Merge branch 'master' of prism.r:stockholm
This commit is contained in:
commit
924c8fb748
2
ci.nix
2
ci.nix
@ -16,6 +16,6 @@ let
|
|||||||
ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts;
|
ci-systems = filterAttrs (_: v: v.ci) system.config.krebs.hosts;
|
||||||
|
|
||||||
build = host: owner:
|
build = host: owner:
|
||||||
((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-tmp";});
|
((import (toString ./. + "/${owner}/krops.nix") { name = host; }).test {target = "${getEnv "HOME"}/stockholm-build";});
|
||||||
|
|
||||||
in mapAttrs (n: h: build n h.owner.name) ci-systems
|
in mapAttrs (n: h: build n h.owner.name) ci-systems
|
||||||
|
@ -12,8 +12,8 @@
|
|||||||
<stockholm/krebs/2configs/buildbot-stockholm.nix>
|
<stockholm/krebs/2configs/buildbot-stockholm.nix>
|
||||||
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
<stockholm/krebs/2configs/binary-cache/nixos.nix>
|
||||||
<stockholm/krebs/2configs/ircd.nix>
|
<stockholm/krebs/2configs/ircd.nix>
|
||||||
<stockholm/krebs/2configs/reaktor-retiolum.nix>
|
<stockholm/krebs/2configs/nscd-fix.nix>
|
||||||
<stockholm/krebs/2configs/reaktor-krebs.nix>
|
<stockholm/krebs/2configs/reaktor2.nix>
|
||||||
<stockholm/krebs/2configs/repo-sync.nix>
|
<stockholm/krebs/2configs/repo-sync.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -161,6 +161,7 @@ in
|
|||||||
|
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.ulrich.pubkey
|
config.krebs.users.ulrich.pubkey
|
||||||
|
config.krebs.users.raute.pubkey
|
||||||
config.krebs.users.makefu-omo.pubkey
|
config.krebs.users.makefu-omo.pubkey
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDb9NPa2Hf51afcG1H13UPbE5E02J8aC9a1sGCRls592wAVlQbmojYR1jWDPA2m32Bsyv0ztqi81zDyndWWZPQVJVBk00VjYBcgk6D5ifqoAuWLzfuHJPWZGOvBf/U74/LNFNUkj1ywjneK7HYTRPXrRBBfBSQNmQzkvue7s599L2vdueZKyjNsMpx2m6nm2SchaMuDskSQut/168JgU1l4M8BeT68Bo4WdelhBYnhSI1a59FGkgdu2SCjyighLQRy2sOH3ksnkHWENPkA+wwQOlKl7R3DsEybrNd4NU9FSwFDyDmdhfv5gJp8UGSFdjAwx43+8zM5t5ruZ25J0LnVb0PuTuRA00UsW83MkLxFpDQLrQV08tlsY6iGrqxP67C3VJ6t4v6oTp7/vaRLhEFc1PhOLh+sZ18o8MLO+e2rGmHGHQnSKfBOLUvDMGa4jb01XBGjdnIXLOkVo79YR5jZn7jJb2gTZ95OD6bWSDADoURSuwuLa7kh4ti1ItAKuhkIvbuky3rRVvQEc92kJ6aNUswIUXJa0K2ibbIY6ycKAA3Ljksl3Mm9KzOn6yc/i/lSF+SOrTGhabPJigKkIoqKIwnV5IU3gkfsxPQJOBMPqHDGAOeYQe3WpWedEPYuhQEczw4exMb9TkNE96F71PzuQPJDl5sPAWyPLeMKpy5XbfRiF2by4nxN3ZIQvjtoyVkjNV+qM0q0yKBzLxuRAEQOZ2yCEaBudZQkQiwHD97H2vu4SRQ/2aOie1XiOnmdbQRDZSO3BsoDK569K1w+gDfSnqY7zVUMj6tw+uKx6Gstck5lbvYMtdWKsfPv/pDM8eyIVFLL93dKTX+ertcQj6xDwLfOiNubE5ayFXhYkjwImV6NgfBuq+3hLK0URP2rPlOZbbZTQ0WlKD6CCRZPMSZCU9oD2zYfqpvRArBUcdkAwGePezORkfJQLE6mYEJp6pdFkJ/IeFLbO6M0lZVlfnpzAC9kjjkMCRofZUETcFSppyTImCbgo3+ok59/PkNU5oavBXyW80ue2tWHr08HX/QALNte3UITmIIlU6SFMCPMWJqadK1eDPWfJ4H4iDXRNn3D5wqN++iMloKvpaj0wieqXLY4+YfvNTNr177OU48GEWW8DnoEkbpwsCbjPxznGDQhdDqdYyMY/fDgRQReKITvKYGHRzesGysw5cKsp9LEfXD0R6WE2TeiiENla5AWzTgXJB0AyZEcOiIfqOgT9Nr9S8q5gc/BdA7P+jhGGJgEHhV3dVlfIZ7pmZc27Yu7UTQ0lbAKWqcMSTOdne+QL6ILzbvLrQwdvax4tQdm5opfU16SrOox1AMwAbkdq84z6uJqYVx3cUXfMJgTyDNrVv3or root@plattenschwein" # for backup
|
||||||
];
|
];
|
||||||
|
50
krebs/2configs/exim-smarthost.nix
Normal file
50
krebs/2configs/exim-smarthost.nix
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, ... }: let
|
||||||
|
|
||||||
|
format = from: to: {
|
||||||
|
inherit from;
|
||||||
|
# TODO assert is-retiolum-mail-address to;
|
||||||
|
to = concatMapStringsSep "," (getAttr "mail") (toList to);
|
||||||
|
};
|
||||||
|
|
||||||
|
in {
|
||||||
|
krebs.exim-smarthost.internet-aliases =
|
||||||
|
mapAttrsToList format (with config.krebs.users; let
|
||||||
|
brain-ml = [
|
||||||
|
lass
|
||||||
|
makefu
|
||||||
|
tv
|
||||||
|
];
|
||||||
|
eloop-ml = spam-ml ++ [ ciko ];
|
||||||
|
spam-ml = [
|
||||||
|
lass
|
||||||
|
makefu
|
||||||
|
tv
|
||||||
|
];
|
||||||
|
ciko.mail = "ciko@slash16.net";
|
||||||
|
in {
|
||||||
|
"anmeldung@eloop.org" = eloop-ml;
|
||||||
|
"brain@krebsco.de" = brain-ml;
|
||||||
|
"cfp@eloop.org" = eloop-ml;
|
||||||
|
"kontakt@eloop.org" = eloop-ml;
|
||||||
|
"root@eloop.org" = eloop-ml;
|
||||||
|
"youtube@eloop.org" = eloop-ml;
|
||||||
|
"eloop2016@krebsco.de" = eloop-ml;
|
||||||
|
"eloop2017@krebsco.de" = eloop-ml;
|
||||||
|
"postmaster@krebsco.de" = spam-ml; # RFC 822
|
||||||
|
"lass@krebsco.de" = lass;
|
||||||
|
"makefu@krebsco.de" = makefu;
|
||||||
|
"spam@krebsco.de" = spam-ml;
|
||||||
|
"tv@krebsco.de" = tv;
|
||||||
|
# XXX These are no internet aliases
|
||||||
|
# XXX exim-retiolum hosts should be able to relay to retiolum addresses
|
||||||
|
"lass@retiolum" = lass;
|
||||||
|
"makefu@retiolum" = makefu;
|
||||||
|
"spam@retiolum" = spam-ml;
|
||||||
|
"tv@retiolum" = tv;
|
||||||
|
"lass@r" = lass;
|
||||||
|
"makefu@r" = makefu;
|
||||||
|
"spam@r" = spam-ml;
|
||||||
|
"tv@r" = tv;
|
||||||
|
});
|
||||||
|
}
|
24
krebs/2configs/nscd-fix.nix
Normal file
24
krebs/2configs/nscd-fix.nix
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ pkgs, ... }: let
|
||||||
|
|
||||||
|
enable = versionOlderThan "19.03";
|
||||||
|
|
||||||
|
versionOlderThan = v:
|
||||||
|
compareVersions
|
||||||
|
(versions.majorMinor version)
|
||||||
|
(versions.majorMinor v)
|
||||||
|
== -1;
|
||||||
|
|
||||||
|
warning = ''
|
||||||
|
Using custom services.nscd.config because
|
||||||
|
https://github.com/NixOS/nixpkgs/pull/50316
|
||||||
|
'';
|
||||||
|
|
||||||
|
in
|
||||||
|
optionalAttrs enable (trace warning {
|
||||||
|
services.nscd.enable = mkForce true;
|
||||||
|
services.nscd.config = mkForce (readFile (pkgs.fetchurl {
|
||||||
|
url = https://raw.githubusercontent.com/arianvp/nixpkgs/1d5f4cb/nixos/modules/services/system/nscd.conf;
|
||||||
|
sha256 = "1jlddk38lyynjn51zx3xi1nc29ahajyh0qg48qbq6dqlsrn3wxqs";
|
||||||
|
}));
|
||||||
|
})
|
@ -1,30 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
krebs.Reaktor.krebs = {
|
|
||||||
nickname = "Reaktor|krebs";
|
|
||||||
channels = [
|
|
||||||
"#krebs"
|
|
||||||
"#nixos-wiki"
|
|
||||||
];
|
|
||||||
extraEnviron = {
|
|
||||||
REAKTOR_HOST = "irc.freenode.org";
|
|
||||||
REAKTOR_NICKSERV_PASSWORD = "/var/lib/Reaktor/reaktor_nickserv_password";
|
|
||||||
};
|
|
||||||
plugins = with pkgs.ReaktorPlugins; [
|
|
||||||
sed-plugin
|
|
||||||
task-add
|
|
||||||
task-delete
|
|
||||||
task-done
|
|
||||||
task-list
|
|
||||||
] ++
|
|
||||||
(attrValues (todo "agenda"))
|
|
||||||
;
|
|
||||||
};
|
|
||||||
krebs.secret.files.nix-serve-key = {
|
|
||||||
path = "/var/lib/Reaktor/reaktor_nickserv_password";
|
|
||||||
owner.name = "Reaktor";
|
|
||||||
source-path = toString <secrets> + "/reaktor_nickserv_password";
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,21 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
{
|
|
||||||
krebs.Reaktor.retiolum = {
|
|
||||||
nickname = "Reaktor|lass";
|
|
||||||
channels = [ "#noise" "#xxx" ];
|
|
||||||
extraEnviron = {
|
|
||||||
REAKTOR_HOST = "irc.r";
|
|
||||||
};
|
|
||||||
plugins = with pkgs.ReaktorPlugins; [
|
|
||||||
sed-plugin
|
|
||||||
task-add
|
|
||||||
task-delete
|
|
||||||
task-done
|
|
||||||
task-list
|
|
||||||
] ++
|
|
||||||
(attrValues (todo "agenda"))
|
|
||||||
;
|
|
||||||
};
|
|
||||||
}
|
|
152
krebs/2configs/reaktor2.nix
Normal file
152
krebs/2configs/reaktor2.nix
Normal file
@ -0,0 +1,152 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
#for shared state directory
|
||||||
|
stateDir = config.krebs.reaktor2.r.stateDir;
|
||||||
|
|
||||||
|
generators = pkgs.reaktor2-plugins.generators;
|
||||||
|
hooks = pkgs.reaktor2-plugins.hooks;
|
||||||
|
commands = pkgs.reaktor2-plugins.commands;
|
||||||
|
|
||||||
|
task = name: let
|
||||||
|
rcFile = builtins.toFile "taskrc" ''
|
||||||
|
confirmation=no
|
||||||
|
'';
|
||||||
|
in {
|
||||||
|
pattern = "^${name}-([a-z]+)(?::\\s*(.*))?";
|
||||||
|
activate = "match";
|
||||||
|
command = 1;
|
||||||
|
arguments = [2];
|
||||||
|
env.TASKDATA = "${stateDir}/${name}";
|
||||||
|
commands = {
|
||||||
|
add.filename = pkgs.writeDash "${name}-task-add" ''
|
||||||
|
${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$1"
|
||||||
|
'';
|
||||||
|
list.filename = pkgs.writeDash "${name}-task-list" ''
|
||||||
|
${pkgs.taskwarrior}/bin/task rc:${rcFile} export \
|
||||||
|
| ${pkgs.jq}/bin/jq -r '
|
||||||
|
.[] | select(.id != 0) | "\(.id) \(.description)"
|
||||||
|
'
|
||||||
|
'';
|
||||||
|
delete.filename = pkgs.writeDash "${name}-task-delete" ''
|
||||||
|
${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$1"
|
||||||
|
'';
|
||||||
|
done.filename = pkgs.writeDash "${name}-task-done" ''
|
||||||
|
${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$1"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemPlugin = {
|
||||||
|
plugin = "system";
|
||||||
|
config = {
|
||||||
|
workdir = stateDir;
|
||||||
|
hooks.JOIN = [
|
||||||
|
{
|
||||||
|
activate = "always";
|
||||||
|
command = {
|
||||||
|
filename =
|
||||||
|
"${pkgs.Reaktor.src}/reaktor/commands/tell-on_join";
|
||||||
|
env = {
|
||||||
|
PATH = makeBinPath [
|
||||||
|
pkgs.coreutils # XXX env, touch
|
||||||
|
pkgs.jq # XXX sed
|
||||||
|
pkgs.utillinux # XXX flock
|
||||||
|
];
|
||||||
|
state_file = "${stateDir}/tell.json";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
hooks.PRIVMSG = [
|
||||||
|
{
|
||||||
|
pattern = "^bier bal(ance)*$";
|
||||||
|
activate = "match";
|
||||||
|
command = {
|
||||||
|
env = {
|
||||||
|
state_file = "${stateDir}/ledger";
|
||||||
|
};
|
||||||
|
filename = pkgs.writeDash "bier-balance" ''
|
||||||
|
${pkgs.hledger}/bin/hledger -f $state_file bal -N -O csv \
|
||||||
|
| ${pkgs.coreutils}/bin/tail +2 \
|
||||||
|
| ${pkgs.miller}/bin/mlr --icsv --opprint cat
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
pattern = ''^(\S+)\s+([+-][1-9][0-9]*)\s+(\S+)$'';
|
||||||
|
activate = "match";
|
||||||
|
arguments = [1 2 3];
|
||||||
|
command = {
|
||||||
|
env = {
|
||||||
|
# TODO; get state as argument
|
||||||
|
state_file = "${stateDir}/ledger";
|
||||||
|
};
|
||||||
|
filename = pkgs.writeDash "ledger-add" ''
|
||||||
|
set -x
|
||||||
|
tonick=$1
|
||||||
|
amt=$2
|
||||||
|
unit=$3
|
||||||
|
printf '%s\n %s %d %s\n %s %d %s\n' "$(date -Id)" "$tonick" "$amt" "$unit" "$_from" "$(expr 0 - "''${amt#+}")" "$unit" >> $state_file
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
hooks.sed
|
||||||
|
(generators.command_hook {
|
||||||
|
inherit (commands) hello random-emoji nixos-version stockholm-issue;
|
||||||
|
tell = {
|
||||||
|
filename =
|
||||||
|
"${pkgs.Reaktor.src}/reaktor/commands/tell-on_privmsg";
|
||||||
|
env = {
|
||||||
|
PATH = makeBinPath [
|
||||||
|
pkgs.coreutils # XXX date, env
|
||||||
|
pkgs.jq # XXX sed
|
||||||
|
pkgs.utillinux # XXX flock
|
||||||
|
];
|
||||||
|
state_file = "${stateDir}/tell.txt";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
(task "agenda")
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
in {
|
||||||
|
|
||||||
|
krebs.reaktor2 = {
|
||||||
|
freenode = {
|
||||||
|
hostname = "irc.freenode.org";
|
||||||
|
nick = "reaktor2|krebs";
|
||||||
|
plugins = [
|
||||||
|
{
|
||||||
|
plugin = "register";
|
||||||
|
config = {
|
||||||
|
channels = [
|
||||||
|
"#krebs"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
systemPlugin
|
||||||
|
];
|
||||||
|
username = "reaktor2";
|
||||||
|
};
|
||||||
|
r = {
|
||||||
|
nick = "reaktor2|krebs";
|
||||||
|
plugins = [
|
||||||
|
{
|
||||||
|
plugin = "register";
|
||||||
|
config = {
|
||||||
|
channels = [
|
||||||
|
"#noise"
|
||||||
|
"#xxx"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
systemPlugin
|
||||||
|
];
|
||||||
|
username = "reaktor2";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,5 +1,8 @@
|
|||||||
{lib,pkgs, ... }:
|
{lib,pkgs, ... }:
|
||||||
let
|
let
|
||||||
|
pkg = lib.overrideDerivation pkgs.ympd (old: {
|
||||||
|
patches = [ ./ympd-top-next.patch ];
|
||||||
|
});
|
||||||
mpdHost = "mpd.shack";
|
mpdHost = "mpd.shack";
|
||||||
ympd = name: port: let
|
ympd = name: port: let
|
||||||
webPort = 10000 + port;
|
webPort = 10000 + port;
|
||||||
@ -7,7 +10,7 @@ let
|
|||||||
systemd.services."ympd-${name}" = {
|
systemd.services."ympd-${name}" = {
|
||||||
description = "mpd for ${name}";
|
description = "mpd for ${name}";
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig.ExecStart = "${pkgs.ympd}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody";
|
serviceConfig.ExecStart = "${pkg}/bin/ympd --host ${mpdHost} --port ${toString port} --webport ${toString webPort} --user nobody";
|
||||||
};
|
};
|
||||||
services.nginx.virtualHosts."mobile.${name}.mpd.shack" = {
|
services.nginx.virtualHosts."mobile.${name}.mpd.shack" = {
|
||||||
serverAliases = [
|
serverAliases = [
|
||||||
|
16
krebs/2configs/shack/ympd-top-next.patch
Normal file
16
krebs/2configs/shack/ympd-top-next.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
diff --git a/htdocs/index.html b/htdocs/index.html
|
||||||
|
index ed77279..eaf92b6 100644
|
||||||
|
--- a/htdocs/index.html
|
||||||
|
+++ b/htdocs/index.html
|
||||||
|
@@ -76,6 +76,11 @@
|
||||||
|
|
||||||
|
<div class="col-md-10 col-xs-12">
|
||||||
|
<div class="notifications top-right"></div>
|
||||||
|
+
|
||||||
|
+ <ul class="pager">
|
||||||
|
+ <li id="prev" class="page-btn hide"><a href="">Previous</a></li>
|
||||||
|
+ <li id="next" class="page-btn"><a href="">Next</a></li>
|
||||||
|
+ </ul>
|
||||||
|
|
||||||
|
<div class="panel panel-primary">
|
||||||
|
<!-- Default panel contents -->
|
@ -113,10 +113,11 @@ let
|
|||||||
'';
|
'';
|
||||||
in nameValuePair "Reaktor-${name}" {
|
in nameValuePair "Reaktor-${name}" {
|
||||||
path = with pkgs; [
|
path = with pkgs; [
|
||||||
utillinux #flock for tell_on-join
|
|
||||||
git # for nag
|
git # for nag
|
||||||
|
jq # for tell
|
||||||
python # for caps
|
python # for caps
|
||||||
];
|
utillinux # flock for tell
|
||||||
|
];
|
||||||
description = "Reaktor IRC Bot";
|
description = "Reaktor IRC Bot";
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
@ -18,14 +18,17 @@ let
|
|||||||
./charybdis.nix
|
./charybdis.nix
|
||||||
./ci.nix
|
./ci.nix
|
||||||
./current.nix
|
./current.nix
|
||||||
|
./dns.nix
|
||||||
./exim.nix
|
./exim.nix
|
||||||
./exim-retiolum.nix
|
./exim-retiolum.nix
|
||||||
./exim-smarthost.nix
|
./exim-smarthost.nix
|
||||||
./fetchWallpaper.nix
|
./fetchWallpaper.nix
|
||||||
./github-hosts-sync.nix
|
./github-hosts-sync.nix
|
||||||
|
./github-known-hosts.nix
|
||||||
./git.nix
|
./git.nix
|
||||||
./go.nix
|
./go.nix
|
||||||
./hidden-ssh.nix
|
./hidden-ssh.nix
|
||||||
|
./hosts.nix
|
||||||
./htgen.nix
|
./htgen.nix
|
||||||
./iana-etc.nix
|
./iana-etc.nix
|
||||||
./iptables.nix
|
./iptables.nix
|
||||||
@ -39,8 +42,10 @@ let
|
|||||||
./per-user.nix
|
./per-user.nix
|
||||||
./power-action.nix
|
./power-action.nix
|
||||||
./Reaktor.nix
|
./Reaktor.nix
|
||||||
|
./reaktor2.nix
|
||||||
./realwallpaper.nix
|
./realwallpaper.nix
|
||||||
./retiolum-bootstrap.nix
|
./retiolum-bootstrap.nix
|
||||||
|
./retiolum-hosts.nix
|
||||||
./rtorrent.nix
|
./rtorrent.nix
|
||||||
./secret.nix
|
./secret.nix
|
||||||
./setuid.nix
|
./setuid.nix
|
||||||
@ -58,28 +63,10 @@ let
|
|||||||
api = {
|
api = {
|
||||||
enable = mkEnableOption "krebs";
|
enable = mkEnableOption "krebs";
|
||||||
|
|
||||||
dns = {
|
|
||||||
providers = mkOption {
|
|
||||||
type = with types; attrsOf str;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
hosts = mkOption {
|
|
||||||
type = with types; attrsOf host;
|
|
||||||
default = {};
|
|
||||||
};
|
|
||||||
|
|
||||||
users = mkOption {
|
users = mkOption {
|
||||||
type = with types; attrsOf user;
|
type = with types; attrsOf user;
|
||||||
};
|
};
