From 1f6ba2a01d8ef041323fcb847a0c445365307182 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 29 Jan 2019 19:59:59 +0100 Subject: [PATCH 01/76] xmonad-stockholm: arguments in one line --- krebs/5pkgs/haskell/xmonad-stockholm.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/krebs/5pkgs/haskell/xmonad-stockholm.nix b/krebs/5pkgs/haskell/xmonad-stockholm.nix index 228d365a3..1b197b914 100644 --- a/krebs/5pkgs/haskell/xmonad-stockholm.nix +++ b/krebs/5pkgs/haskell/xmonad-stockholm.nix @@ -1,5 +1,4 @@ -{ mkDerivation, base, containers, fetchgit, filepath, stdenv, unix, X11, X11-xft -, X11-xshape, xmonad, xmonad-contrib +{ mkDerivation, base, containers, fetchgit, filepath, stdenv, unix, X11, X11-xft , X11-xshape, xmonad, xmonad-contrib }: mkDerivation rec { pname = "xmonad-stockholm"; From b4ad768b786401734064eb747d17dbe68b785faa Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 29 Jan 2019 20:00:28 +0100 Subject: [PATCH 02/76] j krops: fix directory --- jeschli/krops.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/jeschli/krops.nix b/jeschli/krops.nix index 989abcdd0..dbf94bd0d 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -12,10 +12,7 @@ secrets = if test then { file = toString ./2configs/tests/dummy-secrets; } else { - pass = { - dir = "${lib.getEnv "HOME"}/.password-store"; - name = "hosts/${name}"; - }; + file = "${lib.getEnv "HOME"}/secrets/${name}"; }; } ]; From 6f466e7ab6aaf4786a84682002c929672201a120 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 5 Feb 2019 19:19:09 +0100 Subject: [PATCH 03/76] j brauerei: remove commented dead code --- jeschli/1systems/brauerei/config.nix | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index d342acb64..f7f545294 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -7,6 +7,9 @@ in ./hardware-configuration.nix +# +# +# ]; @@ -147,8 +150,17 @@ in ''; } ]; - }; +# xmonad = { +# enable = true; +# enableContribAndExtras = true; +# extraPackages = haskellPackages: [ +# haskellPackages.xmonad-contrib +# haskellPackages.xmonad-extras +# haskellPackages.xmonad +# ]; +# } + }; }; users.extraUsers.jeschli = { # TODO: define as krebs.users From b1b20cb683a103bd89710f5eabce8209c5041542 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 5 Feb 2019 19:19:29 +0100 Subject: [PATCH 04/76] j brauerei: remove not working tokei override --- jeschli/1systems/brauerei/config.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index f7f545294..7ac4cc2c0 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -109,14 +109,7 @@ in # xorg xorg.xbacklight # tokei - tokei = overrideDerivation super.tokei (old: { - patches = old.patches or [] ++ [ - (self.fetchurl { - url = https://github.com/4z3/tokei/commit/c27529c.patch; - sha256 = "1rdw8bk379cav603ryrb57yfkvk2z8wavfw9prfh01agk3ml693x"; - }) - ]; - }); + tokei ]; # Some programs need SUID wrappers, can be configured further or are From 17712c90772d68f174f579e570fa23a8fa674245 Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 5 Feb 2019 19:20:17 +0100 Subject: [PATCH 05/76] j xserver: add dbus magic for xserver (xserver/default.nix not working currently) --- jeschli/2configs/xserver/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/jeschli/2configs/xserver/default.nix b/jeschli/2configs/xserver/default.nix index ec3977c7e..44c35ca37 100644 --- a/jeschli/2configs/xserver/default.nix +++ b/jeschli/2configs/xserver/default.nix @@ -51,6 +51,12 @@ in { ${pkgs.xorg.xmodmap}/bin/xmodmap ${import ./Xmodmap.nix args} & ${pkgs.xorg.xrdb}/bin/xrdb ${import ./Xresources.nix args} & ${pkgs.xorg.xsetroot}/bin/xsetroot -solid '#1c1c1c' & + ${config.services.xserver.displayManager.sessionCommands} + if test -z "$DBUS_SESSION_BUS_ADDRESS"; then + exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" "" + fi + export DBUS_SESSION_BUS_ADDRESS + ${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS wait ''; From cb03267e0c3fd3bfa4beaa454f8986856a93963f Mon Sep 17 00:00:00 2001 From: jeschli Date: Tue, 9 Apr 2019 20:08:44 +0200 Subject: [PATCH 06/76] j brauerei: +clion --- jeschli/1systems/brauerei/config.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index b9bb021b8..367091e2c 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -92,9 +92,11 @@ in }) # dev tools gnumake + jetbrains.clion jetbrains.goland jetbrains.pycharm-professional jetbrains.webstorm + vscode # document viewer evince zathura @@ -105,7 +107,6 @@ in cargo rustracer rustup - vscode # orga tools taskwarrior # xorg From 32cfe97d08540178c0119ec66d4a39f673000adb Mon Sep 17 00:00:00 2001 From: jeschli Date: Thu, 25 Apr 2019 11:47:04 +0200 Subject: [PATCH 07/76] j brauerei: -steam (broken?) --- jeschli/1systems/brauerei/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 367091e2c..8ad53f761 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -10,7 +10,7 @@ in # # # - +# ]; From 78ed3c69552cc05e2992d556914ca079892668dc Mon Sep 17 00:00:00 2001 From: jeschli Date: Thu, 25 Apr 2019 11:47:24 +0200 Subject: [PATCH 08/76] j brauerei: +gnupg --- jeschli/1systems/brauerei/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 8ad53f761..a41e2b8d8 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -55,6 +55,7 @@ in curl dmenu git + gnupg i3lock keepass networkmanagerapplet From 18faf72684087fc91a689131ce56448393dae129 Mon Sep 17 00:00:00 2001 From: jeschli Date: Thu, 25 Apr 2019 11:50:00 +0200 Subject: [PATCH 09/76] j brauerei: configs/vim.nix (broken) -> standard vim --- jeschli/2configs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jeschli/2configs/default.nix b/jeschli/2configs/default.nix index 5aaabe24b..8b61fa29c 100644 --- a/jeschli/2configs/default.nix +++ b/jeschli/2configs/default.nix @@ -2,7 +2,7 @@ with import ; { imports = [ - ./vim.nix +# ./vim.nix ./retiolum.nix ./zsh.nix @@ -56,7 +56,7 @@ with import ; usbutils # logify goify - + vim #unpack stuff p7zip unzip From 271d8e8a204484de383a8151325033b8187eca8b Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 27 Apr 2019 17:05:31 +0200 Subject: [PATCH 10/76] j brauerei: +user blafoo --- jeschli/1systems/brauerei/config.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index a41e2b8d8..b8b2b66bc 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -157,6 +157,11 @@ in extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; + users.extraUsers.blafoo = { + isNormalUser = true; + extraGroups = ["audio"]; + uid = 1002; + }; users.extraUsers.jamie = { isNormalUser = true; uid = 1001; # TODO genid From 97d4f9a771a9bbb1b45085569028db2d7dfbd610 Mon Sep 17 00:00:00 2001 From: jeschli Date: Sun, 28 Apr 2019 15:02:20 +0200 Subject: [PATCH 11/76] j enklave: allowed port 8001 --- jeschli/1systems/enklave/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jeschli/1systems/enklave/config.nix b/jeschli/1systems/enklave/config.nix index cadec3cab..86d21f7d3 100644 --- a/jeschli/1systems/enklave/config.nix +++ b/jeschli/1systems/enklave/config.nix @@ -49,7 +49,7 @@ listenPort = 53589; organisations.lass.users = [ "jeschli" ]; }; - networking.firewall.allowedTCPPorts = [ 53589 ]; + networking.firewall.allowedTCPPorts = [ 53589 8001 ]; } ]; From aa13c942c6c8e67fca6adac033cbf2415107d343 Mon Sep 17 00:00:00 2001 From: mb Date: Sun, 28 Apr 2019 15:48:23 +0200 Subject: [PATCH 12/76] mb: update configs --- mb/1systems/orange/configuration.nix | 6 +++--- mb/1systems/p1nk/configuration.nix | 7 ++++--- mb/2configs/default.nix | 1 + 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/mb/1systems/orange/configuration.nix b/mb/1systems/orange/configuration.nix index 4ac0996a4..ff9d49884 100644 --- a/mb/1systems/orange/configuration.nix +++ b/mb/1systems/orange/configuration.nix @@ -27,15 +27,13 @@ in { fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; fileSystems."/mnt/public" = { - device = "//192.168.88.252/public"; + device = "//192.168.0.4/public"; fsType = "cifs"; options = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; }; - #networking.hostName = "0r4n93"; - networking.wireless.enable = false; # Select internationalisation properties. i18n = { @@ -173,7 +171,9 @@ in { #services.openssh.permitRootLogin = "yes"; services.openssh.passwordAuthentication = false; + networking.wireless.enable = false; networking.networkmanager.enable = false; + krebs.iptables.enable = true; #networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; networking.enableIPv6 = false; diff --git a/mb/1systems/p1nk/configuration.nix b/mb/1systems/p1nk/configuration.nix index 28a7c7776..73ef04bff 100644 --- a/mb/1systems/p1nk/configuration.nix +++ b/mb/1systems/p1nk/configuration.nix @@ -22,14 +22,13 @@ in { ]; fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; fileSystems."/mnt/public" = { - device = "//192.168.88.252/public"; + device = "//192.168.0.4/public"; fsType = "cifs"; options = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; }; - networking.wireless.enable = true; i18n = { consoleFont = "Lat2-Terminus16"; @@ -147,7 +146,7 @@ in { services.xserver = { enable = true; layout = "de"; - xkbOptions = "neo"; + xkbOptions = "nodeadkeys"; libinput.enable = true; desktopManager = { default = "xfce"; @@ -164,7 +163,9 @@ in { services.openssh.enable = true; services.openssh.passwordAuthentication = false; + krebs.iptables.enable = true; networking.networkmanager.enable = false; + networking.wireless.enable = true; networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; networking.enableIPv6 = false; diff --git a/mb/2configs/default.nix b/mb/2configs/default.nix index 75189e192..679be56de 100644 --- a/mb/2configs/default.nix +++ b/mb/2configs/default.nix @@ -67,6 +67,7 @@ with import ; environment.systemPackages = with pkgs; [ #stockholm git + git-preview gnumake jq parallel From 1e97ad698cd93a6d70ed607e976eee0878bfd9da Mon Sep 17 00:00:00 2001 From: magenbluten Date: Sun, 28 Apr 2019 16:54:11 +0200 Subject: [PATCH 13/76] mb: mutableUsers = true --- mb/2configs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mb/2configs/default.nix b/mb/2configs/default.nix index 679be56de..ab11495c8 100644 --- a/mb/2configs/default.nix +++ b/mb/2configs/default.nix @@ -49,7 +49,7 @@ with import ; build.user = config.krebs.users.mb; }; - users.mutableUsers = false; + users.mutableUsers = true; services.timesyncd.enable = mkForce true; From 7736272ac122ef616a253a8732bcddbddb031047 Mon Sep 17 00:00:00 2001 From: magenbluten Date: Sun, 28 Apr 2019 22:00:12 +0200 Subject: [PATCH 14/76] mb orange: no wireshark --- mb/1systems/orange/configuration.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/mb/1systems/orange/configuration.nix b/mb/1systems/orange/configuration.nix index ff9d49884..fb844717b 100644 --- a/mb/1systems/orange/configuration.nix +++ b/mb/1systems/orange/configuration.nix @@ -130,7 +130,6 @@ in { vulnix wcalc wget - wireshark-gtk xz ]; From 5c6a0a6e0077e51af57811be225f1553243997dc Mon Sep 17 00:00:00 2001 From: jeschli Date: Wed, 1 May 2019 21:35:46 +0200 Subject: [PATCH 15/76] j config: add qubasa's i3 config --- jeschli/2configs/window-manager.nix | 1078 +++++++++++++++++++++++++++ 1 file changed, 1078 insertions(+) create mode 100644 jeschli/2configs/window-manager.nix diff --git a/jeschli/2configs/window-manager.nix b/jeschli/2configs/window-manager.nix new file mode 100644 index 000000000..23c958df4 --- /dev/null +++ b/jeschli/2configs/window-manager.nix @@ -0,0 +1,1078 @@ +{pkgs, environment, config, lib, ... }: + +with pkgs; + +let + + bar_update_interval = "1"; # Option + + i3_status_script = pkgs.writeScript "i3script.sh" '' + #!/bin/sh + + # First time without wifi, because it blocks a long time + BAR="$(${temp_status})" + BAR+=" | $(${avail_disk})" + BAR+=" | $(${volume_status})" + BAR+=" | $(${brightness_status})" + BAR+=" | $(${vpn_status})" + BAR+=" | $(${eth_status})" + BAR+=" | Wifi " + BAR+=" | $(${date_status})" + BAR+=" | $(${battery_status})" + + echo "$BAR" + + while true; do + BAR="$(${temp_status})" + BAR+=" | $(${avail_disk})" + BAR+=" | $(${volume_status})" + BAR+=" | $(${brightness_status})" + BAR+=" | $(${vpn_status})" + BAR+=" | $(${eth_status})" + BAR+=" | $(${wifi_status})" + BAR+=" | $(${date_status})" + BAR+=" | $(${battery_status})" + + echo "$BAR" + sleep ${bar_update_interval} + done + + ''; + + # TODO: Change name if you have a different vpn interface name + vpn_status = pkgs.writeScript "vpn_status.sh" '' + #!/bin/sh + + export PATH="$PATH:${gawk}/bin:${acpi}/bin:${coreutils}/bin:${gnugrep}/bin:${calc}/bin" + + VPN="" + if [ -e "/proc/sys/net/ipv4/conf/labs-vpn" ]; then + VPN="Labs-VPN" + elif [ -e "/proc/sys/net/ipv4/conf/office-vpn" ]; then + VPN="Office-VPN" + elif [ -e "/proc/sys/net/ipv4/conf/tun0" ]; then + VPN="UKN-VPN" + elif [ -e "/proc/sys/net/ipv4/conf/wireguard-home" ]; then + VPN="Home-VPN" + fi + + if [ "$VPN" = "" ]; then + echo "VPN " + else + echo "$VPN " + fi + ''; + + avail_disk = pkgs.writeScript "avail_disk.sh" '' + #!/bin/sh + export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin" + + avail=$(df / -h | tail -n1| awk '{print $(NF-2) }') + echo "$avail " + ''; + + wifi_status = pkgs.writeScript "wifi_status.sh" '' + #!/bin/sh + + export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin:${wirelesstools}/bin" + + ssid=$(iwgetid -r) + quality=$(cat /proc/net/wireless | tail -n1 | awk '{ print $3}' | sed 's/\.//g')dB + + if [ "$ssid" = "" ]; then + echo "Wifi " + else + echo "$quality at $ssid " + fi + ''; + + + eth_status = pkgs.writeScript "eth_status.sh" '' + #!/bin/sh + + export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin:${iproute}/bin" + + first_eth=$(for i in /proc/sys/net/ipv4/conf/enp*; do basename "$i"; break; done) + status=$(ip link show dev "$first_eth" | head -n1 | awk '{ print $9 }') + + if [ "$status" = "DOWN" ]; then + echo "" + else + ip_addr=$(ip address show "$first_eth" | grep inet | head -n1 | awk '{ print $2 }' | sed 's/\/24//g') + echo "$ip_addr " + fi + + ''; + + volume_status = pkgs.writeScript "volume_status.sh" '' + #!