Merge remote-tracking branch 'lass/master'

This commit is contained in:
makefu 2022-08-02 14:34:22 +02:00
commit 739fad41da
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
40 changed files with 355 additions and 206 deletions

View File

@ -22,13 +22,11 @@ in {
tv tv
]; ];
in { in {
"anmeldung@eloop.org" = eloop-ml;
"brain@krebsco.de" = brain-ml; "brain@krebsco.de" = brain-ml;
"cfp2019@eloop.org" = eloop-ml; "eloop2022@krebsco.de" = eloop-ml;
"eloop2019@krebsco.de" = eloop-ml; "root@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
"kontakt@eloop.org" = eloop-ml; "spam@eloop.org" = eloop-ml;
"root@eloop.org" = eloop-ml; "youtube@eloop.org" = eloop-ml; # obsolete, use spam@eloop.org instead
"youtube@eloop.org" = eloop-ml;
"postmaster@krebsco.de" = spam-ml; # RFC 822 "postmaster@krebsco.de" = spam-ml; # RFC 822
"lass@krebsco.de" = lass; "lass@krebsco.de" = lass;
"makefu@krebsco.de" = makefu; "makefu@krebsco.de" = makefu;

View File

@ -71,12 +71,12 @@ let
${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \ ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \
| ${pkgs.coreutils}/bin/tail +2 \ | ${pkgs.coreutils}/bin/tail +2 \
| ${pkgs.miller}/bin/mlr --icsv --opprint cat \ | ${pkgs.miller}/bin/mlr --icsv --opprint cat \
| ${pkgs.gnused}/bin/sed 's/^/the_/' | ${pkgs.gnused}/bin/sed 's/^\(.\)/\1/'
''; '';
}; };
} }
{ {
pattern = ''^([\H-]*):?\s+([+-][1-9][0-9]*)\s+(\S+)$''; pattern = ''^([\H-]*?):?\s+([+-][1-9][0-9]*)\s+(\S+)$'';
activate = "match"; activate = "match";
arguments = [1 2 3]; arguments = [1 2 3];
command = { command = {

View File

@ -102,6 +102,7 @@ let
imp = lib.mkMerge [ imp = lib.mkMerge [
{ krebs = import ./external { inherit config; }; } { krebs = import ./external { inherit config; }; }
{ krebs = import ./external/dbalan.nix { inherit config; }; }
{ krebs = import ./external/kmein.nix { inherit config; }; } { krebs = import ./external/kmein.nix { inherit config; }; }
{ krebs = import ./external/mic92.nix { inherit config; }; } { krebs = import ./external/mic92.nix { inherit config; }; }
{ krebs = import ./external/palo.nix { inherit config; }; } { krebs = import ./external/palo.nix { inherit config; }; }

50
krebs/3modules/external/dbalan.nix vendored Normal file
View File

@ -0,0 +1,50 @@
with import <stockholm/lib>;
{ config, ... }:
let
hostDefaults = hostName: host: flip recursiveUpdate host ({
ci = false;
external = true;
monitoring = false;
owner = config.krebs.users.dbalan;
} // optionalAttrs (host.nets?retiolum) {
nets.retiolum = {
ip6.addr = (krebs.genipv6 "retiolum" "external" { inherit hostName; }).address;
};
} // optionalAttrs (host.nets?wiregrill) {
nets.wiregrill = {
ip6.addr = (krebs.genipv6 "wiregrill" "external" { inherit hostName; }).address;
};
});
in
{
users = rec {
dbalan = {
mail = "dbalan@thaum.space";
pubkey = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAiWF+U3VHNfp1IPU0/TWhMioxJvmoyG1AMZMvnQjy5QAAAABHNzaDo= dj@v60";
};
};
hosts = mapAttrs hostDefaults {
v60 = {
nets.retiolum = {
aliases = [ "v60.dbalan.r" ];
ip4.addr = "10.243.42.12";
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAxVRxcCWfjLu9cNo5ELfXyuwhpJBSfod5f9JkclSpydVHaQBfeVC6
RKfdknQVL6RXiCMFsSAvCvmnIohmpUCbiQWu29P/g0jzQZZ7zNx5L7JHy18x9qAr
1scu7FRdVErVuWKXXNt0+j45dA+u5HE6RLsjAHGYtQbAr21VLyLF3qq11IWNrFYU
uqSnM/ZPbOPPHLS8XtsQRdJ2cOkccSCO4W6xBar92aPFuDImH60VuxMFEKYWY2bz
p6q0K0rtRqW1qANTV62SUDeA1wMPlSmvnMFY7qesSLk6tJjJ02HwwiOvK2ov1/Rm
bpwcrqrrbUxbCaZC6t7pBBxUOZlGfnO3woZQm63+4TEw/YDHhxD0HbhH88Wc+eHy
I73tuL1oc01JxL131bJV6jcHG7LrG7wTsTdDaZpjbH54adJP47QpTMb0ggsx2WkD
mpxFFSnTZL7ghZO5NGPvidTBp+wJiSOv5igAjA72CvjR3tOF4d5Lsq4JsQeCStjA
OPrIrN0AnJRg2IFDXZEGwTS9AbLWX147O9VrNimLzezOylH4Eihn7GUJ5KLIPjLy
AvsgIYljoJuhGbM8QoWlakwqOndMeoqhz52ORZ5CDgfybJJEbyrYF8gYFVNJOzds
9gy/F+27TwfjMgcheN2+ogJp+lD754aCF0EJMwaK8ElzQLqAzbBRGAsCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "dcPFpCG94cq1KHD4TH9WgOl9fpc1589YvWkmnkEZcSC";
};
};
};
}

