Merge branch 'master' of prism:stockholm
This commit is contained in:
commit
689fb1a77a
17
default.nix
17
default.nix
@ -3,3 +3,20 @@ import <nixpkgs/nixos/lib/eval-config.nix> {
|
|||||||
(import <nixpkgs/nixos/lib/from-env.nix> "NIXOS_CONFIG" <nixos-config>)
|
(import <nixpkgs/nixos/lib/from-env.nix> "NIXOS_CONFIG" <nixos-config>)
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
//
|
||||||
|
{
|
||||||
|
lib = import ./lib;
|
||||||
|
systems = with import ./lib; let
|
||||||
|
ns = getEnv "LOGNAME";
|
||||||
|
in
|
||||||
|
genAttrs
|
||||||
|
(attrNames (filterAttrs (_: eq "directory") (readDir (<stockholm> + "/${ns}/1systems"))))
|
||||||
|
(name: let
|
||||||
|
config = import (<stockholm> + "/${ns}/1systems/${name}/config.nix");
|
||||||
|
source = import (<stockholm> + "/${ns}/1systems/${name}/source.nix");
|
||||||
|
in import <nixpkgs/nixos/lib/eval-config.nix> {
|
||||||
|
modules = [ config ];
|
||||||
|
} // {
|
||||||
|
inherit source;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
@ -1,42 +1,19 @@
|
|||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
# bln config file
|
# bln config file
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
[ # Include the results of the hardware scan.
|
[ <stockholm/jeschli>
|
||||||
<stockholm/jeschli>
|
|
||||||
<stockholm/jeschli/2configs/virtualbox.nix>
|
<stockholm/jeschli/2configs/virtualbox.nix>
|
||||||
<stockholm/jeschli/2configs/urxvt.nix>
|
<stockholm/jeschli/2configs/urxvt.nix>
|
||||||
|
<stockholm/jeschli/2configs/emacs.nix>
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
# ./dcso-vpn.nix
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
jeschliFontSize = 20;
|
jeschliFontSize = 20;
|
||||||
# Use the GRUB 2 boot loader.
|
|
||||||
boot.loader.grub.enable = true;
|
|
||||||
boot.loader.grub.version = 2;
|
|
||||||
# boot.loader.grub.efiSupport = true;
|
|
||||||
# boot.loader.grub.efiInstallAsRemovable = true;
|
|
||||||
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
|
||||||
# Define on which hard drive you want to install Grub.
|
|
||||||
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
|
|
||||||
boot.loader.grub.extraEntries = ''
|
|
||||||
menuentry "Debian GNU/Linux, kernel 4.9.0-4-amd64" {
|
|
||||||
search --set=drive1 --fs-uuid f169fd32-bf96-4da0-bc34-294249ffa606
|
|
||||||
linux ($drive1)/vmlinuz-4.9.0-4-amd64 root=/dev/mapper/pool-debian ro
|
|
||||||
initrd ($drive1)/initrd.img-4.9.0-4-amd64
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
boot.initrd.luks.devices = [
|
|
||||||
{
|
|
||||||
name = "root";
|
|
||||||
device = "/dev/disk/by-uuid/cba5d550-c3c8-423e-a913-14b5210bdd32";
|
|
||||||
preLVM = true;
|
|
||||||
allowDiscards = true;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
n = "nix-shell";
|
n = "nix-shell";
|
||||||
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
|
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
|
||||||
@ -46,23 +23,13 @@
|
|||||||
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
|
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
networking.hostName = lib.mkForce "BLN02NB0154"; # Define your hostname.
|
networking.hostName = lib.mkForce "BLN02NB0232";
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager.enable = true;
|
||||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
|
||||||
|
|
||||||
# Select internationalisation properties.
|
|
||||||
# i18n = {
|
|
||||||
# consoleFont = "Lat2-Terminus16";
|
|
||||||
# consoleKeyMap = "us";
|
|
||||||
# defaultLocale = "en_US.UTF-8";
|
|
||||||
# };
|
|
||||||
|
|
||||||
# Set your time zone.
|
# Set your time zone.
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
# Setup Packages
|
||||||
# List packages installed in system profile. To search by name, run:
|
|
||||||
# $ nix-env -qaP | grep wget
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
|
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
@ -114,79 +81,44 @@
|
|||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# Some programs need SUID wrappers, can be configured further or are
|
|
||||||
# started in user sessions.
|
|
||||||
programs.bash.enableCompletion = true;
|
programs.bash.enableCompletion = true;
|
||||||
programs.vim.defaultEditor = true;
|
programs.vim.defaultEditor = true;
|
||||||
# programs.mtr.enable = true;
|
|
||||||
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
|
||||||
|
|
||||||
# List services that you want to enable:
|
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
||||||
# Open ports in the firewall.
|
|
||||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
|
||||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
|
||||||
# Or disable the firewall altogether.
|
|
||||||
# networking.firewall.enable = false;
|
|
||||||
|
|
||||||
# Enable CUPS to print documents.
|
# Enable CUPS to print documents.
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
services.printing.drivers = [ pkgs.postscript-lexmark ];
|
services.printing.drivers = [ pkgs.postscript-lexmark ];
|
||||||
|
|
||||||
# Enable the X11 windowing system.
|
# Enable the X11 windowing system.
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
# services.xserver.xrandrHeads = [
|
services.xserver.videoDrivers = [ "nvidia" ];
|
||||||
# { output = "eDP1"; }
|
|
||||||
# { output = "DP-2-2-8"; primary = true; }
|
|
||||||
# { output = "DP-2-1-8"; monitorConfig = ''Option "Rotate" "left"''; }
|
|
||||||
# ];
|
|
||||||
# services.xserver.layout = "us";
|
|
||||||
# services.xserver.xkbOptions = "eurosign:e";
|
|
||||||
|
|
||||||
# Enable touchpad support.
|
|
||||||
# services.xserver.libinput.enable = true;
|
|
||||||
|
|
||||||
# Enable the KDE Desktop Environment.
|
|
||||||
# services.xserver.displayManager.lightdm.enable = true;
|
|
||||||
services.xserver.windowManager.xmonad.enable = true;
|
services.xserver.windowManager.xmonad.enable = true;
|
||||||
services.xserver.windowManager.xmonad.enableContribAndExtras = true;
|
services.xserver.windowManager.xmonad.enableContribAndExtras = true;
|
||||||
# services.xserver.desktopManager.gnome3.enable = true;
|
|
||||||
# services.xserver.displayManager.gdm.enable = true;
|
|
||||||
services.xserver.displayManager.sddm.enable = true;
|
services.xserver.displayManager.sddm.enable = true;
|
||||||
#services.xserver.desktopManager.plasma5.enable = true;
|
services.xserver.dpi = 100;
|
||||||
# services.xserver.displayManager.sessionCommands = ''
|
fonts.fontconfig.dpi = 100;
|
||||||
# (sleep 1 && ${pkgs.xorg.xrandr}/bin/xrandr --output VIRTUAL1 --off --output eDP1 --mode 1920x1080 --pos 5120x688 --rotate normal --output DP1 --off --output DP2-1 --mode 2560x1440 --pos 2560x328 --rotate normal --output DP2-2 --primary --mode 2560x1440 --pos 0x328 --rotate normal --output DP2-3 --off --output HDMI2 --off --output HDMI1 --off --output DP2 --off
|
|
||||||
#'';
|
|
||||||
|
|
||||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
users.extraUsers.jeschli = {
|
||||||
users.extraUsers.markus = {
|
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = ["docker"];
|
extraGroups = ["docker" "vboxusers"];
|
||||||
uid = 1000;
|
uid = 1000;
|
||||||
};
|
};
|
||||||
|
|
||||||
# This value determines the NixOS release with which your system is to be
|
system.stateVersion = "17.09";
|
||||||
# compatible, in order to avoid breaking some software such as database
|
|
||||||
# servers. You should change this only after NixOS release notes say you
|
|
||||||
# should.
|
|
||||||
system.stateVersion = "17.09"; # Did you read the comment?
|
|
||||||
|
|
||||||
# Gogland Debugger workaround
|
# Gogland Debugger workaround
|
||||||
# nixpkgs.config.packageOverrides = super: {
|
# nixpkgs.config.packageOverrides = super: {
|
||||||
# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
|
# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
|
||||||
# postFixup = ''
|
# postFixup = ''
|
||||||
# interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
|
# interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
|
||||||
# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
||||||
# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
||||||
# '';
|
# '';
|
||||||
# });
|
# });
|
||||||
# };
|
# };
|
||||||
|
|
||||||
# virtualisation.docker.enable = true;
|
|
||||||
|
|
||||||
|
virtualisation.docker.enable = true;
|
||||||
|
|
||||||
# DCSO Certificates
|
# DCSO Certificates
|
||||||
security.pki.certificateFiles = [
|
security.pki.certificateFiles = [
|
||||||
|
@ -1,6 +1,3 @@
|
|||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
@ -8,27 +5,29 @@
|
|||||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d";
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" =
|
||||||
{ device = "/dev/disk/by-uuid/02144ea4-947d-440e-bbf9-99cab0dccf05";
|
{ device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/home" =
|
||||||
|
{ device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" =
|
||||||
{ device = "/dev/disk/by-uuid/f169fd32-bf96-4da0-bc34-294249ffa606";
|
{ device = "/dev/disk/by-uuid/927E-01A0";
|
||||||
fsType = "ext2";
|
fsType = "vfat";
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/home" =
|
|
||||||
{ device = "/dev/disk/by-uuid/68ef2163-7b3d-4dbb-add9-d3543ad7c738";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [ ];
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 4;
|
nix.maxJobs = lib.mkDefault 8;
|
||||||
powerManagement.cpuFreqGovernor = "powersave";
|
powerManagement.cpuFreqGovernor = "powersave";
|
||||||
}
|
}
|
||||||
|
@ -10,6 +10,7 @@
|
|||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
<stockholm/jeschli>
|
<stockholm/jeschli>
|
||||||
<stockholm/jeschli/2configs/urxvt.nix>
|
<stockholm/jeschli/2configs/urxvt.nix>
|
||||||
|
<stockholm/jeschli/2configs/emacs.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.bolide;
|
krebs.build.host = config.krebs.hosts.bolide;
|
||||||
|
@ -5,6 +5,9 @@
|
|||||||
<stockholm/jeschli>
|
<stockholm/jeschli>
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
<stockholm/jeschli/2configs/urxvt.nix>
|
<stockholm/jeschli/2configs/urxvt.nix>
|
||||||
|
<stockholm/jeschli/2configs/emacs.nix>
|
||||||
|
<stockholm/jeschli/2configs/xdg.nix>
|
||||||
|
<stockholm/jeschli/2configs/xserver>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.brauerei;
|
krebs.build.host = config.krebs.hosts.brauerei;
|
||||||
@ -56,7 +59,6 @@
|
|||||||
terminator
|
terminator
|
||||||
tmux
|
tmux
|
||||||
wget
|
wget
|
||||||
# rxvt_unicode
|
|
||||||
# editors
|
# editors
|
||||||
emacs
|
emacs
|
||||||
# internet
|
# internet
|
||||||
@ -64,6 +66,7 @@
|
|||||||
chromium
|
chromium
|
||||||
google-chrome
|
google-chrome
|
||||||
# programming languages
|
# programming languages
|
||||||
|
exercism
|
||||||
go
|
go
|
||||||
gcc
|
gcc
|
||||||
ghc
|
ghc
|
||||||
@ -72,6 +75,9 @@
|
|||||||
# go tools
|
# go tools
|
||||||
golint
|
golint
|
||||||
gotools
|
gotools
|
||||||
|
# rust
|
||||||
|
cargo
|
||||||
|
rustc
|
||||||
# dev tools
|
# dev tools
|
||||||
gnumake
|
gnumake
|
||||||
jetbrains.pycharm-professional
|
jetbrains.pycharm-professional
|
||||||
@ -104,8 +110,8 @@
|
|||||||
# services.printing.enable = true;
|
# services.printing.enable = true;
|
||||||
|
|
||||||
# Enable the X11 windowing system.
|
# Enable the X11 windowing system.
|
||||||
services.xserver.enable = true;
|
# services.xserver.enable = true;
|
||||||
services.xserver.layout = "us";
|
# services.xserver.layout = "us";
|
||||||
# services.xserver.xkbOptions = "eurosign:e";
|
# services.xserver.xkbOptions = "eurosign:e";
|
||||||
|
|
||||||
# Enable touchpad support.
|
# Enable touchpad support.
|
||||||
@ -114,18 +120,18 @@
|
|||||||
# Enable the KDE Desktop Environment.
|
# Enable the KDE Desktop Environment.
|
||||||
# services.xserver.displayManager.sddm.enable = true;
|
# services.xserver.displayManager.sddm.enable = true;
|
||||||
# services.xserver.desktopManager.plasma5.enable = true;
|
# services.xserver.desktopManager.plasma5.enable = true;
|
||||||
services.xserver.displayManager.sddm.enable = true;
|
# services.xserver.displayManager.sddm.enable = true;
|
||||||
services.xserver.windowManager.xmonad.enable = true;
|
# services.xserver.windowManager.xmonad.enable = true;
|
||||||
services.xserver.windowManager.xmonad.enableContribAndExtras = true;
|
# services.xserver.windowManager.xmonad.enableContribAndExtras = true;
|
||||||
#
|
#
|
||||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||||
users.extraUsers.jeschli = {
|
users.extraUsers.jeschli = { # TODO: define as krebs.users
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
uid = 1000;
|
uid = 1000;
|
||||||
};
|
};
|
||||||
users.extraUsers.jamie = {
|
users.extraUsers.jamie = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
uid = 1001;
|
uid = 1001; # TODO genid
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
@ -138,4 +144,11 @@
|
|||||||
# should.
|
# should.
|
||||||
system.stateVersion = "17.09"; # Did you read the comment?
|
system.stateVersion = "17.09"; # Did you read the comment?
|
||||||
|
|
||||||
|
hardware.trackpoint = {
|
||||||
|
enable = true;
|
||||||
|
sensitivity = 220;
|
||||||
|
speed = 0;
|
||||||
|
emulateWheel = true;
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
74
jeschli/2configs/emacs.nix
Normal file
74
jeschli/2configs/emacs.nix
Normal file
@ -0,0 +1,74 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
packageRepos = ''
|
||||||
|
(require 'package) ;; You might already have this line
|
||||||
|
(let* ((no-ssl (and (memq system-type '(windows-nt ms-dos))
|
||||||
|
(not (gnutls-available-p))))
|
||||||
|
(url (concat (if no-ssl "http" "https") "://melpa.org/packages/")))
|
||||||
|
(add-to-list 'package-archives (cons "melpa" url) t)
|
||||||
|
(add-to-list 'package-archives
|
||||||
|
'("org" . "http://orgmode.org/elpa/") t)
|
||||||
|
)
|
||||||
|
(when (< emacs-major-version 24)
|
||||||
|
;; For important compatibility libraries like cl-lib
|
||||||
|
(add-to-list 'package-archives '("gnu" . "http://elpa.gnu.org/packages/")))
|
||||||
|
(package-initialize)
|
||||||
|
'';
|
||||||
|
evilMode = ''
|
||||||
|
;; Evil Mode
|
||||||
|
(add-to-list 'load-path "~/.emacs.d/evil")
|
||||||
|
(require 'evil)
|
||||||
|
(evil-mode 1)
|
||||||
|
(require 'evil-org)
|
||||||
|
(add-hook 'org-mode-hook 'evil-org-mode)
|
||||||
|
(evil-org-set-key-theme '(navigation insert textobjects additional calendar))
|
||||||
|
(require 'evil-org-agenda)
|
||||||
|
(evil-org-agenda-set-keys)
|
||||||
|
'';
|
||||||
|
windowCosmetics = ''
|
||||||
|
(tool-bar-mode -1) ; Disable the button bar atop screen
|
||||||
|
(scroll-bar-mode -1) ; Disable scroll bar
|
||||||
|
(setq inhibit-startup-screen t) ; Disable startup screen with graphics
|
||||||
|
(setq-default indent-tabs-mode nil) ; Use spaces instead of tabs
|
||||||
|
(setq default-tab-width 2) ; Two spaces is a tab
|
||||||
|
(setq tab-width 2) ; Four spaces is a tab
|
||||||
|
(setq visible-bell nil) ; Disable annoying visual bell graphic
|
||||||
|
(setq ring-bell-function 'ignore) ; Disable super annoying audio bell
|
||||||
|
'';
|
||||||
|
orgMode = ''
|
||||||
|
(add-to-list 'auto-mode-alist '("\\.\\(org\\|org_archive\\|txt\\)$" . org-mode))
|
||||||
|
(global-set-key "\C-cl" 'org-store-link)
|
||||||
|
(global-set-key "\C-ca" 'org-agenda)
|
||||||
|
(global-set-key "\C-cb" 'org-iswitchb)
|
||||||
|
(if (boundp 'org-user-agenda-files)
|
||||||
|
(setq org-agenda-files org-user-agenda-files)
|
||||||
|
(setq org-agenda-files (quote ("~/projects/notes")))
|
||||||
|
)
|
||||||
|
'';
|
||||||
|
recentFiles = ''
|
||||||
|
(recentf-mode 1)
|
||||||
|
(setq recentf-max-menu-items 25)
|
||||||
|
(global-set-key "\C-x\ \C-r" 'recentf-open-files)
|
||||||
|
'';
|
||||||
|
dotEmacs = pkgs.writeText "dot-emacs" ''
|
||||||
|
${packageRepos}
|
||||||
|
${orgMode}
|
||||||
|
${recentFiles}
|
||||||
|
${windowCosmetics}
|
||||||
|
'';
|
||||||
|
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
|
||||||
|
epkgs.melpaStablePackages.magit
|
||||||
|
epkgs.melpaPackages.mmm-mode
|
||||||
|
epkgs.melpaPackages.nix-mode
|
||||||
|
epkgs.melpaPackages.go-mode
|
||||||
|
epkgs.melpaPackages.google-this
|
||||||
|
]);
|
||||||
|
myEmacs = pkgs.writeDashBin "my-emacs" ''
|
||||||
|
exec ${emacsWithCustomPackages}/bin/emacs -q -l ${dotEmacs} "$@"
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
environment.systemPackages = [
|
||||||
|
myEmacs
|
||||||
|
];
|
||||||
|
}
|
@ -1,7 +1,7 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
mainUser = config.users.extraUsers.markus;
|
mainUser = config.users.extraUsers.jeschli;
|
||||||
|
|
||||||
in {
|
in {
|
||||||
#services.virtualboxHost.enable = true;
|
#services.virtualboxHost.enable = true;
|
||||||
|
14
jeschli/2configs/xdg.nix
Normal file
14
jeschli/2configs/xdg.nix
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
{
|
||||||
|
environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = let
|
||||||
|
forUsers = flip map users;
|
||||||
|
isUser = { name, group, ... }:
|
||||||
|
name == "root" || hasSuffix "users" group;
|
||||||
|
users = filter isUser (mapAttrsToList (_: id) config.users.users);
|
||||||
|
in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -");
|
||||||
|
}
|
27
jeschli/2configs/xserver/Xmodmap.nix
Normal file
27
jeschli/2configs/xserver/Xmodmap.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
pkgs.writeText "Xmodmap" ''
|
||||||
|
!keycode 66 = Caps_Lock
|
||||||
|
!remove Lock = Caps_Lock
|
||||||
|
clear Lock
|
||||||
|
|
||||||
|
! caps lock
|
||||||
|
keycode 66 = Mode_switch
|
||||||
|
|
||||||
|
keycode 13 = 4 dollar EuroSign cent
|
||||||
|
keycode 30 = u U udiaeresis Udiaeresis
|
||||||
|
keycode 32 = o O odiaeresis Odiaeresis
|
||||||
|
keycode 38 = a A adiaeresis Adiaeresis
|
||||||
|
keycode 39 = s S ssharp
|
||||||
|
|
||||||
|
keycode 33 = p P Greek_pi Greek_PI
|
||||||
|
keycode 46 = l L Greek_lambda Greek_LAMBDA
|
||||||
|
|
||||||
|
keycode 54 = c C cacute Cacute
|
||||||
|
|
||||||
|
! BULLET OPERATOR
|
||||||
|
keycode 17 = 8 asterisk U2219
|
||||||
|
keycode 27 = r R r U211D
|
||||||
|
''
|
52
jeschli/2configs/xserver/Xresources.nix
Normal file
52
jeschli/2configs/xserver/Xresources.nix
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
pkgs.writeText "Xresources" /* xdefaults */ ''
|
||||||
|
URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’"
|
||||||
|
URxvt*eightBitInput: false
|
||||||
|
URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
||||||
|
URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
||||||
|
URxvt*scrollBar: false
|
||||||
|
URxvt*background: #050505
|
||||||
|
URxvt*foreground: #d0d7d0
|
||||||
|
URxvt*cursorColor: #f042b0
|
||||||
|
URxvt*cursorColor2: #f0b000
|
||||||
|
URxvt*cursorBlink: off
|
||||||
|
URxvt*jumpScroll: true
|
||||||
|
URxvt*allowSendEvents: false
|
||||||
|
URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
|
||||||
|
URxvt*cutNewline: False
|
||||||
|
URxvt*cutToBeginningOfLine: False
|
||||||
|
|
||||||
|
URxvt*color0: #232342
|
||||||
|
URxvt*color3: #c07000
|
||||||
|
URxvt*color4: #4040c0
|
||||||
|
URxvt*color7: #c0c0c0
|
||||||
|
URxvt*color8: #707070
|
||||||
|
URxvt*color9: #ff6060
|
||||||
|
URxvt*color10: #70ff70
|
||||||
|
URxvt*color11: #ffff70
|
||||||
|
URxvt*color12: #7070ff
|
||||||
|
URxvt*color13: #ff50ff
|
||||||
|
URxvt*color14: #70ffff
|
||||||
|
URxvt*color15: #ffffff
|
||||||
|
|
||||||
|
URxvt*iso14755: False
|
||||||
|
|
||||||
|
URxvt*urgentOnBell: True
|
||||||
|
URxvt*visualBell: True
|
||||||
|
|
||||||
|
! ref https://github.com/muennich/urxvt-perls
|
||||||
|
URxvt*perl-ext: default,url-select
|
||||||
|
URxvt*keysym.M-u: perl:url-select:select_next
|
||||||
|
URxvt*url-select.underline: true
|
||||||
|
URxvt*colorUL: #4682B4
|
||||||
|
URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
|
||||||
|
URxvt*saveLines: 10000
|
||||||
|
|
||||||
|
root-urxvt*background: #230000
|
||||||
|
root-urxvt*foreground: #e0c0c0
|
||||||
|
root-urxvt*BorderColor: #400000
|
||||||
|
root-urxvt*color0: #800000
|
||||||
|
''
|
141
jeschli/2configs/xserver/default.nix
Normal file
141
jeschli/2configs/xserver/default.nix
Normal file
@ -0,0 +1,141 @@
|
|||||||
|
{ config, pkgs, ... }@args:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
cfg = {
|
||||||
|
cacheDir = cfg.dataDir;
|
||||||
|
configDir = "/var/empty";
|
||||||
|
dataDir = "/run/xdg/${cfg.user.name}/xmonad";
|
||||||
|
user = config.krebs.users.jeschli;
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.font-size
|
||||||
|
pkgs.gitAndTools.qgit
|
||||||
|
pkgs.mpv
|
||||||
|
pkgs.sxiv
|
||||||
|
pkgs.xdotool
|
||||||
|
pkgs.xsel
|
||||||
|
pkgs.zathura
|
||||||
|
];
|
||||||
|
|
||||||
|
fonts.fonts = [
|
||||||
|
pkgs.xlibs.fontschumachermisc
|
||||||
|
];
|
||||||
|
|
||||||
|
# TODO dedicated group, i.e. with a single user [per-user-setuid]
|
||||||
|
# TODO krebs.setuid.slock.path vs /run/wrappers/bin
|
||||||
|
krebs.setuid.slock = {
|
||||||
|
filename = "${pkgs.slock}/bin/slock";
|
||||||
|
group = "wheel";
|
||||||
|
envp = {
|
||||||
|
DISPLAY = ":${toString config.services.xserver.display}";
|
||||||
|
USER = cfg.user.name;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.xserver = {
|
||||||
|
|
||||||
|
# Don't install feh into systemPackages
|
||||||
|
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
||||||
|
desktopManager.session = mkForce [];
|
||||||
|
|
||||||
|
enable = true;
|
||||||
|
display = 11;
|
||||||
|
tty = 11;
|
||||||
|
|
||||||
|
synaptics = {
|
||||||
|
enable = true;
|
||||||
|
twoFingerScroll = true;
|
||||||
|
accelFactor = "0.035";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.display-manager.enable = false;
|
||||||
|
|
||||||
|
systemd.services.xmonad = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
requires = [ "xserver.service" ];
|
||||||
|
environment = {
|
||||||
|
DISPLAY = ":${toString config.services.xserver.display}";
|
||||||
|
|
||||||
|
XMONAD_CACHE_DIR = cfg.cacheDir;
|
||||||
|
XMONAD_CONFIG_DIR = cfg.configDir;
|
||||||
|
XMONAD_DATA_DIR = cfg.dataDir;
|
||||||
|
|
||||||
|
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
|
||||||
|
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
|
||||||
|
${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} &
|
||||||
|
${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} &
|
||||||
|
${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' &
|
||||||
|
wait
|
||||||
|
'';
|
||||||
|
|
||||||
|
# XXX JSON is close enough :)
|
||||||
|
XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [
|
||||||
|
"dashboard" # we start here
|
||||||
|
"stockholm"
|
||||||
|
"pycharm"
|
||||||
|
"chromium"
|
||||||
|
"iRC"
|
||||||
|
"git"
|
||||||
|
"hipbird"
|
||||||
|
]);
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "xmonad";
|
||||||
|
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${toString [
|
||||||
|
"\${XMONAD_CACHE_DIR}"
|
||||||
|
"\${XMONAD_CONFIG_DIR}"
|
||||||
|
"\${XMONAD_DATA_DIR}"
|
||||||
|
]}";
|
||||||
|
ExecStart = "${pkgs.xmonad-jeschli}/bin/xmonad";
|
||||||
|
ExecStop = "${pkgs.xmonad-jeschli}/bin/xmonad --shutdown";
|
||||||
|
User = cfg.user.name;
|
||||||
|
WorkingDirectory = cfg.user.home;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.xserver = {
|
||||||
|
after = [
|
||||||
|
"systemd-udev-settle.service"
|
||||||
|
"local-fs.target"
|
||||||
|
"acpid.service"
|
||||||
|
];
|
||||||
|
reloadIfChanged = true;
|
||||||
|
environment = {
|
||||||
|
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
||||||
|
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
||||||
|
LD_LIBRARY_PATH = concatStringsSep ":" (
|
||||||
|
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
|
||||||
|
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "xserver";
|
||||||
|
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||||
|
ExecStart = toString [
|
||||||
|
"${pkgs.xorg.xorgserver}/bin/X"
|
||||||
|
":${toString config.services.xserver.display}"
|
||||||
|
"vt${toString config.services.xserver.tty}"
|
||||||
|
"-config ${import ./xserver.conf.nix args}"
|
||||||
|
"-logfile /dev/null -logverbose 0 -verbose 3"
|
||||||
|
"-nolisten tcp"
|
||||||
|
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.urxvtd = {
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
reloadIfChanged = true;
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "urxvtd";
|
||||||
|
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||||
|
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "2s";
|
||||||
|
StartLimitBurst = 0;
|
||||||
|
User = cfg.user.name;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
40
jeschli/2configs/xserver/xserver.conf.nix
Normal file
40
jeschli/2configs/xserver/xserver.conf.nix
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.services.xserver;
|
||||||
|
in
|
||||||
|
|
||||||
|
pkgs.stdenv.mkDerivation {
|
||||||
|
name = "xserver.conf";
|
||||||
|
|
||||||
|
xfs = optionalString (cfg.useXFS != false)
|
||||||
|
''FontPath "${toString cfg.useXFS}"'';
|
||||||
|
|
||||||
|
inherit (cfg) config;
|
||||||
|
|
||||||
|
buildCommand =
|
||||||
|
''
|
||||||
|
echo 'Section "Files"' >> $out
|
||||||
|
echo $xfs >> $out
|
||||||
|
|
||||||
|
for i in ${toString config.fonts.fonts}; do
|
||||||
|
if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
|
||||||
|
for j in $(find $i -name fonts.dir); do
|
||||||
|
echo " FontPath \"$(dirname $j)\"" >> $out
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
for i in $(find ${toString cfg.modules} -type d); do
|
||||||
|
if test $(echo $i/*.so* | wc -w) -ne 0; then
|
||||||
|
echo " ModulePath \"$i\"" >> $out
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
echo 'EndSection' >> $out
|
||||||
|
|
||||||
|
echo "$config" >> $out
|
||||||
|
'';
|
||||||
|
}
|
11
jeschli/5pkgs/default.nix
Normal file
11
jeschli/5pkgs/default.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
self: super:
|
||||||
|
|
||||||
|
# Import files and subdirectories like they are overlays.
|
||||||
|
foldl' mergeAttrs {}
|
||||||
|
(map
|
||||||
|
(name: import (./. + "/${name}") self super)
|
||||||
|
(filter
|
||||||
|
(name: name != "default.nix" && !hasPrefix "." name)
|
||||||
|
(attrNames (readDir ./.))))
