Merge remote-tracking branch 'uriel/master'
This commit is contained in:
commit
e5ecd75ac2
@ -1,4 +1,5 @@
|
||||
Subnet = 10.243.211.172
|
||||
Subnet = 10.243.211.172 53
|
||||
Subnet = 42:472a:3d01:bbe4:4425:567e:592b:065d
|
||||
|
||||
-----BEGIN RSA PUBLIC KEY-----
|
||||
|
@ -1,4 +1,5 @@
|
||||
Address= 195.154.108.70
|
||||
Address= 195.154.108.70 53
|
||||
Subnet = 10.243.0.211
|
||||
Subnet = 42:f9f0:0000:0000:0000:0000:0000:70d2
|
||||
Aliases = paste
|
||||
|
@ -272,6 +272,7 @@ let
|
||||
'';
|
||||
};
|
||||
};
|
||||
secure = true;
|
||||
};
|
||||
mors = {
|
||||
cores = 2;
|
||||
@ -307,7 +308,7 @@ let
|
||||
};
|
||||
uriel = {
|
||||
pubkey = readFile ../../Zpubkeys/uriel.ssh.pub;
|
||||
mail = "uriel@mors.retiolum";
|
||||
mail = "lass@uriel.retiolum";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -78,7 +78,7 @@ let
|
||||
HOME = cfg.dataDir;
|
||||
LC_ALL = "en_US.UTF-8";
|
||||
LOCALE_ARCHIVE = "${pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
SSL_CERT_FILE = "${pkgs.cacert}/etc/ca-bundle.crt";
|
||||
};
|
||||
serviceConfig = {
|
||||
User = user.name;
|
||||
@ -100,7 +100,6 @@ let
|
||||
ExecStart = pkgs.writeScript "urlwatch" ''
|
||||
#! /bin/sh
|
||||
set -euf
|
||||
|
||||
from=${escapeShellArg cfg.from}
|
||||
mailto=${escapeShellArg cfg.mailto}
|
||||
urlsFile=${escapeShellArg urlsFile}
|
||||
|
@ -16,6 +16,7 @@ rec {
|
||||
hashPassword = callPackage ./hashPassword.nix {};
|
||||
nq = callPackage ./nq.nix {};
|
||||
posix-array = callPackage ./posix-array.nix {};
|
||||
youtube-tools = callPackage ./youtube-tools.nix {};
|
||||
|
||||
execve = name: { filename, argv, envp }:
|
||||
writeC name {} ''
|
||||
|
21
krebs/5pkgs/youtube-tools.nix
Normal file
21
krebs/5pkgs/youtube-tools.nix
Normal file
@ -0,0 +1,21 @@
|
||||
{ stdenv, fetchgit, ... }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "youtube-tools";
|
||||
|
||||
src = fetchgit {
|
||||
url = https://github.com/Lassulus/the_playlist;
|
||||
rev = "9218b163f2d8bc965b853ed9fc9e13d15a703456";
|
||||
sha256 = "ae5db4be652d015a518e57e4ed2de34b9127e77d9272af3049832bb134e96e4d";
|
||||
};
|
||||
|
||||
phases = [
|
||||
"unpackPhase"
|
||||
"installPhase"
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cp bin/* $out/bin/
|
||||
'';
|
||||
}
|
@ -28,10 +28,6 @@
|
||||
target = "root@cloudkrebs";
|
||||
host = config.krebs.hosts.cloudkrebs;
|
||||
deps = {
|
||||
nixpkgs = {
|
||||
url = https://github.com/Lassulus/nixpkgs;
|
||||
rev = "1879a011925c561f0a7fd4043da0768bbff41d0b";
|
||||
};
|
||||
secrets = {
|
||||
url = "/home/lass/secrets/${config.krebs.build.host.name}";
|
||||
};
|
||||
|
@ -15,12 +15,13 @@
|
||||
../2configs/wine.nix
|
||||
../2configs/texlive.nix
|
||||
../2configs/binary-caches.nix
|
||||
../2configs/ircd.nix
|
||||
#../2configs/ircd.nix
|
||||
../2configs/chromium-patched.nix
|
||||
../2configs/new-repos.nix
|
||||
#../../2configs/tv/synaptics.nix
|
||||
../2configs/retiolum.nix
|
||||
../2configs/wordpress.nix
|
||||
../2configs/bitlbee.nix
|
||||
];
|
||||
|
||||
krebs.build = {
|
||||
@ -28,10 +29,6 @@
|
||||
target = "root@mors";
|
||||
host = config.krebs.hosts.mors;
|
||||
deps = {
|
||||
nixpkgs = {
|
||||
url = https://github.com/Lassulus/nixpkgs;
|
||||
rev = "961fd7b7a0f88dde7dac2f7a4c05ee4e1a25381d";
|
||||
};
|
||||
secrets = {
|
||||
url = "/home/lass/secrets/${config.krebs.build.host.name}";
|
||||
};
|
||||
@ -128,7 +125,7 @@
|
||||
#VM writeback timeout
|
||||
echo '1500' > '/proc/sys/vm/dirty_writeback_centisecs'
|
||||
#Autosuspend for USB device Broadcom Bluetooth Device [Broadcom Corp]
|
||||
echo 'auto' > '/sys/bus/usb/devices/1-1.4/power/control'
|
||||
#echo 'auto' > '/sys/bus/usb/devices/1-1.4/power/control'
|
||||
#Autosuspend for USB device Biometric Coprocessor
|
||||
