Merge remote-tracking branch 'tv/master'

This commit is contained in:
makefu 2019-01-16 11:43:10 +01:00
commit e3851e0c69
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
23 changed files with 121 additions and 101 deletions

View File

@ -14,12 +14,8 @@ with import <stockholm/lib>;
}; };
plugins = with pkgs.ReaktorPlugins; [ plugins = with pkgs.ReaktorPlugins; [
sed-plugin sed-plugin
task-add
task-delete
task-done
task-list
] ++ ] ++
(attrValues (todo "agenda")) (attrValues (task "agenda"))
; ;
}; };
krebs.secret.files.nix-serve-key = { krebs.secret.files.nix-serve-key = {

View File

@ -10,12 +10,8 @@ with import <stockholm/lib>;
}; };
plugins = with pkgs.ReaktorPlugins; [ plugins = with pkgs.ReaktorPlugins; [
sed-plugin sed-plugin
task-add
task-delete
task-done
task-list
] ++ ] ++
(attrValues (todo "agenda")) (attrValues (task "agenda"))
; ;
}; };
} }

View File

@ -13,7 +13,7 @@ in {
}); });
default = {}; default = {};
}; };
config = { config = mkIf (cfg != {}) {
environment = { environment = {
etc = etc =
mapAttrs' mapAttrs'

View File

@ -27,6 +27,7 @@ let
"tinc.conf" = pkgs.writeText "${netname}-tinc.conf" '' "tinc.conf" = pkgs.writeText "${netname}-tinc.conf" ''
Name = ${tinc.config.host.name} Name = ${tinc.config.host.name}
Interface = ${netname} Interface = ${netname}
Broadcast = no
${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo} ${concatMapStrings (c: "ConnectTo = ${c}\n") tinc.config.connectTo}
PrivateKeyFile = ${tinc.config.privkey.path} PrivateKeyFile = ${tinc.config.privkey.path}
Port = ${toString tinc.config.host.nets.${netname}.tinc.port} Port = ${toString tinc.config.host.nets.${netname}.tinc.port}

View File

@ -146,58 +146,36 @@ rec {
''; '';
}); });
taskrcFile = builtins.toFile "taskrc" '' task = name: let
confirmation=no rcFile = builtins.toFile "taskrc" ''
''; confirmation=no
'';
task-add = buildSimpleReaktorPlugin "task-add" { in {
pattern = "^task-add: (?P<args>.*)$$"; add = buildSimpleReaktorPlugin "${name}-task-add" {
script = pkgs.writeDash "task-add" ''
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} add "$*"
'';
};
task-list = buildSimpleReaktorPlugin "task-list" {
pattern = "^task-list";
script = pkgs.writeDash "task-list" ''
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
'';
};
task-delete = buildSimpleReaktorPlugin "task-delete" {
pattern = "^task-delete: (?P<args>.*)$$";
script = pkgs.writeDash "task-delete" ''
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} delete "$*"
'';
};
task-done = buildSimpleReaktorPlugin "task-done" {
pattern = "^task-done: (?P<args>.*)$$";
script = pkgs.writeDash "task-done" ''
${pkgs.taskwarrior}/bin/task rc:${taskrcFile} done "$*"
'';
};
todo = name: {
add = buildSimpleReaktorPlugin "${name}-add" {
pattern = "^${name}-add: (?P<args>.*)$$"; pattern = "^${name}-add: (?P<args>.*)$$";
script = pkgs.writeDash "${name}-add" '' script = pkgs.writeDash "${name}-add" ''
echo "$*" >> ${name}-todo TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} add "$*"
echo "added ${name} todo"
''; '';
}; };
delete = buildSimpleReaktorPlugin "${name}-delete" {
list = buildSimpleReaktorPlugin "task-list" {
pattern = "^${name}-list";
script = pkgs.writeDash "task-list" ''
TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} export | ${pkgs.jq}/bin/jq -r '.[] | select(.id != 0) | "\(.id) \(.description)"'
'';
};
delete = buildSimpleReaktorPlugin "task-delete" {
pattern = "^${name}-delete: (?P<args>.*)$$"; pattern = "^${name}-delete: (?P<args>.*)$$";
script = pkgs.writeDash "${name}-delete" '' script = pkgs.writeDash "task-delete" ''
${pkgs.gnugrep}/bin/grep -Fvxe "$*" ${name}-todo > ${name}-todo.tmp TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} delete "$*"
${pkgs.coreutils}/bin/mv ${name}-todo.tmp ${name}-todo
echo "removed ${name} todo: $*"
''; '';
}; };
show = buildSimpleReaktorPlugin "${name}-show" {
pattern = "^${name}-show$"; done = buildSimpleReaktorPlugin "task-done" {
script = pkgs.writeDash "${name}-show" '' pattern = "^${name}-done: (?P<args>.*)$$";
${pkgs.coreutils}/bin/cat ${name}-todo script = pkgs.writeDash "task-done" ''
TASKDATA=$HOME/${name} ${pkgs.taskwarrior}/bin/task rc:${rcFile} done "$*"
''; '';
}; };
}; };

