From 84411177954db9f4fde99eaa87565168e296b6a4 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 28 Dec 2018 01:23:05 +0100
Subject: [PATCH 001/130] l: remove confusing deprecated x config

---
 lass/3modules/default.nix              |   1 -
 lass/3modules/xserver/default.nix      | 103 -------------------------
 lass/3modules/xserver/xserver.conf.nix |  40 ----------
 3 files changed, 144 deletions(-)
 delete mode 100644 lass/3modules/xserver/default.nix
 delete mode 100644 lass/3modules/xserver/xserver.conf.nix

diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index 2cf6a66b9..613c7c8ac 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -14,6 +14,5 @@ _:
     ./umts.nix
     ./usershadow.nix
     ./xjail.nix
-    ./xserver
   ];
 }
diff --git a/lass/3modules/xserver/default.nix b/lass/3modules/xserver/default.nix
deleted file mode 100644
index cdd80857a..000000000
--- a/lass/3modules/xserver/default.nix
+++ /dev/null
@@ -1,103 +0,0 @@
-{ config, pkgs, ... }@args:
-with import <stockholm/lib>;
-let
-
-  out = {
-    options.lass.xserver = api;
-    config = mkIf cfg.enable imp;
-  };
-
-  user = config.krebs.build.user;
-
-  cfg = config.lass.xserver;
-  xcfg = config.services.xserver;
-  api = {
-    enable = mkEnableOption "lass xserver";
-  };
-  imp = {
-
-    services.xserver = {
-      enable = true;
-      display = 11;
-      tty = 11;
-    };
-
-    systemd.services.display-manager.enable = false;
-
-    systemd.services.xmonad = {
-      wantedBy = [ "multi-user.target" ];
-      requires = [ "xserver.service" ];
-      environment = {
-        DISPLAY = ":${toString xcfg.display}";
-
-        XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
-          ${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
-          ${xcfg.displayManager.sessionCommands}
-          if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
-            exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
-          fi
-          export DBUS_SESSION_BUS_ADDRESS
-          ${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
-          wait
-        '';
-
-        XMONAD_DATA_DIR = "/tmp";
-      };
-      serviceConfig = {
-        SyslogIdentifier = "xmonad";
-        ExecStart = "${pkgs.xmonad-lass}/bin/xmonad";
-        ExecStop = "${pkgs.xmonad-lass}/bin/xmonad --shutdown";
-        User = user.name;
-        WorkingDirectory = user.home;
-      };
-    };
-
-    systemd.services.xserver = {
-      after = [
-        "systemd-udev-settle.service"
-        "local-fs.target"
-        "acpid.service"
-      ];
-      reloadIfChanged = true;
-      environment = {
-        XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
-        XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
-        LD_LIBRARY_PATH = concatStringsSep ":" (
-          [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
-          ++ concatLists (catAttrs "libPath" xcfg.drivers));
-      };
-      serviceConfig = {
-        SyslogIdentifier = "xserver";
-        ExecReload = "${pkgs.coreutils}/bin/echo NOP";
-        ExecStart = toString [
-          "${pkgs.xorg.xorgserver}/bin/X"
-          ":${toString xcfg.display}"
-          "vt${toString xcfg.tty}"
-          "-config ${import ./xserver.conf.nix args}"
-          "-logfile /dev/null -logverbose 0 -verbose 3"
-          "-nolisten tcp"
-          "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
-          (optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}")
-        ];
-        User = user.name;
-      };
-    };
-    krebs.xresources.resources.dpi = ''
-      ${optionalString (xcfg.dpi != null) "Xft.dpi: ${toString xcfg.dpi}"}
-    '';
-    systemd.services.urxvtd = {
-      wantedBy = [ "multi-user.target" ];
-      reloadIfChanged = true;
-      serviceConfig = {
-        SyslogIdentifier = "urxvtd";
-        ExecReload = "${pkgs.coreutils}/bin/echo NOP";
-        ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd";
-        Restart = "always";
-        RestartSec = "2s";
-        StartLimitBurst = 0;
-        User = user.name;
-      };
-    };
-  };
-
-in out
diff --git a/lass/3modules/xserver/xserver.conf.nix b/lass/3modules/xserver/xserver.conf.nix
deleted file mode 100644
index 6f34e0150..000000000
--- a/lass/3modules/xserver/xserver.conf.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with import <stockholm/lib>;
-
-let
-  cfg = config.services.xserver;
-in
-
-pkgs.stdenv.mkDerivation {
-  name = "xserver.conf";
-
-  xfs = optionalString (cfg.useXFS != false)
-    ''FontPath "${toString cfg.useXFS}"'';
-
-  inherit (cfg) config;
-
-  buildCommand =
-    ''
-      echo 'Section "Files"' >> $out
-      echo $xfs >> $out
-
-      for i in ${toString config.fonts.fonts}; do
-        if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
-          for j in $(find $i -name fonts.dir); do
-            echo "  FontPath \"$(dirname $j)\"" >> $out
-          done
-        fi
-      done
-
-      for i in $(find ${toString cfg.modules} -type d); do
-        if test $(echo $i/*.so* | wc -w) -ne 0; then
-          echo "  ModulePath \"$i\"" >> $out
-        fi
-      done
-
-      echo 'EndSection' >> $out
-
-      echo "$config" >> $out
-    '';
-}

From 32b2aff200edf3e73f6a2c9e3d6548e4985ecd9f Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 28 Dec 2018 14:49:44 +0100
Subject: [PATCH 002/130] tv gitrepos: with-ssh

---
 tv/2configs/gitrepos.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index a89d1302c..9409246e2 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -71,6 +71,7 @@ let {
     stockholm = {
       cgit.desc = "NixOS configuration";
     };
+    with-ssh = {};
   } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
     ni = {
     };

From 9a5415b662e9aad91eb518bfb2aa3feffc5e7cd5 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 29 Dec 2018 12:18:14 +0100
Subject: [PATCH 003/130] tv nixpkgs-overlays: RIP

---
 tv/1systems/xu/config.nix        |  5 -----
 tv/2configs/default.nix          |  1 -
 tv/3modules/default.nix          |  1 -
 tv/3modules/nixpkgs-overlays.nix | 23 -----------------------
 4 files changed, 30 deletions(-)
 delete mode 100644 tv/3modules/nixpkgs-overlays.nix

diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index b9c76cf49..c47608aa9 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -156,10 +156,5 @@ with import <stockholm/lib>;
   # The NixOS release to be compatible with for stateful data such as databases.
   system.stateVersion = "15.09";
 
-  tv.nixpkgs-overlays = {
-    krebs = "/home/tv/stockholm/krebs/5pkgs";
-    tv = "/home/tv/stockholm/tv/5pkgs";
-  };
-
   virtualisation.virtualbox.host.enable = true;
 }
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 484a337b7..e18ba31b0 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -92,7 +92,6 @@ with import <stockholm/lib>;
       environment.variables = {
         NIX_PATH = mkForce (concatStringsSep ":" [
           "secrets=/var/src/stockholm/null"
-          "nixpkgs-overlays=${config.tv.nixpkgs-overlays}"
           "/var/src"
         ]);
       };
diff --git a/tv/3modules/default.nix b/tv/3modules/default.nix
index f53a58e9a..67fb3f650 100644
--- a/tv/3modules/default.nix
+++ b/tv/3modules/default.nix
@@ -5,7 +5,6 @@
     ./ejabberd
     ./hosts.nix
     ./iptables.nix
-    ./nixpkgs-overlays.nix
     ./slock.nix
     ./x0vncserver.nix
   ];
diff --git a/tv/3modules/nixpkgs-overlays.nix b/tv/3modules/nixpkgs-overlays.nix
deleted file mode 100644
index 4eb7a86bd..000000000
--- a/tv/3modules/nixpkgs-overlays.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-with import <stockholm/lib>;
-{ config, pkgs, ... }: {
-
-  options.tv.nixpkgs-overlays = mkOption {
-    apply = src:
-      pkgs.runCommand "nixpkgs-overlays" {} ''
-        mkdir $out
-        ${concatStringsSep "\n" (mapAttrsToList (name: path:
-          "ln -s ${shell.escape path} $out/${shell.escape name}"
-        ) src)}
-      '' // {
-        inherit src;
-      };
-    type = types.attrsOf types.absolute-pathname;
-  };
-
-  config = {
-    tv.nixpkgs-overlays = {
-      krebs = mkDefault "/var/src/stockholm/krebs/5pkgs";
-      tv = mkDefault "/var/src/stockholm/tv/5pkgs";
-    };
-  };
-}

From 4a3650b3e3091343cc30034ac88bda8516306ea9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 29 Dec 2018 12:58:45 +0100
Subject: [PATCH 004/130] tv ejabberd: move home to /var/lib

---
 tv/2configs/backup.nix           | 4 ++--
 tv/3modules/ejabberd/default.nix | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix
index f8de72d00..b8dec8da4 100644
--- a/tv/2configs/backup.nix
+++ b/tv/2configs/backup.nix
@@ -60,7 +60,7 @@ with import <stockholm/lib>;
     };
     xu-pull-ni-ejabberd = {
       method = "pull";
-      src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
+      src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
       dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; };
       startAt = "07:00";
     };
@@ -78,7 +78,7 @@ with import <stockholm/lib>;
     };
     zu-pull-ni-ejabberd = {
       method = "pull";
-      src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
+      src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
       dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; };
       startAt = "06:00";
     };
diff --git a/tv/3modules/ejabberd/default.nix b/tv/3modules/ejabberd/default.nix
index e99b94ff9..f16dfac86 100644
--- a/tv/3modules/ejabberd/default.nix
+++ b/tv/3modules/ejabberd/default.nix
@@ -67,7 +67,7 @@ in {
       type = types.user;
       default = {
         name = "ejabberd";
-        home = "/var/ejabberd";
+        home = "/var/lib/ejabberd";
       };
     };
   };

From 45359e7db5ec7fe9e33624e15e362c2b9e6ef9d9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 29 Dec 2018 14:22:24 +0100
Subject: [PATCH 005/130] tv dhcpcd: set saner dbdir

---
 tv/5pkgs/default.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix
index c5c800b55..605d827ef 100644
--- a/tv/5pkgs/default.nix
+++ b/tv/5pkgs/default.nix
@@ -24,6 +24,12 @@ foldl' mergeAttrs {}
         "$@"
   '';
 
+  dhcpcd = overrideDerivation super.dhcpcd (old: {
+    configureFlags = old.configureFlags ++ [
+      "--dbdir=/var/lib/dhcpcd"
+    ];
+  });
+
   gitAndTools = super.gitAndTools // {
     inherit (self) diff-so-fancy;
   };

From c8c6c2e6c73cb8d64fd6be7ae7174b11582a9c04 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 31 Dec 2018 10:08:11 +0100
Subject: [PATCH 006/130] ma home-manager: init direnv,bat and more

move old zsh confi to home-manager
---
 makefu/2configs/home-manager/cli.nix     |  30 +++++-
 makefu/2configs/home-manager/desktop.nix |   7 +-
 makefu/2configs/home-manager/zsh.nix     | 126 +++++++++++++++++++++++
 makefu/2configs/zsh-user.nix             |  82 +--------------
 4 files changed, 164 insertions(+), 81 deletions(-)
 create mode 100644 makefu/2configs/home-manager/zsh.nix

diff --git a/makefu/2configs/home-manager/cli.nix b/makefu/2configs/home-manager/cli.nix
index 64aa03bd7..6b5d26111 100644
--- a/makefu/2configs/home-manager/cli.nix
+++ b/makefu/2configs/home-manager/cli.nix
@@ -1,4 +1,5 @@
 {pkgs, ... }: {
+  imports = [ ./zsh.nix ];
   home-manager.users.makefu = {
     services.gpg-agent = {
       enable = true;
@@ -9,7 +10,34 @@
       enableSshSupport = true;
       enableScDaemon = true;
     };
-    programs.fzf.enable = true; # alt-c
+    programs.direnv = {
+      stdlib = ''
+use_nix() {
+  local cache=".direnv.$(nixos-version --hash)"
+
+  if [[ ! -e "$cache" ]] || \
+    [[ "$HOME/.direnvrc" -nt "$cache" ]] || \
+    [[ ".envrc" -nt "$cache" ]] || \
+    [[ "default.nix" -nt "$cache" ]] || \
+    [[ "shell.nix" -nt "$cache" ]];
+  then
+    local tmp="$(mktemp "$${cache}.tmp-XXXXXXXX")"
+    trap "rm -rf '$tmp' >/dev/null" EXIT
+    nix-shell --show-trace "$@" --run 'direnv dump' > "$tmp" && \
+    mv "$tmp" "$cache"
+  fi
+
+  direnv_load cat "$cache"
+
+  if [[ $# = 0 ]]; then
+    watch_file default.nix
+    watch_file shell.nix
+    rm direnv.* 2>/dev/null
+  fi
+}
+'';
+      enableZshIntegration = true;
+    };
   };
   services.udev.packages = [
     pkgs.libu2f-host
diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix
index ce98e651a..40a1c6497 100644
--- a/makefu/2configs/home-manager/desktop.nix
+++ b/makefu/2configs/home-manager/desktop.nix
@@ -1,11 +1,13 @@
-{ pkgs, lib, ... }: 
+{ pkgs, lib, ... }:
 
 {
+  users.users.makefu.packages = with pkgs;[ bat direnv ];
   home-manager.users.makefu = {
     programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
     programs.firefox.enable = true;
+    programs.obs-studio.enable = true;
+    xdg.enable = true;
     services.network-manager-applet.enable = true;
-    systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
     services.blueman-applet.enable = true;
     services.pasystray.enable = true;
     systemd.user.services.pasystray.Service.Environment = "PATH=" + (lib.makeBinPath (with pkgs;[ pavucontrol paprefs /* pavumeter  */  /* paman */ ]) );
@@ -34,7 +36,6 @@
       };
 
       Service = {
-        Environment = ''XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
         ExecStart = "${pkgs.clipit}/bin/clipit";
         Restart = "on-abort";
       };
diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix
new file mode 100644
index 000000000..dff6d9337
--- /dev/null
+++ b/makefu/2configs/home-manager/zsh.nix
@@ -0,0 +1,126 @@
+{ pkgs, ... }:
+{
+  imports = [
+    { #direnv
+      home-manager.users.makefu.home.packages = [ pkgs.direnv ];
+      home-manager.users.makefu.home.file.".direnvrc".text = ''
+      use_nix() {
+        local path="$(nix-instantiate --find-file nixpkgs)"
+
+        if [ -f "$${path}/.version-suffix" ]; then
+          local version="$(< $path/.version-suffix)"
+        elif [ -f "$path/.version" ]; then
+          local version="$(< $path/.version)"
+        else
+          local version="$(< $(< $path/.git/HEAD))"
+        fi
+
+        local cache=".direnv/cache-''${version:-unknown}"
+
+        if [[ ! -e "$cache" ]] || \
+          [[ "$HOME/.direnvrc" -nt "$cache" ]] || \
+          [[ .envrc -nt "$cache" ]] || \
+          [[ default.nix -nt "$cache" ]] || \
+          [[ shell.nix -nt "$cache" ]];
+        then
+          [ -d .direnv ] || mkdir .direnv
+          local tmp=$(nix-shell --show-trace "$@" \
+            --run "\"$direnv\" dump bash")
+          echo "$tmp" > "$cache"
+        fi
+
+        local path_backup=$PATH term_backup=$TERM
+        direnv_load cat "$cache"
+
+        export PATH=$PATH:$path_backup TERM=$term_backup
+
+        if [[ $# = 0 ]]; then
+          watch_file default.nix
+          watch_file shell.nix
+        fi
+      }
+      '';
+      home-manager.users.makefu.programs.zsh.initExtra = ''
+      nixify() {
+        if [ ! -e ./.envrc ]; then
+          echo "use nix" > .envrc
+          direnv allow
+        fi
+        if [ ! -e default.nix ]; then
+          cat > default.nix <<'EOF'
+      with import <nixpkgs> {};
+      stdenv.mkDerivation {
+        name = "env";
+        buildInputs = [
+          bashInteractive
+        ];
+      }
+      EOF
+          ${EDITOR:-vim} default.nix
+        fi
+      }
+      eval "$(direnv hook zsh)"
+      '';
+    }
+    { # bat
+    home-manager.users.makefu.home.packages = [ pkgs.bat ];
+      home-manager.users.makefu.programs.zsh.shellAliases = {
+        cat = "bat";
+        catn = "${pkgs.coreutils}/bin/cat";
+      };
+    }
+  ];
+  environment.pathsToLink = [ "/share/zsh" ];
+  home-manager.users.makefu = {
+    programs.fzf.enable = false; # alt-c
+    programs.zsh = {
+      enable = true;
+      enableAutosuggestions = false;
+      enableCompletion = true;
+      oh-my-zsh.enable = false;
+      history = {
+        size = 900001;
+        save = 900001;
+        ignoreDups = true;
+        extended = true;
+        share = true;
+      };
+      sessionVariables = {
+        TERM = "rxvt-unicode-256color";
+        LANG = "en_US.UTF8";
+        LS_COLORS = ":di=1;31:";
+        EDITOR = "vim";
+      };
+      shellAliases = {
+        lsl = "ls -lAtr";
+        t = "task";
+        xo = "mimeopen";
+        nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
+      };
+      initExtra = ''
+        bindkey -e
+        # shift-tab
+        bindkey '^[[Z' reverse-menu-complete
+        bindkey "\e[3~" delete-char
+        zstyle ':completion:*' menu select
+
+        setopt HIST_IGNORE_ALL_DUPS
+        setopt HIST_IGNORE_SPACE
+        setopt HIST_FIND_NO_DUPS
+
+        unset SSH_AGENT_PID
+        export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
+        compdef _pass brain
+        zstyle ':completion::complete:brain::' prefix "$HOME/brain"
+        compdef _pass secrets
+        zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
+
+        # ctrl-x ctrl-e
+        autoload -U edit-command-line
+        zle -N edit-command-line
+        bindkey '^xe' edit-command-line
+        bindkey '^x^e' edit-command-line
+      '';
+    };
+  };
+}
diff --git a/makefu/2configs/zsh-user.nix b/makefu/2configs/zsh-user.nix
index 23ae572da..e0ea046cf 100644
--- a/makefu/2configs/zsh-user.nix
+++ b/makefu/2configs/zsh-user.nix
@@ -1,83 +1,11 @@
 { config, lib, pkgs, ... }:
-##
-with import <stockholm/lib>;
 let
   mainUser = config.krebs.build.user.name;
 in
 {
-  users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
   programs.zsh= {
     enable = true;
-    enableCompletion = true ; #manually at the end
-    interactiveShellInit = ''
-      HISTSIZE=900001
-      HISTFILESIZE=$HISTSIZE
-      SAVEHIST=$HISTSIZE
-      HISTFILE=$HOME/.zsh_history
-
-      setopt HIST_IGNORE_ALL_DUPS
-      setopt HIST_IGNORE_SPACE
-      setopt HIST_FIND_NO_DUPS
-      bindkey -e
-      # shift-tab
-      bindkey '^[[Z' reverse-menu-complete
-      bindkey "\e[3~" delete-char
-      zstyle ':completion:*' menu select
-
-      ${pkgs.gnupg}/bin/gpg-connect-agent updatestartuptty /bye >/dev/null
-      GPG_TTY=$(tty)
-      export GPG_TTY
-      LS_COLORS=$LS_COLORS:'di=1;31:' ; export LS_COLORS
-
-      unset SSH_AGENT_PID
-      export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
-
-      # fzf
-      __fsel_fzf() {
-        local cmd="''${FZF_CTRL_T_COMMAND:-"command find -L . -mindepth 1 \\( -path '*/\\.*' -o -fstype 'sysfs' -o -fstype 'devfs' -o -fstype 'devtmpfs' -o -fstype 'proc' \\) -prune \
-          -o -type f -print \
-          -o -type d -print \
-          -o -type l -print 2> /dev/null | cut -b3-"}"
-        setopt localoptions pipefail 2> /dev/null
-        eval "$cmd" | FZF_DEFAULT_OPTS="--height ''${FZF_TMUX_HEIGHT:-40%} --reverse $FZF_DEFAULT_OPTS $FZF_CTRL_T_OPTS" $(__fzfcmd) -m "$@" | while read item; do
-          echo -n "''${(q)item} "
-        done
-        local ret=$?
-        echo
-        return $ret
-      }
-
-      __fzf_use_tmux__() {
-        [ -n "$TMUX_PANE" ] && [ "''${FZF_TMUX:-0}" != 0 ] && [ ''${LINES:-40} -gt 15 ]
-      }
-
-      __fzfcmd() {
-        __fzf_use_tmux__ &&
-          echo "fzf-tmux -d''${FZF_TMUX_HEIGHT:-40%}" || echo "fzf"
-      }
-
-      fzf-file-widget() {
-        LBUFFER="''${LBUFFER}$(__fsel_fzf)"
-        local ret=$?
-        zle redisplay
-        typeset -f zle-line-init >/dev/null && zle zle-line-init
-        return $ret
-      }
-      zle     -N   fzf-file-widget
-      bindkey '^T' fzf-file-widget
-
-      compdef _pass brain
-      zstyle ':completion::complete:brain::' prefix "$HOME/brain"
-      compdef _pass secrets
-      zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
-
-      # ctrl-x ctrl-e
-      autoload -U edit-command-line
-      zle -N edit-command-line
-      bindkey '^xe' edit-command-line
-      bindkey '^x^e' edit-command-line
-
-    '';
+    enableCompletion = false; #manually at the end
 
     promptInit = ''
       RPROMPT=""
@@ -93,8 +21,8 @@ in
       '';
   };
 
-  users.users.${mainUser}.packages = [
-    pkgs.nix-zsh-completions
-    pkgs.fzf
-  ];
+  users.users.${mainUser} = {
+    shell = "/run/current-system/sw/bin/zsh";
+    packages = [ pkgs.nix-zsh-completions ];
+  };
 }

From e71561caafa36ad62fee67575bcd8f95af1032b7 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 31 Dec 2018 10:15:22 +0100
Subject: [PATCH 007/130] ma cake.r: add Mic92 ssh key to authorized keys

---
 krebs/1systems/wolf/config.nix  | 1 +
 makefu/1systems/cake/config.nix | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/krebs/1systems/wolf/config.nix b/krebs/1systems/wolf/config.nix
index 914b38051..ec8830711 100644
--- a/krebs/1systems/wolf/config.nix
+++ b/krebs/1systems/wolf/config.nix
@@ -161,6 +161,7 @@ in
 
   users.extraUsers.root.openssh.authorizedKeys.keys = [
     config.krebs.users.ulrich.pubkey
+    config.krebs.users.raute.pubkey
     config.krebs.users.makefu-omo.pubkey
     "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
   ];
diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 1a617e52d..2491352eb 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -38,6 +38,9 @@
      })
   ];
   networking.wireless.enable = true;
+  users.extraUsers.root.openssh.authorizedKeys.keys = [
+    config.krebs.users.Mic92.pubkey
+  ];
 
 # File systems configuration for using the installer's partition layout
   fileSystems = {

From 1e7e39576cf9dec46b067160f5d201d1b8888f57 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 31 Dec 2018 10:15:48 +0100
Subject: [PATCH 008/130] ma gum.r: disable cache.nsupdate.info

---
 makefu/1systems/gum/config.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 97b4555a5..6024260dc 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -124,7 +124,6 @@ in {
       <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
       # <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
       <stockholm/makefu/2configs/nginx/iso.euer.nix>
-      <stockholm/krebs/2configs/cache.nsupdate.info.nix>
 
       <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
       <stockholm/makefu/2configs/deployment/graphs.nix>

From 05916b9a2273554ffe74b8d02d737de987841bd1 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 31 Dec 2018 10:17:15 +0100
Subject: [PATCH 009/130] ma download.binaergewitter.de: logrotate nginx logs
 like a babarian

---
 .../bgt/download.binaergewitter.de.nix        | 30 +++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix
index 6d64848f5..f223081e9 100644
--- a/makefu/2configs/bgt/download.binaergewitter.de.nix
+++ b/makefu/2configs/bgt/download.binaergewitter.de.nix
@@ -3,6 +3,8 @@
 with import <stockholm/lib>;
 let
   ident = (builtins.readFile ./auphonic.pub);
+  bgtaccess = "/var/spool/nginx/logs/binaergewitter.access.log";
+  bgterror = "/var/spool/nginx/logs/binaergewitter.error.log";
 in {
   services.openssh = {
     allowSFTP = true;
@@ -21,6 +23,19 @@ in {
     useDefaultShell = true;
     openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ];
   };
+  services.logrotate = {
+    enable = true;
+    config = ''
+    ${bgtaccess} ${bgterror} {
+      rotate 5
+      weekly
+      create 600 nginx nginx
+      postrotate
+        ${pkgs.systemd}/bin/systemctl reload nginx
+      endscript
+    }
+    '';
+  };
   services.nginx = {
     enable = lib.mkDefault true;
     recommendedGzipSettings = true;
@@ -29,10 +44,21 @@ in {
         serverAliases = [ "dl2.binaergewitter.de" ];
         root = "/var/www/binaergewitter";
         extraConfig = ''
-          access_log /var/spool/nginx/logs/binaergewitter.access.log combined;
-          error_log /var/spool/nginx/logs/binaergewitter.error.log error;
+          access_log ${bgtaccess} combined;
+          error_log ${bgterror} error;
           autoindex on;
         '';
     };
   };
+  environment.etc."netdata/python.d/web_log.conf".text = ''
+    nginx_log3:
+      name: 'nginx'
+      path: '/var/spool/nginx/logs/access.log'
+    nginx_log4:
+      name: 'bgt'
+      path: '${bgtaccess}'
+  '';
+
+  users.users.netdata.extraGroups = [ "nginx" ];
+
 }

