Merge remote-tracking branch 'lass/master'
This commit is contained in:
commit
739fad41da
@ -22,13 +22,11 @@ in {
|
||||
tv
|
||||
];
|
||||
in {
|
||||
"anmeldung@eloop.org" = eloop-ml;
|
||||
"brain@krebsco.de" = brain-ml;
|
||||
"cfp2019@eloop.org" = eloop-ml;
|
||||
"eloop2019@krebsco.de" = eloop-ml;
|
||||
"kontakt@eloop.org" = eloop-ml;
|
||||
"root@eloop.org" = eloop-ml;
|
||||
"youtube@eloop.org" = eloop-ml;
|
||||
"eloop2022@krebsco.de" = eloop-ml;
|
||||
"root@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
|
||||
"spam@eloop.org" = eloop-ml;
|
||||
"youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
|
||||
"postmaster@krebsco.de" = spam-ml; # RFC 822
|
||||
"lass@krebsco.de" = lass;
|
||||
"makefu@krebsco.de" = makefu;
|
||||
|
@ -71,12 +71,12 @@ let
|
||||
${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \
|
||||
| ${pkgs.coreutils}/bin/tail +2 \
|
||||
| ${pkgs.miller}/bin/mlr --icsv --opprint cat \
|
||||
| ${pkgs.gnused}/bin/sed 's/^/the_/'
|
||||
| ${pkgs.gnused}/bin/sed 's/^\(.\)/\1/'
|
||||
'';
|
||||
};
|
||||
}
|
||||
{
|
||||
pattern = ''^([\H-]*):?\s+([+-][1-9][0-9]*)\s+(\S+)$'';
|
||||
pattern = ''^([\H-]*?):?\s+([+-][1-9][0-9]*)\s+(\S+)$'';
|
||||
activate = "match";
|
||||
arguments = [1 2 3];
|
||||
command = {
|
||||
|
@ -102,6 +102,7 @@ let
|
||||
|
||||
imp = lib.mkMerge [
|
||||
{ krebs = import ./external { inherit config; }; }
|
||||
{ krebs = import ./external/dbalan.nix { inherit config; }; }
|
||||
{ krebs = import ./external/kmein.nix { inherit config; }; }
|
||||
{ krebs = import ./external/mic92.nix { inherit config; }; }
|
||||
{ krebs = import ./external/palo.nix { inherit config; }; }
|
||||
|
50
krebs/3modules/external/dbalan.nix
vendored
Normal file
50
krebs/3modules/external/dbalan.nix
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
with import <stockholm/lib>;
|
||||
{ config, ... }:
|
||||
let
|
||||
hostDefaults = hostName: host: flip recursiveUpdate host ({
|
||||
ci = false;
|
||||
external = true;
|
||||
monitoring = false;
|
||||
owner = config.krebs.users.dbalan;
|
||||
} // optionalAttrs (host.nets?retiolum) {
|
||||
nets.retiolum = {
|
||||
ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
|
||||
};
|
||||
} // optionalAttrs (host.nets?wiregrill) {
|
||||
nets.wiregrill = {
|
||||
ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
|
||||
};
|
||||
});
|
||||
in
|
||||
{
|
||||
users = rec {
|
||||
dbalan = {
|
||||
mail = "dbalan@thaum.space";
|
||||
pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
|
||||
};
|
||||
};
|
||||
hosts = mapAttrs hostDefaults {
|
||||
v60 = {
|
||||
nets.retiolum = {
|
||||
aliases = [ "v60.dbalan.r" ];
|
||||
ip4.addr = "10.243.42.12";
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
|
||||
RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
|
||||
1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
|
||||
uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
|
||||
p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
|
||||
bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
|
||||
I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
|
||||
mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
|
||||
OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
|
||||
AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
|
||||
9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
21
krebs/3modules/external/mic92.nix
vendored
21
krebs/3modules/external/mic92.nix
vendored
@ -681,27 +681,6 @@ in {
|
||||
};
|
||||
};
|
||||
};
|
||||
jarvis = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
internet.addrs = [ "jarvis.thalheim.io" ];
|
||||
retiolum = {
|
||||
via = internet;
|
||||