/bin/sh + + export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin:${alsaUtils}/bin" + + status=$(amixer sget Master | grep 'Right:' | awk -F'[][]' '{ print $4 }') + volume=$(amixer sget Master | grep 'Right:' | awk -F'[][]' '{ print $2 }') + + if [ "$status" = "off" ]; then + echo "Muted " + else + echo "$volume " + fi + ''; + + date_status = pkgs.writeScript "date_status.sh" '' + #!/bin/sh + + export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin" + + echo "$(date +'%d.%m.%Y  %H:%M')" + ''; + + temp_status = pkgs.writeScript "temp_status.sh" '' + #!/bin/sh + + export PATH="$PATH:${gawk}/bin:${acpi}/bin:${coreutils}/bin:${gnugrep}/bin:${calc}/bin" + + temp=$(acpi -t | awk '{print $4}' | calc -p) + echo "$temp " + ''; + + brightness_status = pkgs.writeScript "brightness_status.sh" '' + #!/bin/sh + + brightness=$(${pkgs.acpilight}/bin/xbacklight -get) + echo "$brightness% " + ''; + + battery_status = with pkgs; pkgs.writeScript "battery_status.bash" '' + #!${pkgs.bash}/bin/bash + export PATH="$PATH:${gawk}/bin:${acpi}/bin:${coreutils}/bin:${gnugrep}/bin:${calc}/bin" + + get_battery_charging_status() { + if [ "$(acpi -b | grep Discharging)" != "" ]; then + echo "Discharging"; + else + echo "Charging"; + fi + } + declare -a capacity_arr + capacity_arr=( +  +  +  +  +  + ) + + # get charge of all batteries, combine them + total_charge=$(acpi -b | awk '{print $4}' | grep -Eo "[0-9]+" | paste -sd+ | calc -p); + + # get amount of batteries in the device + battery_number=$(acpi -b | wc -l); + percent=$((total_charge / battery_number)); + index=$((percent / ( 100 / ''${#capacity_arr[@]}) )) + + if [ "$(get_battery_charging_status)" == "Charging" ]; then + echo "$percent% " + else + echo "$percent% ''${capacity_arr[$index]}" + fi + ''; + + random-wallpaper = pkgs.writeScript "random-wallpaper.sh" '' + #!/bin/sh + file=$(find ${config.wallpapers} -type f -print0 | shuf -z -n 1) + ${pkgs.feh}/bin/feh --bg-scale "$file" + ''; + + reload_layout = pkgs.writeScript "reload_layout.sh" '' + #!/bin/sh + pkill gnome-terminal + + i3-msg append_layout ${shell_layout} + + for i in {1..16} + do + gnome-terminal & + done + ''; + + single_shell_spawn = pkgs.writeScript "single_shell_spawn.sh" '' + #!/bin/sh + + i3-msg focus parent + i3-msg append_layout ${single_shell} + for i in {1..2} + do + gnome-terminal + done + sleep 0.3 + i3-msg focus parent + ''; + + single_shell = pkgs.writeText "single-shell.json" '' +{ + "border": "pixel", + "floating": "auto_off", + "layout": "tabbed", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splith", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + } + ] + } + ] +} + ''; + + shell_layout = pkgs.writeText "shell-layout.json" '' + { + "border": "pixel", + "floating": "auto_off", + "layout": "tabbed", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splith", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + }, + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + } + ] + } + ] + }, + + { + "border": "pixel", + "floating": "auto_off", + "layout": "splith", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + }, + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + } + ] + } + ] + }, + + { + "border": "pixel", + "floating": "auto_off", + "layout": "splith", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + }, + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + } + ] + } + ] + }, + + + { + "border": "pixel", + "floating": "auto_off", + "layout": "splith", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + }, + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 0.5, + "type": "con", + "nodes": [ + { + "border": "pixel", + "floating": "auto_off", + "layout": "splitv", + "percent": 1, + "type": "con", + "nodes": [ + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + }, + { + "border": "pixel", + + "floating": "auto_off", + "geometry": { + "height": 434, + "width": 722, + "x": 0, + "y": 0 + }, + "percent": 0.5, + "swallows": [ + { + "class": "^Gnome\\-terminal$", + "instance": "^gnome\\-terminal\\-server$" + } + ], + "type": "con" + } + ] + } + ] + } + ] + } + ] + } + ''; + + + i3_conf_file = pkgs.writeText "config" '' + # This file has been auto-generated by i3-config-wizard(1). + # It will not be overwritten, so edit it as you like. + # + # Should you change your keyboard layout some time, delete + # this file and re-run i3-config-wizard(1). + # + + # i3 config file (v4) + # + # Please see https://i3wm.org/docs/userguide.html for a complete reference! + + set $mod Mod4 + + ####################### + # # + # LOOKS # + # # + ####################### + # Font for window titles. Will also be used by the bar unless a different font + # is used in the bar {} block below. + font pango:Monospace 20, Icons 10 + hide_edge_borders smart + new_window pixel 1 + new_float normal + + # Lockscreen shortcut + bindsym $mod+l exec xscreensaver-command -l + + # start a terminal + bindsym $mod+Return exec gnome-terminal + + + # class border backgr. text indicator child_border + client.focused #4fceea #285577 #ffffff #2e9ef4 #285577 + client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a + client.unfocused #333333 #222222 #888888 #292d2e #222222 + + # Size of border + default_border pixel 2 + + ####################### + # # + # DEFAULT CONFIG # + # # + ####################### + floating_modifier $mod + workspace_layout stacked + default_orientation vertical + + # Kill focused window + bindsym $mod+Shift+q kill + + # start dmenu (a program launcher) + bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run -theme /etc/nixos/resources/gruvbox-dark-soft.rasi + + # Switch windows + bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select -theme /etc/nixos/resources/gruvbox-dark-soft.rasi + + # Arrow keys for focus navigation + bindsym $mod+Left focus left + bindsym $mod+Down focus down + bindsym $mod+Up focus up + bindsym $mod+Right focus right + + # Move focused window + bindsym $mod+Shift+j move left + bindsym $mod+Shift+k move down + bindsym $mod+Shift+l move up + bindsym $mod+Shift+odiaeresis move right + + # Arrow keys for focused window movement + bindsym $mod+Shift+Left move left + bindsym $mod+Shift+Down move down + bindsym $mod+Shift+Up move up + bindsym $mod+Shift+Right move right + + # Split in horizontal orientation + bindsym $mod+h split h + + # Split in vertical orientation + bindsym $mod+v split v + + # Enter fullscreen mode for the focused container + bindsym $mod+f fullscreen toggle + + # Change container layout (stacked, tabbed, toggle split) + bindsym $mod+s layout stacking + bindsym $mod+w layout tabbed + bindsym $mod+e layout toggle split + + # Toggle tiling / floating + bindsym $mod+Shift+space floating toggle + + # Change focus between tiling / floating windows + bindsym $mod+space focus mode_toggle + + # Focus the parent container + bindsym $mod+a focus parent + + # Reload the configuration file + bindsym $mod+Shift+c reload + + # Restart i3 inplace (preserves your layout/session, can be used to upgrade i3) + bindsym $mod+Shift+r restart + + # Exit i3 (logs you out of your X session) + bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'" + + # Resize window. You can also use the mouse for that + mode "resize" { + # Pressing right will grow the window’s width. + # Pressing up will shrink the window’s height. + # Pressing down will grow the window’s height. + bindsym a resize shrink width 10 px or 10 ppt + bindsym s resize grow height 10 px or 10 ppt + bindsym w resize shrink height 10 px or 10 ppt + bindsym d resize grow width 10 px or 10 ppt + + # same bindings, but for the arrow keys + bindsym Left resize shrink width 10 px or 10 ppt + bindsym Down resize grow height 10 px or 10 ppt + bindsym Up resize shrink height 10 px or 10 ppt + bindsym Right resize grow width 10 px or 10 ppt + + # back to normal: Enter or Escape + bindsym Return mode "default" + bindsym Escape mode "default" + } + + # Enable floating + for_window [class="usbguard-applet-qt"] floating enable + for_window [class="Nm-connection-editor"] floating enable + for_window [class="Gnome-disks"] floating enable + for_window [class="QtPass" title="QtPass"] move scratchpad + + # Make the currently focused window a scratchpad + bindsym $mod+Shift+minus move scratchpad + + # Show the first scratchpad window + bindsym $mod+minus scratchpad show + + # Show the sup-mail scratchpad window, if any. + bindsym $mod+Shift+s [class="QtPass" title="QtPass"] scratchpad show + + ####################### + # # + # WORKSPACES # + # # + ####################### + # Variables + set $workspace1 "1: " + set $workspace2 "2: " + set $workspace3 "3: " + set $workspace4 "4: " + set $workspace5 "5: " + set $workspace6 "6: " + set $workspace7 "7" + set $workspace8 "8" + set $workspace9 "9" + set $workspace10 "10" + + assign [class="quassel"] $workspace3 + assign [class="Firefox"] $workspace2 + assign [class="Daily"] $workspace5 + + assign [class="VirtualBox Manager"] $workspace4 + assign [class="Virt-manager" title="Virtual Machine Manager"] $workspace4 + + assign [class="libreoffice"] $workspace6 + assign [class="Eclipse"] $workspace6 + + # Workspace lateral movement + bindsym $mod+Next workspace next + bindsym $mod+Prior workspace prev + + # Switch to workspace + bindsym $mod+1 workspace $workspace1 + bindsym $mod+2 workspace $workspace2 + bindsym $mod+3 workspace $workspace3 + bindsym $mod+4 workspace $workspace4 + bindsym $mod+5 workspace $workspace5 + bindsym $mod+6 workspace $workspace6 + bindsym $mod+7 workspace $workspace7 + bindsym $mod+8 workspace $workspace8 + bindsym $mod+9 workspace $workspace9 + bindsym $mod+0 workspace $workspace10 + + # Move workspace to other monitor + bindsym $mod+Shift+Next move workspace to output right + bindsym $mod+Shift+Prior move workspace to output left + + # move focused container to workspace + bindsym $mod+Shift+1 move container to workspace $workspace1 + bindsym $mod+Shift+2 move container to workspace $workspace2 + bindsym $mod+Shift+3 move container to workspace $workspace3 + bindsym $mod+Shift+4 move container to workspace $workspace4 + bindsym $mod+Shift+5 move container to workspace $workspace5 + bindsym $mod+Shift+6 move container to workspace $workspace6 + bindsym $mod+Shift+7 move container to workspace $workspace7 + bindsym $mod+Shift+8 move container to workspace $workspace8 + bindsym $mod+Shift+9 move container to workspace $workspace9 + bindsym $mod+Shift+0 move container to workspace $workspace10 + + + ####################### + # # + # FUNCTION KEYS # + # # + ####################### + # Backlight controls + bindsym XF86MonBrightnessUp exec --no-startup-id xbacklight +10 + bindsym XF86MonBrightnessDown exec --no-startup-id xbacklight -10 + + # Pulse Audio controls + bindsym XF86AudioRaiseVolume exec --no-startup-id pactl set-sink-volume 0 +5% #increase sound volume + bindsym XF86AudioLowerVolume exec --no-startup-id pactl set-sink-volume 0 -5% #decrease sound volume + bindsym XF86AudioMute exec --no-startup-id pactl set-sink-mute 0 toggle # mute sound + bindsym XF86AudioMicMute exec --no-startup-id amixer set Capture toggle + + ####################### + # # + # CONVENIENCE KEYS # + # # + ####################### + bindsym Shift+Alt+3 exec screenshot + + ####################### + # # + # WINDOW LAYOUT # + # # + ####################### + bindsym XF86LaunchA exec --no-startup-id ${reload_layout} + bindsym XF86Explorer exec --no-startup-id ${single_shell_spawn} + bindsym Shift+F11 exec --no-startup-id ${reload_layout} + bindsym Shift+F12 exec --no-startup-id ${single_shell_spawn} + + + bar { + status_command ${i3_status_script} + mode dock + position top + tray_output none + + font pango:monospace 14 + + # Scrolling on bar changes volume + bindsym button4 exec --no-startup-id pactl set-sink-volume 0 +5% + bindsym button5 exec --no-startup-id pactl set-sink-volume 0 +-5% + + # Right mouse click mutes the volume + bindsym button3 exec --no-startup-id pactl set-sink-mute 0 toggle + + + colors { + background #ffffff00 + statusline #ffe066 + + inactive_workspace #ffffff00 #ffffff00 #ffe066 + active_workspace #ffffff00 #ffffff00 #3f3f3f + urgent_workspace #ffffff00 #ffffff00 #ff8533 + } + } + + ####################### + # # + # AUTORUNS # + # # + ####################### + ## Start 16 gnome shells + exec i3-msg 'workspace $workspace1;' && ${reload_layout} + + # Start firefox + exec --no-startup-id ${pkgs.firefox}/bin/firefox --ProfileManager --new-instance --setDefaultBrowser + + # Quassel client + exec --no-startup-id ${pkgs.quasselClient}/bin/quasselclient + + # Random wallpaper + exec_always--no-startup-id ${random-wallpaper} + + # Start Qt-Pass + exec ${pkgs.qtpass}/bin/qtpass + ''; + +in { + services.xserver.enable = true; + services.xserver.layout = "de"; + + # Enable i3 Window Manager + services.xserver.windowManager.i3 = { + enable = true; + package = pkgs.i3; + configFile = i3_conf_file; + extraSessionCommands = '' + ${pkgs.openssh}/bin/ssh-add ${config.mainUserHome}/.ssh/id_rsa + ''; + }; + + # ${pkgs.xorg.xhost}/bin/xhost +SI:localuser:${cfg.user.name} + # ${pkgs.xorg.xhost}/bin/xhost -LOCAL: + services.xserver.windowManager.default = "i3"; + services.xserver.desktopManager.xterm.enable = false; + + # Enable the X11 windowing system. + services.xserver.displayManager.lightdm = { + enable = true; + autoLogin.enable = true; + autoLogin.user = config.mainUser; + autoLogin.timeout = 2; + greeter.enable = true; + }; + + fonts = { + fonts = with pkgs; [ + font-awesome_5 + ]; + }; + + # Allow users in video group to change brightness + hardware.brightnessctl.enable = true; + + environment.systemPackages = with pkgs; [ + rofi # Dmenu replacement + acpilight # Replacement for xbacklight + arandr # Xrandr gui + feh + wirelesstools # To get wireless statistics + acpi + xorg.xhost + xorg.xauth + ]; + +} From ad57bfe55eaadad1a09344742403725328c036db Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 4 May 2019 07:35:13 +0200 Subject: [PATCH 16/76] j brauerei: remove dead code --- jeschli/1systems/brauerei/config.