Merge branch 'master' of prism.r:stockholm
This commit is contained in:
commit
cd4f0290ed
84
krebs/3modules/external/default.nix
vendored
84
krebs/3modules/external/default.nix
vendored
@ -229,6 +229,90 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
rose = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.rose.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.rose.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.178";
|
||||||
|
aliases = [ "rose.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEA0h88uEcgVFhggGh3xqHySt8T+oDdoSN8ve4ZPmMzrGCD4dnlWcUO
|
||||||
|
6uMiwE7XG667wvjB0J2RbCJ8n8/r6eQgp6sRfPzSQL/Mc74J+py+sOVOjjjL5wJX
|
||||||
|
btrYmASO3GKUSMhGmM0IiwHMIPrmUViaREDrweF3bUwK45d/ocqpBkc+nF27kksd
|
||||||
|
DMYjHMWRIkKuQaj592zo/kY1pAJ/yAvDPess0x1CLL6uDNbjTr2S/L7JHdzZs9Xq
|
||||||
|
1+SGdVtqD0sWgSBKA0PC/Mi+Divd4PC1SoSL7wZRWD0Y2DNgj3+xUc7hAWRCw2Gs
|
||||||
|
5wofK+qiwnyYAmeNYcyQfDLosKZF9hOM8U3UbxptkPLsOK3cfZoGoLQCuOryVDBe
|
||||||
|
6GfJkJ49WfuSSNWs3WPWL6/6zmVPeGR0TvoMt02VQ3cKTmeIkWyTIzSVoC7wYv5D
|
||||||
|
Dl8Xt3aFr9UFI2GxenesViyuDLi8cy2fOsM3r+gowXQtgEKoXc9W2vyPwIIlcWUJ
|
||||||
|
QrKVsyNlkKKL0YjsnGazaEvqdiE30/Iq7f7VBnXnWXRLnZhr85HbTdDQnpT4GcEv
|
||||||
|
W3jpl1y5zShr5Hz90QoYcUTsxg9uk/+yqKpwUySZ6Gh4q0bo5k7nkM9i8mCMfNGZ
|
||||||
|
0UU94QmwS9RoV4Mt4pSLYRcCs0mVeEjLuIfTFHkXc6LCjBWMn8ICfeMCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
martha = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.martha.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.martha.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.179";
|
||||||
|
aliases = [ "martha.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEA3lR3Wup2yd9SYs9n9a7lq/jXxlKdwjgp9gPEirLn3/XCFM7NpLIp
|
||||||
|
LRm3Wdplv0NWim4zI3AsdGmUBrV3y0Ugj48Td4RpXlOiFjS8NHnvRbamCZF7m/pJ
|
||||||
|
3T/QpQx98+QEKXb3gZ5aDGgcHLRbUYUBuwFOxAKaikuDe2qJxqXqOmA7RXZDkEqe
|
||||||
|
FrQE/H1/+8HqJ1vhgZKi3Vu7zLRB1EV8nggWFjQKR8o0AeViLwM3OxFtGyKTaXuK
|
||||||
|
WAQrvSdKQDpQwqAPogyeftGesOfW7z0xrelkux10p42YM9epYvZDFRG97/nupw/S
|
||||||
|
iYGiTTFDBDTzpyT3zl1uwhmQ3re/nJXf5e4fgnZEcsweU8ysHtDhbimqrm9impVn
|
||||||
|
XdKnnuNa9F8VlyHCT2pVC9+WDKDNtA2M8f+8lG8/hoJ7hhp5HhBZ3ncROyQqOg4F
|
||||||
|
e6YtaFidi+fYXjQkdUXHv5FCkqFJnoxZdI2vwqU2DumltG/o+qsksI2WSsLsuMVs
|
||||||
|
sa4KUq0+5OsmCJnIAKWV2YwbLVf1tJMjPGA0jQECrHPL6SKobRefqav6MPuTbytC
|
||||||
|
4frtEIGbfdKqQ6nNTvTpCrAo+WAm3NE3khTYqGe4LqX/JMoGtWXp/Ex9IdG+sflM
|
||||||
|
mESMjuHp9vPY4aZGPtYPP93Cxv3q7gm+EfIGebajISpaG28J+XjiNNsCAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
donna = {
|
||||||
|
owner = config.krebs.users.Mic92;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
addrs = [
|
||||||
|
config.krebs.hosts.donna.nets.retiolum.ip4.addr
|
||||||
|
config.krebs.hosts.donna.nets.retiolum.ip6.addr
|
||||||
|
];
|
||||||
|
ip4.addr = "10.243.29.180";
|
||||||
|
aliases = [ "donna.r" ];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIICCgKCAgEAnv5zVPwjHk5Q72D3tv2rlQkp7SOsZD7Wvz8l1yI/mWkxoriJ9MVa
|
||||||
|
x8RziSB3KF8sF1lRWIKmuynkgLI3w0X/YFs/fAvtayxk6Qf8DOl23Vd8Is0h/i3I
|
||||||
|
0fCmCEIHhHboKsREW6NxY7w5WAI2+SFNmGef1P7vzrAv7iLyPbo9nQ8wlrAmc+PJ
|
||||||
|
Ao3BOf4U7kP778fhsPA4dlGtF2v9CBhygeGVI/DQR8jcvzeiPd2Dr0k/JvrVMYtf
|
||||||
|
wJW4xUwZkIpws/yfI8b4VJOFl2X/Yw9712Z8Jvga0rR32OG4YbnggvuCMum1g94k
|
||||||
|
YwMjaSckv1XTalvPQuf1Od96XzwL2hjPFpEK3Tdl4AitMnArgj9HNzhcRL+eGonf
|
||||||
|
U24zk52OToHnoP3palNpodi7DziIBeXIaIMl7VMXku2ymbOUJsI6zeew+uZahJkv
|
||||||
|
QIWjxveQ8N40BoTc8Yg6pea1AId3l4f3brtwJbQOVbb3bVQ5VcrxM9Q/TBvyADYR
|
||||||
|
Knwszxw3uBw5Za1FMbwCPwd8/y/Ar19qGCx25xK0QnsyqZZT/cHsbBOTzh6BBWwI
|
||||||
|
IzbYu49VO/B1rktYzZ2l2ENQy6OILXWbvFjC8Pt8f1ZZQ4A21PyNA1AdyJ/rbVj7
|
||||||
|
awm3OnnvKSvMCXWnwHPFHjksb3qMx96Aep1cw3ZBx0sQQ41UWBoOsi8CAwEAAQ==
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
inspector = {
|
inspector = {
|
||||||
owner = config.krebs.users.Mic92;
|
owner = config.krebs.users.Mic92;
|
||||||
nets = rec {
|
nets = rec {
|
||||||
|
@ -393,6 +393,55 @@ in {
|
|||||||
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzb9BPFClubs6wSOi/ivqPFVPlowXwAxBS0jHaB29hX";
|
||||||
syncthing.id = "PCDXICO-GMGWKSB-V6CYF3I-LQMZSGV-B7YBJXA-DVO7KXN-TFCSQXW-XY6WNQD";
|
syncthing.id = "PCDXICO-GMGWKSB-V6CYF3I-LQMZSGV-B7YBJXA-DVO7KXN-TFCSQXW-XY6WNQD";
|
||||||
};
|
};
|
||||||
|
xerxes = {
|
||||||
|
cores = 2;
|
||||||
|
nets = rec {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.1.3";
|
||||||
|
ip6.addr = r6 "3";
|
||||||
|
aliases = [
|
||||||
|
"xerxes.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIECgKCBAEArqEaK+m7WZe/9/Vbc+qx2TjkkRJ9lDgDMr1dvj98xb8/EveUME6U
|
||||||
|
MZyAqNjLuKq3CKzJLo02ZmdFs4CT1Hj28p5IC0wLUWn53hrqdy8cCJDvIiKIv+Jk
|
||||||
|
gItsxJyMnRtsdDbB6IFJ08D5ReGdAFJT5lqpN0DZuNC6UQRxzUK5fwKYVVzVX2+W
|
||||||
|
/EZzEPe5XbE69V/Op2XJ2G6byg9KjOzNJyJxyjwVco7OXn1OBNp94NXoFrUO7kxb
|
||||||
|
mTNnh3D+iB4c3qv8woLhmb+Uh/9MbXS14QrSf85ou4kfUjb5gdhjIlzz+jfA/6XO
|
||||||
|
X4t86uv8L5IzrhSGb0TmhrIh5HhUmSKT4RdHJom0LB7EASMR2ZY9AqIG11XmXuhj
|
||||||
|
+2b5INBZSj8Cotv5aoRXiPSaOd7bw7lklYe4ZxAU+avXot9K3/4XVLmi6Wa6Okim
|
||||||
|
hz+MEYjW5gXY+YSUWXOR4o24jTmDjQJpdL83eKwLVAtbrE7TcVszHX6zfMoQZ5M9
|
||||||
|
3EtOkDMxhC+WfkL+DLQAURhgcPTZoaj0cAlvpb0TELZESwTBI09jh/IBMXHBZwI4
|
||||||
|
H1gOD5YENpf0yUbLjVu4p82Qly10y58XFnUmYay0EnEgdPOOVViovGEqTiAHMmm5
|
||||||
|
JixtwJDz7a6Prb+owIg27/eE1/E6hpfXpU8U83qDYGkIJazLnufy32MTFE4T9fI4
|
||||||
|
hS8icFcNlsobZp+1pB3YK4GV5BnvMwOIVXVlP8yMCRTDRWZ4oYmAZ5apD7OXyNwe
|
||||||
|
SUP2mCNNlQCqyjRsxj5S1lZQRy1sLQztU5Sff4xYNK+5aPgJACmvSi3uaJAxBloo
|
||||||
|
4xCCYzxhaBlvwVISJXZTq76VSPybeQ+pmSZFMleNnWOstvevLFeOoH2Is0Ioi1Fe
|
||||||
|
vnu5r0D0VYsb746wyRooiEuOAjBmni8X/je6Vwr1gb/WZfZ23EwYpGyakJdxLNv3
|
||||||
|
Li+LD9vUfOR80WL608sUU45tAx1RAy6QcH/YDtdClbOdK53+cQVTsYnCvDW8uGlO
|
||||||
|
scQWgk+od3qvo6yCPO7pRlEd3nedcPSGh/KjBHao6eP+bsVERp733Vb9qrEVwmxv
|
||||||
|
jlZ1m12V63wHVu9uMAGi9MhK+2Q/l7uLTj03OYpi4NYKL2Bu01VXfoxuauuZLdIJ
|
||||||
|
Z3ZV+qUcjzZI0PBlGxubq6CqVFoSB7nhHUbcdPQ66WUnwoKq0cKmE7VOlJQvJ07u
|
||||||
|
/Wsl8BIsxODVt0rTzEAx0hTd5mJCX7sCawRt+NF+1DZizl9ouebNMkNlsEAg4Ps0
|
||||||
|
bQerZLcOmpYjGa5+lWDwJIMXVIcxwTmQR86stlP/KQm0vdOvH2ZUWTXcYvCYlHkQ
|
||||||
|
sgVnnA2wt+7UpZnEBHy04ry+jYaSsPdYgwIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
