Merge remote-tracking branch 'lass/18.09' into 18.09
This commit is contained in:
commit
91023a11eb
3
.gitmodules
vendored
3
.gitmodules
vendored
@ -1,3 +1,6 @@
|
|||||||
[submodule "submodules/nix-writers"]
|
[submodule "submodules/nix-writers"]
|
||||||
path = submodules/nix-writers
|
path = submodules/nix-writers
|
||||||
url = http://cgit.krebsco.de/nix-writers
|
url = http://cgit.krebsco.de/nix-writers
|
||||||
|
[submodule "submodules/krops"]
|
||||||
|
path = submodules/krops
|
||||||
|
url = https://cgit.krebsco.de/krops
|
||||||
|
@ -1,173 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
# bln config file
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./hardware-configuration.nix
|
|
||||||
<stockholm/jeschli>
|
|
||||||
<stockholm/jeschli/2configs/virtualbox.nix>
|
|
||||||
<stockholm/jeschli/2configs/urxvt.nix>
|
|
||||||
<stockholm/jeschli/2configs/emacs.nix>
|
|
||||||
<stockholm/jeschli/2configs/xdg.nix>
|
|
||||||
<stockholm/jeschli/2configs/xserver>
|
|
||||||
# <stockholm/jeschli/1systems/bln/dcso-vpn.nix>
|
|
||||||
<stockholm/jeschli/2configs/officevpn.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
# boot.loader.systemd-boot.enable = true;
|
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
|
||||||
boot.loader.efi.efiSysMountPoint = "/boot";
|
|
||||||
boot.loader.grub = {
|
|
||||||
devices = [ "nodev" ];
|
|
||||||
efiSupport = true;
|
|
||||||
enable = true;
|
|
||||||
extraEntries = ''
|
|
||||||
menuentry "Debian" {
|
|
||||||
insmod ext2
|
|
||||||
insmod chain
|
|
||||||
chainloader /EFI/debian/grubx64.efi
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
version = 2;
|
|
||||||
};
|
|
||||||
|
|
||||||
jeschliFontSize = 20;
|
|
||||||
|
|
||||||
environment.shellAliases = {
|
|
||||||
n = "nix-shell";
|
|
||||||
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
|
|
||||||
gh = "cd /home/markus/go/src/github.com";
|
|
||||||
stocki = pkgs.writeDash "deploy" ''
|
|
||||||
cd ~/stockholm
|
|
||||||
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
networking.hostName = lib.mkForce "BLN02NB0232";
|
|
||||||
networking.networkmanager.enable = true;
|
|
||||||
|
|
||||||
# Set your time zone.
|
|
||||||
time.timeZone = "Europe/Berlin";
|
|
||||||
|
|
||||||
# Setup Packages
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
termite
|
|
||||||
# system helper
|
|
||||||
ag
|
|
||||||
copyq
|
|
||||||
dmenu
|
|
||||||
git
|
|
||||||
tig
|
|
||||||
i3lock
|
|
||||||
keepass
|
|
||||||
networkmanagerapplet
|
|
||||||
rsync
|
|
||||||
terminator
|
|
||||||
tmux
|
|
||||||
wget
|
|
||||||
rxvt_unicode
|
|
||||||
# editors
|
|
||||||
emacs
|
|
||||||
# databases
|
|
||||||
sqlite
|
|
||||||
# internet
|
|
||||||
thunderbird
|
|
||||||
chromium
|
|
||||||
google-chrome
|
|
||||||
# programming languages
|
|
||||||
elmPackages.elm
|
|
||||||
go
|
|
||||||
gcc
|
|
||||||
ghc
|
|
||||||
python35
|
|
||||||
python35Packages.pip
|
|
||||||
# go tools
|
|
||||||
golint
|
|
||||||
gotools
|
|
||||||
# dev tools
|
|
||||||
gnumake
|
|
||||||
jetbrains.pycharm-professional
|
|
||||||
jetbrains.webstorm
|
|
||||||
jetbrains.goland
|
|
||||||
jetbrains.datagrip
|
|
||||||
texlive.combined.scheme-full
|
|
||||||
pandoc
|
|
||||||
redis
|
|
||||||
vagrant
|
|
||||||
# document viewer
|
|
||||||
zathura
|
|
||||||
|
|
||||||
samba
|
|
||||||
];
|
|
||||||
|
|
||||||
|
|
||||||
programs.bash.enableCompletion = true;
|
|
||||||
programs.vim.defaultEditor = true;
|
|
||||||
|
|
||||||
services.openssh.enable = true;
|
|
||||||
|
|
||||||
# Enable CUPS to print documents.
|
|
||||||
services.printing.enable = true;
|
|
||||||
services.printing.drivers = [ pkgs.postscript-lexmark ];
|
|
||||||
|
|
||||||
services.redis.enable = true;
|
|
||||||
|
|
||||||
services.xserver = {
|
|
||||||
|
|
||||||
desktopManager.session = lib.mkForce [];
|
|
||||||
|
|
||||||
enable = true;
|
|
||||||
display = 11;
|
|
||||||
tty = 11;
|
|
||||||
|
|
||||||
dpi = 200;
|
|
||||||
|
|
||||||
videoDrivers = [ "nvidia" ];
|
|
||||||
synaptics = {
|
|
||||||
enable = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
users.extraUsers.jeschli = {
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = ["docker" "vboxusers" "audio"];
|
|
||||||
uid = 1000;
|
|
||||||
};
|
|
||||||
|
|
||||||
system.stateVersion = "17.09";
|
|
||||||
# Gogland Debugger workaround
|
|
||||||
# nixpkgs.config.packageOverrides = super: {
|
|
||||||
# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
|
|
||||||
# postFixup = ''
|
|
||||||
# interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
|
|
||||||
# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
|
||||||
# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
|
||||||
# '';
|
|
||||||
# });
|
|
||||||
# };
|
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
|
||||||
|
|
||||||
# DCSO Certificates
|
|
||||||
security.pki.certificateFiles = [
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
|
|
||||||
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
|
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
|
|
||||||
];
|
|
||||||
|
|
||||||
|
|
||||||
hardware.bluetooth.enable = true;
|
|
||||||
krebs.build.host = config.krebs.hosts.bln;
|
|
||||||
|
|
||||||
networking.interfaces.enp0s31f6.ipv4.addresses = [
|
|
||||||
{ address = "10.99.23.2"; prefixLength = 24; }
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
@ -1,44 +0,0 @@
|
|||||||
with import <stockholm/lib>;
|
|
||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
|
|
||||||
users.extraUsers = {
|
|
||||||
dcsovpn = rec {
|
|
||||||
name = "dcsovpn";
|
|
||||||
uid = genid "dcsovpn";
|
|
||||||
description = "user for running dcso openvpn";
|
|
||||||
home = "/home/${name}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
users.extraGroups.dcsovpn.gid = genid "dcsovpn";
|
|
||||||
|
|
||||||
services.openvpn.servers = {
|
|
||||||
dcso = {
|
|
||||||
config = ''
|
|
||||||
client
|
|
||||||
dev tun
|
|
||||||
tun-mtu 1356
|
|
||||||
mssfix
|
|
||||||
proto udp
|
|
||||||
float
|
|
||||||
remote 217.111.55.41 1194
|
|
||||||
nobind
|
|
||||||
user dcsovpn
|
|
||||||
group dcsovpn
|
|
||||||
persist-key
|
|
||||||
persist-tun
|
|
||||||
ca ${toString <secrets/dcsovpn/ca.pem>}
|
|
||||||
cert ${toString <secrets/dcsovpn/cert.pem>}
|
|
||||||
key ${toString <secrets/dcsovpn/cert.key>}
|
|
||||||
verb 3
|
|
||||||
mute 20
|
|
||||||
auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
|
|
||||||
route-method exe
|
|
||||||
route-delay 2
|
|
||||||
'';
|
|
||||||
updateResolvConf = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,35 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports =
|
|
||||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ];
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d";
|
|
||||||
|
|
||||||
fileSystems."/" =
|
|
||||||
{ device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/home" =
|
|
||||||
{ device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/boot" =
|
|
||||||
{ device = "/dev/disk/by-uuid/927E-01A0";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [ ];
|
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 8;
|
|
||||||
powerManagement.cpuFreqGovernor = "powersave";
|
|
||||||
|
|
||||||
hardware.pulseaudio.enable = true;
|
|
||||||
}
|
|
@ -37,6 +37,11 @@
|
|||||||
cd ~/stockholm
|
cd ~/stockholm
|
||||||
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"'
|
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"'
|
||||||
'';
|
'';
|
||||||
|
deploy = pkgs.writeDash "deploy" ''
|
||||||
|
set -eu
|
||||||
|
export SYSTEM="$1"
|
||||||
|
$(nix-build $HOME/stockholm/jeschli/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
@ -114,6 +119,8 @@
|
|||||||
# Don't install feh into systemPackages
|
# Don't install feh into systemPackages
|
||||||
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
||||||
desktopManager.session = lib.mkForce [];
|
desktopManager.session = lib.mkForce [];
|
||||||
|
displayManager.lightdm.enable = lib.mkForce false;
|
||||||
|
displayManager.job.execCmd = lib.mkForce "derp";
|
||||||
|
|
||||||
enable = true;
|
enable = true;
|
||||||
display = 11;
|
display = 11;
|
||||||
@ -138,6 +145,15 @@
|
|||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
uid = 1001; # TODO genid
|
uid = 1001; # TODO genid
|
||||||
};
|
};
|
||||||
|
users.users.dev = {
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.lass.pubkey
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||||
|
@ -67,7 +67,6 @@ let
|
|||||||
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
|
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
|
||||||
epkgs.melpaPackages.evil
|
epkgs.melpaPackages.evil
|
||||||
epkgs.melpaStablePackages.magit
|
epkgs.melpaStablePackages.magit
|
||||||
epkgs.melpaPackages.mmm-mode
|
|
||||||
epkgs.melpaPackages.nix-mode
|
epkgs.melpaPackages.nix-mode
|
||||||
epkgs.melpaPackages.go-mode
|
epkgs.melpaPackages.go-mode
|
||||||
epkgs.melpaPackages.google-this
|
epkgs.melpaPackages.google-this
|
||||||
|
@ -222,7 +222,7 @@ myKeys conf = Map.fromList $
|
|||||||
pagerConfig :: PagerConfig
|
pagerConfig :: PagerConfig
|
||||||
pagerConfig = def
|
pagerConfig = def
|
||||||
{ pc_font = myFont
|
{ pc_font = myFont
|
||||||
, pc_cellwidth = 256
|
, pc_cellwidth = 100
|
||||||
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
|
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
|
||||||
--, pc_borderwidth = 1
|
--, pc_borderwidth = 1
|
||||||
--, pc_matchcolor = "#f0b000"
|
--, pc_matchcolor = "#f0b000"
|
||||||
|
@ -22,6 +22,12 @@
|
|||||||
"http://cgit.ni.r/disko"
|
"http://cgit.ni.r/disko"
|
||||||
"http://cgit.prism.r/disko"
|
"http://cgit.prism.r/disko"
|
||||||
];
|
];
|
||||||
|
krops.urls = [
|
||||||
|
"http://cgit.hotdog.r/krops"
|
||||||
|
"http://cgit.ni.r/krops"
|
||||||
|
"http://cgit.prism.r/krops"
|
||||||
|
"https://git.ingolf-wagner.de/krebs/krops.git"
|
||||||
|
];
|
||||||
nix_writers.urls = [
|
nix_writers.urls = [
|
||||||
"http://cgit.hotdog.r/nix-writers"
|
"http://cgit.hotdog.r/nix-writers"
|
||||||
"http://cgit.ni.r/nix-writers"
|
"http://cgit.ni.r/nix-writers"
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
6667 6669
|
6667 6669
|
||||||
];
|
];
|
||||||
|
|
||||||
services.charybdis = {
|
krebs.charybdis = {
|
||||||
enable = true;
|
enable = true;
|
||||||
motd = ''
|
motd = ''
|
||||||
hello
|
hello
|
||||||
|
110
krebs/3modules/charybdis.nix
Normal file
110
krebs/3modules/charybdis.nix
Normal file
@ -0,0 +1,110 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (lib) mkEnableOption mkIf mkOption singleton types;
|
||||||
|
inherit (pkgs) coreutils charybdis;
|
||||||
|
cfg = config.krebs.charybdis;
|
||||||
|
|
||||||
|
configFile = pkgs.writeText "charybdis.conf" ''
|
||||||
|
${cfg.config}
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
###### interface
|
||||||
|
|
||||||
|
options = {
|
||||||
|
|
||||||
|
krebs.charybdis = {
|
||||||
|
|
||||||
|
enable = mkEnableOption "Charybdis IRC daemon";
|
||||||
|
|
||||||
|
config = mkOption {
|
||||||
|
type = types.string;
|
||||||
|
description = ''
|
||||||
|
Charybdis IRC daemon configuration file.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
statedir = mkOption {
|
||||||
|
type = types.string;
|
||||||
|
default = "/var/lib/charybdis";
|
||||||
|
description = ''
|
||||||
|
Location of the state directory of charybdis.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
user = mkOption {
|
||||||
|
type = types.string;
|
||||||
|
default = "ircd";
|
||||||
|
description = ''
|
||||||
|
Charybdis IRC daemon user.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
group = mkOption {
|
||||||
|
type = types.string;
|
||||||
|
default = "ircd";
|
||||||
|
description = ''
|
||||||
|
Charybdis IRC daemon group.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
motd = mkOption {
|
||||||
|
type = types.nullOr types.lines;
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Charybdis MOTD text.
|
||||||
|
|
||||||
|
Charybdis will read its MOTD from /etc/charybdis/ircd.motd .