echo 'auto' > '/sys/bus/usb/devices/1-1.3/power/control'
|
||||
|
||||
|
@ -28,10 +28,6 @@ with builtins;
|
||||
target = "root@uriel";
|
||||
host = config.krebs.hosts.uriel;
|
||||
deps = {
|
||||
nixpkgs = {
|
||||
url = https://github.com/Lassulus/nixpkgs;
|
||||
rev = "961fcbabd7643171ea74bd550fee1ce5c13c2e90";
|
||||
};
|
||||
secrets = {
|
||||
url = "/home/lass/secrets/${config.krebs.build.host.name}";
|
||||
};
|
||||
|
@ -39,12 +39,20 @@ with lib;
|
||||
krebs = {
|
||||
enable = true;
|
||||
search-domain = "retiolum";
|
||||
exim-retiolum.enable = true;
|
||||
build.deps.nixpkgs = {
|
||||
url = https://github.com/Lassulus/nixpkgs;
|
||||
rev = "58a82ff50b8605b88a8f66481d8c85bf8ab53be3";
|
||||
};
|
||||
};
|
||||
|
||||
nix.useChroot = true;
|
||||
|
||||
users.mutableUsers = false;
|
||||
|
||||
#why is this on in the first place?
|
||||
services.ntp.enable = false;
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
# see tmpfiles.d(5)
|
||||
systemd.tmpfiles.rules = [
|
||||
@ -134,6 +142,7 @@ with lib;
|
||||
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
||||
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
||||
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
||||
{ predicate = "-i retiolum"; target = "REJECT"; precedence = -10000; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
15
lass/2configs/bitlbee.nix
Normal file
15
lass/2configs/bitlbee.nix
Normal file
@ -0,0 +1,15 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
lpkgs = import ../5pkgs { inherit pkgs; };
|
||||
in {
|
||||
|
||||
imports = [
|
||||
../3modules/bitlbee.nix
|
||||
];
|
||||
|
||||
config.lass.bitlbee = {
|
||||
enable = true;
|
||||
bitlbeePkg = lpkgs.bitlbee;
|
||||
};
|
||||
}
|
@ -1,67 +1,50 @@
|
||||
{ config, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (import ../4lib { inherit pkgs lib; }) simpleScript;
|
||||
|
||||
mainUser = config.users.extraUsers.mainUser;
|
||||
createBrowserUser = name: extraGroups: packages:
|
||||
{
|
||||
users.extraUsers = {
|
||||
${name} = {
|
||||
inherit name;
|
||||
inherit extraGroups;
|
||||
home = "/home/${name}";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
lass.per-user.${name}.packages = packages;
|
||||
security.sudo.extraConfig = ''
|
||||
${mainUser.name} ALL=(${name}) NOPASSWD: ALL
|
||||
'';
|
||||
environment.systemPackages = [
|
||||
(simpleScript name ''
|
||||
sudo -u ${name} -i chromium $@
|
||||
'')
|
||||
];
|
||||
};
|
||||
|
||||
in {
|
||||
|
||||
imports = [
|
||||
../3modules/per-user.nix
|
||||
] ++ [
|
||||
( createBrowserUser "ff" [ "audio" ] [ pkgs.firefox ] )
|
||||
( createBrowserUser "cr" [ "audio" ] [ pkgs.chromium ] )
|
||||
( createBrowserUser "fb" [ ] [ pkgs.chromium ] )
|
||||
( createBrowserUser "gm" [ ] [ pkgs.chromium ] )
|
||||
( createBrowserUser "flash" [ ] [ pkgs.flash ] )
|
||||
];
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs : {
|
||||
flash = pkgs.chromium.override {
|
||||
pulseSupport = true;
|
||||
enablePepperFlash = true;
|
||||
};
|
||||
chromium = pkgs.chromium.override {
|
||||
pulseSupport = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
firefox
|
||||
];
|
||||
|
||||
users.extraUsers = {
|
||||
firefox = {
|
||||
name = "firefox";
|
||||
description = "user for running firefox";
|
||||
home = "/home/firefox";
|
||||
useDefaultShell = true;
|
||||
extraGroups = [ "audio" ];
|
||||
createHome = true;
|
||||
};
|
||||
chromium = {
|
||||
name = "chromium";
|
||||
description = "user for running chromium";
|
||||
home = "/home/chromium";
|
||||
useDefaultShell = true;
|
||||
extraGroups = [ "audio" ];
|
||||
createHome = true;
|
||||
};
|
||||
facebook = {
|
||||
name = "facebook";
|
||||
description = "user for running facebook in chromium";
|
||||
home = "/home/facebook";
|
||||