From fa117593ada626b12f81b98c478fdb21ab36bc89 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 31 Dec 2018 10:17:53 +0100
Subject: [PATCH 010/130] ma deployment/owncloud: open firewall ports

---
 makefu/2configs/deployment/owncloud.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix
index cfde0aba8..d7c082662 100644
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@@ -169,6 +169,7 @@ in  {
     ( serveCloud [ "o.euer.krebsco.de" ] )
   ];
 
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
   services.redis.enable = true;
   services.mysql = {
     enable = false;

From de6ca6e60b0ac70042262d0d735c8f0991f0d7f4 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 2 Jan 2019 21:41:05 +0100
Subject: [PATCH 011/130] external: add matchbox

---
 krebs/3modules/external/default.nix | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index baa49dbe0..1363df1a6 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -344,6 +344,30 @@ in {
         };
       };
     };
+    matchbox = {
+      owner = config.krebs.users.Mic92;
+      nets = {
+        retiolum = {
+          ip4.addr = "10.243.29.172";
+          aliases = [ "matchbox.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m
+            VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w
+            nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u
+            TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE
+            TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1
+            yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO
+            4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4
+            Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/
+            bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4
+            nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR
+            /vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ==
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
     miaoski = {
       owner = config.krebs.users.miaoski;
       nets = {

From 6db1a249e64c4be07c2db8daa2b305f3d35decb9 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 17:24:50 +0100
Subject: [PATCH 012/130] nixpkgs: b9fa31c -> 0396345

---
 krebs/nixpkgs.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index 821c79cde..d3f681a65 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
 {
   "url": "https://github.com/NixOS/nixpkgs-channels",
-  "rev": "b9fa31cea0e119ecf1867af4944ddc2f7633aacd",
-  "date": "2018-12-22T15:37:52+00:00",
-  "sha256": "1iqdra7nvcwbydjirjsk71rpzk4ljc0gzqy33fcp8l18y8iwh47k",
+  "rev": "0396345b79436f54920f7eb651ab42acf2eb7973",
+  "date": "2018-12-30T21:22:33-05:00",
+  "sha256": "10wd0wsair6dlilgaviqw2p9spgcf8qg736bzs08jha0f4zfqjs4",
   "fetchSubmodules": false
 }

From cc26a9e93d36ac5e9f01d6ee7339703ce3c8c1ab Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 19:12:52 +0100
Subject: [PATCH 013/130] l baseX: don't automount prism.r

---
 lass/2configs/baseX.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 1f2bb511f..1b6a1d593 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -9,7 +9,6 @@ in {
     ./power-action.nix
     ./copyq.nix
     ./urxvt.nix
-    ./nfs-dl.nix
     {
       hardware.pulseaudio = {
         enable = true;

From 1664ce39b368d65cac9ca24e80db3b4959cb8435 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 19:13:36 +0100
Subject: [PATCH 014/130] l mors: automount prims.r

---
 lass/1systems/mors/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index b39f03df9..b6565dc6a 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -35,6 +35,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/print.nix>
     <stockholm/lass/2configs/blue-host.nix>
     <stockholm/lass/2configs/network-manager.nix>
+    <stockholm/lass/2configs/nfs-dl.nix>
     {
       krebs.iptables.tables.filter.INPUT.rules = [
         #risk of rain

From 7e814620a137b7b85b7d601ffa092caab05a6929 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 19:14:09 +0100
Subject: [PATCH 015/130] l baseX: remove xephyrify from pkgs

---
 lass/2configs/baseX.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index 1b6a1d593..b8a0a9f2a 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -79,7 +79,6 @@ in {
     taskwarrior
     termite
     xclip
-    xephyrify
     xorg.xbacklight
     xorg.xhost
     xsel

From 05f9389e4f9e17be04e1bdef5b1cf695d3a8687b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 21:32:23 +0100
Subject: [PATCH 016/130] krops: use nixpkgs derivation for ci

---
 krebs/krops.nix | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/krebs/krops.nix b/krebs/krops.nix
index ab7524941..76bca026d 100644
--- a/krebs/krops.nix
+++ b/krebs/krops.nix
@@ -9,15 +9,15 @@
 
   krebs-source = { test ? false }: rec {
     nixpkgs = if test then {
-      file = {
-        path = toString (pkgs.fetchFromGitHub {
+      derivation = ''
+        with import <nixpkgs> {};
+        pkgs.fetchFromGitHub {
           owner = "nixos";
           repo = "nixpkgs";
-          rev = (lib.importJSON ./nixpkgs.json).rev;
-          sha256 = (lib.importJSON ./nixpkgs.json).sha256;
-        });
-        useChecksum = true;
-      };
+          rev = "${(lib.importJSON ./nixpkgs.json).rev}";
+          sha256 = "${(lib.importJSON ./nixpkgs.json).sha256}";
+        }
+      '';
     } else {
       git = {
         ref = (lib.importJSON ./nixpkgs.json).rev;

From 069fd9be579b5257520ed7ab3578f19cb28badcd Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 21:37:14 +0100
Subject: [PATCH 017/130] makefu krops.nix: use nixpkgs derivation for ci

---
 makefu/krops.nix | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/makefu/krops.nix b/makefu/krops.nix
index 2a2f70a05..30db07667 100644
--- a/makefu/krops.nix
+++ b/makefu/krops.nix
@@ -27,15 +27,15 @@
         # TODO: we want to track the unstable channel
         symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/";
       } else {
-        file = {
-          path = toString (pkgs.fetchFromGitHub {
+        derivation = ''
+          with import <nixpkgs> {};
+          pkgs.fetchFromGitHub {
             owner = "makefu";
             repo = "nixpkgs";
-            rev = nixpkgs-src.rev;
-            sha256 = nixpkgs-src.sha256;
-          });
-          useChecksum = true;
-        };
+            rev = "${nixpkgs-src.rev}";
+            sha256 = "${nixpkgs-src.sha256}";
+          }
+        '';
       };
       nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
 

From 2766a860a84d357f918a44d7d2d6a9c532f892c0 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 21:41:17 +0100
Subject: [PATCH 018/130] l blue source: use derivation for nixpkgs

---
 lass/1systems/blue/source.nix | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix
index 8f748ab8f..a32c3a829 100644
--- a/lass/1systems/blue/source.nix
+++ b/lass/1systems/blue/source.nix
@@ -1,11 +1,14 @@
 { lib, pkgs, ... }:
 {
   nixpkgs = lib.mkForce {
-    file = toString (pkgs.fetchFromGitHub {
-      owner = "nixos";
-      repo = "nixpkgs";
-      rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
-      sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
-    });
+    derivation = ''
+      with import <nixpkgs> {};
+      pkgs.fetchFromGitHub {
+        owner = "nixos";
+        repo = "nixpkgs";
+        rev = "${(lib.importJSON ../../../krebs/nixpkgs.json).rev}";
+        sha256 = "${(lib.importJSON ../../../krebs/nixpkgs.json).sha256}";
+      }
+    '';
   };
 }

From 2ce824f21f933710ef9f36864e1e585644da6eb5 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 21:49:05 +0100
Subject: [PATCH 019/130] ci: build in stockholm-build

---
 ci.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ci.nix b/ci.nix
index a383a0631..16c866e76 100644
--- a/ci.nix
+++ b/ci.nix
@@ -16,6 +16,6 @@ let
   ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts;
 
   build = host: owner:
-  ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-tmp";});
+  ((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";});
 
 in mapAttrs (n: h: build n h.owner.name) ci-systems

From 7176d12ff89a2637f8ca0f828c4f05a6543885d1 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 3 Jan 2019 22:28:44 +0100
Subject: [PATCH 020/130] external matchbox: use free ipv4

---
 krebs/3modules/external/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 1363df1a6..a7ec0e158 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -348,7 +348,7 @@ in {
       owner = config.krebs.users.Mic92;
       nets = {
         retiolum = {
-          ip4.addr = "10.243.29.172";
+          ip4.addr = "10.243.29.176";
           aliases = [ "matchbox.r" ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----

From 6044ffe3a53ab7745f413847ffe87fbf7a4d11f8 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 3 Jan 2019 23:01:16 +0100
Subject: [PATCH 021/130] external: use unused ip for matchbox

---
 krebs/3modules/external/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 1363df1a6..a7ec0e158 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -348,7 +348,7 @@ in {
       owner = config.krebs.users.Mic92;
       nets = {
         retiolum = {
-          ip4.addr = "10.243.29.172";
+          ip4.addr = "10.243.29.176";
           aliases = [ "matchbox.r" ];
           tinc.pubkey = ''
             -----BEGIN RSA PUBLIC KEY-----

From 7d5937b734f8a6e8379e494f91049aeee63c3300 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 3 Jan 2019 23:56:59 +0100
Subject: [PATCH 022/130] ma gum: enable home-manager

---
 makefu/1systems/gum/config.nix | 2 ++
 makefu/1systems/gum/source.nix | 1 +
 2 files changed, 3 insertions(+)

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 6024260dc..918fd843d 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -22,6 +22,8 @@ in {
         };
       }
       <stockholm/makefu/2configs/support-nixos.nix>
+      <stockholm/makefu/2configs/home-manager>
+      <stockholm/makefu/2configs/home-manager/cli.nix>
       # <stockholm/makefu/2configs/stats/client.nix>
       <stockholm/makefu/2configs/stats/netdata-server.nix>
 
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
index 1e36c6e87..43586ede4 100644
--- a/makefu/1systems/gum/source.nix
+++ b/makefu/1systems/gum/source.nix
@@ -2,4 +2,5 @@
   name="gum";
   torrent = true;
   clever_kexec = true;
+  home-manager = true;
 }

From d27dd90bb9d8231668aa4f1b89113231303722fe Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Thu, 3 Jan 2019 23:57:24 +0100
Subject: [PATCH 023/130] ma gum: set the default gateway on the correct
 interface

---
 makefu/1systems/gum/hardware-config.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/1systems/gum/hardware-config.nix b/makefu/1systems/gum/hardware-config.nix
index e9670a5a4..542b79fe7 100644
--- a/makefu/1systems/gum/hardware-config.nix
+++ b/makefu/1systems/gum/hardware-config.nix
@@ -34,7 +34,7 @@ in {
         prefixLength = external-netmask6;
       }];
     };
-    defaultGateway6 = external-gw6;
+    defaultGateway6 = { address = external-gw6; interface = ext-if; };
     defaultGateway = external-gw;
   };
   boot.kernelParams = [ ];

From 3090179491a0988190b37b2309db4c0baef1ceed Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 4 Jan 2019 16:35:09 +0100
Subject: [PATCH 024/130] l: enable o.xanf.org nextcloud

---
 lass/1systems/prism/physical.nix  |  5 +++++
 lass/2configs/websites/domsen.nix | 14 ++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 116bdb92f..159ee0c90 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -40,6 +40,11 @@
     fsType = "zfs";
   };
 
+  fileSystems."/var/lib/nextcloud" = {
+    device = "tank/nextcloud";
+    fsType = "zfs";
+  };
+
   nix.maxJobs = lib.mkDefault 8;
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
 
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 25dac0ac4..223fc73ba 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -88,6 +88,20 @@ in {
     file_uploads = on
   '';
 
+  services.nextcloud = {
+    enable = true;
+    hostName = "o.xanf.org";
+    config = {
+      adminpassFile = toString <secrets> + "/nextcloud_pw";
+    };
+    #https = true;
+    nginx.enable = true;
+  };
+  services.nginx.virtualHosts."o.xanf.org" = {
+    enableACME = true;
+    forceSSL = true;
+  };
+
   # MAIL STUFF
   # TODO: make into its own module
   services.dovecot2 = {

From 81c4e313d75db79c2a5228d5e5634983a8701001 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 4 Jan 2019 17:25:50 +0100
Subject: [PATCH 025/130] l prism: mount libvirt dir on tank zfs

---
 lass/1systems/prism/physical.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index 159ee0c90..a2b5efb29 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -45,6 +45,11 @@
     fsType = "zfs";
   };
 
+  fileSystems."/var/lib/libvirt" = {
+    device = "tank/libvirt";
+    fsType = "zfs";
+  };
+
   nix.maxJobs = lib.mkDefault 8;
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
 

From 4175b47ea071b558484b7f3803e41136bfea3b97 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 4 Jan 2019 17:26:21 +0100
Subject: [PATCH 026/130] l gc: garbage collect on prism

---
 lass/2configs/gc.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/gc.nix b/lass/2configs/gc.nix
index c5073e384..a1bb26049 100644
--- a/lass/2configs/gc.nix
+++ b/lass/2configs/gc.nix
@@ -3,6 +3,6 @@
 with import <stockholm/lib>;
 {
   nix.gc = {
-    automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer);
+    automatic = ! (elem config.krebs.build.host.name [ "mors" "helios" ] || config.boot.isContainer);
   };
 }

From c7630d003ee6fd77406f84262e97a362983d521b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 4 Jan 2019 17:29:33 +0100
Subject: [PATCH 027/130] l mail: more list sorting

---
 lass/2configs/mail.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 21b9d7b49..3c19fe061 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -51,7 +51,7 @@ let
     eloop = [ "to:eloop.org" ];
     github = [ "to:github@lassul.us" ];
     gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
-    india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" ];
+    india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" "to:hackbeach@mail.hackbeach.in" ];
     kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
     lugs = [ "to:lugs@lug-s.org" ];
     meetup = [ "to:meetup@lassul.us" ];

From bbbe09285a95cda654a344e42e1330bd53748936 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 4 Jan 2019 17:31:43 +0100
Subject: [PATCH 028/130] l websites lassulus: add mors pubkey location

---
 lass/2configs/websites/lassulus.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lass/2configs/websites/lassulus.nix b/lass/2configs/websites/lassulus.nix
index 307f1c2b3..27cadd100 100644
--- a/lass/2configs/websites/lassulus.nix
+++ b/lass/2configs/websites/lassulus.nix
@@ -101,6 +101,9 @@ in {
     locations."/pub".extraConfig = ''
       alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
     '';
+    locations."/pub1".extraConfig = ''
+      alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
+    '';
   };
 
   security.acme.certs."cgit.lassul.us" = {

From 6e5a61b676eea8a066be7848e2a879f57f2c0c4a Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 5 Jan 2019 20:16:17 +0100
Subject: [PATCH 029/130] per-user module: enable only if configured

---
 krebs/3modules/per-user.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/per-user.nix b/krebs/3modules/per-user.nix
index a7a07a8e6..5beb859aa 100644
--- a/krebs/3modules/per-user.nix
+++ b/krebs/3modules/per-user.nix
@@ -13,7 +13,7 @@ in {
     });
     default = {};
   };
-  config = {
+  config = mkIf (cfg != {}) {
     environment = {
       etc =
         mapAttrs'

From 7c84b32f2de5c759f18fe449597e0edba493ad9d Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 7 Jan 2019 11:23:25 +0100
Subject: [PATCH 030/130] tv slock service: support multiple displays

---
 tv/3modules/slock.nix | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/tv/3modules/slock.nix b/tv/3modules/slock.nix
index 1c84b1e9e..53f7f1f62 100644
--- a/tv/3modules/slock.nix
+++ b/tv/3modules/slock.nix
@@ -5,10 +5,12 @@ in {
   options.tv.slock = {
     enable = mkEnableOption "tv.slock";
     package = mkOption {
-      default = pkgs.execBin "slock" rec {
-        filename = "${pkgs.systemd}/bin/systemctl";
-        argv = [ filename "start" "slock-${cfg.user.name}.service" ];
-      };
+      default = pkgs.writeDashBin "slock" ''
+        set -efu
+        display=''${DISPLAY#:}
+        service=slock-$LOGNAME@$display.service
+        exec ${pkgs.systemd}/bin/systemctl start "$service"
+      '';
       type = types.package;
     };
     user = mkOption {
@@ -18,16 +20,16 @@ in {
   config = mkIf cfg.enable {
     security.polkit.extraConfig = /* js */ ''
       polkit.addRule(function(action, subject) {
-        if (action.id == "org.freedesktop.systemd1.manage-units" &&
-            action.lookup("unit") == "slock-${cfg.user.name}.service" &&
-            subject.user == ${toJSON cfg.user.name}) {
+        if (action.id === "org.freedesktop.systemd1.manage-units" &&
+            subject.user === ${toJSON cfg.user.name} &&
+            /^slock-${cfg.user.name}@[0-9]+\.service$/.test(action.lookup("unit")) ) {
           return polkit.Result.YES;
         }
       });
     '';
-    systemd.services."slock-${cfg.user.name}" = {
+    systemd.services."slock-${cfg.user.name}@" = {
       environment = {
-        DISPLAY = ":${toString config.services.xserver.display}";
+        DISPLAY = ":%I";
         LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
           passAsFile = ["text"];
           text = /* c */ ''

From e0bbedff27bd3ca6d69b147f2f3dbc183de72243 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 7 Jan 2019 15:29:48 +0100
Subject: [PATCH 031/130] tv xkiller: init

---
 tv/5pkgs/simple/xkiller.nix | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 tv/5pkgs/simple/xkiller.nix

diff --git a/tv/5pkgs/simple/xkiller.nix b/tv/5pkgs/simple/xkiller.nix
new file mode 100644
index 000000000..8d8f01690
--- /dev/null
+++ b/tv/5pkgs/simple/xkiller.nix
@@ -0,0 +1,25 @@
+{ pkgs }:
+pkgs.writeDash "xkiller" ''
+  set -efu
+  exec >&2
+  ${pkgs.iproute}/bin/ss -lp src unix:/tmp/.X11-unix/X* |
+  ${pkgs.gnused}/bin/sed -n '
+    s|.*/tmp/.X11-unix/X\([0-9]\+\)\>.*("X[^"]*",pid=\([0-9]\+\)\>.*|\1 \2|p
+  ' |
+  while read -r display pid; do
+    {
+      exit_code=$(
+        DISPLAY=:$display ${pkgs.coreutils}/bin/timeout 1 \
+            ${pkgs.xorg.xset}/bin/xset q >/dev/null 2>&1 &&
+            echo 0 || echo $?
+      )
+      if test $exit_code = 124; then
+        echo "X on display :$display is locked up; killing PID $pid..."
+        ${pkgs.coreutils}/bin/kill -SIGKILL "$pid"
+      else
+        echo "X on display :$display is healthy"
+      fi
+    } &
+  done
+  wait
+''

From c4a8e1380df895e5c5a94fea4d042410b0e850fd Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 7 Jan 2019 15:31:55 +0100
Subject: [PATCH 032/130] tv xkiller service: init

---
 tv/2configs/xserver/xkiller.nix | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 tv/2configs/xserver/xkiller.nix

diff --git a/tv/2configs/xserver/xkiller.nix b/tv/2configs/xserver/xkiller.nix
new file mode 100644
index 000000000..2f9763093
--- /dev/null
+++ b/tv/2configs/xserver/xkiller.nix
@@ -0,0 +1,14 @@
+{ pkgs, ... }: {
+
+  services.acpid.enable = true;
+  services.acpid.handlers.xkiller = {
+    action = /* sh */ ''
+      event=($1)
+      if test "''${event[2]}" = 00000080; then
+        ${pkgs.systemd}/bin/systemd-cat -t xkiller ${pkgs.xkiller}
+      fi
+    '';
+    event = "button/prog1";
+  };
+
+}

From 3e46d0d057053ed0aa5b1f2d259ccee64beedcd8 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 7 Jan 2019 15:32:43 +0100
Subject: [PATCH 033/130] tv xu: add xkiller service

---
 tv/1systems/xu/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index c47608aa9..33f9539c9 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -20,6 +20,7 @@ with import <stockholm/lib>;
     <stockholm/tv/2configs/br.nix>
     <stockholm/tv/2configs/xp-332.nix>
     <stockholm/tv/2configs/xserver>
+    <stockholm/tv/2configs/xserver/xkiller.nix>
     {
       environment.systemPackages = with pkgs; [
 

From 9475684bedcec695e196931a764b6e2e208349c4 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 8 Jan 2019 21:08:19 +0100
Subject: [PATCH 034/130] tv htop: header_margin=0

---
 tv/2configs/htop.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tv/2configs/htop.nix b/tv/2configs/htop.nix
index d7d2d7bfd..e78caeb5f 100644
--- a/tv/2configs/htop.nix
+++ b/tv/2configs/htop.nix
@@ -22,7 +22,7 @@ with import <stockholm/lib>;
             highlight_megabytes=1
             highlight_threads=1
             tree_view=1
-            header_margin=1
+            header_margin=0
             detailed_cpu_time=0
             cpu_count_from_zero=0
             update_process_names=0

From a1d9c22bbd8eff9198f378e9007ddf4cb9ee2e5c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Thu, 10 Jan 2019 20:17:51 +0100
Subject: [PATCH 035/130] Reaktor plugins: merge task with todo, make task like
 todo

---
 krebs/2configs/reaktor-krebs.nix       |  6 +--
 krebs/2configs/reaktor-retiolum.nix    |  6 +--
 krebs/5pkgs/simple/Reaktor/plugins.nix | 68 +++++++++-----------------
 3 files changed, 25 insertions(+), 55 deletions(-)

diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index dc2838cae..862c9b991 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -14,12 +14,8 @@ with import <stockholm/lib>;
     };
     plugins = with pkgs.ReaktorPlugins; [
       sed-plugin
-      task-add
-      task-delete
-      task-done
-      task-list
     ] ++
-      (attrValues (todo "agenda"))
+      (attrValues (task "agenda"))
     ;
   };
   krebs.secret.files.nix-serve-key = {
diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix
index 824f59d09..69fc4b202 100644
--- a/krebs/2configs/reaktor-retiolum.nix
+++ b/krebs/2configs/reaktor-retiolum.nix
@@ -10,12 +10,8 @@ with import <stockholm/lib>;
     };
     plugins = with pkgs.ReaktorPlugins; [
       sed-plugin
-      task-add
-      task-delete
-      task-done
-      task-list
     ] ++
-      (attrValues (todo "agenda"))
+      (attrValues (task "agenda"))
     ;
   };
 }
diff --git a/krebs/5pkgs/simple/Reaktor/plugins.nix b/krebs/5pkgs/simple/Reaktor/plugins.nix
index 6f59ad1de..1b19a1178 100644
--- a/krebs/5pkgs/simple/Reaktor/plugins.nix
+++ b/krebs/5pkgs/simple/Reaktor/plugins.nix
@@ -146,58 +146,36 @@ rec {
     '';
   });
 
-  taskrcFile = builtins.toFile "taskrc" ''
-    confirmation=no
-  '';
-
-  task-add = buildSimpleReaktorPlugin "task-add" {
-    pattern = "^task-add: (?P<args>.*)$$";
-    script = pkgs.writeDash "task-add" ''
-        ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} add "$*"
-      '';
-  };
-
-  task-list = buildSimpleReaktorPlugin "task-list" {
-    pattern = "^task-list";
-    script = pkgs.writeDash "task-list" ''
-        ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
-      '';
-  };
-
-  task-delete = buildSimpleReaktorPlugin "task-delete" {
-    pattern = "^task-delete: (?P<args>.*)$$";
-    script = pkgs.writeDash "task-delete" ''
-        ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*"
-      '';
-  };
-
-  task-done = buildSimpleReaktorPlugin "task-done" {
-    pattern = "^task-done: (?P<args>.*)$$";
-    script = pkgs.writeDash "task-done" ''
-        ${pkgs.taskwarrior}/bin/task rc:${taskrcFile} done "$*"
-      '';
-  };
-
-  todo = name: {
-    add = buildSimpleReaktorPlugin "${name}-add" {
+  task = name: let
+    rcFile = builtins.toFile "taskrc" ''
+      confirmation=no
+    '';
+  in {
+    add = buildSimpleReaktorPlugin "${name}-task-add" {
       pattern = "^${name}-add: (?P<args>.*)$$";
       script = pkgs.writeDash "${name}-add" ''
-        echo "$*" >> ${name}-todo
-        echo "added ${name} todo"
+        TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
       '';
     };
-    delete = buildSimpleReaktorPlugin "${name}-delete" {
+
+    list = buildSimpleReaktorPlugin "task-list" {
+      pattern = "^${name}-list";
+      script = pkgs.writeDash "task-list" ''
+        TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
+      '';
+    };
+
+    delete = buildSimpleReaktorPlugin "task-delete" {
       pattern = "^${name}-delete: (?P<args>.*)$$";
-      script = pkgs.writeDash "${name}-delete" ''
-        ${pkgs.gnugrep}/bin/grep -Fvxe "$*" ${name}-todo > ${name}-todo.tmp
-        ${pkgs.coreutils}/bin/mv ${name}-todo.tmp ${name}-todo
-        echo "removed ${name} todo: $*"
+      script = pkgs.writeDash "task-delete" ''
+        TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
       '';
     };
-    show = buildSimpleReaktorPlugin "${name}-show" {
-      pattern = "^${name}-show$";
-      script = pkgs.writeDash "${name}-show" ''
-        ${pkgs.coreutils}/bin/cat ${name}-todo
+
+    done = buildSimpleReaktorPlugin "task-done" {
+      pattern = "^${name}-done: (?P<args>.*)$$";
+      script = pkgs.writeDash "task-done" ''
+        TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*"
       '';
     };
   };

