diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 6ab8ede56..db0a7005f 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -19,7 +19,6 @@ with import ; ip4.addr = "10.243.133.99"; ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1233"; aliases = [ - "dishfire.retiolum" "dishfire.r" ]; tinc.pubkey = '' @@ -52,10 +51,8 @@ with import ; ip4.addr = "10.243.206.103"; ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f763"; aliases = [ - "echelon.retiolum" "echelon.r" - "cgit.echelon.retiolum" - "go.retiolum" + "cgit.echelon.r" "go.r" ]; tinc.pubkey = '' @@ -96,12 +93,11 @@ with import ; ip4.addr = "10.243.0.103"; ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab"; aliases = [ - "prism.retiolum" "prism.r" - "cgit.prism.retiolum" "cgit.prism.r" "cache.prism.r" - "paste.r" "paste.retiolum" + "paste.r" + "p.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -144,9 +140,8 @@ with import ; ip4.addr = "10.243.206.102"; ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f762"; aliases = [ - "cloudkrebs.retiolum" "cloudkrebs.r" - "cgit.cloudkrebs.retiolum" + "cgit.cloudkrebs.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -175,9 +170,8 @@ with import ; ip4.addr = "10.243.81.176"; ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"; aliases = [ - "uriel.retiolum" "uriel.r" - "cgit.uriel.retiolum" + "cgit.uriel.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -207,9 +201,7 @@ with import ; ip4.addr = "10.243.0.2"; ip6.addr = "42:0:0:0:0:0:0:dea7"; aliases = [ - "mors.retiolum" "mors.r" - "cgit.mors.retiolum" "cgit.mors.r" ]; tinc.pubkey = '' @@ -235,9 +227,8 @@ with import ; ip4.addr = "10.243.0.3"; ip6.addr = "42:0:0:0:0:0:0:7105"; aliases = [ - "helios.retiolum" "helios.r" - "cgit.helios.retiolum" + "cgit.helios.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -262,9 +253,8 @@ with import ; ip4.addr = "10.243.0.4"; ip6.addr = "42:0:0:0:0:0:0:50d4"; aliases = [ - "shodan.retiolum" "shodan.r" - "cgit.shodan.retiolum" + "cgit.shodan.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -289,9 +279,7 @@ with import ; ip4.addr = "10.243.133.114"; ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1214"; aliases = [ - "icarus.retiolum" "icarus.r" - "cgit.icarus.retiolum" "cgit.icarus.r" ]; tinc.pubkey = '' @@ -316,25 +304,25 @@ with import ; }; users = { lass = { - mail = "lass@mors.retiolum"; + mail = "lass@mors.r"; pubkey = builtins.readFile ./ssh/mors.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/mors.pgp; }; lass-uriel = { - mail = "lass@uriel.retiolum"; + mail = "lass@uriel.r"; pubkey = builtins.readFile ./ssh/uriel.rsa; }; lass-helios = { - mail = "lass@helios.retiolum"; + mail = "lass@helios.r"; pubkey = builtins.readFile ./ssh/helios.rsa; }; lass-shodan = { - mail = "lass@shodan.retiolum"; + mail = "lass@shodan.r"; pubkey = builtins.readFile ./ssh/shodan.rsa; pgp.pubkeys.default = builtins.readFile ./pgp/shodan.pgp; }; lass-icarus = { - mail = "lass@icarus.retiolum"; + mail = "lass@icarus.r"; pubkey = builtins.readFile ./ssh/icarus.rsa; }; fritz = { diff --git a/krebs/3modules/lass/ssh/shodan.rsa b/krebs/3modules/lass/ssh/shodan.rsa index 3ee08ad41..36a8901fa 100644 --- a/krebs/3modules/lass/ssh/shodan.rsa +++ b/krebs/3modules/lass/ssh/shodan.rsa @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDV+EscrUKgsu6iO94lJQ45o0t9QV88H7RrbLCsysgesQqiCbq0XNJKSrKI4T/o5dBNfoHMi4FSuPsF3YzffvMOWmdluHRBIhDJSDiFaraHr1zu7fHDO8gsUf/a3H3LPHtRRoXQFNsIK5NRLR35WpKt+zG6GK/WLBzb2N4MR3Ym5Qo2OepW3pgMWjjbmiUbGGiao9OWgx5tjjT8PLHIWdoEmJsaE5UnOWebqY+xfkWXMLdzMBPyEdCVwUO7X3Ip0Zk/BJFSqtIHBqQtp+njgeRwfkL2xabge3VGALAnQg5iYXzT8kfzIu/wfaoSdGkdPWxMo80KDiJJlpLj1oC3ABmDj01Hgu9p+g5Em0SFevcenspTii3IvYqdq+eg5+pPny4ki9748t6FlWRsrjrmjdQVVMWbhx42+lsyxIYsdXhwWMqNwTNzvY7Fxy3/8XE14pYWCV5eEll2/hSNfI6AcOoJ0vfHvOXsY6GVMYklXDIFzmiJOpyox+DnTahyUqQ6IcLH73vp9boVK31kf8EC7VDp8ms2ZiXz9nfPYltiUOtKKG0gqg9Jgs7xthpX82WYEp2+PXzPCHWs4WXs3OsUzQ8ykXXD2A7JMVBBv0FaMD4aBsOe7hU20/sO+/J/uuPe5xnpI//uFK4KkYCmDHZcZ3Qzh9CQTISwFvOBbYtRWbDo5w== lass@shodan +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDH31q4qmu8dbnu5BJMEW5CAMW9xlZg5dNTREy6vHE5OofmDEzi5YTBYr543ppGYQL/PzepChGl8RKZETeU+pnqTTHgnUh3KkOnX0GmpKgDgFgDrdVwyU137P6RyOo/kLvfbzAu1bFC5Q5hUDdbd5dDAQGN23wsRQxx1EI1uMrrMbMUKxpk/x5+AZi0JfAOY4SJNYIRfnim5v9jAt1JHeOjKy3sT3/ZEaJqK8DAKEHo0/kYyizWn5M7do5bw2+WpG/gHpdtTD0NlKwFUyMzhFJh4ahDt9FtExnmDA45rAcVSsinhUmrPqPwBKEnUxle5tw3A4YRHUvqhHTo6G852iiPHE0DUlCKsDJwr+lw3DXjK+HYOdKMFC6nsh4x+SFrwg6JKCXPzeCH2w7VP5xJGlb3YS+NcvbYWRbiqJ/M2hVdn/Atxq2VUAdKnrNtNW4ZYH6yJTGOkcXkyKJzcTj5JZIvJd1DL0pI9aGWNxnmfyOVMgaKfdafBqU/PB8RPPAZH9RCVRH0g+Cnu0NoJmkwKaq0K+z+FF9eNqVpNnYnjVLsPvjLIXCn8kJl4/2mimDlOarj/I9Hs+k0/gbzx4PKUS87+rUVA4Hfz+MltzZQUGoIBQxciAgVVh7zLrMgnPWwvqHnMKAQ9nzgme3A4ew2Ocyl30+skLstr9e08VqErguYSw== lass@shodan diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 8e5927f9d..56df451b7 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -11,7 +11,7 @@ with import ; ip4.addr = "10.243.177.9"; ip6.addr = "42:f63:ddf8:7520:cfec:9b61:d807:1dce"; aliases = [ - "drop.retiolum" + "drop.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -35,7 +35,7 @@ with import ; ip4.addr = "10.243.113.98"; ip6.addr = "42:5cf1:e7f2:3fd:cd4c:a1ee:ec71:7096"; aliases = [ - "fileleech.retiolum" + "fileleech.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -58,8 +58,8 @@ with import ; ip4.addr = "10.243.0.210"; ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0001"; aliases = [ - "pnp.retiolum" - "cgit.pnp.retiolum" + "pnp.r" + "cgit.pnp.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -81,7 +81,6 @@ with import ; ip4.addr = "10.243.0.84"; ip6.addr = "42:ff6b:5f0b:460d:2cee:4d05:73f7:5566"; aliases = [ - "darth.retiolum" "darth.r" ]; tinc.pubkey = '' @@ -153,7 +152,7 @@ with import ; ip4.addr = "10.243.0.212"; ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0002"; aliases = [ - "tsp.retiolum" + "tsp.