Merge remote-tracking branch 'prism/master'
This commit is contained in:
commit
d5fd5107e6
@ -16,6 +16,7 @@
|
|||||||
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
|
vimperator|https://sites.google.com/a/vimperator.org/www/blog/posts.xml|#news
|
||||||
weechat|http://dev.weechat.org/feed/atom|#news
|
weechat|http://dev.weechat.org/feed/atom|#news
|
||||||
xkcd|https://xkcd.com/rss.xml|#news
|
xkcd|https://xkcd.com/rss.xml|#news
|
||||||
|
painload|https://github.com/krebscode/painload/commits/master.atom|#news
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -437,8 +437,14 @@ with import <stockholm/lib>;
|
|||||||
ip4.addr = "129.215.90.4";
|
ip4.addr = "129.215.90.4";
|
||||||
aliases = [ "eddie.i" ];
|
aliases = [ "eddie.i" ];
|
||||||
};
|
};
|
||||||
retiolum = {
|
retiolum = rec {
|
||||||
via = internet;
|
via = internet;
|
||||||
|
addrs = [
|
||||||
|
# edinburgh university
|
||||||
|
"129.215.0.0/16"
|
||||||
|
ip4.addr
|
||||||
|
ip6.addr
|
||||||
|
];
|
||||||
ip4.addr = "10.243.29.170";
|
ip4.addr = "10.243.29.170";
|
||||||
ip6.addr = "42:4992:6a6d:700::1";
|
ip6.addr = "42:4992:6a6d:700::1";
|
||||||
aliases = [ "eddie.r" ];
|
aliases = [ "eddie.r" ];
|
||||||
|
@ -144,7 +144,8 @@ rec {
|
|||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
wiki-todo-show = buildSimpleReaktorPlugin "wiki-todo" {
|
wiki-todo-show = buildSimpleReaktorPlugin "wiki-todo" {
|
||||||
script = pkgs.writeDash "wiki-todo-add" ''
|
pattern = "^wiki-show$";
|
||||||
|
script = pkgs.writeDash "wiki-show" ''
|
||||||
${pkgs.coreutils}/bin/cat wiki-todo
|
${pkgs.coreutils}/bin/cat wiki-todo
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
@ -115,4 +115,6 @@ with import <stockholm/lib>;
|
|||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
|
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC2G1.pem"; sha256 = "1z2qkyhgjvri13bvi06ynkb7mjmpcznmc9yw8chx1lnwc3cxa7kf"; })
|
||||||
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
|
(pkgs.fetchurl { url = "http://pki.dcso.de/ca/PEM/DCSOCAIDENC3G1.pem"; sha256 = "0smdjjvz95n652cb45yhzdb2lr83zg52najgbzf6lm3w71f8mv7f"; })
|
||||||
];
|
];
|
||||||
|
|
||||||
|
lass.screenlock.command = "${pkgs.i3lock}/bin/i3lock -i /home/lass/lock.png -t -f";
|
||||||
}
|
}
|
||||||
|
@ -168,6 +168,14 @@ in {
|
|||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBQhLGvfv4hyQ/nqJGy1YgHXPSVl6igeWTroJSvAhUFgoh+rG+zvqY0EahKXNb3sq0/OYDCTJVuucc0hgCg7T2KqTqMtTb9EEkRmCFbD7F7DWZojCrh/an6sHneqT5eFvzAPZ8E5hup7oVQnj5P5M3I9keRHBWt1rq6q0IcOEhsFvne4qJc73aLASTJkxzlo5U8ju3JQOl6474ECuSn0lb1fTrQ/SR1NgF7jV11eBldkS8SHEB+2GXjn4Yrn+QUKOnDp+B85vZmVlJSI+7XR1/U/xIbtAjGTEmNwB6cTbBv9NCG9jloDDOZG4ZvzzHYrlBXjaigtQh2/4mrHoKa5eV juhulian@juhulian"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
users.users.hellrazor = {
|
||||||
|
uid = genid "hellrazor";
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [
|
||||||
|
"download"
|
||||||
|
];
|
||||||
|
