - version = "4.5.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz"; - name = "lodash.uniq-4.5.0.tgz"; - sha1 = "d0225373aeb652adc1bc82e4945339a842754773"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."mime-db"."~1.26.0" = - self.by-version."mime-db"."1.26.0"; - by-version."mime-db"."1.26.0" = self.buildNodePackage { - name = "mime-db-1.26.0"; - version = "1.26.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/mime-db/-/mime-db-1.26.0.tgz"; - name = "mime-db-1.26.0.tgz"; - sha1 = "eaffcd0e4fc6935cf8134da246e2e6c35305adff"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."mime-types"."^2.1.12" = - self.by-version."mime-types"."2.1.14"; - by-version."mime-types"."2.1.14" = self.buildNodePackage { - name = "mime-types-2.1.14"; - version = "2.1.14"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.14.tgz"; - name = "mime-types-2.1.14.tgz"; - sha1 = "f7ef7d97583fcaf3b7d282b6f8b5679dab1e94ee"; - }; - deps = { - "mime-db-1.26.0" = self.by-version."mime-db"."1.26.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."mime-types"."~2.1.7" = - self.by-version."mime-types"."2.1.14"; - by-spec."nan"."^2.3.3" = - self.by-version."nan"."2.5.1"; - by-version."nan"."2.5.1" = self.buildNodePackage { - name = "nan-2.5.1"; - version = "2.5.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/nan/-/nan-2.5.1.tgz"; - name = "nan-2.5.1.tgz"; - sha1 = "d5b01691253326a97a2bbee9e61c55d8d60351e2"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."nan"."^2.3.5" = - self.by-version."nan"."2.5.1"; - by-spec."oauth-sign"."~0.8.1" = - self.by-version."oauth-sign"."0.8.2"; - by-version."oauth-sign"."0.8.2" = self.buildNodePackage { - name = "oauth-sign-0.8.2"; - version = "0.8.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz"; - name = "oauth-sign-0.8.2.tgz"; - sha1 = "46a6ab7f0aead8deae9ec0565780b7d4efeb9d43"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."pinkie"."^2.0.0" = - self.by-version."pinkie"."2.0.4"; - by-version."pinkie"."2.0.4" = self.buildNodePackage { - name = "pinkie-2.0.4"; - version = "2.0.4"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/pinkie/-/pinkie-2.0.4.tgz"; - name = "pinkie-2.0.4.tgz"; - sha1 = "72556b80cfa0d48a974e80e77248e80ed4f7f870"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."pinkie-promise"."^2.0.0" = - self.by-version."pinkie-promise"."2.0.1"; - by-version."pinkie-promise"."2.0.1" = self.buildNodePackage { - name = "pinkie-promise-2.0.1"; - version = "2.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.1.tgz"; - name = "pinkie-promise-2.0.1.tgz"; - sha1 = "2135d6dfa7a358c069ac9b178776288228450ffa"; - }; - deps = { - "pinkie-2.0.4" = self.by-version."pinkie"."2.0.4"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."process-nextick-args"."~1.0.6" = - self.by-version."process-nextick-args"."1.0.7"; - by-version."process-nextick-args"."1.0.7" = self.buildNodePackage { - name = "process-nextick-args-1.0.7"; - version = "1.0.7"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz"; - name = "process-nextick-args-1.0.7.tgz"; - sha1 = "150e20b756590ad3f91093f25a4f2ad8bff30ba3"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."punycode"."^1.4.1" = - self.by-version."punycode"."1.4.1"; - by-version."punycode"."1.4.1" = self.buildNodePackage { - name = "punycode-1.4.1"; - version = "1.4.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz"; - name = "punycode-1.4.1.tgz"; - sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."qs"."~6.3.0" = - self.by-version."qs"."6.3.0"; - by-version."qs"."6.3.0" = self.buildNodePackage { - name = "qs-6.3.0"; - version = "6.3.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/qs/-/qs-6.3.0.tgz"; - name = "qs-6.3.0.tgz"; - sha1 = "f403b264f23bc01228c74131b407f18d5ea5d442"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."readable-stream"."^2.2.2" = - self.by-version."readable-stream"."2.2.2"; - by-version."readable-stream"."2.2.2" = self.buildNodePackage { - name = "readable-stream-2.2.2"; - version = "2.2.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.2.2.tgz"; - name = "readable-stream-2.2.2.tgz"; - sha1 = "a9e6fec3c7dda85f8bb1b3ba7028604556fc825e"; - }; - deps = { - "buffer-shims-1.0.0" = self.by-version."buffer-shims"."1.0.0"; - "core-util-is-1.0.2" = self.by-version."core-util-is"."1.0.2"; - "isarray-1.0.0" = self.by-version."isarray"."1.0.0"; - "inherits-2.0.3" = self.by-version."inherits"."2.0.3"; - "process-nextick-args-1.0.7" = self.by-version."process-nextick-args"."1.0.7"; - "string_decoder-0.10.31" = self.by-version."string_decoder"."0.10.31"; - "util-deprecate-1.0.2" = self.by-version."util-deprecate"."1.0.2"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."request"."*" = - self.by-version."request"."2.79.0"; - by-version."request"."2.79.0" = self.buildNodePackage { - name = "request-2.79.0"; - version = "2.79.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/request/-/request-2.79.0.tgz"; - name = "request-2.79.0.tgz"; - sha1 = "4dfe5bf6be8b8cdc37fcf93e04b65577722710de"; - }; - deps = { - "aws-sign2-0.6.0" = self.by-version."aws-sign2"."0.6.0"; - "aws4-1.5.0" = self.by-version."aws4"."1.5.0"; - "caseless-0.11.0" = self.by-version."caseless"."0.11.0"; - "combined-stream-1.0.5" = self.by-version."combined-stream"."1.0.5"; - "extend-3.0.0" = self.by-version."extend"."3.0.0"; - "forever-agent-0.6.1" = self.by-version."forever-agent"."0.6.1"; - "form-data-2.1.2" = self.by-version."form-data"."2.1.2"; - "har-validator-2.0.6" = self.by-version."har-validator"."2.0.6"; - "hawk-3.1.3" = self.by-version."hawk"."3.1.3"; - "http-signature-1.1.1" = self.by-version."http-signature"."1.1.1"; - "is-typedarray-1.0.0" = self.by-version."is-typedarray"."1.0.0"; - "isstream-0.1.2" = self.by-version."isstream"."0.1.2"; - "json-stringify-safe-5.0.1" = self.by-version."json-stringify-safe"."5.0.1"; - "mime-types-2.1.14" = self.by-version."mime-types"."2.1.14"; - "oauth-sign-0.8.2" = self.by-version."oauth-sign"."0.8.2"; - "qs-6.3.0" = self.by-version."qs"."6.3.0"; - "stringstream-0.0.5" = self.by-version."stringstream"."0.0.5"; - "tough-cookie-2.3.2" = self.by-version."tough-cookie"."2.3.2"; - "tunnel-agent-0.4.3" = self.by-version."tunnel-agent"."0.4.3"; - "uuid-3.0.1" = self.by-version."uuid"."3.0.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "request" = self.by-version."request"."2.79.0"; - by-spec."sax"."^1.2.1" = - self.by-version."sax"."1.2.1"; - by-version."sax"."1.2.1" = self.buildNodePackage { - name = "sax-1.2.1"; - version = "1.2.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/sax/-/sax-1.2.1.tgz"; - name = "sax-1.2.1.tgz"; - sha1 = "7b8e656190b228e81a66aea748480d828cd2d37a"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."shell-quote"."*" = - self.by-version."shell-quote"."1.6.1"; - by-version."shell-quote"."1.6.1" = self.buildNodePackage { - name = "shell-quote-1.6.1"; - version = "1.6.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.6.1.tgz"; - name = "shell-quote-1.6.1.tgz"; - sha1 = "f4781949cce402697127430ea3b3c5476f481767"; - }; - deps = { - "jsonify-0.0.0" = self.by-version."jsonify"."0.0.0"; - "array-filter-0.0.1" = self.by-version."array-filter"."0.0.1"; - "array-reduce-0.0.0" = self.by-version."array-reduce"."0.0.0"; - "array-map-0.0.0" = self.by-version."array-map"."0.0.0"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - "shell-quote" = self.by-version."shell-quote"."1.6.1"; - by-spec."sntp"."1.x.x" = - self.by-version."sntp"."1.0.9"; - by-version."sntp"."1.0.9" = self.buildNodePackage { - name = "sntp-1.0.9"; - version = "1.0.9"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/sntp/-/sntp-1.0.9.tgz"; - name = "sntp-1.0.9.tgz"; - sha1 = "6541184cc90aeea6c6e7b35e2659082443c66198"; - }; - deps = { - "hoek-2.16.3" = self.by-version."hoek"."2.16.3"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."sshpk"."^1.7.0" = - self.by-version."sshpk"."1.10.2"; - by-version."sshpk"."1.10.2" = self.buildNodePackage { - name = "sshpk-1.10.2"; - version = "1.10.2"; - bin = true; - src = fetchurl { - url = "https://registry.npmjs.org/sshpk/-/sshpk-1.10.2.tgz"; - name = "sshpk-1.10.2.tgz"; - sha1 = "d5a804ce22695515638e798dbe23273de070a5fa"; - }; - deps = { - "asn1-0.2.3" = self.by-version."asn1"."0.2.3"; - "assert-plus-1.0.0" = self.by-version."assert-plus"."1.0.0"; - "dashdash-1.14.1" = self.by-version."dashdash"."1.14.1"; - "getpass-0.1.6" = self.by-version."getpass"."0.1.6"; - }; - optionalDependencies = { - "jsbn-0.1.0" = self.by-version."jsbn"."0.1.0"; - "tweetnacl-0.14.5" = self.by-version."tweetnacl"."0.14.5"; - "jodid25519-1.0.2" = self.by-version."jodid25519"."1.0.2"; - "ecc-jsbn-0.1.1" = self.by-version."ecc-jsbn"."0.1.1"; - "bcrypt-pbkdf-1.0.1" = self.by-version."bcrypt-pbkdf"."1.0.1"; - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."string_decoder"."~0.10.x" = - self.by-version."string_decoder"."0.10.31"; - by-version."string_decoder"."0.10.31" = self.buildNodePackage { - name = "string_decoder-0.10.31"; - version = "0.10.31"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz"; - name = "string_decoder-0.10.31.tgz"; - sha1 = "62e203bc41766c6c28c9fc84301dab1c5310fa94"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."stringstream"."~0.0.4" = - self.by-version."stringstream"."0.0.5"; - by-version."stringstream"."0.0.5" = self.buildNodePackage { - name = "stringstream-0.0.5"; - version = "0.0.5"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz"; - name = "stringstream-0.0.5.tgz"; - sha1 = "4e484cd4de5a0bbbee18e46307710a8a81621878"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."strip-ansi"."^3.0.0" = - self.by-version."strip-ansi"."3.0.1"; - by-version."strip-ansi"."3.0.1" = self.buildNodePackage { - name = "strip-ansi-3.0.1"; - version = "3.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz"; - name = "strip-ansi-3.0.1.tgz"; - sha1 = "6a385fb8853d952d5ff05d0e8aaf94278dc63dcf"; - }; - deps = { - "ansi-regex-2.1.1" = self.by-version."ansi-regex"."2.1.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."supports-color"."^2.0.0" = - self.by-version."supports-color"."2.0.0"; - by-version."supports-color"."2.0.0" = self.buildNodePackage { - name = "supports-color-2.0.0"; - version = "2.0.0"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz"; - name = "supports-color-2.0.0.tgz"; - sha1 = "535d045ce6b6363fa40117084629995e9df324c7"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."tough-cookie"."~2.3.0" = - self.by-version."tough-cookie"."2.3.2"; - by-version."tough-cookie"."2.3.2" = self.buildNodePackage { - name = "tough-cookie-2.3.2"; - version = "2.3.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.2.tgz"; - name = "tough-cookie-2.3.2.tgz"; - sha1 = "f081f76e4c85720e6c37a5faced737150d84072a"; - }; - deps = { - "punycode-1.4.1" = self.by-version."punycode"."1.4.1"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."tunnel-agent"."~0.4.1" = - self.by-version."tunnel-agent"."0.4.3"; - by-version."tunnel-agent"."0.4.3" = self.buildNodePackage { - name = "tunnel-agent-0.4.3"; - version = "0.4.3"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.4.3.tgz"; - name = "tunnel-agent-0.4.3.tgz"; - sha1 = "6373db76909fe570e08d73583365ed828a74eeeb"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."tweetnacl"."^0.14.3" = - self.by-version."tweetnacl"."0.14.5"; - by-version."tweetnacl"."0.14.5" = self.buildNodePackage { - name = "tweetnacl-0.14.5"; - version = "0.14.5"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz"; - name = "tweetnacl-0.14.5.tgz"; - sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."tweetnacl"."~0.14.0" = - self.by-version."tweetnacl"."0.14.5"; - by-spec."util-deprecate"."~1.0.1" = - self.by-version."util-deprecate"."1.0.2"; - by-version."util-deprecate"."1.0.2" = self.buildNodePackage { - name = "util-deprecate-1.0.2"; - version = "1.0.2"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz"; - name = "util-deprecate-1.0.2.tgz"; - sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."uuid"."^3.0.0" = - self.by-version."uuid"."3.0.1"; - by-version."uuid"."3.0.1" = self.buildNodePackage { - name = "uuid-3.0.1"; - version = "3.0.1"; - bin = true; - src = fetchurl { - url = "https://registry.npmjs.org/uuid/-/uuid-3.0.1.tgz"; - name = "uuid-3.0.1.tgz"; - sha1 = "6544bba2dfda8c1cf17e629a3a305e2bb1fee6c1"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."verror"."1.3.6" = - self.by-version."verror"."1.3.6"; - by-version."verror"."1.3.6" = self.buildNodePackage { - name = "verror-1.3.6"; - version = "1.3.6"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/verror/-/verror-1.3.6.tgz"; - name = "verror-1.3.6.tgz"; - sha1 = "cff5df12946d297d2baaefaa2689e25be01c005c"; - }; - deps = { - "extsprintf-1.0.2" = self.by-version."extsprintf"."1.0.2"; - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; - by-spec."xtend"."^4.0.0" = - self.by-version."xtend"."4.0.1"; - by-version."xtend"."4.0.1" = self.buildNodePackage { - name = "xtend-4.0.1"; - version = "4.0.1"; - bin = false; - src = fetchurl { - url = "https://registry.npmjs.org/xtend/-/xtend-4.0.1.tgz"; - name = "xtend-4.0.1.tgz"; - sha1 = "a5c6d532be656e23db820efb943a1f04998d63af"; - }; - deps = { - }; - optionalDependencies = { - }; - peerDependencies = []; - os = [ ]; - cpu = [ ]; - }; -} diff --git a/krebs/5pkgs/simple/newsbot-js/pkgs.json b/krebs/5pkgs/simple/newsbot-js/pkgs.json new file mode 100644 index 000000000..95b60854d --- /dev/null +++ b/krebs/5pkgs/simple/newsbot-js/pkgs.json @@ -0,0 +1,7 @@ +[ + "feedparser", + "form-data", + "irc", + "request", + "shell-quote" +] diff --git a/krebs/5pkgs/simple/newsbot-js/update.sh b/krebs/5pkgs/simple/newsbot-js/update.sh new file mode 100755 index 000000000..0c1ecc58c --- /dev/null +++ b/krebs/5pkgs/simple/newsbot-js/update.sh @@ -0,0 +1,2 @@ +node2nix -8 -i pkgs.json -c combine.nix +rm node-env.nix combine.nix diff --git a/krebs/5pkgs/simple/pass-otp/default.nix b/krebs/5pkgs/simple/pass-otp/default.nix new file mode 100644 index 000000000..33411180a --- /dev/null +++ b/krebs/5pkgs/simple/pass-otp/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchFromGitHub, oathToolkit }: +stdenv.mkDerivation rec { + name = "pass-otp-${version}"; + version = "1.1.0"; + + src = fetchFromGitHub { + owner = "tadfisher"; + repo = "pass-otp"; + rev = "v${version}"; + sha256 = "1cgj4zc8fq88n3h6c0vkv9i5al785mdprpgpbv5m22dz9p1wqvbb"; + }; + + buildInputs = [ oathToolkit ]; + + patchPhase = '' + sed -i -e 's|OATH=\$(which oathtool)|OATH=${oathToolkit}/bin/oathtool|' otp.bash + ''; + + installPhase = '' + make PREFIX=$out install + ''; + + meta = with stdenv.lib; { + description = "A pass extension for managing one-time-password (OTP) tokens"; + homepage = https://github.com/tadfisher/pass-otp; + license = licenses.gpl3; + maintainers = with maintainers; [ jwiegley tadfisher ]; + platforms = platforms.unix; + }; +} diff --git a/krebs/5pkgs/simple/pass/default.nix b/krebs/5pkgs/simple/pass/default.nix new file mode 100644 index 000000000..3b6928087 --- /dev/null +++ b/krebs/5pkgs/simple/pass/default.nix @@ -0,0 +1,121 @@ +{ stdenv, lib, fetchurl, fetchFromGitHub +, coreutils, gnused, getopt, git, tree, gnupg, which, procps, qrencode +, makeWrapper + +, pass-otp + +, xclip ? null, xdotool ? null, dmenu ? null +, x11Support ? !stdenv.isDarwin +, tombPluginSupport ? false, tomb +}: + +with lib; + +assert x11Support -> xclip != null + && xdotool != null + && dmenu != null; + +let + plugins = map (p: (fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-${p.name}"; + inherit (p) rev sha256; + })) + ([ + { name = "import"; + rev = "491935bd275f29ceac2b876b3a288011d1ce31e7"; + sha256 = "02mbh05ab8h7kc30hz718d1d1vkjz43b96c7p0xnd92610d2q66q"; } + { name = "update"; + rev = "cf576c9036fd18efb9ed29e0e9f811207b556fde"; + sha256 = "1hhbrg6a2walrvla6q4cd3pgrqbcrf9brzjkb748735shxfn52hd"; } + ] ++ stdenv.lib.optional tombPluginSupport { + name = "tomb"; + rev = "3368134898a42c1b758fabac625ec240e125c6be"; + sha256 = "0qqmxfg4w3r088qhlkhs44036mya82vjflsjjhw2hk8y0wd2i6ds"; } + ); + +in stdenv.mkDerivation rec { + version = "1.7.1"; + name = "pass-${version}"; + + src = fetchurl { + url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz"; + sha256 = "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn"; + }; + + patches = [ ./set-correct-program-name-for-sleep.patch + ] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch; + + nativeBuildInputs = [ makeWrapper ]; + + installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ]; + + postInstall = '' + # plugins + ${stdenv.lib.concatStringsSep "\n" (map (plugin: '' + pushd ${plugin} + PREFIX=$out make install + popd + '') plugins)} + + ln -s \ + ${pass-otp}/lib/password-store/extensions/otp.bash \ + $out/lib/password-store/extensions/ + + ln -s \ + ${pass-otp}/share/man/man1/pass-otp.1.gz \ + $out/share/man/man1/ + + # Install Emacs Mode. NOTE: We can't install the necessary + # dependencies (s.el and f.el) here. The user has to do this + # himself. + mkdir -p "$out/share/emacs/site-lisp" + cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/" + '' + optionalString x11Support '' + cp "contrib/dmenu/passmenu" "$out/bin/" + ''; + + wrapperPath = with stdenv.lib; makeBinPath ([ + coreutils + getopt + git + gnupg + gnused + tree + which + qrencode + ] ++ optional tombPluginSupport tomb + ++ optional stdenv.isLinux procps + ++ ifEnable x11Support [ dmenu xclip xdotool ]); + + postFixup = '' + # Fix program name in --help + substituteInPlace $out/bin/pass \ + --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass" + + # Ensure all dependencies are in PATH + wrapProgram $out/bin/pass \ + --prefix PATH : "${wrapperPath}" + '' + stdenv.lib.optionalString x11Support '' + # We just wrap passmenu with the same PATH as pass. It doesn't + # need all the tools in there but it doesn't hurt either. + wrapProgram $out/bin/passmenu \ + --prefix PATH : "$out/bin:${wrapperPath}" + ''; + + meta = with stdenv.lib; { + description = "Stores, retrieves, generates, and synchronizes passwords securely"; + homepage = https://www.passwordstore.org/; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ lovek323 the-kenny fpletz ]; + platforms = platforms.unix; + + longDescription = '' + pass is a very simple password store that keeps passwords inside gpg2 + encrypted files inside a simple directory tree residing at + ~/.password-store. The pass utility provides a series of commands for + manipulating the password store, allowing the user to add, remove, edit, + synchronize, generate, and manipulate passwords. + ''; + }; +} diff --git a/krebs/5pkgs/simple/pass/no-darwin-getopt.patch b/krebs/5pkgs/simple/pass/no-darwin-getopt.patch new file mode 100644 index 000000000..e8f7e138f --- /dev/null +++ b/krebs/5pkgs/simple/pass/no-darwin-getopt.patch @@ -0,0 +1,9 @@ +diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh +--- password-store-1.6.5-orig/src/platform/darwin.sh 2015-01-28 16:43:02.000000000 +0000 ++++ password-store-1.6.5/src/platform/darwin.sh 2015-02-15 16:09:02.000000000 +0000 +@@ -31,5 +31,4 @@ + mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk." + } + +-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt" + SHRED="srm -f -z" diff --git a/krebs/5pkgs/simple/pass/rofi-pass.nix b/krebs/5pkgs/simple/pass/rofi-pass.nix new file mode 100644 index 000000000..61f51973e --- /dev/null +++ b/krebs/5pkgs/simple/pass/rofi-pass.nix @@ -0,0 +1,57 @@ +{ stdenv, fetchFromGitHub, pass, rofi, coreutils, utillinux, xdotool, gnugrep +, libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper +}: + +stdenv.mkDerivation rec { + name = "rofi-pass-${version}"; + version = "1.5.3"; + + src = fetchFromGitHub { + owner = "carnager"; + repo = "rofi-pass"; + rev = version; + sha256 = "1fn1j2rf3abc5qb44zfc8z8ffw6rva4xfp7597hwr1g3szacazpq"; + }; + + buildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/bin + cp -a rofi-pass $out/bin/rofi-pass + + mkdir -p $out/share/doc/rofi-pass/ + cp -a config.example $out/share/doc/rofi-pass/config.example + ''; + + wrapperPath = with stdenv.lib; makeBinPath [ + coreutils + findutils + gawk + gnugrep + gnused + libnotify + pass + pwgen + rofi + utillinux + xclip + xdotool + ]; + + fixupPhase = '' + patchShebangs $out/bin + + wrapProgram $out/bin/rofi-pass \ + --prefix PATH : "${wrapperPath}" + ''; + + meta = { + description = "A script to make rofi work with password-store"; + homepage = https://github.com/carnager/rofi-pass; + maintainers = with stdenv.lib.maintainers; [ the-kenny garbas ]; + license = stdenv.lib.licenses.gpl3; + platforms = with stdenv.lib.platforms; linux; + }; +} diff --git a/krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch b/krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch new file mode 100644 index 000000000..782e06e20 --- /dev/null +++ b/krebs/5pkgs/simple/pass/set-correct-program-name-for-sleep.patch @@ -0,0 +1,69 @@ +From 25b44e00ed5df8ffe2782d38ad5cd9f514379599 Mon Sep 17 00:00:00 2001 +From: "Andrew R. M" +Date: Sat, 8 Apr 2017 13:50:01 -0400 +Subject: [PATCH] Patch the clip() function to work even when using + single-binary coreutils + +--- + src/password-store.sh | 4 ++-- + src/platform/cygwin.sh | 4 ++-- + src/platform/darwin.sh | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/password-store.sh b/src/password-store.sh +index 6a4172d..4dbd6b8 100755 +--- a/src/password-store.sh ++++ b/src/password-store.sh +@@ -155,11 +155,11 @@ clip() { + # variable. Specifically, it cannot store nulls nor (non-trivally) store + # trailing new lines. + local sleep_argv0="password store sleep on display $DISPLAY" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)" + echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard" + ( +- ( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" ) ++ ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") ) + local now="$(xclip -o -selection "$X_SELECTION" | base64)" + [[ $now != $(echo -n "$1" | base64) ]] && before="$now" + +diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh +index 6e5dd86..f3574c4 100644 +--- a/src/platform/cygwin.sh ++++ b/src/platform/cygwin.sh +@@ -3,11 +3,11 @@ + + clip() { + local sleep_argv0="password store sleep on display $DISPLAY" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(base64 < /dev/clipboard)" + echo -n "$1" > /dev/clipboard + ( +- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" ) ++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") ) + local now="$(base64 < /dev/clipboard)" + [[ $now != $(echo -n "$1" | base64) ]] && before="$now" + echo "$before" | base64 -d > /dev/clipboard +diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh +index 86eb325..deb04c4 100644 +--- a/src/platform/darwin.sh ++++ b/src/platform/darwin.sh +@@ -3,11 +3,11 @@ + + clip() { + local sleep_argv0="password store sleep for user $(id -u)" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(pbpaste | openssl base64)" + echo -n "$1" | pbcopy + ( +- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" ) ++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") ) + local now="$(pbpaste | openssl base64)" + [[ $now != $(echo -n "$1" | openssl base64) ]] && before="$now" + echo "$before" | openssl base64 -d | pbcopy +-- +2.12.2 + diff --git a/krebs/5pkgs/simple/pssh/default.nix b/krebs/5pkgs/simple/pssh/default.nix deleted file mode 100644 index 2676af0cf..000000000 --- a/krebs/5pkgs/simple/pssh/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ writeDashBin }: - -writeDashBin "pssh" '' - set -efu - case ''${1-} in - - # TODO create plog with -o json | jq ... | map date - - # usage: pssh {-j,--journal} host... - # Follow journal at each host. - -j|--journal) - shift - "$0" journalctl -n0 -ocat --follow --all ::: "$@" \ - | while read line; do - printf '%s %s\n' "$(date --rfc-3339=s)" "$line" - done - ;; - - -*) - echo $0: unknown option: $1 >&2 - exit 1 - ;; - - # usage: pssh command [arg...] ::: host... - # Run command at each host. - *) - exec parallel \ - --line-buffer \ - -j0 \ - --no-notice \ - --tagstring {} \ - ssh -T {} "$@" - ;; - - esac -'' diff --git a/krebs/5pkgs/simple/stockholm/default.nix b/krebs/5pkgs/simple/stockholm/default.nix index 4d15e7ac2..9afe79510 100644 --- a/krebs/5pkgs/simple/stockholm/default.nix +++ b/krebs/5pkgs/simple/stockholm/default.nix @@ -9,7 +9,6 @@ # cmds.deploy = pkgs.withGetopt { - diff = { default = /* sh */ "false"; switch = true; }; force-populate = { default = /* sh */ "false"; switch = true; }; quiet = { default = /* sh */ "false"; switch = true; }; source_file = { @@ -25,65 +24,6 @@ . ${init.env} . ${init.proxy "deploy" opts} - if \test ${opts.diff.ref} = true; then - - system_profile=/nix/var/nix/profiles/system - system_drv_cur=/etc/system.drv - - system_drv_new=$( - ${pkgs.nix}/bin/nix-instantiate \ - -Q \ - -I "$target_path" \ - -E ' - (import { - modules = [ ]; - }).config.system.build.toplevel - ' - ) - - if \test -e "$system_drv_cur"; then - - system_drv_cur_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_cur") - system_drv_new_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_new") - - if \test "$system_drv_cur_c" = "$system_drv_new_c"; then - echo "$0: system up to date" >&2 - exit 0 - fi - - system_drv_cur=$system_drv_cur_c \ - system_drv_new=$system_drv_new_c \ - ${pkgs.utillinux}/bin/script \ - --command ' - ${pkgs.haskellPackages.nix-diff}/bin/nix-diff \ - "$system_drv_cur" "$system_drv_new" - ' \ - --quiet \ - --return \ - /dev/null - - printf 'deploy? [N/y] ' >&2 - read -r REPLY - if \test "$REPLY" != y; then - echo "$0: abort!" >&2 - exit 1 - fi - else - echo "$0: --${opts.diff.long} has no effect because "$system_drv_cur" doesn't exist" >&2 - fi - - new_system=$(${pkgs.nix}/bin/nix-store --realize "$system_drv_new") - - ${pkgs.nix}/bin/nix-env -p "$system_profile" --set "$new_system" - PATH=${lib.makeBinPath [ - pkgs.systemd - ]} \ - "$system_profile"/bin/switch-to-configuration switch - - ${pkgs.coreutils}/bin/ln -fns "$system_drv_new" "$system_drv_cur" - exit - fi - # Use system's nixos-rebuild, which is not self-contained export PATH=/run/current-system/sw/bin exec ${utils.with-whatsupnix} \ diff --git a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch b/krebs/5pkgs/simple/ucspi-tcp/chmod.patch deleted file mode 100644 index dd6933208..000000000 --- a/krebs/5pkgs/simple/ucspi-tcp/chmod.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/hier.c b/hier.c -index 5663ada..1d73b84 100644 ---- a/hier.c -+++ b/hier.c -@@ -2,8 +2,8 @@ - - void hier() - { -- h(auto_home,-1,-1,02755); -- d(auto_home,"bin",-1,-1,02755); -+ h(auto_home,-1,-1,0755); -+ d(auto_home,"bin",-1,-1,0755); - - c(auto_home,"bin","tcpserver",-1,-1,0755); - c(auto_home,"bin","tcprules",-1,-1,0755); diff --git a/krebs/5pkgs/simple/ucspi-tcp/default.nix b/krebs/5pkgs/simple/ucspi-tcp/default.nix deleted file mode 100644 index 3b043be06..000000000 --- a/krebs/5pkgs/simple/ucspi-tcp/default.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ stdenv, fetchurl }: - -stdenv.mkDerivation rec { - name = "ucspi-tcp-0.88"; - - src = fetchurl { - url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz"; - sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja"; - }; - - # Plain upstream tarball doesn't build, get patches from Debian - patches = [ - (fetchurl { - url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz"; - sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6"; - }) - ./chmod.patch - ]; - - # Apply Debian patches - postPatch = '' - for fname in debian/diff/*.diff; do - echo "Applying patch $fname" - patch < "$fname" - done - ''; - - # The build system is weird; 'make install' doesn't install anything, instead - # it builds an executable called ./install (from C code) which installs - # binaries to the directory given on line 1 in ./conf-home. - # - # Also, assume getgroups and setgroups work, instead of doing a build time - # test that breaks on NixOS (I think because nixbld users lack CAP_SETGID - # capability). - preBuild = '' - echo "$out" > conf-home - - echo "main() { return 0; }" > chkshsgr.c - ''; - - installPhase = '' - mkdir -p "$out/bin" - mkdir -p "$out/share/man/man1" - - # run the newly built installer - ./install - - # Install Debian man pages (upstream has none) - cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1" - ''; - - meta = with stdenv.lib; { - description = "Command-line tools for building TCP client-server applications"; - longDescription = '' - tcpserver waits for incoming connections and, for each connection, runs a - program of your choice. Your program receives environment variables - showing the local and remote host names, IP addresses, and port numbers. - - tcpserver offers a concurrency limit to protect you from running out of - processes and memory. When you are handling 40 (by default) simultaneous - connections, tcpserver smoothly defers acceptance of new connections. - - tcpserver also provides TCP access control features, similar to - tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules - are compiled into a hashed format with cdb, so it can easily deal with - thousands of different hosts. - - This package includes a recordio tool that monitors all the input and - output of a server. - - tcpclient makes a TCP connection and runs a program of your choice. It - sets up the same environment variables as tcpserver. - - This package includes several sample clients built on top of tcpclient: - who@, date@, finger@, http@, tcpcat, and mconnect. - - tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program - Interface, using the TCP protocol. UCSPI tools are available for several - different networks. - ''; - homepage = http://cr.yp.to/ucspi-tcp.html; - license = licenses.publicDomain; - platforms = platforms.linux; - maintainers = [ maintainers.bjornfor ]; - }; -} diff --git a/krebs/5pkgs/simple/urlwatch/default.nix b/krebs/5pkgs/simple/urlwatch/default.nix deleted file mode 100644 index 64f3ad1ac..000000000 --- a/krebs/5pkgs/simple/urlwatch/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ stdenv, fetchFromGitHub, python3Packages }: - -python3Packages.buildPythonApplication rec { - name = "urlwatch-${version}"; - version = "2.8"; - - src = fetchFromGitHub { - owner = "thp"; - repo = "urlwatch"; - rev = version; - sha256 = "1nja7n6pc45azd3l1xyvav89855lvcgwabrvf34rps81dbl8cnl4"; - }; - - propagatedBuildInputs = with python3Packages; [ - appdirs - keyring - minidb - pycodestyle - pyyaml - requests - ]; - - meta = with stdenv.lib; { - description = "A tool for monitoring webpages for updates"; - homepage = https://thp.io/2008/urlwatch/; - license = licenses.bsd3; - maintainers = with maintainers; [ tv ]; - }; -} diff --git a/krebs/5pkgs/simple/zandronum-bin/default.nix b/krebs/5pkgs/simple/zandronum-bin/default.nix deleted file mode 100644 index e97f46add..000000000 --- a/krebs/5pkgs/simple/zandronum-bin/default.