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index b8b2b66bc..de940fedf 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -1,16 +1,14 @@ { config, pkgs, lib, ... }: let xmonad-jeschli = pkgs.callPackage { inherit config; }; + mainUser = config.krebs.build.user.name; in { imports = [ ./hardware-configuration.nix -# -# -# -# + ]; From 7fd7a1336cbf6e4da69caa231368a82db7f3516c Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 4 May 2019 07:35:46 +0200 Subject: [PATCH 17/76] j brauerei: add rofi --- jeschli/1systems/brauerei/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index de940fedf..55b28c3e8 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -52,6 +52,7 @@ in copyq curl dmenu + rofi git gnupg i3lock From a553c80f764d3b02d832a5839abadd6215047c70 Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 4 May 2019 07:37:05 +0200 Subject: [PATCH 18/76] j configs: remove window-manager.nix --- jeschli/2configs/window-manager.nix | 1078 --------------------------- 1 file changed, 1078 deletions(-) delete mode 100644 jeschli/2configs/window-manager.nix diff --git a/jeschli/2configs/window-manager.nix b/jeschli/2configs/window-manager.nix deleted file mode 100644 index 23c958df4..000000000 --- a/jeschli/2configs/window-manager.nix +++ /dev/null @@ -1,1078 +0,0 @@ -{pkgs, environment, config, lib, ... }: - -with pkgs; - -let - - bar_update_interval = "1"; # Option - - i3_status_script = pkgs.writeScript "i3script.sh" '' - #!/bin/sh - - # First time without wifi, because it blocks a long time - BAR="$(${temp_status})" - BAR+=" | $(${avail_disk})" - BAR+=" | $(${volume_status})" - BAR+=" | $(${brightness_status})" - BAR+=" | $(${vpn_status})" - BAR+=" | $(${eth_status})" - BAR+=" | Wifi " - BAR+=" | $(${date_status})" - BAR+=" | $(${battery_status})" - - echo "$BAR" - - while true; do - BAR="$(${temp_status})" - BAR+=" | $(${avail_disk})" - BAR+=" | $(${volume_status})" - BAR+=" | $(${brightness_status})" - BAR+=" | $(${vpn_status})" - BAR+=" | $(${eth_status})" - BAR+=" | $(${wifi_status})" - BAR+=" | $(${date_status})" - BAR+=" | $(${battery_status})" - - echo "$BAR" - sleep ${bar_update_interval} - done - - ''; - - # TODO: Change name if you have a different vpn interface name - vpn_status = pkgs.writeScript "vpn_status.sh" '' - #!/bin/sh - - export PATH="$PATH:${gawk}/bin:${acpi}/bin:${coreutils}/bin:${gnugrep}/bin:${calc}/bin" - - VPN="" - if [ -e "/proc/sys/net/ipv4/conf/labs-vpn" ]; then - VPN="Labs-VPN" - elif [ -e "/proc/sys/net/ipv4/conf/office-vpn" ]; then - VPN="Office-VPN" - elif [ -e "/proc/sys/net/ipv4/conf/tun0" ]; then - VPN="UKN-VPN" - elif [ -e "/proc/sys/net/ipv4/conf/wireguard-home" ]; then - VPN="Home-VPN" - fi - - if [ "$VPN" = "" ]; then - echo "VPN " - else - echo "$VPN " - fi - ''; - - avail_disk = pkgs.writeScript "avail_disk.sh" '' - #!/bin/sh - export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin" - - avail=$(df / -h | tail -n1| awk '{print $(NF-2) }') - echo "$avail " - ''; - - wifi_status = pkgs.writeScript "wifi_status.sh" '' - #!/bin/sh - - export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin:${wirelesstools}/bin" - - ssid=$(iwgetid -r) - quality=$(cat /proc/net/wireless | tail -n1 | awk '{ print $3}' | sed 's/\.//g')dB - - if [ "$ssid" = "" ]; then - echo "Wifi " - else - echo "$quality at $ssid " - fi - ''; - - - eth_status = pkgs.writeScript "eth_status.sh" '' - #!/bin/sh - - export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin:${iproute}/bin" - - first_eth=$(for i in /proc/sys/net/ipv4/conf/enp*; do basename "$i"; break; done) - status=$(ip link show dev "$first_eth" | head -n1 | awk '{ print $9 }') - - if [ "$status" = "DOWN" ]; then - echo "" - else - ip_addr=$(ip address show "$first_eth" | grep inet | head -n1 | awk '{ print $2 }' | sed 's/\/24//g') - echo "$ip_addr " - fi - - ''; - - volume_status = pkgs.writeScript "volume_status.sh" '' - #!/bin/sh - - export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin:${alsaUtils}/bin" - - status=$(amixer sget Master | grep 'Right:' | awk -F'[][]' '{ print $4 }') - volume=$(amixer sget Master | grep 'Right:' | awk -F'[][]' '{ print $2 }') - - if [ "$status" = "off" ]; then - echo "Muted " - else - echo "$volume " - fi - ''; - - date_status = pkgs.writeScript "date_status.sh" '' - #!/bin/sh - - export PATH="$PATH:${gawk}/bin:${coreutils}/bin:${gnugrep}/bin" - - echo "$(date +'%d.%m.%Y  %H:%M')" - ''; - - temp_status = pkgs.writeScript "temp_status.sh" '' - #!/bin/sh - - export PATH="$PATH:${gawk}/bin:${acpi}/bin:${coreutils}/bin:${gnugrep}/bin:${calc}/bin" - - temp=$(acpi -t | awk '{print $4}' | calc -p) - echo "$temp " - ''; - - brightness_status = pkgs.writeScript "brightness_status.sh" '' - #!/bin/sh - - brightness=$(${pkgs.acpilight}/bin/xbacklight -get) - echo "$brightness% " - ''; - - battery_status = with pkgs; pkgs.writeScript "battery_status.bash" '' - #!${pkgs.bash}/bin/bash - export PATH="$PATH:${gawk}/bin:${acpi}/bin:${coreutils}/bin:${gnugrep}/bin:${calc}/bin" - - get_battery_charging_status() { - if [ "$(acpi -b | grep Discharging)" != "" ]; then - echo "Discharging"; - else - echo "Charging"; - fi - } - declare -a capacity_arr - capacity_arr=( -  -  -  -  -  - ) - - # get charge of all batteries, combine them - total_charge=$(acpi -b | awk '{print $4}' | grep -Eo "[0-9]+" | paste -sd+ | calc -p); - - # get amount of batteries in the device - battery_number=$(acpi -b | wc -l); - percent=$((total_charge / battery_number)); - index=$((percent / ( 100 / ''${#capacity_arr[@]}) )) - - if [ "$(get_battery_charging_status)" == "Charging" ]; then - echo "$percent% " - else - echo "$percent% ''${capacity_arr[$index]}" - fi - ''; - - random-wallpaper = pkgs.writeScript "random-wallpaper.sh" '' - #!/bin/sh - file=$(find ${config.wallpapers} -type f -print0 | shuf -z -n 1) - ${pkgs.feh}/bin/feh --bg-scale "$file" - ''; - - reload_layout = pkgs.writeScript "reload_layout.sh" '' - #!/bin/sh - pkill gnome-terminal - - i3-msg append_layout ${shell_layout} - - for i in {1..16} - do - gnome-terminal & - done - ''; - - single_shell_spawn = pkgs.writeScript "single_shell_spawn.sh" '' - #!/bin/sh - - i3-msg focus parent - i3-msg append_layout ${single_shell} - for i in {1..2} - do - gnome-terminal - done - sleep 0.3 - i3-msg focus parent - ''; - - single_shell = pkgs.writeText "single-shell.json" '' -{ - "border": "pixel", - "floating": "auto_off", - "layout": "tabbed", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splith", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - } - ] - } - ] -} - ''; - - shell_layout = pkgs.writeText "shell-layout.json" '' - { - "border": "pixel", - "floating": "auto_off", - "layout": "tabbed", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splith", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - }, - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - } - ] - } - ] - }, - - { - "border": "pixel", - "floating": "auto_off", - "layout": "splith", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - }, - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - } - ] - } - ] - }, - - { - "border": "pixel", - "floating": "auto_off", - "layout": "splith", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - }, - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - } - ] - } - ] - }, - - - { - "border": "pixel", - "floating": "auto_off", - "layout": "splith", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - }, - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 0.5, - "type": "con", - "nodes": [ - { - "border": "pixel", - "floating": "auto_off", - "layout": "splitv", - "percent": 1, - "type": "con", - "nodes": [ - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - }, - { - "border": "pixel", - - "floating": "auto_off", - "geometry": { - "height": 434, - "width": 722, - "x": 0, - "y": 0 - }, - "percent": 0.5, - "swallows": [ - { - "class": "^Gnome\\-terminal$", - "instance": "^gnome\\-terminal\\-server$" - } - ], - "type": "con" - } - ] - } - ] - } - ] - } - ] - } - ''; - - - i3_conf_file = pkgs.writeText "config" '' - # This file has been auto-generated by i3-config-wizard(1). - # It will not be overwritten, so edit it as you like. - # - # Should you change your keyboard layout some time, delete - # this file and re-run i3-config-wizard(1). - # - - # i3 config file (v4) - # - # Please see https://i3wm.org/docs/userguide.html for a complete reference! - - set $mod Mod4 - - ####################### - # # - # LOOKS # - # # - ####################### - # Font for window titles. Will also be used by the bar unless a different font - # is used in the bar {} block below. - font pango:Monospace 20, Icons 10 - hide_edge_borders smart - new_window pixel 1 - new_float normal - - # Lockscreen shortcut - bindsym $mod+l exec xscreensaver-command -l - - # start a terminal - bindsym $mod+Return exec gnome-terminal - - - # class border backgr. text indicator child_border - client.focused #4fceea #285577 #ffffff #2e9ef4 #285577 - client.focused_inactive #333333 #5f676a #ffffff #484e50 #5f676a - client.unfocused #333333 #222222 #888888 #292d2e #222222 - - # Size of border - default_border pixel 2 - - ####################### - # # - # DEFAULT CONFIG # - # # - ####################### - floating_modifier $mod - workspace_layout stacked - default_orientation vertical - - # Kill focused window - bindsym $mod+Shift+q kill - - # start dmenu (a program launcher) - bindsym $mod+d exec ${pkgs.rofi}/bin/rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run -theme /etc/nixos/resources/gruvbox-dark-soft.rasi - - # Switch windows - bindsym $mod+x exec ${pkgs.rofi}/bin/rofi -modi window -show window -auto-select -theme /etc/nixos/resources/gruvbox-dark-soft.rasi - - # Arrow keys for focus navigation - bindsym $mod+Left focus left - bindsym $mod+Down focus down - bindsym $mod+Up focus up - bindsym $mod+Right focus right - - # Move focused window - bindsym $mod+Shift+j move left - bindsym $mod+Shift+k move down - bindsym $mod+Shift+l move up - bindsym $mod+Shift+odiaeresis move right - - # Arrow keys for focused window movement - bindsym $mod+Shift+Left move left - bindsym $mod+Shift+Down move down - bindsym $mod+Shift+Up move up - bindsym $mod+Shift+Right move right - - # Split in horizontal orientation - bindsym $mod+h split h - - # Split in vertical orientation - bindsym $mod+v split v - - # Enter fullscreen mode for the focused container - bindsym $mod+f fullscreen toggle - - # Change container layout (stacked, tabbed, toggle split) - bindsym $mod+s layout stacking - bindsym $mod+w layout tabbed - bindsym $mod+e layout toggle split - - # Toggle tiling / floating - bindsym $mod+Shift+space floating toggle - - # Change focus between tiling / floating windows - bindsym $mod+space focus mode_toggle - - # Focus the parent container - bindsym $mod+a focus parent - - # Reload the configuration file - bindsym $mod+Shift+c reload - - # Restart i3 inplace (preserves your layout/session, can be used to upgrade i3) - bindsym $mod+Shift+r restart - - # Exit i3 (logs you out of your X session) - bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'" - - # Resize window. You can also use the mouse for that - mode "resize" { - # Pressing right will grow the window’s width. - # Pressing up will shrink the window’s height. - # Pressing down will grow the window’s height. - bindsym a resize shrink width 10 px or 10 ppt - bindsym s resize grow height 10 px or 10 ppt - bindsym w resize shrink height 10 px or 10 ppt - bindsym d resize grow width 10 px or 10 ppt - - # same bindings, but for the arrow keys - bindsym Left resize shrink width 10 px or 10 ppt - bindsym Down resize grow height 10 px or 10 ppt - bindsym Up resize shrink height 10 px or 10 ppt - bindsym Right resize grow width 10 px or 10 ppt - - # back to normal: Enter or Escape - bindsym Return mode "default" - bindsym Escape mode "default" - } - - # Enable floating - for_window [class="usbguard-applet-qt"] floating enable - for_window [class="Nm-connection-editor"] floating enable - for_window [class="Gnome-disks"] floating enable - for_window [class="QtPass" title="QtPass"] move scratchpad - - # Make the currently focused window a scratchpad - bindsym $mod+Shift+minus move scratchpad - - # Show the first scratchpad window - bindsym $mod+minus scratchpad show - - # Show the sup-mail scratchpad window, if any. - bindsym $mod+Shift+s [class="QtPass" title="QtPass"] scratchpad show - - ####################### - # # - # WORKSPACES # - # # - ####################### - # Variables - set $workspace1 "1: " - set $workspace2 "2: " - set $workspace3 "3: " - set $workspace4 "4: " - set $workspace5 "5: " - set $workspace6 "6: " - set $workspace7 "7" - set $workspace8 "8" - set $workspace9 "9" - set $workspace10 "10" - - assign [class="quassel"] $workspace3 - assign [class="Firefox"] $workspace2 - assign [class="Daily"] $workspace5 - - assign [class="VirtualBox Manager"] $workspace4 - assign [class="Virt-manager" title="Virtual Machine Manager"] $workspace4 - - assign [class="libreoffice"] $workspace6 - assign [class="Eclipse"] $workspace6 - - # Workspace lateral movement - bindsym $mod+Next workspace next - bindsym $mod+Prior workspace prev - - # Switch to workspace - bindsym $mod+1 workspace $workspace1 - bindsym $mod+2 