Merge remote-tracking branch 'prism/master'

This commit is contained in:
tv 2019-11-12 19:18:31 +01:00
commit eaefd713c2
44 changed files with 1176 additions and 136 deletions

View File

@ -5,6 +5,7 @@
[ [
<stockholm/jeschli> <stockholm/jeschli>
<stockholm/jeschli/2configs/emacs.nix> <stockholm/jeschli/2configs/emacs.nix>
<stockholm/jeschli/2configs/firefox.nix>
<stockholm/jeschli/2configs/python.nix> <stockholm/jeschli/2configs/python.nix>
./desktop.nix ./desktop.nix
./i3-configuration.nix ./i3-configuration.nix
@ -35,7 +36,6 @@
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
wget vim git wget vim git
firefox
rofi rofi
ag ag
]; ];
@ -49,7 +49,9 @@
isNormalUser = true; isNormalUser = true;
}; };
services.xserver.synaptics.enable = true; # services.xserver.synaptics.enable = true;
services.xserver.libinput.enable = true;
services.xserver.libinput.disableWhileTyping = true;
#Enable ssh daemon #Enable ssh daemon
services.openssh.enable = true; services.openssh.enable = true;

View File

@ -162,14 +162,14 @@ let
(setq org-refile-allow-creating-parent-nodes (quote confirm)) (setq org-refile-allow-creating-parent-nodes (quote confirm))
; Use IDO for both buffer and file completion and ido-everywhere to t ; Use IDO for both buffer and file completion and ido-everywhere to t
(setq org-completion-use-ido t) ; (setq org-completion-use-ido t)
(setq ido-everywhere t) ; (setq ido-everywhere t)
(setq ido-max-directory-size 100000) ; (setq ido-max-directory-size 100000)
(ido-mode (quote both)) ; (ido-mode (quote both))
; Use the current window when visiting files and buffers with ido ; ; Use the current window when visiting files and buffers with ido
(setq ido-default-file-method 'selected-window) ; (setq ido-default-file-method 'selected-window)
(setq ido-default-buffer-method 'selected-window) ; (setq ido-default-buffer-method 'selected-window)
; Use the current window for indirect buffer display ; ; Use the current window for indirect buffer display
(setq org-indirect-buffer-display 'current-window) (setq org-indirect-buffer-display 'current-window)
;;;; Refile settings ;;;; Refile settings

View File

@ -53,6 +53,13 @@ let
(ido-mode t) (ido-mode t)
''; '';
helm = ''
(helm-mode 1)
(global-set-key (kbd "M-x") #'helm-M-x)
(global-set-key (kbd "C-x r b") #'helm-filtered-bookmarks)
(global-set-key (kbd "C-x C-f") #'helm-find-files)
'';
magit = '' magit = ''
(global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer" (global-set-key (kbd "C-x g") 'magit-status) ; "Most Magit commands are commonly invoked from the status buffer"
@ -161,10 +168,9 @@ let
${evilMode} ${evilMode}
${goMode} ${goMode}
${ido} ${helm}
${magit} ${magit}
${orgMode} ${orgMode}
${recentFiles}
${rustDevelopment} ${rustDevelopment}
${theme} ${theme}
${windowCosmetics} ${windowCosmetics}
@ -176,8 +182,16 @@ let
#emacsWithCustomPackages #emacsWithCustomPackages
emacsPkgs= epkgs: [ emacsPkgs= epkgs: [
#testing #testing
epkgs.melpaPackages.web-mode
epkgs.melpaPackages.js2-mode
epkgs.melpaPackages.xref-js2
epkgs.melpaPackages.academic-phrases
epkgs.melpaPackages.gitlab epkgs.melpaPackages.gitlab
epkgs.melpaPackages.forge epkgs.melpaPackages.forge
epkgs.melpaPackages.helm
epkgs.melpaPackages.weechat
# emacs convenience # emacs convenience
epkgs.melpaPackages.ag epkgs.melpaPackages.ag

View File

@ -0,0 +1,53 @@
{ config, pkgs, ... }:
let
# Firefox addons
https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {};
ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {};
webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {};
canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {};
audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {};
font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {};
user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {};
dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {};
wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { };
myFirefox = wrapper pkgs.firefox-unwrapped {
extraExtensions = [
dark-reader
https-everywhere
ublock-origin
audio-fingerprint-defender
canvas-fingerprint-defender
webgl-fingerprint-defender
font-fingerprint-defender
user-agent-switcher
];
extraPolicies = {
CaptivePortal = false;
};
disablePocket = true;
disableFirefoxSync = true;
allowNonSigned = true;
clearDataOnShutdown = true;
disableDrmPlugin = true;
};
in {
environment.variables = {
BROWSER = ["firefox"];
};
environment.systemPackages = with pkgs; [
myFirefox
];
}