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ stdenv -, atk -, bzip2 -, cairo -, fetchurl -, fluidsynth -, fontconfig -, freetype -, gdk_pixbuf -, glib -, gtk2 -, libjpeg_turbo -, mesa_glu -, mesa_noglu -, openssl -, pango -, SDL -, zlib -, makeWrapper -}: - -stdenv.mkDerivation rec { - name = "zandronum-3.0"; - - src = fetchurl { - url = "http://zandronum.com/downloads/testing/3.0/ZandroDev3.0-170205-2117linux-x86_64.tar.bz2"; - sha256 = "17vrzk0m5b17sp3sqcg57r7812ma97lp3qxn9hmd39fwl1z40fz3"; - }; - - libPath = stdenv.lib.makeLibraryPath [ - atk - bzip2 - cairo - fluidsynth - fontconfig - freetype - gdk_pixbuf - glib - gtk2 - libjpeg_turbo - mesa_glu - mesa_noglu - openssl - pango - SDL - stdenv.cc.cc - zlib - ]; - - nativeBuildInputs = [ makeWrapper ]; - - phases = [ "unpackPhase" "installPhase" ]; - - sourceRoot = "."; - - installPhase = '' - mkdir -p $out/bin - mkdir -p $out/share/zandronum - cp *.so *.pk3 zandronum zandronum-server $out/share/zandronum - - patchelf \ - --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \ - --set-rpath $libPath:$out/share/zandronum \ - $out/share/zandronum/zandronum - patchelf \ - --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \ - --set-rpath $libPath \ - $out/share/zandronum/zandronum-server - - # If we don't set absolute argv0, zandronum.wad file is not found. - makeWrapper $out/share/zandronum/zandronum $out/bin/zandronum - makeWrapper $out/share/zandronum/zandronum-server $out/bin/zandronum-server - ''; - - meta = { - homepage = http://zandronum.com/; - description = "Multiplayer oriented port, based off Skulltag, for Doom and Doom II by id Software. Binary version for online play"; - maintainers = [ stdenv.lib.maintainers.lassulus ]; - # Binary version has different version string than source code version. - license = stdenv.lib.licenses.unfreeRedistributable; - platforms = [ "x86_64-linux" ]; - }; -} diff --git a/krebs/5pkgs/writers.nix b/krebs/5pkgs/writers.nix index a48fc0f87..1939bf854 100644 --- a/krebs/5pkgs/writers.nix +++ b/krebs/5pkgs/writers.nix @@ -57,7 +57,8 @@ with import ; passAsFile = [ "text" ]; } /* sh */ '' PATH=${makeBinPath (with pkgs; [ - binutils + # TODO remove if everyone migrated to 18.03 + (if hasAttr "binutils-unwrapped" pkgs then binutils-unwrapped else binutils) coreutils gcc ])} diff --git a/krebs/kops.nix b/krebs/kops.nix new file mode 100644 index 000000000..abd60ee5a --- /dev/null +++ b/krebs/kops.nix @@ -0,0 +1,64 @@ +{ name }: rec { + + kops = (import {}).fetchgit { + url = https://cgit.krebsco.de/kops/; + rev = "e89cf20d4310070a877c2e24a287659546b561c9"; + sha256 = "0wg8d80sxa46z4i7ir79sci2hwmv3qskzqdg0si64p6vazy8vckb"; + }; + + lib = import "${kops}/lib"; + + # TODO document why pkgs should be used like this + pkgs = import "${kops}/pkgs" {}; + + krebs-source = { + nixpkgs.git = { + ref = "b50443b5c4ac0f382c49352a892b9d5d970eb4e7"; + url = https://github.com/NixOS/nixpkgs; + }; + stockholm.file = toString ../.; + stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" '' + set -efu + cd $HOME/stockholm + V=$(${pkgs.coreutils}/bin/date +%y.%m) + if test -d .git; then + V=$V.git.$(${pkgs.git}/bin/git describe --always --dirty) + case $V in (*-dirty) + V=$V@''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)} + esac + fi + printf %s "$V" + ''); + }; + + source ={ test }: lib.evalSource [ + krebs-source + { + nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; + secrets = + if test + then { + file = toString ; + } + else { + pass = { + dir = "${lib.getEnv "HOME"}/brain"; + name = "krebs-secrets/${name}"; + }; + } + ; + } + ]; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) + deploy = pkgs.kops.writeDeploy "${name}-deploy" { + source = source { test = false; }; + target = "root@${name}/var/src"; + }; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) + test = pkgs.kops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/tmp/${name}-kops-test-src"; + }; +} diff --git a/krebs/source.nix b/krebs/source.nix index 7e0ea7e47..3ee12b37f 100644 --- a/krebs/source.nix +++ b/krebs/source.nix @@ -22,10 +22,7 @@ in }; stockholm.file = toString ; stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version"; - nixpkgs.git = { - url = https://github.com/NixOS/nixpkgs; - ref = "c5bc83b503dfb29eb27c1deb0268f15c1858e7ce"; # nixos-17.09 @ 2018-02-27 - }; + nixpkgs = (import ./kops.nix { name = ""; }).krebs-source.nixpkgs; } override ] diff --git a/lass/1systems/cabal/config.nix b/lass/1systems/cabal/config.nix new file mode 100644 index 000000000..88f642d6b --- /dev/null +++ b/lass/1systems/cabal/config.nix @@ -0,0 +1,34 @@ +{ config, pkgs, ... }: + +{ + imports = [ + + + + + + + + + + + + + + ]; + + krebs.build.host = config.krebs.hosts.cabal; + + #fileSystems = { + # "/bku" = { + # device = "/dev/mapper/pool-bku"; + # fsType = "btrfs"; + # options = ["defaults" "noatime" "ssd" "compress=lzo"]; + # }; + #}; + + #services.udev.extraRules = '' + # SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0" + # SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0" + #''; +} diff --git a/lass/1systems/cabal/source.nix b/lass/1systems/cabal/source.nix new file mode 100644 index 000000000..5d9507f3d --- /dev/null +++ b/lass/1systems/cabal/source.nix @@ -0,0 +1,4 @@ +import { + name = "cabal"; + secure = true; +} diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 609fae3c8..c15fcdc21 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -8,9 +8,9 @@ with import ; - + { # bubsy config users.users.bubsy = { diff --git a/lass/1systems/echelon/config.nix b/lass/1systems/echelon/config.nix deleted file mode 100644 index 6f96883bf..000000000 --- a/lass/1systems/echelon/config.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import { inherit pkgs lib; }) getDefaultGateway; - ip = config.krebs.build.host.nets.internet.ip4.addr; -in { - imports = [ - - - - - - - { - networking.interfaces.enp2s1.ip4 = [ - { - address = ip; - prefixLength = 24; - } - ]; - networking.defaultGateway = getDefaultGateway ip; - networking.nameservers = [ - "8.8.8.8" - ]; - - } - { - sound.enable = false; - } - { - users.extraUsers = { - satan = { - name = "satan"; - uid = 1338; - home = "/home/satan"; - group = "users"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - ]; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+l3ajjOd80uJBM8oHO9HRbtA5hK6hvrpxxnk7qWW7OloT9IXcoM8bbON755vK0O6XyxZo1JZ1SZ7QIaOREGVIRDjcbJbqD3O+nImc6Rzxnrz7hvE+tuav9Yylwcw5HeQi82UIMGTEAwMHwLvsW6R/xyMCuOTbbzo9Ib8vlJ8IPDECY/05RhL7ZYFR0fdphI7jq7PobnO8WEpCZDhMvSYjO9jf3ac53wyghT3gH7AN0cxTR9qgQlPHhTbw+nZEI0sUKtrIhjfVE80wgK3NQXZZj7YAplRs/hYwSi7i8V0+8CBt2epc/5RKnJdDHFQnaTENq9kYQPOpUCP6YUwQIo8X nineinchnade@gmail.com" - ]; - }; - }; - } - ]; - - krebs.build.host = config.krebs.hosts.echelon; -} diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix index c4d99cb2c..557fce1e8 100644 --- a/lass/1systems/helios/config.nix +++ b/lass/1systems/helios/config.nix @@ -17,6 +17,7 @@ with import ; + { # automatic hardware detection boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.kernelModules = [ "kvm-intel" ]; @@ -131,7 +132,7 @@ with import ; ]; services.xserver.displayManager.sessionCommands = '' - ${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal + ${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --scale 0.5x0.5 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal ''; networking.hostName = lib.mkForce "BLN02NB0162"; @@ -168,8 +169,6 @@ with import ; '') ]; - lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f"; - programs.adb.enable = true; users.users.mainUser.extraGroups = [ "adbusers" "docker" ]; diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 46dc5e873..b6a0822b9 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -14,9 +14,9 @@ - + ]; krebs.build.host = config.krebs.hosts.icarus; diff --git a/lass/1systems/littleT/config.nix b/lass/1systems/littleT/config.nix index 7211c78eb..ef19e8d16 100644 --- a/lass/1systems/littleT/config.nix +++ b/lass/1systems/littleT/config.nix @@ -8,7 +8,7 @@ with import ; - + { users.users.blacky = { diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index cbb71ab24..f8a16ad2e 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -33,6 +33,7 @@ with import ; + { #risk of rain port krebs.iptables.tables.filter.INPUT.rules = [ @@ -140,6 +141,18 @@ with import ; dpass dnsutils + woeusb + l-gen-secrets + generate-secrets + (pkgs.writeDashBin "btc-coinbase" '' + ${pkgs.curl}/bin/curl -Ss 'https://api.coinbase.com/v2/prices/spot?currency=EUR' | ${pkgs.jq}/bin/jq '.data.amount' + '') + (pkgs.writeDashBin "btc-wex" '' + ${pkgs.curl}/bin/curl -Ss 'https://wex.nz/api/3/ticker/btc_eur' | ${pkgs.jq}/bin/jq '.btc_eur.avg' + '') + (pkgs.writeDashBin "btc-kraken" '' + ${pkgs.curl}/bin/curl -Ss 'https://api.kraken.com/0/public/Ticker?pair=BTCEUR' | ${pkgs.jq}/bin/jq '.result.XXBTZEUR.a[0]' + '') ]; #TODO: fix this shit @@ -167,34 +180,8 @@ with import ; environment.shellAliases = { deploy = pkgs.writeDash "deploy" '' set -eu - export PATH=${makeBinPath [ - pkgs.bash - pkgs.coreutils - pkgs.nix - (pkgs.writeDashBin "is-git-crypt-locked" '' - magic=$(dd status=none if="$1" skip=1 bs=1 count=8) - test "$magic" = GITCRYPT - '') - ]} - cd ~/stockholm export SYSTEM="$1" - if is-git-crypt-locked ~/secrets/ready; then - echo 'secrets are crypted' >&2 - exit 23 - else - exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"' - fi - ''; - predeploy = pkgs.writeDash "predeploy" '' - set -eu - export PATH=${makeBinPath [ - pkgs.bash - pkgs.coreutils - pkgs.nix - ]} - cd ~/stockholm - export SYSTEM="$1" - exec nix-shell -I stockholm="$PWD" --run 'test --system="$SYSTEM" --target="$SYSTEM/var/test/" --force-populate' + $(nix-build $HOME/stockholm/lass/kops.nix --no-out-link --argstr name "$SYSTEM" -A deploy) ''; }; @@ -202,4 +189,38 @@ with import ; programs.adb.enable = true; users.users.mainUser.extraGroups = [ "adbusers" "docker" ]; virtualisation.docker.enable = true; + services.redshift = { + enable = true; + provider = "geoclue2"; + }; + + lass.restic = genAttrs [ + "daedalus" + "icarus" + "littleT" + "prism" + "shodan" + "skynet" + ] (dest: { + dirs = [ + "/home/lass/src" + "/home/lass/work" + "/home/lass/.gnupg" + "/home/lass/Maildir" + "/home/lass/stockholm" + "/home/lass/.password-store" + "/home/bitcoin" + "/home/bch" + ]; + passwordFile = (toString ) + "/restic/${dest}"; + repo = "sftp:backup@${dest}.r:/backups/mors"; + #sshPrivateKey = config.krebs.build.host.ssh.privkey.path; + extraArguments = [ + "sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'" + ]; + timerConfig = { + OnCalendar = "00:05"; + RandomizedDelaySec = "5h"; + }; + }); } diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index c0e4620cc..89ea749c5 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -8,11 +8,15 @@ in { imports = [ { - networking.interfaces.et0.ip4 = [ + networking.interfaces.et0.ipv4.addresses = [ { address = ip; prefixLength = 27; } + { + address = "46.4.114.243"; + prefixLength = 27; + } ]; networking.defaultGateway = "46.4.114.225"; networking.nameservers = [ @@ -100,6 +104,7 @@ in { ]; } { # TODO make new hfos.nix out of this vv + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; users.users.riot = { uid = genid "riot"; isNormalUser = true; @@ -110,29 +115,13 @@ in { }; # TODO write function for proxy_pass (ssl/nonssl) - services.nginx.virtualHosts."hackerfleet.de" = { - serverAliases = [ - "*.hackerfleet.de" - ]; - locations."/".extraConfig = '' - proxy_pass http://192.168.122.92:80; - ''; - }; - services.nginx.virtualHosts."hackerfleet.de-s" = { - serverName = "hackerfleet.de"; - listen = [ - { - addr = "0.0.0.0"; - port = 443; - } - ]; - serverAliases = [ - "*.hackerfleet.de" - ]; - locations."/".extraConfig = '' - proxy_pass http://192.168.122.92:443; - ''; - }; + + krebs.iptables.tables.filter.FORWARD.rules = [ + { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; } + ]; + krebs.iptables.tables.nat.PREROUTING.rules = [ + { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; } + ]; } { users.users.tv = { @@ -201,26 +190,6 @@ in { localAddress = "10.233.2.2"; }; } - { - #kaepsele - systemd.services."container@kaepsele".reloadIfChanged = mkForce false; - containers.kaepsele = { - config = { ... }: { - imports = [ ]; - environment.systemPackages = [ pkgs.git ]; - services.openssh.enable = true; - users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [ - lass.pubkey - tv.pubkey - ]; - }; - autoStart = true; - enableTun = true; - privateNetwork = true; - hostAddress = "10.233.2.3"; - localAddress = "10.233.2.4"; - }; - } { #onondaga systemd.services."container@onondaga".reloadIfChanged = mkForce false; @@ -249,13 +218,12 @@ in { - - + { # quasi bepasty.nix imports = [ @@ -336,6 +304,35 @@ in { { predicate = "-p tcp --dport 53589"; target = "ACCEPT"; } ]; } + + { + environment.systemPackages = [ pkgs.cryptsetup ]; + systemd.services."container@red".reloadIfChanged = mkForce false; + containers.red = { + config = { ... }: { + environment.systemPackages = [ pkgs.git ]; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + config.krebs.users.lass.pubkey + ]; + }; + autoStart = false; + enableTun = true; + privateNetwork = true; + hostAddress = "10.233.2.3"; + localAddress = "10.233.2.4"; + }; + services.nginx.virtualHosts."rote-allez-fraktion.de" = { + enableACME = true; + addSSL = true; + locations."/" = { + extraConfig = '' + proxy_set_header Host rote-allez-fraktion.de; + proxy_pass http://10.233.2.4; + ''; + }; + }; + } ]; krebs.build.host = config.krebs.hosts.prism; diff --git a/lass/1systems/red/config.nix b/lass/1systems/red/config.nix new file mode 100644 index 000000000..31e2de966 --- /dev/null +++ b/lass/1systems/red/config.nix @@ -0,0 +1,31 @@ +with import ; +{ config, lib, pkgs, ... }: +let + inherit (import {inherit lib pkgs;}) + servephpBB + ; +in +{ + imports = [ + + + + + + (servephpBB [ "rote-allez-fraktion.de" ]) + ]; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p tcp --dport 80"; target = "ACCEPT"; } + ]; + + krebs.build.host = config.krebs.hosts.red; + boot.isContainer = true; + networking.useDHCP = false; + + services.nginx.enable = true; + environment.variables.NIX_REMOTE = "daemon"; + environment.systemPackages = [ + pkgs.mk_sql_pair + ]; +} diff --git a/lass/1systems/echelon/source.nix b/lass/1systems/red/source.nix similarity index 54% rename from lass/1systems/echelon/source.nix rename to lass/1systems/red/source.nix index 96888d5a8..f2bad743c 100644 --- a/lass/1systems/echelon/source.nix +++ b/lass/1systems/red/source.nix @@ -1,3 +1,4 @@ import { - name = "echelon"; + name = "red"; + secure = true; } diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 7fb57544f..42a46c5f5 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -15,9 +15,9 @@ with import ; - + ]; krebs.build.host = config.krebs.hosts.shodan; diff --git a/lass/1systems/skynet/config.nix b/lass/1systems/skynet/config.nix index 0b9499982..b2210282f 100644 --- a/lass/1systems/skynet/config.nix +++ b/lass/1systems/skynet/config.nix @@ -9,7 +9,6 @@ with import ; # - { # discordius config services.xserver.enable = true; diff --git a/lass/1systems/xerxes/source.nix b/lass/1systems/xerxes/source.nix index 11f5bf796..d256b885b 100644 --- a/lass/1systems/xerxes/source.nix +++ b/lass/1systems/xerxes/source.nix @@ -2,10 +2,4 @@ with import ; import { name = "xerxes"; secure = true; - override = { - nixpkgs.git = mkForce { - url = https://github.com/lassulus/nixpkgs; - ref = "3eccd0b"; - }; - }; } diff --git a/lass/2configs/backup.nix b/lass/2configs/backup.nix new file mode 100644 index 000000000..27adf6d2a --- /dev/null +++ b/lass/2configs/backup.nix @@ -0,0 +1,20 @@ +{ config, lib, ... }: +with import ; + +{ + fileSystems = { + "/backups" = { + device = "/dev/pool/backup"; + fsType = "ext4"; + }; + }; + users.users.backup = { + useDefaultShell = true; + home = "/backups"; + createHome = true; + openssh.authorizedKeys.keys = with config.krebs.hosts; [ + mors.ssh.pubkey + prism.ssh.pubkey + ]; + }; +} diff --git a/lass/2configs/backups.nix b/lass/2configs/backups.nix deleted file mode 100644 index c4fb85420..000000000 --- a/lass/2configs/backups.