aliases = [ "jarvis.r" ];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA7PtJlYBpBr2TK5CAvAukkGvj+esC+sMPKd3mO9iDwdViBrqKdf+D
|
||||
yEy8SI80Y02dpkL97NjvnzepKpyGQWpG1ZQflJLhCTj7oFyVpWd4XsbIuzYp5ES6
|
||||
r8qKWs2xcItc1pbW0ZmrCBzdWsC1B0VAHlYkiz+7vM6pCTvg6hNQugP4c1TRCtJC
|
||||
Sr+n+EjTXN/NTaKl+f7eoHJGnT5liDO3/xZVxm8AuLnron1xPPDghXClVHfDj5mt
|
||||
f66f+CLwZhq3BrZuptwXp7TerMfrNtPyTx96b+EyuLPjrYxKeKL/+Nbr3VmmiDIV
|
||||
tsraNc+0a8OBpVsYh4MQLp55NYwqxAoetQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
tinc.pubkey_ed25519 = "RRkMnGSg+nMkz4L2iqmdFf2fIf4wIfcTM0TlTWLLNCE";
|
||||
};
|
||||
};
|
||||
};
|
||||
bernie = {
|
||||
owner = config.krebs.users.mic92;
|
||||
nets = rec {
|
||||
|
@ -57,6 +57,7 @@
|
||||
"20.201.28.151"
|
||||
"20.205.243.166"
|
||||
"102.133.202.242"
|
||||
"20.248.137.48"
|
||||
"18.181.13.223"
|
||||
"54.238.117.237"
|
||||
"54.168.17.15"
|
||||
@ -70,6 +71,7 @@
|
||||
"20.201.28.152"
|
||||
"20.205.243.160"
|
||||
"102.133.202.246"
|
||||
"20.248.137.50"
|
||||
];
|
||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
|
||||
};
|
||||
|
@ -34,7 +34,7 @@ with import <stockholm/lib>;
|
||||
'')
|
||||
(filter (proto: entry.${proto} != null) ["tcp" "udp"])}
|
||||
'') (attrValues config.krebs.iana-etc.services)}
|
||||
cat ${pkgs.iana_etc}/etc/services
|
||||
cat ${pkgs.iana-etc}/etc/services
|
||||
} |
|
||||
sort -b -k 2,2 -u > $out
|
||||
'');
|
||||
|
@ -1,18 +1,18 @@
|
||||
{ mkDerivation, aeson, async, attoparsec, base, blessings
|
||||
, bytestring, containers, data-default, fetchgit, filepath
|
||||
, hashable, lens, lens-aeson, network, network-simple
|
||||
, network-simple-tls, network-uri, pcre-light, process, random
|
||||
, servant-server, lib, string-conversions, stringsearch, text
|
||||
, time, transformers, unagi-chan, unix, unordered-containers
|
||||
, vector, wai, warp
|
||||
, bytestring, containers, data-default, filepath, hashable, lens
|
||||
, lens-aeson, lib, network, network-simple, network-simple-tls
|
||||
, network-uri, pcre-light, process, random, servant-server
|
||||
, string-conversions, stringsearch, text, time, transformers
|
||||
, unagi-chan, unix, unordered-containers, vector, wai, warp
|
||||
, fetchgit
|
||||
}:
|
||||
mkDerivation rec {
|
||||
mkDerivation {
|
||||
pname = "reaktor2";
|
||||
version = "0.4.0a";
|
||||
version = "0.4.2";
|
||||
src = fetchgit {
|
||||
url = "https://cgit.lassul.us/reaktor2";
|
||||
sha256 = "sha256-x1i2TWcycYVFij6832xaBiQa1RQ1VmSfu5Qt1QrUtds=";
|
||||
rev = "6d3eb6de5e770ee26874bb7449934f0c55bd1efa";
|
||||
url = "https://cgit.krebsco.de/reaktor2";
|
||||
hash = "sha256-JPQyy0hDSH5JqQGjwoO5BNsD4qk+GKP1VH+j4/2cqes";
|
||||
rev = "53a11f421fb18e8687fa06e5511cea8bd9defc36";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
isLibrary = false;
|
||||
|
@ -10,20 +10,17 @@ self: super: {
|
||||
});
|
||||
|
||||
flameshot = super.flameshot.overrideAttrs (old: rec {
|
||||
patches = old.patches or [] ++ {
|
||||
"0.6.0" = [
|
||||
./flameshot/flameshot_imgur_0.6.0.patch
|
||||
];
|
||||
"0.9.0" = [
|
||||
./flameshot/flameshot_imgur_0.9.0.patch
|
||||
];
|
||||
"0.10.1" = [
|
||||
./flameshot/flameshot_imgur_0.9.0.patch
|
||||
];
|
||||
"0.10.2" = [
|
||||
./flameshot/flameshot_imgur_0.9.0.patch
|
||||
];
|
||||
}.${old.version} or [];
|
||||
name = "flameshot-${version}";
|
||||
version = "0.10.2";
|
||||
src = self.fetchFromGitHub {
|
||||
owner = "flameshot-org";
|
||||
repo = "flameshot";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-rZUiaS32C77tFJmEkw/9MGbVTVscb6LOCyWaWO5FyR4=";
|
||||
};
|
||||
patches = old.patches or [] ++ [
|
||||
./flameshot/flameshot_imgur_0.10.2.patch
|
||||
];
|
||||
});
|
||||
|
||||
# https://github.com/proot-me/PRoot/issues/106
|
||||
|
@ -1,34 +0,0 @@