|
24
jeschli/5pkgs/simple/default.nix
Normal file
24
jeschli/5pkgs/simple/default.nix
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
self: super:
|
||||||
|
|
||||||
|
let
|
||||||
|
# This callPackage will try to detect obsolete overrides.
|
||||||
|
callPackage = path: args: let
|
||||||
|
override = self.callPackage path args;
|
||||||
|
upstream = optionalAttrs (override ? "name")
|
||||||
|
(super.${(parseDrvName override.name).name} or {});
|
||||||
|
in if upstream ? "name" &&
|
||||||
|
override ? "name" &&
|
||||||
|
compareVersions upstream.name override.name != -1
|
||||||
|
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
|
||||||
|
else override;
|
||||||
|
in
|
||||||
|
|
||||||
|
listToAttrs
|
||||||
|
(map
|
||||||
|
(name: nameValuePair (removeSuffix ".nix" name)
|
||||||
|
(callPackage (./. + "/${name}") {}))
|
||||||
|
(filter
|
||||||
|
(name: name != "default.nix" && !hasPrefix "." name)
|
||||||
|
(attrNames (readDir ./.))))
|
294
jeschli/5pkgs/simple/xmonad-jeschli/default.nix
Normal file
294
jeschli/5pkgs/simple/xmonad-jeschli/default.nix
Normal file
@ -0,0 +1,294 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
pkgs.writeHaskell "xmonad-jeschli" {
|
||||||
|
executables.xmonad = {
|
||||||
|
extra-depends = [
|
||||||
|
"containers"
|
||||||
|
"extra"
|
||||||
|
"unix"
|
||||||
|
"X11"
|
||||||
|
"xmonad"
|
||||||
|
"xmonad-contrib"
|
||||||
|
"xmonad-stockholm"
|
||||||
|
];
|
||||||
|
text = /* haskell */ ''
|
||||||
|
{-# LANGUAGE DeriveDataTypeable #-} -- for XS
|
||||||
|
{-# LANGUAGE FlexibleContexts #-} -- for xmonad'
|
||||||
|
{-# LANGUAGE LambdaCase #-}
|
||||||
|
{-# LANGUAGE ScopedTypeVariables #-}
|
||||||
|
|
||||||
|
|
||||||
|
module Main where
|
||||||
|
|
||||||
|
import Control.Exception
|
||||||
|
import Control.Monad.Extra (whenJustM)
|
||||||
|
import Graphics.X11.ExtraTypes.XF86
|
||||||
|
import Text.Read (readEither)
|
||||||
|
import XMonad
|
||||||
|
import System.IO (hPutStrLn, stderr)
|
||||||
|
import System.Environment (getArgs, withArgs, getEnv, getEnvironment, lookupEnv)
|
||||||
|
import System.Posix.Process (executeFile)
|
||||||
|
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace
|
||||||
|
, removeEmptyWorkspace)
|
||||||
|
import XMonad.Actions.GridSelect
|
||||||
|
import XMonad.Actions.CycleWS (toggleWS)
|
||||||
|
--import XMonad.Actions.CopyWindow ( copy )
|
||||||
|
import XMonad.Layout.NoBorders ( smartBorders )
|
||||||
|
import qualified XMonad.StackSet as W
|
||||||
|
import Data.Map (Map)
|
||||||
|
import qualified Data.Map as Map
|
||||||
|
-- TODO import XMonad.Layout.WorkspaceDir
|
||||||
|
import XMonad.Hooks.UrgencyHook (SpawnUrgencyHook(..), withUrgencyHook)
|
||||||
|
-- import XMonad.Layout.Tabbed
|
||||||
|
--import XMonad.Layout.MouseResizableTile
|
||||||
|
import XMonad.Layout.Reflect (reflectVert)
|
||||||
|
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
||||||
|
import XMonad.Hooks.Place (placeHook, smart)
|
||||||
|
import XMonad.Hooks.FloatNext (floatNextHook)
|
||||||
|
import XMonad.Actions.PerWorkspaceKeys (chooseAction)
|
||||||
|
import XMonad.Layout.PerWorkspace (onWorkspace)
|
||||||
|
--import XMonad.Layout.BinarySpacePartition
|
||||||
|
|
||||||
|
--import XMonad.Actions.Submap
|
||||||
|
import XMonad.Stockholm.Pager
|
||||||
|
import XMonad.Stockholm.Rhombus
|
||||||
|
import XMonad.Stockholm.Shutdown
|
||||||
|
|
||||||
|
|
||||||
|
amixerPath :: FilePath
|
||||||
|
amixerPath = "${pkgs.alsaUtils}/bin/amixer"
|
||||||
|
|
||||||
|
urxvtcPath :: FilePath
|
||||||
|
urxvtcPath = "${pkgs.rxvt_unicode}/bin/urxvtc"
|
||||||
|
|
||||||
|
myFont :: String
|
||||||
|
myFont = "-schumacher-*-*-*-*-*-*-*-*-*-*-*-iso10646-*"
|
||||||
|
|
||||||
|
main :: IO ()
|
||||||
|
main = getArgs >>= \case
|
||||||
|
["--shutdown"] -> sendShutdownEvent
|
||||||
|
_ -> mainNoArgs
|
||||||
|
|
||||||
|
mainNoArgs :: IO ()
|
||||||
|
mainNoArgs = do
|
||||||
|
workspaces0 <- getWorkspaces0
|
||||||
|
xmonad
|
||||||
|
-- $ withUrgencyHookC dzenUrgencyHook { args = ["-bg", "magenta", "-fg", "magenta", "-h", "2"], duration = 500000 }
|
||||||
|
-- urgencyConfig { remindWhen = Every 1 }
|
||||||
|
-- $ withUrgencyHook borderUrgencyHook "magenta"
|
||||||
|
-- $ withUrgencyHookC BorderUrgencyHook { urgencyBorderColor = "magenta" } urgencyConfig { suppressWhen = Never }
|
||||||
|
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
|
||||||
|
$ def
|
||||||
|
{ terminal = urxvtcPath
|
||||||
|
, modMask = mod4Mask
|
||||||
|
, keys = myKeys
|
||||||
|
, workspaces = workspaces0
|
||||||
|
, layoutHook = smartBorders $ FixedColumn 1 20 80 10 ||| Full
|
||||||
|
-- , handleEventHook = myHandleEventHooks <+> handleTimerEvent
|
||||||
|
--, handleEventHook = handleTimerEvent
|
||||||
|
, manageHook = placeHook (smart (1,0)) <+> floatNextHook
|
||||||
|
, startupHook =
|
||||||
|
whenJustM (liftIO (lookupEnv "XMONAD_STARTUP_HOOK"))
|
||||||
|
(\path -> forkFile path [] Nothing)
|
||||||
|
, normalBorderColor = "#1c1c1c"
|
||||||
|
, focusedBorderColor = "#f000b0"
|
||||||
|
, handleEventHook = handleShutdownEvent
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
getWorkspaces0 :: IO [String]
|
||||||
|
getWorkspaces0 =
|
||||||
|
try (getEnv "XMONAD_WORKSPACES0_FILE") >>= \case
|
||||||
|
Left e -> warn (displaySomeException e)
|
||||||
|
Right p -> try (readFile p) >>= \case
|
||||||
|
Left e -> warn (displaySomeException e)
|
||||||
|
Right x -> case readEither x of
|
||||||
|
Left e -> warn e
|
||||||
|
Right y -> return y
|
||||||
|
where
|
||||||
|
warn msg = hPutStrLn stderr ("getWorkspaces0: " ++ msg) >> return []
|
||||||
|
|
||||||
|
displaySomeException :: SomeException -> String
|
||||||
|
displaySomeException = displayException
|
||||||
|
|
||||||
|
|
||||||
|
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
|
||||||
|
forkFile path args env =
|
||||||
|
xfork (executeFile path False args env) >> return ()
|
||||||
|
|
||||||
|
spawnRootTerm :: X ()
|
||||||
|
spawnRootTerm =
|
||||||
|
forkFile
|
||||||
|
urxvtcPath
|
||||||
|
["-name", "root-urxvt", "-e", "/run/wrappers/bin/su", "-"]
|
||||||
|
Nothing
|
||||||
|
|
||||||
|
spawnTermAt :: String -> X ()
|
||||||
|
spawnTermAt ws = do
|
||||||
|
env <- liftIO getEnvironment
|
||||||
|
let env' = ("XMONAD_SPAWN_WORKSPACE", ws) : env
|
||||||
|
forkFile urxvtcPath [] (Just env')
|
||||||
|
|
||||||
|
myKeys :: XConfig Layout -> Map (KeyMask, KeySym) (X ())
|
||||||
|
myKeys conf = Map.fromList $
|
||||||
|
[ ((_4 , xK_Escape ), forkFile "/run/wrappers/bin/slock" [] Nothing)
|
||||||
|
, ((_4S , xK_c ), kill)
|
||||||
|
|
||||||
|
, ((_4 , xK_p ), forkFile "${pkgs.pass}/bin/passmenu" ["--type"] Nothing)
|
||||||
|
|
||||||
|
, ((_4 , xK_x ), chooseAction spawnTermAt)
|
||||||
|
, ((_4C , xK_x ), spawnRootTerm)
|
||||||
|
|
||||||
|
--, ((_4 , xK_F1 ), withFocused jojo)
|
||||||
|
--, ((_4 , xK_F1 ), printAllGeometries)
|
||||||
|
|
||||||
|
, ((0 , xK_Print ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.view) )
|
||||||
|
, ((_S , xK_Print ), gets windowset >>= allWorkspaceNames >>= pager pagerConfig (windows . W.shift) )
|
||||||
|
, ((_C , xK_Print ), toggleWS)
|
||||||
|
, ((_4 , xK_Print ), rhombus horseConfig (liftIO . hPutStrLn stderr) ["Correct", "Horse", "Battery", "Staple", "Stuhl", "Tisch"] )
|
||||||
|
|
||||||
|
-- %! Rotate through the available layout algorithms
|
||||||
|
, ((_4 , xK_space ), sendMessage NextLayout)
|
||||||
|
, ((_4S , xK_space ), setLayout $ XMonad.layoutHook conf) -- reset layout
|
||||||
|
|
||||||
|
---- BinarySpacePartition
|
||||||
|
--, ((_4 , xK_l), sendMessage $ ExpandTowards R)
|
||||||
|
--, ((_4 , xK_h), sendMessage $ ExpandTowards L)
|
||||||
|
--, ((_4 , xK_j), sendMessage $ ExpandTowards D)
|
||||||
|
--, ((_4 , xK_k), sendMessage $ ExpandTowards U)
|
||||||
|
--, ((_4S , xK_l), sendMessage $ ShrinkFrom R)
|
||||||
|
--, ((_4S , xK_h), sendMessage $ ShrinkFrom L)
|
||||||
|
--, ((_4S , xK_j), sendMessage $ ShrinkFrom D)
|
||||||
|
--, ((_4S , xK_k), sendMessage $ ShrinkFrom U)
|
||||||
|
--, ((_4 , xK_n), sendMessage Rotate)
|
||||||
|
--, ((_4S , xK_n), sendMessage Swap)
|
||||||
|
|
||||||
|
---- mouseResizableTile
|
||||||
|
--, ((_4 , xK_u), sendMessage ShrinkSlave)
|
||||||
|
--, ((_4 , xK_i), sendMessage ExpandSlave)
|
||||||
|
|
||||||
|
-- move focus up or down the window stack
|
||||||
|
--, ((_4 , xK_m ), windows W.focusMaster)
|
||||||
|
, ((_4 , xK_j ), windows W.focusDown)
|
||||||
|
, ((_4 , xK_k ), windows W.focusUp)
|
||||||
|
|
||||||
|
-- modifying the window order
|
||||||
|
, ((_4S , xK_m ), windows W.swapMaster)
|
||||||
|
, ((_4S , xK_j ), windows W.swapDown)
|
||||||
|
, ((_4S , xK_k ), windows W.swapUp)
|
||||||
|
|
||||||
|
-- resizing the master/slave ratio
|
||||||
|
, ((_4 , xK_h ), sendMessage Shrink) -- %! Shrink the master area
|
||||||
|
, ((_4 , xK_l ), sendMessage Expand) -- %! Expand the master area
|
||||||
|
|
||||||
|
-- floating layer support
|
||||||
|
, ((_4 , xK_t ), withFocused $ windows . W.sink) -- make tiling
|
||||||
|
|
||||||
|
-- increase or decrease number of windows in the master area
|
||||||
|
, ((_4 , xK_comma ), sendMessage $ IncMasterN 1)
|
||||||
|
, ((_4 , xK_period ), sendMessage $ IncMasterN (-1))
|
||||||
|
|
||||||
|
, ((_4 , xK_a ), addWorkspacePrompt def)
|
||||||
|
, ((_4 , xK_r ), renameWorkspace def)
|
||||||
|
, ((_4 , xK_Delete ), removeEmptyWorkspace)
|
||||||
|
|
||||||
|
, ((_4 , xK_Return ), toggleWS)
|
||||||
|
--, (0 , xK_Print ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.view)
|
||||||
|
--, (_4 , xK_v ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.view)
|
||||||
|
--, (_4S , xK_v ) & \k -> (k, gridselectWorkspace wsGSConfig { gs_navigate = makeGSNav k } W.shift)
|
||||||
|
--, (_4 , xK_b ) & \k -> (k, goToSelected wGSConfig { gs_navigate = makeGSNav k })
|
||||||
|
, ((noModMask, xF86XK_AudioLowerVolume), amixer ["sset", "Master", "5%-"])
|
||||||
|
, ((noModMask, xF86XK_AudioRaiseVolume), amixer ["sset", "Master", "5%+"])
|
||||||
|
, ((noModMask, xF86XK_AudioMute), amixer ["sset", "Master", "toggle"])
|
||||||
|
]
|
||||||
|
where
|
||||||
|
_4 = mod4Mask
|
||||||
|
_C = controlMask
|
||||||
|
_S = shiftMask
|
||||||
|
_M = mod1Mask
|
||||||
|
_4C = _4 .|. _C
|
||||||
|
_4S = _4 .|. _S
|
||||||
|
_4M = _4 .|. _M
|
||||||
|
_4CM = _4 .|. _C .|. _M
|
||||||
|
_4SM = _4 .|. _S .|. _M
|
||||||
|
|
||||||
|
amixer args = forkFile amixerPath args Nothing
|
||||||
|
|
||||||
|
|
||||||
|
pagerConfig :: PagerConfig
|
||||||
|
pagerConfig = def
|
||||||
|
{ pc_font = myFont
|
||||||
|
, pc_cellwidth = 64
|
||||||
|
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
|
||||||
|
--, pc_borderwidth = 1
|
||||||
|
--, pc_matchcolor = "#f0b000"
|
||||||
|
, pc_matchmethod = MatchPrefix
|
||||||
|
--, pc_colors = pagerWorkspaceColors
|
||||||
|
, pc_windowColors = windowColors
|
||||||
|
}
|
||||||
|
where
|
||||||
|
windowColors _ _ _ True _ = ("#ef4242","#ff2323")
|
||||||
|
windowColors wsf m c u wf = do
|
||||||
|
let y = defaultWindowColors wsf m c u wf
|
||||||
|
if m == False && wf == True
|
||||||
|
then ("#402020", snd y)
|
||||||
|
else y
|
||||||
|
|
||||||
|
horseConfig :: RhombusConfig
|
||||||
|
horseConfig = def
|
||||||
|
{ rc_font = myFont
|
||||||
|
, rc_cellwidth = 64
|
||||||
|
--, rc_cellheight = 36 -- TODO automatically keep screen aspect
|
||||||
|
--, rc_borderwidth = 1
|
||||||
|
--, rc_matchcolor = "#f0b000"
|
||||||
|
, rc_matchmethod = MatchPrefix
|
||||||
|
--, rc_colors = pagerWorkspaceColors
|
||||||
|
--, rc_paint = myPaint
|
||||||
|
}
|
||||||
|
|
||||||
|
wGSConfig :: GSConfig Window
|
||||||
|
wGSConfig = def
|
||||||
|
{ gs_cellheight = 20
|
||||||
|
, gs_cellwidth = 192
|
||||||
|
, gs_cellpadding = 5
|
||||||
|
, gs_font = myFont
|
||||||
|
, gs_navigate = navNSearch
|
||||||
|
}
|
||||||
|
|
||||||
|
-- wsGSConfig = def
|
||||||
|
-- { gs_cellheight = 20
|
||||||
|
-- , gs_cellwidth = 64
|
||||||
|
-- , gs_cellpadding = 5
|
||||||
|
-- , gs_font = myFont
|
||||||
|
-- , gs_navigate = navNSearch
|
||||||
|
-- }
|
||||||
|
|
||||||
|
-- custom navNSearch
|
||||||
|
--makeGSNav :: (KeyMask, KeySym) -> TwoD a (Maybe a)
|
||||||
|
--makeGSNav esc = nav
|
||||||
|
-- where
|
||||||
|
-- nav = makeXEventhandler $ shadowWithKeymap keyMap navNSearchDefaultHandler
|
||||||
|
-- keyMap = Map.fromList
|
||||||
|
-- [ (esc , cancel)
|
||||||
|
-- , ((0,xK_Escape) , cancel)
|
||||||
|
-- , ((0,xK_Return) , select)
|
||||||
|
-- , ((0,xK_Left) , move (-1, 0) >> nav)
|
||||||
|
-- , ((0,xK_Right) , move ( 1, 0) >> nav)
|
||||||
|
-- , ((0,xK_Down) , move ( 0, 1) >> nav)
|
||||||
|
-- , ((0,xK_Up) , move ( 0,-1) >> nav)
|
||||||
|
-- , ((0,xK_BackSpace) , transformSearchString (\s -> if (s == "") then "" else init s) >> nav)
|
||||||
|
-- ]
|
||||||
|
-- -- The navigation handler ignores unknown key symbols, therefore we const
|
||||||
|
-- navNSearchDefaultHandler (_,s,_) = do
|
||||||
|
-- transformSearchString (++ s)
|
||||||
|
-- nav
|
||||||
|
|
||||||
|
|
||||||
|
(&) :: a -> (a -> c) -> c
|
||||||
|
(&) = flip ($)
|
||||||
|
|
||||||
|
allWorkspaceNames :: W.StackSet i l a sid sd -> X [i]
|
||||||
|
allWorkspaceNames ws =
|
||||||
|
return $ map W.tag (W.hidden ws) ++ [W.tag $ W.workspace $ W.current ws]
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
@ -1,9 +1,9 @@
|
|||||||
_:
|
{ pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../krebs
|
../krebs
|
||||||
./2configs
|
./2configs
|
||||||
# ./3modules
|
|
||||||
# ./5pkgs
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
nixpkgs.config.packageOverrides = import ./5pkgs pkgs;
|
||||||
}
|
}
|
||||||
|
@ -13,10 +13,7 @@ in
|
|||||||
evalSource (toString _file) [
|
evalSource (toString _file) [
|
||||||
{
|
{
|
||||||
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
|
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
|
||||||
nixpkgs.git = {
|
nixpkgs = (import <stockholm/krebs/source.nix> host).nixpkgs;
|
||||||
url = https://github.com/nixos/nixpkgs;
|
|
||||||
ref = "0653b73";
|
|
||||||
};
|
|
||||||
secrets.file = getAttr builder {
|
secrets.file = getAttr builder {
|
||||||
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;
|
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;
|
||||||
jeschli = "${getEnv "HOME"}/secrets/${name}";
|
jeschli = "${getEnv "HOME"}/secrets/${name}";
|
||||||
|
@ -21,4 +21,5 @@
|
|||||||
boot.isContainer = true;
|
boot.isContainer = true;
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm";
|
krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm";
|
||||||
|
environment.variables.NIX_REMOTE = "daemon";
|
||||||
}
|
}
|
||||||
|
44
krebs/1systems/onebutton/config.nix
Normal file
44
krebs/1systems/onebutton/config.nix
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/krebs>
|
||||||
|
<stockholm/krebs/2configs>
|
||||||
|
{ # minimal disk usage
|
||||||
|
environment.noXlibs = true;
|
||||||
|
nix.gc.automatic = true;
|
||||||
|
nix.gc.dates = "03:10";
|
||||||
|
programs.info.enable = false;
|
||||||
|
programs.man.enable = false;
|
||||||
|
services.journald.extraConfig = "SystemMaxUse=50M";
|
||||||
|
services.nixosManual.enable = false;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
krebs.build.host = config.krebs.hosts.onebutton;
|
||||||
|
# NixOS wants to enable GRUB by default
|
||||||
|
boot.loader.grub.enable = false;
|
||||||
|
# Enables the generation of /boot/extlinux/extlinux.conf
|
||||||
|
boot.loader.generic-extlinux-compatible.enable = true;
|
||||||
|
|
||||||
|
# !!! If your board is a Raspberry Pi 1, select this:
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_rpi;
|
||||||
|
|
||||||
|
nix.binaryCaches = [ "http://nixos-arm.dezgeg.me/channel" ];
|
||||||
|
nix.binaryCachePublicKeys = [ "nixos-arm.dezgeg.me-1:xBaUKS3n17BZPKeyxL4JfbTqECsT+ysbDJz29kLFRW0=%" ];
|
||||||
|
|
||||||
|
# !!! Needed for the virtual console to work on the RPi 3, as the default of 16M doesn't seem to be enough.
|
||||||
|
# boot.kernelParams = ["cma=32M"];
|
||||||
|
|
||||||
|
fileSystems = {
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_BOOT";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ { device = "/swapfile"; size = 1024; } ];
|
||||||
|
services.openssh.enable = true;
|
||||||
|
}
|
16
krebs/1systems/onebutton/source.nix
Normal file
16
krebs/1systems/onebutton/source.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
let
|
||||||
|
pkgs = import <nixpkgs> {};
|
||||||
|
nixpkgs = pkgs.fetchFromGitHub {
|
||||||
|
owner = "nixos";
|
||||||
|
repo = "nixpkgs-channels";
|
||||||
|
rev = "6c064e6b"; # only binary cache for unstable arm6
|
||||||
|
sha256 = "1rqzh475xn43phagrr30lb0fd292c1s8as53irihsnd5wcksnbyd";
|
||||||
|
};
|
||||||
|
in import <stockholm/krebs/source.nix> {
|
||||||
|
name = "onebutton";
|
||||||
|
override.nixpkgs = mkForce {
|
||||||
|
file = toString nixpkgs;
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -5,6 +5,5 @@ with import <stockholm/lib>;
|
|||||||
krebs.ci.enable = true;
|
krebs.ci.enable = true;
|
||||||
krebs.ci.treeStableTimer = 1;
|
krebs.ci.treeStableTimer = 1;
|
||||||
krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts);
|
krebs.ci.hosts = filter (getAttr "ci") (attrValues config.krebs.hosts);
|
||||||
krebs.ci.tests = [ "deploy" ];
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
krebs.newsbot-js.news-spam = {
|
krebs.newsbot-js.news-spam = {
|
||||||
|
urlShortenerHost = "go.lassul.us";
|
||||||
feeds = pkgs.writeText "feeds" ''
|
feeds = pkgs.writeText "feeds" ''
|
||||||
[SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
|
[SPAM]aje|http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989|#snews
|
||||||
[SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
|
[SPAM]allafrica|http://allafrica.com/tools/headlines/rdf/latest/headlines.rdf|#snews
|
||||||
@ -120,7 +121,7 @@
|
|||||||
[SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
|
[SPAM]sciencemag|http://news.sciencemag.org/rss/current.xml|#snews
|
||||||
[SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews
|
[SPAM]scmp|http://www.scmp.com/rss/91/feed|#snews
|
||||||
[SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
|
[SPAM]sec-db|http://feeds.security-database.com/SecurityDatabaseToolsWatch|#snews
|
||||||
[SPAM]shackspace|http://blog.shackspace.de/?feed=rss2|#snews
|
[SPAM]shackspace|http://shackspace.de/atom.xml|#snews
|
||||||
[SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
|
[SPAM]shz_news|http://www.shz.de/nachrichten/newsticker/rss|#snews
|
||||||
[SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
|
[SPAM]sky_busi|http://feeds.skynews.com/feeds/rss/business.xml|#snews
|
||||||
[SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
|
[SPAM]sky_pol|http://feeds.skynews.com/feeds/rss/politics.xml|#snews
|
||||||
|
@ -11,7 +11,7 @@
|
|||||||
painload|https://github.com/krebscode/painload/commits/master.atom|#news
|
painload|https://github.com/krebscode/painload/commits/master.atom|#news
|
||||||
reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news
|
reddit_haskell|http://www.reddit.com/r/haskell/.rss|#news
|
||||||
reddit_nix|http://www.reddit.com/r/nixos/.rss|#news
|
reddit_nix|http://www.reddit.com/r/nixos/.rss|#news
|
||||||
shackspace|http://blog.shackspace.de/?feed=rss2|#news
|
shackspace|http://shackspace.de/atom.xml|#news
|
||||||
tinc|http://tinc-vpn.org/news/index.rss|#news
|
tinc|http://tinc-vpn.org/news/index.rss|#news
|
||||||
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
|
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
|
||||||
weechat|http://dev.weechat.org/feed/atom|#news
|
weechat|http://dev.weechat.org/feed/atom|#news
|
||||||
|
@ -2,8 +2,56 @@
|
|||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
|
pkg = pkgs.stdenv.mkDerivation {
|
||||||
|
name = "worlddomination-2018-04-21";
|
||||||
|
src = pkgs.fetchgit {
|
||||||
|
url = "https://github.com/shackspace/worlddomination/";
|
||||||
|
rev = "1b32403b9";
|
||||||
|
sha256 = "10x7aiil13k3x9wqy95mi1ys999d6fxg5sys3jwv7a1p930gkl1i";
|
||||||
|
};
|
||||||
|
buildInputs = [
|
||||||
|
(pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
|
||||||
|
docopt
|
||||||
|
LinkHeader
|
||||||
|
aiocoap
|
||||||
|
grequests
|
||||||
|
paramiko
|
||||||
|
python
|
||||||
|
]))
|
||||||
|
];
|
||||||
|
installPhase = ''
|
||||||
|
install -m755 -D backend/push_led.py $out/bin/push-led
|
||||||
|
install -m755 -D backend/loop_single.py $out/bin/loop-single
|
||||||
|
# copy the provided file to the package
|
||||||
|
install -m755 -D backend/wd.lst $out/${wdpath}
|
||||||
|
'';
|
||||||
|
};
|
||||||
pythonPackages = pkgs.python3Packages;
|
pythonPackages = pkgs.python3Packages;
|
||||||
# https://github.com/chrysn/aiocoap
|
# https://github.com/chrysn/aiocoap
|
||||||
|
grequests = pythonPackages.buildPythonPackage rec {
|
||||||
|
pname = "grequests";
|
||||||
|
version = "0.3.1";
|
||||||
|
name = "${pname}-${version}";
|
||||||
|
|
||||||
|
src = pkgs.fetchFromGitHub {
|
||||||
|
owner = "kennethreitz";
|
||||||
|
repo = "grequests";
|
||||||
|
rev = "d1e70eb";
|
||||||
|
sha256 = "0drfx4fx65k0g5sj0pw8z3q1s0sp7idn2yz8xfb45nd6v82i37hc";
|
||||||
|
};
|
||||||
|
|
||||||
|
doCheck = false;
|
||||||
|
|
||||||
|
propagatedBuildInputs = with pythonPackages; [ requests gevent ];
|
||||||
|
|
||||||
|
meta = with lib;{
|
||||||
|
description = "Asynchronous HTTP requests";
|
||||||
|
homepage = https://github.com/kennethreitz/grequests;
|
||||||
|
license = with licenses; [ bsd2 ];
|
||||||
|
maintainers = with maintainers; [ matejc ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
aiocoap = pythonPackages.buildPythonPackage {
|
aiocoap = pythonPackages.buildPythonPackage {
|
||||||
name = "aiocoap-0.3";
|
name = "aiocoap-0.3";
|
||||||
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
|
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; };
|
||||||
@ -25,30 +73,6 @@ let
|
|||||||
description = "Parse and format link headers according to RFC 5988 \"Web Linking\"";
|
description = "Parse and format link headers according to RFC 5988 \"Web Linking\"";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
pkg = pkgs.stdenv.mkDerivation {
|
|
||||||
name = "worlddomination-2017-06-10";
|
|
||||||
src = pkgs.fetchgit {
|
|
||||||
url = "https://github.com/shackspace/worlddomination/";
|
|
||||||
rev = "72fc9b5";
|
|
||||||
sha256 = "05h500rswzypcxy4i22qc1vkc8izbzfqa9m86xg289hjxh133xyf";
|
|
||||||
};
|
|
||||||
buildInputs = [
|
|
||||||
(pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
|
|
||||||
docopt
|
|
||||||
LinkHeader
|
|
||||||
aiocoap
|
|
||||||
requests
|
|
||||||
paramiko
|
|
||||||
python
|
|
||||||
]))
|
|
||||||
];
|
|
||||||
installPhase = ''
|
|
||||||
install -m755 -D backend/push_led.py $out/bin/push-led
|
|
||||||
install -m755 -D backend/loop_single.py $out/bin/loop-single
|
|
||||||
# copy the provided file to the package
|
|
||||||
install -m755 -D backend/wd.lst $out/${wdpath}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
wdpath = "/usr/worlddomination/wd.lst";
|
wdpath = "/usr/worlddomination/wd.lst";
|
||||||
esphost = "10.42.24.7"; # esp8266
|
esphost = "10.42.24.7"; # esp8266
|
||||||
timeout = 10; # minutes
|
timeout = 10; # minutes
|
||||||
|
@ -91,6 +91,37 @@ in {
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICxFkBln23wUxt4RhIHE3GvdKeBpJbjn++6maupHqUHp";
|
||||||
};
|
};
|
||||||
|
onebutton = {
|
||||||
|
cores = 1;
|
||||||
|
owner = config.krebs.users.krebs;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.0.101";
|
||||||
|
ip6.addr = "42:0:0:0:0:0:0:101";
|
||||||
|
aliases = [
|
||||||
|
"onebutton.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA11w6votRExwE0ZEiQmPa
|
||||||
|
9WGNsMfNAZEd14iHaHCZH7UPQEH+cH/T6isGPpaysindroMnqFe9mUf/cdYChb6N
|
||||||
|
aaFreApwGBQaJPUcdy4cfphrFpzmOClpOFuFbnV7ZvAk/wefBad3kUzsq/lK4HvB
|
||||||
|
7nPKeOB9kljphLrkzuLL/h2yOenMpO2ZdvwxyWN8HKmUNgvpBQjIr+Hka6cgy7Gp
|
||||||
|
pBVFHfSnad/eHeEvq91O/bHxrAxzH5N5DVagPDpkbiWYGl+0XVGP/h0CApr15Ael
|
||||||
|
+j2pJYc0ZlaXIp4KmNRqbd/fLe52JLrWbnFX4rRuY/DhoMqK8kjECEZ7gLiNSpCC
|
||||||
|
KlnlJ2LXX9c+d79ubzl5yLAJ3d6T4IJqkbAWJDuCrj821M9ZDk/qZwerayhrrvkF
|
||||||
|
tMYkQoGSe8MvSOU0rTEoH5iSRwDC7M0XzUe4l8/yZLFyD4Prz/dq6coqANfk/tlE
|
||||||
|
DnH3vDu9lmFvYrLcd6yDWzFfI3mWDJoUa6AKKoScCOaCkRfIM4Aew0i73+h1nJLO
|
||||||
|
59AAbZIkDYyWs53QniIG4EQteI9y/9j/628nPAVj68V5oIN76RDXfFHWDWq4DxmU
|
||||||
|
PpGVmoIKcKZmnl7RrDomRVpuGMdyQ+kCzIGH3XYe12v8Y5beHZBrd3OajgHZ/Tfp
|
||||||
|
jP873cT6h0hsGm9glgOYho8CAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcZg+iLaPZ0SpLM+nANxIjZC/RIsansjyutK0+gPhIe ";
|
||||||
|
};
|
||||||
puyak = {
|
puyak = {
|
||||||
ci = true;
|
ci = true;
|
||||||
owner = config.krebs.users.krebs;
|
owner = config.krebs.users.krebs;
|
||||||
|
@ -9,6 +9,7 @@ with import <stockholm/lib>;
|
|||||||
hosts = mapAttrs (_: recursiveUpdate {
|
hosts = mapAttrs (_: recursiveUpdate {
|
||||||
owner = config.krebs.users.lass;
|
owner = config.krebs.users.lass;
|
||||||
ci = true;
|
ci = true;
|
||||||
|
monitoring = true;
|
||||||
}) {
|
}) {
|
||||||
dishfire = {
|
dishfire = {
|
||||||
cores = 4;
|
cores = 4;
|
||||||
@ -43,39 +44,6 @@ with import <stockholm/lib>;
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGv0JMp0y+E5433GRSFKVK3cQmP0AAlS9aH9fk49yFxy";
|
||||||
};
|
};
|
||||||
echelon = {
|
|
||||||
cores = 2;
|
|
||||||
nets = rec {
|
|
||||||
internet = {
|
|
||||||
ip4.addr = "64.137.242.41";
|
|
||||||
aliases = [
|
|
||||||
"echelon.i"
|
|
||||||
];
|
|
||||||
ssh.port = 45621;
|
|
||||||
};
|
|
||||||
retiolum = {
|
|
||||||
via = internet;
|
|
||||||
ip4.addr = "10.243.206.103";
|
|
||||||
ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f763";
|
|
||||||
aliases = [
|
|
||||||
"echelon.r"
|
|
||||||
"cgit.echelon.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEAuscWOYdHu0bpWacvwTNd6bcmrAQ0YFxJWHZF8kPZr+bMKIhnXLkJ
|
|
||||||
oJheENIM6CA9lQQQFUxh2P2pxZavW5rgVlJxIKeiB+MB4v6ZO60LmZgpCsWGD/dX
|
|
||||||
MipM2tLtQxYhvLJIJxEBWn3rxIgeEnCtZsH1KLWyLczb+QpvTjMJ4TNh1nEBPE/f
|
|
||||||
4LUH1JHaGhcaHl2dLemR9wnnDIjmSj0ENJp2al+hWnIggcA/Zp0e4b86Oqbbs5wA
|
|
||||||
n++n5j971cTrBdA89nJDYOEtepisglScVRbgLqJG81lDA+n24RWFynn+U3oD/L8p
|
|
||||||
do+kxlwZUEDRbPU4AO5L+UeIbimsuIfXiQIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL21QDOEFdODFh6WAfNp6odrXo15pEsDQuGJfMu/cKzK";
|
|
||||||
};
|
|
||||||
prism = rec {
|
prism = rec {
|
||||||
cores = 4;
|
cores = 4;
|
||||||
extraZones = {
|
extraZones = {
|
||||||
@ -89,8 +57,11 @@ with import <stockholm/lib>;
