Merge remote-tracking branch 'prism/master'

This commit is contained in:
tv 2018-01-09 19:06:50 +01:00
commit 8ff5c5e992
39 changed files with 472 additions and 77 deletions

View File

@ -38,7 +38,7 @@
networking.hostName = "BLN02NB0154"; # Define your hostname.
networking.networkmanager.enable = true;
#networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Select internationalisation properties.
# i18n = {
@ -54,7 +54,11 @@
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
nixpkgs.config.allowUnfree = true;
environment.shellAliases = { n = "nix-shell"; };
environment.shellAliases = {
n = "nix-shell";
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
gh = "cd /home/markus/go/src/github.com";
};
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
environment.systemPackages = with pkgs; [
# system helper
@ -62,6 +66,7 @@
copyq
dmenu
git
tig
i3lock
keepass
networkmanagerapplet
@ -72,6 +77,8 @@
rxvt_unicode
# editors
emacs
# databases
sqlite
# internet
thunderbird
hipchat
@ -91,6 +98,7 @@
jetbrains.pycharm-professional
jetbrains.webstorm
jetbrains.goland
jetbrains.datagrip
texlive.combined.scheme-full
pandoc
redis

View File

@ -96,7 +96,7 @@
# Enable the X11 windowing system.
services.xserver.enable = true;
# services.xserver.layout = "us";
services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable touchpad support.

View File

@ -28,7 +28,7 @@ with import <stockholm/lib>;
URxvt*scrollBar: false
URxvt*urgentOnBell: true
URxvt*font: xft:DejaVu Sans Mono:pixelsize=20
URxvt*font: xft:DejaVu Sans Mono:pixelsize=12
URXvt*faceSize: 12
'';
}

View File

@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/jeschli/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
ref = "f9390d6";
ref = "d83c808";
};
secrets.file = getAttr builder {
buildbot = toString <stockholm/jeschli/2configs/tests/dummy-secrets>;

View File

@ -20,10 +20,5 @@
boot.isContainer = true;
networking.useDHCP = false;
krebs.repo-sync.repos.stockholm.timerConfig = {
OnBootSec = "5min";
OnUnitInactiveSec = "2min";
RandomizedDelaySec = "2min";
};
krebs.ci.stockholmSrc = "http://cgit.prism.r/stockholm";
}

View File

@ -1,10 +1,6 @@
with import <stockholm/lib>;
{ lib, config, pkgs, ... }:
{
imports = [
<stockholm/krebs/2configs/repo-sync.nix>
];
networking.firewall.allowedTCPPorts = [ 80 8010 9989 ];
krebs.ci.enable = true;
krebs.ci.treeStableTimer = 1;

View File

@ -161,7 +161,7 @@ let
ExecStartPre = pkgs.writeDash "buildbot-master-init" ''
set -efux
#remove garbage from old versions
rm -r ${workdir}
rm -rf ${workdir}
mkdir -p ${workdir}/info
cp ${buildbot-slave-init} ${workdir}/buildbot.tac
echo ${contact} > ${workdir}/info/admin

View File

@ -31,6 +31,47 @@ with import <stockholm/lib>;
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
};
axon= {
cores = 2;
nets = {
retiolum = {
ip4.addr = "10.243.134.66";
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
aliases = [
"axon.retiolum"
"axon.r"
];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
-----END RSA PUBLIC KEY-----
'';
};
};
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
};
onondaga = {
cores = 1;
@ -63,6 +104,10 @@ with import <stockholm/lib>;
};
users = {
nin = {
mail = "nin@axon.retiolum";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
};
nin_h = {
mail = "nin@hiawatha.retiolum";
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
};