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -180,7 +179,6 @@ with import ; ip4.addr = "10.243.0.91"; ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"; aliases = [ - "x.retiolum" "x.r" ]; tinc.pubkey = '' @@ -225,7 +223,7 @@ with import ; ip4.addr = "10.243.1.91"; ip6.addr = "42:0b2c:d90e:e717:03dd:9ac1:0000:a400"; aliases = [ - "vbob.retiolum" + "vbob.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -259,14 +257,14 @@ with import ; ip4.addr = "192.40.56.122"; ip6.addr = "2604:2880::841f:72c"; aliases = [ - "pigstarter.internet" + "pigstarter.i" ]; }; retiolum = { ip4.addr = "10.243.0.153"; ip6.addr = "42:9143:b4c0:f981:6030:7aa2:8bc5:4110"; aliases = [ - "pigstarter.retiolum" + "pigstarter.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -295,7 +293,6 @@ with import ; ip4.addr = "104.233.87.86"; aliases = [ "wry.i" - "wry.internet" ]; }; retiolum = { @@ -303,9 +300,9 @@ with import ; ip4.addr = "10.243.29.169"; ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad"; aliases = [ - "graphs.wry.retiolum" - "paste.wry.retiolum" - "wry.r" "wry.retiolum" + "wry.r" + "graphs.wry.r" + "paste.wry.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -340,8 +337,7 @@ with import ; ip4.addr = "10.243.153.102"; ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"; aliases = [ - "filepimp.retiolum" - "filepimp.r" + "filepimp.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -371,7 +367,6 @@ with import ; ip4.addr = "10.243.0.89"; ip6.addr = "42:f9f0::10"; aliases = [ - "omo.retiolum" "omo.r" "logs.makefu.r" "stats.makefu.r" @@ -416,7 +411,7 @@ with import ; ip4.addr = "10.243.214.15"; ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ - "wbob.retiolum" + "wbob.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -453,7 +448,7 @@ with import ; internet = { ip4.addr = "195.154.108.70"; aliases = [ - "gum.internet" + "gum.i" ]; }; retiolum = { @@ -462,18 +457,15 @@ with import ; # ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; aliases = [ "gum.r" - "gum.retiolum" - "cgit.gum.retiolum" + "cgit.gum.r" "o.gum.r" - "o.gum.retiolum" "tracker.makefu.r" - "tracker.makefu.retiolum" - "graphs.r" "graphs.retiolum" - "wiki.makefu.retiolum" - "wiki.wry.retiolum" - "blog.makefu.retiolum" - "blog.wry.retiolum" + "graphs.r" + "wiki.makefu.r" + "wiki.gum.r" + "blog.makefu.r" + "blog.gum.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -523,7 +515,6 @@ with import ; ip4.addr = "10.243.205.131"; ip6.addr = "42:490d:cd82:d2bb:56d5:abd1:b88b:e8b4"; aliases = [ - "shoney.retiolum" "shoney.r" ]; tinc.pubkey = '' @@ -548,7 +539,6 @@ with import ; ip4.addr = "10.243.83.237"; ip6.addr = "42:af50:99cf:c185:f1a8:14d5:acb:8101"; aliases = [ - "sdev.retiolum" "sdev.r" ]; tinc.pubkey = '' @@ -580,14 +570,13 @@ with import ; internet = { ip4.addr = "162.248.11.162"; aliases = [ - "flap.internet" + "flap.i" ]; }; retiolum = { ip4.addr = "10.243.211.172"; ip6.addr = "42:472a:3d01:bbe4:4425:567e:592b:065d"; aliases = [ - "flap.retiolum" "flap.r" ]; tinc.pubkey = '' @@ -635,7 +624,6 @@ with import ; ip6.addr = "42:9898:a8be:ce56:0ee3:b99c:42c5:109e"; aliases = [ "heidi.r" - "heidi.retiolum" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -770,7 +758,7 @@ with import ; internet = { ip4.addr = "148.251.47.69"; aliases = [ - "wooki.internet" + "wooki.i" ]; }; retiolum = { @@ -825,7 +813,7 @@ with import ; ip4.addr = "10.243.144.142"; ip6.addr = "42:4bf8:94b:eec5:69e2:c837:686e:f278"; aliases = [ - "tcac-0-1.retiolum" + "tcac-0-1.r" ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- @@ -848,7 +836,7 @@ with import ; internet = { ip4.addr = "217.160.206.154"; aliases = [ - "muhbaasu.internet" + "muhbaasu.i" ]; }; retiolum = { @@ -877,7 +865,9 @@ with import ; retiolum = { ip4.addr = "10.243.183.236"; ip6.addr = "42:8ca8:d2e4:adf6:5c0f:38cb:e9ef:eb3c"; - aliases = [ "tpsw.r" "tpsw.retiolum" ]; + aliases = [ + "tpsw.r" + ]; tinc.pubkey = '' -----BEGIN RSA PUBLIC KEY----- MIIBCgKCAQEAvwYPFAINwV0EH0myFpNzRjVbqXdAmJP616C5JvODklhZWJxFxlKJ @@ -894,10 +884,10 @@ with import ; }; users = rec { makefu = { - mail = "makefu@x.retiolum"; + mail = "makefu@x.r"; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@x"; - pgp.pubkeys.default = builtins.readFile ./default.pgp; - pgp.pubkeys.brain = builtins.readFile ./brain.pgp; + pgp.pubkeys.default = builtins.readFile ./pgp/default.asc; + pgp.pubkeys.brain = builtins.readFile ./pgp/brain.asc; }; makefu-omo = { inherit (makefu) mail pgp; diff --git a/krebs/3modules/makefu/brain.pgp b/krebs/3modules/makefu/pgp/brain.asc similarity index 100% rename from krebs/3modules/makefu/brain.pgp rename to krebs/3modules/makefu/pgp/brain.asc diff --git a/krebs/3modules/makefu/default.pgp b/krebs/3modules/makefu/pgp/default.asc similarity index 100% rename from krebs/3modules/makefu/default.pgp rename to krebs/3modules/makefu/pgp/default.asc diff --git a/krebs/5pkgs/kpaste/default.nix b/krebs/5pkgs/kpaste/default.nix new file mode 100644 index 000000000..d6823d584 --- /dev/null +++ b/krebs/5pkgs/kpaste/default.nix @@ -0,0 +1,5 @@ +{ curl, writeDashBin }: + +writeDashBin "kpaste" '' + exec ${curl}/bin/curl -sS http://p.r --data-binary @- +'' diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix index 534d65162..c196b391a 100644 --- a/lass/1systems/mors.nix +++ b/lass/1systems/mors.nix @@ -66,7 +66,6 @@ with import ; "localhost" "${config.krebs.build.host.name}" "${config.krebs.build.host.name}.r" - "${config.krebs.build.host.name}.retiolum" ]; locations."~ ^/~(.+?)(/.*)?\$".extraConfig = '' alias /home/$1/public_html$2; diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix index a7a7f6129..e5cbacfc8 100644 --- a/lass/1systems/prism.nix +++ b/lass/1systems/prism.nix @@ -45,6 +45,7 @@ in { ../2configs/makefu-sip.nix ../2configs/monitoring/server.nix ../2configs/monitoring/monit-alarms.nix + ../2configs/paste.nix { imports = [ ../2configs/bepasty.nix @@ -157,7 +158,7 @@ in { } { users.users.chat.openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDiupmvj8gmiqIUTk9t4AOZ6bYvIpMMuNZULwIu/lbq8epK+FyvjRtCxqkLgFw0BfNYHzT9fxJ3kZY+nf/pnpI0j8TRwLAyPnfKuBfehrtzjdNbf1jCB9BQAaLoBHkLUFLJxskIC11nHx5KJVJvZBZZ6Odq1WIb4RZXjtEreQfvF8+YyFgHQ/epmQupKK6agHGkjtqvH+hz//dwDqHU9orj8MCWxNaa2wUgn+5laAvpLS15MQeCDIz8GJtJWToETY6bvldiLp2hIAJmgx8LIecV1h7YPR81Rk80gIk3f0PDfsLnnM6ibkI5p8NGh7nRKAdf+W90HpBIHKMRpRkMYvgL3ejVuKJZyzhYKUArA6egNRAN2d67eOpR/yKV5LjRxv+JBCOln5ynDbAmP4Hq98h+0K9Md7VavrRJzzPRTH3MPx+OKqsnRBRjhKsRFIUaO6/TBjZF4RCbbSSbvBW1u+qbTWX1MGUJNB5huL/OIBdHHcTb6GI3W4Svtgq4in2KI4COBhUJogm5UmaXRHtgqvn8byxutIsXMOTFjjdDK6r7mmOj1mzlu5wEHAV6FRsII92pf4WO2GYEUxz1ABu4HvRsVKlvYoEwwBhpXecTve6nogAiDvuxHjUX1eup3If3s4SvNirNPPUQuzNriYJ4JXiU6pGCJcBgxhl+NQ7ajxCdaw== JuiceSSH" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCkmIvB8BekIE2W24+I0gnzkvkEoeulz/zQkDUVJK4oScbIvgTYmcHzQuHJyPueTm67bJCOcYaTwEDNhcR/ZvcyiCQ7Jwa5cLDTkCkcR9LQq8ry5jMNEanvTgrnBIEcwfS7jFpyFb/PRVG6hh2bPOfP+ksFplkq1BTzKt/UTaCBwVEZqi5XuFIlq/MqJg+FIjh+wyeNR5jHtqgAhVjR+YLVNXLgtVPE+dlSfbyRQHuA9FTkUj8BxxnTdwM5Sx33S61ddik1XvRn++IYqFl68fZhzyTME7t/Mvjdz8J7ew2bF2IbJrXt37yQCAOEEp9/RC5OloA7dd/5ZJjZxSzT2HnYROILsYr3S0WV4e+H2G66ZN0ftdUCYh1o5rtY7IrSes6yHsKYbpoij1IAkRkyt2XgEH5EZCk1Omx8AY3ekW1KFIEhz2DZEfnCEjPf4AGCYZ0uy4XEztxzTDkh25TVs/tym1+96qCJ1yAxwWZDbVhS/Z6aSBpsyeDRKcak8qoWVC2dEPdYuTUmwvmo3pmGn/a4UfOLNJTn0jSRjy3kSv1hYzosN4NSYZqEylFB0ABnlqoLpX3tmWtrkiKv19S+djVGxbaaYm3hjPJfds3qCWTJWPvxPPeCE8wGXVLYqOQxa5ZPYeoTwRof5YNSbj5RFYy9sDLTlHl+U4ASTHZM5S3akQ== JuiceSSH" ]; } { diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index f4e4cd2cc..b747ccb39 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -64,10 +64,7 @@ with import ; ]; } { - services.dnscrypt-proxy = { - enable = true; - resolverName = "d0wn-nl-ns3"; - }; + services.dnscrypt-proxy.enable = true; networking.extraResolvconfConf = '' name_servers='127.0.0.1' ''; @@ -138,6 +135,7 @@ with import ; aria2 #neat utils + kpaste krebspaste mosh pciutils diff --git a/lass/2configs/go.nix b/lass/2configs/go.nix index 8e31f050f..b75233871 100644 --- a/lass/2configs/go.nix +++ b/lass/2configs/go.nix @@ -17,7 +17,7 @@ with import ; ''; serverAliases = [ "go" - "go.retiolum" + "go.r" ]; }; }; diff --git a/lass/2configs/hw/tp-x220.nix b/lass/2configs/hw/tp-x220.nix index 1e75271ca..9be0b6bd2 100644 --- a/lass/2configs/hw/tp-x220.nix +++ b/lass/2configs/hw/tp-x220.nix @@ -51,6 +51,11 @@ with import ; services.xserver.synaptics = { enable = true; - additionalOptions = ''Option "TouchpadOff" "1"''; + horizEdgeScroll = false; + horizontalScroll = false; + vertEdgeScroll = false; + maxSpeed = "0.1"; + minSpeed = "0.01"; + tapButtons = false; }; } diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix index a08dc88da..41c7bceb2 100644 --- a/lass/2configs/mail.nix +++ b/lass/2configs/mail.nix @@ -113,9 +113,12 @@ let macro index ~ ,@( 'Toggle sidebar' # toggle the sidebar ''; - mutt = pkgs.writeDashBin "mutt" '' - exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@ - ''; + mutt = pkgs.concat "mutt" [ + pkgs.neomutt + (pkgs.writeDashBin "mutt" '' + exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@ + '') + ]; in { environment.systemPackages = [ diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix index e2b7dcae6..b8c245215 100644 --- a/lass/2configs/monitoring/client.nix +++ b/lass/2configs/monitoring/client.nix @@ -23,13 +23,4 @@ with import ; }; }; }; - - services.journalbeat = { - enable = true; - extraConfig = '' - output.elasticsearch: - hosts: ["prism:9200"] - template.enabled: false - ''; - }; } diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix index b6ccf9cc1..d1ff234ee 100644 --- a/lass/2configs/monitoring/server.nix +++ b/lass/2configs/monitoring/server.nix @@ -79,21 +79,9 @@ with import ; security = import ; # { AdminUser = ""; adminPassword = ""} }; - services.elasticsearch = { - enable = true; - listenAddress = "0.0.0.0"; - }; - - services.kibana = { - enable = true; - listenAddress = "0.0.0.0"; - }; - krebs.iptables.tables.filter.INPUT.rules = [ { predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; } { predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; } { predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; } - { predicate = "-p tcp -i retiolum --dport 9200"; target = "ACCEPT"; } - { predicate = "-p tcp -i retiolum --dport 5601"; target = "ACCEPT"; } ]; } diff --git a/lass/2configs/mpv.nix b/lass/2configs/mpv.nix index 9988e788f..d9c6274db 100644 --- a/lass/2configs/mpv.nix +++ b/lass/2configs/mpv.nix @@ -2,15 +2,17 @@ let - mpv-config = pkgs.writeText "mpv-config" '' - script=${lib.concatStringsSep "," [ - good - delete - ]} - ''; - mpv = pkgs.writeDashBin "mpv" '' - exec ${pkgs.mpv}/bin/mpv --no-config --include=${mpv-config} "$@" - ''; + scripts = lib.concatStringsSep "," [ + good + delete + ]; + + mpv = pkgs.concat "mpv" [ + pkgs.mpv + (pkgs.writeDashBin "mpv" '' + exec ${pkgs.mpv}/bin/mpv --no-config --script=${scripts} "$@" + '') + ]; moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" '' tmp_dir = "${dir}" @@ -31,20 +33,6 @@ let up = moveToDir "U" "./up"; down = moveToDir "Y" "./down"; - deleteCurrentTrack = pkgs.writeText "delete.lua" '' - deleted_tmp = "./.graveyard" - - -- Delete the current track by moving it to the `deleted_tmp` location. - function delete_current_track() - track = mp.get_property("path") - os.execute("mkdir -p '" .. deleted_tmp .. "'") - os.execute("mv '" .. track .. "' '" .. deleted_tmp .. "'") - print("'" .. track .. "' deleted.") - end - - mp.add_key_binding("D", "delete_current_track", delete_current_track) - ''; - in { krebs.per-user.lass.packages = [ mpv diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix index 7f6512552..24437d040 100644 --- a/lass/2configs/nixpkgs.nix +++ b/lass/2configs/nixpkgs.nix @@ -3,6 +3,6 @@ { krebs.build.source.nixpkgs.git = { url = https://cgit.lassul.us/nixpkgs; - ref = "ade5837"; + ref = "a563923"; }; } diff --git a/lass/2configs/paste.nix b/lass/2configs/paste.nix new file mode 100644 index 000000000..293691c0f --- /dev/null +++ b/lass/2configs/paste.