|
|||||||
60 IN NS ns16.ovh.net.
|
60 IN NS ns16.ovh.net.
|
||||||
60 IN NS dns16.ovh.net.
|
60 IN NS dns16.ovh.net.
|
||||||
60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
60 IN TXT v=spf1 mx -all
|
60 IN TXT v=spf1 mx a:lassul.us -all
|
||||||
|
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
|
||||||
|
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"
|
||||||
cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
|
go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
io 60 IN NS ions.lassul.us.
|
io 60 IN NS ions.lassul.us.
|
||||||
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
paste 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||||
@ -149,6 +120,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
domsen-nas = {
|
domsen-nas = {
|
||||||
ci = false;
|
ci = false;
|
||||||
|
monitoring = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
internet = {
|
internet = {
|
||||||
@ -161,6 +133,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
uriel = {
|
uriel = {
|
||||||
|
monitoring = false;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
nets = {
|
nets = {
|
||||||
gg23 = {
|
gg23 = {
|
||||||
@ -399,10 +372,12 @@ with import <stockholm/lib>;
|
|||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
||||||
};
|
};
|
||||||
iso = {
|
iso = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
};
|
};
|
||||||
sokrateslaptop = {
|
sokrateslaptop = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = {
|
nets = {
|
||||||
@ -426,6 +401,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
turingmachine = {
|
turingmachine = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = {
|
nets = {
|
||||||
@ -454,6 +430,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
eddie = {
|
eddie = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
@ -494,6 +471,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
borg = {
|
borg = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = {
|
nets = {
|
||||||
@ -521,6 +499,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
inspector = {
|
inspector = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
@ -552,6 +531,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
dpdkm = {
|
dpdkm = {
|
||||||
|
monitoring = false;
|
||||||
ci = false;
|
ci = false;
|
||||||
external = true;
|
external = true;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
@ -618,6 +598,78 @@ with import <stockholm/lib>;
|
|||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
|
||||||
};
|
};
|
||||||
|
cabal = {
|
||||||
|
cores = 2;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.1.4";
|
||||||
|
ip6.addr = "42::1:4";
|
||||||
|
aliases = [
|
||||||
|
"cabal.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIECgKCBAEAukXm8xPpC6/F+wssYqQbqt1QDwsPrF3TJ9ToLFcN1WgDlhDhjM3A
|
||||||
|
SuRDMNjRT1fvVTuXyplH5g16eokW/yLOpNnznMS3/VR372pLPEOqfuRf7wAy18jj
|
||||||
|
rZkW3EO7nyZ8KMb+SXA8Q0KIpHY50Ezh+tqGoTZDICwoK6N5dKLgAZShS55JXwwK
|
||||||
|
qRG3vyzV3mDjgVyT0FNfyL1/BN1qvJ+tQQ40lEbkcQauMunMzNbH058kAd6H2/0e
|
||||||
|
LK4JkxI9XpZHE6Pf1epXyClHW7vT7APFRp9gL9tZS/XMC18+aEMFfQrNW9jb3FIq
|
||||||
|
rU5MfJ7aubboe7dT6CRaRSWpduiKLVzY/JCoGvUziyvmR7qHsQWTEjtNuQX9joc3
|
||||||
|
6iq1o+gmLV0G8Xwq8cEcg5USlLxNsGBQPwYnTG6iTPPHqOv7BKucekE/opnVZseE
|
||||||
|
fSNCGl1+tGwa3soSMI97LkpQTZxdeqf+jWZve0RbSa2Ihyod91ldFCqi1+PZx68v
|
||||||
|
yBI0PJamlt+dBx6WQKbPngWYeD8hXo7tg0XVRVa3ZQyX+Mq6uCCb2GM8ewMUPl+A
|
||||||
|
kcY1osFt6+sdkFGdiv3FMyijAiZumPoPprXC/4SGIsMnkoI4JfSAbTpHi2QuesqR
|
||||||
|
KMeairdB7XGUYlMvWpDLKN2dbMdRc+l3kDUKT7hALjKeyWS/27WYeK/STxvZXEXi
|
||||||
|
TZGHopvOFv6wcrb6nI49vIJo5mDLFamAPN3ZjeR20wP95UP7cUUSaTYX49M4lX6U
|
||||||
|
oL5BaFrcLn2PTvS84pUxcXKAp70FgTpvGJbaWwETgDjW+H+qlGmI/BTejpL7flVs
|
||||||
|
TOtaP/uCMxhVZSFv9bzo0ih10o+4gtU8lqxfJsVxlf2K7LVZ++LQba/u+XxRY+xw
|
||||||
|
3IFBfg34tnO6zYlV8XgAiJ6IUOHUZANsuBD4iMoFSVOig6t5eIOkgXR6GEkP8FBD
|
||||||
|
rkroRMmxcu4lTCOzWIuAVOxCd4XXguoGQ4HAzpGd5ccdcb8Ev4RYEvNJY7B5tIQZ
|
||||||
|
4J0F9ECzJuSu1HvWTL+T6a36d2MDTkXU2IJ2tSHciXqiP+QMMF7p9Ux0tiAq4mtf
|
||||||
|
luA94uKWg3cSyTyEM/jF66CgO6Ts3AivNE0MRNupV6AbUdr+TjzotGn9rxi168py
|
||||||
|
w/49OVbpR9EIGC2wxx7qcSEk5chFOcgvNQMRqgIx51bbOL7JYb0f4XuA38GUqLkG
|
||||||
|
09PXmPeyqGzR9HsV2XZDprZdD3Dy4ojdexw0+YILg9bHaAxLHYs6WFZvzfaLLsf1
|
||||||
|
K2I39vvrEEOy8tHi4jvMk7oVX6RWG+DOZMeXTvyUCaBHyYkA0eDlC6NeKOHxnW/g
|
||||||
|
ZtN1W93UdklEqc5okM0/ZIke1HDRt3ZLdQIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
secure = true;
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPsTeSAedrbp7/KmZX8Mvka702fIUy77Mvqo9HwzCbym";
|
||||||
|
};
|
||||||
|
red = {
|
||||||
|
monitoring = false;
|
||||||
|
cores = 1;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.0.13";
|
||||||
|
ip6.addr = "42:0:0:0:0:0:0:12ed";
|
||||||
|
aliases = [
|
||||||
|
"red.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArAN/62V2MV18wsZ9VMTG
|
||||||
|
4/cqsjvHlffAN8jYDq+GImgREvbiLlFhhHgxwKh0gcDTR8P1xX/00P3/fx/g5bRF
|
||||||
|
Te7LZT2AFmVFFFfx1n9NBweN/gG2/hzB9J8epbWLNT+RzpzHuAoREvDZ+jweSXaI
|
||||||
|
phdmQY2s36yrR3TAShqq0q4cwlXuHT00J+InDutM0mTftBQG/fvYkBhHOfq4WSY0
|
||||||
|
FeMK7DTKNbsqQiKKQ/kvWi7KfTW0F0c7SDpi7BLwbQzP2WbogtGy9MIrw9ZhE6Ox
|
||||||
|
TVdAksPKw0TlYdb16X/MkbzBqTYbxFlmWzpMJABMxIVwAfQx3ZGYvJDdDXmQS2qa
|
||||||
|
mDN2xBb/5pj3fbfp4wbwWlRVSd/AJQtRvaNY24F+UsRJb0WinIguDI6oRZx7Xt8w
|
||||||
|
oYirKqqq1leb3EYUt8TMIXQsOw0/Iq+JJCwB+ZyLLGVNB19XOxdR3RN1JYeZANpE
|
||||||
|
cMSS3SdFGgZ//ZAdhIN5kw9yMeKo6Rnt+Vdz3vZWTuSVp/xYO3IMGXNGAdIWIwrJ
|
||||||
|
7fwSl/rfXGG816h0sD46U0mxd+i68YOtHlzOKe+vMZ4/FJZYd/E5/IDQluV8HLwa
|
||||||
|
5lODfZXUmfStdV+GDA9KVEGUP5xSkC3rMnir66NgHzKpIL002/g/HfGu7O3MrvpW
|
||||||
|
ng7AMvRv5vbsYcJBj2HUhKUCAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKd/6eCR8yxC14zBJLIQgVa4Zbutv5yr2S8k08ztmBpp";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
users = {
|
users = {
|
||||||
lass = {
|
lass = {
|
||||||
|
@ -539,6 +539,7 @@ with import <stockholm/lib>;
|
|||||||
dl.euer IN A ${nets.internet.ip4.addr}
|
dl.euer IN A ${nets.internet.ip4.addr}
|
||||||
boot.euer IN A ${nets.internet.ip4.addr}
|
boot.euer IN A ${nets.internet.ip4.addr}
|
||||||
wiki.euer IN A ${nets.internet.ip4.addr}
|
wiki.euer IN A ${nets.internet.ip4.addr}
|
||||||
|
mon.euer IN A ${nets.internet.ip4.addr}
|
||||||
graph IN A ${nets.internet.ip4.addr}
|
graph IN A ${nets.internet.ip4.addr}
|
||||||
ghook IN A ${nets.internet.ip4.addr}
|
ghook IN A ${nets.internet.ip4.addr}
|
||||||
dockerhub IN A ${nets.internet.ip4.addr}
|
dockerhub IN A ${nets.internet.ip4.addr}
|
||||||
|
@ -93,6 +93,7 @@ let
|
|||||||
User = "newsbot-js";
|
User = "newsbot-js";
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
ExecStart = "${newsbot.package}/bin/newsbot";
|
ExecStart = "${newsbot.package}/bin/newsbot";
|
||||||
|
WatchdogSec = "86400";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
) cfg;
|
) cfg;
|
||||||
|
@ -1,8 +1,11 @@
|
|||||||
{ config, ... }:
|
{ config, ... }:
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
nixos-version-id = "${config.system.nixosVersion}";
|
nixos-version-id = if (hasAttr "nixos" config.system) then
|
||||||
nixos-version = "${nixos-version-id} (${config.system.nixosCodeName})";
|
"${config.system.nixos.version}" else "${config.system.nixosVersion}";
|
||||||
|
nixos-codeName = if (hasAttr "nixos" config.system) then
|
||||||
|
"${config.system.nixos.codeName}" else "${config.system.nixosCodeName}";
|
||||||
|
nixos-version = "${nixos-version-id} (${nixos-codeName})";
|
||||||
nixos-pretty-name = "NixOS ${nixos-version}";
|
nixos-pretty-name = "NixOS ${nixos-version}";
|
||||||
|
|
||||||
stockholm-version-id = let
|
stockholm-version-id = let
|
||||||
|
@ -1,25 +0,0 @@
|
|||||||
{ mkDerivation, attoparsec, base, containers, Diff, fetchgit, mtl
|
|
||||||
, nix-derivation, optparse-generic, stdenv, system-filepath, text
|
|
||||||
, unix, vector
|
|
||||||
}:
|
|
||||||
mkDerivation {
|
|
||||||
pname = "nix-diff";
|
|
||||||
version = "1.0.0-krebs1";
|
|
||||||
src = fetchgit {
|
|
||||||
url = "https://github.com/Gabriel439/nix-diff";
|
|
||||||
sha256 = "1k00nx8pannqmpzadkwfrs6bf79yk22ynhd033z5rsyw0m8fcz9k";
|
|
||||||
rev = "e32ffa2c7f38b47a71325a042c1d887fb46cdf7d";
|
|
||||||
};
|
|
||||||
patches = [
|
|
||||||
./nixos-system.patch
|
|
||||||
];
|
|
||||||
isLibrary = false;
|
|
||||||
isExecutable = true;
|
|
||||||
executableHaskellDepends = [
|
|
||||||
attoparsec base containers Diff mtl nix-derivation optparse-generic
|
|
||||||
system-filepath text unix vector
|
|
||||||
];
|
|
||||||
homepage = "https://github.com/Gabriel439/nix-diff";
|
|
||||||
description = "Explain why two Nix derivations differ";
|
|
||||||
license = stdenv.lib.licenses.bsd3;
|
|
||||||
}
|
|
@ -1,18 +0,0 @@
|
|||||||
diff --git a/src/Main.hs b/src/Main.hs
|
|
||||||
index 959ab8e..d3b6077 100644
|
|
||||||
--- a/src/Main.hs
|
|
||||||
+++ b/src/Main.hs
|
|
||||||
@@ -95,7 +95,12 @@ pathToText path =
|
|
||||||
underneath `/nix/store`, but this is the overwhelmingly common use case
|
|
||||||
-}
|
|
||||||
derivationName :: FilePath -> Text
|
|
||||||
-derivationName = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText
|
|
||||||
+derivationName p =
|
|
||||||
+ if Data.Text.isPrefixOf "nixos-system" s
|
|
||||||
+ then "nixos-system"
|
|
||||||
+ else s
|
|
||||||
+ where
|
|
||||||
+ s = Data.Text.dropEnd 4 . Data.Text.drop 44 . pathToText $ p
|
|
||||||
|
|
||||||
-- | Group input derivations by their name
|
|
||||||
groupByName :: Map FilePath (Set Text) -> Map Text (Map FilePath (Set Text))
|
|
@ -120,11 +120,24 @@ rec {
|
|||||||
url-title = (buildSimpleReaktorPlugin "url-title" {
|
url-title = (buildSimpleReaktorPlugin "url-title" {
|
||||||
pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$";
|
pattern = "^.*(?P<args>http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$$";
|
||||||
path = with pkgs; [ curl perl ];
|
path = with pkgs; [ curl perl ];
|
||||||
script = pkgs.writeDash "lambda-pl" ''
|
script = pkgs.writePython3 [ "beautifulsoup4" "lxml" ] "url-title" ''
|
||||||
if [ "$#" -gt 0 ]; then
|
import sys
|
||||||
curl -SsL --max-time 5 "$1" |
|
import urllib.request
|
||||||
perl -l -0777 -ne 'print $1 if /<title.*?>\s*(.*?)\s*<\/title/si'
|
from bs4 import BeautifulSoup
|
||||||
fi
|
|
||||||
|
try:
|
||||||
|
soup = BeautifulSoup(urllib.request.urlopen(sys.argv[1]), "lxml")
|
||||||
|
title = soup.find('title').string
|
||||||
|
|
||||||
|
if title:
|
||||||
|
if len(title) > 512:
|
||||||
|
print('message to long, skipped')
|
||||||
|
elif len(title.split('\n')) > 5:
|
||||||
|
print('to many lines, skipped')
|
||||||
|
else:
|
||||||
|
print(title)
|
||||||
|
except: # noqa: E722
|
||||||
|
pass
|
||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -18,17 +18,24 @@ def is_regex(line):
|
|||||||
myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$')
|
myre = re.compile(r'^s/(?:\\/|[^/])+/(?:\\/|[^/])*/[ig]?$')
|
||||||
return myre.match(line)
|
return myre.match(line)
|
||||||
|
|
||||||
|
|
||||||
line = argv[1]
|
line = argv[1]
|
||||||
|
|
||||||
if is_regex(line):
|
if is_regex(line):
|
||||||
last = d.get(usr, None)
|
last = d.get(usr, None)
|
||||||
if last:
|
if last:
|
||||||
from subprocess import Popen, PIPE
|
from subprocess import Popen, PIPE
|
||||||
p = Popen(['sed', line], stdin=PIPE, stdout=PIPE)
|
p = Popen(['sed', line], stdin=PIPE, stdout=PIPE, stderr=PIPE)
|
||||||
so, se = p.communicate(bytes("{}\n".format(last), "UTF-8"))
|
so, se = p.communicate(bytes("{}\n".format(last), "UTF-8"))
|
||||||
if p.returncode:
|
if p.returncode:
|
||||||
print("something went wrong when trying to process your regex: {}".format(se.decode()))
|
print("something went wrong when trying to process your regex: {}".format(line.strip()))
|
||||||
ret = so.decode()
|
ret = so.decode()
|
||||||
|
if len(ret) > 512:
|
||||||
|
print('message to long, skipped')
|
||||||
|
elif len(ret.split('\n')) > 5:
|
||||||
|
print('to many lines, skipped')
|
||||||
|
else:
|
||||||
|
if last.strip() != ret.strip():
|
||||||
print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip()))
|
print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip()))
|
||||||
if ret:
|
if ret:
|
||||||
d[usr] = ret
|
d[usr] = ret
|
||||||
|
@ -2,16 +2,15 @@
|
|||||||
|
|
||||||
python2Packages.buildPythonApplication rec {
|
python2Packages.buildPythonApplication rec {
|
||||||
name = "buildbot-classic-${version}";
|
name = "buildbot-classic-${version}";
|
||||||
version = "0.8.14";
|
version = "0.8.16";
|
||||||
namePrefix = "";
|
namePrefix = "";
|
||||||
patches = [];
|
patches = [];
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "krebscode";
|
owner = "krebscode";
|
||||||
repo = "buildbot-classic";
|
repo = "buildbot-classic";
|
||||||
# rev = "v${version}";
|
rev = version;
|
||||||
rev = "843463911";
|
sha256 = "0g686n6m0cjfyympl0ksansllx503gby3hx9gmc8hiyx6x5fkjha";
|
||||||
sha256 = "1ybl52ybjw5p09yik6bck9i1pvnvg94i0d32zqrwy67s77yx1mfd";
|
|
||||||
};
|
};
|
||||||
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
postUnpack = "sourceRoot=\${sourceRoot}/master";
|
||||||
|
|
||||||
|
123
krebs/5pkgs/simple/ejabberd/default.nix
Normal file
123
krebs/5pkgs/simple/ejabberd/default.nix
Normal file
@ -0,0 +1,123 @@
|
|||||||
|
{ stdenv, writeScriptBin, lib, fetchurl, git, cacert
|
||||||
|
, erlang, openssl, expat, libyaml, bash, gnused, gnugrep, coreutils, utillinux, procps, gd
|
||||||
|
, flock
|
||||||
|
, withMysql ? false
|
||||||
|
, withPgsql ? false
|
||||||
|
, withSqlite ? false, sqlite
|
||||||
|
, withPam ? false, pam
|
||||||
|
, withZlib ? true, zlib
|
||||||
|
, withRiak ? false
|
||||||
|
, withElixir ? false, elixir
|
||||||
|
, withIconv ? true
|
||||||
|
, withTools ? false
|
||||||
|
, withRedis ? false
|
||||||
|
}:
|
||||||
|
|
||||||
|
let
|
||||||
|
fakegit = writeScriptBin "git" ''
|
||||||
|
#! ${stdenv.shell} -e
|
||||||
|
if [ "$1" = "describe" ]; then
|
||||||
|
[ -r .rev ] && cat .rev || true
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
|
||||||
|
ctlpath = lib.makeBinPath [ bash gnused gnugrep coreutils utillinux procps ];
|
||||||
|
|
||||||
|
in stdenv.mkDerivation rec {
|
||||||
|
version = "18.01";
|
||||||
|
name = "ejabberd-${version}";
|
||||||
|
|
||||||
|
src = fetchurl {
|
||||||
|
url = "http://www.process-one.net/downloads/ejabberd/${version}/${name}.tgz";
|
||||||
|
sha256 = "01i2n8mlgw293jdf4172f9q8ca8m35vysjws791p7nynpfdb4cn6";
|
||||||
|
};
|
||||||
|
|
||||||
|
nativeBuildInputs = [ fakegit ];
|
||||||
|
|
||||||
|
buildInputs = [ erlang openssl expat libyaml gd ]
|
||||||
|
++ lib.optional withSqlite sqlite
|
||||||
|
++ lib.optional withPam pam
|
||||||
|
++ lib.optional withZlib zlib
|
||||||
|
++ lib.optional withElixir elixir
|
||||||
|
;
|
||||||
|
|
||||||
|
# Apparently needed for Elixir
|
||||||
|
LANG = "en_US.UTF-8";
|
||||||
|
|
||||||
|
deps = stdenv.mkDerivation {
|
||||||
|
name = "ejabberd-deps-${version}";
|
||||||
|
|
||||||
|
inherit src;
|
||||||
|
|
||||||
|
configureFlags = [ "--enable-all" "--with-sqlite3=${sqlite.dev}" ];
|
||||||
|
|
||||||
|
nativeBuildInputs = [ git erlang openssl expat libyaml sqlite pam zlib elixir ];
|
||||||
|
|
||||||
|
GIT_SSL_CAINFO = "${cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||||
|
|
||||||
|
makeFlags = [ "deps" ];
|
||||||
|
|
||||||
|
phases = [ "unpackPhase" "configurePhase" "buildPhase" "installPhase" ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
for i in deps/*; do
|
||||||
|
( cd $i
|
||||||
|
git reset --hard
|
||||||
|
git clean -ffdx
|
||||||
|
git describe --always --tags > .rev
|
||||||
|
rm -rf .git
|
||||||
|
)
|
||||||
|
done
|
||||||
|
rm deps/.got
|
||||||
|
|
||||||
|
cp -r deps $out
|
||||||
|
'';
|
||||||
|
|
||||||
|
outputHashMode = "recursive";
|
||||||
|
outputHashAlgo = "sha256";
|
||||||
|
outputHash = "1v3h0c7kfifb6wsfxyv5j1wc7rlxbb7r0pgd4s340wiyxnllzzhk";
|
||||||
|
};
|
||||||
|
|
||||||
|
configureFlags =
|
||||||
|
[ (lib.enableFeature withMysql "mysql")
|
||||||
|
(lib.enableFeature withPgsql "pgsql")
|
||||||
|
(lib.enableFeature withSqlite "sqlite")
|
||||||
|
(lib.enableFeature withPam "pam")
|
||||||
|
(lib.enableFeature withZlib "zlib")
|
||||||
|
(lib.enableFeature withRiak "riak")
|
||||||
|
(lib.enableFeature withElixir "elixir")
|
||||||
|
(lib.enableFeature withIconv "iconv")
|
||||||
|
(lib.enableFeature withTools "tools")
|
||||||
|
(lib.enableFeature withRedis "redis")
|
||||||
|
] ++ lib.optional withSqlite "--with-sqlite3=${sqlite.dev}";
|
||||||
|
|
||||||
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
./ejabberdctl.patch
|
||||||
|
];
|
||||||
|
|
||||||
|
preBuild = ''
|
||||||
|
cp -r $deps deps
|
||||||
|
chmod -R +w deps
|
||||||
|
patchShebangs deps
|
||||||
|
'';
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
sed -i \
|
||||||
|
-e '2iexport PATH=${ctlpath}:$PATH' \
|
||||||
|
-e 's,\(^ *FLOCK=\).*,\1${flock}/bin/flock,' \
|
||||||
|
-e 's,\(^ *JOT=\).*,\1,' \
|
||||||
|
-e 's,\(^ *CONNLOCKDIR=\).*,\1/var/lock/ejabberdctl,' \
|
||||||
|
$out/sbin/ejabberdctl
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "Open-source XMPP application server written in Erlang";
|
||||||
|
license = licenses.gpl2;
|
||||||
|
homepage = http://www.ejabberd.im;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
maintainers = with maintainers; [ sander abbradar ];
|
||||||
|
broken = withElixir;
|
||||||
|
};
|
||||||
|
}
|
32
krebs/5pkgs/simple/ejabberd/ejabberdctl.patch
Normal file
32
krebs/5pkgs/simple/ejabberd/ejabberdctl.patch
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
--- a/ejabberdctl.template 1970-01-01 01:00:01.000000000 +0100
|
||||||
|
+++ b/ejabberdctl.template 2018-04-24 23:06:54.127715441 +0200
|
||||||
|
@@ -42,19 +42,18 @@
|
||||||
|
esac
|
||||||
|
|
||||||
|
# parse command line parameters
|
||||||
|
-for arg; do
|
||||||
|
- case $arg in
|
||||||
|
- -n|--node) ERLANG_NODE_ARG=$2; shift;;
|
||||||
|
- -s|--spool) SPOOL_DIR=$2; shift;;
|
||||||
|
- -l|--logs) LOGS_DIR=$2; shift;;
|
||||||
|
- -f|--config) EJABBERD_CONFIG_PATH=$2; shift;;
|
||||||
|
- -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift;;
|
||||||
|
- -d|--config-dir) ETC_DIR=$2; shift;;
|
||||||
|
- -t|--no-timeout) NO_TIMEOUT="--no-timeout";;
|
||||||
|
- --) :;;
|
||||||
|
+while test $# -gt 0; do
|
||||||
|
+ case $1 in
|
||||||
|
+ -n|--node) ERLANG_NODE_ARG=$2; shift 2;;
|
||||||
|
+ -s|--spool) SPOOL_DIR=$2; shift 2;;
|
||||||
|
+ -l|--logs) LOGS_DIR=$2; shift 2;;
|
||||||
|
+ -f|--config) EJABBERD_CONFIG_PATH=$2; shift 2;;
|
||||||
|
+ -c|--ctl-config) EJABBERDCTL_CONFIG_PATH=$2; shift 2;;
|
||||||
|
+ -d|--config-dir) ETC_DIR=$2; shift 2;;
|
||||||
|
+ -t|--no-timeout) NO_TIMEOUT="--no-timeout"; shift 1;;
|
||||||
|
+ # --) :;; what is this for?