|
||||||
|
|
||||||
# XXX is there a better place to define search-domain?
|
|
||||||
# TODO search-domains :: listOf hostname
|
|
||||||
search-domain = mkOption {
|
|
||||||
type = types.hostname;
|
|
||||||
default = "r";
|
|
||||||
};
|
|
||||||
|
|
||||||
sitemap = mkOption {
|
sitemap = mkOption {
|
||||||
default = {};
|
default = {};
|
||||||
type = types.attrsOf types.sitemap.entry;
|
type = types.attrsOf types.sitemap.entry;
|
||||||
@ -125,6 +112,8 @@ let
|
|||||||
w = "hosts";
|
w = "hosts";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
krebs.dns.search-domain = mkDefault "r";
|
||||||
|
|
||||||
krebs.users = {
|
krebs.users = {
|
||||||
krebs = {
|
krebs = {
|
||||||
home = "/krebs";
|
home = "/krebs";
|
||||||
@ -137,93 +126,6 @@ let
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.extraHosts = let
|
|
||||||
domains = attrNames (filterAttrs (_: eq "hosts") cfg.dns.providers);
|
|
||||||
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
|
|
||||||
in concatStringsSep "\n" (flatten (
|
|
||||||
mapAttrsToList (hostname: host:
|
|
||||||
mapAttrsToList (netname: net:
|
|
||||||
let
|
|
||||||
aliases = longs ++ shorts;
|
|
||||||
longs = filter check net.aliases;
|
|
||||||
shorts = let s = ".${cfg.search-domain}"; in
|
|
||||||
map (removeSuffix s) (filter (hasSuffix s) longs);
|
|
||||||
in
|
|
||||||
optionals
|
|
||||||
(aliases != [])
|
|
||||||
(map (addr: "${addr} ${toString aliases}") net.addrs)
|
|
||||||
) (filterAttrs (name: host: host.aliases != []) host.nets)
|
|
||||||
) cfg.hosts
|
|
||||||
));
|
|
||||||
|
|
||||||
# TODO dedup with networking.extraHosts
|
|
||||||
nixpkgs.config.packageOverrides = oldpkgs:
|
|
||||||
let
|
|
||||||
domains = attrNames (filterAttrs (_: eq "hosts") cfg.dns.providers);
|
|
||||||
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
retiolum-hosts = oldpkgs.writeText "retiolum-hosts" ''
|
|
||||||
${concatStringsSep "\n" (flatten (
|
|
||||||
map (host:
|
|
||||||
let
|
|
||||||
net = host.nets.retiolum;
|
|
||||||
aliases = longs;
|
|
||||||
longs = filter check net.aliases;
|
|
||||||
in
|
|
||||||
optionals
|
|
||||||
(aliases != [])
|
|
||||||
(map (addr: "${addr} ${toString aliases}") net.addrs)
|
|
||||||
) (filter (host: hasAttr "retiolum" host.nets)
|
|
||||||
(attrValues cfg.hosts))))}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
krebs.exim-smarthost.internet-aliases = let
|
|
||||||
format = from: to: {
|
|
||||||
inherit from;
|
|
||||||
# TODO assert is-retiolum-mail-address to;
|
|
||||||
to = concatMapStringsSep "," (getAttr "mail") (toList to);
|
|
||||||
};
|
|
||||||
in mapAttrsToList format (with config.krebs.users; let
|
|
||||||
brain-ml = [
|
|
||||||
lass
|
|
||||||
makefu
|
|
||||||
tv
|
|
||||||
];
|
|
||||||
eloop-ml = spam-ml ++ [ ciko ];
|
|
||||||
spam-ml = [
|
|
||||||
lass
|
|
||||||
makefu
|
|
||||||
tv
|
|
||||||
];
|
|
||||||
ciko.mail = "ciko@slash16.net";
|
|
||||||
in {
|
|
||||||
"anmeldung@eloop.org" = eloop-ml;
|
|
||||||
"brain@krebsco.de" = brain-ml;
|
|
||||||
"cfp@eloop.org" = eloop-ml;
|
|
||||||
"kontakt@eloop.org" = eloop-ml;
|
|
||||||
"root@eloop.org" = eloop-ml;
|
|
||||||
"youtube@eloop.org" = eloop-ml;
|
|
||||||
"eloop2016@krebsco.de" = eloop-ml;
|
|
||||||
"eloop2017@krebsco.de" = eloop-ml;
|
|
||||||
"postmaster@krebsco.de" = spam-ml; # RFC 822
|
|
||||||
"lass@krebsco.de" = lass;
|
|
||||||
"makefu@krebsco.de" = makefu;
|
|
||||||
"spam@krebsco.de" = spam-ml;
|
|
||||||
"tv@krebsco.de" = tv;
|
|
||||||
# XXX These are no internet aliases
|
|
||||||
# XXX exim-retiolum hosts should be able to relay to retiolum addresses
|
|
||||||
"lass@retiolum" = lass;
|
|
||||||
"makefu@retiolum" = makefu;
|
|
||||||
"spam@retiolum" = spam-ml;
|
|
||||||
"tv@retiolum" = tv;
|
|
||||||
"lass@r" = lass;
|
|
||||||
"makefu@r" = makefu;
|
|
||||||
"spam@r" = spam-ml;
|
|
||||||
"tv@r" = tv;
|
|
||||||
});
|
|
||||||
|
|
||||||
services.openssh.hostKeys =
|
services.openssh.hostKeys =
|
||||||
let inherit (config.krebs.build.host.ssh) privkey; in
|
let inherit (config.krebs.build.host.ssh) privkey; in
|
||||||
mkIf (privkey != null) (mkForce [privkey]);
|
mkIf (privkey != null) (mkForce [privkey]);
|
||||||
@ -238,31 +140,6 @@ let
|
|||||||
};
|
};
|
||||||
})
|
})
|
||||||
//
|
//
|
||||||
{
|
|
||||||
github = {
|
|
||||||
hostNames = [
|
|
||||||
"github.com"
|
|
||||||
# List generated with
|
|
||||||
# curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob
|
|
||||||
"192.30.252.*"
|
|
||||||
"192.30.253.*"
|
|
||||||
"192.30.254.*"
|
|
||||||
"192.30.255.*"
|
|
||||||
"185.199.108.*"
|
|
||||||
"185.199.109.*"
|
|
||||||
"185.199.110.*"
|
|
||||||
"185.199.111.*"
|
|
||||||
"13.229.188.59"
|
|
||||||
"13.250.177.223"
|
|
||||||
"18.194.104.89"
|
|
||||||
"18.195.85.27"
|
|
||||||
"35.159.8.160"
|
|
||||||
"52.74.223.119"
|
|
||||||
];
|
|
||||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
//
|
|
||||||
mapAttrs
|
mapAttrs
|
||||||
(name: host: {
|
(name: host: {
|
||||||
hostNames =
|
hostNames =
|
||||||
@ -272,8 +149,8 @@ let
|
|||||||
let
|
let
|
||||||
longs = net.aliases;
|
longs = net.aliases;
|
||||||
shorts =
|
shorts =
|
||||||
map (removeSuffix ".${cfg.search-domain}")
|
map (removeSuffix ".${cfg.dns.search-domain}")
|
||||||
(filter (hasSuffix ".${cfg.search-domain}")
|
(filter (hasSuffix ".${cfg.dns.search-domain}")
|
||||||
longs);
|
longs);
|
||||||
add-port = a:
|
add-port = a:
|
||||||
if net.ssh.port != 22
|
if net.ssh.port != 22
|
||||||
@ -297,8 +174,8 @@ let
|
|||||||
(concatMap (host: attrValues host.nets)
|
(concatMap (host: attrValues host.nets)
|
||||||
(mapAttrsToList
|
(mapAttrsToList
|
||||||
(_: host: recursiveUpdate host
|
(_: host: recursiveUpdate host
|
||||||
(optionalAttrs (hasAttr config.krebs.search-domain host.nets) {
|
(optionalAttrs (hasAttr cfg.dns.search-domain host.nets) {
|
||||||
nets."" = host.nets.${config.krebs.search-domain} // {
|
nets."" = host.nets.${cfg.dns.search-domain} // {
|
||||||
aliases = [host.name];
|
aliases = [host.name];
|
||||||
addrs = [];
|
addrs = [];
|
||||||
};
|
};
|
||||||
|
12
krebs/3modules/dns.nix
Normal file
12
krebs/3modules/dns.nix
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
krebs.dns.providers = mkOption {
|
||||||
|
type = types.attrsOf types.str;
|
||||||
|
};
|
||||||
|
|
||||||
|
krebs.dns.search-domain = mkOption {
|
||||||
|
type = types.hostname;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
53
krebs/3modules/external/default.nix
vendored
53
krebs/3modules/external/default.nix
vendored
@ -84,8 +84,8 @@ in {
|
|||||||
nets = rec {
|
nets = rec {
|
||||||
internet = {
|
internet = {
|
||||||
# eve.thalheim.io
|
# eve.thalheim.io
|
||||||
ip4.addr = "188.68.39.17";
|
ip4.addr = "95.216.112.61";
|
||||||
ip6.addr = "2a03:4000:13:31e::1";
|
ip6.addr = "2a01:4f9:2b:1605::1";
|
||||||
aliases = [ "eve.i" ];
|
aliases = [ "eve.i" ];
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = {
|
||||||
@ -141,6 +141,29 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
idontcare = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.idontcare.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.idontcare.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.177";
|
||||||
|
aliases = [ "idontcare.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIBCgKCAQEAxmmbQLVXcnCU9Vg9TCoJxfq/RyNfzaTj8XJsn4Kpo3CvQOwFzL6O
|
||||||
|
qZnbG55WjPjPumuFgtUdHA/G8mgtrTVaIRbVE9ck2l2wWFzMWxORzuvDbMh5xP8A
|
||||||
|
OW2Z2qjlH6O9GTBCzpYyHuyBWCjtiN4x9zEqxkIsBARKOylAoy3zQIiiQF0d72An
|
||||||
|
lqKFi9vYUU90zo9rP8BTzx2ZsEWb28xhHUlwf1+vgaOHI1jI99gnr12dVYl/i/Hb
|
||||||
|
O28gDUogfpP/5pWFAHJ+53ZscHo8/Y7imjiKgGXmOHywoXOsKQ67M6ROEU/0xPnw
|
||||||
|
jKmq2p7zTJk2mDhphjePi5idd5yKNX5Q3wIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
justraute = {
|
justraute = {
|
||||||
owner = config.krebs.users.raute; # laptop
|
owner = config.krebs.users.raute; # laptop
|
||||||
nets = {
|
nets = {
|
||||||
@ -344,6 +367,30 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
matchbox = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.29.176";
|
||||||
|
aliases = [ "matchbox.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAqwB9pzV889vpMp/am+T0sfm5qO/wAWS/tv0auYK3Zyx3ChxrQX2m
|
||||||
|
VrxO5a/bjR/g1fi/t2kJIV/6tsVSRHfzKuKHprE2KxeNOmwUuSjjiM4CboASMR+w
|
||||||
|
nra6U0Ldf5vBxtEj5bj384QxwxxVLhSw8NbE43FCM07swSvAT8Y/ZmGUd738674u
|
||||||
|
TNC6zM6zwLvN0dxCDLuD5bwUq7y73JNQTm2YXv1Hfw3T8XqJK/Xson2Atv2Y5ZbE
|
||||||
|
TA0RaH3PoEkhkVeJG/EuUIJhvmunS5bBjFSiOiUZ8oEOSjo9nHUMD0u+x1BZIg/1
|
||||||
|
yy5B5iB4YSGPAtjMJhwD/LRIoI8msWpdVCCnA+FlKCKAsgC7JbJgcOUtK9eDFdbO
|
||||||
|
4FyzdUJbK+4PDguraPGzIX7p+K3SY8bbyo3SSp5rEb+CEWtFf26oJm7eBhDBT6K4
|
||||||
|
Ofmzp0GjFbS8qkqEGCQcfi4cAsXMVCn4AJ6CKs89y19pLZ42fUtWg7WgUZA7GWV/
|
||||||
|
bPE2RSBMUkGb0ovgoe7Z7NXsL3AST8EQEy+3lAEyUrPFLiwoeGJZmfTDTy1VBFI4
|
||||||
|
nCShp7V+MSmz4DnLK1HLksLVLmGyZmouGsLjYUnEa414EI6NJF3bfEO2ZRGaswyR
|
||||||
|
/vW066YCTe7wi+YrvrMDgkdbyfn/ecMTn2iXsTb4k9/fuO0+hsqL+isCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
miaoski = {
|
miaoski = {
|
||||||
owner = config.krebs.users.miaoski;
|
owner = config.krebs.users.miaoski;
|
||||||
nets = {
|
nets = {
|
||||||
@ -369,7 +416,7 @@ in {
|
|||||||
pubkey = ssh-for "kmein";
|
pubkey = ssh-for "kmein";
|
||||||
};
|
};
|
||||||
Mic92 = {
|
Mic92 = {
|
||||||
mail = "joerg@higgsboson.tk";
|
mail = "joerg@thalheim.io";
|
||||||
pubkey = ssh-for "Mic92";
|
pubkey = ssh-for "Mic92";
|
||||||
};
|
};
|
||||||
palo = {
|
palo = {
|
||||||
|
40
krebs/3modules/github-known-hosts.nix
Normal file
40
krebs/3modules/github-known-hosts.nix
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{
|
||||||
|
services.openssh.knownHosts.github = {
|
||||||
|
hostNames = [
|
||||||
|
"github.com"