View File

@ -0,0 +1,488 @@
{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config
## various stuff that can be plugged in
, flashplayer, hal-flash
, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2
, jrePlugin, icedtea_web
, bluejeans, djview4, adobe-reader
, google_talk_plugin, fribid, gnome3/*.gnome-shell*/
, esteidfirefoxplugin ? ""
, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow
, udev
, kerberos
}:
## configurability of the wrapper itself
browser:
let
wrapper =
{ browserName ? browser.browserName or (builtins.parseDrvName browser.name).name
, name ? (browserName + "-" + (builtins.parseDrvName browser.name).version)
, desktopName ? # browserName with first letter capitalized
(lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName)
, nameSuffix ? ""
, icon ? browserName
, extraPlugins ? []
, extraPrefs ? ""
, extraExtensions ? [ ]
, allowNonSigned ? false
, disablePocket ? false
, disableTelemetry ? true
, disableDrmPlugin ? false
, showPunycodeUrls ? true
, disableFirefoxStudies ? true
, disableFirefoxSync ? false
, useSystemCertificates ? true
, dontCheckDefaultBrowser ? false
# For more information about anti tracking
# vist https://wiki.kairaven.de/open/app/firefox
, activateAntiTracking ? true
, disableFeedbackCommands ? true
, disableDNSOverHTTPS ? true
, disableGoogleSafebrowsing ? false
, clearDataOnShutdown ? false
, homepage ? "about:blank"
# For more information about policies visit
# https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
, extraPolicies ? {}
, extraNativeMessagingHosts ? []
, gdkWayland ? false
}:
assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
let
# If extraExtensions has been set disable manual extensions
disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false;
cfg = config.${browserName} or {};
enableAdobeFlash = cfg.enableAdobeFlash or false;
ffmpegSupport = browser.ffmpegSupport or false;
gssSupport = browser.gssSupport or false;
jre = cfg.jre or false;
icedtea = cfg.icedtea or false;
supportsJDK =
stdenv.hostPlatform.system == "i686-linux" ||
stdenv.hostPlatform.system == "x86_64-linux" ||
stdenv.hostPlatform.system == "armv7l-linux" ||
stdenv.hostPlatform.system == "aarch64-linux";
plugins =
assert !(jre && icedtea);
if builtins.hasAttr "enableVLC" cfg
then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins"
else
([ ]
++ lib.optional enableAdobeFlash flashplayer
++ lib.optional (cfg.enableDjvu or false) (djview4)
++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser)
++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin
++ lib.optional icedtea icedtea_web
++ lib.optional (cfg.enableGoogleTalkPlugin or false) google_talk_plugin
++ lib.optional (cfg.enableFriBIDPlugin or false) fribid
++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell
++ lib.optional (cfg.enableBluejeans or false) bluejeans
++ lib.optional (cfg.enableAdobeReader or false) adobe-reader
++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin
++ extraPlugins
);
nativeMessagingHosts =
([ ]
++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass)
++ lib.optional (cfg.enableBukubrow or false) bukubrow
++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell
++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator
++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration
++ extraNativeMessagingHosts
);
libs = lib.optional stdenv.isLinux udev
++ lib.optional ffmpegSupport ffmpeg
++ lib.optional gssSupport kerberos
++ lib.optionals (cfg.enableQuakeLive or false)
(with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ])
++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash
++ lib.optional (config.pulseaudio or true) libpulseaudio;
gtk_modules = [ libcanberra-gtk2 ];
enterprisePolicies =
{
policies = {
DisableAppUpdate = true;
} // lib.optionalAttrs disableManualExtensions (
{
ExtensionSettings = {
"*" = {
blocked_install_message = "You can't have manual extension mixed with nix extensions";
installation_mode = "blocked";
};
} // lib.foldr (e: ret:
ret // {
"${e.extid}" = {
installation_mode = "allowed";
};
}
) {} extraExtensions;
}
) // lib.optionalAttrs disablePocket (
{
DisablePocket = true;
}
) // lib.optionalAttrs disableTelemetry (
{
DisableTelemetry = true;
}
) // lib.optionalAttrs disableFirefoxStudies (
{
DisableFirefoxStudies = true;
}
) // lib.optionalAttrs disableFirefoxSync (
{
DisableFirefoxAccounts = true;
}
) // lib.optionalAttrs useSystemCertificates (
{
# Disable useless firefox certificate store
Certificates = {
ImportEnterpriseRoots = true;
};
}
) // lib.optionalAttrs (
if lib.count (x: true) extraExtensions > 0 then true else false) (
{
# Don't try to update nix installed addons
DisableSystemAddonUpdate = true;
# But update manually installed addons
ExtensionUpdate = false;
}
) // lib.optionalAttrs dontCheckDefaultBrowser (
{
DontCheckDefaultBrowser = true;
}
)// lib.optionalAttrs disableDNSOverHTTPS (
{
DNSOverHTTPS = {
Enabled = false;
};
}
) // lib.optionalAttrs clearDataOnShutdown (
{
SanitizeOnShutdown = true;
}
) // lib.optionalAttrs disableFeedbackCommands (
{
DisableFeedbackCommands = true;
}
) // lib.optionalAttrs ( if homepage == "" then false else true) (
{
Homepage = {
URL = homepage;
Locked = true;
};
}
) // extraPolicies ;} ;
extensions = builtins.map (a:
if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then
throw "Addon ${a.pname} needs boolean attribute 'signed' "
else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then
throw "Addon ${a.pname} needs a string attribute 'extid'"
else if a.signed == false && !allowNonSigned then
throw "Disable signature checking in firefox if you want ${a.pname} addon"
else a
) extraExtensions;
policiesJson = builtins.toFile "policies.json"
(builtins.toJSON enterprisePolicies);
mozillaCfg = builtins.toFile "mozilla.cfg" ''
// First line must be a comment
// Remove default top sites
lockPref("browser.newtabpage.pinned", "");
lockPref("browser.newtabpage.activity-stream.default.sites", "");
// Deactivate first run homepage
lockPref("browser.startup.firstrunSkipsHomepage", false);
// If true, don't show the privacy policy tab on first run
lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
${
if allowNonSigned == true then
''lockPref("xpinstall.signatures.required", false)''
else
""
}
${
if showPunycodeUrls == true then
''
lockPref("network.IDN_show_punycode", true);
''
else
""
}
${
if disableManualExtensions == true then
''
lockPref("extensions.getAddons.showPane", false);
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
lockPref("app.update.auto", false);
''
else
""
}
${
if disableDrmPlugin == true then
''
lockPref("media.gmp-gmpopenh264.enabled", false);
lockPref("media.gmp-widevinecdm.enabled", false);
''
else
""
}
${
if activateAntiTracking == true then
''
// Tracking
lockPref("browser.send_pings", false);
lockPref("browser.send_pings.require_same_host", true);
lockPref("network.dns.disablePrefetch", true);
lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false);
lockPref("browser.search.geoip.url", "");
lockPref("privacy.firstparty.isolate", true);
lockPref("privacy.userContext.enabled", true);
lockPref("privacy.userContext.ui.enabled", true);
lockPref("privacy.firstparty.isolate.restrict_opener_access", false);
lockPref("network.http.referer.XOriginPolicy", 1);
lockPref("network.http.referer.hideOnionSource", true);
lockPref(" privacy.spoof_english", true);
// This option is currently not usable because of bug:
// https://bugzilla.mozilla.org/show_bug.cgi?id=1557620
// lockPref("privacy.resistFingerprinting", true);
''
else ""
}
${
if disableTelemetry == true then
''
// Telemetry
lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
lockPref("browser.ping-centre.telemetry", false);
lockPref("devtools.onboarding.telemetry.logged", false);
lockPref("toolkit.telemetry.archive.enabled", false);
lockPref("toolkit.telemetry.bhrPing.enabled", false);
lockPref("toolkit.telemetry.enabled", false);
lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
lockPref("toolkit.telemetry.hybridContent.enabled", false);
lockPref("toolkit.telemetry.newProfilePing.enabled", false);
lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
lockPref("dom.push.enabled", false);
lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
lockPref("security.ssl.errorReporting.enabled", false);
''
else ""
}
${
if disableGoogleSafebrowsing == true then
''
// Google data sharing
lockPref("browser.safebrowsing.blockedURIs.enabled", false);
lockPref("browser.safebrowsing.downloads.enabled", false);
lockPref("browser.safebrowsing.malware.enabled", false);
lockPref("browser.safebrowsing.passwords.enabled", false);
lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
lockPref("browser.safebrowsing.malware.enabled", false);
lockPref("browser.safebrowsing.phishing.enabled", false);
lockPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
lockPref("browser.safebrowsing.provider.mozilla.updateURL", "");
''
else ""
}
// User customization
${extraPrefs}
'';
in stdenv.mkDerivation {
inherit name;
desktopItem = makeDesktopItem {
name = browserName;
exec = "${browserName}${nameSuffix} %U";
inherit icon;
comment = "";
desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}";
genericName = "Web Browser";
categories = "Application;Network;WebBrowser;";
mimeType = stdenv.lib.concatStringsSep ";" [
"text/html"
"text/xml"
"application/xhtml+xml"
"application/vnd.mozilla.xul+xml"
"x-scheme-handler/http"
"x-scheme-handler/https"
"x-scheme-handler/ftp"
];
};
nativeBuildInputs = [ makeWrapper lndir ];
buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
buildCommand = lib.optionalString stdenv.isDarwin ''
mkdir -p $out/Applications
cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
rm -f $out${browser.execdir or "/bin"}/${browserName}
'' + ''
# Link the runtime. The executable itself has to be copied,
# because it will resolve paths relative to its true location.
# Any symbolic links have to be replicated as well.
cd "${browser}"
find . -type d -exec mkdir -p "$out"/{} \;
find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
chmod a+rwx "$out/$f"
done
# fix links and absolute references
cd "${browser}"
find . -type l -print0 | while read -d $'\0' l; do
target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
ln -sfT "$target" "$out/$l"
done
# This will not patch binaries, only "text" files.
# Its there for the wrapper mostly.
cd "$out"
${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
# create the wrapper
executablePrefix="$out${browser.execdir or "/bin"}"
executablePath="$executablePrefix/${browserName}"
if [ ! -x "$executablePath" ]
then
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
exit 1
fi
if [ ! -L "$executablePath" ]
then
# Careful here, the file at executablePath may already be
# a wrapper. That is why we postfix it with -old instead
# of -wrapped.
oldExe="$executablePrefix"/".${browserName}"-old
mv "$executablePath" "$oldExe"
else
oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
fi
makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
--suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
--suffix LD_LIBRARY_PATH ':' "$libs" \
--suffix-each GTK_PATH ':' "$gtk_modules" \
--suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \
--prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \
--suffix PATH ':' "$out${browser.execdir or "/bin"}" \
--set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \
--set MOZ_SYSTEM_DIR "$out/lib/mozilla" \
${lib.optionalString gdkWayland ''
--set GDK_BACKEND "wayland" \
''}${lib.optionalString (browser ? gtk3)
''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \
--suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
''
}
if [ -e "${browser}/share/icons" ]; then
mkdir -p "$out/share"
ln -s "${browser}/share/icons" "$out/share/icons"
else
for res in 16 32 48 64 128; do
mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps"
icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" )
if [ -e "$icon" ]; then ln -s "$icon" \
"$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png"
fi
done
fi
install -D -t $out/share/applications $desktopItem/share/applications/*
mkdir -p $out/lib/mozilla
for ext in ${toString nativeMessagingHosts}; do
lndir -silent $ext/lib/mozilla $out/lib/mozilla
done
# For manpages, in case the program supplies them
mkdir -p $out/nix-support
echo ${browser} > $out/nix-support/propagated-user-env-packages
# user customization
mkdir -p $out/lib/firefox
# creating policies.json
mkdir -p "$out/lib/firefox/distribution"
cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson}
# preparing for autoconfig
mkdir -p "$out/lib/firefox/defaults/pref"
cat > "$out/lib/firefox/defaults/pref/autoconfig.js" <<EOF
pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0);
EOF
cat > "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg}
mkdir -p $out/lib/firefox/distribution/extensions
for i in ${toString extensions}; do
ln -s -t $out/lib/firefox/distribution/extensions $i/*
done
'';
preferLocalBuild = true;
# Let each plugin tell us (through its `mozillaPlugin') attribute
# where to find the plugin in its tree.
plugins = map (x: x + x.mozillaPlugin) plugins;
libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs;
gtk_modules = map (x: x + x.gtkModule) gtk_modules;
passthru = { unwrapped = browser; };
disallowedRequisites = [ stdenv.cc ];
meta = browser.meta // {
description =
browser.meta.description
+ " (with plugins: "
+ lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins))
+ ")";
hydraPlatforms = [];
priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package
};
};
in
lib.makeOverridable wrapper