useDefaultShell = true;
|
||||
extraGroups = [ "audio" ];
|
||||
createHome = true;
|
||||
};
|
||||
google = {
|
||||
name = "google";
|
||||
description = "user for running google+/gmail in chromium";
|
||||
home = "/home/google";
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
};
|
||||
flash = {
|
||||
name = "flash";
|
||||
description = "user for running flash stuff";
|
||||
home = "/home/flash";
|
||||
useDefaultShell = true;
|
||||
extraGroups = [ "audio" ];
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
|
||||
security.sudo.extraConfig = ''
|
||||
${mainUser.name} ALL=(firefox) NOPASSWD: ALL
|
||||
${mainUser.name} ALL=(chromium) NOPASSWD: ALL
|
||||
${mainUser.name} ALL=(facebook) NOPASSWD: ALL
|
||||
${mainUser.name} ALL=(google) NOPASSWD: ALL
|
||||
${mainUser.name} ALL=(flash) NOPASSWD: ALL
|
||||
'';
|
||||
}
|
||||
|
@ -1,6 +1,7 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with import ../../tv/4lib { inherit lib pkgs; };
|
||||
|
||||
let
|
||||
|
||||
out = {
|
||||
@ -8,14 +9,14 @@ let
|
||||
enable = true;
|
||||
root-title = "public repositories at ${config.krebs.build.host.name}";
|
||||
root-desc = "keep calm and engage";
|
||||
inherit repos rules;
|
||||
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos;
|
||||
rules = rules;
|
||||
};
|
||||
};
|
||||
|
||||
repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) (
|
||||
repos =
|
||||
public-repos //
|
||||
optionalAttrs config.krebs.build.host.secure restricted-repos
|
||||
);
|
||||
optionalAttrs config.krebs.build.host.secure restricted-repos;
|
||||
|
||||
rules = concatMap make-rules (attrValues repos);
|
||||
|
||||
@ -50,8 +51,8 @@ let
|
||||
};
|
||||
};
|
||||
|
||||
make-restricted-repo = name: { desc ? null, ... }: {
|
||||
inherit name desc;
|
||||
make-restricted-repo = name: { collaborators ? [], desc ? null, ... }: {
|
||||
inherit name collaborators desc;
|
||||
public = false;
|
||||
};
|
||||
|
||||
|
@ -22,6 +22,8 @@
|
||||
"fastpoke"
|
||||
"cloudkrebs"
|
||||
"pigstarter"
|
||||
"gum"
|
||||
"flap"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -2,6 +2,6 @@
|
||||
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
(pkgs.texLiveAggregationFun { paths = [ pkgs.texLive pkgs.texLiveFull ]; })
|
||||
texLive
|
||||
];
|
||||
}
|
||||
|
@ -4,7 +4,7 @@ let
|
||||
mainUser = config.users.extraUsers.mainUser;
|
||||
|
||||
in {
|
||||
services.virtualboxHost.enable = true;
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
|
||||
users.extraUsers = {
|
||||
virtual = {
|
||||
|
153
lass/3modules/bitlbee.nix
Normal file
153
lass/3modules/bitlbee.nix
Normal file
@ -0,0 +1,153 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
|
||||
let
|
||||
|
||||
inherit (lib)
|
||||
mkIf
|
||||
mkOption
|
||||
types
|
||||
singleton
|
||||
;
|
||||
|
||||
authModeCheck = v:
|
||||
v == "Open" ||
|
||||
v == "Closed" ||
|
||||
v == "Registered"
|
||||
;
|
||||
|
||||
bitlbeeConfig = pkgs.writeText "bitlbee.conf" ''
|
||||
[settings]
|
||||
RunMode = Daemon
|
||||
User = bitlbee
|
||||
ConfigDir = ${cfg.configDir}
|
||||
DaemonInterface = ${cfg.interface}
|
||||
DaemonPort = ${toString cfg.portNumber}
|
||||
AuthMode = ${cfg.authMode}
|
||||
${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
|
||||
${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
|
||||
${cfg.extraSettings}
|
||||
|
||||
[defaults]
|
||||
${cfg.extraDefaults}
|
||||
'';
|
||||
|
||||
cfg = config.lass.bitlbee;
|
||||
|
||||
out = {
|
||||
options.lass.bitlbee = api;
|
||||
config = mkIf cfg.enable imp;
|
||||
};
|
||||
|
||||
api = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to run the BitlBee IRC to other chat network gateway.
|
||||
Running it allows you to access the MSN, Jabber, Yahoo! and ICQ chat
|
||||
networks via an IRC client.
