diff options
| author | lassulus <lass@blue.r> | 2018-10-09 11:30:02 +0200 |
|---|---|---|
| committer | lassulus <lass@blue.r> | 2018-10-09 11:30:02 +0200 |
| commit | 5ac5ee66bd006cd6161a05c35a2df088abe0616b (patch) | |
| tree | bb34b0506da2fca7e7eb19eb7e3469e752e2e415 | |
| parent | 1f23af4309d077a4a98c2ad8539db12d062842a5 (diff) | |
| parent | 29d4f4357afc0965c73f7ed33c3f03880e8e84e2 (diff) | |
Merge branch '18.09'
51 files changed, 395 insertions, 1359 deletions
diff --git a/.gitmodules b/.gitmodules index c96fec739..f35a9250d 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,3 +1,6 @@ [submodule "submodules/nix-writers"] path = submodules/nix-writers url = http://cgit.krebsco.de/nix-writers +[submodule "submodules/krops"] + path = submodules/krops + url = https://cgit.krebsco.de/krops diff --git a/jeschli/1systems/brauerei/config.nix b/jeschli/1systems/brauerei/config.nix index 4ba888e39..ad58226f6 100644 --- a/jeschli/1systems/brauerei/config.nix +++ b/jeschli/1systems/brauerei/config.nix @@ -119,6 +119,8 @@ # Don't install feh into systemPackages # refs <nixpkgs/nixos/modules/services/x11/desktop-managers> desktopManager.session = lib.mkForce []; + displayManager.lightdm.enable = lib.mkForce false; + displayManager.job.execCmd = lib.mkForce "derp"; enable = true; display = lib.mkForce 11; @@ -147,6 +149,7 @@ isNormalUser = true; openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDB0d0JA20Vqn7I4lCte6Ne2EOmLZyMJyS9yIKJYXNLjbLwkQ4AYoQKantPBkTxR75M09E7d3j5heuWnCjWH45TrfQfe1EOSSC3ppCI6C6aIVlaNs+KhAYZS0m2Y8WkKn+TT5JLEa8yybYVN/RlZPOilpj/1QgjU6CQK+eJ1k/kK+QFXcwN82GDVh5kbTVcKUNp2tiyxFA+z9LY0xFDg/JHif2ROpjJVLQBJ+YPuOXZN5LDnVcuyLWKThjxy5srQ8iDjoxBg7dwLHjby5Mv41K4W61Gq6xM53gDEgfXk4cQhJnmx7jA/pUnsn2ZQDeww3hcc7vRf8soogXXz2KC9maiq0M/svaATsa9Ul4hrKnqPZP9Q8ScSEAUX+VI+x54iWrnW0p/yqBiRAzwsczdPzaQroUFTBxrq8R/n5TFdSHRMX7fYNOeVMjhfNca/gtfw9dYBVquCvuqUuFiRc0I7yK44rrMjjVQRcAbw6F8O7+04qWCmaJ8MPlmApwu2c05VMv9hiJo5p6PnzterRSLCqF6rIdhSnuOwrUIt1s/V+EEZXHCwSaNLaQJnYL0H9YjaIuGz4c8kVzxw4c0B6nl+hqW5y5/B2cuHiumnlRIDKOIzlv8ufhh21iN7QpIsPizahPezGoT1XqvzeXfH4qryo8O4yTN/PWoA+f7o9POU7L6hQ== lhebendanz@nixos" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEZgHR1ZPDBMUjGWar/QmI2GiUkZM8pAXRyBDh8j3hGlxlS+0lsBV6bTAI5F13iyzTC4pCuEuDO2OlFB0scwjcOATci8phd8jTjOIDodqDaeQZXbshyuUBfyiAV6q0Sc+cUDV3D6GhzigH3t8EiQmvXmUGm916yFotT12o0dm83SCOh1nAf9ZveC1Hz/eEUTvgWvIb58OdUR5F/S5OVBnIIJZ8tcp0BP9lyjjJCcANWkYJlwaVcNNb0UarCRhvRtptFj+e/EPqQxSCaS2QcxW4zBsQ6C81TFf7WrdH+pwtFg0owlWsxv547sRLLiPf2h2YuQgSoAaW24N0SHhUqvOXd+JyaYw7MAF8Qh3jHm2iJQRgXNuIN0msFi1alwAevilL2mnfAt2biQ9sS9g+CVvQCwX3mg09E4Y3UmFLzvsJafD9meKVrjnDCcXySeAfts59eFmwKtMQ0qrEWaclzUiA6Ay3uD1zma8x1XELGTf8nxnXCGl8s2i2APn7y1Tcwep69DlENWSaReF5zBLIkCtIUDd+8xBFTF3yu5CpyRrRMKGa0QX/MtsQl4SGJWadOTwpM8joIbrIVfKkTNB2McxAjvo0iaRoBDm409gi2Ycy+NSoUV/KAIUG7OysAQZ62hr+E/Kw1ocJCIVI+9vzKx/EnEIHkCSwhYKl5393W7CShVJjJUcKcZddqX2smSShXq8rXPzhIHk1dAVn5Ff/vGZT9z9R0QN3z6Oa9QN5t5TjTdUDToqHTudqOpDxPl2c2yXK9wV+aoHFoML9AmbzTT1U1mKU7GXSoFACiKNzhDzkovyJGpWRyvisX5t75IfuVqvGGI8n3u8OhPMdyyOHRylVaciDzBMZ00xnIHB+dJG9IeYaMm9bW1Li4Jo0CWnogo2+olfHPMLijBuu+bsa5Kp6kFkccJYR/xqcSq0lVXkpGm692JI4dnMGjchipXEGh1gXof9jXHemMMBwjpLFGty+D0r5KdA33m+mIqc9hi0ShquA9nA7E1IxDlgE0gQg+P5ZOeeIN7q54AQmT8iCCCRyne2Kw57XxaGgZoLfj7VjjaeRlzBUglmtyq8B7/c0J3y41vt9Hxhj4sKD+vufZu+M9E6E936KsJlIi+3U0PtopM/b8L4jcH1JYpPljapsys8wkJZ1ymHf6Kj/0FHyi1V+GvquiVrlFN+aHECIzNlCiSMO4MqfPUO1A+s9zkG2ZgPNNv+LoZqnokjbmKM4kdxexMxaL/Eo9Nd/bzdYiFYXlllEL7Uox+yV0N3loQ2juh4zn+ctCnwHi+V9X4l4rB8amW96WrXiJ/WqEK2UO8St8dcQWhCsUUm2OawSrbYYZw5HhJwz/Rhz2UsdSc56s5OUiQLJqpILYvCnqSLlF4iZdRSdDQNpKn+le3CeGUl5UUuvK2BpKGrbPKx0i/2ZSEMxNA5GnDMx/NyiNyDBcoPu/XOlNi8VWsEbCtoTQRamvqHjOmNcPrxCxds+TaF8c0wMR720yj5sWq8= jeschli@nixos" ]; }; diff --git a/jeschli/2configs/emacs.nix b/jeschli/2configs/emacs.nix index 3bd2dbfc4..5fc887477 100644 --- a/jeschli/2configs/emacs.nix +++ b/jeschli/2configs/emacs.nix @@ -67,7 +67,6 @@ let emacsWithCustomPackages = (pkgs.emacsPackagesNgGen pkgs.emacs).emacsWithPackages (epkgs: [ epkgs.melpaPackages.evil epkgs.melpaStablePackages.magit - epkgs.melpaPackages.mmm-mode epkgs.melpaPackages.nix-mode epkgs.melpaPackages.go-mode epkgs.melpaPackages.google-this diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix index 6307649e3..e8c5e0457 100644 --- a/krebs/3modules/default.nix +++ b/krebs/3modules/default.nix @@ -111,7 +111,6 @@ let { krebs = import ./krebs { inherit config; }; } { krebs = import ./lass { inherit config; }; } { krebs = import ./makefu { inherit config; }; } - { krebs = import ./nin { inherit config; }; } { krebs = import ./tv { inherit config; }; } { krebs.dns.providers = { diff --git a/krebs/3modules/nin/default.nix b/krebs/3modules/nin/default.nix deleted file mode 100644 index 1531a2c89..000000000 --- a/krebs/3modules/nin/default.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ config, ... }: - -with import <stockholm/lib>; - -{ - hosts = mapAttrs (_: recursiveUpdate { - owner = config.krebs.users.nin; - ci = true; - }) { - hiawatha = { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.132.96"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:2342"; - aliases = [ - "hiawatha.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAucIe5yLzKJ8F982XRpZT6CvyXuPrtnNTmw/E/T6Oyq88m/OVHh6o - Viho1XAlJZZwqNniItD0AQB98uFB3+3yA7FepnwwC+PEceIfBG4bTDNyYD3ZCsAB - iWpmRar9SQ7LFnoZ6X2lYaJkUD9afmvXqJJLR5MClnRQo5OSqXaFdp7ryWinHP7E - UkPSNByu4LbQ9CnBEW8mmCVZSBLb8ezxg3HpJSigmUcJgiDBJ6aj22BsZ5L+j1Sr - lvUuaCr8WOS41AYsD5dbTYk7EG42tU5utrOS6z5yHmhbA5r8Ro2OFi/R3Td68BIJ - yw/m8sfItBCvjJSMEpKHEDfGMBCfQKltCwIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFizK5kauDlnjm/IzyzLi+W4hLKqjSWMkfuxzLwg6egx"; - }; - axon= { - cores = 2; - nets = { - retiolum = { - ip4.addr = "10.243.134.66"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:1379"; - aliases = [ - "axon.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIECgKCBAEA89h5SLDQL/ENM//3SMzNkVnW4dBdg1GOXs/SdRCTcgygJC0TzsAo - glfQhfS+OhFSC/mXAjP8DnN7Ys6zXzMfJgH7TgVRJ8tCo5ETehICA19hMjMFINLj - KZhhthPuX7u2Jr4uDMQ0eLJnKVHF4PmHnkA+JGcOqO7VSkgcqPvqPMnJFcMkGWvH - L3KAz1KGPHZWrAB2NBDrD/bOZj4L39nS4nJIYVOraP7ze1GTTC7s/0CnZj3qwS5j - VdUYgAR+bdxlWm1B1PPOjkslP6UOklQQK4SjK3ceLYb2yM7BVICeznjWCbkbMACY - PUSvdxyiD7nZcLvuM3cJ1M45zUK+tAHHDB5FFUUAZ+YY/Xml4+JOINekpQdGQqkN - X4VsdRGKpjqi+OXNP4ktDcVkl8uALmNR6TFfAEwQJdjgcMxgJGW9PkqvPl3Mqgoh - m89lHPpO0Cpf40o6lZRG42gH1OR7Iy1M234uA08a3eFf+IQutHaOBt/Oi0YeiaQp - OtJHmWtpsQRz24/m+uroSUtKZ63sESli28G1jP73Qv7CiB8KvSX0Z4zKJOV/CyaT - LLguAyeWdNLtVg4bGRd7VExoWA+Rd9YKHCiE5duhETZk0Hb9WZmgPdM7A0RBb+1H - /F9BPKSZFl2e42VEsy8yNmBqO8lL7DVbAjLhtikTpPLcyjNeqN99a8jFX4c5nhIK - MVsSLKsmNGQq+dylXMbErsGu3P/OuCZ4mRkC32Kp4qwJ+JMrJc8+ZbhKl6Fhwu0w - 7DwwoUaRoMqtr2AwR+X67eJsYiOVo5EkqBo6DrWIM6mO2GrWHg5LTBIShn08q/Nm - ofPK2TmLdfqBycUR0kRCCPVi82f9aElmg3pzzPJnLAn9JLL43q6l+sefvtr9sTs3 - 1co6m8k5mO8zTb8BCmX2nFMkCopuHeF1nQ33y6woq0D8WsXHfHtbPwN9eYRVrbBF - 29YBp5E+Q1pQB+0rJ4A5N1I3VUKhDGKc72pbQc8cYoAbDXA+RKYbsFOra5z585dt - 4HQXpwj3a/JGJYRT6FVbJp4p8PjwAtN9VkpXNl4//3lXQdDD6aQ6ssXaKxVAp2Xj - FjPjx6J6ok4mRvofKNAREt4eZUdDub34bff6G0zI7Vls9t4ul0uHsJ6+ic3CG+Yl - buLfOkDp4hVCAlMPQ2NJfWKSggoVao7OTBPTMB3NiM56YOPptfZgu2ttDRTyuQ7p - hrOwutxoy/abH3hA8bWj1+C23vDtQ2gj0r16SWxpPdb3sselquzKp9NIvtyRVfnG - yYZTWRHg9mahMC2P0/wWAQVjKb0LnTib4lSe21uqFkWzp+3/Uu+hiwP5xGez/NIi - ahyL7t0D9r9y+i1RPjYWypgyR568fiGheQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF4ubHA2pQzV4tQq9D1zRTD1xOSR6xZM3z6te+5A1ekc"; - }; - onondaga = { - cores = 1; - nets = { - retiolum = { - ip4.addr = "10.243.132.55"; - ip6.addr = "42:0000:0000:0000:0000:0000:0000:1357"; - aliases = [ - "onondaga.r" - "cgit.onondaga.r" - ]; - tinc.pubkey = '' - -----BEGIN RSA PUBLIC KEY----- - MIIBCgKCAQEAqj6NPhRVsr8abz9FFx9+ld3amfxN7SRNccbksUOqkufGS0vaupFR - OWsgj4Qmt3lQ82YVt5yjx0FZHkAsenCEKM3kYoIb4nipT0e1MWkQ7plVveMfGkiu - htaJ1aCbI2Adxfmk4YbyAr8k3G+Zl9t7gTikBRh7cf5PMiu2JhGUZHzx9urR0ieH - xyashZFjl4TtIy4q6QTiyST9kfzteh8k7CJ72zfYkdHl9dPlr5Nk22zH9xPkyzmO - kCNeknuDqKeTT9erNtRLk6pjEcyutt0y2/Uq6iZ38z5qq9k4JzcMuQ3YPpNy8bxn - hVuk2qBu6kBTUW3iLchoh0d4cfFLWLx1SQIDAQAB - -----END RSA PUBLIC KEY----- - ''; - }; - }; - ssh.privkey.path = <secrets/ssh.id_ed25519>; - ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmQk7AXsYLzjUrOjsuhZ3+gT7FjhPtjwxv5XnuU8GJO"; - }; - - }; - users = { - nin = { - mail = "nin@axon.