Merge remote-tracking branch 'gum/master'
This commit is contained in:
commit
e1a287c78b
@ -21,6 +21,7 @@ let
|
||||
./go.nix
|
||||
./iptables.nix
|
||||
./lib.nix
|
||||
./newsbot-js.nix
|
||||
./nginx.nix
|
||||
./nixpkgs.nix
|
||||
./on-failure.nix
|
||||
|
@ -19,6 +19,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:0000:0000:0000:0000:0000:d15f:1233"];
|
||||
aliases = [
|
||||
"dishfire.retiolum"
|
||||
"dishfire.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
@ -50,8 +51,10 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f763"];
|
||||
aliases = [
|
||||
"echelon.retiolum"
|
||||
"echelon.r"
|
||||
"cgit.echelon.retiolum"
|
||||
"go.retiolum"
|
||||
"go.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
@ -83,6 +86,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:0000:0000:0000:0000:0000:0000:15ab"];
|
||||
aliases = [
|
||||
"prism.retiolum"
|
||||
"prism.r"
|
||||
"cgit.prism.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -114,6 +118,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:422a:194f:ff3b:e196:2f82:5cf5:bc00"];
|
||||
aliases = [
|
||||
"fastpoke.retiolum"
|
||||
"fastpoke.r"
|
||||
"cgit.fastpoke.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -128,6 +133,7 @@ with config.krebs.lib;
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDRyEogeejET/UlqYYzrla3W2xG771oLK8uTFsVlVQFes4/c++Pp3KryJ/+avb/FQGlUb5YTO2SViZyAPTyw3Anv/8wxryB6ExDcfiiPL9D4Kgk559Gc1C+8vJu3Se3zB9huefllhdwsVkeFrInyWRarH3LNSbBq1TH2Rw/T4wyDVILu/QFxyqECdNzi6sufQ/92rEi3oDqlMbS8f45nbVm9CJpdn7ATwLW1PoBrrYkGll3P7ggOmR45rgldTVCLq3rIrIooiOaOhY1Leq+/sBeDa7fVeRFxFaLGYb9KFjQ4x2kL+3dDv0r726wKhrMQX75g/+Hqkv2di4/AGETI71b";
|
||||
};
|
||||
cloudkrebs = {
|
||||
cores = 1;
|
||||
@ -144,6 +150,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f762"];
|
||||
aliases = [
|
||||
"cloudkrebs.retiolum"
|
||||
"cloudkrebs.r"
|
||||
"cgit.cloudkrebs.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -173,6 +180,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"];
|
||||
aliases = [
|
||||
"uriel.retiolum"
|
||||
"uriel.r"
|
||||
"cgit.uriel.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -203,6 +211,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:0:0:0:0:0:0:dea7"];
|
||||
aliases = [
|
||||
"mors.retiolum"
|
||||
"mors.r"
|
||||
"cgit.mors.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -229,6 +238,7 @@ with config.krebs.lib;
|
||||
addrs6 = ["42:0:0:0:0:0:0:7105"];
|
||||
aliases = [
|
||||
"helios.retiolum"
|
||||
"helios.r"
|
||||
"cgit.helios.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
@ -253,6 +263,7 @@ with config.krebs.lib;
|
||||
lass = {
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== lass@mors";
|
||||
mail = "lass@mors.retiolum";
|
||||
pgp.pubkeys.default = builtins.readFile ./default.pgp;
|
||||
};
|
||||
lass-uriel = {
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDExWuRcltGM2FqXO695nm6/QY3wU3r1bDTyCpMrLfUSym7TxcXDSmZSWcueexPXV6GENuUfjJPZswOdWqIo5u2AXw9t0aGvwEDmI6uJ7K5nzQOsXIneGMdYuoOaAzWI8pxZ4N+lIP1HsOYttIPDp8RwU6kyG+Ud8mnVHWSTO13C7xC9vePnDP6b+44nHS691Zj3X/Cq35Ls0ISC3EM17jreucdP62L3TKk2R4NCm3Sjqj+OYEv0LAqIpgqSw5FypTYQgNByxRcIcNDlri63Q1yVftUP1338UiUfxtraUu6cqa2CdsHQmtX5mTNWEluVWO3uUKTz9zla3rShC+d3qvr lass@uriel";
|
||||
|
52
krebs/3modules/lass/default.pgp
Normal file
52
krebs/3modules/lass/default.pgp
Normal file
@ -0,0 +1,52 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v2
|
||||
|
||||
mQINBFSZ3/oBEADYvRPoLdDkASIArXyWR5ccugJQURxMDgphAGrvj6qskSkn0chF
|
||||
gnc/kcQr4aVTaDFdonSyHjYvspDOZm5BgHAICCu1PL8rkMTGS+vHM5dlwnok6IKy
|
||||
e2aLjLPq5sHyp4+Zeq1eHe5TQ1cgN0cPdMMnEHd8GQke21pRQ5Vz79s8qRfWlt1Y
|
||||
+OQ5uY/52iZ9qJ11/N4bPPe/Zm63sRTpGw14i8UCgBAsMQOG1XPUX2/IJc1CC9+1
|
||||
Ohn/hPCbIdCbwOs7/HFFMRWmV6w4ul9gr7Js0owkWAS8FNOactS2i2SSwdONetKs
|
||||
UbCVQ1PubPBZvh2Vij/oUBK5BvfNDR6nRYhOjYbt6PW/Q6bjqGecjnlO98dpcqag
|
||||
+8bdl1JY9FpE4RzfuRgAFjVbtNztrmm9t6EuOHGZ5ec34TG9+i02ixh0YTEDK/Yt
|
||||
my2MfIbGUbeIYRKJscqgxKkL6nv4x0lOvs8nDiUmqztGdSdTGni+BAWZz3+1xaJH
|
||||
DTyQ36qYauBb5FWneRTBeagrDOAvvk/WxS+fMFZpnQovevOQBqxEL62fntikmMFn
|
||||
ddPgq7R1VPdivvr+BO8yMI8i45Vn9EzIJR02WAp7oAsT966yzopVT4JLT8++CVPh
|
||||
/VBrFID9yRyWjW5IJPsMsOt7z3UJaP08ua0UG4uVqo6dT6IdR8jKKxYdvwARAQAB
|
||||
tCBsYXNzdWx1cyA8bGFzc3VsdXNAYWlkc2JhbGxzLmRlPokCPQQTAQoAJwUCVJnf
|
||||
+gIbAwUJBaOagAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRAyqvthRFEnnviI
|
||||
D/95QdNgttsly9CUeHKGfNGlJ2NgDepqob/VR2385q7cXCbFftRIsD0vaWYfsQ87
|
||||
kbKs3fpeHz8teKqZtMnXYkPIaSK0TcoaqQtyfkmj+agP2YRSkNYonlmmCiCWkodP
|
||||
2VnnmRUSwHcgxS14xsUHh13JXsU5nTHDAdJqOxUX6l6Lxb989h7Q8wTn5SX1XRVd
|
||||
0U5P7fNXKvVF34J6uGyWraxQLOqJEEzi82F/61hbI6zVPhxu/R+qmiSqgHIlp0ax
|
||||
u+8u3eyDVP1q95AMPaL1GsNYDcSl5njbkEbruSmjVcO99cD1ZLAODFJuaa+h/IvQ
|
||||
HoPnFL3hRo0SHt/RimokboJL7nx5jT/0y+FtGuPMVKUqiLApOfoeWeHWVKgMLV/0
|
||||
1+O4jEDRMNSIClI2YHdgyuQPBuHkaYXrrpDpJnYDEz2qAiijx+xIAPzifxebuVFV
|
||||
NQl/XnXlzTmYrt0GHfCrNZa/ZtsqQqnJSRpydjey+ATGgs+3Oqa6z8lHhYx83ST2
|
||||
cGsUmSnzk0TnxXmqwWxb3aGA0kO50atrObWwNXud7n3hu4V0FWwfHXUk8gJxtMN6
|
||||
IenjLcI0WyLwSKvTazF6GSgtUhwNgON88eiqLS8CWdop4CEyEUfxFoZeQoS72Yzq
|
||||
4pSOYPnbRDcBn2zkYaWyCTmf9qvWbZOu0Sl2lfy9n5LiKrkCDQRUmd/6ARAAq+Mt
|
||||
/9LohA9Qnz/GjE504h38G3USXgEV9/ctr2PXkc2onW67u45trLSYLyCK6kDq3VIN
|
||||
/3uLt8Pr+IL41NntW1exRtqohVeKI38CCqR5RP9tVxLkyxnpA/SPpSvOjWhyBkph