|
||||
'';
|
||||
};
|
||||
|
||||
interface = mkOption {
|
||||
default = "127.0.0.1";
|
||||
description = ''
|
||||
The interface the BitlBee deamon will be listening to. If `127.0.0.1',
|
||||
only clients on the local host can connect to it; if `0.0.0.0', clients
|
||||
can access it from any network interface.
|
||||
'';
|
||||
};
|
||||
|
||||
portNumber = mkOption {
|
||||
default = 6667;
|
||||
description = ''
|
||||
Number of the port BitlBee will be listening to.
|
||||
'';
|
||||
};
|
||||
|
||||
authMode = mkOption {
|
||||
default = "Open";
|
||||
type = types.addCheck types.str authModeCheck;
|
||||
description = ''
|
||||
The following authentication modes are available:
|
||||
Open -- Accept connections from anyone, use NickServ for user authentication.
|
||||
Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all.
|
||||
Registered -- Only allow registered users to use this server; this disables the register- and the account command until the user identifies himself.
|
||||
'';
|
||||
};
|
||||
|
||||
hostName = mkOption {
|
||||
default = "";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Normally, BitlBee gets a hostname using getsockname(). If you have a nicer
|
||||
alias for your BitlBee daemon, you can set it here and BitlBee will identify
|
||||
itself with that name instead.
|
||||
'';
|
||||
};
|
||||
|
||||
configDir = mkOption {
|
||||
default = "/var/lib/bitlbee";
|
||||
type = types.path;
|
||||
description = ''
|
||||
Specify an alternative directory to store all the per-user configuration
|
||||
files.
|
||||
'';
|
||||
};
|
||||
|
||||
protocols = mkOption {
|
||||
default = "";
|
||||
type = types.str;
|
||||
description = ''
|
||||
This option allows to remove the support of protocol, even if compiled
|
||||
in. If nothing is given, there are no restrictions.
|
||||
'';
|
||||
};
|
||||
|
||||
extraSettings = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
Will be inserted in the Settings section of the config file.
|
||||
'';
|
||||
};
|
||||
|
||||
extraDefaults = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
Will be inserted in the Default section of the config file.
|
||||
'';
|
||||
};
|
||||
|
||||
bitlbeePkg = mkOption {
|
||||
default = pkgs.bitlbee;
|
||||
description = ''
|
||||
the bitlbee pkg to use.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
imp = {
|
||||
users.extraUsers = singleton {
|
||||
name = "bitlbee";
|
||||
uid = config.ids.uids.bitlbee;
|
||||
description = "BitlBee user";
|
||||
home = "/var/lib/bitlbee";
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton {
|
||||
name = "bitlbee";
|
||||
gid = config.ids.gids.bitlbee;
|
||||
};
|
||||
|
||||
systemd.services.bitlbee = {
|
||||
description = "BitlBee IRC to other chat networks gateway";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.User = "bitlbee";
|
||||
serviceConfig.ExecStart = "${cfg.bitlbeePkg}/sbin/bitlbee -F -n -c ${bitlbeeConfig}";
|
||||
};
|
||||
};
|
||||
|
||||
in
|
||||
out
|
54
lass/3modules/per-user.nix
Normal file
54
lass/3modules/per-user.nix
Normal file
@ -0,0 +1,54 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with builtins;
|
||||
with lib;
|
||||
let
|
||||
cfg = config.lass.per-user;
|
||||
|
||||
out = {
|
||||
options.lass.per-user = api;
|
||||
config = imp;
|
||||
};
|
||||
|
||||
api = mkOption {
|
||||
type = with types; attrsOf (submodule {
|
||||
options = {
|
||||
packages = mkOption {
|
||||
type = listOf path;
|
||||
default = [];
|
||||
};
|
||||
};
|
||||
});
|
||||
default = {};
|
||||
};
|
||||
|
||||
imp = {
|
||||
#
|
||||
# TODO only shellInit and use well-known paths
|
||||
#
|
||||
environment.shellInit = ''
|
||||
if test -e ${user-profiles}/"$LOGNAME"; then
|
||||
. ${user-profiles}/"$LOGNAME"
|
||||
fi
|
||||
'';
|
||||
environment.interactiveShellInit = ''
|
||||
if test -e ${user-profiles}/"$LOGNAME"; then
|
||||
. ${user-profiles}/"$LOGNAME"
|
||||
fi
|
||||
'';
|
||||
environment.profileRelativeEnvVars.PATH = mkForce [ "/bin" ];
|
||||
};
|
||||
|
||||
user-profiles = pkgs.runCommand "user-profiles" {} ''