workspace $workspace2 - bindsym $mod+3 workspace $workspace3 - bindsym $mod+4 workspace $workspace4 - bindsym $mod+5 workspace $workspace5 - bindsym $mod+6 workspace $workspace6 - bindsym $mod+7 workspace $workspace7 - bindsym $mod+8 workspace $workspace8 - bindsym $mod+9 workspace $workspace9 - bindsym $mod+0 workspace $workspace10 - - # Move workspace to other monitor - bindsym $mod+Shift+Next move workspace to output right - bindsym $mod+Shift+Prior move workspace to output left - - # move focused container to workspace - bindsym $mod+Shift+1 move container to workspace $workspace1 - bindsym $mod+Shift+2 move container to workspace $workspace2 - bindsym $mod+Shift+3 move container to workspace $workspace3 - bindsym $mod+Shift+4 move container to workspace $workspace4 - bindsym $mod+Shift+5 move container to workspace $workspace5 - bindsym $mod+Shift+6 move container to workspace $workspace6 - bindsym $mod+Shift+7 move container to workspace $workspace7 - bindsym $mod+Shift+8 move container to workspace $workspace8 - bindsym $mod+Shift+9 move container to workspace $workspace9 - bindsym $mod+Shift+0 move container to workspace $workspace10 - - - ####################### - # # - # FUNCTION KEYS # - # # - ####################### - # Backlight controls - bindsym XF86MonBrightnessUp exec --no-startup-id xbacklight +10 - bindsym XF86MonBrightnessDown exec --no-startup-id xbacklight -10 - - # Pulse Audio controls - bindsym XF86AudioRaiseVolume exec --no-startup-id pactl set-sink-volume 0 +5% #increase sound volume - bindsym XF86AudioLowerVolume exec --no-startup-id pactl set-sink-volume 0 -5% #decrease sound volume - bindsym XF86AudioMute exec --no-startup-id pactl set-sink-mute 0 toggle # mute sound - bindsym XF86AudioMicMute exec --no-startup-id amixer set Capture toggle - - ####################### - # # - # CONVENIENCE KEYS # - # # - ####################### - bindsym Shift+Alt+3 exec screenshot - - ####################### - # # - # WINDOW LAYOUT # - # # - ####################### - bindsym XF86LaunchA exec --no-startup-id ${reload_layout} - bindsym XF86Explorer exec --no-startup-id ${single_shell_spawn} - bindsym Shift+F11 exec --no-startup-id ${reload_layout} - bindsym Shift+F12 exec --no-startup-id ${single_shell_spawn} - - - bar { - status_command ${i3_status_script} - mode dock - position top - tray_output none - - font pango:monospace 14 - - # Scrolling on bar changes volume - bindsym button4 exec --no-startup-id pactl set-sink-volume 0 +5% - bindsym button5 exec --no-startup-id pactl set-sink-volume 0 +-5% - - # Right mouse click mutes the volume - bindsym button3 exec --no-startup-id pactl set-sink-mute 0 toggle - - - colors { - background #ffffff00 - statusline #ffe066 - - inactive_workspace #ffffff00 #ffffff00 #ffe066 - active_workspace #ffffff00 #ffffff00 #3f3f3f - urgent_workspace #ffffff00 #ffffff00 #ff8533 - } - } - - ####################### - # # - # AUTORUNS # - # # - ####################### - ## Start 16 gnome shells - exec i3-msg 'workspace $workspace1;' && ${reload_layout} - - # Start firefox - exec --no-startup-id ${pkgs.firefox}/bin/firefox --ProfileManager --new-instance --setDefaultBrowser - - # Quassel client - exec --no-startup-id ${pkgs.quasselClient}/bin/quasselclient - - # Random wallpaper - exec_always--no-startup-id ${random-wallpaper} - - # Start Qt-Pass - exec ${pkgs.qtpass}/bin/qtpass - ''; - -in { - services.xserver.enable = true; - services.xserver.layout = "de"; - - # Enable i3 Window Manager - services.xserver.windowManager.i3 = { - enable = true; - package = pkgs.i3; - configFile = i3_conf_file; - extraSessionCommands = '' - ${pkgs.openssh}/bin/ssh-add ${config.mainUserHome}/.ssh/id_rsa - ''; - }; - - # ${pkgs.xorg.xhost}/bin/xhost +SI:localuser:${cfg.user.name} - # ${pkgs.xorg.xhost}/bin/xhost -LOCAL: - services.xserver.windowManager.default = "i3"; - services.xserver.desktopManager.xterm.enable = false; - - # Enable the X11 windowing system. - services.xserver.displayManager.lightdm = { - enable = true; - autoLogin.enable = true; - autoLogin.user = config.mainUser; - autoLogin.timeout = 2; - greeter.enable = true; - }; - - fonts = { - fonts = with pkgs; [ - font-awesome_5 - ]; - }; - - # Allow users in video group to change brightness - hardware.brightnessctl.enable = true; - - environment.systemPackages = with pkgs; [ - rofi # Dmenu replacement - acpilight # Replacement for xbacklight - arandr # Xrandr gui - feh - wirelesstools # To get wireless statistics - acpi - xorg.xhost - xorg.xauth - ]; - -} From 397fad23666f0705f03af166ad0b9a7d87104e4d Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 5 May 2019 10:27:57 +0200 Subject: [PATCH 19/76] nixpkgs: cf3e277 -> 04954e3 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 0bc3abf9c..ae75f6074 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "cf3e277dd0bd710af0df667e9364f4bd80c72713", - "date": "2019-04-24T23:55:21+02:00", - "sha256": "1abyadl3sxf67yi65758hq6hf2j07afgp1fmkk7kd94dadx6r6f4", + "rev": "04954e39df88487bf5b6bb5e532520e83a6c22ea", + "date": "2019-05-04T20:25:55-04:00", + "sha256": "1l6wc13mwwhv0msa0596wvsq2j2kxj1wjchdz4v1zzia781rpd8m", "fetchSubmodules": false } From 3899d0195c6077174e2d416c490dfae8783acee5 Mon Sep 17 00:00:00 2001 From: jeschli Date: Wed, 8 May 2019 08:29:14 +0200 Subject: [PATCH 20/76] j brauerei: add xdotool for select last window hack in i3 --- jeschli/1systems/brauerei/config.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 55b28c3e8..0deaded66 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -53,6 +53,7 @@ in curl dmenu rofi + xdotool git gnupg i3lock From 3128953fa34d3683444e843d80a6adc2d67bf7ea Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 May 2019 14:30:21 +0200 Subject: [PATCH 21/76] l vim: reactivate flake8 --- lass/2configs/vim.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 4f7bd4437..4b15e6cbd 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -11,6 +11,7 @@ let (hiPrio (pkgs.python3.withPackages (ps: [ ps.python-language-server ps.pyls-isort + ps.flake8 ]))) ]; @@ -73,8 +74,8 @@ let au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile "Syntastic config - "let g:syntastic_python_checkers=['flake8'] - "let g:syntastic_python_flake8_post_args='--ignore=E501' + let g:syntastic_python_checkers=['flake8'] + let g:syntastic_python_flake8_post_args='--ignore=E501' nnoremap :call LanguageClient_contextMenu() set hidden @@ -126,7 +127,7 @@ let extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ pkgs.vimPlugins.ack-vim pkgs.vimPlugins.Gundo - #pkgs.vimPlugins.Syntastic + pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree pkgs.vimPlugins.vim-go pkgs.vimPlugins.fzf-vim From 62535247901c883e8bb0fb2ec61248566a7ff60e Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 May 2019 14:53:13 +0200 Subject: [PATCH 22/76] l vim: remove syntastic (flake8 works over lsp) --- lass/2configs/vim.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 4b15e6cbd..2d4196f1b 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -73,10 +73,6 @@ let au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - "Syntastic config - let g:syntastic_python_checkers=['flake8'] - let g:syntastic_python_flake8_post_args='--ignore=E501' - nnoremap :call LanguageClient_contextMenu() set hidden let g:LanguageClient_serverCommands = { @@ -127,7 +123,6 @@ let extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ pkgs.vimPlugins.ack-vim pkgs.vimPlugins.Gundo - pkgs.vimPlugins.Syntastic pkgs.vimPlugins.undotree pkgs.vimPlugins.vim-go pkgs.vimPlugins.fzf-vim From e9f96d7757f48000c6c4a4c1317bf4debab16a27 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 14 May 2019 15:11:42 +0200 Subject: [PATCH 23/76] l vim: add more python lsp tools --- lass/2configs/vim.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index 2d4196f1b..a26255d49 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -11,7 +11,9 @@ let (hiPrio (pkgs.python3.withPackages (ps: [ ps.python-language-server ps.pyls-isort + ps.pyflakes ps.flake8 + ps.yapf ]))) ]; From 10ff96638dbfabab63bdf4c795777df395c36bec Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 18:22:50 +0200 Subject: [PATCH 24/76] j brauerei: add home-manager --- jeschli/1systems/brauerei/config.nix | 22 ++++++++++++++++++++-- jeschli/krops.nix | 6 ++++++ 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 0deaded66..059ec6d71 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -7,11 +7,11 @@ in imports = [ ./hardware-configuration.nix + - ]; - + ]; krebs.build.host = config.krebs.hosts.brauerei; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; @@ -122,6 +122,24 @@ in # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + home-manager.useUserPackages = true; + home-manager.users.jeschli = { + home.stateVersion = "19.03"; + }; +# home-manager.enable = true; + + home-manager.users.jeschli.home.file = { + ".emacs.d" = { + source = pkgs.fetchFromGitHub { + owner = "jeschli"; + repo = "emacs.d"; + rev = "8ed6c40"; + sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; + }; + recursive = true; + }; + }; + # List services that you want to enable: # Enable the OpenSSH daemon. diff --git a/jeschli/krops.nix b/jeschli/krops.nix index dbf94bd0d..f3964a553 100644 --- a/jeschli/krops.nix +++ b/jeschli/krops.nix @@ -15,6 +15,12 @@ file = "${lib.getEnv "HOME"}/secrets/${name}"; }; } + { + home-manager.git = { + url = https://github.com/rycee/home-manager; + ref = "2ccbf43"; + }; + } ]; in { From 3b1e24235e8ce7f11bd885d4beba4edeb0645b7d Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 16:24:22 +0000 Subject: [PATCH 25/76] j bolide: update to i3 --- jeschli/1systems/bolide/config.nix | 49 ++++++++++--------- .../bolide/hardware-configuration.nix | 1 + 2 files changed, 27 insertions(+), 23 deletions(-) diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix index 699a85b58..748a9d7c5 100644 --- a/jeschli/1systems/bolide/config.nix +++ b/jeschli/1systems/bolide/config.nix @@ -2,13 +2,14 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, pkgs, ... }: - +{ config, pkgs, lib, ... }: { imports = [ ./hardware-configuration.nix + # + # ]; @@ -29,7 +30,8 @@ allowDiscards = true; } ]; # networking.hostName = "bolide"; # Define your hostname. - networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. +# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Select internationalisation properties. # i18n = { @@ -103,36 +105,37 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # Enable CUPS to print documents. - # services.printing.enable = true; + services.xserver = { - # Enable the X11 windowing system. - services.xserver.enable = true; - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; + enable = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.windowManager.xmonad.enable = true; - services.xserver.windowManager.xmonad.enableContribAndExtras = true; - # Enable touchpad support. - # services.xserver.libinput.enable = true; + desktopManager = { + xfce.enable = true; + gnome3.enable = true; + }; +# # Don't install feh into systemPackages +# # refs +# desktopManager.session = lib.mkForce []; +# +# enable = true; +# display = 11; +# tty = 11; +# +# dpi = 96; - # Enable the KDE Desktop Environment. - # services.xserver.displayManager.sddm.enable = true; - # services.xserver.desktopManager.plasma5.enable = true; + videoDrivers = [ "nvidia" ]; + }; + + services.xserver.windowManager.i3.enable = true; - # Define a user account. Don't forget to set a password with ‘passwd’. users.extraUsers.jeschli = { isNormalUser = true; + extraGroups = ["docker" "vboxusers" "audio"]; uid = 1000; }; + hardware.pulseaudio.enable = true; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you diff --git a/jeschli/1systems/bolide/hardware-configuration.nix b/jeschli/1systems/bolide/hardware-configuration.nix index 183b29e42..042b746ef 100644 --- a/jeschli/1systems/bolide/hardware-configuration.nix +++ b/jeschli/1systems/bolide/hardware-configuration.nix @@ -29,4 +29,5 @@ nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = "powersave"; + hardware.pulseaudio.enable = true; } From 252c5bd49b08bef4fe0c9a5413ebd53594224d49 Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 18:31:51 +0200 Subject: [PATCH 26/76] j enklave: add jeschli-bolide to write --- jeschli/2configs/git.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jeschli/2configs/git.nix b/jeschli/2configs/git.nix index a26022789..faa8ccf5b 100644 --- a/jeschli/2configs/git.nix +++ b/jeschli/2configs/git.nix @@ -60,7 +60,7 @@ let with git // config.krebs.users; repo: singleton { - user = [ jeschli jeschli-brauerei]; + user = [ jeschli jeschli-brauerei jeschli-bolide]; repo = [ repo ]; perm = push "refs/*" [ non-fast-forward create delete merge ]; } ++ From c8795f6cf870e1e0c0bccc4012290943d114c213 Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 18:34:26 +0200 Subject: [PATCH 27/76] j: add home-manager config --- jeschli/2configs/home-manager/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 jeschli/2configs/home-manager/default.nix diff --git a/jeschli/2configs/home-manager/default.nix b/jeschli/2configs/home-manager/default.nix new file mode 100644 index 000000000..ad8663d58 --- /dev/null +++ b/jeschli/2configs/home-manager/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + + ]; + home-manager.useUserPackages = true; + home-manager.users.jeschli = { + home.stateVersion = "19.03"; + }; +} From dd8cb1bffbd9f3d33dcca643fbe1eb69f334e4a9 Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 18:48:43 +0000 Subject: [PATCH 28/76] j bolide: home-manager binary --- jeschli/1systems/bolide/config.nix | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/jeschli/1systems/bolide/config.nix b/jeschli/1systems/bolide/config.nix index 748a9d7c5..a9f564f75 100644 --- a/jeschli/1systems/bolide/config.nix +++ b/jeschli/1systems/bolide/config.nix @@ -8,10 +8,9 @@ [ ./hardware-configuration.nix - # - # + - + # ]; krebs.build.host = config.krebs.hosts.bolide; @@ -54,6 +53,8 @@ }; nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ + home-manager + wget vim # system helper ag @@ -94,6 +95,22 @@ zathura ]; + home-manager.useUserPackages = true; + home-manager.users.jeschli = { + home.stateVersion = "19.03"; + }; + + home-manager.users.jeschli.home.file = { + ".emacs.d" = { + source = pkgs.fetchFromGitHub { + owner = "jeschli"; + repo = "emacs.d"; + rev = "8ed6c40"; + sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; + }; + recursive = true; + }; + }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.bash.enableCompletion = true; From 78bade2c387a76b55066027396966f4c5bf4307a Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 18:49:57 +0000 Subject: [PATCH 29/76] j bolide: add home.nix --- jeschli/1systems/bolide/home.