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDQFaYOWRUvHP6I37q9Dd4PJOq8FNQqAeJZ8pLx0G62uC450kbPGcG80rHHvXmk7HqQP6biJmMg48bOsvXAScPot2Qhp1Qc35CuUqVhLiTvUAsi8l/iJjhjZ23yRGDCAmW5+JIOzIvECkcbMnG7YoYAQ9trNGHe9qwGzQGhpt3QVClE23WtE3PVKRLQx1VbiabSnAm6tXVd2zpUoSdpWt8Gpi2taM4XXJ5+l744MNxFHvDapN5xqpYzwrA34Ii13jNLWcGbtgxESpR+VjnamdWByrkBsW4X5/xn2K1I1FrujaM/DBHV1QMaDKst9V8+uL5X7aYNt0OUBu2eyZdg6aujY2BYovB9uRyR1JIuSbA/a54MM96yN9WirMUufJF/YZrV0L631t9EW8ORyWUo1GRzMuBHVHQlfApj7NCU/jEddUuTqKgwyRgTmMFMUI4M0tRULAB/7pBE1Vbcx9tg6RsKIk8VkskfbBJW9Y6Sx6YoFlxPdgMNIrBefqEjIV62piP7YLMlvfIDCJ7TNd9dLN86XGggZ/nD5zt6SL1o61vVnw9If8pHosppxADPJsJvcdN6fOe16/tFAeE0JRo0jTcyFVTBGfhpey+rFfuW8wtUyuO5WPUxkOn7xMHGMWHJAtWX2vwVIDtLxvqn48B4SmEOpPD6ii+vcpwqAex3ycqBUQ==" ];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
#hotdog
|
#hotdog
|
||||||
|
@ -6,7 +6,6 @@ in {
|
|||||||
imports = [
|
imports = [
|
||||||
./mpv.nix
|
./mpv.nix
|
||||||
./power-action.nix
|
./power-action.nix
|
||||||
./screenlock.nix
|
|
||||||
./copyq.nix
|
./copyq.nix
|
||||||
./xresources.nix
|
./xresources.nix
|
||||||
./livestream.nix
|
./livestream.nix
|
||||||
@ -31,15 +30,15 @@ in {
|
|||||||
options.lass.fonts = {
|
options.lass.fonts = {
|
||||||
regular = mkOption {
|
regular = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "xft:Hack-Regular:pixelsize=11,xft:Symbola";
|
default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
|
||||||
};
|
};
|
||||||
bold = mkOption {
|
bold = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "xft:Hack-Bold:pixelsize=11,xft:Symbola";
|
default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
|
||||||
};
|
};
|
||||||
italic = mkOption {
|
italic = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
default = "xft:Hack-RegularOblique:pixelsize=11,xft:Symbol";
|
default = "-*-clean-*-*-*-*-*-*-*-*-*-*-iso10646-1";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
@ -136,4 +135,5 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
services.urxvtd.enable = true;
|
services.urxvtd.enable = true;
|
||||||
|
lass.screenlock.enable = true;
|
||||||
}
|
}
|
||||||
|
@ -50,7 +50,7 @@ with import <stockholm/lib>;
|
|||||||
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
|
NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
(let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in {
|
(let ca-bundle = "/etc/ssl/certs/ca-bundle.crt"; in {
|
||||||
environment.variables = {
|
environment.variables = {
|
||||||
CURL_CA_BUNDLE = ca-bundle;
|
CURL_CA_BUNDLE = ca-bundle;
|
||||||
GIT_SSL_CAINFO = ca-bundle;
|
GIT_SSL_CAINFO = ca-bundle;
|
||||||
|
@ -13,6 +13,7 @@ with import <stockholm/lib>;
|
|||||||
};
|
};
|
||||||
services.dnsmasq = {
|
services.dnsmasq = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
resolveLocalQueries = false;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
server=127.1.0.1
|
server=127.1.0.1
|
||||||
#no-resolv
|
#no-resolv
|
||||||
|
@ -1,17 +0,0 @@
|
|||||||
{ pkgs, config, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
systemd.services.screenlock = {
|
|
||||||
before = [ "sleep.target" ];
|
|
||||||
wantedBy = [ "sleep.target" ];
|
|
||||||
environment = {
|
|
||||||
DISPLAY = ":0";
|
|
||||||
};
|
|
||||||
serviceConfig = {
|
|
||||||
SyslogIdentifier = "screenlock";
|
|
||||||
ExecStart = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f";
|
|
||||||
Type = "forking";
|
|
||||||
User = "lass";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -8,6 +8,7 @@ _:
|
|||||||
./mysql-backup.nix
|
./mysql-backup.nix
|
||||||
./news.nix
|
./news.nix
|
||||||
./pyload.nix
|