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl4jHl2dya9Tecot7AcHuk57FiPN0lo8eDa03WmTOCCU7gEJLgpi/zwLxY/K4eXsDgOt8LJwddicgruX2WgIYD3LnwtuN40/U9QqqdBIv/5sYZTcShAK2jyPj0vQJlVUpL7DLxxRH+t4lWeRw/1qaAAVt9jEVbzT5RH233E6+SbXxfnQDhDwOXwD1qfM10BOGh63iYz8/loXG1meb+pkv3HTf5/D7x+/y1XvWRPKuJ2Ml33p2pE3cTd+Tie1O8CREr45I9JOIOKUDQk1klFL5NNXnaQ9h1FRCsnQuoGztoBq8ed6XXL/b8mQ0lqJMxHIoCuDN/HBZYJ0z+1nh8X6XH nin@axon"; - }; - nin_h = { - mail = "nin@hiawatha.r"; - pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDicZLUPEVNX7SgqYWcjPo0UESRizEfIvVVbiwa1aApA8x25u/5R3sevcgbIpLHYKDMl5tebny9inr6G2zqB6oq/pocQjHxrPnuLzqjvqeSpbjQjlNWJ9GaHT5koTXZHdkEXGL0vfv1SRDNWUiK0rNymr3GXab4DyrnRnuNl/G1UtLf4Zka94YUD0SSPdS9y6knnRrUWKjGMFBZEbNSgHqMGATPQP9VDwKHIO2OWGfiBAJ4nj/MWj+BxHDleCMY9zbym8yY7p/0PLaUe9eIyLC8MftJ5suuMmASlj+UGWgnqUxWxsMHax9y7CTAc23r1NNCXN5LC6/facGt0rEQrdrTizBgOA1FSHAPCl5f0DBEgWBrRuygEcAueuGWvI8/uvtvQQZLhosDbXEfs/3vm2xoYBe7wH4NZHm+d2LqgIcPXehH9hVQsl6pczngTCJt0Q/6tIMffjhDHeYf6xbe/n3AqFT0PylUSvOw/H5iHws3R6rxtgnOio7yTJ4sq0NMzXCtBY6LYPGnkwf0oKsgB8KavZVnxzF8B1TD4nNi0a7ma7bd1LMzI/oGE6i8kDMROgisIECOcoe8YYJZXIne/wimhhRKZAsd+VrKUo4SzNIavCruCodGAVh2vfrqRJD+HD/aWH7Vr1fCEexquaxeKpRtKGIPW9LRCcEsTilqpZdAiw== nin@hiawatha"; - }; - }; -} diff --git a/krebs/5pkgs/haskell/blessings.nix b/krebs/5pkgs/haskell/blessings.nix index 8c52c5636..59c5b7984 100644 --- a/krebs/5pkgs/haskell/blessings.nix +++ b/krebs/5pkgs/haskell/blessings.nix @@ -1,11 +1,24 @@ -{ mkDerivation, base, fetchgit, stdenv }: -mkDerivation rec { +with import <stockholm/lib>; +{ mkDerivation, base, fetchgit, stdenv }: let + + cfg = { + "18.03" = { + version = "1.1.0"; + sha256 = "1k908zap3694fcxdk4bb29s54b0lhdh557y10ybjskfwnym7szn1"; + }; + "18.09" = { + version = "1.2.0"; + sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300"; + }; + }.${versions.majorMinor nixpkgsVersion}; + +in mkDerivation { pname = "blessings"; - version = "1.2.0"; + version = cfg.version; src = fetchgit { url = http://cgit.ni.krebsco.de/blessings; - rev = "refs/tags/v${version}"; - sha256 = "03hz43ixww0h4fwxqrlrlvmj3pxswhb50ijaapwjz8457il2r300"; + rev = "refs/tags/v${cfg.version}"; + sha256 = cfg.sha256; }; libraryHaskellDepends = [ base ]; doHaddock = false; diff --git a/krebs/5pkgs/haskell/email-header.nix b/krebs/5pkgs/haskell/email-header.nix index b54240809..4049168c1 100644 --- a/krebs/5pkgs/haskell/email-header.nix +++ b/krebs/5pkgs/haskell/email-header.nix @@ -1,14 +1,29 @@ +with import <stockholm/lib>; { mkDerivation, attoparsec, base, base64-bytestring, bytestring , case-insensitive, containers, exceptions, fetchgit, QuickCheck , stdenv, tasty, tasty-quickcheck, text, text-icu, time -}: -mkDerivation { +}: let + + cfg = { + "18.03" = { + version = "0.3.0"; + rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8"; + sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59"; + }; + "18.09" = { + version = "0.4.1-tv1"; + rev = "refs/tags/v${cfg.version}"; + sha256 = "11xjivpj495r2ss9aqljnpzzycb57cm4sr7yzmf939rzwsd3ib0x"; + }; + }.${versions.majorMinor nixpkgsVersion}; + +in mkDerivation { pname = "email-header"; - version = "0.3.0"; + version = cfg.version; src = fetchgit { url = "https://github.com/4z3/email-header"; - rev = "7b179bd31192ead8afe7a0b6e34bcad4039deaa8"; - sha256 = "12j2n3sbvzjnw99gga7kkdygm8n3qx2lh8q26ad6a53xm5whnz59"; + rev = cfg.rev; + sha256 = cfg.sha256; }; buildDepends = [ attoparsec base base64-bytestring bytestring case-insensitive diff --git a/krebs/5pkgs/haskell/hyphenation.nix b/krebs/5pkgs/haskell/hyphenation.nix deleted file mode 100644 index 6e5fe9455..000000000 --- a/krebs/5pkgs/haskell/hyphenation.nix +++ /dev/null @@ -1,17 +0,0 @@ -# Same as upstream but with doCheck = false because doctest has wrong version. -{ mkDerivation, base, bytestring, containers, directory -, filepath, unordered-containers, zlib, stdenv -}: -mkDerivation { - pname = "hyphenation"; - version = "0.6"; - sha256 = "2f673666c18f63581422f7c6389b78b0ff754406671296a3d680d417942512f7"; - libraryHaskellDepends = [ - base bytestring containers unordered-containers zlib - ]; - homepage = "http://github.com/ekmett/hyphenation"; - description = "Configurable Knuth-Liang hyphenation"; - license = stdenv.lib.licenses.bsd3; - hydraPlatforms = stdenv.lib.platforms.none; - doCheck = false; -} diff --git a/krebs/5pkgs/simple/buildbot-classic/default.nix b/krebs/5pkgs/simple/buildbot-classic/default.nix index 665b36ab4..c127d2987 100644 --- a/krebs/5pkgs/simple/buildbot-classic/default.nix +++ b/krebs/5pkgs/simple/buildbot-classic/default.nix @@ -17,7 +17,7 @@ python2Packages.buildPythonApplication rec { propagatedBuildInputs = [ python2Packages.jinja2 python2Packages.twisted - python2Packages.dateutil_1_5 + python2Packages.dateutil python2Packages.sqlalchemy_migrate python2Packages.pysqlite pkgs.coreutils diff --git a/krebs/5pkgs/simple/repo-sync/default.nix b/krebs/5pkgs/simple/repo-sync/default.nix index 8393cd79f..66f220ba6 100644 --- a/krebs/5pkgs/simple/repo-sync/default.nix +++ b/krebs/5pkgs/simple/repo-sync/default.nix @@ -3,7 +3,6 @@ with python3Packages; buildPythonPackage rec { name = "repo-sync-${version}"; version = "0.2.7"; - disabled = isPy26 || isPy27; propagatedBuildInputs = [ docopt GitPython diff --git a/krebs/krops.nix b/krebs/krops.nix index 864cc8066..89354c1ea 100644 --- a/krebs/krops.nix +++ b/krebs/krops.nix @@ -1,9 +1,6 @@ { name }: rec { - krops = builtins.fetchGit { - url = https://cgit.krebsco.de/krops/; - rev = "c46166d407c7d246112f13346621a3fbdb25889e"; - }; + krops = ../submodules/krops; lib = import "${krops}/lib"; diff --git a/krebs/nixpkgs.json b/krebs/nixpkgs.json index c9854fabd..1a40afe8b 100644 --- a/krebs/nixpkgs.json +++ b/krebs/nixpkgs.json @@ -1,7 +1,7 @@ { "url": "https://github.com/NixOS/nixpkgs-channels", - "rev": "6a3f5bcb061e1822f50e299f5616a0731636e4e7", - "date": "2018-10-05T18:33:19-04:00", - "sha256": "1ib96has10v5nr6bzf7v8kw7yzww8zanxgw2qi1ll1sbv6kj6zpd", - "fetchSubmodules": true + "rev": "21293d2576ac6c041b8c26cd05664e54038dfcf2", + "date": "2018-10-08T17:04:13+02:00", + "sha256": "0qx9kg11dp3v7mmbf23qrg9q4qnwd0v6ccq952armb11ykj7jzif", + "fetchSubmodules": false } diff --git a/krebs/update-channel.sh b/krebs/update-channel.sh index 47d3f29c4..7f24cd31a 100755 --- a/krebs/update-channel.sh +++ b/krebs/update-channel.sh @@ -3,7 +3,7 @@ dir=$(dirname $0) oldrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') nix-shell -p nix-prefetch-git --run 'nix-prefetch-git \ --url https://github.com/NixOS/nixpkgs-channels \ - --rev refs/heads/nixos-18.03' \ + --rev refs/heads/nixos-18.09' \ > $dir/nixpkgs.json newrev=$(cat $dir/nixpkgs.json | jq -r .rev | sed 's/\(.\{7\}\).