|
||||||
|
If set, the value of this option will be written to this path.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
###### implementation
|
||||||
|
|
||||||
|
config = mkIf cfg.enable (lib.mkMerge [
|
||||||
|
{
|
||||||
|
users.users = singleton {
|
||||||
|
name = cfg.user;
|
||||||
|
description = "Charybdis IRC daemon user";
|
||||||
|
uid = config.ids.uids.ircd;
|
||||||
|
group = cfg.group;
|
||||||
|
};
|
||||||
|
|
||||||
|
users.groups = singleton {
|
||||||
|
name = cfg.group;
|
||||||
|
gid = config.ids.gids.ircd;
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.charybdis = {
|
||||||
|
description = "Charybdis IRC daemon";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
environment = {
|
||||||
|
BANDB_DBPATH = "${cfg.statedir}/ban.db";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${charybdis}/bin/charybdis -foreground -logfile /dev/stdout -configfile ${configFile}";
|
||||||
|
Group = cfg.group;
|
||||||
|
User = cfg.user;
|
||||||
|
PermissionsStartOnly = true; # preStart needs to run with root permissions
|
||||||
|
};
|
||||||
|
preStart = ''
|
||||||
|
${coreutils}/bin/mkdir -p ${cfg.statedir}
|
||||||
|
${coreutils}/bin/chown ${cfg.user}:${cfg.group} ${cfg.statedir}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
(mkIf (cfg.motd != null) {
|
||||||
|
environment.etc."charybdis/ircd.motd".text = cfg.motd;
|
||||||
|
})
|
||||||
|
]);
|
||||||
|
}
|
@ -14,6 +14,7 @@ let
|
|||||||
./buildbot/master.nix
|
./buildbot/master.nix
|
||||||
./buildbot/slave.nix
|
./buildbot/slave.nix
|
||||||
./build.nix
|
./build.nix
|
||||||
|
./charybdis.nix
|
||||||
./ci.nix
|
./ci.nix
|
||||||
./current.nix
|
./current.nix
|
||||||
./exim.nix
|
./exim.nix
|
||||||
@ -111,7 +112,6 @@ let
|
|||||||
{ krebs = import ./krebs { inherit config; }; }
|
{ krebs = import ./krebs { inherit config; }; }
|
||||||
{ krebs = import ./lass { inherit config; }; }
|
{ krebs = import ./lass { inherit config; }; }
|
||||||
{ krebs = import ./makefu { inherit config; }; }
|
{ krebs = import ./makefu { inherit config; }; }
|
||||||
{ krebs = import ./nin { inherit config; }; }
|
|
||||||
{ krebs = import ./tv { inherit config; }; }
|
{ krebs = import ./tv { inherit config; }; }
|
||||||
{
|
{
|
||||||
krebs.dns.providers = {
|
krebs.dns.providers = {
|
||||||
|
@ -121,6 +121,10 @@ let
|
|||||||
cgit-settings = types.submodule {
|
cgit-settings = types.submodule {
|
||||||
# A setting's value of `null` means cgit's default should be used.
|
# A setting's value of `null` means cgit's default should be used.
|
||||||
options = {
|
options = {
|
||||||
|
about-filter = mkOption {
|
||||||
|
type = types.nullOr types.package;
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
cache-root = mkOption {
|
cache-root = mkOption {
|
||||||
type = types.absolute-pathname;
|
type = types.absolute-pathname;
|
||||||
default = "/tmp/cgit";
|
default = "/tmp/cgit";
|
||||||
@ -166,6 +170,10 @@ let
|
|||||||
types.nullOr (types.enum ["week" "month" "quarter" "year"]);
|
types.nullOr (types.enum ["week" "month" "quarter" "year"]);
|
||||||
default = "year";
|
default = "year";
|
||||||
};
|
};
|
||||||
|
readme = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [];
|
||||||
|
};
|
||||||
robots = mkOption {
|
robots = mkOption {
|
||||||
type = types.nullOr (types.listOf types.str);
|
type = types.nullOr (types.listOf types.str);
|
||||||
default = ["nofollow" "noindex"];
|
default = ["nofollow" "noindex"];
|
||||||
@ -394,8 +402,14 @@ let
|
|||||||
kv-to-cgitrc = k: v: getAttr (typeOf v) {
|
kv-to-cgitrc = k: v: getAttr (typeOf v) {
|
||||||
bool = kv-to-cgitrc k (if v then 1 else 0);
|
bool = kv-to-cgitrc k (if v then 1 else 0);
|
||||||
null = []; # This will be removed by `flatten`.
|
null = []; # This will be removed by `flatten`.
|
||||||
list = "${k}=${concatStringsSep ", " v}";
|
list = {
|
||||||
|
readme = map (x: "readme=${x}") v;
|
||||||
|
}.${k} or "${k}=${concatStringsSep ", " v}";
|
||||||
int = "${k}=${toString v}";
|
int = "${k}=${toString v}";
|
||||||
|
set =
|
||||||
|
if subtypes.cgit-settings.check v
|
||||||
|
then "${k}=${v}"
|
||||||
|
else error "kv-to-cgitrc: unhandled type: set";
|
||||||
string = "${k}=${v}";
|
string = "${k}=${v}";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
@ -7,43 +7,6 @@ with import <stockholm/lib>;
|
|||||||
owner = config.krebs.users.jeschli;
|
owner = config.krebs.users.jeschli;
|
||||||
ci = true;
|
ci = true;
|
||||||
}) {
|
}) {
|
||||||
bln = {
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.27.28";
|
|
||||||
ip6.addr = "42::28";
|
|
||||||
aliases = [
|
|
||||||
"bln.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIECgKCBAEAwoN2f6iyQ1Wnk4rZVqhovny8VpwWvC9buE+NoedRaxmWmA5QIP02
|
|
||||||
BLwTWFKnbiKOQiYN+a4m/JKs0fFOjYCa2EKhqWWKwdEIN4wJTq8zrjzIaa2rdz+8
|
|
||||||
tamE+8rSYDE+RbJ6Gs3SUDfwcxJT6FXCi3JYoirdhAssLSwTf9d5IsfXvkKMabky
|
|
||||||
FpY9Im51utmIR8UmYL4Ti7dEaOxif+5Hgl1LuitC8e2IIZJhXJprK9tJk9J0LRWt
|
|
||||||
PUM31IG1+A2hNBzs5hferLmmwFvYF1sJ22NtFepxVyOLaLcLEFKWHyU+14qEMSgL
|
|
||||||
acsu0lgVZ4A1TY6vVBmawfVCzUzRfalNIty1x+qDA4MB1RQ4W7ivWCjd/+wirSyc
|
|
||||||
BLxCvriXRdUwPIRoHy0kNMmS83HGm2iv2IrHUrcH8lyJvMys216J2lCF2arRVnBn
|
|
||||||
lArObfR3mXgd/YoANmZ4cinLAjLCjCjXfOe39+pvTFph6WnDt4gOO+tQlnCk19Fa
|
|
||||||
NoiK1THcuZiFVE+4CAXVmstNqYKSMgw+Upw7/t6iUzur98iwKpcicomhJjGVVtbg
|
|
||||||
2iDf4lYVrUyb7iPns2T4EzAuHk7iESktEASU5creSbWYRu/4uyhuNlUoiCpVOEKg
|
|
||||||
H9jkrLlCpQGv/GmgdH9oj35Dsv5TINauCT2jjWV65wcKAlvyafy5UtLyF4HBRHaM
|
|
||||||
2xyxC9gxr8bmeOFyOnHVJQvpkeLxyaRp/VppjCTzr82TQvpZd5a+tISIbDGfqX1o
|
|
||||||
cEyPsowb3KHNtW9DqRBp+80fPGnQHsNjVXbJb37wjpnR/ePg/XyENbZF/OQEsjqt
|
|
||||||
bki8hZQXKJAFyx1bq/2A1q4ocx7JlJKynL4szG1unHbSPKNH2OOVvoezuP7e+lXU
|
|
||||||
gnzrSbe9lPIOp4Vu1HjWOi6tNWZFoZrSHVIK+VGxm+wm/HoS+Enj4Yq+vRvU3luv
|
|
||||||
UllR5KHHK2970RbFEUE0zaVMZjQn5KgJjFXfqfrCztp0wZ5CQo+tRFPq35llaIQ2
|
|
||||||
0WyT2IZlxt1Xr2IpOM0DpO4SJnivZT/wdZN7upzsUPf4a9suztpA3KcKAKqH0OM5
|
|
||||||
fv2/LXspc73vACAOZ9qDJnwp8bFrMOaQdAL1oPpOLB3yYTDA3E20IAQ6OKoSy1Nl
|
|
||||||
B4coqo1gBCcMrWwVFYAuc5J4itXJ0SSj67+WUnuDzPm88LI3g+AO0r1m6k6YdA58
|
|
||||||
SeNxYPMLYNLRg86rsjKjXu+QyvBsd04O/QvIxpTFCtdjbUXNS1H4++/inYZSwWPp
|
|
||||||
U0lN9erLJbwr4WqU/Mn6J+jKijXwmCSiF5if5baszMsOL/0u9yFt6OcaLyehE3sJ
|
|
||||||
eAo00n9phSna0lxtbtRnh/Gd4D7rFcX33wIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
brauerei = {
|
brauerei = {
|
||||||
nets = {
|
nets = {
|
||||||
retiolum = {
|
retiolum = {
|
||||||
|
@ -1,111 +0,0 @@
|
|||||||
{ config, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
hosts = mapAttrs (_: recursiveUpdate {
|
|
||||||
owner = config.krebs.users.nin;
|
|
||||||
ci = true;
|
|
||||||
}) {
|
|
||||||
hiawatha = {
|
|
||||||
cores = 2;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.132.96";
|
|
||||||
ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342";
|
|
||||||
aliases = [
|
|
||||||
"hiawatha.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o
|
|
||||||
Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB
|
|
||||||
iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E
|
|
||||||
UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr
|
|
||||||
lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ
|
|
||||||
yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
|
|
||||||
};
|
|
||||||
axon= {
|
|
||||||
cores = 2;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.134.66";
|
|
||||||
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
|
|
||||||
aliases = [
|
|
||||||
"axon.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
|
|
||||||
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
|
|
||||||
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
|
|
||||||
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
|
|
||||||
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
|
|
||||||
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
|
|
||||||
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
|
|
||||||
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
|
|
||||||
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
|
|
||||||
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
|
|
||||||
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
|
|
||||||
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
|
|
||||||
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
|
|
||||||
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
|
|
||||||
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
|
|
||||||
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
|
|
||||||
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
|
|
||||||
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
|
|
||||||
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
|
|
||||||
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
|
|
||||||
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
|
|
||||||
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
|
|
||||||
};
|
|
||||||
onondaga = {
|
|
||||||
cores = 1;
|
|
||||||
nets = {
|
|
||||||
retiolum = {
|
|
||||||
ip4.addr = "10.243.132.55";
|
|
||||||
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357";
|
|
||||||
aliases = [
|
|
||||||
"onondaga.r"
|
|
||||||
"cgit.onondaga.r"
|
|
||||||
];
|
|
||||||
tinc.pubkey = ''
|
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR
|
|
||||||
OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu
|
|
||||||
htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH
|
|
||||||
xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO
|
|
||||||
kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn
|
|
||||||
hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
|
||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO";
|
|
||||||
};
|
|
||||||
|
|
||||||
};
|
|
||||||
users = {
|
|
||||||
nin = {
|
|
||||||
mail = "nin@axon.r";
|
|
||||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
|
|
||||||
};
|
|
||||||
nin_h = {
|
|
||||||
mail = "nin@hiawatha.r";
|
|
||||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,11 +1,24 @@
|
|||||||
{ mkDerivation, base, fetchgit, stdenv }:
|
with import <stockholm/lib>;
|
||||||
mkDerivation rec {
|
{ mkDerivation, base, fetchgit, stdenv }: let
|
||||||
|
|
||||||
|
cfg = {
|
||||||
|
"18.03" = {
|
||||||
|
version = "1.1.0";
|
||||||
|
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
|
||||||
|
};
|
||||||
|
"18.09" = {
|
||||||
|
version = "1.2.0";
|
||||||
|
sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300";
|
||||||
|
};
|
||||||
|
}.${versions.majorMinor nixpkgsVersion};
|
||||||
|
|
||||||
|
in mkDerivation {
|
||||||
pname = "blessings";
|
pname = "blessings";
|
||||||
version = "1.1.0";
|
version = cfg.version;
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = http://cgit.ni.krebsco.de/blessings;
|
url = http://cgit.ni.krebsco.de/blessings;
|
||||||
rev = "refs/tags/v${version}";
|
rev = "refs/tags/v${cfg.version}";
|
||||||
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
|
sha256 = cfg.sha256;
|
||||||
};
|
};
|
||||||
libraryHaskellDepends = [ base ];
|
libraryHaskellDepends = [ base ];
|
||||||
doHaddock = false;
|
doHaddock = false;
|
||||||
|
@ -1,14 +1,29 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
|
{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
|
||||||
, case-insensitive, containers, exceptions, fetchgit, QuickCheck
|
, case-insensitive, containers, exceptions, fetchgit, QuickCheck
|
||||||
, stdenv, tasty, tasty-quickcheck, text, text-icu, time
|
, stdenv, tasty, tasty-quickcheck, text, text-icu, time
|
||||||
}:
|
}: let
|
||||||
mkDerivation {
|
|
||||||
|
cfg = {
|
||||||
|
"18.03" = {
|
||||||
|
version = "0.3.0";
|
||||||
|
rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
|
||||||
|
sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59";
|
||||||
|
};
|
||||||
|
"18.09" = {
|
||||||
|
version = "0.4.1-tv1";
|
||||||
|
rev = "refs/tags/v${cfg.version}";
|
||||||
|
sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
|
||||||
|
};
|
||||||
|
}.${versions.majorMinor nixpkgsVersion};
|
||||||
|
|
||||||
|
in mkDerivation {
|
||||||
pname = "email-header";
|
pname = "email-header";
|
||||||
version = "0.3.0";
|
version = cfg.version;
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = "https://github.com/4z3/email-header";
|
url = "https://github.com/4z3/email-header";
|
||||||
rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
|
rev = cfg.rev;
|
||||||
sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59";
|
sha256 = cfg.sha256;
|
||||||
};
|
};