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ config, lib, ... }: -with import ; -{ - - # TODO add timerConfig to krebs.backup and randomize startup - # TODO define plans more abstract - krebs.backup.plans = { - } // mapAttrs (_: recursiveUpdate { - snapshots = { - daily = { format = "%Y-%m-%d"; retain = 7; }; - weekly = { format = "%YW%W"; retain = 4; }; - monthly = { format = "%Y-%m"; retain = 12; }; - yearly = { format = "%Y"; }; - }; - }) { - dishfire-http-prism = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.prism; path = "/bku/dishfire-http"; }; - startAt = "03:00"; - }; - dishfire-http-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/dishfire-http"; }; - startAt = "03:10"; - }; - dishfire-http-mors = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/dishfire-http"; }; - startAt = "03:05"; - }; - dishfire-http-shodan = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/dishfire-http"; }; - startAt = "03:10"; - }; - dishfire-sql-prism = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.prism; path = "/bku/dishfire-sql"; }; - startAt = "03:15"; - }; - dishfire-sql-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/dishfire-sql"; }; - startAt = "03:25"; - }; - dishfire-sql-mors = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/dishfire-sql"; }; - startAt = "03:20"; - }; - dishfire-sql-shodan = { - method = "pull"; - src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/dishfire-sql"; }; - startAt = "03:25"; - }; - prism-bitlbee-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-bitlbee"; }; - startAt = "03:25"; - }; - prism-bitlbee-mors = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/prism-bitlbee"; }; - startAt = "03:25"; - }; - prism-bitlbee-shodan = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-bitlbee"; }; - startAt = "03:25"; - }; - prism-chat-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/home/chat"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-chat"; }; - startAt = "03:35"; - }; - prism-chat-mors = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/home/chat"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/prism-chat"; }; - startAt = "03:30"; - }; - prism-chat-shodan = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/home/chat"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-chat"; }; - startAt = "03:35"; - }; - prism-sql-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-sql_dumps"; }; - startAt = "03:45"; - }; - prism-sql-mors = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/prism-sql_dumps"; }; - startAt = "03:40"; - }; - prism-sql-shodan = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-sql_dumps"; }; - startAt = "03:45"; - }; - prism-http-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-http"; }; - startAt = "03:55"; - }; - prism-http-mors = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/prism-http"; }; - startAt = "03:50"; - }; - prism-http-shodan = { - method = "pull"; - src = { host = config.krebs.hosts.prism; path = "/srv/http"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-http"; }; - startAt = "03:55"; - }; - icarus-home-mors = { - method = "pull"; - src = { host = config.krebs.hosts.icarus; path = "/home"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/icarus-home"; }; - startAt = "05:00"; - }; - icarus-home-shodan = { - method = "push"; - src = { host = config.krebs.hosts.icarus; path = "/home"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/icarus-home"; }; - startAt = "05:00"; - }; - mors-home-icarus = { - method = "push"; - src = { host = config.krebs.hosts.mors; path = "/home"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/mors-home"; }; - startAt = "05:00"; - }; - mors-home-shodan = { - method = "push"; - src = { host = config.krebs.hosts.mors; path = "/home"; }; - dst = { host = config.krebs.hosts.shodan; path = "/bku/mors-home"; }; - startAt = "05:00"; - }; - shodan-home-icarus = { - method = "pull"; - src = { host = config.krebs.hosts.shodan; path = "/home"; }; - dst = { host = config.krebs.hosts.icarus; path = "/bku/shodan-home"; }; - startAt = "04:00"; - }; - shodan-home-mors = { - method = "pull"; - src = { host = config.krebs.hosts.shodan; path = "/home"; }; - dst = { host = config.krebs.hosts.mors; path = "/bku/shodan-home"; }; - startAt = "04:00"; - }; - }; -} diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index ed179ded6..e2e44b6fc 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -9,7 +9,6 @@ in { ./power-action.nix ./copyq.nix ./livestream.nix - ./dns-stuff.nix ./urxvt.nix ./network-manager.nix { diff --git a/lass/2configs/bitcoin.nix b/lass/2configs/bitcoin.nix index a405addfc..9f6fd3bf0 100644 --- a/lass/2configs/bitcoin.nix +++ b/lass/2configs/bitcoin.nix @@ -10,9 +10,6 @@ in { krebs.per-user.bitcoin.packages = [ pkgs.electrum ]; - krebs.per-user.ethereum.packages = [ - pkgs.go-ethereum - ]; users.extraUsers = { bch = { name = "bch"; @@ -28,13 +25,6 @@ in { useDefaultShell = true; createHome = true; }; - ethereum = { - name = "ethereum"; - description = "user for ethereum stuff"; - home = "/home/ethereum"; - useDefaultShell = true; - createHome = true; - }; }; security.sudo.extraConfig = '' ${mainUser.name} ALL=(bitcoin) NOPASSWD: ALL diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index cbbd54b6b..3030d8faf 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -21,59 +21,37 @@ let $BIN "$@" ''; - createChromiumUser = name: extraGroups: precedence: - let - bin = pkgs.writeScriptBin name '' - /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@ - ''; - in { - users.extraUsers.${name} = { - inherit name; - inherit extraGroups; - home = "/home/${name}"; - uid = genid name; - useDefaultShell = true; - createHome = true; + createUser = script: name: groups: precedence: dpi: + { + lass.xjail.${name} = { + inherit script groups dpi; }; + environment.systemPackages = [ + config.lass.xjail-bins.${name} + (pkgs.writeDashBin "cx-${name}" '' + DISPLAY=:${toString (genid_signed name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip + '') + ]; lass.browser.paths.${name} = { - path = bin; + path = config.lass.xjail-bins.${name}; inherit precedence; }; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(${name}) NOPASSWD: ALL - ''; - environment.systemPackages = [ - bin - ]; }; - createFirefoxUser = name: extraGroups: precedence: - let - bin = pkgs.writeScriptBin name '' - /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox-devedition-bin}/bin/firefox-devedition $@ - ''; - in { - users.extraUsers.${name} = { - inherit name; - inherit extraGroups; - home = "/home/${name}"; - uid = genid name; - useDefaultShell = true; - createHome = true; - }; - lass.browser.paths.${name} = { - path = bin; - inherit precedence; - }; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(${name}) NOPASSWD: ALL - ''; - environment.systemPackages = [ - bin - ]; - }; + createChromiumUser = name: groups: precedence: + createUser (pkgs.writeDash name '' + ${pkgs.chromium}/bin/chromium "$@" + '') name groups precedence 80; - #TODO: abstract this + createFirefoxUser = name: groups: precedence: + createUser (pkgs.writeDash name '' + ${pkgs.firefox-devedition-bin}/bin/firefox-devedition "$@" + '') name groups precedence 80; + + createQuteUser = name: groups: precedence: + createUser (pkgs.writeDash name '' + ${pkgs.qutebrowser}/bin/qutebrowser "$@" + '') name groups precedence 60; in { @@ -110,12 +88,13 @@ in { })); }; } + ( createQuteUser "qb" [ "audio" ] 20 ) ( createFirefoxUser "ff" [ "audio" ] 10 ) - ( createChromiumUser "cr" [ "video" "audio" ] 9 ) + ( createChromiumUser "cr" [ "audio" ] 9 ) ( createChromiumUser "gm" [ "video" "audio" ] 8 ) - ( createChromiumUser "wk" [ "video" "audio" ] 0 ) - ( createChromiumUser "fb" [ "video" "audio" ] 0 ) - ( createChromiumUser "com" [ "video" "audio" ] 0 ) + ( createChromiumUser "wk" [ "audio" ] 0 ) + ( createChromiumUser "fb" [ "audio" ] 0 ) + ( createChromiumUser "com" [ "audio" ] 0 ) ( createChromiumUser "fin" [] (-1) ) ]; } diff --git a/lass/2configs/dcso-dev.nix b/lass/2configs/dcso-dev.nix index ae1c7bc8d..b985b67b3 100644 --- a/lass/2configs/dcso-dev.nix +++ b/lass/2configs/dcso-dev.nix @@ -9,6 +9,7 @@ in { dev = { name = "dev"; uid = genid "dev"; + extraGroups = [ "docker" ]; description = "user for collaborative development"; home = "/home/dev"; useDefaultShell = true; diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index 5a5f1b347..12a814605 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -6,10 +6,9 @@ with import ; ./gc.nix ./mc.nix ./vim.nix - ./monitoring/client.nix + ./monitoring/node-exporter.nix ./zsh.nix ./htop.nix - ./backups.nix ./security-workarounds.nix { users.extraUsers = diff --git a/lass/2configs/dns-stuff.nix b/lass/2configs/dns-stuff.nix deleted file mode 100644 index cbcce8df9..000000000 --- a/lass/2configs/dns-stuff.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ config, pkgs, ... }: -with import ; -{ - services.dnscrypt-proxy = { - enable = true; - localAddress = "127.1.0.1"; - customResolver = { - address = config.krebs.hosts.gum.nets.internet.ip4.addr; - port = 15251; - name = "2.dnscrypt-cert.euer.krebsco.de"; - key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C"; - }; - }; - services.resolved.enable = true; - services.resolved.fallbackDns = [ "127.1.0.1" ]; -} diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index ae652722a..e05ed2427 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -78,6 +78,8 @@ with import ; { from = "github@lassul.us"; to = lass.mail; } { from = "ovh@lassul.us"; to = lass.mail; } { from = "hetzner@lassul.us"; to = lass.mail; } + { from = "allygator@lassul.us"; to = lass.mail; } + { from = "immoscout@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index 50362cda4..3ee3a98a5 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -3,7 +3,7 @@ let mainUser = config.users.extraUsers.mainUser; vdoom = pkgs.writeDash "vdoom" '' - ${pkgs.zandronum-bin}/bin/zandronum \ + ${pkgs.zandronum}/bin/zandronum \ -fov 120 \ "$@" ''; @@ -50,7 +50,7 @@ let vdoomserver = pkgs.writeDashBin "vdoomserver" '' DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${pkgs.zandronum-bin}/bin/zandronum-server \ + ${pkgs.zandronum}/bin/zandronum-server \ +exec ${doomservercfg} \ "$@" ''; diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix index ad015180a..c5073e384 100644 --- a/lass/2configs/gc.nix +++ b/lass/2configs/gc.nix @@ -3,6 +3,6 @@ with import ; { nix.gc = { - automatic = ! elem config.krebs.build.host.name [ "prism" "mors" "helios" ]; + automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer); }; } diff --git a/lass/2configs/git.nix b/lass/2configs/git.nix index 1fe87c666..43085ba5e 100644 --- a/lass/2configs/git.nix +++ b/lass/2configs/git.nix @@ -57,6 +57,16 @@ let cgit.desc = "Fork of nix-user-chroot my lethalman"; cgit.section = "software"; }; + nixos-aws = { + collaborators = [ { + name = "fabio"; + pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFst8DvnfOu4pQJYxcwdf//jWTvP+jj0iSrOdt59c9Gbujm/8K1mBXhcSQhHj/GBRC1Qc1wipf9qZsWnEHMI+SRwq6tDr8gqlAcdWmHAs1bU96jJtc8EgmUKbXTFG/VmympMPi4cEbNUtH93v6NUjQKwq9szvDhhqSW4Y8zE32xLkySwobQapNaUrGAtQp3eTxu5Lkx+cEaaartaAspt8wSosXjUHUJktg0O5/XOP+CiWAx89AXxbQCy4XTQvUExoRGdw9sdu0lF0/A0dF4lFF/dDUS7+avY8MrKEcQ8Fwk8NcW1XrKMmCdNdpvou0whL9aHCdTJ+522dsSB1zZWh63Si4CrLKlc1TiGKCXdvzmCYrD+6WxbPJdRpMM4dFNtpAwhCm/dM+CBXfDkP0s5veFiYvp1ri+3hUqV/sep9r5/+d+5/R1gQs8WDNjWqcshveFbD5LxE6APEySB4QByGxIrw7gFbozE+PNxtlVP7bq4MyE6yIzL6ofQgO1e4THquPcqSCfCvyib5M2Q1phi5DETlMemWp84AsNkqbhRa4BGRycuOXXrBzE+RgQokcIY7t3xcu3q0xJo2+HxW/Lqi72zYU1NdT4nJMETEaG49FfIAnUuoVaQWWvOz8mQuVEmmdw2Yzo2ikILYSUdHTp1VPOeo6aNPvESkPw1eM0xDRlQ== ada"; + } ]; + }; + krops = { + cgit.desc = "krebs deployment"; + cgit.section = "software"; + }; } // mapAttrs make-public-repo-silent { }; @@ -70,8 +80,8 @@ let import { inherit config lib pkgs; } ); - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; + make-public-repo = name: { cgit ? {}, collaborators ? [], ... }: { + inherit cgit collaborators name; public = true; hooks = { post-receive = pkgs.git-hooks.irc-announce { diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix new file mode 100644 index 000000000..ecf89b298 --- /dev/null +++ b/lass/2configs/go.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +{ + krebs.go = { + enable = true; + }; + services.nginx = { + enable = true; + virtualHosts.go = { + locations."/".extraConfig = '' + proxy_set_header Host go.lassul.us; + proxy_pass http://localhost:1337; + ''; + serverAliases = [ + "go.lassul.us" + ]; + }; + }; +} + diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index 03d39ef75..2bb51b50a 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -8,6 +8,16 @@ let logfile ~/.msmtp.log account prism host prism.r + account c-base + from lassulus@c-base.org + host c-mail.c-base.org + port 465 + tls on + tls_starttls off + tls_fingerprint 8C:10:A6:AB:1F:82:C4:8F:B1:B4:22:D5:8B:8B:49:9B:59:0B:22:A4 + auth on + user lassulus + passwordeval pass show c-base/pass account default: prism ''; @@ -36,9 +46,11 @@ let ]; dezentrale = [ "to:dezentrale.space" ]; dhl = [ "to:dhl@lassul.us" ]; + eloop = [ "to:eloop.org" ]; github = [ "to:github@lassul.us" ]; gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ]; kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ]; + lugs = [ "to:lugs@lug-s.org" ]; nix-devel = [ "to:nix-devel@googlegroups.com" ]; patreon = [ "to:patreon@lassul.us" ]; paypal = [ "to:paypal@lassul.us" ]; @@ -63,9 +75,9 @@ let muttrc = pkgs.writeText "muttrc" '' # gpg - source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc + source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc set pgp_use_gpg_agent = yes - set pgp_sign_as = 0x976A7E4D + set pgp_sign_as = 0xDC2A43EF4F11E854B44D599A89E82952976A7E4D set crypt_autosign = yes set crypt_replyencrypt = yes set crypt_verify_sig = yes @@ -183,7 +195,7 @@ let name = "mutt"; paths = [ (pkgs.writeDashBin "mutt" '' - exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@ + exec ${pkgs.neomutt}/bin/neomutt -F ${muttrc} $@ '') pkgs.neomutt ]; @@ -194,8 +206,11 @@ in { msmtp mutt pkgs.much - pkgs.notmuch tag-new-mails tag-old-mails ]; + + nixpkgs.config.packageOverrides = opkgs: { + notmuch = (opkgs.notmuch.overrideAttrs (o: { doCheck = false; })); + }; } diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix deleted file mode 100644 index b8c245215..000000000 --- a/lass/2configs/monitoring/client.nix +++ /dev/null @@ -1,26 +0,0 @@ -{pkgs, config, ...}: -with import ; -{ - services.telegraf = { - enable = true; - - extraConfig = { - agent.interval = "1s"; - outputs = { - influxdb = { - urls = ["http://prism:8086"]; - database = "telegraf_db"; - user_agent = "telegraf"; - }; - }; - inputs = { - cpu = { - percpu = false; - totalcpu = true; - }; - mem = {}; - net = {}; - }; - }; - }; -} diff --git a/lass/2configs/monitoring/monit-alarms.nix b/lass/2configs/monitoring/monit-alarms.nix deleted file mode 100644 index 2cfc292e5..000000000 --- a/lass/2configs/monitoring/monit-alarms.nix +++ /dev/null @@ -1,44 +0,0 @@ -{pkgs, config, ...