Merge remote-tracking branch 'lass/18.09' into 18.09
This commit is contained in:
commit
91023a11eb
3
.gitmodules
vendored
3
.gitmodules
vendored
@ -1,3 +1,6 @@
|
||||
[submodule "submodules/nix-writers"]
|
||||
path = submodules/nix-writers
|
||||
url = http://cgit.krebsco.de/nix-writers
|
||||
[submodule "submodules/krops"]
|
||||
path = submodules/krops
|
||||
url = https://cgit.krebsco.de/krops
|
||||
|
@ -1,173 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
# bln config file
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
<stockholm/jeschli>
|
||||
<stockholm/jeschli/2configs/virtualbox.nix>
|
||||
<stockholm/jeschli/2configs/urxvt.nix>
|
||||
<stockholm/jeschli/2configs/emacs.nix>
|
||||
<stockholm/jeschli/2configs/xdg.nix>
|
||||
<stockholm/jeschli/2configs/xserver>
|
||||
# <stockholm/jeschli/1systems/bln/dcso-vpn.nix>
|
||||
<stockholm/jeschli/2configs/officevpn.nix>
|
||||
];
|
||||
|
||||
# boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.efi.efiSysMountPoint = "/boot";
|
||||
boot.loader.grub = {
|
||||
devices = [ "nodev" ];
|
||||
efiSupport = true;
|
||||
enable = true;
|
||||
extraEntries = ''
|
||||
menuentry "Debian" {
|
||||
insmod ext2
|
||||
insmod chain
|
||||
chainloader /EFI/debian/grubx64.efi
|
||||
}
|
||||
'';
|
||||
version = 2;
|
||||
};
|
||||
|
||||
jeschliFontSize = 20;
|
||||
|
||||
environment.shellAliases = {
|
||||
n = "nix-shell";
|
||||
gd = "cd /home/markus/go/src/gitlab.dcso.lolcat";
|
||||
gh = "cd /home/markus/go/src/github.com";
|
||||
stocki = pkgs.writeDash "deploy" ''
|
||||
cd ~/stockholm
|
||||
LOGNAME=jeschli exec nix-shell -I stockholm="$PWD" --run 'deploy --system="bln"'
|
||||
'';
|
||||
};
|
||||
networking.hostName = lib.mkForce "BLN02NB0232";
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
# Setup Packages
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
environment.variables = { GOROOT= [ "${pkgs.go.out}/share/go" ]; };
|
||||
environment.systemPackages = with pkgs; [
|
||||
termite
|
||||
# system helper
|
||||
ag
|
||||
copyq
|
||||
dmenu
|
||||
git
|
||||
tig
|
||||
i3lock
|
||||
keepass
|
||||
networkmanagerapplet
|
||||
rsync
|
||||
terminator
|
||||
tmux
|
||||
wget
|
||||
rxvt_unicode
|
||||
# editors
|
||||
emacs
|
||||
# databases
|
||||
sqlite
|
||||
# internet
|
||||
thunderbird
|
||||
chromium
|
||||
google-chrome
|
||||
# programming languages
|
||||
elmPackages.elm
|
||||
go
|
||||
gcc
|
||||
ghc
|
||||
python35
|
||||
python35Packages.pip
|
||||
# go tools
|
||||
golint
|
||||
gotools
|
||||
# dev tools
|
||||
gnumake
|
||||
jetbrains.pycharm-professional
|
||||
jetbrains.webstorm
|
||||
jetbrains.goland
|
||||
jetbrains.datagrip
|
||||
texlive.combined.scheme-full
|
||||
pandoc
|
||||
redis
|
||||
vagrant
|
||||
# document viewer
|
||||
zathura
|
||||
|
||||
samba
|
||||
];
|
||||
|
||||
|
||||
programs.bash.enableCompletion = true;
|
||||
programs.vim.defaultEditor = true;
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
services.printing.enable = true;
|
||||
services.printing.drivers = [ pkgs.postscript-lexmark ];
|
||||
|
||||
services.redis.enable = true;
|
||||
|
||||
services.xserver = {
|
||||
|
||||
desktopManager.session = lib.mkForce [];
|
||||
|
||||
enable = true;
|
||||
display = 11;
|
||||
tty = 11;
|
||||
|
||||
dpi = 200;
|
||||
|
||||
videoDrivers = [ "nvidia" ];
|
||||
synaptics = {
|
||||
enable = false;
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
users.extraUsers.jeschli = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["docker" "vboxusers" "audio"];
|
||||
uid = 1000;
|
||||
};
|
||||
|
||||
system.stateVersion = "17.09";
|
||||
# Gogland Debugger workaround
|
||||
# nixpkgs.config.packageOverrides = super: {
|
||||
# idea.gogland = lib.overrideDerivation super.idea.gogland (attrs: {
|
||||
# postFixup = ''
|
||||
# interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
|
||||
# patchelf --set-interpreter $interp $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
||||
# chmod +x $out/gogland*/plugins/intellij-go-plugin/lib/dlv/linux/dlv
|
||||
# '';
|
||||
# });
|
||||
# };
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
# DCSO Certificates
|
||||
security.pki.certificateFiles = [
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC1G1.pem"; sha256 = "006j61q2z44z6d92638iin6r46r4cj82ipwm37784h34i5x4mp0d"; })
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC2G1.pem"; sha256 = "1nkd1rjcn02q9xxjg7sw79lbwy08i7hb4v4pn98djknvcmplpz5m"; })
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAROOTC3G1.pem"; sha256 = "094m12npglnnv1nf1ijcv70p8l15l00id44qq7rwynhcgxi5539i"; })
|
||||
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC2G1.pem"; sha256 = "1anfncdf5xsp219kryncv21ra87flpzcjwcc85hzvlwbxhid3g4x"; })
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCACOMPC3G1.pem"; sha256 = "035kkfizyl5dndj7rhvmy91rr75lakqbqgjx4dpiw0kqq369mz8r"; })
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "14fpzx1qjs9ws9sz0y7pb6j40336xlckkqcm2rc5j86yn7r22lp7"; })
|
||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "1yjl3kyw4chc8vw7bnqac2h9vn8dxryw7lr7i03lqi9sdvs4108s"; })
|
||||
];
|
||||
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
krebs.build.host = config.krebs.hosts.bln;
|
||||
|
||||
networking.interfaces.enp0s31f6.ipv4.addresses = [
|
||||
{ address = "10.99.23.2"; prefixLength = 24; }
|
||||
];
|
||||
|
||||
}
|
@ -1,44 +0,0 @@
|
||||
with import <stockholm/lib>;
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
|
||||
users.extraUsers = {
|
||||
dcsovpn = rec {
|
||||
name = "dcsovpn";
|
||||
uid = genid "dcsovpn";
|
||||
description = "user for running dcso openvpn";
|
||||
home = "/home/${name}";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraGroups.dcsovpn.gid = genid "dcsovpn";
|
||||
|
||||
services.openvpn.servers = {
|
||||
dcso = {
|
||||
config = ''
|
||||
client
|
||||
dev tun
|
||||
tun-mtu 1356
|
||||
mssfix
|
||||
proto udp
|
||||
float
|
||||
remote 217.111.55.41 1194
|
||||
nobind
|
||||
user dcsovpn
|
||||
group dcsovpn
|
||||
persist-key
|
||||
persist-tun
|
||||
ca ${toString <secrets/dcsovpn/ca.pem>}
|
||||
cert ${toString <secrets/dcsovpn/cert.pem>}
|
||||
key ${toString <secrets/dcsovpn/cert.key>}
|
||||
verb 3
|
||||
mute 20
|
||||
auth-user-pass ${toString <secrets/dcsovpn/login.txt>}
|
||||
route-method exe
|
||||
route-delay 2
|
||||
'';
|
||||
updateResolvConf = true;
|
||||
};
|
||||
};
|
||||
}
|
@ -1,35 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/25534522-5748-4dcc-a5ca-80a3ac70f59d";
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/496c8889-96db-446d-9bac-60d4347faeac";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/disk/by-uuid/2785adf5-a99e-49d7-86d6-99f393f457ea";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/927E-01A0";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 8;
|
||||
powerManagement.cpuFreqGovernor = "powersave";
|
||||
|
||||
hardware.pulseaudio.enable = true;
|
||||
}
|
@ -37,6 +37,11 @@
|
||||
cd ~/stockholm
|
||||
exec nix-shell -I stockholm="$PWD" --run 'deploy --system="brauerei"'
|
||||
'';
|
||||
deploy = pkgs.writeDash "deploy" ''
|
||||
set -eu
|
||||
export SYSTEM="$1"
|
||||
$(nix-build $HOME/stockholm/jeschli/krops.nix --no-out-link --argstr name "$SYSTEM" -A deploy)
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
@ -114,6 +119,8 @@
|
||||
# Don't install feh into systemPackages
|
||||
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
||||
desktopManager.session = lib.mkForce [];
|
||||
displayManager.lightdm.enable = lib.mkForce false;
|
||||
displayManager.job.execCmd = lib.mkForce "derp";
|
||||
|
||||
enable = true;
|
||||
display = 11;
|
||||
@ -138,6 +145,15 @@
|
||||
isNormalUser = true;
|
||||
uid = 1001; # TODO genid
|
||||
};
|
||||
users.users.dev = {
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.lass.pubkey
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos"
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||
];
|
||||
};
|
||||
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos"
|
||||
|
@ -67,7 +67,6 @@ let
|
||||
emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [
|
||||
epkgs.melpaPackages.evil
|
||||
epkgs.melpaStablePackages.magit
|
||||
epkgs.melpaPackages.mmm-mode
|
||||
epkgs.melpaPackages.nix-mode
|
||||
epkgs.melpaPackages.go-mode
|
||||
epkgs.melpaPackages.google-this
|
||||
|
@ -222,7 +222,7 @@ myKeys conf = Map.fromList $
|
||||
pagerConfig :: PagerConfig
|
||||
pagerConfig = def
|
||||
{ pc_font = myFont
|
||||
, pc_cellwidth = 256
|
||||
, pc_cellwidth = 100
|
||||
--, pc_cellheight = 36 -- TODO automatically keep screen aspect
|
||||
--, pc_borderwidth = 1
|
||||
--, pc_matchcolor = "#f0b000"
|
||||
|
@ -22,6 +22,12 @@
|
||||
"http://cgit.ni.r/disko"
|
||||
"http://cgit.prism.r/disko"
|
||||
];
|
||||
krops.urls = [
|
||||
"http://cgit.hotdog.r/krops"
|
||||
"http://cgit.ni.r/krops"
|
||||
"http://cgit.prism.r/krops"
|
||||
"https://git.ingolf-wagner.de/krebs/krops.git"
|
||||
];
|
||||
nix_writers.urls = [
|
||||
"http://cgit.hotdog.r/nix-writers"
|
||||
"http://cgit.ni.r/nix-writers"
|
||||
|
@ -5,7 +5,7 @@
|
||||
6667 6669
|
||||
];
|
||||
|
||||
services.charybdis = {
|
||||
krebs.charybdis = {
|
||||
enable = true;
|
||||
motd = ''
|
||||
hello
|
||||
|
110
krebs/3modules/charybdis.nix
Normal file
110
krebs/3modules/charybdis.nix
Normal file
@ -0,0 +1,110 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkEnableOption mkIf mkOption singleton types;
|
||||
inherit (pkgs) coreutils charybdis;
|
||||
cfg = config.krebs.charybdis;
|
||||
|
||||
configFile = pkgs.writeText "charybdis.conf" ''
|
||||
${cfg.config}
|
||||
'';
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
krebs.charybdis = {
|
||||
|
||||
enable = mkEnableOption "Charybdis IRC daemon";
|
||||
|
||||
config = mkOption {
|
||||
type = types.string;
|
||||
description = ''
|
||||
Charybdis IRC daemon configuration file.
|
||||
'';
|
||||
};
|
||||
|
||||
statedir = mkOption {
|
||||
type = types.string;
|
||||
default = "/var/lib/charybdis";
|
||||
description = ''
|
||||
Location of the state directory of charybdis.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.string;
|
||||
default = "ircd";
|
||||
description = ''
|
||||
Charybdis IRC daemon user.