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 jeschli/1systems/bolide/home.nix diff --git a/jeschli/1systems/bolide/home.nix b/jeschli/1systems/bolide/home.nix new file mode 100644 index 000000000..cd84ab3fb --- /dev/null +++ b/jeschli/1systems/bolide/home.nix @@ -0,0 +1,18 @@ +{ pkgs, ... }: + +{ + home.file = { + ".emacs.d" = { + source = pkgs.fetchFromGitHub { + owner = "jeschli"; + repo = "emacs.d"; + rev = "8ed6c40"; + sha256 = "1q2y478srwp9f58l8cixnd2wj51909gp1z68k8pjlbjy2mrvibs0"; + }; + recursive = true; + }; + ".config/i3/config".text = '' + ''; + }; + +} From 8a44f7f8c8ffa4c47c723b7de647653e980cd6c8 Mon Sep 17 00:00:00 2001 From: jeschli Date: Sat, 18 May 2019 20:55:09 +0200 Subject: [PATCH 30/76] j bolide: add i3 to home.nix --- jeschli/1systems/bolide/home.nix | 153 +++++++++++++++++++++++++++++++ 1 file changed, 153 insertions(+) diff --git a/jeschli/1systems/bolide/home.nix b/jeschli/1systems/bolide/home.nix index cd84ab3fb..60fee8b67 100644 --- a/jeschli/1systems/bolide/home.nix +++ b/jeschli/1systems/bolide/home.nix @@ -12,6 +12,159 @@ recursive = true; }; ".config/i3/config".text = '' + +set $mod Mod4 + +font pango:monospace 8 + +floating_modifier $mod + +bindsym $mod+Return exec i3-sensible-terminal + +bindsym $mod+Shift+q kill + +bindsym $mod+d exec rofi -modi drun#run -combi-modi drun#run -show combi -show-icons -display-combi run + +bindsym $mod+x exec rofi -modi window -show window -auto-select + +# switch to last used window +bindsym $mod+Tab exec rofi -show window& sleep 0.15 && xdotool key Down + +# change focus +bindsym $mod+j focus left +bindsym $mod+k focus down +bindsym $mod+l focus up +bindsym $mod+semicolon focus right + +# alternatively, you can use the cursor keys: +bindsym $mod+Left focus left +bindsym $mod+Down focus down +bindsym $mod+Up focus up +bindsym $mod+Right focus right + +# Resizing windows by 10 in i3 using keyboard only +bindsym $mod+Ctrl+Shift+Right resize shrink width 10 px or 10 ppt +bindsym $mod+Ctrl+Shift+Up resize grow height 10 px or 10 ppt +bindsym $mod+Ctrl+Shift+Down resize shrink height 10 px or 10 ppt +bindsym $mod+Ctrl+Shift+Left resize grow width 10 px or 10 ppt + +# move focused window +bindsym $mod+Shift+j move left +bindsym $mod+Shift+k move down +bindsym $mod+Shift+l move up +bindsym $mod+Shift+semicolon move right + +# alternatively, you can use the cursor keys: +bindsym $mod+Shift+Left move left +bindsym $mod+Shift+Down move down +bindsym $mod+Shift+Up move up +bindsym $mod+Shift+Right move right + +# split in horizontal orientation +bindsym $mod+h split h + +# split in vertical orientation +bindsym $mod+v split v + +# enter fullscreen mode for the focused container +bindsym $mod+f fullscreen toggle + +# change container layout (stacked, tabbed, toggle split) +bindsym $mod+s layout stacking +bindsym $mod+w layout tabbed +bindsym $mod+e layout toggle split + +# toggle tiling / floating +bindsym $mod+Shift+space floating toggle + +# change focus between tiling / floating windows +bindsym $mod+space focus mode_toggle + +# focus the parent container +bindsym $mod+a focus parent + +# focus the child container +#bindsym $mod+d focus child + +# Define names for default workspaces for which we configure key bindings later on. +# We use variables to avoid repeating the names in multiple places. +set $ws1 "1" +set $ws2 "2" +set $ws3 "3" +set $ws4 "4" +set $ws5 "5" +set $ws6 "6" +set $ws7 "7" +set $ws8 "8" +set $ws9 "9" +set $ws10 "10" + +# switch to workspace +bindsym $mod+1 workspace $ws1 +bindsym $mod+2 workspace $ws2 +bindsym $mod+3 workspace $ws3 +bindsym $mod+4 workspace $ws4 +bindsym $mod+5 workspace $ws5 +bindsym $mod+6 workspace $ws6 +bindsym $mod+7 workspace $ws7 +bindsym $mod+8 workspace $ws8 +bindsym $mod+9 workspace $ws9 +bindsym $mod+0 workspace $ws10 + +# move focused container to workspace +bindsym $mod+Shift+1 move container to workspace $ws1 +bindsym $mod+Shift+2 move container to workspace $ws2 +bindsym $mod+Shift+3 move container to workspace $ws3 +bindsym $mod+Shift+4 move container to workspace $ws4 +bindsym $mod+Shift+5 move container to workspace $ws5 +bindsym $mod+Shift+6 move container to workspace $ws6 +bindsym $mod+Shift+7 move container to workspace $ws7 +bindsym $mod+Shift+8 move container to workspace $ws8 +bindsym $mod+Shift+9 move container to workspace $ws9 +bindsym $mod+Shift+0 move container to workspace $ws10 + +# reload the configuration file +bindsym $mod+Shift+c reload +# restart i3 inplace (preserves your layout/session, can be used to upgrade i3) +bindsym $mod+Shift+r restart +# exit i3 (logs you out of your X session) +bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'" + +bindsym $mod+p exec i3-sensible-pager + +# resize window (you can also use the mouse for that) +mode "resize" { + # These bindings trigger as soon as you enter the resize mode + + # Pressing left will shrink the window’s width. + # Pressing right will grow the window’s width. + # Pressing up will shrink the window’s height. + # Pressing down will grow the window’s height. + bindsym j resize shrink width 10 px or 10 ppt + bindsym k resize grow height 10 px or 10 ppt + bindsym l resize shrink height 10 px or 10 ppt + bindsym semicolon resize grow width 10 px or 10 ppt + + # same bindings, but for the arrow keys + bindsym Left resize shrink width 10 px or 10 ppt + bindsym Down resize grow height 10 px or 10 ppt + bindsym Up resize shrink height 10 px or 10 ppt + bindsym Right resize grow width 10 px or 10 ppt + + # back to normal: Enter or Escape or $mod+r + bindsym Return mode "default" + bindsym Escape mode "default" + bindsym $mod+r mode "default" +} + +bindsym $mod+r mode "resize" + +# Start i3bar to display a workspace bar (plus the system information i3status +# finds out, if available) +bar { + position top + status_command i3status +} ''; }; From 31df4e128b094a757fff6641db22a042e3da6b8a Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 20 May 2019 11:42:36 +0200 Subject: [PATCH 31/76] nixpkgs: 04954e3 -> 705986f --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index ae75f6074..811eb826e 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "04954e39df88487bf5b6bb5e532520e83a6c22ea", - "date": "2019-05-04T20:25:55-04:00", - "sha256": "1l6wc13mwwhv0msa0596wvsq2j2kxj1wjchdz4v1zzia781rpd8m", + "rev": "705986f5a986be5c5ae13193b487c7ec8ca05f16", + "date": "2019-05-18T20:38:59-04:00", + "sha256": "0zpch2cpl2yx0mp7hnyjd03hqs7rxza9wc2p97njsdzhi56gxwxp", "fetchSubmodules": false } From 73997358e457b51c72d954546451008560a4adfc Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 20 May 2019 13:30:22 +0200 Subject: [PATCH 32/76] l vim lsp: show errors in ASCII --- lass/2configs/vim.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index a26255d49..f55886e2e 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -82,7 +82,10 @@ let \ 'go': ['~/go/bin/go-langserver'] \ } - let g:LanguageClient_diagnosticsDisplay = { 2: { "signText": "W" } } + let g:LanguageClient_diagnosticsDisplay = { + \ 1: { "signText": "E" }, + \ 2: { "signText": "W" } + \ } nmap q :buffer nmap :buffer From c74d86cf6a1299ba0a11fcfb2341a8632b147420 Mon Sep 17 00:00:00 2001 From: magenbluten Date: Tue, 21 May 2019 19:43:40 +0200 Subject: [PATCH 33/76] mb: add new machines --- krebs/3modules/mb/default.nix | 52 ++++++++ mb/1systems/gr33n/configuration.nix | 130 +++++++++++++++++++ mb/1systems/gr33n/hardware-configuration.nix | 37 ++++++ mb/1systems/orange/configuration.nix | 2 + mb/1systems/p1nk/configuration.nix | 1 + 5 files changed, 222 insertions(+) create mode 100644 mb/1systems/gr33n/configuration.nix create mode 100644 mb/1systems/gr33n/hardware-configuration.nix diff --git a/krebs/3modules/mb/default.nix b/krebs/3modules/mb/default.nix index c98db4b27..d6e45ba57 100644 --- a/krebs/3modules/mb/default.nix +++ b/krebs/3modules/mb/default.nix @@ -63,6 +63,58 @@ in { }; }; }; + gr33n = { + nets = { + retiolum = { + ip4.addr = "10.243.42.123"; + aliases = [ + "gr33n.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqecLfk8TlGFF7JJpv8 + kjLFNgoNfu9FYRMNG4GSxWL5w+49n6b+GC5ciOC+RJ+N56jfB9JYE0MtbuOmkY5M + JUphuvgOCNhTbBJsjnmG9n02evpxZn9HWypNC3oQCvY2K7vHpIxGKR5PyTVKPO0P + OOYKAbCLD9F2bmuLaBQ/dFXFQxfu3tjvJI9mYDWBpSkh1mYeMZLw2xxnRZLs0bEO + ZWdzxCh9UM/mgb4WYuNED9+sz7MSsaMPAqquarFCguUxhjp6rElGFcNWjXaxA5zt + JGS6VompUViVSHjSaQ5/3VRKoIQjr4NOFYQqLpmB5S2OpiggV6I9OpB7QUGlvcYd + I3j+1AeK11HuEyPqSwxjNCCrI12bSIo3685BPHbl+AMhWGhzrCkAGcOCbAefreXQ + 5v4SaKUIDlCYhN+vyNdlu2jvqQlxfJrPAfBt+jJBK6gMcAEKc7P/Oj4B9Fsl331X + s0kWH5G9t6OhO/Of8/kb2/P+YEbM6zi1QQdZAOr6Cg0y4cMt9zxLWknaM4yEDAXH + oSM33PTv9DOvBjfxRXqOHqOHRq5ayqZdIFgfLUlPTdbWRkhNzjG8f7k7p32m20A6 + Kal+OF//I2c9E9vKFzyepyTcnwi3B8+cFJ74+XYaNApdwHSb1BU/+c3O9RJExZGV + jtTSbSJHU5esECtAuXy1XH8CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; + sunsh1n3 = { + nets = { + retiolum = { + ip4.addr = "10.243.42.142"; + aliases = [ + "sunsh1n3.r" + ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo2VCqp6mUbyo3n+1XpKf + QavpgRYQyv9wAZzYSYHjxThuLmNb/wERPbWJFMZfAGuku0blKWJISSgFWd9YL7dU + pZQZxfqo/9xnS/r0xIKrKSsBiTZt7JZmTQzj1ri11TIO0S1QPjIP5HsxlZZAw0nz + idEDlKmgWs74FPdezlXqvJyEUKDqL/ZQBtdhZZIDMkSJnCdBzXxKwv+uLVE46ZBf + 4HrtQjcj+dyVMogMIoseAgf5lS6V3pyCM7/NHZFxrIxoIAxSsUoB59i2EbK6aUK5 + yuiWHI6ZHToxN2K/0SX96hzxcwrUmdk49tTHBY0Zhn2ku6NjQPU3LuxgIwrSaSJD + /KWh6XkqR7EsCVN0AIsLvFelI2ckSyNyAlnYbMAHDt7GwHlNp4Lsy+x4ZQ6m0xTY + Z+/jt6sfoMiulPcwWEpqNCCf5A65lF77DldQhH3qYrdQ756n/kOqSfQtPCnVNYXy + LlN5rKCOgxKxxtKkwMUif2OM9RPHpM7wS09Rvek6zpL9ymhU5THF7UylLKxKGjYj + 6dTooyRVQRJdrwIYLrJIy0MfGyYiGAJxf/C0KOOZnJPCW2b51+bo5Zh+BhKZYN8H + C2DEGc8+4h5hX1TAaUfTpfVm3mMTh8H2m9N8Pdl5ji+A0m0IwHDLQyaoskcxSjvU + 9IxYLfkSD6AJqasnHlz0L08CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; }; users = { mb = { diff --git a/mb/1systems/gr33n/configuration.nix b/mb/1systems/gr33n/configuration.nix new file mode 100644 index 000000000..4342ba0e2 --- /dev/null +++ b/mb/1systems/gr33n/configuration.nix @@ -0,0 +1,130 @@ +{ config, pkgs, callPackage, ... }: let + unstable = import { config = { allowUnfree = true; }; }; +in { + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + ]; + + krebs.build.host = config.krebs.hosts.gr33n; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.extraModulePackages = with config.boot.kernelPackages; [ wireguard ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; + fileSystems."/mnt/public" = { + device = "//192.168.0.4/public"; + fsType = "cifs"; + options = let + automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; + }; + + i18n = { + consoleFont = "Lat2-Terminus16"; + consoleKeyMap = "de"; + defaultLocale = "en_US.UTF-8"; + }; + + time.timeZone = "Europe/Berlin"; + + nixpkgs.config.allowUnfree = true; + + nixpkgs.config.packageOverrides = super: { + openvpn = super.openvpn.override { + pkcs11Support = true; + useSystemd = false; + }; + }; + + environment.shellAliases = { + ll = "ls -alh"; + ls = "ls --color=tty"; + }; + + environment.systemPackages = with pkgs; [ + curl + fish + git + htop + nmap + ranger + tcpdump + tmux + traceroute + tree + vim + wcalc + wget + xz + ]; + + programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + + sound.enable = false; + + services.openssh.enable = true; + services.openssh.passwordAuthentication = false; + + networking.wireless.enable = false; + networking.networkmanager.enable = false; + krebs.iptables.enable = true; + networking.enableIPv6 = false; + + programs.fish = { + enable = true; + shellInit = '' + function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' + if begin + set -q SSH_AGENT_PID + and kill -0 $SSH_AGENT_PID + and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline + end + echo "ssh-agent running on pid $SSH_AGENT_PID" + else + eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') + end + set -l identity $HOME/.ssh/id_rsa + set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') + ssh-add -l | grep -q $fingerprint + or ssh-add $identity + end + ''; + promptInit = '' + function fish_prompt --description 'Write out the prompt' + set -l color_cwd + set -l suffix + set -l nix_shell_info ( + if test "$IN_NIX_SHELL" != "" + echo -n " " + end + ) + switch "$USER" + case root toor + if set -q fish_color_cwd_root + set color_cwd $fish_color_cwd_root + else + set color_cwd $fish_color_cwd + end + set suffix '#' + case '*' + set color_cwd $fish_color_cwd + set suffix '>' + end + + echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " + end + ''; + }; + + nix.buildCores = 4; + system.autoUpgrade.enable = false; + system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; + system.stateVersion = "19.03"; + +} diff --git a/mb/1systems/gr33n/hardware-configuration.nix b/mb/1systems/gr33n/hardware-configuration.nix new file mode 100644 index 000000000..1d13b8dc7 --- /dev/null +++ b/mb/1systems/gr33n/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, ... }: + +{ + imports = + [ + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + boot.initrd.mdadmConf = '' + ARRAY /dev/md0 level=raid6 num-devices=4 metadata=1.2 name=gr33n:0 UUID=5b715fd9:0be6bfa6:19f07db4:c16836d6 + devices=/dev/sda1,/dev/sdb1,/dev/sdc1,/dev/sdd1 + ''; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/a9f2c19b-f60f-450c-87f1-146a54c4198b"; + fsType = "ext4"; + }; + fileSystems."