View File

@ -681,27 +681,6 @@ in {
}; };
}; };
}; };
jarvis = {
owner = config.krebs.users.mic92;
nets = rec {
internet.addrs = [ "jarvis.thalheim.io" ];
retiolum = {
via = internet;
aliases = [ "jarvis.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA7PtJlYBpBr2TK5CAvAukkGvj+esC+sMPKd3mO9iDwdViBrqKdf+D
yEy8SI80Y02dpkL97NjvnzepKpyGQWpG1ZQflJLhCTj7oFyVpWd4XsbIuzYp5ES6
r8qKWs2xcItc1pbW0ZmrCBzdWsC1B0VAHlYkiz+7vM6pCTvg6hNQugP4c1TRCtJC
Sr+n+EjTXN/NTaKl+f7eoHJGnT5liDO3/xZVxm8AuLnron1xPPDghXClVHfDj5mt
f66f+CLwZhq3BrZuptwXp7TerMfrNtPyTx96b+EyuLPjrYxKeKL/+Nbr3VmmiDIV
tsraNc+0a8OBpVsYh4MQLp55NYwqxAoetQIDAQAB
-----END RSA PUBLIC KEY-----
'';
tinc.pubkey_ed25519 = "RRkMnGSg+nMkz4L2iqmdFf2fIf4wIfcTM0TlTWLLNCE";
};
};
};
bernie = { bernie = {
owner = config.krebs.users.mic92; owner = config.krebs.users.mic92;
nets = rec { nets = rec {

View File

@ -57,6 +57,7 @@
"20.201.28.151" "20.201.28.151"
"20.205.243.166" "20.205.243.166"
"102.133.202.242" "102.133.202.242"
"20.248.137.48"
"18.181.13.223" "18.181.13.223"
"54.238.117.237" "54.238.117.237"
"54.168.17.15" "54.168.17.15"
@ -70,6 +71,7 @@
"20.201.28.152" "20.201.28.152"
"20.205.243.160" "20.205.243.160"
"102.133.202.246" "102.133.202.246"
"20.248.137.50"
]; ];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="; publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
}; };

View File

@ -34,7 +34,7 @@ with import <stockholm/lib>;
'') '')
(filter (proto: entry.${proto} != null) ["tcp" "udp"])} (filter (proto: entry.${proto} != null) ["tcp" "udp"])}
'') (attrValues config.krebs.iana-etc.services)} '') (attrValues config.krebs.iana-etc.services)}
cat ${pkgs.iana_etc}/etc/services cat ${pkgs.iana-etc}/etc/services
} | } |
sort -b -k 2,2 -u > $out sort -b -k 2,2 -u > $out
''); '');

View File

@ -1,18 +1,18 @@
{ mkDerivation, aeson, async, attoparsec, base, blessings { mkDerivation, aeson, async, attoparsec, base, blessings
, bytestring, containers, data-default, fetchgit, filepath , bytestring, containers, data-default, filepath, hashable, lens
, hashable, lens, lens-aeson, network, network-simple , lens-aeson, lib, network, network-simple, network-simple-tls
, network-simple-tls, network-uri, pcre-light, process, random , network-uri, pcre-light, process, random, servant-server
, servant-server, lib, string-conversions, stringsearch, text , string-conversions, stringsearch, text, time, transformers
, time, transformers, unagi-chan, unix, unordered-containers , unagi-chan, unix, unordered-containers, vector, wai, warp
, vector, wai, warp , fetchgit
}: }:
mkDerivation rec { mkDerivation {
pname = "reaktor2"; pname = "reaktor2";
version = "0.4.0a"; version = "0.4.2";
src = fetchgit { src = fetchgit {
url = "https://cgit.lassul.us/reaktor2"; url = "https://cgit.krebsco.de/reaktor2";
sha256 = "sha256-x1i2TWcycYVFij6832xaBiQa1RQ1VmSfu5Qt1QrUtds="; hash = "sha256-JPQyy0hDSH5JqQGjwoO5BNsD4qk+GKP1VH+j4/2cqes";
rev = "6d3eb6de5e770ee26874bb7449934f0c55bd1efa"; rev = "53a11f421fb18e8687fa06e5511cea8bd9defc36";
fetchSubmodules = true; fetchSubmodules = true;
}; };
isLibrary = false; isLibrary = false;

