Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
6eb5e44b7e
5
.gitmodules
vendored
5
.gitmodules
vendored
@ -1,12 +1,9 @@
|
||||
[submodule "submodules/nix-writers"]
|
||||
path = submodules/nix-writers
|
||||
url = http://cgit.krebsco.de/nix-writers
|
||||
url = https://cgit.krebsco.de/nix-writers
|
||||
[submodule "submodules/krops"]
|
||||
path = submodules/krops
|
||||
url = https://cgit.krebsco.de/krops
|
||||
[submodule "lass/5pkgs/autowifi"]
|
||||
path = lass/5pkgs/autowifi
|
||||
url = https://github.com/Lassulus/autowifi
|
||||
[submodule "jeschli/2configs/elisp"]
|
||||
path = jeschli/2configs/elisp
|
||||
url = https://github.com/Jeschli/misc-elisp-scripts.git
|
||||
|
@ -1,125 +0,0 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[
|
||||
./hardware-configuration.nix
|
||||
<stockholm/jeschli>
|
||||
<stockholm/jeschli/2configs/urxvt.nix>
|
||||
<stockholm/jeschli/2configs/i3.nix>
|
||||
<stockholm/jeschli/2configs/emacs.nix>
|
||||
<stockholm/jeschli/2configs/rust.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.bolide;
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
# boot.loader.grub.efiSupport = true;
|
||||
# boot.loader.grub.efiInstallAsRemovable = true;
|
||||
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
# Define on which hard drive you want to install Grub.
|
||||
boot.loader.grub.device = "/dev/sdb"; # or "nodev" for efi only
|
||||
boot.initrd.luks.devices = [ {
|
||||
name = "bla";
|
||||
device = "/dev/disk/by-uuid/53f1eeaf-a7ac-456c-a2af-778dd8b8d5b0";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
} ];
|
||||
# networking.hostName = "bolide"; # Define your hostname.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
networking.networkmanager.enable = true;
|
||||
networking.enableB43Firmware = true; #new
|
||||
|
||||
# Select internationalisation properties.
|
||||
# i18n = {
|
||||
# consoleFont = "Lat2-Terminus16";
|
||||
# consoleKeyMap = "us";
|
||||
# defaultLocale = "en_US.UTF-8";
|
||||
# };
|
||||
|
||||
# Set your time zone.
|
||||
# time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
# List packages installed in system profile. To search by name, run:
|
||||
# $ nix-env -qaP | grep wget
|
||||
environment.shellAliases = {
|
||||
n = "nix-shell";
|
||||
stocki = pkgs.writeDash "deploy" ''
|
||||
cd ~/stockholm
|
||||
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bolide"'
|
||||
'';
|
||||
};
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
rofi
|
||||
wget vim
|
||||
# system helper
|
||||
ag
|
||||
curl
|
||||
copyq
|
||||
dmenu
|
||||
git
|
||||
i3lock
|
||||
keepass
|
||||
networkmanagerapplet
|
||||
rsync
|
||||
terminator
|
||||
tmux
|
||||
wget
|
||||
# rxvt_unicode
|
||||
# editors
|
||||
emacs
|
||||
# internet
|
||||
thunderbird
|
||||
chromium
|
||||
google-chrome
|
||||
# programming languages
|
||||
vscode
|
||||
go
|
||||
gcc9
|
||||
ccls
|
||||
unstable.clang_8
|
||||
ghc
|
||||
python37
|
||||
python37Packages.pip
|
||||
# go tools
|
||||
golint
|
||||
gotools
|
||||
# dev tools
|
||||
elmPackages.elm
|
||||
gnumake
|
||||
jetbrains.pycharm-professional
|
||||
jetbrains.webstorm
|
||||
jetbrains.goland
|
||||
# document viewer
|
||||
zathura
|
||||
];
|
||||
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
|
||||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
|
||||
users.extraUsers.jeschli = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["docker" "vboxusers" "audio"];
|
||||
uid = 1000;
|
||||
};
|
||||
|
||||
hardware.pulseaudio.enable = true;
|
||||
# This value determines the NixOS release with which your system is to be
|
||||
# compatible, in order to avoid breaking some software such as database
|
||||
# servers. You should change this only after NixOS release notes say you
|
||||
# should.
|
||||
system.stateVersion = "17.09"; # Did you read the comment?
|
||||
|
||||
}
|
||||
|
@ -1,33 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
|
||||
boot.kernelModules = [ "kvm-intel" "wl" ];
|
||||
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/bolide-pool/bolide-root";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/bolide-pool/bolide-home";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/3aeb67c4-5b6e-4df2-8013-607fe0fb8525";
|
||||
fsType = "ext4";
|
||||
};
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 8;
|
||||
powerManagement.cpuFreqGovernor = "powersave";
|
||||
hardware.pulseaudio.enable = true;
|
||||
}
|
@ -1,200 +0,0 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
<stockholm/jeschli>
|
||||
./hardware-configuration.nix
|
||||
<home-manager/nixos>
|
||||
<stockholm/jeschli/2configs/emacs.nix>
|
||||
<stockholm/jeschli/2configs/urxvt.nix>
|
||||
<stockholm/jeschli/2configs/steam.nix>
|
||||
<stockholm/jeschli/2configs/virtualbox.nix>
|
||||
];
|
||||
krebs.build.host = config.krebs.hosts.brauerei;
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.efiSupport = true;
|
||||
# Define on which hard drive you want to install Grub.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
# or "nodev" for efi only
|
||||
boot.initrd.luks.devices = [ {
|
||||
name = "root";
|
||||
device = "/dev/sda2";
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
} ];
|
||||
networking.networkmanager.enable = true;
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.shellAliases = {
|
||||
# emacs aliases
|
||||
ed = "emacsclient";
|
||||
edc = "emacsclient --create-frame";
|
||||
# nix aliases
|
||||
ns = "nix-shell";
|
||||
# krops
|
||||
deploy = pkgs.writeDash "deploy" ''
|
||||
set -eu
|
||||
export SYSTEM="$1"
|
||||
$(nix-build $HOME/stockholm/jeschli/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
# system helper
|
||||
acpi
|
||||
ag
|
||||
copyq
|
||||
curl
|
||||
dmenu
|
||||
aspell
|
||||
ispell
|
||||
rofi
|
||||
xdotool
|
||||
git
|
||||
gnupg
|
||||
i3lock
|
||||
keepass
|
||||
networkmanagerapplet
|
||||
pavucontrol
|
||||
rsync
|
||||
terminator
|
||||
tmux
|
||||
wget
|
||||
# editors
|
||||
emacs
|
||||
# internet
|
||||
chromium
|
||||
firefox
|
||||
google-chrome
|
||||
thunderbird
|
||||
# programming languages
|
||||
elixir
|
||||
elmPackages.elm
|
||||
exercism
|
||||
gcc9
|
||||
ccls
|
||||
unstable.clang_8
|
||||
ghc
|
||||
go
|
||||
python37
|
||||
python37Packages.pip
|
||||
pipenv
|
||||
# dev tools
|
||||
gnumake
|
||||
jetbrains.clion
|
||||
jetbrains.goland
|
||||
jetbrains.pycharm-professional
|
||||
jetbrains.webstorm
|
||||
vscode
|
||||
# document viewer
|
||||
evince
|
||||
zathura
|
||||
# go tools
|
||||
golint
|
||||
gotools
|
||||
# rust
|
||||
cargo
|
||||
rustracer
|
||||
rustup
|
||||
# orga tools
|
||||
taskwarrior
|
||||
# xorg
|
||||
xorg.xbacklight
|
||||
# tokei
|
||||
tokei
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.bash.enableCompletion = true;
|
||||
# programs.mtr.enable = true;
|
||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||
|
||||
# home-manager.useUserPackages = true;
|
||||
# home-manager.users.jeschli = {
|
||||
# home.stateVersion = "19.03";
|
||||
# };
|
||||
# home-manager.enable = true;
|
||||
|
||||
# home-manager.users.jeschli.home.file = {
|
||||
# ".emacs.d" = {
|
||||
# source = pkgs.fetchFromGitHub {
|
||||
# owner = "jeschli";
|
||||
# repo = "emacs.d";
|
||||
# rev = "8ed6c40";
|
||||
# sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0";
|
||||
# };
|
||||
# recursive = true;
|
||||
# };
|
||||
# };
|
||||
|
||||
# List services that you want to enable:
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
# services.emacs.enable = true;
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
|
||||
desktopManager = {
|
||||
xfce.enable = true;
|
||||
gnome3.enable = true;
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
services.xserver.windowManager.i3.enable = true;
|
||||
|
||||
users.extraUsers.jeschli = { # TODO: define as krebs.users
|
||||
isNormalUser = true;
|
||||
extraGroups = ["docker" "vboxusers" "audio"];
|
||||
uid = 1000;
|
||||
};
|
||||
users.extraUsers.blafoo = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["audio"];
|
||||
uid = 1002;
|
||||
};
|
||||
users.extraUsers.jamie = {
|
||||
isNormalUser = true;
|
||||
uid = 1001; # TODO genid
|
||||
};
|
||||
users.users.dev = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.lass.pubkey
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||
"ssh-rsa AAAAB4NzaC1yc2EAAAADAQABAAACAQC1x9+OtNfwv6LxblnLHeBElxoxLfaYUyvqMrBgnrlkaPjylPv711bvPslnt+YgdPsZQLCoQ2t5f0x0j7ZOMYE9eyRrnr67ITO+Od05u3eCypWOZulekkDL0ZDeYdvoZKOWnbKWnQVRfYuLOEL/g5/9E7MLtIdID8e98b/qHzs/+wmuuDR3zHCNic0BKixgET/EgFvLWezWxJ6D/TTv/5sDAfrC+RUN8ad14sxjKIkS3nkAlm8bhrCxQKaHLUcCJWiweW0gPWYSlp64VHS5lchvqCJlPYQdx0XbwolvlLYru0w74ljLbi3eL35GFFyHSeEjQ73EtVwo53uVKTy7SAORU7JNg6xL9H3ChOLOknN9oHs1K7t/maMsATle0HAFcTuaOhELUmHM8dCJh3nPVWIkzHQ4o3fyaogrpt7/V5j6R1/Ozn7P9n4OdqrjiaWqHlz/XHeYNNWte+a0EW+NubC83yS0Cu3uhZ36C3RET2vNM25CyYOBn4ccClAozayQIb6Cif0tCafMRPgkSlogQd8+SqNZpTnmtllIT3VnT5smgrufy6HETDkrHjApDrsqLtMCFY83RFwt4QLv/L93O7IsGifzmEfD9qD7YBSMNs8ihBIUXPk9doHXvYS506YroxWOxe/C0rzzbaogxQT6JMd1ozfXitRD9v7iBIFAT4Kzjw== christopher.kilian@dcso.de"
|
||||
];
|
||||
};
|
||||
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||
];
|
||||
|
||||
# This value determines the NixOS release with which your system is to be
|
||||
# compatible, in order to avoid breaking some software such as database
|
||||
# servers. You should change this only after NixOS release notes say you
|
||||
# should.
|
||||
system.stateVersion = "17.09"; # Did you read the comment?
|
||||
|
||||
hardware.trackpoint = {
|
||||
enable = true;
|
||||
sensitivity = 220;
|
||||
speed = 0;
|
||||
emulateWheel = true;
|
||||
};
|
||||
|
||||
}
|
@ -1,34 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sdhci_pci" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/e264fc21-45bb-4224-93fc-b0e19c2c3478";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/disk/by-uuid/bd0846ce-7d39-4329-bcb4-7c76becd6ab1";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/42BF-0795";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
hardware.pulseaudio.enable = true;
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
}
|
@ -1,57 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
<stockholm/jeschli>
|
||||
<stockholm/jeschli/2configs/retiolum.nix>
|
||||
<stockholm/jeschli/2configs/IM.nix>
|
||||
<stockholm/jeschli/2configs/git.nix>
|
||||
<stockholm/jeschli/2configs/os-templates/CentOS-7-64bit.nix>
|
||||
{
|
||||
networking.dhcpcd.allowInterfaces = [
|
||||
"enp*"
|
||||
"eth*"
|
||||
"ens*"
|
||||
];
|
||||
}
|
||||
{
|
||||
services.openssh.enable = true;
|
||||
}
|
||||
{
|
||||
sound.enable = false;
|
||||
}
|
||||
{
|
||||
users.extraUsers = {
|
||||
root.initialPassword = "pfeife123";
|
||||
root.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||
];
|
||||
jeschli = {
|
||||
name = "jeschli";
|
||||
uid = 1000;
|
||||
home = "/home/jeschli";
|
||||
group = "users";
|
||||
createHome = true;
|
||||
useDefaultShell = true;
|
||||
extraGroups = [
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
services.taskserver = {
|
||||
enable = true;
|
||||
fqdn = "enklave.r";
|
||||
listenHost = "::";
|
||||
listenPort = 53589;
|
||||
organisations.lass.users = [ "jeschli" ];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 53589 8001 ];
|
||||
}
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.enklave;
|
||||
}
|
@ -1,10 +0,0 @@
|
||||
{
|
||||
services.taskserver = {
|
||||
enable = true;
|
||||
fqdn = "enklave.r";
|
||||
listenHost = "::";
|
||||
listenPort = 53589;
|
||||
organisations.lass.users = [ "jeschli" ];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 53589 ];
|
||||
}
|
@ -1,91 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
<stockholm/jeschli>
|
||||
<stockholm/jeschli/2configs/emacs.nix>
|
||||
<stockholm/jeschli/2configs/firefox.nix>
|
||||
<stockholm/jeschli/2configs/rust.nix>
|
||||
<stockholm/jeschli/2configs/steam.nix>
|
||||
<stockholm/jeschli/2configs/python.nix>
|
||||
./desktop.nix
|
||||
./i3-configuration.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# EFI systemd boot loader
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
# Wireless network with network manager
|
||||
krebs.build.host = config.krebs.hosts.reagenzglas;
|
||||
# networking.hostName = "nixos"; # Define your hostname.
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
# Allow unfree
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n = {
|
||||
consoleKeyMap = "us";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
ag
|
||||
alacritty
|
||||
google-chrome
|
||||
chromium
|
||||
copyq
|
||||
direnv
|
||||
go
|
||||
git
|
||||
gitAndTools.hub
|
||||
sbcl
|
||||
rofi
|
||||
vim
|
||||
wget
|
||||
];
|
||||
|
||||
users.users.ombi = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||
};
|
||||
|
||||
users.users.jeschli = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "audio" ];
|
||||
};
|
||||
|
||||
# services.xserver.synaptics.enable = true;
|
||||
services.xserver.libinput.enable = true;
|
||||
services.xserver.libinput.disableWhileTyping = true;
|
||||
|
||||
hardware.pulseaudio.enable = true;
|
||||
|
||||
#Enable ssh daemon
|
||||
services.openssh.enable = true;
|
||||
|
||||
#Enable clight
|
||||
services.clight.enable = true;
|
||||
services.geoclue2.enable = true;
|
||||
location.provider = "geoclue2";
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM1xtX/SF2IzfAIzrXvH4HsW05eTBX8U8MYlEPadq0DS/nHC45hW2PSEUOVsH0UhBRAB+yClVLyN+JAYsuOoQacQqAVq9R7HAoFITdYTMJCxVs4urSRv0pWwTopRIh1rlI+Q0QfdMoeVtO2ZKG3KoRM+APDy2dsX8LTtWjXmh/ZCtpGl1O8TZtz2ZyXyv9OVDPnQiFwPU3Jqs2Z036c+kwxWlxYc55FRuqwRtQ48c/ilPMu+ZvQ22j1Ch8lNuliyAg1b8pZdOkMJF3R8b46IQ8FEqkr3L1YQygYw2M50B629FPgHgeGPMz3mVd+5lzP+okbhPJjMrUqZAUwbMGwGzZ ombi@nixos"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXgtbgeivxlMKkoEJ4ANhtR+LRMSPrsmL4U5grFUME jeschli@nixos"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG7C3bgoL9VeVl8pgu8sp3PCOs6TXk4R9y7JKJAHGsfm root@baeckerei"
|
||||
];
|
||||
|
||||
# This value determines the NixOS release with which your system is to be
|
||||
# compatible, in order to avoid breaking some software such as database
|
||||
# servers. You should change this only after NixOS release notes say you
|
||||
# should.
|
||||
system.stateVersion = "19.03"; # Did you read the comment?