wiregrill = {
|
||||||
|
ip6.addr = w6 "3";
|
||||||
|
aliases = [
|
||||||
|
"xerxes.w"
|
||||||
|
];
|
||||||
|
wireguard.pubkey = "UTm8B8YUVvBGqwwxAUMVFsVQFQGQ6jbcXAavZ8LxYT8=";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
secure = true;
|
||||||
|
ssh.privkey.path = <secrets/ssh.id_ed25519>;
|
||||||
|
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HyLyaIvVH0qHIQ4ciKhDiElhSqsK+uXcA6lTvL+5n";
|
||||||
|
syncthing.id = "EA76ZHP-DF2I3CJ-NNTFEUH-YGPQK5S-T7FQ6JA-BNQQUNC-GF2YL46-CKOZCQM";
|
||||||
|
};
|
||||||
red = {
|
red = {
|
||||||
monitoring = false;
|
monitoring = false;
|
||||||
cores = 1;
|
cores = 1;
|
||||||
@ -626,7 +675,7 @@ in {
|
|||||||
};
|
};
|
||||||
lass-xerxes = {
|
lass-xerxes = {
|
||||||
mail = "lass@xerxes.r";
|
mail = "lass@xerxes.r";
|
||||||
pubkey = builtins.readFile ./ssh/xerxes.rsa;
|
pubkey = builtins.readFile ./ssh/xerxes.ed25519;
|
||||||
};
|
};
|
||||||
lass-daedalus = {
|
lass-daedalus = {
|
||||||
mail = "lass@daedalus.r";
|
mail = "lass@daedalus.r";
|
||||||
|
1
krebs/3modules/lass/ssh/xerxes.ed25519
Normal file
1
krebs/3modules/lass/ssh/xerxes.ed25519
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwCq56DGqj/kz8d8ax0xIl29jV9f3tUtDgtnCnS1b4q lass@xerxes
|
@ -1 +0,0 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgGjBN0aFs6GxNwMjCvlddbN6+vb6LZuWiWWe+wbAynaGuGbae0TXCLp0/eMNy7fH8poDjpdW9M4mKbBFKOqyG8WJLCPFoQw761tjKl1hccJn0hFSkQAEGKxtfzHlAl/Mz+59yvqNg7/WNSivv41hE7btYltzRy238VQDYFv2eLM7acyxrgGo7tWOtkbpfELj5cM8Qw1j3TF9bGV5pK6IOEtaHbmalS8Iiz77syAu+6E/y6zKBTtGMHI15l6RNJ/Y7A1LM/WwuNL+9dJMYWJFVHy3/4dpaxiioHREiSawUbz9wNHknCrT6vaPCIVVcujhz9Oee1C5UiYUyyfJrFYdlzaTg7FuLNIt2hKMY6NYx1D8/Pwpq1JOsaEfK/K5ytCgaJb115mRevcaUA5s7KYNWHmmZvy08JzCgSM6ZPRtfkQIcha77wVq6DugJ+KgBz+oADQRKiaMrumOMldd0B3q4Oxb71gDTE1XLAbWJnd/0Up1H5GAtZZUUrMUslZiU/23R6SOkyEMLWQTx/KgkWcz8DZLtib5o03uZpfJDVqp2CR+sjmy4x9aa+lSaOzuZP0KRyg+mOKl0o3zL7TNAzrzSCORVBg7nOh+0SPJkDxVRkc6dVY1L3ZOfdm2P/19fhWEr5ECgVrmYYKnDPwWY1iWJlZsiEc3Mj7KB1m44ov0FJg2hiNnydImqcXTCoszp515MBmeHnpqJsqEZuWS8dAnaEiOwZaSKIO1E7lQ7CoP86+eD4yAwLq6fb2tgjHT69LgDMaIha4hMfrO2o4UDVw9OZMfnPtyatI4pxplaQDoQM1p0dej0rZ7uxL1tfoKAyT0UCdtjhxfnNs0x1gOQbML4eGbqyKuyF82eOQRgKRDqH/tParoE4SRBVi7o3s0kILRmXA3ng3n1uhEiGwPTH8JsQ9huM+XOhH8+CzQeg4yb/jCrhsDzvLaW654+ouq9G+kjwqmO4vLNs5eZxfae84rppbS2MJqK1x8rkJixvKBKEfvYJOuDNV+hXyMbToaq8qtGy7cCSq4+UDio3DsSHY0Tpt9e+yEzoOOqFQLQyq6uHv/+u9MY+VADoa4N64U3S2SXul9tE3g6hOAY0F5BYMbxQSuj59kzwghlAmbsyWN2FCmWdsfCQkkZX7wCTj20DtZB/GdVSGNgHGAoU5JZrXKca3A2Yc9hzbYjyNYr0NmQ9NUbkbaOkcYJRIUXtS2OBOHP+FoUkkqL3ieKXR07l5xJbWLzbyVUxN9Zii4Baj5xnDO/RLZPDvTUxbER/0d1orMZztL2EKmfSn4j4uhWqpi04Rg9sWH+WVLAq22EKhAuqcFEOUimjcyZWYKxcAq5Z51NJNBQB7euz55eCJUZkBUYEpNuYr0UDlmBxKB2r6ZWDeNXT7eLxBdwDHCHSqXV7qOG1vMhHtjbbxmQMnkQ4InhO9TdpaN3tj67nGmc6hhgYO4b7NvyL1/pvDPrHrR/3GzkDkwqvt3uESdVdqAJSCk6gFh9V1aGs= lass@xerxes
|
|
@ -36,6 +36,32 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
rofl = {
|
||||||
|
nets = {
|
||||||
|
retiolum = {
|
||||||
|
ip4.addr = "10.243.42.43";
|
||||||
|
aliases = [
|
||||||
|
"rofl.r"
|
||||||
|
];
|
||||||
|
tinc.pubkey = ''
|
||||||
|
-----BEGIN PUBLIC KEY-----
|
||||||
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnysdVVwxkmSroNUleYZm
|
||||||
|
xdaIB9EdZYCo2xj3WyhsD2lWMpj51FzSH6Y052Vy1V1TCuIXIwjidpmMohBvflG8
|
||||||
|
txKCaBGQOZbVqRgzyCDXsNisbr05ayYuHcRrXTpn5ask4HN0Vtx2uJOn8YmOxA0D
|
||||||
|
VhyEnf8xWu+vi8dwDqRVR17QnPBYqgenzIBmAuRngvNqg6WZg+E9X2e1Dco/PMzb
|
||||||
|
VW0AgC2+zFCl4+G7dEW7uhsI6IJLy4LsJuEN4TlvWAf7tfdFEnBzTfODW8quGdts
|
||||||
|
1Yzah4svPNNt9F1ZhOR/1bDsfVoOjI76BgB0G+ZZPQAGV1zxgn8DXSKi/tJTLNu1
|
||||||
|
vj/n9sUJfXMYQdTAOkABghCyEDFUspPKCffQqUXUcJbLKY9fNssGGBeanMsobUQC
|
||||||
|
Ch9z7kIJ52JDcP/D58z9Yf62P5ENqXzeVPCcodIOey1EizOu/FH3jVo52we1M5sp
|
||||||
|
1iM4hMc3ZINUBI9AA1nLWWlB3lBnErAXrhmMMHjcO4nO7/M0YU+EalkDB5eIhqiH
|
||||||
|
QJx7VnOE2UZYU9Y0vVNSWfYocU12aABK98T7lr5Tde4dI1J81sk2MUZcbNHger3f
|
||||||
|
NxpvNzOBpeC5xvq/ENCRR7MDf/59xWW5P5N7PbGprLQAi8cfdSoIEhSPz17Taq1f
|
||||||
|
3aAAePgBsZvRQozxXZfqp58CAwEAAQ==
|
||||||
|
-----END PUBLIC KEY-----
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
p1nk = {
|
p1nk = {
|
||||||
nets = {
|
nets = {
|
||||||
retiolum = {
|
retiolum = {
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"url": "https://github.com/NixOS/nixpkgs-channels",
|
"url": "https://github.com/NixOS/nixpkgs-channels",
|
||||||
"rev": "d77e3bd661354ea775a8cacc97bb59ddde513c09",
|
"rev": "754763ff4ba1dd03fe3fad3a0fea36d2e39f5860",
|
||||||
"date": "2019-06-18T23:08:17+02:00",
|
"date": "2019-07-05T14:34:03+02:00",
|
||||||
"sha256": "1m82zs00n6nc0pkdpmd9amm013qxwksjfhzcm6gck3p469q7n866",
|
"sha256": "10752kda1rzljlpcchi826hmbc8853vnbg9rkh7s89mxq6yjnm15",
|
||||||
"fetchSubmodules": false
|
"fetchSubmodules": false
|
||||||
}
|
}
|
||||||
|
35
lass/1systems/xerxes/config.nix
Normal file
35
lass/1systems/xerxes/config.nix
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/lass>
|
||||||
|
|
||||||
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
|
<stockholm/lass/2configs/browsers.nix>
|
||||||
|
<stockholm/lass/2configs/programs.nix>
|
||||||
|
<stockholm/lass/2configs/network-manager.nix>
|
||||||
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/games.nix>
|
||||||
|
<stockholm/lass/2configs/steam.nix>
|
||||||
|
<stockholm/lass/2configs/wine.nix>
|
||||||
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
|
<stockholm/lass/2configs/pass.nix>
|
||||||
|
<stockholm/lass/2configs/mail.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.xerxes;
|
||||||
|
|
||||||
|
services.xserver = {
|
||||||
|
displayManager.lightdm.autoLogin.enable = true;
|
||||||
|
displayManager.lightdm.autoLogin.user = "lass";
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.blacklistedKernelModules = [
|
||||||
|
"xpad"
|
||||||
|
];
|
||||||
|
|
||||||
|
lass.screenlock.enable = lib.mkForce false;
|
||||||
|
}
|
33
lass/1systems/xerxes/icarus/config.nix
Normal file
33
lass/1systems/xerxes/icarus/config.nix
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
<stockholm/lass>
|
||||||
|
|
||||||
|
<stockholm/lass/2configs/mouse.nix>
|
||||||
|
<stockholm/lass/2configs/retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/git.nix>
|