|
||||
--- a/src/tools/imgur/imguruploader.cpp
|
||||
+++ b/src/tools/imgur/imguruploader.cpp
|
||||
@@ -40,6 +40,7 @@
|
||||
#include <QTimer>
|
||||
#include <QJsonDocument>
|
||||
#include <QJsonObject>
|
||||
+#include <stdlib.h>
|
||||
|
||||
ImgurUploader::ImgurUploader(const QPixmap &capture, QWidget *parent) :
|
||||
QWidget(parent), m_pixmap(capture)
|
||||
@@ -74,7 +75,10 @@ void ImgurUploader::handleReply(QNetworkReply *reply) {
|
||||
QJsonObject json = response.object();
|
||||
QJsonObject data = json["data"].toObject();
|
||||
m_imageURL.setUrl(data["link"].toString());
|
||||
- m_deleteImageURL.setUrl(QString("https://imgur.com/delete/%1").arg(
|
||||
+ char *deleteImageURLPattern = secure_getenv("IMGUR_DELETE_URL");
|
||||
+ if (deleteImageURLPattern == NULL)
|
||||
+ deleteImageURLPattern = "https://imgur.com/delete/%1";
|
||||
+ m_deleteImageURL.setUrl(QString(deleteImageURLPattern).arg(
|
||||
data["deletehash"].toString()));
|
||||
onUploadOk();
|
||||
} else {
|
||||
@@ -105,7 +109,10 @@ void ImgurUploader::upload() {
|
||||
QString description = FileNameHandler().parsedPattern();
|
||||
urlQuery.addQueryItem("description", description);
|
||||
|
||||
- QUrl url("https://api.imgur.com/3/image");
|
||||
+ char *createImageURLPattern = secure_getenv("IMGUR_CREATE_URL");
|
||||
+ if (createImageURLPattern == NULL)
|
||||
+ createImageURLPattern = "https://api.imgur.com/3/image";
|
||||
+ QUrl url(createImageURLPattern);
|
||||
url.setQuery(urlQuery);
|
||||
QNetworkRequest request(url);
|
||||
request.setHeader(QNetworkRequest::ContentTypeHeader,
|
@ -1,6 +1,7 @@
|
||||
{ python, writeScriptBin, ... }:
|
||||
{ python3, writeScriptBin, ... }:
|
||||
|
||||
let
|
||||
python = python3;
|
||||
pythonEnv = python.withPackages (ps: [ ps.netaddr ]);
|
||||
in
|
||||
writeScriptBin "cidr2glob" ''
|
||||
@ -25,6 +26,6 @@ in
|
||||
if __name__ == "__main__":
|
||||
for cidr in sys.stdin:
|
||||
for glob in cidr2glob(cidr):
|
||||
print glob
|
||||
print(glob)
|
||||
|
||||
''
|
||||
|
28
krebs/5pkgs/simple/veroroute.nix
Normal file
28
krebs/5pkgs/simple/veroroute.nix
Normal file
@ -0,0 +1,28 @@
|
||||
{ pkgs }:
|
||||
|
||||
pkgs.stdenv.mkDerivation rec {
|
||||
pname = "veroroute";
|
||||
version = "2.28";
|
||||
|
||||
src = pkgs.fetchurl {
|
||||
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
|
||||
sha256 = "04dig0g4v1rz50mjj1k6jk99rqbg24hdx8kzrlwv0dlxm567lvc7";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
pkgs.qt5.qtbase
|
||||
];
|
||||
nativeBuildInputs = [
|
||||
pkgs.qt5.wrapQtAppsHook
|
||||
];
|
||||
|
||||
buildPhase = ''
|
||||
qmake Src/veroroute.pro
|
||||
make
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
sed -i 's;/usr;;g' veroroute-install.sh
|
||||
pkgdir=$out bash ./veroroute-install.sh
|
||||
'';
|
||||
}
|
@ -1,9 +1,9 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs",
|
||||
"rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060",
|
||||
"date": "2022-05-24T17:55:48+02:00",
|
||||
"path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs",
|
||||
"sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3",
|
||||
"rev": "e4d49de45a3b5dbcb881656b4e3986e666141ea9",
|
||||
"date": "2022-07-18T18:21:45+02:00",
|
||||
"path": "/nix/store/665hb1ysmaadwh4axp7f9inhczq08xay-nixpkgs",
|
||||
"sha256": "0y0c9ybkcfmjgrl93wzzlk7ii95kh2fb4v5ac5w6rmcsq2ff3yaz",
|
||||
"fetchLFS": false,
|
||||
"fetchSubmodules": false,
|
||||
"deepClone": false,
|
||||
|
@ -1,9 +1,9 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs",
|
||||
"rev": "8b538fcb329a7bc3d153962f17c509ee49166973",
|
||||
"date": "2022-06-15T15:30:32+08:00",
|
||||
"path": "/nix/store/7r9xwvy1qc2m88cpx8sz494ad08whgqg-nixpkgs",
|
||||