View File

@ -10,20 +10,17 @@ self: super: {
}); });
flameshot = super.flameshot.overrideAttrs (old: rec { flameshot = super.flameshot.overrideAttrs (old: rec {
patches = old.patches or [] ++ { name = "flameshot-${version}";
"0.6.0" = [ version = "0.10.2";
./flameshot/flameshot_imgur_0.6.0.patch src = self.fetchFromGitHub {
]; owner = "flameshot-org";
"0.9.0" = [ repo = "flameshot";
./flameshot/flameshot_imgur_0.9.0.patch rev = "v${version}";
]; sha256 = "sha256-rZUiaS32C77tFJmEkw/9MGbVTVscb6LOCyWaWO5FyR4=";
"0.10.1" = [ };
./flameshot/flameshot_imgur_0.9.0.patch patches = old.patches or [] ++ [
]; ./flameshot/flameshot_imgur_0.10.2.patch
"0.10.2" = [ ];
./flameshot/flameshot_imgur_0.9.0.patch
];
}.${old.version} or [];
}); });
# https://github.com/proot-me/PRoot/issues/106 # https://github.com/proot-me/PRoot/issues/106

View File

@ -1,34 +0,0 @@
--- a/src/tools/imgur/imguruploader.cpp
+++ b/src/tools/imgur/imguruploader.cpp
@@ -40,6 +40,7 @@
#include <QTimer>
#include <QJsonDocument>
#include <QJsonObject>
+#include <stdlib.h>
ImgurUploader::ImgurUploader(const QPixmap &capture, QWidget *parent) :
QWidget(parent), m_pixmap(capture)
@@ -74,7 +75,10 @@ void ImgurUploader::handleReply(QNetworkReply *reply) {
QJsonObject json = response.object();
QJsonObject data = json["data"].toObject();
m_imageURL.setUrl(data["link"].toString());
- m_deleteImageURL.setUrl(QString("https://imgur.com/delete/%1").arg(
+ char *deleteImageURLPattern = secure_getenv("IMGUR_DELETE_URL");
+ if (deleteImageURLPattern == NULL)
+ deleteImageURLPattern = "https://imgur.com/delete/%1";
+ m_deleteImageURL.setUrl(QString(deleteImageURLPattern).arg(
data["deletehash"].toString()));
onUploadOk();
} else {
@@ -105,7 +109,10 @@ void ImgurUploader::upload() {
QString description = FileNameHandler().parsedPattern();
urlQuery.addQueryItem("description", description);
- QUrl url("https://api.imgur.com/3/image");
+ char *createImageURLPattern = secure_getenv("IMGUR_CREATE_URL");
+ if (createImageURLPattern == NULL)
+ createImageURLPattern = "https://api.imgur.com/3/image";
+ QUrl url(createImageURLPattern);
url.setQuery(urlQuery);
QNetworkRequest request(url);
request.setHeader(QNetworkRequest::ContentTypeHeader,

View File

@ -1,6 +1,7 @@
{ python, writeScriptBin, ... }: { python3, writeScriptBin, ... }:
let let
python = python3;
pythonEnv = python.withPackages (ps: [ ps.netaddr ]); pythonEnv = python.withPackages (ps: [ ps.netaddr ]);
in in
writeScriptBin "cidr2glob" '' writeScriptBin "cidr2glob" ''
@ -25,6 +26,6 @@ in
if __name__ == "__main__": if __name__ == "__main__":
for cidr in sys.stdin: for cidr in sys.stdin:
for glob in cidr2glob(cidr): for glob in cidr2glob(cidr):
print glob print(glob)
'' ''