||||||
|
<stockholm/lass/2configs/exim-retiolum.nix>
|
||||||
|
<stockholm/lass/2configs/baseX.nix>
|
||||||
|
#<stockholm/lass/2configs/browsers.nix>
|
||||||
|
<stockholm/lass/2configs/programs.nix>
|
||||||
|
<stockholm/lass/2configs/fetchWallpaper.nix>
|
||||||
|
<stockholm/lass/2configs/games.nix>
|
||||||
|
<stockholm/lass/2configs/bitcoin.nix>
|
||||||
|
<stockholm/lass/2configs/wine.nix>
|
||||||
|
#<stockholm/lass/2configs/blue-host.nix>
|
||||||
|
#<stockholm/lass/2configs/xtreemfs.nix>
|
||||||
|
<stockholm/lass/2configs/syncthing.nix>
|
||||||
|
<stockholm/lass/2configs/nfs-dl.nix>
|
||||||
|
#<stockholm/lass/2configs/prism-share.nix>
|
||||||
|
<stockholm/lass/2configs/ssh-cryptsetup.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.icarus;
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
macchanger
|
||||||
|
nix-review
|
||||||
|
];
|
||||||
|
programs.adb.enable = true;
|
||||||
|
}
|
25
lass/1systems/xerxes/icarus/physical.nix
Normal file
25
lass/1systems/xerxes/icarus/physical.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./config.nix
|
||||||
|
<stockholm/lass/2configs/hw/x220.nix>
|
||||||
|
<stockholm/lass/2configs/boot/coreboot.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
fileSystems = {
|
||||||
|
"/bku" = {
|
||||||
|
device = "/dev/mapper/pool-bku";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = ["defaults" "noatime" "ssd" "compress=lzo"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="net", ATTR{address}=="00:24:d7:f0:a0:0c", NAME="wl0"
|
||||||
|
SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:71:cb:35", NAME="et0"
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.thinkfan.enable = true;
|
||||||
|
services.tlp.extraConfig = ''
|
||||||
|
START_CHARGE_THRESH_BAT0=80
|
||||||
|
'';
|
||||||
|
}
|
86
lass/1systems/xerxes/physical.nix
Normal file
86
lass/1systems/xerxes/physical.nix
Normal file
@ -0,0 +1,86 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./config.nix
|
||||||
|
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.zfs.enableUnstable = true;
|
||||||
|
boot.loader.grub = {
|
||||||
|
enable = true;
|
||||||
|
device = "/dev/sda";
|
||||||
|
efiSupport = true;
|
||||||
|
};
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
# TODO fix touchscreen
|
||||||
|
boot.blacklistedKernelModules = [
|
||||||
|
"goodix"
|
||||||
|
];
|
||||||
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.initrd.luks.devices.crypted.device = "/dev/sda3";
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
boot.kernelParams = [
|
||||||
|
"fbcon=rotate:1"
|
||||||
|
"boot.shell_on_fail"
|
||||||
|
];
|
||||||
|
|
||||||
|
services.xserver.displayManager.sessionCommands = ''
|
||||||
|
(sleep 2 && ${pkgs.xorg.xrandr}/bin/xrandr --output eDP-1 --rotate right)
|
||||||
|
(sleep 2 && ${pkgs.xorg.xinput}/bin/xinput set-prop 'Goodix Capacitive TouchScreen' 'Coordinate Transformation Matrix' 0 1 0 -1 0 1 0 0 1)
|
||||||
|
'';
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "rpool/root";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/home" = {
|
||||||
|
device = "rpool/home";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/E749-784C";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
boot.extraModprobeConfig = ''
|
||||||
|
options zfs zfs_arc_max=1073741824
|
||||||
|
'';
|
||||||
|
|
||||||
|
nix.maxJobs = lib.mkDefault 4;
|
||||||
|
|
||||||
|
networking.hostId = "9b0a74ac";
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
hardware.opengl.enable = true;
|
||||||
|
|
||||||
|
services.tlp.enable = true;
|
||||||
|
services.tlp.extraConfig = ''
|
||||||
|
CPU_SCALING_GOVERNOR_ON_AC=ondemand
|
||||||
|
CPU_SCALING_GOVERNOR_ON_BAT=powersave
|
||||||
|
CPU_MIN_PERF_ON_AC=0
|
||||||
|
CPU_MAX_PERF_ON_AC=100
|
||||||
|
CPU_MIN_PERF_ON_BAT=0
|
||||||
|
CPU_MAX_PERF_ON_BAT=30
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.logind.extraConfig = ''
|
||||||
|
HandlePowerKey=suspend
|
||||||
|
IdleAction=suspend
|
||||||
|
IdleActionSec=300
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.xserver.extraConfig = ''
|
||||||
|
Section "Device"
|
||||||
|
Identifier "Intel Graphics"
|
||||||
|
Driver "Intel"
|
||||||
|
Option "TearFree" "true"
|
||||||
|
EndSection
|
||||||
|
'';
|
||||||
|
}
|
@ -62,6 +62,7 @@ in {
|
|||||||
wcalc
|
wcalc
|
||||||
wget
|
wget
|
||||||
xz
|
xz
|
||||||
|
zbackup
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||||
@ -71,6 +72,19 @@ in {
|
|||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
services.openssh.passwordAuthentication = false;
|
services.openssh.passwordAuthentication = false;
|
||||||
|
|
||||||
|
services.codimd = {
|
||||||
|
enable = true;
|
||||||
|
workDir = "/storage/codimd";
|
||||||
|
configuration = {
|
||||||
|
port = 1337;
|
||||||
|
host = "0.0.0.0";
|
||||||
|
db = {
|
||||||
|
dialect = "sqlite";
|
||||||
|
storage = "/storage/codimd/db.codimd.sqlite";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
networking.wireless.enable = false;
|
networking.wireless.enable = false;
|
||||||
networking.networkmanager.enable = false;
|
networking.networkmanager.enable = false;
|
||||||
krebs.iptables.enable = true;
|
krebs.iptables.enable = true;
|
||||||
|
@ -5,6 +5,7 @@ in {
|
|||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
<stockholm/mb>
|
<stockholm/mb>
|
||||||
|
<stockholm/mb/2configs/nvim.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.orange;
|
krebs.build.host = config.krebs.hosts.orange;
|
||||||
@ -124,15 +125,19 @@ in {
|
|||||||
unstable.ponyc
|
unstable.ponyc
|
||||||
unstable.sublime3
|
unstable.sublime3
|
||||||
unstable.youtube-dl
|
unstable.youtube-dl
|
||||||
vim
|
|
||||||
virt-viewer
|
virt-viewer
|
||||||
virtmanager
|
virtmanager
|
||||||
vulnix
|
vulnix
|
||||||
wcalc
|
wcalc
|
||||||
wget
|
wget
|
||||||
xz
|
xz
|
||||||
|
zbackup
|
||||||
];
|
];
|
||||||
|
|
||||||
|
environment.variables = {
|
||||||
|
EDITOR = ["nvim"];
|
||||||
|
};
|
||||||
|
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
ll = "ls -alh";
|
ll = "ls -alh";
|
||||||
ls = "ls --color=tty";
|
ls = "ls --color=tty";
|
||||||
|
@ -5,6 +5,7 @@ in {
|
|||||||
[ # Include the results of the hardware scan.