|
||||
MRXYta1+nBHwxSaPcc2e+15pk/cYgg0cTY7Nvgo+wL4bgI+b2OHwwIwRov/t4aim
|
||||
0y63OaCG82NqWrX7i2ONaR8RsZ8RHLnC+TyFaoj0mdp+vp4WFwxbqcIq+Vvn1m5j
|
||||
gPlkzXK4Yrykp2IULGuj+qZyS043FzZYhbxZoE85zIMtQ5gV/ktaP25+YsU1bwb9
|
||||
75FQvdMM827bbOJJ67/l96asQNg1TMzosL8/t9xLPDry4YYu8kRIPZgKWvT0Eg1Q
|
||||
AWzWJCXplTdPlhj660OCGuuyv/XJIbhqtBVZhIyR7gs6EZHZ6FHax7F41fEWGgSv
|
||||
WVAMrjrnG4XYAyCP1yiW1i7/ogCzKXYvV42tzBFuPcza6jhBnU17w5E7nwYaEWgA
|
||||
02Ai7aTK9WDAi8j8emQ8XppU9hqEILSvR5tG4R0YOAUbIUplIpnpf8KcEhNy48ei
|
||||
MuhiTJBjPyu7bRJoZXvipNPjqhESGlvrcr1QKuEqPLRcfLo3DOt3zgxBqOZZGHKL
|
||||
ckaud05wevMPK09F7taLgwBCHOmAxiMa5NQVjL8AEQEAAYkCJQQYAQoADwUCVJnf
|
||||
+gIbDAUJBaOagAAKCRAyqvthRFEnngGYD/wP77ax6yczKT/AHEvqyMMRPigLHIHy
|
||||
XIWt8uNKwbn1RTXuH9Nj1rtVuj7ck4jscNwmDYeT52ZDxHQjLHWgAG0CBq6afdBi
|
||||
VwLur6M7jv0EwY/SMed+QD1+a59kiO8+difwLDF+Q50lYQ4fmSGsfdQ4Qxesm92r
|
||||
Y1Q/xFg1K9MNZbItpzYTE4P+ii4kU5BnWwExX2OEhhlrNUjJhA30HvvUID6bsguq
|
||||
Jl7mWnGpS5YYqPxiABNI++TzYXQvP95nWGROvdx2vSPuJ756S8VJ81LL7BmQyQzq
|
||||
8S/ciHjmgtgLRyncqqXl1uJBqtK+50vEFHxJrANdDNzD+K4S7+23DpRsmEl/2ECQ
|
||||
laGsU6HtYbnr+hc1alE4uNMEN1/a75EFI59BISnUm8jIy1nLhcIXMhFh4JuG7kGk
|
||||
2ePa4Gv2DafMR8N0WYPIhP3LIIDP0s9gv2QSA+5BmI9OhZDkz9Ubuut1+PMfWCXm
|
||||
aNmF2Bh8puTffsFxGJSiQ4CXDzuNRqMR5wB0OCnB/WAnuZhRAJhXmgR8FJY+EvTN
|
||||
PcA1QZIZ0hQGVf8eJ5Gx4W1w2Q6mQCGnCy1XtEkZP0BOP0Or5CMtqP/VSuwaF4wh
|
||||
4FLYTOLZ7oDr2ErK/bhnpuoPoUU0y3n7AG/nhtmqenlMPLWB246XnEoJMb6Ar8vW
|
||||
It6jrzDh3+COSQ==
|
||||
=0gFT
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
51
krebs/3modules/makefu/brain.pgp
Normal file
51
krebs/3modules/makefu/brain.pgp
Normal file
@ -0,0 +1,51 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v2
|
||||
|
||||
mQINBFXn/k4BEACmXMbhoAKsMC/gFqBrQq2mgvo8+FnUe4F6JznVh7NiPH0PUdDw
|
||||
jRnK2EEpD+NoDt3A0jtq6C+wnr1V+p/jYAPxRcvv8a7ym+xuA4sBIPrlW1fQIuWF
|
||||
EjYnUVnN16Qa1xJiQQyEDeleAxgg0luOdqBZ0myT84a9O0deN8JM+zwqT/+sLY9c
|
||||
2fVGNv496/mt7Ct294QbS6cfdR26r8PZ1Wfo8cr8UhFfFft0TE267HJdoJ8NBvH/
|
||||
BSEcoaS3kaxk2YyOdAJ1RgEoQY2w1/jeZv5IUyO7azAQUhbqBK7nVbgUd2l3nf4v
|
||||
qmgNvvtcAlccY6L2M8BR6TI4Yw2hfbLOHPVTNjFlMXXX/MDYFFF9+GqmYOjyy5dy
|
||||
8m4qA4ZEoHG9XT+xsZAsHJRFPBacSp2ydoVdlkJsEQnabb78NXLusgBBxhOmvVHe
|
||||
5SeIvsrpn83/aIeHpLUQbzUdK3osERZUBTp9Pr0+dB+UkqThjE3MPntKcawm4cGN
|
||||
dXY6iNXH4gGPOjb5ed0OzDiRS2bVyb0/F2wYXvIPE2e0CwJ0io2rRT410HfpFkWD
|
||||
OPENdlNYb6FCXc4fpGxdtFL0hE6RZqBvwQAN9iDkEj+DxEwUc+yyroFRI25y+T1z
|
||||
68T0xqVfKXUqcOmsACKtjlQ5QcikCj8kC9bNDln7v1Q9argSEJXJDdf3cwARAQAB
|
||||
tBhwdyB1c2VyIDxyb290QGxvY2FsaG9zdD6JAjgEEwECACIFAlXn/k4CGwMGCwkI
|
||||
BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEDtOh4EJ4fmcIecP/1+HMD22wilyb3hQ
|
||||
QLKz+Wx37ZM6w0p9o0lMEeeUpcYPtWeVBqID6vxmqFwIOU5LtkHiE0yO8AcW7TYx
|
||||
14Ql3mPWd594fKXr04mN9RM9wTr09S0P4nqKuq0cR3x5s4C30DoKoUqt3ZKSZRW/
|
||||
4suhvebfYiTjlE5joH4lZy7bMaH2HpvLacZXGcyH7cmYfLuZekf1kNXRDh40IgrH
|
||||
uzsXFoflhLEZouKWiV3mWFo1iIckvTDrFNHuJj5oHP2D3J1RYdbPNP+5yOu/34mt
|
||||
wPK/R6MxXY+zKWZWU59Ll5nx+2wUkIP/MaE9Ubx1W0UdeB4In/Y/HhV2fwd9DFsq
|
||||
cbKofeDRblEdaaTjiqc1MjSxyhPplApgG4389gXX4vszAuyxBq6AecJobYkzmVek
|
||||
EOJVVqDFoT+a70p5hWMP5nQV7dE3jyy1esm6cjF9iv0cRf/GqZAIiNdeo9av56OO
|
||||
H5uwamTwcRrDsy4xWzowUfJDB+nJzlXw08aQRTfczCZ3n5hXvqqxuoweH08hfm/S
|
||||
oa0gU95mCkHYbscaxjXnkEgbuvCiVRhDqd8rZpi5WxNV63zHIaoeXIPVJH0zswIJ
|
||||
MT2LofWB8W8in48rmRvUdzZlm/++c/9+evNyNyAyOmdRk6fP0nHdRmuINyeKc67P
|
||||
0BrVstk/cywbNbpNBt+2uUJCemBBuQINBFXn/k4BEADQYsT81uL8XE9homHLRai0
|
||||
3Xo/gVe5lwXWouzzVImEQIICvmBCjdzA1nPfKvdBcFsBfOro6aefETq/cZeL16It
|
||||
zJKhh2HDJ/7oCuJM0OufkwoSBwJ4f0I+0zXsPZV0+P1ijPaKunYW+YpoFm3z8rLc
|
||||
iX/kxYRgo13jCNphL/TKOoq3ZTREzDcBk9QR8yLTV5i0j1qrlIsAx7iTv1jrC1L6
|
||||
fBZm40+wn0ahz9IgBWWv588i+1f7ekKQBYXi9n2+hSfMQ0ebhW14xG72eXDzV14Q
|
||||
Yra+FNMOCeKhmHH9PnVw0NkwRPbtL92ZySeFMHxhYnBPckqBUuEO12TXUMWA9fzj
|
||||
rpBjJWEtCRCeaSLAe5Nzleb09NKO3z4ghwedef/Cz8XZ+XDIpE/1yTQy0lSuLosw
|
||||
ScmwG9UPYxpWWqJmC+H6GQ0qQmCgmPYG8b20JvnqROmsLooC/xmf4seT8J+fYpKt
|
||||
fkQiuOd8RecW+1jyfr7qy2S3roNgNl7hyzlIHmtGnn3rYC4uCe4VjosvcPmnXP6N
|
||||
Jcck3dQnFxmE+/JS1zdH47nDGJsn5fFrArdfU9DLGjU/L7BJt99vIvif89B2FF/n
|
||||
0cR7bLeY72P1oJw+tgrsjo9uaS9u9vk/J8+Rhf3TIqbHfFh7/42sdkgk3Mqha+Bn
|
||||
wAOpUP3tjdDTwow9/2iYjQARAQABiQIfBBgBAgAJBQJV5/5OAhsMAAoJEDtOh4EJ
|
||||
4fmcTy8P/03eVL9GoarIjwRxYY8U23fU4xNIypkNrjspjJHVRcKJFCyA2/R9toKf
|
||||
0XGJIM2fwBo6beH0rinq8Xm8hrT/gFIWupuDLSTR/km0UD6CtfFOIt+5jw3c5mMR
|
||||
u9DbSWAiRYGzQKYYZUy5mdMG/kokDRSm5D0lO+YnLZtpECZn/Zi5rPKzbGyMus+a
|
||||
fm8a/eNko+Eg6j8FSYBm+d8SKYdoLJN3R7hYji7JuERMs+UZMsuriSAn2Af2Jn1I
|
||||
hc7fiwotrMdNifyWCtYqiFvcrsm8K8EC2J0KsieydBHwCuamlqTrjqVejbITD8Jl
|
||||
ghTGNHe/crP7/XKTjKva+1+VJAHDLylZgcArQSKa+SsWB/GoKB0x9UEWThJ1DLi4
|
||||
j2GhNlCIYZtPBQMu3+2btDj0A3IUQp4aW0nd5+0zz0H7JVrl+pI37uUxTiXCZG9X
|
||||
fjXrcP3niJhraHTG8mWD1v8+cG3NXpv/IZN82Z+sQlpabwjpybag2CeTfhEoFtEl
|
||||
V6ez9wpgBKeDsLDLOB8VRgpsikw9f6H8GAUZe2PjKUwiDtptqa37nU+3A6wPiO2s
|
||||
AWT/7D6vhMpDncp7E9DcsmsU9LNt7D+ISqi4uLKYJcfmqbJOui2YFo3zsYP8TqQD
|
||||
JTZ1lSpFpipJpi6mAzQUS4P3H+aUjeW/LWiSS/YNmGIOAUeB6Y3c
|
||||
=rEQB
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
@ -89,19 +89,14 @@ with config.krebs.lib;
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIICCgKCAgEAwW+RjRcp3uarkfXZ+FcCYY2GFcfI595GDpLRuiS/YQAB3JZEirHi
|
||||
HFhDJN80fZ9qHqtq9Af462xSx+cIb282TxAqCM1Z9buipOcYTYo0m8xIqkT10dB3