"sha256": "08797zlq57i8bi8f89j38ymi8nwp5hp0vh62162k526qf6v3paqz",
|
||||
"rev": "e732e1fdbf79bec59f7ade4a3675b091b4a9f6d6",
|
||||
"date": "2022-07-19T15:32:15+02:00",
|
||||
"path": "/nix/store/4dcxnk4xplx79xrwxg2m6pqh8b5k6ya0-nixpkgs",
|
||||
"sha256": "1j73j17g852zfc75b7ll4avp30pnyvm37pgm66cz844phkv5ywfg",
|
||||
"fetchLFS": false,
|
||||
"fetchSubmodules": false,
|
||||
"deepClone": false,
|
||||
|
@ -10,8 +10,7 @@
|
||||
${write_to_irc} "$(echo "$INPUT" | jq -r '
|
||||
"\(.action): " +
|
||||
"[\(.issue.title // .pull_request.title)] " +
|
||||
"\(.comment.html_url // .issue.html_url // .pull_request.html_url) " +
|
||||
"by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
|
||||
"\(.comment.html_url // .issue.html_url // .pull_request.html_url) "
|
||||
')"
|
||||
fi
|
||||
'';
|
||||
@ -58,16 +57,16 @@ in {
|
||||
case "$Method $Request_URI" in
|
||||
"POST /")
|
||||
payload=$(head -c "$req_content_length")
|
||||
echo "$payload" >&2
|
||||
raw=$(printf '%s' "$payload" | ${pkgs.curl}/bin/curl --data-binary @- http://p.krebsco.de | tail -1)
|
||||
payload2=$payload
|
||||
payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r')
|
||||
payload2=$(printf '%s' "$payload" | tr '\n' ' ' | tr -d '\r')
|
||||
if [ "$payload" != "$payload2" ]; then
|
||||
echo "payload has been mangled" >&2
|
||||
else
|
||||
echo "payload not mangled" >&2
|
||||
fi
|
||||
echo "$payload2" > /tmp/last_fysi_payload
|
||||
echo "$payload2" | ${format-github-message}/bin/format-github-message
|
||||
${write_to_irc} "$raw"
|
||||
printf 'HTTP/1.1 200 OK\r\n'
|
||||
printf 'Connection: close\r\n'
|
||||
printf '\r\n'
|
||||
|
@ -168,7 +168,7 @@ in {
|
||||
output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source)
|
||||
output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 96), source)
|
||||
|
||||
extra_input = audio_to_stereo(input.harbor("live", port=1338))
|
||||
extra_input = amplify(1.4, audio_to_stereo(input.harbor("live", port=1338)))
|
||||
|
||||
o = smooth_add(normal = source, special = extra_input)
|
||||
output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o)
|
||||
|
@ -25,9 +25,9 @@ for ip in fileinput.input():
|
||||
output.append(
|
||||
f'Weather report for {location.city.name}, {location.country.name}. '
|
||||
f'Currently it is {weather["current"]["weather"][0]["description"]} outside '
|
||||
f'with a temperature of {weather["current"]["temp"]} degrees, '
|
||||
f'and a wind speed of {weather["current"]["wind_speed"]} meters per second. '
|
||||
f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100} percent. '
|
||||
f'with a temperature of {weather["current"]["temp"]:.1f} degrees, '
|
||||
f'and a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second. '
|
||||
f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. '
|
||||
)
|
||||
|
||||
print('\n'.join(output))
|
||||
|
@ -104,7 +104,7 @@ in {
|
||||
services.nextcloud = {
|
||||
enable = true;
|
||||
hostName = "o.xanf.org";
|
||||
package = pkgs.nextcloud23;
|
||||
package = pkgs.nextcloud24;
|
||||
config = {
|
||||
adminpassFile = "/run/nextcloud.pw";
|
||||
overwriteProtocol = "https";
|
||||
|
@ -2,6 +2,7 @@ _:
|
||||
{
|
||||
imports = [
|
||||
./dnsmasq.nix
|
||||
./drbd.nix
|
||||
./folderPerms.nix
|
||||
./hosts.nix
|
||||
./klem.nix
|
||||
|
118
lass/3modules/drbd.nix
Normal file
118
lass/3modules/drbd.nix
Normal file
@ -0,0 +1,118 @@
|
||||
{ config, lib, pkgs, ... }: let
|
||||
cfg = config.lass.drbd;
|
||||
slib = import <stockholm/lib>;
|
||||
in {
|
||||
options = {
|
||||
lass.drbd = lib.mkOption {
|
||||
default = {};
|
||||
type = lib.types.attrsOf (lib.types.submodule ({ config, ... }: {
|
||||
options = {
|
||||
name = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = config._module.args.name;
|
||||
};
|
||||
blockMinor = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = lib.mod (slib.genid config.name) 16000; # TODO get max_id fron drbd
|
||||
};
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 20000 + config.blockMinor;
|
||||
};
|
||||
peers = lib.mkOption {
|
||||
type = lib.types.listOf slib.types.host;
|
||||
};
|
||||
disk = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/dev/loop${toString config.blockMinor}";
|
||||
};
|
||||
drbdConfig = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
internal = true;
|
||||
default = pkgs.writeText "drbd-${config.name}.conf" ''
|
||||
resource ${config.name} {
|
||||
net {
|
||||
protocol a;
|
||||
ping-int 10;
|
||||
}
|
||||
device minor ${toString config.blockMinor};
|
||||
disk ${config.disk};
|
||||
meta-disk internal;
|
||||
${slib.indent (lib.concatStrings (lib.imap1 (i: peer: /* shell */ ''
|
||||
on ${peer.name} {
|
||||
address ${peer.nets.retiolum.ip4.addr}:${toString config.port};
|
||||
node-id ${toString i};
|
||||
}
|
||||
'') config.peers))}
|
||||
connection-mesh {
|
||||
hosts ${lib.concatMapStringsSep " " (peer: peer.name) config.peers};
|
||||
}
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
}));
|
||||
};
|
||||
};
|
||||
config = lib.mkIf (cfg != {}) {
|
||||
boot.extraModulePackages = [
|
||||
(pkgs.linuxPackages.callPackage ../5pkgs/drbd9/default.nix {})
|
||||
];
|
||||
boot.extraModprobeConfig = ''
|
||||
options drbd usermode_helper=/run/current-system/sw/bin/drbdadm
|
||||
'';
|
||||
services.udev.packages = [ pkgs.drbd ];
|
||||
boot.kernelModules = [ "drbd" ];
|
||||
|
||||
environment.systemPackages = [ pkgs.drbd ];
|
||||
|
||||
|
||||
networking.firewall.allowedTCPPorts = map (device: device.port) (lib.attrValues cfg);
|
||||
systemd.services = lib.mapAttrs' (_: device:
|
||||
lib.nameValuePair "drbd-${device.name}" {
|
||||
after = [ "systemd-udev.settle.service" "network.target" ];
|
||||
wants = [ "systemd-udev.settle.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
RemainAfterExit = true;
|
||||
ExecStart = pkgs.writers.writeDash "start-drbd-${device.name}" ''
|
||||
set -efux
|
||||
mkdir -p /var/lib/sync-containers2
|
||||
${lib.optionalString (device.disk == "/dev/loop${toString device.blockMinor}") ''
|
||||
if ! test -e /var/lib/sync-containers2/${device.name}.disk; then
|
||||
truncate -s 10G /var/lib/sync-containers2/${device.name}.disk
|
||||
fi
|
||||
if ! ${pkgs.util-linux}/bin/losetup /dev/loop${toString device.blockMinor}; then
|
||||
${pkgs.util-linux}/bin/losetup /dev/loop${toString device.blockMinor} /var/lib/sync-containers2/${device.name}.disk
|
||||
fi
|
||||
''}
|
||||
if ! ${pkgs.drbd}/bin/drbdadm adjust ${device.name}; then
|
||||
${pkgs.drbd}/bin/drbdadm down ${device.name}
|
||||
${pkgs.drbd}/bin/drbdadm create-md ${device.name}
|
||||
${pkgs.drbd}/bin/drbdadm up ${device.name}
|
||||
fi
|
||||
'';
|
||||
ExecStop = pkgs.writers.writeDash "stop-drbd-${device.name}" ''
|
||||
set -efux
|
||||
${pkgs.drbd}/bin/drbdadm -c ${device.drbdConfig} down ${device.name}
|
||||
${lib.optionalString (device.disk == "/dev/loop${toString device.blockMinor}") ''
|
||||
${pkgs.util-linux}/bin/losetup -d /dev/loop${toString device.blockMinor}
|
||||
''}
|
||||
'';
|
||||
};
|
||||
}
|
||||
) cfg;
|
||||
|
||||
|
||||
environment.etc."drbd.conf".text = ''
|
||||
global {
|
||||
usage-count yes;
|
||||
}
|
||||
|
||||
${lib.concatMapStrings (device: /* shell */ ''
|
||||
include ${device.drbdConfig};
|
||||
'') (lib.attrValues cfg)}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
@ -1,24 +1,24 @@
|
||||
with import <stockholm/lib>;
|
||||
self: super: let
|
||||
lib = super.lib;