./pyload.nix
|
||||||
|
./screenlock.nix
|
||||||
./umts.nix
|
./umts.nix
|
||||||
./usershadow.nix
|
./usershadow.nix
|
||||||
./xresources.nix
|
./xresources.nix
|
||||||
|
37
lass/3modules/screenlock.nix
Normal file
37
lass/3modules/screenlock.nix
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
{ pkgs, config, ... }:
|
||||||
|
|
||||||
|
with import <stockholm/lib>;
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.lass.screenlock;
|
||||||
|
|
||||||
|
out = {
|
||||||
|
options.lass.screenlock = api;
|
||||||
|
config = mkIf cfg.enable imp;
|
||||||
|
};
|
||||||
|
|
||||||
|
api = {
|
||||||
|
enable = mkEnableOption "news";
|
||||||
|
command = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
imp = {
|
||||||
|
systemd.services.screenlock = {
|
||||||
|
before = [ "sleep.target" ];
|
||||||
|
wantedBy = [ "sleep.target" ];
|
||||||
|
environment = {
|
||||||
|
DISPLAY = ":0";
|
||||||
|
};
|
||||||
|
serviceConfig = {
|
||||||
|
SyslogIdentifier = "screenlock";
|
||||||
|
ExecStart = cfg.command;
|
||||||
|
Type = "forking";
|
||||||
|
User = "lass";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
in out
|
@ -97,7 +97,7 @@ displaySomeException = displayException
|
|||||||
|
|
||||||
myKeyMap :: [([Char], X ())]
|
myKeyMap :: [([Char], X ())]
|
||||||
myKeyMap =
|
myKeyMap =
|
||||||
[ ("M4-<F11>", spawn "${pkgs.i3lock}/bin/i3lock -i /var/lib/wallpaper/wallpaper -f")
|
[ ("M4-<F11>", spawn "${config.lass.screenlock.command}")
|
||||||
, ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png")
|
, ("M4-C-p", spawn "${pkgs.scrot}/bin/scrot ~/public_html/scrot.png")
|
||||||
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
|
, ("M4-p", spawn "${pkgs.pass}/bin/passmenu --type")
|
||||||
, ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type")
|
, ("M4-o", spawn "${pkgs.brain}/bin/brainmenu --type")
|
||||||
@ -139,6 +139,8 @@ myKeyMap =
|
|||||||
, ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10")
|
, ("M4-<F6>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 10")
|
||||||
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
|
, ("M4-<F7>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 33")
|
||||||
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
|
, ("M4-<F8>", spawn "${pkgs.xorg.xbacklight}/bin/xbacklight -set 100")
|
||||||
|
|
||||||
|
, ("<Pause>", spawn "${pkgs.xcalib}/bin/xcalib -invert -alter")
|
||||||
]
|
]
|
||||||
|
|
||||||
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
|
forkFile :: FilePath -> [String] -> Maybe [(String, String)] -> X ()
|
||||||
|
@ -10,7 +10,7 @@ in
|
|||||||
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
|
nixos-config.symlink = "stockholm/lass/1systems/${name}/config.nix";
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
url = https://github.com/nixos/nixpkgs;
|
url = https://github.com/nixos/nixpkgs;
|
||||||
ref = "1987983";
|
ref = "c99239b";
|
||||||
};
|
};
|
||||||
secrets.file = getAttr builder {
|
secrets.file = getAttr builder {
|
||||||
buildbot = toString <stockholm/lass/2configs/tests/dummy-secrets>;
|
buildbot = toString <stockholm/lass/2configs/tests/dummy-secrets>;
|
||||||
|
@ -92,7 +92,7 @@ rec {
|
|||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
addrs = mkOption {