|
||||
mR87B+Ed1H6G3J6isdwEb9ZMegyGIIeyR53FJQYMZXjxdJbAmGMDKqjZSk1D5mo+
|
||||
n5Vx3lGzTuDy84VyphfO2ypG48RHCxHUAx4Yt3o84LKoiy/y5E66jaowCOjZ6SqG
|
||||
R0cymuhoBhMIk2xAXk0Qn7MZ1AOm9N7Wru7FXyoLc7B3+Gb0/8jXOJciysTG7+Gr
|
||||
Txza6fJvq2FaH8iBnfezSELmicIYhc8Ynlq4xElcHhQEmRTQavVe/LDhJ0i6xJSi
|
||||
aOu0njnK+9xK+MyDkB7n8dO1Iwnn7aG4n3CjVBB4BDO08lrovD3zdpDX0xhWgPRo
|
||||
ReOJ3heRO/HsVpzxKlqraKWoHuOXXcREfU9cj3F6CRd0ECOhqtFMEr6TnuSc8GaE
|
||||
KCKxY1oN45NbEFOCv2XKd2wEZFH37LFO6xxzSRr1DbVuKRYIPjtOiFKpwN1TIT8v
|
||||
XGzTT4TJpBGnq0jfhFwhVjfCjLuGj29MCkvg0nqObQ07qYrjdQI4W1GnGOuyXkvQ
|
||||
teyxjUXYbp0doTGxKvQaTWp+JapeEaJPN2MDOhrRFjPrzgo3aW9+97UCAwEAAQ==
|
||||
MIIBCgKCAQEAnztrijsfao+fmNtwAjqwIDKsRaMP3ECsq2T2zqKvxwCyXk69G9bG
|
||||
RFhWjgaawS9ZhnHSlgWK/vtoR0O9NxpzdU/mvdQijbVGxM02DegjO9qDSIe8EGmA
|
||||
kscW4nDqYtw4rtjOVPfnNiWXbcWD8eiYR0kcSWmSvfOpVvdhTETqduTx5HRHyEFD
|
||||
JRQYR/tJSvVWXmM670PENAPNJFJ4VSJR60s5A+bFT7J/uw7HzJXX28LygJz73Dj2
|
||||
2a4ev0WcZQngLq072h/91R/TOpg+ogUDVhXkQtKyFj7im0287JTL4bXGofZBhzaf
|
||||
+h9dFGs1QLoNyhG/cgt9fog7boSXTelAiQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
'';
|
||||
};
|
||||
};
|
||||
ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
|
||||
@ -548,6 +543,29 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
|
||||
};
|
||||
};
|
||||
|
||||
senderechner = rec {
|
||||
cores = 2;
|
||||
nets = {
|
||||
retiolum = {
|
||||
addrs4 = ["10.243.0.163"];
|
||||
addrs6 = ["42:b67b:5752:a730:5f28:d80d:6b37:5bda/128"];
|
||||
aliases = [
|
||||
"senderechner.r"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA0zCc5aLVRO6NuxUoR6BVzq2PQ/U5AEjYTdGkQufRot42N29MhxY7
|
||||
lJBfPfkw/yg2FOzmAzTi62QyrLWSaF1x54rKu+JeNSsOAX+BorGhM67N45DGvJ0X
|
||||
rakIL0BrVoV7Kxssq3DscGVbjbNS5B5c+IvTp97me/MpuDrfYqUyZk5mS9nB0oDL
|
||||
inao/A5AtOO4sdqN5BNE9/KisN/9dD359Gz2ZGGq6Ki7o4HBdBj5vi0f4fTofZxT
|
||||
BJH4BxbWaHwXMC0HYGlhQS0Y7tKYT6h3ChxoLDuW2Ox2IF5AQ/O4t4PIBDp1XaAO
|
||||
OK8SsmsiD6ZZm6q/nLWBkYH08geYfq0BhQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
muhbaasu = rec {
|
||||
cores = 1;
|
||||
nets = {
|
||||
@ -582,17 +600,19 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
|
||||
makefu = {
|
||||
mail = "makefu@pornocauster.retiolum";
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster";
|
||||
pgp.pubkeys.default = builtins.readFile ./default.pgp;
|
||||
pgp.pubkeys.brain = builtins.readFile ./brain.pgp;
|
||||
};
|
||||
makefu-omo = {
|
||||
inherit (makefu) mail;
|
||||
inherit (makefu) mail pgp;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtDhAxjiCH0SmTGNDqmlKPug9qTf+IFOVjdXfk01lAV2KMVW00CgNo2d5kl5+6pM99K7zZO7Uo7pmSFLSCAg8J6cMRI3v5OxFsnQfcJ9TeGLZt/ua7F8YsyIIr5wtqKtFbujqve31q9xJMypEpiX4np3nLiHfYwcWu7AFAUY8UHcCNl4JXm6hsmPe+9f6Mg2jICOdkfMMn0LtW+iq1KZpw1Nka2YUSiE2YuUtV+V+YaVMzdcjknkVkZNqcVk6tbJ1ZyZKM+bFEnE4VkHJYDABZfELpcgBAszfWrVG0QpEFjVCUq5atpIVHJcWWDx072r0zgdTPcBuzsHHC5PRfVBLEw== makefu@servarch";
|
||||
};
|
||||
makefu-tsp = {
|
||||
inherit (makefu) mail;
|
||||
inherit (makefu) mail pgp;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1srWa67fcsw3r64eqgIuHbMbrj6Ywd9AwzCM+2dfXqYQZblchzH4Q4oydjdFOnV9LaA1LfNcWEjV/gVQKA2/xLSyXSDwzTxQDyOAZaqseKVg1F0a7wAF20+LiegQj6KXE29wcTW1RjcPncmagTBv5/vYbo1eDLKZjwGpEnG0+s+TRftrAhrgtbsuwR1GWWYACxk1CbxbcV+nIZ1RF9E1Fngbl4C4WjXDvsASi8s24utCd/XxgKwKcSFv7EWNfXlNzlETdTqyNVdhA7anc3N7d/TGrQuzCdtrvBFq4WbD3IRhSk79PXaB3L6xJ7LS8DyOSzfPyiJPK65Zw5s4BC07Z makefu@tsp";
|
||||
};
|
||||
makefu-vbob = {
|
||||
inherit (makefu) mail;
|
||||
inherit (makefu) mail pgp;
|
||||
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiKvLKaRQPL/Y/4EWx3rNhrY5YGKK4AeqDOFTLgJ7djwJnMo7FP+OIH/4pFxS6Ri2TZwS9QsR3hsycA4n8Z15jXAOXuK52kP65Ei3lLyz9mF+/s1mJsV0Ui/UKF3jE7PEAVky7zXuyYirJpMK8LhXydpFvH95aGrL1Dk30R9/vNkE9rc1XylBfNpT0X0GXmldI+r5OPOtiKLA5BHJdlV8qDYhQsU2fH8S0tmAHF/ir2bh7+PtLE2hmRT+b8I7y1ZagkJsC0sn9GT1AS8ys5s65V2xTTIfQO1zQ4sUH0LczuRuY8MLaO33GAzhyoSQdbdRAmwZQpY/JRJ3C/UROgHYt makefu@vbob";
|
||||
};
|
||||
exco = {
|
||||
|
64
krebs/3modules/makefu/default.pgp
Normal file
64
krebs/3modules/makefu/default.pgp
Normal file
@ -0,0 +1,64 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v2
|
||||
|
||||
mQINBE6quoQBEACemTuY0Ujeygxdyds3ugPbKuIsJMCQSdXAKsCkH4vV5qam8rQP
|
||||
AabpYyQfew9nCUCJa4NkKFrLnGz4d7rl1u5ihVqMctYeJqZdtX88DqqNKQXoqKQv
|
||||
crF5hcZmUtbGe5eyoMV55hiODPVPTVra6pbxWwhqa0pYeXEyDy1BPoqgcP0DUFho
|
||||
yBeoyw71ujgdJZvl5rq6ZVjTGuToNKHn5UBDMu6n0rl9Ha7ukL4Gx8hOhmK8yv87
|
||||
zuUzBRQkTgoC48JA3Bt0kb15ghbOV7D411ZhmhEqWwE/OBk3//6MOGu24Mm0OG8J
|
||||
+tbEMysck0LYe5q5U/2cmGsqlwV6FXLmnPOj6H4XtdTBDVXo/Hp6A8mVR1sSDopc
|
||||
/2TnTwv0cdGOIS1CgxUc/qS6a8h+2UGaLSPnuPBWom163YbO/vgj8Th5q3N2DiRO
|
||||
EP+mGCKn1/cghU7WjMny8z59A7SeZ0rRN8KaMlFEZMlgtQf7/6EjL5Ulo5H0vb2m
|
||||
G5lAfW5xz55Y6M06sEl2wJ4pkgt+jeWRItKQvyqcdFEfiJfuP0+ESmQIMvz2ZnDC
|
||||
ZJzpmjP5uDwqu5THcTHvJ/ptSHRtXEiqqwrpQ0dqtwxLMJtIdgOohVoPAUNTTXcy
|
||||
XmL0qZsLFI2We2v0jgYMcYw1gswsksMLLmnVWlAsBqCALRyu4Ptxrkg9NwARAQAB
|
||||
tB5tYWtlZnUgPHJvb3RAc3ludGF4LWZlaGxlci5kZT6JAjgEEwECACIFAk6quoQC
|
||||
GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEMk6uSvVJeKfr5UP/3vvBlZQ
|
||||
9DjLRBx9YUjbq34LDl/wdDX7Fwsdb+TccUiOgKW2RAXbdnff2r5VRn4VSDUYoFfN
|
||||
qtDrxKl04IWeVwiaTjCJdXp6veSpov5GcmARgPUow8v9Eu2gZw0o1LvW7NFP5e3u
|
||||
YxmSTrlVGZMTCkwIkYoaETseCE0qsahWD0zCM19rAEuTkwKOQo58mXFUzNq829Ex