|
||||
|
||||
}
|
@ -1,25 +0,0 @@
|
||||
# Configuration for the desktop environment
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
# Configure basic X-server stuff:
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
xkbOptions = "caps:super";
|
||||
exportConfiguration = true;
|
||||
|
||||
displayManager.lightdm.enable = true;
|
||||
};
|
||||
|
||||
# Configure fonts
|
||||
fonts = {
|
||||
fonts = with pkgs; [
|
||||
corefonts
|
||||
font-awesome-ttf
|
||||
noto-fonts-cjk
|
||||
noto-fonts-emoji
|
||||
powerline-fonts
|
||||
helvetica-neue-lt-std
|
||||
];
|
||||
};
|
||||
}
|
@ -1,37 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.initrd.luks.devices = [
|
||||
{
|
||||
name = "root";
|
||||
device = "/dev/nvme0n1p8";
|
||||
preLVM = true;
|
||||
}
|
||||
];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/4d01936e-c876-42c3-962a-d4a20ad0e2e0";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/D455-E4CC";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 8;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
@ -1,181 +0,0 @@
|
||||
{pkgs, environment, config, lib, ... }:
|
||||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
i3_config_file = pkgs.writeText "config" ''
|
||||
set $mod Mod4
|
||||
|
||||
font pango:monospace 8
|
||||
|
||||
#font pango:DejaVu Sans Mono 8
|
||||
|
||||
# Before i3 v4.8, we used to recommend this one as the default:
|
||||
# font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1
|
||||
# The font above is very space-efficient, that is, it looks good, sharp and
|
||||
# clear in small sizes. However, its unicode glyph coverage is limited, the old
|
||||
# X core fonts rendering does not support right-to-left and this being a bitmap
|
||||
# font, it doesn’t scale on retina/hidpi displays.
|
||||
|
||||
# Use Mouse+$mod to drag floating windows to their wanted position
|
||||
floating_modifier $mod
|
||||
|
||||
# start a terminal
|
||||
bindsym $mod+Return exec alacritty
|
||||
|
||||
# kill focused window
|
||||
bindsym $mod+Shift+q kill
|
||||
|
||||
# start dmenu (a program launcher)
|
||||
# bindsym $mod+d exec dmenu_run
|
||||
|
||||
# start dmenu (a program launcher)
|
||||
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
|
||||
|
||||
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
|
||||
|
||||
bindsym $mod+F1 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput disable
|
||||
bindsym $mod+F2 exec xinput --list | grep Touchpad | sed 's/.*id=\([0-9][0-9]\).*/\1/' | xargs xinput enable
|
||||
|
||||
# There also is the (new) i3-dmenu-desktop which only displays applications
|
||||
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
|
||||
# installed.
|
||||
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop
|
||||
|
||||
# change focus
|
||||
bindsym $mod+j focus left
|
||||
bindsym $mod+k focus down
|
||||
bindsym $mod+l focus up
|
||||
bindsym $mod+semicolon focus right
|
||||
|
||||
# alternatively, you can use the cursor keys:
|
||||
bindsym $mod+Left focus left
|
||||
bindsym $mod+Down focus down
|
||||
bindsym $mod+Up focus up
|
||||
bindsym $mod+Right focus right
|
||||
|
||||
# move focused window
|
||||
bindsym $mod+Shift+j move left
|
||||
bindsym $mod+Shift+k move down
|
||||
bindsym $mod+Shift+l move up
|
||||
bindsym $mod+Shift+colon move right
|
||||
|
||||
# alternatively, you can use the cursor keys:
|
||||
bindsym $mod+Shift+Left move left
|
||||
bindsym $mod+Shift+Down move down
|
||||
bindsym $mod+Shift+Up move up
|
||||
bindsym $mod+Shift+Right move right
|
||||
|
||||
# split in horizontal orientation
|
||||
bindsym $mod+h split h
|
||||
|
||||
# split in vertical orientation
|
||||
bindsym $mod+v split v
|
||||
|
||||
# enter fullscreen mode for the focused container
|
||||
bindsym $mod+f fullscreen toggle
|
||||
|
||||
# change container layout (stacked, tabbed, toggle split)
|
||||
bindsym $mod+s layout stacking
|
||||
bindsym $mod+w layout tabbed
|
||||
bindsym $mod+e layout toggle split
|
||||
|
||||
# toggle tiling / floating
|
||||
bindsym $mod+Shift+space floating toggle
|
||||
|
||||
# change focus between tiling / floating windows
|
||||
bindsym $mod+space focus mode_toggle
|
||||
|
||||
# focus the parent container
|
||||
bindsym $mod+a focus parent
|
||||
|
||||
# focus the child container
|
||||
#bindsym $mod+d focus child
|
||||
|
||||
# Define names for default workspaces for which we configure key bindings later on.
|
||||
# We use variables to avoid repeating the names in multiple places.
|
||||
set $ws1 "1"
|
||||
set $ws2 "2"
|
||||
set $ws3 "3"
|
||||
set $ws4 "4"
|
||||
set $ws5 "5"
|
||||
set $ws6 "6"
|
||||
set $ws7 "7"
|
||||
set $ws8 "8"
|
||||
set $ws9 "9"
|
||||
set $ws10 "10"
|
||||
|
||||
# switch to workspace
|
||||
bindsym $mod+1 workspace $ws1
|
||||
bindsym $mod+2 workspace $ws2
|
||||
bindsym $mod+3 workspace $ws3
|
||||
bindsym $mod+4 workspace $ws4
|
||||
bindsym $mod+5 workspace $ws5
|
||||
bindsym $mod+6 workspace $ws6
|
||||
bindsym $mod+7 workspace $ws7
|
||||
bindsym $mod+8 workspace $ws8
|
||||
bindsym $mod+9 workspace $ws9
|
||||
bindsym $mod+0 workspace $ws10
|
||||
|
||||
# move focused container to workspace
|
||||
bindsym $mod+Shift+1 move container to workspace $ws1
|
||||
bindsym $mod+Shift+2 move container to workspace $ws2
|
||||
bindsym $mod+Shift+3 move container to workspace $ws3
|
||||
bindsym $mod+Shift+4 move container to workspace $ws4
|
||||
bindsym $mod+Shift+5 move container to workspace $ws5
|
||||
bindsym $mod+Shift+6 move container to workspace $ws6
|
||||
bindsym $mod+Shift+7 move container to workspace $ws7
|
||||
bindsym $mod+Shift+8 move container to workspace $ws8
|
||||
bindsym $mod+Shift+9 move container to workspace $ws9
|
||||
bindsym $mod+Shift+0 move container to workspace $ws10
|
||||
|
||||
# reload the configuration file
|
||||
bindsym $mod+Shift+c reload
|
||||
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
|
||||
bindsym $mod+Shift+r restart
|
||||
# exit i3 (logs you out of your X session)
|
||||
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
|
||||
|
||||
# resize window (you can also use the mouse for that)
|
||||
mode "resize" {
|
||||
# These bindings trigger as soon as you enter the resize mode
|
||||
|
||||
# Pressing left will shrink the window’s width.
|
||||
# Pressing right will grow the window’s width.
|
||||
# Pressing up will shrink the window’s height.
|
||||
# Pressing down will grow the window’s height.
|
||||
bindsym j resize shrink width 10 px or 10 ppt
|
||||
bindsym k resize grow height 10 px or 10 ppt
|
||||
bindsym l resize shrink height 10 px or 10 ppt
|
||||
bindsym semicolon resize grow width 10 px or 10 ppt
|
||||
|
||||
# same bindings, but for the arrow keys
|
||||
bindsym Left resize shrink width 10 px or 10 ppt
|
||||
bindsym Down resize grow height 10 px or 10 ppt
|
||||
bindsym Up resize shrink height 10 px or 10 ppt
|
||||
bindsym Right resize grow width 10 px or 10 ppt
|
||||
|
||||
# back to normal: Enter or Escape or $mod+r
|
||||
bindsym Return mode "default"
|
||||
bindsym Escape mode "default"
|
||||
bindsym $mod+r mode "default"
|
||||
}
|
||||
|
||||
bindsym $mod+r mode "resize"
|
||||
|
||||
# Start i3bar to display a workspace bar (plus the system information i3status
|
||||
# finds out, if available)
|
||||
bar {
|
||||
status_command i3status
|
||||
}
|
||||
'';
|
||||
|
||||
in {
|
||||
|
||||
services.xserver.windowManager.i3 = {
|
||||
enable = true;
|
||||
package = pkgs.i3;
|
||||
configFile = i3_config_file;
|
||||
};
|
||||
|
||||
}
|
@ -1,57 +0,0 @@
|
||||
with (import <stockholm/lib>);
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
tmux = pkgs.writeDashBin "tmux" ''
|
||||
export TERM=xterm-256color
|
||||
exec ${pkgs.tmux}/bin/tmux -f ${pkgs.writeText "tmux.conf" ''
|
||||
set-option -g default-terminal screen-256color
|
||||
''} "$@"
|
||||
'';
|
||||
in {
|
||||
|
||||
services.bitlbee = {
|
||||
enable = true;
|
||||
portNumber = 6666;
|
||||
plugins = [
|
||||
pkgs.bitlbee-facebook
|
||||
pkgs.bitlbee-steam
|
||||
pkgs.bitlbee-discord
|
||||
];
|
||||
libpurple_plugins = [ pkgs.telegram-purple ];
|
||||
};
|
||||
|
||||
users.extraUsers.chat = {
|
||||
home = "/home/chat";
|
||||
uid = genid "chat";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||
jeschli.pubkey
|
||||
jeschli-bln.pubkey
|
||||
jeschli-brauerei.pubkey
|
||||
jeschli-bolide.pubkey
|
||||
];
|
||||
packages = [ tmux ];
|
||||
};
|
||||
|
||||
|
||||
systemd.services.chat = {
|
||||
description = "chat environment setup";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
restartIfChanged = false;
|
||||
|
||||
path = [
|
||||
pkgs.rxvt_unicode.terminfo
|
||||
];
|
||||
|
||||
serviceConfig = {
|
||||
User = "chat";
|
||||
RemainAfterExit = true;
|
||||
Type = "oneshot";
|
||||
ExecStart = "${tmux}/bin/tmux -2 new-session -d -s IM ${pkgs.weechat}/bin/weechat";
|
||||
ExecStop = "${tmux}/bin/tmux kill-session -t IM";
|
||||
};
|
||||
};
|
||||
}
|
@ -1,72 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
imports = [
|
||||
# ./vim.nix
|
||||
./retiolum.nix
|
||||
./zsh.nix
|
||||
<stockholm/lass/2configs/security-workarounds.nix>
|
||||
{
|
||||
environment.variables = {
|
||||
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
#stockholm
|
||||
git
|
||||
gnumake
|
||||
jq
|
||||
parallel
|
||||
proot
|
||||
populate
|
||||
|
||||
# aliases
|
||||
(writeDashBin "irc" "ssh chat@enklave -t tmux a")
|
||||
|
||||
#style
|
||||
most
|
||||
rxvt_unicode.terminfo
|
||||
|
||||
#monitoring tools
|
||||
htop
|
||||
iotop
|
||||
|
||||
#network
|
||||
iptables
|
||||
iftop
|
||||
|
||||
#stuff for dl
|
||||
aria2
|
||||
|
||||
#neat utils
|
||||
file
|
||||
kpaste
|
||||
krebspaste
|
||||
mosh
|
||||
pciutils
|
||||
psmisc
|
||||
# q
|
||||
# rs
|
||||
tmux
|
||||
untilport
|
||||
usbutils
|
||||
# logify
|
||||
goify
|
||||
vim
|
||||
#unpack stuff
|
||||
p7zip
|
||||
unzip
|
||||
unrar
|
||||
|
||||
(pkgs.writeDashBin "sshn" ''
|
||||
${pkgs.openssh}/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$@"
|
||||
'')
|
||||
];
|
||||
|
||||
krebs.enable = true;
|
||||
networking.hostName = config.krebs.build.host.name;
|
||||
}
|
@ -1 +0,0 @@
|
||||
Subproject commit 279d6a01f5abbab5d28d3a57549b7fec800a510e
|
File diff suppressed because it is too large
Load Diff
@ -1,119 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
pkgsWithOverlay = import <nixpkgs-unstable> {
|
||||
overlays = [
|
||||
(import (builtins.fetchTarball {
|
||||
url = https://github.com/nix-community/emacs-overlay/archive/403c14c23be188b58c0b1bc197b428041d8a0cea.tar.gz;
|
||||
}))
|
||||
];
|
||||
};
|
||||
|
||||
# The emacs packages that I use
|
||||
# I differ between
|
||||
# - stable (Packages that I use for some time - happy with it)
|
||||
# - unstable (Packages that I use for some time - but may drop)
|
||||
# - testing (Packages that I try out - the new stuff)
|
||||
emacsPkgs = epkgs:
|
||||
(with epkgs.melpaPackages ;
|
||||
|
||||
## windows-purpose (testing)
|
||||
[ window-purpose ] ++
|
||||
|
||||
## helm (stable)
|
||||
# emacs completion engine
|
||||
[ helm helm-ag ] ++
|
||||
|
||||
## deft (testing)
|
||||
# text search for a directory
|
||||
[ deft ] ++
|
||||
|
||||
## lsp mode (unstable)
|
||||
# Language Server Protocol mode
|
||||
# Used for rust
|
||||
[ company-lsp dap-mode helm-lsp lsp-mode lsp-treemacs lsp-ui ] ++
|
||||
|
||||
## emacs convenience (stable)
|
||||
# Mixed and general purpose
|
||||
[ ag company direnv evil google-this spacemacs-theme ] ++
|
||||
|
||||
## common lisp (testing)
|
||||
[ slime ] ++
|
||||
|
||||
## magit (stable)
|
||||
[ magit ] ++
|
||||
|
||||
## bunch of programming languages (unstable)
|
||||
[ go-mode haskell-mode nix-mode ] ++
|
||||
|
||||
## rust (unstable)
|
||||
[ racer rust-mode ] ++
|
||||
|
||||
## python (stable)
|
||||
# Python IDE for emacs
|
||||
[ elpy ]) ++
|
||||
|
||||
## org-mode
|
||||
# Org-Mode has several extensions
|
||||
# and can be seen as an application of its own.
|
||||
(with epkgs.melpaPackages ;
|
||||
# testing
|
||||
[ org-super-agenda org-bullets org-ql ] ++
|
||||
# unstable
|
||||
[ smex org-mime orgit ]
|
||||
) ++
|
||||
|
||||
# stable
|
||||
(with epkgs.orgPackages ;
|
||||
[ org-plus-contrib ]) ++
|
||||
|
||||
# stable
|
||||
(with epkgs.elpaPackages ;
|
||||
[ bbdb which-key ]);
|
||||
|
||||
# ## EXWM related (unstable)
|
||||
# epkgs.exwm
|
||||
# epkgs.melpaPackages.desktop-environment
|
||||
# epkgs.melpaPackages.helm-exwm
|
||||
# ];
|
||||
|
||||
emacsWithOverlay = pkgsWithOverlay.emacsWithPackagesFromUsePackage {
|
||||
config = builtins.readFile ./elisp/init.el;
|
||||
# Package is optional, defaults to pkgs.emacs
|
||||
package = pkgsWithOverlay.emacsGit;
|
||||
# Optionally provide extra packages not in the configuration file
|
||||
extraEmacsPackages = emacsPkgs;
|
||||
};
|
||||
|
||||
myEmacs = pkgs.writeDashBin "my-emacs" ''
|
||||
exec ${emacsWithOverlay}/bin/emacs -q "$@"
|
||||
'';
|
||||
|
||||
myEmacsWithDaemon = pkgs.writeDashBin "my-emacs-daemon" ''
|
||||
exec ${emacsWithOverlay}/bin/emacs -q --daemon -l ${./elisp/init.el}
|
||||
'';
|
||||
|
||||
myEmacsClient = pkgs.writeDashBin "meclient" ''
|
||||
exec ${emacsWithOverlay}/bin/emacsclient --create-frame "$@"
|
||||
'';
|
||||
in {
|
||||
environment.systemPackages = [
|
||||
myEmacs myEmacsWithDaemon myEmacsClient emacsWithOverlay
|
||||
];
|
||||
|
||||
## EXWM Config
|
||||
# services.xserver = {
|
||||
# enable = true;
|
||||
# xkbOptions = "caps:super";
|
||||
# exportConfiguration = true;
|
||||
#
|
||||
# displayManager.slim.enable = true;
|
||||
# windowManager.default = "exwm";
|
||||
#
|
||||
# # Set up the login session
|
||||
# windowManager.session = [{
|
||||
# name = "exwm";
|
||||
# start = "${emacsWithOverlay}/bin/emacs -q -l " + builtins.toString ./elisp/init.el;
|
||||
# }];
|
||||
# };
|
||||
}
|
@ -1,44 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
|
||||
wrapper = pkgs.callPackage ../5pkgs/firefox/firefox-with-config.nix { };
|
||||
myFirefox = wrapper pkgs.firefox-unwrapped {
|
||||
|
||||
# these plugins are defined in 5pkgs/firefox
|
||||
extraExtensions = with pkgs ; [
|
||||
dark-reader
|
||||
https-everywhere
|
||||
ublock-origin
|
||||
audio-fingerprint-defender
|
||||
canvas-fingerprint-defender
|
||||
webgl-fingerprint-defender
|
||||
font-fingerprint-defender
|
||||
user-agent-switcher
|
||||
];
|
||||
|
||||
extraPolicies = {
|
||||
CaptivePortal = false;
|
||||
};
|
||||
|
||||
disablePocket = true;
|
||||
disableFirefoxSync = true;
|
||||
allowNonSigned = true;
|
||||
clearDataOnShutdown = true;
|
||||
disableDrmPlugin = true;
|
||||
|
||||
};
|
||||
|
||||
in {
|
||||
|
||||
|
||||
environment.variables = {
|
||||
BROWSER = ["firefox"];
|
||||
};
|
||||
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
myFirefox
|
||||
];
|
||||
|
||||
}
|
@ -1,78 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
|
||||
out = {
|
||||
services.nginx.enable = true;
|
||||
krebs.git = {
|
||||
enable = true;
|
||||
cgit = {
|
||||
settings = {
|
||||
root-title = "public repositories at ${config.krebs.build.host.name}";
|
||||
root-desc = "keep calm and engage";
|
||||
};
|
||||
enable = true;
|
||||
};
|
||||
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
|
||||
rules = rules;
|
||||
};
|
||||
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
|
||||
];
|
||||
};
|
||||
|
||||
repos = public-repos;
|
||||
|
||||
rules = concatMap make-rules (attrValues repos);
|
||||
|
||||
public-repos = mapAttrs make-public-repo {
|
||||
stockholm = {
|
||||
cgit.desc = "Bonbon aus Git - die ganze Nacht";
|
||||
};
|
||||
krebs-page = {
|
||||
cgit.desc = "Die Krebs Page";
|
||||
};
|
||||
xmonad-stockholm = {
|
||||
cgit.desc = "XMonad Stockholm";
|
||||
};
|
||||
};
|
||||
|
||||
make-public-repo = name: { cgit ? {}, ... }: {
|
||||
inherit cgit name;
|
||||
public = true;
|
||||
hooks = {
|
||||
post-receive = pkgs.git-hooks.irc-announce {
|
||||
channel = "#xxx";
|
||||
nick = config.krebs.build.host.name;
|
||||
refs = [
|
||||
"refs/heads/master"
|
||||
];
|
||||
server = "irc.r";
|
||||
verbose = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
make-rules =
|
||||
with git // config.krebs.users;
|
||||
repo:
|
||||
singleton {
|
||||
user = [ jeschli jeschli-brauerei jeschli-bolide];
|
||||
repo = [ repo ];
|
||||
perm = push "refs/*" [ non-fast-forward create delete merge ];
|
||||
} ++
|
||||
optional repo.public {
|
||||
user = attrValues config.krebs.users;
|
||||
repo = [ repo ];
|
||||
perm = fetch;
|
||||
} ++
|
||||
optional (length (repo.collaborators or []) > 0) {
|
||||
user = repo.collaborators;
|
||||
repo = [ repo ];
|
||||
perm = fetch;
|
||||
};
|
||||
|
||||
in out
|
@ -1,18 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
let
|
||||
all-hies = import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master") {};
|
||||
in
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
cabal2nix
|
||||
gcc
|
||||
ghc
|
||||
haskellPackages.cabal-install
|
||||
haskellPackages.ghcid
|
||||
haskellPackages.hindent
|
||||
haskellPackages.hlint
|
||||
haskellPackages.hoogle
|
||||
haskellPackages.stack
|
||||
(all-hies.selection { selector = p: {inherit (p) ghc864; }; })
|
||||
];
|
||||
}
|
@ -1,9 +0,0 @@
|
||||
{
|
||||
imports = [
|
||||
<home-manager/nixos>
|
||||
];
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users.jeschli = {
|
||||
home.stateVersion = "19.03";
|
||||
};
|
||||
}
|
@ -1,247 +0,0 @@
|
||||
{pkgs, environment, config, lib, ... }:
|
||||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
|
||||
i3_conf_file = pkgs.writeText "config" ''