|
||||
mkdir $out
|
||||
${concatStrings (mapAttrsToList (logname: { packages, ... }: ''
|
||||
cat > $out/${logname} <<\EOF
|
||||
${optionalString (length packages > 0) (
|
||||
let path = makeSearchPath "bin" packages; in
|
||||
''export PATH="$PATH":${escapeShellArg path}''
|
||||
)}
|
||||
EOF
|
||||
'') cfg)}
|
||||
'';
|
||||
|
||||
in out
|
20
lass/4lib/default.nix
Normal file
20
lass/4lib/default.nix
Normal file
@ -0,0 +1,20 @@
|
||||
{ lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
krebs = import ../../krebs/4lib { inherit lib; };
|
||||
in
|
||||
|
||||
with krebs;
|
||||
|
||||
krebs // rec {
|
||||
|
||||
simpleScript = name: content:
|
||||
pkgs.stdenv.mkDerivation {
|
||||
inherit name;
|
||||
phases = [ "installPhase" ];
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
ln -s ${pkgs.writeScript name content} $out/bin/${name}
|
||||
'';
|
||||
};
|
||||
}
|
20
lass/5pkgs/bitlbee-dev.nix
Normal file
20
lass/5pkgs/bitlbee-dev.nix
Normal file
@ -0,0 +1,20 @@
|
||||
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "bitlbee-3.4.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://bitlbee/src/${name}.tar.gz";
|
||||
sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh";
|
||||
};
|
||||
|
||||
buildInputs = [ gnutls glib pkgconfig libotr python ];
|
||||
|
||||
buildPhase = "";
|
||||
|
||||
installPhase = ''
|
||||
make install-dev
|
||||
'';
|
||||
|
||||
}
|
||||
|
31
lass/5pkgs/bitlbee-steam.nix
Normal file
31
lass/5pkgs/bitlbee-steam.nix
Normal file
@ -0,0 +1,31 @@
|
||||
{ stdenv, fetchgit, autoconf, automake, bitlbee-dev, glib, libgcrypt, libtool, pkgconfig }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "bitlbee-steam-1.3.1";
|
||||
|
||||
src = fetchgit {
|
||||
url = "https://github.com/jgeboski/bitlbee-steam";
|
||||
rev = "439d777c7e8d06712ffc15c3e51d61799f4c0d0c";
|
||||
sha256 = "493924da1083a3b23073c595a9e1989a7ae09a196524ad66ca99c4d8ccc20d2a";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
autoconf
|
||||
automake
|
||||
bitlbee-dev
|
||||
glib
|
||||
libgcrypt
|
||||
libtool
|
||||
pkgconfig
|
||||
];
|
||||
|
||||
configurePhase = ''
|
||||
./autogen.sh
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp steam/.libs/steam.la $out/
|
||||
cp steam/.libs/steam.so $out/
|
||||
'';
|
||||
}
|
71
lass/5pkgs/bitlbee.nix
Normal file
71
lass/5pkgs/bitlbee.nix
Normal file
@ -0,0 +1,71 @@
|
||||
{ fetchurl, stdenv, gnutls, glib, pkgconfig, check, libotr, python
|
||||
, bitlbee-facebook ? null
|
||||
, bitlbee-steam ? null
|
||||
}:
|
||||
|
||||
with stdenv.lib;
|
||||
stdenv.mkDerivation rec {
|
||||
name = "bitlbee-3.4.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://bitlbee/src/${name}.tar.gz";
|
||||
sha256 = "1qf0ypa9ba5jvsnpg9slmaran16hcc5fnfzbb1sdch1hjhchn2jh";
|
||||
};
|
||||
|
||||
|
||||
buildInputs = [ gnutls glib pkgconfig libotr python ]
|
||||
++ optional doCheck check;
|
||||
|
||||
configureFlags = [
|
||||
"--gcov=1"
|
||||
"--otr=1"
|
||||
"--ssl=gnutls"
|
||||
];
|
||||
|
||||
postBuild = ''
|
||||
${if (bitlbee-steam != null) then
|
||||
''
|
||||
mkdir -p $out/lib/bitlbee/
|
||||
find ${bitlbee-steam}
|
||||
cp ${bitlbee-steam}/* $out/lib/bitlbee/
|
||||
''
|
||||
else
|
||||
""
|
||||
}
|
||||
'';
|
||||
#${concatMapStringsSep "\n" ([] ++
|
||||
# (if (bitlbee-facebook != null) then
|
||||
# "cp ${bitlbee-faceook}/* $out/"
|
||||
# else
|
||||
# ""
|
||||
# ) ++
|
||||
# (if (bitlbee-steam != null) then
|
||||
# "cp ${bitlbee-steam}/* $out/"
|
||||
# else
|
||||
# ""
|
||||
# )
|
||||
#)}
|
||||
|
||||
doCheck = true;
|
||||
|
||||
meta = {
|
||||
description = "IRC instant messaging gateway";
|
||||
|
||||
longDescription = ''
|
||||
BitlBee brings IM (instant messaging) to IRC clients. It's a
|
||||
great solution for people who have an IRC client running all the
|
||||
time and don't want to run an additional MSN/AIM/whatever
|
||||
client.
|
||||
|
||||
BitlBee currently supports the following IM networks/protocols:
|
||||
XMPP/Jabber (including Google Talk), MSN Messenger, Yahoo!