}: -with import ; -let - echoToIrc = msg: - pkgs.writeDash "echo_irc" '' - set -euf - export LOGNAME=prism-alarm - ${pkgs.irc-announce}/bin/irc-announce \ - irc.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null - ''; - -in { - krebs.monit = { - enable = true; - http.enable = true; - alarms = { - nirwanabluete = { - test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'"; - alarm = echoToIrc "test nirwanabluete failed"; - }; - ubik = { - test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'"; - alarm = echoToIrc "test ubik failed"; - }; - cac-panel = { - test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'"; - alarm = echoToIrc "test cac-panel failed"; - }; - radio = { - test = pkgs.writeBash "check_stream" '' - ${pkgs.curl}/bin/curl -sif http://lassul.us:8000/radio.ogg \ - | ${pkgs.gawk}/bin/awk '/^\r$/{exit}{print $0}' \ - | ${pkgs.gnugrep}/bin/grep -q "200 OK" || exit "''${PIPESTATUS[0]}" - ''; - alarm = echoToIrc "test radio failed"; - }; - }; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; } - ]; -} - diff --git a/lass/2configs/monitoring/node-exporter.nix b/lass/2configs/monitoring/node-exporter.nix new file mode 100644 index 000000000..561e3a25c --- /dev/null +++ b/lass/2configs/monitoring/node-exporter.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: +{ + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 9100 -s ${config.krebs.hosts.prism.nets.retiolum.ip4.addr}"; target = "ACCEPT"; v6 = false; } + { predicate = "-i retiolum -p tcp --dport 9100 -s ${config.krebs.hosts.prism.nets.retiolum.ip6.addr}"; target = "ACCEPT"; v4 = false; } + ]; + services.prometheus.exporters = { + node = { + enable = true; + enabledCollectors = [ + "systemd" + ]; + }; + }; +} diff --git a/lass/2configs/monitoring/prometheus-server.nix b/lass/2configs/monitoring/prometheus-server.nix new file mode 100644 index 000000000..1f9419e1a --- /dev/null +++ b/lass/2configs/monitoring/prometheus-server.nix @@ -0,0 +1,217 @@ +{ pkgs, lib, config, ... }: +{ + #networking = { + # firewall.allowedTCPPorts = [ + # 3000 # grafana + # 9090 # prometheus + # 9093 # alertmanager + # ]; + # useDHCP = true; + #}; + + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 3000"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 9090"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 9093"; target = "ACCEPT"; } + ]; + + services = { + prometheus = { + enable = true; + extraFlags = [ + "-storage.local.retention 8760h" + "-storage.local.series-file-shrink-ratio 0.3" + "-storage.local.memory-chunks 2097152" + "-storage.local.max-chunks-to-persist 1048576" + "-storage.local.index-cache-size.fingerprint-to-metric 2097152" + "-storage.local.index-cache-size.fingerprint-to-timerange 1048576" + "-storage.local.index-cache-size.label-name-to-label-values 2097152" + "-storage.local.index-cache-size.label-pair-to-fingerprints 41943040" + ]; + alertmanagerURL = [ "http://localhost:9093" ]; + rules = [ + '' + ALERT node_down + IF up == 0 + FOR 5m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Node is down.", + description = "{{$labels.alias}} has been down for more than 5 minutes." + } + ALERT node_systemd_service_failed + IF node_systemd_unit_state{state="failed"} == 1 + FOR 4m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.", + description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}." + } + ALERT node_filesystem_full_90percent + IF sort(node_filesystem_free{device!="ramfs"} < node_filesystem_size{device!="ramfs"} * 0.1) / 1024^3 + FOR 5m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Filesystem is running out of space soon.", + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 10% space left on its filesystem." + } + ALERT node_filesystem_full_in_4h + IF predict_linear(node_filesystem_free{device!="ramfs"}[1h], 4*3600) <= 0 + FOR 5m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Filesystem is running out of space in 4 hours.", + description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 4 hours" + } + ALERT node_filedescriptors_full_in_3h + IF predict_linear(node_filefd_allocated[1h], 3*3600) >= node_filefd_maximum + FOR 20m + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.", + description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours" + } + ALERT node_load1_90percent + IF node_load1 / on(alias) count(node_cpu{mode="system"}) by (alias) >= 0.9 + FOR 1h + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: Running on high load.", + description = "{{$labels.alias}} is running with > 90% total load for at least 1h." + } + ALERT node_cpu_util_90percent + IF 100 - (avg by (alias) (irate(node_cpu{mode="idle"}[5m])) * 100) >= 90 + FOR 1h + LABELS { + severity="page" + } + ANNOTATIONS { + summary = "{{$labels.alias}}: High CPU utilization.", + description = "{{$labels.alias}} has total CPU utilization over 90% for at least 1h." + } + ALERT node_ram_using_90percent + IF node_memory_MemFree + node_memory_Buffers + node_memory_Cached < node_memory_MemTotal * 0.1 + FOR 30m + LABELS { + severity="page" + } + ANNOTATIONS { + summary="{{$labels.alias}}: Using lots of RAM.", + description="{{$labels.alias}} is using at least 90% of its RAM for at least 30 minutes now.", + } + ALERT node_swap_using_80percent + IF node_memory_SwapTotal - (node_memory_SwapFree + node_memory_SwapCached) > node_memory_SwapTotal * 0.8 + FOR 10m + LABELS { + severity="page" + } + ANNOTATIONS { + summary="{{$labels.alias}}: Running out of swap soon.", + description="{{$labels.alias}} is using 80% of its swap space for at least 10 minutes now." + } + '' + ]; + scrapeConfigs = [ + { + job_name = "node"; + scrape_interval = "10s"; + static_configs = [ + { + targets = [ + ] ++ map (host: "${host}:9100") (lib.attrNames (lib.filterAttrs (_: host: host.owner.name == "lass" && host.monitoring) config.krebs.hosts)); + #labels = { + # alias = "prometheus.example.com"; + #}; + } + ]; + } + ]; + alertmanager = { + enable = true; + listenAddress = "0.0.0.0"; + configuration = { + "global" = { + "smtp_smarthost" = "smtp.example.com:587"; + "smtp_from" = "alertmanager@example.com"; + }; + "route" = { + "group_by" = [ "alertname" "alias" ]; + "group_wait" = "30s"; + "group_interval" = "2m"; + "repeat_interval" = "4h"; + "receiver" = "team-admins"; + }; + "receivers" = [ + { + "name" = "team-admins"; + "email_configs" = [ + { + "to" = "devnull@example.com"; + "send_resolved" = true; + } + ]; + "webhook_configs" = [ + { + "url" = "https://example.com/prometheus-alerts"; + "send_resolved" = true; + } + ]; + } + ]; + }; + }; + }; + grafana = { + enable = true; + addr = "0.0.0.0"; + domain = "grafana.example.com"; + rootUrl = "https://grafana.example.com/"; + security = import ; # { AdminUser = ""; adminPassword = ""} + }; + }; + services.logstash = { + enable = true; + inputConfig = '' + http { + port => 14813 + host => "127.0.0.1" + } + ''; + filterConfig = '' + if ([alerts]) { + ruby { + code => ' + lines = [] + event["alerts"].each {|p| + lines << "#{p["labels"]["instance"]}#{p["annotations"]["summary"]} #{p["status"]}" + } + event["output"] = lines.join("\n") + ' + } + } + ''; + outputConfig = '' + file { path => "/tmp/logs.json" codec => "json_lines" } + irc { + channels => [ "#noise" ] + host => "irc.r" + nick => "alarm" + codec => "json_lines" + format => "%{output}" + } + ''; + #plugins = [ ]; + }; +} diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix deleted file mode 100644 index adaecde2c..000000000 --- a/lass/2configs/monitoring/server.nix +++ /dev/null @@ -1,87 +0,0 @@ -{pkgs, config, ...}: -with import ; -{ - services.influxdb.enable = true; - - services.influxdb.extraConfig = { - meta.hostname = config.krebs.build.host.name; - # meta.logging-enabled = true; - http.bind-address = ":8086"; - admin.bind-address = ":8083"; - http.log-enabled = false; - monitoring = { - enabled = false; - # write-interval = "24h"; - }; - collectd = [{ - enabled = true; - typesdb = "${pkgs.collectd}/share/collectd/types.db"; - database = "collectd_db"; - port = 25826; - }]; - }; - - krebs.kapacitor = - let - db = "telegraf_db"; - echoToIrc = pkgs.writeDash "echo_irc" '' - set -euf - data="$(${pkgs.jq}/bin/jq -r .message)" - export LOGNAME=prism-alarm - ${pkgs.irc-announce}/bin/irc-announce \ - irc.r 6667 prism-alarm \#noise "$data" >/dev/null - ''; - in { - enable = true; - alarms = { - cpu = { - database = db; - text = '' - var data = batch - |query(${"'''"} - SELECT mean("usage_user") AS mean - FROM "${db}"."default"."cpu" - ${"'''"}) - .period(10m) - .every(1m) - .groupBy('host') - data |alert() - .crit(lambda: "mean" > 90) - .exec('${echoToIrc}') - data |deadman(1.0,5m) - .stateChangesOnly() - .exec('${echoToIrc}') - ''; - }; - ram = { - database = db; - text = '' - var data = batch - |query(${"'''"} - SELECT mean("used_percent") AS mean - FROM "${db}"."default"."mem" - ${"'''"}) - .period(10m) - .every(1m) - .groupBy('host') - data |alert() - .crit(lambda: "mean" > 90) - .exec('${echoToIrc}') - ''; - }; - }; - }; - - services.grafana = { - enable = true; - addr = "0.0.0.0"; - auth.anonymous.enable = true; - security = import ; # { AdminUser = ""; adminPassword = ""} - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; } - { predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; } - { predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; } - ]; -} diff --git a/lass/2configs/network-manager.nix b/lass/2configs/network-manager.nix index c4f757de1..5b890b591 100644 --- a/lass/2configs/network-manager.nix +++ b/lass/2configs/network-manager.nix @@ -14,7 +14,13 @@ RestartSec = "5"; }; }; - networking.networkmanager.enable = true; + networking.networkmanager = { + enable = true; + unmanaged = [ + "docker*" + "vboxnet*" + ]; + }; users.users.mainUser = { extraGroups = [ "networkmanager" ]; packages = with pkgs; [ diff --git a/lass/2configs/privoxy.nix b/lass/2configs/privoxy.nix index 33e8d1e46..e0a086421 100644 --- a/lass/2configs/privoxy.nix +++ b/lass/2configs/privoxy.nix @@ -3,10 +3,5 @@ { services.privoxy = { enable = true; - extraConfig = '' - #use polipo - forward / localhost:8123 - ''; }; - services.polipo.enable = true; } diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 2541df3a6..5a39f7115 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -4,7 +4,7 @@ with import ; { krebs.Reaktor.coders = { nickname = "Reaktor|lass"; - channels = [ "#coders" "#germany" ]; + channels = [ "#coders" "#germany" "#panthermoderns" ]; extraEnviron = { REAKTOR_HOST = "irc.hackint.org"; }; @@ -84,7 +84,20 @@ with import ; (buildSimpleReaktorPlugin "ping" { pattern = "^!ping (?P.*)$$"; script = pkgs.writeDash "ping" '' - exec /var/setuid-wrappers/ping -q -c1 "$1" 2>&1 | tail -1 + exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1 + ''; + }) + (buildSimpleReaktorPlugin "google" { + pattern = "^!g (?P.*)$$"; + script = pkgs.writeDash "google" '' + exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \ + ${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"' + ''; + }) + (buildSimpleReaktorPlugin "blockchain" { + pattern = ".*[Bb]lockchain.*$$"; + script = pkgs.writeDash "blockchain" '' + exec echo 'DID SOMEBODY SAY BLOCKCHAIN? https://paste.krebsco.de/r99pMoQq/+inline' ''; }) ]; diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 98dbdc227..ad44c67e1 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -61,6 +61,21 @@ let origin.url = "http://cgit.lassul.us/${name}"; mirror.url = "${mirror}${name}"; }; + makefu-staging = { + origin.url = "http://cgit.gum/${name}"; + origin.ref = "heads/staging"; + mirror.url = "${mirror}${name}"; + }; + tv-staging = { + origin.url = "http://cgit.ni.r/${name}"; + origin.ref = "heads/staging"; + mirror.url = "${mirror}${name}"; + }; + nin-staging = { + origin.url = "http://cgit.onondaga.r/${name}"; + origin.ref = "heads/staging"; + mirror.url = "${mirror}${name}"; + }; }; latest = { url = "${mirror}${name}"; diff --git a/lass/2configs/security-workarounds.nix b/lass/2configs/security-workarounds.nix index c3d07d5fe..537c8a59b 100644 --- a/lass/2configs/security-workarounds.nix +++ b/lass/2configs/security-workarounds.nix @@ -5,6 +5,4 @@ with import ; boot.extraModprobeConfig = '' install dccp /run/current-system/sw/bin/false ''; - - boot.kernelPackages = pkgs.linuxPackages_latest; } diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index cef43d1e6..17debf822 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -3,7 +3,6 @@ with import ; { services.syncthing = { enable = true; - useInotify = true; }; krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp --dport 22000"; target = "ACCEPT";} diff --git a/lass/2configs/virtualbox.nix b/lass/2configs/virtualbox.nix index f7d196057..8171def2d 100644 --- a/lass/2configs/virtualbox.nix +++ b/lass/2configs/virtualbox.nix @@ -6,6 +6,8 @@ let in { #services.virtualboxHost.enable = true; virtualisation.virtualbox.host.enable = true; + nixpkgs.config.virtualbox.enableExtensionPack = true; + virtualisation.virtualbox.host.enableHardening = false; users.extraUsers = { virtual = { diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 9ece2af77..7a72499c9 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -49,6 +49,7 @@ in { "www.ubikmedia.eu" "www.youthtube.xyz" "www.ubikmedia.de" + "www.joemisch.com" "www.weirdwednesday.de" "aldona2.ubikmedia.de" @@ -63,6 +64,7 @@ in { "weirdwednesday.ubikmedia.de" "freemonkey.ubikmedia.de" "jarugadesign.ubikmedia.de" + "crypto4art.ubikmedia.de" ]) ]; diff --git a/lass/2configs/websites/fritz.nix b/lass/2configs/websites/fritz.nix index aa57a9857..14d6ce9ec 100644 --- a/lass/2configs/websites/fritz.nix +++ b/lass/2configs/websites/fritz.nix @@ -12,9 +12,8 @@ let ; msmtprc = pkgs.writeText "msmtprc" '' - account localhost + account default host localhost - account default: localhost ''; sendmail = pkgs.writeDash "msmtp" '' diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix index 25ca1f455..53f1eea5c 100644 --- a/lass/2configs/websites/lassulus.nix +++ b/lass/2configs/websites/lassulus.nix @@ -6,66 +6,10 @@ let genid ; - servephpBB = domains: - let - domain = head domains; - - in { - services.nginx.virtualHosts."${domain}" = { - enableACME = true; - forceSSL = true; - serverAliases = domains; - extraConfig = '' - index index.php; - root /srv/http/${domain}/; - access_log /tmp/nginx_acc.log; - error_log /tmp/nginx_err.log; - error_page 404 /404.html; - error_page 500 502 503 504 /50x.html; - client_max_body_size 100m; - ''; - locations."/".extraConfig = '' - try_files $uri $uri/ /index.php?$args; - ''; - locations."~ \.php(?:$|/)".extraConfig = '' - fastcgi_split_path_info ^(.+\.php)(/.+)$; - include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice - fastcgi_pass unix:/srv/http/${domain}/phpfpm.pool; - fastcgi_intercept_errors on; - ''; - #Directives to send expires headers and turn off 404 error logging. - locations."~* ^.+\.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$".extraConfig = '' - access_log off; - log_not_found off; - expires max; - ''; - }; - services.phpfpm.poolConfigs."