/storage" = + { device = "/dev/disk/by-label/storage"; + fsType = "ext4"; + }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/93EB-BCA3"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + nix.maxJobs = lib.mkDefault 4; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; +} diff --git a/mb/1systems/orange/configuration.nix b/mb/1systems/orange/configuration.nix index fb844717b..3e90f89a2 100644 --- a/mb/1systems/orange/configuration.nix +++ b/mb/1systems/orange/configuration.nix @@ -148,6 +148,8 @@ in { sound.enable = true; hardware.pulseaudio.enable = true; + hardware.pulseaudio.support32Bit = true; + nixpkgs.config.pulseaudio = true; services.xserver = { enable = true; diff --git a/mb/1systems/p1nk/configuration.nix b/mb/1systems/p1nk/configuration.nix index 73ef04bff..905630e78 100644 --- a/mb/1systems/p1nk/configuration.nix +++ b/mb/1systems/p1nk/configuration.nix @@ -142,6 +142,7 @@ in { sound.enable = true; hardware.pulseaudio.enable = true; + hardware.pulseaudio.support32Bit = true; services.xserver = { enable = true; From be12b8a41370f50b413376717a5db38edfebd828 Mon Sep 17 00:00:00 2001 From: magenbluten Date: Tue, 21 May 2019 20:23:09 +0200 Subject: [PATCH 34/76] mb sunshine.r: disable ci --- krebs/3modules/mb/default.nix | 2 +- submodules/krops | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/mb/default.nix b/krebs/3modules/mb/default.nix index d6e45ba57..e77811f08 100644 --- a/krebs/3modules/mb/default.nix +++ b/krebs/3modules/mb/default.nix @@ -3,7 +3,6 @@ with import ; hostDefaults = hostName: host: flip recursiveUpdate host { ci = true; - monitoring = true; owner = config.krebs.users.mb; }; @@ -90,6 +89,7 @@ in { }; }; sunsh1n3 = { + ci = false; nets = { retiolum = { ip4.addr = "10.243.42.142"; diff --git a/submodules/krops b/submodules/krops index ee41207df..5b8fb8dc0 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit ee41207df1ce718e0b154ed8047384118a0133a4 +Subproject commit 5b8fb8dc0ee14672d7fd533bd98635b8725dbb29 From 08ddffd7812f9ec42f9946dd2c4f8cc4eb7b656c Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 28 May 2019 09:33:37 +0200 Subject: [PATCH 35/76] nixpkgs: 705986f -> e2883c3 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 811eb826e..340b926ce 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "705986f5a986be5c5ae13193b487c7ec8ca05f16", - "date": "2019-05-18T20:38:59-04:00", - "sha256": "0zpch2cpl2yx0mp7hnyjd03hqs7rxza9wc2p97njsdzhi56gxwxp", + "rev": "e2883c31628ea0f3e00f899062327468a20d1aa1", + "date": "2019-05-27T17:09:30-04:00", + "sha256": "1xrpd8ykr8g3h4b33z69vngh6hfayi51jajbnfm6phhpwgd6mmld", "fetchSubmodules": false } From f846ad7bea7bfb201d3e8c7adbc7e4a4c21c604e Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:01:10 +0200 Subject: [PATCH 36/76] kruck.r: add video.kruck.r alias --- krebs/3modules/external/palo.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix index cefac0959..8510cb9ae 100644 --- a/krebs/3modules/external/palo.nix +++ b/krebs/3modules/external/palo.nix @@ -34,7 +34,10 @@ in { retiolum = { ip4.addr = "10.243.23.3"; tinc.port = 720; - aliases = [ "kruck.r" ]; + aliases = [ + "kruck.r" + "video.kruck.r" + ]; tinc.pubkey = tinc-for "palo"; }; }; From c8784043f10e6c5456816e2704f9e01cf1c366ee Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:01:49 +0200 Subject: [PATCH 37/76] schasch.r: add syncthing.id --- krebs/3modules/external/palo.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/external/palo.nix b/krebs/3modules/external/palo.nix index 8510cb9ae..05808714c 100644 --- a/krebs/3modules/external/palo.nix +++ b/krebs/3modules/external/palo.nix @@ -52,6 +52,7 @@ in { tinc.pubkey = tinc-for "palo"; }; }; + syncthing.id = "FLY7DHI-TJLEQBJ-JZNC4YV-NBX53Z2-ZBRWADL-BKSFXYZ-L4FMDVH-MOSEVAQ"; }; workhorse = { owner = config.krebs.users.palo; From 64539ffaa463db7a8d9f01953fba3fd9a2bba0ec Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:02:30 +0200 Subject: [PATCH 38/76] l prism.r: add codi.lassul.us --- krebs/3modules/lass/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 41f3852b9..f4c8f5c6a 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -35,6 +35,7 @@ in { default._domainkey 60 IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUv3DMndFellqu208feABEzT/PskOfTSdJCOF/HELBR0PHnbBeRoeHEm9XAcOe/Mz2t/ysgZ6JFXeFxCtoM5fG20brUMRzsVRxb9Ur5cEvOYuuRrbChYcKa+fopu8pYrlrqXD3miHISoy6ErukIYCRpXWUJHi1TlNQhLWFYqAaywIDAQAB" cache 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} cgit 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} + codi 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} go 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} io 60 IN NS ions.lassul.us. ions 60 IN A ${config.krebs.hosts.prism.nets.internet.ip4.addr} From 441ae45dc78e188493ad1bb5e9e075a5e4fbe86a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:04:11 +0200 Subject: [PATCH 39/76] l daedalus.r: add altcoins pkgs --- lass/1systems/daedalus/config.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/1systems/daedalus/config.nix b/lass/1systems/daedalus/config.nix index 6e3df12f0..df8868034 100644 --- a/lass/1systems/daedalus/config.nix +++ b/lass/1systems/daedalus/config.nix @@ -57,6 +57,8 @@ with import ; { krebs.per-user.bitcoin.packages = [ pkgs.electrum + pkgs.electron-cash + pkgs.altcoins.litecoin ]; users.extraUsers = { bitcoin = { From 34791532ac850fd575f5b23cc25296409a19eed2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:05:02 +0200 Subject: [PATCH 40/76] l mors.r: add free_music sync --- lass/1systems/mors/config.nix | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix index f911b79d6..5076beeef 100644 --- a/lass/1systems/mors/config.nix +++ b/lass/1systems/mors/config.nix @@ -49,14 +49,31 @@ with import ; ]; } { - krebs.syncthing.folders."the_playlist" = { - path = "/home/lass/tmp/the_playlist"; - peers = [ "mors" "phone" "prism" ]; + krebs.syncthing = { + peers.schasch.addresses = [ "schasch.r:22000" ]; + folders = { + the_playlist = { + path = "/home/lass/tmp/the_playlist"; + peers = [ "mors" "phone" "prism" ]; + }; + free_music = { + id = "mu9mn-zgvsw"; + path = "/home/lass/tmp/free_music"; + peers = [ "mors" "schasch" ]; + }; + }; }; - krebs.permown."/home/lass/tmp/the_playlist" = { - owner = "lass"; - group = "syncthing"; - umask = "0007"; + krebs.permown = { + "/home/lass/tmp/free_music" = { + owner = "lass"; + group = "syncthing"; + umask = "0007"; + }; + "/home/lass/tmp/the_playlist" = { + owner = "lass"; + group = "syncthing"; + umask = "0007"; + }; }; } { From ac0749765211031c9ac677b2f9c6907457ae60a3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:18:24 +0200 Subject: [PATCH 41/76] syncthing: add more options, remove uneeded id --- krebs/3modules/syncthing.nix | 39 ++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 15 deletions(-) diff --git a/krebs/3modules/syncthing.nix b/krebs/3modules/syncthing.nix index 897ba1e7f..9c6acfb0c 100644 --- a/krebs/3modules/syncthing.nix +++ b/krebs/3modules/syncthing.nix @@ -22,7 +22,7 @@ let getApiKey = pkgs.writeDash "getAPIKey" '' ${pkgs.libxml2}/bin/xmllint \ --xpath 'string(configuration/gui/apikey)'\ - ${config.services.syncthing.dataDir}/config.xml + ${config.services.syncthing.configDir}/config.xml ''; updateConfig = pkgs.writeDash "merge-syncthing-config" '' @@ -31,9 +31,9 @@ let ${pkgs.untilport}/bin/untilport localhost 8384 API_KEY=$(${getApiKey}) CFG=$(${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config) - echo "$CFG" | ${pkgs.jq}/bin/jq -s '.[] * { - "devices": ${builtins.toJSON devices}, - "folders": ${builtins.toJSON folders} + echo "$CFG" | ${pkgs.jq}/bin/jq -s '.[] as $in | $in * { + "devices": (${builtins.toJSON devices}${optionalString (! cfg.overridePeers) " + $in.devices"}), + "folders": (${builtins.toJSON folders}${optionalString (! cfg.overrideFolders) " + $in.folders"}) }' | ${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/config -d @- ${pkgs.curl}/bin/curl -Ss -H "X-API-Key: $API_KEY" localhost:8384/rest/system/restart -X POST ''; @@ -45,11 +45,6 @@ in enable = mkEnableOption "syncthing-init"; - id = mkOption { - type = types.str; - default = config.krebs.build.host.name; - }; - cert = mkOption { type = types.nullOr types.absolute-pathname; default = null; @@ -60,6 +55,13 @@ in default = null; }; + overridePeers = mkOption { + type = types.bool; + default = true; + description = '' + Whether to delete the peers which are not configured via the peers option + ''; + }; peers = mkOption { default = {}; type = types.attrsOf (types.submodule ({ @@ -80,6 +82,13 @@ in })); }; + overrideFolders = mkOption { + type = types.bool; + default = true; + description = '' + Whether to delete the folders which are not configured via the peers option + ''; + }; folders = mkOption { default = {}; type = types.attrsOf (types.submodule ({ config, ... }: { @@ -135,14 +144,14 @@ in systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) { preStart = '' ${optionalString (cfg.cert != null) '' - cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem - chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/cert.pem - chmod 400 ${config.services.syncthing.dataDir}/cert.pem + cp ${toString cfg.cert} ${config.services.syncthing.configDir}/cert.pem + chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.configDir}/cert.pem + chmod 400 ${config.services.syncthing.configDir}/cert.pem ''} ${optionalString (cfg.key != null) '' - cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem - chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/key.pem - chmod 400 ${config.services.syncthing.dataDir}/key.pem + cp ${toString cfg.key} ${config.services.syncthing.configDir}/key.pem + chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.configDir}/key.pem + chmod 400 ${config.services.syncthing.configDir}/key.pem ''} ''; }; From e0af72f1f3531576caee2608cf407b8bb4c05ea2 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:19:37 +0200 Subject: [PATCH 42/76] l mors.r: switch wifi card --- lass/1systems/mors/physical.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/mors/physical.nix b/lass/1systems/mors/physical.nix index 25425f146..6828d70de 100644 --- a/lass/1systems/mors/physical.nix +++ b/lass/1systems/mors/physical.nix @@ -22,7 +22,7 @@ }; services.udev.extraRules = '' - SUBSYSTEM=="net", ATTR{address}=="10:0b:a9:72:f4:88", NAME="wl0" + SUBSYSTEM=="net", DEVPATH=="/devices/pci*/*1c.1/*/net/*", NAME="wl0" SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:c4:7a:f1", NAME="et0" ''; From 86e5815ba3b05acbd49aa910dbabdfbb21de0e23 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:20:45 +0200 Subject: [PATCH 43/76] l prism.r: enable codimd --- lass/1systems/prism/config.nix | 1 + lass/2configs/codimd.nix | 28 ++++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 lass/2configs/codimd.nix diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index d7b0b701a..57a12be22 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -195,6 +195,7 @@ with import ; }; } + { services.taskserver = { enable = true; diff --git a/lass/2configs/codimd.nix b/lass/2configs/codimd.nix new file mode 100644 index 000000000..5f802148b --- /dev/null +++ b/lass/2configs/codimd.nix @@ -0,0 +1,28 @@ +{ config, pkgs, ... }: +with import ; + +{ + services.nginx.virtualHosts.codimd = { + enableACME = true; + addSSL = true; + serverName = "codi.lassul.us"; + locations."/".extraConfig = '' + client_max_body_size 4G; + proxy_set_header Host $host; + proxy_pass http://localhost:3091; + ''; + }; + + services.codimd = { + enable = true; + configuration = { + db = { + dialect = "sqlite"; + storage = "/var/lib/codimd/db.codimd.sqlite"; + useCDN = false; + }; + port = 3091; + }; + }; +} + From 418e9f566511af814a4b3bf4c653cca036796a73 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:24:31 +0200 Subject: [PATCH 44/76] l prism.r: export download/finished directly --- lass/1systems/prism/config.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index 57a12be22..e33d1ca9f 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -383,7 +383,7 @@ with import ; ''; fileSystems."/export/download" = { - device = "/var/lib/containers/yellow/var/download"; + device = "/var/lib/containers/yellow/var/download/finished"; options = [ "bind" ]; }; services.nfs.server = { From 65907391192875d0051f92950516a70919272c26 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:25:20 +0200 Subject: [PATCH 45/76] l prism.r: allow nfs mount from retiolum --- lass/1systems/prism/config.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index e33d1ca9f..dbbcbc5d1 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -396,6 +396,12 @@ with import ; statdPort = 4000; }; krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 111"; target = "ACCEPT"; } + { predicate = "-i retiolum -p udp --dport 111"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i retiolum -p udp --dport 2049"; target = "ACCEPT"; } + { predicate = "-i retiolum -p tcp --dport 4000:4002"; target = "ACCEPT"; } + { predicate = "-i retiolum -p udp --dport 4000:4002"; target = "ACCEPT"; } { predicate = "-i wiregrill -p tcp --dport 111"; target = "ACCEPT"; } { predicate = "-i wiregrill -p udp --dport 111"; target = "ACCEPT"; } { predicate = "-i wiregrill -p tcp --dport 2049"; target = "ACCEPT"; } From 4d48a1e10942f2885f9728d736f7c87b58780982 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:32:59 +0200 Subject: [PATCH 46/76] l prism.r: add rsa hostKey --- lass/1systems/prism/config.