From eb55a8dc0c7091f2a5b0fd78f4245f12d81afcf7 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 00:37:13 +0100
Subject: [PATCH 036/130] ma pkgs.rclone: add auto-completion

---
 makefu/5pkgs/default.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 6e86f4264..59db86a8e 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -24,6 +24,15 @@ in {
       patches = [ ./custom/quodlibet/single-digit-discnumber.patch
                   ./custom/quodlibet/remove-override-warning.patch ];
     });
+    rclone = super.pkgs.stdenv.lib.overrideDerivation super.rclone (old: {
+      postInstall = old.postInstall + ''
+
+            $bin/bin/rclone genautocomplete zsh _rclone
+            install -D -m644 _rclone $bin/share/zsh/vendor-completions/_rclone
+            $bin/bin/rclone genautocomplete bash _rclone
+            install -D -m644 _rclone $bin/etc/bash_completion.d/rclone
+        '';
+    });
     alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";};
     alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
     alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};

From 9ed07a2dcf24a22965ccf26ab8915c2b02cb17af Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 00:37:58 +0100
Subject: [PATCH 037/130] ma home-manager: escape ${EDITOR}

---
 makefu/2configs/home-manager/zsh.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/2configs/home-manager/zsh.nix b/makefu/2configs/home-manager/zsh.nix
index dff6d9337..59658e667 100644
--- a/makefu/2configs/home-manager/zsh.nix
+++ b/makefu/2configs/home-manager/zsh.nix
@@ -56,7 +56,7 @@
         ];
       }
       EOF
-          ${EDITOR:-vim} default.nix
+          ''${EDITOR:-vim} default.nix
         fi
       }
       eval "$(direnv hook zsh)"

From 91190ad66b3ca8ac6446ec8ef38e69ef51606dc7 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 14:26:30 +0100
Subject: [PATCH 038/130] ma nixpkgs: 9728b2e -> eebd1a9

---
 makefu/nixpkgs.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json
index ae35f9e76..c22aa9f31 100644
--- a/makefu/nixpkgs.json
+++ b/makefu/nixpkgs.json
@@ -1,7 +1,7 @@
 {
   "url": "https://github.com/makefu/nixpkgs",
-  "rev": "9728b2e83406c76efc734ebb1923f23b8e687819",
-  "date": "2018-11-19T20:36:35+01:00",
-  "sha256": "0nk75ldppjr6x04hgghgg9vanr1cw4k5xhg699d38g2rpxviz5bp",
+  "rev": "eebd1a9263716a04689a37b6537e50801d376b5e",
+  "date": "2019-01-03T20:01:07+01:00",
+  "sha256": "0s1fylhjqp2h4j044iwbwndgnips3nrynh2ip5ijh96kavizf2gb",
   "fetchSubmodules": false
 }

From 7cb25ff9553f7506a99a571537b37dc86dea2efb Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 14:28:38 +0100
Subject: [PATCH 039/130] ma gum.r: disable iso building

---
 makefu/1systems/gum/config.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 918fd843d..e274b4bf8 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -125,7 +125,7 @@ in {
       #<stockholm/makefu/2configs/nginx/update.connector.one.nix>
       <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
       # <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
-      <stockholm/makefu/2configs/nginx/iso.euer.nix>
+      # <stockholm/makefu/2configs/nginx/iso.euer.nix>
 
       <stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
       <stockholm/makefu/2configs/deployment/graphs.nix>

From 82ecfd8086baf4ceb2efc50ff24c52fc61f1b837 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 16:31:47 +0100
Subject: [PATCH 040/130] ma pkgs.quodlibet: disable tests for now

---
 makefu/5pkgs/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/makefu/5pkgs/default.nix b/makefu/5pkgs/default.nix
index 59db86a8e..8ae41427c 100644
--- a/makefu/5pkgs/default.nix
+++ b/makefu/5pkgs/default.nix
@@ -21,6 +21,7 @@ with super.lib; with builtins; let
 
 in {
     quodlibet = super.pkgs.stdenv.lib.overrideDerivation super.quodlibet (old: {
+      doCheck = false; # 1 error because of warnings (possibly upstream)
       patches = [ ./custom/quodlibet/single-digit-discnumber.patch
                   ./custom/quodlibet/remove-override-warning.patch ];
     });

From 772f763afc56edbc34088f48351d7f2ebea82c0b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 19:11:25 +0100
Subject: [PATCH 041/130] ma nixpkgs: eebd1a9263 -> 1258730 ... i am stupid

---
 makefu/nixpkgs.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/makefu/nixpkgs.json b/makefu/nixpkgs.json
index c22aa9f31..d62fd65ca 100644
--- a/makefu/nixpkgs.json
+++ b/makefu/nixpkgs.json
@@ -1,7 +1,7 @@
 {
   "url": "https://github.com/makefu/nixpkgs",
-  "rev": "eebd1a9263716a04689a37b6537e50801d376b5e",
-  "date": "2019-01-03T20:01:07+01:00",
-  "sha256": "0s1fylhjqp2h4j044iwbwndgnips3nrynh2ip5ijh96kavizf2gb",
+  "rev": "125873064a6eabd2896833d00aede7778a453fdf",
+  "date": "2019-01-11T14:24:21+01:00",
+  "sha256": "1ki50426m9simqvxdzckfgycibz5rdhwl6hzi31i72dqiafl8j6s",
   "fetchSubmodules": false
 }

From dd22da5e6b4232677a08c24609e9d6517ee2d1b7 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Fri, 11 Jan 2019 22:50:40 +0100
Subject: [PATCH 042/130] external: new ip for eve

---
 krebs/3modules/external/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index a7ec0e158..df18b4dd3 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -84,8 +84,8 @@ in {
       nets = rec {
         internet = {
           # eve.thalheim.io
-          ip4.addr = "188.68.39.17";
-          ip6.addr = "2a03:4000:13:31e::1";
+          ip4.addr = "95.216.112.61";
+          ip6.addr = "2a01:4f9:2b:1605::1";
           aliases = [ "eve.i" ];
         };
         retiolum = {

From 5e87f121a3b010705f255aa503ad428da05e7da7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 13 Jan 2019 18:38:23 +0100
Subject: [PATCH 043/130] =?UTF-8?q?tv=20xmodmap:=20add=20=CE=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tv/2configs/xserver/Xmodmap.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tv/2configs/xserver/Xmodmap.nix b/tv/2configs/xserver/Xmodmap.nix
index d2b1b2604..8e8e3dfdd 100644
--- a/tv/2configs/xserver/Xmodmap.nix
+++ b/tv/2configs/xserver/Xmodmap.nix
@@ -17,6 +17,7 @@ pkgs.writeText "Xmodmap" ''
   keycode  39 = s S ssharp
 
   keycode  33 = p P Greek_pi Greek_PI
+  keycode  40 = d D Greek_delta Greek_DELTA
   keycode  46 = l L Greek_lambda Greek_LAMBDA
 
   keycode  54 = c C cacute Cacute

From 33655bfd89f7ea6f8ab3e3139cd79f4c2d2a0ef6 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 13 Jan 2019 23:05:12 +0100
Subject: [PATCH 044/130] ma cake.r: remove hack to get wifi working

---
 makefu/1systems/cake/config.nix          | 41 ++----------------------
 makefu/1systems/cake/hardware-config.nix | 26 +++++++++++++++
 2 files changed, 29 insertions(+), 38 deletions(-)
 create mode 100644 makefu/1systems/cake/hardware-config.nix

diff --git a/makefu/1systems/cake/config.nix b/makefu/1systems/cake/config.nix
index 2491352eb..e40042b2d 100644
--- a/makefu/1systems/cake/config.nix
+++ b/makefu/1systems/cake/config.nix
@@ -2,6 +2,7 @@
 {
   imports = [
     <stockholm/makefu>
+    ./hardware-config.nix
     <stockholm/makefu/2configs/tools/core.nix>
 # configure your hw:
 # <stockholm/makefu/2configs/save-diskspace.nix>
@@ -11,46 +12,10 @@
     tinc.retiolum.enable = true;
     build.host = config.krebs.hosts.cake;
   };
-  boot.loader.grub.enable = false;
-  boot.loader.generic-extlinux-compatible.enable = true;
-  boot.kernelPackages = pkgs.linuxPackages_latest;
-  boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
 
-  programs.info.enable = false;
-  programs.man.enable = false;
+  documentation.info.enable = false;
+  documentation.man.enable = false;
   services.nixosManual.enable = false;
-  boot.tmpOnTmpfs = lib.mkForce false;
   sound.enable = false;
 
-  hardware.enableRedistributableFirmware = true;
-  hardware.firmware = [
-    (pkgs.stdenv.mkDerivation {
-     name = "broadcom-rpi3-rest";
-     src = pkgs.fetchurl {
-     url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
-     sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
-     };
-     phases = [ "installPhase" ];
-     installPhase = ''
-     mkdir -p $out/lib/firmware/brcm
-     cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
-     '';
-     })
-  ];
-  networking.wireless.enable = true;
-  users.extraUsers.root.openssh.authorizedKeys.keys = [
-    config.krebs.users.Mic92.pubkey
-  ];
-
-# File systems configuration for using the installer's partition layout
-  fileSystems = {
-    "/boot" = {
-      device = "/dev/disk/by-label/NIXOS_BOOT";
-      fsType = "vfat";
-    };
-    "/" = {
-      device = "/dev/disk/by-label/NIXOS_SD";
-      fsType = "ext4";
-    };
-  };
 }
diff --git a/makefu/1systems/cake/hardware-config.nix b/makefu/1systems/cake/hardware-config.nix
new file mode 100644
index 000000000..a81dce4f9
--- /dev/null
+++ b/makefu/1systems/cake/hardware-config.nix
@@ -0,0 +1,26 @@
+{ pkgs, lib, ... }:
+{
+  # raspi3
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+  boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
+  boot.tmpOnTmpfs = lib.mkForce false;
+  hardware.enableRedistributableFirmware = true;
+
+  ## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747
+  # boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.kernelPackages = pkgs.linuxPackages;
+
+  networking.wireless.enable = true;
+  # File systems configuration for using the installer's partition layout
+  fileSystems = {
+    "/boot" = {
+      device = "/dev/disk/by-label/NIXOS_BOOT";
+      fsType = "vfat";
+    };
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+    };
+  };
+}

From a4bb3ee1d3afbee5e8b4676d481382be3a60a750 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 13 Jan 2019 23:42:14 +0100
Subject: [PATCH 045/130] tv gitrepos: add Reaktor

---
 tv/2configs/gitrepos.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 9409246e2..3eab1ce68 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -103,6 +103,7 @@ let {
     nixos-infest = {};
     painload = {};
     push = {};
+    Reaktor = {};
     with-tmpdir = {};
     get = {};
     load-env = {};

From 1e37db3b790cd4c01efd37722f2cc2fc40966b4e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 13 Jan 2019 23:42:22 +0100
Subject: [PATCH 046/130] tv gitrepos: add reaktor2

---
 tv/2configs/gitrepos.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 3eab1ce68..725ddefa8 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -67,6 +67,7 @@ let {
       cgit.desc = "source code installer";
     };
     q = {};
+    reaktor2 = {};
     regfish = {};
     stockholm = {
       cgit.desc = "NixOS configuration";

From 2d2ab95f0707209c4c248d43cb57877a50a37991 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Jan 2019 11:10:34 +0100
Subject: [PATCH 047/130] krebs tinc: Broadcast = no

---
 krebs/3modules/tinc.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix
index ecd449b09..24eac7158 100644
--- a/krebs/3modules/tinc.nix
+++ b/krebs/3modules/tinc.nix
@@ -27,6 +27,7 @@ let
               "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
                 Name = ${tinc.config.host.name}
                 Interface = ${netname}
+                Broadcast = no
                 ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
                 PrivateKeyFile = ${tinc.config.privkey.path}
                 Port = ${toString tinc.config.host.nets.${netname}.tinc.port}

From 6c734674da365c2529505a78dea9317f74dec260 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Jan 2019 20:24:53 +0100
Subject: [PATCH 048/130] tv q: add sigils

---
 tv/5pkgs/simple/q/default.nix | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/tv/5pkgs/simple/q/default.nix b/tv/5pkgs/simple/q/default.nix
index cbcec1bae..6c1876ab0 100644
--- a/tv/5pkgs/simple/q/default.nix
+++ b/tv/5pkgs/simple/q/default.nix
@@ -14,7 +14,7 @@ let
       assert n >= 1;
       n * calwidth + (n - 1) * hspace;
 
-    pad = ''{
+    pad = /* sh */ ''{
       ${pkgs.gnused}/bin/sed '
             # rtrim
             s/ *$//
@@ -31,7 +31,7 @@ let
               s/^[ 1-9][0-9]/&/
             '
     }'';
-  in ''
+  in /* sh */ ''
     cols=$(${pkgs.ncurses}/bin/tput cols)
     ${pkgs.coreutils}/bin/paste \
         <(if test $cols -ge ${toString (need_width 3)}; then
@@ -59,24 +59,24 @@ let
         '
   '';
 
-  q-isodate = ''
+  q-isodate = /* sh */ ''
     ${pkgs.coreutils}/bin/date \
         '+%Y-%m-%dT%H:%M:%S%:z'
   '';
 
   # Singapore's red is #ED2E38
-  q-sgtdate = ''
+  q-sgtdate = /* sh */ ''
     TZ=Asia/Singapore \
     ${pkgs.coreutils}/bin/date \
         '+%Y-%m-%dT%H:%M:%S%:z'
   '';
 
-  q-utcdate = ''
+  q-utcdate = /* sh */ ''
     ${pkgs.coreutils}/bin/date -u \
         '+%Y-%m-%dT%H:%M:%S%:z'
   '';
 
-  q-gitdir = ''
+  q-gitdir = /* sh */ ''
     if test -d .git; then
       #git status --porcelain
       branch=$(
@@ -87,7 +87,7 @@ let
     fi
   '';
 
-  q-intel_backlight = ''
+  q-intel_backlight = /* sh */ ''
     cd /sys/class/backlight/intel_backlight
     </dev/null exec ${pkgs.gawk}/bin/awk '
       END {
@@ -227,11 +227,11 @@ let
     done
   '';
 
-  q-virtualization = ''
+  q-virtualization = /* sh */ ''
     echo "VT: $(${pkgs.systemd}/bin/systemd-detect-virt)"
   '';
 
-  q-wireless = ''
+  q-wireless = /* sh */ ''
     for dev in $(
       ${pkgs.iw}/bin/iw dev \
         | ${pkgs.gnused}/bin/sed -n 's/^\s*Interface\s\+\([0-9a-z]\+\)$/\1/p'
@@ -250,7 +250,7 @@ let
     done
   '';
 
-  q-online = ''
+  q-online = /* sh */ ''
     if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
       echo 'online'
     else
@@ -258,7 +258,7 @@ let
     fi
   '';
 
-  q-thermal_zone = ''
+  q-thermal_zone = /* sh */ ''
     for i in /sys/class/thermal/thermal_zone*; do
       type=$(${pkgs.coreutils}/bin/cat $i/type)
       temp=$(${pkgs.coreutils}/bin/cat $i/temp)
@@ -266,7 +266,7 @@ let
     done
   '';
 
-  q-todo = ''
+  q-todo = /* sh */ ''
     TODO_file=$PWD/TODO
     if test -e "$TODO_file"; then
       ${pkgs.coreutils}/bin/cat "$TODO_file" \

From 0ef96fc0cf8bf85be36f2911923a91143a484fdc Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Jan 2019 20:25:17 +0100
Subject: [PATCH 049/130] tv q-todo: awk,bash,cat,date -> jq

---
 tv/5pkgs/simple/q/default.nix | 33 +++++++++++++--------------------
 1 file changed, 13 insertions(+), 20 deletions(-)

diff --git a/tv/5pkgs/simple/q/default.nix b/tv/5pkgs/simple/q/default.nix
index 6c1876ab0..0e2aecb27 100644
--- a/tv/5pkgs/simple/q/default.nix
+++ b/tv/5pkgs/simple/q/default.nix
@@ -269,26 +269,19 @@ let
   q-todo = /* sh */ ''
     TODO_file=$PWD/TODO
     if test -e "$TODO_file"; then
-      ${pkgs.coreutils}/bin/cat "$TODO_file" \
-        | ${pkgs.gawk}/bin/gawk -v now=$(${pkgs.coreutils}/bin/date +%s) '
-            BEGIN { print "remind=0" }
-            /^[0-9]/{
-              x = $1
-              gsub(".", "\\\\&", x)
-              rest = substr($0, index($0, " "))
-              rest = $0
-              sub(" *", "", rest)
-              gsub(".", "\\\\&", rest)
-              print "test $(${pkgs.coreutils}/bin/date +%s -d"x") -lt "now" && \
-                echo \"\x1b[38;5;208m\""rest esc "\"\x1b[m\" && \
-                (( remind++ ))"
-            }
-            END { print "test $remind = 0 && echo \"nothing to remind\"" }
-          ' \
-        | {
-          # bash needed for (( ... ))
-          ${pkgs.bash}/bin/bash
-        }
+      ${pkgs.jq}/bin/jq -Rrs <"$TODO_file" -f ${pkgs.writeJq "q-todo.jq" ''
+        split("\n") | map(
+          (match("^([0-9]+-\\d{2}-\\d{2})\\s+(.*)$").captures | map(.string))
+            as $captures |
+          ($captures[0] | strptime("%Y-%m-%d") | mktime) as $date |
+          $captures[1] as $text |
+
+          select(now >= $date) |
+
+          "\u001b[38;5;208m\(.)\u001b[m"
+        ) |
+        if length == 0 then "nothing to remind" else .[] end
+      ''}
     else
       echo "$TODO_file: no such file or directory"
     fi

From ce1baf93f264a43971130abca4b3dd3f485a17d9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 16 Jan 2019 20:34:10 +0100
Subject: [PATCH 050/130] tv q-todo: highlight urgent stuff

---
 tv/5pkgs/simple/q/default.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/tv/5pkgs/simple/q/default.nix b/tv/5pkgs/simple/q/default.nix
index 0e2aecb27..7906b968f 100644
--- a/tv/5pkgs/simple/q/default.nix
+++ b/tv/5pkgs/simple/q/default.nix
@@ -278,7 +278,11 @@ let
 
           select(now >= $date) |
 
-          "\u001b[38;5;208m\(.)\u001b[m"
+          ($text | test("\\[URGENT]"; "i")) as $urgent |
+          (if $urgent then "38;5;196" else "38;5;208" end) as $sgr |
+          if $urgent then sub("\\s*\\[URGENT]\\s*"; " "; "i") else . end |
+
+          "\u001b[\($sgr)m\(.)\u001b[m"
         ) |
         if length == 0 then "nothing to remind" else .[] end
       ''}

From 1decf0bf37755d2557991c54cf77ccddff9bf936 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 18 Jan 2019 12:43:00 +0100
Subject: [PATCH 051/130] nixpkgs: 0396345 -> 97e0d53

---
 krebs/nixpkgs.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json
index d3f681a65..614d5bccf 100644
--- a/krebs/nixpkgs.json
+++ b/krebs/nixpkgs.json
@@ -1,7 +1,7 @@
 {
   "url": "https://github.com/NixOS/nixpkgs-channels",
-  "rev": "0396345b79436f54920f7eb651ab42acf2eb7973",
-  "date": "2018-12-30T21:22:33-05:00",
-  "sha256": "10wd0wsair6dlilgaviqw2p9spgcf8qg736bzs08jha0f4zfqjs4",
+  "rev": "97e0d53d669cd07f0750a42fd535524b3cdd46d1",
+  "date": "2019-01-15T00:11:44+01:00",
+  "sha256": "111xa7qn9142dar29cil4br2mvn8f1rbiy310lkhwl73126fq8dw",
   "fetchSubmodules": false
 }

From c4be6cf076a9af9fc435992bcb2e42337fa7776e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 18 Jan 2019 13:58:42 +0100
Subject: [PATCH 052/130] blessings: 1.2.0 -> 1.3.0

---
 krebs/5pkgs/haskell/blessings.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix
index 59c5b7984..19f8da19d 100644
--- a/krebs/5pkgs/haskell/blessings.nix
+++ b/krebs/5pkgs/haskell/blessings.nix
@@ -7,8 +7,8 @@ with import <stockholm/lib>;
       sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
     };
     "18.09" = {
-      version = "1.2.0";
-      sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300";
+      version = "1.3.0";
+      sha256 = "1y9jhh9pchrr48zgfib2jip97x1fkm7qb1gnfx477rmmryjs500h";
     };
   }.${versions.majorMinor nixpkgsVersion};
 

From 942d0f0f14e6c5b312128f1b111ad31f1a1f1d1f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 18 Jan 2019 14:01:43 +0100
Subject: [PATCH 053/130] l games: remove broken ftb package

---
 lass/2configs/games.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix
index 62e3f6d52..a3acb82bb 100644
--- a/lass/2configs/games.nix
+++ b/lass/2configs/games.nix
@@ -74,7 +74,6 @@ in {
       createHome = true;
       useDefaultShell = true;
       packages = with pkgs; [
-        ftb
         minecraft
         steam-run
         dolphinEmu

From 9f2a6465666ee7a69d9261beee0e5ab3cd133933 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 10:09:16 +0100
Subject: [PATCH 054/130] krebs: move github known hosts to dedicated file

---
 krebs/3modules/default.nix            | 26 +----------------
 krebs/3modules/github-known-hosts.nix | 40 +++++++++++++++++++++++++++
 2 files changed, 41 insertions(+), 25 deletions(-)
 create mode 100644 krebs/3modules/github-known-hosts.nix

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 2e7c61fb5..0b785c0cc 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -23,6 +23,7 @@ let
       ./exim-smarthost.nix
       ./fetchWallpaper.nix
       ./github-hosts-sync.nix
+      ./github-known-hosts.nix
       ./git.nix
       ./go.nix
       ./hidden-ssh.nix
@@ -238,31 +239,6 @@ let
             };
           })
         //
-        {
-          github = {
-            hostNames = [
-              "github.com"
-              # List generated with
-              # curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob
-              "192.30.252.*"
-              "192.30.253.*"
-              "192.30.254.*"
-              "192.30.255.*"
-              "185.199.108.*"
-              "185.199.109.*"
-              "185.199.110.*"
-              "185.199.111.*"
-              "13.229.188.59"
-              "13.250.177.223"
-              "18.194.104.89"
-              "18.195.85.27"
-              "35.159.8.160"
-              "52.74.223.119"
-            ];
-            publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
-          };
-        }
-        //
         mapAttrs
           (name: host: {
             hostNames =
diff --git a/krebs/3modules/github-known-hosts.nix b/krebs/3modules/github-known-hosts.nix
new file mode 100644
index 000000000..def06f17a
--- /dev/null
+++ b/krebs/3modules/github-known-hosts.nix
@@ -0,0 +1,40 @@
+{
+  services.openssh.knownHosts.github = {
+    hostNames = [
+      "github.com"
+      # List generated with
+      # curl -sS https://api.github.com/meta | jq -r .git[] | nix-shell -p cidr2glob --run cidr2glob | jq -R .
+      "192.30.252.*"
+      "192.30.253.*"
+      "192.30.254.*"
+      "192.30.255.*"
+      "185.199.108.*"
+      "185.199.109.*"
+      "185.199.110.*"
+      "185.199.111.*"
+      "140.82.112.*"
+      "140.82.113.*"
+      "140.82.114.*"
+      "140.82.115.*"
+      "140.82.116.*"
+      "140.82.117.*"
+      "140.82.118.*"
+      "140.82.119.*"
+      "140.82.120.*"
+      "140.82.121.*"
+      "140.82.122.*"
+      "140.82.123.*"
+      "140.82.124.*"
+      "140.82.125.*"
+      "140.82.126.*"
+      "140.82.127.*"
+      "13.229.188.59"
+      "13.250.177.223"
+      "18.194.104.89"
+      "18.195.85.27"
+      "35.159.8.160"
+      "52.74.223.119"
+    ];
+    publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
+  };
+}

From 9082adf6878b5f917efc633cba63932d94942d13 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 10:22:18 +0100
Subject: [PATCH 055/130] krebs: move exim aliases to dedicated file