|
||||||
|
# List generated with
|
||||||
|
# curl -sS https://api.github.com/meta | jq -r .git[] | nix-shell -p cidr2glob --run cidr2glob | jq -R .
|
||||||
|
"192.30.252.*"
|
||||||
|
"192.30.253.*"
|
||||||
|
"192.30.254.*"
|
||||||
|
"192.30.255.*"
|
||||||
|
"185.199.108.*"
|
||||||
|
"185.199.109.*"
|
||||||
|
"185.199.110.*"
|
||||||
|
"185.199.111.*"
|
||||||
|
"140.82.112.*"
|
||||||
|
"140.82.113.*"
|
||||||
|
"140.82.114.*"
|
||||||
|
"140.82.115.*"
|
||||||
|
"140.82.116.*"
|
||||||
|
"140.82.117.*"
|
||||||
|
"140.82.118.*"
|
||||||
|
"140.82.119.*"
|
||||||
|
"140.82.120.*"
|
||||||
|
"140.82.121.*"
|
||||||
|
"140.82.122.*"
|
||||||
|
"140.82.123.*"
|
||||||
|
"140.82.124.*"
|
||||||
|
"140.82.125.*"
|
||||||
|
"140.82.126.*"
|
||||||
|
"140.82.127.*"
|
||||||
|
"13.229.188.59"
|
||||||
|
"13.250.177.223"
|
||||||
|
"18.194.104.89"
|
||||||
|
"18.195.85.27"
|
||||||
|
"35.159.8.160"
|
||||||
|
"52.74.223.119"
|
||||||
|
];
|
||||||
|
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
|
||||||
|
};
|
||||||
|
}
|
35
krebs/3modules/hosts.nix
Normal file
35
krebs/3modules/hosts.nix
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, ... }: let
|
||||||
|
# TODO dedup functions with ./retiolum-hosts.nix
|
||||||
|
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
|
||||||
|
domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
|
||||||
|
in {
|
||||||
|
|
||||||
|
options = {
|
||||||
|
krebs.hosts = mkOption {
|
||||||
|
default = {};
|
||||||
|
type = types.attrsOf types.host;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
networking.hosts =
|
||||||
|
filterAttrs
|
||||||
|
(_name: value: value != [])
|
||||||
|
(zipAttrsWith
|
||||||
|
(_: concatLists)
|
||||||
|
(concatMap
|
||||||
|
(host:
|
||||||
|
concatMap
|
||||||
|
(net: let
|
||||||
|
aliases = longs ++ shorts;
|
||||||
|
longs = filter check net.aliases;
|
||||||
|
shorts = let s = ".${config.krebs.dns.search-domain}"; in
|
||||||
|
map (removeSuffix s) (filter (hasSuffix s) longs);
|
||||||
|
in
|
||||||
|
map (addr: { ${addr} = aliases; }) net.addrs)
|
||||||
|
(attrValues host.nets))
|
||||||
|
(attrValues config.krebs.hosts)));
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -13,7 +13,7 @@ in {
|
|||||||
});
|
});
|
||||||
default = {};
|
default = {};
|
||||||
};
|
};
|
||||||
config = {
|
config = mkIf (cfg != {}) {
|
||||||
environment = {
|
environment = {
|
||||||
etc =
|
etc =
|
||||||
mapAttrs'
|
mapAttrs'
|
||||||
|
71
krebs/3modules/reaktor2.nix
Normal file
71
krebs/3modules/reaktor2.nix
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, pkgs, ... }: {
|
||||||
|
|
||||||
|
options.krebs.reaktor2 = mkOption {
|
||||||
|
default = {};
|
||||||
|
type = types.attrsOf (types.submodule (self: let
|
||||||
|
name = self.config._module.args.name;
|
||||||
|
in {
|
||||||
|
options = {
|
||||||
|
nick = mkOption {
|
||||||
|
default = name;
|
||||||
|
# TODO types.irc.nickname
|
||||||
|
type = types.str;
|
||||||
|
};
|
||||||
|
hostname = mkOption {
|
||||||
|
default = "irc.r";
|
||||||
|
type = types.hostname;
|
||||||
|
};
|
||||||
|
port = mkOption {
|
||||||
|
default = "6667";
|
||||||
|
# TODO type = types.service-name
|
||||||
|
};
|
||||||
|
plugins = mkOption {
|
||||||
|
default = [];
|
||||||
|
type = types.listOf types.attrs;
|
||||||
|
};
|
||||||
|
stateDir = mkOption {
|
||||||
|
default = "/var/lib/${self.config.username}";
|
||||||
|
readOnly = true;
|
||||||
|
type = types.absolute-pathname;
|
||||||
|
};
|
||||||
|
systemd-service-name = mkOption {
|
||||||
|
default = "reaktor2${optionalString (name != "default") "-${name}"}";
|
||||||
|
type = types.filename;
|
||||||
|
};
|
||||||
|
username = mkOption {
|
||||||
|
default = self.config.systemd-service-name;
|
||||||
|
type = types.username;
|
||||||
|
};
|
||||||
|
useTLS = mkOption {
|
||||||
|
default = self.config.port == "6697";
|
||||||
|
type = types.bool;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}));
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg:
|
||||||
|
nameValuePair cfg.systemd-service-name {
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
User = cfg.username;
|
||||||
|
Group = "reaktor2";
|
||||||
|
DynamicUser = true;
|
||||||
|
StateDirectory = cfg.username;
|
||||||
|
ExecStart = let
|
||||||
|
configFile = pkgs.writeJSON configFileName configValue;
|
||||||
|
configFileName = "${cfg.systemd-service-name}.config.json";
|
||||||
|
configValue = recursiveUpdate {
|
||||||
|
logTime = false;
|
||||||
|
} (removeAttrs cfg ["_module"]);
|
||||||
|
in "${pkgs.reaktor2}/bin/reaktor ${configFile}";
|
||||||
|
Restart = "always";
|
||||||
|
RestartSec = "30";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
);
|
||||||
|
};
|
||||||
|
}
|
28
krebs/3modules/retiolum-hosts.nix
Normal file
28
krebs/3modules/retiolum-hosts.nix
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ config, ... }: let
|
||||||
|
# TODO dedup functions with ./hosts.nix
|
||||||
|
check = hostname: any (domain: hasSuffix ".${domain}" hostname) domains;
|
||||||
|
domains = attrNames (filterAttrs (_: eq "hosts") config.krebs.dns.providers);
|
||||||
|
in {
|
||||||
|
nixpkgs.config.packageOverrides = super: {
|
||||||
|
retiolum-hosts =
|
||||||
|
super.writeText "retiolum-hosts" ''
|
||||||
|
${
|
||||||
|
concatStringsSep
|
||||||
|
"\n"
|
||||||
|
(flatten
|
||||||
|
(map
|
||||||
|
(host: let
|
||||||
|
net = host.nets.retiolum;
|
||||||
|
aliases = longs;
|
||||||
|
longs = filter check net.aliases;
|
||||||
|
in
|
||||||
|
optionals
|
||||||
|
(aliases != [])
|
||||||
|
(map (addr: "${addr} ${toString aliases}") net.addrs))
|
||||||
|
(filter (host: hasAttr "retiolum" host.nets)
|
||||||
|
(attrValues config.krebs.hosts))))
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
@ -27,6 +27,7 @@ let
|
|||||||
"tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
|
"tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
|
||||||
Name = ${tinc.config.host.name}
|
Name = ${tinc.config.host.name}
|
||||||
Interface = ${netname}
|
Interface = ${netname}
|
||||||
|
Broadcast = no
|
||||||
${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
|
${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
|
||||||
PrivateKeyFile = ${tinc.config.privkey.path}
|
PrivateKeyFile = ${tinc.config.privkey.path}
|
||||||
Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
|
Port = ${toString tinc.config.host.nets.${netname}.tinc.port}
|
||||||
|
@ -22,6 +22,8 @@ foldl' mergeAttrs {}
|
|||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
|
reaktor2 = self.haskellPackages.reaktor2;
|
||||||
|
|
||||||
ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {};
|
ReaktorPlugins = self.callPackage ./simple/Reaktor/plugins.nix {};
|
||||||
|
|
||||||
# https://github.com/proot-me/PRoot/issues/106
|
# https://github.com/proot-me/PRoot/issues/106
|
||||||
|
@ -7,8 +7,8 @@ with import <stockholm/lib>;
|
|||||||
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
|
sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1";
|
||||||
};
|
};
|
||||||
"18.09" = {
|
"18.09" = {
|
||||||
version = "1.2.0";
|
version = "2.1.0";
|
||||||
sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300";
|
sha256 = "0wc8v48bb0bkvypc0j6imvnf8xc8572hykk9sgjhzf2w0ggqxv5d";
|
||||||
};
|
};
|
||||||
}.${versions.majorMinor nixpkgsVersion};
|
}.${versions.majorMinor nixpkgsVersion};
|
||||||
|
|
||||||
|
@ -8,11 +8,12 @@
|
|||||||
}:
|
}:
|
||||||
mkDerivation {
|
mkDerivation {
|
||||||
pname = "much";
|
pname = "much";
|
||||||
version = "1.1.0";
|
version = "1.2.0";
|
||||||
src = fetchgit {
|
src = fetchgit {
|
||||||
url = "http://cgit.ni.krebsco.de/much";
|
url = "https://cgit.krebsco.de/much";
|
||||||
sha256 = "1325554zymr1dd0clj8c5ygl70c791csvs0hz33jcfr6b8wysdrl";
|
sha256 = "0gfvppi8acylz0q7xh8dkm3dj676d4sc1m1gxwp663bkn4748873";
|
||||||
rev = "dfec37d848e11c00d9b7f03295af1fc7b0e83ef5";
|
rev = "8fc4fbb5bb7781626da8f63cd8df8bb0f554cfe7";
|
||||||
|
fetchSubmodules = true;
|
||||||
};
|
};
|
||||||
isLibrary = false;
|
isLibrary = false;
|
||||||
isExecutable = true;
|
isExecutable = true;
|
27
krebs/5pkgs/haskell/reaktor2.nix
Normal file
27
krebs/5pkgs/haskell/reaktor2.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ mkDerivation, aeson, async, attoparsec, base, blessings
|
||||||
|
, bytestring, containers, data-default, fetchgit, filepath
|
||||||
|
, hashable, lens, lens-aeson, network, network-simple
|
||||||
|
, network-simple-tls, pcre-light, process, random, stdenv
|
||||||
|
, string-conversions, stringsearch, text, time, transformers
|
||||||
|
, unagi-chan, unix, unordered-containers, vector
|
||||||
|
}:
|
||||||
|
mkDerivation {
|
||||||
|
pname = "reaktor2";
|
||||||
|
version = "0.2.1";
|
||||||
|
src = fetchgit {
|
||||||
|
url = "https://cgit.krebsco.de/reaktor2";
|
||||||
|
sha256 = "0wg76wlzfi893rl0lzhfs6bkpdcvwvgl6mpnz6w7r8f7znr4a9vr";
|
||||||
|
rev = "0e199f7a357a4c5973e5837ec67699cf224ca69c";
|
||||||
|
fetchSubmodules = true;
|
||||||
|
};
|
||||||
|
isLibrary = false;
|
||||||
|
isExecutable = true;
|
||||||
|
executableHaskellDepends = [
|
||||||
|
aeson async attoparsec base blessings bytestring containers
|
||||||
|
data-default filepath hashable lens lens-aeson network
|
||||||
|
network-simple network-simple-tls pcre-light process random
|
||||||
|
string-conversions stringsearch text time transformers unagi-chan
|
||||||
|
unix unordered-containers vector
|
||||||
|
];
|
||||||
|
license = stdenv.lib.licenses.mit;
|
||||||
|
}
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
python3Packages.buildPythonPackage rec {
|
python3Packages.buildPythonPackage rec {
|
||||||
name = "Reaktor-${version}";
|
name = "Reaktor-${version}";
|
||||||
version = "0.6.2";
|
version = "0.7.0";
|
||||||
|
|
||||||
doCheck = false;
|
doCheck = false;
|
||||||
|
|
||||||
@ -13,8 +13,8 @@ python3Packages.buildPythonPackage rec {
|
|||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "krebs";
|
owner = "krebs";
|
||||||
repo = "Reaktor";
|
repo = "Reaktor";
|
||||||
rev = version;
|
rev = "v${version}";
|
||||||
sha256 = "0h8pj0x9b5fnxddwrc0f63rxd3275v5phmjc0fv4kiwlzvbcxj6m";
|
sha256 = "12yy06vk0smjs0rmahrn2kd4bcdh1yjw1fz6rifw6nmgx889d9hj";
|
||||||
};
|
};
|
||||||
meta = {
|
meta = {
|
||||||
homepage = http://krebsco.de/;
|
homepage = http://krebsco.de/;
|
||||||
|
@ -146,58 +146,36 @@ rec {
|
|||||||
'';
|
'';
|
||||||
});
|
});
|
||||||
|
|
||||||
taskrcFile = builtins.toFile "taskrc" ''
|
task = name: let
|
||||||
confirmation=no
|
rcFile = builtins.toFile "taskrc" ''
|
||||||
'';
|
confirmation=no
|
||||||
|
'';
|
||||||
task-add = buildSimpleReaktorPlugin "task-add" {
|
in {
|
||||||
pattern = "^task-add: (?P<args>.*)$$";
|
add = buildSimpleReaktorPlugin "${name}-task-add" {
|
||||||
script = pkgs.writeDash "task-add" ''
|
|
||||||
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} add "$*"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
task-list = buildSimpleReaktorPlugin "task-list" {
|
|
||||||
pattern = "^task-list";
|
|
||||||
script = pkgs.writeDash "task-list" ''
|
|
||||||
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
task-delete = buildSimpleReaktorPlugin "task-delete" {
|
|
||||||
pattern = "^task-delete: (?P<args>.*)$$";
|
|
||||||
script = pkgs.writeDash "task-delete" ''
|
|
||||||
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
task-done = buildSimpleReaktorPlugin "task-done" {
|
|
||||||
pattern = "^task-done: (?P<args>.*)$$";
|
|
||||||
script = pkgs.writeDash "task-done" ''
|
|
||||||
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} done "$*"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
todo = name: {
|
|
||||||
add = buildSimpleReaktorPlugin "${name}-add" {
|
|
||||||
pattern = "^${name}-add: (?P<args>.*)$$";
|
pattern = "^${name}-add: (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "${name}-add" ''
|
script = pkgs.writeDash "${name}-add" ''
|
||||||
echo "$*" >> ${name}-todo
|
TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
|
||||||
echo "added ${name} todo"
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
delete = buildSimpleReaktorPlugin "${name}-delete" {
|
|
||||||
|
list = buildSimpleReaktorPlugin "task-list" {
|
||||||
|
pattern = "^${name}-list";
|
||||||
|
script = pkgs.writeDash "task-list" ''
|
||||||
|
TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
delete = buildSimpleReaktorPlugin "task-delete" {
|
||||||
pattern = "^${name}-delete: (?P<args>.*)$$";
|
pattern = "^${name}-delete: (?P<args>.*)$$";
|
||||||
script = pkgs.writeDash "${name}-delete" ''
|
script = pkgs.writeDash "task-delete" ''
|
||||||
${pkgs.gnugrep}/bin/grep -Fvxe "$*" ${name}-todo > ${name}-todo.tmp
|
TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
|
||||||
${pkgs.coreutils}/bin/mv ${name}-todo.tmp ${name}-todo
|
|
||||||
echo "removed ${name} todo: $*"
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
show = buildSimpleReaktorPlugin "${name}-show" {
|
|
||||||
pattern = "^${name}-show$";
|
done = buildSimpleReaktorPlugin "task-done" {
|
||||||
script = pkgs.writeDash "${name}-show" ''
|
pattern = "^${name}-done: (?P<args>.*)$$";
|
||||||
${pkgs.coreutils}/bin/cat ${name}-todo
|
script = pkgs.writeDash "task-done" ''
|
||||||
|
TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*"
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
2
krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
Normal file → Executable file
2
krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh
Normal file → Executable file
@ -1,5 +1,5 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
curl http://emojicons.com/random -s | \
|
curl -sS http://emojicons.com/random | \
|
||||||
grep data-text | \
|
grep data-text | \
|
||||||
sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \
|
sed -n 's/.*>\(.*\)<\/textarea>/\1/p' | \
|
||||||
head -n 1 | \
|
head -n 1 | \
|
||||||
|
0
krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh
Normal file → Executable file
0
krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh
Normal file → Executable file
2
krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py
Normal file → Executable file
2
krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py
Normal file → Executable file
@ -46,7 +46,7 @@ if is_regex(line):
|
|||||||
print('to many lines, skipped')
|
print('to many lines, skipped')
|
||||||
else:
|
else:
|
||||||
if last.strip() != ret.strip():
|
if last.strip() != ret.strip():
|
||||||
print("\x1b[1m{}\x1b[0m meant: {}".format(usr, ret.strip()))
|
print("\x02{}\x02 meant: {}".format(usr, ret.strip()))
|
||||||
if ret:
|
if ret:
|
||||||
d[usr] = ret
|
d[usr] = ret
|
||||||
|
|
||||||
|
0
krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh
Normal file → Executable file
0
krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh
Normal file → Executable file
@ -1,3 +0,0 @@
|
|||||||
{ haskellPackages, ... }:
|
|
||||||
|
|
||||||
haskellPackages.callPackage ./cabal.nix {}
|
|
106
krebs/5pkgs/simple/reaktor2-plugins.nix
Normal file
106
krebs/5pkgs/simple/reaktor2-plugins.nix
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
with import <stockholm/lib>;
|
||||||
|
{ lib, pkgs, ... }:
|
||||||
|
|
||||||
|
rec {
|
||||||
|
generators = {
|
||||||
|
command_hook = commands: {
|
||||||
|
pattern =
|
||||||
|
"^\\s*([0-9A-Za-z._][0-9A-Za-z._-]*)(?:\\s+(.*\\S))?\\s*$";
|
||||||
|
command = 1;
|
||||||
|
arguments = [2];
|
||||||
|
commands = commands;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
commands = {
|
||||||
|
|
||||||
|
hello = {
|
||||||
|
filename = "${pkgs.Reaktor.src}/reaktor/commands/hello";
|
||||||
|
};
|
||||||
|
|
||||||
|
random-emoji = {
|
||||||
|
filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/random-emoji.sh>;
|
||||||
|
env = {
|
||||||
|
PATH = makeBinPath (with pkgs; [ coreutils gnused gnugrep xmlstarlet wget ]);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
nixos-version = {
|
||||||
|
filename = pkgs.writeDash "nixos-version" ''
|
||||||
|
. /etc/os-release
|
||||||
|
echo "$PRETTY_NAME"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
stockholm-issue = {
|
||||||
|
filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/random-issue.sh>;
|
||||||
|
env = {
|
||||||
|
PATH = makeBinPath (with pkgs; [ coreutils git gnused haskellPackages.lentil ]);
|
||||||
|
origin = "http://cgit.gum/stockholm";
|
||||||
|
state_dir = "/tmp/stockholm-issue";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
hooks = {
|
||||||
|
|
||||||
|
sed = {
|
||||||
|
activate = "always";
|
||||||
|
pattern = "^(.*)$";
|
||||||
|
arguments = [1];
|
||||||
|
command = {
|
||||||
|
env = {
|
||||||
|
PATH = makeBinPath (with pkgs; [ gnused ]);
|
||||||
|
state_dir = "/tmp";
|
||||||
|
};
|
||||||
|
filename = pkgs.writeDash "sed-plugin" ''
|
||||||
|
set -efu
|
||||||
|
exec ${pkgs.python3}/bin/python \
|
||||||
|
${<stockholm/krebs/5pkgs/simple/Reaktor/scripts/sed-plugin.py>} "$@"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
shack-correct = {
|
||||||
|
activate = "match";
|
||||||
|
pattern = "^(.*Shack.*)$";
|
||||||
|
arguments = [1];
|
||||||
|
command.filename = <stockholm/krebs/5pkgs/simple/Reaktor/scripts/shack-correct.sh>;
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
url-title = {
|
||||||
|
#pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$";
|
||||||
|
pattern = "^.*(http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+).*$";
|
||||||
|
activate = "match";
|
||||||
|
arguments = [1];
|
||||||
|
command = {
|
||||||
|
filename = pkgs.writePython3 "url-title" { deps = with pkgs.python3Packages; [ beautifulsoup4 lxml ]; } ''
|
||||||
|
import cgi
|
||||||
|
import sys
|
||||||
|
import urllib.request
|
||||||
|
from bs4 import BeautifulSoup
|
||||||
|
|
||||||
|
try:
|
||||||
|