View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "audio-fingerprint-defender-${version}";
version = "0.1.3";
extid = "@audio-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi";
sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Audio context fingerprint defender firefox browser addon";
homepage = https://mybrowseraddon.com/audiocontext-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "canvas-fingerprint-defender-${version}";
version = "0.1.5";
extid = "@canvas-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended";
sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Canvas fingerprint defender firefox browser addon";
homepage = https://mybrowseraddon.com/webgl-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,28 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "dark-reader-${version}";
version = "4.8.1";
extid = "addon@darkreader.org";
signed = true;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi";
sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb";
};
phases = [ "installPhase" ];
installPhase = ''
install -D ${src} "$out/${extid}.xpi"
'';
meta = with stdenv.lib; {
description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing.";
homepage = https://github.com/darkreader/darkreader;
license = licenses.mit;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "font-fingerprint-defender-${version}";
version = "0.1.0";
extid = "@font-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi";
sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Font fingerprint defender firefox browser addon";
homepage = https://mybrowseraddon.com/font-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,45 @@
{ stdenv, fetchurl, pkgs, makeWrapper, lib }:
stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "hopper";
version = "4.5.16";
rev = "v${lib.versions.major version}";
src = fetchurl {
url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz";
sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584";
};
sourceRoot = ".";
ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [
libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib
];
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/lib
mkdir -p $out/share
cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper
cp -r $sourceRoot/opt/hopper-${rev}/lib $out
cp -r $sourceRoot/usr/share $out/share
patchelf \
--set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \
$out/bin/hopper
# Details: https://nixos.wiki/wiki/Qt
wrapProgram $out/bin/hopper \
--suffix LD_LIBRARY_PATH : ${ldLibraryPath} \
--suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins
'';
meta = {
homepage = "https://www.hopperapp.com/index.html";
description = "A macOS and Linux Disassembler";
license = stdenv.lib.licenses.unfree;
maintainers = [ stdenv.lib.maintainers.luis ];
platforms = stdenv.lib.platforms.linux;
};
}