|
||||
OAv4zIQE6V7SKKOZzXhvBu3s1ql1SDfmciaszMlwwPtwgFBkg1HrFvuimU7zqGkf
|
||||
wQpWt91j8kJZdAC8iUf/7UNh/VZu+n9jtmynunRrY2PgPh6LgeDmiaTbVfHX51/3
|
||||
R01dzzTk0dnqwosNoc1u8Xsb/rTs9LDsncteUGKgiEh+LRjouGGh/C1g58dkF0wP
|
||||
S00dgnEhI9d8ui/yTPa47l3zDSa/m6Nq6oEGVbZDivNDuTV1jfhrs0v3kx50aK0O
|
||||
y+exKMmgxoxeCMZs53iHXiXAcsHSj+Gue6W2jDvRjaPqfxnM3GNd7y9ix8IF43R6
|
||||
n1oAZo7zWA4a5iq8yvBTjKqyDJAKu8C4kYM/9FMJlDgUjWYvNI4BiG1iw0iGVAjt
|
||||
JHz/QEM/7Mg7fw1rtJB/A9ezLJGyiDcc5GwrLIVl6U8stNWF0ZqgtwWKF1lm0Faj
|
||||
mPRDdOVZNTPw61YNqHJGdHVBD0usx3Xg/4V6tC5GZWxpeCBSaWNodGVyIDxGZWxp
|
||||
eC5SaWNodGVyQHN5bnRheC1mZWhsZXIuZGU+iQI4BBMBAgAiBQJSpxSDAhsDBgsJ
|
||||
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDJOrkr1SXin4w8D/9QY5oTvCmFERHR
|
||||
uUgGyU1hPomIE6RrSxoeqHsMUhUuqNeWYk0T/Oju/sZLlWUuBZHLTXeGPyFEe0/n
|
||||
6ys4cqTSwCKUdB0kQO3GAzPKGmC6C5trQaMpY+A6yVi3He6rN37+XjfjrY+o7Rbl
|
||||
s8K6S3jR/f/MSODjRnGNPTLsuDYKo+d4RwlWv2G+RFHueh4/aef0s3lzoDbmdJiW
|
||||
zXaTqiCKgG34GzQO4hs6MsyG9mJo05qXvMAGgCyRDJkbcmwjgQonlEi6TIJyQ3J2
|
||||
CNLrl2UW5eUFKnZbWGZYL7Ojsq0UnRna6z1L4sxk1kCLxn1Gz8RiisJ1bUOM85vZ
|
||||
dTyFTb9+iC43c2IbLpF139ic+hb6dYJC392cOwrT2UgfUuzqocY2V/HXjVsqsNtL
|
||||
t4tnoZkZhjFMaUe5FQbUYwtA2IqqrqD7iC7ULtclYa2tvW2HIAs4VjocWxfbgY4b
|
||||
He99Ma5xSNL171a34n2ZayjsI8cbYtHvVPTZ8Zs6xqsz8D+o+m0bBxGobOAkb6yN
|
||||
UUdZjo5Jdcr2AxAITEgzgzcWR0sCbn+6Jj7XJuz2SYEtOhZBrY7tONoOkrysCtJD
|
||||
fKOp2RCq60ZHMqoBTyyxtQ6LG/I0bZs7a2/6Wc3O3VhSIGgjSOan7N4G13CJqfFA
|
||||
FfMATGPnK+nYxmVAQ2VR0GxscvjdBLkCDQROqrqEARAAzYUNba4eFVDLlF2SzSra
|
||||
VMyV9eNBdi64tNQVTFDH+bj2KgcPKZXBUXDz+hizOb3jegaBojlbf6LYUgzQMQ96
|
||||
uHcE/mlBhtU1nUYKEH82kblA6UVOrtSyK/2MIX/aoK7C+pKFSIEkl2/V4NtPQ6Ay
|
||||
H+UQ8c6uOP6Z0raaawjZ/rzvxIlVPD0Ou0PtJf6l0UtMQRWpYcwNl3O6JgMFhqP4
|
||||
LipP40aYEuxr9RUynWBb8HzXj1R5imPgF+F47L8EPKDgIqEr6OLWigQ6pBpKM8xP
|
||||
lMQByGvv5Xi35rqMwn2porHwYE5BIUIQcSSSdhSxgwB0G/hlpucX7wtUMheAUFTj
|
||||
sVVK5jirMf30h4NUlpyO1hNblIM+oex96yir8PRZwQFkZ8CFeMDXjsNYUhcqyAJC
|
||||
Lr64XiaX7VdIshcIF07tC/Rjd7qKOs21phzIJ7FkYYFkhh607q6rzH7pBsnckJnX
|
||||
ydFIo412ig4dac2f2FSgZXPYyZ9T6y9raL3Aq1WigOncG+ajpN60/r1pXXggoIgr
|
||||
ZuSMXpklr3z7DZ+M5Vk7EjpTZqfUkcBuS9ObsfX/oIpVaY5MCZobjw4iBEee/t+f
|
||||
4YigdPTWWxoHA259S2dH3MdWzIH515VWjUD4E7Jf9iEoYygT98u3fV/1GHjBsQTg
|
||||
2CTXRCG3xpHnPliLvwkt6z8AEQEAAYkCHwQYAQIACQUCTqq6hAIbDAAKCRDJOrkr
|
||||
1SXin9vjD/46juH2MLa/iyXzbz4QxEHt5/USZ+RFh8Bt5iBEGVvKY97QlOJ6Eq8Z
|
||||
9BMA1z+QpdkU2Rx7H2l9ohA5Kznlz80KUGzkkEwCZTqycLLX2/oq825dqF0H6hJu
|
||||
9R95ltC8xIYvW0KPunnyU4HO+RyVM544vR1KKBTXV/+ojHD2BviDQ41bFNfYjo+N
|
||||
uInrJWCgsxAC1fhnxLjQH74BkBSMF0S85y68EnHbJ/4IAud24shb6blsF1Sjf1CK
|
||||
UX0ZWwbBWj7cMg0pfkczdl7Y7pHJqOr/UrC40jHVO4CX0JrxhOT7u4cvhv0E4Y3O
|
||||
y9+Js7+fM6Ua+YF6TuArOorOCH8vzx6xvM1AW2U5jS3iMglIi6fXEYRuQB9ygPTc
|
||||
wJ/ByBApEKC7O0kA0PhwEF4FTgZntThlaJ+2rsUseONAXqZTJaX+CXtQdw6IVa8n
|
||||
SmXN01YsZzW1qFhbBSYHowqbOxbW9WH0ObtL+bxfJbG8HrVoXZJ5pcytzIDsGbtE
|
||||
1M2AQPZ4CaaWDGEvnM3REo1OOAf3f4Vf9C59suPoKVWqalBb94AhQqka8nZ81jL9
|
||||
tXDt0Yuaj2xroCNstmRFOgXJBWWx59kVdU9yoC2K0AWNrMdHAuyevgscAHsKkXq5
|
||||
4C1xL0RuUlNZ1qcX7Ev7kcLJ1RxRyXZQCbpIUi+UAWuNgEwMEHo1eQ==
|
||||
=rHPd
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
@ -4,10 +4,12 @@ with builtins;
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.lass.newsbot-js;
|
||||
inherit (config.krebs.lib) genid;
|
||||
|
||||
cfg = config.krebs.newsbot-js;
|
||||
|
||||
out = {
|
||||
options.lass.newsbot-js = api;
|
||||
options.krebs.newsbot-js = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
};
|
||||
|
@ -54,6 +54,34 @@ let
|
||||
type = with types; string;
|
||||
default = "";
|
||||
};
|
||||
ssl = mkOption {
|
||||
type = with types; submodule ({
|
||||
options = {
|
||||
enable = mkEnableOption "ssl";
|
||||
certificate = mkOption {
|
||||
type = str;
|
||||
};
|
||||
certificate_key = mkOption {
|
||||
type = str;
|
||||
};
|
||||
#TODO: check for valid cipher
|
||||
ciphers = mkOption {
|
||||
type = str;
|
||||
default = "AES128+EECDH:AES128+EDH";
|
||||
};
|
||||
prefer_server_ciphers = mkOption {
|
||||
type = bool;
|
||||
default = true;
|
||||
};
|
||||
protocols = mkOption {
|
||||
type = listOf (enum [ "SSLv2" "SSLv3" "TLSv1" "TLSv1.1" "TLSv1.2" ]);
|
||||
default = [ "TLSv1.1" "TLSv1.2" ];
|
||||
|
||||
};
|
||||
};
|
||||
});
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
});
|
||||
default = {};
|
||||
@ -89,14 +117,28 @@ let
|
||||
}
|
||||
'';
|
||||
|
||||
to-server = { server-names, listen, locations, extraConfig, ... }: ''
|
||||
server {
|
||||
${concatMapStringsSep "\n" (x: "listen ${x};") listen}
|
||||
server_name ${toString server-names};
|
||||
${indent extraConfig}
|
||||
${indent (concatMapStrings to-location locations)}
|
||||
}
|
||||
'';
|
||||
to-server = { server-names, listen, locations, extraConfig, ssl, ... }:
|
||||
let
|
||||
_extraConfig = if ssl.enable then
|
||||
extraConfig + ''
|
||||
ssl_certificate ${ssl.certificate};
|
||||
ssl_certificate_key ${ssl.certificate_key};
|
||||
${optionalString ssl.prefer_server_ciphers "ssl_prefer_server_ciphers On;"}
|
||||
ssl_ciphers ${ssl.ciphers};
|
||||
ssl_protocols ${toString ssl.protocols};
|
||||
''
|
||||
else
|
||||
extraConfig
|
||||
;
|
||||
|
||||
in ''
|
||||
server {
|
||||
${concatMapStringsSep "\n" (x: "listen ${x};") (listen ++ optional ssl.enable "443 ssl")}