|
||||
|
||||
# i3 config file (v4)
|
||||
# doc: https://i3wm.org/docs/userguide.html
|
||||
|
||||
set $mod Mod4
|
||||
|
||||
# Font for window titles. Will also be used by the bar unless a different font
|
||||
# is used in the bar {} block below.
|
||||
font pango:monospace 8
|
||||
|
||||
# Use Mouse+$mod to drag floating windows to their wanted position
|
||||
floating_modifier $mod
|
||||
|
||||
# start a terminal
|
||||
bindsym $mod+Return exec i3-sensible-terminal
|
||||
|
||||
# kill focused window
|
||||
bindsym $mod+Shift+q kill
|
||||
|
||||
# start rofi program launcher
|
||||
bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run
|
||||
# Switch windows with rofi
|
||||
bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select
|
||||
|
||||
# There also is the (new) i3-dmenu-desktop which only displays applications
|
||||
# shipping a .desktop file. It is a wrapper around dmenu, so you need that
|
||||
# installed.
|
||||
# bindsym $mod+d exec --no-startup-id i3-dmenu-desktop
|
||||
|
||||
# change focus
|
||||
bindsym $mod+j focus left
|
||||
bindsym $mod+k focus down
|
||||
bindsym $mod+l focus up
|
||||
bindsym $mod+semicolon focus right
|
||||
|
||||
# alternatively, you can use the cursor keys:
|
||||
bindsym $mod+Left focus left
|
||||
bindsym $mod+Down focus down
|
||||
bindsym $mod+Up focus up
|
||||
bindsym $mod+Right focus right
|
||||
|
||||
# move focused window
|
||||
bindsym $mod+Shift+j move left
|
||||
bindsym $mod+Shift+k move down
|
||||
bindsym $mod+Shift+l move up
|
||||
bindsym $mod+Shift+semicolon move right
|
||||
|
||||
# alternatively, you can use the cursor keys:
|
||||
bindsym $mod+Shift+Left move left
|
||||
bindsym $mod+Shift+Down move down
|
||||
bindsym $mod+Shift+Up move up
|
||||
bindsym $mod+Shift+Right move right
|
||||
|
||||
# split in horizontal orientation
|
||||
bindsym $mod+h split h
|
||||
|
||||
# split in vertical orientation
|
||||
bindsym $mod+v split v
|
||||
|
||||
# enter fullscreen mode for the focused container
|
||||
bindsym $mod+f fullscreen toggle
|
||||
|
||||
# change container layout (stacked, tabbed, toggle split)
|
||||
bindsym $mod+s layout stacking
|
||||
bindsym $mod+w layout tabbed
|
||||
bindsym $mod+e layout toggle split
|
||||
|
||||
# toggle tiling / floating
|
||||
bindsym $mod+Shift+space floating toggle
|
||||
|
||||
# change focus between tiling / floating windows
|
||||
bindsym $mod+space focus mode_toggle
|
||||
|
||||
# focus the parent container
|
||||
bindsym $mod+a focus parent
|
||||
|
||||
# focus the child container
|
||||
#bindsym $mod+d focus child
|
||||
|
||||
# Define names for default workspaces for which we configure key bindings later on.
|
||||
# We use variables to avoid repeating the names in multiple places.
|
||||
set $ws1 "1"
|
||||
set $ws2 "2"
|
||||
set $ws3 "3: Emacs"
|
||||
set $ws4 "4"
|
||||
set $ws5 "5"
|
||||
set $ws6 "6"
|
||||
set $ws7 "7"
|
||||
set $ws8 "8"
|
||||
set $ws9 "9"
|
||||
set $ws10 "10"
|
||||
|
||||
assign [class="emacs"] $ws3
|
||||
|
||||
# switch to workspace
|
||||
bindsym $mod+1 workspace $ws1
|
||||
bindsym $mod+2 workspace $ws2
|
||||
bindsym $mod+3 workspace $ws3
|
||||
bindsym $mod+4 workspace $ws4
|
||||
bindsym $mod+5 workspace $ws5
|
||||
bindsym $mod+6 workspace $ws6
|
||||
bindsym $mod+7 workspace $ws7
|
||||
bindsym $mod+8 workspace $ws8
|
||||
bindsym $mod+9 workspace $ws9
|
||||
bindsym $mod+0 workspace $ws10
|
||||
|
||||
# move focused container to workspace
|
||||
bindsym $mod+Shift+1 move container to workspace $ws1
|
||||
bindsym $mod+Shift+2 move container to workspace $ws2
|
||||
bindsym $mod+Shift+3 move container to workspace $ws3
|
||||
bindsym $mod+Shift+4 move container to workspace $ws4
|
||||
bindsym $mod+Shift+5 move container to workspace $ws5
|
||||
bindsym $mod+Shift+6 move container to workspace $ws6
|
||||
bindsym $mod+Shift+7 move container to workspace $ws7
|
||||
bindsym $mod+Shift+8 move container to workspace $ws8
|
||||
bindsym $mod+Shift+9 move container to workspace $ws9
|
||||
bindsym $mod+Shift+0 move container to workspace $ws10
|
||||
|
||||
# reload the configuration file
|
||||
bindsym $mod+Shift+c reload
|
||||
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
|
||||
bindsym $mod+Shift+r restart
|
||||
# exit i3 (logs you out of your X session)
|
||||
bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"
|
||||
|
||||
# resize window (you can also use the mouse for that)
|
||||
mode "resize" {
|
||||
# These bindings trigger as soon as you enter the resize mode
|
||||
|
||||
# Pressing left will shrink the window’s width.
|
||||
# Pressing right will grow the window’s width.
|
||||
# Pressing up will shrink the window’s height.
|
||||
# Pressing down will grow the window’s height.
|
||||
bindsym j resize shrink width 10 px or 10 ppt
|
||||
bindsym k resize grow height 10 px or 10 ppt
|
||||
bindsym l resize shrink height 10 px or 10 ppt
|
||||
bindsym semicolon resize grow width 10 px or 10 ppt
|
||||
|
||||
# same bindings, but for the arrow keys
|
||||
bindsym Left resize shrink width 10 px or 10 ppt
|
||||
bindsym Down resize grow height 10 px or 10 ppt
|
||||
bindsym Up resize shrink height 10 px or 10 ppt
|
||||
bindsym Right resize grow width 10 px or 10 ppt
|
||||
|
||||
# back to normal: Enter or Escape or $mod+r
|
||||
bindsym Return mode "default"
|
||||
bindsym Escape mode "default"
|
||||
bindsym $mod+r mode "default"
|
||||
}
|
||||
|
||||
bindsym $mod+r mode "resize"
|
||||
|
||||
bar {
|
||||
status_command i3status
|
||||
position top
|
||||
}
|
||||
|
||||
#######################
|
||||
# #
|
||||
# AUTORUNS #
|
||||
# #
|
||||
#######################
|
||||
# Start firefox
|
||||
exec --no-startup-id ${pkgs.firefox}/bin/firefox --new-instance --setDefaultBrowser
|
||||
|
||||
# Start my-emacs server
|
||||
exec --no-startup-id my-emacs-daemon
|
||||
'';
|
||||
|
||||
in {
|
||||
|
||||
#######################
|
||||
# #
|
||||
# AUTORANDR #
|
||||
# #
|
||||
#######################
|
||||
|
||||
# Start autorandr on display change
|
||||
services.autorandr = {
|
||||
enable = true;
|
||||
defaultTarget = "mobile";
|
||||
};
|
||||
|
||||
# What to execute after resolution has been changed
|
||||
environment.etc."xdg/autorandr/postswitch" = {
|
||||
text = '' sleep 4 && i3-msg "restart" '';
|
||||
|
||||
};
|
||||
|
||||
# Start autorandr once on startup
|
||||
systemd.user.services.boot-autorandr = {
|
||||
description = "Autorandr service";
|
||||
partOf = [ "graphical-session.target" ];
|
||||
wantedBy = [ "graphical-session.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.autorandr}/bin/autorandr -c";
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
||||
#######################
|
||||
# #
|
||||
# XSERVER #
|
||||
# #
|
||||
#######################
|
||||
services.xserver.enable = true;
|
||||
|
||||
# Enable i3 Window Manager
|
||||
services.xserver.windowManager.i3 = {
|
||||
enable = true;
|
||||
package = pkgs.i3;
|
||||
configFile = i3_conf_file;
|
||||
};
|
||||
|
||||
|
||||
# ${pkgs.xorg.xhost}/bin/xhost +SI:localuser:${cfg.user.name}
|
||||
# ${pkgs.xorg.xhost}/bin/xhost -LOCAL:
|
||||
services.xserver.windowManager.default = "i3";
|
||||
services.xserver.desktopManager.xterm.enable = false;
|
||||
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
services.xserver.displayManager.lightdm.enable = true;
|
||||
|
||||
# Allow users in video group to change brightness
|
||||
environment.systemPackages = with pkgs; [
|
||||
rofi # Dmenu replacement
|
||||
acpilight # Replacement for xbacklight
|
||||
brightnessctl
|
||||
arandr # Xrandr gui
|
||||
feh
|
||||
wirelesstools # To get wireless statistics
|
||||
acpi
|
||||
xorg.xhost
|
||||
xorg.xauth
|
||||
];
|
||||
|
||||
}
|
@ -1,19 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
openvpn = pkgs.openvpn.override { pkcs11Support = true; useSystemd = false;};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
opensc
|
||||
openvpn
|
||||
yubikey-manager
|
||||
];
|
||||
|
||||
services.pcscd.enable = true;
|
||||
|
||||
# To start the vpn manually execute
|
||||
# $ openvpn --config clien.ovpn
|
||||
}
|
||||
|
@ -1,16 +0,0 @@
|
||||
_:
|
||||
|
||||
{
|
||||
imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
|
||||
|
||||
boot.loader.grub = {
|
||||
device = "/dev/sda";
|
||||
splashImage = null;
|
||||
};
|
||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/sda1";
|
||||
fsType = "ext4";
|
||||
};
|
||||
}
|
@ -1,9 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
python37
|
||||
python37Packages.pip
|
||||
pipenv
|
||||
];
|
||||
}
|
@ -1,26 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
|
||||
krebs.tinc.retiolum = {
|
||||
enable = true;
|
||||
connectTo = [
|
||||
"prism"
|
||||
"gum"
|
||||
"ni"
|
||||
"dishfire"
|
||||
"enklave"
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
tinc = pkgs.tinc_pre;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 655 ];
|
||||
networking.firewall.allowedUDPPorts = [ 655 ];
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.tinc
|
||||
];
|
||||
}
|
@ -1,8 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
rustup
|
||||
gcc
|
||||
];
|
||||
}
|
@ -1,12 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
|
||||
nixpkgs.config.steam.java = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
steam
|
||||
];
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
|
||||
#ports for inhome streaming
|
||||
}
|
@ -1,39 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
options.jeschliFontSize = mkOption {
|
||||
type = types.int;
|
||||
default = 12;
|
||||
};
|
||||
config = {
|
||||
services.urxvtd.enable = true;
|
||||
krebs.xresources.enable = true;
|
||||
krebs.xresources.resources.urxvt = ''
|
||||
*foreground: rgb:a8/a8/a8
|
||||
*background: rgb:00/00/00
|
||||
*faceName: DejaVu Sans Mono
|
||||
*faceSize: ${toString config.jeschliFontSize}
|
||||
*color0: rgb:00/00/00
|
||||
*color1: rgb:a8/00/00
|
||||
*color2: rgb:00/a8/00
|
||||
*color3: rgb:a8/54/00
|
||||
*color4: rgb:26/8b/d2
|
||||
*color5: rgb:a8/00/a8
|
||||
*color6: rgb:00/a8/a8
|
||||
*color7: rgb:a8/a8/a8
|
||||
*color8: rgb:54/54/54
|
||||
*color9: rgb:fc/54/54
|
||||
*color10: rgb:54/fc/54
|
||||
*color11: rgb:fc/fc/54
|
||||
*color12: rgb:54/54/fc
|
||||
*color13: rgb:fc/54/fc
|
||||
*color14: rgb:54/fc/fc
|
||||
*color15: rgb:fc/fc/fc
|
||||
|
||||
URxvt*scrollBar: false
|
||||
URxvt*urgentOnBell: true
|
||||
URxvt*font: xft:DejaVu Sans Mono:pixelsize=${toString config.jeschliFontSize}
|
||||
URXvt*faceSize: ${toString config.jeschliFontSize}
|
||||
'';
|
||||
};
|
||||
}
|
@ -1,151 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
customPlugins.vim-javascript = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "vim-javascript";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "pangloss";
|
||||
repo = "vim-javascript";
|
||||
rev = "1.2.5.1";
|
||||
sha256 = "08l7ricd3j5h2bj9i566byh39v9n5wj5mj75f2c8a5dsc732b2k7";
|
||||
};
|
||||
};
|
||||
customPlugins.vim-jsx = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "vim-jsx";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "mxw";
|
||||
repo = "vim-jsx";
|
||||
rev = "5b968dfa512c57c38ad7fe420f3e8ab75a73949a";
|
||||
sha256 = "1z3yhhbmbzfw68qjzyvpbmlyv2a1p814sy5q2knn04kcl30vx94a";
|
||||
};
|
||||
};
|
||||
customPlugins.vim-fileline = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "file-line-1.0";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "bogado";
|
||||
repo = "file-line";
|
||||
rev = "1.0";
|
||||
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
|
||||
};
|
||||
};
|
||||
in {
|
||||
environment.systemPackages = [
|
||||
(pkgs.vim_configurable.customize {
|
||||
name = "vim";
|
||||
vimrcConfig.customRC = let
|
||||
colorscheme = ''colorscheme molokai'';
|
||||
highlightTrailingWhiteSpaces = ''
|
||||
au Syntax * syn match Garbage containedin=ALL /\s\+$/
|
||||
'';
|
||||
setStatements = ''
|
||||
set autowrite
|
||||
set clipboard=unnamedplus
|
||||
set listchars=trail:¶
|
||||
set mouse=a
|
||||
set nocompatible
|
||||
set path+=**
|
||||
set ruler
|
||||
set undodir=$HOME/.vim/undo "directory where the undo files will be stored
|
||||
set undofile "turn on the feature
|
||||
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
|
||||
set wildmenu
|
||||
'';
|
||||
remapStatements = ''
|
||||
imap jk <Esc>
|
||||
map gr :GoRun<Enter> " Map gr to execute go run
|
||||
map tt :GoTest<Enter> " Map tt to execute go test
|
||||
map nf :NERDTreeToggle<CR>
|
||||
nnoremap <C-TAB> <c-w><c-w>
|
||||
nnoremap <S-TAB> :bnext<CR>
|
||||
noremap x "_x
|
||||
vmap v v
|
||||
'';
|
||||
settingsForGo = ''
|
||||
let g:go_decls_includes = "func,type"
|
||||
let g:go_def_mode = 'godef'
|
||||
let g:go_fmt_command = "goimports"
|
||||
let g:go_highlight_extra_types = 1
|
||||
let g:go_highlight_fields = 1
|
||||
let g:go_highlight_functions = 1
|
||||
let g:go_highlight_methods = 1
|
||||
let g:go_highlight_types = 1
|
||||
let g:go_list_type = "quickfix"
|
||||
let g:go_metalinter_autosave = 1
|
||||
let g:go_metalinter_enabled = ['vet', 'golint', 'errcheck']
|
||||
let g:go_snippet_case_type = "camelcase"
|
||||
let g:go_test_timeout = '10s'
|
||||
let g:jsx_ext_required = 0
|
||||
let g:molokai_original = 1
|
||||
let g:rehash256 = 1
|
||||
'';
|
||||
settingsForElm = ''
|
||||
let g:polyglot_disabled = ['elm']
|
||||
let g:elm_detailed_complete = 1
|
||||
let g:elm_format_autosave = 1
|
||||
let g:elm_syntastic_show_warnings = 1
|
||||
'';
|
||||
in ''
|
||||
${colorscheme}
|
||||
${highlightTrailingWhiteSpaces}
|
||||
${remapStatements}
|
||||
${setStatements}
|
||||
${settingsForElm}
|
||||
${settingsForGo}
|
||||
" dont expand tabs in go files and show it with four whitespaces.