View File

@ -1,9 +1,15 @@
{ pkgs, fetchFromGitHub, ... }:
{ stdenv, pkgs, fetchPypi, ... }:
with pkgs.python3Packages;
buildPythonPackage rec {
pname = "internetarchive";
version = "1.7.3";
name = "${pname}-${version}";
src = fetchPypi {
inherit pname version;
sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g";
};
propagatedBuildInputs = [
requests
jsonpatch
@ -14,8 +20,9 @@ buildPythonPackage rec {
backports_csv
];
# check only works when cloned from git repo
# check only works when cloned from git repo
doCheck = false;
checkInputs = [
pytest
responses
@ -25,14 +32,8 @@ buildPythonPackage rec {
sed -i "s/'schema.*'/'schema>=0.4.0'/" setup.py
'';
src = fetchPypi {
inherit pname version;
sha256 = "0x3saklabdx7qrr11h5bjfd75hfbih7pw5gvl2784zvvvrqrz45g";
};
meta = with stdenv.lib; {
description = "python library and cli for uploading files to internet archive";
license = licenses.agpl3;
};
}

View File

@ -17,6 +17,6 @@ in
stockholm.file = toString <stockholm>;
nixpkgs.git = {
url = https://github.com/NixOS/nixpkgs;
ref = "cb751f9b1c3fe6885f3257e69ce328f77523ad77"; # nixos-17.09 @ 2017-12-13
ref = "0b30c1dd4c638e318957fc6a9198cf2429e38cb5"; # nixos-17.09 @ 2018-01-04
};
}

View File

@ -41,6 +41,7 @@ with import <stockholm/lib>;
skype
wine
];
nixpkgs.config.firefox.enableAdobeFlash = true;
services.xserver.enable = true;
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;

View File

@ -43,6 +43,7 @@
networking.dhcpcd.allowInterfaces = [
"enp*"
"eth*"
"ens*"
];
}
{

View File

@ -30,6 +30,7 @@ with import <stockholm/lib>;
<stockholm/lass/2configs/otp-ssh.nix>
<stockholm/lass/2configs/c-base.nix>
<stockholm/lass/2configs/br.nix>
<stockholm/lass/2configs/ableton.nix>
{
#risk of rain port
krebs.iptables.tables.filter.INPUT.rules = [
@ -69,10 +70,6 @@ with import <stockholm/lib>;
pkgs.ovh-zone
];
}
{
#ps vita stuff
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
}
{
services.tor = {
enable = true;

View File

@ -184,14 +184,17 @@ in {
}
{
#hotdog
systemd.services."container@hotdog".reloadIfChanged = mkForce false;
containers.hotdog = {
config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
config.krebs.users.lass.pubkey
];
};
autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.1";
@ -200,8 +203,10 @@ in {
}
{
#kaepsele
systemd.services."container@kaepsele".reloadIfChanged = mkForce false;
containers.kaepsele = {
config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = with config.krebs.users; [
@ -209,6 +214,7 @@ in {
tv.pubkey
];
};
autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.3";
@ -217,8 +223,10 @@ in {
}
{
#onondaga
systemd.services."container@onondaga".reloadIfChanged = mkForce false;
containers.onondaga = {
config = { ... }: {
imports = [ <stockholm/lass/2configs/rebuild-on-boot.nix> ];
environment.systemPackages = [ pkgs.git ];
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
@ -226,6 +234,7 @@ in {
config.krebs.users.nin.pubkey
];
};
autoStart = true;
enableTun = true;
privateNetwork = true;
hostAddress = "10.233.2.5";
@ -302,6 +311,13 @@ in {
}
];
}
{
krebs.repo-sync.repos.stockholm.timerConfig = {
OnBootSec = "5min";
OnUnitInactiveSec = "2min";
RandomizedDelaySec = "2min";
};
}
];
krebs.build.host = config.krebs.hosts.prism;

View File

@ -20,6 +20,17 @@ let
'';
in {
services.bitlbee = {
enable = true;
portNumber = 6666;
plugins = [
pkgs.bitlbee-facebook
pkgs.bitlbee-steam
pkgs.bitlbee-discord
];
libpurple_plugins = [ pkgs.telegram-purple ];
};
users.extraUsers.chat = {
home = "/home/chat";
uid = genid "chat";
@ -46,6 +57,10 @@ in {
restartIfChanged = false;
path = [
pkgs.rxvt_unicode.terminfo
];
serviceConfig = {
User = "chat";
RemainAfterExit = true;