*/\1/') git commit $dir/nixpkgs.json -m "nixpkgs: $oldrev -> $newrev" diff --git a/lass/1systems/prism/config.nix b/lass/1systems/prism/config.nix index bf7de6fc5..808f35b24 100644 --- a/lass/1systems/prism/config.nix +++ b/lass/1systems/prism/config.nix @@ -57,13 +57,6 @@ with import <stockholm/lib>; config.krebs.users.makefu.pubkey ]; }; - users.users.nin = { - uid = genid "nin"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - ]; - }; users.extraUsers.dritter = { uid = genid "dritter"; isNormalUser = true; @@ -119,7 +112,6 @@ with import <stockholm/lib>; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ config.krebs.users.lass.pubkey - config.krebs.users.nin.pubkey ]; }; autoStart = true; diff --git a/lass/2configs/reaktor-coders.nix b/lass/2configs/reaktor-coders.nix index 44d8984d7..7cdcdf20c 100644 --- a/lass/2configs/reaktor-coders.nix +++ b/lass/2configs/reaktor-coders.nix @@ -63,24 +63,6 @@ with import <stockholm/lib>; -e "@kind $1" ''; }) - (buildSimpleReaktorPlugin "random-unicorn-porn" { - pattern = "^!rup$$"; - script = pkgs.writePython2 "rup" {} '' - t1 = """ - _. - ;=',_ () - 8===D~~ S" .--`|| - sS \__ || - __.' ( \-->|| - _=/ _./-\/ || - 8===D~~ ((\( /-' -'l || - ) |/ \\ (_)) - \\ \\ - '~ '~ - """ - print(t1) - ''; - }) (buildSimpleReaktorPlugin "ping" { pattern = "^!ping (?P<args>.*)$$"; script = pkgs.writeDash "ping" '' diff --git a/lass/2configs/vim.nix b/lass/2configs/vim.nix index f757e5044..855c30b3e 100644 --- a/lass/2configs/vim.nix +++ b/lass/2configs/vim.nix @@ -5,7 +5,6 @@ let out = { environment.systemPackages = [ (hiPrio vim) - pkgs.python35Packages.flake8 (pkgs.writeDashBin "govet" '' go vet "$@" '') diff --git a/lass/5pkgs/custom/xmonad-lass/default.nix b/lass/5pkgs/custom/xmonad-lass/default.nix index 3bff9d450..087d54eca 100644 --- a/lass/5pkgs/custom/xmonad-lass/default.nix +++ b/lass/5pkgs/custom/xmonad-lass/default.nix @@ -31,6 +31,7 @@ import XMonad.Actions.CycleWS (toggleWS) import XMonad.Actions.DynamicWorkspaces ( addWorkspacePrompt, renameWorkspace, removeEmptyWorkspace) import XMonad.Actions.DynamicWorkspaces (withWorkspace) import XMonad.Actions.GridSelect (GSConfig(..), gridselectWorkspace, navNSearch) +import XMonad.Actions.Minimize (minimizeWindow, maximizeWindow, withLastMinimized) import XMonad.Hooks.EwmhDesktops (ewmh) import XMonad.Hooks.FloatNext (floatNext) import XMonad.Hooks.FloatNext (floatNextHook) @@ -39,7 +40,7 @@ import XMonad.Hooks.Place (placeHook, smart) import XMonad.Hooks.UrgencyHook (focusUrgent) import XMonad.Hooks.UrgencyHook (withUrgencyHook, UrgencyHook(..)) import XMonad.Layout.FixedColumn (FixedColumn(..)) -import XMonad.Layout.Minimize (minimize, minimizeWindow, MinimizeMsg(RestoreNextMinimizedWin)) +import XMonad.Layout.Minimize (minimize) import XMonad.Layout.NoBorders (smartBorders) import XMonad.Layout.SimplestFloat (simplestFloat) import XMonad.Prompt (autoComplete, font, searchPredicate, XPConfig) @@ -135,7 +136,7 @@ myKeyMap = , ("M4-C-v", withWorkspace autoXPConfig (windows . copy)) , ("M4-m", withFocused minimizeWindow) - , ("M4-S-m", sendMessage RestoreNextMinimizedWin) + , ("M4-S-m", withLastMinimized maximizeWindow) , ("M4-q", windowPromptGoto infixAutoXPConfig) , ("M4-C-q", windowPromptBringCopy infixAutoXPConfig) diff --git a/makefu/5pkgs/4nxci/default.nix b/makefu/5pkgs/4nxci/default.nix new file mode 100644 index 000000000..3aba3be45 --- /dev/null +++ b/makefu/5pkgs/4nxci/default.nix @@ -0,0 +1,52 @@ +{ stdenv, lib, fetchFromGitHub, mbedtls, python2 }: +let + + mymbedtls = lib.overrideDerivation mbedtls (old: rec { + name = "mbedtls-${version}"; + version = "2.13.0"; + src = fetchFromGitHub { + owner = "ARMmbed"; + repo = "mbedtls"; + rev = name; + sha256 = "1257kp7yxkwwbx5v14kmrmgk1f9zagiddg5alm4wbj0pmgbrm14j"; + }; + buildInputs = old.buildInputs ++ [ python2 ]; + postConfigure = '' + perl scripts/config.pl set MBEDTLS_CMAC_C + ''; + doCheck = false; + + }); +in stdenv.mkDerivation rec { + name = "4nxci-${version}"; + version = "1.30"; + + src = fetchFromGitHub { + owner = "The-4n"; + repo = "4NXCI"; + rev = "v${version}"; + sha256 = "0nrd19z88iahxcdx468lzgxlvkl65smwx8f9s19431cszyhvpxyh"; + }; + + buildPhase = '' + cp config.mk.template config.mk + sed -i 's#\(INCLUDE =\).*#\1${mymbedtls}/include#' Makefile + sed -i 's#\(LIBDIR =\).*#\1${mymbedtls}/lib#' Makefile + make 4nxci + ''; + + installPhase = '' + install -m755 -D 4nxci $out/bin/4nxci + ''; + + #preInstall = '' + # mkdir -p $out/bin + #''; + + buildInputs = [ mymbedtls ]; + + meta = { + description = "convert xci to nsp"; + license = lib.licenses.isc; + }; +} diff --git a/makefu/krops.nix b/makefu/krops.nix index ddb4afece..4f55915af 100644 --- a/makefu/krops.nix +++ b/makefu/krops.nix @@ -1,8 +1,5 @@ { config ? config, name, target ? name }: let - krops = builtins.fetchGit { - url = https://cgit.krebsco.de/krops/; - rev = "4e466eaf05861b47365c5ef46a31a188b70f3615"; - }; + krops = ../submodules/krops; nixpkgs-src = lib.importJSON ./nixpkgs.json; lib = import "${krops}/lib"; diff --git a/nin/0tests/dummysecrets/hashedPasswords.nix b/nin/0tests/dummysecrets/hashedPasswords.nix deleted file mode 100644 index 0967ef424..000000000 --- a/nin/0tests/dummysecrets/hashedPasswords.nix +++ /dev/null @@ -1 +0,0 @@ -{} diff --git a/nin/0tests/dummysecrets/ssh.id_ed25519 b/nin/0tests/dummysecrets/ssh.id_ed25519 deleted file mode 100644 index e69de29bb..000000000 --- a/nin/0tests/dummysecrets/ssh.id_ed25519 +++ /dev/null diff --git a/nin/1systems/axon/config.nix b/nin/1systems/axon/config.nix deleted file mode 100644 index 5e81afdbd..000000000 --- a/nin/1systems/axon/config.nix +++ /dev/null @@ -1,132 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -with lib; - -{ - imports = [ - <stockholm/nin> - <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - #../2configs/copyq.nix - <stockholm/nin/2configs/ableton.nix> - <stockholm/nin/2configs/games.nix> - <stockholm/nin/2configs/git.nix> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/termite.nix> - ]; - - krebs.build.host = config.krebs.hosts.axon; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/pool/root"; - fsType = "ext4"; - }; - - fileSystems."/tmp" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/boot" = - { device = "/dev/sda1"; - fsType = "ext2"; - }; - - boot.initrd.luks.devices.crypted.device = "/dev/sda2"; - boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # nin config - time.timeZone = "Europe/Berlin"; - services.xserver = { - enable = true; - - displayManager.lightdm.enable = true; - }; - - networking.networkmanager.enable = true; - #networking.wireless.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - hardware.bluetooth.enable = true; - - hardware.opengl.driSupport32Bit = true; - - #nixpkgs.config.steam.java = true; - - environment.systemPackages = with pkgs; [ - atom - chromium - firefox - git - htop - keepassx - lmms - networkmanagerapplet - openvpn - python - ruby - steam - taskwarrior - thunderbird - vim - virtmanager - ]; - - nixpkgs.config = { - - allowUnfree = true; - - }; - - #services.logind.extraConfig = "HandleLidSwitch=ignore"; - - services.xserver.synaptics = { - enable = true; - }; - - services.xserver.displayManager.sessionCommands = '' - ${pkgs.xorg.xhost}/bin/xhost + local: - ''; - - services.xserver.desktopManager.xfce = let - xbindConfig = pkgs.writeText "xbindkeysrc" '' - "${pkgs.pass}/bin/passmenu --type" - Control + p - ''; - in { - enable = true; - extraSessionCommands = '' - ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} - ''; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - -} diff --git a/nin/1systems/hiawatha/config.nix b/nin/1systems/hiawatha/config.nix deleted file mode 100644 index a09eed958..000000000 --- a/nin/1systems/hiawatha/config.nix +++ /dev/null @@ -1,126 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -with lib; - -{ - imports = [ - <stockholm/nin> - <nixpkgs/nixos/modules/installer/scan/not-detected.nix> - #../2configs/copyq.nix - <stockholm/nin/2configs/games.nix> - <stockholm/nin/2configs/git.nix> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/termite.nix> - ]; - - krebs.build.host = config.krebs.hosts.hiawatha; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/b83f8830-84f3-4282-b10e-015c4b76bd9e"; - fsType = "ext4"; - }; - - fileSystems."