|
||||
autocmd BufNewFile,BufRead *.go setlocal noexpandtab tabstop=4 shiftwidth=4
|
||||
'';
|
||||
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
|
||||
vimrcConfig.vam.pluginDictionaries = [
|
||||
{ names = [
|
||||
"ctrlp"
|
||||
"easymotion"
|
||||
"elm-vim"
|
||||
"vim-fileline"
|
||||
"molokai"
|
||||
"nerdtree"
|
||||
"snipmate"
|
||||
"surround"
|
||||
"Syntastic"
|
||||
"undotree"
|
||||
];
|
||||
}
|
||||
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
|
||||
{ names = [ "vim-go" ]; ft_regex = "^go\$"; } # wanted: nsf/gocode
|
||||
{ names = [ "vim-javascript" ]; ft_regex = "^js\$"; }
|
||||
{ names = [ "vim-jsx" ]; ft_regex = "^js\$"; }
|
||||
];
|
||||
})
|
||||
];
|
||||
|
||||
# set up the directories up if they are not there.
|
||||
# Needs to be changed.
|
||||
# vim = let
|
||||
# dirs = {
|
||||
# backupdir = "$HOME/.cache/vim/backup";
|
||||
# swapdir = "$HOME/.cache/vim/swap";
|
||||
# undodir = "$HOME/.cache/vim/undo";
|
||||
# };
|
||||
# files = {
|
||||
# viminfo = "$HOME/.cache/vim/info";
|
||||
# };
|
||||
#
|
||||
# mkdirs = let
|
||||
# dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
|
||||
# in assert out != ""; out;
|
||||
# alldirs = attrValues dirs ++ map dirOf (attrValues files);
|
||||
# in unique (sort lessThan alldirs);
|
||||
# in
|
||||
# pkgs.symlinkJoin {
|
||||
# name = "vim";
|
||||
# paths = [
|
||||
# (pkgs.writeDashBin "vim" ''
|
||||
# set -efu
|
||||
# (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
|
||||
# exec ${pkgs.vim}/bin/vim "$@"
|
||||
# '')
|
||||
# pkgs.vim
|
||||
# ];
|
||||
# };
|
||||
|
||||
}
|
@ -1,23 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
mainUser = config.users.extraUsers.jeschli;
|
||||
|
||||
in {
|
||||
#services.virtualboxHost.enable = true;
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
|
||||
users.extraUsers = {
|
||||
virtual = {
|
||||
name = "virtual";
|
||||
description = "user for running VirtualBox";
|
||||
home = "/home/virtual";
|
||||
useDefaultShell = true;
|
||||
extraGroups = [ "vboxusers" "audio" ];
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
security.sudo.extraConfig = ''
|
||||
${mainUser.name} ALL=(virtual) NOPASSWD: ALL
|
||||
'';
|
||||
}
|
@ -1,14 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
environment.variables.XDG_RUNTIME_DIR = "/run/xdg/$LOGNAME";
|
||||
|
||||
systemd.tmpfiles.rules = let
|
||||
forUsers = flip map users;
|
||||
isUser = { name, group, ... }:
|
||||
name == "root" || hasSuffix "users" group;
|
||||
users = filter isUser (mapAttrsToList (_: id) config.users.users);
|
||||
in forUsers (u: "d /run/xdg/${u.name} 0700 ${u.name} ${u.group} -");
|
||||
}
|
@ -1,27 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
pkgs.writeText "Xmodmap" ''
|
||||
!keycode 66 = Caps_Lock
|
||||
!remove Lock = Caps_Lock
|
||||
clear Lock
|
||||
|
||||
! caps lock
|
||||
keycode 66 = Mode_switch
|
||||
|
||||
keycode 13 = 4 dollar EuroSign cent
|
||||
keycode 30 = u U udiaeresis Udiaeresis
|
||||
keycode 32 = o O odiaeresis Odiaeresis
|
||||
keycode 38 = a A adiaeresis Adiaeresis
|
||||
keycode 39 = s S ssharp
|
||||
|
||||
keycode 33 = p P Greek_pi Greek_PI
|
||||
keycode 46 = l L Greek_lambda Greek_LAMBDA
|
||||
|
||||
keycode 54 = c C cacute Cacute
|
||||
|
||||
! BULLET OPERATOR
|
||||
keycode 17 = 8 asterisk U2219
|
||||
keycode 27 = r R r U211D
|
||||
''
|
@ -1,56 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
pkgs.writeText "Xresources" /* xdefaults */ ''
|
||||
Xcursor.theme: aero-large-drop
|
||||
Xcursor.size: 128
|
||||
|
||||
URxvt*cutchars: "\\`\"'&()*,;<=>?@[]^{|}‘’"
|
||||
URxvt*eightBitInput: false
|
||||
URxvt*font: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
||||
URxvt*boldFont: -*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1
|
||||
URxvt*scrollBar: false
|
||||
URxvt*background: #050505
|
||||
URxvt*foreground: #d0d7d0
|
||||
URxvt*cursorColor: #f042b0
|
||||
URxvt*cursorColor2: #f0b000
|
||||
URxvt*cursorBlink: off
|
||||
URxvt*jumpScroll: true
|
||||
URxvt*allowSendEvents: false
|
||||
URxvt*charClass: 33:48,37:48,45-47:48,64:48,38:48,61:48,63:48
|
||||
URxvt*cutNewline: False
|
||||
URxvt*cutToBeginningOfLine: False
|
||||
URxvt*font: xft:Monospace:size=12
|
||||
URxvt*font: xft:Monospace:size=12:bold
|
||||
URxvt*color0: #232342
|
||||
URxvt*color3: #c07000
|
||||
URxvt*color4: #4040c0
|
||||
URxvt*color7: #c0c0c0
|
||||
URxvt*color8: #707070
|
||||
URxvt*color9: #ff6060
|
||||
URxvt*color10: #70ff70
|
||||
URxvt*color11: #ffff70
|
||||
URxvt*color12: #7070ff
|
||||
URxvt*color13: #ff50ff
|
||||
URxvt*color14: #70ffff
|
||||
URxvt*color15: #ffffff
|
||||
|
||||
URxvt*iso14755: False
|
||||
|
||||
URxvt*urgentOnBell: True
|
||||
URxvt*visualBell: True
|
||||
|
||||
! ref https://github.com/muennich/urxvt-perls
|
||||
URxvt*perl-ext: default,url-select
|
||||
URxvt*keysym.M-u: perl:url-select:select_next
|
||||
URxvt*url-select.underline: true
|
||||
URxvt*colorUL: #4682B4
|
||||
URxvt.perl-lib: ${pkgs.urxvt_perls}/lib/urxvt/perl
|
||||
URxvt*saveLines: 10000
|
||||
|
||||
root-urxvt*background: #230000
|
||||
root-urxvt*foreground: #e0c0c0
|
||||
root-urxvt*BorderColor: #400000
|
||||
root-urxvt*color0: #800000
|
||||
''
|
@ -1,130 +0,0 @@
|
||||
{ config, pkgs, ... }@args:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
cfg = {
|
||||
cacheDir = cfg.dataDir;
|
||||
configDir = "/var/empty";
|
||||
dataDir = "/run/xdg/${cfg.user.name}/xmonad";
|
||||
user = config.krebs.users.jeschli;
|
||||
};
|
||||
in {
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.font-size
|
||||
pkgs.gitAndTools.qgit
|
||||
pkgs.mpv
|
||||
pkgs.sxiv
|
||||
pkgs.xdotool
|
||||
pkgs.xsel
|
||||
pkgs.zathura
|
||||
];
|
||||
|
||||
fonts.fonts = [
|
||||
pkgs.xlibs.fontschumachermisc
|
||||
];
|
||||
|
||||
# TODO dedicated group, i.e. with a single user [per-user-setuid]
|
||||
# TODO krebs.setuid.slock.path vs /run/wrappers/bin
|
||||
krebs.setuid.slock = {
|
||||
filename = "${pkgs.slock}/bin/slock";
|
||||
group = "wheel";
|
||||
envp = {
|
||||
DISPLAY = ":${toString config.services.xserver.display}";
|
||||
USER = cfg.user.name;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.display-manager.enable = false;
|
||||
|
||||
systemd.services.xmonad = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
requires = [ "xserver.service" ];
|
||||
environment = {
|
||||
DISPLAY = ":${toString config.services.xserver.display}";
|
||||
|
||||
XMONAD_CACHE_DIR = cfg.cacheDir;
|
||||
XMONAD_CONFIG_DIR = cfg.configDir;
|
||||
XMONAD_DATA_DIR = cfg.dataDir;
|
||||
|
||||
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
|
||||
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
|
||||
${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} &
|
||||
${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} &
|
||||
${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' &
|
||||
${config.services.xserver.displayManager.sessionCommands}
|
||||
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
|
||||
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
|
||||
fi
|
||||
export DBUS_SESSION_BUS_ADDRESS
|
||||
${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
|
||||
wait
|
||||
'';
|
||||
|
||||
# XXX JSON is close enough :)
|
||||
XMONAD_WORKSPACES0_FILE = pkgs.writeText "xmonad.workspaces0" (toJSON [
|
||||
"dashboard" # we start here
|
||||
"stockholm"
|
||||
"pycharm"
|
||||
"chromium"
|
||||
"iRC"
|
||||
"git"
|
||||
"hipbird"
|
||||
]);
|
||||
};
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "xmonad";
|
||||
ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p ${toString [
|
||||
"\${XMONAD_CACHE_DIR}"
|
||||
"\${XMONAD_CONFIG_DIR}"
|
||||
"\${XMONAD_DATA_DIR}"
|
||||
]}";
|
||||
ExecStart = "${pkgs.xmonad-jeschli}/bin/xmonad";
|
||||
ExecStop = "${pkgs.xmonad-jeschli}/bin/xmonad --shutdown";
|
||||
User = cfg.user.name;
|
||||
WorkingDirectory = cfg.user.home;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.xserver = {
|
||||
after = [
|
||||
"systemd-udev-settle.service"
|
||||
"local-fs.target"
|
||||
"acpid.service"
|
||||
];
|
||||
reloadIfChanged = true;
|
||||
environment = {
|
||||
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
||||
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
||||
LD_LIBRARY_PATH = concatStringsSep ":" (
|
||||
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
|
||||
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
|
||||
};
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "xserver";
|
||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||
ExecStart = toString [
|
||||
"${pkgs.xorg.xorgserver}/bin/X"
|
||||
":${toString config.services.xserver.display}"
|
||||
"vt${toString config.services.xserver.tty}"
|
||||
"-config ${import ./xserver.conf.nix args}"
|
||||
"-logfile /dev/null -logverbose 0 -verbose 3"
|
||||
"-nolisten tcp"
|
||||
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.urxvtd = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
reloadIfChanged = true;
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "urxvtd";
|
||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
||||
Restart = "always";
|
||||
RestartSec = "2s";
|
||||
StartLimitBurst = 0;
|
||||
User = cfg.user.name;
|
||||
};
|
||||
};
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
cfg = config.services.xserver;
|
||||
in
|
||||
|
||||
pkgs.stdenv.mkDerivation {
|
||||
name = "xserver.conf";
|
||||
|
||||
xfs = optionalString (cfg.useXFS != false)
|
||||
''FontPath "${toString cfg.useXFS}"'';
|
||||
|
||||
inherit (cfg) config;
|
||||
|
||||
buildCommand =
|
||||
''
|
||||
echo 'Section "Files"' >> $out
|
||||
echo $xfs >> $out
|
||||
|
||||
for i in ${toString config.fonts.fonts}; do
|
||||
if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
|
||||
for j in $(find $i -name fonts.dir); do
|
||||
echo " FontPath \"$(dirname $j)\"" >> $out
|
||||
done
|
||||
fi
|
||||
done
|
||||
|
||||
for i in $(find ${toString cfg.modules} -type d); do
|
||||
if test $(echo $i/*.so* | wc -w) -ne 0; then
|
||||
echo " ModulePath \"$i\"" >> $out
|
||||
fi
|
||||
done
|
||||
|
||||
echo 'EndSection' >> $out
|
||||
|
||||
echo "$config" >> $out
|
||||
'';
|
||||
}
|
@ -1,138 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = [ pkgs.fzf ];
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
shellInit = ''
|
||||
#disable config wizard
|
||||
zsh-newuser-install() { :; }
|
||||
'';
|
||||
interactiveShellInit = ''
|
||||
setopt autocd extendedglob
|
||||
bindkey -e
|
||||
|
||||
#history magic
|
||||
bindkey "[A" up-line-or-local-history
|
||||
bindkey "[B" down-line-or-local-history
|
||||
|
||||
up-line-or-local-history() {
|
||||
zle set-local-history 1
|
||||
zle up-line-or-history
|
||||
zle set-local-history 0
|
||||
}
|
||||
zle -N up-line-or-local-history
|
||||
down-line-or-local-history() {
|
||||
zle set-local-history 1
|
||||
zle down-line-or-history
|
||||
zle set-local-history 0
|
||||
}
|
||||
zle -N down-line-or-local-history
|
||||
|
||||
setopt share_history
|
||||
setopt hist_ignore_dups
|
||||
# setopt inc_append_history
|
||||
bindkey '^R' history-incremental-search-backward
|
||||
|
||||
#C-x C-e open line in editor
|
||||
autoload -z edit-command-line
|
||||
zle -N edit-command-line
|
||||
bindkey "^X^E" edit-command-line
|
||||
|
||||
#fzf inclusion
|
||||
source ${pkgs.fzf}/share/fzf/completion.zsh
|
||||
source ${pkgs.fzf}/share/fzf/key-bindings.zsh
|
||||
|
||||
#completion magic
|
||||
autoload -Uz compinit
|
||||
compinit
|
||||
zstyle ':completion:*' menu select
|
||||
|
||||
#enable automatic rehashing of $PATH
|
||||
zstyle ':completion:*' rehash true
|
||||
|
||||
eval $(dircolors -b ${pkgs.fetchFromGitHub {
|
||||
owner = "trapd00r";
|
||||
repo = "LS_COLORS";
|
||||
rev = "a75fca8545f91abb8a5f802981033ef54bf1eac0";
|
||||
sha256="1lzj0qnj89mzh76ha137mnz2hf86k278rh0y9x124ghxj9yqsnb4";
|
||||
}}/LS_COLORS)
|
||||
|
||||
#beautiful colors
|
||||
alias ls='ls --color'
|
||||
# zstyle ':completion:*:default' list-colors ''${(s.:.)LS_COLORS}
|
||||
|
||||
#emacs bindings
|
||||
bindkey "[7~" beginning-of-line
|
||||
bindkey "[8~" end-of-line
|
||||
bindkey "Oc" emacs-forward-word
|
||||
bindkey "Od" emacs-backward-word
|
||||
|
||||
#aliases
|
||||
alias ll='ls -l'
|
||||
alias la='ls -la'
|
||||
|
||||
#fancy window title magic
|
||||
'';
|
||||
promptInit = ''
|
||||
# TODO: figure out why we need to set this here
|
||||
HISTSIZE=900001
|
||||
HISTFILESIZE=$HISTSIZE
|
||||
SAVEHIST=$HISTSIZE
|
||||
|
||||
autoload -U promptinit
|
||||
promptinit
|
||||
|
||||
p_error='%(?..%F{red}%?%f )'
|
||||
t_error='%(?..%? )'
|
||||
|
||||
case $UID in
|
||||
0)
|
||||
p_username='%F{red}root%f'
|
||||
t_username='root'
|
||||
;;
|
||||
1337)
|
||||
p_username=""
|
||||
t_username=""
|
||||
;;
|
||||
*)
|
||||
p_username='%F{blue}%n%f'
|
||||
t_username='%n'
|
||||
;;
|
||||
esac
|
||||
|
||||
if test -n "$SSH_CLIENT"; then
|
||||
p_hostname='@%F{magenta}%M%f '
|
||||
t_hostname='@%M '
|
||||
else
|
||||
p_hostname=""
|
||||
t_hostname=""
|
||||
fi
|
||||
|
||||
#check if in nix shell
|
||||
if test -n "$buildInputs"; then
|
||||
p_nixshell='%F{green}[s]%f '
|
||||
t_nixshell='[s] '
|
||||
else
|
||||
p_nixshell=""
|
||||
t_nixshell=""
|
||||
fi
|
||||
|
||||
PROMPT="$p_error$p_username$p_hostname$p_nixshell%~ "
|
||||
TITLE="$t_error$t_username$t_hostname$t_nixshell%~"
|
||||
case $TERM in
|
||||
(*xterm* | *rxvt*)
|
||||
function precmd {
|
||||
PROMPT_EVALED="$(print -P $TITLE)"
|
||||
echo -ne "\033]0;$$ $PROMPT_EVALED\007"
|
||||
}
|
||||
# This is seen while the shell waits for a command to complete.
|
||||
function preexec {
|
||||
PROMPT_EVALED="$(print -P $TITLE)"
|
||||
echo -ne "\033]0;$$ $PROMPT_EVALED $1\007"
|
||||
}
|
||||
;;
|
||||
esac
|
||||
'';
|
||||
};
|
||||
users.defaultUserShell = "/run/current-system/sw/bin/zsh";
|
||||
}
|
@ -1,11 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
|
||||
self: super:
|
||||
|
||||
# Import files and subdirectories like they are overlays.
|
||||
foldl' mergeAttrs {}
|
||||
(map
|
||||
(name: import (./. + "/${name}") self super)
|
||||
(filter
|
||||
(name: name != "default.nix" && !hasPrefix "." name)
|
||||
(attrNames (readDir ./.))))