View File

@ -0,0 +1,28 @@
{ pkgs }:
pkgs.stdenv.mkDerivation rec {
pname = "veroroute";
version = "2.28";
src = pkgs.fetchurl {
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
sha256 = "04dig0g4v1rz50mjj1k6jk99rqbg24hdx8kzrlwv0dlxm567lvc7";
};
buildInputs = [
pkgs.qt5.qtbase
];
nativeBuildInputs = [
pkgs.qt5.wrapQtAppsHook
];
buildPhase = ''
qmake Src/veroroute.pro
make
'';
installPhase = ''
sed -i 's;/usr;;g' veroroute-install.sh
pkgdir=$out bash ./veroroute-install.sh
'';
}

View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "5ce6597eca7d7b518c03ecda57d45f9404b5e060", "rev": "e4d49de45a3b5dbcb881656b4e3986e666141ea9",
"date": "2022-05-24T17:55:48+02:00", "date": "2022-07-18T18:21:45+02:00",
"path": "/nix/store/glvcj0zmqq9z5wf6bppnppbpf8w85iwf-nixpkgs", "path": "/nix/store/665hb1ysmaadwh4axp7f9inhczq08xay-nixpkgs",
"sha256": "1hs1lnnbp1dky3nfp7xlricpp5c63sr46jyrnvykci8bl8jnxnl3", "sha256": "0y0c9ybkcfmjgrl93wzzlk7ii95kh2fb4v5ac5w6rmcsq2ff3yaz",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

View File

@ -1,9 +1,9 @@
{ {
"url": "https://github.com/NixOS/nixpkgs", "url": "https://github.com/NixOS/nixpkgs",
"rev": "8b538fcb329a7bc3d153962f17c509ee49166973", "rev": "e732e1fdbf79bec59f7ade4a3675b091b4a9f6d6",
"date": "2022-06-15T15:30:32+08:00", "date": "2022-07-19T15:32:15+02:00",
"path": "/nix/store/7r9xwvy1qc2m88cpx8sz494ad08whgqg-nixpkgs", "path": "/nix/store/4dcxnk4xplx79xrwxg2m6pqh8b5k6ya0-nixpkgs",
"sha256": "08797zlq57i8bi8f89j38ymi8nwp5hp0vh62162k526qf6v3paqz", "sha256": "1j73j17g852zfc75b7ll4avp30pnyvm37pgm66cz844phkv5ywfg",
"fetchLFS": false, "fetchLFS": false,
"fetchSubmodules": false, "fetchSubmodules": false,
"deepClone": false, "deepClone": false,

View File

@ -10,8 +10,7 @@
${write_to_irc} "$(echo "$INPUT" | jq -r ' ${write_to_irc} "$(echo "$INPUT" | jq -r '
"\(.action): " + "\(.action): " +
"[\(.issue.title // .pull_request.title)] " + "[\(.issue.title // .pull_request.title)] " +
"\(.comment.html_url // .issue.html_url // .pull_request.html_url) " + "\(.comment.html_url // .issue.html_url // .pull_request.html_url) "
"by \(.comment.user.login // .issue.user.login // .pull_request.user.login)"
')" ')"
fi fi
''; '';
@ -58,16 +57,16 @@ in {
case "$Method $Request_URI" in case "$Method $Request_URI" in
"POST /") "POST /")
payload=$(head -c "$req_content_length") payload=$(head -c "$req_content_length")
echo "$payload" >&2 raw=$(printf '%s' "$payload" | ${pkgs.curl}/bin/curl --data-binary @- http://p.krebsco.de | tail -1)
payload2=$payload payload2=$payload
payload2=$(echo "$payload" | tr '\n' ' ' | tr -d '\r') payload2=$(printf '%s' "$payload" | tr '\n' ' ' | tr -d '\r')
if [ "$payload" != "$payload2" ]; then if [ "$payload" != "$payload2" ]; then
echo "payload has been mangled" >&2 echo "payload has been mangled" >&2
else else
echo "payload not mangled" >&2 echo "payload not mangled" >&2
fi fi
echo "$payload2" > /tmp/last_fysi_payload
echo "$payload2" | ${format-github-message}/bin/format-github-message echo "$payload2" | ${format-github-message}/bin/format-github-message
${write_to_irc} "$raw"
printf 'HTTP/1.1 200 OK\r\n' printf 'HTTP/1.1 200 OK\r\n'
printf 'Connection: close\r\n' printf 'Connection: close\r\n'
printf '\r\n' printf '\r\n'

View File

@ -168,7 +168,7 @@ in {
output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source) output.icecast(mount = '/music.mp3', password = 'hackme', %mp3.vbr(), source)
output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 96), source) output.icecast(mount = '/music.opus', password = 'hackme', %opus(bitrate = 96), source)
extra_input = audio_to_stereo(input.harbor("live", port=1338)) extra_input = amplify(1.4, audio_to_stereo(input.harbor("live", port=1338)))
o = smooth_add(normal = source, special = extra_input) o = smooth_add(normal = source, special = extra_input)
output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o) output.icecast(mount = '/radio.ogg', password = 'hackme', %vorbis(quality = 1), o)