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.string;
|
||||
default = "ircd";
|
||||
description = ''
|
||||
Charybdis IRC daemon group.
|
||||
'';
|
||||
};
|
||||
|
||||
motd = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
description = ''
|
||||
Charybdis MOTD text.
|
||||
|
||||
Charybdis will read its MOTD from /etc/charybdis/ircd.motd .
|
||||
If set, the value of this option will be written to this path.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable (lib.mkMerge [
|
||||
{
|
||||
users.users = singleton {
|
||||
name = cfg.user;
|
||||
description = "Charybdis IRC daemon user";
|
||||
uid = config.ids.uids.ircd;
|
||||
group = cfg.group;
|
||||
};
|
||||
|
||||
users.groups = singleton {
|
||||
name = cfg.group;
|
||||
gid = config.ids.gids.ircd;
|
||||
};
|
||||
|
||||
systemd.services.charybdis = {
|
||||
description = "Charybdis IRC daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment = {
|
||||
BANDB_DBPATH = "${cfg.statedir}/ban.db";
|
||||
};
|
||||
serviceConfig = {
|
||||
ExecStart = "${charybdis}/bin/charybdis -foreground -logfile /dev/stdout -configfile ${configFile}";
|
||||
Group = cfg.group;
|
||||
User = cfg.user;
|
||||
PermissionsStartOnly = true; # preStart needs to run with root permissions
|
||||
};
|
||||
preStart = ''
|
||||
${coreutils}/bin/mkdir -p ${cfg.statedir}
|
||||
${coreutils}/bin/chown ${cfg.user}:${cfg.group} ${cfg.statedir}
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
(mkIf (cfg.motd != null) {
|
||||
environment.etc."charybdis/ircd.motd".text = cfg.motd;
|
||||
})
|
||||
]);
|
||||
}
|
@ -14,6 +14,7 @@ let
|
||||
./buildbot/master.nix
|
||||
./buildbot/slave.nix
|
||||
./build.nix
|
||||
./charybdis.nix
|
||||
./ci.nix
|
||||
./current.nix
|
||||
./exim.nix
|
||||
@ -111,7 +112,6 @@ let
|
||||
{ krebs = import ./krebs { inherit config; }; }
|
||||
{ krebs = import ./lass { inherit config; }; }
|
||||
{ krebs = import ./makefu { inherit config; }; }
|
||||
{ krebs = import ./nin { inherit config; }; }
|
||||
{ krebs = import ./tv { inherit config; }; }
|
||||
{
|
||||
krebs.dns.providers = {
|
||||
|
@ -121,6 +121,10 @@ let
|
||||
cgit-settings = types.submodule {
|
||||
# A setting's value of `null` means cgit's default should be used.
|
||||
options = {
|
||||
about-filter = mkOption {
|
||||
type = types.nullOr types.package;
|
||||
default = null;
|
||||
};
|
||||
cache-root = mkOption {
|
||||
type = types.absolute-pathname;
|
||||
default = "/tmp/cgit";
|
||||
@ -166,6 +170,10 @@ let
|
||||
types.nullOr (types.enum ["week" "month" "quarter" "year"]);
|
||||
default = "year";
|
||||
};
|
||||
readme = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
};
|
||||
robots = mkOption {
|
||||
type = types.nullOr (types.listOf types.str);
|
||||
default = ["nofollow" "noindex"];
|
||||
@ -394,8 +402,14 @@ let
|
||||
kv-to-cgitrc = k: v: getAttr (typeOf v) {
|
||||
bool = kv-to-cgitrc k (if v then 1 else 0);
|
||||
null = []; # This will be removed by `flatten`.
|
||||
list = "${k}=${concatStringsSep ", " v}";
|
||||
list = {
|
||||
readme = map (x: "readme=${x}") v;
|
||||
}.${k} or "${k}=${concatStringsSep ", " v}";
|
||||
int = "${k}=${toString v}";
|
||||
set =
|
||||
if subtypes.cgit-settings.check v
|
||||
then "${k}=${v}"
|
||||
else error "kv-to-cgitrc: unhandled type: set";
|
||||
string = "${k}=${v}";
|
||||
};
|
||||
in
|
||||
|
@ -7,43 +7,6 @@ with import <stockholm/lib>;
|
||||
owner = config.krebs.users.jeschli;
|
||||
ci = true;
|
||||
}) {
|
||||
bln = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.27.28";
|
||||
ip6.addr = "42::28";
|
||||
aliases = [
|
||||
"bln.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIECgKCBAEAwoN2f6iyQ1Wnk4rZVqhovny8VpwWvC9buE+NoedRaxmWmA5QIP02
|
||||
BLwTWFKnbiKOQiYN+a4m/JKs0fFOjYCa2EKhqWWKwdEIN4wJTq8zrjzIaa2rdz+8
|
||||
tamE+8rSYDE+RbJ6Gs3SUDfwcxJT6FXCi3JYoirdhAssLSwTf9d5IsfXvkKMabky
|
||||
FpY9Im51utmIR8UmYL4Ti7dEaOxif+5Hgl1LuitC8e2IIZJhXJprK9tJk9J0LRWt
|
||||
PUM31IG1+A2hNBzs5hferLmmwFvYF1sJ22NtFepxVyOLaLcLEFKWHyU+14qEMSgL
|
||||
acsu0lgVZ4A1TY6vVBmawfVCzUzRfalNIty1x+qDA4MB1RQ4W7ivWCjd/+wirSyc
|
||||
BLxCvriXRdUwPIRoHy0kNMmS83HGm2iv2IrHUrcH8lyJvMys216J2lCF2arRVnBn
|
||||
lArObfR3mXgd/YoANmZ4cinLAjLCjCjXfOe39+pvTFph6WnDt4gOO+tQlnCk19Fa
|
||||
NoiK1THcuZiFVE+4CAXVmstNqYKSMgw+Upw7/t6iUzur98iwKpcicomhJjGVVtbg
|
||||
2iDf4lYVrUyb7iPns2T4EzAuHk7iESktEASU5creSbWYRu/4uyhuNlUoiCpVOEKg
|
||||
H9jkrLlCpQGv/GmgdH9oj35Dsv5TINauCT2jjWV65wcKAlvyafy5UtLyF4HBRHaM
|
||||
2xyxC9gxr8bmeOFyOnHVJQvpkeLxyaRp/VppjCTzr82TQvpZd5a+tISIbDGfqX1o
|
||||
cEyPsowb3KHNtW9DqRBp+80fPGnQHsNjVXbJb37wjpnR/ePg/XyENbZF/OQEsjqt
|
||||
bki8hZQXKJAFyx1bq/2A1q4ocx7JlJKynL4szG1unHbSPKNH2OOVvoezuP7e+lXU
|
||||
gnzrSbe9lPIOp4Vu1HjWOi6tNWZFoZrSHVIK+VGxm+wm/HoS+Enj4Yq+vRvU3luv
|
||||
UllR5KHHK2970RbFEUE0zaVMZjQn5KgJjFXfqfrCztp0wZ5CQo+tRFPq35llaIQ2
|
||||
0WyT2IZlxt1Xr2IpOM0DpO4SJnivZT/wdZN7upzsUPf4a9suztpA3KcKAKqH0OM5
|
||||
fv2/LXspc73vACAOZ9qDJnwp8bFrMOaQdAL1oPpOLB3yYTDA3E20IAQ6OKoSy1Nl
|
||||
B4coqo1gBCcMrWwVFYAuc5J4itXJ0SSj67+WUnuDzPm88LI3g+AO0r1m6k6YdA58
|
||||
SeNxYPMLYNLRg86rsjKjXu+QyvBsd04O/QvIxpTFCtdjbUXNS1H4++/inYZSwWPp
|
||||
U0lN9erLJbwr4WqU/Mn6J+jKijXwmCSiF5if5baszMsOL/0u9yFt6OcaLyehE3sJ
|
||||
eAo00n9phSna0lxtbtRnh/Gd4D7rFcX33wIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
brauerei = {
|
||||
nets = {
|
||||
retiolum = {
|
||||
|
@ -1,111 +0,0 @@
|
||||
{ config, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
{
|
||||
hosts = mapAttrs (_: recursiveUpdate {
|
||||
owner = config.krebs.users.nin;
|
||||
ci = true;
|
||||
}) {
|
||||
hiawatha = {
|
||||
cores = 2;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.132.96";
|
||||
ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342";
|
||||
aliases = [
|
||||
"hiawatha.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o
|
||||
Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB
|
||||
iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E
|
||||
UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr
|
||||
lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ
|
||||
yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx";
|
||||
};
|
||||
axon= {
|
||||
cores = 2;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.134.66";
|
||||
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379";
|
||||
aliases = [
|
||||
"axon.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo
|
||||
glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj
|
||||
KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH
|
||||
L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j
|
||||
VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY
|
||||
PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN
|
||||
X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh
|
||||
m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp
|
||||
OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT
|
||||
LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H
|
||||
/F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK
|
||||
MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w
|
||||
7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm
|
||||
ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3
|
||||
1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF
|
||||
29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt
|
||||
4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj
|
||||
FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl
|
||||
buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p
|
||||
hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG
|
||||
yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi
|
||||
ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc";
|
||||
};
|
||||
onondaga = {
|
||||
cores = 1;
|
||||
nets = {
|
||||
retiolum = {
|
||||
ip4.addr = "10.243.132.55";
|
||||
ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357";
|
||||
aliases = [
|
||||
"onondaga.r"
|
||||
"cgit.onondaga.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR
|
||||
OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu
|
||||
htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH
|
||||
xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO
|
||||
kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn
|
||||
hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO";
|
||||
};
|
||||
|
||||
};
|
||||
users = {
|
||||
nin = {
|
||||
mail = "nin@axon.r";
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon";
|
||||
};
|
||||
nin_h = {
|
||||
mail = "nin@hiawatha.r";
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha";
|
||||
};
|
||||
};
|
||||
}
|
@ -1,11 +1,24 @@
|
||||
{ mkDerivation, base, fetchgit, stdenv }:
|
||||
mkDerivation rec {
|
||||
pname = "blessings";
|
||||
with import <stockholm/lib>;
|
||||
{ mkDerivation, base, fetchgit, stdenv }: let
|
||||
|
||||
cfg = {
|
||||
"18.03" = {
|
||||
version = "1.1.0";
|
||||
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
|
||||
};
|
||||
"18.09" = {
|
||||
version = "1.2.0";
|
||||
sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300";
|
||||
};
|
||||
}.${versions.majorMinor nixpkgsVersion};
|
||||
|
||||
in mkDerivation {
|
||||
pname = "blessings";
|
||||
version = cfg.version;
|
||||
src = fetchgit {
|
||||
url = http://cgit.ni.krebsco.de/blessings;
|
||||
rev = "refs/tags/v${version}";
|
||||
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
|
||||
rev = "refs/tags/v${cfg.version}";
|
||||
sha256 = cfg.sha256;
|
||||
};
|
||||
libraryHaskellDepends = [ base ];
|
||||
doHaddock = false;
|
||||
|
@ -1,15 +1,30 @@
|
||||
with import <stockholm/lib>;
|
||||
{ mkDerivation, attoparsec, base, base64-bytestring, bytestring
|
||||
, case-insensitive, containers, exceptions, fetchgit, QuickCheck
|
||||
, stdenv, tasty, tasty-quickcheck, text, text-icu, time
|
||||
}:
|
||||
mkDerivation {
|
||||
pname = "email-header";
|
||||
}: let
|
||||
|
||||
cfg = {
|
||||
"18.03" = {
|
||||
version = "0.3.0";
|
||||
src = fetchgit {
|
||||
url = "https://github.com/4z3/email-header";
|
||||
rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8";
|
||||
sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59";
|
||||
};
|
||||
"18.09" = {
|
||||
version = "0.4.1-tv1";
|
||||
rev = "refs/tags/v${cfg.version}";
|
||||
sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x";
|
||||
};
|
||||
}.${versions.majorMinor nixpkgsVersion};
|
||||
|
||||
in mkDerivation {
|
||||
pname = "email-header";
|
||||
version = cfg.version;
|
||||
src = fetchgit {
|
||||
url = "https://github.com/4z3/email-header";
|
||||
rev = cfg.rev;
|
||||
sha256 = cfg.sha256;
|
||||
};