req = urllib.request.Request(sys.argv[1])
|
||||||
|
req.add_header('user-agent', 'Reaktor-url-title')
|
||||||
|
resp = urllib.request.urlopen(req)
|
||||||
|
if resp.headers['content-type'].find('text/html') >= 0:
|
||||||
|
soup = BeautifulSoup(resp.read(16000), "lxml")
|
||||||
|
title = soup.find('title').string
|
||||||
|
|
||||||
|
if len(title.split('\n')) > 5:
|
||||||
|
title = '\n'.join(title.split('\n')[:5])
|
||||||
|
|
||||||
|
print(title[:450])
|
||||||
|
else:
|
||||||
|
cd_header = resp.headers['content-disposition']
|
||||||
|
print(cgi.parse_header(cd_header)[1]['filename'])
|
||||||
|
except: # noqa: E722
|
||||||
|
pass
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -9,15 +9,21 @@
|
|||||||
|
|
||||||
krebs-source = { test ? false }: rec {
|
krebs-source = { test ? false }: rec {
|
||||||
nixpkgs = if test then {
|
nixpkgs = if test then {
|
||||||
file = {
|
derivation = let
|
||||||
path = toString (pkgs.fetchFromGitHub {
|
rev = (lib.importJSON ./nixpkgs.json).rev;
|
||||||
|
sha256 = (lib.importJSON ./nixpkgs.json).sha256;
|
||||||
|
in ''
|
||||||
|
with import (builtins.fetchTarball {
|
||||||
|
url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
|
||||||
|
sha256 = "${sha256}";
|
||||||
|
}) {};
|
||||||
|
pkgs.fetchFromGitHub {
|
||||||
owner = "nixos";
|
owner = "nixos";
|
||||||
repo = "nixpkgs";
|
repo = "nixpkgs";
|
||||||
rev = (lib.importJSON ./nixpkgs.json).rev;
|
rev = "${rev}";
|
||||||
sha256 = (lib.importJSON ./nixpkgs.json).sha256;
|
sha256 = "${sha256}";
|
||||||
});
|
}
|
||||||
useChecksum = true;
|
'';
|
||||||
};
|
|
||||||
} else {
|
} else {
|
||||||
git = {
|
git = {
|
||||||
ref = (lib.importJSON ./nixpkgs.json).rev;
|
ref = (lib.importJSON ./nixpkgs.json).rev;
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||||
"rev": "b9fa31cea0e119ecf1867af4944ddc2f7633aacd",
|
"rev": "97e0d53d669cd07f0750a42fd535524b3cdd46d1",
|
||||||
"date": "2018-12-22T15:37:52+00:00",
|
"date": "2019-01-15T00:11:44+01:00",
|
||||||
"sha256": "1iqdra7nvcwbydjirjsk71rpzk4ljc0gzqy33fcp8l18y8iwh47k",
|
"sha256": "111xa7qn9142dar29cil4br2mvn8f1rbiy310lkhwl73126fq8dw",
|
||||||
"fetchSubmodules": false
|
"fetchSubmodules": false
|
||||||
}
|
}
|
||||||
|
@ -1,11 +1,20 @@
|
|||||||
{ lib, pkgs, ... }:
|
{ lib, pkgs, ... }:
|
||||||
{
|
{
|
||||||
nixpkgs = lib.mkForce {
|
nixpkgs = lib.mkForce {
|
||||||
file = toString (pkgs.fetchFromGitHub {
|
derivation = let
|
||||||
owner = "nixos";
|
|
||||||
repo = "nixpkgs";
|
|
||||||
rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
|
rev = (lib.importJSON ../../../krebs/nixpkgs.json).rev;
|
||||||
sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
|
sha256 = (lib.importJSON ../../../krebs/nixpkgs.json).sha256;
|
||||||
});
|
in ''
|
||||||
|
with import (builtins.fetchTarball {
|
||||||
|
url = "https://github.com/nixos/nixpkgs/archive/${rev}.tar.gz";
|
||||||
|
sha256 = "${sha256}";
|
||||||
|
}) {};
|
||||||
|
pkgs.fetchFromGitHub {
|
||||||
|
owner = "nixos";
|
||||||
|
repo = "nixpkgs";
|
||||||
|
rev = "${rev}";
|
||||||
|
sha256 = "${sha256}";
|
||||||
|
}
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -35,6 +35,8 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/lass/2configs/print.nix>
|
<stockholm/lass/2configs/print.nix>
|
||||||
<stockholm/lass/2configs/blue-host.nix>
|
<stockholm/lass/2configs/blue-host.nix>
|
||||||
<stockholm/lass/2configs/network-manager.nix>
|
<stockholm/lass/2configs/network-manager.nix>
|
||||||
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
|
<stockholm/lass/2configs/hardening.nix>
|
||||||
{
|
{
|
||||||
krebs.iptables.tables.filter.INPUT.rules = [
|
krebs.iptables.tables.filter.INPUT.rules = [
|
||||||
#risk of rain
|
#risk of rain
|
||||||
|
@ -36,10 +36,10 @@ with import <stockholm/lib>;
|
|||||||
# TODO write function for proxy_pass (ssl/nonssl)
|
# TODO write function for proxy_pass (ssl/nonssl)
|
||||||
|
|
||||||
krebs.iptables.tables.filter.FORWARD.rules = [
|
krebs.iptables.tables.filter.FORWARD.rules = [
|
||||||
{ v6 = false; precedence = 1000; predicate = "-d 192.168.122.92"; target = "ACCEPT"; }
|
{ v6 = false; precedence = 1000; predicate = "-d 192.168.122.141"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
krebs.iptables.tables.nat.PREROUTING.rules = [
|
krebs.iptables.tables.nat.PREROUTING.rules = [
|
||||||
{ v6 = false; precedence = 1000; predicate = "-d 46.4.114.243"; target = "DNAT --to-destination 192.168.122.92"; }
|
{ v6 = false; precedence = 1000; predicate = "-d 95.216.1.130"; target = "DNAT --to-destination 192.168.122.141"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
@ -379,6 +379,7 @@ with import <stockholm/lib>;
|
|||||||
name = "download";
|
name = "download";
|
||||||
home = "/var/download";
|
home = "/var/download";
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
uid = genid "download";
|
||||||
openssh.authorizedKeys.keys = with config.krebs.users; [
|
openssh.authorizedKeys.keys = with config.krebs.users; [
|
||||||
lass.pubkey
|
lass.pubkey
|
||||||
lass-shodan.pubkey
|
lass-shodan.pubkey
|
||||||
@ -420,6 +421,16 @@ with import <stockholm/lib>;
|
|||||||
{ predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
|
{ predicate = "-i wiregrill -p udp --dport 4000:4002"; target = "ACCEPT"; }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
nix.trustedUsers = [ "Mic92" ];
|
||||||
|
users.users.Mic92 = {
|
||||||
|
uid = genid_uint31 "Mic92";
|
||||||
|
isNormalUser = true;
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.Mic92.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.prism;
|
krebs.build.host = config.krebs.hosts.prism;
|
||||||
|
@ -40,6 +40,16 @@
|
|||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
fileSystems."/var/lib/nextcloud" = {
|
||||||
|
device = "tank/nextcloud";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/var/lib/libvirt" = {
|
||||||
|
device = "tank/libvirt";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 8;
|
nix.maxJobs = lib.mkDefault 8;
|
||||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
|
||||||
@ -53,9 +63,15 @@
|
|||||||
defaultGateway = "95.216.1.129";
|
defaultGateway = "95.216.1.129";
|
||||||
# Use google's public DNS server
|
# Use google's public DNS server
|
||||||
nameservers = [ "8.8.8.8" ];
|
nameservers = [ "8.8.8.8" ];
|
||||||
interfaces.eth0 = {
|
interfaces.eth0.ipv4.addresses = [
|
||||||
ipAddress = "95.216.1.150";
|
{
|
||||||
prefixLength = 26;
|
address = "95.216.1.150";
|
||||||
};
|
prefixLength = 26;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
address = "95.216.1.130";
|
||||||
|
prefixLength = 26;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -88,7 +88,7 @@ with import <stockholm/lib>;
|
|||||||
client
|
client
|
||||||
dev tun
|
dev tun
|
||||||
proto udp
|
proto udp
|
||||||
remote 82.102.16.229 1194
|
remote 89.249.65.83 1194
|
||||||
resolv-retry infinite
|
resolv-retry infinite
|
||||||
remote-random
|
remote-random
|
||||||
nobind
|
nobind
|
||||||
@ -103,13 +103,9 @@ with import <stockholm/lib>;
|
|||||||
reneg-sec 0
|
reneg-sec 0
|
||||||
comp-lzo no
|
comp-lzo no
|
||||||
|
|
||||||
explicit-exit-notify 3
|
|
||||||
|
|
||||||
remote-cert-tls server
|
remote-cert-tls server
|
||||||
|
|
||||||
#mute 10000
|
|
||||||
auth-user-pass ${toString <secrets/nordvpn.txt>}
|
auth-user-pass ${toString <secrets/nordvpn.txt>}
|
||||||
|
|
||||||
verb 3
|
verb 3
|
||||||
pull
|
pull
|
||||||
fast-io
|
fast-io
|
||||||
@ -118,32 +114,33 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
<ca>
|
<ca>
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIEyjCCA7KgAwIBAgIJANIxRSmgmjW6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
|
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
|
||||||
VQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQMA4GA1UEChMH
|
MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
|
||||||
Tm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUyMjkubm9yZHZw
|
MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV
|
||||||
bi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEWEGNlcnRAbm9y
|
BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI
|
||||||
ZHZwbi5jb20wHhcNMTcxMTIyMTQ1MTQ2WhcNMjcxMTIwMTQ1MTQ2WjCBnjELMAkG
|
hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF
|
||||||
A1UEBhMCUEExCzAJBgNVBAgTAlBBMQ8wDQYDVQQHEwZQYW5hbWExEDAOBgNVBAoT
|
kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr
|
||||||
B05vcmRWUE4xEDAOBgNVBAsTB05vcmRWUE4xGjAYBgNVBAMTEWRlMjI5Lm5vcmR2
|
XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU
|
||||||
cG4uY29tMRAwDgYDVQQpEwdOb3JkVlBOMR8wHQYJKoZIhvcNAQkBFhBjZXJ0QG5v
|
eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV
|
||||||
cmR2cG4uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++dfZlG
|
skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu
|
||||||
UeFF2sGdXjbreygfo78Ujti6X2OiMDFnwgqrhELstumXl7WrFf5EzCYbVriNuUny
|
MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA
|
||||||
mNCx3OxXxw49xvvg/KplX1CE3rKBNnzbeaxPmeyEeXe+NgA7rwOCbYPQJScFxK7X
|
37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR
|
||||||
+D16ZShY25GyIG7hqFGML0Qz6gpZRGaHSd0Lc3wSgoLzGtsIg8hunhfi00dNqMBT
|
hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s
|
||||||
ukCzgfIqbQUuqmOibsWnYvZoXoYKnbRL0Bj8IYvwvu4p2oBQpvM+JR4DC+rv52LI
|
Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy
|
||||||
583Q6g3LebQ4JuQf8jgxvEEV4UL1CsUBqN3mcRpVUKJS3ijXmzEX9MfpBRcp1rBA
|
WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6
|
||||||
VsiE4Mrk7PXhkwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFFIv1UuKN2NXaVjRNXDT
|
MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST
|
||||||
Rs/+LT/9MIHTBgNVHSMEgcswgciAFFIv1UuKN2NXaVjRNXDTRs/+LT/9oYGkpIGh
|
LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG
|
||||||
MIGeMQswCQYDVQQGEwJQQTELMAkGA1UECBMCUEExDzANBgNVBAcTBlBhbmFtYTEQ
|
SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g
|
||||||
MA4GA1UEChMHTm9yZFZQTjEQMA4GA1UECxMHTm9yZFZQTjEaMBgGA1UEAxMRZGUy
|
nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/
|
||||||
Mjkubm9yZHZwbi5jb20xEDAOBgNVBCkTB05vcmRWUE4xHzAdBgkqhkiG9w0BCQEW
|
k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S
|
||||||
EGNlcnRAbm9yZHZwbi5jb22CCQDSMUUpoJo1ujAMBgNVHRMEBTADAQH/MA0GCSqG
|
DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/
|
||||||
SIb3DQEBCwUAA4IBAQBf1vr93OIkIFehXOCXYFmAYai8/lK7OQH0SRMYdUPvADjQ
|
pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo
|
||||||
e5tSDK5At2Ew9YLz96pcDhzLqtbQsRqjuqWKWs7DBZ8ZiJg1nVIXxE+C3ezSyuVW
|
k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp
|
||||||
//DdqMeUD80/FZD5kPS2yJJOWfuBBMnaN8Nxb0BaJi9AKFHnfg6Zxqa/FSUPXFwB
|
+RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd
|
||||||
wH+zeymL2Dib2+ngvCm9VP3LyfIdvodEJ372H7eG8os8allUnkUzpVyGxI4pN/IB
|
NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa
|
||||||
KROBRPKb+Aa5FWeWgEUHIr+hNrEMvcWfSvZAkSh680GScQeJh5Xb4RGMCW08tb4p
|
wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC
|
||||||
lrojzCvC7OcFeUNW7Ayiuukx8rx/F4+IZ1yJGff9
|
VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S
|
||||||
|
PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA==
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
</ca>
|
</ca>
|
||||||
key-direction 1
|
key-direction 1
|
||||||
@ -152,23 +149,24 @@ with import <stockholm/lib>;
|
|||||||
# 2048 bit OpenVPN static key
|
# 2048 bit OpenVPN static key
|
||||||
#
|
#
|
||||||
-----BEGIN OpenVPN Static key V1-----
|
-----BEGIN OpenVPN Static key V1-----
|
||||||
49b2f54c6ee58d2d97331681bb577d55
|
e685bdaf659a25a200e2b9e39e51ff03
|
||||||
054f56d92b743c31e80b684de0388702
|
0fc72cf1ce07232bd8b2be5e6c670143
|
||||||
ad3bf51088cd88f3fac7eb0729f2263c
|
f51e937e670eee09d4f2ea5a6e4e6996
|
||||||
51d82a6eb7e2ed4ae6dfa65b1ac764d0
|
5db852c275351b86fc4ca892d78ae002
|
||||||
b9dedf1379c1b29b36396d64cb6fd6b2
|
d6f70d029bd79c4d1c26cf14e9588033
|
||||||
e61f869f9a13001dadc02db171f04c4d
|
cf639f8a74809f29f72b9d58f9b8f5fe
|
||||||
c46d1132c1f31709e7b54a6eabae3ea8
|
fc7938eade40e9fed6cb92184abb2cc1
|
||||||
fbd2681363c185f4cb1be5aa42a27c31
|
0eb1a296df243b251df0643d53724cdb
|
||||||
21db7b2187fd11c1acf224a0d5a44466
|
5a92a1d6cb817804c4a9319b57d53be5
|
||||||
b4b5a3cc34ec0227fe40007e8b379654
|
80815bcfcb2df55018cc83fc43bc7ff8
|
||||||
f1e8e2b63c6b46ee7ab6f1bd82f57837
|
2d51f9b88364776ee9d12fc85cc7ea5b
|
||||||
92c209e8f25bc9ed493cb5c1d891ae72
|
9741c4f598c485316db066d52db4540e
|
||||||
7f54f4693c5b20f136ca23e639fd8ea0
|
212e1518a9bd4828219e24b20d88f598
|
||||||
865b4e22dd2af43e13e6b075f12427b2
|
a196c9de96012090e333519ae18d3509
|
||||||
08af9ffd09c56baa694165f57fe2697a
|
9427e7b372d348d352dc4c85e18cd4b9
|
||||||
3377fa34aebcba587c79941d83deaf45
|
3f8a56ddb2e64eb67adfc9b337157ff4
|
||||||
-----END OpenVPN Static key V1-----
|
-----END OpenVPN Static key V1-----
|
||||||
</tls-auth>
|
</tls-auth>
|
||||||
|
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
@ -9,7 +9,6 @@ in {
|
|||||||
./power-action.nix
|
./power-action.nix
|
||||||
./copyq.nix
|
./copyq.nix
|
||||||
./urxvt.nix
|
./urxvt.nix
|
||||||
./nfs-dl.nix
|
|
||||||
{
|
{
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -75,12 +74,11 @@ in {
|
|||||||
nmap
|
nmap
|
||||||
pavucontrol
|
pavucontrol
|
||||||
powertop
|
powertop
|
||||||
rxvt_unicode_with-plugins
|
rxvt_unicode-with-plugins
|
||||||
sxiv
|
sxiv
|
||||||
taskwarrior
|
taskwarrior
|
||||||
termite
|
termite
|
||||||
xclip
|
xclip
|
||||||
xephyrify
|
|
||||||
xorg.xbacklight
|
xorg.xbacklight
|
||||||
xorg.xhost
|
xorg.xhost
|
||||||
xsel
|
xsel
|
||||||
|
@ -2,6 +2,7 @@ with import <stockholm/lib>;
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
<stockholm/krebs/2configs/nscd-fix.nix>
|
||||||
./binary-cache/client.nix
|
./binary-cache/client.nix
|
||||||
./gc.nix
|
./gc.nix
|
||||||
./mc.nix
|
./mc.nix
|
||||||
@ -72,7 +73,6 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
search-domain = "r";
|
|
||||||
build.user = config.krebs.users.lass;
|
build.user = config.krebs.users.lass;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -82,9 +82,6 @@ with import <stockholm/lib>;
|
|||||||
|
|
||||||
services.timesyncd.enable = mkForce true;
|
services.timesyncd.enable = mkForce true;
|
||||||
|
|
||||||
#why is this on in the first place?
|
|
||||||
services.nscd.enable = false;
|
|
||||||
|
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules = [
|
||||||
"d /tmp 1777 root root - -"
|
"d /tmp 1777 root root - -"
|
||||||
];
|
];
|
||||||
@ -116,6 +113,7 @@ with import <stockholm/lib>;
|
|||||||
#network
|
#network
|
||||||
iptables
|
iptables
|
||||||
iftop
|
iftop
|
||||||
|
tcpdump
|
||||||
|
|
||||||
#stuff for dl
|
#stuff for dl
|
||||||
aria2
|
aria2
|
||||||
|
@ -96,6 +96,7 @@ with import <stockholm/lib>;
|
|||||||
{ from = "nordvpn@lassul.us"; to = lass.mail; }
|
{ from = "nordvpn@lassul.us"; to = lass.mail; }
|
||||||
{ from = "csv-direct@lassul.us"; to = lass.mail; }
|
{ from = "csv-direct@lassul.us"; to = lass.mail; }
|
||||||
{ from = "nintendo@lassul.us"; to = lass.mail; }
|
{ from = "nintendo@lassul.us"; to = lass.mail; }
|
||||||
|
{ from = "overleaf@lassul.us"; to = lass.mail; }
|
||||||
];
|
];
|
||||||
system-aliases = [
|
system-aliases = [
|
||||||
{ from = "mailer-daemon"; to = "postmaster"; }
|
{ from = "mailer-daemon"; to = "postmaster"; }
|
||||||
|
@ -74,7 +74,6 @@ in {
|
|||||||
createHome = true;
|
createHome = true;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
ftb
|
|
||||||
minecraft
|
minecraft
|
||||||
steam-run
|
steam-run
|
||||||
dolphinEmu
|
dolphinEmu
|
||||||
|
@ -3,6 +3,6 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
{
|
{
|
||||||
nix.gc = {
|
nix.gc = {
|
||||||
automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer);
|
automatic = ! (elem config.krebs.build.host.name [ "mors" "helios" ] || config.boot.isContainer);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
11
lass/2configs/hardening.nix
Normal file
11
lass/2configs/hardening.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
with lib;
|
||||||
|
{
|
||||||
|
security.chromiumSuidSandbox.enable = true;
|
||||||
|
security.lockKernelModules = false;
|
||||||
|
boot.kernel.sysctl."user.max_user_namespaces" = 63414;
|
||||||
|
|
||||||
|
imports = [
|
||||||
|
<nixpkgs/nixos/modules/profiles/hardened.nix>
|
||||||
|
];
|
||||||
|
}
|
@ -51,7 +51,7 @@ let
|
|||||||
eloop = [ "to:eloop.org" ];
|
eloop = [ "to:eloop.org" ];
|
||||||
github = [ "to:github@lassul.us" ];
|
github = [ "to:github@lassul.us" ];
|
||||||
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
|
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
|
||||||
india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" ];
|
india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" "to:hackbeach@mail.hackbeach.in" ];
|
||||||
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
|
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
|
||||||
lugs = [ "to:lugs@lug-s.org" ];
|
lugs = [ "to:lugs@lug-s.org" ];
|
||||||
meetup = [ "to:meetup@lassul.us" ];
|
meetup = [ "to:meetup@lassul.us" ];
|
||||||
@ -225,7 +225,7 @@ in {
|
|||||||
msmtp
|
msmtp
|
||||||
mutt
|
mutt
|
||||||
pkgs.notmuch
|
pkgs.notmuch
|
||||||
pkgs.much
|
pkgs.haskellPackages.much
|
||||||
tag-new-mails
|
tag-new-mails
|
||||||
tag-old-mails
|
tag-old-mails
|
||||||
];
|
];
|
||||||
|
@ -170,32 +170,45 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
krebs.Reaktor.playlist = {
|
krebs.reaktor2.the_playlist = {
|
||||||
nickname = "the_playlist|r";
|
hostname = "irc.freenode.org";
|
||||||
channels = [
|
port = "6697";
|
||||||
"#the_playlist"
|
useTLS = true;
|
||||||
"#krebs"
|
nick = "the_playlist";
|
||||||
];
|
plugins = [
|
||||||
extraEnviron = {
|
{
|
||||||
REAKTOR_HOST = "irc.freenode.org";
|
plugin = "register";
|
||||||
};
|
config = {
|
||||||
plugins = with pkgs.ReaktorPlugins; [
|