|
@ -1,40 +0,0 @@
|
||||
{ stdenv, fetchurl, unzip, jq, zip }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "audio-fingerprint-defender-${version}";
|
||||
version = "0.1.3";
|
||||
|
||||
extid = "@audio-fingerprint-defender";
|
||||
signed = false;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi";
|
||||
sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb";
|
||||
};
|
||||
|
||||
phases = [ "buildPhase" ];
|
||||
|
||||
buildInputs = [ zip unzip jq ];
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p $out/${extid}
|
||||
unzip ${src} -d $out/${extid}
|
||||
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
|
||||
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
|
||||
cd $out/${extid}
|
||||
zip -r -FS $out/${extid}.xpi *
|
||||
rm -r $out/${extid}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Audio context fingerprint defender firefox browser addon";
|
||||
homepage = https://mybrowseraddon.com/audiocontext-defender.html;
|
||||
license = {
|
||||
fullName = "Mozilla Public License Version 2.0";
|
||||
shortName = "moz2";
|
||||
spdxId = "mozilla-2.0";
|
||||
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
{ stdenv, fetchurl, unzip, jq, zip }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "canvas-fingerprint-defender-${version}";
|
||||
version = "0.1.5";
|
||||
|
||||
extid = "@canvas-fingerprint-defender";
|
||||
signed = false;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended";
|
||||
sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld";
|
||||
};
|
||||
|
||||
phases = [ "buildPhase" ];
|
||||
|
||||
buildInputs = [ zip unzip jq ];
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p $out/${extid}
|
||||
unzip ${src} -d $out/${extid}
|
||||
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
|
||||
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
|
||||
cd $out/${extid}
|
||||
zip -r -FS $out/${extid}.xpi *
|
||||
rm -r $out/${extid}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Canvas fingerprint defender firefox browser addon";
|
||||
homepage = https://mybrowseraddon.com/webgl-defender.html;
|
||||
license = {
|
||||
fullName = "Mozilla Public License Version 2.0";
|
||||
shortName = "moz2";
|
||||
spdxId = "mozilla-2.0";
|
||||
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,28 +0,0 @@
|
||||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "dark-reader-${version}";
|
||||
version = "4.8.1";
|
||||
|
||||
extid = "addon@darkreader.org";
|
||||
signed = true;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi";
|
||||
sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb";
|
||||
};
|
||||
|
||||
phases = [ "installPhase" ];
|
||||
|
||||
installPhase = ''
|
||||
install -D ${src} "$out/${extid}.xpi"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing.";
|
||||
homepage = https://github.com/darkreader/darkreader;
|
||||
license = licenses.mit;
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,18 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
|
||||
self: super:
|
||||
|
||||
let
|
||||
# This callPackage will try to detect obsolete overrides.
|
||||
callPackage = path: args: let
|
||||
override = self.callPackage path args;
|
||||
upstream = optionalAttrs (override ? "name")
|
||||
(super.${(parseDrvName override.name).name} or {});
|
||||
in if upstream ? "name" &&
|
||||
override ? "name" &&
|
||||
compareVersions upstream.name override.name != -1
|
||||
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
|
||||
else override;
|
||||
in
|
||||
|
||||
mapNixDir (path: callPackage path {}) ./.
|
@ -1,487 +0,0 @@
|
||||
{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config
|
||||
|
||||
## various stuff that can be plugged in
|
||||
, flashplayer, hal-flash
|
||||
, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2
|
||||
, jrePlugin, icedtea_web
|
||||
, bluejeans, djview4, adobe-reader
|
||||
, fribid, gnome3/*.gnome-shell*/
|
||||
, esteidfirefoxplugin ? ""
|
||||
, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow
|
||||
, udev
|
||||
, kerberos
|
||||
|
||||
}:
|
||||
|
||||
## configurability of the wrapper itself
|
||||
|
||||
browser:
|
||||
|
||||
let
|
||||
wrapper =
|
||||
{ browserName ? browser.browserName or (builtins.parseDrvName browser.name).name
|
||||
, name ? (browserName + "-" + (builtins.parseDrvName browser.name).version)
|
||||
, desktopName ? # browserName with first letter capitalized
|
||||
(lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName)
|
||||
, nameSuffix ? ""
|
||||
, icon ? browserName
|
||||
, extraPlugins ? []
|
||||
, extraPrefs ? ""
|
||||
, extraExtensions ? [ ]
|
||||
, allowNonSigned ? false
|
||||
, disablePocket ? false
|
||||
, disableTelemetry ? true
|
||||
, disableDrmPlugin ? false
|
||||
, showPunycodeUrls ? true
|
||||
, disableFirefoxStudies ? true
|
||||
, disableFirefoxSync ? false
|
||||
, useSystemCertificates ? true
|
||||
, dontCheckDefaultBrowser ? false
|
||||
# For more information about anti tracking
|
||||
# vist https://wiki.kairaven.de/open/app/firefox
|
||||
, activateAntiTracking ? true
|
||||
, disableFeedbackCommands ? true
|
||||
, disableDNSOverHTTPS ? true
|
||||
, disableGoogleSafebrowsing ? false
|
||||
, clearDataOnShutdown ? false
|
||||
, homepage ? "about:blank"
|
||||
# For more information about policies visit
|
||||
# https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
|
||||
, extraPolicies ? {}
|
||||
, extraNativeMessagingHosts ? []
|
||||
, gdkWayland ? false
|
||||
}:
|
||||
|
||||
assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
|
||||
|
||||
let
|
||||
|
||||
# If extraExtensions has been set disable manual extensions
|
||||
disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false;
|
||||
|
||||
cfg = config.${browserName} or {};
|
||||
enableAdobeFlash = cfg.enableAdobeFlash or false;
|
||||
ffmpegSupport = browser.ffmpegSupport or false;
|
||||
gssSupport = browser.gssSupport or false;
|
||||
jre = cfg.jre or false;
|
||||
icedtea = cfg.icedtea or false;
|
||||
supportsJDK =
|
||||
stdenv.hostPlatform.system == "i686-linux" ||
|
||||
stdenv.hostPlatform.system == "x86_64-linux" ||
|
||||
stdenv.hostPlatform.system == "armv7l-linux" ||
|
||||
stdenv.hostPlatform.system == "aarch64-linux";
|
||||
|
||||
plugins =
|
||||
assert !(jre && icedtea);
|
||||
if builtins.hasAttr "enableVLC" cfg
|
||||
then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins"
|
||||
else
|
||||
([ ]
|
||||
++ lib.optional enableAdobeFlash flashplayer
|
||||
++ lib.optional (cfg.enableDjvu or false) (djview4)
|
||||
++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser)
|
||||
++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin
|
||||
++ lib.optional icedtea icedtea_web
|
||||
++ lib.optional (cfg.enableFriBIDPlugin or false) fribid
|
||||
++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell
|
||||
++ lib.optional (cfg.enableBluejeans or false) bluejeans
|
||||
++ lib.optional (cfg.enableAdobeReader or false) adobe-reader
|
||||
++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin
|
||||
++ extraPlugins
|
||||
);
|
||||
nativeMessagingHosts =
|
||||
([ ]
|
||||
++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass)
|
||||
++ lib.optional (cfg.enableBukubrow or false) bukubrow
|
||||
++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell
|
||||
++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator
|
||||
++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration
|
||||
++ extraNativeMessagingHosts
|
||||
);
|
||||
libs = lib.optional stdenv.isLinux udev
|
||||
++ lib.optional ffmpegSupport ffmpeg
|
||||
++ lib.optional gssSupport kerberos
|
||||
++ lib.optionals (cfg.enableQuakeLive or false)
|
||||
(with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ])
|
||||
++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash
|
||||
++ lib.optional (config.pulseaudio or true) libpulseaudio;
|
||||
gtk_modules = [ libcanberra-gtk2 ];
|
||||
|
||||
enterprisePolicies =
|
||||
{
|
||||
policies = {
|
||||
DisableAppUpdate = true;
|
||||
} // lib.optionalAttrs disableManualExtensions (
|
||||
{
|
||||
ExtensionSettings = {
|
||||
"*" = {
|
||||
blocked_install_message = "You can't have manual extension mixed with nix extensions";
|
||||
installation_mode = "blocked";
|
||||
};
|
||||
|
||||
} // lib.foldr (e: ret:
|
||||
ret // {
|
||||
"${e.extid}" = {
|
||||
installation_mode = "allowed";
|
||||
};
|
||||
}
|
||||
) {} extraExtensions;
|
||||
}
|
||||
) // lib.optionalAttrs disablePocket (
|
||||
{
|
||||
DisablePocket = true;
|
||||
}
|
||||
) // lib.optionalAttrs disableTelemetry (
|
||||
{
|
||||
DisableTelemetry = true;
|
||||
}
|
||||
) // lib.optionalAttrs disableFirefoxStudies (
|
||||
{
|
||||
DisableFirefoxStudies = true;
|
||||
}
|
||||
) // lib.optionalAttrs disableFirefoxSync (
|
||||
{
|
||||
DisableFirefoxAccounts = true;
|
||||
}
|
||||
) // lib.optionalAttrs useSystemCertificates (
|
||||
{
|
||||
# Disable useless firefox certificate store
|
||||
Certificates = {
|
||||
ImportEnterpriseRoots = true;
|
||||
};
|
||||
}
|
||||
) // lib.optionalAttrs (
|
||||
if lib.count (x: true) extraExtensions > 0 then true else false) (
|
||||
{
|
||||
# Don't try to update nix installed addons
|
||||
DisableSystemAddonUpdate = true;
|
||||
|
||||
# But update manually installed addons
|
||||
ExtensionUpdate = false;
|
||||
}
|
||||
) // lib.optionalAttrs dontCheckDefaultBrowser (
|
||||
{
|
||||
DontCheckDefaultBrowser = true;
|
||||
}
|
||||
)// lib.optionalAttrs disableDNSOverHTTPS (
|
||||
{
|
||||
DNSOverHTTPS = {
|
||||
Enabled = false;
|
||||
};
|
||||
}
|
||||
) // lib.optionalAttrs clearDataOnShutdown (
|
||||
{
|
||||
SanitizeOnShutdown = true;
|
||||
}
|
||||
) // lib.optionalAttrs disableFeedbackCommands (
|
||||
{
|
||||
DisableFeedbackCommands = true;
|
||||
}
|
||||
) // lib.optionalAttrs ( if homepage == "" then false else true) (
|
||||
{
|
||||
Homepage = {
|
||||
URL = homepage;
|
||||
Locked = true;
|
||||
};
|
||||
}
|
||||
) // extraPolicies ;} ;
|
||||
|
||||
|
||||
extensions = builtins.map (a:
|
||||
if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then
|
||||
throw "Addon ${a.pname} needs boolean attribute 'signed' "
|
||||
else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then
|
||||
throw "Addon ${a.pname} needs a string attribute 'extid'"
|
||||
else if a.signed == false && !allowNonSigned then
|
||||
throw "Disable signature checking in firefox if you want ${a.pname} addon"
|
||||
else a
|
||||
) extraExtensions;
|
||||
|
||||
policiesJson = builtins.toFile "policies.json"
|
||||
(builtins.toJSON enterprisePolicies);
|
||||
|
||||
mozillaCfg = builtins.toFile "mozilla.cfg" ''
|
||||
// First line must be a comment
|
||||
|
||||
// Remove default top sites
|
||||
lockPref("browser.newtabpage.pinned", "");
|
||||
lockPref("browser.newtabpage.activity-stream.default.sites", "");
|
||||
|
||||
// Deactivate first run homepage
|
||||
lockPref("browser.startup.firstrunSkipsHomepage", false);
|
||||
|
||||
// If true, don't show the privacy policy tab on first run
|
||||
lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
|
||||
|
||||
${
|
||||
if allowNonSigned == true then
|
||||
''lockPref("xpinstall.signatures.required", false)''
|
||||
else
|
||||
""
|
||||
}
|
||||
|
||||
${
|
||||
if showPunycodeUrls == true then
|
||||
''
|
||||
lockPref("network.IDN_show_punycode", true);
|
||||
''
|
||||
else
|
||||
""
|
||||
}
|
||||
|
||||
${
|
||||
if disableManualExtensions == true then
|
||||
''
|
||||
lockPref("extensions.getAddons.showPane", false);
|
||||
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
|
||||
lockPref("app.update.auto", false);
|
||||
''
|
||||
else
|
||||
""
|
||||
}
|
||||
|
||||
${
|
||||
if disableDrmPlugin == true then
|
||||
''
|
||||
lockPref("media.gmp-gmpopenh264.enabled", false);
|
||||
lockPref("media.gmp-widevinecdm.enabled", false);
|
||||
''
|
||||
else
|
||||
""
|
||||
}
|
||||
|
||||
${
|
||||
if activateAntiTracking == true then
|
||||
''
|
||||
// Tracking
|
||||
lockPref("browser.send_pings", false);
|
||||
lockPref("browser.send_pings.require_same_host", true);
|
||||
lockPref("network.dns.disablePrefetch", true);
|
||||
lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false);
|
||||
lockPref("browser.search.geoip.url", "");
|
||||
lockPref("privacy.firstparty.isolate", true);
|
||||
lockPref("privacy.userContext.enabled", true);
|
||||
lockPref("privacy.userContext.ui.enabled", true);
|
||||
lockPref("privacy.firstparty.isolate.restrict_opener_access", false);
|
||||
lockPref("network.http.referer.XOriginPolicy", 1);
|
||||
lockPref("network.http.referer.hideOnionSource", true);
|
||||
lockPref(" privacy.spoof_english", true);
|
||||
|
||||
// This option is currently not usable because of bug:
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1557620
|
||||
// lockPref("privacy.resistFingerprinting", true);
|
||||
''
|
||||
else ""
|
||||
}
|
||||
${
|
||||
if disableTelemetry == true then
|
||||
''
|
||||
// Telemetry
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
|
||||
lockPref("browser.ping-centre.telemetry", false);
|
||||
lockPref("devtools.onboarding.telemetry.logged", false);
|
||||
lockPref("toolkit.telemetry.archive.enabled", false);
|
||||
lockPref("toolkit.telemetry.bhrPing.enabled", false);
|
||||
lockPref("toolkit.telemetry.enabled", false);
|
||||
lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
|
||||
lockPref("toolkit.telemetry.hybridContent.enabled", false);
|
||||
lockPref("toolkit.telemetry.newProfilePing.enabled", false);
|
||||
lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
|
||||
lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
|
||||
lockPref("dom.push.enabled", false);
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
|
||||
lockPref("security.ssl.errorReporting.enabled", false);
|
||||
''
|
||||
else ""
|
||||
}
|
||||
|
||||
${
|
||||
if disableGoogleSafebrowsing == true then
|
||||
''
|
||||
// Google data sharing
|
||||
lockPref("browser.safebrowsing.blockedURIs.enabled", false);
|
||||
lockPref("browser.safebrowsing.downloads.enabled", false);
|
||||
lockPref("browser.safebrowsing.malware.enabled", false);
|
||||
lockPref("browser.safebrowsing.passwords.enabled", false);
|
||||
lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
|
||||
lockPref("browser.safebrowsing.malware.enabled", false);
|
||||
lockPref("browser.safebrowsing.phishing.enabled", false);
|
||||
lockPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
|
||||
lockPref("browser.safebrowsing.provider.mozilla.updateURL", "");
|
||||
''
|
||||
else ""
|
||||
}
|
||||
|
||||
// User customization
|
||||
${extraPrefs}
|
||||
'';
|
||||
in stdenv.mkDerivation {
|
||||
inherit name;
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
name = browserName;
|
||||
exec = "${browserName}${nameSuffix} %U";
|
||||
inherit icon;
|
||||
comment = "";
|
||||
desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}";
|
||||
genericName = "Web Browser";
|
||||
categories = "Application;Network;WebBrowser;";
|
||||
mimeType = stdenv.lib.concatStringsSep ";" [
|
||||
"text/html"
|
||||
"text/xml"
|
||||
"application/xhtml+xml"
|
||||
"application/vnd.mozilla.xul+xml"
|
||||
"x-scheme-handler/http"
|
||||
"x-scheme-handler/https"
|
||||
"x-scheme-handler/ftp"
|
||||
];
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper lndir ];
|
||||
buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
|
||||
|
||||
buildCommand = lib.optionalString stdenv.isDarwin ''
|
||||
mkdir -p $out/Applications
|
||||
cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
|
||||
rm -f $out${browser.execdir or "/bin"}/${browserName}
|
||||
'' + ''