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index dbbcbc5d1..eec8e34b8 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -463,4 +463,10 @@ with import ; enable = true; freeMemThreshold = 5; }; + + # prism rsa hack + services.openssh.hostKeys = [{ + path = toString + "ssh.id_rsa"; + type = "rsa"; + }]; } From 14b4c59c5bcc9c6414ecd147436f234f5aa3f133 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:34:59 +0200 Subject: [PATCH 47/76] l browsers: remove broken krebsgold :( --- lass/2configs/browsers.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix index d214e224d..c0085995d 100644 --- a/lass/2configs/browsers.nix +++ b/lass/2configs/browsers.nix @@ -66,7 +66,6 @@ in { extensions = [ "cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium - "liloimnbhkghhdhlamdjipkmadhpcjmn" # krebsgold ]; }; From 74d0821e3a1207952cf639ac24009e7533aeff17 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:35:43 +0200 Subject: [PATCH 48/76] l: add more mail addresses --- lass/2configs/exim-smarthost.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 4216bd67a..d1e6b195b 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -103,6 +103,9 @@ with import ; { from = "lobsters@lassul.us"; to = lass.mail; } { from = "fysitech@lassul.us"; to = lass.mail; } { from = "threema@lassul.us"; to = lass.mail; } + { from = "ubisoft@lassul.us"; to = lass.mail; } + { from = "kottezeller@lassul.us"; to = lass.mail; } + { from = "pie@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } From a5160c8d4f17fd9baf66aabcc8c5535e4f471a3e Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:37:05 +0200 Subject: [PATCH 49/76] l radio: add correct hostname headers --- lass/2configs/radio.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 88899c554..7960db564 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -97,7 +97,7 @@ in { services.icecast = { enable = true; - hostname = "config.krebs.build.host.name"; + hostname = "radio.lassul.us"; admin.password = admin-password; extraConf = '' @@ -218,6 +218,11 @@ in { forceSSL = true; enableACME = true; locations."/".extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Real-IP $remote_addr; proxy_pass http://localhost:8000; ''; locations."/recent".extraConfig = '' From ab0d80fde8a990c3522ac13e4ddd91c23e349391 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:37:33 +0200 Subject: [PATCH 50/76] l network-manager: randomize mac addresses --- lass/2configs/network-manager.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lass/2configs/network-manager.nix b/lass/2configs/network-manager.nix index 5b890b591..ab27eb841 100644 --- a/lass/2configs/network-manager.nix +++ b/lass/2configs/network-manager.nix @@ -15,6 +15,8 @@ }; }; networking.networkmanager = { + ethernet.macAddress = "random"; + wifi.macAddress = "random"; enable = true; unmanaged = [ "docker*" From 4c7f444c70c48b0230019d4b2e7f17519a4f3d1a Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:38:23 +0200 Subject: [PATCH 51/76] l radio: secure radio mounts with password --- lass/2configs/radio.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 7960db564..49d093a6d 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -100,9 +100,14 @@ in { hostname = "radio.lassul.us"; admin.password = admin-password; extraConf = '' - - ${source-password} - + + /radio.mp3 + ${source-password} + + + /radio.ogg + ${source-password} + ''; }; From 78a3cfb6fff1488437d22834709ffd04b287b819 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:39:56 +0200 Subject: [PATCH 52/76] l radio: fix Reaktor pattern --- lass/2configs/radio.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix index 49d093a6d..b4efd42fc 100644 --- a/lass/2configs/radio.nix +++ b/lass/2configs/radio.nix @@ -199,8 +199,8 @@ in { workdir = config.krebs.reaktor2.the_playlist.stateDir; hooks.PRIVMSG = [ { - activate = "match"; - pattern = ''!([^ ]+)(?:\s*(.*))?''; + #activate = "match"; + pattern = "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$"; command = 1; arguments = [2]; commands = { From a122fec9e559e8050f03e6cd0c348490636bc9dd Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:40:24 +0200 Subject: [PATCH 53/76] l retiolum: remove dishfire as supernode --- lass/2configs/retiolum.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index fb76c5735..5a87d52af 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -20,7 +20,6 @@ "prism" "gum" "ni" - "dishfire" ]; }; From 65c2a882482a8c9ceeebff68dc38be83ab44ee12 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:40:44 +0200 Subject: [PATCH 54/76] l retiolum: enable localDiscovery --- lass/2configs/retiolum.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lass/2configs/retiolum.nix b/lass/2configs/retiolum.nix index 5a87d52af..9932f8172 100644 --- a/lass/2configs/retiolum.nix +++ b/lass/2configs/retiolum.nix @@ -21,6 +21,9 @@ "gum" "ni" ]; + extraConfig = '' + LocalDiscovery = yes + ''; }; nixpkgs.config.packageOverrides = pkgs: { From b216553984b5b3fadb297bdf2f8f019daa1c957b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:47:34 +0200 Subject: [PATCH 55/76] l syncthing: don't share sync with phone --- lass/2configs/syncthing.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 48f2625c1..25712f4f3 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -1,5 +1,7 @@ { config, pkgs, ... }: with import ; let - peers = mapAttrs (n: v: { id = v.syncthing.id; }) (filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts); + all_peers = filterAttrs (n: v: v.syncthing.id != null) config.krebs.hosts; + own_peers = filterAttrs (n: v: v.owner.name == "lass") all_peers; + mk_peers = mapAttrs (n: v: { id = v.syncthing.id; }); in { services.syncthing = { enable = true; @@ -14,8 +16,8 @@ in { enable = true; cert = toString ; key = toString ; - peers = peers; - folders."/home/lass/sync".peers = attrNames peers; + peers = mk_peers all_peers; + folders."/home/lass/sync".peers = attrNames (filterAttrs (n: v: n != "phone") own_peers); }; system.activationScripts.syncthing-home = '' From dda92fcf0bc438186d6880b6bd6650f799d249b5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:47:58 +0200 Subject: [PATCH 56/76] l syncthing: fix permissions of sync --- lass/2configs/syncthing.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lass/2configs/syncthing.nix b/lass/2configs/syncthing.nix index 25712f4f3..d4df17b9a 100644 --- a/lass/2configs/syncthing.nix +++ b/lass/2configs/syncthing.nix @@ -25,8 +25,9 @@ in { ''; krebs.permown."/home/lass/sync" = { + file-mode = "u+rw,g+rw"; owner = "lass"; group = "syncthing"; - umask = "0007"; + umask = "0002"; }; } From 0c9a0c690e6ec575f7e72af3a8a91096c60c21e3 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:48:42 +0200 Subject: [PATCH 57/76] l domsen: add jarugadesign user, mail & page --- lass/2configs/websites/domsen.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 2131c7c62..865186481 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -26,6 +26,7 @@ in { ./default.nix ./sqlBackup.nix (servePage [ "reich-gebaeudereinigung.de" "www.reich-gebaeudereinigung.de" ]) + (servePage [ "jarugadesign.de" "www.jarugadesign.de" ]) (servePage [ "freemonkey.art" "www.freemonkey.art" @@ -141,6 +142,7 @@ in { { from = "akayguen@freemonkey.art"; to ="akayguen"; } { from = "bui@freemonkey.art"; to ="bui"; } { from = "kontakt@alewis.de"; to ="klabusterbeere"; } + { from = "hallo@jarugadesign.de"; to ="kasia"; } { from = "testuser@lassul.us"; to = "testuser"; } { from = "testuser@ubikmedia.eu"; to = "testuser"; } @@ -150,6 +152,7 @@ in { "ubikmedia.eu" "ubikmedia.de" "alewis.de" + "jarugadesign.de" ]; ssl_cert = "/var/lib/acme/lassul.us/fullchain.pem"; ssl_key = "/var/lib/acme/lassul.us/key.pem"; @@ -235,6 +238,12 @@ in { }; krebs.on-failure.plans.restic-backups-domsen = {}; + users.users.kasia = { + uid = genid_uint31 "kasia"; + home = "/home/kasia"; + useDefaultShell = true; + createHome = true; + }; services.restic.backups.domsen = { initialize = true; extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString + "/ssh.id_ed25519"} -s sftp'" ]; From d68e0e2e2d9f2aa07e5daf950971f4f6ff1634b7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:10 +0200 Subject: [PATCH 58/76] l domsen: set nextcloud overwriteProtocol --- lass/2configs/websites/domsen.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 865186481..912d56925 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -94,6 +94,7 @@ in { hostName = "o.xanf.org"; config = { adminpassFile = toString + "/nextcloud_pw"; + overwriteProtocol = "https"; }; https = true; nginx.enable = true; From f8164a8e32b646464376afa951232085c9f1322b Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:29 +0200 Subject: [PATCH 59/76] l domsen: increase journalctl lines in backup errors --- lass/2configs/websites/domsen.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index 912d56925..c99bd7b15 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -238,13 +238,18 @@ in { createHome = true; }; - krebs.on-failure.plans.restic-backups-domsen = {}; users.users.kasia = { uid = genid_uint31 "kasia"; home = "/home/kasia"; useDefaultShell = true; createHome = true; }; + + krebs.on-failure.plans.restic-backups-domsen = { + journalctl = { + lines = 1000; + }; + }; services.restic.backups.domsen = { initialize = true; extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr2.duckdns.org -S none -v -p 52222 -i ${toString + "/ssh.id_ed25519"} -s sftp'" ]; From 70a58ef2e310521029de794caba6c8351ac99e86 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 29 May 2019 15:49:45 +0200 Subject: [PATCH 60/76] l domsen: use permown for permissions --- lass/2configs/websites/domsen.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index c99bd7b15..9980e0501 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -262,11 +262,41 @@ in { "/home/ms/Mail" "/home/klabusterbeere/Mail" "/home/jms/Mail" + "/home/kasia/Mail" "/home/bruno/Mail" "/home/akayguen/Mail" "/backups/sql_dumps" ]; }; + boot.kernel.sysctl."fs.inotify.max_user_watches" = "1048576"; + krebs.permown = { + "/srv/http/ubikmedia.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0007"; + }; + "/srv/http/o.ubikmedia.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0007"; + }; + "/srv/http/freemonkey.art" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + "/srv/http/jarugadesign.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + "/srv/http/reich-gebaeudereinigung.de" = { + owner = "domsen"; + group = "nginx"; + umask = "0002"; + }; + }; + } From 4caeb3d3f8525721cefa7a74e79781a3b9787eb6 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 12 Jun 2019 09:56:07 +0200 Subject: [PATCH 61/76] wolf.r: add declarative gitlab-runner --- krebs/1systems/wolf/config.nix | 1 + krebs/2configs/shack/gitlab-runner.nix | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 krebs/2configs/shack/gitlab-runner.nix diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index ec8830711..995e49669 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -26,6 +26,7 @@ in + { systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate systemd.services.telegraf.environment = { diff --git a/krebs/2configs/shack/gitlab-runner.nix b/krebs/2configs/shack/gitlab-runner.nix new file mode 100644 index 000000000..57d670ea3 --- /dev/null +++ b/krebs/2configs/shack/gitlab-runner.nix @@ -0,0 +1,21 @@ +{ pkgs, ... }: +let + runner-src = builtins.fetchTarball { + url = "https://gitlab.com/arianvp/nixos-gitlab-runner/-/archive/master/nixos-gitlab-runner-master.tar.gz"; + sha256 = "1s0fy5ny2ygcfvx35xws8xz5ih4z4kdfqlq3r6byxpylw7r52fyi"; + }; +in +{ + systemd.services.gitlab-runner.path = [ + "/run/wrappers" # /run/wrappers/bin/su + "/" # /bin/sh + ]; + imports = [ + "${runner-src}/gitlab-runner.nix" + ]; + services.gitlab-runner2.enable = true; + ## registrationConfigurationFile contains: + # CI_SERVER_URL= + # REGISTRATION_TOKEN= + services.gitlab-runner2.registrationConfigFile = ; +} From 30a90e48b91ba9d09da7cafe8ad81dcc153554d3 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 12 Jun 2019 20:53:02 +0200 Subject: [PATCH 62/76] wolf.r: add documentation for imports --- krebs/1systems/wolf/config.nix | 90 +++++++++------------------------- 1 file changed, 24 insertions(+), 66 deletions(-) diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index 995e49669..f629c5984 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -11,84 +11,42 @@ in - - - + # handle the worlddomination map via coap + + # drivedroid.shack for shackphone # - + # Say if muell will be collected - - - - - { - systemd.services.telegraf.path = [ pkgs.net_snmp ]; # for snmptranslate - systemd.services.telegraf.environment = { - MIBDIRS = pkgs.fetchgit { - url = "http://git.shackspace.de/makefu/modem-mibs.git"; - sha256 = - "1rhrpaascvj5p3dj29hrw79gm39rp0aa787x95m3r2jrcq83ln1k"; - }; # extra mibs like ADSL - }; - services.telegraf = { - enable = true; - extraConfig = { - inputs = { - snmp = { - agents = [ "10.0.1.3:161" ]; - version = 2; - community = "shack"; - name = "snmp"; - field = [ - { - name = "hostname"; - oid = "RFC1213-MIB::sysName.0"; - is_tag = true; - } - { - name = "load-percent"; #cisco - oid = ".1.3.6.1.4.1.9.9.109.1.1.1.1.4.9"; - } - { - name = "uptime"; - oid = "DISMAN-EVENT-MIB::sysUpTimeInstance"; - } - ]; - table = [{ - name = "snmp"; - inherit_tags = [ "hostname" ]; - oid = "IF-MIB::ifXTable"; - field = [{ - name = "ifName"; - oid = "IF-MIB::ifName"; - is_tag = true; - }]; - }]; - }; - }; - outputs = { - influxdb = { - urls = [ "http://${influx-host}:8086" ]; - database = "telegraf"; - write_consistency = "any"; - timeout = "5s"; - }; - }; - }; - }; - } + # create samba share for anonymous usage with the laser and 3d printer pc + + + # mobile.lounge.mpd.shack + + # connect to git.shackspace.de as group runner for rz + + + # Statistics collection and visualization + + ## Collect data from mqtt.shack and store in graphite database + + ## Collect radioactive data and put into graphite + + ## Collect local statistics via collectd and send to collectd + + ## write collectd statistics to wolf.shack + + { services.influxdb.enable = true; } ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) - services.influxdb.enable = true; # local discovery in shackspace nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; @@ -157,10 +115,10 @@ in # fallout of ipv6calypse networking.extraHosts = '' hass.shack 10.42.2.191 - heidi.shack 10.42.2.135 ''; users.extraUsers.root.openssh.authorizedKeys.keys = [ + config.krebs.users."0x4a6f".pubkey config.krebs.users.ulrich.pubkey config.krebs.users.raute.pubkey config.krebs.users.makefu-omo.pubkey From 27f3c2cd53adce6a0dcc6e2b9e917b8da9486d24 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 13 Jun 2019 20:17:45 +0200 Subject: [PATCH 63/76] wolf.r: add netbox docker-compose --- krebs/1systems/wolf/config.nix | 2 ++ krebs/2configs/shack/netbox.nix | 39 +++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 krebs/2configs/shack/netbox.nix diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix index f629c5984..7ca0f0ec1 100644 --- a/krebs/1systems/wolf/config.nix +++ b/krebs/1systems/wolf/config.nix @@ -43,6 +43,8 @@ in ## write collectd statistics to wolf.shack { services.influxdb.enable = true; } + + ]; # use your own binary cache, fallback use cache.nixos.org (which is used by # apt-cacher-ng in first place) diff --git a/krebs/2configs/shack/netbox.nix b/krebs/2configs/shack/netbox.nix new file mode 100644 index 000000000..4fb5a7dbc --- /dev/null +++ b/krebs/2configs/shack/netbox.nix @@ -0,0 +1,39 @@ +{ pkgs, ... }: +{ + environment.systemPackages = [ pkgs.docker-compose ]; + virtualisation.docker.enable = true; + services.nginx = { + enable = true; + virtualHosts."netbox.shack".locations."/".proxyPass = "http://localhost:18080"; + }; + # we store the netbox config there: + # state = [ "/var/lib/netbox" ]; + systemd.services.backup-netbox = { + after = [ "netbox-docker-compose.service" ]; + startAt = "daily"; + path = with pkgs; [ docker-compose docker gzip coreutils ]; + script = '' + cd /var/lib/netbox + mkdir -p backup + docker-compose exec -T -upostgres postgres pg_dumpall \ + | gzip > backup/netdata_$(date -Iseconds).dump.gz + ''; + }; + + systemd.services.netbox-docker-compose = { + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" "docker.service" ]; + environment.VERSION = "v2.5.13"; + serviceConfig = { + WorkingDirectory = "/var/lib/netbox"; + # TODO: grep -q NAPALM_SECRET env/netbox.env + # TODO: grep -q NAPALM_SECRET netbox-netprod-importer/switches.yml + ExecStartPre = "${pkgs.docker-compose}/bin/docker-compose pull"; + ExecStart = "${pkgs.docker-compose}/bin/docker-compose up"; + Restart = "always"; + RestartSec = "10"; + StartLimitIntervalSec = 60; + StartLimitBurst = 3; + }; + }; +} From df8e811695bae334879981c6b2696be226e73f72 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 13 Jun 2019 20:28:32 +0200 Subject: [PATCH 64/76] external: add 0x4a6f --- krebs/3modules/external/default.nix | 4 ++++ krebs/3modules/external/ssh/0x4a6f.pub | 1 + 2 files changed, 5 insertions(+) create mode 100644 krebs/3modules/external/ssh/0x4a6f.pub diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 080c259aa..70c49cfcf 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -487,6 +487,10 @@ in { mail = "shackspace.de@myvdr.de"; pubkey = ssh-for "ulrich"; }; + "0x4a6f" = { + mail = "0x4a6f@shackspace.de"; + pubkey = ssh-for "0x4a6f"; + }; miaoski = { }; filly = { diff --git a/krebs/3modules/external/ssh/0x4a6f.pub b/krebs/3modules/external/ssh/0x4a6f.pub new file mode 100644 index 000000000..1ea084bad --- /dev/null +++ b/krebs/3modules/external/ssh/0x4a6f.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMoQSUz0wcV8tnTKsYO3sO6XG6EHap8R63ihfMHkxPS From 592d157eba8f1b5ba35f1fca64c2905897468f83 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 13 Jun 2019 20:43:32 +0200 Subject: [PATCH 65/76] wolf secrets: add shackspace-gitlab-ci --- krebs/0tests/data/secrets/shackspace-gitlab-ci | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 krebs/0tests/data/secrets/shackspace-gitlab-ci diff --git a/krebs/0tests/data/secrets/shackspace-gitlab-ci b/krebs/0tests/data/secrets/shackspace-gitlab-ci new file mode 100644 index 000000000..e69de29bb From 4e7af580d81f02f6d07d38917f124f4b99483603 Mon Sep 17 00:00:00 2001 From: lassulus Date: Thu, 13 Jun 2019 23:30:54 +0200 Subject: [PATCH 66/76] krops: get correct secrets --- krebs/krops.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/krops.nix b/krebs/krops.nix index 94418fdc2..8d38ed5b0 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -50,7 +50,7 @@ { nixos-config.symlink = "stockholm/krebs/1systems/${name}/config.nix"; secrets = if test then { - file = toString ; + file = toString ./0tests/data/secrets; } else { pass = { dir = "${lib.getEnv "HOME"}/brain"; From b6caea7a6219792d6c3a10567e15a0144a5c994b Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 14 Jun 2019 23:56:07 +0200 Subject: [PATCH 67/76] ma wiregrill: update gum, add rockit --- krebs/3modules/makefu/wiregrill/gum.pub | 2 +- krebs/3modules/makefu/wiregrill/rockit.pub | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 krebs/3modules/makefu/wiregrill/rockit.pub diff --git a/krebs/3modules/makefu/wiregrill/gum.pub b/krebs/3modules/makefu/wiregrill/gum.pub index 4a5f666cc..67d6c7216 100644 --- a/krebs/3modules/makefu/wiregrill/gum.pub +++ b/krebs/3modules/makefu/wiregrill/gum.pub @@ -1 +1 @@ -yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo= +A7UPKSUaCZaJ9hXv6X4jvcZ+5X+PlS1EmCwxlLBAKH0= diff --git a/krebs/3modules/makefu/wiregrill/rockit.pub b/krebs/3modules/makefu/wiregrill/rockit.pub new file mode 100644 index 000000000..6cb0d960d --- /dev/null +++ b/krebs/3modules/makefu/wiregrill/rockit.pub @@ -0,0 +1 @@ +YmvTL4c13WS6f88ZAz2m/2deL2pnPXI0Ay3edCPE1Qc= From df9b3fa1be5eb3e812f605ea78ac3f7363b52211 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 14 Jun 2019 23:58:24 +0200 Subject: [PATCH 68/76] shack/gitlab-runner: remove trailing whitespace --- krebs/2configs/shack/gitlab-runner.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/krebs/2configs/shack/gitlab-runner.nix b/krebs/2configs/shack/gitlab-runner.nix index 57d670ea3..0fd06426a 100644 --- a/krebs/2configs/shack/gitlab-runner.nix +++ b/krebs/2configs/shack/gitlab-runner.nix @@ -10,7 +10,7 @@ in "/run/wrappers" # /run/wrappers/bin/su "/" # /bin/sh ]; - imports = [ + imports = [ "${runner-src}/gitlab-runner.nix" ]; services.gitlab-runner2.enable = true; From ec93824f05c8f89e738831c2c059e934cbffafb8 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Jun 2019 00:53:35 +0200 Subject: [PATCH 69/76] external: add rilke.w --- krebs/3modules/external/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index 080c259aa..beff63dfa 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -241,6 +241,13 @@ in { }; }; }; + rilke = { + owner = config.krebs.users.kmein; + nets.wiregrill = { + aliases = [ "rilke.w" ]; + wireguard.pubkey = "09yVPHL/ucvqc6V5n7vFQ2Oi1LBMdwQZDL+7jBwy+iQ="; + }; + }; rock = { owner = config.krebs.users.Mic92; nets = { @@ -493,4 +500,3 @@ in { }; }; } - From eda35fc0a6e9f9a4d65d4ed6d47ef527bf612e0d Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 15 Jun 2019 01:05:01 +0200 Subject: [PATCH 70/76] ma: add rockit, wiregrill for gum --- krebs/3modules/makefu/default.nix | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index b38c9104f..dc9ade199 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -143,11 +143,19 @@ in { ci = true; cores = 4; nets = { + lan = { + ip4.addr = "192.168.8.11"; + aliases = [ + "wbob.lan" + "log.wbob.lan" + ]; + }; retiolum = { ip4.addr = "10.243.214.15"; aliases = [ "wbob.r" "hydra.wbob.r" + "log.wbob.r" ]; }; }; @@ -182,6 +190,7 @@ in { wiki.euer IN A ${nets.internet.ip4.addr} wikisearch IN A ${nets.internet.ip4.addr} io IN NS gum.krebsco.de. + mediengewitter IN CNAME over.dose.io. ''; }; cores = 8; @@ -196,13 +205,9 @@ in { }; wiregrill = { via = internet; + ip4.addr = "10.245.0.1"; ip6.addr = w6 "1"; - wireguard = { - subnets = [ - (krebs.genipv6 "wiregrill" "external" 0).subnetCIDR - (krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR - ]; - }; + wireguard.port = 51821; }; retiolum = { via = internet; @@ -247,7 +252,6 @@ in { cores = 1; extraZones = { "krebsco.de" = '' - mediengewitter IN A ${nets.internet.ip4.addr} flap IN A ${nets.internet.ip4.addr} ''; }; @@ -281,6 +285,10 @@ in { }; }; }; + rockit = rec { # router@home + cores = 1; + nets.wiregrill.ip4.addr = "10.245.0.2"; + }; senderechner = rec { cores = 2; From cdd1c018ec4a0022cc5d8ddf3ad355952131e8a2 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 15 Jun 2019 01:25:27 +0200 Subject: [PATCH 71/76] ma wiregrill: ipv4 for wiregrill LOL! --- krebs/3modules/makefu/default.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index dc9ade199..601762b93 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -205,9 +205,13 @@ in { }; wiregrill = { via = internet; - ip4.addr = "10.245.0.1"; + ip4.addr = "10.244.245.1"; ip6.addr = w6 "1"; wireguard.port = 51821; + wireguard.subnets = [ + (krebs.genipv6 "wiregrill" "makefu" 0).subnetCIDR + "10.244.245.0/24" # required for routing directly to gum via rockit + ]; }; retiolum = { via = internet; @@ -287,7 +291,7 @@ in { }; rockit = rec { # router@home cores = 1; - nets.wiregrill.ip4.addr = "10.245.0.2"; + nets.wiregrill.ip4.addr = "10.244.245.2"; }; senderechner = rec { From 3fa17455eff14e2f6c6bf4fef06c776a94014938 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Jun 2019 12:20:18 +0200 Subject: [PATCH 72/76] nixpkgs: e2883c3 -> 1601f55 --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 340b926ce..d294ca6d1 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "e2883c31628ea0f3e00f899062327468a20d1aa1", - "date": "2019-05-27T17:09:30-04:00", - "sha256": "1xrpd8ykr8g3h4b33z69vngh6hfayi51jajbnfm6phhpwgd6mmld", + "rev": "1601f559e89ba71091faa26888711d4dd24c2d4d", + "date": "2019-06-14T16:14:30-04:00", + "sha256": "0iayyz9617mz6424spwbi9qvmcl8hiql42czxg8mi4ycq4p1k0dx", "fetchSubmodules": false } From ff283af7b255418e2ca75bc54dadaf354d3a4dd7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 15 Jun 2019 18:24:06 +0200 Subject: [PATCH 73/76] external: add wilde.r (kmein) --- krebs/3modules/external/default.nix | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix index bdbfd1cb8..ac656f463 100644 --- a/krebs/3modules/external/default.nix +++ b/krebs/3modules/external/default.nix @@ -43,6 +43,31 @@ in { }; }; }; + wilde = { + owner = config.krebs.users.kmein; + nets = { + retiolum = { + ip4.addr = "10.243.2.4"; + aliases = [ "wilde.r" ]; + tinc.pubkey = '' + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtz/MY5OSxJqrEMv6Iwjk + g/V58MATljj+2bmOuOuPui/AUYHEZX759lHW4MgLjYdNbZEoVq8UgkxNk0KPGlSg + 2lsJ7FneCU7jBSE2iLT1aHuNFFa56KzSThFUl6Nj6Vyg5ghSmDF2tikurtG2q+Ay + uxf5/yEhFUPc1ZxmvJDqVHMeW5RZkuKXH00C7yN+gdcPuuFEFq+OtHNkBVmaxu7L + a8Q6b/QbrwQJAR9FAcm5WSQIj2brv50qnD8pZrU4loVu8dseQIicWkRowC0bzjAo + IHZTbF/S+CK0u0/q395sWRQJISkD+WAZKz5qOGHc4djJHBR3PWgHWBnRdkYqlQYM + C9zA/n4I+Y2BEfTWtgkD2g0dDssNGP5dlgFScGmRclR9pJ/7dsIbIeo9C72c6q3q + sg0EIWggQ8xyWrUTXIMoDXt37htlTSnTgjGsuwRzjotAEMJmgynWRf3br3yYChrq + 10Exq8Lej+iOuKbdAXlwjKEk0qwN7JWft3OzVc2DMtKf7rcZQkBoLfWKzaCTQ4xo + 1Y7d4OlcjbgrkLwHltTaShyosm8kbttdeinyBG1xqQcK11pMO43GFj8om+uKrz57 + lQUVipu6H3WIVGnvLmr0e9MQfThpC1em/7Aq2exn1JNUHhCdEho/mK2x/doiiI+0 + QAD64zPmuo9wsHnSMR2oKs0CAwEAAQ== + -----END PUBLIC KEY----- + ''; + }; + }; + }; dpdkm = { owner = config.krebs.users.Mic92; nets = rec { From 3dd3da513c7b28a44a12a86fc8d380f684088aad Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Jun 2019 11:36:55 +0200 Subject: [PATCH 74/76] nixpkgs: 1601f55 -> f01ed7b --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index d294ca6d1..53340de9e 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "1601f559e89ba71091faa26888711d4dd24c2d4d", - "date": "2019-06-14T16:14:30-04:00", - "sha256": "0iayyz9617mz6424spwbi9qvmcl8hiql42czxg8mi4ycq4p1k0dx", + "rev": "f01ed7b38aaa1d5e52951ecf92d06b600eb9e3c8", + "date": "2019-06-18T11:50:10+02:00", + "sha256": "0pnnzss0pig7xh9x9jyyphrnir7smln71ig3h6asv2y3jl6xs9p6", "fetchSubmodules": false } From ad7800ecce810ff4b2e4b300509e628195444274 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Jun 2019 15:22:37 +0200 Subject: [PATCH 75/76] nixpkgs: f01ed7b -> d77e3bd --- krebs/nixpkgs.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index 53340de9e..4118a1dd6 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "f01ed7b38aaa1d5e52951ecf92d06b600eb9e3c8", - "date": "2019-06-18T11:50:10+02:00", - "sha256": "0pnnzss0pig7xh9x9jyyphrnir7smln71ig3h6asv2y3jl6xs9p6", + "rev": "d77e3bd661354ea775a8cacc97bb59ddde513c09", + "date": "2019-06-18T23:08:17+02:00", + "sha256": "1m82zs00n6nc0pkdpmd9amm013qxwksjfhzcm6gck3p469q7n866", "fetchSubmodules": false } From 153505206cba1896685bf1fd7252cffeae19e290 Mon Sep 17 00:00:00 2001 From: tv Date: Sun, 28 Apr 2019 14:35:10 +0200 Subject: [PATCH 76/76] krops: 1.11.1 -> 1.14.0 --- submodules/krops | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/submodules/krops b/submodules/krops index 5b8fb8dc0..ee41207df 160000 --- a/submodules/krops +++ b/submodules/krops @@ -1 +1 @@ -Subproject commit 5b8fb8dc0ee14672d7fd533bd98635b8725dbb29 +Subproject commit ee41207df1ce718e0b154ed8047384118a0133a4