|
||||||
buildDepends = [
|
buildDepends = [
|
||||||
attoparsec base base64-bytestring bytestring case-insensitive
|
attoparsec base base64-bytestring bytestring case-insensitive
|
||||||
|
@ -1,17 +0,0 @@
|
|||||||
# Same as upstream but with doCheck = false because doctest has wrong version.
|
|
||||||
{ mkDerivation, base, bytestring, containers, directory
|
|
||||||
, filepath, unordered-containers, zlib, stdenv
|
|
||||||
}:
|
|
||||||
mkDerivation {
|
|
||||||
pname = "hyphenation";
|
|
||||||
version = "0.6";
|
|
||||||
sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7";
|
|
||||||
libraryHaskellDepends = [
|
|
||||||
base bytestring containers unordered-containers zlib
|
|
||||||
];
|
|
||||||
homepage = "http://github.com/ekmett/hyphenation";
|
|
||||||
description = "Configurable Knuth-Liang hyphenation";
|
|
||||||
license = stdenv.lib.licenses.bsd3;
|
|
||||||
hydraPlatforms = stdenv.lib.platforms.none;
|
|
||||||
doCheck = false;
|
|
||||||
}
|
|
@ -17,7 +17,7 @@ python2Packages.buildPythonApplication rec {
|
|||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
python2Packages.jinja2
|
python2Packages.jinja2
|
||||||
python2Packages.twisted
|
python2Packages.twisted
|
||||||
python2Packages.dateutil_1_5
|
python2Packages.dateutil
|
||||||
python2Packages.sqlalchemy_migrate
|
python2Packages.sqlalchemy_migrate
|
||||||
python2Packages.pysqlite
|
python2Packages.pysqlite
|
||||||
pkgs.coreutils
|
pkgs.coreutils
|
||||||
|
@ -3,7 +3,6 @@
|
|||||||
with python3Packages; buildPythonPackage rec {
|
with python3Packages; buildPythonPackage rec {
|
||||||
name = "repo-sync-${version}";
|
name = "repo-sync-${version}";
|
||||||
version = "0.2.7";
|
version = "0.2.7";
|
||||||
disabled = isPy26 || isPy27;
|
|
||||||
propagatedBuildInputs = [
|
propagatedBuildInputs = [
|
||||||
docopt
|
docopt
|
||||||
GitPython
|
GitPython
|
||||||
|
@ -1,9 +1,6 @@
|
|||||||
{ name }: rec {
|
{ name }: rec {
|
||||||
|
|
||||||
krops = builtins.fetchGit {
|
krops = ../submodules/krops;
|
||||||
url = https://cgit.krebsco.de/krops/;
|
|
||||||
rev = "c46166d407c7d246112f13346621a3fbdb25889e";
|
|
||||||
};
|
|
||||||
|
|
||||||
lib = import "${krops}/lib";
|
lib = import "${krops}/lib";
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||||
"rev": "d16a7abceb72aac85e0deb8c45fbcb7127baf628",
|
"rev": "6a3f5bcb061e1822f50e299f5616a0731636e4e7",
|
||||||
"date": "2018-09-20T18:31:51-05:00",
|
"date": "2018-10-05T18:33:19-04:00",
|
||||||
"sha256": "0byf6rlwwy70v2sdfmv7mnwd0kvxmlq0pi8ijghg0mcfhcqibgh7",
|
"sha256": "1ib96has10v5nr6bzf7v8kw7yzww8zanxgw2qi1ll1sbv6kj6zpd",
|
||||||
"fetchSubmodules": true
|
"fetchSubmodules": true
|
||||||
}
|
}
|
||||||
|
@ -77,6 +77,7 @@ with import <stockholm/lib>;
|
|||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.ovh-zone
|
pkgs.ovh-zone
|
||||||
pkgs.bank
|
pkgs.bank
|
||||||
|
pkgs.adb-sync
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
@ -143,7 +144,6 @@ with import <stockholm/lib>;
|
|||||||
OnCalendar = "00:37";
|
OnCalendar = "00:37";
|
||||||
};
|
};
|
||||||
|
|
||||||
nix.package = pkgs.nixUnstable;
|
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
|
@ -57,13 +57,6 @@ with import <stockholm/lib>;
|
|||||||
config.krebs.users.makefu.pubkey
|
config.krebs.users.makefu.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
users.users.nin = {
|
|
||||||
uid = genid "nin";
|
|
||||||
isNormalUser = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.nin.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
users.extraUsers.dritter = {
|
users.extraUsers.dritter = {
|
||||||
uid = genid "dritter";
|
uid = genid "dritter";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
@ -119,7 +112,6 @@ with import <stockholm/lib>;
|
|||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.lass.pubkey
|
config.krebs.users.lass.pubkey
|
||||||
config.krebs.users.nin.pubkey
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
@ -291,16 +283,6 @@ with import <stockholm/lib>;
|
|||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
virtualHosts."radio.lassul.us" = {
|
|
||||||
forceSSL = true;
|
|
||||||
enableACME = true;
|
|
||||||
locations."/".extraConfig = ''
|
|
||||||
proxy_pass http://localhost:8000;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
lass.nichtparasoup.enable = true;
|
lass.nichtparasoup.enable = true;
|
||||||
|
@ -71,7 +71,6 @@ in {
|
|||||||
lm_sensors
|
lm_sensors
|
||||||
ncdu
|
ncdu
|
||||||
nix-index
|
nix-index
|
||||||
nix-repl
|
|
||||||
nmap
|
nmap
|
||||||
pavucontrol
|
pavucontrol
|
||||||
powertop
|
powertop
|
||||||
|
@ -89,6 +89,7 @@ with import <stockholm/lib>;
|
|||||||
{ from = "cis@lassul.us"; to = lass.mail; }
|
{ from = "cis@lassul.us"; to = lass.mail; }
|
||||||
{ from = "afra@lassul.us"; to = lass.mail; }
|
{ from = "afra@lassul.us"; to = lass.mail; }
|
||||||
{ from = "ksp@lassul.us"; to = lass.mail; }
|
{ from = "ksp@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "ccc@lassul.us"; to = lass.mail; }
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
@ -57,7 +57,6 @@ let
|
|||||||
|
|
||||||
in {
|
in {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
(dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; })
|
|
||||||
doom1
|
doom1
|
||||||
doom2
|
doom2
|
||||||
vdoom1
|
vdoom1
|
||||||
|
@ -62,6 +62,10 @@ let
|
|||||||
cgit.desc = "high level writers for nix";
|
cgit.desc = "high level writers for nix";
|
||||||
cgit.section = "software";
|
cgit.section = "software";
|
||||||
};
|
};
|
||||||
|
nixos-generators = {
|
||||||
|
cgit.desc = "custom image builders";
|
||||||
|
cgit.section = "software";
|
||||||
|
};
|
||||||
nixpkgs = {
|
nixpkgs = {
|
||||||
cgit.desc = "nixpkgs fork";
|
cgit.desc = "nixpkgs fork";
|
||||||
cgit.section = "configuration";
|
cgit.section = "configuration";
|
||||||
|
@ -36,8 +36,9 @@ in {
|
|||||||
home = "/home/${name}";
|
home = "/home/${name}";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||||
config.krebs.users.lass.pubkey
|
lass.pubkey
|
||||||
|
lass-mors.pubkey
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -63,24 +63,6 @@ with import <stockholm/lib>;
|
|||||||
-e "@kind $1"
|
-e "@kind $1"
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
(buildSimpleReaktorPlugin "random-unicorn-porn" {
|
|
||||||
pattern = "^!rup$$";
|
|
||||||
script = pkgs.writePython2 "rup" {} ''
|
|
||||||
t1 = """
|
|
||||||
_.
|
|
||||||
;=',_ ()
|
|
||||||
8===D~~ S" .--`||
|
|
||||||
sS \__ ||
|
|
||||||
__.' ( \-->||
|
|
||||||
_=/ _./-\/ ||
|
|
||||||
8===D~~ ((\( /-' -'l ||
|
|
||||||
) |/ \\ (_))
|
|
||||||
\\ \\
|
|
||||||
'~ '~
|
|
||||||
"""
|
|
||||||
print(t1)
|
|
||||||
'';
|
|
||||||
})
|
|
||||||
(buildSimpleReaktorPlugin "ping" {
|
(buildSimpleReaktorPlugin "ping" {
|
||||||
pattern = "^!ping (?P<args>.*)$$";
|
pattern = "^!ping (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "ping" ''
|
script = pkgs.writeDash "ping" ''
|
||||||
|
@ -2,20 +2,13 @@
|
|||||||
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
unstable_nixpkgs = import (pkgs.fetchFromGitHub {
|
|
||||||
owner = "NixOS";
|
|
||||||
repo = "nixpkgs";
|
|
||||||
rev = "a8c71037e041725d40fbf2f3047347b6833b1703";
|
|
||||||
sha256 = "1z4cchcw7qgjhy0x6mnz7iqvpswc2nfjpdynxc54zpm66khfrjqw";
|
|
||||||
}) {};
|
|
||||||
out = {
|
out = {
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
(hiPrio vim)
|
(hiPrio vim)
|
||||||
pkgs.python35Packages.flake8
|
|
||||||
(pkgs.writeDashBin "govet" ''
|
(pkgs.writeDashBin "govet" ''
|
||||||
go vet "$@"
|
go vet "$@"
|
||||||
'')
|
'')
|
||||||
(hiPrio (unstable_nixpkgs.python3.withPackages (ps: [
|
(hiPrio (pkgs.python3.withPackages (ps: [
|
||||||
ps.python-language-server
|
ps.python-language-server
|
||||||
ps.pyls-isort
|
ps.pyls-isort
|
||||||
])))
|
])))
|
||||||
@ -135,7 +128,7 @@ let
|
|||||||
pkgs.vimPlugins.undotree
|
pkgs.vimPlugins.undotree
|
||||||
pkgs.vimPlugins.vim-go
|
pkgs.vimPlugins.vim-go
|
||||||
pkgs.vimPlugins.fzf-vim
|
pkgs.vimPlugins.fzf-vim
|
||||||
unstable_nixpkgs.vimPlugins.LanguageClient-neovim
|
pkgs.vimPlugins.LanguageClient-neovim
|
||||||
(pkgs.vimUtils.buildVimPlugin {
|
(pkgs.vimUtils.buildVimPlugin {
|
||||||
name = "file-line-1.0";
|
name = "file-line-1.0";
|
||||||
src = pkgs.fetchFromGitHub {
|
src = pkgs.fetchFromGitHub {
|
||||||
|
@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS)
|
|||||||
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
|
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
|
||||||
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
|
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
|
||||||
import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
|
import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
|
||||||
|
import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized)
|
||||||
import XMonad.Hooks.EwmhDesktops (ewmh)
|
import XMonad.Hooks.EwmhDesktops (ewmh)
|
||||||
import XMonad.Hooks.FloatNext (floatNext)
|
import XMonad.Hooks.FloatNext (floatNext)
|
||||||
import XMonad.Hooks.FloatNext (floatNextHook)
|
import XMonad.Hooks.FloatNext (floatNextHook)
|
||||||
@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart)
|
|||||||
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
||||||
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
||||||
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
||||||
import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
|
import XMonad.Layout.Minimize (minimize)
|
||||||
import XMonad.Layout.NoBorders (smartBorders)
|
import XMonad.Layout.NoBorders (smartBorders)
|
||||||
import XMonad.Layout.SimplestFloat (simplestFloat)
|
import XMonad.Layout.SimplestFloat (simplestFloat)
|
||||||
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
||||||
@ -135,7 +136,7 @@ myKeyMap =
|
|||||||
, ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
|
, ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
|
||||||
|
|
||||||
, ("M4-m", withFocused minimizeWindow)
|
, ("M4-m", withFocused minimizeWindow)
|
||||||
, ("M4-S-m", sendMessage RestoreNextMinimizedWin)
|
, ("M4-S-m", withLastMinimized maximizeWindow)
|
||||||
|
|
||||||
, ("M4-q", windowPromptGoto infixAutoXPConfig)
|
, ("M4-q", windowPromptGoto infixAutoXPConfig)
|
||||||
, ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)
|
, ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)
|
||||||
|
@ -1,8 +1,5 @@
|
|||||||
{ config ? config, name, target ? name }: let
|
{ config ? config, name, target ? name }: let
|
||||||
krops = builtins.fetchGit {
|
krops = ../submodules/krops;
|
||||||
url = https://cgit.krebsco.de/krops/;
|
|
||||||
rev = "4e466eaf05861b47365c5ef46a31a188b70f3615";
|
|
||||||
};
|
|
||||||
nixpkgs-src = lib.importJSON ./nixpkgs.json;
|
nixpkgs-src = lib.importJSON ./nixpkgs.json;
|
||||||
|
|
||||||
lib = import "${krops}/lib";
|
lib = import "${krops}/lib";
|
||||||
|
@ -1 +0,0 @@
|
|||||||
{}
|
|
@ -1,132 +0,0 @@
|
|||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<stockholm/nin>
|
|
||||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
|
||||||
#../2configs/copyq.nix
|
|
||||||
<stockholm/nin/2configs/ableton.nix>
|
|
||||||
<stockholm/nin/2configs/games.nix>
|
|
||||||
<stockholm/nin/2configs/git.nix>
|
|
||||||
<stockholm/nin/2configs/retiolum.nix>
|
|
||||||
<stockholm/nin/2configs/termite.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.axon;
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
fileSystems."/" =
|
|
||||||
{ device = "/dev/pool/root";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/tmp" =
|
|
||||||
{ device = "tmpfs";
|
|
||||||
fsType = "tmpfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/boot" =
|
|
||||||
{ device = "/dev/sda1";
|
|
||||||
fsType = "ext2";
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.luks.devices.crypted.device = "/dev/sda2";
|
|
||||||
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
|
|
||||||
|
|
||||||
swapDevices = [ ];
|
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 4;