View File

@ -25,9 +25,9 @@ for ip in fileinput.input():
output.append( output.append(
f'Weather report for {location.city.name}, {location.country.name}. ' f'Weather report for {location.city.name}, {location.country.name}. '
f'Currently it is {weather["current"]["weather"][0]["description"]} outside ' f'Currently it is {weather["current"]["weather"][0]["description"]} outside '
f'with a temperature of {weather["current"]["temp"]} degrees, ' f'with a temperature of {weather["current"]["temp"]:.1f} degrees, '
f'and a wind speed of {weather["current"]["wind_speed"]} meters per second. ' f'and a wind speed of {weather["current"]["wind_speed"]:.1f} meters per second. '
f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100} percent. ' f'The probability of precipitation is {weather["hourly"][0]["pop"] * 100:.0f} percent. '
) )
print('\n'.join(output)) print('\n'.join(output))

View File

@ -104,7 +104,7 @@ in {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
hostName = "o.xanf.org"; hostName = "o.xanf.org";
package = pkgs.nextcloud23; package = pkgs.nextcloud24;
config = { config = {
adminpassFile = "/run/nextcloud.pw"; adminpassFile = "/run/nextcloud.pw";
overwriteProtocol = "https"; overwriteProtocol = "https";

View File

@ -2,6 +2,7 @@ _:
{ {
imports = [ imports = [
./dnsmasq.nix ./dnsmasq.nix
./drbd.nix
./folderPerms.nix ./folderPerms.nix
./hosts.nix ./hosts.nix
./klem.nix ./klem.nix

118
lass/3modules/drbd.nix Normal file
View File

@ -0,0 +1,118 @@
{ config, lib, pkgs, ... }: let
cfg = config.lass.drbd;
slib = import <stockholm/lib>;
in {
options = {
lass.drbd = lib.mkOption {
default = {};
type = lib.types.attrsOf (lib.types.submodule ({ config, ... }: {
options = {
name = lib.mkOption {
type = lib.types.str;
default = config._module.args.name;
};
blockMinor = lib.mkOption {
type = lib.types.int;
default = lib.mod (slib.genid config.name) 16000; # TODO get max_id fron drbd
};
port = lib.mkOption {
type = lib.types.int;
default = 20000 + config.blockMinor;
};
peers = lib.mkOption {
type = lib.types.listOf slib.types.host;
};
disk = lib.mkOption {
type = lib.types.str;
default = "/dev/loop${toString config.blockMinor}";
};
drbdConfig = lib.mkOption {
type = lib.types.path;
internal = true;
default = pkgs.writeText "drbd-${config.name}.conf" ''
resource ${config.name} {
net {
protocol a;
ping-int 10;
}
device minor ${toString config.blockMinor};
disk ${config.disk};
meta-disk internal;
${slib.indent (lib.concatStrings (lib.imap1 (i: peer: /* shell */ ''
on ${peer.name} {
address ${peer.nets.retiolum.ip4.addr}:${toString config.port};
node-id ${toString i};
}
'') config.peers))}
connection-mesh {
hosts ${lib.concatMapStringsSep " " (peer: peer.name) config.peers};
}
}
'';
};
};
}));
};
};
config = lib.mkIf (cfg != {}) {
boot.extraModulePackages = [
(pkgs.linuxPackages.callPackage ../5pkgs/drbd9/default.nix {})
];
boot.extraModprobeConfig = ''
options drbd usermode_helper=/run/current-system/sw/bin/drbdadm
'';
services.udev.packages = [ pkgs.drbd ];
boot.kernelModules = [ "drbd" ];
environment.systemPackages = [ pkgs.drbd ];
networking.firewall.allowedTCPPorts = map (device: device.port) (lib.attrValues cfg);
systemd.services = lib.mapAttrs' (_: device:
lib.nameValuePair "drbd-${device.name}" {
after = [ "systemd-udev.settle.service" "network.target" ];
wants = [ "systemd-udev.settle.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
RemainAfterExit = true;
ExecStart = pkgs.writers.writeDash "start-drbd-${device.name}" ''
set -efux
mkdir -p /var/lib/sync-containers2
${lib.optionalString (device.disk == "/dev/loop${toString device.blockMinor}") ''
if ! test -e /var/lib/sync-containers2/${device.name}.disk; then
truncate -s 10G /var/lib/sync-containers2/${device.name}.disk
fi
if ! ${pkgs.util-linux}/bin/losetup /dev/loop${toString device.blockMinor}; then
${pkgs.util-linux}/bin/losetup /dev/loop${toString device.blockMinor} /var/lib/sync-containers2/${device.name}.disk
fi
''}
if ! ${pkgs.drbd}/bin/drbdadm adjust ${device.name}; then
${pkgs.drbd}/bin/drbdadm down ${device.name}
${pkgs.drbd}/bin/drbdadm create-md ${device.name}
${pkgs.drbd}/bin/drbdadm up ${device.name}
fi
'';
ExecStop = pkgs.writers.writeDash "stop-drbd-${device.name}" ''
set -efux
${pkgs.drbd}/bin/drbdadm -c ${device.drbdConfig} down ${device.name}
${lib.optionalString (device.disk == "/dev/loop${toString device.blockMinor}") ''
${pkgs.util-linux}/bin/losetup -d /dev/loop${toString device.blockMinor}
''}
'';
};
}
) cfg;
environment.etc."drbd.conf".text = ''
global {
usage-count yes;
}
${lib.concatMapStrings (device: /* shell */ ''
include ${device.drbdConfig};
'') (lib.attrValues cfg)}
'';
};
}