20
lass/2configs/ableton.nix Normal file
View File

@ -0,0 +1,20 @@
{ config, pkgs, ... }: let
mainUser = config.users.extraUsers.mainUser;
in {
users.users= {
ableton = {
isNormalUser = true;
extraGroups = [
"audio"
"video"
];
packages = [
pkgs.wine
pkgs.winetricks
];
};
};
security.sudo.extraConfig = ''
${mainUser.name} ALL=(ableton) NOPASSWD: ALL
'';
}

View File

@ -11,24 +11,6 @@ with import <stockholm/lib>;
key = "1AFC:E58D:F242:0FBB:9EE9:4E51:47F4:5373:D9AE:C2AB:DD96:8448:333D:5D79:272C:A44C";
};
};
services.dnsmasq = {
enable = true;
resolveLocalQueries = false;
extraConfig = ''
server=127.1.0.1
#no-resolv
cache-size=1000
min-cache-ttl=3600
bind-dynamic
all-servers
dnssec
trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
rebind-domain-ok=/onion/
server=/.onion/127.0.0.1#9053
port=53
'';
};
networking.extraResolvconfConf = ''
name_servers='127.0.0.1'
'';
services.resolved.enable = true;
services.resolved.fallbackDns = [ "127.1.0.1" ];
}

View File

@ -0,0 +1,18 @@
{ config, pkgs, ... }:
with import <stockholm/lib>;
{
systemd.services.rebuild-on-boot = {
wantedBy = [ "multi-user.target" ];
environment = {
NIX_REMOTE = "daemon";
HOME = "/var/empty";
};
serviceConfig = {
ExecStart = pkgs.writeScript "rebuild" ''
#!${pkgs.bash}/bin/bash
(/run/current-system/sw/bin/nixos-rebuild -I /var/src switch) &
'';
ExecStop = "${pkgs.coreutils}/bin/sleep 10";
};
};
}

View File

@ -5,4 +5,6 @@ with import <stockholm/lib>;
boot.extraModprobeConfig = ''
install dccp /run/current-system/sw/bin/false
'';
boot.kernelPackages = pkgs.linuxPackages_latest;
}

View File

@ -10,7 +10,7 @@ in
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
ref = "3aec59c";
ref = "d202e30";
};
secrets = getAttr builder {
buildbot.file = toString <stockholm/lass/2configs/tests/dummy-secrets>;

View File

@ -71,7 +71,10 @@ in {
'') allDisks);
fileSystems = let
xfsmount = name: dev:
{ "/media/${name}" = { device = dev; fsType = "xfs"; }; };
{ "/media/${name}" = {
device = dev; fsType = "xfs";
options = [ "nofail" ];
}; };
in
# (xfsmount "j0" (part1 jDisk0)) //
(xfsmount "j1" (part1 jDisk1)) //

View File

@ -108,16 +108,35 @@ in {
# };
#}
{ # wireguard server
networking.firewall.allowedUDPPorts = [ 51820 ];
# TODO: networking.nat
# boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
# conf.all.proxy_arp =1
networking.firewall = {
allowedUDPPorts = [ 51820 ];
extraCommands = ''
iptables -t nat -A POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE
'';
};
networking.wireguard.interfaces.wg0 = {
ips = [ "10.244.0.1/24" ];
listenPort = 51820;
privateKeyFile = (toString <secrets>) + "/wireguard.key";
allowedIPsAsRoutes = true;
peers = [{
# allowedIPs = [ "0.0.0.0/0" "::/0" ];
peers = [
{
# x
allowedIPs = [ "10.244.0.2/32" ];
publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g=";
}];
}
{
# vbob
allowedIPs = [ "10.244.0.3/32" ];
publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw=";
}
];
};
}

View File

@ -143,7 +143,10 @@ in {
];
fileSystems = let
cryptMount = name:
{ "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };};
{ "/media/${name}" = {
device = "/dev/mapper/${name}"; fsType = "xfs";
options = [ "nofail" ];
};};
in cryptMount "crypt0"
// cryptMount "crypt1"
// cryptMount "crypt2"