|
|
||||||
# Use the GRUB 2 boot loader.
|
|
||||||
boot.loader.grub.enable = true;
|
|
||||||
boot.loader.grub.version = 2;
|
|
||||||
# Define on which hard drive you want to install Grub.
|
|
||||||
boot.loader.grub.device = "/dev/sda";
|
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
|
||||||
services.openssh.enable = true;
|
|
||||||
|
|
||||||
# Enable CUPS to print documents.
|
|
||||||
# services.printing.enable = true;
|
|
||||||
|
|
||||||
# nin config
|
|
||||||
time.timeZone = "Europe/Berlin";
|
|
||||||
services.xserver = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
displayManager.lightdm.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.networkmanager.enable = true;
|
|
||||||
#networking.wireless.enable = true;
|
|
||||||
|
|
||||||
hardware.pulseaudio = {
|
|
||||||
enable = true;
|
|
||||||
systemWide = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
hardware.bluetooth.enable = true;
|
|
||||||
|
|
||||||
hardware.opengl.driSupport32Bit = true;
|
|
||||||
|
|
||||||
#nixpkgs.config.steam.java = true;
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
atom
|
|
||||||
chromium
|
|
||||||
firefox
|
|
||||||
git
|
|
||||||
htop
|
|
||||||
keepassx
|
|
||||||
lmms
|
|
||||||
networkmanagerapplet
|
|
||||||
openvpn
|
|
||||||
python
|
|
||||||
ruby
|
|
||||||
steam
|
|
||||||
taskwarrior
|
|
||||||
thunderbird
|
|
||||||
vim
|
|
||||||
virtmanager
|
|
||||||
];
|
|
||||||
|
|
||||||
nixpkgs.config = {
|
|
||||||
|
|
||||||
allowUnfree = true;
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
#services.logind.extraConfig = "HandleLidSwitch=ignore";
|
|
||||||
|
|
||||||
services.xserver.synaptics = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.xserver.displayManager.sessionCommands = ''
|
|
||||||
${pkgs.xorg.xhost}/bin/xhost + local:
|
|
||||||
'';
|
|
||||||
|
|
||||||
services.xserver.desktopManager.xfce = let
|
|
||||||
xbindConfig = pkgs.writeText "xbindkeysrc" ''
|
|
||||||
"${pkgs.pass}/bin/passmenu --type"
|
|
||||||
Control + p
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
extraSessionCommands = ''
|
|
||||||
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
# The NixOS release to be compatible with for stateful data such as databases.
|
|
||||||
system.stateVersion = "17.03";
|
|
||||||
|
|
||||||
}
|
|
@ -1,126 +0,0 @@
|
|||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with lib;
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<stockholm/nin>
|
|
||||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
|
||||||
#../2configs/copyq.nix
|
|
||||||
<stockholm/nin/2configs/games.nix>
|
|
||||||
<stockholm/nin/2configs/git.nix>
|
|
||||||
<stockholm/nin/2configs/retiolum.nix>
|
|
||||||
<stockholm/nin/2configs/termite.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.hiawatha;
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
fileSystems."/" =
|
|
||||||
{ device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/tmp" =
|
|
||||||
{ device = "tmpfs";
|
|
||||||
fsType = "tmpfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/home" =
|
|
||||||
{ device = "/dev/fam/home";
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
fileSystems."/boot" =
|
|
||||||
{ device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010";
|
|
||||||
fsType = "ext2";
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
|
|
||||||
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
|
|
||||||
|
|
||||||
swapDevices = [ ];
|
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 4;
|
|
||||||
# Use the GRUB 2 boot loader.
|
|
||||||
boot.loader.grub.enable = true;
|
|
||||||
boot.loader.grub.version = 2;
|
|
||||||
# Define on which hard drive you want to install Grub.
|
|
||||||
boot.loader.grub.device = "/dev/sda";
|
|
||||||
|
|
||||||
# Enable the OpenSSH daemon.
|
|
||||||
services.openssh.enable = true;
|
|
||||||
|
|
||||||
# Enable CUPS to print documents.
|
|
||||||
# services.printing.enable = true;
|
|
||||||
|
|
||||||
fileSystems."/home/nin/.local/share/Steam" = {
|
|
||||||
device = "/dev/fam/steam";
|
|
||||||
};
|
|
||||||
|
|
||||||
# nin config
|
|
||||||
time.timeZone = "Europe/Berlin";
|
|
||||||
services.xserver.enable = true;
|
|
||||||
|
|
||||||
networking.networkmanager.enable = true;
|
|
||||||
#networking.wireless.enable = true;
|
|
||||||
|
|
||||||
hardware.pulseaudio = {
|
|
||||||
enable = true;
|
|
||||||
systemWide = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
hardware.bluetooth.enable = true;
|
|
||||||
|
|
||||||
hardware.opengl.driSupport32Bit = true;
|
|
||||||
|
|
||||||
#nixpkgs.config.steam.java = true;
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
firefox
|
|
||||||
git
|
|
||||||
lmms
|
|
||||||
networkmanagerapplet
|
|
||||||
python
|
|
||||||
steam
|
|
||||||
thunderbird
|
|
||||||
vim
|
|
||||||
virtmanager
|
|
||||||
];
|
|
||||||
|
|
||||||
nixpkgs.config = {
|
|
||||||
|
|
||||||
allowUnfree = true;
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
#services.logind.extraConfig = "HandleLidSwitch=ignore";
|
|
||||||
|
|
||||||
services.xserver.synaptics = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
services.xserver.desktopManager.xfce = let
|
|
||||||
xbindConfig = pkgs.writeText "xbindkeysrc" ''
|
|
||||||
"${pkgs.pass}/bin/passmenu --type"
|
|
||||||
Control + p
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
enable = true;
|
|
||||||
extraSessionCommands = ''
|
|
||||||
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
# The NixOS release to be compatible with for stateful data such as databases.
|
|
||||||
system.stateVersion = "17.03";
|
|
||||||
|
|
||||||
}
|
|
@ -1,23 +0,0 @@
|
|||||||
# Edit this configuration file to define what should be installed on
|
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
||||||
|
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<stockholm/nin>
|
|
||||||
<stockholm/nin/2configs/retiolum.nix>
|
|
||||||
<stockholm/nin/2configs/weechat.nix>
|
|
||||||
<stockholm/nin/2configs/git.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.onondaga;
|
|
||||||
|
|
||||||
boot.isContainer = true;
|
|
||||||
networking.useDHCP = false;
|
|
||||||
|
|
||||||
time.timeZone = "Europe/Amsterdam";
|
|
||||||
|
|
||||||
services.openssh.enable = true;
|
|
||||||
}
|
|
@ -1,20 +0,0 @@
|
|||||||
{ config, pkgs, ... }: let
|
|
||||||
mainUser = config.users.extraUsers.nin;
|
|
||||||
in {
|
|
||||||
users.users= {
|
|
||||||
ableton = {
|
|
||||||
isNormalUser = true;
|
|
||||||
extraGroups = [
|
|
||||||
"audio"
|
|
||||||
"video"
|
|
||||||
];
|
|
||||||
packages = [
|
|
||||||
pkgs.wine
|
|
||||||
pkgs.winetricks
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
security.sudo.extraConfig = ''
|
|
||||||
${mainUser.name} ALL=(ableton) NOPASSWD: ALL
|
|
||||||
'';
|
|
||||||
}
|
|
@ -1,38 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
let
|
|
||||||
copyqConfig = pkgs.writeDash "copyq-config" ''
|
|
||||||
${pkgs.copyq}/bin/copyq config check_clipboard true
|
|
||||||
${pkgs.copyq}/bin/copyq config check_selection true
|
|
||||||
${pkgs.copyq}/bin/copyq config copy_clipboard true
|
|
||||||
${pkgs.copyq}/bin/copyq config copy_selection true
|
|
||||||
|
|
||||||
${pkgs.copyq}/bin/copyq config activate_closes true
|
|
||||||
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
|
|
||||||
${pkgs.copyq}/bin/copyq config clipboard_tab clipboard
|
|
||||||
${pkgs.copyq}/bin/copyq config disable_tray true
|
|
||||||
${pkgs.copyq}/bin/copyq config hide_tabs true
|
|
||||||
${pkgs.copyq}/bin/copyq config hide_toolbar true
|
|
||||||
${pkgs.copyq}/bin/copyq config item_popup_interval true
|
|
||||||
${pkgs.copyq}/bin/copyq config maxitems 1000
|
|
||||||
${pkgs.copyq}/bin/copyq config move true
|
|
||||||
${pkgs.copyq}/bin/copyq config text_wrap true
|
|
||||||
'';
|
|
||||||
in {
|
|
||||||
systemd.user.services.copyq = {
|
|
||||||
after = [ "graphical.target" ];
|
|
||||||
wants = [ "graphical.target" ];
|
|
||||||
wantedBy = [ "default.target" ];
|
|
||||||
environment = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
};
|
|
||||||
serviceConfig = {
|
|
||||||
SyslogIdentifier = "copyq";
|
|
||||||
ExecStart = "${pkgs.copyq}/bin/copyq";
|
|
||||||
ExecStartPost = copyqConfig;
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "2s";
|
|
||||||
StartLimitBurst = 0;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,173 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../2configs/vim.nix
|
|
||||||
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
|
||||||
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
|
||||||
{
|
|
||||||
users.extraUsers =
|
|
||||||
mapAttrs (_: h: { hashedPassword = h; })
|
|
||||||
(import <secrets/hashedPasswords.nix>);
|
|
||||||
}
|
|
||||||
{
|
|
||||||
users.users = {
|
|
||||||
root = {
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.nin.pubkey
|
|
||||||
config.krebs.users.nin_h.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
nin = {
|
|
||||||
name = "nin";
|
|
||||||
uid = 1337;
|
|
||||||
home = "/home/nin";
|
|
||||||
group = "users";
|
|
||||||
createHome = true;
|
|
||||||
useDefaultShell = true;
|
|
||||||
extraGroups = [
|
|
||||||
"audio"
|
|
||||||
"fuse"
|
|
||||||
];
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.nin.pubkey
|
|
||||||
config.krebs.users.nin_h.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
environment.variables = {
|
|
||||||
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
(let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
|
|
||||||
environment.variables = {
|
|
||||||
CURL_CA_BUNDLE = ca-bundle;
|
|
||||||
GIT_SSL_CAINFO = ca-bundle;
|
|
||||||
SSL_CERT_FILE = ca-bundle;
|
|
||||||
};
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.hostName = config.krebs.build.host.name;
|
|
||||||
nix.maxJobs = config.krebs.build.host.cores;
|
|
||||||
|
|
||||||
krebs = {
|
|
||||||
enable = true;
|
|
||||||
search-domain = "r";
|
|
||||||
build = {
|
|
||||||
user = config.krebs.users.nin;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
nix.useSandbox = true;
|
|
||||||
|
|
||||||
users.mutableUsers = false;
|
|
||||||
|
|
||||||
services.timesyncd.enable = true;
|
|
||||||
|
|
||||||
#why is this on in the first place?