|
||||
buildDepends = [
|
||||
attoparsec base base64-bytestring bytestring case-insensitive
|
||||
containers exceptions text text-icu time
|
||||
|
@ -1,17 +0,0 @@
|
||||
# Same as upstream but with doCheck = false because doctest has wrong version.
|
||||
{ mkDerivation, base, bytestring, containers, directory
|
||||
, filepath, unordered-containers, zlib, stdenv
|
||||
}:
|
||||
mkDerivation {
|
||||
pname = "hyphenation";
|
||||
version = "0.6";
|
||||
sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7";
|
||||
libraryHaskellDepends = [
|
||||
base bytestring containers unordered-containers zlib
|
||||
];
|
||||
homepage = "http://github.com/ekmett/hyphenation";
|
||||
description = "Configurable Knuth-Liang hyphenation";
|
||||
license = stdenv.lib.licenses.bsd3;
|
||||
hydraPlatforms = stdenv.lib.platforms.none;
|
||||
doCheck = false;
|
||||
}
|
@ -17,7 +17,7 @@ python2Packages.buildPythonApplication rec {
|
||||
propagatedBuildInputs = [
|
||||
python2Packages.jinja2
|
||||
python2Packages.twisted
|
||||
python2Packages.dateutil_1_5
|
||||
python2Packages.dateutil
|
||||
python2Packages.sqlalchemy_migrate
|
||||
python2Packages.pysqlite
|
||||
pkgs.coreutils
|
||||
|
@ -3,7 +3,6 @@
|
||||
with python3Packages; buildPythonPackage rec {
|
||||
name = "repo-sync-${version}";
|
||||
version = "0.2.7";
|
||||
disabled = isPy26 || isPy27;
|
||||
propagatedBuildInputs = [
|
||||
docopt
|
||||
GitPython
|
||||
|
@ -1,9 +1,6 @@
|
||||
{ name }: rec {
|
||||
|
||||
krops = builtins.fetchGit {
|
||||
url = https://cgit.krebsco.de/krops/;
|
||||
rev = "c46166d407c7d246112f13346621a3fbdb25889e";
|
||||
};
|
||||
krops = ../submodules/krops;
|
||||
|
||||
lib = import "${krops}/lib";
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
{
|
||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||
"rev": "d16a7abceb72aac85e0deb8c45fbcb7127baf628",
|
||||
"date": "2018-09-20T18:31:51-05:00",
|
||||
"sha256": "0byf6rlwwy70v2sdfmv7mnwd0kvxmlq0pi8ijghg0mcfhcqibgh7",
|
||||
"rev": "6a3f5bcb061e1822f50e299f5616a0731636e4e7",
|
||||
"date": "2018-10-05T18:33:19-04:00",
|
||||
"sha256": "1ib96has10v5nr6bzf7v8kw7yzww8zanxgw2qi1ll1sbv6kj6zpd",
|
||||
"fetchSubmodules": true
|
||||
}
|
||||
|
@ -77,6 +77,7 @@ with import <stockholm/lib>;
|
||||
environment.systemPackages = [
|
||||
pkgs.ovh-zone
|
||||
pkgs.bank
|
||||
pkgs.adb-sync
|
||||
];
|
||||
}
|
||||
{
|
||||
@ -143,7 +144,6 @@ with import <stockholm/lib>;
|
||||
OnCalendar = "00:37";
|
||||
};
|
||||
|
||||
nix.package = pkgs.nixUnstable;
|
||||
programs.adb.enable = true;
|
||||
users.users.mainUser.extraGroups = [ "adbusers" "docker" ];
|
||||
virtualisation.docker.enable = true;
|
||||
|
@ -57,13 +57,6 @@ with import <stockholm/lib>;
|
||||
config.krebs.users.makefu.pubkey
|
||||
];
|
||||
};
|
||||
users.users.nin = {
|
||||
uid = genid "nin";
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.nin.pubkey
|
||||
];
|
||||
};
|
||||
users.extraUsers.dritter = {
|
||||
uid = genid "dritter";
|
||||
isNormalUser = true;
|
||||
@ -119,7 +112,6 @@ with import <stockholm/lib>;
|
||||
services.openssh.enable = true;
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.lass.pubkey
|
||||
config.krebs.users.nin.pubkey
|
||||
];
|
||||
};
|
||||
autoStart = true;
|
||||
@ -291,16 +283,6 @@ with import <stockholm/lib>;
|
||||
];
|
||||
}
|
||||
{
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."radio.lassul.us" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".extraConfig = ''
|
||||
proxy_pass http://localhost:8000;
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
lass.nichtparasoup.enable = true;
|
||||
|
@ -71,7 +71,6 @@ in {
|
||||
lm_sensors
|
||||
ncdu
|
||||
nix-index
|
||||
nix-repl
|
||||
nmap
|
||||
pavucontrol
|
||||
powertop
|
||||
|
@ -89,6 +89,7 @@ with import <stockholm/lib>;
|
||||
{ from = "cis@lassul.us"; to = lass.mail; }
|
||||
{ from = "afra@lassul.us"; to = lass.mail; }
|
||||
{ from = "ksp@lassul.us"; to = lass.mail; }
|
||||
{ from = "ccc@lassul.us"; to = lass.mail; }
|
||||
];
|
||||
system-aliases = [
|
||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||
|
@ -57,7 +57,6 @@ let
|
||||
|
||||
in {
|
||||
environment.systemPackages = with pkgs; [
|
||||
(dwarf-fortress.override { theme = dwarf-fortress-packages.phoebus-theme; })
|
||||
doom1
|
||||
doom2
|
||||
vdoom1
|
||||
|
@ -62,6 +62,10 @@ let
|
||||
cgit.desc = "high level writers for nix";
|
||||
cgit.section = "software";
|
||||
};
|
||||
nixos-generators = {
|
||||
cgit.desc = "custom image builders";
|
||||
cgit.section = "software";
|
||||
};
|
||||
nixpkgs = {
|
||||
cgit.desc = "nixpkgs fork";
|
||||
cgit.section = "configuration";
|
||||
|
@ -36,8 +36,9 @@ in {
|
||||
home = "/home/${name}";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.lass.pubkey
|
||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||
lass.pubkey
|
||||
lass-mors.pubkey
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -63,24 +63,6 @@ with import <stockholm/lib>;
|
||||
-e "@kind $1"
|
||||
'';
|
||||
})
|
||||
(buildSimpleReaktorPlugin "random-unicorn-porn" {
|
||||
pattern = "^!rup$$";
|
||||
script = pkgs.writePython2 "rup" {} ''
|
||||
t1 = """
|
||||
_.
|
||||
;=',_ ()
|
||||
8===D~~ S" .--`||
|
||||
sS \__ ||
|
||||
__.' ( \-->||
|
||||
_=/ _./-\/ ||
|
||||
8===D~~ ((\( /-' -'l ||
|
||||
) |/ \\ (_))
|
||||
\\ \\
|
||||
'~ '~
|
||||
"""
|
||||
print(t1)
|
||||
'';
|
||||
})
|
||||
(buildSimpleReaktorPlugin "ping" {
|
||||
pattern = "^!ping (?P<args>.*)$$";
|
||||
script = pkgs.writeDash "ping" ''
|
||||
|
@ -2,20 +2,13 @@
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
unstable_nixpkgs = import (pkgs.fetchFromGitHub {
|
||||
owner = "NixOS";
|
||||
repo = "nixpkgs";
|
||||
rev = "a8c71037e041725d40fbf2f3047347b6833b1703";
|
||||
sha256 = "1z4cchcw7qgjhy0x6mnz7iqvpswc2nfjpdynxc54zpm66khfrjqw";
|
||||
}) {};
|
||||
out = {
|
||||
environment.systemPackages = [
|
||||
(hiPrio vim)
|
||||
pkgs.python35Packages.flake8
|
||||
(pkgs.writeDashBin "govet" ''
|
||||
go vet "$@"
|
||||
'')
|
||||
(hiPrio (unstable_nixpkgs.python3.withPackages (ps: [
|
||||
(hiPrio (pkgs.python3.withPackages (ps: [
|
||||
ps.python-language-server
|
||||
ps.pyls-isort
|
||||
])))
|
||||
@ -135,7 +128,7 @@ let
|
||||
pkgs.vimPlugins.undotree
|
||||
pkgs.vimPlugins.vim-go
|
||||
pkgs.vimPlugins.fzf-vim
|
||||
unstable_nixpkgs.vimPlugins.LanguageClient-neovim
|
||||
pkgs.vimPlugins.LanguageClient-neovim
|
||||
(pkgs.vimUtils.buildVimPlugin {
|
||||
name = "file-line-1.0";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
|
@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS)
|
||||
import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace)
|
||||
import XMonad.Actions.DynamicWorkspaces (withWorkspace)
|
||||
import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch)
|
||||
import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized)
|
||||
import XMonad.Hooks.EwmhDesktops (ewmh)
|
||||
import XMonad.Hooks.FloatNext (floatNext)
|
||||
import XMonad.Hooks.FloatNext (floatNextHook)
|
||||
@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart)
|
||||
import XMonad.Hooks.UrgencyHook (focusUrgent)
|
||||
import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
||||
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
||||
import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin))
|
||||
import XMonad.Layout.Minimize (minimize)
|
||||
import XMonad.Layout.NoBorders (smartBorders)
|
||||
import XMonad.Layout.SimplestFloat (simplestFloat)
|
||||
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
||||
@ -135,7 +136,7 @@ myKeyMap =
|
||||
, ("M4-C-v", withWorkspace autoXPConfig (windows . copy))
|
||||
|
||||
, ("M4-m", withFocused minimizeWindow)
|
||||
, ("M4-S-m", sendMessage RestoreNextMinimizedWin)
|
||||
, ("M4-S-m", withLastMinimized maximizeWindow)
|
||||
|
||||
, ("M4-q", windowPromptGoto infixAutoXPConfig)
|
||||
, ("M4-C-q", windowPromptBringCopy infixAutoXPConfig)
|
||||
|
@ -1,8 +1,5 @@
|
||||
{ config ? config, name, target ? name }: let
|
||||
krops = builtins.fetchGit {
|
||||
url = https://cgit.krebsco.de/krops/;
|
||||
rev = "4e466eaf05861b47365c5ef46a31a188b70f3615";
|
||||
};
|
||||
krops = ../submodules/krops;
|
||||
nixpkgs-src = lib.importJSON ./nixpkgs.json;
|
||||
|
||||
lib = import "${krops}/lib";
|
||||
|
@ -1 +0,0 @@
|
||||
{}
|
@ -1,132 +0,0 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
imports = [
|
||||
<stockholm/nin>
|
||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
#../2configs/copyq.nix
|
||||
<stockholm/nin/2configs/ableton.nix>
|
||||
<stockholm/nin/2configs/games.nix>
|
||||
<stockholm/nin/2configs/git.nix>
|
||||
<stockholm/nin/2configs/retiolum.nix>
|
||||
<stockholm/nin/2configs/termite.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.axon;
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/pool/root";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/tmp" =
|
||||
{ device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/sda1";
|
||||
fsType = "ext2";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices.crypted.device = "/dev/sda2";
|
||||
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
# Define on which hard drive you want to install Grub.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
# services.printing.enable = true;
|
||||
|
||||
# nin config
|
||||
time.timeZone = "Europe/Berlin";
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
|
||||
displayManager.lightdm.enable = true;
|
||||
};
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
#networking.wireless.enable = true;
|
||||
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
systemWide = true;
|
||||
};
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
|
||||
#nixpkgs.config.steam.java = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
atom
|
||||
chromium
|
||||
firefox
|
||||
git
|
||||
htop
|
||||
keepassx
|
||||
lmms
|
||||
networkmanagerapplet
|
||||
openvpn
|
||||
python
|
||||
ruby
|
||||
steam
|
||||
taskwarrior
|
||||
thunderbird
|
||||
vim
|
||||
virtmanager
|
||||
];
|
||||
|
||||
nixpkgs.config = {
|
||||
|
||||
allowUnfree = true;
|
||||
|
||||
};
|
||||
|
||||
#services.logind.extraConfig = "HandleLidSwitch=ignore";
|
||||
|
||||
services.xserver.synaptics = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.xserver.displayManager.sessionCommands = ''
|
||||
${pkgs.xorg.xhost}/bin/xhost + local:
|
||||
'';
|
||||
|
||||
services.xserver.desktopManager.xfce = let
|
||||
xbindConfig = pkgs.writeText "xbindkeysrc" ''
|
||||
"${pkgs.pass}/bin/passmenu --type"
|
||||
Control + p
|
||||
'';
|
||||
in {
|
||||
enable = true;
|
||||
extraSessionCommands = ''
|
||||
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
|
||||
'';
|
||||
};