View File

@ -7,7 +7,8 @@
<stockholm/makefu>
{
imports = [<stockholm/makefu/2configs/fs/single-partition-ext4.nix> ];
boot.loader.grub.device = "/dev/vda";
boot.loader.grub.device = "/dev/sda";
virtualisation.virtualbox.guest.enable = true;
}
# {
# imports = [
@ -49,6 +50,27 @@
# environment
<stockholm/makefu/2configs/tinc/retiolum.nix>
(let
gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr;
gateway = "10.0.2.2";
in {
# make sure the route to gum gets added after the network is online
systemd.services.wireguard-wg0.after = [ "network-online.target" ];
networking.wireguard.interfaces.wg0 = {
ips = [ "10.244.0.3/24" ];
privateKeyFile = (toString <secrets>) + "/wireguard.key";
# explicit route via eth0 to gum
preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"];
peers = [
{ # gum
endpoint = "${gum-ip}:51820";
allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ];
publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo=";
persistentKeepalive = 25;
}
];
};
})
];
networking.extraHosts = import (toString <secrets/extra-hosts.nix>);
@ -90,5 +112,5 @@
8010
];
systemd.services."serial-getty@ttyS0".enable = true;
}

View File

@ -11,6 +11,9 @@ with import <stockholm/lib>;
./vim.nix
./binary-cache/nixos.nix
];
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
programs.command-not-found.enable = false;
nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name);
krebs = {

View File

@ -1,6 +1,7 @@
{
imports = [
./android-pentest.nix
./consoles.nix
./core.nix
./core-gui.nix
./dev.nix

View File

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
users.users.makefu.packages = with pkgs; [
opl-utils
hdl-dump
bin2iso
cue2pops
];
}

View File

@ -21,6 +21,9 @@
gen-oath-safe
cdrtools
stockholm
# nix related
nix-repl
nix-index
# git-related
tig
];

View File

@ -5,5 +5,5 @@
mosh
];
boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
# boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
}

View File

@ -0,0 +1,28 @@
{ stdenv, lib, pkgs, fetchurl }:
stdenv.mkDerivation rec {
pname = "bin2iso";
version = "1.9b";
_dlver = builtins.replaceStrings ["."] [""] version;
name = "${pname}-${version}";
src = fetchurl {
url = "http://users.eastlink.ca/~doiron/${pname}/linux/${pname}${_dlver}_linux.c";
sha256 = "0gg4hbzlm83nnbccy79dnxbwpn7lxl3fb87ka36mlclikvknm2hy";
};
unpackPhase = "true";
buildPhase =''
gcc -Wall -o $pname $src
'';
installPhase = ''
install -Dm755 $pname $out/bin/$pname
'';
meta = {
homepage = http://users.eastlink.ca/~doiron/bin2iso/ ;
description = "converts bin+cue to iso";
license = lib.licenses.gpl3;
};
}

View File

@ -0,0 +1,24 @@
{ stdenv, lib, pkgs, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "cue2pops";
version = "2";
name = "${pname}-${version}";
src = fetchFromGitHub {
owner = "makefu";
repo = "cue2pops-linux";
rev = "541863a";
sha256 = "05w84726g3k33rz0wwb9v77g7xh4cnhy9sxlpilf775nli9bynrk";
};
installPhase = ''
install -Dm755 $pname $out/bin/$pname
'';
meta = {
homepage = http://users.eastlink.ca/~doiron/bin2iso/ ;
description = "converts bin+cue to iso";
license = lib.licenses.gpl3;
};
}

View File

@ -1,7 +1,6 @@
{ coreutils, makeWrapper, openssl, libcaca, qrencode, fetchFromGitHub, yubikey-manager, python, stdenv, ... }:
builtins.trace "Warning: HTOP mode of gen-oath-safe is currently broken"
stdenv.mkDerivation {
stdenv.mkDerivation {
name = "gen-oath-safe-2017-06-30";
src = fetchFromGitHub {
owner = "mcepl";
@ -24,7 +23,7 @@ builtins.trace "Warning: HTOP mode of gen-oath-safe is currently broken"
coreutils
openssl
qrencode
#yubikey-manager
yubikey-manager
libcaca
python
];