|
||||||
|
*) break;;
|
||||||
|
esac
|
||||||
|
- shift
|
||||||
|
done
|
||||||
|
|
||||||
|
# define ejabberd variables if not already defined from the command line
|
@ -1,64 +0,0 @@
|
|||||||
{ stdenv, fetchFromGitHub, python2Packages }:
|
|
||||||
|
|
||||||
python2Packages.buildPythonApplication rec {
|
|
||||||
name = "electron-cash-${src.rev}";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "fyookball";
|
|
||||||
repo = "electrum";
|
|
||||||
rev = "a2245ea";
|
|
||||||
sha256 = "1a0ym94azfd1yn97n2jcky344ajbj2amr9l6jpx30pqxndffpbgv";
|
|
||||||
};
|
|
||||||
|
|
||||||
propagatedBuildInputs = with python2Packages; [
|
|
||||||
dns
|
|
||||||
ecdsa
|
|
||||||
jsonrpclib
|
|
||||||
pbkdf2
|
|
||||||
pyaes
|
|
||||||
pycrypto
|
|
||||||
pyqt4
|
|
||||||
pysocks
|
|
||||||
qrcode
|
|
||||||
requests
|
|
||||||
tlslite
|
|
||||||
|
|
||||||
# plugins
|
|
||||||
keepkey
|
|
||||||
trezor
|
|
||||||
];
|
|
||||||
|
|
||||||
preBuild = ''
|
|
||||||
sed -i 's,usr_share = .*,usr_share = "'$out'/share",g' setup.py
|
|
||||||
pyrcc4 icons.qrc -o gui/qt/icons_rc.py
|
|
||||||
# Recording the creation timestamps introduces indeterminism to the build
|
|
||||||
sed -i '/Created: .*/d' gui/qt/icons_rc.py
|
|
||||||
'';
|
|
||||||
|
|
||||||
postInstall = ''
|
|
||||||
# Despite setting usr_share above, these files are installed under
|
|
||||||
# $out/nix ...
|
|
||||||
mv $out/lib/python2.7/site-packages/nix/store"/"*/share $out
|
|
||||||
rm -rf $out/lib/python2.7/site-packages/nix
|
|
||||||
|
|
||||||
substituteInPlace $out/share/applications/electron.desktop \
|
|
||||||
--replace "Exec=electrum %u" "Exec=$out/bin/electrum %u"
|
|
||||||
'';
|
|
||||||
|
|
||||||
doInstallCheck = true;
|
|
||||||
installCheckPhase = ''
|
|
||||||
$out/bin/electrum help >/dev/null
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
|
||||||
description = "A lightweight Bitcoin wallet";
|
|
||||||
longDescription = ''
|
|
||||||
An easy-to-use Bitcoin client featuring wallets generated from
|
|
||||||
mnemonic seeds (in addition to other, more advanced, wallet options)
|
|
||||||
and the ability to perform transactions without downloading a copy
|
|
||||||
of the blockchain.
|
|
||||||
'';
|
|
||||||
homepage = https://electrum.org/;
|
|
||||||
license = licenses.mit;
|
|
||||||
};
|
|
||||||
}
|
|
26
krebs/5pkgs/simple/font-size.nix
Normal file
26
krebs/5pkgs/simple/font-size.nix
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
{ writeDashBin }:
|
||||||
|
writeDashBin "font-size" ''
|
||||||
|
set -efu
|
||||||
|
|
||||||
|
# set_font NORMAL_FONT BOLD_FONT
|
||||||
|
set_font() {
|
||||||
|
printf '\033]710;%s\007' "$1"
|
||||||
|
printf '\033]711;%s\007' "$2"
|
||||||
|
}
|
||||||
|
|
||||||
|
case ''${1-} in
|
||||||
|
'''|0|--reset)
|
||||||
|
set_font \
|
||||||
|
-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 \
|
||||||
|
-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1 \
|
||||||
|
;;
|
||||||
|
[1-9]|[1-9][0-9]|[1-9][0-9][0-9])
|
||||||
|
set_font \
|
||||||
|
xft:Monospace:size=$1 \
|
||||||
|
xft:Monospace:size=$1:bold \
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "$0: bad argument: $1" >&2
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
''
|
46
krebs/5pkgs/simple/generate-secrets/default.nix
Normal file
46
krebs/5pkgs/simple/generate-secrets/default.nix
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
{ pkgs }:
|
||||||
|
pkgs.writeDashBin "generate-secrets" ''
|
||||||
|
HOSTNAME="$1"
|
||||||
|
TMPDIR=$(${pkgs.coreutils}/bin/mktemp -d)
|
||||||
|
PASSWORD=$(${pkgs.pwgen}/bin/pwgen 25 1)
|
||||||
|
HASHED_PASSWORD=$(echo $PASSWORD | ${pkgs.hashPassword}/bin/hashPassword -s) > /dev/null
|
||||||
|
|
||||||
|
${pkgs.openssh}/bin/ssh-keygen -t ed25519 -f $TMPDIR/ssh.id_ed25519 -P "" -C "" >/dev/null
|
||||||
|
${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
|
||||||
|
${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
|
||||||
|
cat <<EOF > $TMPDIR/hashedPasswords.nix
|
||||||
|
{
|
||||||
|
root = "$HASHED_PASSWORD";
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
cd $TMPDIR
|
||||||
|
for x in *; do
|
||||||
|
${pkgs.coreutils}/bin/cat $x | ${pkgs.brain}/bin/brain insert -m krebs-secrets/$HOSTNAME/$x > /dev/null
|
||||||
|
done
|
||||||
|
echo $PASSWORD | ${pkgs.brain}/bin/brain insert -m hosts/$HOSTNAME/root > /dev/null
|
||||||
|
|
||||||
|
cat <<EOF
|
||||||
|
$HOSTNAME = {
|
||||||
|
cores = 1;
|
||||||
|
owner = config.krebs.users.krebs;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.0.changeme";
|
||||||
|
ip6.addr = "42:0:0:0:0:0:0:changeme";
|
||||||
|
aliases = [
|
||||||
|
"$HOSTNAME.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ${"''"}
|
||||||
|
$(cat $TMPDIR/retiolum.rsa_key.pub)
|
||||||
|
${"''"};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "$(cat $TMPDIR/ssh.id_ed25519.pub)";
|
||||||
|
};
|
||||||
|
EOF
|
||||||
|
|
||||||
|
rm -rf $TMPDIR
|
||||||
|
''
|
||||||
|
|
@ -1,25 +1,26 @@
|
|||||||
{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }:
|
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-8_x, pkgs }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
np = (callPackage <nixpkgs/pkgs/top-level/node-packages.nix>) {
|
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
|
||||||
generated = ./packages.nix;
|
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
|
||||||
self = np;
|
nodejs = nodejs-8_x;
|
||||||
|
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
|
||||||
};
|
};
|
||||||
|
|
||||||
node_env = buildEnv {
|
node_env = pkgs.buildEnv {
|
||||||
name = "node_env";
|
name = "go-node_env";
|
||||||
paths = [
|
paths = attrValues (import ./node-packages.nix {
|
||||||
np.redis
|
inherit (pkgs) fetchurl fetchgit;
|
||||||
np."formidable"
|
inherit nodeEnv;
|
||||||
];
|
});
|
||||||
pathsToLink = [ "/lib" ];
|
|
||||||
ignoreCollisions = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
in np.buildNodePackage {
|
in stdenv.mkDerivation {
|
||||||
|
packageName = "go";
|
||||||
name = "go-shortener";
|
name = "go-shortener";
|
||||||
|
version = "0.0.0";
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = "http://cgit.lassul.us/go/";
|
url = "http://cgit.lassul.us/go/";
|
||||||
@ -32,10 +33,8 @@ in np.buildNodePackage {
|
|||||||
"installPhase"
|
"installPhase"
|
||||||
];
|
];
|
||||||
|
|
||||||
deps = (filter (v: nixType v == "derivation") (attrValues np));
|
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
nodejs
|
nodejs-8_x
|
||||||
makeWrapper
|
makeWrapper
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -44,7 +43,7 @@ in np.buildNodePackage {
|
|||||||
|
|
||||||
cp index.js $out/
|
cp index.js $out/
|
||||||
cat > $out/go << EOF
|
cat > $out/go << EOF
|
||||||
${nodejs}/bin/node $out/index.js
|
${nodejs-8_x}/bin/node $out/index.js
|
||||||
EOF
|
EOF
|
||||||
chmod +x $out/go
|
chmod +x $out/go
|
||||||
|
|
||||||
|
76
krebs/5pkgs/simple/go-shortener/node-packages.nix
Normal file
76
krebs/5pkgs/simple/go-shortener/node-packages.nix
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
# This file has been generated by node2nix 1.5.3. Do not edit!
|
||||||
|
|
||||||
|
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
|
||||||
|
|
||||||
|
let
|
||||||
|
sources = {
|
||||||
|
"double-ended-queue-2.1.0-0" = {
|
||||||
|
name = "double-ended-queue";
|
||||||
|
packageName = "double-ended-queue";
|
||||||
|
version = "2.1.0-0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/double-ended-queue/-/double-ended-queue-2.1.0-0.tgz";
|
||||||
|
sha1 = "103d3527fd31528f40188130c841efdd78264e5c";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"redis-commands-1.3.5" = {
|
||||||
|
name = "redis-commands";
|
||||||
|
packageName = "redis-commands";
|
||||||
|
version = "1.3.5";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/redis-commands/-/redis-commands-1.3.5.tgz";
|
||||||
|
sha512 = "2q8pai3gf0dczb03jjig3mpaz4j2kvw8icpgf8hp4fryr3d6c0mjkvxxdmlyhainybx4zhgqsw9ghc9p986alzdzd2n2p4cxvr8b0by";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"redis-parser-2.6.0" = {
|
||||||
|
name = "redis-parser";
|
||||||
|
packageName = "redis-parser";
|
||||||
|
version = "2.6.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/redis-parser/-/redis-parser-2.6.0.tgz";
|
||||||
|
sha1 = "52ed09dacac108f1a631c07e9b69941e7a19504b";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
formidable = nodeEnv.buildNodePackage {
|
||||||
|
name = "formidable";
|
||||||
|
packageName = "formidable";
|
||||||
|
version = "1.2.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/formidable/-/formidable-1.2.1.tgz";
|
||||||
|
sha512 = "1x0n2rfaiasdjbw1mm7s29z84f68c7iji7lb1gkxvpknvv6q7bwns7z55ijcf4vkh4kvis12rbgaaih49jf9lj53s30mllb1d35bkqn";
|
||||||
|
};
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "A node.js module for parsing form data, especially file uploads.";
|
||||||
|
homepage = https://github.com/felixge/node-formidable;
|
||||||
|
license = "MIT";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
redis = nodeEnv.buildNodePackage {
|
||||||
|
name = "redis";
|
||||||
|
packageName = "redis";
|
||||||
|
version = "2.8.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/redis/-/redis-2.8.0.tgz";
|
||||||
|
sha512 = "3a3044ax6qdvss83xgjfx10h5q91ls0mwgs3wpsnxcdsiipq3cnmqzsh6glyq0r7vsmpw49jp84c2jnfrhi2bgycrkd9hhhf6ia8lrk";
|
||||||
|
};
|
||||||
|
dependencies = [
|
||||||
|
sources."double-ended-queue-2.1.0-0"
|
||||||
|
sources."redis-commands-1.3.5"
|
||||||
|
sources."redis-parser-2.6.0"
|
||||||
|
];
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "Redis client library";
|
||||||
|
homepage = https://github.com/NodeRedis/node_redis;
|
||||||
|
license = "MIT";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
}
|
@ -1,44 +0,0 @@
|
|||||||
{ self, fetchurl, fetchgit ? null, lib }:
|
|
||||||
|
|
||||||
{
|
|
||||||
by-spec."formidable"."*" =
|
|
||||||
self.by-version."formidable"."1.0.17";
|
|
||||||
by-version."formidable"."1.0.17" = self.buildNodePackage {
|
|
||||||
name = "formidable-1.0.17";
|
|
||||||
version = "1.0.17";
|
|
||||||
bin = false;
|
|
||||||
src = fetchurl {
|
|
||||||
url = "http://registry.npmjs.org/formidable/-/formidable-1.0.17.tgz";
|
|
||||||
name = "formidable-1.0.17.tgz";
|
|
||||||
sha1 = "ef5491490f9433b705faa77249c99029ae348559";
|
|
||||||
};
|
|
||||||
deps = {
|
|
||||||
};
|
|
||||||
optionalDependencies = {
|
|
||||||
};
|
|
||||||
peerDependencies = [];
|
|
||||||
os = [ ];
|
|
||||||
cpu = [ ];
|
|
||||||
};
|
|
||||||
"formidable" = self.by-version."formidable"."1.0.17";
|
|
||||||
by-spec."redis"."*" =
|
|
||||||
self.by-version."redis"."2.1.0";
|
|
||||||
by-version."redis"."2.1.0" = self.buildNodePackage {
|
|
||||||
name = "redis-2.1.0";
|
|
||||||
version = "2.1.0";
|
|
||||||
bin = false;
|
|
||||||
src = fetchurl {
|
|
||||||
url = "http://registry.npmjs.org/redis/-/redis-2.1.0.tgz";
|
|
||||||
name = "redis-2.1.0.tgz";
|
|
||||||
sha1 = "38acb208f90750250f9451219b73ff08ae907f94";
|
|
||||||
};
|
|
||||||
deps = {
|
|
||||||
};
|
|
||||||
optionalDependencies = {
|
|
||||||
};
|
|
||||||
peerDependencies = [];
|
|
||||||
os = [ ];
|
|
||||||
cpu = [ ];
|
|
||||||
};
|
|
||||||
"redis" = self.by-version."redis"."2.1.0";
|
|
||||||
}
|
|
4
krebs/5pkgs/simple/go-shortener/pkgs.json
Normal file
4
krebs/5pkgs/simple/go-shortener/pkgs.json
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
[
|
||||||
|
"formidable",
|
||||||
|
"redis"
|
||||||
|
]
|
2
krebs/5pkgs/simple/go-shortener/update.sh
Executable file
2
krebs/5pkgs/simple/go-shortener/update.sh
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
node2nix -8 -i pkgs.json -c combine.nix
|
||||||
|
rm node-env.nix combine.nix
|
@ -1,7 +1,7 @@
|
|||||||
{ lib, pkgs, ... }:
|
{ lib, pkgs, ... }:
|
||||||
|
|
||||||
pkgs.writeDashBin "hashPassword" ''
|
pkgs.writeDashBin "hashPassword" ''
|
||||||
# usage: hashPassword
|
# usage: hashPassword [...]
|
||||||
set -euf
|
set -euf
|
||||||
|
|
||||||
export PATH=${lib.makeBinPath (with pkgs; [
|
export PATH=${lib.makeBinPath (with pkgs; [
|
||||||
@ -11,5 +11,5 @@ pkgs.writeDashBin "hashPassword" ''
|
|||||||
])}
|
])}
|
||||||
|
|
||||||
salt=$(openssl rand -base64 16 | tr -d '+=' | head -c 16)
|
salt=$(openssl rand -base64 16 | tr -d '+=' | head -c 16)
|
||||||
exec mkpasswd -m sha-512 -S "$salt"
|
exec mkpasswd -m sha-512 -S "$salt" "$@"
|
||||||
''
|
''
|
||||||
|
7
krebs/5pkgs/simple/kops.nix
Normal file
7
krebs/5pkgs/simple/kops.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ fetchgit, ... }:
|
||||||
|
|
||||||
|
fetchgit {
|
||||||
|
url = https://cgit.krebsco.de/kops;
|
||||||
|
rev = "refs/tags/v1.1.0";
|
||||||
|
sha256 = "0k3zhv2830z4bljcdvf6ciwjihk2zzcn9y23p49c6sba5hbsd6jb";
|
||||||
|
}
|
@ -1,27 +1,27 @@
|
|||||||
{ stdenv, makeWrapper, callPackage, lib, buildEnv, fetchgit, nodePackages, nodejs }:
|
{ stdenv, makeWrapper, lib, buildEnv, fetchgit, nodejs-8_x, pkgs, icu }:
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
np = (callPackage <nixpkgs/pkgs/top-level/node-packages.nix>) {
|
nodeEnv = import <nixpkgs/pkgs/development/node-packages/node-env.nix> {
|
||||||
generated = ./packages.nix;
|
inherit (pkgs) stdenv python2 utillinux runCommand writeTextFile;
|
||||||
self = np;
|
nodejs = nodejs-8_x;
|
||||||
|
libtool = if pkgs.stdenv.isDarwin then pkgs.darwin.cctools else null;
|
||||||
};
|
};
|
||||||
|
|
||||||
node_env = buildEnv {
|
node_env = pkgs.buildEnv {
|
||||||
name = "node_env";
|
name = "go-node_env";
|
||||||
paths = [
|
paths = attrValues (import ./node-packages.nix {
|
||||||
np.feedparser
|
inherit (pkgs) fetchurl fetchgit;
|
||||||
np.form-data
|
inherit nodeEnv;
|
||||||
np.irc
|
globalBuildInputs = [
|
||||||
np.request
|
icu.dev
|
||||||
np.shell-quote
|
|
||||||
];
|
];
|
||||||
pathsToLink = [ "/lib" ];
|
});
|
||||||
ignoreCollisions = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
in np.buildNodePackage {
|
|
||||||
|
in stdenv.mkDerivation {
|
||||||
name = "newsbot-js";
|
name = "newsbot-js";
|
||||||
|
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
@ -32,14 +32,11 @@ in np.buildNodePackage {
|
|||||||
|
|
||||||
phases = [
|
phases = [
|
||||||
"unpackPhase"
|
"unpackPhase"
|
||||||
"patchPhase"
|
|
||||||
"installPhase"
|
"installPhase"
|
||||||
];
|
];
|
||||||
|
|
||||||
deps = (filter (v: nixType v == "derivation") (attrValues np));
|
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
nodejs
|
nodejs-8_x
|
||||||
makeWrapper
|
makeWrapper
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -48,7 +45,7 @@ in np.buildNodePackage {