---
 krebs/2configs/exim-smarthost.nix | 50 +++++++++++++++++++++++++++++++
 krebs/3modules/default.nix        | 45 ----------------------------
 2 files changed, 50 insertions(+), 45 deletions(-)
 create mode 100644 krebs/2configs/exim-smarthost.nix

diff --git a/krebs/2configs/exim-smarthost.nix b/krebs/2configs/exim-smarthost.nix
new file mode 100644
index 000000000..5dc24f1de
--- /dev/null
+++ b/krebs/2configs/exim-smarthost.nix
@@ -0,0 +1,50 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+
+  format = from: to: {
+    inherit from;
+    # TODO assert is-retiolum-mail-address to;
+    to = concatMapStringsSep "," (getAttr "mail") (toList to);
+  };
+
+in {
+  krebs.exim-smarthost.internet-aliases =
+    mapAttrsToList format (with config.krebs.users; let
+      brain-ml = [
+        lass
+        makefu
+        tv
+      ];
+      eloop-ml = spam-ml ++ [ ciko ];
+      spam-ml = [
+        lass
+        makefu
+        tv
+      ];
+      ciko.mail = "ciko@slash16.net";
+    in {
+      "anmeldung@eloop.org" = eloop-ml;
+      "brain@krebsco.de" = brain-ml;
+      "cfp@eloop.org" = eloop-ml;
+      "kontakt@eloop.org" = eloop-ml;
+      "root@eloop.org" = eloop-ml;
+      "youtube@eloop.org" = eloop-ml;
+      "eloop2016@krebsco.de" = eloop-ml;
+      "eloop2017@krebsco.de" = eloop-ml;
+      "postmaster@krebsco.de" = spam-ml; # RFC 822
+      "lass@krebsco.de" = lass;
+      "makefu@krebsco.de" = makefu;
+      "spam@krebsco.de" = spam-ml;
+      "tv@krebsco.de" = tv;
+      # XXX These are no internet aliases
+      # XXX exim-retiolum hosts should be able to relay to retiolum addresses
+      "lass@retiolum" = lass;
+      "makefu@retiolum" = makefu;
+      "spam@retiolum" = spam-ml;
+      "tv@retiolum" = tv;
+      "lass@r" = lass;
+      "makefu@r" = makefu;
+      "spam@r" = spam-ml;
+      "tv@r" = tv;
+    });
+}
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 0b785c0cc..7b0f4ebf8 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -180,51 +180,6 @@ let
             '';
           };
 
-      krebs.exim-smarthost.internet-aliases = let
-        format = from: to: {
-          inherit from;
-          # TODO assert is-retiolum-mail-address to;
-          to = concatMapStringsSep "," (getAttr "mail") (toList to);
-        };
-      in mapAttrsToList format (with config.krebs.users; let
-        brain-ml = [
-          lass
-          makefu
-          tv
-        ];
-        eloop-ml = spam-ml ++ [ ciko ];
-        spam-ml = [
-          lass
-          makefu
-          tv
-        ];
-        ciko.mail = "ciko@slash16.net";
-      in {
-        "anmeldung@eloop.org" = eloop-ml;
-        "brain@krebsco.de" = brain-ml;
-        "cfp@eloop.org" = eloop-ml;
-        "kontakt@eloop.org" = eloop-ml;
-        "root@eloop.org" = eloop-ml;
-        "youtube@eloop.org" = eloop-ml;
-        "eloop2016@krebsco.de" = eloop-ml;
-        "eloop2017@krebsco.de" = eloop-ml;
-        "postmaster@krebsco.de" = spam-ml; # RFC 822
-        "lass@krebsco.de" = lass;
-        "makefu@krebsco.de" = makefu;
-        "spam@krebsco.de" = spam-ml;
-        "tv@krebsco.de" = tv;
-        # XXX These are no internet aliases
-        # XXX exim-retiolum hosts should be able to relay to retiolum addresses
-        "lass@retiolum" = lass;
-        "makefu@retiolum" = makefu;
-        "spam@retiolum" = spam-ml;
-        "tv@retiolum" = tv;
-        "lass@r" = lass;
-        "makefu@r" = makefu;
-        "spam@r" = spam-ml;
-        "tv@r" = tv;
-      });
-
       services.openssh.hostKeys =
         let inherit (config.krebs.build.host.ssh) privkey; in
         mkIf (privkey != null) (mkForce [privkey]);

From da79d23ebbc0c3fb7c579b366f29fb3744948706 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 10:32:15 +0100
Subject: [PATCH 056/130] krebs: move dns stuff to dedicated file

---
 krebs/3modules/default.nix  | 26 ++++++++------------------
 krebs/3modules/dns.nix      | 12 ++++++++++++
 lass/2configs/default.nix   |  1 -
 makefu/2configs/default.nix |  1 -
 4 files changed, 20 insertions(+), 20 deletions(-)
 create mode 100644 krebs/3modules/dns.nix

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 7b0f4ebf8..21d68ef3f 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -18,6 +18,7 @@ let
       ./charybdis.nix
       ./ci.nix
       ./current.nix
+      ./dns.nix
       ./exim.nix
       ./exim-retiolum.nix
       ./exim-smarthost.nix
@@ -59,12 +60,6 @@ let
   api = {
     enable = mkEnableOption "krebs";
 
-    dns = {
-      providers = mkOption {
-        type = with types; attrsOf str;
-      };
-    };
-
     hosts = mkOption {
       type = with types; attrsOf host;
       default = {};
@@ -74,13 +69,6 @@ let
       type = with types; attrsOf user;
     };
 
-    # XXX is there a better place to define search-domain?
-    # TODO search-domains :: listOf hostname
-    search-domain = mkOption {
-      type = types.hostname;
-      default = "r";
-    };
-
     sitemap = mkOption {
       default = {};
       type = types.attrsOf types.sitemap.entry;
@@ -126,6 +114,8 @@ let
         w = "hosts";
       };
 
+      krebs.dns.search-domain = mkDefault "r";
+
       krebs.users = {
         krebs = {
           home = "/krebs";
@@ -147,7 +137,7 @@ let
             let
               aliases = longs ++ shorts;
               longs = filter check net.aliases;
-              shorts = let s = ".${cfg.search-domain}"; in
+              shorts = let s = ".${cfg.dns.search-domain}"; in
                 map (removeSuffix s) (filter (hasSuffix s) longs);
             in
               optionals
@@ -203,8 +193,8 @@ let
                     let
                       longs = net.aliases;
                       shorts =
-                        map (removeSuffix ".${cfg.search-domain}")
-                            (filter (hasSuffix ".${cfg.search-domain}")
+                        map (removeSuffix ".${cfg.dns.search-domain}")
+                            (filter (hasSuffix ".${cfg.dns.search-domain}")
                                     longs);
                       add-port = a:
                         if net.ssh.port != 22
@@ -228,8 +218,8 @@ let
           (concatMap (host: attrValues host.nets)
             (mapAttrsToList
               (_: host: recursiveUpdate host
-                (optionalAttrs (hasAttr config.krebs.search-domain host.nets) {
-                  nets."" = host.nets.${config.krebs.search-domain} // {
+                (optionalAttrs (hasAttr cfg.dns.search-domain host.nets) {
+                  nets."" = host.nets.${cfg.dns.search-domain} // {
                     aliases = [host.name];
                     addrs = [];
                   };
diff --git a/krebs/3modules/dns.nix b/krebs/3modules/dns.nix
new file mode 100644
index 000000000..b7e2a2cbb
--- /dev/null
+++ b/krebs/3modules/dns.nix
@@ -0,0 +1,12 @@
+with import <stockholm/lib>;
+{
+  options = {
+    krebs.dns.providers = mkOption {
+      type = types.attrsOf types.str;
+    };
+
+    krebs.dns.search-domain = mkOption {
+      type = types.hostname;
+    };
+  };
+}
diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 62a42baf9..69e697a1d 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -72,7 +72,6 @@ with import <stockholm/lib>;
 
   krebs = {
     enable = true;
-    search-domain = "r";
     build.user = config.krebs.users.lass;
   };
 
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 61cba86d9..cbfb4da1c 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -36,7 +36,6 @@ with import <stockholm/lib>;
     enable = true;
 
     dns.providers.lan  = "hosts";
-    search-domain = "r";
     build.user = config.krebs.users.makefu;
   };
 

From 799f132d588f2a5f6c6dabc43e862c90d9efa4b7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 10:54:01 +0100
Subject: [PATCH 057/130] krebs: move retiolum-hosts to dedicated file

---
 krebs/3modules/default.nix        | 24 +-----------------------
 krebs/3modules/retiolum-hosts.nix | 28 ++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 23 deletions(-)
 create mode 100644 krebs/3modules/retiolum-hosts.nix

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 21d68ef3f..ea4d03ad6 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -43,6 +43,7 @@ let
       ./Reaktor.nix
       ./realwallpaper.nix
       ./retiolum-bootstrap.nix
+      ./retiolum-hosts.nix
       ./rtorrent.nix
       ./secret.nix
       ./setuid.nix
@@ -147,29 +148,6 @@ let
         ) cfg.hosts
       ));
 
-      # TODO dedup with networking.extraHosts
-      nixpkgs.config.packageOverrides = oldpkgs:
-        let
-          domains = attrNames (filterAttrs (_: eq "hosts") cfg.dns.providers);
-          check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
-        in
-          {
-            retiolum-hosts = oldpkgs.writeText "retiolum-hosts" ''
-              ${concatStringsSep "\n" (flatten (
-                map (host:
-                    let
-                      net = host.nets.retiolum;
-                      aliases = longs;
-                      longs = filter check net.aliases;
-                    in
-                      optionals
-                        (aliases != [])
-                        (map (addr: "${addr} ${toString aliases}") net.addrs)
-                ) (filter (host: hasAttr "retiolum" host.nets)
-                          (attrValues cfg.hosts))))}
-            '';
-          };
-
       services.openssh.hostKeys =
         let inherit (config.krebs.build.host.ssh) privkey; in
         mkIf (privkey != null) (mkForce [privkey]);
diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix
new file mode 100644
index 000000000..2821d62d1
--- /dev/null
+++ b/krebs/3modules/retiolum-hosts.nix
@@ -0,0 +1,28 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+  # TODO dedup functions with networking.extraHosts
+  check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
+  domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
+in {
+  nixpkgs.config.packageOverrides = super: {
+    retiolum-hosts =
+      super.writeText "retiolum-hosts" ''
+        ${
+          concatStringsSep
+            "\n"
+            (flatten
+              (map
+                (host: let
+                  net = host.nets.retiolum;
+                  aliases = longs;
+                  longs = filter check net.aliases;
+                in
+                  optionals
+                    (aliases != [])
+                    (map (addr: "${addr} ${toString aliases}") net.addrs))
+                (filter (host: hasAttr "retiolum" host.nets)
+                        (attrValues config.krebs.hosts))))
+        }
+      '';
+  };
+}

From af0463b23493d8c31ce725beb8ff5a2fd0398001 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 11:04:37 +0100
Subject: [PATCH 058/130] krebs: move hosts to dedeicated file

---
 krebs/3modules/default.nix        | 25 +--------------------
 krebs/3modules/hosts.nix          | 36 +++++++++++++++++++++++++++++++
 krebs/3modules/retiolum-hosts.nix |  2 +-
 3 files changed, 38 insertions(+), 25 deletions(-)
 create mode 100644 krebs/3modules/hosts.nix

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index ea4d03ad6..bb69bfad3 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -28,6 +28,7 @@ let
       ./git.nix
       ./go.nix
       ./hidden-ssh.nix
+      ./hosts.nix
       ./htgen.nix
       ./iana-etc.nix
       ./iptables.nix
@@ -61,11 +62,6 @@ let
   api = {
     enable = mkEnableOption "krebs";
 
-    hosts = mkOption {
-      type = with types; attrsOf host;
-      default = {};
-    };
-
     users = mkOption {
       type = with types; attrsOf user;
     };
@@ -129,25 +125,6 @@ let
         };
       };
 
-      networking.extraHosts = let
-        domains = attrNames (filterAttrs (_: eq "hosts") cfg.dns.providers);
-        check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
-      in concatStringsSep "\n" (flatten (
-        mapAttrsToList (hostname: host:
-          mapAttrsToList (netname: net:
-            let
-              aliases = longs ++ shorts;
-              longs = filter check net.aliases;
-              shorts = let s = ".${cfg.dns.search-domain}"; in
-                map (removeSuffix s) (filter (hasSuffix s) longs);
-            in
-              optionals
-                (aliases != [])
-                (map (addr: "${addr} ${toString aliases}") net.addrs)
-          ) (filterAttrs (name: host: host.aliases != []) host.nets)
-        ) cfg.hosts
-      ));
-
       services.openssh.hostKeys =
         let inherit (config.krebs.build.host.ssh) privkey; in
         mkIf (privkey != null) (mkForce [privkey]);
diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
new file mode 100644
index 000000000..a95557b3d
--- /dev/null
+++ b/krebs/3modules/hosts.nix
@@ -0,0 +1,36 @@
+with import <stockholm/lib>;
+{ config, ... }: let
+  # TODO dedup functions with ./retiolum-hosts.nix
+  check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
+  domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
+in {
+
+  options = {
+    krebs.hosts = mkOption {
+      default = {};
+      type = types.attrsOf types.host;
+    };
+  };
+
+  config = {
+    networking.extraHosts =
+      concatStringsSep
+        "\n"
+        (flatten
+          (mapAttrsToList
+            (hostname: host:
+              mapAttrsToList
+                (netname: net: let
+                  aliases = longs ++ shorts;
+                  longs = filter check net.aliases;
+                  shorts = let s = ".${config.krebs.dns.search-domain}"; in
+                    map (removeSuffix s) (filter (hasSuffix s) longs);
+                in
+                  optionals
+                    (aliases != [])
+                    (map (addr: "${addr} ${toString aliases}") net.addrs))
+                (filterAttrs (name: host: host.aliases != []) host.nets))
+            config.krebs.hosts));
+  };
+
+}
diff --git a/krebs/3modules/retiolum-hosts.nix b/krebs/3modules/retiolum-hosts.nix
index 2821d62d1..ddf85ead7 100644
--- a/krebs/3modules/retiolum-hosts.nix
+++ b/krebs/3modules/retiolum-hosts.nix
@@ -1,6 +1,6 @@
 with import <stockholm/lib>;
 { config, ... }: let
-  # TODO dedup functions with networking.extraHosts
+  # TODO dedup functions with ./hosts.nix
   check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
   domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
 in {

From 6af865b1e6bba605f11f5d4c6cfb7e92b4f01666 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 21 Jan 2019 11:17:27 +0100
Subject: [PATCH 059/130] ma 2default: extra pathsToLink

---
 makefu/2configs/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 61cba86d9..d66b492a4 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -85,5 +85,5 @@ with import <stockholm/lib>;
     SystemMaxUse=1G
     RuntimeMaxUse=128M
     '';
-
+  environment.pathsToLink = [ "/share" ];
 }

From f1298103173cf1953be0e7c359f10d18894ce770 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 11:51:15 +0100
Subject: [PATCH 060/130] krebs hosts: extraHost -> hosts

---
 krebs/3modules/hosts.nix | 25 ++++++++++++-------------
 1 file changed, 12 insertions(+), 13 deletions(-)

diff --git a/krebs/3modules/hosts.nix b/krebs/3modules/hosts.nix
index a95557b3d..0985bb539 100644
--- a/krebs/3modules/hosts.nix
+++ b/krebs/3modules/hosts.nix
@@ -13,24 +13,23 @@ in {
   };
 
   config = {
-    networking.extraHosts =
-      concatStringsSep
-        "\n"
-        (flatten
-          (mapAttrsToList
-            (hostname: host:
-              mapAttrsToList
-                (netname: net: let
+    networking.hosts =
+      filterAttrs
+        (_name: value: value != [])
+        (zipAttrsWith
+          (_: concatLists)
+          (concatMap
+            (host:
+              concatMap
+                (net: let
                   aliases = longs ++ shorts;
                   longs = filter check net.aliases;
                   shorts = let s = ".${config.krebs.dns.search-domain}"; in
                     map (removeSuffix s) (filter (hasSuffix s) longs);
                 in
-                  optionals
-                    (aliases != [])
-                    (map (addr: "${addr} ${toString aliases}") net.addrs))
-                (filterAttrs (name: host: host.aliases != []) host.nets))
-            config.krebs.hosts));
+                  map (addr: { ${addr} = aliases; }) net.addrs)
+                (attrValues host.nets))
+            (attrValues config.krebs.hosts)));
   };
 
 }

From 153d27e6c8c3354494913c4f9e32843ec09d6c40 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 12:09:29 +0100
Subject: [PATCH 061/130] reaktor2: init at 0.0.0

---
 krebs/5pkgs/default.nix          |  2 ++
 krebs/5pkgs/haskell/reaktor2.nix | 23 +++++++++++++++++++++++
 2 files changed, 25 insertions(+)
 create mode 100644 krebs/5pkgs/haskell/reaktor2.nix

diff --git a/krebs/5pkgs/default.nix b/krebs/5pkgs/default.nix
index 84c00e82d..dc04b6a72 100644
--- a/krebs/5pkgs/default.nix
+++ b/krebs/5pkgs/default.nix
@@ -22,6 +22,8 @@ foldl' mergeAttrs {}
     };
   });
 
+  reaktor2 = self.haskellPackages.reaktor2;
+
   ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {};
 
   # https://github.com/proot-me/PRoot/issues/106
diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
new file mode 100644
index 000000000..447738425
--- /dev/null
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -0,0 +1,23 @@
+{ mkDerivation, aeson, attoparsec, base, blessings, bytestring
+, containers, fetchgit, filepath, network, network-simple
+, network-simple-tls, pcre-heavy, pcre-light, process, random
+, stdenv, text, time, transformers, unix, unordered-containers
+}:
+mkDerivation {
+  pname = "reaktor2";
+  version = "0.0.0";
+  src = fetchgit {
+    url = "https://cgit.krebsco.de/reaktor2";
+    sha256 = "1q2rb78mzpyd8wxfmlbfdz7zq5smsrrvb4n874ap1p8f2bmmp0am";
+    rev = "ce276eee82ec0b8c4106beb4c51d6f9eb77335c4";
+    fetchSubmodules = true;
+  };
+  isLibrary = false;
+  isExecutable = true;
+  executableHaskellDepends = [
+    aeson attoparsec base blessings bytestring containers filepath
+    network network-simple network-simple-tls pcre-heavy pcre-light
+    process random text time transformers unix unordered-containers
+  ];
+  license = stdenv.lib.licenses.mit;
+}

From fabef3638584e88be50b10ec1cf3649b98752eac Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 21 Jan 2019 12:11:03 +0100
Subject: [PATCH 062/130] reaktor2 service: init

---
 krebs/3modules/reaktor2.nix | 63 +++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 krebs/3modules/reaktor2.nix

diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
new file mode 100644
index 000000000..b667bcc92
--- /dev/null
+++ b/krebs/3modules/reaktor2.nix
@@ -0,0 +1,63 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }: {
+
+  options.krebs.reaktor2 = mkOption {
+    default = {};
+    type = types.attrsOf (types.submodule (self: let
+      name = self.config._module.args.name;
+    in {
+      options = {
+        nick = mkOption {
+          default = name;
+          # TODO types.irc.nickname
+          type = types.str;
+        };
+        hostname = mkOption {
+          default = "irc.r";
+          type = types.hostname;
+        };
+        port = mkOption {
+          default = "6667";
+          # TODO type = types.service-name
+        };
+        plugins = mkOption {
+          default = [];
+          type = types.listOf types.attrs;
+        };
+        stateDir = mkOption {
+          default = "/var/lib/${self.config.systemd-service-name}";
+          readOnly = true;
+          type = types.absolute-pathname;
+        };
+        systemd-service-name = mkOption {
+          default = "reaktor2${optionalString (name != "default") "-${name}"}";
+          type = types.filename;
+        };
+      };
+    }));
+  };
+
+  config = {
+    systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg:
+      nameValuePair cfg.systemd-service-name {
+        after = [ "network.target" ];
+        wantedBy = [ "multi-user.target" ];
+        serviceConfig = {
+          User = cfg.systemd-service-name;
+          Group = "reaktor2";
+          DynamicUser = true;
+          StateDirectory = cfg.systemd-service-name;
+          ExecStart = let
+            configFile = pkgs.writeJSON configFileName configValue;
+            configFileName = "${cfg.systemd-service-name}.config.json";
+            configValue = recursiveUpdate {
+              logTime = false;
+            } (removeAttrs cfg ["_module"]);
+          in "${pkgs.reaktor2}/bin/reaktor ${configFile}";
+          Restart = "always";
+          RestartSec = "30";
+        };
+      }
+    );
+  };
+}

From 9033d807f9ba6230f175dd1a0dd0ea1d710e247f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 21 Jan 2019 16:25:27 +0100
Subject: [PATCH 063/130] external: add idontcare.r

---
 krebs/3modules/external/default.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index df18b4dd3..6f521fc43 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -141,6 +141,29 @@ in {
         };
       };
     };
+    idontcare = {
+      owner = config.krebs.users.Mic92;
+      nets = rec {
+        retiolum = {
+          addrs = [
+            config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
+            config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
+          ];
+          ip4.addr = "10.243.29.177";
+          aliases = [ "idontcare.r" ];
+          tinc.pubkey = ''
+            -----BEGIN RSA PUBLIC KEY-----
+            MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
+            qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
+            OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
+            lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
+            O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
+            jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
+            -----END RSA PUBLIC KEY-----
+          '';
+        };
+      };
+    };
     justraute = {
       owner = config.krebs.users.raute; # laptop
       nets = {

From bc2aedb2d0a6d22089d4f666082d440e4ffb07e6 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 21 Jan 2019 16:25:51 +0100
Subject: [PATCH 064/130] Mic92: change mail address

---
 krebs/3modules/external/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/3modules/external/default.nix b/krebs/3modules/external/default.nix
index 6f521fc43..089113ac6 100644
--- a/krebs/3modules/external/default.nix
+++ b/krebs/3modules/external/default.nix
@@ -416,7 +416,7 @@ in {
       pubkey = ssh-for "kmein";
     };
     Mic92 = {
-      mail = "joerg@higgsboson.tk";
+      mail = "joerg@thalheim.io";
       pubkey = ssh-for "Mic92";
     };
     palo = {

From 9312695b39bb490c76d7297c346ef17ac462b569 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 08:13:44 +0100
Subject: [PATCH 065/130] ma cake.r: update hardware-config

---
 makefu/1systems/cake/hardware-config.nix | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/makefu/1systems/cake/hardware-config.nix b/makefu/1systems/cake/hardware-config.nix
index a81dce4f9..d021f9458 100644
--- a/makefu/1systems/cake/hardware-config.nix
+++ b/makefu/1systems/cake/hardware-config.nix
@@ -1,18 +1,34 @@
 { pkgs, lib, ... }:
 {
   # raspi3
+  boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ];
   boot.loader.grub.enable = false;
-  boot.loader.generic-extlinux-compatible.enable = true;
-  boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
+  boot.loader.raspberryPi.enable = true;
+  boot.loader.raspberryPi.version = 3;
+  boot.loader.raspberryPi.uboot.enable = true;
+  boot.loader.raspberryPi.uboot.configurationLimit = 3;
+  boot.loader.raspberryPi.firmwareConfig = ''
+    gpu_mem=32
+    arm_freq=1350
+    core_freq=500
+    over_voltage=4
+    disable_splash=1
+    # bye bye warranty
+    force_turbo=1
+  '';
+  boot.loader.generationsDir.enable = lib.mkDefault false;
+
   boot.tmpOnTmpfs = lib.mkForce false;
+  boot.cleanTmpDir = true;
   hardware.enableRedistributableFirmware = true;
 
   ## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747
   # boot.kernelPackages = pkgs.linuxPackages_latest;
-  boot.kernelPackages = pkgs.linuxPackages;
-
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+  environment.systemPackages = [ pkgs.raspberrypi-tools ];
   networking.wireless.enable = true;
   # File systems configuration for using the installer's partition layout
+  swapDevices = [ { device = "/var/swap"; size = 2048; } ];
   fileSystems = {
     "/boot" = {
       device = "/dev/disk/by-label/NIXOS_BOOT";

From 04ddb5307bc68e91e4ce534469faa3cc52b4dd02 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 08:14:34 +0100
Subject: [PATCH 066/130] ma hw/malduino_elite: init

required so modem-manager does not try to use it as modem
---
 makefu/1systems/x/config.nix          |  1 +
 makefu/2configs/hw/malduino_elite.nix | 15 +++++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 makefu/2configs/hw/malduino_elite.nix

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 5a4eea2e4..35779507b 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -69,6 +69,7 @@
       # Hardware
       <stockholm/makefu/2configs/hw/tp-x230.nix>
       <stockholm/makefu/2configs/hw/mceusb.nix>
+      <stockholm/makefu/2configs/hw/malduino_elite.nix>
       # <stockholm/makefu/2configs/hw/tpm.nix>
       # <stockholm/makefu/2configs/hw/rtl8812au.nix>
       <stockholm/makefu/2configs/hw/network-manager.nix>
diff --git a/makefu/2configs/hw/malduino_elite.nix b/makefu/2configs/hw/malduino_elite.nix
new file mode 100644
index 000000000..1af85493f
--- /dev/null
+++ b/makefu/2configs/hw/malduino_elite.nix
@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+
+{
+
+  services.udev.extraRules = ''
+    ACTION!="add|change", GOTO="mm_usb_device_blacklist_local_end"
+    SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_local_end"
+    ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_local_end"
+
+    ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9204", ENV{ID_MM_DEVICE_IGNORE}="1"
+    ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9203", ENV{ID_MM_DEVICE_IGNORE}="1"
+
+    LABEL="mm_usb_device_blacklist_local_end"
+  '';
+}