View File

@ -1,24 +1,24 @@
with import <stockholm/lib>;
self: super: let self: super: let
lib = super.lib;
# This callPackage will try to detect obsolete overrides. # This callPackage will try to detect obsolete overrides.
callPackage = path: args: let callPackage = path: args: let
override = super.callPackage path args; override = super.callPackage path args;
upstream = optionalAttrs (override ? "name") upstream = lib.optionalAttrs (override ? "name")
(super.${(parseDrvName override.name).name} or {}); (super.${(builtins.parseDrvName override.name).name} or {});
in if upstream ? "name" && in if upstream ? "name" &&
override ? "name" && override ? "name" &&
compareVersions upstream.name override.name != -1 builtins.compareVersions upstream.name override.name != -1
then then
trace builtins.trace
"Upstream `${upstream.name}' gets overridden by `${override.name}'." "Upstream `${upstream.name}' gets overridden by `${override.name}'."
override override
else override; else override;
subdirsOf = path: subdirsOf = path:
mapAttrs (name: _: path + "/${name}") lib.mapAttrs (name: _: path + "/${name}")
(filterAttrs (_: eq "directory") (readDir path)); (lib.filterAttrs (_: x: x == "directory") (builtins.readDir path));
in mapAttrs (_: flip callPackage {}) in lib.mapAttrs (_: lib.flip callPackage {})
(filterAttrs (_: dir: pathExists (dir + "/default.nix")) (lib.filterAttrs (_: dir: lib.pathExists (dir + "/default.nix"))
(subdirsOf ./.)) (subdirsOf ./.))

View File

@ -37,18 +37,22 @@
in { in {
deploy = { target ? "root@${name}/var/src" }: pkgs.krops.writeCommand "deploy" { deploy = { target ? "root@${name}/var/src", offline ? false }: pkgs.krops.writeCommand "deploy" {
command = targetPath: '' command = targetPath: ''
set -fu set -xfu
outDir=$(mktemp -d) outDir=$(mktemp -d)
trap "rm -rf $outDir;" INT TERM EXIT trap "rm -rf $outDir;" INT TERM EXIT
nix build \ build=$(command -v nom-build || echo "nix-build")
$build \
-I "${targetPath}" \ -I "${targetPath}" \
-f '<nixpkgs/nixos>' config.system.build.toplevel \ '<nixpkgs/nixos>' -A config.system.build.toplevel \
-o "$outDir/out" -o "$outDir/out" \
${lib.optionalString offline "--option substitute false"} \
# -vvvvv --show-trace
nix-env -p /nix/var/nix/profiles/system --set "$outDir/out" nix-env -p /nix/var/nix/profiles/system --set "$outDir/out"

@ -1 +1 @@
Subproject commit 89e5e67659bbbf0da53cc2cc5dea644b9a2301f6 Subproject commit 3aa04be96f19cc5f4866b2b36a351f88f6667bd2

View File

@ -15,11 +15,11 @@ with import <stockholm/lib>;
}; };
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = [
firefoxWrapper pkgs.firefox
networkmanagerapplet pkgs.networkmanagerapplet
(pkgs.pidgin-with-plugins.override { (pkgs.pidgin.override {
plugins = [ pkgs.pidginotr ]; plugins = [ pkgs.pidgin-otr ];
}) })
]; ];