|
||||
|
||||
# The NixOS release to be compatible with for stateful data such as databases.
|
||||
system.stateVersion = "17.03";
|
||||
|
||||
}
|
@ -1,126 +0,0 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
imports = [
|
||||
<stockholm/nin>
|
||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
#../2configs/copyq.nix
|
||||
<stockholm/nin/2configs/games.nix>
|
||||
<stockholm/nin/2configs/git.nix>
|
||||
<stockholm/nin/2configs/retiolum.nix>
|
||||
<stockholm/nin/2configs/termite.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.hiawatha;
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/tmp" =
|
||||
{ device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/fam/home";
|
||||
};
|
||||
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010";
|
||||
fsType = "ext2";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
|
||||
boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
# Define on which hard drive you want to install Grub.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
# services.printing.enable = true;
|
||||
|
||||
fileSystems."/home/nin/.local/share/Steam" = {
|
||||
device = "/dev/fam/steam";
|
||||
};
|
||||
|
||||
# nin config
|
||||
time.timeZone = "Europe/Berlin";
|
||||
services.xserver.enable = true;
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
#networking.wireless.enable = true;
|
||||
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
systemWide = true;
|
||||
};
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
|
||||
#nixpkgs.config.steam.java = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
firefox
|
||||
git
|
||||
lmms
|
||||
networkmanagerapplet
|
||||
python
|
||||
steam
|
||||
thunderbird
|
||||
vim
|
||||
virtmanager
|
||||
];
|
||||
|
||||
nixpkgs.config = {
|
||||
|
||||
allowUnfree = true;
|
||||
|
||||
};
|
||||
|
||||
#services.logind.extraConfig = "HandleLidSwitch=ignore";
|
||||
|
||||
services.xserver.synaptics = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
|
||||
services.xserver.desktopManager.xfce = let
|
||||
xbindConfig = pkgs.writeText "xbindkeysrc" ''
|
||||
"${pkgs.pass}/bin/passmenu --type"
|
||||
Control + p
|
||||
'';
|
||||
in {
|
||||
enable = true;
|
||||
extraSessionCommands = ''
|
||||
${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig}
|
||||
'';
|
||||
};
|
||||
|
||||
# The NixOS release to be compatible with for stateful data such as databases.
|
||||
system.stateVersion = "17.03";
|
||||
|
||||
}
|
@ -1,23 +0,0 @@
|
||||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
<stockholm/nin>
|
||||
<stockholm/nin/2configs/retiolum.nix>
|
||||
<stockholm/nin/2configs/weechat.nix>
|
||||
<stockholm/nin/2configs/git.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.onondaga;
|
||||
|
||||
boot.isContainer = true;
|
||||
networking.useDHCP = false;
|
||||
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
services.openssh.enable = true;
|
||||
}
|
@ -1,20 +0,0 @@
|
||||
{ config, pkgs, ... }: let
|
||||
mainUser = config.users.extraUsers.nin;
|
||||
in {
|
||||
users.users= {
|
||||
ableton = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"video"
|
||||
];
|
||||
packages = [
|
||||
pkgs.wine
|
||||
pkgs.winetricks
|
||||
];
|
||||
};
|
||||
};
|
||||
security.sudo.extraConfig = ''
|
||||
${mainUser.name} ALL=(ableton) NOPASSWD: ALL
|
||||
'';
|
||||
}
|
@ -1,38 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
copyqConfig = pkgs.writeDash "copyq-config" ''
|
||||
${pkgs.copyq}/bin/copyq config check_clipboard true
|
||||
${pkgs.copyq}/bin/copyq config check_selection true
|
||||
${pkgs.copyq}/bin/copyq config copy_clipboard true
|
||||
${pkgs.copyq}/bin/copyq config copy_selection true
|
||||
|
||||
${pkgs.copyq}/bin/copyq config activate_closes true
|
||||
${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0
|
||||
${pkgs.copyq}/bin/copyq config clipboard_tab clipboard
|
||||
${pkgs.copyq}/bin/copyq config disable_tray true
|
||||
${pkgs.copyq}/bin/copyq config hide_tabs true
|
||||
${pkgs.copyq}/bin/copyq config hide_toolbar true
|
||||
${pkgs.copyq}/bin/copyq config item_popup_interval true
|
||||
${pkgs.copyq}/bin/copyq config maxitems 1000
|
||||
${pkgs.copyq}/bin/copyq config move true
|
||||
${pkgs.copyq}/bin/copyq config text_wrap true
|
||||
'';
|
||||
in {
|
||||
systemd.user.services.copyq = {
|
||||
after = [ "graphical.target" ];
|
||||
wants = [ "graphical.target" ];
|
||||
wantedBy = [ "default.target" ];
|
||||
environment = {
|
||||
DISPLAY = ":0";
|
||||
};
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "copyq";
|
||||
ExecStart = "${pkgs.copyq}/bin/copyq";
|
||||
ExecStartPost = copyqConfig;
|
||||
Restart = "always";
|
||||
RestartSec = "2s";
|
||||
StartLimitBurst = 0;
|
||||
};
|
||||
};
|
||||
}
|
@ -1,173 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
imports = [
|
||||
../2configs/vim.nix
|
||||
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
||||
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||
{
|
||||
users.extraUsers =
|
||||
mapAttrs (_: h: { hashedPassword = h; })
|
||||
(import <secrets/hashedPasswords.nix>);
|
||||
}
|
||||
{
|
||||
users.users = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.nin.pubkey
|
||||
config.krebs.users.nin_h.pubkey
|
||||
];
|
||||
};
|
||||
nin = {
|
||||
name = "nin";
|
||||
uid = 1337;
|
||||
home = "/home/nin";
|
||||
group = "users";
|
||||
createHome = true;
|
||||
useDefaultShell = true;
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"fuse"
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.nin.pubkey
|
||||
config.krebs.users.nin_h.pubkey
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
environment.variables = {
|
||||
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
|
||||
};
|
||||
}
|
||||
(let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
|
||||
environment.variables = {
|
||||
CURL_CA_BUNDLE = ca-bundle;
|
||||
GIT_SSL_CAINFO = ca-bundle;
|
||||
SSL_CERT_FILE = ca-bundle;
|
||||
};
|
||||
})
|
||||
];
|
||||
|
||||
networking.hostName = config.krebs.build.host.name;
|
||||
nix.maxJobs = config.krebs.build.host.cores;
|
||||
|
||||
krebs = {
|
||||
enable = true;
|
||||
search-domain = "r";
|
||||
build = {
|
||||
user = config.krebs.users.nin;
|
||||
};
|
||||
};
|
||||
|
||||
nix.useSandbox = true;
|
||||
|
||||
users.mutableUsers = false;
|
||||
|
||||
services.timesyncd.enable = true;
|
||||
|
||||
#why is this on in the first place?