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: +with import ; + +{ + services.nginx.virtualHosts.paste = { + serverAliases = [ "p.r" ]; + locations."/".extraConfig = '' + client_max_body_size 4G; + proxy_set_header Host $host; + proxy_pass http://localhost:9081; + ''; + }; + krebs.htgen.paste = { + port = 9081; + script = toString [ + "PATH=${makeBinPath [ + pkgs.nix + ]}:$PATH" + "STATEDIR=$HOME" + ". ${pkgs.htgen}/examples/paste" + ]; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT";} + { predicate = "-i retiolum -p tcp --dport 9081"; target = "ACCEPT";} + ]; +} diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix index 74e508549..775bd7665 100644 --- a/lass/2configs/repo-sync.nix +++ b/lass/2configs/repo-sync.nix @@ -105,6 +105,7 @@ in { (sync-remote "realwallpaper" "https://github.com/lassulus/realwallpaper") (sync-remote "lassulus-blog" "https://github.com/lassulus/lassulus-blog") (sync-remote "painload" "https://github.com/krebscode/painload") + (sync-remote "Reaktor" "https://github.com/krebscode/Reaktor") (sync-remote-silent "nixpkgs" "https://github.com/nixos/nixpkgs") (sync-retiolum "go") (sync-retiolum "much") diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix index fde3f7c2b..a5c51735a 100644 --- a/lass/2configs/websites/domsen.nix +++ b/lass/2configs/websites/domsen.nix @@ -21,6 +21,22 @@ let exec ${pkgs.msmtp}/bin/msmtp --read-envelope-from -C ${msmtprc} "$@" ''; + restartPhpfpm_o.ubikmedia = pkgs.writeDash "restartPhpfpm_o.ubikmedia.org" '' + ${pkgs.systemd}/bin/systemctl restart phpfpm-o.ubikmedia.de.service + ''; + + restartPhpfpm_o.ubikmedia_wrapper = pkgs.writeDashBin "restartPhpfpm_o.ubikmedia" '' + /run/wrappers/bin/sudo ${restartPhpfpm_o.ubikmedia} + ''; + + restartPhpfpm_ubikmedia = pkgs.writeDash "restartPhpfpm_ubikmedia.org" '' + ${pkgs.systemd}/bin/systemctl restart phpfpm-ubikmedia.de.service + ''; + + restartPhpfpm_ubikmedia_wrapper = pkgs.writeDashBin "restartPhpfpm_ubikmedia" '' + /run/wrappers/bin/sudo ${restartPhpfpm_ubikmedia} + ''; + in { imports = [ ./sqlBackup.nix @@ -116,6 +132,7 @@ in { { from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms"; } { from = "testuser@lassul.us"; to = "testuser"; } + { from = "testuser@ubikmedia.eu"; to = "testuser"; } ]; sender_domains = [ "jla-trading.com" @@ -162,5 +179,17 @@ in { useDefaultShell = true; createHome = true; }; + + #sudo restart wrappers + security.sudo.extraConfig = '' + domsen ALL= (root) NOPASSWD: ${restartPhpfpm_o.ubikmedia} + domsen ALL= (root) NOPASSWD: ${restartPhpfpm_ubikmedia} + ''; + + krebs.per-user.domsen.packages = [ + restartPhpfpm_ubikmedia_wrapper + restartPhpfpm_o.ubikmedia_wrapper + ]; + } diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 7b2e6b617..cd9b4c056 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -17,7 +17,7 @@ with import ; enable = true; dns.providers.lan = "hosts"; - search-domain = "retiolum"; + search-domain = "r"; build = { user = config.krebs.users.makefu; source = let