|
||||
|
||||
# This callPackage will try to detect obsolete overrides.
|
||||
callPackage = path: args: let
|
||||
override = super.callPackage path args;
|
||||
upstream = optionalAttrs (override ? "name")
|
||||
(super.${(parseDrvName override.name).name} or {});
|
||||
upstream = lib.optionalAttrs (override ? "name")
|
||||
(super.${(builtins.parseDrvName override.name).name} or {});
|
||||
in if upstream ? "name" &&
|
||||
override ? "name" &&
|
||||
compareVersions upstream.name override.name != -1
|
||||
builtins.compareVersions upstream.name override.name != -1
|
||||
then
|
||||
trace
|
||||
builtins.trace
|
||||
"Upstream `${upstream.name}' gets overridden by `${override.name}'."
|
||||
override
|
||||
else override;
|
||||
|
||||
subdirsOf = path:
|
||||
mapAttrs (name: _: path + "/${name}")
|
||||
(filterAttrs (_: eq "directory") (readDir path));
|
||||
lib.mapAttrs (name: _: path + "/${name}")
|
||||
(lib.filterAttrs (_: x: x == "directory") (builtins.readDir path));
|
||||
|
||||
in mapAttrs (_: flip callPackage {})
|
||||
(filterAttrs (_: dir: pathExists (dir + "/default.nix"))
|
||||
in lib.mapAttrs (_: lib.flip callPackage {})
|
||||
(lib.filterAttrs (_: dir: lib.pathExists (dir + "/default.nix"))
|
||||
(subdirsOf ./.))
|
||||
|
@ -37,18 +37,22 @@
|
||||
|
||||
in {
|
||||
|
||||
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" {
|
||||
deploy = { target ? "root@${name}/var/src", offline ? false }: pkgs.krops.writeCommand "deploy" {
|
||||
command = targetPath: ''
|
||||
|
||||
set -fu
|
||||
set -xfu
|
||||
|
||||
outDir=$(mktemp -d)
|
||||
trap "rm -rf $outDir;" INT TERM EXIT
|
||||
|
||||
nix build \
|
||||
build=$(command -v nom-build || echo "nix-build")
|
||||
|
||||
$build \
|
||||
-I "${targetPath}" \
|
||||
-f '<nixpkgs/nixos>' config.system.build.toplevel \
|
||||
-o "$outDir/out"
|
||||
'<nixpkgs/nixos>' -A config.system.build.toplevel \
|
||||
-o "$outDir/out" \
|
||||
${lib.optionalString offline "--option substitute false"} \
|
||||
# -vvvvv --show-trace
|
||||
|
||||
nix-env -p /nix/var/nix/profiles/system --set "$outDir/out"
|
||||
|
||||
|
@ -1 +1 @@
|
||||
Subproject commit 89e5e67659bbbf0da53cc2cc5dea644b9a2301f6
|
||||
Subproject commit 3aa04be96f19cc5f4866b2b36a351f88f6667bd2
|
@ -15,11 +15,11 @@ with import <stockholm/lib>;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
firefoxWrapper
|
||||
networkmanagerapplet
|
||||
(pkgs.pidgin-with-plugins.override {
|
||||
plugins = [ pkgs.pidginotr ];
|
||||
environment.systemPackages = [
|
||||
pkgs.firefox
|
||||
pkgs.networkmanagerapplet
|
||||
(pkgs.pidgin.override {
|
||||
plugins = [ pkgs.pidgin-otr ];
|
||||
})
|
||||
];
|
||||
|
||||
|
@ -56,26 +56,26 @@ with import <stockholm/lib>;
|
||||
${pkgs.kmod}/bin/modprobe -v iwlwifi
|
||||
'';
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
chromium
|
||||
firefoxWrapper
|
||||
gimp
|
||||
iptables
|
||||
libreoffice
|
||||
plasma-pa
|
||||
(pkgs.pidgin-with-plugins.override {
|
||||
plugins = [ pkgs.pidginotr ];
|
||||
environment.systemPackages = [
|
||||
pkgs.chromium
|
||||
pkgs.firefox
|
||||
pkgs.gimp
|
||||
pkgs.iptables
|
||||
pkgs.libreoffice
|
||||
pkgs.plasma-pa
|
||||
(pkgs.pidgin.override {
|
||||
plugins = [ pkgs.pidgin-otr ];
|
||||
})
|
||||
skype
|
||||
slock
|
||||
tinc_pre