|
|||||||
|
|
||||||
cp newsbot.js $out/
|
cp newsbot.js $out/
|
||||||
cat > $out/newsbot << EOF
|
cat > $out/newsbot << EOF
|
||||||
${nodejs}/bin/node $out/newsbot.js
|
${nodejs-8_x}/bin/node $out/newsbot.js
|
||||||
EOF
|
EOF
|
||||||
chmod +x $out/newsbot
|
chmod +x $out/newsbot
|
||||||
|
|
||||||
|
844
krebs/5pkgs/simple/newsbot-js/node-packages.nix
Normal file
844
krebs/5pkgs/simple/newsbot-js/node-packages.nix
Normal file
@ -0,0 +1,844 @@
|
|||||||
|
# This file has been generated by node2nix 1.5.3. Do not edit!
|
||||||
|
|
||||||
|
{nodeEnv, fetchurl, fetchgit, globalBuildInputs ? []}:
|
||||||
|
|
||||||
|
let
|
||||||
|
sources = {
|
||||||
|
"addressparser-1.0.1" = {
|
||||||
|
name = "addressparser";
|
||||||
|
packageName = "addressparser";
|
||||||
|
version = "1.0.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/addressparser/-/addressparser-1.0.1.tgz";
|
||||||
|
sha1 = "47afbe1a2a9262191db6838e4fd1d39b40821746";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"ajv-5.5.2" = {
|
||||||
|
name = "ajv";
|
||||||
|
packageName = "ajv";
|
||||||
|
version = "5.5.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz";
|
||||||
|
sha1 = "73b5eeca3fab653e3d3f9422b341ad42205dc965";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"array-filter-0.0.1" = {
|
||||||
|
name = "array-filter";
|
||||||
|
packageName = "array-filter";
|
||||||
|
version = "0.0.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/array-filter/-/array-filter-0.0.1.tgz";
|
||||||
|
sha1 = "7da8cf2e26628ed732803581fd21f67cacd2eeec";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"array-indexofobject-0.0.1" = {
|
||||||
|
name = "array-indexofobject";
|
||||||
|
packageName = "array-indexofobject";
|
||||||
|
version = "0.0.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/array-indexofobject/-/array-indexofobject-0.0.1.tgz";
|
||||||
|
sha1 = "aaa128e62c9b3c358094568c219ff64fe489d42a";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"array-map-0.0.0" = {
|
||||||
|
name = "array-map";
|
||||||
|
packageName = "array-map";
|
||||||
|
version = "0.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/array-map/-/array-map-0.0.0.tgz";
|
||||||
|
sha1 = "88a2bab73d1cf7bcd5c1b118a003f66f665fa662";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"array-reduce-0.0.0" = {
|
||||||
|
name = "array-reduce";
|
||||||
|
packageName = "array-reduce";
|
||||||
|
version = "0.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/array-reduce/-/array-reduce-0.0.0.tgz";
|
||||||
|
sha1 = "173899d3ffd1c7d9383e4479525dbe278cab5f2b";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"asn1-0.2.3" = {
|
||||||
|
name = "asn1";
|
||||||
|
packageName = "asn1";
|
||||||
|
version = "0.2.3";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/asn1/-/asn1-0.2.3.tgz";
|
||||||
|
sha1 = "dac8787713c9966849fc8180777ebe9c1ddf3b86";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"assert-plus-1.0.0" = {
|
||||||
|
name = "assert-plus";
|
||||||
|
packageName = "assert-plus";
|
||||||
|
version = "1.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz";
|
||||||
|
sha1 = "f12e0f3c5d77b0b1cdd9146942e4e96c1e4dd525";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"asynckit-0.4.0" = {
|
||||||
|
name = "asynckit";
|
||||||
|
packageName = "asynckit";
|
||||||
|
version = "0.4.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz";
|
||||||
|
sha1 = "c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"aws-sign2-0.7.0" = {
|
||||||
|
name = "aws-sign2";
|
||||||
|
packageName = "aws-sign2";
|
||||||
|
version = "0.7.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz";
|
||||||
|
sha1 = "b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"aws4-1.6.0" = {
|
||||||
|
name = "aws4";
|
||||||
|
packageName = "aws4";
|
||||||
|
version = "1.6.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/aws4/-/aws4-1.6.0.tgz";
|
||||||
|
sha1 = "83ef5ca860b2b32e4a0deedee8c771b9db57471e";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"bcrypt-pbkdf-1.0.1" = {
|
||||||
|
name = "bcrypt-pbkdf";
|
||||||
|
packageName = "bcrypt-pbkdf";
|
||||||
|
version = "1.0.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.1.tgz";
|
||||||
|
sha1 = "63bc5dcb61331b92bc05fd528953c33462a06f8d";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"boom-4.3.1" = {
|
||||||
|
name = "boom";
|
||||||
|
packageName = "boom";
|
||||||
|
version = "4.3.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/boom/-/boom-4.3.1.tgz";
|
||||||
|
sha1 = "4f8a3005cb4a7e3889f749030fd25b96e01d2e31";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"boom-5.2.0" = {
|
||||||
|
name = "boom";
|
||||||
|
packageName = "boom";
|
||||||
|
version = "5.2.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/boom/-/boom-5.2.0.tgz";
|
||||||
|
sha512 = "19h20yqpvca08dns1rs4f057f10w63v0snxfml4h5khsk266x3x1im0w72bza4k2xn0kfz6jlv001dhcvxsjr09bmbqnysils9m7437";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"caseless-0.12.0" = {
|
||||||
|
name = "caseless";
|
||||||
|
packageName = "caseless";
|
||||||
|
version = "0.12.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz";
|
||||||
|
sha1 = "1b681c21ff84033c826543090689420d187151dc";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"co-4.6.0" = {
|
||||||
|
name = "co";
|
||||||
|
packageName = "co";
|
||||||
|
version = "4.6.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/co/-/co-4.6.0.tgz";
|
||||||
|
sha1 = "6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"combined-stream-1.0.6" = {
|
||||||
|
name = "combined-stream";
|
||||||
|
packageName = "combined-stream";
|
||||||
|
version = "1.0.6";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.6.tgz";
|
||||||
|
sha1 = "723e7df6e801ac5613113a7e445a9b69cb632818";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"core-util-is-1.0.2" = {
|
||||||
|
name = "core-util-is";
|
||||||
|
packageName = "core-util-is";
|
||||||
|
version = "1.0.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz";
|
||||||
|
sha1 = "b5fd54220aa2bc5ab57aab7140c940754503c1a7";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"cryptiles-3.1.2" = {
|
||||||
|
name = "cryptiles";
|
||||||
|
packageName = "cryptiles";
|
||||||
|
version = "3.1.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/cryptiles/-/cryptiles-3.1.2.tgz";
|
||||||
|
sha1 = "a89fbb220f5ce25ec56e8c4aa8a4fd7b5b0d29fe";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"dashdash-1.14.1" = {
|
||||||
|
name = "dashdash";
|
||||||
|
packageName = "dashdash";
|
||||||
|
version = "1.14.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz";
|
||||||
|
sha1 = "853cfa0f7cbe2fed5de20326b8dd581035f6e2f0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"delayed-stream-1.0.0" = {
|
||||||
|
name = "delayed-stream";
|
||||||
|
packageName = "delayed-stream";
|
||||||
|
version = "1.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz";
|
||||||
|
sha1 = "df3ae199acadfb7d440aaae0b29e2272b24ec619";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"ecc-jsbn-0.1.1" = {
|
||||||
|
name = "ecc-jsbn";
|
||||||
|
packageName = "ecc-jsbn";
|
||||||
|
version = "0.1.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.1.tgz";
|
||||||
|
sha1 = "0fc73a9ed5f0d53c38193398523ef7e543777505";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"extend-3.0.1" = {
|
||||||
|
name = "extend";
|
||||||
|
packageName = "extend";
|
||||||
|
version = "3.0.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz";
|
||||||
|
sha1 = "a755ea7bc1adfcc5a31ce7e762dbaadc5e636444";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"extsprintf-1.3.0" = {
|
||||||
|
name = "extsprintf";
|
||||||
|
packageName = "extsprintf";
|
||||||
|
version = "1.3.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz";
|
||||||
|
sha1 = "96918440e3041a7a414f8c52e3c574eb3c3e1e05";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"fast-deep-equal-1.1.0" = {
|
||||||
|
name = "fast-deep-equal";
|
||||||
|
packageName = "fast-deep-equal";
|
||||||
|
version = "1.1.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz";
|
||||||
|
sha1 = "c053477817c86b51daa853c81e059b733d023614";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"fast-json-stable-stringify-2.0.0" = {
|
||||||
|
name = "fast-json-stable-stringify";
|
||||||
|
packageName = "fast-json-stable-stringify";
|
||||||
|
version = "2.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz";
|
||||||
|
sha1 = "d5142c0caee6b1189f87d3a76111064f86c8bbf2";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"forever-agent-0.6.1" = {
|
||||||
|
name = "forever-agent";
|
||||||
|
packageName = "forever-agent";
|
||||||
|
version = "0.6.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz";
|
||||||
|
sha1 = "fbc71f0c41adeb37f96c577ad1ed42d8fdacca91";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"form-data-2.3.2" = {
|
||||||
|
name = "form-data";
|
||||||
|
packageName = "form-data";
|
||||||
|
version = "2.3.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz";
|
||||||
|
sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"getpass-0.1.7" = {
|
||||||
|
name = "getpass";
|
||||||
|
packageName = "getpass";
|
||||||
|
version = "0.1.7";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz";
|
||||||
|
sha1 = "5eff8e3e684d569ae4cb2b1282604e8ba62149fa";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"har-schema-2.0.0" = {
|
||||||
|
name = "har-schema";
|
||||||
|
packageName = "har-schema";
|
||||||
|
version = "2.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz";
|
||||||
|
sha1 = "a94c2224ebcac04782a0d9035521f24735b7ec92";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"har-validator-5.0.3" = {
|
||||||
|
name = "har-validator";
|
||||||
|
packageName = "har-validator";
|
||||||
|
version = "5.0.3";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/har-validator/-/har-validator-5.0.3.tgz";
|
||||||
|
sha1 = "ba402c266194f15956ef15e0fcf242993f6a7dfd";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"hawk-6.0.2" = {
|
||||||
|
name = "hawk";
|
||||||
|
packageName = "hawk";
|
||||||
|
version = "6.0.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/hawk/-/hawk-6.0.2.tgz";
|
||||||
|
sha512 = "1nl2hjr2mnhj5jlaz8mh54z7acwz5j5idkch04qgjk78756gw5d0fjk4a2immil5ij9ijdssb9ndpryvnh2xpcbgcjv8lxybn330als";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"hoek-4.2.1" = {
|
||||||
|
name = "hoek";
|
||||||
|
packageName = "hoek";
|
||||||
|
version = "4.2.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/hoek/-/hoek-4.2.1.tgz";
|
||||||
|
sha512 = "1y8kprb3qldxqj31zai5n8dvhydsl9nn5w4rskhnbzzhldn6pm6n5lcyam3sfkb61a62d5m58k8im7z6ngwbd9cw9zp4zm4y7ckrf20";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"http-signature-1.2.0" = {
|
||||||
|
name = "http-signature";
|
||||||
|
packageName = "http-signature";
|
||||||
|
version = "1.2.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz";
|
||||||
|
sha1 = "9aecd925114772f3d95b65a60abb8f7c18fbace1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"iconv-2.2.3" = {
|
||||||
|
name = "iconv";
|
||||||
|
packageName = "iconv";
|
||||||
|
version = "2.2.3";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/iconv/-/iconv-2.2.3.tgz";
|
||||||
|
sha1 = "e084d60eeb7d73da7f0a9c096e4c8abe090bfaed";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"inherits-2.0.3" = {
|
||||||
|
name = "inherits";
|
||||||
|
packageName = "inherits";
|
||||||
|
version = "2.0.3";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/inherits/-/inherits-2.0.3.tgz";
|
||||||
|
sha1 = "633c2c83e3da42a502f52466022480f4208261de";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"irc-colors-1.4.2" = {
|
||||||
|
name = "irc-colors";
|
||||||
|
packageName = "irc-colors";
|
||||||
|
version = "1.4.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/irc-colors/-/irc-colors-1.4.2.tgz";
|
||||||
|
sha512 = "0f75yhavbhr8lbh3lh83rvyfrrrcxjawnd2rz7sacjd3zxj5524xr28j66f2l11vlngdkbplxz5xsq9dnwrcyqa0jh64k2pvzhn17a1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"is-typedarray-1.0.0" = {
|
||||||
|
name = "is-typedarray";
|
||||||
|
packageName = "is-typedarray";
|
||||||
|
version = "1.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz";
|
||||||
|
sha1 = "e479c80858df0c1b11ddda6940f96011fcda4a9a";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"isarray-1.0.0" = {
|
||||||
|
name = "isarray";
|
||||||
|
packageName = "isarray";
|
||||||
|
version = "1.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz";
|
||||||
|
sha1 = "bb935d48582cba168c06834957a54a3e07124f11";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"isstream-0.1.2" = {
|
||||||
|
name = "isstream";
|
||||||
|
packageName = "isstream";
|
||||||
|
version = "0.1.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz";
|
||||||
|
sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"jsbn-0.1.1" = {
|
||||||
|
name = "jsbn";
|
||||||
|
packageName = "jsbn";
|
||||||
|
version = "0.1.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz";
|
||||||
|
sha1 = "a5e654c2e5a2deb5f201d96cefbca80c0ef2f513";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"json-schema-0.2.3" = {
|
||||||
|
name = "json-schema";
|
||||||
|
packageName = "json-schema";
|
||||||
|
version = "0.2.3";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz";
|
||||||
|
sha1 = "b480c892e59a2f05954ce727bd3f2a4e882f9e13";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"json-schema-traverse-0.3.1" = {
|
||||||
|
name = "json-schema-traverse";
|
||||||
|
packageName = "json-schema-traverse";
|
||||||
|
version = "0.3.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz";
|
||||||
|
sha1 = "349a6d44c53a51de89b40805c5d5e59b417d3340";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"json-stringify-safe-5.0.1" = {
|
||||||
|
name = "json-stringify-safe";
|
||||||
|
packageName = "json-stringify-safe";
|
||||||
|
version = "5.0.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz";
|
||||||
|
sha1 = "1296a2d58fd45f19a0f6ce01d65701e2c735b6eb";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"jsonify-0.0.0" = {
|
||||||
|
name = "jsonify";
|
||||||
|
packageName = "jsonify";
|
||||||
|
version = "0.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz";
|
||||||
|
sha1 = "2c74b6ee41d93ca51b7b5aaee8f503631d252a73";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"jsprim-1.4.1" = {
|
||||||
|
name = "jsprim";
|
||||||
|
packageName = "jsprim";
|
||||||
|
version = "1.4.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz";
|
||||||
|
sha1 = "313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"lodash.assign-4.2.0" = {
|
||||||
|
name = "lodash.assign";
|
||||||
|
packageName = "lodash.assign";
|
||||||
|
version = "4.2.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz";
|
||||||
|
sha1 = "0d99f3ccd7a6d261d19bdaeb9245005d285808e7";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"lodash.get-4.4.2" = {
|
||||||
|
name = "lodash.get";
|
||||||
|
packageName = "lodash.get";
|
||||||
|
version = "4.4.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz";
|
||||||
|
sha1 = "2d177f652fa31e939b4438d5341499dfa3825e99";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"lodash.has-4.5.2" = {
|
||||||
|
name = "lodash.has";
|
||||||
|
packageName = "lodash.has";
|
||||||
|
version = "4.5.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/lodash.has/-/lodash.has-4.5.2.tgz";
|
||||||
|
sha1 = "d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"lodash.uniq-4.5.0" = {
|
||||||
|
name = "lodash.uniq";
|
||||||
|
packageName = "lodash.uniq";
|
||||||
|
version = "4.5.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz";
|
||||||
|
sha1 = "d0225373aeb652adc1bc82e4945339a842754773";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"mime-db-1.33.0" = {
|
||||||
|
name = "mime-db";
|
||||||
|
packageName = "mime-db";
|
||||||
|
version = "1.33.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/mime-db/-/mime-db-1.33.0.tgz";
|
||||||
|
sha512 = "36xnw59ik9fqym00cmwb5nyzg0l03k70cp413f7639j93wgmzk1mh0xjc7i6zz3r6k9xnwh0g5cm5a1f3y8c6plgy4qld7fm887ywh4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"mime-types-2.1.18" = {
|
||||||
|
name = "mime-types";
|
||||||
|
packageName = "mime-types";
|
||||||
|
version = "2.1.18";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.18.tgz";
|
||||||
|
sha512 = "22krj1kw7n9z10zdyx7smcaim4bzwqsqzhspwha06q58gcrxfp93hw2cd0vk5crhq5p2dwzqlpacg32lrmp5sjzb798zdzy35mdmkwm";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"mri-1.1.0" = {
|
||||||
|
name = "mri";
|
||||||
|
packageName = "mri";
|
||||||
|
version = "1.1.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/mri/-/mri-1.1.0.tgz";
|
||||||
|
sha1 = "5c0a3f29c8ccffbbb1ec941dcec09d71fa32f36a";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"nan-2.10.0" = {
|
||||||
|
name = "nan";
|
||||||
|
packageName = "nan";
|
||||||
|
version = "2.10.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz";
|
||||||
|
sha512 = "349rr7x0djrlkav4gbhkg355852ingn965r0kkch8rr4cwp7qki9676zpq8cq988yszzd2hld6szsbbnd1v6rghzf11abn1nyzlj1vc";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"node-icu-charset-detector-0.2.0" = {
|
||||||
|
name = "node-icu-charset-detector";
|
||||||
|
packageName = "node-icu-charset-detector";
|
||||||
|
version = "0.2.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/node-icu-charset-detector/-/node-icu-charset-detector-0.2.0.tgz";
|
||||||
|
sha1 = "c2320da374ddcb671fc54cb4a0e041e156ffd639";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"oauth-sign-0.8.2" = {
|
||||||
|
name = "oauth-sign";
|
||||||
|
packageName = "oauth-sign";
|
||||||
|
version = "0.8.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz";
|
||||||
|
sha1 = "46a6ab7f0aead8deae9ec0565780b7d4efeb9d43";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"performance-now-2.1.0" = {
|
||||||
|
name = "performance-now";
|
||||||
|
packageName = "performance-now";
|
||||||
|
version = "2.1.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz";
|
||||||
|
sha1 = "6309f4e0e5fa913ec1c69307ae364b4b377c9e7b";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"process-nextick-args-2.0.0" = {
|
||||||
|
name = "process-nextick-args";
|
||||||
|
packageName = "process-nextick-args";
|
||||||
|
version = "2.0.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz";
|
||||||
|
sha512 = "0rw8xpqqkhs91722slvzf8icxfaimqp4w8zb3840jxr7r8n8035byl6dhdi5bm0yr6x7sdws0gf3m025fg6hqgaklwlbl4d7bah5l9j";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"punycode-1.4.1" = {
|
||||||
|
name = "punycode";
|
||||||
|
packageName = "punycode";
|
||||||
|
version = "1.4.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/punycode/-/punycode-1.4.1.tgz";
|
||||||
|
sha1 = "c0d5a63b2718800ad8e1eb0fa5269c84dd41845e";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"qs-6.5.1" = {
|
||||||
|
name = "qs";
|
||||||
|
packageName = "qs";
|
||||||
|
version = "6.5.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/qs/-/qs-6.5.1.tgz";
|
||||||
|
sha512 = "3waqapyj1k4g135sgj636rmswiaixq19is1rw0rpv4qp6k7dl0a9nwy06m7yl5lbdk9p6xpwwngnggbzlzaz6rh11c86j2nvnnf273r";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"readable-stream-2.3.6" = {
|
||||||
|
name = "readable-stream";
|
||||||
|
packageName = "readable-stream";
|
||||||
|
version = "2.3.6";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz";
|
||||||
|
sha512 = "0mj9b6190amln9rg89x5pq2n195s3v0gzicpdamv1kbabg69aw5m71l34jsjn7bqil7405l6l35x9ijnb3h4jz5vx2i00l8sl1ll2xm";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"safe-buffer-5.1.1" = {
|
||||||
|
name = "safe-buffer";
|
||||||
|
packageName = "safe-buffer";
|
||||||
|
version = "5.1.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz";
|
||||||
|
sha512 = "1p28rllll1w65yzq5azi4izx962399xdsdlfbaynn7vmp981hiss05jhiy9hm7sbbfk3b4dhlcv0zy07fc59mnc07hdv6wcgqkcvawh";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"sax-1.2.4" = {
|
||||||
|
name = "sax";
|
||||||
|
packageName = "sax";
|
||||||
|
version = "1.2.4";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz";
|
||||||
|
sha512 = "1dn291mjsda42w8kldlbmngk6dhjxfbvvd5lckyqmwbjaj6069iq3wx0nvcfglwnpddz2qa93lzf4hv77iz43bd2qixa079sjzl799n";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"sntp-2.1.0" = {
|
||||||
|
name = "sntp";
|
||||||
|
packageName = "sntp";
|
||||||
|
version = "2.1.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/sntp/-/sntp-2.1.0.tgz";
|
||||||
|
sha512 = "0k2smmr24w5hb1cpql6vcgh58vzp4pmh9anf0bgz3arlsgq1mapnlq9fjqr6xs10aq1cmxaw987fwknqi62frax0fvs9bj3q3kmpg8l";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"sshpk-1.14.1" = {
|
||||||
|
name = "sshpk";
|
||||||
|
packageName = "sshpk";
|
||||||
|
version = "1.14.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/sshpk/-/sshpk-1.14.1.tgz";
|
||||||
|
sha1 = "130f5975eddad963f1d56f92b9ac6c51fa9f83eb";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"string_decoder-1.1.1" = {
|
||||||
|
name = "string_decoder";
|
||||||
|
packageName = "string_decoder";
|
||||||
|
version = "1.1.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz";
|
||||||
|
sha512 = "315yd4vzwrwk3vwj1klf46y1cj2jbvf88066y2rnwhksb98phj46jkxixbwsp3h607w7czy7cby522s7sx8mvspdpdm3s72y2ga3x4z";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"stringstream-0.0.5" = {
|
||||||
|
name = "stringstream";
|
||||||
|
packageName = "stringstream";
|
||||||
|
version = "0.0.5";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz";
|
||||||
|
sha1 = "4e484cd4de5a0bbbee18e46307710a8a81621878";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"tough-cookie-2.3.4" = {
|
||||||
|
name = "tough-cookie";
|
||||||
|
packageName = "tough-cookie";
|
||||||
|
version = "2.3.4";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.4.tgz";
|
||||||
|
sha512 = "0ncm6j3cjq1f26mzjf04k9bkw1b08w53s4qa3a11c1bdj4pgnqv1422c1xs5jyy6y1psppjx52fhagq5zkjkgrcpdkxcdiry96r77jd";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"tunnel-agent-0.6.0" = {
|
||||||
|
name = "tunnel-agent";
|
||||||
|
packageName = "tunnel-agent";
|
||||||
|
version = "0.6.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz";
|
||||||
|
sha1 = "27a5dea06b36b04a0a9966774b290868f0fc40fd";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"tweetnacl-0.14.5" = {
|
||||||
|
name = "tweetnacl";
|
||||||
|
packageName = "tweetnacl";
|
||||||
|
version = "0.14.5";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz";
|
||||||
|
sha1 = "5ae68177f192d4456269d108afa93ff8743f4f64";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"util-deprecate-1.0.2" = {
|
||||||
|
name = "util-deprecate";
|
||||||
|
packageName = "util-deprecate";
|
||||||
|
version = "1.0.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz";
|
||||||
|
sha1 = "450d4dc9fa70de732762fbd2d4a28981419a0ccf";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"uuid-3.2.1" = {
|
||||||
|
name = "uuid";
|
||||||
|
packageName = "uuid";
|
||||||
|
version = "3.2.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/uuid/-/uuid-3.2.1.tgz";
|
||||||
|
sha512 = "0843vl1c974n8kw5kn0kvhvhwk8y8jydr0xkwwl2963xxmkw4ingk6xj9c8m48jw2i95giglxzq5aw5v5mij9kv7fzln8pxav1cr6cd";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"verror-1.10.0" = {
|
||||||
|
name = "verror";
|
||||||
|
packageName = "verror";
|
||||||
|
version = "1.10.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz";
|
||||||
|
sha1 = "3a105ca17053af55d6e270c1f8288682e18da400";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
feedparser = nodeEnv.buildNodePackage {
|
||||||
|
name = "feedparser";
|
||||||
|
packageName = "feedparser";
|
||||||
|
version = "2.2.9";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/feedparser/-/feedparser-2.2.9.tgz";
|
||||||
|
sha1 = "9138197dafdae05fcadde0036beeaf6066c2c5e9";
|
||||||
|
};
|
||||||
|
dependencies = [
|
||||||
|
sources."addressparser-1.0.1"
|
||||||
|
sources."array-indexofobject-0.0.1"
|
||||||
|
sources."core-util-is-1.0.2"
|
||||||
|
sources."inherits-2.0.3"
|
||||||
|
sources."isarray-1.0.0"
|
||||||
|
sources."lodash.assign-4.2.0"
|
||||||
|
sources."lodash.get-4.4.2"
|
||||||
|
sources."lodash.has-4.5.2"
|
||||||
|
sources."lodash.uniq-4.5.0"
|
||||||
|
sources."mri-1.1.0"
|
||||||
|
sources."process-nextick-args-2.0.0"
|
||||||
|
sources."readable-stream-2.3.6"
|
||||||
|
sources."safe-buffer-5.1.1"
|
||||||
|
sources."sax-1.2.4"
|
||||||
|
sources."string_decoder-1.1.1"
|
||||||
|
sources."util-deprecate-1.0.2"
|
||||||
|
];
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "Robust RSS Atom and RDF feed parsing using sax js";
|
||||||
|
homepage = http://github.com/danmactough/node-feedparser;
|
||||||
|
license = "MIT";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
form-data = nodeEnv.buildNodePackage {
|
||||||
|
name = "form-data";
|
||||||
|
packageName = "form-data";
|
||||||
|
version = "2.3.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/form-data/-/form-data-2.3.2.tgz";
|
||||||
|
sha1 = "4970498be604c20c005d4f5c23aecd21d6b49099";
|
||||||
|
};
|
||||||
|
dependencies = [
|
||||||
|
sources."asynckit-0.4.0"
|
||||||
|
sources."combined-stream-1.0.6"
|
||||||
|
sources."delayed-stream-1.0.0"
|
||||||
|
sources."mime-db-1.33.0"
|
||||||
|
sources."mime-types-2.1.18"
|
||||||
|
];
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.";
|
||||||
|
license = "MIT";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
irc = nodeEnv.buildNodePackage {
|
||||||
|
name = "irc";
|
||||||
|
packageName = "irc";
|
||||||
|
version = "0.5.2";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/irc/-/irc-0.5.2.tgz";
|
||||||
|
sha1 = "3714f4768365a96d0b2f776bc91166beb2464bbc";
|
||||||
|
};
|
||||||
|
dependencies = [
|
||||||
|
sources."iconv-2.2.3"
|
||||||
|
sources."irc-colors-1.4.2"
|
||||||
|
sources."nan-2.10.0"
|
||||||
|
sources."node-icu-charset-detector-0.2.0"
|
||||||
|
];
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "An IRC client library for node";
|
||||||
|
homepage = "https://github.com/martynsmith/node-irc#readme";
|
||||||
|
license = "GPL-3.0";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
request = nodeEnv.buildNodePackage {
|
||||||
|
name = "request";
|
||||||
|
packageName = "request";
|
||||||
|
version = "2.85.0";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/request/-/request-2.85.0.tgz";
|
||||||
|
sha512 = "2d3hg10zs5ycnr8prmiwdhacf88fl0x0bi6szs0z2r07zcbk419laixwpjp8sqapbc2ifyyih7p3r60wgr58bmcncz3pqnx523c8zph";
|
||||||
|
};
|
||||||
|
dependencies = [
|
||||||
|
sources."ajv-5.5.2"
|
||||||
|
sources."asn1-0.2.3"
|
||||||
|
sources."assert-plus-1.0.0"
|
||||||
|
sources."asynckit-0.4.0"
|
||||||
|
sources."aws-sign2-0.7.0"
|
||||||
|
sources."aws4-1.6.0"
|
||||||
|
sources."bcrypt-pbkdf-1.0.1"
|
||||||
|
sources."boom-4.3.1"
|
||||||
|
sources."caseless-0.12.0"
|
||||||
|
sources."co-4.6.0"
|
||||||
|
sources."combined-stream-1.0.6"
|
||||||
|
sources."core-util-is-1.0.2"
|
||||||
|
(sources."cryptiles-3.1.2" // {
|
||||||
|
dependencies = [
|
||||||
|
sources."boom-5.2.0"
|
||||||
|
];
|
||||||
|
})
|
||||||
|
sources."dashdash-1.14.1"
|
||||||
|
sources."delayed-stream-1.0.0"
|
||||||
|
sources."ecc-jsbn-0.1.1"
|
||||||
|
sources."extend-3.0.1"
|
||||||
|
sources."extsprintf-1.3.0"
|
||||||
|
sources."fast-deep-equal-1.1.0"
|
||||||
|
sources."fast-json-stable-stringify-2.0.0"
|
||||||
|
sources."forever-agent-0.6.1"
|
||||||
|
sources."form-data-2.3.2"
|
||||||
|
sources."getpass-0.1.7"
|
||||||
|
sources."har-schema-2.0.0"
|
||||||
|
sources."har-validator-5.0.3"
|
||||||
|
sources."hawk-6.0.2"
|
||||||
|
sources."hoek-4.2.1"
|
||||||
|
sources."http-signature-1.2.0"
|
||||||
|
sources."is-typedarray-1.0.0"
|
||||||
|
sources."isstream-0.1.2"
|
||||||
|
sources."jsbn-0.1.1"
|
||||||
|
sources."json-schema-0.2.3"
|
||||||
|
sources."json-schema-traverse-0.3.1"
|
||||||
|
sources."json-stringify-safe-5.0.1"
|
||||||
|
sources."jsprim-1.4.1"
|
||||||
|
sources."mime-db-1.33.0"
|
||||||
|
sources."mime-types-2.1.18"
|
||||||
|
sources."oauth-sign-0.8.2"
|
||||||
|
sources."performance-now-2.1.0"
|
||||||
|
sources."punycode-1.4.1"
|
||||||
|
sources."qs-6.5.1"
|
||||||
|
sources."safe-buffer-5.1.1"
|
||||||
|
sources."sntp-2.1.0"
|
||||||
|
sources."sshpk-1.14.1"
|
||||||
|
sources."stringstream-0.0.5"
|
||||||
|
sources."tough-cookie-2.3.4"
|
||||||
|
sources."tunnel-agent-0.6.0"
|
||||||
|
sources."tweetnacl-0.14.5"
|
||||||
|
sources."uuid-3.2.1"
|
||||||
|
sources."verror-1.10.0"
|
||||||
|
];
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "Simplified HTTP request client.";
|
||||||
|
homepage = "https://github.com/request/request#readme";
|
||||||
|
license = "Apache-2.0";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
shell-quote = nodeEnv.buildNodePackage {
|
||||||
|
name = "shell-quote";
|
||||||
|
packageName = "shell-quote";
|
||||||
|
version = "1.6.1";
|
||||||
|
src = fetchurl {
|
||||||
|
url = "https://registry.npmjs.org/shell-quote/-/shell-quote-1.6.1.tgz";
|
||||||
|
sha1 = "f4781949cce402697127430ea3b3c5476f481767";
|
||||||
|
};
|
||||||
|
dependencies = [
|
||||||
|
sources."array-filter-0.0.1"
|
||||||
|
sources."array-map-0.0.0"
|
||||||
|
sources."array-reduce-0.0.0"
|
||||||
|
sources."jsonify-0.0.0"
|
||||||
|
];
|
||||||
|
buildInputs = globalBuildInputs;
|
||||||
|
meta = {
|
||||||
|
description = "quote and parse shell commands";
|
||||||
|
homepage = "https://github.com/substack/node-shell-quote#readme";
|
||||||
|
license = "MIT";
|
||||||
|
};
|
||||||
|
production = true;
|
||||||
|
bypassCache = true;
|
||||||
|
};
|
||||||
|
}
|
File diff suppressed because it is too large
Load Diff
7
krebs/5pkgs/simple/newsbot-js/pkgs.json
Normal file
7
krebs/5pkgs/simple/newsbot-js/pkgs.json
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
[
|
||||||
|
"feedparser",
|
||||||
|
"form-data",
|
||||||
|
"irc",
|
||||||
|
"request",
|
||||||
|
"shell-quote"
|
||||||
|
]
|
2
krebs/5pkgs/simple/newsbot-js/update.sh
Executable file
2
krebs/5pkgs/simple/newsbot-js/update.sh
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
node2nix -8 -i pkgs.json -c combine.nix
|
||||||
|
rm node-env.nix combine.nix
|
30
krebs/5pkgs/simple/pass-otp/default.nix
Normal file
30
krebs/5pkgs/simple/pass-otp/default.nix
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{ stdenv, fetchFromGitHub, oathToolkit }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "pass-otp-${version}";
|
||||||
|
version = "1.1.0";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "tadfisher";
|
||||||
|
repo = "pass-otp";
|
||||||
|
rev = "v${version}";
|
||||||
|
sha256 = "1cgj4zc8fq88n3h6c0vkv9i5al785mdprpgpbv5m22dz9p1wqvbb";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [ oathToolkit ];
|
||||||
|
|
||||||
|
patchPhase = ''
|
||||||
|
sed -i -e 's|OATH=\$(which oathtool)|OATH=${oathToolkit}/bin/oathtool|' otp.bash
|
||||||
|
'';
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
make PREFIX=$out install
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "A pass extension for managing one-time-password (OTP) tokens";
|
||||||
|
homepage = https://github.com/tadfisher/pass-otp;
|
||||||
|
license = licenses.gpl3;
|
||||||
|
maintainers = with maintainers; [ jwiegley tadfisher ];
|
||||||
|
platforms = platforms.unix;
|
||||||
|
};
|
||||||
|
}
|
121
krebs/5pkgs/simple/pass/default.nix
Normal file
121
krebs/5pkgs/simple/pass/default.nix
Normal file
@ -0,0 +1,121 @@
|
|||||||
|
{ stdenv, lib, fetchurl, fetchFromGitHub
|
||||||
|
, coreutils, gnused, getopt, git, tree, gnupg, which, procps, qrencode
|
||||||
|
, makeWrapper
|
||||||
|
|
||||||
|
, pass-otp
|
||||||
|
|
||||||
|
, xclip ? null, xdotool ? null, dmenu ? null
|
||||||
|
, x11Support ? !stdenv.isDarwin
|
||||||
|
, tombPluginSupport ? false, tomb
|
||||||
|
}:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
assert x11Support -> xclip != null
|
||||||
|
&& xdotool != null
|
||||||
|
&& dmenu != null;
|
||||||
|
|
||||||
|
let
|
||||||
|
plugins = map (p: (fetchFromGitHub {
|
||||||
|
owner = "roddhjav";
|
||||||
|
repo = "pass-${p.name}";
|
||||||
|
inherit (p) rev sha256;
|
||||||
|
}))
|
||||||
|
([
|
||||||
|
{ name = "import";
|
||||||
|
rev = "491935bd275f29ceac2b876b3a288011d1ce31e7";
|
||||||
|
sha256 = "02mbh05ab8h7kc30hz718d1d1vkjz43b96c7p0xnd92610d2q66q"; }
|
||||||
|
{ name = "update";
|
||||||
|
rev = "cf576c9036fd18efb9ed29e0e9f811207b556fde";
|
||||||
|
sha256 = "1hhbrg6a2walrvla6q4cd3pgrqbcrf9brzjkb748735shxfn52hd"; }
|
||||||
|
] ++ stdenv.lib.optional tombPluginSupport {
|
||||||
|
name = "tomb";
|
||||||
|
rev = "3368134898a42c1b758fabac625ec240e125c6be";
|
||||||
|
sha256 = "0qqmxfg4w3r088qhlkhs44036mya82vjflsjjhw2hk8y0wd2i6ds"; }
|
||||||
|
);
|
||||||
|
|
||||||
|
in stdenv.mkDerivation rec {
|
||||||
|
version = "1.7.1";
|
||||||
|
name = "pass-${version}";
|
||||||
|
|
||||||
|
src = fetchurl {
|
||||||
|
url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz";
|
||||||
|
sha256 = "0scqkpll2q8jhzcgcsh9kqz0gwdpvynivqjmmbzax2irjfaiklpn";
|
||||||
|
};
|
||||||
|
|
||||||
|
patches = [ ./set-correct-program-name-for-sleep.patch
|
||||||
|
] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch;
|
||||||
|
|
||||||
|
nativeBuildInputs = [ makeWrapper ];
|
||||||
|
|
||||||
|
installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ];
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
# plugins
|
||||||
|
${stdenv.lib.concatStringsSep "\n" (map (plugin: ''
|
||||||
|
pushd ${plugin}
|
||||||
|
PREFIX=$out make install
|
||||||
|
popd
|
||||||
|
'') plugins)}
|
||||||
|
|
||||||
|
ln -s \
|
||||||
|
${pass-otp}/lib/password-store/extensions/otp.bash \
|
||||||
|
$out/lib/password-store/extensions/
|
||||||
|
|
||||||
|
ln -s \
|
||||||
|
${pass-otp}/share/man/man1/pass-otp.1.gz \
|
||||||
|
$out/share/man/man1/
|
||||||
|
|
||||||
|
# Install Emacs Mode. NOTE: We can't install the necessary
|
||||||
|
# dependencies (s.el and f.el) here. The user has to do this
|
||||||
|
# himself.
|
||||||
|
mkdir -p "$out/share/emacs/site-lisp"
|
||||||
|
cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/"
|
||||||
|
'' + optionalString x11Support ''
|
||||||
|
cp "contrib/dmenu/passmenu" "$out/bin/"
|
||||||
|
'';
|
||||||
|
|
||||||
|
wrapperPath = with stdenv.lib; makeBinPath ([
|
||||||
|
coreutils
|
||||||
|
getopt
|
||||||
|
git
|
||||||
|
gnupg
|
||||||
|
gnused
|
||||||
|
tree
|
||||||
|
which
|
||||||
|
qrencode
|
||||||
|
] ++ optional tombPluginSupport tomb
|
||||||
|
++ optional stdenv.isLinux procps
|
||||||
|
++ ifEnable x11Support [ dmenu xclip xdotool ]);
|
||||||
|
|
||||||
|
postFixup = ''
|
||||||
|
# Fix program name in --help
|
||||||
|
substituteInPlace $out/bin/pass \
|
||||||
|
--replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass"
|
||||||
|
|
||||||
|
# Ensure all dependencies are in PATH
|
||||||
|
wrapProgram $out/bin/pass \
|
||||||
|
--prefix PATH : "${wrapperPath}"
|
||||||
|
'' + stdenv.lib.optionalString x11Support ''
|
||||||
|
# We just wrap passmenu with the same PATH as pass. It doesn't
|
||||||
|
# need all the tools in there but it doesn't hurt either.
|
||||||
|
wrapProgram $out/bin/passmenu \
|
||||||
|
--prefix PATH : "$out/bin:${wrapperPath}"
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with stdenv.lib; {
|
||||||
|
description = "Stores, retrieves, generates, and synchronizes passwords securely";
|
||||||
|
homepage = https://www.passwordstore.org/;
|
||||||
|
license = licenses.gpl2Plus;
|
||||||
|
maintainers = with maintainers; [ lovek323 the-kenny fpletz ];
|
||||||
|
platforms = platforms.unix;
|
||||||
|
|
||||||
|
longDescription = ''
|
||||||
|
pass is a very simple password store that keeps passwords inside gpg2
|
||||||
|
encrypted files inside a simple directory tree residing at
|
||||||
|
~/.password-store. The pass utility provides a series of commands for
|
||||||
|
manipulating the password store, allowing the user to add, remove, edit,
|
||||||
|
synchronize, generate, and manipulate passwords.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
9
krebs/5pkgs/simple/pass/no-darwin-getopt.patch
Normal file
9
krebs/5pkgs/simple/pass/no-darwin-getopt.patch
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh
|
||||||
|
--- password-store-1.6.5-orig/src/platform/darwin.sh 2015-01-28 16:43:02.000000000 +0000
|
||||||
|
+++ password-store-1.6.5/src/platform/darwin.sh 2015-02-15 16:09:02.000000000 +0000
|
||||||
|
@@ -31,5 +31,4 @@
|
||||||
|
mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk."