channels = [
|
||||||
(buildSimpleReaktorPlugin "skip" {
|
"#the_playlist"
|
||||||
script = "${skip_track}/bin/skip_track";
|
"#krebs"
|
||||||
pattern = "^skip$";
|
];
|
||||||
})
|
};
|
||||||
(buildSimpleReaktorPlugin "current" {
|
}
|
||||||
script = "${print_current}/bin/print_current";
|
{
|
||||||
pattern = "^current$";
|
plugin = "system";
|
||||||
})
|
config = {
|
||||||
(buildSimpleReaktorPlugin "suggest" {
|
workdir = config.krebs.reaktor2.the_playlist.stateDir;
|
||||||
script = "${pkgs.writeDash "suggest" ''
|
hooks.PRIVMSG = [
|
||||||
echo "$@" >> $HOME/playlist_suggest
|
{
|
||||||
''}";
|
activate = "match";
|
||||||
pattern = "^suggest: (?P<args>.*)$";
|
pattern = ''!([^ ]+)(?:\s*(.*))?'';
|
||||||
})
|
command = 1;
|
||||||
|
arguments = [2];
|
||||||
|
commands = {
|
||||||
|
skip.filename = "${skip_track}/bin/skip_track";
|
||||||
|
current.filename = "${print_current}/bin/print_current";
|
||||||
|
suggest.filename = pkgs.writeDash "suggest" ''
|
||||||
|
echo "$@" >> playlist_suggest
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
virtualHosts."radio.lassul.us" = {
|
virtualHosts."radio.lassul.us" = {
|
||||||
|
@ -1,99 +1,93 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
{
|
let
|
||||||
krebs.Reaktor.coders = {
|
hooks = pkgs.reaktor2-plugins.hooks;
|
||||||
nickname = "Reaktor|lass";
|
in {
|
||||||
channels = [ "#coders" "#germany" "#panthermoderns" ];
|
krebs.reaktor2.coders = {
|
||||||
extraEnviron = {
|
hostname = "irc.hackint.org";
|
||||||
REAKTOR_HOST = "irc.hackint.org";
|
port = "9999";
|
||||||
};
|
useTLS = true;
|
||||||
plugins = with pkgs.ReaktorPlugins; let
|
nick = "reaktor2|lass";
|
||||||
|
plugins = [
|
||||||
lambdabot = (import (pkgs.fetchFromGitHub {
|
{
|
||||||
owner = "NixOS"; repo = "nixpkgs";
|
plugin = "register";
|
||||||
rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
|
config = {
|
||||||
sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
|
channels = [
|
||||||
}) {}).lambdabot;
|
"#coders"
|
||||||
|
"#germany"
|
||||||
lambdabotflags = ''
|
"#panthermoderns"
|
||||||
-XStandaloneDeriving -XGADTs -XFlexibleContexts \
|
];
|
||||||
-XFlexibleInstances -XMultiParamTypeClasses \
|
};
|
||||||
-XOverloadedStrings -XFunctionalDependencies \'';
|
}
|
||||||
in [
|
{
|
||||||
sed-plugin
|
plugin = "system";
|
||||||
url-title
|
config = {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-pl" {
|
workdir = config.krebs.reaktor2.coders.stateDir;
|
||||||
pattern = "^@pl (?P<args>.*)$$";
|
hooks.PRIVMSG = [
|
||||||
script = pkgs.writeDash "lambda-pl" ''
|
hooks.sed
|
||||||
exec ${lambdabot}/bin/lambdabot \
|
hooks.url-title
|
||||||
${indent lambdabotflags}
|
{
|
||||||
-e "@pl $1"
|
activate = "match";
|
||||||
'';
|
pattern = ''@([^ ]+) (.*)$'';
|
||||||
})
|
command = 1;
|
||||||
(buildSimpleReaktorPlugin "lambdabot-type" {
|
arguments = [2];
|
||||||
pattern = "^@type (?P<args>.*)$$";
|
env.HOME = config.krebs.reaktor2.coders.stateDir;
|
||||||
script = pkgs.writeDash "lambda-type" ''
|
commands = let
|
||||||
exec ${lambdabot}/bin/lambdabot \
|
lambdabot = (import (pkgs.fetchFromGitHub {
|
||||||
${indent lambdabotflags}
|
owner = "NixOS"; repo = "nixpkgs";
|
||||||
-e "@type $1"
|
rev = "a4ec1841da14fc98c5c35cc72242c23bb698d4ac";
|
||||||
'';
|
sha256 = "148fpw31s922hxrf28yhrci296f7c7zd81hf0k6zs05rq0i3szgy";
|
||||||
})
|
}) {}).lambdabot;
|
||||||
(buildSimpleReaktorPlugin "lambdabot-let" {
|
lambdabotWrapper = pkgs.writeDash "lambdabot.wrapper" ''
|
||||||
pattern = "^@let (?P<args>.*)$$";
|
exec ${lambdabot}/bin/lambdabot \
|
||||||
script = pkgs.writeDash "lambda-let" ''
|
-XStandaloneDeriving -XGADTs -XFlexibleContexts \
|
||||||
exec ${lambdabot}/bin/lambdabot \
|
-XFlexibleInstances -XMultiParamTypeClasses \
|
||||||
${indent lambdabotflags}
|
-XOverloadedStrings -XFunctionalDependencies \
|
||||||
-e "@let $1"
|
-e "$@"
|
||||||
'';
|
'';
|
||||||
})
|
in {
|
||||||
(buildSimpleReaktorPlugin "lambdabot-run" {
|
pl.filename = pkgs.writeDash "lambdabot-pl" ''
|
||||||
pattern = "^@run (?P<args>.*)$$";
|
${lambdabotWrapper} "@pl $1"
|
||||||
script = pkgs.writeDash "lambda-run" ''
|
'';
|
||||||
exec ${lambdabot}/bin/lambdabot \
|
type.filename = pkgs.writeDash "lambdabot-type" ''
|
||||||
${indent lambdabotflags}
|
${lambdabotWrapper} "@type $1"
|
||||||
-e "@run $1"
|
'';
|
||||||
'';
|
"let".filename = pkgs.writeDash "lambdabot-let" ''
|
||||||
})
|
${lambdabotWrapper} "@let $1"
|
||||||
(buildSimpleReaktorPlugin "lambdabot-kind" {
|
'';
|
||||||
pattern = "^@kind (?P<args>.*)$$";
|
run.filename = pkgs.writeDash "lambdabot-run" ''
|
||||||
script = pkgs.writeDash "lambda-kind" ''
|
${lambdabotWrapper} "@run $1"
|
||||||
exec ${lambdabot}/bin/lambdabot \
|
'';
|
||||||
${indent lambdabotflags}
|
kind.filename = pkgs.writeDash "lambdabot-kind" ''
|
||||||
-e "@kind $1"
|
${lambdabotWrapper} "@kind $1"
|
||||||
'';
|
'';
|
||||||
})
|
};
|
||||||
(buildSimpleReaktorPlugin "ping" {
|
}
|
||||||
pattern = "^!ping (?P<args>.*)$$";
|
{
|
||||||
script = pkgs.writeDash "ping" ''
|
activate = "match";
|
||||||
exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
|
pattern = ''!([^ ]+)(?:\s*(.*))?'';
|
||||||
'';
|
command = 1;
|
||||||
})
|
arguments = [2];
|
||||||
(buildSimpleReaktorPlugin "google" {
|
commands = {
|
||||||
pattern = "^!g (?P<args>.*)$$";
|
ping.filename = pkgs.writeDash "ping" ''
|
||||||
script = pkgs.writeDash "google" ''
|
exec /run/wrappers/bin/ping -q -c1 "$1" 2>&1 | tail -1
|
||||||
exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \
|
'';
|
||||||
${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"'
|
google.filename = pkgs.writeDash "google" ''
|
||||||
'';
|
exec ${pkgs.ddgr}/bin/ddgr -C -n1 --json "$@" | \
|
||||||
})
|
${pkgs.jq}/bin/jq '@text "\(.[0].abstract) \(.[0].url)"'
|
||||||
(buildSimpleReaktorPlugin "blockchain" {
|
'';
|
||||||
pattern = ".*[Bb]lockchain.*$$";
|
shrug.filename = pkgs.writeDash "shrug" ''
|
||||||
script = pkgs.writeDash "blockchain" ''
|
exec echo '¯\_(ツ)_/¯'
|
||||||
exec echo 'DID SOMEBODY SAY BLOCKCHAIN? https://paste.krebsco.de/r99pMoQq/+inline'
|
'';
|
||||||
'';
|
table.filename = pkgs.writeDash "table" ''
|
||||||
})
|
exec echo '(╯°□°)╯ ┻━┻'
|
||||||
(buildSimpleReaktorPlugin "shrug" {
|
'';
|
||||||
pattern = "^!shrug$";
|
};
|
||||||
script = pkgs.writeDash "shrug" ''
|
}
|
||||||
exec echo '¯\_(ツ)_/¯'
|
];
|
||||||
'';
|
};
|
||||||
})
|
}
|
||||||
(buildSimpleReaktorPlugin "flip" {
|
|
||||||
pattern = "^!flip$";
|
|
||||||
script = pkgs.writeDash "shrug" ''
|
|
||||||
exec echo '(╯°□°)╯ ┻━┻'
|
|
||||||
'';
|
|
||||||
})
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -88,6 +88,20 @@ in {
|
|||||||
file_uploads = on
|
file_uploads = on
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
services.nextcloud = {
|
||||||
|
enable = true;
|
||||||
|
hostName = "o.xanf.org";
|
||||||
|
config = {
|
||||||
|
adminpassFile = toString <secrets> + "/nextcloud_pw";
|
||||||
|
};
|
||||||
|
#https = true;
|
||||||
|
nginx.enable = true;
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."o.xanf.org" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
};
|
||||||
|
|
||||||
# MAIL STUFF
|
# MAIL STUFF
|
||||||
# TODO: make into its own module
|
# TODO: make into its own module
|
||||||
services.dovecot2 = {
|
services.dovecot2 = {
|
||||||
@ -141,6 +155,13 @@ in {
|
|||||||
ssl_key = "/var/lib/acme/lassul.us/key.pem";
|
ssl_key = "/var/lib/acme/lassul.us/key.pem";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.users.UBIK-SFTP = {
|
||||||
|
uid = genid_uint31 "UBIK-SFTP";
|
||||||
|
home = "/home/UBIK-SFTP";
|
||||||
|
useDefaultShell = true;
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
|
||||||
users.users.xanf = {
|
users.users.xanf = {
|
||||||
uid = genid_uint31 "xanf";
|
uid = genid_uint31 "xanf";
|
||||||
home = "/home/xanf";
|
home = "/home/xanf";
|
||||||
@ -213,5 +234,22 @@ in {
|
|||||||
createHome = true;
|
createHome = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.restic.backups.domsen = {
|
||||||
|
initialize = true;
|
||||||
|
extraOptions = [ "sftp.command='ssh efOVcMWSZ@wilhelmstr.duckdns.org -p 52222 -i ${toString <secrets> + "/ssh.id_ed25519"} -s sftp'" ];
|
||||||
|
repository = "sftp:efOVcMWSZ@wilhelmstr.duckdns.org:/mnt/UBIK-9TB-Pool/BACKUP/XXXX-MAX-UND-ANDERES";
|
||||||
|
passwordFile = toString <secrets> + "/domsen_backup_pw";
|
||||||
|
paths = [
|
||||||
|
"/srv/http"
|
||||||
|
"/home/domsen/Mail"
|
||||||
|
"/home/ms/Mail"
|
||||||
|
"/home/klabusterbeere/Mail"
|
||||||
|
"/home/jms/Mail"
|
||||||
|
"/home/bruno/Mail"
|
||||||
|
"/home/akayguen/Mail"
|
||||||
|
"/backups/sql_dumps"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -101,6 +101,9 @@ in {
|
|||||||
locations."/pub".extraConfig = ''
|
locations."/pub".extraConfig = ''
|
||||||
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
|
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
|
||||||
'';
|
'';
|
||||||
|
locations."/pub1".extraConfig = ''
|
||||||
|
alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
security.acme.certs."cgit.lassul.us" = {
|
security.acme.certs."cgit.lassul.us" = {
|
||||||
|
@ -14,6 +14,5 @@ _:
|
|||||||
./umts.nix
|
./umts.nix
|
||||||
./usershadow.nix
|
./usershadow.nix
|
||||||
./xjail.nix
|
./xjail.nix
|
||||||
./xserver
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -1,103 +0,0 @@
|
|||||||
{ config, pkgs, ... }@args:
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
let
|
|
||||||
|
|
||||||
out = {
|
|
||||||
options.lass.xserver = api;
|
|
||||||
config = mkIf cfg.enable imp;
|
|
||||||
};
|
|
||||||
|
|
||||||
user = config.krebs.build.user;
|
|
||||||
|
|
||||||
cfg = config.lass.xserver;
|
|
||||||
xcfg = config.services.xserver;
|
|
||||||
api = {
|
|
||||||
enable = mkEnableOption "lass xserver";
|
|
||||||
};
|
|
||||||
imp = {
|
|
||||||
|
|
||||||
services.xserver = {
|
|
||||||
enable = true;
|
|
||||||
display = 11;
|
|
||||||
tty = 11;
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.display-manager.enable = false;
|
|
||||||
|
|
||||||
systemd.services.xmonad = {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
requires = [ "xserver.service" ];
|
|
||||||
environment = {
|
|
||||||
DISPLAY = ":${toString xcfg.display}";
|
|
||||||
|
|
||||||
XMONAD_STARTUP_HOOK = pkgs.writeDash "xmonad-startup-hook" ''
|
|
||||||
${pkgs.xorg.xhost}/bin/xhost +LOCAL: &
|
|
||||||
${xcfg.displayManager.sessionCommands}
|
|
||||||
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
|
|
||||||
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" ""
|
|
||||||
fi
|
|
||||||
export DBUS_SESSION_BUS_ADDRESS
|
|
||||||
${config.systemd.package}/bin/systemctl --user import-environment DISPLAY DBUS_SESSION_BUS_ADDRESS
|
|
||||||
wait
|
|
||||||
'';
|
|
||||||
|
|
||||||
XMONAD_DATA_DIR = "/tmp";
|
|
||||||
};
|
|
||||||
serviceConfig = {
|
|
||||||
SyslogIdentifier = "xmonad";
|
|
||||||
ExecStart = "${pkgs.xmonad-lass}/bin/xmonad";
|
|
||||||
ExecStop = "${pkgs.xmonad-lass}/bin/xmonad --shutdown";
|
|
||||||
User = user.name;
|
|
||||||
WorkingDirectory = user.home;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.xserver = {
|
|
||||||
after = [
|
|
||||||
"systemd-udev-settle.service"
|
|
||||||
"local-fs.target"
|
|
||||||
"acpid.service"
|
|
||||||
];
|
|
||||||
reloadIfChanged = true;
|
|
||||||
environment = {
|
|
||||||
XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
|
||||||
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
|
||||||
LD_LIBRARY_PATH = concatStringsSep ":" (
|
|
||||||
[ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ]
|
|
||||||
++ concatLists (catAttrs "libPath" xcfg.drivers));
|
|
||||||
};
|
|
||||||
serviceConfig = {
|
|
||||||
SyslogIdentifier = "xserver";
|
|
||||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
|
||||||
ExecStart = toString [
|
|
||||||
"${pkgs.xorg.xorgserver}/bin/X"
|
|
||||||
":${toString xcfg.display}"
|
|
||||||
"vt${toString xcfg.tty}"
|
|
||||||
"-config ${import ./xserver.conf.nix args}"
|
|
||||||
"-logfile /dev/null -logverbose 0 -verbose 3"
|
|
||||||
"-nolisten tcp"
|
|
||||||
"-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb"
|
|
||||||
(optional (xcfg.dpi != null) "-dpi ${toString xcfg.dpi}")
|
|
||||||
];
|
|
||||||
User = user.name;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
krebs.xresources.resources.dpi = ''
|
|
||||||
${optionalString (xcfg.dpi != null) "Xft.dpi: ${toString xcfg.dpi}"}
|
|
||||||
'';
|
|
||||||
systemd.services.urxvtd = {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
reloadIfChanged = true;
|
|
||||||
serviceConfig = {
|
|
||||||
SyslogIdentifier = "urxvtd";
|
|
||||||
ExecReload = "${pkgs.coreutils}/bin/echo NOP";
|
|
||||||
ExecStart = "${pkgs.rxvt_unicode_with-plugins}/bin/urxvtd";
|
|
||||||
Restart = "always";
|
|
||||||
RestartSec = "2s";
|
|
||||||
StartLimitBurst = 0;
|
|
||||||
User = user.name;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
in out
|
|
@ -1,40 +0,0 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
|
||||||
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
|
|
||||||
let
|
|
||||||
cfg = config.services.xserver;
|
|
||||||
in
|
|
||||||
|
|
||||||
pkgs.stdenv.mkDerivation {
|
|
||||||
name = "xserver.conf";
|
|
||||||
|
|
||||||
xfs = optionalString (cfg.useXFS != false)
|
|
||||||
''FontPath "${toString cfg.useXFS}"'';
|
|
||||||
|
|
||||||
inherit (cfg) config;
|
|
||||||
|
|
||||||
buildCommand =
|
|
||||||
''
|
|
||||||
echo 'Section "Files"' >> $out
|
|
||||||
echo $xfs >> $out
|
|
||||||
|
|
||||||
for i in ${toString config.fonts.fonts}; do
|
|
||||||
if test "''${i:0:''${#NIX_STORE}}" == "$NIX_STORE"; then
|
|
||||||
for j in $(find $i -name fonts.dir); do
|
|
||||||
echo " FontPath \"$(dirname $j)\"" >> $out
|
|
||||||
done
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
for i in $(find ${toString cfg.modules} -type d); do
|
|
||||||
if test $(echo $i/*.so* | wc -w) -ne 0; then
|
|
||||||
echo " ModulePath \"$i\"" >> $out
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
echo 'EndSection' >> $out
|
|
||||||
|
|
||||||
echo "$config" >> $out
|
|
||||||
'';
|
|
||||||
}
|
|
@ -41,6 +41,7 @@ import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..))
|
|||||||
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
import XMonad.Layout.FixedColumn (FixedColumn(..))
|
||||||
import XMonad.Layout.Minimize (minimize)
|
import XMonad.Layout.Minimize (minimize)
|
||||||
import XMonad.Layout.NoBorders (smartBorders)
|
import XMonad.Layout.NoBorders (smartBorders)
|
||||||
|
import XMonad.Layout.MouseResizableTile (mouseResizableTile)
|
||||||
import XMonad.Layout.SimplestFloat (simplestFloat)
|
import XMonad.Layout.SimplestFloat (simplestFloat)
|
||||||
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig)
|
||||||
import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
|
import XMonad.Prompt.Window (windowPromptGoto, windowPromptBringCopy)
|
||||||
@ -93,7 +94,7 @@ main' = do
|
|||||||
|
|
||||||
myLayoutHook = defLayout
|
myLayoutHook = defLayout
|
||||||
where
|
where
|
||||||
defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat)
|
defLayout = minimize $ ((avoidStruts $ Mirror (Tall 1 (3/100) (1/2))) ||| Full ||| FixedColumn 2 80 80 1 ||| Tall 1 (3/100) (1/2) ||| simplestFloat ||| mouseResizableTile)
|
||||||
|
|
||||||
floatHooks :: Query (Endo WindowSet)
|
floatHooks :: Query (Endo WindowSet)
|
||||||
floatHooks = composeOne
|
floatHooks = composeOne
|
||||||
|
0
makefu/0tests/data/secrets/nixos-community
Normal file
0
makefu/0tests/data/secrets/nixos-community
Normal file
@ -2,6 +2,7 @@
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
./hardware-config.nix
|
||||||
<stockholm/makefu/2configs/tools/core.nix>
|
<stockholm/makefu/2configs/tools/core.nix>
|
||||||
# configure your hw:
|
# configure your hw:
|
||||||
# <stockholm/makefu/2configs/save-diskspace.nix>
|
# <stockholm/makefu/2configs/save-diskspace.nix>
|
||||||
@ -11,43 +12,10 @@
|
|||||||
tinc.retiolum.enable = true;
|
tinc.retiolum.enable = true;
|
||||||
build.host = config.krebs.hosts.cake;
|
build.host = config.krebs.hosts.cake;
|
||||||
};
|
};
|
||||||
boot.loader.grub.enable = false;
|
|
||||||
boot.loader.generic-extlinux-compatible.enable = true;
|
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
|
||||||
boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" ];
|
|
||||||
|
|
||||||
programs.info.enable = false;
|
documentation.info.enable = false;
|
||||||
programs.man.enable = false;
|
documentation.man.enable = false;
|
||||||
services.nixosManual.enable = false;
|
services.nixosManual.enable = false;
|
||||||
boot.tmpOnTmpfs = lib.mkForce false;
|
|
||||||
sound.enable = false;
|
sound.enable = false;
|
||||||
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
|
||||||
hardware.firmware = [
|
|
||||||
(pkgs.stdenv.mkDerivation {
|
|
||||||
name = "broadcom-rpi3-rest";
|
|
||||||
src = pkgs.fetchurl {
|
|
||||||
url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/54bab3d/brcm80211/brcm/brcmfmac43430-sdio.txt";
|
|
||||||
sha256 = "19bmdd7w0xzybfassn7x4rb30l70vynnw3c80nlapna2k57xwbw7";
|
|
||||||
};
|
|
||||||
phases = [ "installPhase" ];
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/lib/firmware/brcm
|
|
||||||
cp $src $out/lib/firmware/brcm/brcmfmac43430-sdio.txt
|
|
||||||
'';
|
|
||||||
})
|
|
||||||
];
|
|
||||||
networking.wireless.enable = true;
|
|
||||||
|
|
||||||
# File systems configuration for using the installer's partition layout
|
|
||||||
fileSystems = {
|
|
||||||
"/boot" = {
|
|
||||||
device = "/dev/disk/by-label/NIXOS_BOOT";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
"/" = {
|
|
||||||
device = "/dev/disk/by-label/NIXOS_SD";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
42
makefu/1systems/cake/hardware-config.nix