|
||||
vim
|
||||
xsane
|
||||
pkgs.skypeforlinux
|
||||
pkgs.slock
|
||||
pkgs.tinc_pre
|
||||
pkgs.vim
|
||||
pkgs.xsane
|
||||
|
||||
#foomatic_filters
|
||||
#gutenprint
|
||||
#cups_pdf_filter
|
||||
#ghostscript
|
||||
#pkgs.foomatic_filters
|
||||
#pkgs.gutenprint
|
||||
#pkgs.cups_pdf_filter
|
||||
#pkgs.ghostscript
|
||||
];
|
||||
|
||||
|
||||
@ -97,7 +97,7 @@ with import <stockholm/lib>;
|
||||
];
|
||||
|
||||
fonts.fonts = [
|
||||
pkgs.xlibs.fontschumachermisc
|
||||
pkgs.xorg.fontschumachermisc
|
||||
];
|
||||
|
||||
services.xserver.enable = true;
|
||||
|
@ -21,19 +21,19 @@ with import <stockholm/lib>;
|
||||
systemd-boot.enable = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
firefoxWrapper
|
||||
gimp
|
||||
kate
|
||||
libreoffice
|
||||
(pkgs.pidgin-with-plugins.override {
|
||||
plugins = [ pkgs.pidginotr ];
|
||||
environment.systemPackages = [
|
||||
pkgs.firefox
|
||||
pkgs.gimp
|
||||
pkgs.kate
|
||||
pkgs.libreoffice
|
||||
(pkgs.pidgin.override {
|
||||
plugins = [ pkgs.pidgin-otr ];
|
||||
})
|
||||
sxiv
|
||||
texlive.combined.scheme-full
|
||||
vim
|
||||
xsane
|
||||
zathura
|
||||
pkgs.sxiv
|
||||
pkgs.texlive.combined.scheme-full
|
||||
pkgs.vim
|
||||
pkgs.xsane
|
||||
pkgs.zathura
|
||||
];
|
||||
|
||||
fileSystems = {
|
||||
|
@ -45,7 +45,9 @@ with import <stockholm/lib>;
|
||||
netcup
|
||||
nmap
|
||||
p7zip
|
||||
pass-otp
|
||||
(pkgs.pass.withExtensions (ext: [
|
||||
ext.pass-otp
|
||||
]))
|
||||
q
|
||||
qrencode
|
||||
texlive.combined.scheme-full
|
||||
|
@ -15,6 +15,7 @@ with import <stockholm/lib>;
|
||||
./bash
|
||||
./htop.nix
|
||||
./nets/hkw.nix
|
||||
./networkd.nix
|
||||
./nginx
|
||||
./pki
|
||||
./ssh.nix
|
||||
@ -46,7 +47,7 @@ with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
# TODO check if both are required:
|
||||
nix.sandboxPaths = [ "/etc/protocols" pkgs.iana_etc.outPath ];
|
||||
nix.sandboxPaths = [ "/etc/protocols" pkgs.iana-etc.outPath ];
|
||||
|
||||
nix.requireSignedBinaryCaches = true;
|
||||
|
||||
|
@ -5,9 +5,9 @@
|
||||
# s:^NROFF\t.*:& -Wbreak:
|
||||
# '
|
||||
#'';
|
||||
environment.systemPackages = with pkgs; [
|
||||
manpages
|
||||
posix_man_pages
|
||||
xorg.xorgdocs
|
||||
environment.systemPackages = [
|
||||
pkgs.man-pages
|
||||
pkgs.posix_man_pages
|
||||
pkgs.xorg.xorgdocs
|
||||
];
|
||||
}
|
||||
|
4
tv/2configs/networkd.nix
Normal file
4
tv/2configs/networkd.nix
Normal file
@ -0,0 +1,4 @@
|
||||
{
|
||||
# often hangs
|
||||
systemd.services.systemd-networkd-wait-online.enable = false;
|
||||
}
|
@ -2,7 +2,7 @@
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
pkg = pkgs.pulseaudioLight;
|
||||
pkg = pkgs.pulseaudio;
|
||||
runDir = "/run/pulse";
|
||||
|
||||
pkgs_i686 = pkgs.pkgsi686Linux;
|
||||
|
@ -38,7 +38,7 @@ in {
|
||||
];
|
||||
|
||||
fonts.fonts = [
|
||||
pkgs.xlibs.fontschumachermisc
|
||||
pkgs.xorg.fontschumachermisc
|
||||
];
|
||||
|
||||
services.xserver = {
|
||||
@ -128,7 +128,7 @@ in {
|
||||
config.imgur.xdg-open.browser = "/etc/profiles/per-user/tv/bin/cr";
|
||||
config.timeout = 200;
|
||||
})
|
||||
pkgs.pulseaudioLight.out
|
||||
pkgs.pulseaudio.out
|
||||
pkgs.rxvt_unicode
|
||||
pkgs.xcalib
|
||||
"/run/wrappers" # for su
|
||||
|
@ -1,10 +1,10 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../lib;