View File

@ -40,6 +40,16 @@
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var/lib/nextcloud" = {
device = "tank/nextcloud";
fsType = "zfs";
};
fileSystems."/var/lib/libvirt" = {
device = "tank/libvirt";
fsType = "zfs";
};
nix.maxJobs = lib.mkDefault 8; nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";

View File

@ -3,6 +3,6 @@
with import <stockholm/lib>; with import <stockholm/lib>;
{ {
nix.gc = { nix.gc = {
automatic = ! (elem config.krebs.build.host.name [ "prism" "mors" "helios" ] || config.boot.isContainer); automatic = ! (elem config.krebs.build.host.name [ "mors" "helios" ] || config.boot.isContainer);
}; };
} }

View File

@ -51,7 +51,7 @@ let
eloop = [ "to:eloop.org" ]; eloop = [ "to:eloop.org" ];
github = [ "to:github@lassul.us" ]; github = [ "to:github@lassul.us" ];
gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ]; gmail = [ "to:gmail@lassul.us" "to:lassulus@gmail.com" "lassulus@googlemail.com" ];
india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" ]; india = [ "to:hillhackers@lists.hillhacks.in" "to:hackbeach@lists.hackbeach.in" "to:hackbeach@mail.hackbeach.in" ];
kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ]; kaosstuff = [ "to:gearbest@lassul.us" "to:banggood@lassul.us" "to:tomtop@lassul.us" ];
lugs = [ "to:lugs@lug-s.org" ]; lugs = [ "to:lugs@lug-s.org" ];
meetup = [ "to:meetup@lassul.us" ]; meetup = [ "to:meetup@lassul.us" ];

View File

@ -88,6 +88,20 @@ in {
file_uploads = on file_uploads = on
''; '';
services.nextcloud = {
enable = true;
hostName = "o.xanf.org";
config = {
adminpassFile = toString <secrets> + "/nextcloud_pw";
};
#https = true;
nginx.enable = true;
};
services.nginx.virtualHosts."o.xanf.org" = {
enableACME = true;
forceSSL = true;
};
# MAIL STUFF # MAIL STUFF
# TODO: make into its own module # TODO: make into its own module
services.dovecot2 = { services.dovecot2 = {

View File

@ -101,6 +101,9 @@ in {
locations."/pub".extraConfig = '' locations."/pub".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey}; alias ${pkgs.writeText "pub" config.krebs.users.lass.pubkey};
''; '';
locations."/pub1".extraConfig = ''
alias ${pkgs.writeText "pub" config.krebs.users.lass-mors.pubkey};
'';
}; };
security.acme.certs."cgit.lassul.us" = { security.acme.certs."cgit.lassul.us" = {

View File

@ -20,6 +20,7 @@ with import <stockholm/lib>;
<stockholm/tv/2configs/br.nix> <stockholm/tv/2configs/br.nix>
<stockholm/tv/2configs/xp-332.nix> <stockholm/tv/2configs/xp-332.nix>
<stockholm/tv/2configs/xserver> <stockholm/tv/2configs/xserver>
<stockholm/tv/2configs/xserver/xkiller.nix>
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -156,10 +157,5 @@ with import <stockholm/lib>;
# The NixOS release to be compatible with for stateful data such as databases. # The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09"; system.stateVersion = "15.09";
tv.nixpkgs-overlays = {
krebs = "/home/tv/stockholm/krebs/5pkgs";
tv = "/home/tv/stockholm/tv/5pkgs";
};
virtualisation.virtualbox.host.enable = true; virtualisation.virtualbox.host.enable = true;
} }