|
[ # Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
<stockholm/mb>
|
<stockholm/mb>
|
||||||
|
<stockholm/mb/2configs/nvim.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.p1nk;
|
krebs.build.host = config.krebs.hosts.p1nk;
|
||||||
@ -118,13 +119,13 @@ in {
|
|||||||
unstable.ponyc
|
unstable.ponyc
|
||||||
unstable.sublime3
|
unstable.sublime3
|
||||||
youtube-dl
|
youtube-dl
|
||||||
vim
|
|
||||||
virt-viewer
|
virt-viewer
|
||||||
virtmanager
|
virtmanager
|
||||||
vulnix
|
vulnix
|
||||||
wcalc
|
wcalc
|
||||||
wget
|
wget
|
||||||
xz
|
xz
|
||||||
|
zbackup
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
@ -159,6 +160,7 @@ in {
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
windowManager.ratpoison.enable = true;
|
windowManager.ratpoison.enable = true;
|
||||||
|
windowManager.pekwm.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
103
mb/1systems/rofl/configuration.nix
Normal file
103
mb/1systems/rofl/configuration.nix
Normal file
@ -0,0 +1,103 @@
|
|||||||
|
{ config, pkgs, callPackage, ... }: let
|
||||||
|
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||||
|
in {
|
||||||
|
imports =
|
||||||
|
[ # Include the results of the hardware scan.
|
||||||
|
<stockholm/mb/2configs/google-compute-config.nix>
|
||||||
|
<stockholm/mb>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.rofl;
|
||||||
|
|
||||||
|
i18n = {
|
||||||
|
consoleFont = "Lat2-Terminus16";
|
||||||
|
consoleKeyMap = "de";
|
||||||
|
defaultLocale = "en_US.UTF-8";
|
||||||
|
};
|
||||||
|
|
||||||
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
|
environment.shellAliases = {
|
||||||
|
ll = "ls -alh";
|
||||||
|
ls = "ls --color=tty";
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
curl
|
||||||
|
fish
|
||||||
|
git
|
||||||
|
htop
|
||||||
|
nmap
|
||||||
|
ranger
|
||||||
|
tcpdump
|
||||||
|
tmux
|
||||||
|
traceroute
|
||||||
|
tree
|
||||||
|
vim
|
||||||
|
xz
|
||||||
|
zbackup
|
||||||
|
];
|
||||||
|
|
||||||
|
sound.enable = false;
|
||||||
|
|
||||||
|
services.openssh.enable = true;
|
||||||
|
services.openssh.passwordAuthentication = false;
|
||||||
|
|
||||||
|
networking.wireless.enable = false;
|
||||||
|
networking.networkmanager.enable = false;
|
||||||
|
krebs.iptables.enable = true;
|
||||||
|
networking.enableIPv6 = false;
|
||||||
|
|
||||||
|
programs.fish = {
|
||||||
|
enable = true;
|
||||||
|
shellInit = ''
|
||||||
|
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||||
|
if begin
|
||||||
|
set -q SSH_AGENT_PID
|
||||||
|
and kill -0 $SSH_AGENT_PID
|
||||||
|
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||||
|
end
|
||||||
|
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||||
|
else
|
||||||
|
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||||
|
end
|
||||||
|
set -l identity $HOME/.ssh/id_rsa
|
||||||
|
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||||
|
ssh-add -l | grep -q $fingerprint
|
||||||
|
or ssh-add $identity
|
||||||
|
end
|
||||||
|
'';
|
||||||
|
promptInit = ''
|
||||||
|
function fish_prompt --description 'Write out the prompt'
|
||||||
|
set -l color_cwd
|
||||||
|
set -l suffix
|
||||||
|
set -l nix_shell_info (
|
||||||
|
if test "$IN_NIX_SHELL" != ""
|
||||||
|
echo -n " <nix-shell>"
|
||||||
|
end
|
||||||
|
)
|
||||||
|
switch "$USER"
|
||||||
|
case root toor
|
||||||
|
if set -q fish_color_cwd_root
|
||||||
|
set color_cwd $fish_color_cwd_root
|
||||||
|
else
|
||||||
|
set color_cwd $fish_color_cwd
|
||||||
|
end
|
||||||
|
set suffix '#'
|
||||||
|
case '*'
|
||||||
|
set color_cwd $fish_color_cwd
|
||||||
|
set suffix '>'
|
||||||
|
end
|
||||||
|
|
||||||
|
echo -n -s "$USER" @ (set_color green) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||||
|
end
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
system.autoUpgrade.enable = false;
|
||||||
|
system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03";
|
||||||
|
system.stateVersion = "19.03";
|
||||||
|
|
||||||
|
}
|
181
mb/1systems/sunsh1n3/configuration.nix
Normal file
181
mb/1systems/sunsh1n3/configuration.nix
Normal file
@ -0,0 +1,181 @@
|
|||||||
|
|
||||||
|
{ config, pkgs, ... }: let
|
||||||
|
unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; };
|
||||||
|
in {
|
||||||
|
imports =
|
||||||
|
[ # Include the results of the hardware scan.
|
||||||
|
./hardware-configuration.nix
|
||||||
|
<stockholm/mb>
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.host = config.krebs.hosts.sunsh1n3;
|
||||||
|
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
|
# Use the systemd-boot EFI boot loader.
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||||
|
|
||||||
|
boot.initrd.luks.devices = [
|
||||||
|
{
|
||||||
|
name = "root";
|
||||||
|
device = "/dev/disk/by-uuid/5354ba31-c7de-4b55-8f86-a2a437dfbb21";
|
||||||
|
preLVM = true;
|
||||||
|
allowDiscards = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
i18n = {
|
||||||
|
consoleFont = "Lat2-Terminus16";
|
||||||
|
consoleKeyMap = "de";
|
||||||
|
defaultLocale = "en_US.UTF-8";
|
||||||
|
};
|
||||||
|
|
||||||
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
nixpkgs.config.packageOverrides = super : {
|
||||||
|
openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = true ; };
|
||||||
|
};
|
||||||
|
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
|
fonts = {
|
||||||
|
enableCoreFonts = true;
|
||||||
|
enableGhostscriptFonts = true;
|
||||||
|
fonts = with pkgs; [
|
||||||
|
anonymousPro
|
||||||
|
corefonts
|
||||||
|
dejavu_fonts
|
||||||
|
envypn-font
|
||||||
|
fira
|
||||||
|
gentium
|
||||||
|
gohufont
|
||||||
|
inconsolata
|
||||||
|
liberation_ttf
|
||||||
|
powerline-fonts
|
||||||
|
source-code-pro
|
||||||
|
terminus_font
|
||||||
|
ttf_bitstream_vera
|
||||||
|
ubuntu_font_family
|
||||||
|
unifont
|
||||||
|
unstable.cherry
|
||||||
|
xorg.fontbitstream100dpi
|
||||||
|
xorg.fontbitstream75dpi
|
||||||
|
xorg.fontbitstreamtype1
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
wget vim git curl fish
|
||||||
|
ag
|
||||||
|
chromium
|
||||||
|
firefox
|
||||||
|
gimp
|
||||||
|
p7zip
|
||||||
|
htop
|
||||||
|
mpv
|
||||||
|
mpvc
|
||||||
|
nmap
|
||||||
|
ntfs3g
|
||||||
|
keepassx2
|
||||||
|
sshfs
|
||||||
|
#unstable.skrooge
|
||||||
|
skrooge
|
||||||
|
unstable.alacritty
|
||||||
|
tmux
|
||||||
|
tree
|
||||||
|
wcalc
|
||||||
|
virtmanager
|
||||||
|
virt-viewer
|
||||||
|
(wine.override { wineBuild = "wineWow"; })
|
||||||
|
xz
|
||||||
|
zbackup
|
||||||
|
];
|
||||||
|
|
||||||
|
virtualisation.libvirtd.enable = true;
|
||||||
|
virtualisation.kvmgt.enable = true;
|
||||||
|
|
||||||
|
# Some programs need SUID wrappers, can be configured further or are
|
||||||
|
# started in user sessions.
|
||||||
|
# programs.mtr.enable = true;
|
||||||
|
|
||||||
|
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||||
|
programs.dconf.enable = true;
|
||||||
|
|
||||||
|
# Enable the OpenSSH daemon.
|
||||||
|
services.openssh.enable = true;
|
||||||
|
services.openssh.passwordAuthentication = false;
|
||||||
|
|
||||||
|
krebs.iptables.enable = true;
|
||||||
|
#networking.wireless.enable = true;
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
networking.enableIPv6 = false;
|
||||||
|
|
||||||
|
# Enable sound.
|
||||||
|
sound.enable = true;
|
||||||
|
hardware.pulseaudio.enable = true;
|
||||||
|
hardware.pulseaudio.support32Bit = true;
|
||||||
|
nixpkgs.config.pulseaudio = true;
|
||||||
|
|
||||||
|
services.xserver.enable = true;
|
||||||
|
services.xserver.layout = "de";
|
||||||
|
services.xserver.xkbOptions = "nodeadkeys";
|
||||||
|
services.xserver.libinput.enable = true;