From 1a9957cc87e7bd3a2f0e4aa610c0c68350682b4f Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 08:15:13 +0100
Subject: [PATCH 067/130] ma tools: add nix-review, accept sdk license

---
 makefu/2configs/tools/android-pentest.nix | 1 +
 makefu/2configs/tools/dev.nix             | 1 +
 2 files changed, 2 insertions(+)

diff --git a/makefu/2configs/tools/android-pentest.nix b/makefu/2configs/tools/android-pentest.nix
index 9dedafdd2..05560db90 100644
--- a/makefu/2configs/tools/android-pentest.nix
+++ b/makefu/2configs/tools/android-pentest.nix
@@ -1,6 +1,7 @@
 { pkgs, ... }:
 
 {
+  nixpkgs.config.android_sdk.accept_license = true;
   users.users.makefu.packages = with pkgs; [
     mitmproxy
     nmap
diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index 09ee63498..f8e3f9f46 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -22,6 +22,7 @@
     cdrtools
     # nix related
     nix-index
+    nix-review
     # git-related
     tig
   ];

From d8ab2b7f65d72931aac87059c91c04223af8ea1b Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 08:15:33 +0100
Subject: [PATCH 068/130] ma printer: use splix instead of samsung drivers

---
 makefu/2configs/printer.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/makefu/2configs/printer.nix b/makefu/2configs/printer.nix
index fb1a67358..0889ebbc1 100644
--- a/makefu/2configs/printer.nix
+++ b/makefu/2configs/printer.nix
@@ -6,7 +6,8 @@ in {
   services.printing = {
     enable = true;
     drivers = with pkgs; [
-      samsungUnifiedLinuxDriver
+      # samsungUnifiedLinuxDriver
+      splix # scx 3200
       cups-dymo # dymo labelwriter
       foo2zjs # magicolor 1690mf
       cups-zj-58

From d6b74138c33c7458ebb6c87f171e7efcb9908f98 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 09:02:54 +0100
Subject: [PATCH 069/130] ma home-manager: set the XDG_DATA_DIRS and
 GDK_PIXBUF_MODULE_FILE load icons

---
 makefu/2configs/home-manager/desktop.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/makefu/2configs/home-manager/desktop.nix b/makefu/2configs/home-manager/desktop.nix
index 40a1c6497..3be020faa 100644
--- a/makefu/2configs/home-manager/desktop.nix
+++ b/makefu/2configs/home-manager/desktop.nix
@@ -1,8 +1,9 @@
 { pkgs, lib, ... }:
 
 {
-  users.users.makefu.packages = with pkgs;[ bat direnv ];
+  users.users.makefu.packages = with pkgs;[ bat direnv clipit ];
   home-manager.users.makefu = {
+    systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.networkmanagerapplet}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
     programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
     programs.firefox.enable = true;
     programs.obs-studio.enable = true;
@@ -36,6 +37,7 @@
       };
 
       Service = {
+        Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.clipit}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
         ExecStart = "${pkgs.clipit}/bin/clipit";
         Restart = "on-abort";
       };

From 1cb0ec0b03bad3fb57a200d425da0b936fa20436 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 09:03:13 +0100
Subject: [PATCH 070/130] ma krops: bump home-manager ref

---
 makefu/krops.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/krops.nix b/makefu/krops.nix
index 30db07667..57a3b3bbf 100644
--- a/makefu/krops.nix
+++ b/makefu/krops.nix
@@ -74,7 +74,7 @@
     (lib.mkIf ( host-src.home-manager ) {
       home-manager.git = {
         url = https://github.com/rycee/home-manager;
-        ref = "f947faf";
+        ref = "4aa07c3";
       };
     })
   ];

From a8586920832b55b43b5cb4bdd61c081fb821a113 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 09:03:57 +0100
Subject: [PATCH 071/130] ma bureautomation: rename plugs

---
 makefu/2configs/bureautomation/hass.nix | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix
index a89a4813f..57184bdf7 100644
--- a/makefu/2configs/bureautomation/hass.nix
+++ b/makefu/2configs/bureautomation/hass.nix
@@ -3,19 +3,14 @@ let
   tasmota_plug = name: topic:
   { platform = "mqtt";
     inherit name;
-    state_topic = "/bam/${topic}/stat/POWER1";
-    command_topic = "/bam/${topic}/cmnd/POWER1";
+    state_topic = "/bam/${topic}/stat/POWER";
+    command_topic = "/bam/${topic}/cmnd/POWER";
     availability_topic = "/bam/${topic}/tele/LWT";
     payload_on= "ON";
     payload_off= "OFF";
     payload_available= "Online";
     payload_not_available= "Offline";
   };
-  tasmota_stecki = name: topic:
-    ( tasmota_plug name topic) //
-    { state_topic = "/bam/${topic}/stat/POWER";
-      command_topic = "/bam/${topic}/cmnd/POWER";
-  };
   espeasy_dht22 = name: [
   { platform = "mqtt";
     name = "${name} DHT22 Temperature";
@@ -77,8 +72,8 @@ in {
       switch = [
         (tasmota_plug "Bauarbeiterlampe" "plug")
         (tasmota_plug "Blitzdings" "plug2")
-        (tasmota_stecki "Fernseher" "fernseher")
-        (tasmota_plug "Pluggy" "plug4")
+        (tasmota_plug "Fernseher" "plug3")
+        (tasmota_plug "Feuer" "plug4")
       ];
       binary_sensor = [
         { platform = "mqtt";
@@ -179,7 +174,7 @@ in {
           "switch.bauarbeiterlampe"
           "switch.blitzdings"
           "switch.fernseher"
-          "switch.pluggy"
+          "switch.feuer"
         ];
         camera = [
           "camera.Baumarkt"
@@ -212,7 +207,7 @@ in {
           };
           action = {
             service = "homeassistant.turn_on";
-            entity_id =  [ "switch.fernseher" "switch.blitzdings" ];
+            entity_id =  [ "switch.fernseher" "switch.feuer" ];
           };
         }
         { alias = "Turn off Fernseher 10 minutes after last movement";
@@ -231,7 +226,7 @@ in {
         ];
           action = {
             service = "homeassistant.turn_off";
-            entity_id =  [ "switch.fernseher" "switch.blitzdings" ];
+            entity_id =  [ "switch.fernseher" "switch.feuer" ];
           };
           condition =
           { condition = "and";

From 5f96265d83228d581730da9a85488342010080dc Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 09:04:20 +0100
Subject: [PATCH 072/130] ma gui: disable transparency

---
 makefu/2configs/gui/base.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/makefu/2configs/gui/base.nix b/makefu/2configs/gui/base.nix
index 6bcd09826..63ce6201a 100644
--- a/makefu/2configs/gui/base.nix
+++ b/makefu/2configs/gui/base.nix
@@ -28,6 +28,7 @@ in
 
     windowManager = {
       awesome.enable = true;
+      awesome.noArgb = true;
       awesome.luaModules = [ pkgs.luaPackages.vicious ];
       default = "awesome";
     };

From b8bd543a79684d1c63a06fe5c1784d75e6dbbf85 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 09:05:56 +0100
Subject: [PATCH 073/130] ma pkgs.baidudl: init

---
 makefu/5pkgs/baidudl/default.nix | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 makefu/5pkgs/baidudl/default.nix

diff --git a/makefu/5pkgs/baidudl/default.nix b/makefu/5pkgs/baidudl/default.nix
new file mode 100644
index 000000000..3c701fd6a
--- /dev/null
+++ b/makefu/5pkgs/baidudl/default.nix
@@ -0,0 +1,23 @@
+{ stdenv, lib, pkgs, curl, jansson ,fetchFromGitHub, autoreconfHook }:
+stdenv.mkDerivation rec {
+  pname = "baidudl";
+  version = "2018-01-16";
+  name = "${pname}-${version}";
+
+  src = fetchFromGitHub {
+    owner = "yzfedora";
+    repo = "baidudl";
+    rev = "712f2554a5ef7b2eba5c248d6406a6c535ef47b2";
+    sha256 = "1nfzalyd9k87q6njdxpg7pa62q6hyfr2vwxwvahaflyp31nlpa0y";
+  };
+
+
+  nativeBuildInputs = [ autoreconfHook ];
+  buildInputs = [ curl.dev jansson ];
+
+  meta = {
+    homepage = https://github.com/yzfedora/baidudl;
+    description = "This is a multi-thread download tool for pan.baidu.com";
+    license = lib.licenses.gpl3;
+  };
+}

From 30bfcf1a10d8b490e23dd8a3a86cf205b4f2cdd5 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:23:08 +0100
Subject: [PATCH 074/130] reaktor-krebs: join #nixos-de

---
 krebs/2configs/reaktor-krebs.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
index 862c9b991..67ca23ecd 100644
--- a/krebs/2configs/reaktor-krebs.nix
+++ b/krebs/2configs/reaktor-krebs.nix
@@ -7,6 +7,7 @@ with import <stockholm/lib>;
     channels = [
       "#krebs"
       "#nixos-wiki"
+      "#nixos-de"
     ];
     extraEnviron = {
       REAKTOR_HOST = "irc.freenode.org";

From 77baef49ab6c461e293c27bf51bd0e2cc5f200f4 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:26:30 +0100
Subject: [PATCH 075/130] l prism.r hfos: update ip addresses

---
 lass/1systems/prism/config.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index df2778bef..dbd4ceb1c 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -36,10 +36,10 @@ with import <stockholm/lib>;
       # TODO write function for proxy_pass (ssl/nonssl)
 
       krebs.iptables.tables.filter.FORWARD.rules = [
-        { v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
+        { v6 = false; precedence = 1000; predicate = "-d 192.168.122.141"; target = "ACCEPT"; }
       ];
       krebs.iptables.tables.nat.PREROUTING.rules = [
-        { v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
+        { v6 = false; precedence = 1000; predicate = "-d 95.216.1.130"; target = "DNAT --to-destination 192.168.122.141"; }
       ];
     }
     {

From b3587bfbfa74c5581987e0dd965189d51d96bcce Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:27:18 +0100
Subject: [PATCH 076/130] l prism.r: add uid for download user

---
 lass/1systems/prism/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index dbd4ceb1c..b4a514d54 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -379,6 +379,7 @@ with import <stockholm/lib>;
           name = "download";
           home = "/var/download";
           useDefaultShell = true;
+          uid = genid "download";
           openssh.authorizedKeys.keys = with config.krebs.users; [
             lass.pubkey
             lass-shodan.pubkey

From c893dbd47960335402a9727c879f6f92c104aaf4 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:27:56 +0100
Subject: [PATCH 077/130] l prism.r: add Mic92 to trustedUsers

---
 lass/1systems/prism/config.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix
index b4a514d54..23746d210 100644
--- a/lass/1systems/prism/config.nix
+++ b/lass/1systems/prism/config.nix
@@ -421,6 +421,16 @@ with import <stockholm/lib>;
          { predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
       ];
     }
+    {
+      nix.trustedUsers = [ "Mic92" ];
+      users.users.Mic92 = {
+        uid = genid_uint31 "Mic92";
+        isNormalUser = true;
+        openssh.authorizedKeys.keys = [
+          config.krebs.users.Mic92.pubkey
+        ];
+      };
+    }
   ];
 
   krebs.build.host = config.krebs.hosts.prism;

From 04297e6c094a13051ee54d700d6fe55ad1f1ede5 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:28:50 +0100
Subject: [PATCH 078/130] l prism.r: add new ip

---
 lass/1systems/prism/physical.nix | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/lass/1systems/prism/physical.nix b/lass/1systems/prism/physical.nix
index a2b5efb29..9a84e9d63 100644
--- a/lass/1systems/prism/physical.nix
+++ b/lass/1systems/prism/physical.nix
@@ -63,9 +63,15 @@
     defaultGateway = "95.216.1.129";
     # Use google's public DNS server
     nameservers = [ "8.8.8.8" ];
-    interfaces.eth0 = {
-      ipAddress = "95.216.1.150";
-      prefixLength = 26;
-    };
+    interfaces.eth0.ipv4.addresses = [
+      {
+        address = "95.216.1.150";
+        prefixLength = 26;
+      }
+      {
+        address = "95.216.1.130";
+        prefixLength = 26;
+      }
+    ];
   };
 }

From a3dca9ea20a4d09c75981a315eed596be852ec01 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:30:27 +0100
Subject: [PATCH 079/130] l yellow.r: rotate nordvpn endpoint

---
 lass/1systems/yellow/config.nix | 92 ++++++++++++++++-----------------
 1 file changed, 45 insertions(+), 47 deletions(-)

diff --git a/lass/1systems/yellow/config.nix b/lass/1systems/yellow/config.nix
index 58fa564a1..9d8bcd7be 100644
--- a/lass/1systems/yellow/config.nix
+++ b/lass/1systems/yellow/config.nix
@@ -88,7 +88,7 @@ with import <stockholm/lib>;
     client
     dev tun
     proto udp
-    remote 82.102.16.229 1194
+    remote 89.249.65.83 1194
     resolv-retry infinite
     remote-random
     nobind
@@ -103,13 +103,9 @@ with import <stockholm/lib>;
     reneg-sec 0
     comp-lzo no
 
-    explicit-exit-notify 3
-
     remote-cert-tls server
 
-    #mute 10000
     auth-user-pass ${toString <secrets/nordvpn.txt>}
-
     verb 3
     pull
     fast-io
@@ -118,32 +114,33 @@ with import <stockholm/lib>;
 
     <ca>
     -----BEGIN CERTIFICATE-----
-    MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
-    VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
-    Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw
-    bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y
-    ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG
-    A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT
-    B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2
-    cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
-    cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG
-    UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny
-    mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X
-    +D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT
-    ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI
-    583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA
-    VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT
-    Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh
-    MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ
-    MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy
-    Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW
-    EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG
-    SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ
-    e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW
-    //DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB
-    wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB
-    KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p
-    lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9
+    MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
+    MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
+    MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV
+    BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI
+    hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF
+    kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr
+    XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU
+    eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV
+    skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu
+    MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA
+    37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR
+    hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s
+    Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy
+    WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6
+    MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST
+    LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG
+    SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g
+    nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/
+    k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S
+    DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/
+    pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo
+    k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp
+    +RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd
+    NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa
+    wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC
+    VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S
+    PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA==
     -----END CERTIFICATE-----
     </ca>
     key-direction 1
@@ -152,23 +149,24 @@ with import <stockholm/lib>;
     # 2048 bit OpenVPN static key
     #
     -----BEGIN OpenVPN Static key V1-----
-    49b2f54c6ee58d2d97331681bb577d55
-    054f56d92b743c31e80b684de0388702
-    ad3bf51088cd88f3fac7eb0729f2263c
-    51d82a6eb7e2ed4ae6dfa65b1ac764d0
-    b9dedf1379c1b29b36396d64cb6fd6b2
-    e61f869f9a13001dadc02db171f04c4d
-    c46d1132c1f31709e7b54a6eabae3ea8
-    fbd2681363c185f4cb1be5aa42a27c31
-    21db7b2187fd11c1acf224a0d5a44466
-    b4b5a3cc34ec0227fe40007e8b379654
-    f1e8e2b63c6b46ee7ab6f1bd82f57837
-    92c209e8f25bc9ed493cb5c1d891ae72
-    7f54f4693c5b20f136ca23e639fd8ea0
-    865b4e22dd2af43e13e6b075f12427b2
-    08af9ffd09c56baa694165f57fe2697a
-    3377fa34aebcba587c79941d83deaf45
+    e685bdaf659a25a200e2b9e39e51ff03
+    0fc72cf1ce07232bd8b2be5e6c670143
+    f51e937e670eee09d4f2ea5a6e4e6996
+    5db852c275351b86fc4ca892d78ae002
+    d6f70d029bd79c4d1c26cf14e9588033
+    cf639f8a74809f29f72b9d58f9b8f5fe
+    fc7938eade40e9fed6cb92184abb2cc1
+    0eb1a296df243b251df0643d53724cdb
+    5a92a1d6cb817804c4a9319b57d53be5
+    80815bcfcb2df55018cc83fc43bc7ff8
+    2d51f9b88364776ee9d12fc85cc7ea5b
+    9741c4f598c485316db066d52db4540e
+    212e1518a9bd4828219e24b20d88f598
+    a196c9de96012090e333519ae18d3509
+    9427e7b372d348d352dc4c85e18cd4b9
+    3f8a56ddb2e64eb67adfc9b337157ff4
     -----END OpenVPN Static key V1-----
     </tls-auth>
+
   '';
 }

From 6bb0dca62ff59ed006533ae68cba74d17c04dcc4 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:30:57 +0100
Subject: [PATCH 080/130] l: add tcpdump to pkgs

---
 lass/2configs/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index 69e697a1d..d3676a9b9 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -115,6 +115,7 @@ with import <stockholm/lib>;
   #network
     iptables
     iftop
+    tcpdump
 
   #stuff for dl
     aria2

From bd6fb423e4aff7dd2f2fbefd8544961e420432d6 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:31:51 +0100
Subject: [PATCH 081/130] l mails: add more addresses

---
 lass/2configs/exim-smarthost.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix
index f487a9910..555295422 100644
--- a/lass/2configs/exim-smarthost.nix
+++ b/lass/2configs/exim-smarthost.nix
@@ -96,6 +96,7 @@ with import <stockholm/lib>;
       { from = "nordvpn@lassul.us"; to = lass.mail; }
       { from = "csv-direct@lassul.us"; to = lass.mail; }
       { from = "nintendo@lassul.us"; to = lass.mail; }
+      { from = "overleaf@lassul.us"; to = lass.mail; }
     ];
     system-aliases = [
       { from = "mailer-daemon"; to = "postmaster"; }

From 39e9cf1aa6f20bb08c7e8d4d05dd2ed17113ca45 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:32:18 +0100
Subject: [PATCH 082/130] l domsen: add UBIK-SFTP account

---
 lass/2configs/websites/domsen.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 223fc73ba..10d3b56c2 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -155,6 +155,13 @@ in {
     ssl_key = "/var/lib/acme/lassul.us/key.pem";
   };
 
+  users.users.UBIK-SFTP = {
+    uid = genid_uint31 "UBIK-SFTP";
+    home = "/home/UBIK-SFTP";
+    useDefaultShell = true;
+    createHome = true;
+  };
+
   users.users.xanf = {
     uid = genid_uint31 "xanf";
     home = "/home/xanf";

From e14abf9583a2605eb3fad186cfef1a5ec11beb7f Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Tue, 22 Jan 2019 16:32:48 +0100
Subject: [PATCH 083/130] l domsen: add backups

---
 lass/2configs/websites/domsen.nix | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 10d3b56c2..7fb248139 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -234,5 +234,22 @@ in {
     createHome = true;
   };
 
+  services.restic.backups.domsen = {
+    initialize = true;
+    extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr.duckdns.org -p 52222 -i ${toString <secrets> + "/ssh.id_ed25519"} -s sftp'" ];
+    repository = "sftp:efOVcMWSZ@wilhelmstr.duckdns.org:/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES";
+    passwordFile = toString <secrets> + "/domsen_backup_pw";
+    paths = [
+      "/srv/http"
+      "/home/domsen/Mail"
+      "/home/ms/Mail"
+      "/home/klabusterbeere/Mail"
+      "/home/jms/Mail"
+      "/home/bruno/Mail"
+      "/home/akayguen/Mail"
+      "/backups/sql_dumps"
+    ];
+  };
+
 }
 

From ef6d1453c3119b3ba1f554c1e3860773e5c2e87e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Tue, 22 Jan 2019 19:35:03 +0100
Subject: [PATCH 084/130] krebs: import reaktor2 service

---
 krebs/3modules/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index bb69bfad3..9303a81fb 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -42,6 +42,7 @@ let
       ./per-user.nix
       ./power-action.nix
       ./Reaktor.nix
+      ./reaktor2.nix
       ./realwallpaper.nix
       ./retiolum-bootstrap.nix
       ./retiolum-hosts.nix

From 2a5d8bcb4b9c49adea517083e8f1e30d7ab6df41 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 22 Jan 2019 23:07:54 +0100
Subject: [PATCH 085/130] ma virtualbox: enable the correct extensionPack

---
 makefu/2configs/virtualisation/virtualbox.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/makefu/2configs/virtualisation/virtualbox.nix b/makefu/2configs/virtualisation/virtualbox.nix
index e90cc1e8d..a8a50939f 100644
--- a/makefu/2configs/virtualisation/virtualbox.nix
+++ b/makefu/2configs/virtualisation/virtualbox.nix
@@ -2,8 +2,7 @@
 
 {
   virtualisation.virtualbox.host.enable = true;
-  nixpkgs.config.virtualbox.enableExtensionPack = true;
-  virtualisation.virtualbox.host.enableHardening = false;
-
+  virtualisation.virtualbox.host.enableExtensionPack = true;
+  # virtualisation.virtualbox.host.enableHardening = false;
   users.extraGroups.vboxusers.members = [ config.krebs.build.user.name ];
 }

From 659eb2e6c5a3be36044ed27a8dfdea71d3ec43c7 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 23 Jan 2019 00:04:51 +0100
Subject: [PATCH 086/130] reaktor2: 0.0.0 -> 0.1.0

---
 krebs/5pkgs/haskell/reaktor2.nix | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 447738425..10dc3fc49 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -1,23 +1,25 @@
 { mkDerivation, aeson, attoparsec, base, blessings, bytestring
-, containers, fetchgit, filepath, network, network-simple
-, network-simple-tls, pcre-heavy, pcre-light, process, random
-, stdenv, text, time, transformers, unix, unordered-containers
+, containers, data-default, fetchgit, filepath, lens, lens-aeson
+, network, network-simple, network-simple-tls, pcre-heavy
+, pcre-light, process, random, stdenv, text, time, transformers
+, unagi-chan, unix, unordered-containers
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.0.0";
+  version = "0.1.0";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "1q2rb78mzpyd8wxfmlbfdz7zq5smsrrvb4n874ap1p8f2bmmp0am";
-    rev = "ce276eee82ec0b8c4106beb4c51d6f9eb77335c4";
+    sha256 = "0g5b40y2gbknghzw12jar1im87k0g4hjg259wf1gp5v55dh3xwk6";
+    rev = "d40815fd56bf1895af89b72b1171675a2e0ae5f7";
     fetchSubmodules = true;
   };
   isLibrary = false;
   isExecutable = true;
   executableHaskellDepends = [
-    aeson attoparsec base blessings bytestring containers filepath
-    network network-simple network-simple-tls pcre-heavy pcre-light
-    process random text time transformers unix unordered-containers
+    aeson attoparsec base blessings bytestring containers data-default
+    filepath lens lens-aeson network network-simple network-simple-tls
+    pcre-heavy pcre-light process random text time transformers
+    unagi-chan unix unordered-containers
   ];
   license = stdenv.lib.licenses.mit;
 }

From 31a987903f0d007a19a84d7db4c18b6641d0454a Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 23 Jan 2019 13:50:09 +0100
Subject: [PATCH 087/130] reaktor2: 0.1.0 -> 0.1.1

---
 krebs/5pkgs/haskell/reaktor2.nix | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 10dc3fc49..e33cbde2c 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -1,16 +1,16 @@
 { mkDerivation, aeson, attoparsec, base, blessings, bytestring
 , containers, data-default, fetchgit, filepath, lens, lens-aeson
 , network, network-simple, network-simple-tls, pcre-heavy
-, pcre-light, process, random, stdenv, text, time, transformers
-, unagi-chan, unix, unordered-containers
+, pcre-light, process, random, stdenv, stringsearch, text, time
+, transformers, unagi-chan, unix, unordered-containers, vector
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.0";
+  version = "0.1.1";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "0g5b40y2gbknghzw12jar1im87k0g4hjg259wf1gp5v55dh3xwk6";
-    rev = "d40815fd56bf1895af89b72b1171675a2e0ae5f7";
+    sha256 = "0d78560gj8hm02zaps63f9mby4lzz82f45i8ypwc9l3lnsypdsr3";
+    rev = "4fa5cb937c016f8c10bf8f40d017ca3a436db2d3";
     fetchSubmodules = true;
   };
   isLibrary = false;
@@ -18,8 +18,8 @@ mkDerivation {
   executableHaskellDepends = [
     aeson attoparsec base blessings bytestring containers data-default
     filepath lens lens-aeson network network-simple network-simple-tls
-    pcre-heavy pcre-light process random text time transformers
-    unagi-chan unix unordered-containers
+    pcre-heavy pcre-light process random stringsearch text time
+    transformers unagi-chan unix unordered-containers vector
   ];
   license = stdenv.lib.licenses.mit;
 }

From 282e4049b6b76fc19276b5ea786d7c40ed3a231f Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 23 Jan 2019 14:01:48 +0100
Subject: [PATCH 088/130] Reaktor scripts: chmod +x