View File

@ -0,0 +1,29 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "https-everywhere-${version}";
version = "2019.6.27";
extid = "https-everywhere@eff.org";
signed = true;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi";
sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp";
};
phases = [ "installPhase" ];
installPhase = ''
install -D ${src} "$out/${extid}.xpi"
'';
meta = {
description = "Https everywhere browser addon";
homepage = https://www.eff.org/https-everywhere;
license = stdenv.lib.licenses.gpl2Plus;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,26 @@
{ lib, python37Packages }:
python37Packages.buildPythonPackage rec {
pname = "pyocclient";
version = "0.4";
src = python37Packages.fetchPypi {
inherit pname version;
sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q";
};
doCheck = false;
propagatedBuildInputs = with python37Packages; [
requests
six
];
meta = with lib; {
homepage = https://github.com/owncloud/pyocclient/;
description = "Nextcloud / Owncloud library for python";
license = licenses.mit;
maintainers = with maintainers; [ ];
};
}

View File

@ -0,0 +1,34 @@
{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import <nixpkgs> {} }:
with pkgs;
stdenv.mkDerivation rec {
name = "rmount-${version}";
version = "1.0.1";
rev = "v${version}";
src = fetchgit {
rev = "9df124780d2e66f01c70afaecf92090669c5ffb6";
url = "https://github.com/Luis-Hebendanz/rmount";
sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2";
};
buildInputs = [ stdenv makeWrapper ];
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/share/man/man1
cp ${src}/rmount.man $out/share/man/man1/rmount.1
cp ${src}/rmount.bash $out/bin/rmount-noenv
cp ${src}/config.json $out/share/config.json
chmod +x $out/bin/rmount-noenv
makeWrapper $out/bin/rmount-noenv $out/bin/rmount \
--prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]}
'';
meta = {
homepage = "https://github.com/Luis-Hebendanz/rmount";
description = "Remote mount utility which parses a json file";
license = stdenv.lib.licenses.mit;
};
}

View File

@ -0,0 +1,28 @@
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = "ublock-origin-${version}";
version = "1.21.2";
extid = "uBlock0@raymondhill.net";
signed = true;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3361355/ublock_origin-${version}-an+fx.xpi";
sha256 = "0ypdq3z61mrymknl37qlq6379bx9f2fsgbgr0czbhqs9f2vwszkc";
};
phases = [ "installPhase" ];
installPhase = ''
install -D ${src} "$out/${extid}.xpi"
'';
meta = with stdenv.lib; {
description = "ublock origin firefox browser addon";
homepage = https://github.com/gorhill/uBlock;
license = licenses.gnu3;
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "user-agent-switcher-${version}";
version = "0.3.2";
extid = "@user-agent-switcher";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3370255/user_agent_switcher_and_manager-${version}-an+fx.xpi";
sha256 = "0lrw1xf6fsxr47bifkayfxpysv8s2p9ghmbmw2s7ymhrgy42i6v5";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "User agent switcher";
homepage = https://add0n.com/useragent-switcher.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,40 @@
{ stdenv, fetchurl, unzip, jq, zip }:
stdenv.mkDerivation rec {
pname = "webgl-fingerprint-defender-${version}";
version = "0.1.2";
extid = "@webgl-fingerprint-defender";
signed = false;
src = fetchurl {
url = "https://addons.mozilla.org/firefox/downloads/file/3362869/webgl_fingerprint_defender-${version}-an+fx.xpi";
sha256 = "06hfr5hxr4qw0jx6i9fi9gdk5211z08brnvqj2jlmpyc3dwl4pif";
};
phases = [ "buildPhase" ];
buildInputs = [ zip unzip jq ];
buildPhase = ''
mkdir -p $out/${extid}
unzip ${src} -d $out/${extid}
NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json)
echo "$NEW_MANIFEST" > $out/${extid}/manifest.json
cd $out/${extid}
zip -r -FS $out/${extid}.xpi *
rm -r $out/${extid}
'';
meta = with stdenv.lib; {
description = "Canvas defender firefox browser addon";
homepage = https://mybrowseraddon.com/webgl-defender.html;
license = {
fullName = "Mozilla Public License Version 2.0";
shortName = "moz2";
spdxId = "mozilla-2.0";
url = "https://www.mozilla.org/en-US/MPL/2.0/"; };
maintainers = [];
platforms = stdenv.lib.platforms.all;
};
}

View File

@ -0,0 +1,25 @@
{ stdenv, fetchFromGitHub, meson, ninja, pkgconfig
, wayland, wayland-protocols }:
stdenv.mkDerivation rec {
pname = "wl-clipboard";
version = "2.0.0";
src = fetchFromGitHub {
owner = "bugaevc";
repo = "wl-clipboard";
rev = "v${version}";
sha256 = "0c4w87ipsw09aii34szj9p0xfy0m00wyjpll0gb0aqmwa60p0c5d";
};
nativeBuildInputs = [ meson ninja pkgconfig wayland-protocols ];
buildInputs = [ wayland ];
meta = with stdenv.lib; {
description = "Command-line copy/paste utilities for Wayland";
homepage = https://github.com/bugaevc/wl-clipboard;
license = licenses.gpl3;
maintainers = with maintainers; [ dywedir ];
platforms = platforms.linux;
};
}

View File

@ -117,10 +117,6 @@ in
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; };
swapDevices = [
{ device = "/dev/disk/by-label/swap"; }
];
users.extraUsers.root.openssh.authorizedKeys.keys = [ users.extraUsers.root.openssh.authorizedKeys.keys = [
config.krebs.users."0x4A6F".pubkey config.krebs.users."0x4A6F".pubkey
config.krebs.users.ulrich.pubkey config.krebs.users.ulrich.pubkey

View File

@ -4,8 +4,8 @@ let
pkg = pkgs.callPackage ( pkg = pkgs.callPackage (
pkgs.fetchgit { pkgs.fetchgit {
url = "https://git.shackspace.de/rz/muell_mail"; url = "https://git.shackspace.de/rz/muell_mail";
rev = "861ec25ab22797d8961efb32e72d79e113aa9f0f"; rev = "57b67c95052d90044137b2c89007a371dc389afd";
sha256 = "sha256:18cw95zbr7isv4cw80cbpd84n5z208fwh5390i6j10jkn398mjq2"; sha256 = "1grkzs6fxjnc2bv4kskj63d5sb4qxz6yyr85nj0da9hn7qkk4jkj";
}) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; }; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/muell_mail"; home = "/var/lib/muell_mail";
cfg = toString <secrets/shack/muell_mail.js>; cfg = toString <secrets/shack/muell_mail.js>;