|
|
||||||
services.nscd.enable = false;
|
|
||||||
|
|
||||||
boot.tmpOnTmpfs = true;
|
|
||||||
# see tmpfiles.d(5)
|
|
||||||
systemd.tmpfiles.rules = [
|
|
||||||
"d /tmp 1777 root root - -"
|
|
||||||
];
|
|
||||||
|
|
||||||
# multiple-definition-problem when defining environment.variables.EDITOR
|
|
||||||
environment.extraInit = ''
|
|
||||||
EDITOR=vim
|
|
||||||
'';
|
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
environment.shellAliases = {
|
|
||||||
gs = "git status";
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
#stockholm
|
|
||||||
git
|
|
||||||
gnumake
|
|
||||||
jq
|
|
||||||
proot
|
|
||||||
pavucontrol
|
|
||||||
populate
|
|
||||||
p7zip
|
|
||||||
termite
|
|
||||||
unzip
|
|
||||||
unrar
|
|
||||||
hashPassword
|
|
||||||
];
|
|
||||||
|
|
||||||
programs.bash = {
|
|
||||||
enableCompletion = true;
|
|
||||||
interactiveShellInit = ''
|
|
||||||
HISTCONTROL='erasedups:ignorespace'
|
|
||||||
HISTSIZE=65536
|
|
||||||
HISTFILESIZE=$HISTSIZE
|
|
||||||
|
|
||||||
shopt -s checkhash
|
|
||||||
shopt -s histappend histreedit histverify
|
|
||||||
shopt -s no_empty_cmd_completion
|
|
||||||
complete -d cd
|
|
||||||
'';
|
|
||||||
promptInit = ''
|
|
||||||
if test $UID = 0; then
|
|
||||||
PS1='\[\033[1;31m\]$PWD\[\033[0m\] '
|
|
||||||
elif test $UID = 1337; then
|
|
||||||
PS1='\[\033[1;32m\]$PWD\[\033[0m\] '
|
|
||||||
else
|
|
||||||
PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] '
|
|
||||||
fi
|
|
||||||
if test -n "$SSH_CLIENT"; then
|
|
||||||
PS1='\[\033[35m\]\h'" $PS1"
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
hostKeys = [
|
|
||||||
# XXX bits here make no science
|
|
||||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.journald.extraConfig = ''
|
|
||||||
SystemMaxUse=1G
|
|
||||||
RuntimeMaxUse=128M
|
|
||||||
'';
|
|
||||||
|
|
||||||
krebs.iptables = {
|
|
||||||
enable = true;
|
|
||||||
tables = {
|
|
||||||
nat.PREROUTING.rules = [
|
|
||||||
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
|
|
||||||
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
|
|
||||||
];
|
|
||||||
nat.OUTPUT.rules = [
|
|
||||||
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
|
|
||||||
];
|
|
||||||
filter.INPUT.policy = "DROP";
|
|
||||||
filter.FORWARD.policy = "DROP";
|
|
||||||
filter.INPUT.rules = [
|
|
||||||
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
|
||||||
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
|
||||||
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
|
|
||||||
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
|
||||||
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
|
||||||
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
|
||||||
{ predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
|
|
||||||
{ predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.dhcpcd.extraConfig = ''
|
|
||||||
noipv4ll
|
|
||||||
'';
|
|
||||||
}
|
|
@ -1,70 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
mainUser = config.users.extraUsers.mainUser;
|
|
||||||
vdoom = pkgs.writeDash "vdoom" ''
|
|
||||||
${pkgs.zandronum}/bin/zandronum \
|
|
||||||
-fov 120 \
|
|
||||||
"$@"
|
|
||||||
'';
|
|
||||||
doom = pkgs.writeDash "doom" ''
|
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
|
||||||
${vdoom} \
|
|
||||||
-file $DOOM_DIR/lib/brutalv20.pk3 \
|
|
||||||
"$@"
|
|
||||||
'';
|
|
||||||
doom1 = pkgs.writeDashBin "doom1" ''
|
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
|
||||||
${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
|
|
||||||
'';
|
|
||||||
doom2 = pkgs.writeDashBin "doom2" ''
|
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
|
||||||
${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
|
|
||||||
'';
|
|
||||||
vdoom1 = pkgs.writeDashBin "vdoom1" ''
|
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
|
||||||
${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
|
|
||||||
'';
|
|
||||||
vdoom2 = pkgs.writeDashBin "vdoom2" ''
|
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
|
||||||
${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
doomservercfg = pkgs.writeText "doomserver.cfg" ''
|
|
||||||
skill 7
|
|
||||||
#survival true
|
|
||||||
#sv_maxlives 4
|
|
||||||
#sv_norespawn true
|
|
||||||
#sv_weapondrop true
|
|
||||||
no_jump true
|
|
||||||
#sv_noweaponspawn true
|
|
||||||
sv_sharekeys true
|
|
||||||
sv_survivalcountdowntime 1
|
|
||||||
sv_noteamselect true
|
|
||||||
sv_updatemaster false
|
|
||||||
#sv_coop_loseinventory true
|
|
||||||
#cl_startasspectator false
|
|
||||||
#lms_spectatorview false
|
|
||||||
'';
|
|
||||||
|
|
||||||
vdoomserver = pkgs.writeDashBin "vdoomserver" ''
|
|
||||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
|
||||||
|
|
||||||
${pkgs.zandronum}/bin/zandronum-server \
|
|
||||||
+exec ${doomservercfg} \
|
|
||||||
"$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
in {
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
dwarf_fortress
|
|
||||||
doom1
|
|
||||||
doom2
|
|
||||||
vdoom1
|
|
||||||
vdoom2
|
|
||||||
vdoomserver
|
|
||||||
];
|
|
||||||
|
|
||||||
hardware.pulseaudio.support32Bit = true;
|
|
||||||
|
|
||||||
}
|
|
@ -1,60 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
let
|
|
||||||
|
|
||||||
out = {
|
|
||||||
services.nginx.enable = true;
|
|
||||||
krebs.git = {
|
|
||||||
enable = true;
|
|
||||||
cgit = {
|
|
||||||
settings = {
|
|
||||||
root-title = "public repositories at ${config.krebs.build.host.name}";
|
|
||||||
root-desc = "keep calm and engage";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
|
|
||||||
rules = rules;
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
|
||||||
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
repos = public-repos;
|
|
||||||
|
|
||||||
rules = concatMap make-rules (attrValues repos);
|
|
||||||
|
|
||||||
public-repos = mapAttrs make-public-repo {
|
|
||||||
stockholm = {
|
|
||||||
cgit.desc = "take all the computers hostage, they'll love you!";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
make-public-repo = name: { cgit ? {}, ... }: {
|
|
||||||
inherit cgit name;
|
|
||||||
public = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
make-rules =
|
|
||||||
with git // config.krebs.users;
|
|
||||||
repo:
|
|
||||||
singleton {
|
|
||||||
user = [ nin nin_h ];
|
|
||||||
repo = [ repo ];
|
|
||||||
perm = push "refs/*" [ non-fast-forward create delete merge ];
|
|
||||||
} ++
|
|
||||||
optional repo.public {
|
|
||||||
user = attrValues config.krebs.users;
|
|
||||||
repo = [ repo ];
|
|
||||||
perm = fetch;
|
|
||||||
} ++
|
|
||||||
optional (length (repo.collaborators or []) > 0) {
|
|
||||||
user = repo.collaborators;
|
|
||||||
repo = [ repo ];
|
|
||||||
perm = fetch;
|
|
||||||
};
|
|
||||||
|
|
||||||
in out
|
|
@ -1,19 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
{
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
(pkgs.writeDashBin "im" ''
|
|
||||||
export PATH=${makeSearchPath "bin" (with pkgs; [
|
|
||||||
tmux
|
|
||||||
gnugrep
|
|
||||||
weechat
|
|
||||||
])}
|
|
||||||
ssh chat@onondaga
|
|
||||||
if tmux list-sessions -F\#S | grep -q '^im''$'; then
|
|
||||||
exec tmux attach -t im
|
|
||||||
else
|
|
||||||
exec tmux new -s im weechat
|
|
||||||
fi
|
|
||||||
'')
|
|
||||||
];
|
|
||||||
}
|
|
@ -1,28 +0,0 @@
|
|||||||
{ ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
|
|
||||||
krebs.iptables = {
|
|
||||||
tables = {
|
|
||||||
filter.INPUT.rules = [
|
|
||||||
{ predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
|
|
||||||
{ predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.tinc.retiolum = {
|
|
||||||
enable = true;
|
|
||||||
connectTo = [
|
|
||||||
"prism"
|
|
||||||
"pigstarter"
|
|
||||||
"gum"
|
|
||||||
"flap"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
nixpkgs.config.packageOverrides = pkgs: {
|
|
||||||
tinc = pkgs.tinc_pre;
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,27 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
mainUser = config.users.extraUsers.nin;
|
|
||||||
inherit (import <stockholm/lib>) genid;
|
|
||||||
|
|
||||||
in {
|
|
||||||
users.extraUsers = {
|
|
||||||
skype = {
|
|
||||||
name = "skype";
|
|
||||||
uid = genid "skype";
|
|
||||||
description = "user for running skype";
|
|
||||||
home = "/home/skype";
|
|
||||||
useDefaultShell = true;
|
|
||||||
extraGroups = [ "audio" "video" ];
|
|
||||||
createHome = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.per-user.skype.packages = [
|
|
||||||
pkgs.skype
|
|
||||||
];
|
|
||||||
|
|
||||||
security.sudo.extraConfig = ''
|
|
||||||
${mainUser.name} ALL=(skype) NOPASSWD: ALL
|
|
||||||
'';
|
|
||||||
}
|
|
@ -1,22 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
environment.systemPackages = [
|
|
||||||
pkgs.termite
|
|
||||||
];
|
|
||||||
|
|
||||||
krebs.per-user.nin.packages = let
|
|
||||||
termitecfg = pkgs.writeTextFile {
|
|
||||||
name = "termite-config";
|
|
||||||
destination = "/etc/xdg/termite/config";
|
|
||||||
text = ''
|
|
||||||
[colors]
|
|
||||||
foreground = #d0d7d0
|
|
||||||
background = #000000
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
in [
|
|
||||||
termitecfg
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
|
@ -1,355 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
let
|
|
||||||
out = {
|
|
||||||
environment.systemPackages = [
|
|
||||||
vim
|
|
||||||
pkgs.pythonPackages.flake8
|
|
||||||
];
|
|
||||||
|
|
||||||
environment.etc.vimrc.source = vimrc;
|
|
||||||
|
|
||||||
environment.variables.EDITOR = mkForce "vim";
|
|
||||||
environment.variables.VIMINIT = ":so /etc/vimrc";
|
|
||||||
};
|
|
||||||
|
|
||||||
vimrc = pkgs.writeText "vimrc" ''
|
|
||||||
set nocompatible
|
|
||||||
|
|
||||||
set autoindent
|
|
||||||
set backspace=indent,eol,start
|
|
||||||
set backup
|
|
||||||
set backupdir=${dirs.backupdir}/
|
|
||||||
set directory=${dirs.swapdir}//
|
|
||||||
set hlsearch
|
|
||||||
set incsearch
|
|
||||||
set laststatus=2
|
|
||||||
set mouse=a
|
|
||||||
set noruler
|
|
||||||
set pastetoggle=<INS>
|
|
||||||
set runtimepath=${extra-runtimepath},$VIMRUNTIME
|
|
||||||
set shortmess+=I
|
|
||||||
set showcmd
|
|
||||||
set showmatch
|
|
||||||
set ttimeoutlen=0
|
|
||||||
set undodir=${dirs.undodir}
|
|
||||||
set undofile
|
|
||||||
set undolevels=1000000
|
|
||||||
set undoreload=1000000
|
|
||||||
set viminfo='20,<1000,s100,h,n${files.viminfo}
|
|
||||||
set visualbell
|
|
||||||
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
|
|
||||||
set wildmenu
|
|
||||||
set wildmode=longest,full
|
|
||||||
|
|
||||||
set et ts=2 sts=2 sw=2
|
|
||||||
|
|
||||||
filetype plugin indent on
|
|
||||||
|
|
||||||
set t_Co=256
|
|
||||||
colorscheme hack
|
|
||||||
syntax on
|
|
||||||
|
|
||||||
au Syntax * syn match Garbage containedin=ALL /\s\+$/
|
|
||||||
\ | syn match TabStop containedin=ALL /\t\+/
|
|
||||||
\ | syn keyword Todo containedin=ALL TODO
|
|
||||||
|
|
||||||
au BufRead,BufNewFile *.hs so ${hs.vim}
|
|
||||||
|
|
||||||
au BufRead,BufNewFile *.nix so ${nix.vim}
|
|
||||||
|
|
||||||
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
|
|
||||||
|
|
||||||
"Syntastic config
|
|
||||||
let g:syntastic_python_checkers=['flake8']
|
|
||||||
|
|
||||||
nmap <esc>q :buffer
|
|
||||||
nmap <M-q> :buffer
|
|
||||||
|
|
||||||
cnoremap <C-A> <Home>
|
|
||||||
|
|
||||||
noremap <C-c> :q<cr>
|
|
||||||
vnoremap < <gv
|
|
||||||
vnoremap > >gv
|
|
||||||
|
|
||||||
nnoremap <esc>[5^ :tabp<cr>
|
|
||||||
nnoremap <esc>[6^ :tabn<cr>
|
|
||||||
nnoremap <esc>[5@ :tabm -1<cr>
|
|
||||||
nnoremap <esc>[6@ :tabm +1<cr>
|
|
||||||
|
|
||||||
nnoremap <f1> :tabp<cr>
|
|
||||||
nnoremap <f2> :tabn<cr>
|
|
||||||
inoremap <f1> <esc>:tabp<cr>
|
|
||||||
inoremap <f2> <esc>:tabn<cr>
|
|
||||||
|
|