View File

@ -60,7 +60,7 @@ with import <stockholm/lib>;
}; };
xu-pull-ni-ejabberd = { xu-pull-ni-ejabberd = {
method = "pull"; method = "pull";
src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; }; dst = { host = config.krebs.hosts.xu; path = "/bku/ni-ejabberd"; };
startAt = "07:00"; startAt = "07:00";
}; };
@ -78,7 +78,7 @@ with import <stockholm/lib>;
}; };
zu-pull-ni-ejabberd = { zu-pull-ni-ejabberd = {
method = "pull"; method = "pull";
src = { host = config.krebs.hosts.ni; path = "/var/ejabberd"; }; src = { host = config.krebs.hosts.ni; path = "/var/lib/ejabberd"; };
dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; }; dst = { host = config.krebs.hosts.zu; path = "/bku/ni-ejabberd"; };
startAt = "06:00"; startAt = "06:00";
}; };

View File

@ -92,7 +92,6 @@ with import <stockholm/lib>;
environment.variables = { environment.variables = {
NIX_PATH = mkForce (concatStringsSep ":" [ NIX_PATH = mkForce (concatStringsSep ":" [
"secrets=/var/src/stockholm/null" "secrets=/var/src/stockholm/null"
"nixpkgs-overlays=${config.tv.nixpkgs-overlays}"
"/var/src" "/var/src"
]); ]);
}; };

View File

@ -67,10 +67,12 @@ let {
cgit.desc = "source code installer"; cgit.desc = "source code installer";
}; };
q = {}; q = {};
reaktor2 = {};
regfish = {}; regfish = {};
stockholm = { stockholm = {
cgit.desc = "NixOS configuration"; cgit.desc = "NixOS configuration";
}; };
with-ssh = {};
} // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) { } // mapAttrs (_: recursiveUpdate { cgit.section = "2. Host configurations"; }) {
ni = { ni = {
}; };
@ -102,6 +104,7 @@ let {
nixos-infest = {}; nixos-infest = {};
painload = {}; painload = {};
push = {}; push = {};
Reaktor = {};
with-tmpdir = {}; with-tmpdir = {};
get = {}; get = {};
load-env = {}; load-env = {};

View File

@ -22,7 +22,7 @@ with import <stockholm/lib>;
highlight_megabytes=1 highlight_megabytes=1
highlight_threads=1 highlight_threads=1
tree_view=1 tree_view=1
header_margin=1 header_margin=0
detailed_cpu_time=0 detailed_cpu_time=0
cpu_count_from_zero=0 cpu_count_from_zero=0
update_process_names=0 update_process_names=0

View File

@ -17,6 +17,7 @@ pkgs.writeText "Xmodmap" ''
keycode 39 = s S ssharp keycode 39 = s S ssharp
keycode 33 = p P Greek_pi Greek_PI keycode 33 = p P Greek_pi Greek_PI
keycode 40 = d D Greek_delta Greek_DELTA
keycode 46 = l L Greek_lambda Greek_LAMBDA keycode 46 = l L Greek_lambda Greek_LAMBDA
keycode 54 = c C cacute Cacute keycode 54 = c C cacute Cacute

View File

@ -0,0 +1,14 @@
{ pkgs, ... }: {
services.acpid.enable = true;
services.acpid.handlers.xkiller = {
action = /* sh */ ''
event=($1)
if test "''${event[2]}" = 00000080; then
${pkgs.systemd}/bin/systemd-cat -t xkiller ${pkgs.xkiller}
fi
'';
event = "button/prog1";
};
}

View File

@ -5,7 +5,6 @@
./ejabberd ./ejabberd
./hosts.nix ./hosts.nix
./iptables.nix ./iptables.nix
./nixpkgs-overlays.nix
./slock.nix ./slock.nix
./x0vncserver.nix ./x0vncserver.nix
]; ];