|
||||
|
||||
# Link the runtime. The executable itself has to be copied,
|
||||
# because it will resolve paths relative to its true location.
|
||||
# Any symbolic links have to be replicated as well.
|
||||
cd "${browser}"
|
||||
find . -type d -exec mkdir -p "$out"/{} \;
|
||||
|
||||
find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
|
||||
|
||||
find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
|
||||
cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
|
||||
chmod a+rwx "$out/$f"
|
||||
done
|
||||
|
||||
# fix links and absolute references
|
||||
cd "${browser}"
|
||||
|
||||
find . -type l -print0 | while read -d $'\0' l; do
|
||||
target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
|
||||
ln -sfT "$target" "$out/$l"
|
||||
done
|
||||
|
||||
# This will not patch binaries, only "text" files.
|
||||
# Its there for the wrapper mostly.
|
||||
cd "$out"
|
||||
${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
|
||||
|
||||
# create the wrapper
|
||||
|
||||
executablePrefix="$out${browser.execdir or "/bin"}"
|
||||
executablePath="$executablePrefix/${browserName}"
|
||||
|
||||
if [ ! -x "$executablePath" ]
|
||||
then
|
||||
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -L "$executablePath" ]
|
||||
then
|
||||
# Careful here, the file at executablePath may already be
|
||||
# a wrapper. That is why we postfix it with -old instead
|
||||
# of -wrapped.
|
||||
oldExe="$executablePrefix"/".${browserName}"-old
|
||||
mv "$executablePath" "$oldExe"
|
||||
else
|
||||
oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
|
||||
fi
|
||||
|
||||
|
||||
makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
|
||||
--suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
|
||||
--suffix LD_LIBRARY_PATH ':' "$libs" \
|
||||
--suffix-each GTK_PATH ':' "$gtk_modules" \
|
||||
--suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \
|
||||
--prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \
|
||||
--suffix PATH ':' "$out${browser.execdir or "/bin"}" \
|
||||
--set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \
|
||||
--set MOZ_SYSTEM_DIR "$out/lib/mozilla" \
|
||||
${lib.optionalString gdkWayland ''
|
||||
--set GDK_BACKEND "wayland" \
|
||||
''}${lib.optionalString (browser ? gtk3)
|
||||
''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \
|
||||
--suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
|
||||
''
|
||||
}
|
||||
|
||||
if [ -e "${browser}/share/icons" ]; then
|
||||
mkdir -p "$out/share"
|
||||
ln -s "${browser}/share/icons" "$out/share/icons"
|
||||
else
|
||||
for res in 16 32 48 64 128; do
|
||||
mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps"
|
||||
icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" )
|
||||
if [ -e "$icon" ]; then ln -s "$icon" \
|
||||
"$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
install -D -t $out/share/applications $desktopItem/share/applications/*
|
||||
|
||||
mkdir -p $out/lib/mozilla
|
||||
for ext in ${toString nativeMessagingHosts}; do
|
||||
lndir -silent $ext/lib/mozilla $out/lib/mozilla
|
||||
done
|
||||
|
||||
# For manpages, in case the program supplies them
|
||||
mkdir -p $out/nix-support
|
||||
echo ${browser} > $out/nix-support/propagated-user-env-packages
|
||||
|
||||
# user customization
|
||||
mkdir -p $out/lib/firefox
|
||||
|
||||
# creating policies.json
|
||||
mkdir -p "$out/lib/firefox/distribution"
|
||||
|
||||
cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson}
|
||||
|
||||
# preparing for autoconfig
|
||||
mkdir -p "$out/lib/firefox/defaults/pref"
|
||||
|
||||
cat > "$out/lib/firefox/defaults/pref/autoconfig.js" <<EOF
|
||||
pref("general.config.filename", "mozilla.cfg");
|
||||
pref("general.config.obscure_value", 0);
|
||||
EOF
|
||||
|
||||
cat > "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg}
|
||||
|
||||
mkdir -p $out/lib/firefox/distribution/extensions
|
||||
|
||||
for i in ${toString extensions}; do
|
||||
ln -s -t $out/lib/firefox/distribution/extensions $i/*
|
||||
done
|
||||
'';
|
||||
|
||||
preferLocalBuild = true;
|
||||
|
||||
# Let each plugin tell us (through its `mozillaPlugin') attribute
|
||||
# where to find the plugin in its tree.
|
||||
plugins = map (x: x + x.mozillaPlugin) plugins;
|
||||
libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs;
|
||||
gtk_modules = map (x: x + x.gtkModule) gtk_modules;
|
||||
|
||||
passthru = { unwrapped = browser; };
|
||||
|
||||
disallowedRequisites = [ stdenv.cc ];
|
||||
|
||||
meta = browser.meta // {
|
||||
description =
|
||||
browser.meta.description
|
||||
+ " (with plugins: "
|
||||
+ lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins))
|
||||
+ ")";
|
||||
hydraPlatforms = [];
|
||||
priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package
|
||||
};
|
||||
};
|
||||
in
|
||||
lib.makeOverridable wrapper
|
@ -1,40 +0,0 @@
|
||||
{ stdenv, fetchurl, unzip, jq, zip }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "font-fingerprint-defender-${version}";
|
||||
version = "0.1.0";
|
||||
|
||||
extid = "@font-fingerprint-defender";
|
||||
signed = false;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi";
|
||||
sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0";
|
||||
};
|
||||
|
||||
phases = [ "buildPhase" ];
|
||||
|
||||
buildInputs = [ zip unzip jq ];
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p $out/${extid}
|
||||
unzip ${src} -d $out/${extid}
|
||||
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
|
||||
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
|
||||
cd $out/${extid}
|
||||
zip -r -FS $out/${extid}.xpi *
|
||||
rm -r $out/${extid}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Font fingerprint defender firefox browser addon";
|
||||
homepage = https://mybrowseraddon.com/font-defender.html;
|
||||
license = {
|
||||
fullName = "Mozilla Public License Version 2.0";
|
||||
shortName = "moz2";
|
||||
spdxId = "mozilla-2.0";
|
||||
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,45 +0,0 @@
|
||||
{ stdenv, fetchurl, pkgs, makeWrapper, lib }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "${pname}-${version}";
|
||||
pname = "hopper";
|
||||
version = "4.5.16";
|
||||
rev = "v${lib.versions.major version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz";
|
||||
sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584";
|
||||
};
|
||||
|
||||
sourceRoot = ".";
|
||||
|
||||
ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [
|
||||
libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
mkdir -p $out/lib
|
||||
mkdir -p $out/share
|
||||
cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper
|
||||
cp -r $sourceRoot/opt/hopper-${rev}/lib $out
|
||||
cp -r $sourceRoot/usr/share $out/share
|
||||
patchelf \
|
||||
--set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \
|
||||
$out/bin/hopper
|
||||
# Details: https://nixos.wiki/wiki/Qt
|
||||
wrapProgram $out/bin/hopper \
|
||||
--suffix LD_LIBRARY_PATH : ${ldLibraryPath} \
|
||||
--suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = "https://www.hopperapp.com/index.html";
|
||||
description = "A macOS and Linux Disassembler";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
maintainers = [ stdenv.lib.maintainers.luis ];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
};
|
||||
}
|
@ -1,29 +0,0 @@
|
||||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "https-everywhere-${version}";
|
||||
version = "2019.6.27";
|
||||
|
||||
extid = "https-everywhere@eff.org";
|
||||
signed = true;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi";
|
||||
sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp";
|
||||
};
|
||||
|
||||
phases = [ "installPhase" ];
|
||||
|
||||
installPhase = ''
|
||||
install -D ${src} "$out/${extid}.xpi"
|
||||
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "Https everywhere browser addon";
|
||||
homepage = https://www.eff.org/https-everywhere;
|
||||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,26 +0,0 @@
|
||||
{ lib, python37Packages }:
|
||||
|
||||
python37Packages.buildPythonPackage rec {
|
||||
pname = "pyocclient";
|
||||
version = "0.4";
|
||||
|
||||
src = python37Packages.fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q";
|
||||
};
|
||||
|
||||
doCheck = false;
|
||||
|
||||
propagatedBuildInputs = with python37Packages; [
|
||||
requests
|
||||
six
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = https://github.com/owncloud/pyocclient/;
|
||||
description = "Nextcloud / Owncloud library for python";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ ];
|
||||
};
|
||||
|
||||
}
|
@ -1,34 +0,0 @@
|
||||
{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import <nixpkgs> {} }:
|
||||
with pkgs;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "rmount-${version}";
|
||||
version = "1.0.1";
|
||||
rev = "v${version}";
|
||||
|
||||
src = fetchgit {
|
||||
rev = "9df124780d2e66f01c70afaecf92090669c5ffb6";
|
||||
url = "https://github.com/Luis-Hebendanz/rmount";
|
||||
sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2";
|
||||
};
|
||||
|
||||
buildInputs = [ stdenv makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
mkdir -p $out/share/man/man1
|
||||
cp ${src}/rmount.man $out/share/man/man1/rmount.1
|
||||
cp ${src}/rmount.bash $out/bin/rmount-noenv
|
||||
cp ${src}/config.json $out/share/config.json
|
||||
chmod +x $out/bin/rmount-noenv
|
||||
|
||||
makeWrapper $out/bin/rmount-noenv $out/bin/rmount \
|
||||
--prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]}
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = "https://github.com/Luis-Hebendanz/rmount";
|
||||
description = "Remote mount utility which parses a json file";
|
||||
license = stdenv.lib.licenses.mit;
|
||||
};
|
||||
}
|
@ -1,28 +0,0 @@
|
||||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ublock-origin-${version}";
|
||||
version = "1.21.2";
|
||||
|
||||
extid = "uBlock0@raymondhill.net";
|
||||
signed = true;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3361355/ublock_origin-${version}-an+fx.xpi";
|
||||
sha256 = "0ypdq3z61mrymknl37qlq6379bx9f2fsgbgr0czbhqs9f2vwszkc";
|
||||
};
|
||||
|
||||
phases = [ "installPhase" ];
|
||||
|
||||
installPhase = ''
|
||||
install -D ${src} "$out/${extid}.xpi"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "ublock origin firefox browser addon";
|
||||
homepage = https://github.com/gorhill/uBlock;
|
||||
license = licenses.gpl3;
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
{ stdenv, fetchurl, unzip, jq, zip }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "user-agent-switcher-${version}";
|
||||
version = "0.3.2";
|
||||
|
||||
extid = "@user-agent-switcher";
|
||||
signed = false;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3370255/user_agent_switcher_and_manager-${version}-an+fx.xpi";
|
||||
sha256 = "0lrw1xf6fsxr47bifkayfxpysv8s2p9ghmbmw2s7ymhrgy42i6v5";
|
||||
};
|
||||
|
||||
phases = [ "buildPhase" ];
|
||||
|
||||
buildInputs = [ zip unzip jq ];
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p $out/${extid}
|
||||
unzip ${src} -d $out/${extid}
|
||||
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
|
||||
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
|
||||
cd $out/${extid}
|
||||
zip -r -FS $out/${extid}.xpi *
|
||||
rm -r $out/${extid}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "User agent switcher";
|
||||
homepage = https://add0n.com/useragent-switcher.html;
|
||||
license = {
|
||||
fullName = "Mozilla Public License Version 2.0";
|
||||
shortName = "moz2";
|
||||
spdxId = "mozilla-2.0";
|
||||
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
{ stdenv, fetchurl, unzip, jq, zip }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "webgl-fingerprint-defender-${version}";
|
||||
version = "0.1.2";
|
||||
|
||||
extid = "@webgl-fingerprint-defender";
|
||||
signed = false;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3362869/webgl_fingerprint_defender-${version}-an+fx.xpi";
|
||||
sha256 = "06hfr5hxr4qw0jx6i9fi9gdk5211z08brnvqj2jlmpyc3dwl4pif";
|
||||
};
|
||||
|
||||
phases = [ "buildPhase" ];
|
||||
|
||||
buildInputs = [ zip unzip jq ];
|
||||
|
||||
buildPhase = ''
|
||||
mkdir -p $out/${extid}
|
||||
unzip ${src} -d $out/${extid}
|
||||
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
|
||||
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
|
||||
cd $out/${extid}
|
||||
zip -r -FS $out/${extid}.xpi *
|
||||
rm -r $out/${extid}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Canvas defender firefox browser addon";
|
||||
homepage = https://mybrowseraddon.com/webgl-defender.html;
|
||||
license = {
|
||||
fullName = "Mozilla Public License Version 2.0";
|
||||
shortName = "moz2";
|
||||
spdxId = "mozilla-2.0";
|
||||
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
|
||||
maintainers = [];
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
@ -1,25 +0,0 @@
|
||||
{ stdenv, fetchFromGitHub, meson, ninja, pkgconfig
|
||||
, wayland, wayland-protocols }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "wl-clipboard";
|
||||
version = "2.0.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bugaevc";
|
||||
repo = "wl-clipboard";
|
||||
rev = "v${version}";
|
||||
sha256 = "0c4w87ipsw09aii34szj9p0xfy0m00wyjpll0gb0aqmwa60p0c5d";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ meson ninja pkgconfig wayland-protocols ];
|
||||
buildInputs = [ wayland ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Command-line copy/paste utilities for Wayland";
|
||||
homepage = https://github.com/bugaevc/wl-clipboard;
|
||||
license = licenses.gpl3;
|
||||
maintainers = with maintainers; [ dywedir ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
@ -1,18 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
|
||||
self: super:
|
||||
|
||||
let
|
||||
# This callPackage will try to detect obsolete overrides.
|
||||
callPackage = path: args: let
|
||||
override = self.callPackage path args;
|
||||
upstream = optionalAttrs (override ? "name")
|
||||
(super.${(parseDrvName override.name).name} or {});
|
||||
in if upstream ? "name" &&
|
||||
override ? "name" &&
|
||||
compareVersions upstream.name override.name != -1
|
||||
then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override
|
||||
else override;
|
||||
in
|
||||
|
||||
mapNixDir (path: callPackage path {}) ./.