---
 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh  | 0
 krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh  | 0
 krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py    | 0
 krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh | 0
 4 files changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
 mode change 100644 => 100755 krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh
 mode change 100644 => 100755 krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py
 mode change 100644 => 100755 krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh

diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
old mode 100644
new mode 100755
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh
old mode 100644
new mode 100755
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py b/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py
old mode 100644
new mode 100755
diff --git a/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh b/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh
old mode 100644
new mode 100755

From 00c529b9d5d0567d9c30e640b2ffbbc79d987c4b Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Wed, 23 Jan 2019 14:08:51 +0100
Subject: [PATCH 089/130] Reaktor random-emoji: curl -S

---
 krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
index 386aa68b9..6f3dd4a3f 100755
--- a/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
+++ b/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
@@ -1,5 +1,5 @@
 #!/bin/sh
-curl http://emojicons.com/random -s | \
+curl -sS http://emojicons.com/random | \
   grep data-text | \
   sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \
   head -n 1 | \

From f60d2867465e1aa26846cd5cce39f5f70c654e03 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 24 Jan 2019 17:23:54 +0100
Subject: [PATCH 090/130] reaktor2: 0.1.1 -> 0.1.2

---
 krebs/5pkgs/haskell/reaktor2.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index e33cbde2c..9b02b2727 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -6,11 +6,11 @@
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.1";
+  version = "0.1.2";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "0d78560gj8hm02zaps63f9mby4lzz82f45i8ypwc9l3lnsypdsr3";
-    rev = "4fa5cb937c016f8c10bf8f40d017ca3a436db2d3";
+    sha256 = "1198sajpkd6m87j402y796270hwifyn9wk2by6wcrxvwhq1vgs9k";
+    rev = "d5f66b27b2cd7c36eb7c2e81b0cdca10c5a5ef90";
     fetchSubmodules = true;
   };
   isLibrary = false;

From 2e5ed5d1bbf158a933f330119b9a5f931e192560 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Thu, 24 Jan 2019 21:16:44 +0100
Subject: [PATCH 091/130] reaktor2: 0.1.2 -> 0.1.3

---
 krebs/5pkgs/haskell/reaktor2.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 9b02b2727..c0c7281a6 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -6,11 +6,11 @@
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.2";
+  version = "0.1.3";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "1198sajpkd6m87j402y796270hwifyn9wk2by6wcrxvwhq1vgs9k";
-    rev = "d5f66b27b2cd7c36eb7c2e81b0cdca10c5a5ef90";
+    sha256 = "15qhycfja7psnd7v5hn4qb5wrs6bjx4qhny49nkhb7agj4vzwnwi";
+    rev = "6c629a0cc422872abdfc40f9621ac0c4f6a420a8";
     fetchSubmodules = true;
   };
   isLibrary = false;

From 7c160fd1fac105402c27925a46a84cec9c12ca1a Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 25 Jan 2019 14:26:50 +0100
Subject: [PATCH 092/130] blessings: 1.3.0 -> 2.1.0

---
 krebs/5pkgs/haskell/blessings.nix               |  4 ++--
 .../{simple/much/cabal.nix => haskell/much.nix} |  9 +++++----
 krebs/5pkgs/haskell/reaktor2.nix                |  6 +++---
 krebs/5pkgs/simple/much/default.nix             |  3 ---
 lass/2configs/mail.nix                          |  2 +-
 tv/2configs/mail-client.nix                     | 17 +++++++----------
 6 files changed, 18 insertions(+), 23 deletions(-)
 rename krebs/5pkgs/{simple/much/cabal.nix => haskell/much.nix} (80%)
 delete mode 100644 krebs/5pkgs/simple/much/default.nix

diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix
index 19f8da19d..97e4a717c 100644
--- a/krebs/5pkgs/haskell/blessings.nix
+++ b/krebs/5pkgs/haskell/blessings.nix
@@ -7,8 +7,8 @@ with import <stockholm/lib>;
       sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
     };
     "18.09" = {
-      version = "1.3.0";
-      sha256 = "1y9jhh9pchrr48zgfib2jip97x1fkm7qb1gnfx477rmmryjs500h";
+      version = "2.1.0";
+      sha256 = "0wc8v48bb0bkvypc0j6imvnf8xc8572hykk9sgjhzf2w0ggqxv5d";
     };
   }.${versions.majorMinor nixpkgsVersion};
 
diff --git a/krebs/5pkgs/simple/much/cabal.nix b/krebs/5pkgs/haskell/much.nix
similarity index 80%
rename from krebs/5pkgs/simple/much/cabal.nix
rename to krebs/5pkgs/haskell/much.nix
index 09bc7b5df..db168f8a1 100644
--- a/krebs/5pkgs/simple/much/cabal.nix
+++ b/krebs/5pkgs/haskell/much.nix
@@ -8,11 +8,12 @@
 }:
 mkDerivation {
   pname = "much";
-  version = "1.1.0";
+  version = "1.2.0";
   src = fetchgit {
-    url = "http://cgit.ni.krebsco.de/much";
-    sha256 = "1325554zymr1dd0clj8c5ygl70c791csvs0hz33jcfr6b8wysdrl";
-    rev = "dfec37d848e11c00d9b7f03295af1fc7b0e83ef5";
+    url = "https://cgit.krebsco.de/much";
+    sha256 = "0gfvppi8acylz0q7xh8dkm3dj676d4sc1m1gxwp663bkn4748873";
+    rev = "8fc4fbb5bb7781626da8f63cd8df8bb0f554cfe7";
+    fetchSubmodules = true;
   };
   isLibrary = false;
   isExecutable = true;
diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index c0c7281a6..f0835428d 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -6,11 +6,11 @@
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.3";
+  version = "0.1.4";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "15qhycfja7psnd7v5hn4qb5wrs6bjx4qhny49nkhb7agj4vzwnwi";
-    rev = "6c629a0cc422872abdfc40f9621ac0c4f6a420a8";
+    sha256 = "1qfm3vb78r02ma8wdcfbwzmigj6skjl53nmp2z7czjcfjhm1zyq5";
+    rev = "147f818a72f4561ed57131e0d181704b599d09f6";
     fetchSubmodules = true;
   };
   isLibrary = false;
diff --git a/krebs/5pkgs/simple/much/default.nix b/krebs/5pkgs/simple/much/default.nix
deleted file mode 100644
index cf55eb537..000000000
--- a/krebs/5pkgs/simple/much/default.nix
+++ /dev/null
@@ -1,3 +0,0 @@
-{ haskellPackages, ... }:
-
-haskellPackages.callPackage ./cabal.nix {}
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 3c19fe061..52d380b7c 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -225,7 +225,7 @@ in {
     msmtp
     mutt
     pkgs.notmuch
-    pkgs.much
+    pkgs.haskellPackages.much
     tag-new-mails
     tag-old-mails
   ];
diff --git a/tv/2configs/mail-client.nix b/tv/2configs/mail-client.nix
index 8b6f8bbcd..0caf5264a 100644
--- a/tv/2configs/mail-client.nix
+++ b/tv/2configs/mail-client.nix
@@ -1,13 +1,10 @@
-{ pkgs, ... }:
-
-with pkgs;
-{
+{ pkgs, ... }: {
   environment.systemPackages = [
-    much
-    msmtp
-    notmuch
-    pythonPackages.alot
-    qprint
-    w3m
+    pkgs.haskellPackages.much
+    pkgs.msmtp
+    pkgs.notmuch
+    pkgs.pythonPackages.alot
+    pkgs.qprint
+    pkgs.w3m
   ];
 }

From b3c65141b8179dddbfdcd783e14a20575be5d2e2 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Fri, 25 Jan 2019 14:54:31 +0100
Subject: [PATCH 093/130] reaktor2: 0.1.4 -> 0.1.5

---
 krebs/5pkgs/haskell/reaktor2.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index f0835428d..6c0a3e634 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -6,11 +6,11 @@
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.4";
+  version = "0.1.5";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "1qfm3vb78r02ma8wdcfbwzmigj6skjl53nmp2z7czjcfjhm1zyq5";
-    rev = "147f818a72f4561ed57131e0d181704b599d09f6";
+    sha256 = "1n20ms61pp0yncs0y0mx40nj80ivv9qqv4l2ya39rfp21anmwf1s";
+    rev = "f8c5b4cfe57cb50503b8333d5d06bd0f99fdecc6";
     fetchSubmodules = true;
   };
   isLibrary = false;

From 27bd27f150a913782203fc3de30861a2488a1cea Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 26 Jan 2019 20:41:45 +0100
Subject: [PATCH 094/130] reaktor2: 0.1.5 -> 0.1.6

---
 krebs/5pkgs/haskell/reaktor2.nix | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 6c0a3e634..3369108f3 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -1,25 +1,27 @@
-{ mkDerivation, aeson, attoparsec, base, blessings, bytestring
-, containers, data-default, fetchgit, filepath, lens, lens-aeson
-, network, network-simple, network-simple-tls, pcre-heavy
-, pcre-light, process, random, stdenv, stringsearch, text, time
-, transformers, unagi-chan, unix, unordered-containers, vector
+{ mkDerivation, aeson, async, attoparsec, base, blessings
+, bytestring, containers, data-default, fetchgit, filepath, lens
+, lens-aeson, network, network-simple, network-simple-tls
+, pcre-heavy, pcre-light, process, random, stdenv, stringsearch
+, text, time, transformers, unagi-chan, unix, unordered-containers
+, vector
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.5";
+  version = "0.1.6";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "1n20ms61pp0yncs0y0mx40nj80ivv9qqv4l2ya39rfp21anmwf1s";
-    rev = "f8c5b4cfe57cb50503b8333d5d06bd0f99fdecc6";
+    sha256 = "0fkf9g431332fbd4wd496lnbllidyrx96gzwhcjsvaz5m7yla411";
+    rev = "ed95e04bb1a5ce6ffc425647bafc7cc50f71f561";
     fetchSubmodules = true;
   };
   isLibrary = false;
   isExecutable = true;
   executableHaskellDepends = [
-    aeson attoparsec base blessings bytestring containers data-default
-    filepath lens lens-aeson network network-simple network-simple-tls
-    pcre-heavy pcre-light process random stringsearch text time
-    transformers unagi-chan unix unordered-containers vector
+    aeson async attoparsec base blessings bytestring containers
+    data-default filepath lens lens-aeson network network-simple
+    network-simple-tls pcre-heavy pcre-light process random
+    stringsearch text time transformers unagi-chan unix
+    unordered-containers vector
   ];
   license = stdenv.lib.licenses.mit;
 }

From 775d7a789dd9f36e37c795d3a186d9a124551295 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sat, 26 Jan 2019 21:28:35 +0100
Subject: [PATCH 095/130] reaktor2: 0.1.6 -> 0.1.7

---
 krebs/5pkgs/haskell/reaktor2.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 3369108f3..33ae40cd6 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -7,11 +7,11 @@
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.6";
+  version = "0.1.7";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "0fkf9g431332fbd4wd496lnbllidyrx96gzwhcjsvaz5m7yla411";
-    rev = "ed95e04bb1a5ce6ffc425647bafc7cc50f71f561";
+    sha256 = "1ifjwn5dadlyhbdyym1i3g5vbsc7dyv7qzyprmcvx0qspr3rrk82";
+    rev = "0395a9d9815d7d82469f0064738bef80ac87dbe3";
     fetchSubmodules = true;
   };
   isLibrary = false;

From 2263863845ce9636aa08d06eec15ae00b83139e7 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 03:18:03 +0100
Subject: [PATCH 096/130] add nscd-fix

---
 krebs/2configs/nscd-fix.nix | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 krebs/2configs/nscd-fix.nix

diff --git a/krebs/2configs/nscd-fix.nix b/krebs/2configs/nscd-fix.nix
new file mode 100644
index 000000000..20dc3bae4
--- /dev/null
+++ b/krebs/2configs/nscd-fix.nix
@@ -0,0 +1,24 @@
+{ pkgs, ... }:
+with import <stockholm/lib>;
+let
+  versionOlderThan = v:
+    compareVersions
+      (versions.majorMinor version)
+      (versions.majorMinor v)
+      == -1;
+
+  enable =
+    versionOlderThan "19.03";
+    warning = ''
+      Using custom services.nscd.config because
+      https://github.com/NixOS/nixpkgs/pull/50316
+    '';
+in
+  optionalAttrs enable (trace warning {
+    services.nscd.enable = mkForce true;
+    services.nscd.config = mkForce (readFile (pkgs.fetchurl {
+      url = https://raw.githubusercontent.com/arianvp/nixpkgs/1d5f4cb/nixos/modules/services/system/nscd.conf;
+      sha256 = "1jlddk38lyynjn51zx3xi1nc29ahajyh0qg48qbq6dqlsrn3wxqs";
+    }));
+  })
+

From a7af3289a94568ba9a092ee8d36c6719f2ddf34d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 03:27:29 +0100
Subject: [PATCH 097/130] pkgs: add reaktor2-plugins

---
 krebs/5pkgs/simple/reaktor2-plugins.nix | 106 ++++++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 krebs/5pkgs/simple/reaktor2-plugins.nix

diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix
new file mode 100644
index 000000000..fcbcd6365
--- /dev/null
+++ b/krebs/5pkgs/simple/reaktor2-plugins.nix
@@ -0,0 +1,106 @@
+{ lib, pkgs, ... }:
+with import <stockholm/lib>;
+
+rec {
+  generators = {
+    command_hook = commands: {
+      pattern =
+        "^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$";
+      command = 1;
+      arguments = [2];
+      commands = commands;
+    };
+  };
+
+  commands = {
+
+    hello = {
+      filename = "${pkgs.Reaktor.src}/reaktor/commands/hello";
+    };
+
+    random-emoji = {
+      filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh>;
+      env = {
+        PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]);
+      };
+    };
+
+    nixos-version = {
+      filename = pkgs.writeDash "nixos-version" ''
+        . /etc/os-release
+        echo "$PRETTY_NAME"
+      '';
+    };
+
+    stockholm-issue = {
+      filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh>;
+      env = {
+        PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]);
+        origin = "http://cgit.gum/stockholm";
+        state_dir = "/tmp/stockholm-issue";
+      };
+    };
+
+  };
+
+  hooks = {
+
+    sed = {
+      activate = "always";
+      pattern = "^(.*)$";
+      arguments = [1];
+      command = {
+        env = {
+          PATH = makeBinPath (with pkgs; [ gnused ]);
+          state_dir = "/tmp";
+        };
+        filename = pkgs.writeDash "sed-plugin" ''
+          set -efu
+          exec ${pkgs.python3}/bin/python \
+              ${<stockholm/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py>} "$@"
+        '';
+      };
+    };
+
+    shack-correct = {
+      activate = "match";
+      pattern = "^(.*Shack.*)$";
+      arguments = [1];
+      command.filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh>;
+    };
+
+
+    url-title = {
+      #pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$";
+      pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$";
+      activate = "match";
+      arguments = [1];
+      command = {
+        filename = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } ''
+          import cgi
+          import sys
+          import urllib.request
+          from bs4 import BeautifulSoup
+
+          try:
+              req = urllib.request.Request(sys.argv[1])
+              req.add_header('user-agent', 'Reaktor-url-title')
+              resp = urllib.request.urlopen(req)
+              if resp.headers['content-type'].find('text/html') >= 0:
+                  soup = BeautifulSoup(resp.read(16000), "lxml")
+                  title = soup.find('title').string
+
+                  if len(title.split('\n')) > 5:
+                      title = '\n'.join(title.split('\n')[:5])
+
+                  print(title[:450])
+              else:
+                  cd_header = resp.headers['content-disposition']
+                  print(cgi.parse_header(cd_header)[1]['filename'])
+          except:  # noqa: E722
+              pass
+        '';
+      };
+    };
+  };
+}

From ab18e5a468980e7b7dd7ae97566675680b1b8c88 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 03:29:00 +0100
Subject: [PATCH 098/130] reaktor2: 0.1.7 -> 0.2.0

---
 krebs/5pkgs/haskell/reaktor2.nix | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index 33ae40cd6..dd8c3578b 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -1,27 +1,27 @@
 { mkDerivation, aeson, async, attoparsec, base, blessings
-, bytestring, containers, data-default, fetchgit, filepath, lens
-, lens-aeson, network, network-simple, network-simple-tls
-, pcre-heavy, pcre-light, process, random, stdenv, stringsearch
-, text, time, transformers, unagi-chan, unix, unordered-containers
-, vector
+, bytestring, containers, data-default, fetchgit, filepath
+, hashable, lens, lens-aeson, network, network-simple
+, network-simple-tls, pcre-light, process, random, stdenv
+, string-conversions, stringsearch, text, time, transformers
+, unagi-chan, unix, unordered-containers, vector
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.1.7";
+  version = "0.2.0";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "1ifjwn5dadlyhbdyym1i3g5vbsc7dyv7qzyprmcvx0qspr3rrk82";
-    rev = "0395a9d9815d7d82469f0064738bef80ac87dbe3";
+    sha256 = "1wls61d9z9zkvvfgq60clcph0800kpvymqw63dpsk0sp13zygpg9";
+    rev = "e9ca12a945b1d1c068e9c31050e264cb20690db4";
     fetchSubmodules = true;
   };
   isLibrary = false;
   isExecutable = true;
   executableHaskellDepends = [
     aeson async attoparsec base blessings bytestring containers
-    data-default filepath lens lens-aeson network network-simple
-    network-simple-tls pcre-heavy pcre-light process random
-    stringsearch text time transformers unagi-chan unix
-    unordered-containers vector
+    data-default filepath hashable lens lens-aeson network
+    network-simple network-simple-tls pcre-light process random
+    string-conversions stringsearch text time transformers unagi-chan
+    unix unordered-containers vector
   ];
   license = stdenv.lib.licenses.mit;
 }

From 0f1c14e647f8c8e4c90c9e5b099f5a470333e651 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 03:32:55 +0100
Subject: [PATCH 099/130] l: enable nscd with fix

---
 lass/2configs/default.nix | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index d3676a9b9..2547e8bac 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -2,6 +2,7 @@ with import <stockholm/lib>;
 { config, pkgs, ... }:
 {
   imports = [
+    <stockholm/krebs/2configs/nscd-fix.nix>
     ./binary-cache/client.nix
     ./gc.nix
     ./mc.nix
@@ -81,9 +82,6 @@ with import <stockholm/lib>;
 
   services.timesyncd.enable = mkForce true;
 
-  #why is this on in the first place?
-  services.nscd.enable = false;
-
   systemd.tmpfiles.rules = [
     "d /tmp 1777 root root - -"
   ];

From aa070d5db7e9fac66addcbf2005f4c404c84c019 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 03:33:30 +0100
Subject: [PATCH 100/130] hotdog.r: import nscd-fix

---
 krebs/1systems/hotdog/config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index cf72e0d73..2f6f76f79 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -14,6 +14,7 @@
     <stockholm/krebs/2configs/ircd.nix>
     <stockholm/krebs/2configs/reaktor-retiolum.nix>
     <stockholm/krebs/2configs/reaktor-krebs.nix>
+    <stockholm/krebs/2configs/nscd-fix.nix>
     <stockholm/krebs/2configs/repo-sync.nix>
   ];
 

From 6271cfaed465ca826534494951b450713773c1a4 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 13:41:51 +0100
Subject: [PATCH 101/130] reaktor2: add user option

---
 krebs/3modules/reaktor2.nix | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index b667bcc92..d31447c93 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -25,7 +25,7 @@ with import <stockholm/lib>;
           type = types.listOf types.attrs;
         };
         stateDir = mkOption {
-          default = "/var/lib/${self.config.systemd-service-name}";
+          default = "/var/lib/${self.config.user}";
           readOnly = true;
           type = types.absolute-pathname;
         };
@@ -33,6 +33,10 @@ with import <stockholm/lib>;
           default = "reaktor2${optionalString (name != "default") "-${name}"}";
           type = types.filename;
         };
+        user = mkOption {
+          default = self.config.systemd-service-name;
+          type = types.str;
+        };
       };
     }));
   };
@@ -43,10 +47,10 @@ with import <stockholm/lib>;
         after = [ "network.target" ];
         wantedBy = [ "multi-user.target" ];
         serviceConfig = {
-          User = cfg.systemd-service-name;
+          User = cfg.user;
           Group = "reaktor2";
           DynamicUser = true;
-          StateDirectory = cfg.systemd-service-name;
+          StateDirectory = cfg.user;
           ExecStart = let
             configFile = pkgs.writeJSON configFileName configValue;
             configFileName = "${cfg.systemd-service-name}.config.json";

From b28706964e78199859cbf6b78f869e9cc2f8a8ac Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 03:34:47 +0100
Subject: [PATCH 102/130] hotdog.r: Reaktor -> reaktor2

---
 krebs/1systems/hotdog/config.nix    |   3 +-
 krebs/2configs/reaktor-krebs.nix    |  27 -----
 krebs/2configs/reaktor-retiolum.nix |  17 ---
 krebs/2configs/reaktor2.nix         | 181 ++++++++++++++++++++++++++++
 4 files changed, 182 insertions(+), 46 deletions(-)
 delete mode 100644 krebs/2configs/reaktor-krebs.nix
 delete mode 100644 krebs/2configs/reaktor-retiolum.nix
 create mode 100644 krebs/2configs/reaktor2.nix

diff --git a/krebs/1systems/hotdog/config.nix b/krebs/1systems/hotdog/config.nix
index 2f6f76f79..916073375 100644
--- a/krebs/1systems/hotdog/config.nix
+++ b/krebs/1systems/hotdog/config.nix
@@ -12,9 +12,8 @@
     <stockholm/krebs/2configs/buildbot-stockholm.nix>
     <stockholm/krebs/2configs/binary-cache/nixos.nix>
     <stockholm/krebs/2configs/ircd.nix>
-    <stockholm/krebs/2configs/reaktor-retiolum.nix>
-    <stockholm/krebs/2configs/reaktor-krebs.nix>
     <stockholm/krebs/2configs/nscd-fix.nix>
+    <stockholm/krebs/2configs/reaktor2.nix>
     <stockholm/krebs/2configs/repo-sync.nix>
   ];
 
diff --git a/krebs/2configs/reaktor-krebs.nix b/krebs/2configs/reaktor-krebs.nix
deleted file mode 100644
index 67ca23ecd..000000000
--- a/krebs/2configs/reaktor-krebs.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{ config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-
-{
-  krebs.Reaktor.krebs = {
-    nickname = "Reaktor|krebs";
-    channels = [
-      "#krebs"
-      "#nixos-wiki"
-      "#nixos-de"
-    ];
-    extraEnviron = {
-      REAKTOR_HOST = "irc.freenode.org";
-      REAKTOR_NICKSERV_PASSWORD = "/var/lib/Reaktor/reaktor_nickserv_password";
-    };
-    plugins = with pkgs.ReaktorPlugins; [
-      sed-plugin
-    ] ++
-      (attrValues (task "agenda"))
-    ;
-  };
-  krebs.secret.files.nix-serve-key = {
-    path = "/var/lib/Reaktor/reaktor_nickserv_password";
-    owner.name = "Reaktor";
-    source-path = toString <secrets> + "/reaktor_nickserv_password";
-  };
-}
diff --git a/krebs/2configs/reaktor-retiolum.nix b/krebs/2configs/reaktor-retiolum.nix
deleted file mode 100644
index 69fc4b202..000000000
--- a/krebs/2configs/reaktor-retiolum.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ config, lib, pkgs, ... }:
-with import <stockholm/lib>;
-
-{
-  krebs.Reaktor.retiolum = {
-    nickname = "Reaktor|lass";
-    channels = [ "#noise" "#xxx" ];
-    extraEnviron = {
-      REAKTOR_HOST = "irc.r";
-    };
-    plugins = with pkgs.ReaktorPlugins; [
-      sed-plugin
-    ] ++
-      (attrValues (task "agenda"))
-    ;
-  };
-}
diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
new file mode 100644
index 000000000..95a95b8f5
--- /dev/null
+++ b/krebs/2configs/reaktor2.nix
@@ -0,0 +1,181 @@
+with import <stockholm/lib>;
+{ config, pkgs, ... }:
+
+let
+  stateDir = config.krebs.reaktor2.r.stateDir;
+
+  generators = pkgs.reaktor2-plugins.generators;
+  hooks = pkgs.reaktor2-plugins.hooks;
+  commands = pkgs.reaktor2-plugins.commands;
+
+  task = name: let
+    rcFile = builtins.toFile "taskrc" ''
+      confirmation=no
+    '';
+  in {
+    "${name}-task-add" = {
+      pattern = "^${name}-add: (.*)$";
+      activate = "match";
+      arguments = [1];
+      command = {
+        env = {
+          TASKDATA = "${stateDir}/${name}";
+        };
+        filename = pkgs.writeDash "${name}-task-add" ''
+          ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
+        '';
+      };
+    };
+
+    "${name}-task-list" = {
+      pattern = "^${name}-list$";
+      activate = "match";
+      command = {
+        env = {
+          TASKDATA = "${stateDir}/${name}";
+        };
+        filename = pkgs.writeDash "${name}-task-list" ''
+          ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
+        '';
+      };
+    };
+
+    "${name}-task-delete" = {
+      pattern = "^${name}-delete: (.*)$";
+      activate = "match";
+      arguments = [1];
+      command = {
+        env = {
+          TASKDATA = "${stateDir}/${name}";
+        };
+        filename = pkgs.writeDash "${name}-task-delete" ''
+          ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
+        '';
+      };
+    };
+
+    "${name}-task-done" = {
+      pattern = "^${name}-done: (.*)$";
+      activate = "match";
+      arguments = [1];
+      command = {
+        env = {
+          TASKDATA = "${stateDir}/${name}";
+        };
+        filename = pkgs.writeDash "${name}-task-done" ''
+          ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*"
+        '';
+      };
+    };
+  };
+
+  systemPlugin = {
+    plugin = "system";
+    config = {
+      workdir = stateDir;
+      hooks.JOIN = [
+        {
+          activate = "always";
+          command = {
+            filename =
+              "${pkgs.Reaktor.src}/reaktor/commands/tell-on_join";
+            env = {
+              PATH = makeBinPath [
+                pkgs.coreutils # XXX env, touch
+                pkgs.jq # XXX sed
+                pkgs.utillinux # XXX flock
+              ];
+              state_file = "${stateDir}/tell.json";
+            };
+          };
+        }
+      ];
+      hooks.PRIVMSG = [
+        {
+          pattern = "^ledger balance";
+          activate = "match";
+          command = {
+            env = {
+              state_file = "${stateDir}/ledger";
+            };
+            filename = pkgs.writeDash "ledger-balance" ''
+              ${pkgs.hledger}/bin/hledger -f $state_file bal -N
+            '';
+          };
+        }
+        {
+          pattern = ''^(\S+)\s+([+-][1-9][0-9]*)\s+(\S+)$'';
+          activate = "match";
+          arguments = [1 2 3];
+          command = {
+            env = {
+              # TODO; get state as argument
+              state_file = "${stateDir}/ledger";
+            };
+            filename = pkgs.writeDash "ledger-add" ''
+              set -x
+              tonick=$1
+              amt=$2
+              unit=$3
+              printf '%s\n  %s  %d %s\n  %s  %d %s\n' "$(date -Id)" "$tonick" "$amt" "$unit" "$_from" "$(expr 0 - "''${amt#+}")" "$unit" >> $state_file
+            '';
+          };
+        }
+        hooks.sed
+        (generators.command_hook {
+          inherit (commands) hello random-emoji nixos-version stockholm-issue;
+          tell = {
+            filename =
+              "${pkgs.Reaktor.src}/reaktor/commands/tell-on_privmsg";
+            env = {
+              PATH = makeBinPath [
+                pkgs.coreutils # XXX date, env
+                pkgs.jq # XXX sed
+                pkgs.utillinux # XXX flock
+              ];
+              state_file = "${stateDir}/tell.txt";
+            };
+          };
+        })
+      ] ++ (attrValues (task "agenda"))
+      ;
+    };
+  };
+
+in {
+
+  krebs.reaktor2 = {
+    freenode = {
+      hostname = "irc.freenode.org";
+      nick = "reaktor2|krebs";
+      plugins = [
+        {
+          plugin = "register";
+          config = {
+            channels = [
+              "#krebs"
+            ];
+          };
+        }
+        systemPlugin
+      ];
+      user = "reaktor2";
+    };
+    r = {
+      nick = "reaktor2|krebs";
+      plugins = [
+        {
+          plugin = "register";
+          config = {
+            channels = [
+              "#noise"
+              "#xxx"
+            ];
+          };
+        }
+        systemPlugin
+      ];
+      user = "reaktor2";
+    };
+  };
+}