View File

@ -4,9 +4,9 @@ let
pkg = pkgs.callPackage ( pkg = pkgs.callPackage (
pkgs.fetchgit { pkgs.fetchgit {
url = "https://git.shackspace.de/rz/muellshack"; url = "https://git.shackspace.de/rz/muellshack";
rev = "d8a5e2d4c0a22804838675ac42b468299dcd9a76"; rev = "4601f59787de090c83be6dbae6ca72d7fc84ab9f";
sha256 = "0ff6q64dgdxmpszp94z100fdic175b1vvxn4crg8p0jcabzxsv0m"; sha256 = "1cshbd6ipvynbm3gmnsm58ccc1m5xc87cpd3b6jx0s6pr2j19g9j";
}) {}; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/muellshack"; home = "/var/lib/muellshack";
port = "8081"; port = "8081";
in { in {

View File

@ -4,9 +4,9 @@ let
pkg = pkgs.callPackage ( pkg = pkgs.callPackage (
pkgs.fetchgit { pkgs.fetchgit {
url = "https://git.shackspace.de/rz/node-light.git"; url = "https://git.shackspace.de/rz/node-light.git";
rev = "a32c782650c4cc0adf51250fe249167d7246c59b"; rev = "32d8064db5172b8068f633211c8bd5688b2c8773";
sha256 = "0clvcp1m2ay0a9ibh7s21q7d9a6nam3497bysvc6mdygblks22qy"; sha256 = "14jzhs7pp3hq42wq3cwqarivn1z7vcgksfzfqfc4yyh21096yi1j";
}) {}; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/node-light"; home = "/var/lib/node-light";
port = "8082"; port = "8082";
in { in {

View File

@ -4,9 +4,10 @@ let
pkg = pkgs.callPackage ( pkg = pkgs.callPackage (
pkgs.fetchgit { pkgs.fetchgit {
url = "https://git.shackspace.de/rz/s3-power"; url = "https://git.shackspace.de/rz/s3-power";
rev = "b2b87b56bb40d714dbbecd1285566870b256aec4"; rev = "0687ab64";
sha256 = "sha256:02wikwf3rgkkggwbwqisdvhlwd38w5pw011xhwvhnj114s3rynan"; sha256 = "1m8h4bwykv24bbgr5v51mam4wsbp5424xcrawhs4izv563jjf130";
}) {}; }) { mkYarnPackage = pkgs.yarn2nix-moretea.mkYarnPackage; };
home = "/var/lib/s3-power"; home = "/var/lib/s3-power";
cfg = toString <secrets/shack/s3-power.json>; cfg = toString <secrets/shack/s3-power.json>;
in { in {

View File

@ -65,7 +65,7 @@ let
}; };
LinkHeader = pythonPackages.buildPythonPackage { LinkHeader = pythonPackages.buildPythonPackage {
name = "LinkHeader-0.4.3"; name = "LinkHeader-0.4.3";
src = pkgs.fetchurl { url = "https://pypi.python.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; }; src = pkgs.fetchurl { url = "https://files.pythonhosted.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; };
propagatedBuildInputs = [ ]; propagatedBuildInputs = [ ];
meta = with pkgs.stdenv.lib; { meta = with pkgs.stdenv.lib; {
homepage = ""; homepage = "";

View File

@ -354,6 +354,62 @@ in {
}; };
}; };
}; };
amy = {
owner = config.krebs.users.Mic92;
nets = rec {
retiolum = {
addrs = [
config.krebs.hosts.donna.nets.retiolum.ip4.addr
config.krebs.hosts.donna.nets.retiolum.ip6.addr
];
ip4.addr = "10.243.29.181";
aliases = [ "amy.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAr3jQRA1+hLKYVgHJA2ax5W8J3GVMTnaGpYw9Q2xXXrX/jxLZ6Ia8
hBjIcCBDVL5Q3FnyrKB9NJeeIvCOKg8WG+8O0+wKcePKd0Vhbsx4Whog/6PWs6qh
q2sURs2tp1hjHks4kZo2WtiYD7Ue9HHdV6FlUO6yuBV0bW2RzHdLPCDSGxnQVkBM
tSwAvMCZwvVBiv4m6RyMXqmpdbAPBzgJcmJS0FY+zGxpiwsR/AdoVvnzYyFMCVpG
iFl5+k9OGhUJq72MwAXzjW5ZdCPrG+2Dd+QBhhtIMJGA2sJiJteT8vdvpTNCiHJ/
HnW7movliN2mW86qwo7QqB5v0c9f9TjfpOld7sS/4vE3zlGi/Stf6SQWaoXez/u3
/P9GzupcYgj76m8Z3j7BMHXCBw8iwP2pZpL9hnLdIyCcyLrzXDIzq4hlt60DPhSU
klTDBUA/cUdSJGcSn2N+WHLOTfI6qeBNKqcTk70OQsa69jAJeAtA+I9OprNYOXqb
MmQakNNlrTaNtGQxfQqEL+wqHlo8CVDGm3O9pQSNF309P4TLNU1EYm+ItScNiVCE
DKhcgvE6xHCwZnVyJN8MMy1CVyDmnHVYoaTEZ2cCvNi/hXIXgO9KWjSpAv5tP764
UkOE4dlDpEW6G1pNf84BERfRYGDj29A/Jk9LJC/6D09QJXNu18HR0sUCAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
clara = {
owner = config.krebs.users.Mic92;
nets = rec {
retiolum = {
addrs = [
config.krebs.hosts.donna.nets.retiolum.ip4.addr
config.krebs.hosts.donna.nets.retiolum.ip6.addr
];
ip4.addr = "10.243.29.182";
aliases = [ "clara.r" ];
tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEA07G1n2sA804nnjWQzq0Fi9i6kxJUo+jVJjtkm5unw3hjflAAd/3d
WN+01GdJCk/gr7DfU/Xr5KnR39Z3ADoT1tbUb+i5AJZ5/8VHUwWM8D8mQAam6LBf
UEeLxhVH8rG6lHaKwVi9oe4gPhgptUOzX/YIlJOMYDlYRxc7Wbj7YQOAKlPuTAjY
Z5bLswfkqTMO0cioJNwwMCNWSMJf3jbKi3eTQ36sf7TDMEneNGSBUpeSjGddoNT/
rrVIDDT8tGmtACKr+3Y0H+EA2K5IxdQKKfnPRR31RBWiTkEXBbaJzYO/ZV5/xlbN
wmblskwq9d9IwDY7qeMctci+ZUZ3epG8MUwYa4faOrgmmkQpa5B+6UOMzw/WDJEc
jTfvSzfPo4anoj8C+MOQYzRvYmp60YEZKomv2BQdBvpGIpUul8WAR2aV0K+wz66e
mUamljAXmLiPxgGKduX5VFVuXzYxeMiBBujQCLTjc+xTB2EdwihxNX1rkxz10BDc
WrgPV+/VVyThKhOvVCifWARHtT2VGcZazfQOW/y3ZmEPOYuc5ZvrSEiMeG3f64+v
UU8cQZ3yBLIhTtC+38pRlsdBQHt526q0j0rrnd30JXVAUdWBunP2UJ5QGtA8/mWn
cWSlvRf5sfbyrISz6+mLPM2qGHnCkKwORNxmv/1DY07O3Rn6hX0OY4ECAwEAAQ==
-----END RSA PUBLIC KEY-----
'';
};
};
};
inspector = { inspector = {
owner = config.krebs.users.Mic92; owner = config.krebs.users.Mic92;
nets = rec { nets = rec {