||||||
" <C-{Up,Down,Right,Left>
|
|
||||||
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
|
|
||||||
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
|
|
||||||
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
|
|
||||||
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
|
|
||||||
" <[C]S-{Up,Down,Right,Left>
|
|
||||||
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
|
|
||||||
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
|
|
||||||
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
|
|
||||||
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
|
|
||||||
vnoremap u <nop>
|
|
||||||
'';
|
|
||||||
|
|
||||||
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
|
|
||||||
pkgs.vimPlugins.Syntastic
|
|
||||||
pkgs.vimPlugins.undotree
|
|
||||||
pkgs.vimPlugins.airline
|
|
||||||
(pkgs.vimUtils.buildVimPlugin {
|
|
||||||
name = "file-line-1.0";
|
|
||||||
src = pkgs.fetchgit {
|
|
||||||
url = git://github.com/bogado/file-line;
|
|
||||||
rev = "refs/tags/1.0";
|
|
||||||
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
|
|
||||||
};
|
|
||||||
})
|
|
||||||
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
|
|
||||||
name = "hack";
|
|
||||||
in {
|
|
||||||
name = "vim-color-${name}-1.0.2";
|
|
||||||
destination = "/colors/${name}.vim";
|
|
||||||
text = /* vim */ ''
|
|
||||||
set background=dark
|
|
||||||
hi clear
|
|
||||||
if exists("syntax_on")
|
|
||||||
syntax clear
|
|
||||||
endif
|
|
||||||
|
|
||||||
let colors_name = ${toJSON name}
|
|
||||||
|
|
||||||
hi Normal ctermbg=235
|
|
||||||
hi Comment ctermfg=242
|
|
||||||
hi Constant ctermfg=062
|
|
||||||
hi Identifier ctermfg=068
|
|
||||||
hi Function ctermfg=041
|
|
||||||
hi Statement ctermfg=167
|
|
||||||
hi PreProc ctermfg=167
|
|
||||||
hi Type ctermfg=041
|
|
||||||
hi Delimiter ctermfg=251
|
|
||||||
hi Special ctermfg=062
|
|
||||||
|
|
||||||
hi Garbage ctermbg=088
|
|
||||||
hi TabStop ctermbg=016
|
|
||||||
hi Todo ctermfg=174 ctermbg=NONE
|
|
||||||
|
|
||||||
hi NixCode ctermfg=148
|
|
||||||
hi NixData ctermfg=149
|
|
||||||
hi NixQuote ctermfg=150
|
|
||||||
|
|
||||||
hi diffNewFile ctermfg=207
|
|
||||||
hi diffFile ctermfg=207
|
|
||||||
hi diffLine ctermfg=207
|
|
||||||
hi diffSubname ctermfg=207
|
|
||||||
hi diffAdded ctermfg=010
|
|
||||||
hi diffRemoved ctermfg=009
|
|
||||||
'';
|
|
||||||
})))
|
|
||||||
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
|
|
||||||
name = "vim";
|
|
||||||
in {
|
|
||||||
name = "vim-syntax-${name}-1.0.0";
|
|
||||||
destination = "/syntax/${name}.vim";
|
|
||||||
text = /* vim */ ''
|
|
||||||
${concatMapStringsSep "\n" (s: /* vim */ ''
|
|
||||||
syn keyword vimColor${s} ${s}
|
|
||||||
\ containedin=ALLBUT,vimComment,vimLineComment
|
|
||||||
hi vimColor${s} ctermfg=${s}
|
|
||||||
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
|
|
||||||
'';
|
|
||||||
})))
|
|
||||||
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
|
|
||||||
name = "showsyntax";
|
|
||||||
in {
|
|
||||||
name = "vim-plugin-${name}-1.0.0";
|
|
||||||
destination = "/plugin/${name}.vim";
|
|
||||||
text = /* vim */ ''
|
|
||||||
if exists('g:loaded_showsyntax')
|
|
||||||
finish
|
|
||||||
endif
|
|
||||||
let g:loaded_showsyntax = 0
|
|
||||||
|
|
||||||
fu! ShowSyntax()
|
|
||||||
let id = synID(line("."), col("."), 1)
|
|
||||||
let name = synIDattr(id, "name")
|
|
||||||
let transName = synIDattr(synIDtrans(id),"name")
|
|
||||||
if name != transName
|
|
||||||
let name .= " (" . transName . ")"
|
|
||||||
endif
|
|
||||||
echo "Syntax: " . name
|
|
||||||
endfu
|
|
||||||
|
|
||||||
command! -n=0 -bar ShowSyntax :call ShowSyntax()
|
|
||||||
'';
|
|
||||||
})))
|
|
||||||
];
|
|
||||||
|
|
||||||
dirs = {
|
|
||||||
backupdir = "$HOME/.cache/vim/backup";
|
|
||||||
swapdir = "$HOME/.cache/vim/swap";
|
|
||||||
undodir = "$HOME/.cache/vim/undo";
|
|
||||||
};
|
|
||||||
files = {
|
|
||||||
viminfo = "$HOME/.cache/vim/info";
|
|
||||||
};
|
|
||||||
|
|
||||||
mkdirs = let
|
|
||||||
dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
|
|
||||||
in assert out != ""; out;
|
|
||||||
alldirs = attrValues dirs ++ map dirOf (attrValues files);
|
|
||||||
in unique (sort lessThan alldirs);
|
|
||||||
|
|
||||||
vim = pkgs.writeDashBin "vim" ''
|
|
||||||
set -efu
|
|
||||||
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
|
|
||||||
exec ${pkgs.vim}/bin/vim "$@"
|
|
||||||
'';
|
|
||||||
|
|
||||||
|
|
||||||
hs.vim = pkgs.writeText "hs.vim" ''
|
|
||||||
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
|
|
||||||
|
|
||||||
hi link ConId Identifier
|
|
||||||
hi link VarId Identifier
|
|
||||||
hi link hsDelimiter Delimiter
|
|
||||||
'';
|
|
||||||
|
|
||||||
nix.vim = pkgs.writeText "nix.vim" ''
|
|
||||||
setf nix
|
|
||||||
|
|
||||||
" Ref <nix/src/libexpr/lexer.l>
|
|
||||||
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
|
|
||||||
syn match NixINT /\<[0-9]\+\>/
|
|
||||||
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
|
|
||||||
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
|
|
||||||
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
|
|
||||||
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
|
|
||||||
syn region NixSTRING
|
|
||||||
\ matchgroup=NixSTRING
|
|
||||||
\ start='"'
|
|
||||||
\ skip='\\"'
|
|
||||||
\ end='"'
|
|
||||||
syn region NixIND_STRING
|
|
||||||
\ matchgroup=NixIND_STRING
|
|
||||||
\ start="'''"
|
|
||||||
\ skip="'''\('\|[$]\|\\[nrt]\)"
|
|
||||||
\ end="'''"
|
|
||||||
|
|
||||||
syn match NixOther /[():/;=.,?\[\]]/
|
|
||||||
|
|
||||||
syn match NixCommentMatch /\(^\|\s\)#.*/
|
|
||||||
syn region NixCommentRegion start="/\*" end="\*/"
|
|
||||||
|
|
||||||
hi link NixCode Statement
|
|
||||||
hi link NixData Constant
|
|
||||||
hi link NixComment Comment
|
|
||||||
|
|
||||||
hi link NixCommentMatch NixComment
|
|
||||||
hi link NixCommentRegion NixComment
|
|
||||||
hi link NixID NixCode
|
|
||||||
hi link NixINT NixData
|
|
||||||
hi link NixPATH NixData
|
|
||||||
hi link NixHPATH NixData
|
|
||||||
hi link NixSPATH NixData
|
|
||||||
hi link NixURI NixData
|
|
||||||
hi link NixSTRING NixData
|
|
||||||
hi link NixIND_STRING NixData
|
|
||||||
|
|
||||||
hi link NixEnter NixCode
|
|
||||||
hi link NixOther NixCode
|
|
||||||
hi link NixQuote NixData
|
|
||||||
|
|
||||||
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
|
|
||||||
syn cluster nix_ind_strings contains=NixIND_STRING
|
|
||||||
syn cluster nix_strings contains=NixSTRING
|
|
||||||
|
|
||||||
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
|
|
||||||
startAlts = filter isString [
|
|
||||||
''/\* ${lang} \*/''
|
|
||||||
extraStart
|
|
||||||
];
|
|
||||||
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
|
|
||||||
in /* vim */ ''
|
|
||||||
syn include @nix_${lang}_syntax syntax/${lang}.vim
|
|
||||||
unlet b:current_syntax
|
|
||||||
|
|
||||||
syn match nix_${lang}_sigil
|
|
||||||
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
|
|
||||||
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
|
|
||||||
\ transparent
|
|
||||||
|
|
||||||
syn region nix_${lang}_region_STRING
|
|
||||||
\ matchgroup=NixSTRING
|
|
||||||
\ start='"'
|
|
||||||
\ skip='\\"'
|
|
||||||
\ end='"'
|
|
||||||
\ contained
|
|
||||||
\ contains=@nix_${lang}_syntax
|
|
||||||
\ transparent
|
|
||||||
|
|
||||||
syn region nix_${lang}_region_IND_STRING
|
|
||||||
\ matchgroup=NixIND_STRING
|
|
||||||
\ start="'''"
|
|
||||||
\ skip="'''\('\|[$]\|\\[nrt]\)"
|
|
||||||
\ end="'''"
|
|
||||||
\ contained
|
|
||||||
\ contains=@nix_${lang}_syntax
|
|
||||||
\ transparent
|
|
||||||
|
|
||||||
syn cluster nix_ind_strings
|
|
||||||
\ add=nix_${lang}_region_IND_STRING
|
|
||||||
|
|
||||||
syn cluster nix_strings
|
|
||||||
\ add=nix_${lang}_region_STRING
|
|
||||||
|
|
||||||
syn cluster nix_has_dollar_curly
|
|
||||||
\ add=@nix_${lang}_syntax
|
|
||||||
'') {
|
|
||||||
c = {};
|
|
||||||
cabal = {};
|
|
||||||
haskell = {};
|
|
||||||
sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
|
|
||||||
vim.extraStart =
|
|
||||||
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
|
|
||||||
})}
|
|
||||||
|
|
||||||
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
|
|
||||||
syn clear shVarAssign
|
|
||||||
|
|
||||||
syn region nixINSIDE_DOLLAR_CURLY
|
|
||||||
\ matchgroup=NixEnter
|
|
||||||
\ start="[$]{"
|
|
||||||
\ end="}"
|
|
||||||
\ contains=TOP
|
|
||||||
\ containedin=@nix_has_dollar_curly
|
|
||||||
\ transparent
|
|
||||||
|
|
||||||
syn region nix_inside_curly
|
|
||||||
\ matchgroup=NixEnter
|
|
||||||
\ start="{"
|
|
||||||
\ end="}"
|
|
||||||
\ contains=TOP
|
|
||||||
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
|
|
||||||
\ transparent
|
|
||||||
|
|
||||||
syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
|
|
||||||
\ containedin=@nix_ind_strings
|
|
||||||
\ contained
|
|
||||||
|
|
||||||
syn match NixQuote /\\./he=s+1
|
|
||||||
\ containedin=@nix_strings
|
|
||||||
\ contained
|
|
||||||
|
|
||||||
syn sync fromstart
|
|
||||||
|
|
||||||
let b:current_syntax = "nix"
|
|
||||||
|
|
||||||
set isk=@,48-57,_,192-255,-,'
|
|
||||||
set bg=dark
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
out
|
|
@ -1,21 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
inherit (import <stockholm/lib>) genid;
|
|
||||||
in {
|
|
||||||
krebs.per-user.chat.packages = with pkgs; [
|
|
||||||
mosh
|
|
||||||
weechat
|
|
||||||
tmux
|
|
||||||
];
|
|
||||||
|
|
||||||
users.extraUsers.chat = {
|
|
||||||
home = "/home/chat";
|
|
||||||
uid = genid "chat";
|
|
||||||
useDefaultShell = true;
|
|
||||||
createHome = true;
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
config.krebs.users.nin.pubkey
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,7 +0,0 @@
|
|||||||
_:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../krebs
|
|
||||||
./2configs
|
|
||||||
];
|
|
||||||
}
|
|
@ -1,35 +0,0 @@
|
|||||||
{ name }: let
|
|
||||||
inherit (import ../krebs/krops.nix { inherit name; })
|
|
||||||
krebs-source
|
|
||||||
lib
|
|
||||||
pkgs
|
|
||||||
;
|
|
||||||
|
|
||||||
source = { test }: lib.evalSource [
|
|
||||||
krebs-source
|
|
||||||
{
|
|
||||||
nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix";
|
|
||||||
secrets = if test then {
|
|
||||||
file = toString ./0tests/dummysecrets;
|
|
||||||
} else {
|
|
||||||
pass = {
|
|
||||||
dir = "${lib.getEnv "HOME"}/.password-store";
|
|
||||||
name = "hosts/${name}";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
in {
|
|
||||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
|
||||||
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
|
|
||||||
source = source { test = false; };
|
|
||||||
target = "root@${name}/var/src";
|
|
||||||
};
|
|
||||||
|
|
||||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
|
||||||
test = { target }: pkgs.krops.writeTest "${name}-test" {
|
|
||||||
inherit target;
|
|
||||||
source = source { test = true; };
|
|
||||||
};
|
|
||||||
}
|
|
1
submodules/krops
Submodule
1
submodules/krops
Submodule
@ -0,0 +1 @@
|
|||||||
|
Subproject commit e2b29654251367545700154ffbac806705dd04c0
|
@ -1 +1 @@
|
|||||||
Subproject commit c27a9416e8ee04d708b11b48f8cf1a055c0cc079
|
Subproject commit 0660cc1a1169e799bda356c6fadb245a96345816
|
@ -3,6 +3,7 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
<stockholm/tv>
|
<stockholm/tv>
|
||||||
|
<stockholm/tv/2configs/br.nix>
|
||||||
<stockholm/tv/2configs/exim-retiolum.nix>
|
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||||
<stockholm/tv/2configs/retiolum.nix>
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
];
|
];
|
||||||
@ -90,20 +91,6 @@ with import <stockholm/lib>;
|
|||||||
pkgs.xlibs.fontschumachermisc
|
pkgs.xlibs.fontschumachermisc
|
||||||
];
|
];