|
||||
Messenger, AIM and ICQ.
|
||||
'';
|
||||
|
||||
homepage = http://www.bitlbee.org/;
|
||||
license = licenses.gpl2Plus;
|
||||
|
||||
maintainers = with maintainers; [ wkennington pSub ];
|
||||
platforms = platforms.gnu; # arbitrary choice
|
||||
};
|
||||
}
|
13
lass/5pkgs/default.nix
Normal file
13
lass/5pkgs/default.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (pkgs) callPackage;
|
||||
kpkgs = import ../../krebs/5pkgs { inherit pkgs; };
|
||||
in
|
||||
|
||||
kpkgs //
|
||||
rec {
|
||||
bitlbee-dev = callPackage ./bitlbee-dev.nix {};
|
||||
bitlbee-steam = callPackage ./bitlbee-steam.nix { inherit bitlbee-dev; };
|
||||
bitlbee = callPackage ./bitlbee.nix { inherit bitlbee-steam; };
|
||||
}
|
@ -10,9 +10,12 @@
|
||||
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
||||
../2configs/base.nix
|
||||
../2configs/cgit-retiolum.nix
|
||||
../2configs/graphite-standalone.nix
|
||||
# ../2configs/graphite-standalone.nix
|
||||
../2configs/vm-single-partition.nix
|
||||
../2configs/tinc-basic-retiolum.nix
|
||||
|
||||
../2configs/exim-retiolum.nix
|
||||
../2configs/urlwatch.nix
|
||||
];
|
||||
krebs.build.host = config.krebs.hosts.pnp;
|
||||
krebs.build.user = config.krebs.users.makefu;
|
||||
@ -27,10 +30,14 @@
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
# nginx runs on 80
|
||||
80
|
||||
# graphite-web runs on 8080, carbon cache runs on 2003 tcp and udp
|
||||
80
|
||||
8080 2003
|
||||
# 8080 2003
|
||||
|
||||
# smtp
|
||||
25
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [ 2003 ];
|
||||
|
||||
# networking.firewall.allowedUDPPorts = [ 2003 ];
|
||||
|
||||
}
|
||||
|
46
makefu/1systems/pornocauster.nix
Normal file
46
makefu/1systems/pornocauster.nix
Normal file
@ -0,0 +1,46 @@
|
||||
#
|
||||
#
|
||||
#
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
../2configs/base.nix
|
||||
../2configs/main-laptop.nix #< base-gui
|
||||
|
||||
# Krebs
|
||||
../2configs/tinc-basic-retiolum.nix
|
||||
#../2configs/disable_v6.nix
|
||||
|
||||
#../2configs/sda-crypto-root.nix
|
||||
../2configs/sda-crypto-root-home.nix
|
||||
|
||||
../2configs/zsh-user.nix
|
||||
|
||||
# applications
|
||||
../2configs/exim-retiolum.nix
|
||||
../2configs/virtualization.nix
|
||||
../2configs/wwan.nix
|
||||
|
||||
# hardware specifics are in here
|
||||
../2configs/tp-x220.nix
|
||||
];
|
||||
|
||||
krebs.build.host = config.krebs.hosts.pornocauster;
|
||||
krebs.build.user = config.krebs.users.makefu;
|
||||
krebs.build.target = "root@pornocauster";
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
25
|
||||
];
|
||||
|
||||
krebs.build.deps = {
|
||||
nixpkgs = {
|
||||
#url = https://github.com/NixOS/nixpkgs;
|
||||
# rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
|
||||
url = https://github.com/makefu/nixpkgs;
|
||||
rev = "f5fe787f778b872c6b2221598501c9310cb83915";
|
||||
};
|
||||
};
|
||||
}
|
@ -11,17 +11,20 @@
|
||||
../2configs/tinc-basic-retiolum.nix
|
||||
../2configs/sda-crypto-root.nix
|
||||
# hardware specifics are in here
|
||||
../2configs/tp-x200.nix
|
||||
../2configs/tp-x200.nix #< imports tp-x2x0.nix
|
||||
|
||||
../2configs/disable_v6.nix
|
||||
../2configs/rad1o.nix
|
||||
|
||||
../2configs/zsh-user.nix
|
||||
../2configs/exim-retiolum.nix
|
||||
];
|
||||
# not working in vm
|
||||
krebs.build.host = config.krebs.hosts.tsp;
|
||||
krebs.build.user = config.krebs.users.makefu;
|
||||
krebs.build.target = "root@tsp";
|
||||
|
||||
krebs.exim-retiolum.enable = true;
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
25
|
||||
];
|
||||
@ -31,8 +34,8 @@
|
||||
#url = https://github.com/NixOS/nixpkgs;
|
||||
# rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
|
||||
url = https://github.com/makefu/nixpkgs;
|
||||
rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
|
||||
#rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
|
||||
rev = "f5fe787f778b872c6b2221598501c9310cb83915";
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -1,11 +1,15 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