${domain}" = '' - listen = /srv/http/${domain}/phpfpm.pool - user = nginx - group = nginx - pm = dynamic - pm.max_children = 25 - pm.start_servers = 5 - pm.min_spare_servers = 3 - pm.max_spare_servers = 20 - listen.owner = nginx - listen.group = nginx - php_admin_value[error_log] = 'stderr' - php_admin_flag[log_errors] = on - catch_workers_output = yes - ''; - }; - in { imports = [ ./default.nix ../git.nix - (servephpBB [ "rote-allez-fraktion.de" ]) ]; security.acme = { diff --git a/lass/2configs/websites/util.nix b/lass/2configs/websites/util.nix index 62055d0fd..61b5543ce 100644 --- a/lass/2configs/websites/util.nix +++ b/lass/2configs/websites/util.nix @@ -16,7 +16,7 @@ rec { in { services.nginx.virtualHosts.${domain} = { enableACME = true; - enableSSL = true; + onlySSL = true; extraConfig = '' listen 80; listen [::]:80; @@ -28,13 +28,66 @@ rec { }; }; + servephpBB = domains: + let + domain = head domains; + + in { + services.nginx.virtualHosts."${domain}" = { + serverAliases = domains; + extraConfig = '' + index index.php; + root /srv/http/${domain}/; + access_log /tmp/nginx_acc.log; + error_log /tmp/nginx_err.log; + error_page 404 /404.html; + error_page 500 502 503 504 /50x.html; + client_max_body_size 100m; + ''; + locations."/".extraConfig = '' + try_files $uri $uri/ /index.php?$args; + ''; + locations."~ \.php(?:$|/)".extraConfig = '' + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include ${pkgs.nginx}/conf/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param HTTPS on; + fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice + fastcgi_pass unix:/srv/http/${domain}/phpfpm.pool; + fastcgi_intercept_errors on; + ''; + #Directives to send expires headers and turn off 404 error logging. + locations."~* ^.+\.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$".extraConfig = '' + access_log off; + log_not_found off; + expires max; + ''; + }; + services.phpfpm.poolConfigs."${domain}" = '' + listen = /srv/http/${domain}/phpfpm.pool + user = nginx + group = nginx + pm = dynamic + pm.max_children = 25 + pm.start_servers = 5 + pm.min_spare_servers = 3 + pm.max_spare_servers = 20 + listen.owner = nginx + listen.group = nginx + php_admin_value[error_log] = 'stderr' + php_admin_flag[log_errors] = on + catch_workers_output = yes + ''; + }; + serveOwncloud = domains: let domain = head domains; in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - enableSSL = true; + onlySSL = true; serverAliases = domains; extraConfig = '' listen 80; @@ -148,7 +201,7 @@ rec { in { services.nginx.virtualHosts."${domain}" = { enableACME = true; - enableSSL = true; + onlySSL = true; serverAliases = domains; extraConfig = '' listen 80; diff --git a/lass/2configs/zsh.nix b/lass/2configs/zsh.nix index aa3e6731d..76cac9f56 100644 --- a/lass/2configs/zsh.nix +++ b/lass/2configs/zsh.nix @@ -54,8 +54,8 @@ eval $(dircolors -b ${pkgs.fetchFromGitHub { owner = "trapd00r"; repo = "LS_COLORS"; - rev = "master"; - sha256="05lh5w3bgj9h8d8lrbbwbzw8788709cnzzkl8yh7m1dawkpf6nlp"; + rev = "a75fca8545f91abb8a5f802981033ef54bf1eac0"; + sha256="1lzj0qnj89mzh76ha137mnz2hf86k278rh0y9x124ghxj9yqsnb4"; }}/LS_COLORS) alias ls='ls --color' zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS} diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix index fd77b2262..5e7e6dff3 100644 --- a/lass/3modules/default.nix +++ b/lass/3modules/default.nix @@ -8,9 +8,11 @@ _: ./mysql-backup.nix ./news.nix ./pyload.nix + ./restic.nix ./screenlock.nix ./umts.nix ./usershadow.nix + ./xjail.nix ./xserver ]; } diff --git a/lass/3modules/restic.nix b/lass/3modules/restic.nix new file mode 100644 index 000000000..c720793b1 --- /dev/null +++ b/lass/3modules/restic.nix @@ -0,0 +1,119 @@ +{ config, lib, pkgs, ... }: + +with import ; + +{ + options.lass.restic = mkOption { + type = types.attrsOf (types.submodule ({ config, ... }: { + options = { + name = mkOption { + type = types.str; + default = config._module.args.name; + }; + passwordFile = mkOption { + type = types.str; + default = toString ; + description = '' + read the repository password from a file. + ''; + example = "/etc/nixos/restic-password"; + + }; + repo = mkOption { + type = types.str; + default = "sftp:backup@prism.r:/backups/${config.name}"; + description = '' + repository to backup to. + ''; + example = "sftp:backup@192.168.1.100:/backups/${config.name}"; + }; + dirs = mkOption { + type = types.listOf types.str; + default = []; + description = '' + which directories to backup. + ''; + example = [ + "/var/lib/postgresql" + "/home/user/backup" + ]; + }; + timerConfig = mkOption { + type = types.attrsOf types.str; + default = { + OnCalendar = "daily"; + }; + description = '' + When to run the backup. See man systemd.timer for details. + ''; + example = { + OnCalendar = "00:05"; + RandomizedDelaySec = "5h"; + }; + }; + user = mkOption { + type = types.str; + default = "root"; + description = '' + As which user the backup should run. + ''; + example = "postgresql"; + }; + extraArguments = mkOption { + type = types.listOf types.str; + default = []; + description = '' + Extra arguments to append to the restic command. + ''; + example = [ + "sftp.command='ssh backup@192.168.1.100 -i /home/user/.ssh/id_rsa -s sftp" + ]; + }; + initialize = mkOption { + type = types.bool; + default = false; + description = '' + Create the repository if it doesn't exist. + ''; + }; + }; + })); + default = {}; + }; + + config = { + systemd.services = + mapAttrs' (_: plan: + let + extraArguments = concatMapStringsSep " " (arg: "-o ${arg}") plan.extraArguments; + connectTo = elemAt (splitString ":" plan.repo) 1; + resticCmd = "${pkgs.restic}/bin/restic ${extraArguments}"; + in nameValuePair "backup.${plan.name}" { + environment = { + RESTIC_PASSWORD_FILE = plan.passwordFile; + RESTIC_REPOSITORY = plan.repo; + }; + path = with pkgs; [ + openssh + ]; + restartIfChanged = false; + serviceConfig = { + ExecStartPre = mkIf plan.initialize (pkgs.writeScript "rustic-${plan.name}-init" '' + #! ${pkgs.bash}/bin/bash + ${resticCmd} snapshots || ${resticCmd} init + ''); + ExecStart = pkgs.writeDash "rustic-${plan.name}" ( + "#! ${pkgs.bash}/bin/bash\n" + + concatMapStringsSep "\n" (dir: "${resticCmd} backup ${dir}") plan.dirs + ); + User = plan.user; + }; + } + ) config.lass.restic; + systemd.timers = + mapAttrs' (_: plan: nameValuePair "backup.${plan.name}" { + wantedBy = [ "timers.target" ]; + timerConfig = plan.timerConfig; + }) config.lass.restic; + }; +} diff --git a/lass/3modules/screenlock.nix b/lass/3modules/screenlock.nix index e16ce9868..29c3861f2 100644 --- a/lass/3modules/screenlock.nix +++ b/lass/3modules/screenlock.nix @@ -14,7 +14,7 @@ let enable = mkEnableOption "screenlock"; command = mkOption { type = types.str; - default = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f"; + default = "${pkgs.xlockmore}/bin/xlock -mode life1d -size 1"; }; }; @@ -28,7 +28,7 @@ let serviceConfig = { SyslogIdentifier = "screenlock"; ExecStart = cfg.command; - Type = "forking"; + Type = "simple"; User = "lass"; }; }; diff --git a/lass/3modules/xjail.nix b/lass/3modules/xjail.nix new file mode 100644 index 000000000..325ebcc99 --- /dev/null +++ b/lass/3modules/xjail.nix @@ -0,0 +1,164 @@ +{ config, pkgs, lib, ... }: + +with import ; +{ + options.lass.xjail = mkOption { + type = types.attrsOf (types.submodule ({ config, ...}: { + options = { + name = mkOption { + type = types.string; + default = config._module.args.name; + }; + user = mkOption { + type = types.string; + default = config.name; + }; + groups = mkOption { + type = types.listOf types.str; + default = []; + }; + from = mkOption { + type = types.string; + default = "lass"; + }; + display = mkOption { + type = types.string; + default = toString (genid_signed config._module.args.name); + }; + dpi = mkOption { + type = types.int; + default = 90; + }; + extraXephyrArgs = mkOption { + type = types.str; + default = ""; + }; + extraVglrunArgs = mkOption { + type = types.str; + default = ""; + }; + script = mkOption { + type = types.path; + default = pkgs.writeScript "echo_lol" "echo lol"; + }; + wm = mkOption { + #TODO find type + type = types.string; + default = "${pkgs.writeHaskell "xephyrify-xmonad" { + executables.xmonad = { + extra-depends = [ + "containers" + "unix" + "xmonad" + ]; + text = /* haskell */ '' + module Main where + import XMonad + import Data.Monoid + import System.Posix.Process (executeFile) + import qualified Data.Map as Map + + main :: IO () + main = do + xmonad def + { workspaces = [ "1" ] + , layoutHook = myLayoutHook + , keys = myKeys + , normalBorderColor = "#000000" + , focusedBorderColor = "#000000" + , handleEventHook = myEventHook + } + + myEventHook :: Event -> X All + + myEventHook (ConfigureEvent { ev_event_type = 22 }) = do + spawn "${pkgs.xorg.xrandr}/bin/xrandr >/dev/null 2>&1" + return (All True) + + myEventHook _ = do + return (All True) + + myLayoutHook = Full + myKeys _ = Map.fromList [] + ''; + }; + }}/bin/xmonad"; + }; + }; + })); + default = {}; + }; + + options.lass.xjail-bins = mkOption { + type = types.attrsOf types.path; + }; + + # implementation + config = let + scripts = mapAttrs' (name: cfg: + let + newOrExisting = pkgs.writeDash "${cfg.name}-existing" '' + DISPLAY=:${cfg.display} ${pkgs.xorg.xrandr}/bin/xrandr + if test $? -eq 0; then + echo using existing xephyr + ${sudo_} "$@" + else + echo starting new xephyr + ${xephyr_} "$@" + fi + ''; + xephyr_ = pkgs.writeDash "${cfg.name}-xephyr" '' + ${pkgs.xorg.xorgserver}/bin/Xephyr -br -ac -reset -terminate -resizeable -nolisten local -dpi ${toString cfg.dpi} ${cfg.extraXephyrArgs} :${cfg.display} & + XEPHYR_PID=$! + DISPLAY=:${cfg.display} ${cfg.wm} & + WM_PID=$! + ${sudo_} "$@" + ${pkgs.coreutils}/bin/kill $WM_PID + ${pkgs.coreutils}/bin/kill $XEPHYR_PID + ''; + sudo_ = pkgs.writeDash "${cfg.name}-sudo" '' + /var/run/wrappers/bin/sudo -u ${cfg.name} -i ${vglrun_} "$@" + ''; + vglrun_ = pkgs.writeDash "${cfg.name}-vglrun" '' + DISPLAY=:${cfg.display} ${pkgs.virtualgl}/bin/vglrun ${cfg.extraVglrunArgs} ${cfg.script} "$@" + ''; + in nameValuePair name { + existing = newOrExisting; + xephyr = xephyr_; + sudo = sudo_; + vglrun = vglrun_; + } + ) config.lass.xjail; + in { + + users.users = mapAttrs' (_: cfg: + nameValuePair cfg.name { + uid = genid cfg.name; + home = "/home/${cfg.name}"; + useDefaultShell = true; + createHome = true; + extraGroups = cfg.groups; + } + ) config.lass.xjail; + + users.groups = mapAttrs' (_: cfg: + nameValuePair cfg.name { + members = [ + cfg.name + cfg.from + ]; + } + ) config.lass.xjail; + + security.sudo.extraConfig = (concatStringsSep "\n" (mapAttrsToList (_: cfg: + # TODO allow just the right script with sudo + "${cfg.from} ALL=(${cfg.name}) NOPASSWD: ALL" + ) config.lass.xjail)); + + lass.xjail-bins = mapAttrs' (name: cfg: + nameValuePair name (pkgs.writeScriptBin cfg.name '' + ${scripts.${name}.existing} "$@" + '') + ) config.lass.xjail; + }; +} diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index e658897da..18cb25b5b 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -147,6 +147,10 @@ myKeyMap = export PATH=$PATH:${pkgs.dmenu}/bin:${pkgs.networkmanagerapplet}/bin exec ${pkgs.networkmanager_dmenu}/bin/networkmanager_dmenu "$@" ''}") + , ("M4-", spawn "${pkgs.writeDash "paste" '' + ${pkgs.coreutils}/bin/sleep 0.1 + ${pkgs.xclip}/bin/xclip -o | ${pkgs.xdotool}/bin/xdotool type -f - + ''}") , ("M4-", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 1") , ("M4-", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10") diff --git a/lass/5pkgs/default.nix b/lass/5pkgs/default.nix index 28482eb91..fd6a555d4 100644 --- a/lass/5pkgs/default.nix +++ b/lass/5pkgs/default.nix @@ -31,7 +31,6 @@ in { fi ${self.coreutils}/bin/rm $tmp ''; - rtl8814au = callPackage ./custom/rtl8814au { kernel = self.linux; }; } // mapAttrs (_: flip callPackage {}) diff --git a/lass/5pkgs/l-gen-secrets/default.nix b/lass/5pkgs/l-gen-secrets/default.nix new file mode 100644 index 000000000..4b25fbd4c --- /dev/null +++ b/lass/5pkgs/l-gen-secrets/default.nix @@ -0,0 +1,46 @@ +{ pkgs }: +pkgs.writeDashBin "l-gen-secrets" '' + HOSTNAME="$1" + TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d) + PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1) + HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null + + ${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null + ${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null + ${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null + cat < $TMPDIR/hashedPasswords.nix + { + root = "$HASHED_PASSWORD"; + mainUser = "$HASHED_PASSWORD"; + } + EOF + + cd $TMPDIR + for x in *; do + ${pkgs.coreutils}/bin/cat $x | ${pkgs.pass}/bin/pass insert -m krebs-secrets/$HOSTNAME/$x > /dev/null + done + echo $PASSWORD | ${pkgs.pass}/bin/pass insert -m hosts/$HOSTNAME/pass > /dev/null + + cat <; + ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)"; + }; + EOF + + rm -rf $TMPDIR +'' + diff --git a/lass/5pkgs/xephyrify/default.nix b/lass/5pkgs/xephyrify/default.nix index 8b18ea949..8d6036843 100644 --- a/lass/5pkgs/xephyrify/default.nix +++ b/lass/5pkgs/xephyrify/default.nix @@ -2,15 +2,18 @@ let - minimalXmonad = writeHaskell "minimalXmonad" { + xephyrify-xmonad = writeHaskell "xephyrify-xmonad" { executables.xmonad = { extra-depends = [ "containers" + "unix" "xmonad" ]; text = /* haskell */ '' module Main where import XMonad + import Data.Monoid + import System.Posix.Process (executeFile) import qualified Data.Map as Map main :: IO () @@ -21,8 +24,18 @@ let , keys = myKeys , normalBorderColor = "#000000" , focusedBorderColor = "#000000" + , handleEventHook = myEventHook } + myEventHook :: Event -> X All + + myEventHook (ConfigureEvent { ev_event_type = 22 }) = do + spawn "${xorg.xrandr}/bin/xrandr >/dev/null 2>&1" + return (All True) + + myEventHook _ = do + return (All True) + myLayoutHook = Full myKeys _ = Map.fromList [] ''; @@ -30,13 +43,20 @@ let }; in writeDashBin "xephyrify" '' - NDISPLAY=:$(${coreutils}/bin/shuf -i 100-65536 -n 1) + NDISPLAY=''${NDISPLAY:-$(${coreutils}/bin/shuf -i 100-65536 -n 1)} echo "using DISPLAY $NDISPLAY" - ${xorg.xorgserver}/bin/Xephyr -br -ac -reset -terminate -resizeable $NDISPLAY & + ${xorg.xorgserver}/bin/Xephyr -br -ac -reset -terminate -resizeable -dpi 60 -nolisten local :$NDISPLAY & + if test -n $DROP_TO_USER; then + sleep 1 + ls /tmp/.X11-unix/ + id + ${coreutils}/bin/chgrp "$DROP_TO_USER" "/tmp/.X11-unix/X$NDISPLAY" + ${coreutils}/bin/chmod 770 "/tmp/.X11-unix/X$NDISPLAY" + fi XEPHYR_PID=$! - DISPLAY=$NDISPLAY ${minimalXmonad}/bin/xmonad & + DISPLAY=:$NDISPLAY ${xephyrify-xmonad}/bin/xmonad & XMONAD_PID=$! - DISPLAY=$NDISPLAY ${virtualgl}/bin/vglrun "$@" + DISPLAY=:$NDISPLAY ${virtualgl}/bin/vglrun "$@" kill $XMONAD_PID kill $XEPHYR_PID '' diff --git a/lass/kops.nix b/lass/kops.nix new file mode 100644 index 000000000..9d0ab911a --- /dev/null +++ b/lass/kops.nix @@ -0,0 +1,35 @@ +{ name }: let + inherit (import ../krebs/kops.nix { inherit name; }) + krebs-source + lib + pkgs + ; + + source = { test }: lib.evalSource [ + krebs-source + { + nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix"; + secrets = if test then { + file = "/home/lass/stockholm/lass/2configs/tests/dummy-secrets"; + } else { + pass = { + dir = "${lib.getEnv "HOME"}/.password-store"; + name = "hosts/${name}"; + }; + }; + } + ]; + +in { + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) + deploy = pkgs.kops.writeDeploy "${name}-deploy" { + source = source { test = false; }; + target = "root@${name}/var/src"; + }; + + # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test) + test = pkgs.kops.writeTest "${name}-test" { + source = source { test = true; }; + target = "${lib.getEnv "HOME"}/tmp/${name}-kops-test-src"; + }; +} diff --git a/lib/types.nix b/lib/types.nix index 1cf2d96c9..d663d2512 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -50,6 +50,14 @@ rec { default = false; }; + monitoring = mkOption { + description = '' + Whether the host should be monitored by monitoring tools like Prometheus. + ''; + type = bool; + default = false; + }; + owner = mkOption { type = user; }; diff --git a/makefu/1systems/drop/source.nix b/makefu/1systems/drop/source.nix index 74de846c0..45bd6f97e 100644 --- a/makefu/1systems/drop/source.nix +++ b/makefu/1systems/drop/source.nix @@ -1,3 +1,4 @@ import { name="drop"; + torrent = true; } diff --git a/makefu/1systems/fileleech/source.nix b/makefu/1systems/fileleech/source.nix index 699267e21..caca1fbcb 100644 --- a/makefu/1systems/fileleech/source.nix +++ b/makefu/1systems/fileleech/source.nix @@ -1,3 +1,4 @@ import { - name="fileleech"; + name = "fileleech"; + torrent = true; } diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index b859efc94..578e4add8 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -52,7 +52,7 @@ in { # network - + # @@ -64,8 +64,10 @@ in { + # + @@ -222,6 +224,8 @@ in { 25 # http 80 443 + # httptunnel + 8080 8443 # tinc 655 # tinc-shack diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index 01438397e..bed6ae9fd 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -9,7 +9,7 @@ let keyFile = byid "usb-Verbatim_STORE_N_GO_070B3CEE0B223954-0:0"; rootDisk = byid "ata-SanDisk_SD8SNAT128G1122_162099420904"; rootPartition = byid "ata-SanDisk_SD8SNAT128G1122_162099420904-part2"; - primaryInterface = "enp1s0"; + primaryInterface = "enp2s0"; # cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512 # cryptsetup luksAddKey $dev tmpkey # cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096 @@ -54,6 +54,7 @@ in { # # + # @@ -65,6 +66,7 @@ in { + # services @@ -72,6 +74,11 @@ in { + + { + hardware.pulseaudio.systemWide = true; + makefu.mpd.musicDirectory = "/media/cryptX/music"; + } # security diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix index 637d8e2d8..42f3bddb1 100644 --- a/makefu/1systems/wbob/config.nix +++ b/makefu/1systems/wbob/config.nix @@ -32,66 +32,10 @@ in { - (let - musicDirectory = "/data/music"; - in { - services.mpd = { - enable = true; - inherit musicDirectory; - # dataDir = "/home/anders/.mpd"; - network.listenAddress = "any"; - extraConfig = '' - audio_output { - type "pulse" - name "Local MPD" - server "127.0.0.1" - } - ''; - }; - # open because of truestedInterfaces - # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; - services.samba.shares.music = { - path = musicDirectory; - "read only" = "no"; - browseable = "yes"; - "guest ok" = "yes"; - }; - - sound.enable = true; - hardware.pulseaudio = { - enable = true; - package = pkgs.pulseaudioFull; - # systemWide = true; - support32Bit = true; - zeroconf.discovery.enable = true; - zeroconf.publish.enable = true; - tcp = { - enable = true; - anonymousClients.allowAll = true; - anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.8.0/24" ]; - }; - configFile = pkgs.writeText "default.pa" '' - load-module module-udev-detect - load-module module-bluetooth-policy - load-module module-bluetooth-discover - load-module module-native-protocol-unix - load-module module-always-sink - load-module module-console-kit - load-module module-systemd-login - load-module module-intended-roles - load-module module-position-event-sounds - load-module module-filter-heuristics - load-module module-filter-apply - load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1 - load-module module-switch-on-connect - # may be required for "system-wide" pulse to connect to bluetooth - #module-bluez5-device - #module-bluez5-discover - ''; - }; - # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio - hardware.bluetooth.enable = true; - }) + + { + users.users.makefu.extraGroups = [ "pulse" ]; + } # Sensors @@ -180,6 +124,7 @@ in { networking.firewall.allowedTCPPorts = [ 655 8081 #smokeping + 8086 #influx 49152 ]; networking.firewall.trustedInterfaces = [ "enp0s25" ]; diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix index ad2ad8779..93bb27efe 100644 --- a/makefu/1systems/x/config.nix +++ b/makefu/1systems/x/config.nix @@ -11,6 +11,8 @@ with import ; + + @@ -27,6 +29,8 @@ with import ; # # # + # + # # Krebs @@ -40,7 +44,7 @@ with import ; # Virtualization - # + { networking.firewall.allowedTCPPorts = [ 8080 ]; networking.nat = { @@ -78,7 +82,6 @@ with import ; # # # - # { networking.wireguard.interfaces.wg0 = { @@ -123,6 +126,7 @@ with import ; load-module module-filter-heuristics load-module module-filter-apply load-module module-switch-on-connect + load-module module-switch-on-port-available ''; }; @@ -137,15 +141,6 @@ with import ; # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio hardware.bluetooth.enable = true; } - { # auto-mounting - services.udisks2.enable = true; - services.devmon.enable = true; - # services.gnome3.gvfs.enable = true; - users.users.makefu.packages = with pkgs;[ - gvfs pcmanfm lxmenu-data - ]; - environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; - } ]; @@ -166,6 +161,7 @@ with import ; networking.extraHosts = '' 192.168.1.11 omo.local + 80.92.65.53 www.wifionice.de wifionice.de ''; # hard dependency because otherwise the device will not be unlocked boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }]; diff --git a/makefu/1systems/x/source.nix b/makefu/1systems/x/source.nix index 6278877c3..ab6429dc1 100644 --- a/makefu/1systems/x/source.nix +++ b/makefu/1systems/x/source.nix @@ -3,5 +3,7 @@ import { full = true; python = true; hw = true; + unstable = true; + mic92 = true; # torrent = true; } diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix new file mode 100644 index 000000000..b59d3ce10 --- /dev/null +++ b/makefu/2configs/bluetooth-mpd.nix @@ -0,0 +1,71 @@ +{ pkgs, config, lib, ... }: + +let + cfg = config.makefu.mpd; +in { + options.makefu.mpd.musicDirectory = lib.mkOption { + description = "music Directory"; + default = "/data/music"; + type = lib.types.str; + }; + config = { + services.mpd = { + enable = true; + inherit (cfg) musicDirectory; + network.listenAddress = "0.0.0.0"; + extraConfig = '' + audio_output { + type "pulse" + name "Local MPD" + server "127.0.0.1" + } + ''; + }; + # open because of truestedInterfaces + # networking.firewall.allowedTCPPorts = [ 6600 4713 ]; + services.samba.shares.music = { + path = cfg.musicDirectory; + "read only" = "no"; + browseable = "yes"; + "guest ok" = "yes"; + }; + + sound.enable = true; + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + # systemWide = true; + support32Bit = true; + zeroconf.discovery.enable = true; + zeroconf.publish.enable = true; + tcp = { + enable = true; + # PULSE_SERVER=192.168.1.11 pavucontrol + anonymousClients.allowAll = true; + anonymousClients.allowedIpRanges = [ "127.0.0.1" "192.168.0.0/16" ]; + }; + configFile = pkgs.writeText "default.pa" '' + load-module module-udev-detect + load-module module-bluetooth-policy + load-module module-bluetooth-discover + load-module module-native-protocol-unix auth-anonymous=1 + load-module module-always-sink + load-module module-console-kit + load-module module-systemd-login + load-module module-intended-roles + load-module module-position-event-sounds + load-module module-filter-heuristics + load-module module-filter-apply + load-module module-switch-on-connect + #load-module module-bluez5-device + #load-module module-bluez5-discover + ''; + }; + # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio + hardware.bluetooth.enable = true; + # environment.etc."bluetooth/audio.conf".text = '' + # [General] + # Enable = Source,Sink,Media,Socket + # ''; + }; +} diff --git a/makefu/2configs/deployment/bureautomation/hass.nix b/makefu/2configs/deployment/bureautomation/hass.nix new file mode 100644 index 000000000..b62f37bdb --- /dev/null +++ b/makefu/2configs/deployment/bureautomation/hass.nix @@ -0,0 +1,75 @@ +{ pkgs, lib, ... }: +let + firetv = "192.168.1.238"; +in { + imports = [ + + ]; + systemd.services.firetv = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; + ExecStart = "${pkgs.python-firetv}/bin/firetv-server -d ${firetv}:5555"; + }; + }; + nixpkgs.config.packageOverrides = oldpkgs: { + home-assistant = (import {}).home-assistant; + }; + ids.uids.hass = 286; + ids.gids.hass = 286; + services.home-assistant = { + #panel_iframe: + #configurator: + # title: Configurator + # icon: mdi:wrench + # url: http://hassio.local:3218 + # sensor: + # - platform: random + enable = true; + config = { + homeassistant = { + name = "Bureautomation"; + time_zone = "Europe/Berlin"; + }; + panel_iframe = { + euer_blog = { + title = "Euer Blog"; + icon = "mdi:wrench"; + url = "https://euer.krebsco.de"; + }; + }; + media_player = [ + { platform = "kodi"; + host = firetv; + } + { platform = "firetv"; + # assumes python-firetv running + } + ]; + sensor = [ + { + platform = "luftdaten"; + name = "Shack 1"; + sensorid = "50"; + monitored_conditions = [ "P1" "P2" ]; + } + { + platform = "luftdaten"; + name = "Shack 2"; + sensorid = "658"; + monitored_conditions = [ "P1" "P2" ]; + } + { + platform = "luftdaten"; + name = "Ditzingen"; + sensorid = "5341"; + monitored_conditions = [ "P1" "P2" ]; + } + { platform = "random"; } + ]; + frontend = { }; + http = { }; + feedreader.urls = [ "https://nixos.org/blogs.xml" ]; + }; + }; +} diff --git a/makefu/2configs/deployment/photostore.krebsco.de.nix b/makefu/2configs/deployment/photostore.krebsco.de.nix index ecbca9ea3..19a8df235 100644 --- a/makefu/2configs/deployment/photostore.krebsco.de.nix +++ b/makefu/2configs/deployment/photostore.krebsco.de.nix @@ -30,6 +30,7 @@ in { forceSSL = true; locations = { "/".extraConfig = '' + expires -1; uwsgi_pass unix://${wsgi-sock}; uwsgi_param UWSGI_CHDIR ${workdir}; uwsgi_param UWSGI_MODULE cuserver.main; diff --git a/makefu/2configs/git/cgit-retiolum.nix b/makefu/2configs/git/cgit-retiolum.nix index 1109e2519..c209b83f6 100644 --- a/makefu/2configs/git/cgit-retiolum.nix +++ b/makefu/2configs/git/cgit-retiolum.nix @@ -3,10 +3,15 @@ with import ; let - repos = priv-repos // krebs-repos // connector-repos ; + repos = priv-repos // krebs-repos // connector-repos // krebsroot-repos; rules = concatMap krebs-rules (attrValues krebs-repos) ++ concatMap priv-rules (attrValues priv-repos) - ++ concatMap connector-rules (attrValues connector-repos); + ++ concatMap connector-rules (attrValues connector-repos) + ++ concatMap krebsroot-rules (attrValues krebsroot-repos); + + krebsroot-repos = mapAttrs make-krebs-repo { + hydra-stockholm = { }; + }; krebs-repos = mapAttrs make-krebs-repo { stockholm = { @@ -25,10 +30,10 @@ let euer_blog = { }; ampel = { }; europastats = { }; + arafetch = { }; init-stockholm = { cgit.desc = "Init stuff for stockholm"; }; - hydra-stockholm = { }; }; priv-repos = mapAttrs make-priv-repo { @@ -70,6 +75,9 @@ let krebs-rules = repo: set-owners repo all-makefu ++ set-ro-access repo krebsminister; + krebsroot-rules = repo: + set-owners repo (all-makefu ++ krebsminister); + set-ro-access = with git; repo: user: optional repo.public { inherit user; diff --git a/makefu/2configs/gui/automatic-diskmount.nix b/makefu/2configs/gui/automatic-diskmount.nix new file mode 100644 index 000000000..19933111a --- /dev/null +++ b/makefu/2configs/gui/automatic-diskmount.nix @@ -0,0 +1,44 @@ +{ pkgs, ... }: +with import ; #genid +{ # auto-mounting via polkit + services.udisks2.enable = true; +## automount all disks: +# services.devmon.enable = true; +# services.gnome3.gvfs.enable = true; + users.groups.storage = { + gid = genid "storage"; + members = [ "makefu" ]; + }; + users.users.makefu.packages = with pkgs;[ + gvfs pcmanfm lxmenu-data + ]; + environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; + +## allow users in group "storage" to mount disk +# https://github.com/coldfix/udiskie/wiki/Permissions + security.polkit.extraConfig = + '' + polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + var permission = { + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("storage")) { + return permission[action.id]; + } + }); + ''; + +} diff --git a/makefu/2configs/hw/tp-x2x0.nix b/makefu/2configs/hw/tp-x2x0.nix index f33c12a8f..98fe30daf 100644 --- a/makefu/2configs/hw/tp-x2x0.nix +++ b/makefu/2configs/hw/tp-x2x0.nix @@ -38,7 +38,7 @@ with import ; services.tlp.enable = true; services.tlp.extraConfig = '' # BUG: http://linrunner.de/en/tlp/docs/tlp-faq.html#erratic-battery - START_CHARGE_THRESH_BAT0=67 + START_CHARGE_THRESH_BAT0=95 STOP_CHARGE_THRESH_BAT0=100 diff --git a/makefu/2configs/hydra/stockholm.nix b/makefu/2configs/hydra/stockholm.nix index 4bdb09213..35999ae57 100644 --- a/makefu/2configs/hydra/stockholm.nix +++ b/makefu/2configs/hydra/stockholm.nix @@ -5,7 +5,6 @@ { # TODO postgres backup - services.postgresql.enable = true; services.hydra = { enable = true; diff --git a/makefu/2configs/main-laptop.nix b/makefu/2configs/main-laptop.nix index 827da0c8d..315fc4706 100644 --- a/makefu/2configs/main-laptop.nix +++ b/makefu/2configs/main-laptop.nix @@ -16,6 +16,7 @@ in { ./zsh-user.nix ./tools/core.nix ./tools/core-gui.nix + ./gui/automatic-diskmount.nix ]; users.users.${config.krebs.build.user.name}.extraGroups = [ "dialout" ]; diff --git a/makefu/2configs/nginx/euer.wiki.nix b/makefu/2configs/nginx/euer.wiki.nix index 08bc5659f..99533b25c 100644 --- a/makefu/2configs/nginx/euer.wiki.nix +++ b/makefu/2configs/nginx/euer.wiki.nix @@ -17,6 +17,7 @@ let # contains: # user1 = pass1 # userN = passN + # afterwards put /var/www//user1.html as tiddlywiki tw-pass-file = "${sec}/tw-pass.ini"; in { @@ -45,7 +46,7 @@ in { systemd.services.prepare-tw = { wantedBy = [ "local-fs.target" ]; - before = [ "phpfpm.service" ]; + before = [ "phpfpm.service" "nginx.service" ]; serviceConfig = { ExecStart = pkgs.writeScript "prepare-tw-service" '' #!/bin/sh @@ -92,6 +93,7 @@ in { locations = { "/" = { root = wiki-dir; + index = "makefu.html"; extraConfig = '' expires -1; autoindex on; diff --git a/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix new file mode 100644 index 000000000..d0881a934 --- /dev/null +++ b/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ... }: +{ + services.nginx = { + enable = lib.mkDefault true; + virtualHosts."misa-felix-hochzeit.ml" = { + serverAliases = [ "www.misa-felix-hochzeit.ml" "misa-felix.ml" "www.misa-felix.ml" ]; + forceSSL = true; + enableACME = true; + locations = { + "/" = { + index = "index.html"; + root = "/var/www/misa-felix-hochzeit.ml"; + }; + }; + }; + }; +} diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix index 51e69d8b7..d5fa65ef9 100644 --- a/makefu/2configs/printer.nix +++ b/makefu/2configs/printer.nix @@ -9,6 +9,7 @@ in { pkgs.samsungUnifiedLinuxDriver pkgs.cups-dymo # dymo labelwriter pkgs.foo2zjs # magicolor 1690mf + pkgs.zj-58 ]; }; diff --git a/makefu/2configs/remote-build/master.nix b/makefu/2configs/remote-build/master.nix deleted file mode 100644 index 2a2c68119..000000000 --- a/makefu/2configs/remote-build/master.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ pkgs, ...}: -let - sshKey = (toString ) + "/id_nixBuild"; -in { - nix.distributedBuilds = true; - # TODO: iterate over krebs.hosts - nix.buildMachines = map ( hostName: - { inherit hostName sshKey; - sshUser = "nixBuild"; - system = "x86_64-linux"; - maxJobs = 8; - }) [ "hotdog.r" ]; - # puyak.r "wbob.r" "omo.r" "gum.r" "latte.r" -} diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix new file mode 100644 index 000000000..422676b24 --- /dev/null +++ b/makefu/2configs/stats/arafetch.nix @@ -0,0 +1,49 @@ +{ pkgs, lib, ...