Normal file
42
makefu/1systems/cake/hardware-config.nix
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
# raspi3
|
||||||
|
boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=tty0" "console=ttyS1,115200n8" ];
|
||||||
|
boot.loader.grub.enable = false;
|
||||||
|
boot.loader.raspberryPi.enable = true;
|
||||||
|
boot.loader.raspberryPi.version = 3;
|
||||||
|
boot.loader.raspberryPi.uboot.enable = true;
|
||||||
|
boot.loader.raspberryPi.uboot.configurationLimit = 3;
|
||||||
|
boot.loader.raspberryPi.firmwareConfig = ''
|
||||||
|
gpu_mem=32
|
||||||
|
arm_freq=1350
|
||||||
|
core_freq=500
|
||||||
|
over_voltage=4
|
||||||
|
disable_splash=1
|
||||||
|
# bye bye warranty
|
||||||
|
force_turbo=1
|
||||||
|
'';
|
||||||
|
boot.loader.generationsDir.enable = lib.mkDefault false;
|
||||||
|
|
||||||
|
boot.tmpOnTmpfs = lib.mkForce false;
|
||||||
|
boot.cleanTmpDir = true;
|
||||||
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
|
## wifi not working, will be fixed with https://github.com/NixOS/nixpkgs/pull/53747
|
||||||
|
# boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
environment.systemPackages = [ pkgs.raspberrypi-tools ];
|
||||||
|
networking.wireless.enable = true;
|
||||||
|
# File systems configuration for using the installer's partition layout
|
||||||
|
swapDevices = [ { device = "/var/swap"; size = 2048; } ];
|
||||||
|
fileSystems = {
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_BOOT";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-label/NIXOS_SD";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -22,6 +22,8 @@ in {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
<stockholm/makefu/2configs/support-nixos.nix>
|
<stockholm/makefu/2configs/support-nixos.nix>
|
||||||
|
<stockholm/makefu/2configs/home-manager>
|
||||||
|
<stockholm/makefu/2configs/home-manager/cli.nix>
|
||||||
# <stockholm/makefu/2configs/stats/client.nix>
|
# <stockholm/makefu/2configs/stats/client.nix>
|
||||||
<stockholm/makefu/2configs/stats/netdata-server.nix>
|
<stockholm/makefu/2configs/stats/netdata-server.nix>
|
||||||
|
|
||||||
@ -123,8 +125,7 @@ in {
|
|||||||
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
|
#<stockholm/makefu/2configs/nginx/update.connector.one.nix>
|
||||||
<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
|
<stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
|
||||||
# <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
|
# <stockholm/makefu/2configs/nginx/gold.krebsco.de.nix>
|
||||||
<stockholm/makefu/2configs/nginx/iso.euer.nix>
|
# <stockholm/makefu/2configs/nginx/iso.euer.nix>
|
||||||
<stockholm/krebs/2configs/cache.nsupdate.info.nix>
|
|
||||||
|
|
||||||
<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
|
<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
|
||||||
<stockholm/makefu/2configs/deployment/graphs.nix>
|
<stockholm/makefu/2configs/deployment/graphs.nix>
|
||||||
|
@ -34,7 +34,7 @@ in {
|
|||||||
prefixLength = external-netmask6;
|
prefixLength = external-netmask6;
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
defaultGateway6 = external-gw6;
|
defaultGateway6 = { address = external-gw6; interface = ext-if; };
|
||||||
defaultGateway = external-gw;
|
defaultGateway = external-gw;
|
||||||
};
|
};
|
||||||
boot.kernelParams = [ ];
|
boot.kernelParams = [ ];
|
||||||
|
@ -2,4 +2,5 @@
|
|||||||
name="gum";
|
name="gum";
|
||||||
torrent = true;
|
torrent = true;
|
||||||
clever_kexec = true;
|
clever_kexec = true;
|
||||||
|
home-manager = true;
|
||||||
}
|
}
|
||||||
|
@ -14,10 +14,12 @@
|
|||||||
<stockholm/makefu/2configs/main-laptop.nix>
|
<stockholm/makefu/2configs/main-laptop.nix>
|
||||||
<stockholm/makefu/2configs/extra-fonts.nix>
|
<stockholm/makefu/2configs/extra-fonts.nix>
|
||||||
<stockholm/makefu/2configs/tools/all.nix>
|
<stockholm/makefu/2configs/tools/all.nix>
|
||||||
|
<stockholm/makefu/2configs/dict.nix>
|
||||||
|
|
||||||
<stockholm/makefu/2configs/backup/state.nix>
|
<stockholm/makefu/2configs/backup/state.nix>
|
||||||
# <stockholm/makefu/2configs/dnscrypt/client.nix>
|
# <stockholm/makefu/2configs/dnscrypt/client.nix>
|
||||||
<stockholm/makefu/2configs/avahi.nix>
|
<stockholm/makefu/2configs/avahi.nix>
|
||||||
|
<stockholm/makefu/2configs/support-nixos.nix>
|
||||||
|
|
||||||
# Debugging
|
# Debugging
|
||||||
# <stockholm/makefu/2configs/disable_v6.nix>
|
# <stockholm/makefu/2configs/disable_v6.nix>
|
||||||
@ -64,11 +66,12 @@
|
|||||||
<stockholm/makefu/2configs/tor.nix>
|
<stockholm/makefu/2configs/tor.nix>
|
||||||
<stockholm/makefu/2configs/vpn/vpngate.nix>
|
<stockholm/makefu/2configs/vpn/vpngate.nix>
|
||||||
# <stockholm/makefu/2configs/buildbot-standalone.nix>
|
# <stockholm/makefu/2configs/buildbot-standalone.nix>
|
||||||
# <stockholm/makefu/2configs/remote-build/master.nix>
|
<stockholm/makefu/2configs/remote-build/aarch64-community.nix>
|
||||||
|
|
||||||
# Hardware
|
# Hardware
|
||||||
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
<stockholm/makefu/2configs/hw/tp-x230.nix>
|
||||||
<stockholm/makefu/2configs/hw/mceusb.nix>
|
<stockholm/makefu/2configs/hw/mceusb.nix>
|
||||||
|
<stockholm/makefu/2configs/hw/malduino_elite.nix>
|
||||||
# <stockholm/makefu/2configs/hw/tpm.nix>
|
# <stockholm/makefu/2configs/hw/tpm.nix>
|
||||||
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
|
||||||
<stockholm/makefu/2configs/hw/network-manager.nix>
|
<stockholm/makefu/2configs/hw/network-manager.nix>
|
||||||
|
@ -3,6 +3,8 @@
|
|||||||
with import <stockholm/lib>;
|
with import <stockholm/lib>;
|
||||||
let
|
let
|
||||||
ident = (builtins.readFile ./auphonic.pub);
|
ident = (builtins.readFile ./auphonic.pub);
|
||||||
|
bgtaccess = "/var/spool/nginx/logs/binaergewitter.access.log";
|
||||||
|
bgterror = "/var/spool/nginx/logs/binaergewitter.error.log";
|
||||||
in {
|
in {
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
allowSFTP = true;
|
allowSFTP = true;
|
||||||
@ -21,6 +23,19 @@ in {
|
|||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ];
|
openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ];
|
||||||
};
|
};
|
||||||
|
services.logrotate = {
|
||||||
|
enable = true;
|
||||||
|
config = ''
|
||||||
|
${bgtaccess} ${bgterror} {
|
||||||
|
rotate 5
|
||||||
|
weekly
|
||||||
|
create 600 nginx nginx
|
||||||
|
postrotate
|
||||||
|
${pkgs.systemd}/bin/systemctl reload nginx
|
||||||
|
endscript
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
};
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
enable = lib.mkDefault true;
|
enable = lib.mkDefault true;
|
||||||
recommendedGzipSettings = true;
|
recommendedGzipSettings = true;
|
||||||
@ -29,10 +44,21 @@ in {
|
|||||||
serverAliases = [ "dl2.binaergewitter.de" ];
|
serverAliases = [ "dl2.binaergewitter.de" ];
|
||||||
root = "/var/www/binaergewitter";
|
root = "/var/www/binaergewitter";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
access_log /var/spool/nginx/logs/binaergewitter.access.log combined;
|
access_log ${bgtaccess} combined;
|
||||||
error_log /var/spool/nginx/logs/binaergewitter.error.log error;
|
error_log ${bgterror} error;
|
||||||
autoindex on;
|
autoindex on;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
environment.etc."netdata/python.d/web_log.conf".text = ''
|
||||||
|
nginx_log3:
|
||||||
|
name: 'nginx'
|
||||||
|
path: '/var/spool/nginx/logs/access.log'
|
||||||
|
nginx_log4:
|
||||||
|
name: 'bgt'
|
||||||
|
path: '${bgtaccess}'
|
||||||
|
'';
|
||||||
|
|
||||||
|
users.users.netdata.extraGroups = [ "nginx" ];
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -5,7 +5,7 @@ let
|
|||||||
port = 3001;
|
port = 3001;
|
||||||
runit = pkgs.writeDash "runit" ''
|
runit = pkgs.writeDash "runit" ''
|
||||||
set -xeuf
|
set -xeuf
|
||||||
PATH=${pkgs.curl}/bin:${pkgs.coreutils}/bin
|
PATH=${pkgs.mosquitto}/bin:${pkgs.coreutils}/bin
|
||||||
name=''${1?must provide name as first arg}
|
name=''${1?must provide name as first arg}
|
||||||
state=''${2?must provide state as second arg}
|
state=''${2?must provide state as second arg}
|
||||||
# val=''${3?must provide val as third arg}
|
# val=''${3?must provide val as third arg}
|
||||||
@ -14,9 +14,10 @@ let
|
|||||||
test $state = alerting || exit 0
|
test $state = alerting || exit 0
|
||||||
|
|
||||||
echo $name - $state
|
echo $name - $state
|
||||||
curl 'http://bauarbeiterlampe/ay?o=1'
|
topic=plug
|
||||||
|
mosquitto_pub -t /bam/$topic/cmnd/POWER -m ON
|
||||||
sleep 5
|
sleep 5
|
||||||
curl 'http://bauarbeiterlampe/ay?o=1'
|
mosquitto_pub -t /bam/$topic/cmnd/POWER -m OFF
|
||||||
'';
|
'';
|
||||||
in {
|
in {
|
||||||
services.logstash = {
|
services.logstash = {
|
||||||
|
@ -1,20 +1,50 @@
|
|||||||
{ pkgs, lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
tasmota_plug = name: topic:
|
tasmota_rgb = name: topic:
|
||||||
|
# LED WS2812b
|
||||||
|
# effect_state_topic: "stat/led/Scheme"
|
||||||
|
# effect_command_topic: "cmnd/led/Scheme"
|
||||||
|
# effect_value_template: "{{ value_json.Scheme }}"
|
||||||
{ platform = "mqtt";
|
{ platform = "mqtt";
|
||||||
inherit name;
|
inherit name;
|
||||||
state_topic = "/bam/${topic}/stat/POWER1";
|
retain = false;
|
||||||
command_topic = "/bam/${topic}/cmnd/POWER1";
|
qos = 1;
|
||||||
|
optimistic = false;
|
||||||
|
# state
|
||||||
|
# TODO: currently broken, will not use the custom state topic
|
||||||
|
state_topic = "/bam/${topic}/stat/POWER";
|
||||||
|
command_topic = "/bam/${topic}/cmnd/POWER";
|
||||||
|
availability_topic = "/bam/${topic}/tele/LWT";
|
||||||
|
payload_on= "ON";
|
||||||
|
payload_off= "OFF";
|
||||||
|
payload_available= "Online";
|
||||||
|
payload_not_available= "Offline";
|
||||||
|
# brightness
|
||||||
|
brightness_state_topic = "/bam/${topic}/stat/Dimmer";
|
||||||
|
brightness_command_topic = "/bam/${topic}/cmnd/Dimmer";
|
||||||
|
brightness_value_template = "{{ value_json.Dimmer }}";
|
||||||
|
brightness_scale = 100;
|
||||||
|
# color
|
||||||
|
rgb_state_topic = "/bam/${topic}/stat/Color";
|
||||||
|
rgb_command_topic = "/bam/${topic}/cmnd/Color2";
|
||||||
|
rgb_command_mode = "hex";
|
||||||
|
rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}";
|
||||||
|
# effects
|
||||||
|
effect_state_topic = "/bam/${topic}/stat/Scheme";
|
||||||
|
effect_command_topic = "/bam/${topic}/cmnd/Scheme";
|
||||||
|
effect_value_template = "{{ value_json.Scheme }}";
|
||||||
|
effect_list = [ 0 1 2 3 4 5 6 7 8 9 10 11 12 ];
|
||||||
|
};
|
||||||
|
tasmota_plug = name: topic:
|
||||||
|
{ platform = "mqtt";
|
||||||
|
inherit name;
|
||||||
|
state_topic = "/bam/${topic}/stat/POWER";
|
||||||
|
command_topic = "/bam/${topic}/cmnd/POWER";
|
||||||
availability_topic = "/bam/${topic}/tele/LWT";
|
availability_topic = "/bam/${topic}/tele/LWT";
|
||||||
payload_on= "ON";
|
payload_on= "ON";
|
||||||
payload_off= "OFF";
|
payload_off= "OFF";
|
||||||
payload_available= "Online";
|
payload_available= "Online";
|
||||||
payload_not_available= "Offline";
|
payload_not_available= "Offline";
|
||||||
};
|
|
||||||
tasmota_stecki = name: topic:
|
|
||||||
( tasmota_plug name topic) //
|
|
||||||
{ state_topic = "/bam/${topic}/stat/POWER";
|
|
||||||
command_topic = "/bam/${topic}/cmnd/POWER";
|
|
||||||
};
|
};
|
||||||
espeasy_dht22 = name: [
|
espeasy_dht22 = name: [
|
||||||
{ platform = "mqtt";
|
{ platform = "mqtt";
|
||||||
@ -77,8 +107,12 @@ in {
|
|||||||
switch = [
|
switch = [
|
||||||
(tasmota_plug "Bauarbeiterlampe" "plug")
|
(tasmota_plug "Bauarbeiterlampe" "plug")
|
||||||
(tasmota_plug "Blitzdings" "plug2")
|
(tasmota_plug "Blitzdings" "plug2")
|
||||||
(tasmota_stecki "Fernseher" "fernseher")
|
(tasmota_plug "Fernseher" "plug3")
|
||||||
(tasmota_plug "Pluggy" "plug4")
|
(tasmota_plug "Feuer" "plug4")
|
||||||
|
(tasmota_plug "Nachtlicht" "plug5")
|
||||||
|
];
|
||||||
|
light = [
|
||||||
|
(tasmota_rgb "Status Felix" "status1")
|
||||||
];
|
];
|
||||||
binary_sensor = [
|
binary_sensor = [
|
||||||
{ platform = "mqtt";
|
{ platform = "mqtt";
|
||||||
@ -174,12 +208,16 @@ in {
|
|||||||
};
|
};
|
||||||
automation = [
|
automation = [
|
||||||
"automation.turn_off_fernseher_10_minutes_after_last_movement"
|
"automation.turn_off_fernseher_10_minutes_after_last_movement"
|
||||||
|
"automation.turn_off_nachtlicht_on_sunrise"
|
||||||
|
"automation.turn_on_nachtlicht_on_motion_and_dusk"
|
||||||
];
|
];
|
||||||
switches = [
|
switches = [
|
||||||
"switch.bauarbeiterlampe"
|
"switch.bauarbeiterlampe"
|
||||||
"switch.blitzdings"
|
"switch.blitzdings"
|
||||||
"switch.fernseher"
|
"switch.fernseher"
|
||||||
"switch.pluggy"
|
"switch.feuer"
|
||||||
|
"switch.nachtlicht"
|
||||||
|
"light.status_felix"
|
||||||
];
|
];
|
||||||
camera = [
|
camera = [
|
||||||
"camera.Baumarkt"
|
"camera.Baumarkt"
|
||||||
@ -212,11 +250,55 @@ in {
|
|||||||
};
|
};
|
||||||
action = {
|
action = {
|
||||||
service = "homeassistant.turn_on";
|
service = "homeassistant.turn_on";
|
||||||
entity_id = [ "switch.fernseher" "switch.blitzdings" ];
|
entity_id = [
|
||||||
|
"switch.fernseher"
|
||||||
|
"switch.feuer"
|
||||||
|
"light.status_felix"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
alias = "Turn off Nachtlicht on sunrise";
|
||||||
|
trigger =
|
||||||
|
{
|
||||||
|
platform = "sun";
|
||||||
|
event = "sunrise";
|
||||||
|
};
|
||||||
|
action =
|
||||||
|
{
|
||||||
|
service = "homeassistant.turn_off";
|
||||||
|
entity_id = [ "switch.nachtlicht" ];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
alias = "Turn on Nachtlicht on motion and dusk";
|
||||||
|
trigger =
|
||||||
|
{
|
||||||
|
platform = "state";
|
||||||
|
entity_id = "binary_sensor.motion";
|
||||||
|
to = "on";
|
||||||
|
};
|
||||||
|
condition = # 'when dark'
|
||||||
|
{
|
||||||
|
condition = "or";
|
||||||
|
conditions = [
|
||||||
|
{ condition = "sun";
|
||||||
|
after = "sunset";
|
||||||
|
after_offset = "-00:45:00"; # on dusk
|
||||||
|
}
|
||||||
|
{ condition = "sun";
|
||||||
|
before = "sunrise";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
action =
|
||||||
|
{
|
||||||
|
service = "homeassistant.turn_on";
|
||||||
|
entity_id = [ "switch.nachtlicht" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{ alias = "Turn off Fernseher 10 minutes after last movement";
|
{ alias = "Turn off Fernseher 10 minutes after last movement";
|
||||||
trigger = [
|
trigger = [
|
||||||
{ # trigger when movement was detected at the time
|
{ # trigger when movement was detected at the time
|
||||||
platform = "state";
|
platform = "state";
|
||||||
entity_id = "binary_sensor.motion";
|
entity_id = "binary_sensor.motion";
|
||||||
@ -231,7 +313,11 @@ in {
|
|||||||
];
|
];
|
||||||
action = {
|
action = {
|
||||||
service = "homeassistant.turn_off";
|
service = "homeassistant.turn_off";
|
||||||
entity_id = [ "switch.fernseher" "switch.blitzdings" ];
|
entity_id = [
|
||||||
|
"switch.fernseher"
|
||||||
|
"switch.feuer"
|
||||||
|
"light.status_felix"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
condition =
|
condition =
|
||||||
{ condition = "and";
|
{ condition = "and";
|
||||||
|
@ -36,7 +36,6 @@ with import <stockholm/lib>;
|
|||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
dns.providers.lan = "hosts";
|
dns.providers.lan = "hosts";
|
||||||
search-domain = "r";
|
|
||||||
build.user = config.krebs.users.makefu;
|
build.user = config.krebs.users.makefu;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -85,5 +84,5 @@ with import <stockholm/lib>;
|
|||||||
SystemMaxUse=1G
|
SystemMaxUse=1G
|
||||||
RuntimeMaxUse=128M
|
RuntimeMaxUse=128M
|
||||||
'';
|
'';
|
||||||
|
environment.pathsToLink = [ "/share" ];
|
||||||
}
|
}
|
||||||
|
@ -169,6 +169,7 @@ in {
|
|||||||
( serveCloud [ "o.euer.krebsco.de" ] )
|
( serveCloud [ "o.euer.krebsco.de" ] )
|
||||||
];
|
];
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
services.redis.enable = true;
|
services.redis.enable = true;
|
||||||
services.mysql = {
|
services.mysql = {
|
||||||
enable = false;
|
enable = false;
|
||||||
|
5
makefu/2configs/dict.nix
Normal file
5
makefu/2configs/dict.nix
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
services.dictd.enable = true;
|
||||||
|
services.dictd.DBs = with pkgs.dictdDBs; [ wiktionary wordnet deu2eng eng2deu ];
|
||||||
|
}
|
@ -28,6 +28,7 @@ in
|
|||||||
|
|
||||||
windowManager = {
|
windowManager = {
|
||||||
awesome.enable = true;
|
awesome.enable = true;
|
||||||
|
awesome.noArgb = true;
|
||||||
awesome.luaModules = [ pkgs.luaPackages.vicious ];
|
awesome.luaModules = [ pkgs.luaPackages.vicious ];
|
||||||
default = "awesome";
|
default = "awesome";
|
||||||
};
|
};
|
||||||
|
@ -1,4 +1,5 @@
|
|||||||
{pkgs, ... }: {
|
{pkgs, ... }: {
|
||||||
|
imports = [ ./zsh.nix ];
|
||||||
home-manager.users.makefu = {
|
home-manager.users.makefu = {
|
||||||
services.gpg-agent = {
|
services.gpg-agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
@ -9,7 +10,34 @@
|
|||||||
enableSshSupport = true;
|
enableSshSupport = true;
|
||||||
enableScDaemon = true;
|
enableScDaemon = true;
|
||||||
};
|
};
|
||||||
programs.fzf.enable = true; # alt-c
|
programs.direnv = {
|
||||||
|
stdlib = ''
|
||||||
|
use_nix() {
|
||||||
|
local cache=".direnv.$(nixos-version --hash)"
|
||||||
|
|
||||||
|
if [[ ! -e "$cache" ]] || \
|
||||||
|
[[ "$HOME/.direnvrc" -nt "$cache" ]] || \
|
||||||
|
[[ ".envrc" -nt "$cache" ]] || \
|
||||||
|
[[ "default.nix" -nt "$cache" ]] || \
|
||||||
|
[[ "shell.nix" -nt "$cache" ]];
|
||||||
|
then
|
||||||
|
local tmp="$(mktemp "$${cache}.tmp-XXXXXXXX")"
|
||||||
|
trap "rm -rf '$tmp' >/dev/null" EXIT
|
||||||
|
nix-shell --show-trace "$@" --run 'direnv dump' > "$tmp" && \
|
||||||
|
mv "$tmp" "$cache"
|
||||||
|
fi
|
||||||
|
|
||||||
|
direnv_load cat "$cache"
|
||||||
|
|
||||||
|
if [[ $# = 0 ]]; then
|
||||||
|
watch_file default.nix