|
addrs = mkOption {
|
||||||
type = listOf addr;
|
type = listOf cidr;
|
||||||
default =
|
default =
|
||||||
optional (config.ip4 != null) config.ip4.addr ++
|
optional (config.ip4 != null) config.ip4.addr ++
|
||||||
optional (config.ip6 != null) config.ip6.addr;
|
optional (config.ip6 != null) config.ip6.addr;
|
||||||
@ -109,7 +109,7 @@ rec {
|
|||||||
type = addr4;
|
type = addr4;
|
||||||
};
|
};
|
||||||
prefix = mkOption ({
|
prefix = mkOption ({
|
||||||
type = str; # TODO routing prefix (CIDR)
|
type = cidr4;
|
||||||
} // optionalAttrs (config.name == "retiolum") {
|
} // optionalAttrs (config.name == "retiolum") {
|
||||||
default = "10.243.0.0/16";
|
default = "10.243.0.0/16";
|
||||||
});
|
});
|
||||||
@ -125,7 +125,7 @@ rec {
|
|||||||
apply = lib.normalize-ip6-addr;
|
apply = lib.normalize-ip6-addr;
|
||||||
};
|
};
|
||||||
prefix = mkOption ({
|
prefix = mkOption ({
|
||||||
type = str; # TODO routing prefix (CIDR)
|
type = cidr6;
|
||||||
} // optionalAttrs (config.name == "retiolum") {
|
} // optionalAttrs (config.name == "retiolum") {
|
||||||
default = "42::/16";
|
default = "42::/16";
|
||||||
});
|
});
|
||||||
@ -364,6 +364,26 @@ rec {
|
|||||||
merge = mergeOneOption;
|
merge = mergeOneOption;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
cidr = either cidr4 cidr6;
|
||||||
|
cidr4 = mkOptionType {
|
||||||
|
name = "CIDRv4 address";
|
||||||
|
check = let
|
||||||
|
CIDRv4address = let d = "([1-9]?[0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])"; in
|
||||||
|
concatMapStringsSep "." (const d) (range 1 4) + "(/([1-2]?[0-9]|3[0-2]))?";
|
||||||
|
in
|
||||||
|
test CIDRv4address;
|
||||||
|
merge = mergeOneOption;
|
||||||
|
};
|
||||||
|
cidr6 = mkOptionType {
|
||||||
|
name = "CIDRv6 address";
|
||||||
|
check = let
|
||||||
|
# TODO check IPv6 address harder
|
||||||
|
CIDRv6address = "[0-9a-f.:]+(/([0-9][0-9]?|1[0-2][0-8]))?";
|
||||||
|
in
|
||||||
|
test CIDRv6address;
|
||||||
|
merge = mergeOneOption;
|
||||||
|
};
|
||||||
|
|
||||||
binary-cache-pubkey = str;
|
binary-cache-pubkey = str;
|
||||||
|
|
||||||
pgp-pubkey = str;
|
pgp-pubkey = str;
|
||||||
|
@ -6,6 +6,9 @@
|
|||||||
# configure your hw:
|
# configure your hw:
|
||||||
# <stockholm/makefu/2configs/save-diskspace.nix>
|
# <stockholm/makefu/2configs/save-diskspace.nix>
|
||||||
];
|
];
|
||||||
|
users.extraUsers.root.openssh.authorizedKeys.keys = [
|
||||||
|
config.krebs.users.tv.pubkey
|
||||||
|
];
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
tinc.retiolum.enable = true;
|
tinc.retiolum.enable = true;
|
||||||
|
@ -26,6 +26,7 @@ in {
|
|||||||
<stockholm/makefu/2configs/zsh-user.nix>
|
<stockholm/makefu/2configs/zsh-user.nix>
|
||||||
# Services
|
# Services
|
||||||
<stockholm/makefu/2configs/remote-build/slave.nix>
|
<stockholm/makefu/2configs/remote-build/slave.nix>
|
||||||
|
<stockholm/makefu/2configs/torrent.nix>
|
||||||
|
|
||||||
];
|
];
|
||||||
krebs = {
|
krebs = {
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
import <stockholm/makefu/source.nix> {
|
import <stockholm/makefu/source.nix> {
|
||||||
name="latte";
|
name = "latte";
|
||||||
|
torrent = true;
|
||||||
}
|
}
|
||||||
|
@ -7,6 +7,7 @@
|
|||||||
];
|
];
|
||||||
binaryCachePublicKeys = [