View File

@ -67,7 +67,7 @@ in {
type = types.user; type = types.user;
default = { default = {
name = "ejabberd"; name = "ejabberd";
home = "/var/ejabberd"; home = "/var/lib/ejabberd";
}; };
}; };
}; };

View File

@ -1,23 +0,0 @@
with import <stockholm/lib>;
{ config, pkgs, ... }: {
options.tv.nixpkgs-overlays = mkOption {
apply = src:
pkgs.runCommand "nixpkgs-overlays" {} ''
mkdir $out
${concatStringsSep "\n" (mapAttrsToList (name: path:
"ln -s ${shell.escape path} $out/${shell.escape name}"
) src)}
'' // {
inherit src;
};
type = types.attrsOf types.absolute-pathname;
};
config = {
tv.nixpkgs-overlays = {
krebs = mkDefault "/var/src/stockholm/krebs/5pkgs";
tv = mkDefault "/var/src/stockholm/tv/5pkgs";
};
};
}

View File

@ -5,10 +5,12 @@ in {
options.tv.slock = { options.tv.slock = {
enable = mkEnableOption "tv.slock"; enable = mkEnableOption "tv.slock";
package = mkOption { package = mkOption {
default = pkgs.execBin "slock" rec { default = pkgs.writeDashBin "slock" ''
filename = "${pkgs.systemd}/bin/systemctl"; set -efu
argv = [ filename "start" "slock-${cfg.user.name}.service" ]; display=''${DISPLAY#:}
}; service=slock-$LOGNAME@$display.service
exec ${pkgs.systemd}/bin/systemctl start "$service"
'';
type = types.package; type = types.package;
}; };
user = mkOption { user = mkOption {
@ -18,16 +20,16 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
security.polkit.extraConfig = /* js */ '' security.polkit.extraConfig = /* js */ ''
polkit.addRule(function(action, subject) { polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units" && if (action.id === "org.freedesktop.systemd1.manage-units" &&
action.lookup("unit") == "slock-${cfg.user.name}.service" && subject.user === ${toJSON cfg.user.name} &&
subject.user == ${toJSON cfg.user.name}) { /^slock-${cfg.user.name}@[0-9]+\.service$/.test(action.lookup("unit")) ) {
return polkit.Result.YES; return polkit.Result.YES;
} }
}); });
''; '';
systemd.services."slock-${cfg.user.name}" = { systemd.services."slock-${cfg.user.name}@" = {
environment = { environment = {
DISPLAY = ":${toString config.services.xserver.display}"; DISPLAY = ":%I";
LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" { LD_PRELOAD = pkgs.runCommandCC "slock-${cfg.user.name}.so" {
passAsFile = ["text"]; passAsFile = ["text"];
text = /* c */ '' text = /* c */ ''

View File

@ -24,6 +24,12 @@ foldl' mergeAttrs {}
"$@" "$@"
''; '';
dhcpcd = overrideDerivation super.dhcpcd (old: {
configureFlags = old.configureFlags ++ [
"--dbdir=/var/lib/dhcpcd"
];
});
gitAndTools = super.gitAndTools // { gitAndTools = super.gitAndTools // {
inherit (self) diff-so-fancy; inherit (self) diff-so-fancy;
}; };

View File

@ -0,0 +1,25 @@
{ pkgs }:
pkgs.writeDash "xkiller" ''
set -efu
exec >&2
${pkgs.iproute}/bin/ss -lp src unix:/tmp/.X11-unix/X* |
${pkgs.gnused}/bin/sed -n '
s|.*/tmp/.X11-unix/X\([0-9]\+\)\>.*("X[^"]*",pid=\([0-9]\+\)\>.*|\1 \2|p
' |
while read -r display pid; do
{
exit_code=$(
DISPLAY=:$display ${pkgs.coreutils}/bin/timeout 1 \
${pkgs.xorg.xset}/bin/xset q >/dev/null 2>&1 &&
echo 0 || echo $?
)
if test $exit_code = 124; then
echo "X on display :$display is locked up; killing PID $pid..."
${pkgs.coreutils}/bin/kill -SIGKILL "$pid"
else
echo "X on display :$display is healthy"
fi
} &
done
wait
''