|
||||
let
|
||||
pushBack = x: xs:
|
||||
if elem x xs then
|
||||
remove x xs ++ [ x ]
|
||||
else
|
||||
names;
|
||||
xs;
|
||||
in
|
||||
|
||||
self: super:
|
||||
|
@ -7,7 +7,7 @@ module Main (main) where
|
||||
import System.Exit (exitFailure)
|
||||
|
||||
import Control.Exception
|
||||
import Control.Monad.Extra (ifM, whenJustM)
|
||||
import Control.Monad.Extra (whenJustM)
|
||||
import qualified Data.List
|
||||
import Graphics.X11.ExtraTypes.XF86
|
||||
import Text.Read (readEither)
|
||||
@ -68,7 +68,9 @@ mainNoArgs :: IO ()
|
||||
mainNoArgs = do
|
||||
workspaces0 <- getWorkspaces0
|
||||
handleShutdownEvent <- newShutdownEventHandler
|
||||
launch
|
||||
let
|
||||
config =
|
||||
id
|
||||
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
|
||||
$ def
|
||||
{ terminal = {-pkg:rxvt_unicode-}"urxvtc"
|
||||
@ -100,6 +102,8 @@ mainNoArgs = do
|
||||
, focusedBorderColor = "#f000b0"
|
||||
, handleEventHook = handleShutdownEvent
|
||||
}
|
||||
directories <- getDirectories
|
||||
launch config directories
|
||||
|
||||
|
||||
getWorkspaces0 :: IO [String]
|
||||
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../../lib;
|
||||
self: super:
|
||||
|
||||
mapNixDir (path: import path self super) ./.
|
||||
|
@ -1,7 +0,0 @@
|
||||
self: super:
|
||||
|
||||
self.lib.overrideDerivation super.dhcpcd (old: {
|
||||
configureFlags = old.configureFlags ++ [
|
||||
"--dbdir=/var/lib/dhcpcd"
|
||||
];
|
||||
})
|
@ -1,4 +1,4 @@
|
||||
with import <stockholm/lib>;
|
||||
with import ../../../lib;
|
||||
|
||||
self: super:
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ pkgs }:
|
||||
|
||||
pkgs.writeDashBin "ff" ''
|
||||
exec ${pkgs.firefoxWrapper}/bin/firefox "$@"
|
||||
exec ${pkgs.firefox}/bin/firefox "$@"
|
||||
''
|
||||
|
@ -1,37 +1,38 @@
|
||||
{ lib, stdenv
|
||||
, runCommand
|
||||
, coreutils, dash, gnused, fzf, pass-otp, rxvt_unicode, utillinux, xdotool
|
||||
}:
|
||||
{ lib, pkgs, stdenv }:
|
||||
|
||||
runCommand "fzmenu" {
|
||||
pkgs.runCommand "fzmenu" {
|
||||
} /* sh */ ''
|
||||
mkdir $out
|
||||
|
||||
cp -r ${./bin} $out/bin
|
||||
|
||||
substituteInPlace $out/bin/otpmenu \
|
||||
--replace '#! /bin/sh' '#! ${dash}/bin/dash' \
|
||||
--replace '#! /bin/sh' '#! ${pkgs.dash}/bin/dash' \
|
||||
--replace '#PATH=' PATH=${lib.makeBinPath [
|
||||
coreutils
|
||||
dash
|
||||
fzf
|
||||
gnused
|
||||
pass-otp
|
||||
rxvt_unicode
|
||||
utillinux
|
||||
xdotool
|
||||
pkgs.coreutils
|
||||
pkgs.dash
|
||||
pkgs.fzf
|
||||
pkgs.gnused
|
||||
(pkgs.pass.withExtensions (ext: [
|
||||
ext.pass-otp
|
||||
]))
|
||||
pkgs.rxvt_unicode
|
||||
pkgs.utillinux
|
||||
pkgs.xdotool
|
||||
]}
|
||||
|
||||
substituteInPlace $out/bin/passmenu \
|
||||
--replace '#! /bin/sh' '#! ${dash}/bin/dash' \
|
||||
--replace '#! /bin/sh' '#! ${pkgs.dash}/bin/dash' \
|
||||
--replace '#PATH=' PATH=${lib.makeBinPath [
|
||||
coreutils
|
||||
dash
|
||||
fzf
|
||||
gnused
|
||||
pass-otp
|
||||
rxvt_unicode
|
||||
utillinux
|
||||
xdotool
|
||||
pkgs.coreutils
|
||||
pkgs.dash
|
||||
pkgs.fzf
|
||||
pkgs.gnused
|
||||
(pkgs.pass.withExtensions (ext: [
|
||||
ext.pass-otp
|
||||
]))
|
||||
pkgs.rxvt_unicode
|
||||
pkgs.utillinux
|
||||
pkgs.xdotool
|
||||
]}
|
||||
''
|
||||
|
Loading…
Reference in New Issue
Block a user