|
||||
server_name ${toString server-names};
|
||||
${indent _extraConfig}
|
||||
${indent (concatMapStrings to-location locations)}
|
||||
}
|
||||
'';
|
||||
|
||||
in
|
||||
out
|
||||
|
@ -25,9 +25,9 @@ in nodePackages.buildNodePackage {
|
||||
name = "newsbot-js";
|
||||
|
||||
src = fetchgit {
|
||||
url = "http://cgit.echelon/newsbot-js/";
|
||||
rev = "802b172d0eed6c9625a9cb5db408f5cc8c01784e";
|
||||
sha256 = "794fc7845aca311f7cf7b6bdc109b5a25d0e2299322bc6612edadc477b2536e2";
|
||||
url = "http://cgit.prism/newsbot-js/";
|
||||
rev = "09e01639be4ea9691cf5b33f7d9057b68ac98079";
|
||||
sha256 = "28ffbed66c2efcd194c47823c7d5d5533c80852fc0cf9d9d4ee609c71d50c142";
|
||||
};
|
||||
|
||||
phases = [
|
@ -19,12 +19,8 @@ with builtins;
|
||||
# };
|
||||
#}
|
||||
{
|
||||
krebs.iptables = {
|
||||
tables = {
|
||||
filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp --dport 8000"; target = "ACCEPT"; precedence = 9001; }
|
||||
];
|
||||
};
|
||||
services.elasticsearch = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
@ -25,6 +25,7 @@
|
||||
../2configs/teamviewer.nix
|
||||
../2configs/libvirt.nix
|
||||
../2configs/fetchWallpaper.nix
|
||||
../2configs/cbase.nix
|
||||
#../2configs/buildbot-standalone.nix
|
||||
{
|
||||
#risk of rain port
|
||||
@ -141,10 +142,16 @@
|
||||
services.elasticsearch = {
|
||||
enable = true;
|
||||
plugins = [
|
||||
pkgs.elasticsearchPlugins.elasticsearch_kopf
|
||||
# pkgs.elasticsearchPlugins.elasticsearch_kopf
|
||||
];
|
||||
};
|
||||
}
|
||||
{
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
package = pkgs.postgresql;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.mors;
|
||||
@ -270,16 +277,17 @@
|
||||
emulateWheel = true;
|
||||
};
|
||||
|
||||
services.xserver = {
|
||||
videoDriver = "intel";
|
||||
vaapiDrivers = [ pkgs.vaapiIntel ];
|
||||
deviceSection = ''
|
||||
Option "AccelMethod" "sna"
|
||||
BusID "PCI:0:2:0"
|
||||
'';
|
||||
};
|
||||
#services.xserver = {
|
||||
# videoDriver = "intel";
|
||||
# vaapiDrivers = [ pkgs.vaapiIntel ];
|
||||
# deviceSection = ''
|
||||
# Option "AccelMethod" "sna"
|
||||
# BusID "PCI:0:2:0"
|
||||
# '';
|
||||
#};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
acronym
|
||||
cac-api
|
||||
sshpass
|
||||
get
|
||||
@ -328,7 +336,4 @@
|
||||
tapButtons = false;
|
||||
twoFingerScroll = true;
|
||||
};
|
||||
|
||||
#for google hangout
|
||||
users.extraUsers.gm.extraGroups = [ "audio" "video" ];
|
||||
}
|
||||
|
@ -83,10 +83,10 @@ in {
|
||||
{
|
||||
sound.enable = false;
|
||||
}
|
||||
{
|
||||
#workaround for server dying after 6-7h
|
||||
boot.kernelPackages = pkgs.linuxPackages_4_2;
|
||||
}
|
||||
#{
|
||||
# #workaround for server dying after 6-7h
|
||||
# boot.kernelPackages = pkgs.linuxPackages_4_2;
|
||||
#}
|
||||
{
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
}
|
||||
@ -119,7 +119,8 @@ in {
|
||||
}
|
||||
{
|
||||
users.users.chat.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJJKlOeAHyi7lToCqRF/hdA2TrtVbrTUd2ayuWsXe9JWiyeyKH/LNY3SrgxCWPZSItE9VK68ghMuVYK/A8IAcgzNhzFYLDxmtsidjiOJBj2ZGsjqevoQ5HuKB/pob8CLW3dr1Rx38Any/XXxpfeO6vemCJMGLTe5gSlrCI+Tk1qNt0Rz+rke73Hwt9wW39g8X3prF2q9ryL9OFCcsoYUE7PIOV9xM1GaDFfTR4bKux7HyFKmG+rBvmJHB5OPW8UAtVZGY/FIChwlmF6QNO5Zym497bG1RCOGplaLpRXVJrmoUkZUO7EazePPxIjz2duWYqFtwl5R9YGy1+a+F58G19DS7wJHM29td117/ZANjRTxE5q/aJm2okJYOVSqhYzdhji+BWVZ5ai7cktpAdtPo++yiZN90LvogXNB64kFxVGuX52xZcA3KLKmvrd47o9k0pzO+oCoArxPFIx0YkHfy/yw7OG8Z+KLK8l9WXWBZO5TpjcydnEcRZ8OEqVhtmDh+9h1zhPphuFBtT1JPbt8m132RUy23qsNRtZ/lnnfQbrxgHPRzVuvA8o4ahOEUdvV9SYnzKb6qMFXGp25EhlcWnR4/toyG6I3paBtByeHkaxjgCuvm9Hob6f/xFr3kEJ4WXTVguyrcFgNg2EcEfdkrTMhNn9OIHEFFQ8whIBv5jlw== JuiceSSH"
|
||||
"ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAFhFJUMTfPbv3SzqlT9S67Av/m/ctLfTd3mMhD4O9hZc+t+dZmaHWj3v1KujzMBiDp3Yfo2YdVVZLTwTluHD8yNoQH418Vm01nrYHwOsc5J0br3mb0URZSstPiz6/6Fc+PNCDfQ2skUAWUidWiH+JolROFQ4y2lfpLOw+wsK2jj+Gqx6w== JuiceSSH"
|
||||
config.krebs.users.lass-uriel.pubkey
|
||||
];
|
||||
}
|
||||
{
|
||||
@ -134,6 +135,12 @@ in {
|
||||
{ predicate = "-p tcp --dport 80"; target = "ACCEPT"; }
|
||||
];
|
||||
}
|
||||
{
|
||||
services.tor = {
|
||||
enable = true;
|
||||
client.enable = true;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.prism;
|
||||
|
@ -15,15 +15,6 @@ with builtins;
|
||||
../2configs/bitlbee.nix
|
||||
../2configs/weechat.nix
|
||||
../2configs/skype.nix
|
||||
{
|
||||
users.extraUsers = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = map readFile [
|
||||
../../krebs/Zpubkeys/uriel.ssh.pub
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.uriel;
|
||||
|
@ -54,8 +54,8 @@ with config.krebs.lib;
|
||||
#secrets-common = "/home/lass/secrets/common";
|
||||
stockholm = "/home/lass/stockholm";
|
||||
nixpkgs = {
|
||||
url = https://github.com/Lassulus/nixpkgs;
|
||||
rev = "d0e3cca04edd5d1b3d61f188b4a5f61f35cdf1ce";
|
||||
url = https://github.com/NixOS/nixpkgs;
|
||||
rev = "40c586b7ce2c559374df435f46d673baf711c543";
|
||||
dev = "/home/lass/src/nixpkgs";
|
||||
};
|
||||
} // optionalAttrs config.krebs.build.host.secure {
|
||||
@ -68,8 +68,9 @@ with config.krebs.lib;
|
||||
|
||||
users.mutableUsers = false;
|
||||
|
||||
services.timesyncd.enable = true;
|
||||
|
||||
#why is this on in the first place?