|
||||||
|
|
||||||
|
# Enable the KDE Desktop Environment.
|
||||||
|
services.xserver.displayManager.sddm.enable = true;
|
||||||
|
services.xserver.desktopManager.plasma5.enable = true;
|
||||||
|
|
||||||
|
programs.fish = {
|
||||||
|
enable = true;
|
||||||
|
shellInit = ''
|
||||||
|
function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity'
|
||||||
|
if begin
|
||||||
|
set -q SSH_AGENT_PID
|
||||||
|
and kill -0 $SSH_AGENT_PID
|
||||||
|
and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline
|
||||||
|
end
|
||||||
|
echo "ssh-agent running on pid $SSH_AGENT_PID"
|
||||||
|
else
|
||||||
|
eval (command ssh-agent -c | sed 's/^setenv/set -Ux/')
|
||||||
|
end
|
||||||
|
set -l identity $HOME/.ssh/id_rsa
|
||||||
|
set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}')
|
||||||
|
ssh-add -l | grep -q $fingerprint
|
||||||
|
or ssh-add $identity
|
||||||
|
end
|
||||||
|
'';
|
||||||
|
promptInit = ''
|
||||||
|
function fish_prompt --description 'Write out the prompt'
|
||||||
|
set -l color_cwd
|
||||||
|
set -l suffix
|
||||||
|
set -l nix_shell_info (
|
||||||
|
if test "$IN_NIX_SHELL" != ""
|
||||||
|
echo -n " <nix-shell>"
|
||||||
|
end
|
||||||
|
)
|
||||||
|
switch "$USER"
|
||||||
|
case root toor
|
||||||
|
if set -q fish_color_cwd_root
|
||||||
|
set color_cwd $fish_color_cwd_root
|
||||||
|
else
|
||||||
|
set color_cwd $fish_color_cwd
|
||||||
|
end
|
||||||
|
set suffix '#'
|
||||||
|
case '*'
|
||||||
|
set color_cwd $fish_color_cwd
|
||||||
|
set suffix '>'
|
||||||
|
end
|
||||||
|
|
||||||
|
echo -n -s "$USER" @ (set_color yellow) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix "
|
||||||
|
end
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
nix.buildCores = 4;
|
||||||
|
|
||||||
|
system.stateVersion = "19.09";
|
||||||
|
|
||||||
|
}
|
29
mb/1systems/sunsh1n3/hardware-configuration.nix
Normal file
29
mb/1systems/sunsh1n3/hardware-configuration.nix
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/a3257922-d2d4-45ae-87cc-cc38d32e0774";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" =
|
||||||
|
{ device = "/dev/disk/by-uuid/60A6-4DAB";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
nix.maxJobs = lib.mkDefault 4;
|
||||||
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
}
|
@ -21,6 +21,29 @@ with import <stockholm/lib>;
|
|||||||
"video"
|
"video"
|
||||||
"fuse"
|
"fuse"
|
||||||
"wheel"
|
"wheel"
|
||||||
|
"kvm"
|
||||||
|
"qemu-libvirtd"
|
||||||
|
"libvirtd"
|
||||||
|
];
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.mb.pubkey
|
||||||
|
];
|
||||||
|
};
|
||||||
|
xo = {
|
||||||
|
name = "xo";
|
||||||
|
uid = 2323;
|
||||||
|
home = "/home/xo";
|
||||||
|
group = "users";
|
||||||
|
createHome = true;
|
||||||
|
shell = "/run/current-system/sw/bin/fish";
|
||||||
|
extraGroups = [
|
||||||
|
"audio"
|
||||||
|
"video"
|
||||||
|
"fuse"
|
||||||
|
"wheel"
|
||||||
|
"kvm"
|
||||||
|
"qemu-libvirtd"
|
||||||
|
"libvirtd"
|
||||||
];
|
];
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.mb.pubkey
|
config.krebs.users.mb.pubkey
|
||||||
|
231
mb/2configs/google-compute-config.nix
Normal file
231
mb/2configs/google-compute-config.nix
Normal file
@ -0,0 +1,231 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
with lib;
|
||||||
|
let
|
||||||
|
gce = pkgs.google-compute-engine;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./headless.nix
|
||||||
|
./qemu-guest.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-label/nixos";
|
||||||
|
autoResize = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
boot.growPartition = true;
|
||||||
|
boot.kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
|
||||||
|
boot.initrd.kernelModules = [ "virtio_scsi" ];
|
||||||
|
boot.kernelModules = [ "virtio_pci" "virtio_net" ];
|
||||||
|
|
||||||
|
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
|
||||||
|
boot.loader.grub.device = "/dev/sda";
|
||||||
|
boot.loader.timeout = 0;
|
||||||
|
|
||||||
|
# Don't put old configurations in the GRUB menu. The user has no
|
||||||
|
# way to select them anyway.
|
||||||
|
boot.loader.grub.configurationLimit = 0;
|
||||||
|
|
||||||
|
# Allow root logins only using the SSH key that the user specified
|
||||||
|
# at instance creation time.
|
||||||
|
#services.openssh.enable = true;
|
||||||
|
#services.openssh.permitRootLogin = "prohibit-password";
|
||||||
|
#services.openssh.passwordAuthentication = mkDefault false;
|
||||||
|
|
||||||
|
# Use GCE udev rules for dynamic disk volumes
|
||||||
|
services.udev.packages = [ gce ];
|
||||||
|
|
||||||
|
# Force getting the hostname from Google Compute.
|
||||||
|
networking.hostName = mkDefault "";
|
||||||
|
|
||||||
|
# Always include cryptsetup so that NixOps can use it.
|
||||||
|
environment.systemPackages = [ pkgs.cryptsetup ];
|
||||||
|
|
||||||
|
# Make sure GCE image does not replace host key that NixOps sets
|
||||||
|
environment.etc."default/instance_configs.cfg".text = lib.mkDefault ''
|
||||||
|
[InstanceSetup]
|
||||||
|
set_host_keys = false
|
||||||
|
'';
|
||||||
|
|
||||||
|
# Rely on GCP's firewall instead
|
||||||
|
networking.firewall.enable = mkDefault false;
|
||||||
|
|
||||||
|
# Configure default metadata hostnames
|
||||||
|
networking.extraHosts = ''
|
||||||
|
169.254.169.254 metadata.google.internal metadata
|
||||||
|
'';
|
||||||
|
|
||||||
|
networking.timeServers = [ "metadata.google.internal" ];
|
||||||
|
|
||||||
|
networking.usePredictableInterfaceNames = false;
|
||||||
|
|
||||||
|
# GC has 1460 MTU
|
||||||
|
networking.interfaces.eth0.mtu = 1460;
|
||||||
|
|
||||||
|
security.googleOsLogin.enable = true;
|
||||||
|
|
||||||
|
systemd.services.google-clock-skew-daemon = {
|
||||||
|
description = "Google Compute Engine Clock Skew Daemon";
|
||||||
|
after = [
|
||||||
|
"network.target"
|
||||||
|
"google-instance-setup.service"
|
||||||
|
"google-network-setup.service"
|
||||||
|
];
|
||||||
|
requires = ["network.target"];
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "simple";
|
||||||
|
ExecStart = "${gce}/bin/google_clock_skew_daemon --debug";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.google-instance-setup = {
|
||||||
|
description = "Google Compute Engine Instance Setup";
|
||||||
|
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service"];
|
||||||
|
before = ["sshd.service"];
|
||||||
|
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||||
|
wantedBy = [ "sshd.service" "multi-user.target" ];
|
||||||
|
path = with pkgs; [ ethtool openssh ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${gce}/bin/google_instance_setup --debug";
|
||||||
|
Type = "oneshot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.google-network-daemon = {
|
||||||
|
description = "Google Compute Engine Network Daemon";
|
||||||
|
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service" "google-instance-setup.service"];
|
||||||
|
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||||
|
requires = ["network.target"];
|
||||||
|
partOf = ["network.target"];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
path = with pkgs; [ iproute ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${gce}/bin/google_network_daemon --debug";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.google-shutdown-scripts = {
|
||||||
|
description = "Google Compute Engine Shutdown Scripts";
|
||||||
|
after = [
|
||||||
|
"local-fs.target"
|
||||||
|
"network-online.target"
|
||||||
|
"network.target"
|
||||||
|
"rsyslog.service"
|
||||||
|
"systemd-resolved.service"
|
||||||
|
"google-instance-setup.service"
|
||||||
|
"google-network-daemon.service"
|
||||||
|
];
|
||||||
|
wants = [ "local-fs.target" "network-online.target" "network.target"];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${pkgs.coreutils}/bin/true";
|
||||||
|
ExecStop = "${gce}/bin/google_metadata_script_runner --debug --script-type shutdown";
|
||||||
|
Type = "oneshot";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
TimeoutStopSec = "infinity";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.google-startup-scripts = {
|
||||||
|
description = "Google Compute Engine Startup Scripts";
|
||||||
|
after = [
|
||||||
|
"local-fs.target"
|
||||||
|
"network-online.target"
|
||||||
|
"network.target"
|
||||||
|
"rsyslog.service"
|
||||||
|
"google-instance-setup.service"
|
||||||
|
"google-network-daemon.service"
|
||||||
|
];
|
||||||
|
wants = ["local-fs.target" "network-online.target" "network.target"];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
ExecStart = "${gce}/bin/google_metadata_script_runner --debug --script-type startup";
|
||||||
|
KillMode = "process";
|
||||||
|
Type = "oneshot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# Settings taken from https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