|
||||||
|
}
|
||||||
|
|
||||||
|
-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt"
|
||||||
|
SHRED="srm -f -z"
|
57
krebs/5pkgs/simple/pass/rofi-pass.nix
Normal file
57
krebs/5pkgs/simple/pass/rofi-pass.nix
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
{ stdenv, fetchFromGitHub, pass, rofi, coreutils, utillinux, xdotool, gnugrep
|
||||||
|
, libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper
|
||||||
|
}:
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "rofi-pass-${version}";
|
||||||
|
version = "1.5.3";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "carnager";
|
||||||
|
repo = "rofi-pass";
|
||||||
|
rev = version;
|
||||||
|
sha256 = "1fn1j2rf3abc5qb44zfc8z8ffw6rva4xfp7597hwr1g3szacazpq";
|
||||||
|
};
|
||||||
|
|
||||||
|
buildInputs = [ makeWrapper ];
|
||||||
|
|
||||||
|
dontBuild = true;
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/bin
|
||||||
|
cp -a rofi-pass $out/bin/rofi-pass
|
||||||
|
|
||||||
|
mkdir -p $out/share/doc/rofi-pass/
|
||||||
|
cp -a config.example $out/share/doc/rofi-pass/config.example
|
||||||
|
'';
|
||||||
|
|
||||||
|
wrapperPath = with stdenv.lib; makeBinPath [
|
||||||
|
coreutils
|
||||||
|
findutils
|
||||||
|
gawk
|
||||||
|
gnugrep
|
||||||
|
gnused
|
||||||
|
libnotify
|
||||||
|
pass
|
||||||
|
pwgen
|
||||||
|
rofi
|
||||||
|
utillinux
|
||||||
|
xclip
|
||||||
|
xdotool
|
||||||
|
];
|
||||||
|
|
||||||
|
fixupPhase = ''
|
||||||
|
patchShebangs $out/bin
|
||||||
|
|
||||||
|
wrapProgram $out/bin/rofi-pass \
|
||||||
|
--prefix PATH : "${wrapperPath}"
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "A script to make rofi work with password-store";
|
||||||
|
homepage = https://github.com/carnager/rofi-pass;
|
||||||
|
maintainers = with stdenv.lib.maintainers; [ the-kenny garbas ];
|
||||||
|
license = stdenv.lib.licenses.gpl3;
|
||||||
|
platforms = with stdenv.lib.platforms; linux;
|
||||||
|
};
|
||||||
|
}
|
@ -0,0 +1,69 @@
|
|||||||
|
From 25b44e00ed5df8ffe2782d38ad5cd9f514379599 Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Andrew R. M" <andrewmiller237@gmail.com>
|
||||||
|
Date: Sat, 8 Apr 2017 13:50:01 -0400
|
||||||
|
Subject: [PATCH] Patch the clip() function to work even when using
|
||||||
|
single-binary coreutils
|
||||||
|
|
||||||
|
---
|
||||||
|
src/password-store.sh | 4 ++--
|
||||||
|
src/platform/cygwin.sh | 4 ++--
|
||||||
|
src/platform/darwin.sh | 4 ++--
|
||||||
|
3 files changed, 6 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/password-store.sh b/src/password-store.sh
|
||||||
|
index 6a4172d..4dbd6b8 100755
|
||||||
|
--- a/src/password-store.sh
|
||||||
|
+++ b/src/password-store.sh
|
||||||
|
@@ -155,11 +155,11 @@ clip() {
|
||||||
|
# variable. Specifically, it cannot store nulls nor (non-trivally) store
|
||||||
|
# trailing new lines.
|
||||||
|
local sleep_argv0="password store sleep on display $DISPLAY"
|
||||||
|
- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
|
||||||
|
+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
|
||||||
|
local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)"
|
||||||
|
echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard"
|
||||||
|
(
|
||||||
|
- ( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" )
|
||||||
|
+ ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") )
|
||||||
|
local now="$(xclip -o -selection "$X_SELECTION" | base64)"
|
||||||
|
[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
|
||||||
|
|
||||||
|
diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh
|
||||||
|
index 6e5dd86..f3574c4 100644
|
||||||
|
--- a/src/platform/cygwin.sh
|
||||||
|
+++ b/src/platform/cygwin.sh
|
||||||
|
@@ -3,11 +3,11 @@
|
||||||
|
|
||||||
|
clip() {
|
||||||
|
local sleep_argv0="password store sleep on display $DISPLAY"
|
||||||
|
- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
|
||||||
|
+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
|
||||||
|
local before="$(base64 < /dev/clipboard)"
|
||||||
|
echo -n "$1" > /dev/clipboard
|
||||||
|
(
|
||||||
|
- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
|
||||||
|
+ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
|
||||||
|
local now="$(base64 < /dev/clipboard)"
|
||||||
|
[[ $now != $(echo -n "$1" | base64) ]] && before="$now"
|
||||||
|
echo "$before" | base64 -d > /dev/clipboard
|
||||||
|
diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh
|
||||||
|
index 86eb325..deb04c4 100644
|
||||||
|
--- a/src/platform/darwin.sh
|
||||||
|
+++ b/src/platform/darwin.sh
|
||||||
|
@@ -3,11 +3,11 @@
|
||||||
|
|
||||||
|
clip() {
|
||||||
|
local sleep_argv0="password store sleep for user $(id -u)"
|
||||||
|
- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5
|
||||||
|
+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5
|
||||||
|
local before="$(pbpaste | openssl base64)"
|
||||||
|
echo -n "$1" | pbcopy
|
||||||
|
(
|
||||||
|
- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" )
|
||||||
|
+ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") )
|
||||||
|
local now="$(pbpaste | openssl base64)"
|
||||||
|
[[ $now != $(echo -n "$1" | openssl base64) ]] && before="$now"
|
||||||
|
echo "$before" | openssl base64 -d | pbcopy
|
||||||
|
--
|
||||||
|
2.12.2
|
||||||
|
|
@ -1,36 +0,0 @@
|
|||||||
{ writeDashBin }:
|
|
||||||
|
|
||||||
writeDashBin "pssh" ''
|
|
||||||
set -efu
|
|
||||||
case ''${1-} in
|
|
||||||
|
|
||||||
# TODO create plog with -o json | jq ... | map date
|
|
||||||
|
|
||||||
# usage: pssh {-j,--journal} host...
|
|
||||||
# Follow journal at each host.
|
|
||||||
-j|--journal)
|
|
||||||
shift
|
|
||||||
"$0" journalctl -n0 -ocat --follow --all ::: "$@" \
|
|
||||||
| while read line; do
|
|
||||||
printf '%s %s\n' "$(date --rfc-3339=s)" "$line"
|
|
||||||
done
|
|
||||||
;;
|
|
||||||
|
|
||||||
-*)
|
|
||||||
echo $0: unknown option: $1 >&2
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
|
|
||||||
# usage: pssh command [arg...] ::: host...
|
|
||||||
# Run command at each host.
|
|
||||||
*)
|
|
||||||
exec parallel \
|
|
||||||
--line-buffer \
|
|
||||||
-j0 \
|
|
||||||
--no-notice \
|
|
||||||
--tagstring {} \
|
|
||||||
ssh -T {} "$@"
|
|
||||||
;;
|
|
||||||
|
|
||||||
esac
|
|
||||||
''
|
|
@ -9,7 +9,6 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
cmds.deploy = pkgs.withGetopt {
|
cmds.deploy = pkgs.withGetopt {
|
||||||
diff = { default = /* sh */ "false"; switch = true; };
|
|
||||||
force-populate = { default = /* sh */ "false"; switch = true; };
|
force-populate = { default = /* sh */ "false"; switch = true; };
|
||||||
quiet = { default = /* sh */ "false"; switch = true; };
|
quiet = { default = /* sh */ "false"; switch = true; };
|
||||||
source_file = {
|
source_file = {
|
||||||
@ -25,65 +24,6 @@
|
|||||||
. ${init.env}
|
. ${init.env}
|
||||||
. ${init.proxy "deploy" opts}
|
. ${init.proxy "deploy" opts}
|
||||||
|
|
||||||
if \test ${opts.diff.ref} = true; then
|
|
||||||
|
|
||||||
system_profile=/nix/var/nix/profiles/system
|
|
||||||
system_drv_cur=/etc/system.drv
|
|
||||||
|
|
||||||
system_drv_new=$(
|
|
||||||
${pkgs.nix}/bin/nix-instantiate \
|
|
||||||
-Q \
|
|
||||||
-I "$target_path" \
|
|
||||||
-E '
|
|
||||||
(import <nixpkgs/nixos/lib/eval-config.nix> {
|
|
||||||
modules = [ <nixos-config> ];
|
|
||||||
}).config.system.build.toplevel
|
|
||||||
'
|
|
||||||
)
|
|
||||||
|
|
||||||
if \test -e "$system_drv_cur"; then
|
|
||||||
|
|
||||||
system_drv_cur_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_cur")
|
|
||||||
system_drv_new_c=$(${pkgs.coreutils}/bin/readlink -f "$system_drv_new")
|
|
||||||
|
|
||||||
if \test "$system_drv_cur_c" = "$system_drv_new_c"; then
|
|
||||||
echo "$0: system up to date" >&2
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
system_drv_cur=$system_drv_cur_c \
|
|
||||||
system_drv_new=$system_drv_new_c \
|
|
||||||
${pkgs.utillinux}/bin/script \
|
|
||||||
--command '
|
|
||||||
${pkgs.haskellPackages.nix-diff}/bin/nix-diff \
|
|
||||||
"$system_drv_cur" "$system_drv_new"
|
|
||||||
' \
|
|
||||||
--quiet \
|
|
||||||
--return \
|
|
||||||
/dev/null
|
|
||||||
|
|
||||||
printf 'deploy? [N/y] ' >&2
|
|
||||||
read -r REPLY
|
|
||||||
if \test "$REPLY" != y; then
|
|
||||||
echo "$0: abort!" >&2
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
echo "$0: --${opts.diff.long} has no effect because "$system_drv_cur" doesn't exist" >&2
|
|
||||||
fi
|
|
||||||
|
|
||||||
new_system=$(${pkgs.nix}/bin/nix-store --realize "$system_drv_new")
|
|
||||||
|
|
||||||
${pkgs.nix}/bin/nix-env -p "$system_profile" --set "$new_system"
|
|
||||||
PATH=${lib.makeBinPath [
|
|
||||||
pkgs.systemd
|
|
||||||
]} \
|
|
||||||
"$system_profile"/bin/switch-to-configuration switch
|
|
||||||
|
|
||||||
${pkgs.coreutils}/bin/ln -fns "$system_drv_new" "$system_drv_cur"
|
|
||||||
exit
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Use system's nixos-rebuild, which is not self-contained
|
# Use system's nixos-rebuild, which is not self-contained
|
||||||
export PATH=/run/current-system/sw/bin
|
export PATH=/run/current-system/sw/bin
|
||||||
exec ${utils.with-whatsupnix} \
|
exec ${utils.with-whatsupnix} \
|
||||||
|
@ -1,15 +0,0 @@
|
|||||||
diff --git a/hier.c b/hier.c
|
|
||||||
index 5663ada..1d73b84 100644
|
|
||||||
--- a/hier.c
|
|
||||||
+++ b/hier.c
|
|
||||||
@@ -2,8 +2,8 @@
|
|
||||||
|
|
||||||
void hier()
|
|
||||||
{
|
|
||||||
- h(auto_home,-1,-1,02755);
|
|
||||||
- d(auto_home,"bin",-1,-1,02755);
|
|
||||||
+ h(auto_home,-1,-1,0755);
|
|
||||||
+ d(auto_home,"bin",-1,-1,0755);
|
|
||||||
|
|
||||||
c(auto_home,"bin","tcpserver",-1,-1,0755);
|
|
||||||
c(auto_home,"bin","tcprules",-1,-1,0755);
|
|
@ -1,86 +0,0 @@
|
|||||||
{ stdenv, fetchurl }:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "ucspi-tcp-0.88";
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "http://cr.yp.to/ucspi-tcp/${name}.tar.gz";
|
|
||||||
sha256 = "171yl9kfm8w7l17dfxild99mbf877a9k5zg8yysgb1j8nz51a1ja";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Plain upstream tarball doesn't build, get patches from Debian
|
|
||||||
patches = [
|
|
||||||
(fetchurl {
|
|
||||||
url = "http://ftp.de.debian.org/debian/pool/main/u/ucspi-tcp/ucspi-tcp_0.88-3.diff.gz";
|
|
||||||
sha256 = "0mzmhz8hjkrs0khmkzs5i0s1kgmgaqz07h493bd5jj5fm5njxln6";
|
|
||||||
})
|
|
||||||
./chmod.patch
|
|
||||||
];
|
|
||||||
|
|
||||||
# Apply Debian patches
|
|
||||||
postPatch = ''
|
|
||||||
for fname in debian/diff/*.diff; do
|
|
||||||
echo "Applying patch $fname"
|
|
||||||
patch < "$fname"
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
|
|
||||||
# The build system is weird; 'make install' doesn't install anything, instead
|
|
||||||
# it builds an executable called ./install (from C code) which installs
|
|
||||||
# binaries to the directory given on line 1 in ./conf-home.
|
|
||||||
#
|
|
||||||
# Also, assume getgroups and setgroups work, instead of doing a build time
|
|
||||||
# test that breaks on NixOS (I think because nixbld users lack CAP_SETGID
|
|
||||||
# capability).
|
|
||||||
preBuild = ''
|
|
||||||
echo "$out" > conf-home
|
|
||||||
|
|
||||||
echo "main() { return 0; }" > chkshsgr.c
|
|
||||||
'';
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p "$out/bin"
|
|
||||||
mkdir -p "$out/share/man/man1"
|
|
||||||
|
|
||||||
# run the newly built installer
|
|
||||||
./install
|
|
||||||
|
|
||||||
# Install Debian man pages (upstream has none)
|
|
||||||
cp debian/ucspi-tcp-man/*.1 "$out/share/man/man1"
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
|
||||||
description = "Command-line tools for building TCP client-server applications";
|
|
||||||
longDescription = ''
|
|
||||||
tcpserver waits for incoming connections and, for each connection, runs a
|
|
||||||
program of your choice. Your program receives environment variables
|
|
||||||
showing the local and remote host names, IP addresses, and port numbers.
|
|
||||||
|
|
||||||
tcpserver offers a concurrency limit to protect you from running out of
|
|
||||||
processes and memory. When you are handling 40 (by default) simultaneous
|
|
||||||
connections, tcpserver smoothly defers acceptance of new connections.
|
|
||||||
|
|
||||||
tcpserver also provides TCP access control features, similar to
|
|
||||||
tcp-wrappers/tcpd's hosts.allow but much faster. Its access control rules
|
|
||||||
are compiled into a hashed format with cdb, so it can easily deal with
|
|
||||||
thousands of different hosts.
|
|
||||||
|
|
||||||
This package includes a recordio tool that monitors all the input and
|
|
||||||
output of a server.
|
|
||||||
|
|
||||||
tcpclient makes a TCP connection and runs a program of your choice. It
|
|
||||||
sets up the same environment variables as tcpserver.
|
|
||||||
|
|
||||||
This package includes several sample clients built on top of tcpclient:
|
|
||||||
who@, date@, finger@, http@, tcpcat, and mconnect.
|
|
||||||
|
|
||||||
tcpserver and tcpclient conform to UCSPI, the UNIX Client-Server Program
|
|
||||||
Interface, using the TCP protocol. UCSPI tools are available for several
|
|
||||||
different networks.
|
|
||||||
'';
|
|
||||||
homepage = http://cr.yp.to/ucspi-tcp.html;
|
|
||||||
license = licenses.publicDomain;
|
|
||||||
platforms = platforms.linux;
|
|
||||||
maintainers = [ maintainers.bjornfor ];
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,29 +0,0 @@
|
|||||||
{ stdenv, fetchFromGitHub, python3Packages }:
|
|
||||||
|
|
||||||
python3Packages.buildPythonApplication rec {
|
|
||||||
name = "urlwatch-${version}";
|
|
||||||
version = "2.8";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "thp";
|
|
||||||
repo = "urlwatch";
|
|
||||||
rev = version;
|
|
||||||
sha256 = "1nja7n6pc45azd3l1xyvav89855lvcgwabrvf34rps81dbl8cnl4";
|
|
||||||
};
|
|
||||||
|
|
||||||
propagatedBuildInputs = with python3Packages; [
|
|
||||||
appdirs
|
|
||||||
keyring
|
|
||||||
minidb
|
|
||||||
pycodestyle
|
|
||||||
pyyaml
|
|
||||||
requests
|
|
||||||
];
|
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
|
||||||
description = "A tool for monitoring webpages for updates";
|
|
||||||
homepage = https://thp.io/2008/urlwatch/;
|
|
||||||
license = licenses.bsd3;
|
|
||||||
maintainers = with maintainers; [ tv ];
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,83 +0,0 @@
|
|||||||
{ stdenv
|
|
||||||
, atk
|
|
||||||
, bzip2
|
|
||||||
, cairo
|
|
||||||
, fetchurl
|
|
||||||
, fluidsynth
|
|
||||||
, fontconfig
|
|
||||||
, freetype
|
|
||||||
, gdk_pixbuf
|
|
||||||
, glib
|
|
||||||
, gtk2
|
|
||||||
, libjpeg_turbo
|
|
||||||
, mesa_glu
|
|
||||||
, mesa_noglu
|
|
||||||
, openssl
|
|
||||||
, pango
|
|
||||||
, SDL
|
|
||||||
, zlib
|
|
||||||
, makeWrapper
|
|
||||||
}:
|
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
|
||||||
name = "zandronum-3.0";
|
|
||||||
|
|
||||||
src = fetchurl {
|
|
||||||
url = "http://zandronum.com/downloads/testing/3.0/ZandroDev3.0-170205-2117linux-x86_64.tar.bz2";
|
|
||||||
sha256 = "17vrzk0m5b17sp3sqcg57r7812ma97lp3qxn9hmd39fwl1z40fz3";
|
|
||||||
};
|
|
||||||
|
|
||||||
libPath = stdenv.lib.makeLibraryPath [
|
|
||||||
atk
|
|
||||||
bzip2
|
|
||||||
cairo
|
|
||||||
fluidsynth
|
|
||||||
fontconfig
|
|
||||||
freetype
|
|
||||||
gdk_pixbuf
|
|
||||||
glib
|
|
||||||
gtk2
|
|
||||||
libjpeg_turbo
|
|
||||||
mesa_glu
|
|
||||||
mesa_noglu
|
|
||||||
openssl
|
|
||||||
pango
|
|
||||||
SDL
|
|
||||||
stdenv.cc.cc
|
|
||||||
zlib
|
|
||||||
];
|
|
||||||
|
|
||||||
nativeBuildInputs = [ makeWrapper ];
|
|
||||||
|
|
||||||
phases = [ "unpackPhase" "installPhase" ];
|
|
||||||
|
|
||||||
sourceRoot = ".";
|
|
||||||
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/bin
|
|
||||||
mkdir -p $out/share/zandronum
|
|
||||||
cp *.so *.pk3 zandronum zandronum-server $out/share/zandronum
|
|
||||||
|
|
||||||
patchelf \
|
|
||||||
--set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \
|
|
||||||
--set-rpath $libPath:$out/share/zandronum \
|
|
||||||
$out/share/zandronum/zandronum
|
|
||||||
patchelf \
|
|
||||||
--set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \
|
|
||||||
--set-rpath $libPath \
|
|
||||||
$out/share/zandronum/zandronum-server
|
|
||||||
|
|
||||||
# If we don't set absolute argv0, zandronum.wad file is not found.
|
|
||||||
makeWrapper $out/share/zandronum/zandronum $out/bin/zandronum
|
|
||||||
makeWrapper $out/share/zandronum/zandronum-server $out/bin/zandronum-server
|
|
||||||
'';
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
homepage = http://zandronum.com/;
|
|
||||||
description = "Multiplayer oriented port, based off Skulltag, for Doom and Doom II by id Software. Binary version for online play";
|
|
||||||
maintainers = [ stdenv.lib.maintainers.lassulus ];