|
||||||
|
watch_file shell.nix
|
||||||
|
rm direnv.* 2>/dev/null
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
enableZshIntegration = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
services.udev.packages = [
|
services.udev.packages = [
|
||||||
pkgs.libu2f-host
|
pkgs.libu2f-host
|
||||||
|
@ -1,11 +1,14 @@
|
|||||||
{ pkgs, lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
users.users.makefu.packages = with pkgs;[ bat direnv clipit ];
|
||||||
home-manager.users.makefu = {
|
home-manager.users.makefu = {
|
||||||
|
systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.networkmanagerapplet}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
|
||||||
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
|
programs.browserpass = { browsers = [ "firefox" ] ; enable = true; };
|
||||||
programs.firefox.enable = true;
|
programs.firefox.enable = true;
|
||||||
|
programs.obs-studio.enable = true;
|
||||||
|
xdg.enable = true;
|
||||||
services.network-manager-applet.enable = true;
|
services.network-manager-applet.enable = true;
|
||||||
systemd.user.services.network-manager-applet.Service.Environment = ''XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
|
|
||||||
services.blueman-applet.enable = true;
|
services.blueman-applet.enable = true;
|
||||||
services.pasystray.enable = true;
|
services.pasystray.enable = true;
|
||||||
systemd.user.services.pasystray.Service.Environment = "PATH=" + (lib.makeBinPath (with pkgs;[ pavucontrol paprefs /* pavumeter */ /* paman */ ]) );
|
systemd.user.services.pasystray.Service.Environment = "PATH=" + (lib.makeBinPath (with pkgs;[ pavucontrol paprefs /* pavumeter */ /* paman */ ]) );
|
||||||
@ -34,7 +37,7 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
Service = {
|
Service = {
|
||||||
Environment = ''XDG_DATA_DIRS=/etc/profiles/per-user/makefu/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
|
Environment = ''XDG_DATA_DIRS=/run/current-system/sw/share:${pkgs.clipit}/share GDK_PIXBUF_MODULE_FILE=${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache'';
|
||||||
ExecStart = "${pkgs.clipit}/bin/clipit";
|
ExecStart = "${pkgs.clipit}/bin/clipit";
|
||||||
Restart = "on-abort";
|
Restart = "on-abort";
|
||||||
};
|
};
|
||||||
|
126
makefu/2configs/home-manager/zsh.nix
Normal file
126
makefu/2configs/home-manager/zsh.nix
Normal file
@ -0,0 +1,126 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
{ #direnv
|
||||||
|
home-manager.users.makefu.home.packages = [ pkgs.direnv ];
|
||||||
|
home-manager.users.makefu.home.file.".direnvrc".text = ''
|
||||||
|
use_nix() {
|
||||||
|
local path="$(nix-instantiate --find-file nixpkgs)"
|
||||||
|
|
||||||
|
if [ -f "$${path}/.version-suffix" ]; then
|
||||||
|
local version="$(< $path/.version-suffix)"
|
||||||
|
elif [ -f "$path/.version" ]; then
|
||||||
|
local version="$(< $path/.version)"
|
||||||
|
else
|
||||||
|
local version="$(< $(< $path/.git/HEAD))"
|
||||||
|
fi
|
||||||
|
|
||||||
|
local cache=".direnv/cache-''${version:-unknown}"
|
||||||
|
|
||||||
|
if [[ ! -e "$cache" ]] || \
|
||||||
|
[[ "$HOME/.direnvrc" -nt "$cache" ]] || \
|
||||||
|
[[ .envrc -nt "$cache" ]] || \
|
||||||
|
[[ default.nix -nt "$cache" ]] || \
|
||||||
|
[[ shell.nix -nt "$cache" ]];
|
||||||
|
then
|
||||||
|
[ -d .direnv ] || mkdir .direnv
|
||||||
|
local tmp=$(nix-shell --show-trace "$@" \
|
||||||
|
--run "\"$direnv\" dump bash")
|
||||||
|
echo "$tmp" > "$cache"
|
||||||
|
fi
|
||||||
|
|
||||||
|
local path_backup=$PATH term_backup=$TERM
|
||||||
|
direnv_load cat "$cache"
|
||||||
|
|
||||||
|
export PATH=$PATH:$path_backup TERM=$term_backup
|
||||||
|
|
||||||
|
if [[ $# = 0 ]]; then
|
||||||
|
watch_file default.nix
|
||||||
|
watch_file shell.nix
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
home-manager.users.makefu.programs.zsh.initExtra = ''
|
||||||
|
nixify() {
|
||||||
|
if [ ! -e ./.envrc ]; then
|
||||||
|
echo "use nix" > .envrc
|
||||||
|
direnv allow
|
||||||
|
fi
|
||||||
|
if [ ! -e default.nix ]; then
|
||||||
|
cat > default.nix <<'EOF'
|
||||||
|
with import <nixpkgs> {};
|
||||||
|
stdenv.mkDerivation {
|
||||||
|
name = "env";
|
||||||
|
buildInputs = [
|
||||||
|
bashInteractive
|
||||||
|
];
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
''${EDITOR:-vim} default.nix
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
eval "$(direnv hook zsh)"
|
||||||
|
'';
|
||||||
|
}
|
||||||
|
{ # bat
|
||||||
|
home-manager.users.makefu.home.packages = [ pkgs.bat ];
|
||||||
|
home-manager.users.makefu.programs.zsh.shellAliases = {
|
||||||
|
cat = "bat";
|
||||||
|
catn = "${pkgs.coreutils}/bin/cat";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
environment.pathsToLink = [ "/share/zsh" ];
|
||||||
|
home-manager.users.makefu = {
|
||||||
|
programs.fzf.enable = false; # alt-c
|
||||||
|
programs.zsh = {
|
||||||
|
enable = true;
|
||||||
|
enableAutosuggestions = false;
|
||||||
|
enableCompletion = true;
|
||||||
|
oh-my-zsh.enable = false;
|
||||||
|
history = {
|
||||||
|
size = 900001;
|
||||||
|
save = 900001;
|
||||||
|
ignoreDups = true;
|
||||||
|
extended = true;
|
||||||
|
share = true;
|
||||||
|
};
|
||||||
|
sessionVariables = {
|
||||||
|
TERM = "rxvt-unicode-256color";
|
||||||
|
LANG = "en_US.UTF8";
|
||||||
|
LS_COLORS = ":di=1;31:";
|
||||||
|
EDITOR = "vim";
|
||||||
|
};
|
||||||
|
shellAliases = {
|
||||||
|
lsl = "ls -lAtr";
|
||||||
|
t = "task";
|
||||||
|
xo = "mimeopen";
|
||||||
|
nmap = "nmap -oN $HOME/loot/scan-`date +\%s`.nmap -oX $HOME/loot/scan-`date +%s`.xml";
|
||||||
|
};
|
||||||
|
initExtra = ''
|
||||||
|
bindkey -e
|
||||||
|
# shift-tab
|
||||||
|
bindkey '^[[Z' reverse-menu-complete
|
||||||
|
bindkey "\e[3~" delete-char
|
||||||
|
zstyle ':completion:*' menu select
|
||||||
|
|
||||||
|
setopt HIST_IGNORE_ALL_DUPS
|
||||||
|
setopt HIST_IGNORE_SPACE
|
||||||
|
setopt HIST_FIND_NO_DUPS
|
||||||
|
|
||||||
|
unset SSH_AGENT_PID
|
||||||
|
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
||||||
|
compdef _pass brain
|
||||||
|
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
|
||||||
|
compdef _pass secrets
|
||||||
|
zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
|
||||||
|
|
||||||
|
# ctrl-x ctrl-e
|
||||||
|
autoload -U edit-command-line
|
||||||
|
zle -N edit-command-line
|
||||||
|
bindkey '^xe' edit-command-line
|
||||||
|
bindkey '^x^e' edit-command-line
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
15
makefu/2configs/hw/malduino_elite.nix
Normal file
15
makefu/2configs/hw/malduino_elite.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
ACTION!="add|change", GOTO="mm_usb_device_blacklist_local_end"
|
||||||
|
SUBSYSTEM!="usb", GOTO="mm_usb_device_blacklist_local_end"
|
||||||
|
ENV{DEVTYPE}!="usb_device", GOTO="mm_usb_device_blacklist_local_end"
|
||||||
|
|
||||||
|
ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9204", ENV{ID_MM_DEVICE_IGNORE}="1"
|
||||||
|
ATTRS{idVendor}=="1b4f" ATTRS{idProduct}=="9203", ENV{ID_MM_DEVICE_IGNORE}="1"
|
||||||
|
|
||||||
|
LABEL="mm_usb_device_blacklist_local_end"
|
||||||
|
'';
|
||||||
|
}
|
@ -6,7 +6,8 @@ in {
|
|||||||
services.printing = {
|
services.printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
drivers = with pkgs; [
|
drivers = with pkgs; [
|
||||||
samsungUnifiedLinuxDriver
|
# samsungUnifiedLinuxDriver
|
||||||
|
splix # scx 3200
|
||||||
cups-dymo # dymo labelwriter
|
cups-dymo # dymo labelwriter
|
||||||
foo2zjs # magicolor 1690mf
|
foo2zjs # magicolor 1690mf
|
||||||
cups-zj-58
|
cups-zj-58
|
||||||
|
15
makefu/2configs/remote-build/aarch64-community.nix
Normal file
15
makefu/2configs/remote-build/aarch64-community.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
nix = {
|
||||||
|
distributedBuilds = true;
|
||||||
|
buildMachines = [
|
||||||
|
{
|
||||||
|
hostName = "aarch64.nixos.community";
|
||||||
|
maxJobs = 64;
|
||||||
|
sshKey = toString <secrets/nixos-community>;
|
||||||
|
sshUser = "makefu";
|
||||||
|
system = "aarch64-linux";
|
||||||
|
supportedFeatures = [ "big-parallel" ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
@ -1,6 +1,7 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
nixpkgs.config.android_sdk.accept_license = true;
|
||||||
users.users.makefu.packages = with pkgs; [
|
users.users.makefu.packages = with pkgs; [
|
||||||
mitmproxy
|
mitmproxy
|
||||||
nmap
|
nmap
|
||||||
|
@ -4,6 +4,7 @@
|
|||||||
users.users.makefu.packages = with pkgs;[
|
users.users.makefu.packages = with pkgs;[
|
||||||
python3
|
python3
|
||||||
python3Packages.pyserial
|
python3Packages.pyserial
|
||||||
|
picocom
|
||||||
python3Packages.virtualenv
|
python3Packages.virtualenv
|
||||||
# embedded
|
# embedded
|
||||||
gi
|
gi
|
||||||
@ -22,6 +23,7 @@
|
|||||||
cdrtools
|
cdrtools
|
||||||
# nix related
|
# nix related
|
||||||
nix-index
|
nix-index
|
||||||
|
nix-review
|
||||||
# git-related
|
# git-related
|
||||||
tig
|
tig
|
||||||
];
|
];
|
||||||
|
@ -2,8 +2,7 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
virtualisation.virtualbox.host.enable = true;
|
virtualisation.virtualbox.host.enable = true;
|
||||||
nixpkgs.config.virtualbox.enableExtensionPack = true;
|
virtualisation.virtualbox.host.enableExtensionPack = true;
|
||||||
virtualisation.virtualbox.host.enableHardening = false;
|
# virtualisation.virtualbox.host.enableHardening = false;
|
||||||
|
|
||||||
users.extraGroups.vboxusers.members = [ config.krebs.build.user.name ];
|
users.extraGroups.vboxusers.members = [ config.krebs.build.user.name ];
|
||||||
}
|
}
|
||||||
|
@ -1,83 +1,11 @@
|
|||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
##
|
|
||||||
with import <stockholm/lib>;
|
|
||||||
let
|
let
|
||||||
mainUser = config.krebs.build.user.name;
|
mainUser = config.krebs.build.user.name;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
|
|
||||||
programs.zsh= {
|
programs.zsh= {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableCompletion = true ; #manually at the end
|
enableCompletion = false; #manually at the end
|
||||||
interactiveShellInit = ''
|
|
||||||
HISTSIZE=900001
|
|
||||||
HISTFILESIZE=$HISTSIZE
|
|
||||||
SAVEHIST=$HISTSIZE
|
|
||||||
HISTFILE=$HOME/.zsh_history
|
|
||||||
|
|
||||||
setopt HIST_IGNORE_ALL_DUPS
|
|
||||||
setopt HIST_IGNORE_SPACE
|
|
||||||
setopt HIST_FIND_NO_DUPS
|
|
||||||
bindkey -e
|
|
||||||
# shift-tab
|
|
||||||
bindkey '^[[Z' reverse-menu-complete
|
|
||||||
bindkey "\e[3~" delete-char
|
|
||||||
zstyle ':completion:*' menu select
|
|
||||||
|
|
||||||
${pkgs.gnupg}/bin/gpg-connect-agent updatestartuptty /bye >/dev/null
|
|
||||||
GPG_TTY=$(tty)
|
|
||||||
export GPG_TTY
|
|
||||||
LS_COLORS=$LS_COLORS:'di=1;31:' ; export LS_COLORS
|
|
||||||
|
|
||||||
unset SSH_AGENT_PID
|
|
||||||
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
|
||||||
|
|
||||||
# fzf
|
|
||||||
__fsel_fzf() {
|
|
||||||
local cmd="''${FZF_CTRL_T_COMMAND:-"command find -L . -mindepth 1 \\( -path '*/\\.*' -o -fstype 'sysfs' -o -fstype 'devfs' -o -fstype 'devtmpfs' -o -fstype 'proc' \\) -prune \
|
|
||||||
-o -type f -print \
|
|
||||||
-o -type d -print \
|
|
||||||
-o -type l -print 2> /dev/null | cut -b3-"}"
|
|
||||||
setopt localoptions pipefail 2> /dev/null
|
|
||||||
eval "$cmd" | FZF_DEFAULT_OPTS="--height ''${FZF_TMUX_HEIGHT:-40%} --reverse $FZF_DEFAULT_OPTS $FZF_CTRL_T_OPTS" $(__fzfcmd) -m "$@" | while read item; do
|
|
||||||
echo -n "''${(q)item} "
|
|
||||||
done
|
|
||||||
local ret=$?
|
|
||||||
echo
|
|
||||||
return $ret
|
|
||||||
}
|
|
||||||
|
|
||||||
__fzf_use_tmux__() {
|
|
||||||
[ -n "$TMUX_PANE" ] && [ "''${FZF_TMUX:-0}" != 0 ] && [ ''${LINES:-40} -gt 15 ]
|
|
||||||
}
|
|
||||||
|
|
||||||
__fzfcmd() {
|
|
||||||
__fzf_use_tmux__ &&
|
|
||||||
echo "fzf-tmux -d''${FZF_TMUX_HEIGHT:-40%}" || echo "fzf"
|
|
||||||
}
|
|
||||||
|
|
||||||
fzf-file-widget() {
|
|
||||||
LBUFFER="''${LBUFFER}$(__fsel_fzf)"
|
|
||||||
local ret=$?
|
|
||||||
zle redisplay
|
|
||||||
typeset -f zle-line-init >/dev/null && zle zle-line-init
|
|
||||||
return $ret
|
|
||||||
}
|
|
||||||
zle -N fzf-file-widget
|
|
||||||
bindkey '^T' fzf-file-widget
|
|
||||||
|
|
||||||
compdef _pass brain
|
|
||||||
zstyle ':completion::complete:brain::' prefix "$HOME/brain"
|
|
||||||
compdef _pass secrets
|
|
||||||
zstyle ':completion::complete:secrets::' prefix "$HOME/.secrets-pass/"
|
|
||||||
|
|
||||||
# ctrl-x ctrl-e
|
|
||||||
autoload -U edit-command-line
|
|
||||||
zle -N edit-command-line
|
|
||||||
bindkey '^xe' edit-command-line
|
|
||||||
bindkey '^x^e' edit-command-line
|
|
||||||
|
|
||||||
'';
|
|
||||||
|
|
||||||
promptInit = ''
|
promptInit = ''
|
||||||
RPROMPT=""
|
RPROMPT=""
|
||||||
@ -93,8 +21,8 @@ in
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
users.users.${mainUser}.packages = [
|
users.users.${mainUser} = {
|
||||||
pkgs.nix-zsh-completions
|
shell = "/run/current-system/sw/bin/zsh";
|
||||||
pkgs.fzf
|
packages = [ pkgs.nix-zsh-completions ];
|
||||||
];
|
};
|
||||||
}
|
}
|
||||||
|
23
makefu/5pkgs/baidudl/default.nix
Normal file
23
makefu/5pkgs/baidudl/default.nix
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{ stdenv, lib, pkgs, curl, jansson ,fetchFromGitHub, autoreconfHook }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "baidudl";
|
||||||
|
version = "2018-01-16";
|
||||||
|
name = "${pname}-${version}";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "yzfedora";
|
||||||
|
repo = "baidudl";
|
||||||
|
rev = "712f2554a5ef7b2eba5c248d6406a6c535ef47b2";
|
||||||
|
sha256 = "1nfzalyd9k87q6njdxpg7pa62q6hyfr2vwxwvahaflyp31nlpa0y";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
nativeBuildInputs = [ autoreconfHook ];
|
||||||
|
buildInputs = [ curl.dev jansson ];
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
homepage = https://github.com/yzfedora/baidudl;
|
||||||
|
description = "This is a multi-thread download tool for pan.baidu.com";
|
||||||
|
license = lib.licenses.gpl3;
|
||||||
|
};
|
||||||
|
}
|
@ -21,9 +21,19 @@ with super.lib; with builtins; let
|
|||||||
|
|
||||||
in {
|
in {
|
||||||
quodlibet = super.pkgs.stdenv.lib.overrideDerivation super.quodlibet (old: {
|
quodlibet = super.pkgs.stdenv.lib.overrideDerivation super.quodlibet (old: {
|
||||||
|
doCheck = false; # 1 error because of warnings (possibly upstream)
|
||||||
patches = [ ./custom/quodlibet/single-digit-discnumber.patch
|
patches = [ ./custom/quodlibet/single-digit-discnumber.patch
|
||||||
./custom/quodlibet/remove-override-warning.patch ];
|
./custom/quodlibet/remove-override-warning.patch ];
|
||||||
});
|
});
|
||||||
|
rclone = super.pkgs.stdenv.lib.overrideDerivation super.rclone (old: {
|
||||||
|
postInstall = old.postInstall + ''
|
||||||
|
|
||||||
|
$bin/bin/rclone genautocomplete zsh _rclone
|
||||||
|
install -D -m644 _rclone $bin/share/zsh/vendor-completions/_rclone
|
||||||
|
$bin/bin/rclone genautocomplete bash _rclone
|
||||||
|
install -D -m644 _rclone $bin/etc/bash_completion.d/rclone
|
||||||
|
'';
|
||||||
|
});
|
||||||
alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";};
|
alsa-hdspconf = callPackage ./custom/alsa-tools { alsaToolTarget="hdspconf";};
|
||||||
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
|
alsa-hdspmixer = callPackage ./custom/alsa-tools { alsaToolTarget="hdspmixer";};
|
||||||
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
|
alsa-hdsploader = callPackage ./custom/alsa-tools { alsaToolTarget="hdsploader";};
|
||||||
|
@ -27,15 +27,15 @@
|
|||||||
# TODO: we want to track the unstable channel
|
# TODO: we want to track the unstable channel
|
||||||
symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/";
|
symlink = "/nix/var/nix/profiles/per-user/root/channels/nixos/";
|
||||||
} else {
|
} else {
|
||||||
file = {
|
derivation = ''
|
||||||
path = toString (pkgs.fetchFromGitHub {
|
with import <nixpkgs> {};
|
||||||
|
pkgs.fetchFromGitHub {
|
||||||
owner = "makefu";
|
owner = "makefu";
|
||||||
repo = "nixpkgs";
|
repo = "nixpkgs";
|
||||||
rev = nixpkgs-src.rev;
|
rev = "${nixpkgs-src.rev}";
|
||||||
sha256 = nixpkgs-src.sha256;
|
sha256 = "${nixpkgs-src.sha256}";
|
||||||
});
|
}
|
||||||
useChecksum = true;
|
'';
|
||||||
};
|
|
||||||
};
|
};
|
||||||
nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
|
nixos-config.symlink = "stockholm/makefu/1systems/${name}/config.nix";
|
||||||
|
|
||||||
@ -74,7 +74,7 @@
|
|||||||
(lib.mkIf ( host-src.home-manager ) {
|
(lib.mkIf ( host-src.home-manager ) {
|
||||||
home-manager.git = {
|
home-manager.git = {
|
||||||
url = https://github.com/rycee/home-manager;
|
url = https://github.com/rycee/home-manager;
|
||||||
ref = "f947faf";
|
ref = "4aa07c3";
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"url": "https://github.com/makefu/nixpkgs",
|
"url": "https://github.com/makefu/nixpkgs",
|
||||||
"rev": "9728b2e83406c76efc734ebb1923f23b8e687819",
|
"rev": "125873064a6eabd2896833d00aede7778a453fdf",
|
||||||
"date": "2018-11-19T20:36:35+01:00",
|
"date": "2019-01-11T14:24:21+01:00",
|
||||||
"sha256": "0nk75ldppjr6x04hgghgg9vanr1cw4k5xhg699d38g2rpxviz5bp",
|
"sha256": "1ki50426m9simqvxdzckfgycibz5rdhwl6hzi31i72dqiafl8j6s",
|
||||||
"fetchSubmodules": false
|
"fetchSubmodules": false
|
||||||
}
|
}
|
||||||
|
@ -1 +1 @@
|
|||||||
Subproject commit 61b5ef3b8e7e4d601db67a20f14a5022e9de8398
|
Subproject commit 5b8fb8dc0ee14672d7fd533bd98635b8725dbb29
|
@ -20,6 +20,7 @@ with import <stockholm/lib>;
|
|||||||
<stockholm/tv/2configs/br.nix>
|
<stockholm/tv/2configs/br.nix>
|
||||||
<stockholm/tv/2configs/xp-332.nix>
|
<stockholm/tv/2configs/xp-332.nix>
|
||||||
<stockholm/tv/2configs/xserver>
|
<stockholm/tv/2configs/xserver>
|
||||||
|
<stockholm/tv/2configs/xserver/xkiller.nix>
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
||||||
@ -156,10 +157,5 @@ with import <stockholm/lib>;