From 052cef71fd24ce36bbd043e2aa12d2ff3a9d247c Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 13:50:31 +0100
Subject: [PATCH 103/130] reaktor: ledger balance -> bier balance

---
 krebs/2configs/reaktor2.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index 95a95b8f5..ae2e975a2 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -92,13 +92,13 @@ let
       ];
       hooks.PRIVMSG = [
         {
-          pattern = "^ledger balance";
+          pattern = "^bier balance";
           activate = "match";
           command = {
             env = {
               state_file = "${stateDir}/ledger";
             };
-            filename = pkgs.writeDash "ledger-balance" ''
+            filename = pkgs.writeDash "bier-balance" ''
               ${pkgs.hledger}/bin/hledger -f $state_file bal -N
             '';
           };

From fd4876da16d436a38700b358f26ba48903de8d20 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 14:27:54 +0100
Subject: [PATCH 104/130] reaktor2: pretty print bier balance

---
 krebs/2configs/reaktor2.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index ae2e975a2..bdd95a256 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -99,7 +99,9 @@ let
               state_file = "${stateDir}/ledger";
             };
             filename = pkgs.writeDash "bier-balance" ''
-              ${pkgs.hledger}/bin/hledger -f $state_file bal -N
+              ${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \
+                | ${pkgs.coreutils}/bin/tail +2 \
+                | ${pkgs.miller}/bin/mlr --icsv --opprint cat
             '';
           };
         }

From 92caf2dadae82310fe13830dfaac30fe885fbf3e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 14:32:33 +0100
Subject: [PATCH 105/130] reaktor2 bier: allow 'bier bal' as command

---
 krebs/2configs/reaktor2.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index bdd95a256..9ca60b5bf 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -92,7 +92,7 @@ let
       ];
       hooks.PRIVMSG = [
         {
-          pattern = "^bier balance";
+          pattern = "^bier bal(ance)*$";
           activate = "match";
           command = {
             env = {

From 5926a718593544c69301f4168d30051ff1d61aab Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 16:55:47 +0100
Subject: [PATCH 106/130] reaktor2 task: use single hook for more efficency

---
 krebs/2configs/reaktor2.nix | 39 ++++++++++++-------------------------
 1 file changed, 12 insertions(+), 27 deletions(-)

diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index 9ca60b5bf..f1e59142e 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -2,6 +2,7 @@ with import <stockholm/lib>;
 { config, pkgs, ... }:
 
 let
+  #for shared state directory
   stateDir = config.krebs.reaktor2.r.stateDir;
 
   generators = pkgs.reaktor2-plugins.generators;
@@ -13,11 +14,12 @@ let
       confirmation=no
     '';
   in {
-    "${name}-task-add" = {
-      pattern = "^${name}-add: (.*)$";
-      activate = "match";
-      arguments = [1];
-      command = {
+    pattern = "^${name}-([a-z]+)(?::\\s*(.*))?";
+    activate = "match";
+    command = 1;
+    arguments = [2];
+    commands = {
+      add = {
         env = {
           TASKDATA = "${stateDir}/${name}";
         };
@@ -25,12 +27,7 @@ let
           ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
         '';
       };
-    };
-
-    "${name}-task-list" = {
-      pattern = "^${name}-list$";
-      activate = "match";
-      command = {
+      list = {
         env = {
           TASKDATA = "${stateDir}/${name}";
         };
@@ -38,13 +35,7 @@ let
           ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
         '';
       };
-    };
-
-    "${name}-task-delete" = {
-      pattern = "^${name}-delete: (.*)$";
-      activate = "match";
-      arguments = [1];
-      command = {
+      delete = {
         env = {
           TASKDATA = "${stateDir}/${name}";
         };
@@ -52,13 +43,7 @@ let
           ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
         '';
       };
-    };
-
-    "${name}-task-done" = {
-      pattern = "^${name}-done: (.*)$";
-      activate = "match";
-      arguments = [1];
-      command = {
+      done = {
         env = {
           TASKDATA = "${stateDir}/${name}";
         };
@@ -139,8 +124,8 @@ let
             };
           };
         })
-      ] ++ (attrValues (task "agenda"))
-      ;
+        (task "agenda")
+      ];
     };
   };
 

From 6965a1df8e7fe5e85128349c31057fdc8c8d54f6 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 18:33:22 +0100
Subject: [PATCH 107/130] reaktor2 service: add useTLS option

---
 krebs/3modules/reaktor2.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index b667bcc92..3dd86503f 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -33,6 +33,10 @@ with import <stockholm/lib>;
           default = "reaktor2${optionalString (name != "default") "-${name}"}";
           type = types.filename;
         };
+        useTLS = mkOption {
+          default = self.config.port == "6697";
+          type = types.bool;
+        };
       };
     }));
   };

From 0830a0ccdcc60aea4aaaa79c01db66b88c0a65a0 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 19:29:28 +0100
Subject: [PATCH 108/130] l reaktor-coders: Reaktor -> reaktor2

---
 lass/2configs/reaktor-coders.nix | 194 ++++++++++++++++---------------
 1 file changed, 101 insertions(+), 93 deletions(-)

diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 7cdcdf20c..44d9d6866 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -1,99 +1,107 @@
 { config, lib, pkgs, ... }:
 with import <stockholm/lib>;
 
-{
-  krebs.Reaktor.coders = {
-    nickname = "Reaktor|lass";
-    channels = [ "#coders" "#germany" "#panthermoderns" ];
-    extraEnviron = {
-      REAKTOR_HOST = "irc.hackint.org";
-    };
-    plugins = with pkgs.ReaktorPlugins; let
-
-      lambdabot = (import (pkgs.fetchFromGitHub {
-        owner = "NixOS"; repo = "nixpkgs";
-        rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
-        sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
-      }) {}).lambdabot;
-
-      lambdabotflags = ''
-        -XStandaloneDeriving -XGADTs -XFlexibleContexts \
-        -XFlexibleInstances -XMultiParamTypeClasses \
-        -XOverloadedStrings -XFunctionalDependencies \'';
-    in [
-      sed-plugin
-      url-title
-      (buildSimpleReaktorPlugin "lambdabot-pl" {
-        pattern = "^@pl (?P<args>.*)$$";
-        script = pkgs.writeDash "lambda-pl" ''
-          exec ${lambdabot}/bin/lambdabot \
-            ${indent lambdabotflags}
-            -e "@pl $1"
-        '';
-      })
-      (buildSimpleReaktorPlugin "lambdabot-type" {
-        pattern = "^@type (?P<args>.*)$$";
-        script = pkgs.writeDash "lambda-type" ''
-          exec ${lambdabot}/bin/lambdabot \
-            ${indent lambdabotflags}
-            -e "@type $1"
-        '';
-      })
-      (buildSimpleReaktorPlugin "lambdabot-let" {
-        pattern = "^@let (?P<args>.*)$$";
-        script = pkgs.writeDash "lambda-let" ''
-          exec ${lambdabot}/bin/lambdabot \
-            ${indent lambdabotflags}
-            -e "@let $1"
-        '';
-      })
-      (buildSimpleReaktorPlugin "lambdabot-run" {
-        pattern = "^@run (?P<args>.*)$$";
-        script = pkgs.writeDash "lambda-run" ''
-          exec ${lambdabot}/bin/lambdabot \
-            ${indent lambdabotflags}
-            -e "@run $1"
-        '';
-      })
-      (buildSimpleReaktorPlugin "lambdabot-kind" {
-        pattern = "^@kind (?P<args>.*)$$";
-        script = pkgs.writeDash "lambda-kind" ''
-          exec ${lambdabot}/bin/lambdabot \
-            ${indent lambdabotflags}
-            -e "@kind $1"
-        '';
-      })
-      (buildSimpleReaktorPlugin "ping" {
-        pattern = "^!ping (?P<args>.*)$$";
-        script = pkgs.writeDash "ping" ''
-          exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
-        '';
-      })
-      (buildSimpleReaktorPlugin "google" {
-        pattern = "^!g (?P<args>.*)$$";
-        script = pkgs.writeDash "google" ''
-          exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \
-            ${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"'
-        '';
-      })
-      (buildSimpleReaktorPlugin "blockchain" {
-        pattern = ".*[Bb]lockchain.*$$";
-        script = pkgs.writeDash "blockchain" ''
-          exec echo 'DID SOMEBODY SAY BLOCKCHAIN? https://paste.krebsco.de/r99pMoQq/+inline'
-        '';
-      })
-      (buildSimpleReaktorPlugin "shrug" {
-        pattern = "^!shrug$";
-        script = pkgs.writeDash "shrug" ''
-          exec echo '¯\_(ツ)_/¯'
-        '';
-      })
-      (buildSimpleReaktorPlugin "flip" {
-        pattern = "^!flip$";
-        script = pkgs.writeDash "shrug" ''
-          exec echo '(╯°□°）╯ ┻━┻'
-        '';
-      })
+let
+  hooks = pkgs.reaktor2-plugins.hooks;
+in {
+  krebs.reaktor2.coders = {
+    hostname = "irc.hackint.org";
+    port = "9999";
+    useTLS = true;
+    nick = "reaktor2|lass";
+    plugins = [
+      {
+        plugin = "register";
+        config = {
+          channels = [
+            "#coders"
+            "#germany"
+            "#panthermoderns"
+          ];
+        };
+      }
+      {
+        plugin = "system";
+        config = {
+          workdir = config.krebs.reaktor2.coders.stateDir;
+          hooks.PRIVMSG = [
+            hooks.sed
+            hooks.url-title
+            {
+              activate = "match";
+              pattern = ''@([^ ]+) (.*)$'';
+              command = 1;
+              arguments = [2];
+              commands = let
+                lambdabot = (import (pkgs.fetchFromGitHub {
+                  owner = "NixOS"; repo = "nixpkgs";
+                  rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
+                  sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
+                }) {}).lambdabot;
+                lambdabotWrapper = pkgs.writeDash "lambdabot.wrapper" ''
+                  exec ${lambdabot}/bin/lambdabot \
+                    -XStandaloneDeriving -XGADTs -XFlexibleContexts \
+                    -XFlexibleInstances -XMultiParamTypeClasses \
+                    -XOverloadedStrings -XFunctionalDependencies \
+                    -e "$@"
+                '';
+              in {
+                pl = {
+                  env.HOME = config.krebs.reaktor2.coders.stateDir;
+                  filename = pkgs.writeDash "lambdabot-pl" ''
+                    ${lambdabotWrapper} "@pl $1"
+                  '';
+                };
+                type = {
+                  env.HOME = config.krebs.reaktor2.coders.stateDir;
+                  filename = pkgs.writeDash "lambdabot-type" ''
+                    ${lambdabotWrapper} "@type $1"
+                  '';
+                };
+                "let" = {
+                  env.HOME = config.krebs.reaktor2.coders.stateDir;
+                  filename = pkgs.writeDash "lambdabot-let" ''
+                    ${lambdabotWrapper} "@let $1"
+                  '';
+                };
+                run = {
+                  env.HOME = config.krebs.reaktor2.coders.stateDir;
+                  filename = pkgs.writeDash "lambdabot-run" ''
+                    ${lambdabotWrapper} "@run $1"
+                  '';
+                };
+                kind = {
+                  env.HOME = config.krebs.reaktor2.coders.stateDir;
+                  filename = pkgs.writeDash "lambdabot-kind" ''
+                    ${lambdabotWrapper} "@kind $1"
+                  '';
+                };
+              };
+            }
+            {
+              activate = "match";
+              pattern = ''!([^ ]+)(?:\s*(.*))?'';
+              command = 1;
+              arguments = [2];
+              commands = {
+                ping.filename = pkgs.writeDash "ping" ''
+                  exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
+                '';
+                google.filename = pkgs.writeDash "google" ''
+                  exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \
+                    ${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"'
+                '';
+                shrug.filename = pkgs.writeDash "shrug" ''
+                  exec echo '¯\_(ツ)_/¯'
+                '';
+                table.filename = pkgs.writeDash "table" ''
+                  exec echo '(╯°□°）╯ ┻━┻'
+                '';
+              };
+            }
+          ];
+        };
+      }
     ];
   };
 }

From 4fd18dc654137de5a87c95a163efb9126ac07bf7 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 19:32:04 +0100
Subject: [PATCH 109/130] l baseX: use correct urxvt packagename

---
 lass/2configs/baseX.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index b8a0a9f2a..1d2d1173d 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -74,7 +74,7 @@ in {
     nmap
     pavucontrol
     powertop
-    rxvt_unicode_with-plugins
+    rxvt_unicode-with-plugins
     sxiv
     taskwarrior
     termite

From fa1e5d5b7fa2424e636d5807141c3043770affaf Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Sun, 27 Jan 2019 19:33:43 +0100
Subject: [PATCH 110/130] l reaktor-plugins: use correct header

---
 krebs/5pkgs/simple/reaktor2-plugins.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/krebs/5pkgs/simple/reaktor2-plugins.nix b/krebs/5pkgs/simple/reaktor2-plugins.nix
index fcbcd6365..48464c0b6 100644
--- a/krebs/5pkgs/simple/reaktor2-plugins.nix
+++ b/krebs/5pkgs/simple/reaktor2-plugins.nix
@@ -1,5 +1,5 @@
-{ lib, pkgs, ... }:
 with import <stockholm/lib>;
+{ lib, pkgs, ... }:
 
 rec {
   generators = {

From 52ef20148e44f2b2017a0edc30899860799ad652 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 20:06:06 +0100
Subject: [PATCH 111/130] reaktor2 service: user -> username + proper type

---
 krebs/2configs/reaktor2.nix |  4 ++--
 krebs/3modules/reaktor2.nix | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index f1e59142e..2beb6561b 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -146,7 +146,7 @@ in {
         }
         systemPlugin
       ];
-      user = "reaktor2";
+      username = "reaktor2";
     };
     r = {
       nick = "reaktor2|krebs";
@@ -162,7 +162,7 @@ in {
         }
         systemPlugin
       ];
-      user = "reaktor2";
+      username = "reaktor2";
     };
   };
 }
diff --git a/krebs/3modules/reaktor2.nix b/krebs/3modules/reaktor2.nix
index 3f263d010..e3e6ddf4f 100644
--- a/krebs/3modules/reaktor2.nix
+++ b/krebs/3modules/reaktor2.nix
@@ -25,7 +25,7 @@ with import <stockholm/lib>;
           type = types.listOf types.attrs;
         };
         stateDir = mkOption {
-          default = "/var/lib/${self.config.user}";
+          default = "/var/lib/${self.config.username}";
           readOnly = true;
           type = types.absolute-pathname;
         };
@@ -33,9 +33,9 @@ with import <stockholm/lib>;
           default = "reaktor2${optionalString (name != "default") "-${name}"}";
           type = types.filename;
         };
-        user = mkOption {
+        username = mkOption {
           default = self.config.systemd-service-name;
-          type = types.str;
+          type = types.username;
         };
         useTLS = mkOption {
           default = self.config.port == "6697";
@@ -51,10 +51,10 @@ with import <stockholm/lib>;
         after = [ "network.target" ];
         wantedBy = [ "multi-user.target" ];
         serviceConfig = {
-          User = cfg.user;
+          User = cfg.username;
           Group = "reaktor2";
           DynamicUser = true;
-          StateDirectory = cfg.user;
+          StateDirectory = cfg.username;
           ExecStart = let
             configFile = pkgs.writeJSON configFileName configValue;
             configFileName = "${cfg.systemd-service-name}.config.json";

From b4f24ff76ad708343b67afce45765a66c6bfb660 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 20:09:11 +0100
Subject: [PATCH 112/130] krebs nscd-fix: normalize style

---
 krebs/2configs/nscd-fix.nix | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/krebs/2configs/nscd-fix.nix b/krebs/2configs/nscd-fix.nix
index 20dc3bae4..8e5909e72 100644
--- a/krebs/2configs/nscd-fix.nix
+++ b/krebs/2configs/nscd-fix.nix
@@ -1,18 +1,19 @@
-{ pkgs, ... }:
 with import <stockholm/lib>;
-let
+{ pkgs, ... }: let
+
+  enable = versionOlderThan "19.03";
+
   versionOlderThan = v:
     compareVersions
       (versions.majorMinor version)
       (versions.majorMinor v)
       == -1;
 
-  enable =
-    versionOlderThan "19.03";
-    warning = ''
-      Using custom services.nscd.config because
-      https://github.com/NixOS/nixpkgs/pull/50316
-    '';
+  warning = ''
+    Using custom services.nscd.config because
+    https://github.com/NixOS/nixpkgs/pull/50316
+  '';
+
 in
   optionalAttrs enable (trace warning {
     services.nscd.enable = mkForce true;
@@ -21,4 +22,3 @@ in
       sha256 = "1jlddk38lyynjn51zx3xi1nc29ahajyh0qg48qbq6dqlsrn3wxqs";
     }));
   })
-

From 74dbc7c8b21a345626659cbbcc6bf11836939945 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 20:15:40 +0100
Subject: [PATCH 113/130] Reaktor: 0.6.2 -> 0.7.0

---
 krebs/3modules/Reaktor.nix             | 5 +++--
 krebs/5pkgs/simple/Reaktor/default.nix | 6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/krebs/3modules/Reaktor.nix b/krebs/3modules/Reaktor.nix
index 669483f3c..308c6d41d 100644
--- a/krebs/3modules/Reaktor.nix
+++ b/krebs/3modules/Reaktor.nix
@@ -113,10 +113,11 @@ let
         '';
       in nameValuePair "Reaktor-${name}" {
         path = with pkgs; [
-          utillinux #flock for tell_on-join
           git # for nag
+          jq # for tell
           python # for caps
-          ];
+          utillinux # flock for tell
+        ];
         description = "Reaktor IRC Bot";
         after = [ "network.target" ];
         wantedBy = [ "multi-user.target" ];
diff --git a/krebs/5pkgs/simple/Reaktor/default.nix b/krebs/5pkgs/simple/Reaktor/default.nix
index 3ef9ffb7d..a88db6379 100644
--- a/krebs/5pkgs/simple/Reaktor/default.nix
+++ b/krebs/5pkgs/simple/Reaktor/default.nix
@@ -2,7 +2,7 @@
 
 python3Packages.buildPythonPackage rec {
   name = "Reaktor-${version}";
-  version = "0.6.2";
+  version = "0.7.0";
 
   doCheck = false;
 
@@ -13,8 +13,8 @@ python3Packages.buildPythonPackage rec {
   src = fetchFromGitHub {
     owner = "krebs";
     repo = "Reaktor";
-    rev = version;
-    sha256 = "0h8pj0x9b5fnxddwrc0f63rxd3275v5phmjc0fv4kiwlzvbcxj6m";
+    rev = "v${version}";
+    sha256 = "12yy06vk0smjs0rmahrn2kd4bcdh1yjw1fz6rifw6nmgx889d9hj";
   };
   meta = {
     homepage = http://krebsco.de/;

From f608351da19aeae5fd06dd700a8f11150433d15e Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 20:27:16 +0100
Subject: [PATCH 114/130] reaktor2: 0.2.0 -> 0.2.1

---
 krebs/5pkgs/haskell/reaktor2.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/krebs/5pkgs/haskell/reaktor2.nix b/krebs/5pkgs/haskell/reaktor2.nix
index dd8c3578b..40c628802 100644
--- a/krebs/5pkgs/haskell/reaktor2.nix
+++ b/krebs/5pkgs/haskell/reaktor2.nix
@@ -7,11 +7,11 @@
 }:
 mkDerivation {
   pname = "reaktor2";
-  version = "0.2.0";
+  version = "0.2.1";
   src = fetchgit {
     url = "https://cgit.krebsco.de/reaktor2";
-    sha256 = "1wls61d9z9zkvvfgq60clcph0800kpvymqw63dpsk0sp13zygpg9";
-    rev = "e9ca12a945b1d1c068e9c31050e264cb20690db4";
+    sha256 = "0wg76wlzfi893rl0lzhfs6bkpdcvwvgl6mpnz6w7r8f7znr4a9vr";
+    rev = "0e199f7a357a4c5973e5837ec67699cf224ca69c";
     fetchSubmodules = true;
   };
   isLibrary = false;

From 06b23af29d434f448faebf822d5f1f1e8a0c0a39 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 27 Jan 2019 20:32:04 +0100
Subject: [PATCH 115/130] reaktor2 task: define env in hook

---
 krebs/2configs/reaktor2.nix | 48 +++++++++++++------------------------
 1 file changed, 16 insertions(+), 32 deletions(-)

diff --git a/krebs/2configs/reaktor2.nix b/krebs/2configs/reaktor2.nix
index 2beb6561b..ff6b539ba 100644
--- a/krebs/2configs/reaktor2.nix
+++ b/krebs/2configs/reaktor2.nix
@@ -18,39 +18,23 @@ let
     activate = "match";
     command = 1;
     arguments = [2];
+    env.TASKDATA = "${stateDir}/${name}";
     commands = {
-      add = {
-        env = {
-          TASKDATA = "${stateDir}/${name}";
-        };
-        filename = pkgs.writeDash "${name}-task-add" ''
-          ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
-        '';
-      };
-      list = {
-        env = {
-          TASKDATA = "${stateDir}/${name}";
-        };
-        filename = pkgs.writeDash "${name}-task-list" ''
-          ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
-        '';
-      };
-      delete = {
-        env = {
-          TASKDATA = "${stateDir}/${name}";
-        };
-        filename = pkgs.writeDash "${name}-task-delete" ''
-          ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
-        '';
-      };
-      done = {
-        env = {
-          TASKDATA = "${stateDir}/${name}";
-        };
-        filename = pkgs.writeDash "${name}-task-done" ''
-          ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*"
-        '';
-      };
+      add.filename = pkgs.writeDash "${name}-task-add" ''
+        ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$1"
+      '';
+      list.filename = pkgs.writeDash "${name}-task-list" ''
+        ${pkgs.taskwarrior}/bin/task rc:${rcFile} export \
+          | ${pkgs.jq}/bin/jq -r '
+              .[] | select(.id != 0) | "\(.id) \(.description)"
+            '
+      '';
+      delete.filename = pkgs.writeDash "${name}-task-delete" ''
+        ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$1"
+      '';
+      done.filename = pkgs.writeDash "${name}-task-done" ''
+        ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$1"
+      '';
     };
   };
 