##
|
||||
# of course this name is a lie - it prepares a GUI environment close to my
|
||||
# current configuration.
|
||||
# of course this name is a lie
|
||||
# - it prepares a GUI environment close to my
|
||||
# current configuration,specifically:
|
||||
#
|
||||
# autologin with mainUser into awesome
|
||||
##
|
||||
# * autologin with mainUser into awesome
|
||||
# * audio
|
||||
# * terminus font
|
||||
#
|
||||
# if this is not enough, check out main-laptop.nix
|
||||
|
||||
with lib;
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
@ -28,14 +32,6 @@ in
|
||||
displayManager.auto.user = mainUser;
|
||||
desktopManager.xterm.enable = false;
|
||||
};
|
||||
services.redshift = {
|
||||
enable = true;
|
||||
latitude = "48.7";
|
||||
longitude = "9.1";
|
||||
};
|
||||
|
||||
## FONTS
|
||||
# TODO: somewhere else?
|
||||
|
||||
i18n.consoleFont = "Lat2-Terminus16";
|
||||
|
||||
@ -49,14 +45,12 @@ in
|
||||
environment.systemPackages = with pkgs;[
|
||||
xlockmore
|
||||
rxvt_unicode-with-plugins
|
||||
vlc
|
||||
firefox
|
||||
chromium
|
||||
];
|
||||
# TODO: use mainUser
|
||||
users.extraUsers.makefu.extraGroups = [ "audio" ];
|
||||
users.extraUsers.${mainUser}.extraGroups = [ "audio" ];
|
||||
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
# systemWide = true;
|
||||
enable = true;
|
||||
# systemWide = true;
|
||||
};
|
||||
}
|
||||
|
@ -8,7 +8,7 @@ let
|
||||
|
||||
krebs-repos = mapAttrs make-krebs-repo {
|
||||
stockholm = {
|
||||
desc = "take all the computers hostage, they'll love you!";
|
||||
desc = "Make all the systems into 1systems!";
|
||||
};
|
||||
};
|
||||
|
||||
|
11
makefu/2configs/exim-retiolum.nix
Normal file
11
makefu/2configs/exim-retiolum.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
krebs.exim-retiolum.enable = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
msmtp
|
||||
mutt-kz
|
||||
];
|
||||
|
||||
}
|
23
makefu/2configs/main-laptop.nix
Normal file
23
makefu/2configs/main-laptop.nix
Normal file
@ -0,0 +1,23 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# stuff for the main laptop
|
||||
# this is pretty much nice-to-have and does
|
||||
# not fit into base-gui
|
||||
|
||||
with lib;
|
||||
{
|
||||
imports = [ ./base-gui.nix ];
|
||||
environment.systemPackages = with pkgs;[
|
||||
vlc
|
||||
firefox
|
||||
chromium
|
||||
keepassx
|
||||
];
|
||||
|
||||
services.redshift = {
|
||||
enable = true;
|
||||
latitude = "48.7";
|
||||
longitude = "9.1";
|
||||
};
|
||||
|
||||
}
|
39
makefu/2configs/sda-crypto-root-home.nix
Normal file
39
makefu/2configs/sda-crypto-root-home.nix
Normal file
@ -0,0 +1,39 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# ssd #
|
||||
# sda: bootloader grub2
|
||||
# sda1: boot ext4 (label nixboot)
|
||||
# sda2: cryptoluks -> lvm:
|
||||
# / (main-root)
|
||||
# /home (main-home)
|
||||
|
||||
with lib;
|
||||
{
|
||||
boot = {
|
||||
loader.grub.enable =true;
|
||||
loader.grub.version =2;
|
||||
loader.grub.device = "/dev/sda";
|
||||
|
||||
initrd.luks.devices = [ { name = "main"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||
initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
|
||||
initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
|
||||
};
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/mapper/main-root";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
};
|
||||
# TODO: just import sda-crypto-root, add this device
|
||||
"/home" = {
|
||||
device = "/dev/mapper/main-home";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-label/nixboot";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
};
|
||||
};
|
||||
}
|
@ -2,36 +2,20 @@
|
||||
|
||||
with lib;
|
||||
{
|
||||
#services.xserver = {
|
||||
# videoDriver = "intel";
|
||||
#};
|
||||
|
||||
imports = [ ./tp-x2x0.nix ];
|
||||
|
||||
boot = {
|
||||
kernelModules = [ "tp_smapi" "msr" ];
|
||||
extraModulePackages = [ config.boot.kernelPackages.tp_smapi ];
|
||||
|
||||
};
|
||||
services.thinkfan.enable = true;
|
||||
|
||||
#networking.wireless.enable = true;
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
zramSwap.enable = true;
|
||||
zramSwap.numDevices = 2;