|
@ -1,9 +0,0 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
../krebs
|
||||
./2configs
|
||||
];
|
||||
|
||||
nixpkgs.config.packageOverrides = import ./5pkgs pkgs;
|
||||
}
|
@ -1,43 +0,0 @@
|
||||
{ name }: let
|
||||
inherit (import ../krebs/krops.nix { inherit name; })
|
||||
krebs-source
|
||||
lib
|
||||
pkgs
|
||||
;
|
||||
|
||||
source = { test }: lib.evalSource [
|
||||
(krebs-source { test = test; })
|
||||
{
|
||||
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
|
||||
nixpkgs-unstable.git = {
|
||||
url = "https://github.com/nixos/nixpkgs";
|
||||
ref = (lib.importJSON ../krebs/nixpkgs-unstable.json).rev;
|
||||
};
|
||||
secrets = if test then {
|
||||
file = toString ./2configs/tests/dummy-secrets;
|
||||
} else {
|
||||
file = "${lib.getEnv "HOME"}/secrets/${name}";
|
||||
};
|
||||
}
|
||||
{
|
||||
home-manager.git = {
|
||||
url = https://github.com/rycee/home-manager;
|
||||
ref = "2ccbf43";
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
in {
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
||||
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeDeploy "${name}-deploy" {
|
||||
source = source { test = false; };
|
||||
inherit target;
|
||||
};
|
||||
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
||||
test = { target }: pkgs.krops.writeTest "${name}-test" {
|
||||
force = true;
|
||||
inherit target;
|
||||
source = source { test = true; };
|
||||
};
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
{ config, ... }:
|
||||
let
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
18
kartei/default.nix
Normal file
18
kartei/default.nix
Normal file
@ -0,0 +1,18 @@
|
||||
{ config, lib, ... }: let
|
||||
removeTemplate =
|
||||
# TODO don't remove during CI
|
||||
lib.flip builtins.removeAttrs ["template"];
|
||||
in {
|
||||
config =
|
||||
lib.mkMerge
|
||||
(lib.mapAttrsToList
|
||||
(name: _type: let
|
||||
path = ./. + "/${name}";
|
||||
in {
|
||||
krebs = import path { inherit config; };
|
||||
})
|
||||
(removeTemplate
|
||||
(lib.filterAttrs
|
||||
(_name: type: type == "directory")
|
||||
(builtins.readDir ./.))));
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
{ config, ... }: let
|
||||
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
{ config, ... }:
|
||||
let
|
||||
maybeEmpty = attrset: key: if (attrset?key) then attrset.${key} else [];
|
||||
@ -82,6 +82,8 @@ in
|
||||
"makanek.r"
|
||||
"makanek.kmein.r"
|
||||
"grafana.kmein.r"
|
||||
"alertmanager.kmein.r"
|
||||
"prometheus.kmein.r"
|
||||
"names.kmein.r"
|
||||
"graph.r"
|
||||
"rrm.r"
|
||||
@ -138,6 +140,28 @@ in
|
||||
wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ=";
|
||||
};
|
||||
};
|
||||
tabula = {
|
||||
nets.retiolum = {
|
||||
ip4.addr = "10.243.2.78";
|
||||
aliases = [ "tabula.r" "tabula.kmein.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEA4cdFDoKRA9t+r686w6gH1u4UjEQJBmhsf3tkPEkv7nyVr4ahcZQk
|
||||
rQwlhNRJwv0wekwO0qG19VoAmBkVMzYu5JWn9WeYfIEUtP3ndPa7tqWQ4qIkYh8q
|
||||
4KQ03Y3CZav5ClK9rLO7gj+dsP+BhVdqhte4pJANs4CyglYkyu6p0P4+R2P0tfcq
|
||||
LTl8RB+SXuafqzhoQD+yhhA1HR8O1o9gHJjKiEVrSLwSFfD8WWH55yeWzIYAbuv8
|
||||
8a5VzhS5zvDYUFTP1WUPTeGlKsJdslSZqsrZmBDpkh1iEpRzQUnwQNMJ/uGXIldE
|
||||
3FKKoL9LKlvr1Iz9IcuxO4QLk+DoC8+Jc7yQrwIiQQCwAfwdyY6KcRDAqna1WZRd
|
||||
MFRvPd6y1BmLVJMG43VpWm5POE9Gw5nj5IzSNAFshoNljf246y2+wf8EtULqtrJD
|
||||
DMckquiYRnzQPco9PgjLfH/6SnlB/oXhvT4+rB4KceSoFKOLWq1pFogDGDy0xyB0
|
||||
ufkPsXiYE2KRnkozDJWlKSqrkM3GSR2lTM5cAmLh8VzxkI6LeJu8/6qxFa6J6tn4
|
||||
+kH8yjbcLqjmuUykfOZ2eL4GniaFexDvZcGgLD1I5f1ylEmSuU6boyx83WkCH7NH
|
||||
1cmaBDQsy4x0gMUYlLDVDW7X2PECoq5mQ61FHBNkdNOujOM/JPnYf4UCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "eZsnMScJdH5k/W3Y5fILnz5Kc01R+dRzjjE/cnu96VF";
|
||||
};
|
||||
};
|
||||
tahina = {
|
||||
nets.retiolum = {
|
||||
ip4.addr = "10.243.2.74";
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
{ config, ... }: let
|
||||
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
||||
@ -78,6 +78,7 @@ in {
|
||||
"build.r"
|
||||
"build.hotdog.r"
|
||||
"ca.r"
|
||||
"calendar.r"
|
||||
"cgit.hotdog.r"
|
||||
"irc.r"
|
||||
"wiki.r"
|
||||
@ -164,12 +165,20 @@ in {
|
||||
ponte = {
|
||||
cores = 1;
|
||||
owner = config.krebs.users.krebs;
|
||||
extraZones = {
|
||||
"krebsco.de" = /* bindzone */ ''
|
||||
krebsco.de. 60 IN A ${config.krebs.hosts.ponte.nets.internet.ip4.addr}
|
||||
'';
|
||||
};
|
||||
nets = rec {
|
||||
internet = {
|
||||
ip4 = {
|
||||
ip4 = rec {
|
||||
addr = "141.147.36.79";
|
||||
prefix = "0.0.0.0/0";
|
||||
prefix = "${addr}/32";
|
||||
};
|
||||
aliases = [
|
||||
"ponte.i"
|
||||
];
|
||||
};
|
||||
retiolum = {
|
||||
via = internet;
|
@ -1,12 +1,6 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
{ config, ... }: let
|
||||
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host {
|
||||
ci = true;
|
||||
monitoring = true;
|
||||
owner = config.krebs.users.lass;
|
||||
};
|
||||
|
||||
r6 = ip: (krebs.genipv6 "retiolum" "lass" ip).address;
|
||||
w6 = ip: (krebs.genipv6 "wiregrill" "lass" ip).address;
|
||||
|
||||
@ -16,6 +10,7 @@ in {
|
||||
};
|
||||
hosts = mapAttrs (_: recursiveUpdate {
|
||||
owner = config.krebs.users.lass;
|
||||
consul = true;
|
||||
ci = true;
|
||||
monitoring = true;
|
||||
}) {
|
||||
@ -64,11 +59,12 @@ in {
|
||||
cores = 4;
|
||||
extraZones = {
|
||||
"krebsco.de" = ''
|
||||
cache IN A ${nets.internet.ip4.addr}
|
||||
p IN A ${nets.internet.ip4.addr}
|
||||
c IN A ${nets.internet.ip4.addr}
|
||||
paste IN A ${nets.internet.ip4.addr}
|
||||
prism IN A ${nets.internet.ip4.addr}
|
||||
cache 60 IN A ${nets.internet.ip4.addr}
|
||||
p 60 IN A ${nets.internet.ip4.addr}
|
||||
c 60 IN A ${nets.internet.ip4.addr}
|
||||
paste 60 IN A ${nets.internet.ip4.addr}
|
||||
prism 60 IN A ${nets.internet.ip4.addr}
|
||||
social 60 IN A ${nets.internet.ip4.addr}
|
||||
'';
|
||||
"lassul.us" = ''
|
||||
$TTL 3600
|
||||
@ -78,7 +74,7 @@ in {
|
||||
60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||
60 IN AAAA ${config.krebs.hosts.prism.nets.internet.ip6.addr}
|
||||
IN MX 5 mail.lassul.us.
|
||||
60 IN TXT v=spf1 mx a:lassul.us -all
|
||||
60 IN TXT "v=spf1 mx -all"
|
||||
60 IN TXT ( "v=DKIM1; k=rsa; t=s; s=*; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" )
|
||||
default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB"
|
||||
cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr}
|
||||
@ -418,6 +414,7 @@ in {
|
||||
};
|
||||
xerxes = {
|
||||
cores = 2;
|
||||
consul = false;
|
||||
nets = rec {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.1.3";
|
||||
@ -592,7 +589,53 @@ in {
|
||||
syncthing.id = "CADHN7J-CWRCWTZ-3GZRLII-JBVZN4N-RGHDGDL-UTAJNYI-RZPHK55-7EYAWQM";
|
||||
};
|
||||
|
||||
massulus = {
|
||||
cores = 1;
|
||||
ci = false;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.0.113";
|
||||
ip6.addr = r6 "113";
|
||||
aliases = [
|
||||
"massulus.r"
|
||||
];
|
||||
tinc = {
|
||||
pubkey = ''
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApwYalnJ2E1e3WOttPCpt
|
||||
ypNm2adUXS/pejcbF68oRvgv6NRMOKVkoFVEzdnCLYTkYkwcpGd+oRO91F+ekZrN
|
||||
ndEoicuzHNyG6NTXfW3Sjj9Au/NoAVwOJxAztzXMBAsH5pi4PSiqIQZC4l6cyv2K
|
||||
zUNm1LvW5Z5/W0J5XCUw3/B4Py7V/HjW9Yxe8MCaCVVP2kF5SwjmfQ+Yp+8csvU3
|
||||
F30xFjcTJjjWUPSkubgxtsfkrbbjzdMZhKldi3l9LhbYWD8O4bUTrTau/Emaaf6e
|
||||
v5paVh9Kczwg7Ugk9Co3GL4tKOE2I7kRQV2Rg0M5NcRBUwfxkl6JTI2PmY0fNmYd
|
||||
kdLQ1fKlFOrkyHuPBjZET1UniomlLpdycyyZii+YWLoQNj4JlFl8nAlPbqkiy8EF
|
||||
LcHvB2VfdjjyBY25TtYPjFzFsEYKd8HQ7djs8rvJvmhu4tLDD6NaOqJPWMo7I7rW
|
||||
EavQWZd+CELCJNN8eJhYWIGpnq+BI00FKayUAX+OSObYCHD1AikiiIaSjfDCrCJb
|
||||
KVDj/uczOjxHk6TUVbepFA7C8EAxZ01sgHtUDkIfvcDMs4DGn88PmjPW+V/4MfKl
|
||||
oqT7aVv6BYJdSK63rH3Iw+qTvdtzj+vcoO+HmRt2I2Be4ZPSeDrt+riaLycrVF00
|
||||
yFmvsQgi48/0ZSwaVGR8lFUCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
'';
|
||||
pubkey_ed25519 = "QwKNyv97Q2/fmPrVkgbGIhDTVW+uKu+F2enGCtZJgkM";
|
||||
port = 1655;
|
||||
};
|
||||
};
|
||||
wiregrill = {
|
||||
ip6.addr = w6 "113";
|
||||
aliases = [
|
||||
"massulus.w"
|
||||
];
|
||||
wireguard.pubkey = ''
|
||||
4wXpuDBEJS8J1bxS4paz/eZP1MuMfgHDCvOPn4TYtHQ=
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKH8lFXZ/d2NtqyrpslTGRNBR7FJZCJ6i3UPy0LDl9t7 ";
|
||||
};
|
||||
|
||||
phone = {
|
||||
consul = false;
|
||||
nets = {
|
||||
wiregrill = {
|
||||
ip4.addr = "10.244.1.13";
|
||||
@ -608,6 +651,7 @@ in {
|
||||
syncthing.id = "PWKVXPB-JCNO6E4-KVIQ7CK-6FSOWHM-AWORMDU-HVVYLKW-44DQTYW-XZT7DQJ";
|
||||
};
|
||||
tablet = {
|
||||
consul = false;
|
||||
nets = {
|
||||
wiregrill = {
|
||||
ip4.addr = "10.244.1.14";
|
||||
@ -622,6 +666,7 @@ in {
|
||||
ci = false;
|
||||
};
|
||||
hilum = {
|
||||
consul = false;
|
||||
cores = 1;
|
||||
nets = {
|
||||
retiolum = {
|
||||
@ -797,6 +842,7 @@ in {
|
||||
};
|
||||
|
||||
lasspi = {
|
||||
consul = false;
|
||||
cores = 1;
|
||||
nets = {
|
||||
retiolum = {
|
||||
@ -840,6 +886,7 @@ in {
|
||||
};
|
||||
|
||||
domsen-pixel = {
|
||||
consul = false;
|
||||
nets = {
|
||||
wiregrill = {
|
||||
ip4.addr = "10.244.1.17";
|
157
kartei/lass/pgp/yubikey.pgp
Normal file
157
kartei/lass/pgp/yubikey.pgp
Normal file
@ -0,0 +1,157 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBF2iTTQBEAChyVXMTAd7NWUHV1iepW+ZjvCedpr5AQR7kT6btSYPJCjiCNEy
|
||||
aCesw0OFyodQDhEZhKldBdvCnvTxKF/GtBuSKrvFhm7uxJgtT7/VS82IB57Ezmog
|
||||
3AaX95D7tRHKf0I0coWKk+5Yaq2SpNyjTYmG65y93/Hf1PMt4v+oySGfEz/f+R4P
|
||||
rsyIJBfpXOyVKwd7zy4Hj0mqzbsNy9aP7Fk3zMUv+M3A0D33XCd+dm/ogzQpI4vw
|
||||
xlzd5my5R+b7uGwrCHZg9Egp4gbeSChgQc/5ZIcYrUncVVP6OMAjlHfdJFQEOmru
|
||||
eLtuoXwSSSlU8c85O2PV/1/ClkrGGn2zT+UmKnOz1RK405MCOB35wkyboZ4efk2m
|
||||
28LVoYRaoN1yTW7c3CsHpOAIXLsP91LmcHmRI59UHAkNmtlZKS95titv6Dwe3yZj
|
||||
iyOE7McfxpxR0K9P3vUSr42XRYHLJFQuZDCDeReMomGzy8X9EQhUi0cH1BcfZfSD
|
||||
dvcXC9IWpdWickU2wFkDkTECSyJTbC4JPpTQQtj/LAP+zya3tdobnpPn9Msj99WX
|
||||
yLFkKUGWy9yxmDRYst6ErAZMY84J+dqZkm+mLQw9x1jKWIVZDNlwP+Jrz7VMqc1g
|
||||
S2gg1BVl6Nts8Z7foZV6w5IYLr7g3noUm7+NhD83jKTJw8AsHU5RIaJnwwARAQAB
|
||||
tB1sYXNzdWx1cyA8bGFzc3VsdXNAbGFzc3VsLnVzPokCTAQTAQoANhYhBNvNdXhG
|
||||
Bps5LqlAHWZXvoqNHugHBQJdok00AhsBBAsJCAcEFQoJCAUWAgMBAAIeAQIXgAAK
|
||||
CRBmV76KjR7oB3AdD/0TaW3wUWaUhNr5B3clDrTOHL94Ztzsg/Xjr1b/KT1sygad
|
||||
WAanuwGvdmFr4x+eshrTijIXmh5giBwi+QnG7+VX2hlOKuJ+j+0zR2n7i4KVwAuQ