|
||||
services.ntp.enable = false;
|
||||
services.nscd.enable = false;
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
@ -81,7 +82,7 @@ with config.krebs.lib;
|
||||
# multiple-definition-problem when defining environment.variables.EDITOR
|
||||
environment.extraInit = ''
|
||||
EDITOR=vim
|
||||
PAGER=most
|
||||
MANPAGER=most
|
||||
'';
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
@ -104,6 +105,9 @@ with config.krebs.lib;
|
||||
|
||||
#stuff for dl
|
||||
aria2
|
||||
|
||||
#neat utils
|
||||
krebspaste
|
||||
];
|
||||
|
||||
programs.bash = {
|
||||
|
@ -33,16 +33,19 @@ in {
|
||||
|
||||
dmenu
|
||||
gitAndTools.qgit
|
||||
mpv
|
||||
much
|
||||
pavucontrol
|
||||
powertop
|
||||
push
|
||||
slock
|
||||
sxiv
|
||||
xorg.xbacklight
|
||||
xsel
|
||||
zathura
|
||||
|
||||
mpv
|
||||
mpv-poll
|
||||
yt-next
|
||||
#window manager stuff
|
||||
#haskellPackages.xmobar
|
||||
#haskellPackages.yeganesh
|
||||
|
@ -1,6 +1,8 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (config.krebs.lib) genid;
|
||||
|
||||
mainUser = config.users.extraUsers.mainUser;
|
||||
createChromiumUser = name: extraGroups: packages:
|
||||
{
|
||||
@ -8,6 +10,7 @@ let
|
||||
inherit name;
|
||||
inherit extraGroups;
|
||||
home = "/home/${name}";
|
||||
uid = genid name;
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
};
|
||||
@ -28,6 +31,7 @@ let
|
||||
inherit name;
|
||||
inherit extraGroups;
|
||||
home = "/home/${name}";
|
||||
uid = genid name;
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
};
|
||||
@ -48,16 +52,17 @@ in {
|
||||
|
||||
environment.systemPackages = [
|
||||
(pkgs.writeScriptBin "browser-select" ''
|
||||
BROWSER=$(echo -e "ff\ncr\nfb\ngm\nflash" | dmenu)
|
||||
BROWSER=$(echo -e "ff\ncr\nwk\nfb\ngm\nflash" | dmenu)
|
||||
$BROWSER $@
|
||||
'')
|
||||
];
|
||||
|
||||
imports = [
|
||||
( createFirefoxUser "ff" [ "audio" ] [ ] )
|
||||
( createFirefoxUser "ff" [ "audio" ] [ pkgs.firefox ] )
|
||||
( createChromiumUser "cr" [ "audio" ] [ pkgs.chromium ] )
|
||||
( createChromiumUser "fb" [ ] [ pkgs.chromium ] )
|
||||
( createChromiumUser "gm" [ ] [ pkgs.chromium ] )
|
||||
( createChromiumUser "wk" [ "audio" ] [ pkgs.chromium ] )
|
||||
( createChromiumUser "fb" [ "audio" ] [ pkgs.chromium ] )
|
||||
( createChromiumUser "gm" [ "audio" ] [ pkgs.chromium ] )
|
||||
( createChromiumUser "flash" [ "audio" ] [ pkgs.flash ] )
|
||||
];
|
||||
|
||||
|
93
lass/2configs/cbase.nix
Normal file
93
lass/2configs/cbase.nix
Normal file
@ -0,0 +1,93 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (config.krebs.lib) genid;
|
||||
|
||||
in {
|
||||
|
||||
users.extraUsers = {
|
||||
cbasevpn = rec {
|
||||
name = "cbasevpn";
|
||||
uid = genid "cbasevpn";
|
||||
description = "user for running c-base openvpn";
|
||||
home = "/home/${name}";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraGroups.cbasevpn.gid = genid "cbasevpn";
|
||||
|
||||
services.openvpn.servers = {
|
||||
c-base = {
|
||||
config = ''
|
||||
client
|
||||
dev tap
|
||||
proto tcp
|
||||
remote vpn.ext.c-base.org 1194
|
||||
resolv-retry infinite
|
||||
nobind
|
||||
user cbasevpn
|
||||
group cbasevpn
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
auth-nocache
|
||||
#auth-user-pass
|
||||
auth-user-pass ${toString <secrets/cbase.txt>}
|
||||
|
||||
comp-lzo
|
||||
verb 3
|
||||
|
||||
#script-security 2
|
||||
#up /etc/openvpn/update-resolv-conf
|
||||
#down /etc/openvpn/update-resolv-conf
|
||||
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDUjCCArugAwIBAgIJAOOk8EXgjsf5MA0GCSqGSIb3DQEBBQUAMHoxCzAJBgNV
|
||||
BAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZj
|
||||
LWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJ
|
||||
ARYQYWRtYXhAYy1iYXNlLm9yZzAeFw0wOTAyMTMwOTE1MzdaFw0xOTAyMTEwOTE1
|
||||
MzdaMHoxCzAJBgNVBAYTAkRFMQswCQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGlu
|
||||
MQ8wDQYDVQQKEwZjLWJhc2UxGzAZBgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEf
|
||||
MB0GCSqGSIb3DQEJARYQYWRtYXhAYy1iYXNlLm9yZzCBnzANBgkqhkiG9w0BAQEF
|
||||
AAOBjQAwgYkCgYEAt3wEgXbqFKxs8z/E4rv13hkRi6J+QdshNzntm7rTOmUsXKE7
|
||||
IEwoJSglrmsDPv4UqE86A7bjW7YYSFjhzxFRkTEHJanyOCF48ZPItVl7Eq7T81co
|
||||
uR+6lAhxnLDrwnPJCC83NzAa6lw8U1DsQRDkayKlrQrtZq6++pFFEvZvt1cCAwEA
|
||||
AaOB3zCB3DAdBgNVHQ4EFgQUqkSbdXS90+HtqXDeAI+PcyTSSHEwgawGA1UdIwSB
|
||||
pDCBoYAUqkSbdXS90+HtqXDeAI+PcyTSSHGhfqR8MHoxCzAJBgNVBAYTAkRFMQsw
|
||||
CQYDVQQIEwJERTEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZjLWJhc2UxGzAZ
|
||||
BgNVBAMTEnZwbi5leHQuYy1iYXNlLm9yZzEfMB0GCSqGSIb3DQEJARYQYWRtYXhA
|
||||
Yy1iYXNlLm9yZ4IJAOOk8EXgjsf5MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
|
||||
BQADgYEAOBANG1H4uEEWk3sbeQoSMeA3LFG1+6MgFGk2WAdeHYuV9GKYBq6/PLP5
|
||||
ffw+FNkiDjLSeSQO88vHYJr2V1v8n/ZoCIT+1VBcDWXTpGz0YxDI1iBauO3tUPzK
|
||||
wGs46RA/S0YwiZw64MaUHd88ZVadjKy9kNoO3w6/vpAS6s/Mh+o=
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
#
|
||||
# 2048 bit OpenVPN static key
|
||||
#
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
5d49aa8c9cec18de7ab6e0b5cd09a368
|
||||
d3f1b8b77e055e448804fa0e14f487cb
|
||||
491681742f96b54a23fb8639aa9ed14e
|
||||
c40b86a5546b888c4f3873f23c956e87
|
||||
169076ec869127ffc85353fd5928871c
|
||||
da19776b79f723abb366fae6cdfe4ad6
|
||||
7ef667b7d05a7b78dfd5ea1d2da276dc
|
||||
5f6c82313fe9c1178c7256b8d1d081b0
|
||||
4c80bc8f21add61fbc52c158579edc1d
|
||||
bbde230afb9d0e531624ce289a17098a
|
||||
3261f9144a9a2a6f0da4250c9eed4086
|
||||
187ec6fa757a454de743a349e32af193
|
||||
e9f8b49b010014bdfb3240d992f2f234
|
||||
581d0ce05d4e07a2b588ad9b0555b704
|
||||
9d5edc28efde59226ec8942feed690a1
|
||||
2acd0c8bc9424d6074d0d495391023b6
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
@ -187,13 +187,10 @@ let
|
||||
hackernews|https://news.ycombinator.com/rss|#news
|
||||
'';
|
||||
in {
|
||||
imports = [
|
||||
../3modules/newsbot-js.nix
|
||||
];
|
||||
environment.systemPackages = [
|
||||
pkgs.newsbot-js
|
||||
];
|
||||
lass.newsbot-js = {
|
||||
krebs.newsbot-js = {
|
||||
enable = true;
|
||||
ircServer = "localhost";
|
||||
feeds = newsfile;
|
||||
|
@ -16,11 +16,13 @@
|
||||
enable = true;
|
||||
connectTo = [
|
||||
"prism"
|
||||
"cloudkrebs"
|
||||
"echelon"
|
||||
"pigstarter"
|
||||
"gum"
|
||||
"flap"
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
tinc = pkgs.tinc_pre;
|
||||
};
|
||||
}
|
||||
|
@ -1,13 +1,42 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
customPlugins.mustang2 = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "Mustang2";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "croaker";
|
||||
repo = "mustang-vim";
|
||||
rev = "6533d7d21bf27cae94d9c2caa575f627f003dfd5";
|
||||
sha256 = "0zlmcrr04j3dkiivrhqi90f618lmnnnpvbz1b9msfs78cmgw9w67";
|
||||
customPlugins = {
|
||||
mustang2 = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "Mustang2";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "croaker";
|
||||
repo = "mustang-vim";
|
||||
rev = "6533d7d21bf27cae94d9c2caa575f627f003dfd5";
|
||||
sha256 = "0zlmcrr04j3dkiivrhqi90f618lmnnnpvbz1b9msfs78cmgw9w67";
|
||||
};
|
||||
};
|
||||
unimpaired = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "unimpaired-vim";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "tpope";
|
||||
repo = "vim-unimpaired";
|
||||
rev = "11dc568dbfd7a56866a4354c737515769f08e9fe";
|
||||
sha256 = "1an941j5ckas8l3vkfhchdzjwcray16229rhv3a1d4pbxifwshi8";
|
||||
};
|
||||
};
|
||||
brogrammer = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "brogrammer";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "marciomazza";
|
||||
repo = "vim-brogrammer-theme";
|
||||
rev = "3e412d8e8909d8d89eb5a4cbe955b5bc0833a3c3";
|
||||
sha256 = "0am1qk8ls74z5ipgf9viacayq08y9i9vd7sxxiivwgsjh2ancbv6";
|
||||
};
|
||||
};
|
||||
file-line = pkgs.vimUtils.buildVimPlugin {
|