View File

@ -56,26 +56,26 @@ with import <stockholm/lib>;
${pkgs.kmod}/bin/modprobe -v iwlwifi ${pkgs.kmod}/bin/modprobe -v iwlwifi
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = [
chromium pkgs.chromium
firefoxWrapper pkgs.firefox
gimp pkgs.gimp
iptables pkgs.iptables
libreoffice pkgs.libreoffice
plasma-pa pkgs.plasma-pa
(pkgs.pidgin-with-plugins.override { (pkgs.pidgin.override {
plugins = [ pkgs.pidginotr ]; plugins = [ pkgs.pidgin-otr ];
}) })
skype pkgs.skypeforlinux
slock pkgs.slock
tinc_pre pkgs.tinc_pre
vim pkgs.vim
xsane pkgs.xsane
#foomatic_filters #pkgs.foomatic_filters
#gutenprint #pkgs.gutenprint
#cups_pdf_filter #pkgs.cups_pdf_filter
#ghostscript #pkgs.ghostscript
]; ];
@ -97,7 +97,7 @@ with import <stockholm/lib>;
]; ];
fonts.fonts = [ fonts.fonts = [
pkgs.xlibs.fontschumachermisc pkgs.xorg.fontschumachermisc
]; ];
services.xserver.enable = true; services.xserver.enable = true;

View File

@ -21,19 +21,19 @@ with import <stockholm/lib>;
systemd-boot.enable = true; systemd-boot.enable = true;
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = [
firefoxWrapper pkgs.firefox
gimp pkgs.gimp
kate pkgs.kate
libreoffice pkgs.libreoffice
(pkgs.pidgin-with-plugins.override { (pkgs.pidgin.override {
plugins = [ pkgs.pidginotr ]; plugins = [ pkgs.pidgin-otr ];
}) })
sxiv pkgs.sxiv
texlive.combined.scheme-full pkgs.texlive.combined.scheme-full
vim pkgs.vim
xsane pkgs.xsane
zathura pkgs.zathura
]; ];
fileSystems = { fileSystems = {

View File

@ -45,7 +45,9 @@ with import <stockholm/lib>;
netcup netcup
nmap nmap
p7zip p7zip
pass-otp (pkgs.pass.withExtensions (ext: [
ext.pass-otp
]))
q q
qrencode qrencode
texlive.combined.scheme-full texlive.combined.scheme-full

View File

@ -15,6 +15,7 @@ with import <stockholm/lib>;
./bash ./bash
./htop.nix ./htop.nix
./nets/hkw.nix ./nets/hkw.nix
./networkd.nix
./nginx ./nginx
./pki ./pki
./ssh.nix ./ssh.nix
@ -46,7 +47,7 @@ with import <stockholm/lib>;
{ {
# TODO check if both are required: # TODO check if both are required:
nix.sandboxPaths = [ "/etc/protocols" pkgs.iana_etc.outPath ]; nix.sandboxPaths = [ "/etc/protocols" pkgs.iana-etc.outPath ];
nix.requireSignedBinaryCaches = true; nix.requireSignedBinaryCaches = true;

View File

@ -5,9 +5,9 @@
# s:^NROFF\t.*:& -Wbreak: # s:^NROFF\t.*:& -Wbreak:
# ' # '
#''; #'';
environment.systemPackages = with pkgs; [ environment.systemPackages = [
manpages pkgs.man-pages
posix_man_pages pkgs.posix_man_pages
xorg.xorgdocs pkgs.xorg.xorgdocs
]; ];
} }

4
tv/2configs/networkd.nix Normal file
View File

@ -0,0 +1,4 @@
{
# often hangs
systemd.services.systemd-networkd-wait-online.enable = false;
}

View File

@ -2,7 +2,7 @@
with import <stockholm/lib>; with import <stockholm/lib>;
let let
pkg = pkgs.pulseaudioLight; pkg = pkgs.pulseaudio;
runDir = "/run/pulse"; runDir = "/run/pulse";
pkgs_i686 = pkgs.pkgsi686Linux; pkgs_i686 = pkgs.pkgsi686Linux;

View File

@ -38,7 +38,7 @@ in {
]; ];
fonts.fonts = [ fonts.fonts = [
pkgs.xlibs.fontschumachermisc pkgs.xorg.fontschumachermisc
]; ];
services.xserver = { services.xserver = {
@ -128,7 +128,7 @@ in {
config.imgur.xdg-open.browser = "/etc/profiles/per-user/tv/bin/cr"; config.imgur.xdg-open.browser = "/etc/profiles/per-user/tv/bin/cr";
config.timeout = 200; config.timeout = 200;
}) })
pkgs.pulseaudioLight.out pkgs.pulseaudio.out
pkgs.rxvt_unicode pkgs.rxvt_unicode
pkgs.xcalib pkgs.xcalib
"/run/wrappers" # for su "/run/wrappers" # for su