|
||||||
|
boot.kernel.sysctl = {
|
||||||
|
# Turn on SYN-flood protections. Starting with 2.6.26, there is no loss
|
||||||
|
# of TCP functionality/features under normal conditions. When flood
|
||||||
|
# protections kick in under high unanswered-SYN load, the system
|
||||||
|
# should remain more stable, with a trade off of some loss of TCP
|
||||||
|
# functionality/features (e.g. TCP Window scaling).
|
||||||
|
"net.ipv4.tcp_syncookies" = mkDefault "1";
|
||||||
|
|
||||||
|
# ignores source-routed packets
|
||||||
|
"net.ipv4.conf.all.accept_source_route" = mkDefault "0";
|
||||||
|
|
||||||
|
# ignores source-routed packets
|
||||||
|
"net.ipv4.conf.default.accept_source_route" = mkDefault "0";
|
||||||
|
|
||||||
|
# ignores ICMP redirects
|
||||||
|
"net.ipv4.conf.all.accept_redirects" = mkDefault "0";
|
||||||
|
|
||||||
|
# ignores ICMP redirects
|
||||||
|
"net.ipv4.conf.default.accept_redirects" = mkDefault "0";
|
||||||
|
|
||||||
|
# ignores ICMP redirects from non-GW hosts
|
||||||
|
"net.ipv4.conf.all.secure_redirects" = mkDefault "1";
|
||||||
|
|
||||||
|
# ignores ICMP redirects from non-GW hosts
|
||||||
|
"net.ipv4.conf.default.secure_redirects" = mkDefault "1";
|
||||||
|
|
||||||
|
# don't allow traffic between networks or act as a router
|
||||||
|
"net.ipv4.ip_forward" = mkDefault "0";
|
||||||
|
|
||||||
|
# don't allow traffic between networks or act as a router
|
||||||
|
"net.ipv4.conf.all.send_redirects" = mkDefault "0";
|
||||||
|
|
||||||
|
# don't allow traffic between networks or act as a router
|
||||||
|
"net.ipv4.conf.default.send_redirects" = mkDefault "0";
|
||||||
|
|
||||||
|
# reverse path filtering - IP spoofing protection
|
||||||
|
"net.ipv4.conf.all.rp_filter" = mkDefault "1";
|
||||||
|
|
||||||
|
# reverse path filtering - IP spoofing protection
|
||||||
|
"net.ipv4.conf.default.rp_filter" = mkDefault "1";
|
||||||
|
|
||||||
|
# ignores ICMP broadcasts to avoid participating in Smurf attacks
|
||||||
|
"net.ipv4.icmp_echo_ignore_broadcasts" = mkDefault "1";
|
||||||
|
|
||||||
|
# ignores bad ICMP errors
|
||||||
|
"net.ipv4.icmp_ignore_bogus_error_responses" = mkDefault "1";
|
||||||
|
|
||||||
|
# logs spoofed, source-routed, and redirect packets
|
||||||
|
"net.ipv4.conf.all.log_martians" = mkDefault "1";
|
||||||
|
|
||||||
|
# log spoofed, source-routed, and redirect packets
|
||||||
|
"net.ipv4.conf.default.log_martians" = mkDefault "1";
|
||||||
|
|
||||||
|
# implements RFC 1337 fix
|
||||||
|
"net.ipv4.tcp_rfc1337" = mkDefault "1";
|
||||||
|
|
||||||
|
# randomizes addresses of mmap base, heap, stack and VDSO page
|
||||||
|
"kernel.randomize_va_space" = mkDefault "2";
|
||||||
|
|
||||||
|
# Reboot the machine soon after a kernel panic.
|
||||||
|
"kernel.panic" = mkDefault "10";
|
||||||
|
|
||||||
|
## Not part of the original config
|
||||||
|
|
||||||
|
# provides protection from ToCToU races
|
||||||
|
"fs.protected_hardlinks" = mkDefault "1";
|
||||||
|
|
||||||
|
# provides protection from ToCToU races
|
||||||
|
"fs.protected_symlinks" = mkDefault "1";
|
||||||
|
|
||||||
|
# makes locating kernel addresses more difficult
|
||||||
|
"kernel.kptr_restrict" = mkDefault "1";
|
||||||
|
|
||||||
|
# set ptrace protections
|
||||||
|
"kernel.yama.ptrace_scope" = mkOverride 500 "1";
|
||||||
|
|
||||||
|
# set perf only available to root
|
||||||
|
"kernel.perf_event_paranoid" = mkDefault "2";
|
||||||
|
};
|
||||||
|
}
|
25
mb/2configs/headless.nix
Normal file
25
mb/2configs/headless.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
# Common configuration for headless machines (e.g., Amazon EC2
|
||||||
|
# instances).
|
||||||
|
|
||||||
|
{ lib, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
{
|
||||||
|
boot.vesa = false;
|
||||||
|
|
||||||
|
# Don't start a tty on the serial consoles.
|
||||||
|
systemd.services."serial-getty@ttyS0".enable = false;
|
||||||
|
systemd.services."serial-getty@hvc0".enable = false;
|
||||||
|
systemd.services."getty@tty1".enable = false;
|
||||||
|
systemd.services."autovt@".enable = false;
|
||||||
|
|
||||||
|
# Since we can't manually respond to a panic, just reboot.
|
||||||
|
boot.kernelParams = [ "panic=1" "boot.panic_on_fail" ];
|
||||||
|
|
||||||
|
# Don't allow emergency mode, because we don't have a console.
|
||||||
|
systemd.enableEmergencyMode = false;
|
||||||
|
|
||||||
|
# Being headless, we don't need a GRUB splash image.
|
||||||
|
boot.loader.grub.splashImage = null;
|
||||||
|
}
|
446
mb/2configs/neovimrc
Normal file
446
mb/2configs/neovimrc
Normal file
@ -0,0 +1,446 @@
|
|||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Functions
|
||||||
|
"*****************************************************************************
|
||||||
|
|
||||||
|
function! GetBufferList()
|
||||||
|
redir =>buflist
|
||||||
|
silent! ls!
|
||||||
|
redir END
|
||||||
|
return buflist
|
||||||
|
endfunction
|
||||||
|
|
||||||
|
function! ToggleList(bufname, pfx)
|
||||||
|
let buflist = GetBufferList()
|
||||||
|
for bufnum in map(filter(split(buflist, '\n'), 'v:val =~ "'.a:bufname.'"'), 'str2nr(matchstr(v:val, "\\d\\+"))')
|
||||||
|
if bufwinnr(bufnum) != -1
|
||||||
|
exec(a:pfx.'close')
|
||||||
|
return
|
||||||
|
endif
|
||||||
|
endfor
|
||||||
|
if a:pfx == 'l' && len(getloclist(0)) == 0
|
||||||
|
echohl ErrorMsg
|
||||||
|
echo "Location List is Empty."
|
||||||
|
return
|
||||||
|
endif
|
||||||
|
let winnr = winnr()
|
||||||
|
exec(a:pfx.'open')
|
||||||
|
if winnr() != winnr
|
||||||
|
wincmd p
|
||||||
|
endif
|
||||||
|
endfunction
|
||||||
|
|
||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Basic Setup
|
||||||
|
"*****************************************************************************"
|
||||||
|
" General
|
||||||
|
let no_buffers_menu=1
|
||||||
|
syntax on
|
||||||
|
set ruler
|
||||||
|
set number
|
||||||
|
set mousemodel=popup
|
||||||
|
set t_Co=256
|
||||||
|
set guioptions=egmrti
|
||||||
|
set gfn=Monospace\ 10
|
||||||
|
|
||||||
|
" TODO: Testing if this works against automatically setting paste mode
|
||||||
|
" Issue: https://github.com/neovim/neovim/issues/7994
|
||||||
|
au InsertLeave * set nopaste
|
||||||
|
|
||||||
|
|
||||||
|
" undofile - This allows you to use undos after exiting and restarting
|
||||||
|
" This, like swap and backups, uses .vim-undo first, then ~/.vim/undo
|
||||||
|
" :help undo-persistence
|
||||||
|
if exists("+undofile")
|
||||||
|
if isdirectory($HOME . '/.vim/undo') == 0
|
||||||
|
:silent !mkdir -p ~/.vim/undo > /dev/null 2>&1
|
||||||
|
endif
|
||||||
|
set undodir=./.vim-undo//
|
||||||
|
set undodir+=~/.vim/undo//
|
||||||
|
set undofile
|
||||||
|
endif
|
||||||
|
|
||||||
|
" Encoding
|
||||||
|
set encoding=utf-8
|
||||||
|
set fileencoding=utf-8
|
||||||
|
set fileencodings=utf-8
|
||||||
|
set bomb
|
||||||
|
set binary
|
||||||
|
|
||||||
|
" Fix backspace indent
|
||||||
|
set backspace=indent,eol,start
|
||||||
|
|
||||||
|
" Tabs. May be overriten by autocmd rules
|
||||||
|
set tabstop=4
|
||||||
|
set softtabstop=0
|
||||||
|
set shiftwidth=4
|
||||||
|
set expandtab
|
||||||
|
|
||||||
|
" Map leader to ,
|
||||||
|
let mapleader=','
|
||||||
|
|
||||||
|
" Enable hidden buffers
|
||||||
|
set hidden
|
||||||
|
|
||||||
|
" Searching
|
||||||
|
set hlsearch
|
||||||
|
set incsearch
|
||||||
|
set ignorecase
|
||||||
|
set smartcase
|
||||||
|
|
||||||
|
" Directories for swp files
|
||||||
|
set nobackup
|
||||||
|
set noswapfile
|
||||||
|
|
||||||
|
set fileformats=unix,dos,mac
|
||||||
|
|
||||||
|
" File overview
|
||||||
|
set wildmode=list:longest,list:full
|
||||||
|
set wildignore+=*.o,*.obj,.git,*.rbc,*.pyc,__pycache__
|
||||||
|
|
||||||
|
" Shell to emulate
|
||||||
|
if exists('$SHELL')
|
||||||
|
set shell=$SHELL
|
||||||
|
else
|
||||||
|
set shell=/bin/bash
|
||||||
|
endif
|
||||||
|
|
||||||
|
" Set color scheme
|
||||||
|
colorscheme molokai
|
||||||
|
|
||||||
|
"Show always Status bar
|
||||||
|
set laststatus=2
|
||||||
|
|
||||||
|
" Use modeline overrides
|
||||||
|
set modeline
|
||||||
|
set modelines=10
|
||||||
|
|
||||||
|
" Set terminal title
|
||||||
|
set title
|
||||||
|
set titleold="Terminal"
|
||||||
|
set titlestring=%F
|
||||||
|
|
||||||
|
" search will center on the line it's found in.
|
||||||
|
nnoremap n nzzzv
|
||||||
|
nnoremap N Nzzzv
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Abbreviations
|
||||||
|
"*****************************************************************************
|
||||||
|
" no one is really happy until you have this shortcuts
|
||||||
|
cnoreabbrev W! w!
|
||||||
|
cnoreabbrev Q! q!
|
||||||
|
cnoreabbrev Qall! qall!