View File

@ -78,7 +78,7 @@ in {
}; };
users = { users = {
palo = { palo = {
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBYNJVuyyZmc2pCkLWjhl0/hMMb7elmI81/9LAGtk8Tz4TmVderTMohwQkaTYznwPOPuKfU1sSMLCB8rYXdAO5nqWC4bGjXJ/+D8/UKfGjSqRQ7UkfpOF3NAm+pqUSFjaVXi1BWd+jxmsD0uRks0PyNSywZfgjn5LYpD3SpxyFy/17P/PJ9vX6PELjeYvNGH3l5cXDwYky3ZZJol7quBJ5yrA6I536A4wNDzg2ow+MRVu51/nIJdnbbsC/dDHgmdRWnStOzvsA+xSEMeKvLW3CaSPINr/bMGxOPrefr79bg59gkw9Wxp51fkx0o18N1liTRfWXau+GFNGMxFluELhfGXYOH9HLedLt8H38zs5vgJ9IY+tlOzMKud5njiNkuG503AiqY2H7coN7VeVA5+6L7tmwFbCMhPal4MS0VKHNBmCTDY5QMURYUajKiUh8n5IcbuTsPM+lEszm16g5iB+XQ1vpjza5ds6DRL1H6pUF/UpUzYUlqh2RnE+CyLsFO2MB/o72NoSWRfmn7/nsg6eEg/9kSn+dwj2ythjuEkMG28Yhm/XjaGnuAE/ZpIeRDozIQNGcHpzPHMd95olfNJW7+fLi+CvSFZa9l+tdS8PoRnCdHOsO4zvESJZ2rDn0Zt0Az6XNRJfYTABDlYPGCnWN4vmlnEJqQARSSiKBDhSgPw== palo@workout"; pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
}; };
}; };
} }

View File

@ -137,19 +137,20 @@ in {
"reagenzglas.r" "reagenzglas.r"
]; ];
tinc.pubkey = '' tinc.pubkey = ''
-----BEGIN RSA PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MIICCgKCAgEAon6oMki2GuJah9c1jNj0CupIPNo765AxtpSkut1PvoydAVYWZMO0 MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwYLQr5m/x7Q6w8sL8QwI
/UQgrvoDQPq3VQU98LHhtQVjmfmcxmxIK3mWoM356P9TGsheOspTcVP4HCMoWZoF GSEScP4V1Eun77mpV5ygk8FBV7S7Cj64QaEntM4NPNMS8DOs3qDkXQbC5yQQhVdG
QpgpQs1RNuG/nAAcoVHnTqFeFt6oWsykESIWj5jFV5XA+KanyLFThi8aWPumJgOV rL191UK7B1VxprsyVDY5wj2bR96vOX9KadYSpk2lEaB2yyA8Xt2t4VrhcDOIk3k+
W0AR4+0eECMjBXCV0yRaug4cnFKwLtTQ993AP6Di+5iyh8H39wuASUA/USfMItyX COMIbeqFd4rs5B2kV8p1KIFScng0x7uDhEvpn8zTakbtXWzcqirzBzqLTt9GqHE9
KEPCT1LPVu2JKsLE/aQEqX1ra3qVJ+SzSPKvOJGKNjcN0e84TuqGrh6cmEDcT/hd wXAca7iYCabhp6tzrOF7ifkRXgFy9+RPjUb8cqOyYL0k4zRSqNRDUQaySgUHRUwo
MNZisdPvWA8UwXZfsT/TOGyd8MBqgGxWS6JSFHXy9enyjvS+rws8U0IySlnAIEoi EzE/piLnBQHX/7tc9PdNPHizL62HeLOCnsKB+MoaJqsey6KPhxVDwYw3dJ/C3pCS
mXi0leXXDHSQBUnLgDwx4yAJ2R63bUr0pvVd9NBvS9CYHH3TETuwxtMsd3Djm1tu wFMUlt6D/5LxPL2yXJRRGb+I/hLnKGzbfB7Hz4Mh2PW2NMtdK0NMouDdH1VRnx68
9/GxN78N+dTHCwOFw/RFOGKCDuM2v1P0f56SdcADqiziuVn+Sj/WPL7rM7qLkySv QdL0MetHECz+TjpZIrn0Y2OCizDDGiKDndafQi4VPnWGulYUHtpIIMHkAS6xCHHn
jAqY7q5PUjcz/tltJUJwIHaV3sSB6+zOKhSPhGE5ASr4dYEnxiTSD2YE7fj3+WKK 5Rfe1LRxNXVSfqcQEYbjf+PNmwUw8etzBwYzB6zFFnQhw+6kWBPqnB38NkQ0Fzhc
ShG3cpjOwgW0/Ut88zIs7zQxfHj5ZML+Gh2E2LN5nb7StMBWafgvq58eTKbMCKbx h7isl2iq9aotObk9p53gj1i8eaSCeq6C5sFM9Bs3d00HfCLNTCNMqYZynmapo+3Q
ev7cFjOOV86sCjqtt5LVSi7TPAtolnmLyxzM+s/eZoLYITh+Zo8UERMCAwEAAQ== 0P6oX3YWzM2oUiknWKKOVyDUwCJolwlAeNOvlwCDzsiAAAB7INYBnJCIIPPcoE/q
-----END RSA PUBLIC KEY----- iddgcSx6Poq15h8H5tr439kCAwEAAQ==
-----END PUBLIC KEY-----
''; '';
}; };
}; };

View File

@ -53,6 +53,9 @@ with import <stockholm/lib>;
systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg: systemd.services = flip mapAttrs' config.krebs.reaktor2 (_: cfg:
nameValuePair cfg.systemd-service-name { nameValuePair cfg.systemd-service-name {
after = [ "network.target" ]; after = [ "network.target" ];
environment = {
LC_ALL = "en_US.UTF-8";
};
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
User = cfg.username; User = cfg.username;