|
||||||
|
|
||||||
# Enable CUPS to print documents.
|
|
||||||
services.printing = {
|
|
||||||
enable = true;
|
|
||||||
#drivers = [
|
|
||||||
# #pkgs.foomatic_filters
|
|
||||||
# #pkgs.gutenprint
|
|
||||||
# #pkgs.cups_pdf_filter
|
|
||||||
# #pkgs.ghostscript
|
|
||||||
#];
|
|
||||||
#cupsdConf = ''
|
|
||||||
# LogLevel debug2
|
|
||||||
#'';
|
|
||||||
};
|
|
||||||
|
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
services.xserver.layout = "de";
|
services.xserver.layout = "de";
|
||||||
services.xserver.xkbOptions = "eurosign:e";
|
services.xserver.xkbOptions = "eurosign:e";
|
||||||
|
@ -2,10 +2,9 @@ with import <stockholm/lib>;
|
|||||||
{ config, pkgs, ... }: {
|
{ config, pkgs, ... }: {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
<stockholm/krebs>
|
<stockholm/tv>
|
||||||
<stockholm/tv/2configs>
|
|
||||||
<stockholm/tv/3modules>
|
|
||||||
<stockholm/tv/2configs/retiolum.nix>
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
|
<stockholm/tv/2configs/xp-332.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.querel;
|
krebs.build.host = config.krebs.hosts.querel;
|
||||||
@ -37,6 +36,7 @@ with import <stockholm/lib>;
|
|||||||
sxiv
|
sxiv
|
||||||
texlive.combined.scheme-full
|
texlive.combined.scheme-full
|
||||||
vim
|
vim
|
||||||
|
xsane
|
||||||
zathura
|
zathura
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -67,10 +67,6 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
programs.ssh.startAgent = false;
|
programs.ssh.startAgent = false;
|
||||||
|
|
||||||
services.printing = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
services.xserver.layout = "de";
|
services.xserver.layout = "de";
|
||||||
services.xserver.xkbOptions = "eurosign:e";
|
services.xserver.xkbOptions = "eurosign:e";
|
||||||
|
@ -18,6 +18,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/tv/2configs/retiolum.nix>
|
<stockholm/tv/2configs/retiolum.nix>
|
||||||
<stockholm/tv/2configs/binary-cache>
|
<stockholm/tv/2configs/binary-cache>
|
||||||
<stockholm/tv/2configs/br.nix>
|
<stockholm/tv/2configs/br.nix>
|
||||||
|
<stockholm/tv/2configs/xp-332.nix>
|
||||||
<stockholm/tv/2configs/xserver>
|
<stockholm/tv/2configs/xserver>
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
@ -40,7 +41,6 @@ with import <stockholm/lib>;
|
|||||||
mkpasswd
|
mkpasswd
|
||||||
netcat
|
netcat
|
||||||
netcup
|
netcup
|
||||||
nix-repl
|
|
||||||
nmap
|
nmap
|
||||||
p7zip
|
p7zip
|
||||||
pass
|
pass
|
||||||
@ -147,8 +147,6 @@ with import <stockholm/lib>;
|
|||||||
gptfdisk
|
gptfdisk
|
||||||
];
|
];
|
||||||
|
|
||||||
services.printing.enable = true;
|
|
||||||
|
|
||||||
#services.bitlbee.enable = true;
|
#services.bitlbee.enable = true;
|
||||||
#services.tor.client.enable = true;
|
#services.tor.client.enable = true;
|
||||||
#services.tor.enable = true;
|
#services.tor.enable = true;
|
||||||
|
@ -26,7 +26,7 @@ with import <stockholm/lib>;
|
|||||||
method = "pull";
|
method = "pull";
|
||||||
src = { host = config.krebs.hosts.querel; path = "/home"; };
|
src = { host = config.krebs.hosts.querel; path = "/home"; };
|
||||||
dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; };
|
dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; };
|
||||||
startAt = "00:00";
|
startAt = "22:00";
|
||||||
};
|
};
|
||||||
wu-home-xu = {
|
wu-home-xu = {
|
||||||
method = "push";
|
method = "push";
|
||||||
|
@ -33,11 +33,13 @@ with import <stockholm/lib>;
|
|||||||
PS1="ssh-agent[$SSH_AGENT_PID] $PS1"
|
PS1="ssh-agent[$SSH_AGENT_PID] $PS1"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
case ''${XMONAD_SPAWN_WORKSPACE-} in
|
if test ''${SHLVL-1} = 1; then
|
||||||
stockholm)
|
case ''${XMONAD_SPAWN_WORKSPACE-} in
|
||||||
cd ~/stockholm
|
stockholm)
|
||||||
;;
|
cd ~/stockholm
|
||||||
esac
|
;;
|
||||||
|
esac
|
||||||
|
fi
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -143,6 +143,7 @@ with import <stockholm/lib>;
|
|||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.get
|
pkgs.get
|
||||||
pkgs.git
|
pkgs.git
|
||||||
|
pkgs.git-crypt
|
||||||
pkgs.git-preview
|
pkgs.git-preview
|
||||||
pkgs.hashPassword
|
pkgs.hashPassword
|
||||||
pkgs.htop
|
pkgs.htop
|
||||||
|
@ -9,8 +9,19 @@ let {
|
|||||||
enable = true;
|
enable = true;
|
||||||
cgit = {
|
cgit = {
|
||||||
settings = {
|
settings = {
|
||||||
root-title = "repositories at ${config.krebs.build.host.name}";
|
about-filter = pkgs.exec "krebs.cgit.about-filter" rec {
|
||||||
|
filename = "${pkgs.pythonPackages.markdown2}/bin/markdown2";
|
||||||
|
argv = [
|
||||||
|
filename
|
||||||
|
"--extras=fenced-code-blocks"
|
||||||
|
];
|
||||||
|
envp = {};
|
||||||
|
};
|
||||||
|
readme = [
|
||||||
|
":README.md"
|
||||||
|
];
|
||||||
root-desc = "mostly krebs";
|
root-desc = "mostly krebs";
|
||||||
|
root-title = "repositories at ${config.krebs.build.host.name}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
repos = repos;
|
repos = repos;
|
||||||
@ -30,46 +41,33 @@ let {
|
|||||||
|
|
||||||
public-repos = mapAttrs make-public-repo ({
|
public-repos = mapAttrs make-public-repo ({
|
||||||
} // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) {
|
} // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) {
|
||||||
cac-api = {
|
|
||||||
cgit.desc = "CloudAtCost API command line interface";
|
|
||||||
};
|
|
||||||
dic = {
|
dic = {
|
||||||
cgit.desc = "dict.leo.org command line interface";
|
cgit.desc = "dict.leo.org command line interface";
|
||||||
};
|
};
|
||||||
disko = {
|
disko = {
|
||||||
cgit.desc = "declarative partitioning and formatting tool";
|
cgit.desc = "declarative partitioning and formatting tool";
|
||||||
};
|
};
|
||||||
get = {};
|
fswm = {
|
||||||
hstool = {
|
cgit.desc = "simple full screen window manager";
|
||||||
cgit.desc = "Haskell Development Environment ^_^";
|
|
||||||
};
|
};
|
||||||
htgen = {
|
htgen = {
|
||||||
cgit.desc = "toy HTTP server";
|
cgit.desc = "toy HTTP server";
|
||||||
};
|
};
|
||||||
kirk = {
|
|
||||||
cgit.desc = "IRC tools";
|
|
||||||
};
|
|
||||||
krops = {
|
krops = {
|
||||||
cgit.desc = "deployment tools";
|
cgit.desc = "deployment tools";
|
||||||
};
|
};
|
||||||
load-env = {};
|
|
||||||
loldns = {
|
|
||||||
cgit.desc = "toy DNS server";
|
|
||||||
};
|
|
||||||
make-snapshot = {};
|
|
||||||
much = {};
|
much = {};
|
||||||
netcup = {
|
netcup = {
|
||||||
cgit.desc = "netcup command line interface";
|
cgit.desc = "netcup command line interface";
|
||||||
};
|
};
|
||||||
nix-writers = {};
|
nix-writers = {
|
||||||
|
cgit.desc = "collection of package builders";
|
||||||
|
};
|
||||||
populate = {
|
populate = {
|
||||||
cgit.desc = "source code installer";
|
cgit.desc = "source code installer";
|
||||||
};
|
};
|
||||||
q = {};
|
q = {};
|
||||||
regfish = {};
|
regfish = {};
|
||||||
soundcloud = {
|
|
||||||
cgit.desc = "SoundCloud command line interface";
|
|
||||||
};
|
|
||||||
stockholm = {
|
stockholm = {
|
||||||
cgit.desc = "NixOS configuration";
|
cgit.desc = "NixOS configuration";
|
||||||
};
|
};
|
||||||
@ -86,15 +84,32 @@ let {
|
|||||||
xintmap = {};
|
xintmap = {};
|
||||||
xmonad-stockholm = {};
|
xmonad-stockholm = {};
|
||||||
} // mapAttrs (_: recursiveUpdate { cgit.section = "4. museum"; }) {
|
} // mapAttrs (_: recursiveUpdate { cgit.section = "4. museum"; }) {
|
||||||
|
cac-api = {
|
||||||
|
cgit.desc = "CloudAtCost API command line interface";
|
||||||
|
};
|
||||||
cgserver = {};
|
cgserver = {};
|
||||||
crude-mail-setup = {};
|
crude-mail-setup = {};
|
||||||
dot-xmonad = {};
|
dot-xmonad = {};
|
||||||
hirc = {};
|
hirc = {};
|
||||||
|
hstool = {
|
||||||
|
cgit.desc = "Haskell Development Environment ^_^";
|
||||||
|
};
|
||||||
|
kirk = {
|
||||||
|
cgit.desc = "IRC tools";
|
||||||
|
};
|
||||||
make-snapshot = {};
|
make-snapshot = {};
|
||||||
nixos-infest = {};
|
nixos-infest = {};
|
||||||
painload = {};
|
painload = {};
|
||||||
push = {};
|
push = {};
|
||||||
with-tmpdir = {};
|
with-tmpdir = {};
|
||||||
|
get = {};
|
||||||
|
load-env = {};
|
||||||
|
loldns = {
|
||||||
|
cgit.desc = "toy DNS server";
|
||||||
|
};
|
||||||
|
soundcloud = {
|
||||||
|
cgit.desc = "SoundCloud command line interface";
|
||||||
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
restricted-repos = mapAttrs make-restricted-repo (
|
restricted-repos = mapAttrs make-restricted-repo (
|
||||||
|
@ -1,6 +1,10 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{ config, pkgs, ... }: let
|
||||||
|
json = url: {
|
||||||
|
inherit url;
|
||||||
|
filter = "system:${pkgs.jq}/bin/jq .";
|
||||||
|
};
|
||||||
|
in {
|
||||||
krebs.urlwatch = {
|
krebs.urlwatch = {
|
||||||
enable = true;
|
enable = true;
|
||||||
mailto = config.krebs.users.tv.mail;
|
mailto = config.krebs.users.tv.mail;
|
||||||
@ -13,18 +17,9 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
http://www.exim.org/
|
http://www.exim.org/
|
||||||
|
|
||||||
# ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
|
|
||||||
{
|
|
||||||
url = https://api.github.com/repos/simple-evcorr/sec/tags;
|
|
||||||
filter = "system:${pkgs.jq}/bin/jq .";
|
|
||||||
}
|
|
||||||
|
|
||||||
# ref src/nixpkgs/pkgs/tools/networking/urlwatch/default.nix
|
# ref src/nixpkgs/pkgs/tools/networking/urlwatch/default.nix
|
||||||
https://thp.io/2008/urlwatch/
|
https://thp.io/2008/urlwatch/
|
||||||
|
|
||||||
# 2014-12-20 ref src/nixpkgs/pkgs/tools/networking/tlsdate/default.nix
|
|
||||||
https://api.github.com/repos/ioerror/tlsdate/tags
|
|
||||||
|
|
||||||
# 2015-02-18
|
# 2015-02-18
|
||||||
# ref ~/src/nixpkgs/pkgs/tools/text/qprint/default.nix
|
# ref ~/src/nixpkgs/pkgs/tools/text/qprint/default.nix
|
||||||
http://www.fourmilab.ch/webtools/qprint/
|
http://www.fourmilab.ch/webtools/qprint/
|
||||||
@ -50,7 +45,13 @@ with import <stockholm/lib>;
|
|||||||
#http://hackage.haskell.org/package/web-page
|
#http://hackage.haskell.org/package/web-page
|
||||||
|
|
||||||
# ref <stockholm/krebs/3modules>, services.openssh.knownHosts.github*
|
# ref <stockholm/krebs/3modules>, services.openssh.knownHosts.github*
|
||||||
https://api.github.com/meta
|
(json https://api.github.com/meta)
|
||||||
|
|
||||||
|
# 2014-12-20 ref src/nixpkgs/pkgs/tools/networking/tlsdate/default.nix
|
||||||
|
(json https://api.github.com/repos/ioerror/tlsdate/tags)
|
||||||
|
|
||||||
|
# ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
|
||||||
|
(json https://api.github.com/repos/simple-evcorr/sec/tags)
|
||||||
|
|
||||||
# <stockholm/tv/2configs/xserver/xserver.conf.nix>
|
# <stockholm/tv/2configs/xserver/xserver.conf.nix>
|
||||||
# is derived from `configFile` in:
|
# is derived from `configFile` in:
|
||||||
|
45
tv/2configs/xp-332.nix
Normal file
45
tv/2configs/xp-332.nix
Normal file
@ -0,0 +1,45 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: {
|
||||||
|
|
||||||
|
environment.etc."utsushi.conf".text = ''
|
||||||
|
[devices]
|
||||||
|
dev1.udi = esci:networkscan://EPSON79678C.fritz.box:1865
|
||||||
|
dev1.model = XP-332
|
||||||
|
dev1.vendor = EPSON
|
||||||
|
'';
|
||||||
|
|
||||||
|
hardware.sane = {
|
||||||
|
enable = true;
|
||||||
|
extraBackends = [
|
||||||
|
pkgs.utsushi
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
krebs.nixpkgs.allowUnfreePredicate = pkg:
|
||||||
|
elem (parseDrvName pkg.name).name [ "imagescan-plugin-networkscan" ];
|
||||||
|
|
||||||
|
nixpkgs.overlays = singleton (self: super: {
|
||||||
|
utsushi = super.utsushi.override {
|
||||||
|
guiSupport = false;
|
||||||
|
jpegSupport = false;
|
||||||
|
networkSupport = true;
|
||||||
|
ocrSupport = false;
|
||||||
|
saneSupport = true;
|
||||||
|
tiffSupport = true;
|
||||||
|
|
||||||
|
logCategory = "ALL";
|
||||||
|
logLevel = "BRIEF";
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
|
services = {
|
||||||
|
printing = {
|
||||||
|
drivers = [
|
||||||
|
pkgs.epson-escpr
|
||||||
|
];
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
saned.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -41,6 +41,9 @@ in {
|
|||||||
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
||||||
desktopManager.session = mkForce [];
|
desktopManager.session = mkForce [];
|
||||||
|
|
||||||
|