|
||||
services.nscd.enable = false;
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
# see tmpfiles.d(5)
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /tmp 1777 root root - -"
|
||||
];
|
||||
|
||||
# multiple-definition-problem when defining environment.variables.EDITOR
|
||||
environment.extraInit = ''
|
||||
EDITOR=vim
|
||||
'';
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.shellAliases = {
|
||||
gs = "git status";
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
#stockholm
|
||||
git
|
||||
gnumake
|
||||
jq
|
||||
proot
|
||||
pavucontrol
|
||||
populate
|
||||
p7zip
|
||||
termite
|
||||
unzip
|
||||
unrar
|
||||
hashPassword
|
||||
];
|
||||
|
||||
programs.bash = {
|
||||
enableCompletion = true;
|
||||
interactiveShellInit = ''
|
||||
HISTCONTROL='erasedups:ignorespace'
|
||||
HISTSIZE=65536
|
||||
HISTFILESIZE=$HISTSIZE
|
||||
|
||||
shopt -s checkhash
|
||||
shopt -s histappend histreedit histverify
|
||||
shopt -s no_empty_cmd_completion
|
||||
complete -d cd
|
||||
'';
|
||||
promptInit = ''
|
||||
if test $UID = 0; then
|
||||
PS1='\[\033[1;31m\]$PWD\[\033[0m\] '
|
||||
elif test $UID = 1337; then
|
||||
PS1='\[\033[1;32m\]$PWD\[\033[0m\] '
|
||||
else
|
||||
PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] '
|
||||
fi
|
||||
if test -n "$SSH_CLIENT"; then
|
||||
PS1='\[\033[35m\]\h'" $PS1"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
hostKeys = [
|
||||
# XXX bits here make no science
|
||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||
];
|
||||
};
|
||||
|
||||
services.journald.extraConfig = ''
|
||||
SystemMaxUse=1G
|
||||
RuntimeMaxUse=128M
|
||||
'';
|
||||
|
||||
krebs.iptables = {
|
||||
enable = true;
|
||||
tables = {
|
||||
nat.PREROUTING.rules = [
|
||||
{ predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
|
||||
{ predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
|
||||
];
|
||||
nat.OUTPUT.rules = [
|
||||
{ predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
|
||||
];
|
||||
filter.INPUT.policy = "DROP";
|
||||
filter.FORWARD.policy = "DROP";
|
||||
filter.INPUT.rules = [
|
||||
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
||||
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
||||
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
|
||||
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
||||
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
||||
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
||||
{ predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
|
||||
{ predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
networking.dhcpcd.extraConfig = ''
|
||||
noipv4ll
|
||||
'';
|
||||
}
|
@ -1,70 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
mainUser = config.users.extraUsers.mainUser;
|
||||
vdoom = pkgs.writeDash "vdoom" ''
|
||||
${pkgs.zandronum}/bin/zandronum \
|
||||
-fov 120 \
|
||||
"$@"
|
||||
'';
|
||||
doom = pkgs.writeDash "doom" ''
|
||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||
${vdoom} \
|
||||
-file $DOOM_DIR/lib/brutalv20.pk3 \
|
||||
"$@"
|
||||
'';
|
||||
doom1 = pkgs.writeDashBin "doom1" ''
|
||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||
${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
|
||||
'';
|
||||
doom2 = pkgs.writeDashBin "doom2" ''
|
||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||
${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
|
||||
'';
|
||||
vdoom1 = pkgs.writeDashBin "vdoom1" ''
|
||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||
${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@"
|
||||
'';
|
||||
vdoom2 = pkgs.writeDashBin "vdoom2" ''
|
||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||
${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@"
|
||||
'';
|
||||
|
||||
doomservercfg = pkgs.writeText "doomserver.cfg" ''
|
||||
skill 7
|
||||
#survival true
|
||||
#sv_maxlives 4
|
||||
#sv_norespawn true
|
||||
#sv_weapondrop true
|
||||
no_jump true
|
||||
#sv_noweaponspawn true
|
||||
sv_sharekeys true
|
||||
sv_survivalcountdowntime 1
|
||||
sv_noteamselect true
|
||||
sv_updatemaster false
|
||||
#sv_coop_loseinventory true
|
||||
#cl_startasspectator false
|
||||
#lms_spectatorview false
|
||||
'';
|
||||
|
||||
vdoomserver = pkgs.writeDashBin "vdoomserver" ''
|
||||
DOOM_DIR=''${DOOM_DIR:-~/doom/}
|
||||
|
||||
${pkgs.zandronum}/bin/zandronum-server \
|
||||
+exec ${doomservercfg} \
|
||||
"$@"
|
||||
'';
|
||||
|
||||
in {
|
||||
environment.systemPackages = with pkgs; [
|
||||
dwarf_fortress
|
||||
doom1
|
||||
doom2
|
||||
vdoom1
|
||||
vdoom2
|
||||
vdoomserver
|
||||
];
|
||||
|
||||
hardware.pulseaudio.support32Bit = true;
|
||||
|
||||
}
|
@ -1,60 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
|
||||
let
|
||||
|
||||
out = {
|
||||
services.nginx.enable = true;
|
||||
krebs.git = {
|
||||
enable = true;
|
||||
cgit = {
|
||||
settings = {
|
||||
root-title = "public repositories at ${config.krebs.build.host.name}";
|
||||
root-desc = "keep calm and engage";
|
||||
};
|
||||
};
|
||||
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
|
||||
rules = rules;
|
||||
};
|
||||
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; }
|
||||
];
|
||||
};
|
||||
|
||||
repos = public-repos;
|
||||
|
||||
rules = concatMap make-rules (attrValues repos);
|
||||
|
||||
public-repos = mapAttrs make-public-repo {
|
||||
stockholm = {
|
||||
cgit.desc = "take all the computers hostage, they'll love you!";
|
||||
};
|
||||
};
|
||||
|
||||
make-public-repo = name: { cgit ? {}, ... }: {
|
||||
inherit cgit name;
|
||||
public = true;
|
||||
};
|
||||
|
||||
make-rules =
|
||||
with git // config.krebs.users;
|
||||
repo:
|
||||
singleton {
|
||||
user = [ nin nin_h ];
|
||||
repo = [ repo ];
|
||||
perm = push "refs/*" [ non-fast-forward create delete merge ];
|
||||
} ++
|
||||
optional repo.public {
|
||||
user = attrValues config.krebs.users;
|
||||
repo = [ repo ];
|
||||
perm = fetch;
|
||||
} ++
|
||||
optional (length (repo.collaborators or []) > 0) {
|
||||
user = repo.collaborators;
|
||||
repo = [ repo ];
|
||||
perm = fetch;
|
||||
};
|
||||
|
||||
in out
|
@ -1,19 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
(pkgs.writeDashBin "im" ''
|
||||
export PATH=${makeSearchPath "bin" (with pkgs; [
|
||||
tmux
|
||||
gnugrep
|
||||
weechat
|
||||
])}
|
||||
ssh chat@onondaga
|
||||
if tmux list-sessions -F\#S | grep -q '^im''$'; then
|
||||
exec tmux attach -t im
|
||||
else
|
||||
exec tmux new -s im weechat
|
||||
fi
|
||||
'')
|
||||
];
|
||||
}
|
@ -1,28 +0,0 @@
|
||||
{ ... }:
|
||||
|
||||
{
|
||||
|
||||
krebs.iptables = {
|
||||
tables = {
|
||||
filter.INPUT.rules = [
|
||||
{ predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; }
|
||||
{ predicate = "-p tcp --dport tinc"; target = "ACCEPT"; }
|
||||
{ predicate = "-p udp --dport tinc"; target = "ACCEPT"; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
krebs.tinc.retiolum = {
|
||||
enable = true;
|
||||
connectTo = [
|
||||
"prism"
|
||||
"pigstarter"
|
||||
"gum"
|
||||
"flap"
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
tinc = pkgs.tinc_pre;
|
||||
};
|
||||
}
|
@ -1,27 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
mainUser = config.users.extraUsers.nin;
|
||||
inherit (import <stockholm/lib>) genid;
|
||||
|
||||
in {
|
||||
users.extraUsers = {
|
||||
skype = {
|
||||
name = "skype";
|
||||
uid = genid "skype";
|
||||
description = "user for running skype";
|
||||
home = "/home/skype";
|
||||
useDefaultShell = true;
|
||||
extraGroups = [ "audio" "video" ];
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
|
||||
krebs.per-user.skype.packages = [
|
||||
pkgs.skype
|
||||
];
|
||||
|
||||
security.sudo.extraConfig = ''
|
||||
${mainUser.name} ALL=(skype) NOPASSWD: ALL
|
||||
'';
|
||||
}
|
@ -1,22 +0,0 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
environment.systemPackages = [
|
||||
pkgs.termite
|
||||
];
|
||||
|
||||
krebs.per-user.nin.packages = let
|
||||
termitecfg = pkgs.writeTextFile {
|
||||
name = "termite-config";
|
||||
destination = "/etc/xdg/termite/config";
|
||||
text = ''
|
||||
[colors]
|
||||
foreground = #d0d7d0
|
||||
background = #000000
|
||||
'';
|
||||
};
|
||||
in [
|
||||
termitecfg
|
||||
];
|
||||
|
||||
}
|
@ -1,355 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
out = {
|
||||
environment.systemPackages = [
|
||||
vim
|
||||
pkgs.pythonPackages.flake8
|
||||
];
|
||||
|
||||
environment.etc.vimrc.source = vimrc;
|
||||
|
||||
environment.variables.EDITOR = mkForce "vim";
|
||||
environment.variables.VIMINIT = ":so /etc/vimrc";
|
||||
};
|
||||
|
||||
vimrc = pkgs.writeText "vimrc" ''
|
||||
set nocompatible
|
||||
|
||||
set autoindent
|
||||
set backspace=indent,eol,start
|
||||
set backup
|
||||
set backupdir=${dirs.backupdir}/
|
||||
set directory=${dirs.swapdir}//
|
||||
set hlsearch
|
||||
set incsearch
|
||||
set laststatus=2
|
||||
set mouse=a
|
||||
set noruler
|
||||
set pastetoggle=<INS>
|
||||
set runtimepath=${extra-runtimepath},$VIMRUNTIME
|
||||
set shortmess+=I
|
||||
set showcmd
|
||||
set showmatch
|
||||
set ttimeoutlen=0
|
||||
set undodir=${dirs.undodir}
|
||||
set undofile
|
||||
set undolevels=1000000
|
||||
set undoreload=1000000
|
||||
set viminfo='20,<1000,s100,h,n${files.viminfo}
|
||||
set visualbell
|
||||
set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o
|
||||
set wildmenu
|
||||
set wildmode=longest,full
|
||||
|
||||
set et ts=2 sts=2 sw=2
|
||||
|
||||
filetype plugin indent on
|
||||
|
||||
set t_Co=256
|
||||
colorscheme hack
|
||||
syntax on
|
||||
|
||||
au Syntax * syn match Garbage containedin=ALL /\s\+$/
|
||||
\ | syn match TabStop containedin=ALL /\t\+/
|
||||
\ | syn keyword Todo containedin=ALL TODO
|
||||
|
||||
au BufRead,BufNewFile *.hs so ${hs.vim}
|
||||
|
||||
au BufRead,BufNewFile *.nix so ${nix.vim}
|
||||
|
||||