View File

@ -8,7 +8,7 @@ let
nginx-user = config.services.nginx.user; nginx-user = config.services.nginx.user;
nginx-group = config.services.nginx.group; nginx-group = config.services.nginx.group;
fpm-socket = "/var/run/php5-fpm-rutorrent.sock"; fpm-socket = config.services.phpfpm.pools.rutorrent.socket;
webdir = rucfg.webdir; webdir = rucfg.webdir;
systemd-logfile = cfg.workDir + "/rtorrent-systemd.log"; systemd-logfile = cfg.workDir + "/rtorrent-systemd.log";
@ -332,12 +332,11 @@ let
rutorrent-imp = { rutorrent-imp = {
services.phpfpm = { services.phpfpm = {
# phpfpm does not have an enable option
pools.rutorrent = { pools.rutorrent = {
user = nginx-user; user = nginx-user;
group = nginx-group; group = nginx-group;
listen = fpm-socket;
settings = { settings = {
"listen.owner" = nginx-user;
"pm" = "dynamic"; "pm" = "dynamic";
"pm.max_children" = 5; "pm.max_children" = 5;
"pm.start_servers" = 2; "pm.start_servers" = 2;

View File

@ -1,7 +1,7 @@
{ {
"url": "https://github.com/NixOS/nixpkgs-channels", "url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "d484f2b7fc0834a068e8ace851faa449a03963f5", "rev": "471869c9185fb610e67940a701eb13b1cfb335a4",
"date": "2019-09-20T22:58:43+02:00", "date": "2019-10-31T16:03:13+01:00",
"sha256": "0jk93ikryi2hqc30l2n5i4vlgmklrlzb8cf7b3sg1q3k70q344jn", "sha256": "1klbclz8n4b9k1kfwv806bqdavld1mg32l1vxsmnrqzr6zck1c54",
"fetchSubmodules": false "fetchSubmodules": false
} }

View File

@ -1,7 +1,7 @@
{ {
"url": "https://github.com/NixOS/nixpkgs-channels", "url": "https://github.com/NixOS/nixpkgs-channels",
"rev": "7952807791daf3c60c99f10f371f732d897e3de8", "rev": "c75de8bc12cc7e713206199e5ca30b224e295041",
"date": "2019-10-13T01:14:01+02:00", "date": "2019-10-27T17:40:06+01:00",
"sha256": "1h9wg0arazbyj8xfgvfhzn2gw6ya8sgcxscy1n5j182b5xri1xdk", "sha256": "1awipcjfvs354spzj2la1nzmi9rh2ci2mdapzf4kkabf58ilra6x",
"fetchSubmodules": false "fetchSubmodules": false
} }

View File

@ -129,7 +129,6 @@ with import <stockholm/lib>;
cac-api cac-api
sshpass sshpass
get get
teamspeak_client
hashPassword hashPassword
urban urban
mk_sql_pair mk_sql_pair

View File

@ -3,7 +3,7 @@
./config.nix ./config.nix
]; ];
hardware.enableAllFirmware = true; hardware.enableRedistributableFirmware = true;
boot = { boot = {
#kernelParams = [ #kernelParams = [
# "acpi.brightness_switch_enabled=0" # "acpi.brightness_switch_enabled=0"

View File

@ -33,8 +33,7 @@ in {
extraPackages = ps: with ps; [ extraPackages = ps: with ps; [
pkgs.pico2wave pkgs.pico2wave
python-forecastio jsonrpc-async jsonrpc-websocket mpd2 python-forecastio jsonrpc-async jsonrpc-websocket mpd2
(callPackage ./deps/gtts-token.nix { }) (callPackage ./deps/openwrt-luci-rpc.nix { })
(callPackage ./deps/pyhaversion.nix { })
]; ];
}; };
autoExtraComponents = true; autoExtraComponents = true;
@ -47,8 +46,16 @@ in {
elevation = 303; elevation = 303;
auth_providers = [ auth_providers = [
{ type = "homeassistant";} { type = "homeassistant";}
{ type = "legacy_api_password";} { type = "legacy_api_password";
api_password = "sistemas";
}
{ type = "trusted_networks"; { type = "trusted_networks";
trusted_networks = [
"127.0.0.1/32"
"192.168.8.0/24"
"::1/128"
"fd00::/8"
];
# allow_bypass_login = true; # allow_bypass_login = true;
} }
]; ];
@ -119,7 +126,7 @@ in {
aramark.binary_sensor; aramark.binary_sensor;
sensor = sensor =
[{ platform = "version"; }] ++ # [{ platform = "version"; }] ++ # pyhaversion
(import ./sensor/pollen.nix) ++ (import ./sensor/pollen.nix) ++
(import ./sensor/espeasy.nix) ++ (import ./sensor/espeasy.nix) ++
(import ./sensor/airquality.nix) ++ (import ./sensor/airquality.nix) ++
@ -140,20 +147,15 @@ in {
http = { http = {
# TODO: https://github.com/home-assistant/home-assistant/issues/16149 # TODO: https://github.com/home-assistant/home-assistant/issues/16149
base_url = "http://192.168.8.11:8123"; base_url = "http://192.168.8.11:8123";
api_password = "sistemas";
trusted_networks = [
"127.0.0.1/32"
"192.168.8.0/24"
"::1/128"
"fd00::/8"
];
}; };
conversation = {}; conversation = {};
history = {}; history = {};
logbook = {}; logbook = {};
tts = [ tts = [
{ platform = "google"; { platform = "google_translate";
language = "de"; language = "de";
time_memory = 57600;
service_name = "google_say";
} }
{ platform = "voicerss"; { platform = "voicerss";
api_key = builtins.readFile <secrets/hass/voicerss.apikey>; api_key = builtins.readFile <secrets/hass/voicerss.apikey>;

View File

@ -1,27 +0,0 @@
{ lib
, buildPythonPackage
, fetchPypi
, requests
}:
buildPythonPackage rec {
pname = "gtts-token";
version = "1.1.3";
src = fetchPypi {
pname = "gTTS-token";
inherit version;
sha256 = "9d6819a85b813f235397ef931ad4b680f03d843c9b2a9e74dd95175a4bc012c5";
};
propagatedBuildInputs = [
requests
];
meta = with lib; {
description = "Calculates a token to run the Google Translate text to speech";
homepage = https://github.com/boudewijn26/gTTS-token;
license = licenses.mit;
# maintainers = [ maintainers. ];
};
}