/tmp" = - { device = "tmpfs"; - fsType = "tmpfs"; - }; - - fileSystems."/home" = - { device = "/dev/fam/home"; - }; - - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/2f319b08-2560-401d-b53c-2abd28f1a010"; - fsType = "ext2"; - }; - - boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ]; - boot.initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; - - swapDevices = [ ]; - - nix.maxJobs = lib.mkDefault 4; - # Use the GRUB 2 boot loader. - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - fileSystems."/home/nin/.local/share/Steam" = { - device = "/dev/fam/steam"; - }; - - # nin config - time.timeZone = "Europe/Berlin"; - services.xserver.enable = true; - - networking.networkmanager.enable = true; - #networking.wireless.enable = true; - - hardware.pulseaudio = { - enable = true; - systemWide = true; - }; - - hardware.bluetooth.enable = true; - - hardware.opengl.driSupport32Bit = true; - - #nixpkgs.config.steam.java = true; - - environment.systemPackages = with pkgs; [ - firefox - git - lmms - networkmanagerapplet - python - steam - thunderbird - vim - virtmanager - ]; - - nixpkgs.config = { - - allowUnfree = true; - - }; - - #services.logind.extraConfig = "HandleLidSwitch=ignore"; - - services.xserver.synaptics = { - enable = true; - }; - - - services.xserver.desktopManager.xfce = let - xbindConfig = pkgs.writeText "xbindkeysrc" '' - "${pkgs.pass}/bin/passmenu --type" - Control + p - ''; - in { - enable = true; - extraSessionCommands = '' - ${pkgs.xbindkeys}/bin/xbindkeys -f ${xbindConfig} - ''; - }; - - # The NixOS release to be compatible with for stateful data such as databases. - system.stateVersion = "17.03"; - -} diff --git a/nin/1systems/onondaga/config.nix b/nin/1systems/onondaga/config.nix deleted file mode 100644 index 3cd0773ae..000000000 --- a/nin/1systems/onondaga/config.nix +++ /dev/null @@ -1,23 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, lib, pkgs, ... }: - -{ - imports = [ - <stockholm/nin> - <stockholm/nin/2configs/retiolum.nix> - <stockholm/nin/2configs/weechat.nix> - <stockholm/nin/2configs/git.nix> - ]; - - krebs.build.host = config.krebs.hosts.onondaga; - - boot.isContainer = true; - networking.useDHCP = false; - - time.timeZone = "Europe/Amsterdam"; - - services.openssh.enable = true; -} diff --git a/nin/2configs/ableton.nix b/nin/2configs/ableton.nix deleted file mode 100644 index 343a9089d..000000000 --- a/nin/2configs/ableton.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ config, pkgs, ... }: let - mainUser = config.users.extraUsers.nin; -in { - users.users= { - ableton = { - isNormalUser = true; - extraGroups = [ - "audio" - "video" - ]; - packages = [ - pkgs.wine - pkgs.winetricks - ]; - }; - }; - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(ableton) NOPASSWD: ALL - ''; -} diff --git a/nin/2configs/copyq.nix b/nin/2configs/copyq.nix deleted file mode 100644 index 0616c4025..000000000 --- a/nin/2configs/copyq.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ config, pkgs, ... }: -with import <stockholm/lib>; -let - copyqConfig = pkgs.writeDash "copyq-config" '' - ${pkgs.copyq}/bin/copyq config check_clipboard true - ${pkgs.copyq}/bin/copyq config check_selection true - ${pkgs.copyq}/bin/copyq config copy_clipboard true - ${pkgs.copyq}/bin/copyq config copy_selection true - - ${pkgs.copyq}/bin/copyq config activate_closes true - ${pkgs.copyq}/bin/copyq config clipboard_notification_lines 0 - ${pkgs.copyq}/bin/copyq config clipboard_tab clipboard - ${pkgs.copyq}/bin/copyq config disable_tray true - ${pkgs.copyq}/bin/copyq config hide_tabs true - ${pkgs.copyq}/bin/copyq config hide_toolbar true - ${pkgs.copyq}/bin/copyq config item_popup_interval true - ${pkgs.copyq}/bin/copyq config maxitems 1000 - ${pkgs.copyq}/bin/copyq config move true - ${pkgs.copyq}/bin/copyq config text_wrap true - ''; -in { - systemd.user.services.copyq = { - after = [ "graphical.target" ]; - wants = [ "graphical.target" ]; - wantedBy = [ "default.target" ]; - environment = { - DISPLAY = ":0"; - }; - serviceConfig = { - SyslogIdentifier = "copyq"; - ExecStart = "${pkgs.copyq}/bin/copyq"; - ExecStartPost = copyqConfig; - Restart = "always"; - RestartSec = "2s"; - StartLimitBurst = 0; - }; - }; -} diff --git a/nin/2configs/default.nix b/nin/2configs/default.nix deleted file mode 100644 index 62f499a2d..000000000 --- a/nin/2configs/default.nix +++ /dev/null @@ -1,173 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -{ - imports = [ - ../2configs/vim.nix - <stockholm/krebs/2configs/binary-cache/nixos.nix> - <stockholm/krebs/2configs/binary-cache/prism.nix> - { - users.extraUsers = - mapAttrs (_: h: { hashedPassword = h; }) - (import <secrets/hashedPasswords.nix>); - } - { - users.users = { - root = { - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - config.krebs.users.nin_h.pubkey - ]; - }; - nin = { - name = "nin"; - uid = 1337; - home = "/home/nin"; - group = "users"; - createHome = true; - useDefaultShell = true; - extraGroups = [ - "audio" - "fuse" - ]; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - config.krebs.users.nin_h.pubkey - ]; - }; - }; - } - { - environment.variables = { - NIX_PATH = mkForce "secrets=/var/src/stockholm/null:/var/src"; - }; - } - (let ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; in { - environment.variables = { - CURL_CA_BUNDLE = ca-bundle; - GIT_SSL_CAINFO = ca-bundle; - SSL_CERT_FILE = ca-bundle; - }; - }) - ]; - - networking.hostName = config.krebs.build.host.name; - nix.maxJobs = config.krebs.build.host.cores; - - krebs = { - enable = true; - search-domain = "r"; - build = { - user = config.krebs.users.nin; - }; - }; - - nix.useSandbox = true; - - users.mutableUsers = false; - - services.timesyncd.enable = true; - - #why is this on in the first place? - services.nscd.enable = false; - - boot.tmpOnTmpfs = true; - # see tmpfiles.d(5) - systemd.tmpfiles.rules = [ - "d /tmp 1777 root root - -" - ]; - - # multiple-definition-problem when defining environment.variables.EDITOR - environment.extraInit = '' - EDITOR=vim - ''; - - nixpkgs.config.allowUnfree = true; - - environment.shellAliases = { - gs = "git status"; - }; - - environment.systemPackages = with pkgs; [ - #stockholm - git - gnumake - jq - proot - pavucontrol - populate - p7zip - termite - unzip - unrar - hashPassword - ]; - - programs.bash = { - enableCompletion = true; - interactiveShellInit = '' - HISTCONTROL='erasedups:ignorespace' - HISTSIZE=65536 - HISTFILESIZE=$HISTSIZE - - shopt -s checkhash - shopt -s histappend histreedit histverify - shopt -s no_empty_cmd_completion - complete -d cd - ''; - promptInit = '' - if test $UID = 0; then - PS1='\[\033[1;31m\]$PWD\[\033[0m\] ' - elif test $UID = 1337; then - PS1='\[\033[1;32m\]$PWD\[\033[0m\] ' - else - PS1='\[\033[1;33m\]\u@$PWD\[\033[0m\] ' - fi - if test -n "$SSH_CLIENT"; then - PS1='\[\033[35m\]\h'" $PS1" - fi - ''; - }; - - services.openssh = { - enable = true; - hostKeys = [ - # XXX bits here make no science - { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } - ]; - }; - - services.journald.extraConfig = '' - SystemMaxUse=1G - RuntimeMaxUse=128M - ''; - - krebs.iptables = { - enable = true; - tables = { - nat.PREROUTING.rules = [ - { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; } - { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; } - ]; - nat.OUTPUT.rules = [ - { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; } - ]; - filter.INPUT.policy = "DROP"; - filter.FORWARD.policy = "DROP"; - filter.INPUT.rules = [ - { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; } - { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; } - { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; } - { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; } - { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; } - { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; } - { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; } - { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; } - ]; - }; - }; - - networking.dhcpcd.extraConfig = '' - noipv4ll - ''; -} diff --git a/nin/2configs/games.nix b/nin/2configs/games.nix deleted file mode 100644 index 15e17238d..000000000 --- a/nin/2configs/games.