|
|||||||
# The NixOS release to be compatible with for stateful data such as databases.
|
# The NixOS release to be compatible with for stateful data such as databases.
|
||||||
system.stateVersion = "15.09";
|
system.stateVersion = "15.09";
|
||||||
|
|
||||||
tv.nixpkgs-overlays = {
|
|
||||||
krebs = "/home/tv/stockholm/krebs/5pkgs";
|
|
||||||
tv = "/home/tv/stockholm/tv/5pkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
virtualisation.virtualbox.host.enable = true;
|
virtualisation.virtualbox.host.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -60,7 +60,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
xu-pull-ni-ejabberd = {
|
xu-pull-ni-ejabberd = {
|
||||||
method = "pull";
|
method = "pull";
|
||||||
src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
|
src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
|
||||||
dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; };
|
dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; };
|
||||||
startAt = "07:00";
|
startAt = "07:00";
|
||||||
};
|
};
|
||||||
@ -78,7 +78,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
zu-pull-ni-ejabberd = {
|
zu-pull-ni-ejabberd = {
|
||||||
method = "pull";
|
method = "pull";
|
||||||
src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; };
|
src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
|
||||||
dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; };
|
dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; };
|
||||||
startAt = "06:00";
|
startAt = "06:00";
|
||||||
};
|
};
|
||||||
|
@ -92,7 +92,6 @@ with import <stockholm/lib>;
|
|||||||
environment.variables = {
|
environment.variables = {
|
||||||
NIX_PATH = mkForce (concatStringsSep ":" [
|
NIX_PATH = mkForce (concatStringsSep ":" [
|
||||||
"secrets=/var/src/stockholm/null"
|
"secrets=/var/src/stockholm/null"
|
||||||
"nixpkgs-overlays=${config.tv.nixpkgs-overlays}"
|
|
||||||
"/var/src"
|
"/var/src"
|
||||||
]);
|
]);
|
||||||
};
|
};
|
||||||
|
@ -67,10 +67,12 @@ let {
|
|||||||
cgit.desc = "source code installer";
|
cgit.desc = "source code installer";
|
||||||
};
|
};
|
||||||
q = {};
|
q = {};
|
||||||
|
reaktor2 = {};
|
||||||
regfish = {};
|
regfish = {};
|
||||||
stockholm = {
|
stockholm = {
|
||||||
cgit.desc = "NixOS configuration";
|
cgit.desc = "NixOS configuration";
|
||||||
};
|
};
|
||||||
|
with-ssh = {};
|
||||||
} // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
|
} // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
|
||||||
ni = {
|
ni = {
|
||||||
};
|
};
|
||||||
@ -102,6 +104,7 @@ let {
|
|||||||
nixos-infest = {};
|
nixos-infest = {};
|
||||||
painload = {};
|
painload = {};
|
||||||
push = {};
|
push = {};
|
||||||
|
Reaktor = {};
|
||||||
with-tmpdir = {};
|
with-tmpdir = {};
|
||||||
get = {};
|
get = {};
|
||||||
load-env = {};
|
load-env = {};
|
||||||
|
@ -22,7 +22,7 @@ with import <stockholm/lib>;
|
|||||||
highlight_megabytes=1
|
highlight_megabytes=1
|
||||||
highlight_threads=1
|
highlight_threads=1
|
||||||
tree_view=1
|
tree_view=1
|
||||||
header_margin=1
|
header_margin=0
|
||||||
detailed_cpu_time=0
|
detailed_cpu_time=0
|
||||||
cpu_count_from_zero=0
|
cpu_count_from_zero=0
|
||||||
update_process_names=0
|
update_process_names=0
|
||||||
|
@ -1,13 +1,10 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }: {
|
||||||
|
|
||||||
with pkgs;
|
|
||||||
{
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
much
|
pkgs.haskellPackages.much
|
||||||
msmtp
|
pkgs.msmtp
|
||||||
notmuch
|
pkgs.notmuch
|
||||||
pythonPackages.alot
|
pkgs.pythonPackages.alot
|
||||||
qprint
|
pkgs.qprint
|
||||||
w3m
|
pkgs.w3m
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -17,6 +17,7 @@ pkgs.writeText "Xmodmap" ''
|
|||||||
keycode 39 = s S ssharp
|
keycode 39 = s S ssharp
|
||||||
|
|
||||||
keycode 33 = p P Greek_pi Greek_PI
|
keycode 33 = p P Greek_pi Greek_PI
|
||||||
|
keycode 40 = d D Greek_delta Greek_DELTA
|
||||||
keycode 46 = l L Greek_lambda Greek_LAMBDA
|
keycode 46 = l L Greek_lambda Greek_LAMBDA
|
||||||
|
|
||||||
keycode 54 = c C cacute Cacute
|
keycode 54 = c C cacute Cacute
|
||||||
|
14
tv/2configs/xserver/xkiller.nix
Normal file
14
tv/2configs/xserver/xkiller.nix
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{ pkgs, ... }: {
|
||||||
|
|
||||||
|
services.acpid.enable = true;
|
||||||
|
services.acpid.handlers.xkiller = {
|
||||||
|
action = /* sh */ ''
|
||||||
|
event=($1)
|
||||||
|
if test "''${event[2]}" = 00000080; then
|
||||||
|
${pkgs.systemd}/bin/systemd-cat -t xkiller ${pkgs.xkiller}
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
event = "button/prog1";
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -5,7 +5,6 @@
|
|||||||
./ejabberd
|
./ejabberd
|
||||||
./hosts.nix
|
./hosts.nix
|
||||||
./iptables.nix
|
./iptables.nix
|
||||||
./nixpkgs-overlays.nix
|
|
||||||
./slock.nix
|
./slock.nix
|
||||||
./x0vncserver.nix
|
./x0vncserver.nix
|
||||||
];
|
];
|
||||||
|
@ -67,7 +67,7 @@ in {
|
|||||||
type = types.user;
|
type = types.user;
|
||||||
default = {
|
default = {
|
||||||
name = "ejabberd";
|
name = "ejabberd";
|
||||||
home = "/var/ejabberd";
|
home = "/var/lib/ejabberd";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -1,23 +0,0 @@
|
|||||||
with import <stockholm/lib>;
|
|
||||||
{ config, pkgs, ... }: {
|
|
||||||
|
|
||||||
options.tv.nixpkgs-overlays = mkOption {
|
|
||||||
apply = src:
|
|
||||||
pkgs.runCommand "nixpkgs-overlays" {} ''
|
|
||||||
mkdir $out
|
|
||||||
${concatStringsSep "\n" (mapAttrsToList (name: path:
|
|
||||||
"ln -s ${shell.escape path} $out/${shell.escape name}"
|
|
||||||
) src)}
|
|
||||||
'' // {
|
|
||||||
inherit src;
|
|
||||||
};
|
|
||||||
type = types.attrsOf types.absolute-pathname;
|
|
||||||
};
|
|
||||||
|
|
||||||
config = {
|
|
||||||
tv.nixpkgs-overlays = {
|
|
||||||
krebs = mkDefault "/var/src/stockholm/krebs/5pkgs";
|
|
||||||
tv = mkDefault "/var/src/stockholm/tv/5pkgs";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -5,10 +5,12 @@ in {
|
|||||||
options.tv.slock = {
|
options.tv.slock = {
|
||||||
enable = mkEnableOption "tv.slock";
|
enable = mkEnableOption "tv.slock";
|
||||||
package = mkOption {
|
package = mkOption {
|
||||||
default = pkgs.execBin "slock" rec {
|
default = pkgs.writeDashBin "slock" ''
|
||||||
filename = "${pkgs.systemd}/bin/systemctl";
|
set -efu
|
||||||
argv = [ filename "start" "slock-${cfg.user.name}.service" ];
|
display=''${DISPLAY#:}
|
||||||
};
|
service=slock-$LOGNAME@$display.service
|
||||||
|
exec ${pkgs.systemd}/bin/systemctl start "$service"
|
||||||
|
'';
|
||||||
type = types.package;
|
type = types.package;
|
||||||
};
|
};
|
||||||
user = mkOption {
|
user = mkOption {
|
||||||
@ -18,16 +20,16 @@ in {
|
|||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
security.polkit.extraConfig = /* js */ ''
|
security.polkit.extraConfig = /* js */ ''
|
||||||
polkit.addRule(function(action, subject) {
|
polkit.addRule(function(action, subject) {
|
||||||
if (action.id == "org.freedesktop.systemd1.manage-units" &&
|
if (action.id === "org.freedesktop.systemd1.manage-units" &&
|
||||||
action.lookup("unit") == "slock-${cfg.user.name}.service" &&
|
subject.user === ${toJSON cfg.user.name} &&
|
||||||
subject.user == ${toJSON cfg.user.name}) {
|
/^slock-${cfg.user.name}@[0-9]+\.service$/.test(action.lookup("unit")) ) {
|
||||||
return polkit.Result.YES;
|
return polkit.Result.YES;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
'';
|
'';
|
||||||
systemd.services."slock-${cfg.user.name}" = {
|
systemd.services."slock-${cfg.user.name}@" = {
|
||||||
environment = {
|
environment = {
|
||||||
DISPLAY = ":${toString config.services.xserver.display}";
|
DISPLAY = ":%I";
|
||||||
LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
|
LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
|
||||||
passAsFile = ["text"];
|
passAsFile = ["text"];
|
||||||
text = /* c */ ''
|
text = /* c */ ''
|
||||||
|
@ -24,6 +24,12 @@ foldl' mergeAttrs {}
|
|||||||
"$@"
|
"$@"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
dhcpcd = overrideDerivation super.dhcpcd (old: {
|
||||||
|
configureFlags = old.configureFlags ++ [
|
||||||
|
"--dbdir=/var/lib/dhcpcd"
|
||||||
|
];
|
||||||
|
});
|
||||||
|
|
||||||
gitAndTools = super.gitAndTools // {
|
gitAndTools = super.gitAndTools // {
|
||||||
inherit (self) diff-so-fancy;
|
inherit (self) diff-so-fancy;
|
||||||
};
|
};
|
||||||
|
@ -14,7 +14,7 @@ let
|
|||||||
assert n >= 1;
|
assert n >= 1;
|
||||||
n * calwidth + (n - 1) * hspace;
|
n * calwidth + (n - 1) * hspace;
|
||||||
|
|
||||||
pad = ''{
|
pad = /* sh */ ''{
|
||||||
${pkgs.gnused}/bin/sed '
|
${pkgs.gnused}/bin/sed '
|
||||||
# rtrim
|
# rtrim
|
||||||
s/ *$//
|
s/ *$//
|
||||||
@ -31,7 +31,7 @@ let
|
|||||||
s/^[ 1-9][0-9]/[38;5;238;1m&[39;22m/
|
s/^[ 1-9][0-9]/[38;5;238;1m&[39;22m/
|
||||||
'
|
'
|
||||||
}'';
|
}'';
|
||||||
in ''
|
in /* sh */ ''
|
||||||
cols=$(${pkgs.ncurses}/bin/tput cols)
|
cols=$(${pkgs.ncurses}/bin/tput cols)
|
||||||
${pkgs.coreutils}/bin/paste \
|
${pkgs.coreutils}/bin/paste \
|
||||||
<(if test $cols -ge ${toString (need_width 3)}; then
|
<(if test $cols -ge ${toString (need_width 3)}; then
|
||||||
@ -59,24 +59,24 @@ let
|
|||||||
'
|
'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-isodate = ''
|
q-isodate = /* sh */ ''
|
||||||
${pkgs.coreutils}/bin/date \
|
${pkgs.coreutils}/bin/date \
|
||||||
'+[1m%Y-%m-%d[;30mT[;38;5;085m%H:%M[m:%S%:z'
|
'+[1m%Y-%m-%d[;30mT[;38;5;085m%H:%M[m:%S%:z'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# Singapore's red is #ED2E38
|
# Singapore's red is #ED2E38
|
||||||
q-sgtdate = ''
|
q-sgtdate = /* sh */ ''
|
||||||
TZ=Asia/Singapore \
|
TZ=Asia/Singapore \
|
||||||
${pkgs.coreutils}/bin/date \
|
${pkgs.coreutils}/bin/date \
|
||||||
'+[1m%Y-%m-%d[;30mT[;38;5;088m%H:%M[m:%S%:z'
|
'+[1m%Y-%m-%d[;30mT[;38;5;088m%H:%M[m:%S%:z'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-utcdate = ''
|
q-utcdate = /* sh */ ''
|
||||||
${pkgs.coreutils}/bin/date -u \
|
${pkgs.coreutils}/bin/date -u \
|
||||||
'+[1m%Y-%m-%d[;30mT[;38;5;065m%H:%M[m:%S%:z'
|
'+[1m%Y-%m-%d[;30mT[;38;5;065m%H:%M[m:%S%:z'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-gitdir = ''
|
q-gitdir = /* sh */ ''
|
||||||
if test -d .git; then
|
if test -d .git; then
|
||||||
#git status --porcelain
|
#git status --porcelain
|
||||||
branch=$(
|
branch=$(
|
||||||
@ -87,7 +87,7 @@ let
|
|||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-intel_backlight = ''
|
q-intel_backlight = /* sh */ ''
|
||||||
cd /sys/class/backlight/intel_backlight
|
cd /sys/class/backlight/intel_backlight
|
||||||
</dev/null exec ${pkgs.gawk}/bin/awk '
|
</dev/null exec ${pkgs.gawk}/bin/awk '
|
||||||
END {
|
END {
|
||||||
@ -227,11 +227,11 @@ let
|
|||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-virtualization = ''
|
q-virtualization = /* sh */ ''
|
||||||
echo "VT: $(${pkgs.systemd}/bin/systemd-detect-virt)"
|
echo "VT: $(${pkgs.systemd}/bin/systemd-detect-virt)"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-wireless = ''
|
q-wireless = /* sh */ ''
|
||||||
for dev in $(
|
for dev in $(
|
||||||
${pkgs.iw}/bin/iw dev \
|
${pkgs.iw}/bin/iw dev \
|
||||||
| ${pkgs.gnused}/bin/sed -n 's/^\s*Interface\s\+\([0-9a-z]\+\)$/\1/p'
|
| ${pkgs.gnused}/bin/sed -n 's/^\s*Interface\s\+\([0-9a-z]\+\)$/\1/p'
|
||||||
@ -250,7 +250,7 @@ let
|
|||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-online = ''
|
q-online = /* sh */ ''
|
||||||
if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
|
if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
|
||||||
echo '[32;1monline[m'
|
echo '[32;1monline[m'
|
||||||
else
|
else
|
||||||
@ -258,7 +258,7 @@ let
|
|||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-thermal_zone = ''
|
q-thermal_zone = /* sh */ ''
|
||||||
for i in /sys/class/thermal/thermal_zone*; do
|
for i in /sys/class/thermal/thermal_zone*; do
|
||||||
type=$(${pkgs.coreutils}/bin/cat $i/type)
|
type=$(${pkgs.coreutils}/bin/cat $i/type)
|
||||||
temp=$(${pkgs.coreutils}/bin/cat $i/temp)
|
temp=$(${pkgs.coreutils}/bin/cat $i/temp)
|
||||||
@ -266,29 +266,26 @@ let
|
|||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
|
|
||||||
q-todo = ''
|
q-todo = /* sh */ ''
|
||||||
TODO_file=$PWD/TODO
|
TODO_file=$PWD/TODO
|
||||||
if test -e "$TODO_file"; then
|
if test -e "$TODO_file"; then
|
||||||
${pkgs.coreutils}/bin/cat "$TODO_file" \
|
${pkgs.jq}/bin/jq -Rrs <"$TODO_file" -f ${pkgs.writeJq "q-todo.jq" ''
|
||||||
| ${pkgs.gawk}/bin/gawk -v now=$(${pkgs.coreutils}/bin/date +%s) '
|
split("\n") | map(
|
||||||
BEGIN { print "remind=0" }
|
(match("^([0-9]+-\\d{2}-\\d{2})\\s+(.*)$").captures | map(.string))
|
||||||
/^[0-9]/{
|
as $captures |
|
||||||
x = $1
|
($captures[0] | strptime("%Y-%m-%d") | mktime) as $date |
|
||||||
gsub(".", "\\\\&", x)
|
$captures[1] as $text |
|
||||||
rest = substr($0, index($0, " "))
|
|
||||||
rest = $0
|
select(now >= $date) |
|
||||||
sub(" *", "", rest)
|
|
||||||
gsub(".", "\\\\&", rest)
|
($text | test("\\[URGENT]"; "i")) as $urgent |
|
||||||
print "test $(${pkgs.coreutils}/bin/date +%s -d"x") -lt "now" && \
|
(if $urgent then "38;5;196" else "38;5;208" end) as $sgr |
|
||||||
echo \"\x1b[38;5;208m\""rest esc "\"\x1b[m\" && \
|
if $urgent then sub("\\s*\\[URGENT]\\s*"; " "; "i") else . end |
|
||||||
(( remind++ ))"
|
|
||||||
}
|
"\u001b[\($sgr)m\(.)\u001b[m"
|
||||||
END { print "test $remind = 0 && echo \"nothing to remind\"" }
|
) |
|
||||||
' \
|
if length == 0 then "nothing to remind" else .[] end
|
||||||
| {
|
''}
|
||||||
# bash needed for (( ... ))
|
|
||||||
${pkgs.bash}/bin/bash
|
|
||||||
}
|
|
||||||
else
|
else
|
||||||
echo "$TODO_file: no such file or directory"
|
echo "$TODO_file: no such file or directory"
|
||||||
fi
|
fi
|
||||||
|
25
tv/5pkgs/simple/xkiller.nix
Normal file
25
tv/5pkgs/simple/xkiller.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{ pkgs }:
|
||||||
|
pkgs.writeDash "xkiller" ''
|
||||||
|
set -efu
|
||||||
|
exec >&2
|
||||||
|
${pkgs.iproute}/bin/ss -lp src unix:/tmp/.X11-unix/X* |
|
||||||
|
${pkgs.gnused}/bin/sed -n '
|
||||||
|
s|.*/tmp/.X11-unix/X\([0-9]\+\)\>.*("X[^"]*",pid=\([0-9]\+\)\>.*|\1 \2|p
|
||||||
|
' |
|
||||||
|
while read -r display pid; do
|
||||||
|
{
|
||||||
|
exit_code=$(
|
||||||
|
DISPLAY=:$display ${pkgs.coreutils}/bin/timeout 1 \
|
||||||
|
${pkgs.xorg.xset}/bin/xset q >/dev/null 2>&1 &&
|
||||||
|
echo 0 || echo $?
|
||||||
|
)
|
||||||
|
if test $exit_code = 124; then
|
||||||
|
echo "X on display :$display is locked up; killing PID $pid..."
|
||||||
|
${pkgs.coreutils}/bin/kill -SIGKILL "$pid"
|
||||||
|
else
|
||||||
|
echo "X on display :$display is healthy"
|
||||||
|
fi
|
||||||
|
} &
|
||||||
|
done
|
||||||
|
wait
|
||||||
|
''
|
Loading…
Reference in New Issue
Block a user