View File

@ -0,0 +1,34 @@
{ lib
, buildPythonPackage
, fetchPypi
, click
, requests
, packaging
}:
buildPythonPackage rec {
pname = "openwrt-luci-rpc";
version = "1.1.2";
src = fetchPypi {
inherit pname version;
sha256 = "174a1f6c0bb2a2ed76e5299d14e2be05c612e8bcd4c15b9a9aedee1ef8e18b90";
};
patchPhase = ''
sed -i -e "s/requests==2.21.0/requests/" -e "s/packaging==19.1/packaging/" setup.py
'';
propagatedBuildInputs = [
click
requests
packaging
];
meta = with lib; {
description = "Module for interacting with OpenWrt Luci RPC interface";
homepage = https://github.com/fbradyirl/openwrt-luci-rpc;
license = licenses.asl20;
maintainers = [ maintainers.makefu ];
};
}

View File

@ -1,33 +0,0 @@
{ lib
, buildPythonPackage
, fetchpatch
, fetchPypi
, aiohttp
, async-timeout
}:
buildPythonPackage rec {
pname = "pyhaversion";
version = "2.2.1";
src = fetchPypi {
inherit pname version;
sha256 = "72b65aa25d7b2dbb839a4d0218df2005c2335e93526035904d365bb668030b9f";
};
patches = [
(fetchpatch { url = "https://github.com/makefu/pyhaversion/commit/f3bdc38970272cd345c2cfbde3037ea492ca27c4.patch";
sha256 =
"1rhq4z7mdgnwhwpf5fmarnbc1ba3qysk1wqjdr0hvbzi8vmvbfcc";})
];
doCheck = false;
propagatedBuildInputs = [
aiohttp
async-timeout
];
meta = with lib; {
description = "";
homepage = https://github.com/ludeeus/pyhaversion;
# maintainers = [ maintainers. ];
};
}

View File

@ -3,7 +3,6 @@
[ [
{ platform = "luci"; { platform = "luci";
name = "router";
host = "192.168.8.1"; host = "192.168.8.1";
username = "root"; username = "root";
password = import <secrets/hass/router.nix>; password = import <secrets/hass/router.nix>;

View File

@ -24,13 +24,13 @@ let
brightness_command_topic = "/bam/${topic}/cmnd/Dimmer"; brightness_command_topic = "/bam/${topic}/cmnd/Dimmer";
brightness_scale = 100; brightness_scale = 100;
# color # color
rgb_state_topic = "/bam/${topic}/stat/Color"; rgb_state_topic = "/bam/${topic}/stat/RESULT";
rgb_command_topic = "/bam/${topic}/cmnd/Color2"; rgb_command_topic = "/bam/${topic}/cmnd/Color2";
rgb_command_mode = "hex"; rgb_value_template = "{{(value_json.Channel[0]*2.55)|int}},{{(value_json.Channel[1]*2.55)|int}},{{(value_json.Channel[2]*2.55)|int}}";
rgb_command_template = "{{ '%02x%02x%02x' | format(red, green, blue)}}";
# effects # effects
effect_state_topic = "/bam/${topic}/tele/STATE"; effect_state_topic = "/bam/${topic}/tele/STATE";
effects_value_template = "{{value_json.Scheme|default(0)}}"; effect_value_template = "{{value_json.Scheme|default(0)}}";
effect_command_topic = "/bam/${topic}/cmnd/Scheme"; effect_command_topic = "/bam/${topic}/cmnd/Scheme";
effect_list = [ effect_list = [
0 # single color for LED light 0 # single color for LED light

View File

@ -3,7 +3,7 @@
id = 1; id = 1;
device_trackers = [ device_trackers = [
"device_tracker.thorsten_phone" "device_tracker.thorsten_phone"
"device_tracker.thorsten_arbeitphone" #"device_tracker.thorsten_arbeitphone"
]; ];
} }
{ name = "Felix"; { name = "Felix";
@ -26,4 +26,40 @@
"device_tracker.daniel_phone" "device_tracker.daniel_phone"
]; ];
} }
{ name = "Thierry";
id = 5;
device_trackers = [
"device_tracker.thierry_phone"
];
}
{ name = "Frank";
id = 6;
device_trackers = [
"device_tracker.frank_phone"
];
}
{ name = "Carsten";
id = 7;
device_trackers = [
"device_tracker.carsten_phone"
];
}
{ name = "Emeka";
id = 8;
device_trackers = [
"device_tracker.emeka_phone"
];
}
#{ name = "Sabine";
# id = 9;
# device_trackers = [
# "device_tracker.sabine_phone"
# ];
#}
{ name = "Tobias";
id = 10;
device_trackers = [
"device_tracker.tobias_phone"
];
}
] ]

View File

@ -15,7 +15,7 @@
"uv_index" "uv_index"
]; ];
units = "si" ; units = "si" ;
update_interval = { days = 0; hours = 0; minutes = 30; seconds = 0; }; scan_interval = "00:30:00";
} }
{ platform = "luftdaten"; { platform = "luftdaten";
name = "Ditzingen"; name = "Ditzingen";

View File

@ -1,6 +1,6 @@
[ { [ {
platform = "dwd_pollen"; platform = "dwd_pollen";
partsregion_ids = [ partregion_ids = [
112 112
]; ];
} }

View File

@ -127,6 +127,7 @@ let
group = "nginx"; group = "nginx";
listen = socket; listen = socket;
settings = { settings = {
"listen.owner" = "nginx";
"pm" = "dynamic"; "pm" = "dynamic";
"pm.max_children" = 32; "pm.max_children" = 32;
"pm.max_requests" = 500; "pm.max_requests" = 500;

View File

@ -27,6 +27,7 @@ in {
inherit user group; inherit user group;
listen = fpm-socket; listen = fpm-socket;
settings = { settings = {
"listen.owner" = user;
"pm" = "dynamic"; "pm" = "dynamic";
"pm.max_children" = 5; "pm.max_children" = 5;
"pm.start_servers" = 2; "pm.start_servers" = 2;

View File

@ -1,11 +1,11 @@
{ stdenv, lib, fetchFromGitHub, mbedtls, python2, perl }: { stdenv, lib, fetchFromGitHub, mbedtls, python2, perl }:
let let
version = "1.35"; version = "4.03";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "The-4n"; owner = "The-4n";
repo = "4NXCI"; repo = "4NXCI";
rev = "v${version}"; rev = "v${version}";
sha256 = "0yq0irxzi4wi71ajw8ld01zfpkrgknpq7g3m76pbnwmdzkm7dra6"; sha256 = "0n49sqv6s8cj2dw1dbcyskfc2zr92p27f1bdd6jqfbawv0fqr1wf";
}; };
mymbedtls = stdenv.mkDerivation { mymbedtls = stdenv.mkDerivation {