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ config, pkgs, ... }: - -let - mainUser = config.users.extraUsers.mainUser; - vdoom = pkgs.writeDash "vdoom" '' - ${pkgs.zandronum}/bin/zandronum \ - -fov 120 \ - "$@" - ''; - doom = pkgs.writeDash "doom" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} \ - -file $DOOM_DIR/lib/brutalv20.pk3 \ - "$@" - ''; - doom1 = pkgs.writeDashBin "doom1" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${doom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" - ''; - doom2 = pkgs.writeDashBin "doom2" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${doom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" - ''; - vdoom1 = pkgs.writeDashBin "vdoom1" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} -iwad $DOOM_DIR/wads/stock/doom.wad "$@" - ''; - vdoom2 = pkgs.writeDashBin "vdoom2" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - ${vdoom} -iwad $DOOM_DIR/wads/stock/doom2.wad "$@" - ''; - - doomservercfg = pkgs.writeText "doomserver.cfg" '' - skill 7 - #survival true - #sv_maxlives 4 - #sv_norespawn true - #sv_weapondrop true - no_jump true - #sv_noweaponspawn true - sv_sharekeys true - sv_survivalcountdowntime 1 - sv_noteamselect true - sv_updatemaster false - #sv_coop_loseinventory true - #cl_startasspectator false - #lms_spectatorview false - ''; - - vdoomserver = pkgs.writeDashBin "vdoomserver" '' - DOOM_DIR=''${DOOM_DIR:-~/doom/} - - ${pkgs.zandronum}/bin/zandronum-server \ - +exec ${doomservercfg} \ - "$@" - ''; - -in { - environment.systemPackages = with pkgs; [ - dwarf_fortress - doom1 - doom2 - vdoom1 - vdoom2 - vdoomserver - ]; - - hardware.pulseaudio.support32Bit = true; - -} diff --git a/nin/2configs/git.nix b/nin/2configs/git.nix deleted file mode 100644 index aed4a9f48..000000000 --- a/nin/2configs/git.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; - -let - - out = { - services.nginx.enable = true; - krebs.git = { - enable = true; - cgit = { - settings = { - root-title = "public repositories at ${config.krebs.build.host.name}"; - root-desc = "keep calm and engage"; - }; - }; - repos = mapAttrs (_: s: removeAttrs s ["collaborators"]) repos; - rules = rules; - }; - - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } - ]; - }; - - repos = public-repos; - - rules = concatMap make-rules (attrValues repos); - - public-repos = mapAttrs make-public-repo { - stockholm = { - cgit.desc = "take all the computers hostage, they'll love you!"; - }; - }; - - make-public-repo = name: { cgit ? {}, ... }: { - inherit cgit name; - public = true; - }; - - make-rules = - with git // config.krebs.users; - repo: - singleton { - user = [ nin nin_h ]; - repo = [ repo ]; - perm = push "refs/*" [ non-fast-forward create delete merge ]; - } ++ - optional repo.public { - user = attrValues config.krebs.users; - repo = [ repo ]; - perm = fetch; - } ++ - optional (length (repo.collaborators or []) > 0) { - user = repo.collaborators; - repo = [ repo ]; - perm = fetch; - }; - -in out diff --git a/nin/2configs/im.nix b/nin/2configs/im.nix deleted file mode 100644 index b078dbd53..000000000 --- a/nin/2configs/im.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: -with import <stockholm/lib>; -{ - environment.systemPackages = with pkgs; [ - (pkgs.writeDashBin "im" '' - export PATH=${makeSearchPath "bin" (with pkgs; [ - tmux - gnugrep - weechat - ])} - ssh chat@onondaga - if tmux list-sessions -F\#S | grep -q '^im''$'; then - exec tmux attach -t im - else - exec tmux new -s im weechat - fi - '') - ]; -} diff --git a/nin/2configs/retiolum.nix b/nin/2configs/retiolum.nix deleted file mode 100644 index 821e3cc00..000000000 --- a/nin/2configs/retiolum.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ ... }: - -{ - - krebs.iptables = { - tables = { - filter.INPUT.rules = [ - { predicate = "-i retiolum -p tcp --dport smtp"; target = "ACCEPT"; } - { predicate = "-p tcp --dport tinc"; target = "ACCEPT"; } - { predicate = "-p udp --dport tinc"; target = "ACCEPT"; } - ]; - }; - }; - - krebs.tinc.retiolum = { - enable = true; - connectTo = [ - "prism" - "pigstarter" - "gum" - "flap" - ]; - }; - - nixpkgs.config.packageOverrides = pkgs: { - tinc = pkgs.tinc_pre; - }; -} diff --git a/nin/2configs/skype.nix b/nin/2configs/skype.nix deleted file mode 100644 index 621dfae82..000000000 --- a/nin/2configs/skype.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - mainUser = config.users.extraUsers.nin; - inherit (import <stockholm/lib>) genid; - -in { - users.extraUsers = { - skype = { - name = "skype"; - uid = genid "skype"; - description = "user for running skype"; - home = "/home/skype"; - useDefaultShell = true; - extraGroups = [ "audio" "video" ]; - createHome = true; - }; - }; - - krebs.per-user.skype.packages = [ - pkgs.skype - ]; - - security.sudo.extraConfig = '' - ${mainUser.name} ALL=(skype) NOPASSWD: ALL - ''; -} diff --git a/nin/2configs/termite.nix b/nin/2configs/termite.nix deleted file mode 100644 index 942446b01..000000000 --- a/nin/2configs/termite.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = [ - pkgs.termite - ]; - - krebs.per-user.nin.packages = let - termitecfg = pkgs.writeTextFile { - name = "termite-config"; - destination = "/etc/xdg/termite/config"; - text = '' - [colors] - foreground = #d0d7d0 - background = #000000 - ''; - }; - in [ - termitecfg - ]; - -} diff --git a/nin/2configs/vim.nix b/nin/2configs/vim.nix deleted file mode 100644 index 7b5d37611..000000000 --- a/nin/2configs/vim.nix +++ /dev/null @@ -1,355 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import <stockholm/lib>; -let - out = { - environment.systemPackages = [ - vim - pkgs.pythonPackages.flake8 - ]; - - environment.etc.vimrc.source = vimrc; - - environment.variables.EDITOR = mkForce "vim"; - environment.variables.VIMINIT = ":so /etc/vimrc"; - }; - - vimrc = pkgs.writeText "vimrc" '' - set nocompatible - - set autoindent - set backspace=indent,eol,start - set backup - set backupdir=${dirs.backupdir}/ - set directory=${dirs.swapdir}// - set hlsearch - set incsearch - set laststatus=2 - set mouse=a - set noruler - set pastetoggle=<INS> - set runtimepath=${extra-runtimepath},$VIMRUNTIME - set shortmess+=I - set showcmd - set showmatch - set ttimeoutlen=0 - set undodir=${dirs.undodir} - set undofile - set undolevels=1000000 - set undoreload=1000000 - set viminfo='20,<1000,s100,h,n${files.viminfo} - set visualbell - set wildignore+=*.o,*.class,*.hi,*.dyn_hi,*.dyn_o - set wildmenu - set wildmode=longest,full - - set et ts=2 sts=2 sw=2 - - filetype plugin indent on - - set t_Co=256 - colorscheme hack - syntax on - - au Syntax * syn match Garbage containedin=ALL /\s\+$/ - \ | syn match TabStop containedin=ALL /\t\+/ - \ | syn keyword Todo containedin=ALL TODO - - au BufRead,BufNewFile *.hs so ${hs.vim} - - au BufRead,BufNewFile *.nix so ${nix.vim} - - au BufRead,BufNewFile /dev/shm/* set nobackup nowritebackup noswapfile - - "Syntastic config - let g:syntastic_python_checkers=['flake8'] - - nmap <esc>q :buffer - nmap <M-q> :buffer - - cnoremap <C-A> <Home> - - noremap <C-c> :q<cr> - vnoremap < <gv - vnoremap > >gv - - nnoremap <esc>[5^ :tabp<cr> - nnoremap <esc>[6^ :tabn<cr> - nnoremap <esc>[5@ :tabm -1<cr> - nnoremap <esc>[6@ :tabm +1<cr> - - nnoremap <f1> :tabp<cr> - nnoremap <f2> :tabn<cr> - inoremap <f1> <esc>:tabp<cr> - inoremap <f2> <esc>:tabn<cr> - - " <C-{Up,Down,Right,Left> - noremap <esc>Oa <nop> | noremap! <esc>Oa <nop> - noremap <esc>Ob <nop> | noremap! <esc>Ob <nop> - noremap <esc>Oc <nop> | noremap! <esc>Oc <nop> - noremap <esc>Od <nop> | noremap! <esc>Od <nop> - " <[C]S-{Up,Down,Right,Left> - noremap <esc>[a <nop> | noremap! <esc>[a <nop> - noremap <esc>[b <nop> | noremap! <esc>[b <nop> - noremap <esc>[c <nop> | noremap! <esc>[c <nop> - noremap <esc>[d <nop> | noremap! <esc>[d <nop> - vnoremap u <nop> - ''; - - extra-runtimepath = concatMapStringsSep "," (pkg: "${pkg.rtp}") [ - pkgs.vimPlugins.Syntastic - pkgs.vimPlugins.undotree - pkgs.vimPlugins.airline - (pkgs.vimUtils.buildVimPlugin { - name = "file-line-1.0"; - src = pkgs.fetchgit { - url = git://github.com/bogado/file-line; - rev = "refs/tags/1.0"; - sha256 = "0z47zq9rqh06ny0q8lpcdsraf3lyzn9xvb59nywnarf3nxrk6hx0"; - }; - }) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "hack"; - in { - name = "vim-color-${name}-1.0.2"; - destination = "/colors/${name}.vim"; - text = /* vim */ '' - set background=dark - hi clear - if exists("syntax_on") - syntax clear - endif - - let colors_name = ${toJSON name} - - hi Normal ctermbg=235 - hi Comment ctermfg=242 - hi Constant ctermfg=062 - hi Identifier ctermfg=068 - hi Function ctermfg=041 - hi Statement ctermfg=167 - hi PreProc ctermfg=167 - hi Type ctermfg=041 - hi Delimiter ctermfg=251 - hi Special ctermfg=062 - - hi Garbage ctermbg=088 - hi TabStop ctermbg=016 - hi Todo ctermfg=174 ctermbg=NONE - - hi NixCode ctermfg=148 - hi NixData ctermfg=149 - hi NixQuote ctermfg=150 - - hi diffNewFile ctermfg=207 - hi diffFile ctermfg=207 - hi diffLine ctermfg=207 - hi diffSubname ctermfg=207 - hi diffAdded ctermfg=010 - hi diffRemoved ctermfg=009 - ''; - }))) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "vim"; - in { - name = "vim-syntax-${name}-1.0.0"; - destination = "/syntax/${name}.vim"; - text = /* vim */ '' - ${concatMapStringsSep "\n" (s: /* vim */ '' - syn keyword vimColor${s} ${s} - \ containedin=ALLBUT,vimComment,vimLineComment - hi vimColor${s} ctermfg=${s} - '') (map (i: lpad 3 "0" (toString i)) (range 0 255))} - ''; - }))) - ((rtp: rtp // { inherit rtp; }) (pkgs.writeTextFile (let - name = "showsyntax"; - in { - name = "vim-plugin-${name}-1.0.0"; - destination = "/plugin/${name}.vim"; - text = /* vim */ '' - if exists('g:loaded_showsyntax') - finish - endif - let g:loaded_showsyntax = 0 - - fu! ShowSyntax() - let id = synID(line("."), col("."), 1) - let name = synIDattr(id, "name") - let transName = synIDattr(synIDtrans(id),"name") - if name != transName - let name .= " (" . transName . ")" - endif - echo "Syntax: " . name - endfu - - command! -n=0 -bar ShowSyntax :call ShowSyntax() - ''; - }))) - ]; - - dirs = { - backupdir = "$HOME/.cache/vim/backup"; - swapdir = "$HOME/.cache/vim/swap"; - undodir = "$HOME/.cache/vim/undo"; - }; - files = { - viminfo = "$HOME/.cache/vim/info"; - }; - - mkdirs = let - dirOf = s: let out = concatStringsSep "/" (init (splitString "/" s)); - in assert out != ""; out; - alldirs = attrValues dirs ++ map dirOf (attrValues files); - in unique (sort lessThan alldirs); - - vim = pkgs.writeDashBin "vim" '' - set -efu - (umask 0077; exec ${pkgs.coreutils}/bin/mkdir -p ${toString mkdirs}) - exec ${pkgs.vim}/bin/vim "$@" - ''; - - - hs.vim = pkgs.writeText "hs.vim" '' - syn region String start=+\[[[:alnum:]]*|+ end=+|]+ - - hi link ConId Identifier - hi link VarId Identifier - hi link hsDelimiter Delimiter - ''; - - nix.vim = pkgs.writeText "nix.vim" '' - setf nix - - " Ref <nix/src/libexpr/lexer.l> - syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ - syn match NixINT /\<[0-9]\+\>/ - syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ - syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ - syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ - syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ - syn region NixSTRING - \ matchgroup=NixSTRING - \ start='"' - \ skip='\\"' - \ end='"' - syn region NixIND_STRING - \ matchgroup=NixIND_STRING - \ start="'''" - \ skip="'''\('\|[$]\|\\[nrt]\)" - \ end="'''" - - syn match NixOther /[():/;=.,?\[\]]/ - - syn match NixCommentMatch /\(^\|\s\)#.*/ - syn region NixCommentRegion start="/\*" end="\*/" - - hi link NixCode Statement - hi link NixData Constant - hi link NixComment Comment - - hi link NixCommentMatch NixComment - hi link NixCommentRegion NixComment - hi link NixID NixCode - hi link NixINT NixData - hi link NixPATH NixData - hi link NixHPATH NixData - hi link NixSPATH NixData - hi link NixURI NixData - hi link NixSTRING NixData - hi link NixIND_STRING NixData - - hi link NixEnter NixCode - hi link NixOther NixCode - hi link NixQuote NixData - - syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings - syn cluster nix_ind_strings contains=NixIND_STRING - syn cluster nix_strings contains=NixSTRING - - ${concatStringsSep "\n" (mapAttrsToList (lang: { extraStart ? null }: let - startAlts = filter isString [ - ''/\* ${lang} \*/'' - extraStart - ]; - sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*''; - in /* vim */ '' - syn include @nix_${lang}_syntax syntax/${lang}.vim - unlet b:current_syntax - - syn match nix_${lang}_sigil - \ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X - \ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING - \ transparent - - syn region nix_${lang}_region_STRING - \ matchgroup=NixSTRING - \ start='"' - \ skip='\\"' - \ end='"' - \ contained - \ contains=@nix_${lang}_syntax - \ transparent - - syn region nix_${lang}_region_IND_STRING - \ matchgroup=NixIND_STRING - \ start="'''" - \ skip="'''\('\|[$]\|\\[nrt]\)" - \ end="'''" - \ contained - \ contains=@nix_${lang}_syntax - \ transparent - - syn cluster nix_ind_strings - \ add=nix_${lang}_region_IND_STRING - - syn cluster nix_strings - \ add=nix_${lang}_region_STRING - - syn cluster nix_has_dollar_curly - \ add=@nix_${lang}_syntax - '') { - c = {}; - cabal = {}; - haskell = {}; - sh.extraStart = ''write\(Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*"[^"]*"''; - vim.extraStart = - ''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"''; - })} - - " Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. - syn clear shVarAssign - - syn region nixINSIDE_DOLLAR_CURLY - \ matchgroup=NixEnter - \ start="[$]{" - \ end="}" - \ contains=TOP - \ containedin=@nix_has_dollar_curly - \ transparent - - syn region nix_inside_curly - \ matchgroup=NixEnter - \ start="{" - \ end="}" - \ contains=TOP - \ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly - \ transparent - - syn match NixQuote /'''\([''$']\|\\.\)/he=s+2 - \ containedin=@nix_ind_strings - \ contained - - syn match NixQuote /\\./he=s+1 - \ containedin=@nix_strings - \ contained - - syn sync fromstart - - let b:current_syntax = "nix" - - set isk=@,48-57,_,192-255,-,' - set bg=dark - ''; -in -out diff --git a/nin/2configs/weechat.nix b/nin/2configs/weechat.nix deleted file mode 100644 index 6c0fb313e..000000000 --- a/nin/2configs/weechat.