}: +with import ; +let + pkg = with pkgs.python3Packages;buildPythonPackage rec { + rev = "762d747"; + name = "arafetch-${rev}"; + propagatedBuildInputs = [ + requests + docopt + influxdb + beautifulsoup4 + ]; + src = pkgs.fetchgit { + url = "http://cgit.euer.krebsco.de/arafetch"; + inherit rev; + sha256 = "164xiqbrr914lz0nh3i1dxz8iwg6vm2af3i3803cd3242nznw0ws"; + }; + }; + home = "/var/lib/arafetch"; +in { + users.users.arafetch = { + uid = genid "arafetch"; + inherit home; + createHome = true; + }; + + systemd.services.arafetch = { + startAt = "Mon,Wed,Fri 09:15:00"; + wantedBy = [ "multi-user.target" ]; + environment = { + OUTDIR = home; + }; + path = [ pkg pkgs.git pkgs.wget ]; + serviceConfig = { + User = "arafetch"; + WorkingDirectory = home; + PrivateTmp = true; + ExecStart = pkgs.writeDash "start-weekrun" '' + set -x + weekrun || echo "weekrun failed!" + find $OUTDIR/db -name \*.json | while read path;do + file=''${path##*/} + cantine=''${file%%.json} + ara2influx $path --cantine $cantine --host wbob.r + done + ''; + }; + }; +} diff --git a/makefu/2configs/tools/mic92.nix b/makefu/2configs/tools/mic92.nix new file mode 100644 index 000000000..176e461c7 --- /dev/null +++ b/makefu/2configs/tools/mic92.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: +{ + nixpkgs.overlays = [ + (import ) + ]; + users.users.makefu.packages = [ + pkgs.nix-review + ]; +} diff --git a/makefu/2configs/urlwatch/default.nix b/makefu/2configs/urlwatch/default.nix index d0fb4fe41..f93d47caa 100644 --- a/makefu/2configs/urlwatch/default.nix +++ b/makefu/2configs/urlwatch/default.nix @@ -25,7 +25,6 @@ in { # pypi https://pypi.python.org/simple/bepasty/ https://pypi.python.org/simple/devpi-client/ - https://pypi.python.org/simple/oslo.config/ https://pypi.python.org/simple/sqlalchemy_migrate/ https://pypi.python.org/simple/xstatic/ https://pypi.python.org/simple/pyserial/ diff --git a/makefu/3modules/awesome-extra.nix b/makefu/3modules/awesome-extra.nix index e4a79aa87..6f19f8f72 100644 --- a/makefu/3modules/awesome-extra.nix +++ b/makefu/3modules/awesome-extra.nix @@ -21,7 +21,9 @@ let This module will use substituteAll to replace strings before writing to /etc/xdg/awesome/rc.lua ''; - default = pkgs.awesomecfg.full; + default = pkgs.awesomecfg.full.override { + locker = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper"; + }; }; }; imp = { diff --git a/makefu/5pkgs/ampel/default.nix b/makefu/5pkgs/ampel/default.nix index 86518b9b8..9792c2c59 100644 --- a/makefu/5pkgs/ampel/default.nix +++ b/makefu/5pkgs/ampel/default.nix @@ -2,7 +2,7 @@ with pkgs.python3Packages;buildPythonPackage rec { name = "ampel-${version}"; - version = "0.2"; + version = "0.2.1"; propagatedBuildInputs = [ docopt @@ -16,8 +16,8 @@ with pkgs.python3Packages;buildPythonPackage rec { src = pkgs.fetchgit { url = "http://cgit.euer.krebsco.de/ampel"; - rev = "d8a0250"; - sha256 = "0n36lc17ca5db6pl6dswdqd5w9f881rfqck9yc4w33a5qpsxj85f"; + rev = "92321d7"; + sha256 = "0mvpbpf1rx8sc589qjb73gl8z6fir2zs3gl3br1pbhg5jgn0ij4n"; }; meta = { homepage = http://cgit.euer.krebsco.de/ampel; diff --git a/makefu/5pkgs/awesomecfg/default.nix b/makefu/5pkgs/awesomecfg/default.nix index 7e9724ec8..e5f62e910 100644 --- a/makefu/5pkgs/awesomecfg/default.nix +++ b/makefu/5pkgs/awesomecfg/default.nix @@ -1,23 +1,23 @@ { pkgs , lib , alsaUtils -, xlockmore , xbacklight , modkey?"Mod4" +, locker? "${pkgs.xlock}/bin/xlock -mode blank" , ... }: { # replace: @alsaUtils@ @xlockmore@ @xbacklight@ @modkey@ full = lib.makeOverridable pkgs.substituteAll { name = "awesome_full_config"; - inherit alsaUtils xlockmore xbacklight modkey; + inherit alsaUtils locker xbacklight modkey; isExecutable = false; src = ./full.cfg; }; kiosk = lib.makeOverridable pkgs.substituteAll { name = "awesome_kiosk_config"; - inherit alsaUtils xlockmore xbacklight modkey; + inherit alsaUtils locker xbacklight modkey; isExecutable = false; src = ./kiosk.lua; }; diff --git a/makefu/5pkgs/awesomecfg/full.cfg b/makefu/5pkgs/awesomecfg/full.cfg index 3488d0102..e49a88697 100644 --- a/makefu/5pkgs/awesomecfg/full.cfg +++ b/makefu/5pkgs/awesomecfg/full.cfg @@ -243,7 +243,7 @@ awful.screen.connect_for_each_screen(function(s) set_wallpaper(s) -- Each screen has its own tag table. - awful.tag({ "tmp", "news", "www", "im", "work1","work2","net","misc","remote" }, s, awful.layout.layouts[1]) + awful.tag({ "tmp", "news", "www", "im", "work1","work2","net","misc","remote" }, s, awful.layout.layouts[1]) -- Create a promptbox for each screen s.mypromptbox = awful.widget.prompt() @@ -277,10 +277,10 @@ awful.screen.connect_for_each_screen(function(s) { -- Right widgets layout = wibox.layout.fixed.horizontal, mykeyboardlayout, - mailwidget, + mailwidget, wibox.widget.systray(), - cpuwidget, - batwidget, + cpuwidget, + batwidget, mytextclock, s.mylayoutbox, }, @@ -379,19 +379,19 @@ globalkeys = awful.util.table.join( -- Prompt awful.key({ modkey }, "r", function () awful.screen.focused().mypromptbox:run() end, {description = "run prompt", group = "launcher"}), - awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@xlockmore@/bin/xlock -mode blank") end), - awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@xlockmore@/bin/xlock -mode blank") end), + awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@locker@") end), + awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@locker@") end), - awful.key({ modkey }, "x", - function () - awful.prompt.run { - prompt = "Run Lua code: ", - textbox = awful.screen.focused().mypromptbox.widget, - exe_callback = awful.util.eval, - history_path = awful.util.get_cache_dir() .. "/history_eval" - } - end, - {description = "lua execute prompt", group = "awesome"}), + awful.key({ modkey }, "x", + function () + awful.prompt.run { + prompt = "Run Lua code: ", + textbox = awful.screen.focused().mypromptbox.widget, + exe_callback = awful.util.eval, + history_path = awful.util.get_cache_dir() .. "/history_eval" + } + end, + {description = "lua execute prompt", group = "awesome"}), -- Menubar awful.key({ modkey }, "p", function() menubar.show() end) @@ -412,8 +412,7 @@ clientkeys = awful.util.table.join( end), awful.key({ modkey, }, "m", function (c) - c.maximized_horizontal = not c.maximized_horizontal - c.maximized_vertical = not c.maximized_vertical + c.maximized = not c.maximized end) ) diff --git a/makefu/5pkgs/awesomecfg/kiosk.lua b/makefu/5pkgs/awesomecfg/kiosk.lua index ec255a8af..d0261f798 100644 --- a/makefu/5pkgs/awesomecfg/kiosk.lua +++ b/makefu/5pkgs/awesomecfg/kiosk.lua @@ -331,8 +331,8 @@ globalkeys = awful.util.table.join( -- Prompt awful.key({ modkey }, "r", function () mypromptbox[mouse.screen]:run() end), -- awful.key({ modkey }, "r", function () awful.util.spawn( "dmenu_run" ) end ), - awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("xlock -mode blank") end), - awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("xlock -mode blank") end), + awful.key({ modkey,"Control" }, "BackSpace", function () awful.util.spawn("@locker@") end), + awful.key({ }, "XF86ScreenSaver", function () awful.util.spawn("@locker@") end), awful.key({ modkey }, "x", function () diff --git a/makefu/5pkgs/devpi/default.nix b/makefu/5pkgs/devpi/default.nix index 3ddcd9641..6515ea3d1 100644 --- a/makefu/5pkgs/devpi/default.nix +++ b/makefu/5pkgs/devpi/default.nix @@ -16,16 +16,17 @@ let }; devpi-web = pkgs.python3Packages.buildPythonPackage rec { name = "devpi-web"; - version = "3.1.1"; + version = "3.2.2"; src = pkgs.fetchurl { url = "mirror://pypi/d/devpi-web/devpi-web-${version}.tar.gz"; - sha256 = "0bvqv52jmasfm4sdyccwsgvk9a663d3grj7zjw8r9x7xm7l3svqv"; + sha256 = "1mwg2fcw88rn47ypnhg5f4s1r066129z922113shyinwrwfddhay"; }; - propagatedBuildInputs = with pkgs.python3Packages; - [ pkgs.devpi-server pyramid_chameleon beautifulsoup4 defusedxml readme-renderer ]; + propagatedBuildInputs = with pkgs.python3Packages; builtins.trace pkgs.devpi-server.version + [ pkgs.devpi-server pyramid_chameleon pygments docutils devpi-common + whoosh beautifulsoup4 defusedxml readme-renderer ]; meta = { homepage = https://bitbucket.org/hpk42/devpi; @@ -37,6 +38,6 @@ let in { devpi-web = pkgs.python3.buildEnv.override { - extraLibs = [ devpi-web devpi-server ]; - }; + extraLibs = [ devpi-web pkgs.devpi-server ]; + }; } diff --git a/makefu/5pkgs/nodemcu-uploader/default.nix b/makefu/5pkgs/nodemcu-uploader/default.nix index 64476be6e..f3e47be55 100644 --- a/makefu/5pkgs/nodemcu-uploader/default.nix +++ b/makefu/5pkgs/nodemcu-uploader/default.nix @@ -1,19 +1,22 @@ -{ lib, pkgs, pythonPackages, fetchurl, ... }: +{ lib, pkgs, pythonPackages, ... }: with pythonPackages; buildPythonPackage rec { name = "nodemcu-uploader-${version}"; - version = "0.2.2"; - disabled = isPy3k || isPyPy; + version = "0.4.1"; propagatedBuildInputs = [ pyserial + wrapt ]; - src = fetchurl { - url = "https://pypi.python.org/packages/source/n/nodemcu-uploader/nodemcu-uploader-${version}.tar.gz"; - sha256 = "090giz84y9y3idgifp0yh80qqyv2czv6h3y55wyrlgf7qfbwbrvn"; + + src = pkgs.fetchFromGitHub { + owner = "kmpm"; + repo = "nodemcu-uploader"; + rev = "v${version}"; + sha256 = "055pvlg544vb97kaqnnq51fs9f9g75vwgbazc293f3g1sk263gmn"; }; - # ImportError: No module named tests - # not sure what to do here + doCheck = false; + meta = { homepage = https://github.com/kmpm/nodemcu-uploader; description = "tool for uploading files to NodeMCU filesystem"; diff --git a/makefu/5pkgs/python-firetv/default.nix b/makefu/5pkgs/python-firetv/default.nix new file mode 100644 index 000000000..1fb772f1f --- /dev/null +++ b/makefu/5pkgs/python-firetv/default.nix @@ -0,0 +1,40 @@ +{ lib, pkgs, python2Packages, ... }: +# requires libusb1 from unstable +with (import {}).python2Packages; let + + python-adb = buildPythonPackage rec { + pname = "adb"; + version = "1.2.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "0v4my47ikgkbq04gdllpx6kql5cfh7dnpq2fk72x03z74mqri7v8"; + }; + + propagatedBuildInputs = [ libusb1 m2crypto ]; + meta = { + homepage = https://github.com/google/python-adb; + description = "Python ADB + Fastboot implementation"; + license = lib.licenses.asl20; + }; + }; +in + buildPythonPackage rec { + name = "python-firetv-${version}"; + version = "1.0.5"; + + src = pkgs.fetchFromGitHub { + owner = "happyleavesaoc"; + repo = "python-firetv"; + # rev = version; + rev = "55406c6"; + sha256 = "1r2yighilchs0jvcvbngkjxkk7gp588ikcl64x7afqzxc6zxv7wp"; + }; + + propagatedBuildInputs = [ python-adb flask pyyaml ]; + meta = { + homepage = https://github.com/happyleavesaoc/python-firetv; + description = "provides state informations and some control of an amazon firetv"; + license = lib.licenses.mit; + }; +} diff --git a/makefu/5pkgs/zj-58/default.nix b/makefu/5pkgs/zj-58/default.nix new file mode 100644 index 000000000..6eda84959 --- /dev/null +++ b/makefu/5pkgs/zj-58/default.nix @@ -0,0 +1,30 @@ +{stdenv, fetchFromGitHub, cups}: + +stdenv.mkDerivation rec { + name = "cups-zj58-2018-02-22"; + + src = fetchFromGitHub { + owner = "klirichek"; + repo = "zj-58"; + rev = "e4212cd"; + sha256 = "1w2qkspm4qqg5h8n6gmakzhiww7gag64chvy9kf89xsl3wsyp6pi"; + }; + + buildInputs = [cups]; + + installPhase = '' + mkdir -p $out/lib/cups/filter + + cp rastertozj $out/lib/cups/filter + + + mkdir -p $out/share/cups/model/zjiang + cp ZJ-58.ppd $out/share/cups/model/zjiang/ + ''; + + meta = { + description = "CUPS filter for thermal printer Zjiang ZJ-58"; + homepage = https://github.com/klirichek/zj-58; + platforms = stdenv.lib.platforms.linux; + }; +} diff --git a/makefu/6tests/data/secrets/torrent-secrets/auth.nix b/makefu/6tests/data/secrets/torrent-secrets/auth.nix deleted file mode 100644 index 0967ef424..000000000 --- a/makefu/6tests/data/secrets/torrent-secrets/auth.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/makefu/source.nix b/makefu/source.nix index 79a2c535f..bcdb66a66 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -1,12 +1,14 @@ with import ; host@{ name, - override ? {}, - secure ? false, - full ? false, - torrent ? false, - hw ? false, - musnix ? false, - python ? false + override ? {} +, secure ? false +, full ? false +, torrent ? false +, hw ? false +, musnix ? false +, python ? false +, unstable ? false #unstable channel checked out +, mic92 ? false }: let builder = if getEnv "dummy_secrets" == "true" @@ -19,9 +21,8 @@ let ]; }; # TODO: automate updating of this ref + cherry-picks - ref = "51810e0"; # nixos-17.09 @ 2018-02-14 - # + do_sqlite3 ruby: 55a952be5b5 - # + signal: 0f19beef3 + ref = "a09afbfb8a4"; # nixos-18.03 @ 2018-04-04 + # + do_sqlite3 ruby: 55a952be5b5 in evalSource (toString _file) [ @@ -52,28 +53,44 @@ in (mkIf ( musnix ) { musnix.git = { url = https://github.com/musnix/musnix.git; - ref = "d8b989f"; + ref = "master"; # follow the musnix channel, lets see how this works out }; }) (mkIf ( hw ) { nixos-hardware.git = { url = https://github.com/nixos/nixos-hardware.git; - ref = "8a05dc9"; + ref = "30fdd53"; }; }) (mkIf ( python ) { python.git = { url = https://github.com/garbas/nixpkgs-python; - ref = "cac319b"; + ref = "cac319b7"; }; }) + (mkIf ( torrent ) { torrent-secrets.file = getAttr builder { buildbot = toString ; makefu = "/home/makefu/secrets/torrent" ; }; }) + + (mkIf ( unstable ) { + nixpkgs-unstable.git = { + url = https://github.com/nixos/nixpkgs-channels; + ref = "nixos-unstable"; + }; + }) + + (mkIf ( mic92 ) { + mic92.git = { + url = https://github.com/Mic92/dotfiles/; + ref = "48a1f49"; + }; + }) + override ] diff --git a/nin/2configs/games.nix b/nin/2configs/games.nix index a7edae078..15e17238d 100644 --- a/nin/2configs/games.nix +++ b/nin/2configs/games.nix @@ -3,7 +3,7 @@ let mainUser = config.users.extraUsers.mainUser; vdoom = pkgs.writeDash "vdoom" '' - ${pkgs.zandronum-bin}/bin/zandronum \ + ${pkgs.zandronum}/bin/zandronum \ -fov 120 \ "$@" ''; @@ -50,7 +50,7 @@ let vdoomserver = pkgs.writeDashBin "vdoomserver" '' DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${pkgs.zandronum-bin}/bin/zandronum-server \ + ${pkgs.zandronum}/bin/zandronum-server \ +exec ${doomservercfg} \ "$@" ''; diff --git a/tv/2configs/urlwatch.nix b/tv/2configs/urlwatch.nix index 509257c48..897def8c9 100644 --- a/tv/2configs/urlwatch.nix +++ b/tv/2configs/urlwatch.nix @@ -13,11 +13,6 @@ with import ; http://www.exim.org/ - { - url = https://api.github.com/repos/Gabriel439/nix-diff/git/refs/heads/master; - filter = "system:${pkgs.jq}/bin/jq -r .object.sha"; - } - # ref src/nixpkgs/pkgs/tools/admin/sec/default.nix { url = https://api.github.com/repos/simple-evcorr/sec/tags; diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index 7ba78b974..6ef8a8768 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -11,6 +11,7 @@ in { environment.systemPackages = [ pkgs.ff + pkgs.font-size pkgs.gitAndTools.qgit pkgs.mpv pkgs.sxiv diff --git a/tv/5pkgs/simple/xmonad-tv/default.nix b/tv/5pkgs/simple/xmonad-tv/default.nix index 94c70153d..d474b7edd 100644 --- a/tv/5pkgs/simple/xmonad-tv/default.nix +++ b/tv/5pkgs/simple/xmonad-tv/default.nix @@ -133,6 +133,8 @@ myKeys conf = Map.fromList $ [ ((_4 , xK_Escape ), forkFile "/run/wrappers/bin/slock" [] Nothing) , ((_4S , xK_c ), kill) + , ((_4 , xK_p ), forkFile "${pkgs.pass}/bin/passmenu" ["--type"] Nothing) + , ((_4 , xK_x ), chooseAction spawnTermAt) , ((_4C , xK_x ), spawnRootTerm)