au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile
|
||||
|
||||
"Syntastic config
|
||||
let g:syntastic_python_checkers=['flake8']
|
||||
|
||||
nmap <esc>q :buffer
|
||||
nmap <M-q> :buffer
|
||||
|
||||
cnoremap <C-A> <Home>
|
||||
|
||||
noremap <C-c> :q<cr>
|
||||
vnoremap < <gv
|
||||
vnoremap > >gv
|
||||
|
||||
nnoremap <esc>[5^ :tabp<cr>
|
||||
nnoremap <esc>[6^ :tabn<cr>
|
||||
nnoremap <esc>[5@ :tabm -1<cr>
|
||||
nnoremap <esc>[6@ :tabm +1<cr>
|
||||
|
||||
nnoremap <f1> :tabp<cr>
|
||||
nnoremap <f2> :tabn<cr>
|
||||
inoremap <f1> <esc>:tabp<cr>
|
||||
inoremap <f2> <esc>:tabn<cr>
|
||||
|
||||
" <C-{Up,Down,Right,Left>
|
||||
noremap <esc>Oa <nop> | noremap! <esc>Oa <nop>
|
||||
noremap <esc>Ob <nop> | noremap! <esc>Ob <nop>
|
||||
noremap <esc>Oc <nop> | noremap! <esc>Oc <nop>
|
||||
noremap <esc>Od <nop> | noremap! <esc>Od <nop>
|
||||
" <[C]S-{Up,Down,Right,Left>
|
||||
noremap <esc>[a <nop> | noremap! <esc>[a <nop>
|
||||
noremap <esc>[b <nop> | noremap! <esc>[b <nop>
|
||||
noremap <esc>[c <nop> | noremap! <esc>[c <nop>
|
||||
noremap <esc>[d <nop> | noremap! <esc>[d <nop>
|
||||
vnoremap u <nop>
|
||||
'';
|
||||
|
||||
extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [
|
||||
pkgs.vimPlugins.Syntastic
|
||||
pkgs.vimPlugins.undotree
|
||||
pkgs.vimPlugins.airline
|
||||
(pkgs.vimUtils.buildVimPlugin {
|
||||
name = "file-line-1.0";
|
||||
src = pkgs.fetchgit {
|
||||
url = git://github.com/bogado/file-line;
|
||||
rev = "refs/tags/1.0";
|
||||
sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0";
|
||||
};
|
||||
})
|
||||
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
|
||||
name = "hack";
|
||||
in {
|
||||
name = "vim-color-${name}-1.0.2";
|
||||
destination = "/colors/${name}.vim";
|
||||
text = /* vim */ ''
|
||||
set background=dark
|
||||
hi clear
|
||||
if exists("syntax_on")
|
||||
syntax clear
|
||||
endif
|
||||
|
||||
let colors_name = ${toJSON name}
|
||||
|
||||
hi Normal ctermbg=235
|
||||
hi Comment ctermfg=242
|
||||
hi Constant ctermfg=062
|
||||
hi Identifier ctermfg=068
|
||||
hi Function ctermfg=041
|
||||
hi Statement ctermfg=167
|
||||
hi PreProc ctermfg=167
|
||||
hi Type ctermfg=041
|
||||
hi Delimiter ctermfg=251
|
||||
hi Special ctermfg=062
|
||||
|
||||
hi Garbage ctermbg=088
|
||||
hi TabStop ctermbg=016
|
||||
hi Todo ctermfg=174 ctermbg=NONE
|
||||
|
||||
hi NixCode ctermfg=148
|
||||
hi NixData ctermfg=149
|
||||
hi NixQuote ctermfg=150
|
||||
|
||||
hi diffNewFile ctermfg=207
|
||||
hi diffFile ctermfg=207
|
||||
hi diffLine ctermfg=207
|
||||
hi diffSubname ctermfg=207
|
||||
hi diffAdded ctermfg=010
|
||||
hi diffRemoved ctermfg=009
|
||||
'';
|
||||
})))
|
||||
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
|
||||
name = "vim";
|
||||
in {
|
||||
name = "vim-syntax-${name}-1.0.0";
|
||||
destination = "/syntax/${name}.vim";
|
||||
text = /* vim */ ''
|
||||
${concatMapStringsSep "\n" (s: /* vim */ ''
|
||||
syn keyword vimColor${s} ${s}
|
||||
\ containedin=ALLBUT,vimComment,vimLineComment
|
||||
hi vimColor${s} ctermfg=${s}
|
||||
'') (map (i: lpad 3 "0" (toString i)) (range 0 255))}
|
||||
'';
|
||||
})))
|
||||
((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let
|
||||
name = "showsyntax";
|
||||
in {
|
||||
name = "vim-plugin-${name}-1.0.0";
|
||||
destination = "/plugin/${name}.vim";
|
||||
text = /* vim */ ''
|
||||
if exists('g:loaded_showsyntax')
|
||||
finish
|
||||
endif
|
||||
let g:loaded_showsyntax = 0
|
||||
|
||||
fu! ShowSyntax()
|
||||
let id = synID(line("."), col("."), 1)
|
||||
let name = synIDattr(id, "name")
|
||||
let transName = synIDattr(synIDtrans(id),"name")
|
||||
if name != transName
|
||||
let name .= " (" . transName . ")"
|
||||
endif
|
||||
echo "Syntax: " . name
|
||||
endfu
|
||||
|
||||
command! -n=0 -bar ShowSyntax :call ShowSyntax()
|
||||
'';
|
||||
})))
|
||||
];
|
||||
|
||||
dirs = {
|
||||
backupdir = "$HOME/.cache/vim/backup";
|
||||
swapdir = "$HOME/.cache/vim/swap";
|
||||
undodir = "$HOME/.cache/vim/undo";
|
||||
};
|
||||
files = {
|
||||
viminfo = "$HOME/.cache/vim/info";
|
||||
};
|
||||
|
||||
mkdirs = let
|
||||
dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s));
|
||||
in assert out != ""; out;
|
||||
alldirs = attrValues dirs ++ map dirOf (attrValues files);
|
||||
in unique (sort lessThan alldirs);
|
||||
|
||||
vim = pkgs.writeDashBin "vim" ''
|
||||
set -efu
|
||||
(umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs})
|
||||
exec ${pkgs.vim}/bin/vim "$@"
|
||||
'';
|
||||
|
||||
|
||||
hs.vim = pkgs.writeText "hs.vim" ''
|
||||
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
|
||||
|
||||
hi link ConId Identifier
|
||||
hi link VarId Identifier
|
||||
hi link hsDelimiter Delimiter
|
||||
'';
|
||||
|
||||
nix.vim = pkgs.writeText "nix.vim" ''
|
||||
setf nix
|
||||
|
||||
" Ref <nix/src/libexpr/lexer.l>
|
||||
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
|
||||
syn match NixINT /\<[0-9]\+\>/
|
||||
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
|
||||
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
|
||||
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
|
||||
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
|
||||
syn region NixSTRING
|
||||
\ matchgroup=NixSTRING
|
||||
\ start='"'
|
||||
\ skip='\\"'
|
||||
\ end='"'
|
||||
syn region NixIND_STRING
|
||||
\ matchgroup=NixIND_STRING
|
||||
\ start="'''"
|
||||
\ skip="'''\('\|[$]\|\\[nrt]\)"
|
||||
\ end="'''"
|
||||
|
||||
syn match NixOther /[():/;=.,?\[\]]/
|
||||
|
||||
syn match NixCommentMatch /\(^\|\s\)#.*/
|
||||
syn region NixCommentRegion start="/\*" end="\*/"
|
||||
|
||||
hi link NixCode Statement
|
||||
hi link NixData Constant
|
||||
hi link NixComment Comment
|
||||
|
||||
hi link NixCommentMatch NixComment
|
||||
hi link NixCommentRegion NixComment
|
||||
hi link NixID NixCode
|
||||
hi link NixINT NixData
|
||||
hi link NixPATH NixData
|
||||
hi link NixHPATH NixData
|
||||
hi link NixSPATH NixData
|
||||
hi link NixURI NixData
|
||||
hi link NixSTRING NixData
|
||||
hi link NixIND_STRING NixData
|
||||
|
||||
hi link NixEnter NixCode
|
||||
hi link NixOther NixCode
|
||||
hi link NixQuote NixData
|
||||
|
||||
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
|
||||
syn cluster nix_ind_strings contains=NixIND_STRING
|
||||
syn cluster nix_strings contains=NixSTRING
|
||||
|
||||
${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let
|
||||
startAlts = filter isString [
|
||||
''/\* ${lang} \*/''
|
||||
extraStart
|
||||
];
|
||||
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
|
||||
in /* vim */ ''
|
||||
syn include @nix_${lang}_syntax syntax/${lang}.vim
|
||||
unlet b:current_syntax
|
||||
|
||||
syn match nix_${lang}_sigil
|
||||
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
|
||||
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
|
||||
\ transparent
|
||||
|
||||
syn region nix_${lang}_region_STRING
|
||||
\ matchgroup=NixSTRING
|
||||
\ start='"'
|
||||
\ skip='\\"'
|
||||
\ end='"'
|
||||
\ contained
|
||||
\ contains=@nix_${lang}_syntax
|
||||
\ transparent
|
||||
|
||||
syn region nix_${lang}_region_IND_STRING
|
||||
\ matchgroup=NixIND_STRING
|
||||
\ start="'''"
|
||||
\ skip="'''\('\|[$]\|\\[nrt]\)"
|
||||
\ end="'''"
|
||||
\ contained
|
||||
\ contains=@nix_${lang}_syntax
|
||||
\ transparent
|
||||
|
||||
syn cluster nix_ind_strings
|
||||
\ add=nix_${lang}_region_IND_STRING
|
||||
|
||||
syn cluster nix_strings
|
||||
\ add=nix_${lang}_region_STRING
|
||||
|
||||
syn cluster nix_has_dollar_curly
|
||||
\ add=@nix_${lang}_syntax
|
||||
'') {
|
||||
c = {};
|
||||
cabal = {};
|
||||
haskell = {};
|
||||
sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
|
||||
vim.extraStart =
|
||||
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
|
||||
})}
|
||||
|
||||
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
|
||||
syn clear shVarAssign
|
||||
|
||||
syn region nixINSIDE_DOLLAR_CURLY
|
||||
\ matchgroup=NixEnter
|
||||
\ start="[$]{"
|
||||
\ end="}"
|
||||
\ contains=TOP
|
||||
\ containedin=@nix_has_dollar_curly
|
||||
\ transparent
|
||||
|
||||
syn region nix_inside_curly
|
||||
\ matchgroup=NixEnter
|
||||
\ start="{"
|
||||
\ end="}"
|
||||
\ contains=TOP
|
||||
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
|
||||
\ transparent
|
||||
|
||||
syn match NixQuote /'''\([''$']\|\\.\)/he=s+2
|
||||
\ containedin=@nix_ind_strings
|
||||
\ contained
|
||||
|
||||
syn match NixQuote /\\./he=s+1
|
||||
\ containedin=@nix_strings
|
||||
\ contained
|
||||
|
||||
syn sync fromstart
|
||||
|
||||
let b:current_syntax = "nix"
|
||||
|
||||
set isk=@,48-57,_,192-255,-,'
|
||||
set bg=dark
|
||||
'';
|
||||
in
|
||||
out
|
@ -1,21 +0,0 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (import <stockholm/lib>) genid;
|
||||
in {
|
||||
krebs.per-user.chat.packages = with pkgs; [
|
||||
mosh
|
||||
weechat
|
||||
tmux
|
||||
];
|
||||
|
||||
users.extraUsers.chat = {
|
||||
home = "/home/chat";
|
||||
uid = genid "chat";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.nin.pubkey
|
||||
];
|
||||
};
|
||||
}
|
@ -1,7 +0,0 @@
|
||||
_:
|
||||
{
|
||||
imports = [
|
||||
../krebs
|
||||
./2configs
|
||||
];
|
||||
}
|
@ -1,35 +0,0 @@
|
||||
{ name }: let
|
||||
inherit (import ../krebs/krops.nix { inherit name; })
|
||||
krebs-source
|
||||
lib
|
||||
pkgs
|
||||
;
|
||||
|
||||
source = { test }: lib.evalSource [
|
||||
krebs-source
|
||||
{
|
||||
nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix";
|
||||
secrets = if test then {
|
||||
file = toString ./0tests/dummysecrets;
|
||||
} else {
|
||||
pass = {
|
||||
dir = "${lib.getEnv "HOME"}/.password-store";
|
||||
name = "hosts/${name}";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
in {
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy)
|
||||
deploy = pkgs.krops.writeDeploy "${name}-deploy" {
|
||||
source = source { test = false; };