||||
name = "file-line";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "bogado";
|
||||
repo = "file-line";
|
||||
rev = "f9ffa1879ad84ce4a386110446f395bc1795b72a";
|
||||
sha256 = "173n47w9zd01rcyrrmm194v79xq7d1ggzr19n1lsxrqfgr2c1rvk";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
@ -23,7 +52,7 @@ in {
|
||||
syntax on
|
||||
" TODO autoload colorscheme file
|
||||
set background=dark
|
||||
colorscheme mustang
|
||||
colorscheme brogrammer
|
||||
filetype off
|
||||
filetype plugin indent on
|
||||
|
||||
@ -56,7 +85,8 @@ in {
|
||||
vnoremap < <gv
|
||||
vnoremap > >gv
|
||||
|
||||
nmap <esc>q :buffer
|
||||
nmap <esc>q :buffer
|
||||
|
||||
|
||||
"Tabwidth
|
||||
set ts=2 sts=2 sw=2 et
|
||||
@ -105,11 +135,26 @@ in {
|
||||
|
||||
"esc timeout
|
||||
set timeoutlen=1000 ttimeoutlen=0
|
||||
|
||||
"foldfunctions
|
||||
inoremap <F9> <C-O>za
|
||||
nnoremap <F9> za
|
||||
onoremap <F9> <C-C>za
|
||||
vnoremap <F9> zf
|
||||
'';
|
||||
|
||||
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins // customPlugins;
|
||||
vimrcConfig.vam.pluginDictionaries = [
|
||||
{ names = [ "Gundo" "commentary" "mustang2" ]; }
|
||||
{ names = [
|
||||
"brogrammer"
|
||||
"commentary"
|
||||
"extradite"
|
||||
"file-line"
|
||||
"fugitive"
|
||||
"Gundo"
|
||||
"mustang2"
|
||||
"unimpaired"
|
||||
]; }
|
||||
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
|
||||
];
|
||||
|
||||
|
@ -1,14 +1,17 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
krebs.per-user.chat.packages = [
|
||||
pkgs.weechat
|
||||
pkgs.tmux
|
||||
let
|
||||
inherit (config.krebs.lib) genid;
|
||||
in {
|
||||
krebs.per-user.chat.packages = with pkgs; [
|
||||
mosh
|
||||
tmux
|
||||
weechat
|
||||
];
|
||||
|
||||
users.extraUsers.chat = {
|
||||
home = "/home/chat";
|
||||
uid = lib.genid "chat";
|
||||
uid = genid "chat";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
|
@ -52,6 +52,7 @@ let
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
requires = [ "xserver.service" ];
|
||||
environment = xmonad-environment;
|
||||
restartIfChanged = false;
|
||||
serviceConfig = {
|
||||
ExecStart = "${xmonad-start}/bin/xmonad";
|
||||
ExecStop = "${xmonad-stop}/bin/xmonad-stop";
|
||||
|
@ -54,10 +54,6 @@
|
||||
|
||||
#eval $( dircolors -b ~/.LS_COLORS )
|
||||
|
||||
#exports
|
||||
export EDITOR='vim'
|
||||
export MANPAGER='most'
|
||||
export PAGER='vim -R -'
|
||||
# export MANPAGER='sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" | vim -R -c "set ft=man nonu nomod nolist" -'
|
||||
|
||||
#beautiful colors
|
||||
|
@ -3,7 +3,6 @@ _:
|
||||
imports = [
|
||||
./xresources.nix
|
||||
./folderPerms.nix
|
||||
./newsbot-js.nix
|
||||
./per-user.nix
|
||||
./urxvtd.nix
|
||||
./xresources.nix
|
||||
|
@ -45,24 +45,6 @@ let
|
||||
instanceid = mkOption {
|
||||
type = str;
|
||||
};
|
||||
ssl = mkOption {
|
||||
type = with types; submodule ({
|
||||
options = {
|
||||
enable = mkEnableOption "ssl";
|
||||
certificate = mkOption {
|
||||
type = str;
|
||||
};
|
||||
certificate_key = mkOption {
|
||||
type = str;
|
||||
};
|
||||
ciphers = mkOption {
|
||||
type = str;
|
||||
default = "AES128+EECDH:AES128+EDH";
|
||||
};
|
||||
};
|
||||
});
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
}));
|
||||
default = {};
|
||||
@ -72,7 +54,7 @@ let
|
||||
group = config.services.nginx.group;
|
||||
|
||||
imp = {
|
||||
krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ssl, ... }: {
|
||||
krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ... }: {
|
||||
server-names = [
|
||||
"${domain}"
|
||||
"www.${domain}"
|
||||
@ -116,16 +98,7 @@ let
|
||||
|
||||
error_page 403 /core/templates/403.php;
|
||||
error_page 404 /core/templates/404.php;
|
||||
${if ssl.enable then ''
|
||||
ssl_certificate ${ssl.certificate};
|
||||
ssl_certificate_key ${ssl.certificate_key};
|
||||
'' else ""}
|
||||
'';
|
||||
listen = (if ssl.enable then
|
||||
[ "80" "443 ssl" ]
|
||||
else
|
||||
"80"
|
||||
);
|
||||
});
|
||||
services.phpfpm.poolConfigs = flip mapAttrs cfg (name: { domain, folder, ... }: ''
|
||||
listen = ${folder}/phpfpm.pool
|
||||
|
@ -42,10 +42,6 @@ let
|
||||
certificate_key = mkOption {
|
||||
type = str;
|
||||
};
|
||||
ciphers = mkOption {
|
||||
type = str;
|
||||
default = "AES128+EECDH:AES128+EDH";
|
||||
};
|
||||
};
|
||||
});
|
||||
default = {};
|
||||
@ -74,16 +70,7 @@ let
|
||||
deny all;
|
||||
'')
|
||||
];
|
||||
|
||||
listen = (if ssl.enable then
|
||||
[ "80" "443 ssl" ]
|
||||
else
|
||||
"80"
|
||||
);
|
||||
extraConfig = (if ssl.enable then ''
|
||||
ssl_certificate ${ssl.certificate};
|
||||
ssl_certificate_key ${ssl.certificate_key};
|
||||
'' else "");
|
||||
inherit ssl;
|
||||
|
||||
});
|
||||
};
|
||||
|
13
lass/5pkgs/acronym/default.nix
Normal file
13
lass/5pkgs/acronym/default.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
pkgs.writeScriptBin "acronym" ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
|
||||
acro=$1
|
||||
|
||||
curl -s http://www.acronymfinder.com/$acro.html \
|
||||
| grep 'class="result-list__body__rank"' \
|
||||
| sed 's/.*title="\([^"]*\)".*/\1/' \
|
||||
| sed 's/^.* - //' \
|
||||
| sed "s/'/'/g"
|
||||
''
|
@ -2,14 +2,16 @@
|
||||
|
||||
{
|
||||
nixpkgs.config.packageOverrides = rec {
|
||||
acronym = pkgs.callPackage ./acronym/default.nix {};
|
||||
firefoxPlugins = {
|
||||
noscript = pkgs.callPackage ./firefoxPlugins/noscript.nix {};
|
||||
ublock = pkgs.callPackage ./firefoxPlugins/ublock.nix {};
|
||||
vimperator = pkgs.callPackage ./firefoxPlugins/vimperator.nix {};
|
||||
};
|
||||
newsbot-js = pkgs.callPackage ./newsbot-js/default.nix {};
|
||||
mpv-poll = pkgs.callPackage ./mpv-poll/default.nix {};
|
||||
xmonad-lass =
|
||||
let src = pkgs.writeNixFromCabal "xmonad-lass.nix" ./xmonad-lass; in
|
||||
pkgs.haskellPackages.callPackage src {};
|
||||
yt-next = pkgs.callPackage ./yt-next/default.nix {};
|
||||
};
|
||||
}
|
||||
|
40
lass/5pkgs/mpv-poll/default.nix
Normal file
40
lass/5pkgs/mpv-poll/default.nix
Normal file
@ -0,0 +1,40 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
pkgs.writeScriptBin "mpv-poll" ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
|
||||
pl=$1
|
||||
hist=''${HISTORY:-"./mpv_history"}
|
||||
mpv_options=''${MPV_OPTIONS:-""}
|
||||
|
||||
lastYT=""
|
||||
|
||||
play_video () {
|
||||
toPlay=$1
|
||||
echo $toPlay >> $hist
|
||||
mpv $mpv_options $toPlay
|
||||
}
|
||||
|
||||
if ! [ -e $hist ]; then
|
||||
touch $hist
|
||||
fi
|
||||
|
||||
while :
|
||||
do
|
||||
if [ -s $pl ]; then
|
||||
toPlay=$(head -1 $pl)
|
||||
sed -i '1d' $pl
|
||||
if $(echo $toPlay | grep -Eq 'https?://(www.)?youtube.com/watch'); then
|
||||
lastYT=$toPlay
|
||||
fi
|
||||
play_video $toPlay
|
||||
else
|
||||
if [ -n "$lastYT" ]; then
|
||||
next=$(yt-next $lastYT)
|
||||
lastYT=$next
|
||||
play_video $next
|
||||
fi
|
||||
sleep 1
|
||||
fi
|
||||
done
|
||||
''
|
13
lass/5pkgs/yt-next/default.nix
Normal file
13
lass/5pkgs/yt-next/default.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
pkgs.writeScriptBin "yt-next" ''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
|
||||
vid=$1
|
||||
num=''${NUM:-1}
|
||||
|
||||
curl -Ls $1 \
|
||||
| grep 'href="/watch?v=' \
|
||||
| head -n$num \
|
||||
| sed 's,.*href="\([^"]*\)".*,https://youtube.com\1,'
|
||||
''
|
@ -1,17 +1,51 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
{
|
||||
let
|
||||
byid = dev: "/dev/disk/by-id/" + dev;
|
||||
rootDisk = byid "ata-ADATA_SSD_S599_64GB_10460000000000000039";
|
||||
auxDisk = byid "ata-HGST_HTS721010A9E630_JR10006PH3A02F";
|
||||
dataPartition = auxDisk + "-part1";
|
||||
|
||||
allDisks = [ rootDisk auxDisk ];
|
||||
in {
|
||||
imports = [
|
||||
../2configs/fs/single-partition-ext4.nix
|
||||
../2configs/zsh-user.nix
|
||||
../.
|
||||
../.