displayManager.lightdm.enable = mkForce false;
|
||||||
|
displayManager.job.execCmd = mkForce "derp";
|
||||||
|
|
||||||
enable = true;
|
enable = true;
|
||||||
display = 11;
|
display = 11;
|
||||||
tty = 11;
|
tty = 11;
|
||||||
@ -55,7 +58,7 @@ in {
|
|||||||
systemd.services.display-manager.enable = false;
|
systemd.services.display-manager.enable = false;
|
||||||
|
|
||||||
systemd.services.xmonad = {
|
systemd.services.xmonad = {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "graphical.target" ];
|
||||||
requires = [ "xserver.service" ];
|
requires = [ "xserver.service" ];
|
||||||
environment = {
|
environment = {
|
||||||
DISPLAY = ":${toString config.services.xserver.display}";
|
DISPLAY = ":${toString config.services.xserver.display}";
|
||||||
@ -101,21 +104,20 @@ in {
|
|||||||
|
|
||||||
systemd.services.xserver = {
|
systemd.services.xserver = {
|
||||||
after = [
|
after = [
|
||||||
"systemd-udev-settle.service"
|
|
||||||
"local-fs.target"
|
|
||||||
"acpid.service"
|
"acpid.service"
|
||||||
|
"local-fs.target"
|
||||||
|
"systemd-udev-settle.service"
|
||||||
];
|
];
|
||||||
reloadIfChanged = true;
|
wants = [
|
||||||
|
"systemd-udev-settle.service"
|
||||||
|
];
|
||||||
|
restartIfChanged = false;
|
||||||
environment = {
|
environment = {
|
||||||
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
LD_LIBRARY_PATH = concatStringsSep ":" ([ "/run/opengl-driver/lib" ]
|
||||||
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
|
||||||
LD_LIBRARY_PATH = concatStringsSep ":" (
|
|
||||||
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
|
|
||||||
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
|
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
|
||||||
};
|
};
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
SyslogIdentifier = "xserver";
|
SyslogIdentifier = "xserver";
|
||||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
|
||||||
ExecStart = toString [
|
ExecStart = toString [
|
||||||
"${pkgs.xorg.xorgserver}/bin/X"
|
"${pkgs.xorg.xorgserver}/bin/X"
|
||||||
":${toString config.services.xserver.display}"
|
":${toString config.services.xserver.display}"
|
||||||
@ -123,17 +125,16 @@ in {
|
|||||||
"-config ${import ./xserver.conf.nix args}"
|
"-config ${import ./xserver.conf.nix args}"
|
||||||
"-logfile /dev/null -logverbose 0 -verbose 3"
|
"-logfile /dev/null -logverbose 0 -verbose 3"
|
||||||
"-nolisten tcp"
|
"-nolisten tcp"
|
||||||
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
"-xkbdir ${config.services.xserver.xkbDir}"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.urxvtd = {
|
systemd.services.urxvtd = {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "graphical.target" ];
|
||||||
reloadIfChanged = true;
|
restartIfChanged = false;
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
SyslogIdentifier = "urxvtd";
|
SyslogIdentifier = "urxvtd";
|
||||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
|
||||||
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
RestartSec = "2s";
|
RestartSec = "2s";
|
||||||
|
@ -64,7 +64,7 @@ in {
|
|||||||
ExecStartPre =
|
ExecStartPre =
|
||||||
"${pkgs.coreutils}/bin/ln -s /etc/charybdis-ircd.motd /tmp/ircd.motd";
|
"${pkgs.coreutils}/bin/ln -s /etc/charybdis-ircd.motd /tmp/ircd.motd";
|
||||||
ExecStart = toString [
|
ExecStart = toString [
|
||||||
"${pkgs.charybdis}/bin/charybdis-ircd"
|
"${pkgs.charybdis}/bin/charybdis"
|
||||||
"-configfile ${import ./config.nix args}"
|
"-configfile ${import ./config.nix args}"
|
||||||
"-foreground"
|
"-foreground"
|
||||||
"-logfile /dev/stderr"
|
"-logfile /dev/stderr"
|
||||||
|
1
tv/5pkgs/compat/default.nix
Normal file
1
tv/5pkgs/compat/default.nix
Normal file
@ -0,0 +1 @@
|
|||||||
|
self: super: {}
|
@ -33,4 +33,16 @@ foldl' mergeAttrs {}
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
gnupg = self.gnupg22;
|
gnupg = self.gnupg22;
|
||||||
|
|
||||||
|
pass = {
|
||||||
|
"18.03" =
|
||||||
|
self.callPackage ./compat/18.03/pass {
|
||||||
|
pass-otp = self.callPackage ./compat/18.03/pass-otp {};
|
||||||
|
};
|
||||||
|
"18.09" =
|
||||||
|
super.pass.withExtensions (ext: [
|
||||||
|
ext.pass-otp
|
||||||
|
]);
|
||||||
|
}.${versions.majorMinor nixpkgsVersion};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
207
tv/5pkgs/simple/utsushi.nix
Normal file
207
tv/5pkgs/simple/utsushi.nix
Normal file
@ -0,0 +1,207 @@
|
|||||||
|
{ boost, fetchurl, file, imagemagick, libudev, libusb, pkgconfig, stdenv
|
||||||
|
, coreutils, dash, patchelf, writeScriptBin # for add-rpath
|
||||||
|
|
||||||
|
, guiSupport ? false, gtkmm2 ? null
|
||||||
|
, jpegSupport ? true
|
||||||
|
, networkSupport ? false, dpkg ? null
|
||||||
|
, ocrSupport ? false, tesseract ? null
|
||||||
|
, saneSupport ? true, saneBackends ? null
|
||||||
|
, tiffSupport ? true, libtiff ? null
|
||||||
|
|
||||||
|
# Logging defaults copied from Utsushi source (lib/log.cpp)
|
||||||
|
, logCategory ? "NOTHING"
|
||||||
|
, logLevel ? "FATAL"
|
||||||
|
}:
|
||||||
|
|
||||||
|
# Logging possibilities copied from Utsushi source (utsushi/log.hpp)
|
||||||
|
assert builtins.elem logCategory [
|
||||||
|
"NOTHING"
|
||||||
|
"SANE_BACKEND"
|
||||||
|
"ALL"
|
||||||
|
];
|
||||||
|
assert builtins.elem logLevel [
|
||||||
|
"FATAL" # famous last words
|
||||||
|
"ALERT" # outside intervention required
|
||||||
|
"ERROR" # something went wrong
|
||||||
|
"BRIEF" # short informational notes
|
||||||
|
"TRACE" # more chattery feedback
|
||||||
|
"DEBUG" # the gory details
|
||||||
|
"QUARK" # stack tracing feedback
|
||||||
|
];
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
# usage: add-rpath LIBPATH [SOFILE...]
|
||||||
|
# Adds LIBPATH to each SOFILE's RPATH
|
||||||
|
add-rpath = writeScriptBin "add-rpath" ''
|
||||||
|
#! ${dash}/bin/dash
|
||||||
|
set -efu
|
||||||
|
path=$1; shift
|
||||||
|
for file; do
|
||||||
|
file=$(${coreutils}/bin/readlink -f "$file")
|
||||||
|
old_rpath=$(${patchelf}/bin/patchelf --print-rpath "$file")
|
||||||
|
new_rpath=''${old_rpath+$old_rpath:}$path
|
||||||
|
${patchelf}/bin/patchelf --set-rpath "$new_rpath" "$file"
|
||||||
|
done
|
||||||
|
'';
|
||||||
|
|
||||||
|
imagescan-plugin-networkscan = stdenv.mkDerivation rec {
|
||||||
|
name = "imagescan-plugin-networkscan-${meta.version}";
|
||||||
|
|
||||||
|
src =
|
||||||
|
if stdenv.system == "i686-linux" then
|
||||||
|
fetchurl {
|
||||||
|
url = "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x64/imagescan-bundle-debian-9-1.3.21.x86.deb.tar.gz";
|
||||||
|
sha256 = "16xv1pdfm2ryis815fawb7zqg6c4swww726g272ssx044r5dp80r";
|
||||||
|
}
|
||||||
|
else if stdenv.system == "x86_64-linux" then
|
||||||
|
fetchurl {
|
||||||
|
url = "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x64/imagescan-bundle-debian-9-1.3.21.x64.deb.tar.gz";
|
||||||
|
sha256 = "0zik35h2jwrvkwcmq55wc72imidwdnmn1bayhypzhjcz61rasjg2";
|
||||||
|
}
|
||||||
|
else throw "${name} is not supported on ${stdenv.system} (only i686-linux and x86_64 linux are supported)";
|
||||||
|
|
||||||
|
dontBuild = true;
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
# Wildcard * stand for either i386 or amd64
|
||||||
|
${dpkg}/bin/dpkg -x \
|
||||||
|
plugins/imagescan-plugin-networkscan_${meta.version}-1epson4debian9_*.deb \
|
||||||
|
tmp
|
||||||
|
|
||||||
|
mv tmp/usr $out
|
||||||
|
'';
|
||||||
|
|
||||||
|
preFixup = ''
|
||||||
|
patchelf --set-interpreter \
|
||||||
|
${stdenv.glibc}/lib/ld-linux${stdenv.lib.optionalString stdenv.is64bit "-x86-64"}.so.2 \
|
||||||
|
$out/lib/utsushi/networkscan
|
||||||
|
|
||||||
|
# libstdc++.so.6
|
||||||
|
patchelf --set-rpath ${stdenv.cc.cc.lib}/lib \
|
||||||
|
$out/lib/utsushi/networkscan
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Epson Image Scan v3 networkscan plugin";
|
||||||
|
longDescription = ''
|
||||||
|
This package provides the unfree networkscan plugin from the Epson
|
||||||
|
Image Scan v3 scanner driver bundle, which can be used by Utsushi.
|
||||||
|
'';
|
||||||
|
homepage = "http://support.epson.net/linux/en/imagescanv3.php?version=${meta.version}";
|
||||||
|
license = stdenv.lib.licenses.eapl;
|
||||||
|
maintainers = [ stdenv.lib.maintainers.tv ];
|
||||||
|
platforms = stdenv.lib.platforms.linux;
|
||||||
|
version = "1.1.0";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
in
|
||||||
|
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
name = "utsushi-${meta.version}";
|
||||||
|
|
||||||
|
src = fetchurl {
|
||||||
|
url = "http://support.epson.net/linux/src/scanner/imagescanv3/debian/imagescan_${meta.version}.orig.tar.gz";
|
||||||
|
sha256 = "12mzq3wc8gzdma84pjs5gb0gp8mga13wax5g7vjfrzq8pjyqrnmw";
|
||||||
|
};
|
||||||
|
|
||||||
|
preConfigure = ''
|
||||||
|
substituteInPlace configure \
|
||||||
|
--replace /usr/bin/file ${file}/bin/file
|
||||||
|
|
||||||
|
substituteInPlace lib/log.cpp \
|
||||||
|
--replace FATAL ${logLevel} \
|
||||||
|
--replace NOTHING ${logCategory}
|
||||||
|
'';
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
# Allow configuration to be done via /etc/utsushi.conf
|
||||||
|
ln -s /etc/utsushi.conf $out/etc/utsushi/utsushi.conf
|
||||||
|
|
||||||
|
${stdenv.lib.optionalString saneSupport ''
|
||||||
|
# Make this package compatible with hardware.sane.extraBackends
|
||||||
|
mkdir $out/etc/sane.d
|
||||||
|
echo utsushi > $out/etc/sane.d/dll.conf
|
||||||
|
mkdir $out/lib/sane
|
||||||
|
ln -s $out/lib/utsushi/sane/libsane-utsushi.* $out/lib/sane
|
||||||
|
''}
|
||||||
|
|
||||||
|
${stdenv.lib.optionalString networkSupport ''
|
||||||
|
ln -s ${imagescan-plugin-networkscan}/lib/utsushi/networkscan \
|
||||||
|
$out/libexec/utsushi/
|
||||||
|
''}
|
||||||
|
'';
|
||||||
|
|
||||||
|
# Fixup libraries which otherwise would end up broken like this:
|
||||||
|
#
|
||||||
|
# $ ldd .../blah.so | grep libboost_system
|
||||||
|
# libboost_system.so.X.Y.Z => not found
|
||||||
|
# libboost_system.so.X.Y.Z => /nix/store/.../libboost_system.so.X.Y.Z (...)
|
||||||
|
#
|
||||||
|
preFixup = ''
|
||||||
|
add-rpath ${boost}/lib $out/lib/utsushi/libdrv-esci.so
|
||||||
|
${stdenv.lib.optionalString saneSupport ''
|
||||||
|
add-rpath ${boost}/lib $out/lib/utsushi/sane/libsane-utsushi.so
|
||||||
|
''}
|
||||||
|
'';
|
||||||
|
|
||||||
|
nativeBuildInputs = [
|
||||||
|
add-rpath
|
||||||
|
pkgconfig
|
||||||
|
];
|
||||||
|
|
||||||
|
buildInputs = [
|
||||||
|
boost
|
||||||
|
imagemagick
|
||||||
|
libudev
|
||||||
|
libusb
|
||||||
|
]
|
||||||
|
++ stdenv.lib.optional guiSupport gtkmm2
|
||||||
|
++ stdenv.lib.optional ocrSupport tesseract
|
||||||
|
++ stdenv.lib.optional saneSupport saneBackends
|
||||||
|
++ stdenv.lib.optional tiffSupport libtiff
|
||||||
|
;
|
||||||
|
|
||||||
|
NIX_CFLAGS_COMPILE = [
|
||||||
|
"-Wno-error=deprecated-declarations"
|
||||||
|
"-Wno-error=unused-variable"
|
||||||
|
];
|
||||||
|
|
||||||
|
configureFlags = [
|
||||||
|
"--with-boost=${boost}"
|
||||||
|
"--with-magick"
|
||||||
|
"--with-magick-pp"
|
||||||
|
]
|
||||||
|
++ stdenv.lib.optionals guiSupport [
|
||||||
|
"--with-gtkmm"
|
||||||
|
]
|
||||||
|
++ stdenv.lib.optionals jpegSupport [
|
||||||
|
"--with-jpeg"
|
||||||
|
]
|
||||||
|
++ stdenv.lib.optionals saneSupport [
|
||||||
|
"--with-sane"
|
||||||
|
]
|
||||||
|
++ stdenv.lib.optionals tiffSupport [
|
||||||
|
"--with-tiff"
|
||||||
|
]
|
||||||
|
;
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Utsushi - Next Generation Image Acquisition";
|
||||||
|
longDescription = ''
|
||||||
|
This software provides applications to easily turn hard-copy
|
||||||
|
documents and imagery into formats that are more amenable to
|
||||||
|
computer processing.
|
||||||
|
|
||||||
|
Included are a native driver for a number of EPSON scanners
|
||||||
|
and a compatibility driver to interface with software built
|
||||||
|
around the SANE standard.
|
||||||
|
'';
|
||||||
|
homepage = http://download.ebz.epson.net/dsc/search/01/search/?OSC=LX;
|
||||||
|
license = stdenv.lib.licenses.gpl3;
|
||||||
|
maintainers = [ stdenv.lib.maintainers.tv ];
|
||||||
|
platforms = stdenv.lib.platforms.linux;
|
||||||
|
version = "3.48.0";
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user