|
|
||||||
# Binary version has different version string than source code version.
|
|
||||||
license = stdenv.lib.licenses.unfreeRedistributable;
|
|
||||||
platforms = [ "x86_64-linux" ];
|
|
||||||
};
|
|
||||||
}
|
|
@ -57,7 +57,8 @@ with import <stockholm/lib>;
|
|||||||
passAsFile = [ "text" ];
|
passAsFile = [ "text" ];
|
||||||
} /* sh */ ''
|
} /* sh */ ''
|
||||||
PATH=${makeBinPath (with pkgs; [
|
PATH=${makeBinPath (with pkgs; [
|
||||||
binutils
|
# TODO remove if everyone migrated to 18.03
|
||||||
|
(if hasAttr "binutils-unwrapped" pkgs then binutils-unwrapped else binutils)
|
||||||
coreutils
|
coreutils
|
||||||
gcc
|
gcc
|
||||||
])}
|
])}
|
||||||
|
64
krebs/kops.nix
Normal file
64
krebs/kops.nix
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
{ name }: rec {
|
||||||
|
|
||||||
|
kops = (import <nixpkgs> {}).fetchgit {
|
||||||
|
url = https://cgit.krebsco.de/kops/;
|
||||||
|
rev = "e89cf20d4310070a877c2e24a287659546b561c9";
|
||||||
|
sha256 = "0wg8d80sxa46z4i7ir79sci2hwmv3qskzqdg0si64p6vazy8vckb";
|
||||||
|
};
|
||||||
|
|
||||||
|
lib = import "${kops}/lib";
|
||||||
|
|
||||||
|
# TODO document why pkgs should be used like this
|
||||||
|
pkgs = import "${kops}/pkgs" {};
|
||||||
|
|
||||||
|
krebs-source = {
|
||||||
|
nixpkgs.git = {
|
||||||
|
ref = "b50443b5c4ac0f382c49352a892b9d5d970eb4e7";
|
||||||
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
|
};
|
||||||
|
stockholm.file = toString ../.;
|
||||||
|
stockholm-version.pipe = toString (pkgs.writeDash "${name}-version" ''
|
||||||
|
set -efu
|
||||||
|
cd $HOME/stockholm
|
||||||
|
V=$(${pkgs.coreutils}/bin/date +%y.%m)
|
||||||
|
if test -d .git; then
|
||||||
|
V=$V.git.$(${pkgs.git}/bin/git describe --always --dirty)
|
||||||
|
case $V in (*-dirty)
|
||||||
|
V=$V@''${HOSTNAME-$(${pkgs.nettools}/bin/hostname)}
|
||||||
|
esac
|
||||||
|
fi
|
||||||
|
printf %s "$V"
|
||||||
|
'');
|
||||||
|
};
|
||||||
|
|
||||||
|
source ={ test }: lib.evalSource [
|
||||||
|
krebs-source
|
||||||
|
{
|
||||||
|
nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix";
|
||||||
|
secrets =
|
||||||
|
if test
|
||||||
|
then {
|
||||||
|
file = toString <stockholm/krebs/6tests/data/secrets>;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
pass = {
|
||||||
|
dir = "${lib.getEnv "HOME"}/brain";
|
||||||
|
name = "krebs-secrets/${name}";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
||||||
|
deploy = pkgs.kops.writeDeploy "${name}-deploy" {
|
||||||
|
source = source { test = false; };
|
||||||
|
target = "root@${name}/var/src";
|
||||||
|
};
|
||||||
|
|
||||||
|
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A test)
|
||||||
|
test = pkgs.kops.writeTest "${name}-test" {
|
||||||
|
source = source { test = true; };
|
||||||
|
target = "${lib.getEnv "HOME"}/tmp/${name}-kops-test-src";
|
||||||
|
};
|
||||||
|
}
|
@ -22,10 +22,7 @@ in
|
|||||||
};
|
};
|
||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
stockholm-version.pipe = "${pkgs.stockholm}/bin/get-version";
|
||||||
nixpkgs.git = {
|
nixpkgs = (import ./kops.nix { name = ""; }).krebs-source.nixpkgs;
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
|
||||||
ref = "c5bc83b503dfb29eb27c1deb0268f15c1858e7ce"; # nixos-17.09 @ 2018-02-27
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
override
|
override
|
||||||
]
|
]
|
||||||
|
34
lass/1systems/cabal/config.nix
Normal file
34
lass/1systems/cabal/config.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/lass>
|
||||||
|
<stockholm/lass/2configs/hw/x220.nix>
|
||||||
|
<stockholm/lass/2configs/boot/stock-x220.nix>
|
||||||
|
|
||||||
|
<stockholm/lass/2configs/mouse.nix>
|
||||||
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
|
<stockholm/lass/2configs/programs.nix>
|
||||||
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
|
<stockholm/lass/2configs/games.nix>
|
||||||
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.cabal;
|
||||||
|
|
||||||
|
#fileSystems = {
|
||||||
|
# "/bku" = {
|
||||||
|
# device = "/dev/mapper/pool-bku";
|
||||||
|
# fsType = "btrfs";
|
||||||
|
# options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
||||||
|
# };
|
||||||
|
#};
|
||||||
|
|
||||||
|
#services.udev.extraRules = ''
|
||||||
|
# SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0"
|
||||||
|
# SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
|
||||||
|
#'';
|
||||||
|
}
|
4
lass/1systems/cabal/source.nix
Normal file
4
lass/1systems/cabal/source.nix
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
import <stockholm/lass/source.nix> {
|
||||||
|
name = "cabal";
|
||||||
|
secure = true;
|
||||||
|
}
|
@ -8,9 +8,9 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/boot/coreboot.nix>
|
<stockholm/lass/2configs/boot/coreboot.nix>
|
||||||
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/backups.nix>
|
|
||||||
<stockholm/lass/2configs/games.nix>
|
<stockholm/lass/2configs/games.nix>
|
||||||
<stockholm/lass/2configs/steam.nix>
|
<stockholm/lass/2configs/steam.nix>
|
||||||
|
<stockholm/lass/2configs/backup.nix>
|
||||||
{
|
{
|
||||||
# bubsy config
|
# bubsy config
|
||||||
users.users.bubsy = {
|
users.users.bubsy = {
|
||||||
|
@ -1,50 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
inherit (import <stockholm/lass/4lib> { inherit pkgs lib; }) getDefaultGateway;
|
|
||||||
ip = config.krebs.build.host.nets.internet.ip4.addr;
|
|
||||||
in {
|
|
||||||
imports = [
|
|
||||||
<stockholm/lass>
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/os-templates/CAC-CentOS-7-64bit.nix>
|
|
||||||
<stockholm/lass/2configs/exim-retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/privoxy-retiolum.nix>
|
|
||||||
<stockholm/lass/2configs/git.nix>
|
|
||||||
{
|
|
||||||
networking.interfaces.enp2s1.ip4 = [
|
|
||||||
{
|
|
||||||
address = ip;
|
|
||||||
prefixLength = 24;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
networking.defaultGateway = getDefaultGateway ip;
|
|
||||||
networking.nameservers = [
|
|
||||||
"8.8.8.8"
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
||||||
{
|
|
||||||
sound.enable = false;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
users.extraUsers = {
|
|
||||||
satan = {
|
|
||||||
name = "satan";
|
|
||||||
uid = 1338;
|
|
||||||
home = "/home/satan";
|
|
||||||
group = "users";
|
|
||||||
createHome = true;
|
|
||||||
useDefaultShell = true;
|
|
||||||
extraGroups = [
|
|
||||||
];
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+l3ajjOd80uJBM8oHO9HRbtA5hK6hvrpxxnk7qWW7OloT9IXcoM8bbON755vK0O6XyxZo1JZ1SZ7QIaOREGVIRDjcbJbqD3O+nImc6Rzxnrz7hvE+tuav9Yylwcw5HeQi82UIMGTEAwMHwLvsW6R/xyMCuOTbbzo9Ib8vlJ8IPDECY/05RhL7ZYFR0fdphI7jq7PobnO8WEpCZDhMvSYjO9jf3ac53wyghT3gH7AN0cxTR9qgQlPHhTbw+nZEI0sUKtrIhjfVE80wgK3NQXZZj7YAplRs/hYwSi7i8V0+8CBt2epc/5RKnJdDHFQnaTENq9kYQPOpUCP6YUwQIo8X nineinchnade@gmail.com"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.echelon;
|
|
||||||
}
|
|
@ -17,6 +17,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/dcso-dev.nix>
|
<stockholm/lass/2configs/dcso-dev.nix>
|
||||||
<stockholm/lass/2configs/steam.nix>
|
<stockholm/lass/2configs/steam.nix>
|
||||||
<stockholm/lass/2configs/rtl-sdr.nix>
|
<stockholm/lass/2configs/rtl-sdr.nix>
|
||||||
|
<stockholm/lass/2configs/backup.nix>
|
||||||
{ # automatic hardware detection
|
{ # automatic hardware detection
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
@ -131,7 +132,7 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
|
|
||||||
services.xserver.displayManager.sessionCommands = ''
|
services.xserver.displayManager.sessionCommands = ''
|
||||||
${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal
|
${pkgs.xorg.xrandr}/bin/xrandr --output DP-6 --off --output DP-5 --off --output DP-4 --mode 2560x1440 --pos 3840x0 --rotate left --output DP-3 --off --output DP-2 --primary --mode 3840x2160 --scale 0.5x0.5 --pos 0x400 --rotate normal --output DP-1 --off --output DP-0 --mode 2560x1440 --pos 5280x1120 --rotate normal
|
||||||
'';
|
'';
|
||||||
|
|
||||||
networking.hostName = lib.mkForce "BLN02NB0162";
|
networking.hostName = lib.mkForce "BLN02NB0162";
|
||||||
@ -168,8 +169,6 @@ with import <stockholm/lib>;
|
|||||||
'')
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
|
|
||||||
|
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||||
|
|
||||||
|
@ -14,9 +14,9 @@
|
|||||||
<stockholm/lass/2configs/browsers.nix>
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
<stockholm/lass/2configs/programs.nix>
|
<stockholm/lass/2configs/programs.nix>
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/backups.nix>
|
|
||||||
<stockholm/lass/2configs/games.nix>
|
<stockholm/lass/2configs/games.nix>
|
||||||
<stockholm/lass/2configs/bitcoin.nix>
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
|
<stockholm/lass/2configs/backup.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.icarus;
|
krebs.build.host = config.krebs.hosts.icarus;
|
||||||
|
@ -8,7 +8,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/boot/stock-x220.nix>
|
<stockholm/lass/2configs/boot/stock-x220.nix>
|
||||||
|
|
||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
<stockholm/lass/2configs/backups.nix>
|
<stockholm/lass/2configs/backup.nix>
|
||||||
<stockholm/lass/2configs/steam.nix>
|
<stockholm/lass/2configs/steam.nix>
|
||||||
{
|
{
|
||||||
users.users.blacky = {
|
users.users.blacky = {
|
||||||
|
@ -33,6 +33,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/ableton.nix>
|
<stockholm/lass/2configs/ableton.nix>
|
||||||
<stockholm/lass/2configs/dunst.nix>
|
<stockholm/lass/2configs/dunst.nix>
|
||||||
<stockholm/lass/2configs/rtl-sdr.nix>
|
<stockholm/lass/2configs/rtl-sdr.nix>
|
||||||
|
<stockholm/lass/2configs/backup.nix>
|
||||||
{
|
{
|
||||||
#risk of rain port
|
#risk of rain port
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
@ -140,6 +141,18 @@ with import <stockholm/lib>;
|
|||||||
dpass
|
dpass
|
||||||
|
|
||||||
dnsutils
|
dnsutils
|
||||||
|
woeusb
|
||||||
|
l-gen-secrets
|
||||||
|
generate-secrets
|
||||||
|
(pkgs.writeDashBin "btc-coinbase" ''
|
||||||
|
${pkgs.curl}/bin/curl -Ss 'https://api.coinbase.com/v2/prices/spot?currency=EUR' | ${pkgs.jq}/bin/jq '.data.amount'
|
||||||
|
'')
|
||||||
|
(pkgs.writeDashBin "btc-wex" ''
|
||||||
|
${pkgs.curl}/bin/curl -Ss 'https://wex.nz/api/3/ticker/btc_eur' | ${pkgs.jq}/bin/jq '.btc_eur.avg'
|
||||||
|
'')
|
||||||
|
(pkgs.writeDashBin "btc-kraken" ''
|
||||||
|
${pkgs.curl}/bin/curl -Ss 'https://api.kraken.com/0/public/Ticker?pair=BTCEUR' | ${pkgs.jq}/bin/jq '.result.XXBTZEUR.a[0]'
|
||||||
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
#TODO: fix this shit
|
#TODO: fix this shit
|
||||||
@ -167,34 +180,8 @@ with import <stockholm/lib>;
|
|||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
deploy = pkgs.writeDash "deploy" ''
|
deploy = pkgs.writeDash "deploy" ''
|
||||||
set -eu
|
set -eu
|
||||||
export PATH=${makeBinPath [
|
|
||||||
pkgs.bash
|
|
||||||
pkgs.coreutils
|
|
||||||
pkgs.nix
|
|
||||||
(pkgs.writeDashBin "is-git-crypt-locked" ''
|
|
||||||
magic=$(dd status=none if="$1" skip=1 bs=1 count=8)
|
|
||||||
test "$magic" = GITCRYPT
|
|
||||||
'')
|
|
||||||
]}
|
|
||||||
cd ~/stockholm
|
|
||||||
export SYSTEM="$1"
|
export SYSTEM="$1"
|
||||||
if is-git-crypt-locked ~/secrets/ready; then
|
$(nix-build $HOME/stockholm/lass/kops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
|
||||||
echo 'secrets are crypted' >&2
|
|
||||||
exit 23
|
|
||||||
else
|
|
||||||
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="$SYSTEM"'
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
predeploy = pkgs.writeDash "predeploy" ''
|
|
||||||
set -eu
|
|
||||||
export PATH=${makeBinPath [
|
|
||||||
pkgs.bash
|
|
||||||
pkgs.coreutils
|
|
||||||
pkgs.nix
|
|
||||||
]}
|
|
||||||
cd ~/stockholm
|
|
||||||
export SYSTEM="$1"
|
|
||||||
exec nix-shell -I stockholm="$PWD" --run 'test --system="$SYSTEM" --target="$SYSTEM/var/test/" --force-populate'
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -202,4 +189,38 @@ with import <stockholm/lib>;
|
|||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
|
services.redshift = {
|
||||||
|
enable = true;
|
||||||
|
provider = "geoclue2";
|
||||||
|
};
|
||||||
|
|
||||||
|
lass.restic = genAttrs [
|
||||||
|
"daedalus"
|
||||||
|
"icarus"
|
||||||
|
"littleT"
|
||||||
|
"prism"
|
||||||
|
"shodan"
|
||||||
|
"skynet"
|
||||||
|
] (dest: {
|
||||||
|
dirs = [
|
||||||
|
"/home/lass/src"
|
||||||
|
"/home/lass/work"
|
||||||
|
"/home/lass/.gnupg"
|
||||||
|
"/home/lass/Maildir"
|
||||||
|
"/home/lass/stockholm"
|
||||||
|
"/home/lass/.password-store"
|
||||||
|
"/home/bitcoin"
|
||||||
|
"/home/bch"
|
||||||
|
];
|
||||||
|
passwordFile = (toString <secrets>) + "/restic/${dest}";
|
||||||
|
repo = "sftp:backup@${dest}.r:/backups/mors";
|
||||||
|
#sshPrivateKey = config.krebs.build.host.ssh.privkey.path;
|
||||||
|
extraArguments = [
|
||||||
|
"sftp.command='ssh backup@${dest}.r -i ${config.krebs.build.host.ssh.privkey.path} -s sftp'"
|
||||||
|
];
|
||||||
|
timerConfig = {
|
||||||
|
OnCalendar = "00:05";
|
||||||
|
RandomizedDelaySec = "5h";
|
||||||
|
};
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
@ -8,11 +8,15 @@ in {
|
|||||||
imports = [
|
imports = [
|
||||||
<stockholm/lass>
|
<stockholm/lass>
|
||||||
{
|
{
|
||||||
networking.interfaces.et0.ip4 = [
|
networking.interfaces.et0.ipv4.addresses = [
|
||||||
{
|
{
|
||||||
address = ip;
|
address = ip;
|
||||||
prefixLength = 27;
|
prefixLength = 27;
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
address = "46.4.114.243";
|
||||||
|
prefixLength = 27;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
networking.defaultGateway = "46.4.114.225";
|
networking.defaultGateway = "46.4.114.225";
|
||||||
networking.nameservers = [
|
networking.nameservers = [
|
||||||
@ -100,6 +104,7 @@ in {
|
|||||||
];
|
];
|
||||||
}
|
}
|
||||||
{ # TODO make new hfos.nix out of this vv
|
{ # TODO make new hfos.nix out of this vv
|
||||||
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||||||
users.users.riot = {
|
users.users.riot = {
|
||||||
uid = genid "riot";
|
uid = genid "riot";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
@ -110,29 +115,13 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
# TODO write function for proxy_pass (ssl/nonssl)
|
# TODO write function for proxy_pass (ssl/nonssl)
|
||||||
services.nginx.virtualHosts."hackerfleet.de" = {
|
|
||||||
serverAliases = [
|
krebs.iptables.tables.filter.FORWARD.rules = [
|
||||||
"*.hackerfleet.de"
|
{ v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
locations."/".extraConfig = ''
|
krebs.iptables.tables.nat.PREROUTING.rules = [
|
||||||
proxy_pass http://192.168.122.92:80;
|
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
|
||||||
'';
|
|
||||||
};
|
|
||||||
services.nginx.virtualHosts."hackerfleet.de-s" = {
|
|
||||||
serverName = "hackerfleet.de";
|
|
||||||
listen = [
|
|
||||||
{
|
|
||||||
addr = "0.0.0.0";
|
|
||||||
port = 443;
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
serverAliases = [
|
|
||||||
"*.hackerfleet.de"
|
|
||||||
];
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
proxy_pass http://192.168.122.92:443;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
users.users.tv = {
|
users.users.tv = {
|
||||||
@ -201,26 +190,6 @@ in {
|
|||||||
localAddress = "10.233.2.2";
|
localAddress = "10.233.2.2";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
|
||||||
#kaepsele
|
|
||||||
systemd.services."container@kaepsele".reloadIfChanged = mkForce false;
|
|
||||||
containers.kaepsele = {
|
|
||||||
config = { ... }: {
|
|
||||||
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
|
|
||||||
environment.systemPackages = [ pkgs.git ];
|
|
||||||
services.openssh.enable = true;
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [
|
|
||||||
lass.pubkey
|
|
||||||
tv.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
autoStart = true;
|
|
||||||
enableTun = true;
|
|
||||||
privateNetwork = true;
|
|
||||||
hostAddress = "10.233.2.3";
|
|
||||||
localAddress = "10.233.2.4";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
{
|
||||||
#onondaga
|
#onondaga
|
||||||
systemd.services."container@onondaga".reloadIfChanged = mkForce false;
|
systemd.services."container@onondaga".reloadIfChanged = mkForce false;
|
||||||
@ -249,13 +218,12 @@ in {
|
|||||||
<stockholm/lass/2configs/repo-sync.nix>
|
<stockholm/lass/2configs/repo-sync.nix>
|
||||||
<stockholm/lass/2configs/binary-cache/server.nix>
|
<stockholm/lass/2configs/binary-cache/server.nix>
|
||||||
<stockholm/lass/2configs/iodined.nix>
|
<stockholm/lass/2configs/iodined.nix>
|
||||||
<stockholm/lass/2configs/monitoring/server.nix>
|
|
||||||
<stockholm/lass/2configs/monitoring/monit-alarms.nix>
|
|
||||||
<stockholm/lass/2configs/paste.nix>
|
<stockholm/lass/2configs/paste.nix>
|
||||||
<stockholm/lass/2configs/syncthing.nix>
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
<stockholm/lass/2configs/reaktor-coders.nix>
|
<stockholm/lass/2configs/reaktor-coders.nix>
|
||||||
<stockholm/lass/2configs/ciko.nix>
|
<stockholm/lass/2configs/ciko.nix>
|
||||||
<stockholm/lass/2configs/container-networking.nix>
|
<stockholm/lass/2configs/container-networking.nix>
|
||||||
|
<stockholm/lass/2configs/monitoring/prometheus-server.nix>
|
||||||
{ # quasi bepasty.nix
|
{ # quasi bepasty.nix
|
||||||
imports = [
|
imports = [
|
||||||
<stockholm/lass/2configs/bepasty.nix>
|
<stockholm/lass/2configs/bepasty.nix>
|
||||||
@ -336,6 +304,35 @@ in {
|
|||||||
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
|
{ predicate = "-p tcp --dport 53589"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
<stockholm/lass/2configs/go.nix>
|
||||||
|
{
|
||||||
|
environment.systemPackages = [ pkgs.cryptsetup ];
|
||||||
|
systemd.services."container@red".reloadIfChanged = mkForce false;
|
||||||
|
containers.red = {
|
||||||
|
config = { ... }: {
|
||||||
|
environment.systemPackages = [ pkgs.git ];
|
||||||
|
services.openssh.enable = true;
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.lass.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
autoStart = false;
|
||||||
|
enableTun = true;
|
||||||
|
privateNetwork = true;
|
||||||
|
hostAddress = "10.233.2.3";
|
||||||
|
localAddress = "10.233.2.4";
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."rote-allez-fraktion.de" = {
|
||||||
|
enableACME = true;
|
||||||
|
addSSL = true;
|
||||||
|
locations."/" = {
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_set_header Host rote-allez-fraktion.de;
|
||||||
|
proxy_pass http://10.233.2.4;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.prism;
|
krebs.build.host = config.krebs.hosts.prism;
|
||||||
|
31
lass/1systems/red/config.nix
Normal file
31
lass/1systems/red/config.nix
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
inherit (import <stockholm/lass/2configs/websites/util.nix> {inherit lib pkgs;})
|
||||||
|
servephpBB
|
||||||
|
;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/lass>
|
||||||
|
<stockholm/lass/2configs>
|
||||||
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/websites>
|
||||||
|
<stockholm/lass/2configs/websites/sqlBackup.nix>
|
||||||
|
(servephpBB [ "rote-allez-fraktion.de" ])
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.red;
|
||||||
|
boot.isContainer = true;
|
||||||
|
networking.useDHCP = false;
|
||||||
|
|
||||||
|
services.nginx.enable = true;
|
||||||
|
environment.variables.NIX_REMOTE = "daemon";
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.mk_sql_pair
|
||||||
|
];
|
||||||
|
}
|
@ -1,3 +1,4 @@
|
|||||||
import <stockholm/lass/source.nix> {
|
import <stockholm/lass/source.nix> {
|
||||||
name = "echelon";
|
name = "red";
|
||||||
|
secure = true;
|
||||||
}
|
}
|
@ -15,9 +15,9 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/browsers.nix>
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
<stockholm/lass/2configs/programs.nix>
|
<stockholm/lass/2configs/programs.nix>
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/backups.nix>
|
|
||||||
<stockholm/lass/2configs/wine.nix>
|
<stockholm/lass/2configs/wine.nix>
|
||||||
<stockholm/lass/2configs/bitcoin.nix>
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
|
<stockholm/lass/2configs/backup.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.shodan;
|
krebs.build.host = config.krebs.hosts.shodan;
|
||||||
|
@ -9,7 +9,6 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/retiolum.nix>
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
#<stockholm/lass/2configs/exim-retiolum.nix>
|
#<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
<stockholm/lass/2configs/fetchWallpaper.nix>
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
<stockholm/lass/2configs/backups.nix>
|
|
||||||
{
|
{
|
||||||
# discordius config
|
# discordius config
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
|
@ -2,10 +2,4 @@ with import <stockholm/lib>;
|
|||||||
import <stockholm/lass/source.nix> {
|
import <stockholm/lass/source.nix> {
|
||||||
name = "xerxes";
|
name = "xerxes";
|
||||||
secure = true;
|
secure = true;
|
||||||
override = {
|
|
||||||
nixpkgs.git = mkForce {
|
|
||||||
url = https://github.com/lassulus/nixpkgs;
|
|
||||||
ref = "3eccd0b";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
20
lass/2configs/backup.nix
Normal file
20
lass/2configs/backup.nix
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
{ config, lib, ... }:
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
{
|
||||||
|
fileSystems = {
|
||||||
|
"/backups" = {
|
||||||
|
device = "/dev/pool/backup";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
users.users.backup = {
|
||||||
|
useDefaultShell = true;
|
||||||
|
home = "/backups";
|
||||||
|
createHome = true;
|
||||||
|
openssh.authorizedKeys.keys = with config.krebs.hosts; [
|
||||||
|
mors.ssh.pubkey
|
||||||
|
prism.ssh.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
@ -1,173 +0,0 @@
|
|||||||
{ config, lib, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
|
|
||||||
# TODO add timerConfig to krebs.backup and randomize startup
|
|
||||||
# TODO define plans more abstract
|
|
||||||
krebs.backup.plans = {
|
|
||||||
} // mapAttrs (_: recursiveUpdate {
|
|
||||||
snapshots = {
|
|
||||||
daily = { format = "%Y-%m-%d"; retain = 7; };
|
|
||||||
weekly = { format = "%YW%W"; retain = 4; };
|
|
||||||
monthly = { format = "%Y-%m"; retain = 12; };
|
|
||||||
yearly = { format = "%Y"; };
|
|
||||||
};
|
|
||||||
}) {
|
|
||||||
dishfire-http-prism = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.prism; path = "/bku/dishfire-http"; };
|
|
||||||
startAt = "03:00";
|
|
||||||
};
|
|
||||||
dishfire-http-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/dishfire-http"; };
|
|
||||||
startAt = "03:10";
|
|
||||||
};
|
|
||||||
dishfire-http-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/dishfire-http"; };
|
|
||||||
startAt = "03:05";
|
|
||||||
};
|
|
||||||
dishfire-http-shodan = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/dishfire-http"; };
|
|
||||||
startAt = "03:10";
|
|
||||||
};
|
|
||||||
dishfire-sql-prism = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.prism; path = "/bku/dishfire-sql"; };
|
|
||||||
startAt = "03:15";
|
|
||||||
};
|
|
||||||
dishfire-sql-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/dishfire-sql"; };
|
|
||||||
startAt = "03:25";
|
|
||||||
};
|
|
||||||
dishfire-sql-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/dishfire-sql"; };
|
|
||||||
startAt = "03:20";
|
|
||||||
};
|
|
||||||
dishfire-sql-shodan = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.dishfire; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/dishfire-sql"; };
|
|
||||||
startAt = "03:25";
|
|
||||||
};
|
|
||||||
prism-bitlbee-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-bitlbee"; };
|
|
||||||
startAt = "03:25";
|
|
||||||
};
|
|
||||||
prism-bitlbee-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/prism-bitlbee"; };
|
|
||||||
startAt = "03:25";
|
|
||||||
};
|
|
||||||
prism-bitlbee-shodan = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/var/lib/bitlbee"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-bitlbee"; };
|
|
||||||
startAt = "03:25";
|
|
||||||
};
|
|
||||||
prism-chat-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/home/chat"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-chat"; };
|
|
||||||
startAt = "03:35";
|
|
||||||
};
|
|
||||||
prism-chat-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/home/chat"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/prism-chat"; };
|
|
||||||
startAt = "03:30";
|
|
||||||
};
|
|
||||||
prism-chat-shodan = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/home/chat"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-chat"; };
|
|
||||||
startAt = "03:35";
|
|
||||||
};
|
|
||||||
prism-sql-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-sql_dumps"; };
|
|
||||||
startAt = "03:45";
|
|
||||||
};
|
|
||||||
prism-sql-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/prism-sql_dumps"; };
|
|
||||||
startAt = "03:40";
|
|
||||||
};
|
|
||||||
prism-sql-shodan = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/bku/sql_dumps"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-sql_dumps"; };
|
|
||||||
startAt = "03:45";
|
|
||||||
};
|
|
||||||
prism-http-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/prism-http"; };
|
|
||||||
startAt = "03:55";
|
|
||||||
};
|
|
||||||
prism-http-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/prism-http"; };
|
|
||||||
startAt = "03:50";
|
|
||||||
};
|
|
||||||
prism-http-shodan = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.prism; path = "/srv/http"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/prism-http"; };
|
|
||||||
startAt = "03:55";
|
|
||||||
};
|
|
||||||
icarus-home-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.icarus; path = "/home"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/icarus-home"; };
|
|
||||||
startAt = "05:00";
|
|
||||||
};
|
|
||||||
icarus-home-shodan = {
|
|
||||||
method = "push";
|
|
||||||
src = { host = config.krebs.hosts.icarus; path = "/home"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/icarus-home"; };
|
|
||||||
startAt = "05:00";
|
|
||||||
};
|
|
||||||
mors-home-icarus = {
|
|
||||||
method = "push";
|
|
||||||
src = { host = config.krebs.hosts.mors; path = "/home"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/mors-home"; };
|
|
||||||
startAt = "05:00";
|
|
||||||
};
|
|
||||||
mors-home-shodan = {
|
|
||||||
method = "push";
|
|
||||||
src = { host = config.krebs.hosts.mors; path = "/home"; };
|
|
||||||
dst = { host = config.krebs.hosts.shodan; path = "/bku/mors-home"; };
|
|
||||||
startAt = "05:00";
|
|