|
||||
|
||||
hardware.trackpoint.enable = true;
|
||||
hardware.trackpoint.sensitivity = 255;
|
||||
hardware.trackpoint.speed = 255;
|
||||
# only works on tp-x200 , not x220
|
||||
services.xserver.displayManager.sessionCommands = ''
|
||||
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 1
|
||||
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 2
|
||||
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 200
|
||||
'';
|
||||
|
||||
services.thinkfan.enable = true;
|
||||
services.tlp.enable = true;
|
||||
services.tlp.extraConfig = ''
|
||||
START_CHARGE_THRESH_BAT0=80
|
||||
'';
|
||||
}
|
||||
|
19
makefu/2configs/tp-x220.nix
Normal file
19
makefu/2configs/tp-x220.nix
Normal file
@ -0,0 +1,19 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
|
||||
imports = [ ./tp-x2x0.nix ];
|
||||
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
||||
services.xserver.vaapiDrivers = [pkgs.vaapiIntel pkgs.vaapiVdpau ];
|
||||
|
||||
services.xserver.displayManager.sessionCommands =''
|
||||
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation" 8 1
|
||||
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Button" 8 2
|
||||
xinput set-int-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Timeout" 8 200
|
||||
xinput set-prop "TPPS/2 IBM TrackPoint" "Evdev Wheel Emulation Axes" 6 7 4 5
|
||||
'';
|
||||
|
||||
}
|
22
makefu/2configs/tp-x2x0.nix
Normal file
22
makefu/2configs/tp-x2x0.nix
Normal file
@ -0,0 +1,22 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
# TODO: put this somewhere else
|
||||
networking.wireless.enable = true;
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
zramSwap.enable = true;
|
||||
zramSwap.numDevices = 2;
|
||||
|
||||
hardware.trackpoint.enable = true;
|
||||
hardware.trackpoint.sensitivity = 220;
|
||||
hardware.trackpoint.speed = 220;
|
||||
|
||||
services.tlp.enable = true;
|
||||
services.tlp.extraConfig = ''
|
||||
START_CHARGE_THRESH_BAT0=80
|
||||
'';
|
||||
}
|
17
makefu/2configs/urlwatch.nix
Normal file
17
makefu/2configs/urlwatch.nix
Normal file
@ -0,0 +1,17 @@
|
||||
{ config, ... }:
|
||||
|
||||
{
|
||||
krebs.urlwatch = {
|
||||
enable = true;
|
||||
mailto = config.krebs.users.makefu.mail;
|
||||
onCalendar = "*-*-* 05:00:00";
|
||||
urls = [
|
||||
## nixpkgs maintenance
|
||||
https://api.github.com/repos/ovh/python-ovh/tags
|
||||
https://api.github.com/repos/embray/d2to1/tags
|
||||
http://git.sysphere.org/vicious/log/?qt=grep&q=Next+release
|
||||
|
||||
];
|
||||
};
|
||||
}
|
||||
|
8
makefu/2configs/virtualization.nix
Normal file
8
makefu/2configs/virtualization.nix
Normal file
@ -0,0 +1,8 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
mainUser = config.krebs.build.user;
|
||||
in {
|
||||
virtualisation.libvirtd.enable = true;
|
||||
users.extraUsers.${mainUser.name}.extraGroups = [ "libvirtd" ];
|
||||
}
|
29
makefu/2configs/wwan.nix
Normal file
29
makefu/2configs/wwan.nix
Normal file
@ -0,0 +1,29 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
#usage: $ wvdial
|
||||
|
||||
let
|
||||
mainUser = config.krebs.build.user;
|
||||
in {
|
||||
environment.systemPackages = with pkgs;[
|
||||
wvdial
|
||||
];
|
||||
|
||||
# configure for NETZCLUB
|
||||
environment.wvdial.dialerDefaults = ''
|
||||
Phone = *99***1#
|
||||
Dial Command = ATDT
|
||||
Modem = /dev/ttyACM0
|
||||
Baud = 460800
|
||||
Init1 = AT+CGDCONT=1,"IP","pinternet.interkom.de","",0,0
|
||||
Init2 = ATZ
|
||||
Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
|
||||
ISDN = 0
|
||||
Modem Type = Analog Modem
|
||||
Username = netzclub
|
||||
Password = netzclub
|
||||
Stupid Mode = 1
|
||||
Idle Seconds = 0'';
|
||||
|
||||
users.extraUsers.${mainUser.name}.extraGroups = [ "dialout" ];
|
||||
}
|
10
makefu/2configs/zsh-user.nix
Normal file
10
makefu/2configs/zsh-user.nix
Normal file
@ -0,0 +1,10 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
##
|
||||
with lib;
|
||||
let
|
||||
mainUser = config.krebs.build.user.name;
|
||||
in
|
||||
{
|
||||
programs.zsh.enable = true;
|
||||
users.extraUsers.${mainUser}.shell = "/run/current-system/sw/bin/zsh";
|
||||
}
|
Loading…
Reference in New Issue
Block a user