|
binaryCachePublicKeys = [
|
||||||
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
|
"cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="
|
||||||
|
"cache.prism-2:YwmCm3/s/D+SxrPKN/ETjlpw/219pNUbpnluatp6FKI="
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
@ -16,5 +16,6 @@
|
|||||||
whatsupnix
|
whatsupnix
|
||||||
brain
|
brain
|
||||||
gen-oath-safe
|
gen-oath-safe
|
||||||
|
cdrtools
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -15,6 +15,7 @@ _:
|
|||||||
./torrent.nix
|
./torrent.nix
|
||||||
./udpt.nix
|
./udpt.nix
|
||||||
./umts.nix
|
./umts.nix
|
||||||
|
./wvdial.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
71
makefu/3modules/wvdial.nix
Normal file
71
makefu/3modules/wvdial.nix
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
# Global configuration for wvdial.
|
||||||
|
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
let
|
||||||
|
|
||||||
|
configFile = ''
|
||||||
|
[Dialer Defaults]
|
||||||
|
PPPD PATH = ${pkgs.ppp}/sbin/pppd
|
||||||
|
${config.environment.wvdial.dialerDefaults}
|
||||||
|
'';
|
||||||
|
|
||||||
|
cfg = config.environment.wvdial;
|
||||||
|
|
||||||
|
in
|
||||||
|
{
|
||||||
|
###### interface
|
||||||
|
|
||||||
|
options = {
|
||||||
|
|
||||||
|
environment.wvdial = {
|
||||||
|
|
||||||
|
dialerDefaults = mkOption {
|
||||||
|
default = "";
|
||||||
|
type = types.str;
|
||||||
|
example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"'';
|
||||||
|
description = ''
|
||||||
|
Contents of the "Dialer Defaults" section of
|
||||||
|
<filename>/etc/wvdial.conf</filename>.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
pppDefaults = mkOption {
|
||||||
|
default = ''
|
||||||
|
noipdefault
|
||||||
|
usepeerdns
|
||||||
|
defaultroute
|
||||||
|
persist
|
||||||
|
noauth
|
||||||
|
'';
|
||||||
|
type = types.str;
|
||||||
|
description = "Default ppp settings for wvdial.";
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
###### implementation
|
||||||
|
|
||||||
|
config = mkIf (cfg.dialerDefaults != "") {
|
||||||
|
|
||||||
|
environment = {
|
||||||
|
|
||||||
|
etc =
|
||||||
|
[
|
||||||
|
{ source = pkgs.writeText "wvdial.conf" configFile;
|
||||||
|
target = "wvdial.conf";
|
||||||
|
}
|
||||||
|
{ source = pkgs.writeText "wvdial" cfg.pppDefaults;
|
||||||
|
target = "ppp/peers/wvdial";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -11,8 +11,7 @@ let
|
|||||||
then "buildbot"
|
then "buildbot"
|
||||||
else "makefu";
|
else "makefu";
|
||||||
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
|
_file = <stockholm> + "/makefu/1systems/${name}/source.nix";
|
||||||
ref = "727a3a3"; # unstable @ 2017-10-07
|
ref = "809cf38"; # unstable @ 2017-10-07
|
||||||
# + revert wvdial (76f4910)
|
|
||||||
# + ruby stuff (2f0b17e4be9,55a952be5b5)
|
# + ruby stuff (2f0b17e4be9,55a952be5b5)
|
||||||
# + mitmproxy fix (360a5efd,ef52c95b)
|
# + mitmproxy fix (360a5efd,ef52c95b)
|
||||||
|
|
||||||
|
@ -15,6 +15,7 @@ with lib;
|
|||||||
<stockholm/nin/2configs/git.nix>
|
<stockholm/nin/2configs/git.nix>
|
||||||
<stockholm/nin/2configs/retiolum.nix>
|
<stockholm/nin/2configs/retiolum.nix>
|
||||||
<stockholm/nin/2configs/termite.nix>
|
<stockholm/nin/2configs/termite.nix>
|
||||||
|