From dbf0926f8b702633e37259fd411d4c16242b7740 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 08:27:57 +0100
Subject: [PATCH 116/130] ma dict: enable module

---
 makefu/1systems/x/config.nix | 1 +
 makefu/2configs/dict.nix     | 5 +++++
 2 files changed, 6 insertions(+)
 create mode 100644 makefu/2configs/dict.nix

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 35779507b..143b9c729 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -14,6 +14,7 @@
       <stockholm/makefu/2configs/main-laptop.nix>
       <stockholm/makefu/2configs/extra-fonts.nix>
       <stockholm/makefu/2configs/tools/all.nix>
+      <stockholm/makefu/2configs/dict.nix>
 
       <stockholm/makefu/2configs/backup/state.nix>
       # <stockholm/makefu/2configs/dnscrypt/client.nix>
diff --git a/makefu/2configs/dict.nix b/makefu/2configs/dict.nix
new file mode 100644
index 000000000..6db9102ba
--- /dev/null
+++ b/makefu/2configs/dict.nix
@@ -0,0 +1,5 @@
+{ pkgs, ... }:
+{
+  services.dictd.enable = true;
+  services.dictd.DBs = with pkgs.dictdDBs; [ wiktionary wordnet deu2eng eng2deu ];
+}

From 0ead7ae0a71247581eb968c701e02af782424cd0 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 08:29:19 +0100
Subject: [PATCH 117/130] k shack/ympd: add next and prev buttons at top

---
 krebs/2configs/shack/mobile.mpd.nix      |  5 ++++-
 krebs/2configs/shack/ympd-top-next.patch | 16 ++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 krebs/2configs/shack/ympd-top-next.patch

diff --git a/krebs/2configs/shack/mobile.mpd.nix b/krebs/2configs/shack/mobile.mpd.nix
index 2dc466edb..751d233ec 100644
--- a/krebs/2configs/shack/mobile.mpd.nix
+++ b/krebs/2configs/shack/mobile.mpd.nix
@@ -1,5 +1,8 @@
 {lib,pkgs, ... }:
 let
+  pkg = lib.overrideDerivation pkgs.ympd (old: {
+      patches = [ ./ympd-top-next.patch ];
+  });
   mpdHost = "mpd.shack";
   ympd = name: port: let
     webPort = 10000 + port;
@@ -7,7 +10,7 @@ let
     systemd.services."ympd-${name}" = {
       description = "mpd for ${name}";
       wantedBy = [ "multi-user.target" ];
-      serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody";
+      serviceConfig.ExecStart = "${pkg}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody";
     };
     services.nginx.virtualHosts."mobile.${name}.mpd.shack" = {
       serverAliases = [
diff --git a/krebs/2configs/shack/ympd-top-next.patch b/krebs/2configs/shack/ympd-top-next.patch
new file mode 100644
index 000000000..fd424f11a
--- /dev/null
+++ b/krebs/2configs/shack/ympd-top-next.patch
@@ -0,0 +1,16 @@
+diff --git a/htdocs/index.html b/htdocs/index.html
+index ed77279..eaf92b6 100644
+--- a/htdocs/index.html
++++ b/htdocs/index.html
+@@ -76,6 +76,11 @@
+ 
+       <div class="col-md-10 col-xs-12">
+         <div class="notifications top-right"></div>
++
++        <ul class="pager">
++          <li id="prev" class="page-btn hide"><a href="">Previous</a></li>
++          <li id="next" class="page-btn"><a href="">Next</a></li>
++        </ul>
+         
+         <div class="panel panel-primary">
+           <!-- Default panel contents -->

From a3919eb1af48fadfea06e17f5245b7748f497191 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 08:29:54 +0100
Subject: [PATCH 118/130] ma aarch64-community: add builder

---
 makefu/1systems/x/config.nix                      |  5 +++--
 .../2configs/remote-build/aarch64-community.nix   | 15 +++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)
 create mode 100644 makefu/2configs/remote-build/aarch64-community.nix

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index 143b9c729..ce2199a41 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -19,6 +19,7 @@
       <stockholm/makefu/2configs/backup/state.nix>
       # <stockholm/makefu/2configs/dnscrypt/client.nix>
       <stockholm/makefu/2configs/avahi.nix>
+      <stockholm/makefu/2configs/support-nixos.nix>
 
       # Debugging
       # <stockholm/makefu/2configs/disable_v6.nix>
@@ -51,7 +52,7 @@
       # Virtualization
       <stockholm/makefu/2configs/virtualisation/libvirt.nix>
       <stockholm/makefu/2configs/virtualisation/docker.nix>
-      <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
+      # <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
       {
         networking.firewall.allowedTCPPorts = [ 8080 ];
         networking.nat = {
@@ -65,7 +66,7 @@
       <stockholm/makefu/2configs/tor.nix>
       <stockholm/makefu/2configs/vpn/vpngate.nix>
       # <stockholm/makefu/2configs/buildbot-standalone.nix>
-      # <stockholm/makefu/2configs/remote-build/master.nix>
+      <stockholm/makefu/2configs/remote-build/aarch64-community.nix>
 
       # Hardware
       <stockholm/makefu/2configs/hw/tp-x230.nix>
diff --git a/makefu/2configs/remote-build/aarch64-community.nix b/makefu/2configs/remote-build/aarch64-community.nix
new file mode 100644
index 000000000..d57eacd68
--- /dev/null
+++ b/makefu/2configs/remote-build/aarch64-community.nix
@@ -0,0 +1,15 @@
+{
+  nix = {
+    distributedBuilds = true;
+    buildMachines = [
+      {
+        hostName = "aarch64.nixos.community";
+        maxJobs = 64;
+        sshKey = toString <secrets/nixos-community>;
+        sshUser = "makefu";
+        system = "aarch64-linux";
+        supportedFeatures = [ "big-parallel" ];
+      }
+    ];
+  };
+}

From d6e1edf62c1a174a9da7089659776085f3dbbcce Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 08:30:23 +0100
Subject: [PATCH 119/130] ma hass: add more devices

---
 makefu/2configs/bureautomation/hass.nix | 97 ++++++++++++++++++++++++-
 1 file changed, 94 insertions(+), 3 deletions(-)

diff --git a/makefu/2configs/bureautomation/hass.nix b/makefu/2configs/bureautomation/hass.nix
index 57184bdf7..b70c9b030 100644
--- a/makefu/2configs/bureautomation/hass.nix
+++ b/makefu/2configs/bureautomation/hass.nix
@@ -1,5 +1,40 @@
 { pkgs, lib, ... }:
 let
+  tasmota_rgb = name: topic:
+# LED WS2812b
+#      effect_state_topic: "stat/led/Scheme"
+#      effect_command_topic: "cmnd/led/Scheme"
+#      effect_value_template: "{{ value_json.Scheme }}"
+  { platform = "mqtt";
+    inherit name;
+    retain = false;
+    qos = 1;
+    optimistic = false;
+    # state
+    # TODO: currently broken, will not use the custom state topic
+    state_topic = "/bam/${topic}/stat/POWER";
+    command_topic = "/bam/${topic}/cmnd/POWER";
+    availability_topic = "/bam/${topic}/tele/LWT";
+    payload_on= "ON";
+    payload_off= "OFF";
+    payload_available= "Online";
+    payload_not_available= "Offline";
+    # brightness
+    brightness_state_topic = "/bam/${topic}/stat/Dimmer";
+    brightness_command_topic = "/bam/${topic}/cmnd/Dimmer";
+    brightness_value_template = "{{ value_json.Dimmer }}";
+    brightness_scale = 100;
+    # color
+    rgb_state_topic = "/bam/${topic}/stat/Color";
+    rgb_command_topic = "/bam/${topic}/cmnd/Color2";
+    rgb_command_mode = "hex";
+    rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}";
+    # effects
+    effect_state_topic = "/bam/${topic}/stat/Scheme";
+    effect_command_topic = "/bam/${topic}/cmnd/Scheme";
+    effect_value_template = "{{ value_json.Scheme }}";
+    effect_list = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 ];
+};
   tasmota_plug = name: topic:
   { platform = "mqtt";
     inherit name;
@@ -74,6 +109,10 @@ in {
         (tasmota_plug "Blitzdings" "plug2")
         (tasmota_plug "Fernseher" "plug3")
         (tasmota_plug "Feuer" "plug4")
+        (tasmota_plug "Nachtlicht" "plug5")
+      ];
+      light = [
+        (tasmota_rgb "Status Felix" "status1")
       ];
       binary_sensor = [
         { platform = "mqtt";
@@ -169,12 +208,16 @@ in {
           };
         automation = [
           "automation.turn_off_fernseher_10_minutes_after_last_movement"
+          "automation.turn_off_nachtlicht_on_sunrise"
+          "automation.turn_on_nachtlicht_on_motion_and_dusk"
         ];
         switches = [
           "switch.bauarbeiterlampe"
           "switch.blitzdings"
           "switch.fernseher"
           "switch.feuer"
+          "switch.nachtlicht"
+          "light.status_felix"
         ];
         camera = [
           "camera.Baumarkt"
@@ -207,11 +250,55 @@ in {
           };
           action = {
             service = "homeassistant.turn_on";
-            entity_id =  [ "switch.fernseher" "switch.feuer" ];
+            entity_id =  [
+              "switch.fernseher"
+              "switch.feuer"
+              "light.status_felix"
+            ];
+          };
+        }
+        {
+          alias = "Turn off Nachtlicht on sunrise";
+          trigger =
+          {
+            platform = "sun";
+            event = "sunrise";
+          };
+          action =
+          {
+            service = "homeassistant.turn_off";
+            entity_id =  [ "switch.nachtlicht" ];
+          };
+        }
+        {
+          alias = "Turn on Nachtlicht on motion and dusk";
+          trigger =
+          {
+            platform = "state";
+            entity_id = "binary_sensor.motion";
+            to = "on";
+          };
+          condition = # 'when dark'
+          {
+            condition = "or";
+            conditions = [
+              { condition = "sun";
+                after = "sunset";
+                after_offset = "-00:45:00"; # on dusk
+              }
+              { condition = "sun";
+                before = "sunrise";
+              }
+            ];
+          };
+          action =
+          {
+            service = "homeassistant.turn_on";
+            entity_id =  [ "switch.nachtlicht" ];
           };
         }
         { alias = "Turn off Fernseher 10 minutes after last movement";
-          trigger = [ 
+          trigger = [
           { # trigger when movement was detected at the time
             platform = "state";
             entity_id = "binary_sensor.motion";
@@ -226,7 +313,11 @@ in {
         ];
           action = {
             service = "homeassistant.turn_off";
-            entity_id =  [ "switch.fernseher" "switch.feuer" ];
+            entity_id =  [
+              "switch.fernseher"
+              "switch.feuer"
+              "light.status_felix"
+            ];
           };
           condition =
           { condition = "and";

From 742c041b7246176f96709561b6c51ad87b3d861e Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 08:30:50 +0100
Subject: [PATCH 120/130] ma tools: add picocom

---
 makefu/2configs/tools/dev.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix
index f8e3f9f46..0c877fc7b 100644
--- a/makefu/2configs/tools/dev.nix
+++ b/makefu/2configs/tools/dev.nix
@@ -4,6 +4,7 @@
   users.users.makefu.packages = with pkgs;[
     python3
     python3Packages.pyserial
+    picocom
     python3Packages.virtualenv
     # embedded
     gi

From 0c25e9790578821a1038831ea852c6bfbc83ff97 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 08:31:35 +0100
Subject: [PATCH 121/130] ma bureautomation: use mqtt instead of curl

seems they've change something in their security security
---
 makefu/2configs/bureautomation/default.nix | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix
index 3897537ea..917044d63 100644
--- a/makefu/2configs/bureautomation/default.nix
+++ b/makefu/2configs/bureautomation/default.nix
@@ -5,7 +5,7 @@ let
   port = 3001;
   runit = pkgs.writeDash "runit" ''
     set -xeuf
-    PATH=${pkgs.curl}/bin:${pkgs.coreutils}/bin
+    PATH=${pkgs.mosquitto}/bin:${pkgs.coreutils}/bin
     name=''${1?must provide name as first arg}
     state=''${2?must provide state as second arg}
     # val=''${3?must provide val as third arg}
@@ -14,9 +14,10 @@ let
     test $state = alerting || exit 0
 
     echo $name - $state
-    curl 'http://bauarbeiterlampe/ay?o=1'
+    topic=plug
+    mosquitto_pub -t /bam/$topic/cmnd/POWER -m ON
     sleep 5
-    curl 'http://bauarbeiterlampe/ay?o=1'
+    mosquitto_pub -t /bam/$topic/cmnd/POWER -m OFF
   '';
 in {
   services.logstash = {

From c64d6785ac77ec09ebd92fec36b03b899f0f07c3 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 11:57:04 +0100
Subject: [PATCH 122/130] ma 0tests/secrets: add nixos-community

---
 makefu/0tests/data/secrets/nixos-community | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 makefu/0tests/data/secrets/nixos-community

diff --git a/makefu/0tests/data/secrets/nixos-community b/makefu/0tests/data/secrets/nixos-community
new file mode 100644
index 000000000..e69de29bb

From dc7caec1a74f79c619e14d22ee5f0a48064dd129 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Mon, 28 Jan 2019 13:51:36 +0100
Subject: [PATCH 123/130] ma x.r: enable virtualbox (again)

---
 makefu/1systems/x/config.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index ce2199a41..138735d91 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -52,7 +52,7 @@
       # Virtualization
       <stockholm/makefu/2configs/virtualisation/libvirt.nix>
       <stockholm/makefu/2configs/virtualisation/docker.nix>
-      # <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
+      <stockholm/makefu/2configs/virtualisation/virtualbox.nix>
       {
         networking.firewall.allowedTCPPorts = [ 8080 ];
         networking.nat = {

From 35acdb3ff498856f1301b92fe9d7e5c86d51c441 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 28 Jan 2019 22:28:09 +0100
Subject: [PATCH 124/130] krops: 1.11.0 -> 1.11.1

---
 submodules/krops | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/submodules/krops b/submodules/krops
index 61b5ef3b8..5b8fb8dc0 160000
--- a/submodules/krops
+++ b/submodules/krops
@@ -1 +1 @@
-Subproject commit 61b5ef3b8e7e4d601db67a20f14a5022e9de8398
+Subproject commit 5b8fb8dc0ee14672d7fd533bd98635b8725dbb29

From 33add1d75631ae2bd1c7711c43ab195f6c237fbe Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 28 Jan 2019 23:02:48 +0100
Subject: [PATCH 125/130] l mors.r: hardening

---
 lass/1systems/mors/config.nix |  1 +
 lass/2configs/hardening.nix   | 11 +++++++++++
 2 files changed, 12 insertions(+)
 create mode 100644 lass/2configs/hardening.nix

diff --git a/lass/1systems/mors/config.nix b/lass/1systems/mors/config.nix
index b6565dc6a..f35ebff56 100644
--- a/lass/1systems/mors/config.nix
+++ b/lass/1systems/mors/config.nix
@@ -36,6 +36,7 @@ with import <stockholm/lib>;
     <stockholm/lass/2configs/blue-host.nix>
     <stockholm/lass/2configs/network-manager.nix>
     <stockholm/lass/2configs/nfs-dl.nix>
+    <stockholm/lass/2configs/hardening.nix>
     {
       krebs.iptables.tables.filter.INPUT.rules = [
         #risk of rain
diff --git a/lass/2configs/hardening.nix b/lass/2configs/hardening.nix
new file mode 100644
index 000000000..aee4bf06f
--- /dev/null
+++ b/lass/2configs/hardening.nix
@@ -0,0 +1,11 @@
+{ pkgs, lib, ... }:
+with lib;
+{
+  security.chromiumSuidSandbox.enable = true;
+  security.lockKernelModules = false;
+  boot.kernel.sysctl."user.max_user_namespaces" = 63414;
+
+  imports = [
+    <nixpkgs/nixos/modules/profiles/hardened.nix>
+  ];
+}

From fd5615a298ff4b7cfa7e8cccbcac0afb680cc9a9 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 28 Jan 2019 23:05:38 +0100
Subject: [PATCH 126/130] krops: bootstrap nixpkgs

---
 krebs/krops.nix | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/krebs/krops.nix b/krebs/krops.nix
index 76bca026d..94418fdc2 100644
--- a/krebs/krops.nix
+++ b/krebs/krops.nix
@@ -9,13 +9,19 @@
 
   krebs-source = { test ? false }: rec {
     nixpkgs = if test then {
-      derivation = ''
-        with import <nixpkgs> {};
+      derivation = let
+        rev = (lib.importJSON ./nixpkgs.json).rev;
+        sha256 = (lib.importJSON ./nixpkgs.json).sha256;
+      in ''
+        with import (builtins.fetchTarball {
+          url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
+          sha256 = "${sha256}";
+        }) {};
         pkgs.fetchFromGitHub {
           owner = "nixos";
           repo = "nixpkgs";
-          rev = "${(lib.importJSON ./nixpkgs.json).rev}";
-          sha256 = "${(lib.importJSON ./nixpkgs.json).sha256}";
+          rev = "${rev}";
+          sha256 = "${sha256}";
         }
       '';
     } else {

From 42ca9d3eb8b8329fb47c0afba352a456a706f408 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 28 Jan 2019 23:05:53 +0100
Subject: [PATCH 127/130] l blue.r: bootstrap nixpkgs

---
 lass/1systems/blue/source.nix | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/lass/1systems/blue/source.nix b/lass/1systems/blue/source.nix
index a32c3a829..a52771a4d 100644
--- a/lass/1systems/blue/source.nix
+++ b/lass/1systems/blue/source.nix
@@ -1,13 +1,19 @@
 { lib, pkgs, ... }:
 {
   nixpkgs = lib.mkForce {
-    derivation = ''
-      with import <nixpkgs> {};
+    derivation = let
+      rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
+      sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
+    in ''
+      with import (builtins.fetchTarball {
+        url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
+        sha256 = "${sha256}";
+      }) {};
       pkgs.fetchFromGitHub {
         owner = "nixos";
         repo = "nixpkgs";
-        rev = "${(lib.importJSON ../../../krebs/nixpkgs.json).rev}";
-        sha256 = "${(lib.importJSON ../../../krebs/nixpkgs.json).sha256}";
+        rev = "${rev}";
+        sha256 = "${sha256}";
       }
     '';
   };

From 10640237682d973012d79d6f6b1ab8de3667bb4d Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 28 Jan 2019 23:06:30 +0100
Subject: [PATCH 128/130] l radio: Reaktor -> reaktor2

---
 lass/2configs/radio.nix | 61 +++++++++++++++++++++++++----------------
 1 file changed, 37 insertions(+), 24 deletions(-)

diff --git a/lass/2configs/radio.nix b/lass/2configs/radio.nix
index 987632cd1..f88b2627b 100644
--- a/lass/2configs/radio.nix
+++ b/lass/2configs/radio.nix
@@ -170,32 +170,45 @@ in {
     };
   };
 
-  krebs.Reaktor.playlist = {
-    nickname = "the_playlist|r";
-    channels = [
-      "#the_playlist"
-      "#krebs"
-    ];
-    extraEnviron = {
-      REAKTOR_HOST = "irc.freenode.org";
-    };
-    plugins = with pkgs.ReaktorPlugins; [
-      (buildSimpleReaktorPlugin "skip" {
-        script = "${skip_track}/bin/skip_track";
-        pattern = "^skip$";
-      })
-      (buildSimpleReaktorPlugin "current" {
-        script = "${print_current}/bin/print_current";
-        pattern = "^current$";
-      })
-      (buildSimpleReaktorPlugin "suggest" {
-        script = "${pkgs.writeDash "suggest" ''
-          echo "$@" >> $HOME/playlist_suggest
-        ''}";
-        pattern = "^suggest: (?P<args>.*)$";
-      })
+  krebs.reaktor2.the_playlist = {
+    hostname = "irc.freenode.org";
+    port = "6697";
+    useTLS = true;
+    nick = "the_playlist";
+    plugins = [
+      {
+        plugin = "register";
+        config = {
+          channels = [
+            "#the_playlist"
+            "#krebs"
+          ];
+        };
+      }
+      {
+        plugin = "system";
+        config = {
+          workdir = config.krebs.reaktor2.the_playlist.stateDir;
+          hooks.PRIVMSG = [
+            {
+              activate = "match";
+              pattern = ''!([^ ]+)(?:\s*(.*))?'';
+              command = 1;
+              arguments = [2];
+              commands = {
+                skip.filename = "${skip_track}/bin/skip_track";
+                current.filename = "${print_current}/bin/print_current";
+                suggest.filename = pkgs.writeDash "suggest" ''
+                  echo "$@" >> playlist_suggest
+                '';
+              };
+            }
+          ];
+        };
+      }
     ];
   };
+
   services.nginx = {
     enable = true;
     virtualHosts."radio.lassul.us" = {

From 32895b53c6291210bd52cacae7c6d5cb639e594e Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 28 Jan 2019 23:07:23 +0100
Subject: [PATCH 129/130] l reaktor-coders: set env in hook

---
 lass/2configs/reaktor-coders.nix | 46 +++++++++++---------------------
 1 file changed, 16 insertions(+), 30 deletions(-)

diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix
index 44d9d6866..4baec1976 100644
--- a/lass/2configs/reaktor-coders.nix
+++ b/lass/2configs/reaktor-coders.nix
@@ -32,6 +32,7 @@ in {
               pattern = ''@([^ ]+) (.*)$'';
               command = 1;
               arguments = [2];
+              env.HOME = config.krebs.reaktor2.coders.stateDir;
               commands = let
                 lambdabot = (import (pkgs.fetchFromGitHub {
                   owner = "NixOS"; repo = "nixpkgs";
@@ -46,36 +47,21 @@ in {
                     -e "$@"
                 '';
               in {
-                pl = {
-                  env.HOME = config.krebs.reaktor2.coders.stateDir;
-                  filename = pkgs.writeDash "lambdabot-pl" ''
-                    ${lambdabotWrapper} "@pl $1"
-                  '';
-                };
-                type = {
-                  env.HOME = config.krebs.reaktor2.coders.stateDir;
-                  filename = pkgs.writeDash "lambdabot-type" ''
-                    ${lambdabotWrapper} "@type $1"
-                  '';
-                };
-                "let" = {
-                  env.HOME = config.krebs.reaktor2.coders.stateDir;
-                  filename = pkgs.writeDash "lambdabot-let" ''
-                    ${lambdabotWrapper} "@let $1"
-                  '';
-                };
-                run = {
-                  env.HOME = config.krebs.reaktor2.coders.stateDir;
-                  filename = pkgs.writeDash "lambdabot-run" ''
-                    ${lambdabotWrapper} "@run $1"
-                  '';
-                };
-                kind = {
-                  env.HOME = config.krebs.reaktor2.coders.stateDir;
-                  filename = pkgs.writeDash "lambdabot-kind" ''
-                    ${lambdabotWrapper} "@kind $1"
-                  '';
-                };
+                pl.filename = pkgs.writeDash "lambdabot-pl" ''
+                  ${lambdabotWrapper} "@pl $1"
+                '';
+                type.filename = pkgs.writeDash "lambdabot-type" ''
+                  ${lambdabotWrapper} "@type $1"
+                '';
+                "let".filename = pkgs.writeDash "lambdabot-let" ''
+                  ${lambdabotWrapper} "@let $1"
+                '';
+                run.filename = pkgs.writeDash "lambdabot-run" ''
+                  ${lambdabotWrapper} "@run $1"
+                '';
+                kind.filename = pkgs.writeDash "lambdabot-kind" ''
+                  ${lambdabotWrapper} "@kind $1"
+                '';
               };
             }
             {

From e64bbd8d6864e21f9e7b6b9a11cf95c976bdc109 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Mon, 28 Jan 2019 23:08:23 +0100
Subject: [PATCH 130/130] l xmonad: add mouseResizeableTile layout

---
 lass/5pkgs/custom/xmonad-lass/default.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix
index 483e37bc8..1f2e7110e 100644
--- a/lass/5pkgs/custom/xmonad-lass/default.nix
+++ b/lass/5pkgs/custom/xmonad-lass/default.nix
@@ -41,6 +41,7 @@ import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
 import XMonad.Layout.FixedColumn (FixedColumn(..))
 import XMonad.Layout.Minimize (minimize)
 import XMonad.Layout.NoBorders (smartBorders)
+import XMonad.Layout.MouseResizableTile (mouseResizableTile)
 import XMonad.Layout.SimplestFloat (simplestFloat)
 import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
 import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
@@ -93,7 +94,7 @@ main' = do
 
 myLayoutHook = defLayout
   where
-    defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat)
+    defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile)
 
 floatHooks :: Query (Endo WindowSet)
 floatHooks = composeOne