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (import <stockholm/lib>) genid; -in { - krebs.per-user.chat.packages = with pkgs; [ - mosh - weechat - tmux - ]; - - users.extraUsers.chat = { - home = "/home/chat"; - uid = genid "chat"; - useDefaultShell = true; - createHome = true; - openssh.authorizedKeys.keys = [ - config.krebs.users.nin.pubkey - ]; - }; -} diff --git a/nin/default.nix b/nin/default.nix deleted file mode 100644 index c31d6d949..000000000 --- a/nin/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: -{ - imports = [ - ../krebs - ./2configs - ]; -} diff --git a/nin/krops.nix b/nin/krops.nix deleted file mode 100644 index d0074840a..000000000 --- a/nin/krops.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ name }: let - inherit (import ../krebs/krops.nix { inherit name; }) - krebs-source - lib - pkgs - ; - - source = { test }: lib.evalSource [ - krebs-source - { - nixos-config.symlink = "stockholm/nin/1systems/${name}/config.nix"; - secrets = if test then { - file = toString ./0tests/dummysecrets; - } else { - pass = { - dir = "${lib.getEnv "HOME"}/.password-store"; - name = "hosts/${name}"; - }; - }; - } - ]; - -in { - # usage: $(nix-build --no-out-link --argstr name HOSTNAME -A deploy) - deploy = pkgs.krops.writeDeploy "${name}-deploy" { - source = source { test = false; }; - target = "root@${name}/var/src"; - }; - - # usage: $(nix-build --no-out-link --argstr name HOSTNAME --argstr target PATH -A test) - test = { target }: pkgs.krops.writeTest "${name}-test" { - inherit target; - source = source { test = true; }; - }; -} diff --git a/submodules/krops b/submodules/krops new file mode 160000 +Subproject e2b29654251367545700154ffbac806705dd04c diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix index 14926fe3b..5421cab92 100644 --- a/tv/1systems/xu/config.nix +++ b/tv/1systems/xu/config.nix @@ -18,6 +18,7 @@ with import <stockholm/lib>; <stockholm/tv/2configs/retiolum.nix> <stockholm/tv/2configs/binary-cache> <stockholm/tv/2configs/br.nix> + <stockholm/tv/2configs/xp-332.nix> <stockholm/tv/2configs/xserver> { environment.systemPackages = with pkgs; [ @@ -40,7 +41,6 @@ with import <stockholm/lib>; mkpasswd netcat netcup - nix-repl nmap p7zip pass @@ -147,8 +147,6 @@ with import <stockholm/lib>; gptfdisk ]; - services.printing.enable = true; - #services.bitlbee.enable = true; #services.tor.client.enable = true; #services.tor.enable = true; diff --git a/tv/2configs/backup.nix b/tv/2configs/backup.nix index 14d381568..f8de72d00 100644 --- a/tv/2configs/backup.nix +++ b/tv/2configs/backup.nix @@ -26,7 +26,7 @@ with import <stockholm/lib>; method = "pull"; src = { host = config.krebs.hosts.querel; path = "/home"; }; dst = { host = config.krebs.hosts.nomic; path = "/fs/ponyhof/bku/querel-home"; }; - startAt = "00:00"; + startAt = "22:00"; }; wu-home-xu = { method = "push"; diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix index 2ccab3d09..d9ddc90d0 100644 --- a/tv/2configs/default.nix +++ b/tv/2configs/default.nix @@ -143,6 +143,7 @@ with import <stockholm/lib>; environment.systemPackages = [ pkgs.get pkgs.git + pkgs.git-crypt pkgs.git-preview pkgs.hashPassword pkgs.htop diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index e33b431da..dbfa804d2 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -41,6 +41,9 @@ in { # refs <nixpkgs/nixos/modules/services/x11/desktop-managers> desktopManager.session = mkForce []; + displayManager.lightdm.enable = mkForce false; + displayManager.job.execCmd = mkForce "derp"; + enable = true; display = mkForce 11; tty = mkForce 11; @@ -55,7 +58,7 @@ in { systemd.services.display-manager.enable = false; systemd.services.xmonad = { - wantedBy = [ "multi-user.target" ]; + wantedBy = [ "graphical.target" ]; requires = [ "xserver.service" ]; environment = { DISPLAY = ":${toString config.services.xserver.display}"; @@ -101,21 +104,20 @@ in { systemd.services.xserver = { after = [ - "systemd-udev-settle.service" - "local-fs.target" "acpid.service" + "local-fs.target" + "systemd-udev-settle.service" + ]; + wants = [ + "systemd-udev-settle.service" ]; - reloadIfChanged = true; + restartIfChanged = false; environment = { - XKB_BINDIR = "${pkgs.xorg.xkbcomp}/bin"; # Needed for the Xkb extension. - XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime. - LD_LIBRARY_PATH = concatStringsSep ":" ( - [ "${pkgs.xorg.libX11}/lib" "${pkgs.xorg.libXext}/lib" ] + LD_LIBRARY_PATH = concatStringsSep ":" ([ "/run/opengl-driver/lib" ] ++ concatLists (catAttrs "libPath" config.services.xserver.drivers)); }; serviceConfig = { SyslogIdentifier = "xserver"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; ExecStart = toString [ "${pkgs.xorg.xorgserver}/bin/X" ":${toString config.services.xserver.display}" @@ -123,17 +125,16 @@ in { "-config ${import ./xserver.conf.nix args}" "-logfile /dev/null -logverbose 0 -verbose 3" "-nolisten tcp" - "-xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb" + "-xkbdir ${config.services.xserver.xkbDir}" ]; }; }; systemd.services.urxvtd = { - wantedBy = [ "multi-user.target" ]; - reloadIfChanged = true; + wantedBy = [ "graphical.target" ]; + restartIfChanged = false; serviceConfig = { SyslogIdentifier = "urxvtd"; - ExecReload = "${pkgs.coreutils}/bin/echo NOP"; ExecStart = "${pkgs.rxvt_unicode}/bin/urxvtd"; Restart = "always"; RestartSec = "2s"; diff --git a/tv/3modules/charybdis/default.nix b/tv/3modules/charybdis/default.nix index e252f2e1d..62a7037e3 100644 --- a/tv/3modules/charybdis/default.nix +++ b/tv/3modules/charybdis/default.nix @@ -64,7 +64,7 @@ in { ExecStartPre = "${pkgs.coreutils}/bin/ln -s /etc/charybdis-ircd.motd /tmp/ircd.motd"; ExecStart = toString [ - "${pkgs.charybdis}/bin/charybdis-ircd" + "${pkgs.charybdis}/bin/charybdis" "-configfile ${import ./config.nix args}" "-foreground" "-logfile /dev/stderr" diff --git a/krebs/5pkgs/simple/pass-otp/default.nix b/tv/5pkgs/compat/18.03/pass-otp/default.nix index 33411180a..33411180a 100644 --- a/krebs/5pkgs/simple/pass-otp/default.nix +++ b/tv/5pkgs/compat/18.03/pass-otp/default.nix diff --git a/tv/5pkgs/compat/18.03/pass/default.nix b/tv/5pkgs/compat/18.03/pass/default.nix new file mode 100644 index 000000000..c2fe0e1d7 --- /dev/null +++ b/tv/5pkgs/compat/18.03/pass/default.nix @@ -0,0 +1,121 @@ +{ stdenv, lib, fetchurl, fetchFromGitHub +, coreutils, gnused, getopt, git, tree, gnupg, which, procps, qrencode +, makeWrapper + +, pass-otp + +, xclip ? null, xdotool ? null, dmenu ? null +, x11Support ? !stdenv.isDarwin +, tombPluginSupport ? false, tomb +}: + +with lib; + +assert x11Support -> xclip != null + && xdotool != null + && dmenu != null; + +let + plugins = map (p: (fetchFromGitHub { + owner = "roddhjav"; + repo = "pass-${p.name}"; + inherit (p) rev sha256; + })) + ([ + { name = "import"; + rev = "491935bd275f29ceac2b876b3a288011d1ce31e7"; + sha256 = "02mbh05ab8h7kc30hz718d1d1vkjz43b96c7p0xnd92610d2q66q"; } + { name = "update"; + rev = "cf576c9036fd18efb9ed29e0e9f811207b556fde"; + sha256 = "1hhbrg6a2walrvla6q4cd3pgrqbcrf9brzjkb748735shxfn52hd"; } + ] ++ stdenv.lib.optional tombPluginSupport { + name = "tomb"; + rev = "3368134898a42c1b758fabac625ec240e125c6be"; + sha256 = "0qqmxfg4w3r088qhlkhs44036mya82vjflsjjhw2hk8y0wd2i6ds"; } + ); + +in stdenv.mkDerivation rec { + version = "1.7.2"; + name = "password-store-${version}"; + + src = fetchurl { + url = "http://git.zx2c4.com/password-store/snapshot/${name}.tar.xz"; + sha256 = "1sl0d7nc85c6c2bmmmyb8rpmn47vhkj831l153mjlkawjvhwas27"; + }; + + patches = [ ./set-correct-program-name-for-sleep.patch + ] ++ stdenv.lib.optional stdenv.isDarwin ./no-darwin-getopt.patch; + + nativeBuildInputs = [ makeWrapper ]; + + installFlags = [ "PREFIX=$(out)" "WITH_ALLCOMP=yes" ]; + + postInstall = '' + # plugins + ${stdenv.lib.concatStringsSep "\n" (map (plugin: '' + pushd ${plugin} + PREFIX=$out make install + popd + '') plugins)} + + ln -s \ + ${pass-otp}/lib/password-store/extensions/otp.bash \ + $out/lib/password-store/extensions/ + + ln -s \ + ${pass-otp}/share/man/man1/pass-otp.1.gz \ + $out/share/man/man1/ + + # Install Emacs Mode. NOTE: We can't install the necessary + # dependencies (s.el and f.el) here. The user has to do this + # himself. + mkdir -p "$out/share/emacs/site-lisp" + cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/" + '' + optionalString x11Support '' + cp "contrib/dmenu/passmenu" "$out/bin/" + ''; + + wrapperPath = with stdenv.lib; makeBinPath ([ + coreutils + getopt + git + gnupg + gnused + tree + which + qrencode + ] ++ optional tombPluginSupport tomb + ++ optional stdenv.isLinux procps + ++ ifEnable x11Support [ dmenu xclip xdotool ]); + + postFixup = '' + # Fix program name in --help + substituteInPlace $out/bin/pass \ + --replace 'PROGRAM="''${0##*/}"' "PROGRAM=pass" + + # Ensure all dependencies are in PATH + wrapProgram $out/bin/pass \ + --prefix PATH : "${wrapperPath}" + '' + stdenv.lib.optionalString x11Support '' + # We just wrap passmenu with the same PATH as pass. It doesn't + # need all the tools in there but it doesn't hurt either. + wrapProgram $out/bin/passmenu \ + --prefix PATH : "$out/bin:${wrapperPath}" + ''; + + meta = with stdenv.lib; { + description = "Stores, retrieves, generates, and synchronizes passwords securely"; + homepage = https://www.passwordstore.org/; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ lovek323 the-kenny fpletz ]; + platforms = platforms.unix; + + longDescription = '' + pass is a very simple password store that keeps passwords inside gpg2 + encrypted files inside a simple directory tree residing at + ~/.password-store. The pass utility provides a series of commands for + manipulating the password store, allowing the user to add, remove, edit, + synchronize, generate, and manipulate passwords. + ''; + }; +} diff --git a/tv/5pkgs/compat/18.03/pass/no-darwin-getopt.patch b/tv/5pkgs/compat/18.03/pass/no-darwin-getopt.patch new file mode 100644 index 000000000..e8f7e138f --- /dev/null +++ b/tv/5pkgs/compat/18.03/pass/no-darwin-getopt.patch @@ -0,0 +1,9 @@ +diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh +--- password-store-1.6.5-orig/src/platform/darwin.sh 2015-01-28 16:43:02.000000000 +0000 ++++ password-store-1.6.5/src/platform/darwin.sh 2015-02-15 16:09:02.000000000 +0000 +@@ -31,5 +31,4 @@ + mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk." + } + +-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt" + SHRED="srm -f -z" diff --git a/tv/5pkgs/compat/18.03/pass/rofi-pass.nix b/tv/5pkgs/compat/18.03/pass/rofi-pass.nix new file mode 100644 index 000000000..61f51973e --- /dev/null +++ b/tv/5pkgs/compat/18.03/pass/rofi-pass.nix @@ -0,0 +1,57 @@ +{ stdenv, fetchFromGitHub, pass, rofi, coreutils, utillinux, xdotool, gnugrep +, libnotify, pwgen, findutils, gawk, gnused, xclip, makeWrapper +}: + +stdenv.mkDerivation rec { + name = "rofi-pass-${version}"; + version = "1.5.3"; + + src = fetchFromGitHub { + owner = "carnager"; + repo = "rofi-pass"; + rev = version; + sha256 = "1fn1j2rf3abc5qb44zfc8z8ffw6rva4xfp7597hwr1g3szacazpq"; + }; + + buildInputs = [ makeWrapper ]; + + dontBuild = true; + + installPhase = '' + mkdir -p $out/bin + cp -a rofi-pass $out/bin/rofi-pass + + mkdir -p $out/share/doc/rofi-pass/ + cp -a config.example $out/share/doc/rofi-pass/config.example + ''; + + wrapperPath = with stdenv.lib; makeBinPath [ + coreutils + findutils + gawk + gnugrep + gnused + libnotify + pass + pwgen + rofi + utillinux + xclip + xdotool + ]; + + fixupPhase = '' + patchShebangs $out/bin + + wrapProgram $out/bin/rofi-pass \ + --prefix PATH : "${wrapperPath}" + ''; + + meta = { + description = "A script to make rofi work with password-store"; + homepage = https://github.com/carnager/rofi-pass; + maintainers = with stdenv.lib.maintainers; [ the-kenny garbas ]; + license = stdenv.lib.licenses.gpl3; + platforms = with stdenv.lib.platforms; linux; + }; +} diff --git a/tv/5pkgs/compat/18.03/pass/set-correct-program-name-for-sleep.patch b/tv/5pkgs/compat/18.03/pass/set-correct-program-name-for-sleep.patch new file mode 100644 index 000000000..782e06e20 --- /dev/null +++ b/tv/5pkgs/compat/18.03/pass/set-correct-program-name-for-sleep.patch @@ -0,0 +1,69 @@ +From 25b44e00ed5df8ffe2782d38ad5cd9f514379599 Mon Sep 17 00:00:00 2001 +From: "Andrew R. M" <andrewmiller237@gmail.com> +Date: Sat, 8 Apr 2017 13:50:01 -0400 +Subject: [PATCH] Patch the clip() function to work even when using + single-binary coreutils + +--- + src/password-store.sh | 4 ++-- + src/platform/cygwin.sh | 4 ++-- + src/platform/darwin.sh | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/password-store.sh b/src/password-store.sh +index 6a4172d..4dbd6b8 100755 +--- a/src/password-store.sh ++++ b/src/password-store.sh +@@ -155,11 +155,11 @@ clip() { + # variable. Specifically, it cannot store nulls nor (non-trivally) store + # trailing new lines. + local sleep_argv0="password store sleep on display $DISPLAY" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | base64)" + echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard" + ( +- ( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" ) ++ ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") ) + local now="$(xclip -o -selection "$X_SELECTION" | base64)" + [[ $now != $(echo -n "$1" | base64) ]] && before="$now" + +diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh +index 6e5dd86..f3574c4 100644 +--- a/src/platform/cygwin.sh ++++ b/src/platform/cygwin.sh +@@ -3,11 +3,11 @@ + + clip() { + local sleep_argv0="password store sleep on display $DISPLAY" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(base64 < /dev/clipboard)" + echo -n "$1" > /dev/clipboard + ( +- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" ) ++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") ) + local now="$(base64 < /dev/clipboard)" + [[ $now != $(echo -n "$1" | base64) ]] && before="$now" + echo "$before" | base64 -d > /dev/clipboard +diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh +index 86eb325..deb04c4 100644 +--- a/src/platform/darwin.sh ++++ b/src/platform/darwin.sh +@@ -3,11 +3,11 @@ + + clip() { + local sleep_argv0="password store sleep for user $(id -u)" +- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 ++ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 + local before="$(pbpaste | openssl base64)" + echo -n "$1" | pbcopy + ( +- ( exec -a "$sleep_argv0" sleep "$CLIP_TIME" ) ++ ( exec -a "$sleep_argv0" bash <(echo sleep "$CLIP_TIME") ) + local now="$(pbpaste | openssl base64)" + [[ $now != $(echo -n "$1" | openssl base64) ]] && before="$now" + echo "$before" | openssl base64 -d | pbcopy +-- +2.12.2 + diff --git a/tv/5pkgs/compat/default.nix b/tv/5pkgs/compat/default.nix new file mode 100644 index 000000000..0d1e61b3b --- /dev/null +++ b/tv/5pkgs/compat/default.nix @@ -0,0 +1 @@ +self: super: {} diff --git a/tv/5pkgs/default.nix b/tv/5pkgs/default.nix index 82474ade5..c5c800b55 100644 --- a/tv/5pkgs/default.nix +++ b/tv/5pkgs/default.nix @@ -33,4 +33,16 @@ foldl' mergeAttrs {} ''; gnupg = self.gnupg22; + + pass = { + "18.03" = + self.callPackage ./compat/18.03/pass { + pass-otp = self.callPackage ./compat/18.03/pass-otp {}; + }; + "18.09" = + super.pass.withExtensions (ext: [ + ext.pass-otp + ]); + }.${versions.majorMinor nixpkgsVersion}; + } diff --git a/tv/5pkgs/simple/utsushi.nix b/tv/5pkgs/simple/utsushi.nix index 518c34ca0..e61dd188f 100644 --- a/tv/5pkgs/simple/utsushi.nix +++ b/tv/5pkgs/simple/utsushi.nix @@ -164,6 +164,7 @@ stdenv.mkDerivation rec { ; NIX_CFLAGS_COMPILE = [ + "-Wno-error=deprecated-declarations" "-Wno-error=unused-variable" ]; |