|
||||||
|
cnoreabbrev Wq wq
|
||||||
|
cnoreabbrev Wa wa
|
||||||
|
cnoreabbrev wQ wq
|
||||||
|
cnoreabbrev WQ wq
|
||||||
|
cnoreabbrev W w
|
||||||
|
cnoreabbrev Q q
|
||||||
|
cnoreabbrev Qall qall
|
||||||
|
|
||||||
|
" NERDTree configuration
|
||||||
|
let g:NERDTreeChDirMode=2
|
||||||
|
let g:NERDTreeIgnore=['\.rbc$', '\~$', '\.pyc$', '\.db$', '\.sqlite$', '__pycache__']
|
||||||
|
let g:NERDTreeSortOrder=['^__\.py$', '\/$', '*', '\.swp$', '\.bak$', '\~$']
|
||||||
|
let g:NERDTreeShowBookmarks=1
|
||||||
|
let g:nerdtree_tabs_focus_on_files=1
|
||||||
|
let g:NERDTreeMapOpenInTabSilent = '<RightMouse>'
|
||||||
|
let g:NERDTreeWinSize = 50
|
||||||
|
set wildignore+=*/tmp/*,*.so,*.swp,*.zip,*.pyc,*.db,*.sqlite
|
||||||
|
nnoremap <silent> <F1> :NERDTreeFind<CR>
|
||||||
|
nnoremap <silent> <F2> :NERDTreeToggle<CR>
|
||||||
|
|
||||||
|
" open terminal emulation
|
||||||
|
nnoremap <silent> <leader>sh :terminal<CR>:startinsert<CR>
|
||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Autocmd Rules
|
||||||
|
"*****************************************************************************
|
||||||
|
"" The PC is fast enough, do syntax highlight syncing from start unless 200 lines
|
||||||
|
augroup vimrc-sync-fromstart
|
||||||
|
autocmd!
|
||||||
|
autocmd BufEnter * :syntax sync maxlines=200
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
" Nasm filetype
|
||||||
|
augroup nasm
|
||||||
|
autocmd!
|
||||||
|
autocmd BufRead,BufNewFile *.nasm set ft=nasm
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
" Binary filetype
|
||||||
|
augroup Binary
|
||||||
|
au!
|
||||||
|
au BufReadPre *.bin,*.exe,*.elf let &bin=1
|
||||||
|
au BufReadPost *.bin,*.exe,*.elf if &bin | %!xxd
|
||||||
|
au BufReadPost *.bin,*.exe,*.elf set ft=xxd | endif
|
||||||
|
au BufWritePre *.bin,*.exe,*.elf if &bin | %!xxd -r
|
||||||
|
au BufWritePre *.bin,*.exe,*.elf endif
|
||||||
|
au BufWritePost *.bin,*.exe,*.elf if &bin | %!xxd
|
||||||
|
au BufWritePost *.bin,*.exe,*.elf set nomod | endif
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
" Binary filetype
|
||||||
|
augroup fasm
|
||||||
|
au!
|
||||||
|
au BufReadPost *.fasm set ft=fasm
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
augroup deoplete-update
|
||||||
|
autocmd!
|
||||||
|
autocmd VimEnter * UpdateRemotePlugin
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
"" Remember cursor position
|
||||||
|
augroup vimrc-remember-cursor-position
|
||||||
|
autocmd!
|
||||||
|
autocmd BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g`\"" | endif
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
"" txt
|
||||||
|
" augroup vimrc-wrapping
|
||||||
|
" autocmd!
|
||||||
|
" autocmd BufRead,BufNewFile *.txt call s:setupWrapping()
|
||||||
|
" augroup END
|
||||||
|
|
||||||
|
"" make/cmake
|
||||||
|
augroup vimrc-make-cmake
|
||||||
|
autocmd!
|
||||||
|
autocmd FileType make setlocal noexpandtab
|
||||||
|
autocmd BufNewFile,BufRead CMakeLists.txt setlocal filetype=cmake
|
||||||
|
augroup END
|
||||||
|
|
||||||
|
set autoread
|
||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Mappings
|
||||||
|
"*****************************************************************************
|
||||||
|
|
||||||
|
" Split
|
||||||
|
noremap <Leader>h :<C-u>split<CR>
|
||||||
|
noremap <Leader>v :<C-u>vsplit<CR>
|
||||||
|
|
||||||
|
" Git
|
||||||
|
noremap <Leader>ga :Gwrite<CR>
|
||||||
|
noremap <Leader>gc :Gcommit<CR>
|
||||||
|
noremap <Leader>gsh :Gpush<CR>
|
||||||
|
noremap <Leader>gll :Gpull<CR>
|
||||||
|
noremap <Leader>gs :Gstatus<CR>
|
||||||
|
noremap <Leader>gb :Gblame<CR>
|
||||||
|
noremap <Leader>gd :Gvdiff<CR>
|
||||||
|
noremap <Leader>gr :Gremove<CR>
|
||||||
|
|
||||||
|
" Tabs
|
||||||
|
nnoremap <Tab> gt
|
||||||
|
nnoremap <S-Tab> gT
|
||||||
|
nnoremap <silent> <S-t> :tabnew<CR>
|
||||||
|
|
||||||
|
" Set working directory
|
||||||
|
nnoremap <leader>. :lcd %:p:h<CR>
|
||||||
|
|
||||||
|
" Opens an edit command with the path of the currently edited file filled in
|
||||||
|
noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR>
|
||||||
|
|
||||||
|
" Opens a tab edit command with the path of the currently edited file filled
|
||||||
|
noremap <Leader>te :tabe <C-R>=expand("%:p:h") . "/" <CR>
|
||||||
|
|
||||||
|
" Tagbar
|
||||||
|
nmap <silent> <F3> :TagbarToggle<CR>
|
||||||
|
let g:tagbar_autofocus = 1
|
||||||
|
|
||||||
|
" Copy/Paste/Cut
|
||||||
|
set clipboard^=unnamed,unnamedplus
|
||||||
|
|
||||||
|
noremap YY "+y<CR>
|
||||||
|
noremap <leader>p "+gP<CR>
|
||||||
|
noremap XX "+x<CR>
|
||||||
|
|
||||||
|
" Enable mouse for vim
|
||||||
|
set mouse=a
|
||||||
|
|
||||||
|
" Buffer nav
|
||||||
|
noremap <leader>z :bp<CR>
|
||||||
|
noremap <leader>q :bp<CR>
|
||||||
|
noremap <leader>x :bn<CR>
|
||||||
|
noremap <leader>w :bn<CR>
|
||||||
|
|
||||||
|
" Close buffer
|
||||||
|
noremap <leader>c :bd<CR>
|
||||||
|
|
||||||
|
" Clean search (highlight)
|
||||||
|
nnoremap <silent> <leader><space> :noh<cr>
|
||||||
|
|
||||||
|
" Switching windows
|
||||||
|
noremap <C-j> <C-w>j
|
||||||
|
noremap <C-k> <C-w>k
|
||||||
|
noremap <C-l> <C-w>l
|
||||||
|
noremap <C-h> <C-w>h
|
||||||
|
|
||||||
|
" Vmap for maintain Visual Mode after shifting > and <
|
||||||
|
vmap < <gv
|
||||||
|
vmap > >gv
|
||||||
|
|
||||||
|
" Move visual block
|
||||||
|
vnoremap J :m '>+1<CR>gv=gv
|
||||||
|
vnoremap K :m '<-2<CR>gv=gv
|
||||||
|
|
||||||
|
" Open current line on GitHub
|
||||||
|
nnoremap <Leader>o :.Gbrowse<CR>
|
||||||
|
|
||||||
|
|
||||||
|
" Save on strg+s if not in paste mode
|
||||||
|
nmap <c-s> :w<CR>
|
||||||
|
vmap <c-s> <Esc><c-s>gv
|
||||||
|
imap <c-s> <Esc><c-s>
|
||||||
|
|
||||||
|
" Quit on strg+q in normal mode
|
||||||
|
nnoremap <c-q> :q<cr>
|
||||||
|
|
||||||
|
" Strg+d to replace word under cursor
|
||||||
|
nnoremap <c-d> :%s/\<<C-r><C-w>\>//g<Left><Left>
|
||||||
|
|
||||||
|
" Strg+f ro find word under cursor
|
||||||
|
nnoremap <c-f> :/<C-r><C-w><Left><Left>
|
||||||
|
|
||||||
|
" Remove unneccessary spaces
|
||||||
|
nnoremap <silent> <F5> :let _s=@/ <Bar> :%s/\s\+$//e <Bar> :let @/=_s <Bar> :nohl <Bar> :unlet _s <CR>
|
||||||
|
|
||||||
|
" Reindent whole file with F6
|
||||||
|
map <F6> mzgg=G`z
|
||||||
|
|
||||||
|
" Toggle location list
|
||||||
|
nmap <silent> <F4> :call ToggleList("Quickfix List", 'c')<CR>
|
||||||
|
|
||||||
|
" Replacing text in visual mode doesn't copy it anymore
|
||||||
|
xmap p <Plug>ReplaceWithRegisterVisual
|
||||||
|
xmap <MiddleMouse> <Plug>ReplaceWithRegisterVisual
|
||||||
|
|
||||||
|
" ALE mappings
|
||||||
|
nmap <Leader>i <Plug>(ale_hover)
|
||||||
|
nmap <Leader>d <Plug>(ale_go_to_definition_in_tab)
|
||||||
|
nmap <Leader>rf <Plug>(ale_find_references)
|
||||||
|
nmap <silent><F7> <Plug>(ale_fix)
|
||||||
|
|
||||||
|
" Vim-Go mappings
|
||||||
|
au FileType go nmap <Leader>i :GoDoc<cr>
|
||||||
|
au FileType go nmap <Leader>d :GoDef<cr>
|
||||||
|
au FileType go nmap <Leader>rf :GoReferrers<cr>
|
||||||
|
|
||||||
|
|
||||||
|
"" Opens an edit command with the path of the currently edited file filled in
|
||||||
|
noremap <Leader>e :e <C-R>=expand("%:p:h") . "/" <CR>
|
||||||
|
|
||||||
|
" Use tab for navigatin in autocompletion window
|
||||||
|
inoremap <expr> <Tab> pumvisible() ? "\<C-n>" : "\<Tab>"
|
||||||
|
inoremap <expr> <S-Tab> pumvisible() ? "\<C-p>" : "\<S-Tab>"
|
||||||
|
|
||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Plugin settings
|
||||||