||||||
};
|
|
||||||
shodan-home-icarus = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.shodan; path = "/home"; };
|
|
||||||
dst = { host = config.krebs.hosts.icarus; path = "/bku/shodan-home"; };
|
|
||||||
startAt = "04:00";
|
|
||||||
};
|
|
||||||
shodan-home-mors = {
|
|
||||||
method = "pull";
|
|
||||||
src = { host = config.krebs.hosts.shodan; path = "/home"; };
|
|
||||||
dst = { host = config.krebs.hosts.mors; path = "/bku/shodan-home"; };
|
|
||||||
startAt = "04:00";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -9,7 +9,6 @@ in {
|
|||||||
./power-action.nix
|
./power-action.nix
|
||||||
./copyq.nix
|
./copyq.nix
|
||||||
./livestream.nix
|
./livestream.nix
|
||||||
./dns-stuff.nix
|
|
||||||
./urxvt.nix
|
./urxvt.nix
|
||||||
./network-manager.nix
|
./network-manager.nix
|
||||||
{
|
{
|
||||||
|
@ -10,9 +10,6 @@ in {
|
|||||||
krebs.per-user.bitcoin.packages = [
|
krebs.per-user.bitcoin.packages = [
|
||||||
pkgs.electrum
|
pkgs.electrum
|
||||||
];
|
];
|
||||||
krebs.per-user.ethereum.packages = [
|
|
||||||
pkgs.go-ethereum
|
|
||||||
];
|
|
||||||
users.extraUsers = {
|
users.extraUsers = {
|
||||||
bch = {
|
bch = {
|
||||||
name = "bch";
|
name = "bch";
|
||||||
@ -28,13 +25,6 @@ in {
|
|||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
};
|
};
|
||||||
ethereum = {
|
|
||||||
name = "ethereum";
|
|
||||||
description = "user for ethereum stuff";
|
|
||||||
home = "/home/ethereum";
|
|
||||||
useDefaultShell = true;
|
|
||||||
createHome = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
${mainUser.name} ALL=(bitcoin) NOPASSWD: ALL
|
${mainUser.name} ALL=(bitcoin) NOPASSWD: ALL
|
||||||
|
@ -21,59 +21,37 @@ let
|
|||||||
$BIN "$@"
|
$BIN "$@"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
createChromiumUser = name: extraGroups: precedence:
|
createUser = script: name: groups: precedence: dpi:
|
||||||
let
|
{
|
||||||
bin = pkgs.writeScriptBin name ''
|
lass.xjail.${name} = {
|
||||||
/var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@
|
inherit script groups dpi;
|
||||||
'';
|
|
||||||
in {
|
|
||||||
users.extraUsers.${name} = {
|
|
||||||
inherit name;
|
|
||||||
inherit extraGroups;
|
|
||||||
home = "/home/${name}";
|
|
||||||
uid = genid name;
|
|
||||||
useDefaultShell = true;
|
|
||||||
createHome = true;
|
|
||||||
};
|
};
|
||||||
|
environment.systemPackages = [
|
||||||
|
config.lass.xjail-bins.${name}
|
||||||
|
(pkgs.writeDashBin "cx-${name}" ''
|
||||||
|
DISPLAY=:${toString (genid_signed name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip
|
||||||
|
'')
|
||||||
|
];
|
||||||
lass.browser.paths.${name} = {
|
lass.browser.paths.${name} = {
|
||||||
path = bin;
|
path = config.lass.xjail-bins.${name};
|
||||||
inherit precedence;
|
inherit precedence;
|
||||||
};
|
};
|
||||||
security.sudo.extraConfig = ''
|
|
||||||
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
|
|
||||||
'';
|
|
||||||
environment.systemPackages = [
|
|
||||||
bin
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
createFirefoxUser = name: extraGroups: precedence:
|
createChromiumUser = name: groups: precedence:
|
||||||
let
|
createUser (pkgs.writeDash name ''
|
||||||
bin = pkgs.writeScriptBin name ''
|
${pkgs.chromium}/bin/chromium "$@"
|
||||||
/var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox-devedition-bin}/bin/firefox-devedition $@
|
'') name groups precedence 80;
|
||||||
'';
|
|
||||||
in {
|
|
||||||
users.extraUsers.${name} = {
|
|
||||||
inherit name;
|
|
||||||
inherit extraGroups;
|
|
||||||
home = "/home/${name}";
|
|
||||||
uid = genid name;
|
|
||||||
useDefaultShell = true;
|
|
||||||
createHome = true;
|
|
||||||
};
|
|
||||||
lass.browser.paths.${name} = {
|
|
||||||
path = bin;
|
|
||||||
inherit precedence;
|
|
||||||
};
|
|
||||||
security.sudo.extraConfig = ''
|
|
||||||
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
|
|
||||||
'';
|
|
||||||
environment.systemPackages = [
|
|
||||||
bin
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
#TODO: abstract this
|
createFirefoxUser = name: groups: precedence:
|
||||||
|
createUser (pkgs.writeDash name ''
|
||||||
|
${pkgs.firefox-devedition-bin}/bin/firefox-devedition "$@"
|
||||||
|
'') name groups precedence 80;
|
||||||
|
|
||||||
|
createQuteUser = name: groups: precedence:
|
||||||
|
createUser (pkgs.writeDash name ''
|
||||||
|
${pkgs.qutebrowser}/bin/qutebrowser "$@"
|
||||||
|
'') name groups precedence 60;
|
||||||
|
|
||||||
in {
|
in {
|
||||||
|
|
||||||
@ -110,12 +88,13 @@ in {
|
|||||||
}));
|
}));
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
( createQuteUser "qb" [ "audio" ] 20 )
|
||||||
( createFirefoxUser "ff" [ "audio" ] 10 )
|
( createFirefoxUser "ff" [ "audio" ] 10 )
|
||||||
( createChromiumUser "cr" [ "video" "audio" ] 9 )
|
( createChromiumUser "cr" [ "audio" ] 9 )
|
||||||
( createChromiumUser "gm" [ "video" "audio" ] 8 )
|
( createChromiumUser "gm" [ "video" "audio" ] 8 )
|
||||||
( createChromiumUser "wk" [ "video" "audio" ] 0 )
|
( createChromiumUser "wk" [ "audio" ] 0 )
|
||||||
( createChromiumUser "fb" [ "video" "audio" ] 0 )
|
( createChromiumUser "fb" [ "audio" ] 0 )
|
||||||
( createChromiumUser "com" [ "video" "audio" ] 0 )
|
( createChromiumUser "com" [ "audio" ] 0 )
|
||||||
( createChromiumUser "fin" [] (-1) )
|
( createChromiumUser "fin" [] (-1) )
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -9,6 +9,7 @@ in {
|
|||||||
dev = {
|
dev = {
|
||||||
name = "dev";
|
name = "dev";
|
||||||
uid = genid "dev";
|
uid = genid "dev";
|
||||||
|
extraGroups = [ "docker" ];
|
||||||
description = "user for collaborative development";
|
description = "user for collaborative development";
|
||||||
home = "/home/dev";
|
home = "/home/dev";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
@ -6,10 +6,9 @@ with import <stockholm/lib>;
|
|||||||
./gc.nix
|
./gc.nix
|
||||||
./mc.nix
|
./mc.nix
|
||||||
./vim.nix
|
./vim.nix
|
||||||
./monitoring/client.nix
|
./monitoring/node-exporter.nix
|
||||||
./zsh.nix
|
./zsh.nix
|
||||||
./htop.nix
|
./htop.nix
|
||||||
./backups.nix
|
|
||||||
./security-workarounds.nix
|
./security-workarounds.nix
|
||||||
{
|
{
|
||||||
users.extraUsers =
|
users.extraUsers =
|
||||||
|
@ -1,16 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
services.dnscrypt-proxy = {
|
|
||||||
enable = true;
|
|
||||||
localAddress = "127.1.0.1";
|
|
||||||
customResolver = {
|
|
||||||
address = config.krebs.hosts.gum.nets.internet.ip4.addr;
|
|
||||||
port = 15251;
|
|
||||||
name = "2.dnscrypt-cert.euer.krebsco.de";
|
|
||||||
key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
services.resolved.enable = true;
|
|
||||||
services.resolved.fallbackDns = [ "127.1.0.1" ];
|
|
||||||
}
|
|
@ -78,6 +78,8 @@ with import <stockholm/lib>;
|
|||||||
{ from = "github@lassul.us"; to = lass.mail; }
|
{ from = "github@lassul.us"; to = lass.mail; }
|
||||||
{ from = "ovh@lassul.us"; to = lass.mail; }
|
{ from = "ovh@lassul.us"; to = lass.mail; }
|
||||||
{ from = "hetzner@lassul.us"; to = lass.mail; }
|
{ from = "hetzner@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "allygator@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "immoscout@lassul.us"; to = lass.mail; }
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
let
|
let
|
||||||
mainUser = config.users.extraUsers.mainUser;
|
mainUser = config.users.extraUsers.mainUser;
|
||||||
vdoom = pkgs.writeDash "vdoom" ''
|
vdoom = pkgs.writeDash "vdoom" ''
|
||||||
${pkgs.zandronum-bin}/bin/zandronum \
|
${pkgs.zandronum}/bin/zandronum \
|
||||||
-fov 120 \
|
-fov 120 \
|
||||||
"$@"
|
"$@"
|
||||||
'';
|
'';
|
||||||
@ -50,7 +50,7 @@ let
|
|||||||
vdoomserver = pkgs.writeDashBin "vdoomserver" ''
|
vdoomserver = pkgs.writeDashBin "vdoomserver" ''
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||||
|
|
||||||
${pkgs.zandronum-bin}/bin/zandronum-server \
|
${pkgs.zandronum}/bin/zandronum-server \
|
||||||
+exec ${doomservercfg} \
|
+exec ${doomservercfg} \
|
||||||
"$@"
|
"$@"
|
||||||
'';
|
'';
|
||||||
|
@ -3,6 +3,6 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
nix.gc = {
|
nix.gc = {
|
||||||
automatic = ! elem config.krebs.build.host.name [ "prism" "mors" "helios" ];
|
automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -57,6 +57,16 @@ let
|
|||||||
cgit.desc = "Fork of nix-user-chroot my lethalman";
|
cgit.desc = "Fork of nix-user-chroot my lethalman";
|
||||||
cgit.section = "software";
|
cgit.section = "software";
|
||||||
};
|
};
|
||||||
|
nixos-aws = {
|
||||||
|
collaborators = [ {
|
||||||
|
name = "fabio";
|
||||||
|
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFst8DvnfOu4pQJYxcwdf//jWTvP+jj0iSrOdt59c9Gbujm/8K1mBXhcSQhHj/GBRC1Qc1wipf9qZsWnEHMI+SRwq6tDr8gqlAcdWmHAs1bU96jJtc8EgmUKbXTFG/VmympMPi4cEbNUtH93v6NUjQKwq9szvDhhqSW4Y8zE32xLkySwobQapNaUrGAtQp3eTxu5Lkx+cEaaartaAspt8wSosXjUHUJktg0O5/XOP+CiWAx89AXxbQCy4XTQvUExoRGdw9sdu0lF0/A0dF4lFF/dDUS7+avY8MrKEcQ8Fwk8NcW1XrKMmCdNdpvou0whL9aHCdTJ+522dsSB1zZWh63Si4CrLKlc1TiGKCXdvzmCYrD+6WxbPJdRpMM4dFNtpAwhCm/dM+CBXfDkP0s5veFiYvp1ri+3hUqV/sep9r5/+d+5/R1gQs8WDNjWqcshveFbD5LxE6APEySB4QByGxIrw7gFbozE+PNxtlVP7bq4MyE6yIzL6ofQgO1e4THquPcqSCfCvyib5M2Q1phi5DETlMemWp84AsNkqbhRa4BGRycuOXXrBzE+RgQokcIY7t3xcu3q0xJo2+HxW/Lqi72zYU1NdT4nJMETEaG49FfIAnUuoVaQWWvOz8mQuVEmmdw2Yzo2ikILYSUdHTp1VPOeo6aNPvESkPw1eM0xDRlQ== ada";
|
||||||
|
} ];
|
||||||
|
};
|
||||||
|
krops = {
|
||||||
|
cgit.desc = "krebs deployment";
|
||||||
|
cgit.section = "software";
|
||||||
|
};
|
||||||
} // mapAttrs make-public-repo-silent {
|
} // mapAttrs make-public-repo-silent {
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -70,8 +80,8 @@ let
|
|||||||
import <secrets/repos.nix> { inherit config lib pkgs; }
|
import <secrets/repos.nix> { inherit config lib pkgs; }
|
||||||
);
|
);
|
||||||
|
|
||||||
make-public-repo = name: { cgit ? {}, ... }: {
|
make-public-repo = name: { cgit ? {}, collaborators ? [], ... }: {
|
||||||
inherit cgit name;
|
inherit cgit collaborators name;
|
||||||
public = true;
|
public = true;
|
||||||
hooks = {
|
hooks = {
|
||||||
post-receive = pkgs.git-hooks.irc-announce {
|
post-receive = pkgs.git-hooks.irc-announce {
|
||||||
|
19
lass/2configs/go.nix
Normal file
19
lass/2configs/go.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
krebs.go = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
virtualHosts.go = {
|
||||||
|
locations."/".extraConfig = ''
|
||||||
|
proxy_set_header Host go.lassul.us;
|
||||||
|
proxy_pass http://localhost:1337;
|
||||||
|
'';
|
||||||
|
serverAliases = [
|
||||||
|
"go.lassul.us"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -8,6 +8,16 @@ let
|
|||||||
logfile ~/.msmtp.log
|
logfile ~/.msmtp.log
|
||||||
account prism
|
account prism
|
||||||
host prism.r
|
host prism.r
|
||||||
|
account c-base
|
||||||
|
from lassulus@c-base.org
|
||||||
|
host c-mail.c-base.org
|
||||||
|
port 465
|
||||||
|
tls on
|
||||||
|
tls_starttls off
|
||||||
|
tls_fingerprint 8C:10:A6:AB:1F:82:C4:8F:B1:B4:22:D5:8B:8B:49:9B:59:0B:22:A4
|
||||||
|
auth on
|
||||||
|
user lassulus
|
||||||
|
passwordeval pass show c-base/pass
|
||||||
account default: prism
|
account default: prism
|
||||||
'';
|
'';
|
||||||
|
|
||||||
@ -36,9 +46,11 @@ let
|
|||||||
];
|
];
|
||||||
dezentrale = [ "to:dezentrale.space" ];
|
dezentrale = [ "to:dezentrale.space" ];
|
||||||
dhl = [ "to:dhl@lassul.us" ];
|
dhl = [ "to:dhl@lassul.us" ];
|
||||||
|
eloop = [ "to:eloop.org" ];
|
||||||
github = [ "to:github@lassul.us" ];
|
github = [ "to:github@lassul.us" ];
|
||||||
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
|
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
|
||||||
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
|
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
|
||||||
|
lugs = [ "to:lugs@lug-s.org" ];
|
||||||
nix-devel = [ "to:nix-devel@googlegroups.com" ];
|
nix-devel = [ "to:nix-devel@googlegroups.com" ];
|
||||||
patreon = [ "to:patreon@lassul.us" ];
|
patreon = [ "to:patreon@lassul.us" ];
|
||||||
paypal = [ "to:paypal@lassul.us" ];
|
paypal = [ "to:paypal@lassul.us" ];
|
||||||
@ -63,9 +75,9 @@ let
|
|||||||
|
|
||||||
muttrc = pkgs.writeText "muttrc" ''
|
muttrc = pkgs.writeText "muttrc" ''
|
||||||
# gpg
|
# gpg
|
||||||
source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
|
source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc
|
||||||
set pgp_use_gpg_agent = yes
|
set pgp_use_gpg_agent = yes
|
||||||
set pgp_sign_as = 0x976A7E4D
|
set pgp_sign_as = 0xDC2A43EF4F11E854B44D599A89E82952976A7E4D
|
||||||
set crypt_autosign = yes
|
set crypt_autosign = yes
|
||||||
set crypt_replyencrypt = yes
|
set crypt_replyencrypt = yes
|
||||||
set crypt_verify_sig = yes
|
set crypt_verify_sig = yes
|
||||||
@ -183,7 +195,7 @@ let
|
|||||||
name = "mutt";
|
name = "mutt";
|
||||||
paths = [
|
paths = [
|
||||||
(pkgs.writeDashBin "mutt" ''
|
(pkgs.writeDashBin "mutt" ''
|
||||||
exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@
|
exec ${pkgs.neomutt}/bin/neomutt -F ${muttrc} $@
|
||||||
'')
|
'')
|
||||||
pkgs.neomutt
|
pkgs.neomutt
|
||||||
];
|
];
|
||||||
@ -194,8 +206,11 @@ in {
|
|||||||
msmtp
|
msmtp
|
||||||
mutt
|
mutt
|
||||||
pkgs.much
|
pkgs.much
|
||||||
pkgs.notmuch
|
|
||||||
tag-new-mails
|
tag-new-mails
|
||||||
tag-old-mails
|
tag-old-mails
|
||||||
];
|
];
|
||||||
|
|
||||||
|
nixpkgs.config.packageOverrides = opkgs: {
|
||||||
|
notmuch = (opkgs.notmuch.overrideAttrs (o: { doCheck = false; }));
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
@ -1,26 +0,0 @@
|
|||||||
{pkgs, config, ...}:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
services.telegraf = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
extraConfig = {
|
|
||||||
agent.interval = "1s";
|
|
||||||
outputs = {
|
|
||||||
influxdb = {
|
|
||||||
urls = ["http://prism:8086"];
|
|
||||||
database = "telegraf_db";
|
|
||||||
user_agent = "telegraf";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
inputs = {
|
|
||||||
cpu = {
|
|
||||||
percpu = false;
|
|
||||||
totalcpu = true;
|
|
||||||
};
|
|
||||||
mem = {};
|
|
||||||
net = {};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,44 +0,0 @@
|
|||||||
{pkgs, config, ...}:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
let
|
|
||||||
echoToIrc = msg:
|
|
||||||
pkgs.writeDash "echo_irc" ''
|
|
||||||
set -euf
|
|
||||||
export LOGNAME=prism-alarm
|
|
||||||
${pkgs.irc-announce}/bin/irc-announce \
|
|
||||||
irc.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null
|
|
||||||
'';
|
|
||||||
|
|
||||||
in {
|
|
||||||
krebs.monit = {
|
|
||||||
enable = true;
|
|
||||||
http.enable = true;
|
|
||||||
alarms = {
|
|
||||||
nirwanabluete = {
|
|
||||||
test = "${pkgs.curl}/bin/curl -sf 'https://nirwanabluete.de/'";
|
|
||||||
alarm = echoToIrc "test nirwanabluete failed";
|
|
||||||
};
|
|
||||||
ubik = {
|
|
||||||
test = "${pkgs.curl}/bin/curl -sf 'https://ubikmedia.de'";
|
|
||||||
alarm = echoToIrc "test ubik failed";
|
|
||||||
};
|
|
||||||
cac-panel = {
|
|
||||||
test = "${pkgs.curl}/bin/curl -sf 'https://panel.cloudatcost.com/login.php'";
|
|
||||||
alarm = echoToIrc "test cac-panel failed";
|
|
||||||
};
|
|
||||||
radio = {
|
|
||||||
test = pkgs.writeBash "check_stream" ''
|
|
||||||
${pkgs.curl}/bin/curl -sif http://lassul.us:8000/radio.ogg \
|
|
||||||
| ${pkgs.gawk}/bin/awk '/^\r$/{exit}{print $0}' \
|
|
||||||
| ${pkgs.gnugrep}/bin/grep -q "200 OK" || exit "''${PIPESTATUS[0]}"
|
|
||||||
'';
|
|
||||||
alarm = echoToIrc "test radio failed";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
15
lass/2configs/monitoring/node-exporter.nix
Normal file
15
lass/2configs/monitoring/node-exporter.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
{
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-i retiolum -p tcp --dport 9100 -s ${config.krebs.hosts.prism.nets.retiolum.ip4.addr}"; target = "ACCEPT"; v6 = false; }
|
||||||
|
{ predicate = "-i retiolum -p tcp --dport 9100 -s ${config.krebs.hosts.prism.nets.retiolum.ip6.addr}"; target = "ACCEPT"; v4 = false; }
|
||||||
|
];
|
||||||
|
services.prometheus.exporters = {
|
||||||
|
node = {
|
||||||
|
enable = true;
|
||||||
|
enabledCollectors = [
|
||||||
|
"systemd"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
217
lass/2configs/monitoring/prometheus-server.nix
Normal file
217
lass/2configs/monitoring/prometheus-server.nix
Normal file
@ -0,0 +1,217 @@
|
|||||||
|
{ pkgs, lib, config, ... }:
|
||||||
|
{
|
||||||
|
#networking = {
|
||||||
|
# firewall.allowedTCPPorts = [
|
||||||
|
# 3000 # grafana
|
||||||
|
# 9090 # prometheus
|
||||||
|
# 9093 # alertmanager
|
||||||
|
# ];
|
||||||
|
# useDHCP = true;
|
||||||
|
#};
|
||||||
|
|
||||||
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
|
{ predicate = "-i retiolum -p tcp --dport 3000"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-i retiolum -p tcp --dport 9090"; target = "ACCEPT"; }
|
||||||
|
{ predicate = "-i retiolum -p tcp --dport 9093"; target = "ACCEPT"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
services = {
|
||||||
|
prometheus = {
|
||||||
|
enable = true;
|
||||||
|
extraFlags = [
|
||||||
|
"-storage.local.retention 8760h"
|
||||||
|
"-storage.local.series-file-shrink-ratio 0.3"
|
||||||
|
"-storage.local.memory-chunks 2097152"
|
||||||
|
"-storage.local.max-chunks-to-persist 1048576"
|
||||||
|
"-storage.local.index-cache-size.fingerprint-to-metric 2097152"
|
||||||
|
"-storage.local.index-cache-size.fingerprint-to-timerange 1048576"
|
||||||
|
"-storage.local.index-cache-size.label-name-to-label-values 2097152"
|
||||||
|
"-storage.local.index-cache-size.label-pair-to-fingerprints 41943040"
|
||||||
|
];
|
||||||
|
alertmanagerURL = [ "http://localhost:9093" ];
|
||||||
|
rules = [
|
||||||
|
''
|
||||||
|
ALERT node_down
|
||||||
|
IF up == 0
|
||||||
|
FOR 5m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Node is down.",
|
||||||
|
description = "{{$labels.alias}} has been down for more than 5 minutes."
|
||||||
|
}
|
||||||
|
ALERT node_systemd_service_failed
|
||||||
|
IF node_systemd_unit_state{state="failed"} == 1
|
||||||
|
FOR 4m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Service {{$labels.name}} failed to start.",
|
||||||
|
description = "{{$labels.alias}} failed to (re)start service {{$labels.name}}."
|
||||||
|
}
|
||||||
|
ALERT node_filesystem_full_90percent
|
||||||
|
IF sort(node_filesystem_free{device!="ramfs"} < node_filesystem_size{device!="ramfs"} * 0.1) / 1024^3
|
||||||
|
FOR 5m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Filesystem is running out of space soon.",
|
||||||
|
description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} got less than 10% space left on its filesystem."
|
||||||
|
}
|
||||||
|
ALERT node_filesystem_full_in_4h
|
||||||
|
IF predict_linear(node_filesystem_free{device!="ramfs"}[1h], 4*3600) <= 0
|
||||||
|
FOR 5m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Filesystem is running out of space in 4 hours.",
|
||||||
|
description = "{{$labels.alias}} device {{$labels.device}} on {{$labels.mountpoint}} is running out of space of in approx. 4 hours"
|
||||||
|
}
|
||||||
|
ALERT node_filedescriptors_full_in_3h
|
||||||
|
IF predict_linear(node_filefd_allocated[1h], 3*3600) >= node_filefd_maximum
|
||||||
|
FOR 20m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}} is running out of available file descriptors in 3 hours.",
|
||||||
|
description = "{{$labels.alias}} is running out of available file descriptors in approx. 3 hours"
|
||||||
|
}
|
||||||
|
ALERT node_load1_90percent
|
||||||
|
IF node_load1 / on(alias) count(node_cpu{mode="system"}) by (alias) >= 0.9
|
||||||
|
FOR 1h
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: Running on high load.",
|
||||||
|
description = "{{$labels.alias}} is running with > 90% total load for at least 1h."
|
||||||
|
}
|
||||||
|
ALERT node_cpu_util_90percent
|
||||||
|
IF 100 - (avg by (alias) (irate(node_cpu{mode="idle"}[5m])) * 100) >= 90
|
||||||
|
FOR 1h
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary = "{{$labels.alias}}: High CPU utilization.",
|
||||||
|
description = "{{$labels.alias}} has total CPU utilization over 90% for at least 1h."
|
||||||
|
}
|
||||||
|
ALERT node_ram_using_90percent
|
||||||
|
IF node_memory_MemFree + node_memory_Buffers + node_memory_Cached < node_memory_MemTotal * 0.1
|
||||||
|
FOR 30m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary="{{$labels.alias}}: Using lots of RAM.",
|
||||||
|
description="{{$labels.alias}} is using at least 90% of its RAM for at least 30 minutes now.",
|
||||||
|
}
|
||||||
|
ALERT node_swap_using_80percent
|
||||||
|
IF node_memory_SwapTotal - (node_memory_SwapFree + node_memory_SwapCached) > node_memory_SwapTotal * 0.8
|
||||||
|
FOR 10m
|
||||||
|
LABELS {
|
||||||
|
severity="page"
|
||||||
|
}
|
||||||
|
ANNOTATIONS {
|
||||||
|
summary="{{$labels.alias}}: Running out of swap soon.",
|
||||||
|
description="{{$labels.alias}} is using 80% of its swap space for at least 10 minutes now."
|
||||||
|
}
|
||||||
|
''
|
||||||
|
];
|
||||||
|
scrapeConfigs = [
|
||||||
|
{
|
||||||
|
job_name = "node";
|
||||||
|
scrape_interval = "10s";
|
||||||
|
static_configs = [
|
||||||
|
{
|
||||||
|
targets = [
|
||||||
|
] ++ map (host: "${host}:9100") (lib.attrNames (lib.filterAttrs (_: host: host.owner.name == "lass" && host.monitoring) config.krebs.hosts));
|
||||||
|
#labels = {
|
||||||
|
# alias = "prometheus.example.com";
|
||||||
|
#};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
alertmanager = {
|
||||||
|
enable = true;
|
||||||
|
listenAddress = "0.0.0.0";
|
||||||
|
configuration = {
|
||||||
|
"global" = {
|
||||||
|
"smtp_smarthost" = "smtp.example.com:587";
|
||||||
|
"smtp_from" = "alertmanager@example.com";
|
||||||
|
};
|
||||||
|
"route" = {
|
||||||
|
"group_by" = [ "alertname" "alias" ];
|
||||||
|
"group_wait" = "30s";
|
||||||
|
"group_interval" = "2m";
|
||||||
|
"repeat_interval" = "4h";
|
||||||
|
"receiver" = "team-admins";
|
||||||
|
};
|
||||||
|
"receivers" = [
|
||||||
|
{
|
||||||
|
"name" = "team-admins";
|
||||||
|
"email_configs" = [
|
||||||
|
{
|
||||||
|
"to" = "devnull@example.com";
|
||||||
|
"send_resolved" = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
"webhook_configs" = [
|
||||||
|
{
|
||||||
|
"url" = "https://example.com/prometheus-alerts";
|
||||||
|
"send_resolved" = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
grafana = {
|
||||||
|
enable = true;
|
||||||
|
addr = "0.0.0.0";
|
||||||
|
domain = "grafana.example.com";
|
||||||
|
rootUrl = "https://grafana.example.com/";
|
||||||
|
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.logstash = {
|
||||||
|
enable = true;
|
||||||
|
inputConfig = ''
|
||||||
|
http {
|
||||||
|
port => 14813
|
||||||
|
host => "127.0.0.1"
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
filterConfig = ''
|
||||||
|
if ([alerts]) {
|
||||||
|
ruby {
|
||||||
|
code => '
|
||||||
|
lines = []
|
||||||
|
event["alerts"].each {|p|
|
||||||
|
lines << "#{p["labels"]["instance"]}#{p["annotations"]["summary"]} #{p["status"]}"
|
||||||
|
}
|
||||||
|
event["output"] = lines.join("\n")
|
||||||
|
'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
outputConfig = ''
|
||||||
|
file { path => "/tmp/logs.json" codec => "json_lines" }
|
||||||
|
irc {
|
||||||
|
channels => [ "#noise" ]
|
||||||
|
host => "irc.r"
|
||||||
|
nick => "alarm"
|
||||||
|
codec => "json_lines"
|
||||||
|
format => "%{output}"
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
#plugins = [ ];
|
||||||
|
};
|
||||||
|
}
|
@ -1,87 +0,0 @@
|
|||||||
{pkgs, config, ...}:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
services.influxdb.enable = true;
|
|
||||||
|
|
||||||
services.influxdb.extraConfig = {
|
|
||||||
meta.hostname = config.krebs.build.host.name;
|
|
||||||
# meta.logging-enabled = true;
|
|
||||||
http.bind-address = ":8086";
|
|
||||||
admin.bind-address = ":8083";
|
|
||||||
http.log-enabled = false;
|
|
||||||
monitoring = {
|
|
||||||
enabled = false;
|
|
||||||
# write-interval = "24h";
|
|
||||||
};
|
|
||||||
collectd = [{
|
|
||||||
enabled = true;
|
|
||||||
typesdb = "${pkgs.collectd}/share/collectd/types.db";
|
|
||||||
database = "collectd_db";
|
|
||||||
port = 25826;
|
|
||||||
}];
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.kapacitor =
|
|
||||||
let
|
|
||||||
db = "telegraf_db";
|
|
||||||
echoToIrc = pkgs.writeDash "echo_irc" ''
|
|
||||||
set -euf
|
|
||||||
data="$(${pkgs.jq}/bin/jq -r .message)"
|
|
||||||
export LOGNAME=prism-alarm
|
|
||||||
${pkgs.irc-announce}/bin/irc-announce \
|
|
||||||
irc.r 6667 prism-alarm \#noise "$data" >/dev/null
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
alarms = {
|
|
||||||
cpu = {
|
|
||||||
database = db;
|
|
||||||
text = ''
|
|
||||||
var data = batch
|
|
||||||
|query(${"'''"}
|
|
||||||
SELECT mean("usage_user") AS mean
|
|
||||||
FROM "${db}"."default"."cpu"
|
|
||||||
${"'''"})
|
|
||||||
.period(10m)
|
|
||||||
.every(1m)
|
|
||||||
.groupBy('host')
|
|
||||||
data |alert()
|
|
||||||
.crit(lambda: "mean" > 90)
|
|
||||||
.exec('${echoToIrc}')
|
|
||||||
data |deadman(1.0,5m)
|
|
||||||
.stateChangesOnly()
|
|
||||||
.exec('${echoToIrc}')
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
ram = {
|
|
||||||
database = db;
|
|
||||||
text = ''
|
|
||||||
var data = batch
|
|
||||||
|query(${"'''"}
|
|
||||||
SELECT mean("used_percent") AS mean
|
|
||||||
FROM "${db}"."default"."mem"
|
|
||||||
${"'''"})
|
|
||||||
.period(10m)
|
|
||||||
.every(1m)
|
|
||||||
.groupBy('host')
|
|
||||||
data |alert()
|
|
||||||
.crit(lambda: "mean" > 90)
|
|
||||||
.exec('${echoToIrc}')
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.grafana = {
|
|
||||||
enable = true;
|
|
||||||
addr = "0.0.0.0";
|
|
||||||
auth.anonymous.enable = true;
|
|
||||||
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
}
|
|
@ -14,7 +14,13 @@
|
|||||||
RestartSec = "5";
|
RestartSec = "5";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
networking.networkmanager.enable = true;
|
networking.networkmanager = {
|
||||||
|
enable = true;
|
||||||
|
unmanaged = [
|
||||||
|
"docker*"
|
||||||
|
"vboxnet*"
|
||||||
|
];
|
||||||
|
};
|
||||||
users.users.mainUser = {
|
users.users.mainUser = {
|
||||||
extraGroups = [ "networkmanager" ];
|
extraGroups = [ "networkmanager" ];
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
|
@ -3,10 +3,5 @@
|
|||||||
{
|
{
|
||||||
services.privoxy = {
|
services.privoxy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = ''
|
|
||||||
#use polipo
|
|
||||||
forward / localhost:8123
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
services.polipo.enable = true;
|
|
||||||
}
|
}
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user