|
||||
SRcQ8TGnBCrWLl80NjnGOky5Nmq4qCzpxhtuFcWixaqlBa3GnXDfecDfBDrcD1T9
|
||||
z63gPJ2Ghovoub1UGp01A+4ZBXD4yc1ZEGmhLFA8Aih4BPdsD6cfXWsAi5Nx8FmC
|
||||
KvNEg4FeMGV13ZEAF8cxaIS/xq9R2xdgYt+lImaDson/ODIoeg+k5B9ntSGs2H9N
|
||||
YoFDlSiB4/a6mBkZm6BA649aL2FjbfOaIB3V07ynzkrSDeUvES9ybnyqbkvd2Slf
|
||||
4us4me9zroOo2UQn1fJVWfPFRFb7aAoBIAIHNVmf1vtMYe9tQQ5o1Mcxb0sixaqO
|
||||
To4fBaaz1WOtrH6NdEWD3OHUkJrFJb/2dVfvR4bHxdWxtF+WdKkbRfdRmYPVAwVf
|
||||
PhasEaaTOZ5r0QghOnjF0YL0YAqvJLx/roz54mNTgavH5BzXjYd9koW0csbWghXd
|
||||
p7BfBwGjfaJfPq6MK+Ifk0WH2Dr5mbSFUw1QdEx9dYZJUDuwu7np5ctd62sjZkwY
|
||||
ppZlgf+gp+OVjGz+yiTAlQ3PB3wCs23qKtdypxsA7G056TNNkwMcBLN16ngLD7kC
|
||||
DQRdok2SARAA/FdD3ji4pAe3C8ziLQfxq2LJX2QPmySoqr0nZWZ2XmZu58w9fVZh
|
||||
SSaKpdmqXfR1qSxIw8Pz+7i5Hh2dcG6dJleAMNYYTc7sm4EUDqLtUaQSNVtXrmCE
|
||||
SwWcsOPybgHwQNIBd6CTgtQON+iNe6xA/b6nLw5/4ITalkTe43Kv3yVZbvo7X8x+
|
||||
c+eIyhYx1UZjbndagH26FXB+WJ22QsNgQrPAYdltn57eQ2m8u9LBCtQl00DLUbv4
|
||||
+1SDvVAlal3Es62m0u97tKx2FOoJBehMBc+Czle5/6hS6xKgKgArdKfUcfLch7Au
|
||||
FtOd2n+HpCCUskApEgH9s7pcMFmioL9V366x1sgTZoRE+qhs81255hjnK8oWQ6+E
|
||||
F+D3YHPKb8b9wDLMfvwXZLPQPyNpAuDczDBrbAZ7s2CvQ4icOYJLBGzQo0bHAHTs
|
||||
N6p/mTAfwLHrgKEDY+YLLqaogdZ0O7wL+jgrL6fuKqALuIJqO/6FBVXfyR5rvUGs
|
||||
8R9rdy39x0NkWdyt+I0kXf50cWVi/tSi47HGYJpc1JSjFOfLjpQihij+nWlMnaF4
|
||||
bpeJBUYx5FZlIou4a7+aRsPQC7P58tcMSFR7gKlomBacBQoVkf8iZ6ml0aWRTZnr
|
||||
s2XOGn7h6A4AoeLr1i4U8XkJGHatunhvhXJTPHk0QZvgfq92gQc3IdUAEQEAAYkE
|
||||
cgQYAQoAJgIbAhYhBNvNdXhGBps5LqlAHWZXvoqNHugHBQJfiXYPBQkFqY99AkDB
|
||||
dCAEGQEKAB0WIQRUCi2fioiGp7ze92x+F4aKnXyczwUCXaJNkgAKCRB+F4aKnXyc
|
||||
z0NXEAC6pfuLO111u22Qh83rlHlck+PPs1GDQAjwb7WqeS8Xdza582Mv74ElK+Vu
|
||||
L/ai/3ZL7QI8XTwTiQOweMD8kzvzYPqUN9JmW1bhgEGqQll22I8SVwioiEzoRft+
|
||||
zcCD9GNRU9vi1iQfbTFw2HKX7RF0G5K9HT4o5dcF+g2azJAzj+FQqJZbe8Y5k4GZ
|
||||
g81y8BBwyz6ngPkkdBw7LGC1fKJdT9XG9RYjtwfojt1pENMVHcvjNegitHCoSDEi
|
||||
qh/ZmbiyagcMt9fEZCtyOPp4qSf+C39PupjGeFwbmC5LYPAhrLlzvFXXG4HukOAz
|
||||
U6fnqF4PbUMji+1dedOSOjv/qGzDZ7pMFyfb3l8R6S8G6lhXBrN58FKWvZ/fHGUO
|
||||
93fkPm1ZlFUaynPE7XkNxNpOCU5421GdgZHAfAT+2InQbS7AZ+9ojTF57G6GdN+8
|
||||
SSknhIn+IyX4Wk7DsjfkfubPwytE0yO1H4SzyDO7DuE0SuZuHRItm912g+eq32QX
|
||||
xrIDWLPVf0qIGSSPcRu8j32NiN0MObmWzEJkotJfiv0ynbforoMwaWJ9E3YB91fO
|
||||
JeE8AFCQoTmbuRyfWAAuf0xyDkeB5dN3FqfpA/fnKAO2Y2V0kYQ/4BYBnhHBoUrw
|
||||
/f+ipD/xeGeTAfmfZI93xZCqeV2+u1qNTNR6C8lSy0tLkHVMVAkQZle+io0e6Afj
|
||||
AQ/+Lzh1018ILwq/IvV57GrjsYp2lBlcp2n/jZ5KlCVpVPsYjkGT+e2XYvcloPBK
|
||||
IXzkHr88/U4iyJGJeIC+a/pYJ6RpR6EzPb1kDB2i0kGbZinoxZwix0b4wvkMoSbT
|
||||
KDMkZYEIe0/v6CEU3mCbE9gnNWhPSF+XwXYxNyFNfMqaSqx4mjC6LAuFZA4AgqHB
|
||||
uGudBgeIQ+sP8zJTSHKtePgK1JgAMYPGUHgfJHE3tcMDxMgKr2x3PN1Z6/YH/ifZ
|
||||
wq1oUFPbB0LGZhkwrSDzgIya5FBoBfnawAwbh562LRuphHdqk+wBYigfFBztbmQx
|
||||
MqtA6pmH+k8vNUq6QY/CbZfvcpkRAAR1ib2QaZYXTlq7jqb+nLM9EbACxj9651SQ
|
||||
D7u4ShvPtxqFf+mv/4eHYx2akBIIUQYAf5OYGnE3E0kqiuK4qHKgt1NI5z1mSd9D
|
||||
duWIuoRbBUrApTKsHgwtMxNrNVioGIE1dTRuu56drhwY2ZPyzVtSb7q/hRU/a3UZ
|
||||
5S6EsrmDGIIlAHrgKfKfuerESE5VzN1Nn3QHpfjwX+gq51cosTqlRiu4oMesPk31
|
||||
ZmPcuG6H/m7nGagX9+l00sDsqISqMG4lZCJAFa020OS/g6V3q6LCqggky6+4sQTG
|
||||
5HB8jGba2tXMSQfBQEtDFve6agiRTw8z1V8s1gPCMmPhsLiJBGwEGAEKACACGwIW
|
||||
IQTbzXV4RgabOS6pQB1mV76KjR7oBwUCY1E8SAJAwXQgBBkBCgAdFiEEVAotn4qI
|
||||
hqe83vdsfheGip18nM8FAl2iTZIACgkQfheGip18nM9DVxAAuqX7iztddbttkIfN
|
||||
65R5XJPjz7NRg0AI8G+1qnkvF3c2ufNjL++BJSvlbi/2ov92S+0CPF08E4kDsHjA
|
||||
/JM782D6lDfSZltW4YBBqkJZdtiPElcIqIhM6EX7fs3Ag/RjUVPb4tYkH20xcNhy
|
||||
l+0RdBuSvR0+KOXXBfoNmsyQM4/hUKiWW3vGOZOBmYPNcvAQcMs+p4D5JHQcOyxg
|
||||
tXyiXU/VxvUWI7cH6I7daRDTFR3L4zXoIrRwqEgxIqof2Zm4smoHDLfXxGQrcjj6
|
||||
eKkn/gt/T7qYxnhcG5guS2DwIay5c7xV1xuB7pDgM1On56heD21DI4vtXXnTkjo7
|
||||
/6hsw2e6TBcn295fEekvBupYVwazefBSlr2f3xxlDvd35D5tWZRVGspzxO15DcTa
|
||||
TglOeNtRnYGRwHwE/tiJ0G0uwGfvaI0xeexuhnTfvEkpJ4SJ/iMl+FpOw7I35H7m
|
||||
z8MrRNMjtR+Es8gzuw7hNErmbh0SLZvddoPnqt9kF8ayA1iz1X9KiBkkj3EbvI99
|
||||
jYjdDDm5lsxCZKLSX4r9Mp236K6DMGlifRN2AfdXziXhPABQkKE5m7kcn1gALn9M
|
||||
cg5HgeXTdxan6QP35ygDtmNldJGEP+AWAZ4RwaFK8P3/oqQ/8XhnkwH5n2SPd8WQ
|
||||
qnldvrtajUzUegvJUstLS5B1TFQJEGZXvoqNHugHrtcP+waicH+WhpbvPoHJW//U
|
||||
c7IwcrsOpWNuh0gKV1+LvBV9dGzGZDlhwsncMeNzT8tnxDwhD1CiJ1uzO2H1m+yX
|
||||
CeljVnYFlP0sl9IT/AiV8NNiuaIpOc5RjRY1yvOZ017/J7Hyhnaw0iap1vNDNOwH
|
||||
t7tzB1PvM3p6an4Jh0AJZF5adReQTbi9Zw7MW2Yf0XHTT4rFX+Mn5gcuvsV9n39d
|
||||
6U3k5G6Hf1bSROsXNVwOwF6VbO8NvBm6ehgNyRcGsino/f82HRwvnQPhJgEakZ1h
|
||||
WWUUnakK14mRRMUns8CMNfFh+50ciK1Q8kAVgYLVA1H1NXM0+68YZMl5CiiaD3pM
|
||||
17flwcWUdkIu3uWAvc3hSCNw6i9F4Kx1yD/ZdiT0vBapa3ehUXIo5g79NcFl9xnQ
|
||||
fnYG+nnl2bLZSHP8b+LZsGivOEZuBHoR2ComeTqqJxeT8ZsEdtLcloaSaf2Em2xf
|
||||
b9OfhGOC7hKfS4HAlLFbEydWuZuA8EpTXd6eqINCFbOb9BjpKvSCCLs5S3s7T4WE
|
||||
FQB7yHXQQgB1EzYaJxFZstkiD8exu/hiWfwVLaho09QbtPmt2u1lvbxiSxtCdphi
|
||||
hoKc6wjhD8F9YM5xxitcF7iAV7oEDZ/1JVkvi/1gWFgW0UmEKuy2KN/Eb/mr41NJ
|
||||
bMauCCfjnCbAzoW6dhHpbO45uQINBF2iTdYBEADTC8saHpJxpU7ZBuuNFD+WZFBK
|
||||
I8F8ZZ4t79naVhGhCTvcqr5BCwlrpuaUc/og86AxUpVD5z92ClRZC2wJZOemmyAE
|
||||
OlSu8JDkhwsNRey5QmPN9G0ZIBifP2/LrPSqRE+gJnouzhmFbajQVKHRCYul5B+a
|
||||
vUS0HlUfu8p7dC0wMTv5jBWHN54XHK4Wnbm4Yea03Xv1HMQS/82MfLQgctheHqeg
|
||||
J8dNhzmrk8GqpOCi4QfSHHUvLCUBxWO4hFVjXKL8BfJbhhBjyTnTj0zGc+Iw+Glh
|
||||
am0+q2oFmhvLYrCxHvVIRE9iy96/+AyIACWOG8IOU2civ9Y/jY9SMmJEPQOmBfem
|
||||
OVwovQxdDGKvTcrVjZzAk/BeEAgg0VoYKpe9ePxK/6n8J09jOpvD+DktbAB7+bww
|
||||
2F3swdFqyTbLWL4bR4YuHLbqJQbsDm+58iAZWaL4ZOf+iABZqFKa3xhzrrbRHD00
|
||||
Qxr+9+3EdXGGs+UDLs9rLzVN4ryP7WHyEMDAI7/OAGTdsJet0JIIWKP3ZvWuRMe/
|
||||
AjcGQ/8+xzhN8w/kXdAvf4Vy6VVYTdJipg84CRz1KFQ5P/z92IMzPnbVFljydRX2
|
||||
k89ueN1fTMFVlCUI9AyIJeJ6Cx198JHf3eIGBgIZVpAcZG0DyeDU+xCgRZOOH2ug
|
||||
1bhjhmrQQMSkKtRn7QARAQABiQI8BBgBCgAmAhsMFiEE2811eEYGmzkuqUAdZle+
|
||||
io0e6AcFAl+Jdg8FCQWpjzkACgkQZle+io0e6Afw7A//ekxnx2ugVtb9pFMh1Cpq
|
||||
XZOtlIWc+PZ07DrtSXjCNnAzC5Cmj8nii7Eac1dqnDqBtXWpe3YI7cyrFnc9B8a6
|
||||
2xLNKwSTuMTpoNdkr/X7bU6HE7dm0DHt3dtFYoW4vjQxMdj3sp3GLpQ3fDzXw5If
|
||||
L1lCUKE4aopl6FQEcCjbh9qA8rRnHiKfgWSzh/B0c9BEh/ZwgBsN4FV+r0D7Y2zI
|
||||
KCFxwJwCZCHtm6MslB7tmZg+gho8RkkiAjM0oXA7zZHMjyhuQWzhkaW3oWjHDjoh
|
||||
h9DbLnVDzrMsULfdGz/1Plhz4bzkxpND6hmjn/EAxLGhpQoXd8FSvrghpetLM3MU
|
||||
LG4M5REFVBt7U1uEBn8y91yuWx77ho9N1W+OdNOWOOlAlD+GZBGA7MNR65+W5Dzj
|
||||
/z3PEs9TELfp8NVN0F2xy8S2/HwfNgeqAzGpBz4GsO9x8WMG2lw7MAW+gVU3POkZ
|
||||
l0R9fkrTmw4iafodehKnbEsqdebUjPNBkX9SmjSsXDAODe/4u4/TP89nylk+70wB
|
||||
nXIPL4WR9DA0Pb0ZmLLkGbaDYnmVV58kPyCwID4Yi6Xcj330FdAaVinevAvJBIaD
|
||||
D9A94elI/PGTrmqcjgr7Kwb0e0kDlYfi/ijI4dV4MVrzybqFOCaMeKIPOfxs9FIv
|
||||
BETmMh4Ocqj6rAQZs+ofBe6JAjYEGAEKACACGwwWIQTbzXV4RgabOS6pQB1mV76K
|
||||
jR7oBwUCY1E8SAAKCRBmV76KjR7oBwM+D/0evufvIWftzdge63hol1k4LdZSiSD9
|
||||
bh+h8fb/Mm+2HIS8RweHr1+CS8CW/Om9MJoW0ZDsCmC0vU44/vLL3JzbP4+BDuVF
|
||||
dky1XX/9Z73Fn/LpakITyXd6YJMsknzAA4ZEzhe4uModNSH5IU818I+/Vyvbe1nX
|
||||
Hfg2FYva4zVn9E5Gd4vpHBF7D99dGg0vUINtux06WKfdsDB59MiZxCSWfqty+yTM
|
||||
XWwh5fuFIxwjlkKVdrb45101MnUtzJDmxwPxjOpF+z2tJ0qIvs6Zu6FDEh7fcaJM
|
||||
mKAPtVXKRxTYaS6j7fpNk5ACFgiHDb+0mI60fH0eiQSqp9Q7cyYbt1yiW2bKY4Pg
|
||||
qDOtcLT+uIYYVmxBHTLx38gT3Gp83O7WqNZ9ouctIXAXHWwTNsKzMhwgaEmmPbkP
|
||||
7VO8oZZ9hVphirmijgNO1Oz7Qqh5ORYwsGdvYtbPXD4ZUSpqFT5bTMHS5TKPHf70
|
||||
5alkwYuwYfLs4m2zYsKadQ+vq12ZX7Z6+DbjfzWAEhzqLP2Y8yGnFSBSmULsALnj
|
||||
Zg3RN5sxJe3fhTze09Fm8OTopTLoDH5fR91VPhRLGHahvV1Sm/H4ZdtAXTPsHP20
|
||||
phAc8mK2DgEM0k7vDO5RtV4xTLjBopiciXIBL+TzCKGmDRX2+9nTyF3Kx9qjN52H
|
||||
EFFJ1mTed/J7VrkCDQRdok4KARAAyG97rjKhP8Uie1i/16SekDo+GkpodBmvhrZi
|
||||
Zdwg75YxriHhgioe2AKKmQItOdZOY+mVqMA63FmByDlPodHmQnrIAn/gr7p5V3lM
|
||||
+l0oVTI8maPO39iT7Nh6W/rv4ni8eMBkL6P2cPPaTpcv76qWl/WcMiEflPNSAFax
|
||||
yIapq04rafthcIILWmOBbQ+liMn9YT7a6w3nF/Ig4Zxx7hoQE6/HrTC8HcENpCAc
|
||||
eQQYAqIrlu8F5y1AQVWHjtyCPee1z/8lPNnPg40lSbXozg5kQDP965Pge6XReUoU
|
||||
VVRcgeiSUfkHdYPIkh/tkFy1MtzTNizebuadqE41Ds6BD1maO5cpGc5iFnf+YY01
|
||||
vWIhwvgPMbAsUKrPOw/RyvYSwOrnWeghpKuIRv+sBcDY0jJ799CHB2c8eiAYoTRm
|
||||
64rKyYS8RIilqTCmIHnpoSIq3n1wOlMVX4sB4N4CfAZRAbI9LZfx1QEYn0dst9+m
|
||||
CDRJ/ALBxocKz0wRTpwU5nwP1Zz9TZVh81wn1Ypj+mFb3aBggpwMLxbifmbsZmd1
|
||||
MwW9k3p2WTs8M1dLFM2ZNA9QmkgRSVFN6GTTpAyDOs+ZSGYM7MisG9/EvFbNx2BP
|
||||
g6qZH7JeMnlOZXXOg8K5VcLkiGuL1brOHlg94Axha8ffMmqjsde6XOAgvSl5P9k4
|
||||
7SWOcZkAEQEAAYkCPAQYAQoAJgIbIBYhBNvNdXhGBps5LqlAHWZXvoqNHugHBQJf
|
||||
iXYPBQkFqY8FAAoJEGZXvoqNHugHuLUP+gJ01mSEs3+0jriWqg7V+Q59rulMVrUd
|
||||
V2mjBtzz3gvF9PLiEnVEl7EgGdLpVIr/Wr9QIiUnS1NNrDz8oeDf54Q+OXtQOicz
|
||||
GClK+yWSm/CM02+HATFws66umAl4GQ4XqAJwdSDDKIHCP1/0VqXNQUOWW0GCCGCA
|
||||
dn55u4pf+B1rmkA3cWhN51SvAriA/YcGqmyJZgXO+qZOPWNHxNUdgq9lVEO132dh
|
||||
DzH1b9ufnvQMDxF2V681fQ7E3zWEJZZbYLRB4jrSz8oxipGRGKgDLiR7lyQ/xRU1
|
||||
61jSawblBTcIRXK9c4hv178xQWAInMjtHst4YCpvclG26ypZLCzvw6swfnXf3A6Q
|
||||
4A8pZQVvogWZ01dlgofwHm8qlYxT7wSqeicOu3FkSHD8vNwkXnMLqxwkFr4BcSef
|
||||
zCiXulyMcb3h67ZfXAYAFGrrR581vGEtXy+xfXK5PqBX7CWEl3Vs2an9whEncZuv
|
||||
1I9iyXDUmGP7Y373JjqNtpS2GMMPA73knB7eI/zpVS5qoxUlqw35Pldvt+L4E3hv
|
||||
rvE7iZE3w4lB9WUyY1OnSRDU10l2rqWtPtyk3LE2ed5hz5I+gy8/RsXrAooMBXIG
|
||||
V/GJrhye45wf5F/XQqPulnj38sKhmrQCQTubPgJwG/kTpNdrA3YukE3E7T5ejaGT
|
||||
T2n5nKat6bj7iQI2BBgBCgAgAhsgFiEE2811eEYGmzkuqUAdZle+io0e6AcFAmNR
|
||||
PEgACgkQZle+io0e6AfQpg/+K0gD0WVyXYLOEM6jCvtz5/f9nDQnqj90ck9VfpuN
|
||||
QG+cMSK/u3T4ya0k3UDWxEyRih0BzChOlmwnaupBwN7ZbYAzxM0sglwseSdAPpCE
|
||||
s63RTnaAxpSWFocsUxtJngSoPnnmD1fVbWL3/j9j6jZkT4NB/l2ekDngMyRqt104
|
||||
BmabaLdz44X1VDgg0tXyACkZ8c/8ISBOoPSFg2n9FuCmhI9Atu6hjCFQZOA/youA
|
||||
fXzeUxU3iFw5UhyNP084jZ9AK2xwp+rB3JzvzMdiqO3OBFemuiU4/ZKQKFg5a/n4
|
||||
UAZtO8V2DGe76o1N9uFUvQ41RSAXolPUOTXiZvP4GfiGIhJUXV96QaPHhKWybKlr
|
||||
4MWG5PpwfuWnGoP8vXtLmz2TDRUfEBOQBzYRBRvXmzekq8nFQCM7dGofLLEchMRv
|
||||
lYHab2fquGmXiY3LfzyQX+vS3FO9/m2POJcdXcQvSq4MXIzOEzXnJKw5HemfZ3ae
|
||||
/AlTTfE4og/AYLwacECY6CZqUFOYtQeVx9hSXV97XnoKotde66D4RyFgzFbsIBM/
|
||||
bA5qyvdpKb60hqjpj/rhXjlnhH8KwAwOlaPVgI1cgnW8uJTElJEtqHPhuRkU6y9f
|
||||
au4EZ+tsmaxJ0whuziG1/3LJ62AIM9ZpixDEj4GQYaRdkFrx/1IKiUOlw5GQC3y2
|
||||
zxs=
|
||||
=MmP2
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
@ -2,7 +2,7 @@
|
||||
# tinc generate-keys
|
||||
# ssh-keygen -f ssh.id_ed25519 -t ed25519 -C host
|
||||
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
{ config, ... }: let
|
||||
|
||||
hostDefaults = hostName: host: foldl' recursiveUpdate {} [
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user