|
||||
target = "root@${name}/var/src";
|
||||
};
|
||||
|
||||
# usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test)
|
||||
test = { target }: pkgs.krops.writeTest "${name}-test" {
|
||||
inherit target;
|
||||
source = source { test = true; };
|
||||
};
|
||||
}
|
1
submodules/krops
Submodule
1
submodules/krops
Submodule
@ -0,0 +1 @@
|
||||
Subproject commit e2b29654251367545700154ffbac806705dd04c0
|
@ -1 +1 @@
|
||||
Subproject commit c27a9416e8ee04d708b11b48f8cf1a055c0cc079
|
||||
Subproject commit 0660cc1a1169e799bda356c6fadb245a96345816
|
@ -3,6 +3,7 @@ with import <stockholm/lib>;
|
||||
|
||||
imports = [
|
||||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/br.nix>
|
||||
<stockholm/tv/2configs/exim-retiolum.nix>
|
||||
<stockholm/tv/2configs/retiolum.nix>
|
||||
];
|
||||
@ -90,20 +91,6 @@ with import <stockholm/lib>;
|
||||
pkgs.xlibs.fontschumachermisc
|
||||
];
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
services.printing = {
|
||||
enable = true;
|
||||
#drivers = [
|
||||
# #pkgs.foomatic_filters
|
||||
# #pkgs.gutenprint
|
||||
# #pkgs.cups_pdf_filter
|
||||
# #pkgs.ghostscript
|
||||
#];
|
||||
#cupsdConf = ''
|
||||
# LogLevel debug2
|
||||
#'';
|
||||
};
|
||||
|
||||
services.xserver.enable = true;
|
||||
services.xserver.layout = "de";
|
||||
services.xserver.xkbOptions = "eurosign:e";
|
||||
|
@ -2,10 +2,9 @@ with import <stockholm/lib>;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
<stockholm/krebs>
|
||||
<stockholm/tv/2configs>
|
||||
<stockholm/tv/3modules>
|
||||
<stockholm/tv>
|
||||
<stockholm/tv/2configs/retiolum.nix>
|
||||
<stockholm/tv/2configs/xp-332.nix>
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.querel;
|
||||
@ -37,6 +36,7 @@ with import <stockholm/lib>;
|
||||
sxiv
|
||||
texlive.combined.scheme-full
|
||||
vim
|
||||
xsane
|
||||
zathura
|
||||
];
|
||||
|
||||
@ -67,10 +67,6 @@ with import <stockholm/lib>;
|
||||
|
||||
programs.ssh.startAgent = false;
|
||||
|
||||
services.printing = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.xserver.enable = true;
|
||||
services.xserver.layout = "de";
|
||||
services.xserver.xkbOptions = "eurosign:e";
|
||||
|
@ -18,6 +18,7 @@ with import <stockholm/lib>;
|
||||
<stockholm/tv/2configs/retiolum.nix>
|
||||
<stockholm/tv/2configs/binary-cache>
|
||||
<stockholm/tv/2configs/br.nix>
|
||||
<stockholm/tv/2configs/xp-332.nix>
|
||||
<stockholm/tv/2configs/xserver>
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
@ -40,7 +41,6 @@ with import <stockholm/lib>;
|
||||
mkpasswd
|
||||
netcat
|
||||
netcup
|
||||
nix-repl
|
||||
nmap
|
||||
p7zip
|
||||
pass
|
||||
@ -147,8 +147,6 @@ with import <stockholm/lib>;
|
||||
gptfdisk
|
||||
];
|
||||
|
||||
services.printing.enable = true;
|
||||
|
||||
#services.bitlbee.enable = true;
|
||||
#services.tor.client.enable = true;
|
||||
#services.tor.enable = true;
|
||||
|
@ -26,7 +26,7 @@ with import <stockholm/lib>;
|
||||
method = "pull";
|
||||
src = { host = config.krebs.hosts.querel; path = "/home"; };
|
||||
dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; };
|
||||
startAt = "00:00";
|
||||
startAt = "22:00";
|
||||
};
|
||||
wu-home-xu = {
|
||||
method = "push";
|
||||
|
@ -33,11 +33,13 @@ with import <stockholm/lib>;
|
||||
PS1="ssh-agent[$SSH_AGENT_PID] $PS1"
|
||||
fi
|
||||
|
||||
if test ''${SHLVL-1} = 1; then
|
||||
case ''${XMONAD_SPAWN_WORKSPACE-} in
|
||||
stockholm)
|
||||
cd ~/stockholm
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
@ -143,6 +143,7 @@ with import <stockholm/lib>;
|
||||
environment.systemPackages = [
|
||||
pkgs.get
|
||||
pkgs.git
|
||||
pkgs.git-crypt
|
||||
pkgs.git-preview
|
||||
pkgs.hashPassword
|
||||
pkgs.htop
|
||||
|
@ -9,8 +9,19 @@ let {
|
||||
enable = true;
|
||||
cgit = {
|
||||
settings = {
|
||||
root-title = "repositories at ${config.krebs.build.host.name}";
|
||||
about-filter = pkgs.exec "krebs.cgit.about-filter" rec {
|
||||
filename = "${pkgs.pythonPackages.markdown2}/bin/markdown2";
|
||||
argv = [
|
||||
filename
|
||||
"--extras=fenced-code-blocks"
|
||||
];
|
||||
envp = {};
|
||||
};
|
||||
readme = [
|
||||
":README.md"
|
||||
];
|
||||
root-desc = "mostly krebs";
|
||||
root-title = "repositories at ${config.krebs.build.host.name}";
|
||||
};
|
||||
};
|
||||
repos = repos;
|
||||
@ -30,46 +41,33 @@ let {
|
||||
|
||||
public-repos = mapAttrs make-public-repo ({
|
||||
} // mapAttrs (_: recursiveUpdate { cgit.section = "1. miscellaneous"; }) {
|
||||
cac-api = {
|
||||
cgit.desc = "CloudAtCost API command line interface";
|
||||
};
|
||||
dic = {
|
||||
cgit.desc = "dict.leo.org command line interface";
|
||||
};
|
||||
disko = {
|
||||
cgit.desc = "declarative partitioning and formatting tool";
|
||||
};
|
||||
get = {};
|
||||
hstool = {
|
||||
cgit.desc = "Haskell Development Environment ^_^";
|
||||
fswm = {
|
||||
cgit.desc = "simple full screen window manager";
|
||||
};
|
||||
htgen = {
|
||||
cgit.desc = "toy HTTP server";
|
||||
};
|
||||
kirk = {
|
||||
cgit.desc = "IRC tools";
|
||||
};
|
||||
krops = {
|
||||
cgit.desc = "deployment tools";
|
||||
};
|
||||
load-env = {};
|
||||
loldns = {
|
||||
cgit.desc = "toy DNS server";
|
||||
};
|
||||
make-snapshot = {};
|
||||
much = {};
|
||||
netcup = {
|
||||
cgit.desc = "netcup command line interface";
|
||||
};
|
||||
nix-writers = {};
|
||||
nix-writers = {
|
||||
cgit.desc = "collection of package builders";
|
||||
};
|
||||
populate = {
|
||||
cgit.desc = "source code installer";
|
||||
};
|
||||
q = {};
|
||||
regfish = {};
|
||||
soundcloud = {
|
||||
cgit.desc = "SoundCloud command line interface";
|
||||
};
|
||||
stockholm = {
|
||||
cgit.desc = "NixOS configuration";
|
||||
};
|
||||
@ -86,15 +84,32 @@ let {
|
||||
xintmap = {};
|
||||
xmonad-stockholm = {};
|
||||
} // mapAttrs (_: recursiveUpdate { cgit.section = "4. museum"; }) {
|
||||
cac-api = {
|
||||
cgit.desc = "CloudAtCost API command line interface";
|
||||
};
|
||||
cgserver = {};
|
||||
crude-mail-setup = {};
|
||||
dot-xmonad = {};
|
||||
hirc = {};
|
||||
hstool = {
|
||||
cgit.desc = "Haskell Development Environment ^_^";
|
||||
};
|
||||
kirk = {
|
||||
cgit.desc = "IRC tools";
|
||||
};
|
||||
make-snapshot = {};
|
||||
nixos-infest = {};
|
||||
painload = {};
|
||||
push = {};
|
||||
with-tmpdir = {};
|
||||
get = {};
|
||||
load-env = {};
|
||||
loldns = {
|
||||
cgit.desc = "toy DNS server";
|
||||
};
|
||||
soundcloud = {
|
||||
cgit.desc = "SoundCloud command line interface";
|
||||
};
|
||||
});
|
||||
|
||||
restricted-repos = mapAttrs make-restricted-repo (
|
||||
|
@ -1,6 +1,10 @@
|
||||
{ config, pkgs, ... }:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
{ config, pkgs, ... }: let
|
||||
json = url: {
|
||||
inherit url;
|
||||
filter = "system:${pkgs.jq}/bin/jq .";
|
||||
};
|
||||
in {
|
||||
krebs.urlwatch = {
|
||||
enable = true;
|
||||
mailto = config.krebs.users.tv.mail;
|
||||
@ -13,18 +17,9 @@ with import <stockholm/lib>;
|
||||
|
||||
http://www.exim.org/
|
||||
|
||||
# ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
|
||||
{
|
||||
url = https://api.github.com/repos/simple-evcorr/sec/tags;
|
||||
filter = "system:${pkgs.jq}/bin/jq .";
|
||||
}
|
||||
|
||||
# ref src/nixpkgs/pkgs/tools/networking/urlwatch/default.nix
|
||||
https://thp.io/2008/urlwatch/
|
||||
|
||||
# 2014-12-20 ref src/nixpkgs/pkgs/tools/networking/tlsdate/default.nix
|
||||
https://api.github.com/repos/ioerror/tlsdate/tags
|
||||
|
||||
# 2015-02-18
|
||||
# ref ~/src/nixpkgs/pkgs/tools/text/qprint/default.nix
|
||||
http://www.fourmilab.ch/webtools/qprint/
|
||||
@ -50,7 +45,13 @@ with import <stockholm/lib>;
|
||||
#http://hackage.haskell.org/package/web-page
|
||||
|
||||
# ref <stockholm/krebs/3modules>, services.openssh.knownHosts.github*
|
||||
https://api.github.com/meta
|
||||
(json https://api.github.com/meta)
|
||||
|
||||
# 2014-12-20 ref src/nixpkgs/pkgs/tools/networking/tlsdate/default.nix
|
||||
(json https://api.github.com/repos/ioerror/tlsdate/tags)
|
||||
|
||||
# ref src/nixpkgs/pkgs/tools/admin/sec/default.nix
|
||||
(json https://api.github.com/repos/simple-evcorr/sec/tags)
|
||||
|
||||
# <stockholm/tv/2configs/xserver/xserver.conf.nix>
|
||||
# is derived from `configFile` in:
|
||||
|
45
tv/2configs/xp-332.nix
Normal file
45
tv/2configs/xp-332.nix
Normal file
@ -0,0 +1,45 @@
|
||||
with import <stockholm/lib>;
|
||||
{ config, pkgs, ... }: {
|
||||
|
||||
environment.etc."utsushi.conf".text = ''
|
||||
[devices]
|
||||
dev1.udi = esci:networkscan://EPSON79678C.fritz.box:1865
|
||||
dev1.model = XP-332
|
||||
dev1.vendor = EPSON
|
||||
'';
|
||||
|
||||
hardware.sane = {
|
||||
enable = true;
|
||||
extraBackends = [
|
||||
pkgs.utsushi
|
||||
];
|
||||
};
|
||||
|
||||
krebs.nixpkgs.allowUnfreePredicate = pkg:
|
||||
elem (parseDrvName pkg.name).name [ "imagescan-plugin-networkscan" ];
|
||||
|
||||
nixpkgs.overlays = singleton (self: super: {
|
||||
utsushi = super.utsushi.override {
|
||||
guiSupport = false;
|
||||
jpegSupport = false;
|
||||
networkSupport = true;
|
||||
ocrSupport = false;
|
||||
saneSupport = true;
|
||||
tiffSupport = true;
|
||||
|
||||
logCategory = "ALL";
|
||||
logLevel = "BRIEF";
|
||||
};
|
||||
});
|
||||
|
||||
services = {
|
||||
printing = {
|
||||
drivers = [
|
||||
pkgs.epson-escpr
|
||||
];
|
||||
enable = true;
|
||||
};
|
||||
saned.enable = true;
|
||||
};
|
||||
|
||||
}
|
@ -41,6 +41,9 @@ in {
|
||||
# refs <nixpkgs/nixos/modules/services/x11/desktop-managers>
|
||||
desktopManager.session = mkForce [];
|
||||
|
||||
displayManager.lightdm.enable = mkForce false;
|
||||
displayManager.job.execCmd = mkForce "derp";
|
||||
|
||||
enable = true;
|
||||
display = 11;
|
||||
tty = 11;
|
||||
@ -55,7 +58,7 @@ in {
|
||||
systemd.services.display-manager.enable = false;
|
||||
|
||||
systemd.services.xmonad = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wantedBy = [ "graphical.target" ];