|
"*****************************************************************************
|
||||||
|
|
||||||
|
" vim-airline
|
||||||
|
set statusline+=%{fugitive#statusline()}
|
||||||
|
let g:airline_theme = 'powerlineish'
|
||||||
|
let g:airline#extensions#syntastic#enabled = 1
|
||||||
|
let g:airline#extensions#branch#enabled = 1
|
||||||
|
let g:airline#extensions#tabline#enabled = 1
|
||||||
|
let g:airline#extensions#tagbar#enabled = 1
|
||||||
|
let g:airline_skip_empty_sections = 1
|
||||||
|
let g:airline#extensions#ale#enabled = 1
|
||||||
|
|
||||||
|
" show indent lines
|
||||||
|
let g:indent_guides_enable_on_vim_startup = 1
|
||||||
|
let g:indent_guides_auto_colors = 0
|
||||||
|
hi IndentGuidesOdd ctermbg=235
|
||||||
|
hi IndentGuidesEven ctermbg=235
|
||||||
|
let g:indent_guides_guide_size = 1
|
||||||
|
let g:indent_guides_start_level = 2
|
||||||
|
|
||||||
|
" Enable autocompletion
|
||||||
|
let g:deoplete#enable_at_startup = 1
|
||||||
|
set completeopt-=preview
|
||||||
|
|
||||||
|
" Ale no preview on hover
|
||||||
|
let g:ale_close_preview_on_insert = 0
|
||||||
|
let g:ale_cursor_detail = 0
|
||||||
|
|
||||||
|
" Ale skip if file size over 2G
|
||||||
|
let g:ale_maximum_file_size = "2147483648"
|
||||||
|
|
||||||
|
" Ale to loclist and quickfix
|
||||||
|
let g:ale_set_quickfix = 1
|
||||||
|
" let g:ale_set_loclist = 1
|
||||||
|
|
||||||
|
|
||||||
|
" Ale language server
|
||||||
|
let g:ale_linters = {
|
||||||
|
\ 'python': ['pyls'],
|
||||||
|
\ 'c': ['cquery'],
|
||||||
|
\ 'cpp': ['cquery'],
|
||||||
|
\ 'xml': ['xmllint']
|
||||||
|
\ }
|
||||||
|
|
||||||
|
|
||||||
|
" ALE fixers
|
||||||
|
let g:ale_fixers = { '*': ['remove_trailing_lines', 'trim_whitespace'] }
|
||||||
|
let g:ale_fixers.python = ['black']
|
||||||
|
let g:ale_fixers.go = ['gofmt']
|
||||||
|
let g:ale_fixers.c = ['clang-format']
|
||||||
|
let g:ale_fixers.cpp = ['clang-format']
|
||||||
|
let g:ale_fixers.json = ['jq']
|
||||||
|
let g:ale_fixers.xml = ['xmllint']
|
||||||
|
|
||||||
|
let g:ale_completion_enabled = 1
|
||||||
|
let g:ale_sign_error = '⤫'
|
||||||
|
let g:ale_sign_warning = '⚠'
|
||||||
|
let g:ale_lint_on_insert_leave = 1
|
||||||
|
|
||||||
|
" Vim-Go Settings
|
||||||
|
let g:go_auto_sameids = 1
|
||||||
|
let g:go_fmt_command = "goimports"
|
||||||
|
let g:go_auto_type_info = 1
|
||||||
|
|
||||||
|
" Disable syntastic for langserver supported languages
|
||||||
|
let g:syntastic_mode_map = {
|
||||||
|
\ "mode": "active",
|
||||||
|
\ "passive_filetypes": ["go", "python", "c", "cpp", "xml" ]
|
||||||
|
\ }
|
||||||
|
let g:syntastic_always_populate_loc_list = 1
|
||||||
|
let g:syntastic_auto_loc_list = 2
|
||||||
|
let g:syntastic_aggregate_errors = 1
|
||||||
|
let g:syntastic_check_on_open = 1
|
||||||
|
let g:syntastic_check_on_wq = 0
|
||||||
|
let g:syntastic_error_symbol='✗'
|
||||||
|
let g:syntastic_warning_symbol='⚠'
|
||||||
|
let g:syntastic_style_error_symbol = '✗'
|
||||||
|
let g:syntastic_style_warning_symbol = '⚠'
|
||||||
|
|
||||||
|
"*****************************************************************************
|
||||||
|
"" Shortcuts overview
|
||||||
|
"*****************************************************************************
|
||||||
|
" Shortcuts overview
|
||||||
|
" F1 --> Filetree find
|
||||||
|
" F2 --> Filetree toggle
|
||||||
|
" F3 --> Function overview
|
||||||
|
" F4 --> Toggle error bar
|
||||||
|
|
||||||
|
" F5 --> Remove trailing whitespaces
|
||||||
|
" F6 --> Reindent whole file
|
||||||
|
" F7 --> Format and lint file
|
||||||
|
" ,i --> Information about function
|
||||||
|
" ,d --> Jump to definition
|
||||||
|
" ,r --> Rename in all occurences
|
||||||
|
" ,rf --> Find references of function/variable
|
||||||
|
" ,e --> Change current file
|
||||||
|
" ,te --> Open file in new tab
|
||||||
|
" strg+f --> Find current selected word
|
||||||
|
" strg+d --> Replace current selected word
|
||||||
|
" strg+s --> Save file
|
||||||
|
" strg+q --> Close current file
|
||||||
|
" space+, --> Stop highlighting words after search
|
||||||
|
|
70
mb/2configs/nvim.nix
Normal file
70
mb/2configs/nvim.nix
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
{ pkgs, config, ... }: let
|
||||||
|
#unstable = import <nixos-unstable> { };
|
||||||
|
in
|
||||||
|
|
||||||
|
{
|
||||||
|
environment.variables = {
|
||||||
|
EDITOR = ["nvim"];
|
||||||
|
};
|
||||||
|
|
||||||
|
nixpkgs.config.packageOverrides = pkgs: with pkgs;{
|
||||||
|
neovim_custom = neovim.override {
|
||||||
|
configure = {
|
||||||
|
customRC = builtins.readFile ./neovimrc;
|
||||||
|
|
||||||
|
packages.myVimPackage = with pkgs.vimPlugins;
|
||||||
|
{
|
||||||
|
# loaded on launch
|
||||||
|
start = [
|
||||||
|
nerdtree # file manager
|
||||||
|
commentary # comment stuff out based on language
|
||||||
|
fugitive # full git integration
|
||||||
|
vim-airline-themes # lean & mean status/tabline
|
||||||
|
vim-airline # status bar
|
||||||
|
gitgutter # git diff in the gutter (sign column)
|
||||||
|
vim-trailing-whitespace # trailing whitspaces in red
|
||||||
|
tagbar # F3 function overview
|
||||||
|
syntastic # Fallback to singlethreaded but huge syntax support
|
||||||
|
ReplaceWithRegister # For better copying/replacing
|
||||||
|
polyglot # Language pack
|
||||||
|
vim-indent-guides # for displaying indent levels
|
||||||
|
ale # threaded language client
|
||||||
|
vim-go # go linting
|
||||||
|
deoplete-go # go autocompletion completion
|
||||||
|
deoplete-nvim # general autocompletion
|
||||||
|
molokai # color scheme
|
||||||
|
];
|
||||||
|
|
||||||
|
# manually loadable by calling `:packadd $plugin-name`
|
||||||
|
opt = [];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
ctags
|
||||||
|
neovim_custom
|
||||||
|
jq # For fixing json files
|
||||||
|
xxd # .bin files will be displayed with xxd
|
||||||
|
shellcheck # Shell linting
|
||||||
|
ansible-lint # Ansible linting
|
||||||
|
unzip # To vim into unzipped files
|
||||||
|
nodePackages.jsonlint # json linting
|
||||||
|
#python36Packages.python-language-server # python linting
|
||||||
|
#python36Packages.pyls-mypy # Python static type checker
|
||||||
|
#python36Packages.black # Python code formatter
|
||||||
|
#python37Packages.yamllint # For linting yaml files
|
||||||
|
#python37Packages.libxml2 # For fixing yaml files
|
||||||
|
cquery # C/C++ support
|
||||||
|
clang-tools # C++ fixer
|
||||||
|
];
|
||||||
|
|
||||||
|
fonts = {
|
||||||
|
fonts = with pkgs; [
|
||||||
|
font-awesome_5
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
19
mb/2configs/qemu-guest.nix
Normal file
19
mb/2configs/qemu-guest.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
# Common configuration for virtual machines running under QEMU (using
|
||||||
|
# virtio).
|
||||||
|
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
boot.initrd.availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_mmio" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" ];
|
||||||
|
boot.initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ];
|
||||||
|
|
||||||
|
boot.initrd.postDeviceCommands =
|
||||||
|
''
|
||||||
|
# Set the system time from the hardware clock to work around a
|
||||||
|
# bug in qemu-kvm > 1.5.2 (where the VM clock is initialised
|
||||||
|
# to the *boot time* of the host).
|
||||||
|
hwclock -s
|
||||||
|
'';
|
||||||
|
|
||||||
|
security.rngd.enable = false;
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user