<stockholm/nin/2configs/skype.nix>
|
||||||
];
|
];
|
||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.hiawatha;
|
krebs.build.host = config.krebs.hosts.hiawatha;
|
||||||
@ -98,10 +99,6 @@ with lib;
|
|||||||
|
|
||||||
allowUnfree = true;
|
allowUnfree = true;
|
||||||
|
|
||||||
firefox = {
|
|
||||||
enableGoogleTalkPlugin = true;
|
|
||||||
enableAdobeFlash = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
#services.logind.extraConfig = "HandleLidSwitch=ignore";
|
#services.logind.extraConfig = "HandleLidSwitch=ignore";
|
||||||
|
@ -4,6 +4,7 @@ with import <stockholm/lib>;
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
../2configs/vim.nix
|
../2configs/vim.nix
|
||||||
|
<stockholm/krebs/2configs/binary-cache/prism.nix>
|
||||||
{
|
{
|
||||||
users.extraUsers =
|
users.extraUsers =
|
||||||
mapAttrs (_: h: { hashedPassword = h; })
|
mapAttrs (_: h: { hashedPassword = h; })
|
||||||
@ -45,12 +46,6 @@ with import <stockholm/lib>;
|
|||||||
SSL_CERT_FILE = ca-bundle;
|
SSL_CERT_FILE = ca-bundle;
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
{
|
|
||||||
nix = {
|
|
||||||
binaryCaches = ["http://cache.prism.r"];
|
|
||||||
binaryCachePublicKeys = ["cache.prism-1:+S+6Lo/n27XEtvdlQKuJIcb1yO5NUqUCE2lolmTgNJU="];
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = config.krebs.build.host.name;
|
networking.hostName = config.krebs.build.host.name;
|
||||||
@ -96,6 +91,7 @@ with import <stockholm/lib>;
|
|||||||
gnumake
|
gnumake
|
||||||
jq
|
jq
|
||||||
proot
|
proot
|
||||||
|
pavucontrol
|
||||||
populate
|
populate
|
||||||
p7zip
|
p7zip
|
||||||
termite
|
termite
|
||||||
@ -158,6 +154,7 @@ with import <stockholm/lib>;
|
|||||||
filter.INPUT.rules = [
|
filter.INPUT.rules = [
|
||||||
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
||||||
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
||||||
|
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
|
||||||
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
||||||
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
||||||
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
||||||
|
27
nin/2configs/skype.nix
Normal file
27
nin/2configs/skype.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
mainUser = config.users.extraUsers.nin;
|
||||||
|
inherit (import <stockholm/lib>) genid;
|
||||||
|
|
||||||
|
in {
|
||||||
|
users.extraUsers = {
|
||||||
|
skype = {
|
||||||
|
name = "skype";
|
||||||
|
uid = genid "skype";
|
||||||
|
description = "user for running skype";
|
||||||
|
home = "/home/skype";
|
||||||
|
useDefaultShell = true;
|
||||||
|
extraGroups = [ "audio" "video" ];
|
||||||
|
createHome = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
krebs.per-user.skype.packages = [
|
||||||
|
pkgs.skype
|
||||||
|
];
|
||||||
|
|
||||||
|
security.sudo.extraConfig = ''
|
||||||
|
${mainUser.name} ALL=(skype) NOPASSWD: ALL
|
||||||
|
'';
|
||||||
|
}
|
@ -14,6 +14,6 @@ in
|
|||||||
stockholm.file = toString <stockholm>;
|
stockholm.file = toString <stockholm>;
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
url = https://github.com/nixos/nixpkgs;
|
url = https://github.com/nixos/nixpkgs;
|
||||||
ref = "799435b";
|
ref = "c99239b";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user