|
||||
../2configs/fs/single-partition-ext4.nix
|
||||
../2configs/zsh-user.nix
|
||||
../2configs/smart-monitor.nix
|
||||
../2configs/exim-retiolum.nix
|
||||
../2configs/virtualization.nix
|
||||
];
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 80 655 67 ];
|
||||
networking.firewall.allowedTCPPorts = [ 80 655 ];
|
||||
networking.firewall.checkReversePath = false;
|
||||
#networking.firewall.enable = false;
|
||||
# virtualisation.nova.enableSingleNode = true;
|
||||
krebs.retiolum.enable = true;
|
||||
|
||||
boot.loader.grub.device = "/dev/disk/by-id/ata-ADATA_SSD_S599_64GB_10460000000000000039";
|
||||
boot.kernelModules = [ "coretemp" "f71882fg" ];
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
networking.wireless.enable = true;
|
||||
|
||||
# TODO smartd omo darth gum all-in-one
|
||||
services.smartd.devices = builtins.map (x: { device = x; }) allDisks;
|
||||
zramSwap.enable = true;
|
||||
|
||||
fileSystems."/data" = {
|
||||
device = dataPartition;
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.loader.grub.device = rootDisk;
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
config.krebs.users.makefu-omo.pubkey
|
||||
config.krebs.users.makefu-vbob.pubkey
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.darth;
|
||||
}
|
||||
|
@ -41,9 +41,16 @@ in {
|
||||
];
|
||||
};
|
||||
|
||||
krebs.nginx.servers.cgit.server-names = [
|
||||
"cgit.euer.krebsco.de"
|
||||
];
|
||||
krebs.nginx.servers.cgit = {
|
||||
server-names = [ "cgit.euer.krebsco.de" ];
|
||||
listen = [ "${external-ip}:80" "${internal-ip}:80" ];
|
||||
};
|
||||
|
||||
# access
|
||||
users.users = {
|
||||
root.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-omo.pubkey ];
|
||||
makefu.openssh.authorizedKeys.keys = [ config.krebs.users.makefu-vbob.pubkey ];
|
||||
};
|
||||
|
||||
# Chat
|
||||
environment.systemPackages = with pkgs;[
|
||||
|
@ -11,7 +11,7 @@ let
|
||||
# cryptsetup luksFormat $dev --cipher aes-xts-plain64 -s 512 -h sha512
|
||||
# cryptsetup luksAddKey $dev tmpkey
|
||||
# cryptsetup luksOpen $dev crypt0 --key-file tmpkey --keyfile-size=4096
|
||||
# mkfs.ext4 /dev/mapper/crypt0 -L crypt0 -T largefile
|
||||
# mkfs.xfs /dev/mapper/crypt0 -L crypt0
|
||||
|
||||
# omo Chassis:
|
||||
# __FRONT_
|
||||
@ -30,6 +30,8 @@ let
|
||||
cryptDisk2 = byid "ata-ST4000DM000-1F2168_Z303HVSG";
|
||||
# cryptDisk3 = byid "ata-WDC_WD20EARS-00MVWB0_WD-WMAZA1786907";
|
||||
# all physical disks
|
||||
|
||||
# TODO callPackage ../3modules/MonitorDisks { disks = allDisks }
|
||||
allDisks = [ rootDisk cryptDisk0 cryptDisk1 cryptDisk2 ];
|
||||
in {
|
||||
imports =
|
||||
@ -42,16 +44,21 @@ in {
|
||||
../2configs/smart-monitor.nix
|
||||
../2configs/mail-client.nix
|
||||
../2configs/share-user-sftp.nix
|
||||
../2configs/graphite-standalone.nix
|
||||
../2configs/omo-share.nix
|
||||
];
|
||||
|
||||
krebs.retiolum.enable = true;
|
||||
networking.firewall.trustedInterfaces = [ "enp3s0" ];
|
||||
# udp:137 udp:138 tcp:445 tcp:139 - samba, allowed in local net
|
||||
# tcp:80 - nginx for sharing files
|
||||
# tcp:655 udp:655 - tinc
|
||||
# tcp:8080 - sabnzbd
|
||||
# tcp:8111 - graphite
|
||||
# tcp:9090 - sabnzbd
|
||||
# tcp:9200 - elasticsearch
|
||||
# tcp:5601 - kibana
|
||||
networking.firewall.allowedUDPPorts = [ 655 ];
|
||||
networking.firewall.allowedTCPPorts = [ 80 655 8080 ];
|
||||
networking.firewall.allowedTCPPorts = [ 80 655 5601 8111 9200 9090 ];
|
||||
|
||||
# services.openssh.allowSFTP = false;
|
||||
|
||||
|
@ -36,7 +36,11 @@
|
||||
#../2configs/wordpress.nix
|
||||
../2configs/nginx/public_html.nix
|
||||
];
|
||||
|
||||
krebs.nginx = {
|
||||
default404 = false;
|
||||
servers.default.listen = [ "80 default_server" ];
|
||||
servers.default.server-names = [ "_" ];
|
||||
};
|
||||
krebs.retiolum.enable = true;
|
||||
# steam
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
|
@ -15,11 +15,6 @@
|
||||
];
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
krebs.build.source.upstream-nixpkgs = {
|
||||
url = https://github.com/makefu/nixpkgs;
|
||||
# HTTP Everywhere + libredir
|
||||
rev = "8239ac6";
|
||||
};
|
||||
fileSystems."/nix" = {
|
||||
device ="/dev/disk/by-label/nixstore";
|
||||
fsType = "ext4";
|
||||
|
@ -10,16 +10,6 @@
|
||||
#
|
||||
# if this is not enough, check out main-laptop.nix
|
||||
|
||||
## TODO: .Xdefaults:
|
||||
# URxvt*termName: rxvt
|
||||
# URxvt.scrollBar : false
|
||||
# URxvt*scrollBar_right: false
|
||||
# URxvt*borderLess: false
|
||||
# URxvt.foreground: white
|
||||
# URxvt.background: black
|
||||
# URxvt.urgentOnBell: true
|
||||
# URxvt.visualBell: false
|
||||
# URxvt.font : xft:Terminus
|
||||
|
||||
with config.krebs.lib;
|
||||
let
|
||||
@ -83,7 +73,9 @@ in
|
||||
XTerm*FaceName : Terminus:pixelsize=14
|
||||
|
||||
URxvt*termName: rxvt
|
||||
URxvt.scrollBar : False
|
||||
URxvt*saveLines: 10000
|
||||
URxvt*loginShell: false
|
||||
URxvt.scrollBar : false
|
||||
URxvt*scrollBar_right: false
|
||||
URxvt*borderLess: false
|
||||
URxvt.foreground: white
|
||||
|
@ -125,6 +125,7 @@ with config.krebs.lib;
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
nano = pkgs.runCommand "empty" {} "mkdir -p $out";
|
||||
tinc = pkgs.tinc_pre;
|
||||
};
|
||||
|
||||
services.cron.enable = false;
|
||||
|
@ -19,7 +19,7 @@ with config.krebs.lib;
|
||||
"/home" = {
|
||||
device = "/dev/mapper/main-home";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
options = [ "defaults" "discard" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -18,12 +18,12 @@ with config.krebs.lib;
|
||||
"/" = {
|
||||
device = "/dev/mapper/luksroot";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
options = [ "defaults" "discard" ];
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-label/nixboot";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
options = [ "defaults" "discard" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -23,6 +23,7 @@ with config.krebs.lib;
|
||||
services.tlp.enable = true;
|
||||
services.tlp.extraConfig = ''
|
||||
START_CHARGE_THRESH_BAT0=80
|
||||
STOP_CHARGE_THRESH_BAT0=95
|
||||
|
||||
CPU_SCALING_GOVERNOR_ON_AC=performance
|
||||
CPU_SCALING_GOVERNOR_ON_BAT=ondemand
|
||||
|
@ -7,7 +7,7 @@ with config.krebs.lib;
|
||||
gnupg
|
||||
imapfilter
|
||||
msmtp
|
||||
mutt-kz
|
||||
mutt
|
||||
notmuch
|
||||
offlineimap
|
||||
openssl
|
||||
|
15
makefu/2configs/nginx/public_html.nix
Normal file
15
makefu/2configs/nginx/public_html.nix
Normal file
@ -0,0 +1,15 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with config.krebs.lib;
|
||||
|
||||
{
|
||||
krebs.nginx = {
|
||||
enable = true;
|
||||
servers.default.locations = [
|
||||
(nameValuePair "~ ^/~(.+?)(/.*)?\$" ''
|
||||
alias /home/$1/public_html$2;
|
||||
autoindex on;
|
||||
'')
|
||||
];
|
||||
};
|
||||
}
|
@ -48,6 +48,13 @@ in {
|
||||
browseable = "yes";
|
||||
"guest ok" = "yes";
|
||||
};
|
||||
|
||||
emu = {
|
||||
path = "/media/crypt1/emu";
|
||||
"read only" = "yes";
|
||||
browseable = "yes";
|
||||
"guest ok" = "yes";
|
||||
};
|
||||
usenet = {
|
||||
path = "/media/crypt0/usenet/dst";
|
||||
"read only" = "yes";
|
||||
|
30
makefu/4lib/default.nix
Normal file
30
makefu/4lib/default.nix
Normal file
@ -0,0 +1,30 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
addDefaultTime = bku-entry: recursiveUpdate {
|
||||
snapshots = {
|
||||
daily = { format = "%Y-%m-%d"; retain = 7; };
|
||||
weekly = { format = "%YW%W"; retain = 4; };
|
||||
monthly = { format = "%Y-%m"; retain = 12; };
|
||||
yearly = { format = "%Y"; };
|
||||
};
|
||||
startAt = "5:23";
|
||||
} bku-entry;
|
||||
|
||||
backup-host = config.krebs.hosts.omo;
|
||||
backup-path = "/media/backup";
|
||||
in {
|
||||
bku = {
|
||||
inherit addDefaultTime;
|
||||
simplePath = addDefaultTime (path: {
|
||||
method = "pull";
|
||||
src = { host = config.krebs.build.host; inherit path; };
|
||||
dst = {
|
||||
host = backup-host;
|
||||
path = backup-path ++ config.krebs.build.host.name
|
||||
++ builtins.replaceStrings ["/"] ["-"] path;
|
||||
};
|
||||
});
|
||||
};
|
||||
}
|
@ -10,8 +10,8 @@ with pkgs.pythonPackages;buildPythonPackage rec {
|
||||
src = fetchFromGitHub {
|
||||
owner = "makefu";
|
||||
repo = "mycube-flask";
|
||||
rev = "5f5260a";
|
||||
sha256 = "1jx0h81nlmi1xry2vw46rvsanq0sdca6hlq31lhh7klqrg885hgh";
|
||||
rev = "48dc6857";
|
||||
sha256 = "1ax1vz6m5982l1mmp9vmywn9nw9p9h4m3ss74zazyspxq1wjim0v";
|
||||
};
|
||||
meta = {
|
||||
homepage = https://github.com/makefu/mycube-flask;
|
||||
|
Loading…
Reference in New Issue
Block a user