View File

@ -1,10 +1,10 @@
with import <stockholm/lib>; with import ../../lib;
let let
pushBack = x: xs: pushBack = x: xs:
if elem x xs then if elem x xs then
remove x xs ++ [ x ] remove x xs ++ [ x ]
else else
names; xs;
in in
self: super: self: super:

View File

@ -7,7 +7,7 @@ module Main (main) where
import System.Exit (exitFailure) import System.Exit (exitFailure)
import Control.Exception import Control.Exception
import Control.Monad.Extra (ifM, whenJustM) import Control.Monad.Extra (whenJustM)
import qualified Data.List import qualified Data.List
import Graphics.X11.ExtraTypes.XF86 import Graphics.X11.ExtraTypes.XF86
import Text.Read (readEither) import Text.Read (readEither)
@ -68,7 +68,9 @@ mainNoArgs :: IO ()
mainNoArgs = do mainNoArgs = do
workspaces0 <- getWorkspaces0 workspaces0 <- getWorkspaces0
handleShutdownEvent <- newShutdownEventHandler handleShutdownEvent <- newShutdownEventHandler
launch let
config =
id
$ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ") $ withUrgencyHook (SpawnUrgencyHook "echo emit Urgency ")
$ def $ def
{ terminal = {-pkg:rxvt_unicode-}"urxvtc" { terminal = {-pkg:rxvt_unicode-}"urxvtc"
@ -100,6 +102,8 @@ mainNoArgs = do
, focusedBorderColor = "#f000b0" , focusedBorderColor = "#f000b0"
, handleEventHook = handleShutdownEvent , handleEventHook = handleShutdownEvent
} }
directories <- getDirectories
launch config directories
getWorkspaces0 :: IO [String] getWorkspaces0 :: IO [String]

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>; with import ../../../lib;
self: super: self: super:
mapNixDir (path: import path self super) ./. mapNixDir (path: import path self super) ./.

View File

@ -1,7 +0,0 @@
self: super:
self.lib.overrideDerivation super.dhcpcd (old: {
configureFlags = old.configureFlags ++ [
"--dbdir=/var/lib/dhcpcd"
];
})

View File

@ -1,4 +1,4 @@
with import <stockholm/lib>; with import ../../../lib;
self: super: self: super:

View File

@ -1,5 +1,5 @@
{ pkgs }: { pkgs }:
pkgs.writeDashBin "ff" '' pkgs.writeDashBin "ff" ''
exec ${pkgs.firefoxWrapper}/bin/firefox "$@" exec ${pkgs.firefox}/bin/firefox "$@"
'' ''

View File

@ -1,37 +1,38 @@
{ lib, stdenv { lib, pkgs, stdenv }:
, runCommand
, coreutils, dash, gnused, fzf, pass-otp, rxvt_unicode, utillinux, xdotool
}:
runCommand "fzmenu" { pkgs.runCommand "fzmenu" {
} /* sh */ '' } /* sh */ ''
mkdir $out mkdir $out
cp -r ${./bin} $out/bin cp -r ${./bin} $out/bin
substituteInPlace $out/bin/otpmenu \ substituteInPlace $out/bin/otpmenu \
--replace '#! /bin/sh' '#! ${dash}/bin/dash' \ --replace '#! /bin/sh' '#! ${pkgs.dash}/bin/dash' \
--replace '#PATH=' PATH=${lib.makeBinPath [ --replace '#PATH=' PATH=${lib.makeBinPath [
coreutils pkgs.coreutils
dash pkgs.dash
fzf pkgs.fzf
gnused pkgs.gnused
pass-otp (pkgs.pass.withExtensions (ext: [
rxvt_unicode ext.pass-otp
utillinux ]))
xdotool pkgs.rxvt_unicode
pkgs.utillinux
pkgs.xdotool
]} ]}
substituteInPlace $out/bin/passmenu \ substituteInPlace $out/bin/passmenu \
--replace '#! /bin/sh' '#! ${dash}/bin/dash' \ --replace '#! /bin/sh' '#! ${pkgs.dash}/bin/dash' \
--replace '#PATH=' PATH=${lib.makeBinPath [ --replace '#PATH=' PATH=${lib.makeBinPath [
coreutils pkgs.coreutils
dash pkgs.dash
fzf pkgs.fzf
gnused pkgs.gnused
pass-otp (pkgs.pass.withExtensions (ext: [
rxvt_unicode ext.pass-otp
utillinux ]))
xdotool pkgs.rxvt_unicode
pkgs.utillinux
pkgs.xdotool
]} ]}
'' ''