View File

@ -0,0 +1,33 @@
{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }:
stdenv.mkDerivation rec {
pname = "hdl-dump";
version = "75df8d7";
name = "${pname}-${version}";
src = fetchFromGitHub {
owner = "AKuHAK";
repo = "hdl-dump";
rev = version;
sha256 = "10jjr6p5yn0c182x17m7q68jmf8gizcny7wjxw7z5yh0fv5s48z4";
};
buildInputs = [ upx wine ];
makeFlags = [ "RELEASE=yes" ];
# uses wine, currently broken
#postBuild = ''
# make -C gui
#'';
installPhase = ''
mkdir -p $out/bin
cp hdl_dump $out/bin
'';
meta = {
homepage = https://github.com/AKuHAK/hdl-dump ;
description = "copy isos to psx hdd";
license = lib.licenses.gpl2;
};
}

View File

@ -0,0 +1,27 @@
{ stdenv, lib, pkgs, fetchFromGitHub }:
stdenv.mkDerivation rec {
pname = "opl-utils";
version = "881c0d2";
name = "${pname}-${version}";
src = fetchFromGitHub {
owner = "ifcaro";
repo = "open-ps2-loader";
rev = version;
sha256 = "1c2hgbyp5hymyq60mrk7g0m3gi00wqx165pdwwwb740q0qig07d1";
};
preBuild = "cd pc/";
installPhase = ''
mkdir -p $out/bin
cp */bin/* $out/bin
'';
meta = {
homepage = https://github.com/ifcaro/Open-PS2-Loader;
description = "open-ps2-loader utils (opl2iso,iso2opl,genvmc)";
license = lib.licenses.afl3;
};
}

View File

@ -13,8 +13,9 @@ let
then "buildbot"
else "makefu";
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
ref = "3874de4"; # unstable @ 2017-12-08
ref = "0f19bee"; # nixos-17.09 @ 2018-01-05
# + do_sqlite3 ruby: 55a952be5b5
# + signal: 0f19beef3
in
evalSource (toString _file) [

View File

@ -0,0 +1,117 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
<stockholm/nin>
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
#../2configs/copyq.nix
<stockholm/nin/2configs/games.nix>
<stockholm/nin/2configs/git.nix>
<stockholm/nin/2configs/retiolum.nix>
<stockholm/nin/2configs/termite.nix>
];
krebs.build.host = config.krebs.hosts.axon;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/pool/root";
fsType = "ext4";
};
fileSystems."/tmp" =
{ device = "tmpfs";
fsType = "tmpfs";
};
fileSystems."/boot" =
{ device = "/dev/sda1";
fsType = "ext2";
};
boot.initrd.luks.devices.crypted.device = "/dev/sda2";
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 4;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda";
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Enable CUPS to print documents.
# services.printing.enable = true;
# nin config
time.timeZone = "Europe/Berlin";
services.xserver.enable = true;
networking.networkmanager.enable = true;
#networking.wireless.enable = true;
hardware.pulseaudio = {
enable = true;
systemWide = true;
};
hardware.bluetooth.enable = true;
hardware.opengl.driSupport32Bit = true;
#nixpkgs.config.steam.java = true;
environment.systemPackages = with pkgs; [
firefox
git
lmms
networkmanagerapplet
python
steam
thunderbird
vim
virtmanager
];
nixpkgs.config = {
allowUnfree = true;
};
#services.logind.extraConfig = "HandleLidSwitch=ignore";
services.xserver.synaptics = {
enable = true;
};
services.xserver.desktopManager.xfce = let
xbindConfig = pkgs.writeText "xbindkeysrc" ''
"${pkgs.pass}/bin/passmenu --type"
Control + p
'';
in {
enable = true;
extraSessionCommands = ''
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
'';
};
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.03";
}

View File

@ -0,0 +1,4 @@
import <stockholm/nin/source.nix> {
name = "axon";
secure = true;
}

View File

@ -16,6 +16,7 @@ with import <stockholm/lib>;
root = {
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
config.krebs.users.nin_h.pubkey
];
};
nin = {
@ -31,6 +32,7 @@ with import <stockholm/lib>;
];
openssh.authorizedKeys.keys = [
config.krebs.users.nin.pubkey
config.krebs.users.nin_h.pubkey
];
};
};

View File

@ -53,7 +53,7 @@ let
with git // config.krebs.users;
repo:
singleton {
user = [ nin ];
user = [ nin nin_h ];
repo = [ repo ];
perm = push "refs/*" [ non-fast-forward create delete merge ];
} ++