|
||||
requires = [ "xserver.service" ];
|
||||
environment = {
|
||||
DISPLAY = ":${toString config.services.xserver.display}";
|
||||
@ -101,21 +104,20 @@ in {
|
||||
|
||||
systemd.services.xserver = {
|
||||
after = [
|
||||
"systemd-udev-settle.service"
|
||||
"local-fs.target"
|
||||
"acpid.service"
|
||||
"local-fs.target"
|
||||
"systemd-udev-settle.service"
|
||||
];
|
||||
reloadIfChanged = true;
|
||||
wants = [
|
||||
"systemd-udev-settle.service"
|
||||
];
|
||||
restartIfChanged = false;
|
||||
environment = {
|
||||
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
||||
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
||||
LD_LIBRARY_PATH = concatStringsSep ":" (
|
||||
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
|
||||
LD_LIBRARY_PATH = concatStringsSep ":" ([ "/run/opengl-driver/lib" ]
|
||||
++ concatLists (catAttrs "libPath" config.services.xserver.drivers));
|
||||
};
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "xserver";
|
||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||
ExecStart = toString [
|
||||
"${pkgs.xorg.xorgserver}/bin/X"
|
||||
":${toString config.services.xserver.display}"
|
||||
@ -123,17 +125,16 @@ in {
|
||||
"-config ${import ./xserver.conf.nix args}"
|
||||
"-logfile /dev/null -logverbose 0 -verbose 3"
|
||||
"-nolisten tcp"
|
||||
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
||||
"-xkbdir ${config.services.xserver.xkbDir}"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.urxvtd = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
reloadIfChanged = true;
|
||||
wantedBy = [ "graphical.target" ];
|
||||
restartIfChanged = false;
|
||||
serviceConfig = {
|
||||
SyslogIdentifier = "urxvtd";
|
||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
||||
ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd";
|
||||
Restart = "always";
|
||||
RestartSec = "2s";
|
||||
|
@ -64,7 +64,7 @@ in {
|
||||
ExecStartPre =
|
||||
"${pkgs.coreutils}/bin/ln -s /etc/charybdis-ircd.motd /tmp/ircd.motd";
|
||||
ExecStart = toString [
|
||||
"${pkgs.charybdis}/bin/charybdis-ircd"
|
||||
"${pkgs.charybdis}/bin/charybdis"
|
||||
"-configfile ${import ./config.nix args}"
|
||||
"-foreground"
|
||||
"-logfile /dev/stderr"
|
||||
|
1
tv/5pkgs/compat/default.nix
Normal file
1
tv/5pkgs/compat/default.nix
Normal file
@ -0,0 +1 @@
|
||||
self: super: {}
|
@ -33,4 +33,16 @@ foldl' mergeAttrs {}
|
||||
'';
|
||||
|
||||
gnupg = self.gnupg22;
|
||||
|
||||
pass = {
|
||||
"18.03" =
|
||||
self.callPackage ./compat/18.03/pass {
|
||||
pass-otp = self.callPackage ./compat/18.03/pass-otp {};
|
||||
};
|
||||
"18.09" =
|
||||
super.pass.withExtensions (ext: [
|
||||
ext.pass-otp
|
||||
]);
|
||||
}.${versions.majorMinor nixpkgsVersion};
|
||||
|
||||
}
|
||||
|
207
tv/5pkgs/simple/utsushi.nix
Normal file
207
tv/5pkgs/simple/utsushi.nix
Normal file
@ -0,0 +1,207 @@
|
||||
{ boost, fetchurl, file, imagemagick, libudev, libusb, pkgconfig, stdenv
|
||||
, coreutils, dash, patchelf, writeScriptBin # for add-rpath
|
||||
|
||||
, guiSupport ? false, gtkmm2 ? null
|
||||
, jpegSupport ? true
|
||||
, networkSupport ? false, dpkg ? null
|
||||
, ocrSupport ? false, tesseract ? null
|
||||
, saneSupport ? true, saneBackends ? null
|
||||
, tiffSupport ? true, libtiff ? null
|
||||
|
||||
# Logging defaults copied from Utsushi source (lib/log.cpp)
|
||||
, logCategory ? "NOTHING"
|
||||
, logLevel ? "FATAL"
|
||||
}:
|
||||
|
||||
# Logging possibilities copied from Utsushi source (utsushi/log.hpp)
|
||||
assert builtins.elem logCategory [
|
||||
"NOTHING"
|
||||
"SANE_BACKEND"
|
||||
"ALL"
|
||||
];
|
||||
assert builtins.elem logLevel [
|
||||
"FATAL" # famous last words
|
||||
"ALERT" # outside intervention required
|
||||
"ERROR" # something went wrong
|
||||
"BRIEF" # short informational notes
|
||||
"TRACE" # more chattery feedback
|
||||
"DEBUG" # the gory details
|
||||
"QUARK" # stack tracing feedback
|
||||
];
|
||||
|
||||
let
|
||||
|
||||
# usage: add-rpath LIBPATH [SOFILE...]
|
||||
# Adds LIBPATH to each SOFILE's RPATH
|
||||
add-rpath = writeScriptBin "add-rpath" ''
|
||||
#! ${dash}/bin/dash
|
||||
set -efu
|
||||
path=$1; shift
|
||||
for file; do
|
||||
file=$(${coreutils}/bin/readlink -f "$file")
|
||||
old_rpath=$(${patchelf}/bin/patchelf --print-rpath "$file")
|
||||
new_rpath=''${old_rpath+$old_rpath:}$path
|
||||
${patchelf}/bin/patchelf --set-rpath "$new_rpath" "$file"
|
||||
done
|
||||
'';
|
||||
|
||||
imagescan-plugin-networkscan = stdenv.mkDerivation rec {
|
||||
name = "imagescan-plugin-networkscan-${meta.version}";
|
||||
|
||||
src =
|
||||
if stdenv.system == "i686-linux" then
|
||||
fetchurl {
|
||||
url = "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x64/imagescan-bundle-debian-9-1.3.21.x86.deb.tar.gz";
|
||||
sha256 = "16xv1pdfm2ryis815fawb7zqg6c4swww726g272ssx044r5dp80r";
|
||||
}
|
||||
else if stdenv.system == "x86_64-linux" then
|
||||
fetchurl {
|
||||
url = "https://download2.ebz.epson.net/imagescanv3/debian/latest1/deb/x64/imagescan-bundle-debian-9-1.3.21.x64.deb.tar.gz";
|
||||
sha256 = "0zik35h2jwrvkwcmq55wc72imidwdnmn1bayhypzhjcz61rasjg2";
|
||||
}
|
||||
else throw "${name} is not supported on ${stdenv.system} (only i686-linux and x86_64 linux are supported)";
|
||||
|
||||
dontBuild = true;
|
||||
|
||||
installPhase = ''
|
||||
# Wildcard * stand for either i386 or amd64
|
||||
${dpkg}/bin/dpkg -x \
|
||||
plugins/imagescan-plugin-networkscan_${meta.version}-1epson4debian9_*.deb \
|
||||
tmp
|
||||
|
||||
mv tmp/usr $out
|
||||
'';
|
||||
|
||||
preFixup = ''
|
||||
patchelf --set-interpreter \
|
||||
${stdenv.glibc}/lib/ld-linux${stdenv.lib.optionalString stdenv.is64bit "-x86-64"}.so.2 \
|
||||
$out/lib/utsushi/networkscan
|
||||
|
||||
# libstdc++.so.6
|
||||
patchelf --set-rpath ${stdenv.cc.cc.lib}/lib \
|
||||
$out/lib/utsushi/networkscan
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "Epson Image Scan v3 networkscan plugin";
|
||||
longDescription = ''
|
||||
This package provides the unfree networkscan plugin from the Epson
|
||||
Image Scan v3 scanner driver bundle, which can be used by Utsushi.
|
||||
'';
|
||||
homepage = "http://support.epson.net/linux/en/imagescanv3.php?version=${meta.version}";
|
||||
license = stdenv.lib.licenses.eapl;
|
||||
maintainers = [ stdenv.lib.maintainers.tv ];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
version = "1.1.0";
|
||||
};
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "utsushi-${meta.version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://support.epson.net/linux/src/scanner/imagescanv3/debian/imagescan_${meta.version}.orig.tar.gz";
|
||||
sha256 = "12mzq3wc8gzdma84pjs5gb0gp8mga13wax5g7vjfrzq8pjyqrnmw";
|
||||
};
|
||||
|
||||
preConfigure = ''
|
||||
substituteInPlace configure \
|
||||
--replace /usr/bin/file ${file}/bin/file
|
||||
|
||||
substituteInPlace lib/log.cpp \
|
||||
--replace FATAL ${logLevel} \
|
||||
--replace NOTHING ${logCategory}
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
# Allow configuration to be done via /etc/utsushi.conf
|
||||
ln -s /etc/utsushi.conf $out/etc/utsushi/utsushi.conf
|
||||
|
||||
${stdenv.lib.optionalString saneSupport ''
|
||||
# Make this package compatible with hardware.sane.extraBackends
|
||||
mkdir $out/etc/sane.d
|
||||
echo utsushi > $out/etc/sane.d/dll.conf
|
||||
mkdir $out/lib/sane
|
||||
ln -s $out/lib/utsushi/sane/libsane-utsushi.* $out/lib/sane
|
||||
''}
|
||||
|
||||
${stdenv.lib.optionalString networkSupport ''
|
||||
ln -s ${imagescan-plugin-networkscan}/lib/utsushi/networkscan \
|
||||
$out/libexec/utsushi/
|
||||
''}
|
||||
'';
|
||||
|
||||
# Fixup libraries which otherwise would end up broken like this:
|
||||
#
|
||||
# $ ldd .../blah.so | grep libboost_system
|
||||
# libboost_system.so.X.Y.Z => not found
|
||||
# libboost_system.so.X.Y.Z => /nix/store/.../libboost_system.so.X.Y.Z (...)
|
||||
#
|
||||
preFixup = ''
|
||||
add-rpath ${boost}/lib $out/lib/utsushi/libdrv-esci.so
|
||||
${stdenv.lib.optionalString saneSupport ''
|
||||
add-rpath ${boost}/lib $out/lib/utsushi/sane/libsane-utsushi.so
|
||||
''}
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
add-rpath
|
||||
pkgconfig
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
boost
|
||||
imagemagick
|
||||
libudev
|
||||
libusb
|
||||
]
|
||||
++ stdenv.lib.optional guiSupport gtkmm2
|
||||
++ stdenv.lib.optional ocrSupport tesseract
|
||||
++ stdenv.lib.optional saneSupport saneBackends
|
||||
++ stdenv.lib.optional tiffSupport libtiff
|
||||
;
|
||||
|
||||
NIX_CFLAGS_COMPILE = [
|
||||
"-Wno-error=deprecated-declarations"
|
||||
"-Wno-error=unused-variable"
|
||||
];
|
||||
|
||||
configureFlags = [
|
||||
"--with-boost=${boost}"
|
||||
"--with-magick"
|
||||
"--with-magick-pp"
|
||||
]
|
||||
++ stdenv.lib.optionals guiSupport [
|
||||
"--with-gtkmm"
|
||||
]
|
||||
++ stdenv.lib.optionals jpegSupport [
|
||||
"--with-jpeg"
|
||||
]
|
||||
++ stdenv.lib.optionals saneSupport [
|
||||
"--with-sane"
|
||||
]
|
||||
++ stdenv.lib.optionals tiffSupport [
|
||||
"--with-tiff"
|
||||
]
|
||||
;
|
||||
|
||||
meta = {
|
||||
description = "Utsushi - Next Generation Image Acquisition";
|
||||
longDescription = ''
|
||||
This software provides applications to easily turn hard-copy
|
||||
documents and imagery into formats that are more amenable to
|
||||
computer processing.
|
||||
|
||||
Included are a native driver for a number of EPSON scanners
|
||||
and a compatibility driver to interface with software built
|
||||
around the SANE standard.
|
||||
'';
|
||||
homepage = http://download.ebz.epson.net/dsc/search/01/search/?OSC=LX;
|
||||
license = stdenv.lib.licenses.gpl3;
|
||||
maintainers = [ stdenv.lib.maintainers.tv ];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
version = "3.48.0";
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user